I've been watching a computer over the past week attempt to connect to a
few high level ports (3094, 3095, 3093) on my small home network
(AT&T@Home). My Debian firewall is running Ipchains, which I think is set
up right and blocks most ports. All the traffic is coming from port 80
with an I
I have a question about /etc/passwd...
I typically go thru and put a * in all accounts except for 'root' and change
the shell to '/bin/false' when I first setup a box, to make sure the account
cannot be logged into. Is there a specific reason why this is not done? Are
there any implications I jus
A nice nastygram to the ISP admin is about all you can do. Often
that makes the scans stop, and every so often you'll actually get a
RESPONSE! Cut-n-paste the relevant info and include that in the
nastygram (they like to be able to match IPs with login times to find and
root out skr1pt K1dd13z.
tcpwrappers and a firewall are your two best bets. You can provide false info
or whatever you want with tcpwrappers, and a firewall can prevent them from
getting information off your ports. These have always worked for me well.
...adam
On Thu, Feb 01, 2001 at 08:18:19PM -0600, Jason Arden w
Can anyone recommend a program to stop people from
portscanning your server... or maybe put out some false information, like lets
say 20 pages of open ports?
-Jason
Thanks for your time...
Can anyone recommend a program to stop people from
portscanning your server... or maybe put out some false information, like lets
say 20 pages of open ports?
-Jason
Thanks for your time...
tcpwrappers and a firewall are your two best bets. You can provide false info or
whatever you want with tcpwrappers, and a firewall can prevent them from getting
information off your ports. These have always worked for me well.
...adam
On Thu, Feb 01, 2001 at 08:18:19PM -0600, Jason Arden
A nice nastygram to the ISP admin is about all you can do. Often
that makes the scans stop, and every so often you'll actually get a
RESPONSE! Cut-n-paste the relevant info and include that in the
nastygram (they like to be able to match IPs with login times to find and
root out skr1pt K1dd13z.
Lucien,
I've proposed a secure by default configuration for new Debian
installations on this list before. It drew harsh criticism from at least
one person whose belief it was that those who lack the knowledge to secure
their systems deserve to be rooted. Because of this attitude, and the
fact that
On Thu, Feb 01, 2001 at 02:12:40PM +0100, Mathieu Dessus wrote:
> This is not directly related to this thread, but this post reminds me
> that generally the translations pages of Security Information page (
> http://www.debian.org/security/ ) are generally not up to date.
> And with the automatic s
On Thu, Feb 01, 2001 at 07:36:39PM +, Robert Lazzurs wrote:
> On Thu, 1 Feb 2001, Tal Danzig wrote:
>
> > On Wed, Jan 31, 2001 at 02:32:50PM +0100, Niklas H?glund (ETX) wrote:
> > > Hi!
> > > I'm running woody, should have
> > > "deb http://security.debian.org potato/updates ..."
> > > in my s
On Thu, 1 Feb 2001, Tal Danzig wrote:
> On Wed, Jan 31, 2001 at 02:32:50PM +0100, Niklas H?glund (ETX) wrote:
> > Hi!
> > I'm running woody, should have
> > "deb http://security.debian.org potato/updates ..."
> > in my sources.list, as there is no
> > "deb http://security.debian.org woody/updates
On Wed, Jan 31, 2001 at 02:32:50PM +0100, Niklas H?glund (ETX) wrote:
> Hi!
> I'm running woody, should have
> "deb http://security.debian.org potato/updates ..."
> in my sources.list, as there is no
> "deb http://security.debian.org woody/updates ..."
> ?
Security updates are available only for s
Lucien,
I've proposed a secure by default configuration for new Debian
installations on this list before. It drew harsh criticism from at least
one person whose belief it was that those who lack the knowledge to secure
their systems deserve to be rooted. Because of this attitude, and the
fact tha
On Thu, Feb 01, 2001 at 02:12:40PM +0100, Mathieu Dessus wrote:
> This is not directly related to this thread, but this post reminds me
> that generally the translations pages of Security Information page (
> http://www.debian.org/security/ ) are generally not up to date.
> And with the automatic
On Thu, Feb 01, 2001 at 07:36:39PM +, Robert Lazzurs wrote:
> On Thu, 1 Feb 2001, Tal Danzig wrote:
>
> > On Wed, Jan 31, 2001 at 02:32:50PM +0100, Niklas H?glund (ETX) wrote:
> > > Hi!
> > > I'm running woody, should have
> > > "deb http://security.debian.org potato/updates ..."
> > > in my
On Wed, Jan 31, 2001 at 02:32:50PM +0100, Niklas H?glund (ETX) wrote:
> Hi!
> I'm running woody, should have
> "deb http://security.debian.org potato/updates ..."
> in my sources.list, as there is no
> "deb http://security.debian.org woody/updates ..."
> ?
Security updates are available only for
On Thu, 1 Feb 2001, Tal Danzig wrote:
> On Wed, Jan 31, 2001 at 02:32:50PM +0100, Niklas H?glund (ETX) wrote:
> > Hi!
> > I'm running woody, should have
> > "deb http://security.debian.org potato/updates ..."
> > in my sources.list, as there is no
> > "deb http://security.debian.org woody/updates
On Thu, 1 Feb 2001, Viljo Marrandi wrote:
> > > > > > > could you please help me select proper solution for port
> > > > > > > forwarding (one IP, Potato firewall and internal WWW
> > > > > > > server to be accessed from Internet).
>
> I used 'ipmasqadm portfw', worked perfectly (potato ext firewa
Daniel Jacobowitz wrote:
>
> On Wed, Jan 31, 2001 at 08:56:24AM +1100, Craig Small wrote:
> > G'day,
> > I'm writing this to express my frustration at the slowness Debian
> > seems to be afflicted with when it comes to letting people know about
> > our security vulnerabilities and fixes.
> >
> >
On 1 Feb 2001, Rainer Weikusat wrote:
> Given dynamic IPs, he can't, as hosts aren't associated with
> particular IPs, but with randomly changing ones. For instance, a
> homebrew ISDN router with an aggressive huptimeout (20s) will change
> IPs comparatively fast, but still remain the same host.
Niklas Höglund (ETX) wrote:
>
> Hi!
> I'm running woody, should have
> "deb http://security.debian.org potato/updates ..."
> in my sources.list, as there is no
> "deb http://security.debian.org woody/updates ..."
> ?
I'd also like to know this, as I am running "testing" right now.
--
[EMAIL PRO
> > > > > > could you please help me select proper solution for port
> > > > > > forwarding (one IP, Potato firewall and internal WWW
> > > > > > server to be accessed from Internet).
I used 'ipmasqadm portfw', worked perfectly (potato ext firewall -> int
https server. If you already have masquera
Daniel Jacobowitz wrote:
>
> On Wed, Jan 31, 2001 at 08:56:24AM +1100, Craig Small wrote:
> > G'day,
> > I'm writing this to express my frustration at the slowness Debian
> > seems to be afflicted with when it comes to letting people know about
> > our security vulnerabilities and fixes.
> >
>
On Thu, 1 Feb 2001, Viljo Marrandi wrote:
> > > > > > > could you please help me select proper solution for port
> > > > > > > forwarding (one IP, Potato firewall and internal WWW
> > > > > > > server to be accessed from Internet).
>
> I used 'ipmasqadm portfw', worked perfectly (potato ext firew
On 1 Feb 2001, Rainer Weikusat wrote:
> Given dynamic IPs, he can't, as hosts aren't associated with
> particular IPs, but with randomly changing ones. For instance, a
> homebrew ISDN router with an aggressive huptimeout (20s) will change
> IPs comparatively fast, but still remain the same host.
-BEGIN PGP SIGNED MESSAGE-
On Thursday 01 February 2001 07:01, Daniel Jacobowitz wrote:
> On Wed, Jan 31, 2001 at 08:56:24AM +1100, Craig Small wrote:
> > G'day,
> > I'm writing this to express my frustration at the slowness Debian
> > seems to be afflicted with when it comes to letting
Niklas Höglund (ETX) wrote:
>
> Hi!
> I'm running woody, should have
> "deb http://security.debian.org potato/updates ..."
> in my sources.list, as there is no
> "deb http://security.debian.org woody/updates ..."
> ?
I'd also like to know this, as I am running "testing" right now.
--
[EMAIL PR
Hi!
I'm running woody, should have
"deb http://security.debian.org potato/updates ..."
in my sources.list, as there is no
"deb http://security.debian.org woody/updates ..."
?
//Niklas
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTEC
> > > > > > could you please help me select proper solution for port
> > > > > > forwarding (one IP, Potato firewall and internal WWW
> > > > > > server to be accessed from Internet).
I used 'ipmasqadm portfw', worked perfectly (potato ext firewall -> int
https server. If you already have masquer
Even more stable: use fastforward (it's on freshmeat somewhere).
Eelco
On Thu, 1 Feb 2001, [iso-8859-1] Johan Bergstr?m wrote:
>
> There is also a little application called redir.
> Simple and easy.
>
> Johbe
>
> On Thu, 1 Feb 2001, Michael Boman wrote:
>
> > Kelsey Damas wrote:
> > >
> > >
There is also a little application called redir.
Simple and easy.
Johbe
On Thu, 1 Feb 2001, Michael Boman wrote:
> Kelsey Damas wrote:
> >
> > > > could you please help me select proper solution for port
> > > > forwarding (one IP, Potato firewall and internal WWW
> > > > server to be accessed
-BEGIN PGP SIGNED MESSAGE-
On Thursday 01 February 2001 07:01, Daniel Jacobowitz wrote:
> On Wed, Jan 31, 2001 at 08:56:24AM +1100, Craig Small wrote:
> > G'day,
> > I'm writing this to express my frustration at the slowness Debian
> > seems to be afflicted with when it comes to letting
Even more stable: use fastforward (it's on freshmeat somewhere).
Eelco
On Thu, 1 Feb 2001, [iso-8859-1] Johan Bergström wrote:
>
> There is also a little application called redir.
> Simple and easy.
>
> Johbe
>
> On Thu, 1 Feb 2001, Michael Boman wrote:
>
> > Kelsey Damas wrote:
> > >
> > >
Hi,
could you please help me select proper solution for port
forwarding (one IP, Potato firewall and internal WWW
server to be accessed from Internet).
It is hard to belive that the only solution for kernel
2.2.17 is patching it with experimental ipmasqadm module.
Are there any other secure and
There is also a little application called redir.
Simple and easy.
Johbe
On Thu, 1 Feb 2001, Michael Boman wrote:
> Kelsey Damas wrote:
> >
> > > > could you please help me select proper solution for port
> > > > forwarding (one IP, Potato firewall and internal WWW
> > > > server to be accessed
> could you please help me select proper solution for port
> forwarding (one IP, Potato firewall and internal WWW
> server to be accessed from Internet).
http://rdb.linux-help.org/ipmasq/ipmasq.php3#ipmasqadm
> It is hard to belive that the only solution for kernel
> 2.2.17 is patching it with e
thomas lakofski <[EMAIL PROTECTED]> writes:
> On Wed, 31 Jan 2001, Quietman wrote:
> > On Wed, Jan 31, 2001 at 12:54:41AM +, Quietman wrote:
> > > Excuse me if I'm missing the point, but what will this show other than
> > > any rules you already have in place?
> > And obviously, how many packet
On Wed, 31 Jan 2001, Quietman wrote:
> On Wed, Jan 31, 2001 at 12:54:41AM +, Quietman wrote:
> > On Tue, Jan 30, 2001 at 04:56:12PM +, thomas lakofski wrote:
> > > ipchains -L -n
> > Excuse me if I'm missing the point, but what will this show other than
> > any rules you already have in p
On Wed, Jan 31, 2001 at 08:56:24AM +1100, Craig Small wrote:
> G'day,
> I'm writing this to express my frustration at the slowness Debian
> seems to be afflicted with when it comes to letting people know about
> our security vulnerabilities and fixes.
>
> We seem to be able to find, fix and uplo
40 matches
Mail list logo
