To answer you questions my humble opinion is
1) Yes should be safe if it is one way traffic as in you can access
to machine with ftp for instance but it has no access back to internal
network. I used a web interface to my logs and then only needed a
browser to the IDS system. The web serve
I've had a lot of good experience with the ISS product and would
recommend it. There are other smaller products dedicated to particular
databases. MS SQL in particular. What database are you interested in
if any.
Trevor Cushen
Sysnet Ltd
www.sysnet.ie
Tel: +353 1 2983000
Fax: +353 1 2960499
Trevor Cushen wrote:
anyway). They then schedule overnight a dd of the system disk to a disk
in their machine over the network (very easy to do) What priviledges do
they need?? I must check this but I have a feeling they will have
access to /dev files and also the /bin files where netcat and d
If you are using SQUID, try to get a copy of Calamaris. It's a free tool
to check out web access statistics. It determines which PC or user browse
a certain web site. But it operates on the logs so I am not sure if this
is what you are looking for.
Hey,
This question is not from an admin but a end-user. I am doing my studies
in a big university and we have many Win2K machines in our labs and
library.
Sometimes I find applications like Yahoo and MSN Messenger installed on
these machines. I have also sometimes seen things like Ka
Naman Latif wrote:
Hi,
I am in the process of setting up and IDS system using Linux\Snort in
DMZ. A couple of questions regarding this
1. Is it a safe practice to have access to this system from Inside
Network (for retrieving log files etc) from 1-2 Stations ? Ofcourse IDS
won't have access to in
Yes, but the fact that it's handy (Win remote desktop) doesn't change the fact
that you have to expose lots of nasty, easy to exploit ports in ways that
aren't trivial to fix (ACL's work, but if we're looking for BASIC, hardly an
easy solution).
VNC thru SSH is the way to point him. Exposes 1 por
http://www.realvnc.com
Same set of developers, just have their own domain now.
j- k-
On Friday 31 January 2003 04:06, [EMAIL PROTECTED] wrote:
> First, I'm confused about how there can be a new version. VNC was a project
> of AT&T UK Labs. My understanding is that VNC development was fro
Naman Latif wrote:
Hi,
I am in the process of setting up and IDS system using Linux\Snort in
DMZ. A couple of questions regarding this
1. Is it a safe practice to have access to this system from Inside
Network (for retrieving log files etc) from 1-2 Stations ? Ofcourse IDS
won't have access to
Someone installed Proxy+ on one of our servers (Win2K/IIS5) and left it open
on a high port for spammers. I've shut it down, but how do I prevent them
from doing this again?
Personally, I'd even be inclined to say, No root logins over SSH.
Think security in depth, If remote root over SSH is enabled, all someone has to do, is
know the root password, said password could have been leaked earlier, or
through other means. Now if remote root is disabled, the attacker has
On Fri, 31 Jan 2003 [EMAIL PROTECTED] wrote:
> heard that they had no plans for VNC. Did some former employees take it
> over to continue development? There is a Windows-only product that we use
www.realvnc.com
Yes. :)
Comments in-line, denoted with **
1. Is it a safe practice to have access to this system from Inside
Network (for retrieving log files etc) from 1-2 Stations ? Ofcourse IDS
won't have access to inside network and be blocked by Firewall.
** Yes. That's safe. Enforce it with firewall rules *on*
13 matches
Mail list logo