Hi, On Tue, 12 Feb 2002, Larry Platzek wrote: > How much effor would be required to update DUCLING to include use the > newer version of FreeS/wan?
Probably not much. The easiest route would require stripping the IPSec-enabled Dachstein distribution down. The purpose of DUCLING was to put a working VPN/Firewall on a single diskette for people to play with. It was more of a proof-of-concept than a serious tool. As far as going adding a second floppy ... its been done. Dachstein works well, unless you feel you can improve upon this. I don't know if everything would still fit (I believe it still would). I found the most time-consuming part of the whole thing was testing and documentation. I would readily do an update, but I'm pretty busy right now. If anyone wishes to update DUCLING, I would gladly encourage them to do so. Regards, Duncan. On Tue, 12 Feb 2002, Larry Platzek wrote: > How much effor would be required to update DUCLING to include use the > newer version of FreeS/wan? I would guess not a lot. By updating > the potential problems are removed and a better version is obtained. > > Besides maybe needing a second diskette any reason that the external > interface be analog modem instead of an ethernet connection? > The reason I ask someone asked me, so thought would ask here. > Thank you. > > > > Larry Platzek [EMAIL PROTECTED] > > > On Mon, 11 Feb 2002, Charles Steinkuehler wrote: > > > Date: Mon, 11 Feb 2002 10:45:42 -0600 > > From: Charles Steinkuehler <[EMAIL PROTECTED]> > > To: Duncan Napier <[EMAIL PROTECTED]> > > Cc: [EMAIL PROTECTED] > > Subject: [Leaf-user] Re: Obsidian.E virus? > > > > > > Message: 1 > > > > Date: Fri, 8 Feb 2002 08:21:49 -0600 > > > > > > > > I have been informed that Panda Antyvirus Platinum on Windows XP reports > > > > that the file /usr/bin/tr contained as part of ipsec.lrp (apparently > > version > > > > 1.5 or earlier, since there is no tr command included in my latest ipsec > > > > 1.91 package) is infected by the Linux/Obsidian.E virus. > > > > > > > > I'm currently trying to verify this, and track down exactly what the > > > > Obsidian virus is supposed to do. If anyone has any information on this > > > > virus, or can help verify the file is/is not infected, I would greatly > > > > appreciate it. > > > > > > > > I currently have no idea if this is simply a false positive, or if there > > is > > > > actually a problem, but wanted to let everyone know just in case. > > > > > > > Any news on the status of this? I am somewhat concerned too, since the > > > DUCLING release uses the Eigerstein FreeS/WAN 1.5 distribution. > > > > > > It is now available at LEAF: > > > > > > http://sourceforge.net/project/showfiles.php?group_id=13751 > > > > > > courtey of Mike Noyes. Should I ask for it to be taken down? > > > > No, I think everything is OK. > > > > For those concerned about the reported Obsidian virus contained in the > > /usr/bin/tr utility of my IPSec packages, here's the current status: > > > > - Marcin Bulandra reported that Panda Antyvirus Platinum on his Windows XP > > machhine listed /usr/bin/tr (contained within the ipsec.lrp tar.gz file) as > > being infected with the Obsidian.E virus. > > > > - Several folks have checked this file with alternate virus scanners, and > > the file is not listed as infected > > > > - The information I have been able to gather online indicates that > > Obsidian.E is a linux elf virus, which infects files by pre-pending it's apx > > 8K virus payload to an executable file, creating a file with two elf headers > > (one for the original file, and one for the virus. > > > > - Examination of the file in question indicates only a single elf header > > > > - The file-size (19008 bytes) does not seem to allow for an 8K virus > > payload...this is one of the smallest tr binaries on any of my systems. > > > > - Examination of the output of strace does not reveal anything that looks > > out of the ordinary (ie virus code running prior to the actual tr functions) > > when running the tr utility > > > > I suspect at this point that something about how Panda Antyvirus Platinum is > > scanning files for the Obsidian virus yields a false positive for the tr > > binary included in my older IPSec packages. > > > > Charles Steinkuehler > > http://lrp.steinkuehler.net > > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) > > > > > > > > _______________________________________________ > > Leaf-user mailing list > > [EMAIL PROTECTED] > > https://lists.sourceforge.net/lists/listinfo/leaf-user > > > -- -------------------------------------------------------------------------- Duncan Napier email:[EMAIL PROTECTED] Napier Systems Research Ph:(604) 781-2398 http://www.napiersys.bc.ca _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user