You should be able to specify some options with the net ping command that
will allow you to do this.
_
Webmail provided by Names.co Internet plc
http://www.names.co.uk
Some more info is really needed to answer this question. What environment
are you running in? ie, Windows domain, UNIX, Linux?
If you are in a Windows domain with a domain controller, then add all of the
systems to the domain, and you will have a single login. This is one of the
main reasons to ha
Not every machine is included in a zone file, ARP is only useful on the
local segment and ICMP (ping) may be blocked so you're going to need to
take a more active (possibly distributed) approach.
You mention including it in your code, but you don't mention what kind
of code (C, perl, whatever).
There is also http://www.travelnet.ca/ and others products...
-Message d'origine-
De : shawnmer [mailto:[EMAIL PROTECTED]]
Envoyé : 6 décembre, 2002 19:23
À : Peter VE
Cc : [EMAIL PROTECTED]
Objet : Re: broadband connections in hotels
Hi,
This is a result of your taking all control out
Niall,
Here are a few links that may be of interest regarding Active Directory
and x500 interoperability with LDAP:
http://www.isode.com/whitepapers/ic-6040.html
http://www.microsoft.com/windows2000/server/evaluation/features/adlist.asp
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q2
looks too me like good old Code Red Version 1.
On Sat, 7 Dec 2002 16:13:11 +0100
"Paolo Mattiangeli" <[EMAIL PROTECTED]> wrote:
> Hi everybody, I guess maybe someone out there can help me with this. I
> have a w2k server running IIS 5 and keep receiving what I think to be
> "probes" on my web se
I don't know if it's impossibe, but isn't sniffing traffic on a switched
network more difficult?
-jon
- Original Message -
From: "Tony Meman" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, December 07, 2002 3:29 PM
Subject: Re: Preventing DHCP from allocating IPs
> Someone
Does anyone have experiences in using Ad-aware Plus together with Ad-Watch
in a large network with many users?
Is it possible in some way to enable the kind of functionality that most
antivirus software solutions have? Like automated download of new
definitions,
some kind of policy management,
Hi,
Use something like kismet or try the linux-wifi distrib "warlinux"
(https://sourceforge.net/projects/warlinux/), contains a lot of nice
appz & is a knoppix-like boot-from-cd-OS.
Cheers
alban
-Original Message-
From: Boschmann, Armin [mailto:[EMAIL PROTECTED]]
Sent: Friday, Decemb
One fairly cheap solution would be to place a few linux boxes around the
office and/or areas that people could plug WAPs into. On these boxes you
might consider a program called Kismet, the beauty of this program is that
it will detect APs that are not broadcasting their essid. It does this by
li
Good questions, I will try to make our solution more clear
First, only authorized vendors are allowed to use this restricted VLAN.
They have to sign the same agreement to use our network as any employee,
contractor, etc. Second, we permit HTTP through our content controls and
IPSEC on a cas
you could look at software like netreg to identify unknow hosts that
connects to your network and start your audit policy from that point...
gene
Boschmann, Armin wrote:
We have a policy of no-wireless at our sites. I want to audit this policy,
similar to war-dialing, or more correctly war-driv
Courtney,
> he writes that most antivirus software does not
detect
> spyware, which was a shock to me. Spyware seems to
> be defined as software that logs keystrokes,
> screenshots, user actions, etc.
Don't get caught up in semantics. What might be
better to do is visit the various A/V sites,
you could try running something like ntop and identify specific port
that "known" malware communicates in, and run a script to alert you on
these incidents... i guess this would be a long way, but you could also
do this with snort sensors, which i have done at work to run these
specific commun
This brings up some interesting questions.
Would there be any legal issue with allowing open access from within your
company (for this restrictive network)? Is web type access going through a
proxy that is filtering? (Could the company be liable if something illegal
is done from the company owned
i have it running on my work and home machine, neat tool, does what i
wanted it to do... simple interface let see how long it takes for these
AV companies to starting eating these little folks up.
Jebb Stewart wrote:
Courtney,
One program I am aware of to remove adware and spyware is ad-aware b
I also work in the Financial area so I understand your concerns. In the past, we have
made the employee's supervisor make the call to request the change. Then the password
was emailed to the supervisor, not the employee. The supervisor (as an agent of the
corporation) has the right to request
NetStumbler and WEPCrack are two programs to use to sniff and crack your
wireless network. You might pick up your neighbors wireless, that's a risk
but better them then you. Hopefully they will have tuned down their
broadcast range but probably not. Hopefully their SSID is not default and
is ha
Try AdAware (http://www.lavasoftusa.com/aaw.html) if you're on a windows
platform. Most importantly though, watch what you, or your users
install. it usually just takes a google search on the programme.
Try googling for "gator", which is a fairly well known spyware
programme, and you'll find afte
just to add to this, some web enforcement tools such as webtrends has a
feature to stop this sort of activities... be aware, some apps require
(P2P) spyware, wait, i can't confirm this, but i did some trial and
error using adware program and ran into one of my programs not working
(Kazaa) whil
make sure you let your network folks know that you're going to run any
type of tool. superscan is very loud on the network, and make sure
you're not setting off any ids sensors. superscan will light up like
x-mas tree in your network.
windows: run tcpview and see what happens when you run "s
Can anyone recommend a non-*nix wireless sniffer that I can download an
evaluation of?
There appears to be a good few out there, but I cant manage to find a
downloadable eval.
Thanks
JM
_
MSN 8 helps eliminate e-mail viruses. Get
http://www.BulletProofSoft.com/ is the best I have seen so far.
BTW enjoy windows ;) lol !!!
- Original Message -
From: "aanet" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, December 06, 2002 11:41 PM
Subject: Re: Adware, spyware, and trojans
> Hello Courtney,
>
> Friday,
Does anyone have any good links for a single sign on solution. Any material would also
be appreciated.
regards
Niall
-Original Message-
From: Robert Sieber [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 06, 2002 6:51 AM
To: [EMAIL PROTECTED]
Subject: Re: RE: How to authentificate an
> On Fri, 6 Dec "Carere, Courtney" <[EMAIL PROTECTED]> wrote:
>
>
>>Upon reading "The Art of Deception" by Kevin Mitnick yesterday (an
>>excellent book, by the way), he writes that most antivirus software
>>does not detect spyware, which was a shock to me. Spyware seems to
>>be defined as softwar
Hi everyone,
Just a quick one, does anyone know how to stop the default administrative
file shares in Win XP (professional edition)? One would think this would be
a standard part of locking down a box, but can't find much on it for XP.
You can do it through Computer Management but they'll be re-e
Hi everybody, I guess maybe someone out there can help me with this. I have
a w2k server running IIS 5 and keep receiving what I think to be "probes" on
my web server. Today I found in the log the following entry:
2002-12-07 14:33:32 200.170.226.83 - 192.168.100.7 80 GET /default.ida
N
All you would have to do is open a sniffing program such as tcpdump or
ethereal (i would think there are similar windows products, maybe not
though) and contact the host. From there you can dissect the packet and get
the information.
John
On Wed, 4 Dec 2002 [EMAIL PROTECTED] wrote:
>
> I h
Someone could just sniff the traffic, collect some valid MAC addresses
and use one of
them when some box is down. MAC spoofing is trivial.
Regards,
--
none
Hasnain Atique wrote:
My solution was somewhat more elaborate.
I'd separated the network into sections, each connecting to a "backbone" o
Hello Courtney,
Friday, December 06, 2002, 19:48:57, you wrote:
CC> 1. What's the distinction between spyware, adware, and trojan
CC> software? (My antivirus software says it protects against Trojans,
CC> and I've seen programs like SubSeven in its log files.)
It's simple trojan is a virus. Via
> My general question is just when do I need to do
> something other than just check my firewall logs for
the
> source address and verify they weren't successful in
> gaining access anywhere vs. actually reporting an
> incident.
Why do anything? The general sense is that the return
doesn't rea
Cheops..
Will do OS regonition, and give you a nice little diagram at the end of
it...
Hi,
This is a result of your taking all control out of the hands of
users...while it's very controlable from a sysadmin point of view, your
users are obviously taken out of the loop and you wish to keep it that
way.
That being said...
What firewall are you using on the laptops?
The device ho
Try the 'Ping Sweep', 'Network Sonar' and 'IP Network Browser' from SolarWinds
Engineers Edition. Free download and 30 day eval.
That should give you enough time to Scan or search for all machines on network. They
have a whole 'Discovery' category that can go
into a lot of detail if you have SNM
From: Nexus <[EMAIL PROTECTED]>
goto sysinternals.com there are lots of good tools there that when run
before you run an app will tell you what it is accessing, including reg
keys dll , etc...
Hmm, I might try that. I wonder if its worth it though, I'm pretty paranoid
when it comes to security
nmap 10.60.0.0/16
you can do it on linux/Windows. do a search on nmap's help to see his
great potential.
Cheers,
_CRIS
+---+=*@*=++
| ing. Cristian Arustei netadmin@ misp.tuiasi.ro |
| +4-0723.315.830
A laptop with an 802.11b nic card and some software is one
way of tracking down rogue wireless access points(assuming
of course they are using 802.11b). It would also be really
helpfull to have a current wiring diagram, so you can trace
your laptops MAC through certain network segments, switches, e
Hi,
I found this, wondered if it may help you
http://www.shmoo.com/pipermail/zealots/2001-March/11.html
Paul Mahoney
Director
FiberStarr Systems
www.fiberstarr.com
-Original Message-
From: Boschmann, Armin [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 06, 2002 10:45 AM
To: '[E
Some time back Somebody ( i have lost the mail and can find it in the
achieves ) was asking for volunteers to test their hubs and switches
for security venerabilities. as the time i think he wanted to put
together a who's who of switches and hubs.
Does any one recognize this , remember any ur
Chris Berry wrote:
From: YashPal Singh <[EMAIL PROTECTED]>
How we can search all the alive machines on the network. Say my
network is 10.60.0.0 to 10.60.255.255. So what are the different ways
(pros and cons) to search all the machines.
use nmap or cheops
--
---It's almost never the $100
Thanks a lot for so much info. But i m sorry i missed something. I have to
do it programmatically. Tools are very good. but i have to include it in my
code. So should i rely on my DNS zone files, arp caches or broadcast
ping..or is there something better where i have less chances of error.
Sorry an
Hi,
Does anyone have any useful information or links on single signon solutions and
concepts. What I am thinking towards is an LDAP structure a bit like NDS. Any
suggestions welcomed.
regards
Niall
ICMP doesnt use ports, what made you think it was port 3? Maybe you confused
with ICMP Type or Code. Can you check that?
Regards,
--
none
[EMAIL PROTECTED] wrote:
Hi
i have a strange communication between two of my Linux server, it's ICMP
packet on port 3.
Do you know what it could be ?
Thks
On Friday, December 6, 2002, at 05:42 PM, Jebb Stewart wrote:
Courtney,
One program I am aware of to remove adware and spyware is ad-aware by
lavasoft http://www.lavasoftusa.com. Has any body used this?
Aye, I use ad-aware on our windows boxes - it does seem very effective.
Even on a (rela
Client firewall = CyberArmor from Infoexpress
Taking control out of the hands of the users is generally spoken the safest
solution... but not always practical... I know... but as I said before :
better safe than sorry ;-)
- Original Message -
From: "shawnmer" <[EMAIL PROTECTED]>
To: "
I've used ad-aware myself on many machines both in the lab I am a sysadmin for, as
well as at home.
It does quite a good job at finding most of the common spyware programs. You'd be
amazed how much can be loaded on your machine without you realizing it.
I've yet to run into a negative side eff
nmap -sP 10.60.0-254.0-254 or smth like that. Man nmap. :-)
On Fri, 6 Dec 2002, Matt Schaelling wrote:
> Languard Network Scanner from www.gfi.com
>
> -Original Message-
> From: YashPal Singh [mailto:[EMAIL PROTECTED]]
> Sent: Friday, December 06, 2002 5:23 AM
> To: '[EMAIL PROTECTED]'
>
"net config workstation" and "net config server" will do that.
-=rooster=-
On Wed, 4 Dec 2002 [EMAIL PROTECTED] wrote:
>
> I have a question regarding the recent discussion about IP to MAC mapping.
>
> In fact suppose you have a system installed which controls if any unknown
> MAC address exists
> When the users wants to access the internet, he has to establish the VPN
> and use the corporate proxy server... better safe than sorry
good policy
> This is bothering me... how can we set things up so the user can use the
> local broadband connection,
> without dynamically changing the polic
This doesn't qualify as adware removal software, but it's an interesting
little browser enhancement (IE 5.0+ only)
http://www.bugnosis.org/
It detects and displays what the Privacy Foundation (the software provider)
calls "web bugs"
>From their FAQ:
"What exactly is a Web Bug?
A Web bug is a gra
I recently came upon a situation with one of my clients where his Active
Directory Controller would show an IP conflict error message every few
seconds...
All the workstations machines had DHCP whose range was nowhere near the
server's ip and all the other server and routers etc. had different
Thank you ansh! I was wondering if anyone was going to say nmap. Best
scanner I have used.
Kirk
>>> Anshuman Kanwar <[EMAIL PROTECTED]> 12/06/02 01:10PM >>>
Use nmap.
nmap -sP 10.60.0.0/16
-ansh
> -Original Message-
> From: YashPal Singh [mailto:[EMAIL PROTECTED]]
> Sent: Friday, Dec
Hello Armin,
Take a look at 'Observer' by Network Instruments (www.networkinstruments.com) It is a
realtime packet sniffer that will work with
any NDIS5 supported NIC including 802.11a and 802.11b and it has the ability to send
alerts from something as simple as a local
popup to Dialing a pager
Sorry, hit send before I could include the link.
www.solarwinds.net
-Original Message-
From: Matt Schaelling [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 06, 2002 11:41 AM
To: 'YashPal Singh'; '[EMAIL PROTECTED]'
Cc: '[EMAIL PROTECTED]'
Subject: RE: how to search all machines on a ne
I just finished a paper dealing with TLS (ssl 3.1) relative to email security between
client and server
and opportunistic use between servers.
I enclose it in the body for review and comment.
Please post any comment to me directly at [EMAIL PROTECTED], and not to the list.
I enclose a list of re
55 matches
Mail list logo