netstat -tulpn | grep :10001
grep 10001 /etc/services
or:
fuser 10001/udp
This will output PID
Then find out process name associated with PID
ls -l /proc/PID/exe
---Permission to forward and reprint is given.---
*Don't confuse my personality with my attitude. My personality is who I am.
My attit
gt; these updates to your system and frequently asked questions can be
> found at: http://www.debian.org/security/
>
> Mailing list: debian-security-annou...@lists.debian.org
>
>
>
- --
Andy Ruddock
-
andy.rudd...@rainydayz.org (OpenPGP Key ID 0xB0324245)
-
ooops its actually Lenny!
On 7 December 2011 06:09, Moritz Muehlenhoff wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> - -
> Debian Security Advisory DSA-2360-1 secur...@debian.org
> http://ww
andy baxter wrote:
Sorry, forgot to send this to the list.
Martin Bartenberger wrote:
andy baxter schrieb:
Thanks to those who replied about ssh config. Would be good to know
more about whether it's worth setting up aide for a small home
server like this, and if the way I'm thinkin
Sorry, forgot to send this to the list.
Martin Bartenberger wrote:
andy baxter schrieb:
Thanks to those who replied about ssh config. Would be good to know
more about whether it's worth setting up aide for a small home server
like this, and if the way I'm thinking of doing it is O
andy baxter wrote:
[... I'm planning to ...]
- use aide to check the system files regularly. The way I'm thinking
of doing this is to put a bootable debian image (with aide installed)
on a flash disk, then every week or so boot my laptop from this with
the slug's usb hard dri
Sébastien NOBILI wrote:
Le vendredi 27 février 09 à 10:43, andy baxter a écrit :
I can make sure that the server doesn't have any incoming ports open
except http and ssh)
I would use another port than 22 for the SSH. If your machine's ports are
being scanned and it appears
omething similar with another server I had a while back, and it
was a fair bit of hassle to keep it up every week. So it would be good
to know if this is overkill, or a sensible thing to do?
- work through the securing debian manual to see if there's anything
else I've m
Thank you Devin, the problem was solved yesterday by other member helps.
2009. 01. 29, csütörtök keltezéssel 07.14-kor Devin Carraway ezt írta:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> -
> Debian Security Advis
Thank you for information!
--
Andy Smith
2009. 01. 25, vasárnap keltezéssel 21.26-kor Steffen Joeris ezt írta:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> -
> Debian Security Advi
I've got some experience
with this, then I'll be able to see a bit better how far the process can
be automated.
Thanks to everyone who has replied for your time.
andy baxter.
andy
> Plus, you might as well bundle the check with a backup-system, since
> you are already looki
(tripwire, ..)
Maybe, although I can't see how you get round the problem that you need
to update the checksum database every time you install new or updated
software.
andy
Plus, you might as well bundle the check with a backup-system, since
you are already looking at your system at rest,
Jim Popovitch wrote:
On Sun, 2007-06-24 at 16:50 +0100, andy baxter wrote:
The difference is that:
a) These all run on the live system they are trying to protect,
Unless you configure them to only write to an offline mount point that
is normally ro and only rw through external
all
and manageable enough that someone could scan through it quickly to see
if anything odd has changed.
As I said in my first email, I'm not sure if I'm up for trying to do
this all by myself, but I'll let you know if I do make a start on it.
cheers,
andy
Bernhard R. Link wrote:
*
sysvinit
debsums: no md5sums for sysvinit-utils
debsums: no md5sums for update-inetd
debsums: no md5sums for util-linux
What do you mean by 'fingerprint updates?'
andy.
Daniel van Eeden wrote:
Andy,
Sounds like you're looking for debsums[1]? A CD/DVD is possible but
doesn'
they have installed.
b) Their databases need to be updated every time you update your system,
whereas this approach would update itself automatically whenever you
downloaded a new package or update.
andy.
Felix Windt wrote:
Tripwire, integrit and aide all perform something similar to what you
if anyone else
wants to have a go at it.
Alternatively, if people don't think it's worth your while developing
something like this, where should I start looking to try to put it
together myself, and is there anyone at debian who might be able to help
me?
yours,
andy baxter.
--
In an effort to eliminate unsolicited e-mail, I have installed SpamEnder.
Please REPLY to this e-mail, without modifying the subject line, so that I can
receive your original message. Upon my approval, future e-mails you send to me
will be released automatically. If you do not REPLY to this e-m
In an effort to eliminate unsolicited e-mail, I have installed SpamEnder. Please
REPLY to this e-mail, without modifying the subject line, so that I can receive your
original message. Upon my approval, future e-mails you send to me will be released
automatically. If you do not REPLY to this e-m
Dale Amon ([EMAIL PROTECTED]) wrote:
> On Wed, Sep 17, 2003 at 11:57:16AM +0100, Andy Coates wrote:
> > They've put a wildcard DNS entry for .com and .net to resolve to their
> > product called "SiteFinder" which offers a IE/MSN like "Did you mean
> > to ty
S entry for .com and .net to resolve to their
product called "SiteFinder" which offers a IE/MSN like "Did you mean
to type " services.
So any domain that doesn't exist, or in the PENDING/DELETE states, or has
no nameservers associated with it, now resolves.
Andy.
Dale Amon ([EMAIL PROTECTED]) wrote:
> On Wed, Sep 17, 2003 at 11:57:16AM +0100, Andy Coates wrote:
> > They've put a wildcard DNS entry for .com and .net to resolve to their
> > product called "SiteFinder" which offers a IE/MSN like "Did you mean
> > to ty
S entry for .com and .net to resolve to their
product called "SiteFinder" which offers a IE/MSN like "Did you mean
to type " services.
So any domain that doesn't exist, or in the PENDING/DELETE states, or has
no nameservers associated with it, now resolves.
Andy.
other) picks up a nasty it
will not be able to email by itself to the rest of the world...
Andy
-Original Message-
From: Jeff [mailto:[EMAIL PROTECTED]
Sent: 30 July 2003 22:44
To: debian-security@lists.debian.org
Subject: Re: XP box inside the firewall
Kristof Goossens, 2003-Jul-30 14:09
other) picks up a nasty it
will not be able to email by itself to the rest of the world...
Andy
-Original Message-
From: Jeff [mailto:[EMAIL PROTECTED]
Sent: 30 July 2003 22:44
To: [EMAIL PROTECTED]
Subject: Re: XP box inside the firewall
Kristof Goossens, 2003-Jul-30 14:09 +0200:
> On Wed
Once you've run that exploit once it sets itself as setuid=root
check for that will you? :)
if that's the case, recompile & reexecute
thanks,
andy
On Monday 09 June 2003 20:25, Helmar wrote:
> - From the security advisory 311-1:
>
> Package: kernel
>
Once you've run that exploit once it sets itself as setuid=root
check for that will you? :)
if that's the case, recompile & reexecute
thanks,
andy
On Monday 09 June 2003 20:25, Helmar wrote:
> - From the security advisory 311-1:
>
> Package: kernel
>
Netbios related probes I think (windows machines). If you don't have
any win machines, ignore it.
Easiest place for these sort of queries is google - plenty of people ask
the same type of questions.
Andy.
> Ok, but if the port is 137 is that a problem?
>
> jjj3
>
>
happens when you IRC, or some FTP sites check. Don't recall a
vulnerability for it.
Andy.
Netbios related probes I think (windows machines). If you don't have
any win machines, ignore it.
Easiest place for these sort of queries is google - plenty of people ask
the same type of questions.
Andy.
> Ok, but if the port is 137 is that a problem?
>
> jjj3
>
>
happens when you IRC, or some FTP sites check. Don't recall a
vulnerability for it.
Andy.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ompany (SPEEDERA) who
specialise in content delivery. I'm guessing someone in your network
(or even yourself) is viewing some sort of media they distribute, and
one of the techniques for finding the closest distribution point to you
could be a simple ping test.
Akamai do it if I recall, and these people seem very similar. They
usually welcome requests to stop testing, since some people do get
annoyed.
HTH,
Andy.
one company (SPEEDERA) who
specialise in content delivery. I'm guessing someone in your network
(or even yourself) is viewing some sort of media they distribute, and
one of the techniques for finding the closest distribution point to you
could be a simple ping test.
Akamai do it if I recall,
icate against a MySQL
database (or LDAP), which are relatively easy to setup and plenty of
examples on the web on how to do so.
You seem to be aiming for a very secure system, so what I've said might
not be the *ultimate* secure system, but it is very simple and easily
managed - as well as being as safe as you'll probably ever need.
HTH,
Andy.
In the depths of that dark day Sat Jul 21, the words of Wichert Akkerman were
the beacon:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org and
In the depths of that dark day Sat Jul 21, the words of Wichert Akkerman were the
beacon:
>
> For amusement I checked the web logs for a few debian machines to see
> if they had some red worm attempts. Seems we've been probed a fair
> bit: 16 times on www.spi-inc.org, 22 on non-us.debian.org an
Of all the days, it was on Sat, Apr 14, 2001 at 02:32:20PM -0400 that Jacob
Kuntz quoth:
> from the secret journal of Andy Bastien ([EMAIL PROTECTED]):
> >
> > Another technique is to use a separate logging server which has the
> > transmit leads on it's ethernet
Of all the days, it was on Sat, Apr 14, 2001 at 02:32:20PM -0400 that Jacob Kuntz
quoth:
> from the secret journal of Andy Bastien ([EMAIL PROTECTED]):
> >
> > Another technique is to use a separate logging server which has the
> > transmit leads on it's ethernet
Of all the days, it was on Fri, Apr 13, 2001 at 05:54:07PM -0500 that Kevin van
Haaren quoth:
>
>
> --On Friday, April 13, 2001 3:40 PM -0700 Micah Anderson <[EMAIL PROTECTED]>
> hath wrote:
>
> | One additional tweak which falls into line with the security setups, that
> | I think is a good i
Of all the days, it was on Fri, Apr 13, 2001 at 05:54:07PM -0500 that Kevin van Haaren
quoth:
>
>
> --On Friday, April 13, 2001 3:40 PM -0700 Micah Anderson <[EMAIL PROTECTED]>
> hath wrote:
>
> | One additional tweak which falls into line with the security setups, that
> | I think is a good
a touch off... looks like the pam
support remains present.
andy
- Forwarded message from Martin Schulze <[EMAIL PROTECTED]> -
> Date: Fri, 9 Feb 2001 00:08:58 +0100
> From: Martin Schulze <[EMAIL PROTECTED]>
> To: Debian Security Announcements
> Subjec
gotten a touch off... looks like the pam
support remains present.
andy
- Forwarded message from Martin Schulze <[EMAIL PROTECTED]> -
> Date: Fri, 9 Feb 2001 00:08:58 +0100
> From: Martin Schulze <[EMAIL PROTECTED]>
> To: Debian Security Announcements <[EMA
Of all the days, it was on Mon, Jan 29, 2001 at 08:35:57PM + that Tom Breza
quoth:
> Can u write in English pls? or don't write at all
Oh, the irony.
>
> thanks
>
> > e2fsck ÿþüþóðõàÃÂþûÃÂúþ ýð ýõÃÂúþûÃÂúþ üøÃÂ
Of all the days, it was on Mon, Jan 29, 2001 at 08:35:57PM + that Tom Breza quoth:
> Can u write in English pls? or don't write at all
Oh, the irony.
>
> thanks
>
> > e2fsck Ð¿Ð¾Ð¼Ð¾Ð³Ð°ÐµÑ ÑолÑко на неÑколÑко минÑÑ.
> > ÐонеÑно Ñ Ñакими ÑкÑднÑм
Of all the days, it was on Sun, Jan 28, 2001 at 01:38:10PM -0600 that wes
schreiner quoth:
> Andy Bastien wrote:
> > These ANSI codes do only clear the screen when the user logs out,
> > which was the original question. At some point somebody interpreted it
> > to
Of all the days, it was on Sun, Jan 28, 2001 at 01:38:10PM -0600 that wes schreiner
quoth:
> Andy Bastien wrote:
> > These ANSI codes do only clear the screen when the user logs out,
> > which was the original question. At some point somebody interpreted it
> > to
Of all the days, it was on Sun, Jan 28, 2001 at 09:00:07AM -0600 that wes
schreiner quoth:
> "Sander Smeenk (CistroN Medewerker)" wrote:
> >
> > Quoting wes schreiner ([EMAIL PROTECTED]):
> >
> > > Not that I can see, though I'd love to know of a clean way to clear the
> > > scroll-back buffer.
Of all the days, it was on Sun, Jan 28, 2001 at 09:00:07AM -0600 that wes schreiner
quoth:
> "Sander Smeenk (CistroN Medewerker)" wrote:
> >
> > Quoting wes schreiner ([EMAIL PROTECTED]):
> >
> > > Not that I can see, though I'd love to know of a clean way to clear the
> > > scroll-back buffer.
Of all the days, it was on Sat, Jan 27, 2001 at 01:53:31AM +0100 that Tim van
Erven quoth:
> On Fri, Jan 26, 2001 at 05:03:49PM -0600, wes schreiner <[EMAIL PROTECTED]>
> wrote:
> > Tom Breza wrote:
> > >
> > > Hi
> > >
> > > I just use fetch and I been editing filie fetchmail, after I finish
>
Of all the days, it was on Sat, Jan 27, 2001 at 01:53:31AM +0100 that Tim van Erven
quoth:
> On Fri, Jan 26, 2001 at 05:03:49PM -0600, wes schreiner <[EMAIL PROTECTED]> wrote:
> > Tom Breza wrote:
> > >
> > > Hi
> > >
> > > I just use fetch and I been editing filie fetchmail, after I finish
> >
check out ssmtp. i believe it does just what you are looking for...
andy
On Thu, Dec 14, 2000 at 11:04:15AM -0800, Monte Milanuk wrote:
> Well, there's a package w/ 2.2 called masqmail, but I
> haven't invested a lot of time to get it configured yet.
>
> Mont
check out ssmtp. i believe it does just what you are looking for...
andy
On Thu, Dec 14, 2000 at 11:04:15AM -0800, Monte Milanuk wrote:
> Well, there's a package w/ 2.2 called masqmail, but I
> haven't invested a lot of time to get it configured yet.
>
> Mont
responses inline...
On Wed, 11 Oct 2000, Daniel Jacobowitz wrote:
> On Wed, Oct 11, 2000 at 07:18:23AM -0700, andy wrote:
> > just ran tiger on a fresh debian (2.2) install, and received the following
> > warnings:
> >
> > # Performing check of PATH components...
>
any information on this on the net at large... so i thought i'd send an
email out debian-security way to get some feedback...
thanks!
andy
responses inline...
On Wed, 11 Oct 2000, Daniel Jacobowitz wrote:
> On Wed, Oct 11, 2000 at 07:18:23AM -0700, andy wrote:
> > just ran tiger on a fresh debian (2.2) install, and received the following
> > warnings:
> >
> > # Performing check of PATH components...
>
find
any information on this on the net at large... so i thought i'd send an
email out debian-security way to get some feedback...
thanks!
andy
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
56 matches
Mail list logo
