RE: XP Box appears to be compromised

Most likely it is dame ware www.dameware.com and you will find this as a staple in most of the win32 rootkits these days. This is a great remote administration tool that can be installed quietly and runs without end user knowledge, it can also be used to view and take control of a box,

Re: Secure Media Destruction

and the information is kind of vague but try to find information on HIPAA and that should be a good starting point for you. Sean - Original Message - From: Stephen Eaton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, July 03, 2003 3:36 AM Subject: Secure Media Destruction G'day

Re: IP address forging

IP spoofing has been around a long time so I'd say the answer is yes. Do a search on Google on IP spoofing and you should be able to find all you need to know. Sean - Original Message - From: Meritt James [EMAIL PROTECTED] To: Hanuska Ivo [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent

Re: Any good method to check network overload?

to a router) because you run into problem #3. Network metric testing is a complicated subject with no clear-cut solution yet. -Sean

Re: Which FW/VPN appliance?

questions about it. - Sean Zadig Student, UC Davis PGP Key ID: 0xDE44A79F 7EE1 C80A A0C1 B224 45CE F74B 5835 0115 DE44 A79F From: Steve [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Which FW/VPN appliance? Date: 20 Nov 2002 19:36:54 - MIME-Version: 1.0 Received: from

Anyone know any vulnerabilities in HP 9100C Digital Sender????

the client to turn it off until we have had a chance to look at it. My question to you is: Is this a device that we should allow on the network from a security standpoint? Thank you, Sean H Dankers DISA/CIO - INFOSEC Analyst DSN: 761-2560 Comm: (703) 681-2560 Fax: (703) 681-1795 [EMAIL PROTECTED]

Good freeware security utilities?

? :-) Thanks! Cheers, Sean

Re: How to use tcpdump

if you're like me, i've found it is often easier and simpler to just use standard bash pipes redirection for most tcpdump logging and parsing, etc. tcpdump -i eth1 | grep udp | grep 192.168.0.33 | less (or something to that affect) From: Wesley Shields [EMAIL PROTECTED] To: [EMAIL PROTECTED]

Re: Using Netcat

The command is nc. Check out man nc or http://www.atstake.com/research/tools/nc110.txt for more information. Sean - Original Message - From: Sec [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 28, 2002 10:46 AM Subject: Using Netcat I have not installed netcat before

Re: Wireless Firewall

there (heh we have a big following, eh) you can just use Stunnel with the Netscreen devices. sean. - Original Message - From: Secure Green [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, May 09, 2002 2:02 PM Subject: Wireless Firewall Has anyone found any reasonably secure solutions

RE: Mail server

probably be ok. Hopefully this helps, Sean -Original Message- From: Imraan Kadir [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 07, 2002 8:34 AM To: [EMAIL PROTECTED] Subject: Mail server Hi There Can somebody please shed some light. Is it safer to place your mailserver in the DMZ

RE: Checking...

At 10:45 PM 5/3/2002 -0400, you wrote: Yeah - put it behind hardware firewall (PIX) :-) chris Well, it IS a laptop. I guess I should have clarified software. grin Anyone know about firewall support under Darwin?

RE: Yahoo Account Security

At 03:12 PM 4/29/2002 -0400, Shawn Duffy wrote: If you want secure email, don't use Yahoo or Hotmail or any of the publicly available systems and use PGP, plain and simple... otherwise, you will run a certain risk... you would be better off getting an email account from your ISP, or, if you have

Re: Linux box as firewall

makes patching the fw a snap. Administration is simplified as well. I am testing it out at the moment and so far I'm satisfied. Sean. --- Florian Hobelsberger / BlueScreen [EMAIL PROTECTED] wrote: Network Card: I would recommend you a NIC with a Realtek 8139 chipset. It supports 10 / 100 MBit

RE: mobile phones

At 12:18 PM 3/28/2002 -0800, you wrote: There are no mobile phone systems currently publicly available that have not be compromised. How easily, and by who, is another story. But every current technology has been compromised. There is a simple work-around. Learn to speak Navaho or Basque.

RE: DSL speed test s/w

http://www.dslreports.com/tools -Original Message- From: Todd Sparks [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 09, 2002 11:41 PM To: Security-Basics@Securityfocus. Com Subject: DSL speed test s/w Hi all, I'm looking for a good free s/w test for my Enhanced DSL up/down speed.

RE: Help with Win2000 Server.

the server and do stuff remotely. These are just my idea sand I am sure other people will have other ideas so do with them what you will. Sean Sean W. Bravener [EMAIL PROTECTED] -Original Message- From: TGW [mailto:[EMAIL PROTECTED] (spam)] Sent

Re: VPN Speed

information, and how I think of the performance and benefits. sean. [EMAIL PROTECTED] - Original Message - From: Mike Carney [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, January 16, 2002 12:34 PM Subject: VPN Speed Hello everyone, I am tasked with trying to find a faster

SQL

have SQL Server 2000 run. Thanks in advance. -- Sean Waddell

Re: Spoofing question?

hi you dont get a response. The real response goes to the spoofed address. This type of spoofing is referred to as flying blind attack or one-way attack. http://www.fc.net/phrack/files/p48/p48-14.html check out this article in phrack, this is a good explanation as to how this type of attack

Re: Attack Lists

dshield provides a top ten list of known ip addresses that have shown negative activty coming from them. unfortunately they don't tell you what is they are trying to compromise. just ip address and port number. http://www.dshield.org/top10.html Sean Waddell Network Engineer The ESP Group

Re: List of Windows NT/2000 files and what they do

=0sd=tech Sean Waddell Network Engineer The ESP Group May, Jason S wrote: Does anyone know of a list of files for Windows NT/2000 that show what each file does or what application it is related to. For example: I have a list of several .DLL files and I want to find out what applications

Re: security news?????

www.cotse.com Even Athiests need to go to Church! Everything you could ever need - Original Message - From: leon [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: October 24, 2001 8:35 AM Subject: security news? | Hi everyone, | | Does anyone have any favorite sites regarding security

Re: Promiscuous pcmcia network card

I've run nmap and nessus on a laptop with a 3com card. FastE 10/100. I can get you the model number if you want. Haven't tried ethereal though. -- Sean Waddell David H Hickman wrote: Hello. I need to run nmap, nessus and ethereal on a laptop. So far I am 0/3 on cards that work

RE: Hardware Firewall vs Software Firewall

Actually, I think a hardware firewall might be something different. A PIX box is definitely just a PC, like a lot of other so-called 'hardware firewalls' out there. But, there are boxes that implement filtering and such in ASIC chips, which is supposed to be considerably faster than the method

Re: Need help with accessing laptop

against the SAM to get the password. (this could take a while if the password is very complex) For Lophtcrack: http://www.atstake.com/research/lc3/index.html Hope this all helps. Sean Waddell ESP Group Barzda, A wrote: Hi folks, hopefully someone here can point me in the right direction. The wife