Re: My machine was hacked - possibly via sshd?

hat annoys me, and I do recognise the core problem. Very often they are just trying to do their job when they tunnel data like that too. Wonderful isn't it. IMHO it comes down to intelligently assessing the needs of the organisation. Too few admins are doing that today (IMHO). Cheers,

Re: My machine was hacked - possibly via sshd?

ebian stock 2.4.18-1-586tsc Not as useful as you might think... mount -n -o remount,rw /usr Have you considered running SELinux? This is a non-trivial exercise of course. Rob -- Robert Brockway B.Sc. Senior Technical Consultant, OpenTrend Solutions Ltd. Phone: 416-669-3073 Email: [EMAIL PROTECTED

Re: [meta] Set reply-to to something else?

as a flags to not auto-respond. I reply and point out that Unix vacation(1) has been working correctly with lists for 20 or 30 years and ask why software written in the last 5 years for a certain other OS can't follow a few simple rules :) Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECT

Patches that break stuff

? I'm thinking the total number of broken updates in 2.2 and 3.0 is 0 plus or minus 1 :) Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED] Linux counter project ID #16440 (http://counter.li.org) "The earth is but one country and mankind its citizens" -Baha'

Re: How efficient is mounting /usr ro?

et immutable the system boot scripts > as well) The immutable bit can be removed from a file on a running system. I just confirmed this on a box to make sure recent kernels hadn't changed this behaviour. Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED] Linu

Re: How efficient is mounting /usr ro?

o and it didn't cause corruption, it just resulted in the package installation failing. > On the other hand one should not over-estimate the inteligence of > script-kiddies. Even those writing the scripts tend to be lousy > programers, from what I have seen. Indeed. Rob -- Robert

Re: How efficient is mounting /usr ro?

et immutable the system boot scripts > as well) The immutable bit can be removed from a file on a running system. I just confirmed this on a box to make sure recent kernels hadn't changed this behaviour. Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED] Linu

Re: How efficient is mounting /usr ro?

o and it didn't cause corruption, it just resulted in the package installation failing. > On the other hand one should not over-estimate the inteligence of > script-kiddies. Even those writing the scripts tend to be lousy > programers, from what I have seen. Indeed. Rob -- Robert

Re: Watch out! vsftpd anonymous access always enabled!

firewall as well (after recent events). You can even go one step further and have the sensitive data seperated from the upload/download box (there are various ways to aproach this). Cheers, Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED] Linux counter

Re: Watch out! vsftpd anonymous access always enabled!

firewall as well (after recent events). You can even go one step further and have the sensitive data seperated from the upload/download box (there are various ways to aproach this). Cheers, Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED] Linux counter

Re: Sendmail package version weirdness

On Fri, 19 Sep 2003, Matt Zimmerman wrote: > On Thu, Sep 18, 2003 at 10:58:49PM -0400, Robert Brockway wrote: > > > Was there any particular reason that this newer fixed version has a > > version number the makes it look older than the exploitable version? > > Simple: it

Re: Sendmail package version weirdness

On Fri, 19 Sep 2003, Matt Zimmerman wrote: > On Thu, Sep 18, 2003 at 10:58:49PM -0400, Robert Brockway wrote: > > > Was there any particular reason that this newer fixed version has a > > version number the makes it look older than the exploitable version? > > Simple: it

Sendmail package version weirdness

sion number to fix the problem. Thanks again, must have been a busy few days for you :) Cheers, Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED] Linux counter project ID #16440 (http://counter.li.org) "The earth is but one country and mankind its citizens" -Baha'u'llah

Sendmail package version weirdness

sion number to fix the problem. Thanks again, must have been a busy few days for you :) Cheers, Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED] Linux counter project ID #16440 (http://counter.li.org) "The earth is but one country and mankind its citi

Pat on the back

does. Knowing that fixed versions will be in the security archive quickly helps to keep my blood pressure down :) Cheers, Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED] Linux counter project ID #16440 (http://counter.li.org) "The earth is but one countr

Pat on the back

does. Knowing that fixed versions will be in the security archive quickly helps to keep my blood pressure down :) Cheers, Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED] Linux counter project ID #16440 (http://counter.li.org) "The earth is but one countr

Re: ssh vulnerability in the wild

;ve seen no proof of an exploit as yet. > I would still patch ASAP. Best not to risk it. Definately. This is always best practice regardless of whether there is a known exploit or not. Cheers, Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED] Linux counter pro

Re: ssh vulnerability in the wild

;ve seen no proof of an exploit as yet. > I would still patch ASAP. Best not to risk it. Definately. This is always best practice regardless of whether there is a known exploit or not. Cheers, Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED], [EMAIL PROTECTED] Linux counter pro

sendmail 8.12.9 available

Hi hadn't seen this mentioned on list. Forwarded from Bugtraq. -- Forwarded message -- Sendmail, Inc., and the Sendmail Consortium announce the availability of sendmail 8.12.9. It contains a fix for a critical security problem discovered by Michal Zalewski whom we thank for bring

Sendmail exploit

Hi, hadn't seen this mentioned on list. Forwarded from Bugtraq. Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED] ICQ: 104781119 Linux counter project ID #16440 (http://counter.li.org) "The earth is but one country and mankind its citizens" -Baha'u'llah ---

Re: iptables forwarding to inside firewall

ering the alternatives. Cheers, Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED] ICQ: 104781119 Linux counter project ID #16440 (http://counter.li.org) "The earth is but one country and mankind its citizens" -Baha'u'llah

sendmail 8.12.9 available

Hi hadn't seen this mentioned on list. Forwarded from Bugtraq. -- Forwarded message -- Sendmail, Inc., and the Sendmail Consortium announce the availability of sendmail 8.12.9. It contains a fix for a critical security problem discovered by Michal Zalewski whom we thank for bring

Sendmail exploit

Hi, hadn't seen this mentioned on list. Forwarded from Bugtraq. Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED] ICQ: 104781119 Linux counter project ID #16440 (http://counter.li.org) "The earth is but one country and mankind its citizens" -Baha'u'llah ---

Re: iptables forwarding to inside firewall

ering the alternatives. Cheers, Rob -- Robert Brockway B.Sc. email: [EMAIL PROTECTED] ICQ: 104781119 Linux counter project ID #16440 (http://counter.li.org) "The earth is but one country and mankind its citizens" -Baha'u'llah -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]