-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Radu Spineanu wrote:
> Hello
>
> I working on a small project, and i have a problem related to
> keeping gpg private keys stored on usb drives secure when working
> with them.
>
> My problem is that in case the machine is compromised, if the usb
> wi
On Di, 15.02.2005, 21:53, Nicolas Ledez wrote:
> Le Tue, Feb 15, 2005 at 06:47:53PM +0100, Christian Storch a écrit :
>> I've tried your scripts for creating root and server certs.
>> Testing with s_client on two different servers I got no errors
>> but nearly the same
On Di, 15.02.2005, 13:20, Nicolas Ledez wrote:
> Le Tue, Feb 15, 2005 at 11:38:43AM +0100, Christian Storch a écrit :
...
> My ca was generated with attach script.
> And my cyrus cert with do script.
>
>> Nicolas: How you've created your certs?
>> The commands with arg
On Di, 15.02.2005, 00:25, Bernd Eckenfels wrote:
> In article <[EMAIL PROTECTED]> you
> wrote:
>> 'Toto Root CA' seems to be a self signed certificate instead of an
>> undependent certificate as your root certificate. You don't have to
>> self sign a root certificate.
>
> You need a signature on al
On Mo, 14.02.2005, 21:58, Nicolas Ledez wrote:
> Hello, I have a Cyrus21 installation (Sarge). When I'm connect to cyrus
> first time (after cyrus start) :
>
> [EMAIL PROTECTED]:~$ openssl s_client -connect my_host.my_domain.com:imaps
> CONNECTED(0004)
> depth=1 /C=MY/ST=France/L=SmallTown/O=To
On Do, 13.01.2005, 20:37, Javier Pardo sagte:
> Hello.
>
> I´m looking after a way to simulate traffic in order to probe my
> iptables' rules.
>
> In other words. Is there any way, any command or any iptables parameter
> to ask iptables what is going to do (according with the active rules)
> when s
On Mi, 29.12.2004, 20:09, Felipe Augusto van de Wiel (faw) wrote:
> At first I believe that security.debian.org could
> handle this, but in fact, it is more patching and
> backporting patches than new version for security reasons.
>
> We also have to consider that a "innocent" upgrade
>
On Di, 28.12.2004, 02:24, Michael Stone wrote:
> On Thu, Dec 23, 2004 at 05:16:39PM +0100, Florian Weimer wrote:
>>However, most of our packages haven't got test suites, and our
>>dependency graph is certainly more convoluted than Red Hat's. For
>>example, Red Hat probably has only a handful packa
On Do, 23.12.2004, 21:16, Florian Weimer wrote:
> * Jan Minar:
>
>> On Thu, Dec 23, 2004 at 05:16:39PM +0100, Florian Weimer wrote:
>>> My current idea is to borrow an idea from Microsoft: Create a Patch
>>> Validation Program. Under this program, you get access to security
>>> fixes before the of
On Di, 21.12.2004, 17:35, Sam Morris wrote:
> Florian Weimer wrote:
>> * Christian Storch:
>> > > Use a backport of PHP 4.3.10. Apparently, there is no other way at
>> > > this stage to be sure. (Upstream no longer supports PHP 4.1.x.)
>> >
>> &
On Di, 21.12.2004, 10:13, Florian Weimer sagte:
> * saravanan ganapathy:
>
>> I am also worrying about these vulnerabilities.btw I
>> am using debian php package(4.1.2) on woody.
>> How do I sure that I am out of danger?
>
> Use a backport of PHP 4.3.10. Apparently, there is no other way at
>
On Sa, 27.11.2004, 03:43, Stephen Gran wrote:
...
> I guess what I'm trying to say is, I understand your misgivings, beause
> people implementing most anything can manage to do it in a really stupid,
> painful and harmful way. That doesn't necessarily mean the idea is
> unsound. Greylisting is, i
On Fr, 26.11.2004, 03:34, Stephen Frost wrote:
> * Adrian 'Dagurashibanipal' von Bidder ([EMAIL PROTECTED]) wrote:
>>
>> And, of course, postgrey as the very first line of defense.
>>
>> Coupled with the usual checking on HELO (blocking 'localhost' HELOs and
>> my
>> own IP does wonders!), SMTP p
On Sa, 16.10.2004, 16:21, Ben Goedeke wrote:
> Kurt Roeckx wrote:
...
> Hmm. That gives me an idea:
>
> Destination Gateway Flags Metric Ref Use Iface
> 134.102.0.0/16 0.0.0.0 UG0 0 0 eth1
>
> With such a routing entry the firewall will try and resolve mac
> addr
On Sa, 16.10.2004, 13:39, Benjamin Goedeke wrote:
...
> ethernet address, namely the one of the upstream router.) So it seems
> arp resolution occurs even though the packets are being dropped. That's
> why I thought the bridge before the firewall could be a good idea. But
> I guess the net gets clo
On Sa, 16.10.2004, 07:58, Henrique de Moraes Holschuh wrote:
> On Sat, 16 Oct 2004, Ben Goedeke wrote:
>> Should it really be possible for a single infected windows machine to
>> dos
>> a linux firewall? Please tell me it's not true and there's just
>> something
>> I'm overlooking. I'm at my wits e
Have a look at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=276268
Perhaps it would help you for the moment to recompile the package as I did.
Christian
-Original Message-
From: Frank Strau? [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 13, 2004 9:43 AM
To: [EMAIL PROTECTED]
Sub
Sorry, in the case of BGP this would mean CERT is assuming that
every ISP is ignoring the well known issue about vulnerability
of Cisco routers and perhaps others.
After that very urgent mailing about half a year ago I've
edited as other ISP's especially all BGP relevant filters in
such a manner th
Sorry, in the case of BGP this would mean CERT is assuming that
every ISP is ignoring the well known issue about vulnerability
of Cisco routers and perhaps others.
After that very urgent mailing about half a year ago I've
edited as other ISP's especially all BGP relevant filters in
such a manner th
Have a look at http://www.netfilter.org/ - there you could find all about
it.
If you want a nice html configuration, start a firewall script from above
and import it by 'webmin-firewall'.
Christian
-Original Message-
From: Costas Magkos [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 04,
Have a look at http://www.netfilter.org/ - there you could find all about
it.
If you want a nice html configuration, start a firewall script from above
and import it by 'webmin-firewall'.
Christian
-Original Message-
From: Costas Magkos [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 04,
To make it simply and clear use
apt-cache policy kernel-image-2.4.24-1-686-smp
and you will see what would be done and why.
Christian
-Original Message-
From: Andris Kalnozols [mailto:[EMAIL PROTECTED]
Sent: Friday, February 27, 2004 9:42 AM
To: debian-security@lists.debian.org
Subject
To make it simply and clear use
apt-cache policy kernel-image-2.4.24-1-686-smp
and you will see what would be done and why.
Christian
-Original Message-
From: Andris Kalnozols [mailto:[EMAIL PROTECTED]
Sent: Friday, February 27, 2004 9:42 AM
To: [EMAIL PROTECTED]
Subject: apt-get upgra
Are you able to ping 64.4.33.7 !?
If so, try 'telnet 64.4.33.7 25' next to get a smtp prompt.
If nothing works look at your connection: Firewall rules etc.
Beside that your sendmail seems to work.
Christian
- Original Message -
From: "arun raj" <[EMAIL PROTECTED]>
To:
Sent: Monday, Jan
Are you able to ping 64.4.33.7 !?
If so, try 'telnet 64.4.33.7 25' next to get a smtp prompt.
If nothing works look at your connection: Firewall rules etc.
Beside that your sendmail seems to work.
Christian
- Original Message -
From: "arun raj" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]
That's typical: IP's are really scanned like ..., 1.2.3.4, 1.2.3.5, 1.2.3.6,
... etc.
> > You are being scanned. Get used to it. You're not specifically being
> > targetted, but rather your IP address was randomly generated by some
> > worm on some Windows box and a connection attempt was made.
That's typical: IP's are really scanned like ..., 1.2.3.4, 1.2.3.5, 1.2.3.6, ... etc.
> > You are being scanned. Get used to it. You're not specifically being
> > targetted, but rather your IP address was randomly generated by some
> > worm on some Windows box and a connection attempt was made.
- Original Message -
From: "LeVA" <[EMAIL PROTECTED]>
>
> htpasswd -m shadow.ftp user
>
htpasswd without '-m' works for apache 1.3.26 & proftpd 1.2.4,
with '-m' it doesn't!
(both actual version from woody)
Christian
- Original Message -
From: "LeVA" <[EMAIL PROTECTED]>
>
> htpasswd -m shadow.ftp user
>
htpasswd without '-m' works for apache 1.3.26 & proftpd 1.2.4,
with '-m' it doesn't!
(both actual version from woody)
Christian
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "uns
Yes, a very sophisticated kind of definition.
But what about the small gap between theory and practice?
Now here we're discussing about 'real life'.
So I think security and availability represent to basic independend points of
discussion.
Security in a sense of preventing of bad impact from outsi
Yes, a very sophisticated kind of definition.
But what about the small gap between theory and practice?
Now here we're discussing about 'real life'.
So I think security and availability represent to basic independend points of
discussion.
Security in a sense of preventing of bad impact from outsi
ETIMEDOUT: TCPT_KEEP has expired
;)
-Original Message-
From: conrad [mailto:[EMAIL PROTECTED]
Sent: Monday, October 13, 2003 6:45 PM
To: debian-security@lists.debian.org
Subject: trouble
Socket Error: 10060
ETIMEDOUT: TCPT_KEEP has expired
;)
-Original Message-
From: conrad [mailto:[EMAIL PROTECTED]
Sent: Monday, October 13, 2003 6:45 PM
To: [EMAIL PROTECTED]
Subject: trouble
Socket Error: 10060
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Conta
>> - perl without tainting checks in cgi-bin?
>
>what exactly do you mean? how can i do/check that?
>
use '#!/usr/local/bin/perl -T' at the beginning of a perl cgi.
Probably it would end in some 'tainted' errors you have to solve.
For further details look into 'man perlsec'.
Christian
>> - perl without tainting checks in cgi-bin?
>
>what exactly do you mean? how can i do/check that?
>
use '#!/usr/local/bin/perl -T' at the beginning of a perl cgi.
Probably it would end in some 'tainted' errors you have to solve.
For further details look into 'man perlsec'.
Christian
--
To U
ting checks in cgi-bin?
etc.
etc.
Christian
-Original Message-
From: Markus Schabel [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 18, 2003 12:23 PM
To: debian-security@lists.debian.org
Subject: Re: [sec] Re: Strange segmentation faults and Zombies
maximilian attems wrote:
>
ting checks in cgi-bin?
etc.
etc.
Christian
-Original Message-
From: Markus Schabel [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 18, 2003 12:23 PM
To: [EMAIL PROTECTED]
Subject: Re: [sec] Re: Strange segmentation faults and Zombies
maximilian attems wrote:
> On Thu, 18 Se
Don't forget to try to find the potential hole first!
Otherwise you could have a fast recurrence.
Christian
- Original Message -
From: "Josh Carroll" <[EMAIL PROTECTED]>
To:
Sent: Thursday, September 18, 2003 9:12 AM
Subject: Re: Strange segmentation faults and Zombies
> Backup /etc an
Don't forget to try to find the potential hole first!
Otherwise you could have a fast recurrence.
Christian
- Original Message -
From: "Josh Carroll" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, September 18, 2003 9:12 AM
Subject: Re: Strange segmentation faults and Zombies
Hello,
did anybody know about security issues about changing
umask for apache from 022 to 002?
The reason is that we want to give ftp users write access
to files generated by apache user.
Thanks.
Christian
Hello,
did anybody know about security issues about changing
umask for apache from 022 to 002?
The reason is that we want to give ftp users write access
to files generated by apache user.
Thanks.
Christian
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble
I don't think there would be another 'version' of the same package.
But what error did you get while compiling?
With or without --with-imap-ssl?
I've a running environment for recompiling php4 (stable release)
without any problems (though I've switched on more than 4.1 would
allow ;).
Christian
Interesting. That mail has overcome spamassassin without any hits:
X-Spam-Status: No, hits=0.0 required=4.0
tests=none
version=2.53-lists.debian.org_2003_04_28
X-Spam-Checker-Version: SpamAssassin 2.53-lists.debian.org_2003_04_28
(1.174.2.15-2003-03-30-exp)
Any options to get it?
> Maybe you should talk to the family of the 3300 people in the WTC that
> died because the FBI, CIA
> or Special Services didn't have or couldn't intercept the many mail, fax
> and cell phone communications
> that went between the cowards that flew planes into the buildings.
>
> You know, I fee
> Maybe you should talk to the family of the 3300 people in the WTC that
> died because the FBI, CIA
> or Special Services didn't have or couldn't intercept the many mail, fax
> and cell phone communications
> that went between the cowards that flew planes into the buildings.
>
> You know, I fee
What about
cp /dev/sdx /dev/sdy
It works very well on two identical drives -
- perhaps when the second one is larger, too.
You don't need any permissions. The result is really a clone
including partition table!
I used this from a floppy with a full version of cp.
Christian
> - Original Mess
What about
cp /dev/sdx /dev/sdy
It works very well on two identical drives -
- perhaps when the second one is larger, too.
You don't need any permissions. The result is really a clone
including partition table!
I used this from a floppy with a full version of cp.
Christian
> - Original Mess
Look at brand new
http://packages.debian.org/unstable/mail/cyrus21-imapd.html
ssl included!
Christian
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, December 06, 2002 4:12 PM
To: debian-security@lists.debian.org
Subject: Re: pop mail recommendations
.
Why it did 'fell down .. with exim'?
With a little bit more expense as usual
cyrus 2.0.16 worked very fine with sendmail 8.12.2!
regards,
Christian
-Original Message-
From: Jeff AA [mailto:[EMAIL PROTECTED]
Sent: Friday, December 06, 2002 1:48 PM
To: debian-security@lists.debian.org
Subj
Look at brand new
http://packages.debian.org/unstable/mail/cyrus21-imapd.html
ssl included!
Christian
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 06, 2002 4:12 PM
To: [EMAIL PROTECTED]
Subject: Re: pop mail recommendations
...
I'd suggest
Why it did 'fell down .. with exim'?
With a little bit more expense as usual
cyrus 2.0.16 worked very fine with sendmail 8.12.2!
regards,
Christian
-Original Message-
From: Jeff AA [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 06, 2002 1:48 PM
To: [EMAIL PROTECTED]
Subject: RE: pop m
51 matches
Mail list logo
