NAT by itself is not a firewall and only offers limited protection. For a quick
solution you might be able to use one of the security distributions of linux like
clark connect, ipcop, smoothwall. see www.distrowatch.com for a few. I think some of
them install snort when you install the disto.
We use the AIM protocol (although with some restrictions - no inbound file
transfers -
and Trillian, which supports encryption), and it's a valuable part of our
business tools.
If we were to remove this feature, it would be a noticeable detriment to
employee's
productivity. The most important co
> > I got one serious question that is I received complains regarding one
> > of the image on my web site has been modified by a PORN picture ! While
> > the image have resumed normal during the second visit.
Well, one thing I haven't seen mentioned/asked:
is this image hosted locally or include
The password check uses pam's 'cracklib' interface. For some details on
this features see /usr/share/doc/pam-0.75/txts/README.pam_cracklib
'cracklib' uses a wordlist from /usr/share/dict/words .
some details about cracklib:
http://www.users.dircon.co.uk/~crypto/download/cracklib,2.7.txt
On Wed,
Here is a site on IPF, which is similiar to IPChains, but with more
features. Good documentation on the site as well.
http://www.obfuscation.org/ipf/ipf-howto.html
-Original Message-
From: jh [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 26, 2002 11:21 AM
To: [EMAIL PROTECTED]
Subje
Dear Tech Gurus,
I was given the responsibility to setup a Linux Based Firewall. I am
looking at either Redhat, Mandrake and Suse
on intel platform and Sparc based.
I need your opinion on the following:
1. Which OS is considered the best suited for a firewall?
2. What are the application/softw
Try http://www.laurentconstantin.com/en/lcrzoex/
-Original Message-
From: Geoffrey O'Connell [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 26, 2002 8:39 AM
To: [EMAIL PROTECTED]
Subject: Packet Spoofing
Good day.
Are there any free programs out there that I can use for custom packe
Hi All,
Internet Illegal content viewing has always been an issue for corporate
organisations. Even a properly configured proxy server will not deny
someone receiving porn content through a web based email account.
Eventually, such content viewing during office hours leads to decrease in
producti
So far I remember, you can buy a boot cd for win2k.
Booting from this one, and you have access to encryped filesystems,
without any problems.
Well, I might remember wrong.
/Bent
-Original Message-
From: Nero, Nick [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 26, 2002 7:59 PM
To: d
I think were a bit off the original topic now. I really don't consider
physically damaging the router by ripping out the console port a viable
security method but sure if that floats your boat by all means destroy
the router and buy a new one if you ever need to "recover" your
destroyed one. /shru
you guys are lurking where the MicroBSD project is already cutting a
path.
On Tue, 2002-11-26 at 14:40, Ray Slakinski wrote:
> Could this not be part of the login script that unpacks a gpg file on
> login? The only issue is re-packing the information, and removing all
> files put the encrypted
Hello Everyone,
First of all thanks for the response. Am trying to respond to many people in
one go...
> The Cryptographic Filesystem and the Transparent Cryptographic Filesystem
(TCFS) I have seen for linux. The latter used the NFS framework to
accomplish is > stuff. Pam can be used to provide
Words by [EMAIL PROTECTED] [Wed, Nov 20, 2002 at 08:46:04AM +0100]:
>
> Hello, all.
>
> I would like to use VPN at linux?
> Do you know any recommendable program?
>
Yes. Free/SWAN is the best by far. I heard it was officially included
in kernels 2.5.x so it will come with vanilla 2.6/3.0.
We'
Try PGP freeware, you can download it from the net. You can encrypt specific
files. But if you lose/forget the password, you lose the file.
-Original Message-
From: Margles Singleton [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 27, 2002 3:34 AM
To: [EMAIL PROTECTED]
Subject: RE: Pr
MS Proxy server 2.0 is not a firewall in any sense, only a proxy.
Therefore, they have NO firewall.
Unless you are reffering to a different unit that is a firewall. If so, what
brand?
John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
www.reliancesoft
Your missing the original question I think. It was can you PERMANENTLY
disable password recovery on a Cisco router, and my answer was no not
with physical access to the device. If you have physical access to the
device you can always recover the router.
And yes I have seen my web site.
Cheers.
On Mon, 25 Nov 2002, LEHMANN, TODD wrote:
> I was not aware you could manually define the routing that packets would
> follow (without configuring the routers). Or do you mean I would just choose
> to spoof an IP that is downstream from me, so that I am sure the traffic
> will pass me by on its wa
Check out http://www.linuxvoodoo.com/howto/iptables/ for a great Netfilter/Iptables
tutorial
--
__
http://www.linuxmail.org/
Now with POP3/IMAP access for only US$19.95/yr
Powered by Outblaze
On 26/11/02 09:20 -0800, jh wrote:
> Having never set one up before and only having a little knowledge of linux
> where can I go to get a basic tutorial that just covers firewalls and linux.
http://www.linuxguruz.org/iptables/howto/iptables-HOWTO.html
http://www.google.com/search?q=iptables+howto
S
It's a part of cracklib...
Le mar 26/11/2002 à 21:50, ALBEE,RUSSELL. S FC2 (CV63 CS5) a écrit :
> How does passwd determine if a password is based off a dictionary word or
> not? Is there a file somewhere it references, a dictionary built into the
> code, or a algorithim it uses to check the pass
I personally don't like the idea of having to pull out the NVRAM.
I would just configure a user mode password for the console and AUX ports.
Any way here are some awesome links on how to secure cisco IOS routers and a
good secure BGP config to boot as well. I would be VERY careful
It's entirely a myth.
NAI acquired TIS and PGP and the two teams never intermingled, other
than both being on the 9th floor in Santa Clara. TIS was the only part
of the company that had any thing to do with Key Escrow.
The folks who ran the PGP group are the same group that are now
involve
Or IPSec alone. If you are not concerned with bandwidth issues from
wardrivers using your wireless network to access the outside world then
IPSec alone is enough to secure all your network data. A side benefit is
that visitors can use the network without network credentials to see the
outside world
From: Ted Yav <[EMAIL PROTECTED]>
My organization was considering buying PGP Corporate
for encryption. I have heard rumors, however, that it
was backdoored and therefore not totally secure. Does
anyone know whether this is true or just a myth?
I haven't heard about anything like that, make sure
Toni, David...
Have you (and your respective staffs) considered a compromise?
I don't know precisely how widespread business IM use is, but it is an expanding
market. If your end-users (and by extension, IT staff) see it as a business
requirement, it seems to me that the "battle" has already been
25 matches
Mail list logo