I have a question about naming conventions.
What is the security communities recommendation on naming servers? Is it
safe to name a server by the function the server provides? We are currently
looking at renaming our entire domain since there are 4 or 5 different
naming conventions currently
Hello John
first, if your customer is willing to spend some $$ in having a Windows NT
Server why isn't he willing to spend
some $ in Security?? ;-)
Ok a quick search in google revealed a product called Integrity Master
http://www.stiller.com/intmast.htm
I haven't used it yet, but its cheap
I've done crudely using snort, some long arguments, selective ports, and piping it
through strings. It let you see what was going on, but it wasn't pretty.
-Original Message-
From: d'Ambly, Jeff [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 04, 2002 2:22 PM
To: '[EMAIL
There is a program called FPORT it tells you what is using a certain port.
Download it from. www.foundstone.com from there turn delete turn off or do
whatever you want to that program. you could also always download zonealarm
from zonelabs.com but then again. That would allow you to block it.
I now what it does, but is there a program that will let you run this
manually???
Thanks
Marty
_
Send and receive Hotmail on your mobile device: http://mobile.msn.com
Walter wrote:
Who can tell me something about it? What is it? how it works? how to prevent
it? wich systems affects?
Thanks for all you can tell me.
Do a search on securityfocus.com (home of Bugtraq and these lists)
and your question will be answerd.
Grtz, Jan
--
Dutch Security
I'm sure Sun has some sort of Solaris certification,
http://suned.sun.com/US/certification/
but that won't be cheap.
Depends on country. Most tests are $150. SCSA requires
two tests, SCNA is one more. Some Java certs, other stuff.
Check out this site. I know there are a few programs out there that do
it much easier than using a PS for it.
http://www.zoranjuric.com/2spy/faq.htm
Chris Chandler
MCSE Windows 2000 NT4, A+, Network +, MCP-I
-Original Message-
From: d'Ambly, Jeff [mailto:[EMAIL PROTECTED]]
Sent:
Based on what I see at work for our positions, Microsoft certifications
are good to get your foot in the door, but Cisco certifications show
some degree of determination to pursue something difficult. CCNAs are
not too difficult to get but impress people sort of the same way that
Novell CNAs
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
www.tripwire.com
For nt.
Eric
- -Original Message-
From: jason [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 04, 2002 11:05 AM
To: [EMAIL PROTECTED]
Subject: Server IDS?
Does anyone know of any server level IDS products, such as
Check out the Cisco Host IDS. This is truly a great product.
http://www.cisco.com/univercd/cc/td/doc/pcat/nerg.htm
http://www.cisco.com/warp/customer/cc/pd/sqsw/sqidsz/
-Original Message-
From: jason [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 04, 2002 9:05 AM
To: [EMAIL
Get the Entercept/Cisco Host based IDS. Excellent product.
-Original Message-
From: jason [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 04, 2002 11:05 AM
To: [EMAIL PROTECTED]
Subject: Server IDS?
Does anyone know of any server level IDS products, such as tripwire,
that exist for
Do you know of a free or cheap IDS solution for the Cisco Pix Firewall. I
don't want to buy their hardware IDS ().
I think that Syslog Server is not enough. I need something that can
identify the attacks and that can send emails
Mathieu
P.S. What do you think of www1.dshield.org... is it
Hi everyone,
I try to use snort on windows2K platform.
but I don't want to do my own script because i don't know what can I put
in then...
could you explain me:
- how works the script?
- what can I put in my script?
- could you give me some script please if you had?
thanks
have a nice day
Paul
The concern about having more compared to less is valid. But I guess you
must evaluate how much more you are getting for the resources you are
spending on the problem.
Using HTTPS (SSL) the data payload is encrypted using a well tested
solution(not using the Export Administration
I know what it does, but is there a tool out there
that I could use to search my network with only the
MAC and find the IP that is bound to it?
Thanks Marty
Yes, this IS loopback, 'cause it between 127.0.0.1 128.x.x.x. All the range of this
IP's
reserved. However, it is REALLY BAD - i don't know this ports (49847 and 5460). The
way to
solve this problem is to add a rule to Snort database, which permits all loopback
traffic
from network (it's
On Tue, Feb 05, 2002 at 05:41:54AM -0800, Stanford wrote:
How secure is HTTPS?? The question being discussed is:
Should people's private information (medical,
prescription, banking, etc.) be sent over HTTPS or
should a VPN be involved with HTTPS? I always follow
the practice of better to
[shrip] Blocking ports are different from shutting down ports. Also
terminating connections to ports in connected ports is different.
Unfortunately, the only way I can think of is to use an application like
fport to figure out which application is using the port and kill the app.
And then install
yes, spammers harvest email addresses from securityfocus lists. i have
sent
emails to various SF lists using new (never before used or publicized)
email
addresses associated with new domains, and have started receiving spam at
those addresses within 48 hours. Since many SF lists are mirrored at
Yes you can actually log AIM conversations.. A lot of clients have
features that do so, but in the AIM's client, you can download an
add-on for it. here is the link:
http://yourpage.blazenet.net/jbeatty/logginghack.zip the instructions
are inside the ZIP.. but in case they aren't here:
1.)
How does opening port 12345 fight off netbus? I thought that port 12345 is
the auto-update port that trend listens on for its server calls.
Blevins
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 04, 2002 10:28 AM
To: ASBB11
Cc: [EMAIL
Hello all.
I am a Programmer/Administrator, and I need help with 1 server of mine. Just
ideas, not money. :-)
Well, this guy i work for, has a win2k server at an ISP servers farm,
connected to the internet, with an ext IP. (192.XXX.XXX.XXX). Since he is
cheap, he won't authorize me buy (almost)
[shrip] BlackICE has caused crashes on our WindowsNT Machines.
|-Original Message-
|From: garren [mailto:[EMAIL PROTECTED]]
|Sent: Tuesday, January 29, 2002 12:11 PM
|To: [EMAIL PROTECTED]
|Subject: Feedback on BlackICE...
|
|
|Hi all,
|
| I am looking at BlackICE and wondering if
24 matches
Mail list logo