similar to: Sorry

I've had ipf working on a few 5.3 servers for quite awhile. Not too long ago some developers had to do some coding work and were coming from dynamic IP's. I (reluctantly) opened up SSH to the world. Immediately I started seeing the attacks where bots of some sort would try to break in with a variety of different users. So, I (thought) I closed it up again and told the developers to use a

Hello security folks I (not so) recently asked for volunteers to the security documentation project. I got delightfully large number of volunteers! Thank you! Right now I have some personal (medical) issues to deal with, and I'll be out of town for the next 2 weeks. When I get back, we can move ahead at top speed. The project will have 3 parts. FAQ: This will cover any kind of basic

high everyone,( in pariticular Max :-)) The configuration line in my pf.conf is: pass in quick on lo0 proto tcp from any to any port 21 flags S/SA synproxy state But: the connection is established, but the control did not seams to pass to the ftpd Sincerely yours Zhouyi Zhou

it was said: >>On Fri, Mar 18, 2005 at 08:52:30AM +1000, Timothy Smith wrote: >> http://www.securityfocus.com/bid/12825/info/ > >That URL doesn't seem to have any details. > >> openbsd and netbsd have taken action on this, but i see no >>movment in >> the freebsd camp.... > >Well, you wouldn't, on the freebsd-questions list. Security

Bellua Cyber Security Asia 2005 - http://www.bellua.com/bcs2005 Call for Papers and Workshops http://www.bellua.com/bcs2005/asia05.cfp.html From 21st - 24th March the largest information security conference in Asia will take place in Jakarta, Indonesia at the Hotel Borobudur. * 21-22 March 2005: Workshops * 23-24 March 2005: Conference Bellua will bring together over 20 researchers and

Hi All, Ok after watching all the discussion about some security documentation and teams I have come up with a few ideas that might help out some. I'm willing to program an interface at the extremefreebsd.org site (yes I know it's still new and under some work) that will allow the following: 1. A dedicated page for security related posts (articles, docs, advisories, etc) at

Hi everyone, I'm wondering about the security implications of running a CVS server with group write permission on the repository and various other configuration details. Is this an appropriate discussion for this list? If it is I have a setup I'd like some feedback on. If this is not the appropriate list please accept my apologies for the distraction. Best Regards, --Duane Whitty

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, On January 31st, FreeBSD 4.11 and FreeBSD 6.0 will have reached their End of Life dates and will no longer be supported by the FreeBSD Security Team. Users of either of these FreeBSD releases are strongly encouraged to upgrade to FreeBSD 5.5, FreeBSD 6.1, or the upcoming FreeBSD 6.2 before that date. Discussion concerning FreeBSD

Hello, I have scheduled a birds-of-a-feather (BoF) meeting at BSDcon to discuss the FreeBSD Security Officer role. Details such as time, location, and topics are posted on the BSDcon unofficial Wiki <URL: http://bsdcon.kwiki.org/index.cgi?FreeBSDSecurityOfficerBoF >. Please attend if you are interested in what the SO team does currently and in participating in and improving its

Hello All, I'd like to bring to your attention the Vulnerabilities and eXposures Markup Language (VuXML) and associated resources. VuXML is a markup language designed for the documentation of security issues within a single package collection. Since about February of this year, we have been diligently documenting vulnerabilities in FreeBSD and the FreeBSD Ports Collection using VuXML. The

Hello, I see in BugTraq that there's yet another problem with Wu-ftpd, but I see no mention of it in the freebsd-security mailing list archives...I have searched the indexes from all of June and July. Wu is pretty widely used, so I'm surprised that nobody seems to have mentioned this problem in this forum. The notice on BugTraq mentioned only Linux, not FreeBSD, but that's no

Hi, sorry for cross-mailing. Reply-to: set to freebsd-net. I have seen some discussion on freebsd-security etc. about some parts of the subject. I have seen older messages in archives. Regularly the same questions seem to come up. I have not found an all-including description of the answer to s.th. like: "Can anybody tell me the order packets get processed in kernel related to IPSec,

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Has anyone see this alert? http://www.securityfocus.com/archive/1/353352 It seems to work on Linux, but when I tried the proof of concept on 4.3.0,1 running 5.2 RELEASE, I couldn't get the X server to core dump or segmentation fault. So, it seems likely to me that FreeBSD is not vulnerable to this. Any other thoughts on this matter? John

but that's no help for me :/ andrew, john, .... no help out there :D ??? greez Leonardo Boselli wrote: Re: [Samba] SAMBA Groups and Permissions Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit sorry, but that's no help for me :/ andrew, john, .... no help out there :D ??? greez Leonardo Boselli wrote: > Il 4 Dec 2003 alle

I have searched around the lists and Google and found this HYPERLINK "http://people.freebsd.org/~pjd/patches/jail_2004120901.patch"http://people. freebsd.org/~pjd/patches/jail_2004120901.patch I was wondering if anyone know of a multiple IP patch that works with FreeBSD 5.4 I really do not understand why this is not included in the standard jail I mean sure jail is handy for

Hi, freebsd-security. I have FreeBSD 5.3-STABLE. When I try to change user's password (via passwd) I recieve the following: passwd: entry inconsistent passwd: pam_chauthtok(): error in service module passwd: in pam_sm_chauthtok(): pw_copy() failed and password stays unchanged. There are no other errors in the authorization system at all. Contents of /etc/pam.d stayed unchanged (compared to

On 9 Jul 2004 at 13:11, Daniel Brown wrote: > On the other hand, I've run across a sysadmin who always enables his > toor accounts -- and changes its shell to bash. As a result, not only > is there an alternate root account (good in case 'root' trampled on by > accident or purpose), but you can get root bash as a login shell while > leaving the real root to its normal

This was in bugtraq, and hasn't shown up in portaudit yet so I thought I would send it and the fix to you. I submitted a pr for a patch as well. (but for some reason, ir bounced) Problem #1: Clamav 87 has been found to have a security vulnerability that could lead to remote code execution Problem #2 patch patch-clamav-milter_clamav-milter.c won't

Call For Papers RUXCON would like to announce the call for papers for the third annual RUXCON conference. Breaking from the RUXCON tradition of having the conference in winter months, this year the conference will be ran during the 1st and 2nd of October. As with previous years, RUXCON will be held at the University of Technology, Sydney, Australia. The dead line for submissions is the 31st

On Wed, 2 Jan 2002, John Hay wrote: > Well I can accept your argument for -stable, although bigger changes has > gone in -stable in the past, but what about -current? My -current boxes > also still claim: "sshd version OpenSSH_2.9 FreeBSD localisations > 20011202" And this is the problem, if we don't have -current upgraded > we have little chance in getting wrinkles