Re: Security question about daemon-init

On 29/08/2023 18:35, Bhasker C V wrote: Apologies in advance for cross-group posting. I have enabled selinux  and after carefully allowing certain permissions, I have put my system in enforcing mode I do see a suspicious line like this [  115.089395] audit: type=1400 audit(1693329979.841:1

Security question about daemon-init

Apologies in advance for cross-group posting. I have enabled selinux and after carefully allowing certain permissions, I have put my system in enforcing mode I do see a suspicious line like this [ 115.089395] audit: type=1400 audit(1693329979.841:11): avc: denied { getattr } for pid=3104 c

Re: Security question concerning jail or virtualization

On Fri, Mar 14, 2014 at 03:50:09AM +0100, Martin Braun wrote: > Hi > > I have recently experienced a server being "hacked" due to a security > problem with a PHP application that made it possible for the "hacker" to > gain a web shell. > > Due to this experience I would like to know what the best

Re: Security question concerning jail or virtualization

On Fri, 14 Mar 2014 03:50:09 +0100 Martin Braun wrote: > Hi > > I have recently experienced a server being "hacked" due to a security > problem with a PHP application that made it possible for the "hacker" to > gain a web shell. > > Due to this experience I would like to know what the best way

Re: Security question concerning jail or virtualization

On Fri, Mar 14, 2014 at 4:30 AM, Scott Ferguson wrote: > On 14/03/14 15:51, shawn wilson wrote: >> >> On Mar 14, 2014 12:13 AM, "Brad Alexander" > > wrote: >>> >> > > Due to this experience I would like to know what the best way to >> limit such problems is, espec

Re: Security question concerning jail or virtualization

On 14/03/14 15:51, shawn wilson wrote: > > On Mar 14, 2014 12:13 AM, "Brad Alexander" > wrote: >> > Due to this experience I would like to know what the best way to > limit such problems is, especially when hosting web servers for users > who may or may not in

Re: Security question concerning jail or virtualization

On Mar 14, 2014 12:13 AM, "Brad Alexander" wrote: > >>> >>> Due to this experience I would like to know what the best way to limit such problems is, especially when hosting web servers for users who may or may not installed unsecure applications on the web server. > > > Auditing your security is

Re: Security question concerning jail or virtualization

On Thu, Mar 13, 2014 at 11:39 PM, shawn wilson wrote: > Well Linux has LXC which is supposed to be equivalent to jails (also see > docker). But use whatever suits you. > As are the older-school OpenVZ and Linux VServer technologies. > Idk what's current for breaking out of VMs is. It might be go

Re: Security question concerning jail or virtualization

On 14/03/14 13:50, Martin Braun wrote: > Hi > > I have recently experienced a server being "hacked" due to a security > problem with a PHP application that made it possible for the "hacker" to > gain a web shell. Has that problem been rectified? If not then virtualization won't solve the problems

Re: Security question concerning jail or virtualization

Well Linux has LXC which is supposed to be equivalent to jails (also see docker). But use whatever suits you. Idk what's current for breaking out of VMs is. It might be good to pay attention to who is using the most entropy and make sure you don't run out. Most VMs use processor VT to isolate thin

Security question concerning jail or virtualization

Hi I have recently experienced a server being "hacked" due to a security problem with a PHP application that made it possible for the "hacker" to gain a web shell. Due to this experience I would like to know what the best way to limit such problems is, especially when hosting web servers for user

Re: security question

On 10/21/08 12:10, Paul Johnson wrote: Bogdan wrote: This is stupid! Any decent web developer would make his app work at least with IE, Firefox and Safari ( my opinion )! That's stupid. Nobody should ever be coding with only specific browsers in mind. Get it to validate on http://validator

Re: security question

2008/10/18 Carl Fink <[EMAIL PROTECTED]>: > One other possibility: install virtualbox-ose, and run an occasional Windows > session inside Debian when you need to bank. That's what I do with some > specific software I need for my job. > What software is that, Carl? -- Dotan Cohen http://what-is

Re: security question

2008/10/18 Bogdan <[EMAIL PROTECTED]>: > Hey, > > Although I don't like it, the bank i work with only offers Internet Banking > that works only under Internet Explorer. So, unfortunately, if I want to > check out my account I see myself obliged to boot Windows :(. I know that IE > can be installed

Re: security question

Bogdan wrote: > This is stupid! Any decent web developer would make his app work at > least with IE, Firefox and Safari ( my opinion )! That's stupid. Nobody should ever be coding with only specific browsers in mind. Get it to validate on http://validator.w3.org/ Then if it doesn't work, it's

Re: security question

On Sat, Oct 18, 2008 at 08:12:53PM +0300, Bogdan wrote: > Paul Johnson wrote: >> Douglas A. Tutty wrote: >> >>> On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: >>> Although I don't like it, the bank i work with only offers Internet Banking that works only under Internet

Re: security question

Bogdan wrote: > Emanoil Kotsev wrote: >> Bogdan wrote: >> >> >>> Paul Johnson wrote: >>> Douglas A. Tutty wrote: > On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: > > > >> Although I don't like it, the bank i work with o

Re: security question

On 10/19/08 06:02, Bogdan wrote: [snip] This is stupid! Any decent web developer would make his app work at least with IE, Firefox and Safari ( my opinion )! I really don't understand why these, let's face it, hugely funded internet banking applications restrict you to the weakest browser in

Re: security question

On Sun,19.Oct.08, 14:02:11, Bogdan wrote: > Andrei, I didn't know that Unicredit Tiriac works with Firefox, I was > meaning ING :D. There might be others as well. You could search the archives of rlug (offtopic), as this subject comes up regularly. Regards, Andrei -- If you can't explain it s

Re: security question

Carl Fink wrote: > On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: > >> Although I don't like it, the bank i work with only offers Internet >> Banking that works only under Internet Explorer. So, unfortunately, if I >> want to check out my account I see myself obliged to boot Windows

Re: security question

Emanoil Kotsev wrote: Bogdan wrote: Paul Johnson wrote: Douglas A. Tutty wrote: On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: Although I don't like it, the bank i work with only offers Internet Banking that works only under Internet Explorer. So,

Re: security question

Bogdan wrote: > Paul Johnson wrote: >> Douglas A. Tutty wrote: >> >>> On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: >>> >>> Although I don't like it, the bank i work with only offers Internet Banking that works only under Internet Explorer. So, unfortunately, if

Re: security question

Bogdan wrote: > Hey, > > Although I don't like it, the bank i work with only offers Internet > Banking that works only under Internet Explorer. So, unfortunately, if I > want to check out my account I see myself obliged to boot Windows :(. I > know that IE can be installed through wine but no one

Re: security question

On Sat,18.Oct.08, 20:12:53, Bogdan wrote: > Thanks for your answers! > Although i really like my bank, I considered switching because of this > reason, but as far as I can tell, there is only one bank in Romania that > offers Internet Banking with Firefox :(, and I don't like it. Unicredit Țiri

Re: security question

On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: > > Although I don't like it, the bank i work with only offers Internet > Banking that works only under Internet Explorer. So, unfortunately, if I > want to check out my account I see myself obliged to boot Windows :(. I > know that IE c

Re: security question

On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: > Hey, > > Although I don't like it, the bank i work with only offers Internet > Banking that works only under Internet Explorer. So, unfortunately, if I > want to check out my account I see myself obliged to boot Windows :(. I > know th

Re: security question

On 10/18/08 11:51, Bogdan wrote: Hey, Although I don't like it, the bank i work with only offers Internet Banking that works only under Internet Explorer. So, unfortunately, if I want to check out my account I see myself obliged to boot Windows :(. I know that IE can be installed through wine

Re: security question

Paul Johnson wrote: Douglas A. Tutty wrote: On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: Although I don't like it, the bank i work with only offers Internet Banking that works only under Internet Explorer. So, unfortunately, if I want to check out my account I see myself

Re: security question

Douglas A. Tutty wrote: > On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: > >> Although I don't like it, the bank i work with only offers Internet >> Banking that works only under Internet Explorer. So, unfortunately, if I >> want to check out my account I see myself obliged to boot Wi

Re: security question

Bogdan wrote: > Although I don't like it, the bank i work with only offers Internet > Banking that works only under Internet Explorer. Time to switch banks, and tell them why. signature.asc Description: OpenPGP digital signature

Re: security question

On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: > Although I don't like it, the bank i work with only offers Internet > Banking that works only under Internet Explorer. So, unfortunately, if I > want to check out my account I see myself obliged to boot Windows :(. I > know that IE can be

security question

Hey, Although I don't like it, the bank i work with only offers Internet Banking that works only under Internet Explorer. So, unfortunately, if I want to check out my account I see myself obliged to boot Windows :(. I know that IE can be installed through wine but no one seems to guaranty sa

Re: Security question: are these vulnerabilities addressed?

Douglas Allan Tutty <[EMAIL PROTECTED]> writes: > On Sun, Jun 03, 2007 at 12:50:51AM -0400, Scott Gifford wrote: >> Douglas Allan Tutty <[EMAIL PROTECTED]> writes: >> > On Fri, Jun 01, 2007 at 12:07:23AM -0400, Scott Gifford wrote: >> >> Postgres completely fell apart, and it took many hours to pi

Re: Security question: are these vulnerabilities addressed?

On Sun, Jun 03, 2007 at 12:50:51AM -0400, Scott Gifford wrote: > Douglas Allan Tutty <[EMAIL PROTECTED]> writes: > > On Fri, Jun 01, 2007 at 12:07:23AM -0400, Scott Gifford wrote: > >> Postgres completely fell apart, and it took many hours to piece things > >> back together. > > > > Did you have a

Re: Security question: are these vulnerabilities addressed?

Douglas Allan Tutty <[EMAIL PROTECTED]> writes: > On Fri, Jun 01, 2007 at 12:07:23AM -0400, Scott Gifford wrote: >> Andrew Sackville-West <[EMAIL PROTECTED]> writes: >> > On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: >> >> Kamaraju S Kusumanchi <[EMAIL PROTECTED]> writes: >> >> Ou

Re: Security question: are these vulnerabilities addressed?

On Fri, Jun 01, 2007 at 12:07:23AM -0400, Scott Gifford wrote: > Andrew Sackville-West <[EMAIL PROTECTED]> writes: > > On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: > >> Kamaraju S Kusumanchi <[EMAIL PROTECTED]> writes: > >> Our upgrade from Woody to Sarge was so disastrous, I will

Re: Security question: are these vulnerabilities addressed?

Andrew Sackville-West <[EMAIL PROTECTED]> writes: > On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: >> Kamaraju S Kusumanchi <[EMAIL PROTECTED]> writes: [...] >> > BTW, is upgrade to Etch from Sarge not an option in your case? >> >> Our upgrade from Woody to Sarge was so disastr

Re: Security question: are these vulnerabilities addressed?

On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: > Kamaraju S Kusumanchi <[EMAIL PROTECTED]> writes: > > > Scott Gifford wrote: > > > > > >> CVE-2006-0225OpenSSH Local SCP Shell Command Execution > >>From /usr/share/doc/openssh-server/changelog.Debian.gz on Debian Etch > > ma

Re: Security question: are these vulnerabilities addressed?

Kamaraju S Kusumanchi <[EMAIL PROTECTED]> writes: > Scott Gifford wrote: > > >> CVE-2006-0225OpenSSH Local SCP Shell Command Execution >>From /usr/share/doc/openssh-server/changelog.Debian.gz on Debian Etch > machine running openessh-server 4.3p2-9, this was fixed in 1:4.3p2-1 Thanks, fro

Re: Security question: are these vulnerabilities addressed?

Scott Gifford wrote: > CVE-2006-0225OpenSSH Local SCP Shell Command Execution >From /usr/share/doc/openssh-server/changelog.Debian.gz on Debian Etch machine running openessh-server 4.3p2-9, this was fixed in 1:4.3p2-1 No idea about other stuff. BTW, is upgrade to Etch from Sarge not an

Security question: are these vulnerabilities addressed?

Hello, The managers of a facility where we house some Debian servers recently ran a vunlerability scan against our up-to-date Sarge servers, and reported vulnerabilities in the version of OpenSSH we were running. I assume that these issues have been fixed or do not apply to Debian's OpenSSH, but

security question

i have the following: [EMAIL PROTECTED]:~/l/socksify$ lsof /etc/samba/ lsof: WARNING: can't stat() reiserfs file system /dev/.static/dev Output information may be incomplete. COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME kmouth 7211 paolo 129r DIR3,5 136 106194 /etc/samba/

OT: help with security question

Unfortunately there is a windows box on my network which is running Norton Firewall, with logs, documentation and a user interface that seem ambigious, simplistic and confusing, as if written in some kind of technical pigeon language. I was surprised when it reported an incoming ICMP packet by ra

Re: Sarge SM security question

On Wed, Jun 15, 2005 at 06:10:55PM -0500, John Fleming wrote: > SquirrelMail has released a security patch. Will that eventually show up > in a Sarge security update? As a new user of "stable" (previously > testing), I have no experience with security updates. Tnx - John Normally, yeah, but..

Re: Sarge SM security question

On Wed, Jun 15, 2005 at 06:10:55PM -0500, John Fleming wrote: > SquirrelMail has released a security patch. Will that eventually show up > in a Sarge security update? As a new user of "stable" (previously > testing), I have no experience with security updates. Tnx - John So the upstream autho

Sarge SM security question

SquirrelMail has released a security patch. Will that eventually show up in a Sarge security update? As a new user of "stable" (previously testing), I have no experience with security updates. Tnx - John -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble

RE: security question (sshd log)

Is your sshd setup to protocol 2 only? I would suggest seting it up so it is. regards thing -Original Message- From: Tarapia Tapioco [mailto:[EMAIL PROTECTED] Sent: Wednesday, 3 November 2004 11:29 a.m. To: [EMAIL PROTECTED] Subject: security question (sshd log) I found the following

security question (sshd log)

I found the following entries in my auth.log file: sshd[22774]: scanned from 68.147.18.131 with SSH-1.0-SSH_Version_Mapper. Don't panic. sshd[22773]: Did not receive identification string from 68.147.18.131 What do they mean, and should I panic or not? -- To UNSUBSCRIBE, email to [EMAIL PROTE

Re: Security question

On Sat, Dec 06, 2003 at 06:36:55PM -0500, Roberto Sanchez wrote: > At the risk of starting a flamefest, what is a good IDS? I ask because > the recent compromises have got me thinking. I have a couple of > web/mail servers I am adminning at school, and I really have no way of > knowing if they ha

Re: Security question

On Sat, 6 Dec 2003, Scott C. Linnenbringer wrote: > On Sat, Dec 06, 2003, at 17:27 -0800, Alvin Oga wrote: > > > i say, if your ids does find an intruder .. game over ... too late .. > > Unless *you* don't know you're harboring an intruder... yes... know people that had a cracker in their se

Re: Security question

On Sat, Dec 06, 2003, at 17:27 -0800, Alvin Oga wrote: > i say, if your ids does find an intruder .. game over ... too late .. Unless *you* don't know you're harboring an intruder... -- scott c. linnenbringer| [EMAIL PROTECTED] http://www.panix.com/~sl | [EMAIL PROTECTED] pgp0.

Re: Security question

hi ya roberto On Sat, 6 Dec 2003, Roberto Sanchez wrote: > At the risk of starting a flamefest, what is a good IDS? I ask because > the recent compromises have got me thinking. I have a couple of > web/mail servers I am adminning at school, and I really have no way of > knowing if they have be

Security question

At the risk of starting a flamefest, what is a good IDS? I ask because the recent compromises have got me thinking. I have a couple of web/mail servers I am adminning at school, and I really have no way of knowing if they have been 0wn3d. I (poorly) check the logs every 2 to 4 weeks, but that do

Re: apt-get security question

On Fri, Mar 07, 2003 at 10:08:59AM -0500, Bob Paige wrote: > I am curious about how secure the apt-get system is; is it possible to > spoof a debian server and thus send compromised updates to a given machine? Yes, since apt-get doesn't check signatures, yet. Search the debian-devel archives for

Re: apt-get security question

Bob Paige said: > > But in your case, the maintainer put up some bogus packages. > > What I'm really thinking about is the appropriateness of using Debian for > a Linux-based appliance. At my work they have Linux appliances, but they > are always based on RedHat. I would think the apt-get functio

Re: apt-get security question

* Bob Paige <[EMAIL PROTECTED]> [20030307 11:53 PST]: > So, what is the chance that someone could spoof access to an update > server? Does apt-get provide some sort of security (i.e. ssh connection > to the server, or digital signatures on the packages)? You can use signed packages for something

Re: apt-get security question

nate wrote: Bob Paige said: I am curious about how secure the apt-get system is; is it possible to spoof a debian server and thus send compromised updates to a given machine? If you have 3rd party apt sources in your sources.list it is very easy to spoof an update. Which is one reason I do

Re: apt-get security question

Bob Paige said: > I am curious about how secure the apt-get system is; is it possible to > spoof a debian server and thus send compromised updates to a given > machine? If you have 3rd party apt sources in your sources.list it is very easy to spoof an update. Which is one reason I don't have 3rd p

apt-get security question

I am curious about how secure the apt-get system is; is it possible to spoof a debian server and thus send compromised updates to a given machine? -- Bobman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Security Question

On Fri, Jan 03, 2003 at 12:27:34PM -0800, John Gedeon wrote: > Thanks for all the help Colin, > > I will try that as soon as I get the chance. Another thought: Are they using any sort of reasonably standard VPN? There're a few different ipsec-based vpn packages in Debian, including FreeSwan and

Re: Security Question

Thanks for all the help Colin, I will try that as soon as I get the chance. John At 12:16 PM 1/3/2003, you wrote: On Fri, Jan 03, 2003 at 11:25:32AM -0800, John Gedeon wrote: > Thanks Colin for all the info. > Here is the header stuff on PBINDING but i think its a waste of time to > debug the

Re: Security Question

On Fri, Jan 03, 2003 at 11:25:32AM -0800, John Gedeon wrote: > Thanks Colin for all the info. > Here is the header stuff on PBINDING but i think its a waste of time to > debug their stuff any further. I think I will try to downgrade to their > version of glibc and try it. Oh, I think I might kno

Re: Security Question

Thanks Colin for all the info. Here is the header stuff on PBINDING but i think its a waste of time to debug their stuff any further. I think I will try to downgrade to their version of glibc and try it. (is glibc mean gnu libc?? because they said they weren't sure that the gnu c libs were compa

Re: Security Question

On Fri, Jan 03, 2003 at 11:03:36AM -0800, John Gedeon wrote: > >> > I get the following compile time errors: linuxcniapi.c: In > >> > function `CNI_LINUXGetMacAddress': linuxcniapi.c:1118: > >> > dereferencing pointer to incomplete type linuxcniapi.c:1120: > > > >Can we see a few lines of code aro

Re: Security Question

> > I get the following compile time errors: linuxcniapi.c: In > > function `CNI_LINUXGetMacAddress': linuxcniapi.c:1118: > > dereferencing pointer to incomplete type linuxcniapi.c:1120: Can we see a few lines of code around those locations in that file? lines 1107 - 1128 PBINDING pBindi

Re: Security Question - .config

On Fri, 3 Jan 2003, Alvin Oga wrote: > On Fri, 3 Jan 2003, Colin Watson wrote: > > > On Fri, Jan 03, 2003 at 08:54:27AM -0800, John Gedeon wrote: > > > I had another question that is related to my IT guys response: > > >When I compiled their vpn client, it was looking for modversions.h > > > w

Re: Security Question - .config

On Fri, 3 Jan 2003, Colin Watson wrote: > On Fri, Jan 03, 2003 at 08:54:27AM -0800, John Gedeon wrote: > > I had another question that is related to my IT guys response: > >When I compiled their vpn client, it was looking for modversions.h > > which I found you had to run make old-config (n

Re: Security Question

At 09:01 AM 1/3/2003, you wrote: On Fri, Jan 03, 2003 at 08:54:27AM -0800, John Gedeon wrote: > I had another question that is related to my IT guys response: >When I compiled their vpn client, it was looking for modversions.h > which I found you had to run make old-config (not sure of exact

Re: Security Question

At 09:01 AM 1/3/2003, Colin wrote: *ahem* I *really* wouldn't bother trying to convince them. It's not worth fighting with people like that. Okay I will keep that in mind thanks 4 the tip :) Can we see a few lines of code around those locations in that file? If there doesn't seem to be any

Re: Security Question

On Fri, Jan 03, 2003 at 08:54:27AM -0800, John Gedeon wrote: > I had another question that is related to my IT guys response: >When I compiled their vpn client, it was looking for modversions.h > which I found you had to run make old-config (not sure of exact command) to > get the source to g

Re: Security Question

Thanks for all the input guys, it has been very helpful. Didn't mean to sound like a troll or start any flames, just wanted to be sure that my IT people were as misinformed as I thought they were (I am biased towards Debian when I pick linux flavors but I wanted to be sure my bias had some backi

Re: Security Question

> John Gedeon wrote: > > > I have Debian installed on my home computer (3.0 stable version) I want > > to use it to remote login in to work, however the people in charge of the > > remote logins (IT) at my work say that Debian has lots of security holes. I > > was wondering what security holes

Re: Security Question

On Thu, Jan 02, 2003 at 03:39:22PM -0800, John Gedeon wrote: > I have Debian installed on my home computer (3.0 stable version) I want > to use it to remote login in to work, however the people in charge of the > remote logins (IT) at my work say that Debian has lots of security holes. It's un

Re: Security Question

On Thu, Jan 02, 2003 at 03:39:22PM -0800, John Gedeon wrote: > I have Debian installed on my home computer (3.0 stable version) I want > to use it to remote login in to work, however the people in charge of the > remote logins (IT) at my work say that Debian has lots of security holes. I > was

Re: Security Question

hi ya john On Thu, 2 Jan 2003, Jamin W. Collins wrote: > While this message screams troll, there's the possiblity your question > is legit. yuppers.. > On Thu, Jan 02, 2003 at 03:39:22PM -0800, John Gedeon wrote: > > > I have Debian installed on my home computer (3.0 stable version) I > > wa

Re: Security Question

While this message screams troll, there's the possiblity your question is legit. On Thu, Jan 02, 2003 at 03:39:22PM -0800, John Gedeon wrote: > I have Debian installed on my home computer (3.0 stable version) I > want to use it to remote login in to work, however the people in > charge of the rem

Re: Security Question

John Gedeon wrote: > I have Debian installed on my home computer (3.0 stable version) I want > to use it to remote login in to work, however the people in charge of the > remote logins (IT) at my work say that Debian has lots of security holes. I > was wondering what security holes Debian may

Security Question

Hi all, I have Debian installed on my home computer (3.0 stable version) I want to use it to remote login in to work, however the people in charge of the remote logins (IT) at my work say that Debian has lots of security holes. I was wondering what security holes Debian may have (especially in

Re: ssh security question

On Sun, Aug 26, 2001 at 11:29:57PM +0200, Martin F Krafft wrote: | also sprach dman (on Sun, 26 Aug 2001 05:06:37PM -0400): | > The MAC address is only known along that particular wire. That is, if | > the IP packets pass through any routers or gateways the receiving side | > will see the MAC addr

Re: ssh security question

On Sun, Aug 26, 2001 at 10:11:08PM +0200, Martin F Krafft wrote: > my laptop has two net interfaces, one wired and one wireless. they > have different MAC addresses, but i configured my DHCP server to treat > them the same so that i usually have the same IP no matter what card i > use. > > i just

Re: ssh security question

also sprach dman (on Sun, 26 Aug 2001 05:06:37PM -0400): > The MAC address is only known along that particular wire. That is, if > the IP packets pass through any routers or gateways the receiving side > will see the MAC address of the last gateway/router interface and not > the MAC of the sender.

Re: ssh security question

On Sun, Aug 26, 2001 at 10:11:08PM +0200, Martin F Krafft wrote: | shouldn't sshd at least worry about the MAC address too (can it?) just | an IP is too easy to spoof (MAC are too i guess). The MAC address is only known along that particular wire. That is, if the IP packets pass through any rout

Re: ssh security question

I think in this case this was only able to succeed becuase you were actually in control of that session... Had it been someone else spoofing they would also have to already obtain the session keys being used... Jeremy On Sun, Aug 26, 2001 at 10:11:08PM +0200, Martin F Krafft wrot

ssh security question

my laptop has two net interfaces, one wired and one wireless. they have different MAC addresses, but i configured my DHCP server to treat them the same so that i usually have the same IP no matter what card i use. i just noticed a curious bit of possible security awkwardness. with my wired card, i

Re: ftp security question

hi ya rob my wild guesses... i assume you removed "real" from /etc/ftpaccess you need change the shell to /bin/false in /etc/passwd for ftp c ya alvin On Tue, 17 Apr 2001, Rob Zietlow wrote: > I have disabled anon. login for ftp. When I try to log into ftp using the > username ftp it says

ftp security question

I have disabled anon. login for ftp. When I try to log into ftp using the username ftp it says guest ok. But it will deny the user. My question is how do I disable this? There is no ftp user in /etc/shadow /etc/passwd. The only user named ftp is /etc/ftpusers which is the file that lists people

Re: System security question

"Marco C ." wrote: > and I have another question: my netstat revealed these strange ports: > tcp0 0 *:6000 *:*LISTEN This is the X server, if I am not mistaken. IHMO nothing to worry about. > tcp0 0 *:1024 *:*LISTEN Dunno, what

Re: System security question

Il 5 gennaio 2001 (venerdì), alle 13:08, Nathan E Norman ha scritto: > have a printer then don't run lpd. If you have a printer but only > print locally, I think you can unbind the tcp port but I'd have to ^^^ what does it mean? how can I do this

Re: System security question

If you are printing locally I would suggest pdq and xpdq. Read about them on www.linuxprinting.org You can apt-get them from unstable and I think testing. If you just make a sym link called lpd pointing to pdq alot of things work very well. -- Original Message -

Re: System security question

On Sat, Jan 06, 2001 at 02:15:53AM +1100, Martin Bishop wrote: > Netstat shows the following services on my home machine: > > Active Internet connections (servers and established) > *:printer This is lpd. You only need this if your mascine has a printer atteched to it AND accepts print jobs from

Re: System security question

I don't like sunrpc hanging out at all exposed to the world. I get probed regularly on it. Block it out with /etc/hosts.deny the following way: PORTMAP : ALL I usually install ipchains on my box and then block out the ports I don't want exposed with: ipchains -F #remove all the rules, the defaul

Re: System security question

To quote Martin Bishop <[EMAIL PROTECTED]>, # Netstat shows the following services on my home machine: # Is it safe to leave it as it is? I've closed of all services in # inetd.conf and I'm using Firestarter as my firewall. I'm a little # paranoid that my system is listening for connections. But I

System security question

Hi, Netstat shows the following services on my home machine: Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp0 0 *:printer *:* LISTEN tcp0 0 *

Re: security question: running a public ftp server

On Sat, Dec 16, 2000 at 12:09:22AM -0800, Peter Jay Salzman wrote: > can someone point me to documentation specifically aimed at beefing up > security of ftp and apache? everything is behind an LRP (linux router > project) firewall, so i'm pretty secure otherwise. i let hardly anything in > or o

security question: running a public ftp server

dear all, i'm playing around with putting up a public ftp server on my woody box. i know that ftp has its security problems; in fact, the beowulf cluster i managed at school was broken into via a wuftpd vulnerability. can someone point me to documentation specifically aimed at beefing up securit

Re: BIND security question

On Fri, 31 Dec 1999, hypnos wrote: hypnos >how does this work? because only superuser can hypnos >bind to privileged ports (<1024) right? so does hypnos >named start as root, then switch to the user hypnos >specified? hypnos > hypnos >i may look into changing my named to run as hypnos >other than

Re: BIND security question

On Fri, 31 Dec 1999, Robert Varga wrote: > > I installed the Debian package for BIND, and I just checked and it does > > appear > > to be running as root :( > > > > I will have to read the docs to determine if I can change that without > > compiling it myself. > > Just append >-- -u named

Re: BIND security question

On Thu, 30 Dec 1999, Pollywog wrote: > > On 30-Dec-1999 Onno wrote: > > At 04:16 PM 12/28/99 -, Pollywog wrote: > >> > >>On 28-Dec-1999 root wrote: > >> > >>Was this someone trying to find out which BIND I am running? > >>> > >>> Unusual System Events > >>> =-=-=-=-=-=-=-=-=-=-= > >>> Dec

Re: BIND security question

i run a chroot'd bind, so everything has to be in the same place .. so for me everythign is in /var/named nate On Thu, 30 Dec 1999, Pollywog wrote: pollyw >I installed from a Debian package, I did not compile my own. Debian puts the pollyw >files in /etc/bind now, not the former place, /var/na

Re: BIND security question

I installed from a Debian package, I did not compile my own. Debian puts the files in /etc/bind now, not the former place, /var/named thanks -- Andrew On 30-Dec-1999 aphro wrote: > echo -n "Updating permissions for the BIND server ..." > chown named.named /var/named > chown named.named /usr/loc

  1   2   >