Re: can not kill a process
On Tue, 13 Apr 2004 11:31:43 +0200 LeVA <[EMAIL PROTECTED]> wrote: > Hi! > > I have a process running, and I can not kill it. Really weird. > See: > > # ps ax > 2965 ?RW 3:21 [nopromo] > # kill -9 2965 > # ps ax > 2965 ?RW 3:21 [nopromo] > # > > You see, I've killed it, but it is still there. What should I do? I > don't want to reboot the machine. This is a zombie process, google is your friend.may the web be with you Gr, Ivo
Re: can not kill a process
On Tue, 13 Apr 2004 11:31:43 +0200 LeVA <[EMAIL PROTECTED]> wrote: > Hi! > > I have a process running, and I can not kill it. Really weird. > See: > > # ps ax > 2965 ?RW 3:21 [nopromo] > # kill -9 2965 > # ps ax > 2965 ?RW 3:21 [nopromo] > # > > You see, I've killed it, but it is still there. What should I do? I > don't want to reboot the machine. This is a zombie process, google is your friend.may the web be with you Gr, Ivo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: downgrade to stable
Costas Magkos wrote: Hi debian people, Is there a way to downgrade to stable, after having apt-get dist-upgrade to testing? http://lamorak.hetisw.nl/~dudes/downgrade-sid-to-woody.txt This is a very pre-beta version, didn't find the time yet to complete it. Gr, Ivo
Re: downgrade to stable
Costas Magkos wrote: Hi debian people, Is there a way to downgrade to stable, after having apt-get dist-upgrade to testing? http://lamorak.hetisw.nl/~dudes/downgrade-sid-to-woody.txt This is a very pre-beta version, didn't find the time yet to complete it. Gr, Ivo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Big VPN
On Wed, 3 Mar 2004 12:07:23 +0100 Richard Atterer <[EMAIL PROTECTED]> wrote: > Hi, CCing the list again because other people might have cleverer > ideas. I hope you don't mind, Jaroslaw. > > On Wed, Mar 03, 2004 at 11:36:27AM +0100, Jaros?aw Tabor wrote: > > That's OK. But what about routing ? How to inform other nodes, about > > new subnet ? I think, that this will require some kind of dynamic > > routing and IPSec on demand. But, as I see from freeswan and > > openswan doc, this isn't supported. Tinc does full mesh :) You only need to add the new subnets to one other node to make it work on all subnets, it keeps an internal routing table.
Re: Big VPN
On Wed, 3 Mar 2004 12:07:23 +0100 Richard Atterer <[EMAIL PROTECTED]> wrote: > Hi, CCing the list again because other people might have cleverer > ideas. I hope you don't mind, Jaroslaw. > > On Wed, Mar 03, 2004 at 11:36:27AM +0100, Jaros?aw Tabor wrote: > > That's OK. But what about routing ? How to inform other nodes, about > > new subnet ? I think, that this will require some kind of dynamic > > routing and IPSec on demand. But, as I see from freeswan and > > openswan doc, this isn't supported. Tinc does full mesh :) You only need to add the new subnets to one other node to make it work on all subnets, it keeps an internal routing table. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Big VPN
Jan Minar wrote: IMHO, the key words in Richard's posting are ``[not] enough expertise'', and ``a track record''. The idea that the [conceptual] flaws will be fixed in The Next Release [TM], although quite common amongst the people, is a mere instance of a proof by wishful thinking. Clueless authors will always produce crappy software, regardless of how long they've been in the business. It's not about releases, it's about auditing a product before the authors accually have made their minds up about where the product is going. Tinc started out as a idea on using the tap device for something useful. It migrated to a pretty nice vpn solution. Even linus made some pretty bad coding errors when he started out with linux, if you want to imply that when software, or a part of it was once flawed, you shouldn't trust the author ever, you shouldn't use linux at all.
Re: Big VPN
Richard Atterer wrote: On Tue, Mar 02, 2004 at 10:00:58PM +0100, I.R. van Dongen wrote: You might want to check tinc (http://tinc.nl.linux.org) I strongly recommend *not* to use tinc. <http://www.securityfocus.com/archive/1/249142> illustrates that the authors didn't have enough expertise to build a secure tool 2 years ago. The problems were still present last autumn, see <http://www.mit.edu:8008/bloom-picayune/crypto/14238>. What a track record! With VPN software, IPSec is the only real option if you want to be certain it is secure. Nice, the first article is based on a alpha version (pre-beta) of tinc, you didn't include the official answer. This sounds alot like FUD, are you the author of a compeditive product? Gr, Ivo PS. cc: to tinc mailinglist
Re: Big VPN
Jan Minar wrote: IMHO, the key words in Richard's posting are ``[not] enough expertise'', and ``a track record''. The idea that the [conceptual] flaws will be fixed in The Next Release [TM], although quite common amongst the people, is a mere instance of a proof by wishful thinking. Clueless authors will always produce crappy software, regardless of how long they've been in the business. It's not about releases, it's about auditing a product before the authors accually have made their minds up about where the product is going. Tinc started out as a idea on using the tap device for something useful. It migrated to a pretty nice vpn solution. Even linus made some pretty bad coding errors when he started out with linux, if you want to imply that when software, or a part of it was once flawed, you shouldn't trust the author ever, you shouldn't use linux at all. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Big VPN
Richard Atterer wrote: On Tue, Mar 02, 2004 at 10:00:58PM +0100, I.R. van Dongen wrote: You might want to check tinc (http://tinc.nl.linux.org) I strongly recommend *not* to use tinc. <http://www.securityfocus.com/archive/1/249142> illustrates that the authors didn't have enough expertise to build a secure tool 2 years ago. The problems were still present last autumn, see <http://www.mit.edu:8008/bloom-picayune/crypto/14238>. What a track record! With VPN software, IPSec is the only real option if you want to be certain it is secure. Nice, the first article is based on a alpha version (pre-beta) of tinc, you didn't include the official answer. This sounds alot like FUD, are you the author of a compeditive product? Gr, Ivo PS. cc: to tinc mailinglist -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Big VPN
Jaroslaw Tabor wrote: Hi all! I know that this list isn't the best place to ask, but I'm reding this list for years. I hope You will forgive me :) I'm looking for good linux (debian of course) based solution for VPN connecting about 100 LANs. The solution should be stable, easy for implementation and easy for management. I've some expirience with VPNs based on PPTPd, but not so big. I've reviewed freeswan and OE feauture. This looks nice, but I'm afraid about security. If I understand this solution right there is no authentication at all. So every one can connect to the LANs if he will spoof IP. I need something better, because I cannot trust to LAN users. To avoid that, I have idea, to use some kind of secure DNS, which will answer only to authorized peers, but I don't know how to do it. Finally, the questions: Did someone sucessfully build such network ? If yes, how? Do You know any other VPN solution for this problem? If my idea isn't so bad, how to add secure authentication for OE solution. Is there any solution to easily manage keys in so big network, if I will choice freeswan (or other) without OE ? You might want to check tinc (http://tinc.nl.linux.org) best regards Jarek PS: Sorry, for my poor english, I'm not a native speaker. me neither :) Gr, Ivo
Re: Big VPN
Jaroslaw Tabor wrote: Hi all! I know that this list isn't the best place to ask, but I'm reding this list for years. I hope You will forgive me :) I'm looking for good linux (debian of course) based solution for VPN connecting about 100 LANs. The solution should be stable, easy for implementation and easy for management. I've some expirience with VPNs based on PPTPd, but not so big. I've reviewed freeswan and OE feauture. This looks nice, but I'm afraid about security. If I understand this solution right there is no authentication at all. So every one can connect to the LANs if he will spoof IP. I need something better, because I cannot trust to LAN users. To avoid that, I have idea, to use some kind of secure DNS, which will answer only to authorized peers, but I don't know how to do it. Finally, the questions: Did someone sucessfully build such network ? If yes, how? Do You know any other VPN solution for this problem? If my idea isn't so bad, how to add secure authentication for OE solution. Is there any solution to easily manage keys in so big network, if I will choice freeswan (or other) without OE ? You might want to check tinc (http://tinc.nl.linux.org) best regards Jarek PS: Sorry, for my poor english, I'm not a native speaker. me neither :) Gr, Ivo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: security.debian.org
Lupe Christoph wrote: On Monday, 2004-02-09 at 20:38:37 +, Neil McGovern wrote: On Mon, Feb 09, 2004 at 06:17:01PM +0100, Konstantin Filtschew wrote: security.debian.org seems to be down traceroute to security.debian.org (194.109.137.218), 30 hops max, 38 byte packets 1 firewally (172.17.0.7) 0.313 ms 0.265 ms 0.294 ms 2 217.5.98.173 (217.5.98.173) 41.572 ms 14.095 ms 16.924 ms 3 217.237.157.90 (217.237.157.90) 43.417 ms 13.360 ms 13.235 ms 4 m-ec1.M.DE.net.DTAG.DE (62.154.27.234) 43.712 ms 41.187 ms 13.722 ms 5 zcr2-so-5-2-0.Munich.cw.net (208.175.230.49) 43.801 ms 80.418 ms 13.694 ms 6 zcr1-ge-4-3-0-5.Munich.cw.net (208.175.230.253) 44.627 ms 14.025 ms 13.144 ms 7 bcr2-so-0-3-0.Amsterdam.cw.net (208.173.209.149) 44.844 ms 41.744 ms 41.494 ms 8 zcr2-so-1-0-0.Amsterdamamt.cw.net (208.173.209.198) 45.590 ms 40.869 ms 42.402 ms 9 zar1-ge-0-3-0.Amsterdamamt.cw.net (208.173.220.131) 46.314 ms zar1-ge-1-3-0.Amsterdamamt.cw.net (208.173.220.147) 325.519 ms 45.989 ms 10 kpn.Amsterdamamt.cw.net (208.173.212.154) 48.013 ms 45.763 ms 39.773 ms 11 0.so-1-3-0.xr1.d12.xs4all.net (194.109.5.101) 49.062 ms 67.547 ms 41.748 ms 12 0.so-3-0-0.cr1.d12.xs4all.net (194.109.5.58) 47.961 ms * 46.106 ms 13 * * * 14 * * * traceroute to klecker.debian.org (194.109.137.218), 64 hops max, 44 byte packets 6 0.so-2-3-0.xr2.d12.xs4all.net (194.109.5.89) 18.584 ms 17.343 ms 16.522 ms 7 0.ge-1-3-0.cr1.d12.xs4all.net (194.109.5.74) 17.500 ms 17.696 ms 17.765 ms 8 * * * 9 * * * klecker seems down again, security and non-us seem to be moved to the old location (utwente). You can see that this was probably not security.d.o being down, but some router. the packets are taking a quite different path. Maybe U Twente switched providers? not likely :) Gr, Ivo
Re: security.debian.org
Lupe Christoph wrote: On Monday, 2004-02-09 at 20:38:37 +, Neil McGovern wrote: On Mon, Feb 09, 2004 at 06:17:01PM +0100, Konstantin Filtschew wrote: security.debian.org seems to be down traceroute to security.debian.org (194.109.137.218), 30 hops max, 38 byte packets 1 firewally (172.17.0.7) 0.313 ms 0.265 ms 0.294 ms 2 217.5.98.173 (217.5.98.173) 41.572 ms 14.095 ms 16.924 ms 3 217.237.157.90 (217.237.157.90) 43.417 ms 13.360 ms 13.235 ms 4 m-ec1.M.DE.net.DTAG.DE (62.154.27.234) 43.712 ms 41.187 ms 13.722 ms 5 zcr2-so-5-2-0.Munich.cw.net (208.175.230.49) 43.801 ms 80.418 ms 13.694 ms 6 zcr1-ge-4-3-0-5.Munich.cw.net (208.175.230.253) 44.627 ms 14.025 ms 13.144 ms 7 bcr2-so-0-3-0.Amsterdam.cw.net (208.173.209.149) 44.844 ms 41.744 ms 41.494 ms 8 zcr2-so-1-0-0.Amsterdamamt.cw.net (208.173.209.198) 45.590 ms 40.869 ms 42.402 ms 9 zar1-ge-0-3-0.Amsterdamamt.cw.net (208.173.220.131) 46.314 ms zar1-ge-1-3-0.Amsterdamamt.cw.net (208.173.220.147) 325.519 ms 45.989 ms 10 kpn.Amsterdamamt.cw.net (208.173.212.154) 48.013 ms 45.763 ms 39.773 ms 11 0.so-1-3-0.xr1.d12.xs4all.net (194.109.5.101) 49.062 ms 67.547 ms 41.748 ms 12 0.so-3-0-0.cr1.d12.xs4all.net (194.109.5.58) 47.961 ms * 46.106 ms 13 * * * 14 * * * traceroute to klecker.debian.org (194.109.137.218), 64 hops max, 44 byte packets 6 0.so-2-3-0.xr2.d12.xs4all.net (194.109.5.89) 18.584 ms 17.343 ms 16.522 ms 7 0.ge-1-3-0.cr1.d12.xs4all.net (194.109.5.74) 17.500 ms 17.696 ms 17.765 ms 8 * * * 9 * * * klecker seems down again, security and non-us seem to be moved to the old location (utwente). You can see that this was probably not security.d.o being down, but some router. the packets are taking a quite different path. Maybe U Twente switched providers? not likely :) Gr, Ivo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
WAS: HELP, my Debian Server was hacked!
this crontab does not download any packages, notice the "-s" switch which simulates the download en install process. it merly tells you what it would download and install if you would leave out the -s switch. Gr, Ivo van Dongen PS I would really like to see you perlscript, if you could send it to me personallyI would really apriciate it. On Thu, 24 Apr 2003 14:17:48 +0200, [EMAIL PROTECTED] wrote: > On Thu, Apr 24, 2003 at 11:43:06AM +0200, I.R. van Dongen wrote: > > > > lamorak:~# crontab -l > > @daily apt-get -q -q -q -q update && apt-get -s -q -q -q -q > > dist-upgrade > > Before you deploy such a mechanism, I advise that you set up > another one between the "update" and "upgrade" which checks the > authority of the downloaded databases. > > Details on how to implement this have been discusssed in the list > several times and an adequate answer can be found in the Debian > Security FAQ. Upon request, I can send the perl script we're > using on daily basis. > > bit, > adam
Re: Re: HELP, my Debian Server was hacked!
lamorak:~# crontab -l @daily apt-get -q -q -q -q update && apt-get -s -q -q -q -q dist-upgrade make sure the output is mailed to an address you use daily. When an update is available you will be mailed, otherwise you get no mail. Gr, Ivo van Dongen On Thu, 24 Apr 2003 11:19:34 +0200, [EMAIL PROTECTED] wrote: > Il Tue, 22 Apr 2003 17:48:23 -0500 (CDT) > David Ehle sì che favelando > sibillò: > > > nightly apt-get update && apt-get upgrade > > But if it asks human interaction?? How can i do?? > > -- > sracatus > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > >
Re: Re: is iptables enough?
On Wed, 19 Mar 2003 21:21:42 +, [EMAIL PROTECTED] wrote: > On Wed, Mar 19, 2003 at 09:45:48PM +0100, Janus N. T?ndering wrote: > > This should be more than enough. I have been running a mailserver on a > > Pentium 133MHz 96 RAM + SCSI for a few years. It can handle quite a lot > > mail --- never had a problem. > > Hah! Is nothing! I run a cablemodem firewall, multiple > VPN's, DNS, with snort, tiger, and other tools on a > 486 with 16MB of RAM! I hope that machine has scsi disks like my gateway (120MB & 1GB) since with that low on ram your machine is always swapping. That's usually no problem, but IDE disks tend to wear out fast when used 24/7. With more RAM (32-40M) your disks will be more standby. Gr, Ivo van Dongen
Re: Re: is iptables enough?
On Wed, 19 Mar 2003 21:21:42 +, [EMAIL PROTECTED] wrote: > On Wed, Mar 19, 2003 at 09:45:48PM +0100, Janus N. T?ndering wrote: > > This should be more than enough. I have been running a mailserver on a > > Pentium 133MHz 96 RAM + SCSI for a few years. It can handle quite a lot > > mail --- never had a problem. > > Hah! Is nothing! I run a cablemodem firewall, multiple > VPN's, DNS, with snort, tiger, and other tools on a > 486 with 16MB of RAM! I hope that machine has scsi disks like my gateway (120MB & 1GB) since with that low on ram your machine is always swapping. That's usually no problem, but IDE disks tend to wear out fast when used 24/7. With more RAM (32-40M) your disks will be more standby. Gr, Ivo van Dongen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Re: Permissions on /root/
Personally, I don't beleave /root should be used for any information that is 'dangerous' I personally use it sometimes for temp storage for .debs and such, before I move them to /usr/src. Therefor I don't really care what the default permissions are for /root. the files that need to be there (for example .my.cfg) need to have permission 600 or 700. Gr, Ivo van Dongen On Sat, 8 Mar 2003 09:34:37 -0500, [EMAIL PROTECTED] wrote: > On Sat, Mar 08, 2003 at 01:44:24PM +, Dale Amon wrote: > > On Sat, Mar 08, 2003 at 07:37:53AM -0500, bda wrote: > > > It should be locked down and not touched by adduser ("Would You Like To > > > Make All Homedirs World-Readable?"). > > > > Actually I'd rather not, but there are (or at least > > were, I've not checked in a long while) problems > > with apache access to /home/user/public_html if > > there was not global rx access to the whole directroy > > path string. > > Sorry, I was referring only to /root, not normal user homedirs. > > Unless you're thinking of http://foo.bar/~root/ for some sick reason. > ;-) > -- > bda > Cyberpunk is dead. Long live cyberpunk. > http://mirrorshades.org > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > >
Re: Re: Permissions on /root/
Personally, I don't beleave /root should be used for any information that is 'dangerous' I personally use it sometimes for temp storage for .debs and such, before I move them to /usr/src. Therefor I don't really care what the default permissions are for /root. the files that need to be there (for example .my.cfg) need to have permission 600 or 700. Gr, Ivo van Dongen On Sat, 8 Mar 2003 09:34:37 -0500, [EMAIL PROTECTED] wrote: > On Sat, Mar 08, 2003 at 01:44:24PM +, Dale Amon wrote: > > On Sat, Mar 08, 2003 at 07:37:53AM -0500, bda wrote: > > > It should be locked down and not touched by adduser ("Would You Like To > > > Make All Homedirs World-Readable?"). > > > > Actually I'd rather not, but there are (or at least > > were, I've not checked in a long while) problems > > with apache access to /home/user/public_html if > > there was not global rx access to the whole directroy > > path string. > > Sorry, I was referring only to /root, not normal user homedirs. > > Unless you're thinking of http://foo.bar/~root/ for some sick reason. > ;-) > -- > bda > Cyberpunk is dead. Long live cyberpunk. > http://mirrorshades.org > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix return-path with formmail
according to the postfix manual, you need to set Errors-To: as a header. I am aware that this is contra-rfc, but it works in most situations. Greetings, Ivo van Dongen On Thu, 06 Feb 2003 10:40:36 +0100, [EMAIL PROTECTED] wrote: > Thx for the pointers on finding the insecure pormmail.pl > > An other problem: > Forms sent on a webpage always have [EMAIL PROTECTED] (if www-data is > the user in httpd.conf)as return path. How do I change this, or how can > I set this to the "from"-field of the form? I tried on setting a > different user on the virtual domains, but apache does not seem to > accept this. > > Thanks, > Stefaan. > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > >
Re: Postfix return-path with formmail
according to the postfix manual, you need to set Errors-To: as a header. I am aware that this is contra-rfc, but it works in most situations. Greetings, Ivo van Dongen On Thu, 06 Feb 2003 10:40:36 +0100, [EMAIL PROTECTED] wrote: > Thx for the pointers on finding the insecure pormmail.pl > > An other problem: > Forms sent on a webpage always have www-data@maindomain (if www-data is > the user in httpd.conf)as return path. How do I change this, or how can > I set this to the "from"-field of the form? I tried on setting a > different user on the virtual domains, but apache does not seem to > accept this. > > Thanks, > Stefaan. > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Security issue with Apache-ssl?
Is this machine doing webmail by any chance? On Wed, 5 Feb 2003 22:14:58 -0700, [EMAIL PROTECTED] wrote: > Hello, > > I am using Apache-ssl 1.3.26.1+1.48-0woody3 and openssl 0.9.6c-2.woody.1. > > On a daily basis I am seeing the following errors. > > [Wed Feb 5 10:00:03 2003] [notice] child pid 3751 exit signal Segmentation > fault (11) > [Wed Feb 5 11:30:02 2003] [notice] child pid 3747 exit signal Segmentation > fault (11) > [Wed Feb 5 14:00:03 2003] [notice] child pid 3748 exit signal Segmentation > fault (11) > [Wed Feb 5 14:30:03 2003] [notice] child pid 4705 exit signal Segmentation > fault (11) > [Wed Feb 5 16:30:03 2003] [notice] child pid 3866 exit signal Segmentation > fault (11) > [Wed Feb 5 17:30:03 2003] [notice] child pid 3749 exit signal Segmentation > fault (11) > [Wed Feb 5 20:30:03 2003] [notice] child pid 4706 exit signal Segmentation > fault (11) > > And on occasion I see this as well. > > [Mon Feb 3 06:25:11 2003] [notice] SIGUSR1 received. Doing graceful > restart > > Are these problems associated with vulnerabilities in apache-ssl and > openssl? > > And if so, is there a Debian upgrade that fixes them? > > Thanks > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > >
Re: Security issue with Apache-ssl?
Is this machine doing webmail by any chance? On Wed, 5 Feb 2003 22:14:58 -0700, [EMAIL PROTECTED] wrote: > Hello, > > I am using Apache-ssl 1.3.26.1+1.48-0woody3 and openssl 0.9.6c-2.woody.1. > > On a daily basis I am seeing the following errors. > > [Wed Feb 5 10:00:03 2003] [notice] child pid 3751 exit signal Segmentation > fault (11) > [Wed Feb 5 11:30:02 2003] [notice] child pid 3747 exit signal Segmentation > fault (11) > [Wed Feb 5 14:00:03 2003] [notice] child pid 3748 exit signal Segmentation > fault (11) > [Wed Feb 5 14:30:03 2003] [notice] child pid 4705 exit signal Segmentation > fault (11) > [Wed Feb 5 16:30:03 2003] [notice] child pid 3866 exit signal Segmentation > fault (11) > [Wed Feb 5 17:30:03 2003] [notice] child pid 3749 exit signal Segmentation > fault (11) > [Wed Feb 5 20:30:03 2003] [notice] child pid 4706 exit signal Segmentation > fault (11) > > And on occasion I see this as well. > > [Mon Feb 3 06:25:11 2003] [notice] SIGUSR1 received. Doing graceful > restart > > Are these problems associated with vulnerabilities in apache-ssl and > openssl? > > And if so, is there a Debian upgrade that fixes them? > > Thanks > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]