Security Basics mailing list archives
RE: rogue IP address
From: "Chris Berry" <compjma () hotmail com>
Date: Fri, 02 May 2003 18:14:47 -0700
From: "Burton M. Strauss III" <BStrauss () acm org> Try using tcpdump to see if you can sniff the packet streams and run something like strings on it. It may give you login names etc. that you recognize. tcpdump -w x.raw -c50 strings x.raw | grep USER strings x.raw | grep PASS (Since people use their mail address for anonymous ftp)
Hey, that's pretty clever, I like that idea. You'll probably end up have to go with one of the more brute force methods like switching things off till you isolate it though.
Chris Berry compjma () hotmail com Systems Administrator JM Associates"This email is ROT26 encrypted, by reading it you are in violation of the DMCA, and should turn yourself in to the authorities immediately."
_________________________________________________________________Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
---------------------------------------------------------------------------FastTrain has your solution for a great CISSP Boot Camp. The industry's most recognized corporate security certification track, provides a comprehensive prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization of pertinent security tools. For a limited time you can enter for a chance to win one of the latest technological innovations, the SEGWAY HT. Log onto http://www.securityfocus.com/FastTrain-security-basics ----------------------------------------------------------------------------
Current thread:
- RE: rogue IP address, (continued)
- RE: rogue IP address David Gillett (May 02)
- RE: rogue IP address Anthony (May 05)
- RE: rogue IP address Wilcox, Stephen (May 02)
- Re: rogue IP address Chris Berry (May 02)
- RE: rogue IP address Jose Guevarra (May 02)
- Re: rogue IP address Benjamin A. Okopnik (May 05)
- Re: Rogue IP Address Alaric Darconville (May 02)
- RE: Rogue IP Address Jimmy Sansi (May 05)
- RE: Rogue IP Address Jose Guevarra (May 05)
- RE: rogue IP address Fields, James (May 05)
- RE: rogue IP address Chris Berry (May 05)
- Re: rogue IP address Erik ! (May 06)
- RE: rogue IP address Burton M. Strauss III (May 07)
- RE: rogue IP address Trevor Cushen (May 07)