Elmar,
Do you have documentation of your labours available?
Sincerely, Joh
On Monday 30 November 2015 18:20:00 Elmar Stellnberger wrote:
> Dear Henriette,
>
> Yes, I am using qemu-kvm based virtualization. According to my
> experience that was sufficient to protect the host from the guest. The
The database should be on read-only media - I assume that was meant ... try
samhain in combination with gnupg for a remedy ...
Joh
On Friday 09 May 2008 14:54:40 phobot wrote:
On May 7, 1:10 pm, martin f krafft [EMAIL PROTECTED] wrote:
use integrit/aide/tripwire
only useful with
Hi,
The machine I'm running tiger on gets its ntp server via dynamic dhcp and
therefore that changes regularly ...
I was wondering whether it is admissible to use wildcards in
/etc/tiger/templates/check_listeningprocs.out.template
or what else I could do to prevent the recurring false
I forgot to say thanks ...
Joh
On Thursday 17 January 2008 13:13:27 Peter Jordan wrote:
Johannes Graumann, 01/17/08 13:07:
See subject,
Joh
gmane.linux.debian.devel.security ???
signature.asc
Description: This is a digitally signed message part.
See subject,
Joh
signature.asc
Description: This is a digitally signed message part.
How am I supposed to guess that 'devel' refers to the general?
Joh
On Thursday 17 January 2008 13:13:27 Peter Jordan wrote:
Johannes Graumann, 01/17/08 13:07:
See subject,
Joh
gmane.linux.debian.devel.security ???
--
Johannes Graumann, PhD
Max-Planck-Institute of Biochemistry
Would you mind charing some of the scripting involved?
Joh
On Wed, 10 Dec 2003 23:26:21 -0500
Peter Solodov [EMAIL PROTECTED] wrote:
On 10 Dec 2003, Douglas F. Calvert wrote:
With all the recent discussions about debsigs and file integrity I
have been trying to figure out the best way to
Hello,
As of this morning two of my machines - which are regularly contacted
trough ssh from each other - showed this message upon 'chkrootkit':
Checking 'bindshell'... INFECTED [PORTS: 1524 31337]
Checking 'lkm'... You have 4 processes hidden for ps command
The latter happened to me before
On Tue, 3 Feb 2004 09:55:04 +1300 (NZDT)
TiM [EMAIL PROTECTED] wrote:
Hello,
As of this morning two of my machines - which are regularly
contacted trough ssh from each other - showed this message upon
'chkrootkit':
Checking 'bindshell'... INFECTED [PORTS: 1524 31337]
Checking
Hello,
As of this morning two of my machines - which are regularly contacted
trough ssh from each other - showed this message upon 'chkrootkit':
Checking 'bindshell'... INFECTED [PORTS: 1524 31337]
Checking 'lkm'... You have 4 processes hidden for ps command
The latter happened to me before
On Tue, 3 Feb 2004 09:55:04 +1300 (NZDT)
TiM [EMAIL PROTECTED] wrote:
Hello,
As of this morning two of my machines - which are regularly
contacted trough ssh from each other - showed this message upon
'chkrootkit':
Checking 'bindshell'... INFECTED [PORTS: 1524 31337]
Checking
Hello again,
Here is what I make of my evidence at the end of a quite anxious day. I
would highly appreciate any comments on my conclusions!
Checking 'bindshell'... INFECTED [PORTS: 1524 31337]
At this point I believe to be able to attribute this to portsentry
running -
Hello,
Following loosely this document:
http://www.sdc.org/~leila/usb-dongle/readme.html
I have set up (or tried) to encrypt my swap partition (/dev/hda2).
Here is what I did:
* create /usr/local/sbin/crypto-swap (modified!)
#!/bin/sh
# Run this script somewhere in your startup scripts _after_
#
== Johannes Graumann [EMAIL PROTECTED] writes:
[...]
Johannes And on another note: in
Johannes
http://www.mirrors.wiretapped.net/security/cryptography/filesystems/loop-aes/loop-AES.README
Johannes I read the following: Don't use a journaling file system
on Johannes top of file backed loop
On Wed, 21 Jan 2004 05:12:18 -0400
Peter Cordes [EMAIL PROTECTED] wrote:
On Tue, Jan 20, 2004 at 11:07:51PM -0800, Johannes Graumann wrote:
I feel this is kind of over my head ... to boil it down: does it
even make sense to run reiserfs inside a loopback partition?
Yes, if the file
Hello,
Following loosely this document:
http://www.sdc.org/~leila/usb-dongle/readme.html
I have set up (or tried) to encrypt my swap partition (/dev/hda2).
Here is what I did:
* create /usr/local/sbin/crypto-swap (modified!)
#!/bin/sh
# Run this script somewhere in your startup scripts _after_
#
== Johannes Graumann [EMAIL PROTECTED] writes:
[...]
Johannes And on another note: in
Johannes
http://www.mirrors.wiretapped.net/security/cryptography/filesystems/loop-aes/loop-AES.README
Johannes I read the following: Don't use a journaling file system
on Johannes top of file backed loop
On Wed, 21 Jan 2004 05:12:18 -0400
Peter Cordes [EMAIL PROTECTED] wrote:
On Tue, Jan 20, 2004 at 11:07:51PM -0800, Johannes Graumann wrote:
I feel this is kind of over my head ... to boil it down: does it
even make sense to run reiserfs inside a loopback partition?
Yes, if the file
Hello,
I set out to create an encrypted partition using my new 2.6.1 custom
kernel (compiled from kernel.org sources, loopdevice and cryptoloop
statically compiled in, ciphers present as modules). Following what was
said in several HOWTOs, I said 'modprobe aes' and tried various
permutations of
Hello,
I set out to create an encrypted partition using my new 2.6.1 custom
kernel (compiled from kernel.org sources, loopdevice and cryptoloop
statically compiled in, ciphers present as modules). Following what was
said in several HOWTOs, I said 'modprobe aes' and tried various
permutations of
Hello,
Where are the options below from?
I run aide 0.10, which is according to the sourceforge site the current
one and it doesn't like it. Also as someone else mentioned:
http://www.cs.tut.fi/~rammer/aide.html says Future plans: ...
Encrypted and signed database.
Joh
On Fri, 12 Dec 2003
I'm one of those people. How do I figure out what kernel image to (AMD
k6/K6 II/K6 III, AMD K7, AMD k7 SMP) for a AMD 1800+ XP Thoroughbred
processor? How do I find out whether it supports ReiserFS, ...?
Thanks for any hint to the novice.
Joh
On Wed, 3 Dec 2003 02:00:19 -0800
Rick Moen [EMAIL
Thanks,
Joh
On Wed, 03 Dec 2003 14:35:51 -0800
Kourosh [EMAIL PROTECTED] wrote:
On Wed, 2003-12-03 at 09:54, Johannes Graumann wrote:
I'm one of those people. How do I figure out what kernel image to
(AMD k6/K6 II/K6 III, AMD K7, AMD k7 SMP) for a AMD 1800+ XP
Thoroughbred processor? How
... but on a second thought: how do I find this information out ion my
own and what does SMP stand for?
Joh
On Wed, 03 Dec 2003 14:35:51 -0800
Kourosh [EMAIL PROTECTED] wrote:
On Wed, 2003-12-03 at 09:54, Johannes Graumann wrote:
I'm one of those people. How do I figure out what kernel image
I'm one of those people. How do I figure out what kernel image to (AMD
k6/K6 II/K6 III, AMD K7, AMD k7 SMP) for a AMD 1800+ XP Thoroughbred
processor? How do I find out whether it supports ReiserFS, ...?
Thanks for any hint to the novice.
Joh
On Wed, 3 Dec 2003 02:00:19 -0800
Rick Moen [EMAIL
Thanks,
Joh
On Wed, 03 Dec 2003 14:35:51 -0800
Kourosh [EMAIL PROTECTED] wrote:
On Wed, 2003-12-03 at 09:54, Johannes Graumann wrote:
I'm one of those people. How do I figure out what kernel image to
(AMD k6/K6 II/K6 III, AMD K7, AMD k7 SMP) for a AMD 1800+ XP
Thoroughbred processor? How
... but on a second thought: how do I find this information out ion my
own and what does SMP stand for?
Joh
On Wed, 03 Dec 2003 14:35:51 -0800
Kourosh [EMAIL PROTECTED] wrote:
On Wed, 2003-12-03 at 09:54, Johannes Graumann wrote:
I'm one of those people. How do I figure out what kernel image
Hello,
This is a testing/unstable system.
I was just running 'chkrootkit' and came across this warning:
Checking `lkm'... You have 4 process hidden for ps command
Warning: Possible LKM Trojan installed
I did some reading and made sure the number is not changing (due to
running
Thanks to everybody who was taking the time to sooth the novice ... ;0)
Joh
On Tue, 25 Nov 2003 12:18:35 -0800
Johannes Graumann [EMAIL PROTECTED] wrote:
Hello,
This is a testing/unstable system.
I was just running 'chkrootkit' and came across this warning:
Checking `lkm'... You have
Thanks to everybody who was taking the time to sooth the novice ... ;0)
Joh
On Tue, 25 Nov 2003 12:18:35 -0800
Johannes Graumann [EMAIL PROTECTED] wrote:
Hello,
This is a testing/unstable system.
I was just running 'chkrootkit' and came across this warning:
Checking `lkm'... You have
Hello,
This is a testing/unstable system.
I was just running 'chkrootkit' and came across this warning:
Checking `lkm'... You have 4 process hidden for ps command
Warning: Possible LKM Trojan installed
I did some reading and made sure the number is not changing (due to
running
Hello,
I'm looking at this triade:
Tripwire
Aide
Fcheck
and was wondering as to what this group is prefering and why or whether there are
other more trusted alternatives.
My main argument ageinst tripwire is it's pseudo-commercial source.
Thankful for any comment,
Joh
What's your reasoning?
Joh
On Thu, 05 Dec 2002 13:01:46 +1000
Alexander Zangerl [EMAIL PROTECTED] wrote:
On Wed, 04 Dec 2002 18:44:12 PST, Johannes Graumann writes:
and was wondering as to what this group is prefering and why or whether
there are other more trusted alternatives.
samhain
Hello,
I'm looking at this triade:
Tripwire
Aide
Fcheck
and was wondering as to what this group is prefering and why or whether there
are other more trusted alternatives.
My main argument ageinst tripwire is it's pseudo-commercial source.
Thankful for any comment,
Joh
What's your reasoning?
Joh
On Thu, 05 Dec 2002 13:01:46 +1000
Alexander Zangerl [EMAIL PROTECTED] wrote:
On Wed, 04 Dec 2002 18:44:12 PST, Johannes Graumann writes:
and was wondering as to what this group is prefering and why or whether
there are other more trusted alternatives.
samhain
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello,
It's me again ;0) and I ask again for advice on how to deal with certain
errors reported by my daily Tiger-run.
The first pair of erors I'm facing is:
* The port for services afs3-fileserver is assigned to service
ircd-dalnet.
* The port
Hello,
Tiger run for the first time last night on my newly installed DEBox.
Amongother messages I got the following statements:
# Checking accounts from /etc/passwd.
--WARN-- [acc001w] Login ID nobody is disabled, but still has a valid
shell (/bin/sh).
--WARN-- [acc006w] Login ID mail's home
37 matches
Mail list logo
