Yes, infact I have.
The little bastard got into the IIS webserver at work and deleted
everything.
Death to PoizonB0x. Very UNprofessional.
- Original Message -
From: L@@K dont throw away! <[EMAIL PROTECTED]>
To:
Sent: Friday, June 01, 2001 9:51 PM
Subject: Have you been hacked by f*ck P
After setting up the IPChains policies and rules, I want to be able to have a
log file of any DENY packets sent to me. We use GroupWise as a email package.
I also want those log files to exist on another Debian server that sits behind
the firewall.
TIA
Jon L. Miller, MCNE
Director/Sr System
Yes, infact I have.
The little bastard got into the IIS webserver at work and deleted
everything.
Death to PoizonB0x. Very UNprofessional.
- Original Message -
From: L@@K dont throw away! <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, June 01, 2001 9:51 PM
Subject: Have you b
After setting up the IPChains policies and rules, I want to be able to have a log file
of any DENY packets sent to me. We use GroupWise as a email package. I also want
those log files to exist on another Debian server that sits behind the firewall.
TIA
Jon L. Miller, MCNE
Director/Sr System
Hi,
I did : 'netstat -M' and netstat told me : there is no support for
ip_masquerade on this system'.
But I have compiled my kernel with FULL NAT - including all masquerade
options - (but I don't see any file named /proc/sys/net/ipv4/ip_masquerade)
Anyone have an idea of what can happen ?
Be
On Fri, Jun 01, 2001 at 10:25:24PM +0200, Tomasz Olszewski wrote:
> OK, I mentioned both startx and xinit but when I was talking about
> ignoring the global xinitrc I reffered to xinit (because startx was
> already not a problem).
Oh ok.
P.S. if you do modify the startx script it will be over-wri
Hello Debian Users!
On piątek, 01 czerwiec 2001, 19:22:16 + Jim Breton wrote:
> See above to where you referred to startx.
OK, I mentioned both startx and xinit but when I was talking about
ignoring the global xinitrc I reffered to xinit (because startx was
already not a problem).
> Huh?
Wh
On Sat, May 26, 2001 at 11:34:00PM +0200, Tomasz Olszewski wrote:
> just modified /usr/X11R6/bin/startx but wat id someone launches plain
> xinit?
On Tue, May 29, 2001 at 01:50:10PM +0200, Tomasz Olszewski wrote:
> I was thinking about it but I thought there may be a more "civilized"
> way ;) Howe
Hi,
I did : 'netstat -M' and netstat told me : there is no support for
ip_masquerade on this system'.
But I have compiled my kernel with FULL NAT - including all masquerade
options - (but I don't see any file named /proc/sys/net/ipv4/ip_masquerade)
Anyone have an idea of what can happen ?
B
On Fri, Jun 01, 2001 at 10:25:24PM +0200, Tomasz Olszewski wrote:
> OK, I mentioned both startx and xinit but when I was talking about
> ignoring the global xinitrc I reffered to xinit (because startx was
> already not a problem).
Oh ok.
P.S. if you do modify the startx script it will be over-wr
Hello Debian Users!
On piątek, 01 czerwiec 2001, 19:22:16 + Jim Breton wrote:
> See above to where you referred to startx.
OK, I mentioned both startx and xinit but when I was talking about
ignoring the global xinitrc I reffered to xinit (because startx was
already not a problem).
> Huh?
W
On Sat, May 26, 2001 at 11:34:00PM +0200, Tomasz Olszewski wrote:
> just modified /usr/X11R6/bin/startx but wat id someone launches plain
> xinit?
On Tue, May 29, 2001 at 01:50:10PM +0200, Tomasz Olszewski wrote:
> I was thinking about it but I thought there may be a more "civilized"
> way ;) How
I've created an online community called "Have you been hacked by f*ck
PoizonBOx?".
http://www.delphi.com/PoizonBOx/start/
Please join the discussion!
With the message board, you can view discussion folders quickly in the
left-hand column and read up to 20 messages at a time. You can even atta
When I did netstat -M on my debian NAT firewall, I got the following entry:
prot expire source destination ports
. . .
tcp 118:59.12 zaphod.example.org 209.225.26.223294 -> 5000 (64996)
. . .
Zaphod is a Windows ME box. I recently read the article on Slash
On Fri, 1 Jun 2001, Izak Burger wrote:
[cut]
> The "salt" is some random value that is used in the encryption
> algorithm, two-characters chosen from the set [a-zA-Z0-9./]. These
> two characters are then stored as the first two characters of the crypted
> password. That way, when you log in,
Hello Debian Users!
On piątek, 01 czerwiec 2001, 09:55:26 +0100 Colin Phipps wrote:
> If you have local users deliberately going out of their way to open TCP ports
> that you don't want, then you are looking in the wrong place to fix this;
> either you want userdel(8), paranoia kernel patches, or
I've created an online community called "Have you been hacked by f*ck
PoizonBOx?".
http://www.delphi.com/PoizonBOx/start/
Please join the discussion!
With the message board, you can view discussion folders quickly in the
left-hand column and read up to 20 messages at a time. You can even att
It was the SCSI driver was missing. I was able to compile the kernel
and thanks for everyones help. I may have a bug to report when compiling
2.4.4 and 2.4.5 kernels from there tar balls. When I use config or
menuconfig and deselect smp since I only have one processor. I get the
following erro
When I did netstat -M on my debian NAT firewall, I got the following entry:
prot expire source destination ports
. . .
tcp 118:59.12 zaphod.example.org 209.225.26.223294 -> 5000 (64996)
. . .
Zaphod is a Windows ME box. I recently read the article on Slas
On Fri, 1 Jun 2001, Izak Burger wrote:
[cut]
> The "salt" is some random value that is used in the encryption
> algorithm, two-characters chosen from the set [a-zA-Z0-9./]. These
> two characters are then stored as the first two characters of the crypted
> password. That way, when you log in,
Hello Debian Users!
On piątek, 01 czerwiec 2001, 09:55:26 +0100 Colin Phipps wrote:
> If you have local users deliberately going out of their way to open TCP ports
> that you don't want, then you are looking in the wrong place to fix this;
> either you want userdel(8), paranoia kernel patches, or
Mike Moran <[EMAIL PROTECTED]> writes:
> Although it is good to have a properly setup firewall, I was wondering
> what else I could do to check that the machines behind it haven't been
> compromised (by an email trojan or the like)?
You can do an awful lot worse than installing AIDE for this sort
It was the SCSI driver was missing. I was able to compile the kernel
and thanks for everyones help. I may have a bug to report when compiling
2.4.4 and 2.4.5 kernels from there tar balls. When I use config or
menuconfig and deselect smp since I only have one processor. I get the
following err
Although it is good to have a properly setup firewall, I was wondering
what else I could do to check that the machines behind it haven't been
compromised (by an email trojan or the like)?
I was thinking of setting up a scanner (strobe/nmap/...?) to
automatically do a scan from a cron and mail
On Fri, Jun 01, 2001 at 08:24:51AM -0300, Pedro Zorzenon Neto wrote:
> On Fri, Jun 01, 2001 at 09:21:19AM +0200, Philipp Schulte wrote:
> > I was thinking of bad memory that might cause this behaviour.
>
> Helping about checking memory:
> Install package 'hwtools'
> Put a blank, formatted fl
On Fri, Jun 01, 2001 at 09:21:19AM +0200, Philipp Schulte wrote:
> I was thinking of bad memory that might cause this behaviour.
Helping about checking memory:
Install package 'hwtools'
Put a blank, formatted floppy disk in /dev/fd0 (or fd1)
# cp usr/lib/hwtools/memtest86.bin /dev/fd0
Rebo
On Wed, 30 May 2001, Robert Magier wrote:
> BAD_FORWARDIN=eth2 OUT=eth0
> SRC=169.254.199.81 DST=148.81.116.98
> LEN=69 TOS=0x00 PREC=0x00 TTL=127 ID=34055 PROTO=UDP SPT=137 DPT=53
> LEN=49
(snip...)
> I want to know what machine is sending this packets, so I set
> iptables -t filter -I
On Wed, 30 May 2001, Robert Magier wrote:
> Values of encrypted passwords are diffrent each time I use makepasswd.
> So, how the login program check my password?
> I tested if I can login to the system for each of this values ( I write it
> down to the /etc/shadow ) and I could.
The crypt() fu
Mike Moran <[EMAIL PROTECTED]> writes:
> Although it is good to have a properly setup firewall, I was wondering
> what else I could do to check that the machines behind it haven't been
> compromised (by an email trojan or the like)?
You can do an awful lot worse than installing AIDE for this sor
I wonder how password encryption works
At first I thought that thist looks smth like this
Encrypted passwords are kept in /etc/shadow
When I want to log in . My password is being crypted and then compared
with this in /etc/shadow one.
This happens because there is no (back-working) crypt function,
Welcome
I do not know where is the problem with my firewall set
I have set :
iptables -t filter - I FORWARD -j LOG
And because of this smth like this is displayed on my screen
BAD_FORWARDIN=eth2 OUT=eth0
SRC=169.254.199.81 DST=148.81.116.98
LEN=69 TOS=0x00 PREC=0x00 TTL=127 ID=34055 PROTO=
Although it is good to have a properly setup firewall, I was wondering
what else I could do to check that the machines behind it haven't been
compromised (by an email trojan or the like)?
I was thinking of setting up a scanner (strobe/nmap/...?) to
automatically do a scan from a cron and mail
On Fri, Jun 01, 2001 at 08:24:51AM -0300, Pedro Zorzenon Neto wrote:
> On Fri, Jun 01, 2001 at 09:21:19AM +0200, Philipp Schulte wrote:
> > I was thinking of bad memory that might cause this behaviour.
>
> Helping about checking memory:
> Install package 'hwtools'
> Put a blank, formatted f
On Fri, Jun 01, 2001 at 09:21:19AM +0200, Philipp Schulte wrote:
> I was thinking of bad memory that might cause this behaviour.
Helping about checking memory:
Install package 'hwtools'
Put a blank, formatted floppy disk in /dev/fd0 (or fd1)
# cp usr/lib/hwtools/memtest86.bin /dev/fd0
Reb
On Tue, May 29, 2001 at 01:50:10PM +0200, Tomasz Olszewski wrote:
> Hello Debian Users!
> On poniedzia?ek, 28 maj 2001, 15:50:14 + Jim Breton wrote:
>
> > So make /usr/bin/X11/X a wrapper for the "real" X.
>
> I was thinking about it but I thought there may be a more "civilized"
> way ;) Howe
Hello Debian Users!
On poniedziałek, 28 maj 2001, 15:50:14 + Jim Breton wrote:
> So make /usr/bin/X11/X a wrapper for the "real" X.
I was thinking about it but I thought there may be a more "civilized"
way ;) However what if an user finds the real X?
> > Besides, xinit looks only for user's
On Wed, 30 May 2001, Robert Magier wrote:
> BAD_FORWARDIN=eth2 OUT=eth0
> SRC=169.254.199.81 DST=148.81.116.98
> LEN=69 TOS=0x00 PREC=0x00 TTL=127 ID=34055 PROTO=UDP SPT=137 DPT=53 LEN=49
(snip...)
> I want to know what machine is sending this packets, so I set
> iptables -t filter -I IN
On Wed, 30 May 2001, Robert Magier wrote:
> Values of encrypted passwords are diffrent each time I use makepasswd.
> So, how the login program check my password?
> I tested if I can login to the system for each of this values ( I write it
> down to the /etc/shadow ) and I could.
The crypt() f
Hello,
I am running AIDE an some servers and one of them is causing trouble.
I get warnings about once a day, that a file (usually a lib in
/usr/lib) has changed. Two hours later I get a message that the file
had changed again but then the checksums are the same like in the very
beginning.
An exa
I wonder how password encryption works
At first I thought that thist looks smth like this
Encrypted passwords are kept in /etc/shadow
When I want to log in . My password is being crypted and then compared
with this in /etc/shadow one.
This happens because there is no (back-working) crypt function,
Welcome
I do not know where is the problem with my firewall set
I have set :
iptables -t filter - I FORWARD -j LOG
And because of this smth like this is displayed on my screen
BAD_FORWARDIN=eth2 OUT=eth0
SRC=169.254.199.81 DST=148.81.116.98
LEN=69 TOS=0x00 PREC=0x00 TTL=127 ID=34055 PROTO
On Thu, 31 May 2001 16:17:42 +0200
Alex Snijder <[EMAIL PROTECTED]> wrote:
> Hello, I'm looking for a good 'secure' FTP server.
I like and use muddleftpd as I need to support user logins in
intranet siuations. I recommend perusing Rock Moen's list of FTPd
servers and his commentary (Marcus Ran
On Tue, May 29, 2001 at 01:50:10PM +0200, Tomasz Olszewski wrote:
> Hello Debian Users!
> On poniedzia?ek, 28 maj 2001, 15:50:14 + Jim Breton wrote:
>
> > So make /usr/bin/X11/X a wrapper for the "real" X.
>
> I was thinking about it but I thought there may be a more "civilized"
> way ;) How
Hello Debian Users!
On poniedziałek, 28 maj 2001, 15:50:14 + Jim Breton wrote:
> So make /usr/bin/X11/X a wrapper for the "real" X.
I was thinking about it but I thought there may be a more "civilized"
way ;) However what if an user finds the real X?
> > Besides, xinit looks only for user's
44 matches
Mail list logo
