Re: Daemon umask

Mike Mestnik wrote: > Actually I'm unsure if a shell would be invoked in most cases. For > example Apache starts as root and drops privs after opening up log > files(I wish someone would fix this) and port 80(I wish this could be > done with an ACL). Sorry, it's not clear to me what it is that y

Re: how to fix rootkit?

On Wed, 2012-02-08 at 22:56, Chris Davies wrote: > You can no longer trust the kernel [...] Milan P. Stanic wrote: > Of course, you are right here. But then I don't trust the CPU's. How we > know that the manufacturer od CPU, Ethernet card or anything, didn't put > s

Re: how to fix rootkit?

Milan P. Stanic wrote: > What about statically linked binaries on the external media (CD, DVD, > USB ...) which is write protected with 'execute in place' mode? You can no longer trust the kernel. Therefore you cannot trust ANY application that runs under that kernel, either directly or indirectl

Re: Default valid shells and home dir permissions

Poison Bit wrote: > Why filter to those in /etc/shells ? I mean... the filter should be > applied by the system :) Mainly because it's a convenient list of "real" shells, and some of the remote service applications require a shell to be in that list. FTP is one such that springs to mind. As a cou

Re: Default valid shells and home dir permissions

Davit Avsharyan wrote: > 1/ I'm wondering why most of the system users have valid shells by > default ? > /cat /etc/passwd | grep -E '(sh|bash)' | wc -l > *21*/ That's not necessarily sufficient to determine valid shells: the absence of a shell definition implies the use of /bin/sh, so you need

Re: Linux infected ?

Ralph Jenkin wrote: > Am I the only one thinking; "Wine can actually manage to get infected by > malware now? Cool." I've seen a fair number of discussions about this on usenet, so it's not new, no. Chris -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of

Re: Rainbow tables on Linux?

Johan 'yosh' Marklund <[EMAIL PROTECTED]> wrote: > the open source rainbow tables are about 121GB (if my memory > serves me correctly) and are only available via bittorrent. > I think it took me about 2 months to download them. > http://www.antsight.com/zsl/rainbowcrack/ Out of interest, how long

Re: What to do about SSH brute force attempts?

> Third use a non standart ssh port (for example ) Michael Tautschnig <[EMAIL PROTECTED]> wrote: > I'm not a huge fan of security by obscurity, so I'd rather stick with 22 for > now. Try it before you dismiss it out of hand. Chris -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subjec