Hi
How about boot floppies kernel? Kernel-image-2.4.18-bf2.4 which is default
kernel for woody.
What is state of that kernel?
Regards
-- Riku
- Original Message -
From: peace bwitchu [EMAIL PROTECTED]
To: John Keimel [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Tuesday, December 02,
on Wed, Dec 03, 2003 at 12:14:10AM +0100, Marcel Weber ([EMAIL PROTECTED]) wrote:
Michael Stone wrote:
Actually this is exactly what I meant: There are known risks and
unknown risks. What we can avoid are in the first place the known
risks. So the question is just if we want to take these
Quoting Riku Valli ([EMAIL PROTECTED]):
How about boot floppies kernel? Kernel-image-2.4.18-bf2.4 which is default
kernel for woody.
Default _installation_ kernel. My understanding is that it's expected
you'd apt-get install an image suitable to your hardware at the end of
installation.
--
Quoting Tim Nicholas ([EMAIL PROTECTED]):
That may be expected, but I would bet good money that it's not actually
the case.
Not the case that people are intended to pick a hardware-suitable image
to replace the installation kernel, or not the case that people do?
Please note that I never
Hi
At my computers this normal stock kernel is enough... So i am too lazy to
compile kernel. I do it only if hardware or something need it and often i
used only kernel-headers for that job. i only used Linux to different jobs
and only goals are it work, it is safe and it is easy maintain.
One
Quoting Riku Valli ([EMAIL PROTECTED]):
At my computers this normal stock kernel is enough... So i am too lazy to
compile kernel.
I hope you're aware of the third alternative: precompiled images that
are appropriate to your architecture and designed (unlike the
installation kernel) for
On Wed, Dec 03, 2003 at 03:21:57PM +0200, Riku Valli wrote:
This is reason why i ask what about stock kernels, because i belive i am not
lonely cowboy at the middle of the no where. Debian is distrubution and
Probably not... it is just that amongst a security conscious
group you are likely to
On Wed, Dec 03, 2003 at 06:46:51AM -0800, Karsten M. Self wrote:
Having a team that shares experience and combines talents in patching a
kernel and tuning it to secure configurations is a preferable approach.
While you _might_ do well on your own, the typical admin doesn't have
these skills.
Well the thing about Debian kernel source is they
incorporate more than just security patches into their
source. For example if you download red hat source
you get many performance patches etc. as well as any
security patches that are available. To find all
these
patches and apply does take
[On 03 Dec, @07:28, Hideki wrote in Re: chkrootkit and linux 2.6 ...]
Hi,
Miek, if you are using kernel 2.6-test6 or newer, maybe not
worry about brk() bug. this kernel vulnerability effects under
2.4.22 and 2.6-test5.
I know, thanks. I'm running test11 right now and I closely followed
On Wed, Dec 03, 2003 at 10:05:10AM +0100, Miek Gieben wrote:
I more and more start to think this is a bug in chkrootkit - on
busier systems more processes are hidded than on quiet systems.
Sounds to me as a race condition: number of processes changes between
the two checks.
Indeed, in
[On 02 Dec, @20:56, David wrote in Re: chkrootkit and linux 2.6 ...]
Right now chkrootkit gets lots of false positives regarding LKMs. There
was a pretty thorough discussion just a couple days ago so look through
the archive for the details:
http://lists.debian.org/debian-security/
ah,
Also,
You may wish to look at the make-kpkg(kernel-package) package. It
takes your stock 2.4.23 source and makes it into a nice .deb file for
you.
Note: This option is for those who have a working .config file.
Experience in making your own config make (config|menuconfig|xconfig) is
On Wednesday 03 December 2003 20:57, Phillip Hofmeister wrote:
You may wish to look at the make-kpkg(kernel-package) package. It
takes your stock 2.4.23 source and makes it into a nice .deb file for
you.
Note: This option is for those who have a working .config file.
Experience in making
On Wed, Dec 03, 2003 at 06:46:51AM -0800, Karsten M. Self wrote:
on Wed, Dec 03, 2003 at 01:31:29PM +, Dale Amon ([EMAIL PROTECTED]) wrote:
On Wed, Dec 03, 2003 at 03:21:57PM +0200, Riku Valli wrote:
This is reason why i ask what about stock kernels, because i belive i am not
lonely
At 21:26 03.12.2003 +0100, you wrote:
Experience in making your own config make (config|menuconfig|xconfig) is
recommended.
No experience without the first try. Take about two days for reading the
documentation and finding the brands on the chips your machine works with.
P.S.: Before rebooting
Quoting Adam ENDRODI ([EMAIL PROTECTED]):
PS: Apologies for the ranting I sent at the beginning of the other
thread. I, too, didn't realize that no-one had known about the
possible impacts of the kernel bug.
Well, _one_ guy did. ;-
--
Cheers, * Contributing
I'm one of those people. How do I figure out what kernel image to (AMD
k6/K6 II/K6 III, AMD K7, AMD k7 SMP) for a AMD 1800+ XP Thoroughbred
processor? How do I find out whether it supports ReiserFS, ...?
Thanks for any hint to the novice.
Joh
On Wed, 3 Dec 2003 02:00:19 -0800
Rick Moen [EMAIL
On Wed, 2003-12-03 at 09:54, Johannes Graumann wrote:
I'm one of those people. How do I figure out what kernel image to (AMD
k6/K6 II/K6 III, AMD K7, AMD k7 SMP) for a AMD 1800+ XP Thoroughbred
processor? How do I find out whether it supports ReiserFS, ...?
Thanks for any hint to the novice.
On Wed, Dec 03, 2003 at 10:43:44PM +0100, Marc F. Neininger wrote:
No experience without the first try. Take about two days for reading the
documentation and finding the brands on the chips your machine works with.
Nah, just look at /proc/cpuinfo, /proc/pci (or use lspci), dmesg, etc
It's
Thomas Wana, 2003-12-03 00:00:18 +0100 :
Now that all machines out there are fixed and save of this
particular exploit :-)
Hah. You bet.
can anyone of you describe *exactly* what this exploit does? I've
been looking at the code (mm/mm.c, around line 1045) for some time
now and I can't
Thanks,
Joh
On Wed, 03 Dec 2003 14:35:51 -0800
Kourosh [EMAIL PROTECTED] wrote:
On Wed, 2003-12-03 at 09:54, Johannes Graumann wrote:
I'm one of those people. How do I figure out what kernel image to
(AMD k6/K6 II/K6 III, AMD K7, AMD k7 SMP) for a AMD 1800+ XP
Thoroughbred processor? How
... but on a second thought: how do I find this information out ion my
own and what does SMP stand for?
Joh
On Wed, 03 Dec 2003 14:35:51 -0800
Kourosh [EMAIL PROTECTED] wrote:
On Wed, 2003-12-03 at 09:54, Johannes Graumann wrote:
I'm one of those people. How do I figure out what kernel image
I just wanted to take the opportunity to thank everyone in the Debian
community for their hard work on the cleanup and forensic analysis of the
recent system compromise.
As a security engineer, I would like to say that this compromise was the
cleanest, most professionally handled that I have
peace bwitchu wrote:
Well the thing about Debian kernel source is they
incorporate more than just security patches into their
source.
How do I find out which patches exactly are compiled in the Debian
kernel source? Thanks,
Phil
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
Hi
How about boot floppies kernel? Kernel-image-2.4.18-bf2.4 which is default
kernel for woody.
What is state of that kernel?
Regards
-- Riku
- Original Message -
From: peace bwitchu [EMAIL PROTECTED]
To: John Keimel [EMAIL PROTECTED]; debian-security@lists.debian.org
Sent: Tuesday,
on Wed, Dec 03, 2003 at 12:14:10AM +0100, Marcel Weber ([EMAIL PROTECTED])
wrote:
Michael Stone wrote:
Actually this is exactly what I meant: There are known risks and
unknown risks. What we can avoid are in the first place the known
risks. So the question is just if we want to take these
Quoting Riku Valli ([EMAIL PROTECTED]):
How about boot floppies kernel? Kernel-image-2.4.18-bf2.4 which is default
kernel for woody.
Default _installation_ kernel. My understanding is that it's expected
you'd apt-get install an image suitable to your hardware at the end of
installation.
--
Rick Moen wrote:
Quoting Riku Valli ([EMAIL PROTECTED]):
How about boot floppies kernel? Kernel-image-2.4.18-bf2.4 which is default
kernel for woody.
Default _installation_ kernel. My understanding is that it's expected
you'd apt-get install an image suitable to your hardware at the end
On Tue, 2 Dec 2003, Jan H. van Gils wrote:
After some research a found that kernel-image-2.4.18 is patched
regarding the security problem with the kernel.
I am wonder when kernel 2.4.23 wil be available as a packages for sarge ?
Nobody knows for sure, but the things which should happen, in
Quoting Tim Nicholas ([EMAIL PROTECTED]):
That may be expected, but I would bet good money that it's not actually
the case.
Not the case that people are intended to pick a hardware-suitable image
to replace the installation kernel, or not the case that people do?
Please note that I never
Hi
At my computers this normal stock kernel is enough... So i am too lazy to
compile kernel. I do it only if hardware or something need it and often i
used only kernel-headers for that job. i only used Linux to different jobs
and only goals are it work, it is safe and it is easy maintain.
One
Quoting Riku Valli ([EMAIL PROTECTED]):
At my computers this normal stock kernel is enough... So i am too lazy to
compile kernel.
I hope you're aware of the third alternative: precompiled images that
are appropriate to your architecture and designed (unlike the
installation kernel) for
On Wed, Dec 03, 2003 at 03:21:57PM +0200, Riku Valli wrote:
This is reason why i ask what about stock kernels, because i belive i am not
lonely cowboy at the middle of the no where. Debian is distrubution and
Probably not... it is just that amongst a security conscious
group you are likely to
on Wed, Dec 03, 2003 at 01:31:29PM +, Dale Amon ([EMAIL PROTECTED]) wrote:
On Wed, Dec 03, 2003 at 03:21:57PM +0200, Riku Valli wrote:
This is reason why i ask what about stock kernels, because i belive i am not
lonely cowboy at the middle of the no where. Debian is distrubution and
On Wed, Dec 03, 2003 at 06:46:51AM -0800, Karsten M. Self wrote:
Having a team that shares experience and combines talents in patching a
kernel and tuning it to secure configurations is a preferable approach.
While you _might_ do well on your own, the typical admin doesn't have
these skills.
Well the thing about Debian kernel source is they
incorporate more than just security patches into their
source. For example if you download red hat source
you get many performance patches etc. as well as any
security patches that are available. To find all
these
patches and apply does take
Hi,
Miek, if you are using kernel 2.6-test6 or newer, maybe not
worry about brk() bug. this kernel vulnerability effects under
2.4.22 and 2.6-test5.
in DSA-403,
This bug has been fixed in kernel version 2.4.23 for the 2.4 tree and
2.6.0-test6 kernel tree. For Debian it has been fixed in
Also,
You may wish to look at the make-kpkg(kernel-package) package. It
takes your stock 2.4.23 source and makes it into a nice .deb file for
you.
Note: This option is for those who have a working .config file.
Experience in making your own config make (config|menuconfig|xconfig) is
At 21:26 03.12.2003 +0100, you wrote:
Experience in making your own config make (config|menuconfig|xconfig) is
recommended.
No experience without the first try. Take about two days for reading the
documentation and finding the brands on the chips your machine works with.
P.S.: Before
I'm one of those people. How do I figure out what kernel image to (AMD
k6/K6 II/K6 III, AMD K7, AMD k7 SMP) for a AMD 1800+ XP Thoroughbred
processor? How do I find out whether it supports ReiserFS, ...?
Thanks for any hint to the novice.
Joh
On Wed, 3 Dec 2003 02:00:19 -0800
Rick Moen [EMAIL
Hi!
I, like many others, don't know where ziyi's key was installed and with
which permisions, so... don't know if it was compromised or one can still
trust this key and the signatures made with it to assure that the packages
we are getting are the ones we should be getting.
Can somebody with the
Quoting Adam ENDRODI ([EMAIL PROTECTED]):
PS: Apologies for the ranting I sent at the beginning of the other
thread. I, too, didn't realize that no-one had known about the
possible impacts of the kernel bug.
Well, _one_ guy did. ;-
--
Cheers, * Contributing
[On 02 Dec, @20:56, David wrote in Re: chkrootkit and linux 2.6 ...]
Right now chkrootkit gets lots of false positives regarding LKMs. There
was a pretty thorough discussion just a couple days ago so look through
the archive for the details:
http://lists.debian.org/debian-security/
ah,
On Wed, Dec 03, 2003 at 10:43:44PM +0100, Marc F. Neininger wrote:
No experience without the first try. Take about two days for reading the
documentation and finding the brands on the chips your machine works with.
Nah, just look at /proc/cpuinfo, /proc/pci (or use lspci), dmesg, etc
It's
On Wed, Dec 03, 2003 at 10:05:10AM +0100, Miek Gieben wrote:
I more and more start to think this is a bug in chkrootkit - on
busier systems more processes are hidded than on quiet systems.
Sounds to me as a race condition: number of processes changes between
the two checks.
Indeed, in
[On 03 Dec, @07:28, Hideki wrote in Re: chkrootkit and linux 2.6 ...]
Hi,
Miek, if you are using kernel 2.6-test6 or newer, maybe not
worry about brk() bug. this kernel vulnerability effects under
2.4.22 and 2.6-test5.
I know, thanks. I'm running test11 right now and I closely followed
Thomas Wana, 2003-12-03 00:00:18 +0100 :
Now that all machines out there are fixed and save of this
particular exploit :-)
Hah. You bet.
can anyone of you describe *exactly* what this exploit does? I've
been looking at the code (mm/mm.c, around line 1045) for some time
now and I can't
On Wed, Dec 03, 2003 at 06:46:51AM -0800, Karsten M. Self wrote:
on Wed, Dec 03, 2003 at 01:31:29PM +, Dale Amon ([EMAIL PROTECTED]) wrote:
On Wed, Dec 03, 2003 at 03:21:57PM +0200, Riku Valli wrote:
This is reason why i ask what about stock kernels, because i belive i am
not
Thanks,
Joh
On Wed, 03 Dec 2003 14:35:51 -0800
Kourosh [EMAIL PROTECTED] wrote:
On Wed, 2003-12-03 at 09:54, Johannes Graumann wrote:
I'm one of those people. How do I figure out what kernel image to
(AMD k6/K6 II/K6 III, AMD K7, AMD k7 SMP) for a AMD 1800+ XP
Thoroughbred processor? How
... but on a second thought: how do I find this information out ion my
own and what does SMP stand for?
Joh
On Wed, 03 Dec 2003 14:35:51 -0800
Kourosh [EMAIL PROTECTED] wrote:
On Wed, 2003-12-03 at 09:54, Johannes Graumann wrote:
I'm one of those people. How do I figure out what kernel image
... but on a second thought: how do I find this information out ion my
own and what does SMP stand for?
Not sure about your first question -- but SMP = Symettric Multi-Processor
(e.g. more than 1 CPU in 1 motherboard/mothercard)...
Joh
[EMAIL PROTECTED]
In article [EMAIL PROTECTED] you wrote:
Nah, just look at /proc/cpuinfo, /proc/pci (or use lspci), dmesg, etc
It's almost all there for you. Not like the old days...
lshw is fine for collecting the above information. If you need more
detection try discover (Progeny) or Kudzu (Redhat) both
... but on a second thought: how do I find this information out ion my
own and what does SMP stand for?
my understanding is that all of the post-k6/III CPUs from AMD are K7-ish.
[well, the 32-bit non-AMD64 cpus anyway... if there are other quirks *I*
would like to know.] you'd know if you had
I just wanted to take the opportunity to thank everyone in the Debian
community for their hard work on the cleanup and forensic analysis of the
recent system compromise.
As a security engineer, I would like to say that this compromise was the
cleanest, most professionally handled that I have
55 matches
Mail list logo
