On Friday 22 March 2002 17:10, [C] Teodorski, Chris wrote:
When you run windows update.how does it deliver the patches, etc to
you? Is there any possibility (does anyone know for sure) if it uses
TFTP?
Nope, it uses special activeX and plain WWW service to download and
install updates.
Consider Ipcop as well.
www.ipcop.org
M
-Original Message-
From: Sylvain [mailto:[EMAIL PROTECTED]]
Sent: 22 March 2002 19:34
To: Constance Baptist; [EMAIL PROTECTED]
Subject: Re: Firewall Server
Sure,
Here is two Linux one
I really enjoy Smoothwall and Mitel SME server cause they
Take a look at Snort for network based intrusion detection. It is excellent
--- and free. For more information go to:
www.snort.org
Jill
-Original Message-
From: Ryan P Zagata
To: [EMAIL PROTECTED]
Sent: 3/22/02 4:54 PM
Subject: IDS Intro Project Suggestions
I have a question/favor
Do you have suid access to the ping binary ?
At the computer you are login to?
My ping-binary has rws-r-xr-x rights
The ping-binary most have suid rights.
/rv
On Sat, 23 Mar 2002, Thiago Mello wrote:
Hi
Im ping a certain server of my backbone and
it´s reply ALIVE, but i ve noticed
Does anybody on this list has information on the security features of
IBMs new server p690 Regatta? I think the OS is AIX based? But are
there any specific security issues with this version? I would be
thankfull for any information/links on this issue.
Thomas
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
First of all take another machine , install it the same as this
one , then you may run forensics apps on the hacked one , securing a
machine means blocking everything except what you really need. to
test how secure your machine is , you can start
There is definitely more to encryption than one algorithm. AFAIK, most
banks are using triple DES at the moment. RSA is a popular algorithm, but
there are a few problems with it (for you): 1) you must be able to pick
large primes, which means you need to know fermat's little theorem as well
as
ability to break software,
Well heck, that is just about every user in our company! :)
Is this going to be thre one and only job? Just penetrating? Look for good
documentating skills too. A quick background check woudn't hurt either.
-Original Message-
From: opc 73 [mailto:[EMAIL
Use this site to help your system:
http://www.abuse.net/relay.html
Helped out a good deal.
-Original Message-
From: GP [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 22, 2002 12:47 PM
To: [EMAIL PROTECTED]
Subject: SMTP Relay possible issue with exchange
I'm running an exchange 2000
Hi Kani,
You might want to take a look at the four-part SecurityFocus series,
Introduction to Security Policies by Charl Van der Walt. The first
installment is available at: http://online.securityfocus.com/infocus/1193.
Stephen Entwisle
Moderator, Security-Basics
SecurityFocus
The HIPAA security policies have not been approved yet. Hopefully this month
of maybe April.
--
cYa
John
Don't give up. DON'T EVER GIVE UP!!!
Jimmy V
On Friday 22 March 2002 06:58 pm, Art Tarsha wrote:
You may look into HIPPAA for the hospital portion it will give you alot
Mark,
I think one of these will do the trick:
http://packetstorm.widexs.nl/NT/Packetx1.zip
http://www.laurentconstantin.com/en/lcrzoex
-David
-Original Message-
From: Mark (fat) [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 22, 2002 9:23 AM
To: [EMAIL PROTECTED]
Subject:
Ethan King wrote:
- - Original Message -
From: Vernon [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, March 22, 2002 10:22 AM
Subject: Linux - portmap
hey all,
Not sure if this is the right place to post this question (I'm new
here) but I was wondering if anyone
As contradictory as this intuitively seems, is anyone aware of anything
that even ADVERTISES itself as a secure mobile device? I've been asked
about a 'secure' (whatever that means) mobile (say, wear on belt size, 6
oz or so) unit. Haven't been able to find out if voice, IP or what. So
far,
Here's a good place to start... sans.org they have sample security
policies available for you for tons of applications. Here's the link:
http://www.sans.org/newlook/resources/policies/policies.htm
BTW, they're all available in .pdf format as well.
Nil Fiat wrote:
Hey everybody...
Thanks
On Friday 22 March 2002 00:35, Gerard Fremaint wrote:
Wath services support SSH , like telnet and ftp ??
and if it supports telnet , does I need a specific client program on the
pc that is going to connect or I just keep using the program I use
normally ?
What you're looking for is called
TechRepublic has a CD which you can purchase called 'IT Professional's
Guide to Policies and Procedures' (www.techrepublic.com).
John
Kanikkannanl
I'll add that if you're going to bill this guy out to test for others you
better check his background too. Last thing you need is for your contracted
employee getting paid to use your equipment to break into your customer's
systems and steal credit card info to pass out to his friends.
It's a
I think that the book you mentioned is very good. Below is a free site that
you can use.
http://www.detectiondesintrus.com/Documents/HISM/ewtoc.html
rgds
myro
Damien wrote:
I would recommend the Krutz Vines book, plus the All in One golden
colored book by Shon Harris. They come as a pack
On Sun, 24 Mar 2002, Lim Ghee Lam wrote:
Not sure if this is the right place to post this question (I'm new here)
but I was wondering if anyone could tell me if it is safe to turn off
portmap on my Linux Red Hat box. As far as I know I am not using RPC for
anything and therefore not
Frederick,
At 2002/03/22/15:22 -0500 Garbrecht, Frederick [EMAIL PROTECTED] wrote:
I apologize if this is a hopelessly stupid question, but I don't
really understand the relative merits of using PGP for email
authentication encryption versus using Microsoft's implementation
of s/mime and
At a security level, the main complaint with S/MIME is that someone can
send you a 40-bit encrypted message and you can do nothing to stop them
from doing so. Nor can you easily tell when someone has used a weak key.
Yes, S/MIME supports larger symmetric key sizes but it also has backward
Thus Spake davie elliott on Mar 23 :
P.S. someone posted a couple of sites a while back on
cryptography, but I had to format before I got chance
to view them. I would e greatful if that person could
repost them.
You are right... someone did post them sometime back.. Here are the
sites
Security, most often, is sorta limited by $$$. I feel that you cannot have
too much security from a security stand point.but from a userability
standpoint, thats another issue.
As far as being redundant for adding extra steps.security comes in
layers. The more layers, the more secure
In-Reply-To: [EMAIL PROTECTED]
Try the Handbook of applied Cryptography
http://cacr.math.uwaterloo.ca/hac/.
I found it very detailed and helpful. Best luck ;-)
Marco
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday 23 March 2002 01:31, davie elliott wrote:
I was wondering if I could get a little information
please.
I have to do a huge program at the end of my course
and I was thinking about making a bank program. I
would like to make it as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday 23 March 2002 01:31, davie elliott wrote:
I was wondering if I could get a little information
please.
I have to do a huge program at the end of my course
and I was thinking about making a bank program. I
would like to make it as
Hello Everyone,
Generating a password that is hard to guess is a challenge most of us
have to face sometime or the other. I initially used to think names of
arbit characters from novels were a good password till a friend showed
me the cracked version of my password.
That got me thinking till I
There are some model security policies on the SANSs site.
Go to:
http://rr.sans.org/policy/policy_list.php
There are model security policies on the site.
Two books I have used:
Writing Information Security Policies by Scott Barman
Information Security Policies, Procedures, and Standards:
At 11:27 PM 3/24/02 +0800, you wrote:
I turn it off on my installation of Red Hat. I guess it's safe to turn it
off . My server have been running for 1 year plus and it seems fine.
The only situation where I am aware of Portmap being absolutely
critical is for NFS. You definitely need the
Hi guys,
I'm doing a research about safety/security of Windows and Linux
I don't want to make a mistake (like count the same bug in several
distributions) so, I decided to make the Linux analysis against only on
linux distribution, RedHat Linux.
I need some information like these to
Thus Spake Thiago Mello on Mar 23 :
ping: sendto: Operation not permitted
I know that sound stupid, but im would
like to know...
What I would like you to do is login as root and see if you can still
run the command. What might have happened is that you *might* have
removed the setuid bit
Not all that long ago I was in a similar position at a previous employer.
I found a good resource in a book called e-policy: How to Develop
Computer, E-mail, and Internet Guidelines to Protect Your Company and its
Assets by Michael R. Overly. It has guidelines and suggestions for
creating a
A real ace will tell you what kind of systems you are running at your
company already ;)
I would give them some real world questions. Ask them how they would go
about cracking a company. Look up some common terms you see here on this
list. www.whatis.com is great for that. Firewalking, IDS,
Hi all.
I need help with how to compose valid legal documents which deny any
employees to use company informations (documents, software source-code and
others) in self benefit.
Could anyone on this list possibly provide me with any links to this type
of legal document templates, policies,
I just wanted to thank you all for helping me out with PGP on XP. I was able to
install 7.0.3 that I downloaded from downloads.com. Without the VPN portion installed
it does seem to work great! Thanks again for all your help.
Are there any key servers that are still active and frequently
36 matches
Mail list logo
