Hello everyone,
I administer a LAN that will soon be moved from private to public IP
space. The LAN is inside a university network and as such in a rather
hostile environment.
At the moment there is a firewall with a public IP doing all the
filtering and a NAT/router box behind this. Now I'm thin
> as opposed to a setup with a firewall+router.
With Linux there are few problems with transparent firewalling setup - ie,
normal iptables don't work with such setup to well, you need to use special
bridge-iptables, ebtables IIRC. One drawback to that is that you can't do
everything your'e used to
Hi list,
Do you know about apache security issue?
apache 1.3.29 release announcement is here.
http://www.apache.org/dist/httpd/Announcement.txt
this apache 1.3 release includes security fix.
> Apache 1.3.29 Major changes
>
> Security vulnerabilities
>
> * CAN-2003-0
hello,
I have chkrootkit running nightly and mailing results to me - last night it
reported this:
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
Warning: Possible LKM Trojan installed
Checking `sniffer'...
PROMISC mode detected in
In article <[EMAIL PROTECTED]>
[EMAIL PROTECTED] writes:
>I administer a LAN that will soon be moved from private to public IP
>space. The LAN is inside a university network and as such in a rather
>hostile environment.
Another alternative is a proxy-arp firewall. See
http://www.blars.org/sapaf.
Cc: [EMAIL PROTECTED]
Package: apache
Version: 1.3.26-0woody3
Tags: security
Severity: grave
I have checked th full bug list also. It does not appear a bug has
been filed yet. Therefore I have filed a bug with this email. If you
have anything additional to add please wait until it shows up on
> two major choices:
>
> 1) leave it online recording ALL traffic to and from it
>
> 2) take it offline immediately and analyze it there without
> remote interference
I'm starting to think it was chkrootkit misreporting what was happening, as
after I rebooted the machine, there are now
a) no
On Wed, 29 Oct 2003 at 02:59:17PM -0500, Michael Bordignon wrote:
> I have chkrootkit running nightly and mailing results to me - last night it
> reported this:
>
> Checking `lkm'... You have 1 process hidden for readdir command
> You have 1 process hidden for ps command
> Warning: Possibl
Hello everyone,
I administer a LAN that will soon be moved from private to public IP
space. The LAN is inside a university network and as such in a rather
hostile environment.
At the moment there is a firewall with a public IP doing all the
filtering and a NAT/router box behind this. Now I'm thin
> as opposed to a setup with a firewall+router.
With Linux there are few problems with transparent firewalling setup - ie,
normal iptables don't work with such setup to well, you need to use special
bridge-iptables, ebtables IIRC. One drawback to that is that you can't do
everything your'e used to
Hi list,
Do you know about apache security issue?
apache 1.3.29 release announcement is here.
http://www.apache.org/dist/httpd/Announcement.txt
this apache 1.3 release includes security fix.
> Apache 1.3.29 Major changes
>
> Security vulnerabilities
>
> * CAN-2003-0
In article <[EMAIL PROTECTED]>
[EMAIL PROTECTED] writes:
>I administer a LAN that will soon be moved from private to public IP
>space. The LAN is inside a university network and as such in a rather
>hostile environment.
Another alternative is a proxy-arp firewall. See
http://www.blars.org/sapaf.
hello,
I have chkrootkit running nightly and mailing results to me - last night it
reported this:
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
Warning: Possible LKM Trojan installed
Checking `sniffer'...
PROMISC mode detected in
Cc: [EMAIL PROTECTED]
Package: apache
Version: 1.3.26-0woody3
Tags: security
Severity: grave
I have checked th full bug list also. It does not appear a bug has
been filed yet. Therefore I have filed a bug with this email. If you
have anything additional to add please wait until it shows up on
> two major choices:
>
> 1) leave it online recording ALL traffic to and from it
>
> 2) take it offline immediately and analyze it there without
> remote interference
I'm starting to think it was chkrootkit misreporting what was happening, as
after I rebooted the machine, there are now
a) no
On Wed, 29 Oct 2003 at 02:59:17PM -0500, Michael Bordignon wrote:
> I have chkrootkit running nightly and mailing results to me - last night it
> reported this:
>
> Checking `lkm'... You have 1 process hidden for readdir command
> You have 1 process hidden for ps command
> Warning: Possibl
On Thu, Oct 30, 2003 at 12:12:27AM +0900, Hideki Yamane wrote:
> Do you know about apache security issue?
Yes. According to the Apache maintainers, woody does not require an update.
--
- mdz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [E
On Wed, Oct 29, 2003 at 09:11:24PM -0500, Phillip Hofmeister wrote:
> I think there is a race condition that was discussed before about
> rootkit checkers. First it reads in data from the PS command. It then
> stores this data in a buffer. Then it reads /proc (or visa-versa, I
> forget the order
18 matches
Mail list logo
