Hi guys,
@ the moment I'm working on securing a web-server. I installed Nessus to
know where to start from with the big problems. Seems like Nessus thinks
that one of the biggest problem is webmin? Can anybody tell me some
experiences? Is there a possibility to further restrict, or replace some
I have read Security-Quickstart-HOWTO.
I believe my home network has been compromised (my daughter received
returned emails she neversent) and plan to take drastic action. The
network consists of DSL modem, a wireless router and four computers. I
have no concerns about the family members and
A few answers, but first a question: How do you know that your network
has definitely been compromised? If the only evidence you have is that
your daughter received returned emails she didn't send, how to you know
that someone didn't generate those emails elsewhere, spoofing her email
address and
%% Thomas H. George,,, [EMAIL PROTECTED] writes:
thg I believe my home network has been compromised (my daughter received
thg returned emails she neversent)
Note that this is a _very_ common spam technique these days. They
disguise spam as rejected mail, because most mail filters, etc. will
On Sun, 06 Apr 2003 09:09:47 -0500
Thomas H. George,,, [EMAIL PROTECTED] wrote:
I have read Security-Quickstart-HOWTO.
I believe my home network has been compromised (my daughter received
returned emails she neversent) and plan to take drastic action. The
network consists of DSL modem, a
On Sun, Oct 29, 2000 at 11:50:18PM +, sena wrote:
I heard that Jonathan Markevich wrote this on 29/10/00:
However, writing one in C proved to be simple, and an afternoon's worth
of fun.
--(snip - false.c)--
int main() { return 1; }
--(snip - false.c)--
10 seconds writing
I heard that Jonathan Markevich wrote this on 29/10/00:
Only 3 minutes of fun? Disappointing. You've gone and blown the rest of
the afternoon. Read through it, make it funnier. Imagine it in Perl. Or
Befunge. Or my favorite, Rube. (extra points if you use the weasel -- I
believe it's
On Mon, 30 Oct 2000, sena wrote:
I heard that Jonathan Markevich wrote this on 29/10/00:
32 bytes, huh? 24 for your source above (with spaces). Might as well
compile it yourself.
Or, as in C the return type of a function defaults to int, we could write:
main(){return 1;}
even
In article [EMAIL PROTECTED],
sena [EMAIL PROTECTED] wrote:
I heard that Jonathan Markevich wrote this on 29/10/00:
However, writing one in C proved to be simple, and an afternoon's worth
of fun.
--(snip - false.c)--
int main() { return 1; }
--(snip - false.c)--
10 seconds writing
I heard that Miquel van Smoorenburg wrote this on 30/10/00:
Ah, way too big ...
(snip...)
Compile with cc -s -o false -nostdlib false.c
[EMAIL PROTECTED]:~$ cc -s -o false -nostdlib false.c
false.c: In function `exit':
false.c:6: warning: function declared `noreturn' has a `return'
On Sat, Oct 28, 2000 at 08:36:47PM +0200, Robert Waldner wrote:
On Sat, 28 Oct 2000 10:06:56 PDT, Peter Jay Salzman writes:
also, i noticed that some accounts which are disabled are given a shell of
/bin/false:
ftp:x:100:65534::/home/ftp:/bin/false
tiger seemed to hate this too. i
On Sat, Oct 28, 2000 at 03:20:15PM -0700, kmself@ix.netcom.com wrote:
also, i noticed that some accounts which are disabled are given a shell of
/bin/false:
ftp:x:100:65534::/home/ftp:/bin/false
tiger seemed to hate this too. i tried playing around with /bin/false.
can't seem
I heard that Jonathan Markevich wrote this on 29/10/00:
However, writing one in C proved to be simple, and an afternoon's worth
of fun.
--(snip - false.c)--
int main() { return 1; }
--(snip - false.c)--
10 seconds writing plus 3 minutes worth of fun is more like it... :)
Oh writing
i just installed a host security checker, tiger (TARA?) which is more or
less along the lines of what i remember from dan farmer's COPS (a lng
time ago!)
it had a number of complaints about accounts which were disabled but had
valid shells. like this one:
On Sat, 28 Oct 2000 10:06:56 PDT, Peter Jay Salzman writes:
also, i noticed that some accounts which are disabled are given a shell of
/bin/false:
ftp:x:100:65534::/home/ftp:/bin/false
tiger seemed to hate this too. i tried playing around with /bin/false.
can't seem to figure out what it
on Sat, Oct 28, 2000 at 10:06:56AM -0700, Peter Jay Salzman ([EMAIL PROTECTED])
wrote:
also, i noticed that some accounts which are disabled are given a shell of
/bin/false:
ftp:x:100:65534::/home/ftp:/bin/false
tiger seemed to hate this too. i tried playing around with
What I was looking for was any potential secuity risks that exist in the
default setup of Debian 1.3.1.*.
http://www.debian.org/security.html
(this lists all security problems. As far as I'm aware, all have been
fixed in bo-updates).
On the other hand, probably the only way to get your system
I am setting up a server to allow our customers shell access. I want
this sucker to be air-tight. We have a few hacker/phreaker wannabes.
Any suggestions?
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
Shaleh wrote:
:I am setting up a server to allow our customers shell access. I want
:this sucker to be air-tight. We have a few hacker/phreaker wannabes.
:Any suggestions?
Depends on what kind of consulting fees you're willing to pay. :-P
I guess you could get a more positive response if you'd
What I was looking for was any potential secuity risks that exist in the
default setup of Debian 1.3.1.*.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
On Tue, 21 Oct 1997, Shaleh wrote:
I am setting up a server to allow our customers shell access. I want
this sucker to be air-tight. We have a few hacker/phreaker wannabes.
Any suggestions?
1: Tripwire. (I've never used it myself, but everything I hear about it
sounds like you'd want to
21 matches
Mail list logo
