(adding -security to Cc)
-=| Damyan Ivanov, 14.11.2012 11:35:02 +0200 |=-
> Source: firebird2.5
> Version: 2.5.0
> Severity: important
> Tags: upstream fixed-upstream security
> Forwarded: http://tracker.firebirdsql.org/browse/CORE-3884
>
> With trace enabled, preparing a
Patrick,
Just wondering if you were holidaying in Australia in
2003. I was holidaying in Apollo
Bay recently and found a
bag containing some of your belongings. I just thought I’d do a search
on the net for Patrick Bucher’s and see if I could strike it lucky. Really
just wanted to shar
On Wed, Sep 29, 2004 at 10:08:28PM +0200, Adrian 'Dagurashibanipal' von Bidder wrote:
> On Tuesday 28 September 2004 15.49, Bartosz Fenski aka fEnIo wrote:
> > On Mon, Sep 27, 2004 at 06:38:03PM +0200, Adrian 'Dagurashibanipal' von
> Bidder wrote:
> > > > for foo in `find . -name "something"`
> >
On Tuesday 28 September 2004 15.49, Bartosz Fenski aka fEnIo wrote:
> On Mon, Sep 27, 2004 at 06:38:03PM +0200, Adrian 'Dagurashibanipal' von
Bidder wrote:
> > > for foo in `find . -name "something"`
> >
> > Note that
> > $ for foo in `command outputting a list of filenames`
> >
> > should *always
On Mon, Sep 27, 2004 at 06:38:03PM +0200, Adrian 'Dagurashibanipal' von Bidder wrote:
> > for foo in `find . -name "something"`
>
> Note that
> $ for foo in `command outputting a list of filenames`
>
> should *always* be replaced by
>
> $ said command | while read foo; do ...
>
> (Or, for triv
In article <[EMAIL PROTECTED]> you wrote:
> Last time I read the xargs documentation it stated that using '\0' as an
> input separator would also tell it to pass at most one argument to the
> command.
> echo -en "a\0b\0c" | xargs -t -0 echo
echo a b c
a b c
> echo -en "a\0b\0c" | xargs -t -s 8 -0
On 28 Sep 2004, Bernd Eckenfels wrote:
> In article <[EMAIL PROTECTED]> you wrote:
>> Alternately, with sed:
>>
>> ] sed -si.orig -e '...' `find . -name '...'`
>>
>> More safely, but with more forks:
>>
>> ] find . -name '...' -print0 | xargs -0 sed -si.orig -e '...'
>
> BTW: I dont see how xarg wo
In article <[EMAIL PROTECTED]> you wrote:
> Alternately, with sed:
>
> ] sed -si.orig -e '...' `find . -name '...'`
>
> More safely, but with more forks:
>
> ] find . -name '...' -print0 | xargs -0 sed -si.orig -e '...'
BTW: I dont see how xarg would do more forks than the shell? Because the
ab
On Mon, Sep 27, 2004 at 06:38:03PM +0200, Adrian 'Dagurashibanipal' von Bidder wrote:
> $ for foo in `command outputting a list of filenames`
>
> should *always* be replaced by
>
> $ said command | while read foo; do ...
Hm. I like that better in general. Processing doesn't have to wait for the
On Monday 27 September 2004 16.28, Mason Loring Bliss wrote:
>
> for foo in `find . -name "something"`
Note that
$ for foo in `command outputting a list of filenames`
should *always* be replaced by
$ said command | while read foo; do ...
(Or, for trivial cases, xargs) because the for loop will
On Mon, Sep 27, 2004 at 12:48:03PM +0100, Dale Amon wrote:
> A couple years ago I ran across a sed like program
> that will recursively descend through a tree and apply
> specified edits in place. I have searched my notes,
> gone through the deb available and have not been able
> to find it. Might
On 27 Sep 2004, Dale Amon wrote:
> A couple years ago I ran across a sed like program that will
> recursively descend through a tree and apply specified edits in place.
> I have searched my notes, gone through the deb available and have not
> been able to find it. Might just have been something on
On Mon, Sep 27, 2004 at 01:07:40PM +0100, Simon Huggins wrote:
> On Mon, Sep 27, 2004 at 12:48:03PM +0100, Dale Amon wrote:
> > A couple years ago I ran across a sed like program
> > that will recursively descend through a tree and apply
> > specified edits in place.
> > Has anyone else run across
On Mon, Sep 27, 2004 at 10:04:00PM +1000, Andrew McGlashan wrote:
> Try again:
> http://packages.debian.org/testing/utils/rpl
> "Intelligent recursive search/replace utility"
Thanks much. I do believe that is the one.
*amon runs off to dselect yet again...
--
--
On Mon, Sep 27, 2004 at 12:48:03PM +0100, Dale Amon wrote:
> A couple years ago I ran across a sed like program
> that will recursively descend through a tree and apply
> specified edits in place. I have searched my notes,
> gone through the deb available and have not been able
> to find it. Might
Try again:
http://packages.debian.org/testing/utils/rpl
"Intelligent recursive search/replace utility"
Regards
AndrewM
Andrew McGlashan
ADSL, Dialup, Satellite, ISDN and other enquiries: 1300 85 3804
Mobile: 04 2574 1827 Fax: 03 8790 1224
Affinity Vision Australia Pty Ltd
www.affinityvision.c
e: 04 2574 1827 Fax: 03 8790 1224
Affinity Vision Australia Pty Ltd
www.affinityvision.com.au
www.affinityvision.net/adsl/
- Original Message -
From: "Dale Amon" <[EMAIL PROTECTED]>
To:
Sent: Monday, September 27, 2004 9:48 PM
Subject: [OT] Collective memory query
AndrewM
www.affinityvision.com.au
www.affinityvision.net/adsl/
- Original Message -
From: "Dale Amon" <[EMAIL PROTECTED]>
To:
Sent: Monday, September 27, 2004 9:48 PM
Subject: [OT] Collective memory query
On Mon, Sep 27, 2004 at 12:48:03PM +0100, Dale Amon wrote:
> A couple years ago I ran across a sed like program
> that will recursively descend through a tree and apply
> specified edits in place.
> Has anyone else run across a program of this nature?
This is probably more appropriate for -user bu
A couple years ago I ran across a sed like program
that will recursively descend through a tree and apply
specified edits in place. I have searched my notes,
gone through the deb available and have not been able
to find it. Might just have been something on
SourceForge...
Has anyone else run acros
Hans Spaans wrote:
> 'dig . ns @ > /etc/bind/db.root' can give you a new db.root
> file for your nameserver. If its wise? Yes and no, your db.root must
> contain valid data, but to take a random nameserver, that is not wise.
Most resolvers return an empty additional section anyway, which limits
Hans Spaans wrote:
> 'dig . ns @ > /etc/bind/db.root' can give you a new db.root
> file for your nameserver. If its wise? Yes and no, your db.root must
> contain valid data, but to take a random nameserver, that is not wise.
Most resolvers return an empty additional section anyway, which limits
On Sunday 01 February 2004 16:21, Dale Amon wrote:
> I'd still be interested to know if anyone knows *why*
> so many people are doing this. I know what they are doing;
> I can block it; but I'm curious. I've got a gut feeling
> it has something to do with spammers hiding their tracks,
> but I'm no
On Sun, Feb 01, 2004 at 03:46:07PM +0100, Hans Spaans wrote:
> You added it globally and to every zone? Also allow-transfer is a nice
> own to get into place. But you will see queries being denied and if you
Yes, I've got allow-transfer groups on all domains; allow-query { any; }
on
On Sunday 01 February 2004 16:21, Dale Amon wrote:
> I'd still be interested to know if anyone knows *why*
> so many people are doing this. I know what they are doing;
> I can block it; but I'm curious. I've got a gut feeling
> it has something to do with spammers hiding their tracks,
> but I'm no
On Sunday 01 February 2004 14:50, Dale Amon wrote:
> Actually that's precisely how I discovered it. I added
> allow queries and was trying to figure out why I was
> denying so many queries per second.
You added it globally and to every zone? Also allow-transfer is a nice
own to get into place. Bu
On Sun, Feb 01, 2004 at 03:46:07PM +0100, Hans Spaans wrote:
> You added it globally and to every zone? Also allow-transfer is a nice
> own to get into place. But you will see queries being denied and if you
Yes, I've got allow-transfer groups on all domains; allow-query { any; }
on
On Sun, Feb 01, 2004 at 02:29:53PM +0100, Hans Spaans wrote:
> But than a gain, you can do a joke next month so people have a problem
> or you can fix this problem by adding allow-query statements to your
> named.conf and forcing people to abuse someone else.
Actually that's p
On Sunday 01 February 2004 14:50, Dale Amon wrote:
> Actually that's precisely how I discovered it. I added
> allow queries and was trying to figure out why I was
> denying so many queries per second.
You added it globally and to every zone? Also allow-transfer is a nice
own to get into place. Bu
On Sunday 01 February 2004 14:02, Dale Amon wrote:
> What is the purpose of a DNS query NS ? It returns
> to the requester my list of root servers, which seems
> pointless... and I am getting hit by them at the rate
> of several a second from various nameservers.
'dig . ns @ &g
What is the purpose of a DNS query NS ? It returns
to the requester my list of root servers, which seems
pointless... and I am getting hit by them at the rate
of several a second from various nameservers.
--
--
Dale Amon [EMAIL PROTECTED
On Sun, Feb 01, 2004 at 02:29:53PM +0100, Hans Spaans wrote:
> But than a gain, you can do a joke next month so people have a problem
> or you can fix this problem by adding allow-query statements to your
> named.conf and forcing people to abuse someone else.
Actually that's p
On Sunday 01 February 2004 14:02, Dale Amon wrote:
> What is the purpose of a DNS query NS ? It returns
> to the requester my list of root servers, which seems
> pointless... and I am getting hit by them at the rate
> of several a second from various nameservers.
'dig . ns @ &g
What is the purpose of a DNS query NS ? It returns
to the requester my list of root servers, which seems
pointless... and I am getting hit by them at the rate
of several a second from various nameservers.
--
--
Dale Amon [EMAIL PROTECTED
On Wed, 28 Jan 2004, James Miller wrote:
> If memory serves.. AXFR is a zone transfer... So, at your firewall, would
> want to only allowing TCP queries from your backup (secondary,
> trinary..etc.) dns servers (on the outside of your firewall) and limit
> everyone else to UDP queries.
I am no BI
On Wed, 28 Jan 2004, James Miller wrote:
> If memory serves.. AXFR is a zone transfer... So, at your firewall, would
> want to only allowing TCP queries from your backup (secondary,
> trinary..etc.) dns servers (on the outside of your firewall) and limit
> everyone else to UDP queries.
I am no BI
queries. And for your bind9 config something like
this:
It is not a good idea to block TCP packets to your DNS server, since TCP
is not only used for zone transfer, it is also used when answering a DNS
query with a response that does not fit in a normal UDP datagram.
In fact the limit is even much
queries. And for your bind9 config something like
this:
It is not a good idea to block TCP packets to your DNS server, since TCP
is not only used for zone transfer, it is also used when answering a DNS
query with a response that does not fit in a normal UDP datagram.
In fact the limit is even much lower
UDP queries. And for your bind9 config something like
> this:
It is not a good idea to block TCP packets to your DNS server, since TCP
is not only used for zone transfer, it is also used when answering a DNS
query with a response that does not fit in a normal UDP datagram.
-transfer {
backup.dns1.host.blah;
backup.dns2.host.blah;
localhost;
};
just my $0.02
--jimm
> -Original Message-
> From: LeVA [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, January 28, 2004 12:44 PM
> To: Debian-Security
> Subject: blocking AXFR record query
>
>
> H
Quoting LeVA ([EMAIL PROTECTED]):
> Anyone could tell me how could I deny the AXFR record query on my bind
> server? I'm looking for some global variable, not specifiing
> per-address.
I think the split-DNS example at the end of section 4.3, here, will
help:
http://www.csd.uwo
UDP queries. And for your bind9 config something like
> this:
It is not a good idea to block TCP packets to your DNS server, since TCP
is not only used for zone transfer, it is also used when answering a DNS
query with a response that does not fit in a normal UDP datagram.
--
To UNSUBSC
-transfer {
backup.dns1.host.blah;
backup.dns2.host.blah;
localhost;
};
just my $0.02
--jimm
> -Original Message-
> From: LeVA [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, January 28, 2004 12:44 PM
> To: Debian-Security
> Subject: blocking AXFR record query
>
>
> H
Hi!
Anyone could tell me how could I deny the AXFR record query on my bind
server? I'm looking for some global variable, not specifiing
per-address.
Thanks!
Daniel
--
LeVA
Quoting LeVA ([EMAIL PROTECTED]):
> Anyone could tell me how could I deny the AXFR record query on my bind
> server? I'm looking for some global variable, not specifiing
> per-address.
I think the split-DNS example at the end of section 4.3, here, will
help:
http://www.csd.uwo
Hi!
Anyone could tell me how could I deny the AXFR record query on my bind
server? I'm looking for some global variable, not specifiing
per-address.
Thanks!
Daniel
--
LeVA
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Previously Koala wrote:
> I was wondering if someone could point to a vast area about ipchains.
Heh, I know there is rusty's unreliable guide to netfilter which is
a pretty good document imho, but it only works for netfilter which is
in the 2.4 kernels.
Anyway, can you confirm that what you want
Previously Koala wrote:
> I was wondering if someone could point to a vast area about ipchains.
Heh, I know there is rusty's unreliable guide to netfilter which is
a pretty good document imho, but it only works for netfilter which is
in the 2.4 kernels.
Anyway, can you confirm that what you want
Marco,
No. What I gather here is that Koala has his own LAN, as well as a
corporate intranet, which is then connected to the Internet by
masquerading. He wants a router between his own LAN and the corporate
intranet. That router must forward Internet-bound datagrams from his LAN
to the corporate r
Marco,
No. What I gather here is that Koala has his own LAN, as well as a
corporate intranet, which is then connected to the Internet by
masquerading. He wants a router between his own LAN and the corporate
intranet. That router must forward Internet-bound datagrams from his LAN
to the corporate
Koala wrote:
> on a HUB. Their IP Addresses are 1.1.1.1/24 . My idea, was, to have Network C
> going
> through a default gateway of 1.1.1.1 (Debian with ipchains) where the second
> interface card goes to the normal network B (10.10.10.1) Therefore, Netwrok C
> can
> see Network B, but Network B
I'd check out http://www.linux-firewall-tools.com/
It has a good guide on setting up a LAN, firewalling, and various
basic network security issues. It also has an automatic firewall
generation tool, but it's better to use the firewall it generates
as a guide to writing your own rather than just p
Koala wrote:
> on a HUB. Their IP Addresses are 1.1.1.1/24 . My idea, was, to have Network C going
> through a default gateway of 1.1.1.1 (Debian with ipchains) where the second
> interface card goes to the normal network B (10.10.10.1) Therefore, Netwrok C can
> see Network B, but Network B can´
I'd check out http://www.linux-firewall-tools.com/
It has a good guide on setting up a LAN, firewalling, and various
basic network security issues. It also has an automatic firewall
generation tool, but it's better to use the firewall it generates
as a guide to writing your own rather than just
No, not really
Network A (Internet)
Network B (10.10.10.1/24)
Network C (1.1.1.1/24)
Currently, the normal internal (Network B) work stations use one default
gateway.
Lets say it is 10.10.10.1, and the IP Addresses of the work stations would be in
the class 10.10.10.1/24. Network C is a smal
On Fri, Jul 07, 2000 at 12:03:16PM +0200, Mr.Koala wrote:
> Hi List,
>
> I was wondering if someone could point to a vast area about ipchains. I
> am trying to mount a debian box with ipchains and two network cards. The
> two network cards part is going fine I think, as I am also getting help
> to
Hi List,
I was wondering if someone could point to a vast area about ipchains. I
am trying to mount a debian box with ipchains and two network cards. The
two network cards part is going fine I think, as I am also getting help
to install an NE2000 as eth1. Anyway, staying on the point, the basis is
No, not really
Network A (Internet)
Network B (10.10.10.1/24)
Network C (1.1.1.1/24)
Currently, the normal internal (Network B) work stations use one default gateway.
Lets say it is 10.10.10.1, and the IP Addresses of the work stations would be in
the class 10.10.10.1/24. Network C is a smal
On Fri, Jul 07, 2000 at 12:03:16PM +0200, Mr.Koala wrote:
> Hi List,
>
> I was wondering if someone could point to a vast area about ipchains. I
> am trying to mount a debian box with ipchains and two network cards. The
> two network cards part is going fine I think, as I am also getting help
> t
Hi List,
I was wondering if someone could point to a vast area about ipchains. I
am trying to mount a debian box with ipchains and two network cards. The
two network cards part is going fine I think, as I am also getting help
to install an NE2000 as eth1. Anyway, staying on the point, the basis i
On Mon, Mar 27, 2000 at 10:00:23AM -0800, Heisler, Aaron wrote:
> Good morning, all... I expect that this is the correct forum for
> this question, but if not, please point me in the right direction?
>
> I am working my way through an implementation of David Ranch's
> TrinityOs installation, with
Good morning, all... I expect that this is the correct forum for
this question, but if not, please point me in the right direction?
I am working my way through an implementation of David Ranch's
TrinityOs installation, with my own modifications for Debian.
After locking down inet.d, and impleme
62 matches
Mail list logo
