search for: crist

...DefaultPath /opt/openssh/bin Could not be something put into the sshd_config file? Or does this exist in the code, but not (or I missed it) in the documentation? (Oh, and I still need to hack around with the manpages by hand to get them to work in Solaris, but I think that is a known issue?) -- Crist J. Clark Network Security Engineer crist.clark at globalstar.com Globalstar, L.P. (408) 933-4387 FAX: (408) 933-4926 The information contained in this e-mail message is confidential, intended only for the use of the i...

...ple are getting data out of icecast and crunching it for later review/analysis. I am happy to summarize responses that people are comfortable having shared back to the list. My plan is to give a reasonable amount of time for people to compose responses and then send one summary email. Cheers, -- Crist?bal Palmer ibiblio.org metalab.unc.edu

...otherwise writeable, by this other user, but so what. Obviously, I may be missing something. Any interest in this? Let me know if you try it out and any successes or failures. Patches! CURRENT and RELENG_4 version attached. The documentation is included as a patch to the syslogd(8) man page. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org -------------- next part -------------- Index: src/usr.sbin/syslogd/syslogd.8 ===================================================...

Heya.. Yesterday someone "attacked" by box by connection to several ports.. In other words, a simple portscan.. yet, since my box has "log_in_vain" enabled, so it tries to log everything to /var/log/messages, since the logfile got full and the size went over 100K, it tried to rotate the log to save diskspace. (Apr 16 21:00:00 omikron newsyslog[32137]: logfile turned over due

...sed. The '%' character can have the same special meaning as it does for USER or LOGNAME. I'd be willing to write the patch, but I thought I would submit the idea first. It seems so obvious to me that I worry that there is some very good reason NOT to do this. Thanks for your time. -- Crist J. Clark cjclark@home.com

[ -netters, please Cc me or security@ with replies. ] I'm running into trouble integrating dynamic racoon-based IPSec into a network with ipfw and natd. I need to be able to allow VPN access from any address from authenticated clients. I've got the dynamic VPN working, with racoon negotiating SAs and installing SPs, but the problem is that I can't tell whether an incoming packet on

Hello list. I would like to get your opinion on what is a safe multi-user environment. The scenario: We would like to offer to some customers of ours some sort of network backup/archive. They would put daily or weekly backups from their local machine on our server using rsync and SSH. Therefore, they all have a user account on our server. However, we must ensure that they would absolutely not be

Hi folks, I've been working on getting my WiFi network running with IPsec. I'm at the point where all traffic on the wifi subnet is encrypted (i.e. ESP). Then I tried to add AH to the equation. I failed. This picture describes the network setup: http://beta.freebsddiary.org/images/ipsec-wireless.gif Here's what I'm trying and failing with. With these rules, I get no

Hi Christobal, We have been using Webalizer Version 2.10 - Streaming extention. It's not ideal and old but it works. Regards, K-J Op 23 nov 2010, om 20:40 heeft Crist?bal Palmer het volgende geschreven: > Hello all, > > We (at ibiblio.org) are evaluating several projects and products for > getting good analytics from icecast. Specifically, we have explored > cacti and awstats. I am writing because I would like users of this > list to send me...

....com ----- Delivered-To: firewall-wizards at fraggle.nfr.net Delivered-To: firewall-wizards at nfr.net Date: Thu, 15 Feb 2001 15:09:32 -0800 (PST) From: <beldridg at best.com> To: "Marcus J. Ranum" <mjr at nfr.com> Cc: Darren Reed <darrenr at reed.wattle.id.au>, Crist Clark <crist.clark at globalstar.com>, <capegeo at opengroup.org>, <firewall-wizards at nfr.net>, <miedaner at twcny.rr.com> Subject: Re: [fw-wiz] SecureID vs Certificates In-Reply-To: <5.0.2.1.2.20010215153231.00a590c0 at fraggle.nfr.com> Errors-To: firewall-w...

Hi! I'm trying to increase security on my FreeBSD 4.8 firewall/DSL router/VPN router. My problem is with firewalling the VPN part. I'm using a tunnel to a RedHat 7.1 box running FreeS/WAN. This tunnel allows traffic from my internal net (172.17.0.0/24) to that box only: spdadd 172.17.0.0/24 $REDHAT/32 any -P out ipsec esp/tunnel/$MYADDR-$REDHAT/unique; spdadd $REDHAT/32 172.17.0.0/24

...this can be done for postgresql? Thanks for any suggestions, Duncan -- Dr Duncan Golicher Conservaci?n y Restauraci?n de los bosques de Chiapas Ecolog?a y system?tica terrestre Conservaci?n de la Biodiversidad El Colegio de la Frontera Sur Carretera Panamericana y Perif?rico Sur s/n 29290 San Crist?bal de las Casas, Chiapas 967 67 49000 ext 1310 Email: dgoliche at ecosur.mx Skype: duncangolicher WebLog http://duncanjg.wordpress.com/ Using Thunderbird on Ubuntu Hardy 8.04

...============== > Bi?logo > Mestre em Biologia Animal (UNESP) > Laborat?rio de Ecologia Animal > Departamento de Zoologia e Bot?nica > Instituto de Bioci?ncias, Letras e Ci?ncias Exatas > Universidade Estadual Paulista - UNESP > S?o Jos? do Rio Preto-SP > Brazil > > Rua Crist?v?o Colombo, 2265 > Jardim Nazareth - 15054-000 > > *Skype*: diogoprovete > *MSN*: diogoprov at yahoo.com.br > > *Personal web page <https://sites.google.com/site/diogoprovetepage/>* > > Traduza conosco: > <<<American Journal Experts>>> <http:/...

...e feeling. 5) For those of us using automatic updating systems, having modules and kernels out of sync is bad potentially, so NO_KLD helps keep that from being an issue. Just my thoughts, we will be patching roughly 5,000 machines for this in our first round of deployments. Deepak Jain AiNET Crist J. Clark wrote: > On Sat, Sep 08, 2001 at 10:53:08AM -0500, D J Hawkey Jr wrote: > >>On Sep 08, at 06:37 PM, Peter Pentchev wrote: >> >>>>Q: Can the kernel be "forced" to load a module from within itself? That >>>>is, does a cracker need to be i...

Security pundits have been warning about the dangers implicit with Web services for years. A good starting point for understanding the security issues related to Web services can be found at: http://searchwebservices.techtarget.com/originalContent/0,289142,sid26_gci872720,00.html Of course to really understand the security risks posed by Web services, you need to understand the basics of Web

Can anyone help with this. Bridge is enabled, even in sysctl. Firewall is enabled and configured. But my reality is done this way.. Cisco (NATing 192.168.1.0/24) ---- Freebsd Bridge (Public IP) ------ stations (Public IP) (NATing 172.16.0.0/24 192.168.1.xx or something similar) 172.16.0.xx and on one public IP one

http://www.uniras.gov.uk/vuls/2004/236929/index.htm ----Quote---- "The impact of this vulnerability varies by vendor and application, but in some deployment scenarios it is rated critical. Please see the vendor section below for further information. Alternatively contact your vendor for product specific information. If exploited, the vulnerability could allow an attacker to create a

Dear list! I have a little problem, trying to enable logging of deny rule. I have enabled it via kernel: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=3 It is ipfw2. After that, my inten- tion was to use syslogd and !ipfw *.* /var/log/ipfw.log and newsyslog with /var/log/ipfw.log 600 3 100 * J In rc.conf I have firewall_enable="YES"

Hello, ctags(1) uses external application sort(1) for sorting the tags file. It calls it via system(3) function. Look at the /usr/src/usr.bin/ctags/ctags.c file, there are such lines here: if (uflag) { (void)asprintf(&cmd, "sort -o %s %s", outfile, outfile); if (cmd == NULL) err(1, "out of space"); system(cmd); free(cmd); cmd = NULL; } This code will be

I believe that I'm having some problems with a Zip 100 drive and the "new" (not really so new anymore) ATA driver. I added a Zip and a new CD-R device to a system over the weekend. The BIOS identifies all of the new devices just fine, but when I boot FreeBSD (the only OS on the system), I get to the ATA probes and things lockup (these are from notes, not exact), ad2: READ command