Hello,
So net-analyzer/suricata is all the rage now. The 'Security Onion' is
often pitched as a suricata distro. [1] Many of the commonly listed
packages that are part of the security onion are already in gentoo.
So, are there suricata users on gentoo-user? If so, do you use any
of the key liste
On Thu, Sep 25, 2014 at 01:54:10PM +0100, Kerin Millar wrote
> On 25/09/2014 02:58, Walter Dnes wrote:
>
> [snip]
>
> > ...with malicious stuff, and it could get ugly. app-shells/bash-4.2_p48
> > has been pushed to Gentoo stable. The same "env" command results in...
>
> Unfortunately, that ver
On 2014-09-25 16:02, cov...@ccs.covici.com wrote:
Kerin Millar wrote:
On 25/09/2014 02:58, Walter Dnes wrote:
[snip]
> ...with malicious stuff, and it could get ugly. app-shells/bash-4.2_p48
> has been pushed to Gentoo stable. The same "env" command results in...
Unfortunately, that versi
Kerin Millar wrote:
> On 25/09/2014 02:58, Walter Dnes wrote:
>
> [snip]
>
> > ...with malicious stuff, and it could get ugly. app-shells/bash-4.2_p48
> > has been pushed to Gentoo stable. The same "env" command results in...
>
> Unfortunately, that version did fully address the problem. Ins
On 25/09/2014 13:54, Kerin Millar wrote:
On 25/09/2014 02:58, Walter Dnes wrote:
[snip]
...with malicious stuff, and it could get ugly. app-shells/bash-4.2_p48
has been pushed to Gentoo stable. The same "env" command results in...
Unfortunately, that version did fully address the problem.
On 25/09/2014 02:58, Walter Dnes wrote:
[snip]
...with malicious stuff, and it could get ugly. app-shells/bash-4.2_p48
has been pushed to Gentoo stable. The same "env" command results in...
Unfortunately, that version did fully address the problem. Instead,
upgrade to 4.2_p48-r1 or any of
Slashdot article
http://linux.slashdot.org/story/14/09/24/1638207/remote-exploit-vulnerability-found-in-bash
Story at
http://www.csoonline.com/article/2687265/application-security/remote-exploit-in-bash-cve-2014-6271.html
CVE ID CVE-2014-6271 at http://seclists.org/oss-sec/2014/q3/650
140320 john wrote:
> After recently reading about Windigo,
> I am quesstioning how good my security is on my Gentoo box.
> I am only a desktop user with iptables and clamav installed
> and occasionally running chkrootkit.
> Would you recommend any other forms of security
> -- snort, selinux, harden
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 21/03/14 17:44, Ján Zahornadský wrote:
Indeed, the smaller the surface area, the smaller the target (the
fewer things running, the fewer things can be exploited).
For an average desktop environment, doing what you're already doing, I
think, wou
I'm not a professional, but I'd say that running as few services as
possible contributes to the overall security be reducing the attack
vectors (and Gentoo helps with that by not having that much by default).
I usually opt only for ssh and use certificates rather than passwords...
On Thu, 2014-03
After recently reading about Windigo I am quesstioning how good my
security is on my Gentoo box. I am only a desktop user with iptables
and clamav installed and occasionally running chkrootkit.
Would you recommend any other forms of security (snort, selinux,
hardened etc) that I should be using?
On Samstag 23 Mai 2009, Daniel Iliev wrote:
> Hi,
>
> Since I'm not familiar with Gentoo's practice in dealing with
> security problems I got curious about the following case.
> Yesterday a Secunia advisory [1] about pidgin was brought to my
> attention. The solution offered by the up-str
On Sat, 23 May 2009 09:37:05 -0400
Saphirus Sage wrote:
> >>
> >
> > I guess the mirror I'm using is not up-to-date and they will get a
> > report about it,
> >
> > Thanks!
> >
> >
> I sync from rsync://rsync21.us.gentoo.org/gentoo-portage primarily due
> to the fact that it's an unlimite
Daniel Iliev wrote:
> On Sat, 23 May 2009 09:23:27 -0400
> Saphirus Sage wrote:
>
>
>> Daniel Iliev wrote:
>>
>>> Hi,
>>>
>>> Since I'm not familiar with Gentoo's practice in dealing with
>>> security problems I got curious about the following case.
>>> Yesterday a Secunia adviso
On Sat, 23 May 2009 09:23:27 -0400
Saphirus Sage wrote:
> Daniel Iliev wrote:
> > Hi,
> >
> > Since I'm not familiar with Gentoo's practice in dealing with
> > security problems I got curious about the following case.
> > Yesterday a Secunia advisory [1] about pidgin was brought to my
>
Daniel Iliev wrote:
>
> Hi,
>
> Since I'm not familiar with Gentoo's practice in dealing with
> security problems I got curious about the following case.
> Yesterday a Secunia advisory [1] about pidgin was brought to my
> attention. The solution offered by the up-streams is upgrading t
Daniel Iliev wrote:
>
> Hi,
>
> Since I'm not familiar with Gentoo's practice in dealing with
> security problems I got curious about the following case.
> Yesterday a Secunia advisory [1] about pidgin was brought to my
> attention. The solution offered by the up-streams is upgrading t
Daniel Iliev wrote:
> Hi,
>
> Since I'm not familiar with Gentoo's practice in dealing with
> security problems I got curious about the following case.
> Yesterday a Secunia advisory [1] about pidgin was brought to my
> attention. The solution offered by the up-streams is upgrading to
>
Hi,
Since I'm not familiar with Gentoo's practice in dealing with
security problems I got curious about the following case.
Yesterday a Secunia advisory [1] about pidgin was brought to my
attention. The solution offered by the up-streams is upgrading to
version 2.5.6, while the late
I've been reading this thread in the archives, on loop-aes and then the
security of AES. I hate to jump on the bandwagon, so before I do, I will
state that I *am* a crypto-expert, and have worked for the several
government entities in the US. I am not at liberty to tell you which ones.
Mr. Walters
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello !
You must add you to group plugdev to be able to automount external devices.
Run as root : "gpasswd -a [username] plugdev" and close and reopen your
KDE session.
Regards.
- --
Xavier Parizet
On Wed, March 14, 2007 08:46, Oliver VeÃÂernik
Hi,
I don't know what exactly happened, but when I plug on my external disk I
receive the following message (KDE):
| A security policy in place prevents this sender from sending this message to
| this recipient, see message bus configuration file (rejected message had
| interface "org.freedeskto
On Sunday 16 April 2006 06:54, "Alan E. Davis" <[EMAIL PROTECTED]> wrote
about '[gentoo-user] Security from non-authorized logins':
> I helped a friend install Ubuntu GNU/Linux on his laptop, he left
> town, forgot his passwords, and I promised to breakin for him,
Alan E. Davis wrote:
> He felt betrayed. I understand why, I think: what's secure about
> GNU/Linux if anyone can boot the system and reset his passwords?
Oh C'mon! Like you NEVER did the same on a Windows box. YES, you can do
something similar on NT/2K/XP/Whatever...
Encrypt your filesystems
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Alan E. Davis wrote:
> Still, it would perhaps be somewhat comforting to be able to disable
> EASY access to a "mission critical" system.
>
> What about further disabling of access to /etc/passwd? Does SELinux
> take any such steps? (Ok, I could
Alan E. Davis wrote:
Still, it would perhaps be somewhat comforting to be able to disable
EASY access to a "mission critical" system.
Put them in a server room. Make sure, that only trusted people
have a key to that server room.
What about further disabling of access to /etc/passwd? Does SEL
Still, it would perhaps be somewhat comforting to be able to disable
EASY access to a "mission critical" system.
What about further disabling of access to /etc/passwd? Does SELinux
take any such steps? (Ok, I could look into this by reading TFM.
Apologies).
Alan
On 4/16/06, Alexander Skwar <[
Alan E. Davis wrote:
I helped a friend install Ubuntu GNU/Linux on his laptop, he left
town, forgot his passwords, and I promised to breakin for him, so he
can re-do his passwords. Told him all I have to do is run Knoppix,
access his partition, and delete the little x in the password file.
Then
On 4/16/06, Willie Wong <[EMAIL PROTECTED]> wrote:
> On Sun, Apr 16, 2006 at 09:54:33PM +1000, Penguin Lover Alan E. Davis
> squawked:
> > He felt betrayed. I understand why, I think: what's secure about
> > GNU/Linux if anyone can boot the system and reset his passwords?
>
> That is the same reg
On Sun, Apr 16, 2006 at 09:54:33PM +1000, Penguin Lover Alan E. Davis squawked:
> He felt betrayed. I understand why, I think: what's secure about
> GNU/Linux if anyone can boot the system and reset his passwords?
That is the same regardless of operating system.
Physical access == no security.
I helped a friend install Ubuntu GNU/Linux on his laptop, he left
town, forgot his passwords, and I promised to breakin for him, so he
can re-do his passwords. Told him all I have to do is run Knoppix,
access his partition, and delete the little x in the password file.
Then he would reset his roo
I just have noticed that my Apache2 access.log has few entries:
220.189.234.182 - - [27/Sep/2005:03:21:59 -0600] "CONNECT 202.165.103.38:80
HTTP/1.1" 200 17505
61.232.83.75 - - [09/Oct/2005:04:33:26 -0600] "CONNECT 66.135.208.90:80
HTTP/1.1" 200 25952
59.40.34.187 - - [09/Oct/2005:19:05:40 -0600
On 9/22/05, Neil Bothwick <[EMAIL PROTECTED]> wrote:
On Wed, 21 Sep 2005 23:03:53 +0200, Fernando Meira wrote:> I might be wrong, but I have the idea that E-cvs packages are always> updated during an emerge world.Only if you run it without -p or -a. I never run emerge world without
fiorst checking
On Wed, 21 Sep 2005 23:03:53 +0200, Fernando Meira wrote:
> > Add them to world. As long as you don't do an automatic emerge -uD
> > world you shouldn't have a problem. When updates come out, you'll see
> > them in the output of emerge -pvD world (which you won't with your
> > current setup) then
On 9/21/05, Neil Bothwick <[EMAIL PROTECTED]> wrote:
On Wed, 21 Sep 2005 16:36:59 +0200, Fernando Meira wrote:> > If you installed it with portage, you should have it in world.>>> I've installed with portage, but with --oneshop option. This is because
> (as Holly said) E17 packages need to be insta
On Wed, 21 Sep 2005 16:36:59 +0200, Fernando Meira wrote:
> > If you installed it with portage, you should have it in world.
>
>
> I've installed with portage, but with --oneshop option. This is because
> (as Holly said) E17 packages need to be installed in proper order. So I
> use a script to u
On 9/20/05, Neil Bothwick <[EMAIL PROTECTED]> wrote:
On Tue, 20 Sep 2005 13:50:28 +0200, Fernando Meira wrote:> - I run emerge -pv depclean and I get a list where I find these:> >>> These are the packages that I would unmerge:>> media-libs/libmpeg3
> selected: 1.5.2> protected: none> omitted: none>
Neil Bothwick schreef:
> On Tue, 20 Sep 2005 13:50:28 +0200, Fernando Meira wrote:
>
>> # equery d libmpeg3 [ Searching for packages depending on
>> libmpeg3... ] app-misc/evidence-
>
>
> What are these versions? Are they CVS installs, or packages
> installed outside of portage and in
On Tue, 20 Sep 2005 13:50:28 +0200, Fernando Meira wrote:
> - I run emerge -pv depclean and I get a list where I find these:
> >>> These are the packages that I would unmerge:
>
> media-libs/libmpeg3
> selected: 1.5.2
> protected: none
> omitted: none
>
> x11-plugins/e_modules
> selected:
>
On Tue, Sep 20, 2005 at 01:50:28PM +0200, Fernando Meira wrote:
> 2) win32codecs was marked to be clean. why?
> # equery d win32codecs
> [ Searching for packages depending on win32codecs... ]
> media-libs/xine-lib-1.0.1-r3
> media-video/avifile-0.7.41.20041001-r1
> media-video/mplayer-1.0_pre7-r1
On 9/20/05, Neil Bothwick <[EMAIL PROTECTED]> wrote:
On Tue, 20 Sep 2005 09:04:02 +0800, W.Kenworthy wrote:> One point I have never seen mentioned is *why* would you *not* want a> package in the world file - especially if you want it to be managed by> the system?
The world file is for packages you
On Tue, 20 Sep 2005 09:04:02 +0800, W.Kenworthy wrote:
> One point I have never seen mentioned is *why* would you *not* want a
> package in the world file - especially if you want it to be managed by
> the system?
The world file is for packages you have explicitly installed for
yourself, not thei
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
W.Kenworthy wrote:
>One point I have never seen mentioned is *why* would you *not* want a
>package in the world file - especially if you want it to be managed by
>the system?
>
>BillK
>
I guess maybe that's part of what I'm getting at. ;-)
>
>On Tu
One point I have never seen mentioned is *why* would you *not* want a
package in the world file - especially if you want it to be managed by
the system?
BillK
On Tue, 2005-09-20 at 09:07 +0900, Jason Stubbs wrote:
> On Tuesday 20 September 2005 01:12, gentuxx wrote:
> > >>If every security fix c
On Tuesday 20 September 2005 01:12, gentuxx wrote:
> >>If every security fix comes out with "--oneshot" being recommended,
> >>how do I know if it's a dependency of a package in world, or an entity
> >>in world? (This seems like an extension of the questioning above.)
> >
> >What does it matter in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jason Stubbs wrote:
>On Monday 19 September 2005 15:00, gentuxx wrote:
>
>>does updating a package for a security fix using the "--oneshot" option
>>update the same package that is "housed" in the "world" tree?
>
>
>There is no world "tree". There is
On Monday 19 September 2005 15:00, gentuxx wrote:
> does updating a package for a security fix using the "--oneshot" option
> update the same package that is "housed" in the "world" tree?
There is no world "tree". There is only a "list". --oneshot has no affect on
this list.
> If so, can I as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jason Stubbs wrote:
>On Monday 19 September 2005 13:16, gentuxx wrote:
>
>>If I update firefox with the --oneshot option, I know that it won't
>>update the "world" tree, but why? Why is that the recommended
>>procedure? Does that give me any benefit?
On Monday 19 September 2005 13:16, gentuxx wrote:
> If I update firefox with the --oneshot option, I know that it won't
> update the "world" tree, but why? Why is that the recommended
> procedure? Does that give me any benefit? Also, why would a package
> be available as a "--oneshot" and NOT th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
I don't know if this would be considered a newbie question or not. I
haven't really seen it asked, and I haven't been able to find any
documentation that clearly states this, so I thought I would ask here.
Why is the "--oneshot" option speci
With the basic install of gentoo 2.6.12-r9 behind me (forget splash - it's
not worth the headaches right now, and I need more research to find a good
backup solution), I read through the gentoo security doc. There's a world
of stuff here!
I have a laptop that I'm intending to use for web developme
Nelis Lamprecht wrote:
> Hi,
>
> I am getting several of the above/below errors which is preventing me
> from updating my ports. How do I get around this ? Deleting the files
> doesn't seem to help.
>
> !!! Security Violation: A file exists that is not in the manifest.
I guess u clone portage tr
Hi,
I am getting several of the above/below errors which is preventing me
from updating my ports. How do I get around this ? Deleting the files
doesn't seem to help.
!!! Security Violation: A file exists that is not in the manifest.
!!! File: files/digest-xerces-2.3.0
!!! Security Violation: A f
53 matches
Mail list logo