Main > Everything Else

Port scanning/network traffic software

<< < (3/5) > >>

NinjaEpisode:
The fastest and cheapest way to fix this is just to block port 22 on the router and see who complains.  If no one complains, you know somebody was able to get past your router and set something up, or somebody was doing something they now realize they shouldn't be.

As far as bypassing the firewall, be careful.  If your company is sizeable enough to have something like websense or webwasher or netcache, chances are they also have a policy that doesn't tolerate circumventing their security systems.  It's a terminable offense where I work.

ChadTower:

--- Quote from: NinjaEpisode on December 20, 2007, 01:27:05 pm ---The fastest and cheapest way to fix this is just to block port 22 on the router and see who complains. 
--- End quote ---

He can't.  He has a VPN connection to a remote office that presuambly needs to exist.



--- Quote ---As far as bypassing the firewall, be careful.  If your company is sizeable enough to have something like websense or webwasher or netcache, chances are they also have a policy that doesn't tolerate circumventing their security systems.  It's a terminable offense where I work.

--- End quote ---

That is true.  Most companies won't bother with it, but among those who will, they can fire you for it.

NinjaEpisode:

--- Quote from: ChadTower on December 20, 2007, 01:43:44 pm ---
--- Quote from: NinjaEpisode on December 20, 2007, 01:27:05 pm ---The fastest and cheapest way to fix this is just to block port 22 on the router and see who complains. 
--- End quote ---

He can't.  He has a VPN connection to a remote office that presuambly needs to exist.

--- End quote ---

Yes, he can. 

He can start by asking the guy that uses the VPN to kill it long enough to work with the ISP to determine if the problem subsided.

If it persists after he kills the VPN connection, he knows he has a problem some place else.  If it doesn't, it's possible the VPN itself is the problem.  Depending on what type of VPN etc, it's possible that persistent connections are being left open for no other reason than a bad VPN product, or incompatibility or misconfiguration.


--- Quote from: ChadTower on December 20, 2007, 01:43:44 pm ---
--- Quote ---As far as bypassing the firewall, be careful.  If your company is sizeable enough to have something like websense or webwasher or netcache, chances are they also have a policy that doesn't tolerate circumventing their security systems.  It's a terminable offense where I work.

--- End quote ---

That is true.  Most companies won't bother with it, but among those who will, they can fire you for it.

--- End quote ---

Any company with a security guy worth his salt would probably have this policy.

ChadTower:

--- Quote from: NinjaEpisode on December 20, 2007, 02:00:03 pm ---Yes, he can. 
--- End quote ---

I'm working under the assmption that the VPN is there to keep a production app open and can't be closed during business hours.  If you can take the VPN down, sure you can do that, but often a VPN is used for small offices to keep things like Access apps open that aren't developed through a web server.



--- Quote ---Any company with a security guy worth his salt would probably have this policy.

--- End quote ---

I've worked for quite a few companies with fantastic security guys.  Being good or not good doesn't really mean much when you're understaffed enough that there just isn't enough manpower to get on stuff like this.  That is usually a bigger factor than the actual written policy.

NinjaEpisode:
That's right, I forgot, you're the Cliff Claven of Arcade Controls.  I bow to your superior knowledge of everything.  :notworthy:

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version