I made lenny packages for my machines. I could share them if you want?
On Wed, Oct 1, 2014 at 1:28 PM, Nikolay Hristov ge...@stemo.bg wrote:
Hello there,
I know that this is outdated debian release and it is in the archives but
I still have 6 servers running Lenny and I don't want to upgrade
Still, when someone offers their help there really is no need
to play a smart ass as you did. The only thing you might achieve doing
that is a) direct rebuttals (my e-mail) and b) mild propositions to
build patched packages yourself.
Admittedly I didn't read the email as properly as I
This is a me too email.
I found one overlooked machine that was compromised on 16th of December.
The usual process related things replaced:
free pgrep pmap skillsnice tload uptime w
kill pkill psslabtop sysctl topvmstat watch
All of these were chattr +ai, as if that was
On Wed, Dec 22, 2010 at 2:06 PM, Bastian Blank wa...@debian.org wrote:
This looks like the rootkit I found somewhere in the internet:
| 137a3bbda16034d34307a9d686e6fdb45b3c8683 procps/free
| 5db25350dd15d3f1e63a4ff44fa85b72c21df72d procps/kill
| eeab165a2cf06feb327fa996f35271c076e992bc
http://www.reddit.com/r/netsec/comments/en650/details_of_the_root_kit_that_go
With the exception of replacing /etc/exim4/exim.conf, its pretty much
exactly what happened to me :-)
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble?
On Sat, Dec 18, 2010 at 4:25 PM, Andrew McGlashan
andrew.mcglas...@affinityvision.com.au wrote:
Oh and HP's iLO might need an advanced license for virtual media to work,
not sure about that yet. I picked up a nice DL380 G4 with the advanced iLO
license already installed.
Yup, I've also
No question, reinstall.
I agree, this is a root exploit, and once you have root you can pretty
much hide anything you want.
On a side note, the patch even applies cleanly on older versions of
exim (such as 4.63), so if you're stuck with an older exim for
whatever reason (like I am), its easy
On Fri, Dec 17, 2010 at 3:44 PM, Thorsten Göllner t...@ovm-group.com wrote:
Your are (both) right. I will reinstall.
What would be really nice though, is if you could do some kind of
post-mortem. I am always curious to know the techniques of the
black-hats, makes for nice war-stories around the
2009/7/11 Maurice Guerrier guelo...@yahoo.com:
Je suis sur debian avec GNOME comme interface graphique, j'utilise un
clavier US c'est a dire QWERTY comment dois-je faire pour avoir les
caracteres accentues.
I don't read french, but I know avec means with and I assume
clavier means keyboard. It
On Thu, Jun 4, 2009 at 5:00 PM, sthu.d...@gmail.com wrote:
Ok, what is Your opinion on qemu guest - does it offer more
protection/guarantee?
The differences are in how much is virtualised.
Vserver does very little virtualisation and focuses on isolation.
There is no virtual cpu, virtual
On Fri, Jun 5, 2009 at 9:54 AM, Izak Burgerisbur...@gmail.com wrote:
If you push me for an answer, I'll say qemu, virtualbox and/or vmware
should be safer, but in practice I will likely choose vserver because
there is way less complexity involved and much better performance.
One more thing.
On Wed, Jun 3, 2009 at 5:53 PM, john lists.j...@gmail.com wrote:
I'd be interested to hear some recommendations for IDS to run on
internet facing servers. Especially from the point of view of ease of
installation, ease of maintenance, quality of the tool, and ability to
have it deliver really
On Mon, Jun 1, 2009 at 12:26 PM, Vladislav Kurz
vladislav.k...@webstep.net wrote:
Well, this really looks suspicious. Look for unexpected processes running,
open ports, etc. Directory /dev/shm/ is world-writable like /tmp, so chances
are that the attacker did not gain root yet. But he might
On Tue, Jun 2, 2009 at 6:42 PM, Wade Richards w...@wabyn.net wrote:
Don't obsess on root access. Any unauthorized use is a problem.
You are right of course. Right after I sent my message saying that
perhaps the machine hasn't been exploited yet I realised how wrong
such a view is. Someone
On Sat, Feb 14, 2009 at 6:19 AM, Chip Panarchy forumanar...@gmail.com wrote:
Which 256-bit encryption is the best? Camellia or AES?
From the wikipedia article it seems they are the same as far as
strength goes, but Camellia is supposedly a little more efficient (ie
less/smaller cpu and that sort
On Thu, Feb 12, 2009 at 10:37 PM, Lupe Christoph l...@lupe-christoph.de wrote:
Mode 600 will deny /etc to everybody except root while it will change
nothing for root. If you have any services on your system that run under
non-root UIDs, and that have config under /etc, you hose them with any
Stephen Vaughan stephenvaug...@gmail.com wrote:
When will people learn not to set auto replies
Nothing wrong with a proper auto-reply (one that does some decent
caching, only replies once a day, avoids mailing lists and things with
precedence: bulk, etc etc).
The problem IMHO is that that is
On Wed, Dec 10, 2008 at 6:51 PM, Carlos Carrero Gutierrez
[EMAIL PROTECTED] wrote:
Hi, i would like to freeze my linux in order to freeze the OS, then,
when I reboot the computer all changes that i made in the computer
dissapears and it returns to the previous OS freezed.
Cross posting is bad
On Wed, Dec 10, 2008 at 7:40 PM, Sjors Gielen [EMAIL PROTECTED] wrote:
He doesn't mean a suspend to disk, which is what I thought too, first.
He wants to make his installation frozen, i.e., changes aren't saved
over reboots. I don't know how to do it, but maybe this clears up his
original
On Thu, Jun 12, 2008 at 7:06 AM, Andreas Kretschmer
[EMAIL PROTECTED] wrote:
Sowas an eine Mailingliste? Das ist, sorry, asozial.
Probably one of those features where you upload your address book (or
give them your gmail username/password) and it automatically invites
everyone. An honest mistake
On Thu, May 15, 2008 at 9:58 PM, Guido Hennecke
[EMAIL PROTECTED] wrote:
In Germany we say: Wer nichts macht, macht auch nichts verkehrt.
Which means: he who does nothing makes no mistakes. (For those who
don't understand German)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
On 8/20/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Software failures *are* in the worst cases life threatening, and
everyday non-safety-critical systems can easily be a very serious
nuisiance to other users.
I propose we stick a label on: This software is not meant to be run in
life
On 8/16/07, Ondrej Zajicek [EMAIL PROTECTED] wrote:
And if there is no firewall (or other
hand-crafted protective measures), then there is no need for
rp_filter. So on common workstation there is no need for
rp_filter too.
I also don't see why you need rp_filter on a workstation. A
On 8/16/07, Jack T Mudge III [EMAIL PROTECTED] wrote:
My personal view is that there are plenty of simpler distributions out there,
knoppix for first-time users, Ubuntu/Suse for novices, and RedHat for people
who need hand-holding. Debian is primarily for advanced users, and for users
who have
On 12/17/06, Thorsten Schmidt [EMAIL PROTECTED] wrote:
However, this requires alpha having a ssh-key. Furthermore I'm not in charge
with alpha's security, thus I've to make sure, that a attacker, who gained
access to alpha's ssh-key is not able to compromis beta (well, he might be
able to delete
On 10/18/06, Matvey Gladkikh [EMAIL PROTECTED] wrote:
Stop using blobs like nvidia videodriver in debian.
Force them to go opensource!
Can the opensource driver do proper acceleration yet?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
On 9/18/06, Morgan Walker [EMAIL PROTECTED] wrote:
I was just wondering if there was a package/script out there that could be
used to notify the sys. admin every time a user logged into a debian system.
The simplest two ways, as was already noted, is to add something to
/etc/profile or some
On 8/26/06, Michelle Konzack [EMAIL PROTECTED] wrote:
Never had autoinstalled nfs-common and lpr...
Those are definitly installed by default, at least in stable, or it
was installed the last time I installed stable. IIRC so is
nfs-kernel-server, although it is disabled by default since
On 8/20/06, kevin bailey [EMAIL PROTECTED] wrote:
I'm sure it's been included in to the default setup for a reason - but I
will be removing it on most servers.
I always remove it after the installation (about the same time when I
get rid of nvi and install vim). I see no point for it to be
On 8/11/06, Christian Schuerer [EMAIL PROTECTED] wrote:
Isn't it strange that there is an DHCP client running on lo? I don't get the
point of doing that.
The pid is the same for all three (29184), so it is obviously a
process that binds to 0.0.0.0, and as a result, ends up listening on
lo as
Hi all,
Had an argument over the weekend about which kernels are vulnerable to
the exploit that was used to take gluck down. I maintained that only
kernels = 2.6.13 and = 2.6.17.4 are vulnerable, but in the end I
proved myself wrong when I took the exploit code, changed the line
that says:
On 7/17/06, Izak Burger [EMAIL PROTECTED] wrote:
--- snip ---
and ran it on a sarge box running 2.6.8 (not sure exactly which
version), and STILL got a root prompt back.
--- snip ---
Ok, I'm an idiot. I cannot for the life of me reproduce the
problem now. I recall accidently running
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Izak Burger ([EMAIL PROTECTED])
http://www.cs.sun.ac.za/
Tel. +27 21 808 4863
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
A big enough hammer can usually fix anything.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Izak Burger ([EMAIL PROTECTED])
http://www.cs.sun.ac.za/
Tel. +27 21 808 4863
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
A big enough hammer can usually fix anything.
ed library that
makes writes to the syslog go to stdout instead. You can then simply pipe
it into multilog.
regards,
Izak
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Izak Burger ([EMAIL PROTECTED])
http://www.linuxuser.co.za/
Tel. +27 8
that
makes writes to the syslog go to stdout instead. You can then simply pipe
it into multilog.
regards,
Izak
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Izak Burger ([EMAIL PROTECTED])
http://www.linuxuser.co.za/
Tel. +27 83 274 9199
I think you're thinking about BSD process accounting. It provides a way
to tell the kernel to write process information to a file. I have never
worked with it before, but now you have a bit more to go on :)
regards,
Izak Burger
On Mon, 5 Mar 2001, Miguel ngel Var Giner wrote:
Niklas Hglund
I think you're thinking about BSD process accounting. It provides a way
to tell the kernel to write process information to a file. I have never
worked with it before, but now you have a bit more to go on :)
regards,
Izak Burger
On Mon, 5 Mar 2001, Miguel Ángel Varó Giner wrote:
Niklas
, it installs a
whole lot of things I'm REALLY not interested in. These days I try to
stick with apt-get.
regards,
Izak Burger
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Izak Burger ([EMAIL PROTECTED])
http://www.cs.sun.ac.za/
Tel. +27 21 808 4863
39 matches
Mail list logo