LanGuard Problem

["Louie" <tech.louie () verizon net>]

I have a quick question about the
LanGuard. I download the free trial and
installed into a w2k box. I tried to run
a scan on a win98 box on the same
network at home. I have a linksys router
that shares Internet connection to both
computers. Well I get this message that
it can't locate the computer. On both
machines I have zone alarm. I disable it
when I ran the machine. I also tried to
scan outside the network to a sister
house but not lucky. So is there a
problem on having a linksys router or is
there a setting I have to do for the
LanGuard?


Louie

-----Original Message-----
From: Geoffrey Shorter
[mailto:geoffreyshorter () hotmail com]
Sent: Wednesday, May 21, 2003 9:13 AM
To: security-basics () securityfocus com
Subject: Re: What files to watch??

In-Reply-To:
<Law15-F100zGNsokLQ800000f5e () hotmail com
>

Chris:



I'd be most interested in a copy of your
scanner, as you have generously

offered in your post.



Also, there is a free tool for Windows,
GFI LANguard System Integrity

Monitor:
http://www.gfi.com/lansim/index.html



We set up the Integrity Monitor on a
workstation and a test server. It

stopped working on the workstation for
some reason (a workstation that had

a server security template applied to it
by an overzealous admin, oops!),

but continues to feed reports from the
server.



So, it's worth testing, I think.



Thanks.



geof

OCPDBA, MCSD, MCSE+I, MCDBA, MCPSB

Server Group Manager

geoffreyshorter () hotmail com









> From: "Chris Berry"
<compjma () hotmail com>

> Subject: What files to watch??

> I'm trying to upgrade our security
setup, and one of the things we didn't

> have was an integrity scanner (like
tripwire).  I looked around and

couldn't

> find anything free since we're using
windows (well there was a product

> called languardian, but they looked
pretty commercial, and I have no

budget

> now or later).  Lacking funds and a GPL
alternative, I went ahead a wrote

a

> scanner using perl and the Digest::Md5
module.  I've got the system

working

> and have set it up to run nightly,
everything seems to be working fine.

My

> problem is that it's generating WAY too
much information, and I don't

have

> time to wade through the logs every day
trying to see if there is

something

> significant in there.  I've cut down
some of the chatter by telling it to

> ignore certain files and directories
that change alot, but I'm not sure

how

> to proceed from here.  Anyone have a
good idea on how to get it to

produce

> more useable detections?  By the way,
if anyone wants a copy, I'd be

happy

> to give them one, I'm releasing it GPL,
but be warned it's only alpha

> quality at the moment (though I haven't
had any trouble with it).

>

> Chris Berry

> compjma () hotmail com

> Systems Administrator

> JM Associates


----------------------------------------
-----------------------------------
Thinking About Security Training? You
Can't Afford Not To!

Vigilar's industry leading curriculum
includes:  Security +, Check Point,
Hacking & Assessment, Cisco Security,
Wireless Security & more! Register Now!
--UP TO 30% off classes in select
cities--
http://www.securityfocus.com/Vigilar-sec
urity-basics
----------------------------------------
------------------------------------


---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point, 
Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now!
--UP TO 30% off classes in select cities-- 
http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------