Hello,
So net-analyzer/suricata is all the rage now. The 'Security Onion' is
often pitched as a suricata distro. [1] Many of the commonly listed
packages that are part of the security onion are already in gentoo.
So, are there suricata users on gentoo-user? If so, do you use any
of the key
On 25/09/2014 02:58, Walter Dnes wrote:
[snip]
...with malicious stuff, and it could get ugly. app-shells/bash-4.2_p48
has been pushed to Gentoo stable. The same env command results in...
Unfortunately, that version did fully address the problem. Instead,
upgrade to 4.2_p48-r1 or any of
On 25/09/2014 13:54, Kerin Millar wrote:
On 25/09/2014 02:58, Walter Dnes wrote:
[snip]
...with malicious stuff, and it could get ugly. app-shells/bash-4.2_p48
has been pushed to Gentoo stable. The same env command results in...
Unfortunately, that version did fully address the problem.
Kerin Millar kerfra...@fastmail.co.uk wrote:
On 25/09/2014 02:58, Walter Dnes wrote:
[snip]
...with malicious stuff, and it could get ugly. app-shells/bash-4.2_p48
has been pushed to Gentoo stable. The same env command results in...
Unfortunately, that version did fully address the
On 2014-09-25 16:02, cov...@ccs.covici.com wrote:
Kerin Millar kerfra...@fastmail.co.uk wrote:
On 25/09/2014 02:58, Walter Dnes wrote:
[snip]
...with malicious stuff, and it could get ugly. app-shells/bash-4.2_p48
has been pushed to Gentoo stable. The same env command results in...
On Thu, Sep 25, 2014 at 01:54:10PM +0100, Kerin Millar wrote
On 25/09/2014 02:58, Walter Dnes wrote:
[snip]
...with malicious stuff, and it could get ugly. app-shells/bash-4.2_p48
has been pushed to Gentoo stable. The same env command results in...
Unfortunately, that version did
Slashdot article
http://linux.slashdot.org/story/14/09/24/1638207/remote-exploit-vulnerability-found-in-bash
Story at
http://www.csoonline.com/article/2687265/application-security/remote-exploit-in-bash-cve-2014-6271.html
CVE ID CVE-2014-6271 at http://seclists.org/oss-sec/2014/q3/650
I'm not a professional, but I'd say that running as few services as
possible contributes to the overall security be reducing the attack
vectors (and Gentoo helps with that by not having that much by default).
I usually opt only for ssh and use certificates rather than passwords...
On Thu,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 21/03/14 17:44, Ján Zahornadský wrote:
Indeed, the smaller the surface area, the smaller the target (the
fewer things running, the fewer things can be exploited).
For an average desktop environment, doing what you're already doing, I
think,
140320 john wrote:
After recently reading about Windigo,
I am quesstioning how good my security is on my Gentoo box.
I am only a desktop user with iptables and clamav installed
and occasionally running chkrootkit.
Would you recommend any other forms of security
-- snort, selinux, hardened
After recently reading about Windigo I am quesstioning how good my
security is on my Gentoo box. I am only a desktop user with iptables
and clamav installed and occasionally running chkrootkit.
Would you recommend any other forms of security (snort, selinux,
hardened etc) that I should be using?
Daniel Iliev wrote:
Hi,
Since I'm not familiar with Gentoo's practice in dealing with
security problems I got curious about the following case.
Yesterday a Secunia advisory [1] about pidgin was brought to my
attention. The solution offered by the up-streams is upgrading to
Daniel Iliev wrote:
Hi,
Since I'm not familiar with Gentoo's practice in dealing with
security problems I got curious about the following case.
Yesterday a Secunia advisory [1] about pidgin was brought to my
attention. The solution offered by the up-streams is upgrading to
Daniel Iliev wrote:
Hi,
Since I'm not familiar with Gentoo's practice in dealing with
security problems I got curious about the following case.
Yesterday a Secunia advisory [1] about pidgin was brought to my
attention. The solution offered by the up-streams is upgrading to
On Sat, 23 May 2009 09:23:27 -0400
Saphirus Sage saphirus...@gmail.com wrote:
Daniel Iliev wrote:
Hi,
Since I'm not familiar with Gentoo's practice in dealing with
security problems I got curious about the following case.
Yesterday a Secunia advisory [1] about pidgin was
On Samstag 23 Mai 2009, Daniel Iliev wrote:
Hi,
Since I'm not familiar with Gentoo's practice in dealing with
security problems I got curious about the following case.
Yesterday a Secunia advisory [1] about pidgin was brought to my
attention. The solution offered by the up-streams
I've been reading this thread in the archives, on loop-aes and then the
security of AES. I hate to jump on the bandwagon, so before I do, I will
state that I *am* a crypto-expert, and have worked for the several
government entities in the US. I am not at liberty to tell you which ones.
Mr.
Hi,
I don't know what exactly happened, but when I plug on my external disk I
receive the following message (KDE):
| A security policy in place prevents this sender from sending this message to
| this recipient, see message bus configuration file (rejected message had
| interface
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello !
You must add you to group plugdev to be able to automount external devices.
Run as root : gpasswd -a [username] plugdev and close and reopen your
KDE session.
Regards.
- --
Xavier Parizet
On Wed, March 14, 2007 08:46, Oliver VeÃÂernik
I helped a friend install Ubuntu GNU/Linux on his laptop, he left
town, forgot his passwords, and I promised to breakin for him, so he
can re-do his passwords. Told him all I have to do is run Knoppix,
access his partition, and delete the little x in the password file.
Then he would reset his
On Sun, Apr 16, 2006 at 09:54:33PM +1000, Penguin Lover Alan E. Davis squawked:
He felt betrayed. I understand why, I think: what's secure about
GNU/Linux if anyone can boot the system and reset his passwords?
That is the same regardless of operating system.
Physical access == no security.
On 4/16/06, Willie Wong [EMAIL PROTECTED] wrote:
On Sun, Apr 16, 2006 at 09:54:33PM +1000, Penguin Lover Alan E. Davis
squawked:
He felt betrayed. I understand why, I think: what's secure about
GNU/Linux if anyone can boot the system and reset his passwords?
That is the same regardless
Alan E. Davis wrote:
I helped a friend install Ubuntu GNU/Linux on his laptop, he left
town, forgot his passwords, and I promised to breakin for him, so he
can re-do his passwords. Told him all I have to do is run Knoppix,
access his partition, and delete the little x in the password file.
Still, it would perhaps be somewhat comforting to be able to disable
EASY access to a mission critical system.
What about further disabling of access to /etc/passwd? Does SELinux
take any such steps? (Ok, I could look into this by reading TFM.
Apologies).
Alan
On 4/16/06, Alexander Skwar
Alan E. Davis wrote:
Still, it would perhaps be somewhat comforting to be able to disable
EASY access to a mission critical system.
Put them in a server room. Make sure, that only trusted people
have a key to that server room.
What about further disabling of access to /etc/passwd? Does
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Alan E. Davis wrote:
Still, it would perhaps be somewhat comforting to be able to disable
EASY access to a mission critical system.
What about further disabling of access to /etc/passwd? Does SELinux
take any such steps? (Ok, I could look
Alan E. Davis wrote:
He felt betrayed. I understand why, I think: what's secure about
GNU/Linux if anyone can boot the system and reset his passwords?
Oh C'mon! Like you NEVER did the same on a Windows box. YES, you can do
something similar on NT/2K/XP/Whatever...
Encrypt your filesystems
On Sunday 16 April 2006 06:54, Alan E. Davis [EMAIL PROTECTED] wrote
about '[gentoo-user] Security from non-authorized logins':
I helped a friend install Ubuntu GNU/Linux on his laptop, he left
town, forgot his passwords, and I promised to breakin for him, so he
can re-do his passwords. Told
I just have noticed that my Apache2 access.log has few entries:
220.189.234.182 - - [27/Sep/2005:03:21:59 -0600] CONNECT 202.165.103.38:80
HTTP/1.1 200 17505
61.232.83.75 - - [09/Oct/2005:04:33:26 -0600] CONNECT 66.135.208.90:80
HTTP/1.1 200 25952
59.40.34.187 - - [09/Oct/2005:19:05:40 -0600]
On 9/22/05, Neil Bothwick [EMAIL PROTECTED] wrote:
On Wed, 21 Sep 2005 23:03:53 +0200, Fernando Meira wrote: I might be wrong, but I have the idea that E-cvs packages are always updated during an emerge world.Only if you run it without -p or -a. I never run emerge world without
fiorst checking
On 9/20/05, Neil Bothwick [EMAIL PROTECTED] wrote:
On Tue, 20 Sep 2005 13:50:28 +0200, Fernando Meira wrote: - I run emerge -pv depclean and I get a list where I find these: These are the packages that I would unmerge: media-libs/libmpeg3
selected: 1.5.2 protected: none omitted: none
On Wed, 21 Sep 2005 16:36:59 +0200, Fernando Meira wrote:
If you installed it with portage, you should have it in world.
I've installed with portage, but with --oneshop option. This is because
(as Holly said) E17 packages need to be installed in proper order. So I
use a script to update
On 9/21/05, Neil Bothwick [EMAIL PROTECTED] wrote:
On Wed, 21 Sep 2005 16:36:59 +0200, Fernando Meira wrote: If you installed it with portage, you should have it in world. I've installed with portage, but with --oneshop option. This is because
(as Holly said) E17 packages need to be installed in
On Wed, 21 Sep 2005 23:03:53 +0200, Fernando Meira wrote:
Add them to world. As long as you don't do an automatic emerge -uD
world you shouldn't have a problem. When updates come out, you'll see
them in the output of emerge -pvD world (which you won't with your
current setup) then you can
On 9/20/05, Neil Bothwick [EMAIL PROTECTED] wrote:
On Tue, 20 Sep 2005 09:04:02 +0800, W.Kenworthy wrote: One point I have never seen mentioned is *why* would you *not* want a package in the world file - especially if you want it to be managed by the system?
The world file is for packages you have
On Tue, Sep 20, 2005 at 01:50:28PM +0200, Fernando Meira wrote:
2) win32codecs was marked to be clean. why?
# equery d win32codecs
[ Searching for packages depending on win32codecs... ]
media-libs/xine-lib-1.0.1-r3
media-video/avifile-0.7.41.20041001-r1
media-video/mplayer-1.0_pre7-r1
Do
On Tue, 20 Sep 2005 13:50:28 +0200, Fernando Meira wrote:
- I run emerge -pv depclean and I get a list where I find these:
These are the packages that I would unmerge:
media-libs/libmpeg3
selected: 1.5.2
protected: none
omitted: none
x11-plugins/e_modules
selected:
protected:
Neil Bothwick schreef:
On Tue, 20 Sep 2005 13:50:28 +0200, Fernando Meira wrote:
# equery d libmpeg3 [ Searching for packages depending on
libmpeg3... ] app-misc/evidence-
What are these versions? Are they CVS installs, or packages
installed outside of portage and injected,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jason Stubbs wrote:
On Monday 19 September 2005 13:16, gentuxx wrote:
If I update firefox with the --oneshot option, I know that it won't
update the world tree, but why? Why is that the recommended
procedure? Does that give me any benefit? Also, why
On Monday 19 September 2005 15:00, gentuxx wrote:
does updating a package for a security fix using the --oneshot option
update the same package that is housed in the world tree?
There is no world tree. There is only a list. --oneshot has no affect on
this list.
If so, can I assume that
One point I have never seen mentioned is *why* would you *not* want a
package in the world file - especially if you want it to be managed by
the system?
BillK
On Tue, 2005-09-20 at 09:07 +0900, Jason Stubbs wrote:
On Tuesday 20 September 2005 01:12, gentuxx wrote:
If every security fix comes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
W.Kenworthy wrote:
One point I have never seen mentioned is *why* would you *not* want a
package in the world file - especially if you want it to be managed by
the system?
BillK
I guess maybe that's part of what I'm getting at. ;-)
On Tue,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
I don't know if this would be considered a newbie question or not. I
haven't really seen it asked, and I haven't been able to find any
documentation that clearly states this, so I thought I would ask here.
Why is the --oneshot option
On Monday 19 September 2005 13:16, gentuxx wrote:
If I update firefox with the --oneshot option, I know that it won't
update the world tree, but why? Why is that the recommended
procedure? Does that give me any benefit? Also, why would a package
be available as a --oneshot and NOT through a
With the basic install of gentoo 2.6.12-r9 behind me (forget splash - it's
not worth the headaches right now, and I need more research to find a good
backup solution), I read through the gentoo security doc. There's a world
of stuff here!
I have a laptop that I'm intending to use for web
Nelis Lamprecht wrote:
Hi,
I am getting several of the above/below errors which is preventing me
from updating my ports. How do I get around this ? Deleting the files
doesn't seem to help.
!!! Security Violation: A file exists that is not in the manifest.
I guess u clone portage tree
46 matches
Mail list logo
