Recent content by Stang Man

  1. S

    Being Port Scanned and ISP will not help

    I'd agree with you on "welcome to the internet" but I wouldn't say "it's a waste of time to read firewall logs."
  2. S

    how do you pronounce Gnome?

    I was at SCALE (so cal linux expo) this weekend and there was a Gnome booth. The people working the booth called it "geh-nome." I've always called it "nome", with a silent g, though.
  3. S

    reformat hard drive (preparing for sale)

    deleting partitions != securely deleting data
  4. S

    rsync two directories on seperate disks on the same host

    If there was anybody that came across this thread looking for an answer, well... I haven't found one for rsync, though I did find this neat little tool, JFileSync. It is really simple and easy to use and has a GUI.
  5. S

    rsync two directories on seperate disks on the same host

    Ok I've been trying to figure this one out, but I just can't get it right. What I need to do is sync two directories on two different disks on one computer. I'm running Cygwin on my Windows machine so I do have rsync installed. For example, I have a "Ripped CDs" directory on D:\ and X:\...
  6. S

    AutoPlay not working right...

  7. S

    Endian IDS

    IIS is Microsoft's web server, "Internet Information Services" if you don't have IIS up and running, don't worry about it
  8. S

    Endian IDS

    basically, what's happening in double decode is an exploitation of URL canonicalization. from Wikipedia: Now, onto the question of whether or not you should worry... Well, do you even run IIS web server? and do you have all patches applied to IIS?
  9. S

    Endian IDS

    taken from Snort docs "README.http_inspect" * double_decode [yes/no] * The double_decode option is once again IIS specific and emulates IIS functionality. How this works is that IIS does two passes through the request URI, doing decodes in each one. In the first pass, it seems that all...
  10. S

    Server works internally, can resolve external DNS, but cant ping or get to pages?

    Firewall rules. Chances are, how you "get into" the network, there are rules that allow you only that way... and the firewall is blocking direct external traffic going to your server.
  11. S

    Best SSH Practices?

    then /etc/hosts.allow and /etc/hosts.deny
  12. S

    Security-wise, is it okay to have a file server and router in the same box?

    alright, if you're defending against bots, then fine.. I'll give you that. Though, you can easily mitigate SSH bot attacks by PermitRootLogin = no, and iptables rule sets
  13. S

    Security-wise, is it okay to have a file server and router in the same box?

    lol, no it doesn't. I would try and separate the two as much as possible. Your router gets pwned, your files do too
  14. S

    What proxy are you running 500+ users?

    Squid or Blue Coat
Top