Re: SELinux issue

2016-05-20 Thread Brandon Vincent
On Fri, May 20, 2016 at 11:23 PM, Ralph Sanchez wrote: > I tried setenforce and what not, but they simply returned the SELinux > was not enabled. Can you post your GRUB configuration? Brandon Vincent

Re: SSL/TLS still seems to be screwed up (retrieving Mail with Thunderbird)

2016-04-11 Thread Brandon Vincent
e your location far more accurately. Try out the following (if you live within the United States, you'll probably be shocked at the accuracy): http://ipinfo.io https://www.maxmind.com/en/locate-my-ip-address Brandon Vincent

Re: SSL/TLS still seems to be screwed up (retrieving Mail with Thunderbird)

2016-04-11 Thread Brandon Vincent
e your login was what was throwing the alert. The best advice I can offer is to not use an "untrusted" VPN. Free VPN services have to make money somehow. Brandon Vincent

Re: SSL/TLS still seems to be screwed up (retrieving Mail with Thunderbird)

2016-04-10 Thread Brandon Vincent
tls [2] https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks [3] https://tools.ietf.org/html/rfc2595 Brandon Vincent

Re: [SECURITY] [DSA 2954-1] dovecot security update

2014-06-09 Thread Brandon Vincent
On 06/09/2014 01:30 PM, Andrea Zwirner wrote: > Will the update be available for squeeze-lts? Andrea, Squeeze-LTS is maintained by volunteers rather than the Debian security team. If a package is released, a notification should be posted to the debian-lts-announce mailing list. Brandon Vinc

Re: Slightly OT: Setting the primary NIC

2004-03-21 Thread Brandon High
Could it be that he means the NIC that the default route applies to? netstat -rn would show that. -B -- Brandon High [EMAIL PROTECTED] ZX-7R "Wasabi", '02 BMW R1150RS "Troll" I'm at an age where it's healthy to develop a debilitating chemical dependence.

Re: Slightly OT: Setting the primary NIC

2004-03-21 Thread Brandon High
Could it be that he means the NIC that the default route applies to? netstat -rn would show that. -B -- Brandon High [EMAIL PROTECTED] ZX-7R "Wasabi", '02 BMW R1150RS "Troll" I'm at an age where it's healthy to devel

Re: How efficient is mounting /usr ro?

2003-10-09 Thread Brandon High
y type: It'll stop a worm or automated intrusion though... -B -- Brandon High [EMAIL PROTECTED] '98 Kawi ZX-7R "Wasabi", '98 Kawi EX500 "Harlot", '02 BMW R1150RS "Troll" Depression is merely anger without enthusiasm. pgp2zVb9OFFPf.pgp Description: PGP signature

Re: How efficient is mounting /usr ro?

2003-10-09 Thread Brandon High
y type: It'll stop a worm or automated intrusion though... -B -- Brandon High [EMAIL PROTECTED] '98 Kawi ZX-7R "Wasabi", '98 Kawi EX500 "Harlot", '02 BMW R1150RS "Troll" Depression is merely anger without enthusiasm. pgp0.pgp Description: PGP signature

Re: evolution

2003-06-27 Thread Brandon High
es for HTML mail that you've received. All the connections are going to port 80 on the remote machines. Check Tools->Mail Settings and look under the "Display" tab. Set "Never load images off the net" and see if the connections are still there. Evolution also uses

Re: evolution

2003-06-26 Thread Brandon High
es for HTML mail that you've received. All the connections are going to port 80 on the remote machines. Check Tools->Mail Settings and look under the "Display" tab. Set "Never load images off the net" and see if the connections are still there. Evolution also uses

Re: Could sudo be an security issue?

2003-05-16 Thread Brandon High
d always be done... There are other holes though. For instance: > sudo vi /etc/hosts then, inside vi type ":!bash" Bam ... A root shell that's not logged. I know there's a way to restrict this in vim, but I'm not sure about all the shells. -B -- Brandon High

Re: cluster on firewall?

2003-02-07 Thread Brandon High
at does a good job of allowing failover as well. I've used it on a firewall / gateway setup, and on ftp servers. -B -- Brandon High [EMAIL PROTECTED] '98 Kawi ZX-7R "Wasabi", '98 Kawi EX500 "Harlot", '02 BMW R1150RS "

Re: cluster on firewall?

2003-02-07 Thread Brandon High
at does a good job of allowing failover as well. I've used it on a firewall / gateway setup, and on ftp servers. -B -- Brandon High [EMAIL PROTECTED] '98 Kawi ZX-7R "Wasabi", '98 Kawi EX500 "Harlot", '02 BMW R1150RS "

Re: I'm searching for a network wide system update tool

2003-01-20 Thread Brandon High
a loot at cfengine - It's capable of automating sutff like this fairly easily. -B -- Brandon High [EMAIL PROTECTED] '98 Kawi ZX-7R "Wasabi", '98 Kawi EX500 "Harlot", '02 BMW R1150RS "Troll" You're just j

Re: I'm searching for a network wide system update tool

2003-01-19 Thread Brandon High
a loot at cfengine - It's capable of automating sutff like this fairly easily. -B -- Brandon High [EMAIL PROTECTED] '98 Kawi ZX-7R "Wasabi", '98 Kawi EX500 "Harlot", '02 BMW R1150RS "Troll" You're just je

Re: DHCP

2002-10-29 Thread Brandon High
On Mon, Oct 28, 2002 at 07:38:38PM -0600, Hanasaki JiJi wrote: > Too bad there is no way to do a secure handshake w/ an id/password or > even SecureID cards. That's the idea behind PPPoE. Yuck. -B -- Brandon High [EMAIL PROTECTED] '98 Ka

Re: DHCP

2002-10-28 Thread Brandon High
On Mon, Oct 28, 2002 at 07:38:38PM -0600, Hanasaki JiJi wrote: > Too bad there is no way to do a secure handshake w/ an id/password or > even SecureID cards. That's the idea behind PPPoE. Yuck. -B -- Brandon High [EMAIL PROTECTED] '98 Ka

Re: SunRPC Vulnerability

2002-07-31 Thread Brandon
> > > http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823 > > > > Is Debian vulnerable? > > > > regards, > > > > Thiemo Nagel > > That is funny, I was just thinking there was a new RPC exploit out. Seems scans on port 111 have become a

Re: frequent mail signing => is there a GPG agent?

2002-06-08 Thread Brandon High
On Sun, Jun 09, 2002 at 09:57:10AM +0700, Jean Christophe ANDR?? wrote: > > Probably a stupid question but... I can see lots of you on this list > frequently signing their e-mails, do you use some kind of GPG agent? mutt and Evolution both have pgp/gpg signing built in. -B -- Bra

Re: does virus ELF.OSF.8759 affect debian?

2002-04-10 Thread Brandon High
one included with Potato. -B -- Brandon High [EMAIL PROTECTED] '98 Kawi ZX-7R "Wasabi", '98 Kawi EX500 "Harlot", '94 BMW K75s "Brick" Speeling mistakes only bother people who are illiterate. pgpS8PSUGjEHI.pgp Description: PGP signature

Re: does virus ELF.OSF.8759 affect debian?

2002-04-10 Thread Brandon High
one included with Potato. -B -- Brandon High [EMAIL PROTECTED] '98 Kawi ZX-7R "Wasabi", '98 Kawi EX500 "Harlot", '94 BMW K75s "Brick" Speeling mistakes only bother people who are illiterate. msg06301/pgp0.pgp Description: PGP signature

Re: does virus ELF.OSF.8759 affect debian?

2002-04-10 Thread Brandon High
ries from an unsafe source, you get what you > deserve. And another reason not to run as root... -B -- Brandon High [EMAIL PROTECTED] '98 Kawi ZX-7R "Wasabi", '98 Kawi EX500 "Harlot", '94 BMW K75s "Brick" When approaching a four-way stop, the vehicle with the largest tires always has the right of way. pgp5X912gTrBH.pgp Description: PGP signature

Re: does virus ELF.OSF.8759 affect debian?

2002-04-10 Thread Brandon High
inaries from an unsafe source, you get what you > deserve. And another reason not to run as root... -B -- Brandon High [EMAIL PROTECTED] '98 Kawi ZX-7R "Wasabi", '98 Kawi EX500 "Harlot", '94 BMW K75s "Brick" Wh

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Brandon High
On Sat, Feb 09, 2002 at 10:07:45PM +0100, Jakub Jankowski wrote: > On 2002-02-09, Brandon High wrote: > > [...] > >> should I open(accept) or close(deny, perhaps reject?) the port 113??? > > > >I've got it closed on my machines. I don't know what you might

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Brandon High
ht need it for. -B -- Brandon High [EMAIL PROTECTED] 1998 Kawasaki ZX-7R "Wasabi", 1998 Kawasaki EX500, 1994 BMW K75s I started out with nothing & still have most of it left. pgpoXYeBXzkDD.pgp Description: PGP signature

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Brandon High
On Sat, Feb 09, 2002 at 10:07:45PM +0100, Jakub Jankowski wrote: > On 2002-02-09, Brandon High wrote: > > [...] > >> should I open(accept) or close(deny, perhaps reject?) the port 113??? > > > >I've got it closed on my machines. I don't know what you might

Re: Port 113 (auth) accept or deny?

2002-02-09 Thread Brandon High
ht need it for. -B -- Brandon High [EMAIL PROTECTED] 1998 Kawasaki ZX-7R "Wasabi", 1998 Kawasaki EX500, 1994 BMW K75s I started out with nothing & still have most of it left. msg05637/pgp0.pgp Description: PGP signature

Re: FTP and security

2001-11-08 Thread Brandon High
On Thu, Nov 08, 2001 at 10:29:08PM +0100, Luc MAIGNAN wrote: > Is FTP really insecure ? > I use a version of ProFtpd. The protocol is insecure, since it sends login and authentication information over the wire in clear text. Different FTP daemons have different security issues. -B -- B

Re: FTP and security

2001-11-08 Thread Brandon High
On Thu, Nov 08, 2001 at 10:29:08PM +0100, Luc MAIGNAN wrote: > Is FTP really insecure ? > I use a version of ProFtpd. The protocol is insecure, since it sends login and authentication information over the wire in clear text. Different FTP daemons have different security issues. -B -- B

Re: i am experincing intrusion attempts

2001-09-18 Thread Brandon High
morning by the worm, but there was (what looks like) a manual attemp yesterday at 17/Sep/2001:10:17:58 -0700 -B -- Brandon High [EMAIL PROTECTED] If God wanted me to touch my toes, he would have put them on my knees. pgpNFetH2TGc6.pgp Description: PGP signature

Re: i am experincing intrusion attempts

2001-09-18 Thread Brandon High
(what looks like) a manual attemp yesterday at 17/Sep/2001:10:17:58 -0700 -B -- Brandon High [EMAIL PROTECTED] If God wanted me to touch my toes, he would have put them on my knees. PGP signature

Re: Is ident secure?

2001-08-30 Thread Brandon High
d I allow it > without further security exposure? The general rule applies: If you don't need it, block it. While there are no known security holes, there could always be some unknown. -B -- Brandon High [EMAIL PROTECTED] You can have my gun when you pry

Re: Is ident secure?

2001-08-30 Thread Brandon High
d I allow it > without further security exposure? The general rule applies: If you don't need it, block it. While there are no known security holes, there could always be some unknown. -B -- Brandon High [EMAIL PROTECTED] You can have my gun whe

Re: Mutt and inline gpg

2001-08-09 Thread Brandon High
the old-style PGP message format is strongly deprecated. -B -- Brandon High [EMAIL PROTECTED] Some people are alive only because it's illegal to kill. pgpvjxXK7QtBd.pgp Description: PGP signature

Re: Mutt and inline gpg

2001-08-09 Thread Brandon High
the old-style PGP message format is strongly deprecated. -B -- Brandon High [EMAIL PROTECTED] Some people are alive only because it's illegal to kill. PGP signature

Code Red Worm

2001-08-06 Thread Brandon High
Code Red v2 is wreaking havoc already today. It's liquefied our corporate firewall. I've was probed by it 200 times on Sunday as well, vs. maybe 30/day for v1. -B -- Brandon High [EMAIL PROTECTED] Remember that silence is sometimes the b

Code Red Worm

2001-08-06 Thread Brandon High
Code Red v2 is wreaking havoc already today. It's liquefied our corporate firewall. I've was probed by it 200 times on Sunday as well, vs. maybe 30/day for v1. -B -- Brandon High [EMAIL PROTECTED] Remember that silence is sometimes the best ans

[OT] Key mapping

2001-08-03 Thread Brandon High
state 0x11, keycode 62 (keysym 0xffe2, Shift_R), same_screen YES, XLookupString gives 0 characters: "" Any idea on how I can fix this? -B -- Brandon High [EMAIL PROTECTED] You're just jealous because the voices are talking to me. pgpkaaq2UukNz.pgp Description: PGP signature

Re: Locking down a guest account - need help.

2001-08-03 Thread Brandon High
oard-mouse-emulation functionality. Overall, it seems > like a weird way to go about sidestepping configurability. There must be > other ways to change settings (gnome-control-center, e16menuedit, > e16keyedit, etc) without the middle button. You should be able to do this by setting &quo

Re: CGI Buffer Overflow?

2001-07-19 Thread Brandon High
; N%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9 > 090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0 > 078%u%u00=a HTTP/1.0" 400 328 There was a bug in IIS that involved query strings over 4095 or 8191 characters. That was s

Re: CGI Buffer Overflow?

2001-07-19 Thread Brandon High
NN > N%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9 > 090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0 > 078%u%u00=a HTTP/1.0" 400 328 There was a bug in IIS that involved query strings over 4095 or 8191 characters. That was s

Re: ProFtpd question

2001-06-26 Thread Brandon High
On Wed, Jun 27, 2001 at 03:36:27AM +0200, Jean-Marc Boursot wrote: > > > ln -s /bin/ftponly /bin/false > > Wow, it's quite late in Europe. It's better like that: > ln -s /bin/false /bin/ftponly Perhaps a silly question, but why not just set the shell to /bin/

Re: ProFtpd question

2001-06-26 Thread Brandon High
On Wed, Jun 27, 2001 at 03:36:27AM +0200, Jean-Marc Boursot wrote: > > > ln -s /bin/ftponly /bin/false > > Wow, it's quite late in Europe. It's better like that: > ln -s /bin/false /bin/ftponly Perhaps a silly question, but why not just set the shell to /bin/

Re: nmap 2.12

2001-06-21 Thread Brandon High
d on a SuSE 6.3). > > Is there any known reason for this choice ? It's probably what was available when Potato was frozen. The distribution is getting a little long in the tooth, I think that it was almost 2 years ago. -B -- Brandon High [EMAIL PR

Re: nmap 2.12

2001-06-21 Thread Brandon High
alled on a SuSE 6.3). > > Is there any known reason for this choice ? It's probably what was available when Potato was frozen. The distribution is getting a little long in the tooth, I think that it was almost 2 years ago. -B -- Brandon High [EMAIL PR

Re: a FISH?!?!

2001-06-03 Thread Brandon High
the first time it came up on random. Since you were actually using the system, I doubt that's it though. -B -- Brandon High [EMAIL PROTECTED] Eat Bran - If you can't be normal, at least be regular. pgpYNPv9oXLXT.pgp Description: PGP signature

Re: a FISH?!?!

2001-06-03 Thread Brandon High
out the first time it came up on random. Since you were actually using the system, I doubt that's it though. -B -- Brandon High [EMAIL PROTECTED] Eat Bran - If you can't be normal, at least be regular. PGP signature

Re: What is port 500?

2001-05-20 Thread Brandon High
logs: May 18 04:03:40 xenophobe kernel: Packet log: input DENY eth1 PROTO=17 193.15.225.97:63760 63.203.219.82:500 L=772 S=0x00 I=35765 F=0x T=113 (#36) There were 6 attempts, spaced less than 15 seconds apart. There's most likely a new Windows back door that runs port 500, and people are s

Re: Got root?

2001-05-01 Thread Brandon High
ttp) would still be dependant on quality coding to avoid compromise. Did I make any sense? -- Brandon High [EMAIL PROTECTED] The careful application of terror is also a form of communication.

Re: Got root?

2001-05-01 Thread Brandon High
ttp) would still be dependant on quality coding to avoid compromise. Did I make any sense? -- Brandon High [EMAIL PROTECTED] The careful application of terror is also a form of communication. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: MD5 sums of induvidual files?

2001-04-18 Thread Brandon High
On Wed, 18 Apr 2001, Michael Boman wrote: > Is there a repository of MD5 sums for single files in a package? Look under /var/lib/dpkg/info/*.md5sums I don't know if there is an automated method of verifying that the sums match currently installed files though. -B -- Bran

Re: MD5 sums of induvidual files?

2001-04-18 Thread Brandon High
On Wed, 18 Apr 2001, Michael Boman wrote: > Is there a repository of MD5 sums for single files in a package? Look under /var/lib/dpkg/info/*.md5sums I don't know if there is an automated method of verifying that the sums match currently installed files though. -B -- Bran

Packet filtering help

2001-04-09 Thread Brandon High
:8 x.y.z.82:0 L=60 S=0x00 I=65280 F=0x T=15 (#5) I'm currently allowing ICMP to and from ports 0, 3 and 8. I'm just afraid that I'm breaking a few RFCs doing this. Also... Is it a better idea to DENY or REJECT? What does Ye Olde RFC recommend? Whic

Packet filtering help

2001-04-09 Thread Brandon High
:8 x.y.z.82:0 L=60 S=0x00 I=65280 F=0x T=15 (#5) I'm currently allowing ICMP to and from ports 0, 3 and 8. I'm just afraid that I'm breaking a few RFCs doing this. Also... Is it a better idea to DENY or REJECT? What does Ye Olde RFC recommend? Whic

Ports to block?

2001-04-05 Thread Brandon High
x27;t want externally visible, but UDP port 1028 shows nothing listening lsof. I blocked it out of principle, but does anyone know what it might be? -B -- Brandon High [EMAIL PROTECTED] We are Homer of Borg. Resistance is ... Ooo! Donuts!

Ports to block?

2001-04-05 Thread Brandon High
didn't want externally visible, but UDP port 1028 shows nothing listening lsof. I blocked it out of principle, but does anyone know what it might be? -B -- Brandon High [EMAIL PROTECTED] We are Homer of Borg. Resistance is ... Ooo! Donuts! -- To UNSUBS