An SSH-passphrase doesn't relate to the security of the connection, it
only prohibits a stranger from accessing your key (and thus initiating a
connection). The SSH connection security is based on your and the
server's public and private keys, which are created using a (to me at
least) pretty c
ulimit -u , see the bash infopage for more info.
Kenneth Hauklien wrote:
Hi
Is there any way to limit a users / groups processes? I run a shell/web
server and want to limit them down to for example 2-3 processes. Is this
possible in any way?
Thank you all in advance
Kenneth Hauklien
Norway
Anthony, Shayla wrote:
Also, what would be a secure way to delete data from a hard drive of a MAC that has *sensitive* information on it such as medical and patient information.
Depending on how paranoid you are, physically melting the disks is the
only certain option - specialized labs can re
Trevor Cushen wrote:
anyway). They then schedule overnight a dd of the system disk to a disk
in their machine over the network (very easy to do) What priviledges do
they need?? I must check this but I have a feeling they will have
access to /dev files and also the /bin files where netcat and d
The simplest on-demand way would be to ping the entire range, the
simplest pseudo-live way would be to have every machine send a heartbeat
once in a while (using SNMP for example).
YashPal Singh wrote:
>Hi All,
>
>How we can search all the alive machines on the network. Say my network is
>10.60.0
johan@tuxera:~$ grep -i snmp /etc/services
snmp161/udp # Simple Net Mgmt Proto
snmp-trap 162/udp snmptrap# Traps for SNMP
smux199/tcp # SNMP Unix Multiplexer
just block these ports outgoing on the sms mac
[EMAIL PROTECTED] wrote:
Well it depends, how desperate somebody wants to get into the computer
room, e.g would they be willing to cut off your hand or pull out your
eyeball.
I would think that finger prints would be the best. It is considerably
cheaper then a retinal scanning equipment.
there c
James Shaw wrote:
>remotely sends and retrieves data for processing, I have never heard of
>SETI being exploited. Any thoughts, opinions, or facts the community
>would like to share would be appreciated.
>
>
As far as I know, SETI doesn't push data, but each client fetches data
blocks whenever
David Corking wrote:
>>You can also allow root ssh from localhost
>>only, adding a tiny bit more security still by not su-ing but ssh-ing to
>>root.
>>
>>
>
>Never thought of this -- good stuff. Will using ssh-agent instead of
>typing ssh passphrase into the remote server hinder attackers ?
KoRe MeLtDoWn wrote:
> Be informed that 6667 is also one of the most common ports for IRC
> servers to run on
>
>> From: "Kip Sr." <[EMAIL PROTECTED]>
>> to port 6667 (internal desktops). Both ports are
>> commonly used by trojan horse programs. Has anyone
>
Both right, and more: lots of troja
Chris Santerre wrote:
>You know I always wondered about this method. su - has you input a password.
>So If a sysadmin is on a cable modem at home, logs in as normal user w/ ssh,
>then does an su - and enters password, How is that any different? You are
>being sniffed on the cable network. Keep in
Chris Berry wrote:
>> From: Johan De Meersman <[EMAIL PROTECTED]>
>>
>>>> I don't think it's ever a good idea to allow root ssh to any machine
>>>
>>> Why not? Also, how are you going to remote administer it without
>>> some sort
Chris Berry wrote:
>> From: Johan De Meersman <[EMAIL PROTECTED]>
>> I don't think it's ever a good idea to allow root ssh to any machine
>
>
> Why not? Also, how are you going to remote administer it without some
> sort of control SSH, VNC, etc?
Beca
Not to be annoying, but I don't think it's ever a good idea to allow
root ssh to any machine :) Setup a low-permissions user, and use that,
or better yet, use something that allows a shell-less user for your data
transfers. Perhaps there's a good reason, but one of the things I find
annoying i
e we're closing in on
the season, I'll put up my christmas tree as your recommend :)
>
>
>
>> From: Johan De Meersman <[EMAIL PROTECTED]>
>> To: Chris Berry <[EMAIL PROTECTED]>
>> Subject: Re: Network Address Translation insecurities
>> Date
I'd suggest reading www.peacefire.org for starters, Bennett's got loads
of interesting stuff on content filters :)
Alok wrote:
>Hi everybody !!
>
>
>Would like to know which is a good product to do content filtering with
>Checkpoint Firewall - 1.
>
>Currently we r evaluating Web Sense.
>
>Would
You could define "access" to include reading, renaming, whatever -
basically filter the FAT so that it doesn't even *show* the untrusted
files. Theoretically, of course - I don't know any program/driver that
does this, although adapting it for basic functionality shouldn't be too
hard if you'v
If I understand correctly, the workstation that needs to be accessed is
in an internal network. Hmm... You could probably forward ports through
your firewall, but I'm no wizard on that. Another solution is to use
VNC, by ssh-ing into your internal network, somewhere on a *nix box, and
then x-f
Jason Yates wrote:
>The Apache configuration tools are far behind anything from Microsoft.
>Admittely the httpd.conf file is very easy to learn, and once you learn it
>you'll love it. But the truth is we live in a GUI world and Apache needs a
>damn good gui. This task isn't easy at all though, b
How about simply adding the users' pager/mobile to his account metadata,
and pushing out the new password as a text message on request ?
[EMAIL PROTECTED] wrote:
>Date: 12 July 2002
> To: I0001089 EXTERNAL
>From: John Hanson GBSAFE00 SFW
how about you take whatever webserver you fancy, and throw a *nix
firewall in front of it ? :)
Corio, Jim wrote:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>I would say that you should run the web server on the Operating system
>that you are most familiar with in an environment that you
You could get paranoid and use steganography (ie, the encryption of data
in media like images) to communicate... A few innocent cartoons won't
draw attention :)
Glenn Gillis wrote:
> I am an e-mail administrator for a non-profit organization that
> communicates extensively via e-mail with pub
It's called SPAM, and one usually ignores it :)
First, the 'Received:' headers are always ordered most-recent-first, so
you read those bottom to top. The mail originated at 131.95.135.162, was
sent through the smtp server at ocean.otr.usm.edu which forwarded it to
trinity.infinethosting.com,
Have a look at CygWin, it's a *nix under windows, complete with X server.
John Horne wrote:
>Hello,
>
>I've been trying to get our users to use Openssh to access our Sun systems
>rather than telnet/ftp. Whilst this is okay for command-line usage (using
>putty), some users use Hummingbird Exceed
24 matches
Mail list logo