VE.
Kind regards,
Richard van den Berg
1: https://security-tracker.debian.org/tracker/CVE-2023-41105
On Wed, 2 Nov 2022 at 20:41, Adam D. Barratt wrote:
> On Wed, 2022-11-02 at 18:36 +, RL wrote:
> > I think the data on security-tracker.debian.org may be incomplete.
> >
> >
> > For example the following links suggest that grub had a vulnerability
> >that was fixed in: 2.06-3~deb11u1 but
lled on this system?
Kind regards,
Richard
@lists.debian.org
to report a security issues with Debian. This is however just a
discussion mailing list about Debian security. If you wish to report a
serious security issue (which I did not find in your E-mails) you need
to contact the Debian Security Team[2].
Kind regards,
Richard
[1]: https
I've causally/intermittently followed this thread.
There appears to be a problem of definitions and applicability.
Is there a page of definitions for jessie, jessie-updates, stretch,
stretch-updates, stretch-backports, stretch-backports-sloppy, buster,
buster-updates, buster-backports,
On 08/04/2019 02:55 PM, *MORON* GM1 wrote:
RTFM.
Could not be bothered giving useful reply
see rdate is waiting
for when you "strace -p "
--
___
It is better to remain silent and be thought a fool, than to speak
aloud and remove all doubt.
+------+
| Richard Lucassen, Utrecht|
+--+
: crng init done
Downgrading to the previous kernel resolves the problem (normally a few
seconds). One of the consequences is that openntpd (or a program like
rdate) hangs until the crng is initialized.
R.
--
richard lucassen
http://contact.xaq.nl/
d security, and I
regret remembering their bias.
Sorry, I can't tell much more then that. Responses to this post I deem
'friendly' [my post that is, not so friendly responses, I have a thick
skin], might trigger my mind. [or won't]
[/opinoned]
--
Richard W.
The Netherlands
Krzysztof Kokot schreef o
.
--
Richard Waterbeek <richard...@versatel.nl>
Vladislav Kurz schreef op do 10-11-2016 om 10:28 [+0100]:
> On 11/10/16 04:20, Richard Waterbeek wrote:
> > Hi Salvatore, Ozgur,
> >
> > You posted this url; https://www.debian.org/security/2016/dsa-3696
> >
&g
the stable distribution (jessie), these problems have been fixed in
version 3.16.36-1+deb8u2.
We recommend that you upgrade your linux packages.'
--
Richard Waterbeek <richard...@versatel.nl>
Salvatore Bonaccorso schreef op ma 07-11-2016 om 17:09 [+0100]:
> Hi,
>
> On Mon, Nov 07, 2016 a
b2 of the linux package.
Kind regards,
Richard
On 9/23/2016 9:44 PM, Darko Gavrilovic wrote:
I think there is an Apparmor progress page, no?
https://wiki.debian.org/AppArmor/Progress
Quoting above page:
"AppArmor/Progress (last edited 2015-08-14 09:33:50 ..." :<
Just wondering, if you like Fedora/RH SELinux & AppArmor
implementation
On 9/23/2016 12:42 PM, Reed Black wrote:
On Fri, Sep 23, 2016 at 6:42 AM, Jonathan Hutchins
> wrote:
It is difficult for me to rationalize a serious concern for
"security"
with the idea that one should lie back and expect the
Dear Debian security team,
Will there be a DSA written for CVE-2016-5696 [1]? It looks pretty
serious and I'd like to fix this on my systems ASAP.
Kind regards,
Richard van den Berg
[1] https://security-tracker.debian.org/tracker/CVE-2016-5696
1.
https://www.debian.org/doc/manuals/securing-debian-howto/ch-automatic-harden.en.html#s6.2
describes Bastille Linux which is no longer in Debian.
2. Should there be information on AppArmor and SELinux (other
than footnote 66]?
/sqlite-users
--
D. Richard Hipp
d...@sqlite.org
--
To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/CALwJ=Mx+Z-qdnANdBYQoD3urYAie=ibzecmjff9njgsi9hb
.
___
sqlite-users mailing list
sqlite-us...@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
--
D. Richard Hipp
d...@sqlite.org
--
To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org
with a subject
doing the above for you automatically.
Version 3.8.x is not, unfortunately. Until we can get 3.8.x fixed and
get the fix into circulation, I suggest that you deal with this by
manifesting the view manually as shown above.
--
D. Richard Hipp
d...@sqlite.org
--
To UNSUBSCRIBE, email to debian
On 5/28/15, Richard Hipp d...@sqlite.org wrote:
In the meantime, you can work around the problem by manifesting the
view yourself.
Another temporary work-around is to run the following C-langauge API
when the process first starts up (or at any other time prior to
running the query
send that to not create
confusion with bad quoting.
Richard
--
To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/CAD77+gScera29rJpifGzHTruF_LHqosD5E+SMtiqNyRmMT
, I replied to this mail and meant the part above.
I see value in both having this is fixed in suite X and in this is
fixed in those subsets of suite X.
Depending on your layout, you don't really need two different JSON
files, though.
Richard
--
To UNSUBSCRIBE, email to debian-security-tracker
be the defacto place to look for
Debian PGP/GPG keys. It even mentions the finger interface.
-- Richard
x), the change proposed by Joel will cause the
time of the compare to increment when xlen in increased until xlen ==
ylen. If this can be observed with enough precision the same objective
can be achieved.
-- Richard
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
those hashes in a manifest file.
Signatures only sign the manifest file. The manifest itself and the signature
files are not part of the manifest, but are part of the package. So a package
including it's signature(s) is still a single file.
Richard
--
To UNSUBSCRIBE, email to debian-security
of meaningful, but I have been looking for a public
entropy source for my Debian system for quite a while. If you can point me to the Debian equivalent
of pollinate and https://entropy.ubuntu.com/ that would be highly appreciated.
Kind regards,
Richard
--
To UNSUBSCRIBE, email to debian-security-requ
quality entropy on headless (virtual)
Linux systems is a real problem. I merely asked if the Debian project provides something similar, or
hopefully better.
Kind regards,
Richard
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble
not
decrease the overall security of that system.
Kind regards,
Richard
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5377b5dd.8010...@vdberg.org
That is a good idea. The Common Vulnerability Scoring System was invented for
this purpose: http://en.wikipedia.org/wiki/CVSS
Kind regards,
Richard
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
I chose phrasing of subject line to emphasize some peculiarities
of my needs.
End-user emphasizes:
- I am *NOT* an expert
- my system is never intended to be a server
Laptop indicates:
- small standalone system intended to operate primarily
*WITHOUT* any networking
When connected to
Being new to Debian (and *nix generally) I went looking for
information before going online with my new install. I expected
links for guidance at http://www.debian.org/security/faq /or
http://www.debian.org/security . Both seems to be focused on
internals than interaction with outside world.
.
The table of contents looks like what I may need.
I do not intend to run a server. In fact some of my motivation
was to make sure I did not do so unintentionally.
Thank you
On 30/10/13 12:27, Richard Owlett wrote:
Being new to Debian (and *nix generally) I went looking for
information before going
signature. The discussion here is the
signature on the jar file that is read/verified by the jre.
-- Richard
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4dedc154
Thanks a lot for the quick fix. Will bind9 9.7.3.dfsg-1 in stable also be
fixed? I don't see any reports on http://www.debian.org/security/#DSAS and
http://lists.debian.org/debian-security-announce/2013/threads.html
Kind regards,
Richard van den Berg
Please remove me from this email.
Richard Lustick
EchoStar Broadcasting Corporation
UPL- Systems Engineering
Staff DBA
(307) 633-5313
-Original Message-
From: Nico Golde [mailto:n...@debian.org]
Sent: Monday, October 24, 2011 12:17 PM
To: debian-security-annou...@lists.debian.org
unsubscribe
Cordialement, your sincerely,
European Parliament
Richard BEN ALEYA
-Original Message-
From: Moritz Muehlenhoff [mailto:j...@debian.org]
Sent: 20 April 2011 19:16
To: debian-security-annou...@lists.debian.org
Subject: [SECURITY] [DSA -1] tinyproxy security update
will install corrected packages
so I also suspect this an issue with Swale's sytem.
Richard
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
.
In theory, yes. In practice, the very definition of an away notifier means
that they will not be able to do anything about it, any time soon. Thus,
we will still receive their messages.
As re-subscription is easy to do, and even if it is a honest mistake on
their side, it makes sense to boot them.
Richard
replied to will receive
two copies. ;-)
http://www.unicom.com/pw/reply-to-harmful.html vs
http://www.metasystema.net/essays/reply-to.mhtml
is like vim vs emacs :)
Richard
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
.
Richard
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Fri, 30 May 2008, Stephen Gran wrote:
Good luck, and please feel free to tell upstream this was an unhelpful
change.
hrm, I wonder if/when the other (3rd party) dbs will get upgraded:
http_source_urls=
http://www.sanesecurity.com/clamav/phishsigs/phish.ndb.gz
¡Tengo nueva dirección de correo!Ahora puedes escribirme a: [EMAIL PROTECTED]
- RICHARD OPENE
On Mon, 3 Apr 2006, Emmanuel Halbwachs wrote:
For some reasons, the admins didn't configure sendmail the Debian
way and didn't use the queue aging feature in
/etc/mail/sendmail.conf.
- is it mandatory to use /etc/mail/sendmail.conf?
No, not at all
- is there a way to manually configure
On Fri, 24 Mar 2006, Emmanuel Halbwachs wrote:
Emmanuel Halbwachs a ?crit (Fri, Mar 24, 2006 at 06:57:43PM +0100) :
- after the upgrade : in some cases (more on this below), incoming
mail goes to /var/spool/mqueue/daily and is stuck there
OK, the problem was on our side:
or a process possessing the
CAP_LINUX_IMMUTABLE capability can set or clear this attribute.
Is something similar also available for other filing systems?
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
On Wed, 10 Nov 2004, Duncan Simpson wrote:
I can put the rulesets Local_check_* rulesets in the LOCAL_RULESETS in
sendmail.mc and delete the blank ones make sendmail.cf generates
manually but this is suboptimal. Is there a way of writing the
sendmail.mc file so the extra rules in the
Hello,
After upgrading libsasl7, slapd does a segmentation fault and don't
start !!
I had to downgrade libsasl7 to fix it !
Regards,
Jerome.
Le 12 oct. 04, à 14:52, Martin Schulze a écrit :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
In the non-unix world, telnet is still a necessity :(
Yes, I have putty on *my* windows boxen... But there are still
significant numbers of boxes that I use - MVS/VM (z/OS), W2k, etc.
that require me to allow directed telnet to my laptop/workstation.
Just because there is a H2 on the block,
On Sat, 25 Sep 2004, Rick Moen wrote:
Quoting Richard A Nelson ([EMAIL PROTECTED]):
Yes, I have putty on *my* windows boxen... But there are still
significant numbers of boxes that I use - MVS/VM (z/OS)...
OpenSSH works on MVS. See:
http://www.stdnet.com/uploads/media/MOVEit-DMZ
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lorenzo Hernandez Garcia-Hierro wrote:
| Hi John,
|
| El vie, 17-09-2004 a las 19:04, John Richard Moser escribió:
|
|-BEGIN PGP SIGNED MESSAGE-
|Hash: SHA1
|
|
|
|Lorenzo Hernandez Garcia-Hierro wrote:
|| Hi,
||
|
|[...]
|
[...]
|I prefer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lorenzo Hernandez Garcia-Hierro wrote:
[...]
Good, at least you understand that :)
|
|Yes and then the program halts and gets SIGABRT. Do you not know what a
|DoS attack is?
|
|[...]
|
|
| Duty of Shame ?
| OK, leaving the Fun Mode off...
| (here,
-paranoia hat on, the solution is not ideal.
This is important because $s and $c get stored in the cookie.
Why $s? Surely you'll only store $c in the cookie, otherwise there's no
point in encrypting the data.
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key
On Thu, Aug 12, 2004 at 01:56:53PM +0200, Marcel Weber wrote:
Richard Atterer wrote:
This strikes me as a weird solution. What's wrong with setting the
cookie lifetime higher, so that people only need to log in e.g. once a
day? Hmm, presumably the web application is closed-source or un
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have completed an in-house test of a PaX demonstration. The demo
includes the PaX patch; a patch I made to suppliment PaX with boot-time
selection of NX mode; a script `pax-flags` to mark binaries with
chpax/paxctl and execstack (to turn the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've got a chunk of data that can be used for a demo setup over here. I
would like the help of any debian developers that would like to package
up a set of kernels and the scripts that come with this and place them
in a mini-repository, to give the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This post is also being forwarded to debian-kernel, as it contains the
appropriate kernel settings. This is a continuation of the message from
the debian-security and debian-devel lists, archived at
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andres Salomon wrote:
| On Sun, 25 Jul 2004 12:57:29 -0400, John Richard Moser wrote:
|
|
| I'm interested in discussing the viability of PaX on Debian. I'd like
| to discuss the changes to the base system that would be made, the costs
| in terms
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andres Salomon wrote:
| On Mon, 2004-07-26 at 14:37 -0400, John Richard Moser wrote:
|
|-BEGIN PGP SIGNED MESSAGE-
|Hash: SHA1
|
|
|
|Andres Salomon wrote:
|| On Sun, 25 Jul 2004 12:57:29 -0400, John Richard Moser wrote:
||
|
| [...]
|
|Did
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'll do a recapitulation of what has been covered thusfar in this
message. It's a long one, but it'll get us all on the same channel.
John Richard Moser wrote:
| I'm interested in discussing the viability of PaX on Debian. I'd like
| to discuss
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
GOTO Masanori wrote:
| At Mon, 26 Jul 2004 15:38:37 -0400,
| John Richard Moser wrote:
|
[...]
|
|
| Is this VSYSCALL issue? I guess we can backport it without large
| obstacle, but I have no spare time within a few days to work this bug
| because
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm interested in discussing the viability of PaX on Debian. I'd like
to discuss the changes to the base system that would be made, the costs
in terms of overhead and compatibility, the gains in terms of security,
and the mutability (elimination) of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Steve Kemp wrote:
| On Sun, Jul 25, 2004 at 12:57:29PM -0400, John Richard Moser wrote:
|
|
|A PaX protected base would also benefit from Stack Smash Protection,
|which can be done via the gcc patch ProPolice.
|
|
| I have been flirting with SSP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hanasaki wrote:
| what is the relationship between PaX, grsecurity and trustees?
|
PaX is a separate project from grsecurity. The grsecurity developer
finds interest in PaX, and so supplies it with grsecurity.
Dunno about trustees.
| Will the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Steve Kemp wrote:
| On Sun, Jul 25, 2004 at 02:26:15PM -0400, John Richard Moser wrote:
|
|
|| I have been flirting with SSP for months now, but the most recent
|| patches included with GCC do not apply cleanly. Watch for a bug
|| against GCC
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Steve Kemp wrote:
[...]
|Firefox sets off SSP itself on load.
|
|
| When you say 'sets of' do you mean disable? I find that unlikely,
| as it's not the kind of thing that can be disabled when all the
| canary checking code is incorporated into
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
. . . .thunderbird is being weird. It's giving me where should be,
and wehre should be. EH.
Andres Salomon wrote:
| On Sun, 25 Jul 2004 12:57:29 -0400, John Richard Moser wrote:
|
|
| I'm interested in discussing the viability of PaX on Debian
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Russell Coker wrote:
| On Mon, 26 Jul 2004 02:57, John Richard Moser [EMAIL PROTECTED]
wrote:
|
|I'm interested in discussing the viability of PaX on Debian. I'd like
|to discuss the changes to the base system that would be made, the costs
|in terms
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Russell Coker wrote:
| On Mon, 26 Jul 2004 13:48, John Richard Moser [EMAIL PROTECTED]
wrote:
|
|| Before we can even start thinking about PaX on Debian we need to find a
|| maintainer for the kernel patch who will package new versions of the
|| patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Found a problem.
Russell Coker wrote:
| On Mon, 26 Jul 2004 02:57, John Richard Moser [EMAIL PROTECTED]
wrote:
[...]
|
| We have recently discussed this on at least one of the lists you
posted to.
| The end result of the discussion is that GCC
You could also try installing snoopy, which logs all commands executed by
users to auth.log. Then look for unusual commands executed by user
www-data if you suspect insecure PHP scripts etc.
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http
You could also try installing snoopy, which logs all commands executed by
users to auth.log. Then look for unusual commands executed by user
www-data if you suspect insecure PHP scripts etc.
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http
in the From field. If I confirm, the person sending me the
confirmation message will be delivered the spam. If more people did this,
confirmation senders would notice that the system doesn't work.
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net
in the From field. If I confirm, the person sending me the
confirmation message will be delivered the spam. If more people did this,
confirmation senders would notice that the system doesn't work.
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net
, and compare the md5sums.
It doesn't look like the attacker did anything once he was logged in (maybe
he was just scanning the net for open FTP servers), but if any doubt
remains, reinstall from scratch.
Maybe also consider using a different ftpd...
Cheers,
Richard
--
__ _
|_) /| Richard
the GNOME guidelines mentioned there, and
just create your fifo instead of doing the open().
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯
, and compare the md5sums.
It doesn't look like the attacker did anything once he was logged in (maybe
he was just scanning the net for open FTP servers), but if any doubt
remains, reinstall from scratch.
Maybe also consider using a different ftpd...
Cheers,
Richard
--
__ _
|_) /| Richard
can specify any sender address you like.
HTH,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
can specify any sender address you like.
HTH,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯
Is there a way to figure out what program is using a port. For example I
want to know which process is using port 80. How can I do this?
netstat -anp | grep 80
or for listening ports
netstat -anp | grep LIST
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe.
Is there a way to figure out what program is using a port. For example I
want to know which process is using port 80. How can I do this?
netstat -anp | grep 80
or for listening ports
netstat -anp | grep LIST
... but do today's browsers support it?
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
... but do today's browsers support it?
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯
DbWatch- the data
debugger
DBWatch displaysin blue, green and red all SqlServer or
MsAccess records that havebeeninserted,deleted or changed by
your application. Only $89. www.fencel.com.
To unsubscribe, write to:[EMAIL PROTECTED]
Richard Fencel
40 Redberry
Irvine, Ca 92618-3902
DbWatch- the data
debugger
DBWatch displaysin blue, green and red all SqlServer or
MsAccess records that havebeeninserted,deleted or changed by
your application. Only $89. www.fencel.com.
To unsubscribe, write to:[EMAIL PROTECTED]
Richard Fencel
40 Redberry
Irvine, Ca 92618-3902
to the effort required.
Is there a list of such unresolved security problems which is accessible by
people not in the security team? There was talk once about providing such a
list, but AFAICT nothing happened - hmm, or is it the list of
security-tagged bugs?
Cheers,
Richard
to the effort required.
Is there a list of such unresolved security problems which is accessible by
people not in the security team? There was talk once about providing such a
list, but AFAICT nothing happened - hmm, or is it the list of
security-tagged bugs?
Cheers,
Richard
,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
of the 100 LANs would just route
all 10.0.0.0/16 addresses to the central node, and only the central node
would be trusted, so you don't have to mess with CAs etc...
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯
of the 100 LANs would just route
all 10.0.0.0/16 addresses to the central node, and only the central node
would be trusted, so you don't have to mess with CAs etc...
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯
(or other) without OE ?
100 VPN connections isn't /that/ much, I think FreeS/WAN or the 2.6.0 IPSec
should be able to handle it. (Maybe ask the developers to ensure it does.)
PS: Sorry, for my poor english, I'm not a native speaker.
me neither :)
Ditto. :-)
ü,
Richard
(or other) without OE ?
100 VPN connections isn't /that/ much, I think FreeS/WAN or the 2.6.0 IPSec
should be able to handle it. (Maybe ask the developers to ensure it does.)
PS: Sorry, for my poor english, I'm not a native speaker.
me neither :)
Ditto. :-)
ü,
Richard
Also see this page for a useful comparison between AIDE and tripwire:
http://www.fbunet.de/aide.shtml
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
Also see this page for a useful comparison between AIDE and tripwire:
http://www.fbunet.de/aide.shtml
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯
dir). Set up a
default umask which allows global read access and *let* users defeat it! If
they know how to change their umask to something more restrictive, they're
bound to know what they're doing!
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http
LAN is configured to the address 1.2.3.4.
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
dir). Set up a
default umask which allows global read access and *let* users defeat it! If
they know how to change their umask to something more restrictive, they're
bound to know what they're doing!
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http
LAN is configured to the address 1.2.3.4.
Cheers,
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net | 0x888354F7
¯ '` ¯
On Tue, Feb 03, 2004 at 05:38:40AM +0100, Philipp Schulte wrote:
No, with REJECT they would show up as closed. DROP produces filtered.
FWIW, you also need --reject-with tcp-reset to fool nmap.
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net
On Tue, Feb 03, 2004 at 05:38:40AM +0100, Philipp Schulte wrote:
No, with REJECT they would show up as closed. DROP produces filtered.
FWIW, you also need --reject-with tcp-reset to fool nmap.
Richard
--
__ _
|_) /| Richard Atterer | GnuPG key:
| \/¯| http://atterer.net
1 - 100 of 147 matches
Mail list logo