Re: finding a process that bind a spcific port
At Wed, 22 Jan 2014 19:47:27 +0700, Andika Triwidada wrote: > > On Wed, Jan 22, 2014 at 7:37 PM, Nico Angenon wrote: > > the same...no output > > could be hidden by rootkit :( I think so too. Could you try to use debsum and rkhunter? It would find cracked commands. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87ob3338mc.wl%k...@daionet.gr.jp
Re: Masao Sugimoto/Nokubi Takatsugu
At Wed, 15 Dec 2004 04:19:09 EST, [EMAIL PROTECTED] wrote: > While doing a search on Masao Sugimoto, I came upon your website. Can you tell > me what the rootkit detection is and what it means. Who is Nokubi Takatsugu? > What is it about? Dr. Sugimoto died on December 22, 2002. Thankyou, Robin I think he is a parson with the same family and personal name. Mr. Sugimoto I known is not Dr, he is the maintainer of a Japanese dictionary "cannadic". I think Dr. Sugimoto you say is the former president of Pioneer. -- NOKUBI Takatsugu E-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNSResolver Libraries
In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes: >> Jeff> libc6 is indeed a big package and the Pine announcement seems >> Jeff> rather general, if we are lucky, Debians libresolv.so wont need an >> Jeff> update. >> >> The Pine announcement only mentions the libc from BSD-based systems, >> which is different from Linux's glibc, I believe. No, it's problem on all resolver libraries originated from BIND, not except glibc. I got an information from a web bbs. It says that some parts of the FreeBSD's patch <ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:28/resolv.patch> was already applied <http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/resolv/nss_dns/dns-host.c.diff?r1=1.15&r2=1.16&cvsroot=glibc&f=h> , but not a part. I attached the lack part of the patch with the mail. It is for glibc-2.2.5, but it also need to apply potato's glibc. -- NOKUBI Takatsugu E-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] / [EMAIL PROTECTED] --- glibc-2.2.5/resolv/nss_dns/dns-network.c.org2001-07-06 13:55:39.0 +0900 +++ glibc-2.2.5/resolv/nss_dns/dns-network.c2002-06-28 21:42:26.0 +0900 @@ -328,7 +328,9 @@ } cp += n; *alias_pointer++ = bp; - bp += strlen (bp) + 1; + n = strlen(bp) + 1; + bp += n; + linebuflen -= n; result->n_addrtype = class == C_IN ? AF_INET : AF_UNSPEC; ++have_answer; } -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Rootkit Detection
In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes: >> > I could made potato package easily from sid's source. It requires >> > build-essential and debhelper to do it. >> >> Ok guy, but apt pin is so easy =) However it requires new libc6. I dislike it so I tried to build on potato. It's just an another solution. -- NOKUBI Takatsugu E-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Rootkit Detection
In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes: >> > I could made potato package easily from sid's source. It requires >> > build-essential and debhelper to do it. >> >> Ok guy, but apt pin is so easy =) However it requires new libc6. I dislike it so I tried to build on potato. It's just an another solution. -- NOKUBI Takatsugu E-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Rootkit Detection
In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes: >> > Is there any way of detecting rootkits on potato? >> >> See: http://packages.debian.org/chkrootkit >> >> Try apt pin and get chkrootkit from sid. I could made potato package easily from sid's source. It requires build-essential and debhelper to do it. -- NOKUBI Takatsugu E-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Rootkit Detection
In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes: >> > Is there any way of detecting rootkits on potato? >> >> See: http://packages.debian.org/chkrootkit >> >> Try apt pin and get chkrootkit from sid. I could made potato package easily from sid's source. It requires build-essential and debhelper to do it. -- NOKUBI Takatsugu E-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
is potato's cvs secure?
I heard there is a security bug in cvs 1.11.1 and 1.11.1pl1. http://mail.gnu.org/pipermail/info-cvs/2002-February/024475.html I try to check potato's cvs, but it seems to me that there is no such bug. Did anyone try it? -- NOKUBI Takatsugu E-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] / [EMAIL PROTECTED]
is potato's cvs secure?
I heard there is a security bug in cvs 1.11.1 and 1.11.1pl1. http://mail.gnu.org/pipermail/info-cvs/2002-February/024475.html I try to check potato's cvs, but it seems to me that there is no such bug. Did anyone try it? -- NOKUBI Takatsugu E-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which ssh should I have?
In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes: >> CERT tells me Debian potato is vulnerable. We might want to correct them >> if they are wong. >> >> http://www.cert.org/incident_notes/IN-2001-12.html >> http://www.kb.cert.org/vuls/id/945216 >> tells me: >> >> Vender Status Date updated >> Debian Vulnerable 2-Nov-2001 OpenSSH on Debian is right, but ssh-nonfree is still vulnerable. See http://bugs.debian.org/85725 -- NOKUBI Takatsugu E-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] / [EMAIL PROTECTED]
Re: Which ssh should I have?
In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes: >> CERT tells me Debian potato is vulnerable. We might want to correct them >> if they are wong. >> >> http://www.cert.org/incident_notes/IN-2001-12.html >> http://www.kb.cert.org/vuls/id/945216 >> tells me: >> >> Vender Status Date updated >> Debian Vulnerable 2-Nov-2001 OpenSSH on Debian is right, but ssh-nonfree is still vulnerable. See http://bugs.debian.org/85725 -- NOKUBI Takatsugu E-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] / [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]