Re: restricting outbound access?

On Wed, May 15, 2002 at 09:49:08PM -0500, Steve Meyer wrote: > I have a question. Is there any way to restrict outbound access for all but > a few users? I know with iptables you can block outbound traffic completely > but that wont work in my situation. There are about 150 users of my server

RE: RE:restricting outbound access?

That has been done already the only problem is people compile there own executables. I run a server for kids at a local school and you know how some kids can be. I have already had to ban several users for compiling scripts to launch attacks on other machines. I strictly enforce there accept

Re: restricting outbound access?

> "Steve" == Steve Meyer <[EMAIL PROTECTED]> writes: Steve> I have a question. Is there any way to restrict outbound access Steve> for all but a few users? You can check out the grsecurity patches, which are currently in sid (and probably woody too), package kernel-patch-2.4-grsecurity. I c

RE: restricting outbound access?

How about group access privileges on the offending executables? Seems to me to be the natural method of restricting access to stuff. Curt- > I have a question. Is there any way to restrict outbound > access for all but > a few users? I know with iptables you can block outbound > traffic com

Re: restricting outbound access?

On Wed, May 15, 2002 at 09:49:08PM -0500, Steve Meyer wrote: > I have a question. Is there any way to restrict outbound access for all > but a few users? I know with iptables you can block outbound traffic > completely but that wont work in my situation. There are about 150 users > of my server

restricting outbound access?

I have a question. Is there any way to restrict outbound access for all but a few users? I know with iptables you can block outbound traffic completely but that wont work in my situation. There are about 150 users of my server and only 3 of them need outbound access so I am kind of in a stick

Re: restricting outbound access?

On Wed, May 15, 2002 at 09:49:08PM -0500, Steve Meyer wrote: > I have a question. Is there any way to restrict outbound access for all but > a few users? I know with iptables you can block outbound traffic completely > but that wont work in my situation. There are about 150 users of my server

RE: RE:restricting outbound access?

That has been done already the only problem is people compile there own executables. I run a server for kids at a local school and you know how some kids can be. I have already had to ban several users for compiling scripts to launch attacks on other machines. I strictly enforce there accep

Re: restricting outbound access?

> "Steve" == Steve Meyer <[EMAIL PROTECTED]> writes: Steve> I have a question. Is there any way to restrict outbound access Steve> for all but a few users? You can check out the grsecurity patches, which are currently in sid (and probably woody too), package kernel-patch-2.4-grsecurity. I

RE: restricting outbound access?

How about group access privileges on the offending executables? Seems to me to be the natural method of restricting access to stuff. Curt- > I have a question. Is there any way to restrict outbound > access for all but > a few users? I know with iptables you can block outbound > traffic com

Re: restricting outbound access?

On Wed, May 15, 2002 at 09:49:08PM -0500, Steve Meyer wrote: > I have a question. Is there any way to restrict outbound access for all > but a few users? I know with iptables you can block outbound traffic > completely but that wont work in my situation. There are about 150 users > of my serve

restricting outbound access?

I have a question. Is there any way to restrict outbound access for all but a few users? I know with iptables you can block outbound traffic completely but that wont work in my situation. There are about 150 users of my server and only 3 of them need outbound access so I am kind of in a stic

Re: beach towel

On Wednesday 15 May 2002 04:26 pm, Nathan Ridge wrote: > Could be handy I spose if a server caught on fire, could throw a couple > of towels on top to smoother the fire :) > there's also the fact that we can be secure in the knowledge that linda has picked up the beach towel slack problem in damn

RE: beach towel

Hoopy Froods always know where their towel is. > Could be handy I spose if a server caught on fire, could > throw a couple > of towels on top to smoother the fire :) > > Nathan > > On Wednesday, May 15, 2002, at 06:01 PM, Peter Obermeier wrote: > > > Hi all, > > > > it is a very courios form

Re: beach towel

Could be handy I spose if a server caught on fire, could throw a couple of towels on top to smoother the fire :) Nathan On Wednesday, May 15, 2002, at 06:01 PM, Peter Obermeier wrote: Hi all, it is a very courios form of security, isn't it? linda schrieb: Dear Sirs: We know your esteemed

Re: beach towel

On Wednesday 15 May 2002 04:26 pm, Nathan Ridge wrote: > Could be handy I spose if a server caught on fire, could throw a couple > of towels on top to smoother the fire :) > there's also the fact that we can be secure in the knowledge that linda has picked up the beach towel slack problem in damn

RE: beach towel

Hoopy Froods always know where their towel is. > Could be handy I spose if a server caught on fire, could > throw a couple > of towels on top to smoother the fire :) > > Nathan > > On Wednesday, May 15, 2002, at 06:01 PM, Peter Obermeier wrote: > > > Hi all, > > > > it is a very courios form

Re: beach towel

Could be handy I spose if a server caught on fire, could throw a couple of towels on top to smoother the fire :) Nathan On Wednesday, May 15, 2002, at 06:01 PM, Peter Obermeier wrote: > Hi all, > > it is a very courios form of security, isn't it? > > linda schrieb: > >> Dear Sirs: >> We know

Re: snort not recognizing dns server correctly [closed]

Jeff, 2002-May-06 04:27 -0700: > dafr, 2002-May-03 10:52 -0700: > > Jeff, > > > > I had this problem initially as well when I reconfigured snort, until I > > restarted the service. Quite obvious in retrospect, but when I missed > > it initially, I could see others doing the same. > > > > There is

Re: snort not recognizing dns server correctly [closed]

Jeff, 2002-May-06 04:27 -0700: > dafr, 2002-May-03 10:52 -0700: > > Jeff, > > > > I had this problem initially as well when I reconfigured snort, until I > > restarted the service. Quite obvious in retrospect, but when I missed > > it initially, I could see others doing the same. > > > > There i

Re: What this named log means?

César Augusto Seronni Filho <[EMAIL PROTECTED]> writes: > this messages happened on my messages file: > > named[487]: lame server on '146.73.163.200.in-addr.arpa' (in > '73.163.200.in-add.arpa'?): 200.199.252.68#53 > > what this lame server means?

problem with pop3

Hi guys, I am having one problem with pop3, I am using ipop3d and its working fine to receive messges from my local clients(in my LAN). But when i try to get messages from external client(remote notebooks with dialup connection to Internet using normal ISP) the connection is too slow, i can't fi

What this named log means?

this messages happened on my messages file: named[487]: lame server on '146.73.163.200.in-addr.arpa' (in '73.163.200.in-add.arpa'?): 200.199.252.68#53 what this lame server means? tkx -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTE

Re: OT: Re: beach towel

On Wed, May 15, 2002 at 12:44:42PM +0200, Robert van der Meulen wrote: > > Quoting Alan James ([EMAIL PROTECTED]): > > No, but it can save you from the Ravenous Bugblatter Beast of Traal. > > > > The towel provides security through obscurity. > I'm assuming everybody here knows about > http://www

Re: What this named log means?

César Augusto Seronni Filho <[EMAIL PROTECTED]> writes: > this messages happened on my messages file: > > named[487]: lame server on '146.73.163.200.in-addr.arpa' (in > '73.163.200.in-add.arpa'?): 200.199.252.68#53 > > what this lame server means?

Re: NOCC: cross-site-scripting bug

I just got an answer from upstream: - Forwarded message from Ross Golder <[EMAIL PROTECTED]> - Subject: Re: Fw: Nocc BUg -> Debian packages From: Ross Golder <[EMAIL PROTECTED]> To: Olivier Cahagne <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED], [EMAIL PROTECTED] There's a patch uploaded to t

problem with pop3

Hi guys, I am having one problem with pop3, I am using ipop3d and its working fine to receive messges from my local clients(in my LAN). But when i try to get messages from external client(remote notebooks with dialup connection to Internet using normal ISP) the connection is too slow, i can't f

What this named log means?

this messages happened on my messages file: named[487]: lame server on '146.73.163.200.in-addr.arpa' (in '73.163.200.in-add.arpa'?): 200.199.252.68#53 what this lame server means? tkx -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROT

Re: OT: Re: beach towel

On Wed, May 15, 2002 at 12:44:42PM +0200, Robert van der Meulen wrote: > > Quoting Alan James ([EMAIL PROTECTED]): > > No, but it can save you from the Ravenous Bugblatter Beast of Traal. > > > > The towel provides security through obscurity. > I'm assuming everybody here knows about > http://ww

Re: NOCC: cross-site-scripting bug

I just got an answer from upstream: - Forwarded message from Ross Golder <[EMAIL PROTECTED]> - Subject: Re: Fw: Nocc BUg -> Debian packages From: Ross Golder <[EMAIL PROTECTED]> To: Olivier Cahagne <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED], [EMAIL PROTECTED] There's a patch uploaded to

Re: OT: Re: beach towel

Quoting Alan James ([EMAIL PROTECTED]): > No, but it can save you from the Ravenous Bugblatter Beast of Traal. > > The towel provides security through obscurity. I'm assuming everybody here knows about http://www.systemtoolbox.com/towelday/ ? Greets, Robert -- ( o>

Re: OT: Re: beach towel

On Wed, 15 May 2002 11:37:32 +0200, Simon Langhof <[EMAIL PROTECTED]> wrote: >I wrote: > >> Well, a towel could be your chance to get away from the earth when it >> is destroyed. So is _is_ a form of security :) > >Oops, time to read it again. It is obviously not the towel, that gets you away. No

Re: OT: Re: beach towel

I wrote: > Well, a towel could be your chance to get away from the earth when it > is destroyed. So is _is_ a form of security :) Oops, time to read it again. It is obviously not the towel, that gets you away. Simon -- _| _. _ _ (_|(_|(_|(_) _| -- To UNSUBSCRIBE, email to

OT: Re: beach towel

Peter Obermeier <[EMAIL PROTECTED]> schrieb am Wed, 15 May 2002 10:01:01 +0200: > Hi all, > > it is a very courios form of security, isn't it? Well, a towel could be your chance to get away from the earth when it is destroyed. So is _is_ a form of security :) > linda schrieb: > > > Dear Sirs

Re: OT: Re: beach towel

Quoting Alan James ([EMAIL PROTECTED]): > No, but it can save you from the Ravenous Bugblatter Beast of Traal. > > The towel provides security through obscurity. I'm assuming everybody here knows about http://www.systemtoolbox.com/towelday/ ? Greets, Robert -- ( o>

Re: beach towel

Hi all, it is a very courios form of security, isn't it? linda schrieb: > Dear Sirs: > We know your esteemed company in beach towels from Internet, and pleased to > introduce us as a leading producer of high quality 100% cotton velour printed > towels in China, we sincerely hope to establish

Re: OT: Re: beach towel

On Wed, 15 May 2002 11:37:32 +0200, Simon Langhof <[EMAIL PROTECTED]> wrote: >I wrote: > >> Well, a towel could be your chance to get away from the earth when it >> is destroyed. So is _is_ a form of security :) > >Oops, time to read it again. It is obviously not the towel, that gets you away. N

beach towel

Dear Sirs: We know your esteemed company in beach towels from Internet, and pleased to introduce us as a leading producer of high quality 100% cotton velour printed towels in China, we sincerely hope to establish a long-term business relationship with your esteemed company in this field. Our

Re:

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Romor has it that on Wednesday 15 May 2002 08:16, Oki DZ wrote: > Hi, > I received an email with an .xml attachment; by sanitizer, the file name > was mangled. What is the appropriate behavior for handling xml files? The nearest trash folder. > Thank

Re: OT: Re: beach towel

I wrote: > Well, a towel could be your chance to get away from the earth when it > is destroyed. So is _is_ a form of security :) Oops, time to read it again. It is obviously not the towel, that gets you away. Simon -- _| _. _ _ (_|(_|(_|(_) _| -- To UNSUBSCRIBE, email t

OT: Re: beach towel

Peter Obermeier <[EMAIL PROTECTED]> schrieb am Wed, 15 May 2002 10:01:01 +0200: > Hi all, > > it is a very courios form of security, isn't it? Well, a towel could be your chance to get away from the earth when it is destroyed. So is _is_ a form of security :) > linda schrieb: > > > Dear Si

[no subject]

Hi, I received an email with an .xml attachment; by sanitizer, the file name was mangled. What is the appropriate behavior for handling xml files? Thanks in advance, Oki -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: beach towel

Hi all, it is a very courios form of security, isn't it? linda schrieb: > Dear Sirs: > We know your esteemed company in beach towels from Internet, and pleased to >introduce us as a leading producer of high quality 100% cotton velour printed towels >in China, we sincerely hope to establish a

beach towel

Dear Sirs: We know your esteemed company in beach towels from Internet, and pleased to introduce us as a leading producer of high quality 100% cotton velour printed towels in China, we sincerely hope to establish a long-term business relationship with your esteemed company in this field. Ou

Re:

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Romor has it that on Wednesday 15 May 2002 08:16, Oki DZ wrote: > Hi, > I received an email with an .xml attachment; by sanitizer, the file name > was mangled. What is the appropriate behavior for handling xml files? The nearest trash folder. > Than