than /etc/passwd, and you can keep the
old passwords for imaps.
--
Hubert Chan <[EMAIL PROTECTED]> -- Jabber: [EMAIL PROTECTED]
PGP/GnuPG key: 1024D/124B61FA http://www.uhoreg.ca/
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
--
To UNSUBSCRIBE, email to [EMAIL PRO
in on `date`." |\ ...
(those are backticks around "date")
Run "date --help" to see how to change the date format if you want
something different than the default.
--
Hubert Chan - email & Jabber: [EMAIL PROTECTED] - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA (Key a
emembering state certainly alleviates the problem. But it's not a
complete solution.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net. Encrypted e-mail
On 2005-03-23 04:07:47 -0500 Frank Küster <[EMAIL PROTECTED]> wrote:
> Hubert Chan <[EMAIL PROTECTED]> wrote:
>
>> Is it an int or a size_t (like what malloc uses)? If it is an int,
>> then INT_MAX would work as expected. If it's size_t, then you should
&
you should
use SIZE_MAX (defined in stdint.h).
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
efine a new constant. You can also use
INT32_MAX from stdint.h (which, if you're using from C++ code, you'll
have to #define __STDC_LIMIT_MACROS before you include stdint.h).
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprin
Since every hash is oneway,
this renders the term meaningless. So the only useful notion of oneway
is that the hash is not easily invertible (i.e. you can't easily find
some string that produces a given hash value).
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key:
n it won't bother you about wanting to upgrade.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
--
To UNSUBSCRIBE,
packages. When you check the signature
from the repository, you are checking it against the Debian archive key
(which changes periodically).
(note: I am not a DD, and I've only been loosely following apt 0.6. But
I am a package maintainer.)
--
Hubert Chan <[EMAIL PROTECTED]> - http://ww
pretty trivial. Edit
/etc/udev/permissions.d/udev.permissions, locate the "input/*:..."
line and change it appropriately, and restart udev.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 1
>>>>> "Daniel" == Daniel Pittman <[EMAIL PROTECTED]> writes:
Daniel> On 16 Jun 2004, Hubert Chan wrote:
>> SpamAssassin will check for hashcash in the future. Support is
>> already present in the development version of SpamAssassin.
Daniel>
>>>>> "Daniel" == Daniel Pittman <[EMAIL PROTECTED]> writes:
Daniel> On 16 Jun 2004, Hubert Chan wrote:
>> SpamAssassin will check for hashcash in the future. Support is
>> already present in the development version of SpamAssassin.
Daniel>
sh, the hashcash token uses the recipient's address, as
well as a date. The recipient can keep a database of received tokens
to make sure that the same token isn't used twice. Old tokens can be
expired, since the token contains the date too.
--
Hubert Chan <[EMAIL PROTECTED]> -
ures anyway...
Although eating up gobs of CPU will probably be more easily noticed
than just sending out lots of traffic. Then again, some users are
pretty clueless...
(P.S. I'm the hashcash package maintainer.)
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG
sh, the hashcash token uses the recipient's address, as
well as a date. The recipient can keep a database of received tokens
to make sure that the same token isn't used twice. Old tokens can be
expired, since the token contains the date too.
--
Hubert Chan <[EMAIL PROTECTED]> -
ures anyway...
Although eating up gobs of CPU will probably be more easily noticed
than just sending out lots of traffic. Then again, some users are
pretty clueless...
(P.S. I'm the hashcash package maintainer.)
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG
annot open '/dev/tty' :
Clemens> no such device or address Error: Password must be at least 20
Clemens> characters
Have you tried adding the --no-tty option to gpg?
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5
annot open '/dev/tty' :
Clemens> no such device or address Error: Password must be at least 20
Clemens> characters
Have you tried adding the --no-tty option to gpg?
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5
>>>>> "Hubert" == Hubert Chan <[EMAIL PROTECTED]> writes:
replying to self...
[...]
Hubert> The comment has nothing to do with whether or not your encrypted
Hubert> filesystem is a journaling filesystem with or without
Hubert> data=ordered. ...
Hmmm.
kernel version. Apply the patches in order. (Patches for
2.6.x are currently experimental.) These patches should get merged into
mainline sometime ... soon. (For some value of "soon".)
You'll also have to add a "data=ordered" or "data=journal" mount
option. (d
>>>>> "Hubert" == Hubert Chan <[EMAIL PROTECTED]> writes:
replying to self...
[...]
Hubert> The comment has nothing to do with whether or not your encrypted
Hubert> filesystem is a journaling filesystem with or without
Hubert> data=ordered. ...
Hmmm.
kernel version. Apply the patches in order. (Patches for
2.6.x are currently experimental.) These patches should get merged into
mainline sometime ... soon. (For some value of "soon".)
You'll also have to add a "data=ordered" or "data=journal" mount
option. (d
remove 'check_finddeleted' from /etc/tiger/cronrc.
Thanks.
That seems highly, uhm..., unintuitive, though. A note in tigerrc
might help. (Or is it possible to change the behaviour so that tigerrc
can disable a check? e.g. by having check_... load tigerrc?)
--
Hubert Chan <
remove 'check_finddeleted' from /etc/tiger/cronrc.
Thanks.
That seems highly, uhm..., unintuitive, though. A note in tigerrc
might help. (Or is it possible to change the behaviour so that tigerrc
can disable a check? e.g. by having check_... load tigerrc?)
--
Hubert Chan <
Is there any way of turning off this check? I have
Tiger_Check_DELETED=N in my /etc/tiger/tigerrc, but that seems to not
have any effect.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61
Is there any way of turning off this check? I have
Tiger_Check_DELETED=N in my /etc/tiger/tigerrc, but that seems to not
have any effect.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61
other
patches.
http://sourceforge.net/projects/wolk
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
pgpBWkC4FEEwL.pgp
Description: PGP signature
other
patches.
http://sourceforge.net/projects/wolk
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
pgp0.pgp
Description: PGP signature
atches and kernel sources I got from the sid
repository maybe about a month ago. I would imagine that there
shouldn't be much of an issue using the patches and kernel sources from
sid on a stable box.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B
atches and kernel sources I got from the sid
repository maybe about a month ago. I would imagine that there
shouldn't be much of an issue using the patches and kernel sources from
sid on a stable box.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B
fferent parts of the kernel, so
if you plan on applying other patches as well, you may have to do a bit
of patching by hand.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key avai
ntication, so you can use one of the PAM modules
(e.g. libpam-pwdfile or libpam-dotfile which is in unstable, but AFAIK
not in stable) and set it up so that everyone can have different
passwords for sudo.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61
an packages are not signed, which is why debsig-verify fails.
Dale> So what have I neglected in my chroot environment?
Perhaps in your non-chroot environment, you have debsig-verify turned
off in /etc/dpkg/dpkg.cfg ("no-debsig" option).
--
Hubert Chan <[EMAIL PROTECTED]> - http:
an packages are not signed, which is why debsig-verify fails.
Dale> So what have I neglected in my chroot environment?
Perhaps in your non-chroot environment, you have debsig-verify turned
off in /etc/dpkg/dpkg.cfg ("no-debsig" option).
--
Hubert Chan <[EMAIL PROTECTED]> - http:
internet,
Thomas> they can pray all day long...
To add some Debian into this discussion, such licenses are not DFSG
free. (Of course, this is still off topic since it's a d-legal issue,
and not d-security.)
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key:
internet,
Thomas> they can pray all day long...
To add some Debian into this discussion, such licenses are not DFSG
free. (Of course, this is still off topic since it's a d-legal issue,
and not d-security.)
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key:
ctivity?
Oh my goodness! I just realized that "reality" is just a computer
program that taps right into my brain. Everything's just an illusion,
and the TLAs can read my thoughts! Ah! ...
Aah, paranoid delusions are so much fun.
P.S. This message is GPG signed, so that you can v
ctivity?
Oh my goodness! I just realized that "reality" is just a computer
program that taps right into my brain. Everything's just an illusion,
and the TLAs can read my thoughts! Ah! ...
Aah, paranoid delusions are so much fun.
P.S. This message is GPG signed, so that you can v
BTW, I've also grepped through the cryptoapi and cryptoloop sources, and
they seem to be only allocating memory at initialization and in the
digest functions too (which would be expected). Yay! I guess I'll be
setting up encrypted swap soon! :-)
Thanks
--
Hubert Chan <[EMAI
x27;t mind clarifying
something for me, what is the relationship between patch-int, and
cryptoapi and cryptoloop?
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key avail
BTW, I've also grepped through the cryptoapi and cryptoloop sources, and
they seem to be only allocating memory at initialization and in the
digest functions too (which would be expected). Yay! I guess I'll be
setting up encrypted swap soon! :-)
Thanks
--
Hubert Chan <[EMAI
ease let me know.
Things to the effect of "it works for me" don't count, since the issue
doesn't seem to be terribly likely to occur. Since you have asked me
not to spread FUD without referring to facts, I would ask that you
return the same courtesy and not call someone on spre
x27;t mind clarifying
something for me, what is the relationship between patch-int, and
cryptoapi and cryptoloop?
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwke
ease let me know.
Things to the effect of "it works for me" don't count, since the issue
doesn't seem to be terribly likely to occur. Since you have asked me
not to spread FUD without referring to facts, I would ask that you
return the same courtesy and not call someone on spre
allocate new
memory. Otherwise, it may cause some swapping, which makes you do
encryption, which may allocate new memory, ad infinitum. loop-AES takes
care of that explicitly, by preallocating memory, but I don't think
cryptoapi/cryptoloop does, so you may be taking your chances with it.
--
H
allocate new
memory. Otherwise, it may cause some swapping, which makes you do
encryption, which may allocate new memory, ad infinitum. loop-AES takes
care of that explicitly, by preallocating memory, but I don't think
cryptoapi/cryptoloop does, so you may be taking your chances with it.
--
H
ommends" rather than "Depends". AFAIK, if docbook-xml is
installed, scrollkeeper will use the local copy, rather than fetching it
over the network. (If not, this should be another wishlist bug.)
(Hmm. On my system (sid), scrollkeeper already depends on docbook-xml.)
--
Hubert
ommends" rather than "Depends". AFAIK, if docbook-xml is
installed, scrollkeeper will use the local copy, rather than fetching it
over the network. (If not, this should be another wishlist bug.)
(Hmm. On my system (sid), scrollkeeper already depends on docbook-xml.)
--
Hubert
tions
will have the problem), that is not present in SSH2.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
pgpg5kjyBHRCH.pgp
Description: PGP signature
tions
will have the problem), that is not present in SSH2.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
msg08273/pgp0.pgp
Description: PGP signature
ther list.
Others might use a mail<->news gateway such as news.gmane.org, so they
are not directly subscribed to the mailing list.
Many people also have multiple email addresses, and the address which
they post with might not be the same address which they have subscribed.
(I don't ev
ther list.
Others might use a mail<->news gateway such as news.gmane.org, so they
are not directly subscribed to the mailing list.
Many people also have multiple email addresses, and the address which
they post with might not be the same address which they have subscribed.
(I don't ev
ed everytime.
It goes in /var/log/tiger/check_accounts.out.template.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
pgpBpYNv2Lro8.pgp
Description: PGP signature
ed everytime.
It goes in /var/log/tiger/check_accounts.out.template.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
msg07504/pgp0.pgp
Description: PGP signature
added to the
password when it gets hashed. This is done to make dictionary attacks
a bit harder (i.e. you can't just generate a list of words + their
hashes).
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1F
re, but I found that /var/log contained
many old log files, with a ".0" extension, which I believe got there
when changing system loggers, causing logrotate's configuration to
change. After deleting those (note: not all .0 files are bad; check the
date), everything worked fine.
--
mplain if a signature wouldn't be valid
Marcel> or missing?
see the debsig-verify package.
However, I don't think that most of the packages are signed, and even
then, you need to trust your gpg keys.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024
s the libc from BSD-based systems,
which is different from Linux's glibc, I believe.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net. Encrypted e-m
blem. I'm in Hong Kong and it
Jonas> is the same to me:
Jonas> Err ftp://security.debian.org woody/updates/main Packages Could
Jonas> not connect to security.debian.org:21 (130.89.175.34), connection
Jonas> timed out
I can ping it, and I just did an apt-get update which connected
ver wwwkeys.pgp.net
(or whatever keyserver you use), gpg will automagically (attempt to)
fetch keys which it does not already have when you try to check a
signature.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1
i programs, they
Alf> wouldn't like having to use cli. Never overestimate your users. ;)
http://www.i-tree.org/ixplorer.htm
A GUI frontend to pscp.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7
see http://www.gnupg.org
>> iD8DBQE87QV/lE/Gp2pqC7wRAnOwAKClkxaNInxG+/59Z+67CmyY6vzJyQCgmHl5
>> dXGHMoenwxKHE2bQZQWI308= =VSU4 -END PGP SIGNATURE-
John> Oh, and you'll want to revoke your PGP key if it was on this box,
John> as you can't trust your PGP keys anymo
see http://www.gnupg.org
>> iD8DBQE87QV/lE/Gp2pqC7wRAnOwAKClkxaNInxG+/59Z+67CmyY6vzJyQCgmHl5
>> dXGHMoenwxKHE2bQZQWI308= =VSU4 -END PGP SIGNATURE-
John> Oh, and you'll want to revoke your PGP key if it was on this box,
John> as you can't trust your PGP keys anymo
to check out partimage. There's even a Debian package
for it. Although it doesn't seem to support ext3 either, at least
according to the package description.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5
nt to check out partimage. There's even a Debian package
for it. Although it doesn't seem to support ext3 either, at least
according to the package description.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5
It actually works the other way around -- you add users that you don't
want to have outbound access to a special group -- but you get the same
effect.
It also allows you to stop users from creating processes that listen on
network ports too, which you probably would want to have too.
--
Hube
It actually works the other way around -- you add users that you don't
want to have outbound access to a special group -- but you get the same
effect.
It also allows you to stop users from creating processes that listen on
network ports too, which you probably would want to have too.
--
Hube
chine yesterday, and it seems pretty interesting, but I haven't
done any extensive testing on it.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key available at
chine yesterday, and it seems pretty interesting, but I haven't
done any extensive testing on it.
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key available at
oesn't help.
Whether or not the digital signature on this message has been forged is
up to you to guess. ;-)
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key availab
oesn't help.
Whether or not the digital signature on this message has been forged is
up to you to guess. ;-)
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key availab
different port.) You may also
want to accept incoming icmp packets:
iptables -A INPUT -p icmp -j ACCEPT
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key available a
over a different port.) You may also
want to accept incoming icmp packets:
iptables -A INPUT -p icmp -j ACCEPT
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key available a
P replies)
- whatever ports you want open to the public
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
-BEG
P replies)
- whatever ports you want open to the public
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
-BEG
t; printer stream tcp nowait lp /usr/lib/cups/daemon/cups-lpd
Luis> cups-lpd (actually i'm not sure whether this corresponds to cups
Luis> or to lpr)
That would be CUPS's lpr compatability daemon. If you don't have other
hosts needing to use your computer to print, you can just
cups/cupsd.conf, and replace the line "Port 631" with
"Listen 127.0.0.1:631". Also, if you're paranoid, set up a firewall
too. Even if you don't have any extra ports open right now, a firewall
can save you if you accidentally misconfigure something (or if a trojan
gets in
t; printer stream tcp nowait lp /usr/lib/cups/daemon/cups-lpd
Luis> cups-lpd (actually i'm not sure whether this corresponds to cups
Luis> or to lpr)
That would be CUPS's lpr compatability daemon. If you don't have other
hosts needing to use your computer to print, you
(But then, I think that "linux init=/bin/sh" will always
work, so it may be fine to give root a dummy shell. Again, I've never
tried this, so you're on your own.)
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Finge
(But then, I think that "linux init=/bin/sh" will always
work, so it may be fine to give root a dummy shell. Again, I've never
tried this, so you're on your own.)
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Finge
don't know what the sync user is for, though, so I don't know if you
can set it to /bin/false. /bin/sync looks like it was put there for a
reason.
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2
I don't know what the sync user is for, though, so I don't know if you
can set it to /bin/false. /bin/sync looks like it was put there for a
reason.
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2
ck on Preferences from the popup menu -- this will run
xscreensaver-demo.
Does anyone know if xscreensaver-demo on Potato have an option like
that?
(BTW, Sid has version 3.34-1 of xscreensaver.)
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024
d
click on Preferences from the popup menu -- this will run
xscreensaver-demo.
Does anyone know if xscreensaver-demo on Potato have an option like
that?
(BTW, Sid has version 3.34-1 of xscreensaver.)
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key:
orized_keys
(i.e. authorized_keys is a file -- not a directory)
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key available at wwwkeys.pgp.net. Encrypted e-mail pre
.ssh/authorized_keys
(i.e. authorized_keys is a file -- not a directory)
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key available at wwwkeys.pgp.net. Encrypted e-ma
eff> get is "iptables: No chain/target/match by that name". Any ideas?
Jeff> Here is my script below.
Did you compile state-based filtering into the kernel? It might be
called connection tracking, or something like that.
- --
Hubert Chan <[EMAIL PROTECTED]> - http://ww
I
Jeff> get is "iptables: No chain/target/match by that name". Any ideas?
Jeff> Here is my script below.
Did you compile state-based filtering into the kernel? It might be
called connection tracking, or something like that.
- --
Hubert Chan <[EMAIL PROTECTED]> - http://ww
bottom of /etc/X11/gdm/gdm.conf. For other ?dm's, I don't know, since I
don't use them, but probably somewhere in /etc/X11 is a file that you
want to edit.
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint:
bottom of /etc/X11/gdm/gdm.conf. For other ?dm's, I don't know, since I
don't use them, but probably somewhere in /etc/X11 is a file that you
want to edit.
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint:
ost contains ONLY Internet
Network Information: Networks, ASN's, and related POC's.
Please use the whois server at rs.internic.net for DOMAIN related
Information and whois.nic.mil for NIPRNET Information.
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
ost contains ONLY Internet
Network Information: Networks, ASN's, and related POC's.
Please use the whois server at rs.internic.net for DOMAIN related
Information and whois.nic.mil for NIPRNET Information.
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/
>>>>> "Dansuki" == Dansuki Ahmed <[EMAIL PROTECTED]> writes:
[...]
Dansuki> I am prepared to invest 20m pounds sterling in your company if
^^^
[...]
Woohoo! 20 milli-pounds! I'll be rich!
--
Hubert Chan <[EM
>>>>> "Dansuki" == Dansuki Ahmed <[EMAIL PROTECTED]> writes:
[...]
Dansuki> I am prepared to invest 20m pounds sterling in your company if
^^^
[...]
Woohoo! 20 milli-pounds! I'll be rich!
--
Hubert Chan <[EM
, this is all assuming that you have the appropriate source
lines in your sources.list file.
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key available at wwwkeys.pgp.net.
, this is all assuming that you have the appropriate source
lines in your sources.list file.
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD 6F2C 6518 54DF 71FD A37F
Key available at wwwkeys.pgp.net.
king of which, is there anyone in the Waterloo (Canada) region who
wants to sign my key? My key currently has 0 signatures (other than my
self-sig).)
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD
king of which, is there anyone in the Waterloo (Canada) region who
wants to sign my key? My key currently has 0 signatures (other than my
self-sig).)
--
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD
click on "Yes" when asked to accept a key that has
Michael> changed (or type in "yes" when asked a similar question by
Michael> SSH.)
Yup. The biggest security hole is social engineering.
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertcha
click on "Yes" when asked to accept a key that has
Michael> changed (or type in "yes" when asked a similar question by
Michael> SSH.)
Yup. The biggest security hole is social engineering.
- --
Hubert Chan <[EMAIL PROTECTED]> - http://www.geocities.com/hubertcha
1 - 100 of 185 matches
Mail list logo
