lisa1987's questions

We are a global entreprise with thousands of employees worldwide. We have our own PKI infrastructure which is trusted internally by our systems but unknown externally.

We sign contrats with our clients. There is an ongoing "paperless" project which aims to abandon physical contrats and use electronic ones instead.

My management is asking me to implement digital signatures on such contracts, using our own PKI infrastructure.

My question is, do the digital signatures produced using our PKI have any added value ? Or do we absolutely need to use a PKI/CA that is trusetd worldwide (like Digicert or Verisign) ?

We have a data-center and as a happy OSSEC user I am trying to convince my management to use it for host intrusion detection. However I have never deployed it on more than a handful of servers and I am not sure if it does scale.

Anyone has deployed OSSEC on a large scale (say 500+ servers) ? Does it scale ?

What is likely to happen when you plug two ends of a network cable to a single switch/router? Will this create problems on the network, or just be ignored?

Is there a way to export active directory data using built-in Windows Server 2008 tools? I want to get the entire tree of OU’s within OU’s in any human-readable format.

How does system administrators identify which dependencies are missing when installing an application from source code?

I'm looking for a tool to passively listen on a mirroring port in order to collect statistical data about network bandwidth usage, protocols, hosts, etc.

Ntop is great. But once restarted it (almost) resets all stats. As far as I know, there is no elegant solution to enable persistent storage on Ntop.

Can someone please point me to a similar tool that can handle restarts?

OK, I've been reading about SNMP misconfiguration security issues and it seems like hackers can actually own a router if they discover its SNMP RW community string via tools like snmpblow and snmpwalk: http://securityreliks.securegossip.com/2011/04/hacking-snmp-in-a-few-simple-steps/

But what about SNMP RW on Linux boxes? How far the bad guys can go with this one?

On a ubuntu-10.04 and Apache2 I am trying to disable PHP execution on /var/www/upload directory. So I've added the following to /etc/apache2/sites-enabled/000-default:

< Directory /var/www/upload/> AddType text/plain .php < /Directory>

Then of course I've restarted the Apache2 service.

However, according to my tests, PHP is still being executed on the upload directory.

Anyone knows what I'm missing here?

I have a default Apache installation on Ubuntu 10.04.

I use the following Nmap scan to determine the available Apache methods:

nmap -p80 --script=http-methods 192.168.1.66

The result is:

http-methods: GET HEAD POST OPTIONS

I'm trying to eliminate the HEAD method. So in /etc/apache2/apache.conf I added the following:

<Directory "/var/www/*">
<LimitExcept GET POST OPTIONS>
Deny from all
</LimitExcept>
...
</Directory>

I then restarted the web server. However the nmap scan still prints the same results.

Does anyone know what I'm missing here?