[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    RE: Re[2]: frame relay...
From:       sethw () hqasc ! army ! mil
Date:       1999-11-24 19:40:15
[Download RAW message or body]

Personally, I would vote for books.  Good source material is hard to find
among all the available sources.  If you have read a good book, that answers
my question, I would rather have the book than your 5 min interpretation of
it.

Reminds me of the parable, "give a man a loaf of bread, feed him for a day,
teach him how to raise corn, feed him for life."  "Answer my immediate
question, get me through the day.  Give me a book, enhance my knowledge of
the subject."



> ----------
> From:
> Pete_Goodridge@abtassoc.com[SMTP:Pete_Goodridge@abtassoc.com]
> Sent: 	Wednesday, November 24, 1999 5:41 AM
> To: 	firewalls@Lists.GNAC.NET; Marc Renner
> Subject: 	Re[2]: frame relay...
> 
>      Gee,  I guess there was no information there whatsoever.  I just told
> 
>      him of one type of attack I was aware of, and sourced the
> information, 
>      so he could look at it if he wants, and make his own decision.  No 
>      information there at all.
>      
>      As far as mentioning a book,  I don't see the problem in mentioning 
>      books.  Are you claiming that books are not information?  Would my
> post 
>      have been better if I didn't mention the book, and took credit
> knowing 
>      this myself?  Along the same lines, how many of the post to this list
> 
>      reference URLs.  Is it Ok, because it's electronic?  Should I go burn
> 
>      all my books?
>      
>      THX,
>      Pete Goodridge
>      
>      
> ______________________________ Reply Separator
> _________________________________
> Subject: Re: frame relay...
> Author:  "Marc Renner" <mrenner@ci.marysville.wa.us> at internet 
> Date:    11/23/1999 1:23 PM
>      
>      
> *laugh*
>      
>      Paraphrasing from Mastering Network Security by Chris Brenton page 
>      125, it can be broken into if:
>      
>      Someone is connected to the CO and switch, and they know your DLCI.
>      
>      The book goes into it a little more.
>      
>      THX,
>      Pete Goodridge
>      
> So what you're telling this person is to go buy a book? If this is all we
> are 
> going to tell people who traffic this mailing list for help, we undermine
> the 
> very purpose of it's existence - INFORMATION. I would suggest that if you
> do not
> have anything of value to post, please refrain..we all have enough SPAM to
> deal 
> with day-to-day.
>      
> Ron: In response to your original question, about 99.98% of internet
> traffic is 
> at some point "frame-relay". As a result the majority of "Hacked" or 
> "compromised" systems are done using a frame relay circuit at some point
> between
> the criminal and the victim. This does not need to be done using a
> "sniffer". 
> Typically it's done by port scanning, with a utility that scans an IP
> address or
> range of IP addresses for open or active ports. Once the active ports are
> noted 
> a hacker will then trying to brute-force their way into the system by
> using 
> pregenerated login/password lists and a program that will keep hammering
> the 
> system with different combinations of logins/passwords untill it finds one
> that 
> works.
>      
> Packet sniffing attacks are relatively rare, one must have access to your
> cable 
> structure in order to grab your packets. OR as Mr. Brenton points out
> access to 
> your telephone company's cable structure.
>      
>  All these reports of web sites being hacked and "Stolen" are done by
> poorly
> written cgi scripts that allow command line executions (earlier versions
> of 
> Apache Web Server were notorious for allowing these cgi scripts by
> default)
>      
> I hope this helps clear things up...
>      
> Marc Renner - Director
> Network Operations Dept.
> City of Marysville, Wa.
>      
> ++Don't get MAD....Get NDS!++
>      
>      
> -
> [To unsubscribe, send mail to majordomo@lists.gnac.net with 
> "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to majordomo@lists.gnac.net with
> "unsubscribe firewalls" in the body of the message.]
> 
-
[To unsubscribe, send mail to majordomo@lists.gnac.net with
"unsubscribe firewalls" in the body of the message.]

[prev in list] [next in list] [prev in thread] [next in thread]