## qmi (li...@miklos.info):
> > > This vulnerability seems to have been already handled. See URL:
> > > https://security-tracker.debian.org/tracker/TEMP-0566326-9A899F
> >
> > No, we should deal with it in stable release, so tracking is important.
> >
> Please check the link above once again.
## gwmfm...@unseen.is (gwmfm...@unseen.is):
> What with Let's Encrypt now active, there is no excuse to not move
> everything to HTTPS for updating.
1. Bandwidth. It's fairly easy to proxy/cache HTTP, but HTTPS prevents
that (unless you break HTTPS). This not only affects the server
side
## Josselin Mouette (j...@debian.org):
I think Steve has a point, and as he explains, this is not a big
security issue; however it is breaking the expectations you have when
logging as another user. For example, it is not expected that starting
an application as the other user will re-use the
## Wolfgang Jeltsch ([EMAIL PROTECTED]):
I was surprised that during updating OpenSSL, it was
suggested to restart SSH since SSH was said to be dependent on OpenSSL. In
what way does SSH depend on OpenSSL?
OpenSSH is linked against libcrypto (see ldd).
Under which circumstances do the
## Felipe Figueiredo ([EMAIL PROTECTED]):
once in a while (say, every two weeks) I get a brute-force
login/password scan attempt in my server (i.e., a single ip tries
dictionary account names and passwords at random). SSH access is
needed by many users, and (RSA/DSA key)-only access is, at
## Andreas Goesele ([EMAIL PROTECTED]):
After the last security update with libkpathsea3 and tetex-bin my
LaTeX installation doesn't work any more. When I try to compile a
LaTeX file I get:
I can't find the format file `latex.fmt'!
What can I do to get a working LaTeX installation back?
## LeVA ([EMAIL PROTECTED]):
Is it possible to log the file/dir accesses to samba server? I.e. I got
a share, and when someone mounts (from win or unix) it and access file,
or write files I want samba to log it to the smb.log. Is this possible?
Ever had a look in /var/log/samba/? If you are
## Dariush Pietrzak ([EMAIL PROTECTED]):
Is it possible to log the file/dir accesses to samba server? I.e. I got
a share, and when someone mounts (from win or unix) it and access file,
or write files I want samba to log it to the smb.log. Is this possible?
Ever had a look in
## LeVA ([EMAIL PROTECTED]):
Is it possible to log the file/dir accesses to samba server? I.e. I got
a share, and when someone mounts (from win or unix) it and access file,
or write files I want samba to log it to the smb.log. Is this possible?
Ever had a look in /var/log/samba/? If you are
## Dariush Pietrzak ([EMAIL PROTECTED]):
Is it possible to log the file/dir accesses to samba server? I.e. I got
a share, and when someone mounts (from win or unix) it and access file,
or write files I want samba to log it to the smb.log. Is this possible?
Ever had a look in
## Norbert Tretkowski ([EMAIL PROTECTED]):
| udp0 0 0.0.0.0:43338 0.0.0.0:*
22720/named
BIND binds to a socket for outgoing querys. But he already did that
in 9.2.2 (at least he does here).
Regards,
Christoph
--
Spare Space
--
To
## Norbert Tretkowski ([EMAIL PROTECTED]):
| udp0 0 0.0.0.0:43338 0.0.0.0:*
22720/named
BIND binds to a socket for outgoing querys. But he already did that
in 9.2.2 (at least he does here).
Regards,
Christoph
--
Spare Space
## Jeremie Koenig ([EMAIL PROTECTED]):
(I guess someone must have noticed this already, but I haven't been able
to find a trace from such a report.)
You didn't search very hard.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=208802
It's there since Friday.
Regards,
cmt
--
Spare Space
--
Update: DSA-376-2 just arrived here.
You may update now.
Regards,
cmt
--
Spare Space
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
## Jeremie Koenig ([EMAIL PROTECTED]):
(I guess someone must have noticed this already, but I haven't been able
to find a trace from such a report.)
You didn't search very hard.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=208802
It's there since Friday.
Regards,
cmt
--
Spare Space
Update: DSA-376-2 just arrived here.
You may update now.
Regards,
cmt
--
Spare Space
## Guido Hennecke ([EMAIL PROTECTED]):
With exim and RBLs it is possible, to not accept mails. Is there a way
to use these filters with exim but not to send a bounce message?
Use seen finish as action istead of fail
In ftp://ftp.exim.org/pub/filter/system_filter.exim seen finish is
## Guido Hennecke ([EMAIL PROTECTED]):
Last modification about two years ago...
As usual never ever take automated action based on a simple thing
like filename or whatever. Sort them to a special mailbox and let a
human look at it.
Strongly agreed.
It is much better to not accept
## Pascal Weller ([EMAIL PROTECTED]):
Isn't he saying that if i do the following:
hey I get a lot of these document_all.pif recently
this message here get filtered?
It's not that easy. You need at leas Content-Type=something and
a matching filename, given in MIME-style (name=...). The now
## Guido Hennecke ([EMAIL PROTECTED]):
Last modification about two years ago...
As usual never ever take automated action based on a simple thing
like filename or whatever. Sort them to a special mailbox and let a
human look at it.
Strongly agreed.
It is much better to not accept
## Noah L. Meyerhans ([EMAIL PROTECTED]):
On Tue, Aug 19, 2003 at 10:56:29PM +0200, Kjetil Kjernsmo wrote:
So, I'm wondering, does anybody know about any such approach?
After getting sick of all the virus crap in my inbox I installed the
following in /etc/exim/system_filter.txt:
This
## Noah L. Meyerhans ([EMAIL PROTECTED]):
On Wed, Aug 20, 2003 at 08:44:08AM +0200, Christoph Moench-Tegeder wrote:
So, I'm wondering, does anybody know about any such approach?
After getting sick of all the virus crap in my inbox I installed the
following in /etc/exim
## Noah L. Meyerhans ([EMAIL PROTECTED]):
On Tue, Aug 19, 2003 at 10:56:29PM +0200, Kjetil Kjernsmo wrote:
So, I'm wondering, does anybody know about any such approach?
After getting sick of all the virus crap in my inbox I installed the
following in /etc/exim/system_filter.txt:
This
## Noah L. Meyerhans ([EMAIL PROTECTED]):
On Wed, Aug 20, 2003 at 08:44:08AM +0200, Christoph Moench-Tegeder wrote:
So, I'm wondering, does anybody know about any such approach?
After getting sick of all the virus crap in my inbox I installed the
following in /etc/exim
## Costas Magos ([EMAIL PROTECTED]):
Is it possible to create an SSL tunnel using stunnel or something
similar to protect the web transactions?
Yes, you can use stunnel here; setup is similar as for imap-ssl et.al.
Another
solution that I am thinking of (and prefer) is setting up a proxy
## Michael West ([EMAIL PROTECTED]):
I would like to bind squid to a specific interface.
http_port hostname:port
http_port ip:port
http_port port
It's documented.
Regards,
cmt
--
Spare Space
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
## Michael West ([EMAIL PROTECTED]):
I would like to bind squid to a specific interface.
http_port hostname:port
http_port ip:port
http_port port
It's documented.
Regards,
cmt
--
Spare Space
## Nils ([EMAIL PROTECTED]):
How do you monitor what network traffic you have and how much? I want to
be able to see the origin and destination, type and volume.
If you are using kernel 2.4, you can use ulogd.
If not, there is net-acct. net-acct might apear broken in debian stable,
you may
## Nils ([EMAIL PROTECTED]):
How do you monitor what network traffic you have and how much? I want to
be able to see the origin and destination, type and volume.
If you are using kernel 2.4, you can use ulogd.
If not, there is net-acct. net-acct might apear broken in debian stable,
you may
## Emmanuel Lacour ([EMAIL PROTECTED]):
What about adding in default httpd.conf something like this to protect
from reading common editors backup files (index.php~ ...)
What about using the Right Editor[tm] (or just disabling backup files)?
No, seriously, I usually have a mirror of the web
## Emmanuel Lacour ([EMAIL PROTECTED]):
What about adding in default httpd.conf something like this to protect
from reading common editors backup files (index.php~ ...)
What about using the Right Editor[tm] (or just disabling backup files)?
No, seriously, I usually have a mirror of the web
## Thomas Gebhardt ([EMAIL PROTECTED]):
I tried to figure out how to gather these fingerprints from
a bunch of servers. Obviously ssh-keyscan can be used to collect
the public keys, but is there an easy way to calculate the
fingerprints?
$ ssh-keygen -l -f ssh_host_dsa_key.pub
$ 1024
## Thomas Gebhardt ([EMAIL PROTECTED]):
$ ssh-keygen -l -f ssh_host_dsa_key.pub
$ 1024 97:46:de:e0:a1:71:76:6f:b6:e8:f1:40:2a:63:bc:18 ssh_host_dsa_key.pub
2. the fingerprints are generated from the secret keys, not from the
public keys.
No, they are generated from the public keys.
As
## Alberto Cortés ([EMAIL PROTECTED]):
In other words, is http://security.debian.org/ located outside the
US?.
security.debian.org is located at the University of Twente (NL),
according to it's IP address. Why didn't you just use whois to
find out yourself?
Regards,
cmt
--
Spare Space
--
## Alberto Cortés ([EMAIL PROTECTED]):
In other words, is http://security.debian.org/ located outside the
US?.
security.debian.org is located at the University of Twente (NL),
according to it's IP address. Why didn't you just use whois to
find out yourself?
Regards,
cmt
--
Spare Space
## Phillip Hofmeister ([EMAIL PROTECTED]):
--[ Solution:
Upgrade to version 7.2.1.
No need to panic. Woody ist at postgresql-7.2.1-2, and potato might
be too old to have this bug.
Regards,
cmt
--
Spare Space
## Jussi Ekholm ([EMAIL PROTECTED]):
| Date: Sat, 3 Aug 2002 14:10:00 +0300
| From: [EMAIL PROTECTED]
| Subject: Mail Delivery Error
| To: Jussi Ekholm [EMAIL PROTECTED]
|
| No such user: [EMAIL PROTECTED]
And I'm very much sure, that all of my mails I've sent to
## Anne Carasik ([EMAIL PROTECTED]):
$ openssl version
OpenSSL 0.9.6e 30 Jul 2002
$ uname -a
Linux swamp 2.4.17 #1 Fri Feb 22 11:08:36 PST 2002 i686 unknown unknown
GNU/Linux
I'm running Woody on my boxes.
On that box, you are faster than security.debian.org. I have 0.9.6c
(from
## Patrick Hsieh ([EMAIL PROTECTED]):
http://www.squid-cache.org/Advisories/SQUID-2002_3.txt
Is there anyone working around this problem?
If you want to have 2.4STABLE7 now on woody or sid, you can get
the source package for 2.4STABLE6 (apt-get source), patch with
the official squid patch
## Phillip Hofmeister ([EMAIL PROTECTED]):
On Tue, Jul 02, 2002 at 10:53:05PM +0200, Christoph Moench-Tegeder wrote:
See? I don't know who configured 4.7 as threshold (should be 4.2, anyhow),
but for my private purposes I consider 2.0 as the upper limit.
Here's a novel idea...
If hitting D
## Mack Earnhardt ([EMAIL PROTECTED]):
These assholes are already in SpamCop's RBL. It would be nice to have a
_little_ blocking.
It's your fault if you don't filter on X-Spam-Status.
And thank you very much for distributing that piece of spam one more
time, my procmailrc did catch it the
## Florent Rougon ([EMAIL PROTECTED]):
Christoph Moench-Tegeder [EMAIL PROTECTED] wrote:
It's your fault if you don't filter on X-Spam-Status.
FYI (sorry for the long line), it was:
X-Spam-Status: No, hits=4.3 required=4.7
See? I don't know who configured 4.7 as threshold (should be 4.2
## César Augusto Seronni Filho ([EMAIL PROTECTED]):
Hi guys, I like to know how i can filtering users email on server like that:
I have a smtp+pop3 server and need to Deny some users(or user group) to email
anothers(group or groups) on tha same server.
If you are running exim, set up a
## [EMAIL PROTECTED] ([EMAIL PROTECTED]):
I just wanted to ask if someone can recommend a rootkit
detection/removal utility. There are a bunch of them if you
look around but I don't want to run any risk :-)
would be kind if someone knew of a serious solution :-)
The only really
## [EMAIL PROTECTED] ([EMAIL PROTECTED]):
I just wanted to ask if someone can recommend a rootkit
detection/removal utility. There are a bunch of them if you
look around but I don't want to run any risk :-)
would be kind if someone knew of a serious solution :-)
The only really
## Jean-Francois Dive ([EMAIL PROTECTED]):
I was wondering: PPTP use RC4 up to 128 bit keys as an encryption mechanism. I'd like
to have the impressions from people of the list about the cryptographic strenght of
such algorithm, especially now that wireless WEP RC4 based encryption have been
## Jean-Francois Dive ([EMAIL PROTECTED]):
I was wondering: PPTP use RC4 up to 128 bit keys as an encryption mechanism.
I'd like
to have the impressions from people of the list about the cryptographic
strenght of
such algorithm, especially now that wireless WEP RC4 based encryption have
## Eduardo J. Gargiulo ([EMAIL PROTECTED]):
Is there any way to obtain the IP address of a ssh client and use it on
a shell script? I want to put a crontab like
OpenSSH sets $SSH_CLIENT, containing the client's IP address, the remote
and the local port of the connection.
Regards,
cmt
--
## Eduardo J. Gargiulo ([EMAIL PROTECTED]):
Is there any way to obtain the IP address of a ssh client and use it on
a shell script? I want to put a crontab like
OpenSSH sets $SSH_CLIENT, containing the client's IP address, the remote
and the local port of the connection.
Regards,
cmt
--
## Stefan Srdic ([EMAIL PROTECTED]):
Remember to statically compile BIND if your going to place it in a chroot
jail,
You may also put the Debian Bind 8.2.3 (8.2.3-0.potato) in a chroot.
Be sure to have the following files in your chroot:
dev/null
etc/bind/named.conf
etc/localtime
etc/group a
## Stefan Srdic ([EMAIL PROTECTED]):
Remember to statically compile BIND if your going to place it in a chroot
jail,
You may also put the Debian Bind 8.2.3 (8.2.3-0.potato) in a chroot.
Be sure to have the following files in your chroot:
dev/null
etc/bind/named.conf
etc/localtime
etc/group a
## Howland, Curtis ([EMAIL PROTECTED]):
Is there a drop from... command as well? I much prefer simply
black-holing packets rather than giving back to the perp I'm here, but
I know about you data by deny. Or is that what the Apache deny
does?
Apache's Deny from gives an error 403 (HTTP
## Howland, Curtis ([EMAIL PROTECTED]):
Is there a drop from... command as well? I much prefer simply
black-holing packets rather than giving back to the perp I'm here, but
I know about you data by deny. Or is that what the Apache deny
does?
Apache's Deny from gives an error 403 (HTTP
## Martin WHEELER ([EMAIL PROTECTED]):
Is anyone else having problems with the robot from
openfind.com.tw
That one has not been seen here.
Anyone know of a sure-fire robot killer under woody?
Apache himself (assuming your webserver runs apache, other servers
should have something
## Martin WHEELER ([EMAIL PROTECTED]):
Is anyone else having problems with the robot from
openfind.com.tw
That one has not been seen here.
Anyone know of a sure-fire robot killer under woody?
Apache himself (assuming your webserver runs apache, other servers
should have something
55 matches
Mail list logo