Re: security issues

2017-08-27 Thread Gene Heskett
On Sunday 27 August 2017 12:22:30 Mike McClain wrote: > On Sat, Aug 26, 2017 at 04:35:21PM -0400, Gene Heskett wrote: > > I have had the ultimate revenge on those who were enemies at one > > time, I've outlived the turkeys without doing anything to hasten > > their demise. ;-) > > I thought that

Re: security issues

2017-08-27 Thread Mike McClain
On Sat, Aug 26, 2017 at 04:35:21PM -0400, Gene Heskett wrote: > > I have had the ultimate revenge on those who were enemies at one time, > I've outlived the turkeys without doing anything to hasten their > demise. ;-) > I thought that was worthy of being a tagline. Hope you don't mind. Mike --

Re: security issues

2017-08-26 Thread Gene Heskett
On Saturday 26 August 2017 15:43:40 Brian wrote: > [Lots of snipping] > > On Sat 26 Aug 2017 at 15:25:53 -0400, Gene Heskett wrote: > > On Saturday 26 August 2017 14:51:41 Brian wrote: > > > That's what you think! But while you are slumbering, she is > > > emailing friends and talking with Donald

Re: security issues

2017-08-26 Thread Brian
[Lots of snipping] On Sat 26 Aug 2017 at 15:25:53 -0400, Gene Heskett wrote: > On Saturday 26 August 2017 14:51:41 Brian wrote: > > > That's what you think! But while you are slumbering, she is emailing > > friends and talking with Donald on Twitter. Never underestimate a > > woman's ability to

Re: security issues

2017-08-26 Thread Gene Heskett
On Saturday 26 August 2017 15:25:53 Gene Heskett wrote: > > > install any of the firewall type stuff, dd-wrt in the router is > > > the best guard dog. I've been running some form of it for 15 or > > > more years, and have not been breached. > > > > Isn't dd-wrt only suitable for particular

Re: security issues

2017-08-26 Thread Gene Heskett
On Saturday 26 August 2017 14:51:41 Brian wrote: > On Sat 26 Aug 2017 at 07:40:09 -0400, Gene Heskett wrote: > > On Saturday 26 August 2017 04:13:38 Dejan Jocic wrote: > > > On 26-08-17, R Calleja wrote: > > > > Buenos dias, soy usuario de debian 8.9 desde hace 2 años. > > > > Tengo problemas de

Re: security issues

2017-08-26 Thread Brian
On Sat 26 Aug 2017 at 07:40:09 -0400, Gene Heskett wrote: > On Saturday 26 August 2017 04:13:38 Dejan Jocic wrote: > > > On 26-08-17, R Calleja wrote: > > > Buenos dias, soy usuario de debian 8.9 desde hace 2 años. > > > Tengo problemas de seguridad que me obligan a reinstalar el sistema > > > a

Re: security issues

2017-08-26 Thread Gene Heskett
On Saturday 26 August 2017 04:13:38 Dejan Jocic wrote: > On 26-08-17, R Calleja wrote: > > Buenos dias, soy usuario de debian 8.9 desde hace 2 años. > > Tengo problemas de seguridad que me obligan a reinstalar el sistema > > a menudo, una vez al año. > > He leido documentos y ayuda para mejorar

Re: security issues

2017-08-26 Thread TheFox
Bien, pues entonces lo que vamos a hacer es, lo primero de todo, borrar la caché de Firefox; para lo cual debes ejecutar el siguiente comando en una terminal: rm -rf /.cache/mozilla/firefox Después, vas a esnifar (escuchar) el tráfico de red, por si encuentras tráfico sospechoso (por ejemplo,

Re: security issues

2017-08-26 Thread TheFox
Exactamente, ¿qué problemas de seguridad son los que te presenta Debian? Santiago. El 26 ago. 2017 8:59, "R Calleja" escribió: > Buenos dias, soy usuario de debian 8.9 desde hace 2 años. > Tengo problemas de seguridad que me obligan a reinstalar el sistema a > menudo, una

Re: security issues

2017-08-26 Thread Nicolas George
Le nonidi 9 fructidor, an CCXXV, Dejan Jocic a écrit : > 10. I'm sure that there is more 0. Think about against what risks you want to protect yourself. Security is always a compromise with convenience. The only absolute security is when you do nothing with no computer at all, but that is not

Re: security issues

2017-08-26 Thread Dejan Jocic
On 26-08-17, R Calleja wrote: > Buenos dias, soy usuario de debian 8.9 desde hace 2 años. > Tengo problemas de seguridad que me obligan a reinstalar el sistema a > menudo, una vez al año. > He leido documentos y ayuda para mejorar la seguridad. > Pero no soy un usuario con conocimientos avanzados

Re: security issues with apache!

2006-03-12 Thread Enver ALTIN
Hi, Florian Reitmeir wrote: I had a similar encounter about 2 months ago. The intruder exploited a PHP script that was poorly written. If you check your http access logs, you will most likely find an entry about the PHP that is been exploited. Once you find the offending PHP script, you can

Re: security issues with apache!

2006-03-12 Thread Steve Kemp
On Mon, Mar 13, 2006 at 09:02:13AM +0200, Enver ALTIN wrote: If you have to leave some writable folders for Apache user, say, /tmp, moving /tmp to another partition/filesystem and mounting it with noexec option would prevent most harm /any/ PHP script can cause. Not true. Several of

Re: security issues with apache!

2006-03-07 Thread Josep Serrano
Hello Petter The actual list for security issues is debian-security. The address of this list its on the CC. We can now leave debian-user and switch our discussion into debian-security. This is quite hole! Can't believe there's such a big spot in Apache / Sarge and we didn't heard of it. Can

Re: security issues with apache!

2006-03-07 Thread Ismail
Hi I'm not completely new to Debian or Linux, but I wouldn't classify myself as a battlescarred sysadmin just yet :) Anyways. My problem is security-related, and I hope that I'm posting to the correct list as well as hoping that someone can help me out here. Recently I've noticed that my

Re: security issues with apache!

2006-03-07 Thread Florian Reitmeir
I had a similar encounter about 2 months ago. The intruder exploited a PHP script that was poorly written. If you check your http access logs, you will most likely find an entry about the PHP that is been exploited. Once you find the offending PHP script, you can either remove it or add

Re: security issues with apache!

2006-03-07 Thread Charles
- Original Message - From: Petter Senften [EMAIL PROTECTED] To: debian-user@lists.debian.org Sent: Tuesday, March 07, 2006 3:23 AM Subject: security issues with apache! [deleted for brevity] Now, like I said - I'm not a pro, I'm trying to learn by doing. Unfortunately how this

Re: security issues

2005-11-15 Thread Bill Thompson
On Wed, 16 Nov 2005 00:05:39 + Adam Hardy [EMAIL PROTECTED] wrote: I don't think the attacker gained access, but I would like some sort of mechanism that would cause the OS to email me whenever someone logs in - which is going to be less than once a day. Take a look at the programs

RE: security issues

2001-01-10 Thread Jason Mogavero
Glenn, Yes, Maximum Linux Security is a very good compilation of Linux network security info. I read that book after being in the network security biz for a couple years and still learned quite a bit. www.linuxsecurity.com is also a very good online resource. They have some fantastic

Re: security issues

2001-01-10 Thread Noah L. Meyerhans
Well, you could always subscribe to debian-security and debian-security-announce@lists.debian.org, if you haven't already. Just lurking on those lists will keep you up to date on current security trends. The people there are generally pretty good about answering on-topic questions as well. noah

Re: Security issues for nfs mount

1997-09-14 Thread ioannis
:-) In this case you may as well post your root passwd in Yahoo. On Fri, Sep 12, 1997 at 09:02:59PM +0100, G. Kapetanios wrote: Hi, Although I am not familiar at all with the inner workings of nfs the description below indicates a risk that an unauthorised client may read files

Re: Security issues for nfs mount

1997-09-12 Thread ioannis
The traditional unix nfs filesystem is _insecure_ : the i-node generation number, which is part of the file handles, is easy to guess. -- Ioannis Tambouras [EMAIL PROTECTED], West Palm Beach, Florida Signed pgp-key on key server. -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the

Re: Security issues for nfs mount

1997-09-12 Thread Jim Pick
Ioannis Tambouras wrote: The traditional unix nfs filesystem is _insecure_ : the i-node generation number, which is part of the file handles, is easy to guess. I'm curious. How would an attack on nfs using this method proceed? Cheers, - Jim pgpYNozTVDntA.pgp Description: PGP

Re: Security issues for nfs mount

1997-09-12 Thread ioannis
I could resist to your request, Jim, and appear before you with further clarifications, for you are an active contributor in the Debian project and we are quite fortunate to have you here among us; moreover, there in an ancient saying, that hard is the knowledge of the good. And the

Re: Security issues for nfs mount

1997-09-12 Thread G. Kapetanios
Hi, Although I am not familiar at all with the inner workings of nfs the description below indicates a risk that an unauthorised client may read files on the specific directory which is being exported by nfs read only. However my worry is not whether somebody else will read the files which in

Re: Security issues for nfs mount

1997-09-11 Thread joost witteveen
Hi, I was wondering whether there is anything to worry about if I let another machine nfs mount, read only, root-squash, one directory on my machine. Any help will be greatly appreciated. The only problem I can think of is that root-squash may not be enough (an attacker may still read

Re: Security issues for nfs mount

1997-09-11 Thread Jim Pick
Hi, I was wondering whether there is anything to worry about if I let another machine nfs mount, read only, root-squash, one directory on my machine. Any help will be greatly appreciated. Thanks George I don't