Re: OT: Security question (openssl vs openssh)

On Tue, May 03, 2011, Mark Moellering wrote: > Everyone, > I am looking into setting up a webserver to hold some very sensitive > information. I am trying to figure out which is more secure, forcing > any web connections to be done using an ssh tunnel or forcing ssl. > I have not been able to

Re: OT: Security question (openssl vs openssh)

On 5/3/11 10:22 AM, Mark Moellering wrote: Everyone, I am looking into setting up a webserver to hold some very sensitive information. I am trying to figure out which is more secure, forcing any web connections to be done using an ssh tunnel or forcing ssl. I have not been able to figure out if

Re: OT: Security question (openssl vs openssh)

On Tue, May 3, 2011 at 10:22 AM, Mark Moellering wrote: > Everyone, > I am looking into setting up a webserver to hold some very sensitive > information.  I am trying to figure out which is more secure, forcing any > web connections to be done using an ssh tunnel or forcing ssl. > I have not been

OT: Security question (openssl vs openssh)

Everyone, I am looking into setting up a webserver to hold some very sensitive information. I am trying to figure out which is more secure, forcing any web connections to be done using an ssh tunnel or forcing ssl. I have not been able to figure out if one is definitively much more secure than

Re: Wine security question...

man jail Thanks Subhro On Fri, Aug 29, 2008 at 8:16 AM, Christopher Joyner <[EMAIL PROTECTED]> wrote: > Is it possible to use wine in a secure way? I had a warning about it after > installing it from the ports. So I was wondering if it's possible to limit > it to a certain area. Like a sandb

Wine security question...

Is it possible to use wine in a secure way? I had a warning about it after installing it from the ports. So I was wondering if it's possible to limit it to a certain area. Like a sandbox? In Love in Jesus Christ, Or Lord and Savior. For God so loved the world, that he gave his only *bego

Re: Ksh Shell script security question.

I am am puzzled how to secure this code when this shell script is being executed. ${ORACLE_HOME}/bin/sqlplus -s < Hi Dak, The reason you can see the code in ${RESTOREFILE} is because of the tee command. With `tee -a` you're actually asking to have the code installed in ${RESTOREFILE}. Now, on

Re: Ksh Shell script security question.( SOLVED)

On 2/15/07, Dan Nelson <[EMAIL PROTECTED]> wrote: In the last episode (Feb 15), Thomas Dickey said: > On Wed, Feb 14, 2007 at 10:57:12PM -0600, Dan Nelson wrote: > > In the last episode (Feb 14), Dak Ghatikachalam said: > > > I am am puzzled how to secure this code when this shell script is > >

Re: Ksh Shell script security question.

In the last episode (Feb 15), Thomas Dickey said: > On Wed, Feb 14, 2007 at 10:57:12PM -0600, Dan Nelson wrote: > > In the last episode (Feb 14), Dak Ghatikachalam said: > > > I am am puzzled how to secure this code when this shell script is > > > being executed. > > > > > > ${ORACLE_HOME}/bin/sql

Re: Ksh Shell script security question.

On Wed, Feb 14, 2007 at 10:57:12PM -0600, Dan Nelson wrote: > In the last episode (Feb 14), Dak Ghatikachalam said: > > I am am puzzled how to secure this code when this shell script is > > being executed. > > > > ${ORACLE_HOME}/bin/sqlplus -s < >connect system/ugo8990d > >set hea

Re: Ksh Shell script security question.

In the last episode (Feb 14), Dak Ghatikachalam said: > I am am puzzled how to secure this code when this shell script is > being executed. > > ${ORACLE_HOME}/bin/sqlplus -s set heading off >set feedback off >set pagesize 500 >sele

Ksh Shell script security question.

Hi Freebsd I am am puzzled how to secure this code when this shell script is being executed. ${ORACLE_HOME}/bin/sqlplus -s

Re: User Security Question?

On 1/9/07, VeeJay <[EMAIL PROTECTED]> wrote: Hello Friends Just had a debate with a collegue at office, but still lack knowledge on FreeBSD security :( I have few questions. 1. What previligies a "standard" user (NOT member of Wheel Group) has on a FreeBSD Box? 2. How can he/she damage

Re: User Security Question?

VeeJay <[EMAIL PROTECTED]> wrote: > Just had a debate with a collegue at office, but still lack knowledge on > FreeBSD security :( For a start, I recommend you read the security(7) manual page. It should give at least rough answer to most of your questions. Another good reading is chapter 14 o

User Security Question?

Hello Friends Just had a debate with a collegue at office, but still lack knowledge on FreeBSD security :( I have few questions. 1. What previligies a "standard" user (NOT member of Wheel Group) has on a FreeBSD Box? 2. How can he/she damages the systems or make a breach? 3. If that part

Re: IMAP-UW Security question

Jose Borquez wrote: > SECURITY REPORT: > This port has installed the following binaries which execute with > increased privileges. > /usr/local/libexec/mlock > > What can I do to minimize this security risk? Do I create an mlock user? In fact, every port that installs a suid-binary wil

IMAP-UW Security question

Just recently installed IMAP-UW through ports and once the install finished I got the following security message: SECURITY REPORT: This port has installed the following binaries which execute with increased privileges. /usr/local/libexec/mlock What can I do to minimize this security r

VLAN security question

I set up a FreeBSD box to be firewall/NAT/mailserver/etc. for a company, but that company subsequently went to a VoIP system, installed a Cisco switch, programmed the switch to route Internet traffic through the BSD box as before but also to route telephone traffic NOT through it, then set things u

Re: Security question - uids of 0

toor is a base system user. It is a default user. It is used for several reason and is secure as long as no one can access your console directly. On Monday 16 August 2004 09:57 am, James A. Coulter wrote: > The following appeared in my latest daily security run output: > > Checking for uids of 0

Re: Security question - uids of 0

On Mon, Aug 16, 2004 at 05:01:51PM +0200, Volker Kindermann wrote: > Hi James, > > > > The following appeared in my latest daily security run output: > > > > Checking for uids of 0: > > root 0 > > toor 0 > > > > This is the first time I've seen this message. > > > > I checked /etc/

Re: Security question - uids of 0

> > The following appeared in my latest daily security run output: > > Checking for uids of 0: > root 0 > toor 0 > > This is the first time I've seen this message. > > I checked /etc/passwd and found this: > > root:*:0:0:Charlie &:/root:/bin/csh > toor:*:0:0:Bourn

Re: Security question - uids of 0

On Mon, Aug 16, 2004 at 09:57:37AM -0500, James A. Coulter wrote: > The following appeared in my latest daily security run output: > > Checking for uids of 0: > root 0 > toor 0 > > This is the first time I've seen this message. > > I checked /etc/passwd and found this: > >

Re: Security question - uids of 0

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James A. Coulter wrote: | The following appeared in my latest daily security run output: | | Checking for uids of 0: | root 0 | toor 0 | | This is the first time I've seen this message. | | I checked /etc/passwd and found this: | |

Re: Security question - uids of 0

Hi James, > The following appeared in my latest daily security run output: > > Checking for uids of 0: > root 0 > toor 0 > > This is the first time I've seen this message. > > I checked /etc/passwd and found this: > > root:*:0:0:Charlie &:/root:/bin/csh > toor:*:

Security question - uids of 0

The following appeared in my latest daily security run output: Checking for uids of 0: root 0 toor 0 This is the first time I've seen this message. I checked /etc/passwd and found this: root:*:0:0:Charlie &:/root:/bin/csh toor:*:0:0:Bourne-again Superuser

Security Question

For some reason this does not look right. I'm using spamassen and I keep seeing this on my console. Does anyone know if this is okay or is this a big hole in spamassen? Aug 13 09:06:14 newman kernel: spamd[57121]: info: setuid to root succeeded Aug 13 09:06:14 newman kernel: Aug 13 09:06:14 ne

Re: Newbie Security Question

Hello James: Thats just letting you know that someone from that IP Address tried to access your system using the root account and the password they provided failed to authenticate. Could've been an ssh scanner or something of that nature. Most likely script kiddies. Make sure you do not allow

Re: Newbie Security Question

On Fri, Aug 06, 2004 at 08:26:01AM -0500, James A. Coulter wrote: > I recently got my firewall up and configured (many thanks to JJB and everyone else > for their help) and have been reading the daily security message from root with a > great deal of interest. > > My question is, when I see entr

Newbie Security Question

I recently got my firewall up and configured (many thanks to JJB and everyone else for their help) and have been reading the daily security message from root with a great deal of interest. My question is, when I see entries like this: Aug 5 17:55:54 sara sshd[2099]: Failed password for root fr

Re: Updating w. sysinstall (was: Security question)

Hi Kevin! On Wed, 19 Nov 2003, Kevin McKay wrote: > So it will not just grab the latest patched binaries for 5.1? Correct. > Is it just for updating between releases and not > for keeping the current release up to date? ...also correct, just updating between releases. Greetings, Mark _

Re: Security question

"Kevin McKay" <[EMAIL PROTECTED]> writes: You normally need to run the sysinstall from the version you're updating to. You could configure your system's sysinstall to load in the later version, and it should be compatible, but I don't know the syntax for that offhand... For reference,

Re: Security question

McKay" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Wednesday, November 19, 2003 11:18 PM > Subject: Re: Security question > > > > I don't know anything about using sysinstall for security > > patches/upgrades etc. WHat your looking for I

Re: Security question

dnesday, November 19, 2003 11:18 PM Subject: Re: Security question > I don't know anything about using sysinstall for security > patches/upgrades etc. WHat your looking for I think is cvsup. Please > read the handbook on Using CVSUP to get the latests source updates, > securi

Re: Security question

I don't know anything about using sysinstall for security patches/upgrades etc. WHat your looking for I think is cvsup. Please read the handbook on Using CVSUP to get the latests source updates, security patches for your release and even updating to a different RELEASE or -CURRENT or -STABLE. On W

Re: Security question

I don't know anything about using sysinstall for security patches/upgrades etc. WHat your looking for I think is cvsup. Please read the handbook on Using CVSUP to get the latests source updates, security patches for your release and even updating to a different RELEASE or -CURRENT or -STABLE. On W

Re: Security question

So it will not just grab the latest patched binaries for 5.1? I am not sure I understand. Is it just for updating between releases and not for keeping the current release up to date? Kevin Lowell Gilbert wrote: "Kevin McKay" <[EMAIL PROTECTED]> writes: I have read through the documentation

Re: Security question

"Kevin McKay" <[EMAIL PROTECTED]> writes: > I have read through the documentation but have not been able to find > a definite answer. I am running a pretty core install of 5.1 minimal > + bind9, postfix, apache, ssh, no ports collection. Here is my > question. When I run the binary update from sys

Re: Security question

I've never used sysinstall for anything but installing the operating system. I'm sure what you want is cvsup. Use the /usr/share/examples/cvsup/standard-supfile for updating source then follow instructions in handbook on make world to update the system. On Tue, 18 Nov 2003 21:09:03 -0800 "Kevin Mc

Security question

Hello, I have read through the documentation but have not been able to find a definite answer. I am running a pretty core install of 5.1 minimal + bind9, postfix, apache, ssh, no ports collection. Here is my question. When I run the binary update from sysinstall will that take care of the earli

Re: Beginner Security Question

On Mon, Nov 17, 2003 at 04:42:20PM -0800, Jon Cavalier wrote: > so now my question is, since i haven't really crossed > the next bridge which is to familiarize myself fully > with the security aspects of freebsd.. > > is this thing safe? Yes. You have to do three thing just like you have to do wi

RE: Beginner Security Question

y have different device here, that's ok moused_type="auto" moused_flags="-m 2=3" # config for 2 button mouse -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jon Cavalier Sent: Monday, November 17, 2003 7:42 PM To: [EMAIL PROTEC

Beginner Security Question

hello, after lots of research and configuration, i finally have a freebsd box with a comfortable custom interface, lots of multimedia bells and whistles, and shortcuts to all of my most-used applications. i'm still fumbling with text, in that i haven't found a way to cut and paste from one term

Re: Security question (simple).

uot;FreeBSD-questions" <[EMAIL PROTECTED]> (BSent: 2003$BG/(B8$B7n(B23$BF|(B 9:08 (BSubject: Security question (simple). (B (B (B___ (B[EMAIL PROTECTED] mailing list (Bhttp://lists.freebsd.org/mailman/listinfo/freebsd-questions (B

Security question (simple).

Hi, I'm fairly new to network/machine security (but I know enough to write some firewall rules, just the basics. I guess I'm getting on for novice, or something ;) I'm running two jails on my box, which has a dialup connection to the 'net. It's all firewalled off and only certain things are

Re: procmail security question

Today Dick Hoogendijk wrote: > Maybe a silly question but still, security has to be as high as > possible, so, here it is: > > I installed procmail and got the fbsd warning about the program running > with set user and group ID (root/mail) known as a security risk. > What about this message? Procm

procmail security question

Maybe a silly question but still, security has to be as high as possible, so, here it is: I installed procmail and got the fbsd warning about the program running with set user and group ID (root/mail) known as a security risk. What about this message? Procmail has persmission 6755. Is it nessacery

Re: security question - tcpdump

On Tue, Jul 16, 2002 at 02:37:15AM -0400, David Banning wrote: > I am trying to determine how people would read my port info and > pickup passwords and such. From everything I have read so far > about tcpdump and similar programs, doesn't the program have to be > run as root from -within- your sys

security question - tcpdump

I am trying to determine how people would read my port info and pickup passwords and such. From everything I have read so far about tcpdump and similar programs, doesn't the program have to be run as root from -within- your system? To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe