search for: elvandar

...try, If you remain unsure, it is best to reinstall the system to be sure that a fresh and newly updated (yeah update it when installed :)) system is not compromised at that time.. loads of work, but it gives you some relief to know that it's clean. GoodLuck! -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van: freebsd-security-bounces@lists.elvandar.org [mailto:freebsd-security-bounces@lists.elvandar.org]Namens Mark Ogden Verzonden: dinsdag 27 januari 2004 21:28 Aan: Peter...

er.... How to block Arp PAckages? []s

forgot this addr. -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van: Remko Lodder [mailto:remko@elvandar.org] Verzonden: vrijdag 23 januari 2004 10:53 Aan: Nick Twaddell Onderwerp: RE: [Freebsd-security] ipfw + named problem did you...

...vise is that you reinstall. IF your host is indeed owned, then you are a lot further away then just reinstalling, god knows what issues can arrise when a cracker exploits the system to do bogus tasks.. Then i say: Too bad for your time, sorry but it's like that -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van: Peter Rosa [mailto:prosa@pro.sk] Verzonden: dinsdag 27 januari 2004 21:46 Aan: Remko Lodder; Mark Ogden CC: freebsd-security@freebsd.org Onderwerp: Re: [Freebsd-secu...

Howyd all? Seems that I have been routed. Possibly by a physical B&E, but who knows? Probably some of you do.... anyways, some politically sensitive email was deleted from a user account and the line low -tr & inserted into my .xinitrc . Duncan (Dhu) Campbell

...limit syn connections (again i don't know how it's done since i dont have any experience with it, but it can do it) Also you can use stuff like snmp for example to monitor traffic in combination with mrtg that is a good start. Hope it helped you a little, -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van: freebsd-security-bounces@lists.elvandar.org [mailto:freebsd-security-bounces@lists.elvandar.org]Namens Spades Verzonden: zaterdag 7 februari 2004 7:29 Aan: freebsd-s...

yes unless you use the version as of :> 2004-03-02 17:24:46 UTC (RELENG_5_2, 5.2.1-RELEASE-p1) check it out with uname -a if it does not say -p1 it affects you. My guess, you are affected :) cheers -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van: freebsd-security-bounces@lists.elvandar.org [mailto:freebsd-security-bounces@lists.elvandar.org]Namens Daniel Spielman Verzonden: dinsdag 2 maart 2004 21:06 Aan: fre...

Hello, My company has been asked to help with the upgrade of several Freebsd systems that are pretty old. The customer is running a file server samba also running apache running FBSD 4.2, he wants to upgrade using cvsup & the make buildworld procedure to upgrade to 5.x. Im very familier with the make buildworld procedure however there have been significant changes between 4.2 & 5.x so is

...ed access. you are of the opinion that ICMP PING is not the cause of spam mailrelaying. could I ask you if my Apple mac is any risk due to the PING portal being open? if so would you advice me on what to do? Thanks again. Sam On Sunday, June 03, 2007, at 11:30PM, "Remko Lodder" <remko@elvandar.org> wrote: >Hello Sam, > >First of all thank you for taking the time to email the FreeBSD >Security Team. I feel however that this is not the right place >to help you out here. I think you are better of on the >freebsd-security@FreeBSD.org mailinglist instead of the Security T...

Hi, FYI, Red Hat released an advisory today about a vulnerability in Ruby. So far it doesn't appear in the VuXML, but am I correct in presuming it will soon? https://rhn.redhat.com/errata/RHSA-2006-0604.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694 cheers, -- Joel Hatton -- Infrastructure Manager | Hotline: +61 7 3365 4417 AusCERT - Australia's national

Hi! Since linux-flashplugin7 r63 is vulnerable according to http://vuxml.FreeBSD.org/7c75d48c-429b-11db-afae-000c6ec775d9.html isn't www/linux-seamonkey vulerable, too (it seems to include 7 r25)? Bye Arne __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com

Hello list. I would like to get your opinion on what is a safe multi-user environment. The scenario: We would like to offer to some customers of ours some sort of network backup/archive. They would put daily or weekly backups from their local machine on our server using rsync and SSH. Therefore, they all have a user account on our server. However, we must ensure that they would absolutely not be

In my recent security email, I got the following errors: cantona.dnswatchdog.com login failures: Aug 20 02:37:19 cantona sshd[9444]: fatal: Write failed: Operation not permitted Aug 20 04:30:42 cantona sshd[16142]: fatal: Write failed: Operation not permitted Aug 20 21:21:51 cantona sshd[45716]: fatal: Write failed: Operation not permitted So three questions: What is it? Should I be worried?

I did not see any commits to the OpenSSL code, recently; is anybody going to commit the fix? See http://www.securityfocus.com/archive/1/480855/30/0 for details ... Regards, STefan

Hi all again, I must add, there are no log entries after June 9, 2004. "LKM" message first apeared June 8, 2004, after this day, there is nothing in /var/messages, /var/security ..... How could I look for suspicious LKM module ? How could I find it, if the machine is hacked and I can not believe "ls", "find" etc. commands ? Peter Rosa

Colin, good day! Spotted two patches for x11-servers/xorg-server port: see entries for x11r6.9.0-dbe-render.diff and x11r6.9.0-cidfonts.diff at http://xorg.freedesktop.org/releases/X11R6.9.0/patches/index.html Seems like they are not applied to the xorg-server-6.9.0_5. May be it should be added to the VuXML document? There is a ports/107733 issue that incorporates these patches. May be you

http://www.isc.org/sw/bind/view/?release=9.3.4 SECURITY ADVISORIES * CVE-2006-4095 CERT Vulnerability Note VU#915404 NISCC 172003 * CVE-2006-4096 CERT Vulnerability Note VU#697164 NISCC 172003 * CAN-2005-0034 NISCC-UNIRAS 20050125-00059 CERT Vulnerability Note VU#938617 [ODiP] == Dmitry Grigorovich

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:06.tcpdump Security Advisory The FreeBSD Project Topic: Buffer overflow in tcpdump(1) Category: contrib Module: tcpdump Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:06.tcpdump Security Advisory The FreeBSD Project Topic: Buffer overflow in tcpdump(1) Category: contrib Module: tcpdump Announced:

pulling my hair out... If I rm -fr /root/.spamassassin/* then sa-learn a bunch of messages, it works... ]# sa-learn --dump magic 0.000 0 3 0 non-token data: bayes db version 0.000 0 3997 0 non-token data: nspam 0.000 0 0 0 non-token data: nham 0.000 0 202022 0 non-token data: ntokens 0.000