Actually , I am quite amazed , no one mentioned iptables on linux
(http://netfilter.samba.org) , thats what I use and recommend you to use ...
you can install squid (proxy) and openvpn\freeswan on another machine (if
you have it) or on the same machine.
T h e O g
Liran Cohen
- Origina
I dont think preventing e-mails from going out with sensitive
information helps here , if you dont trust an employee , simply
implement file permissions , deny "untrusted" employees access to
sesitive files , a cdrom , floppy , Zip drive ,backup tapes or any other
media can do the trick of "ste
fetch the
data from the inside server (if configured right) thus making it less
vulnerable to attacks , in combination with a strict iptables ruleset it is
relativly secure.
Another tip , if you intend on using dynamic pages , make sure you set the
cache to 0 .
:)
TheOg
- Original Message
For Apache,squid and proftpd you may use:
http://www.mrunix.net/webalizer/
for IIS Logs see:
http://www.medasys-lille.com/webalizer/
Regsrds
T h e O g
Liran Cohen
- Original Message -
From: "Benjamin Meade" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, February 17, 20
Try viruswall from Trend Micro http://www.antivirus.com
- Original Message -
From: "laurence field" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, February 12, 2003 7:50 AM
Subject: email content monitoring / effectiveness
> I would like to get feedback on the quality/usef
ng
on the machine , the data is ok to lay outside you'r LAN but analyzing it
should be done inside , have snort with mysql (or any other IDS system)
running on the outside machine and have the data fetched from the inside.
TheOg
Liran Cohen
- Original Message -
From: "Naman
s specific and not an R&D machine that needs all the libreries
(it's too much hastle is so) , you can have that application run in a
crippled chrooted environment , and so on
TheOg
- Original Message -
From: "Trevor Cushen" <[EMAIL PROTECTED]>
To: &quo
ckers) - make sure you send a written memo or e-mail
about it to the proper people (not only your manager) , people tend to think
twice when it's their neck.
TheOg
> > Does anybody know a good internet source of actual
> > security related real
> > life cases? I know
mimedefang is great but only for english written e-mails.
- Original Message -
From: "Nick Warr" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "Juan Mejia" <[EMAIL PROTECTED]>
Sent: Tuesday, January 14, 2003 10:35 AM
Subject: Re: suggestions for blocking dangerous mail attachments?
> Mi
port 80 and
443 on your web server (check for IIS exploits).
I would recommend using Nessus (at www.nessus.org) to check for vuln. of
your machines.
TheOg
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Our network engineer just left the company and all of his responsibilities
Try virtusertable in sendmail (must be specified when doing m4 to the
.mc file as FEATURE(virtusertable) ).
Cheers
TheOg
Liran Cohen
Ned Fleming wrote:
On Mon, 06 Jan 2003 22:11:49 +, [EMAIL PROTECTED] wrote:
Thanks for the input on this so far. To clarify, [EMAIL PROTECTED
have to fight your way through and
be very convincing when applying for a security oriented job .
About certifications.heh well how can you learn something that changes
every day ?
Cheers
TheOg
Quoting "Jay D. Dyson" <[EMAIL PROTECTED]>:
> -BEGIN PGP SIGNED MESSAG
Well snort will indeed dump more than enough information (maybe to much) ,
but understanding that information is not trivial, plus snort will show
you the incoming traffic to the computer it's installed on , unless that
computer is the gateway you wont get the needed data , if you will install
it
Although it is possible you have a trojan on one or more computers
internally , but it might as well be someone FTPing a large file (a linux
iso etc) from a nearby server , which will consume your T1 line (which
is not that large respectivly.
The options are quite simple (assuming you want to
ftware.
>
> Thanks in advance.
>
> Nico
>
>
> _
> Chat with friends online, try MSN Messenger: http://messenger.msn.com
>
Try rsync .
TheOg
-
This mail sent through IMP: http://horde.org/imp/
Use rsync.
_|_ |__ ___ __ __
|_, | ) (__/_ (__) (__|
__/
Of course it is.I would recommend recompiling the kernel , there are
several options you may wanna be sure of, (fast NAT - if using NAT ,
support for large routing tables, check out http://www.linuxrouter.org/) ,
for the firewall issues checkout http://netfilter.samba.org .
I would also intall
First of all here : http://www.kb.cert.org/vuls/id/24140
Every system indeed has a chance of being hacked sometime , Firewalls
advance as well as hack tools , you should always keep up with the current
events :-) the never ending story... This way you can keep a level of
security that will be suf
I agree with Chris , though it could be someone scanning for anonymous ftp
servers , is it one ip? multiple ip addresses?
_|_ |__ ___ __ __
|_, | ) (__/_ (__) (__|
__/
On Mon, 22 Apr 2002, Chris Santerre wrote:
> This could be someone using a password cracker. Tr
Allowing any port (SSH included) go through the firewall\gateway to the
internal network is quite a back door , SSH is not immuned , and as we
seen not so long ago had a its share of security holes, I would suggenst ,
if you need remote control over a computer , stick a modem in it
_|_ |
secured gateways as you can is the best thing you can do , but then
again a guest connecting with a laptop directly to your network (switch)
has direct access ,I would consider other security fields such as IDS .
TheOg
-Original Message-
From: Jochen Kaiser [mailto:[EMAIL PROTECTED
21 matches
Mail list logo