Most likely it is dame ware www.dameware.com and you will find this as a
staple in most of the win32 rootkits these days. This is a great remote
administration tool that can be installed quietly and runs without end
user knowledge, it can also be used to view and take control of a box,
installation
IP spoofing has been around a long time so I'd say the answer is yes. Do a
search on Google on IP spoofing and you should be able to find all you need
to know.
Sean
- Original Message -
From: "Meritt James" <[EMAIL PROTECTED]>
To: "Hanuska Ivo" <[EMAIL
t know many HIPAA experts and the
information is kind of vague but try to find information on HIPAA and that
should be a good starting point for you.
Sean
- Original Message -
From: "Stephen Eaton" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, July 03,
s GUI (VNC, Terminal Server, and Citrix are others
that do this as well). Telnet/SSH traditionally is for UNIX machines and
give access to a remote console.
Sean
it's difficult to test the load on a server (as opposed to a
router) because you run into problem #3.
Network metric testing is a complicated subject with no clear-cut
solution yet.
-Sean
u have any questions about
it.
-
Sean Zadig
Student, UC Davis
PGP Key ID: 0xDE44A79F
7EE1 C80A A0C1 B224 45CE F74B 5835 0115 DE44 A79F
From: Steve <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Which FW/VPN appliance?
Date: 20 Nov 2002 19:36:54 -
MIME-Version: 1.
d the
client to turn it off until we have had a chance to look at it. My question
to you is: Is this a device that we should allow on the network from a
security standpoint?
Thank you,
Sean H Dankers
DISA/CIO - INFOSEC Analyst
DSN: 761-2560
Comm: (703) 681-2560
Fax: (703) 681-1795
[EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Perhaps it is related to the NetBIOS DoS that surfaced in August?
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS02-045.asp
Sean
Ferry van Steen wrote:
|Hey there,
|
|did anyone else notice a huge increase in port
So what would YOU use in your toolkit? :-)
Thanks!
Cheers,
Sean
Actually, the only part of PGP that XP doesnt like is when you try to
encrypt network connections (ie, VPN). It works fine with windows 2000 but
really hoses XP. However, the Outlook plugins have worked fine for me.
-Sean
>From: "Tim V - DZ" To: "'RUSSELL T. LEWIS&#
in control can be found at
http://downloads-zdnet.com.com/3000-2096-10059071.html
this program does what you want and more. although it must be run prior to
installing a piece of software.
Sean N MacLeod
MCSE, MCP, Network+, A+
http://security.homeunix.org
- Original Message -
From
if you're like me, i've found it is often easier and simpler to just use
standard bash pipes & redirection for most tcpdump logging and parsing, etc.
tcpdump -i eth1 | grep udp | grep 192.168.0.33 | less
(or something to that affect)
>From: Wesley Shields <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTE
The command is "nc". Check out man nc or
http://www.atstake.com/research/tools/nc110.txt for more information.
Sean
- Original Message -
From: "Sec" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 28, 2002 10:46 AM
Subject: Using Netcat
(heh we have a big following, eh) you can just use Stunnel with the
Netscreen devices.
sean.
- Original Message -
From: "Secure Green" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, May 09, 2002 2:02 PM
Subject: Wireless Firewall
> Has anyone fo
s plastered and you'll probably be ok.
Hopefully this helps,
Sean
-Original Message-
From: Imraan Kadir [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 07, 2002 8:34 AM
To: [EMAIL PROTECTED]
Subject: Mail server
Hi There
Can somebody please shed some light.
Is it safer to place yo
At 10:45 PM 5/3/2002 -0400, you wrote:
>Yeah - put it behind hardware firewall (PIX)
>
>:-)
>
>chris
Well, it IS a laptop. I guess I should have clarified
software.
Anyone know about firewall support under Darwin?
Can anyone suggest a good firewall for a G4 Mac running OS X?
At 03:12 PM 4/29/2002 -0400, Shawn Duffy wrote:
>If you want secure email, don't use Yahoo or Hotmail or any of the
>publicly available systems and use PGP, plain and simple... otherwise,
>you will run a certain risk... you would be better off getting an email
>account from your ISP, or, if you ha
makes
patching the fw a snap. Administration is simplified
as well.
I am testing it out at the moment and so far I'm
satisfied.
Sean.
--- Florian Hobelsberger / BlueScreen
<[EMAIL PROTECTED]> wrote:
> Network Card:
> I would recommend you a NIC with a Realtek 8139
> chips
At 12:18 PM 3/28/2002 -0800, you wrote:
> >There are no mobile phone systems currently publicly available that have
>not
> >be compromised. How easily, and by who, is another story. But every
> >current technology has been compromised.
>
>There is a simple work-around. Learn to speak Navaho or B
er VLAN (at least
this is true with 2900 series)
--
Sean Waddell
Network Engineer
The ESP Group
>
> -Original Message-
> From: Pavel Lozhkin [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, March 12, 2002 4:53 AM
> To: [EMAIL PROTECTED]
> Subject: IDS
>
> Hi !
>
&g
http://www.dslreports.com/tools
-Original Message-
From: Todd Sparks [mailto:[EMAIL PROTECTED]]
Sent: Saturday, February 09, 2002 11:41 PM
To: Security-Basics@Securityfocus. Com
Subject: DSL speed test s/w
Hi all,
I'm looking for a good free s/w test for my Enhanced DSL up/down speed.
Looking for opinions on the best method to back up Win2K web servers in a DMZ from a
single server with a DLT drive. It seams that most backup programs need netbios
enabled in order to backup remote machines and would much rather not have this enabled
even though it would be blocked at the fire
u to access the server and do stuff
remotely.
These are just my idea sand I am sure other people will have other ideas
so do with them what you will.
Sean
____
Sean W. Bravener
[EMAIL PROTECTED]
-Original Message-
From: TGW [mailto:[EMAIL P
Although BlackIce will not stop outgoing connections, ISS has clearly stated they
intend to always block trojans, and malicious traffic. Whatever that may be. If you
find a trojan, spyware, or other malware (not currently blocked), ISS will include
that in future updates.
sean
information, and how I think of the performance
and benefits.
sean.
[EMAIL PROTECTED]
- Original Message -
From: "Mike Carney" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 16, 2002 12:34 PM
Subject: VPN Speed
> Hello everyone,
>
> I
and
still have SQL Server 2000 run.
Thanks in advance.
--
Sean Waddell
hi
you dont get a response. The real response goes to the "spoofed" address.
This type of spoofing is referred to as flying blind attack or one-way
attack.
http://www.fc.net/phrack/files/p48/p48-14.html check out this article in
phrack, this is a good explanation as to how this type of attack wo
dshield provides a top ten list of known ip addresses that have shown
negative activty coming from them. unfortunately they don't tell you
what is they are trying to compromise. just ip address and port number.
http://www.dshield.org/top10.html
Sean Waddell
Network Engineer
The ESP
rsion/dllinfo.asp?fr=0&sd=tech
Sean Waddell
Network Engineer
The ESP Group
"May, Jason S" wrote:
>
> Does anyone know of a list of files for Windows NT/2000 that show what each
> file does or what application it is related to. For example: I have a list
> of
www.cotse.com
Even Athiests need to go to Church!
Everything you could ever need
- Original Message -
From: "leon" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: October 24, 2001 8:35 AM
Subject: security news?
| Hi everyone,
|
| Does anyone have any favorite sites regarding sec
securityfocus. Have you tried their mailing lists?
I've been on a few and they have been usefull.
--
Sean Waddell
Operations Manager
The ESP Group
leon wrote:
>
> Hi everyone,
>
> Does anyone have any favorite sites regarding security news? I use to
> love securityn
create a service that runs the nero executable - run the service with
the local admin (localsystem might work, too). Then grant the users
Start/Stop/Pause permissions for the service.
sean
-Original Message-
From: SF_Mailinglist [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 22, 2001
I've run nmap and nessus on a laptop with a 3com card. FastE 10/100. I
can get you the model number if you want. Haven't tried ethereal
though.
--
Sean Waddell
David H Hickman wrote:
>
> Hello. I need to run nmap, nessus and ethereal on a laptop. So far I
> am 0/3
Actually, I think a hardware firewall might be something different. A PIX
box is
definitely just a PC, like a lot of other so-called 'hardware firewalls' out
there.
But, there are boxes that implement filtering and such in ASIC chips, which
is supposed to be considerably
faster than the method
then run Lophtcrack against the SAM to get the
password. (this could take a while if the password is very complex)
For Lophtcrack:
http://www.atstake.com/research/lc3/index.html
Hope this all helps.
Sean Waddell
ESP Group
"Barzda, A" wrote:
>
> Hi folks, hopefully someone here
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
well, iirc, Internet Explorer already logs every URL you've visited
in a LARGE file, index.dat. Unfourtanetly there are a couple of
versions spread throughout windows so it'll take some work to figure
out which one has the url's you're looking for.
-
Good place to start would be at NSAs site. They have some guides on
securing Windows 2000
http://nsa1.www.conxion.com/win2k/download.htm
Also this is a pretty decent paper from the folks at SystemExperts
http://www.systemexperts.com/tutors/HardenW2K101.pdf
--
Sean Waddell
Network Engineer
38 matches
Mail list logo
