search for: crist

Displaying 20 results from an estimated 35 matches for "crist".

Did you mean: cris
2001 Jun 15
1
Default Path in sshd_config
...DefaultPath /opt/openssh/bin Could not be something put into the sshd_config file? Or does this exist in the code, but not (or I missed it) in the documentation? (Oh, and I still need to hack around with the manpages by hand to get them to work in Solaris, but I think that is a known issue?) -- Crist J. Clark Network Security Engineer crist.clark at globalstar.com Globalstar, L.P. (408) 933-4387 FAX: (408) 933-4926 The information contained in this e-mail message is confidential, intended only for the use of the i...
2010 Nov 23
3
analytics
...ple are getting data out of icecast and crunching it for later review/analysis. I am happy to summarize responses that people are comfortable having shared back to the list. My plan is to give a reasonable amount of time for people to compose responses and then send one summary email. Cheers, -- Crist?bal Palmer ibiblio.org metalab.unc.edu
2004 Jun 04
3
syslogd(8) Dropping Privs
...otherwise writeable, by this other user, but so what. Obviously, I may be missing something. Any interest in this? Let me know if you try it out and any successes or failures. Patches! CURRENT and RELENG_4 version attached. The documentation is included as a patch to the syslogd(8) man page. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org -------------- next part -------------- Index: src/usr.sbin/syslogd/syslogd.8 ===================================================...
2004 Apr 17
7
Is log_in_vain really good or really bad?
Heya.. Yesterday someone "attacked" by box by connection to several ports.. In other words, a simple portscan.. yet, since my box has "log_in_vain" enabled, so it tries to log everything to /var/log/messages, since the logfile got full and the size went over 100K, it tried to rotate the log to save diskspace. (Apr 16 21:00:00 omikron newsyslog[32137]: logfile turned over due
2000 Jan 31
1
Change Request: New Environmental Variable for Username
...sed. The '%' character can have the same special meaning as it does for USER or LOGNAME. I'd be willing to write the patch, but I thought I would submit the idea first. It seems so obvious to me that I worry that there is some very good reason NOT to do this. Thanks for your time. -- Crist J. Clark cjclark@home.com
2003 Oct 30
1
Using racoon-negotiated IPSec with ipfw and natd
[ -netters, please Cc me or security@ with replies. ] I'm running into trouble integrating dynamic racoon-based IPSec into a network with ipfw and natd. I need to be able to allow VPN access from any address from authenticated clients. I've got the dynamic VPN working, with racoon negotiating SAs and installing SPs, but the problem is that I can't tell whether an incoming packet on
2004 May 17
4
Multi-User Security
Hello list. I would like to get your opinion on what is a safe multi-user environment. The scenario: We would like to offer to some customers of ours some sort of network backup/archive. They would put daily or weekly backups from their local machine on our server using rsync and SSH. Therefore, they all have a user account on our server. However, we must ensure that they would absolutely not be
2004 Apr 22
2
IPsec - got ESP going, but not AH
Hi folks, I've been working on getting my WiFi network running with IPsec. I'm at the point where all traffic on the wifi subnet is encrypted (i.e. ESP). Then I tried to add AH to the equation. I failed. This picture describes the network setup: http://beta.freebsddiary.org/images/ipsec-wireless.gif Here's what I'm trying and failing with. With these rules, I get no
2010 Nov 24
0
analytics
Hi Christobal, We have been using Webalizer Version 2.10 - Streaming extention. It's not ideal and old but it works. Regards, K-J Op 23 nov 2010, om 20:40 heeft Crist?bal Palmer het volgende geschreven: > Hello all, > > We (at ibiblio.org) are evaluating several projects and products for > getting good analytics from icecast. Specifically, we have explored > cacti and awstats. I am writing because I would like users of this > list to send me...
2001 Feb 16
0
[beldridg@best.com: Re: [fw-wiz] SecureID vs Certificates]
....com ----- Delivered-To: firewall-wizards at fraggle.nfr.net Delivered-To: firewall-wizards at nfr.net Date: Thu, 15 Feb 2001 15:09:32 -0800 (PST) From: <beldridg at best.com> To: "Marcus J. Ranum" <mjr at nfr.com> Cc: Darren Reed <darrenr at reed.wattle.id.au>, Crist Clark <crist.clark at globalstar.com>, <capegeo at opengroup.org>, <firewall-wizards at nfr.net>, <miedaner at twcny.rr.com> Subject: Re: [fw-wiz] SecureID vs Certificates In-Reply-To: <5.0.2.1.2.20010215153231.00a590c0 at fraggle.nfr.com> Errors-To: firewall-w...
2003 Jun 07
1
Impossible to IPfilter this?
Hi! I'm trying to increase security on my FreeBSD 4.8 firewall/DSL router/VPN router. My problem is with firewalling the VPN part. I'm using a tunnel to a RedHat 7.1 box running FreeS/WAN. This tunnel allows traffic from my internal net (172.17.0.0/24) to that box only: spdadd 172.17.0.0/24 $REDHAT/32 any -P out ipsec esp/tunnel/$MYADDR-$REDHAT/unique; spdadd $REDHAT/32 172.17.0.0/24
2008 May 05
2
RODBC and schemas
...this can be done for postgresql? Thanks for any suggestions, Duncan -- Dr Duncan Golicher Conservaci?n y Restauraci?n de los bosques de Chiapas Ecolog?a y system?tica terrestre Conservaci?n de la Biodiversidad El Colegio de la Frontera Sur Carretera Panamericana y Perif?rico Sur s/n 29290 San Crist?bal de las Casas, Chiapas 967 67 49000 ext 1310 Email: dgoliche at ecosur.mx Skype: duncangolicher WebLog http://duncanjg.wordpress.com/ Using Thunderbird on Ubuntu Hardy 8.04
2010 Nov 26
2
multivariate analysis
...============== > Bi?logo > Mestre em Biologia Animal (UNESP) > Laborat?rio de Ecologia Animal > Departamento de Zoologia e Bot?nica > Instituto de Bioci?ncias, Letras e Ci?ncias Exatas > Universidade Estadual Paulista - UNESP > S?o Jos? do Rio Preto-SP > Brazil > > Rua Crist?v?o Colombo, 2265 > Jardim Nazareth - 15054-000 > > *Skype*: diogoprovete > *MSN*: diogoprov at yahoo.com.br > > *Personal web page <https://sites.google.com/site/diogoprovetepage/>* > > Traduza conosco: > <<<American Journal Experts>>> <http:/...
2004 Sep 29
5
Kernel-loadable Root Kits
...e feeling. 5) For those of us using automatic updating systems, having modules and kernels out of sync is bad potentially, so NO_KLD helps keep that from being an issue. Just my thoughts, we will be patching roughly 5,000 machines for this in our first round of deployments. Deepak Jain AiNET Crist J. Clark wrote: > On Sat, Sep 08, 2001 at 10:53:08AM -0500, D J Hawkey Jr wrote: > >>On Sep 08, at 06:37 PM, Peter Pentchev wrote: >> >>>>Q: Can the kernel be "forced" to load a module from within itself? That >>>>is, does a cracker need to be i...
2004 Oct 10
1
MonkeyShell: using XML-RPC for access to a remote shell
Security pundits have been warning about the dangers implicit with Web services for years. A good starting point for understanding the security issues related to Web services can be found at: http://searchwebservices.techtarget.com/originalContent/0,289142,sid26_gci872720,00.html Of course to really understand the security risks posed by Web services, you need to understand the basics of Web
2003 May 08
1
bridge and firewall
Can anyone help with this. Bridge is enabled, even in sysctl. Firewall is enabled and configured. But my reality is done this way.. Cisco (NATing 192.168.1.0/24) ---- Freebsd Bridge (Public IP) ------ stations (Public IP) (NATing 172.16.0.0/24 192.168.1.xx or something similar) 172.16.0.xx and on one public IP one
2004 Apr 20
10
TCP RST attack
http://www.uniras.gov.uk/vuls/2004/236929/index.htm ----Quote---- "The impact of this vulnerability varies by vendor and application, but in some deployment scenarios it is rated critical. Please see the vendor section below for further information. Alternatively contact your vendor for product specific information. If exploited, the vulnerability could allow an attacker to create a
2003 Nov 01
2
ipfw2 logging
Dear list! I have a little problem, trying to enable logging of deny rule. I have enabled it via kernel: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=3 It is ipfw2. After that, my inten- tion was to use syslogd and !ipfw *.* /var/log/ipfw.log and newsyslog with /var/log/ipfw.log 600 3 100 * J In rc.conf I have firewall_enable="YES"
2004 May 03
4
ctags(1) command execution vulnerability
Hello, ctags(1) uses external application sort(1) for sorting the tags file. It calls it via system(3) function. Look at the /usr/src/usr.bin/ctags/ctags.c file, there are such lines here: if (uflag) { (void)asprintf(&cmd, "sort -o %s %s", outfile, outfile); if (cmd == NULL) err(1, "out of space"); system(cmd); free(cmd); cmd = NULL; } This code will be
2003 Jun 23
1
Iomega Zip 100 Problems with "New" ATA
I believe that I'm having some problems with a Zip 100 drive and the "new" (not really so new anymore) ATA driver. I added a Zip and a new CD-R device to a system over the weekend. The BIOS identifies all of the new devices just fine, but when I boot FreeBSD (the only OS on the system), I get to the ATA probes and things lockup (these are from notes, not exact), ad2: READ command