On Sat, 02 Apr 2005, Florian Ernst wrote:
> I personally do, but for some people information might be better suited
> if it is explicitely spelled out... Just the ldd output alone would
Sure. But I hope my post will make people at least read ldd(1)... That was
the whole point. A new trick on th
Malcolm Ferguson wrote:
Sorry, wrong list. I meant to send to debian-user.
Malc
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Fri, Apr 01, 2005 at 06:03:25PM -0300, Henrique de Moraes Holschuh wrote:
> On Fri, 01 Apr 2005, Florian Ernst wrote:
> > Taken from /usr/share/doc/ssh/README.Debian.gz, more confirmation
> > could be taken from downloading and checking the Debian sources.
>
> ldd is your friend. Use it...
I p
I've just rebuild my server and now it appears that logrotate is failing
for apache:
wolverine:/var/log# logrotate /etc/logrotate.d/apache
error running shared postrotate script for /var/log/apache/*.log
I've run the above command through strace and it looks like logrotate
creates a file in /tmp
On Fri, 01 Apr 2005, Florian Ernst wrote:
> Taken from /usr/share/doc/ssh/README.Debian.gz, more confirmation
> could be taken from downloading and checking the Debian sources.
ldd is your friend. Use it...
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and
On Apr 1, 2005, at 12:10 PM, Henrique de Moraes Holschuh wrote:
On Fri, 01 Apr 2005, martin f krafft wrote:
also sprach Chris Adams <[EMAIL PROTECTED]> [2005.04.01.2143 +0200]:
you somewhat from casual attacks against weak passwords: if
I obtain a copy of a user's password a public-key-only policy
Hello *,
On Fri, Apr 01, 2005 at 02:05:29PM -0600, Brad Sims wrote:
> On Thursday 31 March 2005 11:14 pm, Alvin Oga wrote:
> > but make sure ssh is compiled with tcpwarppers, otherwise that
> > lines are worthless
>
> How are they compiled by default on Sid?
>
> I think that ssh must be compiled
On Fri, 01 Apr 2005, martin f krafft wrote:
> also sprach Chris Adams <[EMAIL PROTECTED]> [2005.04.01.2143 +0200]:
> > you somewhat from casual attacks against weak passwords: if
> > I obtain a copy of a user's password a public-key-only policy
> > means that I still need some sort of privileged ac
On Thursday 31 March 2005 11:14 pm, Alvin Oga wrote:
> but make sure ssh is compiled with tcpwarppers, otherwise that
> lines are worthless
How are they compiled by default on Sid?
I think that ssh must be compiled that way by default as I had to add $WorkIP2
to
allow access from that machine...
also sprach Chris Adams <[EMAIL PROTECTED]> [2005.04.01.2143 +0200]:
> you somewhat from casual attacks against weak passwords: if
> I obtain a copy of a user's password a public-key-only policy
> means that I still need some sort of privileged access to their
> home directory to exploit it - far f
On Apr 1, 2005, at 6:23 AM, Michael Stone wrote:
On Fri, Apr 01, 2005 at 01:23:09AM -0800, Chris Adams wrote:
Or no passwords - if requiring public key authentication is feasible
for a system you can disable password authentication entirely:
I generally consider that to be a horrible idea. Instead
On Fri, Apr 01, 2005 at 12:11:29PM -0300, Henrique de Moraes Holschuh wrote:
Nowadays user passwords often end up being stolen, not broken (trojans,
etc). Keys offer no degraded security in that scenario.
Wrong. It's much harder to force people to change keys than passwords.
It's not impossible,
Ich werde ab 24.03.2005 nicht im Büro sein. Ich kehre zurück am 13.04.2005.
Bei dringenden Anfragen wenden Sie sich bitte an meinen Vertreter Thomas Mirbeth.
Mit freundlichen Grüßen,
Cordula Sonnhalter
Ursprüngliches Thema: [SECURITY] [DSA 697-1] New netkit-telnet packages fix arbitrary code
On Fri, Apr 01, 2005 at 04:59:40PM +0200, Philipp Schulte wrote:
Sure, maybe a user does not handle the key carefully but do you think
they are more careful with their password and don't write it down or
something like this?
I'd rather have them write it down. Paper isn't subject to remote
exploits
I am looking for some good suggestions for setting limits in the limits.conf
file. I am reading the Securing Debian Guide, and it notes that some
suggestions should be added ;). I searched around the net and found good
descriptions of what you can set, but not many suggested default limits. I
un
also sprach Michelle Konzack <[EMAIL PROTECTED]> [2005.04.01.1651 +0200]:
> | Apr 1 00:15:48 samba3 sshd[20455]: Generating 768 bit RSA key.
> | Apr 1 00:15:48 samba3 sshd[20455]: RSA key generation complete.
That's the actual key used to negotiate connection keys. It is being
regenerated once a
On Fri, 01 Apr 2005, Michael Stone wrote:
> On Fri, Apr 01, 2005 at 01:23:09AM -0800, Chris Adams wrote:
> >Or no passwords - if requiring public key authentication is feasible
> >for a system you can disable password authentication entirely:
>
> I generally consider that to be a horrible idea. I
Michael Stone wrote:
> On Fri, Apr 01, 2005 at 01:23:09AM -0800, Chris Adams wrote:
> >Or no passwords - if requiring public key authentication is feasible
> >for a system you can disable password authentication entirely:
>
> I generally consider that to be a horrible idea. Instead of centrally
Hello,
for some seconds I have checked the daily sshd log and seen this:
__( '/var/log/sshd.log' )_
/
| Apr 1 00:15:47 samba3 sshd[6789]: Received SIGHUP; restarting.
| Apr 1 00:15:48 samba3 sshd[20455]: socket: Address family not supported by
pro
On Fri, Apr 01, 2005 at 01:23:09AM -0800, Chris Adams wrote:
Or no passwords - if requiring public key authentication is feasible
for a system you can disable password authentication entirely:
I generally consider that to be a horrible idea. Instead of centrally
managed password policies you now h
On Thu, Mar 31, 2005 at 10:44:53PM -0600, Brad Sims wrote:
>
> Will not having the usual all: local break something?
Yes:
$ ldd `which portmap`
libwrap.so.0 => /lib/libwrap.so.0 (0x4003)
libnsl.so.1 => /lib/libnsl.so.1 (0x40039000)
libc.so.6 => /lib/libc.so.6 (0x4004e
On Mar 31, 2005, at 11:40 PM, Robert Lemmen wrote:
On Thu, Mar 31, 2005 at 10:44:53PM -0600, Brad Sims wrote:
`less /var/log/auth.log|grep Failed|wc -l` shows 185 attempts to
compromise
my machine since March 27th...
of course the only thing that really helps is good passwords,
Or no passwords - i
22 matches
Mail list logo
