On Fri, Mar 09, 2001 at 10:09:13PM -0600, Ted Cabeen wrote:
> Actually we trap illegal packets like this one in I15lospoof.def.
>
> :#: Deny and log all packets trying to come in from a 127.0.0.0/8 address
> :#: over a non-'lo' interface
Double-check that against the original question:
"is deb
In message <[EMAIL PROTECTED]>, Jim Breton writes:
>On Fri, Mar 09, 2001 at 08:49:54PM +, Jim Breton wrote:
>> # deny and log all packets trying to come in from a 127.0.0.0/8 address
>> # over a non-'lo' interface
>
>Oops. Just occurred to me that this is not what you were asking about.
>Why d
On Fri, Mar 09, 2001 at 08:49:54PM +, Jim Breton wrote:
> # deny and log all packets trying to come in from a 127.0.0.0/8 address
> # over a non-'lo' interface
Oops. Just occurred to me that this is not what you were asking about.
Why do I do such things?
Anyway.
/etc/ipmasq/rules/I90extern
On Fri, Mar 09, 2001 at 10:09:13PM -0600, Ted Cabeen wrote:
> Actually we trap illegal packets like this one in I15lospoof.def.
>
> :#: Deny and log all packets trying to come in from a 127.0.0.0/8 address
> :#: over a non-'lo' interface
Double-check that against the original question:
"is de
In message <[EMAIL PROTECTED]>, Jim Breton writes:
>On Fri, Mar 09, 2001 at 08:49:54PM +, Jim Breton wrote:
>> # deny and log all packets trying to come in from a 127.0.0.0/8 address
>> # over a non-'lo' interface
>
>Oops. Just occurred to me that this is not what you were asking about.
>Why
On Fri, Mar 09, 2001 at 08:49:54PM +, Jim Breton wrote:
> # deny and log all packets trying to come in from a 127.0.0.0/8 address
> # over a non-'lo' interface
Oops. Just occurred to me that this is not what you were asking about.
Why do I do such things?
Anyway.
/etc/ipmasq/rules/I90exter
I don't know if this could be exploited is any way, but here's something
that I've seen. This is on x86 on two machines and a ppc g3.
#su
#login
login:
^D
Segmentation fault
Maybe you guys can check this more.
Mike
Am Samstag, 10. März 2001 00:05 schrieb Kevin:
> Then they only have to compile their own version. Openwall shows only
> you when you run 'w' but shows everyone if you 'who'. Anyone know
> why?
No experience with tools like this (LIDS/Openwall etc.)
w and who are different binaries on my system,
also sprach Kevin (on Fri, 09 Mar 2001 04:05:17PM -0700):
> Then they only have to compile their own version. Openwall shows only
> you when you run 'w' but shows everyone if you 'who'. Anyone know
> why?
well, afaik w and who are two separate programs.
it appears that who uses utmp information
On Fri, Mar 09, 2001 at 04:05:17PM -0700, Kevin wrote:
>
>
> Then they only have to compile their own version. Openwall shows only
> you when you run 'w' but shows everyone if you 'who'. Anyone know
> why?
>
Because 'who' just read /var/log/wtmp, where as 'w' looks at the process that
current
Then they only have to compile their own version. Openwall shows only
you when you run 'w' but shows everyone if you 'who'. Anyone know
why?
--
Kevin - [EMAIL PROTECTED]
-- Original message --
> Am Freitag, 9. März 2001 23:40 schrieb Robert Mognet:
>> Hello,
>>
>> On Wed, Mar 07, 2001 at
Am Freitag, 9. März 2001 23:40 schrieb Robert Mognet:
> Hello,
>
> On Wed, Mar 07, 2001 at 05:03:55PM +0100, Niklas H?glund wrote:
> > Hi!
> > Anyone know where I can find a kernel patch that restricts users so..
> > 'who' shows only the user himself
> "who" is not a kernel function, it's a system
On Fri, Mar 09, 2001 at 05:40:03PM -0500, Robert Mognet wrote:
> > Anyone know where I can find a kernel patch that restricts users so..
> > 'who' shows only the user himself
>
> "who" is not a kernel function, it's a system utility.
That doesn't mean a kernel patch can't modify its behavior. Ha
Hello,
On Wed, Mar 07, 2001 at 05:03:55PM +0100, Niklas H?glund wrote:
> Hi!
> Anyone know where I can find a kernel patch that restricts users so..
> 'who' shows only the user himself
"who" is not a kernel function, it's a system utility.
Something like this will work:
alias who="me=`whoami`
On Fri, Mar 09, 2001 at 08:47:41AM -0400, Peter Cordes wrote:
> Yes. It uses rp_filter (this is controlled in /proc/sys/... Read
Also by:
/etc/ipmasq/rules/I15lospoof.def
if you have the ipmasq package installed:
# deny and log all packets trying to come in from a 127.0.0.0/8 address
# over
I don't know if this could be exploited is any way, but here's something
that I've seen. This is on x86 on two machines and a ppc g3.
#su
#login
login:
^D
Segmentation fault
Maybe you guys can check this more.
Mike
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscrib
Am Samstag, 10. März 2001 00:05 schrieb Kevin:
> Then they only have to compile their own version. Openwall shows only
> you when you run 'w' but shows everyone if you 'who'. Anyone know
> why?
No experience with tools like this (LIDS/Openwall etc.)
w and who are different binaries on my system,
also sprach Kevin (on Fri, 09 Mar 2001 04:05:17PM -0700):
> Then they only have to compile their own version. Openwall shows only
> you when you run 'w' but shows everyone if you 'who'. Anyone know
> why?
well, afaik w and who are two separate programs.
it appears that who uses utmp information
On Fri, Mar 09, 2001 at 04:05:17PM -0700, Kevin wrote:
>
>
> Then they only have to compile their own version. Openwall shows only
> you when you run 'w' but shows everyone if you 'who'. Anyone know
> why?
>
Because 'who' just read /var/log/wtmp, where as 'w' looks at the process that
curren
Then they only have to compile their own version. Openwall shows only
you when you run 'w' but shows everyone if you 'who'. Anyone know
why?
--
Kevin - [EMAIL PROTECTED]
-- Original message --
> Am Freitag, 9. März 2001 23:40 schrieb Robert Mognet:
>> Hello,
>>
>> On Wed, Mar 07, 2001 a
Am Freitag, 9. März 2001 23:40 schrieb Robert Mognet:
> Hello,
>
> On Wed, Mar 07, 2001 at 05:03:55PM +0100, Niklas H?glund wrote:
> > Hi!
> > Anyone know where I can find a kernel patch that restricts users so..
> > 'who' shows only the user himself
> "who" is not a kernel function, it's a syste
On Fri, Mar 09, 2001 at 05:40:03PM -0500, Robert Mognet wrote:
> > Anyone know where I can find a kernel patch that restricts users so..
> > 'who' shows only the user himself
>
> "who" is not a kernel function, it's a system utility.
That doesn't mean a kernel patch can't modify its behavior. H
Hello,
On Wed, Mar 07, 2001 at 05:03:55PM +0100, Niklas H?glund wrote:
> Hi!
> Anyone know where I can find a kernel patch that restricts users so..
> 'who' shows only the user himself
"who" is not a kernel function, it's a system utility.
Something like this will work:
alias who="me=`whoami
On Fri, Mar 09, 2001 at 08:47:41AM -0400, Peter Cordes wrote:
> Yes. It uses rp_filter (this is controlled in /proc/sys/... Read
Also by:
/etc/ipmasq/rules/I15lospoof.def
if you have the ipmasq package installed:
# deny and log all packets trying to come in from a 127.0.0.0/8 address
# over
On Wed, 7 Mar 2001, [iso-8859-1] Niklas H?glund wrote:
> Hi!
> Anyone know where I can find a kernel patch that restricts users so..
> 'who' shows only the user himself
> 'netstat -a' only ports that root/the user owns
> 'ls' only files that are owned by root/the user
> ??
> //Niklas
Take a look
-> > is debian protected beforeconnecting from remote hosts to address
-> > 127.0.0.0/8 ?
-> >
-> > how?
->
->
-> [amos]:~/# grep spoof-protect /etc/init.d/networking
-> if [ -e /etc/network/spoof-protect ]; then
-> . /etc/network/spoof-protect
->
-> [amos]:~/# grep 127.0.0.1 /etc/network/s
On Fri, Mar 09, 2001 at 11:30:23AM +0100, Matus fantomas Uhlar wrote:
> HEllo,
>
> is debian protected beforeconnecting from remote hosts to address
> 127.0.0.0/8 ?
>
> how?
Yes. It uses rp_filter (this is controlled in /proc/sys/... Read
linux/Documentation/filesystems/proc.txt, in the kerne
On Wed, 7 Mar 2001, [iso-8859-1] Niklas Höglund wrote:
> Hi!
> Anyone know where I can find a kernel patch that restricts users so..
> 'who' shows only the user himself
> 'netstat -a' only ports that root/the user owns
> 'ls' only files that are owned by root/the user
> ??
> //Niklas
Take a loo
-> > is debian protected beforeconnecting from remote hosts to address
-> > 127.0.0.0/8 ?
-> >
-> > how?
->
->
-> [amos]:~/# grep spoof-protect /etc/init.d/networking
-> if [ -e /etc/network/spoof-protect ]; then
-> . /etc/network/spoof-protect
->
-> [amos]:~/# grep 127.0.0.1 /etc/network/
On Fri, Mar 09, 2001 at 11:30:23AM +0100, Matus fantomas Uhlar wrote:
> HEllo,
>
> is debian protected beforeconnecting from remote hosts to address
> 127.0.0.0/8 ?
>
> how?
Yes. It uses rp_filter (this is controlled in /proc/sys/... Read
linux/Documentation/filesystems/proc.txt, in the kern
HEllo,
is debian protected beforeconnecting from remote hosts to address
127.0.0.0/8 ?
how?
--
Matus "fantomas" Uhlar, sysadmin at NEXTRA, Slovakia; IRCNET admin of *.sk
[EMAIL PROTECTED] ; http://www.fantomas.sk/ ; http://www.nextra.sk/
If Barbie is so popular, why do you have to buy her fri
On Thu, Mar 08, 2001 at 09:07:01PM -0800, Alexander Hvostov wrote:
> SAFT is a nifty little protocol that lets you send a file to some other
> user on the internet without them having to explicitly accept it. Instead,
> the SAFT server will receive the file and place it in a queue for access
> late
HEllo,
is debian protected beforeconnecting from remote hosts to address
127.0.0.0/8 ?
how?
--
Matus "fantomas" Uhlar, sysadmin at NEXTRA, Slovakia; IRCNET admin of *.sk
[EMAIL PROTECTED] ; http://www.fantomas.sk/ ; http://www.nextra.sk/
If Barbie is so popular, why do you have to buy her fr
On Thu, Mar 08, 2001 at 09:07:01PM -0800, Alexander Hvostov wrote:
> SAFT is a nifty little protocol that lets you send a file to some other
> user on the internet without them having to explicitly accept it. Instead,
> the SAFT server will receive the file and place it in a queue for access
> lat
34 matches
Mail list logo
