Displaying 15 results from an estimated 15 matches for "patpro".
Did you mean:
pathto
2003 Aug 24
2
weird problem with chkrootkit and checksums
...=
7fbd1e72a5795b038b16ece37df13ee0
$ md5 /usr/bin/netstat
MD5 (/usr/bin/netstat) = 77bd719216a4bca383333a420b2d9501
So I guess it's a normal behavior. Can someone please explain to me why
original binaries (/usr/obj/usr/src/) don't have the same checksum than
installed binaries ?
thanks,
patpro
2004 Feb 11
5
Question about securelevel
I've read about securelevel in the mailing list archive, and found some
pitfalls (and seems to me to be discarded soon).
But According to me, the following configuration should offer a good
security:
- mount root fs read only at boot;
- set securelevel to 3;
- do not permit to unmount/remount roots fs read-write (now it is possible
by means of "mount -uw /");
- the only way to make
2011 Jun 29
1
More questions about audit
Hello, Freebsd-security.
I'm grepping all sources for programs, which support audit and found
strange thing:
find . -name '*.c*' -print | \
grep -v -E '^./(sys|contrib/openbsm|tools/regression)' | \
xargs grep -E "\<(audit|au_)"
shows, that only login(1), su(1), id(1) and sshd(1) uses audit. And
even sshd(8) raise question: it doesn't call
2013 Jan 06
2
audit events confusion
On a rather full customer web server, I am trying to track down whose
web site script is trying to make outbound network connections when they
should not be. In /etc/security/audit_control, I added to the flags line
dir:/var/audit
flags:lo,aa,-nt
minfree:5
to log failed network connection. When I try an make an outbound
connection to something that is blocked in pf, it seems to sometimes
work.
2004 May 10
5
rate limiting sshd connections ?
Does anyone know of a way to rate limit ssh connections from an IP address
? We are starting to see more and more brute force attempts to guess
simple passwords "/usr/sbin/inetd -wWl -C 10" is nice for slowing down
attempts to services launched via inetd. Is there an equiv method for
doing this to sshd? Running from inetd has some issues supposedly.
---Mike
2004 Mar 17
2
FreeBSD Security Advisories ( openssl )
Am I correct in assuming that if I do a:
make OPENSSL_OVERWRITE_BASE=yes install clean
in /usr/ports/security/openssl ( after updating my ports tree ) that the
port will overwrite the base openssl, thus not requiring the subsequent
patch and recompile of the OS to patch this Vulnerability?
Dana
2011 Dec 23
1
FreeBSD Security Advisory FreeBSD-SA-11:09.pam_ssh
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-11:09.pam_ssh Security Advisory
The FreeBSD Project
Topic: pam_ssh improperly grants access when user account has
unencrypted SSH private keys
2004 Mar 03
5
How to monitoring activity on a card?
My setup 4.9 stable with IPFW. Machine acts as gateway for two machines.
What are my options on monitoring activity on my external card?
This morning I noticed my DSL modem activity light is blinking non-stop.
Looking at /var/log/ don't see anything suspicious.
I feel tempted to add "log" to all my ipfw pass rules, but wonder if there
isn't a better way.
I am mostly concerned
2004 Mar 02
1
Re: FreeBSD Security AdvisoryFreeBSD-SA-04:04.tcp
yes unless you use the version as of :> 2004-03-02 17:24:46
UTC (RELENG_5_2, 5.2.1-RELEASE-p1)
check it out with uname -a
if it does not say -p1
it affects you.
My guess, you are affected :)
cheers
--
Kind regards,
Remko Lodder
Elvandar.org/DSINet.org
www.mostly-harmless.nl Dutch community for helping newcomers on the
hackerscene
-----Oorspronkelijk bericht-----
Van:
2004 Sep 18
8
Attacks on ssh port
Hi,
Is there a security problem with ssh that I've missed???
Ik keep getting these hords of:
Failed password for root from 69.242.5.195 port 39239 ssh2
with all kinds of different source addresses.
They have a shot or 15 and then they are of again, but a little later on
they're back and keep clogging my logs.
Is there a "easy" way of getting these ip-numbers added to
2006 May 27
3
On what versions of FreeBSD can we unreserve ports?
On which versions of FreeBSD is it now possible to
un-reserve ports?
( I've been waiting for this since forever ... have
spent countless days - $$$ - trying to install
workarounds, only to junk them later. I've even
been paid a consulting gig to develop this, and
declined to deploy it on my own servers :-/ )
iang
2006 Jun 01
1
mac_bsdextended log information
Hey everyone,
I'm hoping someone can point me in the right direction. I'm running a 6.1 box with mac_bsdextended compiled. I've created my ugidfw rules, and all seems well in the universe.
I've got rules set up so the web process uid 80 and gid 80 can only read uid 1010 and gid 1010 owned files. When the web server tries to do something else, it throws an error such as:
2012 Dec 22
2
Strange problem with... ZFS? Disk? Controller?
Hello,
I'm running FreeBSD 9.0/amd64, pure ZFS setup, one Seagate disk
ST2000NM0011 SN02 on LSI Logic (mpt) controller.
Yes, I know that running one disk on RAID controller is a bit weird, I
have to find yet if it is possible to connect disk to internal SATA
controller.
About two days ago, system became SLOW. Disk usage is constantly 100%,
and sometimes I'm getting swap_pager:
2006 Nov 08
2
Sandboxing
Hi.
This is mostly hypothetical, just because I want to see how knowledgeable
people would go about achieving it:
I want to sandbox Mozilla Firefox. For the sake of example, I'm running it
under my own user account. The idea is that it should be allowed to
connect to the X server, it should be allowed to write to ~/.mozilla and
/tmp.
I expect some configurations would want access to audio
2013 Oct 23
2
OpenPAM/SSHD privacy hole (FreeBSD 9.2+ affected)
Hello,
I found that in the new FreeBSD 9.2 (probably in 10 also) updated OpenPAM sources.
The big embarrassment was in pam_get_authtok.c. The problem is that even without a
valid SSH login it's possible to know the server's hostname.
az at az:/home/az % ssh 1.2.3.4
Password for az at real.hostname.com:
Changes made by "des":