Hi volks,
So which Access Point products do U say it is good @ security?
Greetz
Raven Override
There are 10 different people on earth, those who understand binary and
those who don't
---
Evaluating SSL VPNs' Consider NEOT
At 03:59 PM 08/07/2003, gerald wrote:
>just got off the phone with "GoToMy PC" regarding this incident. Lady who
>lead the investigation in conjunction with the Secret Service gave me a very
>clear and concise explanation of the events which took place last Dec.
Here's the account from the Depart
It's from Netbackup
-Original Message-
From: Birl [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 09, 2003 2:43 PM
To: [EMAIL PROTECTED]
Subject: Re: Strange files found on Solaris8
Jiang: Date: Wed, 9 Jul 2003 15:27:11 +0800
Jiang: From: Jiang Peng <[EMAIL PROTECTED]>
Jiang: To: [EMA
i would try downloading ettercap and seeing for yourself ...
http://ettercap.sourceforge.net
- jon
pgp key: http://www.jonbaer.net/jonbaer.asc
fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47
- Original Message -
From: "Craig Brauckmiller" <[EMAIL PROTECTED]>
To: <[EMAIL
Depending on the SSL encryption used (high chance its 128bit encryption)
then breaking SSL certificates is extremely difficult, if you remember about
6 months ago a university did manage to extract a small number of characters
from an SSL transaction, but this was using a large cluster of
number-cr
Craig: Date: 8 Jul 2003 17:33:02 -
Craig: From: Craig Brauckmiller <[EMAIL PROTECTED]>
Craig: To: [EMAIL PROTECTED]
Craig: Subject: HTTPS - How hard to decrypt?
Craig:
Craig:
Craig:
Craig: We have begun rolling out wireless cards to our VP laptops. We have also
Craig: purchased T-Mobile
Jiang: Date: Wed, 9 Jul 2003 15:27:11 +0800
Jiang: From: Jiang Peng <[EMAIL PROTECTED]>
Jiang: To: [EMAIL PROTECTED]
Jiang: Subject: Strange files found on Solaris8
Jiang:
Jiang: Hi All,
Jiang:
Jiang: I just found some strange files under Root directory of my Solaris 8.
Jiang:
Jiang: the fil
They are from NetBackup I think just the master server E-Mail veritas for more info.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 09, 2003 12:22 PM
To: Jiang Peng; [EMAIL PROTECTED]
Subject: Re: Strange files found on Solaris8
> -Origina
>From Google!!
This probably will set the record for the longest delay in posting a summary.
Original Question, posted on 2/8/2000:
Just noticed that we have about a gazillion files in / called:
.SeCuRiTy.## (where ## is a number)
Anyone have any idea what th
Hi,
just got off the phone with "GoToMy PC" regarding this incident. Lady who
lead the investigation in conjunction with the Secret Service gave me a very
clear and concise explanation of the events which took place last Dec.
It related to a gang of people who were putting keystroke loggers
Shane,
> How about people posting their favorite secure programs for email,
> etc... :-)
Windows: Virtual Access. Plain text, you can select not to view html, and
*anything* not in plain ol' text comes as an attachment. Further, you can set
it to require a double-click to open said attch'd
All this is completely irrevelant to the actual post as well as the post
itself. There were too many ifs and other subjective matter. There are
many of us subscribe to this post, be little bit courteous and send
"electronics" email barrage to each other and stop wasting everyone's
time. Learn ho
The following three articles were added to SecurityFocus this week:
U.S. Information Security Law, Part 4
By Steven Robinson (July 09, 2003)
This is the last article in a four-part series looking at U.S. information
security laws and the way those laws affect the work of security
professionals.
What platform and mail service are you running? Have you considered on
hiring a qualified admin to secure your server and ensure you aren't running
an open relay? What tool was used to test this that claims you are running
an open relay?
--
Regards,
Tim Greer [EMAIL PROTECTED]
Server administrat
We have begun rolling out wireless cards to our VP laptops. We have also
purchased T-Mobile Hotspot accounts for them to use in such places as
Starbucks, American Admiral's Clubs, etc.
>From my testing, the user name and password entry screen that TMobile
requires you to fill in before they
> -Original Message-
> From: Jiang Peng [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, July 9, 2003 07:27 AM
> To: [EMAIL PROTECTED]
> Subject: Strange files found on Solaris8
>
> Hi All,
>
> I just found some strange files under Root directory of my Solaris 8.
>
> the files are named as: .Se
Trying again. Didn't seem to go through the first time...
Here is some info I've gleamed off this list. I can't credit all the
authors as this info is from about 10 different people. I've also
included the solution we are going to implement.
There are two general areas of wireless security:
Good distro since it uses a BSD-like package manager. However, you need to
be quite the expert to use this since it does not come with a pretty GUI.
Installation documentation is available on the website.
--Greg
-Original Message-
From: Meidinger Chris [mailto:[EMAIL PROTECTED]
Sent: T
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Heya,
First line of attack is to disable the smtp daemon until this is
concluded (that is, if you haven't already).
I am a big fan of qmail / ucspi-tcp solution.
qmail is one of the most secure and stable MTAs available, and with
ucspi-tcp, you hav
in theory : make sure an external IP is not allow to send emails from a
third party domain to another third party domain using your mailserver
practically : this depends on the type of mailserver you are using...
- Original Message -
From: "JasonTay" <[EMAIL PROTECTED]>
To: <[EMAIL PRO
> -Original Message-
> From: JasonTay [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, July 9, 2003 02:20 AM
> To: [EMAIL PROTECTED]
> Subject: Mail relay
>
> hi,
>
> i had experience the following:the following is some feedback from our vendor:
>
> We had try the following:on using a relay/spa
Jei,
http://support.microsoft.com/default.aspx?scid=kb;en-us;810761
Here's a great link with all the white papers you can handle. Good
luck!!
Paul D
-Original Message-
From: Julias P [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 5:29 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED
When an SMTP server receives an email message that is not
for one of its local domains, the default behaviour is to
look up the "mail exchanger" address for the destination domain
and forward the message there. Most SMTP servers belong to
some organization, and use this function to handle outbou
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I will refer back to a previous statement made along these same lines.
Note however that I am not interested in any kind of religious debate over
who's systems are better or more secure. I maintain a firm belief in "the
right tool for the right job".
On Mon, 2003-07-07 at 09:30, Bryan S. Sampsel wrote:
> (snipped for brevity)
>
> Keith A. Glass wrote:
> > -Original Message-
>
> >
> >
> > I admit to a predjudice towards firmware-based firewalls, only because the
> > underlying OS's of an OS-based firewall may or may not be properly h
Yes, this is good too.
I do not believe it is the PIX, however still worth an investigation. I
would start with the 2600 first. I am basing this off the information you
gave us from the router.
Regards,
Greg DeGennaro Jr., CCNP
Security Analyst
-Original Message-
From: Paul Benedek [
With a sniffer like airsnort, you can pick a MAC address out of the header,
which is NOT encrypted by WEP, and then spoof your MAC (most cards,
including Orinoco support this.)
Kevin
-Original Message-
From: Jeff D [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 4:40 PM
To: J. Bild
hi,
i had experience the following:the following is some feedback from our vendor:
We had try the following:on using a relay/spam tool from some website, we verified
that we are able to relay through your mail server.
As such, we can safely conclude that the cause of the problem is linked to "ot
Very much true - Personally, I just use fyodor's services file from his
nmap distribution instead of the default systems' - I figure if anyone
knows ports, its fyodor! ;-) (Plus, it has many more ports listed than
the standard services file, including possible trojans/backdoors etc)
regards,
ja
Wrong, besides MACs are so easily spoofed.
-Original Message-
From: J. Bilder [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 3:24 PM
To: [EMAIL PROTECTED]
Subject: Re: Wireless Networking
What if you're running 128 Bit WEP and filter on MAC address? You can't
even get a signal u
Brad wrote:
<
> 192.168.1.255 are both ping-able). When doing nmap, it shows
> 192.168.1.255 as remote, the others as local. However, when I do a
> traceroute on these supposedly local ones, it shows a number of hops
out
> over the Internet, implying that they are not connected locally. Do
Ahno sorry. If I can figure out your MAC address on the network which takes about
3 minutes, I can spoof your MAC and I'm now allowed on your AP. Keep in mind like
everyone else saidWEP can easily be cracked...and MAC filtering is even easier to
blow by.
-Original Message-
Fro
Hi,
Once you have identified the traffic type i.e. web traffic port 80, you may
wish to consider turning on some of the traffic management features within
the Cisco router. This could be a change in queuing strategy and the use of
Cisco's committed access rate feature.
By using CAR, you can prio
I wouldn't forget NetScreen appliances.
T.
DeGennaro, Gregory wrote:
My top three dedicated firewall devices;
1) Sidewinder - not officially or publicly cracked.
2) Nokia Checkpoint FW-1 Firewall - Rock on active/active (ip clustering)
state and fail over.
3) Cisco PIX - cost of ownership an
As a system administrator, I would freak if I was in this situation. I
know what software is installed on all of my servers and know exactly
what it's for and what ports it uses for communications.
I think this is a good point to make.
As a 3rd party security consultant, when we sell a secur
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm not sure exactly how much information is required before the
encryption can be successfully cracked. I let kisMAC run for about 5
or 6 minutes collecting packets (while I got my popcorn), but to answer
your question, the iBook cracked the 128 bi
Hi All,
I just found some strange files under Root directory of my Solaris 8.
the files are named as: .SeCuRiTy.0, .SeCuRiTy.1, . until .SeCuRiTy.68.
Following are part of the output of command: ls -al
-rwx-- 1 daemon other128 Aug 20 2002 .SeCuRiTy.0
-rwx-- 1 daemon
If they are internal addresses, have you:
1. checked to see if the machine is alive (ping or a 'polite' port scan) -
if it is, ask the operator if he knows anything, or ask to be allowed to
check yourself what is running on it. It's possible that it is not a spoofed
address but rather an infected
Sorry, but that is way off base. You can filter by anything that you
want and it will not affect your ability to "get" a signal. You will
still be able to receive packets, crack the WEP keys, and then enumerate
the network. Ever heard of MAC spoofing? Nice try, but wrong info.
Wireless is inherentl
-Original Message-
From: David Gillett [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 12:59 PM
To: [EMAIL PROTECTED]
Subject: RE: Questions about 192.168
> Since 192.168 is a non-routeable IP (ie: wont reach the
> Internet), it's
> no real surprise that nothing answered you fr
if you are in a windows environment, nbtstat -c -a NetBIOS_Name will provide
you with the remote NetBIOS table and MAC Address.
Not sure if someone mentioned this before, i was only skimming the thread. I
just ran across this doing an nbtstat and remembered that people had been
talking about mac a
MAC addresses can easily be spoofed.
~Kevin Davis³
What possibly could go wrong?
- Original Message -
From: "J. Bilder" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 08, 2003 3:24 PM
Subject: Re: Wireless Networking
> What if you're running 128 Bit WEP and filter on
J. Bilder wrote:
What if you're running 128 Bit WEP and filter on MAC address? You can't
even get a signal unless you're MAC address is allowed..
Thanks!
- Jeff
IIRC, you can still intercept the transmissions but not be able to join
the network..
JeffD
-
Hi Nawapong Nakjang,
Thx for the info... Was looking for such a tool..
Got a better insight on the traffic that my proxyserver is handling.
It is amazing how many portscans you see...
John
On 7/8/03 4:40 AM, "Nawapong Nakjang`" <[EMAIL PROTECTED]> wrote:
> Yes it is possible, you can use a tool
Hello, all.
Some application programs which allow remote connect, doesn't remain logs
in the file like /var/log/secure or /var/log/messages.
So is there any program or method(unix or linux based preferred) to let
save or remain logs?
Thanks in advance.
45 matches
Mail list logo
