On Saturday, 2003-03-22 at 12:01:13 -0600, Hanasaki JiJi wrote:
Would you share your opinions on the following setup for daemons?
firewall runs
whois server - gwhois or jwhois?
No services on the firewall. Put that on a machine in the DMZ.
iptables - firewall
... because it
Le Sunday 23 March 2003 05:01, Guille -bisho- a écrit :
Thus no problem, the patch functions ,-)
But so now I launch the same exploit but to compile and use before
levelling of the kernel :
[EMAIL PROTECTED]:~/ptrace$ ./ptrace-before-compiling
[EMAIL PROTECTED]:~/ptrace# id
uid=0(root)
On Sat, Mar 22, 2003 at 10:58:24AM -0800, Jon wrote:
On Sat, 2003-03-22 at 04:43, Markus Kolb wrote:
Jon wrote:
[...]
Linux kmod + ptrace local root exploit by [EMAIL PROTECTED]
= Simple mode, executing /usr/bin/id /dev/tty
sizeof(shellcode)=95
= Child process
Hello!
Thanks, that was the problem. The patch works fine.
Ed McMan wrote:
Saturday, March 22, 2003, 8:26:44 PM, [EMAIL PROTECTED] (debian-security) wrote:
LeVA So it droped me a root shell. Well it is not good I think, after the
LeVA patch...
People have been saying that one of the exploits
On Sat, 22 Mar 2003, Eduardo Rocha Costa wrote:
Thanks for the advice, shorewall is very good... only 4 hours and I make
the configuration !!
Hi, if you want to improve your firewall and security, just see
http://www.netfilter.org
--
Mauricio Alejandro Araya Lopez* User #249395
On Fri, Mar 21, 2003 at 02:41:44AM +, Dale Amon wrote:
chkrootkit finds this file:
Searching for suspicious files and dirs, it may take a while...
/usr/lib/tiger/bin/.bintype
which appears to be quite old. Is this just a leftover
from a long ago tiger? It only contains Linux 2.2.17
If you compiled and ran the resulting binary before
upgrading your kernel, the isec-ptrace-kmod-exploit
binary may already be set[ug]id, which is a side
effect of running it. Make sure it's not +s and/or
g+s, or better yet just remove it and recompile it.
--- LeVA [EMAIL PROTECTED] wrote:
Hello!
unsubscribe
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Saturday, 2003-03-22 at 12:01:13 -0600, Hanasaki JiJi wrote:
Would you share your opinions on the following setup for daemons?
firewall runs
whois server - gwhois or jwhois?
No services on the firewall. Put that on a machine in the DMZ.
iptables - firewall
... because it
Le Sunday 23 March 2003 05:01, Guille -bisho- a écrit :
Thus no problem, the patch functions ,-)
But so now I launch the same exploit but to compile and use before
levelling of the kernel :
[EMAIL PROTECTED]:~/ptrace$ ./ptrace-before-compiling
[EMAIL PROTECTED]:~/ptrace# id
uid=0(root)
On Sat, Mar 22, 2003 at 10:58:24AM -0800, Jon wrote:
On Sat, 2003-03-22 at 04:43, Markus Kolb wrote:
Jon wrote:
[...]
Linux kmod + ptrace local root exploit by [EMAIL PROTECTED]
= Simple mode, executing /usr/bin/id /dev/tty
sizeof(shellcode)=95
= Child process
On Saturday 22 Mar 2003 6:36 am, Martin Schulze wrote:
Nick Boyce wrote :
I get a bad signature reported by Kmail on this announcement.
Saving the message out to a text file and verifying manually also
fails :
Ditch KMail, it is a permanent source of problems when it comes to
digital
Hello!
Thanks, that was the problem. The patch works fine.
Ed McMan wrote:
Saturday, March 22, 2003, 8:26:44 PM, debian-security@lists.debian.org
(debian-security) wrote:
LeVA So it droped me a root shell. Well it is not good I think, after the
LeVA patch...
People have been saying that
On Sat, 22 Mar 2003, Eduardo Rocha Costa wrote:
Thanks for the advice, shorewall is very good... only 4 hours and I make
the configuration !!
Hi, if you want to improve your firewall and security, just see
http://www.netfilter.org
--
Mauricio Alejandro Araya Lopez* User #249395
On Fri, Mar 21, 2003 at 02:41:44AM +, Dale Amon wrote:
chkrootkit finds this file:
Searching for suspicious files and dirs, it may take a while...
/usr/lib/tiger/bin/.bintype
which appears to be quite old. Is this just a leftover
from a long ago tiger? It only contains Linux 2.2.17
If you compiled and ran the resulting binary before
upgrading your kernel, the isec-ptrace-kmod-exploit
binary may already be set[ug]id, which is a side
effect of running it. Make sure it's not +s and/or
g+s, or better yet just remove it and recompile it.
--- LeVA [EMAIL PROTECTED] wrote:
Hello!
16 matches
Mail list logo
