Can somebody give me some suggestions for websites/pages for securing a Win
NT4 server which will be acting as a file server only. I would use Win2k but
Win2K and the m/b don't work together for some or another reason.
I will already be installing SP6a + hotfixes and making sure that IIS is not
If you installed pcAnywhere with the Remote options only, there would be no
Hosts to connect to on your network. That would give you some added
security as well.
Pete
-Original Message-
From: tony toni [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 27, 2003 8:44 PM
To: [EMAIL
www.sourcefire.com
-Original Message-
From: Mike Heitz [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 28, 2003 9:19 AM
To: Chris Berry; [EMAIL PROTECTED]
Subject: RE: Need recommendations about IDS Systems
Chris,
Just out of curiosity I've never found Snort for the Windows
I have seen many places saying Don't use PLAIN or LOGIN methods for SMTP AUTH, unless
they are encrypted Now my question is this:
I've looked at the actual transfer of an SMTP session where the AUTH LOGIN was used,
and the password wasn't sent in plain-text. Is it trivial to decrypt the
Here's a link to some of the latest downloads of Snort - the bottom one in
the list is for Win32 systems:
http://www.snort.org/dl/binaries/1.9.0/
There's also an excellent GUI for the Windows version of Snort, called
IDSCenter - you can find it here:
From: tony toni [EMAIL PROTECTED]
We have a rule on our firewall that allows all employees to use pcAnywhere
to connect to a host OUTSIDE of our network. It is in one
direction...that is from inside our network to an outside host and not vise
versa. Our firewall administrator, came to me and
There is a version of PCAsnywhere that include only REMOTE, That is it can
not be a host. Installing this version may solve a problem. If you trust
your users not installing the complete version.
Here is a link for how to build a remote contrall package
The first concern would be a disgruntled employee bring in files from
home. Another concern would be an employee who does not run virus
software, transferring files to your server. Just a couple things to
consider.
===
Stephen A Santos
Network Administrator
-Original
Working within reasonable limitations is always our challenge for security.
I was taught practically that at least as far as the Internet connection
goes, trust your internal users and don't trust the outside world. You can
apply a security policy to this limiting services without restricting by
Snort.org has ports to windows available for download.
Benjamin Meade
Systems Administrator
LanWest Pty Ltd
-Original Message-
From: Chris Berry [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, 28 January 2003 11:45 PM
To: [EMAIL PROTECTED]
Subject: RE: Need recommendations about IDS Systems
Use the IPSEC built in to the product, is good, standards based, free and
reliable. Can also use x.509v3 certs for authentication instead of
passwords.
-Original Message-
From: Paul Kurczaba [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 24, 2003 6:50 PM
To: [EMAIL PROTECTED]
I am looking for a copy of the RM.exe program that is supposedly on the Windows
Resource Kit. If anyone has a copy of this one program they would be willing to share
please email me off line.
DJ Engineering
Gary L. Batchellor
System Administrator
I agree with Ivan Coric, snort is great and acid too. Demarc gets good
press and it deserves it but you pay for it now. Look at MRTG for
routers activity which is worth noting in an IDS system. Tripwire is
also worth a note for host based intrusion detection.
Add arpwatch for mac addresses
Hi Mike,
http://www.snort.org/dl/binaries/1.9.0/Snort-1.9.0-win32.exe
cheers
Ivan Coric
IT Security Officer
Information Technology
WorkCover Queensland
Ph: (07) 30066414 Fax: (07) 30066424
Email: [EMAIL PROTECTED]
Mike Heitz [EMAIL PROTECTED] 01/29/03 12:18am
Chris,
Just out of
Hi,
are there any windows utility that allows listing of all processes running
on the machine on the command line? is it possible to kill a process through
the command line?
If windows does not allow this, are there any 3rd pary tools that may be
used?
Thanks Regards
Hello!
Fired up tcpdump the other day and caught this coming out of my Debian 3.0 box...
Looked around a little bit and saw that other people had the same packets coming out
of their boxxes as well.. allrighty then, I thought.. until I decided to check the
packet out a little bit more.. and
On Tue, 28 Jan 2003 15:56:55 -0500
Frank Barton [EMAIL PROTECTED] wrote:
I have seen many places saying Don't use PLAIN or LOGIN methods for SMTP AUTH,
unless they are encrypted Now my question is this:
I've looked at the actual transfer of an SMTP session where the AUTH LOGIN was used,
and
Does anybody know a good internet source of actual security related real
life cases? I know that it's a risk to forward corporate mail to
internet e-mail account like AOL or gmx. But I need a case like in
january 2001 the aol accounts of xyz got cracked and a lot of
confidential data was
MOHESOWA
pskill from http://www.sysinternals.com/ -- it is in their PSTools package -
http://www.sysinternals.com/ntw2k/freeware/pstools.shtml
Best of all it's free.
I use it all the time -- it's great
--Brad
__
You can't keep blaming yourself. Just blame yourself
The Windows NT Resource Kits, both NT4 and Windows 2000 Professional, include a remote
kill process commandline utility rkill.exe . To be able to kill a process or processes
running on a remote server, you must have admin privileges and the rkillsrv.exe
service must be installed and running.
consider this (I'm trying to make a network more secure) :
A user enters grub upon bootup and hits e to edit the Linux boot
procedure and then continues to boot into single user mode, and he
then chagnes the root password to whatever he suits the user who
did this is eventually tracked
Jennifer-
Don't forget another important thing to ask about IDS... what to do with all
the data it generates. I see you are requesting something that goes to a
syslog server... do you already have tools in place to analyze that data?
IDSes (especially those placed outside a FW) generate a ton
procdump i dont remember if it have console mode, but the GUI is great!.
(also it is useful to dump /kill/atach etc process and memory...)
On Wed, 2003-01-29 at 08:53, MOHESOWA BYAS wrote:
Hi,
are there any windows utility that allows listing of all processes running
on the machine on the
Try http://nsa2.www.conxion.com/.
Simon Taplin wrote:
Can somebody give me some suggestions for websites/pages for securing a Win
NT4 server which will be acting as a file server only. I would use Win2k but
Win2K and the m/b don't work together for some or another reason.
I will already be
24 matches
Mail list logo