Displaying 19 results from an estimated 19 matches for "chchile".
Did you mean:
chile
2006 May 26
3
Integrating ProPolice/SSP into FreeBSD
Hi,
first sorry for cross-posting but I thought this patch might interest
-CURRENT users as well as people concerned by security.
I wrote a patch that integrates ProPolice/SSP into FreeBSD, one step
further than it has been realized so far.
It is available here :
http://tataz.chchile.org/~tataz/FreeBSD/SSP/
Everything is explained on the web page, but I will repeat some
informations here. The patchset is splitted in two parts to ease the
review of the patch. The -propolice patch is only the original
ProPolice patch for GCC 3.4.4 applied on FreeBSD source tree. The
-freebsd...
2007 Dec 25
3
ProPolice/SSP in 7.0
...ld like to use stack
smashing protection in order to harden my boxes and avoid many potential
exploits.
I've known about ProPolice/SSP for a while now (from the Gentoo world)
and am aware that FreeBSD 7.0 doesn't yet support it though I know of
Jeremy Le Hen's patches (http://tataz.chchile.org/~tataz/FreeBSD/SSP/).
Some time after 7.0 is released I'd like to upgrade and apply SSP
throughout kernel, userland and ports while I'm at it. However, being an
unsupported patchset and all, I have some concerns which I'd like some
feedback on well before I embark on this projec...
2005 Oct 04
3
[patch] LOCKED_PASSWD_STRING for FreeBSD
...ould add that, while not directly important for the
FreeBSD OS since it doesn't use autotools stuffs, it is for
users that don't use the stock OpenSSH provided with FreeBSD.
Thanks for your work, keep on ! :-)
Best regards,
--
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
-------------- next part --------------
Index: configure.ac
===================================================================
RCS file: /cvs/openssh/configure.ac,v
retrieving revision 1.296
diff -u -p -u -r1.296 configure.ac
--- configure.ac 22 Sep 2005 10:19:54 -0000 1.296
+++ confi...
2006 May 09
1
xmalloc symbol in libssh
...on of `xstrdup'
% ftpd.o(.text+0x1460): first defined here
% /usr/obj/usr/src/tmp/usr/bin/ld: Warning: size of symbol `xstrdup' changed from 44 in ftpd.o to 70 in /usr/obj/usr/src/tmp/usr/lib/libssh.a(xmalloc.o)
%%%
Regards,
--
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
2005 Mar 09
0
[djm@cvs.openbsd.org: OpenSSH 4.0 released]
----- Forwarded message from Damien Miller <djm@cvs.openbsd.org> -----
Subject: OpenSSH 4.0 released
From: Damien Miller <djm@cvs.openbsd.org>
Date: Wed, 9 Mar 2005 02:54:13 -0700 (MST)
To: announce@openbsd.org
X-Original-To: jeremie@le-hen.org
Delivered-To: tataz@tataz.chchile.org
X-Loop: announce@openbsd.org
Precedence: list
OpenSSH 4.0 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
We w...
2005 Sep 22
2
Tunnel-only SSH keys
Hello.
I once read somewhere that it's possible to limit SSH pubkeys to
'tunnel-only'. I can't seem to find any information about this
in any of the usual places.
I'm going to be deploying a few servers in a couple of days and
I'd like them to log to a central server over an SSH tunnel (using
syslog-ng) however I'd like to prevent actual logins (hence
2005 May 23
2
How to setup IPSec tunnel between FreeBSD and Linux systems...?
Hi,
I am trying to setup ipsec tunnel between Freebsd
(host1) and Linux (host2) systems.And I also
interested in executing some ipsec test cases( Like
TAHI conformance test suite) on the same connection.
Please, suggest me some details regarding this setup
and Specify any materials which can be obtained from
from any locations(site)..
I have enabled IPSec support for FreeBSD (4.11
Release) and
2005 Jul 29
1
booting gbde-encrypted filesystem
Hello,
I think there was already a thread on this. I just
want to raise the question again if anyone has successfully
booted an gdbe-encrypted filesystem (everything encrypted except
the bootloader). The passphrase is entered at the bootloader prompt
or embedded in the bootloader.
I appreciate any tips.
Thanks,
- ronnel
2008 Jan 16
5
xen backup
hi
I am trying to stop the application running in the VM from the host
machine.....that means by typing some command in the host machine, (script
or using some API''s or sending some signal to VM from the host), i want stop
application running in the VM.......is there any way to do this.....if
anybody know this please help me.......
I want this because......I want to take VM consistent
2005 Dec 11
1
geli or gbde encryption of slices
Hello,
I was playing around with geli an gbde after last EuroBSDCon.
I liked the idea of encrypting my data which resides in /home/$user.
Since this is a "single" user laptop i intended to encrypt the
whole /home partition. Well no problems with that. But i wanted
the lockfile or keyfile on a seperate usb disc. Which would be
mounted or used during boot of the system. I also used
2005 Oct 23
2
Is it feasible to cross-build compat5x binary?
Hi folks,
I think we need to update compat5x binary to fix FreeBSD-SA-05:21.openssl,
but will the binaries built by ``make universe'' be identical with actual
build on Alpha, Sparc64, etc? (Yes, I'm volunteering to do the work iff
they are identical ;-)
Cheers,
--
Xin LI <delphij frontfree net> http://www.delphij.net/
See complete headers for GPG key and other information.
2008 Jan 21
5
denyhosts-like app for MySQLd?
Hi all,
?Is there any app like denyhosts[1] but intended for MySQLd service?
We have a mysql ports (3306) opened for remote connections, and
obviously the /var/db/mysql/machine_name.log is full of these kind of
entries:
...........
936012 Connect Access denied for user 'user'@'85.19.95.10' (using
password: YES)
936013 Connect Access denied for user
2005 Aug 18
4
Closing information leaks in jails?
Hello,
I'm wondering about closing some information leaks in FreeBSD jails from
the "outside world".
Not that critical (depends on the application), but a simple user, with
restricted devfs in the jail (devfsrules_jail for example from
/etc/defaults/devfs.rules) can figure out the following:
- network interfaces related data, via ifconfig, which contains
everything, but the
2005 Jul 21
7
FW: Adding OpenBSD sudo to the FreeBSD base system?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I really do not agree with adding it to the base system.
Just because you guys use sudo does not mean other people do.
In fact many people do not have a use for sudo at all.
Not every one gives out root accounts. You are only adding another utility
In that can possibly be used to escalate privileges.
Every time I secure a system I spend some time
2007 Mar 07
1
freebsd vpn server behind nat dsl router
Hello Greg,
I am writing you, because I saw your responses to a couple of messages on
the freebsd-security mailing list related to freebsd vpn and nat.
My situations is rather unique, and I am needing an expert's eyes to
glance at it and confirm whether it is doable or not. I have a simple
diagram that illustrates what I am trying to do, and it is located here
(about 40k):
2005 Oct 11
10
FreeBSD Security Advisory FreeBSD-SA-05:21.openssl
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-05:21.openssl Security Advisory
The FreeBSD Project
Topic: Potential SSL 2.0 rollback
Category: contrib
Module: openssl
Announced: 2005-10-11
2006 Oct 01
4
HEADS UP: FreeBSD 5.3, 5.4, 6.0 EoLs coming soon
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello Everyone,
On October 31st, FreeBSD 5.3 and FreeBSD 5.4 will have reached their
End of Life and will no longer be supported by the FreeBSD Security
Team. Users of either of those FreeBSD releases are strongly encouraged
to upgrade to FreeBSD 5.5 or FreeBSD 6.1 before that date.
In addition, the FreeBSD 6.0 End of Life is presently scheduled
2005 Nov 16
11
Need urgent help regarding security
Good Day!
I think we have a serious problem. One of our old
server running FreeBSD 4.9 have been compromised and
is now connected to an ircd server..
195.204.1.132.6667 ESTABLISHED
However, we still haven't brought the server down in
an attempt to track the intruder down. Right now we
are clueless as to what we need to do..
Most of our servers are running legacy operating
systems(old
2007 Jan 11
2
FreeBSD Security Advisory FreeBSD-SA-07:01.jail
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-07:01.jail Security Advisory
The FreeBSD Project
Topic: Jail rc.d script privilege escalation
Category: core
Module: etc_rc.d
Announced: