Re: Mirror Site Security
Cistron has a mirror of non-us and security on ftp.debian.nl Gr, Ivo -Original Message- From: Jan H. van Gils [EMAIL PROTECTED] Date: Wed, 20 Nov 2002 11:41:19 +0100 Subject: Mirror Site Security Hi, Well lets hope that the fire doesn't make and casualties. But the question remains, where is the mirror for security.debain.org ? All the debian related data is mirrored somewhere but the security site can't be found anywhere else ! Is there a reason for this ? Jan With regards Jan H. van Gils Internet web-page http://www.VGNet.NL/ Internet e-mail address [EMAIL PROTECTED] RIPE Whois JHG5-RIPE, 6BONE Whois JHG1-6BONE -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Mirror Site Security
Cistron has a mirror of non-us and security on ftp.debian.nl Gr, Ivo -Original Message- From: Jan H. van Gils [EMAIL PROTECTED] Date: Wed, 20 Nov 2002 11:41:19 +0100 Subject: Mirror Site Security Hi, Well lets hope that the fire doesn't make and casualties. But the question remains, where is the mirror for security.debain.org ? All the debian related data is mirrored somewhere but the security site can't be found anywhere else ! Is there a reason for this ? Jan With regards Jan H. van Gils Internet web-page http://www.VGNet.NL/ Internet e-mail address [EMAIL PROTECTED] RIPE Whois JHG5-RIPE, 6BONE Whois JHG1-6BONE -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [OT] secure, minimal Debian installation for linux-based thin clients?
Towards the end of the Debian installation process, when you're asked whether you want to run tasksel or dselect, you can choose dselect and exit it before installing any packages. If you do that, you're left with a really minimal install. You might be able to base your work on this. since this is the way I usually work and I've tried to build a debian based thin client myself.I can say that woody base contains a lot of packages which you really don't want/need on a thin client. Gr, Ivo van Dongen
Re: ssh banner
Woody host:/home/przemoltelnet 192.168.x.y ssh Trying 192.168.x.y... Connected to 192.168.x.y. Escape character is '^]'. SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1 How can I disable the message ? This banner is needed information for a ssh client connecting to your server, therefor you better not disable it. Greetings, Ivo van Dongen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ssh banner
SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1 Edit sshd_config find the line with something like Banner /etc/issue.net and set # Banner /etc/issue.net killall -9 sshd done Regards afaik /etc/issue.net is intended for telnet and not for ssh. furthermore: $ netcat 0 22 SSH-1.99-OpenSSH_3.4p1 Debian 1:3.4p1-4 $ cat /etc/issue.net Debian GNU/%s testing/unstable %h sshd does not use /etc/issue.net by default: $ grep Banner /etc/ssh/sshd_config #Banner /etc/issue.net Greetings, Ivo van Dongen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ssh banner
Woody host:/home/przemoltelnet 192.168.x.y ssh Trying 192.168.x.y... Connected to 192.168.x.y. Escape character is '^]'. SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1 How can I disable the message ? This banner is needed information for a ssh client connecting to your server, therefor you better not disable it. Greetings, Ivo van Dongen
Re: ssh banner
SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1 Edit sshd_config find the line with something like Banner /etc/issue.net and set # Banner /etc/issue.net killall -9 sshd done Regards afaik /etc/issue.net is intended for telnet and not for ssh. furthermore: $ netcat 0 22 SSH-1.99-OpenSSH_3.4p1 Debian 1:3.4p1-4 $ cat /etc/issue.net Debian GNU/%s testing/unstable %h sshd does not use /etc/issue.net by default: $ grep Banner /etc/ssh/sshd_config #Banner /etc/issue.net Greetings, Ivo van Dongen
Re: Open Ports
I got two open Ports on my Debian-Server and I do not know what they are standing for: Open Port: 56851 Open Port: 57216 try lsof -i | grep 56851 it could help u see what application is listening on that port also netstat -anp as root will tell you what process is using/claiming that port. Greetings, Ivo van Dongen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Open Ports
I got two open Ports on my Debian-Server and I do not know what they are standing for: Open Port: 56851 Open Port: 57216 try lsof -i | grep 56851 it could help u see what application is listening on that port also netstat -anp as root will tell you what process is using/claiming that port. Greetings, Ivo van Dongen
Re: debian-security-announce-$lang@lists?
I think as a German I'm allowed to say this: No English, no security. There will always be bits and pieces available in English only. Making DSAs available in foreign languages will help amateurs without sufficient English skills to keep their systems up to date. It might even help professionals, because although I have no problem with understanding english (and even german if required) reading a email in the Dutch language is less strenuous. For professionals, required reading is debian-security (or whatever foo-security list applies to their system), BUGTRAQ, maybe full-disclosure if you can stand it ;-), and some other mailing lists. Agreed, although it's a lot of emails a day if you are on all 3 mailinglists. Ivo van Dongen [EMAIL PROTECTED]:~$ apt-cache show clue Package: clue Priority: optional
Re: non-us.debian.org is down
Both are on SurfNet in The netherlands, I suppose they went down for a short while or the connection between your ISP and Surf went down. Greetings, Ivo van Dongen -Original Message- From: Ng Fong Chu [EMAIL PROTECTED] Date: Wed, 26 Jun 2002 13:51:06 +0800 Subject: non-us.debian.org is down I am installing Debian but having problem to connect to non-us.debian.org, Pls help. Thanks. Fong Chu - Original Message - From: Jonas Weismüller [EMAIL PROTECTED] To: debian-security@lists.debian.org Sent: Wednesday, June 26, 2002 12:02 PM Subject: Re: security.debian.org is down I can ping it, and I just did an apt-get update which connected fine. Maybe it just came back up. Yes, it came back! Everything fine now ! ;-) Cheers Jonas -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: sources.list for potato
-Original Message- From: Wichert Akkerman [EMAIL PROTECTED] Date: Fri, 21 Jun 2002 16:05:10 +0200 Subject: Re: sources.list for potato Previously Pavel Minev Penev wrote: And there is no deb http://non-us.debian.org/debian-security unstable/updates main contrib non-free , is it? No, and there never will be. There is a very simple and understandable reason, the unstable archive is updated/fixed on the fly. So patches and security bugs are fixed while doing other upgrades. There is absolutely no need for a security line in sources.list Greetings, Ivo van Dongen ISW Systeembeheer -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: netstat output
Do netstat -anp as root instead, it gives process pid and name -Original Message- From: Ryan J Goss [EMAIL PROTECTED] Date: Mon, 10 Jun 2002 12:04:03 -0500 (CDT) Subject: netstat output When I do a netstat -an, how do I properly decipher the output? To me it looks like a lot of ports are listening, is there a way to determine what daemon is running on those ports? --Ryan Goss [EMAIL PROTECTED] Systems Staff Counting in octal is just like counting in decimal--if you don't use your thumbs. -- Tom Lehrer -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Things to watch on my server
Hello ppl, What are some important things to watch on your debian box ? I'm checking logfiles periodically, and run chkrootkit once in a while. Are there any parameters in debian that can be turned on for some more detailed logging ? Also, if you're using some handy 3rd party tools, please let me know. You could run logcheck, which instead of reading the logs mails you entries that are unusual or attempted break ins Greets, Ivo van Dongen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Security Updates Sources
Hello Just a little question : is there a security updates sources for the woody release ? There will be once it becomes the stable release. Greetz, Ivo van Dongen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Security Updates Sources
Hello Just a little question : is there a security updates sources for the woody release ? There will be once it becomes the stable release. Greetz, Ivo van Dongen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: SSH Version mapper scan
-Original Message- From: Pollywog [EMAIL PROTECTED] Date: Sun, 12 May 2002 16:31:55 + Subject: SSH Version mapper scan I just saw this in my logs. Should I be concerned and why is it happening? TIA Unusual System Events =-=-=-=-=-=-=-=-=-=-= May 12 15:59:04 lilypad sshd[3442]: scanned from SOME IP ADDRESS HERE with SSH-1.0-SSH_Version_Mapper. Don't panic. May 12 15:59:04 lilypad sshd[3441]: Did not receive identification string from SOME IP ADDRESS HERE I get this messages on a daily basis, mostly asian based isp's which scan my entire range (62.45.*) for compromisable hosts. Of course my host have been patches for a long time now. I think you should listen to the Don't panic and just sit back and let them scan. I have mailed abuse@ addresses with proof that they are scanning the entire netblock (I have about 18 machine on different subnets of that block) but most isp's don't care about portscans. Greetz, Ivo van Dongen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: SSH Version mapper scan
-Original Message- From: Pollywog [EMAIL PROTECTED] Date: Sun, 12 May 2002 16:31:55 + Subject: SSH Version mapper scan I just saw this in my logs. Should I be concerned and why is it happening? TIA Unusual System Events =-=-=-=-=-=-=-=-=-=-= May 12 15:59:04 lilypad sshd[3442]: scanned from SOME IP ADDRESS HERE with SSH-1.0-SSH_Version_Mapper. Don't panic. May 12 15:59:04 lilypad sshd[3441]: Did not receive identification string from SOME IP ADDRESS HERE I get this messages on a daily basis, mostly asian based isp's which scan my entire range (62.45.*) for compromisable hosts. Of course my host have been patches for a long time now. I think you should listen to the Don't panic and just sit back and let them scan. I have mailed abuse@ addresses with proof that they are scanning the entire netblock (I have about 18 machine on different subnets of that block) but most isp's don't care about portscans. Greetz, Ivo van Dongen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: IPtables and Connection Tracking
Does the connection tracking hold the connections even if the firewall was flushed? If it is so, is it a bug or a feature? did you by chance forget to flush all tables and just flushed by doing iptables -F ??? Gr, Ivo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: IPtables and Connection Tracking
Does the connection tracking hold the connections even if the firewall was flushed? If it is so, is it a bug or a feature? did you by chance forget to flush all tables and just flushed by doing iptables -F ??? Gr, Ivo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Webserver questions: using samba, avoiding cleartext passwords, co-existing with Windows
There is a Explorer-like interface to PuTTY's scp command. Maybe an option. Don't have much experience with this, I personally use some mini-shell-scripts attached to the sendto-menue for uploading. http://www.i-tree.org/ixplorer.htm I tried that program before, but it has issues. It can't for instance cd to a directory above your homedir. A program I usually recommend is winscp. I don't have the URL present here, but I think google has Greetz, Ivo van Dongen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: scp and sftp
I've been playing around with the scp and sftp components of putty and noticed what I consider a security hole. Winscp does the same thing. The user can change to directories above their home. Is there a way to chroot them like you can in an ftp config file? scp is merely a way to use a ssh shell login to up and download a file, it has the same restrictions a ssh session would have. when you login using ssh you can do cd .. too...so I don't see the security problem. I don't see anything in the sshd config files. If you can't, how can I disable the scp functionality? I'm not talking about scp from the linux box. The users don't have shell access so that's not a problem. I'm referring to remote people using a scp client to access my linux machine. You can disable sftp ability by removing the sftp-server program but the scp server part seems to be part of sshd. your users can't connect with the same l/p using ssh? that would be really weird. I did not see anything about this issue on the openssh web site. Anybody got any suggestions? That doesn't surprise me since this is not a bug or strange feature. Greetz, Ivo van Dongen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: scp and sftp
I've been playing around with the scp and sftp components of putty and noticed what I consider a security hole. Winscp does the same thing. The user can change to directories above their home. Is there a way to chroot them like you can in an ftp config file? scp is merely a way to use a ssh shell login to up and download a file, it has the same restrictions a ssh session would have. when you login using ssh you can do cd .. too...so I don't see the security problem. I don't see anything in the sshd config files. If you can't, how can I disable the scp functionality? I'm not talking about scp from the linux box. The users don't have shell access so that's not a problem. I'm referring to remote people using a scp client to access my linux machine. You can disable sftp ability by removing the sftp-server program but the scp server part seems to be part of sshd. your users can't connect with the same l/p using ssh? that would be really weird. I did not see anything about this issue on the openssh web site. Anybody got any suggestions? That doesn't surprise me since this is not a bug or strange feature. Greetz, Ivo van Dongen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: 2.2.18 exploit, and updating the kernel
That's the proper 'debian' way to do it. But if you've already been rooted you'll probably want to start from a fresh install. Download the install floppy images from http://ftp.us.debian.org/debian/dists/woody/main/disks-i386/current/i mages-1.44/ jikes, how oldfashion. If I'm not out of line on this, I would suggest getting netinstall. potato: http://markybobdeb.sourceforge.net/elf/files/netinst-2.2r4.iso woody: http://people.debian.org/~ieure/netinst/releases/20020215/woody_netinst-20020215-i386.iso most machines nowadays have cdrom players. Greetz, Ivo
Re: Encrypted Ethernet ?
VPN, like for instance tinc Greetz, Ivo [EMAIL PROTECTED]:~$ apt-cache show clue Package: clue Priority: optional -Original Message- From: Jaroslaw Tabor [EMAIL PROTECTED] Date: Thu, 21 Feb 2002 11:22:14 +0100 (CET) Subject: Encrypted Ethernet ? Hello! Does someone know, if there is a solution to use Debian (or, in general Linux ) as encryptor for Ethernet ? I'd like to use two computers connected by unsafe ethernet as secure tunnel between two LANs. It means, that such device have to be transparent for all IP traffic (or may be for all Ethernet traffic?). regards Jarek Tabor -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Emulate real ip's to access intranet hosts from outside
-Original Message- From: Ramon Acedo [EMAIL PROTECTED] Date: Sun, 10 Feb 2002 23:39:20 +0100 Subject: Emulate real ip's to access intranet hosts from outside ---snip- I just want that when someone try to access to host1.mydomain.net from the internet my firewall (and dns server) forward the request to host1.local which has the private ip 192.168.1.20. With what service? ssh? or webservice? or what? I've looking for that in the DNS Howto's but haven't found a solution. I've been thinking of a mix between nat iptables and special dns resolving, may be with 2 name server's one for the intranet and the other one for the internet. you could easy make the hostname that will resolve to 192.168.1.20 for instance, but that is not routable on the internet. We need more info for us to help you with your problem. Greetz, Ivo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Emulate real ip's to access intranet hosts from outside
-Original Message- From: Ramon Acedo [EMAIL PROTECTED] Date: Sun, 10 Feb 2002 23:39:20 +0100 Subject: Emulate real ip's to access intranet hosts from outside ---snip- I just want that when someone try to access to host1.mydomain.net from the internet my firewall (and dns server) forward the request to host1.local which has the private ip 192.168.1.20. With what service? ssh? or webservice? or what? I've looking for that in the DNS Howto's but haven't found a solution. I've been thinking of a mix between nat iptables and special dns resolving, may be with 2 name server's one for the intranet and the other one for the internet. you could easy make the hostname that will resolve to 192.168.1.20 for instance, but that is not routable on the internet. We need more info for us to help you with your problem. Greetz, Ivo
Re: Mailserver HDD organization
I don't think the choice of MTA is relevant to the HDD organisation. I use both Postfix and Qmail and they both work fine. The only thing you have to realize is when you use Qmail with maildir, you really need a large /home partition. Greetz, Ivo dudes@doc:~$ apt-cache show clue Package: clue Priority: optional -Original Message- From: Alberto Gonzalez Iniesta [EMAIL PROTECTED] Date: Thu, 17 Jan 2002 12:22:07 +0100 Subject: Re: Mailserver HDD organization On Sun, Nov 25, 2001 at 11:04:45PM +0100, [EMAIL PROTECTED] wrote: please use qmail, its really the securest MTA you can get. please use postfix, since it's as secure as qmail and has a better license -- Alberto Gonzalez Iniesta | They that give up essential liberty [EMAIL PROTECTED] | to obtain a little temporary safety Encrypted mail preferred | deserve neither liberty nor safety. Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Mutt tmp files
When writing a new mail which I intend to encrypt via gpg, mutt creates a tmp file (normaly unter /tmp/.mutt*) which it uses to 'comunicate' with Vim. Or emacs, or whatever editor you prefer, yes. This file lasts as long the vim-session is running. Vim then saves the changes to the file and gives execution back to Mutt. What I don't like is: First the tmp file is readable by root. accualy, root can also read you gpg key. so a simple copy of you mail and a gpg decoding using your key would be much easyer snip The bottom line, though, is that if you don't trust root, don't use his machine, or allow your packets to be routed through his machine (good luck on that one if you're on the same hub). Root can do whatever he likes and you can't stop him. root is the user that is supposed to be able to do that. If you can't trust root, at least be able to break his/her bones when they invade your privacy greetz, Ivo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Mutt tmp files
When writing a new mail which I intend to encrypt via gpg, mutt creates a tmp file (normaly unter /tmp/.mutt*) which it uses to 'comunicate' with Vim. Or emacs, or whatever editor you prefer, yes. This file lasts as long the vim-session is running. Vim then saves the changes to the file and gives execution back to Mutt. What I don't like is: First the tmp file is readable by root. accualy, root can also read you gpg key. so a simple copy of you mail and a gpg decoding using your key would be much easyer snip The bottom line, though, is that if you don't trust root, don't use his machine, or allow your packets to be routed through his machine (good luck on that one if you're on the same hub). Root can do whatever he likes and you can't stop him. root is the user that is supposed to be able to do that. If you can't trust root, at least be able to break his/her bones when they invade your privacy greetz, Ivo
Re: SPAM was RE: INSURE GOOD RECEPTION! VITAL EMERGENCY STRATEGY!!!
Yes, we can send a bill -Original Message- From: Ed Street [EMAIL PROTECTED] Date: Fri, 9 Nov 2001 08:09:54 -0500 Subject: SPAM was RE: INSURE GOOD RECEPTION! VITAL EMERGENCY STRATEGY!!! Hey, Is there *anything* we can do about all this Spam that's getting on this list? Ed -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: SPAM was RE: INSURE GOOD RECEPTION! VITAL EMERGENCY STRATEGY!!!
Yes, we can send a bill -Original Message- From: Ed Street [EMAIL PROTECTED] Date: Fri, 9 Nov 2001 08:09:54 -0500 Subject: SPAM was RE: INSURE GOOD RECEPTION! VITAL EMERGENCY STRATEGY!!! Hey, Is there *anything* we can do about all this Spam that's getting on this list? Ed
Re: FTP and security
In this case I use (and suggest to use) pscp which is a win32 implementation of scp (secure copy). It uses a ssh connection to upload or download. Unfortunatly it uses no gui and has to run from cmd or command. pscp can be found on the putty page... Greetz, Ivo Windows 2000 is more secure than Linux... Since the machine is offline half of the time because of crashes, it cannot be accessed globally, therefore producing higher security. -Original Message- From: Adam Spickler [EMAIL PROTECTED] Date: Thu, 8 Nov 2001 16:57:22 -0500 Subject: Re: FTP and security Is there a decent Windows FTP application that supports sftp? Unfortunately, I have to use Windows at work. :/ Thanks, Adam On Thu, Nov 08, 2001 at 10:55:17PM +0100, Wichert Akkerman wrote: Previously Lars Bjarby wrote: While were on the subject, is there an OpenSSH port of SFTP? openssh has a sftp subsystem, yes. Wichert. -- _ [EMAIL PROTECTED] This space intentionally left occupied \ | [EMAIL PROTECTED]http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] - Adam Spickler Whaddu LLC. http://www.whaddu.com WebHosting and Design/Development Unlimited - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: FTP and security
In this case I use (and suggest to use) pscp which is a win32 implementation of scp (secure copy). It uses a ssh connection to upload or download. Unfortunatly it uses no gui and has to run from cmd or command. pscp can be found on the putty page... Greetz, Ivo Windows 2000 is more secure than Linux... Since the machine is offline half of the time because of crashes, it cannot be accessed globally, therefore producing higher security. -Original Message- From: Adam Spickler [EMAIL PROTECTED] Date: Thu, 8 Nov 2001 16:57:22 -0500 Subject: Re: FTP and security Is there a decent Windows FTP application that supports sftp? Unfortunately, I have to use Windows at work. :/ Thanks, Adam On Thu, Nov 08, 2001 at 10:55:17PM +0100, Wichert Akkerman wrote: Previously Lars Bjarby wrote: While were on the subject, is there an OpenSSH port of SFTP? openssh has a sftp subsystem, yes. Wichert. -- _ /[EMAIL PROTECTED] This space intentionally left occupied \ | [EMAIL PROTECTED]http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] - Adam Spickler Whaddu LLC. http://www.whaddu.com WebHosting and Design/Development Unlimited - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Port Scan for UDP
# netstat -anp|less that works for me all the time Without the darkness, how would you recognize the light? -Original Message- From: Ben Staffin [EMAIL PROTECTED] Date: Sat, 20 Oct 2001 23:27:09 -0500 Subject: Re: Port Scan for UDP On Sat, Oct 20, 2001 at 09:22:57PM -0700, tony mancill blathered thusly: A good way to find out what process is listening on a port is to load the lsof package and use lsof -i (as root so that you'll see everything). I find that fuser is more convenient at times - fuser -v -n udp port returns the process(es) listening on the named UDP port. -- /-- | Ben Staffin gpg key: http://darkskie.net/~benley/pgp.txt | --/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Port Scan for UDP
# netstat -anp|less that works for me all the time Without the darkness, how would you recognize the light? -Original Message- From: Ben Staffin [EMAIL PROTECTED] Date: Sat, 20 Oct 2001 23:27:09 -0500 Subject: Re: Port Scan for UDP On Sat, Oct 20, 2001 at 09:22:57PM -0700, tony mancill blathered thusly: A good way to find out what process is listening on a port is to load the lsof package and use lsof -i (as root so that you'll see everything). I find that fuser is more convenient at times - fuser -v -n udp port returns the process(es) listening on the named UDP port. -- /-- | Ben Staffin gpg key: http://darkskie.net/~benley/pgp.txt | --/
Re: Hi :
I do have snort installed and it gives me nicely daily status logs containing absolutly nothing :( There might be more programs mailing root(or alias for root) with nothingCRON maybe... Gr, Ivo Without the darkness, how would you recognize the light? -Original Message- From: Tom Breza [EMAIL PROTECTED] Date: Thu, 18 Oct 2001 21:24:41 +0100 (BST) Subject: Re: Hi : Previously Tom Breza wrote: Hi I got this today in my mail box, this is generated by somthing but I don't know what is it? Why I got message from root? and why is empty? Do you have snort installed? Hi Wichert No I don't have a snort in the system Any other sugestions? Tom -- _ / Nothing is fool-proof to a sufficiently talented fool \ | [EMAIL PROTECTED] http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Hi :
I do have snort installed and it gives me nicely daily status logs containing absolutly nothing :( There might be more programs mailing root(or alias for root) with nothingCRON maybe... Gr, Ivo Without the darkness, how would you recognize the light? -Original Message- From: Tom Breza [EMAIL PROTECTED] Date: Thu, 18 Oct 2001 21:24:41 +0100 (BST) Subject: Re: Hi : Previously Tom Breza wrote: Hi I got this today in my mail box, this is generated by somthing but I don't know what is it? Why I got message from root? and why is empty? Do you have snort installed? Hi Wichert No I don't have a snort in the system Any other sugestions? Tom -- _ / Nothing is fool-proof to a sufficiently talented fool \ | [EMAIL PROTECTED] http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
BOFH
Because of loads of resonses to me willing to send the script I've put it on the web for now, it's at: http://www.insecure.nl/~vdong/ Greetz, Ivo Without the darkness, how would you recognize the light? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
BOFH
Because of loads of resonses to me willing to send the script I've put it on the web for now, it's at: http://www.insecure.nl/~vdong/ Greetz, Ivo Without the darkness, how would you recognize the light?
Re: IS THERE ANY INTELLIGENT LIFE AT YOUR END AT ALL??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
I think I found the problem with this user: dudes@portal:~$ bofh /dev/clue was linked to /dev/null Which package is that? I don't have that command on my sytem :-( Or is it just a script that pulls it out of bofh fortunes? accually, it's a perl script with a database build from grepping and awking a fortunes file I'm trying to learn perl and this was my first client/server program... If you like I could send it to you... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: IS THERE ANY INTELLIGENT LIFE AT YOUR END AT ALL??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
I think I found the problem with this user: [EMAIL PROTECTED]:~$ bofh /dev/clue was linked to /dev/null Which package is that? I don't have that command on my sytem :-( Or is it just a script that pulls it out of bofh fortunes? accually, it's a perl script with a database build from grepping and awking a fortunes file I'm trying to learn perl and this was my first client/server program... If you like I could send it to you...
answer from abuse@ptd.net
Without the darkness, how would you recognize the light? -Original Message- From: [EMAIL PROTECTED] Date: 1 Sep 2001 13:18:18 - Subject: Re: Fwd: Re: Is ident secure? * PLEASE READ!!! This is an AUTO-REPLY message in response to an email appearing to have originated from your address and delivered to one of the mail administration addresses, most likely concerning an abuse issue. This message is _not_ intended as a response to your report, but it does contain information regarding net-abuse issues. Due to the volume of email that can sometimes occur, we may not be able to respond individually to each message sent to this address, and will likely only do so when additional information is required. PenTeleData, LPI. does not condone and will not permit abusive behavior by its users. Though no summary judgments are made, all reports we receive are investigated and action is taken when and where it is appropriate. * We have certain guidelines and 'acceptable use' policies to which all members are bound. Anytime a member fails to follow these provisions and guidelines, their account will be dealt with as defined in the policy guidelines: http://www.ptd.net/POLICIES.html FOR ALL ABUSE REPORTS ALL abuse reports submitted to [EMAIL PROTECTED] must include a date and time the incident allegedly took place. The time MUST include the time zone and indicate if the time is adjusted for Daylight Savings Time, e.g. 6:00pm EDT is acceptable, where 6:00pm is not. Abuse reports that do not contain this information may be deleted without further action. IF YOU'RE SUBMITTING AN EMAIL OR USENET ABUSE REPORT The information that you have provided will be used to investigate the incident. Once the investigation is complete, the appropriate action will be taken. Please check to make sure that you included the full received headers when you sent us a copy of the e-mail message in question. You may need to select a Show All Headers option in your e-mail software in order to include the full received headers. (You can tell whether they are included by looking for lines that begin with the word Received: in the header lines at the top of the message.) Please understand that without the full received headers, we are unable to process a complaint. Also, remember not to reply to any spam or electronic chain letters you receive, since replying may result in your being added to more spam mailing lists. We apologize for any inconvenience which may have been caused by this incident. Though we maintain stringent policies preventing third parties from using open mail relays on our system, there are numerous methods of sending spam. Rest assured that we take reports of this type very seriously and will do everything possible to identify and punish those who send unsolicited e-mail. If you are PTD user reporting about email received in your mailbox please read http://spam.abuse.net/howtocomplain.html for assistance on reporting email abuse and where to report the infraction. ^^^ ^^ PenTeleDataPhone: 610-826-4701 http://www.ptd.net Fax: 610-826-4707 Email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A thought on Layne
poor salesperson. that guy/girl is only trying to earn a living... I usually reroute them to $secretary Without the darkness, how would you recognize the light? -Original Message- From: Stig Brautaset [EMAIL PROTECTED] Date: Sat, 1 Sep 2001 17:22:15 +0100 Subject: Re: A thought on Layne * Anthony DeRobertis [EMAIL PROTECTED] spake thus: Can we subscribe him, WITHOUT posting priveleges, to every list debian hosts? And then linux-kernel as well? After that, spam-l and a news-to-mail of nanae? Nah, much more fun reading his posts I think :P I have learnt a whole lot of new words and phrases that I intend to use next time I get some phone salesman/woman on the line :D Regards, Stig -- www.brautaset.org Registered Linux User 107343 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: HARASS ME MORE.........
-Original Message- From: [EMAIL PROTECTED] (Thomas Bushnell, BSG) Date: 01 Sep 2001 11:38:41 -0700 Subject: Re: HARASS ME MORE. Noah L. Meyerhans [EMAIL PROTECTED] writes: Please don't do that. That's an incredibly rude practice. The people never asked for your opinion on operating systems or Microsoft. What about those who use a Windows mailer at their job and have no choice to do otherwise. (and please don't suggest changing jobs, that's not necessarily realistic) Sorry, changing jobs is realistic. People are *responsible* for what they do, and the defense of but it's only my job does not aquit. Instead, it says not only do I do bad things, but I am also bribable. Thomas I disagree, part of my job (1% thank god) is supporting users, they use MS based systems so also MS based mailprograms I was learned when I first started out that a good admin should understand all systems available (or commonly used) so once in a while I mail something with a MS mailer. I don't think you can judge ppl based on the policy of the corporation. my #1 task is maintaining *nix based machines, so I would really be offended if someone would mail me those sites -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: IS THERE ANY INTELLIGENT LIFE AT YOUR END AT ALL????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
I think I found the problem with this user: [EMAIL PROTECTED]:~$ bofh /dev/clue was linked to /dev/null -Original Message- From: Daniel T. Chen [EMAIL PROTECTED] Date: Sat, 1 Sep 2001 00:58:33 -0400 (EDT) Subject: Re: IS THERE ANY INTELLIGENT LIFE AT YOUR END AT ALL? ??? Um, can't this a**hole just use a filter or something? Oh wait, sorry, there isn't any intelligent life at your end either. Oops. --- Dan Chen [EMAIL PROTECTED] GPG key: www.cs.unc.edu/~chenda/pubkey.gpg.asc On Sat, 1 Sep 2001, Layne wrote: nothing worth a horse's a** -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
answer from abuse@ptd.net
Without the darkness, how would you recognize the light? -Original Message- From: [EMAIL PROTECTED] Date: 1 Sep 2001 13:18:18 - Subject: Re: Fwd: Re: Is ident secure? * PLEASE READ!!! This is an AUTO-REPLY message in response to an email appearing to have originated from your address and delivered to one of the mail administration addresses, most likely concerning an abuse issue. This message is _not_ intended as a response to your report, but it does contain information regarding net-abuse issues. Due to the volume of email that can sometimes occur, we may not be able to respond individually to each message sent to this address, and will likely only do so when additional information is required. PenTeleData, LPI. does not condone and will not permit abusive behavior by its users. Though no summary judgments are made, all reports we receive are investigated and action is taken when and where it is appropriate. * We have certain guidelines and 'acceptable use' policies to which all members are bound. Anytime a member fails to follow these provisions and guidelines, their account will be dealt with as defined in the policy guidelines: http://www.ptd.net/POLICIES.html FOR ALL ABUSE REPORTS ALL abuse reports submitted to [EMAIL PROTECTED] must include a date and time the incident allegedly took place. The time MUST include the time zone and indicate if the time is adjusted for Daylight Savings Time, e.g. 6:00pm EDT is acceptable, where 6:00pm is not. Abuse reports that do not contain this information may be deleted without further action. IF YOU'RE SUBMITTING AN EMAIL OR USENET ABUSE REPORT The information that you have provided will be used to investigate the incident. Once the investigation is complete, the appropriate action will be taken. Please check to make sure that you included the full received headers when you sent us a copy of the e-mail message in question. You may need to select a Show All Headers option in your e-mail software in order to include the full received headers. (You can tell whether they are included by looking for lines that begin with the word Received: in the header lines at the top of the message.) Please understand that without the full received headers, we are unable to process a complaint. Also, remember not to reply to any spam or electronic chain letters you receive, since replying may result in your being added to more spam mailing lists. We apologize for any inconvenience which may have been caused by this incident. Though we maintain stringent policies preventing third parties from using open mail relays on our system, there are numerous methods of sending spam. Rest assured that we take reports of this type very seriously and will do everything possible to identify and punish those who send unsolicited e-mail. If you are PTD user reporting about email received in your mailbox please read http://spam.abuse.net/howtocomplain.html for assistance on reporting email abuse and where to report the infraction. ^^^ ^^ PenTeleDataPhone: 610-826-4701 http://www.ptd.net Fax: 610-826-4707 Email: [EMAIL PROTECTED]