On Thursday, 2003-12-04 at 01:46:43 +0100, Bernd Eckenfels wrote:
In article [EMAIL PROTECTED] you wrote:
Nah, just look at /proc/cpuinfo, /proc/pci (or use lspci), dmesg, etc
It's almost all there for you. Not like the old days...
lshw is fine for collecting the above information. If you
On Thursday, 2003-12-04 at 07:47:53 +0100, Matthias Faulstich wrote:
Having the kernel-souces, knowledge about make-kpkg and a propper
working .config for a previously kernel is one thing, but having a debian
patched kernel (or kernel-sources) is a second.
E.g. cramfs for initrd still
- Original Message -
From: Ruben Porras [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, December 05, 2003 12:21 AM
Subject: Re: extrange passwd behaviour
El jue, 04-12-2003 a las 22:05, Kevin escribi:
I've discovered that login, sudo, gdm only take care of the first 8
Hi,
I am going to install a few new debian servers, but I worry about the
integratity of the packages because of the incident of compromised debian
servers some days ago.
Can anybody confirm me if these servers are clean now?
Thank you
Mo
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a
They are clean.
On Fri, 05 Dec 2003, Mo Zhen Guang wrote:
Hi,
I am going to install a few new debian servers, but I worry about the
integratity of the packages because of the incident of compromised debian
servers some days ago.
Can anybody confirm me if these servers are clean now?
On Friday 05 December 2003 08:22, Mo Zhen Guang wrote:
Hi,
I am going to install a few new debian servers, but I worry about the
integratity of the packages because of the incident of compromised debian
servers some days ago.
Can anybody confirm me if these servers are clean now?
The
On Thursday 04 December 2003 18:48, Eric D Nielsen wrote:
I'm a little confused as to how/when I should upgrade my kernel. I'm not
subscribed to this list a present, so please include me in the cc.
OK. I'm a rather new user myself, but to ease the workload on the security
team, who allready
On Fri, Dec 05, 2003 at 08:08:46AM +0100, Lupe Christoph wrote:
BUT! Does anybody have a patch for the do_brk vuln on any kernel-source
package = 2.4.20 as they are currently in the archives? I would like to
build a new kernel with the vuln patched ASAP, rather than wait for the
upload to
Quoting Thomas Sjögren [EMAIL PROTECTED]:
On Fri, Dec 05, 2003 at 08:08:46AM +0100, Lupe Christoph wrote:
BUT! Does anybody have a patch for the do_brk vuln on any kernel-source
package = 2.4.20 as they are currently in the archives? I would like to
build a new kernel with the vuln patched
On Fri, 5 Dec 2003, Thomas [iso-8859-1] Sjögren wrote:
On Fri, Dec 05, 2003 at 08:08:46AM +0100, Lupe Christoph wrote:
BUT! Does anybody have a patch for the do_brk vuln on any kernel-source
package = 2.4.20 as they are currently in the archives? I would like to
build a new kernel with
Philipp Schulte wrote:
How do I find out which patches exactly are compiled in the Debian
kernel source?
Just in case anybody else wonders:
I asked Herbert Xu and he told me about the README.Debian which is
included in the kernel-source-packages.
--
To UNSUBSCRIBE, email to [EMAIL
Quoting Bernd Eckenfels [EMAIL PROTECTED]:
In article [EMAIL PROTECTED] you wrote:
I've discovered that login, sudo, gdm only take care of the first 8
characters of the passwd.
Dont know why and for which debian versions it is default, I have some mixed
ones.
Why? Because it uses DES and
Adam ENDRODI wrote:
Just a humble question: how the average user who doesn't use the
kernel sources provided by Debian and cannot follow lk should have
known about the bug? The changelog read ``Add TASK_SIZE check to
do_brk()'', there's no indication that it's a security fix.
I'm really
Marcel Weber wrote:
I want to correct myself: CAN-2003-0961 dates from the 26th November
2003, as far I could see on the CVE.org site. This means that unless
every discovered bug would be fixed, this incident could not have been
avoided. This is of course not realistic.
You can't infer
Hello,
I have built a chroot environment for ssh with makejail. I have had no
problem to do that, i can log into the chroot environment. It works very
well. :)
Now i would like to use the GNU/Linux kernel with grsecurity patch. I
have compiled and installed this kernel but when i want to log
In article [EMAIL PROTECTED] you wrote:
Dont know why and for which debian versions it is default, I have some mixed
ones.
Why? Because it uses DES and DES uses 56 bit keys. Eight 7 bit chars
give you exactly 56 bits...
*lol*
i was talking about i dont know why it is default to use
Arnaud Fontaine wrote:
Now i would like to use the GNU/Linux kernel with grsecurity patch. I
have compiled and installed this kernel but when i want to log into the
system via ssh (the service start also), i have the following error due
to grsecurity:
grsec: denied attempt to double chroot
I see repeated attempts to connect to my public rsync Debian server:
Dec 6 00:20:01 rsync connection attempt from 217.21.40.1
(217.21.40.1:29558-x.x.x.x:873)
rsync and kernel are patched, but I wonder if there is anything
one can do to identify/catch/??? a potential intruder.
-Igor
--
To
On Sat, Dec 06, 2003 at 12:25:09AM +0100, Igor Mozetic wrote:
I see repeated attempts to connect to my public rsync Debian server:
Dec 6 00:20:01 rsync connection attempt from 217.21.40.1
(217.21.40.1:29558-x.x.x.x:873)
rsync and kernel are patched, but I wonder if there is anything
one can
As part of a lockdown system I'm interested in setting up a system
which will only allow the execution of signed binaries.
There are a couple of different implementations of this I've seen
the most promising and up to date appears to be 'digsig'[0].
Has anybody used anything similar, or
- Original Message -
From: Eric D Nielsen [EMAIL PROTECTED]
To: debian-security@lists.debian.org
Sent: Thursday, December 04, 2003 7:48 PM
Subject: Upgrading Kernels...
I'm a little confused as to how/when I should upgrade my kernel. I'm not
subscribed to this list a present, so
On Thursday, 2003-12-04 at 07:47:53 +0100, Matthias Faulstich wrote:
Having the kernel-souces, knowledge about make-kpkg and a propper
working .config for a previously kernel is one thing, but having a debian
patched kernel (or kernel-sources) is a second.
E.g. cramfs for initrd still
On Thursday, 2003-12-04 at 01:46:43 +0100, Bernd Eckenfels wrote:
In article [EMAIL PROTECTED] you wrote:
Nah, just look at /proc/cpuinfo, /proc/pci (or use lspci), dmesg, etc
It's almost all there for you. Not like the old days...
lshw is fine for collecting the above information. If you
- Original Message -
From: Ruben Porras [EMAIL PROTECTED]
To: debian-security@lists.debian.org
Sent: Friday, December 05, 2003 12:21 AM
Subject: Re: extrange passwd behaviour
El jue, 04-12-2003 a las 22:05, Kevin escribió:
I've discovered that login, sudo, gdm only take care of the
Hi,
I am going to install a few new debian servers, but I worry about the
integratity of the packages because of the incident of compromised debian
servers some days ago.
Can anybody confirm me if these servers are clean now?
Thank you
Mo
They are clean.
On Fri, 05 Dec 2003, Mo Zhen Guang wrote:
Hi,
I am going to install a few new debian servers, but I worry about the
integratity of the packages because of the incident of compromised debian
servers some days ago.
Can anybody confirm me if these servers are clean now?
On Friday 05 December 2003 08:22, Mo Zhen Guang wrote:
Hi,
I am going to install a few new debian servers, but I worry about the
integratity of the packages because of the incident of compromised debian
servers some days ago.
Can anybody confirm me if these servers are clean now?
The
On Thursday 04 December 2003 18:48, Eric D Nielsen wrote:
I'm a little confused as to how/when I should upgrade my kernel. I'm not
subscribed to this list a present, so please include me in the cc.
OK. I'm a rather new user myself, but to ease the workload on the security
team, who allready
On Fri, Dec 05, 2003 at 08:08:46AM +0100, Lupe Christoph wrote:
BUT! Does anybody have a patch for the do_brk vuln on any kernel-source
package = 2.4.20 as they are currently in the archives? I would like to
build a new kernel with the vuln patched ASAP, rather than wait for the
upload to
Marcel Weber wrote:
I want to correct myself: CAN-2003-0961 dates from the 26th November
2003, as far I could see on the CVE.org site. This means that unless
every discovered bug would be fixed, this incident could not have been
avoided. This is of course not realistic.
You can't infer
Hello,
I have built a chroot environment for ssh with makejail. I have had no
problem to do that, i can log into the chroot environment. It works very
well. :)
Now i would like to use the GNU/Linux kernel with grsecurity patch. I
have compiled and installed this kernel but when i want to log
Arnaud Fontaine wrote:
Now i would like to use the GNU/Linux kernel with grsecurity patch. I
have compiled and installed this kernel but when i want to log into the
system via ssh (the service start also), i have the following error due
to grsecurity:
grsec: denied attempt to double chroot
Adam ENDRODI wrote:
Just a humble question: how the average user who doesn't use the
kernel sources provided by Debian and cannot follow lk should have
known about the bug? The changelog read ``Add TASK_SIZE check to
do_brk()'', there's no indication that it's a security fix.
I'm really
In article [EMAIL PROTECTED] you wrote:
Dont know why and for which debian versions it is default, I have some mixed
ones.
Why? Because it uses DES and DES uses 56 bit keys. Eight 7 bit chars
give you exactly 56 bits...
*lol*
i was talking about i dont know why it is default to use
I see repeated attempts to connect to my public rsync Debian server:
Dec 6 00:20:01 rsync connection attempt from 217.21.40.1
(217.21.40.1:29558-x.x.x.x:873)
rsync and kernel are patched, but I wonder if there is anything
one can do to identify/catch/??? a potential intruder.
-Igor
As part of a lockdown system I'm interested in setting up a system
which will only allow the execution of signed binaries.
There are a couple of different implementations of this I've seen
the most promising and up to date appears to be 'digsig'[0].
Has anybody used anything similar, or
On Sat, Dec 06, 2003 at 12:25:09AM +0100, Igor Mozetic wrote:
I see repeated attempts to connect to my public rsync Debian server:
Dec 6 00:20:01 rsync connection attempt from 217.21.40.1
(217.21.40.1:29558-x.x.x.x:873)
rsync and kernel are patched, but I wonder if there is anything
one can
37 matches
Mail list logo
