警告！ウイルスチェックサービス

== (BVIRUS GUARD and CHECK SERVICE for E-Mail Powerd by SYMANTEC Scan Engine. (B $B$"$J$?$,Aw$C$?%a!<%k$K%&%#%k%9$rH/8+$7$^$7$?!#(B $B8!CN$5$l$?%&[EMAIL PROTECTED];_$N0Y!"%a!<%k$r:o=|CW$7$^$7$?!#(B $B%a!<%k$rAw?.$7$h$&[

Re: [SECURITY] [DSA 570-1] New libpng packages fix several vulnerabilities

Thx very much :) - Original Message - From: "Martin Schulze" <[EMAIL PROTECTED]> To: "Debian Security Announcements" <[EMAIL PROTECTED]> Sent: Wednesday, October 20, 2004 6:04 PM Subject: [SECURITY] [DSA 570-1] New libpng packages fix several vulnerabilities > -BEGIN PGP SIGNED MESS

Re: PAM tarpit module for repeated SSH login attempts

On Wed, Oct 20, 2004 at 11:50:07AM +0200, martin f krafft wrote: > Well, since you implemented it already, why not make it > configurable. I think per-IP makes more sense. If an IP tries 50 > times to guess my root password, I should not only try to stop it, > I should also not be naive and let it

Re: PAM tarpit module for repeated SSH login attempts

On Wed, Oct 20, 2004 at 02:43:43PM +0200, Martin Reising wrote: Yes, it looks like an easy solution, but remembering the ip connection count, to calculate the sleeptime, should be taken inside the application and not inside the module, IMHO. You'd then have to implement it in every application rat

Re: PAM tarpit module for repeated SSH login attempts

On Wed, 20 Oct 2004, Michael Stone wrote: Inserting and removing firewall rules is simpler than sleeping? no, but you can obtain the real tarpit(TM) effect, and you don't have any processes left sleeping. Anyway, it was just a suggestion I did not mean to criticize anybody's work. bye Giacomo --

Re: PAM tarpit module for repeated SSH login attempts

On Wed, Oct 20, 2004 at 07:55:00AM -0400, Michael Stone wrote: > Well, it is assumed that running a pam module will have some side effect > aside from returning PAM_SUCCESS or PAM_ERR. The fin/rst stuff isn't > possible, but just holding the connection open can easily achived by > running sleep(3)

Re: PAM tarpit module for repeated SSH login attempts

On Wed, Oct 20, 2004 at 02:30:37PM +0200, Giacomo Mulas wrote: What about using the tarpit netfilter module (which is in the patch-o-matic of netfilter) to do the dirty work and have the pam module simply insert/remove firewalling rules? It sounds more like the *nix way of doing things, with sim

Re: PAM tarpit module for repeated SSH login attempts

On Wed, 20 Oct 2004, Michael Stone wrote: Well, it is assumed that running a pam module will have some side effect aside from returning PAM_SUCCESS or PAM_ERR. The fin/rst stuff isn't possible, but just holding the connection open can easily achived by running sleep(3) in the pam module. What about

Re: PAM tarpit module for repeated SSH login attempts

On Wed, Oct 20, 2004 at 01:27:36PM +0200, Martin Reising wrote: On Wed, Oct 20, 2004 at 11:50:07AM +0200, martin f krafft wrote: For a tarpit, the best thing to do would be simply to drop the connection without sending a FIN or RST packet. I don't know if PAM can do this. Otherwise, just hold the c

Re: PAM tarpit module for repeated SSH login attempts

On Wed, Oct 20, 2004 at 11:50:07AM +0200, martin f krafft wrote: > For a tarpit, the best thing to do would be simply to drop the > connection without sending a FIN or RST packet. I don't know if PAM > can do this. > > Otherwise, just hold the connection open for several minutes and do > nothing.

Re: PAM tarpit module for repeated SSH login attempts

also sprach Kevin B. McCarty <[EMAIL PROTECTED]> [2004.10.20.0245 +0200]: > Well, I'm certainly not an expert either, this was my first > attempt at playing with PAM. It's better than what I could have done... > Even if it isn't really a tarpit, it's a nice way to limit the > rate of cracking at

Re: xfree86_4.1.0-16woody4_alpha.changes REJECTED

(replying to my own mail at gun^Wflamethrower-point) On Mon, Oct 18, 2004 at 03:02:47PM +0200, Jeroen van Wolffelaar wrote: > On Mon, Oct 18, 2004 at 07:44:29AM -0500, Branden Robinson wrote: > > Is there a FAQ somewhere that will tell me why I always get "REJECTED" > > mails from katie after subm