On Fri, Jun 27, 2003 at 02:15:12PM +, Jason Lunz wrote:
> [orr](0) # gpg --keyring /usr/share/keyrings/debian-keyring.gpg --list-keys
> Archive
> gpg: error reading key: public key not found
>
> Where should I get the key? And why isn't it in debian-keyring? I've got
> the current sid versio
On Fri, Jun 27, 2003 at 02:15:12PM +, Jason Lunz wrote:
> [orr](0) # gpg --keyring /usr/share/keyrings/debian-keyring.gpg --list-keys Archive
> gpg: error reading key: public key not found
>
> Where should I get the key? And why isn't it in debian-keyring? I've got
> the current sid version.
On Fri, Jun 27, 2003 at 03:58:14AM +0200, Christian Kujau wrote:
> hi,
>
> recently i set up a crypted filesystem and use it already successfully.
> 'cause i'm lazy, i've always used the option "-p" when initializing the
> loop-device via losetup:
You should probably go over to linux-crypto. If
Is it possible to run all programs including clients (browser, mp3
player, compiler, ...) under separate accounts just like servers? Would
it be possible to add this as an option when installing the system?
The problem I have there, I am developer (but not debian developer) and
I have full write a
Hi!
I'm relative new to debian having my first big problem today :-(. I'm
running 3.0 stable on self-compiled grsec-2.4.18-kernel.
Today I rebooted the system and now a normal user-account cannot login
via ssh2 anymore (sshd[1107]: Failed password for cp from 127.0.0.1 port
32773 ssh2). Root can lo
On Fri, Jun 27, 2003 at 03:58:14AM +0200, Christian Kujau wrote:
> hi,
>
> recently i set up a crypted filesystem and use it already successfully.
> 'cause i'm lazy, i've always used the option "-p" when initializing the
> loop-device via losetup:
You should probably go over to linux-crypto. If
Is it possible to run all programs including clients (browser, mp3
player, compiler, ...) under separate accounts just like servers? Would
it be possible to add this as an option when installing the system?
The problem I have there, I am developer (but not debian developer) and
I have full write a
Hi!
I'm relative new to debian having my first big problem today :-(. I'm
running 3.0 stable on self-compiled grsec-2.4.18-kernel.
Today I rebooted the system and now a normal user-account cannot login
via ssh2 anymore (sshd[1107]: Failed password for cp from 127.0.0.1 port
32773 ssh2). Root can lo
Dear Robert,
IMHO you should switch to iptables. Concerning the configuration of
iptables, install the package shorewall and check out
http://www.shorewall.net I switched a year ago from ipchains to
iptables and configure my firewall within a few days just by reading the
two following docume
On Fri, 2003-06-27 at 04:48, Linux wrote:
> Hi
>
> Have anybody a good recommendation for an easy to use firewall with port
> forwarding ?
>
> I got a home network with a dedicated (Debian of course) firewall box with
> ADSL connected, and ipmasq package installed.
>
> My problem is that I don
Shorewall is the best in my honest opinion.
It's part of the Debian package list.
Check the IPtables version.
-Original Message-
From: Linux [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 26, 2003 10:48 PM
To: debian-security@lists.debian.org
Subject: Firewall with iptables and forward
Dear Robert,
IMHO you should switch to iptables. Concerning the configuration of
iptables, install the package shorewall and check out
http://www.shorewall.net I switched a year ago from ipchains to
iptables and configure my firewall within a few days just by reading the
two following documen
On Fri, 2003-06-27 at 04:48, Linux wrote:
> Hi
>
> Have anybody a good recommendation for an easy to use firewall with port
> forwarding ?
>
> I got a home network with a dedicated (Debian of course) firewall box with
> ADSL connected, and ipmasq package installed.
>
> My problem is that I don
Shorewall is the best in my honest opinion.
It's part of the Debian package list.
Check the IPtables version.
-Original Message-
From: Linux [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 26, 2003 10:48 PM
To: [EMAIL PROTECTED]
Subject: Firewall with iptables and forwarding
Hi
Have
On Thu, 2003-06-26 at 14:37, Matteo Vescovi wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi all,
> I already posted this message to the list but "murphy" decided it wasn't
> written well enough (just to say it never arrived!).
[***SNIP!!!***]
I wouldn't fault murphy directly - a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 26 June 2003 20:37, Matteo Vescovi wrote:
> Hi all,
> I already posted this message to the list but "murphy" decided it wasn't
> written well enough (just to say it never arrived!).
Not my fault!!! See the date and time of the message.
Sor
Hi Robert!
>
> Have anybody a good recommendation for an easy to use
> firewall with port forwarding ?
>
> Any suggestions or recommendations ?
>
I'm using Shorewall (www.shorewall.net). Very good firewall based on
IPTables, easy to configure, very active development, very good
documentation.
On Thu, 26 Jun 2003, Jon wrote:
> > tcp 0 1 192.168.0.1:33933 63.236.73.20:80 SYN_SENT
> > 4055/evolution-exec
>
> And... I'm not sure about this one, but it's probably another item on
> the Summary page.
# hinfo -n 63.236.73.20
Processing 63.236.73.20 (63.236.73.20)
63.236.73.20 is in selwerd XB
Quoting Linux <[EMAIL PROTECTED]>:
> Hi
>
> Have anybody a good recommendation for an easy to use firewall with
> port forwarding ?
>
> I got a home network with a dedicated (Debian of course) firewall box
> with ADSL connected, and ipmasq package installed.
>
> My problem is that I don't know
On Fri, 27 Jun 2003 14:48, Linux wrote:
> Have anybody a good recommendation for an easy to use firewall with port
> forwarding ?
>
> I got a home network with a dedicated (Debian of course) firewall box with
> ADSL connected, and ipmasq package installed.
>
> My problem is that I don't know HOW I
On Friday 27 June 2003 05:48, Linux wrote:
> My problem is that I don't know HOW I should put in the various rules in
> ipmasq => Which makes me look for something simpler or some examples or
> tips.
>
> What I want to do is open up for incoming mail and http to be able to
> access my mailserver a
On Thu, 2003-06-26 at 14:37, Matteo Vescovi wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi all,
> I already posted this message to the list but "murphy" decided it wasn't
> written well enough (just to say it never arrived!).
[***SNIP!!!***]
I wouldn't fault murphy directly - a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 26 June 2003 20:37, Matteo Vescovi wrote:
> Hi all,
> I already posted this message to the list but "murphy" decided it wasn't
> written well enough (just to say it never arrived!).
Not my fault!!! See the date and time of the message.
Sor
Hi Robert!
>
> Have anybody a good recommendation for an easy to use
> firewall with port forwarding ?
>
> Any suggestions or recommendations ?
>
I'm using Shorewall (www.shorewall.net). Very good firewall based on
IPTables, easy to configure, very active development, very good
documentation.
On Thu, 26 Jun 2003, Jon wrote:
> > tcp 0 1 192.168.0.1:33933 63.236.73.20:80 SYN_SENT
> > 4055/evolution-exec
>
> And... I'm not sure about this one, but it's probably another item on
> the Summary page.
# hinfo -n 63.236.73.20
Processing 63.236.73.20 (63.236.73.20)
63.236.73.20 is in selwerd XB
Quoting Linux <[EMAIL PROTECTED]>:
> Hi
>
> Have anybody a good recommendation for an easy to use firewall with
> port forwarding ?
>
> I got a home network with a dedicated (Debian of course) firewall box
> with ADSL connected, and ipmasq package installed.
>
> My problem is that I don't know
On Fri, 27 Jun 2003 14:48, Linux wrote:
> Have anybody a good recommendation for an easy to use firewall with port
> forwarding ?
>
> I got a home network with a dedicated (Debian of course) firewall box with
> ADSL connected, and ipmasq package installed.
>
> My problem is that I don't know HOW I
On Friday 27 June 2003 05:48, Linux wrote:
> My problem is that I don't know HOW I should put in the various rules in
> ipmasq => Which makes me look for something simpler or some examples or
> tips.
>
> What I want to do is open up for incoming mail and http to be able to
> access my mailserver a
Hi, Alexander...
On Thu, Jun 26, 2003 at 11:32:56PM +0200, Alexander Schmehl wrote:
> I just finished the translation of the security howto to german, but
> some parts are very ugly hacked.
>
> It would be very nice, if some of you would review my translation (or
> at least small parts of it), an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 26 June 2003 23:15, Matt Zimmerman wrote:
> Use the LOG target to see which packets are being rejected.
Done. Thanks. Phillip gave me right hints.
Now everything works fine.
Thanks everyone.
See you.
Matteo
- --
Matteo Vescovi
Email: mb
* Alexander Schmehl <[EMAIL PROTECTED]> wrote:
> I just finished the translation of the security howto to german, but
> some parts are very ugly hacked.
Which ones do you exactly mean? This could be helpful to know in order
to read those parts/chapters more carefully than usual. :-)
> It would b
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Try ...
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
KDE needs to be able to talk to it's sub systems via the localhost
interface.
On Thursday 26 Jun 2003 11:34 am, Matteo Vescovi wrote:
: Hi all,
: I'm a newbie on firewalli
[EMAIL PROTECTED] said:
> This is a call to the community to help test and audit this patch to
> APT, and to eventually participate in the policy discussion about the
> patch.
>
> Please see http://monk.debian.net/apt-secure/ for more information and
> to download Debian packages.
I'm trying the
hi,
recently i set up a crypted filesystem and use it already successfully.
'cause i'm lazy, i've always used the option "-p" when initializing the
loop-device via losetup:
losetup -k 128 -p 12 -e serpent /dev/loop6 /dev/sdb2
that way, i don't have to type in the passphrase manually (instead,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ran into this one a few weeks ago
KDE & some of it's component subsystems seem to
use connections via the localhost interface
I used the following to allow all and any traffic on lo:
/sbin/iptables -A OUTPUT -o lo -j ACCEPT
/sbin/iptables -A INPUT -
Hi, Alexander...
On Thu, Jun 26, 2003 at 11:32:56PM +0200, Alexander Schmehl wrote:
> I just finished the translation of the security howto to german, but
> some parts are very ugly hacked.
>
> It would be very nice, if some of you would review my translation (or
> at least small parts of it), an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 26 June 2003 23:15, Matt Zimmerman wrote:
> Use the LOG target to see which packets are being rejected.
Done. Thanks. Phillip gave me right hints.
Now everything works fine.
Thanks everyone.
See you.
Matteo
- --
Matteo Vescovi
Email: mb
* Alexander Schmehl <[EMAIL PROTECTED]> wrote:
> I just finished the translation of the security howto to german, but
> some parts are very ugly hacked.
Which ones do you exactly mean? This could be helpful to know in order
to read those parts/chapters more carefully than usual. :-)
> It would b
38 matches
Mail list logo