you considered running SELinux? This is a non-trivial exercise of
course.
Rob
--
Robert Brockway B.Sc.
Senior Technical Consultant, OpenTrend Solutions Ltd.
Phone: 416-669-3073 Email: [EMAIL PROTECTED] http://www.opentrend.net
OpenTrend Solutions: Reliable, secure solutions to real world
reply and point out that Unix vacation(1) has been working correctly
with lists for 20 or 30 years and ask why software written in the last
5 years for a certain other OS can't follow a few simple rules :)
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED]
Linux counter
of
broken updates in 2.2 and 3.0 is 0 plus or minus 1 :)
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED]
Linux counter project ID #16440 (http://counter.li.org)
The earth is but one country and mankind its citizens -Baha'u'llah
--
To UNSUBSCRIBE, email to [EMAIL
corruption, it just resulted in the package installation failing.
On the other hand one should not over-estimate the inteligence of
script-kiddies. Even those writing the scripts tend to be lousy
programers, from what I have seen.
Indeed.
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED
the system boot scripts
as well)
The immutable bit can be removed from a file on a running system. I just
confirmed this on a box to make sure recent kernels hadn't changed this
behaviour.
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED]
Linux counter project ID #16440
corruption, it just resulted in the package installation failing.
On the other hand one should not over-estimate the inteligence of
script-kiddies. Even those writing the scripts tend to be lousy
programers, from what I have seen.
Indeed.
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED
the system boot scripts
as well)
The immutable bit can be removed from a file on a running system. I just
confirmed this on a box to make sure recent kernels hadn't changed this
behaviour.
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED]
Linux counter project ID #16440
recent events). You can even
go one step further and have the sensitive data seperated from the
upload/download box (there are various ways to aproach this).
Cheers,
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED]
Linux counter project ID #16440 (http
recent events). You can even
go one step further and have the sensitive data seperated from the
upload/download box (there are various ways to aproach this).
Cheers,
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED]
Linux counter project ID #16440 (http
On Fri, 19 Sep 2003, Matt Zimmerman wrote:
On Thu, Sep 18, 2003 at 10:58:49PM -0400, Robert Brockway wrote:
Was there any particular reason that this newer fixed version has a
version number the makes it look older than the exploitable version?
Simple: it doesn't. The version in stable
the problem.
Thanks again, must have been a busy few days for you :)
Cheers,
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED]
Linux counter project ID #16440 (http://counter.li.org)
The earth is but one country and mankind its citizens -Baha'u'llah
--
To UNSUBSCRIBE
On Fri, 19 Sep 2003, Matt Zimmerman wrote:
On Thu, Sep 18, 2003 at 10:58:49PM -0400, Robert Brockway wrote:
Was there any particular reason that this newer fixed version has a
version number the makes it look older than the exploitable version?
Simple: it doesn't. The version in stable
the problem.
Thanks again, must have been a busy few days for you :)
Cheers,
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED]
Linux counter project ID #16440 (http://counter.li.org)
The earth is but one country and mankind its citizens -Baha'u'llah
of an exploit as yet.
I would still patch ASAP. Best not to risk it.
Definately. This is always best practice regardless of whether there is a
known exploit or not.
Cheers,
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED]
Linux counter project ID #16440 (http
of an exploit as yet.
I would still patch ASAP. Best not to risk it.
Definately. This is always best practice regardless of whether there is a
known exploit or not.
Cheers,
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED]
Linux counter project ID #16440 (http
of static addresses
by your ISP.
If this is for a home setup you may not be able to do much about the
security aspect or it may not be worth it to setup a DMZ (this is
perfectly valid, it's all about risk assessment), but it's always worth
considering the alternatives.
Cheers,
Rob
--
Robert
Hi, hadn't seen this mentioned on list. Forwarded from Bugtraq.
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED] ICQ: 104781119
Linux counter project ID #16440 (http://counter.li.org)
The earth is but one country and mankind its citizens -Baha'u'llah
-- Forwarded message
Hi hadn't seen this mentioned on list. Forwarded from Bugtraq.
-- Forwarded message --
Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.12.9. It contains a fix for a critical security
problem discovered by Michal Zalewski whom we thank for
of static addresses
by your ISP.
If this is for a home setup you may not be able to do much about the
security aspect or it may not be worth it to setup a DMZ (this is
perfectly valid, it's all about risk assessment), but it's always worth
considering the alternatives.
Cheers,
Rob
--
Robert
Hi, hadn't seen this mentioned on list. Forwarded from Bugtraq.
Rob
--
Robert Brockway B.Sc. email: [EMAIL PROTECTED] ICQ: 104781119
Linux counter project ID #16440 (http://counter.li.org)
The earth is but one country and mankind its citizens -Baha'u'llah
-- Forwarded message
Hi hadn't seen this mentioned on list. Forwarded from Bugtraq.
-- Forwarded message --
Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.12.9. It contains a fix for a critical security
problem discovered by Michal Zalewski whom we thank for
21 matches
Mail list logo