Security Basics mailing list archives

RE : Need help from a group of experts. I am not a network expert but I play one on tv.

From: "Lambany, Frédéric" <lambany.frederic () lte ireq ca>
Date: Thu, 11 Sep 2003 11:53:16 -0400

Hi Randy,

1) You could enter the ip adress on this site: http://www.arin.net/  in the Search Whois area and then mail the proper 
ISP including logs of attacks. Remember there is a lot of script kiddies that scans full network ranges.

2) You cant figth back, because hacking is illegal ! 

3) Webmail is just a service, you should check for an anti-virus solution.

4) Sure there is a lot of tools for doing security check. Nmap http://www.nmap.org , Retina security scanner 
http://www.eeye.com (trial availaible) and few others. 


_________________________________________________________________
Frédéric Lambany


-----Original Message-----
From: Randy Opper [mailto:ropper () firstsecurityonline com] 
Sent: Wednesday, September 10, 2003 8:36 PM
To: security-basics () securityfocus com
Subject: Need help from a group of experts. I am not a network expert but I play one on tv. 


        I am an owner of a small business with less than 25 staff members. We 
do not have the budget to afford a tech person on staff. I am a power 
user that has taken over the task of trying to secure our T1 and I am 
unclear of how to handle a few issues.

1. Each day my Sonicwall firewall is hit buy at least 3 Sub Seven 
attacks. The firewall does say that they are blocked. I have converted 
my users to all use webmail with no attachment download to prevent pop3 
mail virus issues.
                ? How do you track down these attackers when the ip address will not 
resolve and when i trace them they just don't list. I get the ip from 
the firewall log and try to trace route to no avail.

                ? Does the webmail stop all issues of mail attacks?
                ? Does a program exist that would reverse hack or fight back against 
these attacks daily?
                ? Does a program exist that could test my network on the internet to 
see if the firewall is good enough or will someone tell me how I can 
try to trash it to test it.





Randy Opper
First Security
Almost A Network Admin


P.S. I also run Zone Alarm Pro at home, Does it work?



---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

Current thread:

RE : Need help from a group of experts. I am not a network expert but I play one on tv. Lambany, Frédéric (Sep 11)