> > I have to ask what you would do if your server is a file server with
> > lots of big, expensive drives where a company might not be able to
> > afford replacing them all? Would they be happy with backups (keeping
> > in mind that any tools used to backup the server might no longer be
> > trus
You dumbass. Everybody knows you don't try to fix a compromised
machine. You take it in stride, wipe the drives and start all
over from a clean install.
j.
--
Jeremy L. Gaddis <[EMAIL PROTECTED]>
-Original Message-
From: Ted Knab [mailto:[EMAIL PROTECTED]]On Behalf Of Thedore Knab
I haven't been able to gleen much about Webmin yet
as to whether it can support automating common ISP activities distributed among
multiple servers. Does Webmin or any other package provide a means of logging
onto a centralized web site (for ISPÂ employees only) to add radius user
accounts, P
On Sat, 5 Jan 2002, Jeremy L. Gaddis wrote:
> You dumbass. Everybody knows you don't try to fix a compromised
> machine. You take it in stride, wipe the drives and start all
> over from a clean install.
Would you mind terribly not airing your oh-so-superior views in public?
With such unbridled
> Good point! Having never dealt with the fuzz after being compromised,
> I have to ask what you would do if your server is a file server with
> lots of big, expensive drives where a company might not be able to
> afford replacing them all? Would they be happy with backups (keeping
> in mind th
On Sat, Jan 05, 2002 at 01:43:24AM -0500, Thedore Knab wrote:
> Starting nmap V. 2.54BETA25 ( www.insecure.org/nmap/ )
> Interesting ports on dns1.mywork.edu :
> (The 1540 ports scanned but not shown below are in state: closed)
^^
You seem to have only scanned your well-known ports
On Sun, 6 Jan 2002 04:08, Jason Lim wrote:
> From my experience, police like data untampered and in exactly the same
> form and such when the intrusion occurred. That means the exact same
> disks, not a tape backup or something. Sometimes backups can miss stuff,
> or as mentione previously, the ba
How does this sound ?
The system has been rebuilt.
It is running Bind 9.2 chroot version on RH 7.2. Someone else built it. I prefer
Debian or OpenBSD. I will add tripwire and chkroot kit to run as a cron
job.
The harddrives will be saved for further investigation at a later date.
Since the har
hello all,
for the life of me i cant figure out the reg exp PHP manual, can someone please
help me with ereg_replace() or preg_replace() in PHP. i have a string wherein
i want to replace all occurences of characters outside of "a-z0-9" with nothing.
tia,
sib
---
> 3) Add this to authorized_keys for the above account, specifying the
> command that logins with this key are allowed to run. See command="" in
> sshd(1).
I can't find the document about this section, can you show me
some reference or examples? Many thanks.
--
Patrick Hsieh <[EMAIL PROTECTED]>
Heya,
I've got a project coming up to create a chroot'ed environment, using
the grsecurity patches for added security, that provides a separate
encapsulated "virtual machine" for each user or group of users. I want
to build the environment the users get chroot'ed into using debian
package tools.
On Mon, Jan 07, 2002 at 03:48:25PM +1100, Kevin Littlejohn wrote:
> What I'm wondering is, what's the best way to start this process?
> Assuming I have a partition set aside (which will be mounted read-only)
> to act as the root filesystem for the chroot cage, how do I get the
> basic file layout
> > 3) Add this to authorized_keys for the above account, specifying the
> > command that logins with this key are allowed to run. See command="" in
> > sshd(1).
>
> I can't find the document about this section, can you show me
> some reference or examples? Many thanks.
man sshd, down the bott
> On Tue, Jan 01, 2002 at 08:39:39AM -0500, Keith Elder wrote:
> > This brings up a question. How do you rsync something but keep the
> > ownership and permissions the same. I am pulling data off site nightly
> > and that works, but the permissions are all screwed up.
>
> rsync -avxrP --delete
On Mon, Jan 07, 2002 at 03:03:12PM +0800, Patrick Hsieh wrote:
> > - obviously this doesn't preclude a bad guy checking out
> > backup-server:backups/otherhostname (use ssh keys, and invoke cmd="cd
> > backups/hostname; rsync with whatever daemon options" will limit that)
> Now I know ho
> > I have to ask what you would do if your server is a file server with
> > lots of big, expensive drives where a company might not be able to
> > afford replacing them all? Would they be happy with backups (keeping
> > in mind that any tools used to backup the server might no longer be
> > trust
You dumbass. Everybody knows you don't try to fix a compromised
machine. You take it in stride, wipe the drives and start all
over from a clean install.
j.
--
Jeremy L. Gaddis <[EMAIL PROTECTED]>
-Original Message-
From: Ted Knab [mailto:[EMAIL PROTECTED] Behalf Of Thedore Knab
Sen
I haven't been able to gleen much about Webmin yet
as to whether it can support automating common ISP activities distributed among
multiple servers. Does Webmin or any other package provide a means of logging
onto a centralized web site (for ISPÂ employees only) to add radius user
accounts, P
On Sat, 5 Jan 2002, Jeremy L. Gaddis wrote:
> You dumbass. Everybody knows you don't try to fix a compromised
> machine. You take it in stride, wipe the drives and start all
> over from a clean install.
Would you mind terribly not airing your oh-so-superior views in public?
With such unbridled
> Good point! Having never dealt with the fuzz after being compromised,
> I have to ask what you would do if your server is a file server with
> lots of big, expensive drives where a company might not be able to
> afford replacing them all? Would they be happy with backups (keeping
> in mind tha
On Sat, Jan 05, 2002 at 01:43:24AM -0500, Thedore Knab wrote:
> Starting nmap V. 2.54BETA25 ( www.insecure.org/nmap/ )
> Interesting ports on dns1.mywork.edu :
> (The 1540 ports scanned but not shown below are in state: closed)
^^
You seem to have only scanned your well-known ports?
On Sun, 6 Jan 2002 04:08, Jason Lim wrote:
> From my experience, police like data untampered and in exactly the same
> form and such when the intrusion occurred. That means the exact same
> disks, not a tape backup or something. Sometimes backups can miss stuff,
> or as mentione previously, the bac
How does this sound ?
The system has been rebuilt.
It is running Bind 9.2 chroot version on RH 7.2. Someone else built it. I prefer
Debian or OpenBSD. I will add tripwire and chkroot kit to run as a cron
job.
The harddrives will be saved for further investigation at a later date.
Since the hard
hello all,
for the life of me i cant figure out the reg exp PHP manual, can someone please
help me with ereg_replace() or preg_replace() in PHP. i have a string wherein
i want to replace all occurences of characters outside of "a-z0-9" with nothing.
tia,
sib
> 3) Add this to authorized_keys for the above account, specifying the
> command that logins with this key are allowed to run. See command="" in
> sshd(1).
I can't find the document about this section, can you show me
some reference or examples? Many thanks.
--
Patrick Hsieh <[EMAIL PROTECTED]>
Heya,
I've got a project coming up to create a chroot'ed environment, using
the grsecurity patches for added security, that provides a separate
encapsulated "virtual machine" for each user or group of users. I want
to build the environment the users get chroot'ed into using debian
package tools.
On Mon, Jan 07, 2002 at 03:48:25PM +1100, Kevin Littlejohn wrote:
> What I'm wondering is, what's the best way to start this process?
> Assuming I have a partition set aside (which will be mounted read-only)
> to act as the root filesystem for the chroot cage, how do I get the
> basic file layout,
27 matches
Mail list logo
