Jim Breton, 2001-Jul-20 20:01 +:
> On Fri, Jul 20, 2001 at 12:37:49PM -0700, Jeff Coppock wrote:
> >Do I need to dist-upgrade to woody to use iptables?
>
> Nope.
>
> http://netfilter.samba.org
>
> Compiles very easily from source. HTH.
>
I was able to compile a good 2.4.6 kernel
> Wichert Akkerman was said to been seen saying:
...
> > we glad we all run Linux? :)
...
> Scratch another win for Linux...
What you mean to say is: "Aren't we all glad we don't run IIS" because
1) this has nothing to do with Linux. Last I heard, *BSD, Solaris, etc..
weren't vulnerable to
On Fri, Jul 20, 2001 at 09:31:07PM -0700, Jeff Coppock wrote:
># modprobe ip_tables
>modprobe: Can't locate module ip_tables
>
>But, it's definitely there. I can't figure out how to fix
>this. Any help is very much appreciated.
Your version of modutils's 'modprobe' doesn't l
Jim Breton, 2001-Jul-20 20:01 +:
> On Fri, Jul 20, 2001 at 12:37:49PM -0700, Jeff Coppock wrote:
> >Do I need to dist-upgrade to woody to use iptables?
>
> Nope.
>
> http://netfilter.samba.org
>
> Compiles very easily from source. HTH.
>
I was able to compile a good 2.4.6 kerne
> Wichert Akkerman was said to been seen saying:
...
> > we glad we all run Linux? :)
...
> Scratch another win for Linux...
What you mean to say is: "Aren't we all glad we don't run IIS" because
1) this has nothing to do with Linux. Last I heard, *BSD, Solaris, etc..
weren't vulnerable t
Really? As if linux has not had it's worms?
I think blaming Windows here is a tad bit short sighted. What we
hopefully can be glad for is that most of the people on this list
(hopefully) is good at upgrading their systems.
Well yes and no.
First of all MS has to take some of the blame for a
In the depths of that dark day Sat Jul 21, the words of Wichert Akkerman were
the beacon:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and
On Fri, Jul 20, 2001 at 09:33:21PM -0400, Noah L. Meyerhans wrote:
> On Fri, Jul 20, 2001 at 06:24:54PM -0700, Alvin Oga wrote:
> > if ya wrote a script... was thinking..wouldnt it be funny
> > to redirect that incoming attack with the cgi script to
> > redirect it back to the incoming machine ??
I got such attempts from 21 distinct addresses against my server in Russia
since
July 19 through July 20. I was able to resolve some of the addresses into
hostnames.
It is forged addresses, isn't it, and we cannot blame this hosts for the
attacks?
Mikhail.
- Original Message -
From: Yota
On Fri, Jul 20, 2001 at 06:24:54PM -0700, Alvin Oga wrote:
> if ya wrote a script... was thinking..wouldnt it be funny
> to redirect that incoming attack with the cgi script to
> redirect it back to the incoming machine ???
It wouldn't get you anything exciting. The source machine has already
be
Wichert Akkerman was said to been seen saying:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
> on www.debian.org. Almost all attempts
hi ya Alson..
if ya wrote a script... was thinking..wouldnt it be funny
to redirect that incoming attack with the cgi script to
redirect it back to the incoming machine ???
c ya
alvin
On Sat, 21 Jul 2001, Alson van der Meulen wrote:
> On Sat, Jul 21, 2001 at 02:10:42AM +0200, Wichert Akkerma
On Sat, Jul 21, 2001 at 02:10:42AM +0200, Wichert Akkerman wrote:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
> on www.debian.org. A
Wichert Akkerman <[EMAIL PROTECTED]> writes:
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
> on www.debian.org. Almost all attempts were
On Sat, Jul 21, 2001 at 02:10:42AM +0200, Wichert Akkerman wrote:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
> on www.debian.org. A
On Sat, Jul 21, 2001 at 02:10:42AM +0200, Wichert Akkerman wrote:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
> on www.debian.org. A
On Sat, Jul 21, 2001 at 02:10:42AM +0200, Wichert Akkerman wrote:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
> on www.debian.org. A
For amusement I checked the web logs for a few debian machines to see
if they had some red worm attempts. Seems we've been probed a fair
bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
on www.debian.org. Almost all attempts were made on July 19. Aren't
we glad we all run Linux? :)
>
>Really? As if linux has not had it's worms?
>
>I think blaming Windows here is a tad bit short sighted. What we
>hopefully can be glad for is that most of the people on this list
>(hopefully) is good at upgrading their systems.
Well yes and no.
First of all MS has to take some of the blame f
In the depths of that dark day Sat Jul 21, the words of Wichert Akkerman were the
beacon:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org an
On Fri, Jul 20, 2001 at 09:33:21PM -0400, Noah L. Meyerhans wrote:
> On Fri, Jul 20, 2001 at 06:24:54PM -0700, Alvin Oga wrote:
> > if ya wrote a script... was thinking..wouldnt it be funny
> > to redirect that incoming attack with the cgi script to
> > redirect it back to the incoming machine ?
I got such attempts from 21 distinct addresses against my server in Russia
since
July 19 through July 20. I was able to resolve some of the addresses into
hostnames.
It is forged addresses, isn't it, and we cannot blame this hosts for the
attacks?
Mikhail.
- Original Message -
From: Yot
On Fri, Jul 20, 2001 at 06:24:54PM -0700, Alvin Oga wrote:
> if ya wrote a script... was thinking..wouldnt it be funny
> to redirect that incoming attack with the cgi script to
> redirect it back to the incoming machine ???
It wouldn't get you anything exciting. The source machine has already
b
Wichert Akkerman was said to been seen saying:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
> on www.debian.org. Almost all attempts
hi ya Alson..
if ya wrote a script... was thinking..wouldnt it be funny
to redirect that incoming attack with the cgi script to
redirect it back to the incoming machine ???
c ya
alvin
On Sat, 21 Jul 2001, Alson van der Meulen wrote:
> On Sat, Jul 21, 2001 at 02:10:42AM +0200, Wichert Akkerm
On Sat, Jul 21, 2001 at 02:10:42AM +0200, Wichert Akkerman wrote:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
> on www.debian.org.
I am using the packages from Adrian Bunk, they work great.
Add the following to /etc/apt/source.list:
deb http://people.debian.org/~bunk/debian potato main
deb-src http://people.debian.org/~bunk/debian potato main
With this you can then use apt, capt or dselect. (The tools that make me so
fond
Wichert Akkerman <[EMAIL PROTECTED]> writes:
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
> on www.debian.org. Almost all attempts wer
On Sat, Jul 21, 2001 at 02:10:42AM +0200, Wichert Akkerman wrote:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
> on www.debian.org.
On Sat, Jul 21, 2001 at 02:10:42AM +0200, Wichert Akkerman wrote:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
> on www.debian.org.
On Sat, Jul 21, 2001 at 02:10:42AM +0200, Wichert Akkerman wrote:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
> on www.debian.org.
For amusement I checked the web logs for a few debian machines to see
if they had some red worm attempts. Seems we've been probed a fair
bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and 18
on www.debian.org. Almost all attempts were made on July 19. Aren't
we glad we all run Linux? :
Jeff Coppock <[EMAIL PROTECTED]> writes:
>I want to run iptables, but I'm running stable. I have a clean,
>bootable 2.4.6 kernel (took awhile, but I got it), and then realized
>that the iptable package in not in stable, but is in testing and
>unstable. I looked for deb-src, but cou
Jeff Coppock wrote on Fri Jul 20, 2001 at 12:37:49PM:
>
>Dilemna:
>I want to run iptables, but I'm running stable. I have a
>clean, bootable 2.4.6 kernel (took awhile, but I got it), and
>then realized that the iptable package in not in stable, but
>is in testing and unstable.
Hello,
On Fri, Jul 20, 2001 at 12:37:27PM -0700, Jeff Coppock wrote:
>Dilemna:
>I want to run iptables, but I'm running stable. I have a
>clean, bootable 2.4.6 kernel (took awhile, but I got it), and
>then realized that the iptable package in not in stable, but
>is in testing
* Jeff Coppock ([EMAIL PROTECTED]) [010720 12:54]:
>Dilemna:
>I want to run iptables, but I'm running stable. I have a
>clean, bootable 2.4.6 kernel (took awhile, but I got it), and
>then realized that the iptable package in not in stable, but
>is in testing and unstable. I lo
On Fri, Jul 20, 2001 at 12:37:49PM -0700, Jeff Coppock wrote:
>Do I need to dist-upgrade to woody to use iptables?
Nope.
http://netfilter.samba.org
Compiles very easily from source. HTH.
Someone spammed this out a while back. I just used this a few days ago,
worked just fine
http://www.debian.org/News/2001/20010415
HTH,
Steven Beverly
IS Technician - PHX
IS Operations
EarthLink, Inc.
Cell: 602.723.4485
Pager: [EMAIL PROTECTED]
"I am the Illustrious Postmaster and Grand Poob
I am using the packages from Adrian Bunk, they work great.
Add the following to /etc/apt/source.list:
deb http://people.debian.org/~bunk/debian potato main
deb-src http://people.debian.org/~bunk/debian potato main
With this you can then use apt, capt or dselect. (The tools that make me so
fond
Dilemna:
I want to run iptables, but I'm running stable. I have a
clean, bootable 2.4.6 kernel (took awhile, but I got it), and
then realized that the iptable package in not in stable, but
is in testing and unstable. I looked for deb-src, but
couldn't find any. I figured I coul
Jeff Coppock <[EMAIL PROTECTED]> writes:
>I want to run iptables, but I'm running stable. I have a clean,
>bootable 2.4.6 kernel (took awhile, but I got it), and then realized
>that the iptable package in not in stable, but is in testing and
>unstable. I looked for deb-src, but co
Jeff Coppock wrote on Fri Jul 20, 2001 at 12:37:49PM:
>
>Dilemna:
>I want to run iptables, but I'm running stable. I have a
>clean, bootable 2.4.6 kernel (took awhile, but I got it), and
>then realized that the iptable package in not in stable, but
>is in testing and unstable
Hello,
On Fri, Jul 20, 2001 at 12:37:27PM -0700, Jeff Coppock wrote:
>Dilemna:
>I want to run iptables, but I'm running stable. I have a
>clean, bootable 2.4.6 kernel (took awhile, but I got it), and
>then realized that the iptable package in not in stable, but
>is in testing
* Jeff Coppock ([EMAIL PROTECTED]) [010720 12:54]:
>Dilemna:
>I want to run iptables, but I'm running stable. I have a
>clean, bootable 2.4.6 kernel (took awhile, but I got it), and
>then realized that the iptable package in not in stable, but
>is in testing and unstable. I l
On Fri, Jul 20, 2001 at 12:37:49PM -0700, Jeff Coppock wrote:
>Do I need to dist-upgrade to woody to use iptables?
Nope.
http://netfilter.samba.org
Compiles very easily from source. HTH.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EM
Someone spammed this out a while back. I just used this a few days ago,
worked just fine
http://www.debian.org/News/2001/20010415
HTH,
Steven Beverly
IS Technician - PHX
IS Operations
EarthLink, Inc.
Cell: 602.723.4485
Pager: [EMAIL PROTECTED]
"I am the Illustrious Postmaster and Grand Poo
Dilemna:
I want to run iptables, but I'm running stable. I have a
clean, bootable 2.4.6 kernel (took awhile, but I got it), and
then realized that the iptable package in not in stable, but
is in testing and unstable. I looked for deb-src, but
couldn't find any. I figured I cou
On Fri, Jul 20, 2001 at 12:42:13PM +0100, David Wright wrote:
> Do you mean this package?
>
> "Programmer for Atmel AVR microcontrolers that uses PC parallel port
Yes.
> If so, I'm not sure why you think it needs to be setuid. Just
> chgrp somegroup /dev/lp0 (or whichever port) and put yourself
On Fri, Jul 20, 2001 at 08:28:54AM -0300, Pedro Zorzenon Neto wrote:
>I could use some options like this:
>
> $ avrprog -i input.data -o output.data
>
>But I chose to use stdin/stdout instead.
>
> $ avrprog < input.data > output.data
>
>Than I don't need to check if the
Quoting Pedro Zorzenon Neto ([EMAIL PROTECTED]):
>I wrote a program that needs to run setuid root due to direct hardware
> access (Package: avrprog).
Do you mean this package?
"Programmer for Atmel AVR microcontrolers that uses PC parallel port
to program the device in serial mode. The dev
Hola!
--- Pedro Zorzenon Neto <[EMAIL PROTECTED]> wrote:
>This program needs to read data from a file and
> also write to other file.
>
>I could use some options like this:
>
> $ avrprog -i input.data -o output.data
>
>But I chose to use stdin/stdout instead.
>
> $ avr
Hi list,
I wrote a program that needs to run setuid root due to direct hardware
access (Package: avrprog).
This program needs to read data from a file and also write to other file.
I could use some options like this:
$ avrprog -i input.data -o output.data
But I chose to use
On Fri, Jul 20, 2001 at 12:42:13PM +0100, David Wright wrote:
> Do you mean this package?
>
> "Programmer for Atmel AVR microcontrolers that uses PC parallel port
Yes.
> If so, I'm not sure why you think it needs to be setuid. Just
> chgrp somegroup /dev/lp0 (or whichever port) and put yourself
On Fri, Jul 20, 2001 at 08:28:54AM -0300, Pedro Zorzenon Neto wrote:
>I could use some options like this:
>
> $ avrprog -i input.data -o output.data
>
>But I chose to use stdin/stdout instead.
>
> $ avrprog < input.data > output.data
>
>Than I don't need to check if the
Quoting Pedro Zorzenon Neto ([EMAIL PROTECTED]):
>I wrote a program that needs to run setuid root due to direct hardware access
>(Package: avrprog).
Do you mean this package?
"Programmer for Atmel AVR microcontrolers that uses PC parallel port
to program the device in serial mode. The dev
Hola!
--- Pedro Zorzenon Neto <[EMAIL PROTECTED]> wrote:
>This program needs to read data from a file and
> also write to other file.
>
>I could use some options like this:
>
> $ avrprog -i input.data -o output.data
>
>But I chose to use stdin/stdout instead.
>
> $ av
Title: RE: CGI Buffer Overflow?
It's a worm called Code Red, spreading thru IIS-servers. Nothing
you have to worry about if you're only running Apache.
We dont, so we should have worried yesterday. =)
There are info on cert.org, eeya.com and probably /. and
so on..
I've seen 100 of this on
Hi list,
I wrote a program that needs to run setuid root due to direct hardware access
(Package: avrprog).
This program needs to read data from a file and also write to other file.
I could use some options like this:
$ avrprog -i input.data -o output.data
But I chose to use
On Thu, 19 Jul 2001, Brian Rectanus wrote:
> xxx.xxx.xxx.xxx - - [19/Jul/2001:14:28:23 -0400] "GET
> /default.ida?NNN
http://www.eeye.com/html/Research/Advisories/AL20010717.html
--
[-]
"you're wasting my time, chatterbox."
Try
http://security.debian.org/dists/potato/updates/main/*
http://security.debian.org/dists/potato/updates/contrib/*
http://security.debian.org/dists/potato/updates/non-free/*
On Friday 20 July 2001 03:33, Jason Thomas wrote:
> On Fri, Jul 20, 2001 at 09:39:55AM +0300, Juha J?ykk? wrote:
> > > deb
On Fri, Jul 20, 2001 at 09:39:55AM +0300, Juha J?ykk? wrote:
> > deb http://security.debian.org potato/updates main contrib non-free
does this actually work from what I can tell it ends up being
http://security.debian.org/potato/updates/main/*
http://security.debian.org/potato/updates/contrib/*
h
Improvements always welcome ;-)
--
Alan McNatty
Catalyst IT Ltd
Level 22 - 105 The Terrace,
Wellington
phone: 4 4992267 x705
mob: 21 2661571
email: [EMAIL PROTECTED]
test.pl
Description: Perl program
Title: RE: CGI Buffer Overflow?
It's a worm called Code Red, spreading thru IIS-servers. Nothing
you have to worry about if you're only running Apache.
We dont, so we should have worried yesterday. =)
There are info on cert.org, eeya.com and probably /. and
so on..
I've seen 100 of this on
> deb http://security.debian.org/debian-security potato/updates main contrib
> non-
> free
> deb http://security.debian.org/debian-non-US potato/non-US main contrib
> non-fre
> e
> deb http://security.debian.org potato/updates main contrib non-free
Someone administering the www.debian.org secu
On Thu, 19 Jul 2001, Brian Rectanus wrote:
> xxx.xxx.xxx.xxx - - [19/Jul/2001:14:28:23 -0400] "GET
> /default.ida?NNN
http://www.eeye.com/html/Research/Advisories/AL20010717.html
--
[-]
"you're wasting my time, chatterbox."
--
To UN
Try
http://security.debian.org/dists/potato/updates/main/*
http://security.debian.org/dists/potato/updates/contrib/*
http://security.debian.org/dists/potato/updates/non-free/*
On Friday 20 July 2001 03:33, Jason Thomas wrote:
> On Fri, Jul 20, 2001 at 09:39:55AM +0300, Juha J?ykk? wrote:
> > > de
On Thu, Jul 19, 2001 at 08:43:43PM -0500, xbud wrote:
> 'Nicely' probably isn't a prefered word but you all know what I mean.
>
> Here are some numbers.
Is this thing known to point itself at the private IP blocks?, i.e.
# 10.0.0.0 10.255.255.255
# 172.16.0.0172.31.255.255
# 192.168.0
On Fri, Jul 20, 2001 at 09:39:55AM +0300, Juha J?ykk? wrote:
> > deb http://security.debian.org potato/updates main contrib non-free
does this actually work from what I can tell it ends up being
http://security.debian.org/potato/updates/main/*
http://security.debian.org/potato/updates/contrib/*
Improvements always welcome ;-)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
--
Alan McNatty
Catalyst IT Ltd
Level 22 - 105 The Terrace,
Wellington
phone: 4 4992267 x705
mob: 21 2661571
email: [EMAIL PROTECTED]
test.pl
71 matches
Mail list logo
