Displaying 10 results from an estimated 10 matches for "nkritsky".
2003 Apr 13
1
chfn, chsh, ls, ps - INFECTED
My machine got hacked a few days ago through the samba bug. I
reinstalled everything cvsuped src-all, and ran chkrootkit. No more LKM
but still...
Can anyone please advise ?
bash-2.05b# chkrootkit | grep INFECTED
Checking `chfn'... INFECTED
Checking `chsh'... INFECTED
Checking `date'... INFECTED
Checking `ls'... INFECTED
Checking `ps'... INFECTED
--
Jay
-------------- next
2003 May 26
0
ip_input.c
...any to any via lo0
${fwcmd} add 200 deny all from any to 127.0.0.0/8
${fwcmd} add 300 deny ip from 127.0.0.0/8 to any
}
;-------------------------------------------
I think that they are talking about the same thing, no?
Best Regards.
;-------------------------------------------
; NKritsky
; mailto:nkritsky@internethelp.ru
2003 Apr 14
2
(OT) rfc1948 question
...I have read arc4 (or RC4 - they supposed
to be identical) looks quite good as SPRNG given ARC4_MAXRUNS and
ARC4_RESEED_SECONDS values are 16384 and 300s. Can anybody shed some
light on this topic or point me to the URL to read.
Any help is very good.
;-------------------------------------------
; NKritsky
; mailto:nkritsky@internethelp.ru
2003 May 30
2
IPFW logging brokeness?
I don't think I'm trying to do anything amazing, but IPFW's logging
features are giving me a real headache. I can't find much in the
archives either, but I find it hard to believe others havne't found this
too.
My rule:
add 100 allow log tcp from any to <my IP> <ports> limit src-addr 2
I want connecting parties to be able to form no more than 2 connection.
This
2003 May 26
2
sshd doing dns queries on localhost?
Hi,
I noted on my 4.7 machines that when a ssh conection is made, the
following PTR query happens (10.11.1.11 is the src address in the example):
13:23:21.120290 PUBLIC_IP.4523 > PUBLIC_IP.53: 52788+ PTR?
11.1.11.10.in-addr.arpa. (41)
13:23:21.120517 PUBLIC_IP.4524 > PUBLIC_IP.53: 52788+ PTR?
11.1.11.10.in-addr.arpa. (41)
13:23:21.120683 PUBLIC_IP.4525 > PUBLIC_IP.53: 52788+ PTR?
2003 Aug 12
1
Certification (was RE: realpath(3) et al)
Just saw this from eWeek.
"IBM, which paid roughly $500,000 for the testing, and SuSE
(pronounced "SOOS-ah") were announcing the certification
jointly. "
The article is here:
http://www.eweek.com/article2/0,3959,1212529,00.asp
--- Darren Reed <avalon@caligula.anu.edu.au> wrote:
> In some mail from twig les, sie said:
> >
> > I actually just asked
2003 Jul 28
10
IPSec
Hi All,
I need to configure a VPN between a FreeBSD-4.8 box and
a Linux (FreeS/WAN) box.
In the Linux side, the network administrator installed FreeS/WAN
with RSA authentication without IKE support.
Does anybody knows if is possible to make my FreeBSD box
connect a VPN with the Linux box?
If so, could point me to a documentation about how to install
IPSec with RSA authentication and how to make
2003 Sep 08
4
is one of my hosts a scanner?
so i just found that one of my hosts is GENERATING these probe
pairs, maybe every minute or two (note the sequence numbers):
seq my host victim(s)
--- ---------------- ---------------
24) 192.168.0.2:1121 <--> 216.52.3.2:2703
25) 192.168.0.2:1122 <--> 216.52.3.4:2703
39) 192.168.0.2:1124 <-->
2004 Jul 26
1
Cisco IOS and racoon
I am trying to get a tunnel from a cisco 1760 with IOS 12.2.15.t13 to a
freebsd 4.9 install with racoon. I have package version
freebsd-20040408a and internal version 20001216 in my log file.
I posted the full racoon and cisco log below my configs.
Racoon keeps saying:
2004-07-26 16:24:03: DEBUG: isakmp.c:2295:isakmp_printpacket(): begin.
2004-07-26 16:24:03: DEBUG:
2003 Aug 11
5
realpath(3) et al
First, I hope that this message is not considered flame bait. As someone
who has used FreeBSD for for 5+ years now, I have a genuine interest in
the integrity of our source code.
Second, I hope that this message is not taken as any form of insult or
finger pointing. Software without bugs does not exist, and I think we all
know that. Acknowledging that point and working to mitigate the risks