Re: Help With firewall ports
Block everything in, allow all out. Allow services that you are using and block all others. If your firewall is linux based with ip tables let me know if you need any help. Regards Kulla - Original Message - From: "Clint Goodwin" <[EMAIL PROTECTED]> To: "security-basics" <[EMAIL PROTECTED]> Sent: Sunday, March 17, 2002 11:46 Subject: Help With firewall ports > Hi all, > > I was wondering what would be a good list of ports to block at my > firewall. > I have some of the most common ones covered , however I Don't have > > a lot of experience with firewalls yet. > Can someone point me to a good resource or even provide me with a > list to help me get started. > > Thanks in advance > > Clint Goodwin >
Re: scary site
It seems that just affect xp I use w2k and nothing happened. Regards Kulla - Original Message - From: "Roy Pait" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Friday, March 08, 2002 7:51 PM Subject: Re: scary site > Yes, but check out this variant - save your work first. They replaced cmd.exe with logoff.exe! > > http://www.fuck.org/~max/xp_rules.jpg > > >>> "Kulla" <[EMAIL PROTECTED]> 03/07/02 12:53PM >>> > it is ismple java script that loads cmd.exe > >
Re: scary site
it is ismple java script that loads cmd.exe
Re: www.security7.ch.vu
Hi m8 They have just put java script to open link and show your windows root directory. Open notepad and put this code in it: Size Save the file as test.htm and run it windows explorer. And now you will see contents of your c drive. This is use of internet explorer as a windows explorer, so you don't be nothing to afraid. Regards Kulla - Original Message - From: "LS" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, February 28, 2002 00:46 Subject: www.security7.ch.vu > Hi all, > > I was sent the following address: > > http://www.security7.ch.vu/ > > When entering, it claims that you are exposed and tracked and a lot of information > is stored on your computer (doh..altho i dont keep names on it etc..). > What caught my attention is that the show you the contents of your root directory > (c:\ for a windows machine...). > What's alarming is that I don't see how this thing could've been done. I dont allow > any shares, I dont allow any services, and unless it is an IE exploit of some sort, > there is no other way to explain it. My firewall (TPF) handles all the microsoft > network issues and only internal LAN can even see my nbt name etc... > this is weird. > Anybody know how this is done ? > > Regards, > Eli > >
Re: The Best Network Scanner?
Hi Bejon For win nt for me the one of good one's is Retina from www.eeye.com And concerning the linux platform one of good one's is nessus. Regards Kulla - Original Message - From: "Bejon Parsinia" <[EMAIL PROTECTED]> To: "Security-Basics (E-mail)" <[EMAIL PROTECTED]> Sent: Tuesday, February 26, 2002 00:20 Subject: The Best Network Scanner? > Good day, > > I just wanted to pose this question to the group, what are some of the best > network scanners on the market for finding vulnerabilities on your network, > reporting on issues, and suggesting fixes for the known vulnerabilities that > are found? When you respond, please note if this is a *nix or Win32 app > (I'm in a Win32 environment). I've been working on testing a few different > products and have had a tough time on picking one to go with. Also worth > noting, I haven't found an application that is thorough enough for my liking > yet either. > > The real dilemma is, I have such a tight budget (who in IT doesn't these > days though) that I am forced to make a very informed decision. So, with > that in mind here is your challenge. > > I appreciate any feedback you can give me, and am looking forward to putting > my servers under even greater stress with your recommendations (assuming > there is a trial demo available or you suggest a free app). :) > > Sincerely, > > Bejon Parsinia > [EMAIL PROTECTED] > > >
Encryption for masses or E4M
Hi all Does anyone know how to recover password from volume file that is = encrypted with e4m? I have some files that I need to recover some files but I forgot = password. I would appriciate any kind of help or advice. Regards Kulla
Re: capturing traffic on cisco routers
You can not use mrtg because MRTG is Multi Router Traphic Grapher. That means that the purpose of the program is to show statistics in HTML of trafic of one router. It works by grabing snmp packages from router and authorizing by comunity name. It purpose is not to grab packages from router in that way that you want, it is only to show statistics of network usage by ports (serial, ethernet, ...) Regards Kulla - Original Message - From: "Srecko Jovancevic" <[EMAIL PROTECTED]> To: "Dave Stein" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, February 21, 2002 08:44 Subject: Re: capturing traffic on cisco routers > you can use mrtg > > - Original Message - > From: "Dave Stein" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, February 20, 2002 5:39 AM > Subject: capturing traffic on cisco routers > > > > Hi there, > > Im very new in this list, and a newbie in cisco > > administration, i would like to know ,if it is > > posible, > > how to capture the traffic on the router (or sniff it, > > if you like), and send it into another pc on plain > > text or whatever, or if its posible to keep it on a > > file. > > Sorry if this question if too basic, im learning here. > > If it is any help the cisco is running ios 12.1. > > anything will help!. > > bye. > > > > > > __ > > Do You Yahoo!? > > Yahoo! Sports - Coverage of the 2002 Olympic Games > > http://sports.yahoo.com > > > > > > >
Re: Software Product Download and FTP
First give us litle bit more informations. Which operating system do you have as a server? Which ftp server do you want to use? The best way to do this is to set password on directory but then you will got that problem that you will have to change password every time when someone download the program, because if someone buy the program he can give password to his friend and so on. Restrictions on ftp can be made, that is not problem. If you still want this I can help you. Regards Kulla - Original Message - From: "Mike Carney" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, February 20, 2002 21:01 Subject: Software Product Download and FTP > Hello All, > > Thank you in advance for those who reply. > > We are currently looking at a way to protect the download of our products on an ftp server. What we need to accomplish is: > > Use an FTP server > Password protect the directories > Handoff a Web user from our website and log them into the proper directory on our ftp server > > The reason for this is we are now going to offer 'full' versions of our products for download after they are purchased via our online store. The problem that we are encountering is that we only want those people who go from leave the purchase portion of the site to be able to download the programs. > > We can't allow people to be able to just browse the ftp server and download the files that they want. If anyone has gone through this or may have some suggestions or links for a scenario like this it would be great if you could send them along. > > Thanks!! > > Mike
Re: Internet Explorer 5.x/6
Yes there is a way, on internet eplorer 6 (and probably on 5) you can use security option to forbiden sites of your choice, but every user on client machine also can reset that list. On internet explor 6 click on tab Tools->internet options->security->restricted sites->sites than put the addresses in the list Regards Kulla - Original Message - From: "Rob Weiss" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, February 18, 2002 17:39 Subject: Internet Explorer 5.x/6 > I am looking for a way to restrict access to sites for some of my clients > without using a proxy/firewall solution. > Is there a way to restrict Internet Explorer to a predefined list of hosts > or create a custom list of approved sites with a deny all at the end? > > Thanks! > > Rob Weiss