Re: [newbie] Security updates for new MD10.1
On Thursday 24 Mar 2005 23:49, DAN WALKER wrote: That worked a treat. Thank you very much. I can't believe that this is not documented and easy to find somewhere. I looked all over the place but found the answer here thanks to you, anne. Dan, you can find lots of help on the Community TWiki - the link in my sig will take you to the home page. Take a good look at the Beginners' section, and browse the Index. You may find that some links are out of date - if you do, please report them on list and we'll try to get them fixed or removed. It is a community effort, so all feedback is helpful. Anne -- Registered Linux User No.293302 (http://counter.li.org/) Have you visited http://twiki.mdklinuxfaq.org yet? Mandrake at all levels pgpnQwqv5t9ay.pgp Description: PGP signature
Re: [newbie] Security updates for new MD10.1
That is great! All good so far.Anne Wilson [EMAIL PROTECTED] wrote: On Thursday 24 Mar 2005 23:49, DAN WALKER wrote: That worked a treat. Thank you very much. I can't believe that this is not documented and easy to find somewhere. I looked all over the place but found the answer here thanks to you, anne.Dan, you can find lots of help on the Community TWiki - the link in my sig will take you to the home page. Take a good look at the Beginners' section, and browse the Index. You may find that some links are out of date - if you do, please report them on list and we'll try to get them fixed or removed. It is a community effort, so all feedback is helpful.Anne-- Registered Linux User No.293302 (http://counter.li.org/)Have you visited http://twiki.mdklinuxfaq.org yet? Mandrake at all levelsSend instant messages to your online friends http://uk.messenger.yahoo.com
[newbie] Security updates for new MD10.1
Please excuse my newness... I tried to do the updates for my i686 machine, but it says that the website is uncontactable. Where can I find a list of update mirrors. I have googled but can not find any. I tried to update using KDE's update thingy. Also Mandrake Online cannot connect to its servers. I cannot figure this out. I am not behind a firewall or proxy, all settings are correct as I am emailing from the system right now through a web browser. I can ftp from the command line as well. My network settings are correct. Would I be best sorting out why these don't work or just getting a mirror list. If mirrors are the way forward, please can I have a link to somewhere that I can read to tell me about adding a security update medium. Thanks Send instant messages to your online friends http://uk.messenger.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security updates for new MD10.1
On Thursday 24 Mar 2005 17:50, DAN WALKER wrote: Please excuse my newness... I tried to do the updates for my i686 machine, but it says that the website is uncontactable. Where can I find a list of update mirrors. I have googled but can not find any. Hi, Dan. Open Mandrake Control Center, Software Management, Media Manager and remove the Update source. Then go to easyurpmi.zarb.org and follow the instructions on that page to set new sources. While you are there, set up a source for plf, and I would recommend setting one for every group on there. You can select them all at once, then the page will come back with a long command that you paste into a root console. You should have no problems after that. If you don't know unix-style cut-and-paste, ask here. Anne -- Registered Linux User No.293302 (http://counter.li.org/) Have you visited http://twiki.mdklinuxfaq.org yet? Mandrake at all levels pgphtZA3FIQ71.pgp Description: PGP signature
Re: [newbie] Security updates for new MD10.1
That worked a treat. Thank you very much. I can't believe that this is not documented and easy to find somewhere. I looked all over the place but found the answer here thanks to you, anne. Cheers, Dan --- Anne Wilson [EMAIL PROTECTED] wrote: On Thursday 24 Mar 2005 17:50, DAN WALKER wrote: Please excuse my newness... I tried to do the updates for my i686 machine, but it says that the website is uncontactable. Where can I find a list of update mirrors. I have googled but can not find any. Hi, Dan. Open Mandrake Control Center, Software Management, Media Manager and remove the Update source. Then go to easyurpmi.zarb.org and follow the instructions on that page to set new sources. While you are there, set up a source for plf, and I would recommend setting one for every group on there. You can select them all at once, then the page will come back with a long command that you paste into a root console. You should have no problems after that. If you don't know unix-style cut-and-paste, ask here. Anne -- Registered Linux User No.293302 (http://counter.li.org/) Have you visited http://twiki.mdklinuxfaq.org yet? Mandrake at all levels Send instant messages to your online friends http://uk.messenger.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] security - should I be worried? [Your internal IP should be hidden]
On Mon, 2004-11-22 at 08:02, JoeHill wrote: [...snip] The question is, is Merlin using a dedicated firewall/router/NAT of some sort or not? not that I know of. It's a single machine connected to the net by dialup; I just installed Mandrake 10.0 straight off the CDs. I don't recall any questions about a firewall in the install process. How would I find out if there's a firewall running? Does Mandrake set one up by default? TIA... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] security - should I be worried? [Your internal IP should be hidden]
At 09:06 PM 11/21/2004, you wrote: On Sunday 21 November 2004 08:02 pm, JoeHill wrote: whack I understood that internal addresses were never observable due to the nature of internet addressing. Somebody enlighten us if I'm wrong. I was gonna say somethin', but I try not to embarass myself with my cluelessness more than once a day... Who was it that once said sometimes it is better to keep your mouth shut and let people think your stupid than it is open your mouth and remove all doubt :-D -- /g Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com I do believe that Ben Franklin made that comment. Dennis Duffner [EMAIL PROTECTED] Registered Linux User #362232 Not yet M$ free-but getting closer Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
[newbie] security - should I be worried? [Your internal IP should be hidden]
Hello, someone sent me this site http://www.auditmypc.com/ so I thought I'd have a look; I did the first firewall test and they said: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Notice! Our system detects your internal IP address as 203.172.36.52 and your external address as 208.147.1.1. Your internal IP should be hidden whereas your external is always exposed. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - So what should I do about this? What's the difference between an internal and an external IP? And anyhow, I thought I had set my IP to 192.168.0.20??? Running Mandrake 10.0 straight off the CDs, not messed with any security setting at all. TIA for all advice... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] security - should I be worried? [Your internal IP should be hidden]
On Sunday 21 November 2004 02:19 pm, Merlin Zener wrote: Hello, someone sent me this site http://www.auditmypc.com/ so I thought I'd have a look; I did the first firewall test and they said: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Notice! Our system detects your internal IP address as 203.172.36.52 and your external address as 208.147.1.1. Your internal IP should be hidden whereas your external is always exposed. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - So what should I do about this? What's the difference between an internal and an external IP? And anyhow, I thought I had set my IP to 192.168.0.20??? Running Mandrake 10.0 straight off the CDs, not messed with any security setting at all. TIA for all advice... Check your Internal address. This looks like some kind of mess with your mind to buy our product kind of thing. Also go into MCC and see if shorewall is running. If not and you are on a stand alone always on computer I would start it up and configure it or just use the defaults to begin. That should stop anyones ability to see an internal address. I understood that internal addresses were never observable due to the nature of internet addressing. Somebody enlighten us if I'm wrong. -- Dennis M. linux user #180842 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] security - should I be worried? [Your internal IP should be hidden]
On Sun, 21 Nov 2004 18:07:32 -0600 Dennis Myers disseminated the following: So what should I do about this? What's the difference between an internal and an external IP? And anyhow, I thought I had set my IP to 192.168.0.20??? whack I understood that internal addresses were never observable due to the nature of internet addressing. Somebody enlighten us if I'm wrong. I was gonna say somethin', but I try not to embarass myself with my cluelessness more than once a day... Anyhow, ya, IIANM, *internal* addresses are by definition 'invisible', assuming NAT is in use, which is what I understand from the OP. The only time you'd get anything other than a 10, 192 or...172? address is if you are connecting directly to the internet, which is not recommended, as far as I am concerned, under any circumstances. The question is, is Merlin using a dedicated firewall/router/NAT of some sort or not? I went to the site mentioned and it certainly did not see my internal address, though it did warn me that port 80 being open left me vulnerable to Back Orifice (is that still around?!). Obviously, this site is not very good at detecting the target OS, which is easily done using something like NMap. I also noticed on the 'more info' page that they mention the 'sub7' virus, which is not a virus and hasn't been a danger to anyone since Win98. I wouldn't take anything this site says too seriously. -- JoeHill / RLU #282046 / www.freeyourmachine.org 19:43:33 up 10:52, 6 users, load average: 0.23, 0.34, 0.29 +++ Capitalism is the astounding belief that the most wickedest of men will do the most wickedest of things for the greatest good of everyone. -- John Maynard Keynes Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] security - should I be worried? [Your internal IP should be hidden]
On Sunday 21 November 2004 07:02 pm, JoeHill wrote: On Sun, 21 Nov 2004 18:07:32 -0600 Dennis Myers disseminated the following: So what should I do about this? What's the difference between an internal and an external IP? And anyhow, I thought I had set my IP to 192.168.0.20??? whack I understood that internal addresses were never observable due to the nature of internet addressing. Somebody enlighten us if I'm wrong. I was gonna say somethin', but I try not to embarass myself with my cluelessness more than once a day... I accidentally deleted the original message but, I also went to the auditmypc site and my internal ip was also visible. I asked the same question in the comp.os.linux.security newsgroup as the original poster, the answer was to turn off java and javascript in my browser. Once I did that my internal ip was no longer visible HTH -- Chris Registered Linux User 283774 http://counter.li.org 7:46pm up 18 days, 14 min, 1 user, load average: 1.23, 1.31, 0.98 Waste not fresh tears over old griefs. -- Euripides Live - From Virgin Radio UK Led Zeppelin - Kashmir Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] security - should I be worried? [Your internal IP should be hidden]
On Sunday 21 November 2004 08:02 pm, JoeHill wrote: whack I understood that internal addresses were never observable due to the nature of internet addressing. Somebody enlighten us if I'm wrong. I was gonna say somethin', but I try not to embarass myself with my cluelessness more than once a day... Who was it that once said sometimes it is better to keep your mouth shut and let people think your stupid than it is open your mouth and remove all doubt :-D -- /g Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] security - should I be worried? [Your internal IP should be hidden]
Dennis Myers wrote: On Sunday 21 November 2004 02:19 pm, Merlin Zener wrote: Hello, someone sent me this site http://www.auditmypc.com/ so I thought I'd have a look; I did the first firewall test and they said: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Notice! Our system detects your internal IP address as 203.172.36.52 and your external address as 208.147.1.1. Your internal IP should be hidden whereas your external is always exposed. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - So what should I do about this? What's the difference between an internal and an external IP? And anyhow, I thought I had set my IP to 192.168.0.20??? Running Mandrake 10.0 straight off the CDs, not messed with any security setting at all. TIA for all advice... Check your Internal address. This looks like some kind of mess with your mind to buy our product kind of thing. Also go into MCC and see if shorewall is running. If not and you are on a stand alone always on computer I would start it up and configure it or just use the defaults to begin. That should stop anyones ability to see an internal address. I understood that internal addresses were never observable due to the nature of internet addressing. Somebody enlighten us if I'm wrong. The inside address is visable to Java Java scripts running on your machine. Now, it doesn't do the attacker any good if your inside address is in one of the private IP ranges. It also doesn't do the attacker any good if there is a firewall between you and the Internet. (Unless they crack the firewall first, and then you have other problems.) Besides, you have to visit the attacker's web site, and run the Java code before they can get the IP address. But it sure does a good job of promotine there product with the way they present it. I like the bit where they say to look at the source code for the page. I need to go back to the first page, and look at the source to see what the Java script looks like... Mikkel -- Do not meddle in the affairs of dragons, for you are crunchy and taste good with Ketchup! Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security maniac ?
On Saturday 23 October 2004 18:15, Tom Brinkman wrote: On Friday 22 October 2004 06:30 pm, Kaj Haulrich wrote: I just followed Tom's advice and upgraded to the present cooker, including the (separate) install of the new kernel. Everything seem to work perfectly. So, now I supposedly run the upcoming 10.1 Official - right ? Yes, and if you did it after last Thurs., you have a few updates. Now cooker hasn't unfrozen quite yet, but will soon. So delete your cooker sources and switch to 10.1 mirrors now. Just after that I received the usual alert from Mandrake about security updates. OK. But when comparing those update versions to my cooker versions, mine seems to be newer. Can anyone explain ? - Tom ? Kaj Haulrich. The newer files almost certainly have the security (and bug) fixes. Thank you, Tom. I've been away for the week-end, hence my late reply. Now, I followed your advice ( I always do) and issued the command : urpmi.removemedia -a Which effectively deleted all my sources. Fine. Then, I went to the easy urpmi site at : http://easyurpmi.zarb.org/ and found no way to add 10.1 official sources. Possibly because the easy urpmi site was updated last saturday (the 16.th.) - O.K.. Next, I visited some mirrors, but I regret to say : IMHO they are at a total mess at the moment. For example : what is current ? - what is the difference between devel and cooker and why is everything being moved down the directory structure to main ? Maybe I am too conservative, but I found the old structure easier to manouver. So for now, I'll obey the good, old rule : if it ain't broke, don't fix it. Maybe tomorrow - or some other fine day - Trem at zarb.org will sort it out and provide us with an updated site. I allways enjoyed this excellent service. Thanks again, Tom. Kaj Haulrich. -- *sent from a 100% Microsoft-free workstation* * http://haulrich.net * *Running Linux (Mandrake 10.1) - kernel 2.6.8* Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security maniac ?
On Friday 22 October 2004 06:30 pm, Kaj Haulrich wrote: I just followed Tom's advice and upgraded to the present cooker, including the (separate) install of the new kernel. Everything seem to work perfectly. So, now I supposedly run the upcoming 10.1 Official - right ? Yes, and if you did it after last Thurs., you have a few updates. Now cooker hasn't unfrozen quite yet, but will soon. So delete your cooker sources and switch to 10.1 mirrors now. Just after that I received the usual alert from Mandrake about security updates. OK. But when comparing those update versions to my cooker versions, mine seems to be newer. Can anyone explain ? - Tom ? Kaj Haulrich. The newer files almost certainly have the security (and bug) fixes. -- Tom Brinkman Corpus Christi, Texas Proud to be an American Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
[newbie] Security maniac ?
I just followed Tom's advice and upgraded to the present cooker, including the (separate) install of the new kernel. Everything seem to work perfectly. So, now I supposedly run the upcoming 10.1 Official - right ? Just after that I received the usual alert from Mandrake about security updates. OK. But when comparing those update versions to my cooker versions, mine seems to be newer. Can anyone explain ? - Tom ? Kaj Haulrich. -- *sent from a 100% Microsoft-free workstation* * http://haulrich.net * *Running Linux (Mandrake 10.1) - kernel 2.6.8* Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
[newbie] Security Updates
Hi all, I am sure this has already been answered, but I didn't have much luck with the archives. I am using 10.1 community currently and when I try to add a security update source, it pops up telling me it is impossible to add the source and that it is most likely misconfigured. Is there a problem with curl or are the sites just down currently? Thanks in advance, -Matt Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security Updates
Matt Harrison wrote:
Hi all,
I am sure this has already been answered, but I
didn't have much luck with the archives. I am using
10.1 community currently and when I try to add a
security update source, it pops up telling me it is
impossible to add the source and that it is most
likely misconfigured. Is there a problem with curl or
are the sites just down currently?
Thanks in advance,
-Matt
For 10.1 Community, same as for 10.0 Community, there are *no*
'update' sources. Updates for Community are found in 'main', not in
a separate source.
Go to easyurpmi, select 10.1 Community sources for 'main',
'contrib', 'jpackage' and 'plf'.
Every day, open a root terminal and do this:
urpmi.update -a --no-md5sum urpmi --auto-select
This will get you a list of updates for all packages that you have
installed.
Curl usually fails - you should be using wget instead. As root, open
your /etc/urpmi/urpmi.cfg file, and add this at the top:
{
verify-rpm: 0
downloader: wget
}
--
Regards
Margot
*-*-*-*
Sent using Mozilla on a 100% Microsoft-Free Computer
Registered Linux User 307617 http://counter.li.org
Mandrakelinux release 10.1 (Community) for i586 kernel 2.6.8.1-10mdk
~~~
You get along very well with everyone except animals and people.
~~~
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security Updates
On Fri, 8 Oct 2004, Margot wrote: For 10.1 Community, same as for 10.0 Community, there are *no* 'update' sources. Updates for Community are found in 'main', not in a separate source. Go to easyurpmi, select 10.1 Community sources for 'main', 'contrib', 'jpackage' and 'plf'. Every day, open a root terminal and do this: urpmi.update -a --no-md5sum urpmi --auto-select You currently see updates hitting community main? I was under the impression that that is static atm. Went through this last night with a support person and it looked like the hdlist on proxad was dated Sept15. Thanks, -- Stew Benedict Mandrakesoft --- [This E-mail scanned for viruses by Declude Virus] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security Updates
On Friday 08 October 2004 09:24 am, Stew Benedict wrote: You currently see updates hitting community main? I was under the impression that that is static atm. Went through this last night with a support person and it looked like the hdlist on proxad was dated Sept15. I haven't gotten any updates from main or contrib for quite a while. Brandon Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security Updates
Stew Benedict wrote: On Fri, 8 Oct 2004, Margot wrote: For 10.1 Community, same as for 10.0 Community, there are *no* 'update' sources. Updates for Community are found in 'main', not in a separate source. Go to easyurpmi, select 10.1 Community sources for 'main', 'contrib', 'jpackage' and 'plf'. Every day, open a root terminal and do this: urpmi.update -a --no-md5sum urpmi --auto-select You currently see updates hitting community main? I was under the impression that that is static atm. Went through this last night with a support person and it looked like the hdlist on proxad was dated Sept15. Thanks, No, none at the moment, but that's where they would be once they start coming through, isn't it? I check every day because I'm on dialup - I don't want to leave it a couple of weeks and then find that I've got loads of updates to catch up on - better to do them as when they appear, in easily-digestible chunks. -- Regards Margot *-*-*-* Sent using Mozilla on a 100% Microsoft-Free Computer Registered Linux User 307617 http://counter.li.org Mandrakelinux release 10.1 (Community) for i586 kernel 2.6.8.1-10mdk ~~~ All I ask of life is a constant and exaggerated sense of my own importance. ~~~ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security Updates
Margot wrote: Stew Benedict wrote: On Fri, 8 Oct 2004, Margot wrote: For 10.1 Community, same as for 10.0 Community, there are *no* 'update' sources. Updates for Community are found in 'main', not in a separate source. Go to easyurpmi, select 10.1 Community sources for 'main', 'contrib', 'jpackage' and 'plf'. Every day, open a root terminal and do this: urpmi.update -a --no-md5sum urpmi --auto-select You currently see updates hitting community main? I was under the impression that that is static atm. Went through this last night with a support person and it looked like the hdlist on proxad was dated Sept15. Thanks, No, none at the moment, but that's where they would be once they start coming through, isn't it? I check every day because I'm on dialup - I don't want to leave it a couple of weeks and then find that I've got loads of updates to catch up on - better to do them as when they appear, in easily-digestible chunks. Hi Y'all, This is a bit of topic, but thought you might like to know that all the messages with this header went straight into my trash bin. Nice to know that my customised Mozilla mail filters are working. -- Graham Watkins Don't be lucid and ironic; people will turn this against you to show that you aren't a nice person. - Albert Camus Registered Linux user number 265254 http://counter.li.org Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security Updates
Stew Benedict wrote: You currently see updates hitting community main? I was under the impression that that is static atm. Went through this last night with a support person and it looked like the hdlist on proxad was dated Sept15. Thanks, Well, I guess I didn't need to send Mandrake my $20 for a subscription to Mandrakeonline after all eh? Crafty bastards. ;-) Oh well, I plan on upgrading to 10.1 official when it's available anyway. Now I'll be prepared in advance, I guess. -- Adam Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security check
On Wednesday 07 July 2004 10:23 am, Justin Grote wrote: DG I just started to receive security checks from my mandrake 10 system and here DG is something I'm not sure I should be concerned with or not. DG Security Warning: World Writable files found : DG Is this normal ? Hi Dan, If you just installed Postfix, then yes, that can happen. If you did a chmod on a few more things than you were expecting, yes, that can happen Mandrake is basically telling you that these are files that should only be able to be written to by a particular user (generally this is supposed to be the user that you run the daemon under), but they are set to be able to be world written. The easy way to fix this is to type this for each of those files listed: chmod o-w filepath This will remove world writable (o-w) permissions for each file. Be aware that if the user that you run the postfix daemon under is not the owner or part of the group with permissions for the files, you probably WILL RECEIVE POSTFIX errors, so chown (change owner) all postfix-related files to whatever user you run postfix under. If you have postfix running, you can type: ps aux | grep postfix to find out what user postfix runs as on your system. If this isn't a multi-user system (i.e. you are the only person who logs in), then this isn't something to be terribly worried about, but if you have multiple users with shell access (through ssh or other means) then you probably want to fix this. HTH (hope that helps), Thanks Justin, just me on this computer, probably nothing to worry about then. Regards, Dan Gordon -- Thu Jul 8 01:40:11 EDT 2004 01:40:11 up 4:37, 0 users, load average: 0.01, 0.10, 0.08 Using words to describe magic is like using a screwdriver to cut roast beef. -- Tom Robbins Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
[newbie] security updates
Hi, Is there only one source of security updates for both Community Official? And if so can Community use that security updates too? best rgds ~tt Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
[newbie] Security Advisory MDKSA-2004:037
I read this security advisory and wanted to install the kernel update associated with it however, the advisory gives a list of about 20 rpm files for release 10.0. Do I install all of these? If not, how do I know which one(s) to install? The example in the section on doing kernel updates only show one file being installed. Thanks, Steve
Re: [newbie] Security Advisory MDKSA-2004:037
On Sunday 02 May 2004 17:34, Steve wrote: I read this security advisory and wanted to install the kernel update associated with it however, the advisory gives a list of about 20 rpm files for release 10.0. Do I install all of these? If not, how do I know which one(s) to install? The example in the section on doing kernel updates only show one file being installed. Thanks, Steve These are all the different kernel flavours. You only need to install the one corresponding to the kernel you are using. If you do not know which kernel you are using hit Ctl+Alt+F1 and the kernel revision will be shown above the prompt (Ctl+Alt+F7 to go back to X) This page http://qa.mandrakesoft.com/twiki/bin/view/Main/MdkKernel92 describes the kernel flavours (It is a bit out of date and does not mention the 2.6 kernels) New kernels have to be installed not upgraded so open a terminal, su to become root, then urpmi.update -a (to update tour urpmi database), followed by urpmi kernel You will be provided with a list of available kernels. Pick the one you want. On your next boot you will be running the new kernel, there will be a new Lilo menu entry to enable you to select the old kernel if you wish. derek -- www.jennings.homelinux.net http://twiki.mdklinuxfaq.org Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security Advisory MDKSA-2004:037
Okay, Okay, my screen says: Mandrake Linux Release 10.0 (Community) for i586 Kernel 2.6.3-4mdk on an i686 /tty1 The kernel files available for download that look like they would match are: kernel-2.6.3.9mdk-1-1mdk.i586.rpm kernel-source-2.6.3-9mdk.i586.rpm Do I use the 1st or 2nd one? Thanks, Steve - Original Message - From: Derek Jennings [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, May 02, 2004 9:47 AM Subject: Re: [newbie] Security Advisory MDKSA-2004:037 On Sunday 02 May 2004 17:34, Steve wrote: I read this security advisory and wanted to install the kernel update associated with it however, the advisory gives a list of about 20 rpm files for release 10.0. Do I install all of these? If not, how do I know which one(s) to install? The example in the section on doing kernel updates only show one file being installed. Thanks, Steve These are all the different kernel flavours. You only need to install the one corresponding to the kernel you are using. If you do not know which kernel you are using hit Ctl+Alt+F1 and the kernel revision will be shown above the prompt (Ctl+Alt+F7 to go back to X) This page http://qa.mandrakesoft.com/twiki/bin/view/Main/MdkKernel92 describes the kernel flavours (It is a bit out of date and does not mention the 2.6 kernels) New kernels have to be installed not upgraded so open a terminal, su to become root, then urpmi.update -a (to update tour urpmi database), followed by urpmi kernel You will be provided with a list of available kernels. Pick the one you want. On your next boot you will be running the new kernel, there will be a new Lilo menu entry to enable you to select the old kernel if you wish. derek -- www.jennings.homelinux.net http://twiki.mdklinuxfaq.org Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security Advisory MDKSA-2004:037
On Sunday 02 May 2004 18:15, Steve wrote: Okay, Okay, my screen says: Mandrake Linux Release 10.0 (Community) for i586 Kernel 2.6.3-4mdk on an i686 /tty1 The kernel files available for download that look like they would match are: kernel-2.6.3.9mdk-1-1mdk.i586.rpm kernel-source-2.6.3-9mdk.i586.rpm Do I use the 1st or 2nd one? Thanks, Steve kernel-2.6.3.9mdk-1-1mdk.i586.rpm is the kernel to use kernel-source-2.6.3-9mdk.i586.rpm is the source code to build the kernel. You would only need this if you needed to compile your own kernel modules/drivers. For example if you have an Nvidia graphics card and you want to use the Nvidia supplied 'nvidia' driver instead of the default opensource 'nv' driver, you would need to install the kernel-source so the nvidia-installer application could compile a new nvidia driver derek -- www.jennings.homelinux.net http://twiki.mdklinuxfaq.org Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security Advisory MDKSA-2004:037
Thank you so much. I thought that was it but, did not want to blow it on nthe first try. Thank you for your help, Steve - Original Message - From: Derek Jennings [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, May 02, 2004 10:28 AM Subject: Re: [newbie] Security Advisory MDKSA-2004:037 On Sunday 02 May 2004 18:15, Steve wrote: Okay, Okay, my screen says: Mandrake Linux Release 10.0 (Community) for i586 Kernel 2.6.3-4mdk on an i686 /tty1 The kernel files available for download that look like they would match are: kernel-2.6.3.9mdk-1-1mdk.i586.rpm kernel-source-2.6.3-9mdk.i586.rpm Do I use the 1st or 2nd one? Thanks, Steve kernel-2.6.3.9mdk-1-1mdk.i586.rpm is the kernel to use kernel-source-2.6.3-9mdk.i586.rpm is the source code to build the kernel. You would only need this if you needed to compile your own kernel modules/drivers. For example if you have an Nvidia graphics card and you want to use the Nvidia supplied 'nvidia' driver instead of the default opensource 'nv' driver, you would need to install the kernel-source so the nvidia-installer application could compile a new nvidia driver derek -- www.jennings.homelinux.net http://twiki.mdklinuxfaq.org Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
[newbie] Security Update Woes
I have just reinstalled the down load version of 9.2 for the fourth time. In the previous installations all appeared well until I installed the security updates. The initial installations identified correctly my cd rom, floppy, hard disc, etc. Most gratifying was xD card reader was identified as mt/windows and it worked. Opening sequence was file/mnt/windows/dcim/100olymp/*.jpg But when I d/l and installed all of the suggested/listed security updates utter ruin was the result. The xD card reader icon requested a program to read the device . I tried everything on the KDE menu without success. The floppy no longer responded. There was actually a lock attached to the icon. The Kmai was missing from the mail menu. Kppp was also missing from the Network/ Remote Access menu. I did searches for 100olymp and dcim . Nothing was found, as though the two file/directories were removed from the system. Security updates somehow made my system so secure I could no longer use it. Please, what can I do? I want to keep my system current with the necessary updates. Owen Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security Update Woes
On Mon, 2004-04-19 at 03:13, Owen Berio wrote: I have just reinstalled the down load version of 9.2 for the fourth time. In the previous installations all appeared well until I installed the security updates. The initial installations identified correctly my cd rom, floppy, hard disc, etc. Most gratifying was xD card reader was identified as mt/windows and it worked. Opening sequence was file/mnt/windows/dcim/100olymp/*.jpg But when I d/l and installed all of the suggested/listed security updates utter ruin was the result. The xD card reader icon requested a program to read the device . I tried everything on the KDE menu without success. The floppy no longer responded. There was actually a lock attached to the icon. The Kmai was missing from the mail menu. Kppp was also missing from the Network/ Remote Access menu. I did searches for 100olymp and dcim . Nothing was found, as though the two file/directories were removed from the system. Security updates somehow made my system so secure I could no longer use it. Please, what can I do? I want to keep my system current with the necessary updates. Owen Run MCC and double check all the security settings there - it would appear that you're correct in thinking that your security settings have been reconfigured... stephen kuhn - owner == illawarra computer services a kuhn media australia company http://kma.0catch.com -- * This message was composed on a 100% Microsoft free computer * We expressly refuse to utilise Microsoft DRM encoded documents -- You get more air close to the ground, said Angalo. I read that in a book. You get lots of air low down, and not much when you go up. Why not? said Gurder. Dunno. It's frightened of heights, I guess. -- The nomes discuss science (Terry Pratchett, Wings) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security Update Woes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sunday 18 April 2004 18:13, Owen Berio wrote: The initial installations identified correctly my cd rom, floppy, hard disc, etc. Most gratifying was xD card reader was identified as mt/windows and it worked. Opening sequence was file/mnt/windows/dcim/100olymp/*.jpg But when I d/l and installed all of the suggested/listed security updates utter ruin was the result. The xD card reader icon requested a program to read the device . I tried everything on the KDE menu without success. You have an Olympus camera, yes? xD is a format developed by Olympus and FujiFilm. Olympus cameras use the /dcim/something-like-camera-name format. I think that this is similar to your problem with the floppy - a permissions problem. Have you tried HardDrake with the card reader attached? It should detect it. Check carefully the options you have - I can't remember what it gives you for removable disks, which is what it calls your card, but if you have the option do select User. If not, post your /etc/fstab here and someone will show you where to add User to the relevant lines. The floppy no longer responded. There was actually a lock attached to the icon. Definitely permissions. The Kmai was missing from the mail menu. Kppp was also missing from the Network/ Remote Access menu. There is a command something like update-menus -v Someone will correct me if I am wrong. Security updates somehow made my system so secure I could no longer use it. Please, what can I do? I want to keep my system current with the necessary updates. I've never had problems like that from updates, but occasionally something does go wrong. There's always someone who can help you sort it out. Worry not - it will get better. Anne - -- Registered Linux User No.293302 Have you visited http://twiki.mdklinuxfaq.org yet? -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQFAgs1EkFAvMr/nNX8RAqw6AJ4yAwp7NmKyLXFtqdSyndTUAswiEgCeIunI geTfegxu7K5qNI+PL9yA2AQ= =SYR9 -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] Security Update Woes
On Sunday 18 April 2004 20:47, Anne Wilson wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sunday 18 April 2004 18:13, Owen Berio wrote: The initial installations identified correctly my cd rom, floppy, hard disc, etc. Most gratifying was xD card reader was identified as mt/windows and it worked. Opening sequence was file/mnt/windows/dcim/100olymp/*.jpg But when I d/l and installed all of the suggested/listed security updates utter ruin was the result. The xD card reader icon requested a program to read the device . I tried everything on the KDE menu without success. You have an Olympus camera, yes? xD is a format developed by Olympus and FujiFilm. Olympus cameras use the /dcim/something-like-camera-name format. I think that this is similar to your problem with the floppy - a permissions problem. Have you tried HardDrake with the card reader attached? It should detect it. Check carefully the options you have - I can't remember what it gives you for removable disks, which is what it calls your card, but if you have the option do select User. If not, post your /etc/fstab here and someone will show you where to add User to the relevant lines. The floppy no longer responded. There was actually a lock attached to the icon. Definitely permissions. The Kmai was missing from the mail menu. Kppp was also missing from the Network/ Remote Access menu. There is a command something like update-menus -v Someone will correct me if I am wrong. Security updates somehow made my system so secure I could no longer use it. Please, what can I do? I want to keep my system current with the necessary updates. I've never had problems like that from updates, but occasionally something does go wrong. There's always someone who can help you sort it out. Worry not - it will get better. Anne Can you plug the camera into the USB port directly ? - I have an Olympus C-740 UZ and it works perfectly that way. After a short while an icon for another hard disk pops up and all is well. What do you mean by can no longer use it ? - Can't you get into the system at all ? - If not, can you boot into single user mode ? If so, from a root console, type : msec 3 , whatch the messages scroll by and then reboot normally. That way you reset all the security setting to high in case you accidentially have higher or paranoid. You can use msec 2 as well, but I don recommend it if you have more then one user. By the way : it is wise to restrict your questions to one at a time or one for each thread. Otherwise things get messed up really fast. HTH Kaj Haulrich. -- * Sent from a 100 % Microsoft-free computer * * running Linux kernel 2.6.4 on Mandrake 10.0 * Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
[newbie] Security Update Woes
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
[newbie] Security and upgradeability of MandrakeMove?
Good morning all, I've been distro-testing and had my eye caught by MandrakeMove, which by all accounts seems to be an excellent piece of work. I have some questions, however, that haven't been answered by anything I've read so far, so I'm hopeful that someone here will know the answers... 1. Can the USB drive be encrypted? I would have a greater peace of mind about hauling my information on my keychain if I knew that it couldn't just be read off of the drive by anyone who finds it if it's lost or stolen. 2. How does Mandrake mean to maintain updates for the OS? There's only but so many patches that can be tossed on the USB before it reaches a point where a new CD will need to be compiled to hold the information. 3. Can any applications be run off of the USB drive? Say for example that I really, really need a program that isn't on the CD. Is it possible to rig things up so that KDE will load a program off of the USB when it boots? Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Security Camera Software
Hi all Can anybody recommend software for use with security cameras? I have a 4-port card from conexant and would like to hook up 4 cameras with 24/7 recording. TIA Shaz Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] security update problem
Xfree doesn't work due to latest update on 9.1 box. Is there a way to reload from the installation cd or another way to fix this? Would appreciate any help in getting computer back up and running. I have gotten familiar with the mandrake GUI and would prefer not to use xp. Thanks john Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security
On Thu, 2003-07-24 at 16:43, aron smith wrote: I notice that now dmsg returns a unknown command whats happining? Are you typing dmsg or dmesg ? -- Thu Jul 24 20:55:01 EST 2003 20:55:01 up 10 days, 12:58, 3 users, load average: 0.11, 0.18, 0.12 - |____ |kuhn media australia| | /-oo /| |'-. |http://kma.0catch.com | | .\__/ || | | || | _ / `._ \|_|_.-' |stephen kuhn| | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | - linux user #:267497 linux machine #:194239 * MDK 9.1+ RH 9 Mandrake Linux Kernel 2.4.21-11mdk Cooker for i586 - * This message was composed on a 100% Microsoft free computer * The mark of an immature man is that he wants to die nobly for a cause, while the mark of a mature man is that he wants to live humbly for one. -- William Stekel Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security
On Thursday 24 July 2003 06:58 am, Stephen Kuhn wrote: On Thu, 2003-07-24 at 16:43, aron smith wrote: I notice that now dmsg returns a unknown command whats happining? Are you typing dmsg or dmesg ? thanks was typing dmsg ..oops anymore good commands to monitor system? Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security
On Thu, 2003-07-24 at 23:35, Aron Smith wrote: On Thursday 24 July 2003 06:58 am, Stephen Kuhn wrote: On Thu, 2003-07-24 at 16:43, aron smith wrote: I notice that now dmsg returns a unknown command whats happining? Are you typing dmsg or dmesg ? thanks was typing dmsg ..oops anymore good commands to monitor system? top free -m df -h sensors who tail /var/log/messages -n 40 -- Thu Jul 24 23:50:00 EST 2003 23:50:00 up 10 days, 15:53, 3 users, load average: 0.22, 0.45, 0.51 - |____ |kuhn media australia| | /-oo /| |'-. |http://kma.0catch.com | | .\__/ || | | || | _ / `._ \|_|_.-' |stephen kuhn| | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | - linux user #:267497 linux machine #:194239 * MDK 9.1+ RH 9 Mandrake Linux Kernel 2.4.21-11mdk Cooker for i586 - * This message was composed on a 100% Microsoft free computer * The bad reputation UNIX has gotten is totally undeserved, laid on by people who don't understand, who have not gotten in there and tried anything. -- Jim Joyce, former computer science lecturer at the University of California Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security
On Thursday 24 July 2003 09:53 am, Stephen Kuhn wrote: On Thu, 2003-07-24 at 23:35, Aron Smith wrote: On Thursday 24 July 2003 06:58 am, Stephen Kuhn wrote: On Thu, 2003-07-24 at 16:43, aron smith wrote: I notice that now dmsg returns a unknown command whats happining? Are you typing dmsg or dmesg ? thanks was typing dmsg ..oops anymore good commands to monitor system? top free -m df -h sensors who tail /var/log/messages -n 40 thanks stephen Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security flaw in VMWare 4 for Linux
On Sat, 2003-06-28 at 18:31, Stephen Kuhn wrote: On Sun, 2003-06-29 at 04:36, Adolfo Bello wrote: Hi there: Users of vmware 4 for linux should take a look at the link below and see how this can affect or compromise their machines: http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1019 Saludos, Adolfo Hmmm...glad I haven't upgraded yet... Where ya been, Adolfo - having a holiday, or slacking? Holiday? I use to know its meaning. :-((( 100% of my time in the last three weeks has been dedicated to prepare a bid for a large system. I'll be free again by the next week end. Saludos, Adolfo Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security flaw in VMWare 4 for Linux
On Mon, 2003-06-30 at 21:45, Adolfo Bello wrote: Holiday? I use to know its meaning. :-((( 100% of my time in the last three weeks has been dedicated to prepare a bid for a large system. I'll be free again by the next week end. Saludos, Adolfo Maybe I should move there. Got a bed free? -- Mon Jun 30 23:25:01 EST 2003 23:25:01 up 5 days, 23:11, 3 users, load average: 1.00, 1.07, 1.08 - |____ |kuhn media australia| | /-oo /| |'-. |http://kma.0catch.com | | .\__/ || | | || | _ / `._ \|_|_.-' |stephen kuhn| | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | - linux user #:267497 linux machine #:194239 * MDK 9.1 RH 7.3 Mandrake Linux Kernel 2.4.21-11mdk Cooker for i586 - * This message was composed on a 100% Microsoft free computer * To be wise, the only thing you really need to know is when to say I don't know. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Security flaw in VMWare 4 for Linux
Hi there: Users of vmware 4 for linux should take a look at the link below and see how this can affect or compromise their machines: http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1019 Saludos, Adolfo Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security flaw in VMWare 4 for Linux
On Sun, 2003-06-29 at 04:36, Adolfo Bello wrote: Hi there: Users of vmware 4 for linux should take a look at the link below and see how this can affect or compromise their machines: http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1019 Saludos, Adolfo Hmmm...glad I haven't upgraded yet... Where ya been, Adolfo - having a holiday, or slacking? -- Sun Jun 29 08:30:00 EST 2003 08:30:00 up 4 days, 8:16, 3 users, load average: 1.40, 1.32, 1.24 - |____ |kuhn media australia| | /-oo /| |'-. |http://kma.0catch.com | | .\__/ || | | || | _ / `._ \|_|_.-' |stephen kuhn| | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | - linux user #:267497 linux machine #:194239 * MDK 9.1 RH 7.3 Mandrake Linux Kernel 2.4.21-11mdk Cooker for i586 - * This message was composed on a 100% Microsoft free computer * Idiot I may be, but tied up I ain't. -- Gaspode the wonder dog (Terry Pratchett, Moving Pictures) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] security..read and learn!!
http://www.seifried.org/lasg/index.html This may have been posted in the past but I feel that it's something everyone (newbie and experts) should read.. more now then ever!! If anyone knows of other sites like this could they holla back with the url included.. I live in Japan and I'm pushing linux full steam and one of the major topics I discuss is security.. I'm no were near being a guru on this topic but having information to back up your conversation helps a great deal.. -- Gavin c/o GES systems admin Fukushimaken, Fukushima City Japan Register Linux user # 199685 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] security update corrupted package
Thanx Jerry, it apparently had to do with the mirrors I tried. Working with a dutch mirror now and succeeded in updating everything. Strange that MCC update icon never gives me the mandrake mirror list for updates. Always get message that server is unreachable or sthing. Anyway, adding a mirror manually in MCC software manager works OK Look and thou shall find From: Jerry Barton [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [newbie] security update corrupted package Date: Wed, 12 Feb 2003 06:31:07 -0700 On Sun, 09 Feb 2003 17:27:00 +0100 ivette brusselmans [EMAIL PROTECTED] wrote: Hello, when security updating on ftp://mirrors.secsup.org/pub/linux/mandrake/Mandrake/updates/9.0/RPMS/ I keep getting the message: package samba-client-2.2.7-2.1mdk.i568.rpm is corrupted. I tried serveral other mirrors, same message. cannot install any security updates thanx _ you might want to go and check if there are any vestiges of it left in /var/cache/urpmi/rpms and, if so, delete them and try again. just an idea... i've had rpmdrake fail on a package and when it exited it didn't delete it from there so i could not re-download it. Jerry -- -- Registered Linux user # 300600 Registered Linux machine # 185855 at http://counter.li.org (¬_ //\ V_/_ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com _ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] security update corrupted package
On Sun, 09 Feb 2003 17:27:00 +0100 ivette brusselmans [EMAIL PROTECTED] wrote: Hello, when security updating on ftp://mirrors.secsup.org/pub/linux/mandrake/Mandrake/updates/9.0/RPMS/ I keep getting the message: package samba-client-2.2.7-2.1mdk.i568.rpm is corrupted. I tried serveral other mirrors, same message. cannot install any security updates thanx _ you might want to go and check if there are any vestiges of it left in /var/cache/urpmi/rpms and, if so, delete them and try again. just an idea... i've had rpmdrake fail on a package and when it exited it didn't delete it from there so i could not re-download it. Jerry -- -- Registered Linux user # 300600 Registered Linux machine # 185855 at http://counter.li.org (¬_ //\ V_/_ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] security update corrupted package
Hello, when security updating on ftp://mirrors.secsup.org/pub/linux/mandrake/Mandrake/updates/9.0/RPMS/ I keep getting the message: package samba-client-2.2.7-2.1mdk.i568.rpm is corrupted. I tried serveral other mirrors, same message. cannot install any security updates thanx _ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security audit websites ?
On Sunday 12 January 2003 06:19 pm, Derek Jennings wrote: Alternatively if you are more comfortable with GUIs, then firestarter is a nice GUI front end to iptables which is a lot like ZoneAlarm for Windows. Firestarter is less powerful than shorewall, but easier for newbies to relate to. You can get it here ftp://ftp.ibiblio.org/pub/Linux/distributions/contrib/texstar/linux /distributions/mandrake/9.0/rpms I have installed firestarter 0.9.0. But, when I click Firestarter icon on desktop, the message is Log file not found or access denied. Firewall log monitoring disabled. You can configure the path to the log file in the 'preferences' section. Is it normal ?. Maybe, I must login as root to see the attack log. - -- Rifza Adriansyah Firestarter has to be run as root -- -- www.jennings.homelinux.net Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security audit websites ?
On Tue, 2003-01-14 at 23:17, Rifza Adriansyah wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sunday 12 January 2003 06:19 pm, Derek Jennings wrote: Alternatively if you are more comfortable with GUIs, then firestarter is a nice GUI front end to iptables which is a lot like ZoneAlarm for Windows. Firestarter is less powerful than shorewall, but easier for newbies to relate to. You can get it here ftp://ftp.ibiblio.org/pub/Linux/distributions/contrib/texstar/linux /distributions/mandrake/9.0/rpms I have installed firestarter 0.9.0. But, when I click Firestarter icon on desktop, the message is Log file not found or access denied. Firewall log monitoring disabled. You can configure the path to the log file in the 'preferences' section. Is it normal ?. Maybe, I must login as root to see the attack log. - -- Rifza Adriansyah Login as root - or you can set it up to mail you the log files. -- Wed Jan 15 07:35:01 EST 2003 7:35am up 23:16, 4 users, load average: 0.37, 0.17, 0.10 -- |____ | kuhn media australia| | / ,, /| |'-. | http://kma.0catch.com | | .\__/ || | | |=| | _ / `._ \|_|_.-' | stephen kuhn| | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | | |/ ._/ || | email: [EMAIL PROTECTED]| | |'. `\ | | |icq: 5483808 | | ;/ / | | | | | smk ) /_/| |.---.| | mobile: 0410-728-389| | ' `-`' | Berkeley, New South Wales, AU | -- * linux user:267497 * RH 7.3+ * PC/Mac/Linux/Networking/Consulting -- Hop along my little friends, up the Withywindle! Tom's going on ahead candles for to kindle. Down west sinks the Sun; soon you will be groping. When the night-shadows fall, then the door will open, Out of the winfow-panes light will twinkle yellow. Fear no alder black! Heed no hoary willow! Fear neither root nor bough! Tom goes on before you. Hey now! merry dol! We'll be waiting for you! -- J. R. R. Tolkien Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Security audit websites ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greetings, Are there security audit websites for linux like grc.com ?. Is iptables enough for linux home user ?. Thanks for your help. - -- Rifza Adriansyah Are you using GnuPG ? Find my public key at http://belgium.keyserver.net -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+IS35H9VEhcXPGz4RAmzeAKCusQ+6GkjYCWm+JhRimjl/9lGU3ACg4MSr m+GgGiYlgsJ4XBGHkvDP/lE= =y74e -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security audit websites ?
Greetings, Are there security audit websites for linux like grc.com ?. Is iptables enough for linux home user ?. Thanks for your help. - -- Rifza Adriansyah You can use grc.com There is nothing OS specific about it. However grc.com does not do a particularly efficient scan. For a more complete one try here http://scan.sygatetech.com/ As for iptables. It is *more* than enough. However there are many ways of setting up iptables. Mandrake 9.0 uses the 'shorewall' application to set up iptables, and because shorewall is text based Mandrake have made a little GUI in Mandrake Control Centre which is adequate but limited. If you want to do anything more complicated with shorewall visit www.shorewall.net where you can learn how to manipulate the text files. Alternatively if you are more comfortable with GUIs, then firestarter is a nice GUI front end to iptables which is a lot like ZoneAlarm for Windows. Firestarter is less powerful than shorewall, but easier for newbies to relate to. You can get it here ftp://ftp.ibiblio.org/pub/Linux/distributions/contrib/texstar/linux/distributions/mandrake/9.0/rpms (f you use firestarter do not forget to uninstall shorewall) derek -- -- www.jennings.homelinux.net Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security audit websites ?
On Sun, 2003-01-12 at 19:57, Rifza Adriansyah wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greetings, Are there security audit websites for linux like grc.com ?. Is iptables enough for linux home user ?. Thanks for your help. - -- Rifza Adriansyah I think you'll find that just using LINUX overall is more than enough to deter problems - but yeah, ipchains and iptables are pretty much enough to keep you safe for regular home use. You CAN get rather elaborate with your own scripts for either ipchains or iptables - just a matter of sitting down and figuring out how locked down you want your system. Cheers! -- Sun Jan 12 22:20:00 EST 2003 10:20pm up 6 min, 2 users, load average: 0.67, 0.54, 0.29 -- |____ | kuhn media australia| | / ,, /| |'-. | http://kma.0catch.com | | .\__/ || | | |=| | _ / `._ \|_|_.-' | stephen kuhn| | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | | |/ ._/ || | email: [EMAIL PROTECTED]| | |'. `\ | | |icq: 5483808 | | ;/ / | | | | | smk ) /_/| |.---.| | mobile: 0410-728-389| | ' `-`' | Berkeley, New South Wales, AU | -- * linux user:267497 * RH 7.3+ * PC/Mac/Linux/Networking/Consulting -- Just think, with VLSI we can have 100 ENIACS on a chip! -- Alan Perlis Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Real Newbie security questions
Richard, I don't use a dial up setup but did have fierewall issues initally with 9.0. I uninstalled all the stock firewall tools, shorewall, and didn't use the control center drake tools either. instead, I downloaded firestarter and use it. it is very easy for a newbie, and actually works. it even allows NAT connections, so I can share my cable modem with my wife's box. ( again I didn't use the connection sharing tool or firewall tool in control center as it broke my connection to the internet. ) here is the url : http://distro.ibiblio.org/pub/Linux/distributions/mandrake/Mandrake/9.0/contrib/RPMS/ the firestarter there is for LM 9.0 If you have setup any of the built-in firewalling tools, either remove all traces of them, ( unless you can still surf and such ) or don't use them. before someone flames me, I say this because on the four trys to get them to work they kept killing my connection to the internet, or to my LAN and I could not undo them no matter how properly I did it, and would have to reinstall. they even would change my settings to their defaults on reboots. I couldn't find any useful documentation on how I must have set it up improperly or how I may have errors in the settiongs. so I would humbly recommend taking a simple, though not built-in approach. ( my problem maybe hardware or kernel related too ) Anyway, with firestarter, all my ports show stealthed and unwanted packets are rejected, and logged. I send this because I couldn't find any good help for the drake tools and had to figure out myself how to get a running firewall in place. I must say though, that this is the first actually running and secure firewall I've had running since 8.0. In 8.1 and 8.2 I could only get a less than perfect firewall running. anyway again, try it if you dare, it works for me ;-) Richard Urwin wrote: Hi, OK, I'm a newbie at MDK 9.0 i586 of 5 hours standing. I installed at the higher security setting. I enabled the Firewall and depressed all the (other) checkboxes. I then had two issues: Users (except root) couldn't read the documentation. ie start-Documentation-anything failed with access violation. The documents in question were readable, but the directories in which they sat did not have execute permission for 'other'. The firewall did not appear to let through *any* traffic. I checked with my ISP that I was connected and authorised, and routing was correct, but at least ping (UDP/echo?) and DNS traffic were blocked. I have now reverted to standard security and allow everything firewalling. These issues have gone away. -- Mike McNeese ~ currently triple booting win98lite Mandrake versions 8.0 and 8.2 and testing 9.0 Final - Linux registered user # 248955 ~ If obstacles are all we see, then we've lost sight of our goal! Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Real Newbie security questions
On Thursday October 17 2002 03:46 am, Richard Urwin wrote: Hi, OK, I'm a newbie at MDK 9.0 i586 of 5 hours standing. I installed at the higher security setting. It's a good idea, specially with a new install (or upgrade) to set the minimum security level. Then move up later if a higher level is needed. For most all destop systems the 'standard' level is the correct one. Any higher and you only start to lock yourself out of the system. I enabled the Firewall and depressed all the (other) checkboxes. I suppose that'd be shorewall. I couldn't get my head around it. No matter how much I played with it, I couldn't get mail, connect to news, ftp, or surf the web. At least not all at once. I installed guarddog-2.0.0-2mdk and it seems very simple to get a great firewall going, and still be able to use the system ;) All of the scans at http://scan.sygatetech.com/ show me locked up jelly tight, don't even exist ;) FWIW, as I normally do I also have portsentry-1.1-3mdk (compiled from src.rpm) installed and runnin also. -- Tom Brinkman Corpus Christi, Texas Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
RE: [newbie] Real Newbie security questions
Richard, I don't use a dial up setup but did have fierewall issues initally with 9.0. Thanks for your reply, when I get back to the machine I'll give your suggestion a try. You seem to be on an ethernet feed from a cable modem? I have an (unconnected) ethernet NIC in the machine. If this was a general problem I would have expected Mandrake to have recognised it, maybe it has something to do with having an ethernet port rather than just a PPP port... -- Richard Urwin, Private No 9000 series computer has ever made a mitsake or corrubiteddatatato. This email has been scanned for all viruses by the MessageLabs SkyScan service. For more information on a proactive anti-virus service working around the clock, around the globe, visit http://www.messagelabs.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
On Thursday 17 Oct 2002 7:55 pm, Mark Weaver wrote: Piero Piutti wrote: On Monday 14 October 2002 21:08, Eric S. Dye wrote: another good firewall program that i use is the black ice program and of course norton sells a good one as well. i wouldn't worry about broadcasting your I P address, but if you do a lot of surfing, you should consider a firewall. i think Linux has a built in firwall, doesn't it. if you still think that Black Ice Defender is a good firewall have a look at this website http://www.grc.com and see what results it had when tested. having BID installed on your windowz machine can be even worse that having no firewall at all (i.e. false sense of security). when you need a firewall, ZoneAlarm is the choice. I must heartliy disagree here. If you're going to be connected via DSL or Cable connection the only prudent thing to do is errect a real firewall. With the price of New PC's being in the moderate price range of 500 - 700 dollars for a fair system, there are literally thousands of old P1-90Mhz machines out there for the asking. Get hold of one and make a real firewall. You can get a Gateway/firewall setup and functioning well on a weekend and then not have to worry about whether or not you're protected. You'll know! And for two real good reasons. 1) if you're intelligent enough to install and setup Linux, you're more then able to setup an iptables firewall. To the nicest iptables firewall I've seen is the one that comes with Mandrake 9.0. Shorewall. Using this firewall works best if your gateway/firewall machine is setup with two nic cards. 2) once you've got things setup and running you'll quickly begin to see how things work and you'll appreciate the total hands-on control this kind of setup affords you, the user. Mark If you have a *really* old spare computer, I recommend the LEAF-Bering distribution. It just about fits on 1 floppy and will run on a 386 with 8MB of memory. No hard drive is needed so it is virtually silent. It comes with shorewall firewall just like Mandrake 9.0 Sit it in the corner and forget about it. http://leaf.sourceforge.net/ derek Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
The description at leaf says, it's primarily used as a gateway/ router/firewall for Internet leaf sites. What's a leaf site? Miark Derek Jennings [EMAIL PROTECTED] saith: On Thursday 17 Oct 2002 7:55 pm, Mark Weaver wrote: If you have a *really* old spare computer, I recommend the LEAF-Bering distribution. It just about fits on 1 floppy and will run on a 386 with 8MB of memory. No hard drive is needed so it is virtually silent. It comes with shorewall firewall just like Mandrake 9.0 Sit it in the corner and forget about it. http://leaf.sourceforge.net/ derek Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
At 02:55 PM 10/17/2002 -0400, you wrote: I must heartliy disagree here. If you're going to be connected via DSL or Cable connection the only prudent thing to do is errect a real firewall. With the price of New PC's being in the moderate price range of 500 - 700 dollars for a fair system, there are literally thousands of old P1-90Mhz machines out there for the asking. Get hold of one and make a real firewall. You can get a Gateway/firewall setup and functioning well on a weekend and then not have to worry about whether or not you're protected. You'll know! And for two real good reasons. 1) if you're intelligent enough to install and setup Linux, you're more then able to setup an iptables firewall. To the nicest iptables firewall I've seen is the one that comes with Mandrake 9.0. Shorewall. Using this firewall works best if your gateway/firewall machine is setup with two nic cards. 2) once you've got things setup and running you'll quickly begin to see how things work and you'll appreciate the total hands-on control this kind of setup affords you, the user. Mark I'm smart enough to setup this thing you call a firewall (not yet...still hammeringa way at the silly thing with my li --- Femme Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
At 02:55 PM 10/17/2002 -0400, you wrote: I must heartliy disagree here. If you're going to be connected via DSL or Cable connection the only prudent thing to do is errect a real firewall. With the price of New PC's being in the moderate price range of 500 - 700 dollars for a fair system, there are literally thousands of old P1-90Mhz machines out there for the asking. Get hold of one and make a real firewall. You can get a Gateway/firewall setup and functioning well on a weekend and then not have to worry about whether or not you're protected. You'll know! And for two real good reasons. 1) if you're intelligent enough to install and setup Linux, you're more then able to setup an iptables firewall. To the nicest iptables firewall I've seen is the one that comes with Mandrake 9.0. Shorewall. Using this firewall works best if your gateway/firewall machine is setup with two nic cards. 2) once you've got things setup and running you'll quickly begin to see how things work and you'll appreciate the total hands-on control this kind of setup affords you, the user. Mark Hell i hope that last one didn't send... I meant to say only that i can't get SNF setup so far. Simple? Hm not as simple as a straight linux install so far :) heh And i'm not stupid. But my (un)related question is: How do you determine if you need a gateway? Or a comp that acts as one as well as a firewall. I was reading MDKs site for docs it says (in my case from what i got) I don't need one. Someone care to enumerate clearer more concise guidelines? Ty --- Femme Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
On Thursday 17 October 2002 05:32 pm, FemmeFatale wrote: At 02:55 PM 10/17/2002 -0400, you wrote: I must heartliy disagree here. If you're going to be connected via DSL or Cable connection the only prudent thing to do is errect a real firewall. Agreed. [snip] heh And i'm not stupid. But my (un)related question is: How do you determine if you need a gateway? Or a comp that acts as one as well as a firewall. I was reading MDKs site for docs it says (in my case from what i got) I don't need one. Someone care to enumerate clearer more concise guidelines? Ty You need a firewall. Think of it as being a good neighbor. Granted, you may have nothing you consider of interest on your hard drive. Granted, linux is not the target of choice amongst the s'kiddies. There is a (very small) danger is that someone who has a clue will crack your box and use it to crack others. At that point, there's an (even smaller) chance that you'll get to explain your approach to security to the FBI or local equivalent. So, do a cost/benefit analysis -- a small amount of exposure vs an old Pentium firewall (with attendent bother of setting it up) or a $51 Linksys 4-Port Cable/DSL Router (price after rebates on Amazon, may be other cheaper products, the 1-port is only $47). --- Femme Barry Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thursday 17 October 2002 11:55 am, Mark Weaver did speak unto the huddled masses, saying: old P1-90Mhz machines out there for the asking. Get hold of one and make a real firewall. You can get a Gateway/firewall setup and functioning well on a weekend and then not have to worry about whether or not you're protected. You'll know! And for two real good reasons. mandrakes Single Network Firewall runs on a p90 with 500 hdd and runs well here.. - -- If the human brain were so simple we could understand it, we would be so simple that we couldn't. shane Profile at: http://dmoz.org/profiles/shen.html Proud to be a DMOZ editor since 10-98 Mandrake Users Club Member http://www.linux-mandrake.com/en/club/ Registered linux user #101606 http://counter.li.org/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9ruPgBwq+ZwvIN/oRArvZAJ4zXxnGAhEhI4eOSJldLk3w8MhdWACfTDVN a0dn7AMzwV6qwOVYTLnrhjY= =cCFI -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
At 09:22 AM 10/17/2002 -0700, you wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thursday 17 October 2002 11:55 am, Mark Weaver did speak unto the huddled masses, saying: old P1-90Mhz machines out there for the asking. Get hold of one and make a real firewall. You can get a Gateway/firewall setup and functioning well on a weekend and then not have to worry about whether or not you're protected. You'll know! And for two real good reasons. mandrakes Single Network Firewall runs on a p90 with 500 hdd and runs well here.. - -- If the human brain were so simple we could understand it, we would be so simple that we couldn't. shane besides the downloadable manual for SNF in PDF format I haven't been able to find much information on it. Is there something else I missed after perusing the Mandrake Website? --- Femme Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
Piero Piutti wrote: On Monday 14 October 2002 21:08, Eric S. Dye wrote: another good firewall program that i use is the black ice program and of course norton sells a good one as well. i wouldn't worry about broadcasting your I P address, but if you do a lot of surfing, you should consider a firewall. i think Linux has a built in firwall, doesn't it. if you still think that Black Ice Defender is a good firewall have a look at this website http://www.grc.com and see what results it had when tested. having BID installed on your windowz machine can be even worse that having no firewall at all (i.e. false sense of security). when you need a firewall, ZoneAlarm is the choice. I must heartliy disagree here. If you're going to be connected via DSL or Cable connection the only prudent thing to do is errect a real firewall. With the price of New PC's being in the moderate price range of 500 - 700 dollars for a fair system, there are literally thousands of old P1-90Mhz machines out there for the asking. Get hold of one and make a real firewall. You can get a Gateway/firewall setup and functioning well on a weekend and then not have to worry about whether or not you're protected. You'll know! And for two real good reasons. 1) if you're intelligent enough to install and setup Linux, you're more then able to setup an iptables firewall. To the nicest iptables firewall I've seen is the one that comes with Mandrake 9.0. Shorewall. Using this firewall works best if your gateway/firewall machine is setup with two nic cards. 2) once you've got things setup and running you'll quickly begin to see how things work and you'll appreciate the total hands-on control this kind of setup affords you, the user. Mark Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
Michael Adams wrote: Hands up all those that have had major isues trying to uninstall Bonzai Buddy from computers when it had been inadvertently downloaded. This would be a lot less of a problem in Linux even if the buddy came in an RPM. heh! :) well...you could always convert the source code and port it to Linux. NOT!!! sorry...couldn't resist. Mark Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
Hands up all those that have had major isues trying to uninstall Bonzai Buddy from computers when it had been inadvertently downloaded. This would be a lot less of a problem in Linux even if the buddy came in an RPM. On Tue, 15 Oct 2002 12:09, E T wrote: ever seen the bonzi buddie as parrot like the paperclip in m$oriface, that was free, but better spyware than doubleclick could buy. same folks, I would wonder about the firewall and weither it was spyware too. On Monday 14 October 2002 05:30 am, shane wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 14 October 2002 1:46 pm, Marco Verheul did speak unto the huddled masses, saying: I was just surfing the internet when I got a security alert, stating that I am broadcasting an IP address and that my PC could be getting unwanted visitors. I was directed to the following link: it is a pop-up ad for a useless product, i connect through a pretty damn good firewall and do _not_ broadcast anything, but i get it all the time. - -- The sum of the intelligence of the world is constant. The population is, of course, growing. shane Profile at: http://dmoz.org/profiles/shen.html Proud to be a DMOZ editor since 10-98 Mandrake Users Club Member http://www.linux-mandrake.com/en/club/ Registered linux user #101606 http://counter.li.org/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9qo6rBwq+ZwvIN/oRAic3AJsFxyxx8iAdQ7HqQGZ7INDo6stXEwCfa9tm uvfS4og88630q0lTuHkeqRQ= =pVI9 -END PGP SIGNATURE- -- Michael Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
RE: [newbie] Security alert
the worst spyware is IMHO Alexa, They even say in their license that they will collect Some personially identifable material they record where you go, what you enter into online forms and a ton of other stuff,,, that is such strong spyware, that it should class as a trojan horse... luckily, thats just something else for win users to worry about. rgds Frank -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of E T Sent: Tuesday, 15 October 2002 7:10 AM To: [EMAIL PROTECTED] Subject: Re: [newbie] Security alert ever seen the bonzi buddie as parrot like the paperclip in m$oriface, that was free, but better spyware than doubleclick could buy. same folks, I would wonder about the firewall and weither it was spyware too. On Monday 14 October 2002 05:30 am, shane wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 14 October 2002 1:46 pm, Marco Verheul did speak unto the huddled masses, saying: I was just surfing the internet when I got a security alert, stating that I am broadcasting an IP address and that my PC could be getting unwanted visitors. I was directed to the following link: it is a pop-up ad for a useless product, i connect through a pretty damn good firewall and do _not_ broadcast anything, but i get it all the time. - -- The sum of the intelligence of the world is constant. The population is, of course, growing. shane Profile at: http://dmoz.org/profiles/shen.html Proud to be a DMOZ editor since 10-98 Mandrake Users Club Member http://www.linux-mandrake.com/en/club/ Registered linux user #101606 @ http://counter.li.org/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9qo6rBwq+ZwvIN/oRAic3AJsFxyxx8iAdQ7HqQGZ7INDo6stXEwCfa9tm uvfS4og88630q0lTuHkeqRQ= =pVI9 -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
i did indeed go to the site below and my Black Ice Defender proved completely stealthy. thank you.. eric At 09:03 AM 10/15/2002 +, you wrote: On Monday 14 October 2002 21:08, Eric S. Dye wrote: another good firewall program that i use is the black ice program and of course norton sells a good one as well. i wouldn't worry about broadcasting your I P address, but if you do a lot of surfing, you should consider a firewall. i think Linux has a built in firwall, doesn't it. if you still think that Black Ice Defender is a good firewall have a look at this website http://www.grc.com and see what results it had when tested. having BID installed on your windowz machine can be even worse that having no firewall at all (i.e. false sense of security). when you need a firewall, ZoneAlarm is the choice. -- Piero Piutti --- Ticket to Ride - The Unofficial Ride Website: http://www.mareasub.it/ride Message mailed with: KMail 1.4.3 ~ KDE 3.0.3 ~ Mandrake Linux 9.0 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re[2]: [newbie] Security alert
Hi, if you still think that Black Ice Defender is a good firewall have a look at this website http://www.grc.com and see what results it had when tested. having BID installed on your windowz machine can be even worse that having no firewall at all (i.e. false sense of security). when you need a firewall, ZoneAlarm is the choice. i did indeed go to the site below and my Black Ice Defender proved completely stealthy. thank you.. It is not a problem with inbound traffic (which you probably tested), it's a problem with outbound traffic. http://grc.com/lt/leaktest.htm and http://grc.com/lt/bidresponse.htm -- HTH Roman Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
On Monday October 14 2002 04:23 pm, Franki wrote: other then that, don't worry about it, head over to grc.com and run shields up to see if you have anything open.. (its not a great scanner, but better then nothing.) Frank Shields up is a fairly easy test to pass. The security products he touts are for Windoze, and are also fairly weak. MOF, grc.com has been itself hacked several times. http://scan.sygatetech.com/ There's a coupl'a quick scans and several more comprehensive ones that take quite some time to run. -- Tom Brinkman Corpus Christi, Texas Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: Re[2]: [newbie] Security alert
Roman Korcek, Tuesday 15 October 2002 11:47: Hi, if you still think that Black Ice Defender is a good firewall have a look at this website http://www.grc.com and see what results it had when tested. having BID installed on your windowz machine can be even worse that having no firewall at all (i.e. false sense of security). when you need a firewall, ZoneAlarm is the choice. i did indeed go to the site below and my Black Ice Defender proved completely stealthy. thank you.. It is not a problem with inbound traffic (which you probably tested), it's a problem with outbound traffic. http://grc.com/lt/leaktest.htm and http://grc.com/lt/bidresponse.htm Although ZoneAlarm is a good software firewall, grc.com is not the place to go for unbiased information about it. BTW, Steve Gibson was frothing at the mouth before Win XP was released, saying because it could spoof packets the whole web would crash and burn... It didn't. He likes CAPITALS and MELODRAMA. RichardA Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
RE: Re[2]: [newbie] Security alert
yeah, i remember reading about that as well.. I like steve gibson, he is a very smart man (I think anyone that can program assembly is smart), so what, he is a tad melodramatic... if it gets the point across, good on him.. As to the firewalls, as I remember it, he had good stuff to say about all of them except Black Ice and that was just on trojans and stuff.. As for XP, it has continued the fine M$ tradation of big exploits.. but it has no where near the marketshare that 98 has, so maybe we have to wait a while.. :-) If someone writes a nimda or klez or whatever that spoofs its IP, then perhaps the chaos you long for will ensue... :-) rgds Frank -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of RichardA Sent: Wednesday, 16 October 2002 4:32 AM To: [EMAIL PROTECTED] Subject: Re: Re[2]: [newbie] Security alert Roman Korcek, Tuesday 15 October 2002 11:47: Hi, if you still think that Black Ice Defender is a good firewall have a look at this website http://www.grc.com and see what results it had when tested. having BID installed on your windowz machine can be even worse that having no firewall at all (i.e. false sense of security). when you need a firewall, ZoneAlarm is the choice. i did indeed go to the site below and my Black Ice Defender proved completely stealthy. thank you.. It is not a problem with inbound traffic (which you probably tested), it's a problem with outbound traffic. http://grc.com/lt/leaktest.htm and http://grc.com/lt/bidresponse.htm Although ZoneAlarm is a good software firewall, grc.com is not the place to go for unbiased information about it. BTW, Steve Gibson was frothing at the mouth before Win XP was released, saying because it could spoof packets the whole web would crash and burn... It didn't. He likes CAPITALS and MELODRAMA. RichardA Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
On Mon, 2002-10-14 at 21:50, FemmeFatale wrote: For windows both norton blackice bite the bikey. Plain simple. If you want proof I Can direct you off or on list to a website. Zonealarm is the only software firewall for Winblows i personally trust. *Dons her tinfoil hat* :) --- Femme VERY GOOD, Femme. Not bad..not bad at all!! (hands Femme silver star) Keep up the good work. ;) LX -- °°° Kernel 2.4.18-6mdk Mandrake Linux 8.2 Enlightenment 0.16.5-11mdkEvolution 1.0.2-5mdk Registered Linux User #268899 http://counter.li.org/ °°° Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Security alert
Hello, I was just surfing the internet when I got a security alert, stating that I am broadcasting an IP address and that my PC could be getting unwanted visitors. I was directed to the following link: http://images.bonzi.com/fastclick/ia9b2.asp Is this a clever way to sell some product or is this for real. And if it is, should I worry being on Linux. I use Mozilla 0.9.8 on Madrake 8.1. For those who are going to recommend me to upgrade, don't worry. I'm going to get back to you soon for a full upgrade, questions about re-partitioning etc... Regards, Marco Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
Marco, I'm not positive what you saw, but it sounds like you got a pop-up message from some web site trying to sell you something. An advertisement or something. 1) I would not worry about it. 2) I would turn off pop-up windows. In mozilla go to Edit - Preferences, then under Advanced - Scipts Plugins uncheck the Open unrequested windows option. This will stop most of the unwanted pop-up windows. Jim F On Mon, 2002-10-14 at 15:46, Marco Verheul wrote: Hello, I was just surfing the internet when I got a security alert, stating that I am broadcasting an IP address and that my PC could be getting unwanted visitors. I was directed to the following link: http://images.bonzi.com/fastclick/ia9b2.asp Is this a clever way to sell some product or is this for real. And if it is, should I worry being on Linux. I use Mozilla 0.9.8 on Madrake 8.1. For those who are going to recommend me to upgrade, don't worry. I'm going to get back to you soon for a full upgrade, questions about re-partitioning etc... Regards, Marco Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
Hello Marco, Your message came from the www.bonzi.com site. They sell a program called Internet Alert which is a great firewall program, however i don't know if it would work with Linux. I have the Bonzi program myself, but i use it on XP. if you want a free firewall program, you can go to www.zonealarm.com they have both a free one and a paid version. another good firewall program that i use is the black ice program and of course norton sells a good one as well. i wouldn't worry about broadcasting your I P address, but if you do a lot of surfing, you should consider a firewall. i think Linux has a built in firwall, doesn't it. Eric S. Dye, [EMAIL PROTECTED] At 10:46 PM 10/14/2002 +0200, you wrote: Hello, I was just surfing the internet when I got a security alert, stating that I am broadcasting an IP address and that my PC could be getting unwanted visitors. I was directed to the following link: http://images.bonzi.com/fastclick/ia9b2.asp Is this a clever way to sell some product or is this for real. And if it is, should I worry being on Linux. I use Mozilla 0.9.8 on Madrake 8.1. For those who are going to recommend me to upgrade, don't worry. I'm going to get back to you soon for a full upgrade, questions about re-partitioning etc... Regards, Marco Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
On 14 Oct 2002 22:46:04 +0200 Marco Verheul [EMAIL PROTECTED] wrote: Is this a clever way to sell some product or is this for real. If you buy this let me know, I've got a pile of stuff that I've been trying to get rid of. It just like the bogus security sites that say they can see the contents of your drive and wanting to sell you unneeded prevention software. Charles --- The poetry of heroism appeals irresitably to those who don't go to a war, and even more so to those whom the war is making enormously wealthy. -- Celine -- Charles A Edwards [EMAIL PROTECTED] -- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
the site is not bogus. they do have a good firewall called Internet Alert which does in fact work. however, i doubt that it would work with Linux. not sure though. there are places where you can test your security online. if anyone wants to know the address, let me know. Eric S. Dye At 05:01 PM 10/14/2002 -0400, you wrote: On 14 Oct 2002 22:46:04 +0200 Marco Verheul [EMAIL PROTECTED] wrote: Is this a clever way to sell some product or is this for real. If you buy this let me know, I've got a pile of stuff that I've been trying to get rid of. It just like the bogus security sites that say they can see the contents of your drive and wanting to sell you unneeded prevention software. Charles --- The poetry of heroism appeals irresitably to those who don't go to a war, and even more so to those whom the war is making enormously wealthy. -- Celine -- Charles A Edwards [EMAIL PROTECTED] -- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
RE: [newbie] Security alert
last time I checked, bonzi and fastclick stuff are winders only software.. its likely that you caught some javascript in html pages to popup a message... nothing to worry about if you are running linux.. setup a firewall.. (In linux all firewall apps are just interfaces for the built in iptables/ipchains. and generally they are all free.) other then that, don't worry about it, head over to grc.com and run shields up to see if you have anything open.. (its not a great scanner, but better then nothing.) rgds Frank -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Marco Verheul Sent: Tuesday, 15 October 2002 4:46 AM To: [EMAIL PROTECTED] Subject: [newbie] Security alert Hello, I was just surfing the internet when I got a security alert, stating that I am broadcasting an IP address and that my PC could be getting unwanted visitors. I was directed to the following link: http://images.bonzi.com/fastclick/ia9b2.asp Is this a clever way to sell some product or is this for real. And if it is, should I worry being on Linux. I use Mozilla 0.9.8 on Madrake 8.1. For those who are going to recommend me to upgrade, don't worry. I'm going to get back to you soon for a full upgrade, questions about re-partitioning etc... Regards, Marco Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert [thanks everybody]
Thanks all, I got the picture. I'll stick with Jim's suggestion to uncheck that option in Mozilla for unwanted popups and let the matter rest. Regards, Marco Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 14 October 2002 1:46 pm, Marco Verheul did speak unto the huddled masses, saying: I was just surfing the internet when I got a security alert, stating that I am broadcasting an IP address and that my PC could be getting unwanted visitors. I was directed to the following link: it is a pop-up ad for a useless product, i connect through a pretty damn good firewall and do _not_ broadcast anything, but i get it all the time. - -- The sum of the intelligence of the world is constant. The population is, of course, growing. shane Profile at: http://dmoz.org/profiles/shen.html Proud to be a DMOZ editor since 10-98 Mandrake Users Club Member http://www.linux-mandrake.com/en/club/ Registered linux user #101606 http://counter.li.org/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9qo6rBwq+ZwvIN/oRAic3AJsFxyxx8iAdQ7HqQGZ7INDo6stXEwCfa9tm uvfS4og88630q0lTuHkeqRQ= =pVI9 -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
On Monday 14 October 2002 01:46 pm, you wrote: Hello, I was just surfing the internet when I got a security alert, stating that I am broadcasting an IP address and that my PC could be getting unwanted visitors. I was directed to the following link: http://images.bonzi.com/fastclick/ia9b2.asp Is this a clever way to sell some product or is this for real. And if it is, should I worry being on Linux. I use Mozilla 0.9.8 on Madrake 8.1. For those who are going to recommend me to upgrade, don't worry. I'm going to get back to you soon for a full upgrade, questions about re-partitioning etc... Regards, Marco I would be more concerned about what ports you have open. If ran the set up for your personal firewall, you have some basic protection already. You can go to http://www.grc.com and do a basic check of what ports you may have open. Its not as complete a check as some other sites (i.e. http://www.hackerwhacker.com), but it is quick and gives you the some idea as to how you stand on internet security. You can followup by going into MCC and turning off any start up services you don't need. Barry Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
On Mon, 14 Oct 2002 14:23:44 -0700 Eric S. Dye [EMAIL PROTECTED] wrote: the site is not bogus. they do have a good firewall called Internet Alert I do not care what the product is or how good it is. Anyone who markets their product in this manner, which is at the very least is deceptive and close to being unethical but I am afraid still legal, Is BOGUS. If you wish to use or purchase their product that is purely your choice. I never will nor from anyone else who markets in this manner. Charles --- QOTD: Wouldn't it be wonderful if real life supported control-Z? -- Charles A Edwards [EMAIL PROTECTED] -- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert [thanks everybody]
Marco Verheul [EMAIL PROTECTED] writes: Thanks all, I got the picture. I'll stick with Jim's suggestion to uncheck that option in Mozilla for unwanted popups and let the matter rest. If you are curious, try running nmapfe. nmap is a scanning tool - it will tell you what ports on your machine are open. nmapfe is a graphical frontend to nmap. You do not have to be root to run them, but some options are only available to root. If you have lots of suspicious ports open, you might want to look into locking down your box a bit. If nothing suspicious shows up, you can continue to connect with a bit less worry. -- Chris Spackman Tue Oct 15 07:38:15 JST 2002 random quote Being ugly isn't illegal. Yet. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
ever seen the bonzi buddie as parrot like the paperclip in m$oriface, that was free, but better spyware than doubleclick could buy. same folks, I would wonder about the firewall and weither it was spyware too. On Monday 14 October 2002 05:30 am, shane wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 14 October 2002 1:46 pm, Marco Verheul did speak unto the huddled masses, saying: I was just surfing the internet when I got a security alert, stating that I am broadcasting an IP address and that my PC could be getting unwanted visitors. I was directed to the following link: it is a pop-up ad for a useless product, i connect through a pretty damn good firewall and do _not_ broadcast anything, but i get it all the time. - -- The sum of the intelligence of the world is constant. The population is, of course, growing. shane Profile at: http://dmoz.org/profiles/shen.html Proud to be a DMOZ editor since 10-98 Mandrake Users Club Member http://www.linux-mandrake.com/en/club/ Registered linux user #101606 http://counter.li.org/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9qo6rBwq+ZwvIN/oRAic3AJsFxyxx8iAdQ7HqQGZ7INDo6stXEwCfa9tm uvfS4og88630q0lTuHkeqRQ= =pVI9 -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
At 02:08 PM 10/14/2002 -0700, you wrote: Hello Marco, Your message came from the www.bonzi.com site. They sell a program called Internet Alert which is a great firewall program, however i don't know if it would work with Linux. I have the Bonzi program myself, but i use it on XP. if you want a free firewall program, you can go to www.zonealarm.com they have both a free one and a paid version. another good firewall program that i use is the black ice program and of course norton sells a good one as well. i wouldn't worry about broadcasting your I P address, but if you do a lot of surfing, you should consider a firewall. i think Linux has a built in firwall, doesn't it. Eric S. Dye, [EMAIL PROTECTED] For windows both norton blackice bite the bikey. Plain simple. If you want proof I Can direct you off or on list to a website. Zonealarm is the only software firewall for Winblows i personally trust. *Dons her tinfoil hat* :) --- Femme Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security alert
For windows both norton blackice bite the bikey. Plain simple. If you want proof I Can direct you off or on list to a website. Ooops! please do, Femme! i'm interested! thanks IA. Damian -- Damian -- Share your knowledge. It is a way to achieve immortality.(The Dalai Lama) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Security? What security?
I found this somewhat amusing. OK; I laughed my a$$ off. Gummi bears? http://www.counterpane.com/crypto-gram-0205.html#5 Isn't identity theft from paper trails bad enough? Now we'll all have to wear surgical gloves to prevent ID theft through fingerprints? Just be careful where you dispose of the gloves. :-) -- Charlie, Edmonton, AB, Canada Mandrake 8.2 Registered Linux user 244963, http://counter.li.org Q: What does friendship among Soviet nationalities mean? A: It means that the Armenians take the Russians by the hand; the Russians take the Ukrainians by the hand; the Ukranians take the Uzbeks by the hand; and they all go and beat up the Jews. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Security level config
When you install a fresh copy of LM 8.2 and you set it to 'higher' security through the installation you can get different sequrity options for the users and for the system. When i tried this a few weeks back i could not login directly as root (sure that was because of the configuration) so i reinstalled with the 'high' security option. The higher had some aspects that i liked about it. When i changed it after the install with the 'high' security i changed the security level to 'higher' and with normal users could not list or read files from directories other than the users home. Thats the second thing that i didn't like (first was not being able to login as root) how can i customize the security level to disable feature that i don't like? Thanks Brian Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security level config
I noticed the same thing. I currently have mine set at high. With higher or paranoid I first have to login in as a regular user and su to root. However I can still login into webmin, ssh etc... into my box as root. -Jay Quoting Brian York [EMAIL PROTECTED]: When you install a fresh copy of LM 8.2 and you set it to 'higher' security through the installation you can get different sequrity options for the users and for the system. When i tried this a few weeks back i could not login directly as root (sure that was because of the configuration) so i reinstalled with the 'high' security option. The higher had some aspects that i liked about it. When i changed it after the install with the 'high' security i changed the security level to 'higher' and with normal users could not list or read files from directories other than the users home. Thats the second thing that i didn't like (first was not being able to login as root) how can i customize the security level to disable feature that i don't like? Thanks Brian Microsoft is not the answer. Microsoft is the question. 'No' is the answer! - This mail sent through IMP: http://horde.org/imp/ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Security hole?
The Register says MDK 8 8.1 will let anyone who can guess the root password log in to any online box: http://www.theregister.co.uk/content/55/24447.html The relevant text in the linked to page is : LINUX 1. Login as root. 2. Open /etc/X11/kdm/Xaccess in editor. 3. Comment out the following two lines, by adding # (without quotes) to the beginning of each line: * #any host can get a login window * CHOOSER BROADCAST #any indirect host can get a chooser 4. Save your changes, and then close the file. Except that mine is in xdm, not kdm. Also, if the relevant port is blocked, presumably nothing can happen. I hope I've got the wrong end of the stick on this one, but just in case, here it is. Whilst I'm here, has anyone any ideas about my pcmcia notwork card problem (posted yesterday)? :-) Richard Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security hole?
On Sunday 17 March 2002 14:55, RichardA opened a hailing frequency and transmitted: The Register says MDK 8 8.1 will let anyone who can guess the root password log in to any online box: http://www.theregister.co.uk/content/55/24447.html The relevant text in the linked to page is : yet more proof that no matter how good your system is (and linux IS a lot better than windows, so speaks shen ex-cathedra from his navel) you still need to stay up to date, have real passwords, and block/shutdown everything you aren't using. thanks for the tip. -- Psychic Convention. If you belong there, you will KNOW when and where. shane http://shentzu.home.mindspring.com/ Proud to be a DMOZ editor since 10-98 Profile at: http://dmoz.org/profiles/shen.html Mandrake Users Club Member http://www.linux-mandrake.com/en/club/ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security hole?
Richard, Key words in the article, IMO are: To exploit the vulnerability an attacker would still need to guess the correct X-Windows password, but given the lame passwords many users pick this is hardly a high enough barrier. Poor password choice - especially for key UIDs such as root - are the true Archilles Heel of *all* systems, regardless of other security measures taken. Ron. --- RichardA [EMAIL PROTECTED] wrote: The Register says MDK 8 8.1 will let anyone who can guess the root password log in to any online box: http://www.theregister.co.uk/content/55/24447.html The relevant text in the linked to page is : LINUX 1. Login as root. 2. Open /etc/X11/kdm/Xaccess in editor. 3. Comment out the following two lines, by adding # (without quotes) to the beginning of each line: * #any host can get a login window * CHOOSER BROADCAST #any indirect host can get a chooser 4. Save your changes, and then close the file. Except that mine is in xdm, not kdm. Also, if the relevant port is blocked, presumably nothing can happen. I hope I've got the wrong end of the stick on this one, but just in case, here it is. Whilst I'm here, has anyone any ideas about my pcmcia notwork card problem (posted yesterday)? :-) Richard Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com __ Do You Yahoo!? Yahoo! Sports - live college hoops coverage http://sports.yahoo.com/ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security hole?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dateline: Sun, 17 Mar 2002 17:04:53 -0800 (PST): laying low until the bleeding stops, Ron Bouwhuis [EMAIL PROTECTED] transmits: Poor password choice - especially for key UIDs such as root - are the true Archilles Heel of *all* systems, regardless of other security measures taken. Here's my surefire way to create an unguessable password: 1. Pick your second favorite book or movie. 2. Take the first letter of each word in the title (this only really works if you have a longish title). 3. Take the author's/director's initials (uppercase). 4. Take the year your edition was printed. So, for the second book of the Lord of the Rings trilogy, by John Ronald Reul Tolkein: The Two Towers (which isn't any one of my passwords), we get: ttJRRT84 -- 8 characters and definitely not succeptible to a dictionary-hash attack. It's also easy to remember, since you just sound it out as you type (Two Towers, John Ronald... etc.). You could also vary the sequence so that the author comes first, the year comes first, etc. In fact, I recommend this approach if you have to change passwords every six months or so--a practice I highly encourage. Set all passwords on your system to expire within 90 days. ~ C -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.6 and Gnu Privacy Guard http://www.gnupg.org/ iD8DBQE8lUEfs7Brp8Mn7wcRArVbAJ9E/tG73th5ArN6gHr2lnbB0d9A3gCeIFWx /3Oqwqovl9nwRdjOQUGuE28= =m+iV -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Security hole?
On Sun, 17 Mar 2002 20:21:41 -0500 Chris Keelan [EMAIL PROTECTED] studiouisly spake these words to ponder: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dateline: Sun, 17 Mar 2002 17:04:53 -0800 (PST): laying low until the bleeding stops, Ron Bouwhuis [EMAIL PROTECTED] transmits: Poor password choice - especially for key UIDs such as root - are the true Archilles Heel of *all* systems, regardless of other security measures taken. Here's my surefire way to create an unguessable password: 1. Pick your second favorite book or movie. 2. Take the first letter of each word in the title (this only really works if you have a longish title). 3. Take the author's/director's initials (uppercase). 4. Take the year your edition was printed. So, for the second book of the Lord of the Rings trilogy, by John Ronald Reul Tolkein: The Two Towers (which isn't any one of my passwords), we get: ttJRRT84 -- 8 characters and definitely not succeptible to a dictionary-hash attack. It's also easy to remember, since you just sound it out as you type (Two Towers, John Ronald... etc.). You could also vary the sequence so that the author comes first, the year comes first, etc. In fact, I recommend this approach if you have to change passwords every six months or so--a practice I highly encourage. Set all passwords on your system to expire within 90 days. Chris, this is probably one of the better password schemes I've heard of. Not bad at all. Well done... -- daRcmaTTeR - If at first you don't succeed do what your wife told you to do the first time! Registered Linux User 182496 - 7:05pm up 1 day, 13:28, 2 users, load average: 0.28, 1.14, 0.78 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] 8.1 newbie security level question
I am new to Mandrake and Linux. During the install I setup the tiny firewall and changed the Security level to Medium. Upon revisting the security section (thru the KDE interface) twice since, it tells me that the firewall is in place but each time following a reboot the security level seems to return to Welcome to Crackers. Can anyone explain this and tell me if I am doing anything wrong? Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] 8.1 newbie security level question
db wrote: I am new to Mandrake and Linux. During the install I setup the tiny firewall and changed the Security level to Medium. Upon revisting the security section (thru the KDE interface) twice since, it tells me that the firewall is in place but each time following a reboot the security level seems to return to Welcome to Crackers. Can anyone explain this and tell me if I am doing anything wrong? There's nothing wrong, db ! - Just a glitch in the dialog-box. In fact you ARE in medium level. You can check it : open a file-manager (i.e. Konqueror in KDE of Nautilus in Gnome) and try to read someting in a directory not belonging to you, for example : /root or another users files. Impossible ! - There's a command-line option to check the levels as well, but I don't remember it, sorry. Anyway : it's allright. Regards Kaj haulrich Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Security
I have bastille configured for medium security and just ran the 'who' command and found two users logged in. Being that I am the sole user, it seems that there are other things I sould be doing to harden the system. I'm used to Zone Alarm notifying me of any attempts to break in. Is there something similar in Linux to aid me in monitoring security? What else can I do to deny access to crackers? Thanks, Curt Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
