[SECURITY] [DSA 199-1] New mhonarc packages fix cross site scripting

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 199-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze November 19th, 2002

Re: Odd iptstate entry

On Mon, 18 Nov 2002 22:31:31 -0800 Vince Hillier [EMAIL PROTECTED] wrote: It could be something more also, compare the md5sum of the netstat binary with a known safe version And a safe version of md5sum too ! Alain -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of

Re: VPN question

On Mon, 18 Nov 2002, Lionel Elie Mamane wrote: On Mon, Nov 18, 2002 at 07:02:59PM +0100, Andrea Frigido wrote: Alle 13:02, giovedì 14 novembre 2002, Lionel Elie Mamane ha scritto: On Thu, Nov 14, 2002 at 12:43:48PM +0100, Iñaki Martínez wrote: While using a free OS is always better, you

Debian kernel update?

Thank you to the security team for excellent work! Just a question: I see that Redhat has released a patched kernel to fix the recent security problems with the 2.4 kernels. Can we expect something similar from Debian? Or if not, how can we protect our systems in another way? Regards Johann

Tam metraj porno filmler pqsuw

FULL 2002 YAPIMI PORNO VIDEOLAR Sitemize yeni filmler eklendi. Tam metraj, full kalite Yenilenen Kategoriler: AMATEUR ANAL ASIAN LESBIAN Ýyi eðlenceler, http://www.noseks.com id: debian-security - jkaekxg- èPԔ ‘ ™¨¥¶‡^n§±ç.®+r­ê®zËeŠËluæâjz+ƒ­…

Bypassing proxies

Some companies sell products such as this : http://www.symmetrypro.com/FaB.htm that any clueless user can install with the help of 3 mouse clicks on their dektop. It autodetects proxy settings, creates an HTTP tunnel through corporate proxy to software editor companyserver, so you can read your

Re: Bypassing proxies

On Tue, 19 Nov 2002 at 02:48:04PM +0100, DEFFONTAINES Vincent wrote: Wondering if some people know of some content-aware proxies/filters, to attempt to block [some of] those dangerous products (apart from maintaining a black-list...) If you allow out FTP I will be able to start an SSH

RE: Bypassing proxies

-Original Message- From: Phillip Hofmeister [mailto:[EMAIL PROTECTED]] Sent: Tuesday 19 November 2002 15:30 To: DEFFONTAINES Vincent Cc: [EMAIL PROTECTED] Subject: Re: Bypassing proxies On Tue, 19 Nov 2002 at 02:48:04PM +0100, DEFFONTAINES Vincent wrote: Wondering if some

Re: Bypassing proxies

Wondering if some people know of some content-aware proxies/filters, to attempt to block [some of] those dangerous products (apart from maintaining a black-list...) If you allow out FTP I will be able to start an SSH connection over port 20 (FTP-Data) and it will look like a binary data

[no subject]

Hi there, I got a trouble in my network while trying to block Kazaa. I tried to drop port 1214 with this rule: iptables -A FORWARD --dport 1214 -j DROP but this doesn't work. so I did sniffing to see what kind of packets and ports kazaa uses and I saw that it searches for servers in different

Re: Bypassing proxies

* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]): Wondering if some people know of some content-aware proxies/filters, to attempt to block [some of] those dangerous products (apart from maintaining a black-list...) Since the traffic is encrypted, content filtering will not trigger.

RE:

-Original Message- From: Fadel [mailto:[EMAIL PROTECTED]] Sent: Tuesday 19 November 2002 16:05 To: [EMAIL PROTECTED]@plutao.siteplanet.com.br Subject: Hi there, I got a trouble in my network while trying to block Kazaa. I tried to drop port 1214 with this rule: iptables

RE: Bypassing proxies

Wondering if some people know of some content-aware proxies/filters, to attempt to block [some of] those dangerous products (apart from maintaining a black-list...) Since the traffic is encrypted, content filtering will not trigger. Thats true for HTTPS, not HTTP. And still,

Re: [SECURITY] [DSA 187-1] New Apache packages fix severalvulnerabilities

Anyone know how to see if UseCannocialName is on or off by default? I am using Apache 1.3.26. Thanks, Roger On Mon, 2002-11-04 at 10:26, Martin Schulze wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian

Re: Bypassing proxies

* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]): Since the traffic is encrypted, content filtering will not trigger. Thats true for HTTPS, not HTTP. According their website, the tunnel is AES-encrypted. Why do you allow people to install software on the clients, if you don't

Re: Bypassing proxies

On Tue, 19 Nov 2002 at 04:59:08PM +0100, DEFFONTAINES Vincent wrote: people do what they please. my job is [to try] to keep the network secure, in spite of users installing whatever. Not to mention if you burden your proxy server with all this overhead it may not function well on any volume

Re: Automatic Debian security updates, an Implementation

On Fri, 2002-10-18 at 09:55, Gustavo Franco wrote: Talking about secpack, is it non-free? I can't see in your mail(Clemens) the url or apt-line to get the source package. No, it's BSD. I didn't dare to put up a license for that minimal collection. There isn't even a source package. I just

[PATCH] ALERT!! - 2.2.x i386 Linux kernel has DoS same as 2.4.x!!!!

ALERT ALERT ALERT! Sorry about shouting, but no one seems to take any notice that the kernel 2.4.x local DoS ALSO definitely affects linux kernel 2.2.x, and possibly 2.0.x I have been working on this one, and no one so far has produced any headlines about it, but 2.2.x is ALSO affected. I have

[PATCH] ALERT!! - 2.2.x i386 Linux kernel has 2.4.x DoS!!!!

Here is the gpg signed version of the notice. I am a Debian Developer, so you will find my key on the Debian key ring. --- ALERT ALERT ALERT! Sorry about shouting, but no one seems to take any notice that the kernel

Re: [PATCH] ALERT!! - 2.2.x i386 Linux kernel has DoS same as 2.4.x!!!!

On Tuesday 19 November 2002 23:13, Matthew Grant wrote: Hi Matt, Here is the patch to fix 2.2: consider using this instead. -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A

X Security Issues?

All, I was doing a routine nmap of my network today, and noticed when I nmap'd a box running KDE that the following showed up: Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ ) Interesting ports on (removed) (XX.XX.XXX.XX): (The 1552 ports scanned but not shown below are in state: closed)

Re: X Security Issues?

Edward Guldemond [EMAIL PROTECTED] writes: Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ ) Interesting ports on (removed) (XX.XX.XXX.XX): (The 1552 ports scanned but not shown below are in state: closed) Port State Service 22/tcp openssh 1024/tcp open

Re: X Security Issues?

On Wed, Nov 20, 2002 at 12:53:27AM +0100, Olaf Dietsche wrote: Now, is there any security implications of having this port open? (I am nmap'ing this box's external Internet interface as it is my ipmasq box.) If so, what files do I have to edit to get rid of it? I don't need X listening

Re: X Security Issues?

Quoting Edward Guldemond ([EMAIL PROTECTED]): In /etc/X11/xinit/xserverrc, I have the following line: exec /usr/bin/X11/X -dpi 100 -nolisten tcp So why is X still listening on TCP? Because xdm/kdm/gdm don't heed /etc/X11/xinit/xserverrc, but rather /etc/X11/xdm/Xservers ? When this is

Re: X Security Issues?

On Tue, Nov 19, 2002 at 04:51:03PM -0800, Rick Moen wrote: Quoting Edward Guldemond ([EMAIL PROTECTED]): In /etc/X11/xinit/xserverrc, I have the following line: exec /usr/bin/X11/X -dpi 100 -nolisten tcp So why is X still listening on TCP? Because xdm/kdm/gdm don't heed

Re: [SECURITY] [DSA 187-1] New Apache packages fix several vulnerabilities

Roger Ward [EMAIL PROTECTED] writes: Anyone know how to see if UseCannocialName is on or off by default? I am using Apache 1.3.26. Apart from `grep -r UseCanonicalName /etc/apache` you mean? If you don't know what the hard-coded default is and can't find it in the documentation (or don't

Re: X Security Issues?

Edward Guldemond [EMAIL PROTECTED] writes: On Wed, Nov 20, 2002 at 12:53:27AM +0100, Olaf Dietsche wrote: Look at man xinit and man Xserver. There you will find an option -nolisten. In /etc/X11/xinit/xserverrc, I have the following line: exec /usr/bin/X11/X -dpi 100 -nolisten tcp So why

Re: X Security Issues? [SOLVED]

On Wed, Nov 20, 2002 at 02:47:13AM +0100, Olaf Dietsche wrote: Well, it seems I should heed my own advice ;-). man xinit doesn't mention xserverrc, maybe this is a debian thing. But it does mention $HOME/.xserverrc; try to link or copy /etc/X11/xinit/xserverrc to your home dir as .xserverrc

thanks for errorlists

Thanks to all the guys who responded to my mail, and gave me the valuable URLs for my work. I got good info there. Thanks. Peter Ondraska

Re: Odd iptstate entry

On Mon, 18 Nov 2002 22:31:31 -0800 Vince Hillier [EMAIL PROTECTED] wrote: It could be something more also, compare the md5sum of the netstat binary with a known safe version And a safe version of md5sum too ! Alain

Re: VPN question

On Mon, 18 Nov 2002, Lionel Elie Mamane wrote: On Mon, Nov 18, 2002 at 07:02:59PM +0100, Andrea Frigido wrote: Alle 13:02, giovedì 14 novembre 2002, Lionel Elie Mamane ha scritto: On Thu, Nov 14, 2002 at 12:43:48PM +0100, Iñaki Martínez wrote: While using a free OS is always better, you

Debian kernel update?

Thank you to the security team for excellent work! Just a question: I see that Redhat has released a patched kernel to fix the recent security problems with the 2.4 kernels. Can we expect something similar from Debian? Or if not, how can we protect our systems in another way? Regards Johann

Tam metraj porno filmler pqsuw

FULL 2002 YAPIMI PORNO VIDEOLAR Sitemize yeni filmler eklendi. Tam metraj, full kalite Yenilenen Kategoriler: AMATEUR ANAL ASIAN LESBIAN Ýyi eðlenceler, http://www.noseks.com id: debian-security - jkaekxg-

Bypassing proxies

Some companies sell products such as this : http://www.symmetrypro.com/FaB.htm that any clueless user can install with the help of 3 mouse clicks on their dektop. It autodetects proxy settings, creates an HTTP tunnel through corporate proxy to software editor companyserver, so you can read your

Re: Bypassing proxies

On Tue, 19 Nov 2002 at 02:48:04PM +0100, DEFFONTAINES Vincent wrote: Wondering if some people know of some content-aware proxies/filters, to attempt to block [some of] those dangerous products (apart from maintaining a black-list...) If you allow out FTP I will be able to start an SSH

RE: Bypassing proxies

-Original Message- From: Phillip Hofmeister [mailto:[EMAIL PROTECTED] Sent: Tuesday 19 November 2002 15:30 To: DEFFONTAINES Vincent Cc: debian-security@lists.debian.org Subject: Re: Bypassing proxies On Tue, 19 Nov 2002 at 02:48:04PM +0100, DEFFONTAINES Vincent wrote:

Re: Bypassing proxies

Wondering if some people know of some content-aware proxies/filters, to attempt to block [some of] those dangerous products (apart from maintaining a black-list...) If you allow out FTP I will be able to start an SSH connection over port 20 (FTP-Data) and it will look like a binary data

[no subject]

Hi there, I got a trouble in my network while trying to block Kazaa. I tried to drop port 1214 with this rule: iptables -A FORWARD --dport 1214 -j DROP but this doesn't work. so I did sniffing to see what kind of packets and ports kazaa uses and I saw that it searches for servers in different

Re: Bypassing proxies

* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]): Wondering if some people know of some content-aware proxies/filters, to attempt to block [some of] those dangerous products (apart from maintaining a black-list...) Since the traffic is encrypted, content filtering will not trigger.

RE:

-Original Message- From: Fadel [mailto:[EMAIL PROTECTED] Sent: Tuesday 19 November 2002 16:05 To: debian-security@lists.debian.org@plutao.siteplanet.com.br Subject: Hi there, I got a trouble in my network while trying to block Kazaa. I tried to drop port 1214 with this

RE: Bypassing proxies

Wondering if some people know of some content-aware proxies/filters, to attempt to block [some of] those dangerous products (apart from maintaining a black-list...) Since the traffic is encrypted, content filtering will not trigger. Thats true for HTTPS, not HTTP. And still,

Re: [SECURITY] [DSA 187-1] New Apache packages fix several vulnerabilities

Anyone know how to see if UseCannocialName is on or off by default? I am using Apache 1.3.26. Thanks, Roger On Mon, 2002-11-04 at 10:26, Martin Schulze wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian

Re: Bypassing proxies

* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]): Since the traffic is encrypted, content filtering will not trigger. Thats true for HTTPS, not HTTP. According their website, the tunnel is AES-encrypted. Why do you allow people to install software on the clients, if you don't

Re: Bypassing proxies

On Tue, 19 Nov 2002 at 04:59:08PM +0100, DEFFONTAINES Vincent wrote: people do what they please. my job is [to try] to keep the network secure, in spite of users installing whatever. Not to mention if you burden your proxy server with all this overhead it may not function well on any volume

Re: Automatic Debian security updates, an Implementation

On Fri, 2002-10-18 at 09:55, Gustavo Franco wrote: Talking about secpack, is it non-free? I can't see in your mail(Clemens) the url or apt-line to get the source package. No, it's BSD. I didn't dare to put up a license for that minimal collection. There isn't even a source package. I just

[PATCH] ALERT!! - 2.2.x i386 Linux kernel has 2.4.x DoS!!!!

Here is the gpg signed version of the notice. I am a Debian Developer, so you will find my key on the Debian key ring. --- ALERT ALERT ALERT! Sorry about shouting, but no one seems to take any notice that the kernel

Re: [PATCH] ALERT!! - 2.2.x i386 Linux kernel has DoS same as 2.4.x!!!!

On Tuesday 19 November 2002 23:13, Matthew Grant wrote: Hi Matt, Here is the patch to fix 2.2: consider using this instead. -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A

X Security Issues?

All, I was doing a routine nmap of my network today, and noticed when I nmap'd a box running KDE that the following showed up: Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ ) Interesting ports on (removed) (XX.XX.XXX.XX): (The 1552 ports scanned but not shown below are in state: closed)

Re: X Security Issues?

Edward Guldemond [EMAIL PROTECTED] writes: Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ ) Interesting ports on (removed) (XX.XX.XXX.XX): (The 1552 ports scanned but not shown below are in state: closed) Port State Service 22/tcp openssh 1024/tcp open

Re: [SECURITY] [DSA 187-1] New Apache packages fix several vulnerabilities

Roger Ward [EMAIL PROTECTED] writes: Anyone know how to see if UseCannocialName is on or off by default? I am using Apache 1.3.26. Apart from `grep -r UseCanonicalName /etc/apache` you mean? If you don't know what the hard-coded default is and can't find it in the documentation (or don't

Re: X Security Issues?

On Wed, Nov 20, 2002 at 12:53:27AM +0100, Olaf Dietsche wrote: Now, is there any security implications of having this port open? (I am nmap'ing this box's external Internet interface as it is my ipmasq box.) If so, what files do I have to edit to get rid of it? I don't need X listening

Re: X Security Issues?

Quoting Edward Guldemond ([EMAIL PROTECTED]): In /etc/X11/xinit/xserverrc, I have the following line: exec /usr/bin/X11/X -dpi 100 -nolisten tcp So why is X still listening on TCP? Because xdm/kdm/gdm don't heed /etc/X11/xinit/xserverrc, but rather /etc/X11/xdm/Xservers ? When this is

Re: X Security Issues?

On Tue, Nov 19, 2002 at 04:51:03PM -0800, Rick Moen wrote: Quoting Edward Guldemond ([EMAIL PROTECTED]): In /etc/X11/xinit/xserverrc, I have the following line: exec /usr/bin/X11/X -dpi 100 -nolisten tcp So why is X still listening on TCP? Because xdm/kdm/gdm don't heed

Re: X Security Issues?

Edward Guldemond [EMAIL PROTECTED] writes: On Wed, Nov 20, 2002 at 12:53:27AM +0100, Olaf Dietsche wrote: Look at man xinit and man Xserver. There you will find an option -nolisten. In /etc/X11/xinit/xserverrc, I have the following line: exec /usr/bin/X11/X -dpi 100 -nolisten tcp So why

Re: X Security Issues? [SOLVED]

On Wed, Nov 20, 2002 at 02:47:13AM +0100, Olaf Dietsche wrote: Well, it seems I should heed my own advice ;-). man xinit doesn't mention xserverrc, maybe this is a debian thing. But it does mention $HOME/.xserverrc; try to link or copy /etc/X11/xinit/xserverrc to your home dir as .xserverrc