Re: ping Purl Gurl? Beginner Level Perl

Peter Moylan wrote:

Purl Gurl wrote:

(snipped)

Peter, if you would enjoy running some tests on your server, remotely, this site is excellent,

http://member.dnsstuff.com/pages/dnsreport.php

You can run security tests on your server or system here, this includes you readers and your home systems,

http://www.grc.com/intro.htm

Click on "Shields Up" next page find "Hot Spots" and again click on "Shields Up" for testing.

Thanks for the pointers. The dnsstuff site reported one problem that I
knew about - both nameservers located at the same address - and one that
I'd forgotten: mail to "abuse" not being accepted. I fixed the latter
problem immediately. I still need to do something about setting up
backup nameservers.


This is an excellent _free_ secondary DNS server,

http://www.twisted4life.com/index.php

Been using them for years. I selected this free service
simply for their name, "twisted for life" which well fits
my personality. Theirs is a very dependable service, for free.


The "Shields Up" is testing mostly for security holes that are
deliberately created by Microsoft. It therefore reported that I had
"surprisingly" good security. (Though they did report that some virus
seems to have opened up my port 25 to send out spam. That's not a virus,


We "fail" this test for these open ports,

25 - email
53 - dns
80 - http web server
110 - pop email server

All other ports are "stealth" status, as if those ports do not exist.


The e-mail vulnerability testing you mentioned in another post is not a
worry for me. Since I wrote my own e-mail server, my users around the
world are quick to let me know of new tricks the spammers are dreaming
up. Just a couple of weeks ago I had to develop an urgent update for a
new variant of denial-of-service attacks, the sort of problem where the
attacker attempts to saturate your network capacity by making a large
number of connections per second. The solution is now in place, but no
doubt there will be something new very soon. In the ongoing war between
spammers and their victims, the spammers can be really inventive in
finding new ways to get around your defences.


Current estimates are ninety-five percent of email is spam. We are hit
an average of once per minute, around the clock. The top two worst
offending countries for origin of spam, United Kingdom and Germany.
Both countries are technology Neandertals. Personally, I would have
both countries completely disconnected from the internet.

Least offensive country is America; we have laws on this.

Only worthy DoS attack we enjoyed is this one of which I recently
wrote, coming out of Sweden. This one was a slow DoS attack designed
simply to annoy me, by a member of the Perl Community. This was an
attack on our DNS server, averaging five-thousand hits per day.

For security, I run a commercial service remote hacker test against
our server once a week. We run a three tier security system, up front,
a Juniper firewall, then a router firewall, then local machine firewalls
backed up with McAfee security services. Of course I review our various
logs once a day for any hint of attempts. Any attempt discovered is
promptly reported to administration of the originating server, with
a note the attempt is reported to Homeland Security as possibly being
related to Islamic Terrorists.

Best defense for readers who are casual internet users to keep your
systems updated with the latest system patches. I have our systems
configured to check for patches once a day with automatic installation.

--
Purl Gurl
--
So many are stumped by what slips right off the top of my mind
like a man's bad fitting hairpiece.
.

Relevant Pages

  • [UNIX] DoS Attack Against FreeRADIUS (Other RADIUS Servers Affected)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... to create a high-performance and highly configurable GPL'd RADIUS server. ... program with failed requests causing a denial of service attack. ... Access-Request to the RADIUS server, ...
    (Securiteam)
  • RE: [Owasp-dotnet] Re: (Asp.Net Full Trust Vulnerabilities) RE: Apache VS IIS Security model questio
    ... > b) Each client of the server (say, each department of a company, or each ... > c) Each website is placed into its own custom application pool ... password attack to all accounts. ... download the ANBS (Asp.Net Baseline Security) Open Source tool (that I ...
    (Pen-Test)
  • THANK YOU here are more details
    ... Microsoft Releases Fix for IE Phishing Exploit Security ... XP, Windows 2000, and Windows Server 2003 to address the ... which will prevent the Download.Ject attack. ...
    (microsoft.public.security)
  • RE: PHP and remote execution
    ... not been fix that allows execution of code on the hosting server. ... he installed a DoS client and initiated 2 DoS ... so this clued us in that it was a rather local attack. ... prospectus based upon the core principle concepts of security. ...
    (Security-Basics)
  • security-basics Digest of: get.123_145
    ... VPN to ASP a security risk? ... Re: Multiple IPSec tunnels? ... Subject: Security NT Server ... VPN to ASP a security risk? ...
    (Security-Basics)