In the past I mirrored security.debian.org twice a day for debian
users on our campus. After the fire the new site does not seem to
have a "debian-security" module for the rsync-server.
Is there a possibility that we can have it back please?
Regards.
Johann
--
Johann Spies Telefoon: 02
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 19 November 2002 07:04, you wrote:
> If it is a client machine and has a default DROP policy on
> incoming packets, then ALLOW packets associated with open
> connections. You probably don't need any other special
> rules. Just set up policie
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday 23 November 2002 05:21, Wichert Akkerman wrote:
> Package : samba
> Problem type : remote exploit
> Debian-specific: no
>
> Steve Langasek found an exploitable bug in the password handling
> code in samba: when converting from DOS
ok, I get it now. In the configuration file there is the commented out
line
// query-source address * port 53;
which activates the default
query-source address * port *;
I couldn't understand the relation between the above configuration
option (which specifies an address and port to use when
> From: Haim Ashkenazi [mailto:[EMAIL PROTECTED]
>
> When making an encrypted file system (AES on both occasion) everything
> works great except I can't run binaries (or even shell scripts without
> running "bash
> > ports you want. Only associated packets will be accepted IN.
> Thanks for the feedback. All I am still a little worried about is what
> are associated packets, I guess. So suppose I initiate a non-anonymous
> FTP session, I've seen that generate ident packets. Are these
> associated? Simila
> What I figured out is that the server uses an unpriviliged random udp
> port when originating queries to other name servers and that named binds
> that udp port a priori and listens on that port waiting for replies to
> questions it will make. I hope I got it right, could someone please
> confirm
logcheck has started noticing the above error. I did a ls -lsa
/usr/bin/mlock and the result is:
8 -rwxr-sr-x1 root root 5668 Jan 13 2002 mlock
Does this mean that somehow the permissions have changed?
Should they have changed - and why?
How should I correct this? (Has my box bee
On Mon, Nov 25, 2002 at 08:24:45PM +0900, Olaf Meeuwissen wrote:
> Hmm, from the version numbers (2.2.3a-6 to 2.2.3a-12) and changelog
> entries since the version in stable it looks as if this upgrade does a
> little more than just fix the security problem. Whatever happened to
> just backport
Thanx, you gave me the idea to solve this. I forgot that I've added the
user option in '/etc/fstab' (stupid me). "user" implies noexec, so you
have to add exec after the user option.
Bye
On Mon, 2002-11-25 at 14:32, DEFFONTAINES Vincent wrote:
> > From: Haim Ashkenazi [mailto:[EMAIL PROTECTED]
>
Dear all,
I have just received a spam complaint, and unfortunately, some spammers
have been using an address on one of my domains in their Return-Path
and From-headers. How nice of them :-( . This address has never
existed. I'm using the Exim packages from Woody.
For quite some time, I have s
That is something that Ive always wanted to know, is how to turn verify off,
but alas, due to sheer laziness, I havent read up on it...
On Monday 25 November 2002 15:38, Kjetil Kjernsmo wrote:
> Dear all,
>
> I have just received a spam complaint, and unfortunately, some spammers
> have been usi
ive had a few cases of this myself, an irrate admin somewhere else whining
its my fault ad i have , yet the relay test via telent shows all OK. I
wonder if they firge known addresses on purpsoe to seed discontent.
I dont want to teach you to suck eggs, but I would suggest this test is run
as an in
On Monday 25 November 2002 23:05, you wrote:
> I dont want to teach you to suck eggs, but I would suggest this test
> is run as an independant way to verify your safe. I always run it
> after a sendmail change, as i pay for volume personally and at 2 gig
> + a day a spam hit would do to me would b
We have the same problem here. Someone has been using our domain name
in their headers since January. At times, we were getting a few
thousand bounces from mail to over-quota or non-existant accounts.
I added the following line to my exim.conf
receiver_try_verify = true
This results in an im
Matt Zimmerman <[EMAIL PROTECTED]> writes:
> On Mon, Nov 25, 2002 at 08:24:45PM +0900, Olaf Meeuwissen wrote:
>
> > Hmm, from the version numbers (2.2.3a-6 to 2.2.3a-12) and changelog
> > entries since the version in stable it looks as if this upgrade does a
> > little more than just fix the se
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 19 November 2002 07:04, you wrote:
> If it is a client machine and has a default DROP policy on
> incoming packets, then ALLOW packets associated with open
> connections. You probably don't need any other special
> rules. Just set up policie
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday 23 November 2002 05:21, Wichert Akkerman wrote:
> Package : samba
> Problem type : remote exploit
> Debian-specific: no
>
> Steve Langasek found an exploitable bug in the password handling
> code in samba: when converting from DOS
ok, I get it now. In the configuration file there is the commented out
line
// query-source address * port 53;
which activates the default
query-source address * port *;
I couldn't understand the relation between the above configuration
option (which specifies an address and port to use when
> From: Haim Ashkenazi [mailto:[EMAIL PROTECTED]]
>
> When making an encrypted file system (AES on both occasion) everything
> works great except I can't run binaries (or even shell scripts without
> running "bash
> > ports you want. Only associated packets will be accepted IN.
> Thanks for the feedback. All I am still a little worried about is what
> are associated packets, I guess. So suppose I initiate a non-anonymous
> FTP session, I've seen that generate ident packets. Are these
> associated? Simila
> What I figured out is that the server uses an unpriviliged random udp
> port when originating queries to other name servers and that named binds
> that udp port a priori and listens on that port waiting for replies to
> questions it will make. I hope I got it right, could someone please
> confirm
logcheck has started noticing the above error. I did a ls -lsa
/usr/bin/mlock and the result is:
8 -rwxr-sr-x1 root root 5668 Jan 13 2002 mlock
Does this mean that somehow the permissions have changed?
Should they have changed - and why?
How should I correct this? (Has my box bee
On Mon, Nov 25, 2002 at 08:24:45PM +0900, Olaf Meeuwissen wrote:
> Hmm, from the version numbers (2.2.3a-6 to 2.2.3a-12) and changelog
> entries since the version in stable it looks as if this upgrade does a
> little more than just fix the security problem. Whatever happened to
> just backport
Thanx, you gave me the idea to solve this. I forgot that I've added the
user option in '/etc/fstab' (stupid me). "user" implies noexec, so you
have to add exec after the user option.
Bye
On Mon, 2002-11-25 at 14:32, DEFFONTAINES Vincent wrote:
> > From: Haim Ashkenazi [mailto:[EMAIL PROTECTED]]
>
Dear all,
I have just received a spam complaint, and unfortunately, some spammers
have been using an address on one of my domains in their Return-Path
and From-headers. How nice of them :-( . This address has never
existed. I'm using the Exim packages from Woody.
For quite some time, I have s
That is something that Ive always wanted to know, is how to turn verify off,
but alas, due to sheer laziness, I havent read up on it...
On Monday 25 November 2002 15:38, Kjetil Kjernsmo wrote:
> Dear all,
>
> I have just received a spam complaint, and unfortunately, some spammers
> have been usi
ive had a few cases of this myself, an irrate admin somewhere else whining
its my fault ad i have , yet the relay test via telent shows all OK. I
wonder if they firge known addresses on purpsoe to seed discontent.
I dont want to teach you to suck eggs, but I would suggest this test is run
as an in
On Monday 25 November 2002 23:05, you wrote:
> I dont want to teach you to suck eggs, but I would suggest this test
> is run as an independant way to verify your safe. I always run it
> after a sendmail change, as i pay for volume personally and at 2 gig
> + a day a spam hit would do to me would b
We have the same problem here. Someone has been using our domain name
in their headers since January. At times, we were getting a few
thousand bounces from mail to over-quota or non-existant accounts.
I added the following line to my exim.conf
receiver_try_verify = true
This results in an im
Matt Zimmerman <[EMAIL PROTECTED]> writes:
> On Mon, Nov 25, 2002 at 08:24:45PM +0900, Olaf Meeuwissen wrote:
>
> > Hmm, from the version numbers (2.2.3a-6 to 2.2.3a-12) and changelog
> > entries since the version in stable it looks as if this upgrade does a
> > little more than just fix the se
31 matches
Mail list logo