Hi everyone,
please can me tell somebody how to make MD5 passwords in order
to supply it to ftppasswd file?
Thanks
Rainer Sigl
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On this list (I beleive) I saw someone mention the use of /bin/passwd as
a shell for mail-only users so they can easily change their password
without having to ask someone. Is this a secure option, or am I missing
some glaring problems? If so, what are some other possible solutions?
Thanks,
Rob
also sprach Rob VanFleet
> On this list (I beleive) I saw someone mention the use of /bin/passwd
> as a shell for mail-only users so they can easily change their password
> without having to ask someone. Is this a secure option, or am I
> missing some glaring problems? If so, what are som
On this list (I beleive) I saw someone mention the use of /bin/passwd as
a shell for mail-only users so they can easily change their password
without having to ask someone. Is this a secure option, or am I missing
some glaring problems? If so, what are some other possible solutions?
Thanks,
Rob
We could start by blocking @aol.com =)
- James
> -Original Message-
> From: Ed Street [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, January 23, 2002 8:25 PM
> To: 'David Ehle'; 'kriss rolo'
> Cc: debian-security@lists.debian.org
> Subject: RE: SOME ITEMS THAT YOU MAY BE INTERESTED IN OR B
hi ya ralf
i would have thought that gcc would barf on b[20]='X'
and similarly for theother variable assignments since its not prev
allocated/defined.. and yet explicitly assigned (incorrectly??)...
its lot harder to control when the coder does
strcpy or readln() without first chcking the length
Hello,
Yes we are *ALL* interested in your crap. So please email everyone with
your street address so we can all come to your house and show you our
appreciation!
As for relavency goes it is relavent. Relavent as in how can we block
this crap from the list.
Ed
> -Original Message-
>
We could start by blocking @aol.com =)
- James
> -Original Message-
> From: Ed Street [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 23, 2002 8:25 PM
> To: 'David Ehle'; 'kriss rolo'
> Cc: [EMAIL PROTECTED]
> Subject: RE: SOME ITEMS THAT YOU MAY BE INTERESTED IN OR BE
> ABLE TO
On Wed, Jan 23, 2002 at 06:39:44PM -0600, David Ehle wrote:
> Kriss,
>
> This has to be the most interesting piece of SPAM i've ever run across...
> but this is NOT the correct forum for it. Please refrain from sending
> anything not pertaining to Debian Security to this list in the future.
I wou
Kriss,
This has to be the most interesting piece of SPAM i've ever run across...
but this is NOT the correct forum for it. Please refrain from sending
anything not pertaining to Debian Security to this list in the future.
Just for the record, I am not intersted in purchasing anything and do not
w
These are the items that iam interested in selling..
Could you help me with some details on the goods, history, origin etc.
are these worth anything and if so who would i contact with regards to
selling them? and the best way to sell them ie auction etc
APOLOGISE IF YOU HAVE ALREADY RECEIVED THIS
Here is a simple example with shellcode. It will give you a nice shell if
there's a /bin/sh on your system :
--
#include
#include
char shellcode[] =
"\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"
> #include
>
> void example()
> {
> char a[10];
> char b[10];
> strcpy(a, "123456789");
> printf ("a: %s\n", a);
> b[20]='X';
> b[21]='Y';
> b[22]='Z';
> printf("a: %s\n", a);
> return;
> }
> main()
> {
> example();
> }
Ralf,
i ran this code
very interesting results, how? i woul
hi,
> anyone to offer any
> explanation will be showered with greatness!
here is an example:
#include
void example()
{
char a[10];
char b[10];
strcpy(a, "123456789");
printf ("a: %s\n", a);
b[20]='X';
b[21]='Y';
b[22]='Z';
printf("a: %s\n", a);
return;
}
main()
{
example();
hi ya ralf
i would have thought that gcc would barf on b[20]='X'
and similarly for theother variable assignments since its not prev
allocated/defined.. and yet explicitly assigned (incorrectly??)...
its lot harder to control when the coder does
strcpy or readln() without first chcking the lengt
Hello,
Yes we are *ALL* interested in your crap. So please email everyone with
your street address so we can all come to your house and show you our
appreciation!
As for relavency goes it is relavent. Relavent as in how can we block
this crap from the list.
Ed
> -Original Message-
>
(2002-01-23) Steve Johnson sed :
| this may seem trivial but i've never really understood how a buffer
| overflow happens and effects your system, i have some knowledge of
| programming, but not much at low levels. like dealing direct with
| memory or devices(other than using standard pointer
hi ya steve...
when you write a program... you usually pass variables around...
the system keeps a "stack of return address/variables" ..what to do
next...
the rootkits tries to make the return address of "foo" program
to give them root access..
- so much for my simplied one-liners..
- a simp
this may seem trivial but i've never really understood how a buffer
overflow happens and effects your system, i have some knowledge of
programming, but not much at low levels. like dealing direct with
memory or devices(other than using standard pointers and reading and
writing to devices thruough
On Wed, Jan 23, 2002 at 06:39:44PM -0600, David Ehle wrote:
> Kriss,
>
> This has to be the most interesting piece of SPAM i've ever run across...
> but this is NOT the correct forum for it. Please refrain from sending
> anything not pertaining to Debian Security to this list in the future.
I wo
Kriss,
This has to be the most interesting piece of SPAM i've ever run across...
but this is NOT the correct forum for it. Please refrain from sending
anything not pertaining to Debian Security to this list in the future.
Just for the record, I am not intersted in purchasing anything and do not
These are the items that iam interested in selling..
Could you help me with some details on the goods, history, origin etc.
are these worth anything and if so who would i contact with regards to
selling them? and the best way to sell them ie auction etc
APOLOGISE IF YOU HAVE ALREADY RECEIVED THIS
Here is a simple example with shellcode. It will give you a nice shell if
there's a /bin/sh on your system :
--
#include
#include
char shellcode[] =
"\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"
> #include
>
> void example()
> {
> char a[10];
> char b[10];
> strcpy(a, "123456789");
> printf ("a: %s\n", a);
> b[20]='X';
> b[21]='Y';
> b[22]='Z';
> printf("a: %s\n", a);
> return;
> }
> main()
> {
> example();
> }
Ralf,
i ran this code
very interesting results, how? i wou
hi,
> anyone to offer any
> explanation will be showered with greatness!
here is an example:
#include
void example()
{
char a[10];
char b[10];
strcpy(a, "123456789");
printf ("a: %s\n", a);
b[20]='X';
b[21]='Y';
b[22]='Z';
printf("a: %s\n", a);
return;
}
main()
{
example();
(2002-01-23) Steve Johnson sed :
| this may seem trivial but i've never really understood how a buffer
| overflow happens and effects your system, i have some knowledge of
| programming, but not much at low levels. like dealing direct with
| memory or devices(other than using standard pointe
hi ya steve...
when you write a program... you usually pass variables around...
the system keeps a "stack of return address/variables" ..what to do
next...
the rootkits tries to make the return address of "foo" program
to give them root access..
- so much for my simplied one-liners..
- a sim
this may seem trivial but i've never really understood how a buffer
overflow happens and effects your system, i have some knowledge of
programming, but not much at low levels. like dealing direct with
memory or devices(other than using standard pointers and reading and
writing to devices thruoug
hi linux-dude
> it indeed sounds VERY interesting (not only to me) :-)
> although I never dealt with special kernel modifications.
> But I'll give it a go..can anyone recommend any other
> kernel security patch sites? ..would be great!
a collection of kernel patches...
http://www.Linux-Sec.n
On Wed, Jan 23, 2002 at 09:02:05AM +0100, Olsen Gerhard-Just wrote:
> Hi I'm investigating the possibility to use Linux box as an IPsec router. I
> want to be able to connect win clients to a LAN over the internet using
> IPsec. there is a win2k server set up with IPsec. Has any one any experience
[EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
>
> it indeed sounds VERY interesting (not only to me) :-)
> although I never dealt with special kernel modifications.
> But I'll give it a go..can anyone recommend any other
> kernel security patch sites? ..would be great!
I never tested it, but it lo
i think ya can find some interesting stuff here:
Kaladix Linux (security patches + the kaladix distro)
http://www.kaladix.org/hypersec.html
LIDS - Linux Intrusion Detection System
http://www.lids.org/
Openwall
http://www.openwall.com/
PaX patch
http://pageexec.virtualave.net/
HAP patch
http://www.
Hello Lars,
Wednesday, January 23, 2002, 9:45:26 AM, you wrote:
LB> On Fri, 2002-01-18 at 22:15, Hassard, Stephen wrote:
>> I'm not sure if anyone has tried this one, but a fairly extensive patch set
>> for the 2.4 series of kernels is available called grsecurity
>> (http://www.grsecurity.net). I
TrafficWoW Daily Newsletter January 21, 2002
Disclaimer: --- This email is NEVER sent unsolicited. THIS IS
NOT SPAM. You are receiving this because you have either answered
classified ad, posted t
On Fri, 2002-01-18 at 10:44, Dries Kimpe wrote:
> After noticing some more portscans (fast, even in order -
> nice snort logs though) I remembered portsentry.
Use portsentry with care. I if am at IP-address A, your server is B and
your most important customer has a gateway address of C, then all
On Fri, 2002-01-18 at 22:15, Hassard, Stephen wrote:
> I'm not sure if anyone has tried this one, but a fairly extensive patch set
> for the 2.4 series of kernels is available called grsecurity
> (http://www.grsecurity.net). It includes whole whacks of stuff (take a look
> at the "features" page ht
Hi I'm investigating the possibility to use Linux box as an IPsec router. I
want to be able to connect win clients to a LAN over the internet using
IPsec. there is a win2k server set up with IPsec. Has any one any experience
with this?
some thoughts:
It needs to completely block ALL other incomin
37 matches
Mail list logo