Is there a package out there that can monitor/test an ISP's connection
(using PPP) on a regular basis? Just something that'll start a PPP
connection, kill it immediately, and keep a log of it.
Thanks,
Tim
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubs
The package 'mgetty' does the trick nicely.
It has a debian package but you can read up on it at:
http://alpha.greenie.net/mgetty/
Tim.
> How do you configure Debian to authenticate an
> incoming call. or where to find info on doing this.
You were probably looking for RADIUS or something.
mgetty is for tty handling.
I use cistron based radius daemon.
Sorry about the confusion,
Tim.
> The package 'mgetty' does the trick nicely.
>
> It has a debian package but you can read up on it at:
> http://al
tch and we can modifiy configs.
-Tim
On Fri, May 23, 2003 at 03:39:35PM +0200, Volker Tanger wrote:
> Greetings!
>
> On Fri, 23 May 2003 14:48:27 +0200 "debian-isp"
> <[EMAIL PROTECTED]> wrote:
>
> > We are just considering if we should try to set up our fir
The package 'mgetty' does the trick nicely.
It has a debian package but you can read up on it at:
http://alpha.greenie.net/mgetty/
Tim.
> How do you configure Debian to authenticate an
> incoming call. or where to find info on doing this.
--
To UNSUBSCRIBE,
You were probably looking for RADIUS or something.
mgetty is for tty handling.
I use cistron based radius daemon.
Sorry about the confusion,
Tim.
> The package 'mgetty' does the trick nicely.
>
> It has a debian package but you can read up on it at:
> http://al
vers.com.au
Thanks for your time and I welcome any inquiries you may have. There
in an online chat system on the site, or, we can be contacted directly
at [EMAIL PROTECTED]
We are here to serve!
Kind regards,
Tim Rignold
Dedicated Servers Australia
Dedicated Servers is a 100% Australian Ow
Gene Grimm wrote:
> This network has been driving me nuts for weeks and this is only making it
> worse. Here are the extracts from the maillog file coming from my
> workstation. It makes no difference if I use the HELO protocol, and there is
> an PTR entry in the in-addr.arpa zone for this address
You could use 'iproute2'
I'm sure this is covered in:
http://www.linuxdoc.org/HOWTO/Adv-Routing-HOWTO.html
Regards
Tim
<<< Alejandro Borges <[EMAIL PROTECTED]> 9/18 4:06a >>>
My bw providers wants me to limit my 128kb connection because thats what
i
r did (I bit the bullet and
converted all my pages to php by hand) but If you try it I would love to
hear about your experiences.
:wq
Tim Uckun
US Investigations Services/Due Diligence
http://www.diligence.com/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
here is how you would setup a transparent proxy with
2.4.
http://netfilter.samba.org/netfilter-faq-3.html#ss3.12
I would guess the debian image has the necessary netfilter modules.
--
Tim Moss
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
tent in your configurations you should be OK.
------
Tim Uckun
Mobile Intelligence Unit.
------
"There are some who call me TIM?"
--
--
To UNSUBSCRIBE, email to [EMA
x27; would be favourite.
> Who should this thing be reported to to get it stopped?
jason @ openfind.com.tw, according to whois. You might also consider
finding someone at seed.net.tw or even wcg.net, to drop a mail to.
~Tim
--
Sometimes you're the pigeon,|[EMAIL PROTECTED
On Thu, 11 Oct 2001 16:17:49 +0200
"Craig" <[EMAIL PROTECTED]> wrote:
> Hi Guys
>
> Does anyone know of accounting software that can run on Linux,
> with Point of Sale capabilities ?>
>
I've never tried this, just read about it a couple days ago. Might be
something to check out.
http://nola.n
On Fri, 12 Oct 2001 09:55:31 -0400
"A.Sleep" <[EMAIL PROTECTED]> wrote:
> Oddly, this is the first time I've had this issue...
>
> I've added my User and Group directives in the vhosts in my vhost.conf
> and
> I'm getting Forbidden errors.
> Here's an example:
>
> The User and Group directives
I know this is not a complete solution, but for starters you could try 'chkrootkit':
http://packages.debian.org/unstable/misc/chkrootkit.html
http://www.chkrootkit.org/
Stable doesn't have a package but I'm sure you could build the unstable .deb from
source.
Regards
> Never really looked into how reliable that is, but it's there. I'd like to
> see apt-get support some sort of 'reinstall' command.
apt-get install --reinstall package
Regards
Tim
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubs
I am concerned about pop passwords being transmitted plaintext. Does imap
encrypt passwords? if not does any protocol exists which does.
THX.
--
Tim Uckun
Mobile Intelligence Unit
a few questions about the password that it
>has. AFAIK it is not possible to work out the password at all from
>monitoring the network traffic.
I just checked my eudora and it seems to support APOP. Outlook express
supports something called SPA does anybody know what that is?
--------
> 210.86.20.213:1621 194.102.92.21:6000 L=48 S=0x00 I=52039 F=0x4000 T=102
> SYN (#1)
Paste it into the ipchains analyser at <http://logi.cc/>; that'll tell you
about every word in detail.
~Tim
--
Clouds cross the black moonlight, |[EMAIL PROTECTED]
Rushing on
sistent-superblock 1
device /dev/sdb2
raid-disk 0
device /dev/sda2
failed-disk 1
Regards,
Tim
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
how about setting the user's shell to /bin/true. this allows ftp, but no
login shell. so it may work for scp as well.
-- Forwarded Message --
Subject: scp, no ssh
Date: Wed, 9 Jan 2002 09:49:10 +0100
From: Robert Janusz <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
How to allow
On Wednesday 09 January 2002 21:23, Joel Michael wrote:
> On Thu, 2002-01-10 at 12:19, Tim Quinlan wrote:
> > how about setting the user's shell to /bin/true. this allows ftp, but no
> > login shell. so it may work for scp as well.
>
> This is true, but you can s
Apparently, on Sat, Jan 19, 2002 at 09:44:34PM -0500, Gene Grimm wrote:
> Does anyone know of a open source package for providing access to a POP3
> mail box via a web interface?
>
I just setup openwebmail (http://openwebmail.org/) and it's working out
very well. It's only been a couple days but,
running unstable for a number of reasons, and for the last two
uploaded versions, you can't even log in.
Tim
> ii cyrus-admin1.5.19-2 Cyrus mail system (administration tool)
> ii cyrus-common 1.5.19-2 Cyrus mail system (common files)
> ii cyrus-imapd1.5.19
This is what happens (I believe) when you don't have the loopback up
(ifup lo)
Tim
On Fri, 2002-01-25 at 00:49, James Mclean wrote:
>
>
> All,
>
> I have just returned from setting up a small internet cafe, where the server is
> based on Debian Woody.
>
>
properly. This is
driving me nuts.
:wq
Tim Uckun
US Investigations Services/Due Diligence
http://www.diligence.com/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
istening but not answering?
:wq
Tim Uckun
US Investigations Services/Due Diligence
http://www.diligence.com/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
oot using the
switch!. I went home after that. Something is very very broken but I have
no idea what it is..
--
Tim Uckun
Mobile Intelligence Unit.
--
"There are some who call me TIM?&q
ing from scratch.
BTW is it possible to downgrade your debian from unstable to testing? I am
also thinking about doing that.
:wq
Tim Uckun
US Investigations Services/Due Diligence
http://www.diligence.com/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
networking, syslog, just about anything that needs /proc to me mounted
and readable.
> Sometimes when I upgrade from stable to unstable, I have had some packages
> not reinstalled and some software didn't start that should have.
This machine was running unstable for quite some time, stabley. :)
Tim
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> kernel, etc... and as we all know, jumping from "stable" to "unstable" is
> problem-prone and doesn't worth flawlessly every time.
Why jump all the way to unstable, why not use testing? Testing is
usually stable enough for most applications plus the various software
packages are pretty up to
application.
The distribution should be able to incorporate manually installed
applications (make install)
It should be possible to reconstruct the package database from the disk drive.
all that and apt goodness too of course.
feel free to add your own to the list.
:wq
Tim Uckun
US Investigations
Is it possible to move backwards from debian unstable to testing?
:wq
Tim Uckun
US Investigations Services/Due Diligence
http://www.diligence.com/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Apparently, on Tue, Mar 05, 2002 at 10:06:29AM -0500, Jeff S Wheeler wrote:
> Can anyone recommend some inexpensive GIGE NICs that use CAT 5 instead
> of fibre pairs? I just want to run some back-to-back from a busy NFS
> server to a couple of its clients for now. I have not even looked into
> G
umber than I thought. I see nothing but a mere mention of
maildir in one or two spots. Can you give a little more obvious pointer?
Tim
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
NoCatAuth (nocat.net) does exactly this. Although I think NoCat is
designed with wireless in mind. Not sure if it works with normal wired
network cards, but I can't see any reason why it wouldn't.
On Wed, 30 Oct 2002, C. R. Oldham wrote:
> > I don't believe it's possible to have a user log in t
I agree. If you are running in a production environment that is exposed
to the Internet definently stick with stable. It's much easier to compile
a few "latest and greatest" programs that fit your needs than it is to
keep track of and compile all of the security updates.
On Fri, 15 Nov 2002, Rob
Well, you have to commend Mark's honesty. He did say, "I really didn't
want to use this excellent mailing list as a sales platform." And he
answered the question.
It's better than being subversive and saying something like, "I am a
_very_ _happy_ customer of company XYZ. They rule"
On Mon,
hings that portscans/other non-normal network behaviour can create.
However I will still side with you on the fact that abnormal behaviour
should be handled and discarded by the software.
Oh well.
My two cents worth.
-Tim
>
> --
> http://www.coker.com.au/selinux/ My NSA Security Enhanc
On Mon, 24 Feb 2003, Russell Coker wrote:
> On Mon, 24 Feb 2003 10:59, Tim Spriggs wrote:
> > > That's the only thing to do, if someone is excessively scanning you then
> > > you block their IP addresses for a while. Of course you can't be too
> > > trigg
have a linux firewall that
routed all ssh/mail/other user services to a single box and then keep all
of the system level crap on another (such as our LDAP server and backup
client).
As of right now, I can think of way too many ways that this thing is
holier than the pope's golf cl
Thanks everyone.
-Tim
< PRE >
##--##--##--##--##--##--##--##--##--##--##--##--##
| T I MS P R I G G S |
|Assistant Sysadmin - Development|
|College of Engineering and Mines|
|ECE206A - (520) 62
If you don't want to run a name service, you could add the hosts you connect
from into /etc/hosts.
Tim.
- Original Message -
From: "Tamas TEVESZ" <[EMAIL PROTECTED]>
To: "Áts Attila" <[EMAIL PROTECTED]>
Cc:
Sent: Thursday, June 29, 2000 7:15 AM
Subj
nd each MTA to its own
interface, that way they can both run on port 25, but exim on your external
address, and domino on the internal one.
Tim.
I guess that means you have to keep those quad Ethernet Sun cards away.
Tim.
- Original Message -
From: "Marc Haber" <[EMAIL PROTECTED]>
To:
Sent: Saturday, March 17, 2001 7:50 PM
Subject: Re: arpwatch and more
> On Fri, 16 Mar 2001 13:05:06 -0800, Mike Fedy
I am using a DDS3 tape drive and was just wanting to know what you all use
for backups. Do you write your own scripts or use a frontend/utility/program
to help out?
Tim.
Have you ifconfig'd the additional addresses you are going to use?
Tim.
- Original Message -
From: "Y2KNET" <[EMAIL PROTECTED]>
To:
Sent: Thursday, April 05, 2001 1:40 PM
Subject: Virtual Hosts
> When I remotely or internally telnet www.xyz.net,
> it does not
Read the ifconfig man page, bring up the addresses you need, then test
Apache. If all is good, throw the IP details in /etc/network/interfaces and
they will come up again after a reboot.
Tim.
- Original Message -
From: "Y2KNET" <[EMAIL PROTECTED]>
To: "Tim Kent&qu
w ;-)
Use squid, with the associated filters, and authentication methods.
Tim
--
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<
vers.com.au
Thanks for your time and I welcome any inquiries you may have. There
in an online chat system on the site, or, we can be contacted directly
at [EMAIL PROTECTED]
We are here to serve!
Kind regards,
Tim Rignold
Dedicated Servers Australia
Dedicated Servers is a 100% Australian Ow
On Thu, 11 Oct 2001 16:17:49 +0200
"Craig" <[EMAIL PROTECTED]> wrote:
> Hi Guys
>
> Does anyone know of accounting software that can run on Linux,
> with Point of Sale capabilities ?>
>
I've never tried this, just read about it a couple days ago. Might be
something to check out.
http://nola.no
On Fri, 12 Oct 2001 09:55:31 -0400
"A.Sleep" <[EMAIL PROTECTED]> wrote:
> Oddly, this is the first time I've had this issue...
>
> I've added my User and Group directives in the vhosts in my vhost.conf
> and
> I'm getting Forbidden errors.
> Here's an example:
>
> The User and Group directives a
here is how you would setup a transparent proxy with
2.4.
http://netfilter.samba.org/netfilter-faq-3.html#ss3.12
I would guess the debian image has the necessary netfilter modules.
--
Tim Moss
[EMAIL PROTECTED]
hould be OK.
--
Tim Uckun
Mobile Intelligence Unit.
--
"There are some who call me TIM?"
--
x27; would be favourite.
> Who should this thing be reported to to get it stopped?
jason @ openfind.com.tw, according to whois. You might also consider
finding someone at seed.net.tw or even wcg.net, to drop a mail to.
~Tim
--
Sometimes you're the pigeon,|[EMAIL PROTECTED
> 210.86.20.213:1621 194.102.92.21:6000 L=48 S=0x00 I=52039 F=0x4000 T=102
> SYN (#1)
Paste it into the ipchains analyser at <http://logi.cc/>; that'll tell you
about every word in detail.
~Tim
--
Clouds cross the black moonlight, |[EMAIL PROTECTED]
Rushing on
I know this is not a complete solution, but for starters you could try
'chkrootkit':
http://packages.debian.org/unstable/misc/chkrootkit.html
http://www.chkrootkit.org/
Stable doesn't have a package but I'm sure you could build the unstable .deb
from source.
Regards
> Never really looked into how reliable that is, but it's there. I'd like to
> see apt-get support some sort of 'reinstall' command.
apt-get install --reinstall package
Regards
Tim
I am concerned about pop passwords being transmitted plaintext. Does imap
encrypt passwords? if not does any protocol exists which does.
THX.
--
Tim Uckun
Mobile Intelligence Unit
. AFAIK it is not possible to work out the password at all from
monitoring the network traffic.
I just checked my eudora and it seems to support APOP. Outlook express
supports something called SPA does anybody know what that is?
------
Tim
sistent-superblock 1
device /dev/sdb2
raid-disk 0
device /dev/sda2
failed-disk 1
Regards,
Tim
how about setting the user's shell to /bin/true. this allows ftp, but no
login shell. so it may work for scp as well.
-- Forwarded Message --
Subject: scp, no ssh
Date: Wed, 9 Jan 2002 09:49:10 +0100
From: Robert Janusz <[EMAIL PROTECTED]>
To: debian-isp@lists.debian.org
How
On Wednesday 09 January 2002 21:23, Joel Michael wrote:
> On Thu, 2002-01-10 at 12:19, Tim Quinlan wrote:
> > how about setting the user's shell to /bin/true. this allows ftp, but no
> > login shell. so it may work for scp as well.
>
> This is true, but you can s
networking, syslog, just about anything that needs /proc to me mounted
and readable.
> Sometimes when I upgrade from stable to unstable, I have had some packages
> not reinstalled and some software didn't start that should have.
This machine was running unstable for quite some time, stabley. :)
Tim
> kernel, etc... and as we all know, jumping from "stable" to "unstable" is
> problem-prone and doesn't worth flawlessly every time.
Why jump all the way to unstable, why not use testing? Testing is
usually stable enough for most applications plus the various software
packages are pretty up to d
stribution should be able to incorporate manually installed
applications (make install)
It should be possible to reconstruct the package database from the disk drive.
all that and apt goodness too of course.
feel free to add your own to the list.
:wq
Tim Uckun
US Investigations Services
Is it possible to move backwards from debian unstable to testing?
:wq
Tim Uckun
US Investigations Services/Due Diligence
http://www.diligence.com/
NoCatAuth (nocat.net) does exactly this. Although I think NoCat is
designed with wireless in mind. Not sure if it works with normal wired
network cards, but I can't see any reason why it wouldn't.
On Wed, 30 Oct 2002, C. R. Oldham wrote:
> > I don't believe it's possible to have a user log in t
I agree. If you are running in a production environment that is exposed
to the Internet definently stick with stable. It's much easier to compile
a few "latest and greatest" programs that fit your needs than it is to
keep track of and compile all of the security updates.
On Fri, 15 Nov 2002, Rob
Thanks everyone.
-Tim
< PRE >
##--##--##--##--##--##--##--##--##--##--##--##--##
| T I MS P R I G G S |
|Assistant Sysadmin - Development|
|College of Engineering and Mines|
|ECE206A - (520) 62
a package that I can use to monitor a whole range of
systems remotely? Any help appreciated.
Tim Philp
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
If you are unable to view the images in this email, please copy and paste the following url into your browser...http://www.haestad.com/cq_cq_20030514
This message is intended for civil engineers and water resource professionals. If it h
Russell Coker <[EMAIL PROTECTED]> said on Sat, 19 Jun 2004 19:54:55 +1000:
> On Sat, 19 Jun 2004 18:04, Adam Funk <[EMAIL PROTECTED]> wrote:
> > On Saturday 19 June 2004 07:50, Russell Coker wrote:
> > > By far the most false-positive entries I have had are from
> > > postmaster.rfc-ignorant.org an
If you are unable to view the images in this email, please copy and paste the following url into your browser...http://www.haestad.com/cq_cq_20030514
This message is intended for civil engineers and water resource professionals. If it h
Russell Coker <[EMAIL PROTECTED]> said on Sat, 19 Jun 2004 19:54:55 +1000:
> On Sat, 19 Jun 2004 18:04, Adam Funk <[EMAIL PROTECTED]> wrote:
> > On Saturday 19 June 2004 07:50, Russell Coker wrote:
> > > By far the most false-positive entries I have had are from
> > > postmaster.rfc-ignorant.org an
If you don't want to run a name service, you could add the hosts you connect
from into /etc/hosts.
Tim.
- Original Message -
From: "Tamas TEVESZ" <[EMAIL PROTECTED]>
To: "Áts Attila" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, J
nd each MTA to its own
interface, that way they can both run on port 25, but exim on your external
address, and domino on the internal one.
Tim.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
I guess that means you have to keep those quad Ethernet Sun cards away.
Tim.
- Original Message -
From: "Marc Haber" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, March 17, 2001 7:50 PM
Subject: Re: arpwatch and more
> On Fri, 16 Mar 2001 1
I am using a DDS3 tape drive and was just wanting to know what you all use
for backups. Do you write your own scripts or use a frontend/utility/program
to help out?
Tim.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Have you ifconfig'd the additional addresses you are going to use?
Tim.
- Original Message -
From: "Y2KNET" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, April 05, 2001 1:40 PM
Subject: Virtual Hosts
> When I remotely or internally tel
Read the ifconfig man page, bring up the addresses you need, then test
Apache. If all is good, throw the IP details in /etc/network/interfaces and
they will come up again after a reboot.
Tim.
- Original Message -
From: "Y2KNET" <[EMAIL PROTECTED]>
To: "Tim Kent&qu
w ;-)
Use squid, with the associated filters, and authentication methods.
Tim
--
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<
Hello list,
Has anyone experiences running PHP using suexec? All doku's are telling this
should not be use to keep the Performance of the Server up,
but is this still true for a today's dual XEON Machine? I need to feed about
1,5 Million hits a day, around 30 hits request .php files.
[EMAIL P
Hello list,
> My experience with PHP and suexec was less than favorable.
I have been playing around yesterday, but found nothing that worked perfect.
The Problem is that most of those Patches need a hashbang in the.php files
and all need a HTML-header sent out by the PHP skript. There are some
wr
Hello List
> >We are looking for simple unmanaged hosting service that provides Debian
> >3.0 as the baseline.
We are offering debian-based hosting. We have a 'default' setup for the
machines, but we will
install them the way the customer want's them to be. For further information
see www.domai
Hello List,
> I'm currently in the need of a complete virtual hosting solution.
Confixx could do the Job. The only Service it does not have is imap.
The mailuser it creates don't have a shell, so they have no space to store
the folders.
> I'm completely independent in the backend choice, but I t
http://httpd.apache.org/docs-2.0/mod/perchild.html
I tried that one, but the child-processes directly died. As it says, work is
ongoing to make it functional.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
http://www.tldp.org/HOWTO/Software-RAID-0.4x-HOWTO.html
- Original Message -
From: "Lem Bryant" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, August 13, 2002 4:44 PM
Subject: [Help] IDE Raid - Another Question
> I would like to implement a RAID 1 setup using software and the built in
> con
http://httpd.apache.org/docs-2.0/mod/perchild.html
I tried that one, but the child-processes directly died. As it says, work is
ongoing to make it functional.
Hello,
In our Serverfarm i found different Machines not working properly. They show
up complaining:
webbox:/chkrootkit# gzip -d
gzip: invalid option -- d
Segmentation fault
The binarys running are take a look at /proc/uptime, what they are not
supposed to do:
webbox:/chkrootkit# strace -eopen l
Hello,
> Looks almost same here:
Yes, but without those lines
> open("/proc/uptime", O_RDONLY) = 3
> open("/proc/4215/exe", O_RDONLY)= 3
This is in all binary's i have checked (echo, ifconfig, ...)
> The gzip thing looks really weird. Does chkrootkit show any evidents?
> maybe
Hello,
>just need to find one that offers additional protection WITHOUT
> needing a whole bunch of new config files to make and set,
I got stuck waiting for updated Kernel Security-Patches when new kernels are
released, so i use libsafe
(http://www.research.avayalabs.com/project/libsafe/) which s
Hello,
> Did you copy the gzip binary under the gzip name, or under another, and
> of course, the machine was "possibly infected" at the time?
Uh, i got so much stuff in my mind today, it's hard to remember ;-)
I think tried to ftp' the clean gzip binary named as 'gzip' and 'foo',
both where then
> I'm searching a solution to count in- and outgoing traffic for each
> virtual user (domain).
I searched for a solution some Month ago. All accounting i could find is
based on ipchains/iptables who are not working on
the needed Layer to seperate virtual Hosts. They just work up to the tcp
Layer,
> >There are Solutions to Account virtual Hosts, but the are not free.
>
> could you name these, please? would be interested in taking a closer
> look at this...
This was done by ip24 i think, but the company was bought by ipvalue
(www.ipvalue.de)
I dont't know what happened to that produnkt, i ca
> what exactly does this patch and how is it to be used? not much
> documentation on that site...
It creates an PROMISC chain that catches all pakets on the wire,
this is then connected to an hub just before the border router
ans sniffes the paktes, it goes like
iptables -t meter -P PROMISCUOUS
Hello,
In our Serverfarm i found different Machines not working properly. They show
up complaining:
webbox:/chkrootkit# gzip -d
gzip: invalid option -- d
Segmentation fault
The binarys running are take a look at /proc/uptime, what they are not
supposed to do:
webbox:/chkrootkit# strace -eopen l
Hello,
> Looks almost same here:
Yes, but without those lines
> open("/proc/uptime", O_RDONLY) = 3
> open("/proc/4215/exe", O_RDONLY)= 3
This is in all binary's i have checked (echo, ifconfig, ...)
> The gzip thing looks really weird. Does chkrootkit show any evidents?
> maybe
Hello,
>just need to find one that offers additional protection WITHOUT
> needing a whole bunch of new config files to make and set,
I got stuck waiting for updated Kernel Security-Patches when new kernels are
released, so i use libsafe
(http://www.research.avayalabs.com/project/libsafe/) which s
1 - 100 of 103 matches
Mail list logo
