In article <[EMAIL PROTECTED]> you wrote:
> With
> apt-secure, any update that does not match what the developer released simply
> won't be installed.
Developers dont release all binary packages and users normally dont download
source packages. So it is not that easy.
Bernd
--
eckes privat - h
In article <[EMAIL PROTECTED]> you wrote:
> With
> apt-secure, any update that does not match what the developer released simply
> won't be installed.
Developers dont release all binary packages and users normally dont download
source packages. So it is not that easy.
Bernd
--
eckes privat - h
In article <[EMAIL PROTECTED]> you wrote:
> 21 sep: hacked, we moved all domain to blah, bluh, blih.
> 22 sep: investiguation started, by X, X. We think it will take X
> hours/day/month/years
> 24 sep: We still investiguate, please be patient, we think we will
> terminate that in two hour/day/mont
In article <[EMAIL PROTECTED]> you wrote:
> 21 sep: hacked, we moved all domain to blah, bluh, blih.
> 22 sep: investiguation started, by X, X. We think it will take X
> hours/day/month/years
> 24 sep: We still investiguate, please be patient, we think we will
> terminate that in two hour/day/mont
Le 12383ième jour après Epoch,
Haim Ashkenazi écrivait:
> Hi
>
> I've got a server at our ISP's server farm which rebooted last night. I've
> contact my ISP and no one there did nothing, also it wasn't a power failure
> because the reboot is written in '/var/log/syslog':
>
> ...
> ov 26 22:26:16 n
unsubscribe
Le 12383ième jour après Epoch,
Haim Ashkenazi écrivait:
> Hi
>
> I've got a server at our ISP's server farm which rebooted last night. I've
> contact my ISP and no one there did nothing, also it wasn't a power failure
> because the reboot is written in '/var/log/syslog':
>
> ...
> ov 26 22:26:16 n
unsubscribe
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Thursday 27 November 2003 17:53, Camillo Särs wrote:
> Hi,
>
> As far as I can tell, apt-secure would have protected against any
> compromise of the archives in this hacking incident. That is, provided
> that the developers keep their private keys secure.
Unfortunately, 32 keys on the current
On Thursday 27 November 2003 17:53, Camillo SÃrs wrote:
> Hi,
>
> As far as I can tell, apt-secure would have protected against any
> compromise of the archives in this hacking incident. That is, provided
> that the developers keep their private keys secure.
Unfortunately, 32 keys on the current
On Nov 26, 2003, at 15:34, Matt Zimmerman wrote:
None of those packages are new; they are all from
security.debian.org and correspnod to security advisories released
since
3.0r1.
Really? There were 13 or so things on 3.0r2 that my machines never
picked up from security.debian.org. Don't stable re
On Nov 26, 2003, at 15:34, Matt Zimmerman wrote:
None of those packages are new; they are all from
security.debian.org and correspnod to security advisories released
since
3.0r1.
Really? There were 13 or so things on 3.0r2 that my machines never
picked up from security.debian.org. Don't sta
On Nov 25, 2003, at 17:16, Dan Jacobson wrote:
With the mailing lists affected, what would average user me do to
learn the latest on the situation,
irc.debian.org #debian
On Nov 25, 2003, at 17:16, Dan Jacobson wrote:
With the mailing lists affected, what would average user me do to
learn the latest on the situation,
irc.debian.org #debian
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Thu, 27 Nov 2003, Camillo Särs wrote:
> I am using apt-secure, but it's not part of stable. What's the real
> plan
> for apt-secure, will it be standard in the next major release? AFAIK,
> there are many wrinkles to be ironed out...
i agree that it would be nice to have the choice of an
On Thu, 27 Nov 2003, Camillo Särs wrote:
> I am using apt-secure, but it's not part of stable. What's the real
> plan
> for apt-secure, will it be standard in the next major release? AFAIK,
> there are many wrinkles to be ironed out...
i agree that it would be nice to have the choice of an
I'm not quite sure if i'm right .. but isn't there a kernel bug
displaying some processes with PID 0 in ps or top.
maybe lkm is using this..
just a thought
greets Werner
> > > Checking `lkm'... You have 4 process hidden for ps command
> > > Warning: Possible LKM Trojan installed
I
signat
I'm not quite sure if i'm right .. but isn't there a kernel bug
displaying some processes with PID 0 in ps or top.
maybe lkm is using this..
just a thought
greets Werner
> > > Checking `lkm'... You have 4 process hidden for ps command
> > > Warning: Possible LKM Trojan installed
I
signat
Hi,
As far as I can tell, apt-secure would have protected against any compromise
of the archives in this hacking incident. That is, provided that the
developers keep their private keys secure. This is precisely the intent of
apt-secure - to remove the need to rely on archives to be trusted.
Hi,
As far as I can tell, apt-secure would have protected against any compromise
of the archives in this hacking incident. That is, provided that the
developers keep their private keys secure. This is precisely the intent of
apt-secure - to remove the need to rely on archives to be trusted.
On Thu, 27 Nov 2003, Dan Jacobson wrote:
> > So, give the people some time and after the details are disclosed -
> > learn from their experience and use it in your work.
>
> Let's examine natural disasters, e.g. a typhoon. The pros agree that
> the public must be able to get to timely reports
On Thu, 27 Nov 2003, Russell Coker wrote:
> On Thu, 27 Nov 2003 04:51, Matt Zimmerman <[EMAIL PROTECTED]> wrote:
> > Big money does not imply big security. Large corporations with lots of
> > money to spend on security are compromised all the time. Obviously, they
> > aren't as forthcoming abo
On Thu, 27 Nov 2003, Dan Jacobson wrote:
> > So, give the people some time and after the details are disclosed -
> > learn from their experience and use it in your work.
>
> Let's examine natural disasters, e.g. a typhoon. The pros agree that
> the public must be able to get to timely reports
On Thu, 27 Nov 2003, Russell Coker wrote:
> On Thu, 27 Nov 2003 04:51, Matt Zimmerman <[EMAIL PROTECTED]> wrote:
> > Big money does not imply big security. Large corporations with lots of
> > money to spend on security are compromised all the time. Obviously, they
> > aren't as forthcoming abo
On Fri, 21 Nov 2003, Matthijs Mohlmann wrote:
> ey,
>
> Maybe some piece of advice. I run a server with the grsecurity patch on
> the kernel maybe that's also an option to run on the debian server(s)
>
> Maybe this is already on the server, when so, i've nothing said.
there are lots ( dozens
On 26 Nov 2003, Michel Verdier wrote:
> [EMAIL PROTECTED] (John Keimel) a écrit :
>
> > We've still got many hours of Wednesday left and if the people in charge
> > of this are like many hackers I know, it'll be near the end of the day
> > before anything would be posted.
>
> Which time zone ?
On Fri, 21 Nov 2003, Matthijs Mohlmann wrote:
> ey,
>
> Maybe some piece of advice. I run a server with the grsecurity patch on
> the kernel maybe that's also an option to run on the debian server(s)
>
> Maybe this is already on the server, when so, i've nothing said.
there are lots ( dozens
On 26 Nov 2003, Michel Verdier wrote:
> [EMAIL PROTECTED] (John Keimel) a écrit :
>
> > We've still got many hours of Wednesday left and if the people in charge
> > of this are like many hackers I know, it'll be near the end of the day
> > before anything would be posted.
>
> Which time zone ?
> So, give the people some time and after the details are disclosed -
> learn from their experience and use it in your work.
Let's examine natural disasters, e.g. a typhoon. The pros agree that
the public must be able to get to timely reports issued from the
disaster control center, via e.g. loca
> So, give the people some time and after the details are disclosed -
> learn from their experience and use it in your work.
Let's examine natural disasters, e.g. a typhoon. The pros agree that
the public must be able to get to timely reports issued from the
disaster control center, via e.g. loca
In article
you wrote:
> Brctl sends network log mesages to all system consoles.
> I have tried modifing syslog but it dos not stop.
it is the kernel who is doing this. You can modify the log-level for kernel
messages with the -c option of klogs (in /etc/init.d/klogd).
Note klogd is not the rea
In article
you wrote:
> Brctl sends network log mesages to all system consoles.
> I have tried modifing syslog but it dos not stop.
it is the kernel who is doing this. You can modify the log-level for kernel
messages with the -c option of klogs (in /etc/init.d/klogd).
Note klogd is not the rea
* George Georgalis ([EMAIL PROTECTED]) [031126 20:55]:
> That aside, I still wonder if we are talking about the same
> thing. It turns out about 160 packages where posted on
> [EMAIL PROTECTED] Nov 19. According to the change
> logs they don't appear as normal bugfixes, but many are like
> "kernel
* George Georgalis ([EMAIL PROTECTED]) [031126 20:55]:
> That aside, I still wonder if we are talking about the same
> thing. It turns out about 160 packages where posted on
> debian-changes@lists.debian.org Nov 19. According to the change
> logs they don't appear as normal bugfixes, but many are
Le mercredi 26 novembre 2003 à 17h39 (+0100), Michel Verdier écrivait :
> Which time zone ? :)
> 17h30 now in Paris, France
And 23h46 now in Hanoi, Vietnam ... ;-))
--
J.C. "プログフ" ANDRÉ <[EMAIL PROTECTED]> http://www.vn.refer.org/
Coordonnateur technique régional / Associé technologie projet Refl
Le mercredi 26 novembre 2003 Ã 17h39 (+0100), Michel Verdier Ãcrivait :
> Which time zone ? :)
> 17h30 now in Paris, France
And 23h46 now in Hanoi, Vietnam ... ;-))
--
J.C. "" ANDRÃ <[EMAIL PROTECTED]> http://www.vn.refer.org/
Coordonnateur technique rÃgional / Associà technologie projet Refl
Hi
I've got a server at our ISP's server farm which rebooted last night. I've
contact my ISP and no one there did nothing, also it wasn't a power failure
because the reboot is written in '/var/log/syslog':
...
ov 26 22:26:16 ns-ilweb1 init: Switching to runlevel: 6
Nov 26 22:26:19 ns-ilweb1 qmail
Hi
I've got a server at our ISP's server farm which rebooted last night. I've
contact my ISP and no one there did nothing, also it wasn't a power failure
because the reboot is written in '/var/log/syslog':
...
ov 26 22:26:16 ns-ilweb1 init: Switching to runlevel: 6
Nov 26 22:26:19 ns-ilweb1 qmail
Also note that if those packages actually did contain malicious code,
uninstalling is a totally pointless exercise. I rather doubt that an
attacker is going to be kind enough to add a remove script for their
rootkit ;)
(I've seen two different people say some variation of this, so I thought
I ough
Also note that if those packages actually did contain malicious code,
uninstalling is a totally pointless exercise. I rather doubt that an
attacker is going to be kind enough to add a remove script for their
rootkit ;)
(I've seen two different people say some variation of this, so I thought
I ough
On Tue, 2003-09-02 at 20:29, Woon Wai Keen @ doubleukay.com wrote:
> - Original Message -
> From: "mario ohnewald" <[EMAIL PROTECTED]>
> To:
> Sent: Tuesday, September 02, 2003 3:53 AM
> Subject: execute application from webinterface
>
>
> > What is the securest way of starting a applic
On Tue, 2003-09-02 at 20:29, Woon Wai Keen @ doubleukay.com wrote:
> - Original Message -
> From: "mario ohnewald" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, September 02, 2003 3:53 AM
> Subject: execute application from webinterface
>
>
> > What is the securest way o
Hi. Does the attack on the servers and the work that has to be done related to
the attack, slow down the development of Sarge very much? I hope the focus is
also on developing new software and not just running a round full of paranoia.
Regards Kenneth.
More or less.. I agree on allmost every point you have made.
The extensive explanation you gave should however been clear
when you tried pointing out the issue.. then the reaction
wouldn't be so hostile (towards you).
Although I agree on the open response that is needed to reasure the
media/user
Dan Jacobson wrote:
> To us debian users, the most notable thing during this break in or
> whatever episode, is how the communication structures crumbled.
It had to be re-installed. You probably know that since you've read
the announcement we were able to send out before the machine was taken
dow
Hi. Does the attack on the servers and the work that has to be done related to
the attack, slow down the development of Sarge very much? I hope the focus is
also on developing new software and not just running a round full of paranoia.
Regards Kenneth.
--
To UNSUBSCRIBE, email to [EMAIL PROTEC
Le 12379ième jour après Epoch,
Jim Hubbard écrivait:
> After the Linux kernel server got hacked a few weeks ago, and now
> this successful attack at Debian, my confidence is shaken.
What kind of confidence? You can trust that every system, every OS,
every program can be hacked/cracked. Nothing is
More or less.. I agree on allmost every point you have made.
The extensive explanation you gave should however been clear
when you tried pointing out the issue.. then the reaction
wouldn't be so hostile (towards you).
Although I agree on the open response that is needed to reasure the
media/user
Dan Jacobson wrote:
> To us debian users, the most notable thing during this break in or
> whatever episode, is how the communication structures crumbled.
It had to be re-installed. You probably know that since you've read
the announcement we were able to send out before the machine was taken
dow
Le 12379ième jour après Epoch,
Jim Hubbard écrivait:
> After the Linux kernel server got hacked a few weeks ago, and now
> this successful attack at Debian, my confidence is shaken.
What kind of confidence? You can trust that every system, every OS,
every program can be hacked/cracked. Nothing is
On Wed, 26 Nov 2003 14:24, Bernd Eckenfels
<[EMAIL PROTECTED]> wrote:
> > I am talking about any file system. When only reading from a file system
> > there should not be any performance difference when comparing a RO mount
> > vs a NOATIME mount. If there is a difference then it's a bug in the
In article <[EMAIL PROTECTED]> you wrote:
> On Wed, 26 Nov 2003 07:45, Chema <[EMAIL PROTECTED]> wrote:
>> RC> Why would you get better performance? If you mount noatime then
>> RC> there's no writes to a file system that is accessed in a read-only
>> RC> fashion and there should not be any perfor
On Wed, 26 Nov 2003 14:24, Bernd Eckenfels
<[EMAIL PROTECTED]> wrote:
> > I am talking about any file system. When only reading from a file system
> > there should not be any performance difference when comparing a RO mount
> > vs a NOATIME mount. If there is a difference then it's a bug in the
In article <[EMAIL PROTECTED]> you wrote:
> Am I right to assume that this is not the lkm kit, but rather some
> weiredness in PID assignment?
it is a ps/kernel bug, try top.
Greetings
Bernd
--
eckes privat - http://www.eckes.org/
Project Freefire - http://www.freefire.org/
In article <[EMAIL PROTECTED]> you wrote:
> On Wed, 26 Nov 2003 07:45, Chema <[EMAIL PROTECTED]> wrote:
>> RC> Why would you get better performance? If you mount noatime then
>> RC> there's no writes to a file system that is accessed in a read-only
>> RC> fashion and there should not be any perfor
Am Di, den 25.11.2003 schrieb Johannes Graumann um 21:18:
> I was just running 'chkrootkit' and came across this warning:
>
> > Checking `lkm'... You have 4 process hidden for ps command
> > Warning: Possible LKM Trojan installed
The same here (debian_sid):
[EMAIL PROTECTED]:~# chkrootkit l
In article <[EMAIL PROTECTED]> you wrote:
> Am I right to assume that this is not the lkm kit, but rather some
> weiredness in PID assignment?
it is a ps/kernel bug, try top.
Greetings
Bernd
--
eckes privat - http://www.eckes.org/
Project Freefire - http://www.freefire.org/
--
To UNSUBSCRIBE,
Am Di, den 25.11.2003 schrieb Johannes Graumann um 21:18:
> I was just running 'chkrootkit' and came across this warning:
>
> > Checking `lkm'... You have 4 process hidden for ps command
> > Warning: Possible LKM Trojan installed
The same here (debian_sid):
[EMAIL PROTECTED]:~# chkrootkit l
To us debian users, the most notable thing during this break in or
whatever episode, is how the communication structures crumbled.
debian-announce had one message on the 21st, five days ago, saying for
more information, see www.debian.org.
Nothing special there, so I checked http://www.debian.org
hi ya
On Tue, 25 Nov 2003, Michael Stone wrote:
> On Sun, Nov 23, 2003 at 01:09:27AM -0500, Jim Hubbard wrote:
> >After the Linux kernel server got hacked a few weeks ago, and now this
> >successful attack at Debian, my confidence is shaken. I hope we'll see full
> >disclosure about exactly wha
To us debian users, the most notable thing during this break in or
whatever episode, is how the communication structures crumbled.
debian-announce had one message on the 21st, five days ago, saying for
more information, see www.debian.org.
Nothing special there, so I checked http://www.debian.org
hi ya
On Tue, 25 Nov 2003, Michael Stone wrote:
> On Sun, Nov 23, 2003 at 01:09:27AM -0500, Jim Hubbard wrote:
> >After the Linux kernel server got hacked a few weeks ago, and now this
> >successful attack at Debian, my confidence is shaken. I hope we'll see full
> >disclosure about exactly wha
62 matches
Mail list logo
