On 2003-08-04 Chris Berry wrote:
From: Bob Walker [EMAIL PROTECTED]
While I am a huge fan of the msconfig utility in windows machines, it
doesn't work in win2k. Doesn't even exist. My advice would be to go
the safe mode route, as you suggested. Another possible avenue (for
advanced users
I'm not really sure if I understood the question but I'll try to go over some things
that can be related to it.
An user can't access any of the computers directly if they work in *infrastructure
mode*. It is always the central station (access point) through which is the connection
completed
: Question for all
don't know if this is of any help, but found it through google search :
http://www.symantec.com/avcenter/venc/data/w32.randex.d.html
- Original Message -
From: Morton B. Maser [EMAIL PROTECTED]
To: Flory D Jeffrey Contractor 59MDSS/MSISI
[EMAIL PROTECTED]; [EMAIL
I'm trying to determine if 802.11i has sufficiently addresses the
deficiencies in WEP to make it a viable alternative to wired
networks. I
still have one concern that I haven't seen an answer to. Could
someone
point me to some documentation that might address my concerns.
This may help:
]
Subject: RE: Windows 2000 Audit Question
I'm fairly sure that 1 applies to domain logons and 2 applies to any other
connection that requires authentication. eg. accessing a shared folder.
-Original Message-
From: Michael Ungar [mailto:[EMAIL PROTECTED]
Sent: Sunday, 3 August 2003 3:42 PM
tried doing a search on the
internet for some kind of information pertaining to this, but we had no
luck. We also tried all the antiviral websites but they do not have a tool
for this.
My question is: Has anyone ever heard of this, and if so, how do you clean
it off.
Thanks in advance
59MDSS/MSISI
[EMAIL PROTECTED]
Sent: Friday, August 01, 2003 7:22 AM
Subject: Question for all
A friend of mine recently went from Windows ME to Win2K, but now he has a
trojan on his computer. He is running Norton Anti-virus, and it will not
clean it off, it will only quarentine
You can also download Msconfig.exe for XP and run it on Windows 2000..
-Original Message-
From: Bob Walker [mailto:[EMAIL PROTECTED]
Sent: Monday, August 04, 2003 10:24 AM
To: 'KoRe MeLtDoWn'; [EMAIL PROTECTED];
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: Question for all
Hamish
I'm trying to determine if 802.11i has sufficiently addresses the
deficiencies in WEP to make it a viable alternative to wired networks. I
still have one concern that I haven't seen an answer to. Could someone
point me to some documentation that might address my concerns.
It seems that a lot of
PROTECTED]
Cc: Flory D Jeffrey Contractor 59MDSS/MSISI
[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 10:57 AM
Subject: Re: Question for all
Haven't heard of it specifically by that name - you might check
http://www.diamondcs.com.au (TDS-3 anti-trojan scanner) or
http://www.nsclean.com (BOClean
Chris,
Well, the best plan would be to wipe your hard drive and start over, but
barring that, my next step would be to use SpybotSD, it's pretty good at
cleaning out garbage like that. If it works you might consider sending a
donation, the developer does all that work for free.
Agreed.
Windows 2000 has 2 Audit Policy Settings;
1 - Audit account logon events
2 - Audit logon events
I'm not totally clear on the difference. I know the
first one is used as a central repository for auditing
logons (e.g., domain account logons to multiple
servers can get recorded to the central
management, and remove the offending service there.
Bob
-Original Message-
From: KoRe MeLtDoWn [mailto:[EMAIL PROTECTED]
Sent: Friday, August 01, 2003 2:44 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: Re: Question for all
Hi there Jeffery,
Backdoor.Trojan
: Question for all
Here is a link to trend
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_BDFR.SV
R
it lists some information and you can use their online scan.
David
-Original Message-
From: Flory D Jeffrey Contractor 59MDSS/MSISI
[mailto:[EMAIL PROTECTED]
Sent
:54 PM
To: 'KoRe MeLtDoWn'; [EMAIL PROTECTED];
[EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: RE: Question for all
Hamish
While I am a huge fan of the msconfig utility in windows machines, it
doesn't work in win2k. Doesn't even exist. My advice would be to go
the safe mode route, as you
From: Bob Walker [EMAIL PROTECTED]
While I am a huge fan of the msconfig utility in windows machines, it
doesn't work in win2k. Doesn't even exist. My advice would be to go
the safe mode route, as you suggested. Another possible avenue (for
advanced users only though), would be to go to
Subject: Security/Firewall question
Hi everyone!
I'm still pretty new to security and firewalls and such, and I'm having a
problem wrapping my head around a couple of concepts. Here's what I have-
I have a stand alone email server behind an Adsl router (with 4prt hub).
The router is set to pass
. He cannot get ride of it. We have tried doing a search on the
internet for some kind of information pertaining to this, but we had no
luck. We also tried all the antiviral websites but they do not have a tool
for this.
My question is: Has anyone ever heard of this, and if so, how do you
have
tried doing a search on the
internet for some kind of information pertaining to
this, but we had no
luck. We also tried all the antiviral websites but
they do not have a tool
for this.
My question is: Has anyone ever heard of this, and
if so, how do you clean
it off.
Thanks
PROTECTED]
Cc: Flory D Jeffrey Contractor 59MDSS/MSISI
Subject: Question for all
A friend of mine recently went from Windows ME to Win2K, but now he has a
trojan on his computer. He is running Norton Anti-virus, and it will not
clean it off, it will only quarentine it. The affliction
AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: Flory D Jeffrey Contractor 59MDSS/MSISI
Subject: Question for all
A friend of mine recently went from Windows ME to Win2K, but now he has a
trojan on his computer. He is running Norton Anti-virus, and it will not
clean it off, it will only
, 2003 8:23 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: Flory D Jeffrey Contractor 59MDSS/MSISI
Subject: Question for all
A friend of mine recently went from Windows ME to Win2K, but now he has a
trojan on his computer. He is running Norton Anti-virus, and it will not
clean it off, it will only
PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
CC: Flory D Jeffrey Contractor 59MDSS/MSISI
[EMAIL PROTECTED]
Subject: Question for all
Date: Fri, 1 Aug 2003 09:22:51 -0500 MIME-Version: 1.0
Received: from outgoing2.securityfocus.com ([205.206.231.26]) by
mc6-f29.law1.hotmail.com with Microsoft
question is: Has anyone ever heard of this, and if so, how do you clean
it off.
Thanks in advance for any assistance, anyone can provide.
Well, the best plan would be to wipe your hard drive and start over, but
barring that, my next step would be to use SpybotSD, it's pretty good at
cleaning out
hardware requirements are a 400 MHz processor and 128 MB Ram (I used
an old original Celeron box, and it works fine).
M
- Original Message -
From: Gregg [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, July 29, 2003 1:40 AM
Subject: Security/Firewall question
Hi everyone!
I'm
/Firewall question
I'm not certain
if- I want to assign that IP to the OpenBSD firewall, and
use NAT and/or RDR to pass on SMTP traffic on port 25 to the
email server. Yes? No? Maybe? Am I a shame on my species?
About the only other valid choice would be if you can coerce
the OpenBSD
-Original Message-
From: Gregg [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 29, 2003 10:41 AM
To: [EMAIL PROTECTED]
Subject: Security/Firewall question
Hi everyone!
I'm still pretty new to security and firewalls and such, and I'm having a
problem wrapping my head around a couple
-Original Message-
From: marc brown [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 29, 2003 2:03 AM
To: [EMAIL PROTECTED]
Subject: nmap status question
i am new to linux but after getting my rh9 box running
i have started to use nmap to do some scanning of my
networks. can someone tell
Marc -
From the nmap man page:
The result of running nmap is usually a list of interesting ports on them
achine(s) being scanned (if any). Nmap always gives the port's well known
service name (if any), number, state, and protocol. The state is either
'open', ´filtered´, or
On Mon, 28 Jul 2003, marc brown wrote:
i am new to linux but after getting my rh9 box running
welcome to linux
i have started to use nmap to do some scanning of my
networks. can someone tell me exactly what it means
when the state of a particular port is 'filtered'?
man nmap
will tell
On Mon, Jul 28, 2003 at 06:03:26PM -, marc brown wrote:
i am new to linux but after getting my rh9 box running
i have started to use nmap to do some scanning of my
networks. can someone tell me exactly what it means
when the state of a particular port is 'filtered'?
Ugly RTFM, really...
In-Reply-To: [EMAIL PROTECTED]
Hi Marc
A port is in either of the two states ie , open or closed at any point of
time. But using a firewall a particular port can be blocked.In such a
scenario when nmap is run aganist a system which has a particular port
blocked by a firewall , then the
Filtered means that a firewall or similar is covering the port and stopping
nmap from determining whether the port is open.
(Unfiltered means that nmap knows the port is closed and nothing is
interfering with nmap's ability to detect it)
At 18:03 28/07/2003 +, marc brown wrote:
i am new
Hi everyone!
I'm still pretty new to security and firewalls and such, and I'm having a
problem wrapping my head around a couple of concepts. Here's what I have-
I have a stand alone email server behind an Adsl router (with 4prt hub).
The router is set to pass-thru (nat and firewall disabled).
As it was written on Jul 28, thus marc brown spake unto [EMAIL PROTECTED]:
marc: Date: 28 Jul 2003 18:03:26 -
marc: From: marc brown [EMAIL PROTECTED]
marc: To: [EMAIL PROTECTED]
marc: Subject: nmap status question
marc:
marc:
marc:
marc: i am new to linux but after getting my rh9 box
I'm not certain
if- I want to assign that IP to the OpenBSD firewall, and
use NAT and/or RDR to pass on SMTP traffic on port 25 to the
email server. Yes? No? Maybe? Am I a shame on my species?
About the only other valid choice would be if you can coerce
the OpenBSD box to act
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A port is in either of the two states ie , open or closed at
any point of time.
That is not exactly correct. Ports are not either open or closed.
Depending on the protocol, there are actually several different states of
activity. For
On Tue, 2003-07-29 at 02:40, Gregg wrote:
I'm not certain if-
I want to assign that IP to the OpenBSD firewall,
Yup
and use NAT and/or RDR
to pass on SMTP traffic on port 25 to the email server.
Yup
And put the email server on one of the private nets; set up the OpenBSD
box with no
To put it very trivially, when a port is filtered it
drops packets which do not originate from a trusted IP
address. Just one example of when port filtering is
used is for backdoors or trojans. These often
only accept connections from user-specified IP
addresses, and silently ignore all other
: Gregg [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 29, 2003 4:41 AM
To: [EMAIL PROTECTED]
Subject: Security/Firewall question
Hi everyone!
I'm still pretty new to security and firewalls and such, and I'm having a
problem wrapping my head around a couple of concepts. Here's what I have-
I
PROTECTED]
Subject: Re: nmap status question
Date: 29 Jul 2003 07:27:42 -
In-Reply-To: [EMAIL PROTECTED]
Hi Marc
A port is in either of the two states ie , open or closed at any point of
time. But using a firewall a particular port can be blocked.In such a
scenario when nmap is run aganist
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Heya Gregg,
On Tuesday, July 29, 2003, at 05:40 AM, Gregg wrote:
I'm not certain if-
I want to assign that IP to the OpenBSD firewall, and use NAT and/or
RDR
to pass on SMTP traffic on port 25 to the email server. Yes? No?
Maybe? Am
I a shame on
The Fueley wrote:
How would that apply to a layer 3 switch/router? Actually the packaging says
that I have a Residential Gateway/Router/Firewall. Aren't gateways layer 7
devices? While switches are layer 2 devices, they deal with MAC addresses
right? Maybe a smart switch knows which MAC addresses
: RE: ARP Spoof Question
what are layers? what purpose do they serve?
dave
On Thu, 24 Jul 2003, David Gillett wrote:
Switches are layer 2 devices, IP begins at layer 3. A
-switch- usually doesn't understand a single ip bit.
The management side of the switch (snmp, http
i am new to linux but after getting my rh9 box running
i have started to use nmap to do some scanning of my
networks. can someone tell me exactly what it means
when the state of a particular port is 'filtered'?
thanks,
marc
]; [EMAIL PROTECTED]
Subject: Re: ARP Spoof Question
Q1.My Question is, Node C will also reply to that request of Node A. SO
now Node A has 2 different MAC for the same IP. How is Node A handling
this situation???
Q2.The switch also updates its table of IP/MAC address bindings, so how
is switch handling
-Original Message-
From: Stephane Nasdrovisky [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 23, 2003 2:05 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: ARP Spoof Question
I have a small question. I was reading about ARP Spoofing and here is my
question.
So when Node
]
Sent: July 23, 2003 16:13
To: [EMAIL PROTECTED]
Subject: RE: ARP Spoof Question
If we use a Cisco switch for example, don't they have a
learning period?
I would presume that the switch would go through the process
of building
its ARP tables again.
Stu
-Original Message
Gillett [mailto:[EMAIL PROTECTED]
Sent: 24 July 2003 17:39
To: 'Stuart'; [EMAIL PROTECTED]
Subject: RE: ARP Spoof Question
A switch should *always* be learning. A destination MAC
address should always fall into one of two categories:
1. I have it in my switch table (NOT *ARP*, per se), because
I
Switches are layer 2 devices, IP begins at layer 3. A
-switch- usually doesn't understand a single ip bit.
The management side of the switch (snmp, http, telnet,
whatever) are to be considered as any other networked host.
How would that apply to a layer 3
Question
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thanks for clearing that up,
I remember reading an article a while back about sending frequent
spoofed ARP packets to receive packets but have been unable to locate
the article. You can specify your own Mac address on some network
[mailto:[EMAIL PROTECTED]
Sent: 24 July 2003 17:39
To: 'Stuart'; [EMAIL PROTECTED]
Subject: RE: ARP Spoof Question
A switch should *always* be learning. A destination MAC
address should always fall into one of two categories:
1. I have it in my switch table (NOT *ARP*, per se), because
I
Hi all members,
I have a small question. I was reading about ARP Spoofing and here is my
question.
When Node A wants to send some packets to Node C, it sends a ARP
Broadcast to find out the MAC address of Node C. This broadcast reaches
all nodes in a network in a switched or Hub network. So when
On Wed, 2003-07-23 at 01:22, Vineet Mehta wrote:
Q1.My Question is, Node C will also reply to that request of Node A. SO
now Node A has 2 different MAC for the same IP. How is Node A handling
this situation???
Q2.The switch also updates its table of IP/MAC address bindings, so how
an additional response (first two lines) but the if prevents it
from looping infinitely.)
David Gillett
-Original Message-
From: Vineet Mehta [mailto:[EMAIL PROTECTED]
Sent: July 22, 2003 22:22
To: [EMAIL PROTECTED]
Subject: ARP Spoof Question
Hi all members,
I have a small question. I
Q1.My Question is, Node C will also reply to that request of Node A. SO
now Node A has 2 different MAC for the same IP. How is Node A handling
this situation???
Q2.The switch also updates its table of IP/MAC address bindings, so how
is switch handling this situation???
Is it first-come-first-serve
a small question. I was reading about ARP Spoofing and here is my
question.
When Node A wants to send some packets to Node C, it sends a ARP
Broadcast to find out the MAC address of Node C. This broadcast reaches
all nodes in a network in a switched or Hub network. So when Node B is a
attacker he
...
Is it necessary to configure qmail-smtpd in inetd.conf???
If i start qmail in start script from inet.d directory for example or by
service qmail start it works fine.
And one more question. I'm using xinet daemon, so i've no inetd.conf file,
but xinet.d directory with stored
settings. How can i
qmail-smtpd in inetd.conf???
If i start qmail in start script from inet.d directory for example or by service qmail
start it works fine.
And one more question. I'm using xinet daemon, so i've no inetd.conf file, but xinet.d
directory with stored
settings. How can i interpret setting mentioned above
Pessoft wrote:
I've removed sendmail and installed qmail.
In installation info it's written this:
16. Set up qmail-smtpd in /etc/inetd.conf (all on one line):
smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env
tcp-env /var/qmail/bin/qmail-smtpd
...
Is it necessary
On Friday, July 18, 2003 @ 6:36:33 AM [-0700], Pessoft wrote:
service smtp
{
disable = yes
socket_type = stream
protocol= tcp
wait= no
user= qmaild
server =
question. I'm using xinet daemon, so i've no inetd.conf file, but xinet.d
directory with stored
settings. How can i interpret setting mentioned above to setting for xinetd?
I've created file xinet-smtpd in xinet.d directory, which contains this:
service smtp
{
disable = yes
socket_type
/qmail-smtpd
...
Is it necessary to configure qmail-smtpd in inetd.conf???
If i start qmail in start script from inet.d directory for example or by service
qmail start it works fine.
And one more question. I'm using xinet daemon, so i've no inetd.conf file, but
xinet.d directory with stored
PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Question for you all
I agree. FreeBSD and moreso, OpenBSD, are indeed more secure by default
and
you are correct that this doesn't mean it's more secure over all, there's
just less word, at first. However, look at the kernel for OpenBSD compared
to Linux
Bastille Linux (http://www.bastille-linux.org/) and Immunix
(http://www.immunix.org/) definitely fit the bill. I've worked with
both and have been quite pleased with their overall security.
Let's not forget about one of my favorites: Openwall/*/GNU Linux.
www.openwall.com
Steve Bremer
Thom,
As a relative newcomer to the security field, but with a reasonable amount
of experience in sys admin roles, I am now responsible for the network
security of the (small) company I work for. One of the things I would like
to do is determine if (when) our web server, which hosts our
, consulting.
- Original Message -
From: exon [EMAIL PROTECTED]
To: CreativeSell [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Thursday, July 03, 2003 5:13 AM
Subject: Re: Question for you all
On Mon, 30 Jun 2003, CreativeSell wrote:
Hi All,
Having just got off an awful php host, my
Hi ae,
I think some of your comments are not exactly correct. OpenBSD is
secure by default because no services running, as soon as you activate
httpd or alike the actual daemon is what will be the problem not the
under lying OS.
As for RedHat, I like it, you can make it as secure as any distro,
It runs on windows as well.
-Original Message-
From: DeGennaro, Gregory [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 03, 2003 1:30 AM
To: Thom Larner; '[EMAIL PROTECTED]'
Subject: RE: Port scanning question
Check out SNORT which runs on UNIX.
And reviewing firewall or router syslogs
: [EMAIL PROTECTED]
Sent: Thursday, July 03, 2003 5:17 PM
Subject: Re: Question for you all
Hi ae,
I think some of your comments are not exactly correct. OpenBSD is
secure by default because no services running, as soon as you activate
httpd or alike the actual daemon is what
PROTECTED]'
Subject: Port scanning question
Hi all,
As a relative newcomer to the security field, but with a reasonable
amount
of experience in sys admin roles, I am now responsible for the network
security of the (small) company I work for. One of the things I would
like
to do is determine
to try and list
here.
--
Regards,
Tim Greer [EMAIL PROTECTED]
Server administration, security, programming, consulting.
- Original Message -
From: CreativeSell [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, June 30, 2003 2:49 PM
Subject: Question for you all
Hi All,
Having
On Mon, 2003-06-30 at 16:49, CreativeSell wrote:
.what else can we do?
Olly
Bastille it.
http://www.bastille-linux.org/
Log everything and actually read the logs, use logsentry or swatch to
manage them. Use a system integrity monitor like tripwire.
scanned how? There are different ways to scan, but the basic
sequential ports, fast (does anybody still do this?) shows up big time
in the logs and sets off lights and alarms in almost (?) every intrusion
detection system there is.
Now, a slow, irregular, half-sync scan...
Jim
Thom Larner
Check out SNORT which runs on UNIX.
And reviewing firewall or router syslogs can help too.
--Greg
-Original Message-
From: Thom Larner [mailto:[EMAIL PROTECTED]
Sent: Monday, June 30, 2003 4:38 PM
To: '[EMAIL PROTECTED]'
Subject: Port scanning question
Hi all,
As a relative newcomer
On Mon, 30 Jun 2003 22:49:32 +0100
CreativeSell [EMAIL PROTECTED] said:
Hi All,
Having just got off an awful php host, my partner and I have decided to get
our own redhat server. However we are slightly apprhhensive about ebing
hacked to pieces. we are keeping up to date with all bugtracks
On Mon, 2003-06-30 at 17:49, CreativeSell wrote:
Hi All,
Having just got off an awful php host, my partner and I have decided to get
our own redhat server. However we are slightly apprhhensive about ebing
hacked to pieces. we are keeping up to date with all bugtracks and security
One of the things I would like
to do is determine if (when) our web server, which hosts our applications,
is being port scanned. How do I go about this? Are there (free or cheap)
tools that will help you do this?
The Snort Intrusion Detection System (IDS) is free software that will
: Thom Larner [EMAIL PROTECTED]
Subject: Port scanning question
Hi all,
As a relative newcomer to the security field, but with a reasonable amount
of experience in sys admin roles, I am now responsible for the network
security of the (small) company I work for. One of the things I would
like
csell: Date: Mon, 30 Jun 2003 22:49:32 +0100
csell: From: CreativeSell [EMAIL PROTECTED]
csell: To: [EMAIL PROTECTED]
csell: Subject: Question for you all
csell:
csell: Hi All,
csell:
csell: Having just got off an awful php host, my partner and I have decided to get
csell: our own redhat
Linux has scanlogd and scandetd, both of which are short and simple.
Probably Sun has their own, too. I don't know if anyone supports this,
but this could also be implemented on a router/switch, which would save
you time managing different OS.
Justin
On Wed, Jul 02, 2003 at 08:26:02PM +,
There are a number of different things that could alert you to a port
scan, but an IDS generaly has the role of detecting these types of
events. Snort is a very popular free IDS, but if would be best to
install on a seperate box (if you have an old pc around) Check out
their website at
On 6/30/2003 at 8:46 PM Benjamin A. Okopnik wrote:
Well, I can't claim that I've actually seen a _documented_ recovery as
such, or that I have *absolute* proof, but - having worked for
$LARGE_AEROSPACE_COMPANY where this was a concern, I'm aware of two
techniques that were supposedly in actual
/nikto.shtml
Enjoy ;-)
-Original Message-
From: CreativeSell [mailto:[EMAIL PROTECTED]
Sent: Monday, June 30, 2003 11:50 PM
To: [EMAIL PROTECTED]
Subject: Question for you all
Hi All,
Having just got off an awful php host, my partner and I have decided to get
our own redhat
]
Sent: June 30, 2003 16:38
To: '[EMAIL PROTECTED]'
Subject: Port scanning question
Hi all,
As a relative newcomer to the security field, but with a
reasonable amount
of experience in sys admin roles, I am now responsible for the network
security of the (small) company I work for. One
On 01/07/03 09:38 +1000, Thom Larner wrote:
security of the (small) company I work for. One of the things I would like
to do is determine if (when) our web server, which hosts our applications,
is being port scanned. How do I go about this? Are there (free or cheap)
http://www.snort.org/ is
On 6/30/2003 at 7:53 PM isox wrote:
There is a good paper written by Peter Gutmann titled Secure Deletion
of
Data from Magnetic and Solid-State Memory. It is nearly a decade
old,
but it contains some very good information in it. It is available at
On Mon, Jun 30, 2003 at 10:49:32PM +0100, CreativeSell wrote:
Hi All,
Having just got off an awful php host, my partner and I have decided to get
our own redhat server. However we are slightly apprhhensive about ebing
hacked to pieces. we are keeping up to date with all bugtracks and
-Original Message-
From: CreativeSell [mailto:[EMAIL PROTECTED]
Sent: 30 June 2003 22:50
To: [EMAIL PROTECTED]
Subject: Question for you all
Hi Olly,
Probably the first thing I'd do is get hold of a
private email address that isn't easily associated
with your site and use
on the firewall.
badenIT GmbH
System Support
Chris Meidinger
Tullastrasse 70
79108 Freiburg
-Ursprngliche Nachricht-
Von: Thom Larner [mailto:[EMAIL PROTECTED]
Gesendet: Tuesday, July 01, 2003 1:38 AM
An: '[EMAIL PROTECTED]'
Betreff: Port scanning question
Hi all,
As a relative newcomer
On Mon, 30 Jun 2003, CreativeSell wrote:
Hi All,
Having just got off an awful php host, my partner and I have decided to get
our own redhat server. However we are slightly apprhhensive about ebing
hacked to pieces. we are keeping up to date with all bugtracks and security
updates...what
On 30/06/03 22:49 +0100, CreativeSell wrote:
Having just got off an awful php host, my partner and I have decided to get
our own redhat server. However we are slightly apprhhensive about ebing
hacked to pieces. we are keeping up to date with all bugtracks and security
updates...what else can
Hi All,
Having just got off an awful php host, my partner and I have decided to get
our own redhat server. However we are slightly apprhhensive about ebing
hacked to pieces. we are keeping up to date with all bugtracks and security
updates...what else can we do?
Olly
There is a good paper written by Peter Gutmann titled Secure Deletion of Data from
Magnetic and Solid-State Memory. It is nearly a decade old, but it contains some
very good information in it. It is available at
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
On Fri, Jun 27, 2003 at 08:06:52PM -0700, Jack Crone wrote:
If anyone on the list is aware of an actual, documented recovery I
would really like to know about it. Demonstrations which show how to
retrieve a few bits don't count. Neither do the claims of some data
recovery companies who, when
Hence the DCID 6/3 specification that disks may only be used after
cleaning at the classification they were used on or above. The bad
sector problem with disks thwarts many of the erase procedures. There
may be data written in those sectors that tools (all tools, to my
understanding) do not
Hi all,
As a relative newcomer to the security field, but with a reasonable amount
of experience in sys admin roles, I am now responsible for the network
security of the (small) company I work for. One of the things I would like
to do is determine if (when) our web server, which hosts our
: Digital Evidence Question - What is an effective
Windows hard -disk search tool?
Greetings All,
I really have to jump in in the middle of this one(threads
included, for contextual reference). OnTrack's Data Recovery
utility (cost: $200) is an excellent tool for recovering data
from
, and this
has saved my backside several times already.
Regards
Bob
-Original Message-
From: Troy Larson [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 26, 2003 2:32 PM
To: 'Robinson, Sonja'; 'NC Agent'; [EMAIL PROTECTED]
Subject: RE: Digital Evidence Question - What is an effective Windows
hard
]
Subject: RE: Digital Evidence Question - What is an effective
Windows hard -disk search tool?
According to information I received at an HTCIA meeting about
3 months ago, as well as some reading that I have done, 31
times is now what is recommended. I can't locate my notes
that had
1 - 100 of 661 matches
Mail list logo
