| TheTAZZone.com |
| TheTAZZone.com website is the Information Arm of the TAZ Zones. . |
| TAZForum |
| TAZForum is a Community run by a Membership Committee of Administrators/Mods/ and regular members. A very relaxed atmosphere, feel free to lounge, relax, and enjoy yourself. |
| TheTAZZone.net |
| A full links page, and the latest posts. |
| The Security Zone |
| The newest installation to TheTAZZone is a no-nonsense forum for security enthusiasts and professionals. |
| TheTAZZone.org |
| Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Duis ligula lorem, consequat eget, tristique nec, auctor quis, purus. Vivamus ut sem. Fusce aliquam nunc vitae purus. |
| The Sports Emporium |
| Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Duis ligula lorem, consequat eget, tristique nec, auctor quis, purus. Vivamus ut sem. Fusce aliquam nunc vitae purus. |
|
| American Pie' actress of threatening sex abuse of dog |
| Sunday, December 17, 2006 |
Charges dropped against 'American Pie' actress of threatening sex abuse of dog
NEW YORK (AP) - "American Pie" star Natasha Lyonne, arrested after threatening to sexually abuse a neighbour's dog, left court a free woman Friday after a judge promised to dismiss the charges against her.
Manhattan Criminal Court Judge Anthony Ferrara said because Lyonne successfully completed a court-ordered drug program and paid US$2,000 restitution, he was sentencing her to a conditional discharge.
Assistant district attorney Remy Taborga confirmed Lyonne had met the conditions set by the court. The prosecutor recommended the conditional discharge, which means if Lyonne is not arrested within the next six months, the charges will be dismissed.
TAZ Forum :: A Computer, Gaming, and Social Network Community of Friends :: View topic - American Pie' actress of threatening sex abuse of dog |
posted by Security News Media @ 6:01 AM  |
|
|
|
| identifying the assets and their values |
| Monday, December 04, 2006 |
Hi
Apart from identifying the assets and their values,
the starting point for such a risk assessment is
what we call the threat agent: hurricanes, floods, fire,
virus, intruder, ..., (spammer, employee, ...)
Then, vulnerabilities for each threat agent are defined,
like thatched roof, lack of antivirus software, lack of entry-control, ...
As a result, you may define threats, like uncontrollable fire,
virus infection, stolen devices or 'secrets', ...
Then you continue with probabilities, impacts, countermeasures, ...
as you know it.
One source of confusion I have seen is the "difference"
between threat agents and threats. Often, these are
used as synonyms, which leads to confusion. At least from a
computer security perspective, a threat agents exploits a
vulnerability to realise a threat.
Good luck 
Cheers
by sec_ware
TAZ Forum :: A Computer, Gaming, and Social Network Community of Friends :: View topic - identifying the assets and their values |
| posted by Security News Media @ 3:15 PM |
|
|
|
| TCP, UDP, NAT, PAT and Port Redirection as the PIX sees it |
| Sunday, December 03, 2006 |
In part four I will cover how the PIX handles TCP and UDP protocols, how static and dynamic translations work, how TCP interception features work and how to configure Dynamic NAT’s, Static NAT’s across one interface and multiple interfaces.
Almost the entire world uses Internet Protocol (IP) to communicate between computers, networks etc. An IP connection between two devices is known as a session. A session predominately uses one of two protocols, TCP or UDP.
From a PIX point of view TCP is very easy to inspect as a TCP ‘packet’ follows a very strict and well defined set of rules and has a very obvious start point and end point, and also makes it very clear what protocol the payload consists of.
UDP on the other hand is a very difficult protocol to inspect for the PIX as it has no clear beginning, flow state, payload information or end.
*The definition of Outbound and Inbound traffic differs from the normal definition as far as the PIX is concerned. When dealing with a PIX Inbound traffic is deemed to be traffic coming from a less secure interface to a more secure one (one with a lower security level to one with a higher level) and Outbound traffic is deemed to be traffic flowing from a more trusted interface to a less trusted one. Usually this will be INSDIE to OUTSIDE but this may not always be the case*
TAZ Forum :: A Computer, Gaming, and Social Network Community of Friends :: View topic - TCP, UDP, NAT, PAT and Port Redirection as the PIX sees it |
| posted by Security News Media @ 12:44 PM |
|
|
|
| Slightly Advanced PIX Configuration |
|
"If you have read part two you will know we have configured the PIX for basic operation; we have gave it a name, assigned IP addresses, speed/duplex setting and gave security levels to the interfaces. We configured NAT from the INSIDE to the OUTSIDE interfaces.
So now anything attached to the INSIDE interface will be allowed to send traffic to the internet and will pick up and external IP address when doing so.
Due to the security levels in place any traffic that comes to the OUTSIDE interface will be denied unless it is a return packet from an already existing connection that was initiated from a host on the INSDIE network. So although we are only using about 10% of the functionality of the PIX, it is still doing its job and protecting our INSIDE network with a very minimal configuration.
Before we moved on to a few advanced configuration commands, I will first cover a few things that can make our job easier when we come to configure the PIX and how to view information about our configuration. It is easy to get confused when using the command line when it comes to things like setting up VPN’s, upgrading firmware etc, so the following our commands we can use to simplify these tasks.
"
TAZ Forum :: A Computer, Gaming, and Social Network Community of Friends :: View topic - Slightly Advanced PIX Configuration |
| posted by Security News Media @ 12:42 PM |
|
|
|
| PIX - Object Grouping for quick and easy ACL's. |
|
It is recommended to read Access Control Lists and Content Filtering before reading this: http://tazforum.thetazzone.com/viewtopic.php?t=3848
When configuring access and rules for the PIX, if you have a lot of servers, protocols, ICMP filtering and networks that you need to configure access lists for, pretty soon creating individual ACL’s will become a very complicated thing; for this reason Cisco have created the Object Group feature.
Object Grouping is supported by version 6.2 and later of the PIX Operating System.
Object grouping allows you to group together the following:
Network – to group hosts and subnets
Protocol – to group IP protocols such as TCP, UDP etc
Service – to group port numbers, hence services
ICMP-type – to group ICMP types
After creating a group, you can apply an access list to everything that is in the group.
TAZ Forum :: A Computer, Gaming, and Social Network Community of Friends :: View topic - PIX - Object Grouping for quick and easy ACL's. |
| posted by Security News Media @ 12:41 PM |
|
|
|
| Basic PIX configuration |
|
Notice ‘pixfirewall’ now becomes ‘London’. Usually the firewall may be named after its geographic location, the service/project it is protecting etc. I look at it in such a way that if you have 3 different telnet sessions open to three different PIX’s you will always know exactly what you are configuring.
The hostname can be up to 63 alphanumeric characters in either uppercase of lowercase and defaults to ‘pixfirewall’ out of the box or when the ‘wr erase’ command is used followed by a reload.
Interface:
The interface command differs per PIX operating system, in version 7 it acts much like a Cisco router and drops you in to the ‘config-if’ sub context. On version 6.3 and earlier the prompt will not change and the command should be issued all on the one line. For this paper we are using version 7
The Interface or ‘int’ for short is the configuration command we use to allow us to alter the configuration of the PIX interfaces. We can assign it an IP address, subnet mask etc from this sub context.
TAZ Forum :: A Computer, Gaming, and Social Network Community of Friends :: View topic - Basic PIX configuration |
| posted by Security News Media @ 12:38 PM |
|
|
|
|
|
