Steve,
I think you may be happier (i.e. spend less time working on this) if you
can drum up a copy of "redir" or "transproxy" for your Cobalt Cube. Both
of these are stable tools that I used quite heavily before the Linux
kernel incorporated a true DNAT (2.4) or port-forwarding (hacked into
2.2).
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> "Dale" == Dale Southard <[EMAIL PROTECTED]> writes:
Dale> If you've done step 1, step 2 is redundant protection. There
Dale> shouldn't be anything listening on 631 anyplace except loopback.
Right, but step 2 has no negative effects (other tha
Steve,
I think you may be happier (i.e. spend less time working on this) if you
can drum up a copy of "redir" or "transproxy" for your Cobalt Cube. Both
of these are stable tools that I used quite heavily before the Linux
kernel incorporated a true DNAT (2.4) or port-forwarding (hacked into
2.2)
On Wed, Apr 10, 2002 at 12:21:13AM +0100, Gareth Bowker wrote:
> On Tue, Apr 09, 2002 at 04:02:34PM -0500, Rob VanFleet wrote:
> > On Tue, Apr 09, 2002 at 07:23:28AM -0700, Luca Filipozzi wrote:
> > >
> > > You run those service locally on each machine only. You don't make them
> > > available to
Torrin <[EMAIL PROTECTED]> writes:
> OK, in summary.
>
> 1. I should set it to listen only on the local interface by setting
>
> Listen 127.0.0.1:631
>
> in the cupsd.conf file.
>
> 2. I should firewall off the port. This part is already done, I just
> don't like to have ports open.
>
> So f
Oops, forgot to send this to the list.
-- Forwarded message --
Date: Thu, 11 Apr 2002 19:09:22 -0500 (CDT)
From: Torrin <[EMAIL PROTECTED]>
To: Emmanuel Lacour <[EMAIL PROTECTED]>
Subject: Re: cups security
Hmmm . . . you forgot,
apt-get install cupsys-driver-gimpprint
gunzip .gz
OK, in summary.
1. I should set it to listen only on the local interface by setting
Listen 127.0.0.1:631
in the cupsd.conf file.
2. I should firewall off the port. This part is already done, I just
don't like to have ports open.
So from what people have said, I guess there isn't a way to run
On Wed, Apr 10, 2002 at 12:21:13AM +0100, Gareth Bowker wrote:
> On Tue, Apr 09, 2002 at 04:02:34PM -0500, Rob VanFleet wrote:
> > On Tue, Apr 09, 2002 at 07:23:28AM -0700, Luca Filipozzi wrote:
> > >
> > > You run those service locally on each machine only. You don't make them
> > > available t
Torrin <[EMAIL PROTECTED]> writes:
> OK, in summary.
>
> 1. I should set it to listen only on the local interface by setting
>
> Listen 127.0.0.1:631
>
> in the cupsd.conf file.
>
> 2. I should firewall off the port. This part is already done, I just
> don't like to have ports open.
>
> So
Oops, forgot to send this to the list.
-- Forwarded message --
Date: Thu, 11 Apr 2002 19:09:22 -0500 (CDT)
From: Torrin <[EMAIL PROTECTED]>
To: Emmanuel Lacour <[EMAIL PROTECTED]>
Subject: Re: cups security
Hmmm . . . you forgot,
apt-get install cupsys-driver-gimpprint
gunzip .g
OK, in summary.
1. I should set it to listen only on the local interface by setting
Listen 127.0.0.1:631
in the cupsd.conf file.
2. I should firewall off the port. This part is already done, I just
don't like to have ports open.
So from what people have said, I guess there isn't a way to run
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> "Luis" == Luis Gómez Miralles <[EMAIL PROTECTED]> writes:
Luis> Why don't you cut access to that port via tcp wrappers? At least
Luis> in my Woody, cups is in inetd.conf: #:OTHER: Other services
Luis> printer stream tcp nowait lp /usr/lib/cups/d
On Thu, Apr 11, 2002 at 09:56:51AM -0500, Torrin wrote:
> Good morning everybody, well at least morning over here in Cali. For
> everybody else, Good afternoon, good evening and good night.
>
> I just installed cups and I was wondering if it's possible to have cups
> run properly without having p
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> "Torrin" == Torrin <[EMAIL PROTECTED]> writes:
Torrin> I just installed cups and I was wondering if it's possible to
Torrin> have cups run properly without having port 631 open. I don't
Torrin> like having ports open, especially since this com
Luis Gómez Miralles <[EMAIL PROTECTED]> writes:
> El jue, 11-04-2002 a las 16:56, Torrin escribió:
> > Good morning everybody, well at least morning over here in Cali. For
> > everybody else, Good afternoon, good evening and good night.
> >
> > I just installed cups and I was wondering if it's p
El jue, 11-04-2002 a las 16:56, Torrin escribió:
> Good morning everybody, well at least morning over here in Cali. For
> everybody else, Good afternoon, good evening and good night.
>
> I just installed cups and I was wondering if it's possible to have cups
> run properly without having port 631
On Thu, Apr 11, 2002 at 09:56:51AM -0500, Torrin wrote:
> Good morning everybody, well at least morning over here in Cali. For
> everybody else, Good afternoon, good evening and good night.
:)) Hi, pal.
> Also, when I installed cups it said something about me needing to do a .
> . .
>
> route a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> "Luis" == Luis Gómez Miralles <[EMAIL PROTECTED]> writes:
Luis> Why don't you cut access to that port via tcp wrappers? At least
Luis> in my Woody, cups is in inetd.conf: #:OTHER: Other services
Luis> printer stream tcp nowait lp /usr/lib/cups/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Said Torrin on Thu, Apr 11, 2002 at 09:56:51AM -0500:
> I just installed cups and I was wondering if it's possible to have
> cups run properly without having port 631 open. I don't like having
> ports open, especially since this computer will be the
Luis Gómez Miralles <[EMAIL PROTECTED]> writes:
> El jue, 11-04-2002 a las 16:56, Torrin escribió:
> > Good morning everybody, well at least morning over here in Cali. For
> > everybody else, Good afternoon, good evening and good night.
> >
> > I just installed cups and I was wondering if it's
Good morning everybody, well at least morning over here in Cali. For
everybody else, Good afternoon, good evening and good night.
I just installed cups and I was wondering if it's possible to have cups
run properly without having port 631 open. I don't like having ports
open, especially since th
El jue, 11-04-2002 a las 16:56, Torrin escribió:
> Good morning everybody, well at least morning over here in Cali. For
> everybody else, Good afternoon, good evening and good night.
>
> I just installed cups and I was wondering if it's possible to have cups
> run properly without having port 63
On Thu, Apr 11, 2002 at 09:56:51AM -0500, Torrin wrote:
> Good morning everybody, well at least morning over here in Cali. For
> everybody else, Good afternoon, good evening and good night.
:)) Hi, pal.
> Also, when I installed cups it said something about me needing to do a .
> . .
>
> route
Thorsten Kruschel <[EMAIL PROTECTED]> writes:
> has anybody an Idea how to create an ICMP Packet with size of 1500 and
> don't Fragment bit set? Or how to filter such Packets generally with
> IPChains?
>
> I've the Problem, that a Maschine cancels the external connection some
> times. No entrys i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Said Torrin on Thu, Apr 11, 2002 at 09:56:51AM -0500:
> I just installed cups and I was wondering if it's possible to have
> cups run properly without having port 631 open. I don't like having
> ports open, especially since this computer will be the
Hi all,
has anybody an Idea how to create an ICMP Packet with size of 1500 and
don't Fragment bit set? Or how to filter such Packets generally with
IPChains?
I've the Problem, that a Maschine cancels the external connection some
times. No entrys in Syslog or anywhere else.
In my Intrusion Detecti
Good morning everybody, well at least morning over here in Cali. For
everybody else, Good afternoon, good evening and good night.
I just installed cups and I was wondering if it's possible to have cups
run properly without having port 631 open. I don't like having ports
open, especially since t
Thorsten Kruschel <[EMAIL PROTECTED]> writes:
> has anybody an Idea how to create an ICMP Packet with size of 1500 and
> don't Fragment bit set? Or how to filter such Packets generally with
> IPChains?
>
> I've the Problem, that a Maschine cancels the external connection some
> times. No entrys
Hi all,
has anybody an Idea how to create an ICMP Packet with size of 1500 and
don't Fragment bit set? Or how to filter such Packets generally with
IPChains?
I've the Problem, that a Maschine cancels the external connection some
times. No entrys in Syslog or anywhere else.
In my Intrusion Detect
It was problem with suexec, in Debian it uses default /var/www
I've corrected it by compile source with my args.
Regards
Michal Novotny
11. dubna 2002 9:14:36, Dmitry Rojkov <[EMAIL PROTECTED]> pise:
>On Wed, Apr 10, 2002 you wrote:
>> Could someone tell me why I still get these messages i
On Sun, Apr 07, 2002 at 09:02:56PM -0500, Rob VanFleet wrote:
You have three issues:
Shared Authentication...
Kerberos or LDAP
File Sharing
Looked at GFS? Could also use NFS I guess. Sigh.
Look at autofs
Security!
On Wed, Apr 10, 2002 you wrote:
> Could someone tell me why I still get these messages in apache?
> "Premature end of script headers: /usr/lib/cgi-bin/php4"
> Is there something wrong with php in debian package?
May be there is something wrong with the config of apache. Have you
added the dir
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Olaf Meeuwissen <[EMAIL PROTECTED]> writes:
> Gabor Kovacs <[EMAIL PROTECTED]> writes:
>
> > Olaf Meeuwissen wrote:
> >
> > > Basically, I'd like to keep the setup as closed as possible so I make
> > > a hole in /etc/dhclient-enter-hooks during the PREINIT stage to let
> > > the DHCPDISCOVER bro
It was problem with suexec, in Debian it uses default /var/www
I've corrected it by compile source with my args.
Regards
Michal Novotny
11. dubna 2002 9:14:36, Dmitry Rojkov <[EMAIL PROTECTED]> pise:
>On Wed, Apr 10, 2002 you wrote:
>> Could someone tell me why I still get these messages
On Sun, Apr 07, 2002 at 09:02:56PM -0500, Rob VanFleet wrote:
You have three issues:
Shared Authentication...
Kerberos or LDAP
File Sharing
Looked at GFS? Could also use NFS I guess. Sigh.
Look at autofs
Security!
36 matches
Mail list logo
