also sprach Mathias Gygax <[EMAIL PROTECTED]> [2001.12.05.1109 -0800]:
> > no, not yet. it's on my todo list, but since i am pretty comfortable
> > as root and my users are trusted users, it is not prime importance.
>
> if you have remote daemons, you don't have anything like "trusted
> users". ev
> no, not yet. it's on my todo list, but since i am pretty comfortable
> as root and my users are trusted users, it is not prime importance.
if you have remote daemons, you don't have anything like "trusted
users". every daemon has it's associated UID.
* [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2001.12.05 20:55:40+1000]:
> I know that you run some sort of service for multiple users. Have you
> done any of this stuff for your servers? Have you installed LIDS also?
no, not yet. it's on my todo list, but since i am pretty comfortable
as root and my
On Mit, Dez 05, 2001 at 08:43:01 +1000, [EMAIL PROTECTED] wrote:
> I am just a little confused now on the libsafe / openwall / dietlibc
> stuff. Is it recommended to do all 3?
don't install stuff you don't understand what it does. go step by step
and understand what these do.
libsafe is a prel
On Sun, Dec 02, 2001 at 06:06:52PM +0100, martin f krafft wrote:
> * [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2001.11.30 14:16:57+1000]:
> > Also, the openwall patch that Alvin Oga recommended seems to only be for
> > 2.2 series kernels - so I guess that is not possible for a 2.4 kernel.
> > And I re
On Mon, Dec 03, 2001 at 02:21:07PM +0100, Mathias Gygax wrote:
> On Son, Dez 02, 2001 at 08:47:41 +1000, [EMAIL PROTECTED] wrote:
>
> Don't forget to protect lidsadm binary. This is the interface for
> supplying a password to deactivate the features in the kernel.
> The password can't be cracked
On Son, Dez 02, 2001 at 08:47:41 +1000, [EMAIL PROTECTED] wrote:
> You have really inspired me to give this a go. It sounds as though I
> have nothing to lose except time. And in my opinion this may be time
> well spent as at least I will learn much about the root daemons.
Yes, you will. Defini
* [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2001.11.30 14:16:57+1000]:
> Also, the openwall patch that Alvin Oga recommended seems to only be for
> 2.2 series kernels - so I guess that is not possible for a 2.4 kernel.
> And I really want to run a 2.4 kernel for the iptables firewall stuff.
> What is
On Sat, Dec 01, 2001 at 02:32:06PM +0100, Mathias Gygax wrote:
> On Sam, Dez 01, 2001 at 03:32:51 +1000, [EMAIL PROTECTED] wrote:
> > Is it easy to get rid of it, if it causes me more trouble than it is
> > worth?
>
> run an unpatched kernel, disable it with kernel option "security=0"
> (e.g. lil
On Sam, Dez 01, 2001 at 03:32:51 +1000, [EMAIL PROTECTED] wrote:
> Sounds as though I may need a little more knowledge than I currently
> have. But on the other hand, if I do go down this path of installing
> and configuring LIDS and manage to get it to work then I will have
> learnt LOTS about a
On Fri, Nov 30, 2001 at 02:11:04PM +0100, Mathias Gygax wrote:
> On Fre, Nov 30, 2001 at 11:31:08 +1000, [EMAIL PROTECTED] wrote:
> > I just wanted to know if anyone is using this and what they think of
> > it.
>
> I think it's a good protection that bring's a linux system a step
> further in the
On Fri, Nov 30, 2001 at 02:11:04PM +0100, Mathias Gygax wrote:
> On Fre, Nov 30, 2001 at 11:31:08 +1000, [EMAIL PROTECTED] wrote:
> > I just wanted to know if anyone is using this and what they think of
> > it.
>
> I think it's a good protection that bring's a linux system a step
> further in the
On Fre, Nov 30, 2001 at 09:38:00 +0100, Christian Jaeger wrote:
> LIDS really makes use of the capabilities stuff that is in the kernel
> anyway.
Capability support is in since 2.2.11 i guess.
http://pw1.netcom.com/~spoon/lcap/
> Well it complements it with file access control lists (and
> ma
Just as a note:
LIDS really makes use of the capabilities stuff that is in the kernel
anyway. Well it complements it with file access control lists (and
maybe some other stuff, I don't have much experience with LIDS), but
not everything in LIDS is it's own invention. I think really it
should
> Then David Spreen contacted me. He creates the inofficial debian LIDS
> packages at http://netzwurm.cc/computer/lids.html
One thing, i forgot: I plan to do deb packages for daemons with
preconfigured LIDS setup. So you get automatic a configuration, when
LIDS is installed and running e.g. for s
On Fre, Nov 30, 2001 at 11:31:08 +1000, [EMAIL PROTECTED] wrote:
> I just wanted to know if anyone is using this and what they think of
> it.
I think it's a good protection that bring's a linux system a step
further in the direction of having a finer tuneable system that doesn't
depend too much o
On Thu, Nov 29, 2001 at 06:36:32PM -0800, Alvin Oga wrote:
>
> hi ya mark
>
> are you trying to detect that files has changed
> or are you trying to protect files from being changed ??
Well, I was really trying to weigh up the pros / cons of both. It
seemed to me from first appearances that some
On Thu, Nov 29, 2001 at 08:41:25PM -0600, John Patton wrote:
> On Fri, Nov 30, 2001 at 11:31:08AM +1000, [EMAIL PROTECTED] wrote:
> > I just stumbled upon this LIDS (Linux Intrusion Detection/Defense
> > System) see: http://www.lids.org
> >
> > I just wanted to know if anyone is using this and wh
On Thu, Nov 29, 2001 at 06:36:32PM -0800, Alvin Oga wrote:
> lids tries to prevent you and [h/cr]ackers from changing
> files its supposed to be protecting...
> a simple "attr +i /etc/passwd" will prevent it from
> being changed too
attr permissions can be changed by anyone who has man
On Fri, Nov 30, 2001 at 11:31:08AM +1000, [EMAIL PROTECTED] wrote:
> I just stumbled upon this LIDS (Linux Intrusion Detection/Defense
> System) see: http://www.lids.org
>
> I just wanted to know if anyone is using this and what they think of it.
> Is it hard to set up? What happens when you do
hi ya mark
are you trying to detect that files has changed
or are you trying to protect files from being changed ??
tripwire/aide and other ids will tell you that files have been
changed... ( a little too late in my book ...
lids tries to prevent you and [h/cr]ackers from changing
files its sup
I just stumbled upon this LIDS (Linux Intrusion Detection/Defense
System) see: http://www.lids.org
I just wanted to know if anyone is using this and what they think of it.
Is it hard to set up? What happens when you do an apt-get dist-upgrade
- will it refuse to change the binaries you want to u
22 matches
Mail list logo
