Re: your mail

machine was compromised, check for backdoors, modified binaries, etc... Changing passwords may not be enough -- Alberto Gonzalez Iniesta [EMAIL PROTECTED] Give Me Liberty or Give Me Death (Patrick Henry) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble

Re: Mailserver HDD organization

On Sun, Nov 25, 2001 at 11:04:45PM +0100, [EMAIL PROTECTED] wrote: please use qmail, its really the securest MTA you can get. please use postfix, since it's as secure as qmail and has a better license -- Alberto Gonzalez Iniesta | They that give up essential liberty [EMAIL PROTECTED

Re: restricting process limit

effective it'll be on technical mailing lists (which receive mails with dumps, kernel confs, and other 'strange' content that may appear like anything but a 'normal' mail). -- Alberto Gonzalez Iniesta | BOFH excuse #93: agi@(agi.as|debian.org)| Feature not yet implemented Encrypted mail

Re: password managers

after the file has been written. autocmd BufWritePost,FileWritePost *.gpg,*.asc u autocmd BufWritePost,FileWritePost *.gpg set nobin augroup END --- cut -- Alberto Gonzalez Iniesta | BOFH excuse #399: agi@(agi.as|debian.org)| We are a 100% Microsoft Shop

Re: Virtual Networking between Debian and Microsoft Windows systems

I'll go for IPSec too (freeswan), but maybe PPTP is easier to configure. Have a look at: pptp-linux - PPTP Microsoft Compatible Tunneling Protocol pptpd - PoPToP Point to Point Tunneling Server Client and server for PPTP VPNs. Regards, Alberto -- Alberto Gonzalez Iniesta [EMAIL PROTECTED

Re: your mail

machine was compromised, check for backdoors, modified binaries, etc... Changing passwords may not be enough -- Alberto Gonzalez Iniesta [EMAIL PROTECTED] Give Me Liberty or Give Me Death (Patrick Henry)

Re: Mailserver HDD organization

On Sun, Nov 25, 2001 at 11:04:45PM +0100, [EMAIL PROTECTED] wrote: please use qmail, its really the securest MTA you can get. please use postfix, since it's as secure as qmail and has a better license -- Alberto Gonzalez Iniesta | They that give up essential liberty [EMAIL PROTECTED

Re: restricting process limit

effective it'll be on technical mailing lists (which receive mails with dumps, kernel confs, and other 'strange' content that may appear like anything but a 'normal' mail). -- Alberto Gonzalez Iniesta | BOFH excuse #93: agi@(agi.as|debian.org)| Feature not yet implemented Encrypted mail

Re: password managers

after the file has been written. autocmd BufWritePost,FileWritePost *.gpg,*.asc u autocmd BufWritePost,FileWritePost *.gpg set nobin augroup END --- cut -- Alberto Gonzalez Iniesta | BOFH excuse #399: agi@(agi.as|debian.org)| We are a 100% Microsoft Shop

Re: Plans to deploy openssl-blacklist in Debian? (was: Re: ssh-vulnkey and authorized_keys)

as an official package? Yes, I'll do that as part of the changes required in OpenVPN due to the OpenSSL bug. Coming shortly. -- Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico agi@(inittab.org|debian.org)| en GNU/Linux y software libre Encrypted mail preferred| http

Re: [Pkg-openssl-devel] [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator

On Tue, May 20, 2008 at 04:48:43PM +0200, Christoph Martin wrote: Hi Alberto, Alberto Gonzalez Iniesta schrieb: On Mon, May 19, 2008 at 01:13:46PM +0200, Christoph Martin wrote: The Ubuntu openssl maintainers released a openssl-blacklist equivalent to the openssh-blacklist package

Re: Find installed contrib and non-free packages

the set of currently-installed packages on a Debian-based system, and report all of the packages from the non-free and contrib trees which are currently installed. Regards, Alberto -- Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico agi@(inittab.org|debian.org)| en GNU/Linux

Re: mod_security (was: Apache DDOS with random number request)

]? There is already an ITP bug, but I don't know the current status. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487431 Coming soon (tm) -- Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico agi@(inittab.org|debian.org)| en GNU/Linux y software libre Encrypted mail

Re: Mod-security status in Lenny / New bug...

official Debian packages apart from those on my site. Cheers, Alberto -- Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico agi@(inittab.org|debian.org)| en GNU/Linux y software libre Encrypted mail preferred| http://inittab.com Key fingerprint = 9782 04E7 2B75 405C F5E9

Re: integrity checks and inodes

specify attributes which shall be ignored from the final report (see ignore_list in aide.conf(5)). So can you with tripwire, and probably any other integrity checker. Otherwise they would be quite useless (warning you about any normal file activity). -- Alberto Gonzalez Iniesta| Formación

Re: about bash and Debian Lenny

://ftp.linux.it/pub/People/md/bash/ -- Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico mailto/sip: a...@inittab.org | en GNU/Linux y software libre Encrypted mail preferred| http://inittab.com Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55

Re: OpenVPN DDoS Fix

used to test the package build expired last week (...), new certs have to be generated, which makes the upgrade a bit more messy. Regards, Alberto -- Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico mailto/sip: a...@inittab.org | en GNU/Linux y software libre Encrypted

Re: TLS1.0 and 1.1 with Cyrus (Debian Buster)

setting is only for client programs like Curl. But seeing > that config I tend to think that Buster may have other tweaks against > older protocols like TLSv1.{0,1} and one of them may be impacting my setup. > > Cheers, > > -r > -- Alberto Gonzalez Iniesta| Formación, consulto