ndead
installer.
HTH,
Lupe Christoph
PS: BTW, just because something is GPLed does not mean it's trustworthy.
--
| Never attribute to malice that which is adequately explained by stupidity. |
| Hanlon's razor |
| Never attribute to
ow if Ubuntu is using the
same , or are they doing the usual, i.e. not follow Debian?
Thanks,
Lupe Christoph
--
| As everyone knows, it was predicted that the world would end last |
| Wednesday at 10:00 PST. Since there appears to be a world in existence |
| now, the entire universe mus
is site have a trusted certificate.
$ telnet -4 -z ssl -z debug security.debian.org 443
Trying 212.211.132.32...
Trying 212.211.132.250...
Trying 195.20.242.89...
telnet: Unable to connect to remote host: Connection refused
I have no IPv6 internet access, so I can't try that.
HTH,
Lupe Christoph
-
manner.
No wonder "The coroner and related PD have not responded'.
Lupe Christoph
--
| As everyone knows, it was predicted that the world would end last |
| Wednesday at 10:00 PST. Since there appears to be a world in existence |
| now, the entire universe must therefore have b
ion to leave oldstable unfixed "Too intrusive
to backport". What?!? The link with that text points to a page that does
nothing to explain the decision.
Lupe Christoph
--
| As everyone knows, it was predicted that the world would end last |
| Wednesday at 10:00 PST. Since there ap
1 2012 /bin/sh - dash
BTW, I wonder why this isn't done with the alternatives system. My guess
is that /bin/sh is so crucial for system operation and especially
update-alternatives that it can't.
Lupe Christoph
--
| The politician's syllogism
;-)
Lupe Christoph
PS: I love how this slides into set theory ;-)
--
| The politician's syllogism:|
| We must do something |
| This is something
...
Lupe Christoph
--
| The politician's syllogism:|
| We must do something |
| This is something |
| Therefore, we must do
of processes to services is hard, so the
best way would probably be to filter the list by known executables and
list the unknowns for the user to restart by hand.
Lupe Christoph
--
| The politician's syllogism:|
| We must do something
no sendmail installation to use for testing, I can't
reproduce the second problem. The sendmail package maintainer will
probably require the submitter to provide details which I can't.
Thank you,
Lupe Christoph
--
| There is no substitute for bad design except worse design. |
| /me
On Tuesday, 2009-08-11 at 10:32:04 +0200, Bernhard R. Link wrote:
* Lupe Christoph l...@lupe-christoph.de [090810 21:13]:
Almost all security holes need to user to do something. (If only to
power up the machine, to install some packages, to connect to the
internet, to give accounts
vulnerability, but allows a user to create it?
Doctor, it hurts when I do this! Don't do it, then.
Lupe Christoph
--
| There is no substitute for bad design except worse design. |
| /me |
--
To UNSUBSCRIBE, email
On Monday, 2009-08-10 at 14:03:44 +0200, Thomas Liske wrote:
#Lupe Christoph wrote:
On Monday, 2009-08-10 at 13:46:38 +0200, Thomas Liske wrote:
last week, there was an article on heise security about MTAs[1] which
relay mails for hosts having a reverse resolution of 'localhost'.
Doing
On Monday, 2009-08-10 at 14:35:06 +0200, Bernhard R. Link wrote:
* Lupe Christoph l...@lupe-christoph.de [090810 13:53]:
On Monday, 2009-08-10 at 13:46:38 +0200, Thomas Liske wrote:
last week, there was an article on heise security about MTAs[1] which
relay mails for hosts having
On Friday, 2009-02-13 at 11:55:54 +0200, Izak Burger wrote:
On Thu, Feb 12, 2009 at 10:37 PM, Lupe Christoph l...@lupe-christoph.de
wrote:
Mode 600 will deny /etc to everybody except root while it will change
nothing for root. If you have any services on your system that run under
non
under /etc, you hose them with any
mode that removes the eXecute bit for others.
So it's not an exploit, it's a Denial of Service. Which I believe *is*
security related...
Lupe Christoph
--
| There is no substitute for bad design except worse design. |
| /me
can do to prevent these kinds of attacks.
So, storing your files in an encrypted filesystem with permissions set
so that only your user (and the superuser) can read the files is no less
secure than storing the files individually encrypted.
HTH,
Lupe Christoph
--
| There is no substitute for bad
On Friday, 2007-08-17 at 11:22:11 +0200, Lupe Christoph wrote:
Failed to fetch
http://security.debian.org/dists/testing/updates/main/binary-i386/Packages.bz2
MD5Sum mismatch
(I have only checked one server for the Release file, so I'm only
assuming that the file is the same on all three
only
assuming that the file is the same on all three servers.)
Is anybody capable of correcting this situation reading this list?
Thank you,
Lupe Christoph
--
| You know we're sitting on four million pounds of fuel, one nuclear |
| weapon and a thing that has 270,000 moving parts built
On Friday, 2007-08-17 at 12:12:38 +0200, Jonas Andradas wrote:
how long have you noticed this mismatch? I mean, an update on the mirror
could be taking place, and the Packages.bz2 file not yet been updated...
On 8/17/07, Lupe Christoph [EMAIL PROTECTED] wrote:
Failed to fetch
http
On Friday, 2007-08-17 at 10:46:32 +, [EMAIL PROTECTED] wrote:
On Fri, Aug 17, 2007 at 12:20:34PM +0200, Lupe Christoph wrote:
I *wish* those updates
were atomic, but they probably arent'.
why not though ?
Because they involve a lot of files. You would have to use two areas
On Tuesday, 2006-12-19 at 08:47:32 +0100, Dariush Pietrzak wrote:
On Mon, Dec 18, 2006 at 04:50:51PM +0100, Lupe Christoph wrote:
when I mean bind mounts. No, they are just an aliasing mechanism.
Nope, they're not:
Well, we are on a Debian mailing list, so I'd assume we talk about
Debian
the result into the chroot. You can use incremental dumps or use
find | cpio for incrementals (which I did).
Of course, you need enough space to keep an encrypted, compressed dump
of all filesystems...
HTH,
Lupe Christoph
--
| You know we're sitting on four million pounds of fuel, one nuclear
[EMAIL PROTECTED]::~$ touch /mnt/bar
[EMAIL PROTECTED]::~$ ls -l /mnt/bar
-rw-r--r-- 1 lupe lupe 0 2006-12-18 16:45 /mnt/bar
No cigar...
Lupe Christoph
PS: Linux loopback mounts *can* be ro.
PPS: It might be possible to mount the same device multiple times with
different options (rw vs. ro). I
of my servers was on his
extortion list. In fact, all IP addresses of that provider were. They
and I refused to pay.
Regarding this bug, it's normal that RBLs are taken down and then
blacklist the entire address space. I've had this happen with my RBL
checker every few months.
Lupe Christoph
OT: There seems to be something strange with your MUA. Look at this
header:
Cc: Lupe Christoph@murphy.debian.org,
[EMAIL PROTECTED]@murphy.debian.org
On Thursday, 2006-11-30 at 12:57:53 +0100, Stefan Fritsch wrote:
The attacks ceased before I noticed, so I was not able to capture
.
CommandBufferSize isn't used, so it couldn't be that in any case.
Lupe Christoph
--
| You know we're sitting on four million pounds of fuel, one nuclear |
| weapon and a thing that has 270,000 moving parts built by the lowest |
| bidder. Makes you feel good, doesn't
a TCP
stream. I would just like to alert people that there is still some
vulnerability in the ProFTPD code that was not fixed by DSA-1218-1.
More if this happens again and I manage to run tcpdump in time.
Lupe Christoph
--
| You know we're sitting on four million pounds of fuel, one nuclear
1. http://www.transip.nl/
2. http://www.transip.nl/
Anybody know what is happening to ClamAV?
Lupe Christoph
- Forwarded message from Cron Daemon [EMAIL PROTECTED] -
From: Cron Daemon [EMAIL PROTECTED
On Monday, 2006-10-09 at 09:57:10 +0200, Evgeni Golov wrote:
On Mon, 9 Oct 2006 09:42:14 +0200 Lupe Christoph wrote:
This morning I found a number of complaints from freshclam in my
mailbox, culminating in the one below. Checking http://www.clamav.net/
revealed that the domain is down
, you may see the interim address longer.
Lupe Christoph
--
| You know we're sitting on four million pounds of fuel, one nuclear |
| weapon and a thing that has 270,000 moving parts built by the lowest |
| bidder. Makes you feel good, doesn't it? |
| Rockhound
Hi!
I still have dependency problems with the sendmail update on Stable.
I only get libsasl2 2.1.19-1.5sarge1 from security.debian.org while
the sendmail-bin package depends on libsasl2 (= 2.1.19.dfsg1).
When can one expect to be able to install the sendmail update?
Thank you,
Lupe Christoph
On Tuesday, 2006-08-29 at 09:06:46 +0200, Lupe Christoph wrote:
I still have dependency problems with the sendmail update on Stable.
I only get libsasl2 2.1.19-1.5sarge1 from security.debian.org while
the sendmail-bin package depends on libsasl2 (= 2.1.19.dfsg1).
When can one expect
Weihnachten auch von mir. Und ein erfolgreiches neues Jahr.
You don't have to pay for reading this...
Jingle, you bells!
Lupe Christoph
--
| You know we're sitting on four million pounds of fuel, one nuclear |
| weapon and a thing that has 270,000 moving parts built by the lowest |
| bidder. Makes
On Monday, 2005-09-05 at 12:35:25 +0200, bernd wrote:
wie angekuendigt. die security-warnung von debian fuer webcalendar
Ich glaube, Du wolltest die wo anders hinschicken...
Lupe Christoph
--
| You know we're sitting on four million pounds of fuel, one nuclear |
| weapon and a thing
than the
regular SuSE releases.
So in essence the announcement says screw you, commercial customers.
Please don't do that. It makes promoting Debian awkward.
Thank you for your attention,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Ask not what your
On Saturday, 2005-07-09 at 10:37:27 +0200, martin f krafft wrote:
also sprach Lupe Christoph [EMAIL PROTECTED] [2005.07.09.1022 +0200]:
The security team will continue to support Debian GNU/Linux 3.0
alias woody until May 2006, or if the security support for the
next release, codenamed
performed on a match, not perform an action if a count is exceeded. That
would need to be done in the script called when a match is found.
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Ask not what your computer can do for you
is the tool supported/packaged?
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Ask not what your computer can do for you |
| ask what you can do for your computer. |
--
To UNSUBSCRIBE
SFBs are too Stoopid(tm) to whitelist important mail servers./rant
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| ... putting a mail server on the Internet without filtering is like |
| covering yourself with barbecue sauce and breaking into the Charity
if I am. :)
You are correct. The files are /usr/bin/htpasswd and
/usr/lib/apache/1.3/mod_include.so. Both are indeed in apache-common.
Otherwise, the apache-perl package might be affected too. Not only
apache-ssl.
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe
Quoting [EMAIL PROTECTED]:
Nur zu Info - und um anzumerken dass uns das nicht betrifft.
Ich moechte noch anmerken, dass uns die Mail auch nicht betrifft :-P
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| ... putting a mail server on the Internet
in SBL/XBL this is a good indication
that the mail is Spam. But there are lots of other better criteria.
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| ... putting a mail server on the Internet without filtering is like |
| covering yourself
for pointing it out!
That's something I *can* comment on: Glad you found it useful. So I hope
to see VuXML being used for Debian as well in the future.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| ... putting a mail server on the Internet without filtering
avoid it. You don't
mention VuXML (http://www.vuxml.org/), so I suppose you did not know it.
Please have a look there.
Thank you,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| ... putting a mail server on the Internet without filtering is like
um!
Danke,
Lupe Christoph
On Thursday, 2004-07-22 at 12:28:59 +0200, ET Support wrote:
Guten Tag,
wir haben Ihre Anfrage erhalten und bearbeiten diese schnellstmoeglich.
Folgende Informationen wurden erfasst:
Bearbeitungs-Nr:14077
Subject:WG
as for any error or
incompleteness in the contents of this e-mail.
Especially given this Stoopid(tm) footer, you should keep your RT mails
off debian-security and any other lists you feed into RT.
Thank you,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de
mail to [EMAIL PROTECTED] to inquire.
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| ... putting a mail server on the Internet without filtering is like |
| covering yourself with barbecue sauce and breaking into the Charity|
| Home for Badgers
mail to [EMAIL PROTECTED] to inquire.
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| ... putting a mail server on the Internet without filtering is like |
| covering yourself with barbecue sauce and breaking into the Charity|
| Home for Badgers
) for
performance monitoring.
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| ... putting a mail server on the Internet without filtering is like |
| covering yourself with barbecue sauce and breaking into the Charity|
| Home for Badgers with Rabies
) for
performance monitoring.
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| ... putting a mail server on the Internet without filtering is like |
| covering yourself with barbecue sauce and breaking into the Charity|
| Home for Badgers with Rabies
do
that, you will need to use
CXX=g++-3.0 GCC=gcc-3.0 dpkg-buildpackage -rfakeroot -us -uc
(Or similar) g++ 2.95 will not do.
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| ... putting a mail server on the Internet without filtering is like
do
that, you will need to use
CXX=g++-3.0 GCC=gcc-3.0 dpkg-buildpackage -rfakeroot -us -uc
(Or similar) g++ 2.95 will not do.
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| ... putting a mail server on the Internet without filtering is like
, the source IP address is set to that of the interface the packet
is sent on.
So you have a weird configuration for sure.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief
On Sunday, 2004-03-21 at 03:17:45 -0800, Brandon High wrote:
On Sun, Mar 21, 2004 at 11:58:00AM +0100, Lupe Christoph wrote:
Can anyone tell me how I can tell the machine which NIC is the primary?
There is no such thing as a primary NIC. Unless a daemon explicitly
binds a socket
, the source IP address is set to that of the interface the packet
is sent on.
So you have a weird configuration for sure.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief
On Sunday, 2004-03-21 at 03:17:45 -0800, Brandon High wrote:
On Sun, Mar 21, 2004 at 11:58:00AM +0100, Lupe Christoph wrote:
Can anyone tell me how I can tell the machine which NIC is the primary?
There is no such thing as a primary NIC. Unless a daemon explicitly
binds a socket
and versatile as AIDE and
Tripwire.
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry Pratchett |
--
To UNSUBSCRIBE, email
and versatile as AIDE and
Tripwire.
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry Pratchett |
directory.
That's why GNU find and xargs have the options -print0 and -0,
respectively. Names in Unixish filesystems can't have NULs in them.
Stoopid(tm) example:
find foo bar -print0 | xargs -0 ls -ld
There, I made the thread even more offtopic! :-O
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED
directory.
That's why GNU find and xargs have the options -print0 and -0,
respectively. Names in Unixish filesystems can't have NULs in them.
Stoopid(tm) example:
find foo bar -print0 | xargs -0 ls -ld
There, I made the thread even more offtopic! :-O
HTH,
Lupe Christoph
--
| [EMAIL PROTECTED
. the packets are taking a quite different path. Maybe U Twente
switched providers?
Also see http://www.debian.org/News/2004/20040202
That's old news. The machine has been reactivated.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort
router. the packets are taking a quite different path. Maybe U Twente
switched providers?
Also see http://www.debian.org/News/2004/20040202
That's old news. The machine has been reactivated.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence
1 0 Jan19 ?00:00:06 [kupdated]
So ps does not give chkrootkit a PID, but /proc has those processes.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry
running 2.4.23.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry Pratchett |
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED
1 0 Jan19 ?00:00:06 [kupdated]
So ps does not give chkrootkit a PID, but /proc has those processes.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry
running 2.4.23.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry Pratchett |
plans: ...
Encrypted and signed database.
They are in the Debian source package. I haven't gotten around to
investigating how they work, though.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze
plans: ...
Encrypted and signed database.
They are in the Debian source package. I haven't gotten around to
investigating how they work, though.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze
to Sarge, configure does not contain this test. The backport to
Sarge fails in a different way, BTW.
I could not find a tripwire*.deb with Google.
Please help!
Thanks,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze
On Tuesday, 2004-01-13 at 13:34:18 +0100, Lupe Christoph wrote:
Has anybody on this list managed to backport the tripwire package to
Woody? I'm running into a strange problem where configure tries to
locate an include file named locale. Yes, without an suffix. I don't
know much C
On Tuesday, 2004-01-13 at 13:34:18 +0100, Lupe Christoph wrote:
Has anybody on this list managed to backport the tripwire package to
Woody? I'm running into a strange problem where configure tries to
locate an include file named locale. Yes, without an suffix. I don't
know much C
to Sarge, configure does not contain this test. The backport to
Sarge fails in a different way, BTW.
I could not find a tripwire*.deb with Google.
Please help!
Thanks,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze
On Tuesday, 2004-01-06 at 18:00:13 +0100, Adrian 'Dagurashibanipal' von Bidder
wrote:
Clinging to sanity, Alexander Neumann mumbled in his beard:
* Lupe Christoph [EMAIL PROTECTED] wrote:
Comparing the DSAs and reading how mutt recognizes a PGP signed message,
I found that only some DSAs
. And I will set it up now. But for
the sake of people like me before I started to investigate this, I still
wanted to ask this question.
Thank you for your patience,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze
. And I will set it up now. But for
the sake of people like me before I started to investigate this, I still
wanted to ask this question.
Thank you for your patience,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze
On Friday, 2003-12-12 at 12:39:49 +0100, Adam ENDRODI wrote:
On Fri, Dec 12, 2003 at 07:46:38AM +0100, Lupe Christoph wrote:
We don't use AIDE exclusively at a client site, but in combination
with Tripwire. We think tripwire is a little more secure becuse it
uses signed databases
On Friday, 2003-12-12 at 12:39:49 +0100, Adam ENDRODI wrote:
On Fri, Dec 12, 2003 at 07:46:38AM +0100, Lupe Christoph wrote:
We don't use AIDE exclusively at a client site, but in combination
with Tripwire. We think tripwire is a little more secure becuse it
uses signed databases
Hello!
We don't use AIDE exclusively at a client site, but in combination
with Tripwire. We think tripwire is a little more secure becuse it
uses signed databases. So we protect aide.db with Tripwire. AIDE is
used for the parts tripwire can't do because of it's limited
configurability.
Here is
support for MD5.
FreeBSD supports MD5 passwords. So it's not non-Linux.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry Pratchett
to change them, so I guess you should know why.
BTW, try running ls as a user when /etc/group and /etc/passwd are 600.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time
support for MD5.
FreeBSD supports MD5 passwords. So it's not non-Linux.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry Pratchett |
to change them, so I guess you should know why.
BTW, try running ls as a user when /etc/group and /etc/passwd are 600.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time
about X/Open and their Unix standards? I'd bet they specify
this in exceeding detail.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry Pratchett
password to the
yppasswordd.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry Pratchett |
--
To UNSUBSCRIBE, email to [EMAIL
about X/Open and their Unix standards? I'd bet they specify
this in exceeding detail.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry Pratchett |
password to the
yppasswordd.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry Pratchett |
, so a Life CD Debian is very handy. I carry a Knoppix with me
at almost any time... And a Debian Stable CD 1.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry
as they are currently in the archives? I would like to
build a new kernel with the vuln patched ASAP, rather than wait for the
upload to reopen.
Thanks,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze
Quoting Thomas Sjögren [EMAIL PROTECTED]:
On Fri, Dec 05, 2003 at 08:08:46AM +0100, Lupe Christoph wrote:
BUT! Does anybody have a patch for the do_brk vuln on any kernel-source
package = 2.4.20 as they are currently in the archives? I would like to
build a new kernel with the vuln patched
and DES uses 56 bit keys. Eight 7 bit chars
give you exactly 56 bits...
I've always wondered if the high bit does indeed make no difference.
Right now, I have only Solaris to try. ... Nope, the high bit is ignored
on Solaris. I'll have to try this at home tonight with Debian and
FreeBSD.
Lupe
as they are currently in the archives? I would like to
build a new kernel with the vuln patched ASAP, rather than wait for the
upload to reopen.
Thanks,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze
, so a Life CD Debian is very handy. I carry a Knoppix with me
at almost any time... And a Debian Stable CD 1.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze |
| Thief of Time, Terry
. ;-)
Thanks!
Lupe Christoph
PS: I'd like to compare these packages to the installed versions. How
can I do that with the least amount of hassle?
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Violence is the resort of the violent Lu Tze
/perl5/Crypt/PasswdMD5.pm which claims to be based on
the implementation found on FreeBSD 2.2.[56]-RELEASE, MD5 passwords
consist of the invariant string '$1$' and the encrypted password encoded
with the alphabet [./a-zA-Z]. This is similar to Base64 encoding, but
uses a different alphabet.
HTH,
Lupe
/perl5/Crypt/PasswdMD5.pm which claims to be based on
the implementation found on FreeBSD 2.2.[56]-RELEASE, MD5 passwords
consist of the invariant string '$1$' and the encrypted password encoded
with the alphabet [./a-zA-Z]. This is similar to Base64 encoding, but
uses a different alphabet.
HTH,
Lupe
, the potential for an ordinary user to exploit this is there.
This allows access to the user the Apache work processes run as. Not
much, but depending on local setup, this can be harmful.
So I believe it should be fixed.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe
, the potential for an ordinary user to exploit this is there.
This allows access to the user the Apache work processes run as. Not
much, but depending on local setup, this can be harmful.
So I believe it should be fixed.
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe
to be
secure out of the box (except for programming errors, as we recently
saw :-( ). So improving Postfix security should be done inside of
Postfix. You may want to you the Postfix mailing list (warning: lots
of traffic!) and ask there.
Lupe Christoph
--
| [EMAIL PROTECTED] | http
to be
secure out of the box (except for programming errors, as we recently
saw :-( ). So improving Postfix security should be done inside of
Postfix. You may want to you the Postfix mailing list (warning: lots
of traffic!) and ask there.
Lupe Christoph
--
| [EMAIL PROTECTED] | http
1 - 100 of 170 matches
Mail list logo