On Thu, 6 Jun 2002 20:28:24 +0200 (MEST),
Thomas Schmid <[EMAIL PROTECTED]> wrote:
> So, I set up my server with aide and tiger to check it's integrity. The
> reports are mailed to root which one is redirected to an other localadress
> and to a second adresse on a other server. My question is now:
On Thu, Jun 06, 2002 at 07:15:24PM +0200, Willi Dyck wrote:
> on a daily basis I do run chkrootkit version 0.31 on a server I
> maintain. Today chkrootkit reported the following:
>
>Checking `lkm'... You have 1 process hidden for readdir command
>You have 1 process hidden for ps command
>
Your situation is pretty vague, but my guess would be iptables rule is
invalid or just not doing what you want it to do . The reason ftp might
still be working through it is because it uses a high port to do the actual
file transfer.
test your rule with something other than ft protocol nc perh
On Thu, 6 Jun 2002, Willi Dyck wrote:
> On Thu, Jun 06, 2002 at 01:33:30PM -0400, Phillip Hofmeister did this all
> over the keyboard:
> > Hi,
> >
> > It is possible your rootkit check sent up a false flag. It is also possible
> > (though unlikely) the attacker rigged the kernel to report any c
Hi,
So, I set up my server with aide and tiger to check it's integrity. The
reports are mailed to root which one is redirected to an other localadress
and to a second adresse on a other server. My question is now: is it
possible to let the mails be pgp encrypted with gnupg so I can check if
the ma
On Thu, Jun 06, 2002 at 01:33:30PM -0400, Phillip Hofmeister did this all over
the keyboard:
> Hi,
>
> It is possible your rootkit check sent up a false flag. It is also possible
> (though unlikely) the attacker rigged the kernel to report any changed
> files with the same data they had before,
On Thu, Jun 06, 2002 at 01:44:20PM -0400, Phillip Hofmeister did this all over
the keyboard:
> All,
>
> There may be a thread on this topic...somwhere...
>
> But, is there a fairly populated pgp keyserver besides
> wwwkeys.pgp.net?
Hi Phillip,
you could try 'host -l pgp.net | grep wwwkeys'.
Or
On Thu, Jun 06, 2002 at 10:49:37AM -0700, Anne Carasik wrote:
> This one time, Phillip Hofmeister wrote:
> > But, is there a fairly populated pgp keyserver besides
> > wwwkeys.pgp.net?
> Here's a whole slew listed at:
>
> http://www.openpgp.net/pgpsrv.html
Or:
http://keyserver.kjsl.com/~jharris
Here's a whole slew listed at:
http://www.openpgp.net/pgpsrv.html
-Anne
This one time, Phillip Hofmeister wrote:
> All,
>
> There may be a thread on this topic...somwhere...
>
> But, is there a fairly populated pgp keyserver besides
> wwwkeys.pgp.net?
>
> Thanks,
>
> Phil
>
>
> --
> To UN
All,
There may be a thread on this topic...somwhere...
But, is there a fairly populated pgp keyserver besides
wwwkeys.pgp.net?
Thanks,
Phil
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
It is possible your rootkit check sent up a false flag. It is also possible
(though unlikely) the attacker rigged the kernel to report any changed
files with the same data they had before, with the same timestamp (this
is a stretch...). If you can afford some down time boot the system
with a
Hi *,
on a daily basis I do run chkrootkit version 0.31 on a server I
maintain. Today chkrootkit reported the following:
Checking `lkm'... You have 1 process hidden for readdir command
You have 1 process hidden for ps command
Warning: Possible LKM Trojan installed
That, of course, got m
On Thu, 6 Jun 2002, Andrew Ferrier wrote:
> For Windows, the ssh client from www.ssh.com is the best I've
> found. Don't know if free for university use though. If you
> want a free client, WinSCP is best I've used, though it's far
> more buggy than the aforementioned.
PSCP and PSFTP (part of the
On 2002-06-06 at 10:18, Alf B Lervåg wrote:
> Date: Thu, 6 Jun 2002 10:18:58 +0200
> From: Alf B Lervåg <[EMAIL PROTECTED]>
> To: debian-security@lists.debian.org
> Subject: secure file transfer (again)
> Resent-Date: Thu, 06 Jun 2002 15:06:26 +0100
> Resent-From: debian-security@lists.debian.org
José Luis Ledesma wrote:
> You can do a chrooted enviroment (see above) And start de sshd witch chroot
> /sbin/sshd -f /etc/sshd_config
>
> Also you can specify the shell of the users in /etc/passwd as
> /sbin/sftp-server if you only want to allow this users do a sftp.
[...]
> -rwsr-xr-x 1 root r
Alf B Lervåg <[EMAIL PROTECTED]> writes:
> ssh is already up and running on the servers, so I'm figuring that the
> sftp server shouldn't be too hard to get running. Problem is making
> things easy to use for our students. (Guess this falls in under the sftp
> client question.)
| zsh/scr 11:36A
Reading the previous thread on secure file transfer, I felt like
starting a thread myself. This summer, I've been assigned the task
of setting up sftp services at our university, so we can phase out ftp.
What I'm asking, is if anyone has any experience with similiar projects,
and if anyone can po
17 matches
Mail list logo
