ttp://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=083ae30>
(committed July 15) may be a more complete fix. Someone who understands the
kernel and TCP better than I should cast their eyes over it and consider having
it be backported before Debian releases a new kernel and publishes a DSA.
--
Justin
s incorporate the fix introduced in 3.6) and start to clean up the mess
that this "issue" has made, or am I off-base in thinking that RFC 5961 should
sufficiently mitigate the (arguably non-) issue that CVE-2004-0230 claims to
be.
Cheers
--
Justin
Hello All,
Was just wondering if there was any mentoring opportunities available on
the Debian Security team.
~Regards,
Justin Andrusk
I would expect it to be root kit of some form, most likely to dwell in a
non-free repo.
On Sat, Jan 18, 2014 at 3:14 PM, Kevin Olbrich wrote:
> Hello,
>
> This is a chance of 1 in 5.
> I think there are ways we would never imagine yet. Just think of such a
> possibility in qt and there would be
496623565
On Jan 15, 2012 4:26 AM, "Yves-Alexis Perez" wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> - -
> Debian Security Advisory DSA-2388-1 secur...@debian.org
> http://www.debian.org/secur
Would you remove Justin Bellmor from your email list. Justin passed
away last month after suffering a major brain bleed in July.
Thank you
Russell Bellmor
Justin's Dad
--
Justin Bellmor
Computer Science Undergraduate @ Georgia Institute of Technology
jus...@bellmor.com
Please remove Justin Bellmor from your listserve. Justin passed away
on Aug 26th after suffering a major brain bleed on July 2nd.
Russell
Justin's Dad
--
Justin Bellmor
Computer Science Undergraduate @ Georgia Institute of Technology
jus...@bellmor.com | jus...@gtisc.gatech.edu
770-265
#438871 - jabber: do not run as group:adm
http://bugs.debian.org./438871
You should know that mailing [EMAIL PROTECTED] doesn't reach the submitter.
In fact, logrotate can create files with given owner/group/mode.
Daemon's shouldn't be in special groups. They could be in
group:nobody, but only
I've had no response yet to this bugreport (#438538), which leaves
(the few) Stable mpop users with no way to upgrade to the
point-release version and fix a security issue: #426077,
CVE-2007-1558.
On Aug 17, Justin B Rye wrote:
> http://ftp.debian.org/debian/pool/main/m/mpop/mp
l be great if it is implemented in syslogd
for Linux!
Justin.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On 8/31/05, Martin Schulze <[EMAIL PROTECTED]> wrote:
-BEGIN PGP SIGNED MESSAGE-Hash: SHA1- --
Debian Security Advisory DSA 792-1 [EMAIL PROTECTED]http://www.debian.org/security/
> Just to mention: in some countries distributing racist material or
> neglecting the holocaust can be punished by law. I do not know what
> is the situation in British Columbia
British Columbia being part of Canada makes it quite illegal. Canada has
hate laws.
J
--
> Just to mention: in some countries distributing racist material or
> neglecting the holocaust can be punished by law. I do not know what
> is the situation in British Columbia
British Columbia being part of Canada makes it quite illegal. Canada has
hate laws.
J
--
Also, the characters
,./[EMAIL PROTECTED]()-{}<>;:| '"
are also used in regular expressions. That might have something to do with
it.
-Justin
GHA - http://gha.bravepages.com
> - Original Message -
> From: "Kim De Smaele" <[EMAIL PROTECTED]>
> To:
with an ASCII
value of 0-47, excluding 42, will return nothing.
Further research is need, however, this may only be a bug, rather than
something that is exploitable.
http://search.yahoo.com/bin/[EMAIL PROTECTED]
%3D%2B%28%29-%7B%7D%3C%3E%3B%3A%7C+%27%22&ei=UTF-8 also did not display
anyt
> Not really, it's a security file: you can't change your area without
> recompiling. I can see the use for this: h4x0rs can't just change a
> config file and have a completely different suexec area, of their own
> choosing.
Of course, if they can get write access to said config file they
probably
> Not really, it's a security file: you can't change your area without
> recompiling. I can see the use for this: h4x0rs can't just change a
> config file and have a completely different suexec area, of their own
> choosing.
Of course, if they can get write access to said config file they
probably
irc
connection off of the server, thereby hiding their identity).
Hope this is helpful :)
-Justin
irc
connection off of the server, thereby hiding their identity).
Hope this is helpful :)
-Justin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
#x27;s a much more complex library than
openssl (and may have some different/added functionality rather than a
simple <10 line fix).
-Justin
#x27;s a much more complex library than
openssl (and may have some different/added functionality rather than a
simple <10 line fix).
-Justin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
e system db. If you fear that
something may have been modified, you can download the .deb file and
bypass anything that an attacker could modify. Of course, the debsums
binary could be modified to never report that anything has changed, but
every little bit helps..
-Justin
e system db. If you fear that
something may have been modified, you can download the .deb file and
bypass anything that an attacker could modify. Of course, the debsums
binary could be modified to never report that anything has changed, but
every little bit helps..
-Justin
--
To UNSUBSCRIBE, ema
subscribe
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
subscribe
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
getting into the internals, I would recommend
firestarter as a great app for graphical firewall configuration.
- --
[!] Justin R. Miller <[EMAIL PROTECTED]>
PGP 0xC9C40C31 -=- http://codesorcery.net
http://news.independent.co.uk/world/asia_china/story.jsp?story=281067
-BEGIN
getting into the internals, I would recommend
firestarter as a great app for graphical firewall configuration.
- --
[!] Justin R. Miller <[EMAIL PROTECTED]>
PGP 0xC9C40C31 -=- http://codesorcery.net
http://news.independent.co.uk/world/asia_china/story.jsp?story=281067
-BEGIN
sed for some time.
I don't see any reason to beat a dead horse. Any distribution that still
ships anything older than 1.2.4 should simply make 1.2.4 available in the
updates or errata.
--
Justin Shore, ES-SS ES-SSR Pittsburg State University
Network & Systems Manager Kelce
sed for some time.
I don't see any reason to beat a dead horse. Any distribution that still
ships anything older than 1.2.4 should simply make 1.2.4 available in the
updates or errata.
--
Justin Shore, ES-SS ES-SSR Pittsburg State University
Network & Systems Manager K
ity. Am I on the wrong list or did I read
> the list description incorrectly ?
Based on what I've seen, this is for Debian-related security discussion,
and debian-security-news is for announcements.
- --
[!] Justin R. Miller <[EMAIL PROTECTED]>
PGP 0xC9C40C31 -=- http://co
ity. Am I on the wrong list or did I read
> the list description incorrectly ?
Based on what I've seen, this is for Debian-related security discussion,
and debian-security-news is for announcements.
- --
[!] Justin R. Miller <[EMAIL PROTECTED]>
PGP 0xC9C40C31 -=- http://co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Said [EMAIL PROTECTED] on Tue, Mar 12, 2002 at 03:20:29PM -0500:
> Anyone know how I fix this?
Typing 'dmesg -n1' will turn down the console output. I'm not sure what
downsides this may have, though.
- --
[!] Justin R. Miller
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Said [EMAIL PROTECTED] on Tue, Mar 12, 2002 at 03:20:29PM -0500:
> Anyone know how I fix this?
Typing 'dmesg -n1' will turn down the console output. I'm not sure what
downsides this may have, though.
- --
[!] Justin R. Miller
ens to link to another site from
this page, the query string will be seen in the HTTP referrer header on
the remote site, which often shows up in stats programs.
- --
[!] Justin R. Miller <[EMAIL PROTECTED]>
PGP 0xC9C40C31 -=- http://codesorcery.net
http://www.cnn.com/2002/ALLPO
ens to link to another site from
this page, the query string will be seen in the HTTP referrer header on
the remote site, which often shows up in stats programs.
- --
[!] Justin R. Miller <[EMAIL PROTECTED]>
PGP 0xC9C40C31 -=- http://codesorcery.net
http://www.cnn.com/2002/ALLPO
j
> ACCEPT
Here's what firestarter seems to add for DHCP:
ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpts:67:68
ACCEPT udp -- 0.0.0.0/00.0.0.0/0 udp dpts:67:68
I suppose it could be a bit more restrictive than that...
- --
[!] Justin R
j
> ACCEPT
Here's what firestarter seems to add for DHCP:
ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpts:67:68
ACCEPT udp -- 0.0.0.0/00.0.0.0/0 udp dpts:67:68
I suppose it could be a bit more restrictive than that...
- --
[!] Justin R
uilding
firewall rules that can adapt for DHCP.
- --
[!] Justin R. Miller <[EMAIL PROTECTED]>
PGP 0xC9C40C31 -=- http://codesorcery.net
http://www.aclu.org/action/id107.html
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info se
uilding
firewall rules that can adapt for DHCP.
- --
[!] Justin R. Miller <[EMAIL PROTECTED]>
PGP 0xC9C40C31 -=- http://codesorcery.net
http://www.aclu.org/action/id107.html
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info se
7;adduser' command.
- --
[!] Justin R. Miller <[EMAIL PROTECTED]>
PGP 0xC9C40C31 -=- http://codesorcery.net
http://www.newsbytes.com/news/02/174673.html
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For
e this?
- --
[!] Justin R. Miller <[EMAIL PROTECTED]>
PGP 0xC9C40C31 -=- http://codesorcery.net
http://www.newsbytes.com/news/02/174673.html
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://w
7;adduser' command.
- --
[!] Justin R. Miller <[EMAIL PROTECTED]>
PGP 0xC9C40C31 -=- http://codesorcery.net
http://www.newsbytes.com/news/02/174673.html
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For
e this?
- --
[!] Justin R. Miller <[EMAIL PROTECTED]>
PGP 0xC9C40C31 -=- http://codesorcery.net
http://www.newsbytes.com/news/02/174673.html
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://w
Thus spake Kenneth Pronovici ([EMAIL PROTECTED]):
> From 'man ssh'
Related:
http://www-106.ibm.com/developerworks/library/l-keyc.html
http://www-106.ibm.com/developerworks/linux/library/l-keyc2/?open&l=252,t=grl,p=ossh2
--
Justin R. Miller <[EMAIL
Thus spake Kenneth Pronovici ([EMAIL PROTECTED]):
> From 'man ssh'
Related:
http://www-106.ibm.com/developerworks/library/l-keyc.html
http://www-106.ibm.com/developerworks/linux/library/l-keyc2/?open&l=252,t=grl,p=ossh2
--
Justin R. Miller <[EMAIL
gt; My filters provide similar functionality to spamassasin. The response
> scripts fill in an additional role.
Nice, I will have a look at your setup sometime. :-)
--
Justin R. Miller <[EMAIL PROTECTED]>
View my website at http://codesorcery.net
Please encrypt email using key 0xC9C40
gt; My filters provide similar functionality to spamassasin. The response
> scripts fill in an additional role.
Nice, I will have a look at your setup sometime. :-)
--
Justin R. Miller <[EMAIL PROTECTED]>
View my website at http://codesorcery.net
Please encrypt email using key 0xC9C40C31
Thus spake Karsten M. Self (kmself@ix.netcom.com):
> I've got a few systems for trapping spam.
I've been quite happy with spamassassin. Feel free to check out my
writeup:
http://codesorcery.net/docs/spamtricks.html
--
Justin R. Miller <[EMAIL PROTECTED]>
View
Thus spake Karsten M. Self ([EMAIL PROTECTED]):
> I've got a few systems for trapping spam.
I've been quite happy with spamassassin. Feel free to check out my
writeup:
http://codesorcery.net/docs/spamtricks.html
--
Justin R. Miller <[EMAIL PROTECTED]>
View
t's the best solution (security reason)
Have a look at Cyrus IMAP. It's designed for POP3/IMAP for non-shell
users, i.e. a closed-box system. the authentication _can_ be
/etc/passwd-based, but typically you use a separate DB file to store the
login info.
--
Justin R. Miller <[EMAIL PRO
t's the best solution (security reason)
Have a look at Cyrus IMAP. It's designed for POP3/IMAP for non-shell
users, i.e. a closed-box system. the authentication _can_ be
/etc/passwd-based, but typically you use a separate DB file to store the
login info.
--
Justin R. Miller <[EMAIL PRO
00 /usr/sbin/atd
If you don't use this, get rid of it. Malicious users can schedule
tasks for when they're not logged in.
Just a couple thoughts on ways to tighten things.
--
Justin R. Miller <[EMAIL PROTECTED]>
PGP/GnuPG Key ID 0xC9C40C31 (preferred)
pgplkHonmriow.pgp
Description: PGP signature
00 /usr/sbin/atd
If you don't use this, get rid of it. Malicious users can schedule
tasks for when they're not logged in.
Just a couple thoughts on ways to tighten things.
--
Justin R. Miller <[EMAIL PROTECTED]>
PGP/GnuPG Key ID 0xC9C40C31 (preferred)
msg04062/pgp0.pgp
Description: PGP signature
ding due to GPG problems. I will be doing an NMU this week.
--
----
| Justin Penney |
|<[EMAIL PROTECTED]>|
egb.2y.net |
|experimentgonebad.com|
---
ding due to GPG problems. I will be doing an NMU this week.
--
----
| Justin Penney |
|<[EMAIL PROTECTED]>|
egb.2y.net |
|experimentgonebad.com|
---
--
To UNSUBSCRIBE,
Just searched on Google for you.
http://www.robertgraham.com/pubs/firewall-seen.html is a great site on what is
hitting your firewall (what ever port number) by the looks of it. It says the
following about port 13223
Hope that helps
Justin
13223 The "PowWow" ch
Just searched on Google for you. http://www.robertgraham.com/pubs/firewall-seen.html
is a great site on what is hitting your firewall (what ever port number) by the looks
of it. It says the following about port 13223
Hope that helps
Justin
13223 The "PowWow" ch
57 matches
Mail list logo
