i have a firewwall with 2 nics .. its running iptables. the outside
nic forwards port 80 to an internal webserver on an internal ip. this
works great. if an internal host hits the external ip. traffic does
not go to the internal web server. if an external host hits the
external ip traffic
Quoting Roland Mas ([EMAIL PROTECTED]):
> /me suggests the Debian Planet and Debian Help (both .org) websites.
^^^
"Session initialisation failed." Problems?
--
Cheers,A: No.
Rick Moen Q: Should I inclu
i have a firewwall with 2 nics .. its running iptables. the outside
nic forwards port 80 to an internal webserver on an internal ip. this
works great. if an internal host hits the external ip. traffic does
not go to the internal web server. if an external host hits the
external ip traffic
Quoting Roland Mas ([EMAIL PROTECTED]):
> /me suggests the Debian Planet and Debian Help (both .org) websites.
^^^
"Session initialisation failed." Problems?
--
Cheers,A: No.
Rick Moen Q: Should I inclu
On Fri, Nov 28, 2003 at 11:40:12AM -0500, Colin Walters wrote:
> On Fri, 2003-11-28 at 06:03, Forrest L Norvell wrote:
> > Hi!
> >
> > I'm attempting to set up an SELinux system using the Debian packages
> > and am unashamed to admit that I'm a little stuck at the moment.
>
> If you're planning t
On Fri, Nov 28, 2003 at 11:06:40PM +1100, Russell Coker wrote:
> > 2. When I attempt to boot into my SELinux kernel (all packages,
> > versions, and kernel configuration options at the end of this
> > message), I get an error about being unable to find
> > /usr/bin/load_policy, even wi
On Fri, Nov 28, 2003 at 11:40:12AM -0500, Colin Walters wrote:
> On Fri, 2003-11-28 at 06:03, Forrest L Norvell wrote:
> > Hi!
> >
> > I'm attempting to set up an SELinux system using the Debian packages
> > and am unashamed to admit that I'm a little stuck at the moment.
>
> If you're planning t
On Fri, Nov 28, 2003 at 11:06:40PM +1100, Russell Coker wrote:
> > 2. When I attempt to boot into my SELinux kernel (all packages,
> > versions, and kernel configuration options at the end of this
> > message), I get an error about being unable to find
> > /usr/bin/load_policy, even wi
Hi!
On Sat, 29 Nov 2003 05:10, "Martin G.H. Minkler" <[EMAIL PROTECTED]> wrote:
>> A little OT, but http://www.adamantix.org 's distro provides everything
>> and more SELinux has to offer while IMHO being a little easier to handle.
> Adamantix is not Debian. The people subscribed to this list are
Hi!
On Sat, 29 Nov 2003 05:10, "Martin G.H. Minkler" <[EMAIL PROTECTED]> wrote:
>> A little OT, but http://www.adamantix.org 's distro provides everything
>> and more SELinux has to offer while IMHO being a little easier to handle.
> Adamantix is not Debian. The people subscribed to this list are
Karsten M. Self, 2003-11-28 13:30:28 +0100 :
[...]
> - Where to provide information. Personal websites and news
> channels served well, but an advance statement of "here's where
> you should turn in the event of an emergency" would be useful.
/me suggests the Debian Planet and Debian Help
On Sat, 29 Nov 2003 05:10, "Martin G.H. Minkler" <[EMAIL PROTECTED]> wrote:
> A little OT, but http://www.adamantix.org 's distro provides everything
> and more SELinux has to offer while IMHO being a little easier to handle.
Adamantix is not Debian. The people subscribed to this list are here fo
Karsten M. Self, 2003-11-28 13:30:28 +0100 :
[...]
> - Where to provide information. Personal websites and news
> channels served well, but an advance statement of "here's where
> you should turn in the event of an emergency" would be useful.
/me suggests the Debian Planet and Debian Help
This one time, at band camp, Michael Parkinson said:
>
> Umm, I have the same problem.
>
> If I kill Exim and Spamassassin no hidden processes reported.
>
> Under normal load sometimes get 1-7 hidden processes. Was is a state of
> panic but it does appear that Exim and Spamassassin combined do
On Sat, 29 Nov 2003 05:10, "Martin G.H. Minkler" <[EMAIL PROTECTED]> wrote:
> A little OT, but http://www.adamantix.org 's distro provides everything
> and more SELinux has to offer while IMHO being a little easier to handle.
Adamantix is not Debian. The people subscribed to this list are here fo
Le vendredi 28 novembre 2003 à 09h36 (-0500), Stephen Frost écrivait :
> > It says "Somehow they got root [...]", does anybody yet know how?
> Did you *read* what they said?
Mhhh... I think so... But I'm not a native english speaker actually... :)
Did I miss something?
I read this: "(I believe) a
On Fri, Nov 28, 2003 at 04:14:19AM -0800, Karsten M. Self wrote:
> I'll disagree with Martin's comment that the server compromise didn't
> constitute a security issue despite the lack of an archive compromise.
> For someone well versed in Debian procedures, it might have been
> plausible that the a
This one time, at band camp, Michael Parkinson said:
>
> Umm, I have the same problem.
>
> If I kill Exim and Spamassassin no hidden processes reported.
>
> Under normal load sometimes get 1-7 hidden processes. Was is a state of
> panic but it does appear that Exim and Spamassassin combined do
Le vendredi 28 novembre 2003 Ã 09h36 (-0500), Stephen Frost Ãcrivait :
> > It says "Somehow they got root [...]", does anybody yet know how?
> Did you *read* what they said?
Mhhh... I think so... But I'm not a native english speaker actually... :)
Did I miss something?
I read this: "(I believe) a
On Fri, Nov 28, 2003 at 04:14:19AM -0800, Karsten M. Self wrote:
> I'll disagree with Martin's comment that the server compromise didn't
> constitute a security issue despite the lack of an archive compromise.
> For someone well versed in Debian procedures, it might have been
> plausible that the a
Alohá!
A little OT, but http://www.adamantix.org 's distro provides everything
and more SELinux has to offer while IMHO being a little easier to handle.
Don't want to discourage anybody from SELinux, especially not with
kernel 2.6 reaching production status, just my 2c ;-)
best regards
Mar
Alohá!
A little OT, but http://www.adamantix.org 's distro provides everything
and more SELinux has to offer while IMHO being a little easier to handle.
Don't want to discourage anybody from SELinux, especially not with
kernel 2.6 reaching production status, just my 2c ;-)
best regards
Martin
On Thu, Nov 27, 2003 at 06:03:13AM -0500, Anthony DeRobertis wrote:
>
> On Nov 26, 2003, at 15:34, Matt Zimmerman wrote:
> >None of those packages are new; they are all from
> >security.debian.org and correspnod to security advisories released
> >since
> >3.0r1.
>
> Really? There were 13 or so
On Fri, 2003-11-28 at 06:03, Forrest L Norvell wrote:
> Hi!
>
> I'm attempting to set up an SELinux system using the Debian packages
> and am unashamed to admit that I'm a little stuck at the moment.
If you're planning to run a production system, I'd recommend starting
from Debian woody and Brian
On Thu, Nov 27, 2003 at 06:03:13AM -0500, Anthony DeRobertis wrote:
>
> On Nov 26, 2003, at 15:34, Matt Zimmerman wrote:
> >None of those packages are new; they are all from
> >security.debian.org and correspnod to security advisories released
> >since
> >3.0r1.
>
> Really? There were 13 or so
On Fri, 2003-11-28 at 06:03, Forrest L Norvell wrote:
> Hi!
>
> I'm attempting to set up an SELinux system using the Debian packages
> and am unashamed to admit that I'm a little stuck at the moment.
If you're planning to run a production system, I'd recommend starting
from Debian woody and Brian
Le vendredi 28 novembre 2003 à 14h21 (+), Dale Amon écrivait :
> > See there: http://www.secunia.com/advisories/10310/
> Yow! TWO GIGABITS OF SEMICOLONS?
2 giga bytes.
> One would think someone would notice an attack like
> that if it ever occurred!
Not necessarly if we can generate it l
* Jean Christophe ANDR? ([EMAIL PROTECTED]) wrote:
> Le vendredi 28 novembre 2003 à 12h06 (+0100), Boris Stanislavski écrivait :
> > Subject: more details on the recent compromise of debian.org machines
> > Date: Fri, 28 Nov 2003 01:04:00 +
> > http://lists.debian.org/debian-devel-announce/2003
On Fri, Nov 28, 2003 at 07:46:45PM +0700, Jean Christophe ANDR? wrote:
> May be because of the last screen local privilege escalation...?
> See there: http://www.secunia.com/advisories/10310/
Yow! TWO GIGABITS OF SEMICOLONS?
One would think someone would notice an attack like
that if it ever
Le vendredi 28 novembre 2003 Ã 14h21 (+), Dale Amon Ãcrivait :
> > See there: http://www.secunia.com/advisories/10310/
> Yow! TWO GIGABITS OF SEMICOLONS?
2 giga bytes.
> One would think someone would notice an attack like
> that if it ever occurred!
Not necessarly if we can generate it l
* Jean Christophe ANDR? ([EMAIL PROTECTED]) wrote:
> Le vendredi 28 novembre 2003 à 12h06 (+0100), Boris Stanislavski écrivait :
> > Subject: more details on the recent compromise of debian.org machines
> > Date: Fri, 28 Nov 2003 01:04:00 +
> > http://lists.debian.org/debian-devel-announce/2003
On Fri, 28 Nov 2003, Marcel Hicking wrote:
> I'd definitely prefer to have "them" working on getting things
> up and running again and do the forensics. They should waste a
> minute too much on reports that might proove wrong finally anyway.
Minute? Every minute is cucial... So hmm.. They don
On Fri, Nov 28, 2003 at 07:46:45PM +0700, Jean Christophe ANDR? wrote:
> May be because of the last screen local privilege escalation...?
> See there: http://www.secunia.com/advisories/10310/
Yow! TWO GIGABITS OF SEMICOLONS?
One would think someone would notice an attack like
that if it ever
On Fri, Nov 28, 2003 at 01:52:14PM +0100, Kjetil Kjernsmo wrote:
> I learnt on /. that it had been a password compromise, so that meant, it
> was in the generic class of problems. We're always vulnerable towards
> that. But, we're all likely to be vulnerable to the local exploit used
> to gain r
On Fri, 28 Nov 2003, Marcel Hicking wrote:
> I'd definitely prefer to have "them" working on getting things
> up and running again and do the forensics. They should waste a
> minute too much on reports that might proove wrong finally anyway.
Minute? Every minute is cucial... So hmm.. They don
On Fri, Nov 28, 2003 at 01:52:14PM +0100, Kjetil Kjernsmo wrote:
> I learnt on /. that it had been a password compromise, so that meant, it
> was in the generic class of problems. We're always vulnerable towards
> that. But, we're all likely to be vulnerable to the local exploit used
> to gain r
Le vendredi 28 novembre 2003 à 12h06 (+0100), Boris Stanislavski écrivait :
> Subject: more details on the recent compromise of debian.org machines
> Date: Fri, 28 Nov 2003 01:04:00 +
> http://lists.debian.org/debian-devel-announce/2003/debian-devel-announce-200311/msg00012.html
It says "Someh
On Friday 28 November 2003 13:14, Karsten M. Self wrote:
>That announcement wasn't delivered for all users until _after_ murphy
>was resurrected. I myself got the debian-security-announce message
>mailed Nov 21 on 25 Nov 2003 15:16:56 -0800.
Hm, I got that late too, but the (unsigned) announceme
Le vendredi 28 novembre 2003 Ã 12h06 (+0100), Boris Stanislavski Ãcrivait :
> Subject: more details on the recent compromise of debian.org machines
> Date: Fri, 28 Nov 2003 01:04:00 +
> http://lists.debian.org/debian-devel-announce/2003/debian-devel-announce-200311/msg00012.html
It says "Someh
--Thursday, November 27, 2003 12:56:18 -0500 Eric LeBlanc <[EMAIL PROTECTED]>:
> A least, they can stay us informed about their actions... for example:
>
> 21 sep: hacked, we moved all domain to blah, bluh, blih.
> 22 sep: investiguation started, by X, X. We think it will take X
> hours/day/month
on Wed, Nov 26, 2003 at 09:30:05AM +0100, Martin Schulze ([EMAIL PROTECTED])
wrote:
> Dan Jacobson wrote:
> > To us debian users, the most notable thing during this break in or
> > whatever episode, is how the communication structures crumbled.
>
> It had to be re-installed. You probably know th
On Friday 28 November 2003 13:14, Karsten M. Self wrote:
>That announcement wasn't delivered for all users until _after_ murphy
>was resurrected. I myself got the debian-security-announce message
>mailed Nov 21 on 25 Nov 2003 15:16:56 -0800.
Hm, I got that late too, but the (unsigned) announceme
--Thursday, November 27, 2003 12:56:18 -0500 Eric LeBlanc <[EMAIL PROTECTED]>:
> A least, they can stay us informed about their actions... for example:
>
> 21 sep: hacked, we moved all domain to blah, bluh, blih.
> 22 sep: investiguation started, by X, X. We think it will take X
> hours/day/month
On Fri, 28 Nov 2003 22:03, Forrest L Norvell <[EMAIL PROTECTED]> wrote:
> /usr/bin/checkpolicy -o policy policy.conf
> /usr/bin/checkpolicy: loading policy configuration from policy.conf
> ERROR 'attribute file_type is not declared' at token ';' on line 867:
> #
> type device_t, file_type;
> /usr/
On Fri, Nov 28, 2003 at 03:03:08AM -0800, Forrest L Norvell wrote:
> I know I'm not the first person to encounter this error, because I
Yes, I'm working through some of these issues with
Russell as we speak. There are errors in
/etc/mkinitrd/scripts/selinux which builds the initrd
file.
Al
on Wed, Nov 26, 2003 at 09:30:05AM +0100, Martin Schulze ([EMAIL PROTECTED]) wrote:
> Dan Jacobson wrote:
> > To us debian users, the most notable thing during this break in or
> > whatever episode, is how the communication structures crumbled.
>
> It had to be re-installed. You probably know tha
Kjetil Kjernsmo schrieb:
I bet there are a lot of users running around scared, not knowing what
to do really... Any advices for us??
Subject: more details on the recent compromise of debian.org machines
Date: Fri, 28 Nov 2003 01:04:00 +
http://lists.debian.org/debian-devel-announce/2003
François TOURDE wrote:
> Le 12383ième jour après Epoch,
> Haim Ashkenazi écrivait:
>
>> Hi
>>
>> I've got a server at our ISP's server farm which rebooted last night.
>> I've contact my ISP and no one there did nothing, also it wasn't a power
>> failure because the reboot is written in '/var/log/
On Fri, 28 Nov 2003 22:03, Forrest L Norvell <[EMAIL PROTECTED]> wrote:
> /usr/bin/checkpolicy -o policy policy.conf
> /usr/bin/checkpolicy: loading policy configuration from policy.conf
> ERROR 'attribute file_type is not declared' at token ';' on line 867:
> #
> type device_t, file_type;
> /usr/
Hi!
I'm attempting to set up an SELinux system using the Debian packages
and am unashamed to admit that I'm a little stuck at the moment. I
have two problems that I could use some help with:
1. I've done the bare minimum amount of tweaking of the default
policy beyond answering all the quest
hi Matthias,
On Fri, 28 Nov 2003 10:47:50 +0100
Matthias Wieser <[EMAIL PROTECTED]> wrote:
> Does it make sense to use module-disabled kernels to prevent root kits to be
> used with a kernel?
afaik, yes. set CONFIG_MODULES to no. just not compiling any modules is not
enough.
f. soul.
--
,
Op vr 28-11-2003, om 10:47 schreef Matthias Wieser:
Matthias,
AFAIK NO, it doesn't. There were programs to ENABLE modules on a
module-disabled kernel.
> Does it make sense to use module-disabled kernels to prevent root kits to be
> used with a kernel?
>
> Thank you, Matthias Wieser
Regards,
D
On Fri, 28 Nov 2003, Matthias Wieser wrote:
> Does it make sense to use module-disabled kernels to prevent root kits to be
> used with a kernel?
There are other ways to insert code into a running kernel. However, it may
break some automated worms or stop script kiddies who don't quite know
what t
On Fri, Nov 28, 2003 at 03:03:08AM -0800, Forrest L Norvell wrote:
> I know I'm not the first person to encounter this error, because I
Yes, I'm working through some of these issues with
Russell as we speak. There are errors in
/etc/mkinitrd/scripts/selinux which builds the initrd
file.
Al
Kjetil Kjernsmo schrieb:
I bet there are a lot of users running around scared, not knowing what
to do really... Any advices for us??
Subject: more details on the recent compromise of debian.org machines
Date: Fri, 28 Nov 2003 01:04:00 +
http://lists.debian.org/debian-devel-announce/2003/deb
François TOURDE wrote:
> Le 12383ième jour après Epoch,
> Haim Ashkenazi écrivait:
>
>> Hi
>>
>> I've got a server at our ISP's server farm which rebooted last night.
>> I've contact my ISP and no one there did nothing, also it wasn't a power
>> failure because the reboot is written in '/var/log/
Hi!
I'm attempting to set up an SELinux system using the Debian packages
and am unashamed to admit that I'm a little stuck at the moment. I
have two problems that I could use some help with:
1. I've done the bare minimum amount of tweaking of the default
policy beyond answering all the quest
Does it make sense to use module-disabled kernels to prevent root kits to be
used with a kernel?
Thank you, Matthias Wieser
hi Matthias,
On Fri, 28 Nov 2003 10:47:50 +0100
Matthias Wieser <[EMAIL PROTECTED]> wrote:
> Does it make sense to use module-disabled kernels to prevent root kits to be
> used with a kernel?
afaik, yes. set CONFIG_MODULES to no. just not compiling any modules is not
enough.
f. soul.
--
,
Op vr 28-11-2003, om 10:47 schreef Matthias Wieser:
Matthias,
AFAIK NO, it doesn't. There were programs to ENABLE modules on a
module-disabled kernel.
> Does it make sense to use module-disabled kernels to prevent root kits to be
> used with a kernel?
>
> Thank you, Matthias Wieser
Regards,
D
On Fri, 28 Nov 2003, Matthias Wieser wrote:
> Does it make sense to use module-disabled kernels to prevent root kits to be
> used with a kernel?
There are other ways to insert code into a running kernel. However, it may
break some automated worms or stop script kiddies who don't quite know
what t
Bernd Eckenfels wrote:
Developers dont release all binary packages and users normally dont download
source packages. So it is not that easy.
Yes, I did note that "there are many wrinkles to iron out". That's not the
point I am trying to make. I don't think anyone would be foolish enough to
Yes 'we wait for some info...
what's up the he** ???
Is this an open source project or not ???, we use it not only for apt-*** tools.
> On Thu, 27 Nov 2003, Dan Jacobson wrote:
>
> > > So, give the people some time and after the details are disclosed -
> > > learn from their experience and use
Does it make sense to use module-disabled kernels to prevent root kits to be
used with a kernel?
Thank you, Matthias Wieser
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bernd Eckenfels wrote:
Developers dont release all binary packages and users normally dont download
source packages. So it is not that easy.
Yes, I did note that "there are many wrinkles to iron out". That's not the
point I am trying to make. I don't think anyone would be foolish enough to
thin
Yes 'we wait for some info...
what's up the he** ???
Is this an open source project or not ???, we use it not only for apt-*** tools.
> On Thu, 27 Nov 2003, Dan Jacobson wrote:
>
> > > So, give the people some time and after the details are disclosed -
> > > learn from their experience and use
66 matches
Mail list logo
