RE: How do I keep anonymous?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You could always lock yourself into your house, have no phone service, never leave, grow your own food (so you don't have to go to the grocery store), remove your fingerprints, destroy all copies of your birth certificate, destroy your SSN, be self-

Re: cross site scripint and post form

Daniel Coughlin wrote: > The only difference between CSS attacks with POST vs GET methods is ease. > Its easier with the GET method because, as you have noticed, the attacker > can see the GET request in the location field of the browser. > POST requests are not visible this way so may appear mor

RE: Needed info on Buffer/Boundary Overflow Attacks

I agree with 'ken'. I suspect that what the original poster meant by "boundary overflow" was actually the same thing as a buffer overflow. The only other possibility that I can think of is a boundary condition, where a variable gets set to a value that it should not ordinarily have (e.g., you exp

RE: IIS Header Info

Microsoft's new URLScan utility will allow you to disable the header or put in what ever you want (Make it look like Apache or something else). -Original Message- From: Omar Koudsi [mailto:[EMAIL PROTECTED]] Sent: Monday, October 15, 2001 12:17 PM To: Stuart Fraser; [EMAIL PROTECTED] Subj

Re: Win98 ScreenSaver Password Backdoor Fix

My feelings are... whether or not it is or isn't a trojan or has a back door written into it. There are plenty of other powerful password cracking packages out there. Why take the chance? -KaTT >From: Mike Dresser <[EMAIL PROTECTED]> >To: KaTT KaTT <[EMAIL PROTECTED]> >CC: <[EMAIL PROTECTED

how to

Hi gurus Solaris 7.x There are any way to log the commands inputs from the Unix shell. We need to log time, date, tty , user_id, command executed for every users that login to the system. Thanks a lot.

RE: VPN Question

Hi Kath, Sorry this response is a bit lagged. Is it wise to put a VPN in the DMZ? Most definitely, placing the VPN device in the DMZ gives a more "insulated" layer of protection to your internal network, giving your firewall the ability to handle incoming traffic rules. If I might suggest a

RE: IIS Header Info

There is a little tool by Felipe Moniz to quickly edit it: http://www.nstalker.com/defense.php best regards, David -Mensaje original- De: Stuart Fraser [mailto:[EMAIL PROTECTED]] Enviado el: viernes 12 de octubre de 2001 2:02 Para: [EMAIL PROTECTED] Asunto: IIS Header Info Hi All, Qu

Firewalk type of tool

Greetings, Does anyone know of a tool like firewalk for win2k/nt? Thanks Langa Kentane | Tel: +27 12 672 7268 Customer Engineer | Cell: +27 82 456 2219 Nanoteq (PTY) LTD | PGP Key ID: 0x0A431F2D

RE: Trust relationships over a WAN

I have a problem that I am really struggling to solve Hopefully some else has encountered it before and can guide me in the right direction. I have an NT 4 network with al my servers having service pack 6 installed. The WAN is connected by ISDN. My problem is that I have a stand alone from wh

Detecting weak passwords free tool

-BEGIN PGP SIGNED MESSAGE- Hi all! I'm looking for a free tool to check our NT users for weak passwords. Can you suggest me smthg. Thanks in advance. Javier Palomares López Morgan Stanley Telco Department Mail: [EMAIL PROTECTED] Phone: +34 914 121 222 Cell: 21222 -BEGIN PGP SIG

RE: IIS Header Info

Hi Stuart, I once heard about the possibility to hex-edit some file and change the information this way. This can be done on apache webservers and a good example is the server at hackerslab.org. Try to search through the IIS files and then hex-edit them. I don't know if this will work on IIS, ma

Promiscuous pcmcia network card

Hello. I need to run nmap, nessus and ethereal on a laptop. So far I am 0/3 on cards that work. does anyone know of a pcmcia ethernet card which supports this? Thanks ---David H Hickman

RE:IIS header info

Hi, Hexedit the W3SVC.DLL and search the string "Server". Put anything u want instead but it also disables some features like pushing updates with interdev etc... Regards, ddbt

Re: cannot clean my machine..

On 14/10/01 08:45 +, XX wrote: > First of all sorry for my english. > I have some trouble with win98 which is infected. > When I checked it with my antivirus (Kaspersky lab and virus database is up-to-date) >it says something like "worm i hybrid.b". Hybris? Update your antivirus

RE: IDS logs vs FW1 logs

Hi, You must review all the logs that you have because of the follwing: - The IDS does not include all the possible vulnerabilities (there may be new ones). - You can find more information from the fw log file.It can guide you to the specific location that the intruder is interested in. - The

R: Personal firewalls for laptops

Change OpSys use Linux , W2000 is one hole of security check with netstat cmd access to port of your IP and for close hole use another machine with tool install like Stint, Satan, Nessus. This tool is not for beginer. By max - Original Message - From: Nina Levitin <[EMAIL PROTE

RE: SSL connections through firewall

Once the traffic ( incoming ) touches your corporate Network Wire outside the local VPN gateway, the packet is not encrypted. Thats where you can use the Corporate virus scanner. SSL would encrypt and authenticate. So my take on this is - If a users site is has VPN and FW and a single user is car

RE: Sharing Folders

Setup a dedicated file sever and have them dump there files. That way you will not have to worry about messing with the workstations settings. ./OG www.security-protocols.com Original Message- >From: "Buzetta Fabian" <[EMAIL PROTECTED]> >To: "'[EMAIL PROTECTE

Small office Firewall.

Recently I recommended the PGP E-pliance with regards to this thread. This morning my channel partner informed me that PGP is being folded into Mcafee (due to not being able to sell the division I presume). I was told that the entire PGP staff was given 'final checks' and sent home. With that in m

Re: Win98 ScreenSaver Password Backdoor Fix

- Original Message - From: "Mike Dresser" <[EMAIL PROTECTED]> To: "KaTT KaTT" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, October 16, 2001 3:39 AM Subject: Re: Win98 ScreenSaver Password Backdoor Fix > > > One other warning. I tried to download CAIN from > > http://www.c

RE: Personal firewalls for laptops

I also had those types of problems with ZA, but as of 2 releases ago, it's been quite stable. That's saying a lot, because the way I use computers, I experience problems that nobody else does. If it can crash, it will do so for me first. I've been very happy with ZA for the last several months.

Re: cannot clean my machine..

Hello çÒÉÇÏÒÉÊ, Sunday, October 14, 2001, 10:45:23 Acasica, you wrote: çð> Hi, people. çð> First of all sorry for my english. çð> I have some trouble with win98 which is infected. çð> When I checked it with my antivirus (Kaspersky lab and virus database is up-to-date) it says something like "w

RE: Personal firewalls for laptops

You sure did have quite a lot of bad luck with it! I have installed it on a lot of workstations without a problem, and I actually have it installed on a W2K AS that has IIS, FTP, DNS, and mail servers. No problems so far -Original Message- From: Nina Levitin [mailto:[EMAIL PROTECTED]] S

need feedback on Watchguard firebox

Hello everyone, I'm thinking of installing the Watchguard firebox on our network, appreciate any feedback on the product. Thanks,

RV: How to stop zombie scanners?

Hi, Seems like the Right Thing to do... http://hogwash.sourceforge.net/ Sergio Erazo -Mensaje original- De: Sergio Erazo [mailto:[EMAIL PROTECTED]] Enviado el: Lunes 8 de Octubre de 2001 11:37 Para: [EMAIL PROTECTED] Asunto: How to stop zombie scanners? Hi, I've set up a Linux box

RE: Wireless LAN for the Home network.

Brian, Many thanks for your help. I have ordered the stuff any way, any one trying to sniff outside the house would be extremely noticeable as I live in a dead end/cul de sac. I am aware that they could sniff from 100 yards or so but I'll have to see if I can sniff it my self with the laptop as

RE: Hotfix Deployer

For your first question have you tried this (Microsoft Network Security Hotfix Checker (Hfnetchk.exe): http://support.microsoft.com/support/kb/articles/q303/2/15.asp Or, have you tried this (Post-Windows NT 4.0 Service Pack 6a Security Rollup Package): http://support.microsoft.com/support/kb/arti

RE: Sharing Folders

Fabian, You could put them in the local power users group. That would allow them to share files (and printers) per the description in musrmgr.exe "Members can share directories and printers." However, I agree with Mr. Francis. It's a *bad* idea. Hope this helps, Merv -Original Message---

Re: cannot clean my machine..

Go to the following URL and weave your way to the free HOUSE CALL scan and cleaning operation on-line: çÒÉÇÏÒÉÊ ðÔÁÛËÏ's e-mail of 14 October 2001 8:45 stated: >Hi, people. > >First of all sorry for my english. >I have some trouble with win98 which is