Re: DoS in debian (potato) proftpd: 1.2.0pre10-2.0potato1

2002-04-04 Thread Justin Shore 

On 3/29/02 3:40 PM martin f krafft said...

dear bugtraq'ers,

i must confess that the information i provided wrt the acclaimed DoS
exploit in Debian potato's proftpd package (1.2.0pre10-2.0potato1) was
not fully accurate. the package *does in fact contain a buggy daemon*
despite having been fixed, according to the changelog:

  proftpd (1.2.0pre10-2.0potato1) stable; urgency=high

snip

i don't think it's necessary to discuss this; the daemon as packaged
by debian is buggy and that has to be fixed. but i hope i was able to
give you some more information on the extent of the exploit. i will
do my best to push a fixed package into the APT archive at
security.debian.org as soon as possible.

Plus 1.2.0 went final back in January 2001.  It's been out for over a 
year.  Many versions without this bug have been released for some time.  
I don't see any reason to beat a dead horse.  Any distribution that still 
ships anything older than 1.2.4 should simply make 1.2.4 available in the 
updates or errata.



--
Justin Shore, ES-SS ES-SSR  Pittsburg State University
Network  Systems Manager   Kelce 157Q
Office of Information Systems   Pittsburg, KS 66762
Voice: (620) 235-4606   Fax: (620) 235-4545
http://www.pittstate.edu/ois/

Warning:  This message has been quadruple Rot13'ed for your protection.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: A question about some network services

2002-04-04 Thread eim 

First of all thanks to all for responses.

On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote:
 On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote:
 
   'time' is RFC 868, a pre-NTP time synchronization protocol. It just
   sends the time as a 32-bit int, where:
   
   The time is the number of seconds since 00:00 (midnight) 1 January 1900
GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this
base will serve until the year 2036.
   
   I think it sends it big-endian, but I'm not sure.
  
  Is it used by the old rdate tools?

Old rdate tools ? I use them regulary to update my
servers with the current time, is it more convenient
to install an NTP server on my local network ?

Thanks.

 
 Indeed.  It's quite usefull if you don't have a NTP server at
 hand, e. g. behind a firewall.  It's not ok if you need accuracy
 of less than 1 sec.
 
 /Holger
 
 
 -- 
 ++ GnuPG Key - http://www.t-online.de/~holger.eitzenberger ++
-- 

 »« »« »« »« »« »« »« »« »« »« »« »« »« »« »«
 Ivo Marino[EMAIL PROTECTED]
 UN*X Developer, running Debian GNU/Linux
 irc.OpenProjects.net #debian
 http://eimbox.org/~eim http://eimbox.org
 »« »« »« »« »« »« »« »« »« »« »« »« »« »« »«


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: A question about some network services

2002-04-04 Thread Christian G. Warden 

rdate is probably easier to use.  ntp requires at least a little
configuration, but it is more accurate.

xn

On Thu, Apr 04, 2002 at 06:56:30PM +0200, eim wrote:
 First of all thanks to all for responses.
 
 On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote:
  On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote:
  
'time' is RFC 868, a pre-NTP time synchronization protocol. It just
sends the time as a 32-bit int, where:

The time is the number of seconds since 00:00 (midnight) 1 January 1900
 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this
 base will serve until the year 2036.

I think it sends it big-endian, but I'm not sure.
   
   Is it used by the old rdate tools?
 
 Old rdate tools ? I use them regulary to update my
 servers with the current time, is it more convenient
 to install an NTP server on my local network ?
 
 Thanks.
 
  
  Indeed.  It's quite usefull if you don't have a NTP server at
  hand, e. g. behind a firewall.  It's not ok if you need accuracy
  of less than 1 sec.
  
  /Holger
  
  
  -- 
  ++ GnuPG Key - http://www.t-online.de/~holger.eitzenberger ++
 -- 
 
  »« »« »« »« »« »« »« »« »« »« »« »« »« »« »«
  Ivo Marino[EMAIL PROTECTED]
  UN*X Developer, running Debian GNU/Linux
  irc.OpenProjects.net #debian
  http://eimbox.org/~eim http://eimbox.org
  »« »« »« »« »« »« »« »« »« »« »« »« »« »« »«
 
 
 -- 
 To UNSUBSCRIBE, email to [EMAIL PROTECTED]
 with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: A question about some network services

2002-04-04 Thread Anne Carasik 

On Tue, Apr 02, 2002 at 01:34:32PM -0500, Noah L. Meyerhans wrote:
  Well, daytime spits out the time of day, time is for NTP,
  and I'm not sure what discard is used for.
 No, NTP does not use the time port.  It uses port 123 (ntp in
 /etc/services).

Ok, figures I don't know since I don't use it.

 Discard is the network equivalent of /dev/null

W.. an MTU of zero :)

 The question of what to do with these ports comes up every once in a
 while on this list.  Some people prefer to leave them on, others turn
 them off.  I don't think there's ever been an exploit that involves
 these ports, as the code is quite simple (i.e. easy to implement
 securely).

Occasionally, there may be a DOS attack, but nothing invasive.

  I usually turn off inetd completely. It helps makes things
  quieter on a nessus scan :)
 Yes, this is good advice, and something that never occurs to most
 people.  Most common services these days run quite happily in standalone
 mode, so there's often no reason to use inetd at all.

Given most everything can run through SSH or SSL (at least TCP-based) :)

-Anne
-- 

  .-.__.``.   Anne Carasik, System Administrator
 .-.--. _...' (/)   (/)   ``'   [EMAIL PROTECTED] 
(O/ O) \-'  ` -==.',  Center for Advanced Computing Research
~`~~



msg06205/pgp0.pgp
Description: PGP signature

Re: A question about some network services

2002-04-04 Thread Emmanuel Lacour 

On Thu, Apr 04, 2002 at 06:56:30PM +0200, eim wrote:
 First of all thanks to all for responses.
 
 On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote:
  On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote:
  
'time' is RFC 868, a pre-NTP time synchronization protocol. It just
sends the time as a 32-bit int, where:

The time is the number of seconds since 00:00 (midnight) 1 January 1900
 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this
 base will serve until the year 2036.

I think it sends it big-endian, but I'm not sure.
   
   Is it used by the old rdate tools?
 
 Old rdate tools ? I use them regulary to update my
 servers with the current time, is it more convenient
 to install an NTP server on my local network ?
 
 Thanks.

Sorry that's not that I wanted to say. Just rdate is a well known tool
because it's an old tool (tcp/ip is old too, and we use it every days;-)

when to use ntp/rdate well, it depends...-:)

-- 
Easter-eggsSpécialiste GNU/Linux
44-46 rue de l'Ouest  -  75014 Paris   -   France -  Métro Gaité
Phone: +33 (0) 1 43 35 00 37- Fax: +33 (0) 1 41 35 00 76
mailto:[EMAIL PROTECTED]   -http://www.easter-eggs.com


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: A question about some network services

2002-04-04 Thread Tim Haynes 

Anne Carasik [EMAIL PROTECTED] writes:

 The question of what to do with these ports comes up every once in a
 while on this list. Some people prefer to leave them on, others turn
 them off. I don't think there's ever been an exploit that involves these
 ports, as the code is quite simple (i.e. easy to implement securely).

 Occasionally, there may be a DOS attack, but nothing invasive.

Depends. I thought it was an old trick to persuade echo ports to talk to
each other and run away giggling...

 Yes, this is good advice, and something that never occurs to most
 people. Most common services these days run quite happily in standalone
 mode, so there's often no reason to use inetd at all.

 Given most everything can run through SSH or SSL (at least TCP-based) :)

The short reasons in favour of inetd are that

a) you save memory space by not having the daemon running all the time (at
the slight cost of latency on start-up - choose according to your
situation!);

b) (if using xinetd instead of boring old inetd) you can apply the same
syntax for per-host rate- and resource-limiting to many services that would
otherwise either require much research to implement (try exim and apache
for size), or not even implement it at all; 

c) if you're writing a network listener of your own you can implement it in
(x)inetd without having to worry about writing the regular listen-accept-
process loop *again*.

Not that it's *always* a good idea to use inetd, but it still has its plus-
points by a long way, especially xinetd instead.

~Tim
-- 
http://spodzone.org.uk/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: DoS in Shells: was Re: DoS in debian (potato) proftpd:1.2.0pre10-2.0potato1

2002-04-04 Thread Chip McClure 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Also tested, and vulnerable on:

FreeBSD 4.5-RELEASE FreeBSD 4.5-RELEASE #0: Mon Jan 28 14:31:56 GMT 2002
[EMAIL PROTECTED]:/usr/src/sys/compile/GENERIC  i386

Tested using the shells bash, csh, ksh, zsh.

Chip

- -
Chip McClure
Sr. Unix Administrator
GigGuardian, Inc.

http://www.gigguardian.com/
- -

On Wed, 3 Apr 2002 [EMAIL PROTECTED] wrote:


 Hello All,

 I can confirm that the ls strings dos' slackware 8.0. Causes shell process of that 
user (user or root) to chew up the cpu until the shell terminates on sig 11.

 Works on any shell the user is using, csh, ksh, bash

 Tested on:
 Linux 2.2.19 #93 Thu Jun 21 01:09:03 PDT 2001 i586 unknown
 SunOS 5.8 Generic_108528-12 sun4u sparc SUNW,Ultra-Enterprise

 Not Vuln:
 OpenBSD 3.0 GENERIC#94 i386

 Needs more investigation.

 Gilbert


 At 03:40 PM 3/29/2002, martin f krafft wrote:
ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*

 ...

DenyFilter \*.*/

 Just as a quick question, why not deny the string /../ (you may have to
 deny the regex /\.\./, depending how the filter in question works)?

 As far as I can tell, it's the ability to embed /../ into a path that is
 at the root of this, far more than the ability to embed wildcards.  I can't
 think of a situation in which /../ should appear in a user-supplied path,
 except after a string of repeated ../s.

 The workaround suggested by Mr Krafft would disable some useful
 functionality - one large user of mine, for instance, was keen to have my
 own software evaluate wildcards in the body of the path, which Mr Krafft's
 workaround disables completely.  They even paid for the privilege (not
 enough, but they paid ;-))

 So, let's see, a regex that would deny /../, except as part of a string
 of such...

 One bash would be [^/.].*/\.\./ - matching /../ if it's after any
 character other than '/' or '.'.  Doubtless someone can come up with
 something better.

 Alun.
 

 --
 Texas Imperial Software   | Try WFTPD, the Windows FTP Server. Find us at
 1602 Harvest Moon Place   | http://www.wftpd.com or email [EMAIL PROTECTED]
 Cedar Park TX 78613-1419  | VISA/MC accepted.  NT-based sites, be sure to
 Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for NT.


 Hush provide the worlds most secure, easy to use online applications - which 
solution is right for you?
 HushMail Secure Email http://www.hushmail.com/
 HushDrive Secure Online Storage http://www.hushmail.com/hushdrive/
 Hush Business - security for your Business http://www.hush.com/
 Hush Enterprise - Secure Solutions for your Enterprise http://www.hush.com/

 Looking for a good deal on a domain name? 
http://www.hush.com/partners/offers.cgi?id=domainpeople

  Output from pgp 
 Pretty Good Privacy(tm) Version 6.5.8
 Internal development version only - not for general release.
 (c) 1999 Network Associates Inc.
 Export of this software may be restricted by the U.S. government.
 File is signed.  signature not checked.
 Signature made 2002/04/04 05:51 GMT
 key does not meet validity threshold.
 WARNING:  Because this public key is not certified with a trusted
 signature, it is not known with high confidence that this public key
 actually belongs to: (KeyID: 0x91AB07A7).
 wiping file pgptemp.$00pattern is: 0x
 pattern is: 0x666
 pattern is: 0xddd
 pattern is: 0x333
 pattern is: 0x111
 pattern is: 0xbbb
 pattern is: 0xfff
 pattern is: 0x999
 pattern is: 0x
 pattern is: 0x6db
 pattern is: 0xccc
 pattern is: 0x492
 pattern is: 0xdb6
 pattern is: 0x
 pattern is: 0x249
 pattern is: 0x777
 pattern is: 0xaaa
 pattern is: 0xeee
 pattern is: 0x555
 pattern is: 0x444
 pattern is: 0x888
 pattern is: 0xb6d
 pattern is: 0x0
 pattern is: 0x222
 pattern is: 0x924
 pattern is: 0x
 wiping file pgptemp.$01pattern is: 0x
 pattern is: 0x777
 pattern is: 0x222
 pattern is: 0x6db
 pattern is: 0xbbb
 pattern is: 0xb6d
 pattern is: 0x666
 pattern is: 0x333
 pattern is: 0x
 pattern is: 0xccc
 pattern is: 0x924
 pattern is: 0xeee
 pattern is: 0xaaa
 pattern is: 0x
 pattern is: 0xddd
 pattern is: 0xfff
 pattern is: 0x999
 pattern is: 0x888
 pattern is: 0x0
 pattern is: 0xdb6
 pattern is: 0x444
 pattern is: 0x249
 pattern is: 0x492
 pattern is: 0x555
 pattern is: 0x111
 pattern is: 0x



-BEGIN PGP SIGNATURE-
Version: PGP 6.5.8
Comment: Made with pgp4pine 1.76

iQA/AwUBPKyICZuKtP8CSC69EQImIACfZE5iDHm4ug5FRhiq6jPqrL1VKrgAoIbU
y58V4TmV1Du3rS1tas+lYUpu
=dU2C
-END PGP SIGNATURE-



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: on potato's proftpd

2002-04-04 Thread martin f krafft 

also sprach Andrew Pimlott [EMAIL PROTECTED] [2002.04.04.0135 +0200]:
  this problem is understood by the developers of proftpd
 
 Wichert said that nobody has explained why the current fix on s.d.o
 doesn't work.  If the problem is understood, why hasn't someone
 explained this?  That's all that is asked, AFAICT.

i have no clue if the fix repaired anything or even how it works, but
the actual problem as it affects proftpd is known.

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; net@madduck
  
nobody expects the spanish inquisition.
   -- monty python



msg06211/pgp0.pgp
Description: PGP signature

Re: DoS in debian (potato) proftpd: 1.2.0pre10-2.0potato1

2002-04-04 Thread martin f krafft 

also sprach Alun Jones [EMAIL PROTECTED] [2002.04.04.0445 +0200]:
   DenyFilter \*.*/
 
 Just as a quick question, why not deny the string /../ (you may have to 
 deny the regex /\.\./, depending how the filter in question works)?

quick answer: because i merely copied the fix from the security pages
of the proftpd homepage [1].

  1. http://proftpd.linux.co.uk/critbugs.html

 As far as I can tell, it's the ability to embed /../ into a path that is 
 at the root of this, far more than the ability to embed wildcards.  I can't 
 think of a situation in which /../ should appear in a user-supplied path, 
 except after a string of repeated ../s.

i actually agree with you here.

 [^/.].*/\.\./

mh, this would not prevent

  /some/.dotdir/../

right?

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; net@madduck
  
to vacillate or not to vacillate,
that is the question ... or is it?



msg06212/pgp0.pgp
Description: PGP signature

Re: DoS in Shells: was Re: DoS in debian (potato) proftpd: 1.2.0pre10-2.0potato1

2002-04-04 Thread Kurt Seifried 

This is, to put it politely, incredibly old news. Let's face it, if you give
a user a shell acount, with no restrictions on CPU time or memory usage,
yes, they will be able to suck up as much resources as the computer can
spare (this is, among other reasons why nice exists). I advise you place
limitson the users, memory, cpu, stack size, file descriptors, etc, finding
good limits can be tricky though, and you will also want to limit
concurrent logins.

I wrote an article on using PAM (pluggable Authenticaiton Modules) which
covers these issues and a few others, available at:

http://www.samag.com/documents/s=1161/sam0009a/0009a.htm

Also you can view information on setting limits with various shells, and PAM
as well at:

http://seifried.org/security/os/linux/20020324-securing-linux-step-by-step.h
tml
goto Limiting users overview.

And the LASG, Limiting and monitoring users
http://seifried.org/lasg/users/

Better to use PAM to limit users then the shell because the various shells
do not all support the limiting the same items, or soft/hard limits, and if
you miss a shell and the user chsh's they can avoid it, they can't really
avoid pam. As for the /*/../. problem in general it was
discovered many many years ago (more then two).

Kurt Seifried, [EMAIL PROTECTED]
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
http://www.iDefense.com/




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

NEOMAIL - as big kev in OZ would say, IM EXCITED !

2002-04-04 Thread Marcel Welschbillig 

Hi,

Sorry know this is off topic but

I Just wanted everyone to know about NeoMail

http://neomail.sourceforge.net

Its a fully functional Webmail server that looks better and is more 
functional than many commercial servers and its FREE ! And easy to setup !

Know someone out there will be as excited about this program as i am, 
wish i would have known about it earlier.

HAPPY LINUXING !

Marcel


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

*****SPAM***** »ï¼º Ä®¶óÇÁ¸°ÅÍ Æ¯°¡ÆǸŠ110,000 ¿ø

2002-04-04 Thread kcl 

HTML
HEAD
META content=text/html; charset=ks_c_5601-1987 http-equiv=Content-Type
STYLE p, font, span { line-height:120%; margin-top:0; margin-bottom:0; }/STYLE
/HEADBODY
DIV align=left
DL
  DTFONT face=±¼¸² color=black size=2¾È³ç Çϼ¼¿ä. nbsp;º» ¸ÞÀÏÀº ±¤°í ¸ÞÀÏ 
ÀÔ´Ï´Ù./FONT 
  DTFONT face=±¼¸² color=black size=2»çÀü Çã¶ô¾øÀÌ ¸ÞÀÏÀ» º¸³»°Ô µÇ¾î¼­ Áø½ÉÀ¸·Î 
Á˼ÛÇÕ´Ï´Ù/FONT/DT
  DTFONT face=±¼¸² color=black size=2/FONT /DT
  DTSPAN style=FONT-SIZE: 10ptFONT face=±¼¸² color=blackB¸ÞÀÏ ¹Þ±â¸¦ ¿øÄ¡ 
  nbsp;¾ÊÀ¸½Å´Ù¸é ¾Æ·¡ ¸ÞÀÏ·Î ¹Ý¼Û¸ÞÀÏÀ» º¸³»Áֽøé BRÀÌÈÄ¿¡´Â Àý´ë·Î ¸ÞÀÏÀÌ 
¼ö½ÅµÇÁö ¾ÊÀ» 
  °ÍÀÔ´Ï´Ù.BR/B/FONT/SPANFONT face=±¼¸² color=black size=2. /FONT
  DTBFONT color=#ffSPAN style=FONT-SIZE: 14pt¹Ý¼Û¸ÞÀÏ ÁÖ¼Ò : 
  [EMAIL PROTECTED]/SPAN/FONT/B/DT
  
DTnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;Àü
 
  È­ : 02-895-7862
  
DT---
 
  DT 
  DTnbsp;nbsp;nbsp;nbsp;nbsp;»ï¼ºÇÁ¸°ÅÍ MJC-935 i nbsp;nbsp;nbsp;110,000 
¿ø¿¡ 
  ÆǸŠnbsp;nbsp;( Ư°¡ ÆǸŰ¡°Ý ÀÔ´Ï´Ù ) 
  DT 
  
DTnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;¼ÒºñÀÚ°¡:157,000
 
  ¿ø ==gt; 110,000 ¿ø¿¡ ÆǸŠ/DT/DL
DL
  
DTnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;IMG
 
  height=354 src=http://2-sun.com/image/product/mjc935.jpg; width=354 border=0
  
DTnbsp;nbsp;
 
  nbsp; /DT/DL/DIV
UL
  LI1200dpi ÃÊ°íÇØ»óµµ BR1ÀÎÄ¡´ç ÂïÈ÷´Â À×Å©¹æ¿ïÀÇ Å©±â°¡ ±âÁ¸ÀÇ ¹æ½Äº¸´Ù ÈξÀ 
ÀÛÀº 
  LI'±Ø¹Ì¼¼ À×Å©¹æ½Ä'À» ä¿ë,ÀϹݿëÁö¿¡¼­µµ ¼¶¼¼ÇÑ Ä÷¯ÀÇ ´À³¦À» ±×´ë·Î ÀçÇöÇØ 
µå¸³´Ï´Ù. BRBR/LI
  LI½Ã¿øÇÑ ¼Óµµ 7PPM BR1ºÐ¿¡ ÃÖ´ë 7ÀåÀÇ Èæ¹é¹®¼­ ¹× 3ÀåÀÇ Ä÷¯¹®¼­¸¦ Ãâ·ÂÇÒ ¼ö 
Àִ Ź¿ùÇÑ ½ºÇǵå! 
  LIÀÏ¹Ý ÇнÀ¿ëÀ¸·Î³ª ¼Ò±Ô¸ð »ç¹«½Ç¿ëÀ¸·Î »ç¿ëÇϱ⿡ ¾Ë¸ÂÀº ¼ÓµµÀÔ´Ï´Ù. BRBR/LI
  LI¹øÁü¾ø°í ±ò²ûÇÑ ÇDZ׸ÕÆ® À×Å© BR¾î¶² Á¾·ùÀÇ ¿ëÁö¸¦ »ç¿ëÇصµ ¹øÁöÁö ¾Ê°í 
¶Ç·ÈÇÏ°Ô ÀμâÇØÁÖ´Â °ËÁ¤»ö ÇDZ׸ÕÆ®À×Å©¸¦ »ç¿ë, 
  LIÃâ·ÂµÈ ¹®¼­°¡ ÇÑ°á ±ò²ûÇØ º¸ÀÔ´Ï´Ù. BRBR/LI
  LI45dBÀÇ Á¶¿ëÇÑ ÇÁ¸°Æà BR45dB ÀÌÇÏÀÇ Àú¼ÒÀ½ ÇÁ¸°ÆÃÀÌ °¡´ÉÇÑ ÃÊÁ¤¹Ð ¸ÞÄ«´ÏÁò 
¿£ÁøÀ» ä¿ë, ÀÏ¹Ý °¡Á¤À̳ª »ç¹«½Ç¿¡¼­ 
  LIÁ¶¿ëÇÏ°Ô »ç¿ëÇÏ½Ç ¼ö ÀÖ½À´Ï´Ù. BRBR»ó¼¼spec BRBR/LI
  LIÀμâ¼Óµµ : 7ppm(Èæ¹é) / 3ppm(Ä÷¯) BRBR
  LIÇØ»óµµ : 1,200 x 1,200dpi(Ä÷¯, Èæ¹é) BRBR
  LIÀÎÀÚ¸ðµå : HBP BRBR
  LIȣȯ¼º : Window 95/98/NT 4.0 /2000/Me/XP,Mac OS 8.6/9.xÁö¿ø BRBR
  LI¸Þ¸ð¸® : 512KB BRBR
  LIÀÎÅÍÆäÀ̽º : USB(Universal Serial Bus), Æз¯·¼ BRBR
  LI¿ëÁöÅ©±â : A4,A5,B5,Legal,Executive,A6,¹è³Ê,¿±¼­,¶óº§ ¿ëÁö BRBR
  LI±ÞÁö¿ë·® : 100¸Å(ÇÁ¸®¹Ì¾ö ¿ëÁö100¸Å ¹«·áÁ¦°ø) BRBR
  LI¹èÁö¿ë·® : 25¸Å BRBR
  LIÁ¦Ç° Å©±â(W*D*H) : 447 X 170X 210 mm BRBR
  LIÁ¤°ÝÀü¿ø : AC 220V Àü¿ë,60 Hz 
BRBRBRnbsp;nbsp;nbsp;nbsp;./LI/ULTRTD align=middle
TABLE cellSpacing=0 cellPadding=5 width=691 border=0
  
  TR
TD width=681
  OL type=1
LIFONT style=LINE-HEIGHT: 20px color=#00FONT color=redB¼Ò ºñ 
ÀÚ °¡ nbsp;: nbsp;157,000 ¿ø nbsp;¸ðµ¨:MJC-935 i 
nbsp;»ï¼ºÇÁ¸°ÅÍ/B/FONT/FONT 
LIFONT style=LINE-HEIGHT: 20px color=#00FONT 
color=redBÇö±ÝÆǸŰ¡ nbsp;: nbsp;110,000 ¿ø/B/FONT/FONT 
LIFONT style=LINE-HEIGHT: 20px color=#00FONT color=redBÅùè 

¹ß¼Ûnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;/B/FONT/FONT
 
LIFONT style=LINE-HEIGHT: 20px color=#00FONT color=redBÇÑ Á¤ 
ÆÇ ¸Å : 2002 .04.13±îÁö /B/FONT/FONT/LI/OL/TD/TR/TABLE
TABLE cellSpacing=0 cellPadding=5 width=693 border=0
  
  TR
TD width=683
  Pnbsp;/P/TD/TR/TABLE
PFONT size=5Bnbsp;»ï¼ºÇÁ¸°ÅÍ nbsp;nbsp;ÀüÈ­: 
02-895-7862/B/FONT/P
/BODY
/HTML


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

*****SPAM***** »ï¼º Ä®¶óÇÁ¸°ÅÍ Æ¯°¡ÆǸŠ110,000 ¿ø

2002-04-04 Thread kcl 

HTML
HEAD
META content=text/html; charset=ks_c_5601-1987 http-equiv=Content-Type
STYLE p, font, span { line-height:120%; margin-top:0; margin-bottom:0; }/STYLE
/HEADBODY
DIV align=left
DL
  DTFONT face=±¼¸² color=black size=2¾È³ç Çϼ¼¿ä. nbsp;º» ¸ÞÀÏÀº ±¤°í ¸ÞÀÏ 
ÀÔ´Ï´Ù./FONT 
  DTFONT face=±¼¸² color=black size=2»çÀü Çã¶ô¾øÀÌ ¸ÞÀÏÀ» º¸³»°Ô µÇ¾î¼­ Áø½ÉÀ¸·Î 
Á˼ÛÇÕ´Ï´Ù/FONT/DT
  DTFONT face=±¼¸² color=black size=2/FONT /DT
  DTSPAN style=FONT-SIZE: 10ptFONT face=±¼¸² color=blackB¸ÞÀÏ ¹Þ±â¸¦ ¿øÄ¡ 
  nbsp;¾ÊÀ¸½Å´Ù¸é ¾Æ·¡ ¸ÞÀÏ·Î ¹Ý¼Û¸ÞÀÏÀ» º¸³»Áֽøé BRÀÌÈÄ¿¡´Â Àý´ë·Î ¸ÞÀÏÀÌ 
¼ö½ÅµÇÁö ¾ÊÀ» 
  °ÍÀÔ´Ï´Ù.BR/B/FONT/SPANFONT face=±¼¸² color=black size=2. /FONT
  DTBFONT color=#ffSPAN style=FONT-SIZE: 14pt¹Ý¼Û¸ÞÀÏ ÁÖ¼Ò : 
  [EMAIL PROTECTED]/SPAN/FONT/B/DT
  
DTnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;Àü
 
  È­ : 02-895-7862
  
DT---
 
  DT 
  DTnbsp;nbsp;nbsp;nbsp;nbsp;»ï¼ºÇÁ¸°ÅÍ MJC-935 i nbsp;nbsp;nbsp;110,000 
¿ø¿¡ 
  ÆǸŠnbsp;nbsp;( Ư°¡ ÆǸŰ¡°Ý ÀÔ´Ï´Ù ) 
  DT 
  
DTnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;¼ÒºñÀÚ°¡:157,000
 
  ¿ø ==gt; 110,000 ¿ø¿¡ ÆǸŠ/DT/DL
DL
  
DTnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;IMG
 
  height=354 src=http://2-sun.com/image/product/mjc935.jpg; width=354 border=0
  
DTnbsp;nbsp;
 
  nbsp; /DT/DL/DIV
UL
  LI1200dpi ÃÊ°íÇØ»óµµ BR1ÀÎÄ¡´ç ÂïÈ÷´Â À×Å©¹æ¿ïÀÇ Å©±â°¡ ±âÁ¸ÀÇ ¹æ½Äº¸´Ù ÈξÀ 
ÀÛÀº 
  LI'±Ø¹Ì¼¼ À×Å©¹æ½Ä'À» ä¿ë,ÀϹݿëÁö¿¡¼­µµ ¼¶¼¼ÇÑ Ä÷¯ÀÇ ´À³¦À» ±×´ë·Î ÀçÇöÇØ 
µå¸³´Ï´Ù. BRBR/LI
  LI½Ã¿øÇÑ ¼Óµµ 7PPM BR1ºÐ¿¡ ÃÖ´ë 7ÀåÀÇ Èæ¹é¹®¼­ ¹× 3ÀåÀÇ Ä÷¯¹®¼­¸¦ Ãâ·ÂÇÒ ¼ö 
Àִ Ź¿ùÇÑ ½ºÇǵå! 
  LIÀÏ¹Ý ÇнÀ¿ëÀ¸·Î³ª ¼Ò±Ô¸ð »ç¹«½Ç¿ëÀ¸·Î »ç¿ëÇϱ⿡ ¾Ë¸ÂÀº ¼ÓµµÀÔ´Ï´Ù. BRBR/LI
  LI¹øÁü¾ø°í ±ò²ûÇÑ ÇDZ׸ÕÆ® À×Å© BR¾î¶² Á¾·ùÀÇ ¿ëÁö¸¦ »ç¿ëÇصµ ¹øÁöÁö ¾Ê°í 
¶Ç·ÈÇÏ°Ô ÀμâÇØÁÖ´Â °ËÁ¤»ö ÇDZ׸ÕÆ®À×Å©¸¦ »ç¿ë, 
  LIÃâ·ÂµÈ ¹®¼­°¡ ÇÑ°á ±ò²ûÇØ º¸ÀÔ´Ï´Ù. BRBR/LI
  LI45dBÀÇ Á¶¿ëÇÑ ÇÁ¸°Æà BR45dB ÀÌÇÏÀÇ Àú¼ÒÀ½ ÇÁ¸°ÆÃÀÌ °¡´ÉÇÑ ÃÊÁ¤¹Ð ¸ÞÄ«´ÏÁò 
¿£ÁøÀ» ä¿ë, ÀÏ¹Ý °¡Á¤À̳ª »ç¹«½Ç¿¡¼­ 
  LIÁ¶¿ëÇÏ°Ô »ç¿ëÇÏ½Ç ¼ö ÀÖ½À´Ï´Ù. BRBR»ó¼¼spec BRBR/LI
  LIÀμâ¼Óµµ : 7ppm(Èæ¹é) / 3ppm(Ä÷¯) BRBR
  LIÇØ»óµµ : 1,200 x 1,200dpi(Ä÷¯, Èæ¹é) BRBR
  LIÀÎÀÚ¸ðµå : HBP BRBR
  LIȣȯ¼º : Window 95/98/NT 4.0 /2000/Me/XP,Mac OS 8.6/9.xÁö¿ø BRBR
  LI¸Þ¸ð¸® : 512KB BRBR
  LIÀÎÅÍÆäÀ̽º : USB(Universal Serial Bus), Æз¯·¼ BRBR
  LI¿ëÁöÅ©±â : A4,A5,B5,Legal,Executive,A6,¹è³Ê,¿±¼­,¶óº§ ¿ëÁö BRBR
  LI±ÞÁö¿ë·® : 100¸Å(ÇÁ¸®¹Ì¾ö ¿ëÁö100¸Å ¹«·áÁ¦°ø) BRBR
  LI¹èÁö¿ë·® : 25¸Å BRBR
  LIÁ¦Ç° Å©±â(W*D*H) : 447 X 170X 210 mm BRBR
  LIÁ¤°ÝÀü¿ø : AC 220V Àü¿ë,60 Hz 
BRBRBRnbsp;nbsp;nbsp;nbsp;./LI/ULTRTD align=middle
TABLE cellSpacing=0 cellPadding=5 width=691 border=0
  
  TR
TD width=681
  OL type=1
LIFONT style=LINE-HEIGHT: 20px color=#00FONT color=redB¼Ò ºñ 
ÀÚ °¡ nbsp;: nbsp;157,000 ¿ø nbsp;¸ðµ¨:MJC-935 i 
nbsp;»ï¼ºÇÁ¸°ÅÍ/B/FONT/FONT 
LIFONT style=LINE-HEIGHT: 20px color=#00FONT 
color=redBÇö±ÝÆǸŰ¡ nbsp;: nbsp;110,000 ¿ø/B/FONT/FONT 
LIFONT style=LINE-HEIGHT: 20px color=#00FONT color=redBÅùè 

¹ß¼Ûnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;/B/FONT/FONT
 
LIFONT style=LINE-HEIGHT: 20px color=#00FONT color=redBÇÑ Á¤ 
ÆÇ ¸Å : 2002 .04.13±îÁö /B/FONT/FONT/LI/OL/TD/TR/TABLE
TABLE cellSpacing=0 cellPadding=5 width=693 border=0
  
  TR
TD width=683
  Pnbsp;/P/TD/TR/TABLE
PFONT size=5Bnbsp;»ï¼ºÇÁ¸°ÅÍ nbsp;nbsp;ÀüÈ­: 
02-895-7862/B/FONT/P
/BODY
/HTML


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

what's that?

2002-04-04 Thread Kirill Zverev 

Hi!

I found that in my logs:

Apr  4 06:25:01 cmss su[30315]: + ??? root-nobody
Apr  4 06:25:01 cmss PAM_unix[30315]: (su) session opened for user nobody by (uid=0)
  
who could use su at six o'clock in the morning?

-- 
Regards,
 Kirill Zverev mailto:[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: ssh allowing password logins even though its disabled

2002-04-04 Thread Tim Freeman 

From: Jeremy T. Bouse [EMAIL PROTECTED]
   Have you verified that keyboard-interaction is not enabled as
well? As I quote from the man page for sshd... 

 PAMAuthenticationViaKbdInt
 Specifies whether PAM challenge response authentication is
 allowed. This allows the use of most PAM challenge response
 authentication modules, but it will allow password authentication
 regardless of whether PasswordAuthentication is disabled. The
 default is ``no''.

Right on the money.  I had followed the instructions that were given
with bug 109846 and added this line to /etc/pam.d/ssh after the line
mentioning pam_env.so:

   auth   required pam_deny.so

This left me with a password prompt, but no matter which password I
typed in, it didn't let me in.  Secure, but ugly.  Commenting out this
line from pam.d/ssh and changing the line in /etc/ssh/sshd_config to

   PAMAuthenticationViaKbdInt no

makes it omit the password prompt instead of putting up a prompt
which rejects all passwords.

I should have read around all mentions of password in the sshd man
page when changing the config files.  Thanks for the pointer.

cc'd this to [EMAIL PROTECTED]

-- 
Tim Freeman   
[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: what's that?

2002-04-04 Thread James Morgan 

It's a cron job belonging to root that changes its user before it goes to work.

At 11:21 2002-04-05 +0600, Kirill Zverev wrote:
Hi!

I found that in my logs:

Apr  4 06:25:01 cmss su[30315]: + ??? root-nobody
Apr  4 06:25:01 cmss PAM_unix[30315]: (su) session opened for user nobody 
by (uid=0)

who could use su at six o'clock in the morning?

--
Regards,
  Kirill Zverev mailto:[EMAIL PROTECTED]




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: what's that?

2002-04-04 Thread tony mancill 

On Fri, 5 Apr 2002, Kirill Zverev wrote:

 I found that in my logs:

 Apr  4 06:25:01 cmss su[30315]: + ??? root-nobody
 Apr  4 06:25:01 cmss PAM_unix[30315]: (su) session opened for user nobody by (uid=0)

 who could use su at six o'clock in the morning?

from /etc/crontab:

# m h dom mon dow user  command
25 6* * *   roottest -e /usr/sbin/anacron || run-parts --report 
/etc/cron.daily

which then in turn invokes:

/etc/cron.daily/find

which contains the line:

cd /  updatedb --localuser=nobody 2/dev/null

and from the manpage for updatedb, you'll see that --localuser invokes su.
:)

In short, this appears to be normal daily processing on your system.

tony
--
All parts should go together without forcing.  You must remember that
the parts you are reassembling were disassembled by you.  Therefore,
if you can't get them together again, there must be a reason.  By all
means, do not use a hammer.-- IBM maintenance manual, 1925


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: what's that?

2002-04-04 Thread Allan Wind 

On 2002-04-05 11:21:39, Kirill Zverev wrote:
 Apr  4 06:25:01 cmss su[30315]: + ??? root-nobody
 Apr  4 06:25:01 cmss PAM_unix[30315]: (su) session opened for user nobody by (uid=0)
   
 who could use su at six o'clock in the morning?

cron, possibly /etc/cron.daily/find:

awind@pawan:/etc$ grep 25 crontab 
25 6* * *   roottest -e /usr/sbin/anacron || run-parts --report
/etc/cron.daily

awind@pawan:/etc/cron.daily$ grep nobody *
find:cd /  updatedb --localuser=nobody 2/dev/null


/Allan
-- 
Allan Wind
P.O. Box 2022
Woburn, MA 01888-0022
USA



msg06222/pgp0.pgp
Description: PGP signature

Re: what's that?

2002-04-04 Thread Karl Breitner 




Logrotate is a good candidate, that's what I found when looking at top output.

/Karl



Kirill Zverev skrev:

 Hi!

 I found that in my logs:

 Apr  4 06:25:01 cmss su[30315]: + ??? root-nobody
 Apr  4 06:25:01 cmss PAM_unix[30315]: (su) session opened for user nobody by (uid=0)

 who could use su at six o'clock in the morning?

 --
 Regards,
  Kirill Zverev mailto:[EMAIL PROTECTED]

 --
 To UNSUBSCRIBE, email to [EMAIL PROTECTED]
 with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

*****SPAM***** (±¤°í)´ç½ÅÀ» ¹é¸¸ÀåÀÚŬ·´¿¡ ÃÊ´ëÇÕ´Ï´Ù...

2002-04-04 Thread ¹®¿ë¹Ì 

!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN
HTMLHEAD
META http-equiv=Content-Type content=text/html; charset=unicode
META content=MSHTML 6.00.2713.1100 name=GENERATOR/HEAD
BODY
 
font color=blue face=ÈÞ¸Õ¸ÅÁ÷ü size=3span style=FONT-SIZE: 
18ptnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;/span/fontfont
 face=ÈÞ¸Õ¸ÅÁ÷üa href=http://nancho.starhana.com;script language=javascript 
src= http://myhome.hananet.net/~nannaya77/js/don1.js;/script/a/font
P/P 
a href=http://nancho.starhana.com; target=_blankimg 
src=http://starhana.com/images/mtima1.jpg; border=0 width=134 height=114img 
src=http://starhana.com/images/mtima2.gif; border=0 width=146 height=114img 
src=http://starhana.com/images/mtima3.gif; border=0 width=146 height=114img 
src=http://starhana.com/images/mtima4.jpg; border=0 width=170 height=114/a
pfont face=ÈÞ¸Õ¸ÅÁ÷ü color=red size=3span style=FONT-SIZE: 20ptÀÌÀ¯°¡ 
ÀÖ´Â ·©Å· 1À§ ½ÎÀÌÆ®/span/font/p
pFONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 14ptÃÖ±Ù ¿©·¯´Þµ¿¾È 
/spanfont color=blue span style=FONT-SIZE: 
14pt¹«·áÁ¤º¸ºÐ¾ß/span/fontspan style=FONT-SIZE: 14pt 
ÀÇ ·©Ä» ¼øÀ§ 1À§ÀÎ ½ÎÀÌÆ®°¡ ¾îµðÀÎÁö Ȥ½Ã ¾Æ½Ã³ª¿ä? 
/span/FONT/FONT/p
pa href=http://nancho.starhana.com;span style=FONT-SIZE: 20ptfont 
face=ÈÞ¸Õ¸ÅÁ÷ü color=#ff size=5¿© 
±â/font/span/aFONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 14pt 
°¡ 
·©Å· 1À§¶ó¸é ±×·² ¸¸ÇÑ ÀÌÀ¯°¡ÀÖÁö ¾Ê°Ú½À´Ï±î? /span/FONT/FONT/p
pFONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 14pt´ÔÀ» Á¤ÁßÈ÷ 
ÃÊ´ëÇÏ°Ú½À´Ï´Ù. 
/span/FONT/FONTfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 
14pt»ç¾÷°¡Àû ¾È¸ñÀ¸·Î °ËÅäÇϽŴٸé 
Á¤¸» ³î¶ó½Ç °ÍÀÔ´Ï´Ù./span/font/p
pa href=http://nancho.starhana.com;span style=FONT-SIZE: 26ptfont 
face=ÈÞ¸Õ¸ÅÁ÷ü color=red size=6¹é¸¸ÀåÀÚŬ·´/font/span/aspan 
style=FONT-SIZE: 26pta href=http://nancho.starhana.com;font face=ÈÞ¸Õ¸ÅÁ÷ü 
color=fuchsia size=6nbsp;/font/afont face=ÈÞ¸Õ¸ÅÁ÷ü color=fuchsia 
size=5nbsp;/font/spanFONT size=3FONT 
face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 20ptfont color=fuchsia 
nbsp;/fontfont color=blue ¹Ù·Î°¡±â/font/spanspan style=FONT-SIZE: 
26ptfont color=fuchsia 
nbsp;nbsp;nbsp;nbsp;/font/span/FONT/FONT/p
pfont face=ÈÞ¸Õ¸ÅÁ÷ü color=#33 size=3span style=FONT-SIZE: 
16ptnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;¶Ç
 
ÇϳªÀÇ ºò ´º½º /span/fonta href=http://www.winergrup.com;span 
style=FONT-SIZE: 20ptfont face=ÈÞ¸Õ¸ÅÁ÷ü color=#ff00ff 
size=6nbsp;ºòÇ÷¡´Ö/font/span/aFONT size=3font face=ÈÞ¸Õ¸ÅÁ÷ü 
color=fuchsiaspan style=FONT-SIZE: 20pt 
nbsp;/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü color=bluespan style=FONT-SIZE: 
20pt¹Ù·Î°¡±â/span/font/FONT/p
pnbsp;FONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷ünbsp;span style=FONT-SIZE: 14ptÀÌ 
¸ðµÎ°¡ /spanfont color=red span style=FONT-SIZE: 
14pt¹é¸¸ÀåÀÚŬ·´/span/fontspan style=FONT-SIZE: 14pt¿¡¼­ 
½ÇÇö °¡´ÉÇÕ´Ï´Ù. ÂüÀ¸·Î ¾öû³­ Á¤º¸°¡
  /span/FONT/FONTfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÁ¦ 
ȨÆäÀÌÁö¿¡ ÀÖ½À´Ï´Ù. 
/span/font/p
pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÀϹÝȸ¿ø°¡ÀÔÀº 
¹«·áÀ̸ç ÀÚ¼¼È÷ ÀÐ¾î º¸½Ã¸é
ÁÁÀº Á¤º¸¸¦ ¾òÀ» ¼ö ÀÖ°í »ç¾÷¼³¸íȸ Àå¼Òµµ/span/font   font face=ÈÞ¸Õ¸ÅÁ÷ü 
size=4span style=FONT-SIZE: 14ptÂü¼® ÇÏ½Ç ¼ö ÀÖ½À´Ï´Ù./span/font/p
pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÇÁ·£Â÷ÀÌÁî¿¡ 
°¡ÀÔÇϽøé 
Á¤½Ä »ç¾÷ÀÚ ÀÚ°ÝÀ¸·Î ÀÚ½ÅÀÇ È¨ÆäÀÌÁö°¡ /span/fontfont size=3span 
style=FONT-SIZE: 14ptFONT face=ÈÞ¸Õ¸ÅÁ÷üFONT size=4»ý¼ºµÇ¸ç ÀçÅñٹ«·Î¼­ 
¹«ÀÚº» 
   
  ¹«Á¡Æ÷/FONT/FONT   
  FONT face=ÈÞ¸Õ¸ÅÁ÷üFONT size=4ÀÇ 
   
  ÀÎÅͳݿöÅ· 
»ç¾÷ÀÌ °¡´ÉÇÕ´Ï´Ù/FONT./FONT/span/font/p
pfont size=3span style=FONT-SIZE: 14ptFONT face=ÈÞ¸Õ¸ÅÁ÷üÇÁ·£Â÷ÀÌÁî 
°¡ÀԽô ¾à°£ÀÇ È¨ÆäÀÌÁö ¿î¿µ À¯Áöºñ¸¸ °¨¼öÇÏ½Ã¸é µË´Ï´Ù./FONT/span/font/p
pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÁÖÀÇ ÇϽÇÁ¡ ȸ¿ø°¡ÀԽà 
id¸¦ °£´ÜÇÏ¸ç ¿Ü¿ì±â ½¬¿î °ÍÀ¸·Î Çϼ¼¿ä. ÀÌÀ¯´Â ÇÁ·£Â÷ÀÌÁî °¡ÀԽà 
id°¡ ÀÚ½ÅÀÇ µµ¸ÞÀÎÀ¸·Î ¿Ã¶ó°©´Ï´Ù./span/font/p
pfont size=4span style=FONT-SIZE: 14ptFONT face=ÈÞ¸Õ¸ÅÁ÷üÁ¦ Ȩ¿¡ ¿À½Ã¸é 
FONT 
color=#ff¿î¿µÀÚ ÇÁ·ÎÇÊ/FONTFONT color=#00À» ÀÐ¾î º¸½Ã°í ±× ´ÙÀ½ ´Ù¸¥ 
Á¤º¸µéÀ» 

  /FONT/FONT/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span 
style=FONT-SIZE: 14pt²Ä²ÄÈ÷ ¿­¶÷Çϼ¼¿ä./span/font/p
pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 color=fuchsiaspan style=FONT-SIZE: 
14pt(Âü°í)/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 
14pt¹é¸¸ÀåÀÚŬ·´°ú 
»ó°ü¾øÀÌ /span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 color=bluespan 
style=FONT-SIZE: 14ptºòÇ÷¡´Ö/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 
color=#01span style=FONT-SIZE: 14pt»ç¾÷¸¸/span/fontfont 
face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÀ» 
Èñ¸ÁÇϽô ºÐÀº ¹«·áȸ¿ø °¡ÀÔÈÄ /span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 
color=redspan style=FONT-SIZE: 14ptiwÂü°¡Çϱâ/span/fontfont 
face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14pt 
Ç׸ñÀ» Ŭ¸¯ÇϽþî Âü¿©½ÅûÀ»/span/font/p
pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÇϽðųª ÀüÈ­¸¦ 
ÁÖ½Ã¸é ¾È³»¸¦ ÇÏ°Ú½À´Ï´Ù. »ç¾÷½Åû

*****SPAM***** (±¤°í)´ç½ÅÀ» ¹é¸¸ÀåÀÚŬ·´¿¡ ÃÊ´ëÇÕ´Ï´Ù...

2002-04-04 Thread ¹®¿ë¹Ì 

!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN
HTMLHEAD
META http-equiv=Content-Type content=text/html; charset=unicode
META content=MSHTML 6.00.2713.1100 name=GENERATOR/HEAD
BODY
 
font color=blue face=ÈÞ¸Õ¸ÅÁ÷ü size=3span style=FONT-SIZE: 
18ptnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;/span/fontfont
 face=ÈÞ¸Õ¸ÅÁ÷üa href=http://nancho.starhana.com;script language=javascript 
src= http://myhome.hananet.net/~nannaya77/js/don1.js;/script/a/font
P/P 
a href=http://nancho.starhana.com; target=_blankimg 
src=http://starhana.com/images/mtima1.jpg; border=0 width=134 height=114img 
src=http://starhana.com/images/mtima2.gif; border=0 width=146 height=114img 
src=http://starhana.com/images/mtima3.gif; border=0 width=146 height=114img 
src=http://starhana.com/images/mtima4.jpg; border=0 width=170 height=114/a
pfont face=ÈÞ¸Õ¸ÅÁ÷ü color=red size=3span style=FONT-SIZE: 20ptÀÌÀ¯°¡ 
ÀÖ´Â ·©Å· 1À§ ½ÎÀÌÆ®/span/font/p
pFONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 14ptÃÖ±Ù ¿©·¯´Þµ¿¾È 
/spanfont color=blue span style=FONT-SIZE: 
14pt¹«·áÁ¤º¸ºÐ¾ß/span/fontspan style=FONT-SIZE: 14pt 
ÀÇ ·©Ä» ¼øÀ§ 1À§ÀÎ ½ÎÀÌÆ®°¡ ¾îµðÀÎÁö Ȥ½Ã ¾Æ½Ã³ª¿ä? 
/span/FONT/FONT/p
pa href=http://nancho.starhana.com;span style=FONT-SIZE: 20ptfont 
face=ÈÞ¸Õ¸ÅÁ÷ü color=#ff size=5¿© 
±â/font/span/aFONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 14pt 
°¡ 
·©Å· 1À§¶ó¸é ±×·² ¸¸ÇÑ ÀÌÀ¯°¡ÀÖÁö ¾Ê°Ú½À´Ï±î? /span/FONT/FONT/p
pFONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 14pt´ÔÀ» Á¤ÁßÈ÷ 
ÃÊ´ëÇÏ°Ú½À´Ï´Ù. 
/span/FONT/FONTfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 
14pt»ç¾÷°¡Àû ¾È¸ñÀ¸·Î °ËÅäÇϽŴٸé 
Á¤¸» ³î¶ó½Ç °ÍÀÔ´Ï´Ù./span/font/p
pa href=http://nancho.starhana.com;span style=FONT-SIZE: 26ptfont 
face=ÈÞ¸Õ¸ÅÁ÷ü color=red size=6¹é¸¸ÀåÀÚŬ·´/font/span/aspan 
style=FONT-SIZE: 26pta href=http://nancho.starhana.com;font face=ÈÞ¸Õ¸ÅÁ÷ü 
color=fuchsia size=6nbsp;/font/afont face=ÈÞ¸Õ¸ÅÁ÷ü color=fuchsia 
size=5nbsp;/font/spanFONT size=3FONT 
face=ÈÞ¸Õ¸ÅÁ÷üspan style=FONT-SIZE: 20ptfont color=fuchsia 
nbsp;/fontfont color=blue ¹Ù·Î°¡±â/font/spanspan style=FONT-SIZE: 
26ptfont color=fuchsia 
nbsp;nbsp;nbsp;nbsp;/font/span/FONT/FONT/p
pfont face=ÈÞ¸Õ¸ÅÁ÷ü color=#33 size=3span style=FONT-SIZE: 
16ptnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;¶Ç
 
ÇϳªÀÇ ºò ´º½º /span/fonta href=http://www.winergrup.com;span 
style=FONT-SIZE: 20ptfont face=ÈÞ¸Õ¸ÅÁ÷ü color=#ff00ff 
size=6nbsp;ºòÇ÷¡´Ö/font/span/aFONT size=3font face=ÈÞ¸Õ¸ÅÁ÷ü 
color=fuchsiaspan style=FONT-SIZE: 20pt 
nbsp;/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü color=bluespan style=FONT-SIZE: 
20pt¹Ù·Î°¡±â/span/font/FONT/p
pnbsp;FONT size=4FONT face=ÈÞ¸Õ¸ÅÁ÷ünbsp;span style=FONT-SIZE: 14ptÀÌ 
¸ðµÎ°¡ /spanfont color=red span style=FONT-SIZE: 
14pt¹é¸¸ÀåÀÚŬ·´/span/fontspan style=FONT-SIZE: 14pt¿¡¼­ 
½ÇÇö °¡´ÉÇÕ´Ï´Ù. ÂüÀ¸·Î ¾öû³­ Á¤º¸°¡
  /span/FONT/FONTfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÁ¦ 
ȨÆäÀÌÁö¿¡ ÀÖ½À´Ï´Ù. 
/span/font/p
pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÀϹÝȸ¿ø°¡ÀÔÀº 
¹«·áÀ̸ç ÀÚ¼¼È÷ ÀÐ¾î º¸½Ã¸é
ÁÁÀº Á¤º¸¸¦ ¾òÀ» ¼ö ÀÖ°í »ç¾÷¼³¸íȸ Àå¼Òµµ/span/font   font face=ÈÞ¸Õ¸ÅÁ÷ü 
size=4span style=FONT-SIZE: 14ptÂü¼® ÇÏ½Ç ¼ö ÀÖ½À´Ï´Ù./span/font/p
pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÇÁ·£Â÷ÀÌÁî¿¡ 
°¡ÀÔÇϽøé 
Á¤½Ä »ç¾÷ÀÚ ÀÚ°ÝÀ¸·Î ÀÚ½ÅÀÇ È¨ÆäÀÌÁö°¡ /span/fontfont size=3span 
style=FONT-SIZE: 14ptFONT face=ÈÞ¸Õ¸ÅÁ÷üFONT size=4»ý¼ºµÇ¸ç ÀçÅñٹ«·Î¼­ 
¹«ÀÚº» 
   
  ¹«Á¡Æ÷/FONT/FONT   
  FONT face=ÈÞ¸Õ¸ÅÁ÷üFONT size=4ÀÇ 
   
  ÀÎÅͳݿöÅ· 
»ç¾÷ÀÌ °¡´ÉÇÕ´Ï´Ù/FONT./FONT/span/font/p
pfont size=3span style=FONT-SIZE: 14ptFONT face=ÈÞ¸Õ¸ÅÁ÷üÇÁ·£Â÷ÀÌÁî 
°¡ÀԽô ¾à°£ÀÇ È¨ÆäÀÌÁö ¿î¿µ À¯Áöºñ¸¸ °¨¼öÇÏ½Ã¸é µË´Ï´Ù./FONT/span/font/p
pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÁÖÀÇ ÇϽÇÁ¡ ȸ¿ø°¡ÀԽà 
id¸¦ °£´ÜÇÏ¸ç ¿Ü¿ì±â ½¬¿î °ÍÀ¸·Î Çϼ¼¿ä. ÀÌÀ¯´Â ÇÁ·£Â÷ÀÌÁî °¡ÀԽà 
id°¡ ÀÚ½ÅÀÇ µµ¸ÞÀÎÀ¸·Î ¿Ã¶ó°©´Ï´Ù./span/font/p
pfont size=4span style=FONT-SIZE: 14ptFONT face=ÈÞ¸Õ¸ÅÁ÷üÁ¦ Ȩ¿¡ ¿À½Ã¸é 
FONT 
color=#ff¿î¿µÀÚ ÇÁ·ÎÇÊ/FONTFONT color=#00À» ÀÐ¾î º¸½Ã°í ±× ´ÙÀ½ ´Ù¸¥ 
Á¤º¸µéÀ» 

  /FONT/FONT/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span 
style=FONT-SIZE: 14pt²Ä²ÄÈ÷ ¿­¶÷Çϼ¼¿ä./span/font/p
pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 color=fuchsiaspan style=FONT-SIZE: 
14pt(Âü°í)/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 
14pt¹é¸¸ÀåÀÚŬ·´°ú 
»ó°ü¾øÀÌ /span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 color=bluespan 
style=FONT-SIZE: 14ptºòÇ÷¡´Ö/span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 
color=#01span style=FONT-SIZE: 14pt»ç¾÷¸¸/span/fontfont 
face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÀ» 
Èñ¸ÁÇϽô ºÐÀº ¹«·áȸ¿ø °¡ÀÔÈÄ /span/fontfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4 
color=redspan style=FONT-SIZE: 14ptiwÂü°¡Çϱâ/span/fontfont 
face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14pt 
Ç׸ñÀ» Ŭ¸¯ÇϽþî Âü¿©½ÅûÀ»/span/font/p
pfont face=ÈÞ¸Õ¸ÅÁ÷ü size=4span style=FONT-SIZE: 14ptÇϽðųª ÀüÈ­¸¦ 
ÁÖ½Ã¸é ¾È³»¸¦ ÇÏ°Ú½À´Ï´Ù. »ç¾÷½Åû

ssh allowing password logins even though its disabled

2002-04-04 Thread Tim Freeman 
I just rediscovered bug 109846 in ssh, 

   SSH uses PAM password authentication in SSH2 even if disabled

It's filed as a normal bug.  Before I discovered the dup, I was
going to file it as a grave bug, since the system involved has weak
passwords (my kids have to be able to log in, and they can't type too
well).  If I had not tested that ssh disables passwords when you tell
it to, it would have allowed fairly easy penetration, so there might
be lots of vulnerable systems out there.

Can anyone clue me in on why other people don't think this is grave,
or lend me encouragment on pushing the priority up?

-- 
Tim Freeman   
[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: DoS in debian (potato) proftpd: 1.2.0pre10-2.0potato1

2002-04-04 Thread Justin Shore 
On 3/29/02 3:40 PM martin f krafft said...

dear bugtraq'ers,

i must confess that the information i provided wrt the acclaimed DoS
exploit in Debian potato's proftpd package (1.2.0pre10-2.0potato1) was
not fully accurate. the package *does in fact contain a buggy daemon*
despite having been fixed, according to the changelog:

  proftpd (1.2.0pre10-2.0potato1) stable; urgency=high

snip

i don't think it's necessary to discuss this; the daemon as packaged
by debian is buggy and that has to be fixed. but i hope i was able to
give you some more information on the extent of the exploit. i will
do my best to push a fixed package into the APT archive at
security.debian.org as soon as possible.

Plus 1.2.0 went final back in January 2001.  It's been out for over a 
year.  Many versions without this bug have been released for some time.  
I don't see any reason to beat a dead horse.  Any distribution that still 
ships anything older than 1.2.4 should simply make 1.2.4 available in the 
updates or errata.



--
Justin Shore, ES-SS ES-SSR  Pittsburg State University
Network  Systems Manager   Kelce 157Q
Office of Information Systems   Pittsburg, KS 66762
Voice: (620) 235-4606   Fax: (620) 235-4545
http://www.pittstate.edu/ois/

Warning:  This message has been quadruple Rot13'ed for your protection.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: A question about some network services

2002-04-04 Thread eim 
First of all thanks to all for responses.

On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote:
 On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote:
 
   'time' is RFC 868, a pre-NTP time synchronization protocol. It just
   sends the time as a 32-bit int, where:
   
   The time is the number of seconds since 00:00 (midnight) 1 January 1900
GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this
base will serve until the year 2036.
   
   I think it sends it big-endian, but I'm not sure.
  
  Is it used by the old rdate tools?

Old rdate tools ? I use them regulary to update my
servers with the current time, is it more convenient
to install an NTP server on my local network ?

Thanks.

 
 Indeed.  It's quite usefull if you don't have a NTP server at
 hand, e. g. behind a firewall.  It's not ok if you need accuracy
 of less than 1 sec.
 
 /Holger
 
 
 -- 
 ++ GnuPG Key - http://www.t-online.de/~holger.eitzenberger ++
-- 

 »« »« »« »« »« »« »« »« »« »« »« »« »« »« »«
 Ivo Marino[EMAIL PROTECTED]
 UN*X Developer, running Debian GNU/Linux
 irc.OpenProjects.net #debian
 http://eimbox.org/~eim http://eimbox.org
 »« »« »« »« »« »« »« »« »« »« »« »« »« »« »«


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: DoS in Shells: was Re: DoS in debian (potato) proftpd: 1.2.0pre10-2.0potato1

2002-04-04 Thread Chip McClure 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Also tested, and vulnerable on:

FreeBSD 4.5-RELEASE FreeBSD 4.5-RELEASE #0: Mon Jan 28 14:31:56 GMT 2002
[EMAIL PROTECTED]:/usr/src/sys/compile/GENERIC  i386

Tested using the shells bash, csh, ksh, zsh.

Chip

- -
Chip McClure
Sr. Unix Administrator
GigGuardian, Inc.

http://www.gigguardian.com/
- -

On Wed, 3 Apr 2002 [EMAIL PROTECTED] wrote:


 Hello All,

 I can confirm that the ls strings dos' slackware 8.0. Causes shell process of 
 that user (user or root) to chew up the cpu until the shell terminates on sig 
 11.

 Works on any shell the user is using, csh, ksh, bash

 Tested on:
 Linux 2.2.19 #93 Thu Jun 21 01:09:03 PDT 2001 i586 unknown
 SunOS 5.8 Generic_108528-12 sun4u sparc SUNW,Ultra-Enterprise

 Not Vuln:
 OpenBSD 3.0 GENERIC#94 i386

 Needs more investigation.

 Gilbert


 At 03:40 PM 3/29/2002, martin f krafft wrote:
ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*

 ...

DenyFilter \*.*/

 Just as a quick question, why not deny the string /../ (you may have to
 deny the regex /\.\./, depending how the filter in question works)?

 As far as I can tell, it's the ability to embed /../ into a path that is
 at the root of this, far more than the ability to embed wildcards.  I can't
 think of a situation in which /../ should appear in a user-supplied path,
 except after a string of repeated ../s.

 The workaround suggested by Mr Krafft would disable some useful
 functionality - one large user of mine, for instance, was keen to have my
 own software evaluate wildcards in the body of the path, which Mr Krafft's
 workaround disables completely.  They even paid for the privilege (not
 enough, but they paid ;-))

 So, let's see, a regex that would deny /../, except as part of a string
 of such...

 One bash would be [^/.].*/\.\./ - matching /../ if it's after any
 character other than '/' or '.'.  Doubtless someone can come up with
 something better.

 Alun.
 

 --
 Texas Imperial Software   | Try WFTPD, the Windows FTP Server. Find us at
 1602 Harvest Moon Place   | http://www.wftpd.com or email [EMAIL PROTECTED]
 Cedar Park TX 78613-1419  | VISA/MC accepted.  NT-based sites, be sure to
 Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for NT.


 Hush provide the worlds most secure, easy to use online applications - which 
 solution is right for you?
 HushMail Secure Email http://www.hushmail.com/
 HushDrive Secure Online Storage http://www.hushmail.com/hushdrive/
 Hush Business - security for your Business http://www.hush.com/
 Hush Enterprise - Secure Solutions for your Enterprise http://www.hush.com/

 Looking for a good deal on a domain name? 
 http://www.hush.com/partners/offers.cgi?id=domainpeople

  Output from pgp 
 Pretty Good Privacy(tm) Version 6.5.8
 Internal development version only - not for general release.
 (c) 1999 Network Associates Inc.
 Export of this software may be restricted by the U.S. government.
 File is signed.  signature not checked.
 Signature made 2002/04/04 05:51 GMT
 key does not meet validity threshold.
 WARNING:  Because this public key is not certified with a trusted
 signature, it is not known with high confidence that this public key
 actually belongs to: (KeyID: 0x91AB07A7).
 wiping file pgptemp.$00pattern is: 0x
 pattern is: 0x666
 pattern is: 0xddd
 pattern is: 0x333
 pattern is: 0x111
 pattern is: 0xbbb
 pattern is: 0xfff
 pattern is: 0x999
 pattern is: 0x
 pattern is: 0x6db
 pattern is: 0xccc
 pattern is: 0x492
 pattern is: 0xdb6
 pattern is: 0x
 pattern is: 0x249
 pattern is: 0x777
 pattern is: 0xaaa
 pattern is: 0xeee
 pattern is: 0x555
 pattern is: 0x444
 pattern is: 0x888
 pattern is: 0xb6d
 pattern is: 0x0
 pattern is: 0x222
 pattern is: 0x924
 pattern is: 0x
 wiping file pgptemp.$01pattern is: 0x
 pattern is: 0x777
 pattern is: 0x222
 pattern is: 0x6db
 pattern is: 0xbbb
 pattern is: 0xb6d
 pattern is: 0x666
 pattern is: 0x333
 pattern is: 0x
 pattern is: 0xccc
 pattern is: 0x924
 pattern is: 0xeee
 pattern is: 0xaaa
 pattern is: 0x
 pattern is: 0xddd
 pattern is: 0xfff
 pattern is: 0x999
 pattern is: 0x888
 pattern is: 0x0
 pattern is: 0xdb6
 pattern is: 0x444
 pattern is: 0x249
 pattern is: 0x492
 pattern is: 0x555
 pattern is: 0x111
 pattern is: 0x



-BEGIN PGP SIGNATURE-
Version: PGP 6.5.8
Comment: Made with pgp4pine 1.76

iQA/AwUBPKyICZuKtP8CSC69EQImIACfZE5iDHm4ug5FRhiq6jPqrL1VKrgAoIbU
y58V4TmV1Du3rS1tas+lYUpu
=dU2C
-END PGP SIGNATURE-



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: A question about some network services

2002-04-04 Thread Christian G. Warden 
rdate is probably easier to use.  ntp requires at least a little
configuration, but it is more accurate.

xn

On Thu, Apr 04, 2002 at 06:56:30PM +0200, eim wrote:
 First of all thanks to all for responses.
 
 On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote:
  On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote:
  
'time' is RFC 868, a pre-NTP time synchronization protocol. It just
sends the time as a 32-bit int, where:

The time is the number of seconds since 00:00 (midnight) 1 January 1900
 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this
 base will serve until the year 2036.

I think it sends it big-endian, but I'm not sure.
   
   Is it used by the old rdate tools?
 
 Old rdate tools ? I use them regulary to update my
 servers with the current time, is it more convenient
 to install an NTP server on my local network ?
 
 Thanks.
 
  
  Indeed.  It's quite usefull if you don't have a NTP server at
  hand, e. g. behind a firewall.  It's not ok if you need accuracy
  of less than 1 sec.
  
  /Holger
  
  
  -- 
  ++ GnuPG Key - http://www.t-online.de/~holger.eitzenberger ++
 -- 
 
  »« »« »« »« »« »« »« »« »« »« »« »« »« »« »«
  Ivo Marino[EMAIL PROTECTED]
  UN*X Developer, running Debian GNU/Linux
  irc.OpenProjects.net #debian
  http://eimbox.org/~eim http://eimbox.org
  »« »« »« »« »« »« »« »« »« »« »« »« »« »« »«
 
 
 -- 
 To UNSUBSCRIBE, email to [EMAIL PROTECTED]
 with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: A question about some network services

2002-04-04 Thread Anne Carasik 
On Tue, Apr 02, 2002 at 01:34:32PM -0500, Noah L. Meyerhans wrote:
  Well, daytime spits out the time of day, time is for NTP,
  and I'm not sure what discard is used for.
 No, NTP does not use the time port.  It uses port 123 (ntp in
 /etc/services).

Ok, figures I don't know since I don't use it.

 Discard is the network equivalent of /dev/null

W.. an MTU of zero :)

 The question of what to do with these ports comes up every once in a
 while on this list.  Some people prefer to leave them on, others turn
 them off.  I don't think there's ever been an exploit that involves
 these ports, as the code is quite simple (i.e. easy to implement
 securely).

Occasionally, there may be a DOS attack, but nothing invasive.

  I usually turn off inetd completely. It helps makes things
  quieter on a nessus scan :)
 Yes, this is good advice, and something that never occurs to most
 people.  Most common services these days run quite happily in standalone
 mode, so there's often no reason to use inetd at all.

Given most everything can run through SSH or SSL (at least TCP-based) :)

-Anne
-- 

  .-.__.``.   Anne Carasik, System Administrator
 .-.--. _...' (/)   (/)   ``'   [EMAIL PROTECTED] 
(O/ O) \-'  ` -==.',  Center for Advanced Computing Research
~`~~


pgpTYNkc4r1PK.pgp
Description: PGP signature

Re: A question about some network services

2002-04-04 Thread Emmanuel Lacour 
On Thu, Apr 04, 2002 at 06:56:30PM +0200, eim wrote:
 First of all thanks to all for responses.
 
 On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote:
  On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote:
  
'time' is RFC 868, a pre-NTP time synchronization protocol. It just
sends the time as a 32-bit int, where:

The time is the number of seconds since 00:00 (midnight) 1 January 1900
 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this
 base will serve until the year 2036.

I think it sends it big-endian, but I'm not sure.
   
   Is it used by the old rdate tools?
 
 Old rdate tools ? I use them regulary to update my
 servers with the current time, is it more convenient
 to install an NTP server on my local network ?
 
 Thanks.

Sorry that's not that I wanted to say. Just rdate is a well known tool
because it's an old tool (tcp/ip is old too, and we use it every days;-)

when to use ntp/rdate well, it depends...-:)

-- 
Easter-eggsSpécialiste GNU/Linux
44-46 rue de l'Ouest  -  75014 Paris   -   France -  Métro Gaité
Phone: +33 (0) 1 43 35 00 37- Fax: +33 (0) 1 41 35 00 76
mailto:[EMAIL PROTECTED]   -http://www.easter-eggs.com


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: A question about some network services

2002-04-04 Thread Tim Haynes 
Anne Carasik [EMAIL PROTECTED] writes:

 The question of what to do with these ports comes up every once in a
 while on this list. Some people prefer to leave them on, others turn
 them off. I don't think there's ever been an exploit that involves these
 ports, as the code is quite simple (i.e. easy to implement securely).

 Occasionally, there may be a DOS attack, but nothing invasive.

Depends. I thought it was an old trick to persuade echo ports to talk to
each other and run away giggling...

 Yes, this is good advice, and something that never occurs to most
 people. Most common services these days run quite happily in standalone
 mode, so there's often no reason to use inetd at all.

 Given most everything can run through SSH or SSL (at least TCP-based) :)

The short reasons in favour of inetd are that

a) you save memory space by not having the daemon running all the time (at
the slight cost of latency on start-up - choose according to your
situation!);

b) (if using xinetd instead of boring old inetd) you can apply the same
syntax for per-host rate- and resource-limiting to many services that would
otherwise either require much research to implement (try exim and apache
for size), or not even implement it at all; 

c) if you're writing a network listener of your own you can implement it in
(x)inetd without having to worry about writing the regular listen-accept-
process loop *again*.

Not that it's *always* a good idea to use inetd, but it still has its plus-
points by a long way, especially xinetd instead.

~Tim
-- 
http://spodzone.org.uk/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: on potato's proftpd

2002-04-04 Thread Martin WHEELER 
On Wed, Apr 03, 2002 at 09:22:34AM +, Martin WHEELER wrote:
 Release early; release often.

On Wed, 3 Apr 2002, Petro wrote:

 bemfont size=7blinkNO/font/em/b

 Measure twice, cut once.

Fine.  You wear the same size suit from birth to death; me, I'll adjust
according to circumstances.
-- 
Martin Wheeler [EMAIL PROTECTED] gpg key 01269BEB @ the.earth.li




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: on potato's proftpd

2002-04-04 Thread martin f krafft 
also sprach Michael Stone [EMAIL PROTECTED] [2002.04.04.0211 +0200]:
  because it will prevent s.d.o from serving a buggy package. it's not
  fixed perfectly, but at least it's not subject to a known exploit.
 
 Could you be a little more careful with your terms? A DOS is not an
 exploit, it's a DOS. By saying exploit your implying a far more
 critical problem than actually exists.

will do, sorry. a DOS is still a form of exploit - you exploit
services without giving in return, but then again the exploit has no
direct benefit for the instigator...

but no, i'll keep my head down and simply say i'm sorry. you are
absolutely right.

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; [EMAIL PROTECTED]
  
and if the cloud bursts, thunder in your ear
 you shout and no one seems to hear
 and if the band you're in starts playing different tunes
 i'll see you on the dark side of the moon.
   -- pink floyd, 1972


pgpOk0Asz4PTh.pgp
Description: PGP signature

Re: on potato's proftpd

2002-04-04 Thread martin f krafft 
also sprach Andrew Pimlott [EMAIL PROTECTED] [2002.04.04.0135 +0200]:
  this problem is understood by the developers of proftpd
 
 Wichert said that nobody has explained why the current fix on s.d.o
 doesn't work.  If the problem is understood, why hasn't someone
 explained this?  That's all that is asked, AFAICT.

i have no clue if the fix repaired anything or even how it works, but
the actual problem as it affects proftpd is known.

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; [EMAIL PROTECTED]
  
nobody expects the spanish inquisition.
   -- monty python


pgpAtXkwn2fpc.pgp
Description: PGP signature

Re: DoS in debian (potato) proftpd: 1.2.0pre10-2.0potato1

2002-04-04 Thread martin f krafft 
also sprach Alun Jones [EMAIL PROTECTED] [2002.04.04.0445 +0200]:
   DenyFilter \*.*/
 
 Just as a quick question, why not deny the string /../ (you may have to 
 deny the regex /\.\./, depending how the filter in question works)?

quick answer: because i merely copied the fix from the security pages
of the proftpd homepage [1].

  1. http://proftpd.linux.co.uk/critbugs.html

 As far as I can tell, it's the ability to embed /../ into a path that is 
 at the root of this, far more than the ability to embed wildcards.  I can't 
 think of a situation in which /../ should appear in a user-supplied path, 
 except after a string of repeated ../s.

i actually agree with you here.

 [^/.].*/\.\./

mh, this would not prevent

  /some/.dotdir/../

right?

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; [EMAIL PROTECTED]
  
to vacillate or not to vacillate,
that is the question ... or is it?


pgplXg9sxFYVR.pgp
Description: PGP signature

Re: ssh allowing password logins even though its disabled

2002-04-04 Thread Jeremy T. Bouse 
Have you verified that keyboard-interaction is not enabled as
well? As I quote from the man page for sshd... 

 PAMAuthenticationViaKbdInt
 Specifies whether PAM challenge response authentication is
 allowed. This allows the use of most PAM challenge response
 authentication modules, but it will allow password authentication
 regardless of whether PasswordAuthentication is disabled. The
 default is ``no''.

Jeremy

On Wed, Apr 03, 2002 at 09:39:21PM -0700, Tim Freeman wrote:
 I just rediscovered bug 109846 in ssh, 
 
SSH uses PAM password authentication in SSH2 even if disabled
 
 It's filed as a normal bug.  Before I discovered the dup, I was
 going to file it as a grave bug, since the system involved has weak
 passwords (my kids have to be able to log in, and they can't type too
 well).  If I had not tested that ssh disables passwords when you tell
 it to, it would have allowed fairly easy penetration, so there might
 be lots of vulnerable systems out there.
 
 Can anyone clue me in on why other people don't think this is grave,
 or lend me encouragment on pushing the priority up?
 
 -- 
 Tim Freeman   
 [EMAIL PROTECTED]
 
 
 -- 
 To UNSUBSCRIBE, email to [EMAIL PROTECTED]
 with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: DoS in Shells: was Re: DoS in debian (potato) proftpd: 1.2.0pre10-2.0potato1

2002-04-04 Thread Kurt Seifried 
This is, to put it politely, incredibly old news. Let's face it, if you give
a user a shell acount, with no restrictions on CPU time or memory usage,
yes, they will be able to suck up as much resources as the computer can
spare (this is, among other reasons why nice exists). I advise you place
limitson the users, memory, cpu, stack size, file descriptors, etc, finding
good limits can be tricky though, and you will also want to limit
concurrent logins.

I wrote an article on using PAM (pluggable Authenticaiton Modules) which
covers these issues and a few others, available at:

http://www.samag.com/documents/s=1161/sam0009a/0009a.htm

Also you can view information on setting limits with various shells, and PAM
as well at:

http://seifried.org/security/os/linux/20020324-securing-linux-step-by-step.h
tml
goto Limiting users overview.

And the LASG, Limiting and monitoring users
http://seifried.org/lasg/users/

Better to use PAM to limit users then the shell because the various shells
do not all support the limiting the same items, or soft/hard limits, and if
you miss a shell and the user chsh's they can avoid it, they can't really
avoid pam. As for the /*/../. problem in general it was
discovered many many years ago (more then two).

Kurt Seifried, [EMAIL PROTECTED]
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
http://www.iDefense.com/




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

NEOMAIL - as big kev in OZ would say, IM EXCITED !

2002-04-04 Thread Marcel Welschbillig 

Hi,

Sorry know this is off topic but

I Just wanted everyone to know about NeoMail

http://neomail.sourceforge.net

Its a fully functional Webmail server that looks better and is more 
functional than many commercial servers and its FREE ! And easy to setup !


Know someone out there will be as excited about this program as i am, 
wish i would have known about it earlier.


HAPPY LINUXING !

Marcel


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

*****SPAM***** »ï¼º Ä®¶óÇÁ¸°ÅÍ Æ¯°¡ÆǸŠ110,000 ¿ø

2002-04-04 Thread kcl 
HTML
HEAD
META content=text/html; charset=ks_c_5601-1987 http-equiv=Content-Type
STYLE p, font, span { line-height:120%; margin-top:0; margin-bottom:0; 
}/STYLE
/HEADBODY
DIV align=left
DL
  DTFONT face=±¼¸² color=black size=2¾È³ç Çϼ¼¿ä. nbsp;º» ¸ÞÀÏÀº ±¤°í ¸ÞÀÏ 
ÀÔ´Ï´Ù./FONT 
  DTFONT face=±¼¸² color=black size=2»çÀü Çã¶ô¾øÀÌ ¸ÞÀÏÀ» º¸³»°Ô µÇ¾î¼­ 
Áø½ÉÀ¸·Î 
Á˼ÛÇÕ´Ï´Ù/FONT/DT
  DTFONT face=±¼¸² color=black size=2/FONT /DT
  DTSPAN style=FONT-SIZE: 10ptFONT face=±¼¸² color=blackB¸ÞÀÏ ¹Þ±â¸¦ 
¿øÄ¡ 
  nbsp;¾ÊÀ¸½Å´Ù¸é ¾Æ·¡ ¸ÞÀÏ·Î ¹Ý¼Û¸ÞÀÏÀ» º¸³»Áֽøé BRÀÌÈÄ¿¡´Â Àý´ë·Î ¸ÞÀÏÀÌ 
¼ö½ÅµÇÁö ¾ÊÀ» 
  °ÍÀÔ´Ï´Ù.BR/B/FONT/SPANFONT face=±¼¸² color=black size=2. /FONT
  DTBFONT color=#ffSPAN style=FONT-SIZE: 14pt¹Ý¼Û¸ÞÀÏ ÁÖ¼Ò : 
  [EMAIL PROTECTED]/SPAN/FONT/B/DT
  
DTnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;Àü
 
  È­ : 02-895-7862
  
DT---
 
  DT 
  DTnbsp;nbsp;nbsp;nbsp;nbsp;»ï¼ºÇÁ¸°ÅÍ MJC-935 i 
nbsp;nbsp;nbsp;110,000 ¿ø¿¡ 
  ÆǸŠnbsp;nbsp;( Ư°¡ ÆǸŰ¡°Ý ÀÔ´Ï´Ù ) 
  DT 
  
DTnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;¼ÒºñÀÚ°¡:157,000
 
  ¿ø ==gt; 110,000 ¿ø¿¡ ÆǸŠ/DT/DL
DL
  
DTnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;IMG
 
  height=354 src=http://2-sun.com/image/product/mjc935.jpg; width=354 border=0
  
DTnbsp;nbsp;
 
  nbsp; /DT/DL/DIV
UL
  LI1200dpi ÃÊ°íÇØ»óµµ BR1ÀÎÄ¡´ç ÂïÈ÷´Â À×Å©¹æ¿ïÀÇ Å©±â°¡ ±âÁ¸ÀÇ ¹æ½Äº¸´Ù 
ÈξÀ ÀÛÀº 
  LI'±Ø¹Ì¼¼ À×Å©¹æ½Ä'À» ä¿ë,ÀϹݿëÁö¿¡¼­µµ ¼¶¼¼ÇÑ Ä÷¯ÀÇ ´À³¦À» ±×´ë·Î 
ÀçÇöÇØ µå¸³´Ï´Ù. BRBR/LI
  LI½Ã¿øÇÑ ¼Óµµ 7PPM BR1ºÐ¿¡ ÃÖ´ë 7ÀåÀÇ Èæ¹é¹®¼­ ¹× 3ÀåÀÇ Ä÷¯¹®¼­¸¦ Ãâ·ÂÇÒ 
¼ö Àִ Ź¿ùÇÑ ½ºÇǵå! 
  LIÀÏ¹Ý ÇнÀ¿ëÀ¸·Î³ª ¼Ò±Ô¸ð »ç¹«½Ç¿ëÀ¸·Î »ç¿ëÇϱ⿡ ¾Ë¸ÂÀº ¼ÓµµÀÔ´Ï´Ù. 
BRBR/LI
  LI¹øÁü¾ø°í ±ò²ûÇÑ ÇDZ׸ÕÆ® À×Å© BR¾î¶² Á¾·ùÀÇ ¿ëÁö¸¦ »ç¿ëÇصµ ¹øÁöÁö ¾Ê°í 
¶Ç·ÈÇÏ°Ô ÀμâÇØÁÖ´Â °ËÁ¤»ö ÇDZ׸ÕÆ®À×Å©¸¦ »ç¿ë, 
  LIÃâ·ÂµÈ ¹®¼­°¡ ÇÑ°á ±ò²ûÇØ º¸ÀÔ´Ï´Ù. BRBR/LI
  LI45dBÀÇ Á¶¿ëÇÑ ÇÁ¸°Æà BR45dB ÀÌÇÏÀÇ Àú¼ÒÀ½ ÇÁ¸°ÆÃÀÌ °¡´ÉÇÑ ÃÊÁ¤¹Ð 
¸ÞÄ«´ÏÁò ¿£ÁøÀ» ä¿ë, ÀÏ¹Ý °¡Á¤À̳ª »ç¹«½Ç¿¡¼­ 
  LIÁ¶¿ëÇÏ°Ô »ç¿ëÇÏ½Ç ¼ö ÀÖ½À´Ï´Ù. BRBR»ó¼¼spec BRBR/LI
  LIÀμâ¼Óµµ : 7ppm(Èæ¹é) / 3ppm(Ä÷¯) BRBR
  LIÇØ»óµµ : 1,200 x 1,200dpi(Ä÷¯, Èæ¹é) BRBR
  LIÀÎÀÚ¸ðµå : HBP BRBR
  LIȣȯ¼º : Window 95/98/NT 4.0 /2000/Me/XP,Mac OS 8.6/9.xÁö¿ø BRBR
  LI¸Þ¸ð¸® : 512KB BRBR
  LIÀÎÅÍÆäÀ̽º : USB(Universal Serial Bus), Æз¯·¼ BRBR
  LI¿ëÁöÅ©±â : A4,A5,B5,Legal,Executive,A6,¹è³Ê,¿±¼­,¶óº§ ¿ëÁö BRBR
  LI±ÞÁö¿ë·® : 100¸Å(ÇÁ¸®¹Ì¾ö ¿ëÁö100¸Å ¹«·áÁ¦°ø) BRBR
  LI¹èÁö¿ë·® : 25¸Å BRBR
  LIÁ¦Ç° Å©±â(W*D*H) : 447 X 170X 210 mm BRBR
  LIÁ¤°ÝÀü¿ø : AC 220V Àü¿ë,60 Hz 
BRBRBRnbsp;nbsp;nbsp;nbsp;./LI/ULTRTD align=middle
TABLE cellSpacing=0 cellPadding=5 width=691 border=0
  
  TR
TD width=681
  OL type=1
LIFONT style=LINE-HEIGHT: 20px color=#00FONT color=redB¼Ò 
ºñ 
ÀÚ °¡ nbsp;: nbsp;157,000 ¿ø nbsp;¸ðµ¨:MJC-935 i 
nbsp;»ï¼ºÇÁ¸°ÅÍ/B/FONT/FONT 
LIFONT style=LINE-HEIGHT: 20px color=#00FONT 
color=redBÇö±ÝÆǸŰ¡ nbsp;: nbsp;110,000 ¿ø/B/FONT/FONT 
LIFONT style=LINE-HEIGHT: 20px color=#00FONT 
color=redBÅùè 

¹ß¼Ûnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;/B/FONT/FONT
 
LIFONT style=LINE-HEIGHT: 20px color=#00FONT color=redBÇÑ 
Á¤ 
ÆÇ ¸Å : 2002 .04.13±îÁö /B/FONT/FONT/LI/OL/TD/TR/TABLE
TABLE cellSpacing=0 cellPadding=5 width=693 border=0
  
  TR
TD width=683
  Pnbsp;/P/TD/TR/TABLE
PFONT size=5Bnbsp;»ï¼ºÇÁ¸°ÅÍ nbsp;nbsp;ÀüÈ­: 
02-895-7862/B/FONT/P
/BODY
/HTML


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

*****SPAM***** »ï¼º Ä®¶óÇÁ¸°ÅÍ Æ¯°¡ÆǸŠ110,000 ¿ø

2002-04-04 Thread kcl 
HTML
HEAD
META content=text/html; charset=ks_c_5601-1987 http-equiv=Content-Type
STYLE p, font, span { line-height:120%; margin-top:0; margin-bottom:0; 
}/STYLE
/HEADBODY
DIV align=left
DL
  DTFONT face=±¼¸² color=black size=2¾È³ç Çϼ¼¿ä. nbsp;º» ¸ÞÀÏÀº ±¤°í ¸ÞÀÏ 
ÀÔ´Ï´Ù./FONT 
  DTFONT face=±¼¸² color=black size=2»çÀü Çã¶ô¾øÀÌ ¸ÞÀÏÀ» º¸³»°Ô µÇ¾î¼­ 
Áø½ÉÀ¸·Î 
Á˼ÛÇÕ´Ï´Ù/FONT/DT
  DTFONT face=±¼¸² color=black size=2/FONT /DT
  DTSPAN style=FONT-SIZE: 10ptFONT face=±¼¸² color=blackB¸ÞÀÏ ¹Þ±â¸¦ 
¿øÄ¡ 
  nbsp;¾ÊÀ¸½Å´Ù¸é ¾Æ·¡ ¸ÞÀÏ·Î ¹Ý¼Û¸ÞÀÏÀ» º¸³»Áֽøé BRÀÌÈÄ¿¡´Â Àý´ë·Î ¸ÞÀÏÀÌ 
¼ö½ÅµÇÁö ¾ÊÀ» 
  °ÍÀÔ´Ï´Ù.BR/B/FONT/SPANFONT face=±¼¸² color=black size=2. /FONT
  DTBFONT color=#ffSPAN style=FONT-SIZE: 14pt¹Ý¼Û¸ÞÀÏ ÁÖ¼Ò : 
  [EMAIL PROTECTED]/SPAN/FONT/B/DT
  
DTnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;Àü
 
  È­ : 02-895-7862
  
DT---
 
  DT 
  DTnbsp;nbsp;nbsp;nbsp;nbsp;»ï¼ºÇÁ¸°ÅÍ MJC-935 i 
nbsp;nbsp;nbsp;110,000 ¿ø¿¡ 
  ÆǸŠnbsp;nbsp;( Ư°¡ ÆǸŰ¡°Ý ÀÔ´Ï´Ù ) 
  DT 
  
DTnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;¼ÒºñÀÚ°¡:157,000
 
  ¿ø ==gt; 110,000 ¿ø¿¡ ÆǸŠ/DT/DL
DL
  
DTnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;IMG
 
  height=354 src=http://2-sun.com/image/product/mjc935.jpg; width=354 border=0
  
DTnbsp;nbsp;
 
  nbsp; /DT/DL/DIV
UL
  LI1200dpi ÃÊ°íÇØ»óµµ BR1ÀÎÄ¡´ç ÂïÈ÷´Â À×Å©¹æ¿ïÀÇ Å©±â°¡ ±âÁ¸ÀÇ ¹æ½Äº¸´Ù 
ÈξÀ ÀÛÀº 
  LI'±Ø¹Ì¼¼ À×Å©¹æ½Ä'À» ä¿ë,ÀϹݿëÁö¿¡¼­µµ ¼¶¼¼ÇÑ Ä÷¯ÀÇ ´À³¦À» ±×´ë·Î 
ÀçÇöÇØ µå¸³´Ï´Ù. BRBR/LI
  LI½Ã¿øÇÑ ¼Óµµ 7PPM BR1ºÐ¿¡ ÃÖ´ë 7ÀåÀÇ Èæ¹é¹®¼­ ¹× 3ÀåÀÇ Ä÷¯¹®¼­¸¦ Ãâ·ÂÇÒ 
¼ö Àִ Ź¿ùÇÑ ½ºÇǵå! 
  LIÀÏ¹Ý ÇнÀ¿ëÀ¸·Î³ª ¼Ò±Ô¸ð »ç¹«½Ç¿ëÀ¸·Î »ç¿ëÇϱ⿡ ¾Ë¸ÂÀº ¼ÓµµÀÔ´Ï´Ù. 
BRBR/LI
  LI¹øÁü¾ø°í ±ò²ûÇÑ ÇDZ׸ÕÆ® À×Å© BR¾î¶² Á¾·ùÀÇ ¿ëÁö¸¦ »ç¿ëÇصµ ¹øÁöÁö ¾Ê°í 
¶Ç·ÈÇÏ°Ô ÀμâÇØÁÖ´Â °ËÁ¤»ö ÇDZ׸ÕÆ®À×Å©¸¦ »ç¿ë, 
  LIÃâ·ÂµÈ ¹®¼­°¡ ÇÑ°á ±ò²ûÇØ º¸ÀÔ´Ï´Ù. BRBR/LI
  LI45dBÀÇ Á¶¿ëÇÑ ÇÁ¸°Æà BR45dB ÀÌÇÏÀÇ Àú¼ÒÀ½ ÇÁ¸°ÆÃÀÌ °¡´ÉÇÑ ÃÊÁ¤¹Ð 
¸ÞÄ«´ÏÁò ¿£ÁøÀ» ä¿ë, ÀÏ¹Ý °¡Á¤À̳ª »ç¹«½Ç¿¡¼­ 
  LIÁ¶¿ëÇÏ°Ô »ç¿ëÇÏ½Ç ¼ö ÀÖ½À´Ï´Ù. BRBR»ó¼¼spec BRBR/LI
  LIÀμâ¼Óµµ : 7ppm(Èæ¹é) / 3ppm(Ä÷¯) BRBR
  LIÇØ»óµµ : 1,200 x 1,200dpi(Ä÷¯, Èæ¹é) BRBR
  LIÀÎÀÚ¸ðµå : HBP BRBR
  LIȣȯ¼º : Window 95/98/NT 4.0 /2000/Me/XP,Mac OS 8.6/9.xÁö¿ø BRBR
  LI¸Þ¸ð¸® : 512KB BRBR
  LIÀÎÅÍÆäÀ̽º : USB(Universal Serial Bus), Æз¯·¼ BRBR
  LI¿ëÁöÅ©±â : A4,A5,B5,Legal,Executive,A6,¹è³Ê,¿±¼­,¶óº§ ¿ëÁö BRBR
  LI±ÞÁö¿ë·® : 100¸Å(ÇÁ¸®¹Ì¾ö ¿ëÁö100¸Å ¹«·áÁ¦°ø) BRBR
  LI¹èÁö¿ë·® : 25¸Å BRBR
  LIÁ¦Ç° Å©±â(W*D*H) : 447 X 170X 210 mm BRBR
  LIÁ¤°ÝÀü¿ø : AC 220V Àü¿ë,60 Hz 
BRBRBRnbsp;nbsp;nbsp;nbsp;./LI/ULTRTD align=middle
TABLE cellSpacing=0 cellPadding=5 width=691 border=0
  
  TR
TD width=681
  OL type=1
LIFONT style=LINE-HEIGHT: 20px color=#00FONT color=redB¼Ò 
ºñ 
ÀÚ °¡ nbsp;: nbsp;157,000 ¿ø nbsp;¸ðµ¨:MJC-935 i 
nbsp;»ï¼ºÇÁ¸°ÅÍ/B/FONT/FONT 
LIFONT style=LINE-HEIGHT: 20px color=#00FONT 
color=redBÇö±ÝÆǸŰ¡ nbsp;: nbsp;110,000 ¿ø/B/FONT/FONT 
LIFONT style=LINE-HEIGHT: 20px color=#00FONT 
color=redBÅùè 

¹ß¼Ûnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;/B/FONT/FONT
 
LIFONT style=LINE-HEIGHT: 20px color=#00FONT color=redBÇÑ 
Á¤ 
ÆÇ ¸Å : 2002 .04.13±îÁö /B/FONT/FONT/LI/OL/TD/TR/TABLE
TABLE cellSpacing=0 cellPadding=5 width=693 border=0
  
  TR
TD width=683
  Pnbsp;/P/TD/TR/TABLE
PFONT size=5Bnbsp;»ï¼ºÇÁ¸°ÅÍ nbsp;nbsp;ÀüÈ­: 
02-895-7862/B/FONT/P
/BODY
/HTML


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

what's that?

2002-04-04 Thread Kirill Zverev 
Hi!

I found that in my logs:

Apr  4 06:25:01 cmss su[30315]: + ??? root-nobody
Apr  4 06:25:01 cmss PAM_unix[30315]: (su) session opened for user nobody by 
(uid=0)
  
who could use su at six o'clock in the morning?

-- 
Regards,
 Kirill Zverev mailto:[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: ssh allowing password logins even though its disabled

2002-04-04 Thread Tim Freeman 
From: Jeremy T. Bouse [EMAIL PROTECTED]
   Have you verified that keyboard-interaction is not enabled as
well? As I quote from the man page for sshd... 

 PAMAuthenticationViaKbdInt
 Specifies whether PAM challenge response authentication is
 allowed. This allows the use of most PAM challenge response
 authentication modules, but it will allow password authentication
 regardless of whether PasswordAuthentication is disabled. The
 default is ``no''.

Right on the money.  I had followed the instructions that were given
with bug 109846 and added this line to /etc/pam.d/ssh after the line
mentioning pam_env.so:

   auth   required pam_deny.so

This left me with a password prompt, but no matter which password I
typed in, it didn't let me in.  Secure, but ugly.  Commenting out this
line from pam.d/ssh and changing the line in /etc/ssh/sshd_config to

   PAMAuthenticationViaKbdInt no

makes it omit the password prompt instead of putting up a prompt
which rejects all passwords.

I should have read around all mentions of password in the sshd man
page when changing the config files.  Thanks for the pointer.

cc'd this to [EMAIL PROTECTED]

-- 
Tim Freeman   
[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: what's that?

2002-04-04 Thread James Morgan 

It's a cron job belonging to root that changes its user before it goes to work.

At 11:21 2002-04-05 +0600, Kirill Zverev wrote:

Hi!

I found that in my logs:

Apr  4 06:25:01 cmss su[30315]: + ??? root-nobody
Apr  4 06:25:01 cmss PAM_unix[30315]: (su) session opened for user nobody 
by (uid=0)


who could use su at six o'clock in the morning?

--
Regards,
 Kirill Zverev mailto:[EMAIL PROTECTED]





--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]