On Monday, December 24, 2001, at 10:52 , Gary MacDougall wrote:
Someone said that St. Jude was what I was looking for, and I think
its pretty much *exactly* what I was pointing out.
Can't, in general, stop an attack. All the attacker has to do is
not do unusual calls which jude monitors, whi
Howland, Curtis, 2001-Dec-25 13:08 +0900:
> This may seem an obvious question, but have you coordinated that "ipchains"
> works with the 2.2.x kernels, and "iptables" with the 2.4.x kernels?
>
> Woody standard kernel is still 2.2.x.
>
> Curt
Thanks for the suggestion. I am running woody with a
This may seem an obvious question, but have you coordinated that "ipchains"
works with the 2.2.x kernels, and "iptables" with the 2.4.x kernels?
Woody standard kernel is still 2.2.x.
Curt-
> -Original Message-
> From: Jeff [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, December 25, 2001 12:
I've recently discovered the "badflags" capabilities in iptables
and I'm playing with some rules. However, when I load the rules,
I get the following error message:
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.3: Couldn't load target
`badflags':/lib/iptables/libipt_b
> On Friday, December 21, 2001, at 03:25 , Gary MacDougall wrote:
>
> > Wouldn't it be nice to be able to run the kernel in "secure mode"?
> > I'm curious to know if we could limit the amount of "root exploits"
> > by this method, it would REALLY harden up security on a
> > Linux box... anyone hav
making the disks readonly is not trivial ...
lots of work to make it readonly.. a fun project ...
Not really. Nothing should write anywhere except /var and /tmp
(did I miss any). Also, if you have users, then /home.
In particular, if it is in $PATH, make it read-only. Many root
kits trojan
On Monday, December 24, 2001, at 10:52 , Gary MacDougall wrote:
> Someone said that St. Jude was what I was looking for, and I think
> its pretty much *exactly* what I was pointing out.
Can't, in general, stop an attack. All the attacker has to do is
not do unusual calls which jude monitors, w
Howland, Curtis, 2001-Dec-25 13:08 +0900:
> This may seem an obvious question, but have you coordinated that "ipchains" works
>with the 2.2.x kernels, and "iptables" with the 2.4.x kernels?
>
> Woody standard kernel is still 2.2.x.
>
> Curt
Thanks for the suggestion. I am running woody with a
This may seem an obvious question, but have you coordinated that "ipchains" works with
the 2.2.x kernels, and "iptables" with the 2.4.x kernels?
Woody standard kernel is still 2.2.x.
Curt-
> -Original Message-
> From: Jeff [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, December 25, 2001 12
I've recently discovered the "badflags" capabilities in iptables
and I'm playing with some rules. However, when I load the rules,
I get the following error message:
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.3: Couldn't load target
`badflags':/lib/iptables/libipt_
> On Friday, December 21, 2001, at 03:25 , Gary MacDougall wrote:
>
> > Wouldn't it be nice to be able to run the kernel in "secure mode"?
> > I'm curious to know if we could limit the amount of "root exploits"
> > by this method, it would REALLY harden up security on a
> > Linux box... anyone ha
> making the disks readonly is not trivial ...
> lots of work to make it readonly.. a fun project ...
Not really. Nothing should write anywhere except /var and /tmp
(did I miss any). Also, if you have users, then /home.
In particular, if it is in $PATH, make it read-only. Many root
kits troja
hi ya
> Also, when you look at how memory is laid out, having two stacks
> is problematic. Under linux, it looks like this:
>
> ---
>| KERNEL | | stack | < grows downward
>||---
>||
>| user | > ---
>|
hi ya
On Mon, 24 Dec 2001, Anthony DeRobertis wrote:
>
> On Friday, December 21, 2001, at 03:25 , Gary MacDougall wrote:
>
> > Wouldn't it be nice to be able to run the kernel in "secure mode"?
> > I'm curious to know if we could limit the amount of "root exploits"
> > by this method, it wou
Selam sana bir site oneriyorum kesin bak! ,
OYUNLAR SADECE 2.750.000 TL!
http://www.alisveris.sehri.com
http://www.alisveris.sehri.com
iyi gunler,
Bu mesaj
htp://www.aslan.mekani.com üzerinden yollanmistir!
Uye olmak icin ;
http://astavilla.kolayweb.com/haber.htm
hi ya
> Also, when you look at how memory is laid out, having two stacks
> is problematic. Under linux, it looks like this:
>
> ---
>| KERNEL | | stack | < grows downward
>||---
>||
>| user | > ---
>
hi ya
On Mon, 24 Dec 2001, Anthony DeRobertis wrote:
>
> On Friday, December 21, 2001, at 03:25 , Gary MacDougall wrote:
>
> > Wouldn't it be nice to be able to run the kernel in "secure mode"?
> > I'm curious to know if we could limit the amount of "root exploits"
> > by this method, it wo
Selam sana bir site oneriyorum kesin bak! ,
OYUNLAR SADECE 2.750.000 TL!
http://www.alisveris.sehri.com
http://www.alisveris.sehri.com
iyi gunler,
Bu mesaj
htp://www.aslan.mekani.com üzerinden yollanmistir!
Uye olmak icin ;
http://astavilla.kolayweb.com/haber.htm
On Saturday, December 22, 2001, at 07:22 , System Administrator wrote:
The assembly statement "jsr" (jump to subroutine) puts the
return address
on the same stack, where space for local variables is reserved.
Local variables, parameters, temporaries, etc. Yes, it's all the
same stack on ev
On Friday, December 21, 2001, at 03:25 , Gary MacDougall wrote:
Wouldn't it be nice to be able to run the kernel in "secure mode"?
I'm curious to know if we could limit the amount of "root exploits"
by this method, it would REALLY harden up security on a
Linux box... anyone have any opinions on
On Saturday, December 22, 2001, at 07:22 , System Administrator wrote:
> The assembly statement "jsr" (jump to subroutine) puts the
> return address
> on the same stack, where space for local variables is reserved.
>
Local variables, parameters, temporaries, etc. Yes, it's all the
same stack
On Friday, December 21, 2001, at 03:25 , Gary MacDougall wrote:
> Wouldn't it be nice to be able to run the kernel in "secure mode"?
> I'm curious to know if we could limit the amount of "root exploits"
> by this method, it would REALLY harden up security on a
> Linux box... anyone have any opin
22 matches
Mail list logo
