openssl/openssh fixes for lenny (testing)

2008-05-14 Thread Harry Edmon
Are there any plans to issue the same openssl/openssh security fixes for lenny has have been done for etch? -- Dr. Harry Edmon E-MAIL: [EMAIL PROTECTED] 206-543-0547[EMAIL PROTECTED] Dept of Atmospheric SciencesFAX:206-543-0308

Re: securing server

2008-05-07 Thread Harry Jackson
Just install xinted and use the "only_from" option. H On Wed, 2008-05-07 at 19:39 +0800, Abdul Bijur Vallarkodath wrote: > haha. not really! if u have really managed an online server u'd have > seen tons of attacks and login attempts on your default ports by bots > looking around for weaker sys

Re: whitehat to test a security config

2005-11-01 Thread Harry
--- Alvin Oga <[EMAIL PROTECTED]> wrote: > questions for you > > - what else is in the goals for the security test, > where i'm not > using audit, pen-test, assessments and other > "security words" > > - what is the consequence if some > whitehat/grayhat/blackhat/malicioushat > does get into

Re: How to help the security team (was Re: Bad press related to (missing) Debian security)

2005-06-28 Thread Harry
required. Current Workaround: The administrator can order the sudoers file such that all entries granting Sudo ALL privileges precede all other entries. Harry Join team plico. http://www.hjackson.org/cgi-bin/folding/index.pl __ Do You Yahoo!? Tired of

Re: using sarge on production machines

2005-02-18 Thread Harry
ple want root on a machine. I am certainly not about to give them all root on the host. Harry __ Do you Yahoo!? Meet the all-new My Yahoo! - Try it today! http://my.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of

Re: using sarge on production machines

2005-02-18 Thread Harry
--- Marc Haber <[EMAIL PROTECTED]> wrote: > On Fri, Feb 18, 2005 at 02:25:17AM -0800, Harry wrote: > > use UML and chroot it and run sarge in it. > > What does this gain you? A compomised uml is as bad as a compromised > system. I can wipe the UML if the host has not been

Re: using sarge on production machines

2005-02-18 Thread Harry
linux based web > and mailserver there) want newer packages. > so somehow I was forced to upgrade to a newer version of debian. Some people have already said it. Use stable with backports. Where this absolutely won't do use UML and chroot it and run sarge in it. This is what I&

Re: PHP Update .. details

2004-12-25 Thread Harry Sufehmi
;s worth reading over at least. Hopefully Debian security team will be convinced to patch php4 package then. Thanks, Harry -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Keeping files away from users

2003-06-06 Thread Harry Brueckner
er a simple hardware problem all your own data is lost as well, even if the harddrive is not having any problems. Just my 2 cents. :-) Harry -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Keeping files away from users

2003-06-05 Thread Harry Brueckner
x. So after a simple hardware problem all your own data is lost as well, even if the harddrive is not having any problems. Just my 2 cents. :-) Harry