Some of the options can break user-space software.
To me, grsecurity patches are far more secure than any i know.
While standard kernels are exploitable of ptrace-kmod, grsecurity
pacthed kernel never let a local user to exploit the kernel.
http://www.grsecurity.net
--
To
Some of the options can break user-space software.
To me, grsecurity patches are far more secure than any i know.
While standard kernels are exploitable of ptrace-kmod, grsecurity
pacthed kernel never let a local user to exploit the kernel.
http://www.grsecurity.net
My Debian box:
Connection closed by foreign host.
[EMAIL PROTECTED]:~ telnet xx.com 22
Trying 203.167.224....
Connected to xx.com.
Escape character is '^]'.
SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1
To be brief, I don't usually come accross that there is an exploit
for only
is what logcheck emailed me:
- -- snip --
Jun 16 04:36:02 jack sshd[20026]: Connection from 212.202.204.149 port 2323
Jun 16 04:36:03 jack sshd[20027]: Connection from 212.202.204.149 port 2810
Jun 16 04:36:04 jack sshd[20027]: scanned from 212.202.204.149 with
SSH-1.0-SSH_Version_Mapper.
My Debian box:
Connection closed by foreign host.
[EMAIL PROTECTED]:~ telnet xx.com 22
Trying 203.167.224....
Connected to xx.com.
Escape character is '^]'.
SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1
To be brief, I don't usually come accross that there is an exploit
for only
is what logcheck emailed me:
- -- snip --
Jun 16 04:36:02 jack sshd[20026]: Connection from 212.202.204.149 port 2323
Jun 16 04:36:03 jack sshd[20027]: Connection from 212.202.204.149 port 2810
Jun 16 04:36:04 jack sshd[20027]: scanned from 212.202.204.149 with
SSH-1.0-SSH_Version_Mapper.
On Fri, May 23, 2003 at 01:32:36AM +0100, Ian Goodall wrote:
A while ago I installed snort on my debian woody box. After removing snort
the card is still stuck in promiscuous mode. How can I stop this? If it
helps my network is a FA310tx running on a tulip driver.
man 8 ifconfig
Try it, maybe
going back to root means that you do not know who did what. sudo gets
logged, so you know who did what. that is way more important security
wise than not running sudo and having 5 people use root wih no logging.
the second hing is that if you did wan to limit people to certain
commands
Mayba, I can add my comments here.
recently, a kernel bug exploited and linux kernel developers patched it
already. ptrace-kmod exploit. A local user can run suid shell with just
using an exploit. Maybe hacking -- if there is-- may be done via this too.
But, according to me too, backups are
Maybe, I can add my comments here.
recently, a kernel bug exploited and linux kernel developers patched it
already. ptrace-kmod exploit. A local user can run suid shell with just
using an exploit. Maybe hacking -- if there is-- may be done via this too.
But, according to me too, backups are
Maybe, I can add my comments here.
recently, a kernel bug exploited and linux kernel developers patched it
already. ptrace-kmod exploit. A local user can run suid shell with just
using an exploit. Maybe hacking -- if there is-- may be done via this too.
But, according to me too, backups are
This is more than an exploit. It is marvellous and smartness.
Thank god we know the bug now!
On Fri, Mar 21, 2003 at 09:18:42AM +0100, Yndy wrote:
Hi all!
http://isec.pl/cliph/isec-ptrace-kmod-exploit.c
Yndy
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
I need to add smtp-auth capabilities to a postfix MTA. The postifix
documentation talks about sasl to do this. Is this method secure?
Exist other (better or more secure) alternatives?
thanks to all,
bye
By the way is there a URL for full qualified postfix MTA howto?
That will be so
I need to add smtp-auth capabilities to a postfix MTA. The postifix
documentation talks about sasl to do this. Is this method secure?
Exist other (better or more secure) alternatives?
thanks to all,
bye
By the way is there a URL for full qualified postfix MTA howto?
That will be so
Hi all,
Where can i find a code that tests a vulnerable OpenSSH trojaned server.
Or if i should write the code, What is this trojan server's
specifications?
, Halil Demirezen wrote:
Hi all,
Where can i find a code that tests a vulnerable OpenSSH trojaned server.
Or if i should write the code, What is this trojan server's
specifications?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
I installl my Debian system on 29th July. and i get the packets from
mirror security.debian... as anyone can say , should i be worried.?
On Thu, 1 Aug 2002, Dale Amon wrote:
On Thu, Aug 01, 2002 at 03:06:47PM -0500, Daniel J. Rychlik wrote:
Should debian users be worried if they only
I wanna make it clear.
We are using OpenSSH_3.4p1 Debian 1:3.4p1-1, SSH protocols 1.5/2.0,
OpenSSL 0x0090603f
and we installed the ssh from the deb packages using
apt-get install utility.
I wonder if there is any risk on this stable version of OpenSSH (Debian)
undependent from openbsd's source
I am planning to write code that will load the users terminal screens to
my screen. And root will surely manage that. Is there anyone to tell me
any link which contains information about this subject.
Sincereley.
/---\
/ [EMAIL
I am planning to write code that will load the users terminal screens to
my screen. And root will surely manage that. Is there anyone to tell me
any link which contains information about this subject.
Sincereley.
/---\
/ [EMAIL
How can i solve the problem that after i ping my computer(server) with
ping localhost for about 160 times, the system starts not to give
response and the load average of the cpu raises to the %81.
and i can manage this under an ordinary user account.
So a normal user can make the whole system
How can i solve the problem that after i ping my computer(server) with
ping localhost for about 160 times, the system starts not to give
response and the load average of the cpu raises to the %81.
and i can manage this under an ordinary user account.
So a normal user can make the whole system
is there anyone who can tell me where the dns domain name server's conf
file...
-
| -EGE UNIVERSITY |
|| | COMPUTER ENGINEERING |
some answers.
[On 08 Aug, 2001, Halil Demirezen wrote in Unidentified subject! ]
is there anyone who can tell me where the dns domain name server's conf
file...
-
| -EGE UNIVERSITY
61 |
| - |
| /*\ Love, Respect, |
| /***\ LINUX|
-
On Wed, 8 Aug 2001, Halil Demirezen wrote:
i want
, you will figure
out how to run it in a chroot'd environment as a non-root user.
G'luck.
phil.
Halil Demirezen wrote:
Think that my machines hostname is eam.debian-tr.org and
think that mac.eam.debian-tr.org has got another ip
and when a request comes, it will firstly meet my machine
is there anyone who can tell me where the dns domain name server's conf
file...
-
| -EGE UNIVERSITY |
|| | COMPUTER ENGINEERING |
', that should give you some answers.
[On 08 Aug, 2001, Halil Demirezen wrote in Unidentified subject! ]
is there anyone who can tell me where the dns domain name server's conf
file
some answers.
[On 08 Aug, 2001, Halil Demirezen wrote in Unidentified subject! ]
is there anyone who can tell me where the dns domain name server's conf
file...
-
| -EGE UNIVERSITY
|
| - |
| /*\ Love, Respect, |
| /***\ LINUX|
-
On Wed, 8 Aug 2001, Halil Demirezen wrote:
i want
will figure
out how to run it in a chroot'd environment as a non-root user.
G'luck.
phil.
Halil Demirezen wrote:
Think that my machines hostname is eam.debian-tr.org and
think that mac.eam.debian-tr.org has got another ip
and when a request comes, it will firstly meet my machine
When I first install the Debian, I have specified apt source -
cdrom. But, after I downloaded a deb pack. into the harddisk, I could not
install it by using apt-get install ...
Can you give example changes in the
/usr/share/doc/apt/examples/source.list file?
Should I configure this file or
Sevgi, Saygi, LINUX!!!
On Tue, 17 Jul 2001, Halil Demirezen wrote:
When I first install the Debian, I have specified apt source -
cdrom. But, after I downloaded a deb pack. into the harddisk, I could not
install it by using apt-get install ...
Can you give example changes in the
/usr
When I first install the Debian, I have specified apt source -
cdrom. But, after I downloaded a deb pack. into the harddisk, I could not
install it by using apt-get install ...
Can you give example changes in the
/usr/share/doc/apt/examples/source.list file?
Should I configure this file or take
Sevgi, Saygi, LINUX!!!
On Tue, 17 Jul 2001, Halil Demirezen wrote:
When I first install the Debian, I have specified apt source -
cdrom. But, after I downloaded a deb pack. into the harddisk, I could not
install it by using apt-get install ...
Can you give example changes in the
/usr
i wanna know how can i make a floppy bootable and it will run directly my
program that i write in c or any other programinng languages.
for exaple think that you are writing a kernel and you should need some
othere files to provide the booting.. is there something master boot
recort for floopy???
i wanna know how can i make a floppy bootable and it will run directly my
program that i write in c or any other programinng languages.
for exaple think that you are writing a kernel and you should need some
othere files to provide the booting.. is there something master boot
recort for floopy???
37 matches
Mail list logo