I created a new account for testing purposes and put the following limits on
its password age:
Minimum:0
Maximum:180
Warning:0
Inactive: 0
Last Change:Mar 23, 2001
Password Expires: Sep 19, 2001
Password Inactive: Never
Account Expires:
Doesn't this leave you open to DOS attacks? I'm thinking that source IP
addresses are relatively easy to forge, and hence an attacher can forge
a nimda attach and cause you to block off legitimate IP addresses -
ie. your DNS server our default gateway...
On Fri, Sep 21, 2001 at 10:37:58PM +0200,
On Sat, Sep 22, 2001 at 10:30:53AM +0200, Luca Gibelli wrote:
>
>
> I created a new account for testing purposes and put the following limits on
> its password age:
known bug in potato's ssh, password expiration simply doesn't work
with it, as soon as it expires ssh denies access flat out. you
On 2001-09-21 13:35 Vineet Kumar wrote:
> * Micah Anderson ([EMAIL PROTECTED]) [010921 10:23]:
>
> > I was thinking it would be nice to see what sort of new setuid
> > programs show up on my box each day... then I noticed that these
> > are already being logged in /var/log/setuid.today and
> > /v
(I thought I had sent this previously, but it hasn't shown up.)
On 21-Sep-01, 12:22 (CDT), Micah Anderson <[EMAIL PROTECTED]> wrote:
> But, what is the point of logging these each day into
> /var/log/setuid.changes if nobody sees them? Why doesn't this list get
> emailed to root? Am I missing som
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday 22 Sep 2001 1:43 pm, Oyvind A. Holm wrote:
[snip]
> some kind of perl script which skips all the non-important info and
> leave all other in place. A script root can run which pulls out info
> from /var/log/* and other logs around the syst
On 2001-09-22 03:33 Ethan Benson wrote:
> On Sat, Sep 22, 2001 at 10:30:53AM +0200, Luca Gibelli wrote:
> > I created a new account for testing purposes and put the following
> > limits on its password age:
>
> known bug in potato's ssh, password expiration simply doesn't work
> with it, as soon
On Sat, Sep 22, 2001 at 03:29:47PM +0200, Oyvind A. Holm wrote:
>
> In fact I think the OpenSSH distributed with potato should be upgraded.
> I could not use the version shipped with potato as it did not
> understand protocol 2 which is a must. When trying to install
> OpenSSH-2.2p2 (I think) fro
>It resulted in me getting the whole OpenSSH, OpenSSL and zlib,
>compiling and putting it under a new directory
>/usr/local/noapt/ to avoid collisions with apt-get.
>
>Is there a clean way of upgrading the SSH package and avoid the
>conflicts?
Add a deb-src line to /etc/apt/sources.list, pointing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> "Oyvind" == Oyvind A Holm <[EMAIL PROTECTED]> writes:
Oyvind> In fact I think the OpenSSH distributed with potato should be
Oyvind> upgraded. I could not use the version shipped with potato as it
Oyvind> did not understand protocol 2 which is
On Sat, Sep 22, 2001 at 05:55:01PM +0300, Ilkka Tuohela wrote:
> >It resulted in me getting the whole OpenSSH, OpenSSL and zlib,
> >compiling and putting it under a new directory
> >/usr/local/noapt/ to avoid collisions with apt-get.
> >
> >Is there a clean way of upgrading the SSH package and avo
On Sat, Sep 22, 2001 at 11:14:43AM -0400, Hubert Chan wrote:
> As root:
> # apt-get build-dep openssh
that doesn't work on pototo's apt. you have to do it the old way:
cd openssh-*
grep ^Build debian/control
look at list and apt-get install each package.
--
Ethan Benson
http://www.alaska.ne
Karl E. Jorgensen <[EMAIL PROTECTED]> wrote:
> Doesn't this leave you open to DOS attacks? I'm thinking that source IP
> addresses are relatively easy to forge, and hence an attacher can forge
> a nimda attach and cause you to block off legitimate IP addresses -
> ie. your DNS server our default g
Il giorno Sat, Sep 22 in un momento di profonda ispirazione
Einar Karttunen scrisse riguardo a " Re: password expire and sshd doesn't allow ppl
to change it ":
> How do the pam configuration files for sshd and telnetd
> (in /etc/pam.d/) look like? Are they identical, or has
> one stuff the
I created a new account for testing purposes and put the following limits on
its password age:
Minimum:0
Maximum:180
Warning:0
Inactive: 0
Last Change:Mar 23, 2001
Password Expires: Sep 19, 2001
Password Inactive: Never
Account Expires:
Il giorno Sat, Sep 22 in un momento di profonda ispirazione
Einar Karttunen scrisse riguardo a " Re: password expire and sshd doesn't
allow ppl to change it ":
> How do the pam configuration files for sshd and telnetd
> (in /etc/pam.d/) look like? Are they identical, or has
> one stuff the
Doesn't this leave you open to DOS attacks? I'm thinking that source IP
addresses are relatively easy to forge, and hence an attacher can forge
a nimda attach and cause you to block off legitimate IP addresses -
ie. your DNS server our default gateway...
On Fri, Sep 21, 2001 at 10:37:58PM +0200, J
On Sat, Sep 22, 2001 at 10:30:53AM +0200, Luca Gibelli wrote:
>
>
> I created a new account for testing purposes and put the following limits on
> its password age:
known bug in potato's ssh, password expiration simply doesn't work
with it, as soon as it expires ssh denies access flat out. your
On 2001-09-21 13:35 Vineet Kumar wrote:
> * Micah Anderson ([EMAIL PROTECTED]) [010921 10:23]:
>
> > I was thinking it would be nice to see what sort of new setuid
> > programs show up on my box each day... then I noticed that these
> > are already being logged in /var/log/setuid.today and
> > /va
(I thought I had sent this previously, but it hasn't shown up.)
On 21-Sep-01, 12:22 (CDT), Micah Anderson <[EMAIL PROTECTED]> wrote:
> But, what is the point of logging these each day into
> /var/log/setuid.changes if nobody sees them? Why doesn't this list get
> emailed to root? Am I missing some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday 22 Sep 2001 1:43 pm, Oyvind A. Holm wrote:
[snip]
> some kind of perl script which skips all the non-important info and
> leave all other in place. A script root can run which pulls out info
> from /var/log/* and other logs around the syste
On 2001-09-22 03:33 Ethan Benson wrote:
> On Sat, Sep 22, 2001 at 10:30:53AM +0200, Luca Gibelli wrote:
> > I created a new account for testing purposes and put the following
> > limits on its password age:
>
> known bug in potato's ssh, password expiration simply doesn't work
> with it, as soon a
On Sat, Sep 22, 2001 at 03:29:47PM +0200, Oyvind A. Holm wrote:
>
> In fact I think the OpenSSH distributed with potato should be upgraded.
> I could not use the version shipped with potato as it did not
> understand protocol 2 which is a must. When trying to install
> OpenSSH-2.2p2 (I think) from
>It resulted in me getting the whole OpenSSH, OpenSSL and zlib,
>compiling and putting it under a new directory
>/usr/local/noapt/ to avoid collisions with apt-get.
>
>Is there a clean way of upgrading the SSH package and avoid the
>conflicts?
Add a deb-src line to /etc/apt/sources.list, pointing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> "Oyvind" == Oyvind A Holm <[EMAIL PROTECTED]> writes:
Oyvind> In fact I think the OpenSSH distributed with potato should be
Oyvind> upgraded. I could not use the version shipped with potato as it
Oyvind> did not understand protocol 2 which is a
On Sat, Sep 22, 2001 at 05:55:01PM +0300, Ilkka Tuohela wrote:
> >It resulted in me getting the whole OpenSSH, OpenSSL and zlib,
> >compiling and putting it under a new directory
> >/usr/local/noapt/ to avoid collisions with apt-get.
> >
> >Is there a clean way of upgrading the SSH package and avoi
On Sat, Sep 22, 2001 at 11:14:43AM -0400, Hubert Chan wrote:
> As root:
> # apt-get build-dep openssh
that doesn't work on pototo's apt. you have to do it the old way:
cd openssh-*
grep ^Build debian/control
look at list and apt-get install each package.
--
Ethan Benson
http://www.alaska.net
Karl E. Jorgensen <[EMAIL PROTECTED]> wrote:
> Doesn't this leave you open to DOS attacks? I'm thinking that source IP
> addresses are relatively easy to forge, and hence an attacher can forge
> a nimda attach and cause you to block off legitimate IP addresses -
> ie. your DNS server our default ga
28 matches
Mail list logo