hello i dunno if im writting this to the right mailling list but i hope
you guys can help me. The correct ratio more or less for a bandwidth
consumption is 1:4 (inbout/outbound), what could cause the outbound to
equal the inbound traffic ? i mean change the ratio from 1:4 to 1:1 ? im
just curious
Per Gustav Ousdal" [EMAIL PROTECTED] asks:
Does anyone have any information on, or pointers to resources documenting
successful attacks on "good" (can't be to good, huh?) firewall
implementations?
The biggest problems I've seen with firewalls (even "good" ones)
have to do with the
At 1:56 PM +1030 11/15/99, Tristan_Ball wrote:
At 10:02 15/11/99 +1100, YANG YINAN wrote:
Hi,
I'm just wondering Why IDS equipment must be connected to a hub and cannot
be connected to a switch?
My understanding of IDS is working at Network layer, so what's
differences of using a hub or a
-Original Message-
From: Breach, Geoff [mailto:[EMAIL PROTECTED]]
Sent: Friday, 12 November 1999 3:20 PM
To: Firewalls (E-mail)
Subject: RE: Three NIC Firewall
My thought was to turn off ip forwarding on the web server
and put in a second NIC that would appear on the
I believe that the issues are that:
1. With a switch the IDS cannot see the traffic on the other ports.
You can watch other hosts traffic by port monitoring or spanning.
This can be worked around on Cisco switches by spanning other
ports (CAT 5500) or monitoring ports (CAT 2900). On the
How do i get removed from this list
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
On Mon, 15 Nov 1999, Jiang Yi wrote:
We have install a firewall between our internal network and the
Internet. And we have 2 WWW servers (OS are both Solaris). One
server is on the DMZ, and one is on the internal network.
Of course people can access the information on the DMZ WWW server.
I am truely amazed that nobody explained the differences.
1) A hub is, generally, a dumb device. EVERY packet coming in a port is sent out
EVERY other port.
Therefore, the IDS system would see the packet.
2) A switch is, generally, a smart device. EVERY packet coming in a port DOES
NOT
If the netowkr architecture was done correctly and the underlying
operating system was hardened to only allow that particular application's
protocol to be the only service enabled then it would be very hard to
actually get in.. Marcus's assumption is that every firewall admin or
firewall admin
equal the inbound traffic ? i mean change the ratio from 1:4
to 1:1 ? im
just curious because for the last 6 months monitoring our
bandwidth the
ratio was always 1:4 now its on 1:1.
First thing to check is for math errors. :) After
that, check for changing user habits. Maybe
a lot of
I get about 3 attempts a day. Most network admins are very attentive to security
issues. If you were to email a formal complaint to the network admin of the system
from which the attack originated AND copy the message to their nearest upstream
neighbor. Im pretty sure they will take care of
I recorded an attack a little while ago. I tracked down the originator of
the attack (or rather, the org responsible for providing the access to the
attacker), copied the relevant log entries and emailed that to 'root@',
'postmaster@' and 'abuse@' (where the org in question follows the @). One
On Mon, 15 Nov 1999 [EMAIL PROTECTED] wrote:
If the netowkr architecture was done correctly and the underlying
operating system was hardened to only allow that particular application's
protocol to be the only service enabled then it would be very hard to
actually get in.. Marcus's assumption
If the netowkr architecture was done correctly and the underlying
operating system was hardened to only allow that particular application's
protocol to be the only service enabled then it would be very hard to
actually get in.. Marcus's assumption is that every firewall admin or
firewall
Amen...
Carric Dooley CNE
COM2:Interactive Media
http://www.com2usa.com
"Luck is the residue of design."
- Branch Rickey - former owner of the Brooklyn Dodger Baseball Team
On Sat, 13 Nov 1999, Lyndon Sutherland wrote:
Hi,
Is there anyone else out there getting sick of deleting all the
Hello everyone..
I'm (still) behind my ISP's proxy, which only allows trafic on port 80. I
can reach some ftp-servers, using Netscape or IE. BUT! I want to use a
"better" ftp program (it really isn't that comfortable to sit and replace
every whitespace with a "%20" all the time). Does anyone
Hi Ben,
Thanks for the input again !
I am thinking of using the second 'backdoor' NIC in each of our web servers,
connect them to another subnet of private addresses, and run them through
our internal packet filtering router. The 'inside' connection from the
bastion host will also use private
On Mon, Nov 15, 1999 at 09:18:21AM +0800, Jiang Yi wrote:
But I do not know how to do it on solaris with Apache Server, I wish
someone can help us. If you can send me the source code of redrecting
port, it is the best!
A lot of usefull redirection tools are on www.freefire.org
Greetings
On Mon, Nov 15, 1999 at 02:54:29PM +0100, Michael Enk wrote:
I was wondering if any proactive measures exist against attacks on a
firewall. What could I do if I knew my firewall was attacked from a
particular site ?
There is not much you can do. You can hope your firewall is generating a
nice
The more usual architecture is to also install a second NIC in the database
server, make sure that you have no IP forwarding on the DB and then connect
the backdoor NIC in the DMZ server directly to the DB Server.
If possible, I would then run filtering on the DB Server NIC to block any
Title: RE: Recommended Ftp program?
I have used CuteFTP in the past with proxies.
www.cuteftp.com
MATT
-Original Message-
From: David Olovsson [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 15, 1999 12:03 PM
To: [EMAIL PROTECTED]
Subject: Recommended Ftp program?
Hello
Greetings,
Recently I heard the term "hidden users":
users defined in the SAM but not seen in the
User manager.
Is it true ?
Any way to detect such users ?
Thanks
Avi
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
Hi All
few doubts :
a) I have a web server running ,MS IIS, I have enabled anonymous access only
and removed IUSR_computername account from user right "access this computer
from n/w" .only "log on locally" right has been assigned to this
account..but the client browser is not able to
23 matches
Mail list logo