On Sat, Nov 09, 2002 at 01:10:11PM -0700, Vik Evans wrote:
hi,
My question is this: how does an attacker accomplish modifying a packet and
sending it; such as in a land.c attack - how does he modify the packet to
reflect the victim's source and destination IP and then send it onto the
wire?
Gene LeDuc wrote:
Sorry to be blunt, but someone who doesn't understand the difference between
UDP and TCP should not even consider setting firewall rules. You need to
buy a decent beginners level book on networking that covers tcp/ip
fundamentals.
-Original Message-
From: Roberto
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Comments below...
Vince Hillier
[EMAIL PROTECTED]
http://plutonium.homeunix.com
|-Original Message-
|From: tony tony [mailto:tonytorri;yahoo.com]
|Sent: Tuesday, November 12, 2002 2:09 PM
|To: [EMAIL PROTECTED]; Cisaca
|Subject: Company
On Mon, Nov 11, 2002 at 12:44:44PM -0800, Chris Berry wrote:
From: SB CH [EMAIL PROTECTED]
I use VNC, PC ANYWHERE and Terminal Service to remote control.
I would like to which tool is the most safeful?
As I know that the VNC is not safe as it transfers the ID/PW into plain
text.
VNC is
On Tue, 12 Nov 2002, n0rb wrote:
service pack = tons of hotfixes
check this ftp: hotfix.microsoft.com
Looks pretty broken to me
ftp dir
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
ftp: get :10054
and from a different ftp client
ftp dir
200 PORT command
i believe you are asking if it is possible to hijack a TCP session. is
this correct? absolutely it is possible, it is just a matter of spoofing
the mechanics for maintaining the session, the syn/ack numbers.
rant
let it be a lesson to you. using a non security feature to provide you
with
On Mon, Nov 11, 2002 at 11:04:50AM +0800, [EMAIL PROTECTED] wrote:
hi,
It is surprising that Y! makes a direct connection to the peer. I thot that Y!
connects to the server and that handles the communication.
And what is the vulnerability that u look at. Since the connection is a p2p
Retina isn't copied from SSS. I can guarantee you that. Marc Maiffret
(eEye's Chief Hacking Officer) aka former hacker 'chameleon' of MoD fame
(not to mention gullible enough to think terrorists were sending him
money for his stolen DISA files, only to mysteriously find half a dozen
special agents
WS_FTP server from Ipswitch?
SSL for both passwords and data.
Ability to _disable_ a lot of features that make the ftp protocol insecure.
Ability to force 128 bit SSL on connections.
Want to test it. They have a free 30 day eval on their site.
www.ipswitch.ca
Shaun
-Original Message-
On Mon, Nov 04, 2002 at 09:58:42AM +, SB CH wrote:
hi
Sorry for the late reply.
The bandwidth clogging depends on the content of the packet. If the packet were (say)
sent to port 80 , and that too an empty packet, it might be possible that the kernel
would drop it and send a RST to the
I think your admin knows more about this than you do and you should listen
to him. In order to be connected to the internet, you need an IP address,
it's that simple. Any half decent firewall has the ability to block certains
types of incoming requests including any hammering people can throw at
Give a look at Proftp (http://www.proftpd.org)
it's a real nice ftp daemon IMHO, secure and
flexible.
Regards,
P. Abrantes
On Wed, 13 Nov 2002 01:54:41 -0800 (PST)
IDS Guy [EMAIL PROTECTED] wrote:
Hello list,
I am looking for a secure FTP server which has less
vulnerabilities compared to
On Tue, 12 Nov 2002, tony tony wrote:
I was doing security research on the internet at work yesterdaywhen all of
a sudden I got a pop up advertisement that stated that I was broadcasting my IP
address to the entire internet. It then showed a screen with my IP address
which was the the
Dear list:
It's possible that a intruder could take active part of a TCP
connection after this was established?
In UPD I know this is true because is a connectionless
protocol. But I have doubts about TCP.
Depending on the location of the attacker this would indeed be possible.
He/She's
Hello list,
I am looking for a secure FTP server which has less
vulnerabilities compared to IIS. Besides
functionality, it is important to be tightly secure
not to have some vulnerabilities related with FTP
commands such as FTP PORT / SITE / NLIST.
Any recommedations comments are
Hi everybody,
MPLS (Multi Protocol Label Switching) seems to be a quite exotic technology since
it is
only interesting for providers or big companies, so my search for any known
weaknesses is
still a little bit successless. I only found a test report at mier.com, who
are
quite
1-Anyone knows the best mailing lists or websites to
post some questions about trojans?
While I'm not sure what it is you're looking for, I
would still suggest that you start by setting up links
or bookmarks to several anti-virus vendor's sites.
These usually provide pretty good information on
I was doing security research on the internet at work yesterday
It then showed a screen with my IP address
which was the the external IP interface of one of our companies firewalls.
if this firewall is used to route from your lan--internet then it is
logical that its adress could be
How do I get rid of this? For some reason, I cant find a local policy, nor
a setting in IEAK 6 that will allow me to turn this off! I dont want users
to save their account names much less their passwords when accessing my
intranet - or web apps!
HELP
Hello,
I believe switching on keep-alive would perhaps sove that one ...
knip
Windows 2000 TCP keep-alive behavior can be modified by changing the values of the
KeepAliveTime and KeepAliveInterval registry
entries (HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters). TCP keep-alives can
be
hello all,
I'm running a small windows LAN with a linux box as a
gateway connected to my ISP. This box is using IPTABLES as
a firewall and, most important, as a NAT translater
(masquerading, putting it simple) so that only one IP is
public and all traffic must cross the gateway.
I also
21 matches
Mail list logo