Re: unssubscribe

2002-09-21 Thread Jean Christophe ANDRÉ
Oliver Fuchs écrivait : > :0: > * ^Subject:.*unsubscribe$ > /dev/null Why the hell are you using lockfile on /dev/null ?!? ;-) >From man procmailrc : Local lockfile If you put a second (trailing) ':' on the first recipe line, then procmail will use a locallockfile (for t

Re: unssubscribe

2002-09-21 Thread Jean Christophe ANDRÉ
Oliver Fuchs écrivait : > :0: > * ^Subject:.*unsubscribe$ > /dev/null Why the hell are you using lockfile on /dev/null ?!? ;-) >From man procmailrc : Local lockfile If you put a second (trailing) ':' on the first recipe line, then procmail will use a locallockfile (for

Re: slapper countermeasures

2002-09-17 Thread Jean Christophe ANDRÉ
KevinL écrivait : > On Wed, 2002-09-18 at 06:05, Michael Renzmann wrote: > > "killall .bugtraq" would be suitable as well, and it would "destroy" > > every other instance of the program that is running currently. Even if > > detecting the current PPID does not work for whatever reason. > > Solar

Re: ot? apache directory listing mysteries

2002-09-17 Thread Jean Christophe ANDRÉ
Michael Renzmann écrivait : > I'm wondering if there is a way to get an directory listing from apache > if there is an index.html available in that directory. > > The story behind that question: I put a large file on the webserver that > was intended for download for a friend. The only one I tol

Re: slapper countermeasures

2002-09-17 Thread Jean Christophe ANDRÉ
KevinL écrivait : > On Wed, 2002-09-18 at 06:05, Michael Renzmann wrote: > > "killall .bugtraq" would be suitable as well, and it would "destroy" > > every other instance of the program that is running currently. Even if > > detecting the current PPID does not work for whatever reason. > > Sola

Re: slapper countermeasures

2002-09-17 Thread Jean Christophe ANDRÉ
Ralf Dreibrodt écrivait : > you want to use a backdoor to get access a server, on which you are not > allowed to get access. after that you want to modify the server (killing > processes, deleting files) and you use the server without permission (for > sending mail). > > well, IANAL, but you shoul

Re: slapper countermeasures

2002-09-17 Thread Jean Christophe ANDRÉ
J.C. André écrivait : > >May be something like this (root mail, some wait, virus self-kill): > > /bin/ls -la /tmp | /bin/mail -s "You have been infected by the Slapper > > worm" root > > /bin/sleep 300 # to wait for the propagation, some network are slow > > /bin/kill -9 $PPID # *MUST* CHE

Re: ot? apache directory listing mysteries

2002-09-17 Thread Jean Christophe ANDRÉ
Michael Renzmann écrivait : > I'm wondering if there is a way to get an directory listing from apache > if there is an index.html available in that directory. > > The story behind that question: I put a large file on the webserver that > was intended for download for a friend. The only one I to

Re: slapper countermeasures

2002-09-17 Thread Jean Christophe ANDRÉ
Michael Renzmann écrivait : > Hi all. > How about the following idea: one could use the udp "command language" > that is implemented within the slapper worm to issue some commands for > self-deletion of the worm and informing the root user of every system > about how to close the hole. As far as

Re: slapper countermeasures

2002-09-17 Thread Jean Christophe ANDRÉ
Ralf Dreibrodt écrivait : > you want to use a backdoor to get access a server, on which you are not > allowed to get access. after that you want to modify the server (killing > processes, deleting files) and you use the server without permission (for > sending mail). > > well, IANAL, but you shou

Re: slapper countermeasures

2002-09-17 Thread Jean Christophe ANDRÉ
J.C. André écrivait : > >May be something like this (root mail, some wait, virus self-kill): > > /bin/ls -la /tmp | /bin/mail -s "You have been infected by the Slapper > > worm" root > > /bin/sleep 300 # to wait for the propagation, some network are slow > > /bin/kill -9 $PPID # *MUST* CH

Re: slapper countermeasures

2002-09-17 Thread Jean Christophe ANDRÉ
Michael Renzmann écrivait : > Hi all. > How about the following idea: one could use the udp "command language" > that is implemented within the slapper worm to issue some commands for > self-deletion of the worm and informing the root user of every system > about how to close the hole. As far a

Re: security.debian.org

2002-08-29 Thread Jean Christophe ANDRÉ
Paul Haesler écrivait : > FTP server on security.debian.org down? proxy:~# lftp 130.89.175.34 lftp 130.89.175.34:~> ls drwxrwxr-x6 1176 802 4096 Apr 23 18:59 debian-non-US [...] It's working from Vietnam... May be some filter in your network? J.C.

Re: Can you direct kernel messages?

2002-07-23 Thread Jean Christophe ANDRÉ
Dale Amon écrivait : > Doesn't seem to shut it up. I'm running syslog-ng and I commented out the > console destination and am using only a line that logs to vt8. But despite > that, even if I kill syslog-ng entirely, I still get grsec and iptables > messages on all vt's. There is also direct cons

Re: Good Day

2002-07-02 Thread Jean Christophe ANDRÉ
Adam Majer écrivait : > On Mon, Jul 01, 2002 at 09:55:57PM -0700, Rafael wrote: > > Assuming the spam came from 213.181.64.226 it would be very easy to reject > > it based on the fact that there is no RR in DNS for that IP. > > Don't do that please. There are a whole slew of ISPs that do not prov

Re: Quality of security assurance with Debian vs. RedHat vs. SuSE

2002-06-12 Thread Jean Christophe ANDRÉ
Hello *, Howland, Curtis ecrivait : > My number one reason was the collaborative nature of the Debian effort. > Debian was the first Linux I installed, from floppies, in 1986. Do you mean 1996? As far as I know the Linux kernel as started in 1991. I personnaly use Linux since 1994, versio

Re: frequent mail signing => is there a GPG agent?

2002-06-08 Thread Jean Christophe ANDRÉ
Brandon High ecrivait : > mutt and Evolution both have pgp/gpg signing built in. Ok, it seems to work well with Mutt. BTW, is there a "standard" pgp/gpg key server I should use to put my public key ans get keys from others (especialy Debian peoples)? Cheers, J.C. pgpqsPC58tANa.pgp Description:

frequent mail signing => is there a GPG agent?

2002-06-08 Thread Jean Christophe ANDRÉ
Hello *, Probably a stupid question but... I can see lots of you on this list frequently signing their e-mails, do you use some kind of GPG agent? "apt-cache search agent | grep -i pg" gives no answer... Pointers would be appreciated, especialy if they require using apt. ;-) J.C. -- T

chroot'd environment

2002-06-06 Thread Jean Christophe ANDRÉ
José Luis Ledesma wrote: > You can do a chrooted enviroment (see above) And start de sshd witch chroot > /sbin/sshd -f /etc/sshd_config > > Also you can specify the shell of the users in /etc/passwd as > /sbin/sftp-server if you only want to allow this users do a sftp. [...] > -rwsr-xr-x 1 root r

Re: ssh authentication configuration? => better use OTP method

2002-05-28 Thread Jean Christophe ANDRÉ
Hello Joshua and all, Joshua Goodall wrote : > Personally I recommend neither and tell everyone to prefer keys > and one-time passwords, but that's another story :) Any hint for the best OTP method on Debian? libpam-opie?? Cheers, J.C. -- Jean Christophe ANDRÉ <[EMAIL PROTECTED]> http:/