Re: Where to install the firewall scripts

On Sat, 14 Dec 2002, bong sabolboro wrote: > I am currently implementing a firewall using a > notebook and Debian Woody. What is the best place to > put the firewall rules that I want implemented for my > local setup? There are a few possible alternatives. The main point is that you want your fi

Re: firewall advice

* Quoting andrew lattis ([EMAIL PROTECTED]): > > #connections to lo > $iptables -A OUTPUT -p ALL -o $lo_iface -s $lo_ip -j ACCEPT > > #allow the rest > $iptables -A OUTPUT -p ALL -o $eth_iface -s $eth_ip -j ACCEPT > > #log the rest > $iptables -A OUTPUT -m limit --limit $log_limit --limit-b

Re: firewall advice

On Sun, Dec 15, 2002 at 07:15:25PM -0800, Torrin wrote: > I'll also add connection tracking in my iptables script. Is > there anything I can do in my ipchains script? did you ever look at the SuSEfirewall{,2} scripts by marc heuse? GPL, will work with any distro, maybe small changes where to fi

Re: firewall advice

* Torrin ([EMAIL PROTECTED]) [021215 19:21]: > Nicolas Boullis wrote: > > * Torrin ([EMAIL PROTECTED]): > > > iptables -A INPUT -i eth0 -j ACCEPT -p TCP -s 0.0.0.0/0 --source-port > > > domain #53 > > > iptables -A INPUT -i eth0 -j ACCEPT -p UDP -s 0.0.0.0/0 --source-port > > > domain #53 > >"Hey!

Re: firewall advice

I am using the v1 scripts on Debian 3.0r0. IIRC, I had to change one directory in the INSTALL script. SuSE puts the symlinks in /etc/init.d/rcX.d and Debian puts them in /etc/rcX.d/. Edit the script before running it. I like it because it works at the policy level of Internet, DMZ, and internal

SSH

Hi all, I am sure you have seen the SSH CERT. Are we vulnerable? If so is there a time line for an update? Thanks, -- Phil PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import -- Excuse #18: Divide-by-zero error pgpuG5QnegUJy.pg

Re: SSH

Hi, From: Phillip Hofmeister Date: Mon, 16 Dec 2002 17:52:15 -0500 > I am sure you have seen the SSH CERT. Are we vulnerable? If so is > there a time line for an update? I'd like to know too -- perhaps there's a chance the Debian package (the OpenSSH-based one) isn't vulnerable as OpenSSH 3.5

Re: SSH

Phillip Hofmeister wrote: > I am sure you have seen the SSH CERT. Are we vulnerable? If so is > there a time line for an update? As far as you can read in Rapid 7 advisory , OpenSSH 3.5 and earlier does not seem vulnerable. So debian systems are like

Re: SSH

On Mon, Dec 16, 2002 at 05:52:15PM -0500, Phillip Hofmeister wrote: > Hi all, > > I am sure you have seen the SSH CERT. Are we vulnerable? If so is > there a time line for an update? I believe you are vulnerable if you have SSH1 support enabled. I am not sure if sshd's config is shipped this w

Re: SSH

Am Mon, 2002-12-16 um 22.52 schrieb Phillip Hofmeister: > Hi all, Hi Phillip, hi Alex ;=) > I am sure you have seen the SSH CERT. Are we vulnerable? If so is > there a time line for an update? http://www.cert.org/advisories/CA-2002-36.html> >From my testing it seems that the current version of

Re: SSH

On Mon, Dec 16, 2002 at 05:52:15PM -0500, Phillip Hofmeister wrote: > Hi all, > > I am sure you have seen the SSH CERT. Are we vulnerable? If so is > there a time line for an update? Sorry for the last email. Spoke before I read. :-) According to the advisory[1]: "it seems that

Re: smtp-auth

> > I need to add smtp-auth capabilities to a postfix MTA. The postifix > documentation talks about sasl to do this. Is this method secure? > Exist other (better or more secure) alternatives? > > thanks to all, > > bye By the way is there a URL for full qualified postfix MTA howto? That will

Re: SSH

Woody is shipping OpenSSH_3.4p1. Before the security team confirm this vulnerability and release the upgrade package, is there any way to patch and repackage the woody openssh? I just can't find the patch against this vulnerability. -- 08:40:05 up 3 days, 16:51, 5 users, load average: 0.0

Re: SSH

On Tue, Dec 17, 2002 at 08:42:03AM +0800, Patrick Hsieh wrote: > Woody is shipping OpenSSH_3.4p1. Before the security team confirm this > vulnerability and release the upgrade package, is there any way to patch and > repackage the woody openssh? I just can't find the patch against this > vulnera

Re: SSH

On Tuesday, 17 December 2002, at 08:42:03 +0800, Patrick Hsieh wrote: > Woody is shipping OpenSSH_3.4p1. Before the security team confirm this > vulnerability and release the upgrade package, is there any way to patch and > repackage the woody openssh? I just can't find the patch against this >

Re: smtp-auth

On Tue, Dec 17, 2002 at 02:45:03AM +0200, Halil Demirezen wrote: > > I need to add smtp-auth capabilities to a postfix MTA. The postifix > > documentation talks about sasl to do this. Is this method secure? > > Exist other (better or more secure) alternatives? I know, that in debian you can use sa

Re: smtp-auth

Quoting Halil Demirezen ([EMAIL PROTECTED]): > By the way is there a URL for full qualified postfix MTA howto? > That will be so helpful. Under the assumption you're still speaking in the context of Debian and SMTP-AUTH / SASL, this might help: http://killyridols.net/postfixtlssmtpauth.shtml Th

Bug #173254 Submitted: Snort In Stable "Unusable"

Further to the discussion I started here on 6th.Dec.2002 about the problem of the stable Snort packages being out-of-date, with the subject "Updating Snort Signatures In Stable ?" (http://lists.debian.org/debian-security/2002/debian-security-200212/msg00063.html) FYI, I have now submitted a severit

Re: smtp-auth

hi ya Halil On Mon, 16 Dec 2002, Rick Moen wrote: > Quoting Halil Demirezen ([EMAIL PROTECTED]): > > > By the way is there a URL for full qualified postfix MTA howto? > > That will be so helpful. some postfix stuff http://www.linux-sec.net/Mail/#MTA > Under the assumption you're sti

A sua janela para o mundo

Title: TugaMail.com  Registo | Ajuda | Contacto | Privacidade | Condições de utilização

Re: Where to install the firewall scripts

On Sat, 14 Dec 2002, bong sabolboro wrote: > I am currently implementing a firewall using a > notebook and Debian Woody. What is the best place to > put the firewall rules that I want implemented for my > local setup? There are a few possible alternatives. The main point is that you want your fi

Re: firewall advice

* Quoting andrew lattis ([EMAIL PROTECTED]): > > #connections to lo > $iptables -A OUTPUT -p ALL -o $lo_iface -s $lo_ip -j ACCEPT > > #allow the rest > $iptables -A OUTPUT -p ALL -o $eth_iface -s $eth_ip -j ACCEPT > > #log the rest > $iptables -A OUTPUT -m limit --limit $log_limit --limit-b

Re: firewall advice

On Sun, Dec 15, 2002 at 07:15:25PM -0800, Torrin wrote: > I'll also add connection tracking in my iptables script. Is > there anything I can do in my ipchains script? did you ever look at the SuSEfirewall{,2} scripts by marc heuse? GPL, will work with any distro, maybe small changes where to fi

Re: firewall advice

* Torrin ([EMAIL PROTECTED]) [021215 19:21]: > Nicolas Boullis wrote: > > * Torrin ([EMAIL PROTECTED]): > > > iptables -A INPUT -i eth0 -j ACCEPT -p TCP -s 0.0.0.0/0 --source-port > > > domain #53 > > > iptables -A INPUT -i eth0 -j ACCEPT -p UDP -s 0.0.0.0/0 --source-port > > > domain #53 > >"Hey!

Re: firewall advice

I am using the v1 scripts on Debian 3.0r0. IIRC, I had to change one directory in the INSTALL script. SuSE puts the symlinks in /etc/init.d/rcX.d and Debian puts them in /etc/rcX.d/. Edit the script before running it. I like it because it works at the policy level of Internet, DMZ, and internal

SSH

Hi all, I am sure you have seen the SSH CERT. Are we vulnerable? If so is there a time line for an update? Thanks, -- Phil PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import -- Excuse #18: Divide-by-zero error msg08191/pgp000

Re: SSH

Hi, From: Phillip Hofmeister Date: Mon, 16 Dec 2002 17:52:15 -0500 > I am sure you have seen the SSH CERT. Are we vulnerable? If so is > there a time line for an update? I'd like to know too -- perhaps there's a chance the Debian package (the OpenSSH-based one) isn't vulnerable as OpenSSH 3.5

Re: SSH

Phillip Hofmeister wrote: > I am sure you have seen the SSH CERT. Are we vulnerable? If so is > there a time line for an update? As far as you can read in Rapid 7 advisory , OpenSSH 3.5 and earlier does not seem vulnerable. So debian systems are like

Re: SSH

On Mon, Dec 16, 2002 at 05:52:15PM -0500, Phillip Hofmeister wrote: > Hi all, > > I am sure you have seen the SSH CERT. Are we vulnerable? If so is > there a time line for an update? I believe you are vulnerable if you have SSH1 support enabled. I am not sure if sshd's config is shipped this w

Re: SSH

Am Mon, 2002-12-16 um 22.52 schrieb Phillip Hofmeister: > Hi all, Hi Phillip, hi Alex ;=) > I am sure you have seen the SSH CERT. Are we vulnerable? If so is > there a time line for an update? http://www.cert.org/advisories/CA-2002-36.html> >From my testing it seems that the current version of

Re: SSH

On Mon, Dec 16, 2002 at 05:52:15PM -0500, Phillip Hofmeister wrote: > Hi all, > > I am sure you have seen the SSH CERT. Are we vulnerable? If so is > there a time line for an update? Sorry for the last email. Spoke before I read. :-) According to the advisory[1]: "it seems that

Re: smtp-auth

> > I need to add smtp-auth capabilities to a postfix MTA. The postifix > documentation talks about sasl to do this. Is this method secure? > Exist other (better or more secure) alternatives? > > thanks to all, > > bye By the way is there a URL for full qualified postfix MTA howto? That will

Re: SSH

Woody is shipping OpenSSH_3.4p1. Before the security team confirm this vulnerability and release the upgrade package, is there any way to patch and repackage the woody openssh? I just can't find the patch against this vulnerability. -- 08:40:05 up 3 days, 16:51, 5 users, load average: 0.0

Re: SSH

On Tue, Dec 17, 2002 at 08:42:03AM +0800, Patrick Hsieh wrote: > Woody is shipping OpenSSH_3.4p1. Before the security team confirm this > vulnerability and release the upgrade package, is there any way to patch and > repackage the woody openssh? I just can't find the patch against this > vulnera

Re: SSH

On Tuesday, 17 December 2002, at 08:42:03 +0800, Patrick Hsieh wrote: > Woody is shipping OpenSSH_3.4p1. Before the security team confirm this > vulnerability and release the upgrade package, is there any way to patch and > repackage the woody openssh? I just can't find the patch against this >

Re: smtp-auth

On Tue, Dec 17, 2002 at 02:45:03AM +0200, Halil Demirezen wrote: > > I need to add smtp-auth capabilities to a postfix MTA. The postifix > > documentation talks about sasl to do this. Is this method secure? > > Exist other (better or more secure) alternatives? I know, that in debian you can use sa

Re: smtp-auth

Quoting Halil Demirezen ([EMAIL PROTECTED]): > By the way is there a URL for full qualified postfix MTA howto? > That will be so helpful. Under the assumption you're still speaking in the context of Debian and SMTP-AUTH / SASL, this might help: http://killyridols.net/postfixtlssmtpauth.shtml Th

Bug #173254 Submitted: Snort In Stable "Unusable"

Further to the discussion I started here on 6th.Dec.2002 about the problem of the stable Snort packages being out-of-date, with the subject "Updating Snort Signatures In Stable ?" (http://lists.debian.org/debian-security/2002/debian-security-200212/msg00063.html) FYI, I have now submitted a severit

Re: smtp-auth

hi ya Halil On Mon, 16 Dec 2002, Rick Moen wrote: > Quoting Halil Demirezen ([EMAIL PROTECTED]): > > > By the way is there a URL for full qualified postfix MTA howto? > > That will be so helpful. some postfix stuff http://www.linux-sec.net/Mail/#MTA > Under the assumption you're sti

A sua janela para o mundo

Title: TugaMail.com  Registo | Ajuda | Contacto | Privacidade | Condições de utilização

Multiple MySQL vulnerabilities

look at http://security.e-matters.de/advisories/042002.html, it seems like the the debian woody version is affected. Is there any DSA in preparation? Thanks, Benjamin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: [d-security] Multiple MySQL vulnerabilities

On Tue, Dec 17, 2002 at 08:07:57AM +0100, Schüle Benjamin wrote: > look at http://security.e-matters.de/advisories/042002.html, > it seems like the the debian woody version is affected. > Is there any DSA in preparation? A DSA is in preparation by the security team. The unstable version is already