search for: sitetronics

I seem to remember seeing somewhere (on this list/on the web -- don't remember) that there was some ``Snort-like'' software that was available under the BSD license. Unfortunately, I'm unable to find any information about such software. Was I dreaming, or can anybody else jog my memory? :) Kind regards, Devon H. O'Dell

Hi, Could u recommend a secure ftp daemon? I want to be able to control the ports it uses.... and not to have to let all of the upper ports open. --------------------------------- Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software

...nvince a customer why to choose for FreeBSD, I always use Yahoo! as an example. They got some ridiculous traffic and that site is ultra fast. They always buy that :D So for now i dont need an audit > > > ----- Original Message ----- > From: "Devon H. O'Dell" <dodell@sitetronics.com> > To: "'twig les'" <twigles@yahoo.com>; <security@freebsd.org> > Sent: Tuesday, August 12, 2003 10:32 PM > Subject: RE: Certification (was RE: realpath(3) et al) > > > > This is what I'm wondering about and what I'd like to contribu...

...my email because I posted from the wrong address... hoepfully it will get through this time. -------- Original Message -------- Subject: Re: Fwd: FreeBSD hiding security stuff Date: Fri, 04 Mar 2005 05:35:32 -0800 From: Colin Percival <cperciva@freebsd.org> To: Devon H. O'Dell <dodell@sitetronics.com> CC: mike@sentex.net, freebsd-security@freebsd.org, security-officer@dragonflybsd.org References: <1109942895.3926.71.camel@localhost.localdomain> Devon H. O'Dell wrote: > Matt (Dillon) replied stating that the aforementioned `advisory' wasn't > enough information t...

I constantly get the following error messages in /var/log/asterisk/messages: Dec 8 10:52:57 WARNING[1009521664]: File chan_iax.c, Line 3324 (iax_ack_registry): Received unsolicited registry ack from '192.168.0.1' Dec 8 10:52:57 WARNING[1009521664]: File chan_iax.c, Line 4181 (socket_read): Registration failure Where 192.168.0.1 is another asterisk server. Below are the local and

This might be more related to an Apache-security list, but as the machine is running FreeBSD, I thought I'd ask here first. In the last two weeks, I've been seeing some very strange errors in my logs a few times daily around the same times. While this happens, load averages go through the roof (I've seen 36+, which is outragous), and the machine becomes very unresponsive. First

I have a server that has been compromised. I'm running version 4.6.2 when I do >last this line comes up in the list. shutdown ~ Thu Aug 28 05:22 That was the time the server went down. There seemed to be some configuration changes. Some of the files seemed to revert back to default versions (httpd.conf, resolv.conf) Does anyone have a clue what type of

Although RAW sockets can be used when specifying the source address of packets (defeating one of the aspects of the jail) some people may find it usefull to use utilities like ping(8) or traceroute(8) from inside jails. Enclosed is a patch I have written which gives you the option of allowing prison-root to create raw sockets inside the prison, so

I administer a remote server and want to apply some of the security patches. (I assume this is the best way to go since I can't go into single-user mode to use CVsup). I have a couple of questions. First, I have installed one of the pgp ports to verify the patches. When I run it, I get this message: > File 'buffer46.patch.asc' has signature, but with no text. > Text is

Hi all, I found similar sequences in the /var/auth.log files of freebsd boxes, I supervise.: Aug 13 13:56:08 www sshd[26091]: Illegal user test from 165.21.103.20 Aug 13 13:56:11 www sshd[26093]: Illegal user guest from 165.21.103.20 Aug 13 13:56:15 www sshd[26096]: Illegal user admin from 165.21.103.20 Aug 13 13:56:18 www sshd[26103]: Illegal user admin from 165.21.103.20 Aug 13 13:56:21 www

First, I hope that this message is not considered flame bait. As someone who has used FreeBSD for for 5+ years now, I have a genuine interest in the integrity of our source code. Second, I hope that this message is not taken as any form of insult or finger pointing. Software without bugs does not exist, and I think we all know that. Acknowledging that point and working to mitigate the risks

Roger Marquis wrote: > [snip] > >It takes all of 2 seconds to generate a ssh 2 new session on a >500Mhz cpu (causing less than 20% utilization). Considering that >99% of even the most heavily loaded servers have more than enough >cpu for this task I don't really see it as an issue. > >Also, by generating a different key for each session you get better >entropy,