Although it is good to have a properly setup firewall, I was wondering
what else I could do to check that the machines behind it haven't been
compromised (by an email trojan or the like)?
I was thinking of setting up a scanner (strobe/nmap/...?) to
automatically do a scan from a cron and mail
Although it is good to have a properly setup firewall, I was wondering
what else I could do to check that the machines behind it haven't been
compromised (by an email trojan or the like)?
I was thinking of setting up a scanner (strobe/nmap/...?) to
automatically do a scan from a cron and mail
Kenneth Pronovici wrote:
you can change user's shell to /dev/null
Well... it doesn't look like I can log in via telnet or FTP without
a valid login shell. I tried that with various entries other than
/dev/null ...
If all that is needed is web page upload access, you could try
Duane Powers wrote:
Hi all,
[ ... ]
I have found
that he did
not need to transmit the local password over the tunnel, but rather used
RSA to
verify his identity, but I can't find documentation on how to do it.
man ssh, man ssh-agent, man ssh-add, Practical UNIX Internet
Security does
Duane Powers wrote:
Hi all,
[ ... ]
I have found
that he did
not need to transmit the local password over the tunnel, but rather used
RSA to
verify his identity, but I can't find documentation on how to do it.
man ssh, man ssh-agent, man ssh-add, Practical UNIX Internet
Security does
Niklas Hglund (ETX) wrote:
Hi!
I'm running woody, should have
"deb http://security.debian.org potato/updates ..."
in my sources.list, as there is no
"deb http://security.debian.org woody/updates ..."
?
I'd also like to know this, as I am running "testing" right now.
--
[EMAIL
Niklas Höglund (ETX) wrote:
Hi!
I'm running woody, should have
deb http://security.debian.org potato/updates ...
in my sources.list, as there is no
deb http://security.debian.org woody/updates ...
?
I'd also like to know this, as I am running testing right now.
--
[EMAIL PROTECTED]
Hi. I ran SAINT over my system today, and it highlighted a possible
vulnerability in the "ftpd" package[1]. I believe this relates to
"anonymous" access.
Now, access to the "anonymous" account is disabled in the /etc/ftpusers
file, which I understand leads to this:
...
Name
Berend De Schouwer wrote:
On Tue, 30 Jan 2001 15:45:50 Mike Moran wrote:
[ ... ]
| However, SAINT still seems to pick this up as a vulnerability. Is this
| just because the SAINT detection routines get fooled by the
| almost-successful login, or is there actually a real vulnerability
Hi. I ran SAINT over my system today, and it highlighted a possible
vulnerability in the ftpd package[1]. I believe this relates to
anonymous access.
Now, access to the anonymous account is disabled in the /etc/ftpusers
file, which I understand leads to this:
...
Name (ftp.houseofmoran.com:mm):
Berend De Schouwer wrote:
On Tue, 30 Jan 2001 15:45:50 Mike Moran wrote:
[ ... ]
| However, SAINT still seems to pick this up as a vulnerability. Is this
| just because the SAINT detection routines get fooled by the
| almost-successful login, or is there actually a real vulnerability
11 matches
Mail list logo