search for: giorgos

Hello, we have a pair of IBM P570 servers running RHEL5.2 kernel 2.6.18-92.el5.ppc64 We have Oracle RAC on ocfs2 storage ocfs2 is 1.4.7-1 for the above kernel (downloaded from oracle oss site) Recently both servers have been crashing with the following error: Assertion failure in journal_dirty_metadata() at fs/jbd/transaction.c:1130: "handle->h_buffer_credits > 0" kernel BUG in

Aloha! (I've Googled around a bit, but failed to find much previous posts about this though I'm sure it has been discussed...) Have anybody (in core etc) considered adding a sudo implementation to thr FreeBSD base system. At least for me, sudo is an important part of implementing good security policy in FreeBSD. Yes, it is available as a port, but in a similar fashion of for example,

root@vigilante /root cuaa1# man init |tail -n 130 |head -n 5 3 Network secure mode - same as highly secure mode, plus IP packet filter rules (see ipfw(8) and ipfirewall(4)) cannot be changed and dummynet(4) configuration cannot be adjusted. root@vigilante /root cuaa1# sysctl -a |grep secure kern.securelevel: 3 root@vigilante /root cuaa1# ipfw show 00100 0 0 allow

How 'bout PAM? /usr/ports/security/pam_ldap. If you have machines that can't do PAM, perhaps NIS is the way to go (assuming, of course, you're behind a firewall). You can store login information in LDAP like you want, then use a home-grown script to extract the information to a NIS map. Or, if you have a Solaris 8 machine lying around, you can cut out the middle step and use

Hi, I''m trying to compile iproute with my fresh kernel 2.6.3, it works well with 2.6.2 but impossible with this one. My version of gcc is 3.3.3 and the version of iproute2 is iproute2-2.4.7-now-ss010824. Any suggestion ? make[1]: Entering directory `/usr/src/iproute2/lib'' gcc -D_GNU_SOURCE -O2 -Wstrict-prototypes -Wall -Werror -g -I../include-glibc -include

Hello, Suppose that every day cron runs this: rsync -a --times --delete $HOME /my/backups/dir/latest In general, rsync will only update a file if it has been modified. Now, imagine that one of the files becomes corrupted in the backup directory, but the timestamp hasn't changed. Will rsync detect this? I am using rsync in a backup solution which could be summarized to: cd

Hello, this is my first time sending to this list. I tried to found the most appropriate place to ask my question, and the most matching list was this. I hope not to be off-topic. Today, I tried to make a yum update to my centos machines, and I got an error for the updates channel. The error was: Metadata file does not match checksum Is there an issue on this?

Max Okumoto <okumoto@ucsd.edu> wrote: [CC changed to freebsd-security instead of the cvs list] We're talking about replacing the home-grown mkfifo() funktion in make (a modified copy of mkstemp()) with mkdtemp() and creating the fifo in this new directory. Max worries about a possible race with this new approach. > Its not a race between two nice programs :-) The function

Hi, > On Sat, Nov 20, 2004 at 01:32:15PM -0500, Francisco Reyes wrote: >> I have a grown list of IPs that I am "deny ip from ###.### to any". Infected machines, hackers, etc.. >> >> Is there a way to have this list outside of rc.firewall and just read it in? > from man ipfw LOOKUP TABLES Lookup tables are useful to handle large sparse address sets, typically

Heya folks First of all, sorry if this isn't the correct list, but yet, I think spam is a kind of network attack and should be treated as a security issue.. I run a working mail server using Postfix, MySQL, Courier-IMAP, SpamAssassin and ClamAV (amavisd-new) .. I've checked the configuration file for SpamAssassin, but yet I havn't find any good solution for spam.. Sure, spam will

Hello, For some reason, I thought little about the "clear" command today.. Let's say a privileged user (root) logs on, edit a sensitive file (e.g, a file containing a password, running vipw, etc) .. then runs clear and logout. Then anyone can press the scroll-lock command, scroll back up and read the sensitive information.. Isn't "clear" ment to clear the

Hello security folks I (not so) recently asked for volunteers to the security documentation project. I got delightfully large number of volunteers! Thank you! Right now I have some personal (medical) issues to deal with, and I'll be out of town for the next 2 weeks. When I get back, we can move ahead at top speed. The project will have 3 parts. FAQ: This will cover any kind of basic

Hello everyone! Could you tell me if FreeBSD supports memory page nulling when releasing it to prevent unauthorized access to data left in the page after it's allocated again. If it does, what sys calls etc provide that? IMHO this is an important issue when operating data with different sensivity levels. Thanks in advance. Nick

Hi, [I have added freebsd-security to recipient list as I consider this issue a security risk] Paul Schenkeveld wrote: > Hello, > > On Fri, Jul 14, 2006 at 01:26:38PM +0300, Ari Suutari wrote: >> Hi, >> >> Does anyone know if there are any plans to bring >> pf boot-time protection (ie. /etc/rc.d/pf_boot and >> related config files) from NetBSD to FreeBSD

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:01.texindex Security Advisory The FreeBSD Project Topic: Texindex temporary file privilege escalation Category: contrib Module: texinfo

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:21.openssl Security Advisory The FreeBSD Project Topic: Potential SSL 2.0 rollback Category: contrib Module: openssl Announced: 2005-10-11

What is the maximum transfer rate allowed for rsync? I mean the limitations? I can't get more than 50Mbit speed in my gigabit lan, with rsync server or with ssh. ftp transfers reach >400Mbit , so it is not a lan or nic problem. Maybe it has something to do with my cpu limitations? or the limitations for rsync is the 50Mb/s? Here is my rsyncd.conf if it helps > # by gourgi > max