On Sun, Dec 21, 2003 at 09:09:38AM -0600, hanasaki wrote:
> whats the difference between amavis-ng and milter and amavisd-new? are
> some going away? which one do you use for what? or clamscan directly?
> how can virus scanning be added? clamscan and spam Spam assassin seem
> to be the norms
On Sun, Dec 21, 2003 at 09:09:38AM -0600, hanasaki wrote:
> whats the difference between amavis-ng and milter and amavisd-new? are
> some going away? which one do you use for what? or clamscan directly?
> how can virus scanning be added? clamscan and spam Spam assassin seem
> to be the norms
On Fri, Dec 19, 2003 at 05:46:11PM +0100, Bill Allombert wrote:
> Hello Debian-security list,
>
> I have experimented with running an anonymous CVS server inside
> user-mode-linux. So far this seems to work well and hopefully should
> enhance security a bit. The host kernel has the skas patch.
>
On Fri, Dec 19, 2003 at 05:46:11PM +0100, Bill Allombert wrote:
> Hello Debian-security list,
>
> I have experimented with running an anonymous CVS server inside
> user-mode-linux. So far this seems to work well and hopefully should
> enhance security a bit. The host kernel has the skas patch.
>
On Sun, Nov 09, 2003 at 12:08:40AM -0600, Hanasaki JiJi wrote:
> Anyone have/working on integration of these?
>
> clam spamc and amavis are installed however, they dont seem to update
> the /etc/exim4/conf.d of the new packaging system.
>
> thank you.
exim4-daemon-heavy has the exiscan-acl patc
On Sun, Nov 09, 2003 at 12:08:40AM -0600, Hanasaki JiJi wrote:
> Anyone have/working on integration of these?
>
> clam spamc and amavis are installed however, they dont seem to update
> the /etc/exim4/conf.d of the new packaging system.
>
> thank you.
exim4-daemon-heavy has the exiscan-acl patc
On Fri, Oct 17, 2003 at 11:01:27AM +0200, Yasar Arman wrote:
> Bernd Eckenfels wrote:
> > In article <[EMAIL PROTECTED]> you wrote:
> >
> >>A read-only /usr is not a security measure.
> >
> >
> > Depends on your definition og it-security. It reduces downtime, prevents
> > some admin and software fa
On Fri, Oct 17, 2003 at 11:01:27AM +0200, Yasar Arman wrote:
> Bernd Eckenfels wrote:
> > In article <[EMAIL PROTECTED]> you wrote:
> >
> >>A read-only /usr is not a security measure.
> >
> >
> > Depends on your definition og it-security. It reduces downtime, prevents
> > some admin and software fa
On Fri, Jun 20, 2003 at 07:39:28PM +0100, Ian Goodall wrote:
> > Any recommendations, experiences, thoughts?
>
> Running ftp over a vpn would work but its not the easiest option. Sftp is
> exactly what you need. Why not just run it on another port?
Last I checked, sftp requires a patch to chroot,
On Fri, Jun 20, 2003 at 07:39:28PM +0100, Ian Goodall wrote:
> > Any recommendations, experiences, thoughts?
>
> Running ftp over a vpn would work but its not the easiest option. Sftp is
> exactly what you need. Why not just run it on another port?
Last I checked, sftp requires a patch to chroot,
i recently setup mailscanner with mcafee virusscan and have been pretty
happy with it.
if you describe the nature of the error, i might be able to help you
out.
xn
On Mon, Aug 12, 2002 at 08:00:16PM -0500, Daniel J. Rychlik wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Gentlem
On Wed, May 29, 2002 at 10:05:45AM -0700, Tom Dominico wrote:
> I am attempting to configure our Debian webserver, running Apache, to
> use our Windows PDC when authenticating for secure web access. I have
> followed instructions that I found on the web, but I am having trouble.
> [...]
> AuthType
On Wed, May 29, 2002 at 10:05:45AM -0700, Tom Dominico wrote:
> I am attempting to configure our Debian webserver, running Apache, to
> use our Windows PDC when authenticating for secure web access. I have
> followed instructions that I found on the web, but I am having trouble.
> [...]
> AuthTyp
On Fri, May 10, 2002 at 01:04:40PM +0300, Jussi Ekholm wrote:
> Christian G. Warden <[EMAIL PROTECTED]> wrote:
>
> (Could you please post your reply *below* the quoted text? Top-posting
> is quite irritating, IMHO)
>
> > i just want to add a warning about spamas
On Fri, May 10, 2002 at 01:04:40PM +0300, Jussi Ekholm wrote:
> Christian G. Warden <[EMAIL PROTECTED]> wrote:
>
> (Could you please post your reply *below* the quoted text? Top-posting
> is quite irritating, IMHO)
>
> > i just want to add a warning about spamas
matches the userid of the
authenticated user.
here's an article on secure programming in php:
http://www.zend.com/zend/art/art-oertli.php
xn
On Fri, May 10, 2002 at 01:11:41AM +0800, Patrick Hsieh wrote:
> Hello "Christian G. Warden" <[EMAIL PROTECTED]>,
>
> Yes. B
one of the php lists is probably a better forum for this question, but
in short, register_globals=off means that if you want to use the "id"
variable passed in the query string by the browser, you would access it as
$HTTP_GET_VARS['id'], or $_GET['id'] in 4.1+, rather than $id. more info
at http:/
rid matches the userid of the
authenticated user.
here's an article on secure programming in php:
http://www.zend.com/zend/art/art-oertli.php
xn
On Fri, May 10, 2002 at 01:11:41AM +0800, Patrick Hsieh wrote:
> Hello "Christian G. Warden" <[EMAIL PROTECTED]>,
>
> Yes. B
i just want to add a warning about spamassassin. i had it setup for
about a week and it was very good at catching spam, but occassionally it
would drive the cpu load into the 20s. i didn't spend any time trying
to track down the problem. i was using procmail to send all my mail
through SA so may
yeah, it's a mess. i spent 2 days trying to get poptop working a few
months ago. once i got everything patched and running and could setup a
vpn between pptp-linux and pptpd, i still couldn't get win98 to connect
to pptpd. i gave up and decided next time i'd try to use ipsec with
freeswan.
good
looks like there's a package for the patch:
kernel-patch-mppe - ppp_mppe module for pppd
xn
On Tue, Apr 30, 2002 at 12:03:09PM -0400, Derek J. Balling wrote:
> At 8:43 AM -0700 4/30/02, Anne Carasik wrote:
> >Last time I checked, PPTP comes with encryption. All you
> >have to do is configure it.
yeah, it's a mess. i spent 2 days trying to get poptop working a few
months ago. once i got everything patched and running and could setup a
vpn between pptp-linux and pptpd, i still couldn't get win98 to connect
to pptpd. i gave up and decided next time i'd try to use ipsec with
freeswan.
goo
looks like there's a package for the patch:
kernel-patch-mppe - ppp_mppe module for pppd
xn
On Tue, Apr 30, 2002 at 12:03:09PM -0400, Derek J. Balling wrote:
> At 8:43 AM -0700 4/30/02, Anne Carasik wrote:
> >Last time I checked, PPTP comes with encryption. All you
> >have to do is configure it.
i'm not familiar with rinetd, but if you use netfilter to do dnat the source
address will be maintained. just make sure internal boxes hit the
webserver directly, on the internal ip, rather than through the external
one so they don't get confused by packets coming back directly from the
web server
i'm not familiar with rinetd, but if you use netfilter to do dnat the source
address will be maintained. just make sure internal boxes hit the
webserver directly, on the internal ip, rather than through the external
one so they don't get confused by packets coming back directly from the
web serve
rdate is probably easier to use. ntp requires at least a little
configuration, but it is more accurate.
xn
On Thu, Apr 04, 2002 at 06:56:30PM +0200, eim wrote:
> First of all thanks to all for responses.
>
> On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote:
> > On Wed, Apr 03, 2002 at 09:
rdate is probably easier to use. ntp requires at least a little
configuration, but it is more accurate.
xn
On Thu, Apr 04, 2002 at 06:56:30PM +0200, eim wrote:
> First of all thanks to all for responses.
>
> On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote:
> > On Wed, Apr 03, 2002 at 09
On Wed, Apr 03, 2002 at 02:43:10PM -0800, Petro wrote:
> On Wed, Apr 03, 2002 at 09:22:34AM +, Martin WHEELER wrote:
> > "Release early; release often."
>
> NO
>
> Measure twice, cut once.
i haven't really been following this thread, but i like analogies as
much as the next person,
On Wed, Apr 03, 2002 at 02:43:10PM -0800, Petro wrote:
> On Wed, Apr 03, 2002 at 09:22:34AM +, Martin WHEELER wrote:
> > "Release early; release often."
>
> NO
>
> Measure twice, cut once.
i haven't really been following this thread, but i like analogies as
much as the next person,
the commercial ssh server has an option to chroot to a user's home
directory. there are patches available to openssh to do it also,
though i don't know if they've been thoroughly audited. check out
http://mail.incredimail.com/howto/openssh/
you can make sftp-server the user's shell to only allow
the commercial ssh server has an option to chroot to a user's home
directory. there are patches available to openssh to do it also,
though i don't know if they've been thoroughly audited. check out
http://mail.incredimail.com/howto/openssh/
you can make sftp-server the user's shell to only allow
i'm in the middle of switching from ipchains to iptables right now and i
haven't tested my DNAT rules yet, but from what i understand, packets
pass through the FORWARD chain in the filter table after the PREROUTING
chain in the nat table.
see the second paragraph here:
http://netfilter.samba.org/do
i'm in the middle of switching from ipchains to iptables right now and i
haven't tested my DNAT rules yet, but from what i understand, packets
pass through the FORWARD chain in the filter table after the PREROUTING
chain in the nat table.
see the second paragraph here:
http://netfilter.samba.org/d
33 matches
Mail list logo
