The best, albeit brief, explanation I've seen is this one.
http://www.bizreport.com/article.php?art_id=4182 It has had some
interesting quotes by Bruce Schneier, computer security expert and author.
I suspect he'll also address it next month in his monthly Crypto-gram
(which is a great
supply all the domain users who have local
administrator's
right to their machines.
This is pretty trivial to do in Perl...using the
Win32::Lanman module, it's pretty simple to have the
script go through and pull that information out for
you.
As the security admin, I am the pointman for
Can't say I'm too worried about it.
(a) Its already been patched, and (b), the requirements for pulling off
this attack are high enough to dissuade all but the most determined
cracker. A sufficiently determined cracker will get into your system,
there is no way around it. What it comes down to
ACID is great for analyzing snort logs. Are there any good software
packages with that kind of power and flexibility for iptables logs?
I think one place to start would be to find a way to have iptables
log to a mysql database (like snort does).
--
Skip Morrow, [EMAIL PROTECTED] on 02/23/2003
Try LAN Guard by GFI. It gives a good bit of detail about what is going on
machines in an IP range. One of the items it gives is what users are on a
specific machine. I do not remember if it gives their privileges.
Regards,
Earl Ogden
Network Specialist
Regional Training Institute
Its seems that the reason that so many people don't care is mostly because
they don't know what has happened to so many other companies in the past.
Many people fall into a false sense of security when it comes to protecting
themselves. They either believe that they will not be attacked, or
Juan Velasquez wrote:
I just read this story which explains how the Swiss Federal Institute of
Technology
exploited a flaw in the SSL protocol to hijack an 8 character password
from a bunch of SSL encrypted email logins.
I was surprised. What does the security community think of this?
Make the destination disk a Linux machine with enough capacity.
On that Linux machine run (IP address of Linux machine in this case is
10.1.1.1)
Nc -l -p 9000 | dd of=NTMACHINE.dd
Nc is Netcat which should be on the Linux install or can be easily
downloaded.
Go to www.sysinternals.com and get
My own perspective is this---
Internal security is just *different.* This is one of the reasons for the
firewall. If a company didn't have a firewall, I am still convinced that
they would be at *far greater* risk to external rather than internal
threats. But that doesn't address the following
It's ok we're behind a firewall
The response I received from a DBA when I forwarded an
email detailing a security vulnerability in a
particular database application.
And not the first time I have heard this response when
cautioning about security vulnerabilities.
I want to raise
Hi,
Have a look at this page :
http://gege.org/iptables/doc/faq.html
Hope this helps...
Yvan
- Original Message -
From: Skip Morrow [EMAIL PROTECTED]
To: Security-Basics [EMAIL PROTECTED]
Sent: Sunday, February 23, 2003 12:26 PM
Subject: iptables log analysis tools
ACID is great
Anyone have one of the ebp Lite Password Managers and could comment on it's
use? http://www.mandylionlabs.com/products.htm I read the review in
InfoWorld (http://www.infoworld.com/article/03/02/14/07secadvise_1.html) and
the device looks pretty good. I have an Aladdin etoken now but then I read
Skip Morrow wrote:
ACID is great for analyzing snort logs. Are there any good software
packages with that kind of power and flexibility for iptables logs?
I think one place to start would be to find a way to have iptables
log to a mysql database (like snort does).
There are several
I fight this issue a lot here. Disgruntled employees who have access to
important data. There are a million ways for this stuff to get out. Hell
they have to have access because it is there job. So it is a tightrope walk
on what to do.
I also have the opposite. Data that people have access to a
Please read the below article for further details of
the SSL issue:
http://slashdot.org/articles/03/02/20/1956229.shtml?tid=93tid=172
Naveen Maram.
--- Juan Velasquez [EMAIL PROTECTED] wrote:
I just read this story which explains how the Swiss
Federal Institute of
Technology
exploited a
Dear gurus
We are defining policies for the use of corporate e-mail, I have doubts
about privacy of messages sent by employees. Since the e-mail system is
intended for business use, we need to prevent sensitive information
disclosure. If we respect the privacy , how can discover infidelity
It's true that HIPPA will take effect on April 16th, but it does not become
effective for enforcement purposes until April 2005, as mandated in the just
published security rules. They have to get moving, but no one is in SERIOUS
trouble yet.
-Original Message-
From: Robinson, Sonja
Duane H. Hesser wrote:
On 19-Feb-2003 John Brightwell wrote:
Are there any sites out there with the facts and
figures about internal exploits and cautionary tales
about disgruntled employees or IT savvy nighttime cleaners?
It's hard to find such information, since companies are reluctant
to
Peet Grobler wrote:
I've been wondering about this for a while now...
Everybody knows NFS is insecure. Right. So no-one uses it. Why not simply modify NFS to use encryption? Why not?
Not tunneling, modify the source to either (a) establish ssl connections, or (b)
manually encrypt all traffic (I
From: Di Fresco Marco [EMAIL PROTECTED]
Here it is my situation: computer with WinXP Pro. and a cable modem; I have
4 account (+1 for Guest but it is off, +1 one I can not delete):
Administrator (that I use for configurations), my account (for daily use)
and 2 account for both my parents (other
Chris Berry wrote:
From: Jason Hastain [EMAIL PROTECTED]
I have a few clients who are doctors running small practices. They have
small LAN's and DSL connectinos behind a simple NAT router/firewall in
one
case and persoanl FW's in the other (unfortunatly not my decision in
either
case).
Each
21 matches
Mail list logo
