Re: Security question about daemon-init

On 29/08/2023 18:35, Bhasker C V wrote: Apologies in advance for cross-group posting. I have enabled selinux  and after carefully allowing certain permissions, I have put my system in enforcing mode I do see a suspicious line like this [  115.089395] audit: type=1400 audit(1693329979.841:1

Re: Security question concerning jail or virtualization

On Fri, Mar 14, 2014 at 03:50:09AM +0100, Martin Braun wrote: > Hi > > I have recently experienced a server being "hacked" due to a security > problem with a PHP application that made it possible for the "hacker" to > gain a web shell. > > Due to this experience I would like to know what the best

Re: Security question concerning jail or virtualization

On Fri, 14 Mar 2014 03:50:09 +0100 Martin Braun wrote: > Hi > > I have recently experienced a server being "hacked" due to a security > problem with a PHP application that made it possible for the "hacker" to > gain a web shell. > > Due to this experience I would like to know what the best way

Re: Security question concerning jail or virtualization

On Fri, Mar 14, 2014 at 4:30 AM, Scott Ferguson wrote: > On 14/03/14 15:51, shawn wilson wrote: >> >> On Mar 14, 2014 12:13 AM, "Brad Alexander" > > wrote: >>> >> > > Due to this experience I would like to know what the best way to >> limit such problems is, espec

Re: Security question concerning jail or virtualization

On 14/03/14 15:51, shawn wilson wrote: > > On Mar 14, 2014 12:13 AM, "Brad Alexander" > wrote: >> > Due to this experience I would like to know what the best way to > limit such problems is, especially when hosting web servers for users > who may or may not in

Re: Security question concerning jail or virtualization

On Mar 14, 2014 12:13 AM, "Brad Alexander" wrote: > >>> >>> Due to this experience I would like to know what the best way to limit such problems is, especially when hosting web servers for users who may or may not installed unsecure applications on the web server. > > > Auditing your security is

Re: Security question concerning jail or virtualization

On Thu, Mar 13, 2014 at 11:39 PM, shawn wilson wrote: > Well Linux has LXC which is supposed to be equivalent to jails (also see > docker). But use whatever suits you. > As are the older-school OpenVZ and Linux VServer technologies. > Idk what's current for breaking out of VMs is. It might be go

Re: Security question concerning jail or virtualization

On 14/03/14 13:50, Martin Braun wrote: > Hi > > I have recently experienced a server being "hacked" due to a security > problem with a PHP application that made it possible for the "hacker" to > gain a web shell. Has that problem been rectified? If not then virtualization won't solve the problems

Re: Security question concerning jail or virtualization

Well Linux has LXC which is supposed to be equivalent to jails (also see docker). But use whatever suits you. Idk what's current for breaking out of VMs is. It might be good to pay attention to who is using the most entropy and make sure you don't run out. Most VMs use processor VT to isolate thin

Re: security question

On 10/21/08 12:10, Paul Johnson wrote: Bogdan wrote: This is stupid! Any decent web developer would make his app work at least with IE, Firefox and Safari ( my opinion )! That's stupid. Nobody should ever be coding with only specific browsers in mind. Get it to validate on http://validator

Re: security question

2008/10/18 Carl Fink <[EMAIL PROTECTED]>: > One other possibility: install virtualbox-ose, and run an occasional Windows > session inside Debian when you need to bank. That's what I do with some > specific software I need for my job. > What software is that, Carl? -- Dotan Cohen http://what-is

Re: security question

2008/10/18 Bogdan <[EMAIL PROTECTED]>: > Hey, > > Although I don't like it, the bank i work with only offers Internet Banking > that works only under Internet Explorer. So, unfortunately, if I want to > check out my account I see myself obliged to boot Windows :(. I know that IE > can be installed

Re: security question

Bogdan wrote: > This is stupid! Any decent web developer would make his app work at > least with IE, Firefox and Safari ( my opinion )! That's stupid. Nobody should ever be coding with only specific browsers in mind. Get it to validate on http://validator.w3.org/ Then if it doesn't work, it's

Re: security question

On Sat, Oct 18, 2008 at 08:12:53PM +0300, Bogdan wrote: > Paul Johnson wrote: >> Douglas A. Tutty wrote: >> >>> On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: >>> Although I don't like it, the bank i work with only offers Internet Banking that works only under Internet

Re: security question

Bogdan wrote: > Emanoil Kotsev wrote: >> Bogdan wrote: >> >> >>> Paul Johnson wrote: >>> Douglas A. Tutty wrote: > On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: > > > >> Although I don't like it, the bank i work with o

Re: security question

On 10/19/08 06:02, Bogdan wrote: [snip] This is stupid! Any decent web developer would make his app work at least with IE, Firefox and Safari ( my opinion )! I really don't understand why these, let's face it, hugely funded internet banking applications restrict you to the weakest browser in

Re: security question

On Sun,19.Oct.08, 14:02:11, Bogdan wrote: > Andrei, I didn't know that Unicredit Tiriac works with Firefox, I was > meaning ING :D. There might be others as well. You could search the archives of rlug (offtopic), as this subject comes up regularly. Regards, Andrei -- If you can't explain it s

Re: security question

Carl Fink wrote: > On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: > >> Although I don't like it, the bank i work with only offers Internet >> Banking that works only under Internet Explorer. So, unfortunately, if I >> want to check out my account I see myself obliged to boot Windows

Re: security question

Emanoil Kotsev wrote: Bogdan wrote: Paul Johnson wrote: Douglas A. Tutty wrote: On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: Although I don't like it, the bank i work with only offers Internet Banking that works only under Internet Explorer. So,

Re: security question

Bogdan wrote: > Paul Johnson wrote: >> Douglas A. Tutty wrote: >> >>> On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: >>> >>> Although I don't like it, the bank i work with only offers Internet Banking that works only under Internet Explorer. So, unfortunately, if

Re: security question

Bogdan wrote: > Hey, > > Although I don't like it, the bank i work with only offers Internet > Banking that works only under Internet Explorer. So, unfortunately, if I > want to check out my account I see myself obliged to boot Windows :(. I > know that IE can be installed through wine but no one

Re: security question

On Sat,18.Oct.08, 20:12:53, Bogdan wrote: > Thanks for your answers! > Although i really like my bank, I considered switching because of this > reason, but as far as I can tell, there is only one bank in Romania that > offers Internet Banking with Firefox :(, and I don't like it. Unicredit Țiri

Re: security question

On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: > > Although I don't like it, the bank i work with only offers Internet > Banking that works only under Internet Explorer. So, unfortunately, if I > want to check out my account I see myself obliged to boot Windows :(. I > know that IE c

Re: security question

On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: > Hey, > > Although I don't like it, the bank i work with only offers Internet > Banking that works only under Internet Explorer. So, unfortunately, if I > want to check out my account I see myself obliged to boot Windows :(. I > know th

Re: security question

On 10/18/08 11:51, Bogdan wrote: Hey, Although I don't like it, the bank i work with only offers Internet Banking that works only under Internet Explorer. So, unfortunately, if I want to check out my account I see myself obliged to boot Windows :(. I know that IE can be installed through wine

Re: security question

Paul Johnson wrote: Douglas A. Tutty wrote: On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: Although I don't like it, the bank i work with only offers Internet Banking that works only under Internet Explorer. So, unfortunately, if I want to check out my account I see myself

Re: security question

Douglas A. Tutty wrote: > On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: > >> Although I don't like it, the bank i work with only offers Internet >> Banking that works only under Internet Explorer. So, unfortunately, if I >> want to check out my account I see myself obliged to boot Wi

Re: security question

Bogdan wrote: > Although I don't like it, the bank i work with only offers Internet > Banking that works only under Internet Explorer. Time to switch banks, and tell them why. signature.asc Description: OpenPGP digital signature

Re: security question

On Sat, Oct 18, 2008 at 07:51:38PM +0300, Bogdan wrote: > Although I don't like it, the bank i work with only offers Internet > Banking that works only under Internet Explorer. So, unfortunately, if I > want to check out my account I see myself obliged to boot Windows :(. I > know that IE can be

Re: Security question: are these vulnerabilities addressed?

Douglas Allan Tutty <[EMAIL PROTECTED]> writes: > On Sun, Jun 03, 2007 at 12:50:51AM -0400, Scott Gifford wrote: >> Douglas Allan Tutty <[EMAIL PROTECTED]> writes: >> > On Fri, Jun 01, 2007 at 12:07:23AM -0400, Scott Gifford wrote: >> >> Postgres completely fell apart, and it took many hours to pi

Re: Security question: are these vulnerabilities addressed?

On Sun, Jun 03, 2007 at 12:50:51AM -0400, Scott Gifford wrote: > Douglas Allan Tutty <[EMAIL PROTECTED]> writes: > > On Fri, Jun 01, 2007 at 12:07:23AM -0400, Scott Gifford wrote: > >> Postgres completely fell apart, and it took many hours to piece things > >> back together. > > > > Did you have a

Re: Security question: are these vulnerabilities addressed?

Douglas Allan Tutty <[EMAIL PROTECTED]> writes: > On Fri, Jun 01, 2007 at 12:07:23AM -0400, Scott Gifford wrote: >> Andrew Sackville-West <[EMAIL PROTECTED]> writes: >> > On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: >> >> Kamaraju S Kusumanchi <[EMAIL PROTECTED]> writes: >> >> Ou

Re: Security question: are these vulnerabilities addressed?

On Fri, Jun 01, 2007 at 12:07:23AM -0400, Scott Gifford wrote: > Andrew Sackville-West <[EMAIL PROTECTED]> writes: > > On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: > >> Kamaraju S Kusumanchi <[EMAIL PROTECTED]> writes: > >> Our upgrade from Woody to Sarge was so disastrous, I will

Re: Security question: are these vulnerabilities addressed?

Andrew Sackville-West <[EMAIL PROTECTED]> writes: > On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: >> Kamaraju S Kusumanchi <[EMAIL PROTECTED]> writes: [...] >> > BTW, is upgrade to Etch from Sarge not an option in your case? >> >> Our upgrade from Woody to Sarge was so disastr

Re: Security question: are these vulnerabilities addressed?

On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: > Kamaraju S Kusumanchi <[EMAIL PROTECTED]> writes: > > > Scott Gifford wrote: > > > > > >> CVE-2006-0225OpenSSH Local SCP Shell Command Execution > >>From /usr/share/doc/openssh-server/changelog.Debian.gz on Debian Etch > > ma

Re: Security question: are these vulnerabilities addressed?

Kamaraju S Kusumanchi <[EMAIL PROTECTED]> writes: > Scott Gifford wrote: > > >> CVE-2006-0225OpenSSH Local SCP Shell Command Execution >>From /usr/share/doc/openssh-server/changelog.Debian.gz on Debian Etch > machine running openessh-server 4.3p2-9, this was fixed in 1:4.3p2-1 Thanks, fro

Re: Security question: are these vulnerabilities addressed?

Scott Gifford wrote: > CVE-2006-0225OpenSSH Local SCP Shell Command Execution >From /usr/share/doc/openssh-server/changelog.Debian.gz on Debian Etch machine running openessh-server 4.3p2-9, this was fixed in 1:4.3p2-1 No idea about other stuff. BTW, is upgrade to Etch from Sarge not an

RE: security question (sshd log)

Is your sshd setup to protocol 2 only? I would suggest seting it up so it is. regards thing -Original Message- From: Tarapia Tapioco [mailto:[EMAIL PROTECTED] Sent: Wednesday, 3 November 2004 11:29 a.m. To: [EMAIL PROTECTED] Subject: security question (sshd log) I found the following e

Re: Security question

On Sat, Dec 06, 2003 at 06:36:55PM -0500, Roberto Sanchez wrote: > At the risk of starting a flamefest, what is a good IDS? I ask because > the recent compromises have got me thinking. I have a couple of > web/mail servers I am adminning at school, and I really have no way of > knowing if they ha

Re: Security question

On Sat, 6 Dec 2003, Scott C. Linnenbringer wrote: > On Sat, Dec 06, 2003, at 17:27 -0800, Alvin Oga wrote: > > > i say, if your ids does find an intruder .. game over ... too late .. > > Unless *you* don't know you're harboring an intruder... yes... know people that had a cracker in their se

Re: Security question

On Sat, Dec 06, 2003, at 17:27 -0800, Alvin Oga wrote: > i say, if your ids does find an intruder .. game over ... too late .. Unless *you* don't know you're harboring an intruder... -- scott c. linnenbringer| [EMAIL PROTECTED] http://www.panix.com/~sl | [EMAIL PROTECTED] pgp0.

Re: Security question

hi ya roberto On Sat, 6 Dec 2003, Roberto Sanchez wrote: > At the risk of starting a flamefest, what is a good IDS? I ask because > the recent compromises have got me thinking. I have a couple of > web/mail servers I am adminning at school, and I really have no way of > knowing if they have be

Re: Security Question

On Fri, Jan 03, 2003 at 12:27:34PM -0800, John Gedeon wrote: > Thanks for all the help Colin, > > I will try that as soon as I get the chance. Another thought: Are they using any sort of reasonably standard VPN? There're a few different ipsec-based vpn packages in Debian, including FreeSwan and

Re: Security Question

Thanks for all the help Colin, I will try that as soon as I get the chance. John At 12:16 PM 1/3/2003, you wrote: On Fri, Jan 03, 2003 at 11:25:32AM -0800, John Gedeon wrote: > Thanks Colin for all the info. > Here is the header stuff on PBINDING but i think its a waste of time to > debug the

Re: Security Question

On Fri, Jan 03, 2003 at 11:25:32AM -0800, John Gedeon wrote: > Thanks Colin for all the info. > Here is the header stuff on PBINDING but i think its a waste of time to > debug their stuff any further. I think I will try to downgrade to their > version of glibc and try it. Oh, I think I might kno

Re: Security Question

Thanks Colin for all the info. Here is the header stuff on PBINDING but i think its a waste of time to debug their stuff any further. I think I will try to downgrade to their version of glibc and try it. (is glibc mean gnu libc?? because they said they weren't sure that the gnu c libs were compa

Re: Security Question

On Fri, Jan 03, 2003 at 11:03:36AM -0800, John Gedeon wrote: > >> > I get the following compile time errors: linuxcniapi.c: In > >> > function `CNI_LINUXGetMacAddress': linuxcniapi.c:1118: > >> > dereferencing pointer to incomplete type linuxcniapi.c:1120: > > > >Can we see a few lines of code aro

Re: Security Question

> > I get the following compile time errors: linuxcniapi.c: In > > function `CNI_LINUXGetMacAddress': linuxcniapi.c:1118: > > dereferencing pointer to incomplete type linuxcniapi.c:1120: Can we see a few lines of code around those locations in that file? lines 1107 - 1128 PBINDING pBindi

Re: Security Question - .config

On Fri, 3 Jan 2003, Alvin Oga wrote: > On Fri, 3 Jan 2003, Colin Watson wrote: > > > On Fri, Jan 03, 2003 at 08:54:27AM -0800, John Gedeon wrote: > > > I had another question that is related to my IT guys response: > > >When I compiled their vpn client, it was looking for modversions.h > > > w

Re: Security Question - .config

On Fri, 3 Jan 2003, Colin Watson wrote: > On Fri, Jan 03, 2003 at 08:54:27AM -0800, John Gedeon wrote: > > I had another question that is related to my IT guys response: > >When I compiled their vpn client, it was looking for modversions.h > > which I found you had to run make old-config (n

Re: Security Question

At 09:01 AM 1/3/2003, you wrote: On Fri, Jan 03, 2003 at 08:54:27AM -0800, John Gedeon wrote: > I had another question that is related to my IT guys response: >When I compiled their vpn client, it was looking for modversions.h > which I found you had to run make old-config (not sure of exact

Re: Security Question

At 09:01 AM 1/3/2003, Colin wrote: *ahem* I *really* wouldn't bother trying to convince them. It's not worth fighting with people like that. Okay I will keep that in mind thanks 4 the tip :) Can we see a few lines of code around those locations in that file? If there doesn't seem to be any

Re: Security Question

On Fri, Jan 03, 2003 at 08:54:27AM -0800, John Gedeon wrote: > I had another question that is related to my IT guys response: >When I compiled their vpn client, it was looking for modversions.h > which I found you had to run make old-config (not sure of exact command) to > get the source to g

Re: Security Question

Thanks for all the input guys, it has been very helpful. Didn't mean to sound like a troll or start any flames, just wanted to be sure that my IT people were as misinformed as I thought they were (I am biased towards Debian when I pick linux flavors but I wanted to be sure my bias had some backi

Re: Security Question

> John Gedeon wrote: > > > I have Debian installed on my home computer (3.0 stable version) I want > > to use it to remote login in to work, however the people in charge of the > > remote logins (IT) at my work say that Debian has lots of security holes. I > > was wondering what security holes

Re: Security Question

On Thu, Jan 02, 2003 at 03:39:22PM -0800, John Gedeon wrote: > I have Debian installed on my home computer (3.0 stable version) I want > to use it to remote login in to work, however the people in charge of the > remote logins (IT) at my work say that Debian has lots of security holes. It's un

Re: Security Question

On Thu, Jan 02, 2003 at 03:39:22PM -0800, John Gedeon wrote: > I have Debian installed on my home computer (3.0 stable version) I want > to use it to remote login in to work, however the people in charge of the > remote logins (IT) at my work say that Debian has lots of security holes. I > was

Re: Security Question

hi ya john On Thu, 2 Jan 2003, Jamin W. Collins wrote: > While this message screams troll, there's the possiblity your question > is legit. yuppers.. > On Thu, Jan 02, 2003 at 03:39:22PM -0800, John Gedeon wrote: > > > I have Debian installed on my home computer (3.0 stable version) I > > wa

Re: Security Question

While this message screams troll, there's the possiblity your question is legit. On Thu, Jan 02, 2003 at 03:39:22PM -0800, John Gedeon wrote: > I have Debian installed on my home computer (3.0 stable version) I > want to use it to remote login in to work, however the people in > charge of the rem

Re: Security Question

John Gedeon wrote: > I have Debian installed on my home computer (3.0 stable version) I want > to use it to remote login in to work, however the people in charge of the > remote logins (IT) at my work say that Debian has lots of security holes. I > was wondering what security holes Debian may

Re: security question: running a public ftp server

On Sat, Dec 16, 2000 at 12:09:22AM -0800, Peter Jay Salzman wrote: > can someone point me to documentation specifically aimed at beefing up > security of ftp and apache? everything is behind an LRP (linux router > project) firewall, so i'm pretty secure otherwise. i let hardly anything in > or o

Re: Security Question

On Sat, 28 Aug 1999, Mark Wagnon wrote: > > The only thing I recognize is tripwire, and that from reading it in > few posts, but it appears to be available only in rpm format, and as > source only. tripwire is available as .deb (section non-free/admin) at least in slink. []s, Mario O.de Menezes

Re: Security Question

Check out Abacus PortSentry if you're looking for pretty good portscanning detection software. He also does a log scanner and a host protection scanner. http://www.psionic.org/ On Sat, 28 Aug 1999, Mark Wagnon wrote: > Hi all: > > I'm looking at Firewall and Security listing on Freshmeat, but

Re: Security Question

> I've been lurking in a few lists, and I keep reading about port > scans, so I'd like to learn more about them, and how to detect/log > them, etc. > > The only thing I recognize is tripwire, and that from reading it in > few posts, but it appears to be available only in rpm format, and as > sourc