Very nice info about building bastion routers. (ex. peremiter routers)
http://www.attrition.org/~modify/texts/phrack/Phrack55/P55-10
Cheers!
/Jesper
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
Rik Farrow maintains such information for comparison shopping at
http://www.gocsi.com/firewall.htm.
Start with hardening the e-commerce servers, though, please (even if they
are protected by a firewall). And consider getting outside help (unless you
are being very modest as to why you were
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The reason you get more possible passwords than Chris is because you
assume an 8 character password is ((26 + 26 + 10 + 12)^7) * (26 + 26
+ 10 + 12) passwords, when because of Microsoft splitting each
password into 7 character parts (which can be
No this is correct. The entire problem with NT's broken scheme hinges
on this. Longer passwords don't make safer passwords. Yech!
Graham, Randy \(RAW\) writes:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The reason you get more possible passwords than Chris is because you
assume
The main issue here lies within the backwards compatibility of LAN Manager
Support which breaks the passwords down into 7 character chunks that are all
non case sensitive.
You can increase the time that l0pht would take dramatically simply by
editing the registry to do only NTLM v 2 with no fall
This is correct... Since I treat Redmond software as if it were
covered with smallpox these days, I didn't even think to mention
it. Their salt scheme is a problem, their LanMan stupidity is a
problem, and the fact that they did not create any patches to bring
Win9x up to NTLM v.2 is a very
Thanks guys. I'll twiddle with the registry settings and see if I can squash it.
And yes, I'm embarrassed that I messed up the search - it seemed folly searching for
an IP address, but I guess not :)
Cheers
Geoff
-Original Message-
From: Buddy Venne [mailto:[EMAIL PROTECTED]]
Sent:
You did not really tell us what was insuffent about the traffic programs mentioned
earlier - mrtg , iptraf, ipfm, etheral.
These kind of tools - especially mrtg - go out to an snmp enabled device and ask it
its stats. If you want to see this snmp stuff more directly - pull down the ucd snmp
Hi,
I want to monitor and manage a Nokia firewall box using checkpoint
enterprise management console. Is it possible. Second issue is can we
establish VPN tunnel with checkpoint firewall configured for redundanncy
(That is two firewalls configured at both the ends). If one firewall in
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
Is it typical for ftp server's returning packets using random high ports?
Yes.
Is it "safe/secure" to setup such rule on checkpoint firewall?
No.[1]
Any implications that we need to be aware of?
Have you thought about sftp? Or Z-modem via SecureCRT?
Nancy Davis
[1] That's not
At 03:03 PM 12/22/00 +1100, Dave Horsfall wrote:
Is there a resource e.g. website that keeps an up-to-date firewall
comparison?
There's a comparison of the 2 most popular commercial firewalls
at:
http://www.roble.com/docs/fw1_or_pix.html
--
Roger Marquis
Roble Systems Consulting
Hello Babu,
Hi,
I want to monitor and manage a Nokia firewall box using checkpoint
enterprise management console. Is it possible.
The answer is yes. Since CheckPoint FW-1 is the only firewall softare that
runs on the Nokia platform, it can be managed like any other Checkpoint box.
The
There are admittedly outdated resources here,
http://www.nwfusion.com/reviews/0719rev.html, but the scope of comparative
analysis and reviews in one place surpasses any other I have identified to
date. This may facilitate further investigation. - sc
Scott Clayton
Platform Engineering Manager
Some of our users need to access an external ftp server. Therefore, we
setup a rule to use port 20 and 21. However, the ftp server responds their
request using random high ports, therefore, we need to setup a "returning
rule" allowing the ftp server coming back using high-ports (1023).
Is it
Ivan,
Check the Properties settings under the Policy Menu in the Checkpoint
Firewall-1 GUI. Go to the "Services" tab and select the "Enable FTP Port
Data Connections" and "Enable FTP PASV Data Connections". Your rulebase
would contain a rule that would appear like :
Source = clients allowed to
If anyone provides you with a "safe/secure" setup which Checkpoint will
allow you to have and still be approved by them, I'd sure like to know what
it is.
-Original Message-
From: Ivan Fox [SMTP:[EMAIL PROTECTED]]
Sent: Tuesday, December 19, 2000 5:45 PM
To: Firewall-Wizards@Nfr.
On Fri, Dec 22, 2000 at 03:12:34PM -0600, william.wells wrote:
If anyone provides you with a "safe/secure" setup which Checkpoint will
allow you to have and still be approved by them, I'd sure like to know what
it is.
I must be missing something in this thread. Isn't this what
I have checked the properties. It's been enabled. The problem is still
here :-(
- Original Message -
From: "Ms. Geekgirl" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Friday, December 22, 2000 2:48 PM
Subject: RE: [FW1] ftp
Lance;
Thank you for your input.
We have already done what you have advised.
In fact, we have "complained" to Microsoft premium support. It knows
exactly what is the problem and directs us to talk to Check Point.
We logged a technical support call to Check Point. We have gone through 4
Took a little while to figure out all the details, but here's a how-to on
our website:
http://www.intersec.com/support/checkpt/40.htm#e_q3
This is assuming FW-1 4.1 (sp2) and PIX 515 v 5.3beta and v5.1.2.
// Chris
[EMAIL PROTECTED]
-Original Message-
From: Jean-Mathieu Baudry
Ivan,
Have you tried either of these fixes:
1. Stop FireWall-1 (fwstop)
2. Edit the /$FWDIR/lib/base.def
3. Mark out the following line:
#define FTP_ENFORCE_NL
to:
//#define FTP_ENFORCE_NL
4. Start FireWall-1 (fwstart)
5. Re-install the policy
Or this one:
1. Stop the FireWall (fwstop)
2.
Ivan -
This sounds less like an issue with the type
of FTP server, and more of a timeout issue.
If it works for other directories between
this same client and server, then it wouldn't
be an issue of port numbers (I don't know of any
FTP servers that use varying port numbers based
on quantity of
On Fri, Dec 22, 2000 at 04:37:06PM -0500, Michael H. Warfield wrote:
I must be missing something in this thread. Isn't this what
stateful inspection is for? When you see a PORT command on an FTP
control channel connection issued to a particular address and specifying
a particular
Folks,
SUN users have a sweet tool at hand with the
http://www.securityfocus.com/sun/vulncalc site.
Do other such tools exist for the various other unices out there, AIX,
digital, SCO, HP?
Thanks,
Ron DuFresne
~~
"Cutting the space budget really restores my faith
25 matches
Mail list logo