Need many more facts than what you want to run. What laptop, what OS,
what kernel, etc. Also need to know what exactly you mean by 0-for-3 on
cards that work? The card has nothing to do with those applications.
Nor vice-versa.
fwiw, i have both linux and freebsd on a Thinkpad 600x. Two 3co
Lophtcrack
Robert Clark
MCSE, MCP+I, MCP, A+
MIS - Texas Cellular
-Original Message-
From: Javier Palomares Lopez [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 17, 2001 4:50 AM
To: [EMAIL PROTECTED]
Subject: Detecting weak passwords free tool
-BEGIN PGP SIGNED MESSAGE
I think finding a NIC that can't be put into
promiscuous mode is rare. Be sure you are running
as root, since only they can put the NIC in
this mode.
David H Hickman wrote:
>
> Hello. I need to run nmap, nessus and ethereal on a laptop. So far I
> am 0/3 on cards that work.
>
> does anyone k
Frequently my box running snort on mandrake linux displays the message
"ICMP Unreachable IP short header (1 byte)"
Can anyone please tell me what this message means and if it is a possible
nimdA or DoS attack. Im relatively new to intrusion detection so any help
would be greatly appreciated.
T
I'm sure someone here will have some insight on this...
A friend of mine has a linux machine that has been rooted with the t0rn
root kit. I found the usual supsects, as in ps, dir, find, syslogd, top
etc all having been replaced. Also, there were two new lines in the
rc.sysinit script. One to lau
Crew,
Problem: Looking for a process flow for the implementation of single sign
on. Put yourself in this position:
You have JUST realized that you want to implement SSO in your organization.
What steps do you take from now until it's in place and running smoothly?
How long will each step take (
Could probably build a wrapper to the shell...
> -Original Message-
> From: Pablo Gietz [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, October 17, 2001 8:38 AM
> To: [EMAIL PROTECTED]
> Subject: how to
>
>
> Hi gurus
>
> Solaris 7.x
>
> There are any way to log the commands inputs from
I've run nmap and nessus on a laptop with a 3com card. FastE 10/100. I
can get you the model number if you want. Haven't tried ethereal
though.
--
Sean Waddell
David H Hickman wrote:
>
> Hello. I need to run nmap, nessus and ethereal on a laptop. So far I
> am 0/3 on cards that work.
>
Hi, look up Q161990 in the Microsoft KB is describes the passfilt.dll which
enables you to enforce "stonger" passwords, of course you have to force
users to change their passwords in order to have them improve the strength
of their PW, so you can just put a "low" (say 3-5) maximum password age and
Have you tried a 3com card? Have you checked anything out on nmap, nessus or
ethereal's page concerning laptops/pcmcia ethernet cards?
-matt
On Wed, 17 Oct 2001 09:02:32 -0500
David H Hickman <[EMAIL PROTECTED]> wrote:
>
> Hello. I need to run nmap, nessus and ethereal on a laptop. So far
I am looking for a tool that will tell me the last time a user has logged in
to any server in the domain and other SAM stats. Does anyone know of
one(Free or otherwise)?
Turn on Unix Accounting.
Look in the Solaris Manual for Accounting.
- Original Message -
From: Pablo Gietz <[EMAIL PROTECTED]>
Date: Wednesday, October 17, 2001 11:37 am
Subject: how to
> Hi gurus
>
> Solaris 7.x
>
> There are any way to log the commands inputs from the Unix shell.
>
Hmmm I'm 3/3...
Of newer cards I know the Xircom Cardbus works Model CBEM56G-100.
Of older cards...
I know the Megahertz PCMCIA Model XJ10BT works (X-Jack model).
And 3Com/Megahertz 10/100 PC Card works (sorry no model number in front of
me)
All three of these work in Linux and NT/2000.
>
Zircom will
-Original Message-
From: David H Hickman [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 17, 2001 10:03 AM
To: [EMAIL PROTECTED]
Subject:Promiscuous pcmcia network card
Hello. I need to run nmap, nessus and ethereal on a laptop. So far I
am 0/3 on car
I know a couple of places that use it. It seems like a pretty good
firewall. It is easy to configure. There are a couple of drawbacks to
it though.
1. If you have multiple external addresses, you can't masquerade a
servers outgoing connections as a particular IP address while another
out
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Wouldn't it be fairer to say that badly implemented security is dangerous
if/when it sends passwords in plaintext, therefore allowing them to be
sniffed...
In a perfect world sniffers would be useless as password capture tools since
all secure traff
I am going to setup loadbalancing and failover with Cisco 417's. Is there a
problem related to SSL sessions ?
Mark Fagan
CSP Network Engineer
Esat Business
1 Grand Canal Quay
Dublin 2, Ireland.
E [EMAI
On Tue, Oct 16, 2001 at 09:16:13PM +0100, Alan Wright wrote:
> Brian,
> Many thanks for your help.
> I have ordered the stuff any way, any one trying to sniff outside the house
> would be extremely noticeable as I live in a dead end/cul de sac.
> I am aware that they could sniff from 100 yards or
It is important to note that not all viruses can be cleaned. I would look at
Panda Antivirus. They update there virus signitures multiple times daily. We
use them here and it works great.
- Nick Edens
Checker Distributors
R.H. Cotterell (10/16/01 3:15 PM):
>
>Go to the following URL and weav
hi Oswald,
u can do one thing keep a Proxy Server/Firewall machine in between the
Switch and the Router, now at the begining u can moniter all the trafic
going from the internal network to the router then u can implement a CVP
server in support to ur firewall/Proxy server, where u can implement t
Hi all,
I have been tasked with finding and implementing solutions to provide
payroll vendors/401k vendors and health care providers with methods our
company can use to transmit encrypted files via Website (IIS), FTP, and
E-mail (Exchange). We are a total MS shop. I thought of looking to Verisign
>they figure if you are scared
>and unknowledgeable you wont run the client cause you will see it is
>flagged as malware this prevents script kiddies from playing with the
>toys I am guessing?
No, They are saving security on computers worldwide! Meaning! Kiddies on
networks can't download cain d
Pros:
Overall I'm happy with the product. I like the logging features, the
company is responsive to exploits, and the email tech support is quick
to respond to your questions or problems.
Cons:
I had a M$ vpn solution in place before the Watchguard.
The Firebox will not NAT GRE thru the firewal
This is slightly difficult to judge without much logging .. try the command
ftp -d foo.bar.org
to enable debugging messages and then see what pops up.
Also check the firewall logs in /var/log to see what is the last packet from
that ip which has been rejected. Does it have a port number that y
Are there any legal actions that can be taken. I have the same problem. In fact
the most recent ip address that has been attacking me was from some fortune 500
IT consultanting company. I would think there should be some room for recourse
due to neglect. What do you all think?
- Nick Edens
Chec
Hiya guys
I am getting this in my firewall logs which have been lasting for around 2
days now and can't seem to get anymore info on it. I am using a sonicwall
firewall. Can anyone possibly help me find out how to solve this problem?
10/18/2001 11:53:18.240 - IP spoof detected - Sourc
Thank you all for your help etc on this matter, as a few of you have said
and I agree my stuff isn't that interesting anyway.
There are enough systems in place to see what goes on anyway if they really
wanted to and were prepared to stand out in the cold wet wind we get now
til April next year
On Tue, 16 Oct 2001, Mark L. Jackson wrote:
> Recently I recommended the PGP E-pliance with regards to this thread. This
> morning my channel partner informed me that PGP is being folded into Mcafee
> (due to not being able to sell the division I presume). I was told that the
> entire PGP staff w
On Tue, 16 Oct 2001, sysadmin wrote:
> Hey guys, I have been trying to figure this out all day and it has
> lead me no where... I contacted a few of my friends online and their also
> clueless to why my methods of madness haven't lead to success.
>
> I have setup a FreeBSD firewall o
Does this make sense to you guys? One of my users sent it to me. It sounds
good in theory.
--
Subject: Good Idea
I received a computer trick today that's really ingenious in its simplicity.
As you may know, when/if a worm virus gets into your
>The only difference between CSS attacks with POST vs GET methods is ease.
>Its easier with the GET method because, as you have noticed, the attacker
>can see the GET request in the location field of the browser.
>POST requests are not visible this way so may appear more secure, BUT THEY
>ARE
I have to agree with Alan. If this is something that you wish to pursue
either at home or for your business ensure that the network access points
that you purchase are configurable for the mac addresses of the nics that
will associate with them. Any hardware that does not have a feature that
all
On 05/10/01 13:05 -0700, Jay D. Dyson wrote:
> The best suggestion I can give you is to abandon Win2K and load
> either Solaris x86 or Linux and use Qmail.
Or postfix on either OS, or on FreeBSD. Easier to drop in place than
qmail too.
Devdas Bhagat
you need to put a hub between the switch and router, just any old hub will
do fine, plug the switch into the hub, then uplink the hub to the router,
plug your surf control machine into the hub as well. it can't see anything
on the switch except it's own port, which is why it's not working. by
forc
I have installed a Linksys Wireless access point/DSL/Ethernet in my home.
It is extremely easy to install and it works well.
A few security precautions would be to encure that you change the SSID
default string. Ensure that you enable encryption. If you wireless access
point allows it, control
I talked to several reps at a Technology Expo here last week about wireless
technology. They told me that the latest wireless systems are based on MAC
address because of the problems experienced at trade shows. They also said
that you can even set up the systems to ONLY give access to machine
Ok I hope that this doesn't turn into a ZoneAlarm sucks use BlackIce or a
You shouldnt use Outlook debate... This is just a question that I was
wondering if anyone had thought about or run into.
Here is the scenario:
I have ZoneAlarm Pro Loaded
I am using Outlook 2000 as my mail client
I have M
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> firewall/hardware firewall $150 -
> $500
If you want to keep costs down, and you have an old say... PII or
even P166 laying around you could install an older version of Linux
(i.e. RH 6.1) and then use SeaWall
Gavin,
Try doing a traceroute to your router's IP address and see if you can
connect. You can use one of the traceroute servers on traceroute.org, or
one of my favorites is http://visualroute.visualware.co.uk/ which gives you
a visual view and more info on performance, any blocked traffic, etc.
I disagree, I have scanned my version of CAIN with 4 different AV scsaanners
and it comes up clean.
- Original Message -
From: "Michelle Mueller" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; "'Jonathan Watts'"
<[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, October 16, 2001 12:3
I think that blocking the Webmail sites works if the users are going
directly to them. You still need to look at blocking sites like
SafeWeb and all of the 'Triangle Boy' Servers that they offer as well.
Maybe the ideal solution is to handle it with policy and recourse.
Best of Luck
Tim
What makes you think this is a DoS?
> -Original Message-
> From: Gavin [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, October 17, 2001 8:13 PM
> To: [EMAIL PROTECTED]
> Subject: recover from possible DOS attack!
> Importance: High
>
>
> Help!
>
> I work at a small company and for the last
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> I work at a small company and for the last 4 days our small network (4
> computers!!!) could not and still can not get online, I told my boss it might
> be a DOS (Denial of service) attack. all the files seem to be OK but I just
> cant get donline,
43 matches
Mail list logo