Re: Win2K and Lview.exe -- am I infected?
I have seen this problem as well on Windows 2000 running LView, it does not appear that LView, or the version I was running, will work on Win2k. This was tested on 2 seperate machines with similar configurations as far as software, one was an 866 and the other was a 1.0 Ghz both with 256 Megs of RAM and Win2k Professional. Hope this helps, RTH On Monday 10 December 2001 10:03 am, H Carvey wrote: > In-Reply-To: <[EMAIL PROTECTED]> > > >Any idea if I have been infected with something > > and what I can do about it? > > You have not provided any information to suggest > that you're infected with anything. You can use > Task Manager to identify which processes are > eating up your CPU cycles and memory. > > Have you tried running a virus scanner? > > Do you have any other information which might > suggest that you've been infected with something? -- == Ryan Hilton [EMAIL PROTECTED] "No answer is also an answer" ==
RE: NAT/PAT (Hide NAT) Vulnerabilities?
Howdy, I have never seen PAT described in an RFC to date. Could someone point me in the right direction with this outside of a Cisco website? Or is this really a "standardized" acronym? Ray -Original Message- From: Paul Leroy [mailto:[EMAIL PROTECTED]] Sent: Friday, December 14, 2001 12:56 AM To: 'Reaves, Timothy CECOM RDEC STCD JANUS'; SecurityBasics Subject: RE: NAT/PAT (Hide NAT) Vulnerabilities? Hi, PAT is Port Address Translation, it is also called NAT overload. Instead of mapping internal IPs to external IPs, it maps internal IPs to external source ports. This means that only one IP (that of the outside interface of the PAT device) is seen by the outside world. This also increases the number of concurrent connections to roughly 64000 instead of just the size of the outside IP pool. Hope that helps Regards, Paul Leroy -Original Message- From: Reaves, Timothy CECOM RDEC STCD JANUS [mailto:[EMAIL PROTECTED]] Sent: 12 December 2001 08:26 To: SecurityBasics Subject: RE: NAT/PAT (Hide NAT) Vulnerabilities? could someone please explain PAT? Thanks "This e-mail may contain confidential information and may be legally privileged and is intended only for the person to whom it is addressed. If you are not the intended recipient, you are notified that you may not use, distribute or copy this document in any manner whatsoever. Kindly also notify the sender immediately by telephone, and delete the e-mail. When addressed to clients of the company from where this e-mail originates ("the sending company ") any opinion or advice contained in this e-mail is subject to the terms and conditions expressed in any applicable terms of business or client engagement letter . The sending company does not accept liability for any damage, loss or expense arising from this e-mail and/or from the accessing of any files attached to this e-mail."
Re: IBM Laptop Logging
access can be done with regular auditing the other part, (MOM) Microsoft Operations Manager, in which you can define rules and take actions on it. it access is made to a file, run script or page or whatever, generate alert. An agent runs on every client. regards, ivo - Original Message - From: "willie domingo" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, December 13, 2001 9:40 AM Subject: IBM Laptop Logging > Hi all, > > Our company issued an IBM laptop running Windows ME to our field > officers. In order for these people to be apply the policies of the company > we downloaded it to their laptop. > > Due to the sensitivity of these policies we would want to protect the bank > by having a logging mechanism if ever they copied such policies to a > diskette or cd. Or better yet everytime they access said policy it should > be logged. > > Is there a utility in Windows ME to do this. If not is there a utility > freeware or not that can do this. It should produce good reports. > >Thanks for your comments. > >Willie > > _ > Join the world's largest e-mail service with MSN Hotmail. > http://www.hotmail.com > >
Re: Which Proxy Server...
Take a look at Raptor for lots of application proxies. Now named Symantec Enteriprise Firewall. http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=47&PID=na&EID=0 It has proxies for at least 1., 2., and 3. -- it may for 4. as well, but I'm not positive. Runs on Solaris and HP/UX. There is also a Linux based appliance version called Velociraptor which has all the same functionality (though there is no Linux port to run on your own hardware (go figure)). On Fri, 14 Dec 2001 [EMAIL PROTECTED] wrote: > Dear users, > I am planning to upgrade my Proxy Server. It runs on IBM AIX(Unix Like) > operating system. I tried to search Proxy Server for Unix on Internet. > But the results were not much and also their performances were unknown. > Can you help me out to select a suitable one proxying the following > services, at least: > 1. HTTP,FTP,news > 2. Telnet > 3. Streaming Video/Audio Service > 4. Messanger Service > > I need the Proxy Server to run on Unix like Operating System only. > > Rakesh > == > > > - >
Cross Site Scripting questions
Could somebody please explain to my how to test/secure your site from CSS vulnerabilities? I understood from Cert's and Apache's explanations that the best thing to do is to encode the output of the dynamic parts of your site or else install a filter that monitors your web servers output. But why encode, did I understand it correctly that this way the output is interpreted by the browser as text and not as a tag?? And more important how and when do you encode your output? And does anybody know a (opensource) filter for apache that eliminates malicious strings or is the whole CSS security issue to site specific for this? Jeroen Beerstra
Re: Passwords On Paper
On Thu, Dec 13, 2001 at 02:29:44PM -0500, you ([EMAIL PROTECTED]) wrote: > Is anyone familiar with a government or private study that surveyed the top 10 >places to store passwords that were written down on paper; e.g. under the keyboard, >etc? If you're searching for statistics you wouldn't find any. Why ? Because it's hard to do so. Maybe it could be done by some questionnaire somewhere on a well-known, popular web site. Many of my friends simply forgot passwords (to emails accounts etc), and when it is needed again they ask me to crack their mailboxes :) At my work password on all of the computers (even on the clients computers) in BIOS(only) is "ENTER". It isn't written anywhere, because it's simple and everybody knows that password. I've got a lot of passwords to protected sites in my mobile phone. I do not need to remember them, because they aren't so important to trash my head... More important passwords for me is a list of logins and passwords figuring only in my head. I use them in various configurations, and I don't care what confiration is right. When I need to log-in somewhere I'm shooting as long as my config is wrong :> It takes max 4 minutes, but generally I remember configurations. All of these passwords are hard to crack by using some sort of brute force etc. Nowadays any hidden passwords aren't needed, all you need to do is able an option in your m$ stuff to remember passwords ;P ps. before i started work in my current job, all the passwords were well known. My cheef have had always running notebook, with a file hasla.txt(passwords.txt) on the c:\ with logins and passwords to his mail/bank accounts etc. Everybody were non interested in security/privacy. After a few weeks I've got every possible password and I showed them what they're doing bad, why they should take care of their passwords, and now it looks more secure indeed :) -- [ Wojtek gminick Walczak ][ http://hacker.pl/gminick/ ] [ gminick (at) hacker.pl ][ gminick (at) klub.chip.pl ]
Re: Passwords On Paper
On Thu, Dec 13, 2001 at 02:29:44PM -0500, [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote: > Is anyone familiar with a government or private study that surveyed the top 10 >places to store > passwords that were written down on paper; e.g. under the keyboard, etc? I would imagine that it would be very difficult to obtain enough information to carry out such a survey effectively. Personally, I have certainly seen passwords (with corresponding user names) written on post-it notes stuck to monitors, on whiteboards, and sometimes just scribbled down on random bits of paper lying on a desk. This is much more likely to occur if people are *given* passwords instead of choosing their own. Zeshan
Re: bug in ssh2 or secureCRT?
Hi Ctrl+S is the shortcut of scroll lock. Just close (turn the light of) the scroll lock. That's all. Also you can type Ctrl+Q to close scroll lock. Hope this helps, Regards AFE On Sunday 09 December 2001 02:16, Liu Wen wrote: > I am using SecureCRT with SSH in windowsXP, but everytime I press Ctrl-S > in a session window, it lost response. I have to manually disconnect it > > :( > > Cheers > Liu _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
Re: Closing open ports
> > TCP0.0.0.0:4450.0.0.0:0 LISTENING > > UDP0.0.0.0:445*:* > > The ports are not currently open to any foreign machines; the 0.0.0.0:0 and > *:* are just showing the ports are listening for connections from -your- > machine to -your- machine, and it's nothing to really worry about. Actually, I believe the 0.0.0.0 and * mean your machine is listening for connections from anywhere to any locally bound address. Once a connection is established, you'll see the local and remote addresses for each connection.
Re: Which Proxy Server...
Apache (www.apache.org) w/ mod_proxy works fine for http. Apache builds under most anything. For the others, I'm not sure you want a proxy server so much as a NAT service. I've never heard of a telnet "proxy", since it's interactive (ie, not stateless file serving like http). Hope that helps. - Jared Lovell On Fri, 14 Dec 2001 [EMAIL PROTECTED] wrote: > Dear users, > I am planning to upgrade my Proxy Server. It runs on IBM AIX(Unix Like) > operating system. I tried to search Proxy Server for Unix on Internet. > But the results were not much and also their performances were unknown. > Can you help me out to select a suitable one proxying the following > services, at least: > 1. HTTP,FTP,news > 2. Telnet > 3. Streaming Video/Audio Service > 4. Messanger Service > > I need the Proxy Server to run on Unix like Operating System only. > > Rakesh > == > > > - > >
Re: Telnet
no log unless auditing on, error log on evntvwr.exe - Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, December 13, 2001 8:41 AM Subject: Telnet > > > On my W2000 Prof workstattion, I found that > someone had tried to use telnet ( i found it listed > under run in the start menu). HOw do I check to see > what activities they were up to? Where is a log? > > thanks > dp >