I believe it becomes uncommented if one installs over the network? (That
would make sense to ME anyway.)
I installed solely over ftp/http from central debian-servers and this is
what the aforementioned line looks like with me:
#deb http://security.debian.org stable/updates main
On Fri, Mar 02, 2001 at 10:21:48PM +0100, Tollef Fog Heen wrote:
|
| I believe it becomes uncommented if one installs over the network? (That
| would make sense to ME anyway.)
How do you know whether I installed from a local mirror (which I
happen to have, even though my connection to
* Jacob Meuser
| On Fri, Mar 02, 2001 at 11:39:15AM +0100, Tollef Fog Heen wrote:
| * Ethan Benson
|
| Not everyone has a permanent internet connection.. It should probably
| ask whether you want to have it in there.
|
|
| I believe it becomes uncommented if one installs over the
I believe it becomes uncommented if one installs over the network? (That
would make sense to ME anyway.)
I installed solely over ftp/http from central debian-servers and this is
what the aforementioned line looks like with me:
#deb http://security.debian.org stable/updates main contrib
On Fri, Mar 02, 2001 at 10:21:48PM +0100, Tollef Fog Heen wrote:
|
| I believe it becomes uncommented if one installs over the network? (That
| would make sense to ME anyway.)
How do you know whether I installed from a local mirror (which I
happen to have, even though my connection to the
* Ethan Benson
| On Thu, Mar 01, 2001 at 05:07:43AM +, Jacob Meuser wrote:
|
| My potatos have
| deb http://security.debian.org stable/updates main contrib non-free
| in /etc/apt/sources.list
| That was in there by default, I just uncommented it. (it was there in r0 too,
|
| it
On Fri, Mar 02, 2001 at 11:39:15AM +0100, Tollef Fog Heen wrote:
* Ethan Benson
| On Thu, Mar 01, 2001 at 05:07:43AM +, Jacob Meuser wrote:
|
| My potatos have
| deb http://security.debian.org stable/updates main contrib non-free
| in /etc/apt/sources.list
| That was in
On Thu, Mar 01, 2001 at 10:30:35AM -0700, Hubert Chan wrote:
On the other hand, OpenSSH was created by the OpenBSD people, who are
famous for secure programming.
And also for quick security fixes. They had a patch for sudo about 5 hours
after the recent bug was discovered. It took a few
On Fri, 2 Mar 2001, Jacob Meuser wrote:
On Fri, Mar 02, 2001 at 11:39:15AM +0100, Tollef Fog Heen wrote:
* Ethan Benson
| On Thu, Mar 01, 2001 at 05:07:43AM +, Jacob Meuser wrote:
|
| My potatos have
| deb http://security.debian.org stable/updates main contrib non-free
|
On Fri, Mar 02, 2001 at 08:39:09AM +0100, Runar Bell wrote:
Hi,
and thanks to everybody for all the useful information I have received. :)
One good thing about using SSH2.4 in stead of OpenSSH is that if someone
installed an RSA key in my .ssh/authorized_keys file, it would be of no
use :)
Ethan Benson [EMAIL PROTECTED] writes:
One reason why I did not install any security-updates to SSH1.1 is that on
the web page of www.debian.org they say that there is a remote exploit in
OpenSSH (DSA-027) but it is fixed in Debian 2.2 (potato) and that is the
one I installed. I did not
Hi,
and thanks to everybody for all the useful information I have received. :)
One good thing about using SSH2.4 in stead of OpenSSH is that if someone
installed an RSA key in my .ssh/authorized_keys file, it would be of no
use :) Besides, I have heard that the SSH1.1 protocol is unsecure, and
* Ethan Benson
| On Thu, Mar 01, 2001 at 05:07:43AM +, Jacob Meuser wrote:
|
| My potatos have
| deb http://security.debian.org stable/updates main contrib non-free
| in /etc/apt/sources.list
| That was in there by default, I just uncommented it. (it was there in r0
too,
|
| it
On Fri, Mar 02, 2001 at 11:39:15AM +0100, Tollef Fog Heen wrote:
* Ethan Benson
| On Thu, Mar 01, 2001 at 05:07:43AM +, Jacob Meuser wrote:
|
| My potatos have
| deb http://security.debian.org stable/updates main contrib non-free
| in /etc/apt/sources.list
| That was in
On Thu, Mar 01, 2001 at 10:30:35AM -0700, Hubert Chan wrote:
On the other hand, OpenSSH was created by the OpenBSD people, who are
famous for secure programming.
And also for quick security fixes. They had a patch for sudo about 5 hours
after the recent bug was discovered. It took a few
On Fri, 2 Mar 2001, Jacob Meuser wrote:
On Fri, Mar 02, 2001 at 11:39:15AM +0100, Tollef Fog Heen wrote:
* Ethan Benson
| On Thu, Mar 01, 2001 at 05:07:43AM +, Jacob Meuser wrote:
|
| My potatos have
| deb http://security.debian.org stable/updates main contrib non-free
| in
At 06:08 + 3/2/2001, Jacob Meuser wrote:
I believe it becomes uncommented if one installs over the network? (That
would make sense to ME anyway.)
[EMAIL PROTECTED]
It didn't on my network install. I did an FTP install of PowerPC
Debian (Potato). I had to uncomment the security line
On Fri, Mar 02, 2001 at 08:39:09AM +0100, Runar Bell wrote:
Hi,
and thanks to everybody for all the useful information I have received. :)
One good thing about using SSH2.4 in stead of OpenSSH is that if someone
installed an RSA key in my .ssh/authorized_keys file, it would be of no
use :)
Ethan Benson [EMAIL PROTECTED] writes:
One reason why I did not install any security-updates to SSH1.1 is that on
the web page of www.debian.org they say that there is a remote exploit in
OpenSSH (DSA-027) but it is fixed in Debian 2.2 (potato) and that is the
one I installed. I did not
Hi,
I installed potato three weeks ago, only adding debian-packages with
dselect and apt-get. I didn't add much either. The problem was that:
1) I noticed that somebody had logged in to my computer using my username.
I can't see how they could have discovered my password (7 letters,
containing
On Thu, Mar 01, 2001 at 09:32:19AM +0100, Runar Bell wrote:
2) When inspecting /var/log/messages I noticed quite a lot of attempts to
send a buffer overflow (or something like that) on the port running
rcp.statd. Is there some security hole there I am not aware of? I have
removed portmap
Hi,
On Thu, 1 Mar 2001, Runar Bell wrote:
Hi,
I installed potato three weeks ago, only adding debian-packages with
dselect and apt-get. I didn't add much either. The problem was that:
Did you put security.debian.org in /etc/apt/sources.list ?
1) I noticed that somebody had logged in
On Wed, Feb 28, 2001 at 11:51:32PM -0900, Ethan Benson wrote:
the first thing you should add to a newly installed debian system is:
## security updates
deb http://security.debian.org/debian-security/ potato/updates main contrib
deb http://security.debian.org/debian-non-US/ potato/non-US
Jacob Meuser wrote:
My potatos have
deb http://security.debian.org stable/updates main contrib non-free
in /etc/apt/sources.list
That was in there by default, I just uncommented it. (it was there in r0 too,
by the way). I never thought about it, but that doesn't cover the non-US
On Thu, Mar 01, 2001 at 05:07:43AM +, Jacob Meuser wrote:
My potatos have
deb http://security.debian.org stable/updates main contrib non-free
in /etc/apt/sources.list
That was in there by default, I just uncommented it. (it was there in r0 too,
it was there but commented out by
On Thursday 01 March 2001 14:08, Maarten Vink wrote:
Yes it does, security.debian.org is located somewhere outside the US and
also carries non-US updates.
security.debian.org is located in The Netherlands at the Rijks Universiteit
Leiden to be correctly.
Hans
--
To UNSUBSCRIBE, email to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
"Richard" == Richard [EMAIL PROTECTED] writes:
Richard Use Openssh, opensource leeds to more secure systems and I
Richard belive it has less security bug's. (just keep updated)
Not true. Open source has the *potential* to be more secure (due to
Hi,
and thanks to everybody for all the useful information I have received. :)
One good thing about using SSH2.4 in stead of OpenSSH is that if someone
installed an RSA key in my .ssh/authorized_keys file, it would be of no
use :) Besides, I have heard that the SSH1.1 protocol is unsecure, and
Hi,
I installed potato three weeks ago, only adding debian-packages with
dselect and apt-get. I didn't add much either. The problem was that:
1) I noticed that somebody had logged in to my computer using my username.
I can't see how they could have discovered my password (7 letters,
containing
On Thu, Mar 01, 2001 at 09:32:19AM +0100, Runar Bell wrote:
2) When inspecting /var/log/messages I noticed quite a lot of attempts to
send a buffer overflow (or something like that) on the port running
rcp.statd. Is there some security hole there I am not aware of? I have
removed portmap
Hi,
On Thu, 1 Mar 2001, Runar Bell wrote:
Hi,
I installed potato three weeks ago, only adding debian-packages with
dselect and apt-get. I didn't add much either. The problem was that:
Did you put security.debian.org in /etc/apt/sources.list ?
1) I noticed that somebody had logged in to
On Wed, Feb 28, 2001 at 11:51:32PM -0900, Ethan Benson wrote:
the first thing you should add to a newly installed debian system is:
## security updates
deb http://security.debian.org/debian-security/ potato/updates main contrib
deb http://security.debian.org/debian-non-US/ potato/non-US
On Thu, Mar 01, 2001 at 05:07:43AM +, Jacob Meuser wrote:
My potatos have
deb http://security.debian.org stable/updates main contrib non-free
in /etc/apt/sources.list
That was in there by default, I just uncommented it. (it was there in r0 too,
it was there but commented out by
On Thursday 01 March 2001 14:08, Maarten Vink wrote:
Yes it does, security.debian.org is located somewhere outside the US and
also carries non-US updates.
security.debian.org is located in The Netherlands at the Rijks Universiteit
Leiden to be correctly.
Hans
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Richard == Richard [EMAIL PROTECTED] writes:
Richard Use Openssh, opensource leeds to more secure systems and I
Richard belive it has less security bug's. (just keep updated)
Not true. Open source has the *potential* to be more secure (due to
On Thu, Mar 01, 2001 at 09:32:19AM +0100, Runar Bell wrote:
1) I noticed that somebody had logged in to my computer using my username.
I can't see how they could have discovered my password (7 letters,
snip
2) When inspecting /var/log/messages I noticed quite a lot of attempts to
send a
36 matches
Mail list logo