hi all,
if you visit the site
www.infosecnews.com/scmagazine/1999_04/survey/products2.html
ypu will find the info you need ...
Mahmut Korkmaz
Internet Technelogies Network Security Specialist
ProNetwork
Eski Bykdere Cad. Dilaver Sok. No:4
80660 Seyrantepe Istanbul Turkey
Tel : +90 212 325
it is possible as long as your internal router or network and outside
network of the proxy are on the same
network. Or you may manage this by doing the NAT on the firewall and using
the proxy server as cache.
cheers
Mahmut Korkmaz
Internet Technelogies Network Security Specialist
ProNetwork
Whenever you can not boot a sun os as root,
the best way is booting the machine from the
cd-rom and thereafter editing /etc/passwd with
vi or any other editor and change the shell field to
/sbin/ksh which is the most used shell environment
in Sun OS.
cheers
Mahmut Korkmaz
Internet Technelogies
what do you mean?
pronetwork is in Turkey but i suppose you confused man...
Mahmut Korkmaz
Internet Technelogies Network Security Specialist
ProNetwork
Eski Bykdere Cad. Dilaver Sok. No:4
80660 Seyrantepe Istanbul Turkey
Tel : +90 212 325 5525
Fax : +90 212 325 5515
E-Mail: [EMAIL PROTECTED]
I think you need to understand the reason you were port scanned in the first
place. It is a fishing exercise usually. Look at a port scan as a way of
determining if the area holds potential or not. Why to fishermen use fish
locators? To see if there are fish in the area and save them some
On 19 Dec 99, at 17:49, Avi Rubin wrote:
Source availability, and no need for client software.
No need for client software is a big win! Many VPN vendors expect
customers to not only distribute their client software, but to track
its licenses -- and over the kind of geographic dispersion
Can anybody share information on the ANS InterLock firewall? Is it still
being made, even after buy-out by MCI WorldCom? Is it easy to set up?
Application based? Anything uniquely good or clumsy about it? What product
does it compare to? Thanks.
Mark Nowlin
Technical Support IBM 5250
Core
Eric wrote:
By the way, I see frequent few port scans from people looking for
open news servers! And that is on a system that doesn't run a
news server at all. While I don't see that as a security problem,
I am puzzled since it never happened before the first week of
October.
I've
Hi,
Just wanted to know which Intrusion detections softwares are really good.
Iam planning to use RealSecure from ISS. Any suggestions. Also what would
one do if they discovered an attack being done on the firewall or their
DMZ service area. This is a hypothetical Q, are their any general
Hello,
for more than a year now I'm reading the posts on this list as a summary.
I've found many ideas of great value. This is my first post as a reply
to the interesting Doubleclick problem ...
Because of this possibility, I know of several administrators who simply
block, at the DNS level,
I need to mount a drive from a NT machine inside a NATed firewall to an NT
machine outside the network. Does anybody have a pointer on dealing with NT
specific problems when dealing with firewall. Anybody know which ports an
NT machine uses for PDC/BDC traffic or drive sharig?
-
[To unsubscribe,
What are ports 6671 6771 used for? Last night someone
felt the need to check both of these ports three
times each, alternating between the two. I verified
that I am not running any services there, but I am curious.
I found 6771 is used for DeepThroat, but I could not
find a match for 6671.
first posting to this list...been lurking for a while,
and the conversation looked intersting ;)...
SIPRNET
correct, and the other side of the coin is NIPRNET,
(Nonsecure, etc..)
we don't use IPv6 ...NIPRNET or SIPRNET ;)
and Jimi, IRT what you said:
Well their secret network
I suggest you take a good look for the trojan. It´s not
impossible that you
find it on your computer.
It is when you run Linux. ;-)
~Patrick
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
I'm getting kind of tired of sending reports of
port scans and attempted break-ins to people who
don't really seem interested in doing something
about the problem. I always ask them to keep me
informed about how they deal with those
responsible, but very few have the courtesy to
Switches are no in and of themselves security devices. They can work to
help enhance you security perimeter, functioning with the actual security
devices, but you;d do yourself a dis-service to toss one in in order to
avoid installing a real security device.
Thanks,
Ron DuFresne
On Mon, 20
Tim,
Windows uses NetBIOS to do it's file and printer sharing, as well as remote
administration, so be careful when allowing it through a firewall.
I believe you will need to use a NAT device that is "NetBIOS aware", because
the source IP address is contained in the packet payload, so NAT causes
All NT authentication traffic and LAN file transfer (drive mapping/SMB
traffic/NetBIOS) activity happens on ports 137, 138, and 139. Of all the
ports you open on your firewall, those are among the most dangerous. If your
firewall supports VPN connections, you might have the external client open a
also see:
http://www.kyuzz.org/antirez/hping2.html
by:
[EMAIL PROTECTED]
Thanks,
Ron DuFresne
On Tue, 21 Dec 1999, Parker, Gary W wrote:
Eric Johnson [EMAIL PROTECTED] said ...
"Parker, Gary W" wrote:
Retaliation is not the proper response to attacks, real or perceived.
http://capitol.tlc.state.tx.us/statutes/codes/PE21.html
Reading the Texas Penal Code, Chapter 33, Computer Crimes,
makes me think that port scanning is probably considered a
Class B Misdemeanor in Texas.
Section 33.01 defines "Access" as:
(1) "Access" means to approach, instruct,
How come this all tends to remind me of not too long ago, folks linking
their .project and .plan files to wickedly long text files, or devices
that wuld do all sorts of funky things with yer term, or little bits of
tcpd twist majik?
Thanks,
Ron DuFresne
On Tue, 21 Dec 1999, Paul D. Robertson
A big huge thank you to everybody who gave me pointers and tips on the
drive mapping problem. This listserve is full of professional,
knowledgeable, and friendly people. I am learning a ton and hope that one
day I can help others too.
Thank you all very much.
-
[To unsubscribe, send mail to
http://www.js.chekpoint.com/~joe/
A serious volume of info on this site..
Thank you JOE, whoever you are!!!
Carric Dooley CNE
COM2:Interactive Media
http://www.com2usa.com
"Luck is the residue of design."
- Branch Rickey - former owner of the Brooklyn Dodger Baseball Team
On Wed, 22 Dec
OK.. two tips here.
Use "boot -s" to boot to single user mode..
Tip2: download web ferret. You can do boolean searches like:
solaris AND boot AND single user mode
It was my third or fourth hit...
Get web ferret at http://download.com
Carric Dooley CNE
COM2:Interactive Media
In a specific config.. i.e. if you are putting microsoft proxy infront of
a firewall for your users to authenticate to for tracking their internet
usage and for local caching if your firewall does not handle that.
If you are trying to setup a "firewall" however... one NIC will not cut it
unless
I'm sure this has been answered, but... that is whey god made rescue
disks. Boot off floppy, mount fs, edit /mnt/myserver/etc/passwd so root
has a shell again, UNMOUNT THE FS BEFORE EXITING OR CHANGES WON'T BE
SAVED!!! reboot. Voila!
I bet all sysadmins have a similar story to tell... =)
-Original Message-
From: Jim Eckford [mailto:[EMAIL PROTECTED]]
Sent: Thursday, 23 December 1999 7:27 AM
To: [EMAIL PROTECTED]
Subject: Re: NT Drivesharing and firewalls.
Tim,
Windows uses NetBIOS to do it's file and printer sharing, as
well as remote
administration, so be
Hi all,
some of the list users advice me that I required a boot disk
in order to boot to single user mode from a cdrom.
So, I did some searching at the sun website and found
"Booting an x86 system uses these subsystems:
Primary boot subsystem
Secondary boot subsystem
Can anybody share information on the ANS InterLock firewall? Is it still
being made, even after buy-out by MCI WorldCom? Is it easy to set up?
Application based? Anything uniquely good or clumsy about it? What product
does it compare to? Thanks.
ANS was acquired by AOL, who sold us to
It sounds to me like your firewall is doing its job then. Protocols like
ICQ and RealAudio open a network up to more risk, and probably your
administrator is not willing to take that risk.
Do you happen to know where there is any information on the net that
explains why ICQ/RA is a risk?
This may have already been mentioned, but take a look at a program called
portsentry (find it on freshmeat).
It will detect when someone runs a port scan on you, and then it will
automatically drop them into hosts.deny file, or better yet, it will add a
rule to ipchains which will
Hold on, Tex -- all this depends on the definition of "effective
consent".
Clearly this definition has to be able to cover standard Internet http
traffic to a public web server since the definition of access you
provided does not have any reference to the intent other than the use of
the term
My $0.02 addition:
"Paul D. Robertson" wrote:
On Tue, 21 Dec 1999, Eric wrote:
How about just running a port scan against whoever is portscanning you.
If someone sees port scans coming from a system they are trying to break
into, it would hopefully scare them off.
A lot of times
On Wed, 22 Dec 1999, Jim Eckford wrote:
Tim,
Windows uses NetBIOS to do it's file and printer sharing, as well as remote
administration, so be careful when allowing it through a firewall.
I believe you will need to use a NAT device that is "NetBIOS aware", because
the source IP address is
*sigh* Helping to propogate an already way too long thread...
(IANAL. Neither are you. Thank goodness.)
http://capitol.tlc.state.tx.us/statutes/codes/PE21.html
Reading the Texas Penal Code, Chapter 33, Computer Crimes,
makes me think that port scanning is probably considered a
Class B
35 matches
Mail list logo