On Mon, 9 Jun 2003, Helmar wrote:
I just upgraded my kernel image from 2.4.18-k6 to 2.4.18-1-k6 and i
cannot confirm that the above bug has been fixed. The simple exploit (i
think it has been from bugtraq) is still working fine, giving every
local user easily root privileges.
take the
On Mon, 9 Jun 2003, Helmar wrote:
I just upgraded my kernel image from 2.4.18-k6 to 2.4.18-1-k6 and i
cannot confirm that the above bug has been fixed. The simple exploit (i
think it has been from bugtraq) is still working fine, giving every
local user easily root privileges.
take the
On Wed, 7 May 2003, Rudolph van Graan wrote:
The following packages will be upgraded
kdewallpapers mime-support
2 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0B/1030kB of archives. After unpacking 105kB will be freed.
Do you want to continue? [Y/n]
On Mon, 5 May 2003 [EMAIL PROTECTED] wrote:
$ rsync -avz security.debian.org::debian-security .
rsync: read error: Connection reset by peer
rsync error: error in rsync protocol data stream (code 12) at io.c(162)
Works fine here, you might want to check your firewall logs to see if
you're
On 23 Jan 2003, Stanislas Rusinsky wrote:
in sshd_conf :
AllowTcpForwarding no :
Specifies whether TCP forwarding is permitted. The default is
``yes''. Note that disabling TCP forwarding does not improve security
unless users are also denied shell access, as they can
On Mon, 16 Dec 2002, Phillip Hofmeister wrote:
Hi all,
I am sure you have seen the SSH CERT. Are we vulnerable? If so is
there a time line for an update?
Thanks,
The vendor response in the CERT advisory said OpenSSH was not vulnerable.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
On Mon, 16 Dec 2002, Phillip Hofmeister wrote:
Hi all,
I am sure you have seen the SSH CERT. Are we vulnerable? If so is
there a time line for an update?
Thanks,
The vendor response in the CERT advisory said OpenSSH was not vulnerable.
Any word from the security team on what's going on with potato's bind?
Mike
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Any word from the security team on what's going on with potato's bind?
Mike
Did the above mentioned hole ever get fixed in potato bitchx?
Seems that it should have been, but the exploit is well over a year old,
and I see nothing in the changelog.
Mike
On Thu, 8 Aug 2002, Roger Ward wrote:
Which bug? this url does not work
oops.
http://www.securiteam.com/unixfocus/5QP020K35O.html
It's the DNS parsing code bug.
Hate to beat a dead horse, but
deb http://http.us.debian.org/debian potato main contrib non-free
deb http://http.us.debian.org/debian dists/potato-proposed-updates/
deb http://non-us.debian.org/debian-non-US potato/non-US main contrib
non-free
deb http://non-us.debian.org/debian-security
For a truly stable Debian system, drop
deb http://http.us.debian.org/debian dists/potato-proposed-updates/
(wait for official release updates) and then just s/potato/stable/g.
Note that non-US is being phased out.
I've seen way too many packages that take too long to get into stable when
I've done some looking around on the web, and haven't really found an
answer to the following question.
How do you securely handle syslogging when you have servers in the DMZ,
and then the servers that are inside on the internal network? Seems that
the fundamental rule is never allow internal
logging console level
should get what you need on a cisco. Might have to set that serial port
to no password, which brings up an additional home if physical security
is a concern.
--Rich
What about the cisco that's 35 miles away?
I'm thinking with what these cisco's do, and actually log,
On Fri, 30 Nov 2001, Roger Keays wrote:
Hi all,
I'm not sure if this is common knowledge or not, but I have just noticed
the effects of having the first two letters of your password the same as
the first two in your login name... You can use any extension of your
password!!
e.g., on
Interesting. I'm running Debian 2.2r2 (dist-upgraded to testing). I
selected MD5 for my passwords during installation. However, it seems
that it has defaulted my passwords to 8 characters too:
From /etc/pam.d/passwd (login is the same)
password required pam_unix.so nullok obscure
On Fri, 30 Nov 2001, Roger Keays wrote:
Hi all,
I'm not sure if this is common knowledge or not, but I have just noticed
the effects of having the first two letters of your password the same as
the first two in your login name... You can use any extension of your
password!!
e.g., on my
Interesting. I'm running Debian 2.2r2 (dist-upgraded to testing). I
selected MD5 for my passwords during installation. However, it seems
that it has defaulted my passwords to 8 characters too:
From /etc/pam.d/passwd (login is the same)
password required pam_unix.so nullok obscure
Robert Davidson Security wrote:
On Fri, Aug 03, 2001 at 03:50:23AM +1000, Ian Miller wrote:
I know this may not be the place for it... but its a real laugh.
http://www.linuks.mine.nu/debian/
Yep, it's not the place but it's a great site!
I love the porn.conf file... links actually work
to have accumulated. Any comments/suggestions?
The proposed-updates, was because of a package not making it into security.d.o due to
whatever reason it was at the time.
Mike Dresser
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
to have accumulated. Any
comments/suggestions?
The proposed-updates, was because of a package not making it into security.d.o
due to
whatever reason it was at the time.
Mike Dresser
Peter Cordes wrote:
yeti:~$ grep 2064 /usr/share/nmap/nmap-services
distrib-net-losers 2064/tcp # A group of lamers working on a silly
closed-source client for solving the RSA cryptographic challenge. This is
the keyblock proxy port.
It used to be s/losers/assholes/ and s/silly/stupid/,
"William R. Ward" wrote:
I've replaced the legit usernames and IP's with "xxx" but left them in
for context. I'm worried that the "date" entries are a consequence of
some hacker activity, but I have been unable to find any other
symptoms. I did a web search and did not find any mention of
William R. Ward wrote:
I've replaced the legit usernames and IP's with xxx but left them in
for context. I'm worried that the date entries are a consequence of
some hacker activity, but I have been unable to find any other
symptoms. I did a web search and did not find any mention of this
Mike Fedyk wrote:
If you try to su to a user with a shell set to /dev/null, what happens?
/bin/false just exits the su, even from root.
su - username -s /bin/sh
mike
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Mike Fedyk wrote:
If you try to su to a user with a shell set to /dev/null, what happens?
/bin/false just exits the su, even from root.
su - username -s /bin/sh
mike
Somehow, I'm getting the impression you haven't taken this system offline, and
properly either reinstall or definately fix what's wrong. That should be your
first priority, if so.
Steve Rudd wrote:
Hello! Steve here,
Well I am one of the family now! My server is Debian 2.2r2. A benign hacker
You don't mention whether the previous admin is still with you, but if not,
you'll want to remove his RSA keys from the server, or else you can change your
root password all you want, and he'll still be able to connect, assuming he can
get to the machine via your network/internet.
Duane Powers
You don't mention whether the previous admin is still with you, but if not,
you'll want to remove his RSA keys from the server, or else you can change your
root password all you want, and he'll still be able to connect, assuming he can
get to the machine via your network/internet.
Duane Powers
uot;
I don't think SPI would complain about multiple donations per advertisement. =)
Mike Dresser
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
about multiple donations per advertisement. =)
Mike Dresser
32 matches
Mail list logo