On Thu, 2005-03-03 at 11:54, David Mandelberg wrote:
> Physical access means they can touch the machine. Local access means they can
> log into the machine. Often local access is further restricted to mean they
> can
> log in and get a real shell (i.e. the shell isn't /usr/sbin/pppd).
I tend to p
One of my mail servers runs sendmail and some extra security features
are implemented in the Local_check_relay ruleset---in particualr it only
allows a small list of IP addresses to connect.
There are also a few other Local_check_* rulesets which are non-standard
and do things like tweaking the re
On Tue, 2004-11-02 at 19:55, Raffaele D'Elia wrote:
> Hi all,
>
> I have a firewall with 3 NICs (LAN,DMZ,ROUTER); this is a single point of
> failure, of course! I've decided to build a backup firewall, with similar
> hardware (just in case) and the same config.
> Now the problem: I have only a cr
On Sun, 2004-10-24 at 15:30, Michael Stone wrote:
> On Sun, Oct 24, 2004 at 10:54:28AM +0200, Jan LÃhr wrote:
> >What do you expect here? Of course there is a tradional unix approach (groups
> >-ugly one I admit - and a more clean approach using posix acls)
>
I think groups might be enough here.
Nobody has brought this up, so I guess it up to me to do so. A lot of
windows {ad,spy,mal}ware does *not* require you to click on anything or
explicilty install anything. All you need to do is visit the "right" web
page or preview an appropriate HTML email. ActiveX and IE security flaws
do the rest
It is not always enough or required to find something that has the right
hash value. With windows a modified client can authentication just by
knowing the hash value (and there is no salt). [Windows does not use
MD5, but that is beside the point.]
What I have implemented on the web requires knowle
You might see a few, IMHO misguided, people implementing sender
pre-authentication systems. A very few high-profile people might
actually have justpficiation for a system that passes some senders to
them and everyone else via their helpers for dealing with fan mail.
Wide-scale deployment of sender
You might see a few, IMHO misguided, people implementing sender
pre-authentication systems. A very few high-profile people might
actually have justpficiation for a system that passes some senders to
them and everyone else via their helpers for dealing with fan mail.
Wide-scale deployment of sender
8 matches
Mail list logo