Hi !
We have a linux system ( Mandrake 7.2 with kernel options
for multicast enable ) with firewall-1 ( 4.1 SP3), the multicast routing
is working fine while the firewall is turn off. When the firewall is on,
the igmp packets are drop. The message in log viewer is local interface
The really important distinction between OS for firewalls is how much you can lock it
down and in that respect Unix is better. Unless you are a very adept NT guru, locking
down NT is quite a difficult chore because it is hard to know the minimum services
needed to run for any situation. If you
At 03:21 PM 2/28/2001 +1100, Vy Mai wrote:
Hi List,
Has anyone knew this service:
webbast02@[/] # ps -ef | grep plug
root 150 1 0 Nov 14 ?0:00 /opt/local/bin/plug -i
195.164.40.75 -l 12000 205.57.240.71:12000
root 146 1 0 Nov 14 ?0:00
At 07:35 28/02/01 +0100, Reckhard, Tobias wrote:
Generally, NAT is "near" the interface on which it applies. So:
- at input stage, NAT is applied before filtering
- at output stage, NAT is applied after the filtering.
How general is this information, mouss? It doesn't hold true for Linux
Hi,
Could someone Microsoft savvy please answer this.
I did some routine packet sniffing on my LAN and found that several machines
attempted to do a logon as Administrator, before anyone had arrived in the
morning...
It was done through transact name:\MAILSLOT\NET\NTLOGON
and mailslot name:
Does any one have
any experience setting up
2 Exchange 5.5
servers with a pix box?.
I am having a very
hard time
getting the machines
to Communicate.
I have followed
ciscos example for the pix box,
Opening up the
recommended tcp ports.
I have network
connectivity,
But I am having no
The PC
client. They have the SecureVPN client currently, but this client brings
on several training issues for our end users.
Thanks!
-Original Message-From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, February 27, 2001 7:33
PMTo: [EMAIL PROTECTED];
[EMAIL
Hello,
I'm fairly new at setting up ipchains to firewall a connection and have
had great luck with routing from inside to the internet, but after looking
at the amn pages and the howto's i cant figure out how to route incoming
packets to my internal web server using port #'s. I am wondering if
Is the web server sitting on a public network (non-private net)?
David Ishmael, CCNA, IVCP
Senior Network Management Engineer
Windward Consulting Group, Inc.
Phone: (703) 283-7564
Pager: (888) 910-7094
eFax: (425) 969-4707
Fax: (703) 351-9428
mailto:[EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
Thanks a lot for all your answers (esp. Peter Gutmann, Brian Denehy and Alan
Olsen). You're very right about the operation of that Plug Proxy.
My main reason for that question posted to the list was the URL (yes, so
that I can further find out about that) where I can find the manual. doco.
about
I personally am not aware of any other clients for the Pix VPN other than
SafeNet Client. The SafeNet itself is nto very safe in my opinion it has many
bugs.
What other "PC Client" are there??
Indy
I
haven't tested this client with the PIX VPN but we tested a Nortel Contivity box
using the NTS Tunnelbuilder.
Beth
-Original Message-From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]Sent: Wednesday, February 28, 2001
7:24 PMTo: [EMAIL PROTECTED];
[EMAIL
This may be a stupid question to which the obvious answer is right in
front of me yet I am not seeing it
Is there any reason in particular why PortSentry and an IPChains
firewall would not work together?
I ask this because ever since I implemented my IPChains firewall
PortSentry no
Ciscohasa VPN client version 2.5.2 that
will work with the PIX.It is the same client that works on the Cisco VPN
concentrator, which is a product line that Cisco acquired from Altiga
networks. Cisco is currently working on version 2.6 that will run on
W2K. It is in beta now and the release
Please tell me that I am not the only one that gets bombarded with
ridiculous auto-responders when posting to this group?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
I am new in firewall configuration. It seems that when I read articles on
the web, people suggest that, one should setup the firewalling rules to deny
everything and allow specifics?
What is wrong with having a rules accept all but deny specifics.
Could I not just block ports that I am using,
Can someone please tell me how to go about finding the offending device that
is generating this error?
%PIX-2-106016: Deny IP spoof from (0.0.0.0) to 12.25.198.83 on interface
inside
Thanks.
Diana
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of
Are you serious?
Of course you want to block everything incoming. Why open yourself up and
then close down. Its like building a house from the top down.
You can't possibly know all protocols and ports if you by default open
everything and expect to close things down when you get the chance.
If
well, its like leaving your door open when you go to sleep. Or better
yet... having a screen door locked to protect your family when its just to
hot outside.
- Original Message -
From: Sebastian Sohn [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, February 28, 2001 6:39 PM
It really depends on what sort of environment you are in, what sort of risk
you are prepared to have, and the trade off in inconvenience that is
acceptable.
For example if you are a home user you might be happy to just have a script
that does a quick port scan of your machine and disables all
First of all, you can do whatever you would like with your configuration.
How tightly you lock down your network is strictly up to you and your
company's security policy. The same goes for how you lock it down. Most
companies choose to deny everything and only allow what they need becuase
21 matches
Mail list logo