Am Donnerstag 02 September 2004 15:18 schrieb Mark Janssen:
> On Thu, 2004-09-02 at 13:43, Gavin Hamill wrote:
> > Hello - just a quickie :)
> >
> > If I construct a RAID1 with two 200GB disks, will I be able to add a
> > third disk and convert the whole set to a 400GB RAID5 later on by
> > logica
Hi,
i had the same problems on the debian 2.4.26-1um2 uml kernel with a host
machine WITHOUT grsec kernel... The 2.4.26-1um1 worked without any problem.
I think there was a bug report on the debian BTS but if I remeber correctly
the Maintainer can't reproduce this.
I think the debian uml packa
Am Montag 19 April 2004 12:59 schrieb Volker Tanger:
> Works like a charm, but:
> - create custom kernel (TAP/TUN)
> - compile OpenVPN from source (no problems)
Why creating a custom kernel? The tun/tap device is included in the debian
standard kernel images, so there is no need for c
Am Montag 19 April 2004 12:59 schrieb Volker Tanger:
> Works like a charm, but:
> - create custom kernel (TAP/TUN)
> - compile OpenVPN from source (no problems)
Why creating a custom kernel? The tun/tap device is included in the debian
standard kernel images, so there is no need for c
Are there more than only one network interfaces that are connected to the same
switch/hub/router-with-multiple-ports? If so then it's an old known problem.
If you have this kind of setup then try set the "arp-filter" on.
for example: echo "1" > /proc/sys/net/ipv4/conf/all/arp_filter
if this does
Are there more than only one network interfaces that are connected to the same
switch/hub/router-with-multiple-ports? If so then it's an old known problem.
If you have this kind of setup then try set the "arp-filter" on.
for example: echo "1" > /proc/sys/net/ipv4/conf/all/arp_filter
if this does
Hi,
you shouldn't try to block everything that comes from a host which has no open
smtp port, this is in generel a bad idea...
reason: there are a lot (and I mean a lot) of servers out there, which only
sends mail out to the world, but should never recieve any mail directly, so
that it is okay
Am Freitag 09 April 2004 16:03 schrieb Michelle Konzack:
> Hello,
Hi :)
> [...]
> Now my Question:
>
> Creating a Local GBit-Network in Marocco is generaly no Problem, it
> is not a big difference between it and my local network, exept I need
> a little bit more cable.
in theory this is correct,
Am Freitag 09 April 2004 16:03 schrieb Michelle Konzack:
> Hello,
Hi :)
> [...]
> Now my Question:
>
> Creating a Local GBit-Network in Marocco is generaly no Problem, it
> is not a big difference between it and my local network, exept I need
> a little bit more cable.
in theory this is correct,
sorry, I forgot to put in the link after "because you are german:" :))
so here it is:
http://www.heise.de/security/result.xhtml?url=/security/artikel/43066&words=Cookie
its about syn floods and the syncookies thing :)
--Ralph
Am Dienstag 06 April 2004 17:37 schrieben Sie:
> Hi Ralph,
>
> thanks for the hint.
> [...]
> I did it like this, but after the first line
> iptables said: "cannot use parameter -o with
> INPUT" (or something like this - I can't remember
> exactly).
>
> So I left out "-o lo" at the INPUT rule, and
sorry, I forgot to put in the link after "because you are german:" :))
so here it is:
http://www.heise.de/security/result.xhtml?url=/security/artikel/43066&words=Cookie
its about syn floods and the syncookies thing :)
--Ralph
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "u
Am Dienstag 06 April 2004 17:37 schrieben Sie:
> Hi Ralph,
>
> thanks for the hint.
> [...]
> I did it like this, but after the first line
> iptables said: "cannot use parameter -o with
> INPUT" (or something like this - I can't remember
> exactly).
>
> So I left out "-o lo" at the INPUT rule, and
you should also filter out 127.0.0.0/8 on any network interface but "lo".
so that spoofing with localhost-adresses is not possible anymore.
( for example:
iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -o lo -p ALL -j ACCPET
iptables -A OUTPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -o lo -p A
you should also filter out 127.0.0.0/8 on any network interface but "lo".
so that spoofing with localhost-adresses is not possible anymore.
( for example:
iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -o lo -p ALL -j ACCPET
iptables -A OUTPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -o lo -p A
Am Montag, 29. März 2004 17:38 schrieb Ronny Adsetts:
> Sonny was heard to utter, at roughly 29/03/04 16:27:
> > I was thinking about setting up a mirror of Debian for a local computer
> > group in the area, but a simple wget will result in way too much being
> > pulled down for what they need.
> >
you are missing the following config options (main.cf):
mynetworks = 127.0.0.1
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination
mydestination = localhost,
That's all you need.
But it sounds like you don't need your postfix listen on your ethernet (or
maybe ppp/pppoe/
17 matches
Mail list logo
