similar to: Check integrity or rootkits on remote server?

Hello, I have seen via google that this very problem was already discussed on this and other lists some months ago, but the archives report no solution. I have dovecot 1.0-0_12.beta8 on Centos 4.3. IMAP works just fine: I can read email from both Squirrelmail via web and Kmail. Now I have created an ssl certificate and I'm trying to use it via pop3. When I launch fetchmail I get the error

I have a remote server running centos 4.3 and a home desktop running suse 10.1. I have generated an SSL certificate on the server, copied it on the desktop and run on the desktop: >openssl x509 -in mynewcertCert.pem -fingerprint -subject -issuer -serial -hash -noout >c_rehash . getting this warning: > > Doing . > WARNING: mynewcertPrivateKey.pem does not contain a certificate or

Hi all, I need to install an anti-rootkid in a lot of servers. I know that there're several options: tripwire, aide, chkrootkit... ?What do you prefer? Obviously, I have to define my needs: - easy setup and configuration - actively developed -- Thanks, Jordi Espasa Clofent

Hello, about one hour ago, I did a "yum update" on a remote centos 4.3 server. It said: Install 2 Package(s) Update 60 Package(s) Remove 0 Package(s) Total download size: 103 M Is this ok [y/N]: y then, after downloading: Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Running Transaction Updating : libgcc

Hello, I've read on several howtos that one way to make ssh more secure, or at least reduce the damage if somebody breaks in, is to NOT allow direct ssh login from root, but allow logins from another user. So you have to know two passwords in order to do any real damage. Does this make sense? IF yes, what is the right way to create an user only for this purpose, that is one that can only

Hello, a couple of months ago, also thanks to help from this list, I set up postfix and dovecot for virtual domains on a Centos 4 remote server. I have postfix set up to deliver all email for marco at domain1.net to /var/mail/vhosts/marco_domain1.net/ Everything is fine, as far as postfix is concerned: all email to marco at domain1.net goes in that mailbox, dovecot sees it, etc... Now I need

Hello, I have not clear, due to the new syntax, how to configure dovecot 1.0 to listen only for the following combinations of ports and services: no pop3, from whatever host accept imap connections only if coming from localhost (since I understand this is secure _and_ the only way to make squirrelmail talk to dovecot) listen on the internet only for imaps and pop3s connections, accept them

In short, the reason considering (and still only considering) turning it off is to make tripwire usable again (security vs. performance, I guess). Is it possible to completely turn it off system-wide? Any additional steps needed on the existing system (that already have half of the binaries prelinked)? What order of performance degradation to expect? If it is minor, nobody is going to cry

...on Centos 4.3? Or a stand alone RPM, if no yum install is available? TIA, Marco -- Marco Fioretti mfioretti, at the server mclink.it Fedora Core 3 for low memory http://www.rule-project.org/ Non si puo' campare con le idee che fanno la coda nel cervello, senza riuscire a uscirne, altrimenti sono talmente strette che si prendono a gomitate facendoti venire il mal

Hi, I literally have about 36 machines running CentOS on a private network, and will probably change the remaining 30 or so away from Whitebox or RH in the near term. One thing I just noticed was when I tried to search out Tripwire RPM's, that none seemed evident. Can anyone point me in the direction of an Tripwire RPM that works with CentOS 4.3, or advise me on how to create one from the

Greetings, I would like to install Postfix 2.3 or 2.4 (I need support for SASL authentication via Dovecot) on a Centos 4.4 server. I have already found rpm packages at http://postfix.wl0.org/en/available-packages/ and pages about using the centosplus repo for postfix. Before launching rpm or yum, however, I'd like to ask the list which way you think is the best way to do this. By

Hello, this is a follow-up to the thread "Fetchmail can't talk to dovecot" http://www.dovecot.org/list/dovecot/2006-September/016477.html Increasing the log level I get this in the log filed: Sep 30 15:04:19 fm dovecot: Dovecot v1.0.rc7 starting up Sep 30 15:04:22 fm dovecot: auth(default): passwd-file /etc/dovecot_user_file: Read 1 users Sep 30 15:05:05 fm dovecot: auth(default):

Hello, I may need to set up soon a Linux VPS, to be used almost exclusively for handling email (as in "2GB of disk space, 2GB/month of bandwidth would be surely enough") with a fully customized postfix/procmail/dovecot setup. I'd prefer to use Centos, which I already use and know. One reason why I'm asking this here is that I'd really like to be sure, before I go for it,

Greetings, everybody I've browsed around a bit, but there seems to be no single practical list of this kind. What would you do to make a new Centos server which must run apache, IMAP (Dovecot) and SMTP (PostFix) and nothing else for a few domains as secure from attacks as possible, using only standard RPM packages as much as possible? (Please note that choice of other IMAP and SMTP servers

Does anybody use tripwire on centos 5? Has anybody checked that: http://www.linickx.com/archives/281/tripwire-2411-rpm-for-centos-redhat-rhel-4 on centos5? M. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hello, I have dovecot q1.0-0_22.rc7 up and running on a server: I can read email from squirrelmail just fine. When I try to download email with fetchmail, however, I get the result below. Why is that happening? In dovecot.conf I have: protocols = imap imaps pop3, so why should pop3 or imap fail? Where should I look? (I'll fix the certificates problem after I've managed to get in

I'm trying to run tripwire on a RHEL 5.4 box. I'm new to it. I'm getting errors: The object: "/ora" is on a different file system...ignoring. For one thing, it's not a different file system. It's not any different than the root partition, that tripwire will monitor. And I want tripwire to monitor it. I've been googling around, and have seen this error in

Hello all, Years ago, I used to work with tripwire for system monitoring. Last time I checked with "yum search tripwire", there is no hit. IIRC, it used to be packed by default on older Redhat distros. Any suggestion for an alternative of tripwire for my CentOS 5.6? Cheers, -- ********************************************************************** Viet Nhat General Joint Stock

Is there a redhat or contrib RPM for tripwire? I looked and didn't find one, but may not have been looking in the right place. Zebee

I am trying to get tripwire 1.2 patch level 2 on Redhat 6.2 to run out of cron and so far have failed miserably. It runs fine from the command line so I know my configuration is ok, but when it runs from cron it gets to Phase 3 and simply exits. It doesn''t generate any error messages or leave any core files laying around.