Since you are calling this a secure web server, I'd use iptables to block
incoming traffice to all ports that you don't explicitly allow, fewer
surprises that way. Being paranoid isn't all bad.
Regards,
Gene
-Original Message-
From: Anish Basu [mailto:[EMAIL PROTECTED]
Sent: Tuesday, Jun
]
Sent: Friday, June 20, 2003 1:20 PM
To: 'Gene LeDuc'
Cc: [EMAIL PROTECTED]
Subject: RE: Digital Evidence Question - What is an effective Windows
hard -disk search tool?
Since this is what I do for a living, security incident response handling
and computer forensic investigations, I am
Since all you did was copy/paste from the web site, I think it's fair to ask
what your experience with this product has been.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 19, 2003 4:30 PM
To: 'Wilcox, Stephen'; 'Ansgar Wiechers';
[EMAIL PROTECTE
To: [EMAIL PROTECTED]
Subject: RE: Digital Evidence Question - What is an effective Windows
hard -disk search tool?
:-Original Message-
:From: Gene LeDuc [mailto:[EMAIL PROTECTED]
:Sent: Wednesday, June 18, 2003 6:20 PM
:To: 'Wilcox, Stephen'
:Cc: [EMAIL PROTECTED]
:Subject: RE
If all you want to do is recover the info, you can attach the hard drive to
a linux box and mount the NTFS partition. From that point you can browse
the NTFS file system and copy any files you want. Depending on the flavor
and version of linux, you may have to load an NTFS driver; I believe
sourc
Hi Geoff,
It's your ISP not wanting the extra pain of a non-standard installation.
Having the router block incoming packets from your address block and those
addressed to your broadcast address means your firewall can spend its CPU
time dealing with trickier rules. If your company doesn't do busi
Let's take 2 machines, A and T. A is the attacker and T is the target. We
can use B as the bogus (spoofed) source address.
A sends a SYN packet to T with B's address as the source to open a TCP
connection. Any sequence number will work in this packet.
T receives the bogus packet, increments A'
Sorry to be blunt, but someone who doesn't understand the difference between
UDP and TCP should not even consider setting firewall rules. You need to
buy a decent beginners level book on networking that covers tcp/ip
fundamentals.
-Original Message-
From: Roberto Ramsis [mailto:robertoram
Yes, standard ftp is all clear text.
-Original Message-
From: Pablo Gietz [mailto:pablo.gietz@;nuevobersa.com.ar]
Sent: Friday, November 01, 2002 10:52 AM
To: [EMAIL PROTECTED]
Subject: Ftp Login
Hi list
DO you know if FTP (standard) login process is maked in clear text?
thanks
Pablo
I've had great success using mailscanner (www.mailscanner.info) with sophos
on my RH server. Another pretty popular a/v product to use with mailscanner
is f-prot; it's significantly less expensive than most of the other
commercial a/v products for use on a mail server. Mailscanner is also
pretty
10 matches
Mail list logo
