Javier Fernández-Sanguino Peña
PD: Packages are available at
http://www.dat.etsit.upm.es/~jfs/debian/ENVIAR and should (hopefully) be
currently available in Debian too.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Sat, Sep 01, 2001 at 12:38:43AM +0100, Christian Jaeger wrote:
I (or I'd be sure my fellow sysadmin) would appreciate a bit more
automation. Maybe really the best thing would be to prepare
everything needed for an upgrade (i.e. receive the security
announcement, parse it, see if it
On Thu, Aug 30, 2001 at 10:57:55PM -0400, Brian P. Flaherty wrote:
It sounds like we have a similar problem. I read all this stuff, If
you don't know what it is, you don't need it. and If you don't need
it, shut it down. One of the things I read said to shut off lpd. I
know there have been
In unstable, check http://packages.debian.org/tiger
Javi
On Fri, Sep 07, 2001 at 01:40:39PM +0200, Gerhard Kroder wrote:
Javier Fernández-Sanguino Peña wrote:
Currently, the patched tiger (an old Unix security tool)
available in Debian
which package? not at testing
On Fri, Sep 07, 2001 at 04:16:17PM +0200, Gerhard Kroder wrote:
Installed an run it and wondered about lots of log messages
afterwards... Will take some time to check them all. Ar the checks made
by tiger deb-policy compliant?
Tiger does not check deb-policy, it's a (rather old)
On Mon, Sep 10, 2001 at 10:22:49AM +0200, Alexander Reelsen wrote:
On Sun, Sep 09, 2001 at 06:31:57PM -0400, hpknight wrote:
inetd also has this feature (not very well documented).
use service@ip in inetd.conf in order to use that feature.
xinetd is nicer, anyway :-)
I went on an
On Sun, Sep 23, 2001 at 06:31:24PM -0700, Nicole Zimmerman wrote:
Forbidden
You don't have permission to access /doc/manuals/securing-debian-howto/ on
this server.
??
Works fine for me, just tried it. Are you sure is not a problem
with your proxy?
Javi
--
To
I am looking into the security policies outlined for package
building, in order to include some notes regarding them in the section
How does Debian handle security in the Securing Debian Manual
(http://www.debian.org/doc/ddp)
For example, I have been recently asked if a
On Mon, Oct 22, 2001 at 09:31:38PM +0200, Christian Kurz wrote:
What does security policies for building a debian package exactly have
to do with securing a debian box? System administrator reading this
document will be interested in tips and howtos on improving the security
on the boxes,
On Wed, Oct 24, 2001 at 10:17:13PM +0200, Patrice Neff wrote:
I believe this would not be reasonable for the Debian distribution,
but you could create a customized and secure Debian version where you
do a source code audit before accepting any package. Or maybe it could
be done with another
On Tue, Oct 23, 2001 at 10:28:02PM +0800, Michael Robinson wrote:
FreeBSD does it for their ports tree. In fact, this has been a matter of
controversy, as the FreeBSD team issues a huge number of security advisories
for software that really has nothing to do with FreeBSD. This has caused
I have been asked for this and I was trying to figure out how to do it
(would document it later on in the Securing-Debian-Manual). So please,
excuse me if you feel this is off-topic.
The problem is, how can an admin restrict remote access from a given user
(through telnet and/or sshd) in order
On Fri, Oct 26, 2001 at 05:25:28PM +0200, Christian Kurz wrote:
That's a wrong assumption. At least RedHat contains a pam_chroot.so
module which can be used in connection with the latest ssh to limit a
user into a chroot. I'm just wondering if that module is packaged
already for debian or
I would be interested only in the chroot patch. Is there any
reason you have not contributed it to openssh? Do you want me to do it?
Best regards
Javi
On Fri, Oct 26, 2001 at 05:24:13PM +0300, Ivan Dimitrov wrote:
recently i've worked on a small patch for openssh that
On Fri, Oct 26, 2001 at 04:35:14PM +0100, Tim Haynes wrote:
Rishi L Khan [EMAIL PROTECTED] writes:
I think the only way to accomplish a chroot IS to include all the files
in the jail that the user needs.
[snip]
Yes. Somehow, if you're going to run something, it needs to be in the jail.
It seems pam_chroot is available at
http://www.kernel.org/pub/linux/libs/pam/pre/modules/
I will try and take a look at it...
Javi
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
I had recently a discussion regarding Debian package signing and
automaticly downloading checking packages signatures (i.e. using
debsig-verify)
However, I see now that the default /etc/dpkg/dpkg.conf ships with
no-debsig by default and users are not currently (correct me if it does)
checking
I have received some very good contributions from individuals
after my call for help (which appeared also on the DWN :) After the
inclusion of those and writting some new sections (regarding DNS limiting,
online/offline references, a new checklist appendix, talks on chroot and
some other
On Fri, Dec 07, 2001 at 01:20:43PM +0200, Juha Jäykkä wrote:
Most false positives are easily dismissed by knowing your setup which
nessus does not. There are a couple of concering cases, though: This
case of lprng: nessus only says it detects an lprng daemon, but NOT
that it cannot tell the
Well, I couldn't run away this year either... I'm giving out a Lecture at
UMEET 2001 today (thursday 19:00 CET) regarding Debian GNU/Linux security.
If anyone is interested in attending/helping go to irc.uninet.edu (#redes).
I will be also at #debian-devel today.
Regards
Javi
How do the Debian Security team currently follow the vulnerabilities posted
upstream? I guess that's easy when the upstream maintainer (or the one that found the
bug) tells Debian's team before posting. But what if somebody posts in bugtraq a
security issue around a software available at
On Thu, Dec 13, 2001 at 08:41:38PM +0100, Wichert Akkerman wrote:
Previously Javier Fern?ndez-Sanguino Pe?a wrote:
I guess a public database could be useful both for
We have a private database (well, a status-file in which we keep track
of things). A public database can't be used since
As I said yesterday I wanted to prepare an answer to the question How much
time does it take for Debian to fix a given bug?. I have made some analysis regarding
vulnerabilities detected and posted in bugtraq and those sent as DSAs. It has taken
some more time than expected since the DSAs
sOn Fri, Dec 14, 2001 at 12:45:41PM +0100, Wichert Akkerman wrote:
Previously Javier Fern?ndez-Sanguino Pe?a wrote:
A note for the Security Team: please add a new tag to the DSA's data:
define-tag bid and define-tag cve that would make it easier to
Half the time we can't do that because
On Fri, Dec 14, 2001 at 10:59:47AM +0100, Wichert Akkerman wrote:
From what I know, this will be supported scheme in the next release.
Well, afaik base is frozen and the current released version of
apt doesn't do that yet..
Of course, I meant next to woody, *not* woody...
On Fri, Dec 14, 2001 at 06:22:03PM -0600, Daniel Rychlik wrote:
How do I stop this from happening. Apparently my bud telented to port 25
and somehow sent mail from my root account. Any suggestions, white papers
or links? Id would like to block the telnet application all together, but I
I was wondering... could someone write a How to build VPN's in
Debian small documentation for inclusion in the Debian Security HOWTO
(http://www.debian.org/doc/ddp) it could make for a nice chapter in there.
Topics to comment about:
- FreeSwan
- CIPE
-
On Mon, Jan 14, 2002 at 01:15:16PM +0100, Wichert Akkerman wrote:
Previously Adam Warner wrote:
Someone with better knowledge of all the facts might want to comment on
the claim that Debian is always the last to fix security holes and the
tag team follow up I've been fighting for months
On Mon, Jan 14, 2002 at 06:16:46PM +0100, Lupe Christoph wrote:
I hope you provide a cleaned-up version. .../msg00257.html is full
of binary crap. And the link .../bin0.bin could be stored
as the PNG file it is supposed to be. The way it is now, I get
a MIME-type of
On Tue, Jan 15, 2002 at 09:23:20AM +0100, Lupe Christoph wrote:
On Monday, 2002-01-14 at 23:20:21 -0400, Peter Cordes wrote:
On Mon, Jan 14, 2002 at 01:25:11PM -0500, Jeremy L. Gaddis wrote:
I recompressed it as a real PNG, and attached it to this mail, for your
viewing pleasure :) PNG
On Mon, Jan 14, 2002 at 07:52:59AM -0700, Stefan Srdic wrote:
I don't have any pratical experience with FreeSWAN at all, however, I have
statically compiled BIND 9 and placed it in a chroot jail on Debian. I
wonder if it would hard to packge a chroot'ed setup of BIND9 once it
completely
On Tue, Jan 15, 2002 at 10:21:00AM +0100, Tarjei wrote:
I recall there being discussion a while back about packaging chroot
bind. I don't know whether or not anything came of it at all. There is
Debian being what it is, are there any reasons why the debian bind
package should not be
That would be great. I will accept patches anytime. Please don't
forget about writting it! (I will keep this mail, just as a reminder :)
Javi
On Mon, Jan 14, 2002 at 10:46:48AM -0500, Noah L. Meyerhans wrote:
I'd happily volunteer to write the whole chapter, but I don't
Right. It should be A report published
Fixed. Thanks
Javi
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
?) and not reproduce it (terrible waste of time and difficult to maintain
up to date).
Anyone?
Javier Fernández-Sanguino Peña
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Wed, Jan 16, 2002 at 04:19:31PM +0100, martin f krafft wrote:
got ya. i'll think about it. deadlines?
None really. However, less than a month would be nice :)
Javi
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
On Wed, Jan 16, 2002 at 07:14:38AM -0800, Alvin Oga wrote:
hi ya
On Wed, 16 Jan 2002, Yotam Rubin wrote:
On Tue, Jan 15, 2002 at 09:04:07PM +0100, Balazs Javor wrote:
Hi,
Recently I've installed some IP logging deamons
(snort, ippl along with logcheck) and I was amazed
On Thu, Jan 17, 2002 at 10:29:59PM -0600, Jor-el wrote:
On Wed, 16 Jan 2002, Javier Fernández-Sanguino Peña wrote:
Both should point to other sites regarding general info (what a firewall is? what
does
netfilter do?) and not reproduce it (terrible waste of time and difficult to
maintain
On Mon, Jan 28, 2002 at 10:44:43AM +0100, Tarjei wrote:
Ok, here's my (standard) suggestion:
Make a system of anotations to the manual. Thous, it's possible to just
cut-n-paste the different mails into the manual and thus make something
that different people can contribute to without
On Mon, Jan 28, 2002 at 05:10:07AM -0800, Alvin Oga wrote:
hi ya
several ways to harden dns... depending on level fo paranoia??
http://www.Linux-Sec.net/Harden/server.gwif.html#DNS
Notes are fine, and I'm already aware of linux-sec.net. I'm
looking, however, into something more
On Wed, Jan 30, 2002 at 06:00:13PM +0100, Gergely Trifonov wrote:
(...)
is your friend:
http://www.linuxdoc.org/HOWTO/Chroot-BIND8-HOWTO.html
this document is really good, but some additional work needs to be done
to get the thing work on debian.
Could you elaborate a little bit
On Thu, Jan 31, 2002 at 11:03:08AM -0700, Stefan Srdic wrote:
Take a look at the Debian Policy Manual, they might discribe system accounts
in there.
AFAIK it does, and so does the Debian Security HOWTO (see
www.debian.org/doc/ddp). This is, a matter of fact in the FAQ section.
On Wed, Feb 06, 2002 at 05:31:23PM +0100, Christian Hammers wrote:
On Wed, Feb 06, 2002 at 05:26:27PM +0100, Ralf Dreibrodt wrote:
Maybe debian developers should make a quick and dirty fix for this,
because (as I can understand) php developers already knows about this
hole and do still
On Mon, Feb 18, 2002 at 09:55:55AM -0500, Moses Moore wrote:
Cristian Ionescu-Idbohrn wrote:
Yes, I would like to do that.
Any good tools you folks would recommand?
'apt-cache search attack'
The Debian security HOWTO outlines some of the tools available in Debian see
On Mon, Feb 18, 2002 at 09:09:09PM +0100, Thomas Seyrat wrote:
And LibWhisker too, maybe (libwhisker-perl in Debian). Nikto's coming
soon.
Great, keep me informed so I update the HOWTO.
About attacks and intrusion detection, idswakeup is a false-positive
generator to
On Tue, Jan 15, 2002 at 01:51:32PM +0100, martin f krafft wrote:
Debian could provide, with only some effort from package
maintainers versions of daemons chrooted to given environments. This
however, might break Policy (IMHO).
how would it break policy?
(sorry, catching up with
On Mon, Mar 11, 2002 at 09:21:45AM -0300, Pedro Zorzenon Neto wrote:
Hi,
Which is the best way to create a POP only account? just change the
last field in /etc/passwd to /bin/false?
No. My 2 cents (of Euro): use a directory for POP authentication
using the appropiate PAM modules,
On Wed, Mar 13, 2002 at 09:31:00AM -0500, [EMAIL PROTECTED] wrote:
(...)
But I'm (currently) a hobbyist, not an admin. Am I off-base here?
If you feel it's a bug file it, if the developer thinks it isn't
you can discuss this based on the bug report.
Javi
--
To
On Wed, Apr 24, 2002 at 11:26:16AM -0400, Andrew Kaplan wrote:
How do I disable RPC. I know the scripts can be removed from init.d But I
know there's a command similar to apt-get remove ??? or something similar.
That removes is completely.
Read
On Wed, Apr 24, 2002 at 01:23:02AM +0200, Luis Gómez Miralles wrote:
Hi,
Simple. Do the init=/bin/sh trick. When you're booted, mount / -o
remount,rw
Then edit /etc/passwd and add this to /etc/passwd:
root2::0:0:root:/root:/bin/bash
This should do the trick :)
If you want more
Culd someone explain why is there a root shell prompt for the
Linux kernel:
Press ENTER to obtain a shell (waits 5 seconds)
This seems something related to the cramfs filesystem (ramdisk)
but I'm not knowledgeable about it. I would like:
1.- an explanation on why this is
On Tue, Apr 30, 2002 at 04:30:58PM +0200, Joerg Jaspert wrote:
Javier Fernández-Sanguino Peña [EMAIL PROTECTED] writes:
2.- someone to step up an explain how to disable this behavior
Dont look at it. Or dont install a system.
Funny. However, the kernel used by the installation
On Tue, Apr 30, 2002 at 05:20:14PM +0200, Eduard Bloch wrote:
(whatever this is for). I was quite surprised when I saw this but a user
has just mailed me asking for an answer on why does Debian woody ships
Dito. Show me a system with such problem after a fresh installation.
I
On Mon, Apr 29, 2002 at 04:26:18PM -0600, Crawford Rainwater wrote:
Folks,
Does anyone know of a Linux based system and network
monitoring program out there? Similar to Tivoli or
HP OpenView, preferably under GPL and free? If so,
links and such would be great.
I have been
On Tue, Apr 30, 2002 at 06:05:27PM +0200, Javier Fernández-Sanguino Peña wrote:
On Tue, Apr 30, 2002 at 05:20:14PM +0200, Eduard Bloch wrote:
(whatever this is for). I was quite surprised when I saw this but a user
has just mailed me asking for an answer on why does Debian woody ships
Ok guys, I promised back in october (after a thread regarding chrooting
users that I started) to take a look at PAM_chroot (currently provided by
RedHat's Linux-PAM). I was up til 4 am yesterday and finally made it:
libpam-chroot-0.6-1_i386.deb - available at
On Tue, Apr 30, 2002 at 07:31:02PM -0400, Michael Stone wrote:
On Tue, Apr 30, 2002 at 03:23:06PM -0600, Erik Andersen wrote:
It is there as part of the installer to make like easier
for those wishing to do things that the installer does not
support by default. It has nothing whatsoever
On Sat, May 11, 2002 at 08:16:28AM +0200, martin f krafft wrote:
also sprach Peter Cordes [EMAIL PROTECTED] [2002.05.11.0155 +0200]:
nope, purge is a possible status too.
since when?
fishbowl:~ dpkg --get-selections | grep purge
fishbowl:~
$ dpkg --get-selections * |grep purge |wc
On Mon, May 06, 2002 at 04:27:53AM -0700, Jeff wrote:
dafr, 2002-May-03 10:52 -0700:
Jeff,
I had this problem initially as well when I reconfigured snort, until I
restarted the service. Quite obvious in retrospect, but when I missed
it initially, I could see others doing the same.
On Mon, Jun 03, 2002 at 04:55:18PM -0400, Derek J. Balling wrote:
At 10:43 PM +0200 6/3/02, Guido Hennecke wrote:
netstat -an | grep port
That command will only tell him yup, it's LISTENING, but won't tell
him WHAT is listening on that port.
It does with the -p switch:
$ netstat -apn
On Wed, Sep 18, 2002 at 04:33:25AM +0700, Jean Christophe ANDRÃ? wrote:
Did you take a look at the Referer of those access?
It might help you to track it down...
That's just might be how they get them in the first place. If you buddy
downloaded the file and then contacted google.com there
On Fri, Sep 20, 2002 at 03:11:38AM -0500, Hunter Peress wrote:
Does anyone have data on how many fixes make it back upstream?
Do you mean Debian security fixes? These are probably (always?)
sent upstream. However, you can see the DSAs and check whether there
are any references to an
On Thu, Sep 26, 2002 at 08:45:56AM -0400, Matt Zimmerman wrote:
Sounds nice. I tried tiger for a short time, but received far too many
notifications about things which were not wrong, for Debian or for many
other systems.
Yes, it needs some improvement yet. Did you try the notify
What might concern you is Spanish law regarding the use/import of
cryptography.
Which law might that be? Last I checked there was none.
Javi
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
BTW, What ever happened to the EU urging citizens to use
cryptography because of ECHELON?
I've doing some research... mainly on www.europa.eu.int. Maybe this
enligtens you:
http://europa.eu.int/ISPO/eif/InternetPoliciesSite/Crime/PublicHearingPresentations/AOL.html
Even there is some debate
On Sun, Oct 13, 2002 at 02:48:15PM +0200, WebMaster wrote:
hi all,
is there a monster bug in nessus for woody?
i scaned a woody server from 2 differents hosts (woody server also)
(...)
it detected a trinoo for linux
The 'trinoo' test in Nessus is (was?) flawed and led to a
Consider this:
$ sudo lsof -ni |grep named
named 3267 root4u IPv4 512 UDP *:32770
named 3267 root 20u IPv4 508 UDP 127.0.0.1:domain
named 3267 root 21u IPv4 509 TCP 127.0.0.1:domain
(LISTEN)
named 3267 root 22u IPv4
On Tue, Oct 15, 2002 at 11:50:10AM +0200, Christian Schuerer-Waldheim wrote:
Hi!
Any ideas on why there is a single UDP port open? My configuration is
pretty simple, no controls configured for the name server and a 'listen-on
port 53' statement in the config file
As I can
On Tue, Oct 15, 2002 at 01:33:38PM +0200, Kjetil Kjernsmo wrote:
Hi everybody!
Now, I have finally configured all the security features that I wanted,
(...)
Well, I don't know if I should be alarmed, I guess the whole reason for
running nessus is to be alarmed, so I am... :-) And it
jOn Tue, Oct 15, 2002 at 02:11:51PM +0200, Kjetil Kjernsmo wrote:
On Tuesday 15 October 2002 13:59, Javier Fernández-Sanguino Peña wrote:
Try to reproduce this behavior. You can launch the attacks
manually using 'nasl name-of-the-script' and trace the mail server to
see
I'm starting to get bored of pople replying nonsense without
tesint it themselves.
On Fri, Oct 18, 2002 at 09:19:01PM +0200, Vasarhelyi asd Daniel wrote:
issue(5) might help some of you about pre-login banner and daemon(s)
banner version.
Banner gets diplayed _after_ successful
On Fri, Oct 18, 2002 at 11:08:52AM -0400, Phillip Hofmeister wrote:
On Fri, 18 Oct 2002 at 03:50:12PM +0200, [EMAIL PROTECTED] wrote:
Why isn't it done by default ?
You would have to ask the maintainer...
Oh! Better: file a bug. No! Wait! It's already done [1]
:-|
On Fri, Oct 18, 2002 at 12:41:37PM -0700, Chris Majewski wrote:
There is obviously more than one solution here, so I'm looking for
recommendations. We care about security; we don't want to run any
services we don't need, etc. Reliability is key, so your uncle's
friend's
On Sat, Oct 19, 2002 at 01:29:40PM +0200, Alexander Neumann wrote:
Hi Jesus,
Jesus Climent wrote:
* Chroot
The linux system call to jail a subtree.
Has to be created and maintained manually.
You can try 'jailtool', if you like:
$ apt-cache show jailtool
[...]
Funny
On Thu, Oct 24, 2002 at 09:22:16PM -0400, Hubert Chan wrote:
Michael == Michael West [EMAIL PROTECTED] writes:
[...]
Michael I would like to ignore this, so I copy the file to:
Michael /etc/tiger/check_accounts.template so that it will no longer be
Michael reported. But it is still
On Wed, Oct 16, 2002 at 11:08:11AM +0200, Massimiliano Mirra wrote:
Am I missing something or should a bug be filed?
I would say a bug needs to be fixed (based on your account of
the issue :) Let the maintainer/security team, take a further look into
this..
Javi
--
To
On Sat, Nov 02, 2002 at 01:18:03PM +, Carlos Sousa wrote:
# pwck -r
user news: directory /var/spool/news does not exist
user uucp: directory /var/spool/uucp does not exist
user majordom: directory /usr/lib/majordomo does not exist
user postgres: directory /var/lib/postgres does not
On Wed, Nov 13, 2002 at 12:31:48AM -0500, Roger Ward wrote:
It is my understanding all of these vulnerabilities exist in the *stock* version of
Bind 8.3.3-REL from ISC.
Have any of these issues been addressed in the current version?
I can't speak for the security team (since I'm not
On Fri, Dec 06, 2002 at 04:18:52AM +, Nick Boyce wrote:
If so, are there any special steps required to integrate such a
download into our Debian Woody system ?
Yes. See below.
Alternatively, I note there are later signature packages in testing
and unstable - can we use those
On Mon, Dec 09, 2002 at 12:32:21AM +, Nick Boyce wrote:
On Sat, Dec 07, 2002 at 02:46:01AM +, Nick Boyce wrote:
I'd suggest maybe a note about V1.8.4 being useless should be added
to http://packages.debian.org/stable/net/snort.html, along with some
advice about getting signature
On Tue, Dec 10, 2002 at 03:39:35PM -0800, Yogesh Sharma wrote:
In my opinion shorewall must be started as soon as network is up.
What does list sugguests ? Is this a security problem ?
Yes this is a security issue, if you take iptables, for example, it is run
in S10. Any firewalling script
On Thu, Dec 12, 2002 at 04:18:17PM -0500, Raymond Wood wrote:
There have been several responses to Yogesh's question, but none
of them provide a clear and straightforward answer.
Ok. Let me try again: this is a security risk.
A gateway firewall _needs_ to be setup the following way:
0.-
On Fri, Dec 13, 2002 at 05:17:09PM +0200, Pavel Minev Penev wrote:
/etc/network/interfaces
pre-up
I know you can do it there. Unfortunately, firewall packages in
debian (even ones I have packaged) do not do this properyl (yet).
Regards
Javi
On Sat, Dec 14, 2002 at 02:27:48PM +0100, Matthias Hentges wrote:
Hello all!
I'm in the process of setting up a dedicated firewall for my home
network. It only runs four services: smtp, snmp, ssh and fwlogwatch.
(...)
but snmpd still listens on port 199/tcp (smux) on my internet IP.
(...)
On Wed, Dec 18, 2002 at 11:42:16AM +0200, Haim Ashkenazi wrote:
Hi
(...)
I thought about 2 solutions so far:
1. putting iptables on all the other computers in the DMZ.
2. connecting this host to another VLAN and set this
configuration on the switch (I have to
On Sat, Jan 04, 2003 at 09:00:45PM +0200, Martynas Domarkas wrote:
Hi, I'm currently trying to use makejail... it does not work very good.
Could you elaborate more on this? I would like to know which issues
have you come up with.
Also, you might want to take a loot at the
On Tue, Jan 07, 2003 at 03:19:17PM -0800, Josh Carroll wrote:
Having failed to find any information about TCP port 6352 via google or
/etc/services, I
figured I'd ask here. I'm seeing an awful lot of dropped packets on this port
recently,
and I'm curious if anyone else has seen this. If so,
On Wed, Feb 05, 2003 at 11:56:42AM -0500, [EMAIL PROTECTED] wrote:
On Wed, Feb 05, 2003 at 11:14:50AM -0500, merk0020 wrote:
Hello I am about to make the Proxy/Firewall on your
www.aboutdebian.com web site. I was wondering how to go about testing
it when finished. I have multiple computers
On Thu, Feb 13, 2003 at 02:59:26PM +, gabe wrote:
(...)
installation / configuration goes wrong. Most importantly there's no
deb package for Nagios which makes me not wanna use it in the first place.
Well... are you sure about that?
For those of you who are not aware of it: Nessus 2.0.0 has been released
just today [1]. I've bugged Joy about this (Bug# 182411) but in order to
make his (and my) life easier I've made new 2.0.0 packages for Nessus (i386
only). Just wanted to drop a note here in case anybody else wants to test
On Tue, Feb 25, 2003 at 12:56:48PM +0100, Luis Gomez wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Great, but how about nessus-plugins?
Your nessusd depends on nessus-plugins = 1.3 , and Sarge provides
nessus-plugins 1.0.something, I think, so nessusd won't install.
Yep.
On Thu, Mar 06, 2003 at 11:17:07AM -0300, Gustavo Franco wrote:
Hi jfs,
Hi there.
What's the relationship between these nessus 2.0 packages and the nessus
2.0.1 packages[1] of Josip Rodin at the experimental release?
These packages are not Josip's :-) (the packages page is
On Fri, Mar 07, 2003 at 11:33:15AM +1000, Andrew Pollock wrote:
Hi,
One of my friends sent me this URL, it's an oldie, and the topic in
general has been discussed before, but this article certainly does raise
some concerns.
Send them this url:
On Sun, Mar 09, 2003 at 04:15:54AM -0800, Adam Lydick wrote:
Before the previous thread turned all that useful energy into waste
heat, the author raised an interesting point:
You obviously did not read the thread.
What support do .debs have for package signing right now?
RTFM AGAIN:
On Fri, Mar 21, 2003 at 02:41:44AM +, Dale Amon wrote:
chkrootkit finds this file:
Searching for suspicious files and dirs, it may take a while...
/usr/lib/tiger/bin/.bintype
which appears to be quite old. Is this just a leftover
from a long ago tiger? It only contains Linux 2.2.17
On Sat, May 24, 2003 at 04:07:18PM +0200, Cristian Ionescu-Idbohrn wrote:
Hi,
(...)
This is the sid distributed package:
,
| Package: iproute
| Maintainer: Juan Cespedes [EMAIL PROTECTED]
| Version: 20010824-9
`
(...)
Does anyone know of any particular reason why the iproute
On Thu, Jun 12, 2003 at 01:18:59AM +0200, Peter Holm wrote:
Hi,
just got an announcement from the mandrake security list.
Could please someone of the people with a deeper knowledge explain, if
the mentioned issues are addressed in one of the stock debian
kernels or if I have to get the
On Tue, Jul 01, 2003 at 04:42:05PM +0200, Lucio wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
(..)
Project Descriptive Name: Astu mdids
Project UNIX Name: astu
Project Description: Multiplatform distributed intrusion detection system
You are aware, of course, that you are
On Thu, Jul 31, 2003 at 06:41:01PM +0200, Thomas Bechtold wrote:
Hi,
I want to install honeyd on my Debian-Box for testing. honeyd[1] isn't in the
Package-tree from Debian so i have to compile it by hand. honeyd needs the
'libdnet'-package[2] to work.
Sorry, not true. Check
On Thu, Jul 31, 2003 at 06:41:01PM +0200, Thomas Bechtold wrote:
Hi,
I want to install honeyd on my Debian-Box for testing. honeyd[1] isn't in the
Package-tree from Debian so i have to compile it by hand. honeyd needs the
'libdnet'-package[2] to work.
Sorry, I forgot to reply to the last
1 - 100 of 403 matches
Mail list logo