run lsof -i -P and you will see what process(es) is/are bound to the
open port(s).
On 24 Jul 2002, Crawford Rainwater wrote:
Folks,
I was experimenting with Portsentry for the first time in a while,
using nmap to help scan for the open ports on a beta test box (Debian
3.0 upgraded).
I couldn't agree more. Will there be an official announcement on this
list about how long you will be supporting potato?
-Original Message-
From: martin f krafft [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 25, 2002 1:08 AM
To: 'debian-security@lists.debian.org'
Subject: Re: Support
Previously Jens Hafner wrote:
I couldn't agree more. Will there be an official announcement on this
list about how long you will be supporting potato?
This week I hope. First we need to sort out a few technical issues
related to the woody release.
Wichert.
--
On Wed, 24 Jul 2002 at 22:47:32 +, Crawford Rainwater wrote:
I was experimenting with Portsentry for the first time in a while,
using nmap to help scan for the open ports on a beta test box (Debian
3.0 upgraded).
What I noticed beforehand, ports were closed beyond 1024 (did
nmap -sU
On 25.07.2002 0:47 Uhr thou speakest, Crawford Rainwater these words:
[..cut portsentry descr..]
Hi!
well, this is the way portsentry works: it opens the ports to the outside,
but is the only daemon behind listening to the ports. And if something
naughty (in portsentry's opinion) is going on it
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
* Quoting Zelko Slamaj ([EMAIL PROTECTED]):
What I realized is:
.) 'till now it is safe to leave it that way but
.) those kiddies scan your computer and think that these ports _are_ indeed
open, so you have more attack-tries, which results in longer log-files and
longer ip-chains.
Plus
On Wed, Jul 24, 2002 at 08:03:44PM -0400, Phillip Hofmeister wrote:
All,
I am doing a college Honor's project on different distributions. Data on
Debian and it's security fixes would be helpful if it is available. I would
be looking for anythings useful in particular, the following:
How
unsubscribe
IncrediMail - Email has finally evolved -
Click
Here
Hi Ralf!
2. chroot everything
just chroot the users at the login after ssh (if you want to allow ssh),
How can chroot a user who logs in via ssh? Do you have some links about
this?
--
Sebastian Schinzel
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble?
Quoting Sebastian Schinzel [EMAIL PROTECTED]:
Hi Ralf!
2. chroot everything
just chroot the users at the login after ssh (if you want to allow ssh),
How can chroot a user who logs in via ssh? Do you have some links about
this?
--
Sebastian Schinzel
Hello all,
I'm looking at re-arranging my network, which currently consists of an
ipmasq box with 3 nics, one going to the outside, one going to a DMZ,
and one going to an internal network. The masq box allows a few
services into machines in the DMZ, restricts the DMZ from getting
outside except
On Thu, Jul 25, 2002 at 01:07:19PM -0500, Dast wrote:
So my question is, is it safer to host the NFS from the DMZ and
mount remotely on machines in the internal network, or host the NFS
from a machine on the internal network and remotely mount in the
DMZ? Or does it matter?
I suppose it
On Thursday, 2002-07-25 at 14:51:09 -0500, Dast wrote:
Mike Renfro [EMAIL PROTECTED] writes:
On Thu, Jul 25, 2002 at 01:07:19PM -0500, Dast wrote:
So my question is, is it safer to host the NFS from the DMZ and
mount remotely on machines in the internal network, or host the NFS
from
Quoting Dast ([EMAIL PROTECTED]):
My problem is, I need to have a network mount shared between a machine
in the DMZ (untrusted) and machines in the internal network.
Hosting NFS on the ipmasq box is not an option for me.
Any chance you could use AFS or SFS for this, instead? As Mike Renfro
[EMAIL PROTECTED] (Lupe Christoph) writes:
If you don't have realtime requirements, you could rsync between
the two machines.
The amount of data is many gigabytes, so I don't want to duplicate
things and use twice the disk space. Otherwise that would be a fine
solution.
--
--Dast
Practice
Rick Moen [EMAIL PROTECTED] writes:
Any chance you could use AFS or SFS for this, instead? As Mike Renfro
points out, you're creating an intermachine dependency between the
bastion host and the inside machine no matter how you do it, but at
least, with those, the mount and resource-access
Quoting Dast ([EMAIL PROTECTED]):
Hmm, I'll look into those filesystems. Are they supported in stock
Debian kernels and userland tools or do they require extra patches?
I have no idea about Debian packaging.
For SFS of Linux, you'll need your Linux system to have a kernel with
NFSv3 support
On Thu, Jul 25, 2002 at 07:23:43PM -0700, Rick Moen wrote:
Hmm, I'll look into those filesystems. Are they supported in stock
Debian kernels and userland tools or do they require extra patches?
I have no idea about Debian packaging.
For SFS of Linux, you'll need your Linux system to
19 matches
Mail list logo