No Problem...
Just map port 21 (assuming you are using port21) to your internal redhat
box running the ftp daemon.
It is also called port forwarding. When a FTP request comes to your
router over port 21 your router will forward that request to the
internal machine you specify.
Hope this
I find that I can hardly call a single point of failure an advantage.
-Original Message-
From: Devdas Bhagat [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 08, 2002 4:29 AM
To: [EMAIL PROTECTED]
Subject: Re: Hardening VS firewalling ?
Another advantage of a firewall is that is
http://www.foundstone.com/rdlabs/tools.php?category=Scanner
fscan and superscan should work under XP. Have not tried them, but
I see no reason for them not to function.
I`m looking for a good port scanner that will run under Windows XP. My
wishlist for it that it scans TCP, UDP and stealth
On Mon, Jan 07, 2002 at 02:14:19PM -0700, Bill Walls wrote:
But this all boils down to some questions: How Secure do you think it
is? How usable do you think it is? Is it something I should research more
into (As a coder, I'm interested about the process management and such...)
What are
There have been quite a few alerts on cross scripting
and I'm somewhat confused on the issue. Assuming the
offending script is coming from an offending site (not
an e-mail with script code appended to victim url) and
victim site is a site where sensitive transactions can
only be initiated after a
It's not always the case. I'm 21 now and I am in charge of the network for
a 250-300 User publishing company running UNIX and NT machines (I've renewed
most of the network over the last 4 years). If you choose to do it the hard
way without CS degrees and such however, you should be prepared for
On Mon, 2002-01-07 at 21:53, Calhoun, Heath wrote:
I am attempting to block the multimedia search program kazaa on a pix 515
running ios 4.4.
Pinging the Kazaa website, I got a address of 213.248.107.10. The program
uses port 1214.
I need to block any access to the website and to the
win2k ports:
TCP/53 DNS zone xfer
TCP/135 RPC/DCE Endpoint mapper
UDP/137 NetBIOS name service
TCP/139 NetBIOS session service (SMB)
TCP/445 SMB over TCP (direct to host)
UDP/161 SNMP
TCP/UDP 389 LDAP
TCP/1433 MSSQL
UDP/1434 MSSQL instance mapper
TCP/3268 AD Gloabel catalog
TCP/3269 Global
Why Not Use Tacacs+ it's free and stable and secure
My 2 Cent's
A good resource for network gear reviews is Network Computing magazine. This
recent review might be of some help.
http://www.networkcomputing.com/1223/1223f2.html
-bryan
Well from a user standpoint I've seen severs log shell users out after
15 minutes of inactivity. For accounting its the same. I've seen
certain network applications lockup after 2 hours of no activity.
You can also look at email services like hotmail and yahoo that give
users selectable
Alok,
There are several types of tools for running audits. Most depend on what
you want done and the type of network you are working on.
The first thing I recommend is getting several books - there's a bunch of
reading to get you up to speed (I don't know your background - I am basing
this on
On Fri, 4 Jan 2002 10:29:07 -0500 Douglas Pichardo [EMAIL PROTECTED] wrote:
Revered security professionals:
Hi, my name is Douglas Pichardo and I am 16 years old. I live
in Virginia Beach, Virginia (USA), and I am in the 10th grade. I have been a
member of this discussion list for
ALok,
you may want to look at www.osstmm.org for the open source security testing
methodology manual for some help. It´s not all that yet but it´s a good
start. Especially the tools section in version 1.5. Version 2.0 is not yet
up and the draft that is listed there is not worth reading yet.
You may also need to set up WINS between the two networks.
Mark
-Original Message-
From: Dante Mercurio [mailto:[EMAIL PROTECTED]]
Sent: 08 January 2002 14:20
To: Justin Silles; [EMAIL PROTECTED]
Subject: RE: Windows networking ports
If you are using Windows 2000, try opening up port
If you don't know any other way to harden IIS then patching it you
seriously need to take a look at some good resources. If your running
any IIS boxes ask for help, you might need it.
Take a look at:
http://www.microsoft.com/technet/security/tools/tools.asp?frame=true
For IIS 5
On Wednesday 09 January 2002 11:22, Mark Ng stuffed this into my mailbox:
sortta the same with me although school tests proved i should be able to
get the highest grade of education i never did. totally f up my
education. let's just say I ain't happy in school. I can't learn in
Hi there,
my IDS is showing me strange activity on HP-UX box.
It's showing DDoS activity (TFN2K, Trinoo, Strech...).
Is there any tool for HP-UX (like find_ddos for Solaris) which
will help me find this tools on infected systems.
regards,
Ross
Hey Folks,
First off, let me take a moment to wish you all a very happy and
prosperous 2002 and to thank you for your contributions to Security-Basics
over the past year.
Now that the list is becoming busy again, I thought that I would send out
a reminder of a couple of courtesies that I ask
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NT4 will apply the most
restrictive rights it can, so if you have a user Joe Blow,
that is an admin and part of the local admin group(least
restrictive), but he is also part of the Domain Users (more
restrictive), he will only have the
Hi everybody,
I also had a problem in my test machine (Dell OptiPlex + Windows NT 4.0 WS +
3C905 network adapter). I installed tiny personal firewall and I liked it so
much; however, a few days after that, I had to reinstall my network
adapter's driver and my TCP/IP protocol because I wasn't
I've been listening to this debate for years and have to add the one ruling
factor that reality always requires: Money.
Firewall:
Box costs money. (Maybe not as much as you think... ranging from a silly
Linksys Router to a
Cisco state of art, plenty of room in there for an older box with a
AFA IDENT goes, FTP needs to reject it as well, for the same reasons.
On Tue, 2002-01-08 at 18:40, Bourque Daniel wrote:
Normally, you want your FW to be as invisible as possible (black hole) so
you just drop all incoming packet that are not specifically allowed in by a
rule. What you
23 matches
Mail list logo
