Le sam 24/05/2003 à 00:24, Ian Goodall a écrit :
> >Try using tcpdump to investigate the problem. Make sure you use the
> >'-p' flag to tcpdump to tell it not to set the interface into
> >promiscuous mode. Something like
> ># tcpdump -i eth0 -p -n
>
> I have no idea what all the output means. Be
Hi:
If you're looking for Debian alpha/i386 kernel-images with all the recent
security alerts (ptrace, ioperm, net hash) fixed, look no further.
For users of unstable, fixed packages are now in the archive. They will
enter testing in about 10 days.
For users of stable (woody), please get them f
>Try using tcpdump to investigate the problem. Make sure you use the
>'-p' flag to tcpdump to tell it not to set the interface into
>promiscuous mode. Something like
># tcpdump -i eth0 -p -n
I have no idea what all the output means. Below is an extract from the
output:
23:17:22.564132 172.16.3
>Try using tcpdump to investigate the problem. Make sure you use the
>'-p' flag to tcpdump to tell it not to set the interface into
>promiscuous mode. Something like
># tcpdump -i eth0 -p -n
I have no idea what all the output means. Below is an extract from the
output:
23:17:22.564132 172.16.3
> What's the other end of your ethernet cable plugged into?
A switch. This is what is confusing me. Its a very cheap netgear switch so
it is probably sending out all the packets any way...
Added the post-invoke line to apt.conf and have debsums installed now. Is
there a way to wipe the current md5sums and generate all new ones?
Tib
On Fri, 23 May 2003, xavier renaut wrote:
> On Wed, May 21, 2003 at 01:33:02PM -0700, Tib wrote:
> |
> |Well I found the debsums program, but unfortu
Colin Watson has written new code for the BTS to allow it to display bugs
with certain tags, like security [1].
The new URL for bugs tagged security is
http://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=security and the old URL
that's no longer linked to from qa.debian.org is still being updated at
On Fri, May 23, 2003 at 08:32:27PM +0100, Ian Goodall wrote:
> > I have not got multicast enabled either so I don't know what is causing
> this...
>
> Oops looks like I have guys. I have read man 8 ifconfig but it will still
> not switch off. Is this what is causing it?
You probably don't want to
On Wed, May 21, 2003 at 01:33:02PM -0700, Tib wrote:
|
|Well I found the debsums program, but unfortunately that hasn't solved
|anything. Here's what I run and this is what I get. There are a LOT more
|failures than just these, but these are the only two types of failures.
|How do I properly fix th
On Fri, 23 May 2003, Ian Goodall wrote:
> I have premoved promiscuous mode from my card. When checking ifconfig (eth0)
> I am still getting all the network traffic flowing through my computer or at
> least a lot of it. The system is sitting idle and I can see the traffic
> going up a few meg a min
> I have not got multicast enabled either so I don't know what is causing
this...
Oops looks like I have guys. I have read man 8 ifconfig but it will still
not switch off. Is this what is causing it?
The output from ifconfig is:
eth0Link encap:Ethernet HWaddr
inet addr:172.16.5.
Thursday 22 May 2003, alle 18:08, Theo Cabrerizo Diem:
: Hi,
:
: I like to know what u think about VPNs using PPTP/L2TP protocols ...
: I think freeswan is much better choise .. but I need to connect some
: clients to my network .. and those clients doesn't use linux :( .. but I
: do =)
: So
I have premoved promiscuous mode from my card. When checking ifconfig (eth0)
I am still getting all the network traffic flowing through my computer or at
least a lot of it. The system is sitting idle and I can see the traffic
going up a few meg a minute with no one accessing it. I have re-installed
On Fri, May 23, 2003 at 04:16:22PM +0200, Steffen Schulz wrote:
>
> Am I right that a local User is able to crash the system
> by putting evil data into these mysterious I/O-Ports?
I'm not sure, but I don't *think* that the attacker is free to
chose any target port.
> Is privilege escalation pos
Hi!
On Fri May 23, 2003 at 04:16:22PM +0200, Steffen Schulz wrote:
> Am I right that a local User is able to crash the system
> by putting evil data into these mysterious I/O-Ports?
> Is privilege escalation possible?
>
> Is this exploitable out of a chroot-jail(ssh,postfix)?
AFAICS this bug is
On 030523 at 13:20, Martin Helas wrote:
> On Don Mai 22, 2003 at 10:1621 +0100, Simon Huggins <[EMAIL PROTECTED]> wrote:
> > On Thu, May 22, 2003 at 01:50:51PM -0600, xbud wrote:
> > > FYI, http://marc.theaimsgroup.com/?|=linux-kernel&m=105271679705571&w=2
> >
> > You say 2.4 in the subject and it
On Fri, May 23, 2003 at 01:32:36AM +0100, Ian Goodall wrote:
> A while ago I installed snort on my debian woody box. After removing snort
> the card is still stuck in promiscuous mode. How can I stop this? If it
> helps my network is a FA310tx running on a tulip driver.
man 8 ifconfig
Try it, may
On Wed, 21 May 2003 at 01:01:10PM -0700, Tib wrote:
> > nmap (port scan) or Nessus> (vulnerability scans) scans from outside the
> > box,
> nmap installed, helped to block a bunch of ports with iptables
Your policy/rules should block ALL traffic (and ALL Ports) and
explicitly allow certain ports/
Hi,
I'm using NIS on my network.
It's locked down as much as it can be from the outside world (ipfilter
and tcp_wrappers) but I've just noticed any normal use can use ypcat to
look at the shadow map and obviously be able to see other users
encrypted passwords.
Although root isn't listed it's still
On Thu, May 22, 2003 at 08:52:12PM -0400, Rob French wrote:
> Hello again,
(...)
>
> So any thoughts as far as what I need to make sure I have standing by when
> I try to set all this up? Thanks!
>
Sure! Just read the "Securing Debian Manual" modulo the sections that do
not apply to you:
http:
On Wed, May 21, 2003 at 01:33:02PM -0700, Tib wrote:
>
> Well I found the debsums program, but unfortunately that hasn't solved
> anything. Here's what I run and this is what I get. There are a LOT more
> failures than just these, but these are the only two types of failures.
> How do I properly f
On Tue, May 20, 2003 at 08:58:16PM -0700, Tib wrote:
> I'm looking for information on packages that will do a nice job of keeping
> an eye on my system security-wise. PackageS because I know that no one
> packages can do it all.
http://www.debian.org/doc/manuals/securing-debian-howto/ch-sec-tools
On Wed, May 21, 2003 at 01:10:37PM -0700, Tib wrote:
> Where is it pulling it's md5sums for comparison? I keep getting failures
> off freshly installed packages and would love to have this part actually
> work as it is quite helpful I'm sure.
>
If you are running the deb_checkmd5sums check, it us
Baran YURDAGUL wrote:
> Is there any problem occurs If I bind mountd to just one port under
> 1024 ? Cause mount.d bind to 4 different port when it is started via
> automatically ? these are the Medium marked ISS scan results ..
Just to make sure I follow, an ISS scanner complained about finding
Is there any problem occurs If I bind mountd to just one port under 1024
? Cause mount.d bind to 4 different port when
it is started via automatically ?
these are the Medium marked ISS scan results ..
Jamie Heilman wrote:
Baran YURDAGUL wrote:
> I have to questions firts one how can I configure
* Quoting Kristof Goossens ([EMAIL PROTECTED]):
> On Thu, May 22, 2003 at 08:46:47PM -0400, Rob French wrote:
> > So, are any network/port-related tools useful?
>
> In my personal opinion it is ALWAYS usefull to know what is going on on your
> system. No mather how little ports are open...
>
> Yo
Baran YURDAGUL wrote:
> I have to questions firts one how can I configure mount.d on linux
> use reserved ports ?
man rpc.mountd
-p or --port
Force rpc.mountd to bind to the specified port,
instead of using the random port number assigned by
On Thu, May 22, 2003 at 08:46:47PM -0400, Rob French wrote:
[snip]
> So, are any network/port-related tools useful?
In my personal opinion it is ALWAYS usefull to know what is going on on your
system. No mather how little ports are open...
You said it was for your laptop, and thats why you sho
Hi All,
I have to questions firts one how can I configure mount.d on linux
use reserved ports ?
and the second is about the apache sever, how can i disable http trace
?
thanks..
--
Baran YURDAGUL
29 matches
Mail list logo
