Microsoft Operations Manager 2000 Question
I have been reading the user guide and it sounds like a good tool to use. But seeing we run different platforms, can this be used to pull the logs off a solaris server? Thanks for your help, Mart _ Get your
Nimda Problems
Hi all, Not really sure if this is the right place to post this or not, but recently our server had a full reinstall of Windows 2000, and before any patches could be installed, Nimda infected the machine from somewhere. Now my problem is this. I've wiped the machine, isolated it completely from
Sendmail.mc > Sendmail.cf
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I have a problem with rebuilding the sendmail.mc file to the sendmail.cf file I do the following [root@mail m.wolffensperger]# m4 /etc/mail/sendmail.mc > /etc/sendmail.cf /etc/mail/sendmail.mc:11: m4: Cannot open /usr/lib/sendmail-cf/m4/cf.m
Re: Single sign-on
www.baltimore.com www.entrust.com Microsoft Metadirectory Services: www.microsoft.com regards, Ivo - Original Message - From: "Ricardo Delgadillo" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, November 23, 2001 11:40 PM Subject: Single sign-on > Hi there: > > We have be
Web authentication with smart cards
Hi, I am looking for a web authentication package using smart cards for an NT4.0/IIS server. Users should authenticate from any place with their username and one time generated token using SSL, then have access to my application. Does anybody have a tip on a good product to do tha
DATA RECOVERY TOOL
Hi everybody, I need to recover data from an infected NTFS hard disk with "Wyx" variant. Suggest a free tool available to recover data from the aforesaid infected hard disk. Regards, Jit.
Re: svchost.exe
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): > To see what process this is hosting, do a "tlist" on the process id XP does not have tlist. jonas
RE: How securing Apache Web server ?
It depends on what OS you are going to install Apache. If it's Microsoft Products then you will need to harden NT or w2k. if it's linux then you will need to either Install a barebones Linux, and ensure that you disable services that are not required like ftp, telnet, and sendmail, any application
RE: Novell password checker
Pavel, NMRC's Pandora tool... http://www.nmrc.org/pandora/index.html Chris -Original Message- From: Pavel Lozhkin [mailto:[EMAIL PROTECTED]] Sent: Friday, November 23, 2001 2:03 PM To: [EMAIL PROTECTED] Subject: Novell password checker Does someone know some software for Novell to cr
Re: iNotes Security
2001-11-26
Thread
Kanikkannanl PN-149709 Dept-corp Audit Div Desg-Asst.Manager 1/421037 Ph-43983/45283
Hi I was going through a Notes and Domino security related interview in Iris Today Webzine at www.notes.net Although it does not cover iNotes per se, here is a question which talks of iNotes: --- Begin Quote --- Have products like iNotes Web Access presented different security considerations
Re: SNMP security
"Robert D. Hughes" wrote: > > To reiterate: > Use a long and complex mixed case alpha-numeric community string for > both gets and sets (if sets are needed. CiscoWorks requires the > ability to do both gets and sets, as do many management applications > in a distributed environment. Also, SNMP is
Re: traffic shaping
Hi Claudiu, You can find an article entitled "Linux Firewall - The Traffic Shaper" on the SecurityFocus Web site at: http://www.securityfocus.com/infocus/1285 . Stephen Entwisle Moderator, Security-Basics SecurityFocus http://www.securityfocus.com (403) 213 3939 ext. 235 -Original Message--
ipchains
hi all i have configured ipchains on my linux 7.1 box. the 3 rules (in order) do the following 1> accept src 0.0.0.0/0 port * dst hostA port 22 2> accept src hostA port 22 dst 0.0.0.0/0 port * 3> deny src 0.0.0.0/0 port * dst 0.0.0.0/0 port * I intend to allow ssh on hostA, and deny everything els
how secure is MonMotha's firewall 2.2.1?
Hello guys, just to ask what is your opinion about MonMotha's series of firewalls, I have implemented version 2.2.1 as a starting point to build my own personalized version, I would like to add logging capabilities and some protection against Fin (
postrouting
I am currently trying to set up a firewall to forward ALL trafic destined to the FW from the external interface to another system on the internal network, My problem is that, routing takes place befor comarison to the rulebase, so when the packet is sent to the FW, the OS determines that no rou
Stupid MSDE question
Hi, Is there anyone who could tell me if MSDE can be accessed by TCP/IP like MS-SQL (in the view of the recent worm)? If so, is there any way to tell it to change the sa password in it? I tried to find how it is, but I'm far from being a DBA and we need MSDE here (for SharePoint Team Services,
Tripwire .twd causes fatal error
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I've been getting fatal errors on every tripwire check for a few weeks, and I finally starting testing it to find the problem. In /var/lib/tripwire on the server (helios), I found helios.twd and helios.twd.bak (4 times as big as the other). After m
SSH server for windows
Hi, Anyone have successfully used and implemented SSH server for WindowsNT4/Win2K? I've installed one SSH server product by www.ssh.com but couldn't get it to work with Putty clients or scpy command. Any recommends or comments from anyone? Thanks in advance. Regards Andrew
Listning processes.
Hi Group, Can we find out what processes are listening on what TCP/IP ports on a UNIX host? I there a straight forward command to find that out? Regards, Raghu. This message is confidential and may also be legally privileged. If you are not the intended recipient, please notify us immediately
Safeweb.com no more free !!!!!!!!!!
Hello ... I've got a question: Any body knows a free anonymizing service like the old safeweb.com ...it is no more free ...I know others like surfola.com etc.. but their addresses are blocked ...I loved the strategy of Triangleboy that wa s used in safeweb.com, so it can't be blocked ... any help
RE: G.E.N.E.S.I.S at grc.com
Ok, there are a number of problems with his logic behind his "solution" to Synfloods. Allow me to present a few. 1. He assumes Synfloods only originate from spoofed source IPs. While this is usually the case, this is not necessarily always true. 2. Part of his security model relies on reboot
Re: Xmas and null scans
On 24 November 2001 4:33, gminick spaketh unto ye recipient: > > >Hello everyone. > > >I'm running FreeBSD 4.4 and i was doing a port scan of my self (from a > > >remote > > >box that i have legal access to) and i was getting a log of open ports > > > from nmap -sN and nmap -sX. I was wondering w
RE: traffic shaping
you can have alook at www.linuxsecurity.com i think i saw a traffic shaping doc on it sometime IIRC or you can spend a couple of bucks and procure a system that was specifically made for that particular purpose...i got a Bandwidth manager here which restricts bandwidth by IP have a look at www.eti
Re: tripwire password
Thanks Dan. I do acknowledge that this is how I got out of the problem, just getting created a new passphrase, by deleting the keys from /etc/tripwire and executing twinstall.sh. Now the issue is that since the earlier passphrase was not recovered, so any database created using that passphrase
Squirrel Mail - just how secure it is?
Hello group, I would like to ask if anyone has some expirience working with or security auditing WebMail program, written in PHP, called SquirrelMail. As I can see in version 1.06 and 1.2.0rc2 it is using IMAP, which I consider as highly insecure protocol. Correct me please if I`m wrong. If it
Re: How securing Apache Web server ?
http://www.apacheweek.com/features/security-13 Luis Enrique Londono wrote: > > Hi, > > There are several good links about Apache Security in: > http://httpd.apache.org/docs/misc/tutorials.html > > Regards, > > Luis Enrique Londono > > - Original Message - > From: REMY Vincent <[EMAIL
Re: MD5 Authentication
Do u know what windows 2000 uses md for? At 08:16 AM 13/11/01 +0100, you wrote: >windows 2000 as uses MD Ithink >- Original Message - >From: "Amoediun Trepcoze" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Saturday, November 10, 2001 11:22 AM >Subject: MD5 Authentication > > >> Do
RE: Application Development
You could be referring to an OWASP mail from the webappsec list. OWASP is Open Web Application Security Project and have among other attacks a description of a generic session hijacking. Visit owasp.org ---8<-- Best regards Gøran F. Breivik [EMAIL PROTECTED] --
RE: WIN2K Ports 32000 & 32001 Open ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 See the problem with saying this is this or that based on static port assignment is that it makes a huge assumption; it assumes that either the attacker is using a program that does not allow him to change the port or if he is using one he decided not
Listening processes.
Hi Group, Can we find out what processes are listening on what TCP/IP ports on a UNIX host? I there a straight forward command to find that out? Regards, Raghu. This message is confidential and may also be legally privileged. If you are not the intended recipient, please notify us immediately
RE: Multiple port mirroring?
All except the 85xx series. Joe H. Clifton, II Security Team Lead Office Depot 2200 Old Germantown Rd Delray Beach, FL 33445 e-mail: [EMAIL PROTECTED] 561-438-7906 561-438-7633 (F) -Original Message- From: Andrew H. Turner [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 20, 2001
sendmail.mc > /etc/sendmail.cf
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I have a problem with rebuilding the sendmail.mc file to the sendmail.cf file I do the following [root@mail m.wolffensperger]# m4 /etc/mail/sendmail.mc > /etc/sendmail.cf /etc/mail/sendmail.mc:11: m4: Cannot open /usr/lib/sendmail-cf/m4/cf.m
RE: Firewall Costs
We provide linux based firewalls at roughly $2k per install. This would include hardware, software, setup, etc complete with IPSEC VPN software, and SNORT IDS. Now, management is usually roughly 5-10 hours per month depending upon the rate of vunerability releases and bug discoveries. $15k
Re: Firewall Costs
The Cost is right if you are getting a PIX-4FE (4 ports) and SmartNET. Or a PIX-1FE, 3DES and SmartNET. The 11 man days/ (88 hours) seems kinda/rather high! I take care of a bunch of 515's. I generally give them 1hr a month or quarter (depending on the client & environment). The only excep
RE: Ethernet Tap
http://www.finisar-systems.com/htdocssh/products/taps/index.html There's a product model midway down the page called Century Tap. -Original Message- From: Justin Funke [mailto:[EMAIL PROTECTED]] Sent: Friday, November 23, 2001 10:45 AM To: [EMAIL PROTECTED] Subject: Ethernet Tap Has a
Re: Xmas and null scans
Well i know what a port scan is and how it works.. i was asking about the Xmas and NULL type scans. What flags do they set? I was just asking bout these specific types of scans not port scanning in general. Ill look up the Phrak mag artical to see if it has the info i'm looking for thanks Cra
Re: Firewall Costs
On Friday 23 November 2001 08:50 am, Thomas Ullrich wrote: > Hello everybody, > our IT provider offered us a FW solution to separate three industrial > production subnetworks from an > LAN used by the office personal. There is the necessity to have some > data exchange between a couple of > NT mac
ADSL Security questions
To all High Speed Connection Users, I need your help, I'm getting ready to step up from a PPP connection to ADSL and with your assistance, I would like to know some of the security steps to take when using ADSL. My gateway/firewall is a old Fujitsu FM-V Desk Power SE using a pentium 120MHz c
