I've noticed recently on a few different machines entries like this:
GET /.hash=8148dd8cd5c884d62cab26ccfa1aeaa045eab116
GET /.hash=6baa50082310ba631358f57c8fb7eaadf752e055
Any idea what is going on here?
Is this some 0day exploit? Something old that is going round again?
Certainly nothing I
I paid a high monthly fee for my PPPOE connection. The damned ISP
offered only the client for M$ Windows. According to the packet dump,
they use CHAP for authorization and the CHAP challenge said it used
MD5. But when rp-pppoe MD5s the string of Identifier+Secret+Challenge
Value, the
Here's the set-up:
Wireless Home Network
- Linksys WAP
- Windows 98 (x2), Windows ME, Windows 2000 Professional, hardware/software based web
server
Now, here's the question:
Does anyone know of any free (or at least cheap) software out there that will allow us
to monitor
connection attempts
On Wed, 27 Nov 2002, Rick Darsey wrote:
Any software that he may use to lock the files can be broken by a person
with enough knowledge. I hardly think that a local sys admin will have
access to the brute force type that the FBI used. There is no completely
secure method of protecting data
How does passwd determine if a password is based off a dictionary word
or not? Is there a file somewhere it references, a dictionary built
into the code, or a algorithim it uses to check the password?
Crypt and libcrypt and cracklib. The dictionaries are in /usr/include by
default on redhat,
Hi listies..
i want to use an IDS together with my firewall which is mostly
homegrown. its iptables / netfilter and logs are written etc tho. whats
the best sollution, since i think snort for example brings its own
filter / rules ??
greets
--
BTW, FWIW, IMHO, AFAIK, yes. OTOH, AAMOF, maybe not.
I've noticed recently on a few different machines entries like this:
GET /.hash=8148dd8cd5c884d62cab26ccfa1aeaa045eab116
GET /.hash=6baa50082310ba631358f57c8fb7eaadf752e055
Any idea what is going on here?
Is this some 0day exploit? Something old that is going round again?
Looks like Kazaa
Harley,
Perhaps I'm not seeing where your problem lies. From
what you describe, you have 5 systems that you've
recently inherited, and they've been largely
unprotected since they were first turned on.
you can't simply firewall them off and leave them for
dead.
What are you saying? Are they
There are definitely solutions other than blocking Hotmail, Yahoo Mail,
etc. Nee cee mentions MIMEsweeper; more accurately he should have said
WEBsweeper.
http://www.us.mimesweeper.com/products/msw/websweeper/default.asp This
is an HTTP proxy that supports 3rd party AV products including most of
Is it possible to use the Jabber IM if you only have access to the internet
via port 80 (www) through a MS Proxy server? Does anybody know of any IM
clients that will work in this configuration?
Thanks,
Russell
-Original Message-
From: Sumit Dhar [mailto:[EMAIL PROTECTED]]
Sent:
In article [EMAIL PROTECTED], tony572000 (t) writes:
t I have some highly confidential data that I frequently access on in a
t folder that is on my desktop computer (ie win2k). I want to make sure
t no one but me will able to see this data.
Unless I have missed it, no one seems to have
Does anybody know of any good locations online to purchase old 486 machines
or low end Pentium machines for use as a Firewall and/or IDS? I've tried
searching on google and just keeping getting links to Pentium 4 computers.
I will be using either a Linux or BSD flavor on these machines.
Thank
WinPcap - packet capture software:
http://winpcap.polito.it/default.htm
Ethereal - Network Analyzer
http:\\www.ethereal.com
Free - and VERY good :-)
Chris A.
-Original Message-
From: John Vermaes [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 28, 2002 8:59 PM
To: [EMAIL
Download and run this... http://www.chkrootkit.org/
It could be that the RH boxes are the firewall.
Also, some people feel that a firewall is unnecessary if you don't run any
services that are vulnerable to attack. The problem with this philosophy is
when someone eventually breaks one of
Looks like WinMX traffic too.
LoginRoot
-Original Message-
From: Joris De Donder [mailto:[EMAIL PROTECTED]]
Sent: Viernes, 29 de Noviembre de 2002 10:58 a.m.
To: SFDC Admin
Cc: [EMAIL PROTECTED]
Subject: Re: GET /.hash= in HTTPd logs?
I've noticed recently on a few different
On 28/11/02 09:23 +0530, [EMAIL PROTECTED] wrote:
snip
2. What are the application/software required to be installed?
Again, if you are running a separate box as the firewall , then *no* app
shld be installed except for the firewall.
What about application proxies? SOCKS? I would definitely
16 matches
Mail list logo