Hi,
do you know if is possible to define different roles and priviledges for
different users,
for example some users should manage only specified devices without seeing
the remaing ones,
and log their operations.
thanks
Carmelo
In-Reply-To: [EMAIL PROTECTED]
Hi,
It depends totally on the application you are using. Both TCP and UDP are
IP protocol types, and there are others like IP proto 47 (used by PPTP)
etc. which you would need to open in case the application needs it. As
always, do not open any additional
Consider espionage. The information goes out.
And what is worse, if someone uses something like scp/ssh, you might get a
whiff of it even if you are running monitoring tools.
Not only that, it becomes easier for a malicious user to attack other
companies if all outbound access is allowed. For
Dear list:
It's possible that a intruder could take active part of a TCP connection
after this was established?
In UPD I know this is true because is a connectionless protocol. But I have
doubts about TCP.
Thanks
Pablo A. C. Gietz
Jefe de Seguridad Informática
Nuevo Banco de Entre Ríos S.A.
Te.:
In-Reply-To: 001c01c2882c$53eec250$[EMAIL PROTECTED]
I believe that this can be done with tools such as dsniff. In =
addition, any
attack which uses ICMP protocol can easily be spoofed simply by writing =
a
small script. For example, using ping alone you can do the following =
by
1-Anyone knows the best mailing lists or websites to
post some questions about trojans?
2-What is the trojan I am most likely to get into our
systems? Whats is the best protection?
Thank you
Javier Marti
www.artwater.com
International Business Services
Translation - IConsulting - Design
From my point of view the only difference as you know is in connection
handling: tcp ist connection orientated and udp conection less.
You shouldn´t close ports - you should close al ports and only allow
needed ports. So you can figure out which ports are needed and if they
are udp or tcp.
Robert
an IP Address - not necessarily the originating individual. There are
a LOT of ways around that.
Jim
[EMAIL PROTECTED] wrote:
There is nothing new about finding your IP Address and display it on the web page.
--
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566
From my point of view there will be a big lack of security if you open all
outbound ports. Every application would have full access to the internet
- do you really want it?
More then 50% of all security risks are base insinde your network. So it
is very important to have an strict policy for
I don't know what you've been reading, but anything worth the ink its
printed with would give examples of that. TCP (connection oriented) vs.
UDP (connectionless) is one of the basic principles of Inet traffic...
you need better books my friend. Or go read some RFC's...
Mike Cain
CCNA/CCNP/MCSE
Joey,
Netattach was a storage company (NAS) that can got bought out be VALINUX
(Now VA Software)
The port probably had something to do with their product line. Could be a
bad assumption on my part.
Sounds like a scan looking for anything vice something specific.
Sorry cannot be more of help
Hello list,
I am looking for a secure FTP server which has less
vulnerabilities compared to IIS. Besides
functionality, it is important to be tightly secure
not to have some vulnerabilities related with FTP
commands such as FTP PORT / SITE / NLIST.
Any recommedations comments are wellcome.
I think there should be sth. like encrypted VNC - take a look
at google
R.
--
http://board.protecus.de - Firewalls, Security and more ...
-Ursprungliche Nachricht-
Von: [EMAIL PROTECTED]
[mailto:security-basics-return-15751-rsieber=web.de;securityfocus.com]Im
Auftrag von SB CH
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Monday, November 11, 2002 11:04 AM
Subject: Yahoo Messenger Stale Sessions
During my observation in daily use of Yahoo Messenger, my computer has
stale/zombie sessions. For
Tony,
Yes, that is a lousy advertisement designed to panic people into
stampeding to their site. I got the same message on my home PC. The sad
fact is that I agree with your IT manager. If you're going to do any
communication with the world, you have to have someplace for the world
to send
Yes, but GnuPG is licensed under the GPL, isn't it? You could use that as
an alternative. The downside to GnuPG, if it is an option, is that it's
done through commands, For those who don't want to type things out,
there's a program that I use under Windows (not sure if there's a *nix
Hi,
There is nothing new about finding your IP Address and display it on the web page.
They can even determine your arp addresses in some complex authentication method. It
is good to remind such advertisement utilizes social engineering as Edward mentioned.
There is nothing attacker can do if
Are there any authoritative references on the subject of combining
firewall and VPN server functionality (i.e. Nokia/CheckPoint) versus
separate devices (i.e. Cisco PIX, VPN3000)? There's plenty of
vendor-speak, and I've got my own ideas about KISS and firewalls, but
it's nice to have a
18 matches
Mail list logo