://nouveau.freedesktop.org/wiki/ and
contribute if you can!
Uwe.
--
Uwe Hermann
http://www.hermann-uwe.de
http://www.it-services-uh.de | http://www.crazy-hacks.org
http://www.holsham-traders.de | http://www.unmaintained-free-software.org
signature.asc
Description: Digital signature
Hi,
here's a heavily updated firewall script. I have incorporated many of
the suggestions and ideas from the lists (especially debian-firewall).
Any further comments and improvement-suggestions are still very welcome!
Cheers, Uwe.
--
Uwe Hermann
http://www.hermann-uwe.de
http://www.it
for authentication on untrusted
networks. (Though they are useful as one layer of security, to mitigate
the risk of vulnerabilities in the encryption routines.)
Full ACK. It's one additional layer of security, but should never be
relied upon alone.
Uwe.
--
Uwe Hermann
http://www.hermann-uwe.de
http
, but the one from George Hein
(which I was referring to) does not have that line.
Uwe.
--
Uwe Hermann
http://www.hermann-uwe.de
http://www.it-services-uh.de | http://www.crazy-hacks.org
http://www.holsham-traders.de | http://www.unmaintained-free-software.org
signature.asc
Description: Digital
Hi,
On Tue, May 23, 2006 at 07:29:44PM +0400, Konstantin Khomoutov wrote:
On Tue, May 23, 2006 at 04:36:31PM +0200, Uwe Hermann wrote:
useless. Did I miss anything?
Kernel shoots any packet it considers as being martian -- e.g. packets
from 127.0.0.0/8 cannot appear on any interface
not a complete now we're 100% safe method,
but it helps prevent _some_ problems.
Cheers, Uwe.
--
Uwe Hermann
http://www.hermann-uwe.de
http://www.it-services-uh.de | http://www.crazy-hacks.org
http://www.holsham-traders.de | http://www.unmaintained-free-software.org
signature.asc
Description: Digital
be better in certain
situations?
For me /etc/sysctl.conf is not so nice, as I want to be able to download
my own script from my website when I'm at other machines which I want to
secure. Thus, I'd like to have everything in one single script
(vs. multiple files).
Uwe.
--
Uwe Hermann
http
a server which
needs to be reachable from the Internet?
Uwe.
--
Uwe Hermann
http://www.hermann-uwe.de
http://www.it-services-uh.de | http://www.crazy-hacks.org
http://www.holsham-traders.de | http://www.unmaintained-free-software.org
signature.asc
Description: Digital signature
policy-rc.d, please read
/usr/share/doc/sysv-rcREADME.policy-rc.d.gz for more information.
I believe all the mechanisms dissuggested in this thread are already there.
Yes, policy-rc.d indeed looks like it does what I want, thanks!
Uwe.
--
Uwe Hermann
http://www.hermann-uwe.de
http://www.it
.
Uwe.
--
Uwe Hermann
http://www.hermann-uwe.de
http://www.it-services-uh.de | http://www.crazy-hacks.org
http://www.holsham-traders.de | http://www.unmaintained-free-software.org
signature.asc
Description: Digital signature
outside, the firewall will block any
traffic to it, and hence any exploit attempts.
There are many other valid examples.
It's not the concept of a firewall that is flawed, it's relying on IP
addresses for authentication which is a bad idea.
Uwe.
--
Uwe Hermann
http://www.hermann-uwe.de
http
Hermann
http://www.hermann-uwe.de
http://www.it-services-uh.de | http://www.crazy-hacks.org
http://www.holsham-traders.de | http://www.unmaintained-free-software.org
#!/bin/sh
#--
# File: fw_laptop
# Author: Uwe Hermann
whatever packages I newly install. That's tedious and error-prone.
How would you go about ensuring that _no daemon at all_ is ever started
on your system, except when you explicitly type etc/init.d/foobar start?
Uwe.
--
Uwe Hermann
http://www.hermann-uwe.de
http://www.it-services-uh.de | http
Hi Ed,
On Fri, Jan 11, 2002 at 05:46:58PM -0500, Ed Street wrote:
I have run chkrootkit and get
Anyone have a d/l site for the deb package of this?
apt-get install chkrootkit
Uwe.
--
Uwe Hermann
[EMAIL PROTECTED]
[EMAIL PROTECTED] | Unmaintained Free Software:
http://www.hermann
Hi Ed,
On Fri, Jan 11, 2002 at 05:46:58PM -0500, Ed Street wrote:
I have run chkrootkit and get
Anyone have a d/l site for the deb package of this?
apt-get install chkrootkit
Uwe.
--
Uwe Hermann
[EMAIL PROTECTED]
[EMAIL PROTECTED] | Unmaintained Free Software:
http://www.hermann
15 matches
Mail list logo