your local network only, and allow connect() only to
known safe ports.
Devdas Bhagat
---
riously recommend using client side certificates as well for
authentication and authorization.
Devdas Bhagat
---
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris i
ce to spend it.
Clamav via cygwin is supposed to run on Windows.
clam is GPLed.
Devdas Bhagat
---
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of it
r logs too?
These programs are basically matching text strings. So just add your
regular expressions to their dictionary files.
Devdas Bhagat
---
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The
sibly one of pop3 (tcp/110), imap (tcp/143), pop3s(tcp/995),
imaps (tcp/995).
Also allow incoming tcp/53 and udp/53 for DNS.
Avoid using FTP, use SCP instead. Windows clients can use Winscp.
Devdas Bhagat
---
Evaluating SSL VP
t say the same about OMail
until I have seen the audit results.
http://omail.omins.ch/
OMail has been written in PHP4, so I guess that so long as you stay
patched and follow BCP w/ PHP, you should be safe.
Devdas Bhagat
-
On 30/06/03 18:23 -0400, Paul Kurczaba wrote:
> Does anyone know of a good, free Anti-Virus product for RedHat Linux.
http://clamav.elektrapo.com/
http://www.bitdefender.com/
The first is GPLed, the second is not.
Devdas Bha
ork, a Linux/Unix box with arp should
do the trick.
Devdas Bhagat
---
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InS
snort.org/ is a good place to start.
Devdas Bhagat
---
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirm
> 3) Sendmail
> 4) IIS Server
> 5) Wireless networking
Wireless networks without IPSec.
> 6) PHP
> 7) ?
Unaudited code, in any language.
r* (rsh, rcp, etc)
0) Unpatched anything*
Devdas Bhagat
---
Evalua
gt; *can* be run on a Win32 machine, which would solve your problem nicely
> once you find a consultant able to build it for you using Cygwin. Of
Prebuilt packages are available online. You can just download and
install those.
Devdas Bhagat
nd spam checking into a single scan, and it is high
performance, with a lot of flexibility.
http://www.ijs.si/software/amavisd/
Devdas Bhagat
---
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
direction, maybe a tutorial that they have found useful?
http://www.google.com/search?q=scp+invalid+shell
Devdas Bhagat
---
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group jus
to the customer. Everything except one initial file will be
encrypted, the initial file decrypts the application into memory and
runs it from there. Not entirely foolproof, but it should keep out the
people who would just copy the software.
Devdas Bhagat
ast x number of days.
Use find for that
find / -mtime x
Devdas Bhagat
---
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
whi
d applications (unless they have been
throughly audited for known bugs, and maybe even then).
Devdas Bhagat
---
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neote
http://www.google.com/search?q=smtp+auth+domino
HTH
Devdas Bhagat
---
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
ht
On 14/03/03 12:01 -0600, Nuzman wrote:
> I'm looking for a SMTP relay tester. Any suggestions?
ordb.org
maps.org
Devdas Bhagat
sion which it then remembers, this
> isnt possible as it is non-interactive in my case. Does anyone have any
> ideas or comments?
You need to give the passphrase once at boot.
Devdas Bhagat
On 04/03/03 08:24 -0500, Andrew D. Bartels wrote:
> I was wondering if the Sendmail vulnerability also affects QMail.
No. Nor does it affect postfix or exim.
Devdas Bhagat
name - - [26/Feb/2003:23:00:11 -0500] "\x05\x01" 501 -
> the.guys.hostname - - [26/Feb/2003:23:00:13 -0500] "CONNECT 207.46.181.13:25
> HTTP/1.1" 405 321
This is someone trying to use your Apache installation as a proxy to
relay spam.
The 405 error means that it has not gone through.
Devdas Bhagat
n IMAP based webmail client?
www.squirrelmail.org
www.horde.org
Devdas Bhagat
.
Oh, and use a good pair of Intel NICs, I have seen RTL chipsets failing under
load.
Devdas Bhagat
best way to set it up?
vnc + (ssh|stunnel|zeebeedee)
Linux => www.freeswan.org
OpenBSD has crypto support built in by default.
Devdas Bhagat
king for backup tools.
Devdas Bhagat
one, and how.
Use multiple rules.
192.168.0.27-192.168.0.63 = 192.168.0.32/27 + 192.168.0.28/30
+ 192.168.0.27/24
HTH
Devdas Bhagat
tening as a service when I type
> netstat -an. Any help is appreciated... a direction for information if you
netstat -anu would be more specific.
You need to start syslogd with the -r option (it doesn't listen to a UDP
socket by default, but only a local socket).
See the /etc/init.d/syslog startup script, or use yast2.
Devdas Bhagat
4 different netblocks.
Devdas Bhagat
t add much security unless you
are running a DMZ and an internal network which should not have any
access to/from the Internet.
Devdas Bhagat
with level 8 security in place.
Firewalls as a bandage for bad code are a bad idea. Properly used to
segment networks with varying security requirements, they can be useful.
Devdas Bhagat
On 27/11/02 11:55 +0530, Devdas Bhagat wrote:
> On 26/11/02 09:20 -0800, jh wrote:
> > Having never set one up before and only having a little knowledge of linux
> > where can I go to get a basic tutorial that just covers firewalls and linux.
> http://www.linuxguruz.org/iptab
On 26/11/02 09:20 -0800, jh wrote:
> Having never set one up before and only having a little knowledge of linux
> where can I go to get a basic tutorial that just covers firewalls and linux.
http://www.linuxguruz.org/iptables/howto/iptables-HOWTO.html
http://www.google.com/search?q=iptables+howto
S
On 25/11/02 13:53 -0800, Fred Hoot wrote:
> We have outlawed all instant messaging products and purchased a private
> messaging software (Active Messenger). It is internal and can be accessed
> via our VPN connections between offices.
Any reason not to use Jabber?
Devdas Bhagat
on of the rule.
The default rule in this case was a redirect, but could easily become a
DROP.
I hope this helps.
Devdas Bhagat
tomatically
from a database.
Devdas Bhagat
On 01/11/02 15:51 -0300, Pablo Gietz wrote:
> DO you know if FTP (standard) login process is maked in clear text?
Yes. As is telnet. And the r* services
Devdas Bhagat
> glanced over the website, and didn't see anything about SSH, SSL, or
Webmin will use SSL if Net::SSLeay is installed. Pick it up from cpan.
Devdas Bhagat
ident Response-Investigating Computer
Crime" which tells you what is expected, and how to deal with incidents
(policies, pre-incident preparation, incident response). My only
complaint with this book is that it is rather US centric, but is fairly
broad
Devdas Bhagat
h I trace to something called=20
169.254/16 is the block to be used by a network interface when it cannot
contact its dhcp server.
> Anybody has an idea about what this can be.
You have File and Print sharing enabled.
Devdas Bhagat
t the coders). You could probably develop an inhouse
client in a week or two.
Email may contain spam, HTML, viruses... I would suggest something like
demime to strip everything except plain text from the email. This is the
safest way to deal with MIME (get rid of it).
Hope this helps a bit.
Devdas Bhagat
$sudo vim
:!sh
#
is an easy way to get a root shell without ever using the root
password.
Devdas Bhagat
002
You aren't looking for connections being initiated from your box, but
all connections to port 2002/tcp. I suggest that the tcp rules be
modified to look for the initial SYN bit set too, or you upgrade to
iptables.
You are probably looking at a webserver response to a perfectly normal
query.
Devdas Bhagat
hat your
protection has gone from key based to password based.
See man 1 ssh-agent for a way of handling your pass phrases relatively safely.
Devdas Bhagat
ne and user level.
So there really will be no major change in the scripts, except for the
first time key exchange. Once the keys are set up properly, you can just
ssh user@remotehost or scp user@remote:/path/to/file /path/to/local or
the other way round. There should be no major script change, excep
s is this;
>
> On an internal network that is switched (making sniffing harder) is it
> worth going to SSH and SCP??
http://ettercap.sourceforge.net/
Devdas Bhagat
d but its filtering capabilities are
rather useful)
Devdas Bhagat
versations).
If you are worried about TLS, put in your own proxies and install your
own certificates on the clients. This should allow you to perform a MITM
and see plain text traffic on the proxy.
Devdas Bhagat
m. This has
been covered earlier.
There is a firewalls list: [EMAIL PROTECTED]
http://lists.gnac.net/firewalls
Devdas Bhagat
portscanner around. Read the source.
Devdas Bhagat
centrate on one) , which one would it be and why?
A firewall with good antispoofing rules, and blocks for common attacks
with a default DENY policy, backed up with fully patched systems and
local firewalls with very strict policies.
Devdas Bhagat
On 07/01/02 19:45 -, Greg wrote:
>
>
> I was wondering what everyone is doing for network
> based intrusion detection? I am looking for
http://www.snort.org should help a lot.
Devdas Bhagat
dows NT/2K,
http://windowsupdate.microsoft.com for the rest. I suggest monitoring
bugtraq and using a few good scripts to do this for you (I suggest
wget+sh).
More details on what you are looking for would of course help a lot
more.
Devdas Bhagat
ervers should be in the internal network.
Hope this helps
Devdas Bhagat
On 18/12/01 23:41 -, Securitynews wrote:
> Is there such thing as POP3 proxying. Does anyone know of an application
> for this?
http://perdition.sourceforge.net
cyrus imapd ships with its own proxy servers.
Devdas Bhagat
ssible to spoof the SMTP headers. but you would still want to
check first that you don't have a spam source somewhere.
Devdas Bhagat
e this even worse.
If you are considering something like hailstorm, this multiplies the
security problems by quite a few orders of magnitude.
Hope this helps,
Devdas Bhagat
On 20/11/01 09:17 +1100, Matt LYNCH wrote:
> risk. Does anyone else remote admin inside a DMZ and if so how??
VNC over ssh works. Am in the process of implementing it. Both are free.
Devdas Bhagat
olution for this problem,i know the question
> may sound utopic but i really need to make this box "deamonless".anyone ?
Put up a different machine as a mail server?
More details about your setup and requirements would help.
Devdas Bhagat
--
No cat has eight tails
A cat has one tail
me to catch (and display)all the content of an IP packet. Sniffers !?
> Thank you in advance !
I would say that you need a sniffer. tcpdump/tethereal from the CLI, and
ethereal if you want a GUI.
Devdas Bhagat
eah, I don't have verisign certificates in my browsers any longer,
because I don't trust them.
In Applied Cryptography terms, Trent is no longer a trusted third party.
Devdas Bhagat
On 05/10/01 13:05 -0700, Jay D. Dyson wrote:
> The best suggestion I can give you is to abandon Win2K and load
> either Solaris x86 or Linux and use Qmail.
Or postfix on either OS, or on FreeBSD. Easier to drop in place than
qmail too.
Devdas Bhagat
;.
Hybris? Update your antivirus/download a new version of
Norton/Trendmicro from the net and use that to clean your system.
Devdas Bhagat
--
God is an atheist
f you can do port mirroring to the monitoring machine, try ntop, with
both pcap and ntop from CVS.
Devdas Bhagat
--
Hello... IRON CURTAIN? Send over a SAUSAGE PIZZA! World War III?
No thanks!
le of the core OS design.
Agreed
Devdas Bhagat
sible to make anything foolproof because
fools are so ingenious. Keep that in mind as well.
Devdas Bhagat
--
Force has no place where there is need of skill.
-- Herodotus
permissions also make it pretty
much a nightmare in an untrusted network.
On the other hand, most *nix systems give the administrator far more
control over what the system does. They don't try to do the right thing
irrespective of what the admin says. So that line shoule be read as
*nix machin
r, and
easier to upgrade and maintain than a hardware firewall.
My recommendation would be to go with what you can secure properly and
fits in your budget.
Devdas Bhagat
--
Power corrupts. And atomic power corrupts atomically.
he IP packet.
There were some benefits earlier, but no longer.
Hope this helps.
Devdas Bhagat
--
Don't compare floating point numbers solely for equality.
68 matches
Mail list logo