-dbgsym isn't
available (I think this means if you had manually installed the -dbgsym
package, you wouldn't get the security update with a plain
"apt-get upgrade"?).
Apologies if this is already being worked on, I didn't see any
discussion of it.
- Kevin
What is this ??
On Jun 7, 2016 12:26 PM, "---Social ---Security--- Disability---" <
luci...@debian.org> wrote:
> *Congratulations net*
>
> ___Disability Evaluation__free
>
>
...@lists.debian.org
- --
Best regards
Kevin Holly - r...@hallowe.lt - http://hallowe.lt/
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)
iQEcBAEBAgAGBQJUHZ4zAAoJELAaqP3QtzpMKnMIAJQZnXK6DqRMMausw3C4SKIm
0TGk75ry8S5b2Dni7dfMP2Qw27g/TEnQ4YiTa+J6/WPPD1iI0EuuR2KwUBu2aDj8
j5Dd/kY75x+HGBXVR
...@eunet.rs
Kevin Olbrich.
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/157c3070-f95d-46bb-ad86-5602f6eae...@dolphin-it.de
Do you have IntelliJ installed in this box?
http://stackoverflow.com/questions/13345986/intellij-idea-using-10001-port
Mit freundlichen Grüßen / best regards,
Kevin Olbrich.
(mobil vom iPhone)
--
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen.
Wenn Sie nicht der
debian-security@lists.debian.org
X-Mailer: iPhone Mail (11D5134c)
Am 22.01.2014 um 15:13 schrieb Marko Randjelovic marko...@eunet.rs:
On Wed, 22 Jan 2014 15:08:39 +0100
Milan P. Stanic m...@arvanta.net wrote:
I found it a lot easier to go with vanilla kernel and grsec/pax patch
Wouldn't this mean there is an error message? The patch could work with a newer
kernel in general (?).
I did not try it but are there so many changes between both releases?
Mit freundlichen Grüßen / best regards,
Kevin Olbrich.
(mobil vom iPhone)
--
Diese E-Mail enthält vertrauliche und/oder
Yes but this is only the case when rkhunter was active before.
AFAIK rkhunter itself has no signatures, it generates the initial checksumms on
first start.
Mit freundlichen Grüßen / best regards,
Kevin Olbrich.
Web: http://kevin-olbrich.de/
--
Diese E-Mail enthält vertrauliche und/oder rechtlich
Is SELinux disabled on new debian installs?
Mit freundlichen Grüßen / best regards,
Kevin Olbrich.
Web: http://kevin-olbrich.de/
--
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen.
Wenn Sie nicht der richtige Adressat sind und/oder diese E-Mail irrtümlich
erhalten
Even if there would not be a manipulated software package - hardware
manipulation in mainboards or network hardware (like cisco does) is already
known.
Mit freundlichen Grüßen / best regards,
Kevin Olbrich.
(mobil vom iPhone)
--
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
Hi,
there is an open bug report:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=707006
http://osdir.com/ml/debian-live/2013-06/msg00029.html
You can post to:
https://lists.debian.org/debian-live/
Mit freundlichen Grüßen / best regards,
Kevin Olbrich.
Web: http://kevin-olbrich.de/
--
Diese E
I think (as soon as all apps are compatible).
Mit freundlichen Grüßen / best regards,
Kevin Olbrich.
(mobil vom iPhone)
--
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen.
Wenn Sie nicht der richtige Adressat sind und/oder diese E-Mail irrtümlich
erhalten haben
Hello,
This is a chance of 1 in 5.
I think there are ways we would never imagine yet. Just think of such a
possibility in qt and there would be thousands of zombie apps.
Mit freundlichen Grüßen / best regards,
Kevin Olbrich.
(mobil vom iPhone)
--
Diese E-Mail enthält vertrauliche und/oder
comment like:
/* Add content of passed-in buffer to PRNG to supply entropy */
best regards,
--
Kevin B. McCarty [EMAIL PROTECTED]
WWW: http://www.starplot.org/
WWW: http://people.debian.org/~kmccarty/
GPG: public key ID 4F83C751
signature.asc
Description: OpenPGP digital signature
for
any captured exchange and determine the session key immediately from
x and f.
--
Kevin Buhr [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
-upgrade, in security updates considered a bug? If so, should I
bother filing it?
(For what it's worth, OOo packages in testing and unstable depend on
libneon25.)
regards,
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG
,
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG: public key ID 4F83C751 Princeton, NJ 08544
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Michelle Konzack wrote:
Am 2006-08-20 14:49:53, schrieb kevin bailey:
Why is portmap installed by default on a vanilla basic Debian Sarge
install?
Sorry, but portmap is NOT installed...
This was changed from Woody-Sarge and I was surprised too,
that I had to install portmap my own
Why is portmap installed by default on a vanilla basic Debian Sarge install?
As far as I can see this is mainly used by by NFS and NIS - so if we're not
using either of these then why should it be installed.
I'm asking mainly because chkrootkit is reporting what seems like a false
positive due
Mike Hommey wrote:
On Sun, Aug 20, 2006 at 02:49:53PM +0100, kevin bailey
[EMAIL PROTECTED] wrote:
Why is portmap installed by default on a vanilla basic Debian Sarge
install?
As far as I can see this is mainly used by by NFS and NIS - so if we're
not using either of these then why should
the 2.4.27-2 package instead of the new 2.4.27-3 package.
(And ditto for the other three Sparc 2.4 kernel metapackages.)
regards,
- --
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG: public key ID 4F83C751
Adrian von Bidder wrote:
On Thursday 15 December 2005 23.54, Noah Meyerhans wrote:
given the choice between having your users use weak but easy to remember
passwords and having them use complex passwords that they have to write
down,
My experience suggests that users use weak passwords
every day.
any comments gratefully received,
kevin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
hi,
these ports seem to be open by default on a standard sarge setup
PORT STATESERVICE
9/tcpopen discard
13/tcp open daytime
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
37/tcp open time
80/tcp open http
110/tcp open pop3
111/tcp
and email results.
run snort to check for attacks.
get script to run and check status of server every day.
any comments gratefully received,
kevin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Jeffrey L. Taylor wrote:
Quoting kevin bailey [EMAIL PROTECTED]:
[snip]
4. enhance authentication
maybe set up ssh access by authorised keys only - but again this has a
problem when i need to log in to the server from a putty session on a PC
in an internet cafe .
Buy a laptop
You can limit your FTP server to listen for data connections on a
specific port only (eg, ftp-data, or 20). Then you only have to allow
connections to ports 20 and 21.
but after the initial connection doesn't the server then wait for the data
connection on a port in a range above 1065?
Alvin Oga wrote:
On Thu, 15 Dec 2005, kevin bailey wrote:
was recently rootkitted on a debian machine because i'd left an obscure
service running.
if you know how they got in .. i assume oyu have since fixed it
my guess it was the miniserv.pl run by webmin - it had a security problem
Matt wrote:
Kevin -
kevin bailey wrote:
1. before attaching server to network install and configure tripwire.
and could possibly put key executables on to CD-ROM and leave them in the
server.
In todays same day exploits, using something like tripwire for H.I.D.S.
may not prove useful
tomasz abramowicz wrote:
kevin bailey wrote:
hi,
was recently rootkitted on a debian machine because i'd left an obscure
service running.
which one?
i though it was webmin - but now i'm not so sure - i thought there was a
vulnerability in webmin in 2005 which was not in the debian
Will Maier wrote:
On Thu, Dec 15, 2005 at 12:27:01PM +, kevin bailey wrote:
now i've generally relied on debian issuing security patches but i
thought i should be more proactive RE security.
This is very important, as you're now aware. The most secure OS in
the world is only as secure
Dale Amon wrote:
On Thu, Dec 15, 2005 at 12:27:01PM +, kevin bailey wrote:
2. firewall
not i'm not sure about the need for a firewall - i may need to access the
server over ssh from anywhere. also, to run FTP doesn't the server need
to be able to open up a varying number of ports
Noah Meyerhans wrote:
On Thu, Dec 15, 2005 at 12:35:09PM +, kevin bailey wrote:
the service:
443/tcp open https
is used to protect the webmail service. it is meant to stop the email
passwords from being sniffed.
If you're concerned about passwords being sniffed, you better shut
Dale Amon wrote:
On Thu, Dec 15, 2005 at 12:35:09PM +, kevin bailey wrote:
what is
1720/tcp filtered H.323/Q.931
Are you running any VOIP? H323 is the standard for telephone
interchanges.
and how do i turn it off if it is uneccessary.
netstat, lsof, fuser, the usual suspects
Will Maier wrote:
On Thu, Dec 15, 2005 at 12:35:09PM +, kevin bailey wrote:
these ports seem to be open by default on a standard sarge setup
[...]
Not a standard, default setup; you've installed and enabled other
services which aren't turned on by default.
the server will just
Noah Meyerhans wrote:
On Thu, Dec 15, 2005 at 06:46:02PM +0100, Florian Weimer wrote:
It may be nothing. The fact that it showed up as filterd in the nmap
output indicates that nmap didn't received a TCP RST packet back when
it
tried to contact that port. That may mean you have
On Thu, Dec 15, 2005 at 12:35:09PM +, kevin bailey wrote:
} hi,
}
} these ports seem to be open by default on a standard sarge setup
}
} PORT STATESERVICE
} 9/tcpopen discard
Useless. Turn it off.
will do
} 13/tcp open daytime
Useless. Time in text format
(I hope you don't mind if I publish our correspondence in Linux Gazette,
http://linuxgazette.net/ .)
No problem at all.
Kevin Bailey
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
thanks for the replies.
what with it being several different symptoms i tend to think this is not a
false positive.
cause:
this is an old server which has been running for 4 years.
i have tried out lots of different things on this server and have made the
mistake of leaving unnecessary
hi,
the following output looks like i've been rooted.
i'm in the process of moving all services to another machine and restoring
from backups etc.
could anyone provide any analysis of what attack caused the problem - i
would guess that it's possibly something o do with zope.
thanks,
kev
and..
:/usr/local/sbin# /usr/lib/chkrootkit/chkproc -v
PID 4: not in ps output
PID 1769: not in ps output
PID 15688: not in ps output
PID 15690: not in ps output
PID 17760: not in ps output
PID 17762: not in ps output
PID 21583: not in ps output
PID 21585: not in ps output
PID 21919: not in
, run this command:
aptitude update apt-show-versions -i
I have already made my backported packages inaccessible, so you will now
be on track to install additional security updates from Debian down the
road.
My apologies for the inconvenience.
regards,
- --
Kevin B. McCarty [EMAIL PROTECTED
\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220!
\220\220\220\220\220\220\220\220\220\220\220
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http
,
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG: public key ID 4F83C751 Princeton, NJ 08544
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
can u tell me how do i track somebody's ip that's
trying to hack me
nothing to do with it? Even for a worm that doesn't make any
sense.
regards,
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG: public key ID 4F83C751 Princeton, NJ 08544
--
To UNSUBSCRIBE, email
to everyone who answered to clear up the mystery.
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG: public key ID 4F83C751 Princeton, NJ 08544
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED
is not so high. You
might also want to add a cron job to delete the /var/log/faillog file
every so often.
Comments?
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG public key ID: 4F83C751 Princeton, NJ 08544
-machine?
p.s. I apologize for breaking the thread, I'm replying via the mailing
list archive and using Thunderbird ( http://bugs.debian.org/268055 ).
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG public key ID: 4F83C751
,
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG public key ID: 4F83C751 Princeton, NJ 08544
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
,
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG public key ID: 4F83C751 Princeton, NJ 08544
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
, and go through
the apparently non-trivial task of getting it to work well.
By the way, is PDF also Turing-complete with the accompanying security
issues?
regards,
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG public key
in Apache 1.3.31, now available in unstable.
But the woody Apache packages appear to date back to the end of 2002. Are
there any plans to backport the fixes?
(Please follow up to debian-apache)
thanks and regards,
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http
.)
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG: public key ID 4F83C751 Princeton, NJ 08544
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
in Apache 1.3.31, now available in unstable.
But the woody Apache packages appear to date back to the end of 2002. Are
there any plans to backport the fixes?
(Please follow up to debian-apache)
thanks and regards,
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http
.)
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG: public key ID 4F83C751 Princeton, NJ 08544
Kevin B. McCarty wrote:
Dear all,
It seems that at least on ix86, the latest woody security updates for
the kernel packages are completely broken. The kernel packages named
kernel-image-2.4.18-1-subflavor with version 2.4.18-13 contain only
one module. DO NOT upgrade to these packages or your
Kevin B. McCarty wrote:
Dear all,
It seems that at least on ix86, the latest woody security updates for
the kernel packages are completely broken. The kernel packages named
kernel-image-2.4.18-1-subflavor with version 2.4.18-13 contain only
one module. DO NOT upgrade to these packages
when you reboot.
hoping this warning is timely and not _too_ redundant,
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG: public key ID 4F83C751 Princeton, NJ 08544
--
To UNSUBSCRIBE, email to [EMAIL
when you reboot.
hoping this warning is timely and not _too_ redundant,
--
Kevin B. McCarty [EMAIL PROTECTED] Physics Department
WWW: http://www.princeton.edu/~kmccarty/Princeton University
GPG: public key ID 4F83C751 Princeton, NJ 08544
=
Kevin McKay
__
Do you Yahoo!?
Get better spam protection with Yahoo! Mail.
http://antispam.yahoo.com/tools
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
=
Kevin McKay
__
Do you Yahoo!?
Get better spam protection with Yahoo! Mail.
http://antispam.yahoo.com/tools
I've discovered that login, sudo, gdm only take care of the first 8
characters of the passwd. The following characters don't count. See the
following example (I've created a new user just to make the test)
If you are not using md5 passwords will have a max length of 8
characters. If you're
I've discovered that login, sudo, gdm only take care of the first 8
characters of the passwd. The following characters don't count. See the
following example (I've created a new user just to make the test)
If you are not using md5 passwords will have a max length of 8
characters. If you're
?
--
Kevin [EMAIL PROTECTED]
I believe that UDP port is for receiving DNS responses.
-Kevin
Jason Lunz [EMAIL PROTECTED] writes:
does anyone know what squid's udp sockets are for, and how to close
them? As far as I can tell, I don't need them, but I've been unable to
find a combination of squid directives to make them
Noah L. Meyerhans [EMAIL PROTECTED] writes:
On Wed, Mar 26, 2003 at 02:15:28PM -0500, Kevin Cheek wrote:
I believe that UDP port is for receiving DNS responses.
Umm... No.
It's used for ICP, a protocol for intercommunication between squid
caches. For example, at my site we have two
I believe that UDP port is for receiving DNS responses.
-Kevin
Jason Lunz [EMAIL PROTECTED] writes:
does anyone know what squid's udp sockets are for, and how to close
them? As far as I can tell, I don't need them, but I've been unable to
find a combination of squid directives to make them
Noah L. Meyerhans [EMAIL PROTECTED] writes:
On Wed, Mar 26, 2003 at 02:15:28PM -0500, Kevin Cheek wrote:
I believe that UDP port is for receiving DNS responses.
Umm... No.
It's used for ICP, a protocol for intercommunication between squid
caches. For example, at my site we have two
open on this:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=185508
--
Kevin Buhr [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
open on this:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=185508
--
Kevin Buhr [EMAIL PROTECTED]
That didn't happen on any of the systems I updated today. Same old
xinetd.conf files that I had before.
-Kevin
Thomas Viehmann [EMAIL PROTECTED] writes:
[...]
I just wanted to note that the xinetd upgrade moved my xinetd.conf to
a backup and left me without running IMAP (which
you need to install a word library such as wenglish
Hello,
I just installed libpam-cracklib and now need to configure it to use
the system dictionary. I've run the cracklib script in /etc/cron.daily but
that did'nt seem to work.
How is this done on Woody?
Thank you,
-o PreferredAuthentications=password -l alice foohost
though I believe this only applies for SSH2 connections. For SSH1
connections, you could try -o RSAAuthentication=no.
--
Kevin Buhr [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble
on with a particular domain's name servers, but in practice
many, many legitimate servers have this type of misconfiguration.
--
Kevin Buhr [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
on with a particular domain's name servers, but in practice
many, many legitimate servers have this type of misconfiguration.
--
Kevin Buhr [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
IT people) and have them
investigate.
--
Kevin Buhr [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
) and have them
investigate.
--
Kevin Buhr [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
libncurses5-dev
- this is not the list for these kind of questions, but i will giv it
a try.
What is the full name of the libncurses you need to install in order to
use make menuconfig. i have run apt-get install ncurses* and non of
them works - i still get You need to have Ncurses
libncurses5-dev
- this is not the list for these kind of questions, but i will giv it
a try.
What is the full name of the libncurses you need to install in order to
use make menuconfig. i have run apt-get install ncurses* and non of
them works - i still get You need to have Ncurses
the last reply for that bug (quoted below) seems to have a solution, although i
haven't tried it myself. it would seem you just need to install one
of the wordlist packages (ie wenglish) and then rerun the
/etc/cron.daily/cracklib script. the wordlist should probably be a
dependency for
if you're using libpam-cracklib it could be related to this
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=112965repeatmerged=yes
hi,
Last night when I attempted to change my root password passwd bunked out on me. It
crashed and I received the following message on the console:
passwd:
if you're using libpam-cracklib it could be related to this
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=112965repeatmerged=yes
hi,
Last night when I attempted to change my root password passwd bunked out on
me. It crashed and I received the following message on the console:
passwd:
[copy from previous line]
and then tell inetd to reload its configuration file (using either
/etc/init.d/netbase reload or /etc/init.d/inetd reload).
--
Kevin Buhr [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
[copy from previous line]
and then tell inetd to reload its configuration file (using either
/etc/init.d/netbase reload or /etc/init.d/inetd reload).
--
Kevin Buhr [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
and I'm too lazy to walk downstairs and try
the other way around from the console.
Is this really a security issue? Does KDE Control Center actually
run as root, or just report that it is root?
Kevin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble
to cause problems). ESMTP is
traditional if your server supports it. There's an intersting
article on counterpane about this:
http://www.counterpane.com/crypto-gram-0112.html#9
Kevin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
to cause problems). ESMTP is
traditional if your server supports it. There's an intersting
article on counterpane about this:
http://www.counterpane.com/crypto-gram-0112.html#9
Kevin
On Sun, Jan 20, 2002 at 02:45:53PM +1300, Adam Warner wrote:
Can anyone provide a plausible scenario for how someone might be able to
gain root level access because su - has been used to switch to a user
account. Martin has already answered that your tty session would have to
be stolen. How
insecure protocol. This includes pop access too.
Kevin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
insecure protocol. This includes pop access too.
Kevin
You might be just as well mounting it nosuid, and you'd end up
breaking a lot less.
--
Kevin - [EMAIL PROTECTED]
--
Hi,
i have my /tmp mounted noexec, but I was suprised to see the Postfix
installer (in testing) want to execute some temporary scripts out of /tmp.
Of course
But what about when bob wants to run unstable glibc(2.2.2) and jimmy
likes stable glibc(2.1.3)? There'd have to be stable/unstable/blah
packages for every major version of glibc which I suppose isnt that
many but it'd add up. I could be totally off base though.
--
Kevin - [EMAIL PROTECTED
But what about when bob wants to run unstable glibc(2.2.2) and jimmy
likes stable glibc(2.1.3)? There'd have to be stable/unstable/blah
packages for every major version of glibc which I suppose isnt that
many but it'd add up. I could be totally off base though.
--
Kevin - [EMAIL PROTECTED
to it in addition to the one on drive. Keep it in a
secured room.
kevin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
to it in addition to the one on drive. Keep it in a
secured room.
kevin
$IPADDR 123 -j ACCEPT
done
Not super secure as it does nothing against spoofing (guess that's
really only possible with a digitally signed time server signature),
but it sufficed for me.
Kevin
Then they only have to compile their own version. Openwall shows only
you when you run 'w' but shows everyone if you 'who'. Anyone know
why?
--
Kevin - [EMAIL PROTECTED]
-- Original message --
Am Freitag, 9. März 2001 23:40 schrieb Robert Mognet:
Hello,
On Wed, Mar 07, 2001 at 05:03
after install
was complete, then run deselect to update.
Kevin
Hmmm what did you have to change in your Ipchains Rules for the
forwarded ports?
I've noticed everyone like to say 'I didn't have to install'... that's
nice but what did you have to do to existing software.
This comes on the heels.. distant heels of my Ipchains/Portfw post
regarding running a
1 - 100 of 104 matches
Mail list logo