Not if the U.S security services decide to have a war on
cyber terror sites.
On 9/27/05, str0ke [EMAIL PROTECTED] wrote:
KF is right on the dot. There will always be a defacement site.
Where is this going ? By your (netdev's) logic: we should shut down all the
defacement sites because
Good morning!
On Tue, 27 Sep 2005 14:34:09 +0100
Dave Korn [EMAIL PROTECTED] wrote:
Äîáðûé âå÷åð...looking for an in-line coax monitoring device that
will give me the ability to monitor/capture and decode all traffic
Even simpler: it's the T-shaped BNC coax adapter you use to connect
a PC
On Tue, 27 Sep 2005, str0ke wrote:
If we were to say zone-h sucks then we would also state that attrition
does since they did the exact thing. (which attrition doesn't suck).
Just in case anyone else needed to do the same.
str0ke, which did you mean?
[dictionary.com]
attrition Audio
[EMAIL PROTECTED] wrote:
On Tue, 27 Sep 2005 17:53:58 +0200, Bernhard Mueller said:
And note also that finding a hole and be talented enough to create an
exploit are *totally* distinct. I found a rather nasty rootable hole in
Sendmail a while back (read the release notes for 8.10.1 and the
On Tue, 27 Sep 2005 09:20:57 -, adnan habib said:
i want to implement juniper (netscreen) solution in my company ,,, moveover
i want to replace cyberguard from juniper ... is there any one let me know
any strong point that will support me in replacement like weakness in
cyberguard
On Wed, 28 Sep 2005 15:54:41 +0700, Fajar Edisya Putera said:
Our company plan to install IDS to protect our resources, I'm already read
about snort as NIDS, but, that's software based. I'm interesting with
hardware based that will work transparently with our Cisco PIX, no need to
make
[EMAIL PROTECTED] wrote:
On Wed, 28 Sep 2005 15:54:41 +0700, Fajar Edisya Putera said:
plan to install IDS to protect our resources
An IDS doesn't *protect* your resources, any more than a concealed
video surveillance camera protects anything. It may tell you who did it, and
what they
On Wed, 28 Sep 2005 11:48:06 +0200, Peer Janssen said:
Really? Is there no software package capable of withholding inspected
packages until cleared by said IDS?
All depends on the inbound packet rate, how fast the IDS is, and how much RAM
you're willing to buy. Just remember that a
On Wed, 28 Sep 2005 [EMAIL PROTECTED] wrote:
In a nutshell I would go with Sentivist.
http://www.nfr.com/solutions/download/HotPick-IPS-Review.pdf
For brief summaries of some other products:
http://www.networkintrusion.co.uk/inline.htm
All depends on the inbound packet rate, how fast the IDS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
greetings comrades...after doing some further research, this is
what I was looking for:
http://sfs.poly.edu/presentations/boris_cable%20modem%20sniff.ppt
http://www.securityfocus.com/news/7977
SB5100 + Blackcat Combo at:
http://www.tcniso.net/
what i criticize is that *lots* of companies (at least here in my
vicinity) are selling cheap vulnerability assessments which actually
are nothing more than automated security scans. this leads to the
customer feeling safe when he's really wide open to attacks. often,
these people's networks can
Really? Is there no software package capable of withholding inspected
packages until cleared by said IDS?
Um .. snort-inline anyone?
Michael Holstein CISSP GCIA
Cleveland State University
___
Full-Disclosure - We believe in it.
Charter:
Our company plan to install IDS to protect our resources, I'm already
read about snort as NIDS, but, that's software based. I'm interesting
with hardware based that will work transparently with our Cisco PIX, no
need to make changes in our firewall. What's your suggestion.
My first piece of
Take a look at Sourcefire's (The company who makes Snort) IPS products.
Joel Esler
(pS. Disclaimer, I work for Sourcefire, and am biased to
Sourcefire/Snort's products)
On 9/28/05, Michael Holstein [EMAIL PROTECTED] wrote:
Really? Is there no software package capable of withholding inspected
On 27/09/05, Frank de Wit [EMAIL PROTECTED] wrote:
Couldnt help noticing your name is kinda F-Wit lol (sorry)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
Hi Aditya
On 9/28/05, Aditya Deshmukh
[EMAIL PROTECTED] wrote:
Recently 2 days ago I saw this in a compromised system.
Both this file and cpshost.dll were deleted from C:\InetPub\scripts
This file was recovered but I was unable to recover cpshost.dll
Anyone know what is this ?
It is
On Wed, 28 Sep 2005 07:01:34 EDT, J. Oquendo said:
While I do agree with the statement made Quite frankly, anybody who
already has a PIX installed and wants to install an IPS needs to quantify
*exactly* what protection the PIX is failing to provide before they go
shopping for anything to a
--On Wednesday, September 28, 2005 15:54:41 +0700 Fajar Edisya Putera
[EMAIL PROTECTED] wrote:
Dear Experts,
Our company plan to install IDS to protect our resources, I'm already
read about snort as NIDS, but, that's software based. I'm interesting
with hardware based that will work
--On Wednesday, September 28, 2005 11:37:38 -0400 [EMAIL PROTECTED]
wrote:
On Wed, 28 Sep 2005 07:01:34 EDT, J. Oquendo said:
While I do agree with the statement made Quite frankly, anybody who
already has a PIX installed and wants to install an IPS needs to quantify
*exactly* what
If you NAT a lot, PIX can't handle the load. It also isn't flexible
enough.
Huh? .. the FWSM (which is PIX and you can have 4 of them in a chassis)
can handle 100 intefaces, 5gpbs, 100k CPS, and 1M concurrent per blade.
http://www.cisco.com/en/US/products/hw/modules/ps2706/ps4452/
Show
Hi Pauk
Can i ask what you were doing that a pix could not handle nat wise ?
just wondering since I have done very extensive and complex nat'ing in
pix'es from 506's up to 535's without any performance problems.
Jan
-Original Message-
From: Paul Schmehl [mailto:[EMAIL PROTECTED]
Sent:
This a DLL used by IIS do handle POST requests, it can be used to upload files.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
White and Case, a top NYC law firm, posted a survey on Data Security
Breach Notifications on September 26, 2005.
From the press release: Victims of personal data security breaches are
showing their displeasure by terminating relationships with the companies
that maintained their data, according
I'm not so sure that FWSM runs PIXOS, but with all that interfaces think about
the rules managment nighmare.
-Mensagem original-
De: Michael Holstein [mailto:[EMAIL PROTECTED]
Enviada: qua 28-09-2005 16:56
Para: full-disclosure@lists.grok.org.uk
Hi Kevin,
Yes, they will give you a no-extra-cost Windows-based program
to create custom rules. We've got one, but I haven't
used it yet. I'm still brushing up on my Regex...
Regards,
Lew
Kevin Pawloski wrote:
Does the Tipping Point appliance allow you to create custom rules now?
The last
In the paper I ask: If 40 million customer credit card numbers are
exposed in a security breach at the credit card processor CardSystems, why
do a significant number of people not cancel their Visa and/or
Mastercard?
Simple .. because Mastercard/Visa got to avoid having to notify their
On Wed, 28 Sep 2005 17:48:59 BST, Paul S. Brown said:
I suspect the argument here has to be cost-for-cost - in the price range for
a
decent beefy OpenBSD box you aren't going to be using FWSMs, and I can quite
believe that the PIXen in that price range don't perform - the PIX 501 is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SCO Security Advisory
Subject:OpenServer 5.0.7 OpenServer 6.0.0 : UnZip File
Permissions Change Vulnerability
Advisory number:
Hi all,
Now that we're talking about IDS, which are, in the list's opinion, the
features they hate more about actual IDS's?
I mean, what features you dream of everytime you have to plat with your IDS
but you don't have?
Thxs in advanced.
--
Alejandro Barrera García-Orea
RD
On Wed, 28 Sep 2005 14:07:08 EDT, Michael Holstein said:
PCI bandwidth at that rate is 127.2MB/sec (big B). Cisco's figure is
60mb/sec (litte b).
checks the same data sheets he checked before
Crap. Sometime after I hit send, that 'b' magically turned lower-case. You're
right, it's only
Title: Re: [Full-disclosure] Suggestion for IDS
Show me an OpenBSD system that can handle 400 interfaces,
20gbps, and 4Mconnections (and can do HSRP, etc).
Regarding HSRP, OpenBSDnow has failover with their CARP
implementation.
And IPSec SA synchronization as well.
You may be interested
I'm not so sure it's that simple... People were aware of it.
Um .. but *which* 40mil was it? Am I one of them? Hearing that 40mil
random people got nicked is one thing .. me getting a letter from MBNA
another.
Mastercard/Visa certianly know .. and so do some member banks, because
some of
Hi All !!
While I was testing desktop based firewalls (here it is Zone Alarm Pro) with
the firewall evasion kit developed by me, I found that a very old flaw still
exists in many latest versions of desktop based firewalls. It is possible
for a malicious program to bypass a desktop based firewall
On Wed, 2005-09-28 at 10:22 -0400, Kenneth F. Belva wrote:
In the paper I ask: If 40 million customer credit card numbers are
exposed in a security breach at the credit card processor CardSystems, why
do a significant number of people not cancel their Visa and/or
Mastercard?
Simple. The
Plus, it was shown recently that personal credit card fraud via ID theft
is smaller than victimless credit card fraud.
http://www.theregister.co.uk/2005/09/16/gartner_phantom_fraud/
It is a very good rundown on why the banks just really don't have a
reason to chase after them and stop them.
Hi,
Michael Holstein wrote:
Our company plan to install IDS to protect our resources, I'm already
read about snort as NIDS, but, that's software based. I'm interesting
with hardware based that will work transparently with our Cisco PIX,
no need to make changes in our firewall. What's your
On Wed, 28 Sep 2005 14:46:38 CDT, Todd Towles said:
Plus, it was shown recently that personal credit card fraud via ID theft
is smaller than victimless credit card fraud.
http://www.theregister.co.uk/2005/09/16/gartner_phantom_fraud/
The Google-provided ad at the top says:
Official Check
Hi,
Derick Anderson schrieb:
The company I work for (as the only systems administrator) is
considering a new implementation of their web-based software. To support
this we will be splitting our single domain into two domains, one for
production servers and one for employee support (file
Cutting down on false alerts would be a start and by false
alerts I mean (in this case) alerts such as a receiving MS-SQL worm alerts on your Linux
hosts.
Yes, you can setup suppression alerts and disable rules but the larger
the network you monitor the more cumbersome that becomes.
--On Wednesday, September 28, 2005 17:48:59 +0100 Paul S. Brown
[EMAIL PROTECTED] wrote:
On Wednesday 28 September 2005 16:56, Michael Holstein wrote:
If you NAT a lot, PIX can't handle the load. It also isn't flexible
enough.
Huh? .. the FWSM (which is PIX and you can have 4 of them in a
--On Wednesday, September 28, 2005 09:48:36 -0700 Kevin Pawloski
[EMAIL PROTECTED] wrote:
Does the Tipping Point appliance allow you to create custom rules now?
Yes, for some definition of rules. For example, you can block individual
host/port combos or ports or hosts, that sort of thing.
--On Wednesday, September 28, 2005 18:49:32 +0200 Jan Nielsen
[EMAIL PROTECTED] wrote:
Hi Pauk
Can i ask what you were doing that a pix could not handle nat wise ?
just wondering since I have done very extensive and complex nat'ing in
pix'es from 506's up to 535's without any performance
A good start
http://www.networkcomputing.com/showitem.jhtml?articleID=160910889pgno=2
cheers
Ivan
On 9/27/05, adnan habib [EMAIL PROTECTED] wrote:
hi security gurus
i want to implement juniper (netscreen) solution in my company ,,, moveover
i want to replace cyberguard from juniper ...
hi all
please help me i want some strong points for juniper ,,, help me to defeat
cybergurad as t runs by scure computing now @ which they have there own
firewall..
best regards \
___
Full-Disclosure - We believe in it.
Charter:
http://www.networkcomputing.com/showitem.jhtml?articleID=160910889pgno=2
cheers
Ivan
On 9/29/05, adnan habib [EMAIL PROTECTED] wrote:
hi all
please help me i want some strong points for juniper ,,, help me to defeat
cybergurad as t runs by scure computing now @ which they have there
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 797-2 [EMAIL PROTECTED]
http://www.debian.org/security/ Michael Stone
September 28th, 2005
Frank Knobbe wrote:
snip
Perhaps you should ask:
If 40 million customer social security numbers are exposed in a
security breach at the credit card processor CardSystems, why do a
significant number of people not request new social security numbers?
After all, there is no limit on
In the paper I ask: If 40 million customer credit card numbers are
exposed in a security breach at the credit card processor CardSystems, why
do a significant number of people not cancel their Visa and/or
Mastercard?
Simple .. because Mastercard/Visa got to avoid having to notify their
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SA0002
+
+SquirrelMail Address Add Plugin XSS+
+
PUBLISHED ON
Sep 28, 2005
PUBLISHED AT
Title:
Arbitrary File Download by NateOn Messagener's ActiveX and DoS
Discoverer: PARK, GYU
TAE ([EMAIL PROTECTED])
Advisory No.: NRVA05-08
Critical:
Moderately Critical
Impact:
Arbitrary file download by NateOn Messagener's ActiveX and DoS
Where:
>From remote
Operating System:
Hi,
Try to look at www.nss.co.uk for IDS products comparison. They did lot of
RD. Obviously, Cisco is not a good one.
Why you're asking about IDS while we could use IPS ?
Cheers,
|+-+--|
|| Fajar Edisya Putera |
51 matches
Mail list logo