On Fri, December 15, 2006 1:23 am, Bernd Eckenfels wrote:
> In article <[EMAIL PROTECTED]> you wrote:
>> This bug really should have critical or release-critical as severity
>> level. It almost caused an production box with debian sarge to break.
>> (/var filesystem full)
>
> which bug, please?
>
Hi
On Sat, February 25, 2006 5:09 am, Arnel Pastrana said:
>>
>> The files in your /var/www should strictly speaking only be
>> accessible to
>> your webserver ; for apache usually www-data or apache or httpd
>> accounts
>> should have rwx permissions.
>> Grep for these in /etc/passwd if unsure whi
Olivier,
How is that going to solve the problem?
His user doesn't have /var/www as a home ; the issue is /var/www is
world-readable/writeable/executable.
The files in your /var/www should strictly speaking only be accessible to
your webserver ; for apache usually www-data or apache or httpd accou
Jasper,
It's pretty much open for debate.
The subtlety lies in the "certain input" mentioned by Florian. For the
sake of argument, imagine you can create a webpage which when rendered
will make the browser crash.
You could trick users into surfing to your page, by e.g. spam mailing your
URL arou
[ List, sorry for this but I can't watch it any longer ;-) ]
Cher Elisabeth, Cher Martine,
Veuillez noter que votre communication est envoye en cc vers une liste de
discussion sur la securite dans le systeme d'exploitation Debian
.
Je voudrais donc vous conseiller de
1/ ne pas continuer votre dis
> Hi there,
Hello Jaques,
> There are box1 and box2 on the same LAN
>
> A daily cron does machine nmap each other.
>
> Some times, box1 finds a lot of opened UDP ports opened on box2.
>
> Both machines are debian stable doing security updates.
>
> Both rkhunter and chkrootkit are running on it a
> On Sun, Feb 06, 2005 at 10:52:50PM -0800, Alvin Oga wrote:
>> it's best when you can call the fbi (on the phone) and say, they're
>> back, trace um "NOW"
>
> Obviously you've never done this. Good luck finding someone who even
> knows what TCP/IP is, let alone sufficient knowledge to be able to
Some interesting points raised by Alvin.
On the other hand, run rkhunter after updating its lists & chkrootrit.
See what they have to say about your system, but also watch out for false
positives due to back-ported security patches (mostly for openssl, ssh,
..) in Debian.
(step 1)
If the machine
> hi, im trying make a test lan with vpn gatway running
> openswan 2.3 with debian woody.
>
> this is my sample lan:
>
>...
>
>
> Can anybody help me with this connection setup?
>
> greets
>
> Rodrigo
>
Dear Rodrigo,
I think your question is out of scope for this mailing list.
Please check the d
> My very sincere apologies for the recent trouble ticketing noise to the
> list.
>
> The keyboard for the sysadmin responsible has been removed (as well as
> his fingers), and a fix has been implemented.
>
>
> jamie
> --
>
>
>
Our very sincere apologies for the new trouble ticketing noise to t
Hello Marcus,
I'd recommend sticking to scp, as you can give your users winscp.
Its interface resembles major ftp clients out there and is very intuitive,
so they should not have any issues using it.
I can't comment on the WebDAV implementations for linux, as I've never
used them, but I personall
Furthermore, it all depends on your (download) sources.
If you install from Debian packages, you should have the implied guarantee
that these don't contain backdoors or virii.
Of course, if you download some unknown program from a website, apply
someone's patches or make any other modifications wi
12 matches
Mail list logo
