CVE-2023-41105 not fixed in bookworm

VE. Kind regards, Richard van den Berg 1: https://security-tracker.debian.org/tracker/CVE-2023-41105

Re: incorrect version number on security-tracker.debian.org

On Wed, 2 Nov 2022 at 20:41, Adam D. Barratt wrote: > On Wed, 2022-11-02 at 18:36 +, RL wrote: > > I think the data on security-tracker.debian.org may be incomplete. > > > > > > For example the following links suggest that grub had a vulnerability > >that was fixed in: 2.06-3~deb11u1 but

Re: What is the best free HIDS for Debian

lled on this system? Kind regards, Richard

Re: /home/loser is with permissions 755, default umask 0022

@lists.debian.org to report a security issues with Debian. This is however just a discussion mailing list about Debian security. If you wish to report a serious security issue (which I did not find in your E-mails) you need to contact the Debian Security Team[2]. Kind regards, Richard [1]: https

Side issue/question -- {Re: how to deal with widely used packages ...}

I've causally/intermittently followed this thread. There appears to be a problem of definitions and applicability. Is there a page of definitions for jessie, jessie-updates, stretch, stretch-updates, stretch-backports, stretch-backports-sloppy, buster, buster-updates, buster-backports,

Re: Two HDD on Desktop PC

On 08/04/2019 02:55 PM, *MORON* GM1 wrote: RTFM. Could not be bothered giving useful reply

Re: [SECURITY] [DSA 4187-1] linux security update

see rdate is waiting for when you "strace -p " -- ___ It is better to remain silent and be thought a fool, than to speak aloud and remove all doubt. +------+ | Richard Lucassen, Utrecht| +--+

Re: [SECURITY] [DSA 4187-1] linux security update

: crng init done Downgrading to the previous kernel resolves the problem (normally a few seconds). One of the consequences is that openntpd (or a program like rdate) hangs until the crng is initialized. R. -- richard lucassen http://contact.xaq.nl/

Re: ModSecurity Debian 8

d security, and I regret remembering their bias. Sorry, I can't tell much more then that. Responses to this post I deem 'friendly' [my post that is, not so friendly responses, I have a thick skin], might trigger my mind. [or won't] [/opinoned] -- Richard W. The Netherlands Krzysztof Kokot schreef o

Re: vulnerability in 8.6

. -- Richard Waterbeek <richard...@versatel.nl> Vladislav Kurz schreef op do 10-11-2016 om 10:28 [+0100]: > On 11/10/16 04:20, Richard Waterbeek wrote: > > Hi Salvatore, Ozgur, > > > > You posted this url; https://www.debian.org/security/2016/dsa-3696 > > &g

Re: vulnerability in 8.6

the stable distribution (jessie), these problems have been fixed in version 3.16.36-1+deb8u2. We recommend that you upgrade your linux packages.' -- Richard Waterbeek <richard...@versatel.nl> Salvatore Bonaccorso schreef op ma 07-11-2016 om 17:09 [+0100]: > Hi, > > On Mon, Nov 07, 2016 a

Re: vulnerability in 8.6

b2 of the linux package. Kind regards, Richard

Re: Security features in the upcoming release (Stretch)

On 9/23/2016 9:44 PM, Darko Gavrilovic wrote: I think there is an Apparmor progress page, no? https://wiki.debian.org/AppArmor/Progress Quoting above page: "AppArmor/Progress (last edited 2015-08-14 09:33:50 ..." :< Just wondering, if you like Fedora/RH SELinux & AppArmor implementation

Re: Security features in the upcoming release (Stretch)

On 9/23/2016 12:42 PM, Reed Black wrote: On Fri, Sep 23, 2016 at 6:42 AM, Jonathan Hutchins > wrote: It is difficult for me to rationalize a serious concern for "security" with the idea that one should lie back and expect the

DSA for CVE-2016-5696 (off-path blind TCP session attack)

Dear Debian security team, Will there be a DSA written for CVE-2016-5696 [1]? It looks pretty serious and I'd like to fix this on my systems ASAP. Kind regards, Richard van den Berg [1] https://security-tracker.debian.org/tracker/CVE-2016-5696

Problems in https://www.debian.org/doc/manuals/securing-debian-howto

1. https://www.debian.org/doc/manuals/securing-debian-howto/ch-automatic-harden.en.html#s6.2 describes Bastille Linux which is no longer in Debian. 2. Should there be information on AppArmor and SELinux (other than footnote 66]?

Request additional test data. Was: [sqlite] Crippling query plan change between 3.7.13 and 3.8.10.2

/sqlite-users -- D. Richard Hipp d...@sqlite.org -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CALwJ=Mx+Z-qdnANdBYQoD3urYAie=ibzecmjff9njgsi9hb

Re: [sqlite] Crippling query plan change between 3.7.13 and 3.8.10.2

. ___ sqlite-users mailing list sqlite-us...@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users -- D. Richard Hipp d...@sqlite.org -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject

Re: [sqlite] Crippling query plan change between 3.7.13 and 3.8.10.2

doing the above for you automatically. Version 3.8.x is not, unfortunately. Until we can get 3.8.x fixed and get the fix into circulation, I suggest that you deal with this by manifesting the view manually as shown above. -- D. Richard Hipp d...@sqlite.org -- To UNSUBSCRIBE, email to debian

Re: [sqlite] Crippling query plan change between 3.7.13 and 3.8.10.2

On 5/28/15, Richard Hipp d...@sqlite.org wrote: In the meantime, you can work around the problem by manifesting the view yourself. Another temporary work-around is to run the following C-langauge API when the process first starts up (or at any other time prior to running the query

Bug#761859: prototype ready

send that to not create confusion with bad quoting. Richard -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CAD77+gScera29rJpifGzHTruF_LHqosD5E+SMtiqNyRmMT

Bug#761859: prototype ready

, I replied to this mail and meant the part above. I see value in both having this is fixed in suite X and in this is fixed in those subsets of suite X. Depending on your layout, you don't really need two different JSON files, though. Richard -- To UNSUBSCRIBE, email to debian-security-tracker

Re: Unverifiable Signature on Debian Security Advisory Emails

be the defacto place to look for Debian PGP/GPG keys. It even mentions the finger interface. -- Richard

Re: streql - Constant-time string comparison

x), the change proposed by Joel will cause the time of the compare to increment when xlen in increased until xlen == ylen. If this can be observed with enough precision the same objective can be achieved. -- Richard -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org

Re: [Reproducible-builds] concrete steps for improving apt downloading security and privacy

those hashes in a manifest file. Signatures only sign the manifest file. The manifest itself and the signature files are not part of the manifest, but are part of the package. So a package including it's signature(s) is still a single file. Richard -- To UNSUBSCRIBE, email to debian-security

Re: Debians security features in comparison to Ubuntu

of meaningful, but I have been looking for a public entropy source for my Debian system for quite a while. If you can point me to the Debian equivalent of pollinate and https://entropy.ubuntu.com/ that would be highly appreciated. Kind regards, Richard -- To UNSUBSCRIBE, email to debian-security-requ

Re: Debians security features in comparison to Ubuntu

quality entropy on headless (virtual) Linux systems is a real problem. I merely asked if the Debian project provides something similar, or hopefully better. Kind regards, Richard -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble

Re: Debians security features in comparison to Ubuntu

not decrease the overall security of that system. Kind regards, Richard -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5377b5dd.8010...@vdberg.org

Re: goals for hardening Debian: ideas and help wanted

That is a good idea. The Common Vulnerability Scoring System was invented for this purpose: http://en.wikipedia.org/wiki/CVSS Kind regards, Richard -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

End-user laptop firewall available?

I chose phrasing of subject line to emphasize some peculiarities of my needs. End-user emphasizes: - I am *NOT* an expert - my system is never intended to be a server Laptop indicates: - small standalone system intended to operate primarily *WITHOUT* any networking When connected to

Suggestion for http://www.debian.org/security/faq or http://www.debian.org/security/

Being new to Debian (and *nix generally) I went looking for information before going online with my new install. I expected links for guidance at http://www.debian.org/security/faq /or http://www.debian.org/security . Both seems to be focused on internals than interaction with outside world.

Re: Suggestion for http://www.debian.org/security/faq or http://www.debian.org/security/

. The table of contents looks like what I may need. I do not intend to run a server. In fact some of my motivation was to make sure I did not do so unintentionally. Thank you On 30/10/13 12:27, Richard Owlett wrote: Being new to Debian (and *nix generally) I went looking for information before going

Re: process to include upstream jar sig in Debian-generated jar

signature. The discussion here is the signature on the jar file that is read/verified by the jre. -- Richard -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4dedc154

CVE-2013-2266 fix for bind9 in stable?

Thanks a lot for the quick fix. Will bind9 9.7.3.dfsg-1 in stable also be fixed? I don't see any reports on http://www.debian.org/security/#DSAS and http://lists.debian.org/debian-security-announce/2013/threads.html Kind regards, Richard van den Berg

RE: [SECURITY] [DSA 2327-1] libfcgi-perl security-update

Please remove me from this email. Richard Lustick EchoStar Broadcasting Corporation UPL- Systems Engineering Staff DBA (307) 633-5313 -Original Message- From: Nico Golde [mailto:n...@debian.org] Sent: Monday, October 24, 2011 12:17 PM To: debian-security-annou...@lists.debian.org

RE: [SECURITY] [DSA 2222-1] tinyproxy security update

unsubscribe Cordialement, your sincerely, European Parliament Richard BEN ALEYA -Original Message- From: Moritz Muehlenhoff [mailto:j...@debian.org] Sent: 20 April 2011 19:16 To: debian-security-annou...@lists.debian.org Subject: [SECURITY] [DSA -1] tinyproxy security update

Re: [SECURITY] [DSA 1653-1] New Linux 2.6.18 packages fix several vulnerabilities

will install corrected packages so I also suspect this an issue with Swale's sytem. Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: [SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities

. In theory, yes. In practice, the very definition of an away notifier means that they will not be able to do anything about it, any time soon. Thus, we will still receive their messages. As re-subscription is easy to do, and even if it is a honest mistake on their side, it makes sense to boot them. Richard

Re: [SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities

replied to will receive two copies. ;-) http://www.unicom.com/pw/reply-to-harmful.html vs http://www.metasystema.net/essays/reply-to.mhtml is like vim vs emacs :) Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: [SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities

. Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: broken updates just now clamav ....

On Fri, 30 May 2008, Stephen Gran wrote: Good luck, and please feel free to tell upstream this was an unhelpful change. hrm, I wonder if/when the other (3rd party) dbs will get upgraded: http_source_urls= http://www.sanesecurity.com/clamav/phishsigs/phish.ndb.gz

Ihanot received any response in regards the funds transfer Re urgently

¡Tengo nueva dirección de correo!Ahora puedes escribirme a: [EMAIL PROTECTED] - RICHARD OPENE

Re: Problems after sendmail security upgrade

On Mon, 3 Apr 2006, Emmanuel Halbwachs wrote: For some reasons, the admins didn't configure sendmail the Debian way and didn't use the queue aging feature in /etc/mail/sendmail.conf. - is it mandatory to use /etc/mail/sendmail.conf? No, not at all - is there a way to manually configure

Re: Problems after sendmail security upgrade

On Fri, 24 Mar 2006, Emmanuel Halbwachs wrote: Emmanuel Halbwachs a ?crit (Fri, Mar 24, 2006 at 06:57:43PM +0100) : - after the upgrade : in some cases (more on this below), incoming mail goes to /var/spool/mqueue/daily and is stuck there OK, the problem was on our side:

Re: rm files owned by root?

or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute. Is something similar also available for other filing systems? Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7

Re: preserving sendmail configuration security hacks

On Wed, 10 Nov 2004, Duncan Simpson wrote: I can put the rulesets Local_check_* rulesets in the LOCAL_RULESETS in sendmail.mc and delete the blank ones make sendmail.cf generates manually but this is suboptimal. Is there a way of writing the sendmail.mc file so the extra rules in the

Re: [SECURITY] [DSA 563-1] New cyrus-sasl packages fix arbitrary code execution

Hello, After upgrading libsasl7, slapd does a segmentation fault and don't start !! I had to downgrade libsasl7 to fix it ! Regards, Jerome. Le 12 oct. 04, à 14:52, Martin Schulze a écrit : -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 -

Re: telnetd vulnerability from BUGTRAQ

In the non-unix world, telnet is still a necessity :( Yes, I have putty on *my* windows boxen... But there are still significant numbers of boxes that I use - MVS/VM (z/OS), W2k, etc. that require me to allow directed telnet to my laptop/workstation. Just because there is a H2 on the block,

Re: telnetd vulnerability from BUGTRAQ

On Sat, 25 Sep 2004, Rick Moen wrote: Quoting Richard A Nelson ([EMAIL PROTECTED]): Yes, I have putty on *my* windows boxen... But there are still significant numbers of boxes that I use - MVS/VM (z/OS)... OpenSSH works on MVS. See: http://www.stdnet.com/uploads/media/MOVEit-DMZ

Re: Debian Hardened project (question about use of the Debian trademark)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Lorenzo Hernandez Garcia-Hierro wrote: | Hi John, | | El vie, 17-09-2004 a las 19:04, John Richard Moser escribió: | |-BEGIN PGP SIGNED MESSAGE- |Hash: SHA1 | | | |Lorenzo Hernandez Garcia-Hierro wrote: || Hi, || | |[...] | [...] |I prefer

Re: Debian Hardened project (question about use of the Debian trademark)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Lorenzo Hernandez Garcia-Hierro wrote: [...] Good, at least you understand that :) | |Yes and then the program halts and gets SIGABRT. Do you not know what a |DoS attack is? | |[...] | | | Duty of Shame ? | OK, leaving the Fun Mode off... | (here,

Re: [OT] Is calculating an MD5 hash of a Rjindael encrypted block and it's key insecure?

-paranoia hat on, the solution is not ideal. This is important because $s and $c get stored in the cookie. Why $s? Surely you'll only store $c in the cookie, otherwise there's no point in encrypting the data. Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key

Re: [OT] Is calculating an MD5 hash of a Rjindael encrypted block and it's key insecure?

On Thu, Aug 12, 2004 at 01:56:53PM +0200, Marcel Weber wrote: Richard Atterer wrote: This strikes me as a weird solution. What's wrong with setting the cookie lifetime higher, so that people only need to log in e.g. once a day? Hmm, presumably the web application is closed-source or un

PaX demo results, logs, reproduction data

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have completed an in-house test of a PaX demonstration. The demo includes the PaX patch; a patch I made to suppliment PaX with boot-time selection of NX mode; a script `pax-flags` to mark binaries with chpax/paxctl and execstack (to turn the

Re: PaX on Debian (Demo setup)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I've got a chunk of data that can be used for a demo setup over here. I would like the help of any debian developers that would like to package up a set of kernels and the scripts that come with this and place them in a mini-repository, to give the

Re: PaX on Debian (Kernel Settings)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This post is also being forwarded to debian-kernel, as it contains the appropriate kernel settings. This is a continuation of the message from the debian-security and debian-devel lists, archived at

Re: PaX on Debian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andres Salomon wrote: | On Sun, 25 Jul 2004 12:57:29 -0400, John Richard Moser wrote: | | | I'm interested in discussing the viability of PaX on Debian. I'd like | to discuss the changes to the base system that would be made, the costs | in terms

Re: PaX on Debian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andres Salomon wrote: | On Mon, 2004-07-26 at 14:37 -0400, John Richard Moser wrote: | |-BEGIN PGP SIGNED MESSAGE- |Hash: SHA1 | | | |Andres Salomon wrote: || On Sun, 25 Jul 2004 12:57:29 -0400, John Richard Moser wrote: || | | [...] | |Did

Re: PaX on Debian (Recap 1)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'll do a recapitulation of what has been covered thusfar in this message. It's a long one, but it'll get us all on the same channel. John Richard Moser wrote: | I'm interested in discussing the viability of PaX on Debian. I'd like | to discuss

Re: PaX on Debian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 GOTO Masanori wrote: | At Mon, 26 Jul 2004 15:38:37 -0400, | John Richard Moser wrote: | [...] | | | Is this VSYSCALL issue? I guess we can backport it without large | obstacle, but I have no spare time within a few days to work this bug | because

PaX on Debian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'm interested in discussing the viability of PaX on Debian. I'd like to discuss the changes to the base system that would be made, the costs in terms of overhead and compatibility, the gains in terms of security, and the mutability (elimination) of

Re: PaX on Debian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Steve Kemp wrote: | On Sun, Jul 25, 2004 at 12:57:29PM -0400, John Richard Moser wrote: | | |A PaX protected base would also benefit from Stack Smash Protection, |which can be done via the gcc patch ProPolice. | | | I have been flirting with SSP

Re: PaX security and kernel-patch-grsecurity2 and trustees

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hanasaki wrote: | what is the relationship between PaX, grsecurity and trustees? | PaX is a separate project from grsecurity. The grsecurity developer finds interest in PaX, and so supplies it with grsecurity. Dunno about trustees. | Will the

Re: PaX on Debian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Steve Kemp wrote: | On Sun, Jul 25, 2004 at 02:26:15PM -0400, John Richard Moser wrote: | | || I have been flirting with SSP for months now, but the most recent || patches included with GCC do not apply cleanly. Watch for a bug || against GCC

Re: PaX on Debian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Steve Kemp wrote: [...] |Firefox sets off SSP itself on load. | | | When you say 'sets of' do you mean disable? I find that unlikely, | as it's not the kind of thing that can be disabled when all the | canary checking code is incorporated into

Re: PaX on Debian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 . . . .thunderbird is being weird. It's giving me where should be, and wehre should be. EH. Andres Salomon wrote: | On Sun, 25 Jul 2004 12:57:29 -0400, John Richard Moser wrote: | | | I'm interested in discussing the viability of PaX on Debian

Re: PaX on Debian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Russell Coker wrote: | On Mon, 26 Jul 2004 02:57, John Richard Moser [EMAIL PROTECTED] wrote: | |I'm interested in discussing the viability of PaX on Debian. I'd like |to discuss the changes to the base system that would be made, the costs |in terms

Re: PaX on Debian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Russell Coker wrote: | On Mon, 26 Jul 2004 13:48, John Richard Moser [EMAIL PROTECTED] wrote: | || Before we can even start thinking about PaX on Debian we need to find a || maintainer for the kernel patch who will package new versions of the || patch

Re: PaX on Debian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Found a problem. Russell Coker wrote: | On Mon, 26 Jul 2004 02:57, John Richard Moser [EMAIL PROTECTED] wrote: [...] | | We have recently discussed this on at least one of the lists you posted to. | The end result of the discussion is that GCC

Re: Advice needed, trying to find the vulnerable code on Debian webserver.

You could also try installing snoopy, which logs all commands executed by users to auth.log. Then look for unusual commands executed by user www-data if you suspect insecure PHP scripts etc. Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http

Re: Advice needed, trying to find the vulnerable code on Debian webserver.

You could also try installing snoopy, which logs all commands executed by users to auth.log. Then look for unusual commands executed by user www-data if you suspect insecure PHP scripts etc. Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http

Re: Spam fights

in the From field. If I confirm, the person sending me the confirmation message will be delivered the spam. If more people did this, confirmation senders would notice that the system doesn't work. Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net

Re: Spam fights

in the From field. If I confirm, the person sending me the confirmation message will be delivered the spam. If more people did this, confirmation senders would notice that the system doesn't work. Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net

Re: Non-existent user able to log in??? hacked????

, and compare the md5sums. It doesn't look like the attacker did anything once he was logged in (maybe he was just scanning the net for open FTP servers), but if any doubt remains, reinstall from scratch. Maybe also consider using a different ftpd... Cheers, Richard -- __ _ |_) /| Richard

Re: Secure temporary fifo creation

the GNOME guidelines mentioned there, and just create your fifo instead of doing the open(). Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯

Re: Non-existent user able to log in??? hacked????

, and compare the md5sums. It doesn't look like the attacker did anything once he was logged in (maybe he was just scanning the net for open FTP servers), but if any doubt remains, reinstall from scratch. Maybe also consider using a different ftpd... Cheers, Richard -- __ _ |_) /| Richard

Re: i want to hide return path...

can specify any sender address you like. HTH, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: i want to hide return path...

can specify any sender address you like. HTH, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯

Re: what process is using a port

Is there a way to figure out what program is using a port. For example I want to know which process is using port 80. How can I do this? netstat -anp | grep 80 or for listening ports netstat -anp | grep LIST -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe.

Re: what process is using a port

Is there a way to figure out what program is using a port. For example I want to know which process is using port 80. How can I do this? netstat -anp | grep 80 or for listening ports netstat -anp | grep LIST

Re: name based virtual host and apache-ssl

... but do today's browsers support it? Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: name based virtual host and apache-ssl

... but do today's browsers support it? Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯

See your MS-Access or SQL-Server change in real time - $89

DbWatch- the data debugger DBWatch displaysin blue, green and red all SqlServer or MsAccess records that havebeeninserted,deleted or changed by your application. Only $89. www.fencel.com. To unsubscribe, write to:[EMAIL PROTECTED] Richard Fencel 40 Redberry Irvine, Ca 92618-3902

See your MS-Access or SQL-Server change in real time - $89

DbWatch- the data debugger DBWatch displaysin blue, green and red all SqlServer or MsAccess records that havebeeninserted,deleted or changed by your application. Only $89. www.fencel.com. To unsubscribe, write to:[EMAIL PROTECTED] Richard Fencel 40 Redberry Irvine, Ca 92618-3902

Re: mozilla - the forgotten package?

to the effort required. Is there a list of such unresolved security problems which is accessible by people not in the security team? There was talk once about providing such a list, but AFAICT nothing happened - hmm, or is it the list of security-tagged bugs? Cheers, Richard

Re: mozilla - the forgotten package?

to the effort required. Is there a list of such unresolved security problems which is accessible by people not in the security team? There was talk once about providing such a list, but AFAICT nothing happened - hmm, or is it the list of security-tagged bugs? Cheers, Richard

Re: Big VPN

, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Big VPN

of the 100 LANs would just route all 10.0.0.0/16 addresses to the central node, and only the central node would be trusted, so you don't have to mess with CAs etc... Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7

Re: Big VPN

, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯

Re: Big VPN

of the 100 LANs would just route all 10.0.0.0/16 addresses to the central node, and only the central node would be trusted, so you don't have to mess with CAs etc... Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯

Re: Big VPN

(or other) without OE ? 100 VPN connections isn't /that/ much, I think FreeS/WAN or the 2.6.0 IPSec should be able to handle it. (Maybe ask the developers to ensure it does.) PS: Sorry, for my poor english, I'm not a native speaker. me neither :) Ditto. :-) ü, Richard

Re: Big VPN

(or other) without OE ? 100 VPN connections isn't /that/ much, I think FreeS/WAN or the 2.6.0 IPSec should be able to handle it. (Maybe ask the developers to ensure it does.) PS: Sorry, for my poor english, I'm not a native speaker. me neither :) Ditto. :-) ü, Richard

Re: Tripwire (clone) which would you prefer?

Also see this page for a useful comparison between AIDE and tripwire: http://www.fbunet.de/aide.shtml Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject

Re: Tripwire (clone) which would you prefer?

Also see this page for a useful comparison between AIDE and tripwire: http://www.fbunet.de/aide.shtml Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯

Re: Help! File permissions keep changing...

dir). Set up a default umask which allows global read access and *let* users defeat it! If they know how to change their umask to something more restrictive, they're bound to know what they're doing! Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http

Re: arpwatch and arp packets ...urgent

LAN is configured to the address 1.2.3.4. Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Help! File permissions keep changing...

dir). Set up a default umask which allows global read access and *let* users defeat it! If they know how to change their umask to something more restrictive, they're bound to know what they're doing! Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http

Re: arpwatch and arp packets ...urgent

LAN is configured to the address 1.2.3.4. Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯

Re: Hacked - is it my turn? - interesting

On Tue, Feb 03, 2004 at 05:38:40AM +0100, Philipp Schulte wrote: No, with REJECT they would show up as closed. DROP produces filtered. FWIW, you also need --reject-with tcp-reset to fool nmap. Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net

Re: Hacked - is it my turn? - interesting

On Tue, Feb 03, 2004 at 05:38:40AM +0100, Philipp Schulte wrote: No, with REJECT they would show up as closed. DROP produces filtered. FWIW, you also need --reject-with tcp-reset to fool nmap. Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net

  1   2   >