| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11
Comments:
<0> no
<1> cool just wondering..
<2> welshiD: but you and cocola (my boss) should talk :) he has quite peculiar ideas about the whole security business (and i agree with him mostly on them)
<1> eh i chat to anyone :)
<1> describe peculiar?
<3> hi room
<1> hehe i'm curious..
<3> Cancel
<4> hmm *is* there such an animal as gpg keyserver software?
<3> is it possible to have a wireless network, using one router as WAP, and having a second one as a bridge to boost the signal further at a second location, picking up the wireless signal from the first one
<1> Isaac-Lew you can set your own "private" keyserver up..
<2> welshiD: umm.. like that those all technical or all "management" organisations are crap, that most infosec consultants seem to forget what its all about (protecting data == protecting the business), and a lot more of these
<1> i'll try and dig up some docs..
<1> hell yeah
<4> welshiD: that's what I want to do here
<4> brb
<3> anyone?
<1> Isaac-Lew : http://lists.kjsl.com/pipermail/pgp-keyserver-folk/2003-June/001354.html
<1> thats one..
<4> back
<1> Isaac-Lew :- i mean the one way to do it, is to just get everyone to have a m***ive key signing party ;)
<1> (which can be fun .. )
<2> a clusterfu^H^Hsigning party
<4> lol
<1> yeah it's a bitch i know..
<2> Isaac-Lew: oh, and make sure you properly secure your server. there is nothing more annoying than to see that you and everybody else trusts the h4x0r because he added himself to every chain
<4> it will only be for internal use
<1> i mean if your real anal.. you can gpg your sshkeys..
<4> nah
<4> not yet, anyway
<1> which should be a good practise.. but now that many ppl do that..
<1> *sleepy*
<2> yeah. time to hit the sack
<1> keep using python syntax in c code..
<1> *you can tell how sleepy i am heh
<2> heh
<1> do you rate snort much?
<1> say snort with bleeding edge ruleset..?
<2> a lot less than i used to
<1> heh
<2> btw, take a look at prelude-ids
<1> yeah
<2> i rather like that concept
<1> i looked at bro ids aswell..
<2> ive also looked at argus as an ids, but that seems to be too involved
<2> (anomaly based)
<1> meh..
<1> dunno not lost faith in ids/ips..
<2> you should be able to combine them.
<2> welshiD: well, it is only part of the solution
<1> looks nice :)
<2> like a firewall isnt just the box, its the whole infrastructure
<2> what? argus?
<2> or prelude?
<1> prelude.. heard of it just hadn't played with it, didn't know the full features..
<1> centralised syslog..
<2> its pretty nice. the management interface is lacking a bit and the developers dont see the need for binary packages
<1> hehehe thats all cool..
<1> for what it is.. hell it's sweet..
<2> yeah
<2> #prelude on freenode :D
<3> is it possible to have a wireless network, using one router as WAP, and having a second one as a bridge to boost the signal further at a second location, picking up the wireless signal from the first one
<2> if you go there, give yoann my regards :D
<1> yeah thats nice..
<1> can't wait to get my grubby mits on that..
<1> oh nice python support.. :)
<2> heh
<1> sweet.. made my day on that one..
<2> the way they use others to do their work for them kicks ***
<1> yep totally..
<2> "snort? we use it as a sensor. same as with tripwire. and whatever you want"
<1> hell yeah..
<1> could make things a lil more difficult..
<1> sure ppl can find a way round it at some point.. i wouldn't mind trying..
<2> they use IDMEF as the reporting output
<3> is it possible to have a wireless network, using one router as WAP, and having a second one as a bridge to boost the signal further at a second location, picking up the wireless signal from the first one
<1> guess the whole point is you don't really know what *could* be a sensor..
<1> yeah
<2> welshiD: true. which is why you register a sensor at the manager. and you have to acknowledge the registering process from both the sensor and the manager.
<1> makes life alot more difficult..
<2> but yeah, i gues syou could probably spoof some things.
<1> nah i was wondering more about not been detected..
<2> it also uses caching. which is really nice. and you can cascade managers
<2> welshiD: well, the thing is, your sensor is as strong as the software you use on it. which is why its a good idea to correlate the events. and use as many sources as possible
<1> yep..
<1> like i said.. would make life alot more difficult..
<2> yeah.
<1> :(
<2> it also groups events by type, so flooding is a bit more difficult
<1> gonna build up a vmware playground and play with it..
<2> welshiD: they dont have good marketing, so i wouldnt worry about it
<2> heh
<1> heh
<1> naa i'm just interested in it..
<1> *curious
<5> can i ask a question about linux here ?
<2> welshiD: they can even use bro :D
<1> yepper i saw that one..
<1> i liked the look of the plugging into cisco vpn concentrator, stuff like that..
<2> and nessus. although the perl script to do that is broken
<2> yeah
<2> afaik, you can use the logparser for that.
<1> then just plugging into snort, nagios, bro and honeyd.. alongside with writing your own sensors..
<2> yeah.
<1> yeppers and with the log parsing..
<2> if you can use it with something like apparmour it would even be nicer
<2> http://en.opensuse.org/AppArmor
<1> means if i'm gonna hit up with a h.o and knock down the svc your gonna see it via nagios, via the logs etc..
<2> yes. and with apparmour youll see the process using weird system calls as well. and so on
<1> i wary of things that protect against "0day attacks"
<2> this is a profiler. should be fairly safe
<2> " AppArmor security policies, called "profiles", completely define what system resources individual applications can access, and with what privileges."
<1> yeppers :)
<2> well, its more of a "last desperate measure"
<1> yeppers..
<2> those things shouldnt be your only defense, which is where a lot of people go wrong i think
<1> yep..
<6> how do i make the xterm history unlimited? currently it only shows as many lines fit on the window.
<1> i rely on the fact ppl shouldn't need to hack my box..
<1> only ones that are gonna hit me are s.k.'s
<4> lonetron: history|less
<2> like the ISS preventia, or blink from eeye. very nice tools, but it shouldnt be your only protection. whatever the box claims
<1> and there is nothing on this box :)
<1> (totally sandboxed..)
<6> well what terminal app has a damn history
<1> well unless someones gonna crack my gpg keys anywah..
<4> lonetron: what are you trying to do?
<1> well Timmeh i gotta sleep man i'm real tired :)
<2> welshiD: i mostly dont worry about this. what you will get is a linux system, secured in the obvious ways, an empty home directory and an encrypted usb disk that is only accessed when i need to write something to or from it
<2> heh
<2> later
<2> im going as well
<1> :)
<1> have a nice one :) catcha tomorrow ;)
<7> On Windows Server log entries are written to the log files every 20KB, is it possible to define, say, a 1MB buffer for logging on Linux to avoid continuous hard drive activity?
<3> is it possible to have a wireless network, using one router as WAP, and having a second one as a bridge to boost the signal further at a second location, picking up the wireless signal from the first one
<7> LinksysTrouble: If you're using a Linksys router, which I ***ume you are, then yes.
<7> What model(s) are they?
<3> Martyo: linksys wrt54gs
<3> both of them
<4> strictly speaking, that's not a linux problem
<8> seagirll_.. spammer
<3> Martyo: so i will use the second router, to pick up the signal from the first, and boost it for the users next to the second router
<7> LinksysTrouble: I think http://openwrt.org/ has the functionality you need........and the routers use Linux ;)
<9> hello
<9> how do i addusers in fedora core?
<7> mescaline[a]: adduser <username>
<7> I think
<9> nope
Return to
#linux
or
Go to some related
logs:
#kl
#india
#india
Kabhir Quotes
malay gurl
zengimcell
#allnitecafe
southpark dreidel.mp3
#chat-world
#php
|
|