Re[2]: Re[2]: Apply security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) in Production environment

- Original Message - From: Kaushal Shriyan (kaushalshri...@gmail.com) Date: 13-09-23 02:31 To: r...@ronno.nl, General Red Hat Linux discussion list (redhat-list@redhat.com) Subject: Re: Re[2]: Apply security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) in Production environment H

Re: Re[2]: Apply security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) in Production environment

H On Tue, Sep 12, 2023 at 7:19 AM Kaushal Shriyan wrote: > > > On Tue, Sep 12, 2023 at 5:32 AM R. de Kuijer wrote: > >> The Spacewalk project (Satellite version 5) indeed stopped last year. >> Only Oracle stil uses it for their OL distribution for updates. >> >> Follow-up is the Katello/Foreman

Re: Re[2]: Apply security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) in Production environment

On Tue, Sep 12, 2023 at 5:32 AM R. de Kuijer wrote: > The Spacewalk project (Satellite version 5) indeed stopped last year. > Only Oracle stil uses it for their OL distribution for updates. > > Follow-up is the Katello/Foreman project you can use freely, or Satellite6 > for the licensed. > > The

Re[2]: Apply security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) in Production environment

17:16 To: Mike Burger (mbur...@bubbanfriends.org) Cc: General Red Hat Linux discussion list (redhat-list@redhat.com) Subject: Re: Apply security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) in Production environment On Mon, Sep 11, 2023 at 7:12 PM Mike Burger wrote: >

Re: Apply security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) in Production environment

On Mon, Sep 11, 2023 at 7:12 PM Mike Burger wrote: > Have you considered setting up a Spacewalk (free) or Satellite > (licensed) server, in your envinronment? > > This way, you could use it as an internet connected, central repository > to pull in all of the patches, and then your internal system

Re: Apply security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) in Production environment

repository instead of reaching out, directly, to Red Hat's servers over the internet. On 2023-09-11 06:04, Kaushal Shriyan wrote: Hi, Further to the earlier email, is there a way to list security related vulnerabilities for production environment offline systems which are not connected t

Re: Apply security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) in Production environment

Hi, Further to the earlier email, is there a way to list security related vulnerabilities for production environment offline systems which are not connected to the Internet? On Sun, Sep 10, 2023 at 8:09 AM Kaushal Shriyan wrote: > > > On Sun, Sep 10, 2023 at 12:58 AM Matty Sar

Re: Apply security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) in Production environment

at, Sep 9, 2023, 12:49 PM Kaushal Shriyan > wrote: > > Hi Matty, Thanks for your response. I have run the below command. What I have observed is that it is updating all the packages. #yum update --downloadonly --downloaddir=/root/rhel8securityupdates Output of above command -> https

Re: Apply security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) in Production environment

the packages to the target system in a given directory. Then to install navigate to the directory and run "yum local install *.rpm" and it'll update. -Matty On Sat, Sep 9, 2023, 12:49 PM Kaushal Shriyan wrote: > Hi, > > Is there a way to apply the security updates offli

Apply security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) in Production environment

Hi, Is there a way to apply the security updates offline on Red Hat Enterprise Linux release 8.7 (Ootpa) as it is a production environment? yum list-security --security yum -y update --security Please guide me. Thanks in Advance. Best Regards, Kaushal -- redhat-list mailing list unsubscribe

Top 20 Internet Security Vulnerabilities (was sendmail GUI)

On Thu, 2003-10-16 at 09:30, Rik Thomas wrote: > On Thu, 2003-10-16 at 15:36, Cornelius Kölbel wrote: > > > > > > But friends will let friends use the number 5 "Most Critical Internet > > > Security Threat" (http://www.sans.org/top20/top10.php)? > >

Re: Some embarassing, minor? security holes I found in my rh installation...you should check for same

On Thu, 2003-10-16 at 15:44, Mike Klein wrote: > Using kfind (file and content searching util in kde) I decided to > check/scan some key directories for my root password and the password of > my user account (what I use when I'm not root). I was > embarassed by what I found. Much of what you'v

Some embarassing, minor? security holes I found in my rh installation...you should check for same

Using kfind (file and content searching util in kde) I decided to check/scan some key directories for my root password and the password of my user account (what I use when I'm not root). I was embarassed by what I found. I found my root password in cleartext in the following files: /etc/lilo.

Top 20 Security vulnerablilities

Consensus (8 October 2003) The Department of Homeland Security (DHS) and its counterparts in the UK and Canada have joined the SANS Institute in releasing a list of the top 20 security vulnerabilities most frequently exploited in Windows, Unix and Linux. This list is notable for its "multinat

Re: Sendmail, Security

ebmin and save yourself a lot of time. <> -- Original Message --- From: "Winanjaya" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tue, 2 Sep 2003 12:40:22 +0700 Subject: Re: Sendmail, Security > I think you have to check your mail/access file for

Re: Sendmail, Security

I think you have to check your mail/access file for deny RELAY Good luck Winan - Original Message - From: "Redhat Man" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 03, 2003 12:45 AM Subject: Sendmail, Security > Dear All, > > I

Sendmail, Security

Dear All, I am using MTA " sendmail 8.12.6" in my mail server. I got headache that getting unnecessary Outgoing mail transferring... So, I don't want to give allow SMTP server to other users, which is from different ISP.. How can I do this Any bodies know please ?? And also how can I make limit

Re: Telnet Server to integrate into Windows 2000/2003 security.....runningon Linux.

what you need). -Steve -Original Message- From: Wade Chandler [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 26, 2003 11:04 AM To: [EMAIL PROTECTED] Subject: RE: Telnet Server to integrate into Windows 2000/2003 security.running on Linux. I should add that I wanted the Telnet serv

RE: Telnet Server to integrate into Windows 2000/2003 security.....running on Linux.

Steve > -Original Message- > From: Wade Chandler [mailto:[EMAIL PROTECTED] > Sent: Tuesday, August 26, 2003 11:04 AM > To: [EMAIL PROTECTED] > Subject: RE: Telnet Server to integrate into Windows 2000/2003 > security.running on Linux. > > > I should add that I

RE: Telnet Server to integrate into Windows 2000/2003 security.....running on Linux.

security. Hello, I am looking for a telnet server which can be configured to use a windows 2000/2003 network security to login/authenticate. Does anyone know of one out there, or does anyone know if it is possible to some how get RH to do this itself? Please advise. Thank You, Wade Chandler

Telnet Server to integrate into Windows 2000/2003 security.

Hello, I am looking for a telnet server which can be configured to use a windows 2000/2003 network security to login/authenticate. Does anyone know of one out there, or does anyone know if it is possible to some how get RH to do this itself? Please advise. Thank You, Wade Chandler

Re: Question about security and compiling binaries...

On Mon, Aug 11, 2003 at 07:55:25PM -0500, Ed Wilts wrote: > On Mon, Aug 11, 2003 at 07:44:59PM -0500, Benjamin J. Weiss wrote: > > Okay, thanks! Next question: I ran that find command from the root > > directory, and found thirty executables with that suid bit set. Some I > > can tell need it (s

Re: Question about security and compiling binaries...

On Tue, 2003-08-12 at 08:16, Benjamin J. Weiss wrote: > On many of the INSTALL and README documents that come with source > tarballs, they talk about compiling with 'make', then running 'make > install' as root. I was scanning some security documents the other day

Re: Question about security and compiling binaries...

On Mon, Aug 11, 2003 at 07:44:59PM -0500, Benjamin J. Weiss wrote: > Okay, thanks! Next question: I ran that find command from the root > directory, and found thirty executables with that suid bit set. Some I > can tell need it (sudo, suexec), some I think I can just delete (rlogin, > rsh, rcp),

Re: Question about security and compiling binaries...

On Mon, Aug 11, 2003 at 07:16:30PM -0500, Benjamin J. Weiss wrote: > uestion, but I got to thinking... > > On many of the INSTALL and README documents that come with source > tarballs, they talk about compiling with 'make', then running 'make > install' as

Question about security and compiling binaries...

Okay, this may be a stupid question, but I got to thinking... On many of the INSTALL and README documents that come with source tarballs, they talk about compiling with 'make', then running 'make install' as root. I was scanning some security documents the other day, and s

Re: Question about security and compiling binaries...

be built into the rpm being verified. rpm -qa --queryformat "echo \'-\' ; echo \'Verifying %{GROUP}/%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}.rpm --noscripts\' ; rpm -Vv --noscripts %{NAME}-%{VERSION}-%{RELEASE} ; sleep 1 ; if \[ -f core \]; then exit 1 ; fi\n&qu

Re: Question about security and compiling binaries...

put them. And I su to root before I do so, because my normal > > account doesn't have access to that folder. Which means that I'm > > compiling my sources as root, then installing them. > > > > Is this a bad security hole? Do I need to somehow set up a 'com

Re: Symantec Mail Security detected that you sent a messagecontainin g prohibited content

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 28 July 2003 19:47, Haley Crowe wrote: > I'm getting the same message this morning. > > HCC > This is spam. Someone plays a joke. - -- Tb. Rifza Adriansyah Public Key is available on request. -BEGIN PGP SIGNATURE- Version: GnuPG v1.

Re: Symantec Mail Security detected that you sent a messagecontainin g prohibited content

On Mon, 2003-07-28 at 12:57, Ed Wilts wrote: > Refused connections have nothing to do with being a spammer. They have > a poorly configured mail system (currently), but by the looks of their > home page, they're a legitimate commercial company. While you are correct, connecting in this manner w

RE: Symantec Mail Security detected that you sent a messagecontainin g prohibited content

] [mailto:[EMAIL PROTECTED] On Behalf Of Aly Dharshi Sent: Monday, July 28, 2003 11:06 AM To: [EMAIL PROTECTED] Subject: RE: Symantec Mail Security detected that you sent a messagecontainin g prohibited content Hello, I think that its called SpamAssassin, Exim + Exiscan + Sophos or some fav

RE: Symantec Mail Security detected that you sent a messagecontainin g prohibited content

EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Ed Wilts > Sent: Monday, July 28, 2003 10:57 AM > To: [EMAIL PROTECTED] > Subject: Re: Symantec Mail Security detected that you sent a message > containin g prohibited content > > On Mon, Jul 28, 2003 at 10:03:42AM -0400, D

RE: Symantec Mail Security detected that you sent a message containin g prohibited content

:[EMAIL PROTECTED] On Behalf Of Ed Wilts Sent: Monday, July 28, 2003 10:57 AM To: [EMAIL PROTECTED] Subject: Re: Symantec Mail Security detected that you sent a message containin g prohibited content On Mon, Jul 28, 2003 at 10:03:42AM -0400, David Hart wrote: > On Mon, 2003-07-28 at 09:54, MKli

Re: Symantec Mail Security detected that you sent a message containin g prohibited content

On Mon, Jul 28, 2003 at 10:03:42AM -0400, David Hart wrote: > On Mon, 2003-07-28 at 09:54, MKlinke wrote: > > On Monday 28 July 2003 07:40, Cowles, Steve wrote: > > > [EMAIL PROTECTED] wrote: > > > > containing prohibited content (SYM:23953231121286250666) > > > > > > > > > Sturman is apparently a

Re: [Alerts@SturmanIndustries.com: Symantec Mail Security detected that you sent a message containing prohibited content (SYM:33731228931617092356)]

; To: [EMAIL PROTECTED] > Subject: Re: [EMAIL PROTECTED]: Symantec Mail Security > detected that you sent a message containing prohibited content > (SYM:33731228931617092356)] > > Maybe SturmanIndustries.com has taken SCO's FUD to heart and is blocking > anything Red Hat and/o

RE: [Alerts@SturmanIndustries.com: Symantec Mail Security detecte d that you sent a message containing prohibited content

Cowles, Steve wrote: > detecte d that you sent a message containing prohibited content > > > Rizzuto, Alan wrote: >> (SYM:33731228931617092356)] >> >> >> My apologies - our new EXCHANGE email server had a new version of >> Symantec loaded that was blocking all redhat-list messages as spam - >>

RE: [Alerts@SturmanIndustries.com: Symantec Mail Security detected that you sent a message containing prohibited content

Rizzuto, Alan wrote: > (SYM:33731228931617092356)] > > > My apologies - our new EXCHANGE email server had a new version of > Symantec loaded that was blocking all redhat-list messages as spam - > we have it resolved now - sorry for the unrequested responses. Alan > Rizzuto > Thank you for your

RE: [Alerts@SturmanIndustries.com: Symantec Mail Security detected that you sent a message containing prohibited content (SYM:33731228931617092356)]

Of Mike Pelley Sent: Monday, July 28, 2003 10:07 AM To: [EMAIL PROTECTED] Subject: Re: [EMAIL PROTECTED]: Symantec Mail Security detected that you sent a message containing prohibited content (SYM:33731228931617092356)] Maybe SturmanIndustries.com has taken SCO's FUD to heart and is blo

Re: [Alerts@SturmanIndustries.com: Symantec Mail Security detected that you sent a message containing prohibited content (SYM:33731228931617092356)]

user ;) > > - Forwarded message from [EMAIL PROTECTED] - > > X-Original-To: [EMAIL PROTECTED] > Delivered-To: [EMAIL PROTECTED] > thread-index: AcNVA2GiMYS4W180QyeKT0pJUKw/8g== > Thread-Topic: Symantec Mail Security detected that you sent a message > containing prohibi

[Alerts@SturmanIndustries.com: Symantec Mail Security detected that you sent a message containing prohibited content (SYM:33731228931617092356)]

Kw/8g== Thread-Topic: Symantec Mail Security detected that you sent a message containing prohibited content(SYM:33731228931617092356) From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: Symantec Mail Security detected that you sent a message cont

Re: Symantec Mail Security detected that you sent a messagecontainin g prohibited content

On Mon, 2003-07-28 at 09:54, MKlinke wrote: > On Monday 28 July 2003 07:40, Cowles, Steve wrote: > > [EMAIL PROTECTED] wrote: > > > containing prohibited content (SYM:23953231121286250666) > > > > > > Sturman is apparently a SPAMMER. I have a bunch of connections that we refused. Jul 28 08:27:53 m

Re: Symantec Mail Security detected that you sent a message containin g prohibited content

On Monday 28 July 2003 07:40, Cowles, Steve wrote: > [EMAIL PROTECTED] wrote: > > containing prohibited content (SYM:23953231121286250666) > > > > > > Subject of the message: RE: getting dns ip automatically > > Recipient of the message: "'[EMAIL PROTECTED]'" > > <[EMAIL PROTECTED]> > > You've got

Re: Symantec Mail Security detected that you sent amessagecontainin g prohibited content

I'm getting the same message this morning. HCC >>> [EMAIL PROTECTED] 07/28/03 07:40AM >>> [EMAIL PROTECTED] wrote: > containing prohibited content (SYM:23953231121286250666) > > > Subject of the message: RE: getting dns ip automatically > Recipient of the message: "'[EMAIL PROTECTED]'" > <[EMAI

Symantec Mail Security detected that you sent a message containing prohibited content

[EMAIL PROTECTED] wrote: > containing prohibited content (SYM:23953231121286250666) > > > Subject of the message: RE: getting dns ip automatically > Recipient of the message: "'[EMAIL PROTECTED]'" > <[EMAIL PROTECTED]> You've got to be kidding!!! I have received the above notice for each post I

Re: Up2date and security

I'll have to have a look at the source for grins. :) > and has it been scrutinized for security/privacy holes? > > Probably but we don't know to what detail by people outside of Red Hat. > By the same token, you don't know what level of scrutiny has been > performed on t

Re: Up2date and security

ams $ rpm -qi up2date This will tell you that up2date is licensed under the GPL. Feel free to request the source. I expect it to be on your sources CD or you can use up2date to pull the src rpm down. >and has it been scrutinized for security/privacy holes? Probably but we don't kn

Re: Up2date and security

e available for these tools, and has it been scrutinized for any privacy or security issues? Or is this something proprietary to RH? If it's an issue, I will start recommending some other avenue to clients who are worried about it. If not, I'd like to be able to assure them that it

Re: Up2date and security

grams and has it been scrutinized for security/privacy holes? A lot > of clients and friends are worried about M$'s ability to spy on them > and/or the government's ability to force M$ to use their spy technology > to snoop on people's personal or corporate computers. Is thi

Up2date and security

event Microsoft-like domination of the Linux desktop? For example (I haven't yet perused any of the source code since obtaining RH), is the source included for the alert notification and up2date programs and has it been scrutinized for security/privacy holes? A lot of clients and friends are wor

Re: Linux Security Help

"Benjamin J. Weiss" a écrit : > > > I need to open the 8901, 4446 and ports for my installation. I > > cannot find anything about this on the Red Hat documentation pages > > You need to adjust the rules for your iptables. There's a gui way (the > command for which I can't remember, since

Re: Linux Security Help

> I need to open the 8901, 4446 and ports for my installation. I > cannot find anything about this on the Red Hat documentation pages You need to adjust the rules for your iptables. There's a gui way (the command for which I can't remember, since I never use it) and a text way. You can, as

Linux Security Help

With lots and lots of ABSOLUTELY TERRIFIC help from Webct Support, I have finally succeeded in installing Webct on a Test server using Linux 9.0. Now I find that Linux 9.0's Security configuration is set for high and only for SSH and HTTP. The interface allows me to select certain func

RE: Changing the security level configuration to allow port 53 (DNS)

From: Brent Herring [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2003 12:33 PM To: [EMAIL PROTECTED] Subject: RE: Changing the security level configuration to allow port 53 (DNS) Ok. It's kinda big. You're right. It's not listening which seems to be my problem. named is not

RE: Changing the security level configuration to allow port 53(DNS)

me the full netstat -an -Original Message- From: Brent Herring [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2003 11:13 AM To: [EMAIL PROTECTED] Subject: RE: Changing the security level configuration to allow port 53 (DNS) I forgot to mention that I'm using TinyDNS. All appears to

RE: Changing the security level configuration to allow port 53 (DNS)

I still didn't see it listening on any port. Show me the full netstat -an -Original Message- From: Brent Herring [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2003 11:13 AM To: [EMAIL PROTECTED] Subject: RE: Changing the security level configuration to allow port 53 (DNS

RE: Changing the security level configuration to allow port 53(DNS)

rver configured to be a zone slave? -Original Message- From: Brent Herring [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2003 10:21 AM To: [EMAIL PROTECTED] Subject: Changing the security level configuration to allow port 53 (DNS) I need assistance in allowing my Redhat 9.0 se

RE: Changing the security level configuration to allow port 53 (DNS)

the security level configuration to allow port 53 (DNS) I need assistance in allowing my Redhat 9.0 server to allow DNS traffic on port 53.   I have RedHat 9.0 installed and everything is fine except I can't seem to change the security level configuration to allow traffic on port 53.

Changing the security level configuration to allow port 53(DNS)

I need assistance in allowing my Redhat 9.0 server to allow DNS traffic on port 53.   I have RedHat 9.0 installed and everything is fine except I can't seem to change the security level configuration to allow traffic on port 53. Other services (httpd(80), ssh(22), etc.,) are worki

RE: possible postfix security issue

Lorenzo Prince wrote: > I am running Postfix on RH9 and may be having a couple of > problems. I am basically using the out-of-the-box config > file, except I modified the inet_interfaces option to include > $myhostname so I can receive messages at my domain and > localhost so I can send messages u

Re: possible postfix security issue

On Sun, 2003-07-13 at 22:22, Lorenzo Prince wrote: > Then I ran across another problem just a few days ago. Seems I sent a message that > I really didn't > send to an email address that I had never heard of. I received an email messge > warning me that the message I sent > (which I didn't act

possible postfix security issue

I am running Postfix on RH9 and may be having a couple of problems. I am basically using the out-of-the-box config file, except I modified the inet_interfaces option to include $myhostname so I can receive messages at my domain and localhost so I can send messages using my favorite mailers. O

Re: HELP! - I've screwed up on security and now can't access root

If you screwed up the shell, specify it manually: su -l -s /bin/bash should force a bash shell. -- Sen. Orrin Hatch thinks destroying private property to ensure bigger campaign contributions from media cartels is "good politics." Let your senators know that supporting corporate vigilant

RE: HELP! - I've screwed up on security and now can't access root

o to that it'll work appropriately and then modify the root security access. Thank for your support. Josh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thomas E. Dukes Sent: Wednesday, June 25, 2003 5:55 PM To: [EMAIL PROTECTED] Subject: RE: HELP! - I&

RE: HELP! - I've screwed up on security and now can't access root

9:28 PMTo: [EMAIL PROTECTED]Subject: HELP! - I've screwed up on security and now can't access root I consider myself an intermediate user on Linux. I can do things very well,others not well at all. At my workplace, I've converted a former PIII NTmachine into

HELP! - I've screwed up on security and now can't access root

e SSH enabled to transfer and store critical files. Although it was my first time doing so, I was able to impliment SSH, and then started looking for addtional security. So I downloaded the RH Linux Security Guide from RH's site. I was walking through the guide, and started working on root access

sendmail security help

Hello List, I am maintaing a mailing list using smartlist. The list is running on linux 9.0 using sendmail and procmail. Recently the mailing list is getting spam and the headers of the mails show: Received: from (localhost.localdomain [127.0.0.1]) by (8.12.8/8.12.8) with ESMTP id h5MFH5cP00895

redhat 7.3 and /etc/security

Hi, I have found some useful files in /etc/security. I have changed them to suit my needs. But I am sure that they are not working. Do i need to change anything else to make all the limits works and do you know any where that will give some detail explaination to them The server is redhat 7.3

Re: Cant change the security level

On Mon, 2003-06-16 at 23:42, tirumal b wrote: > hello > >I have installed redhat linux 8.0(Psyche).During > the installation i set no firewall but when i see it > in the security level after installation the level is > high by default. I change my option to medium and &g

Cant change the security level

hello I have installed redhat linux 8.0(Psyche).During the installation i set no firewall but when i see it in the security level after installation the level is high by default. I change my option to medium and selected customize option and selected some of the services to be allowed.I

Upgrading glibc for security paht causes application to crash

Hi, I recently setup a new machine with RH 8 and I've been experiencing weird problems with an application we are currently developing since I've installed a security patch to the glibc package. For your information, RH 8 ships we glibc-2.2.93-5. upgrading glibc to package 2.3.2 wil

Re: Security question

t; I guess this is asked a lot. If so, could anyone point me to any relevant > resources? > > Thanks > Ben Ben - Security is a big topic, and here are a few websites that I try to hit on a daily basis to learn more: http://linuxsecurity.com/ http://packetstorm.linuxsecurit

Re: Security question

First of all, disable all the start-up services that you don't need by using setup command. Install chkrootkit and tripwire program to detect if your machine has been compromised or not? Nabin Limbu On 30 May 2003 at 18:29, [EMAIL PROTECTED] wrote: > Hi, > > I'm a bit of a linux newbie. Out

Re: Security question

On Fri, 2003-05-30 at 12:29, [EMAIL PROTECTED] wrote: > Hi, > > I'm a bit of a linux newbie. Out of the box, what should be the first things I > do/learn/disable to secure my box? Is there anything I could run or look out > for to indicate a hack of any kind? > > I guess this is asked a lot.

RE: Security question

What purpose would your Linux box serve? With the later versions, RH provides some decent security with the firewall and ssh being the only service turned on by default. One thing I always add is some protection against people getting root locally by rebooting to single-user mode. If you use

RE: Security question

Hi Ben, The most important thing is to not hook your box up to the internet (except through a well-configured firewall) until you are confident with the security! Use a disk or CD to transfer RPMs to the box. I find the default configuration for RH9 is pretty good, but definitely needs some

Security question

Hi, I'm a bit of a linux newbie. Out of the box, what should be the first things I do/learn/disable to secure my box? Is there anything I could run or look out for to indicate a hack of any kind? I guess this is asked a lot. If so, could anyone point me to any relevant resources? Thanks B

Re: security leak?

On Thu, 20 Mar 2003, Gordon Messmer wrote: > > Clients don't change the server config... I was pretty sure this was the case. > Perhaps you had not restarted > the sshd after making the config changes? Try to reproduce the problem > and report it if you can. If not, then you probably didn'

Re: security leak?

Jiann-Ming Su wrote: I'm running openssh-3.1p1-6 on RedHat 7.2. I have the following options in my sshd_config: ... # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no PermitEmptyPasswords no So, as configured, I should only be allowed to login in if I have a p

security leak?

I'm running openssh-3.1p1-6 on RedHat 7.2. I have the following options in my sshd_config: RhostsAuthentication no # # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # RSAAuthenticati

Re: Security High

Something else to look at...what is in /etc/hosts.allow and /etc/hosts.deny . I had to add sendmail:ALL in my /etc/hosts.allow file for mail to work. Mark On Fri, 28 Feb 2003, Deleo Paulo Ribeiro Junior wrote: > Hello! > > I am using firewall with the option "high" selected. Despite of especif

samba security issues

ntcap name = /etc/printcap max log size = 0 hosts allow = 192.168.0.0/255.255.255.0 127.0.0.1 writable = yes obey pam restrictions = yes passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*

Re: Security High

Deleo Paulo Ribeiro Junior wrote: Hello! I am using firewall with the option "high" selected. Despite of especifying that ports 25 and 110 are allowed to be used (tcp and upd) the sendmail servide does not work. Anyone knows what is the problem? [...] can you post your ipchains or iptables

Re: Security High

aa, sendmail defualts to only listen on the local (127.0.0.1) IP. Check your sendmail.mc > Deleo Paulo Ribeiro Junior wrote: > > Hello! > > I am using firewall with the option "high" selected. Despite of > especifying that ports 25 and 110 are allowed to be used (tcp and upd) > the sendmail

Re: Security High

t is the problem? > > Thank you IIRC, with lokkit (AKA redhat-config-securitylevel), if the setting is "high" almost all ports are blocked, even if you attempt to customize. If you want to open ports for anything, start by choosing security level "medium", then choose &q

RE: Security High

EMAIL PROTECTED] Sent: Friday, February 28, 2003 1:40 PM To: Lista RedHat Subject: Security High   Hello!   I am using firewall with the option "high" selected. Despite of especifying that ports 25 and 110 are allowed to be used (tcp and upd) the sendmail servid

Re: Security High

Do you have nmap? Get it and nmap your 127.0.0.1 address and then your regular IP address. If 25 is only open on 127 then you need to setup sendmail to listen on the external address. If won't by default. Check your /etc/mail/sendmail.mc file and edit it. Then use m4 to gen a new cf file. <> On F

Re: Security High

On February 28, 2003 01:39 pm, Deleo Paulo Ribeiro Junior wrote: > I am using firewall with the option "high" selected. Despite of especifying > that ports 25 and 110 are allowed to be used (tcp and upd) the sendmail > servide does not work. first, you have to find out if the service is even runni

Security High

Hello!   I am using firewall with the option "high" selected. Despite of especifying that ports 25 and 110 are allowed to be used (tcp and upd) the sendmail servide does not work.   Anyone knows what is the problem?   Thank you   Eng. Deleo Paulo Ribeiro Junior55 48 231-163755 48 233-0081[EMA

Re: Security alerts posted to this list?

everal times, actually, since I'm on several security-related lists). All the errata seem to be sent to redhat-watch and redhat-announce. Which one did you miss? Emmanuel -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Security alerts posted to this list?

om/errata/rh8-errata-security.html. I just wondered | > if there's a way to have security alerts delivered to my inbox where I'm | > more likely to notice them quickly. | | Red Hat has a redhat-watch list for errata-only news. | redhat-announce is also very low traffic (errata + release an

Re: Security alerts posted to this list?

On Mon, Feb 24, 2003 at 12:23:22AM -0500, Kevin Krumwiede wrote: > > If there's a remote vulnerability in some RedHat package, will it be > posted to this list? I know about > https://rhn.redhat.com/errata/rh8-errata-security.html. I just wondered > if there's a wa

Re: Security alerts posted to this list?

A good solution might be to have a look at various security-lists. I get about 4 or 5 different security-lists (also including Debian- security - since most bugs are general-linux). If your looking for redhat-specific messages RHN is your first choice - but if your also using packets / programs

Security alerts posted to this list?

If there's a remote vulnerability in some RedHat package, will it be posted to this list? I know about https://rhn.redhat.com/errata/rh8-errata-security.html. I just wondered if there's a way to have security alerts delivered to my inbox where I'm more likely to notice them

Re: Security Level Configuration tool

rote: > Hi, > > I've been trying to change the security level from High to Medium. But, > even though I'm logged in as root when I open up the tool to see if my > changes are there it always shows the Level as High. > > Does anyone know how to allow changes to the securi

Re: Security Level Configuration tool

rote: > Hi, > > I've been trying to change the security level from High to Medium. But, > even though I'm logged in as root when I open up the tool to see if my > changes are there it always shows the Level as High. > > Does anyone know how to allow changes to the securi

Re: Security Level Configuration tool

that config tool can't read the settings u have made before. u need to check /etc/sysconfig/iptables or ipchains to verify the settings. Also, u can use: iptables -L ipchains -L cheers. On Sat, 2003-02-15 at 06:39, Joel Lopez wrote: > Hi, > > I've been trying to change

Re: Security Level Configuration tool

Joel Lopez wrote: > Hi, > > I've been trying to change the security level from High to Medium. But, > even though I'm logged in as root when I open up the tool to see if my > changes are there it always shows the Level as High. If your using ipchains or Linux 7

Re: Security Level Configuration tool

> I've been trying to change the security level from High to Medium. But, > even though I'm logged in as root when I open up the tool to see if my > changes are there it always shows the Level as High. > > Does anyone know how to allow changes to the security level? >

RE: Security Level Configuration tool

Yes. This is normal. The security tool resets itself to high by default when it initializes. It does not seem to read the existing state of the system. It just goes there. It is registering your changes and applying them. It would probably in the long run serve you better to take over the fire

Security Level Configuration tool

Hi, I've been trying to change the security level from High to Medium. But, even though I'm logged in as root when I open up the tool to see if my changes are there it always shows the Level as High. Does anyone know how to allow changes to the security level? thanks, Joel -- r

  1   2   3   4   5   6   7   >