On Thu, Aug 28, 2008 at 01:05:19PM +0200, Johan Walles wrote:
2008/8/28 Giacomo A. Catenazzi [EMAIL PROTECTED]:
auth.log was invented for this reason, and separated to standard log:
it should be readable only by root, because users do errors.
It's readable by anybody with physical access
On Thu, Aug 30, 2007 at 11:42:03AM +0200, Maxim Kammerer wrote:
1) Clarify if it is really true that the message last message repeated \d+
times does not always refer to the last message, as suggested in one post.
I thought that syslogd's raison d'etre was exactly to provide a unified
On Tue, Jul 12, 2005 at 05:59:01PM +0200, Florian Weimer wrote:
If you've got a reasonable complete copy of the Debian package pool
and you are willing to run Clamav across it, please respond to this
message.
Oh, I was actually just working on some other approaches to checking for
people
On Tue, Jul 12, 2005 at 06:40:55PM +0200, Florian Weimer wrote:
operations. Unfortunately, we have to check all architectures
individually because spurious buildd configuration changes might
trigger static linking of zlib.
Yes, although the main issue is likely to be people shipping a
On Tue, Jul 12, 2005 at 01:04:05PM -0400, Michael Stone wrote:
On Tue, Jul 12, 2005 at 07:55:08PM +0300, Mark Brown wrote:
Yes, although the main issue is likely to be people shipping a separate
copy of the source.
Not necessarily, because a tgz might include source that isn't actually
used
On Tue, Jul 12, 2005 at 07:14:43PM +0200, Florian Weimer wrote:
* Mark Brown:
Yes, although the main issue is likely to be people shipping a separate
copy of the source.
Only by looking at the binary, you can tell if the copy which is
contained in the source tarball is actually used
On Tue, Jan 28, 2003 at 05:48:07PM +0100, Siegbert Baude wrote:
I dont't quite understand the consequences of the above DSA posted by Martin
Schulze earlier this day on Debian Security Announcements. When the problem
is the dhcp-relay, why is then the dhcp3 package upgraded for Debian and not
On Sat, Mar 16, 2002 at 11:43:41PM +0530, Sandip Bhattacharya wrote:
Pardon my ignorance, but I was under the impression that this list is only
about official Security Announcements for Debian(DSA), and not a general
discussion on security. Am I on the wrong list or did I read the list
On Sat, Mar 16, 2002 at 11:43:41PM +0530, Sandip Bhattacharya wrote:
Pardon my ignorance, but I was under the impression that this list is only
about official Security Announcements for Debian(DSA), and not a general
discussion on security. Am I on the wrong list or did I read the list
On Wed, Mar 13, 2002 at 04:52:12AM -0600, xbud wrote:
there is currently no working exploit for this bug.. but one will popup
sooner or later.
A DoS attack on SSHv2 was posted to bugtraq yesterday.
--
You grabbed my hand and we fell into it, like a daydream - or a fever.
On Wed, Mar 13, 2002 at 04:52:12AM -0600, xbud wrote:
there is currently no working exploit for this bug.. but one will popup
sooner or later.
A DoS attack on SSHv2 was posted to bugtraq yesterday.
--
You grabbed my hand and we fell into it, like a daydream - or a fever.
pgpCnsoyf5VSn.pgp
On Tue, Mar 12, 2002 at 09:19:22PM +0100, Martin Hermanowski wrote:
On my woody boxes, I installed the updated zlib1g from unstable and
restarted sshd. Is this enough to be protected?
As far as SSH is concerned (and providing your mirror was up to date
enough to have 1:1.1.3-19.1 or later of
On Tue, Mar 12, 2002 at 09:19:22PM +0100, Martin Hermanowski wrote:
On my woody boxes, I installed the updated zlib1g from unstable and
restarted sshd. Is this enough to be protected?
As far as SSH is concerned (and providing your mirror was up to date
enough to have 1:1.1.3-19.1 or later of
On Sat, Jan 26, 2002 at 05:01:14AM +, Lazarus Long wrote:
severity 130876 grave
This is definitely a security risk. There is no reason that such
information should be exposed to attackers. Just because FreeBSD has
That doesn't mean it's a severity grave bug, though. There's no actual
On Wed, Oct 03, 2001 at 07:13:08PM -0500, Chris Flipse wrote:
the one I'm using. I *think* this was an old key that I lost in a hard
drive crash ... There's no way for me to get that out of the database,
is there? A revokation certificiate has not made itself apparent ... I
There's no way.
On Wed, Oct 03, 2001 at 07:13:08PM -0500, Chris Flipse wrote:
the one I'm using. I *think* this was an old key that I lost in a hard
drive crash ... There's no way for me to get that out of the database,
is there? A revokation certificiate has not made itself apparent ... I
There's no way.
On Sun, Mar 26, 2000 at 03:39:10PM +0200, Petr Cech wrote:
what aour runq using cron?
Or running sendmail in queue only mode, for that matter?
--
Mark Brown mailto:[EMAIL PROTECTED] (Trying to avoid grumpiness)
http://www.tardis.ed.ac.uk/~broonie/
EUFShttp
directly - if you trust your identd, it saves you a lot of
grovelling through logs. It may even be the only way you have of
identifying the user responsible on a multi-user box.
--
Mark Brown mailto:[EMAIL PROTECTED] (Trying to avoid grumpiness)
http://www.tardis.ed.ac.uk/~broonie
of a TCP connection. Many servers collect and log this
information to help provide an audit trail.
--
Mark Brown mailto:[EMAIL PROTECTED] (Trying to avoid grumpiness)
http://www.tardis.ed.ac.uk/~broonie/
EUFShttp://www.eusa.ed.ac.uk/societies/filmsoc/
pgpDpqxscBOrt.pgp
19 matches
Mail list logo