headers
Murad Talukdar | 1 Apr 2004 05:47
Favicon

pop3 over telnet and clear text passwords

I often use pop3 over telnet to check on email boxes some users have.(ie
that they've been setup properly) How do I mask the fact that the
username/password is transmitted as clear text?(If I can?)
Thanks
Murad Talukdar

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Permalink | Reply | 7 comments |
headers
Brendan Halliday | 1 Apr 2004 11:00
Picon

Abnormal activity.

Evening,

I may just be oversensitive, but is anyone here receiving mass amounts
of connection requests on port 4662?

If not, could someone point me to some documentation of what is
happening?

Cheers,
Brendan Halliday AKA p0m, Guardmasta, Maero, Dwervan
Network Engineer\Analyst\Administrator\Security Consultant in Training

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.631 / Virus Database: 404 - Release Date: 17/03/2004

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Permalink | Reply | 6 comments |
headers
Michael Gale | 1 Apr 2004 01:28

Re: Requesting info: VPN solution

Hello,

	I guess it all depends on what you need, lets say for example you have
two offices. 

One in location A with static IP A.A.A.A and one in location B with
static IP B.B.B.B. 

Why go out and spend all kinds of money on VPN's --- they all do mostly
the same thing ... they usually all support the same encryption levels.

Why not use FreeS/Wan or SuperFreeS/Wan ? You take two average boxes and
install linux, base install nothing more. Really all you need is a
running kernel, you could easily use a bootable CD. 

Anyways base install and build Super FreeS/wan ... on VPN box at
location A we allow only UDP port 500 traffic and IP protocol 50 from IP
B.B.B.B only .. all other traffic is dropped. We do the same on box B at
location B, allowing only UDP port 500 and IP protocol 50 from IP
A.A.A.A.

You use then only allow AES-256 with SHA-1-256 bit encryption using RSA
keys.

Once configured their is NO maintenance at all required. I am using a
similar solution and since the initial install I never have had to
touch the boxes.

All this cost me about $1500 because I had to buy two boxes at $700 a
piece.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Halverson, Chris | 1 Apr 2004 19:02
Favicon

RE: Encrypted Remote display?

Would you not want to use SSH to run these tools?  Maybe even do X11
forwarding over the Secure Link.

-----Original Message-----
From: BĂ©noni MARTIN 

Hi list!!

I am looking for a tool which will be a kind of "secured VNC". What I would
like at the end is the following:

I have a WinXP and a RedHat, with an Apache running on the latter. I
currently access my Redhat from XP through Apache and https, and would like
to be able to run tools on my Linux through my https connection on my IE,
tools needing an GTK display (FWBuilder and Cheops) :(

So...any ideas? I am lost? I'd rather asking before starting developing a
tool to perform that!

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
(Continue reading)

Permalink | Reply | 0 comments |
headers
Bob George | 1 Apr 2004 14:28

Re: Wireless: 802.11 - FHSS systems

Dpto. de Internet- Jose J. Pedrajas wrote:
> [...]
> I am interested in wireless systems that use FHSS as the radio access
> method. I have just read some articles and I would like to know something
> more:
> 
>     1) What do you think about security in these type of systems (FHSS vs
> DSSS)?

As with any products, it depends on the manufacturer. Some are very 
proactive, and addressing security in a prudent manner. Others are 
counting on FHSS being mysterious, and beyond the comprehension of 
anybody but their elite group of techies, touting "complex and 
proprietary" as their safeguards.

>     2) Is it possible to use sniffers in these systems? How much of easy it
> is to sniff them?

Not "easy" per se, but with the same equipment it'd certainly be doable. 
You won't find any $80 wireless NICs for these at your local computer 
store though. You'd have to WANT to get them, and be willing to spend 
some bucks to do it. Even then, if they're prudent and encrypting etc., 
it might all be for naught.

>     3) Could you recommend me some links about these type of technology?

Google away. You should find plenty.

>     4) I know that, an enterprise that manufacture these systems, is
> Alvarion. Do you know another enterprises?
(Continue reading)

Permalink | Reply | 0 comments |
headers
Alvin Oga | 1 Apr 2004 06:38

Re: Secure host newbie - fun


hi ya shawn

> 
> There are some extremely educated guys on this list, even though it is a
> 
> "security basics" list. I'm not one of them, but they are here. If you

ditto

> do 
> have any security questions I'm sure someone on the list can help you
> out no 
> problem, but I wouldn't count on becoming an expert by reading or
> studying 
> which is about 1/4 of a security-pro's diet. I'd say another 2/4'ths are
> 
> experience and another 1/4'th is skill.

i'd venture to say ... 95% of security is just people management ...
and 5% is implementing a techie solution

reading is good ..but should be 5% of your time ... 
and even better, go to informal security meetings ( user group meetings )

- you cannot make it too strict to restrict productivity
- you cannot leave it wide open so tom-dick-n-harry can see break into
  hr's salary PC and repost everybody's salary and benefits

- who is gonna get fired when a security breach occurs ???
(Continue reading)

Permalink | Reply | 2 comments |
headers
Eric Hagen | 1 Apr 2004 01:43

Re: NMAP Accuracy vs. Speed

Sorry for a late reply, but I remember noting that at SYN scan is much 
faster than a full-TCP-connect scan and does not time out as easily on 
faster settings.  Try -sS and -t4.  That might do it for you.

Eric Hagen

jburzenski <at> americanhm.com wrote:

>I'm looking for any recommended settings for scripting nmap to accurately
>scan several large logically disperse networks.  My target list consists of
>about 5 c-class networks that do not respond to ICMP and about 40 single Ips
>that either do or do not respond to ICMP.  
>
>I would prefer accuracy over speed if the scan times are reasonable.  I have
>been -P0 on all scans since I can't reliably detect 100% of online hosts
>(which generates about 1.5MB of output in -oG format due to all of the
>filtered ports reported on).  Scans with -T 3 currently take about 8 days.
>Scans on -T 4 take about 1 day.  T 3 are noticeably more accurate and some
>networks report as no hosts online or ports open under T 4.  
>
>Here is my current scanning command:
>
>nmap -T 4 -iL targetlist.txt -sT -P0 -oG output.log
>
>My goal is to maintain an updated list of target networks and use nmap to
>detect all open ports across the span monthly.  Then, another script will
>diff the outputs and report on any changes.  Eventually, I'll get a udp
>audit going as well. 
>
>Any help would be appreciated.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Jason Humes | 1 Apr 2004 16:47
Picon

Any experience with Harvester?

Hi
Has anyone ever used Harvester from farm9.org?  Any comments on your
experience?  We are looking at something which can be a central point for
all of our snmp and syslog messages and we also need the ability to perform
searches against these logs based on IP or on time etc.  Any ideas.  Thanks

Jason 

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Permalink | Reply | 0 comments |
headers
Andrew | 1 Apr 2004 16:43

Sharing a DSL line

Hello,

I am considering sharing a DSL line for both a staff and a public network,
the public one wireless, the staff one hard-wired. Both will lie behind
firewall routers, so theoretically any potential attacker from the inside
would be in the same position as an intruder from the internet. Is this
correct?

Thanks,

Andrew

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Permalink | Reply | 3 comments |
headers
Andrew Shore | 1 Apr 2004 09:24

RE: Requesting info: VPN solution

It may also be worth looking at the Checkpopint safe <at>  boxes.

Web interface to set up the VPN and comparable cost to the Cisco 501
(depending on the number of users)

 
Andrew Shore
Senior Security Specialist
DDI. 01302 308 165
andrew.shore <at> holistecs.com

 

Company Number 04943010
VAT Number 828 8635 82

 
Holistic Technologies Ltd
Unit 7 Shaw Wood Business Park
Shaw Wood Way
Doncaster
South Yorkshire
DN2 5TB
T. 0870 240 1442
F. 0870 240 1443
www.holistecs.com

-----Original Message-----
From: Gene Cronk [mailto:gcronk <at> trsg.net] 
Sent: 31 March 2004 18:10
(Continue reading)

Permalink | Reply | 0 comments |

Gmane