On Fri Sep 26, 2003 at 09:17:36AM -0400, Albert Whale wrote:
> >>Smarter minds than mine will have to figure that out. I've used
> >>nessus for
> >>scanning a few times, but never really looked at it's internals. I'm
> >>sure
> >>you could probably accomplish something with NASL (I think that'
On Fri, 2003-09-26 at 06:17, Albert Whale wrote:
> Albert Whale wrote:
>
> >
> >
> > Vincent Danen wrote:
> >
> >> Smarter minds than mine will have to figure that out. I've used
> >> nessus for
> >> scanning a few times, but never really looked at it's internals. I'm
> >> sure
> >> you could
Albert Whale wrote:
Vincent Danen wrote:
Smarter minds than mine will have to figure that out. I've used
nessus for
scanning a few times, but never really looked at it's internals. I'm
sure
you could probably accomplish something with NASL (I think that's
what their
scripting language is
Vincent Danen wrote:
Smarter minds than mine will have to figure that out. I've used nessus for
scanning a few times, but never really looked at it's internals. I'm sure
you could probably accomplish something with NASL (I think that's what their
scripting language is called).
It would actuall
Vincent Danen wrote:
On Thu Sep 25, 2003 at 09:40:16PM -0400, Albert Whale wrote:
Can you fix your reply-to's as well? It's irksome that replies aren't going
to the list.
I got my reply replaced, I think that there are some settings to replace
the reply-to in some Mailing List Managers as
On Thu, 2003-09-25 at 22:37, Vincent Danen wrote:
> On Thu Sep 25, 2003 at 09:40:16PM -0400, Albert Whale wrote:
>
> Can you fix your reply-to's as well? It's irksome that replies aren't going
> to the list.
>
> > >>I am running a System Scan on Several machines. The interesting ones
> > >>to m
On Thu Sep 25, 2003 at 11:54:20PM -0400, Albert Whale wrote:
> My Apologies Vincent, I didn't mean to post in HTML, but XP Blew up last
> night on my laptop, and killed my Netscape preferences, I'm still
> recovering. Thantks, I';ve switched to Text mode.
Thank you. Now if you could work on n
On Thu Sep 25, 2003 at 08:56:38PM -0700, Jack Coates wrote:
> > My response will be short simply due to the fact that you posted in html and
> > I can't quote it and can't be bothered to cut-n-paste.
> >
> > Every Mandrake advisory includes the CVE names for the correlating problem.
> > Trying us
On Thu Sep 25, 2003 at 09:40:16PM -0400, Albert Whale wrote:
Can you fix your reply-to's as well? It's irksome that replies aren't going
to the list.
> >>I am running a System Scan on Several machines. The interesting ones
> >>to me are Linux Mandrake 8.2 and 9.1.
> >>
> >>The issue here is tha
On Thu Sep 25, 2003 at 11:16:24PM -0500, Vox wrote:
> > I guess my point was missed. We don't want to perform queries.
> > Unless the PHP or HTML Page we pull up from MandrakeSecure Queries the
> > Data to sort it and correlate the CVEs and the MDKSAs (and RPM names).
> > This is what the Managem
On September 1993 plus 3676 days Albert Whale wrote:
> I guess my point was missed. We don't want to perform queries.
> Unless the PHP or HTML Page we pull up from MandrakeSecure Queries the
> Data to sort it and correlate the CVEs and the MDKSAs (and RPM names).
> This is what the Management Tea
On Thu, 2003-09-25 at 20:29, Vincent Danen wrote:
> On Thu Sep 25, 2003 at 11:13:23PM -0400, Albert Whale wrote:
>
> My response will be short simply due to the fact that you posted in html and
> I can't quote it and can't be bothered to cut-n-paste.
>
> Every Mandrake advisory includes the CVE n
My Apologies Vincent, I didn't mean to post in HTML, but XP Blew up last
night on my laptop, and killed my Netscape preferences, I'm still
recovering. Thantks, I';ve switched to Text mode.
Vincent Danen wrote:
On Thu Sep 25, 2003 at 11:13:23PM -0400, Albert Whale wrote:
My response will be sh
On Thu Sep 25, 2003 at 11:13:23PM -0400, Albert Whale wrote:
My response will be short simply due to the fact that you posted in html and
I can't quote it and can't be bothered to cut-n-paste.
Every Mandrake advisory includes the CVE names for the correlating problem.
Trying using the CVE search
On September 1993 plus 3676 days Albert Whale wrote:
Could you *please* not use HTML to post to the list? I can't read a
thing of what you saidand by its lenght, it may be worth
reading. So...post as plain text so we all can read what you
say...and I'd actually like to see a repost
Vincent Danen wrote:
On Thu Sep 25, 2003 at 04:51:58PM -0400, Albert Whale wrote:
I am running a System Scan on Several machines. The interesting ones to
me are Linux Mandrake 8.2 and 9.1.
The issue here is that the Scanning Tools (here I am using Nessus),
expect a specific
On September 1993 plus 3676 days Albert Whale wrote:
> Vox wrote:
>
>>On September 1993 plus 3676 days Albert Whale wrote:
>>
>>
>>>I am running a System Scan on Several machines. The interesting ones
>>>to me are Linux Mandrake 8.2 and 9.1.
>>>
>>>The issue here is that the Scanning Tools (here
Vox wrote:
On September 1993 plus 3676 days Albert Whale wrote:
I am running a System Scan on Several machines. The interesting ones
to me are Linux Mandrake 8.2 and 9.1.
The issue here is that the Scanning Tools (here I am using Nessus),
expect a specific reply in order to accept or reject
On Thu Sep 25, 2003 at 04:51:58PM -0400, Albert Whale wrote:
> I am running a System Scan on Several machines. The interesting ones to
> me are Linux Mandrake 8.2 and 9.1.
>
> The issue here is that the Scanning Tools (here I am using Nessus),
> expect a specific reply in order to accept or re
On September 1993 plus 3676 days Albert Whale wrote:
> I am running a System Scan on Several machines. The interesting ones
> to me are Linux Mandrake 8.2 and 9.1.
>
> The issue here is that the Scanning Tools (here I am using Nessus),
> expect a specific reply in order to accept or reject the ap
El Mié 02 Jul 2003 19:12, Praedor Atrebates escribió:
> After I originally found that all users could see other user's home
> contents, I tried first changing to security level 3. Someone else
> mentioned I could set the home permission to 700.
>[...]
I never use Mandrake´s security levels, I don
On Thu, 2003-07-03 at 07:35, Praedor Atrebates wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I just fought with security settings again last night. I don't yet know if I
> have it beat. I could not get things back to even a low/no security level so
> I could start over. This is
On Thu, 2003-07-03 at 07:35, Praedor Atrebates wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I just fought with security settings again last night. I don't yet know if I
> have it beat. I could not get things back to even a low/no security level so
> I could start over. This is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I just fought with security settings again last night. I don't yet know if I
have it beat. I could not get things back to even a low/no security level so
I could start over. This is a problem. I used MCC -> security to set my
system to 3, then t
On Wed, 2003-07-02 at 23:22, Frankie wrote:
> yeah, i think that is one thing mandrake could really really improve.
> Msec has the potential to be a really fantastic hardning script..
> But as it stands now, even on servers i use level 3 and tighten up manually.
>
> it needs a console and/or a X11
f Vox
Sent: Thursday, 3 July 2003 6:44 AM
To: [EMAIL PROTECTED]
Subject: Re: [expert] Security and permissions problems
On September 1993 plus 3591 days Praedor Atrebates wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> After I originally found that all users could see othe
On Wed Jul 02, 2003 at 05:12:13PM -0500, Praedor Atrebates wrote:
> After I originally found that all users could see other user's home contents,
> I tried first changing to security level 3. Someone else mentioned I could
> set the home permission to 700.
>
> Both methods have screwed up my
On Wed, 2 Jul 2003, Vox wrote:
> On September 1993 plus 3591 days Praedor Atrebates wrote:
>
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > After I originally found that all users could see other user's home contents,
> > I tried first changing to security level 3. Someone else m
On September 1993 plus 3591 days Praedor Atrebates wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> After I originally found that all users could see other user's home contents,
> I tried first changing to security level 3. Someone else mentioned I could
> set the home permission to
On Mon Jun 30, 2003 at 08:47:48PM -0700, Jack Coates wrote:
> > > > > homedirs... I wonder why it decided that read/execute perms
> > > > > was an ok thing to do.
> > > >
> > > > My mistake. I had msec level 2 on my workstation which is
> > > > why it was read/execute perms. Changing to level 3
On September 1993 plus 3590 days [EMAIL PROTECTED] wrote:
> On Mon, 30 Jun 2003, Vincent Danen wrote:
>
>> This was done, IIRC, to allow people to have a ~/public_html/ directory and
>> allow apache to enter the home directory so as to read ~/public_html/ (which
>> would allow someone to do someth
On Mon, 30 Jun 2003, Vincent Danen wrote:
> This was done, IIRC, to allow people to have a ~/public_html/ directory and
> allow apache to enter the home directory so as to read ~/public_html/ (which
> would allow someone to do something like http://yoursite.com/~preador/).
> That's pretty much the
On Mon, 2003-06-30 at 20:47, Jack Coates wrote:
...
> Betcha you'd upgraded from 9.0 to 9.1, because I just found out from
> today's festivities that both of the machine's I've done it on are now
> at msec 2.
oops, spoke too soon -- only one of those actually changed its level.
--
Jack Coates
Mon
On Mon, 2003-06-30 at 16:38, Vincent Danen wrote:
> On Mon Jun 30, 2003 at 01:11:34PM -0700, Lyvim Xaphir wrote:
>
> > > > homedirs... I wonder why it decided that read/execute perms
> > > > was an ok thing to do.
> > >
> > > My mistake. I had msec level 2 on my workstation which is
> > > why it
On Mon Jun 30, 2003 at 01:11:34PM -0700, Lyvim Xaphir wrote:
> > > homedirs... I wonder why it decided that read/execute perms
> > > was an ok thing to do.
> >
> > My mistake. I had msec level 2 on my workstation which is
> > why it was read/execute perms. Changing to level 3 gives
> > back the
On Mon Jun 30, 2003 at 02:12:35PM -0500, Praedor Atrebates wrote:
> > > at all. I went into DrakConf and set the security level to "high" and
> > > this fixed the horrific insecurity of the default setup, but it also
> > > unfortunately fired up shorewall with settings that prevented me from
> >
On Mon, 30 Jun 2003, Praedor Atrebates wrote:
> I see...but is it really a good idea to permit execute perms to any and
> sundry? I used to think that if there were a linux virus/worm to be
> concerned about that the worst that could happen under normal
> circumstances is that a user who received
--- Vincent Danen <[EMAIL PROTECTED]> wrote:
> > homedirs... I wonder why it decided that read/execute perms
> > was an ok thing to do.
>
> My mistake. I had msec level 2 on my workstation which is
> why it was read/execute perms. Changing to level 3 gives
> back the appropriate homedir perms
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> > at all. I went into DrakConf and set the security level to "high" and
> > this fixed the horrific insecurity of the default setup, but it also
> > unfortunately fired up shorewall with settings that prevented me from
> > being able to access the s
>
> I also believe that a user can enter another user's home dir but will get a
> permission denied if they do an ls. Other permissions protect the files in
> the homedir. The homedir should have execute-only perms. But, taking a
> quick look, it seems that is not the case. H.
>
> That d
On Mon Jun 30, 2003 at 12:10:00PM -0600, Vincent Danen wrote:
[...]
> I also believe that a user can enter another user's home dir but will get a
> permission denied if they do an ls. Other permissions protect the files in
> the homedir. The homedir should have execute-only perms. But, taking a
--- Vincent Danen <[EMAIL PROTECTED]> wrote:
> > There's no call for that unless some user decides
> > to give other people access to his/her home dir. This
> > accessibility should be a no-no by default regardless of
> > distro.
>
> This was done, IIRC, to allow people to have a ~/public_h
On Mon Jun 30, 2003 at 12:46:00PM -0500, Praedor Atrebates wrote:
> > > For the first time I added a couple more users to my home system. Up
> > > 'til now I was the only user. I found that the default behavior/security
> > > (not) setting allowed all users to access all other user's home
> > >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Monday 30 June 2003 10:31 am, Robert W. wrote:
> On Sun, 2003-06-29 at 19:53, Praedor Atrebates wrote:
> > For the first time I added a couple more users to my home system. Up
> > 'til now I was the only user. I found that the default behavior/sec
On Sun, 2003-06-29 at 19:53, Praedor Atrebates wrote:
> For the first time I added a couple more users to my home system. Up 'til now
> I was the only user. I found that the default behavior/security (not)
> setting allowed all users to access all other user's home directories. No
> limits!
Yes, Sympa sucks... but... I'm afraid I don't know what you're talking
about on the other thing. These two are both upgrades from 9.0:
[EMAIL PROTECTED] jack]$ grep home /usr/share/msec/perm.3
/home/ root.root 755
/home/*
On Fri, 31 May, at 15:40:59 -0400, Albert E. Whale <[EMAIL PROTECTED]> wrote:
> Thanks for the plug, perhaps I should give it a try. i'll let you know what I think.
Word. I'd heard that the 2002 Winter Olympics in Salt Lake used their
stuff on all of their nodes during the games, so I know it's
Thanks for the plug, perhaps I should give it a try. i'll let you know what I think.
[EMAIL PROTECTED] wrote:
> Has anyone tried out PureSecure from Demarc (demarc.com)? I've got that
> running on my machine (free for individual users) and man, it's just
> amazing. It uses Snort to monitor yo
Has anyone tried out PureSecure from Demarc (demarc.com)? I've got that
running on my machine (free for individual users) and man, it's just
amazing. It uses Snort to monitor your network, MySQL to log
everything, and ties it all together in a sweet web front end. It also
does MD5 checksums on
Never mind, we'll make do with the 8.1 version and rebuild it!
Please put this back in the Distribution.
"Albert E. Whale" wrote:
> Just installed 8.2, nice work guys.
>
> After configuring the environment, I'm noticing a few quirks. One, I
> cannot run iptables to NAT my Private Network.
>
>
One question is your version of Putty using ssh1 or ssh2. The only
reason I ask is that someone today showed me that the reason someone (a
possible customer) was having trouble ssh'ing into a test server was
because Putty (the version he had) used ssh1. If your's does.. get a
newer one. 2 is a
On May 19, 2002 19:34, Jay wrote:
> I had my security level on high and everything worked fine. I changed it
> to "higher" and now I cannot ssh into my server. I then changed it to
> "paranoid" and I cannot ssh into my server nor does my webbased e-mail
> work. (using squirrelmail from squirrelmai
On Wed, Apr 24, 2002 at 05:11:54PM -0400, Brian York wrote:
> When you install a fresh copy of LM 8.2 and you set it to 'higher'
> security through the installation you can get different sequrity options
> for the users and for the system. When i tried this a few weeks back i
> could not login
hi oscar,
afaik, the DIRECTORY permission drwx--x--x would
permit you to go to that directory but you cant "see"
(r) or "write" (w) any files on it... however, if you
know a certain file exists there, though you cant see
it thru normal 'ls -l', you can "see" the file by
specifying the filename yo
At 02:22 PM 3/6/02 -0500, you wrote:
>Heyo,
>
>Ok, this is going to sound VERY windowsish, but how do I remove all
>internet security from my LM box? I don't want any filters, and
>restrictions, nothing on this box. It's not a security concern for me as
>I'm sitting behind a VERY expensive firewal
On Wed Feb 27, 2002 at 07:21:49PM -0800, David Guntner wrote:
> There doesn't seem to be a list or address to report things like this
> directly to Mandrake. I'm posting this here in the hopes that one of the
> Mandrake employees on the list will forward it to the appropriate people
> within
On Tue Feb 05, 2002 at 09:18:25AM +0100, Lars Roland Kristiansen wrote:
> Hi all mandrake users I hav to isues
>
> 1) For some reason i can´t make use of SSH when i install Mandrake with
>High security it just says "ssh: arnold.math.ku.dk: Temporary failure
>in name resolution". If i co
On Mon, 7 May 2001, Gavin wrote:
> it suggested I try using it to see how secure the passwords my friends
> employees are using.
Btw, you need to get explicit permission from the owner of the machines
before undertaking any sort of security audit. Not doing so can result in
prison time and hug
On Mon, 7 May 2001, Gavin wrote:
> I would like to know if you or anyone else in the expert group have ever
> used the progeam called JOHN THE RIPPER to I want to install it and do some
> security checks (passwords for other users) . If you have used it before
> could you please give me the
I notice the same problem. As a recall anonomous ftp and maybe also http
access was disabled. Also, non-root console users could no longer log into
the GUI. So I, too, am very interested in the answer to how we can
reestablish the complete Medium (level 3?) setup after doing msec 5. This is
On Friday 02 February 2001 13:05, you wrote:
> richard wrote:
> > yup they work !! and pretty well someone decided to hammer hell out of
> > this box last night, and just to play safe I put in paranoid mode.
> > I noticed that after switching it back to Medium so I can work on it
> > easily, not
richard wrote:
>
> yup they work !! and pretty well someone decided to hammer hell out of this
> box last night, and just to play safe I put in paranoid mode.
> I noticed that after switching it back to Medium so I can work on it easily,
> not everything that was altered went back to its origina
On Thu Jan 18, 2001 at 05:35:50PM -0500, b5dave wrote:
> Okay, well the Security Announce is working for me gain; just got the
> glibc advisory. Thanks for the work Vincent, and sorry if I was overly
> critical.
I understand the concern, Dave, believe me! Especially in light of
this worm (talk
On Wed Jan 17, 2001 at 01:47:49PM -0600, duane voth wrote:
> My intention is not to critizise but to offer an idea and
> help balance the sense of urgency.
I understand.
> >> One expects to be the first notified
> >> of Mandrake security issues when one is subscribed to
> >> Mandrake's security
Okay, well the Security Announce is working for me gain; just got the
glibc advisory. Thanks for the work Vincent, and sorry if I was overly
critical.
Dave.
Vincent wrote:
> At this point the going is slow to find a fix because that individual
> is gone for the week, but rest assured we are try
My intention is not to critizise but to offer an idea and
help balance the sense of urgency.
Vincent Danen wrote:
> On Tue Jan 16, 2001 at 04:23:15PM -0500, b5dave wrote:
>> One expects to be the first notified
>> of Mandrake security issues when one is subscribed to
>> Mandrake's security-annou
Vincent,
Vincent Danen wrote:
> ago. If this has been going on for a month, then someone should have
> said something. However, on the same token, two individuals now have
> indicated that they did in fact recieve messages, so it makes it even
> more unclear. Unfortunately, the timing is very
On Tue Jan 16, 2001 at 04:23:15PM -0500, b5dave wrote:
> > No, that is not the case at all. It's not useless and it's not
> > dangerous. We're just having some difficulty with it.
>
> Sorry, but I must disagree. One expects to be the first notified
> of Mandrake security issues when one is sub
Vincent,
> No, that is not the case at all. It's not useless and it's not
> dangerous. We're just having some difficulty with it.
Sorry, but I must disagree. One expects to be the first notified
of Mandrake security issues when one is subscribed to
Mandrake's security-announce. There's an impl
On Tue Jan 16, 2001 at 06:52:58PM +, bascule wrote:
> fwiw i had a whole a load on jan11th plus one today and others previous, does
> this mean that may be some i have missed or are only some folk not seeming to
> get them?
You got a whole bunch? Do you recall what they were for? I poste
fwiw i had a whole a load on jan11th plus one today and others previous, does
this mean that may be some i have missed or are only some folk not seeming to
get them?
bascule
On Tuesday 16 January 2001 4:45 pm, you wrote:
> On Tue Jan 16, 2001 at 11:01:45AM -0500, Matthew Micene wrote:
> > Has
On Tue Jan 16, 2001 at 11:32:02AM -0500, b5dave wrote:
> > Has anyone else been seeing traffic on the Security lists?
>
> I joined both the Mandrake security announce and security discuss lists
> just before the new year, and there was some brief traffic. Since then,
> however, nothing. Last wee
On Tue Jan 16, 2001 at 12:10:49PM -0500, b5dave wrote:
> if it's any help, the last advisory I got was the "slocate" one of
> Dec 18/2000.
Yeah, that's what I've been told. I think it's sympa rejecting mail
based on "no-no" words like un_subsc_ribe (underscores are there to
prevent this messag
if it's any help, the last advisory I got was the "slocate" one of
Dec 18/2000.
dave.
> We're looking into it. I have my suspicions that something has
> changed with sympa and it is rejecting the mails silently so this
> didn't actually come to my attention until about two days ago. We
> hope
On Tue Jan 16, 2001 at 11:01:45AM -0500, Matthew Micene wrote:
> Has anyone else been seeing traffic on the Security lists? I have seen
> several posts on Bugtraq from Mandrake Security about updates but nothing
> on the Mandrake lists. Anyone have any ideas?
We're looking into it. I have
Matthew,
> Has anyone else been seeing traffic on the Security lists?
I joined both the Mandrake security announce and security discuss lists
just before the new year, and there was some brief traffic. Since then,
however, nothing. Last week linuxtoday (http://www.linuxtoday.com/) was
full of Ma
in relation to this e-mail
i'd be curious to hear what security level (plus tweaking) i should put on
my webserver. right now my dns is high. very high.
i still have to finish setting up my web and mail.
mind you, i run a web hosting company...so clients will still need some
basic service
> When I choose "medium" security from Drakconf I noticed that a few things
> change. One problem that I had was with public_html accounts on the
> webserver. I also had a problem with NFS mounts. My question is where are
> these changes controlled.
cd /etc/security/msec
Thanks... Dan.
K
On Monday 04 December 2000 10:48 am, you wrote:
> and much more =
More logs would be helpful to really determine if there was a break in,
however maybe the questions below can give you a place to start looking.
> Dec 3 23:20:15 linux inetd[17048]: connection from 200.176.106.246
> Dec 3:23:35:05
i have noticed quite a few attempts to FTP to my machine. which is very
unusual.
i'd be willing to compare logs.
matthew
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of bill
Sent: Wednesday, November 29, 2000 11:25 AM
To: [EMAIL PROTECTED]
Subject: [exp
In a message dated 07-Oct-00 18:28:07 Central Daylight Time,
[EMAIL PROTECTED] writes:
<< $ cat junj
cat: junj: No such file or directory
$ ^nj^nk
cat junk
# contents of "junk" spilled here...
$
>>
i think this would be better used for much longer commands, because saving
time for not ty
Gavin Clark wrote:
>
> A ha, that's a character I've never used!
> Now when I find a use for ^ I'll be using the whole keyboard.
>
> ;^)
Here ya go... ^ is used to replace character(s) in previous command and re-run.
In this example, I need to specify "nj" to "nk" because "^j^k" would result
A ha, that's a character I've never used!
Now when I find a use for ^ I'll be using the whole keyboard.
;^)
well there you go! The UNIX equivilant of benching your own weight. (I
should get a t-shirt)
Gavin
on 10/5/00 5:01 PM, [EMAIL PROTECTED] wrote:
> Wrong quotes - use single backquotes
msg.pgp
Keep in touch with http://mandrakeforum.com:
Subscribe the "[EMAIL PROTECTED]" mailing list.
Wrong quotes - use single backquotes (`) which in the webmail client I am
using are not obvious (the one on the key next to the "1" key in other
words. These tell the shell to execute the string within and replace the
string with the output of that command.
BillK
>
> cool trick:
> ls -l `which
cool trick:
ls -l `which telnet`
but it didn't work for me.
I seem to run into this a lot. is there some speacial kind of single quote
character I don't know about?
Gavin
on 10/5/00 4:49 AM, Buchan Milne wrote:
> Telnet and ftp may be accessible to users in the "ntools" group (check
> with
Telnet and ftp may be accessible to users in the "ntools" group (check
with "ls -l `which telnet`" to see what the permissions are). I know gcc
etc are only available to members of the "ctools" group. I am not sure
about printing, but you might want to check the permissions on the
/var/spool/lpd d
> i accidently switch off the nighly security scripts.. how can i turn
> them back on? /usr/share/msec/custom.sh doesn't work somehow...
/etc/crontab looks like this...
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
# run-parts
01 * * * * root run-parts /etc/cron.hourly
0
"Bob Puff@NLE" wrote:
>
> > You DO have webmin running on 1. Unless you plan to do
> > remote control, fire up netscape and
> >
> > http://127.0.0.1:1
> >
> > login is root
> > password is root's password
> >
> > Go to Webmin Configuration->IP Access control and tick "allow
> > only from
"Bob Puff@NLE" wrote:
>
> Hi Gang,
>
> I keep getting this in my mail and also in my logs. Is this normal?
>
> *** Diff Check, Wed Jul 5 04:01:57 EDT 2000 ***
>
> Security Warning: There is modifications for port listening on your machine :
> - Opened ports : tcp0
On Fri, 02 Jun 2000, you wrote:
> Well, 7.0 has settable security levels. Most linux distros
> equate to security level 2 (low) in their defaults. If you set
> Security level 4 or 5 (High or paranoid) You will set a daemon
> loose that audits your system for security and makes changes
> appropr
On Thu, 17 Feb 2000, Ivan Trail wrote:
> Any way, on to my question. I recall reading that you can change the
> names of commands in the shell. For instance you could make ls -l into
> lsl to simplify things. Well since to hack into a system, you would
> need to use some basic commands, like ls
hat will really load up a segment to
the point it's choking.
JDSmith
isp monkey.
- Original Message -
From: "Lyle" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, February 18, 2000 7:22 PM
Subject: RE: [expert] Security with cable
> In that sense,
In that sense, DSL is more like T1 or Frame-relay or modem dialup and unlike
a shared cable modem medium.
-Original Message-
From: Fred Frigerio [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 18, 2000 2:23 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [expert] Security with cable
rio <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
> Subject: RE: [expert] Security with cable
>
> Yeah but what I was wondering is if it is more like a T1 or frame-relay
> in the sense that you will not
n the same group but my machine will not see traffic on the
link.
> -Original Message-
> From: John Aldrich [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, February 17, 2000 9:29 PM
> To: [EMAIL PROTECTED]
> Subject: RE: [expert] Security with cable
>
>
> On Thu, 17
On Thu, 17 Feb 2000, you wrote:
> What about DSL? I think it is similar to a PPP connection but havent
> seen one yet and am thinking about getting it. Does anybody have good
> info about it? Running together with Linux?
>
DSL is more like a cablemodem -- it's a semi-permanent connection.
Fred Frigerio wrote:
>
> What about DSL? I think it is similar to a PPP connection but havent
> seen one yet and am thinking about getting it. Does anybody have good
> info about it? Running together with Linux?
DSL systems have a router port per customer, at least those that
I have seen.
The d
]
> To: [EMAIL PROTECTED]
> Subject: RE: [expert] Security with cable
>
> There is a big difference, actually.
> >
> > On a cable modem, your home computer is part of a large ethernet
> > segment. Any user can sniff your packets because everyone's data
&
On Thu, 17 Feb 2000, Zaleski, Matthew (M.E.) wrote:
> This would require, at least in the case of 2 providers in the Detroit, MI,
> USA area, the hacker to reprogram his cable modem to receive other users
> packets, since the cable modem is acting like a router and only passing
> packets that need
1 - 100 of 130 matches
Mail list logo
