Hello All,
I have a similar question to the one that was asked earlier. I'm in 11th
grade and have pretty much made up my mind to take the path of going to
college. I was wondering if there are any good colleges that you might
recommend to me that specialize in networking security as a
I would recommend keeping it quite simple. Something along the lines of a
text file (or spreadsheet if you would like to make things complicated) and
PGP. Since this store is only going to be for personal use, there does not
seem to be a lot of need for a more complicated system. And since PGP
Yes you can do this, but it is an arduous task to maintain the list on each
client station. From IE, select the Tools menu, go to Internet Options and
select the Security Tab from the window that opens. Then click on the
Trusted Sites and Restricted Sites icons and click on the Sites button
Kartik,
You can get to the "command prompt" (kinda unix shell) with option number 24 and then
8 (i think). I haven't found any way of getting anything like packet sniffing out of
it, however you can enable a syslog server, (again through option 24) then the logging
page, however this appears
Victor,
If you are initiating the applications from the box that has the
ipchains on it, add a rule like this:
ipchains -A input -s 0/0 -d 0/0 -p tcp ! -y -j ACCEPT
This allows connections that you *initiated* from the box to accept part
#2 of the three-way tcp handshake, to establish the
Sounds like you need a directory service.
NIS will work. Although to have it work with Windows you will need Services
for Unix.
You may also want to look into LDAP. Sun seems to have chosen Netscape
Directory Service for LDAP and to replace NIS/NIS+.
-Matt
On Monday 18 February 2002
FWIW, I had a user's version of IE5 get flaky, would load a page, become
unresponsive for about 15seconds, then allow input. After patching,
updating IE fully, NAV found his system had badtrans and download.destiny
trojans.
CC
-Original Message-
From: Mark Sargent [mailto:[EMAIL
$.02 interjection:
using IPsec between boxes is for communications security, it has nothing
to do with host security, for which an entirely different set tools are
available. The main point here being: to sniff traffic between the two,
you have to be able to crack IPsec. (good luck!)
On Mon,
Hi,
the best way to solve your pb is to open your firewall, and to log NFS/samba traffic
generated for this case. (option -l, I guess). So, you will see which kind of ports
are used.
In my mind, you will have to open ports 137,138 139 for udp (and tcp ?) for netbios
traffic.
But check
Hi, Victor !!!
I'm not an expert but I've got a stand-alone machine running ipchains. I've
opened the ports 137, 138 y 139 for TCP and UDP. I think you should open them
but only for those machines you want to use SAMBA. I think you're trying to act
as a client so this is the actual state of my
I have not seen any discussion of suitability of the
XP firewall feature for home users. Any comments
are welcome. It's not real configurable or robust,
but sure is simple to impliment (which should be a
warning, I guess ;)
__
Do You Yahoo!?
with internet exlporer, go tools | internet options | security
select the restricted sites icon, enter sites that you do not want viewed on
your systems
i use this option to blox annoying popup ads. it works great.
# s17
# [EMAIL PROTECTED]
# http://sil-e.tk/
- Original Message -
Sorry If I doubled Posted, this list is much more
accurate to my needs though. TIA
I am running mandrake 8 (2.4.8) and am having a
tough time accessing port 80 from a machine
outside my LAN. The machine the webserver is on
is the firewall and has a direct connection to the
Try Reporting Module from Check Point.
http://www.checkpoint.com/products/management/reportingmodule.html
Cheers.
Kleber
Herold Heiko [EMAIL PROTECTED] wrote:
Is there any decent logfile analyzer for fw-1 out there ?
I can't go the commercial path like websense ecc (PHB problem), and
looking
tell them they arent allowed to go there.. make it an acceptable use policy
and if they break it. Then remove their account.
Jer
- Original Message -
From: Rob Weiss [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Monday, February 18, 2002 8:39 AM
Subject: Internet
Good day all,
I was wondering if anyone knew of online agencies (other than NetSol and
other domain registrants) where I can report someone's attempt to pilfer and
steal my domain name? Someone has already suggested I go straight to the
FBI on this, but that seems a bit extreme to me. Please
I'm very thankful that this list moderator lets us behaive in such this
matter. But come on guys what if this guy really needs some pen-testing
help. So i'm on the more serious side of me. If i was you professeur W00 i
would use telnet.exe and the latest happy hacker book from happyhacker.org
Yes there is a way, on internet eplorer 6 (and probably on 5) you can use
security option to forbiden sites of your choice, but every user on client
machine also can reset that list.
On internet explor 6 click on tab Tools-internet
options-security-restricted sites-sites
than put the addresses
http://www.techrepublic.com
A great resource!
-Original Message-
From: Stanford [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 19, 2002 12:36 PM
To: [EMAIL PROTECTED]
Subject: Security Manual - Due Diligence
Hello All -
I really need to create an Operations Manual type
security
Hi there,
Im very new in this list, and a newbie in cisco
administration, i would like to know ,if it is
posible,
how to capture the traffic on the router (or sniff it,
if you like), and send it into another pc on plain
text or whatever, or if its posible to keep it on a
file.
Sorry if
Hi Clay,
This is a good article on security and application
development:
http://main.linuxfocus.org/English/January2001/article182.shtml
Regards
__
Do You Yahoo!?
Yahoo! Sports - Coverage of the 2002 Olympic Games
http://sports.yahoo.com
This all depends on what operating systems you are using in your work
environment.
Although I do not know of any locations where one could find a listing of
hacking applications (mind you a check on SecurityFocus might turn up some
interesting results), an application which I find usefull in
I dont think so. Router is very very sophisticated BOX. You can work only as
is, consult your router documentation.
-Original Message-
From: Kartik Trivedi [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 20, 2002 2:16 AM
To: [EMAIL PROTECTED]
Subject: command execution on router
hi
On Sunday 17 February 2002 02:01 pm, Victor Usjanov wrote:
Hello
I am trying to run ipchains firewall on my computer connected to corporate
nettwork. I created a set of rules that let web and mail and ssh traffic in
and out, and it works just fine. But i got a problem with NFS and samba
take a look at http://uk.osstmm.org/osstmm.htm
THE OPEN SOURCE SECURITY TESTING METHODOLOGY MANUAL v. 1.5
-scm
On Tue, 19 Feb 2002, Stanford wrote:
Hello All -
I really need to create an Operations Manual type
security document or book/manual. Can anyone point me
in the right direction
see http://www.phoneboy.com/
http://www.enteract.com/~lspitz/logger.html
- Original Message -
From: Herold Heiko [EMAIL PROTECTED]
To: Security-Basics List (E-mail) [EMAIL PROTECTED]
Sent: Monday, February 18, 2002 10:42 AM
Subject: Fw-1 logfile analyzer ?
Is there any decent logfile
http://fwlogsum.sourceforge.net/
Is there any decent logfile analyzer for fw-1 out there ?
I can't go the commercial path like websense ecc (PHB problem), and
looking at them with eyeball and memory really won't do any good :(
Quoting George Murphy CCNP/DP ([EMAIL PROTECTED]):
Actually now would seem a good time to develop your own best procedure.
Use all of the common auditing priciples, research any weak points of
the PIX, the version of code they are running and even scan it if you
wish. The following link
Ryan,
This site has information on reading logs, etc.:
http://www.robertgraham.com/pubs/
For Windows and Linux hardening, check out:
http://www.nsa.gov/isso/index.html
For Linux logs:
1)
http://www.oit.ucsb.edu/~eta/swatch/lisa93.html#Improved_Security_Logging
2)
Just a quick stab but you may try using the Restricted Sites feature in IE
under the Security tab or the Content Advisor feature in IE under the
Content tab. I have never configured these components before but a cursory
look makes me think you can accomplish what you are looking for with these
The problem with this scenario is that if you compromise the web box, you
have the private key to setup the tunnel through the firewall. But, if you
are looking at the traffic from another machine in the DMZ, the tunnel will
protect things like unencrypted database passwords...
In fact, I know
[shrip] I think the best would be to put all the passwords in a simple text
file and encrypt that text file with pgp (making it maybe into a self
decrypting archive), and remembering only the password to the pgp
encryption.
Shripal Meghani
Senior Software Engineer
nSecure Software (P) Ltd.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Aw, is it listed on Freshmeat? :-))) Your script looks good, I think I will be using
it when I'm working on my *nix box. Is it still actively developed?
Yipes, metacharacters? I always use them. :-)
rfc
On Tue, 19 Feb 2002 23:50:24 -0500,
Hello
how is you have only one eth and are providing firewalling?
I did some reading around about firewalls and understrood it like this that
even if you have just one eth on computer you can still run a firewall to
stop unwanted access to that very computer. It was not necessary to have to
Hi,
Hope this help : try www.phoneboy.com
It's full of ressources over FW-1 and in download section there some utilies
to parse logs
Max
-Original Message-
From: Herold Heiko [mailto:[EMAIL PROTECTED]]
Sent: lundi 18 février 2002 10:43
To: Security-Basics List (E-mail)
Subject:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi everyone,
Does anyone know of a good script (that they have successfully used
not
just read about) that works with Redhat 7.2? I wanted to use the
bastille
script but it seems to work only up to 7.1
Thanks in advance,
Leon
-BEGIN PGP
[EMAIL PROTECTED] (Monday, February 18, 2002, 11:29 PM) wrote:
I was wondering if anyone could suggest a good software application
(free/open source)that will enable me to store and organize my passwords.
Well, it's Windows-only right now, but I've found Password Safe to be
pretty handy,
I guess you have a router?
Not very tidy, but you could:
Setup ACL lists to block access to the IP addresses of the domains you want
to restrict access to...
-Original Message-
From: Rob Weiss [SMTP:[EMAIL PROTECTED]]
Sent: Monday February 2002 16:40
To: Focus-MS ([EMAIL
Thanks to everyone who responded.
Disclaimer: I have yet to try them out.
Most people pointed at fwsum, hosted at
http://fwlogsum.sourceforge.net/ and *another* fwlogsum hosted at
http://www.ginini.com.au/software/fwlogsum/
Another couple of tools are available at www.phoneboy.com, namely in
Stanford (Tuesday, February 19, 2002, 12:36 PM) wrote:
I really need to create an Operations Manual type
security document or book/manual.
If you have the time, read up on ISO 17799.
Or look at the Google dir, here:
http://directory.google.com/Top/Computers/Security/Policy/?tc=1
Content filtering should allow you to do this, you can specify allowed and
disallowed sites
Load IE
Select Tools - Internet Options - Content
And set up from there
Andrew Jones
Facts 2000 BOS Helpdesk
Meggitt Petroleum Systems
Tel +44 (0)2476 697417 Ext. 40
Fax +44 (0)2476 418210
[EMAIL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thanks for the replies.
I think I'm better off with using Password Safe for the meantime. It's small, no
hassles, no pretty GUI's, etc... I hope someone will port it to *nix soon so that I
don't have to worry whenever I am using it.
rfc
Hush
Oh I forgot to mention, one more thing I'm worrying about. I believe it's not
possible to track the state of UDP connections, and since I run a caching DNS
there will be some UDP traffic and I'm afraid my current rule set might drop
those packets. Does anyone know how to allow this traffic with
First solution is to install Net Nanny type of software.
Second solution is to disable internet access and only allow to surf
offline web pages which are periodically pull-down by administrators or
schedule task.
Andrew Chong, CISSP
Senior Systems Architect
- Original Message -
From: Rob
Hi all,
I need to setup a policy via the GPO which will make
my users change their passwords every X days.
My problem is that at least half of my clients are also
Novell clients and there is no automatic
synchronization between
Windows 2000 and Novell.
Is there any
Hello,
Does anybody know about a network backup tool which performs a backup
on disk and tape devices? I've already searched for these kind of
softwares, such as afbackup, burt, amanda, arkeia, etc. but they write
only on tape devices or they don't support networking. I appreciate
46 matches
Mail list logo