On Sun, 20 Jan 2002, Nathan E Norman wrote:
> Hi,
>
> I'm setting up a project for some friends. I want each of them to
> have their own account, but I want the project to be hosted (and run
> under) a seperate account. Each user should be able to su to the
> project account to restart daemons.
Hi,
I'm setting up a project for some friends. I want each of them to
have their own account, but I want the project to be hosted (and run
under) a seperate account. Each user should be able to su to the
project account to restart daemons. No user should be able to log in
as the project user.
Previously Mustafa Baig wrote:
> Jan 19 19:22:44 cold named[7247]: starting (/etc/bind/named.conf). named
> 8.2.3-REL-NOESW Sat Jan 27 01:46:37 MST 2001 [EMAIL
> PROTECTED]:/home/bdale/debian/bind-8.2.3/src/bin/named
>
> Its the last part consisting of [EMAIL PROTECTED] which is suspicious. Any
On Sun, 2002-01-20 at 16:25, Mustafa Baig wrote:
> Hi,
>
> I updated and restarted bind today. Looking into syslog I noticed the
> following line:
>
> Jan 19 19:22:44 cold named[7247]: starting (/etc/bind/named.conf). named
> 8.2.3-REL-NOESW Sat Jan 27 01:46:37 MST 2001 [EMAIL
> PROTECTED]:/h
On Sun, 2002-01-20 at 15:16, Kevin Littlejohn wrote:
> On Sun, Jan 20, 2002 at 02:45:53PM +1300, Adam Warner wrote:
> > Can anyone provide a plausible scenario for how someone might be able to
> > gain root level access because su - has been used to switch to a user
> > account. Martin has already
Hi,
I updated and restarted bind today. Looking into
syslog I noticed the following line:
Jan 19 19:22:44 cold named[7247]: starting
(/etc/bind/named.conf). named 8.2.3-REL-NOESW Sat Jan 27 01:46:37 MST 2001
[EMAIL PROTECTED]:/home/bdale/debian/bind-8.2.3/src/bin/named
Its the last par
On Sun, Jan 20, 2002 at 02:45:53PM +1300, Adam Warner wrote:
> Can anyone provide a plausible scenario for how someone might be able to
> gain root level access because su - has been used to switch to a user
> account. Martin has already answered that your tty session would have to
> be stolen. How
On Sun, 2002-01-20 at 12:33, martin f krafft wrote:
I'm glad you were able to get that follow up response out of your system
Martin :-) So let's continue to address this technical question that I
haven't found much discussion about before on the web.
If the use of switch user has remote security
Previously Mustafa Baig wrote:
> Jan 19 19:22:44 cold named[7247]: starting (/etc/bind/named.conf). named
>8.2.3-REL-NOESW Sat Jan 27 01:46:37 MST 2001
>^Ibdale@winfree:/home/bdale/debian/bind-8.2.3/src/bin/named
>
> Its the last part consisting of ^ibdale@winfree which is suspicious. Any idea
On Sun, 2002-01-20 at 16:25, Mustafa Baig wrote:
> Hi,
>
> I updated and restarted bind today. Looking into syslog I noticed the following line:
>
> Jan 19 19:22:44 cold named[7247]: starting (/etc/bind/named.conf). named
>8.2.3-REL-NOESW Sat Jan 27 01:46:37 MST 2001
>^Ibdale@winfree:/home/bd
On Sun, 2002-01-20 at 15:16, Kevin Littlejohn wrote:
> On Sun, Jan 20, 2002 at 02:45:53PM +1300, Adam Warner wrote:
> > Can anyone provide a plausible scenario for how someone might be able to
> > gain root level access because su - has been used to switch to a user
> > account. Martin has already
Hi,
I updated and restarted bind today. Looking into
syslog I noticed the following line:
Jan 19 19:22:44 cold named[7247]: starting
(/etc/bind/named.conf). named 8.2.3-REL-NOESW Sat Jan 27 01:46:37 MST 2001
^Ibdale@winfree:/home/bdale/debian/bind-8.2.3/src/bin/named
Its the last part
On Sun, Jan 20, 2002 at 02:45:53PM +1300, Adam Warner wrote:
> Can anyone provide a plausible scenario for how someone might be able to
> gain root level access because su - has been used to switch to a user
> account. Martin has already answered that your tty session would have to
> be stolen. Ho
On Sun, 20 Jan 2002 00:41:48 +0100
martin f krafft <[EMAIL PROTECTED]> wrote:
> ensured it foolish. fourth, it really just sounds bad. fifth, did i
> say it sounds bad?
I'd just like to take a quite moment to second this.
Security is an attitude, not any single set of procedures. It can't be
"sol
also sprach Adam Warner <[EMAIL PROTECTED]> [2002.01.19.2304 +0100]:
> The question I have is if I "su - username" and then browse the web,
> etc. is it impossible for a remote user who managed to gain access to
> that user session to become root by exiting out of the user account?
an addition: yo
On Sun, 2002-01-20 at 12:33, martin f krafft wrote:
I'm glad you were able to get that follow up response out of your system
Martin :-) So let's continue to address this technical question that I
haven't found much discussion about before on the web.
If the use of switch user has remote security
also sprach Adam Warner <[EMAIL PROTECTED]> [2002.01.19.2304 +0100]:
> Firstly the servers are physically secure and there is no relevant issue
> about having a local root console open for administration purposes.
mh. no comment. sure, if physical access would be available, no box is
secure. but h
Hi everyone,
I'm just wondering about the safety of this security practice.
Firstly the servers are physically secure and there is no relevant issue
about having a local root console open for administration purposes.
The question I have is if I "su - username" and then browse the web,
etc. is it
On Sun, 20 Jan 2002 00:41:48 +0100
martin f krafft <[EMAIL PROTECTED]> wrote:
> ensured it foolish. fourth, it really just sounds bad. fifth, did i
> say it sounds bad?
I'd just like to take a quite moment to second this.
Security is an attitude, not any single set of procedures. It can't be
"so
[EMAIL PROTECTED] wrote:
> now i have tried postfix and exim and i like both.
> But wich is more secure? any body some knowledge about that?
postfix has a better, more security concious, design
also sprach Adam Warner <[EMAIL PROTECTED]> [2002.01.19.2304 +0100]:
> The question I have is if I "su - username" and then browse the web,
> etc. is it impossible for a remote user who managed to gain access to
> that user session to become root by exiting out of the user account?
an addition: y
also sprach Adam Warner <[EMAIL PROTECTED]> [2002.01.19.2304 +0100]:
> Firstly the servers are physically secure and there is no relevant issue
> about having a local root console open for administration purposes.
mh. no comment. sure, if physical access would be available, no box is
secure. but
Previously Hendrik Naumann wrote:
> Why whas Exim choosen to be the standart MTA for Debian?
It was a good successor to smail, postfix didn't exist yet, sendmail
ate too much resources and the rest was too obscure.
Wichert.
--
_
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> AIUI, Exim was originally written to handle Cambridge's email
> anyway, so the fact that hermes is running Exim isn't a huge
> surprise. :)
The Mailserver of TU-Berlin (I think more than 1 Users) and other
central Mailserver here run Exim.
te
Hi everyone,
I'm just wondering about the safety of this security practice.
Firstly the servers are physically secure and there is no relevant issue
about having a local root console open for administration purposes.
The question I have is if I "su - username" and then browse the web,
etc. is i
[EMAIL PROTECTED] wrote:
> now i have tried postfix and exim and i like both.
> But wich is more secure? any body some knowledge about that?
postfix has a better, more security concious, design
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [E
[EMAIL PROTECTED] writes:
> now i have tried postfix and exim and i like both. But wich is more
> secure? any body some knowledge about that?
[snip]
I thought both had had security-related fixes recently. Find one that you
like more than the other, benchmark it yourself, test how readily you can
now i have tried postfix and exim and i like both.
But wich is more secure? any body some knowledge about that?
On Sat, Jan 19, 2002 at 08:04:05PM +0100, Eelco van Beek wrote:
> What do you mean by dbmail stuff? It can use postfix, sendmail, exim or
> any other mailer.
>
> With mbox (maildir is
On Sat, 19 Jan 2002, Johannes Weiss wrote:
> 220 yellow.csi.cam.ac.uk ESMTP Exim 3.22 #1 Sat, 19 Jan 2002 19:01:26 +
> * It says that it's Exim
[...]
> > I wouldn't always believe the version reported by a large mail server.
> ACK, but the "is syntactically correct" is an Exim proof I think.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday, 19. January 2002 13:37, Pete Ryland wrote:
> On Sat, Jan 19, 2002 at 12:02:59PM +, Thomas Thurman wrote:
> > $ telnet hermes.cam.ac.uk smtp
> > Trying 131.111.8.67...
> > Connected to yellow.csi.cam.ac.uk.
> > Escape character is '^]'.
What do you mean by dbmail stuff? It can use postfix, sendmail, exim or
any other mailer.
With mbox (maildir is better) messages always need to be structured.
Dbmail saves it's messages already in a structured way, so this not
needs to be redone every time a message is being retrieved.
Regards,
Tim Uckun <[EMAIL PROTECTED]> wrote on 19/01/2002 (10:16) :
>
> >Has anyone any interesting comments about theses methods ?
>
> There are also alternative languages like cyclone
> http://www.research.att.com/projects/cyclone/ (which is based on C) and of
> course you could use a high level angu
Previously Eelco van Beek wrote:
> Why not put your mail into a database?. No more security and scalability
> hassles. (www.dbmail.org)
Because it restricts you to using dbmail stuff. Personally I'm very
happy with using maildirs and importing only select mailheaders in a
custom sql database so I
Previously Hendrik Naumann wrote:
> Why whas Exim choosen to be the standart MTA for Debian?
It was a good successor to smail, postfix didn't exist yet, sendmail
ate too much resources and the rest was too obscure.
Wichert.
--
_
Why not put your mail into a database?. No more security and scalability
hassles. (www.dbmail.org)
Best regards,
Eelco
On Sat, 2002-01-19 at 19:07, Hans-Joachim Picht wrote:
> On Sat, Jan 19, 2002 at 01:04:00PM +0100, [EMAIL PROTECTED] wrote:
>
> Hi Thomas,
>
> > why schould i not use exim for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> AIUI, Exim was originally written to handle Cambridge's email
> anyway, so the fact that hermes is running Exim isn't a huge
> surprise. :)
The Mailserver of TU-Berlin (I think more than 1 Users) and other
central Mailserver here run Exim.
t
On Sat, Jan 19, 2002 at 01:04:00PM +0100, [EMAIL PROTECTED] wrote:
Hi Thomas,
> why schould i not use exim for my customers?
> Is it insecure? (i have read the mailinglists and there is nothing i have
> heard about)
> das exim not handle a big mail site like 1000 users?
--- cut ---
>From [EMAI
[EMAIL PROTECTED] writes:
> now i have tried postfix and exim and i like both. But wich is more
> secure? any body some knowledge about that?
[snip]
I thought both had had security-related fixes recently. Find one that you
like more than the other, benchmark it yourself, test how readily you can
On Friday 18. January 2002 21:33, Alvin Oga wrote:
> openwall works only w/ 2.2.x kernels unless they've released 2.4.x stuff
I beleive it has been ported to linux kernel 2.4 in grsecurity.
http://grsecurity.net/
--
Harald Skoglund
now i have tried postfix and exim and i like both.
But wich is more secure? any body some knowledge about that?
On Sat, Jan 19, 2002 at 08:04:05PM +0100, Eelco van Beek wrote:
> What do you mean by dbmail stuff? It can use postfix, sendmail, exim or
> any other mailer.
>
> With mbox (maildir i
At 12:37 PM + 1/19/02, Pete Ryland wrote:
I wouldn't always believe the version reported by a large mail server. It's
quite common practice (I'm sure a lot on this list may do so) to display a
version string that is not at all accurate in an attempt to put off crackers
or create a honeypot.
On Sat, 19 Jan 2002, Johannes Weiss wrote:
> 220 yellow.csi.cam.ac.uk ESMTP Exim 3.22 #1 Sat, 19 Jan 2002 19:01:26 +
> * It says that it's Exim
[...]
> > I wouldn't always believe the version reported by a large mail server.
> ACK, but the "is syntactically correct" is an Exim proof I think.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday, 19. January 2002 13:37, Pete Ryland wrote:
> On Sat, Jan 19, 2002 at 12:02:59PM +, Thomas Thurman wrote:
> > $ telnet hermes.cam.ac.uk smtp
> > Trying 131.111.8.67...
> > Connected to yellow.csi.cam.ac.uk.
> > Escape character is '^]'
What do you mean by dbmail stuff? It can use postfix, sendmail, exim or
any other mailer.
With mbox (maildir is better) messages always need to be structured.
Dbmail saves it's messages already in a structured way, so this not
needs to be redone every time a message is being retrieved.
Regards,
hi ya pav
good examples...
for more code checkers..( looking for bad code )
http://www.Linux-Sec.net/Audit/audit_tools.gwif.html#Code
have fun linuxing
alvin
On Sat, 19 Jan 2002, Pavel Minev Penev wrote:
> On Fri, Jan 18, 2002 at 09:20:16PM +0100, Vincent wrote:
> > Hi all !
> >
>
Tim Uckun <[EMAIL PROTECTED]> wrote on 19/01/2002 (10:16) :
>
> >Has anyone any interesting comments about theses methods ?
>
> There are also alternative languages like cyclone
> http://www.research.att.com/projects/cyclone/ (which is based on C) and of
> course you could use a high level ang
Previously Eelco van Beek wrote:
> Why not put your mail into a database?. No more security and scalability
> hassles. (www.dbmail.org)
Because it restricts you to using dbmail stuff. Personally I'm very
happy with using maildirs and importing only select mailheaders in a
custom sql database so I
Why not put your mail into a database?. No more security and scalability
hassles. (www.dbmail.org)
Best regards,
Eelco
On Sat, 2002-01-19 at 19:07, Hans-Joachim Picht wrote:
> On Sat, Jan 19, 2002 at 01:04:00PM +0100, [EMAIL PROTECTED] wrote:
>
> Hi Thomas,
>
> > why schould i not use exim fo
On Sat, Jan 19, 2002 at 01:04:00PM +0100, [EMAIL PROTECTED] wrote:
Hi Thomas,
> why schould i not use exim for my customers?
> Is it insecure? (i have read the mailinglists and there is nothing i have heard
>about)
> das exim not handle a big mail site like 1000 users?
--- cut ---
>From [EMAI
AFAIK, some programs cannot be re-compiled with stackguard, but it seems to
be a good idea to compile a few sensitive stuff with it, though.
i don't have any experiences with libsafe, but you might want to read an
article in phrack magazine issue 58 on beating methods that try to prevent
code execu
On Friday 18. January 2002 21:33, Alvin Oga wrote:
> openwall works only w/ 2.2.x kernels unless they've released 2.4.x stuff
I beleive it has been ported to linux kernel 2.4 in grsecurity.
http://grsecurity.net/
--
Harald Skoglund
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a su
Hi all, and thanx for your help on this subject !
So far, I've seen mainly 3 methods to fight against buffer overflows :
1/ Kernel-patching oriented methods, to prevent any execution in the
stack
2/ Libsafe's overwriting of vulnerable functions, in a lib loaded
bef
At 12:37 PM + 1/19/02, Pete Ryland wrote:
>I wouldn't always believe the version reported by a large mail server. It's
>quite common practice (I'm sure a lot on this list may do so) to display a
>version string that is not at all accurate in an attempt to put off crackers
>or create a honeypo
hi ya pav
good examples...
for more code checkers..( looking for bad code )
http://www.Linux-Sec.net/Audit/audit_tools.gwif.html#Code
have fun linuxing
alvin
On Sat, 19 Jan 2002, Pavel Minev Penev wrote:
> On Fri, Jan 18, 2002 at 09:20:16PM +0100, Vincent wrote:
> > Hi all !
> >
>
On Fri, Jan 18, 2002 at 09:20:16PM +0100, Vincent wrote:
> Hi all !
>
> I'm working on buffer overflows these days, and more precisely the possible
> methods to avoid them.
> It seems that the most used tools to prevent exploits based on buffer
> overflows are Libsafe, OpenWall, StackGuard... and
AFAIK, some programs cannot be re-compiled with stackguard, but it seems to
be a good idea to compile a few sensitive stuff with it, though.
i don't have any experiences with libsafe, but you might want to read an
article in phrack magazine issue 58 on beating methods that try to prevent
code exec
Hi all, and thanx for your help on this subject !
So far, I've seen mainly 3 methods to fight against buffer overflows :
1/ Kernel-patching oriented methods, to prevent any execution in the
stack
2/ Libsafe's overwriting of vulnerable functions, in a lib loaded
be
you should check out PaX as well: http://pageexec.virtualave.net
they got stuff for both 2.2.x and 2.4.x
- Original Message -
From: Vincent <[EMAIL PROTECTED]>
To:
Sent: Friday, January 18, 2002 9:20 PM
Subject: protection against buffer overflows
>
On Sat, Jan 19, 2002 at 12:02:59PM +, Thomas Thurman wrote:
> $ telnet hermes.cam.ac.uk smtp
> Trying 131.111.8.67...
> Connected to yellow.csi.cam.ac.uk.
> Escape character is '^]'.
> 220 yellow.csi.cam.ac.uk ESMTP Exim 3.22 #1 Sat, 19 Jan 2002 11:58:44 +
>^
On Fri, Jan 18, 2002 at 09:20:16PM +0100, Vincent wrote:
> Hi all !
>
> I'm working on buffer overflows these days, and more precisely the possible
> methods to avoid them.
> It seems that the most used tools to prevent exploits based on buffer
> overflows are Libsafe, OpenWall, StackGuard... and
On Sat, 19 Jan 2002 [EMAIL PROTECTED] wrote:
> das exim not handle a big mail site like 1000 users?
Hm, well, Cambridge University, home of Exim, has what, several tens of
thousands? They seem to be doing OK with Exim:
$ telnet hermes.cam.ac.uk smtp
Trying 131.111.8.67...
Connected to yellow.csi.
hi all,
i have one question. I am going to start a security companie. I know, every
person must choose its own mailserver
software. I have tryed out qmail, exim and a little bit postfix. Qmail seams
to be very secure and very fast. The configuration i think is to difficult
vor every System. Now m
you should check out PaX as well: http://pageexec.virtualave.net
they got stuff for both 2.2.x and 2.4.x
- Original Message -
From: Vincent <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, January 18, 2002 9:20 PM
Subject: protection against buffer overflows
>
--
To UNSUBS
On Sat, Jan 19, 2002 at 12:02:59PM +, Thomas Thurman wrote:
> $ telnet hermes.cam.ac.uk smtp
> Trying 131.111.8.67...
> Connected to yellow.csi.cam.ac.uk.
> Escape character is '^]'.
> 220 yellow.csi.cam.ac.uk ESMTP Exim 3.22 #1 Sat, 19 Jan 2002 11:58:44 +
>
also sprach Christian Jaeger <[EMAIL PROTECTED]> [2002.01.19.0130 +0100]:
> You could just use the cracklib yourself before accepting the
> password and feeding it to the passwd command. I'm doing it this way.
but that wouldn't solve my problem. it wouldn't enforce digits and/or
symbols. cracklib
On Sat, 19 Jan 2002 [EMAIL PROTECTED] wrote:
> das exim not handle a big mail site like 1000 users?
Hm, well, Cambridge University, home of Exim, has what, several tens of
thousands? They seem to be doing OK with Exim:
$ telnet hermes.cam.ac.uk smtp
Trying 131.111.8.67...
Connected to yellow.csi
hi all,
i have one question. I am going to start a security companie. I know, every person
must choose its own mailserver
software. I have tryed out qmail, exim and a little bit postfix. Qmail seams
to be very secure and very fast. The configuration i think is to difficult
vor every System. Now
also sprach Christian Jaeger <[EMAIL PROTECTED]> [2002.01.19.0130 +0100]:
> You could just use the cracklib yourself before accepting the
> password and feeding it to the passwd command. I'm doing it this way.
but that wouldn't solve my problem. it wouldn't enforce digits and/or
symbols. crackli
68 matches
Mail list logo