On 2008-10-29 17:16, David Bernier wrote:
> I got an email today from a list that I never subscribed to. The message
> body and headers were
> refused by Debian Users list because of some Javascript. The end part
> appears below...
[snip quotation of spam mail]
This is a phenomenon called spam [1
> David Bernier wrote:
>>
>
> I got an email today from a list that I never subscribed to. The message
> body and headers were
> refused by Debian Users list because of some Javascript. The end part
> appears below...
Sounds like run-of-the-mill spam.
To run a secure system, it's important to be
> -Mensaje original-
> De: Osamu Aoki [mailto:[EMAIL PROTECTED]
> Enviado el: Miércoles, 29 de Octubre de 2008 08:53 a.m.
> Para: David Bernier
> CC: debian-user@lists.debian.org
> Asunto: Re: intrusion detection
>
> Hi,
>
> On Tue, Oct 28, 2008 at 0
ch caused to creaye such thing. ...
So I took a test-drive of Ubuntu 8.04 Live CD, and then did a complete
reinstall. Now, I'm using Ubuntu and the firestarter firewall.
I'd like to know about ideas for security, including for example
intrusion-detection systems.
If you are playing wi
Celejar escribió:
On Wed, 29 Oct 2008 22:00:30 +0630
David Bernier <[EMAIL PROTECTED]> wrote:
...
The Gnome system monitor now shows incoming traffic at 4 kB/sec every 20
seconds. Maybe
this is when my computer contacts an SNTP server ( simple network time
protocol).
Would a package
On Wed, 29 Oct 2008 22:00:30 +0630
David Bernier <[EMAIL PROTECTED]> wrote:
...
> The Gnome system monitor now shows incoming traffic at 4 kB/sec every 20
> seconds. Maybe
> this is when my computer contacts an SNTP server ( simple network time
> protocol).
>
> Would a package such as etherea
David Bernier escreveu:
> Would a package such as ethereal tell me what this traffic is?
>
Yes (and all other traffic happening in the machine).
There's also the netstat command, but if the connection is opened and
closed quickly it may be hard to catch it.
--
Eduardo M Kalinowski
[EMAIL PRO
ch caused to creaye such thing. ...
So I took a test-drive of Ubuntu 8.04 Live CD, and then did a complete
reinstall. Now, I'm using Ubuntu and the firestarter firewall.
I'd like to know about ideas for security, including for example
intrusion-detection systems.
If you are playi
mouse which caused to creaye such thing. ...
> So I took a test-drive of Ubuntu 8.04 Live CD, and then did a complete
> reinstall. Now, I'm using Ubuntu and the firestarter firewall.
>
> I'd like to know about ideas for security, including for example
> intrusion-detect
Douglas A. Tutty wrote:
On Tue, Oct 28, 2008 at 03:37:05PM +, Sam Kuper wrote:
2008/10/28 David Bernier <[EMAIL PROTECTED]>
I'd like to know about ideas for security, including for example
intrusion-detection systems.
I recently read Linux Fire
On Tue, Oct 28, 2008 at 03:37:05PM +, Sam Kuper wrote:
> 2008/10/28 David Bernier <[EMAIL PROTECTED]>
> >
> > I'd like to know about ideas for security, including for example
> > intrusion-detection systems.
> >
>
> I recently read Linux Firewal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> In the host-based category, I'm aware of two -- there's the
> samhain/yule/beltane family, which are really one intrustion
> detection apparatus. Samhain is the daemon that runs on the
> clients being monitored, yule is the server that maintains
Andrew Reid wrote:
On Tuesday 28 October 2008 11:25, David Bernier wrote:
Dear Debian users,
Now, I'm using Ubuntu and the firestarter firewall.
I'd like to know about ideas for security, including for example
intrusion-detection systems.
There are (at least) two kind
On Tuesday 28 October 2008 11:25, David Bernier wrote:
> Dear Debian users,
>
> Now, I'm using Ubuntu and the firestarter firewall.
>
> I'd like to know about ideas for security, including for example
> intrusion-detection systems.
There are (at least) two kinds
David Bernier wrote:
[ .. ]
I'd like to know about ideas for security, including for example
intrusion-detection systems.
Usually a properly configured iptables should do but if you want maybe
extra protection I guess you should start with snort.
--
en0f
--
To UNSUBSCRIBE,
2008/10/28 David Bernier <[EMAIL PROTECTED]>
>
> I'd like to know about ideas for security, including for example
> intrusion-detection systems.
>
I recently read Linux Firewalls <http://www.nostarch.com/firewalls_mr.htm> ,
and can recommend it. I'm sure there a
ask for that. Same sound from stereo playing Redbook format
audio CD
and the *.ogg file on the hard drive ...
So I took a test-drive of Ubuntu 8.04 Live CD, and then did a complete
reinstall. Now, I'm using Ubuntu and the firestarter firewall.
I'd like to know about ideas for se
Original Message
Subject: Re: intrusion detection / logfile reporter
Date: Sat, 10 Nov 2001 00:24:34 -0800 (PST)
From: Alvin Oga <[EMAIL PROTECTED]>
To: "Timo Boewing" <[EMAIL PROTECTED]>
CC: "Debian User (en)"
hi timo
i like to ask mor
hi timo
i like to ask more detailed stuff...
here's some simpler answers...
- as others have said, download and install logcheck or equivalent
-- Debian security howto
http://www.debian.org/doc/manuals/securing-debian-howto/
-- patch your kernel
- add libsafe, ow1, etc
"Timo Boewing" <[EMAIL PROTECTED]> writes:
> Stephen E. Hargrove wrote:
>
> > http://www.psionic.com/ has some good stuff - logcheck, portsentry
> > and
>
> > hostsentry.
> >
>
>
> Hello Stephen,
>
> Hey, that was *exactly* what i was looking for. When i have time, i
> will try these packages
Thus spake Timo Boewing:
>
> Hello all,
>
> I have some questions regarding system security. Besides of doing
> filtering with IP tables, disabling inet.d services like telnet, r-tools
> etc. and setting some general denials in /etc/hosts.deny (plus some
> other stuff like changing default po
Stephen E. Hargrove wrote:
http://www.psionic.com/ has some good stuff - logcheck, portsentry and
hostsentry.
Hello Stephen,
Hey, that was *exactly* what i was looking for. When i have time, i will
try these packages. When i am done, i will let the list know about my
experiences; if anyon
* Timo Boewing ([EMAIL PROTECTED]) spake thusly:
>
> Especially, I am looking for a not-too-paranoid-to-setup-tool that can
> review my logfiles and report me via beep and/or local mail that it
> found something unusual in a log. Does anyone know of such a tool?
http://www.psionic.com/ has som
Hello all,
I have some questions regarding system security. Besides of doing
filtering with IP tables, disabling inet.d services like telnet, r-tools
etc. and setting some general denials in /etc/hosts.deny (plus some
other stuff like changing default ports of some demons like sshd), I am
loo
On 4 Feb 2001, John Hasler wrote:
> mgriffa writes:
> > yes, I know, but is my home network, and I have no space for too many
> > monitors...
>
> Have you never heard of ssh?
>
Yes, I have to confess. It was a RH firewall, and now I'm migrating my
home net to debian, so I dedicated a total of les
mgriffa writes:
> yes, I know, but is my home network, and I have no space for too many
> monitors...
Have you never heard of ssh?
--
John Hasler
[EMAIL PROTECTED]
Dancing Horse Hill
Elmwood, Wisconsin
On Sat, 3 Feb 2001, Jonathan D. Proulx wrote:
> On Sat, Feb 03, 2001 at 08:47:26PM -0300, [EMAIL PROTECTED] wrote:
> :
> :It was already a dedicated firewall. The box runs telnetd (only for
> :192.168.1.x), squid and ipchains.
>
> telnetd on a firewall!
yes, I know, but is my home network, and I
replaced inetd for xinetd. took off services I didnt't use (It
>was left all default, as I installed in a rush), and now I'd like a good
>intrusion detection system.
snort works. ippl, portsentry are some good "pre-IDS"es...
> I'd like to hear about any
Jon:
--- "Jonathan D. Proulx" <[EMAIL PROTECTED]> wrote:
> On Sat, Feb 03, 2001 at 06:56:01PM -0800, Bill
> Barnes wrote:
> :
> :Take a look at www.coyotelinux.com.
> :My $50 16M 486 has been up since July 24/7.
> :
> :Bill
>
> Perhaps you meant to send this to the list?
>
Yes, thanks for rese
On Sat, Feb 03, 2001 at 06:56:01PM -0800, Bill Barnes wrote:
:
:Take a look at www.coyotelinux.com.
:My $50 16M 486 has been up since July 24/7.
:
:Bill
Perhaps you meant to send this to the list?
Pretty cool concept for a firewall box, config it, make a spare
floppy, if it gets cracked instant
On Sat, Feb 03, 2001 at 08:47:26PM -0300, [EMAIL PROTECTED] wrote:
:
:It was already a dedicated firewall. The box runs telnetd (only for
:192.168.1.x), squid and ipchains.
telnetd on a firewall!
OK, I know you said it only listens on the private net, but it still
sound like poor form to me.
If
On Sat, Feb 03, 2001 at 08:47:26PM -0300, [EMAIL PROTECTED] wrote:
>
> can I complete re-install with apt? or I have to do the boot from cd
> again?
boot from the CD, and erase all partitions, backup any data or config
files you wnat to keep but manually audit each and every file before
restoring
mgriffa writes;
> is there any way to full re-install the system from inside? like apt-get
If the machine has been cracked you cannot trust any executable on it
(including the kernel). You can salvage your data and your config files
(if you audit them). Fist thing to do is get the machine off th
ault, as I installed in a rush), and now I'd like a good
> intrusion detection system.
> I'd like to hear about any advices about not security (too wide)
> but tools to run in cron and which may be usefull for this kind of
> situations.
The other advise I have seen you get
On 3 Feb 2001, John Hasler wrote:
> mgriffa writes:
> > I just realized that someone entered my debian box with cablemodem. I
> > couldn't find anything in the logs,...
>
> Thereby demonstrating that the author of the script your script-kiddie used
> is not incompetent.
>
> > ...but the pump packa
ed.
> > I replaced inetd for xinetd. took off services I didnt't use (It
> > was left all default, as I installed in a rush), and now I'd like a good
> > intrusion detection system.
> > I'd like to hear about any advices about not security (too wide)
mgriffa writes:
> I just realized that someone entered my debian box with cablemodem. I
> couldn't find anything in the logs,...
Thereby demonstrating that the author of the script your script-kiddie used
is not incompetent.
> ...but the pump package was deleted.
Why do you consider this proof t
es I didnt't use (It
> was left all default, as I installed in a rush), and now I'd like a good
> intrusion detection system.
> I'd like to hear about any advices about not security (too wide)
> but tools to run in cron and which may be usefull for this kind of
> s
7;d like a good
intrusion detection system.
I'd like to hear about any advices about not security (too wide)
but tools to run in cron and which may be usefull for this kind of
situations.
Thanks!
39 matches
Mail list logo
