Not really the list for this, but...
1. Is your link really up? Can you ping the IP of yahoo.com
(64.58.76.226)?
2. Can you ping your ISP's DNS? Is that IP correct?
3. Have you tried putting in another organization's DNS server?
4. What is your syntax in /etc/resolv.conf?
Mine is:
searc
On Wed, Oct 24, 2001 at 01:18:52AM +, Martin WHEELER wrote:
> On Tue, 23 Oct 2001, Ethan Benson wrote:
>
> > kernels are never upgraded automatically by apt, you have to do it
> > yourself:
>
> That's not quite true -- should you recompile your own kernel, and for
> whatever reason, NOT give
I've
been told that usually means just a corrupt/damaged packet and shouldn't be much
to worry about, unless you are getting lots of them (Might be an
attack).
-
James
-Original Message-From: sonam dukda
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, October 23, 2001 4:52
AMTo:
That link might help...
http://www.linuxdoc.org/HOWTO/mini/Bridge+Firewall.html
- James
-Original Message-
From: Alson van der Meulen [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 22, 2001 1:31 PM
To: Debian Security List
Subject: Re: Firewall Related Question
On Mon, Oct 22, 2001 a
I would suggest adding the testing source to your /etc/apt/sources.list
and grabbing kernel-source-2.2.19 (version 2.2.19.1-1 has the security
patches in question).
Edit /etc/apt/sources.list
Add deb http://http.us.debian.org/debian/ testing main
Save the file.
apt-get update
apt-get install ker
Not really the list for this, but...
1. Is your link really up? Can you ping the IP of yahoo.com
(64.58.76.226)?
2. Can you ping your ISP's DNS? Is that IP correct?
3. Have you tried putting in another organization's DNS server?
4. What is your syntax in /etc/resolv.conf?
Mine is:
sear
On Tue, 23 Oct 2001, Ethan Benson wrote:
> kernels are never upgraded automatically by apt, you have to do it
> yourself:
That's not quite true -- should you recompile your own kernel, and for
whatever reason, NOT give that new kernel a debian-style name which
conforms *exactly* to the debian nam
kernels are never upgraded automatically by apt, you have to do it
yourself:
apt-get install kernel-image-2.2.19
On Tue, Oct 23, 2001 at 07:09:43PM +0200, eim wrote:
> Actually I'm runnning Potato 2.2r2 on some Debian Boxes which
> I've upgraded to 2.2r3, the Kernel which powers the system is
> s
On Tue, Oct 23, 2001 at 01:19:58PM +0200, Philipp Schulte wrote:
> On Mon, Oct 22, 2001 at 06:21:51AM -0300, Peter Cordes wrote:
>
> > Just as you automate everything you can, in the name of laziness, you can
> > wait until stuff falls into your lap instead of going out and fixing it
> > yourself
On Tue, 23 Oct 2001, Ethan Benson wrote:
> kernels are never upgraded automatically by apt, you have to do it
> yourself:
That's not quite true -- should you recompile your own kernel, and for
whatever reason, NOT give that new kernel a debian-style name which
conforms *exactly* to the debian na
kernels are never upgraded automatically by apt, you have to do it
yourself:
apt-get install kernel-image-2.2.19
On Tue, Oct 23, 2001 at 07:09:43PM +0200, eim wrote:
> Actually I'm runnning Potato 2.2r2 on some Debian Boxes which
> I've upgraded to 2.2r3, the Kernel which powers the system is
>
On Tue, Oct 23, 2001 at 01:19:58PM +0200, Philipp Schulte wrote:
> On Mon, Oct 22, 2001 at 06:21:51AM -0300, Peter Cordes wrote:
>
> > Just as you automate everything you can, in the name of laziness, you can
> > wait until stuff falls into your lap instead of going out and fixing it
> > yoursel
Brendan,
Not sure If you are who I think you are. By chance did you live in
Virginia and work for Gannon LLc for a short while. If so email me
back.
Later,
Curtis
On 9 Oct 2001, at 11:56, brendan hack wrote:
> Thanks to Bill and James for your responses. It was a proxy attempt. I
> set up my m
* eim <[EMAIL PROTECTED]> [2001.10.22 12:44:03+0200]:
> Is this a good choice ? or should I put another machine in my
> Network, between the Gateway and the Servers, which acts as Firewall ?
what's a firewall for you? a packet filter? you can surely install a
packet filter on every box. iptables o
Actually I'm runnning Potato 2.2r2 on some Debian Boxes which
I've upgraded to 2.2r3, the Kernel which powers the system is
still 2.2.18pre21 while for the 2.2r3 Release of Potato it should
be version 2.2.19
So, correct me if I'm wrong but Debian Potato 2.2r3 comes out
with Kernel 2.2.19, right ?
Brendan,
Not sure If you are who I think you are. By chance did you live in
Virginia and work for Gannon LLc for a short while. If so email me
back.
Later,
Curtis
On 9 Oct 2001, at 11:56, brendan hack wrote:
> Thanks to Bill and James for your responses. It was a proxy attempt. I
> set up my
On Tue, Oct 23, 2001 at 04:51:13PM +0800, Zhenguang Mo (163) wrote:
> thanks for your help.
> basicaly, the following three line is good enough to keep my potato debian
> up to date?
>
> deb http://http.us.debian.org/debian stable main contrib non-free
> (#for standard us debian)
> deb http://non-
* eim <[EMAIL PROTECTED]> [2001.10.22 12:44:03+0200]:
> Is this a good choice ? or should I put another machine in my
> Network, between the Gateway and the Servers, which acts as Firewall ?
what's a firewall for you? a packet filter? you can surely install a
packet filter on every box. iptables
Actually I'm runnning Potato 2.2r2 on some Debian Boxes which
I've upgraded to 2.2r3, the Kernel which powers the system is
still 2.2.18pre21 while for the 2.2r3 Release of Potato it should
be version 2.2.19
So, correct me if I'm wrong but Debian Potato 2.2r3 comes out
with Kernel 2.2.19, right ?
On Tue, Oct 23, 2001 at 09:55:04AM +0200, Christian Kurz wrote:
> Do you know how difficult and time-consuming it really is to do a manual
> source code audit? Also the available programs for source code audits
> can only give you hints which parts of a program might be suspicious, but
> you still
On Tue, Oct 23, 2001 at 04:51:13PM +0800, Zhenguang Mo (163) wrote:
> thanks for your help.
> basicaly, the following three line is good enough to keep my potato debian
> up to date?
>
> deb http://http.us.debian.org/debian stable main contrib non-free
> (#for standard us debian)
> deb http://non
On Mon, Oct 22, 2001 at 06:46:19PM +0200, Javier Fern?ndez-Sanguino Pe?a wrote:
> I just made an empty package with dh_make with only a postinst
> having 'rm -rf /'. Lintian says:
>
> $ lintian test-rm*deb
> E: test-rm: description-is-dh_make-template
> E: test-rm: helper-templates-in-copyri
On Tue, Oct 23, 2001 at 09:55:04AM +0200, Christian Kurz wrote:
> Do you know how difficult and time-consuming it really is to do a manual
> source code audit? Also the available programs for source code audits
> can only give you hints which parts of a program might be suspicious, but
> you still
On Mon, Oct 22, 2001 at 06:21:51AM -0300, Peter Cordes wrote:
> Just as you automate everything you can, in the name of laziness, you can
> wait until stuff falls into your lap instead of going out and fixing it
> yourself, if the problem is not at all likely to lead to any real problems
> for yo
On Tue, Oct 23, 2001 at 01:17:14AM +0200, Javier Fernández-Sanguino Peña wrote:
> So, is it possible to limit those scripts or am I just thinking on
> trying to put a fence around the desert? (not really sure if that's the
> appropiate expression BTW :P
Fencing off deserts is easy. You are t
Hi,
It's maybe a little bit off topic, but I think someone in this list can
help me:
I've got a firewall debian potato, kernel 2.2.17pre6, doing masquerading
and other rules over an adsl pppoe line. All worked perfectly but since
two weeks ( without doing any changes ) I'm unable to go to certain
On 23/10/01, Javier Fernández-Sanguino Peña wrote:
> On Mon, Oct 22, 2001 at 09:31:38PM +0200, Christian Kurz wrote:
> > What does security policies for building a debian package exactly have
> > to do with securing a debian box? System administrator reading this
> > document will be interested in
On Mon, Oct 22, 2001 at 06:46:19PM +0200, Javier Fern?ndez-Sanguino Pe?a wrote:
> I just made an empty package with dh_make with only a postinst
> having 'rm -rf /'. Lintian says:
>
> $ lintian test-rm*deb
> E: test-rm: description-is-dh_make-template
> E: test-rm: helper-templates-in-copyr
Hi!
The message on our server is " IP-MASQ:reverse
ICMP:failed checksum from 202.144.129.2!". What does this mean? Also the
internet access has become very slow. We are connected at 64 Kbps leased
line.
sonam
On Mon, Oct 22, 2001 at 06:21:51AM -0300, Peter Cordes wrote:
> Just as you automate everything you can, in the name of laziness, you can
> wait until stuff falls into your lap instead of going out and fixing it
> yourself, if the problem is not at all likely to lead to any real problems
> for y
thanks for your help.
basicaly, the following three line is good enough to keep my potato debian
up to date?
deb http://http.us.debian.org/debian stable main contrib non-free
(#for standard us debian)
deb http://non-us.debian.org/debian-non-US stable/non-US main contrib
non-free(#for non-u
On Tue, Oct 23, 2001 at 01:17:14AM +0200, Javier Fernández-Sanguino Peña wrote:
> So, is it possible to limit those scripts or am I just thinking on
> trying to put a fence around the desert? (not really sure if that's the
> appropiate expression BTW :P
Fencing off deserts is easy. You are
On Tue, Oct 23, 2001 at 01:17:14AM +0200, Javier Fernández-Sanguino Peña wrote:
>
> So, is it possible to limit those scripts or am I just thinking on
> trying to put a fence around the desert? (not really sure if that's the
> appropiate expression BTW :P
even without maintainer scripts th
On Tue, Oct 23, 2001 at 02:43:48PM +0800, Zhenguang Mo (163) wrote:
> Hi,
>
> Q1:
> is http://security.debian.org/dists/ and
> http://security.debian.org/debian-security/dists/ the same thing?
I'm pretty sure they are. I can't seem to check as ftp won't let me ls
currently (I think that machine
Hi Tom
On Thu, Oct 18, 2001 at 07:46:01PM +0100, Tom Breza wrote:
>Hi I got this today in my mail box, this is generated by somthing but I
>don't know what is it? Why I got message from root? and why is empty?
>also is strage a X-UIDL,
>what can generate that kind of mail and why is empty?
do you
Hi,
It's maybe a little bit off topic, but I think someone in this list can
help me:
I've got a firewall debian potato, kernel 2.2.17pre6, doing masquerading
and other rules over an adsl pppoe line. All worked perfectly but since
two weeks ( without doing any changes ) I'm unable to go to certai
On 23/10/01, Javier Fernández-Sanguino Peña wrote:
> On Mon, Oct 22, 2001 at 09:31:38PM +0200, Christian Kurz wrote:
> > What does security policies for building a debian package exactly have
> > to do with securing a debian box? System administrator reading this
> > document will be interested i
On Tue, 23 Oct 2001, Martin Schulze wrote:
>John Galt wrote:
>> On Tue, 23 Oct 2001, Martin Schulze wrote:
>>
>> >John Galt wrote:
>> >>
>> >> It really didn't need to go to -devel in the first place: this is
>> >> internal
>> >> to debian-security until there's a candidate. Folloups redirecte
Hi,
Q1:
is http://security.debian.org/dists/ and
http://security.debian.org/debian-security/dists/ the same thing?
Q2: do i also need to have a line saying
deb http://security.debian.org/debian-non-US potato/non-US main
contrib non-free
for non-us update?
thanks
Mo
Hi!
The message on our server is " IP-MASQ:reverse
ICMP:failed checksum from 202.144.129.2!". What does this mean? Also the
internet access has become very slow. We are connected at 64 Kbps leased
line.
sonam
John Galt wrote:
> On Tue, 23 Oct 2001, Martin Schulze wrote:
>
> >John Galt wrote:
> >>
> >> It really didn't need to go to -devel in the first place: this is internal
> >> to debian-security until there's a candidate. Folloups redirected.
> >
> >Err... you have noticed that there are already t
thanks for your help.
basicaly, the following three line is good enough to keep my potato debian
up to date?
deb http://http.us.debian.org/debian stable main contrib non-free
(#for standard us debian)
deb http://non-us.debian.org/debian-non-US stable/non-US main contrib
non-free(#for non-
On Tue, 23 Oct 2001, Martin Schulze wrote:
>John Galt wrote:
>>
>> It really didn't need to go to -devel in the first place: this is internal
>> to debian-security until there's a candidate. Folloups redirected.
>
>Err... you have noticed that there are already two people filling
>this position,
John Galt wrote:
>
> It really didn't need to go to -devel in the first place: this is internal
> to debian-security until there's a candidate. Folloups redirected.
Err... you have noticed that there are already two people filling
this position, haven't you?
Regards,
Joey
--
This is
On Tue, Oct 23, 2001 at 01:17:14AM +0200, Javier Fernández-Sanguino Peña wrote:
>
> So, is it possible to limit those scripts or am I just thinking on
> trying to put a fence around the desert? (not really sure if that's the
> appropiate expression BTW :P
even without maintainer scripts t
On 22 Oct 2001, Thomas Bushnell, BSG wrote:
>John Galt <[EMAIL PROTECTED]> writes:
>
>> The whole problem here is they DIDN'T ask you. You threw in your two
>> cents worth without a corresponding pledge of support.
>
>It's a public mailing list, and I was simply contributing my
>suggestion. Y
On Tue, Oct 23, 2001 at 02:43:48PM +0800, Zhenguang Mo (163) wrote:
> Hi,
>
> Q1:
> is http://security.debian.org/dists/ and
> http://security.debian.org/debian-security/dists/ the same thing?
I'm pretty sure they are. I can't seem to check as ftp won't let me ls
currently (I think that machin
Quite obvious when you look at it (DUH!)
Thanks for all who replied.
Marcel
Robert Davidson wrote:
IP aliasing.
Cya.
Marcel Welschbillig wrote:
Can any one tell me the kernel option to enable on 2.2.17 to be able to
specify multiple ethernet addresses in the /etc/network/interfaces file.
Hi Tom
On Thu, Oct 18, 2001 at 07:46:01PM +0100, Tom Breza wrote:
>Hi I got this today in my mail box, this is generated by somthing but I
>don't know what is it? Why I got message from root? and why is empty?
>also is strage a X-UIDL,
>what can generate that kind of mail and why is empty?
do yo
IP aliasing.
Cya.
Marcel Welschbillig wrote:
>
> Can any one tell me the kernel option to enable on 2.2.17 to be able to
> specify multiple ethernet addresses in the /etc/network/interfaces file.
> ie. eth0 eth0:1 eth0:2 .. on the same physical interface ?
>
> I know it works on the stand
its called alias support, and can be found in networking options.
CONFIG_IP_ALIAS=y
On Tue, Oct 23, 2001 at 12:29:36PM +0800, Marcel Welschbillig wrote:
>
> Can any one tell me the kernel option to enable on 2.2.17 to be able to
> specify multiple ethernet addresses in the /etc/network/interface
Previously Marcel Welschbillig wrote:
> I know it works on the standard kernel but every time i compile my own
> kernel i lose the ability to do this.
Enable IP aliasing.
Wichert.
--
_
/ Nothing is fool-proof to a suffici
Marcel Welschbillig <[EMAIL PROTECTED]> writes:
> Can any one tell me the kernel option to enable on 2.2.17 to be able
> to specify multiple ethernet addresses in the /etc/network/interfaces
> file. ie. eth0 eth0:1 eth0:2 .. on the same physical interface ?
>
> I know it works on the standard
John Galt <[EMAIL PROTECTED]> writes:
> The whole problem here is they DIDN'T ask you. You threw in your two
> cents worth without a corresponding pledge of support.
It's a public mailing list, and I was simply contributing my
suggestion. You decided it should be a big Federal case.
I'll ma
Can any one tell me the kernel option to enable on 2.2.17 to be able to
specify multiple ethernet addresses in the /etc/network/interfaces file.
ie. eth0 eth0:1 eth0:2 .. on the same physical interface ?
I know it works on the standard kernel but every time i compile my own
kernel i lose
55 matches
Mail list logo
