Automating patch deployment

workstation and server. We use Windows NT, 2000 and XP workstation products, and NT4.0/2000/2000 Adv server products. Thank You, George K. Peek Network Specialist Allstate Ticketing ---

RE: Question for all

replace any files that are not curable (if any) from a floppy or i386 cache. Good Luck, George -Original Message- From: McCleskey, David [mailto:[EMAIL PROTECTED] Sent: Friday, August 01, 2003 10:03 AM To: 'Flory D Jeffrey Contractor 59MDSS/MSISI' Cc: Security Basics (E-mail) Subject: RE

RE: Can you monitor copying of files from local or mapped drives?

Try tripwire It's builds headers on what is installed in ure box and any changes will be mailed to root or/and and email address. -Original Message- From: David Sherman [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2003 12:31 PM To: [EMAIL PROTECTED] Subject: Can you monitor copying

RE: SSH port forwarding not working?

Make sure you check out tightVNC as it is deffinetly much faster and stable (more secure?). -Original Message- From: David Kellaway [mailto:[EMAIL PROTECTED] Sent: Friday, July 18, 2003 8:39 AM To: Security-Basics Cc: Koji Nobumoto Subject: Re: SSH port forwarding not working? Hi all,

RE: Continued probing with source IP 10.x.x.x

Try ethereal for packet inspection/capture -Original Message- From: Paul Benedek [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003 10:08 AM To: 'Justin Pryzby'; 'Damon McMahon' Cc: [EMAIL PROTECTED] Subject: RE: Continued probing with source IP 10.x.x.x Hi, To ensure that you are

RE: log monitoring tool against router?

Check out Kiwi Syslog Deamon (Freeware) for capturing events from routers, firewalls, etc.. UDP/TCP/SNMP capable. Works great with Cisco equipment, and supports SQL. http://www.kiwisyslog.com/ -Original Message- From: Devdas Bhagat [mailto:[EMAIL PROTECTED] Sent: Thursday, July 03, 2003

RE: What is this port? is it a trojan?

SVCHOST.EXE - Your services execute under this process http://www.jsiinc.com/SUBJ/tip4600/rh4660.htm -Original Message- From: Hyperion [mailto:[EMAIL PROTECTED] Sent: Monday, June 30, 2003 5:33 PM To: Security Basics Mailing List; Uwe Röhl Subject: RE: What is this port? is it a trojan?

RE: What is this port? is it a trojan?

You can tell what application/service/dll is using the port in question. FPort will help you do that. Good luck. http://www.foundstone.com/index.htm?subnav=resources/navigation.htmsubconte nt=/resources/proddesc/fport.htm -Original Message- From: Hyperion [mailto:[EMAIL PROTECTED] Sent:

RE: Digital Evidence Question - What is an effective Windows hard -disk search tool?

If the drive was formatted format c:/u the data is gone. -Original Message- From: Clayton Hoskinson [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 24, 2003 6:31 PM To: 'Robinson, Sonja'; [EMAIL PROTECTED] Subject: RE: Digital Evidence Question - What is an effective Windows hard -disk

Separate firewall/VPN, or integrated? References appreciated

Are there any authoritative references on the subject of combining firewall and VPN server functionality (i.e. Nokia/CheckPoint) versus separate devices (i.e. Cisco PIX, VPN3000)? There's plenty of vendor-speak, and I've got my own ideas about KISS and firewalls, but it's nice to have a

Re: Strange port Activity

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q204279 Muhammad Faisal Rauf Danka wrote: I think It's prolly some DDos Agent or some Backdoor. It's not a registered port for any service. Be Very Paranoid about it. Regards, - Muhammad Faisal Rauf Danka Chief

Re: Restricting cmd.exe access

In-Reply-To: [EMAIL PROTECTED] That is a good point, a shell could be initated fairly quickly without having to touch the executable -Curious G. as i said, any exploit will be in shellcode anyway, so it is just a quick system() call.

Restricting cmd.exe access

This is a slight off shoot of the scary site post. What are the potential ramifications of restricting system access to cmd.exe? My thought is with all the MS exploits that are gaining access via some service running in the system context, this would be a great way to mitigate the

Re: Unclassified Disk Sanitizers

with this? Thank you! Connie -- This is your world ... you can live for yourself today or help build tomorrow for everyone. -- VNV Nation, Foreward * * George 'Chip' Smith*Lawrence Berkeley Lab* * [EMAIL

Re: [CISSPStudy_1] PIX testing

Actually now would seem a good time to develop your own best procedure. Use all of the common auditing priciples, research any weak points of the PIX, the version of code they are running and even scan it if you wish. The following link has a free scanner. http://www.gfi.com/languard/

Re: Firewall: a basic question

Hi, What you are talking about is a Filtering Bridge. This device is basically an intelligent bridge, where only one interface is configured and the other isn't (in ifconfig). Because the machine is a bridge, all data is duplicated onto the second unconfigured interface, thus you have two

Re: Passwords On Paper

More important passwords for me is a list of logins and passwords figuring only in my head. I use them in various configurations, and I don't care what confiration is right. When I need to log-in somewhere While remembering passwords is one thing and for some people very simple, it is

RE: Spoofed Norton Update URL?

EXE) So, putting 2 and 2 together made me wonder. Evidently though LUUPDATE.EXE is a ligit file. Go figure. And thanks for pointing out the above site too, very cool and will come in handy. George "Man performs, engenders so much more than he can or should have to bear. That’s how he finds that

SAM Auditing Tool

I am looking for a tool that will tell me the last time a user has logged in to any server in the domain and other SAM stats. Does anyone know of one(Free or otherwise)?