meay-meay!

2004-03-03 Thread mdevin
You have won!!! password: 11773 Norton AntiVirus Deleted1.txt Description: plain/text

meay-meay!

2004-03-03 Thread mdevin
You have won!!! password: 11773 Norton AntiVirus Deleted1.txt Description: plain/text

Re: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 09:39:02AM -0800, Ted Cabeen wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Content-Type: text/plain; charset=us-ascii > > In message <[EMAIL PROTECTED]>, Petro writes: > >On Sat, Dec 08, 2001 at 01:40:06AM -0800, [EMAIL PROTECTED] wrote: > >> After reading a

Re: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 09:39:02AM -0800, Ted Cabeen wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Content-Type: text/plain; charset=us-ascii > > In message <[EMAIL PROTECTED]>, Petro writes: > >On Sat, Dec 08, 2001 at 01:40:06AM -0800, [EMAIL PROTECTED] wrote: > >> After reading

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 01:21:15PM +, Tim Haynes wrote: > Ultimately, I want input & forward to be drop-by-default. However, the > `block' chain is meant to be good for both input & forward scenarios; it > has rules for stateful filtering and `open' things, then a drop & log. If I > put in a ru

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 10:55:07PM +1000, mdevin wrote: > On Mon, Dec 10, 2001 at 12:22:44PM +, Tim Haynes wrote: > > Plato <[EMAIL PROTECTED]> writes: > > > > > > > echo 1 > /proc/sys/net/ipv4/conf/*/rp_filter > > > > > w

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 12:54:31PM +, Tim Haynes wrote: > Guido Hennecke <[EMAIL PROTECTED]> writes: > > > > Sorry, I was transposing my thoughts into ipchains rules. Actually my > > > firewall is iptables based. In iptables, packets that are being > > > masqueraded traverse only the FORWARD

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 12:22:44PM +, Tim Haynes wrote: > Plato <[EMAIL PROTECTED]> writes: > > > > > echo 1 > /proc/sys/net/ipv4/conf/*/rp_filter > > > > withecho 1 > /proc/sys/net/ipv4/conf/*/log_martians > > > > for logging/fun purposes. > > > > > > rp_filter will not help with

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 09:31:09AM +0200, Berend De Schouwer wrote: > On Mon, 2001-12-10 at 08:19, mdevin wrote: > > On Mon, Dec 10, 2001 at 01:50:19AM +0100, Guido Hennecke wrote: > > > With ipchains you can make the following: > > > > > > ipchains -A in

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 01:21:15PM +, Tim Haynes wrote: > Ultimately, I want input & forward to be drop-by-default. However, the > `block' chain is meant to be good for both input & forward scenarios; it > has rules for stateful filtering and `open' things, then a drop & log. If I > put in a r

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 10:55:07PM +1000, mdevin wrote: > On Mon, Dec 10, 2001 at 12:22:44PM +, Tim Haynes wrote: > > Plato <[EMAIL PROTECTED]> writes: > > > > > > > echo 1 > /proc/sys/net/ipv4/conf/*/rp_filter > > > > > w

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 12:54:31PM +, Tim Haynes wrote: > Guido Hennecke <[EMAIL PROTECTED]> writes: > > > > Sorry, I was transposing my thoughts into ipchains rules. Actually my > > > firewall is iptables based. In iptables, packets that are being > > > masqueraded traverse only the FORWAR

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 12:22:44PM +, Tim Haynes wrote: > Plato <[EMAIL PROTECTED]> writes: > > > > > echo 1 > /proc/sys/net/ipv4/conf/*/rp_filter > > > > withecho 1 > /proc/sys/net/ipv4/conf/*/log_martians > > > > for logging/fun purposes. > > > > > > rp_filter will not help wit

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 09:31:09AM +0200, Berend De Schouwer wrote: > On Mon, 2001-12-10 at 08:19, mdevin wrote: > > On Mon, Dec 10, 2001 at 01:50:19AM +0100, Guido Hennecke wrote: > > > With ipchains you can make the following: > > > > > > ipchains -A in

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-10 Thread mdevin
On Mon, Dec 10, 2001 at 01:50:19AM +0100, Guido Hennecke wrote: > With ipchains you can make the following: > > ipchains -A input -i ! eth1 -d 192.168.0.1 -j DENY What this says is: all packets with destination 192.168.0.1 must not have come from eth1 or they will be denied. Why do you choose to

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-09 Thread mdevin
On Mon, Dec 10, 2001 at 01:52:51PM +1000, mdevin wrote: > On Mon, Dec 10, 2001 at 01:50:19AM +0100, Guido Hennecke wrote: > > I try to explain again: > > > > You have a Linux box with "eth0" and "eth1". "eth0" is the Internet > > i

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-09 Thread mdevin
On Mon, Dec 10, 2001 at 01:50:19AM +0100, Guido Hennecke wrote: > With ipchains you can make the following: > > ipchains -A input -i ! eth1 -d 192.168.0.1 -j DENY What this says is: all packets with destination 192.168.0.1 must not have come from eth1 or they will be denied. Why do you choose t

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-09 Thread mdevin
On Mon, Dec 10, 2001 at 01:50:19AM +0100, Guido Hennecke wrote: > I try to explain again: > > You have a Linux box with "eth0" and "eth1". "eth0" is the Internet > interface, "eth1" is the interface to the LAN. > > IP addresses: eth0 - 123.123.123.123 > eth1 - 192.168.0.1 > > You w

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-09 Thread mdevin
On Mon, Dec 10, 2001 at 01:52:51PM +1000, mdevin wrote: > On Mon, Dec 10, 2001 at 01:50:19AM +0100, Guido Hennecke wrote: > > I try to explain again: > > > > You have a Linux box with "eth0" and "eth1". "eth0" is the Internet > > i

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-09 Thread mdevin
On Mon, Dec 10, 2001 at 01:50:19AM +0100, Guido Hennecke wrote: > I try to explain again: > > You have a Linux box with "eth0" and "eth1". "eth0" is the Internet > interface, "eth1" is the interface to the LAN. > > IP addresses: eth0 - 123.123.123.123 > eth1 - 192.168.0.1 > > You

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-09 Thread mdevin
On Sun, Dec 09, 2001 at 07:45:52PM +0100, Guido Hennecke wrote: > Please dont answer to the list _and_ to me. Thank you. > > At 09.12.2001, Tim Haynes wrote: > > "Phillip Hofmeister" <[EMAIL PROTECTED]> writes: > > [snip] > > > > If an attacker in the same network sets a route like that: > >

Re: Can a daemon listen only on some interfaces?

2001-12-09 Thread mdevin
On Sun, Dec 09, 2001 at 04:30:35AM +0100, Guillem Jover wrote: > On Sun, Dec 09, 2001 at 12:06:26AM +1000, [EMAIL PROTECTED] wrote: > > I do want sshd to listen on all (0.0.0.0) but I would like to find a way > > to make it only accept connection attempts for a certain user from the > > internet bu

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-09 Thread mdevin
On Sun, Dec 09, 2001 at 07:45:52PM +0100, Guido Hennecke wrote: > Please dont answer to the list _and_ to me. Thank you. > > At 09.12.2001, Tim Haynes wrote: > > "Phillip Hofmeister" <[EMAIL PROTECTED]> writes: > > [snip] > > > > If an attacker in the same network sets a route like that: >

Re: Can a daemon listen only on some interfaces?

2001-12-09 Thread mdevin
On Sun, Dec 09, 2001 at 04:30:35AM +0100, Guillem Jover wrote: > On Sun, Dec 09, 2001 at 12:06:26AM +1000, [EMAIL PROTECTED] wrote: > > I do want sshd to listen on all (0.0.0.0) but I would like to find a way > > to make it only accept connection attempts for a certain user from the > > internet b

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-08 Thread mdevin
On Sat, Dec 08, 2001 at 11:57:51PM +0100, Guido Hennecke wrote: > At 08.12.2001, Phillip Hofmeister wrote: > > grr...forgot to reply to list... > > It was not necessary because... > > > From: Phillip Hofmeister <[EMAIL PROTECTED]> > > > ORyou could use IPCHAINS or IPTABLES to REJECT (or DENY)

Re: Fw: Can a daemon listen only on some interfaces?

2001-12-08 Thread mdevin
On Sat, Dec 08, 2001 at 11:57:51PM +0100, Guido Hennecke wrote: > At 08.12.2001, Phillip Hofmeister wrote: > > grr...forgot to reply to list... > > It was not necessary because... > > > From: Phillip Hofmeister <[EMAIL PROTECTED]> > > > ORyou could use IPCHAINS or IPTABLES to REJECT (or DENY

Re: Can a daemon listen only on some interfaces?

2001-12-08 Thread mdevin
On Sat, Dec 08, 2001 at 01:25:16PM +0200, Michael Wood wrote: > Hi > > On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote: > [snip] > > So, what I can figure out is that it seems that I have only > > the following daemons listening: postfix, sshd, cupsd, > > XF86_SVGA, portmap. > >

Re: Can a daemon listen only on some interfaces?

2001-12-08 Thread mdevin
On Sat, Dec 08, 2001 at 01:25:16PM +0200, Michael Wood wrote: > Hi > > On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote: > [snip] > > So, what I can figure out is that it seems that I have only > > the following daemons listening: postfix, sshd, cupsd, > > XF86_SVGA, portmap. > >

Can a daemon listen only on some interfaces?

2001-12-08 Thread mdevin
After reading a previous thread about stopping services from listening on certains ports, I decided to investigate things a little further for my system. So, what I can figure out is that it seems that I have only the following daemons listening: postfix, sshd, cupsd, XF86_SVGA, portmap. I have o

Can a daemon listen only on some interfaces?

2001-12-08 Thread mdevin
After reading a previous thread about stopping services from listening on certains ports, I decided to investigate things a little further for my system. So, what I can figure out is that it seems that I have only the following daemons listening: postfix, sshd, cupsd, XF86_SVGA, portmap. I have

Re: Kernel 2.4 SOS

2001-06-13 Thread mdevin
On Wed, Jun 13, 2001 at 03:35:29AM -0800, Ethan Benson wrote: > On Wed, Jun 13, 2001 at 08:52:24PM +1000, [EMAIL PROTECTED] wrote: > > > > > What is the security link? > > deb http://security.debian.org/debian-security/ stable/updates main contrib > > note that says stable. there is no security l

Re: Kernel 2.4 SOS

2001-06-13 Thread mdevin
On Wed, Jun 13, 2001 at 12:21:44PM +0200, Joris Mocka wrote: > Ethan Benson wrote: > > > > On Wed, Jun 13, 2001 at 11:01:10AM +0200, Johan Segernäs wrote: > > > And no, i wouldn't use woody on a firewall, it's to many packet-updates > > > all > > > the time, takes > > > to much time to keep track

Re: Creating a logfile for Netfilter

2001-06-13 Thread mdevin
On Mon, Jun 11, 2001 at 07:11:00PM +0100, Tim Haynes wrote: > Stefan Srdic <[EMAIL PROTECTED]> writes: > > > Anyway, as you can guess I am using netfilter for firewalling. > > > > How can I pipe all logs from Netfilter into a single logfile? > > > > Lets say I wanted all log messages from netfil

Re: Kernel 2.4 SOS

2001-06-13 Thread mdevin
On Wed, Jun 13, 2001 at 03:35:29AM -0800, Ethan Benson wrote: > On Wed, Jun 13, 2001 at 08:52:24PM +1000, [EMAIL PROTECTED] wrote: > > > > > What is the security link? > > deb http://security.debian.org/debian-security/ stable/updates main contrib > > note that says stable. there is no security

Re: Kernel 2.4 SOS

2001-06-13 Thread mdevin
On Wed, Jun 13, 2001 at 12:21:44PM +0200, Joris Mocka wrote: > Ethan Benson wrote: > > > > On Wed, Jun 13, 2001 at 11:01:10AM +0200, Johan Segernäs wrote: > > > And no, i wouldn't use woody on a firewall, it's to many packet-updates all > > > the time, takes > > > to much time to keep track of ev

Re: Creating a logfile for Netfilter

2001-06-13 Thread mdevin
On Mon, Jun 11, 2001 at 07:11:00PM +0100, Tim Haynes wrote: > Stefan Srdic <[EMAIL PROTECTED]> writes: > > > Anyway, as you can guess I am using netfilter for firewalling. > > > > How can I pipe all logs from Netfilter into a single logfile? > > > > Lets say I wanted all log messages from netfi