Peeps,
Small thing about recursion
You can configure your outside DNS servers (if you are using BIND)
to allow recursion from a couple of trused hosts.
In the named.conf file just put the following entry:
allow-recursion { ip_addresses_trusted_hosts; };
(or if the list is getting pretty long
hi,
do you know any tool for managing pix
firewalls.(except CSPM) as I heard cisco will release
a new Pix Device Manager this year. is there any other
tools.
regards
__
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
At 09:44 AM 5/10/01 +0200, Hiemstra, Brenno wrote:
You can configure your outside DNS servers (if you are using BIND)
to allow recursion from a couple of trused hosts.
In the named.conf file just put the following entry:
allow-recursion { ip_addresses_trusted_hosts; };
(or if the list is
I would use MRTG for this. The product is free and easy to use and setup.
http://people.ee.ethz.ch/~oetiker/webtools/mrtg/
Good luck.
Lance
- Original Message -
From: Graham Zulauf [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, May 09, 2001 8:55 PM
Subject: bandwidth
I
On Thu, 10 May 2001, Ben Nagy wrote:
This sounds like a repeat of the VLAN effect - something that's not designed
for security being used as a security solution. Maybe we should be saying
use a separate channel, end of story?
Indeed, out of band wins every time...
OK, all I'm saying is
On Thu, 10 May 2001, Lance Ecklesdafer spewed into the ether:
I would use MRTG for this. The product is free and easy to use and setup.
Won't work. You need data only for a particular application. If the
total b/w is to be measured, then mrtg will be useful.
Devdas Bhagat
--
Fame may be
Good morning,
Is there a reasonably secure way to allow netmeeting through a firewall?
How would you minimize the risks involved ?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
unsubscribe firewalls in the body of the message.]
commercially, we're really fond of 'packeteer'. we use its traffic shaping
a lot on our campus network, to great effect.
freeware based, and hence it may get overloaded and crash, i like 'iptraf'
a lot. it can measure protocols and ports, does so pretty well on a
decently size LAN (ie 10/100)
Forgot to forward it to the list
-Original Message-
From: Hiemstra, Brenno
Sent: donderdag 10 mei 2001 11:08
To: 'Chris Keladis'
Subject: DNS spoofing ( was RE: DNS cannot contact Root Servers)
Chris,
for DNS poisoning you can protect yourself by don't allowing any
You can manage the PIX via CLI, which is unmanageable except in the
simplest of firewall setups, or you can use a product that comes with the
PIX (formerly called PFM, forget what it's called now) but basically
there's a web interface built into the pix, only accessible from the
internal network.
On Thu, 10 May 2001, Scott Overfield wrote:
Good morning,
Is there a reasonably secure way to allow netmeeting through a firewall?
Before you even get to How would I pass it?, you need to stop and look
at Should I pass it? Dig though the protocols and make your own
evaluation, but you'll
Title: RE: bandwidth
you could try cricket or RRD
--
Choose the Internet payment standard!
http://www.jalda.com http://www.jalda.com/
http://www.ehpt.com http://www.ehpt.com/
ANISH.M
Systems Engineer phone +91 116510101
internet payment systems mobile +91
MRTG definately can do the job on the aggregate side. If the application
is SNMP compliant than you can monitor its traffic use directly.
Good Luck,
Neil S
On Wed, 9 May 2001, Graham Zulauf wrote:
I am in need of an application that can meter or calculate the amount of
bandwidth a certain
On 10 May 2001 08:48:40 -0400, Paul D. Robertson wrote:
On Thu, 10 May 2001, Scott Overfield wrote:
Good morning,
Is there a reasonably secure way to allow netmeeting through a firewall?
Before you even get to How would I pass it?, you need to stop and look
at Should I pass it? Dig
On 10 May 2001, Michael T. Babcock wrote:
Before you even get to How would I pass it?, you need to stop and look
at Should I pass it? Dig though the protocols and make your own
evaluation, but you'll need a really lax security policy and no focus on
client-side protections to open a
On Thu, 10 May 2001, Lance Ecklesdafer spewed into the ether:
application, but he specifically mentioned the total bandwidth. To
measure the application's use of the available bandwidth will require
products like Packeteer or Ethereal and others that show applications
(ports) usage of the
Hello List-Readers,
i had to upgrade some of may router/proxy boxes (RH Linux 7-7.1)
and i now have servere problem with adjusting the routing to get out !
it sounf weired, but i have identical routing tables on two maschines,
one works, the other one refuses to accept the default route, or any
Hi.
I have pix firewall 525 cisco with 4 interfaces ethernet.
first ethernet to internet
second ethernet to LAN private
The gateway for mi clients is the ip of the pix (LAN private), I need one
cache server for fast access to internet but cisco pix 525 permit redirect to
ports a server cache??
HI All,
We have a linux Firewall in front of a Exchange Server (Win2k Server) (which
is also the WebFTP server - with IIS) which work fine!
We have a DNS Server which act also as a Proxy server (MS-Proxy v2.0 on
WindowsNT 4.0) with address forwarding (for Web and FTP) to our
Exchange/Web/FTP
On 10 May 2001, Michael T. Babcock wrote:
On 10 May 2001 10:26:13 -0400, Paul D. Robertson wrote:
1. Among others is one of the telling phrases. Not that any streaming
protocol is particularly security freindly, including 323.
And what evidence do you have that any streaming protocol is
Is it possible to configure CPMAD to block connection when cpmad_conf criteria is met?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
unsubscribe firewalls in the body of the message.]
This is getting stupid. You're ignoring the points I'm making entirely
and trying to state things that are either baseless assumptions on your
part or you've discovered through some process you haven't mentioned.
When you make points like you have in this thread, you must either back
them up or
Whew! it was merely a virus! Hell, we thought they was trying to corrupt
what morals we have left with an avi of them nude! Whew!
Thanks,
Ron DuFresne
On Wed, 9 May 2001, Brooks Carlson wrote:
You message contained a virus. I did not receive any information that you
were trying to
The list just oozes testosterone...
I should go and quickly spray my 515's to mark my turf!
-Original Message-
From: Paul D. Robertson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 10, 2001 2:01 PM
To: Michael T. Babcock
Cc: Scott Overfield; Firewalls (E-mail)
Subject: Re: Microsoft
The pix does not currently support port redirection (as of 5.3(1)).
--
Carson Gaspar - [EMAIL PROTECTED]
Queen trapped in a butch body
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
unsubscribe firewalls in the body of the message.]
waht do you define as full inspection that you do of all streams going
into your network?
the point that was being made was that no firewall did very much checking
of this protocol.
if you have one that does more extensive checking, let us know.
David Lang
On 10 May 2001, Michael T. Babcock
-Original Message-
From: David Lang [mailto:[EMAIL PROTECTED]]
Sent: Friday, 11 May 2001 07:19
To: Michael T. Babcock
Cc: Paul D. Robertson; Scott Overfield; Firewalls (E-mail)
Subject: Re: Microsoft Netmeeting
snip
the point that was being made was that no firewall did very
This crap is freakin pathetic. Can we please get to the subject? If an
individual wants to be stupid and argue without basis, or with, don't let it
get to you. That person will find out in there own right how #*$#n stupid
they are.
Enough Said,
Chris Malott
Chameleon Communications
GeEK
-
Some of us would really like to know what the risks are with Netmeeting. We
get requests for it frequently - through the firewall, and would like a
configuration that would allow that, but haven't found a secure way to do it
yet...
-Original Message-
From: Chris Malott [mailto:[EMAIL
-Original Message-
From: Clément Charest [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 11, 2001 4:11 AM
To: '[EMAIL PROTECTED]'
Subject: Connecting MS-Proxy (with DNS) behind a linux Firewall
HI All,
We have a linux Firewall in front of a Exchange Server (Win2k
Server)
My advice:
- Do not enable video conferencing (H.323). It's too difficult to secure and
not worth it anyway (if they really need video have them justify isdn-based
conferencing).
- The real value with NetMeeting is with data conferencing. This only
requires T.120 (port 1503 if I recall
On 10 May 2001 19:51:12 -0400, Sadler, Connie J wrote:
Some of us would really like to know what the risks are with Netmeeting. We
get requests for it frequently - through the firewall, and would like a
configuration that would allow that, but haven't found a secure way to do it
yet...
You
I think, obviously, that what Paul meant by open chest would was this, last
posted to the list here, when the topic was hot, on or about; 30 Jun 2000:
NetMeeting uses the following Internet Protocol (IP) ports:
Port Purpose
-
389 Internet
Some of us would really like to know what the risks are with Netmeeting.
We
get requests for it frequently - through the firewall, and would like a
configuration that would allow that, but haven't found a secure way to do
it
yet...
One scenario that was mentioned in a previous netmeeting thread
On Thu, 10 May 2001, Sadler, Connie J wrote:
Some of us would really like to know what the risks are with Netmeeting. We
get requests for it frequently - through the firewall, and would like a
configuration that would allow that, but haven't found a secure way to do it
yet...
In my opinion
35 matches
Mail list logo