Re: Spyware / Adware

On 1 Sep 2004, s. keeling wrote: Incoming from Daniel Pittman: *Most* mail clients under Unix are better written than to do that, but Even mutt (a terrific MUA) _can be told_ to automatically handle MIME types for you, if you want. It just depends what's in your /.mailcap, and that can

Re: [OT] Collective memory query

documentation it stated that using '\0' as an input separator would also tell it to pass at most one argument to the command. Perhaps this has changed in the intervening years, since I didn't check that recently. Regards, Daniel -- The truth knocks on the door and you say, 'Go away, I'm

Re: telnetd vulnerability from BUGTRAQ

, since that is not part of the specification or the standard implementations. Unless you run an SSL-enhanced or Kerberos FTP client and server, within the same realm, there is no encryption involved in FTP. Daniel -- A man can no more diminish God's glory by refusing to worship Him than

Re: telnetd vulnerability from BUGTRAQ

include encryption, or that encryption is a standard part of FTP. That said, I was partially wrong - there is broader support for TLS in FTP than I was aware of, reviewing the set of implementations listed with that draft. Regards, Daniel -- It is preoccupation with possessions, more than

Re: repeated requests for a file favicon.ico

; Konqueror/2.2.2; Linux). ...and Konqueror, so also Safari, which covers pretty much everything browsing the web today. :) [...] it's a little bit offtopic, but I found nothing about it on cert.org Yeah. Just ignore it. :) Daniel -- You must have the devil in you to succeed in any

Re: Security issue? Daemon users has to much rights...

this imposed by fiat on the Debian project, especially at this late stage, since it would be a huge level of work. Regards, Daniel -- We live in a moment of history where change is so speeded up that we begin to see the present only when it is already disappearing. -- R.D. Laing

Re: Security issue? Daemon users has to much rights...

On 23 Oct 2004, Jan Lhr wrote: Am Freitag, 22. Oktober 2004 14:02 schrieb Daniel Pittman: On 22 Oct 2004, Jan Lhr wrote: because of the recent xpdf issues I tested the access restrictions of some users like lp, mail, etc. with default settings in sarge. I noticed that, by default, no acl were

Re: apt source archive for security updates?

On Fri, Dec 31, 2004 at 07:37:18PM +0100, Arthur de Jong wrote: Why is it that I can't add this to my sources.list: deb-src http://security.debian.org/debain-security stable updates/main updates/contrib updates/non-free Looks like pebkac: ^^ Never mind, Daniel

Re: using sarge on production machines

in productive environments. (without changing the distro) I hope my suggestions help. :) Daniel -- It could be that the real universe...is perhaps what has been started by some disastrous experiment performed some twenty billion years ago by a post-graduate student in order to test the structure

Re: hi

, it is a statement of fact. We can't help you unless you tell us more about your problem. What are you trying to do, what is reporting the error, and how did you configure security on the machine? Daniel -- Chaos often breeds life, when order breeds habit. -- Henry Adams -- To UNSUBSCRIBE

Re: My machine was hacked - possibly via sshd?

available. Friends don't let friends try to use pinning and mixed stable/unstable. Daniel Footnotes: [1] Postfix 2.*, Amavisd-new and ClamAV current, for me. -- Every old idea will be proposed again with a different name and a different presentation, regardless of whether it works

Re: On the security of e-mails

mailing lists. Daniel TaylorEmbedded and custom Linux integration. [EMAIL PROTECTED] (612)747-1609 On Thu, 25 May 2000, Sergio Brandano wrote: I would like to raise the problem of the security of electronic mail. The problem popped into my mind a while ago, while

Re: Unknown open ports

Try netstat -p, it'll tell you which process is on each port. Daniel TaylorEmbedded and custom Linux integration. [EMAIL PROTECTED] (612)747-1609 On Tue, 6 Jun 2000, Ron Rademaker wrote: I've just run a portscan to my computer that is connected to the internet

Re: SECURITY PROBLEM: autofs [all versions]

behavior and likely to bring unwanted attention.. Daniel -- /- Daniel Burrows [EMAIL PROTECTED] -\ | If you're reading|Wisdom is one of the few things | |this, you have too|that looks bigger the farther away

Re: Is Open Source software really more secure?

/\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux Developer__Carnegie Mellon University | | [EMAIL PROTECTED] | | [EMAIL PROTECTED] | \/ \/

Re: su vulnerability

over half a dozen half-written advisories. They will be going out soon. I posted on bugtraq that the vulnerability had been fixed in debian, informally, I believe. Dan /\ /\ | Daniel Jacobowitz|__|SCS Class

Re: funny rpc.statd events

PROTECTED] Dan /\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux Developer__Carnegie Mellon University | | [EMAIL PROTECTED] | | [EMAIL PROTECTED] | \/ \/

Re: file ownership in liblockfile1 1.01 (sparc)

/\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux Developer__Carnegie Mellon University | | [EMAIL PROTECTED] | | [EMAIL PROTECTED] | \/ \/

Re: file ownership in liblockfile1 1.01 (sparc)

On Wed, Oct 11, 2000 at 08:01:57AM -0700, andy wrote: On Wed, 11 Oct 2000, Daniel Jacobowitz wrote: On Wed, Oct 11, 2000 at 07:18:23AM -0700, andy wrote: just ran tiger on a fresh debian (2.2) install, and received the following warnings: # Performing check of PATH components

Re: what is on port 13223

trojan. Maybe a sub7 variant? There's a trojan list on the web somewhere. Dan /\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux Developer__Carnegie Mellon University

Re: php3 security update breaks imp webmailer

know about it, and hopefully. 3.0.18 will be out soon. Yep, so I've gathered. I'll do a new security upload when this happens. Dan /\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux

Re: security.debian.org mirrors?

)? I believe it is a matter of trust and of instant distribution; we can provide uploads to everyone using the security site in a very limited amount of time. Dan /\ /\ | Daniel Jacobowitz|__|SCS Class of 2002

Re: security.debian.org mirrors?

, and there will occasionally be things available there before in unstable. But fixes also tend to go straight into unstable. Dan /\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux Developer

Re: vixie cron... (fwd)

this is not exploitable since /var/spool/cron/crontabs is mode 700. still should be fixed though. Wrong again :) In most clean Debian installs it is not mode 0700. There will be a security advisory shortly. Dan /\ /\ | Daniel

Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability

. Dan /\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux Developer__Carnegie Mellon University | | [EMAIL PROTECTED] | | [EMAIL PROTECTED] | \/ \/

Re: task-unstable-security-updates?

/\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux Developer__Carnegie Mellon University | | [EMAIL PROTECTED] | | [EMAIL PROTECTED] | \/ \/

Re: task-unstable-security-updates?

/\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux Developer__Carnegie Mellon University | | [EMAIL PROTECTED] | | [EMAIL PROTECTED] | \/ \/

Re: Problems with root on network clients

/\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux Developer__Carnegie Mellon University | | [EMAIL PROTECTED] | | [EMAIL PROTECTED] | \/ \/

Re: Debian audititing tool?

On Tue, Dec 26, 2000 at 09:27:53PM +0200, Pavel Minev Penev wrote: On Tue, Dec 26, 2000 at 05:27:07PM +0300, [EMAIL PROTECTED] wrote: Of course plain md5 hashes are not very helpful. But we can keep MAC[1] for binaries. Tampering with MAC database is useless. ... [1] Message

Re: Debian audititing tool?

On Tue, Dec 26, 2000 at 10:52:47PM +0100, Christian Kurz wrote: On 00-12-26 Peter Cordes wrote: have produced collisions in MD5. This is a Bad Thing for MD5, but it isn't a real break against MD5. It means that you can find two messages that hash to the same value. To do so, you _have_

Re: rpc.statd attack?

/\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux Developer__Carnegie Mellon University | | [EMAIL PROTECTED] | | [EMAIL PROTECTED] | \/ \/

Re: Disappointment in security handling in Debian

me that this was a bug in the automatic regeneration of the web pages; it should be fixed. Dan /\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux Developer__Carnegie Mellon

Re: How to use apt to install security updates ?

any more... Dan /\ /\ | Daniel Jacobowitz|__|SCS Class of 2002 | | Debian GNU/Linux Developer__Carnegie Mellon University | | [EMAIL PROTECTED] | | [EMAIL PROTECTED] | \/ \/

Re: Food for thought - SECURITY (design flaw?)

. Security fixes go into unstable and trickle into testing. The principal, I think, is that we can throttle the packages being allowed into testing for an easier release cycle. Dan /\ /\ | Daniel Jacobowitz|__|SCS

Re: secure install

You know, Ghost 2001 supports the ext2 partition on certain versions of Linux. It doesn't officially support Debian Linux, but I've cloned my Debian laptop and my Debian desktop many times. From: Thor [EMAIL PROTECTED] To: Zak Kipling [EMAIL PROTECTED], [EMAIL PROTECTED] CC:

Re: secure install

When you clone mirrors you usually have to take some steps. Typically, depending on your mirror, you need to break the mirror and clone each side seperately. Someone told me this was because of drive signing or some other thing, but I'm not sure if that's the truth. From: Carel Fellinger

Re: Debian or Linux 7???

How exactly did you get hacked? Did you leave security wholes large enough for a bus to drive through open? Open your inetd.conf file and # out everything! The only thing you need open is port 22. Others will disagree, but depending on what you server is used for, this should be your first

Re: Benign crackers?

(CET) -BEGIN PGP SIGNED MESSAGE- On Tue, 20 Feb 2001, Steve Rudd wrote: Daniel Stark asked: At 01:53 PM 2/20/01 -0800, you wrote: How exactly did you get hacked? Did you leave security wholes large enough for a bus to drive through open? Open your inetd.conf file and # out

Re: Anti Virus for Debian

Speaking of Windows and *.vbs attacks. What you should really do is disable the scripting host on all of your Windows machines. For those of you who don't know, you can just rename wscript.exe jscript.exe and cscript.exe. There's a good chance you'll only have one of them. From: Bradley

Re: how secure is mail and ftp and netscape/IE???

Yes, you should be concerned. Now-a-days most people are using SSH for all communication. It's really the way to go for remote access. Take a look at openssh.com for some more information. Plus it's free, and we like free. ;) From: Steve Rudd [EMAIL PROTECTED] To:

Re: how secure is mail and ftp and netscape/IE???

I ssh from my Windows 2000 machine at work to my Debian machine at home. You just need the proper client. There are free ones out there for Windows. From: Adam Spickler [EMAIL PROTECTED] To: debian-security@lists.debian.org Subject: Re: how secure is mail and ftp and netscape/IE??? Date:

Re: Bug#88055: security hole in joe

a command line option to choose an rc file? If so, I'd have no qualms about killing this behavior. -- Daniel Jacobowitz Debian GNU/Linux Developer Monta Vista Software Debian Security Team

Re: Disappointment in security handling in Debian

is the only thing to slip through the cracks that way in a year. We're often behind with fixes in general, but when we post a fix the advisory generally goes out the same day! Dan /\ /\ | Daniel Jacobowitz|__|SCS Class

Re: Applications using Linux capabilities

fairly sure there's a lot more - you can access them through PAM somehow, I think... -- Daniel Jacobowitz Debian GNU/Linux Developer Monta Vista Software Debian Security Team I am croutons!

Re: rpc.statd

. Is rpc still vulnerable? Is there a Nope, you're safe if you saw the % signs in your logs. way to track down who connected to rpc.statd? Run a tcp logger, like ippl. -- Daniel Jacobowitz Debian GNU/Linux Developer Monta Vista Software

Re: setting up sudo for tail

. -- Daniel Jacobowitz Debian GNU/Linux Developer Monta Vista Software Debian Security Team I am croutons!

port 812

Hi, I did a nmap scan (nmap -sT hostname) and found several ports open. The only one I could not identify was 812. It was not listed in /etc/services and I could not find it in http://www.securityportal.com/firewalls/ports/ Is this anything I should be worried about ? Daniel

Re: Security in a shell that starts ssh

On Wed, Jun 13, 2001 at 10:57:08AM -0500, Steve Greenland wrote: Tim, good fixups, a few C coding/style nitpicks: On 12-Jun-01, 17:57 (CDT), Tim van Erven [EMAIL PROTECTED] wrote: #include stdio.h #include unistd.h /* For execlp */ #include stdlib.h /* For exit */ int main() int

Re: Security in a shell that starts ssh

On Wed, Jun 13, 2001 at 02:02:10PM -0500, Steve Greenland wrote: [snip] I'd still argue that exit(_macro_) is better style than return from main(), but I'm hard pressed to find a technical argument. There's subtle difference between returning from main and calling exit. Excelent explanation

Re: Security in a shell that starts ssh

On Wed, Jun 13, 2001 at 04:10:27PM -0500, Steve Greenland wrote: On 13-Jun-01, 13:47 (CDT), Tim van Erven [EMAIL PROTECTED] wrote: On Wed, Jun 13, 2001 at 10:57:08AM -0500, Steve Greenland wrote: int main() int main(void) /* () != (void) in C */ The comp.lang.c faq

Re: Security in a shell that starts ssh

On Wed, Jun 13, 2001 at 11:34:28PM +0200, Tim van Erven wrote: [snip] Possible access to unallocated memory if \0\n supplied as input. Only if strlen(name) = 0 and besides from being hard to achieve when entering data on stdin, fgets will return 0 if that happens. But not if

Proxy arp or bridge ?

? Any hints apprechiated. Daniel _ Daniel Faller Fakultaet fuer Physik Abt. Honerkamp Albert-Ludwigs-Universitaet Freiburg Tel.: 0761-203-5875 Fax.: 0761-203-5967 e-mail: [EMAIL PROTECTED] URL:http://webber.physik.uni-freiburg.de/~fallerd

Re: Proxy arp or bridge ?

On Monday 02 July 2001 18:25, you wrote: ipmasquerading? No, they have public ip's and I would like to keep this setting. The clients config should not change at all. Daniel _ Daniel Faller Fakultaet fuer Physik Abt. Honerkamp Albert-Ludwigs

Re: shared root account

files. Hmm, shouldn't some PAM-aware passwd implementation be able to do this? -- Daniel Jacobowitz Carnegie Mellon University MontaVista Software Debian GNU/Linux Developer

Re: Port 6000/X11 Won't Close!

?! - Thank you! Try running X -nolisten tcp. HTH, Daniel

rpc.statd being attacked?

just shut down the rpc.statd daemon, but I was wondering if this is a known attack. -- Daniel Schepler Please don't disillusion me. I [EMAIL PROTECTED]haven't had breakfast yet. -- Orson Scott Card

Re: rpc.statd being attacked?

On Tue, Aug 21, 2001 at 01:28:24PM -0700, Daniel Schepler wrote: I've gotten logs several times that read something like Aug 20 19:20:24 adsl-63-193-247-253 rpc.statd[330]: gethostbyname error for ^X F7FFBF^XF7FFBF^YF7FFBF^YF7FFBF^ZF7FFBF^ZF7FF BF^[F7FFBF^[F7FFBF%8x%8x%8x%8x%8x%8x%8x%8x%8x

Re: apt sources.list

with security updates, or track unstable daily and hope maintainers are responsive. We try to see that woody is in coherent shape just before release, but we can't supply fixes for it on any more urgent basis. It moves too fast. -- Daniel Jacobowitz Carnegie Mellon

[no subject]

unsubscribe [EMAIL PROTECTED]

Re: nmap ...

-BEGIN PGP SIGNED MESSAGE- Hash: MD5 well,first you gotta chill..: do you have a lan there? is your debian a gateway/router for the lan? maybe you use a masquerade for some of those computers.. there can be an aplication in windows that connects through that port to the internet. so like

Re[2]: Port Scan for UDP

-BEGIN PGP SIGNED MESSAGE- Hash: MD5 also netstat -n -p -t --listening | grep :PORT VD Hi, VD On Sat, Oct 20, 2001 at 09:22:57PM -0700, VD tony mancill [EMAIL PROTECTED] wrote: On Sat, 20 Oct 2001, Marc Wilson wrote: Adding or removing lines in /etc/services doesn't open or close

Debian GNU/Linux 2.2r3 vulnerabilities ?

-BEGIN PGP SIGNED MESSAGE- Hash: MD5 Heya, I run a potato at home and i will set the computer at work with potato as well.Since that will be a 24h internet connected pc,i am wondering what are the 2.2 release 3 vulnerabilities for the sistem installed from the cds without any online

Re: Just a test sorry

Hans wrote: i did not get a massage for a while. I'm very sorry to hear that. As a matter of fact, neither did I. But are you sure this is appropriate content for this list? :) -- Daniel

What this means in my logs?

Heya,i got those lines often lately..Can anyone explain me every little part of it? If you can drop an url link too,it would be great.. Thank you. Nov 30 16:16:28 brutus-gw kernel: Packet log: input DENY eth1 PROTO=6 210.86.20.213:1621 194.102.92.21:6000 L=48 S=0x00 I=52039 F=0x4000 T=102 SYN

Rãspuns: finding hidden processes

-Mesaj original- De la: Tarjei Huse [mailto:[EMAIL PROTECTED] Trimis: Monday, December 03, 2001 9:15 AM Catre: debian-security@lists.debian.org Cc: debian-security@lists.debian.org Subiect: finding hidden processes Hi If I run chkproc from the chkrootid package I get: You have 3

Rãspuns: Rãspuns: finding hidden processes

/%snsole Obsolete W option not supported. (You have a /dev/drum?) Any comments? Does this look ok? Tarjei Petre Daniel wrote: -Mesaj original- De la: Tarjei Huse [mailto:[EMAIL PROTECTED] Trimis: Monday, December 03, 2001 9:15 AM Catre: debian-security@lists.debian.org Cc: debian

Rãspuns: per IP billing

what about ip accounting? Petre L. Daniel Linux Administrator,Canad Systems Pitesti http://www.cyber.ro email:[EMAIL PROTECTED] phone: +4048220044,+4048206200 -Mesaj original- De la: Yotam Rubin [mailto:[EMAIL PROTECTED] Trimis: Tuesday, December 04, 2001 1:51 AM Catre: Debian

Răspuns: How do I disable (close) ports?

ipchains with something like /sbin/ipchains -s 0/0 -d MY_MACHINE_IP 111 -p tcp -j DENY -l cya Petre L. Daniel Linux Administrator,Canad Systems Pitesti http://www.cyber.ro email:[EMAIL PROTECTED] phone: +4048220044,+4048206200 - -Mesaj original- De la: J. Paul Bruns-Bielkowicz [mailto:[EMAIL

Exim mail

How do I stop this from happening. Apparently my bud telented to port 25 and somehow sent mail from my root account. Any suggestions, white papers or links? Id would like to block the telnet application all together, but I dont think thats possible. Thanks in advance, Daniel im a newbie so

Re: Exim mail

dis be! foo! hehehe later.. - Original Message - From: Jamie Heilman [EMAIL PROTECTED] To: Daniel Rychlik [EMAIL PROTECTED] Cc: debian-security@lists.debian.org Sent: Friday, December 14, 2001 6:33 PM Subject: Re: Exim mail Daniel Rychlik wrote: How do I stop this from happening

Re: Exim mail

- Original Message - From: Thomas Hallaran [EMAIL PROTECTED] To: Daniel Rychlik [EMAIL PROTECTED] Cc: debian-security@lists.debian.org Sent: Friday, December 14, 2001 6:53 PM Subject: Re: Exim mail spoofing mail: telnet to port 25 on machine you want to spoof through. 1.Type

Re: Exim mail

- Original Message - From: Brian P. Flaherty [EMAIL PROTECTED] To: debian-security@lists.debian.org Sent: Saturday, December 15, 2001 8:41 AM Subject: Re: Exim mail Daniel Rychlik [EMAIL PROTECTED] writes: How do I stop this from happening. Apparently my bud telented to port 25

Re: Problem with IPTables

- Original Message - From: Bender, Jeff [EMAIL PROTECTED] To: debian-security@lists.debian.org Sent: Monday, December 17, 2001 12:08 PM Subject: Problem with IPTables I am having troubles with IPTables. My rules are having troubles with handling -m state --state ESTABLISHED options.

/etc/passwd ?

I was wandering if I edited my /etc/passwd file and replaced all the /bin/sh to /bin/false , will that break anything? What Im seeing is accounts like lp, games, uucp, proxy, postgres, and a slew of others that I dont use. Thanks in advance Debian Guruz! Daniel

Re: /etc/passwd ?

most of them are relics of software that you probably dont need,but be carefully what account you erase. better comment them out.you can put a /etc/NOSHELL instead of /bin/sh or even /bin/false and they won't be able to login into the machine no more.. At 06:24 PM 12/27/01 -0600, Daniel

Securing bind..

clients and also keeps some .ro domains) please post it to the list.. both ipchains and iptables variants are welcome.. thank you. Petre L. Daniel,System Administrator Canad Systems Pitesti Romania, http://www.cyber.ro, email:[EMAIL PROTECTED] Tel:+4048220044, +4048206200

Re: Securing bind..

any domains to server to the outside world, you just list the intranet (NAT) interface in here. forward only means that you will forward all request (and work ;]) to the dns servers listed in forwarders. -- BOFH excuse #57: Groundskeepers stole the root password Petre L. Daniel,System

Re: faq? rpc.statd: gethostbyname error for

On Mon, Dec 31, 2001 at 09:11:41PM +0100, David Gestel wrote: What is this? I don't think anyone got in though, everything seems to be fine. I'm running woody and rpc.statd version 0.3.3 Yep. The fact that it was logged in this particular case means you're fine. -- Daniel Jacobowitz

A Happy New Year From Romania to all of you!

Petre L. Daniel,System Administrator Canad Systems Pitesti Romania, http://www.cyber.ro, email:[EMAIL PROTECTED] Tel:+4048220044, +4048206200

[security] What's being done?

to note that Debian, a distro with ~850 developers and a dedicated security team, is behind Slackware on security issues. d -- Daniel Stone[EMAIL PROTECTED] WARNING: The consumption of alcohol may make you think you have mystical Kung Fu

Re: Debian security being trashed in Linux Today comments

. Of course, if you're using unstable, fixes tend to appear quickly, but : - tend to is not acceptable when security is concerned - it may take a lot more time depending on your local mirror -- Daniel

Re: Don't panic (ssh)

, it's that you have to disallow v1. A recent daemon allowing ssh1 connections is vulnerable. -- Daniel

Re: ssh keyscanning!?

. The first DHCP request from a freshly booted machine doesn't carry a local IP address (but either 0.0.0.0 or random crap). So make sure you don't filter by IP address, but by interface at most. Daniel.

Re: Webserver questions: using samba, avoiding cleartext passwords, co-existing with Windows

to go for ftp w/ ssl, but (since I don't have any windows clients, so can generally just use sftp/scp for my needs) I don't have first-hand knowledge of this approach. Take care, Daniel I greatly appreciate any advice. Tom Dominico District Technology Coordinator Parlier Unified School

Re: Re: Help

about the agreement!, and mention specifially about students being disallowed, not just the normal default messages, because then it shows that the system has been setup/configured not just installed and left. Daniel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe

Re: possible hole in mozilla et al

q -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

strange log.

Hello , I've got 750k of this log daily May 15 03:40:01 sm-msp-queue[16123]: STARTTLS=client, error: load verify locs /etc/ssl/certs/, /etc/mail/ssl/sendmail-server.crt failed: 0 May 15 03:40:01 sm-msp-queue[16123]: STARTTLS=client, error: load verify locs /etc/ssl/certs/,

Re: subscribe

makes a change not to have the un at the begining. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: chkrootkit-0.31 and possible bug?

hidden for readdir command\n, retdir); if (retps) printf(You have % 5d process hidden for ps command\n, retps); return (retps+retps); } Regards, Daniel. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

iptables, Kerberos and openafs.

Hi. I'm a complete novice when it comes to iptables, so I'm wondering if someone has a iptables-script which allows Kerberos, afs, ssh and ping. (it should of course disallow everything else...) /Daniel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe

Re: [Forward: CERT Advisory CA-2002-21 Vulnerability in PHP]

As stated in the Appendix A of the full advisory, Debian stable and testing are not vulnerable. This is because they are still using PHP 4.1.x (the exploit only affects PHP 4.2.0 and 4.2.1). Debian unstable (i.e. sid) is vulnerable, as it uses PHP 4.2.1, and from what I can see as of this

Re: Security Stats

is available it would be VERY useful Thanks, -- Phil Take care, Daniel -- Daniel A. Freedman Laboratory for Atomic and Solid State Physics Department of Physics Cornell University -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

unsubscribe

Daniel Poças [EMAIL PROTECTED] A box without hinges, key, or lid, Yet golden treasure inside is hid. -- J.R. Tolkien -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: apt-get update connection problem

for you as well: deb http://security.debian.org/ stable/updates main contrib non-free Hopefully, others on this list can comment as to why this is so, and as to whether security.debian.org plans to allow ftp 'apt-get' upgrades. HTH, and take care, Daniel -- Daniel A. Freedman Laboratory

Kerberos...

. The thing is that I don't want to be too dependant of the Novell-servers. /Daniel

PGP

G jq q

PGP

to automatically sign her email messages as they leave the mailbox. Ive read the documentation Phillip Zimmerman, but it doesnt really have any info on setting up pgp keys for mail clients. Any information would be great! Daniel J. Rychlik http://daniel.rychlik.ws -BEGIN PGP SIGNATURE

PGP

-BEGIN PGP SIGNED MESSAGE- Dear Sirs, In pgp, how do I upload my public key to a key server? Ive read the documentation on it and I cannot seem to find a way to do it. Thanks Daniel J. Rychlik -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBPU6

Re: PGP

must have missed that one.

Re: Using PAM with SFS

with libsfscrypt happens at configure time: the lib is there but configure can't seem to find it: Apply the attached patch and run autogen.sh (automake and autoconf need to be installed for this step). Works for me. Regards, Daniel. ---[snip]--- --- configure.in.orig 2001-06-19 19:30:18.0

<    1   2   3   4   5   >