ulimits
Hello, Recently a friend of mine was kind enough to hit refresh 700 times after requesting a depth 5 recursive validation from the validator on my web server. It's load levels went to above 150, hehe. Took me a couple of minutes to log in, and a couple to su to root, and more than 5 minutes to get the killall validate.cgi command executed. Quite amazing that the machine survived it all. GNU/Linux rules! ;) Now I realise the time has come for me to set up some ulimits. I have some queries about the workings of /etc/security/ and /etc/pam.d/. If I set up limits in /etc/security/limits.conf, this will only apply to pam-enabled services with pam_limits.so in the corresponding file in /etc/pam.d/ ? Or does login cover everything? I see the following in pam.d/kde: password required pam_unix.so nullok obscure min=4 max=8 md5 What is the effect of this? I wanted to make my passwords 6 to 12, so I editted pam.d/login, is it necessary to e.g. edit the kde one too? (Everything appears to work well.) How would I give apache some ulimits, so that it doesn't spawn too many validators, or eat too much ram? (To me it doesn't look like simply editting /etc/security/limits.conf will work out of the box ?) Thanks, Hugo van der Merwe ps: please CC. (busy week) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
(A little OT) Introduction to cryptography
Hi all, As you are the only security-related list I'm subscribed to and cryptography has something to do with security, I'm directing this question to this list. I want to inform myself about the internal workings of some simple cryptographic algorithm. Now, there's the problem that when I look on the internet I either get introductions to some cryptosystems (PGP/X.509) or mathematic describtions that go beyond my mathematic knowledge (especially as I'm German and know these mathematical terms only in German). So I wanted to ask if anyone of you knows an easy-to-understand and yet complete explanation of a cryptographic algorithm. I already thought of looking into the libssl-sources, but I don't think I will understand them either without knowing about the algorithms. Thanks for your help in advance, Philippe -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: (A little OT) Introduction to cryptography
On Fri, 23 Mar 2001, Philippe Seidel wrote: Dear Philippe, only in German). So I wanted to ask if anyone of you knows an easy-to-understand and yet complete explanation of a cryptographic algorithm. I really suggest that you try to get a copy of Bruce Schneier's Applied Cryptography. It is using examples that are easy to understand without missing the necessary depth. There's also a German translation of the book available, see http://www.amazon.de/exec/obidos/ASIN/3893198547/ However I don't know how good the translation is. Reading the original might be more fun, and will probably help you improve your English at the same time. Alex -- Life is what happens to you while you're busy making other plans. John Lennon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ulimits
Hello, Here are some answers to the questions you asked. If anyone realizes that any of the information is incorrect or inaccurate, please feel free to correct me :-) On Sat, 23 Mar 2002 09:30:36 +0200 Hugo van der Merwe [EMAIL PROTECTED] wrote: Hello, Recently a friend of mine was kind enough to hit refresh 700 times after requesting a depth 5 recursive validation from the validator on my web server. It's load levels went to above 150, hehe. Took me a couple of minutes to log in, and a couple to su to root, and more than 5 minutes to get the killall validate.cgi command executed. Quite amazing that the machine survived it all. GNU/Linux rules! ;) Now I realise the time has come for me to set up some ulimits. I have some queries about the workings of /etc/security/ and /etc/pam.d/. If I set up limits in /etc/security/limits.conf, this will only apply to pam-enabled services with pam_limits.so in the corresponding file in /etc/pam.d/ ? Or does login cover everything? If you edit /etc/pam.d/login to use pam_limit.so, it will set up limits for UIDs that utilize the login program (i.e. /bin/login) in some way. I see the following in pam.d/kde: password required pam_unix.so nullok obscure min=4 max=8 md5 What is the effect of this? I wanted to make my passwords 6 to 12, so I editted pam.d/login, is it necessary to e.g. edit the kde one too? (Everything appears to work well.) When a PAM module has the control flag of password, the module is concerned with password management, such as setting/resetting the authentication token of a user. The line actually has no bearing on password creation, since the file that would really matter for that would be /etc/pam.d/passwd; in a simple sense it means that whenever KDE makes a call to refresh the user's authentication token, it will only care about a maximum of 8 characters of a user's password. How would I give apache some ulimits, so that it doesn't spawn too many validators, or eat too much ram? (To me it doesn't look like simply editting /etc/security/limits.conf will work out of the box ?) Try invoking umlimit from the apache initialization script. Thanks, Hugo van der Merwe ps: please CC. (busy week) A good resource on Linux-PAM can found at: http://www.kernel.org/pub/linux/libs/pam/ Regards, jovan rivera [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: (A little OT) Introduction to cryptography
Hi, I have been studying crypto systems for awhile now and it seems that the best resource on the subject bar none is APPLIED CRYPTOGRAPHY written by Bruce Schneier 2nd Edition has copious code examples and execellent easy to understand explaination of practically all practical crypto algorithms out there. You may have heard of one of the authors algorithms - blowfish... Failing that try looking at the gnu privacy guard. It is an awesome public key algorithm. Regards, Scott. - Original Message - From: Philippe Seidel [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, March 23, 2001 10:50 PM Subject: (A little OT) Introduction to cryptography Hi all, As you are the only security-related list I'm subscribed to and cryptography has something to do with security, I'm directing this question to this list. I want to inform myself about the internal workings of some simple cryptographic algorithm. Now, there's the problem that when I look on the internet I either get introductions to some cryptosystems (PGP/X.509) or mathematic describtions that go beyond my mathematic knowledge (especially as I'm German and know these mathematical terms only in German). So I wanted to ask if anyone of you knows an easy-to-understand and yet complete explanation of a cryptographic algorithm. I already thought of looking into the libssl-sources, but I don't think I will understand them either without knowing about the algorithms. Thanks for your help in advance, Philippe -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: (A little OT) Introduction to cryptography
On Fri, 23 Mar 2001 13:50:54 +0100, Philippe Seidel [EMAIL PROTECTED] was runoured to have said: Hi all, As you are the only security-related list I'm subscribed to and cryptography has something to do with security, I'm directing this question to this list. I want to inform myself about the internal workings of some simple cryptographic algorithm. Now, there's the problem that when I look on the internet I either get introductions to some cryptosystems (PGP/X.509) or mathematic describtions that go beyond my mathematic knowledge (especially as I'm German and know these mathematical terms only in German). So I wanted to ask if anyone of you knows an easy-to-understand and yet complete explanation of a cryptographic algorithm. Hi, there were a couple of similar thread on linux-crypto some time ago, archived here: http://mail.nl.linux.org/linux-crypto/ Have a look at the December 2001 archives, threads like the crypto basics and question about ciphers should have some useful meta-info... HTH. I already thought of looking into the libssl-sources, but I don't think I will understand them either without knowing about the algorithms. Thanks for your help in advance, Philippe Rgds, /-sb. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
ulimits
Hello, Recently a friend of mine was kind enough to hit refresh 700 times after requesting a depth 5 recursive validation from the validator on my web server. It's load levels went to above 150, hehe. Took me a couple of minutes to log in, and a couple to su to root, and more than 5 minutes to get the killall validate.cgi command executed. Quite amazing that the machine survived it all. GNU/Linux rules! ;) Now I realise the time has come for me to set up some ulimits. I have some queries about the workings of /etc/security/ and /etc/pam.d/. If I set up limits in /etc/security/limits.conf, this will only apply to pam-enabled services with pam_limits.so in the corresponding file in /etc/pam.d/ ? Or does login cover everything? I see the following in pam.d/kde: password required pam_unix.so nullok obscure min=4 max=8 md5 What is the effect of this? I wanted to make my passwords 6 to 12, so I editted pam.d/login, is it necessary to e.g. edit the kde one too? (Everything appears to work well.) How would I give apache some ulimits, so that it doesn't spawn too many validators, or eat too much ram? (To me it doesn't look like simply editting /etc/security/limits.conf will work out of the box ?) Thanks, Hugo van der Merwe ps: please CC. (busy week)
unsubscribe
Technical Director KeConnect Group
unsubscribe
unsubscribe
Re: ulimits
Hello, Here are some answers to the questions you asked. If anyone realizes that any of the information is incorrect or inaccurate, please feel free to correct me :-) On Sat, 23 Mar 2002 09:30:36 +0200 Hugo van der Merwe [EMAIL PROTECTED] wrote: Hello, Recently a friend of mine was kind enough to hit refresh 700 times after requesting a depth 5 recursive validation from the validator on my web server. It's load levels went to above 150, hehe. Took me a couple of minutes to log in, and a couple to su to root, and more than 5 minutes to get the killall validate.cgi command executed. Quite amazing that the machine survived it all. GNU/Linux rules! ;) Now I realise the time has come for me to set up some ulimits. I have some queries about the workings of /etc/security/ and /etc/pam.d/. If I set up limits in /etc/security/limits.conf, this will only apply to pam-enabled services with pam_limits.so in the corresponding file in /etc/pam.d/ ? Or does login cover everything? If you edit /etc/pam.d/login to use pam_limit.so, it will set up limits for UIDs that utilize the login program (i.e. /bin/login) in some way. I see the following in pam.d/kde: password required pam_unix.so nullok obscure min=4 max=8 md5 What is the effect of this? I wanted to make my passwords 6 to 12, so I editted pam.d/login, is it necessary to e.g. edit the kde one too? (Everything appears to work well.) When a PAM module has the control flag of password, the module is concerned with password management, such as setting/resetting the authentication token of a user. The line actually has no bearing on password creation, since the file that would really matter for that would be /etc/pam.d/passwd; in a simple sense it means that whenever KDE makes a call to refresh the user's authentication token, it will only care about a maximum of 8 characters of a user's password. How would I give apache some ulimits, so that it doesn't spawn too many validators, or eat too much ram? (To me it doesn't look like simply editting /etc/security/limits.conf will work out of the box ?) Try invoking umlimit from the apache initialization script. Thanks, Hugo van der Merwe ps: please CC. (busy week) A good resource on Linux-PAM can found at: http://www.kernel.org/pub/linux/libs/pam/ Regards, jovan rivera [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: (A little OT) Introduction to cryptography
Hi, I have been studying crypto systems for awhile now and it seems that the best resource on the subject bar none is APPLIED CRYPTOGRAPHY written by Bruce Schneier 2nd Edition has copious code examples and execellent easy to understand explaination of practically all practical crypto algorithms out there. You may have heard of one of the authors algorithms - blowfish... Failing that try looking at the gnu privacy guard. It is an awesome public key algorithm. Regards, Scott. - Original Message - From: Philippe Seidel [EMAIL PROTECTED] To: debian-security@lists.debian.org Sent: Friday, March 23, 2001 10:50 PM Subject: (A little OT) Introduction to cryptography Hi all, As you are the only security-related list I'm subscribed to and cryptography has something to do with security, I'm directing this question to this list. I want to inform myself about the internal workings of some simple cryptographic algorithm. Now, there's the problem that when I look on the internet I either get introductions to some cryptosystems (PGP/X.509) or mathematic describtions that go beyond my mathematic knowledge (especially as I'm German and know these mathematical terms only in German). So I wanted to ask if anyone of you knows an easy-to-understand and yet complete explanation of a cryptographic algorithm. I already thought of looking into the libssl-sources, but I don't think I will understand them either without knowing about the algorithms. Thanks for your help in advance, Philippe -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
