Network Security's topics - tribe.net

Hacking into a person's computer?

in-PHI-net — Tue, 11 Dec 2007 14:06:36 GMT

Is it possible that someone can hack into my comuter and stop me from recieving certain emails? Or mess around with my dialopgue with another person while I am chatting in Yahoo?

How would I tell if some one else is on my computer?

Thank you in advance!

Lana

posted in Network Security - 1 reply

Tracking an IP adress?

in-PHI-net — Fri, 26 May 2006 22:17:51 GMT

I downloaded CommView and I am not sure what this means:

Maximum packets in buffer – sets the maximum number of packets the program stores in the memory and can display in the packet list (2nd tab). For example, if you set this value to 3000, only the last 3000 packets will be stored in the memory and packet list. The higher this value is, the more computer resources the program consumes.

What is a packet?

Also I tried installing the Driver for Dial ups and it syas it is not compatible with WAN Miniport (IPX) <which is what I have it on my computer …. What will happen if I change it?

Does anyone know how to use this and can explain it someone who knows nothing about the deeper aspects of computers?

Thank you in advance! Very much!

xo

ps: What is a "string" and a "hex".... please keep in mind I know nothing really about this, I am just looking for ways to track IP adress traffic on my computer.

Thnx again!

posted in Network Security - 8 replies

Help! its sunday...

innessa — Sun, 18 Mar 2007 20:08:14 GMT

hello, new to this tribe and im hoping you can help me...!
its sunday, the computer store that usually helps me is closed today.
OK, my problem is that i cant sign into my ebay or paypal account....a prompt comes up saying i dont have my SSL enabled, but when i check in the control panel i do! so...?...so im confused...and also when i go to try and see my certificates i get the ol ugly, this has performed an illegal function and will shut.
Also the other clue is that when i try to load my mozzila firefox, a window pops up and says *see if you have any reading/writing restrictions in your browser profile or that your hardrive might be full or almost full.
well, i checked my hardrive, its got lots of room, i checked the SSL, says its ON-the box next to it is checke, i dont know where to look if i have any reading writing restrictions....wierd...i have already spent many hours trying to figure it out and i know its just something simple...how can i fix this? i would appreciate some timely help today, i have a lot to do today and need my full acess =)
cheers!
one

posted in Network Security - 3 replies

Non-Profit Org to Commission Programmer[s] for OpenSource Freeware

change — Sun, 18 Mar 2007 16:30:01 GMT

Non-Profit Org to Commission Programmer[s] for OpenSource Freeware

Reply to: AINPO@care2.com

We are seeking windows/apple/Linux/Pocket PC capable compilers and open source publishers (C++, Perl, python?), and ANY Artificial Intelligence, Random Number Generation,or bot implementation specialists. Decompiler capable folks welcome as well.
This Project will pay from a Small non-profit grant/stipend and will be distributed Copyleft/open source.

Part of the interface would mimic the NYSE/NASDAQ/etc boards with Glyphic/Iconic
representations of Goods (ex. bag of rice/spirulina/well pump/shovel/automobile bus part VIA Original FONTS LIBRARY) in surplus or demand for local/international barter / donation. IP Telephony would allow for conference calling(virtual PBX) or bandwidth-quota controlled 1 on 1 telephony that could occur on a 28.8k landline successfully.

This program will need:
-Full duplex bandwidth p2p access similar to bit torrent infrastructure
-IP telephony (capable of 28k modem success, primarily for 48k and better-OGG compression?)
-ability to view cad files & pdf
-*generic voice command (simple short syllable recognition that wouldnt require vocal mapping)
-skinnable GUI
-Media player unit
-alternative to gps for satellite positioning interface
-ability to induct volunteered computers for shared-load data processing via network
-chat/bulletin capable with realtime image conveyance(EX. drawing/tutoring software)
-(GRAMMER SENSITIVE)LANGUAGE TRANSLATION VIA TEXT WOULD BE AWESOME
-database inc. almanacs, smog counts etc (see bots)
-Self Contained to a disk?
-Spyware immune
-BBS, webcam, Ham, shortwave integration-(upgrades)

Most of the code for these functions is available open source already.
This Non-Profit Org is seeking compiled and open source versions of a program to facilitate organized bartering/communications amongst (registered?):

WWOOF participants
Intentional Communities
User groups
Professional Travelers
International Communities
Shelters
Refugee Camps
Sudents
Senior Citizens
Holistic practitioners
Independant Media
Community Gardens
Anyone & Everyone

Anyone with sufficient skills can collaborate with us to design this.
Our coffers are small but the job pays. You will be collaborating with a Graphic designer and Digital audio producer. This product will give credit to the designers but be -Copyleft- and opensource.

We are a non-profit organization preparing for 501c3 status and you can see our under construction website at the link below.
Click the icon on the left.
Peace Love & Progress from the Angel Initiative Non-Profit Org

posted in Network Security - 0 replies

Setting on ssh server for passwordless access

BourbonCowboy — Wed, 28 Feb 2007 18:47:46 GMT

I'm trying to make it impossible to connect to my ssh server (running on OS X) with the standard username and password combination. Instead, I'd prefer that authentication only occur with public/private key exchange. Presumably then, only possession of the key will grant access, and that key only lives on one machine -- my laptop.

So I've edited the sshd_config file on the server with the following settings:

DSAAuthentication yes
RSAAuthentication no
PasswordAuthentication no
PubKeyAuthentication yes

After restarting the server, however, I can still log in from any machine on my network using ssh user@sshserver, and providing the user account password.

What am I missing? Or am I obviously just not clear on the concept?

Thanks!

posted in Network Security - 3 replies

Help..with sbs2003 lost clients, cannot add them again..

Joe — Wed, 24 Jan 2007 14:52:22 GMT

Hi,

I'm helping out a friend with a sbs2003.
They rebooted the server and lost all the computers connected to it.
I read the the IP address was supported to be private, and it was set as obtain automactly.
the DNS was set as 192.168.2.10
Am I on the right track?
What should I use as an IP (If I am?)
All they really do with this servers is share data/printers.
Thanks In Advance
Joe

posted in Network Security - 6 replies

cookie commands

alderic — Wed, 20 Dec 2006 03:07:27 GMT

I was curious if anyone here is actively detecting bot commands within cookies passed through port 80 and how you are doing it? This seems to be a new trend, but I don't see much discussion on its mitigation.

posted in Network Security - 1 reply

Rootkit Detection/Removal

JCoreyHolden — Thu, 22 Dec 2005 03:10:08 GMT

I'm trying to find some good techniques and tools for detecting and removing rootkits. (Specifically with Windows XP, and yeah, I know that it is probably futile, at present.) I was wondering what has worked for all of you.

posted in Network Security - 2 replies

Ingressing and Egression filtering

Wed, 15 Sep 2004 15:16:12 GMT

New here...

does anyone know where i can find more articles on this topic beside the RFC site?

any help would be great!
thanks!

posted in Network Security - 4 replies

Need an established network security or partner

elseano — Mon, 06 Nov 2006 23:10:19 GMT

Hello,

I work for a start-up in San Francisco that is currently between demo and alpha stage. Security is a high concern for my customer and we want to identify a partner who can do an initial security assessment and possibly provide ongoing advice and administration.

We're looking at RHES4 (and eventually 5) using apache2.2/tomcat5 at RackSpace managed hosting.

Anyone know anyone? Preferably and established firm or someone with many years experience.

-sean

posted in Network Security - 1 reply

WEP vs. WPA/WPA2

nodsamadhi — Wed, 15 Feb 2006 15:02:03 GMT

so of course i know WEP is complete crap, but i've been hearing that WPA is a bit better...my question is, how much? anybody have experience using (or cracking) it in the field?

posted in Network Security - 18 replies

Packet Capture / Cisco Aironet 340 PCMCIA

Sintax — Thu, 16 Feb 2006 00:56:23 GMT

Hey what's up.. i'm new to this website but pretty skilled with networking :-P I recently came across a small problem I was wondering if anyone could help me out here or lead me in the right direction.. i have a cisco aironet 340 802.11b pcmcia adapter in my toshiba satellite laptop and for some weird reason.. any packet capturing program I try to use.. fails at doing its job.. im guessing i need some sort of drivers or whatnot, but im running the latest WinPCAP too.. these programs worked in the past, and work flawlessly in BSD and Linux, my aironet util says i need some new NDIS drivers but im not sure where to find them, netstumbler doesnt want to pickup APs.. ettercap can't pickup even my router in a host mac address scan, nor does Cain (www.oxid.it) anyone have any ideas ?

-Sintax

posted in Network Security - 4 replies

nmap 4.01 and the NSA

tehb0tt — Mon, 13 Feb 2006 20:44:12 GMT

Just saw a post from Fyodor and hot on the heels of 4.0 is 4.01 AND the pic from the NSA the other day has tools listed in the background!
I'll upload it.

posted in Network Security - 3 replies

Intrusion Prevention vs. Intrusion Detection

jamesd — Mon, 07 Nov 2005 22:06:34 GMT

I wanted to know your feelings on prevention vs detection. It seems like both have there strengths and weaknesses what offers the best trade off?

posted in Network Security - 17 replies

hi

rek2 — Tue, 18 Oct 2005 00:14:35 GMT

hi guys... I am a Network Engineer in the outside a hacker in the inside for live. just wanted to introduce myself.. anyone in the Boston Area?

posted in Network Security - 10 replies

Confessions of a White Hat Warbiker

PABlo — Sun, 24 Jul 2005 21:26:21 GMT

In the hope that this is a good place to find some readers who are interested in the topic(s) of security:

http://blogs.ittoolbox.com/security/confessions/

Comments can be made via this thread or by commenting the articles themselves.

Peace.Out
PABlo

posted in Network Security - 0 replies

A reformed ex-hacker

yukonsjac1 — Sun, 19 Jun 2005 03:24:56 GMT

gave Click Online's Spencer Kelly a demonstration of just how much damage a worm or virus can do to your home computer.

Jacques Erasmus, ex-hacker
Jacques Erasmus now uses his experience to fight the hackers
Jacques Erasmus makes his living advising on computer security, helping to write software to repel hackers.

His extensive experience comes from a less honourable past: as a hobby, he used to be a hacker himself.

But he says that, unlike him, today's hackers do not just do it for fun.

"The new breed of hackers are driven by money. That's their main motivation, extorting businesses and other institutions.

So how do these people, who presumably have day jobs related to computers, get together and decide to form a group of hackers?

Speedy attack

Jacques Erasmus says: "I think they mostly hang out in chat rooms and forums on the 'net, discuss hacking computer security and from these groups they'll find people that they think are suitable, with the right skill set, and they'll form a team, a crew."

Within seconds of infection, our PC started downloading some strange programs
Jacques wanted to demonstrate just how risky it is to connect an unprotected PC to the internet.

We set up a poor Windows XP machine with no firewall or anti-virus software.

Connecting it to the internet would be like throwing it into a lion pen with raw meat strapped to its hard drive.

How long would it be before we were hit by something nasty on the net? Hours, minutes?

As it turned out - eight seconds!

We were hit by Sasser, one of the fastest spreading worms on the internet.

It wastes no time at all in taking over your PC.

Within seconds of infection, our PC started downloading some strange programs, or payloads, from mysterious internet addresses.

These payloads are the programs that can take control of your machine and turn it into a remote controlled bot.

Sinister

Our machine then started scanning random internet addresses, looking for other vulnerable PCs to infect.

Then Internet Explorer started downloading spyware.

Botnet
Large websites and businesses are frequently targetted by hackers
Within five minutes our PC was running so many malicious programs that the CPU (central processing unit) was running flat-out at 100% - and we were not even touching it.

Perhaps the most sinister thing about an infected PC is that it can become part of a "botnet" - a network of seemingly innocent but infected machines whose combined processing power can be hired out to organized crime.

These botnets can comprise hundreds or thousands of zombie PCs, all awaiting instructions.

One of the most common instructions would be to launch a concerted attack on a popular website - a DDOS (distributed denial of service) attack, where major websites are flooded with repeated bogus requests from hundreds of zombie PCs.

Overwhelmed by the traffic, the site goes down.

Extortion

Several large websites, including Google, have already fallen victim to DDOS attacks.

Jacques Erasmus explains: "First is the extortion, where they'll phone a high profile website that has lots of visitors and makes money, and they'll say to them 'give us £100,000 or we'll take down your website for X amount of hours'."

Our PC crashed completely in less than 30 minutes
If the targeted website then fails to pay the money it is DDOSed to death.

Another function of a remote-controlled PC is to report back all the keystrokes typed on its keyboard.

This is thought to be how hackers recently obtained passwords to the systems of the Sumitomo Mitsui bank in London, and began electronically stealing funds.

In this case, police foiled the scam and made an arrest.

Lost trail

But following the money trail often proves difficult, as Jacques points out.

"I've heard that these guys all set up Latvian bank accounts, which are pretty much untraceable. Latvia is the new Switzerland.

"If you found a hole in software that millions of people use, and is very high profile, you can sell that to the highest bidder for perhaps one or two million dollars."

Of course, if you have been a victim of hacking, it is no laughing matter.

It certainly was not for our PC, which crashed completely in less than 30 minutes.

It is interesting to note that although we were only hit by three worms in 25 minutes, the damage each of them did was enormous.

All of it could have been prevented with anti-virus software and a firewall.

posted in Network Security - 0 replies

Bandwidth theft detection

Robert — Mon, 15 Nov 2004 16:16:19 GMT

I am an assistant administrator of an 800 computer network running windows 2k3 server over a dhcp network running 2 t1 lines. Every day at the same time our bandwidth dries up to the single digits (i.e. under 10 kps). Does anyone know of a packet sniffer that can quantitatively analyze the network and see which IP address is transmitting/recieving so much that it is slowing down the network? I've tried Ethereal but I haven't figured out how to reduce the data just yet, any help would be appreciated. Thank you.

posted in Network Security - 8 replies

Big Brother is Watching

yukonsjac1 — Sat, 11 Jun 2005 05:01:48 GMT

How NSA access was built into Windows

A CARELESS mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA "help information" trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.

LibertyThink

The first discovery of the new NSA access system was made two years ago by British researcher Dr Nicko van Someren. But it was only a few weeks ago when a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.

Computer security specialists have been aware for two years that unusual features are contained inside a standard Windows software "driver" used for security and encryption functions. The driver, called ADVAPI.DLL, enables and controls a range of security functions. If you use Windows, you will find it in the C:Windowssystem directory of your computer.

ADVAPI.DLL works closely with Microsoft Internet Explorer, but will only run crypographic functions that the US governments allows Microsoft to export. That information is bad enough news, from a European point of view. Now, it turns out that ADVAPI will run special programmes inserted and controlled by NSA. As yet, no-one knows what these programmes are, or what they do.

Dr Nicko van Someren reported at last year's Crypto 98 conference that he had disassembled the ADVADPI driver. He found it contained two different keys. One was used by Microsoft to control the cryptographic functions enabled in Windows, in compliance with US export regulations. But the reason for building in a second key, or who owned it, remained a mystery...

A second key

Two weeks ago, a US security company came up with conclusive evidence that the second key belongs to NSA. Like Dr van Someren, Andrew Fernandez, chief scientist with Cryptonym of Morrisville, North Carolina, had been probing the presence and significance of the two keys. Then he checked the latest Service Pack release for Windows NT4, Service Pack 5. He found that Microsoft's developers had failed to remove or "strip" the debugging symbols used to test this software before they released it. Inside the code were the labels for the two keys. One was called "KEY". The other was called "NSAKEY".

Fernandes reported his re-discovery of the two CAPI keys, and their secret meaning, to "Advances in Cryptology, Crypto'99" conference held in Santa Barbara. According to those present at the conference, Windows developers attending the conference did not deny that the "NSA" key was built into their software. But they refused to talk about what the key did, or why it had been put there without users' knowledge.

A third key?!

But according to two witnesses attending the conference, even Microsoft's top crypto programmers were astonished to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was "stunned" to learn of these discoveries, by outsiders. The latest discovery by Dr van Someren is based on advanced search methods which test and report on the "entropy" of programming code.

Within the Microsoft organisation, access to Windows source code is said to be highly compartmentalized, making it easy for modifications to be inserted without the knowledge of even the respective product managers.

Researchers are divided about whether the NSA key could be intended to let US government users of Windows run classified cryptosystems on their machines or whether it is intended to open up anyone's and everyone's Windows computer to intelligence gathering techniques deployed by NSA's burgeoning corps of "information warriors".

According to Fernandez of Cryptonym, the result of having the secret key inside your Windows operating system "is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system". The NSA key is contained inside all versions of Windows from Windows 95 OSR2 onwards.

"For non-American IT managers relying on Windows NT to operate highly secure data centres, this find is worrying", he added. "The US government is currently making it as difficult as possible for "strong" crypto to be used outside of the US. That they have also installed a cryptographic back-door in the world's most abundant operating system should send a strong message to foreign IT managers".

"How is an IT manager to feel when they learn that in every copy of Windows sold, Microsoft has a 'back door' for NSA - making it orders of magnitude easier for the US government to access your computer?" he asked.

Can the loophole be turned round against the snoopers?

Dr van Someren feels that the primary purpose of the NSA key inside Windows may be for legitimate US government use. But he says that there cannot be a legitimate explanation for the third key in Windows 2000 CAPI. "It looks more fishy", he said.

Fernandez believes that NSA's built-in loophole can be turned round against the snoopers. The NSA key inside CAPI can be replaced by your own key, and used to sign cryptographic security modules from overseas or unauthorised third parties, unapproved by Microsoft or the NSA. This is exactly what the US government has been trying to prevent. A demonstration "how to do it" program that replaces the NSA key can be found on Cryptonym's website.

According to one leading US cryptographer, the IT world should be thankful that the subversion of Windows by NSA has come to light before the arrival of CPUs that handles encrypted instruction sets. These would make the type of discoveries made this month impossible. "Had the next-generation CPU's with encrypted instruction sets already been deployed, we would have never found out about NSAKEY."
Posted by jiva at June 10, 2005 03:07 PM
Posted to Big Brother

posted in Network Security - 7 replies

Absolute beginner SBS2003, help please

MikeMountain — Sun, 29 May 2005 16:26:37 GMT

I recently was asked to help administer a pre-installed SBS2003 Network. Normal maintenence task etc are fine. But I'm an absolute network virgin.

One of the 4 PCs attached to the server has ridiculous latency when opening up documents and so on from the server. Its definitely the server as I transferred files to the desktop to open & boom, straight away.

Can anyone suggest the correct approach to faultfind here & fix ? Do I start by pinging the server to see where delays lie ?

Please help me guys

posted in Network Security - 6 replies

Noob NSO

Reason — Tue, 24 May 2005 22:53:29 GMT

Hey all,
Ok, so the long and the short of it is that I'm a fairly new to security NSO. There was a gap that needed filling and I got put into it. Now I am spinning my wheels madly trying to get up to speed because I am convinced that the world is out to get me and where I work.

Can anyone reccomend some good works to help me get started. Books, conferences, mailing lists, magazines. The media is unimportant, knowledge is what I'm after. The biggest problem for me thus far is that I don't know what I don't know. How do I go about learning when I don't know what the right questions are to ask?

Thanks for the help.

posted in Network Security - 3 replies

ADS-Alternate Data STream

Mon, 06 Dec 2004 19:00:10 GMT

i need more information on ADS...i have been searching more on it..but i end up getting the same info...
i want more how it effect security

any help is great....thanks!

changed my topic on the last minute..last minute.......
ahaaaaaaaaaaaaaaaaaaaaaaaaaaa

posted in Network Security - 2 replies

Bigger threat

Mandeep — Wed, 24 Mar 2004 13:11:09 GMT

What is bigger threat virus or hackers?

I think hackers because there people have motive for chos on network.

posted in Network Security - 10 replies

rights and policies

Mandeep — Wed, 24 Mar 2004 19:27:52 GMT

How are user rights and policies setup for most security of network?

posted in Network Security - 18 replies

WTF??

Chris — Wed, 03 Mar 2004 20:55:34 GMT

http://informationweek.securitypipeline.com/news/18201817

I.... just... don`t know what to say.

"Go home newb" comes to mind.

Here is my message: (spelled correctly, btw)

[RANT]

You are the most applicable definition of "lame" that this era has seen. I hope you keep this "war" up -- you`ll make a mistake eventually and either the law or someone else will get you good. I`m not impressed with your buggy, annoying worms. Try getting a real education and working for a change. Try writing real code for a change.

[/RANT]

posted in Network Security - 2 replies

Looking for Sysadmins in the Philly area!

John — Thu, 19 Aug 2004 01:53:35 GMT

...for social and career networking. Don't be shy! Whether you work with Solaris (like I do), Linux, OSX, Windows or something else entirely, all are welcome. I'm thinking about monthly meetings someplace fun. Drop me a message to let me know your interest. Thanks!

posted in Network Security - 0 replies

IDSN Modem??

Thu, 17 Jun 2004 17:25:51 GMT

Is it possible to dial in to a IDSN modem from a plain old 56k modem? Will they connect to each other over a POTS line?

posted in Network Security - 2 replies

network solutions?

Wed, 16 Jun 2004 03:00:16 GMT

im planning on networking my two small businesses. they're in adjacent towns, so i thought a router to router VPN would be the best solution. this VPN would logically act like a WAN. im plannin on using windows 2000...firewalls on both routers and on the servers... obviously i'll set up all necessary permissions. any suggestions regarding a different set up that might be more effective would be greatly appreciated.
thx

posted in Network Security - 7 replies

PGP? whacha got?

devinnull — Mon, 05 Apr 2004 04:44:59 GMT

looking to deploy for secure e-mail.
#must be windows friendly and the users are non-technical.(!)
small deployments.
#handfull of users each.

what are you using and what do you think?
thanks,
/dev

posted in Network Security - 8 replies

Checkpoint.

Wed, 03 Mar 2004 09:24:20 GMT

I'm having to use it at a new gig, first time in years.

I hate checkpoint.

Can they dumb things down anymore?

Sigh.

posted in Network Security - 8 replies

I have a "WTF" too

Kevin — Fri, 12 Mar 2004 00:17:08 GMT

http://maccentral.macworld.com/news/2004/03/11/scoms/index.php?redirect=1079021651000

Perhaps this is where SCO got their money for all their frivolous lawsuits - ya think?

Grr, seethe.

posted in Network Security - 2 replies

Been awhile...

Chris — Tue, 02 Mar 2004 02:05:59 GMT

New news out -- if you haven`t heard already, the new MyDoom variant has a destructive payload.

""MyDoom.F has been picking up pace since Monday and Tuesday," said Mikko Hypponen, manager of Finnish anti-virus research firm F-Secure. "The disturbing thing is that it has a destructive payload. We haven't seen a destructive virus like this in a while," he said."

This was bound to happen -- hybrid worms that carry destructive payloads, it was only a matter of time. yay for social engineering -- keep opening those emails people!

In other news -- Linux kernel vulnerability:

http://netsecurity.about.com/cs/linuxsecurity/a/aa022304.htm
Patch your systems now: 2.4.24 and below are subject to superuser escalation of priv.

Um. Stop using sendmail. No, Really. Use Postfix instead. `nuff said.

Nmap 3.50 is out, get it here: [URL]http://download.insecure.org/nmap/dist/nmap-3.50.tar.bz2[/URL]
btw, Fyodor terminated SCO rights to use Nmap. lol. pwned kthx.

Gigabyte has been arrested. [URL]http://www.prognosisx.com/cgi-bin/cgi-script/csNews/csNews.cgi?database=JanDD%2edb&command=viewone&id=76&op=t[/URL]

other news later... be safe...

posted in Network Security - 0 replies

Is anyone using Intruvert IDS out there

Greg — Mon, 16 Feb 2004 17:19:40 GMT

If so I would like to hear you experiences particularly with the manager. I have had some performence issues with it. I would also like to know what you have done as far tuneing the rules.

posted in Network Security - 0 replies

Modem security?

Sat, 17 Jan 2004 21:53:10 GMT

What are some options for modem security, beyond passwords? Are there any encryption systems, Or perhaps some kind of a vpn system, where even once you've logged in, you can't access anything but a honeypot network until you've run your vpn client?

Maybe some kind of secure phone # that requires you to be calling from pre-defined numbers.. but then, ss7 stuff used to
be pretty easy to spoof... I'm not sure about nowadays?

posted in Network Security - 10 replies

IM Worms start up -- happy new year! :)

Chris — Wed, 14 Jan 2004 08:22:57 GMT

Yeah, for those of you who allow msn through the FW, read on...

http://www.linuxinsider.com/perl/story/32512.html

But after that IRC bug that went around a couple of months ago -- hopefully everyone is becoming wise to IM/Text worms.

AND

http://www.pcsympathy.com/article319.html

The spammers have declared WAR -- Several anti-spam sites have gone down in flames under a barrage of DoS attacks. This has been happening a lot more lately... I know the moral here is to not retaliate when attacked -- but....but... WHY? They represent all that is EVIL is this world. And so begins the "Spammer Inquisition". [/RANT]

arrrgh.

posted in Network Security - 0 replies

Moneygrubbin`

Chris — Fri, 07 Nov 2003 01:19:04 GMT

In case you haven`t heard, M$ is offering a quarter mil ransom for the Sobig and Blaster authors.

I think they`re pissed.

posted in Network Security - 1 reply

c.c.n.a job

Harry — Mon, 08 Dec 2003 14:10:38 GMT

I AM A CISCO CERTIFIED NETWORK ASSOCIATE IN AFRICA.
I AM ALSO A GRADUATE OF ELECTRICAL ELECTRONICS ENGINEERING.
i am looking for a job.
pls help

posted in Network Security - 1 reply

New news...

Chris — Fri, 03 Oct 2003 02:12:06 GMT

Hi all, glad to see this growing. If you haven`t checked out www.try2hack.nl ...go hit it up and see how far you can go. They are back up :)

Also, interesting topic here:
http://www.crime-research.org/eng/news/2003/09/Mess2801.html
Talks about organized crime and hacking...related? Scary.

What do you guys think about the infamous Sobig.F? Is it coming? Are you prepared? What`s he gonna do next...

posted in Network Security - 4 replies

No expert, but I'm learning....

Blissdaddy — Mon, 27 Oct 2003 21:21:44 GMT

Hi,

I've worked for a consulting firm and part of our services included running approved audits on SOHO companies and then consulting on how to tighten up their network.

I'm always up for learning more about how to secure my home PC. It's amazing how many people I run into have Kazaa and other crap on their PCs and then wonder why their hard disk is getting eaten up----

------
mark

posted in Network Security - 0 replies

If you haven`t seen this yet...lolz

Chris — Mon, 13 Oct 2003 21:44:25 GMT

This guy is great... long story short, he made a sniffer sig that reports your info to you. Very clever, and it has caused some ruckus over at Trillian`s forums... read on...

http://www.danasoft.com/

Do you think this violates privacy/security issues? I think not.

posted in Network Security - 0 replies

Attemped DoS...

Chris — Sat, 04 Oct 2003 03:05:17 GMT

This was funny, its happened before, but I wanted to point it out this time.

Under the tribe photo section, I have a pic showing a short stint of up to 4.3Gb/s of traffic on the outside (backbone) of our network. The traffic didn`t make it to the other side of the router due to an ACL, but it is kind of funny that someone may have tried to DoS a pipe so big they couldn`t stuff it...

posted in Network Security - 1 reply

Lamerz...check this

Chris — Tue, 07 Oct 2003 22:10:03 GMT

One pet peeve of mine are the 419 scams. Too bad those llamas actually came here as well. This was a response to one of my posts -- :P BTW, If you receive these emails, the proper place to send them is <419.fcd@usss.treas.gov>. p/out

If you are reading this, "moni", git back in yer hole!
---------------------------------------------------
From
moni
No connection between you and moni
business
Here for: get intouch
Network: 0 friends in a network of 1
Date
2003-10-07 11:53:43.0
Subject
Re: Links you should always have open...

Message
Madam Moni Kabila
Tel:225 05-80-59-64
Introduction.
My Dear,

PLEASE REPLY ME WITH THIS PRIVATE EMAIL
k_moni77@yahoo.ca

It is my pleasure to contact you for a business
venture which I and my Son Mack,intend to establish in
your
country.

Though I have not met with you before but I believe,
one has to risk confiding in succeed sometimes in
life.

There is this huge amount of Eigtheen million
U.S dollars($18,000,000.00) which my late Husband
kept for us with a Security Company in Abidjan
before he was assasinated by unknown persons.Now I and
my son decided to invest these money in your
country or anywhere safe enough outside Africa for
security and political reasons.We want you to help us
claim and retrieve these fund from the Fiduciary
Fund Holders and transfer it into your personal
account in your country for investment purposes on
these areas:

1). Telecommunication
2). the transport industry
3). Five star hotel

If you can be of an assistance to us we will
be pleased to offer to you 10% Of the total fund.

PLEASE REPLY ME WITH THIS PRIVATE EMAIL
k_moni77@yahoo.ca

I await your soonest response.

Respectfully yours,
Mrs. Moni Kabila.

posted in Network Security - 0 replies