ers bandwidth/disk space,
if anyone wishes to further discuss the questions I raised above,
or try to flame me, please send your email to:
<[EMAIL PROTECTED]>
On Sun, Jul 22, 2001 at 01:57:24AM -0800, Ethan Benson wrote:
> On Sun, Jul 22, 2001 at 07:11:04PM +1000, CaT wrote:
> >
On Sun, Jul 22, 2001 at 07:11:04PM +1000, CaT wrote:
> > Please, quote me on where I have contradicted that.
>
> Right below.
>
Nothing is contradicting that.
>
> If you only wanted to talk about apt-get you should've stuck to it.
>
Then I'm to ignore all other questions and ideas, as well per
On Sun, Jul 22, 2001 at 12:44:19AM -0800, Ethan Benson wrote:
> what part of `don't install the service if you don't need it/don't
> know how to configure it' don't you understand?
>
And when, during the installation, or regular use of Debain, is that
message ever displayed to the user?
<[EMAIL
On Sun, Jul 22, 2001 at 06:35:34PM +1000, CaT wrote:
> On Sun, Jul 22, 2001 at 01:37:29AM -0700, Jacob Meuser wrote:
> > For the last time: I am saying that apt-get install should not immediately
> > start a service, and it should not install the startup links in /etc/rc?.d.
>
<[EMAIL PROTECTED]>
On Sun, Jul 22, 2001 at 06:05:18PM +1000, CaT wrote:
> On Sun, Jul 22, 2001 at 12:40:11AM -0700, Jacob Meuser wrote:
> > On Sat, Jul 21, 2001 at 10:26:38PM -0800, Ethan Benson wrote:
> > > On Sat, Jul 21, 2001 at 09:02:54PM -0700, Jacob Meuser wrote:
>
ers bandwidth/disk space,
if anyone wishes to further discuss the questions I raised above,
or try to flame me, please send your email to:
<[EMAIL PROTECTED]>
On Sun, Jul 22, 2001 at 01:57:24AM -0800, Ethan Benson wrote:
> On Sun, Jul 22, 2001 at 07:11:04PM +1000, CaT wrote:
> >
On Sun, Jul 22, 2001 at 01:32:00AM -0600, Hubert Chan wrote:
>
> I'm not sure that would be an effective warning, and it may even be
> confusing to people, as it does not indicate that there is a potential
> security risk, but just tells them to read the security pages.
>
Hmmm, silly me reference
On Sun, Jul 22, 2001 at 02:03:23AM -0500, Nathan E Norman wrote:
>
> Oh, grow up. I did not "attack" you, I questioned the wisdom of
> comparing running services on a computer to the politically loaded
> question of guns.
>
"You are beginning to sound like a troll." - Nathan E Norman
<[EMAIL PR
On Sat, Jul 21, 2001 at 10:26:38PM -0800, Ethan Benson wrote:
> On Sat, Jul 21, 2001 at 09:02:54PM -0700, Jacob Meuser wrote:
> >
> > Oh, I guess anyone can say something like "Four years without a remote
> > hole in the default install!" on the internet, where an
On Sun, Jul 22, 2001 at 07:11:04PM +1000, CaT wrote:
> > Please, quote me on where I have contradicted that.
>
> Right below.
>
Nothing is contradicting that.
>
> If you only wanted to talk about apt-get you should've stuck to it.
>
Then I'm to ignore all other questions and ideas, as well pe
On Sun, Jul 22, 2001 at 07:42:28AM +0200, Martin Bieder wrote:
>
> WARNING: You have started this car! You are about to drive this car.
> That means, you will be moving, what means that accidents could be
> harmful for you. Do you really want to proceed?
>
> [Yes] [No][Abort]
>
On Sun, Jul 22, 2001 at 12:44:19AM -0800, Ethan Benson wrote:
> what part of `don't install the service if you don't need it/don't
> know how to configure it' don't you understand?
>
And when, during the installation, or regular use of Debain, is that
message ever displayed to the user?
<[EMAI
On Sun, Jul 22, 2001 at 06:35:34PM +1000, CaT wrote:
> On Sun, Jul 22, 2001 at 01:37:29AM -0700, Jacob Meuser wrote:
> > For the last time: I am saying that apt-get install should not immediately
> > start a service, and it should not install the startup links in /etc/rc?.d.
>
On Sun, Jul 22, 2001 at 12:34:50AM -0500, Nathan E Norman wrote:
> On Sat, Jul 21, 2001 at 09:28:35PM -0700, Jacob Meuser wrote:
> > PS We don't give guns to children, do we?
>
> What the hell does this have to do with running services on a freaking
> computer connected to
On Sun, Jul 22, 2001 at 12:34:47AM -0500, Rob VanFleet wrote:
> On Sat, Jul 21, 2001 at 07:52:02PM -0700, Jacob Meuser wrote:
> > And whose going to teach them? Certainly not an OS that makes it as
> > easy as 'apt-get install apache' !
&g
<[EMAIL PROTECTED]>
On Sun, Jul 22, 2001 at 06:05:18PM +1000, CaT wrote:
> On Sun, Jul 22, 2001 at 12:40:11AM -0700, Jacob Meuser wrote:
> > On Sat, Jul 21, 2001 at 10:26:38PM -0800, Ethan Benson wrote:
> > > On Sat, Jul 21, 2001 at 09:02:54PM -0700, Jacob Meuser w
On Sun, Jul 22, 2001 at 01:32:00AM -0600, Hubert Chan wrote:
>
> I'm not sure that would be an effective warning, and it may even be
> confusing to people, as it does not indicate that there is a potential
> security risk, but just tells them to read the security pages.
>
Hmmm, silly me referenc
On Sun, Jul 22, 2001 at 02:03:23AM -0500, Nathan E Norman wrote:
>
> Oh, grow up. I did not "attack" you, I questioned the wisdom of
> comparing running services on a computer to the politically loaded
> question of guns.
>
"You are beginning to sound like a troll." - Nathan E Norman
<[EMAIL P
On Sat, Jul 21, 2001 at 10:26:38PM -0800, Ethan Benson wrote:
> On Sat, Jul 21, 2001 at 09:02:54PM -0700, Jacob Meuser wrote:
> >
> > Oh, I guess anyone can say something like "Four years without a remote
> > hole in the default install!" on the internet, where an
On Sun, Jul 22, 2001 at 07:42:28AM +0200, Martin Bieder wrote:
>
> WARNING: You have started this car! You are about to drive this car.
> That means, you will be moving, what means that accidents could be
> harmful for you. Do you really want to proceed?
>
> [Yes] [No][Abort]
On Sat, Jul 21, 2001 at 10:34:56PM -0500, Dana J. Laude wrote:
> On Sat, Jul 21, 2001 at 06:27:00PM -0700 Jacob Meuser wrote:
>
> IMHO, no distribution is secure out of the box. Hell,
> even OpenBSD has had major blunders in their lastest
> release. Security is, after all... a
On Sat, Jul 21, 2001 at 08:21:09PM -0700, Nicole Zimmerman wrote:
>
> > > last i used OpenBSD (2.6) it started portmap and identd by default at
> > > the very least, maybe fingerd too i don't remember for sure.
> > >
> > The difference is, those were not exploitable.
>
> And they are on debian?
On Sun, Jul 22, 2001 at 12:34:50AM -0500, Nathan E Norman wrote:
> On Sat, Jul 21, 2001 at 09:28:35PM -0700, Jacob Meuser wrote:
> > PS We don't give guns to children, do we?
>
> What the hell does this have to do with running services on a freaking
> computer connected to
On Sun, Jul 22, 2001 at 12:34:47AM -0500, Rob VanFleet wrote:
> On Sat, Jul 21, 2001 at 07:52:02PM -0700, Jacob Meuser wrote:
> > And whose going to teach them? Certainly not an OS that makes it as
> > easy as 'apt-get install apache' !
&g
On Sat, Jul 21, 2001 at 07:13:00PM -0800, Ethan Benson wrote:
> On Sat, Jul 21, 2001 at 07:52:02PM -0700, Jacob Meuser wrote:
> > >
> > Still not the point. I'm talking about services being enabled, either
>
> i don't think you know what your point is. i
On Sun, Jul 22, 2001 at 12:54:49PM +1000, CaT wrote:
>
> You know. You're right. We should make it as difficult as possible
> to install software. Right down to removing makefiles from source
> repositories and rot13ing the source code because the harder it is
> to install a piece of software, the
On Sat, Jul 21, 2001 at 05:29:35PM -0800, Ethan Benson wrote:
>
> oh? and why not? don't believe OpenBSD's hype about being the apex of
> computer and code security just because they have done auditing, they
> still miss A LOT. thier audited ftpd had a remote root hole
> recently. thier KERNEL
On Sat, Jul 21, 2001 at 10:34:56PM -0500, Dana J. Laude wrote:
> On Sat, Jul 21, 2001 at 06:27:00PM -0700 Jacob Meuser wrote:
>
> IMHO, no distribution is secure out of the box. Hell,
> even OpenBSD has had major blunders in their lastest
> release. Security is, after all... a
On Sat, Jul 21, 2001 at 08:21:09PM -0700, Nicole Zimmerman wrote:
>
> > > last i used OpenBSD (2.6) it started portmap and identd by default at
> > > the very least, maybe fingerd too i don't remember for sure.
> > >
> > The difference is, those were not exploitable.
>
> And they are on debian?
On Sat, Jul 21, 2001 at 07:13:00PM -0800, Ethan Benson wrote:
> On Sat, Jul 21, 2001 at 07:52:02PM -0700, Jacob Meuser wrote:
> > >
> > Still not the point. I'm talking about services being enabled, either
>
> i don't think you know what your point is. i
On Sat, Jul 21, 2001 at 04:32:32PM -0800, Ethan Benson wrote:
>
> if you install a service its expected you want to run it, so if you
> don't need it don't install it.
>
Not really what I was getting at. I was saying this is TOO EASY.
I'm saying that Debian doesn't do a good enough job of warnin
On Sun, Jul 22, 2001 at 12:54:49PM +1000, CaT wrote:
>
> You know. You're right. We should make it as difficult as possible
> to install software. Right down to removing makefiles from source
> repositories and rot13ing the source code because the harder it is
> to install a piece of software, th
On Sat, Jul 21, 2001 at 05:29:35PM -0800, Ethan Benson wrote:
>
> oh? and why not? don't believe OpenBSD's hype about being the apex of
> computer and code security just because they have done auditing, they
> still miss A LOT. thier audited ftpd had a remote root hole
> recently. thier KERNEL
On Sat, Jul 21, 2001 at 10:57:39PM +0100, Nik Butler wrote:
> Jacon Said:
> >> . I doubt everyone who is running servers on Debain (by choosing to do
> so during
> >> the 'oh so easy' installation) really knows what they're doing.
>
> Grr, talk about giving companies like mine a bad name, Im prom
On Sat, Jul 21, 2001 at 04:32:32PM -0800, Ethan Benson wrote:
>
> if you install a service its expected you want to run it, so if you
> don't need it don't install it.
>
Not really what I was getting at. I was saying this is TOO EASY.
I'm saying that Debian doesn't do a good enough job of warni
On Sat, Jul 21, 2001 at 12:09:07AM -0800, Ethan Benson wrote:
> On Fri, Jul 20, 2001 at 07:52:26PM -0700, Tim Uckun wrote:
> > You really can not blame people for not hiring
> > "expensive unix sysadmins" and letting some semi competent windows user run
> > the NT network.
>
> oh? and whyever no
On Sat, Jul 21, 2001 at 10:57:39PM +0100, Nik Butler wrote:
> Jacon Said:
> >> . I doubt everyone who is running servers on Debain (by choosing to do
> so during
> >> the 'oh so easy' installation) really knows what they're doing.
>
> Grr, talk about giving companies like mine a bad name, Im pro
On Sat, Jul 21, 2001 at 12:09:07AM -0800, Ethan Benson wrote:
> On Fri, Jul 20, 2001 at 07:52:26PM -0700, Tim Uckun wrote:
> > You really can not blame people for not hiring
> > "expensive unix sysadmins" and letting some semi competent windows user run
> > the NT network.
>
> oh? and whyever n
On Mon, Jul 16, 2001 at 11:03:41AM +0300, Juha Jäykkä wrote:
> (off topic)
> enforcing it. I do not know SuSE myself, so I cannot fight them (they
> do not know Debian, but they are the ones who decide - they do not
>
Who's administering the boxen, you or them? If the answer is you,
or other peop
On Mon, Jul 16, 2001 at 11:03:41AM +0300, Juha Jäykkä wrote:
> (off topic)
> enforcing it. I do not know SuSE myself, so I cannot fight them (they
> do not know Debian, but they are the ones who decide - they do not
>
Who's administering the boxen, you or them? If the answer is you,
or other peo
On Thu, May 24, 2001 at 05:30:14AM -0800, Ethan Benson wrote:
> On Thu, May 24, 2001 at 05:41:08AM -0700, Jacob Meuser wrote:
> > On Thu, May 24, 2001 at 04:06:08AM -0800, Ethan Benson wrote:
> > > On Thu, May 24, 2001 at 04:50:57AM -0700, Jacob Meuser wrote:
> > > &
On Thu, May 24, 2001 at 05:30:14AM -0800, Ethan Benson wrote:
> On Thu, May 24, 2001 at 05:41:08AM -0700, Jacob Meuser wrote:
> > On Thu, May 24, 2001 at 04:06:08AM -0800, Ethan Benson wrote:
> > > On Thu, May 24, 2001 at 04:50:57AM -0700, Jacob Meuser wrote:
> > > &
On Thu, May 24, 2001 at 04:06:08AM -0800, Ethan Benson wrote:
> On Thu, May 24, 2001 at 04:50:57AM -0700, Jacob Meuser wrote:
> > >
> > BS, when was the last time you installed OpenBSD? I just did an install
>
> 2.5
That was what, 2 years ago?
>
> > today.
On Thu, May 24, 2001 at 12:43:40AM -0800, Ethan Benson wrote:
> On Thu, May 24, 2001 at 01:34:01AM -0700, Jacob Meuser wrote:
> > On Thu, May 24, 2001 at 01:24:50AM -0400, Ed Street wrote:
> > > Hello,
> > >
> > > Well first off WHY are you running the rpc stuf
On Thu, May 24, 2001 at 04:06:08AM -0800, Ethan Benson wrote:
> On Thu, May 24, 2001 at 04:50:57AM -0700, Jacob Meuser wrote:
> > >
> > BS, when was the last time you installed OpenBSD? I just did an install
>
> 2.5
That was what, 2 years ago?
>
> > today.
On Thu, May 24, 2001 at 12:43:40AM -0800, Ethan Benson wrote:
> On Thu, May 24, 2001 at 01:34:01AM -0700, Jacob Meuser wrote:
> > On Thu, May 24, 2001 at 01:24:50AM -0400, Ed Street wrote:
> > > Hello,
> > >
> > > Well first off WHY are you running the r
On Thu, May 24, 2001 at 01:24:50AM -0400, Ed Street wrote:
> Hello,
>
> Well first off WHY are you running the rpc stuff? (i.e. I can root a redhat
> 6.x box in under 30 seconds with a rpc exploit from a clean install) Turn
> that stuff OFF.
>
Not to start a thread discussing OSes, but ...
Ope
On Thu, May 24, 2001 at 01:24:50AM -0400, Ed Street wrote:
> Hello,
>
> Well first off WHY are you running the rpc stuff? (i.e. I can root a redhat
> 6.x box in under 30 seconds with a rpc exploit from a clean install) Turn
> that stuff OFF.
>
Not to start a thread discussing OSes, but ...
Op
On Sun, Apr 29, 2001 at 07:19:06AM -0400, Sunny Dubey wrote:
>
> A while ago, I remember reading on slashdot about how TrustedBSD and OpenBSD
> were different from each other.
http://www.sigmasoft.com/cgi-bin/wilma/openbsd-misc
use a "restricted files match" for Apr 2001
search for "acl" or "t
On Sun, Apr 29, 2001 at 07:19:06AM -0400, Sunny Dubey wrote:
>
> A while ago, I remember reading on slashdot about how TrustedBSD and OpenBSD
> were different from each other.
http://www.sigmasoft.com/cgi-bin/wilma/openbsd-misc
use a "restricted files match" for Apr 2001
search for "acl" or "
On Fri, Mar 02, 2001 at 10:21:48PM +0100, Tollef Fog Heen wrote:
> |
> | I believe it becomes uncommented if one installs over the network? (That
> | would make sense to ME anyway.)
>
> How do you know whether I installed from a local mirror (which I
> happen to have, even though my connection t
> > I believe it becomes uncommented if one installs over the network? (That
> > would make sense to ME anyway.)
>
> I installed solely over ftp/http from central debian-servers and this is
> what the aforementioned line looks like with me:
>
> #deb http://security.debian.org stable/updates main
On Fri, Mar 02, 2001 at 10:21:48PM +0100, Tollef Fog Heen wrote:
> |
> | I believe it becomes uncommented if one installs over the network? (That
> | would make sense to ME anyway.)
>
> How do you know whether I installed from a local mirror (which I
> happen to have, even though my connection
> > I believe it becomes uncommented if one installs over the network? (That
> > would make sense to ME anyway.)
>
> I installed solely over ftp/http from central debian-servers and this is
> what the aforementioned line looks like with me:
>
> #deb http://security.debian.org stable/updates mai
On Thu, Mar 01, 2001 at 10:30:35AM -0700, Hubert Chan wrote:
>
> On the other hand, OpenSSH was created by the OpenBSD people, who are
> famous for secure programming.
>
And also for quick security fixes. They had a patch for sudo about 5 hours
after the recent bug was discovered. It took a few
On Fri, Mar 02, 2001 at 11:39:15AM +0100, Tollef Fog Heen wrote:
> * Ethan Benson
>
> | On Thu, Mar 01, 2001 at 05:07:43AM +0000, Jacob Meuser wrote:
> | >
> | > My potatos have
> | > deb http://security.debian.org stable/updates main contrib non-free
>
On Fri, Mar 02, 2001 at 07:13:22PM +1100, Steve wrote:
> Hi,
>
> Would it be possible for the latest version of OpenSSH (2.5.1 in
> unstable) to be back-ported to potato and added to proposed updates
> once it enters testing.
>
I second that.
>
> Disclaimer: I am not a developer. However, I am
On Thu, Mar 01, 2001 at 10:30:35AM -0700, Hubert Chan wrote:
>
> On the other hand, OpenSSH was created by the OpenBSD people, who are
> famous for secure programming.
>
And also for quick security fixes. They had a patch for sudo about 5 hours
after the recent bug was discovered. It took a fe
On Fri, Mar 02, 2001 at 11:39:15AM +0100, Tollef Fog Heen wrote:
> * Ethan Benson
>
> | On Thu, Mar 01, 2001 at 05:07:43AM +0000, Jacob Meuser wrote:
> | >
> | > My potatos have
> | > deb http://security.debian.org stable/updates main contrib non-free
>
On Fri, Mar 02, 2001 at 07:13:22PM +1100, Steve wrote:
> Hi,
>
> Would it be possible for the latest version of OpenSSH (2.5.1 in
> unstable) to be back-ported to potato and added to proposed updates
> once it enters testing.
>
I second that.
>
> Disclaimer: I am not a developer. However, I a
On Wed, Feb 28, 2001 at 11:51:32PM -0900, Ethan Benson wrote:
>
> the first thing you should add to a newly installed debian system is:
>
> ## security updates
> deb http://security.debian.org/debian-security/ potato/updates main contrib
> deb http://security.debian.org/debian-non-US/ potato/non-
On Wed, Feb 28, 2001 at 11:51:32PM -0900, Ethan Benson wrote:
>
> the first thing you should add to a newly installed debian system is:
>
> ## security updates
> deb http://security.debian.org/debian-security/ potato/updates main contrib
> deb http://security.debian.org/debian-non-US/ potato/non
On Wed, Feb 21, 2001 at 10:09:47PM +0100, Gaute Gullesen wrote:
> On Wednesday, February 21, 2001, 9:40:05 PM, Adam Spickler wrote:
> > What about if you are going from a Windows box to a *nix box.
> > Is there any way to do secure ftp transfers. Mail, for me is
> > no problem. I ssh into my mac
On Wed, Feb 21, 2001 at 10:09:47PM +0100, Gaute Gullesen wrote:
> On Wednesday, February 21, 2001, 9:40:05 PM, Adam Spickler wrote:
> > What about if you are going from a Windows box to a *nix box.
> > Is there any way to do secure ftp transfers. Mail, for me is
> > no problem. I ssh into my mach
64 matches
Mail list logo