On Wed, Dec 24, 2003 at 03:33:54PM +0100, outsider wrote:
But I have a dynamic IP. Every time I boot my system I get another
IP-address.
The worms are targetting random IP addresses. The IP address you have
tomorrow is just as likely to get scanned as the one you have today.
(Technically not
On Wed, Dec 24, 2003 at 03:33:54PM +0100, outsider wrote:
But I have a dynamic IP. Every time I boot my system I get another
IP-address.
The worms are targetting random IP addresses. The IP address you have
tomorrow is just as likely to get scanned as the one you have today.
(Technically not
On Tue, Dec 23, 2003 at 01:36:20PM +, Dale Amon wrote:
I have yet to see a false positive caused by this even though I get
quite a lot of this stuff and routinely mark it as spam.
I can't think of any other reason for someone to do it
though. There has to be a point. Someone is going
On Tue, Dec 23, 2003 at 07:01:01PM +0100, outsider wrote:
Last time I frequently get messages like
smbd[949]: refused connect from in my /var/log/syslog. Every time
with new IP-address. What are these connections? Is somebody trying to
scan me or what is the reason for these messages?
You
On Tue, Dec 23, 2003 at 01:36:20PM +, Dale Amon wrote:
I have yet to see a false positive caused by this even though I get
quite a lot of this stuff and routinely mark it as spam.
I can't think of any other reason for someone to do it
though. There has to be a point. Someone is going
On Tue, Dec 23, 2003 at 07:01:01PM +0100, outsider wrote:
Last time I frequently get messages like
smbd[949]: refused connect from in my /var/log/syslog. Every time
with new IP-address. What are these connections? Is somebody trying to
scan me or what is the reason for these messages?
You
On Mon, Dec 22, 2003 at 01:21:37PM +0200, Baran YURDAGUL wrote:
First of all sorry about this, because I am facing this problem on
redhat. How can can I stop ipv6 resolving, when i make telnet to a
host not in dns but in nis and files it take 1 minute to resolve this.
nsswitch.conf is host :
On Mon, Dec 22, 2003 at 01:21:37PM +0200, Baran YURDAGUL wrote:
First of all sorry about this, because I am facing this problem on
redhat. How can can I stop ipv6 resolving, when i make telnet to a
host not in dns but in nis and files it take 1 minute to resolve this.
nsswitch.conf is host :
On Sat, Nov 22, 2003 at 11:23:52AM +0100, Linux wrote:
The following looks a lot worse to me...
bsdutils, mount util-linux, console-data, procps, zlib1g, gnupg,
util-linux-locales
Suggestions + help how I should do that ?
See
On Sat, Nov 22, 2003 at 11:23:52AM +0100, Linux wrote:
The following looks a lot worse to me...
bsdutils, mount util-linux, console-data, procps, zlib1g, gnupg,
util-linux-locales
Suggestions + help how I should do that ?
See
On Sat, Nov 08, 2003 at 10:25:43AM -0600, Hanasaki JiJi wrote:
Nothing is using the port but it is in netstat
add the -p switch to netstat, which will give you the PID that is
associated with that socket.
pgpyH61MipHbf.pgp
Description: PGP signature
On Mon, Oct 06, 2003 at 05:31:05PM +0100, Andreas W?st wrote:
Hmmm, so what? Are these problems somehow tied together? Furthermore,
what is the probability that the system has really been cracked, and the
logcheck message is not a false positive? I wonder, because it's not a
server machine, it
On Mon, Oct 06, 2003 at 10:07:23PM +0100, Andreas W?st wrote:
I hope you've got some more ideas. I'm strictly following all the
security updates, and have a light mix of woody and sid packages.
run 'shutdown -rF now'
See if the problem persists after the fsck. If it does, check the
files
On Mon, Oct 06, 2003 at 05:31:05PM +0100, Andreas W?st wrote:
Hmmm, so what? Are these problems somehow tied together? Furthermore,
what is the probability that the system has really been cracked, and the
logcheck message is not a false positive? I wonder, because it's not a
server machine, it
On Mon, Oct 06, 2003 at 10:07:23PM +0100, Andreas W?st wrote:
I hope you've got some more ideas. I'm strictly following all the
security updates, and have a light mix of woody and sid packages.
run 'shutdown -rF now'
See if the problem persists after the fsck. If it does, check the
files
On Fri, Oct 03, 2003 at 06:45:39PM -0700, Alderbrook wrote:
Can anyone help me identify who is trying to get into my system?
They aren't trying to hack your system. They're just scanning for open
proxy ports that they can abuse. This is the sort of issue that, if you
run machines on the
On Thu, Sep 25, 2003 at 08:19:43AM +0200, Stefano Salvi wrote:
I think thisi is not wise:
Only because you misunderstand my idea.
- Why I must have services installed that I cannot use (are not started by
default)?
I didn't say anything about not starting by default. I said that they
would
On Thu, Sep 25, 2003 at 08:19:43AM +0200, Stefano Salvi wrote:
I think thisi is not wise:
Only because you misunderstand my idea.
- Why I must have services installed that I cannot use (are not started by
default)?
I didn't say anything about not starting by default. I said that they
would
On Wed, Sep 24, 2003 at 01:59:16PM -0500, Ryan Underwood wrote:
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs --
On Thu, Sep 25, 2003 at 11:12:28AM +1200, Steve Wray wrote:
For what its worth, and without wanting a distro-religious war about it,
Mandrake has a variety of security levels, which can be locally configured,
and which can allow exactly this sort of behavior;
Honestly, I think we can get away
On Wed, Sep 24, 2003 at 09:01:26PM -0400, Michael Stone wrote:
Until installing a package has the side effect of installing a network
service. Having a default-deny-incoming firewall or some such would go a
long way toward preventing accidental vulnerability exposure.
Well, remember that the
On Wed, Sep 24, 2003 at 01:59:16PM -0500, Ryan Underwood wrote:
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs --
On Thu, Sep 25, 2003 at 11:12:28AM +1200, Steve Wray wrote:
For what its worth, and without wanting a distro-religious war about it,
Mandrake has a variety of security levels, which can be locally configured,
and which can allow exactly this sort of behavior;
Honestly, I think we can get away
On Wed, Sep 24, 2003 at 09:01:26PM -0400, Michael Stone wrote:
Until installing a package has the side effect of installing a network
service. Having a default-deny-incoming firewall or some such would go a
long way toward preventing accidental vulnerability exposure.
Well, remember that the
On Wed, Sep 24, 2003 at 09:52:07PM -0400, Michael Stone wrote:
Except, what is default? If you install a workstation task should you
assume that you'll get open ports? (As the task packages pull in
dependencies, etc.) I think it makes more sense to provide a safety net
then to try to predict
On Tue, Sep 23, 2003 at 02:08:29AM +0200, Michelle Konzack wrote:
I was surfing the Website http://www.xmms.org/ for new skins and
at one klick...
...xmms was hijacked !!!
No access on xmms posibel. Can anyone confirm this please...
Please Cc: me.
Nope. Worked just fine for me. I
Does anybody have a copy of the patch for delegation-only functionality
in woody's bind9? ISC seems to have taken it down from their site. It
used to be listed at
http://www.isc.org/products/BIND/delegation-only.html, but that page now
only contains links to the latest versions of bind (which
Does anybody have a copy of the patch for delegation-only functionality
in woody's bind9? ISC seems to have taken it down from their site. It
used to be listed at
http://www.isc.org/products/BIND/delegation-only.html, but that page now
only contains links to the latest versions of bind (which
On Sat, Sep 20, 2003 at 08:33:29PM +0400, Nikita V. Youshchenko wrote:
I've just found that on all my systems /dev/log has rw-rw-rw- permissions.
Is that Debian default?
It's the default just about everywhere. If it was not the case, then
you'd have to put every user that you want to be able
On Sat, Sep 20, 2003 at 08:33:29PM +0400, Nikita V. Youshchenko wrote:
I've just found that on all my systems /dev/log has rw-rw-rw- permissions.
Is that Debian default?
It's the default just about everywhere. If it was not the case, then
you'd have to put every user that you want to be able
On Wed, Aug 27, 2003 at 06:29:23PM -0700, Ted Deppner wrote:
On Wed, Aug 27, 2003 at 03:46:22PM -0700, Eric Allman's vacation droid wrote:
I have left the University. Your mail is being forwarded to me.
[blah blah blah]
Am I the only one that finds the author of Sendmail spamming a mailing
On Wed, Aug 27, 2003 at 06:29:23PM -0700, Ted Deppner wrote:
On Wed, Aug 27, 2003 at 03:46:22PM -0700, Eric Allman's vacation droid wrote:
I have left the University. Your mail is being forwarded to me.
[blah blah blah]
Am I the only one that finds the author of Sendmail spamming a mailing
On Tue, Aug 26, 2003 at 08:23:44AM -0700, Alan W. Irwin wrote:
Thus, wouldn't it be the right thing to do to withdraw the Debian unstable
libtool-1.5 package until GNU has a chance to check the tarball? (And of
course after the checked version is available, the tarball used to create
the
On Tue, Aug 26, 2003 at 08:23:44AM -0700, Alan W. Irwin wrote:
Thus, wouldn't it be the right thing to do to withdraw the Debian unstable
libtool-1.5 package until GNU has a chance to check the tarball? (And of
course after the checked version is available, the tarball used to create
the
On Sat, Aug 23, 2003 at 07:38:25PM +0200, Adam ENDRODI wrote:
Perhaps I just misinterpret the terminology, but I've had the
impression that every certificate should be signed, so should the
root of the tree too. Since they sit at the top of the hierarchy
they must be self signed. Am I
On Sat, Aug 23, 2003 at 07:38:25PM +0200, Adam ENDRODI wrote:
Perhaps I just misinterpret the terminology, but I've had the
impression that every certificate should be signed, so should the
root of the tree too. Since they sit at the top of the hierarchy
they must be self signed. Am I
On Wed, Aug 20, 2003 at 08:44:08AM +0200, Christoph Moench-Tegeder wrote:
So, I'm wondering, does anybody know about any such approach?
After getting sick of all the virus crap in my inbox I installed the
following in /etc/exim/system_filter.txt:
This approach yields a high false
On Wed, Aug 20, 2003 at 05:23:30PM +0200, Adam ENDRODI wrote:
No, it really doesn't. It might stop some common implementations of
exploits, but that's about it. There are many papers available which
describe the shortcomings of this kind of prevention.
Could you provide some pointers on
On Wed, Aug 20, 2003 at 08:44:08AM +0200, Christoph Moench-Tegeder wrote:
So, I'm wondering, does anybody know about any such approach?
After getting sick of all the virus crap in my inbox I installed the
following in /etc/exim/system_filter.txt:
This approach yields a high false
On Wed, Aug 20, 2003 at 05:23:30PM +0200, Adam ENDRODI wrote:
No, it really doesn't. It might stop some common implementations of
exploits, but that's about it. There are many papers available which
describe the shortcomings of this kind of prevention.
Could you provide some pointers on
On Tue, Aug 19, 2003 at 10:56:29PM +0200, Kjetil Kjernsmo wrote:
So, I'm wondering, does anybody know about any such approach?
After getting sick of all the virus crap in my inbox I installed the
following in /etc/exim/system_filter.txt:
##
On Thu, Jul 31, 2003 at 06:41:01PM +0200, Thomas Bechtold wrote:
Now my questions are:
- How works DECnet[3]?
DECnet has nothing to do with libdnet or honeyd. I don't know what gave
you that idea. Unless you *really* know that you need DECnet, you don't
need it.
- How to configure
On Sat, Jul 12, 2003 at 11:43:02PM -0300, Peter Cordes wrote:
This is at least the third time this has come up that I remember. However,
absolute statements like *can not* get me thinking: Is there any any sort
of file that can't be executed from /tmp? What about statically linked ELF
On Sat, Jul 12, 2003 at 09:22:45PM -0400, Jim Popovitch wrote:
I have a complaint/opinion/statement to express. It seems that every now
and then when I run 'apt-get upgrade' i get a lot of errors about Can't
exec /tmp/config.x: Permission denied at I like to keep my
Debian boxen nice
On Sat, Jul 12, 2003 at 09:34:16PM -0400, Noah L. Meyerhans wrote:
# cp /bin/ls /tmp/
# /lib/ld-linux.so.2 /bin/ls
^^^
Naturally I meant /tmp/ls on the second line there. I'm sure you
figured that out on your own, but just for the record...
noah
pgp0.pgp
On Sat, Jul 12, 2003 at 11:43:02PM -0300, Peter Cordes wrote:
This is at least the third time this has come up that I remember. However,
absolute statements like *can not* get me thinking: Is there any any sort
of file that can't be executed from /tmp? What about statically linked ELF
On Sat, Jul 12, 2003 at 09:22:45PM -0400, Jim Popovitch wrote:
I have a complaint/opinion/statement to express. It seems that every now
and then when I run 'apt-get upgrade' i get a lot of errors about Can't
exec /tmp/config.x: Permission denied at I like to keep my
Debian boxen nice
On Sat, Jul 12, 2003 at 09:34:16PM -0400, Noah L. Meyerhans wrote:
# cp /bin/ls /tmp/
# /lib/ld-linux.so.2 /bin/ls
^^^
Naturally I meant /tmp/ls on the second line there. I'm sure you
figured that out on your own, but just for the record...
noah
pgph5wAJkMhjE.pgp
On Wed, Mar 26, 2003 at 12:11:58PM +0100, Sven Hoexter wrote:
Well yes it could :) As long as the user has no valid password it's not very
usefull. Take a look into the /etc/shadow and in the second field you'll find
! or * indicating that this user has a invalid password. See man 5 shadow.
On Wed, Mar 26, 2003 at 02:15:28PM -0500, Kevin Cheek wrote:
I believe that UDP port is for receiving DNS responses.
Umm... No.
It's used for ICP, a protocol for intercommunication between squid
caches. For example, at my site we have two different caches. One is
basically transparent.
On Wed, Mar 26, 2003 at 12:11:58PM +0100, Sven Hoexter wrote:
Well yes it could :) As long as the user has no valid password it's not very
usefull. Take a look into the /etc/shadow and in the second field you'll find
! or * indicating that this user has a invalid password. See man 5 shadow.
On Wed, Mar 26, 2003 at 02:15:28PM -0500, Kevin Cheek wrote:
I believe that UDP port is for receiving DNS responses.
Umm... No.
It's used for ICP, a protocol for intercommunication between squid
caches. For example, at my site we have two different caches. One is
basically transparent.
On Thu, Mar 20, 2003 at 12:18:23PM +0200, Haim Ashkenazi wrote:
After reading the responses for my email about NIS security, I was
convinced that it's time to learn about ldap w/kerberos. In the
ldap-howto's I've read there were references to kerberos by MIT and
hemidal. looking in my aptitude
On Thu, Mar 20, 2003 at 12:18:23PM +0200, Haim Ashkenazi wrote:
After reading the responses for my email about NIS security, I was
convinced that it's time to learn about ldap w/kerberos. In the
ldap-howto's I've read there were references to kerberos by MIT and
hemidal. looking in my aptitude
On Wed, Mar 19, 2003 at 09:40:00AM -0600, David Ehle wrote:
As I understand it, OpenAFS is IBM sortware that was opensourced. Coda
was a wholely opensource project to implement AFS. Please feel free to
correct me if I'm wrong.
No, CODA is not simply an AFS implementation. It is based on
On Wed, Mar 19, 2003 at 09:40:00AM -0600, David Ehle wrote:
As I understand it, OpenAFS is IBM sortware that was opensourced. Coda
was a wholely opensource project to implement AFS. Please feel free to
correct me if I'm wrong.
No, CODA is not simply an AFS implementation. It is based on
On Thu, Feb 20, 2003 at 04:44:26AM -0500, Odair wrote:
Is there a .deb for OpenSSH 3.5p1 ?
Yes, in unstable. Not stable. What makes you think you need it?
noah
--
___
| Web: http://web.morgul.net/~frodo/
| PGP Public Key:
On Thu, Feb 20, 2003 at 04:44:26AM -0500, Odair wrote:
Is there a .deb for OpenSSH 3.5p1 ?
Yes, in unstable. Not stable. What makes you think you need it?
noah
--
___
| Web: http://web.morgul.net/~frodo/
| PGP Public Key:
On Fri, Feb 14, 2003 at 05:00:42PM +0100, Dariush Pietrzak wrote:
It's great. But there is no alternative. And there should be.
That's because there doesn't need to be an alternative. Rrdtool is a
specialized application to fill a niche. Any old database will work in
situation where you are
On Fri, Feb 14, 2003 at 05:00:42PM +0100, Dariush Pietrzak wrote:
It's great. But there is no alternative. And there should be.
That's because there doesn't need to be an alternative. Rrdtool is a
specialized application to fill a niche. Any old database will work in
situation where you are
On Thu, Feb 13, 2003 at 02:59:26PM +, gabe wrote:
I would like to know what ppl think is the best package for monitor
servers, at my last work place they were installing mon. In my new
job they use Nagios, which I'm not to sure about due to the fact that
installation / configuration
On Thu, Feb 13, 2003 at 02:59:26PM +, gabe wrote:
I would like to know what ppl think is the best package for monitor
servers, at my last work place they were installing mon. In my new
job they use Nagios, which I'm not to sure about due to the fact that
installation / configuration
On Thu, Jan 30, 2003 at 09:35:05AM -0800, Anne Carasik wrote:
Is there a way to define that I only want to use the unstable
packages just related to snort or do I have to change my entire
distribution to unstable? Testing distribution has 1.8.7.
No. You would have to pull in all the
On Thu, Jan 30, 2003 at 09:35:05AM -0800, Anne Carasik wrote:
Is there a way to define that I only want to use the unstable
packages just related to snort or do I have to change my entire
distribution to unstable? Testing distribution has 1.8.7.
No. You would have to pull in all the
On Tue, Jan 07, 2003 at 08:00:11AM -0700, Miles Beck wrote:
Is there an updated OPENSSL package for Debian greater than OpenSSL-0.9.6c?
Yes, 0.9.6c-2.woody.1. It contains all the security fixes present in
openssl-0.9.6g.
~/Net_SSLeay.pm-1.21$ perl Makefile.PL
Checking for OpenSSL-0.9.6g or
On Tue, Jan 07, 2003 at 05:08:23PM +0100, Adrian 'Dagurashibanipal' von Bidder wrote:
So the version from testing should do. You may want to download the
source package and compile it yourself to avoid having to upgrade
dependencies (I don't know, just speculating).
Why tell him that? What
On Tue, Jan 07, 2003 at 05:08:23PM +0100, Adrian 'Dagurashibanipal' von Bidder
wrote:
So the version from testing should do. You may want to download the
source package and compile it yourself to avoid having to upgrade
dependencies (I don't know, just speculating).
Why tell him that? What
On Thu, Dec 26, 2002 at 09:16:12AM -0500, Phillip Hofmeister wrote:
This is on a Pentium 100 MHz with around 32 MB of RAM. The box itself
has been up 134 days. This is the primary internet server for
zionlth.org. Traffic to this domain is modest...
I have a feeling that it's possible to
On Thu, Dec 26, 2002 at 09:16:12AM -0500, Phillip Hofmeister wrote:
This is on a Pentium 100 MHz with around 32 MB of RAM. The box itself
has been up 134 days. This is the primary internet server for
zionlth.org. Traffic to this domain is modest...
I have a feeling that it's possible to
On Tue, Dec 17, 2002 at 10:36:52AM +0100, Sander Smeenk wrote:
Therefore I would more like to either remove the entire package *OR* add
a debconf / other intrusive warning that tells users that the package
gives them a fake sense of security and instead they should considder
installing snort
On Tue, Dec 17, 2002 at 08:42:03AM +0800, Patrick Hsieh wrote:
Woody is shipping OpenSSH_3.4p1. Before the security team confirm this
vulnerability and release the upgrade package, is there any way to patch and
repackage the woody openssh? I just can't find the patch against this
On Tue, Dec 17, 2002 at 08:42:03AM +0800, Patrick Hsieh wrote:
Woody is shipping OpenSSH_3.4p1. Before the security team confirm this
vulnerability and release the upgrade package, is there any way to patch and
repackage the woody openssh? I just can't find the patch against this
On Thu, Dec 12, 2002 at 09:39:27AM -0500, Phillip Hofmeister wrote:
If you implement IPSec, my experience (as of 6 months ago) with IPSec is
that it works great, as long as you use the same implementation on all
host.
I don't really agree with that. I have used several different IPsec
On Sat, Dec 07, 2002 at 01:51:11PM +0100, Javier Fern?ndez-Sanguino Pe?a wrote:
IIRC important new versions of existing packages are allowed into
point releases, so maybe Woody's main Snort engine binary packages can
be updated when 3.0r1 happens.
That won't happen sorry. That's
On Sat, Dec 07, 2002 at 01:51:11PM +0100, Javier Fern?ndez-Sanguino Pe?a wrote:
IIRC important new versions of existing packages are allowed into
point releases, so maybe Woody's main Snort engine binary packages can
be updated when 3.0r1 happens.
That won't happen sorry. That's
On Fri, Dec 06, 2002 at 04:35:04PM +0100, Christian Storch wrote:
Look at brand new
http://packages.debian.org/unstable/mail/cyrus21-imapd.html
ssl included!
Cyrus definitely rocks, but it can't be described as lightweight in any
sense of the word. It's very powerful, and would be my first
On Fri, Dec 06, 2002 at 04:35:04PM +0100, Christian Storch wrote:
Look at brand new
http://packages.debian.org/unstable/mail/cyrus21-imapd.html
ssl included!
Cyrus definitely rocks, but it can't be described as lightweight in any
sense of the word. It's very powerful, and would be my first
On Wed, Dec 04, 2002 at 06:44:12PM -0800, Johannes Graumann wrote:
and was wondering as to what this group is prefering and why or whether there are
other more trusted alternatives.
My main argument ageinst tripwire is it's pseudo-commercial source.
I use tripwire and recommend it strongly.
On Fri, Dec 06, 2002 at 04:18:52AM +, Nick Boyce wrote:
I've been running Snort for a month or so now on a Woody box at work,
and am now wondering whether the Debian Project (or packager) has a
Plan for providing signature file updates to users of the stable
distribution.
This has been
On Wed, Dec 04, 2002 at 06:44:12PM -0800, Johannes Graumann wrote:
and was wondering as to what this group is prefering and why or whether there
are other more trusted alternatives.
My main argument ageinst tripwire is it's pseudo-commercial source.
I use tripwire and recommend it strongly.
On Fri, Dec 06, 2002 at 04:18:52AM +, Nick Boyce wrote:
I've been running Snort for a month or so now on a Woody box at work,
and am now wondering whether the Debian Project (or packager) has a
Plan for providing signature file updates to users of the stable
distribution.
This has been
On Tue, Nov 26, 2002 at 08:08:40AM -0800, Ted Parvu wrote:
This is a test to see if a non-subscribed user can
post to the debian security list.
This is only a test. If you are reading this, then
the answer is yes and that just doesn't seem
right.
*plonk*
This has been discussed *at
On Tue, Nov 26, 2002 at 08:08:40AM -0800, Ted Parvu wrote:
This is a test to see if a non-subscribed user can
post to the debian security list.
This is only a test. If you are reading this, then
the answer is yes and that just doesn't seem
right.
*plonk*
This has been discussed *at
On Fri, Nov 22, 2002 at 03:19:30PM +0100, Sythos wrote:
If someone has testing version on his machine should link stable or
unstable for security update?
Neither. Unstable doesn't get security updates. Security updates to
stable will typically be to older versions of software than what
On Mon, Nov 18, 2002 at 07:17:31PM +0100, Andrea Frigido wrote:
I have just installed kernel-patch-freeswan STABLE package, in the make
menuconfig menu it's possible to enable Blowfish and other additional chifer
kernel modules.
Do you think the unstable package is the better choice however?
On Mon, Nov 18, 2002 at 07:17:31PM +0100, Andrea Frigido wrote:
I have just installed kernel-patch-freeswan STABLE package, in the make
menuconfig menu it's possible to enable Blowfish and other additional chifer
kernel modules.
Do you think the unstable package is the better choice however?
On Thu, Nov 14, 2002 at 03:28:26PM +0800, Patrick Hsieh wrote:
1. apt-get source bind
2. wget the pacth file from www.isc.org
3. apply the patch
4. dpkg-buildpackage
5. dpkg -i bind*.deb
That will conceivably work *now*. However, news of the vulnerability
was announced before the patches
On Wed, Nov 13, 2002 at 11:45:19PM -0500, Mike Dresser wrote:
Any word from the security team on what's going on with potato's bind?
Both potato and woody are vulnerable. Fixes are on there way, but
disclosure of this vulnerability was very badly organized (not by the
security team), and the
On Thu, Nov 14, 2002 at 03:28:26PM +0800, Patrick Hsieh wrote:
1. apt-get source bind
2. wget the pacth file from www.isc.org
3. apply the patch
4. dpkg-buildpackage
5. dpkg -i bind*.deb
That will conceivably work *now*. However, news of the vulnerability
was announced before the patches
On Wed, Nov 13, 2002 at 11:45:19PM -0500, Mike Dresser wrote:
Any word from the security team on what's going on with potato's bind?
Both potato and woody are vulnerable. Fixes are on there way, but
disclosure of this vulnerability was very badly organized (not by the
security team), and the
On Tue, Oct 29, 2002 at 09:35:01AM -0500, Phillip Hofmeister wrote:
Laptop (IPSEC CLient) - WAP - Server (DHCP AND IPSEC Host) - Local
Network. In order to get inside the network you will have to get past
the IPSEC Host, which of course will require a key that has a valid
certificate from the
On Tue, Oct 29, 2002 at 04:12:54PM -0800, Alvin Oga wrote:
i say modifying files is a give away .. that says
come find me which is trivial since its modified
binaries
If they do it right, it's not a giveaway. If they're quick, thorough,
and accurate, they can certainly do it right. On
On Tue, Oct 29, 2002 at 09:35:01AM -0500, Phillip Hofmeister wrote:
Laptop (IPSEC CLient) - WAP - Server (DHCP AND IPSEC Host) - Local
Network. In order to get inside the network you will have to get past
the IPSEC Host, which of course will require a key that has a valid
certificate from the
On Tue, Oct 29, 2002 at 04:12:54PM -0800, Alvin Oga wrote:
i say modifying files is a give away .. that says
come find me which is trivial since its modified
binaries
If they do it right, it's not a giveaway. If they're quick, thorough,
and accurate, they can certainly do it right. On
On Tue, Oct 22, 2002 at 11:36:06PM +0800, Dion Mendel wrote:
Which files do people exclude when using integrity checkers
(e.g. aide/tripwire etc)?
I don't typically exclude many files, but I often limit the changes that
tripwire notifies me about. For example, if one of my users changes
their
On Tue, Oct 22, 2002 at 11:36:06PM +0800, Dion Mendel wrote:
Which files do people exclude when using integrity checkers
(e.g. aide/tripwire etc)?
I don't typically exclude many files, but I often limit the changes that
tripwire notifies me about. For example, if one of my users changes
their
On Fri, Oct 18, 2002 at 12:41:37PM -0700, Chris Majewski wrote:
Now, we're looking to upgrade the Linux on these thin clients. I like
Debian, so that's one obvious choice. However, a standard Debian
install (e.g. what I run on my machine) gives us much more than we
need.
Towards
On Fri, Oct 18, 2002 at 12:41:37PM -0700, Chris Majewski wrote:
Now, we're looking to upgrade the Linux on these thin clients. I like
Debian, so that's one obvious choice. However, a standard Debian
install (e.g. what I run on my machine) gives us much more than we
need.
Towards
On Thu, Oct 17, 2002 at 07:15:08PM +0300, Jussi Ekholm wrote:
The same answer as a luser and as a root. What should I deduct from
this? It's just so weird as I'm not running NFS, NIS or any other
thingie that should use this port...
What do you get from:
netstat -ntlp | grep 16001
--
On Thu, Oct 17, 2002 at 07:15:08PM +0300, Jussi Ekholm wrote:
The same answer as a luser and as a root. What should I deduct from
this? It's just so weird as I'm not running NFS, NIS or any other
thingie that should use this port...
What do you get from:
netstat -ntlp | grep 16001
--
1 - 100 of 290 matches
Mail list logo
