-- Forwarded message -
От: Roman
Date: вс, 22 янв. 2023 г., 19:47
Subject: How to get 100% secure debian system?
To:
Hello. I'm a Windows 10 user. Unfortunately, I've used a lot of cracked
programs in the past. I want to switch to debian and use only legal
software.
Hello. I'm a Windows 10 user. Unfortunately, I've used a lot of cracked
programs in the past. I want to switch to debian and use only legal
software. I want to write debian netinst to a flash drive. Is it possible
that the distribution on the flash drive will be hacked through a Trojan or
the sourc
Ups, my apologies. You're completely right. I meant "remote access with
apache user rights".
-R
> On Saturday, 2003-11-01 at 11:03:16 +0100, [EMAIL PROTECTED] wrote:
>
>> - the bug is quite serious (local root, at minimun)
>
> I wonder how a user would obtain root priviledges by overrunning an
>
> On Fri, Oct 31, 2003 at 06:06:15PM +0100, Roman Medina wrote:
>
>> My opinion is that if a security bug is discovered it should be fixed
>> ASAP. It's really simple. The argument: "We believe that there is no
>> security update required because intentionall
> On Fri, Oct 31, 2003 at 06:06:15PM +0100, Roman Medina wrote:
>
>> My opinion is that if a security bug is discovered it should be fixed
>> ASAP. It's really simple. The argument: "We believe that there is no
>> security update required because intentionall
Ups, my apologies. You're completely right. I meant "remote access with
apache user rights".
-R
> On Saturday, 2003-11-01 at 11:03:16 +0100, [EMAIL PROTECTED] wrote:
>
>> - the bug is quite serious (local root, at minimun)
>
> I wonder how a user would obtain root priviledges by overrunning an
>
unsubscribe [EMAIL PROTECTED]
Roman Meisinger
Siemens AG
ICN M TD15
Tel: 44247
E:Mail: [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ed to post this too - if you mean the Match directive. but then i saw,
that match currently works for POST authentication directives like
x-forwarding.
from the man-page of sshd_config:
Available keywords are AllowTcpForwarding, ForceCommand, GatewayPorts,
PermitOpen, X11DisplayOffset, X11Forwardi
respond to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
respond to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
respond to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
respond to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
s in
my apache error-logs and this happened only recently (this week) so I
probably have reasons to be scared... or not?
Saludos,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
t happen if someone has discovered a
different attack vector for the *same* bug? Should we wait for this
event to occur? Not really a good idea...
Regards,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
On Thu, 30 Oct 2003 14:
Is there any official or non-official .deb package with a chrooted
apache distro? Any related project?
Thanks.
Saludos,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
s in
my apache error-logs and this happened only recently (this week) so I
probably have reasons to be scared... or not?
Saludos,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
--
To UNSUBSCRIBE, email to [EMAIL PROT
t happen if someone has discovered a
different attack vector for the *same* bug? Should we wait for this
event to occur? Not really a good idea...
Regards,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
On Thu, 30 Oct 2003 14:
Is there any official or non-official .deb package with a chrooted
apache distro? Any related project?
Thanks.
Saludos,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED
unsubscribe [EMAIL PROTECTED]
Roman Meisinger
Siemens AG
ICN M TD15
Tel: 44247
E:Mail: [EMAIL PROTECTED]
-Original Message-
From: Thijs Kinkhorst
Sent: Wednesday, August 22, 2012 12:57 PM
To: debian-security-annou...@lists.debian.org
Subject: [sb] [SECURITY] [DSA 2532-1] libapache2-mod-rpaf security update
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- ---
Jsem mimo kancelář do 26.08.2013.
V dobe od 12.8.-23.8.2013 cerpam dovolenou a jsem mimo kancelar. V nutnych
pripadech me kontaktujte na tel. c. 605 802 892.
S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu "[SECURITY] [DSA
2738-1] ruby1.9.1 security u
to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
respond to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
ther fixed packages...
deb http://debian.linux-systeme.com unstable main
(it's from the maintainer of the 2.2 kernel series, i guess"
- is it planned to release *official* Sid's fixed-glibc packages?
Thanks in advance for your clarifications.
Regards,
-Roman
--
To UNSUBSCRIBE, email to
w CONNECTs to all ports?
If you want to permit HTTPS, you have to allow CONNECT to (at least)
443/tcp. So it's easy to tunnel through that port and get a "clean"
internet connection.
I don't know of any solution (level 7 filtering, etc) able to defeat this
kind of tricks.
; For Layer-7 filtering, you could check
>
> Application Layer Packet Classifier for Linux:
> http://l7-filter.sourceforge.net/
>
> Kernel Iptables Layer 7: http://l7-filter.sourceforge.net/HOWTO-kernel
>
>
>
> On Dec 14, 2007 6:53 PM, Roman Medina-Heigl Hernand
How does Bluecoat deal with the fact that HTTPS connections are secured
point-to-point? If Bluecoat (or whatever) does some kind of MITM, client
browser would detect it and HTTPS would be broken. I still don't get the
point...
Cheers,
-Roman
Jonas Andradas escribió:
> Hello Roman,
>
Hi,
Someone working on a fixed .deb for this?
http://www.openwall.com/lists/oss-security/2018/03/17/2
--
Saludos,
-Román
Hi security-fellows,
I applied recent rssh security updates to Debian 8 (jessie) and I
noticed that it breaks Synology's "Hyper backup" tool (with rsync method).
The relevant log lines at my Debian server:
Feb 10 03:28:21 roman rssh[19985]: cmd 'rsync' approved
Feb 10
x27;s "Hyper backup" tool (with rsync method).
>>>
>>> Feb 10 03:28:21 roman rssh[19985]: cmd 'rsync' approved
>>> Feb 10 03:28:21 roman rssh[19985]: insecure rsync options in rsync
>>> command line!
>>> Feb 10 03:28:21 roman rssh[199
El 18/02/2019 a las 18:27, Russ Allbery escribió:
> While I agree that using undocumented features of rsync is a little
> dubious, I'm also willing to include a fix to allow the specific command
> line "rsync --server --daemon " since (a) it seems to be safe, (b)
> looks easy enough to do, and (c)
El 19/02/2019 a las 4:16, Russ Allbery escribió:
> Unfortunately, I took a closer look, and it turns out that this command
> was never safe. It also allows arbitrary code excution on the server
> side if the client can write to $HOME. This is because:
>
>--config=FILE
> This specif
El 19/02/2019 a las 17:44, Russ Allbery escribió:
> Roman Medina-Heigl Hernandez writes:
>
> So you cannot overwrite /home/synology/rsyncd.conf.
> Can the client just do:
>
> rsync rsyncd.conf :./
>
You're right, I was wrong. It's game over :)
> I think to
Hi,
I upgraded from Jessie to Buster (thru Stretch) and noticed that Cyrus
(imaps & pop3s) stopped negotiating TLS 1.0 and 1.1 protocols (I know
they're not recommended but I need them for older clients). I tried
several combinations of tls_ciphers and tls_versions in /etc/imapd.conf
(even very pe
:
> MinProtocol = None
> CipherString = DEFAULT
> To:
> /etc/ssl/openssl.cnf
>
> Regards,
>
> Alberto
>
> On Fri, May 08, 2020 at 09:07:31PM +0200, Roman Medina-Heigl Hernandez wrote:
>> Hi,
>>
>> I upgraded from Jessie to Buster (thru Stretch) and n
Wow, it works! Thank you!
" Has server cipher order? yes (OK) -- TLS 1.3 and below"
Cheers,
-r
El 09/05/2020 a las 21:53, Jonas Andradas escribió:
> Hi Roman,
>
> Did you try with the following in imapd.conf?
>
> |tls_prefer_server_ciphers: 1|
>
> Regards,
ty fix in the news section
(which is good), but again news are being rotated and sooner or later
the announcement will disappear (and you're mixing news of different
nature with security stuff). This was (and is) my standpoint.
Saludos,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
ese announcements to security lists (at least, Bugtraq). I'm not a
developper but this is exactly what I usually do if I discover a
security related bug in any piece of software.
Saludos,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
Hello,
Have you seen this?
http://seclists.org/bugtraq/2009/Mar/0187.html
I'm wondering:
1) Is Alberto going to release updated (no official) packages?
(http://etc.inittab.org/~agi/debian/libapache-mod-security2)
2) When will mod-security be re-incorporated to Debian? ETA? I think
license issues
40 matches
Mail list logo
