-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Using MAC filtering to protect a wireless network only presents an
obstacle, not absolute security as it would imply. It'll keep casual
wardrivers and what not away but for someone determined to get in, it's
just another hoop to jump through. Look
Assuming someone's watching the screen, there's a good chance they'll close
the connection if they see you doing a netstat while they're connected.
Doesn't sound like anything related to terminal services (xp remote desktop)
as it'll lock the console session while the remote session is active. VNC
Have you considered SSH? It'll compress your traffic as well as encrypt it.
-Original Message-
From: Hendra Santosa [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 8:07 AM
To: [EMAIL PROTECTED]
Subject: Data Compression
Hi,
I have several sites and all of them are running Lin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Just thought I'd add http://www.gentoo.org/doc/en/gentoo-security.xml as
well. The instructions are specific to securing a Gentoo installation,
but the ideas are pretty universal.
- -Original Message-
From: vincent [mailto:[EMAIL PROTECTE
If you mean they're windows users, direct them to putty, it does port
forwarding and all that good stuff. Ssh.com has a free client too, I
believe.
-Original Message-
From: Glenn English [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 06, 2003 1:54 PM
To: [EMAIL PROTECTED]
Subject: R
leaving the
ESP header intact and allowing the establishment of the tunnels.
Check to see if these version support NAT / PAT transparency.
Regards,
Paul Benedek
Director
Excis Networks Limited
http://www.excis.co.uk
-Original Message-
From: Adam Overlin [mailto:[EMAIL PROTECTED]
Sent: 01
lists
you need to be specific after you create them otherwise they will implicitly
deny traffic. Once I have seen the cheat sheet, I can advise you of what
may work.
Regards,
Paul Benedek
Director
Excis Networks Limited
http://www.excis.co.uk
-Original Message-
From: Adam Overlin
from
updating or query external servers. You are thinking of UDP Port 53,
which is not the same as IP Protocol 53.
Hope this helps,
Paul Kincaid
On (07/23/03 15:16), DOUGLAS GULLETT wrote:
> To: Alvaro Gordon-Escobar <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED], [EMAIL PROTECTED]
> Fr
up the
firewall when you need to administer.
Regards,
Paul Benedek
Director
Excis Networks Limited
http://www.excis.co.uk
-Original Message-
From: Glenn English [mailto:[EMAIL PROTECTED]
Sent: 22 July 2003 23:50
To: 'Security-Basics'
Subject: Some Cisco PIX newbie question
What is the name of the virus? Is it described on mcafee.com or
symantec.com?
Paul
-Original Message-
From: David Vertie [mailto:[EMAIL PROTECTED]
Sent: Sunday, July 13, 2003 2:45 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: New trojan turns home PCs into porno Web site hosts
ction.
Regards
Paul Benedek
Director
Excis Networks Limited
http://www.excis.co.uk
-Original Message-
From: Mitchell Rowton [mailto:[EMAIL PROTECTED]
Sent: 08 July 2003 19:27
To: Jane Han; [EMAIL PROTECTED]
Subject: Re: where should I start? help!
The bandwidth on the S0 interface i
spoofed source, apply an access
list to your router that allows the traffic to pass and ensure that you log
it. Once you have captured the data, you can analyse where it came from and
more importantly which interfaces of the router it passed through.
Regards,
Paul Benedek
Director
Excis Networks
network that you are on. Then look at your arp cache with 'arp -a'
(works on both Windows and *nix). As long as the number of hosts
responding to the ping don't exceed the size of your ARP cache, the IP
address you are looking for should be in th
se it in a
networked environment or on servers. The version for Exchange 2000 has
worked great for us without taxing the life out of our Exchange server.
Thanks for the input,
Paul
>Received: (qmail 1 invoked from network); 30 Jun 2003 21:55:24 -
>Received: from outgoing3.securi
grab FPORT from Foundstone
and that does pretty much the same thing.
-Paul
-Original Message-
From: Hyperion [mailto:[EMAIL PROTECTED]
Sent: Monday, June 30, 2003 9:52 AM
To: Security Basics Mailing List
Subject: What is this port? is it a trojan?
Hello all :)
I have been taking a more deta
Does anyone know of a good, free Anti-Virus product for RedHat Linux.
Paul Kurczaba
www.myipis.com
smime.p7s
Description: S/MIME cryptographic signature
This port is used for Kerio Firewall. There website is www.kerio.com
Paul Kurczaba
www.myipis.com
-Original Message-
From: Hyperion [mailto:[EMAIL PROTECTED]
Sent: Monday, June 30, 2003 12:52 PM
To: Security Basics Mailing List
Subject: What is this port? is it a trojan?
Hello all
7) AOL Instant Messanger
-Paul Kurczaba
-Original Message-
From: Chris Berry [mailto:[EMAIL PROTECTED]
Sent: Saturday, June 28, 2003 6:09 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: Ten least secure programs
I'm putting together a list of what seem to b
environment. What do you mean by this.
Thanks for the post,
Paul
>Received: (qmail 23917 invoked from network); 26 Jun 2003 16:27:17 -
>Received: from outgoing2.securityfocus.com (205.206.231.26)
> by mail.securityfocus.com with SMTP; 26 Jun 2003 16:27:17 -
You should set up at least 128 bit encryption and lock out all MAC
addresses except for the wireless clients.
-Paul Kurczaba
-Original Message-
From: Trevor Sayle [mailto:[EMAIL PROTECTED]
Sent: Sunday, June 22, 2003 1:34 AM
To: Jon Baer; [EMAIL PROTECTED]
Subject: Re: Wireless LAN
On
You should set up at least 128 bit encryption and lock out all MAC
addresses except for the wireless clients.
-Paul Kurczaba
-Original Message-
From: Trevor Sayle [mailto:[EMAIL PROTECTED]
Sent: Sunday, June 22, 2003 1:34 AM
To: Jon Baer; [EMAIL PROTECTED]
Subject: Re: Wireless LAN
On
passwords
and usernames make sure that they are strong passwords and are changed
regularly as well and that you have an enforceable security policy that
ensures this.
Regards,
Paul Benedek
Director
Excis Networks Limited
http://www.excis.co.uk
-Original Message-
From: Stephen Bock [mailto
In-Reply-To: <[EMAIL PROTECTED]>
Take a look at www.securewave.com
SecureEXE and SecureNT provide the kind of lock down that you suggest.
>
>
>hey all,
>
>I've learned a lot from this list (thank you) but I've tried to lurk a
bit,
>expected this issue to come up before I posted. Time's up.
>
also take a look at www.securewave.com to help harden up Citrix
-Original Message-
From: "Tuttle, Jim" <[EMAIL PROTECTED]>
To: "Jesper Sobol" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
Date: Wed, 4 Jun 2003 14:02:24 -0700
Subject: RE: Is Citrix safe?
Citrix is not safe. End of story.
You
onsulting
>
> "Nuzman" <[EMAIL PROTECTED]> on 03/14/2003 01:01:34 PM
>
> To: "security basics" <[EMAIL PROTECTED]>
> cc:(bcc: Craig Brauckmiller/LEK)
>
> Subject: smtp relay tester?
>
>
>
> Hi,
>
> I'm looking for a SMTP relay tester. Any suggestions?
>
> Nuzman
>
--
Paul M Johnson
Columbia, MD
If you do not feel 100% comfortable with someone else entering your network,
then don't do it.
Paul J Carroll
Technical Manager
412.281.7488
-Original Message-
From: Glenn English [mailto:[EMAIL PROTECTED]
Sent: Monday, March 10, 2003 1:00 PM
To: [EMAIL PROTECTED]
Subject: RE: V
out there
but it is hard to sift through all of the resources that are available.
Thanks everyone,
Paul
ed so the individual
packets in the stream may have to go through fragmentation reassembly at
the IP layer before the TCP layer can reassemble the stream.
-paul
y one
response via newsgroups and no remedy.
Thanks,
---
Paul Stewart
Network Solutions Specialist
Nexicom Inc.
http://www.nexicom.net/
(705)932-4127 Office
(705)932-2329 Fax
paul van den bergen wrote:
>
6) 128 WEP + regular key update. with or without IPsec.
My questions relates to scenario 1 and 6, to me the interesting ones.
In the case of 1) how would one stop external users using the APs as private
network bridges?
In the case of 6) how does one distrib
update. with or without IPsec.
My questions relates to scenario 1 and 6, to me the interesting ones.
In the case of 1) how would one stop external users using the APs as private
network bridges?
In the case of 6) how does one distribute the WEP keys at each update?
--
Dr Paul van den
We have a client that has requested this feature but never been able to
find a way of doing it via the router... Anyone know of a way of doing
this?
They want to monitor everything that their employees is doing and this
seemed like the most economical way if possible...
---
Paul Stewart
Network
irewalling Just my two cents worth This also keeps loading
down on the router if you have a busy link...
Opinions on this would be really good.. I'd love to hear what others are
doing...:)
---
Paul Stewart
Network Solutions Specialist
Nexicom Inc.
-Original Message-
From: Geof
Is this machine connected to the Internet at all?
---
Paul Stewart
Network Solutions Specialist
Nexicom Inc.
-Original Message-
From: Simon Taplin [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 28, 2003 1:09 PM
To: Security-Basics
Subject: Securing NT4 Server Websites
Can somebody
Does anyone know of a good, secure, reliable VPN for Windows 2000 that is
cheap and uses high encryption?
smime.p7s
Description: application/pkcs7-signature
erred?
Will setting the MTU lower effect the speed of the DSL (surfing the web,
downloading files)?
Thanks
Paul
-Original Message-
From: Keith T. Morgan [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 21, 2003 9:15 AM
To: Paul Gaskin; [EMAIL PROTECTED]
Subject: RE: VPN & PPPoE
hout the associated overhead. When
the numbers get really big, the differences become more significant.
With 500 hosts (the PacketShaper 4000isp capacity), you may have 50,000
(or more) connections for the PacketShaper to manage, while ET/BWMGR has
only 500.
Paul Stewart
Nexicom Inc.
-Orig
e-mail. we have tried
everything... has anyone run into this problem?
the user is on a Windows XP laptop connected to a Linksys wireless router
(Using PPPoE). and Outlook for E-mail.
Any help would be greatly appreciated
Thanks in advance
Paul
lenge.
Paul
Original message
>Date: Wed, 15 Jan 2003 12:44:02 -0800
>From: "Nicko Demeter" <[EMAIL PROTECTED]>
>Subject: RE: Internet Cafe
>To: "'Ferry van Steen'" <[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]&
Quite simply, can you afford the licence for Borderware for this?
Netscreen have some smaller products that are not much more expensive
than a small router.
Paul Mahoney
FiberStarr Systems
www.fiberstarr.com
-Original Message-
From: H.Hamza [mailto:[EMAIL PROTECTED]]
Sent: Friday
need to do
their job. If a server needs to remained logged on because an application
cannot run as a service, create a local account on that machine to run the
application under, if the account doesn't need network access, and limit who
knows that account.
Best of luck, sounds like you have some
lls,
I believe we need to look at something more like a GUI configuration.
My advice would be to look at the Netscreen range of products,
competitively priced, easy to configure and yes a top performer.
Regards,
Paul Mahoney
FiberStarr Systems
www.fiberstarr.com
e web server is serving static pages, try burning the site to R/O media
and running it from that location.
Just my $0.02c worth.
Paul J Carroll
Technical Manager
Computer Learning Center
-Original Message-
From: Dejan [mailto:[EMAIL PROTECTED]]
Sent: Sunday, January 05, 2003 3:02
To All,
Here is M$'s registry reference.
http://support.microsoft.com/default.aspx?scid=KB;en-us;q229940
Paul J Carroll
Technical Manager
University of Pittsburgh
Computer Learning Center
-Original Message-
From: Brian Bruns
To: David Brown; 'Security Basics' (E-mail)
S
x27;t know if they are different in the
corporate world...I served in the Army for 4 years and federal
security standards are all I know. I hope this website will serve as
a first start for you. If you have need any more help, just let me
know.
Regards,
Paul Soriano, CCNA, A+
Direct: (312) 371
files and not applying them, therefore, it would
continually repeat the process throughout the day.
Could this be a ddos?
Paul Mahoney
-Original Message-
From: Nathan [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 18, 2002 8:30 AM
To: Security Focus (E-mail)
Subject: Port 2848
I
I'd start with google, and search for something like 'layer 7 traffic
filter' theres many products there but costing is probably going to be a
concern
Paul Mahoney
FiberStarr Systems
www.fiberstarr.com
-Original Message-
From: Sonny Snyder [mailto:[EMAIL PROTECTED]
for a Workstation or
b) 'AutoShareServer' for a server.
3. Set the value to equal '0' to disable sharing.
If the values already exist then modify them to change the value.
Value: (0 = disable shares, 1 = enable shares)
4. Restart Windows XP and the automatic shar
Hi,
I found this, wondered if it may help you
http://www.shmoo.com/pipermail/zealots/2001-March/11.html
Paul Mahoney
Director
FiberStarr Systems
www.fiberstarr.com
-Original Message-
From: Boschmann, Armin [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 06, 2002 10:45 AM
To
has a section that talks
about determining if systems are alive, using ping sweeps, ICMP
queries, port scans, etc. Investing in this book is well worth
it...I highly suggest it.
Regards,
Paul Soriano, CCNA, A+
(312) 371-2264
"Lead By Example!"
-BEGIN PGP SIGNATURE-
Version: PGPfre
pdate centrally, let me
know. I'm interested myself.
Regards,
Paul Soriano, CCNA, A+
(312) 371-2264
"Lead By Example!"
-BEGIN PGP SIGNATURE-
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBPfD+GV9UWzzCd2rZEQKPdwCgwMGj7cIeFU9EeueJcVu39+
will prevent these portions of the attack from
working. If this control is implemented on the server itself it could
be circumvented when the server is compromised.
-paul
I would look at creating a machine group policy, so that no matter which
user logs in, they get the same eXPerience.
http://www.microsoft.com/windows2000/en/server/help/ may do the trick
Just another $0.02c worth
Paul J Carroll
Technical Manager
Computer Learning Center
-Original Message
intervals. Using
this approach means machines are kept up to date with no bandwidth issues.
Just another 0.02c worth. Hope it helps.
Paul J Carroll
Technical Manager
Computer Learning Center
-Original Message-
From: Anthony, Shayla [mailto:shayla@;exchange.cis.pitt.edu]
Sent: Friday, November
The NSA zero-filling standard which you reference, as well as Disk erasing
software is only compliant to DOD non-classified. Any further level of disk
erasure requires the use of a high-temperature furnace.
PJC
-Original Message-
From: Nero, Nick [mailto:Nick.Nero@;disney.com]
Sent: T
ort.microsoft.com/default.aspx?scid=/support/email/windowsupdate/wassist.asp
Hope this helps a little more than my last post Chris :-)
Paul
**
*Paul Jordan, IT Security Operations (ROI/UK)
*E-mail: [EMAIL PROTECTED]
*Post: Block A1, AI
Think instructions at following URL might be what you are looking for?
http://www.ntbugtraq.com/redisWU.asp
Paul
**
*Paul Jordan, IT Security Operations (ROI/UK)
*E-mail: [EMAIL PROTECTED]
*Post: Block A1, AIB, Bankcentre
ithin
MailMarshal. Marshal products' pre-installed menu of file type blocking
choices currently includes a variety of types for various operating systems
in these categories:"
Paul Singleton CISSP
-Original Message-
From: RUSSELL T. LEWIS [mailto:[EMAIL PROTECTED]]
Sent: Tuesday,
ree Windows SSH app
available. It is also interesting to see other apps using PuTTY support
applications (like scp). One example is Secure iXplorer[1] (note that
there is also a GPL version of iXplorer [2]).
[1] http://www.i-tree.org/secixpro/index.htm
[2] http://www.i-tree.org/gpl/index.htm
-
a fine secondary
server and move some of those services to it instead (assuming the same
level of functionality).
[1] http://www.ipcop.org
[2] http://www.smoothwall.org
--
.: Paul Hosking . [EMAIL PROTECTED]
.: InfoSec . 408.829.9402
.: PGP KeyID: 0x42F93AE9
.: 7B86 4F79 E496 2775 7945 FA81 8D94 196D 42F9 3AE9
k those by removing the hand set
from any phone and plugging it into the phone port. If it has dial tone it is an
analog line, digital lines will not give any tone (2616, 2008, 3904, 3905 etc)
thanks,
Paul
-Original Message-
From: Burton M. Strauss III [mailto:[EMAIL PROTECTED]]
Sent
both network and telco work) very few people have analog lines
anymore. There is rarely a good business case for one in an office or cube.
HTH,
Paul
-Original Message-
From: Harish Gondavale [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 04, 2002 9:01 PM
To: [EMAIL PROTECTED]
Su
their new password.
Paul
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 27, 2002 3:38 AM
To: [EMAIL PROTECTED]
Subject: Re: NT4 Account keeps getting locked out!
I past experience i have had the same problem.
Solution:
CAPS LOCK
>
> N
Check this link.
http://vil.nai.com/vil/content/v_99455.htm
Klez.H sends itself around pretending to be warning you about Klez.E
If I were you I'd download the Klez removal tool from Symantec
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html
Paul.
-Ori
(urmm assuming this is what your looking for )
http://www.cisco.com/warp/public/503/2.html
>Hi Listreaders,
>does anyone of you have an idea for a good open source
>network diagram tool? I would like to use xfig, but even
>so I googled around I did not find a good library with the
>Cisco standard
Greetz,
(just thought i should add this to the thread)
There is this excellent article by Dexter Lindstorm elaborating
(links/diagrams provided )on sniffing/("upgrading bandwidth attempts") on
cable network architectures which sheds some light as to why you couldnĀ“t
see anything (besides your
Greetz,
(just thought i should add this to the thread)
There is this excellent article by Dexter Lindstorm elaborating
(links/diagrams provided )on sniffing/("upgrading bandwidth attempts") on
cable network architectures
http://rr.sans.org/homeoffice/sniffing.php
.
>
>On Sat, Jun 15, 2002 a
ISHED
TCPrbeckett:2737 209.61.191.170:80 CLOSE_WAIT
As you notice, internal traffic originates on random ports... even though
all traffic goes to port 80 on the remote machine... if you only allow
traffic on port 80, all my requests would have been blocked.
Paul Devisser
---
Proftpd allows you to have users with /bin/false... why not use that?
It also allows them to be chained into a specific directory path, eg
(/home/ftp/username)
Paul Devisser
- Original Message -
From: "Choman" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thu
tcat.
>From: Brian Shaw <[EMAIL PROTECTED]>
>To: Paul Neiberman <[EMAIL PROTECTED]>, security-basics
><[EMAIL PROTECTED]>
>Subject: Re: how to use netcat as 'gateway'?
>Date: Wed, 05 Jun 2002 16:37:25 -0400
>
>Why would want to use Windows 98 as a
Greetz,
I know this sounds like a really dumb question(and probably pointless); how
would i use netcat on a window$ box (98, not NT ;) ) as a gateway to the
'internet' for say a linux box "sitting behind it"?
#linux#->#windows98#>Internet
| |
(telnet) --->
.
Define what you actually want 'through' that interface in your access list
and apply it to your serial interface (in or out), the implicit deny will
'take care' of the rest.
>You cannot block telnet on a cisco router!
>You can only block that port (23)
>You must block the telnet application
A good number of FTP Clients allow you to change this setting.
Hope this helps,
Paul Blechschmidt
Paul Blechschmidt
Network Analyst
PlaceWare
1400 SW 5th Ave Suite 300
971-544-3070
PlaceWare Web Conferencing - Great Meetings. No Travel.(tm)
http://www.placeware.com
-Original Me
with the name "Bitburger".
Indeed it is! I used to live 20 minutes outside of Bitburg. There was
not a gasthaus in the area that didn't have the Bitburger logo and Simon
on its sign.
--
.: Paul Hosking . [EMAIL PROTECTED]
.: InfoSec
.: PGP KeyID: 0x42F93AE9
.: 7B86 4F79 E496 2775 7945 FA81 8D94 196D 42F9 3AE9
vidual to write a practical, which is in turn available to the
community (enriching the available documentation / knowlege).
To those who are unable to make it to SANS conferences, they have also
began offering online courses (although one should really attend at
least one conference if possi
assigned. I am wondering if there are any
vulnerabilities with having one of these monitoring interfaces sit on a public
network. Can the hosts be hacked at all on the monitoring interface without an IP
address...If so, how?
Paul
to worry about
forgetting to re-encrypt the file once I'm done).
> Please don't laugh about my english!
> I'm german and 12 years old.
My German is much worse. Amoung the few things I still remember is
"Bitte ein Bit". I think I still have a sticker with that phras
://www.phrack.com/show.php?p=48&a=14
--
.: Paul Hosking . [EMAIL PROTECTED]
.: InfoSec
.: PGP KeyID: 0x42F93AE9
.: 7B86 4F79 E496 2775 7945 FA81 8D94 196D 42F9 3AE9
>The shortcoming of a packet filtering firewall is that it doesn't
>understand the protocol(s) involved in the conversation, so that if
>someone is abusing it (too many telnet logins, malformed application
>headers such as overlong SMTP commands, etc.), it can't know that, and
>it can't protect
egration of the browser and Microsoft Office and
the possibility of, say, embedding a web bug in a Word document.
[1] http://www.privacyfoundation.org/resources/webbug.asp
--
.: Paul Hosking . [EMAIL PROTECTED]
.: InfoSec . 408.829.9402
.: PGP KeyID: 0x42F93AE9
.: 7B86 4F79 E496 2775 7945 FA81 8D94 196D 42F9 3AE9
I use Big Brother (http://www.bb4.com/). I haven't had any problems except
the occassional false alarm... But with a bit of fine-tuning you can easily
get around that issue.
Paul Devisser
- Original Message -
From: "Robert Bailey" <[EMAIL PROTECTED]>
To: <
able to perform the task no problem,
and for a small company it is a very good solution, but I don't like
placing my company data at the gateway to allow others to attack.
Thanks
Paul Jose
Network Security Analyst
-Original Message-
From: Dave [mailto:[EMAIL PROTECTED]]
Sent: Sunda
suit their needs.
And if the tools are created properly, they will be interchangable...
allowing users, for example, to change GUI frontends without loosing
their data. This choice can be a bit daunting to someone used to a
monolithic environment - IT departments can create that fee
n also start by adding the following to the httpd.conf file:
ServerTokens Prod[uctOnly]
Server sends (e.g.): Server: Apache
HTH.
Sincerely,
Paul Burney
<http://paulburney.com/>
Question 1)
>>
>>global (dmz) 1 10.10.10.1 netmask 255.255.255.255
>>nat (inside) 1 192.168.0.0 255.255.255.0 0 0
>>
>>Am I correct to understand that only the specified
>>traffic rom the Inside interface, 192.168.0.X will
>> be NATed to the address 10.10.10.1 when it enters the DMZ?
Yes and n
While the source code is available, it is
not Open Source (http://www.opensource.org/docs/definition_plain.html).
The most notable restriction is probably its limitation to
non-commercial use only.
--
.: Paul Hosking . [EMAIL PROTECTED]
.: InfoSec
.: PGP KeyID: 0x42F93AE9
.: 7B86 4F79 E496 2775 7
of WinPT (although it seems new versions have since been posted).
GPGShell seems to get positive comments, although it is not Open Source
(which leads to discussions on whether this is an issue or not).
--
.: Paul Hosking . [EMAIL PROTECTED]
.: InfoSec
.: PGP KeyID: 0x42F93AE9
.: 7B86 4F7
creen HTML e-Mail or eliminate it from
their orgs? Would love to know
what drove the decision.
Are there products that assist in eliminating malicious code in HTML, if so
how do they know it's malicious.
Sorry for the long post but this is really bugging me.
Paul Petersen
t:
http://www.gnupg.org/frontends.html
http://enigmail.mozdev.org/index.html
http://www.jumaros.de/rsoft/gpgshell.html
http://www3.gdata.de/gpg/
http://www.winpt.org/
http://www.geocities.com/openpgp/courrier_en.html
--
.: Paul Hosking . [EMAIL PROTECTED]
.: InfoSec
.: PGP KeyID: 0x42F93AE9
.:
machine, information security should be a concern.
--
.: Paul Hosking . [EMAIL PROTECTED]
.: InfoSec
.: PGP KeyID: 0x42F93AE9
.: 7B86 4F79 E496 2775 7945 FA81 8D94 196D 42F9 3AE9
servers, one in the
>DMZ and one r inside our firewall.
>
> I am looking for some feedback on this issue.
>
> Thank you in advance to you all security warriors.
>
> OC
>
--
.: Paul Hosking . [EMAIL PROTECTED]
.: InfoSec
.: PGP KeyID: 0x42F93AE9
.: 7B86 4F79 E496 2775 7945 FA81 8D94 196D 42F9 3AE9
#x27;d be interested in hearing from the experts.
> Thanks
> Fred
>
> -BEGIN PGP SIGNATURE-
> Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
>
> iQA/AwUBPJuSqLpfJ1+Q9TWkEQKAMACcCmUENdUR8OcJsegbp1ZRlNviiiwAn06V
> D/2TySJXUX0qOfFEQ
as some of the older TCPIP stacks will crash when you run your tests.
Hope this helps
Paul Jose
Network Security Analyst
-Original Message-
From: Vachon, Scott [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 14, 2002 4:06 AM
To: [EMAIL PROTECTED]
Subject: RE: Political Challenges Us
repetitive overwrites of data can be recover by statistically
methods using the correct equipment.
pob
PS See my sig. my opinions may be skewed by virtue of my employer. Opinions
stated are not necessarily those of my employer.
--
Paul Baccas, Virus Researcher, Sophos Anti-Virus
Email: [EMAIL
install CD) and
then flag those file that are unknown and investigate them.
pob
PS See my sig. my opinions may be skewed by virtue of my employer. Opinions
stated are not necessarily those of my employer.
--
Paul Baccas, Virus Researcher, Sophos Anti-Virus
Email: [EMAIL PROTECTED], Tel: 01235 5
y posture, you should have WRITTEN
permission to do so." This comes from an ongoing history of individuals
being prosecuted for minor infractions in the name of computer
security. One of the most famous of such cases is Randal Schwartz:
http://www.lightlink.com/spacenka/fors/
http://www.rahul.ne
e-mail then this can be done anywhere in the path the
e-mail typically takes from source to destination.
You can decide for yourself how easy it would be to accomplish this in
your environment.
-paul
inally, do not discount insider threats.
Insiders will already have access to the network and will be much harder
to detect.
You may find that a determined external attacker specifically targeting
your network is your least likely threat.
--
.: Paul Hosking . [EMAIL PROTECTED]
.: InfoSec
.: PGP KeyID: 0x42F93AE9
.: 7B86 4F79 E496 2775 7945 FA81 8D94 196D 42F9 3AE9
int being plugged in?
Take a look at APTools (http://aptools.sourceforge.net/). Although its
been developed with Cisco gear in mind, there is "untested" support for
other hardware.
--
.: Paul Hosking . [EMAIL PROTECTED]
.: InfoSec
.: PGP KeyID: 0x42F93AE9
.: 7B86 4F79 E496 2775 7945
along with the tip given by Victor,
you could start playing with (provided you have loging enabled and tweeked
your buffers accordingly):
#sh buff assi dump
- Original Message -
From: "Victor Usjanov" <[EMAIL PROTECTED]>
To: "Dave Stein" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wed
1 - 100 of 120 matches
Mail list logo
