OT: Security question (openssl vs openssh)

Everyone, I am looking into setting up a webserver to hold some very sensitive information. I am trying to figure out which is more secure, forcing any web connections to be done using an ssh tunnel or forcing ssl. I have not been able to figure out if one is definitively much more secure

Re: OT: Security question (openssl vs openssh)

On Tue, May 3, 2011 at 10:22 AM, Mark Moellering m...@msen.com wrote: Everyone, I am looking into setting up a webserver to hold some very sensitive information.  I am trying to figure out which is more secure, forcing any web connections to be done using an ssh tunnel or forcing ssl. I have

Re: OT: Security question (openssl vs openssh)

On 5/3/11 10:22 AM, Mark Moellering wrote: Everyone, I am looking into setting up a webserver to hold some very sensitive information. I am trying to figure out which is more secure, forcing any web connections to be done using an ssh tunnel or forcing ssl. I have not been able to figure out

Re: OT: Security question (openssl vs openssh)

On Tue, May 03, 2011, Mark Moellering wrote: Everyone, I am looking into setting up a webserver to hold some very sensitive information. I am trying to figure out which is more secure, forcing any web connections to be done using an ssh tunnel or forcing ssl. I have not been able to

Wine security question...

Is it possible to use wine in a secure way? I had a warning about it after installing it from the ports. So I was wondering if it's possible to limit it to a certain area. Like a sandbox? In Love in Jesus Christ, Or Lord and Savior. For God so loved the world, that he gave his only

Re: Wine security question...

man jail Thanks Subhro On Fri, Aug 29, 2008 at 8:16 AM, Christopher Joyner [EMAIL PROTECTED] wrote: Is it possible to use wine in a secure way? I had a warning about it after installing it from the ports. So I was wondering if it's possible to limit it to a certain area. Like a sandbox?

Re: Ksh Shell script security question.

On Wed, Feb 14, 2007 at 10:57:12PM -0600, Dan Nelson wrote: In the last episode (Feb 14), Dak Ghatikachalam said: I am am puzzled how to secure this code when this shell script is being executed. ${ORACLE_HOME}/bin/sqlplus -s EOF | tee -a ${RESTOREFILE} connect system/ugo8990d

Re: Ksh Shell script security question.

In the last episode (Feb 15), Thomas Dickey said: On Wed, Feb 14, 2007 at 10:57:12PM -0600, Dan Nelson wrote: In the last episode (Feb 14), Dak Ghatikachalam said: I am am puzzled how to secure this code when this shell script is being executed. ${ORACLE_HOME}/bin/sqlplus -s EOF |

Re: Ksh Shell script security question.( SOLVED)

On 2/15/07, Dan Nelson [EMAIL PROTECTED] wrote: In the last episode (Feb 15), Thomas Dickey said: On Wed, Feb 14, 2007 at 10:57:12PM -0600, Dan Nelson wrote: In the last episode (Feb 14), Dak Ghatikachalam said: I am am puzzled how to secure this code when this shell script is being

Re: Ksh Shell script security question.

I am am puzzled how to secure this code when this shell script is being executed. ${ORACLE_HOME}/bin/sqlplus -s EOF | tee -a ${RESTOREFILE} connect system/ugo8990d set heading off set feedback off set pagesize 500 select 'SCN_TO_USE | '||max(next_change#)

Ksh Shell script security question.

Hi Freebsd I am am puzzled how to secure this code when this shell script is being executed. ${ORACLE_HOME}/bin/sqlplus -s EOF | tee -a ${RESTOREFILE} connect system/ugo8990d set heading off set feedback off set pagesize 500 select 'SCN_TO_USE |

Re: Ksh Shell script security question.

In the last episode (Feb 14), Dak Ghatikachalam said: I am am puzzled how to secure this code when this shell script is being executed. ${ORACLE_HOME}/bin/sqlplus -s EOF | tee -a ${RESTOREFILE} connect system/ugo8990d set heading off set feedback off set

User Security Question?

Hello Friends Just had a debate with a collegue at office, but still lack knowledge on FreeBSD security :( I have few questions. 1. What previligies a standard user (NOT member of Wheel Group) has on a FreeBSD Box? 2. How can he/she damages the systems or make a breach? 3. If that

Re: User Security Question?

VeeJay [EMAIL PROTECTED] wrote: Just had a debate with a collegue at office, but still lack knowledge on FreeBSD security :( For a start, I recommend you read the security(7) manual page. It should give at least rough answer to most of your questions. Another good reading is chapter 14 of

Re: User Security Question?

On 1/9/07, VeeJay [EMAIL PROTECTED] wrote: Hello Friends Just had a debate with a collegue at office, but still lack knowledge on FreeBSD security :( I have few questions. 1. What previligies a standard user (NOT member of Wheel Group) has on a FreeBSD Box? 2. How can he/she damages

IMAP-UW Security question

Just recently installed IMAP-UW through ports and once the install finished I got the following security message: SECURITY REPORT: This port has installed the following binaries which execute with increased privileges. /usr/local/libexec/mlock What can I do to minimize this security

Re: IMAP-UW Security question

Jose Borquez wrote: SECURITY REPORT: This port has installed the following binaries which execute with increased privileges. /usr/local/libexec/mlock What can I do to minimize this security risk? Do I create an mlock user? In fact, every port that installs a suid-binary will

VLAN security question

I set up a FreeBSD box to be firewall/NAT/mailserver/etc. for a company, but that company subsequently went to a VoIP system, installed a Cisco switch, programmed the switch to route Internet traffic through the BSD box as before but also to route telephone traffic NOT through it, then set things

Re: Security question - uids of 0

toor is a base system user. It is a default user. It is used for several reason and is secure as long as no one can access your console directly. On Monday 16 August 2004 09:57 am, James A. Coulter wrote: The following appeared in my latest daily security run output: Checking for uids of 0:

Security question - uids of 0

The following appeared in my latest daily security run output: Checking for uids of 0: root 0 toor 0 This is the first time I've seen this message. I checked /etc/passwd and found this: root:*:0:0:Charlie :/root:/bin/csh toor:*:0:0:Bourne-again

Re: Security question - uids of 0

Hi James, The following appeared in my latest daily security run output: Checking for uids of 0: root 0 toor 0 This is the first time I've seen this message. I checked /etc/passwd and found this: root:*:0:0:Charlie :/root:/bin/csh

Re: Security question - uids of 0

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James A. Coulter wrote: | The following appeared in my latest daily security run output: | | Checking for uids of 0: | root 0 | toor 0 | | This is the first time I've seen this message. | | I checked /etc/passwd and found this: | |

Re: Security question - uids of 0

On Mon, Aug 16, 2004 at 09:57:37AM -0500, James A. Coulter wrote: The following appeared in my latest daily security run output: Checking for uids of 0: root 0 toor 0 This is the first time I've seen this message. I checked /etc/passwd and found this:

Re: Security question - uids of 0

The following appeared in my latest daily security run output: Checking for uids of 0: root 0 toor 0 This is the first time I've seen this message. I checked /etc/passwd and found this: root:*:0:0:Charlie :/root:/bin/csh toor:*:0:0:Bourne-again

Re: Security question - uids of 0

On Mon, Aug 16, 2004 at 05:01:51PM +0200, Volker Kindermann wrote: Hi James, The following appeared in my latest daily security run output: Checking for uids of 0: root 0 toor 0 This is the first time I've seen this message. I checked /etc/passwd and found

Security Question

For some reason this does not look right. I'm using spamassen and I keep seeing this on my console. Does anyone know if this is okay or is this a big hole in spamassen? Aug 13 09:06:14 newman kernel: mail.infospamd[57121]: info: setuid to root succeeded Aug 13 09:06:14 newman kernel: Aug 13

Newbie Security Question

I recently got my firewall up and configured (many thanks to JJB and everyone else for their help) and have been reading the daily security message from root with a great deal of interest. My question is, when I see entries like this: Aug 5 17:55:54 sara sshd[2099]: Failed password for root

Re: Newbie Security Question

On Fri, Aug 06, 2004 at 08:26:01AM -0500, James A. Coulter wrote: I recently got my firewall up and configured (many thanks to JJB and everyone else for their help) and have been reading the daily security message from root with a great deal of interest. My question is, when I see entries

Re: Newbie Security Question

Hello James: Thats just letting you know that someone from that IP Address tried to access your system using the root account and the password they provided failed to authenticate. Could've been an ssh scanner or something of that nature. Most likely script kiddies. Make sure you do not

Re: Updating w. sysinstall (was: Security question)

Hi Kevin! On Wed, 19 Nov 2003, Kevin McKay wrote: So it will not just grab the latest patched binaries for 5.1? Correct. Is it just for updating between releases and not for keeping the current release up to date? ...also correct, just updating between releases. Greetings, Mark

Re: Security question

: Security question I don't know anything about using sysinstall for security patches/upgrades etc. WHat your looking for I think is cvsup. Please read the handbook on Using CVSUP to get the latests source updates, security patches for your release and even updating to a different RELEASE

Re: Security question

looked all through the handbook and faq's but could not find a definitive answer. Thanks Kevin McKay - Original Message - From: Bryan Cassidy [EMAIL PROTECTED] To: Kevin McKay [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, November 19, 2003 11:18 PM Subject: Re: Security

Re: Security question

Kevin McKay [EMAIL PROTECTED] writes: You normally need to run the sysinstall from the version you're updating to. You could configure your system's sysinstall to load in the later version, and it should be compatible, but I don't know the syntax for that offhand... For reference,

Re: Security question

I've never used sysinstall for anything but installing the operating system. I'm sure what you want is cvsup. Use the /usr/share/examples/cvsup/standard-supfile for updating source then follow instructions in handbook on make world to update the system. On Tue, 18 Nov 2003 21:09:03 -0800 Kevin

Re: Security question

Kevin McKay [EMAIL PROTECTED] writes: I have read through the documentation but have not been able to find a definite answer. I am running a pretty core install of 5.1 minimal + bind9, postfix, apache, ssh, no ports collection. Here is my question. When I run the binary update from sysinstall

Re: Security question

So it will not just grab the latest patched binaries for 5.1? I am not sure I understand. Is it just for updating between releases and not for keeping the current release up to date? Kevin Lowell Gilbert wrote: Kevin McKay [EMAIL PROTECTED] writes: I have read through the documentation

Re: Security question

I don't know anything about using sysinstall for security patches/upgrades etc. WHat your looking for I think is cvsup. Please read the handbook on Using CVSUP to get the latests source updates, security patches for your release and even updating to a different RELEASE or -CURRENT or -STABLE. On

Re: Security question

I don't know anything about using sysinstall for security patches/upgrades etc. WHat your looking for I think is cvsup. Please read the handbook on Using CVSUP to get the latests source updates, security patches for your release and even updating to a different RELEASE or -CURRENT or -STABLE. On

Security question

Hello, I have read through the documentation but have not been able to find a definite answer. I am running a pretty core install of 5.1 minimal + bind9, postfix, apache, ssh, no ports collection. Here is my question. When I run the binary update from sysinstall will that take care of the

Beginner Security Question

hello, after lots of research and configuration, i finally have a freebsd box with a comfortable custom interface, lots of multimedia bells and whistles, and shortcuts to all of my most-used applications. i'm still fumbling with text, in that i haven't found a way to cut and paste from one

RE: Beginner Security Question

moused_type=auto moused_flags=-m 2=3 # config for 2 button mouse -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jon Cavalier Sent: Monday, November 17, 2003 7:42 PM To: [EMAIL PROTECTED] Subject: Beginner Security Question hello, after lots of research

Re: Beginner Security Question

On Mon, Nov 17, 2003 at 04:42:20PM -0800, Jon Cavalier wrote: so now my question is, since i haven't really crossed the next bridge which is to familiarize myself fully with the security aspects of freebsd.. is this thing safe? Yes. You have to do three thing just like you have to do with

Security question (simple).

Hi, I'm fairly new to network/machine security (but I know enough to write some firewall rules, just the basics. I guess I'm getting on for novice, or something ;) I'm running two jails on my box, which has a dialup connection to the 'net. It's all firewalled off and only certain things

Re: Security question (simple).

eeBSD-questions" [EMAIL PROTECTED] (BSent: 2003$BG/(B8$B7n(B23$BF|(B 9:08 (BSubject: Security question (simple). (B (B (B___ (B[EMAIL PROTECTED] mailing list (Bhttp://lists.freebsd.org/mailman/listinfo/freebsd-questions (BTo unsubscribe, send

procmail security question

Maybe a silly question but still, security has to be as high as possible, so, here it is: I installed procmail and got the fbsd warning about the program running with set user and group ID (root/mail) known as a security risk. What about this message? Procmail has persmission 6755. Is it

Re: procmail security question

Today Dick Hoogendijk wrote: Maybe a silly question but still, security has to be as high as possible, so, here it is: I installed procmail and got the fbsd warning about the program running with set user and group ID (root/mail) known as a security risk. What about this message? Procmail