On Wed, Oct 29, 2003 at 09:11:24PM -0500, Phillip Hofmeister wrote:
> I think there is a race condition that was discussed before about
> rootkit checkers. First it reads in data from the PS command. It then
> stores this data in a buffer. Then it reads /proc (or visa-versa, I
> forget the order
On Thu, Oct 30, 2003 at 12:12:27AM +0900, Hideki Yamane wrote:
> Do you know about apache security issue?
Yes. According to the Apache maintainers, woody does not require an update.
--
- mdz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [E
On Wed, 29 Oct 2003 at 02:59:17PM -0500, Michael Bordignon wrote:
> I have chkrootkit running nightly and mailing results to me - last night it
> reported this:
>
> Checking `lkm'... You have 1 process hidden for readdir command
> You have 1 process hidden for ps command
> Warning: Possibl
> two major choices:
>
> 1) leave it online recording ALL traffic to and from it
>
> 2) take it offline immediately and analyze it there without
> remote interference
I'm starting to think it was chkrootkit misreporting what was happening, as
after I rebooted the machine, there are now
a) no
On Wed, 29 Oct 2003 at 02:59:17PM -0500, Michael Bordignon wrote:
> I have chkrootkit running nightly and mailing results to me - last night it
> reported this:
>
> Checking `lkm'... You have 1 process hidden for readdir command
> You have 1 process hidden for ps command
> Warning: Possibl
> two major choices:
>
> 1) leave it online recording ALL traffic to and from it
>
> 2) take it offline immediately and analyze it there without
> remote interference
I'm starting to think it was chkrootkit misreporting what was happening, as
after I rebooted the machine, there are now
a) no
Cc: [EMAIL PROTECTED]
Package: apache
Version: 1.3.26-0woody3
Tags: security
Severity: grave
I have checked th full bug list also. It does not appear a bug has
been filed yet. Therefore I have filed a bug with this email. If you
have anything additional to add please wait until it shows up on
hello,
I have chkrootkit running nightly and mailing results to me - last night it
reported this:
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
Warning: Possible LKM Trojan installed
Checking `sniffer'...
PROMISC mode detected in
In article <[EMAIL PROTECTED]>
[EMAIL PROTECTED] writes:
>I administer a LAN that will soon be moved from private to public IP
>space. The LAN is inside a university network and as such in a rather
>hostile environment.
Another alternative is a proxy-arp firewall. See
http://www.blars.org/sapaf.
Cc: [EMAIL PROTECTED]
Package: apache
Version: 1.3.26-0woody3
Tags: security
Severity: grave
I have checked th full bug list also. It does not appear a bug has
been filed yet. Therefore I have filed a bug with this email. If you
have anything additional to add please wait until it shows up on
In article <[EMAIL PROTECTED]>
[EMAIL PROTECTED] writes:
>I administer a LAN that will soon be moved from private to public IP
>space. The LAN is inside a university network and as such in a rather
>hostile environment.
Another alternative is a proxy-arp firewall. See
http://www.blars.org/sapaf.
hello,
I have chkrootkit running nightly and mailing results to me - last night it
reported this:
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
Warning: Possible LKM Trojan installed
Checking `sniffer'...
PROMISC mode detected in
Hi list,
Do you know about apache security issue?
apache 1.3.29 release announcement is here.
http://www.apache.org/dist/httpd/Announcement.txt
this apache 1.3 release includes security fix.
> Apache 1.3.29 Major changes
>
> Security vulnerabilities
>
> * CAN-2003-0
Hi list,
Do you know about apache security issue?
apache 1.3.29 release announcement is here.
http://www.apache.org/dist/httpd/Announcement.txt
this apache 1.3 release includes security fix.
> Apache 1.3.29 Major changes
>
> Security vulnerabilities
>
> * CAN-2003-0
> as opposed to a setup with a firewall+router.
With Linux there are few problems with transparent firewalling setup - ie,
normal iptables don't work with such setup to well, you need to use special
bridge-iptables, ebtables IIRC. One drawback to that is that you can't do
everything your'e used to
Hello everyone,
I administer a LAN that will soon be moved from private to public IP
space. The LAN is inside a university network and as such in a rather
hostile environment.
At the moment there is a firewall with a public IP doing all the
filtering and a NAT/router box behind this. Now I'm thin
> as opposed to a setup with a firewall+router.
With Linux there are few problems with transparent firewalling setup - ie,
normal iptables don't work with such setup to well, you need to use special
bridge-iptables, ebtables IIRC. One drawback to that is that you can't do
everything your'e used to
Hello everyone,
I administer a LAN that will soon be moved from private to public IP
space. The LAN is inside a university network and as such in a rather
hostile environment.
At the moment there is a firewall with a public IP doing all the
filtering and a NAT/router box behind this. Now I'm thin
18 matches
Mail list logo