Has anyone tried to run the firewall-1 under linux.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
Does anyone know anything about ZEN (Zero Effort Networking)? Is it
reliable?
Thanks,
lucid.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
I have implemented it many times and it works great (the latest release 2.0
seems to be fine too but I am still waiting for client's feedback), I find
it easier to secure/manage Windows 9x desktops (more centralized
management). But if you really need security at the desktop you need
something
If you are looking for the home of the DNS server authoritative for your
external web server, it should go in the DMZ, it should contain information
ONLY for your DMZ, I.E. your dns record for your web and mail servers,
you'll probably have a forwarding record pointing to a root DNS server.
If
Hallo,
i have a problem with squid-gw: I want to redirect port 80 to port 8213
where squid-gw listen. Ipfwadm redirect port 80 to port 8213 and its work
fine. But the problem is, even if i use "Direct Connection to Internet"
Option on Netscape/IExplorer, i get:
Error detected by squid-gw:
Bad
not exactly, since all NICs on sun boxes always have the same mac address
(burnt into the motherboard) all switches are designed to handle that all
right. besides, all comunications start with the ip address being mapped to
mac address by arp, so the switch port which has the ip address you
In article [EMAIL PROTECTED],
Joshua Chamas [EMAIL PROTECTED] wrote:
Often these scans are coming from China, so I started thinking
that maybe these were students looking for a relay point
to surf the web without being blocked, a little freedom of
information, and that I was doing a disservice
It is my impression that what was meant by "compromising" the card was
utilization of MAC spoofing
But I could be wrong
Also this brings up a project that I am currently involved with and that
is
the dangers of MAC spoofing in relationship to Cisco's
Catalysts 5000. All and any
I need a VPN solution for my company. Cost of the solution is a factor. Can
anyone help me with their expertise and experience with choosing a solution.
Should I use a router based system. Or do something like a Gaunlet VPN
system that Network Associates just came up with. Any suggestions would
For some reason I can't pull up the full advisory at the moment to re-read
it. Would it not be possible for another dial up user on the same ISP to do
the same thing as a cable modem user and change the route? At home, I'm on
a cable modem so the issue concerned me momentarily until reading
Greetings,
Can someone point me to any resources concerning the recovery of an Internet
connection, say, at a hotsite, for example? I'm interested in issues
surrounding routes routers, firewall, ISP, DNS, etc.
TIA,
Kelly
---
Kelly Newcomb, CISSP
Technical Risk Assessment Consultant
Texas
Title: FW: DNS ..where to put..DMZ or ...
I'm new with Fire Wall security. My superior seems to know more about it. but after this message I have my doubts.
Can anyone help?
-Original Message-
From: X
Sent: Tuesday, August 24, 1999 9:01 AM
To: David Watson
Subject: RE:
For an dedicated Exchange server doing just smtp mail with Internet (ie, no
POP3, no IMAP, no LDAP) with its own public ip address, what are the
recommendations for packet filtering? block all ports except 25? No other
ports need to be open?
tia,
Len
-
[To unsubscribe, send mail to
[EMAIL PROTECTED] (Pete Goodridge) wrote:
We have a growing number of Lotus Notes users who need remote
access. Currently they are dialing into our old modem bank.
[snip]
Therefore we just need to open a port for Notes to the
server. I could open the Notes port to the DMZ and move the Notes
Hi,
We are evaluating two products for securing e-commerce applications.
These are "SiteMinder" by Netegrity, and "enCommerce getAccess". Has
anybody any experiance with these products ?. Any gotchas or
shortcommings. Thanx.
Farhan
-
[To unsubscribe, send mail to [EMAIL
Duh. No need for anyone to answer. Got the answer.:)
James Strompolis
Aleph Consultants, Inc.
[EMAIL PROTECTED], http://www.ribs.com
- Original Message -
From: James Strompolis [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Tuesday, August 24, 1999 10:42 AM
(Oops, forgot to include the list on first response)
Which car is best for you depends on whether you telecommute, drive 10 miles
to work each day or are a salesman covering a 5-state territory.
How are you intending to use the VPN? site-to-site? roaming users?
- Original Message -
No, another modem user of the same ISP, in fact one using the same upstream
router, still could not redirect your traffic to his machine.
The reason for this is that routing, even in a simple desktop, has the job only
of choosing the next hop. It has no control over subsequent routes. With a
I've been thinking about writing a cost vs. effectiveness paper on various
VPN solutions,
both hardware and software based for some time now. Please send me email
(do not copy the list) if this would be of interest to you.
To more directly answer your question, if you have a firewall in place
Why would you want connect all four to the same switch? The switches are
nowdays not that expensive ;-) Am I missing something here?
Unless you have a kind of a hybrid switch, it operates on MAC addresses
and doesn't know anything about IP. The IP-packet sender sends an ARP
to get the
is anyone running a firewall based on LRP ? if so, have u done any
benchmarks ?
Regards
J.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
This is good info. The cost per end-user VPN client looks high to me. I
know my Axent-Mobile clients run $60-$65. (Although not according to Axent
site, but search most software vendors sites and you'll find these prices.)
You may also be able to get bundles of clients with some vendors
On 24 Aug 99, at 9:41, David Watson wrote:
I'm new with Fire Wall security. My superior seems to know more about it.
but after this message I have my doubts.
Can anyone help?
-Original Message-
From: X
Sent: Tuesday, August 24, 1999 9:01 AM
To: David Watson
http://www.securityfocus.com/templates/forum_message.html?forum=2head=32id=32
forum - Guest Feature: The Internet Auditing Project (p1 of 7)
Thu Aug 19 1999
Cautionary Tales: Stealth Coordinated Attack HOWTO
It's buried kinda deep in the article, under; E) Embedding, and
Martin,
Failover routing seems to be an issue for allot of people. there is no good
solution. Your idea of a script to ping the interface is a good one but in
our experience its normally the application that fails not the whole box. I
am sure that you could get it to work by pinging a device
I would like to introduce myself to the list. I am a techical instructor for Nortel.
My area of focus is VPN product solutions. IKE, IPSec etc. Our VPN solutions are now
going to be porting FW-1 and I am looking to pick up a knowledge base specifiic to
firewall secuirity and the FW product. I
This is slightly off-topic so cross post if necessary.
When performing an incident recovery for company XYZ, I found the following
in root's crontab: * * * * * /usr/sbin/ns.
This appears to be a backdoor of some sort. The reason I post this is to
see if anyone has seen this type on binary
Buh?
You're telling me that every NIC on every Sun box has the _same_ MAC
address? Exactly how are "all switches" designed to "handle" that?
Please tell me that I've drastically misinterpreted this.
Cheers,
--
Ben Nagy
Network Consultant, CPMS Group of Companies
PGP Key ID: 0x1A86E304
I would like to introduce myself to the list. I am Channel Manager for a wholesale
distributor (for Australia and New Zealand) of Nokia Firewall VPN products
integrating Firewall 1. From what I've seen already I stand to learn a lot from the
postings on this list, and hopefully as my
My guesses are:
* Sniffer log daemon - there are many variants on this. The basic concept is
that
an attacker will install sniffers on multiple different machines, and as
opposed to
having them log locally, it sends the logs to a centralized host, where said
attacker
grabs them from at a later
At 05:00 PM 8/24/99 , someone using Ben Nagy's login wrote:
Buh?
You're telling me that every NIC on every Sun box has the _same_ MAC
address? Exactly how are "all switches" designed to "handle" that?
A single MAC per *motherboard* yes, by default .
All network card(s) plugged on the same Sun
This is true, but to get around switch problems, one should change the
MAC address using one of the startup scripts.
Marcus
__ Reply Separator _
Subject: RE: quad cards on firewalls
Author: bnagy ([EMAIL
32 matches
Mail list logo