Hi Daniel,
On 09/04/13 21:05 +0200, Daniel Curtis wrote:
Hi andika.
Another INVALID packet description. I read a lot of
information and I don't know what is the truth. Frankly,
the first time I see a description, which concerns RAM memory.
So, I have a 1 GB of RAM memory. Just for example;
On 24/08/11 08:53 +0200, Dirk Hartmann wrote:
it is possible to dos a actual squeeze-apache2 with easy to forge
rage-requests:
http://lists.grok.org.uk/pipermail/full-disclosure/2011-August/082299.html
Apache-devs are working on a solution:
On 02/12/10 14:09 -0500, Michael Gilbert wrote:
https://www.isc.org/software/bind/advisories/cve-2010-3613
https://www.isc.org/software/bind/advisories/cve-2010-3614
This is the first I've heard of these issues. You can submit a bug
report against bind9 to encourage the maintainer to start
On 21/02/10 16:19 +, Benjamin Vetter wrote:
Furthermore, there is no security support for etch anymore, so it would
result in using a rather old php4 package without security support?
It's recommended to check your system with
deborphan after upgrading to a new release.
regards
Rolf
--
On 03/02/09 14:42 -0500, Allan Wind wrote:
Prank? Root kits usually wants to stay undetected to steal passwords,
or use your box as spam relay.
There used to be a worm in the 1990ies that would
make letters from a terminal fall down.
regards, Rolf
--
... But, conscience asks the question,
On 24/11/08 22:40 +0100, Lupe Christoph wrote:
On Monday, 2008-11-24 at 16:12:56 +0100, Manuel Gomez wrote:
Hi, i would like to maintain encrypt an archive in all moment, so i
would like to know what software can be this.
Now i am using Truecrypt, but when i mount the encrypted directory
On 21/11/08 09:29 +0100, Dani wrote:
when the driver fault, I was in the midst of rebuilding the system and
had multiple virtual machines running. The result was that reiserfs
Did those VMs have reiserfs-partitions, too?
Reisefs has problems recovering when there are
reiserfs-images inside
On 23/04/08 07:00 -0400, Michael Stone wrote:
needs to be scoped. There is no benefit whatsoever to defining
*anything bad that happens* as a computer security issue. (Oops, I
acidentally deleted my own file--no, you screwed up, Oops, the
building burned down--bigger problem than computer
On 23/01/08 18:48 +0200, Riku Valli wrote:
Debian haven't any open services by default, except portmapper and behind
portmapper aren't any services. So no need for host firewall.
Ack. I didn't want to argue pro a default
firewall.
regards, Rolf
--
...about the greatest democrazy in the
* Quoting Mikko Rapeli ([EMAIL PROTECTED]):
On Fri, Sep 01, 2006 at 06:56:17PM -0400, Michael Stone wrote:
On Sat, Sep 02, 2006 at 12:28:17AM +0300, Mikko Rapeli wrote:
- can a process running vulnerable code be exploited to not show the
shared libraries and other non-shared libraries and
* Quoting Mikko Rapeli ([EMAIL PROTECTED]):
On Tue, Aug 29, 2006 at 10:54:45PM +0200, Moritz Muehlenhoff wrote:
Mikko Rapeli wrote:
Could Debian security advisories help a bit, since the people making the
packaging changes propably know how to make the changes effective on a
running
* Quoting Uwe Hermann ([EMAIL PROTECTED]):
iptables -A INPUT -j ACCEPT -s 127.0.0.1 # local host
iptables -A OUTPUT -j ACCEPT -d 127.0.0.1
Correct me if I'm wrong, but I think this would also allow incoming
traffic from 127.0.0.1 to the eth0 interface. So somebody spoofing
his
* Quoting LeVA ([EMAIL PROTECTED]):
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
But if one can spoof 127.0.0.1, then one can spoof anything else, so creating
any rule with an ip address matching is useless. No? If I set up my firewall
to accept only my local
* Quoting Michael Stone ([EMAIL PROTECTED]):
On Tue, May 23, 2006 at 10:06:45AM +0200, Rolf Kutz wrote:
The script under scrutiny was intended for a
laptop. A router or firewall setup is something
different and should not route traffic with
spoofed addresses. rp_filter should catch
* Quoting Marc Haber ([EMAIL PROTECTED]):
On Thu, Mar 02, 2006 at 11:09:28PM +0100, Florian Weimer wrote:
I typically use an Exim .forward file which invokes a special script
using pipe. The script creates a file, and a cron job which runs
periodically checks for the existence of that
* Quoting Michal Sabala ([EMAIL PROTECTED]):
For the past month or so security updates have been very slow for us
(~5KB/sec). It appears that the first A record for the
security.debian.org is the problem.
host -t a security.debian.org
security.debian.org has address 82.94.249.158 -
* Quoting Jan Luehr ([EMAIL PROTECTED]):
Hello,
as I'm using KDE daily I'm concerned about CVE-2006-0019 [1].
Will Sarge be patched next week? (Otherwise I'll patch build KDE by myself)
Sarge has been patched yesterday, see DSA 948-1.
Keep smiling
Whipe that smirk off your face :)
Rolf
* Quoting kevin bailey ([EMAIL PROTECTED]):
hi,
these ports seem to be open by default on a standard sarge setup
PORT STATESERVICE
21/tcp open ftp
This is not part of the default install.
25/tcp open smtp
This is only open to localhost.
80/tcp open http
* Quoting Michelle Konzack ([EMAIL PROTECTED]):
Am 2005-11-28 15:17:03, schrieb Rolf Kutz:
s/Mozilla/links/
:-)
Unfurtunatly there is a Java-Script problem with (e)links.
That's a feature. Other browsers have security
problems with java-script :)
- Rolf
--
To UNSUBSCRIBE, email
* Quoting Michelle Konzack ([EMAIL PROTECTED]):
Am 2005-11-25 14:34:24, schrieb Rolf Kutz:
It is possible, either as different users or with
If you allow to run apps as different user on the
same desktop, you pick security holes in your system.
Yes, but it would also solve some
* Quoting Michelle Konzack ([EMAIL PROTECTED]):
Unfortunatly it is not possibel to open two instances of mozilla.
( Which may crash seperatly :-/ )
It is possible, either as different users or with
different profiles (mozilla profile manager). You
could also use Mozilla and Mozilla Firefox
* Quoting Jasper Filon ([EMAIL PROTECTED]):
Well, obviously it is not a _security_ bug, since it has nothing to do
with security. However, it is a bug, maybe even a critical one.
As long as the bug does not compromise the security of the system
(enables unauthorised execution of code, access
* Quoting Hideki Yamane ([EMAIL PROTECTED]):
It has been fixed for unstable at least.
How about CAN-2004-0600 and CAN-2004-0686 for samba in stable?
There is no Samba3 in stable.
- Rolf
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
* Quoting Bas ([EMAIL PROTECTED]):
If you do not run Portsentry you have a problem..
I disagree.
There could be another process listening at that.
- Rolf
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
* Quoting Matthew Palmer ([EMAIL PROTECTED]):
On Tue, Aug 24, 2004 at 09:11:34PM -0400, Michael Stone wrote:
On Wed, Aug 25, 2004 at 12:39:57AM +0200, Rolf Kutz wrote:
This depends on how the attack really works. If
you just need to flip a few bits in a document it
might just look like
* Quoting Almut Behrens ([EMAIL PROTECTED]):
On Tue, Aug 24, 2004 at 09:18:46PM +0200, Danny De Cock wrote:
a cryptographic hash function, such as md5, sha1, ripemd-160, to name the
most commonly used cryptographic hash functions are constructed to have at
least the following
* Quoting Konstantin ([EMAIL PROTECTED]):
further information are here:
http://www.ietf.org/rfc/rfc1945.txt
great idea until this is fixed(not mine):
Stop all http and https servers and don't visit
sites which works with the from design related unsecure http protocol!
HEY, don't blame
* Quoting Konstantin ([EMAIL PROTECTED]):
further information are here:
http://www.ietf.org/rfc/rfc1945.txt
great idea until this is fixed(not mine):
Stop all http and https servers and don't visit
sites which works with the from design related unsecure http protocol!
HEY, don't blame
* Quoting Ronny Adsetts ([EMAIL PROTECTED]):
I remember someone posting a method for locating programs that are running
with old libraries, but don't recall where and I can't seem to find the
right words whilst invoking google...
lsof +L1
- Rolf
--
To UNSUBSCRIBE, email to [EMAIL
* Quoting Ronny Adsetts ([EMAIL PROTECTED]):
I remember someone posting a method for locating programs that are running
with old libraries, but don't recall where and I can't seem to find the
right words whilst invoking google...
lsof +L1
- Rolf
This question would be better off on
debian-firewall.
* Quoting EErdem ([EMAIL PROTECTED]):
I've been using iptables (or i assuming that). But at boot time it gives
an error: Aborting iptables load: unknown rulesets active . I
couldn't find the problem. I searched via google, and found
This question would be better off on
debian-firewall.
* Quoting EErdem ([EMAIL PROTECTED]):
I've been using iptables (or i assuming that). But at boot time it gives
an error: Aborting iptables load: unknown rulesets active . I
couldn't find the problem. I searched via google, and found
* Quoting Phillip Hofmeister ([EMAIL PROTECTED]):
On Tue, 03 Feb 2004 at 06:11:34PM -0500, Rolf Kutz wrote:
You would get a ICMP host-unreachable from the
last router in that case.
I don't believe this is always the case.
True.
It may be the RFC specification that an ICMP host
* Quoting François TOURDE ([EMAIL PROTECTED]):
But I think DROP is the best way, 'cause it slow down NMAP or other
sniffers. Sniffers must wait packet timeout, then retry, then wait,
etc.
Your fooling yourself. What prevents sniffers from
sending multiple packets at once[0]. And you're
* Quoting Phillip Hofmeister ([EMAIL PROTECTED]):
As mentioned before, it is a port-scanner. Anyhow, TCP-Reset cans turn
Ack.
a asymmetric DoS attack/flood (one-way) into an symmetric DoS/flood
because now your host is generating traffic by replying to these
otherwise useless packets.
* Quoting François TOURDE ([EMAIL PROTECTED]):
But I think DROP is the best way, 'cause it slow down NMAP or other
sniffers. Sniffers must wait packet timeout, then retry, then wait,
etc.
Your fooling yourself. What prevents sniffers from
sending multiple packets at once[0]. And you're
* Quoting Phillip Hofmeister ([EMAIL PROTECTED]):
As mentioned before, it is a port-scanner. Anyhow, TCP-Reset cans turn
Ack.
a asymmetric DoS attack/flood (one-way) into an symmetric DoS/flood
because now your host is generating traffic by replying to these
otherwise useless packets.
* Quoting Maria Rodriguez ([EMAIL PROTECTED]):
That appears to be klecker.debian.org which isn't currently responding to pings,
which in itself isn't scary, but it looks as though it may have been inaccessible
for a few days now.
Does anyone know what's going on?
* Quoting Maria Rodriguez ([EMAIL PROTECTED]):
That appears to be klecker.debian.org which isn't currently responding to
pings, which in itself isn't scary, but it looks as though it may have been
inaccessible for a few days now.
Does anyone know what's going on?
* Quoting Douglas F. Calvert ([EMAIL PROTECTED]):
This is the problem. I am having trouble implementing a solution to
update the database after an upgrade and still maintain its validity.
Run aide --update right after the upgrade and
compare the output with dpkg -L of the package.
The replace
* Quoting Douglas F. Calvert ([EMAIL PROTECTED]):
This is the problem. I am having trouble implementing a solution to
update the database after an upgrade and still maintain its validity.
Run aide --update right after the upgrade and
compare the output with dpkg -L of the package.
The replace
* Quoting Kristof Goossens ([EMAIL PROTECTED]):
On Thu, May 22, 2003 at 08:46:47PM -0400, Rob French wrote:
So, are any network/port-related tools useful?
In my personal opinion it is ALWAYS usefull to know what is going on on your
system. No mather how little ports are open...
You said
* Quoting Rudolph van Graan ([EMAIL PROTECTED]):
What I would have like to see was something like this: [Please think of
this in terms of stable or testing]
apt-listchanges. It displays the new changelog
entries from the debs before installing them, but
has to download them first, so no
* Quoting Ian Goodall ([EMAIL PROTECTED]):
Thanks everyone for your help.
It must be his computer as all the computers I usually log in from are all
fine. I am still quite new to all of this but we all have to start somewhere
:)
Check the Fingerprint against the one from your
machine.
* Quoting Kay-Michael Voit ([EMAIL PROTECTED]):
Then I stopped trying But now, without changing anything, it
works. As anyone an explanation for this behavior?
Did you flush the conntracktable?
- rk
* Quoting Felipe Martínez Hermo ([EMAIL PROTECTED]):
I have a 5-site network. Each with a Cable/DSL link. Currently I have a
Netscreen box on each site. I want to substitute the NS box with Linux boxes
so I can manage bandwith, set up a firewall and have a configuration which is
* Quoting Florian Weimer ([EMAIL PROTECTED]):
Rolf Kutz [EMAIL PROTECTED] writes:
Use IPsec. It's a standard and it's supported by
win2k natively.
But Felipe still needs a VPN to run IPsec on. Of course, he could use
GRE tunneling for that. 8-)
Would he? Why not use IPsecs tunnel
* Quoting Daniel Husand ([EMAIL PROTECTED]):
Hi, does anyone know if its possible to setup this:
Clients - NAT - Internet - NAT - Clients with iptelephony without opening your NAT
servers to the world.
Any software suggestions / tricks / ideas?
You can use the ip_conntrack_h323 module
* Quoting Daniel Husand ([EMAIL PROTECTED]):
Hi, does anyone know if its possible to setup this:
Clients - NAT - Internet - NAT - Clients with iptelephony without opening
your NAT servers to the world.
Any software suggestions / tricks / ideas?
You can use the ip_conntrack_h323 module
* Quoting Marc Demlenne ([EMAIL PROTECTED]):
echo unexisting_binary /proc/sys/kernel/modprobe
Can we trust this solution ?
What's the effect ?
You can't dynamically load and unload modules
anymore. If you load all the modules you need
before doing it, you're fine.
It seems to work
* Quoting Marc Demlenne ([EMAIL PROTECTED]):
echo unexisting_binary /proc/sys/kernel/modprobe
Can we trust this solution ?
What's the effect ?
You can't dynamically load and unload modules
anymore. If you load all the modules you need
before doing it, you're fine.
It seems to work
* Quoting Cyrus Dantes ([EMAIL PROTECTED]):
I've already installed opie-client and opie-server and already used opiepasswd to
generate my OTP keys
and such. I have verified my login is in /etc/opiekeys and other such needed items.
Now i was wondering
how i could make OpenSSH 3.5 accept
* Quoting Cyrus Dantes ([EMAIL PROTECTED]):
I've already installed opie-client and opie-server and already used
opiepasswd to generate my OTP keys
and such. I have verified my login is in /etc/opiekeys and other such needed
items. Now i was wondering
how i could make OpenSSH 3.5 accept
* Quoting I.R. van Dongen ([EMAIL PROTECTED]):
On Wed, 19 Mar 2003 21:21:42 +, [EMAIL PROTECTED] wrote:
On Wed, Mar 19, 2003 at 09:45:48PM +0100, Janus N. T?ndering wrote:
This should be more than enough. I have been running a mailserver on a
Pentium 133MHz 96 RAM + SCSI for a
* Quoting Iñaki Martínez ([EMAIL PROTECTED]):
So i client can access the server via SSH, but s/he CAN NOT ssh to other
servers from my server...
How can i do this
chmod o-x /usr/bin/ssh
- rk
--
What sort of person, said Salzella patiently, sits down and writes a
maniacal laugh? And
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]):
2. Mount /home, /tmp and any other place users might have write access on
with the noexec switch, so they can only use binaries installed (and
allowed to them) on the system.
This does not prevent them from executing
binaries. This has been
* Quoting Hubert Chan ([EMAIL PROTECTED]):
Do the kerneli modules (officially) work with encrypted swap? I know
It works for me.
encryption, which may allocate new memory, ad infinitum. loop-AES takes
care of that explicitly, by preallocating memory, but I don't think
cryptoapi/cryptoloop
* Quoting Hubert Chan ([EMAIL PROTECTED]):
Do the kerneli modules (officially) work with encrypted swap? I know
It works for me.
encryption, which may allocate new memory, ad infinitum. loop-AES takes
care of that explicitly, by preallocating memory, but I don't think
cryptoapi/cryptoloop
* Quoting Joshua SS Miller ([EMAIL PROTECTED]):
Cryptoswap? Hmm sound like something I was thinking about earlier
today. Do you have a good resource for this?
http://www.kerneli.org/index.php
- rk
--
Ahahahahaha! Ahahahaha! Aahahaha!
BEWARE!
Yrs sincerely
The Opera Ghost
* Quoting Kaddik ([EMAIL PROTECTED]):
Is it possible to specify the interface that samba should listen on?
I'm I missing something, or is package-dropping in iptables the
only method? I'm using woody w 2.4.18 kernel..
'bind interfaces only' in smb.conf
But you should do source checking with
* Quoting andrew lattis ([EMAIL PROTECTED]):
#connections to lo
$iptables -A OUTPUT -p ALL -o $lo_iface -s $lo_ip -j ACCEPT
#allow the rest
$iptables -A OUTPUT -p ALL -o $eth_iface -s $eth_ip -j ACCEPT
#log the rest
$iptables -A OUTPUT -m limit --limit $log_limit --limit-burst
* Quoting martin f krafft ([EMAIL PROTECTED]):
in short: does Debian support security updates for testing?
No.
- rk
--
These wheels are for inline skates only, unless you are stupid.
Aggressive skating can be dangerous and hazardous to your health.
If you get hurt, you are doing it wrong.
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]):
Wondering if some people know of some content-aware proxies/filters, to
attempt to block [some of] those dangerous products (apart from maintaining
a black-list...)
Since the traffic is encrypted, content filtering
will not trigger.
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]):
Since the traffic is encrypted, content filtering
will not trigger.
Thats true for HTTPS, not HTTP.
According their website, the tunnel is
AES-encrypted.
Why do you allow people to install software on the
clients, if you don't
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]):
Wondering if some people know of some content-aware proxies/filters, to
attempt to block [some of] those dangerous products (apart from maintaining
a black-list...)
Since the traffic is encrypted, content filtering
will not trigger.
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]):
Since the traffic is encrypted, content filtering
will not trigger.
Thats true for HTTPS, not HTTP.
According their website, the tunnel is
AES-encrypted.
Why do you allow people to install software on the
clients, if you don't
* Quoting Erik Rossen ([EMAIL PROTECTED]):
Imagine instead a car that is always unlocked and is used nightly by
hooligans when they go joy-riding.
That's why leaving a car unlocked is illegal in
Germany. On the other hand, you still need the key
to start it and a hooligan wouldn't mind braking
* Quoting Jones, Steven ([EMAIL PROTECTED]):
Ive found port sentry really good for detecting port scans and then routeing
the return packets to no where.
That makes you open to DoS-Attacks. Someone could
scan you with spoofed source-IP and disconnect
your box. A tarpit is a much better aproach
* Quoting Craig Sanders ([EMAIL PROTECTED]):
PS: actually, the only other thing you could do is set firewall rules
blocking inbound tcp port 25. if your mail server is the primary MX for
your domain then you would also need a secondary MX and open the
firewall for just that machine.
* Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]):
Hello!
Anybody know of a tool like PGPDisk for Linux?
cfs is in stable.
- Rolf
* Quoting Zelko Slamaj ([EMAIL PROTECTED]):
What I realized is:
.) 'till now it is safe to leave it that way but
.) those kiddies scan your computer and think that these ports _are_ indeed
open, so you have more attack-tries, which results in longer log-files and
longer ip-chains.
Plus
* Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]):
Thanks for this info -- if you happen to come across the reference
again, I'd appreciate it if you could pass it along.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=151203repeatmerged=yes
- Rolf
--
To UNSUBSCRIBE, email to [EMAIL
* Quoting Chuck Peters ([EMAIL PROTECTED]):
It doesn't appear as though this keyboard-interactive authentication is
something we want or need, but I don't know what it means and I haven't
found anything in the ssh or sshd man pages or the libpam-doc that
explains what it means. Would
* Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]):
From: Rolf Kutz [EMAIL PROTECTED]
One Time Passwords e.g. (libpam-opie). But could
be any PAM challenge-response dialog.
Does anyone know whether there's any chance this can/will get fixed in
the future?
I had been planning to use
* Quoting Alvin Oga ([EMAIL PROTECTED]):
hi ya
a silly question ... if spamassassin caught the spam,
i assume it still received the spam and dumped it into a rejected spam
folder ???
i would rather see that the spam senders see a bounce email that
fills up their boxes with returned
* Quoting Robert Brown ([EMAIL PROTECTED]):
Sorry if this has been answered elsewhere, but there did not seem to be a
mention of whether compression works with this latest release of OpenSSH
3.4, particularly on the server side. I depend upon compression in
various scripts and would like to
* Quoting Patrick Hsieh ([EMAIL PROTECTED]):
Hello,
We are condisering to use GnuPG or S/MIME to encrypt or sign the email
in the company. Can someone give me any advice or suggestion?
http://www.gnupg.org/aegypten/
combines both.
- Rolf
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
* Quoting Patrick Hsieh ([EMAIL PROTECTED]):
Hello,
We are condisering to use GnuPG or S/MIME to encrypt or sign the email
in the company. Can someone give me any advice or suggestion?
http://www.gnupg.org/aegypten/
combines both.
- Rolf
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
* Quoting César Augusto Seronni Filho ([EMAIL PROTECTED]):
hi guys in my maillog I am receiving many strange message on sendmail like
that:
May 10 18:52:50 xserver sendmail[]: g4AIRfa02119:
to=[EMAIL PROTECTED], ctladdr=one of my user mail (638/45),
delay=03:25:09, xdelay=00:00:00,
* Quoting César Augusto Seronni Filho ([EMAIL PROTECTED]):
hi guys in my maillog I am receiving many strange message on sendmail like
that:
May 10 18:52:50 xserver sendmail[]: g4AIRfa02119:
to=[EMAIL PROTECTED], ctladdr=one of my user mail (638/45),
delay=03:25:09, xdelay=00:00:00,
* Quoting Mathias Palm ([EMAIL PROTECTED]):
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Sorry, I dont get that. The manpage says:
...ESTABLISHED meaning that the
packet is associated with a connection which has
seen packets in both directions...
[EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
it indeed sounds VERY interesting (not only to me) :-)
although I never dealt with special kernel modifications.
But I'll give it a go..can anyone recommend any other
kernel security patch sites? ..would be great!
I never tested it, but it looks
Halil Demirezen ([EMAIL PROTECTED]) wrote:
How can i solve the problem that after i ping my computer(server) with
ping localhost for about 160 times, the system starts not to give
response and the load average of the cpu raises to the %81.
how can i solve this system problem..
You can
Gergely Trifonov ([EMAIL PROTECTED]) wrote:
it's okay if you just remove the setuid bit from /bin/ping (chmod -s
/bin/ping), so users won't be able to run it
This doesn't help. Luser will be able to create a
100% load with any command, so this doesn't help
and ping is a useful tool. Try
Halil Demirezen ([EMAIL PROTECTED]) wrote:
How can i solve the problem that after i ping my computer(server) with
ping localhost for about 160 times, the system starts not to give
response and the load average of the cpu raises to the %81.
how can i solve this system problem..
You can
Gergely Trifonov ([EMAIL PROTECTED]) wrote:
it's okay if you just remove the setuid bit from /bin/ping (chmod -s
/bin/ping), so users won't be able to run it
This doesn't help. Luser will be able to create a
100% load with any command, so this doesn't help
and ping is a useful tool. Try
J. Paul Bruns-Bielkowicz ([EMAIL PROTECTED]) wrote:
I have a restricted services file and a default (open) services file. Some
services are disabled, i.e.
9/tcp opendiscard
13/tcp opendaytime
109/tcpopenpop-2
987/tcpopenunknown
by
J. Paul Bruns-Bielkowicz ([EMAIL PROTECTED]) wrote:
Commenting out things in /etc/services doesn't
disable anything.
It seems to. The above ports were closed just by commenting them out of
/etc/services and then rebooting.
How did you verify?
No, I just changed /etc/services
It's
J. Paul Bruns-Bielkowicz ([EMAIL PROTECTED]) wrote:
I have a restricted services file and a default (open) services file. Some
services are disabled, i.e.
9/tcp opendiscard
13/tcp opendaytime
109/tcpopenpop-2
987/tcpopenunknown
by
basilisk ([EMAIL PROTECTED]) wrote:
If you do edit the init.d scripts don't forget to end the processes too.
ACK.
Also don't just use a port scanner like nmap. have a look at lsof too
lsof -Pan -i tcp -i udp
It's quite useful.
Right, but it doesn't help with hosts.[allow|deny]
entries,
J. Paul Bruns-Bielkowicz ([EMAIL PROTECTED]) wrote:
Commenting out things in /etc/services doesn't
disable anything.
It seems to. The above ports were closed just by commenting them out of
/etc/services and then rebooting.
How did you verify?
No, I just changed /etc/services
It's
Johannes Weiss ([EMAIL PROTECTED]) wrote:
Hi @all,
I plan to install a mailserver for ca. 800 users, now I planned to make 800
users with shell /bin/bash, home /dev/nul,...
So, I ask you ;)), if this is a good solution, to make 800 UNIX-users for a
mailserver and if not what's the best
Johannes Weiss ([EMAIL PROTECTED]) wrote:
Hi @all,
I plan to install a mailserver for ca. 800 users, now I planned to make 800
users with shell /bin/bash, home /dev/nul,...
So, I ask you ;)), if this is a good solution, to make 800 UNIX-users for a
mailserver and if not what's the best
Florian Bantner ([EMAIL PROTECTED]) wrote:
A fact about which I'm concerned
even more than about a hack from outside via the internet etc. is
real physical access to the box. Something hackers normaly don't pay
enough attention is that just somebody steps - let's say 6 o'clock
in the
Florian Bantner ([EMAIL PROTECTED]) wrote:
On Die, 20 Nov 2001, Rolf Kutz wrote:
Use TMPFS. Encrypt your disk or do everything in
RAM (maybe set up a diskless system booting from
cd. See the bootcd-package). They might still be
bugging your hardware.
I don't know tmpfs. What I'm
Alexander Clouter ([EMAIL PROTECTED]) wrote:
I am the root guy of my own laptop and I can trust myself :) However a lot
of countries (uk/us and probably others, lots in the eu I would imagine) have
encryption laws, not preventing it but permiting them to throw you in jail
unless you hand
Florian Bantner ([EMAIL PROTECTED]) wrote:
A fact about which I'm concerned
even more than about a hack from outside via the internet etc. is
real physical access to the box. Something hackers normaly don't pay
enough attention is that just somebody steps - let's say 6 o'clock
in the morning
Florian Bantner ([EMAIL PROTECTED]) wrote:
On Die, 20 Nov 2001, Rolf Kutz wrote:
Use TMPFS. Encrypt your disk or do everything in
RAM (maybe set up a diskless system booting from
cd. See the bootcd-package). They might still be
bugging your hardware.
I don't know tmpfs. What I'm
Alexander Clouter ([EMAIL PROTECTED]) wrote:
I am the root guy of my own laptop and I can trust myself :) However a lot
of countries (uk/us and probably others, lots in the eu I would imagine) have
encryption laws, not preventing it but permiting them to throw you in jail
unless you hand
Emmanuel Lacour ([EMAIL PROTECTED]) wrote:
What's the use of noexec flag???
If you mount partitions of a different OS or
machine, whose programs can't or shouldn't be
executed.
- Rolf
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
1 - 100 of 111 matches
Mail list logo