Hello everyone,
I administer a LAN that will soon be moved from private to public IP
space. The LAN is inside a university network and as such in a rather
hostile environment.
At the moment there is a firewall with a public IP doing all the
filtering and a NAT/router box behind this. Now I'm
Hi list,
Do you know about apache security issue?
apache 1.3.29 release announcement is here.
http://www.apache.org/dist/httpd/Announcement.txt
this apache 1.3 release includes security fix.
Apache 1.3.29 Major changes
Security vulnerabilities
* CAN-2003-0542
In article [EMAIL PROTECTED]
[EMAIL PROTECTED] writes:
I administer a LAN that will soon be moved from private to public IP
space. The LAN is inside a university network and as such in a rather
hostile environment.
Another alternative is a proxy-arp firewall. See
http://www.blars.org/sapaf.html
hello,
I have chkrootkit running nightly and mailing results to me - last night it
reported this:
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
Warning: Possible LKM Trojan installed
Checking `sniffer'...
PROMISC mode detected in
Cc: [EMAIL PROTECTED]
Package: apache
Version: 1.3.26-0woody3
Tags: security
Severity: grave
I have checked th full bug list also. It does not appear a bug has
been filed yet. Therefore I have filed a bug with this email. If you
have anything additional to add please wait until it shows up on
two major choices:
1) leave it online recording ALL traffic to and from it
2) take it offline immediately and analyze it there without
remote interference
I'm starting to think it was chkrootkit misreporting what was happening, as
after I rebooted the machine, there are now
a) no
On Wed, 29 Oct 2003 at 02:59:17PM -0500, Michael Bordignon wrote:
I have chkrootkit running nightly and mailing results to me - last night it
reported this:
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
Warning: Possible LKM
On Thu, Oct 30, 2003 at 12:12:27AM +0900, Hideki Yamane wrote:
Do you know about apache security issue?
Yes. According to the Apache maintainers, woody does not require an update.
--
- mdz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
On Wed, Oct 29, 2003 at 09:11:24PM -0500, Phillip Hofmeister wrote:
I think there is a race condition that was discussed before about
rootkit checkers. First it reads in data from the PS command. It then
stores this data in a buffer. Then it reads /proc (or visa-versa, I
forget the order).
Hello everyone,
I administer a LAN that will soon be moved from private to public IP
space. The LAN is inside a university network and as such in a rather
hostile environment.
At the moment there is a firewall with a public IP doing all the
filtering and a NAT/router box behind this. Now I'm
as opposed to a setup with a firewall+router.
With Linux there are few problems with transparent firewalling setup - ie,
normal iptables don't work with such setup to well, you need to use special
bridge-iptables, ebtables IIRC. One drawback to that is that you can't do
everything your'e used to
Hi list,
Do you know about apache security issue?
apache 1.3.29 release announcement is here.
http://www.apache.org/dist/httpd/Announcement.txt
this apache 1.3 release includes security fix.
Apache 1.3.29 Major changes
Security vulnerabilities
* CAN-2003-0542
hello,
I have chkrootkit running nightly and mailing results to me - last night it
reported this:
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
Warning: Possible LKM Trojan installed
Checking `sniffer'...
PROMISC mode detected in
In article [EMAIL PROTECTED]
[EMAIL PROTECTED] writes:
I administer a LAN that will soon be moved from private to public IP
space. The LAN is inside a university network and as such in a rather
hostile environment.
Another alternative is a proxy-arp firewall. See
http://www.blars.org/sapaf.html
Cc: [EMAIL PROTECTED]
Package: apache
Version: 1.3.26-0woody3
Tags: security
Severity: grave
I have checked th full bug list also. It does not appear a bug has
been filed yet. Therefore I have filed a bug with this email. If you
have anything additional to add please wait until it shows up on
two major choices:
1) leave it online recording ALL traffic to and from it
2) take it offline immediately and analyze it there without
remote interference
I'm starting to think it was chkrootkit misreporting what was happening, as
after I rebooted the machine, there are now
a) no
On Wed, 29 Oct 2003 at 02:59:17PM -0500, Michael Bordignon wrote:
I have chkrootkit running nightly and mailing results to me - last night it
reported this:
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
Warning: Possible LKM
17 matches
Mail list logo
