RE: vtun

2002-02-09 Thread Magus Ba'al
I'm not entirely positive, but I'm pretty sure you need to add the 2nd connection under tap1, as only one connection can be on tap0 at a time (in the server vtund.conf). You can also search thru the vtun archives, or do a search on google (vtun tap0 multiple client). HTH, Steven "exitus ac

Re: Bug#130876: ssh: -5 discloses too much infomation to an attacker, security

2002-02-09 Thread Lazarus Long
reopen 130876 severity 130876 grave thanks As I have said in the past, this is definitely a security risk. There is no reason that such information should be exposed to attackers. 'dpkg -l ssh' provides a Debian-specific version string, and there is no reason this needs to be exposed to those who

RE: vtun

2002-02-09 Thread Magus Ba'al
I'm not entirely positive, but I'm pretty sure you need to add the 2nd connection under tap1, as only one connection can be on tap0 at a time (in the server vtund.conf). You can also search thru the vtun archives, or do a search on google (vtun tap0 multiple client). HTH, Steven "exitus a

RE: HELP I've been cracked

2002-02-09 Thread Josh
try checking out www.grsecurity.net. It's a collection of patches and a very excellent ACL system written by a friend of mine. It also incorperates the OpenWall / pax patches among other things. - Josh Reynolds On Sat, 9 Feb 2002, Jeff Bonner wrote: > > -Original Message- > > From

Re: Bug#130876: ssh: -5 discloses too much infomation to an attacker, security

2002-02-09 Thread Lazarus Long
reopen 130876 severity 130876 grave thanks As I have said in the past, this is definitely a security risk. There is no reason that such information should be exposed to attackers. 'dpkg -l ssh' provides a Debian-specific version string, and there is no reason this needs to be exposed to those wh

RE: HELP I've been cracked

2002-02-09 Thread Josh
try checking out www.grsecurity.net. It's a collection of patches and a very excellent ACL system written by a friend of mine. It also incorperates the OpenWall / pax patches among other things. - Josh Reynolds On Sat, 9 Feb 2002, Jeff Bonner wrote: > > -Original Message- > > Fro

vtun

2002-02-09 Thread Thomas Kuepper
Hi all. i have a problem with vtun. Is anybody here with knowgledge about vtun? i have one vtun server (type ether device tap0) in this server i have 2 connections added to the config file. my problem is, that only one client can connect. When one client has connectet, the other can't. how coul

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Jakub Jankowski
On 2002-02-09, Brandon High wrote: >> >> should I open(accept) or close(deny, perhaps reject?) the port 113??? [...] >I just don't know what you might need the ident server for. That's why you should read that thread. It was explained there several times, IIRC. s. -- (0> Jakub Jankowski [url

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Tim Haynes
Brandon High <[EMAIL PROTECTED]> writes: >> >> should I open(accept) or close(deny, perhaps reject?) the port 113??? >> > >> >I've got it closed on my machines. I don't know what you might need it >> >for. >> >> We've been through at least once, haven't we? *sigh* Obligatory link:

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Brandon High
On Sat, Feb 09, 2002 at 10:07:45PM +0100, Jakub Jankowski wrote: > On 2002-02-09, Brandon High wrote: > > [...] > >> should I open(accept) or close(deny, perhaps reject?) the port 113??? > > > >I've got it closed on my machines. I don't know what you might need it > >for. > > We've been through a

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Jakub Jankowski
On 2002-02-09, Brandon High wrote: [...] >> should I open(accept) or close(deny, perhaps reject?) the port 113??? > >I've got it closed on my machines. I don't know what you might need it >for. We've been through at least once, haven't we? *sigh* Please read the whole thread: http://lists.debian

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Will Aoki
On Sat, Feb 09, 2002 at 09:39:00PM +0100, Johannes Weiss wrote: > > Hi, > I have a security question: > On my HTTP(s)/MAIL(SMTP,POP,IMAP)/SSH-Server: > should I open(accept) or close(deny, perhaps reject?) the port 113??? Accept if you've chosen to run an ident server; otherwise, reject, but don'

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Brandon High
On Sat, Feb 09, 2002 at 09:39:00PM +0100, Johannes Weiss wrote: > I have a security question: > On my HTTP(s)/MAIL(SMTP,POP,IMAP)/SSH-Server: > should I open(accept) or close(deny, perhaps reject?) the port 113??? I've got it closed on my machines. I don't know what you might need it for. -B --

Port 113 (auth) accept or deny?

2002-02-09 Thread Johannes Weiss
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I have a security question: On my HTTP(s)/MAIL(SMTP,POP,IMAP)/SSH-Server: should I open(accept) or close(deny, perhaps reject?) the port 113??? Thnx Weissi -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http

vtun

2002-02-09 Thread Thomas Kuepper
Hi all. i have a problem with vtun. Is anybody here with knowgledge about vtun? i have one vtun server (type ether device tap0) in this server i have 2 connections added to the config file. my problem is, that only one client can connect. When one client has connectet, the other can't. how cou

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Jakub Jankowski
On 2002-02-09, Brandon High wrote: >> >> should I open(accept) or close(deny, perhaps reject?) the port 113??? [...] >I just don't know what you might need the ident server for. That's why you should read that thread. It was explained there several times, IIRC. s. -- (0> Jakub Jankowski [ur

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Tim Haynes
Brandon High <[EMAIL PROTECTED]> writes: >> >> should I open(accept) or close(deny, perhaps reject?) the port 113??? >> > >> >I've got it closed on my machines. I don't know what you might need it >> >for. >> >> We've been through at least once, haven't we? *sigh* Obligatory link:

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Brandon High
On Sat, Feb 09, 2002 at 10:07:45PM +0100, Jakub Jankowski wrote: > On 2002-02-09, Brandon High wrote: > > [...] > >> should I open(accept) or close(deny, perhaps reject?) the port 113??? > > > >I've got it closed on my machines. I don't know what you might need it > >for. > > We've been through

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Jakub Jankowski
On 2002-02-09, Brandon High wrote: [...] >> should I open(accept) or close(deny, perhaps reject?) the port 113??? > >I've got it closed on my machines. I don't know what you might need it >for. We've been through at least once, haven't we? *sigh* Please read the whole thread: http://lists.debia

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Will Aoki
On Sat, Feb 09, 2002 at 09:39:00PM +0100, Johannes Weiss wrote: > > Hi, > I have a security question: > On my HTTP(s)/MAIL(SMTP,POP,IMAP)/SSH-Server: > should I open(accept) or close(deny, perhaps reject?) the port 113??? Accept if you've chosen to run an ident server; otherwise, reject, but don

RE: HELP I've been cracked

2002-02-09 Thread Jeff Bonner
> -Original Message- > From: Henrique de Moraes Holschuh [mailto:[EMAIL PROTECTED] > Sent: Saturday, February 09, 2002 12:40 PM > To: Tina Embrey [mailto:[EMAIL PROTECTED] > Cc: debian-security@lists.debian.org > Subject: Re: HELP I've been cracked > > My Debian 2.2 Potato and Woody Server

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Brandon High
On Sat, Feb 09, 2002 at 09:39:00PM +0100, Johannes Weiss wrote: > I have a security question: > On my HTTP(s)/MAIL(SMTP,POP,IMAP)/SSH-Server: > should I open(accept) or close(deny, perhaps reject?) the port 113??? I've got it closed on my machines. I don't know what you might need it for. -B --

Port 113 (auth) accept or deny?

2002-02-09 Thread Johannes Weiss
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I have a security question: On my HTTP(s)/MAIL(SMTP,POP,IMAP)/SSH-Server: should I open(accept) or close(deny, perhaps reject?) the port 113??? Thnx Weissi -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see htt

Re: HELP I've been cracked

2002-02-09 Thread Henrique de Moraes Holschuh
On Sun, 10 Feb 2002, Tina Embrey wrote: > My Debian 2.2 Potato and Woody Servers have been attacked by a cracker who > has installed a 'root kit' and broke ps and several other core components > of the OS. Well, I hope you had backups of all the data on that servers, because you will have to reins

RE: HELP I've been cracked

2002-02-09 Thread Jeff Bonner
> -Original Message- > From: Henrique de Moraes Holschuh [mailto:[EMAIL PROTECTED]] > Sent: Saturday, February 09, 2002 12:40 PM > To: Tina Embrey [mailto:[EMAIL PROTECTED]] > Cc: [EMAIL PROTECTED] > Subject: Re: HELP I've been cracked > > My Debian 2.2 Potato and Woody Servers have been

Re: HELP I've been cracked

2002-02-09 Thread Henrique de Moraes Holschuh
On Sun, 10 Feb 2002, Tina Embrey wrote: > My Debian 2.2 Potato and Woody Servers have been attacked by a cracker who > has installed a 'root kit' and broke ps and several other core components > of the OS. Well, I hope you had backups of all the data on that servers, because you will have to rein