RE: [SLUG] CAN-2004-1137
Ok no problem. Apologies to all. -Original Message- From: Ken Foskey [mailto:[EMAIL PROTECTED] Sent: Thursday, 30 December 2004 1:27 PM To: hilton de meillon Subject: Re: [SLUG] CAN-2004-1137 On Thu, 2004-12-30 at 12:07 +1000, hilton de meillon wrote: > Hi All, > > Can anyone tell me why not many distros have an update for the > CAN-2004-1137 (among other kernel vulnerabilities) yet ?. Please do not use Reply to create a new thread. It really stuffs up threading and people may ignore your message due as they are not interested in the specific thread. Regarding your question, I would help but I have no idea. -- Ken Foskey OpenOffice.org developer -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
RE: [SLUG] Re: sshd config: tighten access ?
Hey all, I just read a nice article at fedora news re: tightening sshd security. http://www.fedoranews.org/contributors/richard_flude/ssh/ You can increase sshd security by using the AllowUsers directive. This will only allow said users the possibility to login via ssh. Cheers, Hilton. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matthew Palmer Sent: Thursday, 30 December 2004 12:20 PM To: slug@slug.org.au Subject: [SLUG] Re: sshd config: tighten access ? On Thu, Dec 30, 2004 at 01:01:04PM +1100, Voytek wrote: > Dec 30 10:48:24 koala sshd[30111]: Failed password for illegal user > guest from 6 4.174.136.250 port 2433 ssh2 > > what should I do to increase security ? Disconnect your machine from the Internet. > 99% of the time, I'm the sole user accessing via ssh, ocassionally, I > temporarily allow someone else. > 80% of the time, I ssh from a fixed IP, rest of the time, I ssh from > several Aussie ISP dislups/adsl > > is it worthwile to scan logs and block these ips temporarily ? By the time you find 'em and block 'em, they're gone. > is it easy to add such IPs to my ipchains ? Sure, if you really, really want to. ipchains -A input -s -j DROP or whatever ipchains wants. I've heard tell that changing the port that your local SSH listens on to something non-obvious ( is right out for that reason) can drop your received scan rate significantly. I couldn't be arsed, and since my machines typically run passwordless these days (as in AllowPasswordAuthentication no) they can guess my private key all day, every day, and I'm not going to be overly worried. - Matt -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] CAN-2004-1137
Hi All, Can anyone tell me why not many distros have an update for the CAN-2004-1137 (among other kernel vulnerabilities) yet ?. Ubuntu, Redhat, SuSe have updated kernels but pretty much all the rest do not have an updated kernel for this issue. Secondly would 'iptables -A INPUT -p IGMP -j REJECT' protect my machine from remote attacks ?. I tried this rule and then ran the proof of concept exploit from http://www.securityfocus.com/bid/11917/solution/ and it still crashed my (slackware) machine. I am assuming that it connects over a unix socket or exploits one of the non-networked vulnerabilities as according to secfocus there are three actual vulnerabilities contained in this vulnerability. Lastly I would have to say that this is a bit of a shocker for the linux community, this vulnerability could be used with devastating effect, I am a bit disappointed with linux in this regard. Any comments appreciated. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] ifolder & tarpit
Hey All, Has anyone ever got ifolder working on linux ?. I am seeking a program that can sync data between multiple hosts in a secure manner with a master / slave relationship (other than rsync and ssh). Has anyone ever got the TARPIT destination working or has anyone had a chance to play with it ?. I want to get it wokring on my slack box but I do not want to recompile my kernel as then future kernel updates require more work, etc and am trying to gauge if it is worth it ? Any ideas ? Hilton. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
RE: [SLUG] SSL certificates portable ?
Hi all, I just spoke to a support at instantssl.com and they reckon you can create a csr on a win/iis box and Install the resultant certificate on an linux/apache box. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jamie Wilkinson Sent: Wednesday, 15 September 2004 1:49 PM To: [EMAIL PROTECTED] Subject: Re: [SLUG] SSL certificates portable ? This one time, at band camp, Hilton De Meillon wrote: >Are SSL certificates portable ?. I want to generate a CSR on a IIS >machine and use it to produce a certificate that will be used on an >Linux/Apache 1.3.12-12 box (obviously with the correct fqdn ,etc) The SSL cert vendor takes the CSR in text format, and the certificate / key pair are also text files, so it will work. -- [EMAIL PROTECTED] http://spacepants.org/jaq.gpg -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] SSL certificates portable ?
Hi All, Are SSL certificates portable ?. I want to generate a CSR on a IIS machine and use it to produce a certificate that will be used on an Linux/Apache 1.3.12-12 box (obviously with the correct fqdn ,etc) Is that possible ? Regards, Hilton. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] replicating quota info
Hi All, thanks to all for your replies to my previous post. My next hurdle is a big one- how can I replicate quota information from one host/volume to another host/volume ?? Hilton. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] umask and useradd
Hi All, I want to sync a filesystem over rsync/ssh. the filesystem is /home. I do not want to use the root user to sync this filesystem. How can I set the system up so that I can sync using a normal user that has access to all home directories without having to constantly chown and chmod the /homedirectories to grant access to this normal user ?. I was thinking umask but does useradd use umask ? Any suggestions would be appreciated. Hilton. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] firewall logfile analysis
Hey All, I am using Gentoo. I use Metalog as a logger. I use Fwbuilder to design my rulesets. What can I use to analyse my log files - I have tried fwanalog but it does not look like it likes the way Metalog logs. any recommendations ? Hilton. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
