Tried that KB article already. Does not work. I just need the IIS service to
listen to 80 on the IP that I want it to.
Cheers
Gill
-Original Message-
From: Craig Humphrey [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 25, 2002 5:05 AM
To: '[EMAIL PROTECTED]'
Cc: [EMAIL PROTECTED]
Ok, first and foremost, thank you for your reply :)
I just wanted to make some comments:
>
>SSH first and foremost is a terminal program. I believe your first
>post was something to the effect of "Telnet over SSL, or SSH, help me
>decide".
I was NOT the original poster to the list. I wanted
No I would say it is a most a form of brute force, but pure brute force as
most people consider it would be
a
b
c...
aa
ab
ac
...
aaa
aab
abb etc etc
Shaolin
.: http://www.security-forums.com :.
Share your knowledge
It's a way to achieve
Immortality.
-
You may want to search the list... there was alot of comparison done
between N/H-IDS'
[EMAIL PROTECTED] wrote:
>Hi everyone!!!, I'm an EDP auditor and I want to know some commentaries
>about the use of Snort IDS...I'de like to know if anyone recommend it and
>if it's a good choice to install i
*shrug* Depends on your definition I guess, but if you use software like LC4
from @Stake running the dictionary attack with variants is WAY faster than
brute force for anything but a truly good password. When I first tested it,
it cracked one of my low security ones that had mixed case, number
Well, in general usage, a dictionary attack and a brute force attack are
considered different things. Whereas a dictionary attack attempts to
exploit the well documented phenomenon that the vast majority of users
choose passwords out of a very limited range of the available 'symbol
space', i.e. di
Hi there,
concerning the program it is a bit Computer Science oriented, if you are
interested in doing it either online or on campus why don't u have a look at
these:
USA:
http://www.capitol-college.edu/academics/grad/msns.html
they offer MS in Network Security and there program is Interestin
I go to the following URLs for computer security news pretty much
daily. Anyone have any place else that I could look for that specific
type of news (I have other general news sites, but they are not
generally specific enough).
http://www.atstake.com/security_news/
http://www.securityfocus.com/n
I am looking for information regarding the insecurities and vulnerabilities
that exist in Network Address Translation. One of our admins feels that
because everything is NAT'd that there is no way anyone can break into the
systems that are NAT'd. I know that this is not a completely accurate
sta
I tend to agree that this has already been aswered, but I'll say it in
another way so we can get past this.
SSL-Secure Sockets Layer: Basically an add on bandaid type approach to make
inheirently insecure connections like telnet and ftp more secure by
encrypting transmissions at the SOCKET le
Hi All,
Is there any utility which provides information on the owner(?)
of a socket on Win NT/2k? What I want, is to find out which process has
opened a socket on the machine. For example, if netstat shows that a
process is listening on port 80, I should be able to use this utility
and fin
Problem solved.
Initially I was using Zone Alarm. I created the trusted zone and created
host in the trusted zone. The trusted host was 127.0.0.1. Nothing seemed to
work. Changing IP to listen to port 80 also did not change the 0.0.0.0
mapping to 80.
I finally shut down zone alarm. started NEOWA
Yes, my IIS is not receiving any requests at all. Telnet to the webserver on
port 80 does not work.
Using IIS service manager to change listening port, also does not work.
When you guys were saying it is a feature of IIS to listen to 0.0.0.0, it
should be listening to
only the IP that the IIS is
On Mon, Sep 23, 2002 at 04:07:29PM -0600, [EMAIL PROTECTED] wrote:
> Hi everyone!!!, I'm an EDP auditor and I want to know some
> commentaries about the use of Snort IDS...I'de like to know if
> anyone recommend it and if it's a good choice to install in a
> financial organization.
We use snort.
>>Security Newsletters-TM wrote:
> I thought that using a dictionary is still considered brute force.
>
Call the set of all possible passwords the 'keyspace'.
Brute force is checking the entire keyspace. Dictionaries
represent 'human-friendly strings', say words easy to memorize.
This is a frac
You're right of course, and no need to apologize at all.
In my post I didn't mean to ask people to show me the gory details
of how to use SSH or SSL.
I believe the original poster asked about differences in SSH vs. SSL
when used as a remote login solution.
What I was just asking is different in so
2002-09-23-18:07:29 [EMAIL PROTECTED]:
> I'm an EDP auditor and I want to know some commentaries about the
> use of Snort IDS...I'de like to know if anyone recommend it and if
> it's a good choice to install in a financial organization.
I'm a security analyst working in a financial organization.
It's a "feature" of IIS5. By default it listens on port 80 on all available
IP addresses (0.0.0.0).
This can be fixed:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q238131&;
Hope that helps.
> -Original Message-
> From: Sarbjit Singh Gill [mailto:[EMAIL PROTECTED]]
> Sent: Tu
>Just one example: can I code a client/server applications and encrypt and
>do authentication with SSL/SSH tunneling ? I've no idea, not from the
>things I've read about those two. Yeah, SSH is a secure login and shell
>for a remote system. That I know. It's more than that, isn't it ??
>I'm sorry
19 matches
Mail list logo