Does anyone have a good how-to on pam authentication using ldap. We
are trying to merge our network over to ldap, but are unable to use pam
with ldap. We have the ldap server running properly, and are able to
connect to it and bind using ssl with Mozilla's LDAP browser. It is
also running no
On Mon, 10 Mar 2003, Ryan Goss wrote:
> Does anyone have a good how-to on pam authentication using ldap. We
> are trying to merge our network over to ldap, but are unable to use pam
> with ldap. We have the ldap server running properly, and are able to
> connect to it and bind using ssl with Moz
On Mon, Mar 10, 2003 at 05:29:15PM +1000, Nikolai Lusan wrote:
> Date: Mon, 10 Mar 2003 17:29:15 +1000 (EST)
> From: Nikolai Lusan <[EMAIL PROTECTED]>
> To: Ryan Goss <[EMAIL PROTECTED]>
> Cc: debian-security@lists.debian.org
> Subject: Re: ldap pam authentication
>
> On Mon, 10 Mar 2003, Ryan Gos
On Sun, Mar 09, 2003 at 04:15:54AM -0800, Adam Lydick wrote:
> Before the previous thread turned all that useful energy into waste
> heat, the author raised an interesting point:
You obviously did not read the thread.
>
> What support do .debs have for package signing right now?
RTFM AGAIN:
ht
Title: Xenon Reed Tech Group®: search engine submission add url submission optimization
On Sat, Mar 08, 2003 at 08:16:38PM +0100, Thomas Sj?gren wrote:
> On Sat, 8 Mar 2003, Birzan George Cristian wrote:
>
> > > It should be locked down and not touched by adduser ("Would You Like To
> > > Make All Homedirs World-Readable?").
> > root is not the regular user. Users need o+x on their h
On Monday 10 March 2003 15.19, Rob VanFleet wrote:
> > No they don't.
> > You shouldn't place user websites in their home dirs. Place the
> > user "webspace" in e.g /var/www/[user] and symlink from
> > public_html or whatever.
>
> ..and this makes a difference how...? I'm not necessarily trying t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'd like to cast a vote for more restrictive permisions as well
Access to files & directories should be as restrictive as possible
out of the box. If a user or 3rd party app need more access to any
given area I'll give it as long as it doesn't break th
* Thomas Sjögren <[EMAIL PROTECTED]>:
[ WWW pages in /var rather than in /home/user/public_html ]
> With this solution there is no need to make home dirs world readable,
You don't have to make your $HOME world readable, just world executable.
> thus you're able to set 700 on their homes which,
I guess giving up some freedom for the sake of some security means also
giving up the right to define what security is.
I'd prefer to face the common terrorists rather than the
terrorist state. I'll still have a chance to fight back.
This is said by a citizen of a country whose army, in the last
Way off topic - please take the thread private or somewhere more
appropriate.
I subscribe to this list for Debian security announcements.
- Original Message -
From: "Emil Perhinschi" <[EMAIL PROTECTED]>
To:
Cc: "Gary MacDougall" <[EMAIL PROTECTED]>
Sent: Monday, March 10, 2003 4:11 PM
Sub
On Mon, Mar 10, 2003 at 12:54:51AM -0600, Ryan Goss wrote:
> Does anyone have a good how-to on pam authentication using ldap. We
> are trying to merge our network over to ldap, but are unable to use pam
> with ldap. We have the ldap server running properly, and are able to
> connect to it and
Hi!
Accourding to http://www.guninski.com/vim1.html vim is vulnerable in
woody and sarge (I tried it myself on both).
ChangeLog of vim (1:6.1-266+1) in sid says:
+ 6.1.265: libcall() can be used in 'foldexpr' to call any system
function. rename(), delete() and remote_send() can also be
used
Jeff wrote:
Way off topic - please take the thread private or somewhere more
appropriate.
I really have to say that I heartily enjoyed this thread. In my opinion
from time to time it is fair for us to allow ourselves the luxury of a
lengthy off-topic discussion on a political topic. We enjoy
On Mon, Mar 10, 2003 at 05:10:29PM -, Jeff wrote:
> Way off topic - please take the thread private or somewhere more
> appropriate.
> I subscribe to this list for Debian security announcements.
Then subscribe to "debian-security-announce" instead of
"debian-security".
Which is defined as "Di
Hi Thomas,
I have already, now many weeks ago, submitted a fixed vim package to the
Security Team. When they are ready (have reviewed, have time, etc),
they will make a DSA. I've asked them if there's anything else I can do
for them, with no reply. I suspect that they are occupied with other
se
On Mon, Mar 10, 2003 at 11:23:04AM -0800, Ted Parvu wrote:
> On Mon, Mar 10, 2003 at 05:10:29PM -, Jeff wrote:
> > Way off topic - please take the thread private or somewhere more
> > appropriate.
> > I subscribe to this list for Debian security announcements.
>
> Then subscribe to "debian-sec
I can ping security.debian.org, but cannot use http or ftp. It just
hangs. non-us.debian.org is the same box, and having the same troubles.
Is this just me?
Could not connect to security.debian.org:80 (194.109.137.218), connection
timed out
--
Dinner is ready when the smoke alarm goes off.
On Monday 10 March 2003 21:41, Jeremy Drake wrote:
> I can ping security.debian.org, but cannot use http or ftp. It just
> hangs. non-us.debian.org is the same box, and having the same
> troubles. Is this just me?
AOL... No response on port 80. I'm in Oslo, Norway.
Best,
Kjetil
--
Kjetil K
On Mon, 2003-03-10 at 21:41, Jeremy Drake wrote:
> I can ping security.debian.org, but cannot use http or ftp. It just
> hangs. non-us.debian.org is the same box, and having the same troubles.
> Is this just me?
>
> Could not connect to security.debian.org:80 (194.109.137.218), connection
>
On Mon, 2003-03-10 at 21:41, Jeremy Drake wrote:
> I can ping security.debian.org, but cannot use http or ftp. It just
> hangs. non-us.debian.org is the same box, and having the same troubles.
> Is this just me?
Yeah... i;ve noticed this too... hopefully someone can check into it :)
I use it
On Mon, 2003-03-10 at 14:20, Thiemo Nagel wrote:
> Jeff wrote:
> > Way off topic - please take the thread private or somewhere more
> > appropriate.
>
> I really have to say that I heartily enjoyed this thread. In my opinion
> from time to time it is fair for us to allow ourselves the luxury of a
On Monday 10 March 2003 18:10, Jeff wrote:
> Way off topic - please take the thread private or somewhere more
> appropriate.
> I subscribe to this list for Debian security announcements.
You do realize that this is completely the wrong list then?
Come on, Emil already _stated_ that his message wa
On Mon, 2003-03-10 at 16:32, Mark Janssen wrote:
> On Mon, 2003-03-10 at 21:41, Jeremy Drake wrote:
> > I can ping security.debian.org, but cannot use http or ftp. It just
> > hangs. non-us.debian.org is the same box, and having the same troubles.
> > Is this just me?
>
> Yeah... i;ve noticed
On Mon, 10 Mar 2003 11:23:04 -0800 Ted Parvu <[EMAIL PROTECTED]> writes:
> The "Bush Doctrine" clearly spells out that America is now an
> Empire.
> "You are either with us or against us."
When did Bush actually say that America is now an empire? he didn't.
Bush doesn't want to go to war wit
On Mon, Mar 10, 2003 at 11:23:04AM -0800, Ted Parvu wrote:
> You are sadly mistaken if you don't believe this thread relates to
> security issues in the Debian community.
This is a sysadmin technical list. Some of us are not
of your opinion. There are tens of thousands of appropriate
places to
Same result from Canberra, Australia. I prefer to get my security updates from security.debian.org maybe just feels more "secure" ah well.. just have to wait.
On Tue, 2003-03-11 at 07:41, Jeremy Drake wrote:
I can ping security.debian.org, but cannot use http or ftp. It just
hangs. non
On Mon, Mar 10, 2003 at 05:00:34PM -0500, Mark L. Kahnt wrote:
> Reportedly this has been officially noted on irc.debian.org - although
> the individual mentioning it on debian-user didn't state beyond that, I
> presume that efforts to restore availability are underway, and that it
> is advised to
On Monday 10 March 2003 2:23 pm, Ted Parvu wrote:
>You are sadly mistaken if you don't believe this thread relates to
>security issues in the Debian community.
Ted,
I am an American paleolibertarian antiwar activist. I write frequently for
LewRockwell.com, the preeminent libertarian antiwar webs
also sprach Ted Parvu <[EMAIL PROTECTED]> [2003.03.10.2023 +0100]:
> This thread relates to the security of the entire planet!
bugger off. this list is called *debian*-security. at least one place
on the 'net where you don't have to worry about fucked up nations
doing penis-length contests.
> I a
On Mon, 10 Mar 2003, Johannes Berth wrote:
> You don't have to make your $HOME world readable, just world executable.
[...]
> With 711 on your $HOME and secure chmods on your files nobody will be
> able to see files you don't want them to see.
... but there's still no reason to place "public html"
Hi Guys,
I am setting up iptables on my debain woody box. I
have decided to close everyting and then open up just ssh and ssl. This
obviously prevents my apt-get update from working. What
ports do I need to open for this to work. If it helps I am
going through a proxy to get to the interne
On Tue, Mar 11, 2003 at 01:45:48AM CET, Ian Goodall wrote:
> Hi Guys,
Heythere :)
>
> [...]. What ports do I need to open for this to work. If it helps I am going
> through a proxy to get to the internet.
If it's an http-proxy, try port 80 :)
--
fear and loathing:
A state inspired by the
>> Find this hard to believe? Then you are not paying attention.
>I'm afraid you are the one who has not been paying attention. The US
>can't have peace when there are people with chemical and biological
>>weapons who would be willing to die to destroy the US.
Who do you think you are ??!!
shouldnt do
unless
you changed the output rules?
please
provide your ruleset
Thing
-Original Message-From: Ian Goodall
[mailto:[EMAIL PROTECTED]Sent: Tuesday, 11 March 2003 2:06
To: debian-security@lists.debian.orgSubject: iptables
and apt-get
Hi Guys,
I am se
Sorry that i didnt send it to the list, so i think this should be to the
lsit, either
-Ursprüngliche Nachricht-
Von: Robert B Wilson [mailto:[EMAIL PROTECTED]
Gesendet: Dienstag, 11. März 2003 02:12
An: [EMAIL PROTECTED]
Betreff: Re: AW: Peace is not off topic
On Tue, 11 Mar 2003 01
On Mon, Mar 10, 2003 at 04:53:41PM -0500, Robert B Wilson imagined:
> On Mon, 10 Mar 2003 11:23:04 -0800 Ted Parvu <[EMAIL PROTECTED]> writes:
> > The "Bush Doctrine" clearly spells out that America is now
> > an Empire. "You are either with us or against us."
> When did Bush actually say that A
Here is my rule set:
#default input policy/sbin/iptables -P INPUT
DROP#allow www/https(ssl)/sbin/iptables -A INPUT -s 0/0 -d 172.16.5.92
-p tcp --dport https -j ACCEPT#allow ssh/sbin/iptables -A INPUT -s 0/0
-d 172.16.5.92 -p tcp --dport ssh -j ACCEPT#allow smtp/sbin/iptables -A
INPUT -
Hi !
It depends how you fetch your packages. Ftp or http ?
You have thus to open either the 80(http) or 21(ftp) port as well. Maybe
you can also limit this to your mirror only, and not to everybody.
Note: If you log the packets you drop, you can take a look on the logs,
and you'll see why your co
On Tue, Mar 11, 2003 at 12:45:48AM -, Ian Goodall wrote:
> Hi Guys,
>
> I am setting up iptables on my debain woody box. I have decided to close
> everyting and then open up just ssh and ssl. This obviously prevents my
> apt-get update from working. What ports do I need to open for this to w
I am using http to security.debian.org and mirror.ac.uk. When opening up
port 80(http) it makes no difference. I think this is beacause I am not
running a service to connect i.e. connecting to port 80 on a remote system
from an unprivalged port >1024? Does this mean it will use a different port
ev
I'd
put the default INPUT policy last.
here
is mine
note
some of this is experimental as per my notes in the file.
#!/bin/bash#iptables firewall
script#17/06/01#14/5/02 flushing and prerouting logs added, other rules
added but not#27/9/2002 mods for wireless laptop and 3 nics
active#
Since when did a bunch of Debian/Linux developers, maintainers, users
become Politicians? I must have missed that transitional period. If I
wanted to here this crap, I'd start watching the news!
--
0110001101100110110110110110 Steve Johnson: pubkeyID 0F737450
0110001101110110110110001100 Linu
Here are the logs:
ID=56596 PROTO=ICMP TYPE=3 CODE=1 [SRC=""
DST=172.16.250.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=15353 DF PROTO=TCP SPT=1031
DPT=8080 WINDOW=5840 RES=0x00 SYN URGP=0 ]Mar 11 01:40:08 dev1 kernel:
DROPITIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=""
DST=17
have to agree
This is not the palce for such discussions
Thing
Since when did a bunch of Debian/Linux developers, maintainers, users
become Politicians? I must have missed that transitional period. If I
wanted to here this crap, I'd start watching the news!
Hi!
* Andreas Vitz <[EMAIL PROTECTED]> [20030311 02:41]:
> > Why do you think iraq will destroy your holy USA ?? Don't you think
> > Iraq
> > CAN attack any country on earth ??
> > using missiles that reach 110 to 180 kilometers, the iraq cant't
> > destroy
> > the US. I don not know whom the ira
Hi!
* Steve Johnson <[EMAIL PROTECTED]> [20030311 03:11]:
> Since when did a bunch of Debian/Linux developers, maintainers, users
> become Politicians? I must have missed that transitional period. If I
> wanted to here this crap, I'd start watching the news!
you'd get less information there, th
Amen! Couldn't have said it better Raymond. I don't really dislike
Americans per se, but I DO dislike the US government, it's policies and
hyprocisy. Should the US attack Iraq without approval from the UN then the
US, Austalia and UK (and any other participating dickhead governments)
should be c
>>P.S: something for the lawyers: are there any licenses explictly
disallowing the use of software in conjunction with war? would it be
debian-compatible?
I know that ther is a disallowing to use some special "network-"cars
(myrinet-cards from myricom) on resarch on weapons outside the USA.
The
Yes, there's a problem with ICMP ...
A ICMP type 3 code 1 (so "host unreachable") is sent to you, but blocked
by your firewall... And it's about 172.16.250.1
Is everything well configured ?
Maybe you could also accept some ICMP msg on your INPUT chain ?
e.g. :
iptables -A INPUT -p icmp --icmp-t
Title: Nachricht
ID=56596 PROTO=ICMP TYPE=3 CODE=1
[SRC="" DST=172.16.250.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=15353 DF
PROTO=TCP SPT=1031 DPT=8080 WINDOW=5840 RES=0x00 SYN URGP=0 ]Mar 11
01:40:08 dev1 kernel: DROPITIN=lo OUT=
MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SR
Maybe you can simply take a look at this ...
http://www.debian.org/doc/manuals/securing-debian-howto/ap-fw-security-update.en.html
On Tue, Mar 11, 2003 at 12:45:48AM -, Ian Goodall wrote:
> Hi Guys,
>
> I am setting up iptables on my debain woody box. I have decided to close
> everyting a
On Tue, Mar 11, 2003 at 03:16:49AM +0100, Andreas Kotes wrote:
> P.S: something for the lawyers: are there any licenses explictly
> disallowing the use of software in conjunction with war? would it be
> debian-compatible?
Finally, we drag the thread back to something at least marginally
Debian-re
On Tue, 11 Mar 2003, Andreas Kotes wrote:
> I fear my system may be used for psychological cyberwarfare, i.e. I
> might get e-mails messing with my brain. what can I do? ;)
http://zapatopi.net/mindguard.html
p.s. I certainly don't have anything to do with mindguard and only mention
it as it is s
Just to think about:
Since when the people who lives in the United States are Americans, since
when the US = America. So far as I know, I leave in the American CONTINENT,
I didn't born in the US, and I don't live there either, but I'm a fucking
american to, cos I live in the CONTINENT of Ameri
Thank God for a smart leader that is willing to fight to protect out way of
life.
And God bless all these good women and men going to fight that insane leader
Saddam.
We have struck a mighty blow against terrorism and thanks to Bush it will
not stop with
Afghanistan. Those insane fanatics that thr
Didier,
My apologies for my wording - it is quite common to link america to USA when
speaking - i'm not the only person who does it, most people do. Of course
Canadians, Mexicans et al are not US Citizens and my comments were not meant
to encompass those nationalities. A rather interesting thin
Can we bring some peace to this list? Please?
-Jim P.
Ian Goodall wrote:
I am using http to security.debian.org and mirror.ac.uk. When opening up
port 80(http) it makes no difference. I think this is beacause I am not
running a service to connect i.e. connecting to port 80 on a remote system
from an unprivalged port >1024? Does this mean it will u
And a 'hacker' is just someone who like's to code, right? I mean, if you
went out on to the street and asked any random passerby 'What does a hacker
do?', they would reply 'A hacker is an enthusiastic computer programmer', and
not 'Someone who breakes into computers to steal information' or some s
This was added to the SANS Advisory on Sendmail last week.
I have not seen any news nor postings related to Snort with
Debian and was wondering about the status of Snort in stable
at this time.
TIA.
--- Crawford
==
DHS/NIPC Adv
> -Original Message-
> From: Steve Hagerman [mailto:[EMAIL PROTECTED]
> Sent: Monday, March 10, 2003 10:43 PM
>
> These people and their treasonist attitudes make me wish
> that our nation would Enforce the laws against treason.
Right now I would settle for the Debian.org admins to enforce
On Mon, 10 Mar 2003 22:42:33 -0500
"Steve Hagerman" <[EMAIL PROTECTED]> wrote:
>
> Thank God for a smart leader that is willing to fight to protect out
> way of life.
> And God bless all these good women and men going to fight that insane
> leader Saddam.
> We have struck a mighty blow against te
On Mon, Mar 10, 2003 at 05:29:15PM +1000, Nikolai Lusan wrote:
> Date: Mon, 10 Mar 2003 17:29:15 +1000 (EST)
> From: Nikolai Lusan <[EMAIL PROTECTED]>
> To: Ryan Goss <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED]
> Subject: Re: ldap pam authentication
>
> On Mon, 10 Mar 2003, Ryan Goss wrote:
>
> >
On Sun, Mar 09, 2003 at 04:15:54AM -0800, Adam Lydick wrote:
> Before the previous thread turned all that useful energy into waste
> heat, the author raised an interesting point:
You obviously did not read the thread.
>
> What support do .debs have for package signing right now?
RTFM AGAIN:
ht
Title: Xenon Reed Tech Group®: search engine submission add url submission optimization
On Sat, Mar 08, 2003 at 08:16:38PM +0100, Thomas Sj?gren wrote:
> On Sat, 8 Mar 2003, Birzan George Cristian wrote:
>
> > > It should be locked down and not touched by adduser ("Would You Like To
> > > Make All Homedirs World-Readable?").
> > root is not the regular user. Users need o+x on their h
On Monday 10 March 2003 15.19, Rob VanFleet wrote:
> > No they don't.
> > You shouldn't place user websites in their home dirs. Place the
> > user "webspace" in e.g /var/www/[user] and symlink from
> > public_html or whatever.
>
> ..and this makes a difference how...? I'm not necessarily trying t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'd like to cast a vote for more restrictive permisions as well
Access to files & directories should be as restrictive as possible
out of the box. If a user or 3rd party app need more access to any
given area I'll give it as long as it doesn't break th
* Thomas Sjögren <[EMAIL PROTECTED]>:
[ WWW pages in /var rather than in /home/user/public_html ]
> With this solution there is no need to make home dirs world readable,
You don't have to make your $HOME world readable, just world executable.
> thus you're able to set 700 on their homes which,
I guess giving up some freedom for the sake of some security means also
giving up the right to define what security is.
I'd prefer to face the common terrorists rather than the
terrorist state. I'll still have a chance to fight back.
This is said by a citizen of a country whose army, in the last
Way off topic - please take the thread private or somewhere more
appropriate.
I subscribe to this list for Debian security announcements.
- Original Message -
From: "Emil Perhinschi" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "Gary MacDougall" <[EMAIL PROTECTED]>
Sent: Monday, March 1
On Mon, Mar 10, 2003 at 12:54:51AM -0600, Ryan Goss wrote:
> Does anyone have a good how-to on pam authentication using ldap. We
> are trying to merge our network over to ldap, but are unable to use pam
> with ldap. We have the ldap server running properly, and are able to
> connect to it and
Hi!
Accourding to http://www.guninski.com/vim1.html vim is vulnerable in
woody and sarge (I tried it myself on both).
ChangeLog of vim (1:6.1-266+1) in sid says:
+ 6.1.265: libcall() can be used in 'foldexpr' to call any system
function. rename(), delete() and remote_send() can also be
used
Jeff wrote:
Way off topic - please take the thread private or somewhere more
appropriate.
I really have to say that I heartily enjoyed this thread. In my opinion
from time to time it is fair for us to allow ourselves the luxury of a
lengthy off-topic discussion on a political topic. We enjoy some
On Mon, Mar 10, 2003 at 05:10:29PM -, Jeff wrote:
> Way off topic - please take the thread private or somewhere more
> appropriate.
> I subscribe to this list for Debian security announcements.
Then subscribe to "debian-security-announce" instead of
"debian-security".
Which is defined as "Di
Hi Thomas,
I have already, now many weeks ago, submitted a fixed vim package to the
Security Team. When they are ready (have reviewed, have time, etc),
they will make a DSA. I've asked them if there's anything else I can do
for them, with no reply. I suspect that they are occupied with other
se
On Mon, Mar 10, 2003 at 11:23:04AM -0800, Ted Parvu wrote:
> On Mon, Mar 10, 2003 at 05:10:29PM -, Jeff wrote:
> > Way off topic - please take the thread private or somewhere more
> > appropriate.
> > I subscribe to this list for Debian security announcements.
>
> Then subscribe to "debian-sec
I can ping security.debian.org, but cannot use http or ftp. It just
hangs. non-us.debian.org is the same box, and having the same troubles.
Is this just me?
Could not connect to security.debian.org:80 (194.109.137.218), connection
timed out
--
Dinner is ready when the smoke alarm goes off.
On Monday 10 March 2003 21:41, Jeremy Drake wrote:
> I can ping security.debian.org, but cannot use http or ftp. It just
> hangs. non-us.debian.org is the same box, and having the same
> troubles. Is this just me?
AOL... No response on port 80. I'm in Oslo, Norway.
Best,
Kjetil
--
Kjetil K
On Mon, 2003-03-10 at 21:41, Jeremy Drake wrote:
> I can ping security.debian.org, but cannot use http or ftp. It just
> hangs. non-us.debian.org is the same box, and having the same troubles.
> Is this just me?
>
> Could not connect to security.debian.org:80 (194.109.137.218), connection
>
On Mon, 2003-03-10 at 21:41, Jeremy Drake wrote:
> I can ping security.debian.org, but cannot use http or ftp. It just
> hangs. non-us.debian.org is the same box, and having the same troubles.
> Is this just me?
Yeah... i;ve noticed this too... hopefully someone can check into it :)
I use it
On Mon, 2003-03-10 at 14:20, Thiemo Nagel wrote:
> Jeff wrote:
> > Way off topic - please take the thread private or somewhere more
> > appropriate.
>
> I really have to say that I heartily enjoyed this thread. In my opinion
> from time to time it is fair for us to allow ourselves the luxury of a
On Monday 10 March 2003 18:10, Jeff wrote:
> Way off topic - please take the thread private or somewhere more
> appropriate.
> I subscribe to this list for Debian security announcements.
You do realize that this is completely the wrong list then?
Come on, Emil already _stated_ that his message wa
On Mon, 2003-03-10 at 16:32, Mark Janssen wrote:
> On Mon, 2003-03-10 at 21:41, Jeremy Drake wrote:
> > I can ping security.debian.org, but cannot use http or ftp. It just
> > hangs. non-us.debian.org is the same box, and having the same troubles.
> > Is this just me?
>
> Yeah... i;ve noticed
On Mon, 10 Mar 2003 11:23:04 -0800 Ted Parvu <[EMAIL PROTECTED]> writes:
> The "Bush Doctrine" clearly spells out that America is now an
> Empire.
> "You are either with us or against us."
When did Bush actually say that America is now an empire? he didn't.
Bush doesn't want to go to war wit
On Mon, Mar 10, 2003 at 11:23:04AM -0800, Ted Parvu wrote:
> You are sadly mistaken if you don't believe this thread relates to
> security issues in the Debian community.
This is a sysadmin technical list. Some of us are not
of your opinion. There are tens of thousands of appropriate
places to
Same result from Canberra, Australia. I prefer to get my security updates from security.debian.org maybe just feels more "secure" ah well.. just have to wait.
On Tue, 2003-03-11 at 07:41, Jeremy Drake wrote:
I can ping security.debian.org, but cannot use http or ftp. It just
hangs. non
On Mon, Mar 10, 2003 at 05:00:34PM -0500, Mark L. Kahnt wrote:
> Reportedly this has been officially noted on irc.debian.org - although
> the individual mentioning it on debian-user didn't state beyond that, I
> presume that efforts to restore availability are underway, and that it
> is advised to
On Monday 10 March 2003 2:23 pm, Ted Parvu wrote:
>You are sadly mistaken if you don't believe this thread relates to
>security issues in the Debian community.
Ted,
I am an American paleolibertarian antiwar activist. I write frequently for
LewRockwell.com, the preeminent libertarian antiwar webs
also sprach Ted Parvu <[EMAIL PROTECTED]> [2003.03.10.2023 +0100]:
> This thread relates to the security of the entire planet!
bugger off. this list is called *debian*-security. at least one place
on the 'net where you don't have to worry about fucked up nations
doing penis-length contests.
> I a
On Mon, 10 Mar 2003, Johannes Berth wrote:
> You don't have to make your $HOME world readable, just world executable.
[...]
> With 711 on your $HOME and secure chmods on your files nobody will be
> able to see files you don't want them to see.
... but there's still no reason to place "public html"
Hi Guys,
I am setting up iptables on my debain woody box. I
have decided to close everyting and then open up just ssh and ssl. This
obviously prevents my apt-get update from working. What
ports do I need to open for this to work. If it helps I am
going through a proxy to get to the interne
On Tue, Mar 11, 2003 at 01:45:48AM CET, Ian Goodall wrote:
> Hi Guys,
Heythere :)
>
> [...]. What ports do I need to open for this to work. If it helps I am going through
> a proxy to get to the internet.
If it's an http-proxy, try port 80 :)
--
fear and loathing:
A state inspired by the
>> Find this hard to believe? Then you are not paying attention.
>I'm afraid you are the one who has not been paying attention. The US
>can't have peace when there are people with chemical and biological
>>weapons who would be willing to die to destroy the US.
Who do you think you are ??!!
shouldnt do
unless
you changed the output rules?
please
provide your ruleset
Thing
-Original Message-From: Ian Goodall
[mailto:[EMAIL PROTECTED]Sent: Tuesday, 11 March 2003 2:06
To: [EMAIL PROTECTED]Subject: iptables
and apt-get
Hi Guys,
I am setting up iptabl
Sorry that i didnt send it to the list, so i think this should be to the
lsit, either
-Ursprüngliche Nachricht-
Von: Robert B Wilson [mailto:[EMAIL PROTECTED]
Gesendet: Dienstag, 11. März 2003 02:12
An: [EMAIL PROTECTED]
Betreff: Re: AW: Peace is not off topic
On Tue, 11 Mar 2003 01
On Mon, Mar 10, 2003 at 04:53:41PM -0500, Robert B Wilson imagined:
> On Mon, 10 Mar 2003 11:23:04 -0800 Ted Parvu <[EMAIL PROTECTED]> writes:
> > The "Bush Doctrine" clearly spells out that America is now
> > an Empire. "You are either with us or against us."
> When did Bush actually say that A
Here is my rule set:
#default input policy/sbin/iptables -P INPUT
DROP#allow www/https(ssl)/sbin/iptables -A INPUT -s 0/0 -d 172.16.5.92
-p tcp --dport https -j ACCEPT#allow ssh/sbin/iptables -A INPUT -s 0/0
-d 172.16.5.92 -p tcp --dport ssh -j ACCEPT#allow smtp/sbin/iptables -A
INPUT -
Hi !
It depends how you fetch your packages. Ftp or http ?
You have thus to open either the 80(http) or 21(ftp) port as well. Maybe
you can also limit this to your mirror only, and not to everybody.
Note: If you log the packets you drop, you can take a look on the logs,
and you'll see why your co
1 - 100 of 131 matches
Mail list logo
