On Thu, Mar 23, 2000 at 04:26:59PM +, Tim Haynes wrote:
> My first attempt was exactly that (well unless I've misunderstood something
> about the lack of 's/'); it messes up the end of line, basically everything
> beyond the bit the LHS matches. Hence the above amendment after some testing.
> T
On Thu, Mar 23, 2000 at 03:42:31PM +, Martyn Pearce wrote:
>
> Tim Haynes writes:
> | Not quite. It seems to ignore the filename on the end of the #! line, and
> | you forgot my mod to make it do the right thing re: 'rest of line' :
> |
> | #!/usr/bin/perl -npi.bak
> |
> | s/^root:[
Tim Haynes writes:
| Not quite. It seems to ignore the filename on the end of the #! line, and you
| forgot my mod to make it do the right thing re: 'rest of line' :
|
| #!/usr/bin/perl -npi.bak
|
| s/^root:[^:]*:(.*)$/root:pants:\1/o
That should be $1 in the replacement. \1 works
On Thu, Mar 23, 2000 at 04:03:55PM +0100, Sven LUTHER wrote:
> > Because it is actually "netstat -anp" that will (also) list the
> > services. The reason for using nmap is that it is a popular tool
> > for ... mapping other's people machines. As such, you may want to
> > know about its existen
On Thu, Mar 23, 2000 at 10:38:54AM -0400, Peter Cordes wrote:
[me]
> > OTOH it's only going to take a wee fraction of a second to happen and it's
> > not as though everyone logs every process that happens...
>
> They might well do so if they knew the root password was getting changed by
> a cron
On Thu, Mar 23, 2000 at 02:36:20PM +, Sergio Brandano wrote:
>
> > My thought of the day: why nmap localhost, rather than netstat -a
> > or -an ?
>
> Because it is actually "netstat -anp" that will (also) list the
> services. The reason for using nmap is that it is a popular tool
> for ...
Hi, it´s nice to know that my subject is still an issue :) Anyway, let's
see,
sorry for the intrusion here, the thanks can go to Tim Haynes
<[EMAIL PROTECTED]> since he helped me out on this issue :) Cheers
Tim. Anyway, what I found out was that perl -npi.bak -e
's/^root:[^:]*:/root:pants/
-BEGIN PGP SIGNED MESSAGE-
On Thu, 23 Mar 2000, Sergio Brandano wrote:
>
> > My thought of the day: why nmap localhost, rather than netstat -a
> > or -an ?
>
> Because it is actually "netstat -anp" that will (also) list the
> services. The reason for using nmap is that it is a popular
On Thu, Mar 23, 2000 at 01:00:55PM +0100, Tollef Fog Heen wrote:
> * Sergio Brandano
>
> | I am using gdm. Let see how I can do that. Anyway, will this affect
> | ssh?
>
> Yes, but you can run Xev (X-in-a-window) and ssh from there. This
> is safer as well if you are really paranoid, sinc
On Thu, Mar 23, 2000 at 11:04:17AM +, Tim Haynes wrote:
> OTOH it's only going to take a wee fraction of a second to happen and it's not
> as though everyone logs every process that happens...
They might well do so if they knew the root password was getting changed by
a cron job! They would
> My thought of the day: why nmap localhost, rather than netstat -a
> or -an ?
Because it is actually "netstat -anp" that will (also) list the
services. The reason for using nmap is that it is a popular tool
for ... mapping other's people machines. As such, you may want to
know about its exis
On Thu, Mar 23, 2000 at 02:01:26PM +, Gareth Bowker wrote:
> It's quite a useful document, certainly. I've only got one comment on it,
> which is to explain what the changes are that are being made: i.e.
> disabling tcp listening for X means that you can't run remote X sessions
> from the mach
Thank you Gareth. I certainly will improve that article as time
allows. Please feel free to actively contribute to it. If explicit
text is sent to me, I will include it in the new version, and your
name will appear in the list of contributors.
Thank's again.
All the best,
Sergio
It's quite a useful document, certainly. I've only got one comment on it,
which is to explain what the changes are that are being made: i.e.
disabling tcp listening for X means that you can't run remote X sessions from
the machine blah blah, but that crackers can't blah blah.
It just makes it cl
http://www.dcs.qmw.ac.uk/~sb/PowerBook.html
Feedback and improvements are very welcome.
Thank you for your past contributions.
Sergio
On 23 Mar 2000, Tollef Fog Heen wrote:
> Yes, but you can run Xev (X-in-a-window) and ssh from there. This
> is safer as well if you are really paranoid, since then you trust
> the remote sshd less.
Is Xev packaged for debian? If yes, what is the package, if no, where can
I find out more a
* "Neil D. Roberts"
| What I mean basically is so that when the root password gets changed
| accidentally, this process sets it back to what it was.
We had this happen in our school, and after that we added a second
user with uid = 0. Also, we could have used sudo, so that a
semi-priviled
> Yes, but you can run Xev (X-in-a-window) and ssh from there. This
> is safer as well if you are really paranoid, since then you trust
> the remote sshd less.
There does not seem to be a package for it. Does it come with Debian?
Sergio
* Sergio Brandano
| I am using gdm. Let see how I can do that. Anyway, will this affect
| ssh?
Yes, but you can run Xev (X-in-a-window) and ssh from there. This
is safer as well if you are really paranoid, since then you trust
the remote sshd less.
--
Tollef Fog Heen
Unix _IS_ user f
On Thu, Mar 23, 2000 at 08:04:28PM +1100, Herbert Xu wrote:
> Brian May <[EMAIL PROTECTED]> wrote:
> >> "Tim" == Tim Haynes <[EMAIL PROTECTED]> writes:
>
> > Tim>perl -npi.bak -e 's/^root:[^:]*:/root:pants/o' \
> > Tim> /etc/shadow
>
> > Just a nitpick for the very security paran
On 23 Mar 2000, Brian May wrote:
> Tim> perl -npi.bak -e 's/^root:[^:]*:/root:pants/o'
> Tim> /etc/shadow
> Just a nitpick for the very security paranoid (ie myself!):
> The encrypted password will show up in the ps listing...
> Out of curiosity: Is there anyway to avoid this?
put th
Brian May <[EMAIL PROTECTED]> wrote:
>> "Tim" == Tim Haynes <[EMAIL PROTECTED]> writes:
> Tim> perl -npi.bak -e 's/^root:[^:]*:/root:pants/o'
> Tim> /etc/shadow
> Just a nitpick for the very security paranoid (ie myself!):
> The encrypted password will show up in the ps listing.
> "Tim" == Tim Haynes <[EMAIL PROTECTED]> writes:
Tim>perl -npi.bak -e 's/^root:[^:]*:/root:pants/o'
Tim> /etc/shadow
Just a nitpick for the very security paranoid (ie myself!):
The encrypted password will show up in the ps listing...
Out of curiosity: Is there anyway to avo
-BEGIN PGP SIGNED MESSAGE-
On Wed, 22 Mar 2000, Alexander Hvostov wrote:
> Brian (and everyone, for that matter),
>
> I configured ORBit to use Unix sockets as you said to do. A pleasant side
> effect of this is that GNOME seems to be faster.
>
> An unpleasant side effect is that ORBit
Alexander Hvostov wrote:
> That sounds like it should be filed in a bug report, wouldn't you agree?
Good thinking. It looks like a similar bug has been open for a while;
I'll go tell Chris to to fix it.
--
Brian Kimball
Brian,
That sounds like it should be filed in a bug report, wouldn't you agree?
Regards,
Alex.
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
G e-- h++ r--- y
--END GEEK CODE BLOCK--
O
Brian (and everyone, for that matter),
I configured ORBit to use Unix sockets as you said to do. A pleasant side
effect of this is that GNOME seems to be faster.
An unpleasant side effect is that ORBit is now placing sockets in /tmp,
which looks like it may be vulnerable to a symlink attack. Anyo
Brian,
Check /etc/esound/esd.conf. Change auto_spawn=1 to 0.
Also, esd has an option for using Unix sockets, but it says that they're
disabled for "security reasons". Anyone have any idea why?
Regards,
Alex.
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCM d- s:+ a--- C UL P L+++ E W+
And to stop xdm's port add "-udpPort 0" to /etc/init.d/xdm
something like:
start-stop-daemon --start --quiet --pid $PIDFILE --exec $DAEMON -- -udpPort 0
|| echo -n " already running"
or prefered in /etc/X11/xdm/xdm-config add
DisplayManager.requestPort: 0
J.Currey
On Wed, Mar 22, 2
On Wed, Mar 22, 2000 at 11:33:04AM +0100, Neil D. Roberts wrote:
> Thanks Tim ! :)
>
> So this line changes the root password ? Ok, the password has a nice
> length,
> with upper and lower case, numbers and a couple simbols. Pretty solid ?
> Anyway, so
> what does "perl -npi.bak -e 's/^root:
One more thing: you can also add these lines to /etc/orbitrc to make
them system-wide defaults. This file doesn't seem to be included in
Debian, I guess it's another undocumented feature.
Brian Kimball wrote:
> $ cat ~/.orbitrc
> ORBIIOPUSock=1
> ORBIIOPIPv4=0
> ORBIIOPIPv6=0
> $
--
Brian Kim
With all this automatic password changing stuff, and people making little
perl progs and stuff to do it and all, wouldn't it be easier to just
use "usermod" to change the password (it can do that, you supply the
password on the command line in encrypted form).
usermod -p encryptedpasswd root
You
33 matches
Mail list logo
