Hamish Marson <[EMAIL PROTECTED]> writes:
> I've noticed some strange traffic on our firewalls recently. Someone
> (Or multiple someones) are attempting to send tcp packets inbound to
> our network FROM well known ports (e.g. port 80) to multiple port
> numbers, and usually multiple addresses as w
Hi there
I'm trying to generate a 40-bit certificate using OPENSSL.Can anybody tell me
if this is possible and with which package?
Thanx
LeRoux
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi there,
I have debian (stable) with a stock kernel from kernel.org (2.4.20) with
FreeSwan 1.99 and grsecurity 1.99h. Worked without a problem so far.
The order of pachtes was first FreeSwan, then grsec, if that makes any
difference...
Good luck,
Noah Meyerhans wrote:
On Thu, Jun 05, 2003 at 10:02:53PM +0200, Christoph Haas wrote:
So most probably you see just the second. That's the way TCP works.
Sequential port numbers may show up because the counter of used
high-ports (1024 ff.) is just increased.
No, it's not at all uncomm
Hamish Marson <[EMAIL PROTECTED]> writes:
> But does nmap generate the packets WITHOUT the SYN flag set? Which is
> what these are...
In this case, it's probably backscatter. Could you tell us a few
source/destination pairs? I could have a look at our flow database at
work and look for similar
On Fri, Jun 06, 2003 at 10:12:05PM +0200, Florian Weimer wrote:
> > But does nmap generate the packets WITHOUT the SYN flag set? Which is
> > what these are...
>
> In this case, it's probably backscatter. Could you tell us a few
> source/destination pairs? I could have a look at our flow databas
Okay, I already posted this message to debian-users, but please don't
flame me - i just figured that maybe debian-security is the better place
to post a request for help like this. Clearly enough this is a security
concern, after all. So maybe you could be so kind and help me out on
this one:
Is there some reason why you can't give each user an account and have them put
their files in ~/public_html? That would have their page show up at
domain.net/~username/.
Sorry if you already knew this and I'm misunderstanding the problem.
On Sat, 07 Jun 2003 00:03:59 +0200
Juan Antonio Agudo <
Hi,
On Sat, 07 Jun 2003 00:03:59 +0200, Juan Antonio Agudo writes:
>I want to enable some friends of mine to host their web pages on
>my woody server. It has Apache LAMP running in great shape and it
>suits my Web page just fine. The Problem that I have now is, that
>the apache user is www-data. W
Hi !
apt-get install openssl
There is two text files in /usr/share/doc/openssl-(version)/docs/HOWTO
Shows how to create an RSA key and a certificate request/self signed
certificate ...
[]'s
On Fri, 2003-06-06 at 05:27, Van Wyk Leroux, Mr wrote:
> Hi there
>
> I'm trying to generate a 40-bit c
On Fri, 2003-06-06 at 15:42, Tim Cunningham wrote:
> Is there some reason why you can't give each user an account and have them
> put their files in ~/public_html? That would have their page show up at
> domain.net/~username/.
>
> Sorry if you already knew this and I'm misunderstanding the prob
From: Luis Gomez - InfoEmergencias <[EMAIL PROTECTED]>
To: debian-security@lists.debian.org
Subject: Re: Keeping files away from users - THANKS!!
Date: Thu, 5 Jun 2003 20:58:43 +0200
MIME-Version: 1.0
Received: from murphy.debian.org ([146.82.138.6]) by
mc5-f31.law1.hotmail.com with Microsoft
On 06 Jun 2003 16:15:37 PDT, Jon writes:
>I believe Apache would still be executing php/cgi scripts as www-data,
>so users could snoop on other users's scripts, session files, etc.
>
>Something like:
>
I suggest you look up the suEXEC Apache module, it seems to do exactly what
you want.
--- W
On Thu, Jun 05, 2003 at 09:30:51AM +0200, Luis Gomez - InfoEmergencias wrote:
> We'd like to protect that content, so that even if someone unplugs the machine
> and connects the HD to another Linux box, they can't access that information.
> Of course it's difficult to do, but we think there might
You can encode your php scripts (in standalone cgi mode or apache served)
with the open source gpl php encoder/optimizer turck mmcache. The readme
says that the encoding it's not recommended for production use yet, but it
works like a charm.
Good Luck,
Koba
On Thu, 5 Jun 2003 09:30:51 +0200, Lu
> Against a sophisticated attacker, it's totally impossible to do what you
> want. They could run bochs an boot the x86 emulator from the new hard
> drive, and examine the contents of the system's memory whenever they wanted.
> Obviously, that's not easy, since you have to figure out where the
>
Hey there,
--On Thursday, June 05, 2003 11:14:36 AM +0200 Marcel Weber
<[EMAIL PROTECTED]> wrote:
Luis Gomez - InfoEmergencias wrote:
We're already looking at that (btw, IIRC loop-aes is included into the
cryptoapi of kerneli.org). The problem is what Dariush points: if your
machine has the pass
Think about this:
Use a encrypted loopback. To get the key without storing it on the
computer:
Get some kind of unique combined fingerprint of the computer and hd
through a c/c++ programmed algorithm and sending them to a secure
"password" server using some kind of (variable server provided s
Harry Brueckner wrote:
Hey there,
Making the encryption key hardware dependent would make it a hard job to
decrypt the harddrive in another computer...
On the other hand - what will you do if your server gets a hardware
problem and you have to replace/expand the system with a new NIC, add
ano
On Thursday 05 June 2003 17:16, Peter Cordes wrote:
> kernel. (Even if you put the password in the kernel, you want to hide the
> initrd, because it will have mount(8) getting a password from /proc/sekret,
> or something.) Use some sort of encrypted filesystem on the hard drive.
When you're hac
Harry Brueckner wrote:
On the other hand - what will you do if your server gets a hardware
problem and you have to replace/expand the system with a new NIC, add
another CPU, exchange anything in the box.
So after a simple hardware problem all your own data is lost as well,
even if the harddriv
On Thu, Jun 05, 2003 at 12:53:43PM -0300, Koba wrote:
> Think about this:
> Use a encrypted loopback. To get the key without storing it on
> the computer:
> Get some kind of unique combined fingerprint of the computer and hd
> through a c/c++ programmed algorithm and sendi
On Thu, 5 Jun 2003 14:15:45 -0300, Peter Cordes <[EMAIL PROTECTED]>
wrote:
If the attacker runs it under an x86 emulator like bochs, they don't need
to sniff the network, just look at memory after it's decrypted. Also,
what
I suggested was an attempt to avoid dependence on a network. I'd be
p
Good evening (here in Spain) to all of you.
I want to sincerely thank you all for the great feedback received on this
topic. I would never have expected to receive some 20 answers in such a short
time! Let me take my time to write your names, because you deserve it:
Thank you Dariush, Adam, Marc
W liĆcie z czw, 05-06-2003, godz. 07:30, Luis Gomez - InfoEmergencias
pisze:
Hello!
> We'd like to protect that content, so that even if someone unplugs the machine
> and connects the HD to another Linux box, they can't access that information.
> Of course it's difficult to do, but we think th
I've noticed some strange traffic on our firewalls recently. Someone (Or
multiple someones) are attempting to send tcp packets inbound to our
network FROM well known ports (e.g. port 80) to multiple port numbers,
and usually multiple addresses as well. Sometimes they are randomised,
(Port and/o
On Thu, Jun 05, 2003 at 08:29:10PM +0100, Hamish Marson wrote:
> I've noticed some strange traffic on our firewalls recently. Someone (Or
> multiple someones) are attempting to send tcp packets inbound to our
> network FROM well known ports (e.g. port 80) to multiple port numbers,
> and usually
In article <[EMAIL PROTECTED]>
[EMAIL PROTECTED] writes:
>I've noticed some strange traffic on our firewalls recently. Someone (Or
>multiple someones) are attempting to send tcp packets inbound to our
>network FROM well known ports (e.g. port 80)
Some firewalls that don't do proper connection
Hi,
currently I'm setting up a gateway machine for a small office
network. After the recent threads about rooted woody boxes I feel it
would be iresponsible to set up a box without a grsecurity patched
kernel.
The problem is I also need the box to be a VPN gateway. One of
the reasons I got the d
On Thu, Jun 05, 2003 at 10:02:53PM +0200, Christoph Haas wrote:
> So most probably you see just the second. That's the way TCP works.
> Sequential port numbers may show up because the counter of used
> high-ports (1024 ff.) is just increased.
No, it's not at all uncommon to see incoming traffic fr
On Thursday 05 June 2003 22:32, Vinai Kopp wrote:
Hi Vinai,
> There seem to be problems using both the grsecurity and the freeswan
> patches (at least I haven't been successfull applying the patches - I
> tried the debian versions and the "official" ones from the different
> project sites of the
On Thu, Jun 05, 2003 at 08:58:43PM +0200, Luis Gomez - InfoEmergencias wrote:
> Other interesting things to look at:
>
> - LICENSING ISSUES. As Peter Cordes commented, the kernel is GPL so if we
> integrate code into it, we cannot provide a binary-only version, we should
> also give away the sou
On Thu, Jun 05, 2003 at 10:32:59PM +0200, Vinai Kopp wrote:
>Hi,
>
>currently I'm setting up a gateway machine for a small office
>network. After the recent threads about rooted woody boxes I feel it
>would be iresponsible to set up a box without a grsecurity patched
>kernel.
>The problem is I als
> "Vinai" == Vinai Kopp <[EMAIL PROTECTED]> writes:
[...]
Vinai> There seem to be problems using both the grsecurity and the
Vinai> freeswan patches (at least I haven't been successfull applying
Vinai> the patches - I tried the debian versions and the "official" ones
Vinai> from the different
Hamish Marson <[EMAIL PROTECTED]> writes:
> I've noticed some strange traffic on our firewalls recently. Someone
> (Or multiple someones) are attempting to send tcp packets inbound to
> our network FROM well known ports (e.g. port 80) to multiple port
> numbers, and usually multiple addresses as w
Hi there
I'm trying to generate a 40-bit certificate using OPENSSL.Can anybody tell me if this
is possible and with which package?
Thanx
LeRoux
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi there,
I have debian (stable) with a stock kernel from kernel.org (2.4.20) with
FreeSwan 1.99 and grsecurity 1.99h. Worked without a problem so far.
The order of pachtes was first FreeSwan, then grsec, if that makes any
difference...
Good luck, Pe
Noah Meyerhans wrote:
On Thu, Jun 05, 2003 at 10:02:53PM +0200, Christoph Haas wrote:
So most probably you see just the second. That's the way TCP works.
Sequential port numbers may show up because the counter of used
high-ports (1024 ff.) is just increased.
No, it's not at all uncommon to
Hamish Marson <[EMAIL PROTECTED]> writes:
> But does nmap generate the packets WITHOUT the SYN flag set? Which is
> what these are...
In this case, it's probably backscatter. Could you tell us a few
source/destination pairs? I could have a look at our flow database at
work and look for similar
On Fri, Jun 06, 2003 at 10:12:05PM +0200, Florian Weimer wrote:
> > But does nmap generate the packets WITHOUT the SYN flag set? Which is
> > what these are...
>
> In this case, it's probably backscatter. Could you tell us a few
> source/destination pairs? I could have a look at our flow databas
Okay, I already posted this message to debian-users, but please don't
flame me - i just figured that maybe debian-security is the better place
to post a request for help like this. Clearly enough this is a security
concern, after all. So maybe you could be so kind and help me out on
this one:
Is there some reason why you can't give each user an account and have them put their
files in ~/public_html? That would have their page show up at domain.net/~username/.
Sorry if you already knew this and I'm misunderstanding the problem.
On Sat, 07 Jun 2003 00:03:59 +0200
Juan Antonio Agudo <[
Hi,
On Sat, 07 Jun 2003 00:03:59 +0200, Juan Antonio Agudo writes:
>I want to enable some friends of mine to host their web pages on
>my woody server. It has Apache LAMP running in great shape and it
>suits my Web page just fine. The Problem that I have now is, that
>the apache user is www-data. W
Hi !
apt-get install openssl
There is two text files in /usr/share/doc/openssl-(version)/docs/HOWTO
Shows how to create an RSA key and a certificate request/self signed
certificate ...
[]'s
On Fri, 2003-06-06 at 05:27, Van Wyk Leroux, Mr wrote:
> Hi there
>
> I'm trying to generate a 40-bit c
On Fri, 2003-06-06 at 15:42, Tim Cunningham wrote:
> Is there some reason why you can't give each user an account and have them put their
> files in ~/public_html? That would have their page show up at domain.net/~username/.
>
> Sorry if you already knew this and I'm misunderstanding the problem
From: Luis Gomez - InfoEmergencias <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Keeping files away from users - THANKS!!
Date: Thu, 5 Jun 2003 20:58:43 +0200
MIME-Version: 1.0
Received: from murphy.debian.org ([146.82.138.6]) by
mc5-f31.law1.hotmail.com with Microsoft SMTPSVC(5.0.2195
On 06 Jun 2003 16:15:37 PDT, Jon writes:
>I believe Apache would still be executing php/cgi scripts as www-data,
>so users could snoop on other users's scripts, session files, etc.
>
>Something like:
>
I suggest you look up the suEXEC Apache module, it seems to do exactly what
you want.
--- W
47 matches
Mail list logo
