On Wed, 28 Sep 2005, Kenneth F. Belva wrote:
> If the US population is 296 million and 40 million cardholders were
> affected, that means that 13.51 percent of the population would be
> affected (on the assumption that is only US citizens that hold a
> Visa/Mastercard).
Roughly one in every seven
Hi,
Try to look at www.nss.co.uk for IDS products comparison. They did lot of
R&D. Obviously, Cisco is not a good one.
Why you're asking about IDS while we could use IPS ?
Cheers,
|+-+--|
|| Fajar Edisya Putera |
Title:
Arbitrary File Download by NateOn Messagener's ActiveX and DoS
Discoverer: PARK, GYU
TAE ([EMAIL PROTECTED])
Advisory No.: NRVA05-08
Critical:
Moderately Critical
Impact:
Arbitrary file download by NateOn Messagener's ActiveX and DoS
W
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SA0002
+
+SquirrelMail Address Add Plugin XSS+
+
PUBLISHED ON
Sep 28, 2005
PUBLISHED AT
http://mo
>> In the paper I ask: "If 40 million customer credit card numbers are
>> exposed in a security breach at the credit card processor CardSystems, why
>> do a significant number of people not cancel their Visa and/or
>> Mastercard?"
>Simple .. because Mastercard/Visa got to avoid having to notify th
Frank Knobbe wrote:
> Perhaps you should ask:
> "If 40 million customer social security numbers are exposed in a
> security breach at the credit card processor CardSystems, why do a
> significant number of people not request new social security numbers?"
>
> After all, there is no limit on liabi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 797-2 [EMAIL PROTECTED]
http://www.debian.org/security/ Michael Stone
September 28th, 2005
http://www.networkcomputing.com/showitem.jhtml?articleID=160910889&pgno=2
cheers
Ivan
On 9/29/05, adnan habib <[EMAIL PROTECTED]> wrote:
>
>
> hi all
>
> please help me i want some strong points for juniper ,,, help me to defeat
> cybergurad as t runs by scure computing now @ which they have
hi all
please help me i want some strong points for juniper ,,, help me to defeat
cybergurad as t runs by scure computing now @ which they have there own
firewall..
best regards \
___
Full-Disclosure - We believe in it.
Charter: http://lis
A good start
http://www.networkcomputing.com/showitem.jhtml?articleID=160910889&pgno=2
cheers
Ivan
On 9/27/05, adnan habib <[EMAIL PROTECTED]> wrote:
>
>
> hi security gurus
>
> i want to implement juniper (netscreen) solution in my company ,,, moveover
> i want to replace cyberguard from junip
--On Wednesday, September 28, 2005 18:49:32 +0200 Jan Nielsen
<[EMAIL PROTECTED]> wrote:
Hi Pauk
Can i ask what you were doing that a pix could not handle nat wise ?
just wondering since I have done very extensive and complex nat'ing in
pix'es from 506's up to 535's without any performance pro
--On Wednesday, September 28, 2005 09:48:36 -0700 Kevin Pawloski
<[EMAIL PROTECTED]> wrote:
Does the Tipping Point appliance allow you to create custom rules now?
Yes, for some definition of "rules". For example, you can block individual
host/port combos or ports or hosts, that sort of thin
--On Wednesday, September 28, 2005 17:48:59 +0100 "Paul S. Brown"
<[EMAIL PROTECTED]> wrote:
On Wednesday 28 September 2005 16:56, Michael Holstein wrote:
> If you NAT a lot, PIX can't handle the load. It also isn't flexible
> enough.
Huh? .. the FWSM (which is PIX and you can have 4 of them
Cutting down on false alerts would be a start and by false
alerts I mean (in this case) alerts such as a receiving MS-SQL worm alerts on your Linux
hosts.
Yes, you can setup suppression alerts and disable rules but the larger
the network you monitor the more cumbersome that becomes. SourceFire
Hi,
Derick Anderson schrieb:
> The company I work for (as the only systems administrator) is
> considering a new implementation of their web-based software. To support
> this we will be splitting our single domain into two domains, one for
> production servers and one for employee support (file se
On Wed, 28 Sep 2005 14:46:38 CDT, Todd Towles said:
> Plus, it was shown recently that personal credit card fraud via ID theft
> is smaller than victimless credit card fraud.
>
> http://www.theregister.co.uk/2005/09/16/gartner_phantom_fraud/
The Google-provided ad at the top says:
Official Check
Hi,
Michael Holstein wrote:
>> Our company plan to install IDS to protect our resources, I'm already
>> read about snort as NIDS, but, that's software based. I'm interesting
>> with hardware based that will work transparently with our Cisco PIX,
>> no need to make changes in our firewall. What's y
Plus, it was shown recently that personal credit card fraud via ID theft
is smaller than victimless credit card fraud.
http://www.theregister.co.uk/2005/09/16/gartner_phantom_fraud/
It is a very good rundown on why the banks just really don't have a
reason to chase after them and stop them.
-Tod
On Wed, 2005-09-28 at 10:22 -0400, Kenneth F. Belva wrote:
> In the paper I ask: "If 40 million customer credit card numbers are
> exposed in a security breach at the credit card processor CardSystems, why
> do a significant number of people not cancel their Visa and/or
> Mastercard?"
Simple. The
Hi All !!
While I was testing desktop based firewalls (here it is Zone Alarm Pro) with
the firewall evasion kit developed by me, I found that a very old flaw still
exists in many latest versions of desktop based firewalls. It is possible
for a malicious program to bypass a desktop based firewall b
I'm not so sure it's that simple... People were aware of it.
Um .. but *which* 40mil was it? Am I one of them? Hearing that 40mil
random people got nicked is one thing .. me getting a letter from MBNA
another.
Mastercard/Visa certianly know .. and so do some member banks, because
some of th
Title: Re: [Full-disclosure] Suggestion for IDS
Show me an OpenBSD system that can handle 400 interfaces,
20gbps, and 4Mconnections (and can do HSRP, etc).
Regarding HSRP, OpenBSD now has failover with their CARP
implementation.
And IPSec SA synchronization as well.
You may be intereste
On Wed, 28 Sep 2005 14:07:08 EDT, Michael Holstein said:
> PCI bandwidth at that rate is 127.2MB/sec (big B). Cisco's figure is
> 60mb/sec (litte b).
Crap. Sometime after I hit send, that 'b' magically turned lower-case. You're
right, it's only eating 1/8th the PCI bandwidth, not almost all of
Hi all,
Now that we're talking about IDS, which are, in the list's opinion, the
features they hate more about actual IDS's?
I mean, what features you dream of everytime you have to plat with your IDS
but you don't have?
Thxs in advanced.
--
Alejandro Barrera García-Orea
R&D Engin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SCO Security Advisory
Subject:OpenServer 5.0.7 OpenServer 6.0.0 : UnZip File
Permissions Change Vulnerability
Advisory number:
be lucky to have a budget for a McSE (you want fries with that?)
"Fries with that" ... LMAO .. good one ;)
(In the interests of fairness, you don't need much beefy if you're Cisco -
the listed technical specs on the innards of the PIX-501:
Processor: 133-MHz AMD SC520 Processor
Random access
On Wed, 28 Sep 2005 17:48:59 BST, "Paul S. Brown" said:
> I suspect the argument here has to be cost-for-cost - in the price range for
> a
> decent beefy OpenBSD box you aren't going to be using FWSMs, and I can quite
> believe that the PIXen in that price range don't perform - the PIX 501 is
In the paper I ask: "If 40 million customer credit card numbers are
exposed in a security breach at the credit card processor CardSystems, why
do a significant number of people not cancel their Visa and/or
Mastercard?"
Simple .. because Mastercard/Visa got to avoid having to notify their
custom
Hi Kevin,
Yes, they will give you a no-extra-cost Windows-based program
to create custom rules. We've got one, but I haven't
used it yet. I'm still brushing up on my Regex...
Regards,
Lew
Kevin Pawloski wrote:
Does the Tipping Point appliance allow you to create custom rules now?
The last ti
I suspect the argument here has to be cost-for-cost - in the price range for a
decent beefy OpenBSD box you aren't going to be using FWSMs, and I can quite
believe that the PIXen in that price range don't perform - the PIX 501 is
specced at 60MB/s throughput and the cheapest retail price I can f
On Wednesday 28 September 2005 16:56, Michael Holstein wrote:
> > If you NAT a lot, PIX can't handle the load. It also isn't flexible
> > enough.
>
> Huh? .. the FWSM (which is PIX and you can have 4 of them in a chassis)
> can handle 100 intefaces, 5gpbs, 100k CPS, and 1M concurrent per blade.
>
Does the Tipping Point appliance allow you to create custom rules now?
The last time I tried the appliance (which was over a year ago) that
'feature' was not yet available.
KevinOn 9/28/05, Paul Schmehl <[EMAIL PROTECTED]> wrote:
--On Wednesday, September 28, 2005 15:54:41 +0700 Fajar Edisya Puter
I'm not so sure that FWSM runs PIXOS, but with all that interfaces think about
the rules managment nighmare.
-Mensagem original-
De: Michael Holstein [mailto:[EMAIL PROTECTED]
Enviada: qua 28-09-2005 16:56
Para: full-disclosure@lists.grok.org.uk
On Wednesday 28 September 2005 16:56, Michael Holstein wrote:
> > If you NAT a lot, PIX can't handle the load. It also isn't flexible
> > enough.
>
> Huh? .. the FWSM (which is PIX and you can have 4 of them in a chassis)
> can handle 100 intefaces, 5gpbs, 100k CPS, and 1M concurrent per blade.
>
White and Case, a top NYC law firm, posted a survey on Data Security
Breach Notifications on September 26, 2005.
>From the press release: "Victims of personal data security breaches are
showing their displeasure by terminating relationships with the companies
that maintained their data, according
This a DLL used by IIS do handle POST requests, it can be used to upload files.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Hi Pauk
Can i ask what you were doing that a pix could not handle nat wise ?
just wondering since I have done very extensive and complex nat'ing in
pix'es from 506's up to 535's without any performance problems.
Jan
-Original Message-
From: Paul Schmehl [mailto:[EMAIL PROTECTED]
Sent: 2
If you NAT a lot, PIX can't handle the load. It also isn't flexible
enough.
Huh? .. the FWSM (which is PIX and you can have 4 of them in a chassis)
can handle 100 intefaces, 5gpbs, 100k CPS, and 1M concurrent per blade.
http://www.cisco.com/en/US/products/hw/modules/ps2706/ps4452/
Show me
--On Wednesday, September 28, 2005 11:37:38 -0400 [EMAIL PROTECTED]
wrote:
On Wed, 28 Sep 2005 07:01:34 EDT, "J. Oquendo" said:
While I do agree with the statement made "Quite frankly, anybody who
already has a PIX installed and wants to install an IPS needs to quantify
*exactly* what protect
--On Wednesday, September 28, 2005 15:54:41 +0700 Fajar Edisya Putera
<[EMAIL PROTECTED]> wrote:
Dear Experts,
Our company plan to install IDS to protect our resources, I'm already
read about snort as NIDS, but, that's software based. I'm interesting
with hardware based that will work transpar
On Wed, 28 Sep 2005 07:01:34 EDT, "J. Oquendo" said:
> While I do agree with the statement made "Quite frankly, anybody who
> already has a PIX installed and wants to install an IPS needs to quantify
> *exactly* what protection the PIX is failing to provide before they go
> shopping for anything"
Hi Aditya
On 9/28/05, Aditya Deshmukh
<[EMAIL PROTECTED]> wrote:
> Recently 2 days ago I saw this in a compromised system.
>
>
> Both this file and cpshost.dll were deleted from C:\InetPub\scripts
> This file was recovered but I was unable to recover cpshost.dll
>
>
> Anyone know what is this
On 27/09/05, Frank de Wit <[EMAIL PROTECTED]> wrote:
Couldnt help noticing your name is kinda "F-Wit" lol (sorry)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - htt
Take a look at Sourcefire's (The company who makes Snort) IPS products.
Joel Esler
(pS. Disclaimer, I work for Sourcefire, and am biased to
Sourcefire/Snort's products)
On 9/28/05, Michael Holstein <[EMAIL PROTECTED]> wrote:
> > Really? Is there no software package capable of withholding inspect
Our company plan to install IDS to protect our resources, I'm already
read about snort as NIDS, but, that's software based. I'm interesting
with hardware based that will work transparently with our Cisco PIX, no
need to make changes in our firewall. What's your suggestion.
My first piece of ad
Really? Is there no software package capable of withholding inspected
packages until cleared by said IDS?
Um .. snort-inline anyone?
Michael Holstein CISSP GCIA
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter: http://lists.g
Recently 2 days ago I saw this in a compromised system.
Both this file and cpshost.dll were deleted from C:\InetPub\scripts
This file was recovered but I was unable to recover cpshost.dll
Anyone know what is this ?
<% Response.Buffer = TRUE %>
Version=1.5
<%
PathTo
Hi,
I have just had chance to put a paper I wrote a little while ago online.
It discusses the problems involved in writing shellcode for Windows CE/ARM
and goes on to develop an exploit. The full source for the exploit and
related utilities is included.
http://www.pentest.co.uk/cgi-bin/viewcat.
>what i criticize is that *lots* of companies (at least here in my
>vicinity) are selling cheap "vulnerability assessments" which actually
>are nothing more than automated security scans. this leads to the
>customer feeling safe when he's really wide open to attacks. often,
>these people's networks
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
greetings comrades...after doing some further research, this is
what I was looking for:
http://sfs.poly.edu/presentations/boris_cable%20modem%20sniff.ppt
http://www.securityfocus.com/news/7977
SB5100 + Blackcat Combo at:
http://www.tcniso.net/ (thank
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 821-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
September 28th, 2005
On Wed, 28 Sep 2005 [EMAIL PROTECTED] wrote:
In a nutshell I would go with Sentivist.
http://www.nfr.com/solutions/download/HotPick-IPS-Review.pdf
For brief summaries of some other products:
http://www.networkintrusion.co.uk/inline.htm
> All depends on the inbound packet rate, how fast the IDS
On Wed, 28 Sep 2005 11:48:06 +0200, Peer Janssen said:
> Really? Is there no software package capable of withholding inspected
> packages until cleared by said IDS?
All depends on the inbound packet rate, how fast the IDS is, and how much RAM
you're willing to buy. Just remember that a sufficie
[EMAIL PROTECTED] wrote:
On Wed, 28 Sep 2005 15:54:41 +0700, Fajar Edisya Putera said:
plan to install IDS to protect our resources
An IDS doesn't *protect* your resources, any more than a concealed
video surveillance camera protects anything. It may tell you who did it, and
what they d
On Wed, 28 Sep 2005 15:54:41 +0700, Fajar Edisya Putera said:
> Our company plan to install IDS to protect our resources, I'm already read
> about snort as NIDS, but, that's software based. I'm interesting with
> hardware based that will work transparently with our Cisco PIX, no need to
> make cha
Dear Experts,
Our company plan to install IDS to protect our resources, I'm already
read about snort as NIDS, but, that's software based. I'm interesting
with hardware based that will work transparently with our Cisco PIX, no
need to make changes in our firewall. What's your suggestion.
Thanks
Fa
On Tue, 27 Sep 2005 09:20:57 -, adnan habib said:
> i want to implement juniper (netscreen) solution in my company ,,, moveover
> i want to replace cyberguard from juniper ... is there any one let me know
> any strong point that will support me in replacement like weakness in
> cyberguard e
[EMAIL PROTECTED] wrote:
> On Tue, 27 Sep 2005 17:53:58 +0200, Bernhard Mueller said:
>
> And note also that "finding a hole" and "be talented enough to create an
> exploit" are *totally* distinct. I found a rather nasty rootable hole in
> Sendmail a while back (read the release notes for 8.10.1
58 matches
Mail list logo