Re: Is this a hacking attempt?

On Tue, 20 Jan 2015 17:52:05 +0100 Vincent Deffontaines wrote: > Le 2015-01-20 12:40, Marko Randjelovic a écrit : > > I was running Wheezy Iceweasel with vanilla 3.14 kernel with grsec. I > > tried to play video on YouTube with gnash plugin but Iceweasel > > crashed &g

Is this a hacking attempt?

I was running Wheezy Iceweasel with vanilla 3.14 kernel with grsec. I tried to play video on YouTube with gnash plugin but Iceweasel crashed with alike messages execution attempt in ... Terminating task /usr/lib/iceweasel/iceweasel Full log can be found on http://paste.lisp.org/+343V Kind regard

Re: about bash and Debian Lenny

On Mon, 06 Oct 2014 03:25:27 +0200 Carlos Alberto Lopez Perez wrote: > >> > >> I have built patched packages for lenny. You can download them from here: > >> > >> http://people.igalia.com/clopez/bash-shellshock-lenny/ > >> > >> If you are not willing to use the binaries, you can rebuild it from t

Re: about bash and Debian Lenny

On Wed, 01 Oct 2014 17:30:11 +0200 Carlos Alberto Lopez Perez wrote: > On 01/10/14 13:28, Nikolay Hristov wrote: > > Hello there, > > > > I know that this is outdated debian release and it is in the archives > > but I still have 6 servers running Lenny and I don't want to upgrade > > them to new

Re: goals for hardening Debian: ideas and help wanted

On Tue, 29 Apr 2014 11:52:14 + Patrick Schleizer wrote: > Marko Randjelovic: > > I was thinking about some kind > > of wizard: > > > > - create a chroot if doesn't already exist > > - create a launcher for your DE > > - create a shell script t

Re: goals for hardening Debian: ideas and help wanted

On Tue, 29 Apr 2014 11:35:26 +0800 Paul Wise wrote: > On Tue, Apr 29, 2014 at 8:07 AM, Marko Randjelovic wrote: > > > - security patches should be clearly marked as such in every *.patch > > file > > That sounds like a good idea, could you add it to the wiki page?

Re: goals for hardening Debian: ideas and help wanted

On Thu, 24 Apr 2014 10:57:39 +0800 Paul Wise wrote: > Hi all, > > I have written a non-exhaustive list of goals for hardening the Debian > distribution, the Debian project and computer systems of the Debian > project, contributors and users. > > https://wiki.debian.org/Hardening/Goals > > If y

Re: NSA software in Debian

On Thu, 23 Jan 2014 15:41:57 +0100 Kevin Olbrich wrote: > >> A followup there links to the following bug, "linux-2.6: [RFC] Add a grsec > >> featureset to Debian kernels": > >> > >> > > > > This would of course be the real solution.

Re: NSA software in Debian

On 22 Jan 2014 20:40:12 +0100 "Andreas Kuckartz" wrote: > Marko Randjelovic: > > Octavio Alvarez wrote: > >> I wouldn't worry about SELinux specifically. > > > > As I already pointed out, there is something: > > http://lists.debian.org/201

Re: NSA software in Debian

On Wed, 22 Jan 2014 12:24:27 +1100 Russell Coker wrote: > The possibility of LSM hooks being used to hide a kernel rootkit is widely > cited. But most sysadmins aren't going to find a kernel rootkit anyway so > using a non-LSM security system for that reason is trading off the real > benefit

Re: NSA software in Debian

On Wed, 22 Jan 2014 16:16:21 -0800 Andrew Merenbach wrote: > I installed the i386 architecture and installed the `paxtest' suite. My > results were fairly disappointing, to be honest: > > $ sudo paxtest blackhat > > Executable anonymous mapping (mprotect) : Vulnerable > > Executable bss (mpro

Re: NSA software in Debian

On Wed, 22 Jan 2014 15:08:39 +0100 "Milan P. Stanic" wrote: > I found it a lot easier to go with vanilla kernel and grsec/pax patch > instead of using Debian kernels. Of course, but then secret services won't see you are using Debian :) -- Education is a process of making people see what is ad

Re: NSA software in Debian

On Mon, 20 Jan 2014 09:22:04 -0800 Octavio Alvarez wrote: > On 01/20/2014 05:29 AM, Marco Saller wrote: > > I have read that the NSA proposed to include SELinux in linux 2.5. (Linux > > Kernel Summit 2001) > > Don't you think that may be one of their fancy tricks to gain access to > > computers

Re: NSA software in Debian

On Sun, 19 Jan 2014 21:17:03 -0800 Andrew Merenbach wrote: > I just decided to try this out the other day on my Wheezy 7.3 install. > It wasn't that painful and I haven't noticed any performance impact or > misbehaving (read: broken) programs, at least not yet. Then again, I > haven't done r

Re: NSA software in Debian

On 19 Jan 2014 12:16:25 +0100 "Andreas Kuckartz" wrote: > Bjoern Meier: > > http://en.wikipedia.org/wiki/Security-Enhanced_Linux > > I proposed this Debian Release Goal: > https://wiki.debian.org/ReleaseGoals/SELinux > > Cheers, > Andreas > > SELinux security benefits are vague because it ma

Re: NSA software in Debian

On Sat, 18 Jan 2014 15:04:48 -0500 Noah Meyerhans wrote: > On Sat, Jan 18, 2014 at 08:30:49PM +0100, Marco Saller wrote: > > i am not sure if this question has been asked or answered yet, please do > > not mind if i would ask it again. > > Is it possible that the NSA or other services included i

Re: There is Pidgin in security updates with same version but different checksum

On Fri, 4 Oct 2013 01:52:44 +0200 Cyril Brulebois wrote: > Marko Randjelovic (2013-10-04): > > The package from security looks like error because it does not appear > > in apt-cache show, but exists in lists file and in > > http://security.debian.org/pool/updates/main/p/

There is Pidgin in security updates with same version but different checksum

The package from security looks like error because it does not appear in apt-cache show, but exists in lists file and in http://security.debian.org/pool/updates/main/p/pidgin/. Regards -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Troubl

Re: Security updates realized by new releases, case for backports?

On Thu, 03 Oct 2013 21:08:28 +0200 Paul van der Vlis wrote: > So far I know browsers like Konqueror, Epiphany and Midory do not have > real security support in Debian. See: > http://www.debian.org/releases/wheezy/amd64/release-notes/ch-information.en.html#browser-security I have taken a look at

Re: Security updates realized by new releases, case for backports?

On Thu, 03 Oct 2013 18:46:33 +0300 Riku Valli wrote: > Konqueror isn't solution, because most websites check you browser > strings and uses flash, javascript and so on. Yes, i know at i can > change these strings, but most in cases this isn't enough if i like > use this website. Unfortunately, t

Re: Security updates realized by new releases, case for backports?

On Thu, 03 Oct 2013 14:37:22 +0200 Paul van der Vlis wrote: > Hello, > > In some cases security updates for packages in main are realized by > new releases, e.g. Iceweasel and Wordpress. Such packages can give > problems, e.g. in Wordpress there are missing themes. > > In my opinion such packag

Re: How secure is an installation with with no non-free packages?

> I can't speak to those packages specifically but I think the answer > you'll get from most people, especially in this community, is that > non-free software is inherently insecure because you can't know > exactly what it is doing. Thus, a fully free system such as Debian > with only main enabled

Re: Script to System Check Integrity against Debian Package Repository

On Wed, 18 Sep 2013 09:47:27 +0200 Paul Wise wrote: > On Wed, Sep 18, 2013 at 9:36 AM, Török Edwin wrote: > > > Why not just reinstall from a trusted source, then > > restore /etc, /home and /var from backups and audit the changes > > introduced by that only? > > That is a slightly short-sighte

Re: Script to System Check Integrity against Debian Package Repository

On Wed, 18 Sep 2013 09:47:27 +0200 Paul Wise wrote: > On Wed, Sep 18, 2013 at 9:36 AM, Török Edwin wrote: > > > Why not just reinstall from a trusted source, then > > restore /etc, /home and /var from backups and audit the changes > > introduced by that only? > > That is a slightly short-si

Opinion on this, password changed, nothing suspicious in logs

* I logged in my normal account on desktop PC last time successfuly saturday evening and turned off the computer 2 hours after midnight. * At Sunday morning I went for a walk. At 16 pm I turned on the computer but my password did not work. * I checked the logs and found no trace of intrusion, but

Re: Command 'su' is not working in virtual console

Fortunately, I had already made some efforts towards backporting kernel 3.1.5 from unstable, so I successfully booted this kernel several minutes ago and 'su' in virtual console was working. I am considering whether to switch to this new kernel, and will also try to find cause of problem with 2.6.

Re: Command 'su' is not working in virtual console

On Dec 16, 2011, at 9:49 PM, Marko Randjelovic wrote: > >> devpts is mounted: >> >> devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620) > > if you are on pts, the nosuid and noexec will prevent execution > > ciao, > Hermann > > > > -- T

Re: Command 'su' is not working in virtual console

yes, it does. On 12/16/2011 10:06 PM, frederic ollivier wrote: > sudo -s > > works ? > > > > 2011/12/16 Bart-Jan Vrielink : > >> On 12/16/11 21:53, Freddy Spierenburg wrote: >> >>> Hi (first message) Bart-Jan and (second) Marko, >>> >>> On Fri, Dec 16, 2011 at 09:32:05PM +0100, Bart-Jan Vr

Re: Command 'su' is not working in virtual console

fsck found no errors on relevant fs, though when scanning it as mounted it looked like there are errors (it couldn't repair since I chouse correct read only option). Also, memtest86+ found no errors On 12/16/2011 09:54 PM, Marko Randjelovic wrote: > Looks like there are filesystem errors

Re: Command 'su' is not working in virtual console

Looks like there are filesystem errors. I have to reboot. > so try a disk fsck and also a RAM check > > I have had problems like these when a RAM was damaged > > Ciao > Davide > -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact

Re: Command 'su' is not working in virtual console

Not sure I understood. :( On 12/16/2011 09:34 PM, Davide Prina wrote: > but you use top posting... this is bad! ;-) > > -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian

Re: Command 'su' is not working in virtual console

devpts is mounted: devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620) $TTY is empty but the same is on another machine where this is working. On 12/16/2011 09:41 PM, Noah Meyerhans wrote: > On Fri, Dec 16, 2011 at 09:34:40PM +0100, Marko Randjelovic wrote: > > &

Re: Command 'su' is not working in virtual console

All looks OK. Just there is a dot after permissions in "ls -l". On 12/16/2011 09:32 PM, Bart-Jan Vrielink wrote: > On 12/16/11 21:07, Freddy Spierenburg wrote: >> Hi Marko, >> >> On Fri, Dec 16, 2011 at 08:51:58PM +0100, Marko Randjelovic wrote: >> >

Re: Command 'su' is not working in virtual console

it's not a terminal, but obviously it is. I really don't have an idea why. Any suggestions? On 12/16/2011 09:07 PM, Freddy Spierenburg wrote: > Hi Marko, > > On Fri, Dec 16, 2011 at 08:51:58PM +0100, Marko Randjelovic wrote: > >> su does not ask for a password

Re: Command 'su' is not working in virtual console

The same as for hdparm. I reinstalled it and all looks OK. Also checked md5sums in /var/lib/dpkg/info/login.md5sums. On 12/16/2011 08:57 PM, frederic ollivier wrote: > You are sure that the original "su" ? > > > > > > 2011/12/16 Marko Randjelovic : > >>

Re: Command 'su' is not working in virtual console

14] Found string 'hdparm' in file '/etc/init.d/hdparm'. Possible rootkit: Xzibit Rootkit The other file looks harmless and related to dependencies of boot scripts. On 12/16/2011 08:25 PM, Marcin Owsiany wrote: > On Fri, Dec 16, 2011 at 06:26:08PM +0100, Marko Randjelovic w

Re: Command 'su' is not working in virtual console

main:~# ls -l /bin/su -rwsr-xr-x. 1 root root 34024 Feb 15 2011 /bin/su So I guess this time it's not the case. :( su does not ask for a password, just exits imediately with exit status 1. On 12/16/2011 08:25 PM, Marcin Owsiany wrote: > On Fri, Dec 16, 2011 at 06:26:08PM +010

Command 'su' is not working in virtual console

I have very disturbing problem, so I hope someone will be in situation to help me. As I said in title, su is not working in virtual console for any combination of from-to users. In gnome-terminal it is working. sudo is also working. When I type 'su', is't the same as I just typed RETURN without a