Has anyone tried running whisker against a web server behind a firewall?
What could be the most efficient parameter for whisker to test our web
server? Please help.
Thanks.
Neil
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
unsubscribe firewalls in the body of the message.]
Tell them that 40 bit encryption was broken down by a project (distributed
network) using many many computers as distributed power. The project also got
the reward to crack the encryption...
Anyway, this sounds much for me but I dont know what it is for your sales
force...
Mustafa Dogru
On 6 May 2001, at 22:36, Nazila Mofrad wrote:
May 6 17:57:40 PIX %PIX-6-302001: Built outbound TCP connection 4638593 for
faddr INTERNET-HOST/80 gaddr MY-SERVER/2394 laddr MY-SERVER/2394
May 6 17:57:40 PIX %PIX-6-302002: Teardown TCP connection 4638593 faddr
INTERNET-HOST/80 gaddr
security is a proccess ans a state of mind, not a product.
Yes it is ... but only with state of mind you can make a sytem not
secure.
On Mon, 7 May 2001, Jonas Luster wrote:
* Tobias Boonstoppel sez:
: hups... netbsd most secure??
:
: i guess OPENBSD is most secure. Its a real
Hi:
I have a opinion about this:
If I have a FW-1 running on a Solaris 2.6, in the same machine it is the
DNS running a vulnerable version of Bind a hacker could compromise the
firewall and the DNS. By the other side, if the firewall and DNS are not
in the same machine this will not happen
Does anyone tried IPSEC on cisco routers using loopback addresses? We need
this implementation because we have redundant paths and we need IPSEC to
be always up even if one of the link fails.
Thanks
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
unsubscribe firewalls in the body of
I'm looking at firewall appliances. There are two possible SIMPLE options
for deployment, both are T1 links to Internet, IPSec VPN to corporate
(LAN-to-LAN type link), and allow outbound web surfing. Admin will be done
remotely from corporate location.
Environment1 is less than 50 hosts,
Gosh Mouss.
I've been following all your replies and threads in here...this is a really
nice gesture...how helpful. :)
- Original Message -
From: mouss [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Monday, May 07, 2001 7:44 PM
Subject: Re: What does it mean?
In the MCNS class our instructor told us to tie it to a tunnel virtual
interface. He said that your ACL for the crypto map will be easier, and it
has the same uptime properties as a loopback address. I'm sorry I don't
know the correct syntax for the command though.
Ben
-Original
Brett,
I would say that you could expect ~225Mbps throughput with this
configuration.
Please refer to the URL below for specific Check Point benchmark
information.
http://www.checkpoint.com/products/firewall-1/pbrief.html
Thanks!
Chris
Chris Hastings, CCSA, CCSE
Brainbench MVP for Internet
On 7 May 2001, at 19:57, Alvin Oga wrote:
hi ya eric
i think that a good hacker/cracker can enter your system
and hide himself within a few minutes...depending on
what method the attacked and got into your system.
if you check your logs daily/hourly... you're too late
in being able
Hi all,
I've been asked to make a plan on how to deal if we get hack. For example,
what if our web or ftp got hack - what are the steps we should follow or do
to catch or trace the culprit and how to prevent it from happening again.
Who should we report it to? Our web and ftp servers are in a
Well, I can't seem to get to the page right now, but I've always thought
http://www.nmrc.org/ was the place to go to find answers on IPX security
issues. If you can get there, you might find some useful tools.
Randy Graham
-Original Message-
From: Ronneil Camara [mailto:[EMAIL
write net produces no network activity at all on any port regardless
of the tftp-server settings we have tried. This is with version 4.4
of the software on a PIX515. The write net command produces a
timeout error on the console but no activity on any port. Has anyone
seen anything like this?
/rant: on, moderated
Maybe Mouss (like a lot of people that contribute meaningful content to the list) are a little tried of seeing questions on the list that the asker could
easy answer themselves with a minor amount of effort. I too appreciate Mouss' contributions and I hope people
Hi all,
Sorry to go off topics a little bit, but I need enlightments on syntax for ACL on
Cisco routers.
For example:
permit tcp 192.168.99.18 0.0.0.1 host 192.168.95.90 range 1414 1416
permit tcp 192.168.99.18 0.0.0.1 range 1414 1416 host 192.168.95.90
Are those two examples the same or is
Thanks for all who have answered my question. It really helped me. :-)
-Original Message-
From: Graham, Randy (RAW) [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 08, 2001 11:28 AM
To: [EMAIL PROTECTED]
Subject: RE: OFF Topic: network scan
Well, I can't seem to get to the page
I feel a repost of Ben Nagy's e-mail on this topic from last summer is
particularly appropriate at this time (see below). I've been thinking the
same thing lately, and maybe it is time we ask the moderator to be a little
more selective in letting things through to the list. And people, please
Joaquin,
The first I would do is put together an Incident Response Plan. You can search the net and find several good examples (I'd start with CERT).
The plan is going to address all the question you've posed. In the long run, creating a plan will have more benefit to you because it will
Madhur,
I suspect that the problem may be tied to a problem where a user who
subscribed to a list has left the organization. After leaving the
listserver is still sending email messages to the user in the organization
and the message is being ndred. The listserver then sends the ndr to the
Regarding the message:
From: Daniel Crichton [EMAIL PROTECTED]
To: Nazila Mofrad [EMAIL PROTECTED]
Subject: Re: PIX: What's going on?
CC: [EMAIL PROTECTED]
On 6 May 2001, at 22:36, Nazila Mofrad wrote:
May 6 17:57:40 PIX %PIX-6-302001: Built outbound TCP connection 4638593 for
hi Sameer
have a look at some of the various loggers
http://www.Linux-Sec.net
- see the logger section
have fun
alvin
http://www.Linux-1U.net
On Tue, 8 May 2001, Sameer Rane wrote:
Hello ,
I am evaluating a Gauntlet Firewall 5.5 on NT.
The log mechanism of this firewall is very
hi joaquin
what kind of hacker/attacker are you trying to defend against??
- independent of that... there are things youcan do to
cover your butt
- tracking down the culprit is probably gonna be a fulltime job
when the get into your box
- counter measures/preparation
- make
#I'm guessing that the INTERNET-HOST has sent a RST packet back, MY-
#SERVER has closed down the connection, the PIX has cleared the
#connection mapping, but for some reason INTERNET-HOST has resent the
#RST packet as it did not receive a complete connection close sequence from
#MY-SERVER.
Has
anyone had the "opportunity" to convert a Checkpoint firewall to PIX? I
was hoping to leverage other people's experience with this conversion -- this
particular Checkpoint firewall has about 45 explicit rules, but quite a few
objects involved.
Is
there a GUI tool already available
Hi tim,
thanx for the info...but recently i came to know of something else which
i suspect to be the cause of the problem...its not mail looping. In
mixed mode where you have exchange 2000 and 5.5 both, the SRS stores the
messages in the information store before copying it in the directory
(AD)
I have seen the scenario where clients insist on doing NAT at the perimeter
router. This leads to the configuration of the firewall to be configured
with private IP addresses on 'external' and 'internal' interfaces. The end
result is no way to log or monitor from the firewall any access
I mean the where SRS has to talk to 5.5 it stores messages in
information store before the MTA
So the log generation in Hub server is obvious as it is responsible for
distributing mails and is also talking to site containing 5.5 server
regds
MAdhur
-Original Message-
From: Madhur Nanda
Patrick -
I've said it before, and I'll say it again: NAT is not
a security solution, but a convenience (I know, you still
have the firewall, but this is for your routing people). :-)
As far as logging is concerned, I would hope that your
firewall's logs would contain data on the interface the
The 0.0.0.1 wildcard permits hosts 192.168.99.18 and .19.
The rest of the syntax is: permit or deny FROM somewhere TO somewhere.
The first statement therefore permits FROM 192.168.99.18/19 using ports
1414-1416 going TO 192.168.95.50. This is probably not what you want.
The second permits
-Original Message-
From: Kelly, Patrick [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 09, 2001 6:40 AM
To: '[EMAIL PROTECTED]'
Subject: Placement of NAT in relation to firewall logs
I have seen the scenario where clients insist on doing NAT at
the perimeter
router. This
you can use access-list and access-group with 5.x and above or use a conduit
command.
- Original Message -
From: Fabio Pietrosanti (naif) [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, May 05, 2001 10:01 PM
Subject: Re: PIX and port forwarding
On Sat, May 05, 2001 at
You know that you need to specify a filename somewhere, right?
Try write net server_ip:filename
By the way, 4.4 is old software. You should probably upgrade - especially if
you have an FTP server behind your firewall.
Cheers,
(PS: Say Hi to Dr. Croft for me)
--
Ben Nagy
Network Security
It is my experience that people are just asking questions with out showing
the proper respect for the experts on this list. If you are stumped and can
not figure out a solution to a problem then use this list wisely and ask
your questions. The experts on this list are using their own personal
Ben Nagy writes:
-Original Message-
From: Graham, Randy (RAW) [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 09, 2001 3:36 AM
To: [EMAIL PROTECTED]
Subject: RE: No brainer posts (Was - What does it mean?)
I feel a repost of Ben Nagy's e-mail on this topic from
Our outside network expert thinks that Microsoft's PPTP is
extraordinarily insecure. Yet, he uses VNC extensively to monitor
systems. I found out today that he has installed it on at least one
of our computers.
I tried VNC a couple of years ago and concluded that it did not
seem secure
it depends on what you are using them for.
if he is useing VNC over the internet with no additional protection, I
would be concerned, but if he is useing VNC through some secure VPN it's
much less of an issue.
without more context it's hard to judge.
David Lang
On Tue, 8 May 2001, Eric
I just ran a simple test because your question got me curious. Running VNC I
was able to capture and view every password that went across the wire in
plain text, right there in my netmon capture. Windows logon, VNC connection
establishment, all of them. Using PPTP I must decrypt the data first.
hi all
just a suggestion/question from a culprit of some
no brainer posts
maybe a one page website and a url appended to each outgoing
email might help ???
eg: http://Lists.gnac.net
with a list of faqs and/or additional searchable archives
that may exists for
Eric Johnson writes:
Our outside network expert thinks that Microsoft's PPTP is
extraordinarily insecure. Yet, he uses VNC extensively to monitor
systems. I found out today that he has installed it on at least one
of our computers.
He uses VNC across the INternet or in the corporate
On 8 May 2001, at 23:05, Noonan, Wesley wrote:
I just ran a simple test because your question got me curious. Running VNC I
was able to capture and view every password that went across the wire in
plain text, right there in my netmon capture. Windows logon, VNC connection
establishment, all
-Original Message-
From: Graham, Randy (RAW) [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 09, 2001 3:36 AM
To: [EMAIL PROTECTED]
Subject: RE: No brainer posts (Was - What does it mean?)
I feel a repost of Ben Nagy's e-mail on this topic from last summer is
particularly
42 matches
Mail list logo