ot;. My feeling has
alway's been that you can't have Freedom without having paid for it in
some way.
We're paying right now by letting some of the little things of our
Freedom go. It's a small price
to know when I wake up everyday, I can still be "free" to do what I
Yes, the American Empire is certainly on the move... and the World is
their oyster.
Be afraid, be very afraid.
Ted
Maybe you should talk to the family of the 3300 people in the WTC that
died because the FBI, CIA
or Special Services didn't have or couldn't intercept the many mail, fax
ot;. My feeling has
alway's been that you can't have Freedom without having paid for it in
some way.
We're paying right now by letting some of the little things of our
Freedom go. It's a small price
to know when I wake up everyday, I can still be "free" to do what I
Yes, the American Empire is certainly on the move... and the World is
their oyster.
Be afraid, be very afraid.
Ted
Maybe you should talk to the family of the 3300 people in the WTC that
died because the FBI, CIA
or Special Services didn't have or couldn't intercept the many mail, fax
and
If the FBI has the power, time and energy to install a proxy between my
router
and my ISP to spoof a package host (i.e. security.debian.org) just to
root my servers, then they
are clearly a heck of lot more "geeky" than I thought. Hell, why go
through that trouble,
why not just grab my traffic
If the FBI has the power, time and energy to install a proxy between my
router
and my ISP to spoof a package host (i.e. security.debian.org) just to
root my servers, then they
are clearly a heck of lot more "geeky" than I thought. Hell, why go
through that trouble,
why not just grab my traffic
Not sure if you care, but qmail has vpopmail, which is a non-passwd file
based authentation method.
I've been using qmail now for about 3 years solid, and I have to say its
probably the most secure,
fast and reliable e-mail server out there.
Combine qmail with vpopmail and qmailadmin and you've
Not sure if you care, but qmail has vpopmail, which is a non-passwd file
based authentation method.
I've been using qmail now for about 3 years solid, and I have to say its
probably the most secure,
fast and reliable e-mail server out there.
Combine qmail with vpopmail and qmailadmin and you've
Giacomo,
How about an example!?!
I'm a little surprise as to why you'd point out an exploit and
not tell people how to fix it...
Thanks,
Gary
-Original Message-
From: Giacomo Mulas [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 07, 2002 3:48 AM
To: Michal Melewski
Cc: debian-security@list
Giacomo,
How about an example!?!
I'm a little surprise as to why you'd point out an exploit and
not tell people how to fix it...
Thanks,
Gary
-Original Message-
From: Giacomo Mulas [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 07, 2002 3:48 AM
To: Michal Melewski
Cc: [EMAIL PROTECTED]
Damn!! I hit send before editing this message. Sorry!
Please read this instead of my previous message.
...
I'm setting up a Deb (woody) box with qmail and iptables.
I've got both installed, both seem be operating fine.
Iptables is setup to no allow traffic other
than 25, 110 and of course 22 (s
I'm setting up a Deb (woody) box with qmail and iptables.
I've got both installed, both seem be operating fine.
Incidently, other than 25, 110 and of course 22 (ssh).
The problem I'm running into is iptables is causing
e-mail to be allowed through the server and I get
this message in the /var/l
Damn!! I hit send before editing this message. Sorry!
Please read this instead of my previous message.
...
I'm setting up a Deb (woody) box with qmail and iptables.
I've got both installed, both seem be operating fine.
Iptables is setup to no allow traffic other
than 25, 110 and of course 22 (
I'm setting up a Deb (woody) box with qmail and iptables.
I've got both installed, both seem be operating fine.
Incidently, other than 25, 110 and of course 22 (ssh).
The problem I'm running into is iptables is causing
e-mail to be allowed through the server and I get
this message in the /var/
Thats in your neighborhood dude, Here in Boston, you sneeze and
blue lights are flashing...
g.
-Original Message-
From: Christopher Petro [mailto:[EMAIL PROTECTED]
Behalf Of Petro
Sent: Monday, March 25, 2002 5:30 PM
To: Gary MacDougall
Cc: Langdon Green; andreas mayer; debian-security
onday, March 25, 2002 4:43 PM
To: andreas mayer; Gary MacDougall; debian-security@lists.debian.org
Subject: Re: failed ssh breakins on my exposed www box ..
>I think the net is freedom, and that is good...
That is the silliest thing I have ever heard. So what you are saying is
that any
Thats in your neighborhood dude, Here in Boston, you sneeze and
blue lights are flashing...
g.
-Original Message-
From: Christopher Petro [mailto:[EMAIL PROTECTED]]On
Behalf Of Petro
Sent: Monday, March 25, 2002 5:30 PM
To: Gary MacDougall
Cc: Langdon Green; andreas mayer; [EMAIL
: Monday, March 25, 2002 4:43 PM
To: andreas mayer; Gary MacDougall; [EMAIL PROTECTED]
Subject: Re: failed ssh breakins on my exposed www box ..
>I think the net is freedom, and that is good...
That is the silliest thing I have ever heard. So what you are saying is
that any kiddy/profes
> > We seriouslly need a US branch of the law-enforcement to deal
> > with this sort of stuff. I think if more people got prosecuted for
> > trying to crack into a site, the level of BS would drop to zero.
>
> Yeah! And what if the attacker is from a other country?
> You cannot just bomb 'em for t
> > We seriouslly need a US branch of the law-enforcement to deal
> > with this sort of stuff. I think if more people got prosecuted for
> > trying to crack into a site, the level of BS would drop to zero.
>
> Yeah! And what if the attacker is from a other country?
> You cannot just bomb 'em for
I get these all the time.
I've come to expect people to do this. It sucks, but hey,
what can you do. I'm fed up trying to report and chase them down.
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff. I think if more people got prosecuted for
trying to crack
I get these all the time.
I've come to expect people to do this. It sucks, but hey,
what can you do. I'm fed up trying to report and chase them down.
We seriouslly need a US branch of the law-enforcement to deal
with this sort of stuff. I think if more people got prosecuted for
trying to crac
We've "given the finger" to the finger daemon years ago...
no need for it.
g
-Original Message-
From: Moritz Schulte [mailto:[EMAIL PROTECTED] Behalf Of Moritz
Schulte
Sent: Sunday, January 06, 2002 11:20 AM
To: Debian-Security List
Subject: Re: Secure Finger Daemon
eim <[EMAIL PROTECTE
We've "given the finger" to the finger daemon years ago...
no need for it.
g
-Original Message-
From: Moritz Schulte [mailto:[EMAIL PROTECTED]]On Behalf Of Moritz
Schulte
Sent: Sunday, January 06, 2002 11:20 AM
To: Debian-Security List
Subject: Re: Secure Finger Daemon
eim <[EMAIL PROT
, Jan 03, 2002 at 11:44:49AM -0500, Gary MacDougall wrote:
> Right, and I think its strange that the parent process felt the need
> to kill the child process. It might be justified if the child seg'd
> or died, but i thought xinetd handled this with more grace than say
> inetd... ju
mmers [mailto:[EMAIL PROTECTED]
Sent: Thursday, January 03, 2002 11:34 AM
To: Gary MacDougall
Cc: Sven Hoexter; debian-security@lists.debian.org
Subject: Re: strange proftpd segfault and conntrack_ftp messages
On Thu, Jan 03, 2002 at 11:31:38AM -0500, Gary MacDougall wrote:
> I find it interest
I find it interesting that the seg fault happened, then xinetd reported it
failed.
I wonder if its not proftp, but xinet...
just a thought.
g.
-Original Message-
From: Sven Hoexter [mailto:[EMAIL PROTECTED]
Sent: Thursday, January 03, 2002 5:24 AM
To: debian-security@lists.debian.org
Cc:
at 11:44:49AM -0500, Gary MacDougall wrote:
> Right, and I think its strange that the parent process felt the need
> to kill the child process. It might be justified if the child seg'd
> or died, but i thought xinetd handled this with more grace than say
> inetd... just curious,
mmers [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 03, 2002 11:34 AM
To: Gary MacDougall
Cc: Sven Hoexter; [EMAIL PROTECTED]
Subject: Re: strange proftpd segfault and conntrack_ftp messages
On Thu, Jan 03, 2002 at 11:31:38AM -0500, Gary MacDougall wrote:
> I find it interesting that the s
I find it interesting that the seg fault happened, then xinetd reported it
failed.
I wonder if its not proftp, but xinet...
just a thought.
g.
-Original Message-
From: Sven Hoexter [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 03, 2002 5:24 AM
To: [EMAIL PROTECTED]
Cc: Christian Ha
Looks
like a buffer overrun attempt on gethostbyname().
First I'd start poking around your logs and see if someone "got
root"...
Start
checking the dates and times of /sbin/ etc. etc.
Then,
I'd look at an exploit possibility for gethostbyname(),
then
double check all of your libs and s
Looks
like a buffer overrun attempt on gethostbyname().
First I'd start poking around your logs and see if someone "got
root"...
Start
checking the dates and times of /sbin/ etc. etc.
Then,
I'd look at an exploit possibility for gethostbyname(),
then
double check all of your libs and s
> Now, I do not know about American law, but at least in Finland the
>guy whose gun (assault rifles are illegal anyway unless they are
>rendered non-automatic) was stolen, is likely to get punished as well!
>It depends on how the gun was stored: it needs to be locked away in a
>different location
> Now, I do not know about American law, but at least in Finland the
>guy whose gun (assault rifles are illegal anyway unless they are
>rendered non-automatic) was stolen, is likely to get punished as well!
>It depends on how the gun was stored: it needs to be locked away in a
>different locatio
Although you raise a very good point. I have a severe problem
with this notion of a "whitehat" cracker.
For example:
If I left the keys in the door and someone unlocked my door,
walked in and then called me and said "hey, stupid, i'm in your
home -- I'm calling you from there, see!". I'd say "he
ter
law be any different?
I see you point, do you see mine?
g.
- Original Message -
From: "Howland, Curtis" <[EMAIL PROTECTED]>
To: "Ralf Dreibrodt" <[EMAIL PROTECTED]>; "Gary MacDougall"
<[EMAIL PROTECTED]>
Cc:
Sent: Tuesday, Decembe
Although you raise a very good point. I have a severe problem
with this notion of a "whitehat" cracker.
For example:
If I left the keys in the door and someone unlocked my door,
walked in and then called me and said "hey, stupid, i'm in your
home -- I'm calling you from there, see!". I'd say "h
omputer
law be any different?
I see you point, do you see mine?
g.
- Original Message -
From: "Howland, Curtis" <[EMAIL PROTECTED]>
To: "Ralf Dreibrodt" <[EMAIL PROTECTED]>; "Gary MacDougall"
<[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]&
> On Monday, December 24, 2001, at 10:52 , Gary MacDougall wrote:
>
> > Someone said that St. Jude was what I was looking for, and I think
> > its pretty much *exactly* what I was pointing out.
>
> Can't, in general, stop an attack. All the attacker has to do is
>
> On Monday, December 24, 2001, at 10:52 , Gary MacDougall wrote:
>
> > Someone said that St. Jude was what I was looking for, and I think
> > its pretty much *exactly* what I was pointing out.
>
> Can't, in general, stop an attack. All the attacker has to do is
>
> On Friday, December 21, 2001, at 03:25 , Gary MacDougall wrote:
>
> > Wouldn't it be nice to be able to run the kernel in "secure mode"?
> > I'm curious to know if we could limit the amount of "root exploits"
> > by this method, it would
> On Friday, December 21, 2001, at 03:25 , Gary MacDougall wrote:
>
> > Wouldn't it be nice to be able to run the kernel in "secure mode"?
> > I'm curious to know if we could limit the amount of "root exploits"
> > by this method, it would
understand more about it.
I was just trying to illicit conversation on the topic. Thats all .
I apologize if i pissed you off (or anyone else). I didn't mean too.
gary
-Original Message-
From: Kelly Martin [mailto:[EMAIL PROTECTED]
Sent: Friday, December 21, 2001 3:36 PM
To: &#
Hmmm I don't buy that this *couldn't* be done on the Intel.
I might be overstepping my knowledge, but I'm sure there
*must* be a way.
Going back to my 68k days, it would have been fairly easy
to write this. Hey, I'm not an Intel assembly/opcode expert,
but it seems to me, I think that you could si
st of what the process is allowed to exec, and
blocks the syscall if you can't. The list of syscall arguments is
created by running the module in "learn" mode, where it allows all
syscalls.
http://sourceforge.net/projects/stjude
On Fri, Dec 21, 2001 at 12:35:27PM -0500, G
to understand more about it.
I was just trying to illicit conversation on the topic. Thats all .
I apologize if i pissed you off (or anyone else). I didn't mean too.
gary
-Original Message-
From: Kelly Martin [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 21, 2001 3:36 PM
To: &#x
Hmmm I don't buy that this *couldn't* be done on the Intel.
I might be overstepping my knowledge, but I'm sure there
*must* be a way.
Going back to my 68k days, it would have been fairly easy
to write this. Hey, I'm not an Intel assembly/opcode expert,
but it seems to me, I think that you could s
Interesting.
Has someone done some work on this?
I'm mean, lets face it, your running a bunch of
servers and they have boat loads of daemon's. Why
they'll need to fork/exec a shell is really a good
question -- in my mind, they don't. I could be wrong.
Why not simply build this ability into the
I should also add...
I do understand that running processes as "root" is
basically the problem... but in theory, the setup of running
things under a different user can be a pain -- why not
simply allow the kernel to handle it...
...
-Original Message-----
From: Gary MacDouga
Thanks everyone for the answer.
I was pretty sure that the kernel would be able
to detect the fault, but I needed to *make* sure
before i asked another question.
Now heres my next questions and its a security one.
Based off what was explained by Noah and Kelly,
it appears to me that Buffer Overru
t the process is allowed to exec, and
blocks the syscall if you can't. The list of syscall arguments is
created by running the module in "learn" mode, where it allows all
syscalls.
http://sourceforge.net/projects/stjude
On Fri, Dec 21, 2001 at 12:35:27PM -0500, Gary MacDougall wr
Interesting.
Has someone done some work on this?
I'm mean, lets face it, your running a bunch of
servers and they have boat loads of daemon's. Why
they'll need to fork/exec a shell is really a good
question -- in my mind, they don't. I could be wrong.
Why not simply build this ability into the
Since we're on the 2.4 kernel, I have a question thats been
jawing at me and haven't really had the time to peel through
code and look...
In the kernel (ok, stand up you kernel guru's!), when a
"segmentation fault" is raised, I don't care where, doesn't the
kernel get some sort of notification ev
I should also add...
I do understand that running processes as "root" is
basically the problem... but in theory, the setup of running
things under a different user can be a pain -- why not
simply allow the kernel to handle it...
...
-Original Message-----
From: Gary MacDouga
Thanks everyone for the answer.
I was pretty sure that the kernel would be able
to detect the fault, but I needed to *make* sure
before i asked another question.
Now heres my next questions and its a security one.
Based off what was explained by Noah and Kelly,
it appears to me that Buffer Overr
Since we're on the 2.4 kernel, I have a question thats been
jawing at me and haven't really had the time to peel through
code and look...
In the kernel (ok, stand up you kernel guru's!), when a
"segmentation fault" is raised, I don't care where, doesn't the
kernel get some sort of notification e
56 matches
Mail list logo
