> "Daniel" == Daniel Pittman writes:
>> You typed "more" where I think you meant "less".
Daniel> No, I meant more: smaller distributions had known vulnerabilities for
Daniel> longer than either Win32 or the RedHat/SuSE/Debian (and immediate
Daniel> derivatives; Ubuntu was small enough at th
On Tue, Feb 22, 2011 at 21:18, Randal L. Schwartz wrote:
>> "Daniel" == Daniel Pittman writes:
>
> Daniel> Last time I counted the CVE stuff showed that Win32 and Linux were
> Daniel> about even in terms of vulnerabilities, at least, and that you were
> Daniel> much more at risk if you used s
> "Daniel" == Daniel Pittman writes:
Daniel> Last time I counted the CVE stuff showed that Win32 and Linux were
Daniel> about even in terms of vulnerabilities, at least, and that you were
Daniel> much more at risk if you used something outside the big three distros,
Daniel> or Win32.
You typ
> And neither should be used. Instead, harden your sshd. Simple.
> Effective. Having said that, I don't run sshd on port 22, and have not
> seen *any* scanner hit my sshd in months, even though I was getting
> routine (daily or hourly) attacks on 22.
>
> In other words, you don't need port knoc
On Tue, Feb 22, 2011 at 15:50, Russell Johnson wrote:
> On Feb 22, 2011, at 3:40 PM, Randal L. Schwartz wrote:
>>
>> In other words, you don't need port knocking. Just be slighly uncommon,
>> and you're good to go.
>
> Is this security through obscurity?
>
> Yes.
>
> Does it work?
>
> In combinat
On Feb 22, 2011, at 3:40 PM, Randal L. Schwartz wrote:
>
> In other words, you don't need port knocking. Just be slighly uncommon,
> and you're good to go.
Is this security through obscurity?
Yes.
Does it work?
In combination with good practices, yes.
The same way that Linux and other *nix
> "Tim" == Tim writes:
Tim> What is the difference between sending a secret series of ports
Tim> numbers to a host versus sending a secret IP address? None. It is
Tim> the same level of obscurity.
And neither should be used. Instead, harden your sshd. Simple.
Effective. Having said tha
Hello all,
I work with some folks at Intel who are really passionate about embedded
Linux development. We've been working on the Yocto Project, a build
system and set of tools you can use to create embedded Linux
distributions. If you're familiar with OpenEmbedded or Poky, we are
based on these pr
Rich Shepard wrote:
> On Tue, 22 Feb 2011, Rich Shepard wrote:
>
>
>> Is there a way to determine, a priori, how many passes might be necessary
>> in any such file?
>>
>
>Thinking about this, two should be sufficient. It is for my data file, at
> least. Now the only commas are within
On Tue, 22 Feb 2011, Rich Shepard wrote:
> Is there a way to determine, a priori, how many passes might be necessary
> in any such file?
Thinking about this, two should be sufficient. It is for my data file, at
least. Now the only commas are within text strings.
Thank you all for enhanci
On Tue, 22 Feb 2011, Fred James wrote:
> Running the command twice against the input, cleared up the stragglers.
> The SED file would look like this ...
> {
>s/\([0-9]\)\(,\)\([0-9]\)/\1|\3/g
>s/\([0-9]\)\(,\)\([0-9]\)/\1|\3/g
> }
Fred,
I was going to run the script manually.
On Tue, 22 Feb 2011, Galen Seitz wrote:
> That's because the leading 0 in 0,2 and the leading 1 in 1,2 were part of
> the previous match.
Galen,
Aha. So if there's a succession of matched patterns then the search
proceeds after the last matched character. That makes sense now that you
explain
Galen Seitz wrote:
> Rich Shepard wrote:
>
>>Yes. Somewhat. And why not totally I don't -- yet -- understand. It does
>> make sense that if characters are going to be grouped in the pattern part of
>> the expression, then all characters need to be grouped. Including the single
>> comma. Per
Rich Shepard wrote:
>Yes. Somewhat. And why not totally I don't -- yet -- understand. It does
> make sense that if characters are going to be grouped in the pattern part of
> the expression, then all characters need to be grouped. Including the single
> comma. Per John's suggestion I dropped th
On Mon, 21 Feb 2011, Fred James wrote:
> s/\([0-9]\)\(,\)\([0-9]\)/\1|\3/g
Fred, John, et al.:
> Does that help?
Yes. Somewhat. And why not totally I don't -- yet -- understand. It does
make sense that if characters are going to be grouped in the pattern part of
the expression, then all
15 matches
Mail list logo
