Displaying 8 results from an estimated 8 matches for "ranum".
2001 Feb 16
0
[beldridg@best.com: Re: [fw-wiz] SecureID vs Certificates]
...| possible worlds. A pessimist is sure of it!
----- Forwarded message from beldridg at best.com -----
Delivered-To: firewall-wizards at fraggle.nfr.net
Delivered-To: firewall-wizards at nfr.net
Date: Thu, 15 Feb 2001 15:09:32 -0800 (PST)
From: <beldridg at best.com>
To: "Marcus J. Ranum" <mjr at nfr.com>
Cc: Darren Reed <darrenr at reed.wattle.id.au>,
Crist Clark <crist.clark at globalstar.com>, <capegeo at opengroup.org>,
<firewall-wizards at nfr.net>, <miedaner at twcny.rr.com>
Subject: Re: [fw-wiz] SecureID vs Certificate...
2017 Mar 16
2
Veto files used to allow only one extension to be written to the share
Good night.
I am behind a way so that in my backup share it is possible to only write
files in the format of the application that I use to execute the backup
routines, for this I searched the internet for a solution that works like
Allow Files, however it is Complicated to find.
Talking on forums a user informed me that he could use the parameter to
follow in smb.conf, however in my tests it did
2023 Mar 18
1
Minimize sshd log clutter/spam from unauthenticated connections
...s from your main logstream, but put them into either a script directly,
or a separate file and have a script run against it. Have the script report the
number of these messgaes that you get in a time period (minute, hour, whatever
you want) and log that count back into your log stream
as Marcus Ranum said in his Artificial Ignorance writeup, the number of times
that an uninteresting thing happens can be interesting.
If you see a big spike (or drop) is these attempts, it can indicate cause for
concern.
David Lang
On Sat,
18 Mar 2023, Carsten Andrich wrote:
> Date: Sat, 18 Mar 2023 13...
2023 Mar 18
3
Minimize sshd log clutter/spam from unauthenticated connections
...t put them into either a
> script directly, or a separate file and have a script run against it.
> Have the script report the number of these messgaes that you get in a
> time period (minute, hour, whatever you want) and log that count back
> into your log stream
>
> as Marcus Ranum said in his Artificial Ignorance writeup, the number
> of times that an uninteresting thing happens can be interesting.
>
> If you see a big spike (or drop) is these attempts, it can indicate
> cause for concern.
I run Debian with systemd-journald instead of rsyslog. AFAIK journald...
2006 Mar 29
1
Custom Quotas
...t. Any information you could provide
on updating a quota in a third party system would be much appreciated.
Thanks for you help.
Andrew
andrew at myinternet.com.au
--
"If we don't have time to do it correctly now, will we have time to do it over
once it's broken?"
http://www.ranum.com/security/computer_security/editorials/dumb/
1999 Mar 21
0
USENIX Annual Conference, June 6-11, Monterey, Calif
...great talks and tutorials.
An excellent way to get up-to-date with the state of affairs in the UNIX
world."
David C. Todd, BBN Technologies, 1998 Attendee
TRAINING AT A SERIOUS LEVEL
Choose from 24 tutorials over three days. Eric Allman, Tom Christiansen,
Peter Galvin, Evi Nemeth, and Marcus Ranum are among the superb instructors.
OPEN SOURCE SOFTWARE TECHNICAL FORUM
The FREENIX track examines open source software's latest developments and
most interesting applications. Peer-refereed papers, expert talks, and
evening sessions will be led by the likes of Linus Torvalds, Richard
Stallman,...
2023 Mar 18
4
Minimize sshd log clutter/spam from unauthenticated connections
Dear OpenSSH developers,
a publicly accessible sshd on port 22 generates a lot of log clutter
from unauthenticated connections. For an exemplary host on a university
network, sshd accumulates 5~20k log lines on a single day (more than 90%
of the total amount of syslog lines). That is despite the host having a
restricted configuration (no SSH password authentication, firewall rate
limit for
2006 Sep 07
3
comments on handbook chapter
...ing to investigate and clean. For example, I know someone with
a rootkit that he can install to flash on an add-in card for a device that has
DMA access to main memory. For this reason, I usually recommend
on prevention as a first priority, and detection as a second priority.
For example, Markus Ranum said he once recompiled ls to reboot if it is run
by root. Another trick involves recompiling /bin/sh to check to see if it
has a tty (shells spawned by network daemons will generally not).
Perhaps there is some way to locate any part of the kernel that performs
access control and optionally klog...