Shadow Security Scanner works just fine and I think it is freeware. I
use Retina myself
-Original Message-
From: Philip Wagenaar [mailto:[EMAIL PROTECTED]]
Sent: Sunday, January 06, 2002 6:29 PM
To: [EMAIL PROTECTED]
Subject: Portscanning from Windows XP machine
Hi,
I`m looking for a
Then why use 1 firewall? You can load balance a few with a fireproof
from RadWare:
http://www.radware.com/content/products/fire.htm
If you want a single device that can do full gigabit line speed, look
into the NetScreen-1000:
http://www.netscreen.com/pdf/Systems_datasheet.pdf
If you want more
Welp, there was a discussion bordering on a religious war here not too
long ago about this very subject. I will, again, state my views.
Hopefully this time, without arousing the ire of the other list
participants :)
I would say that hardening the OS/Apps (including logins, protocols,
etc.) is by
New versions of Cisco IOS will do SSH. It is important to note that it
is only SSH 1. That's still got to be better then telnet though.
Peter Fizelle
Original Message-
From: Led Slinger [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 08, 2002 3:23
To: [EMAIL PROTECTED]
Subject:
IMHO, it's easier and more reliable to edit a .conf or .ini file than
point-and-click my way through a GUI. I deal almost exclusively with
WinNT/2K and IIS, and have to make and follow checklists and scripts
to make certain I've done everything in the proper order. The process
is time consuming
Bill Walls wrote:
Hello all. Being the most dynamic and honest bunch around, I thought I
would ask the list a simple question.
I have been on the NSA's mailing list for Secure Linux, and I have to say
above all, its slow list and heavily moderated :). I have never installed
it yet, as
In-Reply-To: 002501c19799$c960$fdfea8c0@ISDesktop
Nothing is completely fool prof or completely
invulnerable and there are quite a few web servers
out there that do not have a firewall. A firewall is
there only to set up another layer of defense. The
other layers are to limit the
http://www.eeye.com/html/Research/Tools/nmapnt.html
Patrick S. Harper | MCSE ISS
mailto:[EMAIL PROTECTED]
http://www.internetsecurityguru.com
How do I set a laser printer to stun?
-Original Message-
From: Philip Wagenaar [mailto:[EMAIL PROTECTED]]
Sent: Sunday, January 06, 2002 5:29
Try:
Outbound 100 deny 213.248.107.10 255.255.255.255 0 ip
Outbound 100 deny 0.0.0.0 0.0.0.0 1214 tcp
Apply (inside) 100 outgoing_dest
Or
Access-list 101 deny ip 0.0.0.0 0.0.0.0 213.248.107.10 255.255.255.255
Access-list 101 deny tcp 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 eq 1214
Access-group 101 in
If you can write the batch files and edit the conf files then there is
no problem. I am talking about companies and individuals that slap a
Linux box up as a webserver and think there safe just because they are
using Linux. I had a client, a local ISP that did that. Every box they
had was
I have 2 friends who own ISPs (in partnership with
others), and we have been discussing the possibilities
of their using my services as an independent security
consultant.
This sounds bad already.
What I need help with is information on how to compose
valid legal documents which allow me
Besides this, Does it really matter what web server you
choose?
Yes it does.
I have worked with many and would answer this with,
the system is as secure as the administrator of that system
is knowledgeable. I know administrators who can secure an
IIS server and others who can secure
On Mon, 7 Jan 2002 [EMAIL PROTECTED] wrote:
What id really wanted to set up is to get sendmail to keep a copy of every outgoing
e-mail.
Use mailsnarf from dsniff
Greetings,
Richard.
An OS is like swiss cheese, the bigger it is, the more holes you get!
On Fri, 4 Jan 2002 18:42:13 -0800
John Morris [EMAIL PROTECTED] wrote:
What are the current options for firewalls that can handle 1gb
throughput ?
I've got a client that has a 1gb internet connection, (a major Univ),
and
they want to firewall it, but haven't because they haven't found
OK, I know this is more of a theoretical debate, because in reality we
are able and should do BOTH.
But according to you, which is more important? Paying attention to
having great firewall with a great ACL more than hardening
and patching
the systems? Or not have to worry about the
Led,
You can use Kerberos to secure your telnet if you are using IOS 11.2 or
greater. Let me know if you need any more info.
Regards,
Tim Alsop
Technical Director
CyberSafe Ltd
The Kerberos Solution Provider
-Original Message-
From: Led Slinger
To: [EMAIL PROTECTED]
Sent: 07/01/02
If I have to choose _only_ one, then I would go for security patches, but if I use
time optimization as a base for my decision, then I would firewall to deny everything
except explicitly necessary services and then I would security-patch all of those
explicitly allowed services.
If time is
I had heard that it is better to have a 'reject' rule instead of a
'deny' one, as reject will give back an immediate reply to the
interrogator, while just rejecting the query can give you a multitude of
'retry', which can eat you bandwidth with lots and lots of retries. If
possible, can
I am attempting to block the multimedia search program kazaa
on a pix 515
running ios 4.4.
Pinging the Kazaa website, I got a address of 213.248.107.10.
The program
uses port 1214.
I need to block any access to the website and to the program.
I have tried
several conduits
without
On Friday 01 January 1999 10:09, Marc towers stuffed this into my mailbox:
The problem is your age probably. I'm 22 now and working in a hardware store
(i don't know the english word... just call us dealer for now, we sell to
other stores not end-users). I started out here when I was 18
hey guys,
Any idea how can i run an FTP server behind a NAT.
I share DSL connection with my roommates using a router. But i want to
connect to my machine (RH Linux 7.2 which has an ftp daemon running) from
outside.
Any idea?
Thanks
-neo
- Original Message -
From: irado furioso com
IMHO, it is better to have the latest OpenSSH running, wich carry little
secure things like scp (secure copy) and sftp (secureFTP).
Kartik Trivedi wrote:
hey guys,
Any idea how can i run an FTP server behind a NAT.
I share DSL connection with my roommates using a router. But i want to
22 matches
Mail list logo
