Security Basics mailing list archives
Re: Looking for IP Address logging / monitor Application
From: blaze spinnaker <blazespinnaker () gmail com>
Date: Wed, 3 Feb 2010 00:06:21 -0800
I want to be able to view traffic by good and bad ip addresses. Kind of like link logger or wallwatcher, but something much more straightforward and simple. Basically, I have a set of IP addresses which are OK to send UDP or TCP packets from my network. If there is any outgoing traffic to an IP address that is not in the OK list then I want to flag and show it and be given the opportunity to put it in the good list. "Like a firewall? Or ACL? Other than that, if you get compromised/infected in the future, you may be missing half the picture if you focus your investigation only on the "bad" IPs. " I have firewalls/routers, virus detection, etc. I agree, if I get compromised then there are other steps I want to take. However, it seems to me, the only real way to be assured that I compromised is to make sure outgoing traffic from my network is only going to 'good' ip addresses, even then of course you can't be sure. Of course, if I get hit by a zero day root kit virus which is staged from my banking website, what can I really do? What can anyone do? On Tue, Feb 2, 2010 at 2:31 AM, Malick Sy <sy_malick () hotmail com> wrote:
Sorry but your requirement is not clear? What is good IP in your view? And why would you spend time creating a list of such characteristics. What exactly are you trying to do? Are you trying to sniff the network? And run a program to analyse the saved captures for certain IP ranges? Apologies if this isn't very helpful, but your requirements aren't clear. Say exactly what you want to do, and someone might point you in the right direction. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of blaze spinnaker Sent: 01 February 2010 07:26 To: security-basics () securityfocus com Subject: Looking for IP Address logging / monitor Application I posted this on PenTest but realize now that it's probably more appropriate for this list. Pretty specific needs .. just want something that will show a list of good and bad IP addresses that are churning through my windows computer. Good ip addresses are addresses I've set to be good and bad ip addresses are ip addreses I either have yet to set as good or I've set as bad. Prefer something I don't have to have a seperate pcap program for, but is all in one. So, imagine an app with two tables. one table on top with the bad ip addresses and one table on the bottom with the good ip addresses, and the ability to click to make the system remember in the future which table to put the ip address in. Should do host name lookups as well. Anyone know of such a thing? Open source would be ideal! Cheers, Blaze. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727 d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Looking for IP Address logging / monitor Application blaze spinnaker (Feb 01)
- RE: Looking for IP Address logging / monitor Application Nick Vaernhoej (Feb 02)
- RE: Looking for IP Address logging / monitor Application Malick Sy (Feb 02)
- Re: Looking for IP Address logging / monitor Application blaze spinnaker (Feb 04)
- RE: Looking for IP Address logging / monitor Application Malick Sy (Feb 04)
- Re: Looking for IP Address logging / monitor Application blaze spinnaker (Feb 04)
- Re: Looking for IP Address logging / monitor Application Kurt Buff (Feb 05)