Hello,
I'm planing to install a secure finger daemon
on one of the public boxes I admin.
Well, out there are really many different finger
daemons and in the Debian stable tree I can find:
* efingerd - Another finger daemon for unix
capable of fine-tuning your
Previously eim wrote:
Which Finger daemon is *really* secure ?
I haven't looked at all of them, but cfingerd most certainly is not.
Wichet.
--
_
[EMAIL PROTECTED] This space intentionally left occupied \
| [EMAIL
I'm not sure which are secure. However, if you plan to use any of them, I
suggest using tcp-wrappers (tcpd) via inetd (or xinetd). Then edit your
hosts.allow file and explicitly allow only certain machines to access your
box.
Also, consider running whichever finger daemon as a separate user
eim [EMAIL PROTECTED] writes:
Sorry, I can't tell you which fingerd is the most secure one. But...
Shouldn't I install this service at all ?
... do you really need it? Every additional service is a potential
security risk; only run these services, which you really need.
Package: libgtop-daemon
Version: 1.0.12-2
Severity: grave
Justification: user security hole
Tags: security
Hello,
I found this problem about my (since 1 week:)) package libgtop
http://www.securityfocus.com/bid/3586 :
GNOME libgtop_daemon Remote Format String Vulnerability
The GNOME
Wichert Akkerman [EMAIL PROTECTED] writes:
Previously eim wrote:
Which Finger daemon is *really* secure ?
I haven't looked at all of them, but cfingerd most certainly is not.
I notice the security-related bug reports against cfingerd
are all marked 'normal' -- shouldn't they be 'critical'
Hi there.
Does Debian (potato or woody) have tools to account IP traffic per user?
Greeting,
Matthias
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
My computer is rambling on over eth0 (External interface) about a bunch of ARP
request. Any Idea what could cause it?
(See attached)
Phil
trace.log
Description: Binary data
On Sun, Jan 06, 2002 at 07:14:00PM +0100, Matthias Juchem wrote:
Hi there.
Does Debian (potato or woody) have tools to account IP traffic per user?
With iptables you can create rules to match different Users, you could
use this for accounting.
HTHRUMH
--
PGP/GPG encrypted mail preferred,
iptables can log by gid and pid or you can use the user queue with iptables.
and log but I'm not sure it's a very clean method with some logging packets
...
Francois
Matthias Juchem writes:
Hi there.
Does Debian (potato or woody) have tools to account IP traffic per user?
On January 6, 2002 02:00 pm, Pavel Minev Penev wrote:
Hello.
I had a peculiar experience with a password (forgot it). It is the
password for an AE
S-encrypted partition on my HDD. I am using the loop
device and the international kernel patch. I wrote a brute-forcer
(didn't find docs and
We've given the finger to the finger daemon years ago...
no need for it.
g
-Original Message-
From: Moritz Schulte [mailto:[EMAIL PROTECTED]]On Behalf Of Moritz
Schulte
Sent: Sunday, January 06, 2002 11:20 AM
To: Debian-Security List
Subject: Re: Secure Finger Daemon
eim [EMAIL
also sprach Matthias Juchem [EMAIL PROTECTED] [2002.01.06.1914
+0100]:
Does Debian (potato or woody) have tools to account IP traffic per user?
iptables, as others have suggested.
AFAIK, the recommended method of doing this is to create a chain for
every user or group of users that you intend
my Finger Daemon conclusion...
First, Thanks for all the answers to my question.
Well, so it really seems it's better to avoid using
any finger daemon, security has always priority.
Anyway I thought the finger daemon would be a nice
feature for the .plan files, userinfo and mail info
for the
You may find the Debian package ipac-ng very useful if you don't want to
write your own scripts to handle all the ip accounting.
I don't think it'll do per-user on a single host (what can?!?) but
certainly per-ip.
--
Craig Ringer
IT Manager, POST Newspapers
http://www.postnewspapers.com.au/
Hi there,
I've some strange lines in my auth.log :
Jan 5 19:45:57 panda PAM_unix[500]: bad username [ ]
Jan 5 19:46:00 panda login[500]: FAILED LOGIN (1) on `tty1' FOR `UNKNOWN',
User not known to the underlying authentication module
Jan 5 19:46:05 panda PAM_unix[500]: bad username [ ]
Hello,
I'm planing to install a secure finger daemon
on one of the public boxes I admin.
Well, out there are really many different finger
daemons and in the Debian stable tree I can find:
* efingerd - Another finger daemon for unix
capable of fine-tuning your output.
Previously eim wrote:
Which Finger daemon is *really* secure ?
I haven't looked at all of them, but cfingerd most certainly is not.
Wichet.
--
_
/[EMAIL PROTECTED] This space intentionally left occupied \
| [EMAIL
Hi,
well I can't provide any infos about these finger daemons, as I am not using
any finger services at all during the past years. I stopped using this
service, when one of my box was hacked using an exploit in the fingerd. Then I
asked myself for what reason I am running finger service at all
I'm not sure which are secure. However, if you plan to use any of them, I
suggest using tcp-wrappers (tcpd) via inetd (or xinetd). Then edit your
hosts.allow file and explicitly allow only certain machines to access your
box.
Also, consider running whichever finger daemon as a separate user (i.e.
eim [EMAIL PROTECTED] writes:
Sorry, I can't tell you which fingerd is the most secure one. But...
Shouldn't I install this service at all ?
... do you really need it? Every additional service is a potential
security risk; only run these services, which you really need.
Package: libgtop-daemon
Version: 1.0.12-2
Severity: grave
Justification: user security hole
Tags: security
Hello,
I found this problem about my (since 1 week:)) package libgtop
http://www.securityfocus.com/bid/3586 :
GNOME libgtop_daemon Remote Format String Vulnerability
The GNOME
Wichert Akkerman [EMAIL PROTECTED] writes:
Previously eim wrote:
Which Finger daemon is *really* secure ?
I haven't looked at all of them, but cfingerd most certainly is not.
I notice the security-related bug reports against cfingerd
are all marked 'normal' -- shouldn't they be 'critical'
Hi there.
Does Debian (potato or woody) have tools to account IP traffic per user?
Greeting,
Matthias
My computer is rambling on over eth0 (External interface) about a bunch of ARP
request. Any Idea what could cause it?
(See attached)
Phil
trace.log
Description: Binary data
On Sun, Jan 06, 2002 at 07:14:00PM +0100, Matthias Juchem wrote:
Hi there.
Does Debian (potato or woody) have tools to account IP traffic per user?
With iptables you can create rules to match different Users, you could
use this for accounting.
HTHRUMH
--
PGP/GPG encrypted mail preferred,
iptables can log by gid and pid or you can use the user queue with iptables.
and log but I'm not sure it's a very clean method with some logging packets
...
Francois
Matthias Juchem writes:
Hi there.
Does Debian (potato or woody) have tools to account IP traffic per user?
Greeting,
We've given the finger to the finger daemon years ago...
no need for it.
g
-Original Message-
From: Moritz Schulte [mailto:[EMAIL PROTECTED] Behalf Of Moritz
Schulte
Sent: Sunday, January 06, 2002 11:20 AM
To: Debian-Security List
Subject: Re: Secure Finger Daemon
eim [EMAIL PROTECTED]
also sprach Matthias Juchem [EMAIL PROTECTED] [2002.01.06.1914 +0100]:
Does Debian (potato or woody) have tools to account IP traffic per user?
iptables, as others have suggested.
AFAIK, the recommended method of doing this is to create a chain for
every user or group of users that you intend
my Finger Daemon conclusion...
First, Thanks for all the answers to my question.
Well, so it really seems it's better to avoid using
any finger daemon, security has always priority.
Anyway I thought the finger daemon would be a nice
feature for the .plan files, userinfo and mail info
for the
On Sun, 6 Jan 2002, martin f krafft wrote:
also sprach Matthias Juchem [EMAIL PROTECTED] [2002.01.06.1914 +0100]:
Does Debian (potato or woody) have tools to account IP traffic per user?
iptables, as others have suggested.
AFAIK, the recommended method of doing this is to create a chain
31 matches
Mail list logo
