Actually , I am quite amazed , no one mentioned iptables on linux
(http://netfilter.samba.org) , thats what I use and recommend you to use ...
you can install squid (proxy) and openvpn\freeswan on another machine (if
you have it) or on the same machine.
T h e O g
Liran Cohen
-
I'm a home user rather new to firewalls. I have a spare pc I want to use
as a firewall machine for our local lan of 2 workstations w/cable modem.
I'm wanting a linux/unix flavor os for the firewall system. Would I be
better off using a stripped down os that is tailored for firewall
machines
One of the most important aspects, at least legally, is to write an
acceptable use policy for corporate email and resources. Just because
the resources belong to a company, one cannot automatically assume that
everything an employee does is privy to the company managers and
administrators.
One thing to keep in mind when using VNC is that even though the inital
authentication may be secure, anything you type while controlling the
computer is sent in plain text. So, if you were to connect to a windows
machine, for example, then login to or unlock the screen on that machine ,
that
It really is a matter of personal preference- if you already have other *nix
systems, then maybe you will want to use a firewall distro.
If not then perhaps you could use RedHat (a stripped-down version) with some
hardening (bastille) and a good iptables script (MonMotha)that way you
could
VNC is a great tool for remote administration, if you know its strengths
and weaknesses. Unfortunately, not every company has unlimited IT
resources available to implement the best remote admin tools...not
mention the usual hassle of getting your manager's approval for
purchases. Just saying a
Pablo,
Chris's comments are right on the mark. If the policy is loosley defined or open to
interpretation, guess what...it will be impossible to enforce. No one wants to appear
too autocratic but if you have a strict policy, it will keep those employees with a
tendency to fly to close to the
The first item to consider is the local legal requirements. I work with an industry
ISAC in the U.S. and we have Canadian members. In our discussions the laws of Canada
are much different then the U.S. They also have local laws to comply with.
Another item is that asserting ownership of
VNC can also be tunneled through ssh, theres plenty of how-tos around on
google, and one its setup along with other mesures is as secure as other
remote desktop programs.
-Original Message-
From: Chris Berry [mailto:[EMAIL PROTECTED]
Sent: 25 February 2003 19:45
To: [EMAIL PROTECTED]
At 02:49 PM 2/25/2003 +, Trevor Cushen wrote:
Another method worth being aware of is this little beauty
http://home.eunet.no/~pnordahl/ntpasswd/
I'm not sure what scenerio you would use this in a far as forensics is
involved but a handy tool in any arsenal. No good on raided system
What type
Hi,
Just wondering on thoughts about download managers- do they pose are
security risk? Any known to be trojaned? The one I use is GetRight, does
anyone know if this one has known security issues?
Any thoughts appreciated, thanks.
Leon
Go to sourceforge.net and search for Firewall floppy. You will get lots
of already stripped down versions. You can run these firewalls from a
floppy and also from a hard drive if you want to enable logging.
Leo
Justyn wrote:
I'm a home user rather new to firewalls. I have a spare pc I want to
A key element to this is that a user will be granted the least security
possible when the share and NTFS permissions are combined. For example, if
the NTFS permissions give a user read access but the shared permission is
read/write for everyone the user will still only have read access.
I
Smoothwall is a tailored installation of Linux. It isn't designed to
install over an existing installation of Red Hat or any other distro. -
download the .iso from your nearest mirror
(http://us0.download.smoothwall.org/?2/1.0/iso/), burn it to a CD and trial
it on an available Intel based PC. It
I am sure most of you would concede that preventing employees from utilising
information systems resources from any form of private use is impossible, if
not impractical (having arrived at the office on a Saturday morning only to
find an employee printing full colour A3 posters for their kid's
I would recommend a stripped-down OS that lets you build up to what you need
rather than try to strip down a standard *nix distro. There's too much you
might miss these days.
I like the Linux Embedded Application Firewall, available at
leaf.sourceforge.net. Distros are available that include a
At 12:14 PM 2/24/2003 +, Trevor Cushen wrote:
Go to www.sysinternals.com and get the Unix Utils which will include dd
and netcat for Windows
Both will fit on a floppy.
I couldn't find those tools on the sysinternals site, but I did find an NT
port of dd at unixutils.sourceforge.net. Doesn't
At 10:15 25/02/2003, chris wrote:
Dear gurus
We are defining policies for the use of corporate e-mail, I have doubts
about privacy of messages sent by employees. Since the e-mail system is
intended for business use, we need to prevent sensitive information
disclosure. If we respect the
Hi Gregory;
The O'Reilly book Building Internet Firewalls has a good section on
Windows and *nix bastions.
My own perspective is that Windows hosts tend to be more complicated
from a security perspective because of hidden dependencies, etc (for
example does your web app require COM+? How
i would still worry. highly unlikely that the service goes away--might just
a different manufacturer.
Regards,
Bob Parisi
Robert A. Parisi, Jr.
Senior Vice President and Chief Underwriting Officer
AIG eBusiness Risk Solutions
80 Pine Street, 8th Floor
NYC, NY 10005
Phone: 212-770-1691
Depending on which version you are usingthere may very well be spyware
involved.
Corey
On Wed, 26 Feb 2003 11:11:04 +1100, Leon Pholi
[EMAIL PROTECTED] wrote:
Hi,
Just wondering on thoughts about download managers-do they pose are
security risk? Any known to be trojaned? The one I use is
Try this article...
http://www.mobileinfo.com/News_2002/Issue45/RIM_loss_NTP.htm
regards,
Michael
-Original Message-
From: Parisi, Robert [mailto:[EMAIL PROTECTED]
Sent: February 26, 2003 12:22 PM
To: '[EMAIL PROTECTED]'; Moeckel, Sharon
Cc: [EMAIL PROTECTED]
Subject: RE: Wireless
From: Mike Jensen [EMAIL PROTECTED]
One thing to keep in mind when using VNC is that even though the inital
authentication may be secure, anything you type while controlling the
computer is sent in plain text. So, if you were to connect to a windows
machine, for example, then login to or
If nothing else. I would strongly suggest that you use Ad-Aware or
equivalent scanner to determine if such a product is adware/spyware,
partcularly if the DM is free. Several years ago I used Gozilla! only to
find that it was calling home on a regular basis...
Prior to my taking over here the previous admin had not bothered to write
any policy. To try and increase professionalism and to get up to speed with
HIPPA compliance I'm putting together a policy and proceedures manual. Here
is a list of some of the documents I'm going to put together:
Caveat: I'm neither a guru nor a lawyer, nor do I appear on a reality TV
show purporting to be either. I'm in this thread late, so I am commenting
on more than the text of this message. I hope that is alright. Someone
posted that the first thing to do is do determine the local legal
requirements.
From: Mike Dresser [EMAIL PROTECTED]
As well, you can limit who can connect to the system by allowing only
certain IP's to connect.
Hey, that's cool, how do you do that?
Chris Berry
[EMAIL PROTECTED]
Systems Administrator
JM Associates
Linux and I have a love/hate relationship. I hate its
Isn't all discipline selective? Upper levels of management don't come under
the same scrutiny and rules that the lower levels are required to live
under. The VPs won't be fired for chatting with their kids at college using
IM though they would drop one of their underlings in a heartbeat for the
Chris Berry wrote:
Prior to my taking over here the previous admin had not bothered to
write any policy. To try and increase professionalism and to get up to
speed with HIPPA compliance I'm putting together a policy and
proceedures manual. Here is a list of some of the documents I'm going
to
Sequel Technology offers a product for Internet Resource Management.
http://www.sequeltech.com
If anyone is interested...
Joe Martinez
Director of Information Technology Services
-Original Message-
From: Bruce Fowler [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 3:34 PM
30 matches
Mail list logo