Shomiti also makes an fairly inexpensive tap as well.
Joe H. Clifton, II
Security Team Lead
Office Depot
2200 Old Germantown Rd
Delray Beach, FL 33445
e-mail: [EMAIL PROTECTED]
Office: 561-438-7906
Fax: 561-438-7633
2-way pgr: 877-542-0129
-Original Message-
From: Justin Funke
Hi Craig,
Straight from the nmap man page:
The FIN scan uses a bare (surprise) FIN packet as the probe, while the Xmas
tree scan turns on the FIN, URG, and PUSH flags. The Null scan turns off all flags.
Hope this helps,
-Mike
>>> Craig Van Tassle <[EMAIL PROTECTED]> 11/24/01 11:32PM >>>
Well
Hi everyone.
You might also consider Gnat Box or Sonic Wall as well.
Both the software only solutions and the appliances are quite fully
featured.
regards,
mitch
[EMAIL PROTECTED]
That's not entirely true. The ports are called span ports or monitor ports
depending on the switch brand.
And depending on the capabilities of the switch you can monitor either one
VLAN, several VLAN's or the entire switch. On some low-end switches you
might only be able to monitor one VLAN th
Craig Van Tassle wrote:
>
> Well i know what a port scan is and how it works.. i was asking about the Xmas and
>NULL type scans. What flags do they set?
> I was just asking bout these specific types of scans not port scanning in general.
Xmas - all TCP flags
NULL - no TCP flags
-paul
Yes, see Article ID: Q297443 @ support.microsoft.com. I have just been
through this.
cheers,
rob
- Original Message -
From: "Martin Smith" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, November 26, 2001 10:05 AM
Subject: Microsoft Operations Manager 2000 Question
>
> I
Hello All,
I am willing to put up a new safeweb site. But I need to know how. Any help
would be appreciated.
Wyatt
"Bassam ALHUSSEIN" <[EMAIL PROTECTED]> on 11/25/2001 10:56:05 AM
To: [EMAIL PROTECTED]
cc:(bcc: Wyatt Fradenburg/SMC)
Subject: Safeweb.com no mo
cygnus has a good port of openssh included with the CYGWIN environment.
www.cygwin.com
On Mon, 26 Nov 2001, Andrew Chong wrote:
> Hi,
> Anyone have successfully used and implemented SSH server for
> WindowsNT4/Win2K? I've installed one SSH server product by www.ssh.com but
> couldn't get it to
On Saturday 24 November 2001 07:37 am, Gavin wrote:
> To all High Speed Connection Users,
>
> I need your help, I'm getting ready to step up from a PPP connection to
> ADSL and with your assistance, I would like to know some of the security
> steps to take when using ADSL. My gateway/firewall is
I got lots of scans on port 22 recently, is there any known ssh security
holes being discussed recently? Thanks.
Wooi.
I have used it SSh for NT/2k and it does a descent job.
Try a different client (make sure it is ssh2 compatible).
I did encounter a problem while using it for port forwarding a vnc
connection.
Later,
Yury German
-Original Message-
From: Andrew Chong [mailto:[EMAIL PROTECTED]]
Sent: Mond
Hi guys,
I'm a pretty new user to Linux, and I want to set up some sort of protection
for my box. I have snort installed and I'm looking for rulesets - the
problem I have is this:
When I run snort, it runs in a terminal. How exactly do I set snort to just
run in the background, collecting unusua
Article: How instant messaging can jeopardise network security
"The use of instant messaging within a company can slow network
performance and expose systems to hackers and viruses. Jonathan Bennett
explains how good policies and tools can reduce the risks "
Full article at http://www.zdnet.co.u
'netstat -tap' works for linux, Im assuming its the same on unix?
On Mon, 26 Nov 2001 20:27, Raghu Chinthoju wrote:
> Hi Group,
>
> Can we find out what processes are listening on what TCP/IP ports on a UNIX
> host?
> I there a straight forward command to find that out?
>
> Regards,
> Raghu.
>
>
Francois Pepin wrote:
> Hi,
>
> Is there anyone who could tell me if MSDE can be accessed by TCP/IP like
> MS-SQL (in the view of the recent worm)?
Yes, it can. Basically, MSDE is a stripped-down version of MS SQL server,
and offers true client-server capabilities.
> If so, is there any way to
Why in the world would you let SMTP through your firewall regardless?
Unless it's the interior border of your DMZ allowing SNMP from specific
hosts on the fully-protected internal networks to specific hosts inside
the DMZ and back again.
I would never allow SNMP in from or out to the Internet.
J
Hello,
I would like to have my personal firewall loaded as soon as possible when my
2K box boots up. I have searched the Zone Labs for a command line options
but could not find anything. What is available in 2K? Do I use the win.ini
file to load it? This seems simple to do, but I can not fig
Hello John,
First of all I would say that you are not experiencing any kind of _known_
Nimda affect. I am glad to see you report you rebuilt the machine and
updated the patches with the system off-line - this is a far better approach
since several different worms can invade a system (as you foun
Making an entry in the /etc/hosts resolved the reverse DNS look up problem.
Thanks all for assistance.
Aman
>From: "aman raheja" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: ipchains
>Date: Sat, 24 Nov 2001 12:35:22 -0600
>
>hi all
>i have configured ipchains on my linux 7.1 box.
>the 3
Hello Rich,
In the past (I thought currently) McAfee offered an A/V software for the
*nix (Solaris for sure) environment - maybe others. Have you checked there?
Regards,
Robert
Hello !
My first msg to this list !
I wanto improve the security of my linux slackware 7.0 box!
I have an exploit that should work for my ftp service, but when I run it on
localhost or 127.0.0.1 nothing happens. If I run it on a random IP wich
probably doesn't have the same service or even linux
True. The speed is better when I made the entry in the /etc/hosts file.
The connection is quick when I remove firewall, though we should expect DNS
lookup then too.
Suggestions?
Aman
- Original Message -
From: "Slava Bouttchenko" <[EMAIL PROTECTED]>
> i have seen sshd working slow on opp
I want to limit DNS over TCP 53 to the servers that
do zone transfers with me. Will this in any way affect
resolvers that get responses bigger than a UDP packet will
allow ? The DNS rfc states that the TC bit is set in the
DNS header, but it does not specify what if any action is taken
by the r
Raghu Chinthoju wrote:
>
> Hi Group,
>
> Can we find out what processes are listening on what TCP/IP ports on a UNIX
> host?
> I there a straight forward command to find that out?
Yes. "lsof -i". Some Linux distributions include it. If your system
doesn't have it you can get the source from:
>> To see what process this is hosting, do a "tlist" on the process id
>
>XP does not have tlist.
Yes it does. MS is constantly renaming utilities, tlist in xp is tasklist
and
it's installed by default, which is a nice change.
This is an old link to Default Processes in Windows 2000 that you m
I've used Tiny Personal Firewall for some time. But one of our sys admins
has told me that it's not too stable on Win2K systems (our new standard),
and he's looking for an alternative.
Has anyone else experienced problems running TPF under W2K?
At 06:51 PM 11/26/01 -0300, Richard Cotterell wr
From: "M. Wolffensperger" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, November 26, 2001 3:19 PM
Subject: sendmail.mc > /etc/sendmail.cf
> I have a problem with rebuilding the sendmail.mc file to the
> sendmail.cf file I do the following [root@mail m.wolffensperger]# m4
> /etc/mail/
On Sat, Nov 24, 2001 at 10:37:56PM +0900, you (Gavin) wrote:
> My goal is to have all my computers (4) talking to
> each other securely, I have been advised not to use telnet so I'm trying to
> learn how to connect to my other systems via SSH.
take a look at search engine on www.linuxsecurity.co
Very standard pricing
-Original Message-
From: dewt [mailto:[EMAIL PROTECTED]]
Sent: Friday, November 23, 2001 6:35 PM
To: [EMAIL PROTECTED]; Security-basics
Subject:Re: Firewall Costs
On Friday 23 November 2001 08:50 am, Thomas Ullrich wrote:
> Hello everybody,
> our IT
For those processes that run as services, you can do a netstat -a, and it
will show the name of the service. Then you can do a netstat -an to get the
corresponding port numbers.
Also, check out RFC 1340 to see a list of the well known port numbers:
http://www.faqs.org/rfcs/rfc1340.html
Kelly
If I drop the firewall, the connection is instant, no time lag.
Suggestions?
Aman
>From: "TD - Sales International Holland B.V." <[EMAIL PROTECTED]>
>To: "aman raheja" <[EMAIL PROTECTED]>
>Subject: Re: ipchains
>Date: Tue, 27 Nov 2001 10:48:45 +0100
>
>On Saturday 24 November 2001 19:35, you wrot
try http://www.privasec.com
- Original Message -
From: "Bassam ALHUSSEIN" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, November 25, 2001 5:56 PM
Subject: Safeweb.com no more free !!
> Hello ...
> I've got a question:
> Any body knows a free anonymizing service like
I would have to second that... the number of hours they've quoted is too
high for a static site. Anybody that comes in and trys to tell me a PIX will
take 11 days a year to maintain, without qualifing it, will find themselves
out of the running.
---
Glenn Pitcher
Sr. System Admin (in need of
first find out where the sendmail-cf directory is on your machine. for
instance I am running Redhat Linux and on my machine it is
/usr/share/sendmail-cf . If you downloaded and built your sendmail files
then instead of sendmail-cf directory you will have sendmail-x.xx.x
directory where the x indic
Try to use Smart Cards from RSA. The part number is SD-600(keyfob) ou SD-200 (card).
You will need to use the software called Ace server from a determined number of users.
regards
Kleber Oliveira
Ricardo Aguilera <[EMAIL PROTECTED]> wrote:
>Hi,
>
>I am looking for a web authenticatio
ummh well it is not a bad webmail program but security is only as good as
the administrator who implements it! i think ...i got a nice working
version of squirrelmail hasnt given me any problems so far and if you want
a webmail program you have to use some sort of IMAP regardless of how
insecure
Hi,
Actually I was using fport, I traced the application listening on 1088, and it was
from sshd.exe. I checked the server now, and when I started it its not listening to
port 1088 anymore but now port 1028, this is aside from the port 22.
regards,
Grefenp
[EMAIL PROTECTED] on 11/27/2001
On Sun, Nov 25, 2001 at 01:20:28PM +0100, Branko IvanoviU wrote:
> Hello group,
>
> I would like to ask if anyone has some expirience working with or security
> auditing WebMail program, written in PHP, called SquirrelMail. As I can see
> in version 1.06 and 1.2.0rc2 it is using IMAP, which I c
38 matches
Mail list logo
