Re: SSH and RSA

2001-02-19 Thread Mark Janssen
be found in the sshd_options file and the manual page for sshd (not ssh) ;) Have fun... As always, You guys are great, thanks in advance for the help, ~duane -- Mark Janssen Unix Consultant @ SyConOS IT E-mail: [EMAIL PROTECTED]GnuPG Key Id: 357D2178 http

Re: shared root account

2001-07-06 Thread Mark Janssen
keypair and passphrase (Put the public key in the .authorized_keys file for the root user) TUrn on RSA/DSA authentication and 'allow root login' Mark Janssen Unix Consultant @ SyConOS IT E-mail: [EMAIL PROTECTED] GnuPG Key Id: 357D2178 http: maniac.nl, unix-god

Re: FTP and security

2001-11-08 Thread Mark Janssen
On Thu, Nov 08, 2001 at 04:57:22PM -0500, Adam Spickler wrote: Is there a decent Windows FTP application that supports sftp? Unfortunately, I have to use Windows at work. :/ cygwin includes openssh... and the sftp it has supports everything you need. -- Mark Janssen

Re: MTAs

2001-11-21 Thread Mark Janssen
-- Mark Janssen Unix Consultant @ SyConOS IT E-mail: [EMAIL PROTECTED] GnuPG Key Id: 357D2178 http: maniac.nl, unix-god.[net|org], markjanssen.[com|net|org|nl] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact

Re: portscans and sniffing

2002-01-21 Thread Mark Janssen
(your clients) and keep well away from other people's boxes. Mark Janssen Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT E-mail: mark(at)markjanssen.nl / maniac(at)maniac.nl GnuPG Key Id: 357D2178 Web: Maniac.nl Unix-God.[Net|Org] MarkJanssen.[com|net|org|nl] SyConOS.[com|nl

Re: I want to test my firewall from the outside

2002-02-14 Thread Mark Janssen
On Thu, 2002-02-14 at 16:20, Cristian Ionescu-Idbohrn wrote: Greetings, Yes, I would like to do that. Any good tools you folks would recommand? Nmap from a dial-up connection... or login to some unix host and nmap from there... Maniac (Or... just throw your IP into the

Re: scp and sftp

2002-03-31 Thread Mark Janssen
for SSH and SCP / SFTP etc of course. Mark Janssen I did not see anything about this issue on the openssh web site. Anybody got any suggestions? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Mark Janssen Unix

Re: scp and sftp

2002-04-01 Thread Mark Janssen
the firewall blocks ftp from the internet. But that stills leaves the scp hole. Fixed :) The chroot-patch is at: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=139047repeatmerged=yes or: http://www.cag.lcs.mit.edu/~raoul/ -- Mark Janssen Unix / Linux, Open-Source and Internet Consultant

Re: OpenSSH 3.1

2002-04-07 Thread Mark Janssen
? Yes, it was fixed in debian package Openssh_3.0.2p1-8 (maybe allready in 7, but that had other problems) Debian usually patches the (security) bug, without going straight to the new upstream release, but only upgrading the package number -- Mark Janssen Unix / Linux, Open-Source

Re: how to unsubscribe.

2002-04-26 Thread Mark Janssen
On Fri, 2002-04-26 at 09:58, Trancom wrote: how to unsubscribe. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] Look here Or Here \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ -- To UNSUBSCRIBE,

Re: Generating Mail passwords

2002-05-24 Thread Mark Janssen
either only lowercase letters, or upper and lower case mixed, or digits thrown in. Uppercase letters and digits are placed in a way that eases remembering their position when memorizing only the word. -- Mark Janssen -- maniac(at)maniac.nl -- GnuPG Key Id: 357D2178 Unix / Linux, Open-Source

Re: Business Proposal (Urgent)

2002-09-24 Thread Mark Janssen
PROTECTED] Subject: Business Proposal (Urgent) Date: Tue, 24 Sep 2002 05:55:21 -0700 I suggest you first read: http://home.rica.net/alphae/419coal/ Which clearly describes the working of this scam... Just ignore it, or send it on to the relevant government agency... -- Mark Janssen -- maniac

Re: Automatic Debian security updates, an Implementation

2002-10-18 Thread Mark Janssen
the internet in different cities, timezones and administrative domains :) -- Mark Janssen -- maniac(at)maniac.nl -- GnuPG Key Id: 357D2178 Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT Maniac.nl Unix-God.Net|Org MarkJanssen.org|nl SyConOS.com|nl -- To UNSUBSCRIBE, email to [EMAIL

Re: ssh banner

2002-10-18 Thread Mark Janssen
On Fri, 2002-10-18 at 14:58, [EMAIL PROTECTED] wrote: SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1 How can I disable the message ? You can limit it somewhat (by editing source), but the protocol needs the version string, so you can't change it without breaking compatibility. -- Mark Janssen

Re: question about SSH / IPTABLES

2003-01-23 Thread Mark Janssen
sshd's running on port 80, 443 or random port numbers) Why do you want to disallow people to ssh out of your system, while allowing them to ssh into it ??? You can never block anyone who _wants_ to do something -- Mark Janssen [EMAIL PROTECTED] Saiko Internet Technologies -- To UNSUBSCRIBE, email

Re: security.debian.org down?

2003-03-10 Thread Mark Janssen
it as one of my main debian mirrors, since it's only 5 hops away from me :) -- Mark Janssen -- maniac(at)maniac.nl -- GnuPG Key Id: 357D2178 Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT Maniac.nl Unix-God.Net|Org MarkJanssen.org|nl SyConOS.com|nl -- To UNSUBSCRIBE, email to [EMAIL

Re: ptrace vulnerability?

2003-03-18 Thread Mark Janssen
)) + current-mm-dumpable = arg2; break; case PR_SET_UNALIGN: #ifdef SET_UNALIGN_CTL -- Mark Janssen -- maniac(at)maniac.nl -- GnuPG Key Id: 357D2178 Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT Maniac.nl Unix-God.Net|Org

Re: Crypto File System-Problems Creating One

2005-06-14 Thread Mark Janssen
instead. You need to do something like this: sudo cryptsetup -c aes -y create SomeUniqueName /dev/hda10 sudo mount /dev/mapper/SomeUniqueName /mountpoint -- Mark Janssen -- maniac(at)maniac.nl -- pgp: 0x357D2178 | ,''`. | Unix / Linux Open-Source and Internet Consultant @ Snow.nl

Re: SECURITY PROBLEM: autofs [all versions]

2000-07-01 Thread Mark Janssen
minute... a reboot doesn't go around unnoticed... Mark Janssen Unix Consultant Unix Support Nederland / PSInet Netherlands E-mail: [EMAIL PROTECTED]GnuPG Key Id: 357D2178 http: markjanssen.homeip.net www.markjanssen.nl www.maniac.nl Fax/VoiceMail: +31 20 8757555

Re: Configuring ssh

2000-11-06 Thread Mark Janssen
/cygwin/setup.exe Or on other sites... just search with google... Mark Janssen Unix Consultant Unix Support Nederland / PSInet Netherlands E-mail: [EMAIL PROTECTED]GnuPG Key Id: 357D2178 http: markjanssen.homeip.net www.markjanssen.nl www.maniac.nl Fax/VoiceMail

Re: SSH and RSA

2001-02-19 Thread Mark Janssen
be found in the sshd_options file and the manual page for sshd (not ssh) ;) Have fun... As always, You guys are great, thanks in advance for the help, ~duane -- Mark Janssen Unix Consultant @ SyConOS IT E-mail: [EMAIL PROTECTED]GnuPG Key Id: 357D2178 http

Re: shared root account

2001-07-06 Thread Mark Janssen
keypair and passphrase (Put the public key in the .authorized_keys file for the root user) TUrn on RSA/DSA authentication and 'allow root login' Mark Janssen Unix Consultant @ SyConOS IT E-mail: [EMAIL PROTECTED] GnuPG Key Id: 357D2178 http: maniac.nl, unix-god

Re: FTP and security

2001-11-08 Thread Mark Janssen
On Thu, Nov 08, 2001 at 04:57:22PM -0500, Adam Spickler wrote: Is there a decent Windows FTP application that supports sftp? Unfortunately, I have to use Windows at work. :/ cygwin includes openssh... and the sftp it has supports everything you need. -- Mark Janssen

Re: OpenSSH 3, DEBIAN 2.2 and PAM authentication

2001-11-12 Thread Mark Janssen
. If you name it sshd it will use /etc/pam.d/sshd etc :) That's what I read last week in some docs on the OpenSSH site :) Mark Janssen Unix Consultant @ SyConOS IT E-mail: [EMAIL PROTECTED] GnuPG Key Id: 357D2178 http: maniac.nl, unix-god.[net|org], markjanssen

Re: MTAs

2001-11-21 Thread Mark Janssen
-- Mark Janssen Unix Consultant @ SyConOS IT E-mail: [EMAIL PROTECTED] GnuPG Key Id: 357D2178 http: maniac.nl, unix-god.[net|org], markjanssen.[com|net|org|nl]

Re: portscans and sniffing

2002-01-21 Thread Mark Janssen
(your clients) and keep well away from other people's boxes. Mark Janssen Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT E-mail: mark(at)markjanssen.nl / maniac(at)maniac.nl GnuPG Key Id: 357D2178 Web: Maniac.nl Unix-God.[Net|Org] MarkJanssen.[com|net|org|nl] SyConOS.[com|nl

Re: How to modify SSH2 prompt message?

2002-02-07 Thread Mark Janssen
). You can't get rid of this message (unless you also use a modified client.) The message is part of the protocol, and it is required that SSH servers specify their version. You could modify the string... (removing or altering the OpenSSH part). But the SSH-2.0- part is mandatory !! -- Mark Janssen

Re: I want to test my firewall from the outside

2002-02-14 Thread Mark Janssen
On Thu, 2002-02-14 at 16:20, Cristian Ionescu-Idbohrn wrote: Greetings, Yes, I would like to do that. Any good tools you folks would recommand? Nmap from a dial-up connection... or login to some unix host and nmap from there... Maniac (Or... just throw your IP into the

Re: apache-ssl/woody cannot handle password protected keys?

2002-02-25 Thread Mark Janssen
started -- Mark Janssen Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT E-mail: mark(at)markjanssen.nl / maniac(at)maniac.nl GnuPG Key Id: 357D2178 Web: Maniac.nl Unix-God.[Net|Org] MarkJanssen.[com|net|org|nl] SyConOS.[com|nl]

Re: scp and sftp

2002-03-31 Thread Mark Janssen
for SSH and SCP / SFTP etc of course. Mark Janssen I did not see anything about this issue on the openssh web site. Anybody got any suggestions? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Mark Janssen Unix

Re: scp and sftp

2002-04-01 Thread Mark Janssen
the firewall blocks ftp from the internet. But that stills leaves the scp hole. Fixed :) The chroot-patch is at: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=139047repeatmerged=yes or: http://www.cag.lcs.mit.edu/~raoul/ -- Mark Janssen Unix / Linux, Open-Source and Internet Consultant

Re: OpenSSH 3.1

2002-04-07 Thread Mark Janssen
hole? Yes, it was fixed in debian package Openssh_3.0.2p1-8 (maybe allready in 7, but that had other problems) Debian usually patches the (security) bug, without going straight to the new upstream release, but only upgrading the package number -- Mark Janssen Unix / Linux, Open-Source

Re: how to unsubscribe.

2002-04-26 Thread Mark Janssen
On Fri, 2002-04-26 at 09:58, Trancom wrote: how to unsubscribe. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] Look here Or Here \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ -- To UNSUBSCRIBE,

Re: Generating Mail passwords

2002-05-24 Thread Mark Janssen
either only lowercase letters, or upper and lower case mixed, or digits thrown in. Uppercase letters and digits are placed in a way that eases remembering their position when memorizing only the word. -- Mark Janssen -- maniac(at)maniac.nl -- GnuPG Key Id: 357D2178 Unix / Linux, Open-Source

Re: SSH2 Encryption

2002-06-10 Thread Mark Janssen
On Mon, 2002-06-10 at 19:13, Jeff Bonner wrote: Questions: 1) Are all those ciphers actually available in my SSH package? Run the ssh daemon with debugging on (2 levels or more) and check the output: sshd -d -d -d -p someport ssh -v -p someport 127.0.0.1 Look at all the pretty output...

Re: ssh and password authentication

2002-06-25 Thread Mark Janssen
, but not to anyone in between. So it's quite safe ;) -- Mark Janssen -- maniac(at)maniac.nl -- GnuPG Key Id: 357D2178 Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT Maniac.nl Unix-God.Net|Org MarkJanssen.org|nl SyConOS.com|nl -- To UNSUBSCRIBE, email to [EMAIL PROTECTED

Re: [SECURITY] [DSA-134-2] Unknown OpenSSH remote vulnerability

2002-06-25 Thread Mark Janssen
This was/is all in woody, but I suspect potato to act the same :) -- Mark Janssen -- maniac(at)maniac.nl -- GnuPG Key Id: 357D2178 Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT Maniac.nl Unix-God.Net|Org MarkJanssen.org|nl SyConOS.com|nl -- To UNSUBSCRIBE, email to [EMAIL PROTECTED

Re: DSA-134-1

2002-06-25 Thread Mark Janssen
of logout method...) then Getty immediately respawns No... getty exec's a shell (or a login actually) and when this exits the inetd restarts the getty. :) -- Mark Janssen -- maniac(at)maniac.nl -- GnuPG Key Id: 357D2178 Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT Maniac.nl

Re: [SECURITY] [DSA-134-2] Unknown OpenSSH remote vulnerability

2002-06-25 Thread Mark Janssen
owned dir /var/run/sshd I myself changed this to root:sys, but that shouldn't really matter. -- Mark Janssen -- maniac(at)maniac.nl -- GnuPG Key Id: 357D2178 Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT Maniac.nl Unix-God.Net|Org MarkJanssen.org|nl SyConOS.com|nl signature.asc

OpenSSH 3.4 released... should FIX problems

2002-06-26 Thread Mark Janssen
Head over to OpenSSH.com They have just released version 3.4, which should fix some overflow problems and adds lot's of new checks against dubious input. Advisories and updates on the various pages there. Mark Janssen Syconos IT Consultancy -- To UNSUBSCRIBE, email to [EMAIL PROTECTED

Re: Business Proposal (Urgent)

2002-09-24 Thread Mark Janssen
-security@lists.debian.org Subject: Business Proposal (Urgent) Date: Tue, 24 Sep 2002 05:55:21 -0700 I suggest you first read: http://home.rica.net/alphae/419coal/ Which clearly describes the working of this scam... Just ignore it, or send it on to the relevant government agency... -- Mark Janssen

Re: Automatic Debian security updates, an Implementation

2002-10-18 Thread Mark Janssen
the internet in different cities, timezones and administrative domains :) -- Mark Janssen -- maniac(at)maniac.nl -- GnuPG Key Id: 357D2178 Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT Maniac.nl Unix-God.Net|Org MarkJanssen.org|nl SyConOS.com|nl

Re: ssh banner

2002-10-18 Thread Mark Janssen
On Fri, 2002-10-18 at 14:58, [EMAIL PROTECTED] wrote: SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1 How can I disable the message ? You can limit it somewhat (by editing source), but the protocol needs the version string, so you can't change it without breaking compatibility. -- Mark Janssen

Re: question about SSH / IPTABLES

2003-01-23 Thread Mark Janssen
sshd's running on port 80, 443 or random port numbers) Why do you want to disallow people to ssh out of your system, while allowing them to ssh into it ??? You can never block anyone who _wants_ to do something -- Mark Janssen [EMAIL PROTECTED] Saiko Internet Technologies

Re: security.debian.org down?

2003-03-10 Thread Mark Janssen
it as one of my main debian mirrors, since it's only 5 hops away from me :) -- Mark Janssen -- maniac(at)maniac.nl -- GnuPG Key Id: 357D2178 Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT Maniac.nl Unix-God.Net|Org MarkJanssen.org|nl SyConOS.com|nl

Re: ptrace vulnerability?

2003-03-18 Thread Mark Janssen
; + if (is_dumpable(current)) + current-mm-dumpable = arg2; break; case PR_SET_UNALIGN: #ifdef SET_UNALIGN_CTL -- Mark Janssen -- maniac(at)maniac.nl -- GnuPG Key Id: 357D2178 Unix / Linux, Open-Source and Internet Consultant