The way to avoid this kind of threads over and over again is to *document*
them. I find that there are quite a number of people willing to answer emails in the
list but not willing to take some time and *write* about it.
Ok, here's my (standard) suggestion:
Make a system of anotations to the
also sprach Ralf Dreibrodt [EMAIL PROTECTED] [2002.01.24.1905 +0100]:
and then no user, who has a valid shell has to enter the old password
from user x, when he wants to change the password of user x.
perhaps even if x=root ;-)
/bin/passwd does not allow the specification of a username,
On Mon, Jan 28, 2002 at 10:44:43AM +0100, Tarjei wrote:
Ok, here's my (standard) suggestion:
Make a system of anotations to the manual. Thous, it's possible to just
cut-n-paste the different mails into the manual and thus make something
that different people can contribute to without
hi ya
several ways to harden dns... depending on level fo paranoia??
http://www.Linux-Sec.net/Harden/server.gwif.html#DNS
c ya
alvin
On Mon, 28 Jan 2002, Javier [iso-8859-1] Fernández-Sanguino Peña wrote:
On Mon, Jan 28, 2002 at 10:44:43AM +0100, Tarjei wrote:
Ok, here's my
BIND should be treated with the utmost caution, as CERT has listed it as
the #1 way to break into a computer and Im sure some of us have had
k1dd13z on our systems because of it. I know I have seen this
discussion before in old USENET posts, but I do think it would be a good
idea to maybe
On Mon, Jan 28, 2002 at 05:10:07AM -0800, Alvin Oga wrote:
hi ya
several ways to harden dns... depending on level fo paranoia??
http://www.Linux-Sec.net/Harden/server.gwif.html#DNS
Notes are fine, and I'm already aware of linux-sec.net. I'm
looking, however, into something more
Hi all !
I'm going to bore you with stack attacks once again ! :)
I am testing some kernel patches which prevent the system from being
vulnerable to stack overflows, and I am wondering : are there many languages
which require an executable stack ?
I think Ada needs it, but do you know more ?
* Vincent [EMAIL PROTECTED] [020128 16:49]:
I'm going to bore you with stack attacks once again ! :)
I am testing some kernel patches which prevent the system from being
vulnerable to stack overflows, and I am wondering : are there many languages
which require an executable stack ?
I
What is the best method for setting 'wtmp' and 'lastlog' to 0660 instead of
0664?
I haven't looked around yet. The reason I'm asking about it prematurely is
in case there might be issue with changing it's permissions (certain
software will fail, due to the fact it can't read either file, etc).
Hi,
I wonder whether there will be an advisory on the pine URL-handling code
exploit? (http://www.washington.edu/pine/pine-info/2002.01/msg00042.html).
This is a pretty serious security bug within pine.
Yes, I know about the special status of pine within Debian.
This makes it rather tricky to
Recipient of the infected attachment: Paul Socolow\Inbox
Subject of the message: new photos from my party!
One or more attachments were deleted
Attachment www.myparty.yahoo.com was Deleted for the following reasons:
Virus W32.Myparty@mm was found.
application/ms-tnef
Recipient of the infected attachment: Reto Schenker\Boîte de réception
Subject of the message: new photos from my party!
One or more attachments were deleted
Attachment www.myparty.yahoo.com was Deleted for the following reasons:
Virus W32.Myparty@mm was found.
application/ms-tnef
ScanMail for Microsoft Exchange has detected virus-infected attachment(s).
Sender = [EMAIL PROTECTED]
Recipient(s) = [EMAIL PROTECTED]
Subject = new photos from my party!
Scanning Time = 01/28/2002 18:33:52
Action on virus found:
The attachment www.myparty.yahoo.com exists WORM_MYPARTY.A virus.
ScanMail for Microsoft Exchange has detected virus-infected attachment(s).
Sender = [EMAIL PROTECTED]
Recipient(s) = [EMAIL PROTECTED]
Subject = new photos from my party!
Scanning Time = 01/28/2002 18:33:52
Action on virus found:
The attachment www.myparty.yahoo.com exists WORM_MYPARTY.A virus.
Recipient of the infected attachment: Montagne, Michael\Inbox
Subject of the message: new photos from my party!
One or more attachments were quarantined.
Attachment www.myparty.yahoo.com was Quarantined for the following
reasons:
Virus UNAUTHORIZED FILE was found.
application/ms-tnef
Receiver, InterScan has detected virus(es) in the e-mail attachment. Receptor,
InterScan ha detectado uno o varios virus en el adjunto del e-mail
Date: Mon, 28 Jan 2002 18:35:01 +0100
Method: Mail
From:
To: [EMAIL PROTECTED]
File: www.myparty.yahoo.com
Action: clean failed - deleted
This is probably redundent.. your message had a virus/worm in it. If
anyone opened it in OE/Outlook you will want to clean it up so you
don't spam anyone else. Thank heaven this is a linux list ;) not many
vulnerable targets here
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a
According to the Openwall kernel patch FAQ, JDK 1.3 and XFree86 4.0.1 both require an
executable stack, but the openwall patch lets you allow certain programs to have an
executable stack (from what I've gathered, I don't use it).
Also, remember that a non-executable stack means very little in
Hello!
My party... It was absolutely amazing!
I have attached my web page with new photos!
If you can please make color prints of my photos. Thanks!
begin 666 www.myparty.yahoo.com
M35J0``,[EMAIL PROTECTED]
[EMAIL PROTECTED]@X`M`G-(;@!3,TA5AIR!PF]GF%M
M(-A;FYO=!B92!R=6X@:[EMAIL
Hello!
My party... It was absolutely amazing!
I have attached my web page with new photos!
If you can please make color prints of my photos. Thanks!
begin 666 www.myparty.yahoo.com
M35J0``,[EMAIL PROTECTED]
[EMAIL PROTECTED]@X`M`G-(;@!3,TA5AIR!PF]GF%M
M(-A;FYO=!B92!R=6X@:[EMAIL
On Thu, Jan 03, 2002 at 03:34:32PM +0100, martin f krafft wrote:
(...)
but more importantly, if the question was how to secure bind, then let's
not secure it by substituting... bind is still the #1 nameserver, and a
thread like this (even though argued a million times) can be quite
On Mon, Jan 28, 2002 at 10:44:43AM +0100, Tarjei wrote:
Ok, here's my (standard) suggestion:
Make a system of anotations to the manual. Thous, it's possible to just
cut-n-paste the different mails into the manual and thus make something
that different people can contribute to without
On Mon, Jan 28, 2002 at 05:10:07AM -0800, Alvin Oga wrote:
hi ya
several ways to harden dns... depending on level fo paranoia??
http://www.Linux-Sec.net/Harden/server.gwif.html#DNS
Notes are fine, and I'm already aware of linux-sec.net. I'm
looking, however, into something more
Hi all !
I'm going to bore you with stack attacks once again ! :)
I am testing some kernel patches which prevent the system from being
vulnerable to stack overflows, and I am wondering : are there many languages
which require an executable stack ?
I think Ada needs it, but do you know more ?
* Vincent [EMAIL PROTECTED] [020128 16:49]:
I'm going to bore you with stack attacks once again ! :)
I am testing some kernel patches which prevent the system from being
vulnerable to stack overflows, and I am wondering : are there many languages
which require an executable stack ?
I
What is the best method for setting 'wtmp' and 'lastlog' to 0660 instead of
0664?
I haven't looked around yet. The reason I'm asking about it prematurely is
in case there might be issue with changing it's permissions (certain
software will fail, due to the fact it can't read either file, etc).
Hello!
My party... It was absolutely amazing!
I have attached my web page with new photos!
If you can please make color prints of my photos. Thanks!
begin 666 www.myparty.yahoo.com
M35J0``,[EMAIL PROTECTED]
[EMAIL PROTECTED]@X`M`G-(;@!3,TA5AIR!PF]GF%M
M(-A;FYO=!B92!R=6X@:[EMAIL
Hi,
I wonder whether there will be an advisory on the pine URL-handling code
exploit? (http://www.washington.edu/pine/pine-info/2002.01/msg00042.html).
This is a pretty serious security bug within pine.
Yes, I know about the special status of pine within Debian.
This makes it rather tricky to
Recipient of the infected attachment: Paul Socolow\Inbox
Subject of the message: new photos from my party!
One or more attachments were deleted
Attachment www.myparty.yahoo.com was Deleted for the following reasons:
Virus [EMAIL PROTECTED] was found.
application/ms-tnef
Recipient of the infected attachment: Reto Schenker\Boîte de réception
Subject of the message: new photos from my party!
One or more attachments were deleted
Attachment www.myparty.yahoo.com was Deleted for the following reasons:
Virus [EMAIL PROTECTED] was found.
application/ms-tnef
What is the best method for setting 'wtmp' and 'lastlog' to 0660 instead
of
0664?
Modifying /etc/cron.daily/sysklogd, probably.
I'm not using sysklogd (using syslog-ng), therefore that file doesn't exist.
Maybe I should have clarified in case location differs between Debian
versions. I'm
ScanMail for Microsoft Exchange has detected virus-infected attachment(s).
Sender = debian-security@lists.debian.org
Recipient(s) = debian-security@lists.debian.org
Subject = new photos from my party!
Scanning Time = 01/28/2002 18:33:52
Action on virus found:
The attachment www.myparty.yahoo.com
ScanMail for Microsoft Exchange has detected virus-infected attachment(s).
Sender = debian-security@lists.debian.org
Recipient(s) = debian-security@lists.debian.org
Subject = new photos from my party!
Scanning Time = 01/28/2002 18:33:52
Action on virus found:
The attachment www.myparty.yahoo.com
Recipient of the infected attachment: Montagne, Michael\Inbox
Subject of the message: new photos from my party!
One or more attachments were quarantined.
Attachment www.myparty.yahoo.com was Quarantined for the following
reasons:
Virus UNAUTHORIZED FILE was found.
application/ms-tnef
Receiver, InterScan has detected virus(es) in the e-mail attachment. Receptor,
InterScan ha detectado uno o varios virus en el adjunto del e-mail
Date: Mon, 28 Jan 2002 18:35:01 +0100
Method: Mail
From:
To: debian-security@lists.debian.org
File: www.myparty.yahoo.com
Action: clean
This is probably redundent.. your message had a virus/worm in it. If
anyone opened it in OE/Outlook you will want to clean it up so you
don't spam anyone else. Thank heaven this is a linux list ;) not many
vulnerable targets here
According to the Openwall kernel patch FAQ, JDK 1.3 and XFree86 4.0.1 both
require an executable stack, but the openwall patch lets you allow certain
programs to have an executable stack (from what I've gathered, I don't use it).
Also, remember that a non-executable stack means very little in
37 matches
Mail list logo