Working on running a SMTP server inside the firewall that takes incoming
SMTP traffic from outside the firewall. The below rules are not
working. The firewall refuses connections. Any input on what wrong?
Thanks,
internal mailserver = 192.168.1.2
#$PROG -t nat -A PREROUTING -i
Hi:
sorry by a large of the message , but I am not a security expert and I
have a ftp server secured with the directives that I found in general
docs. Yesterday my server was down at 19:30 aprox , the only suspicious
track that I found is :
18:59:06 web wu-ftpd[10527]: connect from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I think you must chech your default policies. Besides, you should
check the traffic from within your mail server with a tool such as snort
or tcpdump and try logging your rules with the -j LOG match.
Hanasaki JiJi [EMAIL PROTECTED] writes:
Working
On Thursday 27 March 2003 08:53, Lars Ellenberg wrote:
On Wed, Mar 26, 2003 at 05:28:35PM +0100, Kjetil Kjernsmo wrote:
Is there a way to remove revoked/expired and otherwise invalid or
useless keys from a GPG keyring, in batch?
well, I do not know how to automatically list only invalid
On Sat, Mar 29, 2003 at 10:46:02AM -0300, danilo lujambio wrote:
sorry by a large of the message , but I am not a security expert and I
have a ftp server secured with the directives that I found in general
docs. Yesterday my server was down at 19:30 aprox , the only suspicious
track that I
On Sat, Mar 29, 2003 at 02:35:39PM +, Tom Goulet (UID0) imagined:
On Sat, Mar 29, 2003 at 10:46:02AM -0300, danilo lujambio wrote:
sorry by a large of the message , but I am not a security
expert and I have a ftp server secured with the directives
that I found in general docs.
On 29 Mar 2003 10:46:02 -0300, danilo lujambio wrote:
I have a ftp server secured with the directives that I found in general
docs. Yesterday my server was down at 19:30 aprox , the only suspicious
track that I found is :
18:59:06 web wu-ftpd[10527]: connect from 200.158.144.201
Mar 28 18:59:07
On Sat, Mar 29, 2003 at 03:26:33PM +0100, Kjetil Kjernsmo wrote:
On Thursday 27 March 2003 08:53, Lars Ellenberg wrote:
On Wed, Mar 26, 2003 at 05:28:35PM +0100, Kjetil Kjernsmo wrote:
Is there a way to remove revoked/expired and otherwise invalid or
useless keys from a GPG keyring, in
The syslog entries below means ...
what?
-- transcript --
Mar 29 13:06:20 int-mon anacron[1708]: Updated timestamp for job
`cron.daily' to 2003-03-29
Mar 29 13:09:12 int-mon :
Mar 29 13:09:12 int-mon : Security Warning: Change in Suid Root files
found :
Mar 29 13:09:12 int-mon : - Added suid
At first glance, it looks perfectly normal. You just
seemed to have installed some sort intruder monitor/ids and
you'll see things like this for a while until you establish
a good working baseline.
--jordan
On 29 Mar 2003, Cau de Alencar wrote:
The syslog entries below
I don't THINK that is bad news but I wouldn't bet my job on it. download
and run chkrootkit and give it a go.
Those look rather innocent to me. Did you add any software or do an
apt-get upgrade recently?
David.
--
War on the World?
Not in My Name!
http://www.notinourname.net/
On 29 Mar
Hanasaki JiJi wrote:
Working on running a SMTP server inside the firewall that takes
incoming SMTP traffic from outside the firewall. The below rules are
not working. The firewall refuses connections. Any input on what wrong?
Thanks,
internal mailserver = 192.168.1.2
#$PROG -t nat -A
Working on running a SMTP server inside the firewall that takes incoming
SMTP traffic from outside the firewall. The below rules are not
working. The firewall refuses connections. Any input on what wrong?
Thanks,
internal mailserver = 192.168.1.2
#$PROG -t nat -A PREROUTING -i
Hi:
sorry by a large of the message , but I am not a security expert and I
have a ftp server secured with the directives that I found in general
docs. Yesterday my server was down at 19:30 aprox , the only suspicious
track that I found is :
18:59:06 web wu-ftpd[10527]: connect from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I think you must chech your default policies. Besides, you should
check the traffic from within your mail server with a tool such as snort
or tcpdump and try logging your rules with the -j LOG match.
Hanasaki JiJi [EMAIL PROTECTED] writes:
Working
On Thursday 27 March 2003 08:53, Lars Ellenberg wrote:
On Wed, Mar 26, 2003 at 05:28:35PM +0100, Kjetil Kjernsmo wrote:
Is there a way to remove revoked/expired and otherwise invalid or
useless keys from a GPG keyring, in batch?
well, I do not know how to automatically list only invalid
On Sat, Mar 29, 2003 at 10:46:02AM -0300, danilo lujambio wrote:
sorry by a large of the message , but I am not a security expert and I
have a ftp server secured with the directives that I found in general
docs. Yesterday my server was down at 19:30 aprox , the only suspicious
track that I
On Sat, Mar 29, 2003 at 02:35:39PM +, Tom Goulet (UID0) imagined:
On Sat, Mar 29, 2003 at 10:46:02AM -0300, danilo lujambio wrote:
sorry by a large of the message , but I am not a security
expert and I have a ftp server secured with the directives
that I found in general docs.
On 29 Mar 2003 10:46:02 -0300, danilo lujambio wrote:
I have a ftp server secured with the directives that I found in general
docs. Yesterday my server was down at 19:30 aprox , the only suspicious
track that I found is :
18:59:06 web wu-ftpd[10527]: connect from 200.158.144.201
Mar 28 18:59:07
On Sat, Mar 29, 2003 at 03:26:33PM +0100, Kjetil Kjernsmo wrote:
On Thursday 27 March 2003 08:53, Lars Ellenberg wrote:
On Wed, Mar 26, 2003 at 05:28:35PM +0100, Kjetil Kjernsmo wrote:
Is there a way to remove revoked/expired and otherwise invalid or
useless keys from a GPG keyring, in
The syslog entries below means ...
what?
-- transcript --
Mar 29 13:06:20 int-mon anacron[1708]: Updated timestamp for job
`cron.daily' to 2003-03-29
Mar 29 13:09:12 int-mon :
Mar 29 13:09:12 int-mon : Security Warning: Change in Suid Root files
found :
Mar 29 13:09:12 int-mon : - Added suid
At first glance, it looks perfectly normal. You just
seemed to have installed some sort intruder monitor/ids and
you'll see things like this for a while until you establish
a good working baseline.
--jordan
On 29 Mar 2003, Cau de Alencar wrote:
The syslog entries below
I don't THINK that is bad news but I wouldn't bet my job on it. download
and run chkrootkit and give it a go.
Those look rather innocent to me. Did you add any software or do an
apt-get upgrade recently?
David.
--
War on the World?
Not in My Name!
http://www.notinourname.net/
On 29 Mar
23 matches
Mail list logo