Security Basics mailing list archives
LanGuard Problem
From: "Louie" <tech.louie () verizon net>
Date: Thu, 22 May 2003 09:51:54 -0700
I have a quick question about the LanGuard. I download the free trial and installed into a w2k box. I tried to run a scan on a win98 box on the same network at home. I have a linksys router that shares Internet connection to both computers. Well I get this message that it can't locate the computer. On both machines I have zone alarm. I disable it when I ran the machine. I also tried to scan outside the network to a sister house but not lucky. So is there a problem on having a linksys router or is there a setting I have to do for the LanGuard? Louie -----Original Message----- From: Geoffrey Shorter [mailto:geoffreyshorter () hotmail com] Sent: Wednesday, May 21, 2003 9:13 AM To: security-basics () securityfocus com Subject: Re: What files to watch?? In-Reply-To: <Law15-F100zGNsokLQ800000f5e () hotmail com
Chris: I'd be most interested in a copy of your scanner, as you have generously offered in your post. Also, there is a free tool for Windows, GFI LANguard System Integrity Monitor: http://www.gfi.com/lansim/index.html We set up the Integrity Monitor on a workstation and a test server. It stopped working on the workstation for some reason (a workstation that had a server security template applied to it by an overzealous admin, oops!), but continues to feed reports from the server. So, it's worth testing, I think. Thanks. geof OCPDBA, MCSD, MCSE+I, MCDBA, MCPSB Server Group Manager geoffreyshorter () hotmail com
From: "Chris Berry"
<compjma () hotmail com>
Subject: What files to watch??
I'm trying to upgrade our security
setup, and one of the things we didn't
have was an integrity scanner (like
tripwire). I looked around and couldn't
find anything free since we're using
windows (well there was a product
called languardian, but they looked
pretty commercial, and I have no budget
now or later). Lacking funds and a GPL
alternative, I went ahead a wrote a
scanner using perl and the Digest::Md5
module. I've got the system working
and have set it up to run nightly,
everything seems to be working fine. My
problem is that it's generating WAY too
much information, and I don't have
time to wade through the logs every day
trying to see if there is something
significant in there. I've cut down
some of the chatter by telling it to
ignore certain files and directories
that change alot, but I'm not sure how
to proceed from here. Anyone have a
good idea on how to get it to produce
more useable detections? By the way,
if anyone wants a copy, I'd be happy
to give them one, I'm releasing it GPL,
but be warned it's only alpha
quality at the moment (though I haven't
had any trouble with it).
Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates
---------------------------------------- ----------------------------------- Thinking About Security Training? You Can't Afford Not To! Vigilar's industry leading curriculum includes: Security +, Check Point, Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now! --UP TO 30% off classes in select cities-- http://www.securityfocus.com/Vigilar-sec urity-basics ---------------------------------------- ------------------------------------ --------------------------------------------------------------------------- Thinking About Security Training? You Can't Afford Not To! Vigilar's industry leading curriculum includes: Security +, Check Point, Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now! --UP TO 30% off classes in select cities-- http://www.securityfocus.com/Vigilar-security-basics ----------------------------------------------------------------------------
Current thread:
- What files to watch?? Chris Berry (May 21)
- Re: What files to watch?? Drew Flickema (May 22)
- RE: What files to watch?? Jeffrey Rivero (May 22)
- lan statistic tool Dejan (May 23)
- Re: lan statistic tool Daniel Cid (May 26)
- lan statistic tool Dejan (May 23)
- <Possible follow-ups>
- Re: What files to watch?? Geoffrey Shorter (May 22)
- LanGuard Problem Louie (May 23)
- Re: What files to watch?? H Carvey (May 22)
- RE: What files to watch?? Chris Berry (May 23)
- Re: What files to watch?? Chris Berry (May 23)