On Sunday 27 August 2017 12:22:30 Mike McClain wrote:
> On Sat, Aug 26, 2017 at 04:35:21PM -0400, Gene Heskett wrote:
> > I have had the ultimate revenge on those who were enemies at one
> > time, I've outlived the turkeys without doing anything to hasten
> > their demise. ;-)
>
> I thought that
On Sat, Aug 26, 2017 at 04:35:21PM -0400, Gene Heskett wrote:
>
> I have had the ultimate revenge on those who were enemies at one time,
> I've outlived the turkeys without doing anything to hasten their
> demise. ;-)
>
I thought that was worthy of being a tagline.
Hope you don't mind.
Mike
--
On Saturday 26 August 2017 15:43:40 Brian wrote:
> [Lots of snipping]
>
> On Sat 26 Aug 2017 at 15:25:53 -0400, Gene Heskett wrote:
> > On Saturday 26 August 2017 14:51:41 Brian wrote:
> > > That's what you think! But while you are slumbering, she is
> > > emailing friends and talking with Donald
[Lots of snipping]
On Sat 26 Aug 2017 at 15:25:53 -0400, Gene Heskett wrote:
> On Saturday 26 August 2017 14:51:41 Brian wrote:
>
> > That's what you think! But while you are slumbering, she is emailing
> > friends and talking with Donald on Twitter. Never underestimate a
> > woman's ability to
On Saturday 26 August 2017 15:25:53 Gene Heskett wrote:
> > > install any of the firewall type stuff, dd-wrt in the router is
> > > the best guard dog. I've been running some form of it for 15 or
> > > more years, and have not been breached.
> >
> > Isn't dd-wrt only suitable for particular
gt; > alguna empresa que de soporte.
> > > >
> > > > Muchas gracias, Roberto
> > > >
> > > >
> > > > Good afternoon, I have been debian 8.9 user for 2 years.
> > > > I have security issues that force me to reinstall the
gt; He conocido herramientas como:
> > > Lynis, openval, nessus, grsecurity,apparmor, selinux, etc
> > > Si puede alguien con conocimientos de seguridad ayudarme. O hay
> > > alguna empresa que de soporte.
> > >
> > > Muchas gracias, Roberto
> >
> > Si puede alguien con conocimientos de seguridad ayudarme. O hay
> > alguna empresa que de soporte.
> >
> > Muchas gracias, Roberto
> >
> >
> > Good afternoon, I have been debian 8.9 user for 2 years.
> > I have security issues that force me to reinstal
>> empresa que de soporte.
>>
>> Muchas gracias, Roberto
>>
>>
>> Good afternoon, I have been debian 8.9 user for 2 years.
>> I have security issues that force me to reinstall the system often, once a
>> year.
>> I have read documents and help
curity,apparmor, selinux, etc
> Si puede alguien con conocimientos de seguridad ayudarme. O hay alguna
> empresa que de soporte.
>
> Muchas gracias, Roberto
>
>
> Good afternoon, I have been debian 8.9 user for 2 years.
> I have security issues that force me to reinstall th
Le nonidi 9 fructidor, an CCXXV, Dejan Jocic a écrit :
> 10. I'm sure that there is more
0. Think about against what risks you want to protect yourself.
Security is always a compromise with convenience. The only absolute
security is when you do nothing with no computer at all, but that is not
.
>
> Muchas gracias, Roberto
>
>
> Good afternoon, I have been debian 8.9 user for 2 years.
> I have security issues that force me to reinstall the system often, once a
> year.
What security issues?
> I have read documents and help to improve security.
What documents?
.
I have security issues that force me to reinstall the system often, once a year.
I have read documents and help to improve security.
But I am not a user with advanced systems knowledge.
My goal is to get a safe work station.
I have known tools like:
Lynis, openval, nessus, grsecurity, apparmor
.
I have security issues that force me to reinstall the system often, once a year.
I have read documents and help to improve security.
But I am not a user with advanced systems knowledge.
My goal is to get a safe work station.
I have known tools like:
Lynis, openval, nessus, grsecurity, apparmor
El 03/06/14 20:52, Felix Perez escribió:
El día 3 de junio de 2014, 9:57, Camaleón noela...@gmail.com escribió:
El Tue, 03 Jun 2014 11:39:16 +0200, Gerardo Diez García escribió:
El 03/06/14 09:54, Sergio Villalba escribió:
http://www. http://www.truecrypt.orgtruecrypt.org
http://www. http://www.truecrypt.orgtruecrypt.org
http://www.truecrypt.org
http://truecrypt.sourceforge.net/
http://www.genbeta.com/seguridad/truecrypt-y-su-misteriosa-desaparicion
El 03/06/14 09:54, Sergio Villalba escribió:
http://www. http://www.truecrypt.orgtruecrypt.org
http://www.truecrypt.org
http://truecrypt.sourceforge.net/
http://www.genbeta.com/seguridad/truecrypt-y-su-misteriosa-desaparicion
La historia esta me ha dejado un poco fuera de juego
El Tue, 03 Jun 2014 11:39:16 +0200, Gerardo Diez García escribió:
El 03/06/14 09:54, Sergio Villalba escribió:
http://www. http://www.truecrypt.orgtruecrypt.org
http://www.truecrypt.org
http://truecrypt.sourceforge.net/
El día 3 de junio de 2014, 9:57, Camaleón noela...@gmail.com escribió:
El Tue, 03 Jun 2014 11:39:16 +0200, Gerardo Diez García escribió:
El 03/06/14 09:54, Sergio Villalba escribió:
http://www. http://www.truecrypt.orgtruecrypt.org
http://www.truecrypt.org
http://truecrypt.sourceforge.net/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/26/07 23:05, Erik Persson wrote:
[snip]
As long as nobody is interested in exploiting the konq bugs and everyone
wants to exploit the firefox bugs, I will be more secure using konq even
if there are more flaws in konq. Security when using a
is of course that there is no significant difference in the
ratio of reported security issues to discovered security issues, and I
can't see any reason those should differ.
I can't see any reason why they _should_ differ either, but it is
entirely possible that they do and that's the point.
It boils
And, obviously, if security is your only standard, my pet schnauzer is a
better browser than either of these. Functionality must come into play
as well.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
we're getting off track of my original point and rather than continue
this festival of delights ;) I am going restate my original statement
and attempt to demonstrate one more time what I meant originally. And
then I'll be done. I'm sure you will either accept what I've said or
counter it, but
On Fri, Jul 27, 2007 at 09:36:36AM -0700, Roger B.A. Klorese wrote:
And, obviously, if security is your only standard, my pet schnauzer is a
can the dog block popups?
apt-get install schnauzer
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't
On Thu, Jul 26, 2007 at 09:35:30PM -0700, Andrew Sackville-West wrote:
Note that I have no bias regarding kong and iceweasel.
Also, I'm more than willing to embrace a counter example. OpenBSD has
had two remote holes in the base install in more than 10 years. And
I'm willing to wager that
Andrew Sackville-West writes:
apt-get install schnauzer
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package schnauzer
The dog is non-free due to patents. You have to have a license from
Pfizer.
--
John Hasler
--
To
Doug writes:
It seems that the mozilla-derived browsers have security issues requiring
updates far more frequently than other browsers like Konqueror or links2.
I'm curious as to why this is. Does anyone have any ideas?
How many people are looking for holes in Konq or Links2?
--
John
On Thu, Jul 26, 2007 at 07:13:48PM +0200, Mathias Brodala wrote:
Douglas Allan Tutty, 26.07.2007 18:23:
It seems that the mozilla-derived browsers have security issues
requiring updates far more frequently than other browsers like Konqueror
or links2.
Aside from the fact that one
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/26/07 14:01, Andrew J. Barr wrote:
On 7/26/07, Mathias Brodala [EMAIL PROTECTED] wrote:
Hi Douglas.
Douglas Allan Tutty, 26.07.2007 18:23:
It seems that the mozilla-derived browsers have security issues
requiring updates far more
Douglas Allan Tutty wrote:
It seems that the mozilla-derived browsers have security issues
requiring updates far more frequently than other browsers like Konqueror
or links2.
I'm curious as to why this is. Does anyone have any ideas?
I'm on dialup and switched to Konq for this very reason
it _could_ be
that this is because there actually _are_ fewer security problems, but
it could _also_ be because no one has _found_ or reported
problems. There's an important distinction there.
The assumption is of course that there is no significant difference in
the ratio of reported security issues
On Thu, Jul 26, 2007 at 10:52:07PM +0200, Erik Persson wrote:
Anyhow, the basic fact that there is fewer security alerts in Konq makes
this a more secure browser, whether this maybe is because only of a smaller
user base or not.
I'm sorry, and i hate to argue with people, but this last
John Hasler wrote:
Doug writes:
It seems that the mozilla-derived browsers have security issues requiring
updates far more frequently than other browsers like Konqueror or links2.
I'm curious as to why this is. Does anyone have any ideas?
How many people are looking for holes in Konq
It seems that the mozilla-derived browsers have security issues
requiring updates far more frequently than other browsers like Konqueror
or links2.
I'm curious as to why this is. Does anyone have any ideas?
I'm on dialup and switched to Konq for this very reason but sometimes I
have a website
On 7/26/07, Mathias Brodala [EMAIL PROTECTED] wrote:
Hi Douglas.
Douglas Allan Tutty, 26.07.2007 18:23:
It seems that the mozilla-derived browsers have security issues
requiring updates far more frequently than other browsers like Konqueror
or links2.
Aside from the fact that one software
On Thu, Jul 26, 2007 at 02:06:11PM -0400, Douglas Allan Tutty wrote:
On Thu, Jul 26, 2007 at 07:13:48PM +0200, Mathias Brodala wrote:
Douglas Allan Tutty, 26.07.2007 18:23:
It seems that the mozilla-derived browsers have security issues
requiring updates far more frequently than other
Hi Douglas.
Douglas Allan Tutty, 26.07.2007 20:06:
On Thu, Jul 26, 2007 at 07:13:48PM +0200, Mathias Brodala wrote:
Douglas Allan Tutty, 26.07.2007 18:23:
It seems that the mozilla-derived browsers have security issues
requiring updates far more frequently than other browsers like Konqueror
Hi Douglas.
Douglas Allan Tutty, 26.07.2007 18:23:
It seems that the mozilla-derived browsers have security issues
requiring updates far more frequently than other browsers like Konqueror
or links2.
Aside from the fact that one software really can be more secure than another one
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/26/07 15:52, Erik Persson wrote:
Douglas Allan Tutty wrote:
It seems that the mozilla-derived browsers have security issues
requiring updates far more frequently than other browsers like Konqueror
or links2.
I'm curious as to why
that there is no significant difference in the
ratio of reported security issues to discovered security issues, and I
can't see any reason those should differ.
I can't see any reason why they _should_ differ either, but it is
entirely possible that they do and that's the point.
It boils down
Ron Johnson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/26/07 15:52, Erik Persson wrote:
Douglas Allan Tutty wrote:
It seems that the mozilla-derived browsers have security issues
requiring updates far more frequently than other browsers like Konqueror
or links2.
I'm curious
myself php so that I can make use of
the service if need be. I keep seeing posts, however, about security
issues with badly written php scripts. Can someone point me to some
info explaining what the security issues are so that I don't end up
writing scripts that will be a security risk.
I
now going to teach myself php so that I can make use of
the service if need be. I keep seeing posts, however, about security
issues with badly written php scripts. Can someone point me to some
info explaining what the security issues are so that I don't end up
writing scripts
be. I keep seeing posts, however, about security
issues with badly written php scripts. Can someone point me to some
info explaining what the security issues are so that I don't end up
writing scripts that will be a security risk.
--
Marc Shapiro
No boom today. Boom tomorrow. There's always
Hi,
Florian Reitmeir wrote:
I had a similar encounter about 2 months ago. The intruder exploited a
PHP script that was poorly written. If you check your http access logs,
you will most likely find an entry about the PHP that is been exploited.
Once you find the offending PHP script, you can
On Mon, Mar 13, 2006 at 09:02:13AM +0200, Enver ALTIN wrote:
If you have to leave some writable folders for Apache user, say, /tmp,
moving /tmp to another partition/filesystem and mounting it with
noexec option would prevent most harm /any/ PHP script can cause.
Not true.
Several of
Hi
I'm not completely new to Debian or Linux, but I wouldn't classify
myself as a battlescarred sysadmin just yet :)
Anyways. My problem is security-related, and I hope that I'm posting to
the correct list as well as hoping that someone can help me out here.
Recently I've noticed that my
Hello Petter
The actual list for security issues is debian-security. The address of this
list its
on the CC. We can now leave debian-user and switch our discussion into
debian-security.
This is quite hole! Can't believe there's such a big spot in Apache / Sarge and
we
didn't heard of it. Can
Hi
I'm not completely new to Debian or Linux, but I wouldn't classify
myself as a battlescarred sysadmin just yet :)
Anyways. My problem is security-related, and I hope that I'm posting to
the correct list as well as hoping that someone can help me out here.
Recently I've noticed that my
I had a similar encounter about 2 months ago. The intruder exploited a
PHP script that was poorly written. If you check your http access logs,
you will most likely find an entry about the PHP that is been exploited.
Once you find the offending PHP script, you can either remove it or
add
- Original Message -
From: Petter Senften [EMAIL PROTECTED]
To: debian-user@lists.debian.org
Sent: Tuesday, March 07, 2006 3:23 AM
Subject: security issues with apache!
[deleted for brevity]
Now, like I said - I'm not a pro, I'm trying to learn by doing.
Unfortunately how
My security precautions for my webserver are probably what you might
call 'fair-to-middling'. Anyway, I'm trying to work out if I should be
worried by what I'm seeing in my logs.
I've got a webserver at a hosting service so I can't just unplug my
machine from the net. All I've done so far is
On Wed, 16 Nov 2005 00:05:39 +
Adam Hardy [EMAIL PROTECTED] wrote:
I don't think the attacker gained access, but I would like some sort
of mechanism that would cause the OS to email me whenever someone
logs in - which is going to be less than once a day.
Take a look at the programs
i'm using a pretty much standard debian stable machine...
i need to allow users FTP only access - i can create them with
#adduser --shell /bin/false username
in the /etc/proftpd.conf file i can set
RequireValidShell off
so that the proftpd server allows the users access even though they
Hi,
I use Debian at home and -- as soon as I get a break! -- am going to move
my at-work system over from SuSE to Debian.
One notable hole (a bad one) in my barely-year-old Linux knowledge base is
security. Since I deal with disgruntled IRC chatters and script kiddies
nearly every day, this is
whitepapers and FAQs
as well as discussion forums.
Jason
-Original Message-
From: Glenn Becker [mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 10, 2001 2:55 PM
To: Debian Users List
Subject: security issues
Hi,
I use Debian at home and -- as soon as I get a break! -- am going to move
Well, you could always subscribe to debian-security and
debian-security-announce@lists.debian.org, if you haven't already. Just
lurking on those lists will keep you up to date on current security
trends. The people there are generally pretty good about answering
on-topic questions as well.
noah
From what I've read, I'm relatively pertrified to use my root account unless
absolutely necessary, like configuring X or setting up my MTA. (There are
only two users here, me and root.)
But since some commands require root access, and it's a pain to su root all
the time, how secure is it to run
Actually, how a cracker will typically try to get in is by exploiting
security holes in deamons that listen to network ports. These programs
USUALLY run as root. Logging in as root presents little-to-no
additional risk. If your system security is weak, logging-in as root
wont cause much
David J. Kanter writes:
But since some commands require root access, and it's a pain to su root
all the time, how secure is it to run sudo on something like wvdial or
slrnpull?
wvdial should not require root if your user is in group dip (wvdial may
also require 'dialout': pon does not). I've
:-)
In this case you may as well post your root passwd in Yahoo.
On Fri, Sep 12, 1997 at 09:02:59PM +0100, G. Kapetanios wrote:
Hi,
Although I am not familiar at all with the inner workings of nfs
the description below indicates a risk that an unauthorised client may
read files
The traditional unix nfs filesystem is _insecure_ : the
i-node generation number, which is part of the file handles, is easy
to guess.
--
Ioannis Tambouras
[EMAIL PROTECTED], West Palm Beach, Florida
Signed pgp-key on key server.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the
Ioannis Tambouras wrote:
The traditional unix nfs filesystem is _insecure_ : the
i-node generation number, which is part of the file handles, is easy
to guess.
I'm curious. How would an attack on nfs using this method proceed?
Cheers,
- Jim
pgpYNozTVDntA.pgp
Description: PGP
I could resist to your request, Jim, and appear before you with further
clarifications, for you are an active contributor in the Debian project
and we are quite fortunate to have you here among us; moreover, there in
an ancient saying, that hard is the knowledge of the good. And the
Hi,
Although I am not familiar at all with the inner workings of nfs
the description below indicates a risk that an unauthorised client may
read files on the specific directory which is being exported by nfs read
only. However my worry is not whether somebody else will read the files
which in
Hi,
I was wondering whether there is anything to worry about if I let
another machine nfs mount, read only, root-squash, one directory on my
machine. Any help will be greatly appreciated.
Thanks
George
Hi,
I was wondering whether there is anything to worry about if I let
another machine nfs mount, read only, root-squash, one directory on my
machine. Any help will be greatly appreciated.
The only problem I can think of is that root-squash may not be enough
(an attacker may still read
Hi,
I was wondering whether there is anything to worry about if I let
another machine nfs mount, read only, root-squash, one directory on my
machine. Any help will be greatly appreciated.
Thanks
George
I don't
68 matches
Mail list logo