Quoting kevin bailey <[EMAIL PROTECTED]>:
[snip]
> 4. enhance authentication
>
> maybe set up ssh access by authorised keys only - but again this has a
> problem when i need to log in to the server from a putty session on a PC in
> an internet cafe .
>
Buy a laptop. Trusting an unknown PC in an
Quoting Alex Pankratz <[EMAIL PROTECTED]>:
[snip]
> Did, and that made both 111 and 699 not show up in nmap scan. sweet,
> thanks Jeffery. I could swear that in the past I saw 111 open and I
> sort of ignored it, why would 699 be open now, and then closed? why is
> statd running, i dont use NFS.
>
See interspersed comments below.
Quoting Alex Pankratz <[EMAIL PROTECTED]>:
> My apologies in advance if this is the wrong place to ask this, this
> is my first time asking for help..
>
> What is running on port 699? I only have squid, ssh, and dhcpd
> listening on my 2 internal interfaces, but n
This requires the ipt_recent IPtables module, among others, and it is
in 2.4.22+ and 2.6 kernels. Both in testing. And requires upgrading
libc6, so use at your own risk.
Jeffrey
Quoting Jeffrey L. Taylor <[EMAIL PROTECTED]>:
> A possible improvement:
>
> http://www.soloport.co
A possible improvement:
http://www.soloport.com/iptables.html
Quoting Steve Suehring <[EMAIL PROTECTED]>:
>
> Could it be this?
>
> http://lists.sans.org/pipermail/intrusions/2004-August/008357.html
>
> You didn't specify which usernames were being used, so it's tough to
> tell if that's the
Quoting Mark Devin <[EMAIL PROTECTED]>:
> Hash: SHA1
>
> It looks as though someone is trying to crack my box through ssh. This
> is what logcheck emailed me:
> - -- snip --
> Jun 16 04:36:02 jack sshd[20026]: Connection from 212.202.204.149 port 2323
> Jun 16 04:36:03 jack sshd[20027]: Connectio
Quoting Mark Devin <[EMAIL PROTECTED]>:
> Hash: SHA1
>
> It looks as though someone is trying to crack my box through ssh. This
> is what logcheck emailed me:
> - -- snip --
> Jun 16 04:36:02 jack sshd[20026]: Connection from 212.202.204.149 port 2323
> Jun 16 04:36:03 jack sshd[20027]: Connectio
Quoting Tib <[EMAIL PROTECTED]>:
> I'm looking for information on packages that will do a nice job of keeping
> an eye on my system security-wise. PackageS because I know that no one
> packages can do it all.
>
> Currently all I've got is 'tiger', and while it does a good job it has
> issues like
Quoting Przemys?aw ?widerski <[EMAIL PROTECTED]>:
>
> >
> > On Tue, Mar 11, 2003 at 06:53:48PM +0900, Hideki Yamane wrote:
> > >
> > > >This was added to the SANS Advisory on Sendmail last week.
> > > >I have not seen any news nor postings related to Snort with
> > > >Debian and was wondering ab
Quoting Przemys?aw ?widerski <[EMAIL PROTECTED]>:
>
> >
> > On Tue, Mar 11, 2003 at 06:53:48PM +0900, Hideki Yamane wrote:
> > >
> > > >This was added to the SANS Advisory on Sendmail last week.
> > > >I have not seen any news nor postings related to Snort with
> > > >Debian and was wondering ab
Quoting Dariush Pietrzak <[EMAIL PROTECTED]>:
> > of the data that you will want. RRDs do not expand once they are created,
> > so once it wraps and starts to overwrite old data, it is lost.
> Well, that's the idea behind rrd, and I don't like it. You don't overwrite
> your security logs, why wou
Quoting Dariush Pietrzak <[EMAIL PROTECTED]>:
> > of the data that you will want. RRDs do not expand once they are created,
> > so once it wraps and starts to overwrite old data, it is lost.
> Well, that's the idea behind rrd, and I don't like it. You don't overwrite
> your security logs, why wou
Quoting gabe <[EMAIL PROTECTED]>:
> I would like to know what ppl think is the best package for monitor
> servers, at my last work place they were installing "mon". In my new
> job they use Nagios, which I'm not to sure about due to the fact that
> installation / configuration goes wrong. Most
Quoting gabe <[EMAIL PROTECTED]>:
> I would like to know what ppl think is the best package for monitor
> servers, at my last work place they were installing "mon". In my new
> job they use Nagios, which I'm not to sure about due to the fact that
> installation / configuration goes wrong. Most
What is listening on port 514 (netstat -ant)?
Jeffrey
Quoting Bill <[EMAIL PROTECTED]>:
> I just want to add lpd is not listening on any port according to lsof
> or netstat
>
> On February 11, 2003 11:57 am, [EMAIL PROTECTED] wrote:
> > Hi,
> >
> > 3 days after starting my potato system lpd sta
Quoting [EMAIL PROTECTED] <[EMAIL PROTECTED]>:
> Hi,
>
> 3 days after starting my potato system lpd started to run.
> system started Feb 6
> ps output:
> USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
> root 6833 0.0 1.3 1052 412 ? SFeb09 0:00 /usr/sbin/lpd
> root 6836 0.0 1.5
What is listening on port 514 (netstat -ant)?
Jeffrey
Quoting Bill <[EMAIL PROTECTED]>:
> I just want to add lpd is not listening on any port according to lsof
> or netstat
>
> On February 11, 2003 11:57 am, [EMAIL PROTECTED] wrote:
> > Hi,
> >
> > 3 days after starting my potato system lpd sta
Quoting [EMAIL PROTECTED] <[EMAIL PROTECTED]>:
> Hi,
>
> 3 days after starting my potato system lpd started to run.
> system started Feb 6
> ps output:
> USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
> root 6833 0.0 1.3 1052 412 ? SFeb09 0:00 /usr/sbin/lpd
> root 6836 0.0 1.5
> On Thursday, 2002-12-12 at 13:02:41 -0600, Jeffrey Taylor wrote:
>> Sorry for the multiple sends. Some of the original addresses had
>> typos that I corrected and resent. Bad dog!
>
> Still no cookie, bad dog :-P
>
> http://ipsec.wit.antd.nist.gov/ Host does not resolve
> http://i
> On Thursday, 2002-12-12 at 13:02:41 -0600, Jeffrey Taylor wrote:
>> Sorry for the multiple sends. Some of the original addresses had
>> typos that I corrected and resent. Bad dog!
>
> Still no cookie, bad dog :-P
>
> http://ipsec.wit.antd.nist.gov/ Host does not resolve
> http://i
20 matches
Mail list logo
