On Wed, 16 May 2001 12:53:50 +0600
Igor Goldenberg <[EMAIL PROTECTED]> wrote:
> On Tue, May 15, 2001 at 10:04:07PM -0700, Alexander Hvostov wrote:
>
> > Note that my MUA, Sylpheed, was moved from main to non-US in the last
> > upgrade,
> > since the maintainer dec
On Wed, 16 May 2001 12:53:50 +0600
Igor Goldenberg <[EMAIL PROTECTED]> wrote:
> On Tue, May 15, 2001 at 10:04:07PM -0700, Alexander Hvostov wrote:
>
> > Note that my MUA, Sylpheed, was moved from main to non-US in the last upgrade,
> > since the maintainer decided t
On 15 May 2001 21:58:40 -0700
[EMAIL PROTECTED] (Thomas Bushnell, BSG) wrote:
> Peter Cordes <[EMAIL PROTECTED]> writes:
>
> > It should be possible with netscape. Mozilla in Debian is not making much
> > progress, because the maintainer doesn't want to do anything until someone
> > decides whe
On 15 May 2001 21:58:40 -0700
[EMAIL PROTECTED] (Thomas Bushnell, BSG) wrote:
> Peter Cordes <[EMAIL PROTECTED]> writes:
>
> > It should be possible with netscape. Mozilla in Debian is not making much
> > progress, because the maintainer doesn't want to do anything until someone
> > decides wh
On Sun, 8 Apr 2001 18:04:54 -0400
"Robert Bartels" <[EMAIL PROTECTED]> wrote:
> I saw this in my logs today.
>
> Apr 8 15:08:43 mikado rpc.statd[179]: gethostbyname error for
> ^X÷ÿ¿^X÷ÿ¿^Y÷ÿ¿^Y÷ÿ¿^Z÷ÿ¿^Z÷ÿ¿^[÷ÿ¿^[÷ÿ¿%8x%8x%8x%8x%8x%8x%8x%8x%8x%236x%n%1
> 37x%n%10x%n%192x%n\220\220\220\220\220\2
On Sun, 8 Apr 2001 18:04:54 -0400
"Robert Bartels" <[EMAIL PROTECTED]> wrote:
> I saw this in my logs today.
>
> Apr 8 15:08:43 mikado rpc.statd[179]: gethostbyname error for
> ^X÷ÿ¿^X÷ÿ¿^Y÷ÿ¿^Y÷ÿ¿^Z÷ÿ¿^Z÷ÿ¿^[÷ÿ¿^[÷ÿ¿%8x%8x%8x%8x%8x%8x%8x%8x%8x%236x%n%1
> 37x%n%10x%n%192x%n\220\220\220\220\220\
On 07 Apr 2001 09:34:44 +0200
Berend De Schouwer <[EMAIL PROTECTED]> wrote:
> On 07 Apr 2001 01:27:54 -0700, Tim Uckun wrote:
> > What service runs on UDP port 1035? I did not see it in /etc/services and
> > netstat says that it's active along with tcp 1 and 6 (and others but I know
> > those).
On 07 Apr 2001 09:34:44 +0200
Berend De Schouwer <[EMAIL PROTECTED]> wrote:
> On 07 Apr 2001 01:27:54 -0700, Tim Uckun wrote:
> > What service runs on UDP port 1035? I did not see it in /etc/services and
> > netstat says that it's active along with tcp 1 and 6 (and others but I know
> > those).
On Sat, 24 Mar 2001 01:14:31 -0900
Ethan Benson <[EMAIL PROTECTED]> wrote:
> On Sat, Mar 24, 2001 at 12:39:03AM -0500, Daniel Jacobowitz wrote:
> >
> > Vsftpd does, too.
>
> i have read GnuPG has code to use a capability to allocate secure
> memory instead of using suid, but its only really usefu
On Sat, 24 Mar 2001 01:14:31 -0900
Ethan Benson <[EMAIL PROTECTED]> wrote:
> On Sat, Mar 24, 2001 at 12:39:03AM -0500, Daniel Jacobowitz wrote:
> >
> > Vsftpd does, too.
>
> i have read GnuPG has code to use a capability to allocate secure
> memory instead of using suid, but its only really usef
On Fri, 23 Mar 2001 22:23:59 -0800
Wade Richards <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> I've received the following log message
> kernel: eth0: Something Wicked happened! 001a.
> a few times. I've read through the source for the driver, and it doesn't
> appear to denote an extremely Wic
On Fri, 23 Mar 2001 22:23:59 -0800
Wade Richards <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> I've received the following log message
> kernel: eth0: Something Wicked happened! 001a.
> a few times. I've read through the source for the driver, and it doesn't
> appear to denote an extremely Wi
[EMAIL PROTECTED] wrote:
Hello.
I have been setting up a webserver that users need to acess remotely.
The problem is that I don't like the way that ftp sends passwords
plaintext. I am currently useing proftpd, as I also require the
ability to chroot users into thier own directories. Now, esse
[EMAIL PROTECTED] wrote:
> Hello.
>
> I have been setting up a webserver that users need to acess remotely.
> The problem is that I don't like the way that ftp sends passwords
> plaintext. I am currently useing proftpd, as I also require the
> ability to chroot users into thier own directories.
Kozman,
SAFT is a nifty little protocol that lets you send a file to some other
user on the internet without them having to explicitly accept it. Instead,
the SAFT server will receive the file and place it in a queue for access
later on. The protocol itself is quite new; an implementation is in th
Daniel,
Wouldn't surprise me. Often these kinds of things are done from
compromised hosts, so that they don't reveal the true identity of the
attacker (who, obviously, doesn't want to go to jail ;).
Regards,
Alex.
On Mon, 5 Mar 2001, [iso-8859-2] Szabó Dániel wrote:
> Hello.
> My packet filter
Kozman,
SAFT is a nifty little protocol that lets you send a file to some other
user on the internet without them having to explicitly accept it. Instead,
the SAFT server will receive the file and place it in a queue for access
later on. The protocol itself is quite new; an implementation is in t
Daniel,
Wouldn't surprise me. Often these kinds of things are done from
compromised hosts, so that they don't reveal the true identity of the
attacker (who, obviously, doesn't want to go to jail ;).
Regards,
Alex.
On Mon, 5 Mar 2001, [iso-8859-2] Szabó Dániel wrote:
> Hello.
> My packet filte
On Mon, 5 Mar 2001, Jaan Sarv wrote:
> > Also, paranoid network administrators might be a little upset by it, since
> > Linux sends out a frame indicating it is switching into (or out
> > of) promiscuous mode. This is possible evidence that you're running a
> > sniffer of some kind (such as snort)
On Mon, 5 Mar 2001, Jaan Sarv wrote:
> > Also, paranoid network administrators might be a little upset by it, since
> > Linux sends out a frame indicating it is switching into (or out
> > of) promiscuous mode. This is possible evidence that you're running a
> > sniffer of some kind (such as snort
Jeff,
It can potentially slow your machine down somewhat, as now the kernel has
to handle each and every frame transmitted on the network eth0 is attached
to, rather than only the ones addressed to your machine and
broadcasts. Quite a lot of load if your system isn't addressed much on a
high-traff
Jeff,
It can potentially slow your machine down somewhat, as now the kernel has
to handle each and every frame transmitted on the network eth0 is attached
to, rather than only the ones addressed to your machine and
broadcasts. Quite a lot of load if your system isn't addressed much on a
high-traf
t flame
me. I'm thin-skinned. ]
On Thu, 1 Mar 2001, Seth Arnold wrote:
> * Alexander Hvostov <[EMAIL PROTECTED]> [010301 22:35]:
> > That's why you create classes under packages other than `java' or
> > `javax'. The Java API proper is in the `java' and `jav
t flame
me. I'm thin-skinned. ]
On Thu, 1 Mar 2001, Seth Arnold wrote:
> * Alexander Hvostov <[EMAIL PROTECTED]> [010301 22:35]:
> > That's why you create classes under packages other than `java' or
> > `javax'. The Java API proper is in the `java' and `jav
Matthias,
netstat -atp | less
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P--- L++>++$ E+ W+(-) N+ o? K?
w---()
!O !M !V PS+(++)>+ PE-(--) Y+>+ PGP t+>+
Matthias,
netstat -atp | less
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P--- L++>++$ E+ W+(-) N+ o? K? w---()
!O !M !V PS+(++)>+ PE-(--) Y+>+ PGP t+>+
Lucien,
I've proposed a secure by default configuration for new Debian
installations on this list before. It drew harsh criticism from at least
one person whose belief it was that those who lack the knowledge to secure
their systems deserve to be rooted. Because of this attitude, and the
fact that
Lucien,
I've proposed a secure by default configuration for new Debian
installations on this list before. It drew harsh criticism from at least
one person whose belief it was that those who lack the knowledge to secure
their systems deserve to be rooted. Because of this attitude, and the
fact tha
Mohammed,
Check /etc/hosts.deny and /etc/hosts.allow. It looks like tcpd is refusing
the connection. The problem may also be caused by improper DNS entries for
the machine you're trying to connect from.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
Mohammed,
Check /etc/hosts.deny and /etc/hosts.allow. It looks like tcpd is refusing
the connection. The problem may also be caused by improper DNS entries for
the machine you're trying to connect from.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED
Hello,
I'm trying to get the `limit' match support in iptables/netfilter to be
inverted in the sense that it only matches when the limit has been
exceeded. For instance, to log a flood:
iptables -I INPUT -m limit ! --limit 1/s -j LOG
However, for some reason, the `!' flag does not seem to change
Hello,
I'm trying to get the `limit' match support in iptables/netfilter to be
inverted in the sense that it only matches when the limit has been
exceeded. For instance, to log a flood:
iptables -I INPUT -m limit ! --limit 1/s -j LOG
However, for some reason, the `!' flag does not seem to chang
Rando,
I suggest using a signal other than SIGKILL in that instance. :P
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P--- L++>++$ E+ W+(-) N+ o? K?
w---()
Rando,
I suggest using a signal other than SIGKILL in that instance. :P
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P--- L++>++$ E+ W+(-) N+ o? K? w---()
Henning,
While the `unstable' version of Debian, named `woody', now comes with
XFree86 4.0 (which supports your GeForce), I don't imagine a newbie would
be too comfortable running the unstable distribution...
By the way, can I have your equipment? A Descent monitor? Cool!! I have
_got_ to see tha
Jochen,
mkdir /usr/local/bin/restricted;ln -s
/usr/local/bin/restricted/;...
export PATH=/usr/local/bin/restricted;exec rbash
...boom. Now only the commands you want the user to be able to run will be
available. Shell scripts, however, continue to work fine, since their
`hash bang' doesn't pay
Henning,
While the `unstable' version of Debian, named `woody', now comes with
XFree86 4.0 (which supports your GeForce), I don't imagine a newbie would
be too comfortable running the unstable distribution...
By the way, can I have your equipment? A Descent monitor? Cool!! I have
_got_ to see th
Jochen,
mkdir /usr/local/bin/restricted;ln -s
/usr/local/bin/restricted/;...
export PATH=/usr/local/bin/restricted;exec rbash
...boom. Now only the commands you want the user to be able to run will be
available. Shell scripts, however, continue to work fine, since their
`hash bang' doesn't pay
Jason,
What exactly does this have to do with security? Ask this on debian-user
or something.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P--- L++>++$ E+
Jason,
What exactly does this have to do with security? Ask this on debian-user
or something.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P--- L++>++$ E+
Use PuTTY. Go to http://www.openssh.com/, click on "Alternatives -> For
Windows & Mac", and at the top is PuTTY.
SSH2 support was only added quite recently, though, and hasn't made it
into the stable distribution as of yet. Still, I use it whenever SSHing
from Windows boxes. It's a small download,
Use PuTTY. Go to http://www.openssh.com/, click on "Alternatives -> For
Windows & Mac", and at the top is PuTTY.
SSH2 support was only added quite recently, though, and hasn't made it
into the stable distribution as of yet. Still, I use it whenever SSHing
from Windows boxes. It's a small download
e--> h! !r y>+++
--END GEEK CODE BLOCK--
On Thu, 2 Nov 2000, Robert Varga wrote:
>
>
> On Wed, 1 Nov 2000, Patrick Maheral wrote:
>
> > On Wed, 1 Nov 2000, Alexander Hvostov wrote:
> > > Penguin,
> > >
> > > Because the patents and IP o
e--> h! !r y>+++
--END GEEK CODE BLOCK--
On Thu, 2 Nov 2000, Robert Varga wrote:
>
>
> On Wed, 1 Nov 2000, Patrick Maheral wrote:
>
> > On Wed, 1 Nov 2000, Alexander Hvostov wrote:
> > > Penguin,
> > >
> > > Because the patents and IP o
Penguin,
Because the patents and IP on your radio expired a long time ago. The ones
on the algorithms haven't. :)
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL+++
Penguin,
I hope you know assembly and don't mind being sued...
In other words, it's impossible, for legal reasons. The owners of those
proprietary algorithms are highly unlikely to think twice about putting
you on the street.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367
Penguin,
Because the patents and IP on your radio expired a long time ago. The ones
on the algorithms haven't. :)
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL++
Penguin,
I hope you know assembly and don't mind being sued...
In other words, it's impossible, for legal reasons. The owners of those
proprietary algorithms are highly unlikely to think twice about putting
you on the street.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367
Thomas,
Make sure you have the latest version of libdb2 as well. For that matter,
make sure you have the latest version of everything. I have ldconfig, and
it's owned by libc6, so I'm not sure how you got that...
By the way, what's this got to do with debian-security?
Regards,
Alex.
---
PGP/GP
Thomas,
Make sure you have the latest version of libdb2 as well. For that matter,
make sure you have the latest version of everything. I have ldconfig, and
it's owned by libc6, so I'm not sure how you got that...
By the way, what's this got to do with debian-security?
Regards,
Alex.
---
PGP/G
Mo,
Red Hat security is always lousy ;)
Unlike Red Hat, Debian gets security bugs and such fixed in a timely
manner, especially if you are using the current `unstable' distribution
(which is presently `woody'); `at' should be fine. Be sure to get security
updates from security.debian.org if you d
Mo,
Red Hat security is always lousy ;)
Unlike Red Hat, Debian gets security bugs and such fixed in a timely
manner, especially if you are using the current `unstable' distribution
(which is presently `woody'); `at' should be fine. Be sure to get security
updates from security.debian.org if you
Wesley,
e2fsck -f should find and clean that up, but I _strongly_ advise you to
reinstall completely. Rooted boxes are like some forms of cancer -- no
matter how hard you try, you just can't get the "disease" (or the script
kiddie, in your case) to go away. Reinstallation is your only real option.
Wesley,
e2fsck -f should find and clean that up, but I _strongly_ advise you to
reinstall completely. Rooted boxes are like some forms of cancer -- no
matter how hard you try, you just can't get the "disease" (or the script
kiddie, in your case) to go away. Reinstallation is your only real option
Peter,
dpkg-divert --local --rename
# enable daemon again
dpkg-divert --local --rename --remove
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L++
Florian and all,
ippl is a generally better program than iplogger. (this is by ippl's
design ;)
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L+++>+
Florian and all,
ippl is a generally better program than iplogger. (this is by ippl's
design ;)
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L+++>+
Thomas,
Create a rule for each possible source address, i.e.:
for i in 127.0.0.1 192.168.1.1 192.168.1.2 192.168.1.3; do
ipchains -A input -s $i
done
That will set up counters for traffic coming from 127.0.0.1, 192.168.1.1,
192.168.1.2, and 192.168.1.3, all with their own counters. Alternative
Thomas,
Create a rule for each possible source address, i.e.:
for i in 127.0.0.1 192.168.1.1 192.168.1.2 192.168.1.3; do
ipchains -A input -s $i
done
That will set up counters for traffic coming from 127.0.0.1, 192.168.1.1,
192.168.1.2, and 192.168.1.3, all with their own counters. Alternativ
Thomas,
Shave off the `-j ACCEPT' from the end of that ipchains rule! Read the man
page for more.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L+++>
Thomas,
Shave off the `-j ACCEPT' from the end of that ipchains rule! Read the man
page for more.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L+++
>+ PE- Y+ PGP t+ !5 X-- !R tv b DI D++
G>+++ e-- h! !r y
--END GEEK CODE BLOCK--
On Fri, 7 Jul 2000, Wichert Akkerman wrote:
> Previously Alexander Hvostov wrote:
> > It still needs to be fixed, and I'm glad someone decided to audit proftpd.
>
> W
Marco,
No. What I gather here is that Koala has his own LAN, as well as a
corporate intranet, which is then connected to the Internet by
masquerading. He wants a router between his own LAN and the corporate
intranet. That router must forward Internet-bound datagrams from his LAN
to the corporate r
>+ PE- Y+ PGP t+ !5 X-- !R tv b DI D++
G>+++ e-- h! !r y
--END GEEK CODE BLOCK--
On Fri, 7 Jul 2000, Wichert Akkerman wrote:
> Previously Alexander Hvostov wrote:
> > It still needs to be fixed, and I'm glad someone decided to audit proftpd.
>
> W
Marco,
No. What I gather here is that Koala has his own LAN, as well as a
corporate intranet, which is then connected to the Internet by
masquerading. He wants a router between his own LAN and the corporate
intranet. That router must forward Internet-bound datagrams from his LAN
to the corporate
Johan,
It still needs to be fixed, and I'm glad someone decided to audit proftpd.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L+++>+ E+>+ W+(-) N o
Johan,
It still needs to be fixed, and I'm glad someone decided to audit proftpd.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L+++>+ E+>+ W+(-) N
EEK CODE BLOCK--
On Tue, 4 Jul 2000, thomas lakofski wrote:
> Alex,
>
> not from what I've seen -- users just get the standard 'access denied' as
> if they had entered the wrong password. telnet works as expected.
>
> regards,
>
> -thomas
>
>
EEK CODE BLOCK--
On Tue, 4 Jul 2000, thomas lakofski wrote:
> Alex,
>
> not from what I've seen -- users just get the standard 'access denied' as
> if they had entered the wrong password. telnet works as expected.
>
> regards,
>
> -thomas
>
>
Dennis,
We don't want you to leave debian-security. ;)
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L+++>+ E+>+ W+(-) N o? K?
w--()
!O M- !V PS+>+
Thomas,
The old password is requested first.. ;P
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L+++>+ E+>+ W+(-) N o? K?
w--()
!O M- !V PS+>+ PE- Y
Dennis,
We don't want you to leave debian-security. ;)
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L+++>+ E+>+ W+(-) N o? K? w--()
!O M- !V PS+>+
Thomas,
The old password is requested first.. ;P
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L+++>+ E+>+ W+(-) N o? K? w--()
!O M- !V PS+>+ PE- Y
Christopher,
If you have access to WinNT source, you must be of some importance to
Micro$oft (or perhaps they are to you), so why are you on this mailing
list?
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version:
Christopher,
If you have access to WinNT source, you must be of some importance to
Micro$oft (or perhaps they are to you), so why are you on this mailing
list?
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version:
Wichert,
So is root's password. ;)
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L+++>+ E+>+ W+(-) N o? K?
w--()
!O M- !V PS+>+ PE- Y+ PGP t+ !5 X-
Wichert,
So is root's password. ;)
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P---() L+++>+ E+>+ W+(-) N o? K? w--()
!O M- !V PS+>+ PE- Y+ PGP t+ !5 X-
Thor,
Disable booting from floppy in BIOS, password protect LILO, install
chassis intrusion detection system wired to gun turrets with 50mm heavy
machine guns...
...okay, I think I'm going a little overboard here... ;)
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B4
Thor,
Disable booting from floppy in BIOS, password protect LILO, install
chassis intrusion detection system wired to gun turrets with 50mm heavy
machine guns...
...okay, I think I'm going a little overboard here... ;)
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B
Tollef,
There are other security bugs that 2.2.16 fixes, y'know.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv
Tollef,
There are other security bugs that 2.2.16 fixes, y'know.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R t
--END GEEK CODE BLOCK--
On Wed, 14 Jun 2000, Wichert Akkerman wrote:
> Previously Alexander Hvostov wrote:
> > I have a better idea: an integrated 'user' command, which uses plugins to
> > access the actual database server (like PAM, but for writing to the
> &g
--END GEEK CODE BLOCK--
On Wed, 14 Jun 2000, Wichert Akkerman wrote:
> Previously Alexander Hvostov wrote:
> > I have a better idea: an integrated 'user' command, which uses plugins to
> > access the actual database server (like PAM, but for writing to the
> &g
s:+ a--- C UL P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
G e-- h++ r--- y
--END GEEK CODE BLOCK--
On Wed, 14 Jun 2000, L. Besselink wrote:
> On Wed, 14 Jun 2000, Alexander Hvostov wrote:
>
> > Lennie,
> >
> > Can you give
Lennie,
Can you give me any more details than just that Linux I/O performance is
inferior to *BSD?
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w
O--
s:+ a--- C UL P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
G e-- h++ r--- y
--END GEEK CODE BLOCK--
On Wed, 14 Jun 2000, L. Besselink wrote:
> On Wed, 14 Jun 2000, Alexander Hvostov wrote:
>
> > Lennie,
> >
> > Can you give
Lennie,
Can you give me any more details than just that Linux I/O performance is
inferior to *BSD?
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w
O-
Michael,
I have a better idea: an integrated 'user' command, which uses plugins to
access the actual database server (like PAM, but for writing to the
database rather than reading from it), and performs any of several
functions. Some examples:
# user add joe
Enter password:
Repeat password:
User
> As I recall after windows 95 the passwords are sent over the line
> encrypted. The encryption might be weak but they are not clear text
> anymore.
>
> There is a switch in SMB to allow encrypted passwords. This is ON by
> default in debian (I believe)
>
> -Ryan
>
> O
Michael,
I have a better idea: an integrated 'user' command, which uses plugins to
access the actual database server (like PAM, but for writing to the
database rather than reading from it), and performs any of several
functions. Some examples:
# user add joe
Enter password:
Repeat password:
User
> As I recall after windows 95 the passwords are sent over the line
> encrypted. The encryption might be weak but they are not clear text
> anymore.
>
> There is a switch in SMB to allow encrypted passwords. This is ON by
> default in debian (I believe)
>
> -Ryan
>
> O
Ronny and all,
If you want to use LDAP, I suggest you do LDAP over SSL/TLS. The current
OpenLDAP doesn't support it natively, but I believe there's a patch, and
of course there's always wrappers like stunnel.
Of course, if you want to use user authentication from Windows, using PAM
is more or les
Ronny and all,
If you want to use LDAP, I suggest you do LDAP over SSL/TLS. The current
OpenLDAP doesn't support it natively, but I believe there's a patch, and
of course there's always wrappers like stunnel.
Of course, if you want to use user authentication from Windows, using PAM
is more or le
Jim,
The Linux kernel does not permit any executable file beginning with #! (a
file which requires an interpreter) to have setuid privileges. For this
you will have to have to write a small compiled binary (e.g. C) program,
which simply performs an execl(), perhaps after doing setuid() to change
t
y 2000, Ethan Benson wrote:
> On Fri, May 26, 2000 at 02:37:59AM -0700, Alexander Hvostov wrote:
> > Ethan,
> >
> > Only one problem. Charlie Brown doesn't have hordes of lawyers.
>
> and the Free software movement does?
>
> MS has hoards of lawyers and b
t+ 5 X- R tv+ b DI--- D+
G e-- h++ r--- y
--END GEEK CODE BLOCK--
On Fri, 26 May 2000, Ethan Benson wrote:
> On Fri, May 26, 2000 at 02:19:06AM -0700, Alexander Hvostov wrote:
> > Ethan, and everyone,
> >
> > I seem to keep having to repeat myself: the USA recen
GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
G e-- h++ r--- y
--END GEEK CODE BLOCK--
On Fri, 26 May 2000, Sergio Brandano wrote:
>
> Alexander Hvostov wrote
>
> > ...Unless you encrypt to a public key belonging
:19:33AM -0700, Alexander Hvostov wrote:
> > Sergio,
> >
> > That's what GPG and a good MUA like Pine is for. Let's see "Big
> > Brother" crack 1024-bit public key crypto anytime this decade...
> >
> > I know you can't legally do this in
BLOCK-
Version: 3.12
GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
G e-- h++ r--- y
--END GEEK CODE BLOCK--
On Fri, 26 May 2000, Julien Stern wrote:
> On Fri, May 26, 2000 at 12:19:33AM -0700, Alexander Hvostov wrote:
&g
Bradley,
Uhm, isn't Sendmail's SMTP-over-SSL thing supposed to conform to some
standard..? I seriously doubt the other endpoint has to be
Sendmail; rather, I think it probably only needs to be running a proper
SMTP-over-SSL implementation. If this is the case, then this can be done
with stunnel an
1 - 100 of 126 matches
Mail list logo
