Oh, yeah, source is available at:
http://www.core-sdi.com/soft/msyslog-v0.90a.tar.gz
45k
You may like to check this too:
http://www.core-sdi.com/english/freesoft.htm
http://www.core-sdi.com/english/products.htm
Sorry :)
Alejo
Isn't it a security risk, that there
is a shellscript in bin that executes /usr/lib/tripwire.
If someone breaks into my system, he/she could
change the file in bin to something that always
reports that nothing was changed!
I think this should be changed.
What do you think?
--
Thomas Guettler
On Wed, 24 May 2000, Thomas Guettler wrote:
Isn't it a security risk, that there
is a shellscript in bin that executes /usr/lib/tripwire.
If someone breaks into my system, he/she could
change the file in bin to something that always
reports that nothing was changed!
If someone breaks into
Zak Kipling wrote:
On Wed, 24 May 2000, Thomas Guettler wrote:
Isn't it a security risk, that there
is a shellscript in bin that executes /usr/lib/tripwire.
If someone breaks into my system, he/she could
change the file in bin to something that always
reports that nothing was
Hi !
is a shellscript in bin that executes /usr/lib/tripwire.
If someone breaks into my system, he/she could
change the file in bin to something that always
reports that nothing was changed!
If someone breaks into your system, he/she could change /usr/lib/tripwire
itself... isn't this
Hi,
Um, you don't need a kernel patch for that. Just the immutable bit and the
`lcap' program/package to make that immutable bit permanent. (Of course
you will need to set immutability on inittab and anything called from
there, so that it can't be changed during boot, allowing the script kiddie
At least woody seems to be affected. Please double check this.
http://www.securityfocus.com/vdb/bottom.html?section=discussionvid=1235
XFree86 Xserver Denial of Service Vulnerability
A denial of service exists in XFree86 3.3.5, 3.3.6 and 4.0. A
On Wed, May 24, 2000 at 03:10:48PM +0200, Thomas Guettler wrote:
this is not unlikely, that's the way it should be according
to the READMEs.
Oops, forgot that I wrote it down there. :-)
With ztripwire the database and the binaries fit onto a 1.44MB floppy,
which
But only if your database is
On Wed, May 24, 2000 at 01:40:11PM +0100, Zak Kipling wrote:
If someone breaks into your system, he/she could change /usr/lib/tripwire
itself... isn't this just as much of a problem, except in the unlikely
event that /usr/lib is hardware write-protected while /bin is not.
Well, that was the
Michael Meskes wrote:
On Wed, May 24, 2000 at 03:10:48PM +0200, Thomas Guettler wrote:
this is not unlikely, that's the way it should be according
to the READMEs.
Oops, forgot that I wrote it down there. :-)
ah, you are the maintainer of it. Cool. BTW there is a typo
in ztripwire, which
In message [EMAIL PROTECTED], Thomas Guettler writes:
Michael Meskes wrote:
With ztripwire the database and the binaries fit onto a 1.44MB floppy,
which
But only if your database is rather small. I ran out of space sometimes.
yes, i exclude /home and /dev and directories containing docu.
Hi
I think, slink is affected to, at least mine contains that string...
And of course, both XF86_SVGA and XF86_S3...
Bye
Tom
On Wed, 24 May 2000, Maarten Vink wrote:
At least woody seems to be affected. Please double check this.
On my system running woody, i get the following:
[EMAIL
12 matches
Mail list logo