On Thu, Apr 27, 2000 at 06:13:31PM -0800, Ethan Benson wrote:
On Fri, Apr 28, 2000 at 02:03:07AM +, Jim Breton wrote:
On Thu, Apr 27, 2000 at 05:35:42PM -0800, Ethan Benson wrote:
why zap an immutable log file? it won't contain any new entries since
syslogd cannot write to it
On Sat, Apr 29, 2000 at 09:53:51AM +0200, Tomasz Wegrzanowski wrote:
well yes, but only if root is permitted to remove the append only bit,
in which case the added security is really minimal (ie only protects
against clueless script kiddies who only know how to edit a log by
running
On Thu, Apr 27, 2000 at 04:30:28PM +, Jim Breton wrote:
On Thu, Apr 27, 2000 at 01:13:34AM -0800, Ethan Benson wrote:
this contrasts with linux's immutable bit that the superuser may
remove whenever he wants, making it mostly pointless. (i read
Yah I looked at it that way too at
Jim,
Not the capability _bounding_ set. Check the 'lcap' package. The only time
the capabilities are restored is when the machine is rebooted, and only a
process which originated as a kernel thread (i.e., init, kswapd, etc) can
restore capabilities without a reboot. None of those programs will do
Jim,
No, because those processes would be children of init, not init itself.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP
On Wed, Apr 26, 2000 at 07:05:18PM -, [EMAIL PROTECTED] wrote:
Hi!
26 Apr 00 12:45, Alexander Hvostov wrote to UUCP:
AH Yeah, yeah, you just try and break an MD5 checksum anytime this
AH year. *cough*
It'll take some time, but it's possible. A simple brute-force attack will do
On Wed, Apr 26, 2000 at 10:14:25AM +0200, Ingemar Fällman wrote:
But tripwire does not save the checksums on a safe place by default...
And it does not update the checksums when a package is updated, and
when the debian packages has checksums.. why don't use them to get
some better
On Wed, Apr 26, 2000 at 07:05:18PM -, [EMAIL PROTECTED] wrote:
Hi!
26 Apr 00 12:45, Alexander Hvostov wrote to UUCP:
AH Yeah, yeah, you just try and break an MD5 checksum anytime this
AH year. *cough*
It'll take some time, but it's possible. A simple brute-force attack will do
On Wed, 26 Apr 2000, Ethan Benson wrote:
so why don't we use sha1 or rmd160 or all three like OpenBSD ;-)
lets see you break those ;-)
--
Ethan Benson
http://www.alaska.net/~erbenson/
I think the system OpenBSD uses is great, I think we should combine:
dpkg, apt and aide (the
On Thu, Apr 27, 2000 at 10:58:54AM +0200, L. Besselink wrote:
On Wed, 26 Apr 2000, Ethan Benson wrote:
so why don't we use sha1 or rmd160 or all three like OpenBSD ;-)
lets see you break those ;-)
--
Ethan Benson
http://www.alaska.net/~erbenson/
I think the system
Ethan,
The securelevel is obsolete, which is probably why it doesn't seem to be
there anymore. Check out the 'lcap' package: once you remove one of the
capabilities in that list, it cannot be restored until the machine is
rebooted, and you'd probably have to boot into single user mode in order
* Ethan Benson
| one neat way would be a CD-RW, have both an ordinary CDROM and a
| CD-RW drive, when you upgrade or install something move the
| checksums cd-rw to the RW drive, update it then take it out and put
| it back in the CDROM drive. theres no modifying a CD-r[w] from a
| CDROM drive.
Tollef,
How do you do NFS over SSH? I'm interested.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
* Alexander Hvostov
| How do you do NFS over SSH? I'm interested.
I don't, but since you can do NFS over TCP, i guessed that you can
do NFS over SSH as well. Or, you can do samba over SSH. Or just
SFS.
--
Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its
Tollef,
NFS requires an RPC portmapper, so things get a bit complicated...
SMB over SSH could work though, since it's just a TCP connection to port
139. Simple enough.
What's SFS?
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK
On Thu, Apr 27, 2000 at 01:36:23PM +0200, Tollef Fog Heen wrote:
* Ethan Benson
| one neat way would be a CD-RW, have both an ordinary CDROM and a
| CD-RW drive, when you upgrade or install something move the
| checksums cd-rw to the RW drive, update it then take it out and put
| it back
Peter Cordes wrote:
that has the same hash as the file you're trying to spoof. (you don't get
the advantage of the birthday paradox (29 people in a room - 50% chance
at least one pair has the same birthday) because the other member of the
pair is already picked: it is the md5 hash of the
* Alexander Hvostov
| Tollef,
|
| NFS requires an RPC portmapper, so things get a bit complicated...
You can do a mass port forward, I think it might work, but I don't
know NFS that well.
| What's SFS?
Self-Certifying File System
SFS is a secure, global file system with completely
because
a hacker could have exchanged them as well as other files, and I would not know
about it.
And to download all debfiles and extrakt the checksums takes alot of time and
alot of
diskspace.
Why don't put all the checksums on an ftp, and make a debian package that checks
all files (or just
takes alot of time and
alot of
diskspace.
Why don't put all the checksums on an ftp, and make a debian package that
checks
all files (or just some packages) on the computer for changes. Then it would
make it
very easy to detect if anyone has hacked in to the computer and changed any
files
---BeginMessage---
Hi
But tripwire does not save the checksums on a safe place by default...
And it does not update the checksums when a package is updated, and
when the debian packages has checksums.. why don't use them to get
some better security...
/Ingemar
Alexander Hvostov wrote:
* Reply to message originally in area ml.debian.security
Hi!
26 Apr 00 11:52, Ingemar =?iso-8859-1?Q?F=E4llman?= wrote to UUCP:
I? All debfiles has checksums right?? These checksums can be used to
I? verify if a file has been changed, so therefore checksums can be used to
I? check if
Sascha,
Yeah, yeah, you just try and break an MD5 checksum anytime this
year. *cough*
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w
O--- M- V- PS+
* Reply to message originally in area ml.debian.security
Hi!
26 Apr 00 11:52, Ingemar =?iso-8859-1?Q?F=E4llman?= wrote to UUCP:
I? All debfiles has checksums right?? These checksums can be used to
I? verify if a file has been changed, so therefore checksums can be used to
I? check if
* Reply to message originally in area ml.debian.security
Hi!
26 Apr 00 11:52, Ingemar =?iso-8859-1?Q?F=E4llman?= wrote to UUCP:
I? All debfiles has checksums right?? These checksums can be used to
I? verify if a file has been changed, so therefore checksums can be used to
I? check if
* Reply to message originally in area ml.debian.security
Hi!
26 Apr 00 11:52, Ingemar =?iso-8859-1?Q?F=E4llman?= wrote to UUCP:
I? All debfiles has checksums right?? These checksums can be used to
I? verify if a file has been changed, so therefore checksums can be used to
I? check if
* Reply to message originally in area ml.debian.security
Hi!
26 Apr 00 11:52, Ingemar =?iso-8859-1?Q?F=E4llman?= wrote to UUCP:
I? All debfiles has checksums right?? These checksums can be used to
I? verify if a file has been changed, so therefore checksums can be used to
I? check if
* Reply to message originally in area ml.debian.security
Hi!
26 Apr 00 11:52, Ingemar =?iso-8859-1?Q?F=E4llman?= wrote to UUCP:
I? All debfiles has checksums right?? These checksums can be used to
I? verify if a file has been changed, so therefore checksums can be used to
I? check if
* Reply to message originally in area ml.debian.security
Hi!
26 Apr 00 11:52, Ingemar =?iso-8859-1?Q?F=E4llman?= wrote to UUCP:
I? All debfiles has checksums right?? These checksums can be used to
I? verify if a file has been changed, so therefore checksums can be used to
I? check if
* Reply to message originally in area ml.debian.security
Hi!
26 Apr 00 11:52, Ingemar =?iso-8859-1?Q?F=E4llman?= wrote to UUCP:
I? All debfiles has checksums right?? These checksums can be used to
I? verify if a file has been changed, so therefore checksums can be used to
I? check if
* Reply to message originally in area ml.debian.security
Hi!
26 Apr 00 11:52, Ingemar =?iso-8859-1?Q?F=E4llman?= wrote to UUCP:
I? All debfiles has checksums right?? These checksums can be used to
I? verify if a file has been changed, so therefore checksums can be used to
I? check if
* Reply to message originally in area ml.debian.security
Hi!
26 Apr 00 11:52, Ingemar =?iso-8859-1?Q?F=E4llman?= wrote to UUCP:
I? All debfiles has checksums right?? These checksums can be used to
I? verify if a file has been changed, so therefore checksums can be used to
I? check if
* Reply to message originally in area ml.debian.security
Hi!
26 Apr 00 11:52, Ingemar =?iso-8859-1?Q?F=E4llman?= wrote to UUCP:
I? All debfiles has checksums right?? These checksums can be used to
I? verify if a file has been changed, so therefore checksums can be used to
I? check if
Hi!
26 Apr 00 12:45, Alexander Hvostov wrote to UUCP:
AH Yeah, yeah, you just try and break an MD5 checksum anytime this
AH year. *cough*
It'll take some time, but it's possible. A simple brute-force attack will do
the job. And some time depends VERY much on the hardware the cracker owns. It
* Reply to message originally in area ml.debian.security
Hi!
26 Apr 00 11:52, Ingemar =?iso-8859-1?Q?F=E4llman?= wrote to UUCP:
I? All debfiles has checksums right?? These checksums can be used to
I? verify if a file has been changed, so therefore checksums can be used to
I? check if
On Wed, Apr 26, 2000 at 07:05:18PM -, [EMAIL PROTECTED] wrote:
PS: Sorry for the dupes. I had a small bug in the gateway program.
Just when I stood up to complain. Ignore it.
--
[EMAIL PROTECTED] (Stephen) TopQuark Software Serv. Enquire within.
[sed 's/[EMAIL PROTECTED]/@/g']
36 matches
Mail list logo
