Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: what to do?

from [zp] Network Security [Permanent Link]
Subject: Re: what to do?
Date: Tue, 30 Aug 2005 22:43:04 -0400 
Of course..but for this instance, a simple port change would
cure his paranoia. Anyone with port 22 open on their fw
has logs full of this crap. If i found the same dictionary attack
on 1 (or 2) of my non-default ports then some of the suggestions
mentioned would be worth looking into / implementing. 

And lets say it was a specific malicious event directed towards him,
his sshd logs are not going to help him figure out whats going on neither
will other logs on the system. 

I dont mean to belittle any of the solutions stated as they all are valid and
and clever but, they will not help you identify a malicious intruder. IMO only
a well maintaned snort (or other ids tool) will give you the ability
to seriously
ask " was i hacked?"

-z

On 8/30/05, Shane Singh <shane@nextwaveaudio.com.au> wrote:

All great suggestions thusfar. I found it easier
to just change the default port for ssh.



Just remember all the security 101 notes about "security through
obscurity"

:)

--
Shaineel Singh
e: mailto: shane@nextwaveaudio.com.au
w: http://nextwaveaudio.com.au/shsingh
p: 0424 620 254

--
"Life can be magnificent and overwhelming - That is its whole tragedy.
Without beauty, love, or danger it would almost be easy to live." Albert
Camus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Computer forensics to uncover illegal internet use, McKinley, Jackson
Next by Date:  Re: Your opinion on Skype, Shawn Merdinger
Previous by Thread:  RE: what to do?, Shane Singh
Next by Thread:  Ping, ICMP and TCP Ping, zaka rias
Indexes:  [Date] [Thread] [Top] [All Lists]