Re: cracking tool named 'nc' ?

Hi Matt, sounds like netcat, whos binary is "nc". Not sure if its too obvious? run strings against the binary and see the output. If the output ends with- options: -g gateway -G num -h and so on, then its netcat. cheers Ivan Coric IT Technical Security Officer Information Technology

Re: Question for you all

fault, such as lsof, nmap, tcpdump, tcpwrappers, sudo, ssh, xinet.d etc.. all must haves for any box. cheers Ivan Coric IT Technical Security Officer Information Technology WorkCover Queensland Ph: (07) 30066414 Fax: (07) 30066424 Email: [EMAIL PROTECTED] >>> exon <[EMAIL PROTECTED]&

Re: Part 2 - Best tools to put on Linux Laptop

Hi Tim, check out www.insecure.org/tools.html and all life's questions will answered. cheers Ivan Coric IT Technical Security Officer Information Technology WorkCover Queensland Ph: (07) 30066414 Fax: (07) 30066424 Email: [EMAIL PROTECTED] >>> "Potter, Tim" <[EMAIL P

Re: Firewall on server itself

Great idea, I do it all the time. As iptables is stateful, you can configure the script to disallow all outgoing connections and only allow http, https is you use it and ssh for management. Don't forget to get the web server to remotely log its syslog, for a rock solid audit trail. cheers Ivan >>

Re:RE : suggestions on a good firewall

r and yes, I use both products and yes again, both are good. -- Daniel Bourque BlackBerry -Original Message- From: Ivan Coric <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>; [EMAIL PROTECTED] <[EMAIL PROTECTED]>; [EMAIL PROTECTED]

RE: suggestions on a good firewall

cols detect. There is no dynamic ACL creation possible. The PIX is not a true application level firewall. I can send NETCAT traffic over HTTP and the PIX will never know. Whereas the Checkpoints and Raptors can detect anomalies in traffic, and act on them. --Chris -Original Message-

Re: Firewall recommendations?

a packet filter, use iptables its stateful. You really need to know what yr doing with this, its no easy task, but its free! If you want any further info contact me off list cheers Ivan Coric IT Security Officer Information Technology WorkCover Queensland Ph: (07) 30066414 Fax: (07) 30066424

Re: Email headers

Hi Marty, I could try to write out an explanation but I don't have the time and will refer you on to some good web sites. http://www.stopspam.org/email/headers/headers.html http://www.uic.edu/depts/accc/newsletter/adn29/related.html cheers Ivan Coric IT Security Officer Inform

Re: Read Only Ethernet Cable

Hi Naman, I'll send you a pdf off list, it has diagrams as well. If anyone else is interested, I'd be happy to send it to them. cheers Ivan Coric IT Security Officer Information Technology WorkCover Queensland Ph: (07) 30066414 Fax: (07) 30066424 Email: [EMAIL PROTECTED] >&g

Re: Setting up an IDS system

'll have a great IDS/sniffer that will teach you about your internal network, help with troubleshooting and give you an idea of what goes on there. Can be a very inexpensive box, P200, 128mb RAM, 20G HD would do just nicely. cheers Ivan Coric IT Security Officer Information Technology Wor

RE: Need recommendations about IDS Systems

Hi Mike, http://www.snort.org/dl/binaries/1.9.0/Snort-1.9.0-win32.exe cheers Ivan Coric IT Security Officer Information Technology WorkCover Queensland Ph: (07) 30066414 Fax: (07) 30066424 Email: [EMAIL PROTECTED] >>> "Mike Heitz" <[EMAIL PROTECTED]> 01/29/03 12:18a

RE: Need recommendations about IDS Systems

Hi Jenn take a look at snort, but also consider ACID http://www.cert.org/kb/acid/ Have multiple snort sensors logging to a mysql DB and use ACID to view it via a web browser. Its great! cheers Ivan Coric IT Security Officer Information Technology WorkCover Queensland Ph: (07) 30066414 Fax: (07

Re: Associating Windows Processes to TCPIP Ports?

Hi, It is actually "fport" by foundstone. http://www.foundstone.com/knowledge/proddesc/fport.html cheers Ivan Coric IT Security Officer Information Technology WorkCover Queensland Ph: (07) 30066414 Fax: (07) 30066424 Email: [EMAIL PROTECTED] >>> "Richard H. Cotterell&qu

Re: Understanding Firewall-1 Configs

ail scanner >|/\ >|<-|-snort ids sensor >V > Core Switch (Cisco)---Frame Relay Connection cheers Ivan Coric IT Security Officer Information Technology WorkCover Queensland Ph: (07) 30066414 Fax: (07) 30066424 Email: [EMAIL PROTECTED] >>> theog &

Re: syslog server- how to on Linux

/messages cheers Ivan Coric IT Security Officer Information Technology WorkCover Queensland Ph: (07) 30066414 Fax: (07) 30066424 Email: [EMAIL PROTECTED] >>> "netsec novice" <[EMAIL PROTECTED]> 12/14/02 06:34am >>> I'm hoping I don't generate flames b

Re: Company Firewall's IP Address

10.0.0.0 10.0.0.110.0.0.2 172.22.1.1 172.22.1.20 internal intFW interface NAT address of proxy (no real address used to protect the innocent) cheers Ivan Coric IT Securit

Re: Ports->Process on Win NT/2k

age help /p sort by port /a sort by application /i sort by pid /ap sort by application path For updates visit: www.foundstone.com Ivan Coric IT Security Officer Information Technology WorkCover Queensland Ph: (07) 30066414 Fax: (07) 30066424 Email: [

RE: Penetrating a reverse proxy

Some more info on Rproxy's http://www.ists.dartmouth.edu/IRIA/projects/jeanne.htm http://developer.netscape.com/docs/manuals/proxy/adminux/revpxy.htm http://home.ie.cuhk.edu.hk/~msng0/twhttpd/ http://www.monkeys.com/security/proxies/ cheers Ivan >>> "David Cullen" <[EMAIL PROTECTED]> 05/23/

Re: Mail server

il server | | | \/ mail server DMZ Kind Regards Ivan Coric IT Security Officer Information Technology WorkCover Queensland Ph: (07) 30066414 Fax: (07) 30066424 Email: [EMAIL PROTECTED] >>> Imraan Kadir <[EMAIL PR

Re: Kazaa/altnet/Brilliant Digital

04/26/1019441306209.html Regards Ivan Coric IT Security Officer Information Technology WorkCover Queensland Ph: (07) 30066414 Fax: (07) 30066424 Email: [EMAIL PROTECTED] >>> "DeBerry, Casey" <[EMAIL PROTECTED]> 04/30/02 01:52am >>> Anyone heard anything technically rel