Hi guys,
@ the moment I'm working on securing a web-server. I installed Nessus to
know where to start from with the big problems. Seems like Nessus thinks
that one of the biggest problem is webmin? Can anybody tell me some
experiences? Is there a possibility to further restrict, or replace some
pa
On Sun, 06 Apr 2003 09:09:47 -0500
"Thomas H. George,,," <[EMAIL PROTECTED]> wrote:
> I have read Security-Quickstart-HOWTO.
>
> I believe my home network has been compromised (my daughter received
> returned emails she neversent) and plan to take drastic action. The
> network consists of DSL
%% "Thomas H. George,,," <[EMAIL PROTECTED]> writes:
thg> I believe my home network has been compromised (my daughter received
thg> returned emails she neversent)
Note that this is a _very_ common spam technique these days. They
disguise spam as rejected mail, because most mail filters, etc.
A few answers, but first a question: How do you know that your network
has definitely been compromised? If the only evidence you have is that
your daughter received returned emails she didn't send, how to you know
that someone didn't generate those emails elsewhere, spoofing her email
address and r
On Sun, Apr 06, 2003 at 09:09:47AM -0500, Thomas H. George,,, wrote:
> I have read Security-Quickstart-HOWTO.
>
> I believe my home network has been compromised (my daughter received
> returned emails she neversent) and plan to take drastic action. The
> network consists of DSL modem, a wireles
I have read Security-Quickstart-HOWTO.
I believe my home network has been compromised (my daughter received
returned emails she neversent) and plan to take drastic action. The
network consists of DSL modem, a wireless router and four computers. I
have no concerns about the family members and
I heard that Miquel van Smoorenburg wrote this on 30/10/00:
> Ah, way too big ...
>
(snip...)
>
> Compile with cc -s -o false -nostdlib false.c
>
[EMAIL PROTECTED]:~$ cc -s -o false -nostdlib false.c
false.c: In function `exit':
false.c:6: warning: function declared `noreturn' has a `return' st
In article <[EMAIL PROTECTED]>,
sena <[EMAIL PROTECTED]> wrote:
>I heard that Jonathan Markevich wrote this on 29/10/00:
>
>> However, writing one in C proved to be simple, and an afternoon's worth
>> of fun.
>>
>--(snip - false.c)--
> int main() { return 1; }
>--(snip - false.c)--
>10 seco
On Mon, 30 Oct 2000, sena wrote:
> I heard that Jonathan Markevich wrote this on 29/10/00:
>
> > 32 bytes, huh? 24 for your source above (with spaces). Might as well
> > compile it yourself.
> >
> Or, as in C the return type of a function defaults to int, we could write:
> main(){return 1;
I heard that Jonathan Markevich wrote this on 29/10/00:
> Only 3 minutes of fun? Disappointing. You've gone and blown the rest of
> the afternoon. Read through it, make it funnier. Imagine it in Perl. Or
> Befunge. Or my favorite, Rube. (extra points if you use the "weasel" -- I
> believe i
On Sun, Oct 29, 2000 at 11:50:18PM +, sena wrote:
> I heard that Jonathan Markevich wrote this on 29/10/00:
> > However, writing one in C proved to be simple, and an afternoon's worth
> > of fun.
> >
> --(snip - false.c)--
> int main() { return 1; }
> --(snip - false.c)--
> 10 seconds w
I heard that Jonathan Markevich wrote this on 29/10/00:
> However, writing one in C proved to be simple, and an afternoon's worth
> of fun.
>
--(snip - false.c)--
int main() { return 1; }
--(snip - false.c)--
10 seconds writing plus 3 minutes worth of fun is more like it... :)
> Oh writi
On Sat, Oct 28, 2000 at 03:20:15PM -0700, kmself@ix.netcom.com wrote:
> > also, i noticed that some accounts which are disabled are given a shell of
> > /bin/false:
> >
> > ftp:x:100:65534::/home/ftp:/bin/false
> >
> > tiger seemed to hate this too. i tried playing around with /bin/false.
>
On Sat, Oct 28, 2000 at 08:36:47PM +0200, Robert Waldner wrote:
> On Sat, 28 Oct 2000 10:06:56 PDT, Peter Jay Salzman writes:
> >also, i noticed that some accounts which are disabled are given a shell of
> >/bin/false:
> >
> > ftp:x:100:65534::/home/ftp:/bin/false
> >
> >tiger seemed to hate th
on Sat, Oct 28, 2000 at 10:06:56AM -0700, Peter Jay Salzman ([EMAIL PROTECTED])
wrote:
> also, i noticed that some accounts which are disabled are given a shell of
> /bin/false:
>
> ftp:x:100:65534::/home/ftp:/bin/false
>
> tiger seemed to hate this too. i tried playing around with /bin/
On Sat, 28 Oct 2000 10:06:56 PDT, Peter Jay Salzman writes:
>also, i noticed that some accounts which are disabled are given a shell of
>/bin/false:
>
> ftp:x:100:65534::/home/ftp:/bin/false
>
>tiger seemed to hate this too. i tried playing around with /bin/false.
>can't seem to figure out w
i just installed a host security checker, tiger (TARA?) which is more or
less along the lines of what i remember from dan farmer's COPS (a lng
time ago!)
it had a number of complaints about accounts which were disabled but had
valid shells. like this one:
www-data:x:33:33:www-data:/v
> What I was looking for was any potential secuity risks that exist in the
> default setup of Debian 1.3.1.*.
http://www.debian.org/security.html
(this lists all security problems. As far as I'm aware, all have been
fixed in bo-updates).
On the other hand, probably the only way to get your syste
On Tue, 21 Oct 1997, Shaleh wrote:
> I am setting up a server to allow our customers shell access. I want
> this sucker to be air-tight. We have a few hacker/phreaker wannabes.
> Any suggestions?
>
1: Tripwire. (I've never used it myself, but everything I hear about it
sounds like you'd want t
What I was looking for was any potential secuity risks that exist in the
default setup of Debian 1.3.1.*.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
Shaleh wrote:
:I am setting up a server to allow our customers shell access. I want
:this sucker to be air-tight. We have a few hacker/phreaker wannabes.
:Any suggestions?
Depends on what kind of consulting fees you're willing to pay. :-P
I guess you could get a more positive response if you'd
I am setting up a server to allow our customers shell access. I want
this sucker to be air-tight. We have a few hacker/phreaker wannabes.
Any suggestions?
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
22 matches
Mail list logo
