-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 142-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
August 5th, 2002
-
unsubscribe
--
足立章
unsubscribe
Seeing how many DSAs have been released in the last few days, I was wondering
what scripts etc people had in place for dealing with them? For example, one
thing I'd like to do is get the alerts forwarded to my mobile phone if I have
the package installed on one or more of my machines (using dpkg
On Sat, Aug 03, 2002 at 11:00:36PM +0200, Arne Schwabe wrote:
Hi,
today i saw lot of connection attemps to port 12980 on my
machine. Because that are many[1] and they came from different hosts i
am wondering what is going on here.
Arne
[1]
[EMAIL PROTECTED]/var/log$ grep Aug 3
On Mon, Aug 05, 2002 at 11:35:16AM +0100, Gareth Bowker wrote:
Seeing how many DSAs have been released in the last few days, I was wondering
what scripts etc people had in place for dealing with them? For example, one
thing I'd like to do is get the alerts forwarded to my mobile phone if I have
Higher up ports like that are usually dynamically assigned for two-way
connections, for instance, when I run bitchX and connect to openprojects.net
#Debian, I get one or two connections back to my machine. You can use
netstat to determine which program is currently listening on a given port.
When
Previously Javier Fern?ndez-Sanguino Pe?a wrote:
'Tiger' provides a module to check for DSAs released (retrieves this
info from the WWW CVS data)
It would be easier to get the data from the security RDF info I suspect.
on me making new packages when DSAs are generated. However, I'm
On Sun, Aug 04, 2002 at 11:50:42PM -0400, John Bazik wrote:
We set priority=low and frontend=noninteractive and wrap apt-get
in an expect script, and add the right answers for the packages
that just won't shut up. We've been doing this since before most
packages were debconf'd. For all
On Mon, Aug 05, 2002 at 02:57:09PM +0200, Wichert Akkerman wrote:
Indeed, there is a link at http://www.debian.org/security to the RDF
dataa.
Are the advisories themselves in rdf format?
It seems that http://www.debian.org/security/dsa.rdf points to
the HTML pages themselves,
Previously Javier Fern?ndez-Sanguino Pe?a wrote:
Are the advisories themselves in rdf format?
Not afaik, but hopefully someone from debian-www (cc'ed) can arrange for that
to be done.
Wichert.
--
_
/[EMAIL PROTECTED]
Hi all,
Where can i find a code that tests a vulnerable OpenSSH trojaned server.
Or if i should write the code, What is this trojan server's
specifications?
On Mon, 05 Aug 2002 at 04:02:43PM +0200, Javier Fern?ndez-Sanguino Pe?a wrote:
What I was looking for was the DSAs in easy, parseable, output, so
that, for example, the package information (version affected) could be
easily retrieved.
The email messages look pretty parseable. Just run
Halil Demirezen [EMAIL PROTECTED] writes:
Hi all,
Where can i find a code that tests a vulnerable OpenSSH trojaned server.
Or if i should write the code, What is this trojan server's
specifications?
http://www.openssh.com/txt/trojan.adv
should give you enough clue.
HTH
Siggy
--
On Mon, Aug 05, 2002 at 07:40:36PM +0300, Halil Demirezen wrote:
Where can i find a code that tests a vulnerable OpenSSH trojaned server.
Or if i should write the code, What is this trojan server's
specifications?
Remember that the trojan only exists during the build process. The ssh
server
Well, as I understand it, the trojan run only when you compile the code
... it's not in the sshd program. So, you can only have it if you compiled
the code yourself. If so, you can just check the md5 sums from the
advisory.
-rishi
On Mon, 5 Aug 2002, Halil Demirezen wrote:
Hi
No that is not the way i wish.
So think that there is a trojaned server. how can i test the connection..
something like, but not the exact way:
#telnet foo.com 6667
Trying ...
so what?
as i read from the net..
it says Command D is for executing a command.
On Mon, 5 Aug 2002,
-BEGIN PGP SIGNED MESSAGE-
Dear Sirs,
In pgp, how do I upload my public key to a key server? Ive read the
documentation on it and I cannot seem to find a way to do it.
Thanks
Daniel J. Rychlik
-BEGIN PGP SIGNATURE-
Version: 2.6.3ia
Charset: noconv
On Mon, Aug 05, 2002 at 01:06:03PM -0500, Daniel Rychlik wrote:
In pgp, how do I upload my public key to a key server? Ive read the
documentation on it and I cannot seem to find a way to do it.
--send-keys [names]
Same as --export but sends the keys to a key?
Noah L. Meyerhans [EMAIL PROTECTED] writes:
On Mon, Aug 05, 2002 at 01:06:03PM -0500, Daniel Rychlik wrote:
In pgp, how do I upload my public key to a key server? Ive read the
documentation on it and I cannot seem to find a way to do it.
--send-keys [names]
Same
must have missed that one.
On Mon, Aug 05, 2002 at 01:19:45PM -0500, Daniel Rychlik wrote:
must have missed that one.
I am sorry for giving an RTFM-style answer. I didn't think anybody was
still using PGP. Is there a specific reason you need it instead of gpg?
pgp can't upload to keyservers on its own. Take a look
24 matches
Mail list logo