--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
- OutOfOffice**
/Binghamton University/- Systems
607 777 6827
*Craig M. Houck ><>
Only as Good as the Last Problem Solved**
know there is a mechanism of some kind to cause daemons to
restart when libraries they use are being replaced; is that just
for libc updates, or something?
Have a look into the needrestart package, which is suggested, but not
required, by unattended-upgrades.
--
@ITS
Craig M. Houck
cucipop
-Original Message-
From: DEFFONTAINES Vincent [mailto:[EMAIL PROTECTED]
Sent: 06 December 2002 01:29
To: debian-security@lists.debian.org
Subject: RE: pop mail recommendations
I personnally used courrier-pop which did good, but never did I compare it
with others.
> -Origina
Hi Guys
We have to setup a VPN for a client and was wondering what software packages
we could use for this, what works well and is reliable ? And what I need to
do to get it working on their firewall ...
Thanks
Craig
Hi Guys
Having a few problems with setting up a VPN gateway on Linux,
specifically a debian firewall box and having windows 2000
boxes authenticate using certs.
I have generated a cert for the gateway machine using the openssl packages
and installed it. I have also configured freeswan to the be
cucipop
-Original Message-
From: DEFFONTAINES Vincent [mailto:[EMAIL PROTECTED]]
Sent: 06 December 2002 01:29
To: [EMAIL PROTECTED]
Subject: RE: pop mail recommendations
I personnally used courrier-pop which did good, but never did I compare it
with others.
> -Original Message-
eatly appreciated :)
-----// Craig Schneider Systems Administrator Z Data Solutions http://www.zdata.co.za //
I know datafellows have a product called f-secure that
runs on linux. Haven't had a chance to test it yet :)
www.datafellows.com
Craig
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, February 20, 2001 10:38 AM
> To
file on slink.
Any suggestions or
assistance would be appreciated :) Thanks
Craig
documentation makes reference to is to low a
version.
I have pointed apt to sid but it wants to pull packages down from woody.
Now what i need to know, is woody stable enough for a proxy/firewall machine
?
Thanks
Craig
eatly appreciated :)
-----// Craig Schneider Systems Administrator Z Data Solutions http://www.zdata.co.za //
I know datafellows have a product called f-secure that
runs on linux. Haven't had a chance to test it yet :)
www.datafellows.com
Craig
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, February 20, 2001 10:38 AM
> To: [EMAIL PRO
file on slink.
Any suggestions or
assistance would be appreciated :) Thanks
Craig
documentation makes reference to is to low a
version.
I have pointed apt to sid but it wants to pull packages down from woody.
Now what i need to know, is woody stable enough for a proxy/firewall machine
?
Thanks
Craig
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubs
HELP
me :)
Kind regards
Craig :)
winmail.dat
You may find the Debian package ipac-ng very useful if you don't want to
write your own scripts to handle all the ip accounting.
I don't think it'll do per-user on a single host (what can?!?) but
certainly per-ip.
--
Craig Ringer
IT Manager, POST Newspapers
http://www.postne
HELP
me :)
Kind regards
Craig :)
<>
You may find the Debian package ipac-ng very useful if you don't want to
write your own scripts to handle all the ip accounting.
I don't think it'll do per-user on a single host (what can?!?) but
certainly per-ip.
--
Craig Ringer
IT Manager, POST Newspapers
http://www.postne
Hi Guys
I am setting up a firewall that needs to have
the functionality of forwarding vpn connections
to an internal masqueraded workstation.
At this point all I need is the port number and
protocol that VPN uses.
Any help would be greatly appreciated.
..Craig
--
To UNSUBSCRIBE, email to
Tel. +39 0321 885422
> > Strada per Gravellona Fax +39 0321 885333
> > Borgolavezzaro (NO) http://www.tecnogi.com
> > Key fingerprint = B5 B4 AA 91 89 50 43 8F B1 6B C6 8C 34 79 5A 7F
> >
> >
slow on telling people we are.
- Craig
Debian LPRng maintainer
- Forwarded message from Matt Power <[EMAIL PROTECTED]> -
Delivered-To: [EMAIL PROTECTED]
Date: Wed, 22 Nov 2000 16:51:30 -0500
From: Matt Power <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
S
I'm not sure this is enough or whether perhaps another method of encrypting traffic might be safer.
Any suggestions are welcomed at this point.
Thanks
Craig
Hi Guys
I was just wondering if you know how I could possibly setup squid so
that it will accept connections from the internet and filter before they
hit a IIS6 hosted intranet.
Any ideas at this point would be welcome.
Thanks
Craig
Hi Guys
Is there software available that can log the contents of IP_CONTRACK in
proc to a webpage similar to IPCOP with port numbers, source and
destination IP addresses?
Thanks
Craig
--
Craig Jones, Lawyers Online Ltd
www.lawyersonline.co.uk - [EMAIL PROTECTED]
sales: 0870 777 89 80 - technical: 0870 777 89 98
fax: 0870 777 89 90 - icq: 102068908
Hereford House, 3 Offa Street, Hereford, HR1 2LL
company no: 3610220 - vat number: 713 6982 19
This email (including
; We would like to expose the packages for the upcoming wordpress
> >> update a bit for additional testing. Please find them at
> >
> >> https://people.debian.org/~carnil/tmp/wordpress
> >
> >> and report any problem *introduced* by updating to th
ping you from doing a 'chmod
> 750 /root/'". I think the answer is that Debian shouldn't be broken, by
> default and rely on the system administrator to fix it.
It isn't broken, so that argument fails.
> That being said, should I file a bug against base-files?
No. It'll probably just get rejected anyway.
Craig
pgp56WMDHKPGC.pgp
Description: PGP signature
argument supporting the change. Therefore, no change.
Craig
pgps6oPxOMWsc.pgp
Description: PGP signature
ight now Debian either uses 755 or
sets /root to be the same as /home/*; I'm not sure which. If you want
that to change, you need a better argument than anything that has been
presented so far.
Craig
pgpJh8c8s9Q0y.pgp
Description: PGP signature
ime.
Craig
Hi Guys
Is there any way of changing the banner in Apache like you can for
proftpd lets say?
Without having to tamper with the Apache source ?>
Thinking of a runtime option for the config file ?
Thanks
Craig
ping you from doing a 'chmod
> 750 /root/'". I think the answer is that Debian shouldn't be broken, by
> default and rely on the system administrator to fix it.
It isn't broken, so that argument fails.
> That being said, should I file a bug against base-files?
No. It'll probably just get rejected anyway.
Craig
pgp0.pgp
Description: PGP signature
argument supporting the change. Therefore, no change.
Craig
pgp0.pgp
Description: PGP signature
ight now Debian either uses 755 or
sets /root to be the same as /home/*; I'm not sure which. If you want
that to change, you need a better argument than anything that has been
presented so far.
Craig
pgp0.pgp
Description: PGP signature
ime.
Craig
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi Guys
Is there any way of changing the banner in Apache like you can for
proftpd lets say?
Without having to tamper with the Apache source ?>
Thinking of a runtime option for the config file ?
Thanks
Craig
I'm not sure this is enough or whether perhaps another method of encrypting traffic might be safer.
Any suggestions are welcomed at this point.
Thanks
Craig
Hi Guys
I was just wondering if you know how I could possibly setup squid so
that it will accept connections from the internet and filter before they
hit a IIS6 hosted intranet.
Any ideas at this point would be welcome.
Thanks
Craig
rco Giardini
> > TecnoGi spa Tel. +39 0321 885422
> > Strada per Gravellona Fax +39 0321 885333
> > Borgolavezzaro (NO) http://www.tecnogi.com
> > Key fingerprint = B5 B4 AA 91 89 50 43 8F B1 6B C6 8C 34 79 5A 7F
> >
> > --
> > To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>
>
>
--
Craig McPherson
Network Admin
Baptist Student Union
Fayetteville, Arkansas
slow on telling people we are.
- Craig
Debian LPRng maintainer
- Forwarded message from Matt Power <[EMAIL PROTECTED]> -
Delivered-To: [EMAIL PROTECTED]
Date: Wed, 22 Nov 2000 16:51:30 -0500
From: Matt Power <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], lprng@lprng.com
S
a largely unchanged version from what
we get from Patrick Powell.
- Craig
Debian LPRng maintainer
--
Craig Small VK2XLZ GnuPG:1C1B D893 1418 2AF4 45EE 95CB C76C E5AC 12CA DFA5
Eye-Net Consulting http://www.eye-net.com.au/<[EMAIL PROTECTED]>
MIEEE <[EMAIL PROTECTED]>
x27;m sick of seeing emails saying basically a user
thought we were vulnerable until they accidently stumbled upon
some obscure email somewhere.
We are not doing the project or our users justice with these delays.
- Craig
--
Craig Small VK2XLZ GnuPG:1C1B D893 1418 2AF4 45EE 95CB C76C E5AC 12CA DFA
on means a largely unchanged version from what
we get from Patrick Powell.
- Craig
Debian LPRng maintainer
--
Craig Small VK2XLZ GnuPG:1C1B D893 1418 2AF4 45EE 95CB C76C E5AC 12CA DFA5
Eye-Net Consulting http://www.eye-net.com.au/<[EMAIL PROTECTED]>
MIEEE <[EMAIL PROTECTED]>
x27;m sick of seeing emails saying basically a user
thought we were vulnerable until they accidently stumbled upon
some obscure email somewhere.
We are not doing the project or our users justice with these delays.
- Craig
--
Craig Small VK2XLZ GnuPG:1C1B D893 1418 2AF4 45EE 95CB C76C E5AC 12CA DFA
ver requested it and have no idea, how this
> little beast comes on my desktop.)
Sounds like the famous GNOME easter egg. I've never seen it myself,
oddly.
Craig
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
will be prompted for a password if necessary (if, for
instance, you don't have RSA credentials set up).
Craig
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ncipal issue with ident is, what good is it doing me if I let
it run on my system? None, as far as I can tell. I don't need it, so
it's gone. Whether it's actually dangerous or not is a non-issue to me.
Craig
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "
For more than six months now, I've been trying to disable
Keyboard-Interactive authentication in OpenSSH. Still, "ssh -v"
shows the following when connecting to the server:
debug1: authentications that can continue: publickey,keyboard-interactive
The server's sshd_config is as follows:
Port 22
nother Windows-only worm, and my
web server is, of course, running Linux.
Craig
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Andres Salomon wrote:
> Aside from the fact that it's a pretty big IF; I'm not aware of too many
> mail clients that use pagers. mutt uses vi
pager != editor. Mutt has a built-in pager but can be configured to use
an external one if you prefer.
Craig
--
To UNSUBSCRIBE,
r, I'd really appreciate it.
>
> If this isn't secure behaviour, perhaps I can add an iptables
> entry like:
>
> iptables -A INPUT -p udp -j drop
>
> However, I don't have any applications running using udp, so the
> 'open' port doesn't
fail to see the lack of
relevance.
> jc: If you own the box and *don't* have any reason to assume/think
you've
> been compromised (Just checking) you can check locally using nice
tools like:
> netstat -an --ip or netstat -an --udp[--tcp]
for
> either one.
> lsof -i -n
fail to see the lack of
relevance.
> jc: If you own the box and *don't* have any reason to assume/think
you've
> been compromised (Just checking) you can check locally using nice
tools like:
> netstat -an --ip or netstat -an --udp[--tcp]
for
> either one.
> lsof -i -n
ine situations where this is bad. But what
> to do against?
Well, I suppose you could encrypt your email, but that requires everyone
you correspond with to be able to decrypt it to read it.
The bottom line, though, is that if you don't trust root, don't use his
machine, or allow your pa
martin f krafft wrote:
> * Craig Dickson <[EMAIL PROTECTED]> [2001.11.15 10:28:33-0800]:
> > Also note that root owns sendmail, or whatever MTA you're using. If he
> > really wants to read your mail, it would be much easier for him to do it
> > by configuring the
od, though also the most obvious).
You can make it so that root has to do more than look in /tmp for
cleartext files, but I doubt you can make it hard if root is a competent
programmer.
Craig
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
pen to be mentioned (possibly
not by name, so you can't just grep for that).
> Also, what makes you thing root "knows what he's doing?" I suspect that
> many people with the "root" password could not install a tty sniffer or
> any other spying tool unless th
me. 3.8.0 had some good but not essential fixes in it (for most
people anyway). I just don't know how to do it.
- Craig
--
Craig Small VK2XLZ GnuPG:1C1B D893 1418 2AF4 45EE 95CB C76C E5AC 12CA DFA5
Eye-Net Consulting http://www.eye-net.com.au/<[EMAIL PR
ver requested it and have no idea, how this
> little beast comes on my desktop.)
Sounds like the famous GNOME easter egg. I've never seen it myself,
oddly.
Craig
t. You will be prompted for a password if necessary (if, for
instance, you don't have RSA credentials set up).
Craig
ncipal issue with ident is, what good is it doing me if I let
it run on my system? None, as far as I can tell. I don't need it, so
it's gone. Whether it's actually dangerous or not is a non-issue to me.
Craig
For more than six months now, I've been trying to disable
Keyboard-Interactive authentication in OpenSSH. Still, "ssh -v"
shows the following when connecting to the server:
debug1: authentications that can continue: publickey,keyboard-interactive
The server's sshd_config is as follows:
Port 22
's another Windows-only worm, and my
web server is, of course, running Linux.
Craig
Andres Salomon wrote:
> Aside from the fact that it's a pretty big IF; I'm not aware of too many
> mail clients that use pagers. mutt uses vi
pager != editor. Mutt has a built-in pager but can be configured to use
an external one if you prefer.
Craig
r, I'd really appreciate it.
>
> If this isn't secure behaviour, perhaps I can add an iptables
> entry like:
>
> iptables -A INPUT -p udp -j drop
>
> However, I don't have any applications running using udp, so the
> 'open' port doesn't
to see the lack of
relevance.
> jc: If you own the box and *don't* have any reason to assume/think
you've
> been compromised (Just checking) you can check locally using nice
tools like:
> netstat -an --ip or netstat -an --udp[--tcp]
for
> either one.
> lsof -i -n
to see the lack of
relevance.
> jc: If you own the box and *don't* have any reason to assume/think
you've
> been compromised (Just checking) you can check locally using nice
tools like:
> netstat -an --ip or netstat -an --udp[--tcp]
for
> either one.
> lsof -i -n
ine situations where this is bad. But what
> to do against?
Well, I suppose you could encrypt your email, but that requires everyone
you correspond with to be able to decrypt it to read it.
The bottom line, though, is that if you don't trust root, don't use his
machine, or allow your packets to be routed through his machine (good
luck on that one if you're on the same hub). Root can do whatever he
likes and you can't stop him.
Craig
martin f krafft wrote:
> * Craig Dickson <[EMAIL PROTECTED]> [2001.11.15 10:28:33-0800]:
> > Also note that root owns sendmail, or whatever MTA you're using. If he
> > really wants to read your mail, it would be much easier for him to do it
> > by configuring the
od, though also the most obvious).
You can make it so that root has to do more than look in /tmp for
cleartext files, but I doubt you can make it hard if root is a competent
programmer.
Craig
pen to be mentioned (possibly
not by name, so you can't just grep for that).
> Also, what makes you thing root "knows what he's doing?" I suspect that
> many people with the "root" password could not install a tty sniffer or
> any other spying tool unless they could type "apt-get install ttysniffer".
Then they also won't be capable of effectively monitoring /tmp for
interesting emails about to be sent.
Craig
me. 3.8.0 had some good but not essential fixes in it (for most
people anyway). I just don't know how to do it.
- Craig
--
Craig Small VK2XLZ GnuPG:1C1B D893 1418 2AF4 45EE 95CB C76C E5AC 12CA DFA5
Eye-Net Consulting http://www.eye-net.com.au/<[EMAIL PR
Florian Weimer wrote:
> Two possibilities: The documentation refers to a previous version of
> the scanner, or you forgot to restart Apache after installing the
> packages.
Installing a new .deb for a server package should automatically restart
the server, should it not?
Craig
pgpf
--
Our capacity for understanding is inversely proportional
to how much we think we know.
Set the controls for the heart of the sun.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
LIST-DAEMON COMMAND {{ DIGEST MODE FLAG TRUE TOGGLE }} STOP END
--
Our capacity for understanding is inversely proportional
to how much we think we know.
Set the controls for the heart of the sun.
LIST-DAEMON COMMAND {{ DIGEST MODE FLAG TRUE TOGGLE }} STOP END
--
Our capacity for understanding is inversely proportional
to how much we think we know.
Set the controls for the heart of the sun.
DUL-type RBLs anyway. some mail-server operators do not want
to receive mail direct from dynamic IP addresses. it's their server,
their choice.
craig
PS: actually, the only other thing you could do is set firewall rules
blocking inbound tcp port 25. if your mail server is the primary MX f
On 13Nov26:1437-0500, Mark Haase wrote:
> Therefore, a Linux distribution has 2 choices: (1) wait for upstream
> patches for bugs/vulnerabilities as they are found, or (2) recompile all
> packages with optimizations disabled. I don't think proposal #2 would get
> very far...
Well, there's always
On 13Nov26:1545-0500, David L. Craig wrote:
> On 13Nov26:1437-0500, Mark Haase wrote:
>
> > Therefore, a Linux distribution has 2 choices: (1) wait for upstream
> > patches for bugs/vulnerabilities as they are found, or (2) recompile all
> > packages with optimizations
On 13Nov27:2356+1100, Scott Ferguson wrote:
> On 27/11/13 23:37, David L. Craig wrote:
> > On 13Nov27:1423+1100, Scott Ferguson wrote:
> >
> >> On 27/11/13 13:49, David L. Craig wrote:
> >
> >>> On 13Nov26:1545-0500, David L. Craig wrote:
> >
Davy Gigan wrote:
> Try to execute a csh script without this command present in your path,
> it won't work very well ;-)
> Maybye it should be a symbolic link to /usr/bin/test ?
>
> #!/bin/csh
> [ -d /bin ] && echo cool ;
Actually, this is classic Bourne shell syntax--the [ hard
link to test go
Davy Gigan wrote:
> Try to execute a csh script without this command present in your path,
> it won't work very well ;-)
> Maybye it should be a symbolic link to /usr/bin/test ?
>
> #!/bin/csh
> [ -d /bin ] && echo cool ;
Actually, this is classic Bourne shell syntax--the [ hard
link to test goe
ozymandias G desiderata [really?] wrote:
> Of course, this would be a different story if the web of trust were in
> more common usage, but it's not, outside of debian-maintainers and
> some small klatches of die-hard cypherpunks, some of whom are too
> paranoid to admit who they know anyway.
Besi
84 matches
Mail list logo
