search for: seifried

Displaying 20 results from an estimated 23 matches for "seifried".

1998 Jul 10
2
Re: RedHat 5.X Security Book
...n has been going on "offline" with an occasional CC to linux-security. By the time I got around to do another "moderation round" this one was the latest. Everyone is keeping good context, so I think you all will be able to follow the discussion. --REW] >>>>> <seifried@seifried.org> writes: >> The only thing I can see coming out of a "checklist" security setup >> is a false sense of security. The moment poor Joe User does >> something unanticipated or tricky, he'll be both unaware of his >> problem and unable to handle i...
1998 Jun 30
1
Patched Qpopper2.5 release Notification. (fwd)
...com [199.183.24.247]) by ferryman.ocn.nl (8.6.13/8.6.9) with SMTP id IAA23067 for <r.e.wolff@BitWizard.nl>; Wed, 8 Jul 1998 08:19:52 +0200 Received: (qmail 6509 invoked by uid 501); 8 Jul 1998 06:28:23 -0000 Received: (qmail 6485 invoked from network); 8 Jul 1998 06:28:21 -0000 Received: from seifried-gateway.powersurfr.com (HELO gateway-seifried.seifried.org) (24.108.11.202) by mail2.redhat.com with SMTP; 8 Jul 1998 06:28:21 -0000 Received: from localhost (seifried@localhost) by gateway-seifried.seifried.org (8.8.7/1.0.2) with SMTP id AAA01231 for <linux-security@redhat.com>; Wed, 8 J...
2004 Jun 02
1
xdm security hole
Hi everyone, every comment about this: http://xforce.iss.net/xforce/xfdb/16264 Didn't find any hint or patch on http://www.xfree86.org/security/. Best regards Konrad Heuer (kheuer2@gwdg.de) ____ ___ _______ GWDG / __/______ ___ / _ )/ __/ _ \ Am Fassberg / _// __/ -_) -_) _ |\ \/ // / 37077 Goettingen /_/ /_/
1998 Aug 02
0
ipportfw - security
...puters running through a SOCKS5 firewall system. There are about 120 > computers that are running on this firewall on a daily basis through 10/100 > mbit network connections. The system it is runing is only a P133 with a > SCSI hardrive. I run this at home also, and it works very well. Seifried <seifried@seifried.org> pointed out that the 2.1 kernels seem to have better network performance. Dave Cinge specifically mentioned the Linux Router Project (http://www.linuxrouter.org/) and their work in this area. He points out that traffic characteristics seem to have a significant impac...
1998 Aug 04
0
summary of responses to "firewalls, a practical question"
...puters running through a SOCKS5 firewall system. There are about 120 > computers that are running on this firewall on a daily basis through 10/100 > mbit network connections. The system it is runing is only a P133 with a > SCSI hardrive. I run this at home also, and it works very well. Seifried <seifried@seifried.org> pointed out that the 2.1 kernels seem to have better network performance. Dave Cinge specifically mentioned the Linux Router Project (http://www.linuxrouter.org/) and their work in this area. He points out that traffic characteristics seem to have a significant impac...
1998 Jun 14
14
SSH w/ttysnoop
I was wondering if anyone here has or knows how to implement ttysnoop w/ssh ?
1999 Dec 13
0
SUMMARY: IMAP security across the net
...elbing <flo@rommel.stw.uni-erlangen.de> Graham Mainwaring <graham@mhn.org> Horms <horms@vergenet.net> Iain Wade <iwade@optusnet.com.au> JP Vossen <vossenjp@netaxs.com> Jakub Skopal <jakub.skopal@sorcerer.cz> Jamie Beverly <jamie@www.how-toresource.com> Kurt Seifried <listuser@seifried.org> Matthew B. Henniges <matt@axl.net> Michael H. Warfield <mhw@wittsend.com> Peter H. Lemieux <phl@cyways.com> Petr Sulla <xsulla@informatics.muni.cz> Ren Sauceda, Computer Systems Engineer (kvsauceda@lbl.gov) Shawn Robinson <srobins1@tps.tci.te...
1998 Jul 01
4
Serious Linux 2.0.34 security problem (fwd)
---------- Forwarded message ---------- Date: Tue, 30 Jun 1998 15:10:47 +0800 From: David Luyer <luyer@UCS.UWA.EDU.AU> To: BUGTRAQ@NETSPACE.ORG Subject: Serious Linux 2.0.34 security problem I just saw this mentioned on linux-kernel and confirmed it; #include <fcntl.h> #include <errno.h> #include <stdio.h> #include <stdlib.h> #include <unistd.h> int main(int
2006 Jun 27
2
Mauchly and Levene
Hallo! I just started working with R to do the statistical analyses for my diploma thesis. I got two sets of data. Both contain repeated measures. One has only one within-subject factor with four levels. The other has one within-subject factor with two levels and one between-factor with two levels. I want to compute a Mauchly test for both sets and a Levene test for the second set. I
2004 Feb 19
2
traffic normalizer for ipfw?
Hi there, Is there some way to configure ipfw to do traffic normalizing ("scrubbing", as in ipf for OpenBSD)? Is there any tool to do it for FreeBSD firewalling? I've heard that ipf was ported on current, anything else? TIA, /Dorin. __________________________________ Do you Yahoo!? Yahoo! Mail SpamGuard - Read only the mail you want. http://antispam.yahoo.com/tools
1998 Jun 14
3
What are some programs to use to trace spoofers?
ALL, Our Primary DNS has been broken into twice in the last week. The first time it happened I noticed the hacker used named for means of gaining entry. This guy was good at hiding his/her tracks so we reinstalled the OS and left a minimum install to see if it was done again. We logged all goings on from a secure remote machine. We got the hacker''s IP address and even some of what
2002 Apr 21
3
OpenSSH Security Advisory (adv.token)
...cal users may gain privileged access for OpenSSH < 3.3 No privileged access is possible for OpenSSH with UsePrivsep enabled. 3. Solution: Apply the following patch and replace radix.c with http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/radix.c?rev=1.18 4. Credits: kurt at seifried.org for notifying the OpenSSH team. http://mantra.freeweb.hu/ Appendix: Index: bufaux.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/bufaux.c,v retrieving revision 1.24 diff -u -r1.24 bufaux.c --- bufaux.c 26 Mar 2002 15:23:40 -0000 1.24 +++...
2002 Apr 21
3
OpenSSH Security Advisory (adv.token)
...cal users may gain privileged access for OpenSSH < 3.3 No privileged access is possible for OpenSSH with UsePrivsep enabled. 3. Solution: Apply the following patch and replace radix.c with http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/radix.c?rev=1.18 4. Credits: kurt at seifried.org for notifying the OpenSSH team. http://mantra.freeweb.hu/ Appendix: Index: bufaux.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/bufaux.c,v retrieving revision 1.24 diff -u -r1.24 bufaux.c --- bufaux.c 26 Mar 2002 15:23:40 -0000 1.24 +++...
1998 Jul 08
2
Re: RedHat 5.X Security Book
>>>>> <seifried@seifried.org> writes: > I was looking around for a book specifically on Linux security a week or > two ago, and couldn''t find any. I wanted something Linux specific as > opposed to say O''Reilly''s yellow safe book. There are actually Linux-specific details in...
1998 Jun 06
21
Named update for RH 4.2 exploitable?
Someone I was speaking with this evening claimed they have installed the latest named rpms yet they are still getting exploited daily and being hacked. Do the latest rpm''s for the named 4.9.x stuff fix all the root exploits or is this person just an idiot who probably has holes elsewhere in the system?
2005 Jul 21
7
FW: Adding OpenBSD sudo to the FreeBSD base system?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 I really do not agree with adding it to the base system. Just because you guys use sudo does not mean other people do. In fact many people do not have a use for sudo at all. Not every one gives out root accounts. You are only adding another utility In that can possibly be used to escalate privileges. Every time I secure a system I spend some time
2001 Feb 07
2
DSA Fingerprints...
Hello, Questions, observations, and curiosities. Maybe this is something stupid or maybe I'm doing something wrong... But... In light of the Kurt Seifried paper on SSH and SSL, I was looking for the finger prints on my various servers and known hosts files to have a little crib sheet and maybe plug the list into a database on my palm pilot. I found that ssh-keygen lists out the fingerprints of the RSA keys just fine but fails when I try to list out f...
2005 Nov 26
7
Reflections on Trusting Trust
or "How do I know my copy of FreeBSD is the same as yours?" I have recently been meditating on the issue of validating X.509 root certificates. An obvious extension to that is validating FreeBSD itself. Under "The Cutting Edge", the handbook lists 3 methods of synchronising your personal copy of FreeBSD with the Project's copy: Anonymous CVS, CTM and CVSup. There are
1998 Aug 05
6
IP Security for Linux (IPSec)
...uld also appreciate anyone else who has experiemented with IPSec under Linux to do likewise. It''s rather simplistic to say but basically true that using IPSec would solve many many security problems and risks that we currently suffer (have you ever tried implimenting kerberoes? not fun). -seifried
2012 Sep 06
0
Re: [oss-security] Xen Security Advisory 19 - guest administrator can access qemu monitor console
...> RESOLUTION > ========== > > The attached patch against qemu-xen-traditional > (qemu-xen-4.*-testing.git) resolves this issue. > > $ sha256sum xsa19-qemu-all.patch > 19fc5ff9334e7e7ad429388850dc6e52e7062c21a677082e7a89c2f2c91365fa xsa19-qemu-all.patch > - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQIcBAEBAgAGBQJQSOgkAAoJEBYNRVNeJnmTonAP/3BTawvHhQX3HOScXFSUiIuO Sp8...