MRTG is right on target and can run on Windows as well as almost every
other OS. I have specifically written a beginners guide to MRTG on
Windows entitled MRTG for Dummies - http://www.netmon.org
Jim Hunt
Network Systems Engineer
Northwestern School Corporation
Technology Department
Network
that is created? I read that IRC Flood will send messages
alerting IRC users that a computer is compromised. But to what extent
is an actual backdoor created?]
Jim
-Original Message-
From: Piyush Bhatnagar [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 09, 2003 8:36 PM
To: [EMAIL
this make sense?
I am unfamiliar with nmap calling anything local or remote.
Sorry about that, what it really said was:
Host (192.168.1.255) seems to be a subnet broadcast address (returned
1 extra pings). Skipping host.
I guess I should have read it a little slower.
Jim
show up in the routing table, netstat, etc.?
Thanks,
Jim
---
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has
insert the Boot Disk, and the loader menu will appear, and you can boot
as normal.
Also, the boot.ini file is simply a small text file, and has nothing to
do with the NIC (although an unexpected reboot may have deleted the
boot.ini file somehow).
Jim
-Original Message-
From: Ansgar Wiechers
gateway.
That's what I do.
Jim Tuttle
Willamette ESD
Network Security Analyst
-Original Message-
From: Jesper Sobol [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 04, 2003 6:30 AM
To: [EMAIL PROTECTED]
Subject: Is Citrix safe?
As far as I know, Citrix is based on SSL which
all I can think of this early in the morning.
Jim Hunt
Network Systems Engineer
Northwestern School Corporation
Technology Department
Network Monitoring Tools Tutorials
http://www.netmon.org
Featured in Network Computing Magazine
-Original Message-
From: Kristofer Mcconnell [mailto
the research,
send out RFPs to get vendors to respond to your needs, then decide on the
best course of action. Offloading the specs to a vendor seems like a wise
way to go in your case. And remember to trust but verify.
Hugh [Jim] Miller
979/777-9546
[EMAIL PROTECTED]
Think globally
Act locally
Live
I have heard that testing at ORDB is not a good thing if you think you
are open. They add tested systems to the blacklist which then can make
life miserable in the long run. Test someplace that doesn't auto
blacklist you.
Jim Hunt
Northwestern School Corporation
Technology Department
Antivirus software on the box but did due a
full scan using the online scan from Trend Micro and it came up clean so
no Trojans were dropped.
Please note this was not a scientific study but something born out of
boredom by myself. Stay Secure!
Jim Hunt
Microsoft Certified Systems Engineer
Network Probe is a great little tool and is available for free on almost
any platform.
http://www.netmon.org/tools.htm#Sniffers
Jim Hunt
Microsoft Certified Systems Engineer
Northwestern School Corporation
Kokomo, Indiana
-Original Message-
From: Sedat DOGRU [mailto:[EMAIL PROTECTED
Turn off netbious completely.
Disable Client for Microsoft Networks.
INSTALL a linux distro :)
---
CONFIDENTIALITY NOTICE: This email and any attachments are for the
exclusive and confidential use of the intended recipient. If you are not
the intended recipient, please do not read, distribute
Are any of you aware of a tool that will allow an administrator to analyse
log files and produce statistics based on the log content. I want to see
what sites have been accessed, how many times etc.
I want something preferably in real time with a gui/html interface. If it
was
Does anybody know of any good locations online to purchase old 486
machines
or low end Pentium machines for use as a Firewall and/or IDS?
ebay, computer office equip, search for pentium 2 finds a few
Jim Colten
System Technical Support
Central Computing Operations
Suite 660 WBOB
University
Steve,
The following should turn this feature off:
ToolsInternet OptionsContentAuto Complete
Uncheck the checkboxes as desired for:
Web Addresses
Forms
User Names Passwords
Jim
- Original Message -
From: steve baker [EMAIL PROTECTED]
To: [EMAIL
have ignored
them.
-Jim
David Greenstein wrote:
How legal is the use of the SSN for authentication. My understanding
is that the SSN is to be used by state and federal government only
Please, any legal expert, help us to understand the issue
Thank you
-Original Message-
From: Jim
We are currently considerring the limited use of employee's Social Security
numbers to authenticate them when they request a password reset from the
Help Desk. We have chosen two items (in total) for authenticating them:
their employee # and the last 4 digits of their SS#. Only the last 4
, but some of those
certifications require relevant work experience. That's what I lack. What
are the ways that I can get some practical experience when not directly
employed by a firm doing forensic work?
Any suggestions would helpful.
Thanks.
Jim
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I would say that you should run the web server on the Operating system
that you are most familiar with in an environment that you are most
familiar with. If you are a Windows administrator, then you will run
the risk of misconfiguring a UNIX box and
md5sum on each one,
piping the output of md5sum into a file called md5sums-for-FOODIR. This
file is in the format accepted by md5sum -c, so you can now easily check
FOODIR against the stored sums by doing:
md5sum -c md5sums-for-FOODIR
Have fun,
-Jim
Hi John,
Are your saying that you have or are thinking of configuring
your firewall to filter out packets with non-privileged ports in the
*source* address? If you could I would think this would shutdown
a great deal of incoming traffic!! This is not what you want.
Jim Grossl
Boise, Idaho USA
between Internet traffic and local traffic. But it
give you some clues to follow.
The other option is to use a network sniffer and filter out traffic.
Sniffer Pro is very good and you can get a full 30 day version to try. Good
luck!
Jim Hunt
Microsoft Certified Systems Engineer
Northwestern
the fight so now I have to move on and implement.)
Jim Hunt
Microsoft Certified Systems Engineer
Northwestern School Corporation
IIRC, it does not accept remote mail requests. It is used internally
only, to mail information from crontab to root regarding errors, etc.
Jim Swanson
Erik Parker wrote:
Perhaps it's because of old thinking. I don't run OpenBSD... so I can't
say for sure, but I imagine sendmail isn't running
What about end people that need web based access to their mail server such
as Outlook Web Access? A simple gateway (with virus scanning) doesn't do
the trick.
What is the preferred way for that set up (on a limited budget)?
Jim Hunt
Microsoft Certified Systems Engineer
Northwestern School
anything that
stood out as an obvious problem.
What were the values of the numbers?
Best of luck in figuring this out,
Jim
- Original Message -
From: Nathan Anderson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, May 09, 2002 2:01 AM
Subject: Possible ZoneAlarm 3 Problem???
I
Craig,
Try the following:
Carnegie Mellon Pronouncing Dictionary
http://www.speech.cs.cmu.edu/cgi-bin/cmudict
This is basically a delimited list of 100,000+ mainly-English words
followed by the phonic representation of those words.
Hope this helps,
Jim
- Original Message
alerts. This is great if your e-mail server goes down.
I like the Hermes server which is free.
(http://www.alixoft.com/Software/hermes.htm)
Jim Hunt
Microsoft Certified Systems Engineer
Northwestern School Corporation
-Original Message-
From: Robert Bailey [mailto:[EMAIL PROTECTED]]
Sent
IIRC, my MCSE instructor did this (as in, removed the start button) to
my class during the Windows 95 class, using policies. Seeing how most
people took the NT Workstation class/test, and not the 95 class/test,
you wouldn't know it, but it can be done.
Jim Swanson
Dennis Bauer wrote
Craig, why? Why are you going through so much work to do this? Is there
some compelling or underlying security concern? (any more so that java
enabled browsers?)
-Jim P.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 11, 2002 2:25 PM
pretty sure Pegasus does not.
Jim Grossl
Boise, Idaho USA
-Original Message-
From: Enquiries [mailto:[EMAIL PROTECTED]]
Sent: Sunday, March 10, 2002 12:12 PM
To: [EMAIL PROTECTED]
Subject: pegasus mail v eudora
Could you please advise what security issues I should watch out for and
which
Don't forget dig, host, and ssh
-Jim P.
-Original Message-
From: Bejon Parsinia [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 05, 2002 6:46 PM
To: 'Pradeep Pillai'; [EMAIL PROTECTED]
Subject: RE: Security Engineers Field Tool Kit
I'd add the following:
-ListServ
security
process.
Jim
-Original Message-
From: leon [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 25, 2002 1:18 PM
To: 'Dave Mee'; [EMAIL PROTECTED]
Subject: RE: Cisco security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I would like to point out that the certification is valid for only
.
Domingos Costa
Jim Boyer
Systems Programming Professional
College of Agriculture and Home Economics
Washington State University
Get the Entercept/Cisco Host based IDS. Excellent product.
-Original Message-
From: jason [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 04, 2002 11:05 AM
To: [EMAIL PROTECTED]
Subject: Server IDS?
Does anyone know of any server level IDS products, such as tripwire,
that exist for
been trying to get a hold of UUNet/Worldcom, who is our ISP, to no
avail. Thanks for any advice.
Jim Swanson
You might want to take a look at Tiny Software's enterprise solution,
Securitae.
http://www.securitae.com/home/securitae?s=1791383710291873314A0la=ENva=pg
=prod_home
-Original Message-
From: Lariviere, Stephen [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 24, 2002 10:00 AM
To:
go to http://housecall.antivirus.com and scan your computer. it will
tell you what the virus is and will clean it if possible.
-Original Message-
From: Daniel Pope [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 22, 2002 5:49 PM
To: [EMAIL PROTECTED]
Subject: I've been hurt by an
murder, because of 15 or so .ida
Attempted Administrator Privilege Gain attacks,
so the fun never ends.
Grep, hmmm, seems I've heard that apps name
before... :)
Jim Grossl
Lee Pesky Learning Center
Boise, Idaho USA
-Original Message-
From: Bill Walls [mailto:[EMAIL PROTECTED
security
patches (all patches period for that matter, I'm paranoid).
Jim Grossl
Lee Pesky Learning Center
Boise, Idaho USA
-Original Message-
From: Andrew Blevins [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 16, 2002 11:14 AM
To: Jim Grossl
Subject: RE: IIS log files, can I have
know what a buffer overflow is.
It was my impression that a file traversal
was a flaw in the way IIS dealt with strings
representing directory paths.
Jim Grossl
Lee Pesky Learning Center
Boise, Idaho USA
-Original Message-
From: Ravila White [mailto:[EMAIL PROTECTED]]
Sent: Wednesday
Hi Todd, the machine is patched. I am not however running
the URL Scan filter. But the server is issuing 400 level
error messages, and I cannot find any abnormal processes
or open ports (using fport).
BTW, I see allot of these also, but last weekend was
the pits!
Jim Grossl
Lee Pesky Learning
server would attempt to make such a connection. Have I been
rooted?
Source ports do not map the destination ports - they are selected at
random from any available. There is no reason think you've been hacked,
on this evidence.
Do your logs show the originating ip?
-Jim
by most firewalls?
I guess I had not thought much about it, but had I,
I would have assumed that there was a more sophisticated
method being used; although I do realize that there is
probably no way to know just what program is probing a
given port.
Jim Grossl
Lee Pesky Learning Center
Boise, Idaho
Microsoft just can't win... They get so much flak from people for having
an insecure product that lets users choose to run trojaned .EXE files,
so they grudgingly make the change, and they are suddenly big brother.
Oy!
Where was Outlook was blamed for allowing someone to manually execute an
Thanks everone for your help.
I think I will be trying out Ethereal. It looks real good.
Quick question: Does anyone have a website that lists a few standard, or
newbie filters?
This would really help.
Thanks again
Jim
- Original Message -
From: Jim Gaudet, MCSE [EMAIL PROTECTED
46 matches
Mail list logo
