Re: encrypted filesystem using losetup
On Wed, 2003-06-18 at 13:57, Hans van Leeuwen wrote: Hello, I am trying to make an encrypted filesystem using losetup with the -e parameter and twofish. The problems is that I keep getting the following error: The cipher does not exist, or a cipher module needs to be loaded into the kernel ioctl: LOOP_SET_STATUS: Invalid argument The Module is called cipher-twofish and is in the cryptoapi package found at http://www.kerneli.org/ Which module is required and how can I apt-get / compile it? I use debian woody stable with kernel 2.4.18-bf2.4. The following packages are in my apt repository: cryptoapi-core-source - CryptoAPI core kernel module cryptoloop-source - CryptoAPI's Cryptoloop Module. Hope this helps Regards, Janus N. Tøndering -- Janus N. Tøndering [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: encrypted filesystem using losetup
On Wed, 2003-06-18 at 13:57, Hans van Leeuwen wrote: Hello, I am trying to make an encrypted filesystem using losetup with the -e parameter and twofish. The problems is that I keep getting the following error: The cipher does not exist, or a cipher module needs to be loaded into the kernel ioctl: LOOP_SET_STATUS: Invalid argument The Module is called cipher-twofish and is in the cryptoapi package found at http://www.kerneli.org/ Which module is required and how can I apt-get / compile it? I use debian woody stable with kernel 2.4.18-bf2.4. The following packages are in my apt repository: cryptoapi-core-source - CryptoAPI core kernel module cryptoloop-source - CryptoAPI's Cryptoloop Module. Hope this helps Regards, Janus N. Tøndering -- Janus N. Tøndering [EMAIL PROTECTED]
Re: Spam
On Sun, 2003-05-18 at 03:43, Phillip Hofmeister wrote: With that point aside, you can try out bogofilters and razor. Between the two of those I have few false positive and few false negatives. Spamassassin already utilizes razor -- so razor failed that mail as well. Janus -- Janus N. Tøndering [EMAIL PROTECTED]
Re: Have I been hacked?
You can check the fingerprint. Use ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key (or similar) to print the fingerprint of your RSA key to the screen. If it is '51:bd:cd:2e:6a:b7:35:b9:54:33:a8:e2:9a:57:95:0d' then your friend has cached an old key you have used in the past (fx. before a re-installation). Hope this helps Janus Tøndering On Wed, 2003-05-07 at 16:33, Ian Goodall wrote: Thanks for your help Guys. It now says this: wtmp begins Wed May 7 13:21:47 2003 I think that is what had happened. I am new to this and this just looked dodgy to me! A friend also has ssh shell access to the box and got the following error message when connecting to the same my box: @@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 51:bd:cd:2e:6a:b7:35:b9:54:33:a8:e2:9a:57:95:0d. Please contact your system administrator. I don't get this from any other computers so is this just his computer? Thanks - Original Message - From: Eric LeBlanc [EMAIL PROTECTED] To: Ian Goodall [EMAIL PROTECTED] Cc: debian-security@lists.debian.org Sent: Wednesday, May 07, 2003 3:23 PM Subject: Re: Have I been hacked? Check if your program have rotated the logs... cd /var/log ls -l wtmp* and, check in /etc/cron* or do a crontab -l (in user root) E. -- Eric LeBlanc [EMAIL PROTECTED] -- UNIX is user friendly. It's just selective about who its friends are. == On Wed, 7 May 2003, Ian Goodall wrote: I am running a debian woody server and when I checked the last users yesterday I a large number of logins in the list. On running the command today I get the following: dev1:/home/ian# last ian pts/0172.16.3.195 Wed May 7 14:49 still logged in team1pts/0blue99.ex.ac.uk Wed May 7 13:21 - 13:57 (00:35) I have run chkrootkit but nothing was found. I have never had this before. Am I being paranoid or is someone trying to cover up their tracks? Thanks ijg0 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Janus N. Tøndering [EMAIL PROTECTED]
Re: is iptables enough?
On Wed, 2003-03-19 at 20:44, Jones wrote: On a less related note, what hardware config would you recommend for such a system? She has a number of machines that I could choose from. Most of them are 1.x Ghz Pentium systems with 256MB RAM and 10 GB IDE hard drives. After increasing the RAM to 512MB, I think this should more than adequate for a system doing nothing but HTTP and SMTP/POP requests. This should be more than enough. I have been running a mailserver on a Pentium 133MHz 96 RAM + SCSI for a few years. It can handle quite a lot mail --- never had a problem. Janus -- Janus N. Tøndering [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: securing pop3
On Tue, 2003-02-11 at 19:30, Ross Currie wrote: quite right. You'll want to put something like /bin/false in your passwd file as the user's shell. Both /bin/false and /bin/true has been suggested. Any difference in using the two? Janus -- Janus Nørgaard Tøndering email: janus(at)bananus.dk or janus(at)daimi.au.dk I have not failed. I've just found 10,000 ways that won't work. - Thomas Alva Edison (1847-1931) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: securing pop3
On Tue, 2003-02-11 at 19:30, Ross Currie wrote: quite right. You'll want to put something like /bin/false in your passwd file as the user's shell. Both /bin/false and /bin/true has been suggested. Any difference in using the two? Janus -- Janus Nørgaard Tøndering email: janus(at)bananus.dk or janus(at)daimi.au.dk I have not failed. I've just found 10,000 ways that won't work. - Thomas Alva Edison (1847-1931)
Re: errorlists
On Tue, 2002-11-12 at 14:47, Peter Ondraska wrote: This may be quite offtopic and definitely not debian related. I am just making a school work on security related bugs and programming errors. I would like to ask some of you to list me some error classes you know. I mean, a 'Buffer overflow' or 'Format string vulnerability' are classes because they appear in many programs and in variety of types. I don't ask for high level categories, like 'Boundary condition error', but I won't dump them if you mention some:) But these depend on the chosen taxonomy/hierarchy. Phrack #49 has an article named Smashing the Stack for Fun and Profit which describes buffer overflows and why they are dangerous. (www.phrack.org) Janus -- Janus Nørgaard Tøndering email: janus(at)bananus.dk or janus(at)daimi.au.dk The cigarette does the smoking, you're just the sucker. -Unknown signature.asc Description: This is a digitally signed message part
Re: errorlists
On Tue, 2002-11-12 at 14:47, Peter Ondraska wrote: This may be quite offtopic and definitely not debian related. I am just making a school work on security related bugs and programming errors. I would like to ask some of you to list me some error classes you know. I mean, a 'Buffer overflow' or 'Format string vulnerability' are classes because they appear in many programs and in variety of types. I don't ask for high level categories, like 'Boundary condition error', but I won't dump them if you mention some:) But these depend on the chosen taxonomy/hierarchy. Phrack #49 has an article named Smashing the Stack for Fun and Profit which describes buffer overflows and why they are dangerous. (www.phrack.org) Janus -- Janus Nørgaard Tøndering email: janus(at)bananus.dk or janus(at)daimi.au.dk The cigarette does the smoking, you're just the sucker. -Unknown signature.asc Description: This is a digitally signed message part
LIDS and daily cron jobs
Dear Sirs, I've installed a LIDS kernel (www.lids.org) on my Debian Woody box. I think I have figured out most ACLs but I cannot make the daily/weekly cron jobs work properly (those that rotate logs etc). Does someone have any experience regarding this matter? Regards, Janus -- Janus Nørgaard Tøndering email: [EMAIL PROTECTED], [EMAIL PROTECTED] or [EMAIL PROTECTED] Would you buy a car with the hood welded shut? -Phil Hughes, Linux Journal Magazine