Heute abend
Hi, ich werd wohl heute mit dem Fahrad hochfahren. Kannst du mir bitte das ladegeraete fuers Handy mit auf den Berg bringen? mfg Andy -- --- Optel Informatik GmbH Rathausallee 10 53757 St. Augustin Germany Tel.: +49 2241 9211020 Fax : +49 2241 9211029 Email: [EMAIL PROTECTED] --- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
On Mon, Jul 28, 2003 at 11:38:51AM -0700, Bruce Banner wrote: > When were they patched? And how do I know when they > are patched and when they are available? Is there > somewhere I can find this info? You could subscribe to debian-changes@lists.debian.org See http://lists.debian.org/debian-changes/ Marcin PS: please reply _below_ the citation and cut unneeded text. -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: Kernel 2.4.21 Forwarding table vulnerability
On Mon, Jul 28, 2003 at 11:38:51AM -0700, Bruce Banner wrote: > When were they patched? And how do I know when they > are patched and when they are available? Is there > somewhere I can find this info? You could subscribe to [EMAIL PROTECTED] See http://lists.debian.org/debian-changes/ Marcin PS: please reply _below_ the citation and cut unneeded text. -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Advice Needed On Recent Rootings
On Tue, Jun 03, 2003 at 10:01:33AM -0700, Mark Ferlatte wrote: > Phillip Hofmeister said on Tue, Jun 03, 2003 at 10:02:09AM -0400: > > However, for the most part, chrooting is a valid countermeasure/method > > to compartmentalize. It is a shame that no distribution comes with > > packages natively created with/for chrooting. > > I believe that OpenBSD does. > Yes it does. Although I don't believe that the way to go is chrooting since it makes it very difficult to ease upgrades. > Also, Debian's Bind 9 package is pretty trivial to chroot (although it doesn't > by default). Debian's postfix package does chroot by default, although you > tend to have to turn it off if you want to use things like postfix-tls or > SASL. There are a number of patches in the BTS to make bind work in a chroot environment out of the box, using bind's own chroot functionality. In any case, there are also a number of packages to provide an easy way to setup chroot/restricted environments (makejail and compartment come to mind). In any case I don't think that chrooting is the way to go here, it was built to be used as a testing/programing tool, not really a security tool. There are number of (Linux) patches to provide full compartimentalization of processes in the system which might be the way to go. Just my 2c. Regards Javi pgpAHioJp25By.pgp Description: PGP signature
Re: Kernel 2.4.21 Forwarding table vulnerability
Thanks for the info. I don't like depending on Red Hat for security fixes. I want to rely on Debian for this kind of stuff I just didn't know where to find it. Thanks --- Ulrich Scholler <[EMAIL PROTECTED]> wrote: > Hi Bruce, > > On Mon Jul 28, 2003 at 11:38:51 -0700, Bruce Banner > wrote: > > When were they patched? And how do I know when > they > > are patched and when they are available? Is there > > somewhere I can find this info? I found the Red > Hat > > info on Bugtraq but there was no mention of Debian > > Source anywhere. > > You can go to http://packages.qa.debian.org/, search > for a package of > your choice (for instance kernel-source-2.4.20) and > check the "Latest > News". These contain a brief description of the > changes in a package, > in the same format as in > /usr/share/doc//changelog.Debian.gz. > > regards, > > uLI > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: Kernel 2.4.21 Forwarding table vulnerability
Hi Bruce, On Mon Jul 28, 2003 at 11:38:51 -0700, Bruce Banner wrote: > When were they patched? And how do I know when they > are patched and when they are available? Is there > somewhere I can find this info? I found the Red Hat > info on Bugtraq but there was no mention of Debian > Source anywhere. You can go to http://packages.qa.debian.org/, search for a package of your choice (for instance kernel-source-2.4.20) and check the "Latest News". These contain a brief description of the changes in a package, in the same format as in /usr/share/doc//changelog.Debian.gz. regards, uLI
Re: Kernel 2.4.21 Forwarding table vulnerability
When were they patched? And how do I know when they are patched and when they are available? Is there somewhere I can find this info? I found the Red Hat info on Bugtraq but there was no mention of Debian Source anywhere. Thanks --- Matthijs Mohlmann <[EMAIL PROTECTED]> wrote: > Why download the source from RedHat? The source from > debian is also > patched with needed patches. > > apt-get install kernel-source > > On Mon, 2003-07-28 at 19:05, Bruce Banner wrote: > > You can download Red Hats > > kernel-source-2.4.20-19.9.i386.rpm run alien > against > > it and install the dpkg'ed kernel-source.deb. I > have > > been forced to do this in the past to get patches > that > > havn't been released or in the main stream kernel > from > > kernel.org yet. > > > > > > Peace > > --- Phillip Hofmeister <[EMAIL PROTECTED]> > wrote: > > > If I do use bridging...is there a patch? > > > > > > What is the consequences of an unpatched system? > (In > > > more detail than > > > below) > > > > > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert > Xu > > > wrote: > > > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > > > Bruce Banner <[EMAIL PROTECTED]> > writes: > > > > > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered > that > > > the Forwarding table > > > > >> could be spoofed by sending forged packets > with > > > bogus source > > > > >> addresses the same as the local host. > > > > > > > > > > Ah, this one. I don't even know if it's > about > > > IP. > > > > > > > > > > As usual, Red Hat's advisory is a joke. > *sigh* > > > > > > > > If you don't use bridging then it doesn't > affect > > > you. > > > > -- > > > > Debian GNU/Linux 3.0 is out! ( > > > http://www.debian.org/ ) > > > > Email: Herbert Xu ~{PmV>HI~} > > > <[EMAIL PROTECTED]> > > > > Home Page: > http://gondor.apana.org.au/~herbert/ > > > > PGP Key: > > > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > > > > > > > > > > > -- > > > Phillip Hofmeister > > > > > > PGP/GPG Key: > > > http://www.zionlth.org/~plhofmei/ > > > wget -O - > http://www.zionlth.org/~plhofmei/key.txt | > > > gpg --import > > > -- > > > Excuse #20: Monitor resolution too high > > > > > > > > > -- > > > To UNSUBSCRIBE, email to > > > [EMAIL PROTECTED] > > > with a subject of "unsubscribe". Trouble? > Contact > > > [EMAIL PROTECTED] > > > > > > > > > __ > > Do you Yahoo!? > > Yahoo! SiteBuilder - Free, easy-to-use web site > design software > > http://sitebuilder.yahoo.com > > > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: Advice Needed On Recent Rootings
On Tue, Jun 03, 2003 at 10:01:33AM -0700, Mark Ferlatte wrote: > Phillip Hofmeister said on Tue, Jun 03, 2003 at 10:02:09AM -0400: > > However, for the most part, chrooting is a valid countermeasure/method > > to compartmentalize. It is a shame that no distribution comes with > > packages natively created with/for chrooting. > > I believe that OpenBSD does. > Yes it does. Although I don't believe that the way to go is chrooting since it makes it very difficult to ease upgrades. > Also, Debian's Bind 9 package is pretty trivial to chroot (although it doesn't > by default). Debian's postfix package does chroot by default, although you > tend to have to turn it off if you want to use things like postfix-tls or SASL. There are a number of patches in the BTS to make bind work in a chroot environment out of the box, using bind's own chroot functionality. In any case, there are also a number of packages to provide an easy way to setup chroot/restricted environments (makejail and compartment come to mind). In any case I don't think that chrooting is the way to go here, it was built to be used as a testing/programing tool, not really a security tool. There are number of (Linux) patches to provide full compartimentalization of processes in the system which might be the way to go. Just my 2c. Regards Javi pgp0.pgp Description: PGP signature
Re: Advice Needed On Recent Rootings
On Tue, Jun 03, 2003 at 10:02:09AM -0400, Phillip Hofmeister wrote: > On Mon, 02 Jun 2003 at 03:38:21PM -0500, Adam Majer wrote: > > With something like sendmail or apache, it only needs to see a very > > limited part of the file system, so even braking these will not do > > any real damage. > > Don't get too over confident about chrooting Apache. One Apache process > runs as root. This means if there is an exploit that sends arbitrary > code across the shared scoreboard it could be ran as root and break out > of the jail. First, sorry for my very late reply :) I'm just reading the messages here now... Anyway, I wasn't talking about chroot. I was talking about grsecurity and ACLs (I think). Then you specify what each process is allowed to do and see (even root cannot get passed that). You can make Apache see only the directories that you want it to see. You can also specify that Apache cannot initiate a connection (except to trusted nameserver for instance) and it can only listen on port 80. With other features of grsecurity like stack randomization, Apache becomes pretty much explot-proof... - Adam
Re: Kernel 2.4.21 Forwarding table vulnerability
Thanks for the info. I don't like depending on Red Hat for security fixes. I want to rely on Debian for this kind of stuff I just didn't know where to find it. Thanks --- Ulrich Scholler <[EMAIL PROTECTED]> wrote: > Hi Bruce, > > On Mon Jul 28, 2003 at 11:38:51 -0700, Bruce Banner > wrote: > > When were they patched? And how do I know when > they > > are patched and when they are available? Is there > > somewhere I can find this info? I found the Red > Hat > > info on Bugtraq but there was no mention of Debian > > Source anywhere. > > You can go to http://packages.qa.debian.org/, search > for a package of > your choice (for instance kernel-source-2.4.20) and > check the "Latest > News". These contain a brief description of the > changes in a package, > in the same format as in > /usr/share/doc//changelog.Debian.gz. > > regards, > > uLI > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Hi Bruce, On Mon Jul 28, 2003 at 11:38:51 -0700, Bruce Banner wrote: > When were they patched? And how do I know when they > are patched and when they are available? Is there > somewhere I can find this info? I found the Red Hat > info on Bugtraq but there was no mention of Debian > Source anywhere. You can go to http://packages.qa.debian.org/, search for a package of your choice (for instance kernel-source-2.4.20) and check the "Latest News". These contain a brief description of the changes in a package, in the same format as in /usr/share/doc//changelog.Debian.gz. regards, uLI -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Why download the source from RedHat? The source from debian is also patched with needed patches. apt-get install kernel-source On Mon, 2003-07-28 at 19:05, Bruce Banner wrote: > You can download Red Hats > kernel-source-2.4.20-19.9.i386.rpm run alien against > it and install the dpkg'ed kernel-source.deb. I have > been forced to do this in the past to get patches that > havn't been released or in the main stream kernel from > kernel.org yet. > > > Peace > --- Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > > If I do use bridging...is there a patch? > > > > What is the consequences of an unpatched system? (In > > more detail than > > below) > > > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu > > wrote: > > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > > the Forwarding table > > > >> could be spoofed by sending forged packets with > > bogus source > > > >> addresses the same as the local host. > > > > > > > > Ah, this one. I don't even know if it's about > > IP. > > > > > > > > As usual, Red Hat's advisory is a joke. *sigh* > > > > > > If you don't use bridging then it doesn't affect > > you. > > > -- > > > Debian GNU/Linux 3.0 is out! ( > > http://www.debian.org/ ) > > > Email: Herbert Xu ~{PmV>HI~} > > <[EMAIL PROTECTED]> > > > Home Page: http://gondor.apana.org.au/~herbert/ > > > PGP Key: > > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > > > > > > -- > > Phillip Hofmeister > > > > PGP/GPG Key: > > http://www.zionlth.org/~plhofmei/ > > wget -O - http://www.zionlth.org/~plhofmei/key.txt | > > gpg --import > > -- > > Excuse #20: Monitor resolution too high > > > > > > -- > > To UNSUBSCRIBE, email to > > [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > > [EMAIL PROTECTED] > > > > > __ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software > http://sitebuilder.yahoo.com >
Re: Kernel 2.4.21 Forwarding table vulnerability
You can download Red Hats kernel-source-2.4.20-19.9.i386.rpm run alien against it and install the dpkg'ed kernel-source.deb. I have been forced to do this in the past to get patches that havn't been released or in the main stream kernel from kernel.org yet. Peace --- Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > If I do use bridging...is there a patch? > > What is the consequences of an unpatched system? (In > more detail than > below) > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu > wrote: > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > the Forwarding table > > >> could be spoofed by sending forged packets with > bogus source > > >> addresses the same as the local host. > > > > > > Ah, this one. I don't even know if it's about > IP. > > > > > > As usual, Red Hat's advisory is a joke. *sigh* > > > > If you don't use bridging then it doesn't affect > you. > > -- > > Debian GNU/Linux 3.0 is out! ( > http://www.debian.org/ ) > > Email: Herbert Xu ~{PmV>HI~} > <[EMAIL PROTECTED]> > > Home Page: http://gondor.apana.org.au/~herbert/ > > PGP Key: > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > -- > Phillip Hofmeister > > PGP/GPG Key: > http://www.zionlth.org/~plhofmei/ > wget -O - http://www.zionlth.org/~plhofmei/key.txt | > gpg --import > -- > Excuse #20: Monitor resolution too high > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: Kernel 2.4.21 Forwarding table vulnerability
When were they patched? And how do I know when they are patched and when they are available? Is there somewhere I can find this info? I found the Red Hat info on Bugtraq but there was no mention of Debian Source anywhere. Thanks --- Matthijs Mohlmann <[EMAIL PROTECTED]> wrote: > Why download the source from RedHat? The source from > debian is also > patched with needed patches. > > apt-get install kernel-source > > On Mon, 2003-07-28 at 19:05, Bruce Banner wrote: > > You can download Red Hats > > kernel-source-2.4.20-19.9.i386.rpm run alien > against > > it and install the dpkg'ed kernel-source.deb. I > have > > been forced to do this in the past to get patches > that > > havn't been released or in the main stream kernel > from > > kernel.org yet. > > > > > > Peace > > --- Phillip Hofmeister <[EMAIL PROTECTED]> > wrote: > > > If I do use bridging...is there a patch? > > > > > > What is the consequences of an unpatched system? > (In > > > more detail than > > > below) > > > > > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert > Xu > > > wrote: > > > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > > > Bruce Banner <[EMAIL PROTECTED]> > writes: > > > > > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered > that > > > the Forwarding table > > > > >> could be spoofed by sending forged packets > with > > > bogus source > > > > >> addresses the same as the local host. > > > > > > > > > > Ah, this one. I don't even know if it's > about > > > IP. > > > > > > > > > > As usual, Red Hat's advisory is a joke. > *sigh* > > > > > > > > If you don't use bridging then it doesn't > affect > > > you. > > > > -- > > > > Debian GNU/Linux 3.0 is out! ( > > > http://www.debian.org/ ) > > > > Email: Herbert Xu ~{PmV>HI~} > > > <[EMAIL PROTECTED]> > > > > Home Page: > http://gondor.apana.org.au/~herbert/ > > > > PGP Key: > > > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > > > > > > > > > > > -- > > > Phillip Hofmeister > > > > > > PGP/GPG Key: > > > http://www.zionlth.org/~plhofmei/ > > > wget -O - > http://www.zionlth.org/~plhofmei/key.txt | > > > gpg --import > > > -- > > > Excuse #20: Monitor resolution too high > > > > > > > > > -- > > > To UNSUBSCRIBE, email to > > > [EMAIL PROTECTED] > > > with a subject of "unsubscribe". Trouble? > Contact > > > [EMAIL PROTECTED] > > > > > > > > > __ > > Do you Yahoo!? > > Yahoo! SiteBuilder - Free, easy-to-use web site > design software > > http://sitebuilder.yahoo.com > > > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Herbert Xu <[EMAIL PROTECTED]> writes: >>> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table >>> could be spoofed by sending forged packets with bogus source >>> addresses the same as the local host. >> >> Ah, this one. I don't even know if it's about IP. >> >> As usual, Red Hat's advisory is a joke. *sigh* > > If you don't use bridging then it doesn't affect you. Do you know where a detailed advisory can be found? Thanks.
Re: Woody security updates report.
On Mon, Jul 28, 2003 at 09:18:31AM -0500, Andr?s Rold?n wrote: >Hi all. > >I have a Debian Woody up-to-date'd production server (it's daily updated) and >I need a report of the security updates made in the server since a given time >ago >(a month, a couple of months or so). > >Is there any way, a tool or something to do that? > >Thanks in advance. ls -rltu /var/lib/dpkg/info/*list will give you a pretty good indication, then use some regex and dpkg commands to identify the exact version installed. // George -- GEORGE GEORGALIS, System Admin/Architectcell: 646-331-2027< Security Services, Web, Mail,mailto:[EMAIL PROTECTED] Multimedia, DB, DNS and Metrics. http://www.galis.org/george
Re: Advice Needed On Recent Rootings
On Tue, Jun 03, 2003 at 10:02:09AM -0400, Phillip Hofmeister wrote: > On Mon, 02 Jun 2003 at 03:38:21PM -0500, Adam Majer wrote: > > With something like sendmail or apache, it only needs to see a very > > limited part of the file system, so even braking these will not do > > any real damage. > > Don't get too over confident about chrooting Apache. One Apache process > runs as root. This means if there is an exploit that sends arbitrary > code across the shared scoreboard it could be ran as root and break out > of the jail. First, sorry for my very late reply :) I'm just reading the messages here now... Anyway, I wasn't talking about chroot. I was talking about grsecurity and ACLs (I think). Then you specify what each process is allowed to do and see (even root cannot get passed that). You can make Apache see only the directories that you want it to see. You can also specify that Apache cannot initiate a connection (except to trusted nameserver for instance) and it can only listen on port 80. With other features of grsecurity like stack randomization, Apache becomes pretty much explot-proof... - Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Why download the source from RedHat? The source from debian is also patched with needed patches. apt-get install kernel-source On Mon, 2003-07-28 at 19:05, Bruce Banner wrote: > You can download Red Hats > kernel-source-2.4.20-19.9.i386.rpm run alien against > it and install the dpkg'ed kernel-source.deb. I have > been forced to do this in the past to get patches that > havn't been released or in the main stream kernel from > kernel.org yet. > > > Peace > --- Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > > If I do use bridging...is there a patch? > > > > What is the consequences of an unpatched system? (In > > more detail than > > below) > > > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu > > wrote: > > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > > the Forwarding table > > > >> could be spoofed by sending forged packets with > > bogus source > > > >> addresses the same as the local host. > > > > > > > > Ah, this one. I don't even know if it's about > > IP. > > > > > > > > As usual, Red Hat's advisory is a joke. *sigh* > > > > > > If you don't use bridging then it doesn't affect > > you. > > > -- > > > Debian GNU/Linux 3.0 is out! ( > > http://www.debian.org/ ) > > > Email: Herbert Xu ~{PmV>HI~} > > <[EMAIL PROTECTED]> > > > Home Page: http://gondor.apana.org.au/~herbert/ > > > PGP Key: > > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > > > > > > -- > > Phillip Hofmeister > > > > PGP/GPG Key: > > http://www.zionlth.org/~plhofmei/ > > wget -O - http://www.zionlth.org/~plhofmei/key.txt | > > gpg --import > > -- > > Excuse #20: Monitor resolution too high > > > > > > -- > > To UNSUBSCRIBE, email to > > [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > > [EMAIL PROTECTED] > > > > > __ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software > http://sitebuilder.yahoo.com > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
You can download Red Hats kernel-source-2.4.20-19.9.i386.rpm run alien against it and install the dpkg'ed kernel-source.deb. I have been forced to do this in the past to get patches that havn't been released or in the main stream kernel from kernel.org yet. Peace --- Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > If I do use bridging...is there a patch? > > What is the consequences of an unpatched system? (In > more detail than > below) > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu > wrote: > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > the Forwarding table > > >> could be spoofed by sending forged packets with > bogus source > > >> addresses the same as the local host. > > > > > > Ah, this one. I don't even know if it's about > IP. > > > > > > As usual, Red Hat's advisory is a joke. *sigh* > > > > If you don't use bridging then it doesn't affect > you. > > -- > > Debian GNU/Linux 3.0 is out! ( > http://www.debian.org/ ) > > Email: Herbert Xu ~{PmV>HI~} > <[EMAIL PROTECTED]> > > Home Page: http://gondor.apana.org.au/~herbert/ > > PGP Key: > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > -- > Phillip Hofmeister > > PGP/GPG Key: > http://www.zionlth.org/~plhofmei/ > wget -O - http://www.zionlth.org/~plhofmei/key.txt | > gpg --import > -- > Excuse #20: Monitor resolution too high > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Beware there is also a vulnerability in the spanning tree implementation as well so. Peace --- Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > If I do use bridging...is there a patch? > > What is the consequences of an unpatched system? (In > more detail than > below) > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu > wrote: > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > the Forwarding table > > >> could be spoofed by sending forged packets with > bogus source > > >> addresses the same as the local host. > > > > > > Ah, this one. I don't even know if it's about > IP. > > > > > > As usual, Red Hat's advisory is a joke. *sigh* > > > > If you don't use bridging then it doesn't affect > you. > > -- > > Debian GNU/Linux 3.0 is out! ( > http://www.debian.org/ ) > > Email: Herbert Xu ~{PmV>HI~} > <[EMAIL PROTECTED]> > > Home Page: http://gondor.apana.org.au/~herbert/ > > PGP Key: > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > -- > Phillip Hofmeister > > PGP/GPG Key: > http://www.zionlth.org/~plhofmei/ > wget -O - http://www.zionlth.org/~plhofmei/key.txt | > gpg --import > -- > Excuse #20: Monitor resolution too high > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: Kernel 2.4.21 Forwarding table vulnerability
Herbert Xu <[EMAIL PROTECTED]> writes: >>> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table >>> could be spoofed by sending forged packets with bogus source >>> addresses the same as the local host. >> >> Ah, this one. I don't even know if it's about IP. >> >> As usual, Red Hat's advisory is a joke. *sigh* > > If you don't use bridging then it doesn't affect you. Do you know where a detailed advisory can be found? Thanks. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Woody security updates report.
On Mon, Jul 28, 2003 at 09:18:31AM -0500, Andr?s Rold?n wrote: >Hi all. > >I have a Debian Woody up-to-date'd production server (it's daily updated) and >I need a report of the security updates made in the server since a given time ago >(a month, a couple of months or so). > >Is there any way, a tool or something to do that? > >Thanks in advance. ls -rltu /var/lib/dpkg/info/*list will give you a pretty good indication, then use some regex and dpkg commands to identify the exact version installed. // George -- GEORGE GEORGALIS, System Admin/Architectcell: 646-331-2027< Security Services, Web, Mail,mailto:[EMAIL PROTECTED] Multimedia, DB, DNS and Metrics. http://www.galis.org/george -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Woody security updates report.
Hi all. I have a Debian Woody up-to-date'd production server (it's daily updated) and I need a report of the security updates made in the server since a given time ago (a month, a couple of months or so). Is there any way, a tool or something to do that? Thanks in advance. -- Andres Roldan <[EMAIL PROTECTED]> http://people.fluidsignal.com/~aroldan CSO, Fluidsignal Group
Re: Kernel 2.4.21 Forwarding table vulnerability
If I do use bridging...is there a patch? What is the consequences of an unpatched system? (In more detail than below) On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu wrote: > Florian Weimer <[EMAIL PROTECTED]> wrote: > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > >> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table > >> could be spoofed by sending forged packets with bogus source > >> addresses the same as the local host. > > > > Ah, this one. I don't even know if it's about IP. > > > > As usual, Red Hat's advisory is a joke. *sigh* > > If you don't use bridging then it doesn't affect you. > -- > Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) > Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt > > > -- Phillip Hofmeister PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import -- Excuse #20: Monitor resolution too high
Re: Kernel 2.4.21 Forwarding table vulnerability
Beware there is also a vulnerability in the spanning tree implementation as well so. Peace --- Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > If I do use bridging...is there a patch? > > What is the consequences of an unpatched system? (In > more detail than > below) > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu > wrote: > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > the Forwarding table > > >> could be spoofed by sending forged packets with > bogus source > > >> addresses the same as the local host. > > > > > > Ah, this one. I don't even know if it's about > IP. > > > > > > As usual, Red Hat's advisory is a joke. *sigh* > > > > If you don't use bridging then it doesn't affect > you. > > -- > > Debian GNU/Linux 3.0 is out! ( > http://www.debian.org/ ) > > Email: Herbert Xu ~{PmV>HI~} > <[EMAIL PROTECTED]> > > Home Page: http://gondor.apana.org.au/~herbert/ > > PGP Key: > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > -- > Phillip Hofmeister > > PGP/GPG Key: > http://www.zionlth.org/~plhofmei/ > wget -O - http://www.zionlth.org/~plhofmei/key.txt | > gpg --import > -- > Excuse #20: Monitor resolution too high > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Woody security updates report.
Hi all. I have a Debian Woody up-to-date'd production server (it's daily updated) and I need a report of the security updates made in the server since a given time ago (a month, a couple of months or so). Is there any way, a tool or something to do that? Thanks in advance. -- Andres Roldan <[EMAIL PROTECTED]> http://people.fluidsignal.com/~aroldan CSO, Fluidsignal Group -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
If I do use bridging...is there a patch? What is the consequences of an unpatched system? (In more detail than below) On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu wrote: > Florian Weimer <[EMAIL PROTECTED]> wrote: > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > >> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table > >> could be spoofed by sending forged packets with bogus source > >> addresses the same as the local host. > > > > Ah, this one. I don't even know if it's about IP. > > > > As usual, Red Hat's advisory is a joke. *sigh* > > If you don't use bridging then it doesn't affect you. > -- > Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) > Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt > > > -- Phillip Hofmeister PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import -- Excuse #20: Monitor resolution too high -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Thanks, --- Herbert Xu <[EMAIL PROTECTED]> wrote: > Florian Weimer <[EMAIL PROTECTED]> wrote: > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > the Forwarding table > >> could be spoofed by sending forged packets with > bogus source > >> addresses the same as the local host. > > > > Ah, this one. I don't even know if it's about IP. > > > > As usual, Red Hat's advisory is a joke. *sigh* > > If you don't use bridging then it doesn't affect > you. > -- > Debian GNU/Linux 3.0 is out! ( > http://www.debian.org/ ) > Email: Herbert Xu ~{PmV>HI~} > <[EMAIL PROTECTED]> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: > http://gondor.apana.org.au/~herbert/pubkey.txt > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: Kernel 2.4.21 Forwarding table vulnerability
Florian Weimer <[EMAIL PROTECTED]> wrote: > Bruce Banner <[EMAIL PROTECTED]> writes: > >> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table >> could be spoofed by sending forged packets with bogus source >> addresses the same as the local host. > > Ah, this one. I don't even know if it's about IP. > > As usual, Red Hat's advisory is a joke. *sigh* If you don't use bridging then it doesn't affect you. -- Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: Kernel 2.4.21 Forwarding table vulnerability
Thanks, --- Herbert Xu <[EMAIL PROTECTED]> wrote: > Florian Weimer <[EMAIL PROTECTED]> wrote: > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > the Forwarding table > >> could be spoofed by sending forged packets with > bogus source > >> addresses the same as the local host. > > > > Ah, this one. I don't even know if it's about IP. > > > > As usual, Red Hat's advisory is a joke. *sigh* > > If you don't use bridging then it doesn't affect > you. > -- > Debian GNU/Linux 3.0 is out! ( > http://www.debian.org/ ) > Email: Herbert Xu ~{PmV>HI~} > <[EMAIL PROTECTED]> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: > http://gondor.apana.org.au/~herbert/pubkey.txt > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Florian Weimer <[EMAIL PROTECTED]> wrote: > Bruce Banner <[EMAIL PROTECTED]> writes: > >> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table >> could be spoofed by sending forged packets with bogus source >> addresses the same as the local host. > > Ah, this one. I don't even know if it's about IP. > > As usual, Red Hat's advisory is a joke. *sigh* If you don't use bridging then it doesn't affect you. -- Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]