Search:

Type: Posts; User: Gixxer; Keyword(s):

Page 1 of 3 1 2 3

Search: Search took 0.02 seconds.

  1. Replies
    2
    Views
    6,871

    Justification for IPS purchase

    Hey guys, I have recently completed an evaluation of 3 different IPS devices. ISS proventia, Juniper IDP and McAfee's Intusheild. The ISS product was hands down the best and worked out to be the...
  2. Replies
    18
    Views
    22,287

    This server is a application server that houses...

    This server is a application server that houses mostly engineering apps. It does not host email of any kind.

    OK a little update on this one: A normal virus scan did not detect any viruses and a...
  3. Replies
    18
    Views
    22,287

    OK etheral sounds good, im on it. I also wrote a...

    OK etheral sounds good, im on it. I also wrote a little vbs script that I have scheduled to run frequently on the server to do a netstat -a and grep the results ( "find" in the Windows envir ) for...
  4. Replies
    18
    Views
    22,287

    Yes althought I still suspicious of this traffic...

    Yes althought I still suspicious of this traffic I am relieved that those ips didn't come back belonging to univerisity of bejing or something like that.

    So both of you guys pretty much agree that...
  5. Replies
    18
    Views
    22,287

    Suspicious Traffic being reported in FW logs

    We have a Cisco ASA 5510 at our company. We have the logs being captured by a syslog deamon running on a server. We recently noticed some suspicious traffic that has occurred over the past month. It...
  6. Replies
    4
    Views
    12,111

    Simple way to test an IPS device

    Let me preclude this discussion by saying that I am fairly new to security. I know the basics but nothing advanced.

    Here is the situation: We are currently testing ISS's Proventia GX4002 IPS...
  7. Replies
    2
    Views
    6,410

    Curious Traffic?

    I am trying to understand this traffic that I see reported on our FW log reports. A bunch of internal hosts on our network are trying to send packets out through the FW to 1.10.8.9. This is all port...
  8. Replies
    12
    Views
    13,373

    zENGER, I think you took my post the wrong...

    zENGER,

    I think you took my post the wrong way, I don't know how that would have happened. Maybe it was the whole "ring his neck" thinkg. I didn't send a nasty email over to the hosting company....
  9. Replies
    12
    Views
    13,373

    Here is a small ( 100 or so packets ) capture of...

    Here is a small ( 100 or so packets ) capture of the traffic to and from his system using ethereal.

    Does it tell you guys anything? I see alot of remarks about a "radio", maybe Akamai is...
  10. Replies
    12
    Views
    13,373

    Thanks guys, I sent Mr. Noam Freedman and little...

    Thanks guys, I sent Mr. Noam Freedman and little email, lets see if I get a response. I'm going up to the user's machine now to ring his neck. First, I'm going to that segment to do a little...
  11. Replies
    12
    Views
    13,373

    Help identify this host

    We have an internal host on our network trying to access the ip 80.67.76.26 over port 80 a couple thousand times a day. The traffic increases to during offhours time, which makes me think its some...
  12. Replies
    11
    Views
    15,458

    simply little google search show that it looks...

    simply little google search show that it looks like 6346 is used by the Gnutella network to share P-2-P data.

    So let me ask the question. If a user on our network is running Limewire ( or any...
  13. Replies
    11
    Views
    15,458

    Wow, what a day today not even a chance for me to...

    Wow, what a day today not even a chance for me to get back and check my own thread. Let me start by thanking everyone for their help. hopefully I can clarify some of the confusion. Forgive me if I...
  14. Replies
    11
    Views
    15,458

    Firewall traffic question

    Hey guys, I found a bunch of these events in my PIX FW logs. Any one know what they mean?
    Am I under attack?? This is only a small sample of them but you can see that there are some suspicious...
  15. Replies
    8
    Views
    8,216

    I just downloaded a 30 day trial of Firegen. Cool...

    I just downloaded a 30 day trial of Firegen. Cool product, it takes the logs and converts them into useable information with graphs\comparison\etc. Its relativly cheap to purchase too. Looks like I...
  16. Replies
    8
    Views
    8,216

    I am going to try to filter out some of the data...

    I am going to try to filter out some of the data to make it more intelligable. I am just getting involved with analyzing PIX logs. Do you guys have any suggestions on what I could safely "trim"...
  17. Replies
    8
    Views
    8,216

    PIX firewall logs

    We have a Cisco PIX firewall in place at work. Currently we are using kiwi to gather the FW logs and send them to a Windows 2K3 server. There is soooo ( about 1.5 G per day of text files ) much data...
  18. Replies
    10
    Views
    8,075

    Thanks for responses guys. Sorry for delay in...

    Thanks for responses guys. Sorry for delay in getting back to ya.

    We primarily use FTP for field technician to transfer there rather large finding files back to the company. We also have instances...
  19. Replies
    10
    Views
    8,075

    Securing FTP for your enterprise

    At work we are looking to setup an FTP server, however I'm looking for suggestions on securing it. I know there are many options available, encypting just login info, encrypting all data transfered,...
  20. Replies
    4
    Views
    6,638

    Windows File Share permissions

    In a windows 2000 domain, does anyone know how to compose a report that will list a file share and file permissions assosiated to that share. Take it a step further and list all folders beneath that...
  21. Replies
    4
    Views
    5,886

    No I haven't, so your saying keep the auditting...

    No I haven't, so your saying keep the auditting on the entire domain, capture the data from the event viewer into like a CSV file or something like that and then use excel or access to filter for the...
  22. Replies
    4
    Views
    5,886

    Auditting "Privileged" account logins

    I am trying to see if there is a way to audit at the group or user level on a windows 2000 domain. What I mean is, I have in the past setup auditting on our domain to capture successful and failed...
  23. Thanks guys, I was looking for the wrong event #....

    Thanks guys, I was looking for the wrong event #. Both the enable and disable fall under the id # 642.

    -Travis
  24. user account audit not recording in event viewer

    Hey guys

    I running a Win2K domain, with active directory (AD). I have security auditting running via the 'default domain controllers' policy. I am setup to audit success and failure events for...
  25. Replies
    4
    Views
    4,609

    I found this page to help with building the web...

    I found this page to help with building the web site that will allow a user to change their password but it still doesn't address the issue of if the user can't be bothered with changing it before...
Results 1 to 25 of 57
Page 1 of 3 1 2 3