Re: [ilugd] File system integrity and intrusion detection
dear mohan, hi my name is udyan. if u need the monitoring windows clients system, use some special kind of sniffing tools such as ethreal, ettercap. linux and windows both versions are available. udyan singh Mohan Cheema <[EMAIL PROTECTED]> wrote: Are there any solutions available for file system integrity and intrusion detection system which works on a client/server model and possibility of monitoring windows clients too. Regards, Mohan ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/ Yahoo! India Matrimony: Find your life partneronline. ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
[ilugd] lphoto
Hi all, I use lphoto for my photo management, its compiled from source available through Linspire on Mandrake 10.1 Official. There is a new version of lphoto now out there and i have been trying to install it, it compiles ok but when i try to run it i get the following error : -- Traceback (most recent call last): File "/usr/lib/python2.3/site-packages/Lphoto/lphoto.py", line 20, in ? from glshow import * File "/usr/lib/python2.3/site-packages/Lphoto/glshow.py", line 3, in ? from OpenGL.GL import * ImportError: No module named OpenGL.GL -- It seems there is an opengl problem of some sort, i look around but there is no info on this anywhere. Can anyone help me out here ? thanks , - Ankur. ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] lphoto
--- Ankur Rohatgi <[EMAIL PROTECTED]> wrote: > Hi all, > I use lphoto for my photo management, its compiled > from source available > through Linspire on Mandrake 10.1 Official. There is > a new version of > lphoto now out there and i have been trying to > install it, it compiles > ok but when i try to run it i get the following > error : > -- > Traceback (most recent call last): >File > "/usr/lib/python2.3/site-packages/Lphoto/lphoto.py", > line 20, in ? > from glshow import * >File > "/usr/lib/python2.3/site-packages/Lphoto/glshow.py", > line 3, in ? > from OpenGL.GL import * > ImportError: No module named OpenGL.GL > -- > > It seems there is an opengl problem of some sort, i > look around but > there is no info on this anywhere. Can anyone help > me out here ? > Can't say for sure, but python-opengl or pyopengl might solve your problem. Let us know if your problem is solved. Regards VK = Hug the REALITY ;-) Disclamer The facts expressed here belong to everybody, the opinions to me. The distinction is yours to draw... __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] lphoto
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/21/2005 04:26 PM, vivek khurana wrote: | --- Ankur Rohatgi <[EMAIL PROTECTED]> wrote: | | |>Hi all, |>I use lphoto for my photo management, its compiled |>from source available |>through Linspire on Mandrake 10.1 Official. There is |>a new version of |>lphoto now out there and i have been trying to |>install it, it compiles |>ok but when i try to run it i get the following |>error : |>-- |>Traceback (most recent call last): |> File |>"/usr/lib/python2.3/site-packages/Lphoto/lphoto.py", |>line 20, in ? |> from glshow import * |> File |>"/usr/lib/python2.3/site-packages/Lphoto/glshow.py", |>line 3, in ? |> from OpenGL.GL import * |>ImportError: No module named OpenGL.GL |>-- |> |>It seems there is an opengl problem of some sort, i |>look around but |>there is no info on this anywhere. Can anyone help |>me out here ? |> | | | Can't say for sure, but python-opengl or pyopengl | might solve your problem. Let us know if your problem | is solved. | Hi Vivek, I tried installing PyOpenGL but that gave me too many errors to list, during the compilation. I tried looking for an RPM but wasnt able to find one. Would you happen to have any binaries for it ? - - Ankur. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCGcDNbR7mO5apBYARAsNLAJ9BAqOxS6kP/GMovfYOfRb762HoGgCg0DeM XRw0PumR7VqhjyNNrJ3770k= =zVK0 -END PGP SIGNATURE- ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
[ilugd] RAID CONTROLLER........................
Dear All, i have Dell PowerEdge SC1420 server. how can i disable raid controller. i have adaptek 39320 scsi controller card. i did not find any option in scsi biod setup. thanks rakesh jaiswal ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
[ilugd] (fwd) [SECURITY] [ GLSA 200502-28 ] PuTTY: Remote code execution
[Please upgrade if you use Putty on any platform -- Raju] This is an RFC 1153 digest. (1 message) -- Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ew6BAiZeqk4r7MaW" Content-Disposition: inline Message-ID: <[EMAIL PROTECTED]> From: Luke Macken <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Cc: bugtraq@securityfocus.com, full-disclosure@lists.netsys.com, [EMAIL PROTECTED] Subject: [ GLSA 200502-28 ] PuTTY: Remote code execution Date: Mon, 21 Feb 2005 16:01:26 -0500 --ew6BAiZeqk4r7MaW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200502-28 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: PuTTY: Remote code execution Date: February 21, 2005 Bugs: #82753 ID: 200502-28 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis PuTTY was found to contain vulnerabilities that can allow a malicious SFTP server to execute arbitrary code on unsuspecting PSCP and PSFTP clients. Background == PuTTY is a popular SSH client, PSCP is a secure copy implementation, and PSFTP is a SSH File Transfer Protocol client. Affected packages = --- Package / Vulnerable / Unaffected --- 1 net-misc/putty < 0.57 >= 0.57 Description === Two vulnerabilities have been discovered in the PSCP and PSFTP clients, which can be triggered by the SFTP server itself. These issues are caused by the improper handling of the FXP_READDIR response, along with other string fields. Impact == An attacker can setup a malicious SFTP server that would send these malformed responses to a client, potentially allowing the execution of arbitrary code on their system. Workaround == There is no known workaround at this time. Resolution == All PuTTY users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/putty-0.57" References == [ 1 ] PuTTY vulnerability vuln-sftp-readdir http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html [ 2 ] PuTTY vulnerability vuln-sftp-string http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html [ 3 ] CAN-2005-0467 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0467 [ 4 ] iDEFENSE Advisory http://www.idefense.com/application/poi/display?id=201&type=vulnerabilities Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200502-28.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to [EMAIL PROTECTED] or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.0 --ew6BAiZeqk4r7MaW Content-Type: application/pgp-signature Content-Disposition: inline -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFCGkwlRsm3eDkOu7kRAmb+AJ41OpoJYi2orGhnaOz+Plpi3pn/9gCfVA1g u6X5P8X4RpoDusKLtdf6qH8= =X7OP -END PGP SIGNATURE- --ew6BAiZeqk4r7MaW-- -- End of this Digest ** -- Raj Mathur[EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F It is the mind that moves ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
[ilugd] (fwd) [SECURITY] iDEFENSE Security Advisory 02.21.05: Multiple Unix/Linux Vendor cURL/libcURL NTLM Authentication Buffer Overflow Vulnerability
[Updated curl packages should be available for Linux distributions soon; please upgrade if you use curl with NTLM authentication on any platform -- Raju] This is an RFC 1153 digest. (1 message) -- Message-ID: <[EMAIL PROTECTED]> From: "iDEFENSE Labs" <[EMAIL PROTECTED]> To: , <[EMAIL PROTECTED]> Subject: iDEFENSE Security Advisory 02.21.05: Multiple Unix/Linux Vendor cURL/libcURL NTLM Authentication Buffer Overflow Vulnerability Date: Mon, 21 Feb 2005 15:38:53 -0500 Multiple Unix/Linux Vendor cURL/libcURL NTLM Authentication Buffer Overflow Vulnerability iDEFENSE Security Advisory 02.21.05: www.idefense.com/application/poi/display?id=202&type=vulnerabilities February 21, 2005 I. BACKGROUND cURL is a command line tool for transferring files with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. More information about cURL and libcURL is available from: http://curl.haxx.se/ II. DESCRIPTION Remote exploitation of a stack-based buffer overflow in various Unix / Linux vendors implementations of cURL could allow for arbitrary code execution on the targeted host. An exploitable stack-based buffer overflow condition exists when using NT Lan Manager (NTLM) authentication. The problem specifically exists within Curl_input_ntlm() defined in lib/http_ntlm.c. Within this function an unsigned stack-based character array of size 256, buffer[], is passed to the Curl_base64_decode() routine defined in lib/base64.c as can be seen here: size_t size = Curl_base64_decode(header, (char *)buffer); The Curl_base64_decode() routine relies on the calling function to validate the decoded length. This function base64 decodes and copies data directly from the HTTP reply of a server to the destination buffer, in this case buffer[]. An attacker can construct a long base64 encoded malicious payload that upon decoding will overflow the 256 byte static buffer and overwrite the saved EIP. This in turn can lead to arbitrary code execution. III. ANALYSIS Successful exploitation allows remote attackers to execute arbitrary code under the privileges of the target user. Exploitation requires that an attacker either coerce or force a target to connect to a malicious server using NTLM authentication. IV. DETECTION iDEFENSE has confirmed the existence of this vulnerability in cURL version 7.12.1. It is suspected that prior versions are affected as well. Any application built using a vulnerable version libcURL will also be affected. V. WORKAROUND Replace the static buffer allocation on line 106 in lib/http_ntlm.c: unsigned char buffer[256]; With a dynamic buffer allocation: unsigned char *buffer = (unsigned char *)malloc(strlen(header)); and recompile cURL. VI. VENDOR RESPONSE No vendor response received. VII. CVE INFORMATION A Mitre Corp. Common Vulnerabilities and Exposures (CVE) number has not been assigned yet. VIII. DISCLOSURE TIMELINE 12/21/2004 Initial vendor notification - No response 02/10/2005 Secondary vendor notification - No response 02/21/2005 Public disclosure IX. CREDIT infamous41md[at]hotpop.com is credited with this discovery. Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp X. LEGAL NOTICES Copyright (c) 2005 iDEFENSE, Inc. Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email [EMAIL PROTECTED] for permission. Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. -- End of this Digest ** -- Raj Mathur[EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F It is the mind that moves ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
[ilugd] ilugd meet in march - venue and misc
hoi planning to hold the meet in MAIT (maharaja agrasen institute of technology) - preferably on the third saturday of march (or even sunday if its possible) those from MAIT - please stand up and start the negotiations with the college/etc (prof suresh chandra would definitely be interested - so - best to talk to him) start the process.. ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
[ilugd] nagios
Hi all, I want that nagios send alerts by SMS to cell phone. If anyone have any ideas plese guide me. thanks in advance Narender ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
