On 18 Mar 2004 at 10:03, Ronny Adsetts wrote:
> Whilst doing security upgrades this morning for openssl, it occurred to me
> that lots of software that uses the openssl libraries will not automatically
> get restarted and will therefore still be running with old libraries and
> therefore be vul
On 18 Mar 2004 at 10:03, Ronny Adsetts wrote:
> Whilst doing security upgrades this morning for openssl, it occurred to me
> that lots of software that uses the openssl libraries will not automatically
> get restarted and will therefore still be running with old libraries and
> therefore be vul
a) First, if you can don't use the infected Linux for cleaning but
boot from a rescue-system.
b) Maybe try to generate a list of files that are infected. Have a
look if only a limited number of files or files from a certain number
of packages have been infected.
c) Try to re-install those packag
a) First, if you can don't use the infected Linux for cleaning but
boot from a rescue-system.
b) Maybe try to generate a list of files that are infected. Have a
look if only a limited number of files or files from a certain number
of packages have been infected.
c) Try to re-install those packag
On 18 Sep 2003 at 15:02, Markus Schabel wrote:
> Christian Storch wrote:
> > The problem is starting >>before<<
>
> I think all the things >>before<< phpshell.php are done via
> phpshell.php and the things you can see in the .bash_history
> are only the things after he already got in.
>
[...]
>
On 18 Sep 2003 at 15:02, Markus Schabel wrote:
> Christian Storch wrote:
> > The problem is starting >>before<<
>
> I think all the things >>before<< phpshell.php are done via
> phpshell.php and the things you can see in the .bash_history
> are only the things after he already got in.
>
[...]
>
On 22 Jun 2003 at 13:54, Adam ENDRODI wrote:
> How widely do you think changing the MAC address of a NIC via
> ``ifconfig hw'' is supported by the various network cards
> and drivers out there nowadays?
>
> My collegue and me have debated several times whether watching
> the LAN for non-matching
On 22 Jun 2003 at 13:54, Adam ENDRODI wrote:
> How widely do you think changing the MAC address of a NIC via
> ``ifconfig hw'' is supported by the various network cards
> and drivers out there nowadays?
>
> My collegue and me have debated several times whether watching
> the LAN for non-matching
On 16 Jun 2003 at 7:00, Halil Demirezen wrote:
> > My Debian box:
> > Connection closed by foreign host.
> > [EMAIL PROTECTED]:~> telnet xx.com 22
> > Trying 203.167.224....
> > Connected to xx.com.
> > Escape character is '^]'.
> > SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1
>
> To be bri
On 16 Jun 2003 at 7:00, Halil Demirezen wrote:
> > My Debian box:
> > Connection closed by foreign host.
> > [EMAIL PROTECTED]:~> telnet xx.com 22
> > Trying 203.167.224....
> > Connected to xx.com.
> > Escape character is '^]'.
> > SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1
>
> To be bri
On 15 Jun 2003 at 10:36, Noah Meyerhans wrote:
> In terms of protecting against breakin, it seems like a lot of people
> here have been advocating the grsecurity kernel patch. I have no
> experience with it, but the list of features certainly makes it sound
> like it will protect against some of
On 15 Jun 2003 at 10:36, Noah Meyerhans wrote:
> In terms of protecting against breakin, it seems like a lot of people
> here have been advocating the grsecurity kernel patch. I have no
> experience with it, but the list of features certainly makes it sound
> like it will protect against some of
On 11 Jun 2003 at 6:59, Reckhard, Tobias wrote:
> On Tue, Jun 10, Stefan Neufeind wrote:
> > I'm using a 128-bit-cert.
>
> You're using an X.509 certificate. The grade of symmetric encryption
> negotiated between browser and web server is (at least in theory)
>
On 11 Jun 2003 at 6:59, Reckhard, Tobias wrote:
> On Tue, Jun 10, Stefan Neufeind wrote:
> > I'm using a 128-bit-cert.
>
> You're using an X.509 certificate. The grade of symmetric encryption
> negotiated between browser and web server is (at least in theory)
>
I'm using a 128-bit-cert. But browsers that support less encryption
(e.g. IE that comes with WinNT4) can't access my SSL-pages because
the encryption doesn't allow degration. Is there any way to solve
this prob? Using Apache with an official SSL-cert.
PS: This just came to my mind when you said
; >
> > On Mon, 09 Jun 2003 at 09:35:49PM +0200, Stefan Neufeind wrote:
> > > But you mean starting with #! ?? How could I use the normal way of
> > > setting a cgi-handler for calling .php-files? Know what I mean?
> > >
> > > Using Misc Binary-supp
I'm using a 128-bit-cert. But browsers that support less encryption
(e.g. IE that comes with WinNT4) can't access my SSL-pages because
the encryption doesn't allow degration. Is there any way to solve
this prob? Using Apache with an official SSL-cert.
PS: This just came to my mind when you said
; >
> > On Mon, 09 Jun 2003 at 09:35:49PM +0200, Stefan Neufeind wrote:
> > > But you mean starting with #! ?? How could I use the normal way of
> > > setting a cgi-handler for calling .php-files? Know what I mean?
> > >
> > > Using Misc Binary-supp
03 at 11:02, Ted Cabeen wrote:
> "Stefan Neufeind" <[EMAIL PROTECTED]> writes:
>
> > But afaik you run into real problems when you try to use suexec with
> > php, don't you? Or has anybody managed to get this running
> > correctly? (for Apache 1.3.x
03 at 11:02, Ted Cabeen wrote:
> "Stefan Neufeind" <[EMAIL PROTECTED]> writes:
>
> > But afaik you run into real problems when you try to use suexec with
> > php, don't you? Or has anybody managed to get this running
> > correctly? (for Apache 1.3.x
But afaik you run into real problems when you try to use suexec with
php, don't you? Or has anybody managed to get this running correctly?
(for Apache 1.3.x !!!).
On 6 Jun 2003 at 17:06, Wade Richards wrote:
> On 06 Jun 2003 16:15:37 PDT, Jon writes:
> >I believe Apache would still be executing
But afaik you run into real problems when you try to use suexec with
php, don't you? Or has anybody managed to get this running correctly?
(for Apache 1.3.x !!!).
On 6 Jun 2003 at 17:06, Wade Richards wrote:
> On 06 Jun 2003 16:15:37 PDT, Jon writes:
> >I believe Apache would still be executing
Hi,
is there a package available (similar to the ftp-package which can be
found in the pear-lib) to use ftp with ssl? I'm not looking for SFTP
(SSH-filetransfer) but SSL with "AUTH SSL" at the beginning of the
session.
All the best
Stefan
Seems like again somebody is willing to pay the "donation" to debian?
List-admin ... go ahead :-)
eth R. van Wyk wrote:
> On Wednesday 23 April 2003 13:43, Stefan Neufeind wrote:
> > what is the best way to remotely syslog?
>
> If the business situation warrants the expense, then I advise my
> clients to run an admin network on critical servers, with one hardened
> syslog serv
Hi,
what is the best way to remotely syslog? In
"RE: HELP, my Debian Server was hacked!" by James Duncan he wrote to
use "syslog to log locally AND remotely". This is a good idea. But I
wonder how to make it safe. Let's say I have two servers. Each could
keep a second, separate log as "backup-l
On 16 Apr 2003 at 17:05, Jeff wrote:
> Felipe MartÃnez Hermo, 2003-Apr-16 18:23 +0100:
> >
> > So far, I also prefer IPSec because it seems to be the most
> > standard-compliant implementation, but I want to know my options. I
> > have just bought Kolesnikov's book, but I have not started wi
On 5 Apr 2003 at 9:04, Steve Jr Ramage wrote:
> Well continuing the problem, I have moved from the original one,
> appended at the bottom. Now something else is wrong, basically the
> following out put. I had to use 'export PATCH_THE_KERNEL=YES' (thanks
> Kenneth). Now the kernel compile asks me
On 5 Apr 2003 at 9:04, Steve Jr Ramage wrote:
> Well continuing the problem, I have moved from the original one,
> appended at the bottom. Now something else is wrong, basically the
> following out put. I had to use 'export PATCH_THE_KERNEL=YES' (thanks
> Kenneth). Now the kernel compile asks me
Hi,
I read on this list that several people are using logcheck, right? Is
this still up2date? Somewhere on the net I found that it was followed
by logsentry from Psionic - but this company doesn't seem to exist
anymore. Afaik logsentry at last was also free. And does anybody know
something abo
Hi,
I read on this list that several people are using logcheck, right? Is
this still up2date? Somewhere on the net I found that it was followed
by logsentry from Psionic - but this company doesn't seem to exist
anymore. Afaik logsentry at last was also free. And does anybody know
something abo
What I find astonishing: Let's say you are running a webserver, maybe
mailserver and a DNS on a server. What rules do you want to apply to
the packets etc.?
I would suggest to keep the open ports restricted, check for all
current updates regularly (subscribe to several mailinglists etc.)
and I
What I find astonishing: Let's say you are running a webserver, maybe
mailserver and a DNS on a server. What rules do you want to apply to
the packets etc.?
I would suggest to keep the open ports restricted, check for all
current updates regularly (subscribe to several mailinglists etc.)
and I
While we're still in the field of counting and monitoring traffic:
Is there any good way to account traffic on one computer by user? I
searched several times for this but didn't find any good solution.
Some people said it should be do-able with kernel-modules but nobody
knew who had already done
You might want to try out the packat "iptraf" and monitor the
interface ipsec0. It gives you various overwiews on traffic going
over each port in / out as well as other statistics. Only drawback:
It only counts as long as you leave it running on console. But I
guess leaving it running for e.g.
While we're still in the field of counting and monitoring traffic:
Is there any good way to account traffic on one computer by user? I
searched several times for this but didn't find any good solution.
Some people said it should be do-able with kernel-modules but nobody
knew who had already done
You might want to try out the packat "iptraf" and monitor the
interface ipsec0. It gives you various overwiews on traffic going
over each port in / out as well as other statistics. Only drawback:
It only counts as long as you leave it running on console. But I
guess leaving it running for e.g.
I've worked for a firm where they limited http-connections to let's
say 2MB per connection. So for stealing a lot of data you always had
to open several connections. This was some kind of "protection"
against tunnels and heavy downloads. Maybe this interruption would be
of some use to prevent i
I've worked for a firm where they limited http-connections to let's
say 2MB per connection. So for stealing a lot of data you always had
to open several connections. This was some kind of "protection"
against tunnels and heavy downloads. Maybe this interruption would be
of some use to prevent i
On 8 Mar 2003 at 17:40, Christian Jaeger wrote:
> At 13:02 Uhr +0200 08.03.2003, Birzan George Cristian wrote:
> - You should also be aware that a 0700 directory does not protect you
> if you are moving another directory from outside to inside, since
> users who have already chdir'd into it remain
On 8 Mar 2003 at 17:40, Christian Jaeger wrote:
> At 13:02 Uhr +0200 08.03.2003, Birzan George Cristian wrote:
> - You should also be aware that a 0700 directory does not protect you
> if you are moving another directory from outside to inside, since
> users who have already chdir'd into it remain
Burn him ... make him pay the donation. That's the least thing
justified. To the listmod: I would rate this a good idea, to donate
USD 1000.
On 24 Feb 2003 at 9:05, Jean-Francois Dive wrote:
> I'm glad to see this is not a standard form of spamming as your
> answered comments on the list. Howe
Burn him ... make him pay the donation. That's the least thing
justified. To the listmod: I would rate this a good idea, to donate
USD 1000.
On 24 Feb 2003 at 9:05, Jean-Francois Dive wrote:
> I'm glad to see this is not a standard form of spamming as your
> answered comments on the list. Howe
On 20 Feb 2003 at 9:59, Alan James wrote:
> On Thu, 20 Feb 2003 05:35:01 +, Dale Amon <[EMAIL PROTECTED]> wrote:
>
> >> or maybe a FreeS/WAN implementation for cygwin (is there a native
> >> win implementation?) ... but thats a different problem ...
> >
> >I doubt it. FreeSWAN uses Linux kern
On 20 Feb 2003 at 9:59, Alan James wrote:
> On Thu, 20 Feb 2003 05:35:01 +, Dale Amon <[EMAIL PROTECTED]> wrote:
>
> >> or maybe a FreeS/WAN implementation for cygwin (is there a native
> >> win implementation?) ... but thats a different problem ...
> >
> >I doubt it. FreeSWAN uses Linux kern
On 12 Feb 2003 at 13:17, Benjamin wrote:
> is L2TP also possible with dynamic ips?
Yes it is. Basically you would use an IPsec-encrypted connection with
X509-certs. Have a look at the "FreeS/Wan-patch-homepage" and try out
the patched FreeS/Wan or maybe already SuperFreeS/Wan with the X509-
pat
On 12 Feb 2003 at 11:52, Tadeusz Knapik wrote:
> 12.02.03 pisze Massimo Villa ([EMAIL PROTECTED]):
>
> > There's anybody who knows a ggod howto to install e simple ma secure
> > VPN between two little lan? Is it possible for a single user
> > (example, a home user with W2K), to use a win32 client
On 12 Feb 2003 at 13:17, Benjamin wrote:
> is L2TP also possible with dynamic ips?
Yes it is. Basically you would use an IPsec-encrypted connection with
X509-certs. Have a look at the "FreeS/Wan-patch-homepage" and try out
the patched FreeS/Wan or maybe already SuperFreeS/Wan with the X509-
pat
Maybe you might have a look at FreeS/Wan for the server-side.
FreeS/Wan itself can be used to connect LANs directly via IPsec.
There are also various ways to connect Windows-clients to such an
IPsec-network.
If you're interested, maybe have a look at the FreeS/Wan-mailinglist
at: lists.freeswa
On 12 Feb 2003 at 11:52, Tadeusz Knapik wrote:
> 12.02.03 pisze Massimo Villa ([EMAIL PROTECTED]):
>
> > There's anybody who knows a ggod howto to install e simple ma secure
> > VPN between two little lan? Is it possible for a single user
> > (example, a home user with W2K), to use a win32 client
Maybe you might have a look at FreeS/Wan for the server-side.
FreeS/Wan itself can be used to connect LANs directly via IPsec.
There are also various ways to connect Windows-clients to such an
IPsec-network.
If you're interested, maybe have a look at the FreeS/Wan-mailinglist
at: lists.freeswa
51 matches
Mail list logo