Package: php4
Version: N/A; reported 2002-02-27
Severity: grave
Tags: security
Justification: user security hole
http://security.e-matters.de/advisories/012002.html
"...
Unfourtunately there are several flaws in the php_mime_split function
that could be used by an attacker to execute arbitrary c
log analyze applications
Hallo to everyone on the debian-security list.
I've got some questions related to log analyzing applications,
actually on my debian server boxes I've installed and configured
software like...
* logcheck (System Log Analyzer)
On 27 Feb 2002, eim wrote:
> * logcheck (System Log Analyzer)
[SNIP]
> network activity and so on... everything works quite well, the
> only problem is: they generate *REALLY* much mail traffic with
> lots of output which I can't read all.
>
> So my question is, has anyone a good s
On Wed, Feb 27, 2002 at 04:22:31PM +0100, eim wrote:
>
> Are there any tools which are smarter, faster and cleaner
> as my combination of log analyze apps. ?
I saw a presentation at the LISA sysadmin conference a couple years ago
about something called SHARP, the "syslog heuristic analysis and
r
eim wrote:
> * logcheck (System Log Analyzer)
> * snort (Intrusion Detection System)
> * ippl (IP protocols logger)
The only application of those three I use is logcheck, and it does
require tuning.
Here's what I've done (using logcheck/testing):
Ma
Well, that's *BSD security. :)
I'll always thinking about installing some
OpenBSD boxes in my network.
gotta try. thanks for the tip.
- Ivo
On Fri, 2002-02-15 at 08:48, Sean Whitney wrote:
> bash-2.05$ uname -a
> OpenBSD www 3.0 GENERIC#27 sparc64
>
>
> drwx-- 3 root wheel 512 J
On Wed, Feb 27, 2002 at 09:40:05PM +0100, eim wrote:
> Well, that's *BSD security. :)
>
> I'll always thinking about installing some
> OpenBSD boxes in my network.
>
> gotta try. thanks for the tip.
>
> - Ivo
>
> On Fri, 2002-02-15 at 08:48, Sean Whitney wrote:
> > bash-2.05$ uname -a
> > Ope
Thanks folks, for all suggestions !
Well, I'm going to tune my logcheck now
and of course I'll keep eyes open, and brain smart,
for further solutions...
...anyway nothing is better than a good tuned application :)
Thanks again,
have a nice time,
- Ivo
On Wed, 2002-02-27 at 16:22, eim wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Said Francesco P. Lovergine on Wed, Feb 27, 2002 at 11:52:01PM +0100:
> Debian asks if home dirs should be word readable or not at
> installation time. I assume this is true for root also.
Does anyone know where one could reconfigure this?
- --
Also, it doesn't take a Genius to change a mode. If you are going to put sensitive
information into /root try this:
chmod 2770 /root -R
Phil
- Original Message -
From: "Francesco P. Lovergine" <[EMAIL PROTECTED]>
To: "Debian-Security List" <[EMAIL PROTECTED]>
Sent: Wednesday, Februar
On Wed, Feb 27, 2002 at 08:13:53PM -0500, "Justin R. Miller" <[EMAIL PROTECTED]>
wrote:
> Said Francesco P. Lovergine on Wed, Feb 27, 2002 at 11:52:01PM +0100:
>
>> Debian asks if home dirs should be word readable or not at
>> installation time. I assume this is true for root also.
>
> Does an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
"Justin R. Miller" <[EMAIL PROTECTED]> writes:
> Said Francesco P. Lovergine on Wed, Feb 27, 2002 at 11:52:01PM +0100:
>
> > Debian asks if home dirs should be word readable or not at
> > installation time. I assume this is true for root also.
I w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Said Tim van Erven on Thu, Feb 28, 2002 at 03:22:51AM +0100:
> dpkg-reconfigure -plow adduser
Thanks very much, I should have just tried that in the first place.
Figured there might be some larger "package" that contained the
'adduser' command.
-
Title: ´ë¿øÁöÇÁ·£µå ¼Ò½ÄÁö
ÀÌ·¯ÇÑ ¸ÞÀÏÀ» ¹ÞÁö ¾ÊÀ¸½Ã·Á¸é ¼ö½Å°ÅºÎ¸¦ ´·¯ ÁÖ¼¼¿ä.
ÀåÂøÀü¹®Á¡
ã¾Æ°¡±â | Â÷·®Á¡°ËÆ÷ÀÎÆ®
| º»»ç
Package: php4
Version: N/A; reported 2002-02-27
Severity: grave
Tags: security
Justification: user security hole
http://security.e-matters.de/advisories/012002.html
"...
Unfourtunately there are several flaws in the php_mime_split function
that could be used by an attacker to execute arbitrary co
log analyze applications
Hallo to everyone on the debian-security list.
I've got some questions related to log analyzing applications,
actually on my debian server boxes I've installed and configured
software like...
* logcheck (System Log Analyzer)
On 27 Feb 2002, eim wrote:
> * logcheck (System Log Analyzer)
[SNIP]
> network activity and so on... everything works quite well, the
> only problem is: they generate *REALLY* much mail traffic with
> lots of output which I can't read all.
>
> So my question is, has anyone a good so
On Wed, Feb 27, 2002 at 04:22:31PM +0100, eim wrote:
>
> Are there any tools which are smarter, faster and cleaner
> as my combination of log analyze apps. ?
I saw a presentation at the LISA sysadmin conference a couple years ago
about something called SHARP, the "syslog heuristic analysis and
re
eim wrote:
> * logcheck (System Log Analyzer)
> * snort (Intrusion Detection System)
> * ippl (IP protocols logger)
The only application of those three I use is logcheck, and it does
require tuning.
Here's what I've done (using logcheck/testing):
Mad
Thanks folks, for all suggestions !
Well, I'm going to tune my logcheck now
and of course I'll keep eyes open, and brain smart,
for further solutions...
...anyway nothing is better than a good tuned application :)
Thanks again,
have a nice time,
- Ivo
On Wed, 2002-02-27 at 16:22, eim wrote:
>
Well, that's *BSD security. :)
I'll always thinking about installing some
OpenBSD boxes in my network.
gotta try. thanks for the tip.
- Ivo
On Fri, 2002-02-15 at 08:48, Sean Whitney wrote:
> bash-2.05$ uname -a
> OpenBSD www 3.0 GENERIC#27 sparc64
>
>
> drwx-- 3 root wheel 512 Ja
On Wed, Feb 27, 2002 at 09:40:05PM +0100, eim wrote:
> Well, that's *BSD security. :)
>
> I'll always thinking about installing some
> OpenBSD boxes in my network.
>
> gotta try. thanks for the tip.
>
> - Ivo
>
> On Fri, 2002-02-15 at 08:48, Sean Whitney wrote:
> > bash-2.05$ uname -a
> > Open
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Said Francesco P. Lovergine on Wed, Feb 27, 2002 at 11:52:01PM +0100:
> Debian asks if home dirs should be word readable or not at
> installation time. I assume this is true for root also.
Does anyone know where one could reconfigure this?
- --
Also, it doesn't take a Genius to change a mode. If you are going to put
sensitive information into /root try this:
chmod 2770 /root -R
Phil
- Original Message -
From: "Francesco P. Lovergine" <[EMAIL PROTECTED]>
To: "Debian-Security List"
Sent: Wednesday, February 27, 2002 5:52 PM
S
On Wed, Feb 27, 2002 at 08:13:53PM -0500, "Justin R. Miller" <[EMAIL
PROTECTED]> wrote:
> Said Francesco P. Lovergine on Wed, Feb 27, 2002 at 11:52:01PM +0100:
>
>> Debian asks if home dirs should be word readable or not at
>> installation time. I assume this is true for root also.
>
> Does any
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
"Justin R. Miller" <[EMAIL PROTECTED]> writes:
> Said Francesco P. Lovergine on Wed, Feb 27, 2002 at 11:52:01PM +0100:
>
> > Debian asks if home dirs should be word readable or not at
> > installation time. I assume this is true for root also.
I wo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Said Tim van Erven on Thu, Feb 28, 2002 at 03:22:51AM +0100:
> dpkg-reconfigure -plow adduser
Thanks very much, I should have just tried that in the first place.
Figured there might be some larger "package" that contained the
'adduser' command.
-
27 matches
Mail list logo
