also sprach Javier Fernández-Sanguino Peña [EMAIL PROTECTED] [2002.01.16.1905 +0100]:
On Wed, Jan 16, 2002 at 04:19:31PM +0100, martin f krafft wrote:
got ya. i'll think about it. deadlines?
None really. However, less than a month would be nice :)
:(
i don't think i can make
also sprach Javier Fernández-Sanguino Peña [EMAIL PROTECTED] [2002.01.15.1316 +0100]:
Debian being what it is, are there any reasons why the debian bind
package should not be chroot as the default instalation?
RTFM. That is:
also sprach Javier Fernández-Sanguino Peña [EMAIL PROTECTED] [2002.01.15.1316
+0100]:
Debian being what it is, are there any reasons why the debian bind
package should not be chroot as the default instalation?
RTFM. That is:
also sprach Angus D Madden [EMAIL PROTECTED] [2002.01.11.0649 +0100]:
agreed. full disk format and reinstall from backup is the only secure
option. unless you are running something like tripwire there is no way
to tell what the intruder did, and even then ...
... if, only if, you have the
also sprach Preben Randhol [EMAIL PROTECTED] [2002.01.11.1543 +0100]:
This is not safe at all if you mean reinstall programs too. You should
reinstall programs from the net/CD distro and update all programs that
has security fixes.
yeah sorry, i meant that actually. reinstall debian from
also sprach Ricardo B [EMAIL PROTECTED] [2002.01.11.1804 +0100]:
There is no need for a rootkit to reboot the machine in order to hide himself.
He can be loaded as a kernel module and then hide all traces of its presence in
the system, by overriding the proper system calls and /proc info.
also sprach Noah L. Meyerhans [EMAIL PROTECTED] [2002.01.11.2240 +0100]:
Oh, it certainly can! knark is a perfect example of a kernel module to
do just this. (knark is Swedish for drugged.) It allows files,
processes, network connections, and network interface promiscuity to be
also sprach éÇÏÒØ âÁÌÕÓÏ× [EMAIL PROTECTED] [2002.01.11.2316 +0100]:
I have run chkrootkit and get
Checking `bindshell'... INFECTED (PORTS: 31337)
What I need to do?
reinstall. no, really! unless this is a non-productive system, in which
case you are free to try to remove it. but once you
also sprach Angus D Madden [EMAIL PROTECTED] [2002.01.11.0649 +0100]:
agreed. full disk format and reinstall from backup is the only secure
option. unless you are running something like tripwire there is no way
to tell what the intruder did, and even then ...
... if, only if, you have the
also sprach Preben Randhol [EMAIL PROTECTED] [2002.01.11.1543 +0100]:
This is not safe at all if you mean reinstall programs too. You should
reinstall programs from the net/CD distro and update all programs that
has security fixes.
yeah sorry, i meant that actually. reinstall debian from .deb
also sprach Ricardo B [EMAIL PROTECTED] [2002.01.11.1804 +0100]:
There is no need for a rootkit to reboot the machine in order to hide
himself.
He can be loaded as a kernel module and then hide all traces of its presence
in
the system, by overriding the proper system calls and /proc info.
also sprach Noah L. Meyerhans [EMAIL PROTECTED] [2002.01.11.2240 +0100]:
Oh, it certainly can! knark is a perfect example of a kernel module to
do just this. (knark is Swedish for drugged.) It allows files,
processes, network connections, and network interface promiscuity to be
*completely*
also sprach éÇÏÒØ âÁÌÕÓÏ× [EMAIL PROTECTED] [2002.01.11.2316 +0100]:
I have run chkrootkit and get
Checking `bindshell'... INFECTED (PORTS: 31337)
What I need to do?
reinstall. no, really! unless this is a non-productive system, in which
case you are free to try to remove it. but once you
also sprach Alan Aldrich [EMAIL PROTECTED] [2002.01.11.0502 +0100]:
Not sure what all it did, but really played havoc with SSH and some other
networking components and is keeping my aventail authentication server from
honoring socks requests.
Can someone help undo whatever it did or point me
also sprach Alan Aldrich [EMAIL PROTECTED] [2002.01.11.0502 +0100]:
Not sure what all it did, but really played havoc with SSH and some other
networking components and is keeping my aventail authentication server from
honoring socks requests.
Can someone help undo whatever it did or point me
alright, my users don't know how to do shell, and they can't change
passwords. now, i just upgraded to squirrelmail (upgraded because i had
IMP before, barf!), which has a plugin to change the password. it's TLS
encrypted, so not too much of a problem, but in testing out poppassd,
the underlying
also sprach Balazs Javor [EMAIL PROTECTED] [2002.01.09.2130 +0100]:
Recently I've installed some IP logging packages like ippl.
A few days ago a lot of ICMP - destination unreachable - bad port
messages started showing up comming from my DSL router.
are you behind a firewall?
what's the exact
alright, my users don't know how to do shell, and they can't change
passwords. now, i just upgraded to squirrelmail (upgraded because i had
IMP before, barf!), which has a plugin to change the password. it's TLS
encrypted, so not too much of a problem, but in testing out poppassd,
the underlying
also sprach Balazs Javor [EMAIL PROTECTED] [2002.01.09.2130 +0100]:
Recently I've installed some IP logging packages like ippl.
A few days ago a lot of ICMP - destination unreachable - bad port
messages started showing up comming from my DSL router.
are you behind a firewall?
what's the exact
also sprach Micah Anderson [EMAIL PROTECTED] [2002.01.10.0127 +0100]:
Potato has 1.2-14 as its latest for poppasswd... I agree that
v1.8-ceti would be a better solution, especially considering the
security issues you cited. What does it take to get this version into
the security updates? A bug
also sprach Balazs Javor [EMAIL PROTECTED] [2002.01.09.2329 +0100]:
Anyway just in case I misinterpreted something...
I live in Switzerland, and I have a ZyXEL Prestige 642R DSL
router connected to the ADSL line, which performs some NAT and
firewalling. The I connect my PCs through an ethernet
(i have started a thread on this on debian-isp btw.)
also sprach Matthias Juchem [EMAIL PROTECTED] [2002.01.07.0244 +0100]:
There is one problem with this: the module that matches user IDs
can only be used in the OUTPUT chain (as said in the netfilter how-to).
oh man, this sucks!
The big
also sprach Matthias Juchem [EMAIL PROTECTED] [2002.01.07.0244 +0100]:
The big problem are the ssh shell accounts. The user can start almost any
program that listens on a socket. You wouldn't have log files from this
program and you can only account the outgoing traffic with iptables.
well
(i have started a thread on this on debian-isp btw.)
also sprach Matthias Juchem [EMAIL PROTECTED] [2002.01.07.0244 +0100]:
There is one problem with this: the module that matches user IDs
can only be used in the OUTPUT chain (as said in the netfilter how-to).
oh man, this sucks!
The big
also sprach Matthias Juchem [EMAIL PROTECTED] [2002.01.07.0244 +0100]:
The big problem are the ssh shell accounts. The user can start almost any
program that listens on a socket. You wouldn't have log files from this
program and you can only account the outgoing traffic with iptables.
well no,
also sprach Matthias Juchem [EMAIL PROTECTED] [2002.01.06.1914
+0100]:
Does Debian (potato or woody) have tools to account IP traffic per user?
iptables, as others have suggested.
AFAIK, the recommended method of doing this is to create a chain for
every user or group of users that you intend
also sprach Matthias Juchem [EMAIL PROTECTED] [2002.01.06.1914 +0100]:
Does Debian (potato or woody) have tools to account IP traffic per user?
iptables, as others have suggested.
AFAIK, the recommended method of doing this is to create a chain for
every user or group of users that you intend
also sprach P Prince [EMAIL PROTECTED] [2001.12.30.1846 +0100]:
The eaisest and most failsafe way to secure bind is to install djbdns.
you are kidding me, right? the question was how to secure bind. the
asker wasn't in need of other religious beliefs.
while i strongly believe that djb is a real
* William R Ward [EMAIL PROTECTED] [2001.12.04 10:48:19-0800]:
Right; but assumin gone takes care of this kind of issue, is there
anything inherently unsafe about running shell scripts through sudo?
I understand that there are risks of race conditions with setuid shell
scripts, and so they
* Wichert Akkerman [EMAIL PROTECTED] [2001.12.03 00:57:48+0100]:
It filters based on packet content that just happens to be IP
information. Just like the u32 filter, except the syntax is easier.
It still bridges.
i guess you are right. my only problem is that a bridge does MAC/SNAP
and is
* Rens Houben [EMAIL PROTECTED] [2001.12.03 13:02:50+0100]:
Anyways, I've been following this thread and wondering: Is there any
reason why snort would or would not work with a bridge?
snort is a tool that primarily assesses ip, tcp, and application level
protocols. if you run it on a bridge,
* William R Ward [EMAIL PROTECTED] [2001.12.04 10:48:19-0800]:
Right; but assumin gone takes care of this kind of issue, is there
anything inherently unsafe about running shell scripts through sudo?
I understand that there are risks of race conditions with setuid shell
scripts, and so they are
* Wichert Akkerman [EMAIL PROTECTED] [2001.12.03 00:57:48+0100]:
It filters based on packet content that just happens to be IP
information. Just like the u32 filter, except the syntax is easier.
It still bridges.
i guess you are right. my only problem is that a bridge does MAC/SNAP
and is
* Rens Houben [EMAIL PROTECTED] [2001.12.03 13:02:50+0100]:
Anyways, I've been following this thread and wondering: Is there any
reason why snort would or would not work with a bridge?
snort is a tool that primarily assesses ip, tcp, and application level
protocols. if you run it on a bridge,
* William R. Ward [EMAIL PROTECTED] [2001.11.29 18:00:40-0800]:
Question: Is it generally considered secure enough to sudo a bash
script like your sucpaliases? Or should a C equivalent be written
instead?
no. especially not the quick'n'dirty version that alvin posted. i am
not criticizing,
* Wichert Akkerman [EMAIL PROTECTED] [2001.12.02 12:59:38+0100]:
Wrong :). Someone (forgot his name unfortunately) already implemented
this. If you ask on the netfilter list they should be able to point
you to the right patch.
oh my, everyone is misunderstanding my non-important, trivial
* Wichert Akkerman [EMAIL PROTECTED] [2001.12.02 22:30:02+0100]:
Why is a filtering bridge no longer a bridge? It does not route, it
does not change packets, it just selectively does not pass some on.
A broken bridge maybe from a strict standpoint, but still a bridge.
because it's filtering
* William R. Ward [EMAIL PROTECTED] [2001.11.29 18:00:40-0800]:
Question: Is it generally considered secure enough to sudo a bash
script like your sucpaliases? Or should a C equivalent be written
instead?
no. especially not the quick'n'dirty version that alvin posted. i am
not criticizing,
* Wichert Akkerman [EMAIL PROTECTED] [2001.12.02 12:59:38+0100]:
Wrong :). Someone (forgot his name unfortunately) already implemented
this. If you ask on the netfilter list they should be able to point
you to the right patch.
oh my, everyone is misunderstanding my non-important, trivial
* Wichert Akkerman [EMAIL PROTECTED] [2001.12.02 22:30:02+0100]:
Why is a filtering bridge no longer a bridge? It does not route, it
does not change packets, it just selectively does not pass some on.
A broken bridge maybe from a strict standpoint, but still a bridge.
because it's filtering
* Attila Nagy [EMAIL PROTECTED] [2001.11.29 14:30:56+0100]:
a firewall needs to have IP routing capabilities to be able to enforce
rules (same for a packet filter),
?
A proxy firewall doesn't need to have IP routing capabilities (eg.
forwarding packet between interfaces). And a proxy
* Attila Nagy [EMAIL PROTECTED] [2001.11.29 14:30:56+0100]:
a firewall needs to have IP routing capabilities to be able to enforce
rules (same for a packet filter),
?
A proxy firewall doesn't need to have IP routing capabilities (eg.
forwarding packet between interfaces). And a proxy
* Giacomo Mulas [EMAIL PROTECTED] [2001.11.28 18:11:40+0100]:
I've installed a linux bridge with 2.4.14 kernel and the
bridge-utils packages
I am VERY interested, since I administer a transparent firewall
myself. My firewall uses proxy arp (I implemented it in the old
2.2.x kernel +
* Simon Murcott [EMAIL PROTECTED] [2001.11.29 16:31:12+1300]:
One point you are missing is that it is possible using this kind of
configuration to create a firewall where you cannot address any of it's
external interfaces. So how can you do an intrusion attack on a firewall
that you cannot
* Jeremy T. Bouse [EMAIL PROTECTED] [2001.11.28 09:07:53-0800]:
If I'm not mistaken I believe the bridging code runs before
the firewall code so the bridging by-passes the firewall filters
completely... Please if I'm incorrect in this would someone care to
correct me but that is what
okay, so i read the FAQ, they are possible. but they don't make sense.
in fact, i will argue that as soon as you employ netfilter or
ipchains on a linux bridge, you don't have a bridge anymore! you won't
have a packet filter or router either, but it's not going to be a
bridge as it concerns
* Simon Murcott [EMAIL PROTECTED] [2001.11.29 16:31:12+1300]:
One point you are missing is that it is possible using this kind of
configuration to create a firewall where you cannot address any of it's
external interfaces. So how can you do an intrusion attack on a firewall
that you cannot
* op [EMAIL PROTECTED] [2001.11.27 10:23:57+0100]:
I specify the users in /ets/ssh/sshd_config who are allowed to connect via
ssh. But I'd like some more control. I'd like to control which subnets user x
can connect from. Some should be allowed to connect from anywhere but some
should
* Wichert Akkerman [EMAIL PROTECTED] [2001.11.27 12:23:04+0100]:
The @HOST bit may be new in OpenSSH 3 though.
yes. and it can't take a network, so you'd have to enter one entry per
user/machine permutation...
--
martin; (greetings from the heart of the sun.)
\ echo mailto:
* op [EMAIL PROTECTED] [2001.11.27 10:23:57+0100]:
I specify the users in /ets/ssh/sshd_config who are allowed to connect via
ssh. But I'd like some more control. I'd like to control which subnets user x
can connect from. Some should be allowed to connect from anywhere but some
should only
* Wichert Akkerman [EMAIL PROTECTED] [2001.11.27 12:23:04+0100]:
The @HOST bit may be new in OpenSSH 3 though.
yes. and it can't take a network, so you'd have to enter one entry per
user/machine permutation...
--
martin; (greetings from the heart of the sun.)
\ echo mailto:
* Mathias Gygax [EMAIL PROTECTED] [2001.11.18 17:58:46+0100]:
excellent. you know what i did: i just remove the root:0:... line from
/etc/passwd and /etc/shadow. now i can't be root. that must be perfect
security. yeah!
before you shout, think twice. this is READ-only on my system. you
* Mathias Gygax [EMAIL PROTECTED] [2001.11.18 17:58:46+0100]:
excellent. you know what i did: i just remove the root:0:... line from
/etc/passwd and /etc/shadow. now i can't be root. that must be perfect
security. yeah!
before you shout, think twice. this is READ-only on my system. you
* Mathias Gygax [EMAIL PROTECTED] [2001.11.18 17:59:29+0100]:
thanks, you just made me laugh!
you set lamer detector to orange.
alright, so my first step is to scale back and *not* flame. i am sorry
for posting my sarcastic comment.
i shall now try to sum up my points. we have been talking
* Mathias Gygax [EMAIL PROTECTED] [2001.11.16 15:06:54+0100]:
well, i thought this is the definition of root.
no. with LIDS you can protect files and syscalls even from root. in my
setup, root cannot even write to his own home directory.
... which root can change at convenience. this
* Mathias Gygax [EMAIL PROTECTED] [2001.11.16 14:36:30+0100]:
Root is God. Anything you do on the system is potentially visible to
root.
this is, with the right patches applied, not true.
^^
can very fine tune the setup. for a real
* Wade Richards [EMAIL PROTECTED] [2001.11.15 22:17:39-0800]:
This is the sort of absolutist nonsense that gives security experts a
bad name. After all, anyone armed with a chainsaw can cut through a
solid oak door in a matter of hours, so why bother installing a deadbolt
on your door?
get
* Mathias Gygax [EMAIL PROTECTED] [2001.11.16 15:06:54+0100]:
well, i thought this is the definition of root.
no. with LIDS you can protect files and syscalls even from root. in my
setup, root cannot even write to his own home directory.
... which root can change at convenience. this thread
* Mathias Gygax [EMAIL PROTECTED] [2001.11.16 14:36:30+0100]:
Root is God. Anything you do on the system is potentially visible to
root.
this is, with the right patches applied, not true.
^^
can very fine tune the setup. for a real
* Wade Richards [EMAIL PROTECTED] [2001.11.15 22:17:39-0800]:
This is the sort of absolutist nonsense that gives security experts a
bad name. After all, anyone armed with a chainsaw can cut through a
solid oak door in a matter of hours, so why bother installing a deadbolt
on your door?
get a
* Bryan Andersen [EMAIL PROTECTED] [2001.11.15 12:51:01-0600]:
B... Wrong.
If you don't trust root, your hosed. Root can change the app so he
has your keys... Root can also change the tty drivers so they are
all silently logged. There is no way to secure it fully unless you
* Craig Dickson [EMAIL PROTECTED] [2001.11.15 10:28:33-0800]:
Also note that root owns sendmail, or whatever MTA you're using. If he
really wants to read your mail, it would be much easier for him to do it
by configuring the MTA to silently copy him on all your messages, so all
this concern
* Bryan Andersen [EMAIL PROTECTED] [2001.11.15 12:51:01-0600]:
B... Wrong.
If you don't trust root, your hosed. Root can change the app so he
has your keys... Root can also change the tty drivers so they are
all silently logged. There is no way to secure it fully unless you
type
* vdongen [EMAIL PROTECTED] [2001.11.15 19:30:35+0100]:
accualy, root can also read you gpg key.
so a simple copy of you mail and a gpg decoding using your key would be
much easyer
except there is a passphrase! which can be obtained with a hacked
version of mutt or gpg, obviously...
root is
* Bryan Andersen [EMAIL PROTECTED] [2001.11.06 05:23:05-0600]:
Another possibility would be to have them replace the hubs with
switches, this assumes you are using twisted pair, not thin net
or thick net.
which is not secure due to arp flooding.
i'll happily give you a POP3 account over
* Bryan Andersen [EMAIL PROTECTED] [2001.11.06 05:23:05-0600]:
Another possibility would be to have them replace the hubs with
switches, this assumes you are using twisted pair, not thin net
or thick net.
which is not secure due to arp flooding.
i'll happily give you a POP3 account over
* eim [EMAIL PROTECTED] [2001.10.22 12:44:03+0200]:
Is this a good choice ? or should I put another machine in my
Network, between the Gateway and the Servers, which acts as Firewall ?
what's a firewall for you? a packet filter? you can surely install a
packet filter on every box. iptables of
* eim [EMAIL PROTECTED] [2001.10.22 12:44:03+0200]:
Is this a good choice ? or should I put another machine in my
Network, between the Gateway and the Servers, which acts as Firewall ?
what's a firewall for you? a packet filter? you can surely install a
packet filter on every box. iptables of
is stock (non Debian) 2.4.12 now secure or not? i am getting confused.
if it isn't, where can i find patches for it to make it secure?
sorry to be asking so blatantly, but i don't have much time to worry
about my private systems these days. please help.
--
martin; (greetings from
is stock (non Debian) 2.4.12 now secure or not? i am getting confused.
if it isn't, where can i find patches for it to make it secure?
sorry to be asking so blatantly, but i don't have much time to worry
about my private systems these days. please help.
--
martin; (greetings from
* [EMAIL PROTECTED] [EMAIL PROTECTED] [2001.10.18 15:02:19-0400]:
Please let me know also,
because I have been getting empty messages from root too
snort in stable and in testing seems to do this out of the box.
however, the UID *is* weird...
--
martin; (greetings from the heart
* Tom Breza [EMAIL PROTECTED] [2001.10.18 21:26:17+0100]:
but I don't have a snort, and this message I got second times, first time
I benn to busy and just ignore, but that seems to be repeat...
what time? if 6am'ish, then try all you cron.daily scripts by hand and
see which one emails you
* [EMAIL PROTECTED] [EMAIL PROTECTED] [2001.10.18 15:02:19-0400]:
Please let me know also,
because I have been getting empty messages from root too
snort in stable and in testing seems to do this out of the box.
however, the UID *is* weird...
--
martin; (greetings from the heart
* Tom Breza [EMAIL PROTECTED] [2001.10.18 21:26:17+0100]:
but I don't have a snort, and this message I got second times, first time
I benn to busy and just ignore, but that seems to be repeat...
what time? if 6am'ish, then try all you cron.daily scripts by hand and
see which one emails you
* [EMAIL PROTECTED] [EMAIL PROTECTED] [2001.10.04 09:48:08+0600]:
What can I do, if my programm working in a chrooted enviroment
and using filesystem /proc.I use chroot ant mount all /proc filesystem in
chrooting enviroment.
Can I mount part of /proc.
with 2.4.x kernels:
mount --bind
* [EMAIL PROTECTED] [EMAIL PROTECTED] [2001.10.04 09:48:08+0600]:
What can I do, if my programm working in a chrooted enviroment
and using filesystem /proc.I use chroot ant mount all /proc filesystem in
chrooting enviroment.
Can I mount part of /proc.
with 2.4.x kernels:
mount --bind
also sprach Tim Haynes (on Mon, 17 Sep 2001 05:05:27PM +0100):
Unless I'm well mistaken, of course... But I'd never trust a key whose
fingerprint had turned up in public before.
that's a little ridiculous, isn't it, given that i can use my gpg to
view the fingerprint of your public key, which
also sprach Tim Haynes (on Mon, 17 Sep 2001 05:05:27PM +0100):
Unless I'm well mistaken, of course... But I'd never trust a key whose
fingerprint had turned up in public before.
that's a little ridiculous, isn't it, given that i can use my gpg to
view the fingerprint of your public key, which
also sprach Alvin Oga (on Mon, 10 Sep 2001 09:08:51AM -0700):
for the firewall ...
- it should be running a secure linux/bsd distro
and only ipchains
( some might wanna run dns on it too...but...
for the entire thread, not just alvinn
ipchains/iptables is really just
also sprach Alvin Oga (on Mon, 10 Sep 2001 09:08:51AM -0700):
for the firewall ...
- it should be running a secure linux/bsd distro
and only ipchains
( some might wanna run dns on it too...but...
for the entire thread, not just alvinn
ipchains/iptables is really just
also sprach Layne (on Sat, 01 Sep 2001 12:30:54AM -0400):
I'M JUST JOKING .RIGHT. I GOT 80 SPAM MESSAGES YOSTERDAY AND 80
MORE TODAY I DIDN'T SUBSCRIBE TOWHAT GIVES. THIS IS NUTS.
which are clearly my fault, you impersonation of freudian depression.
do me a favor and leave the list
also sprach Layne (on Fri, 31 Aug 2001 11:04:30PM -0400):
MARTIN FONDLES YOUNG BOYS.
which one?
martin; (greetings from the heart of the sun.)
\ echo mailto: !#^.*|tr * mailto:; net@madduck
--
and no one sings me lullabies,
and no one makes me close my eyes,
and so i
also sprach Bud Rogers (on Sat, 01 Sep 2001 07:13:06AM -0500):
I put him in a filter. Every mail I receive from him gets forwarded back to
him and to postmaster and abuse at his ISP. I don't think he'll be around
long.
i think all this started because i auto-reply to micro$oft users,
also sprach Bud Rogers (on Sat, 01 Sep 2001 07:58:12AM -0500):
i think all this started because i auto-reply to micro$oft users,
telling them about www.vcnet.com/bms and www.unix-vs-nt.org and he
didn't like that :)
Martin, you may have set him off but I don't think you're responsible.
also sprach Lupe Christoph (on Sat, 01 Sep 2001 12:40:44PM +0200):
also sprach Layne (on Fri, 31 Aug 2001 11:04:30PM -0400):
MARTIN FONDLES YOUNG BOYS.
which one?
Which Martin or which boy? *-O
boys is plural. so syntactically speaking the one can only refer to
martin. but hey, i agree
also sprach Layne (on Sat, 01 Sep 2001 12:30:54AM -0400):
I'M JUST JOKING .RIGHT. I GOT 80 SPAM MESSAGES YOSTERDAY AND 80
MORE TODAY I DIDN'T SUBSCRIBE TOWHAT GIVES. THIS IS NUTS.
which are clearly my fault, you impersonation of freudian depression.
do me a favor and leave the list
also sprach Layne (on Fri, 31 Aug 2001 11:35:12PM -0400):
WEL I GUESS YOU'RE STILL PRETTY FUCKING CLUELESS. I DON'T WANT ANY MORE OF
YOUR USELESS E-MAIL SENT TO THIS GOT IT?? TAKE THE HINT, TAKE A
CLUE
unsubscribe then, of you superior being!
martin; (greetings from
also sprach Layne (on Fri, 31 Aug 2001 11:04:30PM -0400):
MARTIN FONDLES YOUNG BOYS.
which one?
martin; (greetings from the heart of the sun.)
\ echo mailto: !#^.*|tr * mailto:; [EMAIL PROTECTED]
--
and no one sings me lullabies,
and no one makes me close my eyes,
and so i
also sprach Bud Rogers (on Sat, 01 Sep 2001 07:13:06AM -0500):
I put him in a filter. Every mail I receive from him gets forwarded back to
him and to postmaster and abuse at his ISP. I don't think he'll be around
long.
i think all this started because i auto-reply to micro$oft users,
also sprach Lupe Christoph (on Sat, 01 Sep 2001 12:40:44PM +0200):
also sprach Layne (on Fri, 31 Aug 2001 11:04:30PM -0400):
MARTIN FONDLES YOUNG BOYS.
which one?
Which Martin or which boy? *-O
boys is plural. so syntactically speaking the one can only refer to
martin. but hey, i agree
also sprach Ethan Benson (on Fri, 31 Aug 2001 01:38:45AM -0800):
honest question: whose business is the name of a user who initiated a
connection??? identd is a horrible concept and elicits shrieks among
the security conscious. i do understand that you need it for this and
that, so
also sprach Martin Fluch (on Fri, 31 Aug 2001 01:02:58PM +0300):
Consider the following situation: You admin a computer and some user
tries to atack an other computer from this one. Then the admin of
the attacked computer can tell _you_, from which user the attack was
coming, which helps you.
also sprach Christian Kurz (on Fri, 31 Aug 2001 10:12:31AM +0200):
honest question: whose business is the name of a user who initiated a
connection???
It can be some sort of help if you have a system with lots of users and
complainments about one. Some admins may be able to send you the
also sprach Christian Kurz (on Fri, 31 Aug 2001 10:07:05AM +0200):
I have had a lot of problems running non-Debian software when I
disable ident. It seems like the licensing daemons expect to find
What the hell is a licensing daemon? And which package contains this
software in debian?
also sprach Colin Phipps (on Fri, 31 Aug 2001 11:31:53AM +0100):
Not if configured appropriately. Good identds don't allow reverse ident
scanning anymore.
okay, i must admit i didn't know this...
Agreed, leaking UIDs is serious. Which is why modern identds support returning
crypted uids
also sprach Ethan Benson (on Fri, 31 Aug 2001 01:38:45AM -0800):
honest question: whose business is the name of a user who initiated a
connection??? identd is a horrible concept and elicits shrieks among
the security conscious. i do understand that you need it for this and
that, so install
also sprach Ethan Benson (on Fri, 31 Aug 2001 01:45:29AM -0800):
identd is for the admin RUNNING the identd, not for the admin making
identd requests, if one of your users is abusing someones network in
some way (attempting to send spam, causing trouble on some irc network
etc) the admin of
also sprach Martin Fluch (on Fri, 31 Aug 2001 01:02:58PM +0300):
Consider the following situation: You admin a computer and some user
tries to atack an other computer from this one. Then the admin of
the attacked computer can tell _you_, from which user the attack was
coming, which helps you.
also sprach Christian Kurz (on Fri, 31 Aug 2001 10:12:31AM +0200):
honest question: whose business is the name of a user who initiated a
connection???
It can be some sort of help if you have a system with lots of users and
complainments about one. Some admins may be able to send you the
also sprach Colin Phipps (on Fri, 31 Aug 2001 11:31:53AM +0100):
Not if configured appropriately. Good identds don't allow reverse ident
scanning anymore.
okay, i must admit i didn't know this...
Agreed, leaking UIDs is serious. Which is why modern identds support returning
crypted uids
301 - 400 of 413 matches
Mail list logo