Comments on: mirror Port

By: BourgeoisMachinery

BourgeoisMachinery — Mon, 26 Dec 2011 22:06:21 +0000

MAN!!! THOSE BLOCKHEADS DO NEVER STOP MAKING TROUBLE!!!

By: evnovascotia

evnovascotia — Mon, 17 Oct 2011 16:48:13 +0000

How the hell is everyone findinf this mirror portal?

By: HORSE CRAZY999

HORSE CRAZY999 — Sat, 08 Jan 2011 07:42:37 +0000

It sounds like you have made your self so paranoid that you have actually made yourself believe that you really are mental. It seems as if you were scared of being mental so thinking about it so much actually made you start talking to yourself and having weird dreams. Everybody has dreams of things that haven't happened yet sometimes. Its called de ja vu. And I think you are more so lonely then anything. Maybe you made these people up in your mind bc your so scared of mirrors that you feel like if you made them up then you will be safe from whatever these mirrors have that scare you so much. If you can get help facing your fears of mirrors then i think everything else will figure its self out. I think the dreams about mirrors will stop and you wont have to have imaginary friends anymore bc you wont need protected from anything anymore.

By: Andre Gironda

Andre Gironda — Mon, 08 Nov 2010 10:39:52 +0000

I still do network security, but I try not to tell anyone about it. Keep it on the down-low, ok?I really like how you brought the network security down to only the basics:1) Domain segmentation. Hell yes. Having a separate AD forest for servers and workstations is very important (the only servers in the workstation forest should be the ones that service the workstations, not the ones that service other “services” that are needed by the domain). Using separate AD forests for totally separate networks that fall under the auspices of SOX or PCI is also very smart — if only to reduce the scope of these network alone2) Router ACLs. Yes, these are great wins, especially if they are reflexive and work like stateful firewall rules (then what do you need a firewall for?). I have worked in many environments where router ACLs were used instead of firewalls and loved it3) IPSec. I'm iffy on this subject. IPSec, SSL VPN, and others all have different kinds of problems. I guess IPSec can be useful, but I'd rather use OpenVPN for my personal use, and even in small corporate environments. I guess confidentiality and authentication are important issues to address — and IPSec and/or SSL VPN does meet them. But it's very smart to make sure you're using the right products with the right configurations. It can be very tricky to get one or the other right4) VLANs. Wireless VLANs, pVLAN's, VACL's — oh man, I love LAN security… especially Cisco DAI and all of the various little configuration knobs. This stuff is totally for geeks, but it would be so much better with PKI and proper SSL/TLS. Let me blow both #3 and #4 out of the water by saying that I would prefer that everything be wrapped in SSL/TLS and then we don't need this stuff. Of course, SSL/TLS can have issues, but I think it's easier and doesn't require an uber-geekgod-expert in VPN or LAN security to implement correctly5) Firewalls, IPS, IDS, UTM, et al. This is where I start to say, “oh come on now, do you really need to spend $2M on this junk?”. It's so 1999. Come on — Palo Alto Networks, puh-lease. “Let's show the world how much firewalls suck — buy our firewall!”. I lost track of firewall technology before Netscreen came on the scene. This stuff was incredibly useful between 1996 and 2001, and then it stopped being as useful as anyone thought it was. SYN attacks, Smurf, TCP/UDP amplification attacks, Teardrop, Ping-of-death, etc — all of these attacks were software problems just like web application software weaknesses today. However, all of the old DoS/DDoS attacks worked against weaknesses in network stacks (which is software, by the way), so it made sense to block them at the network layer. Around 1998, SQL injection came on the scene and started to change things, and by 2001 XSS popped around to make phishing scams twice-as-nice for adversaries. Once these techniques caught on, brute-force authentication and zero-day server-side exploits with IDS evasion became boring in comparison. Oh, by the way, never bring up WAF's around me if you can help it. The rants will be tens-times-as-longAlso, Bluecoat seems to be a waste of money in many scenarios, although I do like the idea of proxies being used for these purposes even if I know plenty of ways around them (SSH through SSL with SOCKS? UDP/TCP hole punching, pivot bouncing, etc). Maybe a better choice would be Squid.Oh dood, and while IDS does have its uses even today (although maybe not quite as cool as it once was), I totally dig being able to drop some tcpdump or Ethereal action with either taps or mirror ports (i.e. {ER|R}SPAN). It's still kind of 2003 stuff though…

By: zmuppetz2

zmuppetz2 — Sun, 07 Nov 2010 07:45:22 +0000

inb4 niblets complaining about SMP

By: chubysnow

chubysnow — Sat, 06 Nov 2010 09:41:14 +0000

Lol

By: robertabebe

robertabebe — Thu, 04 Nov 2010 13:34:50 +0000

What are the principal weaknesses of WEP wireless encryption protocol?

WEP suffers from the following weakness:
• A shared key weakness –
• No per-packet authentication
• Vulnerability to disassociation attacks
• No user identification and authentication
• No central authentication, authorization, and accounting support
• RC4 is vulnerable to known plaintext attacks
• and others

http://www.sans.org
http://www.cert.org
http://www.gocsi.com
http://www.usenix.org
http://www.securityfocus.com
http://www.mcafee.com
Intrusion Detection
ICS
Mirror Mode
Mirroring”, which is a feature that allows you to configure the switch to redirect the traffic that occurs on some or all ports to a designated monitoring port on the switch. With this feature, you can monitor the entire LAN segment in switched network environment

Monitor switch traffic
• Mirror the way out port to the management port (mirror port), in this way the entire data transmitted into/out of LAN can be monitored.
• Mirror all way out ports to the management port (mirror port), in this way not only the entire data transmitted into/out of LAN but also the communication among hosts in LAN can be monitored.
Administrator.
Modify secure system policies
Update antivirus and firewall
Forcing password policies changing default password
Implementing Intrusion detection mechanism
Updating recent patches
Back up the sytem.

Human factors‘
Carelessness
Hacking
Social Engineering

IPv4 and IPV6
1.Simplified header format. IPv6 has a fixed length header, which does not include most of the options an IPv4 header can include. Even though the IPv6 header contains two 128 bit addresses (source and destination IP address) the whole header has a fixed length of 40 bytes only. This allows for faster processing.
Options are dealt with in extension headers, which are only inserted after the IPv6 header if needed. So for instance if a packet needs to be fragmented, the fragmentation header is inserted after the IPv6 header. The basic set of extension headers is defined in RFC 2460.
2.Address extended to 128 bits. This allows for hierarchical structure of the address space and provides enough addresses for almost every 'grain of sand' on the earth. Important for security and new services/devices that will need multiple IP addresses and/or permanent connectivity.
3.A lot of the new IPv6 functionality is built into ICMPv6 such as Neighbor Discovery, Autoconfiguration, Multicast Listener Discovery, Path MTU Discovery.
4.Enhanced Security and QoS Features

IEEE 802
wifi 802
RFC
NIST
NERC
ISO
IDS: Definition and purpose
What is?
detectSoftware and hardware accessing of computer systems
attacks, crackers, malware.
IDS cannot detect attacks.
Why is useful ???
Detect malicious behaviors compromise the security and trust of a
computer system. Network, data, host based and unauthorized attacks.
Malware
IDS Components
Components:
Sensors security events
Console monitor events
Engine records events
Firewalls and IDSs
IDS differs from a firewall.
Firewalls limit access. An IDS
evaluates a suspected intrusion
Active IDS is also commonly know as IPS, is a system that‘s configured to
automatically block suspected attacks in progress without any
intervention required by an operator.
Advantages :
IPS has the advantage of providing real-time corrective action in
response to an attack.
Disadvantages:
An IPS must be placed in-line along a network boundary; thus, the IPS
itself is susceptible to attack.
Also, if false alarms and legitimate traffic haven't been properly
identified and filtered, Authorized users and applications may be
improperly denied access also.
It can also be used to effect denial of service.
Denial-of-Service attack
– DoS attack is a malicious attempt by a single person or
a group of people to cause the victim, site, or node to
deny service to its customers.
• DoS vs DDoS
– DoS: when a single host attacks
– DDos: when multiple hosts attacks simultaneously

By: everyeskimo

everyeskimo — Tue, 02 Nov 2010 15:22:17 +0000

dear apple. this macbook pro kinda blows. i need a computer screen. not a mirror. and left ports for my right hand mouse? i'm just saying.

By: chronicmidori

chronicmidori — Tue, 12 Oct 2010 09:08:10 +0000

Have you ever read "Through the Looking Glass" by Lewis Carrol? That should take care of your obsession.

By: Seal

Seal — Sat, 09 Oct 2010 07:11:05 +0000

I used teleportation as a power…where you press on your main artery you can teleport any where you like (haha i know weird but i had to use it)

By: ladybug

ladybug — Mon, 04 Oct 2010 18:20:44 +0000

The header's got it all…… some fog (smoke?), reflections (mirror?), and a portal to “the other side.” And the path most traveled. All the key elements of “the journey.” The color's a nice addition too. Tres bon.

By: LightStreaks

LightStreaks — Sun, 26 Sep 2010 19:21:55 +0000

Мне понравилось видео YouTube — Mirror's Edge in Portal – Alpha Stage

By: schnauzerface

schnauzerface — Sat, 25 Sep 2010 01:56:26 +0000

More Photos Condition Value

Excellent
$875

Good
$725

Fair
$450
(Selected)

Search Local Listings
Sell Your Coupe
Vehicle Highlights
Mileage: 152,000
Engine: 6 Cylinder Gas
Transmission: Automatic
Drivetrain: FWD

Selected Equipment Change Equipment
Standard
Air Conditioning Power Steering AM/FM Stereo

Blue Book Private Party Value
Private Party Value is what a buyer can expect to pay when buying a used car from a private party. The Private Party Value assumes the vehicle is sold "As Is" and carries no warranty (other than the continuing factory warranty). The final sale price may vary depending on the vehicle's actual condition and local market conditions. This value may also be used to derive Fair Market Value for insurance and vehicle donation purposes.
Vehicle Condition Ratings Check Vehicle Title History Excellent
$875

"Excellent" condition means that the vehicle looks new, is in excellent mechanical condition and needs no reconditioning. This vehicle has never had any paint or body work and is free of rust. The vehicle has a clean title history and will pass a smog and safety inspection. The engine compartment is clean, with no fluid leaks and is free of any wear or visible defects. The vehicle also has complete and verifiable service records. Less than 5% of all used vehicles fall into this category.
Good
$725

"Good" condition means that the vehicle is free of any major defects. This vehicle has a clean title history, the paint, body and interior have only minor (if any) blemishes, and there are no major mechanical problems. There should be little or no rust on this vehicle. The tires match and have substantial tread wear left. A "good" vehicle will need some reconditioning to be sold at retail. Most consumer owned vehicles fall into this category.
Fair
$450

"Fair" condition means that the vehicle has some mechanical or cosmetic defects and needs servicing but is still in reasonable running condition. This vehicle has a clean title history, the paint, body and/or interior need work performed by a professional. The tires may need to be replaced. There may be some repairable rust damage.
Poor
N/A

"Poor" condition means that the vehicle has severe mechanical and/or cosmetic defects and is in poor running condition. The vehicle may have problems that cannot be readily fixed such as a damaged frame or a rusted-through body. A vehicle with a branded title (salvage, flood, etc.) or unsubstantiated mileage is considered "poor." A vehicle in poor condition may require an independent appraisal to determine its value. Kelley Blue Book does not attempt to report a value on a "poor" vehicle because the value of cars in this category varies greatly.
* New Jersey 10/24/2006

By: matjam

matjam — Sat, 11 Sep 2010 01:37:43 +0000

ntop works well as a quick and dirty solution to work out who the heavy hitters are on your network. Either put it inline, or set up a mirror port.

By: hephasteus

hephasteus — Tue, 07 Sep 2010 04:12:16 +0000

Standard electrical tape demon entering through mirror portal. Just call Constantine. John Constantine.