From: ext Dave Crocker [mailto:[EMAIL PROTECTED]]
At 10:56 AM 1/9/2002 +0200, [EMAIL PROTECTED] wrote:
Well, first thing to understand is that Sonicwall is
transparent bridge
not a router.
The Sonicwall Soho (not 2) that I have had for a couple of years is a
router. It also does NAT and
I feel this goes along with what you say
[...]It is different from most 'conventional' firewalls, in that
it does not perform 'routing' (unless you turn on the NAT features). It
is actually more of a 'switch' type of device, which uses a form of
stateful packet inspection and a rules
Recently I posted regarding looping at site 205.229.56.205 . We remain unable to
connect to those sites...although we *can* connect to another site behind that host's
firewall. We had our firewall tech support try to duplicate the problem with the same
build of our firewall and OS and got
Hy all,
Could someone tell me if sniffers canhear
remote connections?
In my conception, sniffers just can hear the
traffic where they are directly connected. Is it right?
Thank you
--- Bruno
Negrão -- Suporte-- Plugway Acesso Internet Ltda.--
In a way yes,
You will have to get information somehow to the sniffer's network
interface. It is possible to define network devices to forward network
traffic to some interface for this purpose. And you can also fool
network components by for instance arp table poisoning to send traffic
to
Bingo. They can pickup whatever is traversing the wire of the subnet they
are listening on. Switched environments are a different matter, and I'll
leave it to the switch experts to develope that thread if it is to be,
being nore of a switch novice her compared to some of our other company on
Title: RE: Ahhh, the perks of managing government networks
Maybe someone already replied, but surely it's:
access-list reject_all deny ip 210.0.0.0 0.255.255.255 any
etc.
I prefer access-list blah deny ip 0.0.0.0 255.255.255.255 10.1.1.0 0.0.0.255 (webservers) applied to external router
Good morning,
Do you have a vendor, client, or third party relationship with this
organization? Such that there might be any tunnel, VPN, or extranet
connections configured on your firewall?
I have seen very difficult to resolve web access issues occur in such
settings, where it turns out to be
Hy Thomas, thank you for answering,
A sniffer can normally sniff packets as is passes through a network
router (gateway),
In this case above, the router
itself would be the sniffer, right?
directly on the actual host, or if the network uses hubs.
Best regards,
Sniffers can only accurately monitor traffic on their own collision
domain. To sniff on a switch you need to create a monitor port, which
will allow the switch to flood traffic between this port and the
selected port(s) which are your target(s).
Some sniffers, NAI's Sniffer Pro for example,
On Thu, 10 Jan 2002, Bruno Negrão wrote:
Could someone tell me if sniffers can hear remote connections?
In my conception, sniffers just can hear the traffic where they
are directly connected. Is it right?
A program that listens to packets on the wire can certainly only
hear what is on the
Title: RE: Ahhh, the perks of managing government networks
blacklisting a whole class C address isn't the
solution!
I
mean, I am part of the 195.0.0.0 address-range.If everybody starts adding
thisaccess-list to their border-routers it is over with my internet
connectivity and a lot of
FYI
-Original Message-
From: Gary Flynn [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 10, 2002 7:48 AM
To: [EMAIL PROTECTED]
Subject: Re: Can sniffers act in remote networks?
On Thu, 10 Jan 2002, Bruno Negrão wrote:
Could someone tell me if sniffers can hear remote
Laura,
Can you provide some more info on exactly what you are trying to
accomplish and what kinda of equipment lies on your network and the party
you are trying to reach? The more detailed you can be, the better folks
can attempt to help you nail down the issue and determine how, and if
there
Title: RE: Ahhh, the perks of managing government networks
Erwin Geirnaert [mailto:[EMAIL PROTECTED]] spouted thusly:
Subject: RE: Ahhh, the perks of managing government networks
blacklisting a whole class C address isn't the solution!
I mean, I am part of the 195.0.0.0 address-range. If
Thanks, Ron.
Our new website (being prepared for launch) is being hosted by circle.com at the ip
address 205.229.56.205 . Their site then does a redirect of the traffic to a
subfolder beneath the main ip. The subpage is /ace/352 . Their logs show that we
connect to the site but, after that,
On Thu, 10 Jan 2002, [iso-8859-1] Bruno Negrão wrote:
Could someone tell me if sniffers can hear remote connections?
you have two methods, basically, and two different scenarios for each.
first, switched networks, which a lot of people have been chiming in here
about. you can break the
Try setting the MTU on your PC to something like 1300, then try it.
___
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
Since NAI and CHKP is no longer supporting this platform. Can anyone
recommend firewall software for the HP UX running 11.0
/thx
/m
___
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
So, since I know all machines and users in my lan, I can calmly give telnets
to the root user (considering the client and server are here, in my lan).
- Original Message -
From: Tatsuya Kawasaki [EMAIL PROTECTED]
To: Bruno Negrão [EMAIL PROTECTED]
Sent: Thursday, January 10, 2002 12:07
Bruno Negrão wrote:
So, since I know all machines and users in my lan, I can calmly give telnets
to the root user (considering the client and server are here, in my lan).
Depends upon what you mean when you say since I know all machines.
If any one machine gets compromised, traffic from all
Sorry Luke,
On the PIX anyway to block a /24 netblock (class C for some) it would be:
.deny IP 192.168.10.0 255.255.255.0
to block a /16 it would be:
.deny IP 192.168.0.0 255.255.0.0
NOT 0.0.0.255 and 0.0.255.255 as you stated. This is a fundamental different between
many routers
speaking of NAI, does anyone know where gauntlet is
going yet? I know its being sold, or has been sold,
but nothing more than that.
--- [EMAIL PROTECTED] wrote:
Since NAI and CHKP is no longer supporting this
platform. Can anyone
recommend firewall software for the HP UX running
11.0
That was the second part of my question. Not sure either, but it looks
like most of the current FW software offerings only support NT or
Solaris. Otherwise most firewalls I have audited lately are mostly
appliance based solutions.
/cheers
/m
At 11:35 AM 1/10/2002 -0800, bob bobing wrote:
On Thu, 10 Jan 2002, [iso-8859-1] Bruno Negrão wrote:
So, since I know all machines and users in my lan, I can calmly give telnets
to the root user (considering the client and server are here, in my lan).
You're still better off using SSH, since you suddenly have to trust those
users to never
On Thu, 10 Jan 2002, Laura Folden wrote:
Thanks, Ron.
Our new website (being prepared for launch) is being hosted by
circle.com at the ip address 205.229.56.205 . Their site then does a
redirect of the traffic to a subfolder beneath the main ip. The
subpage is /ace/352 . Their logs show
I have a soho(1) and I noticed the same thing. I can use the box either as a bridge type of configuration, or rely on the built-in NAT if I want to use a different network address on the inside. The question I have is that what is the security implication of a bridge type of device vs. a router
On 10 Jan 2002, at 16:57, Luke Butcher wrote:
Brazil seems to be making inroads into the top ten list of favoured
havens of script kiddies, and their compromised boxen.
When I tried black-holing Brazil, one of my co-workers complained
that she could no longer email with her family back
LOL, Was she a hottie? I'd probably be able to open up a /30 for her
=)
[EMAIL PROTECTED] 01/10 1:11 PM
On 10 Jan 2002, at 16:57, Luke Butcher wrote:
When I tried black-holing Brazil, one of my co-workers complained
that she could no longer email with her family back home
DG
Which version of Altavista, there were several, as I recall? Also as I
recall ALL of them had proxy problems, and all but the last has serious
DNS security risks (due to the included version of BIND).
I haven't worked on one of those in years, so I am sorry I can't offer
much configuration help.
At 11:13 AM 1/10/2002 +0200, [EMAIL PROTECTED] wrote:
Lets not confuse these things over here.
Too late. Things are already confused, namely about the technical
distinction between bridge and router.
A bridge has a promiscuous LAN tap and captures ALL traffic on the LAN,
selectively passing
[EMAIL PROTECTED] wrote:
That was the second part of my question. Not sure either, but it looks
like most of the current FW software offerings only support NT or
Solaris. Otherwise most firewalls I have audited lately are mostly
Don't forget Linux. :-)
--
Martín H. Hoz-Salvador
Hi!
I totally zero about security. I have no idea how secure is my NT4 server.
Just wonder how people hack port 139.
Can someone tell where can I get the tools to hack in my NT4 .. ?
I just wanna to know how to hack in port 139 and later how to protect it
back.
Best Regards,
SKLIM
hey
i wonder how can you implement rule of this type
'if more than 4 connections from same IP connects
to port 80(or any port) of some dest. IP then block it ? '
do application level firewalls handles it ?
if then do anyone know of any for *BSD systems ?
- basit
Hi All,
Can anybody help with the following problem
I have a Netscreen 5xp OS Ver 3.0.0r1.0
I want to use 3Des-CBC Manual Key encryption
Why does the firewall not create the ESP (Encryption Algorithm) Hex key
properly when I select Generate Key by password in the User Tab
If I manually enter
35 matches
Mail list logo