On Thu, Jan 29, 2009 at 12:26:46PM -0800, Matt Kincaid wrote:
> Hello, I'm having the same issue.
>
>
>
> I can broadcast to the ###.###.###.255 fine but my switches/routers
> throw out 255.255.255.255.
Routers must have dhcp-relay function.
--
To UNSUBSCRIBE, email to debian-security-requ
Hello, I'm having the same issue.
I can broadcast to the ###.###.###.255 fine but my switches/routers
throw out 255.255.255.255.
Have you found any solution?
Matt Kincaid
---
DISCLAIMER: Information contained in this m
On Fri, 01 Nov 2002 at 06:41:43PM -0400, Peter Cordes wrote:
> MD5 is still believed to be secure. i.e. Nobody can modify a binary so
> that it has different contents but the same MD5 hash, unless they are _very_
> _very_ lucky. The task becomes even more difficult if you check the length
> of t
On Fri, 01 Nov 2002 at 06:41:43PM -0400, Peter Cordes wrote:
> MD5 is still believed to be secure. i.e. Nobody can modify a binary so
> that it has different contents but the same MD5 hash, unless they are _very_
> _very_ lucky. The task becomes even more difficult if you check the length
> of t
On Tue, Oct 29, 2002 at 05:10:12PM -0800, Alvin Oga wrote:
> am not as worried about the determined hacker/crackers that
> can modify binaries such that md5sum matches my tripewire db and
> other security precautions (databases and baseline) of my servers
MD5 is still believed to be secure. i.e
On Tue, Oct 29, 2002 at 05:10:12PM -0800, Alvin Oga wrote:
> am not as worried about the determined hacker/crackers that
> can modify binaries such that md5sum matches my tripewire db and
> other security precautions (databases and baseline) of my servers
MD5 is still believed to be secure. i.e
hi ya noah
On Tue, 29 Oct 2002, Noah L. Meyerhans wrote:
> On Tue, Oct 29, 2002 at 04:12:54PM -0800, Alvin Oga wrote:
> > i say modifying files is a give away .. that says
> > "come find me" which is trivial since its modified
> > binaries
>
> If they do it right, it's not a giveaway. If
On Tue, Oct 29, 2002 at 04:12:54PM -0800, Alvin Oga wrote:
> i say modifying files is a give away .. that says
> "come find me" which is trivial since its modified
> binaries
If they do it right, it's not a giveaway. If they're quick, thorough,
and accurate, they can certainly do it right.
hi ya dale
if anybody modifies the typical binaries..
i'll know within the hour.. hourly/randomly system checks
or instaneously if i happen to be reading emails
at the time ... they are attacking...
i say modifying files is a give away .. that says
"come find me" which is trivial since it
On Tue, Oct 29, 2002 at 03:28:20PM -0800, Alvin Oga wrote:
> if they exploited a root vulnerability and got in...
> why modify silly binaries like ps, top, ls, find, etf ??
>
> that gives themself away as having modified the system
No it doesn't. It makes them and everything they do vanish
into t
hi ya dale
>
> Rootkits are *INSTALLED* after a successful root
> exploit.
maybe i missing something here ... that i been wonderng about
for years..
if they exploited a root vulnerability and got in...
why modify silly binaries like ps, top, ls, find, etf ??
that gives themself away as havin
hi ya noah
On Tue, 29 Oct 2002, Noah L. Meyerhans wrote:
> On Tue, Oct 29, 2002 at 04:12:54PM -0800, Alvin Oga wrote:
> > i say modifying files is a give away .. that says
> > "come find me" which is trivial since its modified
> > binaries
>
> If they do it right, it's not a giveaway. If
A rootkit is a selection of modified standard programs
that usually replace (among others)
ls
ps
netstat
users
and pretty much everything else you would use to check
your machine. It will also include a backdoor.
Sometimes the primary part of the rootkit is eithe
hi ya rick
yes... got that part ... ( the after breaking in part )
was exepecting to see "it helps one to breakin and exploit
the vulnerabilities" so it didn't sink in at first when
i was reading all the talk-backs
( didnt see what i wanted to see ;-)
thanx
alvin
On Mon, 28 Oct 2002,
On Tue, Oct 29, 2002 at 04:12:54PM -0800, Alvin Oga wrote:
> i say modifying files is a give away .. that says
> "come find me" which is trivial since its modified
> binaries
If they do it right, it's not a giveaway. If they're quick, thorough,
and accurate, they can certainly do it right.
hi ya dale
if anybody modifies the typical binaries..
i'll know within the hour.. hourly/randomly system checks
or instaneously if i happen to be reading emails
at the time ... they are attacking...
i say modifying files is a give away .. that says
"come find me" which is trivial since it
On Tue, Oct 29, 2002 at 03:28:20PM -0800, Alvin Oga wrote:
> if they exploited a root vulnerability and got in...
> why modify silly binaries like ps, top, ls, find, etf ??
>
> that gives themself away as having modified the system
No it doesn't. It makes them and everything they do vanish
into t
On Tue, Oct 29, 2002 at 09:35:01AM -0500, Phillip Hofmeister wrote:
> Laptop (IPSEC CLient) -> WAP -> Server (DHCP AND IPSEC Host) -> Local
> Network. In order to get inside the network you will have to get past
> the IPSEC Host, which of course will require a key that has a valid
> certificate fr
We are currently looking into wireless where I work also.
Just a few weeks ago, we had this company come in to give a demo of an
appliance that enforces restrictions on the wireless network.
http://www.verniernetworks.com/
It seems to be along the path of what we are looking for, YMMV.
Oh, and we
hi ya dale
>
> Rootkits are *INSTALLED* after a successful root
> exploit.
maybe i missing something here ... that i been wonderng about
for years..
if they exploited a root vulnerability and got in...
why modify silly binaries like ps, top, ls, find, etf ??
that gives themself away as havin
A rootkit is a selection of modified standard programs
that usually replace (among others)
ls
ps
netstat
users
and pretty much everything else you would use to check
your machine. It will also include a backdoor.
Sometimes the primary part of the rootkit is eithe
hi ya rick
yes... got that part ... ( the after breaking in part )
was exepecting to see "it helps one to breakin and exploit
the vulnerabilities" so it didn't sink in at first when
i was reading all the talk-backs
( didnt see what i wanted to see ;-)
thanx
alvin
On Mon, 28 Oct 2002,
On Tue, Oct 29, 2002 at 09:35:01AM -0500, Phillip Hofmeister wrote:
> Laptop (IPSEC CLient) -> WAP -> Server (DHCP AND IPSEC Host) -> Local
> Network. In order to get inside the network you will have to get past
> the IPSEC Host, which of course will require a key that has a valid
> certificate fr
We are currently looking into wireless where I work also.
Just a few weeks ago, we had this company come in to give a demo of an
appliance that enforces restrictions on the wireless network.
http://www.verniernetworks.com/
It seems to be along the path of what we are looking for, YMMV.
Oh, and we
On Mon, 28 Oct 2002 at 11:18:23PM -0800, Brandon High wrote:
> On Mon, Oct 28, 2002 at 07:38:38PM -0600, Hanasaki JiJi wrote:
> > Too bad there is no way to do a secure handshake w/ an id/password or
> > even SecureID cards.
>
> That's the idea behind PPPoE. Yuck.
Or you could do ipsec:
Laptop (
On Tue, 29 Oct 2002 at 10:52:22AM +1100, Stewart James wrote:
> I had the very same thoughts, being a university you can imagine what
> physical security is like, plus management wants to give students the
> ability to walk on campus and plugin, plus start wireless services too.
Be weary of wireles
On Mon, 28 Oct 2002 at 11:18:23PM -0800, Brandon High wrote:
> On Mon, Oct 28, 2002 at 07:38:38PM -0600, Hanasaki JiJi wrote:
> > Too bad there is no way to do a secure handshake w/ an id/password or
> > even SecureID cards.
>
> That's the idea behind PPPoE. Yuck.
Or you could do ipsec:
Laptop (
On Tue, 29 Oct 2002 at 10:52:22AM +1100, Stewart James wrote:
> I had the very same thoughts, being a university you can imagine what
> physical security is like, plus management wants to give students the
> ability to walk on campus and plugin, plus start wireless services too.
Be weary of wireles
On Mon, Oct 28, 2002 at 07:38:38PM -0600, Hanasaki JiJi wrote:
> Too bad there is no way to do a secure handshake w/ an id/password or
> even SecureID cards.
That's the idea behind PPPoE. Yuck.
-B
--
Brandon High [EMAIL PROTECTED]
'98 Kawi ZX-7R "Wasabi", '9
On Mon, Oct 28, 2002 at 07:38:38PM -0600, Hanasaki JiJi wrote:
> Too bad there is no way to do a secure handshake w/ an id/password or
> even SecureID cards.
That's the idea behind PPPoE. Yuck.
-B
--
Brandon High [EMAIL PROTECTED]
'98 Kawi ZX-7R "Wasabi", '9
Quoting Andrew Sayers ([EMAIL PROTECTED]):
> In practice, even a very low security barrier will stop the 90% of
> clueless abusers - but (to drag this thread bag on-topic), that's no
> excuse for basing the security of your network on a fundamentally
> insecure way of identifying computers.
Right
Quoting Alvin Oga ([EMAIL PROTECTED]):
> i read all the talkbacks...
> - no definition of rootkit posted in the talkbacks
Look again.
Anyhow, a rootkit is not "anything that allows an un-educated user to
just run that tool to break into other peoples network and machines".
It's something
On Mon, Oct 28, 2002 at 06:46:47PM -0800, Rick Moen wrote:
>
> >> This confusion has also come up elsewhere, on LinuxToday:
> >> http://linuxtoday.com/news_story.php3?ltsn=2002-09-20-011-26-SC-SV
> >
> > tht just talks about arresting some poor soul ??
>
> Read the talkbacks, at the bottom.
Spe
hi ya rick
On Mon, 28 Oct 2002, Rick Moen wrote:
> Quoting Alvin Oga ([EMAIL PROTECTED]):
> >> Um, Alvin? You might want to look up the definition of "rootkit".
> >
> > my definition ... anything that allows an un-educated user to just
> > run that tool to break into other peoples network and
Quoting Andrew Sayers ([EMAIL PROTECTED]):
> In practice, even a very low security barrier will stop the 90% of
> clueless abusers - but (to drag this thread bag on-topic), that's no
> excuse for basing the security of your network on a fundamentally
> insecure way of identifying computers.
Right
Quoting Alvin Oga ([EMAIL PROTECTED]):
> i read all the talkbacks...
> - no definition of rootkit posted in the talkbacks
Look again.
Anyhow, a rootkit is not "anything that allows an un-educated user to
just run that tool to break into other peoples network and machines".
It's something
Quoting Alvin Oga ([EMAIL PROTECTED]):
>> Um, Alvin? You might want to look up the definition of "rootkit".
>
> my definition ... anything that allows an un-educated user to just
> run that tool to break into other peoples network and machines
> ( there's too many "rootkits" to count )
Tha
Jason Clarke wrote:
> Chuck,
>
> That sounds like a fantastic idea!
>
> Provide some sort of web interface where a student can use a library
> terminal or some such, plug in their MAC ADDR and their student
> number.
>
> I normally don't post a "Good on you jim!" message, but this one has
> set off
hi ya rick
On Mon, 28 Oct 2002, Rick Moen wrote:
> Quoting Alvin Oga ([EMAIL PROTECTED]):
>
> > i think you want at least one level of protection against dhcp
> > - prevent any tom, dick and harry from creating havoc
> > by running their rootkits by connecting their laptop to the
> >
On Mon, Oct 28, 2002 at 06:46:47PM -0800, Rick Moen wrote:
>
> >> This confusion has also come up elsewhere, on LinuxToday:
> >> http://linuxtoday.com/news_story.php3?ltsn=2002-09-20-011-26-SC-SV
> >
> > tht just talks about arresting some poor soul ??
>
> Read the talkbacks, at the bottom.
Spe
and centre.
J
- Original Message -
From: "Haines, Charles Allen" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, October 29, 2002 12:35 PM
Subject: RE: DHCP
Well here at WPI, we have to register each and every MAC address that we
wish to use on campus. If your MAC address isn't
Quoting Alvin Oga ([EMAIL PROTECTED]):
> i think you want at least one level of protection against dhcp
> - prevent any tom, dick and harry from creating havoc
> by running their rootkits by connecting their laptop to the
> network
Um, Alvin? You might want to look up the defi
hi ya rick
On Mon, 28 Oct 2002, Rick Moen wrote:
> Quoting Alvin Oga ([EMAIL PROTECTED]):
> >> Um, Alvin? You might want to look up the definition of "rootkit".
> >
> > my definition ... anything that allows an un-educated user to just
> > run that tool to break into other peoples network and
y, October 28, 2002 8:39 PM
To: Haines, Charles Allen
Cc: debian-security@lists.debian.org
Subject: Re: DHCP
Too bad there is no way to do a secure handshake w/ an id/password or
even SecureID cards.
Any way to make the same host name resolve to your IP irreguardless of
what IP is allocted to y
: Jones, Steven [mailto:[EMAIL PROTECTED]
Sent: Monday, October 28, 2002 8:06 PM
To: 'Stewart James'; debian-security@lists.debian.org
Subject: RE: DHCP
ik campus
ik
ik
so zilch physical security
you didnt say this in your earlier post, this has severe security
implications,
, Linux by choice."
-Original Message-
From: Jones, Steven [mailto:[EMAIL PROTECTED]
Sent: Monday, October 28, 2002 8:06 PM
To: 'Stewart James'; debian-security@lists.debian.org
Subject: RE: DHCP
ik campus
ik
ik
so zilch physical security
you didnt say
Internet ie a danger
zone and firewalled...
i could go on and on..i suspect you have a lot to do..
regards
Steven
-Original Message-
From: Stewart James [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 29 October 2002 12:53
To: debian-security@lists.debian.org
Subject: RE: DHCP
I had t
hi andrew
i think you want at least one level of protection against dhcp
- prevent any tom, dick and harry from creating havoc
by running their rootkits by connecting their laptop to the
network
- it is bad to allow just anybody plug in their laptops
with
Quoting Alvin Oga ([EMAIL PROTECTED]):
>> Um, Alvin? You might want to look up the definition of "rootkit".
>
> my definition ... anything that allows an un-educated user to just
> run that tool to break into other peoples network and machines
> ( there's too many "rootkits" to count )
Tha
I'm not a huge expert on all of this, but here are a couple of
thoughts...
Unless you're monitoring IP/MAC addresses to try and detect
spoofing, knowing a machine's IP address is already useless from a
security POV. Even then, MAC addresses can be spoofed. Given that,
DHCP can't really make thin
Jason Clarke wrote:
> Chuck,
>
> That sounds like a fantastic idea!
>
> Provide some sort of web interface where a student can use a library
> terminal or some such, plug in their MAC ADDR and their student
> number.
>
> I normally don't post a "Good on you jim!" message, but this one has
> set off
hi ya rick
On Mon, 28 Oct 2002, Rick Moen wrote:
> Quoting Alvin Oga ([EMAIL PROTECTED]):
>
> > i think you want at least one level of protection against dhcp
> > - prevent any tom, dick and harry from creating havoc
> > by running their rootkits by connecting their laptop to the
> >
; <[EMAIL PROTECTED]>
> To: 'Stewart James' <[EMAIL PROTECTED]>,
> debian-security@lists.debian.org
> Subject: RE: DHCP
> Resent-Date: Mon, 28 Oct 2002 17:24:16 -0600 (CST)
> Resent-From: debian-security@lists.debian.org
>
> u could set dhcp to give out
and centre.
J
- Original Message -
From: "Haines, Charles Allen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, October 29, 2002 12:35 PM
Subject: RE: DHCP
Well here at WPI, we have to register each and every MAC address that we
wish to use on campus. If y
Quoting Alvin Oga ([EMAIL PROTECTED]):
> i think you want at least one level of protection against dhcp
> - prevent any tom, dick and harry from creating havoc
> by running their rootkits by connecting their laptop to the
> network
Um, Alvin? You might want to look up the defi
nt: Monday, October 28, 2002 8:39 PM
To: Haines, Charles Allen
Cc: [EMAIL PROTECTED]
Subject: Re: DHCP
Too bad there is no way to do a secure handshake w/ an id/password or
even SecureID cards.
Any way to make the same host name resolve to your IP irreguardless of
what IP is allocted to your b
]
Sent: Monday, October 28, 2002 8:06 PM
To: 'Stewart James'; [EMAIL PROTECTED]
Subject: RE: DHCP
ik campus
ik
ik
so zilch physical security
you didnt say this in your earlier post, this has severe security
implications, in fact Id suggest you'd be a danger to the interne
, Linux by choice."
-Original Message-
From: Jones, Steven [mailto:sjones08@;eds.com]
Sent: Monday, October 28, 2002 8:06 PM
To: 'Stewart James'; [EMAIL PROTECTED]
Subject: RE: DHCP
ik campus
ik
ik
so zilch physical security
you didnt say this in your earl
u could set dhcp to give out a fixed address dependant on a mac address,
this would stop just anybody plugging a box into a network, if your network
is physically secure then thats not a worry. (a cat5 jack in reception or
some other public place is dodgy)
Otherwise dhcp makes life easier...its th
Internet ie a danger
zone and firewalled...
i could go on and on..i suspect you have a lot to do..
regards
Steven
-Original Message-
From: Stewart James [mailto:stewart.james@;vu.edu.au]
Sent: Tuesday, 29 October 2002 12:53
To: [EMAIL PROTECTED]
Subject: RE: DHCP
I had t
As far as I know there's not much to it, my dhcp server was very simple
to set up with very little security options. My only suggestion is just
make sure you have the latest version, and make sure you have the
security updates source in your sources.list file for your dists ie:
deb http://securit
hi andrew
i think you want at least one level of protection against dhcp
- prevent any tom, dick and harry from creating havoc
by running their rootkits by connecting their laptop to the
network
- it is bad to allow just anybody plug in their laptops
with
I'm not a huge expert on all of this, but here are a couple of
thoughts...
Unless you're monitoring IP/MAC addresses to try and detect
spoofing, knowing a machine's IP address is already useless from a
security POV. Even then, MAC addresses can be spoofed. Given that,
DHCP can't really make thin
; <[EMAIL PROTECTED]>
> To: 'Stewart James' <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED]
> Subject: RE: DHCP
> Resent-Date: Mon, 28 Oct 2002 17:24:16 -0600 (CST)
> Resent-From: [EMAIL PROTECTED]
>
> u could set dhcp to give out a fixed address dependant on a m
u could set dhcp to give out a fixed address dependant on a mac address,
this would stop just anybody plugging a box into a network, if your network
is physically secure then thats not a worry. (a cat5 jack in reception or
some other public place is dodgy)
Otherwise dhcp makes life easier...its th
As far as I know there's not much to it, my dhcp server was very simple
to set up with very little security options. My only suggestion is just
make sure you have the latest version, and make sure you have the
security updates source in your sources.list file for your dists ie:
deb http://securit
66 matches
Mail list logo
