Re: goals for hardening Debian: ideas and help wanted
On 24 Apr 2014 10:58, Andrew McGlashan andrew.mcglas...@affinityvision.com.au wrote: On 24/04/2014 5:49 PM, Lesley Binks wrote: Apologies for the top posting, I'm writing this from my phone. I get a 403 when trying to access via Orbot/Orweb on Android 4.1 phone. Amusing. It works for me [Orbot/Orweb -- 4.3 on both i9300 and i9505], did you get the case right? Strangely though my i9300 wouldn't use Tor properly until I rebooted it; Orbot said it was fine, but Orweb gave my public IP address! It was fine after a reboot, but I don't know why that was necessary. Thanks Andrew Just retried the link in an Orbot/Orweb combo and the page came up okay. Kind regards Lesley
Re: goals for hardening Debian: ideas and help wanted
Apologies for the top posting, I'm writing this from my phone. I get a 403 when trying to access via Orbot/Orweb on Android 4.1 phone. Amusing. Lesley On 24 Apr 2014 03:58, Paul Wise p...@debian.org wrote: Hi all, I have written a non-exhaustive list of goals for hardening the Debian distribution, the Debian project and computer systems of the Debian project, contributors and users. https://wiki.debian.org/Hardening/Goals If you have more ideas, please add them to the wiki page. If you have more information, please add it to the wiki page. If you would like to help, please choose an item and start work. -- bye, pabs http://wiki.debian.org/PaulWise
Re: finding a process that bind a spcific port
Sorry for top posting. I'm on my phone. You can always check for data on the interface using tcpdump. Worth using it to verify what's happening. Lesley On 22 Jan 2014 13:33, Nico Angenon n...@creaweb.fr wrote: no output Thanks for all... Nico -Message d'origine- From: johan A. van Zanten Sent: Wednesday, January 22, 2014 1:56 PM To: n...@creaweb.fr Cc: debian-security@lists.debian.org Subject: Re: finding a process that bind a spcific port Nico Angenon n...@creaweb.fr wrote: nope... never used this service... Still looking for an explanation, try chrootkit and rkhunter right now Try fuser: fuser -n udp 10001 -johan -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140122.125650.367853660900983582.johan@ brandwatch.com -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4DBF73DFC57C4F76AF3902A5199BB05C@NicoPC
Re: finding a process that bind a spcific port
I believe it's better for rkhunter to be initialised on a fresh install, but I think it also checks for the existence of files known to be part of a rootkit. Admittedly of minor value. The thing *not* to do with an infected system is initialise the rkhunter db. Lesley Yes but this is only the case when rkhunter was active before. AFAIK rkhunter itself has no signatures, it generates the initial checksumms on first start. Mit freundlichen Grüßen / best regards, Kevin Olbrich. Web: http://kevin-olbrich.de/ -- *Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind und/oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet.* Am 23.01.2014 um 00:22 schrieb NOKUBI Takatsugu k...@daionet.gr.jp: At Wed, 22 Jan 2014 19:47:27 +0700, Andika Triwidada wrote: On Wed, Jan 22, 2014 at 7:37 PM, Nico Angenon n...@creaweb.fr wrote: the same...no output could be hidden by rootkit :( I think so too. Could you try to use debsum and rkhunter? It would find cracked commands. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87ob3338mc.wl%k...@daionet.gr.jp