Re: [sec] debian patched linux kernels

2004-08-16 Thread maximilian attems
On Mon, 16 Aug 2004, LeVA wrote: > Hi! > > Is the debian patched kernels are preferred for server/desktop use, or > they are just minor cosmetic patches? what is the difference between > the kernel.org's kernel source and the debian patched kernel sources? long version read debian/changelog of

Re: Static NAT w/ iptables problem

2004-08-16 Thread Stephen Gran
This one time, at band camp, Markus Trümper said: > > I'm not sure I get you here. Do you want 192.168.1.3 to appear as > > though it's running on 10.80.137.1, > bingo. > > You're just connecting two private networks (one a DMZ), and you set > > aside an IP that will map to the DMZ address, corr

Re: Big security hole in (my config of) PAM

2004-08-16 Thread Noah Meyerhans
On Tue, Aug 17, 2004 at 07:34:42AM +0800, John Darrington wrote: > Whenever I add the line > > authrequired pam_securetty.so It is not due to this line. > authsufficient pam_unix.so nullok_secure This is the problem. You are not requiring that people authenticate, thus an

Big security hole in (my config of) PAM

2004-08-16 Thread John Darrington
Whenever I add the line authrequired pam_securetty.so to my /etc/pam.d/common-auth Then ANY user can log in with ANY password (or with no password at all). Here's the file: #authrequired pam_securetty.so authrequiredpam_nologin.so authsufficient pam_un

Re: Static NAT w/ iptables problem

2004-08-16 Thread Markus Trümper
> I'm not sure I get you here. Do you want 192.168.1.3 to appear as > though it's running on 10.80.137.1, bingo. > You're just connecting two private networks (one a DMZ), and you set > aside an IP that will map to the DMZ address, correct? Yes. Some additional info as to how this problem came to

Re: Static NAT w/ iptables problem

2004-08-16 Thread Markus Trümper
> What is the value of /proc/sys/net/ipv4/ip_forward ? You either have > to set "ip_forward=yes" in /etc/network/options or do something like > $ echo "1" > /proc/sys/net/ipv4/ip_forward /proc/sys/net/ipv4/ip_forward is "1" > If forwarding is already enabled then please send the output of > "ipta

Re: sshd: Logging illegal users

2004-08-16 Thread Greg Folkert
On Sun, 2004-08-15 at 19:46 -0600, s. keeling wrote: > Incoming from Greg Folkert: > > > > Hey, I have found some thing. Rather than repost. I'll share where I > > posted it. > > > > http://z.iwethey.org/forums/render/content/show?contentid=169321 > > "Zope Error" Hmmm... try it again. I get it

debian patched linux kernels

2004-08-16 Thread LeVA
Hi! Is the debian patched kernels are preferred for server/desktop use, or they are just minor cosmetic patches? what is the difference between the kernel.org's kernel source and the debian patched kernel sources? Daniel -- LeVA pgpcftXGXmcM3.pgp Description: PGP signature