Am Samstag, 28. April 2001 12:16 schrieben Sie:
> Ray Olszewski wrote:
> > At 10:45 PM 4/26/01 -0700, Scott C. Best wrote:
> >> wrong where each packet log gets recorded in 3 places?
> >
> > I forget which version of LRP you use, but probably what you're doing
> > "wrong" is accepting the default
Ray Olszewski wrote:
> At 10:45 PM 4/26/01 -0700, Scott C. Best wrote:
> ...
>
>> Makes me wonder though. At the start of the scan,
>> /var/log/syslog, messages and kern.log were 15k, 13k, and
>> 13k respectively. After the scan...all *three* of them were
>> over 980k before I ran out of di
At 10:45 PM 4/26/01 -0700, Scott C. Best wrote:
...
> Makes me wonder though. At the start of the scan,
>/var/log/syslog, messages and kern.log were 15k, 13k, and
>13k respectively. After the scan...all *three* of them were
>over 980k before I ran out of disk space.
> Sure, a brute-for
> Charles Steinkuehler, 2001-04-27 11:36 -0500
> >Either run disk quotas, or put /var/log on a seperate partition, so it
> >doesn't run the whole filesystem out of space. Neither solution is
> >perfect, but making a /var/log partition is already implemented (see my
> >ramdisk.lrp), and wouldn't e
Charles Steinkuehler, 2001-04-27 11:36 -0500
>Either run disk quotas, or put /var/log on a seperate partition, so it
>doesn't run the whole filesystem out of space. Neither solution is
>perfect, but making a /var/log partition is already implemented (see my
>ramdisk.lrp), and wouldn't even requir
> > > >running, as "echo test > file" won't work if the disk is
> > > >full. So...be cautious turning Nessus loose on your own
> > > >LRP box. :)
> > >
> > > I think this is a problem. I believe the ramdisk shouldn't fill up
> > > under any circumstances. Can we change log rotate to trigger on fil
> Makes me wonder though. At the start of the scan,
> /var/log/syslog, messages and kern.log were 15k, 13k, and
> 13k respectively. After the scan...all *three* of them were
> over 980k before I ran out of disk space.
> Sure, a brute-force DOS attack but...what am I doing
> wrong where each packet
Jack Coates, 2001-04-27 07:12 -0700
>
> > >running, as "echo test > file" won't work if the disk is
> > >full. So...be cautious turning Nessus loose on your own
> > >LRP box. :)
> >
> > I think this is a problem. I believe the ramdisk shouldn't fill up
> > under any circumstances. Can we change lo
> >running, as "echo test > file" won't work if the disk is
> >full. So...be cautious turning Nessus loose on your own
> >LRP box. :)
>
> I think this is a problem. I believe the ramdisk shouldn't fill up under
> any circumstances. Can we change log rotate to trigger on file size in
> addition to
Steven Peck, 2001-04-26 21:50 -0700
>nessus.
>
>It warns you that it will seriously hose you for the duration of the
>scan. 30-45 minutes. It starts at port 1 and goes up from there. In a
>nutshell, the only things it found were my open ports.
Steven,
Thanks for running the test, and passing al
Steven Peck, 2001-04-26 23:16 -0700
>OOPS!
>
>I forgot about the side effect.
>
>It filled up my RAM disk and crashed my internal dhcpd. It also killed
>weblet, I could still log on locally and any statically mapped system
>worked, though slow. Those assigned with dhcp lost connectivity.
Steven
Scott C. Best, 2001-04-26 22:45 -0700
> So, I ran the Nessus scan on an Eigerstein 2.2.16
>running echowall. The report, as with Steven's experience,
>isn't very interesting: nothing found since I left nothing
>active (I commented out the WANTED_SERVICES line before
>restarting the firewa
. Best [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 26, 2001 10:45 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [Leaf-devel] Vulnerabilities dot org
>
>
>
> So, I ran the Nessus scan on an Eigerstein 2.2.16
> running echowall. The report, as with Steven's e
So, I ran the Nessus scan on an Eigerstein 2.2.16
running echowall. The report, as with Steven's experience,
isn't very interesting: nothing found since I left nothing
active (I commented out the WANTED_SERVICES line before
restarting the firewall and testing). Report attached at
the end
nessus.
It warns you that it will seriously hose you for the duration of the scan.
30-45 minutes. It starts at port 1 and goes up from there. In a nutshell,
the only things it found were my open ports.
20-21, 80 gave some warnings, 25 with some warning (not applicable to my
mail server), 22 (w
Steven Peck, 2001-04-26 17:27 -0700
>I did earlier with an Eigerstein2BETA, but I will dig out the email and
>share it again.
Steven,
Did you use Nessus or NMAP? Nessus recently won Netowrk Computing's
"Vulnerability Assessment Scanners" review.
http://www.nwc.com/1201/1201f1b1.html
They are co
I did earlier with an Eigerstein2BETA, but I will dig out the email and
share it again.
> -Original Message-
> From: Mike Noyes [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 26, 2001 2:50 PM
> To: [EMAIL PROTECTED]
> Subject: [Leaf-devel] Vulnerabilities dot org
&
Everyone,
I found a site that is performing Nessus and NMAP scans for free. Please
test your firewalls and share the results.
http://www.vulnerabilities.org/
--
Mike Noyes <[EMAIL PROTECTED]>
http://leaf.sourceforge.net/
___
Leaf-devel mailing list
18 matches
Mail list logo
