https://qa.mandrakesoft.com/show_bug.cgi?id=748
[EMAIL PROTECTED] changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |major
------- Additional Comments From [EMAIL PROTECTED] 2003-02-07 22:31 -------
hummm actually it is more serious than I thought.
If I change 0 to 1 in my /etc/security/msec/level.local which contains:
from mseclib import *
accept_bogus_error_responses(0)
then NOTHING happens now. /etc/sysctl.conf is unchanged !
This is a security problem so I change security to major.
Actually my level.local is the following :
from mseclib import *
accept_bogus_error_responses(0)
allow_autologin(0)
allow_user_list(0)
allow_xserver_to_listen(0)
enable_at_crontab(0)
enable_dns_spoofing_protection(1,1)
enable_ip_spoofing_protection(1,1)
enable_log_strange_packets(1)
enable_msec_cron(1)
enable_pam_wheel_for_su(1)
enable_promisc_check(1)
enable_security_check(1)
no_password_aging_for('xxx')
no_password_aging_for('yyyl')
no_password_aging_for('zzz')
password_aging(180, 10)
password_history(10)
password_length(7)
set_shell_timeout(0)
set_shell_history_size(-1)
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
------- Reminder: -------
assigned_to: [EMAIL PROTECTED]
status: UNCONFIRMED
creation_date:
description:
Jan 7 07:00:21 spirit msec: Accepting bogus icmp error responses
Jan 7 07:00:21 spirit msec: set variable net.ipv4.icmp_ignore_bogus_error_responses
to 1 in
/etc/sysctl.conf
Shouldn't it be Ignoring bogus icmp error responses instead of 'Accepting ' ??
I noticed several msg like that in the syslog doing msec level 3 to 4
