On Fri, 30 May 2003, Kristof Goossens wrote:
> On Thu, May 29, 2003 at 11:19:24PM -0500, Hanasaki JiJi wrote:
> > I have a nat postrouting rule that passes traffice from the outside
> > world to an internal host to handle port 80 (webserver)
> >
> > there are also rules to drop certain source addr
Hanasaki JiJi wrote on May 29, 2003 at 11:19:24 PM:
> I have a nat postrouting rule that passes traffice from the outside
> world to an internal host to handle port 80 (webserver)
>
> there are also rules to drop certain source addresses yet these
> addresses are still coming through
>
> how c
On Thu, May 29, 2003 at 11:19:24PM -0500, Hanasaki JiJi wrote:
> I have a nat postrouting rule that passes traffice from the outside
> world to an internal host to handle port 80 (webserver)
>
> there are also rules to drop certain source addresses yet these
> addresses are still coming through
I have a nat postrouting rule that passes traffice from the outside
world to an internal host to handle port 80 (webserver)
there are also rules to drop certain source addresses yet these
addresses are still coming through
how can they be dropped?
thanks
--
To UNSUBSCRIBE, email to [EMAIL PRO
On 30 May 2003, Jarno Gassenbauer wrote:
> P.S.: It's a pity that the syslogd socket is located
> at /dev/log and not in an own directory. A hardlink to
> /dev/log would have to be recreated after restarting
> syslogd. Mount-binding the whole /dev directory into
> the jail isn't fun either.
You c
Jarno Gassenbauer said on Fri, May 30, 2003 at 07:56:35PM +0200:
> I'm setting up a chrooted apache. All howto's I found
> _copy_ the required files into the directory that they
> later chroot into.
> Is it OK (read: safe) to use hardlinks and
> "mount --bind" instead?
I don't think so. From wh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> I'm setting up a chrooted apache. All howto's I found _copy_ the
> required files into the directory that they later chroot into.
> Is it OK (read: safe) to use hardlinks and "mount --bind" instead?
[snip]
> The files in /usr/chroot/apache/usr coul
Hi,
I'm setting up a chrooted apache. All howto's I found
_copy_ the required files into the directory that they
later chroot into.
Is it OK (read: safe) to use hardlinks and
"mount --bind" instead?
For example, before doing
# chroot /usr/chroot/apache /usr/sbin/apachectl start
I'd like to setu
On Sat, May 24, 2003 at 04:07:18PM +0200, Cristian Ionescu-Idbohrn wrote:
> Hi,
(...)
> This is the sid distributed package:
>
> ,
> | Package: iproute
> | Maintainer: Juan Cespedes <[EMAIL PROTECTED]>
> | Version: 20010824-9
> `
(...)
>
> Does anyone know of any particular reason why the
|On Wed, 7 May 2003 08:53:40 +0200 Michael Bergbauer
|<[EMAIL PROTECTED]> writes:
|If you
|> think SSH (or any other component) is not trustworthy, just look for
|> alternatives (or create them yourself).
|
|what would be a more secure alternative to ssh?
|
what about ssh over vpn (vtun, openvpn
On Thu, May 29, 2003 at 08:59:15AM -0400, Peter Solodov wrote:
> On Thu, 29 May 2003, Jayson Vantuyl wrote:
> > On Wed, May 28, 2003 at 02:06:21PM +0200, Olaf Dietsche wrote:
> >> Just curious, how do you su to root, if root's password is
> >> disabled? Do you have a modified su replacement?
> >
>
On Fri, 30 May 2003, Kristof Goossens wrote:
> On Thu, May 29, 2003 at 11:19:24PM -0500, Hanasaki JiJi wrote:
> > I have a nat postrouting rule that passes traffice from the outside
> > world to an internal host to handle port 80 (webserver)
> >
> > there are also rules to drop certain source addr
Hanasaki JiJi wrote on May 29, 2003 at 11:19:24 PM:
> I have a nat postrouting rule that passes traffice from the outside
> world to an internal host to handle port 80 (webserver)
>
> there are also rules to drop certain source addresses yet these
> addresses are still coming through
>
> how c
On Thu, May 29, 2003 at 11:19:24PM -0500, Hanasaki JiJi wrote:
> I have a nat postrouting rule that passes traffice from the outside
> world to an internal host to handle port 80 (webserver)
>
> there are also rules to drop certain source addresses yet these
> addresses are still coming through
Hi Jason, hi all
> Server machines, no real desktop users. One of these was a firewall
> that pretty much only had SSH listening. *IF* it was hacked directly
> (rather than being compromised with a sniff'd password), then we've got
> something to target. The timestamps don't support much of any
On 2003-05-29 00:12 -0500, Jayson Vantuyl wrote:
> Question: Can one use a key *AND* a password? That would make me
> really happy. I just don't like getting ahold of a file or a password
> being enough...
You can put a passphrase on the key, if that's what you mean:
ssh-keygen -p
You then ha
16 matches
Mail list logo
