Search Results - Antionline Forums - Maximum Security for a Connected World

Search:

Type: Posts; User: ammo; Keyword(s):

Page 1 of 20 1 2 3 4

Search: Search took 0.03 seconds.

  1. Thread: Forum Declines?

    by ammo
    Replies
    47
    Views
    8,018

    Haha, by some funny coincidence, I just happened...

    Haha, by some funny coincidence, I just happened to stumble across this old bookmark thought I'd peek in... I guess I'm not the only one that had forgot about AO..!
  2. Try a shorter filename

    Try a shorter filename
  3. Replies
    5
    Views
    871

    Indeed, you are bridging, hence there is no need...

    Indeed, you are bridging, hence there is no need for the ip helper.
    Your dhcp server should handle your wifi clients in a normal fashion (broadcast dhcp without relay)...
  4. Replies
    5
    Views
    871

    Couple of things: -What version of IOS are you...

    Couple of things:
    -What version of IOS are you using?
    -Show us the config of your wireless interface
    -Are you receiving anything

    You could always do a debug ip packet (match on port 67 and...
  5. Replies
    7
    Views
    907

    The "router in front for security reasons" way...

    The "router in front for security reasons" way doesn't really hold ground anymore IMHO:
    It used to be that firewalls couldn't hold the load of being the edge device; that isn't so true anymore. ...
  6. Thread: Cisco Pix 501

    by ammo
    Replies
    8
    Views
    1,164

    You might want to have a look at the Cisco ASA...

    You might want to have a look at the Cisco ASA 5505, ASA being the PIX newer replacement line, and the 5505 being the equivalent of the 501...


    Ammo
  7. Replies
    4
    Views
    1,553

    Not quite: You'll need to define a global pool...

    Not quite:

    You'll need to define a global pool and use it in your nat instead of the nat "0" which tells the pix NOT to nat on traffic matching that acl...

    Should look something like this:
    ...
  8. Replies
    4
    Views
    1,553

    You need a normal nat entry to enable inside...

    You need a normal nat entry to enable inside traffic to leave on the outside interface.

    Ammo
  9. Replies
    8
    Views
    1,033

    Careful with the self-signed certificate; make...

    Careful with the self-signed certificate; make sure users validate the certificate hash when they first log on and that they then install the certificate if valid. And of course, never continu on a...
  10. Thread: Wireless OpenBSD

    by ammo
    Replies
    3
    Views
    829

    You'll find better help over at the openbsd...

    You'll find better help over at the openbsd mailing list: misc@openbsd.org

    DO however:
    1- make sure to search the archives (http://marc.theaimsgroup.com/?l=openbsd-misc) before posting
    2- make...
  11. Replies
    8
    Views
    1,033

    Don't dismiss basic or digest authenticaiton too...

    Don't dismiss basic or digest authenticaiton too quickly..:

    Both will do just fine IF you use then inside an SSL connection...


    Ammo
  12. Replies
    7
    Views
    30,501

    Funny, I just assisted to a demo of pointsec this...

    Funny, I just assisted to a demo of pointsec this thrusday..!

    Pointsec has versions of BartPE boot disk that are preset with the appropriate stuff to boot/read off a pointsec encrypted drive; it...
  13. Replies
    8
    Views
    1,468

    If you can't run a sniffer, just do the next best...

    If you can't run a sniffer, just do the next best thing and capture on the pix itself:

    I don't have the exact syntax in front of me, but it should run something like this:

    access-list...
  14. Replies
    17
    Views
    2,024

    Use a real throughput testing tool like ttcp;...

    Use a real throughput testing tool like ttcp; This tool is often included on linux (or in packages) and also availible as a windows port (http://www.pcausa.com/Utilities/pcattcp.htm).

    This way you...
  15. Replies
    5
    Views
    1,130

    I routinely use Visio at work, although I despise...

    I routinely use Visio at work, although I despise it...
    My personal favorite is LanFlow (EdgeDiagramer) from PaceStar (www.pacestar.com).

    Ammo
  16. DSL Path MTU

    Did you say DSL? Do they use PPPoE?

    I'll bet you 10 antipoints your problem is with the Path MTU.

    My coworker had the same issue a couple weeks back: dsl line, cisco vpn, cheap router.
    ...
  17. Replies
    5
    Views
    1,061

    Well, it's totally debateable, but I disagree......

    Well, it's totally debateable, but I disagree...

    The 80/20 rule doesn't stand much nowadays. Routing is fast enough that you're much better off segmenting your servers inside server vlan(s) and...
  18. Replies
    6
    Views
    1,502

    Sort of... Depending on how well the dns...

    Sort of...

    Depending on how well the dns server is configured, you might be able to do a zone transfer from it.

    I'll leave it up to you to google how one does a zone transfer...


    Ammo
  19. Replies
    5
    Views
    873

    (Depending on what you meant by or if the...

    (Depending on what you meant by or if the emphasis was on "from a single node")

    There are other means also:

    1- mac table flooding: spoof enough source mac addresses to overload the switch's...
  20. Replies
    4
    Views
    1,560

    Indeed, you usually try to drop traffic as close...

    Indeed, you usually try to drop traffic as close to the edge as possible.

    However, one reason for filtering out on an interface could be if you have a router with multiple interfaces and wanted...
  21. Replies
    13
    Views
    2,410

    Backtrack is really nice...

    Backtrack is really nice...
  22. Replies
    3
    Views
    1,331

    Our intent with port-security is mostly to...

    Our intent with port-security is mostly to prevent users from uplinking hubs or switches of their own. We'll limit each switchport to a single mac address (dynamicaly learned).

    Indeed, we also...
  23. Replies
    2
    Views
    840

    Couldn't agree more. People are claiming...

    Couldn't agree more.

    People are claiming 2-factor auth to be the wrong, while in fact it is the right answer... if you keep in mind the original question; now they're changing the question and,...
  24. Replies
    3
    Views
    1,331

    Layer 2 security with Cisco switches

    Hey guys,

    We're currently in the process of upgrading our access layer switches to Catalysts 3560s, which offer the folowing layer 2 security features:

    BPDUguard
    BPDUfilter
    port security...
  25. Replies
    48
    Views
    21,986

    Sticky: Ok, here it goes: 1- Install OpenBSD from ftp...

    Ok, here it goes:

    1- Install OpenBSD from ftp (stable branch).
    2- Done.

    ;)


    Ammo
Results 1 to 25 of 500
Page 1 of 20 1 2 3 4

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides