Re: PAM support on potato

n is more complicated and you should really understand fully what you're doing before you construct a login pam config. But suffice it to say that pam_ldap does work atleast for auth and account. -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love onc

Re: PAM support on potato

is is probably fixed in the more recent versions, I haven't checked. Anyway, I wanted to use salted SHA and that wasn't supported at all. If anyone has a working pam_ldap married to cracklib pam configuration for potato, I'd be interested in seeing it. -- Jamie Heilman

Re: nss-ldap security bug

Don't race to install 110-3, it has unresolved symbols. See bug #76018 -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way way without saying squat and now you're trying to tell me a '56 Chevy can beat a '47 Buick in a de

Re: nss-ldap security bug

The libnns-ldap 122-1 update made it into r1 without ever having an official Security Alert announcement, I dunno how big of a deal this is, but I figured I should dredge it up incase it needed be addressed officially. Anyone? -- Jamie Heilman http://audible.transient.net

Re: nss-ldap security bug

> I know, it's on the list of things to do. Since it's already in there it > has a lower priority then fixing things that don't have a fix yet > though. Thats cool, it hasn't been compiled for alpha yet either so I guess there's still work to be done. -- Ja

SmartList sucks was Re: [OT] unsubscribe

ists already deployed. -- Jamie Heilman http://audible.transient.net/~jamie/ "Paranoia is a disease unto itself, and may I add, the person standing next to you may not be who they appear to be, so take precaution." -Sathington Willoughby

Re: unknown udp port

meone please > confirm that? Yeah, that sounds like BIND. http://cr.yp.to/djbdns/forgery.html -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love once -- a Sinclair ZX-81. People said, "No, Holly, she's not for you." She was cheap, she was stu

Re: Removing stupid HTTP methods from Apache

nothing in apache (1.3 anyway) will service those by default. Otherwise, yeah, Limit and LimitExcept are the directives you're interested in. -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love once -- a Sinclair ZX-81. People said, "No, Holly,

Re: Where to install the firewall scripts

my script (which I wrote a long time ago and don't have anymore). Anyway, you get the idea. -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way, without saying squat, and now you're trying to tell me a '56 Chevy can beat a '47 Bui

Re: NIS(Client && Server) + Security

best tool for the job. (IMO, NIS is almost never the best tool in homogenous linux environments.) -- Jamie Heilman http://audible.transient.net/~jamie/ "Most people wouldn't know music if it came up and bit them on the ass." -Frank Zappa

Re: NIS(Client && Server) + Security

hose of you who tend and nurture your myopic little hatred of djb like its some kind of 100 year old bonsai), etc. And they don't crash every few days for no reason. -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way, without saying squat, and n

Re: BCC fields shown

ram in exim ?? Maybe, or maybe the proper flags simply aren't being passed to your local injection program to tell it to abide by the behavior you expect. -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love once -- a Sinclair ZX-81. People said, &quo

Re: Cross site tracing and apache

Emmanuel Lacour wrote: > Is there someone having information about this web vulnerability, goals > and risks and how to disable it? google There's plenty of discussion out there on why this "vulnerability" isn't. -- Jamie Heilman http://audible.trans

Re: Bug severity for substantial DoS vulnerability

ell, which I guess earns it a bonus point. -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way, without saying squat, and now you're trying to tell me a '56 Chevy can beat a '47 Buick in a dead quarter mile? I liked you better when you weren't saying squat kid." -Buddy

Re: Secure remote syslogging?

Litzler Mihaly wrote: > How do you think switching a separate VLAN for this would be also secure > enough? Is it a must to use a dedicated device? Switching is done for speed, not security.

Re: OpenSSH and debian?

Phillip Hofmeister wrote: > The same information can be gathered from your MTA (if you are > running one) by doing an RCPT TO: and then an RSET. This is not universally true and is generally a matter of how the MTA is configured. -- Jamie Heilman http://audible.transie

Re: rpc.mountd

ned by the portmapper. > and the second is about the apache sever, how can i disable http > trace ? thanks.. use google http://www.apacheweek.com/issues/03-01-24 Neither of these provide any additional security, why exactly do you think they are necessary? -- J

Re: rpc.mountd

t finding those high ports... But, just pushing the port numbers down below 1024 won't solve anything. You're much better off filtering traffic to those ports with ipfilter and backing that up with a good tcp_wrappers configuration. -- Jamie Heilman http://audible.t

Re: apache

date string could be used only > for file creation after apache process receives SIGUSR1. Grab the cronolog package, its easier and less intrusive. -- Jamie Heilman http://audible.transient.net/~jamie/ "We must be born with an intuition of mortality. Before we kn

Re: apache

ites, why not read the fine manual: http://httpd.apache.org/docs/logs.html -- Jamie Heilman http://audible.transient.net/~jamie/ "Most people wouldn't know music if it came up and bit them on the ass." -Frank Zappa

Re: pam doesn't see nis

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=204711

Re: Known vulnerabilities left open in Debian?

nerability that can cause a system compromise in a popular package. -- Jamie Heilman http://audible.transient.net/~jamie/ "Paranoia is a disease unto itself, and may I add, the person standing next to you may not be who they

SmartList sucks was Re: [OT] unsubscribe

ists already deployed. -- Jamie Heilman http://audible.transient.net/~jamie/ "Paranoia is a disease unto itself, and may I add, the person standing next to you may not be who they appear to be, so take precaution." -Sathington

Re: unknown udp port

meone please > confirm that? Yeah, that sounds like BIND. http://cr.yp.to/djbdns/forgery.html -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love once -- a Sinclair ZX-81. People said, "No, Holly, she's not for you." She was cheap, she was stu

Re: Removing stupid HTTP methods from Apache

nothing in apache (1.3 anyway) will service those by default. Otherwise, yeah, Limit and LimitExcept are the directives you're interested in. -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love once -- a Sinclair ZX-81. People said, "No, Holly,

Re: Where to install the firewall scripts

my script (which I wrote a long time ago and don't have anymore). Anyway, you get the idea. -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way, without saying squat, and now you're trying to tell me a '56 Chevy can beat a '47 Bui

Re: NIS(Client && Server) + Security

best tool for the job. (IMO, NIS is almost never the best tool in homogenous linux environments.) -- Jamie Heilman http://audible.transient.net/~jamie/ "Most people wouldn't know music if it came up and bit them on the ass."

Re: NIS(Client && Server) + Security

hose of you who tend and nurture your myopic little hatred of djb like its some kind of 100 year old bonsai), etc. And they don't crash every few days for no reason. -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way, without saying squat, and n

Re: BCC fields shown

ram in exim ?? Maybe, or maybe the proper flags simply aren't being passed to your local injection program to tell it to abide by the behavior you expect. -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love once -- a Sinclair ZX-81. People said, &quo

Re: Cross site tracing and apache

Emmanuel Lacour wrote: > Is there someone having information about this web vulnerability, goals > and risks and how to disable it? google There's plenty of discussion out there on why this "vulnerability" isn't. -- Jamie Heilman http://audible.trans

Re: apache

date string could be used only > for file creation after apache process receives SIGUSR1. Grab the cronolog package, its easier and less intrusive. -- Jamie Heilman http://audible.transient.net/~jamie/ "We must be born with an intuition of mortality. Before we kn

Re: apache

ites, why not read the fine manual: http://httpd.apache.org/docs/logs.html -- Jamie Heilman http://audible.transient.net/~jamie/ "Most people wouldn't know music if it came up and bit them on the ass." -Frank Zappa

Re: pam doesn't see nis

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=204711 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Known vulnerabilities left open in Debian?

nerability that can cause a system compromise in a popular package. -- Jamie Heilman http://audible.transient.net/~jamie/ "Paranoia is a disease unto itself, and may I add, the person standing next to you may not be who they

Re: PAM support on potato

n is more complicated and you should really understand fully what you're doing before you construct a login pam config. But suffice it to say that pam_ldap does work atleast for auth and account. -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love onc

Re: PAM support on potato

is is probably fixed in the more recent versions, I haven't checked. Anyway, I wanted to use salted SHA and that wasn't supported at all. If anyone has a working pam_ldap married to cracklib pam configuration for potato, I'd be interested in seeing it. -- Jamie Heilman

Re: nss-ldap security bug

Don't race to install 110-3, it has unresolved symbols. See bug #76018 -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way way without saying squat and now you're trying to tell me a '56 Chevy can beat a '47 Buick in a dead q

Re: nss-ldap security bug

The libnns-ldap 122-1 update made it into r1 without ever having an official Security Alert announcement, I dunno how big of a deal this is, but I figured I should dredge it up incase it needed be addressed officially. Anyone? -- Jamie Heilman http://audible.transient.net

Re: nss-ldap security bug

> I know, it's on the list of things to do. Since it's already in there it > has a lower priority then fixing things that don't have a fix yet > though. Thats cool, it hasn't been compiled for alpha yet either so I guess there's still work to be done. -- Ja

Re: Strange logs for connection

LL: spawn (mail -s "%s access attempt from %h" This is an nmap on my serveur If you don't need it, don't run it. Try identifying all the processes which are using those ports using "lsof" and "netstat -taup" anything you don't need you should disable.

Re: glibc LD_PRELOAD

IL PROTECTED] (/dev/pts/4) at 13:21 ... hrmmm polyphony:~# I have no idea if this has further reaching consequences, but ldd didn't used to actually execute the programs you ran it on. This seems to only affect sgid applications. -- Jamie Heilman http://audible.

Re: Send a mail

> Well, I can't tell you how to change the 'from' entry in your MTA. man qmail-inject at any rate none of this is security related -jamie

Re: Debian or Linux 7???

han Redhat is no more secure than Solaris is no more secure than OpenBSD. We could make a lot of vague generalizations about default setup and what-not but its really just a waste of time. If you don't want to be hacked, learn how to prevent it. -- Jamie Heilman http://aud

Re: OpenSSH and CVS

s pretty picky about those things, where unix clients aren't. For example a good CVSROOT is :ext:mycvsserver:/mycvs/root/path where as a bad one which will almost certainly make wincvs choke (these get stored in the CVS control files remember) is [EMAIL PROTECTED]:/mycvs/root/path. -- Jamie He

Re: Wrong DNS configuration. Which?

pening. It might be spam, it might be a misconfiguration on their end. -- Jamie Heilman http://audible.transient.net/~jamie/ "We must be born with an intuition of mortality. Before we know the words for it, before we know there are words, out we come bloodied and squ

Re: NTP security

evel, which is unfortunate. You can at the protocol level however. Get the NTP documentation and read about the authentication options and the access control options. To control access at the transport level you will have to use firewalling rules. -- Jamie Heilman http://audible

Re: NTP security

Rishi L Khan wrote: > Maybe use tcp wrappers? That's how I'd do it. Nope, ntpd doesn't link against libwrap and can't be run out of inetd. -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love once -- a Sinclair ZX-81. People said,

Re: NTP security

use tcp instead of udp ? No, UDP is intrinsic to how NTP works. -- Jamie Heilman http://audible.transient.net/~jamie/ "Paranoia is a disease unto itself, and may I add, the person standing next to you may not be who they appear t

Re: NTP security

ata transfer over TCP but its not generally needed during normal operation. At any rate, it couldn't be done without modifiing the code, and finding somebody else to peer with who also had a modified server. -- Jamie Heilman http://audible.transient.net/~jamie/ &quo

Re: NTP security

subject of securing NTP, has anyone gotten the autokey stuff to work the version of ntpd in stable? -- Jamie Heilman http://audible.transient.net/~jamie/ "...thats the metaphorical equivalent of flopping your wedding tackle into a lion's mouth and flicking his lovesp

Re: Ports to block?

ocol works over TCP however, so if you're acting as a master you may have to open the tcp port to your slaves. Ofcourse if you're running BIND and you're concerned about security ... There are better servers than BIND and there are better ways to transfer zone information. --

Re: Logging practices (and why does it suck in Debian?)

ke to see is a facility logger that could collect logs like traditional syslog but then would let me hand them to something like multilog to be stored on disk. -- Jamie Heilman http://audible.transient.net/~jamie/ "We must be born with an intuition of mortality. Before we kno

Re: Logging practices (and why does it suck in Debian?)

x27;m all for it, especially if somebody else can figure out how to make logger that does reliable and perhaps secure network transport. -- Jamie Heilman http://audible.transient.net/~jamie/ "...thats the metaphorical equivalent of flopping your wedding tackle into a lion&#

Re: psuedonymity and apache

to /myphatmp3archive/ then don't log it. Even then you're probably screwed as your upstream could conceivably log the activity. If, on the other hand, you just want to display your log files to the world sans the detailed connection information, just post-process them and

Re: Lprng version question

rflow bug fixed * getttext NLSPATH security bug fixed. * spool_file_perms security bug fixed. * Added setuid Linux bug work-around. -- Craig Small <> Sun, 15 Oct 2000 15:42:02 -0500 -- Jamie Heilman http://audible.transient.net/~jamie/ "We must be born with an in

Re: proftpd exploit??

t; Any solution?? > > Resource limits on the ftp server process? Or a DenyFilter of \*.*/ as is recommended on the proftpd.org web site. http://www.proftpd.org/critbugs.html -- Jamie Heilman http://audible.transient.net/~jamie/ "...thats the metaphorical equivalen

Re: Bind stop working right.

dns enter unstable a few days ago and you can always snag djbdns from http://cr.yp.to/djbdns.html -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way way without saying squat and now you're trying to tell me a '56 Chevy can beat a '47

Re: rlinetd security

only unstable box actually needed inetd, and was only accessible from an internal network so I wasn't worried about inetd's underlying flaws wrt DoSability and lack of concurency limiting. If you use inetd on untrusted interface you are asking for pain, I thought that was fairly well un

Re: rlinetd security

till evangelize binary distro's and linux. -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love once -- a Sinclair ZX-81. People said, "No, Holly, she's not for you." She was cheap, she was stupid and she wouldn't load -- well, not for me, anyway." -Holly

Re: rlinetd security

rve large queries, otherwise, you don't need it dnscache uses port 53 both tcp and udp - its the caching resolver -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love once -- a Sinclair ZX-81. People said, "No, Holly, she

Re: rlinetd security

say there is no good reason *period* as I've been running several machines without a working inetd for a year or so now, simply don't have the need for it on most workstations in my situation. -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way

Re: Strange logs for connection

LL: spawn (mail -s "%s access attempt from %h" This is an nmap on my serveur If you don't need it, don't run it. Try identifying all the processes which are using those ports using "lsof" and "netstat -taup" anything you don't need you should disable.

Re: glibc LD_PRELOAD

@polyphony (/dev/pts/4) at 13:21 ... hrmmm polyphony:~# I have no idea if this has further reaching consequences, but ldd didn't used to actually execute the programs you ran it on. This seems to only affect sgid applications. -- Jamie Heilman http://audible.tra

Re: Send a mail

> Well, I can't tell you how to change the 'from' entry in your MTA. man qmail-inject at any rate none of this is security related -jamie -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Debian or Linux 7???

e than Redhat is no more secure than Solaris is no more secure than OpenBSD. We could make a lot of vague generalizations about default setup and what-not but its really just a waste of time. If you don't want to be hacked, learn how to prevent it. -- Jamie Heilman

Re: OpenSSH and CVS

s pretty picky about those things, where unix clients aren't. For example a good CVSROOT is :ext:mycvsserver:/mycvs/root/path where as a bad one which will almost certainly make wincvs choke (these get stored in the CVS control files remember) is user@mycvsserver:/mycvs/root/path. -- Jamie He

Re: Wrong DNS configuration. Which?

pening. It might be spam, it might be a misconfiguration on their end. -- Jamie Heilman http://audible.transient.net/~jamie/ "We must be born with an intuition of mortality. Before we know the words for it, before we know there are words, out we come bloodied and squ

Re: NTP security

evel, which is unfortunate. You can at the protocol level however. Get the NTP documentation and read about the authentication options and the access control options. To control access at the transport level you will have to use firewalling rules. -- Jamie Heilman http://audible

Re: NTP security

Rishi L Khan wrote: > Maybe use tcp wrappers? That's how I'd do it. Nope, ntpd doesn't link against libwrap and can't be run out of inetd. -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love once -- a Sinclair ZX-81. People said,

Re: NTP security

use tcp instead of udp ? No, UDP is intrinsic to how NTP works. -- Jamie Heilman http://audible.transient.net/~jamie/ "Paranoia is a disease unto itself, and may I add, the person standing next to you may not be who they appear t

Re: NTP security

ata transfer over TCP but its not generally needed during normal operation. At any rate, it couldn't be done without modifiing the code, and finding somebody else to peer with who also had a modified server. -- Jamie Heilman http://audible.transient.net/~jamie/ &quo

Re: NTP security

the subject of securing NTP, has anyone gotten the autokey stuff to work the version of ntpd in stable? -- Jamie Heilman http://audible.transient.net/~jamie/ "...thats the metaphorical equivalent of flopping your wedding tackle into a lion's mouth and flicking his love

Re: Ports to block?

ocol works over TCP however, so if you're acting as a master you may have to open the tcp port to your slaves. Ofcourse if you're running BIND and you're concerned about security ... There are better servers than BIND and there are better ways to transfer zone information. --

Re: Logging practices (and why does it suck in Debian?)

ke to see is a facility logger that could collect logs like traditional syslog but then would let me hand them to something like multilog to be stored on disk. -- Jamie Heilman http://audible.transient.net/~jamie/ "We must be born with an intuition of mortality. Before we kno

Re: Logging practices (and why does it suck in Debian?)

x27;m all for it, especially if somebody else can figure out how to make logger that does reliable and perhaps secure network transport. -- Jamie Heilman http://audible.transient.net/~jamie/ "...thats the metaphorical equivalent of flopping your wedding tackle into a lion&#

Re: psuedonymity and apache

to /myphatmp3archive/ then don't log it. Even then you're probably screwed as your upstream could conceivably log the activity. If, on the other hand, you just want to display your log files to the world sans the detailed connection information, just post-process them and

Re: Lprng version question

rflow bug fixed * getttext NLSPATH security bug fixed. * spool_file_perms security bug fixed. * Added setuid Linux bug work-around. -- Craig Small <> Sun, 15 Oct 2000 15:42:02 -0500 -- Jamie Heilman http://audible.transient.net/~jamie/ "We must be born with an in

Re: Bind stop working right.

w maradns enter unstable a few days ago and you can always snag djbdns from http://cr.yp.to/djbdns.html -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way way without saying squat and now you're trying to tell me a '56 Chevy can beat a &#x

Re: rlinetd security

only unstable box actually needed inetd, and was only accessible from an internal network so I wasn't worried about inetd's underlying flaws wrt DoSability and lack of concurency limiting. If you use inetd on untrusted interface you are asking for pain, I thought that was fairly well un

Re: rlinetd security

rve large queries, otherwise, you don't need it dnscache uses port 53 both tcp and udp - its the caching resolver -- Jamie Heilman http://audible.transient.net/~jamie/ "I was in love once -- a Sinclair ZX-81. People said, "No, Holly, she

Re: rlinetd security

say there is no good reason *period* as I've been running several machines without a working inetd for a year or so now, simply don't have the need for it on most workstations in my situation. -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way

Re: Using BIND in a chroot enviro?

en up your network further at all. -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way way without saying squat and now you're trying to tell me a '56 Chevy can beat a '47 Buick in a dead quarter mile? I liked you better when you wer

Re: Using BIND in a chroot enviro?

records over 512 bytes that will require tcp transport or not, or if you need to allow zone transfers to outside parties, so the question of if you need to allow 53/tcp is already decided, all you have to do is recognise that fact. -- Jamie Heilman http://audible.transient.net/~ja

Re: Using BIND in a chroot enviro?

seen The Big Lebowski) > > > 2. author write like "alle shit then my" > > > > Uh, sure. > > Whatever the quote means, I don't need *another* DJB-war barely a fortnight > after the last one. Aww, but they contain the same addictive chemical found in t

Re: Apache, mod_auth_pam, pam_krb4, and you

ich can bring more things to light. -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way way without saying squat and now you're trying to tell me a '56 Chevy can beat a '47 Buick in a dead quarter mile? I liked you better when you weren&#x

Re: snort 's logs go to /var/log/auth.log for some reason?

Dmitriy wrote: > How can I change this? man snort, note -s option man syslog.conf -- Jamie Heilman http://audible.transient.net/~jamie/ "...thats the metaphorical equivalent of flopping your wedding tackle into a lion's mouth and flicking his lovespuds wit

Re: Why do people do this? [Was fishingboat in root]

Jason Thomas wrote: > maybe ask the maintainer of the package to change it to something > meaningful! better yet, uninstall the package and boycott stupid behavior -- Jamie Heilman http://audible.transient.net/~jamie/ "It's almost impossible to overestimate

Re: crc32 compensation attack

Micah Anderson wrote: > Got what appears to be a "crc32 compensation attack in my logs today, > about 10 minutes worth of these types of messages should I be > worried? Should I laugh at this feable attempt to break in? Should I > gnaw my fingernails with my shotgun on my lap? heh, http://ww

Re: Exim mail

. He didn't use your root account, he used the nature of SMTP to trick you. http://rfc821.x42.com/ And no, you can't block telnet, unless you choose to not run a mail server at all. -- Jamie Heilman http://audible.transient.net/~jamie/ "Paranoia is a disease unto

Re: [2] Mailserver HDD organization

[EMAIL PROTECTED] wrote: > now i have tried postfix and exim and i like both. > But wich is more secure? any body some knowledge about that? postfix has a better, more security concious, design -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [E

Re: Un-installing inetd on Woody.

can I circumvent this problem? apt-get install equivs -- Jamie Heilman http://audible.transient.net/~jamie/ "Paranoia is a disease unto itself, and may I add, the person standing next to you may not be who they appear to be, so take precaution."

Re: Using BIND in a chroot enviro?

ur network further at all. -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way way without saying squat and now you're trying to tell me a '56 Chevy can beat a '47 Buick in a dead quarter mile? I liked you better when you weren't saying squat kid." -Buddy

Re: Using BIND in a chroot enviro?

rds over 512 bytes that will require tcp transport or not, or if you need to allow zone transfers to outside parties, so the question of if you need to allow 53/tcp is already decided, all you have to do is recognise that fact. -- Jamie Heilman http://audible.transient.net/~jamie

Re: Using BIND in a chroot enviro?

The Big Lebowski) > > > 2. author write like "alle shit then my" > > > > Uh, sure. > > Whatever the quote means, I don't need *another* DJB-war barely a fortnight > after the last one. Aww, but they contain the same addictive chemical found in t

Re: Apache, mod_auth_pam, pam_krb4, and you

ich can bring more things to light. -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way way without saying squat and now you're trying to tell me a '56 Chevy can beat a '47 Buick in a dead quarter mile? I liked you better when you weren't saying squat kid." -Buddy

Re: snort 's logs go to /var/log/auth.log for some reason?

Dmitriy wrote: > How can I change this? man snort, note -s option man syslog.conf -- Jamie Heilman http://audible.transient.net/~jamie/ "...thats the metaphorical equivalent of flopping your wedding tackle into a lion's mouth and flicking his lovespuds wit

Re: Why do people do this? [Was fishingboat in root]

Jason Thomas wrote: > maybe ask the maintainer of the package to change it to something > meaningful! better yet, uninstall the package and boycott stupid behavior -- Jamie Heilman http://audible.transient.net/~jamie/ "It's almost impossible to overestimate

Re: crc32 compensation attack

Micah Anderson wrote: > Got what appears to be a "crc32 compensation attack in my logs today, > about 10 minutes worth of these types of messages should I be > worried? Should I laugh at this feable attempt to break in? Should I > gnaw my fingernails with my shotgun on my lap? heh, http://www

Re: Exim mail

e didn't use your root account, he used the nature of SMTP to trick you. http://rfc821.x42.com/ And no, you can't block telnet, unless you choose to not run a mail server at all. -- Jamie Heilman http://audible.transient.net/~jamie/ "Paranoia is a disease unto

Re: [2] Mailserver HDD organization

[EMAIL PROTECTED] wrote: > now i have tried postfix and exim and i like both. > But wich is more secure? any body some knowledge about that? postfix has a better, more security concious, design

  1   2   >