Re: Compromising Debian Repositories
On Sat, Aug 03, 2013 at 12:17:06PM +0200, Volker Birk wrote: > Not to mention the build tool chains. It reminds me of Ken Thompson's article Reflections on Trusting Trust. In which he explains how to train the C compiler. http://cm.bell-labs.com/who/ken/trust.html "The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect." signature.asc Description: Digital signature
Re: OpenSSH not logging denied public keys, even with logging set to verbose.
On Thu, Mar 01, 2012 at 06:56:07AM -0600, Jordon Bedwell wrote: >The problem is I cannot get sshd to log publickey denied errors to >/var/log/auth.log so our daemons can ban these users. I want to know >what happened to messages like "publickey denied for [user] from [ip]" >I cannot get it to log those messages at all no matter the logging >level. Run the command below. grep "ssh:1.%.30s@%.128s.s password:" /usr/sbin/sshd; echo $? If you don't get 1 as output, your sshd is compromised. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120301205136.ga10...@master.debian.org
bios infection (was: how to fix rootkit?)
On Thu, Feb 09, 2012 at 11:07:20AM +1100, Russell Coker wrote: >On Thu, 9 Feb 2012, Stephen Hemminger wrote: >>The advice I heard is trust nothing (even reflash the BIOS). > >Do you know of any real-world exploits that involve replacing the BIOS? It's >been theoretically possible for a long time but I haven't seen any references Persistent BIOS Infection: http://www.phrack.com/issues.html?issue=66&id=7 -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120209005454.ga5...@debian.org
Re: [SECURITY] [DSA 1172-1] New bind9 packages fix denial of service
On Sat, Sep 09, 2006 at 12:36:25AM -0700, David Broome wrote: >A quick bug report for the list. Can someone second this behaviour? Déjà vu (maybe), see http://bugs.debian.org/265642 Aníbal Monsalve Salazar -- http://v7w.com/anibal signature.asc Description: Digital signature
Re: sendmail vulnerability
On Thu, Mar 23, 2006 at 09:44:38AM +0100, Andreas Piper wrote: >Hello, >ISS has reported a serious flaw in sendmail before 8.13.6, see >http://xforce.iss.net/xforce/alerts/id/216 and >http://sendmail.org/8.13.6.html > >Is a security fix of the sendmail-package(s) in view, or should I try to >install sendmail 8.13.6 standalone? sendmail 8.13.6-1 is in NEW. See http://ftp-master.debian.org/new.html Aníbal Monsalve Salazar -- http://v7w.com/anibal signature.asc Description: Digital signature
Re: Port 699 listening
On Wed, Dec 14, 2005 at 11:18:29PM -0600, Jeffrey L. Taylor wrote: >Quoting Alex Pankratz <[EMAIL PROTECTED]>: >[snip] >>Did, and that made both 111 and 699 not show up in nmap scan. sweet, >>thanks Jeffery. I could swear that in the past I saw 111 open and I >>sort of ignored it, why would 699 be open now, and then closed? why is >>statd running, i dont use NFS. >> >There are several services that use portmapper. Generally it has to >be ripped out manually after a clean install (at least for Debian and >SuSE). Read the portmap manpage. It tells you about the -i option and tcp_wrapper support. >Jeffrey Aníbal Monsalve Salazar -- .''`. Debian GNU/Linux : :' : Free Operating System `. `' http://debian.org/ `- http://v7w.com/anibal signature.asc Description: Digital signature
Re: Passwordless Authentication (was Re: How to reduce sid security)
On Fri, Aug 01, 2003 at 01:03:46PM +0200, [EMAIL PROTECTED] wrote: > If you can read Dutch you can use my pages right now [1]. They explain > all this in excruciating detail. OpenSSH and SSH.com interoperability > and setting up ssh-agent are explained too. Some scripts are provided to > automate all this. > > On the other hand, if you can wait 'til after the weekend I'll translate > those pages to English for you (and anyone else who'd like to use them > of course). What's the URL of the English version? > [1] http://huizen.dto.tudelft.nl/devries/security/ssh2_pubkey_auth_config.nl.html > > Grx HdV Aníbal Monsalve Salazar -- .''`. Debian GNU/Linux | Building 28C : :' : Free Operating System | Monash University VIC 3800 `. `' http://debian.org/| Australia `- | pgp0.pgp Description: PGP signature
Re: Passwordless Authentication (was Re: How to reduce sid security)
On Fri, Aug 01, 2003 at 01:03:46PM +0200, [EMAIL PROTECTED] wrote: > If you can read Dutch you can use my pages right now [1]. They explain > all this in excruciating detail. OpenSSH and SSH.com interoperability > and setting up ssh-agent are explained too. Some scripts are provided to > automate all this. > > On the other hand, if you can wait 'til after the weekend I'll translate > those pages to English for you (and anyone else who'd like to use them > of course). What's the URL of the English version? > [1] > http://huizen.dto.tudelft.nl/devries/security/ssh2_pubkey_auth_config.nl.html > > Grx HdV Aníbal Monsalve Salazar -- .''`. Debian GNU/Linux | Building 28C : :' : Free Operating System | Monash University VIC 3800 `. `' http://debian.org/| Australia `- | pgp5ZeHsYfa3z.pgp Description: PGP signature
Re: how to help with security in debian
On Sun, Jun 01, 2003 at 12:14 +1000, Aníbal Monsalve Salazar wrote: > A month ago or so, Martin Schulze sent a message about his guidelines > to help with security in debian. It was Martin Michlmayr who posted the message: http://lists.debian.org/debian-devel-announce/2003/debian-devel-announce-200305/msg5.html And he referenced a message from Martin Schulze: http://lists.debian.org/debian-security/2001/debian-security-200109/msg00225.html This last message was about looking for a Debian Security Secretary. However, it contains guidelines about how to help with security in debian. > It included a URL at infodrom.org. http://www.infodrom.ffis.de/Linux/security/ The URL wasn't at infodrom.org, as you can see. However, the above URL doesn't take me anywhere because the domain name does not exist. I've found the following URL at infodrom.org and it's the one I was looking for: http://www.infodrom.org/Linux/security/ > Could someone please send me the message and the URL? Thanks to Tomasz Papszun and David Karlin for their messages. Aníbal pgp0.pgp Description: PGP signature
Re: how to help with security in debian
On Sun, Jun 01, 2003 at 12:14 +1000, Aníbal Monsalve Salazar wrote: > A month ago or so, Martin Schulze sent a message about his guidelines > to help with security in debian. It was Martin Michlmayr who posted the message: http://lists.debian.org/debian-devel-announce/2003/debian-devel-announce-200305/msg5.html And he referenced a message from Martin Schulze: http://lists.debian.org/debian-security/2001/debian-security-200109/msg00225.html This last message was about looking for a Debian Security Secretary. However, it contains guidelines about how to help with security in debian. > It included a URL at infodrom.org. http://www.infodrom.ffis.de/Linux/security/ The URL wasn't at infodrom.org, as you can see. However, the above URL doesn't take me anywhere because the domain name does not exist. I've found the following URL at infodrom.org and it's the one I was looking for: http://www.infodrom.org/Linux/security/ > Could someone please send me the message and the URL? Thanks to Tomasz Papszun and David Karlin for their messages. Aníbal pgpzeuSGeBwKz.pgp Description: PGP signature
how to help with security in debian
A month ago or so, Martin Schulze sent a message about his guidelines to help with security in debian. It included a URL at infodrom.org. Could someone please send me the message and the URL? pgp0.pgp Description: PGP signature
how to help with security in debian
A month ago or so, Martin Schulze sent a message about his guidelines to help with security in debian. It included a URL at infodrom.org. Could someone please send me the message and the URL? pgphaVdBqoFc7.pgp Description: PGP signature