Hi, I'm three days late on this one so you've probably already had a mailbox
full, but here's my twopence.
Either a Linux box (an old PC and some code) or a router with some very
dirty filter rules.
You could use IPChains on the Linux box to make it a very dandy firewall.
More than sufficient I
On 9 Oct 99, at 17:14, Ahbaid Gaffoor wrote:
Where can I find information on how to exploit certain OS's?
I'm setting up a RedHat based web server and would like to demonstrate
the need for security policies to my employer and clients...
One of the common scan signatures that we were
Hi,
Does anyone know of any software that will monitor a specific tcp port and
report back when the port goes down ???
I've looked, but all I can find is software for *nix. I need something that
will run on NT.
Thanks in advance
Wayne Norris.
Network Support
EFDS (UK) Ltd
Hi all,
We are trying to install a Firewall using Redhat 6.0
Have you any the suggestions what software we should use.
We have downloaded Socks from sunsite.unc.edu and tried to do a
compilation, but could not find any documnets on how to compile the
software.
Any help on where to get an
I have a question which have been answered before.
As an ISP do I really need to have a firewall, if so what do you think of the PIX
firewall.
I need to convince my management and some of the corporate customers, whether a
firewall is a good solution for an ISP security.
Thankyou
Emad Hazza
this is a little off topic but still it relates to security and
firewall in a sense.
Has anybody used this without problem and compromising security.
http://www.uk.research.att.com/vnc
kashif
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
Hi,
I've found a document about sock's installation, but I don't remember
where, I only find 2 e-mail where you could ask for it:
[EMAIL PROTECTED]
[EMAIL PROTECTED]
ciao
Valeria
___
[EMAIL PROTECTED]
-Original Message-
From: Norris, Wayne [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 11, 1999 10:32
To: '[EMAIL PROTECTED]'
Subject: Port Monitor
Hi,
Does anyone know of any software that will monitor a specific tcp port and
report back when the port goes down ???
I've looked,
If it's for a *local* machine (as opposed to network monitoring), one
possibility is a freeware utility called 'totostat' you can download at this
URL. They have both W95 NT versions:
http://www.xploiter.com/tambu/totostat.shtml
Hope this helps!
--Bill
- Original Message -
From:
As far as it looks Ahbaid is just looking for a list of weaknesses of RedHat. I
find nothing wrong with this, if someone was looking for hacks they probably would
use another list. I agree with Jason
Jason Murray wrote:
On Sat, Oct 09, 1999 at 06:25:23PM -0700, Jim Cline wrote:
Sorry but
I don't think it will monitor ports, but "servers-alive" will monitor NT
services, attempt to ping and will alert you if a service has stopped.
There might well be a port-monitor plug-in for it by now.
You can get it from www.woodstone.nu
Hope this helps,
Adam.
"Norris, Wayne" [EMAIL
Greetings,
Before I try to write my own, is there a program that will parse firewall
log entries? Currently we are using ipfwadm on Linux.
Thanks in advance,
- Bennett
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
On Mon, Oct 11, 1999 at 05:38:49PM +0500, [EMAIL PROTECTED] wrote:
this is a little off topic but still it relates to security and
firewall in a sense.
Has anybody used this without problem and compromising security.
http://www.uk.research.att.com/vnc
Yup, use it to
On Mon, 11 Oct 1999, Emad Hazza wrote:
I have a question which have been answered before.
As an ISP do I really need to have a firewall, if so what do you think of the PIX
firewall.
ISPs that do on-line accounting should probably have a firewall, but it
would be even better and more secure
I'd say it's almost a must, but you also need to look at what you
want to protect and the level of protection you want. For all your
internal office machines, full protection is a must. You also want
to limit accessability to the control ports of your modem banks and
other network hardware.
C.K.
Take at look at ISS's Internet Security Scanner or Network Associates' Cybercop
Scanner, both are good but ISS's reporting is a little better.
BS
[EMAIL PROTECTED] on 10/08/99 07:50:01 PM
To: [EMAIL PROTECTED]@Internet
cc:
Subject:scanner for NT server vulnerabilties
We use it extensively internally as it saves us having to drive the 4
miles to some of our remote NT boxes.
I even use it with x2vnc (under linux) so I have three monitors (NT
Server, Linux and NT Workstation) but running with only one
keyboard/mouse which is connected to the linux box.
All,
Thanks a lot for all your responses re monitoring a specific TCP port using
software on NT.
I've got more links in a few hours from you guys, than in the last few days
scouring the web.
Regards
Wayne Norris
Network Support
EFDS (UK) Ltd
On 11 Oct 99, at 10:37, Emad Hazza wrote:
As an ISP do I really need to have a firewall, if so what do you
think of the PIX firewall. I need to convince my management and
some of the corporate customers, whether a firewall is a good
solution for an ISP security.
On the one hand, it is
Hi,
I am not sure it's what you need (I don't know if you need a free and
limited tool or this kind of tool) but just take a look at :
http://www.ipswitch.com/Products/WhatsUp/index.asp
Hope this helps.
---
Patrick Stuto
PSideo Informatique
Av. du Bois de la Chapelle 99, CH-1213 Onex
tél. +41
Steve,
Check out this link for firewall comparisons:
http://www.spirit.com/cgi-bin/report.pl
BS
[EMAIL PROTECTED] on 10/11/99 10:56:48 AM
To: Brian E. Serra/Chicago/AUDIT/EYLLP/US@EY-NAmerica
cc:
Subject:Firewall Comparison Matrix
Brian,
I saw your post in the archives
try coast for a start:
http://www.cs.purdue.edu/coast/firewalls/
and for socks try the homepage, which has decent docs:
http://www.socks.nec.com/
as to software to use, I reccommend SSH for remote logins:
http://www.ssh.fi/
and here is the Faq for SSH:
[EMAIL PROTECTED] wrote:
Hi all,
We are trying to install a Firewall using Redhat 6.0
Have you any the suggestions what software we should use.
Look at using IPCHAINS. It's part of the networking code
in all 2.2.* Linux kernels. As such you already have the
makings of a good firewall.
I won't say what to do to hack, but I will say use OpenBSD
(http://www.openbsd.org/) instead for the web server, and place
it behind a firewall in a DMZ. Out of the box OpenBSD is much
more secure. All of the cryptogrophy, etc. stuf is already in
place. RedHat can't do that because of being
Try IPCHAINS. If you go to:
http://www.linux-howto.com
and read the firewall howto it will tell you how. There are a couple of
tools (even a couple of websites) that will let you tell it what services
you want to run, and what you want to block then it will generate a script
for you that are
There is a versoin of BigBrother for NT. I have seen an implementation of
BigBro with a web front end that let you do status checks from anywhere
over the web.
On Mon, 11 Oct 1999, Norris, Wayne wrote:
Hi,
Does anyone know of any software that will monitor a specific tcp port and
report
I would be careful with using it across the big bad internet (tm).
As far as I know, VNC protocol is not encrypted. I use VNC through an SSH
tunnel. Works fine.
Tin Le
Net Images - Premier Web Presence Provider http://www.netimages.com/~tin
Internet Security and Firewall Consulting
Does anyone know why Firewall-1 for NT recommends installing the software on
a workgroup instead of a domain(member server)? If so, won't I have to setup
separate accounts for each user? I'm planning on a DMZ with three NIC cards.
Thank you,
Vince Grande
[EMAIL PROTECTED]
-
[To unsubscribe,
Hi to all,
I'm preparing a paper/presentation about 'IP
ISDN routing with Win 2000'. I 'm not able to get any information about source
routing under Win 2K. Does anybody know the security issues of
NT4SP5 described in Q217336 and Q 238453 are handled? Is there any valuable source of
Hi,
Does anyone know where I can find the "official" documentation
for the Checkpoint FW-1 log file format (files produced by
logexport command). I have gone through the on-line docs, and
the developer docs from the OPSEC site, but there is no mention
made of the log file format other than the
Here is an excerpt from the firewall log (Gauntlet):
Oct 11 09:36:36 fw kernel: securityalert: tcp if=de1 from xxx.xxx.xxx.34:80
to 199.117.205.35 on unserved port 3131
Oct 11 09:36:44 fw kernel: securityalert: tcp if=de1 from xxx.xxx.xxx.123:80
to 199.117.205.35 on unserved port 3152
On Mon 11 Oct, 1999, Steve Kennedy [EMAIL PROTECTED] wrote:
Yup, use it to look after remote NT boxes siting behind CheckPoint
with no problem.
concentrating on the security/resiliency aspects, rather than general
pros and cons
good points:
authentication is a challenge/response with
Initial thoughts:
What are the packet flags of the incoming packets? Assuming that all the
incoming packets have the ACK flag set, this could be an attempt to bypass
packet filtering. Often times sites will block incoming connections to most
ports, unless the ACK flag on the packet is set
This must be an age-old question, but I'm looking for anecdotal
experience.
Based on price, value and performance, I am leaning towards the Pix 515
version 5.0 over Checkpoint on Solaris or Nokia (the latter being
prohibitively expensive, as far as I can see).
A few questions for (primarily)
I have come across something rather unusual. I have a computer at home
with Windows NT Server connected to the internet via a cable modem and
I maintain a nearly 24 hour pptp connection to a computer at my office
(600 miles away). Thus, I have two different ip addresses, one assigned
with
The basic concept is that your Firewall should not be trusted to anything on
your network. The bottom line is that
if you trust your Firewall to your DMZ and your Firewall is compromised, so goes
your DMZ.
Jim Lemieux
Vince R Grande [EMAIL PROTECTED] on 10/11/99 03:20:09 PM
A couple of things about this probe are disturbing to me.
1. The variable source address. With traffic like this that certainly
looks like address spoofing.
2. The random selection of target ports. This would actually indicate some
sort of legitimate application, although it certainly could
37 matches
Mail list logo