Andy: while you are checking out different firewalls, take a look at the
Enigma 2.0 from
www.firewall-servers.com
Don
From: Andy Haigh [EMAIL PROTECTED]
To: "Firewall List \(E-mail\)" [EMAIL PROTECTED]
Subject: Sidewinder 5.1
Date: Tue, 13 Mar 2001 16:10:39 +1100
We are currently reviewing
If you can find the list of open ports THROUGH a firewall, then you need to replace
the firewall. It has failed in its main task. The only way one should find out about
open ports on a server is to be in the same protection domain as the server.
-Original Message-
From: [EMAIL
Bill Royds wrote:
If you can find the list of open ports THROUGH a firewall, then you need
to replace the firewall. It has failed in its main task. The only way one
should find out about open ports on a server is to be in the same
protection domain as the server.
Bollocks. That may be the
Jesus,
#AH and ESP would NOT fall under a TCP property?
Correct. You will have to create an IP Filter for AH and ESP in both
Sidewinder and Secure Zone.
#Then can someone explain to me why it is that a certain version of the
Cisco
#IOS is required (I believe higher than 12.x)?
Are you
Title: AOL IM Archiving
Does anyone know of a way to archive/log AOL Instant Messenger conversations? We have a number of users that want to use IM but due to compliance reasons we are required to monitor their conversations. If we are unable to properly monitor the conversations then we
Title: AOL IM Archiving
DO you
want to see who are doing the conversations , or do you actually want to see
exactly what they are talking about.If you only want to log who is doing it ,
are you using IPCHAINS as a firewall system ?
RegardsG.BritsLinux Systems EngineerTechnology
ConceptsTel
any iptables gurus
around?
Title: AOL IM Archiving
Unfortunately I need to log the conversations themselves. I already
know who is using the service.
-Original Message-From: G.Brits
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, March 13, 2001 9:30
AMCc: Firewall ListSubject: RE: AOL IM
Archiving
DO
Title: AOL IM Archiving
Odigo
(www.odigo.com) is a compatible IM client
that creates logs of the IM conversations on the users box. You could then
consolidate the users logs through scripts.
Hope
this helps,
Michael Cessna Systems Administrator RealTime
Media 308 Lancaster Ave. Wynnewood,
Andy,
#We are currently reviewing firewalls and I would be
#interested to hear what you guru's have to say about
#our current front runner Sidewinder 5.1
I am a big fan of the Sidewinder. It has an incredible amount of
flexibility. I like the Type Enforcement stuff. It has a large number of
Title: RE: IPSEC and GRE
There seems to be a little confusion on this issue. Hopefully I can clear a couple things up for you.
GRE stands for Generic Router Encapsulation protocol. It is a tunnelling protocol similar to PPTP. It is considered a Layer 4 protocol(IP protocol #47). What it
On a win doze box run netstat -a
At 09:00 AM 3/13/01 +, you wrote:
Mike,
If i use a port scanner then it will tell me the ports
which are open on firewall m/c but how I can find the
open port lists which are open on the server behind
the firewall.
Gm
Barry S. Hudson
Network Admin, CCNA
On Tue, 13 Mar 2001, Gibson, Brian wrote:
Does anyone know of a way to archive/log AOL Instant Messenger
conversations? We have a number of users that want to use IM but due
to compliance reasons we are required to monitor their conversations.
AIMSpy should do the job quite nicely. notice
netstat -a will only tell you which ports are in use on THAT machine
(the machine you run the command on) .
It tells you nothing about another machine, so you'd have to run the
command on the machine you want the info about.
Also, netstat is available on most operating systems (unix, linux,
Hi!
This is not strictly a firewall question, but you'd probably be
able to help me anyway. :)
I have to decide between postgresql and mysql for a project, and I
have absolutely no experience with any of those two.
From a security point of view, which is best of the
Thanks in advance for any help on this.
I have a SonicWall Pro VX with the version 6 firmware. My IPSec client
computer is running Win2000 using a dial-up connection with SonicWall's
IPSec client. I am looking for a way to authenticate to the domain after I
have logged into the client
No sure, but the lsof package may be what you are
looking for. Run it on the server that you want to
list. "lsof" stands for "list open files".
ftp://vic.cc.purdue.edu/pub/tools/unix/lsof/
-Original Message-
From: Ravi Kumar [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 12, 2001 9:47 PM
Can anyone tell me if the Checkpoint firewall requires any type of client software to
authenticate a W2K Pro machine? Thanks.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
The originating IP was either spoofed they are currently experiencing
network problems. From the 1000 ms+ responses I'd say it is network
problems. What your seeing here is a routing loop. 211.103.56.2 points to
211.103.56.1 to get to 211.103.59.95. 211.103.56.1 points back at
211.103.56.2 (This
Vaughn,
Using client authentication (IP restricted), you simply telnet to port 259
or http to port 900 on the firewall
(make sure that this rule is above your stealth rule in the rulebase).
User authentication also does not
need client software (although there is a limitation on the services -
For those of you that have always wondered if/how you can get PKI working
with MS Exchange/MS LDAP (ADS)/MS Cert Server/CheckPoint/SecureClient/etc...
and get them all tied together, check out the info one of my co-workers put
on our web site today..
hello
In this list, I heard that fw-1 work very well , but I knew fw-1 was a
stateful-inspect and didn't use app proxy. I though it should use nat for
forward packets . but In this list, i heard that nat wasn't a good ideal.
I am doubt for that.
Bollocks. If it does not have a deny all unless explicitly allowed, it is not a
firewall but a router. A "firewall", does not let traffic pass unless authorised by a
security policy. If it does otherwise, it is not a firewall.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Nonsense. Everyone knows that a "firewall" is actually a collection of
bottletops and empty cigarette packets, bound up with yak spit and tied
around untrusted network cables with twine.
Sheesh.
--
Ben Nagy
Network Security Specialist
Marconi Services Australia Pty Ltd
Mb: +61 414 411 520 PGP
See the next picture.
INTERNET
|
-- Lan public
| | |
Router PIX 525 DNS1
|
- Lan Private
| |
DNS2Client
ok.
Does Anyone know the ports that Napster runs over (Are the source and dst
the same)??
Also does it use TCP or UDP ?
Thanks
Mark
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
It depends on how you installed the napster client. The default ports for
downloading files is 6699 or 6688 sometimes 6677. To connect to the napster
server it is , , or even . Now with that said, if you check the
box that says: I live behind a firewall, the ports are going to
*
This mail has been scanned for virusses
*
just do the following rules
$IPCHAINS -A internal -p TCP -s 10.0.1.0/24 --destination-port
6699:6699 -l -j DENY
$IPCHAINS -A internal -p
Anyone who knows of any good material or sites explaining network games?
How they work, what ports they use and so on...
Regards, Robert
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
That's nice... and how about scanning for virii as well.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of G.Brits
Sent: Wednesday, March 14, 2001 1:37 AM
To: Firewall List
Subject: RE: napster
*
They have clients and servers talking on UDP.
In a lan environment, the clients broadcast to port 27015, 27960, and
several others. If a server is nearby, he see's that broadcast and replies
to populate the clients server listing. Some game servers use a server
beacon instead, port (but all
31 matches
Mail list logo