Have you asked the ISP how many /etc/passwds (s)he has broken ... After
if, maybe, probably ... you can say anything. Talk as they say this side
of the Atlantic is CHEAP
On Tue, 18 Aug 1998 [EMAIL PROTECTED] wrote:
> I was having a discussion with my ISP about Linux. He said he uses
> Windows N
On Wed, 19 Aug 1998, Steve Lamb wrote:
> On Wed, 19 Aug 1998 13:21:37 -0500, the lone gunman wrote:
>
> >only to the Microsoft programmers. In my mind, it just seems that the
> >more folks there are looking at code, the better the chances of
> >discovering bugs, security concerns, etc.
>
>
On Wed, Aug 19, 1998 at 11:42:25AM -0700, Steve Lamb wrote:
> On Wed, 19 Aug 1998 13:21:37 -0500, the lone gunman wrote:
>
> >only to the Microsoft programmers. In my mind, it just seems that the
> >more folks there are looking at code, the better the chances of
> >discovering bugs, security conc
On Wed, 19 Aug 1998 13:21:37 -0500, the lone gunman wrote:
>only to the Microsoft programmers. In my mind, it just seems that the
>more folks there are looking at code, the better the chances of
>discovering bugs, security concerns, etc.
It is the glass half empty versus the glass half full
On Tue, Aug 18, 1998 at 11:46:43AM -0500, [EMAIL PROTECTED] wrote:
> I was having a discussion with my ISP about Linux. He said he uses
> Windows NT because it is much more secure than Linux. He stated
> that since the source code was available that it was very unsecure.
I have trouble with this
Stephen wrote,
> At work we have a setup like this...it "requires" that you "log in"
> to even use the computer.
> If you hit cancel (or esc) it denies acess...but...
> hit alt-esc and presto
> the login screen is still there but the task manager comes up...
> then you merrily goto "file->run"
On Wed, 19 Aug 1998, Chris wrote:
: On Tue, 18 Aug 1998, Steve Lamb wrote:
:
: > On Tue, 18 Aug 1998 23:27:40 -0500 (CDT), Nathan E Norman wrote:
: >
: > >No. The first two characters of the "Encrypted password" field are the
: > >"salt"; the plaintext password collected from loogin or wh
On Tue, 18 Aug 1998, Steve Lamb wrote:
> On Tue, 18 Aug 1998 23:27:40 -0500 (CDT), Nathan E Norman wrote:
>
> >No. The first two characters of the "Encrypted password" field are the
> >"salt"; the plaintext password collected from loogin or wherever is
> >crypted using that salt, and the result
On Tue, 18 Aug 1998 23:27:40 -0500 (CDT), Nathan E Norman wrote:
>No. The first two characters of the "Encrypted password" field are the
>"salt"; the plaintext password collected from loogin or wherever is
>crypted using that salt, and the result compared to the entire field.
Hrm, guess thin
On Tue, 18 Aug 1998, Steve Lamb wrote:
: On Tue, Aug 18, 1998 at 09:43:13PM -0500, Nathan E Norman wrote:
: > However, let's assume someone grabs a copy of your /etc/passwd file, and
: > you aren't using shadow passwords. All is not lost (yet). See, you
: > can't decrypt the information stor
On Tue, Aug 18, 1998 at 11:22:37PM +, George R wrote:
> On 08/18/98 at 11:13 PM, [EMAIL PROTECTED] said:
>
> On Tue, 18 Aug 1998, George R wrote:
>
> >> I know you are talking about NT vs Linux; but does anyone know how well
> >> Win95 password protection works? It doesn't the morons made th
At 11:22 PM 8/18/1998 +, you wrote:
>On 08/18/98 at 11:13 PM, [EMAIL PROTECTED] said:
>
>On Tue, 18 Aug 1998, George R wrote:
>
>>> I know you are talking about NT vs Linux; but does anyone know how well
>>> Win95 password protection works? It doesn't the morons made the default
>>> configurat
On Tue, Aug 18, 1998 at 09:43:13PM -0500, Nathan E Norman wrote:
> However, let's assume someone grabs a copy of your /etc/passwd file, and
> you aren't using shadow passwords. All is not lost (yet). See, you
> can't decrypt the information stored on disk - your plaintext password
> is encrypted
On 08/18/98 at 11:13 PM, [EMAIL PROTECTED] said:
On Tue, 18 Aug 1998, George R wrote:
>> I know you are talking about NT vs Linux; but does anyone know how well
>> Win95 password protection works? It doesn't the morons made the default
>> configuration one where all the invader has to do is hit
In my experiance the only thing that happens when you press escape at the
login screen is some machines on the network won't be visable/accesable
On Tue, 18 Aug 1998, George R wrote:
> On 08/18/98 at 11:46 AM, [EMAIL PROTECTED] said:
>
> >I was having a discussion with my ISP about Linux. He sa
On 08/18/98 at 11:46 AM, [EMAIL PROTECTED] said:
>I was having a discussion with my ISP about Linux. He said he uses
>Windows NT because it is much more secure than Linux. He stated that
>since the source code was available that it was very unsecure. He
>mentioned something about attaining root
On Tue, Aug 18, 1998 at 11:46:43AM -0500, [EMAIL PROTECTED] wrote:
> I was having a discussion with my ISP about Linux. He said he uses
> Windows NT because it is much more secure than Linux. He stated that
> since the source code was available that it was very unsecure. He mentioned
> someth
On Tue, 18 Aug 1998 [EMAIL PROTECTED] wrote:
: I was having a discussion with my ISP about Linux. He said he uses
: Windows NT because it is much more secure than Linux. He stated that
: since the source code was available that it was very unsecure. He
: mentioned something about attaining
On Tue, 18 Aug 1998 [EMAIL PROTECTED] wrote:
> I was having a discussion with my ISP about Linux. He said he uses
> Windows NT because it is much more secure than Linux. He stated that
> since the source code was available that it was very unsecure. He
This is known as 'security through obscu
>I was having a discussion with my ISP about Linux. He said he uses Windows NT
>because it is much more secure than Linux. He stated that since the source
>code was available that it was very unsecure. He mentioned something about
That is apparently a VERY wrong statement. Just because
the so
-BEGIN PGP SIGNED MESSAGE-
Clearly, you were speaking with a Junior Level individual.
Call back and ask for Second Level Support next time. :-)
- - Kyle
On Tue, 18 Aug 1998 [EMAIL PROTECTED] wrote:
> I was having a discussion with my ISP about Linux. He said he uses
> Windows NT becau
On Fri, 17 Jul 1998, Carlos Barros wrote:
> On Fri, 17 Jul 1998, Cougar wrote:
>
> > > try changing only the line that start the bind daemon eg:
> > >
> > > chroot /chroot-dns/ /bin/named
> >
> > What this chroot gives You? Actually this is protection against simple
> > exec("/bin/s
On Fri, 17 Jul 1998, Cougar wrote:
> > try changing only the line that start the bind daemon eg:
> >
> > chroot /chroot-dns/ /bin/named
>
> What this chroot gives You? Actually this is protection against simple
> exec("/bin/sh") but every cracker may put chroot("/") before this and a
>On Tue, 14 Jul 1998, Carlos Barros wrote:
>
>> On Tue, 14 Jul 1998, cfb wrote:
>>
>> > The main problem seems to be with the way that debian starts bind
using
>> > the script /etc/init.d/bind. I thought it would be really neat to
just
>> > change the #!/bin/sh at the top of the script to so
On Fri, 17 Jul 1998, Cougar wrote:
> [mod: It is slightly less trivial than 'chroot("/")', but if you can
> execute arbitrary code as root, you can break out of the chrooted
> environment. --REW]
>
> My idea is to run named non-root UID/GID. As named needs to bind port 53
> which is below 1024 th
On Fri, Jul 17, 1998 at 11:30:32AM +0300, Cougar wrote:
> What this chroot gives You? Actually this is protection against simple
> exec("/bin/sh") but every cracker may put chroot("/") before this and all
> the protection is destroyed.
>
> [mod: It is slightly less trivial than 'chroot("/")', but
-BEGIN PGP SIGNED MESSAGE-
Cougar wrote:
>
> On Tue, 14 Jul 1998, Carlos Barros wrote:
>
> > On Tue, 14 Jul 1998, cfb wrote:
> >
> > > The main problem seems to be with the way that debian starts bind using
> > > the script /etc/init.d/bind. I thought it would be really neat to just
>
Carlos Barros wrote:
> On Tue, 14 Jul 1998, cfb wrote:
>
> > The main problem seems to be with the way that debian starts bind using
> > the script /etc/init.d/bind. I thought it would be really neat to just
> > change the #!/bin/sh at the top of the script to something like :
> >#!/u
On Tue, 14 Jul 1998, Carlos Barros wrote:
> On Tue, 14 Jul 1998, cfb wrote:
>
> > The main problem seems to be with the way that debian starts bind using
> > the script /etc/init.d/bind. I thought it would be really neat to just
> > change the #!/bin/sh at the top of the script to somethin
Stefan Petters:
> just found this on linux--security.
>
> Seems to be contained in your tar--files for Debian as well. I don't
> want such things on my machines. I think, this Package can't be on a
> serious Debian--Distribution. I know, you can't keep an eye on
> everything, but if such things ar
30 matches
Mail list logo
