On Mon, 9 Jun 2003, Helmar wrote:
> I just upgraded my kernel image from 2.4.18-k6 to 2.4.18-1-k6 and i
> cannot confirm that the above bug has been fixed. The simple exploit (i
> think it has been from bugtraq) is still working fine, giving every
> local user easily root privileges.
>
take the s
On Mon, 9 Jun 2003, Helmar wrote:
> I just upgraded my kernel image from 2.4.18-k6 to 2.4.18-1-k6 and i
> cannot confirm that the above bug has been fixed. The simple exploit (i
> think it has been from bugtraq) is still working fine, giving every
> local user easily root privileges.
>
take the s
On Fri, 23 May 2003, Ian Goodall wrote:
> I have premoved promiscuous mode from my card. When checking ifconfig (eth0)
> I am still getting all the network traffic flowing through my computer or at
> least a lot of it. The system is sitting idle and I can see the traffic
> going up a few meg a min
On Wed, 7 May 2003, Rudolph van Graan wrote:
> The following packages will be upgraded
> kdewallpapers mime-support
> 2 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
> Need to get 0B/1030kB of archives. After unpacking 105kB will be freed.
> Do you want to continue? [Y/n
On Mon, 5 May 2003 [EMAIL PROTECTED] wrote:
> $ rsync -avz security.debian.org::debian-security .
> rsync: read error: Connection reset by peer
> rsync error: error in rsync protocol data stream (code 12) at io.c(162)
Works fine here, you might want to check your firewall logs to see if
you're be
On Mon, 10 Feb 2003, vincenzo wrote:
> You can simply add them in the /etc/passwd file without giving any shell
> at all, like that:
> leon:x:1050:100::/home/leon:
>
That lets you in just fine unfortunately.
mdresser:x:1000:1000:Mike Dresser,,,:/home/mdresser:
x:~# login
x log
On Mon, 10 Feb 2003, vincenzo wrote:
> You can simply add them in the /etc/passwd file without giving any shell
> at all, like that:
> leon:x:1050:100::/home/leon:
>
That lets you in just fine unfortunately.
mdresser:x:1000:1000:Mike Dresser,,,:/home/mdresser:
x:~# login
x log
On 23 Jan 2003, Stanislas Rusinsky wrote:
> in sshd_conf :
>
> AllowTcpForwarding no :
> Specifies whether TCP forwarding is permitted. The default
> is
> ``yes''. Note that disabling TCP forwarding does not improve security
> unless users are also denied shell access, as they
On 23 Jan 2003, Stanislas Rusinsky wrote:
> in sshd_conf :
>
> AllowTcpForwarding no :
> Specifies whether TCP forwarding is permitted. The default is
> ``yes''. Note that disabling TCP forwarding does not improve security
> unless users are also denied shell access, as they ca
On Mon, 16 Dec 2002, Phillip Hofmeister wrote:
> Hi all,
>
> I am sure you have seen the SSH CERT. Are we vulnerable? If so is
> there a time line for an update?
>
> Thanks,
The vendor response in the CERT advisory said OpenSSH was not vulnerable.
On Mon, 16 Dec 2002, Phillip Hofmeister wrote:
> Hi all,
>
> I am sure you have seen the SSH CERT. Are we vulnerable? If so is
> there a time line for an update?
>
> Thanks,
The vendor response in the CERT advisory said OpenSSH was not vulnerable.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTE
Any word from the security team on what's going on with potato's bind?
Mike
Any word from the security team on what's going on with potato's bind?
Mike
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Thu, 8 Aug 2002, Roger Ward wrote:
> Which bug? this url does not work
oops.
http://www.securiteam.com/unixfocus/5QP020K35O.html
It's the DNS parsing code bug.
Did the above mentioned hole ever get fixed in potato bitchx?
Seems that it should have been, but the exploit is well over a year old,
and I see nothing in the changelog.
Mike
> For a truly stable Debian system, drop
>
> deb http://http.us.debian.org/debian dists/potato-proposed-updates/
>
> (wait for official release updates) and then just s/potato/stable/g.
> Note that non-US is being phased out.
I've seen way too many packages that take too long to get into stable
Hate to beat a dead horse, but
deb http://http.us.debian.org/debian potato main contrib non-free
deb http://http.us.debian.org/debian dists/potato-proposed-updates/
deb http://non-us.debian.org/debian-non-US potato/non-US main contrib
non-free
deb http://non-us.debian.org/debian-security potato/
> logging console
>
> should get what you need on a cisco. Might have to set that serial port
> to no password, which brings up an additional home if physical security
> is a concern.
>
> --Rich
What about the cisco that's 35 miles away?
I'm thinking with what these cisco's do, and actually log,
I've done some looking around on the web, and haven't really found an
answer to the following question.
How do you securely handle syslogging when you have servers in the DMZ,
and then the servers that are inside on the internal network? Seems that
the fundamental rule is never allow internal lan
> Interesting. I'm running Debian 2.2r2 (dist-upgraded to testing). I
> selected MD5 for my passwords during installation. However, it seems
> that it has defaulted my passwords to 8 characters too:
>
> >From /etc/pam.d/passwd (login is the same)
>
> password required pam_unix.so nullok obs
> Interesting. I'm running Debian 2.2r2 (dist-upgraded to testing). I
> selected MD5 for my passwords during installation. However, it seems
> that it has defaulted my passwords to 8 characters too:
>
> >From /etc/pam.d/passwd (login is the same)
>
> password required pam_unix.so nullok ob
On Fri, 30 Nov 2001, Roger Keays wrote:
>
> Hi all,
>
> I'm not sure if this is common knowledge or not, but I have just noticed
> the effects of having the first two letters of your password the same as
> the first two in your login name... You can use any extension of your
> password!!
>
> e.g
On Fri, 30 Nov 2001, Roger Keays wrote:
>
> Hi all,
>
> I'm not sure if this is common knowledge or not, but I have just noticed
> the effects of having the first two letters of your password the same as
> the first two in your login name... You can use any extension of your
> password!!
>
> e.
Robert Davidson Security wrote:
> On Fri, Aug 03, 2001 at 03:50:23AM +1000, Ian Miller wrote:
> > I know this may not be the place for it... but its a real laugh.
> >
> > http://www.linuks.mine.nu/debian/
>
> Yep, it's not the place but it's a great site!
>
> I love the porn.conf file... links act
es/
Over the years, this is what I seem to have accumulated. Any
comments/suggestions?
The proposed-updates, was because of a package not making it into security.d.o
due to
whatever reason it was at the time.
Mike Dresser
Over the years, this is what I seem to have accumulated. Any comments/suggestions?
The proposed-updates, was because of a package not making it into security.d.o due to
whatever reason it was at the time.
Mike Dresser
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "un
Peter Cordes wrote:
> yeti:~$ grep 2064 /usr/share/nmap/nmap-services
> distrib-net-losers 2064/tcp # A group of lamers working on a silly
> closed-source client for solving the RSA cryptographic challenge. This is
> the keyblock proxy port.
>
> It used to be s/losers/assholes/ and s/silly/stup
Peter Cordes wrote:
> yeti:~$ grep 2064 /usr/share/nmap/nmap-services
> distrib-net-losers 2064/tcp # A group of lamers working on a silly
> closed-source client for solving the RSA cryptographic challenge. This is
> the keyblock proxy port.
>
> It used to be s/losers/assholes/ and s/silly/stu
"William R. Ward" wrote:
> I've replaced the legit usernames and IP's with "xxx" but left them in
> for context. I'm worried that the "date" entries are a consequence of
> some hacker activity, but I have been unable to find any other
> symptoms. I did a web search and did not find any mention o
"William R. Ward" wrote:
> I've replaced the legit usernames and IP's with "xxx" but left them in
> for context. I'm worried that the "date" entries are a consequence of
> some hacker activity, but I have been unable to find any other
> symptoms. I did a web search and did not find any mention
Mike Fedyk wrote:
> If you try to su to a user with a shell set to /dev/null, what happens?
> /bin/false just exits the su, even from root.
su - username -s /bin/sh
mike
Mike Fedyk wrote:
> If you try to su to a user with a shell set to /dev/null, what happens?
> /bin/false just exits the su, even from root.
su - username -s /bin/sh
mike
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Somehow, I'm getting the impression you haven't taken this system offline, and
properly either reinstall or definately fix what's wrong. That should be your
first priority, if so.
Steve Rudd wrote:
> Hello! Steve here,
>
> Well I am one of the family now! My server is Debian 2.2r2. A benign hac
Somehow, I'm getting the impression you haven't taken this system offline, and
properly either reinstall or definately fix what's wrong. That should be your
first priority, if so.
Steve Rudd wrote:
> Hello! Steve here,
>
> Well I am one of the family now! My server is Debian 2.2r2. A benign hack
You don't mention whether the previous admin is still with you, but if not,
you'll want to remove his RSA keys from the server, or else you can change your
root password all you want, and he'll still be able to connect, assuming he can
get to the machine via your network/internet.
Duane Powers wro
You don't mention whether the previous admin is still with you, but if not,
you'll want to remove his RSA keys from the server, or else you can change your
root password all you want, and he'll still be able to connect, assuming he can
get to the machine via your network/internet.
Duane Powers wr
please."
I don't think SPI would complain about multiple donations per advertisement. =)
Mike Dresser
please."
I don't think SPI would complain about multiple donations per advertisement. =)
Mike Dresser
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
38 matches
Mail list logo
