* Vineet Kumar ([EMAIL PROTECTED]) [080515 10:39]:
> I was able to find blacklist.RSA-1024 in Ubuntu's openssl-blacklist
> package, and (fortunately) found that my 1024-bit RSA keys are in fact
> not blacklisted.
I guess this is probably because those keys were generated before
op
I'm a bit concerned about the many 1024-bit RSA keys I have on my
system. To be on the safe side, I'm removing them and replacing them
with newly-generated 2048-bit keys.
I wonder though, why there's no blacklist.RSA-1024 in the
openssh-blacklist package? Running ssh-vulnkey tells me "Unknown (n
I was able to find blacklist.RSA-1024 in Ubuntu's openssl-blacklist
package, and (fortunately) found that my 1024-bit RSA keys are in fact
not blacklisted.
--
http://www.doorstop.net/
signature.asc
Description: Digital signature
* Stefan Fritsch ([EMAIL PROTECTED]) [071116 13:03]:
> is unset. (Actually, some scripts use "${LD_LIBRARY_PATH+:
> $LD_LIBRARY_PATH}", which seems to work, too. But this is not
> documented in the bash man page, at least I can't find it.)
The difference between ${PARAMETER:+WORD} and ${PARAMETER
* Horst Pflugstaedt ([EMAIL PROTECTED]) [060923 10:53]:
> On Thu, Sep 21, 2006 at 03:37:56PM -0400, Morgan Walker wrote:
> >
> > Thanks Michelle that worked perfect. Is there an easy variable I could
> > throw in there that you know off hand which would include the time
> > (MM/DD/) as well?
* Uwe Hermann ([EMAIL PROTECTED]) [060521 11:18]:
> echo 1 > /proc/sys/net/ipv4/ip_forward
> echo 0 > /proc/sys/net/ipv4/ip_forward
While I haven't yet gone through the actual content of the script, a
note of style preference:
Personally, I prefer using sysctl -w instead of echo > /proc/sys. I
p
* Maximiliano Curia ([EMAIL PROTECTED]) [060515 10:35]:
> On Monday 15 May 2006 13:31, Lee Braiden wrote:
> > On Monday 15 May 2006 16:09, Uwe Hermann wrote:
> > > Hi,
> > >
> > > just a random question I wanted to ask for quite a while now:
> > >
> > > What is "the Debian way" to prevent any daemo
* Jan Luehr ([EMAIL PROTECTED]) [060130 06:32]:
> Hello
>
> Am Sonntag, 29. Januar 2006 19:45 schrieb hanasaki:
> > The goal is to have an internal webserver:
> > - DONE - running on a high numbered port
> > - DONE - firewall forwards 80-> on webserver
> > - DONE - external hits on
* Patrick ([EMAIL PROTECTED]) [051127 01:06]:
> Thanks Steve. I've just tested your solution and it's working fine. I
> invoked a second instance of sshd using a different configuration file,
> i.e.
>
> ssh -f /etc/ssh/sshd_conf-internal
>
> which binds to port 22 all allows all users to login. T
* martin f krafft ([EMAIL PROTECTED]) [050708 02:23]:
> also sprach Johann Spies <[EMAIL PROTECTED]> [2005.07.08.1057 +0200]:
> > How is it possible that I can enable this user not only to run
> > programs from this directory, but to kill the process he started when
> > necessary using SUDO - witho
* Hanasaki JiJi ([EMAIL PROTECTED]) [030419 08:40]:
> The below two sets of rules seem to provide the same functionality, with
> the excpetion that the second ruleset results in a timeout from the
> 192.168.1.2 timing out on connections to some, only some, external hosts
> on port 25. What coul
* Anne Carasik ([EMAIL PROTECTED]) [030416 10:58]:
> A true VPN is something like IPSec. SSH and SSL only tunnel TCP-based
> traffic (at least that's what they are supposed to do). If you want a
> true VPN, do not use SSH or SSL.
Well, PPP can be used over an SSH tunnel. This way, you can send a
* Adrian 'Dagurashibanipal' von Bidder <[EMAIL PROTECTED]> [20030320 06:39 PST]:
> Set it up to block everything and then selectively open ports until
> everything works as desired. Depending on the applications it may be a
> good idea to REJECT auth (identd) packets instead of dropping them -
> so
* Hanasaki JiJi <[EMAIL PROTECTED]> [20030320 09:55 PST]:
> Lars Ellenberg wrote:
> >but to me it seems more appropriate to use a simple store and forward
> >smtp deamon on the firewall.
> what package can i research for a store/foward server?
>
> I thought the secure way was not to run anything
* Adrian 'Dagurashibanipal' von Bidder <[EMAIL PROTECTED]> [20030320 06:39 PST]:
> Set it up to block everything and then selectively open ports until
> everything works as desired. Depending on the applications it may be a
> good idea to REJECT auth (identd) packets instead of dropping them -
> so
* Hanasaki JiJi <[EMAIL PROTECTED]> [20030320 09:55 PST]:
> Lars Ellenberg wrote:
> >but to me it seems more appropriate to use a simple store and forward
> >smtp deamon on the firewall.
> what package can i research for a store/foward server?
>
> I thought the secure way was not to run anything
* Bernard Lheureux ([EMAIL PROTECTED]) [030210 14:07]:
> On Saturday 08 February 2003 15:23, Kristof Goossens wrote:
>
> > > Hello all,
> >
> > I need to make a pop3 account on my server. I intend to work with ipop3d to
> > provide secure pop3 service. Now I want to provide this service for only
>
* Bernard Lheureux ([EMAIL PROTECTED]) [030210 14:07]:
> On Saturday 08 February 2003 15:23, Kristof Goossens wrote:
>
> > > Hello all,
> >
> > I need to make a pop3 account on my server. I intend to work with ipop3d to
> > provide secure pop3 service. Now I want to provide this service for only
>
* Torrin ([EMAIL PROTECTED]) [021215 19:21]:
> Nicolas Boullis wrote:
> > * Torrin ([EMAIL PROTECTED]):
> > > iptables -A INPUT -i eth0 -j ACCEPT -p TCP -s 0.0.0.0/0 --source-port
> > > domain #53
> > > iptables -A INPUT -i eth0 -j ACCEPT -p UDP -s 0.0.0.0/0 --source-port
> > > domain #53
> >"Hey!
* Torrin ([EMAIL PROTECTED]) [021215 19:21]:
> Nicolas Boullis wrote:
> > * Torrin ([EMAIL PROTECTED]):
> > > iptables -A INPUT -i eth0 -j ACCEPT -p TCP -s 0.0.0.0/0 --source-port
> > > domain #53
> > > iptables -A INPUT -i eth0 -j ACCEPT -p UDP -s 0.0.0.0/0 --source-port
> > > domain #53
> >"Hey!
* Erik Rossen ([EMAIL PROTECTED]) [020910 04:51]:
> On Tue, Sep 10, 2002 at 03:28:42AM -0700, Vineet Kumar wrote:
> > As the law is concerned, this is like telling people they've left their
> > front door unlocked by inviting yourself in and taking a dump on their
> > c
* Michael Renzmann ([EMAIL PROTECTED]) [020910 03:12]:
> Hi.
>
> Vineet Kumar wrote:
> >>Phillip Hofmeister stated that one could use the Nimda backdoor on the
> >>server that connects our server to setup a warning message on the
> >>attacking computer'
* Michael Renzmann ([EMAIL PROTECTED]) [020910 02:55]:
> Phillip Hofmeister stated that one could use the Nimda backdoor on the
> server that connects our server to setup a warning message on the
> attacking computer's desktop. I think this is a great idea, but I have
> not been able to track do
* Patrick Maheral ([EMAIL PROTECTED]) [020808 08:22]:
> Is there a way tell Mutt to list all attachments? If so, why isn't this
> the default behaviour?
Does view-attachments (bound by default to 'v') not work? It should
show all attachments, even to multipart/alternative messages. From that
at
* Daniel Rychlik ([EMAIL PROTECTED]) [020802 13:43]:
> Hello,
>
> I have recently setup PGP on my Debian server at home. I have setup
> Exim for relay of 3 hosts. I would like to be able to include pgp
> signature signing for the three hosts. My wife uses Outlook for her
> email and I was wande
I believe that command must be issued in the body of the message rather
than in the Subject: line.
(Here is a demonstration of why a list configured to take configuration
requests at the list address is a bad idea...)
good times,
Vineet
--
http://www.doorstop.net/
--
"Great spirits have always
* Dale Amon ([EMAIL PROTECTED]) [020723 03:44]:
> Dumb question time. Does anyone know a way to limit kernel
> messages to one vt? This has gets to be particularly
> annoying if you go overboard with grsecurity audit messages :-)
add "console=tty1" to your kernel command line. All messages will go
* Lars Roland Kristiansen ([EMAIL PROTECTED]) [020723 00:37]:
> Hi debian security geeks.
>
> I have a woody box running as a mail gateway with postfix (popbeforesmtp
> and local relay for 192.168.2.1) and pop3 (soon to be imap just need
> outlook 2002 in the company as it supports multiple imap a
* Vineet Kumar ([EMAIL PROTECTED]) [020701 16:51]:
> So anyway, here's a basic rundown of things to double-check:
Add to this list that "UseLogin" is set to no (its default) and
X11UseLocalhost is set to yes (its default) on the server.
> I'm about to review the thre
* Anne Carasik ([EMAIL PROTECTED]) [020701 16:34]:
> Hi Vineet,
>
> It doesn't matter--it's still does not work no matter what I do
> to my X server.
>
> Anyway, I turned off xhost and X11 listening a while ago.
Right. My point was that this is a way /around/ ssh forwarding. It won't
make it any
* Ashish Gulhati ([EMAIL PROTECTED]) [020701 16:17]:
>
> > Okay, having X11 listening for TCP connections with xhost +
> > enabled didn't help.
> >
> > I'm open to other suggestions. :)
>
> Having X listening on the remote host isn't necessary for X11
> forwarding, nor is it necessary to do xhos
* Anne Carasik ([EMAIL PROTECTED]) [020701 16:01]:
> This one time, David Caplan wrote:
> > Hi, I'm not exactly sure what you are trying to do, maybe this will
> > help :)
> > does it matter if you authorize the other computer with xhost?
> > or just a `xhost +` ?
>
> Nope, that didn't hel
* Phillip Hofmeister ([EMAIL PROTECTED]) [020628 08:38]:
> *Jun 28 11:31:34 Genesis PAM-env[5338]: Unable to open config file:
> Permission denied*
It seems that this is related to the PAM breakage noted in the recent
versions with priv sep enabled. My guess would be that sinc
* Howland, Curtis ([EMAIL PROTECTED]) [020627 17:15]:
> I noticed the same thing when doing the 3.3 thing two days ago that I
> commented on on this list.
>
> The security server is in my apt.sources list, but when I executed
> "apt-get upgrade", it said "0 new, 0 to be removed, 1 package(s) not
* Tom Dominico ([EMAIL PROTECTED]) [020627 16:23]:
> Hello,
>
> I am on testing, and when I do an apt-get update/apt-get upgrade, I do
> not seem to be getting the "new and improved" ssh. I checked ssh -v,
> and I'm not on 3.4 yet. I've done the "workarounds", so I shouldn't be
> vulnerable, but
* Jeff Bonner ([EMAIL PROTECTED]) [020607 18:33]:
> On Fri 07 Jun 2002 16:27, Vineet Kumar wrote:
> > sessionoptional pam_mail.so standard noenv
> Hmm, interesting. Mine reads thusly:
>
>sessionoptional pam_mail.so standard noenv # [1]
>
> Not sure
* Jeff Bonner ([EMAIL PROTECTED]) [020604 16:47]:
> Whenever I logout from an SSH2 session now, I get the following
> in my /var/log/messages:
>
>June 4 19:36:26 firegate sshd[24364]: PAM pam_putenv: delete
>non-existent entry; MAIL
>
I'm not sure exactly why it's carping like that, but
* jogi hofmueller ([EMAIL PROTECTED]) [020514 10:50]:
> i am starting to set up a centryl LDAP server for various authentication
> purposes. now i would of course like to have the thing using TLS ... and
> found out that slapd in woody (don't know about other versions) does not
> support TLS by def
* jogi hofmueller ([EMAIL PROTECTED]) [020514 10:50]:
> i am starting to set up a centryl LDAP server for various authentication
> purposes. now i would of course like to have the thing using TLS ... and
> found out that slapd in woody (don't know about other versions) does not
> support TLS by de
* Patrick Hsieh ([EMAIL PROTECTED]) [020508 20:24]:
> Hello,
>
> When I use -j DROPLOG in iptables, my woody complains:
> iptables v1.2.6a: Couldn't load target
> `DROPLOG':/lib/iptables/libipt_DROPLOG.so: cannot open shared object file: No
> such file or directory
>
> Try `iptables -h' or 'ipt
* Patrick Hsieh ([EMAIL PROTECTED]) [020508 20:24]:
> Hello,
>
> When I use -j DROPLOG in iptables, my woody complains:
> iptables v1.2.6a: Couldn't load target `DROPLOG':/lib/iptables/libipt_DROPLOG.so:
>cannot open shared object file: No such file or directory
>
> Try `iptables -h' or 'iptabl
* Michal Melewski ([EMAIL PROTECTED]) [020506 15:02]:
> On Mon, May 06, 2002 at 01:47:54PM -0700, Vineet Kumar wrote:
> > This setup will work fine most of the time, but mysteriously fail when
> > replies to your DNS queries are long. Your resolver tries to ask udp/53,
> > but
* Michal Melewski ([EMAIL PROTECTED]) [020506 15:02]:
> On Mon, May 06, 2002 at 01:47:54PM -0700, Vineet Kumar wrote:
> > This setup will work fine most of the time, but mysteriously fail when
> > replies to your DNS queries are long. Your resolver tries to ask udp/53,
>
* Michal Melewski ([EMAIL PROTECTED]) [020506 11:07]:
> Hello
> Try to add following lines into your firewall script:
> iptables -A INPUT -p udp -i $DEV -s 0/0 --sport 53 -j ACCEPT
> iptables -A INPUT -p udp -i $DEV -s 0/0 -j DROP
> iptables -A OUTPUT -p udp -i $DEV -d 0/0 --dport 53 -j ACCEPT
>
>
* Michal Melewski ([EMAIL PROTECTED]) [020506 11:07]:
> Hello
> Try to add following lines into your firewall script:
> iptables -A INPUT -p udp -i $DEV -s 0/0 --sport 53 -j ACCEPT
> iptables -A INPUT -p udp -i $DEV -s 0/0 -j DROP
> iptables -A OUTPUT -p udp -i $DEV -d 0/0 --dport 53 -j ACCEPT
>
* Ramon Acedo ([EMAIL PROTECTED]) [020210 14:43]:
> I just want that when someone try to access to host1.mydomain.net from the
> internet my firewall (and dns server)
> forward the request to host1.local which has the private ip 192.168.1.20.
I've thought about this problem, but I don't think ther
--KFztAG8eRSV9hGtP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
* Ramon Acedo ([EMAIL PROTECTED]) [020210 14:43]:
> I just want that when someone try to access to host1.mydomain.net from the
> internet my firewall (and dns ser
* Andrew Lau ([EMAIL PROTECTED]) [020202 00:34]:
> Hi everyone,
> It's been over a month since I submitted bug report #124169 to
> the BTS and snort's maintainer, Robert van der Meulen
> , has not yet replied to me. This bug report is
> effectively holding me back from releasing a fully opera
--WhfpMioaduB5tiZL
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
* Andrew Lau ([EMAIL PROTECTED]) [020202 00:34]:
> Hi everyone,
> It's been over a month since I submitted bug report #124169 to
> the BTS and snort's maint
* Preben Randhol ([EMAIL PROTECTED]) [020202 05:22]:
> Is this a normal log response when one use scp from one Debian machine
> to another:
>
> debian-security@lists.debian.org
> Is this a normal log response when one use scp from one Debian machine
> to another:
>
> sshd[2494]: Accepted keyboard
* Preben Randhol ([EMAIL PROTECTED]) [020202 05:22]:
> Is this a normal log response when one use scp from one Debian machine
> to another:
>
> [EMAIL PROTECTED]
> Is this a normal log response when one use scp from one Debian machine
> to another:
>
> sshd[2494]: Accepted keyboard-interactive f
* Marcel Welschbillig ([EMAIL PROTECTED]) [011205 16:35]:
> I have ip tables running and i did a test with the -c flag but i get the
> following response.
>
> proxy:/home# iptables -A INPUT -s 10.10.1.31 -i eth0 -c ACCEPT
> iptables v1.2.4: -c requires packet and byte counter
>
> What am i missi
* Marcel Welschbillig ([EMAIL PROTECTED]) [011205 16:35]:
> I have ip tables running and i did a test with the -c flag but i get the
> following response.
>
> proxy:/home# iptables -A INPUT -s 10.10.1.31 -i eth0 -c ACCEPT
> iptables v1.2.4: -c requires packet and byte counter
>
> What am i miss
* Robert Epprecht ([EMAIL PROTECTED]) [011208 02:31]:
> I need ssh to access some cvs servers. As the files are stored locally
> below /usr/local/ and ordinary users have no write access there I called
> ssh-keygen as root. But now I have my doubts if this was The Right
> Thing to do regarding se
* Robert Epprecht ([EMAIL PROTECTED]) [011208 02:31]:
> I need ssh to access some cvs servers. As the files are stored locally
> below /usr/local/ and ordinary users have no write access there I called
> ssh-keygen as root. But now I have my doubts if this was The Right
> Thing to do regarding s
* Robert Epprecht ([EMAIL PROTECTED]) [011208 02:31]:
> I need ssh to access some cvs servers. As the files are stored locally
> below /usr/local/ and ordinary users have no write access there I called
> ssh-keygen as root. But now I have my doubts if this was The Right
> Thing to do regarding se
* Robert Epprecht ([EMAIL PROTECTED]) [011208 02:31]:
> I need ssh to access some cvs servers. As the files are stored locally
> below /usr/local/ and ordinary users have no write access there I called
> ssh-keygen as root. But now I have my doubts if this was The Right
> Thing to do regarding s
* J C Lawrence ([EMAIL PROTECTED]) [011120 12:04]:
> On Mon, 19 Nov 2001 21:57:05 -0600
> Nathan E Norman wrote:
>
> > On Mon, Nov 19, 2001 at 03:26:50PM -0800, Petro wrote:
> >> But his is hugely off topic, and I'll go no futher down this
> >> road.
>
> > Could you at least honor my Mail-Follo
* J C Lawrence ([EMAIL PROTECTED]) [011120 12:04]:
> On Mon, 19 Nov 2001 21:57:05 -0600
> Nathan E Norman wrote:
>
> > On Mon, Nov 19, 2001 at 03:26:50PM -0800, Petro wrote:
> >> But his is hugely off topic, and I'll go no futher down this
> >> road.
>
> > Could you at least honor my Mail-Foll
* Walter D. Sessions ([EMAIL PROTECTED]) [03 09:38]:
> Can anyone enlighten me as to why openssh-2.9..(deb package) would have a
> conflict
> with (rsh-client << 0.16.0)? I can see that other packages might need
> rsh-client, but why
> would ssh not install unless rsh-client > 0.16? Isn't ssh
* Walter D. Sessions ([EMAIL PROTECTED]) [03 09:38]:
> Can anyone enlighten me as to why openssh-2.9..(deb package) would have a conflict
> with (rsh-client << 0.16.0)? I can see that other packages might need rsh-client,
>but why
> would ssh not install unless rsh-client > 0.16? Isn't ssh a
* Davy Gigan ([EMAIL PROTECTED]) [011108 11:50]:
> Osvaldo Mundim Junior writes:
> > Hi,
> >
> > does anybody knowns what are TOS,PREC,TTL and RES of iptables`s log??
>
> These are fields in IP packets :
>
> TOS stands for Type Of Service
> PREC stands for precedence
>
> These one may be
* Sebastiaan ([EMAIL PROTECTED]) [011109 14:44]:
> High,
>
> On Fri, 9 Nov 2001, Ed Street wrote:
>
> > Hey,
> >
> > Is there *anything* we can do about all this Spam that's getting on this
> > list?
> >
Yes. We can silently ignore them rather than turn each one into a
lengthy off-topic thread
* Davy Gigan ([EMAIL PROTECTED]) [011108 11:50]:
> Osvaldo Mundim Junior writes:
> > Hi,
> >
> > does anybody knowns what are TOS,PREC,TTL and RES of iptables`s log??
>
> These are fields in IP packets :
>
> TOS stands for Type Of Service
> PREC stands for precedence
>
> These one may be
* Sebastiaan ([EMAIL PROTECTED]) [011109 14:44]:
> High,
>
> On Fri, 9 Nov 2001, Ed Street wrote:
>
> > Hey,
> >
> > Is there *anything* we can do about all this Spam that's getting on this
> > list?
> >
Yes. We can silently ignore them rather than turn each one into a
lengthy off-topic threa
* Ethan Benson ([EMAIL PROTECTED]) [011108 07:56]:
> On Thu, Nov 08, 2001 at 03:43:56PM +0100, Wichert Akkerman wrote:
> > Previously Ethan Benson wrote:
> > > its not, it provides you NO extra security whatsoever, and will break
> > > many many things.
> >
> > It breaks a fair number of scripts t
* Brandon High ([EMAIL PROTECTED]) [011108 12:25]:
> On Thu, Nov 08, 2001 at 10:29:08PM +0100, Luc MAIGNAN wrote:
> > Is FTP really insecure ?
> > I use a version of ProFtpd.
>
> The protocol is insecure, since it sends login and authentication
> information over the wire in clear text.
...which
* Ethan Benson ([EMAIL PROTECTED]) [011108 07:56]:
> On Thu, Nov 08, 2001 at 03:43:56PM +0100, Wichert Akkerman wrote:
> > Previously Ethan Benson wrote:
> > > its not, it provides you NO extra security whatsoever, and will break
> > > many many things.
> >
> > It breaks a fair number of scripts
* Brandon High ([EMAIL PROTECTED]) [011108 12:25]:
> On Thu, Nov 08, 2001 at 10:29:08PM +0100, Luc MAIGNAN wrote:
> > Is FTP really insecure ?
> > I use a version of ProFtpd.
>
> The protocol is insecure, since it sends login and authentication
> information over the wire in clear text.
...which
* [EMAIL PROTECTED] ([EMAIL PROTECTED]) [011106 05:54]:
> Hallo,
>
>
> > > happen few times that students stole their passwords and so on and mainly
> > > they could steal even teacher's these days.)
> >
> > Can you get a shell account on the outside of your local network?
> > If so SSH over t
* [EMAIL PROTECTED] ([EMAIL PROTECTED]) [011106 05:54]:
> Hallo,
>
>
> > > happen few times that students stole their passwords and so on and mainly
> > > they could steal even teacher's these days.)
> >
> > Can you get a shell account on the outside of your local network?
> > If so SSH over
* Juha J?ykk? ([EMAIL PROTECTED]) [011019 07:57]:
> I was wondering if there are any secure methods of centrally
> managing the versions of certain files on Debian machines. I currently
> have a woody, two sids and several potatos which need to be kept up to
> date. The security patches are not m
* Juha J?ykk? ([EMAIL PROTECTED]) [011019 07:57]:
> I was wondering if there are any secure methods of centrally
> managing the versions of certain files on Debian machines. I currently
> have a woody, two sids and several potatos which need to be kept up to
> date. The security patches are not
* Johann Schwarzmeier ([EMAIL PROTECTED]) [010921 14:25]:
> Hello,
>
> Hint: see wat iv'ed done:
>
> /etc/apache/srm.conf:
> Alias /c/winnt/system32/cmd.exe /usr/lib/cgi-bin/block.cgi
> Alias /d/winnt/system32/cmd.exe /usr/lib/cgi-bin/block.cgi
>
> The CGI:
>
> echo "You come from : ${REMOTE_A
* Johann Schwarzmeier ([EMAIL PROTECTED]) [010921 14:25]:
> Hello,
>
> Hint: see wat iv'ed done:
>
> /etc/apache/srm.conf:
> Alias /c/winnt/system32/cmd.exe /usr/lib/cgi-bin/block.cgi
> Alias /d/winnt/system32/cmd.exe /usr/lib/cgi-bin/block.cgi
>
> The CGI:
>
> echo "You come from : ${REMOTE_
* Micah Anderson ([EMAIL PROTECTED]) [010921 10:23]:
> I was thinking it would be nice to see what sort of new setuid
> programs show up on my box each day... then I noticed that these are
> already being logged in /var/log/setuid.today and
> /var/log/setuid.yesterday. What makes these? It appears
* Micah Anderson ([EMAIL PROTECTED]) [010921 10:23]:
> I was thinking it would be nice to see what sort of new setuid
> programs show up on my box each day... then I noticed that these are
> already being logged in /var/log/setuid.today and
> /var/log/setuid.yesterday. What makes these? It appears
* Andres Salomon ([EMAIL PROTECTED]) [010918 17:40]:
> My point is, it's not a daemon, it's not associated w/ any type of network
> service, it's not associated w/ any clients that regularly receive untrusted
> data from outside sources, and it's not even used by default on most
> people's boxes (l
* Andres Salomon ([EMAIL PROTECTED]) [010918 17:40]:
> My point is, it's not a daemon, it's not associated w/ any type of network
> service, it's not associated w/ any clients that regularly receive untrusted
> data from outside sources, and it's not even used by default on most
> people's boxes (
* Javier Fern?ndez-Sanguino Pe?a ([EMAIL PROTECTED]) [010915 17:13]:
> On Mon, Sep 10, 2001 at 05:49:55PM -0700, Vineet Kumar wrote:
> > * Alexander Reelsen ([EMAIL PROTECTED]) [010910 01:24]:
> > > On Sun, Sep 09, 2001 at 06:31:57PM -0400, hpknight wrote:
> > > > It
* Javier Fern?ndez-Sanguino Pe?a ([EMAIL PROTECTED]) [010915 17:13]:
> On Mon, Sep 10, 2001 at 05:49:55PM -0700, Vineet Kumar wrote:
> > * Alexander Reelsen ([EMAIL PROTECTED]) [010910 01:24]:
> > > On Sun, Sep 09, 2001 at 06:31:57PM -0400, hpknight wrote:
> > > >
(apologies to anyone who receives this twice; I believe I had exim not
listening the first time I sent it!)
* Alexander Reelsen ([EMAIL PROTECTED]) [010910 01:24]:
> On Sun, Sep 09, 2001 at 06:31:57PM -0400, hpknight wrote:
> > It depends on the process that is binding the port. If you're using
>
* Alexander Reelsen ([EMAIL PROTECTED]) [010910 01:24]:
> On Sun, Sep 09, 2001 at 06:31:57PM -0400, hpknight wrote:
> > It depends on the process that is binding the port. If you're using
> > xinetd you can specify which interface to bind the port on. If the
> > program/daemon doesn't allow you t
(apologies to anyone who receives this twice; I believe I had exim not
listening the first time I sent it!)
* Alexander Reelsen ([EMAIL PROTECTED]) [010910 01:24]:
> On Sun, Sep 09, 2001 at 06:31:57PM -0400, hpknight wrote:
> > It depends on the process that is binding the port. If you're using
* Alexander Reelsen ([EMAIL PROTECTED]) [010910 01:24]:
> On Sun, Sep 09, 2001 at 06:31:57PM -0400, hpknight wrote:
> > It depends on the process that is binding the port. If you're using
> > xinetd you can specify which interface to bind the port on. If the
> > program/daemon doesn't allow you
* Jamie Heilman ([EMAIL PROTECTED]) [010831 10:34]:
> Jason Thomas wrote:
>
> > maybe ask the maintainer of the package to change it to something
> > meaningful!
>
> better yet, uninstall the package and boycott stupid behavior
That's not really better ... it's not like packages are in competiti
* Jamie Heilman ([EMAIL PROTECTED]) [010831 10:34]:
> Jason Thomas wrote:
>
> > maybe ask the maintainer of the package to change it to something
> > meaningful!
>
> better yet, uninstall the package and boycott stupid behavior
That's not really better ... it's not like packages are in competit
* Alisson Sellaro ([EMAIL PROTECTED]) [010830 19:45]:
> Hi again folks
>
> I was checking my firewall logs and have detected lots of TCP/113
> dropped packets. Checking /etc/services I realized it was ident
> traffic. What do you think about such service? Should I let it blocked
> or should I allo
* Alisson Sellaro ([EMAIL PROTECTED]) [010830 19:45]:
> Hi again folks
>
> I was checking my firewall logs and have detected lots of TCP/113
> dropped packets. Checking /etc/services I realized it was ident
> traffic. What do you think about such service? Should I let it blocked
> or should I all
* David Ehle ([EMAIL PROTECTED]) [010803 14:53]:
> Thanks Andrew, Thanks Jim.
>
>I'll layer them on and sleep better tonight ;).
>
> Stopping the middle button menu behavior is still causing me to pull my
> hair out though. Tried changing the behavior of the middle button in the
> /enlighte
* David Ehle ([EMAIL PROTECTED]) [010803 14:53]:
> Thanks Andrew, Thanks Jim.
>
>I'll layer them on and sleep better tonight ;).
>
> Stopping the middle button menu behavior is still causing me to pull my
> hair out though. Tried changing the behavior of the middle button in the
> /enlight
* Michael Knoop ([EMAIL PROTECTED]) [010802 11:41]:
> I have done this, and it is not hard. You have to connect SSH with local
> port forwarding on port 110. Then, set your mail client to use a pop3
> server on localhost. SSH will forward the pop3 request to the connected
> machine and send you
* Michael Knoop ([EMAIL PROTECTED]) [010802 11:41]:
> I have done this, and it is not hard. You have to connect SSH with local
> port forwarding on port 110. Then, set your mail client to use a pop3
> server on localhost. SSH will forward the pop3 request to the connected
> machine and send your
* Jeff Coppock ([EMAIL PROTECTED]) [010720 12:54]:
>Dilemna:
>I want to run iptables, but I'm running stable. I have a
>clean, bootable 2.4.6 kernel (took awhile, but I got it), and
>then realized that the iptable package in not in stable, but
>is in testing and unstable. I lo
* Jeff Coppock ([EMAIL PROTECTED]) [010720 12:54]:
>Dilemna:
>I want to run iptables, but I'm running stable. I have a
>clean, bootable 2.4.6 kernel (took awhile, but I got it), and
>then realized that the iptable package in not in stable, but
>is in testing and unstable. I l
* Stefan Srdic ([EMAIL PROTECTED]) [010716 21:01]:
>
> What exactly do these paramters do, and should I be toying around with
> them?
>
Sorry for the smarmy repsonse, but the answer to the second question
is "at least not until you are able to answer the first question".
Too bad I can't help y
* Stefan Srdic ([EMAIL PROTECTED]) [010716 21:01]:
>
> What exactly do these paramters do, and should I be toying around with
> them?
>
Sorry for the smarmy repsonse, but the answer to the second question
is "at least not until you are able to answer the first question".
Too bad I can't help
* Jason Healy ([EMAIL PROTECTED]) [010712 17:23]:
>
> chmod/chown are extremely dangerous binaries to give root privs on, as
> they essentially give you the ability to setuid anything to root.
> That said, most binaries can be dangerous when given root privs (bash,
> cat, echo, rm, cp, mv, tar).
>
* Siggy Brentrup ([EMAIL PROTECTED]) [010712 17:13]:
>
> Assuming the file resides on an ext2 fs, consider chattr +i, even root
> can't create a hardlink nor modify the file without removing the
> immutable attribute.
>
...but making all files in the filesystem immutable (minus those that
shou
* Jason Healy ([EMAIL PROTECTED]) [010712 17:23]:
>
> chmod/chown are extremely dangerous binaries to give root privs on, as
> they essentially give you the ability to setuid anything to root.
> That said, most binaries can be dangerous when given root privs (bash,
> cat, echo, rm, cp, mv, tar).
1 - 100 of 117 matches
Mail list logo
