On Mon, Sep 30, 2002 at 09:43:34 +0200, Zeno Davatz wrote:
Can anyone give me a hint how to go about closing all the following port
execpt ssh, http, https?
1524/tcp openingreslock
12345/tcp openNetBus
12346/tcp openNetBus
27665/tcp openTrinoo_Master
On 30.9.2002 10:03 Uhr, Christian Schuerer-Waldheim [EMAIL PROTECTED] wrote:
Either stop all unused/unwanted services or use a firewall (iptables) to
protect your machine.
That is exactly what I am trying to do: stop all unwanted services. To me it
seems more difficult to to do then so say...
On Mon, 30 Sep 2002, Zeno Davatz wrote:
That is exactly what I am trying to do: stop all unwanted services. To me it
seems more difficult to to do then so say...
Can you give me a hint how to stop ie. tcpmux and finger?
find out what processes are listening on those ports. You can do it,
Hi
Disable services. Edited /etc/inetd.conf and add # to unwanted service or
use update-inetd program to complete task. Restart inetd super daemon
/etc/init.d/inetd restart
stop service ex /etc/init.d/named stop
/etc/init.d/program_name add beginning of script 'exit 0' examble of named
(listen
hi ya
looks like oyu didnt take care of inetd and other daemons
a start from this docs
http://www.debian.org/doc/manuals/securing-debian-howto/
rest of the hardening howto
- turn off inetd
- turn off un-needed daemons
- turn off un-needed services
- fix
On 30.9.2002 10:22 Uhr, Riku Valli [EMAIL PROTECTED] wrote:
Disable services. Edited /etc/inetd.conf and add # to unwanted service or
use update-inetd program to complete task. Restart inetd super daemon
/etc/init.d/inetd restart
Thanks I commented out all services from /etc/inetd.conf that I
On 30.9.2002 10:26 Uhr, Alvin Oga [EMAIL PROTECTED]
wrote:
looks like oyu didnt take care of inetd and other daemons
That is why I want to take care of them now...
a start from this docs
http://www.debian.org/doc/manuals/securing-debian-howto/
Thanks for the link.
- turn off un-needed
On 30.9.2002 10:54 Uhr, InfoEmergencias - Luis Gómez
[EMAIL PROTECTED] wrote:
fingerd is the name of the package :)
Thanks for the hint. Tried that also:
debian:/etc# apt-get --purge remove fingerd
Reading Package Lists... Done
Building Dependency Tree... Done
Package fingerd is not installed,
On Mon, Sep 30, 2002 at 11:03:17AM +0200, Zeno Davatz wrote:
On 30.9.2002 10:54 Uhr, InfoEmergencias - Luis Gómez
[EMAIL PROTECTED] wrote:
fingerd is the name of the package :)
Thanks for the hint. Tried that also:
debian:/etc# apt-get --purge remove fingerd
Reading Package Lists... Done
On 30.9.2002 11:19 Uhr, Tobias Overkamp [EMAIL PROTECTED]
wrote:
what does a
netstat -lnp|grep 79
say to you?
You should see the process that binds to the port...
Thanks - that is a nice command.
It give me:
debian:/etc/snort# netstat -lnp|grep 79
tcp0 0 0.0.0.0:79
On Mon, 30 Sep 2002, Zeno Davatz wrote:
It give me:
debian:/etc/snort# netstat -lnp|grep 79
tcp0 0 0.0.0.0:79 0.0.0.0:* LISTEN
303/portsentry
And I also found follwoing article witch I think is very interesting:
Hi.
Zeno Davatz wrote:
I am just gonna deinstall portsentry - why did I install it in the first
place???
In order to get informed in cases when there are (more or less) obvious
port scans? :)
Bye, Mike
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble?
I'm using the libpam-sfs PAM module, which lets users authenticate at
login and for importing directories in one single step. The binary
.deb that comes with Woody works fine. But...
Short version: when I try to compile it from source I hit a wall.
Anybody managed to compile it?
Long version:
You need the libgmp3-dev package for compiling...
Cheers.
On Mon, 2002-09-30 at 11:56, Massimiliano Mirra wrote:
I'm using the libpam-sfs PAM module, which lets users authenticate at
login and for importing directories in one single step. The binary
.deb that comes with Woody works fine.
On Mon, Sep 30, 2002 at 12:01:42PM +0200, Laurent Luyckx wrote:
You need the libgmp3-dev package for compiling...
Here already:
$ dpkg --status libgmp3-dev
Package: libgmp3-dev
Status: install ok installed
(And it's in the Build-Depends: of libpam-sfs, so dpkg-buildpackage
would have
Previously Massimiliano Mirra wrote:
Long version:
$ apt-get source libpam-sfs
E: Unable to find a source package for libpam-sfs
Make sure you have a deb-src entry for non-us in /etc/apt/sources.list
(and run apt-get update after adding it).
So I got it from SourceForge
On 30.9.2002 11:55 Uhr, Michael Renzmann [EMAIL PROTECTED] wrote:
In order to get informed in cases when there are (more or less) obvious
port scans? :)
I admit - I can not really recall.
Thanks for your help.
Zeno
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
Hi
Commonly fingerd will found inetd.conf and name as in.fingerd..., but there
are some replacement of fingerd examble cfingerd etc. Maybe some of these
variants start from /etc/init.d ?
I recommed you locate this daemon
Examble this way...
locate fingerd|more this should display all fingerd
On Mon, Sep 30, 2002 at 10:57:18AM +0900, Olaf Meeuwissen wrote:
fetchmail (5.9.11-6) testing-security; urgency=high
-- Henrique de Moraes Holschuh [EMAIL PROTECTED] Sat, 8 Jun 2002 09:40:46 -0300
kdenetwork (4:2.2.2-14.0woody1) testing-security; urgency=high
-- Daniel Jacobowitz
On Mon, Sep 30, 2002 at 12:09:14PM +0200, Wichert Akkerman wrote:
$ apt-get source libpam-sfs
E: Unable to find a source package for libpam-sfs
Make sure you have a deb-src entry for non-us in
/etc/apt/sources.list
Duh, stoopid me. Of course now it apt-gets it. It still bombs on
On Mon, 30 Sep 2002, Michael Renzmann wrote:
Hi.
Zeno Davatz wrote:
I am just gonna deinstall portsentry - why did I install it in the first
place???
In order to get informed in cases when there are (more or less) obvious
port scans? :)
i say scan the ports all you like
On Mon, Sep 30, 2002 at 07:24:17PM +0800, SDiZ (UHome) wrote:
Duh, stoopid me. Of course now it apt-gets it. It still bombs on
libsfscrypt, though.
did you add non-US source ?
some crypt program have not moved to main yet..
Yes, non-US source is there now (that was the reason apt-get
On Mon, 30 Sep 2002 14:02:54 +0200, Massimiliano Mirra
[EMAIL PROTECTED] wrote:
Yes, non-US source is there now (that was the reason apt-get source
libpam-sfs was not working in the first place). The problem with
libsfscrypt happens at configure time: the lib is there but configure
can't seem
On Mon, Sep 30, 2002 at 01:26:40PM +0100, Alan James wrote:
Yes, non-US source is there now (that was the reason apt-get source
libpam-sfs was not working in the first place). The problem with
libsfscrypt happens at configure time: the lib is there but configure
can't seem to find it:
You
On Mon, 30 Sep 2002 at 03:50:35AM -0700, Alvin Oga wrote:
but i wanna be able to saywishfully... if you attempt any real illegal
connections, that you're caught ... within a few minutes... and off we go
to lawyers ...
Actually, several Federal Courts have held port scanning does not
Olaf Meeuwissen wrote:
Olaf Meeuwissen [EMAIL PROTECTED] (that's me!) writes:
Dear .debs,
I recently wanted to apply security updates to a machine I'd installed
from woody pre6 CDs, hardened and upgraded to woody proper. [...]
Before applying the upgrades I checked whether there
On Mon, Sep 30, 2002 at 10:57:18AM +0900, Olaf Meeuwissen wrote:
Olaf Meeuwissen [EMAIL PROTECTED] (that's me!) writes:
Dear .debs,
I recently wanted to apply security updates to a machine I'd installed
from woody pre6 CDs, hardened and upgraded to woody proper. [...]
Before
Peter Mathiasson [EMAIL PROTECTED] writes:
On Mon, Sep 30, 2002 at 10:57:18AM +0900, Olaf Meeuwissen wrote:
fetchmail (5.9.11-6) testing-security; urgency=high
-- Henrique de Moraes Holschuh [EMAIL PROTECTED] Sat, 8 Jun 2002 09:40:46 -0300
kdenetwork (4:2.2.2-14.0woody1)
Hi List
I am an newbie and done a nmap -v of my local maschine that is supposed to
be put into the internet after I managed to close all the necessary ports.
Can anyone give me a hint how to go about closing all the following port
execpt ssh, http, https?
Port State Service
1/tcp
On Mon, Sep 30, 2002 at 09:43:34 +0200, Zeno Davatz wrote:
Can anyone give me a hint how to go about closing all the following port
execpt ssh, http, https?
1524/tcp openingreslock
12345/tcp openNetBus
12346/tcp openNetBus
27665/tcp openTrinoo_Master
On 30.9.2002 10:03 Uhr, Christian Schuerer-Waldheim [EMAIL PROTECTED] wrote:
Either stop all unused/unwanted services or use a firewall (iptables) to
protect your machine.
That is exactly what I am trying to do: stop all unwanted services. To me it
seems more difficult to to do then so say...
On Mon, 30 Sep 2002, Zeno Davatz wrote:
That is exactly what I am trying to do: stop all unwanted services. To me it
seems more difficult to to do then so say...
Can you give me a hint how to stop ie. tcpmux and finger?
find out what processes are listening on those ports. You can do it,
Hi
Disable services. Edited /etc/inetd.conf and add # to unwanted service or
use update-inetd program to complete task. Restart inetd super daemon
/etc/init.d/inetd restart
stop service ex /etc/init.d/named stop
/etc/init.d/program_name add beginning of script 'exit 0' examble of named
(listen
On 30.9.2002 10:22 Uhr, Riku Valli [EMAIL PROTECTED] wrote:
Disable services. Edited /etc/inetd.conf and add # to unwanted service or
use update-inetd program to complete task. Restart inetd super daemon
/etc/init.d/inetd restart
Thanks I commented out all services from /etc/inetd.conf that I
On 30.9.2002 10:26 Uhr, Alvin Oga [EMAIL PROTECTED]
wrote:
looks like oyu didnt take care of inetd and other daemons
That is why I want to take care of them now...
a start from this docs
http://www.debian.org/doc/manuals/securing-debian-howto/
Thanks for the link.
- turn off un-needed
On 30.9.2002 10:54 Uhr, InfoEmergencias - Luis Gómez
[EMAIL PROTECTED] wrote:
fingerd is the name of the package :)
Thanks for the hint. Tried that also:
debian:/etc# apt-get --purge remove fingerd
Reading Package Lists... Done
Building Dependency Tree... Done
Package fingerd is not installed,
On Mon, Sep 30, 2002 at 11:03:17AM +0200, Zeno Davatz wrote:
On 30.9.2002 10:54 Uhr, InfoEmergencias - Luis Gómez
[EMAIL PROTECTED] wrote:
fingerd is the name of the package :)
Thanks for the hint. Tried that also:
debian:/etc# apt-get --purge remove fingerd
Reading Package Lists... Done
On 30.9.2002 11:19 Uhr, Tobias Overkamp [EMAIL PROTECTED]
wrote:
what does a
netstat -lnp|grep 79
say to you?
You should see the process that binds to the port...
Thanks - that is a nice command.
It give me:
debian:/etc/snort# netstat -lnp|grep 79
tcp0 0 0.0.0.0:79
On Mon, 30 Sep 2002, Zeno Davatz wrote:
It give me:
debian:/etc/snort# netstat -lnp|grep 79
tcp0 0 0.0.0.0:79 0.0.0.0:* LISTEN
303/portsentry
And I also found follwoing article witch I think is very interesting:
Hi.
Zeno Davatz wrote:
I am just gonna deinstall portsentry - why did I install it in the first
place???
In order to get informed in cases when there are (more or less) obvious
port scans? :)
Bye, Mike
I'm using the libpam-sfs PAM module, which lets users authenticate at
login and for importing directories in one single step. The binary
.deb that comes with Woody works fine. But...
Short version: when I try to compile it from source I hit a wall.
Anybody managed to compile it?
Long version:
You need the libgmp3-dev package for compiling...
Cheers.
On Mon, 2002-09-30 at 11:56, Massimiliano Mirra wrote:
I'm using the libpam-sfs PAM module, which lets users authenticate at
login and for importing directories in one single step. The binary
.deb that comes with Woody works fine.
On Mon, Sep 30, 2002 at 12:01:42PM +0200, Laurent Luyckx wrote:
You need the libgmp3-dev package for compiling...
Here already:
$ dpkg --status libgmp3-dev
Package: libgmp3-dev
Status: install ok installed
(And it's in the Build-Depends: of libpam-sfs, so dpkg-buildpackage
would have
Previously Massimiliano Mirra wrote:
Long version:
$ apt-get source libpam-sfs
E: Unable to find a source package for libpam-sfs
Make sure you have a deb-src entry for non-us in /etc/apt/sources.list
(and run apt-get update after adding it).
So I got it from SourceForge
On 30.9.2002 11:55 Uhr, Michael Renzmann [EMAIL PROTECTED] wrote:
In order to get informed in cases when there are (more or less) obvious
port scans? :)
I admit - I can not really recall.
Thanks for your help.
Zeno
Hi
Commonly fingerd will found inetd.conf and name as in.fingerd..., but there
are some replacement of fingerd examble cfingerd etc. Maybe some of these
variants start from /etc/init.d ?
I recommed you locate this daemon
Examble this way...
locate fingerd|more this should display all fingerd
On Mon, Sep 30, 2002 at 10:57:18AM +0900, Olaf Meeuwissen wrote:
fetchmail (5.9.11-6) testing-security; urgency=high
-- Henrique de Moraes Holschuh [EMAIL PROTECTED] Sat, 8 Jun 2002
09:40:46 -0300
kdenetwork (4:2.2.2-14.0woody1) testing-security; urgency=high
-- Daniel
On Mon, Sep 30, 2002 at 12:09:14PM +0200, Wichert Akkerman wrote:
$ apt-get source libpam-sfs
E: Unable to find a source package for libpam-sfs
Make sure you have a deb-src entry for non-us in
/etc/apt/sources.list
Duh, stoopid me. Of course now it apt-gets it. It still bombs on
On Mon, 30 Sep 2002, Michael Renzmann wrote:
Hi.
Zeno Davatz wrote:
I am just gonna deinstall portsentry - why did I install it in the first
place???
In order to get informed in cases when there are (more or less) obvious
port scans? :)
i say scan the ports all you like
Massimiliano Mirra wrote:
Duh, stoopid me. Of course now it apt-gets it. It still bombs on
libsfscrypt, though.
did you add non-US source ?
some crypt program have not moved to main yet..
On Mon, Sep 30, 2002 at 07:24:17PM +0800, SDiZ (UHome) wrote:
Duh, stoopid me. Of course now it apt-gets it. It still bombs on
libsfscrypt, though.
did you add non-US source ?
some crypt program have not moved to main yet..
Yes, non-US source is there now (that was the reason apt-get
On Mon, 30 Sep 2002 14:02:54 +0200, Massimiliano Mirra
[EMAIL PROTECTED] wrote:
Yes, non-US source is there now (that was the reason apt-get source
libpam-sfs was not working in the first place). The problem with
libsfscrypt happens at configure time: the lib is there but configure
can't seem to
On Mon, Sep 30, 2002 at 01:26:40PM +0100, Alan James wrote:
Yes, non-US source is there now (that was the reason apt-get source
libpam-sfs was not working in the first place). The problem with
libsfscrypt happens at configure time: the lib is there but configure
can't seem to find it:
You
tags 144857 + patch
thanks
Package: libpam-sfs
Version: 0.2.2
Followup-For: Bug #144857
On Mon, Sep 30, 2002 at 02:43:16PM +0200, Massimiliano Mirra wrote:
Yes, non-US source is there now (that was the reason apt-get source
libpam-sfs was not working in the first place). The problem with
On Mon, 30 Sep 2002 at 03:50:35AM -0700, Alvin Oga wrote:
but i wanna be able to saywishfully... if you attempt any real illegal
connections, that you're caught ... within a few minutes... and off we go
to lawyers ...
Actually, several Federal Courts have held port scanning does not
Olaf Meeuwissen wrote:
Olaf Meeuwissen [EMAIL PROTECTED] (that's me!) writes:
Dear .debs,
I recently wanted to apply security updates to a machine I'd installed
from woody pre6 CDs, hardened and upgraded to woody proper. [...]
Before applying the upgrades I checked whether there
On Mon, Sep 30, 2002 at 10:57:18AM +0900, Olaf Meeuwissen wrote:
Olaf Meeuwissen [EMAIL PROTECTED] (that's me!) writes:
Dear .debs,
I recently wanted to apply security updates to a machine I'd installed
from woody pre6 CDs, hardened and upgraded to woody proper. [...]
Before
Peter Mathiasson [EMAIL PROTECTED] writes:
On Mon, Sep 30, 2002 at 10:57:18AM +0900, Olaf Meeuwissen wrote:
fetchmail (5.9.11-6) testing-security; urgency=high
-- Henrique de Moraes Holschuh [EMAIL PROTECTED] Sat, 8 Jun 2002
09:40:46 -0300
kdenetwork (4:2.2.2-14.0woody1)
Martin Schulze [EMAIL PROTECTED] writes:
Olaf Meeuwissen wrote:
Olaf Meeuwissen [EMAIL PROTECTED] (that's me!) writes:
Dear .debs,
I recently wanted to apply security updates to a machine I'd installed
from woody pre6 CDs, hardened and upgraded to woody proper. [...]
Matt Zimmerman [EMAIL PROTECTED] writes:
On Mon, Sep 30, 2002 at 10:57:18AM +0900, Olaf Meeuwissen wrote:
Olaf Meeuwissen [EMAIL PROTECTED] (that's me!) writes:
Dear .debs,
I recently wanted to apply security updates to a machine I'd installed
from woody pre6 CDs, hardened
60 matches
Mail list logo