On Tue, Oct 22, 2002 at 11:10:56PM +0200, Alain Tesio wrote:
# > theres also another one called jailer, but if you want to secure your
# > system, then you have to know well about it, use strace,lsof,mknod,ldd
# > and mount command to create chroot jail system manually.
#
# These are the commands
On Tue, Oct 22, 2002 at 11:10:56PM +0200, Alain Tesio wrote:
# > theres also another one called jailer, but if you want to secure your
# > system, then you have to know well about it, use strace,lsof,mknod,ldd
# > and mount command to create chroot jail system manually.
#
# These are the commands
On Tue, 22 Oct 2002 23:26:55 +0700
Indra Kusuma <[EMAIL PROTECTED]> wrote:
>
> # Yes, jailtool takes Debian Package Dependencies and/or CPAN .packlist
> # files. I didn't know about 'makejail', I think I'll have a look at it...
>
> theres also another one called jailer, but if you want to secure
On Tue, 22 Oct 2002 23:26:55 +0700
Indra Kusuma <[EMAIL PROTECTED]> wrote:
>
> # Yes, jailtool takes Debian Package Dependencies and/or CPAN .packlist
> # files. I didn't know about 'makejail', I think I'll have a look at it...
>
> theres also another one called jailer, but if you want to secure
On Tue, Oct 22, 2002 at 11:36:06PM +0800, Dion Mendel wrote:
> Which files do people exclude when using integrity checkers
> (e.g. aide/tripwire etc)?
I don't typically exclude many files, but I often limit the changes that
tripwire notifies me about. For example, if one of my users changes
their
On Tue, Oct 22, 2002 at 12:37:04PM +0200, Alexander Neumann wrote:
# Yes, jailtool takes Debian Package Dependencies and/or CPAN .packlist
# files. I didn't know about 'makejail', I think I'll have a look at it...
theres also another one called jailer, but if you want to secure your
system, then
On Tue, Oct 22, 2002 at 11:36:06PM +0800, Dion Mendel wrote:
> Which files do people exclude when using integrity checkers
> (e.g. aide/tripwire etc)?
I don't typically exclude many files, but I often limit the changes that
tripwire notifies me about. For example, if one of my users changes
their
[EMAIL PROTECTED] (Dion Mendel) writes:
> I'm not providing an answer, but rather asking another question on this
> topic.
>
> Which files do people exclude when using integrity checkers (e.g.
> aide/tripwire etc)?
>
> Under normal system use, certain files do change (e.g. /etc/mtab,
That does? M
On Tue, Oct 22, 2002 at 11:16:23 -0400, Phillip Hofmeister wrote:
> It seems to me that many recent updates have included packages for
> potato, woody, and sig (sarge?).
AFAIK it's more "a few" than it is "many".
> Is this trend going to continue?
Don't count on it.
> I thought sid/sarge was u
Hi all,
I'm not providing an answer, but rather asking another question on
this topic.
Which files do people exclude when using integrity checkers
(e.g. aide/tripwire etc)?
Under normal system use, certain files do change
(e.g. /etc/mtab, /dev/tty*). Including these files in the integrity
check
It seems to me that many recent updates have included packages for
potato, woody, and sig (sarge?). Is this trend going to continue?
I thought sid/sarge was unsupported...
Regards,
--
Phil
PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg
On Tue, 22 Oct 2002, Arthur de Jong wrote:
> Apart from that I also use tools like debsums to keep me informed of
> integrity (although a lot of packages don't provide all or correct
> md5sums) (maybe I should file some bugreports for wrong md5sums)
you also might want to checkout tiger, it will
Arthur de Jong <[EMAIL PROTECTED]> writes:
> On Tue, 22 Oct 2002, Kjetil Kjernsmo wrote:
>
>> I'd like to ask what people do with their AIDE output at times when a
>> lot of things change on their system?
>>
>> I've gone through the AIDE configuration, and I feel like having
>> configured it well,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 22 Oct 2002, Kjetil Kjernsmo wrote:
> I'd like to ask what people do with their AIDE output at times when a
> lot of things change on their system?
>
> I've gone through the AIDE configuration, and I feel like having
> configured it well, to c
On 2002/10/22 04:27:26PM +0200, Tue, Kjetil Kjernsmo wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi folks!
>
> I'd like to ask what people do with their AIDE output at times when a
> lot of things change on their system?
>
> I've gone through the AIDE configuration, and I feel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi folks!
I'd like to ask what people do with their AIDE output at times when a
lot of things change on their system?
I've gone through the AIDE configuration, and I feel like having
configured it well, to catch the things that might be trojaned wh
On Tue, Oct 22, 2002 at 12:37:04PM +0200, Alexander Neumann wrote:
# Yes, jailtool takes Debian Package Dependencies and/or CPAN .packlist
# files. I didn't know about 'makejail', I think I'll have a look at it...
theres also another one called jailer, but if you want to secure your
system, then
[EMAIL PROTECTED] (Dion Mendel) writes:
> I'm not providing an answer, but rather asking another question on this
> topic.
>
> Which files do people exclude when using integrity checkers (e.g.
> aide/tripwire etc)?
>
> Under normal system use, certain files do change (e.g. /etc/mtab,
That does? M
On Tue, Oct 22, 2002 at 11:16:23 -0400, Phillip Hofmeister wrote:
> It seems to me that many recent updates have included packages for
> potato, woody, and sig (sarge?).
AFAIK it's more "a few" than it is "many".
> Is this trend going to continue?
Don't count on it.
> I thought sid/sarge was u
Hi all,
I'm not providing an answer, but rather asking another question on
this topic.
Which files do people exclude when using integrity checkers
(e.g. aide/tripwire etc)?
Under normal system use, certain files do change
(e.g. /etc/mtab, /dev/tty*). Including these files in the integrity
check
It seems to me that many recent updates have included packages for
potato, woody, and sig (sarge?). Is this trend going to continue?
I thought sid/sarge was unsupported...
Regards,
--
Phil
PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg
On Tue, 22 Oct 2002, Arthur de Jong wrote:
> Apart from that I also use tools like debsums to keep me informed of
> integrity (although a lot of packages don't provide all or correct
> md5sums) (maybe I should file some bugreports for wrong md5sums)
you also might want to checkout tiger, it will
Arthur de Jong <[EMAIL PROTECTED]> writes:
> On Tue, 22 Oct 2002, Kjetil Kjernsmo wrote:
>
>> I'd like to ask what people do with their AIDE output at times when a
>> lot of things change on their system?
>>
>> I've gone through the AIDE configuration, and I feel like having
>> configured it well,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 22 Oct 2002, Kjetil Kjernsmo wrote:
> I'd like to ask what people do with their AIDE output at times when a
> lot of things change on their system?
>
> I've gone through the AIDE configuration, and I feel like having
> configured it well, to c
On 2002/10/22 04:27:26PM +0200, Tue, Kjetil Kjernsmo wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi folks!
>
> I'd like to ask what people do with their AIDE output at times when a
> lot of things change on their system?
>
> I've gone through the AIDE configuration, and I feel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi folks!
I'd like to ask what people do with their AIDE output at times when a
lot of things change on their system?
I've gone through the AIDE configuration, and I feel like having
configured it well, to catch the things that might be trojaned wh
Javier Fernández-Sanguino Peña wrote:
> Funny ,it's the same 'makejail' does. Does jailtool know about
> Debian packages? Once of the nice things about 'makejail' is that it will
> automatically take package dependancies as source of information on which
> files to put in the 'jail'.
Yes, ja
http://packages.debian.org/cgi-bin/search_packages.pl?keywords=jailtool&searchon=names&subword=1&version=all&release=all
Jordi
> > * Chroot
> >
> > The linux system call to jail a subtree.
> >
> > Has to be created and maintained manually.
>
> You can try 'jailtool', if you like:
>
> $ apt
On Sat, Oct 19, 2002 at 01:29:40PM +0200, Alexander Neumann wrote:
> Hi Jesus,
>
> Jesus Climent wrote:
> > * Chroot
> >
> > The linux system call to jail a subtree.
> >
> > Has to be created and maintained manually.
>
> You can try 'jailtool', if you like:
>
> $ apt-cache show jailtool
> [..
On Fri, Oct 18, 2002 at 12:41:37PM -0700, Chris Majewski wrote:
> There is obviously more than one solution here, so I'm looking for
> recommendations. We care about security; we don't want to run any
> services we don't need, etc. Reliability is key, so your uncle's
> friend's broth
On Fri, Oct 18, 2002 at 11:08:52AM -0400, Phillip Hofmeister wrote:
> On Fri, 18 Oct 2002 at 03:50:12PM +0200, [EMAIL PROTECTED] wrote:
> > Why isn't it done by default ?
> You would have to ask the maintainer...
>
Oh! Better: file a bug. No! Wait! It's already done [1]
>:-|
I'm starting to get bored of pople replying nonsense without
tesint it themselves.
On Fri, Oct 18, 2002 at 09:19:01PM +0200, Vasarhelyi asd Daniel wrote:
> > issue(5) might help some of you about pre-login banner and daemon(s)
> > banner version.
> Banner gets diplayed _after_ successful l
Javier Fernández-Sanguino Peña wrote:
> Funny ,it's the same 'makejail' does. Does jailtool know about
> Debian packages? Once of the nice things about 'makejail' is that it will
> automatically take package dependancies as source of information on which
> files to put in the 'jail'.
Yes, ja
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-885
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
http://packages.debian.org/cgi-bin/search_packages.pl?keywords=jailtool&searchon=names&subword=1&version=all&release=all
Jordi
> > * Chroot
> >
> > The linux system call to jail a subtree.
> >
> > Has to be created and maintained manually.
>
> You can try 'jailtool', if you like:
>
> $ apt
On Sat, Oct 19, 2002 at 01:29:40PM +0200, Alexander Neumann wrote:
> Hi Jesus,
>
> Jesus Climent wrote:
> > * Chroot
> >
> > The linux system call to jail a subtree.
> >
> > Has to be created and maintained manually.
>
> You can try 'jailtool', if you like:
>
> $ apt-cache show jailtool
> [..
On Fri, Oct 18, 2002 at 12:41:37PM -0700, Chris Majewski wrote:
> There is obviously more than one solution here, so I'm looking for
> recommendations. We care about security; we don't want to run any
> services we don't need, etc. Reliability is key, so your uncle's
> friend's broth
On Fri, Oct 18, 2002 at 11:08:52AM -0400, Phillip Hofmeister wrote:
> On Fri, 18 Oct 2002 at 03:50:12PM +0200, [EMAIL PROTECTED] wrote:
> > Why isn't it done by default ?
> You would have to ask the maintainer...
>
Oh! Better: file a bug. No! Wait! It's already done [1]
>:-|
I'm starting to get bored of pople replying nonsense without
tesint it themselves.
On Fri, Oct 18, 2002 at 09:19:01PM +0200, Vasarhelyi asd Daniel wrote:
> > issue(5) might help some of you about pre-login banner and daemon(s)
> > banner version.
> Banner gets diplayed _after_ successful l
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-8859-1";
charset="ISO-885
42 matches
Mail list logo
