On 15 Jul 2005, Jarosław Tabor wrote:
Hi all!
This is probably not the best list, but it may also be important from
security point of view.
You were right - this isn't the best list. :/
I've tried to check the version of some lib from my program, and it
looks, that the only way is to
On 5 Jul 2005, Paul Gear wrote:
Daniel Pittman wrote:
...
So, probably, the best way to go is allowing the R/E packets alongside their
new state counterparts. It also clarifies where the packets are accepted
and WHY. Also, iptables -v should be a lot more useful than before.
That was my
On 5 Jul 2005, Michael Stone wrote:
On Tue, Jul 05, 2005 at 10:00:53PM +1000, Daniel Pittman wrote:
/sbin/iptables -t filter -A in_world_http_s1 -p tcp --sport 1024:65535
--dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT /sbin/iptables
-t filter -A out_world_http_s1 -p tcp --sport 80
On 4 Jul 2005, Paul Gear wrote:
Daniel Pittman wrote:
...
Am i right in understanding that you consider accepting
RELATED/ESTABLISHED packets a bad thing?
No. Accepting *any* RELATED/ESTABLISHED packets is, though, if someone
finds an attack to generate entries in the conntrack table
On 5 Jul 2005, Eloi Granado wrote:
On Sunday, 3 de July de 2005 23:24, Paul Gear wrote:
Daniel Pittman wrote:
It also tends to encourage shortcuts in the firewall, like accepting
any RELATED/ESTABLISHED packets,
Am i right in understanding that you consider accepting
RELATED/ESTABLISHED
On 3 Jul 2005, Jakub Sporek wrote:
On Sun, 03 Jul 2005 05:07:02 +0200, Daniel Pittman [EMAIL PROTECTED]
wrote:
I found that 'firehol' was quite a surprise to me -- not only didn't it
suck, it actually improved my hand-written firewall somewhat.
Unlike everything else, it doesn't tell you
On 4 Jul 2005, Paul Gear wrote:
Daniel Pittman wrote:
...
Shorewall, like many firewall packages, gives you[1] a whole bunch of
configuration options, which turn on or off features in the pre-packaged
firewall you have.
This tends to make it hard to do strange things like playing with DSCP
On 4 Jul 2005, KC wrote:
[...]
*nat
:PREROUTING DROP [0:0]
:POSTROUTING DROP [0:0]
:OUTPUT DROP [0:0]
COMMIT
I thought that using a policy of DROP in the nat tables would result in
anything that wasn't NAT-ed being prevented from passing through by
iptables.
I can't find any documentation
On 3 Jul 2005, KC wrote:
I need help understanding what goes wrong in this script. I cannot ping
anyone and cannot resolve as well. In fact I believe the only thing I can
get is an ip address from my isp's dhcp server.
With sufficiently modern kernels, the DHCP client uses raw sockets, so
it
On 3 Jul 2005, KC wrote:
Daniel Pittman wrote:
On 3 Jul 2005, KC wrote:
I need help understanding what goes wrong in this script. I cannot ping
anyone and cannot resolve as well. In fact I believe the only thing I can
get is an ip address from my isp's dhcp server.
[...]
I can't spot
On 31 Mar 2005, JM wrote:
You can use pinning to pull in some packages from testing to stable or
whatever if you really must.
My experiences with pining have been good in the begining but, sooner or
later, I ended up with a broken system. Happy now running sarge but I
recognize the value of
On 11 Mar 2005, [EMAIL PROTECTED] wrote:
I am having a problem in logging into my linux machine it is saying me
that authentication failure
Try putting in the correct username and password; that should solve
that problem.
More seriously: this isn't a bug report, or a problem, it is a
On 18 Feb 2005, kurt kuene wrote:
* I have to use testing (sarge). *
Have to?
All of my 3 webservers (apache php mysql java tomcat). on two other
webserver I run woody with some packages from sarge (apt-pining) and
the mail relay servers (spamassasin amavisd postfix clamav).
IIRC, all of
On 22 Oct 2004, Jan Lhr wrote:
because of the recent xpdf issues I tested the access restrictions of some
users like lp, mail, etc. with default settings in sarge. I noticed that, by
default, no acl were used to prevent access to vital system commands, the
user shouldn't have. For instance:
On 23 Oct 2004, Jan Lhr wrote:
Am Freitag, 22. Oktober 2004 14:02 schrieb Daniel Pittman:
On 22 Oct 2004, Jan Lhr wrote:
because of the recent xpdf issues I tested the access restrictions of
some users like lp, mail, etc. with default settings in sarge. I noticed
that, by default, no acl were
On 6 Oct 2004, Emil Perhinschi wrote:
Sorry to bother, but is this an attack? I get repeated requests for a
file favicon.ico that should have been, or so the client connecting
believes, in the root of my htdocs.
Yup. Ages ago Microsoft added support for displaying that icon next to
various
On 28 Sep 2004, Dariusz Pietrzak wrote:
ftp == good enough for public upload and download in a chroot
environment.
scp == the preferred method for data transfer between machines. Nearly
as fast on semi-modern machines. pscp == the windows equivalent for
regault *NIXX scp.
What is wrong
On 28 Sep 2004, Dariush Pietrzak wrote:
I don't know what you imagine is encrypted in FTP, though, since that
is not part of the specification or the standard implementations.
oh, not part of THIS: http://www.ietf.org/rfc/rfc2246.txt specification?
that is like, what, 5 years old?
Why, no.
On 28 Sep 2004, Bernd Eckenfels wrote:
In article [EMAIL PROTECTED] you wrote:
Alternately, with sed:
] sed -si.orig -e '...' `find . -name '...'`
More safely, but with more forks:
] find . -name '...' -print0 | xargs -0 sed -si.orig -e '...'
BTW: I dont see how xarg would do more forks
On 27 Sep 2004, Dale Amon wrote:
A couple years ago I ran across a sed like program that will
recursively descend through a tree and apply specified edits in place.
I have searched my notes, gone through the deb available and have not
been able to find it. Might just have been something on
On 1 Sep 2004, Jim Richardson wrote:
On Tue, 31 Aug 2004 16:50:09 +0200,
Adrian 'Dagurashibanipal' von Bidder [EMAIL PROTECTED] wrote:
On Tuesday 31 August 2004 13.30, Volker Tanger wrote:
[spyware/adware/trojans/...:]
Yes and no. When surfing as normal user *ware programs cannot install
On 1 Sep 2004, s. keeling wrote:
Incoming from Daniel Pittman:
*Most* mail clients under Unix are better written than to do that, but
Even mutt (a terrific MUA) _can be told_ to automatically handle
MIME types for you, if you want. It just depends what's in your
/.mailcap, and that can
On 31 Aug 2004, Physics IT Support via wrote:
This message has been automatically generated in response to the
creation of a trouble ticket regarding: [SECURITY] [DSA 542-1] New Qt
packages fix arbitrary code execution and denial of service, a
summary of which appears below.
There is no need
On 24 Aug 2004, Robert Trebula wrote:
Maybe you have already noticed - collisions have been found in MD5
hashing algorithm:
http://eprint.iacr.org/2004/199.pdf
http://www.freedom-to-tinker.com/archives/000664.html
http://www.unixwiz.net/techtips/iguide-crypto-hashes.html
My question is:
On 24 Aug 2004, Sam Vilain wrote:
Robert Trebula wrote:
Maybe you have already noticed - collisions have been found in MD5
hashing algorithm:
[...]
I think cryptanalysts have 'cracked' pretty much all of them, though
with practically prohibitive costs of cracking them (eg, 2^50 for
On 25 Aug 2004, Matthew Palmer wrote:
On Tue, Aug 24, 2004 at 12:20:24PM -0400, Phillip Hofmeister wrote:
On Tue, 24 Aug 2004 at 10:50:38AM -0400, Daniel Pittman wrote:
Be aware that this sort of technique multi-encryption technique can
lead to significant exposures when applied to traditional
On 20 Aug 2004, Don Froien, III wrote:
I was recently in a meeting where members of the IT group propose to
use a utility called WebEx to perform remote compiles. Webex offers
SSL encrypted transfers and the ability to offer only selected members
to the meeting (remote compile in this case)
On 14 Aug 2004, s. keeling wrote:
Incoming from Bernd Eckenfels:
In article [EMAIL PROTECTED] you wrote:
Aug 12 04:36:53 towern kernel: |iptables -- IN=ppp0 OUT= MAC=
SRC=201.129.122.85 DST=12.65.24.43 LEN=48 TOS=0x00 PREC=0x00 TTL=115
ID=40023 DF PROTO=TCP SPT=4346 DPT=445 WINDOW=16384
On 24 Jul 2004, [EMAIL PROTECTED] wrote:
Any package in Debian that will automatically run all /etc/init.d based
deamons in jail / chroot?
No, because it is not possible to provide a generic solution to running
daemons under a chroot, for a variety of reasons.
Regards,
Daniel
--
On 16 Jun 2004, Hubert Chan wrote:
Russell == Russell Coker [EMAIL PROTECTED] writes:
Russell On Fri, 11 Jun 2004 22:34, Patrick Maheral [EMAIL PROTECTED] wrote:
[...]
SpamAssassin will check for hashcash in the future. Support is already
present in the development version of SpamAssassin.
On 16 Jun 2004, Hubert Chan wrote:
Russell == Russell Coker [EMAIL PROTECTED] writes:
Russell On Fri, 11 Jun 2004 22:34, Patrick Maheral [EMAIL PROTECTED] wrote:
[...]
SpamAssassin will check for hashcash in the future. Support is already
present in the development version of SpamAssassin.
On 14 Jun 2004, Bernd Eckenfels wrote:
In article [EMAIL PROTECTED] you wrote:
This sort of thing is why I would rather use any RBL within
SpamAssassin, rather than at SMTP delivery time. Even if one of these
services goes completely belly up and blacklists the world, I don't
automatically
On 14 Jun 2004, Bernd Eckenfels wrote:
In article [EMAIL PROTECTED] you wrote:
This sort of thing is why I would rather use any RBL within
SpamAssassin, rather than at SMTP delivery time. Even if one of these
services goes completely belly up and blacklists the world, I don't
automatically
On 14 Jun 2004, Noah Meyerhans wrote:
On Sun, Jun 13, 2004 at 07:46:15PM +0300, Vassilii Khachaturov wrote:
What are the recommended rbl's these days?
Best thing is ask on NANAE or exim-users or whatever your favourite MTA is.
Here's what I am using here RBL-wise:
rbl_domains =
On 12 Jun 2004, Christian Christmann wrote:
I just checked my /var/log/samba and found
bunch of log files:
log.shitbanda log.familj
log.mario-t3psqfw32 log.talentoaa
log.syb07 log.50163099sp
log.gustavo log.momerdadd
log.rampeiras
On 12 Jun 2004, Christian Christmann wrote:
I just checked my /var/log/samba and found
bunch of log files:
log.shitbanda log.familj
log.mario-t3psqfw32 log.talentoaa
log.syb07 log.50163099sp
log.gustavo log.momerdadd
log.rampeiras
On 2 Jun 2004, Remco Seesink wrote:
I tried the question below first on debian-mentors but harvested silence.
Hopefully it is more on topic here.
In part, that is probably because you asked a very hard question. :)
[...]
I am packaging ibwebadmin, a web administration tool for firebird
and
On 2 Jun 2004, Remco Seesink wrote:
I tried the question below first on debian-mentors but harvested silence.
Hopefully it is more on topic here.
In part, that is probably because you asked a very hard question. :)
[...]
I am packaging ibwebadmin, a web administration tool for firebird
and
On Tue, 27 Apr 2004, Dan Christensen wrote:
Daniel Pittman [EMAIL PROTECTED] writes:
On Mon, 26 Apr 2004, George Georgalis wrote:
On Mon, Apr 26, 2004 at 06:44:35PM +0200, LeVA wrote:
So when I'm getting a large amount of messages there is approx.
15-20 spamc/spamd running. I want to limit
On Tue, 27 Apr 2004, Emmanuel Lacour wrote:
On Mon, Apr 26, 2004 at 07:08:05PM +0200, Thomas Schuering wrote:
Hi,
So when I'm getting a large amount of messages there is approx.
15-20 spamc/spamd running. I want to limit this to ~5. How can I do
this.
/usr/sbin/spamd -d -m 5
'-d'
On Mon, 26 Apr 2004, George Georgalis wrote:
On Mon, Apr 26, 2004 at 06:44:35PM +0200, LeVA wrote:
I have a 'spam' user, and I've set up postfix, to run a tiny little
script as this 'spam' user. This script accepts messages thru the
stdin, and it filters the message thru the spamd daemon with
On Sun, 11 Apr 2004, Noah Meyerhans wrote:
On Sun, Apr 11, 2004 at 11:15:10AM +0200, LeVA wrote:
I always compile the latest stable 2.4 kernel with loadable modules
disabled, but I don't apply any kernel patches.
Is this safe, or I must apply some security patch?
None of the recent
On Sun, 11 Apr 2004, Noah Meyerhans wrote:
On Sun, Apr 11, 2004 at 11:15:10AM +0200, LeVA wrote:
I always compile the latest stable 2.4 kernel with loadable modules
disabled, but I don't apply any kernel patches.
Is this safe, or I must apply some security patch?
None of the recent
43 matches
Mail list logo