You can check the IP with the interface :
When u rcv a packet from the external interface, deny packets which come
with local IP (192.168.XXX.XXX or 172.16.XXX.XXX or others as non
routing IP : 10.0.0.10,etc.)
U can also just allow locals IP (if people don't have to send mail out
from your LAN)
An
Quoting Frank Cheong <[EMAIL PROTECTED]>:
> I received complains regarding one of the image on my web site has been
> modified by a PORN picture ! While the image have resumed normal during
> the second visit.
You say you have had complaints, but don't state if you have seen it or
not. Can Y
On 25/11/02 13:53 -0800, Fred Hoot wrote:
> We have outlawed all instant messaging products and purchased a private
> messaging software (Active Messenger). It is internal and can be accessed
> via our VPN connections between offices.
Any reason not to use Jabber?
Devdas Bhagat
Every administrator I have ever met restricts that type of traffic because
it is a security risk and for bandwidth reasons. For instance, Yahoo
messenger maintains stale connections when the other person goes offline,
AIM has several buffer overflow exploits, and ICQ can be spoofed and
tunneled thr
On Tue, Nov 26, 2002 at 12:53:11PM +0530, Sumit Dhar wrote:
> Hello Everyone,
>
> Here is something I would like to do: (Could someone tell me if it is
> possible on Linux)
>
> -Every user's home directory is encrypted. No one other than the user
> (including root) can read the files/directories
Absolutely not. Any Internet based IM goes out of your network nd across
the Internet. BAD, BAD, BAD. Now, there are some NEW products that allow
for INTERNAL IM, AOL, Honey-something I think and MS to name a few. This we
are investigating. Also, it allows for a direct connection betrween the t
Yes Win2k use EFS but it can use it user base(If i am not
mistaken)
Sys adm have a privelage to access all files..
It can be a solution for this problem.
---
Doesn't Win2K's encrypted file system support this?
Sorry if I'm wrong, not a Windows kinda guy.
- Original Mes
From: "tony toni" <[EMAIL PROTECTED]>
We currently are allowing web based chat and instant messaging. I know
that there are lots of security issues involved with its usage. The IT
folks are telling me that it is a common practice in the industry. I have
a hard time believing this and this is o
Hi,
We currently are allowing web based chat and instant messaging. I know that
there are lots of security issues involved with its usage. The IT folks are
telling me that it is a common practice in the industry. I have a hard time
believing this and this is one battle I would like to take
>In my experience, Microsoft operating systems send a lot of pings to the
>Master Browser. Not sure why.
>
>Eric Schroeder
If it's a Windows network, Eric probably got it right. I have recently noticed that
sometimes, on my Windows 2000 (AD) network, when I am about to print something (I
think
Yep, you are correct. It is RC4-40bit, I believe. Problem is, it is
NOT just password protected. It uses a mini-PKI (unless you have a real
PKI) and only that user's cert or the admin's can recover it. If both
certs are lost, so is your data.
As a side, the laptop recovered last fall by a repo
How does passwd determine if a password is based off a dictionary word or
not? Is there a file somewhere it references, a dictionary built into the
code, or a algorithim it uses to check the password?
Thanks,
Russell
I am writing a security paper on protection of intellectual assets in email via a
layered approach to
secure communication channels when dealing with client to server, and server to
server, mail exchange.
I am including how to use TLS (formerly ssl) to encrypt between mail servers, client
to ma
On Tue, Nov 26, 2002 at 03:39:12PM +0200, Geoffrey O'Connell wrote:
> Good day.
>
> Are there any free programs out there that I can use for custom packet
> generation (packet spoofing)
> Basically looking for something like HPing2 or WinInject that runs on
> Windows 9x. I know I could have
> foun
Could this not be part of the login script that unpacks a gpg file on
login? The only issue is re-packing the information, and removing all
files put the encrypted package, I guess a deamon that watches login
could do that part
You will also need an exclude list, if your providing webspace to
On Tue, 26 Nov 2002, Rick Darsey wrote:
> What format is the data in? Excel will let you password protect a workbook.
Trivial to crack, like all Office products.
Mike
My suggestion is to take the low road and perform some security awareness
by educating the user base that web chat and IM are not encrypted and
may be subject to monitoring by the company and anyone outside of the company
network willing to run a packet sniffer.
On Mon, Nov 25, 2002 at 01:56:25PM
Here is a good article from Security Strategies:
http://esj.com/columns/print.asp?EditorialsID=116
On Mon, Nov 25, 2002 at 01:56:25PM -0800, ONEILL David J wrote:
> Good Luck ... We got shot down in Flames, no matter how we packaged it.
>
> David J. O'Neill
> NEDSS - IS7
> Parkway Bldg., 2nd Flo
Ops, I am using Iplanet 4.0 SP3 and is going to upgrade to Solaris 8 IWS 6
SP4.
Frank
- Original Message -
From: "Lim Ghee Lam" <[EMAIL PROTECTED]>
To: "frank" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, November 26, 2002 5:15 PM
Subject: Re: Part of the web page being MODIF
> -Original Message-
> From: Frank Cheong [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, November 24, 2002 11:37 PM
> To: [EMAIL PROTECTED]
> Subject: Part of the web page being MODIFIED !
>
>
>
>
> I got one serious question that is I received complains regarding one of
>
> the image on my web
first i would sigjest getting a distro that takes a little less work out of
the box... a firewall is only as safe as the box running it... as to rules
and such i would sigjest getting your hands on a copy of Linix Firewalls by
Robert Ziegler (
http://www.amazon.com/exec/obidos/tg/detail/-/073571099
On 26/11/02 12:38 -0500, Ben Corman wrote:
> How would you built that ruleset automatically from a database? We are
> running a PIX here, and there has been some discussion about doing this
> exact thing, but no one can figure out you would go about doing that.
I think this might be useful to other
I wouldn't advise excel password protection - that's very easy to break
- and it's not encryption, it's just password protection.
mas
>>> "Rick Darsey" <[EMAIL PROTECTED]> 11/26/02 08:03AM >>>
What format is the data in? Excel will let you password protect a
workbook.
You can also turn on encry
On Mon, 2002-11-25 at 13:28, netsec novice wrote:
> Can someone enlighten me as to what exactly is being attempted when
> outsiders send all of my public addresses an rpcbind service request?
They want to know what services each of your computers are running.
If the these are Unix computers, they
Hallo Rok Pintar,
am Freitag, 22. November 2002 um 15:05:16 schrieben Sie:
>> Not that I have heard of. Physical access is root access and all that.
>
>http://www.cisco.com/global/EMEA/networkers/presentations/SEC-211_Klaus_Lenssen.pdf.gz
> Look at page 74.
> Regards,
> ROK
Regarding this to
I have a client who has MS proxy server 2.0 and a NAT firewall. I have
already been able to exploit it. I am recommending they get a regular
firewall put in place and dump all the rest. They however dont want to
spend too much $$ on the project so I was thinking why ont a linux firewall?
Having
A "well-configured CFS" system may solve your problems...look for "Ciphering
File System" in Google
Nos vemos
David
> Hello Everyone,
>
> Here is something I would like to do: (Could someone tell me if it is
> possible on Linux)
>
> -Every user's home directory is encrypted. No one other than th
I think if you ban file transfer connections and direct connections. You
should be alright from a security standpoint. Not really sure how you could
do it though =/. I know most of the java web clients support these features,
so I really don't see any security differences between the regular
You can either use netstat -nao (which is with XP) or use fport which will
give you a listing of ports with PID numbers, to extend on that you can do a
tasklist /svc to show a list of services mapped to each PID.
dk.
- Original Message -
From: "Chew Yean Tai - FOS" <[EMAIL PROTECTED]>
To:
> We currently are allowing web based chat and instant messaging. I know
> that there are lots of security issues involved with its usage. The IT
> folks are telling me that it is a common practice in the industry. I
> have a hard time believing this and this is one battle I would like to
> ta
Personally, I have not tested PEAP so I can not say. I am currently
researching the issue. There are some other potential products available
(all in the same box), such a blue socket. Each has their advantages and
disadvantages. I would still wait to see the new products coming out in
1Q03, Wi-FI
We developed what you're looking for here. It is an iptables script that
uses a csv file passed from our billing system(rodopi) to accept/reject
customers on the basis of their mac address...
http://yabmas.sourceforge.net/
-
Robert
I have some highly confidential data that I frequently access on in a
folder that is on my desktop computer (ie win2k). I want to make sure >no
one but me will able to see this data. Does anyone know of any
>freeware\shareware that will 1) en-crypt the data in the folder >and/or
2) require a
Charles,
Here is a clip from an article in network magazine:
Source routing can be strict or loose. Strict source routing lets a manager specify
the path through all the routers to the destination. Return responses use the same
path in reverse. Loose source routing lets managers specify an addr
On Mon, Nov 25, 2002 at 04:37:14AM -, Frank Cheong wrote:
hi,
This seems rather interesting. As you mentioned the reason for this could be coz of
some kind of poisioning enroute. This could be very difficult to detect. One thing you
can do is to find out from which ips these complaints aris
> Thanks to everyone who responded... the verdict is definitely dshield. I
> was considering making it standard practice to block these addresses at
> my firewall and update on a weekly basis. I'm interested in what others
> think about this - recommended/valuable or not? So far I haven't seen
>
try arpwatch, this does exactly what you are looking for...
it stores all detected MAC/IP number combinations in a database and
reports new entries, changes, etc using email. And it is open source
and have it running on linux and FreeBSD. I have good expiriences with
arpwatch..
This does not prot
Hi Tony,
We have outlawed all instant messaging products and purchased a private
messaging software (Active Messenger). It is internal and can be accessed
via our VPN connections between offices.
People bitched, but with top management support, we were able to follow
through. It IS interesting
I hope this helps:
http://www.chkrootkit.org for trojans.
also you can try nmap for port scanning that is
http://www.insecure.org/nmap
but still you haven't mention what webserver you are running.. I assume
you are running apache.. You need to check for the latest version.
Best Regards
LIM GHE
Good day.
Are there any free programs out there that I can use for custom packet
generation (packet spoofing)
Basically looking for something like HPing2 or WinInject that runs on
Windows 9x. I know I could have
found this on Google myself but it's hot today and I can't think.
Thank you.
Geoffrey
On Mon, 25 Nov 2002 11:31:43 -0800 (PST), H C wrote
> However, I think my point stands...the OP didn't post
> (a) the actual contents of the rules themselves (he
> may have modified them in some way), or (b) his web
> logs, so there's no way anyone on the list can do
> anything other than offer adv
Have you seen the cisco website and search for
'password recovery' then choose your product?
Michael
__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
>If you have physical access you can still open the box pull the NVRAM
>and your back in business.
>in response to: What about physically disabling all the external ports ?
If you pull the NVRAM and place it in another router ? Otherwise I don't
understand after you physically disable (remove ) th
Hi Lim Ghee Lam,
Actually I am running a SUN Solaris 2.6 on a Ultra 10 and the web site has
been protected by firewall so that only HTTP access from the public is
possible.
Do you really think there are trojan on my webserver ? How can I know the
real cause ?
Frank
- Original Message -
F
There must be a way to do the password recovery.
You just go to cisco website and search for 'password
recovery'then just choose the one suitable for your
router. and it should work.
Michael
--- "Vachon, Scott" <[EMAIL PROTECTED]>
wrote:
>
>
> >After asking a few other engineers who work more
VPN over 802.11x is not secure at all. I have seen several demonstrations
of various "Main-in-the-Middle" attacks on 802.11 networks which have broken
the secure VPN connection. These type of attacks are well known, and
becoming more common place.
AirDefense (registration required) (http://www.a
You can check the IP with the interface :
When u rcv a packet from the external interface, deny packets which come
with local IP (192.168.XXX.XXX or 172.16.XXX.XXX or others as non
routing IP : 10.0.0.10,etc.)
U can also just allow locals IP (if people don't have to send mail out
from your LAN)
An
Not exactly freeware or shareware, but one of the best & cheapest
devices on the market for totally secure access that I've found thus far
is KeyDrive - basically a USB device/keyring that, when unplugged hides
the designated, encrypted drive space on your machine. Files are
encrypted/decrypted on
I was not aware you could manually define the routing that packets would
follow (without configuring the routers). Or do you mean I would just choose
to spoof an IP that is downstream from me, so that I am sure the traffic
will pass me by on its way to the host? Wouldn't dynamic RIP make the route
What format is the data in? Excel will let you password protect a workbook.
You can also turn on encryption in Windows 2000. You have to be running
NTFS. If you setup encryption on your system, and password protect the Admin
user, the the only way someone can open the file is to set them up with
Hello Everyone,
Here is something I would like to do: (Could someone tell me if it is
possible on Linux)
-Every user's home directory is encrypted. No one other than the user
(including root) can read the files/directories of that user.
-Every time a user logs in, he/she will need to give a passw
How many people complaint? If the image has not changed on your server
and the code on the web page is still the same than I would wait for it
to happen again t someone else. You are trying to troubleshoot a maybe.
As a precaution go through your web logs and all the error logs see if
you fin some
Doesn't Win2K's encrypted file system support this?
Sorry if I'm wrong, not a Windows kinda guy.
- Original Message -
From: "Shane Lahey" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Friday, November 22, 2002 10:29 AM
Subject: RE: Protect folder data.
> Why n
Erick Arturo Perez Huemer wrote:
>
> I am about to install a RedHat 8.0 box with iptables to act as our
> firewall for our internal network that consists of 20 machines.
>
> Besides doing a -j drop on our external interface when receives a packet
> with source equal to our internal network, what
I'd also recommend Agnitum Outpost Firewall. If you've ever had the
chance to run the now obsoleted Atguard firewall program, This program
I think surpasses the features of ZoneAlarm and Atguard and probably
many others without the flashiness.
On Thu, 21 Nov 2002 21:19:07 -0800, you wrote:
>Have
Hi Frank,
Have you tried using any file integrity checking ? A better one is like
md5 checksum.Have you consider using tripwire or the like ?
Session hijack in my opinion unlikely, normally happen on telnet, rpc
connections which are in ESTABLISHED state.
To me it looks like more of arbitrary co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You should block ALL private IP ranges, both ingress and egress from
your firewall.
This also entails 192.168.0.0/16 and 172.16.0.0/12 including the
10.0.0.0/8. Other good things to block:
Internal IPs on the exteral interface
127.0.0.0/8 (loopback) o
Good Luck ... We got shot down in Flames, no matter how we packaged it.
David J. O'Neill
NEDSS - IS7
Parkway Bldg., 2nd Floor
Phone: (503) 378-2101 ext. 364
FAX: (503) 378-2102
>>> [EMAIL PROTECTED] 11/25/02 01:48PM >>>
Hi,
We currently are allowing web based chat and instant messaging. I
You can check the IP with the interface :
When u rcv a packet from the external interface, deny packets which come
with local IP (192.168.XXX.XXX or 172.16.XXX.XXX or others as non
routing IP : 10.0.0.10,etc.)
U can also just allow locals IP (if people don't have to send mail out
from your LAN)
An
Yes but some or most of the routers in Internet are denying source routing
in packet headers for security reasons, then what ? The best way leaves
"man in middle" ?!
And about sequence numbers, every distro is using different algorithms
about generating them, isn't they ?
On Fri, 22 Nov 2002,
Hi,
arp has all functions u need. If i understood right. Download arpwatch for
collecting mac's and informing u about new macs.. changes.. everything.
nice product, btw.
On Fri, 22 Nov 2002, Ian Lyte wrote:
>
> Hi,
>
> If you use ettercap with the -O option it passively scans the network fo
Try Getmac.exe from Microsoft for your Windows-based computers.
http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/getmac-o
.asp
For non-Windows devices, the somewhat shady Cain and Abel will work.
http://www.oxid.it/
Glenn
-Original Message-
From: Johan Denoyer [mai
I got one serious question that is I received complains regarding one of
the image on my web site has been modified by a PORN picture ! While the
image have resumed normal during the second visit.
After receiving the complains, I have of course double checked the GIF
image's filesize and
>>>(1) ssh tunnels, in particular tunneling PPP over ssh
>>> (+) easy to setup
>>> (-) only works linux-linux
>>> (-) tunnels everything over tcp.
this is not right FSecure is for Window$ Client/Server
there is also a free version OpenSSH for Window$
Mit freundlichen Grüßen/ sincerely yo
64 matches
Mail list logo