3w`Sparky

I have had some Exposure to IDS with the Cisco Product, where I work we have a network of 5000+ Desktops + all the other crap that is on there. and we tried to use the Cisco IDS but to be honest is was crap maybe the setup wasn't perfection but unless you were going to sit there allday watching it whats the point. We Tried another Product and then it was Bought out by Cisco (MARS) but it's CPU is up at 100% all the time it's capturing data. we gave up with all that so the network then became un-monitored ! recently we paid a 3rd party to do the monitoring 2K a month and they tell us what "happen`ED" last month, also not ideal but atleast we have a log of it now. (think - think they use snort) anybody had better luck / What do you use / are you lightly to be caught hacking with the current Products ?

my lan, made with Dia

wrong forum sorry ! drr

my friends daughter got a computer for xmas ages ago , it had on the packaging and laptop (internet ready) i wasn't till about 3 days later when they saw her surfing the web that they asked her what she was doing , she explained it said internet ready and it was on the internet that was for sure, via the neighbours accesspoint ! hows that for legal ?

am i missing something here ! I have gone through the guide to turn my fon into a jasager i can see my laptop connecting to the fon which it thinks is its local router fine. the fone nor the dhcp server on the lan is issuing addresses to that device though ! also there seems to be an option missing from dd-wrt dhcp helper option that i'm sure use to be there , and no ip dhcp scheme if i wanted to set it on the fon ?

course you may ask , the main reason is because it contains a certificate and vpn credentials that should be kept safe, it will also contain documents and software that i would rather people didnt get hold of should it fall out of my pocket or be left in a desktop PC. I think a bootable encrypted cd is a good idea.

Right I have been tackling this in the background and found something that seems to fit the bill(so far). encrypted CD's i have extracted the whole squashfs to a local drive installed encfs and created an encrypted folder moved everything from the squashfs into the encrypted folder , unmounted encfs leaving the folder with just encrypted files & folders run mksquash on the encrypted folder - i can then mount the suqashfs and mount the encrypted files inside that by running encfs /mountpoint-of-squash /test everything can be seen as in the orginal squashfs but now i'm stuck - is it going to be possible to get the cd to boot and point it to the squashfs A) decrypt it via password prompt and B) mount it in /somewhere then allow it to pull the required from that /somewhere? clearly the cd mounts the squashfs and pulls files from it but where would i find this part of the process ?

I Heard of a case in the UK where the Owner of the access point got into trouble after someone used it to carry out naughty crimes. not because it came from there ip but more so because they never took any measures to secure there access point , as the owner you have to take reasonable measures towards securing your network, wep64 is enough tho. - yeah right !

well loading the media to ram would overcome this maybe ? thats the plan anyway

I am wondering if there is a way to make the live disto encrypted but still bootable ? I have a Custom ubuntu 8.10 live cd that contains all sorts of nice additions but i'm thinking it would kick arse if it required a password to be able to boot from it. . . . Possible ? anyone already done this ?