On Sat 19 May 2012 at 15:04:28 -0600, Glenn English wrote:
>
> On May 19, 2012, at 2:35 PM, Camaleón wrote:
>
> > You can also run rkhunter to scan your system.
>
> Done. It says:
>
> > File properties checks...
> > Files checked: 128
> > Suspect files: 0
> >
> > Rootkit checks...
>
On Sun, 20 May 2012 09:40:02 -0600, Glenn English wrote:
> On May 20, 2012, at 4:55 AM, Camaleón wrote:
>
You can also run rkhunter to scan your system.
>
> rkhunter may not have found any rootkits, but it found a couple inetd
> entries it didn't care for. I had ident turned on, and it does
On May 20, 2012, at 4:55 AM, Camaleón wrote:
>>> You can also run rkhunter to scan your system.
rkhunter may not have found any rootkits, but it found a
couple inetd entries it didn't care for. I had ident turned
on, and it doesn't like Amanda, my backup.
> 1/ Monitor the Fail2ban logs to ch
On Sat, 19 May 2012 15:04:28 -0600, Glenn English wrote:
> On May 19, 2012, at 2:35 PM, Camaleón wrote:
>
>> You can also run rkhunter to scan your system.
>
> Done. It says:
>
> File properties checks...
> Files checked: 128
> Suspect files: 0
>
> Rootkit checks...
> Rootkits chec
On Sat, 19 May 2012 14:59:19 -0600, Glenn English wrote:
> On May 19, 2012, at 2:35 PM, Camaleón wrote:
>
>> Is your Dovecot publicly accesible?
>
> Yes.
Okay, then the attacks make more sense.
What still worries me is the empty (yet unknown) IP address of the
machine from where this is comi
On May 19, 2012, at 2:35 PM, Camaleón wrote:
> You can also run rkhunter to scan your system.
Done. It says:
> File properties checks...
> Files checked: 128
> Suspect files: 0
>
> Rootkit checks...
> Rootkits checked : 110
> Possible rootkits: 0
>
> Applications checks...
>
On May 19, 2012, at 2:35 PM, Camaleón wrote:
> Is your Dovecot publicly accesible?
Yes.
> I also get login tries in my Cyrus
> coming from the outside, they're usually from automated bots running on
> zombi windows machines... if that's the case, you can apply counter-measures
> to cut these
On Sat, 19 May 2012 14:05:41 -0600, Glenn English wrote:
> I am getting many, many entries in auth.log like these:
>
> /var/log/auth.log:May 17 13:31:14 server dovecot-auth:
> pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0
> tty=dovecot ruser=webmaster rhost=
> /var/log/
I am getting many, many entries in auth.log like these:
> /var/log/auth.log:May 17 13:31:14 server dovecot-auth:
> pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0
> tty=dovecot ruser=webmaster rhost=
> /var/log/auth.log:May 17 13:31:20 server dovecot-auth:
> pam_unix(dove
solved after installed latest shadow,
seems /etc/pam.d/login is too old ...
On 9/28/05, swhe <[EMAIL PROTECTED]> wrote:
> any detail?
>
> On 9/28/05, cc <[EMAIL PROTECTED]> wrote:
> >
> > hi, all
> > i installed a new Linux-PAM library ,
> > and then i found i locked my self outdoor.
> > anyone ca
hi, all
i installed a new Linux-PAM library ,
and then i found i locked my self outdoor.
anyone can help?
thanks.
On Wed, Aug 20, 2003 at 06:55:27AM -0400, Anita Lewis wrote:
> I just installed debian on another partition. I have Sarge going on one
> partition, but am starting from scratch for learning purposes - and to make
> proper notes this time.
>
> xdm started right up and I could login as root and user
I just installed debian on another partition. I have Sarge going on one
partition, but am starting from scratch for learning purposes - and to make
proper notes this time.
xdm started right up and I could login as root and user (ajlewis2) Then I
decided to mount my /home partition and use that. I
On Wed, Jun 16, 1999 at 05:53:07PM -0600, Jason Gunthorpe wrote:
>
> On 16 Jun 1999, Rob Browning wrote:
>
> >
> > If so, then when I tried those modifications, I couldn't figure out
> > how to get reasonable behavior. If you have
> >
> > auth sufficient pam_ldap.so
> > auth r
Jason Gunthorpe <[EMAIL PROTECTED]> writes:
> I used this complex invokation, you'll need an appropriately bug-fixed pam
> library (Ben, you have my patches..)
That's nice. Thanks. That solves at least part of my problem, though
I'm beginning to think that we may be better off cobbling up somet
> > If so, then when I tried those modifications, I couldn't figure out
> > how to get reasonable behavior. If you have
> >
> > auth sufficient pam_ldap.so
> > auth required pam_unix_auth.so try_first_pass
> >
> > then if the entry is found in ldap, pam returns and you never e
On 16 Jun 1999, Rob Browning wrote:
>
> If so, then when I tried those modifications, I couldn't figure out
> how to get reasonable behavior. If you have
>
> auth sufficient pam_ldap.so
> auth required pam_unix_auth.so try_first_pass
>
> then if the entry is found in ldap,
Before I ask more detailed questions, I wanted to know if I really
need to edit the /etc/pam.d files presuming that I've modified my
/etc/nsswitch.conf file?
If so, then when I tried those modifications, I couldn't figure out
how to get reasonable behavior. If you have
auth sufficient
John Galt writes:
> You have a rudimentary version of PPP with the base installation
Nothing rudimentary about it. The base package includes the complete ppp
package. The pppd binary in it was compiled without pam to save space.
> So the short answer is no, you don't NEED it--you can dial out j
You have a rudimentary version of PPP with the base installation--PPP-pam
just adds a little bit to it so that it's a little easier to use in some
cases, and a lot more secure in others. So the short answer is no, you
don't NEED it--you can dial out just fine without it. However IIWY I'd
try to
Christian Dysthe writes:
> I can not seem to get PPP-pam to install right. Do I need it?
No.
> I have tried to remove it also, but dependency problems prevents me since
> general PPP seems to be dependant on it.
I show ppp as suggesting ppp-pam. What is the error message?
--
John Hasler
[EMAIL
Hi,
I can not seem to get PPP-pam to install right. Do I need it? I have tried to
remove it also, but dependency problems prevents me since general PPP seems to
be dependant on it.
Help would be greatly appreciated.
TIA
P.S PPP works fine (running slink)
---
R
22 matches
Mail list logo
