Re: Updated Package List
To my knowledge you can safely ignore it. I'm always purging the package on every server installation I did since I know my servers don't use rpc at all. - Markus On Wed, Jul 31, 2002 at 08:46:38AM +0200, Jens Hafner wrote : some of you suggested to remove portmap in order close some more port and thereby increase security. Since I never really understood what the pormapper was doing, I though I could do without it. However, once I tried to uninstall the package with dselect, I got a dependency issue saying that netbase suggests on portmap. Is that something I can ignore? Thanks for your help. -- GnuPG Key: http://guru.josefine.at/~mfischer/C2272BD0.asc Fabian hwaaraSick: unsignificant hwaaraSick Fabian: can you be more precise? Fabian hwaaraSick: negligible
Re: Iptables not logging
Is klogd really needed ? Just adding a directive like this #3 # log source # # Note: we do not need klogd anymore! source primary { internal(); unix-stream(/dev/log); file(/proc/kmsg); }; solves it. Afaik klogd get's uninstalled with sysklogd when you install syslog-ng. - Markus On Wed, Jul 24, 2002 at 01:23:41PM -0400, Desai, Jason wrote : Are you using syslog-ng? If so, when it gets restarted, klogd also needs to be restarted. Looks like there was a bug reported about this - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=129819 Not sure when it's going to make it into woody, though. The simple fix is to modify your /etc/init.d/syslog-ng script to restart klogd. Jase I upgraded to Debian 3.0 (Woody). Ok, not too bad. But, now iptables no longer logs the messages I was sending to LOG. Any clues? Hint, kern.log was empty also. I have restarted klogd and then sysklogd. There is a little in kern.log now but not much. During the original boot, I thought I saw some messages about modules not loading. Could not see the same messages in the logs. I have Kernel v 2.4.18. Do not have ipmasq installed. Was originally running iptables and stuff from Bunk's downloads. (Dumped the init.d script that came with this version of iptables, already had my script written.) Pat Moffitt MIS Administrator Western Recreational Vehicles, Inc. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- GnuPG Key: http://guru.josefine.at/~mfischer/C2272BD0.asc Adding is_deleted() would be the first is_*() function in PHP that I know of that checks if something *is not* something. Really bad. - SB -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Resolver Libraries Advisory
On Sat, Jun 29, 2002 at 10:15:15AM +0100, [EMAIL PROTECTED] wrote : I presume http://www.cert.org/advisories/CA-2002-19.html effects the Debian instances of libc and Bind9? I'm completely confused what I should make of this advisory. If you read the following paragraph: Internet Software Consortium All versions of BIND 4 from 4.8.3 prior to BIND 4.9.9 are vulnerable. All versions of BIND 8 prior to BIND 8.2.6 are vulnerable. All versions of BIND 8.3.x prior to BIND 8.3.3 are vulnerable. BIND versions BIND 9.2.0 and BIND 9.2.1 are vulnerable. BIND version 4.8 does not appear to be vulnerable. BIND versions BIND 9.0.x and BIND 9.1.x are not vulnerable. 'named' itself is not vulnerable. 'named' is not vulnerable, only the resolver library? So if I've configured all machines to use my named (i.e. they never contact a malicious dns server), what is the inpact them? - Markus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]