workstation and server. We use Windows NT, 2000 and XP
workstation products, and NT4.0/2000/2000 Adv server products.
Thank You,
George K. Peek
Network Specialist
Allstate Ticketing
---
replace any files that are not curable (if
any) from a floppy or i386 cache.
Good Luck,
George
-Original Message-
From: McCleskey, David [mailto:[EMAIL PROTECTED]
Sent: Friday, August 01, 2003 10:03 AM
To: 'Flory D Jeffrey Contractor 59MDSS/MSISI'
Cc: Security Basics (E-mail)
Subject: RE
Try tripwire
It's builds headers on what is installed in ure box and any changes will be
mailed to root or/and and email address.
-Original Message-
From: David Sherman [mailto:[EMAIL PROTECTED]
Sent: Monday, July 28, 2003 12:31 PM
To: [EMAIL PROTECTED]
Subject: Can you monitor copying
Make sure you check out tightVNC as it is deffinetly much faster and stable
(more secure?).
-Original Message-
From: David Kellaway [mailto:[EMAIL PROTECTED]
Sent: Friday, July 18, 2003 8:39 AM
To: Security-Basics
Cc: Koji Nobumoto
Subject: Re: SSH port forwarding not working?
Hi all,
Try ethereal for packet inspection/capture
-Original Message-
From: Paul Benedek [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 10:08 AM
To: 'Justin Pryzby'; 'Damon McMahon'
Cc: [EMAIL PROTECTED]
Subject: RE: Continued probing with source IP 10.x.x.x
Hi,
To ensure that you are
Check out Kiwi Syslog Deamon (Freeware) for capturing events from routers,
firewalls, etc.. UDP/TCP/SNMP capable. Works great with Cisco equipment, and
supports SQL.
http://www.kiwisyslog.com/
-Original Message-
From: Devdas Bhagat [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 03, 2003
SVCHOST.EXE - Your services execute under this process
http://www.jsiinc.com/SUBJ/tip4600/rh4660.htm
-Original Message-
From: Hyperion [mailto:[EMAIL PROTECTED]
Sent: Monday, June 30, 2003 5:33 PM
To: Security Basics Mailing List; Uwe Röhl
Subject: RE: What is this port? is it a trojan?
You can tell what application/service/dll is using the port in question.
FPort will help you do that. Good luck.
http://www.foundstone.com/index.htm?subnav=resources/navigation.htmsubconte
nt=/resources/proddesc/fport.htm
-Original Message-
From: Hyperion [mailto:[EMAIL PROTECTED]
Sent:
If the drive was formatted format c:/u the data is gone.
-Original Message-
From: Clayton Hoskinson [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 24, 2003 6:31 PM
To: 'Robinson, Sonja'; [EMAIL PROTECTED]
Subject: RE: Digital Evidence Question - What is an effective Windows
hard -disk
Are there any authoritative references on the subject of combining
firewall and VPN server functionality (i.e. Nokia/CheckPoint) versus
separate devices (i.e. Cisco PIX, VPN3000)? There's plenty of
vendor-speak, and I've got my own ideas about KISS and firewalls, but
it's nice to have a
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q204279
Muhammad Faisal Rauf Danka wrote:
I think It's prolly some DDos Agent or some Backdoor.
It's not a registered port for any service.
Be Very Paranoid about it.
Regards,
-
Muhammad Faisal Rauf Danka
Chief
In-Reply-To: [EMAIL PROTECTED]
That is a good point, a shell could be initated fairly
quickly without having to touch the executable
-Curious G.
as i said, any exploit will be in shellcode anyway, so
it is just a quick
system() call.
This is a slight off shoot of the scary site post. What
are the potential ramifications of restricting system
access to cmd.exe? My thought is with all the MS
exploits that are gaining access via some service
running in the system context, this would be a great
way to mitigate the
with this?
Thank you!
Connie
--
This is your world ... you can live for yourself today or
help build tomorrow for everyone. -- VNV Nation, Foreward
*
* George 'Chip' Smith*Lawrence Berkeley Lab*
* [EMAIL
Actually now would seem a good time to develop your own best procedure.
Use all of the common auditing priciples, research any weak points of
the PIX, the version of code they are running and even scan it if you
wish. The following link has a free scanner. http://www.gfi.com/languard/
Hi,
What you are talking about is a Filtering Bridge. This device is basically
an intelligent bridge, where only one interface is configured and the other
isn't (in ifconfig). Because the machine is a bridge, all data is
duplicated onto the second unconfigured interface, thus you have two
More important passwords for me is a list of logins and
passwords figuring only in my head.
I use them in various configurations, and I don't care
what confiration is right. When I need to log-in somewhere
While remembering passwords is one thing and for some people very simple, it
is
EXE)
So, putting 2 and 2 together made me wonder. Evidently though LUUPDATE.EXE is a ligit file. Go figure.
And thanks for pointing out the above site too, very cool and will come in handy.
George
"Man performs, engenders so much more than he can or should have to bear. Thats how he finds that
I am looking for a tool that will tell me the last time a user has logged in
to any server in the domain and other SAM stats. Does anyone know of
one(Free or otherwise)?
19 matches
Mail list logo