RE: rogue IP address

From: Chris Berry (compjma_at_hotmail.com)
Date: 05/03/03

  • Next message: Barry Irwin: "Re: Types of VPNs" 
    To: security-basics@securityfocus.com
Date: Fri, 02 May 2003 18:14:47 -0700

    >From: "Burton M. Strauss III" <BStrauss@acm.org>
    >Try using tcpdump to see if you can sniff the packet streams and run
    >something like strings on it. It may give you login names etc. that you
    >recognize.
    >
    >tcpdump -w x.raw -c50
    >strings x.raw | grep USER
    >strings x.raw | grep PASS (Since people use their mail address for
    >anonymous ftp)

    Hey, that's pretty clever, I like that idea. You'll probably end up have to
    go with one of the more brute force methods like switching things off till
    you isolate it though.

    Chris Berry
    compjma@hotmail.com
    Systems Administrator
    JM Associates

    "This email is ROT26 encrypted, by reading it you are in violation of the
    DMCA, and should turn yourself in to the authorities immediately."

    _________________________________________________________________
    Tired of spam? Get advanced junk mail protection with MSN 8.
    http://join.msn.com/?page=features/junkmail

    ---------------------------------------------------------------------------
    FastTrain has your solution for a great CISSP Boot Camp. The industry's most
    recognized corporate security certification track, provides a comprehensive
    prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization
    of pertinent security tools. For a limited time you can enter for a chance
    to win one of the latest technological innovations, the SEGWAY HT.
    Log onto http://www.securityfocus.com/FastTrain-security-basics
    ----------------------------------------------------------------------------

  • Next message: Barry Irwin: "Re: Types of VPNs"

    Relevant Pages

    • Re: security enhacement to C runtime library (XXX_s)
      ... In the below link MS announces a security update to the C runtime ... Every buffer overflow error that was made before can still be ... strings in C the way they are used in every other programming ... how can we increase the programmer ...
      (comp.std.c)
    • Re: Possible break in
      ... I had ran strings on it too, and tried to find some of the strings on ... >> Security Linux, the comprehensive security solution that combines six ... Protect your network against hackers, viruses, spam and other risks with Astaro ...
      (Incidents)
    • RE: p2p and ISA
      ... allow the user to install the application. ... > recognized corporate security certification track, ... This ALL INCLUSIVE curriculum utilizes lectures, ... For a limited time you can enter ...
      (Focus-Microsoft)
    • RE: Share Point?
      ... Sharepoint actually has the ability to use either Domain logins or locally ... Has anyone here tested Share Point's security? ... >INCLUSIVE curriculum utilizes lectures, ... For a limited time you can enter for a chance ...
      (Focus-Microsoft)
    • Re: GUIs for Win32 Snort?
      ... Do you Yahoo!? ... > recognized corporate security certification track, ... > of pertinent security tools. ... This ALL INCLUSIVE curriculum utilizes ...
      (Security-Basics)