search for: aoy

...s first. Vendor fixes * Red Hat Linux from Red Hat Software o Red Hat Linux/Alpha 4.1, 4.2 ftp://ftp.redhat.com/updates/4.2/alpha/XFree86-devel-3.2-10.alpha.rpm ftp://ftp.redhat.com/updates/4.2/alpha/XFree86-libs-3.2-10.alpha.rpm ftp://ftp.aoy.com/pub/Linux/security/DISTRIBUTION-FIXES/RedHat/XFree86-devel-3.2-10.alpha.rpm ftp://ftp.aoy.com/pub/Linux/security/DISTRIBUTION-FIXES/RedHat/XFree86-libs-3.2-10.alpha.rpm o Red Hat Linux/Intel 4.0, 4.1, 4.2 ftp://ftp.redhat.com/updates/4.2/i386/XFree86-deve...

greetings all. GnuCash 2.4.15 - both help and tutor drop out when attempting to read within a few seconds of opening. submitted bug report. system: centos 6.8 current toshiba satellite l455d-s5976 w/ amd sempron si-42, 2GB ddr2 aoy, have not search centos or web for problem. thought i might try quick and easy first. has anyone seen such problem? would installing latest version possibly be best answer? tia. -- The important thing is not to stop questioning. - Albert Einstein CentOS GNU/Linux 6.8 KDE 4.3.4 peace out....

...t installation does not require the clearance, does it? Please do not ask to post re-runs of old exploits - they are available and easily accessible on the Web. Search engines do wonderful things. Links to archives of this list as well as information about LSF updates is available under http://www.aoy.com/Linux/Security/ [Moderator''s hat off] Best wishes, Alex ----------------------------------------------------------------------------- Alex "Mr. Worf" Yuriev Nationwide ISP Bandwidth: [www.netaxs.net ] Net Access Outsourced News Reading:...

-----BEGIN PGP SIGNED MESSAGE----- Hi, The new externally accessible URL for Linux Security WWW is http://www.aoy.net/Linux/Security/. Please update your pointers. Bach.cis.temple.edu/linux/linux-security/ will have a pointer to a new site. Red Hat''s mirror (http://www.redhat.com/linux-info/security/) should be pointing to a new address in a couple of days. -----BEGIN PGP SIGNATURE----- Version: 2.6...

Actually I just looked at my RH 5.2 dist and it looks as if Tripwire 1.3 is shipped with it.

Hi, I''ve had several people ask me about a comment I made in a previous post; <quote> Dan, firstly, if you haven''t touched the compromised system much, do a "dd" across the raw disk and grep it for log fragments. I have seen vital erased logs recovered this way before! </quote> I shall try and explain a bit more! If an attacker erases, or truncates a

...FAX 904 947-5358 | > +--------------------------------------------------+ > >-- >---------------------------------------------------------------------- >Please refer to the information about this list as well as general >information about Linux security at http://www.aoy.com/Linux/Security. >---------------------------------------------------------------------- > >To unsubscribe: > mail -s unsubscribe linux-security-request@redhat.com < /dev/null >

Hi, I am building my own TCP daemon for easing some routine admin stuff... I am no expert on security,. I would really appreciate it if someone sent me some pointers to writing TCP daemons that are hacker-proof( i know there is nothing like that...but I do not want to be making mistakes in coding that are well known.. ;) The daemon runs as root....so that is why I am woried.... Thx, Arni

For someone that wants to begin securing his or her network. What would be the starting point ? I guess in sort of a check list format. I mean as of now Im not administering a network. But in the old company I used to work for. Security was a big problem there were no polices in place. And in what ways can one reduce the amount of work it take to keep up with securing and monitoring a diversed

RedHat 5, when using dhcp to configure the interface calls a script called "ifdhcpc-done" to be executed after a dhcp interface is configured. At the end of the process it updates resolv.conf: if [ -f /etc/dhcpc/resolv.conf ]; then echo "setting up resolv.conf" >> /tmp/dhcplog cp /etc/dhcpc/resolv.conf /etc fi There is no protection against the dhcplog

I''d like to hear some suggestions about securely administering a system remotely. Here''s the application: a project is going to scatter some server machines around the US. The server machines will be running Linux, with the only network servers being a custom application. Ignoring the separate question of physical security, how can I remotely check the system''s

Hello, I believe I''ve found a bug in the installation process of OpenLinux 2.2 when using the LISA boot disk. During the installation a temporary passwd file is put on the new file system containing the user "help" set uid=0 gid=0 and no password. Once you are prompted to set the root password and default user password a new passwd and shadow file is created yet the help user

Following Situation: Having an intranet-application that needs to know the ip-Address of the clients before running. Clients anywere in the Internet with any ip-address. So I thought about using masquerading the opposite way than normal. But then anybody could use this application. Dos anybody know how to make it a little bit more secure, like proofing the mac-address of the client, or something

...00-06-15&msg=Pine.LNX.4.10.10006201453090.1812-200000@apollo.aci.com.pl Copyright(c) 2000 Red Hat, Inc. -- ---------------------------------------------------------------------- Please refer to the information about this list as well as general information about Linux security at http://www.aoy.com/Linux/Security. ---------------------------------------------------------------------- To unsubscribe: mail -s unsubscribe linux-security-request@redhat.com < /dev/null

Over the last several day, we''ve been getting pretty regular scans from a non-existant host on our port 7. Any idea what they are looking for/what are some of vulnerabilites with echo? Thanks Coral Cook

Hi , I want to set up my Redhat 6.0 Linux machine to Authenticate username and password and other information for user that received from /etc/passwd & /etc/shadow from MySQL server . How Can I do that ? any Refrences or Manual for this is helpfull :) Thanx Hamid Hashemi

Salve, I''m protecting hades with the tcpd wrappers and had no problems so far, at least none that I noticed. Today happend something strange. An attacker got a connect on a protected port from a not allowed IP: > Unusual System Events > =-=-=-=-=-=-=-=-=-=-= BTW, thanks for that tool. > Jul 1 03:34:56 hades in.null[18321]: twist > slip139-92-93-124.hol.ch.ibm.net to

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Buffer overflow in cron daemon Advisory ID: RHSA-1999:030-01 Issue date: 1999-08-25 Updated on: Keywords: vixie-cron crond MAILTO Cross references: --------------------------------------------------------------------- 1. Topic: A buffer overflow exists in crond, the cron

Hello, I just made available a beta version of a port scan detector that I''ve been working on. The program, called Abacus Sentry, is a port scan/probe detector that offers what I think are a number of unique and useful features: - Runs on TCP or UDP sockets. Configurable by the user to bind to multiples of sockets for increased detection coverage. - Adjustable scan detection value with

We just had a security application vendor come in. We asked about Linux support and he said that putting a security application on top of an insecure OS was useless. When I asked what he meant by insecure he replied that Linux does not have a true Auditing capability - as opposed to HP-UX & Solaris which they do support. Can anyone explain to me what he was talking about? Thanks, Marty