RE: Password audit dictionary

2003-08-06 Thread dave kleiman
http://www.accessdata.com/dictionaries.htm _ Dave Kleiman [EMAIL PROTECTED] www.netmedic.net "High achievement always takes place in the framework of high expectation." Jack Kinder -Original Message- From: O'Connell, Geoffrey [mailto:[EMAIL PROTECTED] Sent:

Re: sftp vs ftp with ssl

2003-08-06 Thread Glenn English
On Wed, 2003-08-06 at 11:53, subscribe wrote: > Hi list, > I've been trying to get up an secure ftp server on linux platform, > pureftpd. > This utillity support both sftp and ftp tls/ssl. Is there anyone who has > any experiance with secure ftp servers on any platforms? any > suggestions? > or poi

Invitation to free Security Seminar in Madrid

2003-08-06 Thread Balwant Rathore
Hi fine folks, I invite you to this free security seminar. Details are as follows: Agenda * 18:00 - 18:15 - Introduction - by Balwant Rathore, CISSP, Consultant. Mahindra British Telecom Ltd. India. * 18:15 - 19:15 - Router and Firewall Attack - by Balwant

RE: Securing IIS Server

2003-08-06 Thread MeaCulpa
It kinda depends on the functionality you want to keep IIS UrlScan will protect you from various malformed URL's and you can use it to only allow (for instance) http get and http put. You can also allow some webdav commands, or entirely disable it (there is a registry key that can do the same..

Backdoor.Trojan and payload.dat

2003-08-06 Thread Lee Seidman
Heyya, Jeff, Just discovered it on one of my customer's networked laptops (Windows 2000) as well. I'll let you know if I happen to learn of a way to get rid of it (so far I've been somewhat unsuccessful on the network component). For the laptop itself, try following the procedures listed at: ht

RE: Security Policy-Please help

2003-08-06 Thread Kenneth W. Kubiak
Hey John, First of all, you're right, it's a daunting task to start a project like this - I know, I'm there right now myself. Now, I see you're finishing your Masters in Systems & Network Security (Congratulations), so please forgive me if anything I recommend/suggest is stuff you already know.

Re: Anit-Virus Software

2003-08-06 Thread Dave C
John I've had good luck with Norton Corp SAV. And if your users are a little more tech savvy, you can create a webpage for them to install their own client. Dave - Original Message - From: "John Roberts" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, August 05, 2003 3:28 PM

RE: Windows XP computer spewing packets

2003-08-06 Thread John Roberts
It turns out it was the driver. The packet counts from windows were not matching the ethereal packets, so I rolled back the drivers and everything is back to normal. Thanks for your help. John roberts -Original Message- From: Kevin O'Shea [mailto:[EMAIL PROTECTED] Sent: Tuesday, August

Re: Security Policy-Please help

2003-08-06 Thread Bennett Todd
2003-08-06T04:07:48 Kampanellis Ioannis: > Any advices? Where could I start? Big, big question. I think you start several steps before the sort of things you mentioned. The very first thing is to determine the organization's commitment. If you have a positive commitment from senior management, pr

Re: Question for all

2003-08-06 Thread Nick Bennett
don't know if this is of any help, but found it through google search : http://www.symantec.com/avcenter/venc/data/w32.randex.d.html - Original Message - From: "Morton B. Maser" <[EMAIL PROTECTED]> To: "Flory D Jeffrey Contractor 59MDSS/MSISI" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <

RE: Windows XP computer spewing packets

2003-08-06 Thread Kevin O'Shea
Just went trough the same issue here re: packet count - There was no correlation b/w the numbers of packets caught on ethereal and the local area connection status counter. Found a round-about reference at http://eu.computers.toshiba-europe.com/cgi-bin/ToshibaCSG/faq.jsp?FID=tr o001b96 Appare

Microsoft Instant Messenger

2003-08-06 Thread Shelina Samji
What are the security risks in implementing an Instant Messaging Infrastructure for internal use only? Can it be secured? ---

Re: Securing IIS Server

2003-08-06 Thread Simon Gray
>I have IIS Server in which i want to install IIS lockdown and URLScan, >i heard they are very good to protect IIS server, >are they worth installing, >and if not, is there any other tools i can use to secure my IIS ? iis lockdown is good, but i wouldn't recommend running it on a production server

RE: Securing IIS Server

2003-08-06 Thread Robinson, Sonja
Yes and tripwire for monitoring Sonja Robinson, CISA Network Security Analyst HIP Health Plans Office: 212-806-4125 Pager: 8884238615 -Original Message- From: NR [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 05, 2003 6:22 AM To: [EMAIL PROTECTED] Subject: Securing IIS Server Hi

Database of strange files

2003-08-06 Thread Di Fresco Marco
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey, I assume that this is a F.A.Q kind of question, but I am not finding any answer (at least in the first 2 results' pages of Google). Do you know any good on-line (and better if I can download off-line for reference) database for determine if som

RE: UNIX password auditing tool

2003-08-06 Thread Shane Lahey
Alec Muffett Crack :: http://www.crypticide.org/users/alecm/ > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Monday, August 04, 2003 4:39 PM > To: [EMAIL PROTECTED] > Subject: UNIX password auditing tool > > > > I have tried searches for UNIX password cr

AW: Windows XP computer spewing packets

2003-08-06 Thread Meidinger Chris
18 packets / sec when each port is being opened (meaning not in an ongoing TCP Connection, but for example in a port scan) is a good average badenIT GmbH System Support Chris Meidinger Tullastrasse 70 79108 Freiburg __ Es gibt 10 arten von Menschen auf dem Planeten, welche die Bin