Is misbehaving was my original thought...
2010/11/28 Dotan Cohen dotanco...@gmail.com:
2010/11/29 Brad Alexander stor...@gmail.com:
Being familiar enough with your systems and their behavior to know
when something
...is missing?
--
Dotan Cohen
http://gibberish.co.il
Agreed. I have a 50-character passphrase, but only have to type it in
at the start of the session. :-)
On Mon, Nov 29, 2010 at 1:19 PM, Andrei Popescu
andreimpope...@gmail.com wrote:
On Lu, 29 nov 10, 17:07:43, Brian wrote:
On Mon 29 Nov 2010 at 17:39:34 +0200, Andrei Popescu wrote:
Does
On Sun 28 Nov 2010 at 19:28:48 -0500, Brad Alexander wrote:
Plus the mundane stuff, like regularly changing passwords, disabling
root logins in ssh, and things like that are all a part of your
defensive stance.
Changing passwords as frequently as changing the locks on the doors of
your house
On Lu, 29 nov 10, 10:55:32, Brian wrote:
On Sun 28 Nov 2010 at 19:28:48 -0500, Brad Alexander wrote:
Plus the mundane stuff, like regularly changing passwords, disabling
root logins in ssh, and things like that are all a part of your
defensive stance.
Changing passwords as frequently
On Mon 29 Nov 2010 at 17:39:34 +0200, Andrei Popescu wrote:
Does key-only login and a passphrase twice as long for the key count?
You're a cautious man, I see, and don't mind the extra typing. So, why
shouldn't it?
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a
On Lu, 29 nov 10, 17:07:43, Brian wrote:
On Mon 29 Nov 2010 at 17:39:34 +0200, Andrei Popescu wrote:
Does key-only login and a passphrase twice as long for the key count?
You're a cautious man, I see, and don't mind the extra typing. So, why
shouldn't it?
It's not that bad if you use
On Fri, 26 Nov 2010 22:51:11 +, James Brown wrote:
Camaleón wrote:
JFYI, there was a recent exploit for ProFtpd:
http://www.exploit-db.com/exploits/15449/
Also followed here:
proftpd: IAC remote root exploit
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602769
Not sure if
On Sun, Nov 28, 2010 at 02:45, Brad Alexander stor...@gmail.com wrote:
IMHO, it's another tool in the toolbox. The secret is that you need to
be using multiple tools,
Such as? Other than a firewall and maybe antivirus.
Rkhunter?
Tripwire?
Why/not any specific one? What about log analysis?
--
El 2010-11-28 a las 12:14 -0500, Brad Alexander escribió:
(resending to the list)
On Sun, Nov 28, 2010 at 7:22 AM, Camaleón wrote:
(...)
I'm not an expert in linux computer forensics but your logs are
displaying scaring information happening in your box. Secunia reports a
high impact on
Such as, running regular scans on your boxes to know what is
changing...Such as running a log analysis tool like ossec or swatch or
logwatch...Such as running some manner of host-based and network-based
intrusion detection system, like ossec or tripwire and snort,
respectively. Like regularly
2010/11/29 Brad Alexander stor...@gmail.com:
Being familiar enough with your systems and their behavior to know
when something
...is missing?
--
Dotan Cohen
http://gibberish.co.il
http://what-is-what.com
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of
On Fri 26 Nov 2010 at 18:53:05 +, James Brown wrote:
I have received the next messages from crondaemon:
/etc/cron.daily/rkhunter:
Internal error!
Internal error!
[snip]
Is it a rootkit or other error? What I need to do - remove infected
files, reinstall the above packeges or give an
On Sat, Nov 27, 2010 at 3:38 PM, Brian a...@cityscape.co.uk wrote:
Your course of action will depend on the confidence you place in
rkhunter. Mine is zero, but if your reading of its reports is convincing
and you think it tells you anything important about your system your
only option is to
On Fri, 26 Nov 2010 18:53:05 +, James Brown wrote:
I have a VDS under Debian Lenny,
~# uname -a
Linux 2.6.18-028stab070.4-ent #1 SMP Tue Aug 17 19:03:05 MSD 2010 i686
GNU/Linux
I have received the next messages from crondaemon:
/etc/cron.daily/rkhunter:
Internal error!
Internal
James Brown:
I have a VDS under Debian Lenny,
~# uname -a
Linux 2.6.18-028stab070.4-ent #1 SMP Tue Aug 17 19:03:05 MSD 2010 i686
GNU/Linux
Is the rest of the software as ancient as the kernel? Lenny uses 2.6.26.
You should probably ask for a more recent kernel.
Is it a rootkit or other
Camaleón wrote:
On Fri, 26 Nov 2010 18:53:05 +, James Brown wrote:
I have a VDS under Debian Lenny,
~# uname -a
Linux 2.6.18-028stab070.4-ent #1 SMP Tue Aug 17 19:03:05 MSD 2010 i686
GNU/Linux
I have received the next messages from crondaemon:
/etc/cron.daily/rkhunter:
Internal
Jochen Schulz wrote:
James Brown:
I have a VDS under Debian Lenny,
~# uname -a
Linux 2.6.18-028stab070.4-ent #1 SMP Tue Aug 17 19:03:05 MSD 2010 i686
GNU/Linux
Is the rest of the software as ancient as the kernel? Lenny uses 2.6.26.
You should probably ask for a more recent kernel.
Is
Jochen Schulz wrote:
James Brown:
I have a VDS under Debian Lenny,
~# uname -a
Linux 2.6.18-028stab070.4-ent #1 SMP Tue Aug 17 19:03:05 MSD 2010 i686
GNU/Linux
Is the rest of the software as ancient as the kernel? Lenny uses 2.6.26.
You should probably ask for a more recent kernel.
Is
18 matches
Mail list logo