Hi,
Proxy / Spoof what ? Unless the destination
knows the source IP, there is no return path.
Remember packets don't leave a trail of bread crumbs so that they can
find their way back ;)
-b
On Thu, 14 Nov 2002, Meritt James wrote:
> Proxy. Spoofing.
>
> Bill Hamel wrote:
> >
> > Unless I a
Hi,
You can use group policy to do this... or going on each workstation
disabling it manually from the internet options.
Michel B.
> -Original Message-
> From: steve baker [mailto:[EMAIL PROTECTED]]
> Sent: mercredi 13 novembre 2002 14:25
> To: [EMAIL PROTECTED]
> Subject: Internet Exp
tony tony said:
This is quite easy to do, and in no way is a vulnerability in your firewall.
Bonzi does this to attempt to generate sales, using an environmental
variable of the web server (which in this case, is your IP address) and
implants that in a dynamically generated script which shows you
I just came to work at a new company, and I have been doing the standard
auditing and such to see where the company stands from a security point
of view. Nothing looks as if its been compromised in the past, which
should keep me from having to rebuild anything, but one thing I noticed
on my SSS sca
steve baker wrote:
> How do I get rid of this? For some reason, I cant find a local
> policy, nor a setting in IEAK 6 that will allow me to turn this off!
> I dont want users to save their account names much less their
> passwords when accessing my intranet - or web apps!
Tools > Internet Options
You need no protection. The PIX will withstand what is put against it.
All the advice you are receiving about BDS fw, IOS FW and the like doesn't
address your specific need.
Key being. You are terminating IPSEC. You put another FW in front and you
risk losing the IPSEC.
I work with PIX dail
Yes,
google "TCP session hijacking".
The possibilities are limited by your access to the network path between the endpoints.
If you have share a LAN with one of the endpoints you can poison the ARP cache of the
endpoint and insert a "MAC-layer" proxy, if you can tap the ONLY link between routers
Hello All --
I have been researching the PATRIOT Act as it relates to data protection.
Essentially, the Act requires financial institutions to gather information
regarding terrorists and suspected terrorists, and monitor accounts which
they maintain for any links to the suspects.
I am interes
I know I don't have all the expertise that a lot of the people on this list
probably have - so PLEASE take it easy on me for responding to this.
I too have had a 'network engineering' team make this suggestion, and get it
passed (over my objections). Even though I brought up a lot of the reasons
On Tue, 2002-11-12 at 22:09, tony tony wrote:
> I was doing security research on the internet at work yesterdaywhen all of
> a sudden I got a pop up advertisement that stated that I was broadcasting my IP
> address to the entire internet. It then showed a screen with my IP address
> which was
Most people configure their firewalls to hide all of the addresses behind
the firewall using the firewalls ip address. This does pose certain
security concerns as far as information gathering goes. But there are
other ways to determine firewall IP addresses. But there are ways to
overcome th
Your admin is right. In order for you to be able to pull data from the
Internet, or any other system connected via a network, you have to give the
destination system an address to reply to, hence your IP address. Knowing
the IP address of your firewall is not a major issue, not if your firewall
i
On Tue, 12 Nov 2002, tony tony wrote:
> I was doing security research on the internet at work yesterdaywhen all of
> a sudden I got a pop up advertisement that stated that I was broadcasting my IP
> address to the entire internet. It then showed a screen with my IP address
> which was the the
I think it depends... I know for sure that ettercap (on linux) can
hijack a tcp connection and inject whatever data the intruder wants
(it's child's play for instance to hijack a telnet to a router and send
back to the operator fake answers from the router)...
But in order to do that it has to b
Hi Ed,
I believe in the original post, the poster was concerned that the IP
address of their firewall showed up in a pop-up using a browser, and how
to keep that from happening. This would suggest outbound port 80 activity,
maybe SSL. I am assuming this is the external address of the firewall.
Al
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
My regrets on my message posted on this topic, I misread what you had said, the
message is not currently on the list yet, but I go on to say your firewall admin is
basically incompetent, but apparently, I am :)
I thought you were saying that your
Tony,
It is certainly possible to capture the IP address of the external interface
of the firewall. Something as simple as a tracert could identify this on an
open session. It would certainly be improbable that one could capture the IP
address of anything within your internal network space unless
17 matches
Mail list logo