> try to login with 'user' via ftp (using the newly created shadow file),
ftp deamons usually provide command for creating passwd files, proftpd:
ftpasswd, muddleftpd: mudpasswd.
> user:$apr1$DlJ9I...$E8VL0rjQKdl1pVgH2q10C.
> user:$1$NR.fOvEF$.hOr7l7msiIfz6sP4l0yS/
Even with the same tools pass
On Mon, Dec 01, 2003 at 09:19:51AM +0100, Dariush Pietrzak wrote:
> > try to login with 'user' via ftp (using the newly created shadow file),
> ftp deamons usually provide command for creating passwd files, proftpd:
> ftpasswd, muddleftpd: mudpasswd.
>
> > user:$apr1$DlJ9I...$E8VL0rjQKdl1pVgH2q1
- Original Message -
From: "LeVA" <[EMAIL PROTECTED]>
>
> htpasswd -m shadow.ftp user
>
htpasswd without '-m' works for apache 1.3.26 & proftpd 1.2.4,
with '-m' it doesn't!
(both actual version from woody)
Christian
Michael Stone wrote:
On Fri, Nov 28, 2003 at 11:10:56AM +0200, Camillo Särs wrote:
Yes, I did note that "there are many wrinkles to iron out". That's
not the point I am trying to make. I don't think anyone would be
foolish enough to think apt-secure provides "total security".
What would be
On Mon, Dec 01, 2003 at 11:26:02AM +0200, Camillo Särs wrote:
As an example, 3.0r2 did not install on my system before I reconfigured
trust in the archives. This worked as intended, although that may not be
immediately obvious.
Where did you get the new key? How did you verify it? Are you awa
Michael Stone wrote:
Where did you get the new key?
There was no new key. The 3.0r1 release used the 2002 master, whereas the
3.0r2 uses the 2003 master, which has been in use for security for a long time
already.
How did you verify it?
From my perspective, the 2003 master key has an es
On Mon, Dec 01, 2003 at 01:34:51PM +0200, Camillo Särs wrote:
Yes, I can see that. Regardless, apt-secure does bring added value. How
much added value depends on how the keys are used. The next time the
problem might hit the distribution chain
Fine, but I think I said "in this case", didn't
On Samstag, 29. November 2003 10:05, Martin Pitt wrote:
> RSBAC has a lot of nice features and seems pretty well designed, but I
> do not use it because of the following:
>
> - Security policies (ACLs etc.) are altered by calling command line
> programs which modify binary files. I don't quite l
hi
I have compiled kernel 2.4.22
for bridge and iptables support.
Bridge is working ok but
Layer 3 packets are only processed if they are addressed to bridge box ip address
interface.
example
hostA --Bridgebox-RouterRemote
locations
On Sat, 2003-11-29 at 04:05, Martin Pitt wrote:
> - It needs an extra account ("security officer" with UID 400) which is
> a pretty bad idea IMHO. Since once you are SO (cracked/sniffed
> password etc.), you can alter anything which seems like a giant
> security risk to me.
If the password
On Samstag, 29. November 2003 11:08, Russell Coker wrote:
> On Sat, 29 Nov 2003 20:05, Martin Pitt <[EMAIL PROTECTED]> wrote:
> > SELinux only uses LSM which makes it easy to port, but seems
> > impractical and even dangerous for real-world use [1][2]. Minor issues
>
> [1] and [2] are matters of o
On Montag, 1. Dezember 2003 15:56, Colin Walters wrote:
> On Sat, 2003-11-29 at 04:05, Martin Pitt wrote:
>
> > - It needs an extra account ("security officer" with UID 400) which is
> > a pretty bad idea IMHO. Since once you are SO (cracked/sniffed
> > password etc.), you can alter anything w
Hy,
bridging is not routing! A bridge forwards frames at leyer 2, a router
forwards ip packets at leyer 3.
However iptables is a 3rd leyer firewall, therefore bridged traffic is
not affected by any iptables rule!
Francisco Oliveira wrote:
hi
I have compiled kernel 2.4.22 for bridge and ipt
* Russell Coker ([EMAIL PROTECTED]) [031201 05:10]:
> On Mon, 1 Dec 2003 07:43, Andreas Barth <[EMAIL PROTECTED]> wrote:
> > What about the gettys? I'm asking this because I wrote the initial
> > mail because of mgetty, a package where I expect some non-standard
> > setup (though of course, I could
On Mon, Dec 01, 2003 at 03:07:14PM +0100, Francisco Oliveira wrote:
> hi
> I have compiled kernel 2.4.22 for bridge and iptables support.
> Bridge is working ok but Layer 3 packets are only processed if they are
> addressed to bridge box ip address interface.
You need the ebtables patch from http:
Will 2.4.20 Source be patched for the latest kernel
local root vulnerability?
Thanks
__
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/
On Tue, 2 Dec 2003 08:48, Andreas Barth <[EMAIL PROTECTED]> wrote:
> * Russell Coker ([EMAIL PROTECTED]) [031201 05:10]:
> > On Mon, 1 Dec 2003 07:43, Andreas Barth <[EMAIL PROTECTED]> wrote:
> > > What about the gettys? I'm asking this because I wrote the initial
> > > mail because of mgetty, a pa
On Mon, Dec 01, 2003 at 05:52:27PM -0800, peace bwitchu wrote:
> Will 2.4.20 Source be patched for the latest kernel
> local root vulnerability?
>
From the announcement we see:
> This bug has been fixed in kernel version 2.4.23 for the 2.4 tree and
> 2.6.0-test6 kernel tree. For Debian it has b
Hello!
I need to add users to a passwd/shadow file, but these files does not
reside in /etc dir. Thus I can not use the adduser or useradd tool to
add the users, because then they will be added to the /etc/passwd|shadow
file, and my passwd/shadow files are in another directory. These
passwd/sha
> try to login with 'user' via ftp (using the newly created shadow file),
ftp deamons usually provide command for creating passwd files, proftpd:
ftpasswd, muddleftpd: mudpasswd.
> user:$apr1$DlJ9I...$E8VL0rjQKdl1pVgH2q10C.
> user:$1$NR.fOvEF$.hOr7l7msiIfz6sP4l0yS/
Even with the same tools pass
On Mon, Dec 01, 2003 at 09:19:51AM +0100, Dariush Pietrzak wrote:
> > try to login with 'user' via ftp (using the newly created shadow file),
> ftp deamons usually provide command for creating passwd files, proftpd:
> ftpasswd, muddleftpd: mudpasswd.
>
> > user:$apr1$DlJ9I...$E8VL0rjQKdl1pVgH2q1
- Original Message -
From: "LeVA" <[EMAIL PROTECTED]>
>
> htpasswd -m shadow.ftp user
>
htpasswd without '-m' works for apache 1.3.26 & proftpd 1.2.4,
with '-m' it doesn't!
(both actual version from woody)
Christian
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "uns
Michael Stone wrote:
On Fri, Nov 28, 2003 at 11:10:56AM +0200, Camillo Särs wrote:
Yes, I did note that "there are many wrinkles to iron out". That's
not the point I am trying to make. I don't think anyone would be
foolish enough to think apt-secure provides "total security".
What would be foo
On Mon, Dec 01, 2003 at 11:26:02AM +0200, Camillo Särs wrote:
As an example, 3.0r2 did not install on my system before I reconfigured
trust in the archives. This worked as intended, although that may not be
immediately obvious.
Where did you get the new key? How did you verify it? Are you aware
Michael Stone wrote:
Where did you get the new key?
There was no new key. The 3.0r1 release used the 2002 master, whereas the
3.0r2 uses the 2003 master, which has been in use for security for a long time
already.
How did you verify it?
From my perspective, the 2003 master key has an establishe
On Mon, Dec 01, 2003 at 01:34:51PM +0200, Camillo Särs wrote:
Yes, I can see that. Regardless, apt-secure does bring added value. How
much added value depends on how the keys are used. The next time the
problem might hit the distribution chain
Fine, but I think I said "in this case", didn't I?
On Samstag, 29. November 2003 10:05, Martin Pitt wrote:
> RSBAC has a lot of nice features and seems pretty well designed, but I
> do not use it because of the following:
>
> - Security policies (ACLs etc.) are altered by calling command line
> programs which modify binary files. I don't quite l
hi
I have compiled kernel 2.4.22
for bridge and iptables support.
Bridge is working ok but
Layer 3 packets are only processed if they are addressed to bridge box ip address
interface.
example
hostA --Bridgebox-RouterRemote
locations
On Sat, 2003-11-29 at 04:05, Martin Pitt wrote:
> - It needs an extra account ("security officer" with UID 400) which is
> a pretty bad idea IMHO. Since once you are SO (cracked/sniffed
> password etc.), you can alter anything which seems like a giant
> security risk to me.
If the password
On Samstag, 29. November 2003 11:08, Russell Coker wrote:
> On Sat, 29 Nov 2003 20:05, Martin Pitt <[EMAIL PROTECTED]> wrote:
> > SELinux only uses LSM which makes it easy to port, but seems
> > impractical and even dangerous for real-world use [1][2]. Minor issues
>
> [1] and [2] are matters of o
On Montag, 1. Dezember 2003 15:56, Colin Walters wrote:
> On Sat, 2003-11-29 at 04:05, Martin Pitt wrote:
>
> > - It needs an extra account ("security officer" with UID 400) which is
> > a pretty bad idea IMHO. Since once you are SO (cracked/sniffed
> > password etc.), you can alter anything w
Hy,
bridging is not routing! A bridge forwards frames at leyer 2, a router
forwards ip packets at leyer 3.
However iptables is a 3rd leyer firewall, therefore bridged traffic is
not affected by any iptables rule!
Francisco Oliveira wrote:
hi
I have compiled kernel 2.4.22 for bridge and iptabl
* Russell Coker ([EMAIL PROTECTED]) [031201 05:10]:
> On Mon, 1 Dec 2003 07:43, Andreas Barth <[EMAIL PROTECTED]> wrote:
> > What about the gettys? I'm asking this because I wrote the initial
> > mail because of mgetty, a package where I expect some non-standard
> > setup (though of course, I could
On Mon, Dec 01, 2003 at 03:07:14PM +0100, Francisco Oliveira wrote:
> hi
> I have compiled kernel 2.4.22 for bridge and iptables support.
> Bridge is working ok but Layer 3 packets are only processed if they are
> addressed to bridge box ip address interface.
You need the ebtables patch from http:
Will 2.4.20 Source be patched for the latest kernel
local root vulnerability?
Thanks
__
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [
On Tue, 2 Dec 2003 08:48, Andreas Barth <[EMAIL PROTECTED]> wrote:
> * Russell Coker ([EMAIL PROTECTED]) [031201 05:10]:
> > On Mon, 1 Dec 2003 07:43, Andreas Barth <[EMAIL PROTECTED]> wrote:
> > > What about the gettys? I'm asking this because I wrote the initial
> > > mail because of mgetty, a pa
On Mon, Dec 01, 2003 at 05:52:27PM -0800, peace bwitchu wrote:
> Will 2.4.20 Source be patched for the latest kernel
> local root vulnerability?
>
From the announcement we see:
> This bug has been fixed in kernel version 2.4.23 for the 2.4 tree and
> 2.6.0-test6 kernel tree. For Debian it has b
Hello!
I need to add users to a passwd/shadow file, but these files does not
reside in /etc dir. Thus I can not use the adduser or useradd tool to
add the users, because then they will be added to the /etc/passwd|shadow
file, and my passwd/shadow files are in another directory. These
passwd/shad
38 matches
Mail list logo
