Le Fri, 4 Sep 2009 10:25:38 +0100,
Adam D. Barratt a...@adam-barratt.org.uk a écrit :
X-Mailer: Microsoft Outlook Express 6.00.2900.5843 -- Huh...
Is that a joke ?
Adam D. Barratt wrote:
The next Lenny point release (5.0.3) is scheduled for Saturday,
September 5th.
The point
DeMZed a écrit :
Hello !
When I do :
cryptsetup -c aes -s 4096 create home /dev/loop0
As your system speaks french and the question is not exactly
related to *security* issues, you better ask on i.e the
fr.comp.os.linux.configuration newsgroup...
Jacques
--
To
Hello,
On a 'stable' + security updated machine RkHunter says :
* Application version scan
- Bind DNS 8.3.3 [ Old or patched version ]
- OpenSSL 0.9.6c [ Old or patched version ]
- OpenSSH 3.4p1 [ Old or patched version ]
Does it means 'safe' or not ?
Thanks,
On Mon, 10 Jan 2005 15:19:33 +0100
Vladislav Kurz [EMAIL PROTECTED] wrote:
mount -t tmpfs tmpfs /dev/shm
Only root can do that.
Jacques
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bonjour...
When running chkrootkit from a shell logged on the machine I get :
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
Warning: Possible LKM Trojan installed
Sometimes I get 2 or 3 processes, sometimes NONE.
Are there
Bonjour...
When running chkrootkit from a shell logged on the machine I get :
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
Warning: Possible LKM Trojan installed
Sometimes I get 2 or 3 processes, sometimes NONE.
Are there
On Thu, Jun 27, 2002 at 07:35:49PM +0200, Rolf Kutz wrote:
* Quoting Robert Brown ([EMAIL PROTECTED]):
It works here, with kernel-2.4 on i386. You can
It works here, with kernel-2.2 on i386.
- Rolf
Jacques
--
0CBE 3F8A 5A77 A35C 27C7 2D42 3EC5 806B 9178
Hello,
As you know, chkrootkit master site is : ftp.pangeia.com.br
Let's have a look :
pollux:~# ftp ftp.pangeia.com.br
Connected to ftp.pangeia.com.br.
220 spliff FTP server (PFTP 0.13) ready.
Name (ftp.pangeia.com.br:root): ftp
331 Guest login ok, send ident as password.
Password:
230 Guest
On Tue, Jun 04, 2002 at 03:13:06PM +0200, Johannes Weiss wrote:
Perhaps try
netcat -l -p port
it binds a server-socket on udp-port port and then you try
netcat machine port
then enter some letters and if they don't arrive at the term which executes
netcat -l -p port
there is another
Hello,
Is there any malicious think listening these ports :
Starting nmap V. 2.12 by Fyodor ([EMAIL PROTECTED], www.insecure.org/nmap/)
Interesting ports on news.pcl.fr (195.6.210.99):
PortState Protocol Service
1996openudptr-rsrb-port
1997openudp
On Mon, Jun 03, 2002 at 10:31:22PM +0200, Guido Hennecke wrote:
Hallo Jacques,
Hallo Guido,
Interesting ports on news.pcl.fr (195.6.210.99):
PortState Protocol Service
1996openudptr-rsrb-port
1997openudpgdp-port
lsof -Pi | grep
On Mon, Jun 03, 2002 at 11:38:06PM +0300, Sami Haahtinen wrote:
better yet -- lsof -Pi :portnumber
news:~# lsof -Pi udp:1996
news:~# lsof -Pi udp:1997
Nothing displayed neither...
Sami
Jacques
--
0CBE 3F8A 5A77 A35C 27C7 2D42 3EC5 806B 9178 088D
--
On Mon, Jun 03, 2002 at 10:43:48PM +0200, Guido Hennecke wrote:
Hallo Jacques,
At 03.06.2002, Jacques Lav!gnotte wrote:
On Mon, Jun 03, 2002 at 10:31:22PM +0200, Guido Hennecke wrote:
[...]
lsof -Pi | grep portnumber
(on the local system)
news:~# lsof -Pi | grep 1996
news:~# lsof
On Mon, Jun 03, 2002 at 04:46:36PM -0400, James wrote:
Are you sure they are open and nmap isn't just returning a false
positive?
Try a #netstat -vatn on the local server and see if those ports really
are open.
news:~# netstat -vatn
Active Internet connections (servers and established)
On Mon, Jun 03, 2002 at 04:46:36PM -0400, James wrote:
Are you sure they are open and nmap isn't just returning a false
positive?
Try a #netstat -vatn on the local server and see if those ports really
are open.
Nmap issued from the host itself does not returns anything either...
news:~#
On Mon, Jun 03, 2002 at 04:12:55PM -0500, Lance Heller wrote:
Starting nmap V. 2.53 by [EMAIL PROTECTED] ( www.insecure.org/nmap/ )
Interesting ports on news.pcl.fr (195.6.210.99):
Port State Service
1996/udp opentr-rsrb-port
1997/udp open
On Mon, Jun 03, 2002 at 11:05:44PM +0200, Guido Hennecke wrote:
So i think, there are no open Ports.
Another possibility is, your system was hacked.
chkrootkit-0.35 is running everyday, using a new fresh compiled binary,
and nothing is found.
So, will see,
Thank you everyone,
Hello,
Is there any malicious think listening these ports :
Starting nmap V. 2.12 by Fyodor ([EMAIL PROTECTED], www.insecure.org/nmap/)
Interesting ports on news.pcl.fr (195.6.210.99):
PortState Protocol Service
1996openudptr-rsrb-port
1997openudp
On Mon, Jun 03, 2002 at 10:31:22PM +0200, Guido Hennecke wrote:
Hallo Jacques,
Hallo Guido,
Interesting ports on news.pcl.fr (195.6.210.99):
PortState Protocol Service
1996openudptr-rsrb-port
1997openudpgdp-port
lsof -Pi | grep
On Mon, Jun 03, 2002 at 11:38:06PM +0300, Sami Haahtinen wrote:
better yet -- lsof -Pi :portnumber
news:~# lsof -Pi udp:1996
news:~# lsof -Pi udp:1997
Nothing displayed neither...
Sami
Jacques
--
0CBE 3F8A 5A77 A35C 27C7 2D42 3EC5 806B 9178 088D
--
To
On Mon, Jun 03, 2002 at 10:43:48PM +0200, Guido Hennecke wrote:
Hallo Jacques,
At 03.06.2002, Jacques Lav!gnotte wrote:
On Mon, Jun 03, 2002 at 10:31:22PM +0200, Guido Hennecke wrote:
[...]
lsof -Pi | grep portnumber
(on the local system)
news:~# lsof -Pi | grep 1996
news:~# lsof
On Mon, Jun 03, 2002 at 04:46:36PM -0400, James wrote:
Are you sure they are open and nmap isn't just returning a false
positive?
Try a #netstat -vatn on the local server and see if those ports really
are open.
news:~# netstat -vatn
Active Internet connections (servers and established)
On Mon, Jun 03, 2002 at 04:46:36PM -0400, James wrote:
Are you sure they are open and nmap isn't just returning a false
positive?
Try a #netstat -vatn on the local server and see if those ports really
are open.
Nmap issued from the host itself does not returns anything either...
news:~#
On Mon, Jun 03, 2002 at 04:12:55PM -0500, Lance Heller wrote:
Starting nmap V. 2.53 by [EMAIL PROTECTED] ( www.insecure.org/nmap/ )
Interesting ports on news.pcl.fr (195.6.210.99):
Port State Service
1996/udp opentr-rsrb-port
1997/udp opengdp-port
On Mon, Jun 03, 2002 at 11:05:44PM +0200, Guido Hennecke wrote:
So i think, there are no open Ports.
Another possibility is, your system was hacked.
chkrootkit-0.35 is running everyday, using a new fresh compiled binary,
and nothing is found.
So, will see,
Thank you everyone,
On Mon, Jan 21, 2002 at 07:54:03PM +0100, eim wrote:
Hallo debian-sec folks,
While I was checking up some configurations,
I've noticed that the root's home directory /root
is world readable...
$ drwxr-xr-x2 root root 4.0k Jan 21 15:33 root
This seems to be Debian's
On Mon, Jan 21, 2002 at 07:54:03PM +0100, eim wrote:
Hallo debian-sec folks,
While I was checking up some configurations,
I've noticed that the root's home directory /root
is world readable...
$ drwxr-xr-x2 root root 4.0k Jan 21 15:33 root
This seems to be Debian's
On Wed, Feb 06, 2002 at 10:19:03AM +0100, Moses Moore wrote:
[substitute German/Bundestag with America/(Senate|Congress) or
[Europe|
(Canada|England|Australia)/Parliment as appropriate]
When you talk about 'health' do you think 'nation' ?
Jacques
Inappropriate place, I
Good Morning,
While you are talking about ssh issues...
From my log :
Jan 13 09:50:58 news sshd[897]: scanned from 216.78.148.184 with
+SSH-1.0-SSH_Version_Mapper. Don't panic.
Jan 13 09:50:58 news sshd[896]: Did not receive identification string from
+216.78.148.184
Should I really Not
On Mon, Jan 14, 2002 at 04:54:31PM +0100, Dietmar Braun wrote:
Well if one should do like you say then one would have to cut off Germany and
USA too as I get spam from both countries, most from the latter of
course.
Ok, I admit that this isn't practicable (I shouldn't write mails when I
On Sat, Jan 12, 2002 at 03:59:12AM -0700, Stefan Srdic wrote:
On January 12, 2002 02:28 pm, Stephen Gran wrote:
Thus spake Stefan Srdic:
Hi,
You might have misunderstood me, my question was, will the checksecurity
script that runs from cron e-mail it's report to root if I have exim
On Sat, Jan 12, 2002 at 03:59:12AM -0700, Stefan Srdic wrote:
On January 12, 2002 02:28 pm, Stephen Gran wrote:
Thus spake Stefan Srdic:
Hi,
You might have misunderstood me, my question was, will the checksecurity
script that runs from cron e-mail it's report to root if I have exim
On Thu, Jan 10, 2002 at 08:31:00PM -0800, Alvin Oga wrote:
- if you think they used a simple/ordinary rootkits... you can
try some of the rootkit detectors
http://www.chkrootkit.org/
Great tool
Got :
Searching for t0rn's default files and dirs... Possible t0rn rootkit
On Thu, Jan 10, 2002 at 08:31:00PM -0800, Alvin Oga wrote:
- if you think they used a simple/ordinary rootkits... you can
try some of the rootkit detectors
http://www.chkrootkit.org/
Great tool
Got :
Searching for t0rn's default files and dirs... Possible t0rn rootkit
34 matches
Mail list logo