Re: Curriculum
On Fri, Aug 08, 2003 at 12:52:39PM +0200, Marcin Owsiany wrote: > On Fri, Aug 08, 2003 at 11:47:09AM +0200, Matteo Vescovi wrote: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA1 > > > > On Friday 08 August 2003 06:10, Hugo Kavamura wrote: > > > Hugo Kazumi Kavamura > > > [...] > > > > What the h.ll does this mean? > > Apparently some moron tries to find a job through SPAMming. maybe he wants a job inside debian. we must redirect him to http://nm.debian.org :-) Regards Samuele -- When all the network has eyes, even if we were to send out minds turned into light or electrons... It is a time when "one" is not able to make a "solid", a complex, into data yet... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Curriculum
On Fri, Aug 08, 2003 at 12:52:39PM +0200, Marcin Owsiany wrote: > On Fri, Aug 08, 2003 at 11:47:09AM +0200, Matteo Vescovi wrote: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA1 > > > > On Friday 08 August 2003 06:10, Hugo Kavamura wrote: > > > Hugo Kazumi Kavamura > > > [...] > > > > What the h.ll does this mean? > > Apparently some moron tries to find a job through SPAMming. maybe he wants a job inside debian. we must redirect him to http://nm.debian.org :-) Regards Samuele -- When all the network has eyes, even if we were to send out minds turned into light or electrons... It is a time when "one" is not able to make a "solid", a complex, into data yet...
Re: Traffic monitoring
On Fri, Mar 14, 2003 at 08:03:17PM +0100, Nils wrote: > Hello everybody! > > I have small but complicated problem. > > How do you monitor what network traffic you have and how much? I want to > be able to see the origin and destination, type and volume. > try ntop traffic-vis darkstat regards Samuele -- When all the network has eyes, even if we were to send out minds turned into light or electrons... It is a time when "one" is not able to make a "solid", a complex, into data yet...
Re: Traffic monitoring
On Fri, Mar 14, 2003 at 08:03:17PM +0100, Nils wrote: > Hello everybody! > > I have small but complicated problem. > > How do you monitor what network traffic you have and how much? I want to > be able to see the origin and destination, type and volume. > try ntop traffic-vis darkstat regards Samuele -- When all the network has eyes, even if we were to send out minds turned into light or electrons... It is a time when "one" is not able to make a "solid", a complex, into data yet... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Media Hackers
On Sat, Sep 28, 2002 at 10:59:47PM -0500, Mike Barushok wrote: > On Sun, 29 Sep 2002, Samuele Giovanni Tonon wrote: > > > On Sat, Sep 28, 2002 at 05:36:06PM +0100, Dale Amon wrote: > > > I'm curious if anyone has thought about ways of blocking > > > this sort of attack before it gets to the home user? > > > http://www.the-dailyrant.com/archives/000855.html#000855 > > > > > it depends on the attack: they say they want the > > "Congress to allow them to be able to legally hack" > > > > My understanding of this, just from some online study, is > that what they are contemplating doing at this time would > be along the lines of: > > Custom client uses ... >[...] a very "evil" attack :-) > Really, from what I have read, the way to block it > would seem to be to limit how many slow connections > the P2P software would permit. how much system does it take a socket() ? because to cirumvent this attack it'easy: avoid more than one connection from the same ip and limit not the queue but the bandwith (max_simul_download set to infinite and bandwith to what u like). so to limit you , they have to use a lot of "system load" too. another idea could be to implement in p2p software a sort of "anti very slow" user, so you start to drop connection from ppl at less than (say) 1Kbps . However it looks like that with this kind of attack there's the need to add new feature to your p2p client. > Standard disclaimers apply. IANAL. Not anyone's opinion except my > own. No warranty. Do not eat anything bigger than your head. LOL Samuele -- Samuele Giovanni Tonon <[EMAIL PROTECTED]> http://www.linuxasylum.net/~samu/ Acid -- better living through chemistry. Timothy Leary
Re: Media Hackers
On Sat, Sep 28, 2002 at 10:59:47PM -0500, Mike Barushok wrote: > On Sun, 29 Sep 2002, Samuele Giovanni Tonon wrote: > > > On Sat, Sep 28, 2002 at 05:36:06PM +0100, Dale Amon wrote: > > > I'm curious if anyone has thought about ways of blocking > > > this sort of attack before it gets to the home user? > > > http://www.the-dailyrant.com/archives/000855.html#000855 > > > > > it depends on the attack: they say they want the > > "Congress to allow them to be able to legally hack" > > > > My understanding of this, just from some online study, is > that what they are contemplating doing at this time would > be along the lines of: > > Custom client uses ... >[...] a very "evil" attack :-) > Really, from what I have read, the way to block it > would seem to be to limit how many slow connections > the P2P software would permit. how much system does it take a socket() ? because to cirumvent this attack it'easy: avoid more than one connection from the same ip and limit not the queue but the bandwith (max_simul_download set to infinite and bandwith to what u like). so to limit you , they have to use a lot of "system load" too. another idea could be to implement in p2p software a sort of "anti very slow" user, so you start to drop connection from ppl at less than (say) 1Kbps . However it looks like that with this kind of attack there's the need to add new feature to your p2p client. > Standard disclaimers apply. IANAL. Not anyone's opinion except my > own. No warranty. Do not eat anything bigger than your head. LOL Samuele -- Samuele Giovanni Tonon <[EMAIL PROTECTED]> http://www.linuxasylum.net/~samu/ Acid -- better living through chemistry. Timothy Leary -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Media Hackers
On Sat, Sep 28, 2002 at 05:36:06PM +0100, Dale Amon wrote: > I'm curious if anyone has thought about ways of blocking > this sort of attack before it gets to the home user? > http://www.the-dailyrant.com/archives/000855.html#000855 > it depends on the attack: they say they want the "Congress to allow them to be able to legally hack" so it seems not specific to p2p flaws but by using any known flaws of the target system. How can you block them ? the same way you block normal "hackers" . > I think it is especially important to those of us > who are not under US law, living in places where such > activity would not only *be* criminal, but would be treated > as such under law. it depends on the "agreement law" between your country and US, Anyway they should cooperate with the local country police, because (fortunately) DMCA is not a "global law"; so they can be persecuted if they hack on to my pc that is outside us law; if not, well, there would be so many law about privacy, private rights, local law that were breaked, that i should start to think of living in a world with a "us dictatorship", and that "1984" is now true. Anyway, Stay in touch with debian security updates and watch your logs :-) Regards Samuele -- Samuele Giovanni Tonon <[EMAIL PROTECTED]> http://www.linuxasylum.net/~samu/ Acid -- better living through chemistry. Timothy Leary
Re: Media Hackers
On Sat, Sep 28, 2002 at 05:36:06PM +0100, Dale Amon wrote: > I'm curious if anyone has thought about ways of blocking > this sort of attack before it gets to the home user? > http://www.the-dailyrant.com/archives/000855.html#000855 > it depends on the attack: they say they want the "Congress to allow them to be able to legally hack" so it seems not specific to p2p flaws but by using any known flaws of the target system. How can you block them ? the same way you block normal "hackers" . > I think it is especially important to those of us > who are not under US law, living in places where such > activity would not only *be* criminal, but would be treated > as such under law. it depends on the "agreement law" between your country and US, Anyway they should cooperate with the local country police, because (fortunately) DMCA is not a "global law"; so they can be persecuted if they hack on to my pc that is outside us law; if not, well, there would be so many law about privacy, private rights, local law that were breaked, that i should start to think of living in a world with a "us dictatorship", and that "1984" is now true. Anyway, Stay in touch with debian security updates and watch your logs :-) Regards Samuele -- Samuele Giovanni Tonon <[EMAIL PROTECTED]> http://www.linuxasylum.net/~samu/ Acid -- better living through chemistry. Timothy Leary -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: AW: dselect / apt-get and packages
On Mon, Jul 08, 2002 at 11:31:55PM +0100, Matthew Johnson wrote: > On Mon, 2002-07-08 at 22:15, Marcel Weber wrote: > > > > Well this would not be a big thing, would it? When I take a look at the ftp > > server, there is a .dsc with pgp signatures for each package. So letting > > dselect / aptitude or better dpkg-get doing a check for the key via gpg > > would be no big deal, or am I wrong? As there are many mirrors worldwide, > > that could be hacked or something, it would be a huge security improvement. > > The main problem is presumably with trust of the keys. If all the debian > developers / package maintainers had keys signed by a central debian key > - they you still have to trust that debian key. Events like debconf > could certainly be used to check fingerprints and sign keys - but that > still leaves a lot of ppl without an easy way to check. Is it possible to make a statistic on how many DD are in this situation ? What about on identify this "weak nodes" and then try to enforce them ? cya Samuele -- Samuele Giovanni Tonon <[EMAIL PROTECTED]> http://www.linuxasylum.net/~samu/ Acid -- better living through chemistry. Timothy Leary -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
