On Wed, 2002-10-09 at 12:27, Xavier Santolaria wrote:
> > I've been using a script to watch for slapper attempts and restart the
> > webserver if it sees it (code below), but this is inefficient, costs
> > CPU, and unless I run this every minute I will get some downtime. Is
> > there a more effici
I've patched my servers, a long time ago. I've noticed that slapper
worm (or whatver is causing the "HTTP/1.1 request without hostname" and
"GET_CLIENT_MASTER_KEY:key arg too long" lines in apache's error log)
causes another problem:
While it's attempting to infect my servers, it seizes all the
On Wed, 2002-10-09 at 12:27, Xavier Santolaria wrote:
> > I've been using a script to watch for slapper attempts and restart the
> > webserver if it sees it (code below), but this is inefficient, costs
> > CPU, and unless I run this every minute I will get some downtime. Is
> > there a more effic
I've patched my servers, a long time ago. I've noticed that slapper
worm (or whatver is causing the "HTTP/1.1 request without hostname" and
"GET_CLIENT_MASTER_KEY:key arg too long" lines in apache's error log)
causes another problem:
While it's attempting to infect my servers, it seizes all the
Joao Luis Meloni Assirati wrote:
> I want to know if my point of view is right, or if there is any
> functionality that hosts.{allow,deny} scheme provides which iptables
> can't.
- You have daemon-by-daemon settings instead of port-by-port or
protocol-by-protocol.
- the aforementioned 'extra layer
Joao Luis Meloni Assirati wrote:
> I want to know if my point of view is right, or if there is any
> functionality that hosts.{allow,deny} scheme provides which iptables
> can't.
- You have daemon-by-daemon settings instead of port-by-port or
protocol-by-protocol.
- the aforementioned 'extra laye
eim wrote:
> * logcheck (System Log Analyzer)
> * snort (Intrusion Detection System)
> * ippl (IP protocols logger)
The only application of those three I use is logcheck, and it does
require tuning.
Here's what I've done (using logcheck/testing):
Mad
eim wrote:
> * logcheck (System Log Analyzer)
> * snort (Intrusion Detection System)
> * ippl (IP protocols logger)
The only application of those three I use is logcheck, and it does
require tuning.
Here's what I've done (using logcheck/testing):
Ma
Okay, let's try another tack.
I've got a server behind a firewall that users want to transfer files
to-from. scp isn't an option because ssh is being port-forwarded to a
machine that isn't the fileserver. ftp would be nice, but ftp sends
passwords in cleartext.
ftpd-ssl seems to be the proper o
Okay, let's try another tack.
I've got a server behind a firewall that users want to transfer files
to-from. scp isn't an option because ssh is being port-forwarded to a
machine that isn't the fileserver. ftp would be nice, but ftp sends
passwords in cleartext.
ftpd-ssl seems to be the proper
I installed portsentry lately, and I'm being constantly warned about UDP
connect attempts that I can't otherwise detect, from a machine that (as
far as I can tell) isn't trying to connect.
I installed portsentry on the machine 'izzy' with "apt-get portsentry".
Default settings. The machine 205.X
I installed portsentry lately, and I'm being constantly warned about UDP
connect attempts that I can't otherwise detect, from a machine that (as
far as I can tell) isn't trying to connect.
I installed portsentry on the machine 'izzy' with "apt-get portsentry".
Default settings. The machine 205.
Cristian Ionescu-Idbohrn wrote:
> Yes, I would like to do that.
> Any good tools you folks would recommand?
'apt-cache search attack'
and among the results are:
nessus - Remote network security auditor, the client
nessus-dev - Nessus development header files
nessus-plugins - Nessus plugins
nessu
Cristian Ionescu-Idbohrn wrote:
> Yes, I would like to do that.
> Any good tools you folks would recommand?
'apt-cache search attack'
and among the results are:
nessus - Remote network security auditor, the client
nessus-dev - Nessus development header files
nessus-plugins - Nessus plugins
ness
Johannes Weiss wrote:
> Sorry, this is offtopic, but in my opignion important:
>
> Hi @all,
> please go to http://www.bundestux.de and vote for Linux in the Bundestag
> (german parliament), please...
>
> Weissi
While I admire your desire for a Linux lobby group to improve your
nation's governme
Johannes Weiss wrote:
> Sorry, this is offtopic, but in my opignion important:
>
> Hi @all,
> please go to http://www.bundestux.de and vote for Linux in the Bundestag
> (german parliament), please...
>
> Weissi
While I admire your desire for a Linux lobby group to improve your
nation's governm
Johannes Weiss wrote:
> Sorry, this is offtopic, but in my opignion important:
>
> Hi @all,
> please go to http://www.bundestux.de and vote for Linux in the Bundestag
> (german parliament), please...
>
> Weissi
While I admire your desire for a Linux lobby group to improve your
nation's governme
Johannes Weiss wrote:
> Sorry, this is offtopic, but in my opignion important:
>
> Hi @all,
> please go to http://www.bundestux.de and vote for Linux in the Bundestag
> (german parliament), please...
>
> Weissi
While I admire your desire for a Linux lobby group to improve your
nation's governm
martin f krafft wrote:
> that was me, and no, noone has mentioned any bad aspects yet, other than your
> users having to type the old password twice. however, it's not the
> solution i amlooking for, so i am implementing a highly secure way to do it
> over and
> SSL/TLS-encrypted webform with emph
martin f krafft wrote:
> that was me, and no, noone has mentioned any bad aspects yet, other than your
> users having to type the old password twice. however, it's not the
> solution i amlooking for, so i am implementing a highly secure way to do it over and
> SSL/TLS-encrypted webform with emphas
20 matches
Mail list logo
