While I don't know of any specific tools that can check for spyware
remotely, it should be possible to use some basic network techniques
to check:
1) Check for known spyware related http requests. Most spyware seems
to change IE's startup page, for example, if a blacklist was to be
formed for sp
If I meet the
sons-of-bs that program and distribute these spywareapplications I will do
bad things that I shall feel cross and sorry about inthe morning, but only
very slightly...Suggestion, anything you do run, run it in safe mode.
The little buggers aresavvy enough to use dll hooking tech
If I meet the sons-of-bitches that program and distribute these spyware
applications I will do bad things that I shall feel cross and sorry about in
the morning, but only very slightly...
Suggestion, anything you do run, run it in safe mode. The little buggers are
savvy enough to use dll hooking t
Eric Paynter wrote:
On Tue, June 29, 2004 4:57 pm, Gary E. Miller said:
I agree, except for one small problem. Don't you still have to delete
ALL the filter rules, and reenter them ALL to change the order of the
rules?
I don't administer the PIX boxes, so I don't know the details of the
interface.
Hello,
Go to www.spywareguide.com Run the online spyware check. I think it
works great. Got rid of a lot of nasty stuff for me.
Regards,
Nancy Kramer
Webmaster http://www.americandreamcars.com
Free Color Picture Ads for Collector Cars
One of the Ten Best Places To Buy or Sell a Collector Car
I'm told AdAware Pro 6 will but I have yet to verify.
Jeff Schreiner, CCNA
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Peter B. Harvey
(Information Security)
Sent: Tuesday, June 29, 2004 8:09 PM
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] Tools f
On Tue, Jun 29, 2004 at 04:57:42PM -0700, Gary E. Miller wrote:
>I agree, except for one small problem. Don't you still have to delete
>ALL the filter rules, and reenter them ALL to change the order of the
>rules? last I checked there was no "insert before", "insert at top" sort
>of options. Just
You sure got a whole bunch of good opinions with such a short question. :-)
As always, the answer is that it depends on what you need to do. If you need
a basic firewall and you have no bucks, go PIX. If you need secure remote
access as well (built-in personal firewall, ability to deny access bas
On Tue, 29 Jun 2004 16:57:42 -0700 (PDT), Gary E. Miller <[EMAIL PROTECTED]> wrote:
>
> I agree, except for one small problem. Don't you still have to delete
> ALL the filter rules, and reenter them ALL to change the order of the
> rules? last I checked there was no "insert before", "insert at t
Hi all,
Does anyone out there know of any tools available to probe network workstations for
the presence of adware/spyware?
Regards
Peter
Peter Harvey
Information Security Officer
Dept. Emergency Services - QLD
Phone: +61 7 3109 7292
___
On Tue, June 29, 2004 4:57 pm, Gary E. Miller said:
> I agree, except for one small problem. Don't you still have to delete
> ALL the filter rules, and reenter them ALL to change the order of the
> rules?
I don't administer the PIX boxes, so I don't know the details of the
interface. My statement
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
On Tue, Jun 29, 2004 at 09:20:11AM -0600, [EMAIL PROTECTED] wrote:
> This person is pushing for the use of TLS Telnet instead of SSH for the
> following reasons:
>
> - SSH is not an IETF standard.
And "TLS Telnet" is?
> The documents that make up the SSH2 protocol are still at the
> Internet-Dra
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yo Eric!
On Tue, 29 Jun 2004, Eric Paynter wrote:
> Once the
> administrators had finished their Cisco training, they said they would
> never go back to FW-1 because the PIX interface was so much easier to use.
I agree, except for one small problem.
Hi DarkSlaker
At 20:24 29/06/2004, Darkslaker wrote:
My question is PIX or Checkpoint what is better and why.
I dont think I am not skilled enough to provide you an answer about this.
However, I have both solutions under my authority and I can feedback about
a few things:
First CheckPoint (NG4) d
It really depends on the requirements one has for a firewall and which
Checkpoint platform they are going to run on, Nokia, SecPlat on a Dell,
Alteon, or CrossBeam. And if you are going to use vulnerabilities as a
reason you should then be using Secure Computing Sidewinder.
-Original Message
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: apache
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: apache2
Advisory ID:
I would agree! We tried to implement Checkpoint but as the deadline
approached we returned the product and implemented a PIX solution. We
retained experienced help for the install/setup since we had only two weeks
remaining after being abused by Checkpoint support for a month, but after
some traini
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: libpng
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yo Edward!
On Tue, 29 Jun 2004, Edward W. Ray wrote:
> If your choices are only checkpoint or PIX, I would choose Checkpoint. IMHO
> it is more reliable. But if you really want a networking company that is
> not a marketing company, check out Junip
On Tue, June 29, 2004 2:34 pm, John Kinsella said:
> On Tue, Jun 29, 2004 at 01:46:30PM -0700, Eric Paynter wrote:
>> On Tue, June 29, 2004 11:59 am, James Patterson Wicks said:
>> > CheckPoint's interface is very intuitive and easy to use.
>> Easy to use in a "Microsoft" kind of way. Last I heard,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yo Eric!
On Tue, 29 Jun 2004, Eric Paynter wrote:
> Easy to use in a "Microsoft" kind of way. Last I heard, it does nice
> things for you like always allow DNS traffic through, even if you have no
> port 53 rule and a deny all policy. How helpful!
Y
On Tue, Jun 29, 2004 at 01:46:30PM -0700, Eric Paynter wrote:
> On Tue, June 29, 2004 11:59 am, James Patterson Wicks said:
> > CheckPoint's interface is very intuitive and easy to use.
> Easy to use in a "Microsoft" kind of way. Last I heard, it does nice
> things for you like always allow DNS tra
IMHO, neither is very good.
I have been using Netscreen (bought by Juniper for $4 billion earlier this
year) products for over fours years. PIX is a very buggy and exploitable
OS. Checkpoint is somewhat better, although it dies under most DoS attacks.
My netscreen have been much better at shun
On Tue, Jun 29, 2004 at 01:24:05PM -0500, Darkslaker wrote:
> i am studying for the CCSA and my Friend for CSPFA in the interchange of
> ideas we did not find differences significant; maybe two ; PIX run in OS
> for CISCO and CheckPoint in many platforms; and checkPoit have more
> products.
> My q
* Ng, Kenneth (US) <[EMAIL PROTECTED]> (Tue, Jun 29, 2004 at 12:30:12PM -0500)
> Today this is a straw man arguement. You can tunnel practically anything
> over any protocol. I've seen NFS tunneled over EMAIL. Yes, when you type
> "ls" the NFS request packet gets UUENCODED into an email, sent ov
There are better tools to admin rules, like fwbuilder for pix...
-H
-Original Message-
From: Perrymon, Josh L. [mailto:[EMAIL PROTECTED]
Sent: Martes, 29 de Junio de 2004 14:58
To: 'Darkslaker'; [EMAIL PROTECTED]
Subject: RE: [Full-Disclosure] PIX vs CheckPoint
Well-
There are a *lot
Hi DarkSlaker
At 20:24 29/06/2004, Darkslaker wrote:
My question is PIX or Checkpoint what is better and why.
I dont think I am not skilled enough to provide you an answer about this.
However, I have both solutions under my authority and I can feedback about
a few things:
First CheckPoint (NG4) d
On Tue, June 29, 2004 11:59 am, James Patterson Wicks said:
> CheckPoint's interface is very intuitive and easy to use.
Easy to use in a "Microsoft" kind of way. Last I heard, it does nice
things for you like always allow DNS traffic through, even if you have no
port 53 rule and a deny all policy.
On Tue, 2004-06-29 at 13:24 -0500, Darkslaker wrote:
> i am studying for the CCSA and my Friend for CSPFA in the interchange of
> ideas we did not find differences significant; maybe two ; PIX run in OS
> for CISCO and CheckPoint in many platforms; and checkPoit have more
> products.
>
> My quest
>Here's a quick and dirty demo injecting malware.com into
>windowsupdate.microsoft.com :)
>http://www.malware.com/targutted.html
Thomas Kessler was kind enough to inform that this is not new,
but in fact on old "issue" with Internet Explorer which by all
accounts was supposed to be "patched"
>So, what do you all think? Is SSH really that bad or are these
>requirements unreasonable? Is it really worth implementing TLS Telnet?
The requirements are perfect if you want to describe TLS and PKI.
>- SSH is not an IETF standard.
Why is this even an issue? It's an open protocol, and has been
Three letters . . .
PDM
The Pix Device Manager is painful to work with. CheckPoint's interface is very
intuitive and easy to use.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darkslaker
Sent: Tuesday, June 29, 2004 2:24 PM
To: [EMAIL PROTECTED]
S
Well-
There are a *lot of differences between the PIX and FW-1.
First the Pix will allow anything outbound unless explicitly denied. The
FW-1 is opposite.
The logging is also very different (( Log viewing I suppose )). The FW-1 has
a nice GUI that you use to
configure it and look at the log file
i am studying for the CCSA and my Friend for CSPFA in the interchange of
ideas we did not find differences significant; maybe two ; PIX run in OS
for CISCO and CheckPoint in many platforms; and checkPoit have more
products.
My question is PIX or Checkpoint what is better and why.
"Yo nacĂ para
>Here's a quick and dirty demo injecting malware.com into
>windowsupdate.microsoft.com :)
>http://www.malware.com/targutted.html
Thomas Kessler was kind enough to inform that this is not new,
but in fact on old "issue" with Internet Explorer which by all
accounts was supposed to be "patched"
On Tue, 29 Jun 2004 09:20:11 MDT, [EMAIL PROTECTED] said:
> - SSH is not an IETF standard.
>
> The documents that make up the SSH2 protocol are still at the
> Internet-Draft stage. I don't know how long they've been at this stage,
> but the comment from security was that it's been at this stage
Today this is a straw man arguement. You can tunnel practically anything
over any protocol. I've seen NFS tunneled over EMAIL. Yes, when you type
"ls" the NFS request packet gets UUENCODED into an email, sent over
sendmail, fed into a decoder and routed back into NFS, and then back. A few
secon
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
On Mon, 28 Jun 2004, William Warren wrote:
> Frankly if i hit a site that does not work in mozilla..i email
> the webmaster..if they are unable or unwilling to support mozilla
> then i simply do not go to that site anymore..:)
>
Which can leave you with a lonely web-browsing experience. I recall
Has anyone had experience with TLS Telnet?
I'm having an interesting debate with a security architect about the
dangers of using SSH. Initially, I was floored to hear this him. I thought
I'd see what some of the opinions from this list are.
This person is pushing for the use of TLS Telnet instead
On Tue, June 29, 2004 7:23 am, [EMAIL PROTECTED] said:
> Here's a quick and dirty demo injecting malware.com into
> windowsupdate.microsoft.com :)
>
> http://www.malware.com/targutted.html
Does nothing with Mozilla 1.6. What am I missing? ;-)
-Eric
--
arctic bears - affordable email and name ser
On Mon, 28 Jun 2004, Nancy Kramer wrote:
> There are lots of sites written only for IE or clones of IE like
> Opera. Some large sites are written only for late model IEs. Many are
> from large companies. Big business thinks MS is the state of the art and
> the only way to go for business. You
i am not having a lonely browsing experience...all the security
sites i visit work jsut fine. I msut be missing some. I missed
the security researcher's list of sites that did not work in
anything but ie. What was the thread title and i will happily
search the archives..find it..and test the
I find it pretty stunning that now even the mainstream corporate online
IT press is jumping down Microsoft's throat over the vulnerabilities and
problems with the Microsoft IE browser.
I recall last week we had a thread in which one poster was defending
Microsoft, and insisting we were just compla
> On the subject of IE bugs, I am running SP2 RC2,
IE6.0.2900.2149 today I
> opened a window
> http://www.asus.com/products/server/srv-mb/ncch-dl/overview.htm
> In another IE window I had www.ingrammicro.com/uk open
>
> Whe I click on the picture of the motherboard in the first
page to enlar
DoS in popclient 3.0b6
--
Release Date: 29th June 2004
Discovery: Dean White <[EMAIL PROTECTED]>
Research: John Cartwright <[EMAIL PROTECTED]>
Overview
"popclient is a Post Office Protocol compliant mail retrieval client
which supports both POP2 (as specified in RFC
On the subject of IE bugs, I am running SP2 RC2, IE6.0.2900.2149 today I
opened a window
http://www.asus.com/products/server/srv-mb/ncch-dl/overview.htm
In another IE window I had www.ingrammicro.com/uk open
Whe I click on the picture of the motherboard in the first page to enlarge
it, it changes
To a certain extent you are right. I dunno if this is the place to
discuss all
these very general issuesd, although many pf the reasons that IE has so many
problems may come from the very fact that there is some minority of sites
that are very IE only.and that large enterprises sometimes declares
50 matches
Mail list logo