Re: Updated Package List
To my knowledge you can safely ignore it. I'm always purging the package on every server installation I did since I know my servers don't use rpc at all. - Markus On Wed, Jul 31, 2002 at 08:46:38AM +0200, Jens Hafner wrote : some of you suggested to remove portmap in order close some more port and thereby increase security. Since I never really understood what the pormapper was doing, I though I could do without it. However, once I tried to uninstall the package with dselect, I got a dependency issue saying that netbase suggests on portmap. Is that something I can ignore? Thanks for your help. -- GnuPG Key: http://guru.josefine.at/~mfischer/C2272BD0.asc Fabian hwaaraSick: unsignificant hwaaraSick Fabian: can you be more precise? Fabian hwaaraSick: negligible
Re: Iptables not logging
Is klogd really needed ? Just adding a directive like this
#3
# log source
#
# Note: we do not need klogd anymore!
source primary {
internal();
unix-stream(/dev/log);
file(/proc/kmsg);
};
solves it.
Afaik klogd get's uninstalled with sysklogd when you install
syslog-ng.
- Markus
On Wed, Jul 24, 2002 at 01:23:41PM -0400, Desai, Jason wrote :
Are you using syslog-ng? If so, when it gets restarted, klogd also needs to
be restarted. Looks like there was a bug reported about this -
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=129819
Not sure when it's going to make it into woody, though. The simple fix is
to modify your /etc/init.d/syslog-ng script to restart klogd.
Jase
I upgraded to Debian 3.0 (Woody). Ok, not too bad. But, now
iptables no
longer logs the messages I was sending to LOG. Any clues?
Hint, kern.log was empty also. I have restarted klogd and
then sysklogd.
There is a little in kern.log now but not much. During the
original boot, I
thought I saw some messages about modules not loading. Could
not see the
same messages in the logs. I have Kernel v 2.4.18. Do not
have ipmasq
installed. Was originally running iptables and stuff from
Bunk's downloads.
(Dumped the init.d script that came with this version of
iptables, already
had my script written.)
Pat Moffitt
MIS Administrator
Western Recreational Vehicles, Inc.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
--
GnuPG Key: http://guru.josefine.at/~mfischer/C2272BD0.asc
Adding is_deleted() would be the first is_*() function in PHP that I
know of that checks if something *is not* something. Really bad. - SB
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Resolver Libraries Advisory
On Sat, Jun 29, 2002 at 10:15:15AM +0100, [EMAIL PROTECTED] wrote : I presume http://www.cert.org/advisories/CA-2002-19.html effects the Debian instances of libc and Bind9? I'm completely confused what I should make of this advisory. If you read the following paragraph: Internet Software Consortium All versions of BIND 4 from 4.8.3 prior to BIND 4.9.9 are vulnerable. All versions of BIND 8 prior to BIND 8.2.6 are vulnerable. All versions of BIND 8.3.x prior to BIND 8.3.3 are vulnerable. BIND versions BIND 9.2.0 and BIND 9.2.1 are vulnerable. BIND version 4.8 does not appear to be vulnerable. BIND versions BIND 9.0.x and BIND 9.1.x are not vulnerable. 'named' itself is not vulnerable. 'named' is not vulnerable, only the resolver library? So if I've configured all machines to use my named (i.e. they never contact a malicious dns server), what is the inpact them? - Markus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
