[ This is the conclusion of a discussion about fwtk on RH6, and problems
compiling. It seems the compat-glibc-5.2-2.0.7.1 package is required, as
well as updating the AUXLIB define in the stock Makefile.config:
AUXLIB=-lndbm -lcrypt
Would you mind adding this to the FWTK FAQ? ]
cc -I.. -g
On Mon, 4 Oct 1999, Dave Wreski wrote:
[ This is the conclusion of a discussion about fwtk on RH6, and problems
compiling. It seems the compat-glibc-5.2-2.0.7.1 package is required, as
well as updating the AUXLIB define in the stock Makefile.config:
db1/ndbm.h, seems a better idea than the
Hello all
I know maybe this is not the correct place for me to ask this but I could
get any proper help from anywhere and for this reason I had to post it
here. Any body has any suggestions or links can mail me back.
I am facing some problem while installing the antivirus in our RH 5.0 mail
On a Cisco router "out" means packets being sent on that interface are
subject to the filter. "in" means packets received on
the interface are subject to the filter.
The filter only applies in the direction it is configured for ( out or in).
It is possible to filter in both directions by
On the GNAC firewall list [EMAIL PROTECTED] wrote:
Let´s suppose you have a public subnet of 30 bits, since the pix needs one IP
for the outside interface and another one for the router, a 30 bit network is
not enough to make it run, am I right? Becouse the PIX ALSO needs at least 1
more ip for
I also had the same problem with RH6 and FWTK 2.1. Thanks to Jim who helped
me. The following solution will solve your probs.
/* #include ndbm.h */
#include"/usr/include/db1/ndbm.h"
in the files:
authdump.c
authload.c
db.c
Cheers
Jithu
At 11:04 PM 10/03/1999
On 3 Oct 99, at 0:37, Bill Fox wrote:
I've run into some packet filtering problems that are making me
"rethink" router ACL's. I'm hoping that someone can clarify a few
areas that I formerly *thought* I understood... :)
Does an ACL on a given port process packets in *both* directions,
or
At 00:37 03-10-1999 -0700, Bill Fox wrote:
(snip)
The reason I'm asking these 'goofy' questions is that I'm finding certain
(inbound) IP's that are somehow penetrating my router's ACL's, and I'm not
exactly sure how.
I read somewhere that non-first IP fragment packets always get through
cisco
I'm trying to find out information on what to do about the more recent
(less than 18 months old) patches that Sun issued for SunOS 4.1.4, when a
box has Gauntlet 3.2 installed on it.
The old Gauntlet installation pages recommended (amongst other things) not
installing the libc jumbo patch,
I'm running Gauntlet 5.0 on Solaris 2.6 and when I give the newaliases command
I get the following error:
# newaliases
WARNING: local host name (hades) is not qualified; fix $j in config file
dbm map "Alias0": unsafe map file /etc/mail/aliases
WARNING: cannot open alias database
I'm trying to use SSH to tunnel a connection from a
Solaris box with a SoftPC (x86 emulator, running NT)
to a Solaris box. SSH is the preferred method
because both machines will have SSH installed
already, but I can entertain other suggestions.
I have read the HOWTO on using Linux to create a
Hello,
I need to support campus-wide access (and sometimes external access) to some
sensitive Oracle databases.
I would be interested in feedback on what is the best way to protect Oracle 7
SQL*Net and Oracle 7 with the Advanced Networking Option. [I presume the same
answer would apply to
Actually Cisco has remedied this in the newer version of IOS. The packet is
reassembled and forwarded or drop based on the filter.
-Original Message-
From: Joao Carlos Cascao [SMTP:[EMAIL PROTECTED]]
Sent: Monday, October 04, 1999 7:57 AM
To: Firewalls mailing list
Subject:
[Please, no flames, I know this is in no way new]
Joao Carlos Cascao wrote:
I read somewhere that non-first IP fragment packets always get through
cisco ACL's.
Only the first fragment contains header information from higher level
protocols (like TCP and UDP) that is used by ACL's to
Ray Daoud wrote:
I need to support campus-wide access (and sometimes external access) to some
sensitive Oracle databases.
The key to doing this in a secure way is to use a firewall with a SQL*Net /
Net8 proxy. Oracle has collaborated with a few firewall vendors to enable
them to build these.
If you have http ports open on the firewalls you can try httptunnel from
gnu. Note... this is really not reccommended from a security POV, however
having only ssh listening (in addition to the httptunnel daemon) may be
acceptable. btw the disclaimer in the release if humorous :)
If any version of oracle (or any other relational database) actually
uses a documented, known-good crypto protocol with audited, known-good
implementations of known-good crypto algorithms, I'd _really_ love to know
about it.
Failing that (and I tend to expect failure:-) I'd advise pushing such
In addition, you may want to check to see if your version of IOS is subject
to a specific bug. I know of two access list leakage notices that have
been published. Check this site for known security vulnerabilities.
http://www.cisco.com/warp/public/707/advisory.html
As mentioned in the other
18 matches
Mail list logo
