Re: rogue Chinese crawler
## Howland, Curtis ([EMAIL PROTECTED]): Is there a drop from... command as well? I much prefer simply black-holing packets rather than giving back to the perp I'm here, but I know about you data by deny. Or is that what the Apache deny does? Apache's Deny from gives an error 403 (HTTP Forbidden). Regards, cmt -- Spare Space -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
openssh version numbers...
Ok. I have the good old open ssh 2.3.0-something. Now http://openssh.org/security.html says it is not vulnerable to cookie deletion or source based access control vulnerabilities (only 2.5.x-2.9.x, excluding 2.9.9, are). This is fine as long as I try to get woody's open ssh, which is 2.9psomething. Where does this version number fall in openssh's version numbering scheme? Between 2.8.(what ever was the biggest number here) and 2.9.0 or where? The answer to whether it is vulnerable or not might be enough but I am so confused about open ssh's version numbers: why do they change the whole _format_ of their version numbers??? 2.9 is lacking one minor version specifier as compared to 2.9.9, which has two. TIA. -- --- | Juha Jäykkä, [EMAIL PROTECTED]| | home: http://www.utu.fi/~juolja/ | --- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Printing a RFC on non-US PAPERsize
Quoting Igor Mozetic [EMAIL PROTECTED]: try http://RFC.net/ -Igor Mozetic -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] Any graphic artist who has to layout text from someone who grew up using a typewriter can tell you the problem. The formating has been hard coded in the text. Rather than let the computer handle the formating they used spaces and tabs to center or indent lines just as you would on an old-fashion typewriter; the result being that the formating completely falls apart when you try to print to a different paper size. You can see this by opening RFC822, for example, in StarOffice or Word and viewing the non-printing characters. Every space character used to center a line would have to be manually removed for the document to print well on another paper size. Dennis Kibbe Sahuaro Computers - Everyone should have http://www.freedom2surf.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: is 3des secure??
On Mon, Nov 26, 2001 at 12:17:32PM +1100, Steve Smith wrote: 3DES is generally considered strong enough. However, it is slow, and can effect performance. Try doing large 'scp's and switch between DES/3DES was designed to be implemented in hardware, doing a software-only implementation is going to be slow. 3DES and blowfish. Personally I prefer blowfish, as it has performance, is 'secure-enough' to my (less-than-expert) eye, and frankly I doubt anybody capable of defeating it is interested in what I have to say. Yup. -- Share and Enjoy. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Using dsniff
Hi guys. Have installed dsniff on a machine on the network here at home running debian and I'm trying to figure out how it works. Did get the url grabber and mail sniffer to work but can't seem to get the password capture program to work. Tried fireing up the dsniff app and telnetted from the machine running the program to another machine running Red Hat 7.1 to see if I could capture the telnet setion but I got no output from dsniff. If I use tcpdump I can see the packets comming over the wire but this doesn't show me the contents. Anyone had a problem reading the traffic off the network with dsniff. Am using the unstable distribution of debian. Thanks. Tommy -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
PAM questions
I'm just getting my nose into PAM, and I have a few questions. I am wondering which directives I need in what files. For example, is there some reason to have a password directive in the ssh file? Or should I just have password directives in the passwd and login files? Also, what permissions work for the pam files? I'd like to make them root.root and mode 600, but I don't want to do that if it's going to bork my system. FYI, here are the files I have in /etc/pam.d: chfn cron other ppp ssh sudo xscreensaver chsh login passwd screen su vlock thanks, crh -- Corey R. Halpin (http://www.cae.wisc.edu/~halpin/ ) Student of Electrical Engineering and Computer Sciences University of Wisconsin-Madison -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Remote Root Exploit in ice-cast server
From the changelog of the woody package: icecast-server (1:1.3.8.beta2-5) unstable; urgency=high Closes: #83527 * Security vulnerability http://lwn.net/2001/0125/a/sec-icecast.php3 fixed Andrew Tait System Administrator Country NetLink Pty, Ltd E-Mail: [EMAIL PROTECTED] WWW: http://www.cnl.com.au 30 Bank St Cobram, VIC 3644, Australia Ph: +61 (03) 58 711 000 Fax: +61 (03) 58 711 874 It's the smell! If there is such a thing. Agent Smith - The Matrix - Original Message - From: Jeremy C. Reed [EMAIL PROTECTED] To: Andrew Tait [EMAIL PROTECTED] Sent: Tuesday, November 27, 2001 4:21 AM Subject: Re: Real Server On Mon, 26 Nov 2001, Andrew Tait wrote: I just noticed that the stable icecast-server debian package has a major security problem! I have e-mailed the debain security list with more details. It appears you didn't start your own thread -- but replied to another debian-security posting. Hopefully, it is not missed/overlooked. In addition, your root exploit is not shown. How can anyone test or verify this? Jeremy C. Reed ... BSD software, documentation, resources, news... http://bsd.reedmedia.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Printing a RFC on non-US PAPERsize
On Mon, Nov 26, 2001 at 11:02:36AM +0100, Lambrecht, Joris wrote:
I'm getting a stomach ache trying to figure out how best to print an RFC
without having the impression i'm printing drafts of a draft. The formatting
goes bananas when i try to print it on any known paper size (A4 Letter ...).
Does there exist a website, a tool or a procedure to make rfc's printable in
an adequate way ?
Hi,
I've used a simple script that strips all white space between the end of
the page and the start of the next space and inserts a page break there
instead. Basically, that should modify the drafts so that they can be
properly printed on any paper size. Though, I've only tested A4.
I'll attach my boosted script that also downloads the requested
rfc/draft and then reformats it as described above. But beware, the
logic to determine the location of page break is extremely stupid.
Don't count on getting the rfc's intact :)
Oh, and mpage -2 works nicely for the printing part...
--
Tommi Komulainen [EMAIL PROTECTED]
GPG 1024D/68388EE66FD6 DD79 EB38 BF6F 3533 09C0 04A8 9871 6838 8EE6
#!/usr/bin/env python
SERVER,RFCDIR,DRAFTDIR = 'ftp.funet.fi','/rfc','/internet-drafts'
import sys
if len(sys.argv) 2:
sys.stderr.write(\
usage: rfc-get [rfc-number | draft-name] ...
)
sys.exit(1)
import ftplib,os
ftp = ftplib.FTP(SERVER)
ftp.set_pasv(1)
ftp.login()
import re
end_re = re.compile(r'^\S+.+\[Page \d+]\s*$')
start_re = re.compile(r'^(Internet|RFC)\s.+$')
for arg in sys.argv[1:]:
if arg[:3] == 'rfc': arg = arg[3:]
elif arg[:6] == 'draft-': arg = arg[6:]
if arg[-4:] == '.txt': arg = arg[:-4]
try:
arg = int(arg)
filename = 'rfc%d.txt' % arg
dir = RFCDIR
except ValueError:
filename = 'draft-%s.txt' % arg
dir = DRAFTDIR
print 'retrieving %s/%s' % (dir,filename)
ftp.cwd(dir)
printable = 1
file = open(filename, 'wt')
def printer(line):
global file,printable
if end_re.match(line):
file.write(line + '\n')
file.write('\f\n')
printable = 0
elif start_re.match(line):
file.write(line + '\n')
printable = 1
elif printable:
file.write(line + '\n')
try:
try: ftp.retrlines('RETR ' + filename, printer)
finally: file.close()
except ftplib.error_perm, err:
print err
os.unlink(filename)
ftp.quit()
msg04702/pgp0.pgp
Description: PGP signature
Re: Printing a RFC on non-US PAPERsize
On Mon, 26 Nov 2001, Lambrecht, Joris wrote: [ Please reply to all - this address is not subscribed to the list ] Does there exist a website, a tool or a procedure to make rfc's printable in an adequate way ? Well, if it's all that big a problem for you, view it as a text file under a suitable browser (e.g.Netscape); then print from there. -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Printing a RFC on non-US PAPERsize
:-) Been there, done that, don't work. To bad. Thanks anyway. Why is it so hard to find an RFC that fits page/page onto an A4 format, boehoe . . . I kind of remember there was a website wich mirrored the rfc's in various formats including pdf ... maybe that's the one that worked for me. I don't feel much like manually inserting page-breaks to get a decent print-out. Regards, Joris []-Original Message- []From: Martin WHEELER [mailto:[EMAIL PROTECTED]] []Sent: Monday, November 26, 2001 1:08 PM []To: Lambrecht, Joris []Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' []Subject: Re: Printing a RFC on non-US PAPERsize [] [] []On Mon, 26 Nov 2001, Lambrecht, Joris wrote: [] [] [ Please reply to all - this address is not subscribed to the list ] [] [] Does there exist a website, a tool or a procedure to make []rfc's printable in [] an adequate way ? [] []Well, if it's all that big a problem for you, view it as a text []file under a suitable browser (e.g.Netscape); then print from there. []-- [] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Printing a RFC on non-US PAPERsize
On Mon, 26 Nov 2001, Lambrecht, Joris wrote: Been there, done that, don't work. Ok, I'm with you now. Official ASCII RFCs only come pre-formatted to a number of lines/page that suits both American Letter and A4. to find an RFC that fits page/page onto an A4 format, boehoe . . . I kind of remember there was a website wich mirrored the rfc's in various formats including pdf ... maybe that's the one that worked for me. There is an unofficial RFC PDF site at: http://www.cs.utk.edu/~moore/RFC-PDF/ which serves up RFCs in PDF format, preserving the page-breaks of the original text. Was that the one? HTH -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: is 3des secure??
On Sun, Nov 25, 2001 at 11:29:22PM -0600, Warren Turkal wrote: On Saturday 24 November 2001 03:28 am, Johannes Weiss wrote: So, because of this my question is: Is 3des secure enough?? The putty website (search for it on google) has something to say about the security of des algorithm, which AFAIK it doesn't support. It is important to distinguish between DES and 3DES. DES, which cryptographically secure (i.e. there is no known flaw in the algorithm) uses too short a key to be considered secure. 3DES is a great deal more secure. I was not able to find references to the PuTTY author's opinion on the security of DES or 3DES on his web site, but I do know that PuTTY does support 3DES, if not DES. Also, it is worth noting that if you use the standard unix crypt(3) passwords, then you are using a variant of DES which has the addition of the 16 bit salt. noah -- ___ | A subversive is anyone who can out-argue their government | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html pgpewfLeztLna.pgp Description: PGP signature
Re: is 3des secure??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 26 November 2001 12:08 am, Noah L. Meyerhans wrote: I was not able to find references to the PuTTY author's opinion on the security of DES or 3DES on his web site, but I do know that PuTTY does support 3DES, if not DES. I was thinking DSA, which putty does now also support. Sorry. - -- Warren GPG Fingerprint: 30C8 BDF1 B133 14CB 832F 2C5D 99A1 A19F 559D 9E88 GPG Public Key @ http://www.cbu.edu/~wturkal/wturkal.gpg - -BEGIN GEEK CODE BLOCK- Version: 3.12 GCS d- s: a-- C++ UL+ P+ L+++ E W++ N+ o-- K- w--- O M+ V-- PS+ PE Y+ PGP++ t 5 X R tv+ b+ DI+ D+ G e h-- r y? - --END GEEK CODE BLOCK-- -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8Ad+3maGhn1WdnogRAiQTAJ0fCdUtQRqUqWY+Jd+WVgA0524YEACdGJvA IJipWx26Bia/SHz2kN8Z5Jk= =jN8I -END PGP SIGNATURE-
Re: rogue Chinese crawler
## Howland, Curtis ([EMAIL PROTECTED]): Is there a drop from... command as well? I much prefer simply black-holing packets rather than giving back to the perp I'm here, but I know about you data by deny. Or is that what the Apache deny does? Apache's Deny from gives an error 403 (HTTP Forbidden). Regards, cmt -- Spare Space
Printing a RFC on non-US PAPERsize
[ Please reply to all - this address is not subscribed to the list ] Hi, A bit of an unusual question but ... I'm getting a stomach ache trying to figure out how best to print an RFC without having the impression i'm printing drafts of a draft. The formatting goes bananas when i try to print it on any known paper size (A4 Letter ...). Does there exist a website, a tool or a procedure to make rfc's printable in an adequate way ? Thank You, Joris Lambrecht - - - Ebone NOC IP Operations Operations : http://www.ebone.com/ebone.nsf/goto/6030
Re: Printing a RFC on non-US PAPERsize
On Mon, 26 Nov 2001, Lambrecht, Joris wrote: [ Please reply to all - this address is not subscribed to the list ] Does there exist a website, a tool or a procedure to make rfc's printable in an adequate way ? Well, if it's all that big a problem for you, view it as a text file under a suitable browser (e.g.Netscape); then print from there. --
Re: Printing a RFC on non-US PAPERsize
:-) Been there, done that, don't work. To bad. Thanks anyway. Why is it so hard to find an RFC that fits page/page onto an A4 format, boehoe . . . I kind of remember there was a website wich mirrored the rfc's in various formats including pdf ... maybe that's the one that worked for me. I don't feel much like manually inserting page-breaks to get a decent print-out. Regards, Joris []-Original Message- []From: Martin WHEELER [mailto:[EMAIL PROTECTED] []Sent: Monday, November 26, 2001 1:08 PM []To: Lambrecht, Joris []Cc: 'debian-user@lists.debian.org'; 'debian-security@lists.debian.org' []Subject: Re: Printing a RFC on non-US PAPERsize [] [] []On Mon, 26 Nov 2001, Lambrecht, Joris wrote: [] [] [ Please reply to all - this address is not subscribed to the list ] [] [] Does there exist a website, a tool or a procedure to make []rfc's printable in [] an adequate way ? [] []Well, if it's all that big a problem for you, view it as a text []file under a suitable browser (e.g.Netscape); then print from there. []-- []
Re: Printing a RFC on non-US PAPERsize
try http://RFC.net/ -Igor Mozetic
Re: Printing a RFC on non-US PAPERsize
On Mon, 26 Nov 2001, Lambrecht, Joris wrote: Been there, done that, don't work. Ok, I'm with you now. Official ASCII RFCs only come pre-formatted to a number of lines/page that suits both American Letter and A4. to find an RFC that fits page/page onto an A4 format, boehoe . . . I kind of remember there was a website wich mirrored the rfc's in various formats including pdf ... maybe that's the one that worked for me. There is an unofficial RFC PDF site at: http://www.cs.utk.edu/~moore/RFC-PDF/ which serves up RFCs in PDF format, preserving the page-breaks of the original text. Was that the one? HTH --
openssh version numbers...
Ok. I have the good old open ssh 2.3.0-something. Now http://openssh.org/security.html says it is not vulnerable to cookie deletion or source based access control vulnerabilities (only 2.5.x-2.9.x, excluding 2.9.9, are). This is fine as long as I try to get woody's open ssh, which is 2.9psomething. Where does this version number fall in openssh's version numbering scheme? Between 2.8.(what ever was the biggest number here) and 2.9.0 or where? The answer to whether it is vulnerable or not might be enough but I am so confused about open ssh's version numbers: why do they change the whole _format_ of their version numbers??? 2.9 is lacking one minor version specifier as compared to 2.9.9, which has two. TIA. -- --- | Juha Jäykkä, [EMAIL PROTECTED]| | home: http://www.utu.fi/~juolja/ | ---
Re: Printing a RFC on non-US PAPERsize
Quoting Igor Mozetic [EMAIL PROTECTED]: try http://RFC.net/ -Igor Mozetic -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] Any graphic artist who has to layout text from someone who grew up using a typewriter can tell you the problem. The formating has been hard coded in the text. Rather than let the computer handle the formating they used spaces and tabs to center or indent lines just as you would on an old-fashion typewriter; the result being that the formating completely falls apart when you try to print to a different paper size. You can see this by opening RFC822, for example, in StarOffice or Word and viewing the non-printing characters. Every space character used to center a line would have to be manually removed for the document to print well on another paper size. Dennis Kibbe Sahuaro Computers - Everyone should have http://www.freedom2surf.net/
Re: is 3des secure??
On Mon, Nov 26, 2001 at 12:17:32PM +1100, Steve Smith wrote: 3DES is generally considered strong enough. However, it is slow, and can effect performance. Try doing large 'scp's and switch between DES/3DES was designed to be implemented in hardware, doing a software-only implementation is going to be slow. 3DES and blowfish. Personally I prefer blowfish, as it has performance, is 'secure-enough' to my (less-than-expert) eye, and frankly I doubt anybody capable of defeating it is interested in what I have to say. Yup. -- Share and Enjoy.
Re: Printing a RFC on non-US PAPERsize
On Mon, Nov 26, 2001 at 11:02:36AM +0100, Lambrecht, Joris wrote:
I'm getting a stomach ache trying to figure out how best to print an RFC
without having the impression i'm printing drafts of a draft. The formatting
goes bananas when i try to print it on any known paper size (A4 Letter ...).
Does there exist a website, a tool or a procedure to make rfc's printable in
an adequate way ?
Hi,
I've used a simple script that strips all white space between the end of
the page and the start of the next space and inserts a page break there
instead. Basically, that should modify the drafts so that they can be
properly printed on any paper size. Though, I've only tested A4.
I'll attach my boosted script that also downloads the requested
rfc/draft and then reformats it as described above. But beware, the
logic to determine the location of page break is extremely stupid.
Don't count on getting the rfc's intact :)
Oh, and mpage -2 works nicely for the printing part...
--
Tommi Komulainen [EMAIL PROTECTED]
GPG 1024D/68388EE66FD6 DD79 EB38 BF6F 3533 09C0 04A8 9871 6838 8EE6
#!/usr/bin/env python
SERVER,RFCDIR,DRAFTDIR = 'ftp.funet.fi','/rfc','/internet-drafts'
import sys
if len(sys.argv) 2:
sys.stderr.write(\
usage: rfc-get [rfc-number | draft-name] ...
)
sys.exit(1)
import ftplib,os
ftp = ftplib.FTP(SERVER)
ftp.set_pasv(1)
ftp.login()
import re
end_re = re.compile(r'^\S+.+\[Page \d+]\s*$')
start_re = re.compile(r'^(Internet|RFC)\s.+$')
for arg in sys.argv[1:]:
if arg[:3] == 'rfc': arg = arg[3:]
elif arg[:6] == 'draft-': arg = arg[6:]
if arg[-4:] == '.txt': arg = arg[:-4]
try:
arg = int(arg)
filename = 'rfc%d.txt' % arg
dir = RFCDIR
except ValueError:
filename = 'draft-%s.txt' % arg
dir = DRAFTDIR
print 'retrieving %s/%s' % (dir,filename)
ftp.cwd(dir)
printable = 1
file = open(filename, 'wt')
def printer(line):
global file,printable
if end_re.match(line):
file.write(line + '\n')
file.write('\f\n')
printable = 0
elif start_re.match(line):
file.write(line + '\n')
printable = 1
elif printable:
file.write(line + '\n')
try:
try: ftp.retrlines('RETR ' + filename, printer)
finally: file.close()
except ftplib.error_perm, err:
print err
os.unlink(filename)
ftp.quit()
pgptQWqyWSTam.pgp
Description: PGP signature
Using dsniff
Hi guys. Have installed dsniff on a machine on the network here at home running debian and I'm trying to figure out how it works. Did get the url grabber and mail sniffer to work but can't seem to get the password capture program to work. Tried fireing up the dsniff app and telnetted from the machine running the program to another machine running Red Hat 7.1 to see if I could capture the telnet setion but I got no output from dsniff. If I use tcpdump I can see the packets comming over the wire but this doesn't show me the contents. Anyone had a problem reading the traffic off the network with dsniff. Am using the unstable distribution of debian. Thanks. Tommy
PAM questions
I'm just getting my nose into PAM, and I have a few questions. I am wondering which directives I need in what files. For example, is there some reason to have a password directive in the ssh file? Or should I just have password directives in the passwd and login files? Also, what permissions work for the pam files? I'd like to make them root.root and mode 600, but I don't want to do that if it's going to bork my system. FYI, here are the files I have in /etc/pam.d: chfn cron other ppp ssh sudo xscreensaver chsh login passwd screen su vlock thanks, crh -- Corey R. Halpin (http://www.cae.wisc.edu/~halpin/ ) Student of Electrical Engineering and Computer Sciences University of Wisconsin-Madison
Remote Root Exploit in ice-cast server
From the changelog of the woody package: icecast-server (1:1.3.8.beta2-5) unstable; urgency=high Closes: #83527 * Security vulnerability http://lwn.net/2001/0125/a/sec-icecast.php3 fixed Andrew Tait System Administrator Country NetLink Pty, Ltd E-Mail: [EMAIL PROTECTED] WWW: http://www.cnl.com.au 30 Bank St Cobram, VIC 3644, Australia Ph: +61 (03) 58 711 000 Fax: +61 (03) 58 711 874 It's the smell! If there is such a thing. Agent Smith - The Matrix - Original Message - From: Jeremy C. Reed [EMAIL PROTECTED] To: Andrew Tait [EMAIL PROTECTED] Sent: Tuesday, November 27, 2001 4:21 AM Subject: Re: Real Server On Mon, 26 Nov 2001, Andrew Tait wrote: I just noticed that the stable icecast-server debian package has a major security problem! I have e-mailed the debain security list with more details. It appears you didn't start your own thread -- but replied to another debian-security posting. Hopefully, it is not missed/overlooked. In addition, your root exploit is not shown. How can anyone test or verify this? Jeremy C. Reed ... BSD software, documentation, resources, news... http://bsd.reedmedia.net/
