BlackIce merely logs incoming items...it does not block them. I don't
think that there is a setting to do so...you might look here:
http://www.grc.com
It's Steve Gibson's website and he explains all the problems with
BlackIce and ZoneAlarm, and even Windows XP...real interesting info
about the TC
It's possible. I'm not the expert to tell you how it is done, but I have
been told that it is possible.
-Original Message-
From: Milk [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 03, 2001 9:50 AM
To: [EMAIL PROTECTED]
Subject: palm VIIx wireless modem
does anyone know if you can
Viruses, backdoors, trojans among mIRC scripts are very common place and
always have been, Hence why 99% of mIRC scripters will tell you not to ever
run mIRC scripts without at least a basic understanding of what they do. If
you go to any of the larger mIRC script sites(don't know any since i
Greetings folks-
This morning I ran HFNETCHK.EXE and got the output below...
===
Using XML data version = 1.0.1.147 Last modified on 10/01/2001.
WINDOWS 2000 SP2
Patch NOT Found MS01-013Q285156
WARNING
On Wed, 3 Oct 2001, Niranjan Chintam wrote:
> Folks,
>
> 1) Can any one please suggest a good SSH white paper on how it works
>
> 2) Can you folks also suggest a good freeware SSH tool
Did you even look on http://www.google.com before posting? A quick search
on there yields PuTTY (win32) and
Hi
Is there a way to detect if there is a backdoor to any security
tool that I wanted to install. Or if it is Trojan?
Amit
___
|
Amit P. Gandre |
Schlumberger
Larry,
Sure is. www.safeweb.com and unfortunately, there
are many more sites just like it...hope this helps a
little...
Gene...
--- "Lou, Larry Y." <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> I'm just curious as whether or not is possible for
> internal user to connect
> to a website/IP (ex
SANS just published the top 20 threats. At the bottom, in Appendix A, is a
list of common ports/vulnerabilities.
http://66.129.1.101/top20.htm
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 02, 2001 9:30 AM
To: [EMAIL PROTECTED]; [EMAIL PROT
nmap -sS tells you anything?? like half open connection?
i consider that to be a syn dos tool . try opening about a hundred half open
connections on one port.. it's the old common nuke if my memory doesn't
decieve me
On Tuesday 02 October 2001 20:28, you wrote:
> nmap is a portscanning tool, no
Don't use your real name--ever. Don't do anything from your home
machine (or primary account). Pay for everything in cash. Don't
keep records. Never provide your home address, or if so, provide
a false one. Don't buy anything online. Some sites proxy their
shopping traffic through a third pa
My users would like to have a discussion web site. I know this can be done
using FrontPage 2000. My problem is with the security of having something
like this.
Does anyone see any issue here ? Any suggestions for other software, etc.
Thanks,
jaime
We are implementing Lawson HR System for our company. I would just like to
know if any one has a best practice for the system as far as security is
concerned. Also would like to know anyone's recommendation, experience or
ideas on securing Lawson HR System. I would appreciate any inputs, Thanks
They could set up a proxy for themselves
*nix - http://tinyproxy.sourceforge.net/
win32 - http://www.surferprotectionprogram.com/
(there are of course others)
Or they could use any of the dozens already out there...
http://tools.rosinstrument.com/proxy/
Or even just pipe the request through
Hi,
Can someone tell me why one should consider SSCP/CISSP to the
other? How can they be compared with the SANS certification?
Also, I would like to know good books for SSCP and CISSP. I am
primarily concerend with SSCP.
Thanks
Amit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi guys.
Any recommendations for a secure mail server out there?
The platform will be Win2k. I currently have a sendmail server out
there, but we're considering making some changes. Any help would be
greatly appreciated. Thanks,
- -Fab
- --
Fab
HI
I am looking for the following information
1. A Vulnerability database that would give information on all the
well known attaacks
2. Security Tools for Unix(different platforms) and Windows
3. Patches for different vulnerabilities and possibly how to install
the patch
I know the to
I am realitively new to all this 2000 stuff. I have found some weird stuff
in the syslog of a OWA machine on our network:
2001-10-03 14:58:11 A.B.C.D - W3SVC1 WIN2000MACHINE A.B.C.D 80 GET
/scripts/root.exe /c+dir 404 3396 72 62 HTTP/1.0 www - - -
2001-10-03 14:58:13 A.B.C.D - W3SVC1 WIN2000MACH
They can simply bypass the firewall by dialing outthe firewall only
blocks the network, not the dial outs!
-Original Message-
From: Lou, Larry Y. [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 02, 2001 5:22 PM
To: 'SECURITY-BASICS ([EMAIL PROTECTED])'
Subject: IP/Website restricti
Hi all,
Is there any way of blocking Audiogalaxy and Morpheus at the firewall?
I know the best way would be to 'persuade' the users not to install it, but
just wondering if there's a way to stop them connecting to their main sites,
for example. Or are they pretty resilient?
Cheers
John
--
John
SQWEBMAIL+VPOPMAIL+QMAIL+LDAP, this is scalable by domains and users at same
time.
You can see more information at http://inter7.com/vpopmail/
--
Juan Manuel Mouriz - [EMAIL PROTECTED]
Administrador de redes / Programador
Design Multimedia - http://www.design.com.py/
Eusebio Lillo 2503
AsunciĆ³n -
Hmmm. I had a similar problem. I had to uninstall and reinstall IIS to get
it working, and I never used the IIS Lockdown tool again. Our event log
messages were different though. I don't remember exactly what they were
unfortunately.
I know this doesn't answer your question, but if you get it
Nessus is very good, but for full control over your packets I recommend
hping (http://www.kyuzz.org/antirez/software.html). This will allow you
to create the most weird and wonderful packets that you could possibly
need at the speed you need. I also use hping to do manual port scanning
for thos
Does anyone know of a list of open IP ports used by the file sharing
programs, such as KaZaa, Net Vampire, eDonkey2000, and the like?
Thanks,
-aht
Lou, Larry Y. wrote:
> I'm just curious as whether or not is possible for internal user to connect
> to a website/IP (ex.hotmail.com) which has been blocked by the firewall. If
> so, how? Link or doc will be appreciated.
Sure. There are public proxies and sites like anonymizer. You'll need t
Try http://www.zeroknowledge.com They have a privacy protection suite
available.
-Original Message-
From: who isnot [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 02, 2001 8:52 AM
To: [EMAIL PROTECTED]
Subject: How do I keep anonymous?
Hello Everyone,
How do I keep from letting
Nemesis is THE tool for packet crafting. I am pretty sure it will fit your
needs as well.
--The Crocodile
- Original Message -
From: "mailing list" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, October 02, 2001 1:44 PM
Subject: RE: Syn Flood generator / Dos Attack generator
Rumor has it that there is such a system/network operational in
Germany. Anyone got a lead I could follow?
V/R
--
James W. Meritt, CISSP, CISA
Booz, Allen & Hamilton
phone: (410) 684-6566
You can reverse the IIS lockdown tool if you run it again. It just backs
out of the lockdown completely. Do that and check your settings again by
installing it again. It's possible that you checked the setting to "Set
permissions to prevent IIS anonymous user from writing to content
directories
Hi Everyone,
I'm trying to allow my users who's connected on my lan to connect to my
internet web server.
My web server and my clients are behind my firewall (netfilter kernel
2.4.9). My firewall preroute any packet to his ip to the local web server ip
( 192.168.1.1 to -> 192.168.1.4 (webserver)
> Following you Message,
>
> No I am sorry to say how wrong you are, there are 7 viruses contained within
> this program, and all the mirrors are exact copies. This program loads the
> viruses onto you machine and then allows you to transmit them whilst in IRC.
>
> The virus profiling was checke
Hi
> Hello.
> I need intrusion detection tool like tripwire, but tripwire report
> using cron, we dont know when cracker get in on server, Anyone know
> what tool when intrusion detected and send email or sms to admin?
I have a few listed on my site at
http://www.networkintrusion.co.uk/integrity.
Only you have enough information to answer your question. Start by verifying that you
have logging turned on in your rule set. Then review your log files. I bet you can not
get hotmail to run because it is changeing ports or addresses and you have it blocked.
>
>I'm new to Firewall (FW-1).
>I'm
Hi,
I was checking out some cracks site the other day, thecrack.net to be exact.
There is a java applet that runs on the site to download them cracks. The
site requires that you trust it before you can download.
Has anyone ever analyzed the code on this site to see exactly what it does
because I
Hi...
- Original Message -
From: "Lou, Larry Y." <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, October 03, 2001 3:52 AM
Subject: IP/Website restriction
> Hi all,
>
> I'm just curious as whether or not is possible for internal user to
connect
> to a website/IP (ex.hotmail.c
Hi there,
if you're looking for justifications, here are some:
- it may be used to receive or sent critical/secret data
- it can not be scanned by a mail virus scanner integrated in your preferred mailers
postoffice
- and finally, to turn it around: for what reason should you allow access to web
One possibility, depending on how your firewall "blocks" the site is quite
interesting actually. First, get the IP address of the site that is
blocked. A simple "ping mail.yahoo.com" will work. Then, convert the IP
address to binary form:
64.58.76.98 = 100.111010.1001100.1100010
Remove th
I can't find any information on it at insecure.org. Could you possibly post
a link to a download? Thanks.
Brownfox
-Original Message-
From: Korkmaz, Murat [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 02, 2001 4:58 PM
To: 'Claudio Cuestas'; Vicent
Cc: [EMAIL PROTECTED]
Subject: RE
Lou, Larry Y wondered :
> Hi all,
>
> I'm just curious as whether or not is possible for internal user to
connect
> to a website/IP (ex.hotmail.com) which has been blocked by the firewall.
yes probably.
> If so, how? Link or doc will be appreciated.
depends on the skill of your user, and your fir
Find an anonymous surfing proxy that supports HTTPS( http://webveil.com/matrix.html )
or set up your own CGI-based proxy outside the network. Simply browse to the proxy
and tunnel through there to hotmail.com.
>>> "Lou, Larry Y." <[EMAIL PROTECTED]> 10/02/01 06:22PM >>>
Hi all,
I'm just curio
> Of course, one can always put some malicious code into the zip archive,
but
> running this is a three-step task (save attachment, open it, run the
program)
> - little bit harder than just clicking on the attachment but a good excuse
> for the Microsoft. And it really is - if you had to be dumb t
Hi Seham!
On Tue, 02 Oct 2001, Seham Mohamed wrote:
>
> Hi,
>
> Please help me to do the professional security steps for apache web
> server.
Short answer: I think it's secure by default. Really.
A longer one: decide how much information you are ok to leak to visitors.
E.g. turn off server
Sure,
As a large University Faculty equivalent, we have a lot of desktops
but never enough to satisfy all our students needs. Our solution was
to create specific email labs or kiosks and then block web-based
email sites on the remaining hosts during core-hours.
The actual blocking practice is
www.snapgear.com
Arjen de Landgraaf
-Original Message-
From: Brumariu, Radu [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 03, 2001 4:48 AM
To: Security-Basic (E-mail)
Subject: Router with security features
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hi all,
I would like to
Yes, the firewall only blocks out that specific address. there is however a
program called safeweb which is a proxy avoidance system. clients are
installed around the net and your user will use one of their ip address to
connect. We have blocked http e-mail and require our users to forward their
m
Hi,
I was wondering how most of yall distribute your ssh fingerprints?
I'm thinking through as many vectors as possible but not finding
much supporting documentation on that. Signed email, web page under
tripwire, motd (after the fact), or even snail mail? Others?
Dan
> Microsoft just can't win... They get so much flak from people for having
> an "insecure" product that lets users choose to run trojaned .EXE files,
> so they grudgingly make the change, and they are suddenly big brother.
> Oy!
Where was Outlook was blamed for allowing someone to manually execut
Try at
http://www.technotronic.com/denial.html
http://www.astanetworks.com/resources/about/attack_tools.html
cheers
ag
Pradeep Kumar wrote:
> Folks
>
> Does any know any tool which can generate Syn Floods / DoS attacks.
> This is for lab testing purposes.
>
> -Kumar
tripwire will, You have to setup the twpol.txt to email you. This file is
then encrypted and can't be read. You will know if you are hacked if you do
not receive an email. There are numerous howtos on this just search for
tripwire howto.
- Original Message -
From: "Abu @ Trabas Dot Com" <
Hello, many of you, like myself are probably just about sick of all
the noise that has been happening in our logs lately, making routine
audits take alot longer then they should, filling harddisks rather
quickly, and just being a big annoyance.
Anyway, I currently am running the 2.2.x serie
Hi!!
A way to recognize firewalls is doing port scans searching for specific
ports.
For example the Firewall-1 from Check Point listen to TCP 256,257 and
258.
Does any one of you have a list of firewalls and the ports that they
listen to?
Regards,
Rodrigo Ramos
http://www.spyket.com.br
Try out
www.securitystats.com/tools/portresults.asp-It gives a list of all ports so
you might find something useful.
sans.org-lists some of the ports which should not be allowed(saw it long
back so don't know whether its useful)
Bye
Prem Sagar
Greetz evrybuddy
Firstly, sorry to cross post, I would think that not many peeps are
subscribed on both lists.
To the point of my posting:
I am currently busy with this domain of the CISSP, please can you send me
links that you might have pertaining to this domain.
Thanks
Langa Kentane
Start here, http://apache-server.com/tutorials/
and when your through with that check out O'Reilly's book:
http://www.oreilly.com/catalog/apache2/
Also available as a pay to view Online book at:
http://safari.oreilly.com/main.asp?bookname=apache2&cnode=1
Kenneth
On 1 Oct 2001, at 14:28, Staci Marcum wrote:
>
>
> Does anyone know of a site that lists ports and corresponding
> vulnerabilities? Any help would be much appreciated,
>
Try
http://www.neohapsis.com/neolabs/neo-ports/
http://www.seifried.org/security/ports/
One such source is found at
http://www.spirit.com/Resources/ports.html
Scott Pinzon
WatchGuard Technologies, Inc.
-Original Message-
From: Staci Marcum [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 01, 2001 11:29 AM
To: [EMAIL PROTECTED]
Subject: port and vulnerabilities
Does anyo
Mario Behring wrote:
> Subject: Questions about fw-1
(...)
> 1- FW-1 works with Statefull inspection technology, but is
> there any way to
> configure fw-1 to work both as packet filter and as application
> proxy gateway,
> just like a hybrid firewall software would do ??
You can do it but I don'
Folks,
1) Can any one please suggest a good SSH white paper on how it works
2) Can you folks also suggest a good freeware SSH tool
--Niranjan
I got a question on that one. If their IP resolves to some name from which I
can make up the ISP everything is fine, however how do I find out which ISP
they're using if it doesn't resolve/resolves to something that has no
relation to the ISP?
Kind regards
> But then again, if you have the ti
does anyone know if you can hack the wireless modem on
a Palm VIIx? I am quite interested in the possible
capabilities of the wireless modem in it (i.e.
wireless scanning)just wondering if anyone know's if
it's possible or not.
=
Nothing is too small to know, and nothing too big to attempt.
-
there is a really good program called Shadow Security Scanner. It can
generate any type of DoS or syn floods. This program can be found @
www.rsh.kiev.ua
Ciao,
===
./tom/ferris
./founder
www.security-protocols.com
===
Original Message-
>From: "
60 matches
Mail list logo