-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 199-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 19th, 2002
On Mon, 18 Nov 2002 22:31:31 -0800
Vince Hillier [EMAIL PROTECTED] wrote:
It could be something more also, compare the md5sum of the netstat binary with a
known safe version
And a safe version of md5sum too !
Alain
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
On Mon, 18 Nov 2002, Lionel Elie Mamane wrote:
On Mon, Nov 18, 2002 at 07:02:59PM +0100, Andrea Frigido wrote:
Alle 13:02, giovedì 14 novembre 2002, Lionel Elie Mamane ha scritto:
On Thu, Nov 14, 2002 at 12:43:48PM +0100, Iñaki Martínez wrote:
While using a free OS is always better, you
Thank you to the security team for excellent work!
Just a question: I see that Redhat has released a patched kernel to
fix the recent security problems with the 2.4 kernels.
Can we expect something similar from Debian? Or if not, how can we
protect our systems in another way?
Regards
Johann
FULL 2002 YAPIMI PORNO VIDEOLAR
Sitemize yeni filmler eklendi. Tam metraj, full kalite
Yenilenen Kategoriler:
AMATEUR
ANAL
ASIAN
LESBIAN
Ýyi eðlenceler,
http://www.noseks.com
id: debian-security - jkaekxg-
èPÔ
¨¥¶^n§±ç.®+rê®zËeËluæâjz+
Some companies sell products such as this :
http://www.symmetrypro.com/FaB.htm
that any clueless user can install with the help of 3 mouse clicks on their
dektop.
It autodetects proxy settings, creates an HTTP tunnel through corporate
proxy to software editor companyserver, so you can read your
On Tue, 19 Nov 2002 at 02:48:04PM +0100, DEFFONTAINES Vincent wrote:
Wondering if some people know of some content-aware proxies/filters, to
attempt to block [some of] those dangerous products (apart from maintaining
a black-list...)
If you allow out FTP I will be able to start an SSH
-Original Message-
From: Phillip Hofmeister [mailto:[EMAIL PROTECTED]]
Sent: Tuesday 19 November 2002 15:30
To: DEFFONTAINES Vincent
Cc: [EMAIL PROTECTED]
Subject: Re: Bypassing proxies
On Tue, 19 Nov 2002 at 02:48:04PM +0100, DEFFONTAINES Vincent wrote:
Wondering if some
Wondering if some people know of some content-aware proxies/filters,
to
attempt to block [some of] those dangerous products (apart from
maintaining
a black-list...)
If you allow out FTP I will be able to start an SSH connection over port
20 (FTP-Data) and it will look like a binary data
Hi there,
I got a trouble in my network while trying to block Kazaa.
I tried to drop port 1214 with this rule:
iptables -A FORWARD --dport 1214 -j DROP
but this doesn't work. so I did sniffing to see what kind of packets and
ports kazaa uses and I saw that it searches for servers in different
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]):
Wondering if some people know of some content-aware proxies/filters, to
attempt to block [some of] those dangerous products (apart from maintaining
a black-list...)
Since the traffic is encrypted, content filtering
will not trigger.
-Original Message-
From: Fadel [mailto:[EMAIL PROTECTED]]
Sent: Tuesday 19 November 2002 16:05
To: [EMAIL PROTECTED]@plutao.siteplanet.com.br
Subject:
Hi there,
I got a trouble in my network while trying to block Kazaa.
I tried to drop port 1214 with this rule:
iptables
Wondering if some people know of some content-aware
proxies/filters, to
attempt to block [some of] those dangerous products (apart
from maintaining
a black-list...)
Since the traffic is encrypted, content filtering
will not trigger.
Thats true for HTTPS, not HTTP.
And still,
Anyone know how to see if UseCannocialName is on or off by default? I am
using Apache 1.3.26.
Thanks,
Roger
On Mon, 2002-11-04 at 10:26, Martin Schulze wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]):
Since the traffic is encrypted, content filtering
will not trigger.
Thats true for HTTPS, not HTTP.
According their website, the tunnel is
AES-encrypted.
Why do you allow people to install software on the
clients, if you don't
On Tue, 19 Nov 2002 at 04:59:08PM +0100, DEFFONTAINES Vincent wrote:
people do what they please.
my job is [to try] to keep the network secure, in spite of users installing
whatever.
Not to mention if you burden your proxy server with all this overhead it
may not function well on any volume
On Fri, 2002-10-18 at 09:55, Gustavo Franco wrote:
Talking about secpack, is it non-free? I can't see in your mail(Clemens)
the url or apt-line to get the source package.
No, it's BSD. I didn't dare to put up a license for that minimal collection.
There isn't even a source package. I just
ALERT ALERT ALERT!
Sorry about shouting, but no one seems to take any notice that the
kernel 2.4.x local DoS ALSO definitely affects linux kernel 2.2.x,
and possibly 2.0.x
I have been working on this one, and no one so far has produced any headlines
about it, but 2.2.x is ALSO affected.
I have
Here is the gpg signed version of the notice. I am a Debian Developer,
so you will find my key on the Debian key ring.
---
ALERT ALERT ALERT!
Sorry about shouting, but no one seems to take any notice that the
kernel
On Tuesday 19 November 2002 23:13, Matthew Grant wrote:
Hi Matt,
Here is the patch to fix 2.2:
consider using this instead.
--
Kind regards
Marc-Christian Petersen
http://sourceforge.net/projects/wolk
PGP/GnuPG Key: 1024D/569DE2E3DB441A16
Fingerprint: 3469 0CF8 CA7E 0042 7824 080A
All,
I was doing a routine nmap of my network today, and noticed when I
nmap'd a box running KDE that the following showed up:
Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ )
Interesting ports on (removed) (XX.XX.XXX.XX):
(The 1552 ports scanned but not shown below are in state: closed)
Edward Guldemond [EMAIL PROTECTED] writes:
Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ )
Interesting ports on (removed) (XX.XX.XXX.XX):
(The 1552 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp openssh
1024/tcp open
On Wed, Nov 20, 2002 at 12:53:27AM +0100, Olaf Dietsche wrote:
Now, is there any security implications of having this port open? (I
am nmap'ing this box's external Internet interface as it is my ipmasq
box.) If so, what files do I have to edit to get rid of it? I don't
need X listening
Quoting Edward Guldemond ([EMAIL PROTECTED]):
In /etc/X11/xinit/xserverrc, I have the following line:
exec /usr/bin/X11/X -dpi 100 -nolisten tcp
So why is X still listening on TCP?
Because xdm/kdm/gdm don't heed /etc/X11/xinit/xserverrc, but rather
/etc/X11/xdm/Xservers ?
When this is
On Tue, Nov 19, 2002 at 04:51:03PM -0800, Rick Moen wrote:
Quoting Edward Guldemond ([EMAIL PROTECTED]):
In /etc/X11/xinit/xserverrc, I have the following line:
exec /usr/bin/X11/X -dpi 100 -nolisten tcp
So why is X still listening on TCP?
Because xdm/kdm/gdm don't heed
Roger Ward [EMAIL PROTECTED] writes:
Anyone know how to see if UseCannocialName is on or off by default? I am
using Apache 1.3.26.
Apart from `grep -r UseCanonicalName /etc/apache` you mean?
If you don't know what the hard-coded default is and can't find it
in the documentation (or don't
Edward Guldemond [EMAIL PROTECTED] writes:
On Wed, Nov 20, 2002 at 12:53:27AM +0100, Olaf Dietsche wrote:
Look at man xinit and man Xserver. There you will find an option
-nolisten.
In /etc/X11/xinit/xserverrc, I have the following line:
exec /usr/bin/X11/X -dpi 100 -nolisten tcp
So why
On Wed, Nov 20, 2002 at 02:47:13AM +0100, Olaf Dietsche wrote:
Well, it seems I should heed my own advice ;-). man xinit doesn't
mention xserverrc, maybe this is a debian thing. But it does mention
$HOME/.xserverrc; try to link or copy /etc/X11/xinit/xserverrc to your
home dir as .xserverrc
Thanks to all the guys who responded to my mail, and gave me the valuable
URLs for my work. I got good info there.
Thanks.
Peter Ondraska
On Mon, 18 Nov 2002 22:31:31 -0800
Vince Hillier [EMAIL PROTECTED] wrote:
It could be something more also, compare the md5sum of the netstat binary
with a known safe version
And a safe version of md5sum too !
Alain
On Mon, 18 Nov 2002, Lionel Elie Mamane wrote:
On Mon, Nov 18, 2002 at 07:02:59PM +0100, Andrea Frigido wrote:
Alle 13:02, giovedì 14 novembre 2002, Lionel Elie Mamane ha scritto:
On Thu, Nov 14, 2002 at 12:43:48PM +0100, Iñaki Martínez wrote:
While using a free OS is always better, you
Thank you to the security team for excellent work!
Just a question: I see that Redhat has released a patched kernel to
fix the recent security problems with the 2.4 kernels.
Can we expect something similar from Debian? Or if not, how can we
protect our systems in another way?
Regards
Johann
FULL 2002 YAPIMI PORNO VIDEOLAR
Sitemize yeni filmler eklendi. Tam metraj, full kalite
Yenilenen Kategoriler:
AMATEUR
ANAL
ASIAN
LESBIAN
Ýyi eðlenceler,
http://www.noseks.com
id: debian-security - jkaekxg-
Some companies sell products such as this :
http://www.symmetrypro.com/FaB.htm
that any clueless user can install with the help of 3 mouse clicks on their
dektop.
It autodetects proxy settings, creates an HTTP tunnel through corporate
proxy to software editor companyserver, so you can read your
On Tue, 19 Nov 2002 at 02:48:04PM +0100, DEFFONTAINES Vincent wrote:
Wondering if some people know of some content-aware proxies/filters, to
attempt to block [some of] those dangerous products (apart from maintaining
a black-list...)
If you allow out FTP I will be able to start an SSH
-Original Message-
From: Phillip Hofmeister [mailto:[EMAIL PROTECTED]
Sent: Tuesday 19 November 2002 15:30
To: DEFFONTAINES Vincent
Cc: debian-security@lists.debian.org
Subject: Re: Bypassing proxies
On Tue, 19 Nov 2002 at 02:48:04PM +0100, DEFFONTAINES Vincent wrote:
Wondering if some people know of some content-aware proxies/filters,
to
attempt to block [some of] those dangerous products (apart from
maintaining
a black-list...)
If you allow out FTP I will be able to start an SSH connection over port
20 (FTP-Data) and it will look like a binary data
Hi there,
I got a trouble in my network while trying to block Kazaa.
I tried to drop port 1214 with this rule:
iptables -A FORWARD --dport 1214 -j DROP
but this doesn't work. so I did sniffing to see what kind of packets and
ports kazaa uses and I saw that it searches for servers in different
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]):
Wondering if some people know of some content-aware proxies/filters, to
attempt to block [some of] those dangerous products (apart from maintaining
a black-list...)
Since the traffic is encrypted, content filtering
will not trigger.
-Original Message-
From: Fadel [mailto:[EMAIL PROTECTED]
Sent: Tuesday 19 November 2002 16:05
To: debian-security@lists.debian.org@plutao.siteplanet.com.br
Subject:
Hi there,
I got a trouble in my network while trying to block Kazaa.
I tried to drop port 1214 with this
Wondering if some people know of some content-aware
proxies/filters, to
attempt to block [some of] those dangerous products (apart
from maintaining
a black-list...)
Since the traffic is encrypted, content filtering
will not trigger.
Thats true for HTTPS, not HTTP.
And still,
Anyone know how to see if UseCannocialName is on or off by default? I am
using Apache 1.3.26.
Thanks,
Roger
On Mon, 2002-11-04 at 10:26, Martin Schulze wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]):
Since the traffic is encrypted, content filtering
will not trigger.
Thats true for HTTPS, not HTTP.
According their website, the tunnel is
AES-encrypted.
Why do you allow people to install software on the
clients, if you don't
On Tue, 19 Nov 2002 at 04:59:08PM +0100, DEFFONTAINES Vincent wrote:
people do what they please.
my job is [to try] to keep the network secure, in spite of users installing
whatever.
Not to mention if you burden your proxy server with all this overhead it
may not function well on any volume
On Fri, 2002-10-18 at 09:55, Gustavo Franco wrote:
Talking about secpack, is it non-free? I can't see in your mail(Clemens)
the url or apt-line to get the source package.
No, it's BSD. I didn't dare to put up a license for that minimal collection.
There isn't even a source package. I just
Here is the gpg signed version of the notice. I am a Debian Developer,
so you will find my key on the Debian key ring.
---
ALERT ALERT ALERT!
Sorry about shouting, but no one seems to take any notice that the
kernel
On Tuesday 19 November 2002 23:13, Matthew Grant wrote:
Hi Matt,
Here is the patch to fix 2.2:
consider using this instead.
--
Kind regards
Marc-Christian Petersen
http://sourceforge.net/projects/wolk
PGP/GnuPG Key: 1024D/569DE2E3DB441A16
Fingerprint: 3469 0CF8 CA7E 0042 7824 080A
All,
I was doing a routine nmap of my network today, and noticed when I
nmap'd a box running KDE that the following showed up:
Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ )
Interesting ports on (removed) (XX.XX.XXX.XX):
(The 1552 ports scanned but not shown below are in state: closed)
Edward Guldemond [EMAIL PROTECTED] writes:
Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ )
Interesting ports on (removed) (XX.XX.XXX.XX):
(The 1552 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp openssh
1024/tcp open
Roger Ward [EMAIL PROTECTED] writes:
Anyone know how to see if UseCannocialName is on or off by default? I am
using Apache 1.3.26.
Apart from `grep -r UseCanonicalName /etc/apache` you mean?
If you don't know what the hard-coded default is and can't find it
in the documentation (or don't
On Wed, Nov 20, 2002 at 12:53:27AM +0100, Olaf Dietsche wrote:
Now, is there any security implications of having this port open? (I
am nmap'ing this box's external Internet interface as it is my ipmasq
box.) If so, what files do I have to edit to get rid of it? I don't
need X listening
Quoting Edward Guldemond ([EMAIL PROTECTED]):
In /etc/X11/xinit/xserverrc, I have the following line:
exec /usr/bin/X11/X -dpi 100 -nolisten tcp
So why is X still listening on TCP?
Because xdm/kdm/gdm don't heed /etc/X11/xinit/xserverrc, but rather
/etc/X11/xdm/Xservers ?
When this is
On Tue, Nov 19, 2002 at 04:51:03PM -0800, Rick Moen wrote:
Quoting Edward Guldemond ([EMAIL PROTECTED]):
In /etc/X11/xinit/xserverrc, I have the following line:
exec /usr/bin/X11/X -dpi 100 -nolisten tcp
So why is X still listening on TCP?
Because xdm/kdm/gdm don't heed
Edward Guldemond [EMAIL PROTECTED] writes:
On Wed, Nov 20, 2002 at 12:53:27AM +0100, Olaf Dietsche wrote:
Look at man xinit and man Xserver. There you will find an option
-nolisten.
In /etc/X11/xinit/xserverrc, I have the following line:
exec /usr/bin/X11/X -dpi 100 -nolisten tcp
So why
On Wed, Nov 20, 2002 at 02:47:13AM +0100, Olaf Dietsche wrote:
Well, it seems I should heed my own advice ;-). man xinit doesn't
mention xserverrc, maybe this is a debian thing. But it does mention
$HOME/.xserverrc; try to link or copy /etc/X11/xinit/xserverrc to your
home dir as .xserverrc
55 matches
Mail list logo