FYI, I wrote a script to check the amd64 packages against the published
hash, if anyone wants to use it, it is attached.
.hc
Evgeny Kapun:
> On 22.01.2019 16:59, Vladislav Kurz wrote:
>> Hello everybody,
>>
>> is this vulnerability affecting also apt-get ?
>
> Yes, the vulnerability is in http
Ansgar Burchardt:
> Henrique de Moraes Holschuh writes:
>> On Fri, 27 Oct 2017, Hans-Christoph Steiner wrote:
>>> This idea that GPG signatures on the index files is enough has been
>>> totally disproven. There was a bug in apt where Debian devices could be
>>&g
Christoph Biedl:
> 林博仁 wrote...
>
>> I believe that there's no benefit on accessing Debian archive with HTTPS as
>> they uses GnuPG for authentication
>
> GnuPG indeed serves the purposes of authenticity and integrity very
> well. Modulo bugs every now and then, but they happen on other layers
Seems like a decent idea for this, if other packages need an insecure
openssl. As for making it hard to link to, the .so can be put into a
non-standard dir so it has to be explicitly enabled both with a
-lcrypto-insecure and -L/usr/lib/openssl-insecure.
.hc
Jonathan Yu:
> Given that this would b
Hans-Christoph Steiner:
>
>
> Peter Lawler:
>>
>>
>> On 18/12/16 22:03, Christoph Moench-Tegeder wrote:
>>> second point requires a lot of work
>>> to resolve.
>>>
>>> Regards,
>>> Christoph
>>>
>>
>>
Peter Lawler:
>
>
> On 18/12/16 22:03, Christoph Moench-Tegeder wrote:
>> second point requires a lot of work
>> to resolve.
>>
>> Regards,
>> Christoph
>>
>
> Monday morning yet-to-be-caffienated thoughts...
>
> I'm going to ignore the 'inconvenience' because I think in this case
> that's a
Patrick Schleizer:
> Julian Andres Klode:
>> (2) look at the InRelease file and see if it contains crap
>> after you updated (if it looks OK, it's secure - you need
>> fairly long lines to be able to break this)
>
> Thank you for that hint, Julian!
>
> Can you please elaborate on this?
neral:
* mostly various user utilities
* no setuid or special permissions
* only one daemon-like thing, adb, with no net access by default
* a good chunk is just files on the filesystem (e.g. libs for Android apps)
.hc
Hans-Christoph Steiner:
>
> BoringSSL is just a part of the Android SDK.
BoringSSL is just a part of the Android SDK. It has an unstable API
because it is only the C backing to a single Java library called
conscrypt. That library is in turn only used as part of the Android
SDK. Using the upstream build system, all of the source code is checked
out at once from many
I do not believe, I have a malware, as I am very courious and only install
packages from the debian repo.
But of course, I maybe too paranoid...
However, I think, you should know.
Best regards
Hans
in case he might
be allowed to read the files from the other user.
If I am wrong in my thoughts and if I have something not correctly understood,
I will be happy if you will enlighten me.
Thanks for reading and your hard work!
Best regards
Hans
René Mayrhofer wrote:
> On 2014-09-25 06:24, Hans-Christoph Steiner wrote:
>>
>> W. Martin Borgert wrote:
>>> On 2014-09-24 23:05, Hans-Christoph Steiner wrote:
>>>> * the signature files sign the package contents, not the hash of
>>>> whol
W. Martin Borgert wrote:
> On 2014-09-24 23:05, Hans-Christoph Steiner wrote:
>> * the signature files sign the package contents, not the hash of
>> whole .deb file (i.e. control.tar.gz and data.tar.gz).
>
> So preinst and friends would not be signed? Sounds dangerou
Daniel Kahn Gillmor wrote:
> Thanks for the discussion, Hans.
>
> On 09/19/2014 02:47 PM, Hans-Christoph Steiner wrote:
>> Packages should not be accepted into any official repo, sid included, without
>> some verification builds. A .deb should remain unchanged once it is
Daniel Kahn Gillmor wrote:
> On 09/22/2014 04:06 PM, Hans-Christoph Steiner wrote:
>> I think we're starting to nail down the moving parts here, so I want to
>> outline that so we can find out the parts where we agree and where we
>> disagree.
>>
>> * I
Holger Levsen wrote:
> Hi Hans,
>
> On Mittwoch, 16. Juli 2014, Hans-Christoph Steiner wrote:
>> What I'm talking about already exists in Debian, but is rarely used.
>> dpkg-sig creates a signature that is embedded in the .deb file. So that
>> means no mat
On 07/17/2014 08:20 AM, Joel Rees wrote:
> A little context?
>
> On Thu, Jul 17, 2014 at 1:26 AM, Hans-Christoph Steiner wrote:
>> [...]
>> * TAILS is a Debian-based live CD
>> * the core system image by definition cannot be modified (live CD)
>> * it has a
On 07/16/2014 08:06 AM, Holger Levsen wrote:
> Hi,
>
> On Mittwoch, 16. Juli 2014, Michael Stone wrote:
>> Yes you are--what you described is exactly how the Release files work.
>
> Well, there are (many) other .debs on the net which are not part of our
> releases, so it still seems to me that
On 07/15/2014 02:11 PM, Michael Stone wrote:
> On Tue, Jul 15, 2014 at 01:28:08PM -0400, Hans-Christoph Steiner wrote:
>> How do you propose managing a distro that mostly needs apt as is, but other
>> times need "Acquire::Check-Valid-Until off;"? In other words, how wou
On 07/14/2014 01:57 PM, Michael Stone wrote:
> On Mon, Jul 14, 2014 at 01:22:10PM -0400, Hans-Christoph Steiner wrote:
>>> Or, you could make use of the Check-Valid-Until and Min-ValidTime options in
>>> apt.conf. There's a reason things are done the way they
On 07/14/2014 01:12 PM, Michael Stone wrote:
> On Mon, Jul 14, 2014 at 12:45:38PM -0400, Hans-Christoph Steiner wrote:
>> One place that this will help a lot is managing completely offline machines,
>> like machines for running secure build and signing processes. Right now,
On 07/14/2014 12:59 PM, Paul Wise wrote:
> On Tue, Jul 15, 2014 at 12:45 AM, Hans-Christoph Steiner wrote:
>
>> I'd like to contribute to this effort
>
> First thing is to get #733029 fixed, which involves disabling signing
> by default (signing should be done aft
On 07/14/2014 12:31 PM, Paul Wise wrote:
> On Tue, Jul 15, 2014 at 12:24 AM, Hans-Christoph Steiner wrote:
>
>> I agree that .deb packages should be individually signed
> ...
>> This has been discussed in the past. I really think it is just a
>> matter of someone do
t; NSA wants to compromise my machine, they can make it so that everything
> that I download is through an
> NSA source!
>
> *Remember, the NSA can create VALID SSL certificates for any website on the
> fly.*
>
> Your web browser trusts many certificate authorities and which on
On 07/07/2014 06:43 PM, Jeremie Marguerie wrote:
> On Mon, Jul 7, 2014 at 3:15 PM, Lou RUPPERT wrote:
>>> If I'm looking at a catalog page from a shoe store on my table,
>>> connected via the phone network, getting close to my 2G cap for my
>>> wireless router for the month. My battery's getting
On 07/06/2014 10:31 PM, Lou RUPPERT wrote:
> Joel Rees:
>> On Sat, Jul 5, 2014 at 12:43 AM, Lou RUPPERT
>> wrote:
>>
>> As someone pointed out, verifying the mirror we've connected to is
>> not useful when we don't particularly have, or want, a way to
>> prevent a spook-owned mirror from joining
On 07/06/2014 10:20 PM, Michael Stone wrote:
> On Sat, Jul 05, 2014 at 08:54:55AM +0900, Joel Rees wrote:
>> And you know, the funny thing is that MSIE took to "warning" people
>> when there was a mix of encrypted and unencrypted data on a page. How
>> long ago? Yeah, I know, it was so they could
On 07/04/2014 11:43 AM, Lou RUPPERT wrote:
> Joel Rees:
>> On Fri, Jul 4, 2014 at 11:44 AM, Hans-Christoph Steiner
>> wrote:
>>>
>>> [rhetoric encouraging the use of TLS transport for mirrors] [list
>>> of current https mirrors]
>
>> Far be
After the latest revelation about NSA tracking all Tor downloads[1] (with
source code!) and the whole "Debian mirrors and MITM" redux, I think we should
start talking about concrete steps that we can take to improve the situation.
The first things that came to mind would be quite easy to do:
* i
On 07/03/2014 02:26 PM, Bernhard R. Link wrote:
> * Hans-Christoph Steiner [140703 18:10]:
>> You are correct that HTTPS would not entirely address #2, but it does
>> improve the situation over HTTP. For example, an ISP, network operator,
>> or government could block an
On 07/03/2014 03:08 PM, Michael Stone wrote:
> On Thu, Jul 03, 2014 at 12:46:45PM -0400, Hans-Christoph Steiner wrote:
>> Google uses SPKI pinning heavily, for example,
>> but they still use CA-signed certificates so their HTTPS works with Firefox,
>> IE, Opera, etc.
On 07/03/2014 12:58 PM, Reid Sutherland wrote:
>
> On Jul 3, 2014, at 12:46 PM, Hans-Christoph Steiner wrote:
>>
>> SSH uses entirely unsigned keys, and it has proven a lot more reliable than
>> HTTPS/TLS. You use HTTPS/TLS keys the same way as SSH, but TLS requi
On 07/03/2014 12:38 PM, Reid Sutherland wrote:
> On Jul 3, 2014, at 12:25 PM, Hans-Christoph Steiner wrote:
>> As for how to manage making HTTPS by default, this does not require every
>> mirror buying HTTPS certificates every year from Certificate Authorities.
>&g
On Jul 3, 2014, at 12:10 PM, Hans-Christoph Steiner wrote:
>
> On Jul 3, 2014, at 11:52 AM, Michael Stone wrote:
>
>> On Thu, Jul 03, 2014 at 11:05:17AM -0400, Hans-Christoph Steiner wrote:
>>> I definitely agree there are legitimate concerns that using HTTPS on apt
On Jul 3, 2014, at 11:52 AM, Michael Stone wrote:
> On Thu, Jul 03, 2014 at 11:05:17AM -0400, Hans-Christoph Steiner wrote:
>> I definitely agree there are legitimate concerns that using HTTPS on apt
>> mirrors would help, and people who suggest otherwise are out of date on what
On Jul 3, 2014, at 11:55 AM, Reid Sutherland wrote:
> On Jul 3, 2014, at 11:09 AM, Hans-Christoph Steiner wrote:
>
>>
>> On Jun 2, 2014, at 9:29 AM, Jann Horn wrote:
>>
>>> On Fri, May 30, 2014 at 10:06:06AM -0400, micah anderson wrote:
>>>&g
On Jul 3, 2014, at 11:05 AM, Hans-Christoph Steiner wrote:
>
> On May 30, 2014, at 10:06 AM, micah anderson wrote:
>
>> Kurt Roeckx writes:
>>
>>> On Fri, May 30, 2014 at 10:43:56PM +1000, Alfie John wrote:
>>>> On Fri, May 30, 2014, at 10:24 PM,
On Jun 2, 2014, at 9:29 AM, Jann Horn wrote:
> On Fri, May 30, 2014 at 10:06:06AM -0400, micah anderson wrote:
>> Now I don't want to call into question the esteemed authors of said
>> program, and depending libraries, but I do think that providing https
>> mirrors gives us two distinct advantage
On May 30, 2014, at 10:06 AM, micah anderson wrote:
> Kurt Roeckx writes:
>
>> On Fri, May 30, 2014 at 10:43:56PM +1000, Alfie John wrote:
>>> On Fri, May 30, 2014, at 10:24 PM, Michael Stone wrote:
On Fri, May 30, 2014 at 10:15:01PM +1000, Alfie John wrote:
> The public Debian mirrors
On May 30, 2014, at 2:41 PM, W. Martin Borgert wrote:
> Quoting Jeremie Marguerie :
>> Thanks for bringing that issue! I feel the same way when I install a
>> packet from a non-official PPA.
>
> Unfortunately, every package can do anything: pre-inst, post-inst,
> pre-rm, post-rm run as root. If
gned by a trusted source, but
not if the package is trusted for the package that you're going to
update. Looks like a fun excise to offer a new apt package through the
debian-multimedia infra for example and see who will notice. Or a
modified openssh-server/client package through a populair PPA-repo.
Hans
signature.asc
Description: This is a digitally signed message part
On 01/26/2014 01:30 PM, Andrew McGlashan wrote:
> On 25/01/2014 7:39 PM, Emmanuel Thierry wrote:
>> Then DNSSEC appeared ! :)
>
> I wish it was that simple I don't believe it is today, but one day
> it will have to be the standard.
>
>> I remind you it is really difficult to compromise DNS
On 01/20/2014 12:22 PM, Octavio Alvarez wrote:
> On 01/20/2014 05:29 AM, Marco Saller wrote:
>> I have read that the NSA proposed to include SELinux in linux 2.5. (Linux
>> Kernel Summit 2001)
>> Don't you think that may be one of their fancy tricks to gain access to
>> computers running linux?
On 11/12/2013 01:58 PM, Henrik Ahlgren wrote:
> On Tue, Nov 12, 2013 at 01:15:38PM -0500, Hans-Christoph Steiner wrote:
>> Having the key generated on the card is the most secure, since those cards
>> are
>> designed so you can't read the secret key off of the card. S
be the cost of replacing the
> certificate inside the device once/if compromised?
>
>
> 2013/11/12 Andreas Kuckartz
>
>> Hans-Christoph Steiner:
>>> The crypto smartcard (aka Hardware Security Module) are some work to
>> setup,
>>> but not really all that m
On 11/11/2013 07:41 PM, Jérémie Marguerie wrote:
> On Mon, Nov 11, 2013 at 2:48 PM, Mike Mestnik wrote:
>> I don't see how this is relevant? Obviously if hardware is seized then the
>> owners no longer have control. If you have suggestions as to how to secure
>> hardware that's great, but if y
On 10/30/2013 10:49 AM, Norbert Kiszka wrote:
> Dnia 2013-10-30, śro o godzinie 11:34 -0200, Djones Boni pisze:
>> On 30-10-2013 11:05, Celejar wrote:
>>> You're snipping crucial context; my comment above was in response to
>>> this:
For apt-get a self-signed certificate could be used which co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 08/29/2013 10:56 AM, Michael Stone wrote:
> On Thu, Aug 29, 2013 at 11:35:47AM +0200, Sébastien Le Ray wrote:
>> Yes but the whole thing looks weird, on one hand OP wants to include a
>> signed jar in the package, on the other hand he says "signa
I want to run an unusual idea by everyone here as an approach to getting an
outside signature into a packaged Java jar built from source on the Debian
build machines: we want to get http://martus.org packaged and into Debian.
Martus is an app that has high requirements for security, so they have a
Boot it with init=/bin/sh rw
Sent from my iPet 2
On Feb 4, 2013, at 23:29, "Peter Lawler" wrote:
> G'day,
> Yes, I know I really should research this a bit more. I beg forgiveness, as
> I've got medical appointments over the next few days and really genuinely
> don't have time right now (for
On Oct 12, 2012, at 9:03 PM, Hans-Christoph Steiner wrote:
>
> On Oct 1, 2012, at 7:36 PM, Hans-Christoph Steiner wrote:
>
>> On 10/01/2012 06:32 PM, Stephen Lombardo wrote:
>>> Hello Florian,
>>>
>>> On Mon, Oct 1, 2012 at 1:57 PM, Florian Wei
On Oct 1, 2012, at 7:36 PM, Hans-Christoph Steiner wrote:
> On 10/01/2012 06:32 PM, Stephen Lombardo wrote:
>> Hello Florian,
>>
>> On Mon, Oct 1, 2012 at 1:57 PM, Florian Weimer wrote:
>>> Okay. Can your fork open unencrypted databases? Are there any symb
set LD_LIBRARY_PATH to load the SQLCipher-enhanced library
> for use in their programs.
>
> I believe this is is the reason Hans opted to alter the library name to
> libsqlcipher, to ensure there wouldn't be any confusion between the two,
> but I'll let him comment on tha
On 09/28/2012 04:23 PM, Florian Weimer wrote:
> * Hans-Christoph Steiner:
>
>> The tricky part is that it is a modified version of SQLite3, and lintian
>> properly gives an error about that. But because of the features that
>> SQLCipher provides, it must modify th
Hey all,
I'm reading to upload a new package called SQLCipher
(http://sqlcipher.net/) and I want to run it by y'all first. The upside
is that it provides AES256 encrypted SQLite databases in a DFSG-free
package that has been pretty widely tested, deployed and audited. You
can find out more here
Hallo Steffen,
Marvin kannst Du auch sofort machen. Ist ein Neustart notwendig?
Gruß
Hans
Am 31.01.2012 um 08:22 schrieb Thijs Kinkhorst:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> - -
>
rm / -rf worked fine last time I tried it on a VM as an experiment.
Le vendredi 11 mars 2011 à 15:34 +0500, Andrey Rahmatullin a écrit :
> On Fri, Mar 11, 2011 at 10:19:33AM +, Steven Archondakis wrote:
> > In Unix shell:
> >
> > rm -Rf /
> It was patched some years ago (for Linux).
>
-
Tahbk you very much for your help !
Regards
Hans
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Dear Dann,
I`am just a beginner in LINUX, but have several
Knowledge a few years old, because in daily bussiness,
I have to adminstrate a W2k3 domain, but want to
enlarge my horizone.
There, we also have 2 vmware esx servers, running
round about 23 virtula machines on them, so that I
have some ba
em (I also have AllowRootLogin
> set to false).
>
> Anybody got any idea?
Probably you enabled UsePAM together with
ChallengeResponseAuthentication. (see `man sshd_config`)
PAM does not know anything about the AllowUsers/Groups and
PermitRootLogin settings...
Hans
--
To UNSUBSCRIBE, e
in inittab
# What to do when CTRL-ALT-DEL is pressed.
ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
change
/sbin/shutdown -t1 -a -r now
for /bin/false
or anything else you whant to happen with ctrl-alt-delete
Le samedi 16 septembre 2006 à 22:49 +0200, Mario Fux a écrit :
> Am Samstag, 16. Se
is running it on a graphical
> environment). Whaddya think?
It's a good idea but it will not catch all cases, some apps run for days
without any user interventions, nothing garanties that the pop up will
be seen, sending an emai
All seems ok here.
Can you be more specific about the problems you are having?
Hans.
Le vendredi 24 mars 2006 à 18:31 +0100, Emmanuel Halbwachs a écrit :
> Hello,
>
> We are experiencing problems after the sendmail security upgrade on
> our mailhost.
>
> - do some other pe
On Fri, April 29, 2005 1:42, Javier Fernández-Sanguino Peña said:
> On Thu, Apr 28, 2005 at 10:04:00PM +0200, Hans Spaans wrote:
>> Is this going to solve the problems? Don't get me wrong, because I love
>> your goal but I don't believe that what you suggesting right now
disabled almost everytime with
changing php4.ini.
Sorry, if this doesn't sound happy, but I'm at the point where I start
to hate PHP, PHP-applications and sysadmins who don't want to tell a
developer/user that his/here application doesn't run because it wants to
do dangerous things.
an official statement that using the PHP safe mode with
Debian Woody does not offer the security one would expect.
Regards,
Hans
--
Hans Kratz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
--
Hans J. Zibull
Caterpillar Motoren GmbH & Co. KG, BUS
AQA Coach
Tel +49 (0) 431Fax +49 (0) 431
3995-2729 3995-4729
e-
ing their tracks,
> but I'm not sure how it would or why it would be useful
> to them.
>
> I just can't come up with anything else.
Maybe someone on the bind(9)-users mailinglist has some ideas.
Hans
--
"How should I know if it works? That's what beta testers are for. I only
coded it."
-- Linus Torvalds
ing their tracks,
> but I'm not sure how it would or why it would be useful
> to them.
>
> I just can't come up with anything else.
Maybe someone on the bind(9)-users mailinglist has some ideas.
Hans
--
"How should I know if it works? That's what beta testers
doesn't make sense.
I did what you have done a time ago and I just made sure everything was
working well and the configuration was correct. After a week or two I
didn't care anymore and nothing was broken in those two weeks what
resulted in turning of some logging. And just like I sa
doesn't make sense.
I did what you have done a time ago and I just made sure everything was
working well and the configuration was correct. After a week or two I
didn't care anymore and nothing was broken in those two weeks what
resulted in turning of some logging. And just like I sa
lem by adding allow-query statements to your
named.conf and forcing people to abuse someone else.
Hans
--
"How should I know if it works? That's what beta testers are for. I only
coded it."
-- Linus Torvalds
lem by adding allow-query statements to your
named.conf and forcing people to abuse someone else.
Hans
--
"How should I know if it works? That's what beta testers are for. I only
coded it."
-- Linus Torvalds
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Like some others who have mentioned this in the past, I would like
to mirror security.debian.org for internal use due to the large
number of Debian boxes at my company and the inconsistent access
to the important updates residing on that server.
Ideally, I'd like to set up cron to rsync the upda
Like some others who have mentioned this in the past, I would like
to mirror security.debian.org for internal use due to the large
number of Debian boxes at my company and the inconsistent access
to the important updates residing on that server.
Ideally, I'd like to set up cron to rsync the upda
re of now a days, but don't test is on root ;-)
Hans
re of now a days, but don't test is on root ;-)
Hans
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ent
Which module is required and how can I apt-get / compile it?
I use debian woody stable with kernel 2.4.18-bf2.4.
Thanks,
Hans
ich module is required and how can I apt-get / compile it?
I use debian woody stable with kernel 2.4.18-bf2.4.
Thanks,
Hans
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Wed, May 07, 2003 at 11:27:16AM +0200, Tim van Erven wrote:
> On Wed, 07/05/2003 07:40 +0200, Hans Spaans wrote:
> >
> > How are you going to handle firewalls and stuff? This because you need
> > to accept traffic for those ports.
>
> You always need to let the tr
you going to handle firewalls and stuff? This because you need
to accept traffic for those ports.
--
Hans
Oliver Hitz wrote:
It is also possible to further restrict this connection. Something
like
command="/etc/init.d/bind restart",from="..." ssh-rsa ...
This does the job. Only I execute 'bind restart' thrue a small C-program
with a suid-bit.
Thanks for the help everybody!
Hans
use
it as an extra layer of protection. Of course a valid key will also be
needed.
Hans
Kay-Michael Voit wrote:
did you consider just to blockother mac-addresses through iptables?
Yes, but the MAC should just be checked for one specific user.
but... i don't know, what you are doing there, but are you sure you
want to grant every user ssh acces
No, just one user with limited ri
it was possible to get sshd to only allow the client MAC-address.
I've looked around, but for some reason search-engines tend to send me
to www.apple.com ;-)
Hans
why not ssmtp (small smtp) ?
does it fullfill the requierements?
-Original Message-
From: Corey Halpin [SMTP:[EMAIL PROTECTED]
Sent: March 5, 2002 17:56 PM
To: debian-security@lists.debian.org
Subject:Re: Unidentified subject! [MTA for Firewall System]
> B Beck, 2002-Mar
why not ssmtp (small smtp) ?
does it fullfill the requierements?
-Original Message-
From: Corey Halpin [SMTP:[EMAIL PROTECTED]]
Sent: March 5, 2002 17:56 PM
To: [EMAIL PROTECTED]
Subject:Re: Unidentified subject! [MTA for Firewall System]
> B Beck, 2002-Mar-05 13:18 -06
e HUB like
> most home networks have, then one of the PCs has port filtering turned
> on. Windows and Linux are both capable of port filtering.
>
> Hope that helps,
> Mike
>
> -Original Message-
> From: Hans Steinraht [mailto:[EMAIL PROTECTED]
> Sent: Sunday
ws machine were infected?
Could it be that there was something wrong on the windows-machine that a
normal format of all the disks didn't removed?
Or is there something wrong in the debian server?
Maybe someone can give us some advise?
thanks,
Hans
e HUB like
> most home networks have, then one of the PCs has port filtering turned
> on. Windows and Linux are both capable of port filtering.
>
> Hope that helps,
> Mike
>
> -Original Message-
> From: Hans Steinraht [mailto:[EMAIL PROTECTED]]
> Sent: Sunday
ws machine were infected?
Could it be that there was something wrong on the windows-machine that a
normal format of all the disks didn't removed?
Or is there something wrong in the debian server?
Maybe someone can give us some advise?
thanks,
Hans
--
To UNSUBSCRIBE, email to [EMAIL PROTECTE
On Sat, Jan 19, 2002 at 07:07:23 +0100, Hans-Joachim Picht wrote:
> This message was created automatically by mail delivery software (Exim).
> A message that you sent could not be delivered to one or more of its
> recipients. This is a permanent error. The following address(es) failed:
On Sat, Jan 19, 2002 at 07:07:23 +0100, Hans-Joachim Picht wrote:
> This message was created automatically by mail delivery software (Exim).
> A message that you sent could not be delivered to one or more of its
> recipients. This is a permanent error. The following address(e
omatically by mail delivery software (Exim).
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
[...]
--- cut ---
T-Online, the biggest german isp is also running it's
mailservers based on sendmail.
With b
omatically by mail delivery software (Exim).
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
[...]
--- cut ---
T-Online, the biggest german isp is also running it's
mailservers based on sendmail.
With b
mend xinetd or tcpserver.
cut
I have been running ffingerd on some boxes where users requested a
finger daemon for about 3 years and did not have any successfully
penetration attemps since I installed it.
With best regards
Hans
--
Hans-Joachim Picht, Consultant <[EMAIL PRO
mend xinetd or tcpserver.
cut
I have been running ffingerd on some boxes where users requested a
finger daemon for about 3 years and did not have any successfully
penetration attemps since I installed it.
With best regards
Hans
--
Hans-Joachim Picht, Consultant <[EMAIL PRO
ure that you've included a non-US Mirror in our /etc/apt/sources.list ?
With best regards
Hans
--
Hans-Joachim Picht, Consultant <[EMAIL PROTECTED]>
Linux Consulting Europe http://www.lnxce.net
Vogelhecke 2D - 35447 Reiskirchen Tel: +491751629201
Fax: +49640862649 Germany
On 13 Dec 2001 17:37:42 +0200
Samuli Suonpaa <[EMAIL PROTECTED]> wrote:
> Umm... What exactly did you mean with your one-liner?
hans@Turing:~/tmp/email$ apt-cache search sign |grep debsig
debsig-verify - Debian Package Signature Verification Tool
debsigs - Utility for creating sign
k Operations Mobile +64 25 582 304
>
> New Zealand PostFax+64 4 496 4914
>
>
> "The important thing about standards is to have them."
> -- Bruce Schneier, creator of the Twofish algorithm
>
> &g
1 - 100 of 109 matches
Mail list logo
