-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 316-3 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
June 17th, 2003
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 324-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
June 18th, 2003
On Mon, 2003-06-16 at 23:32, Tomasz Papszun wrote:
On Mon, 16 Jun 2003 at 14:26:33 +0200, Stefan Neufeind wrote:
On 16 Jun 2003 at 7:00, Halil Demirezen wrote:
To be brief, I don't usually come accross that there is an exploit for
only effective to debian boxes. Plus, There are lots of
On Tue, 17 Jun 2003 at 11:56:36PM +1000, Mark Devin wrote:
I was going to say exactly this earlier in the thread. I put this in My
Apache config quite some time ago when I realised I could. There should
be something similar in the sshd_config in my opinion.
File a wishlist bug with the ssh
Hi,
On Tue Jun 17, 2003 at 10:44:01 -0400, Phillip Hofmeister wrote:
On Tue, 17 Jun 2003 at 11:56:36PM +1000, Mark Devin wrote:
I was going to say exactly this earlier in the thread. I put this
in My
Apache config quite some time ago when I realised I could. There
should
be something
Nick Boyce [EMAIL PROTECTED] writes:
These attacks require wiretapping and traffic
manipulation capabilities.
I'd be interested if you could expand on this - do you mean a
connection to the victim's LAN is necessary ?
LAN or WAN. Actually, access to any transmission link suffices.
I'd
Tim Peeler [EMAIL PROTECTED] writes:
I've done some research and have seen reports on several kits
available to exploit the SSH1 protocol.
Can you send me a few links? I can only remember attacks which
required (a) eavesdropping, (b) huge amounts of traffic (you would
have noticed it), (c) or
On Tue, Jun 17, 2003 at 09:45:28PM +0200, Florian Weimer wrote:
Tim Peeler [EMAIL PROTECTED] writes:
I've done some research and have seen reports on several kits
available to exploit the SSH1 protocol.
Can you send me a few links? I can only remember attacks which
required (a)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, 16 Jun 2003, John Holroyd wrote:
On Mon, 2003-06-16 at 15:26, Omaha Steaks wrote:
Dear Friend,
snips silliness
Seriously,
Does Debian have much success in forcing these spammers to pay the
fin fees mentioned on the mailing list pages?
On Tue, 17 Jun 2003 21:34:32 +0200, Florian Weimer wrote:
Nick Boyce [EMAIL PROTECTED] writes:
These attacks require wiretapping and traffic
manipulation capabilities.
I'd be interested if you could expand on this - do you mean a
connection to the victim's LAN is necessary ?
LAN or WAN.
On Mon, 2003-06-16 at 23:32, Tomasz Papszun wrote:
On Mon, 16 Jun 2003 at 14:26:33 +0200, Stefan Neufeind wrote:
On 16 Jun 2003 at 7:00, Halil Demirezen wrote:
To be brief, I don't usually come accross that there is an exploit for
only effective to debian boxes. Plus, There are lots of
On Tue, 17 Jun 2003 at 11:56:36PM +1000, Mark Devin wrote:
I was going to say exactly this earlier in the thread. I put this in My
Apache config quite some time ago when I realised I could. There should
be something similar in the sshd_config in my opinion.
File a wishlist bug with the ssh
Hi,
On Tue Jun 17, 2003 at 10:44:01 -0400, Phillip Hofmeister wrote:
On Tue, 17 Jun 2003 at 11:56:36PM +1000, Mark Devin wrote:
I was going to say exactly this earlier in the thread. I put this
in My
Apache config quite some time ago when I realised I could. There
should
be something
On Sun, Jun 15, 2003 at 09:01:00AM +0200, Florian Weimer wrote:
Tim Peeler [EMAIL PROTECTED] writes:
I've come to the conclusion that the SSH1 protocol is the most
likely cause of this problem.
Attacks on the SSH v1 protocol are relatively sophisticated. It's
more likely that some
Mark Devin [EMAIL PROTECTED] writes:
On Mon, 2003-06-16 at 23:32, Tomasz Papszun wrote:
ServerTokens ProductOnly
ServerSignature Off
I was going to say exactly this earlier in the thread. I put this in My
Apache config quite some time ago when I realised I could. There should
be
Nick Boyce [EMAIL PROTECTED] writes:
These attacks require wiretapping and traffic
manipulation capabilities.
I'd be interested if you could expand on this - do you mean a
connection to the victim's LAN is necessary ?
LAN or WAN. Actually, access to any transmission link suffices.
I'd
Tim Peeler [EMAIL PROTECTED] writes:
I've done some research and have seen reports on several kits
available to exploit the SSH1 protocol.
Can you send me a few links? I can only remember attacks which
required (a) eavesdropping, (b) huge amounts of traffic (you would
have noticed it), (c) or
On Tue, Jun 17, 2003 at 09:45:28PM +0200, Florian Weimer wrote:
Tim Peeler [EMAIL PROTECTED] writes:
I've done some research and have seen reports on several kits
available to exploit the SSH1 protocol.
Can you send me a few links? I can only remember attacks which
required (a)
Hallo,
ist zwar schon einen moment her, aber hier die Antwort auf
Deine Frage.
Ja!
Du kannst hier im Internet Geld verdienen ohne was für zahlen
zu müssen. Die beiden einfachste Möglichkeit.
Melde Dich bei http://www.klamm.de/?id=40705 an.
Klamm ist eine Startseite. Hier bekommst du für
Tim Peeler [EMAIL PROTECTED] writes:
As we have yet to see any indication that this is related to the crc32
compensation detector yet, I'm finding it more and more difficult
to believe that this was truely the problem.
Yes, indeed. This particular problem has been fixed, but there are
Is there a app , another than linuxbsm, within Linux that can get the level of
security auditing down to a very granular level, equivalent to the BSM
auditing in Solaris?
i.e. logging security policy changes, file deletions, etc
linuxbsm is very old, and I did not discover if it has support for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, 16 Jun 2003, John Holroyd wrote:
On Mon, 2003-06-16 at 15:26, Omaha Steaks wrote:
Dear Friend,
snips silliness
Seriously,
Does Debian have much success in forcing these spammers to pay the
fin fees mentioned on the mailing list pages?
On Tue, 17 Jun 2003 21:34:32 +0200, Florian Weimer wrote:
Nick Boyce [EMAIL PROTECTED] writes:
These attacks require wiretapping and traffic
manipulation capabilities.
I'd be interested if you could expand on this - do you mean a
connection to the victim's LAN is necessary ?
LAN or WAN.
23 matches
Mail list logo