On Wed, Apr 02, 2003 at 09:46:52AM +0200, Dariush Pietrzak wrote:
of proportion... Some things in security _have_ to be obscure. Your
password, for example. Or the primes used to generate your PGP private
There's a difference between 'obscure' and 'secret'.
In this context, I'd suggest that
On Tue, Apr 01, 2003 at 09:43:38PM +0200, Dariush Pietrzak wrote:
One reason is security:
it's relatively easy for an intruder to install a kernel module based
rootkit, and then hide her processes, files or connections.
isn't it security-by-obscurity?
No, that's stretching the definition
On Wed, Apr 02, 2003 at 09:46:52AM +0200, Dariush Pietrzak wrote:
of proportion... Some things in security _have_ to be obscure. Your
password, for example. Or the primes used to generate your PGP private
There's a difference between 'obscure' and 'secret'.
In this context, I'd suggest that
On Tue, Apr 01, 2003 at 09:43:38PM +0200, Dariush Pietrzak wrote:
One reason is security:
it's relatively easy for an intruder to install a kernel module based
rootkit, and then hide her processes, files or connections.
isn't it security-by-obscurity?
No, that's stretching the definition
On Sun, Mar 30, 2003 at 05:23:10PM -0500, Robert Brockway wrote:
On Fri, 28 Mar 2003, Hanasaki JiJi wrote:
Working on running a SMTP server inside the firewall that takes incoming
SMTP traffic from outside the firewall. The below rules are not
working. The firewall refuses connections.
On Sun, Mar 30, 2003 at 10:55:42AM -0800, Michael West wrote:
If I have found a bug then I will file a bug report.
My knowledge is imperfect. I thought I would check here first
before filing.
I am getting a report from tiger that squid is listening UDP on a high
On Sun, Mar 30, 2003 at 05:23:10PM -0500, Robert Brockway wrote:
On Fri, 28 Mar 2003, Hanasaki JiJi wrote:
Working on running a SMTP server inside the firewall that takes incoming
SMTP traffic from outside the firewall. The below rules are not
working. The firewall refuses connections.
On Sun, Mar 30, 2003 at 10:55:42AM -0800, Michael West wrote:
If I have found a bug then I will file a bug report.
My knowledge is imperfect. I thought I would check here first
before filing.
I am getting a report from tiger that squid is listening UDP on a high
On Wed, Mar 19, 2003 at 02:35:53PM +0100, Ralf Dreibrodt wrote:
Paul Hampson wrote:
You can effectively chroot php files with:
php_admin_value open_basedir /directory/where/files/are
in the Apache virtual host config. Then:
a) php4 won't let files outside that directory be accessed
On Tue, Feb 25, 2003 at 10:15:15AM +0100, debian-isp wrote:
I am just asking myself how to secure our webserver with a couple of virtual hosts.
Currently we have a large installation of typo3 running. It has a feature called
fileadmin with which you can easily upload files. As it is thereby
On Tue, Feb 25, 2003 at 10:15:15AM +0100, debian-isp wrote:
I am just asking myself how to secure our webserver with a couple of virtual
hosts.
Currently we have a large installation of typo3 running. It has a feature
called
fileadmin with which you can easily upload files. As it is
On Wed, Mar 19, 2003 at 02:35:53PM +0100, Ralf Dreibrodt wrote:
Paul Hampson wrote:
You can effectively chroot php files with:
php_admin_value open_basedir /directory/where/files/are
in the Apache virtual host config. Then:
a) php4 won't let files outside that directory be accessed
On Thu, Aug 01, 2002 at 07:09:28AM +0900, [EMAIL PROTECTED] wrote:
From: Phillip Hofmeister [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date: Wed, 31 Jul 2002 10:49:44 -0400
On Wed, 31 Jul 2002 at 09:25:40PM +0900, [EMAIL PROTECTED] wrote:
Perhaps update-rc.d or rcconf
On Thu, Aug 01, 2002 at 11:58:59AM +0200, Thiemo Nagel wrote:
Paul Hampson wrote:
You mean like maybe assigning different questions different priorities,
and letting the user choose the priority which a question needs to have
before it is asked, with some default assumed otherwise?
Excellent
On Thu, Aug 01, 2002 at 02:31:07PM +0200, Sebastien Chaumat wrote:
Is there any source signing mechanism available in Debian?
There is, in that the MD5 sum of the .orig.tar.gz goes into
the .dsc file.
Not that it would affect this case, since the trojan would have
been in the tar.gz which had
On Fri, Aug 02, 2002 at 07:12:54AM +0900, [EMAIL PROTECTED] wrote:
From: Paul Hampson [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date: Thu, 1 Aug 2002 20:17:10 +1000
On Thu, Aug 01, 2002 at 07:09:28AM +0900, [EMAIL PROTECTED] wrote:
It seems like you could just have
16 matches
Mail list logo
