You have tu edit the file
%ISS_PATH%\RealSecure SiteProtector\Application Server\config\IssdkInterface.policy
You can find in there a line to write username and password for proxy authentication.
You have to restart issDeamon service after editing the file
Marco Antonio Hernndez U.
Ing. de
Try this:
For SQL Server 2000 SP3 run the following command from SQL Query Analyzer
EXEC sp_dboption 'RealSecureDB', 'db chaining', 'true'
For MSDE 2000 SP3 run the following command from the command prompt
Osql -E -d RealSecureDB -Q EXEC sp_dboption 'RealSecureDB', 'db chaining', 'true'
According to my experience, and IDS can not reset a connection if an
attack is based only in a couple of packets because it happens too fast.
So, I thing that the Proventia A series can not stop the exploit vector
for the LSASS vulnerability of the sasser virus although I had enabled
RSKill but a
1.- What do you mean with user key?
2.- You can open three Site Manager windows and apply a filter in each
one to view high, meduim and low events in different windows
3.- You can save the your Site Protector Preferences (Menu:
Connection-Preferences). If you want to save your filter and columns
Hi all,
My customer is currently using Network Sensor 7.0 and he is about to migrate to
Proventia G.
Is there a way to convert the policies used in NS 7.0 to Proventia G?
I have used a NS 7.0 policy in a Proventia A but I do not know if it could be the same
with Proventia G
Thanks a lot
: Verlaeckt, Filip (ISS Brussels) [mailto:[EMAIL PROTECTED]
Sent: Monday, November 08, 2004 3:22 PM
To: Hernandez, Marco; [EMAIL PROTECTED]
Subject: RE: [ISSForum] Changing permissions in Site Protector
Yes. You just need to add the account to the proper SiteProtector user group
which exist
You should configure the mac address of any router o layer 3 system in
order to improve the RSKILL packets. So the first hop to reach target
and attacker is that gateway.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Mustapha Huneyd
Sent: Tuesday,
Benny,
I think everything is working well in your lab but try placing a sniffer
in the destination port and verify you can see traffic.
Or instead of setting two interfaces try to set the whole vlan as source
port and do the same test with the sniffer.
-Original Message-
From: [EMAIL
May be there is a problem with the software and you need to reinstall it
or there is a firewall between the sensor and the sensor controler.
Are you sure the sensor is Active when you try push the policy?
Are you able to stop and start the deamon?
-Original Message-
From: [EMAIL
I think you should tunne the policy applied to the Gs, may be you have all the
auditing events enabled and this is not a good practice in a production
enviroment.
By analyzing the amount of events in the Sensor Analysis tab you can notice
which events are causing the DB grows in that way and
It should be a great idea.
Marco Antonio Hernández U.
Getronics México
Ingeniero de Telecomunicaciones
Managed Services
www.getronics.com/mx
Tel. +(52) (55) 50 89 34 89
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mick Ryan
Sent: Thursday, May 05,
It's supposed that you configure the default gateway's MAC address of
the VLAN where the RSKill interface is connected and when the RSKILL
packets need to travel to another subnet it is trought its default
gateway and it spoofs the victim and attacker IP addresses. Obviously,
the larger the number
Hi List,
I installed DB Scanner some months ago and everything was working fine,
however along the time the performace in reporting has become so poor.
We have purged and compacted the DB of the product but the behaviour is
the same. Does anybody now how to deal with this? Is this normal?
Any
13 matches
Mail list logo
