similar to: Tunnel-only SSH keys

Displaying 20 results from an estimated 800 matches similar to: "Tunnel-only SSH keys"

2005 Oct 28
2
Is the server portion of freebsd-update open source?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm wondering if/where I can get the server side component for freebsd-update. Presumably such a component would build and sign the binary patches and prepare them to be served via HTTP to the freebsd-update client. I need a system for distributing binary updates to a collection of customized FreeBSD machines, jails, and embedded systems.
2005 Sep 22
7
Mounting filesystems with "noexec"
Hello, I've been playing a bit with the "noexec" flag for filesystems. It can represent a substantial obstacle against the exploitation of security holes. However, I think it's not perfect yet. First thing, an attempt to execute a program from a noexec-mounted filesystem should be logged. It is either a very significant security event, or it can drive nuts an
2003 Oct 30
1
No subject
I have asked this before in -questions but due to a odd security requirement, I need the option to auto lock a normal user's account (root and those in the wheel group must be excluded) after let say, 3, login failures. I know this can cause a DoS issue but I HAVE to have the option of doing it in FreeBSD. Any info is appreciated Thanks. Mike C carlson39@llnl.gov
2003 May 28
1
FW: Question about logging.
I'm forwarding this to security@, as I'm getting no replies on ipfw@. Hope it's relevant enough for you :( ---Original Message----- From: owner-freebsd-ipfw@freebsd.org [mailto:owner-freebsd-ipfw@freebsd.org] On Behalf Of Erik Paulsen Skålerud Sent: Wednesday, May 28, 2003 1:02 AM To: ipfw@freebsd.org Subject: Question about logging. Sorry for asking this, It's probably been
2009 Jul 30
1
DNS probe sources
These source addresses are likely spoofed, but am still curious whether other FreeBSD admins saw a preponderance of DNS probes originating from Microsoft corp subnets ahead of the recent ISC bind vulnerability announcement? Roger Marquis Jul 28 16:51:23 PDT named[...]: client 94.245.67.253#10546: query (cache) 'output.txt/A/IN' denied Jul 28 16:51:23 PDT named[...]: client
2005 Nov 16
11
Need urgent help regarding security
Good Day! I think we have a serious problem. One of our old server running FreeBSD 4.9 have been compromised and is now connected to an ircd server.. 195.204.1.132.6667 ESTABLISHED However, we still haven't brought the server down in an attempt to track the intruder down. Right now we are clueless as to what we need to do.. Most of our servers are running legacy operating systems(old
2005 Jul 21
7
FW: Adding OpenBSD sudo to the FreeBSD base system?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 I really do not agree with adding it to the base system. Just because you guys use sudo does not mean other people do. In fact many people do not have a use for sudo at all. Not every one gives out root accounts. You are only adding another utility In that can possibly be used to escalate privileges. Every time I secure a system I spend some time
2003 Jun 16
4
POP daemon
What would be a good POP daemon to use? I know there are a few in the mail ports. Are they any good? What I mean by good is 'secure as possible' (is there really such thing as being totally secure / invulnerable?) Cheers
2009 Jan 15
5
How to get djbdns to start early enough to satisfy ntpd at boot?
Hi there, I've been a happy djbdns+tinydns user for many, many years. I want to keep using it, so answers of the form "bletch! Use ISC BIND the way BSD intended" will be ignored :-) Having said that, one annoying consequence of my transition some time ago to using ntpd, rather than just setting the clock once-off with ntpdate as I used to, is that the /etc/rc.d mechanism starts
2005 Apr 28
1
make installworld, permissions and labels
Just a quick question, My system is quite heavily customised with regard to permissions and MAC labels on system binaries. Is there any way to stop make installworld resetting all my customisation? At the moment I have a set of scripts to set permissions on everything but that's not exactly ideal. Mark -- PGP: http://www.darklogik.org/pub/pgp/pgp.txt B776 43DC 8A5D EAF9 2126 9A67 A7DA 390F
2005 Nov 26
7
Reflections on Trusting Trust
or "How do I know my copy of FreeBSD is the same as yours?" I have recently been meditating on the issue of validating X.509 root certificates. An obvious extension to that is validating FreeBSD itself. Under "The Cutting Edge", the handbook lists 3 methods of synchronising your personal copy of FreeBSD with the Project's copy: Anonymous CVS, CTM and CVSup. There are
2015 Oct 13
4
redistribution of isolinux binaries
I've been making my own custom RHEL / CentOS boot CDs for years, and all of the instructions for such work call out to take a distro's CD, and copy key files from it. Among those files are those that I think are associated with the the SYSLINUX/ISOLINUX project; e.g.: http://mirror.centos.org/centos/6/os/x86_64/images/ http://mirror.centos.org/centos/6/os/x86_64/isolinux/ Two
2015 Oct 13
2
redistribution of isolinux binaries
On 10/13/2015 01:40 PM, Brian Reichert wrote: > On Tue, Oct 13, 2015 at 12:51:07PM -0400, Brian Reichert wrote: >> On Tue, Oct 13, 2015 at 11:42:08AM -0500, Johnny Hughes wrote: >>> The info you are looking at there is for CentOS-7 .. the syslinux for >>> CentOS-6 is here: >>> >>>
2015 Oct 13
2
redistribution of isolinux binaries
On Tue, Oct 13, 2015 at 11:42:08AM -0500, Johnny Hughes wrote: > The info you are looking at there is for CentOS-7 .. the syslinux for > CentOS-6 is here: > > http://vault.centos.org/6.7/os/Source/SPackages/syslinux-4.04-3.el6.src.rpm > > The CentOS team did not modify that source code, we just built it as is. > > That source code produces the syslinux binary used by
2015 Oct 13
2
redistribution of isolinux binaries
On Tue, Oct 13, 2015 at 12:03:00PM -0400, Jonathan Billings wrote: > On Tue, Oct 13, 2015 at 11:38:06AM -0400, Brian Reichert wrote: > > Does anyone have any insight on these topics, or, at the very least, > > a better forum to pursue them? > > The patches used to build the latest syslinux package for CentOS7 are > here: > >
2019 Feb 12
3
weird RPM dependency error; '/bin/sh' needed, but is provided
First off, I have to admit that I'm uncertain if this is the appropriate forum; I'd be happy for suggestions about where else to look. I'm doing this work on a stock install of CentOS-7-x86_64-Minimal-1810.iso, with no updates. I'm trying to create an RPM database from a custom set of RPMs. One RPM ('openldap-ltb' from the LDAP Tool Box project (ltb-project.org) has a
2006 May 26
3
Integrating ProPolice/SSP into FreeBSD
Hi, first sorry for cross-posting but I thought this patch might interest -CURRENT users as well as people concerned by security. I wrote a patch that integrates ProPolice/SSP into FreeBSD, one step further than it has been realized so far. It is available here : http://tataz.chchile.org/~tataz/FreeBSD/SSP/ Everything is explained on the web page, but I will repeat some informations here.
2015 Oct 13
1
redistribution of isolinux binaries
On Tue, Oct 13, 2015 at 03:18:16PM -0500, Johnny Hughes wrote: > On 10/13/2015 01:40 PM, Brian Reichert wrote: > > On Tue, Oct 13, 2015 at 12:51:07PM -0400, Brian Reichert wrote: > >> On Tue, Oct 13, 2015 at 11:42:08AM -0500, Johnny Hughes wrote: > >>> The info you are looking at there is for CentOS-7 .. the syslinux for > >>> CentOS-6 is here: >
2009 Aug 25
11
[Bug 23495] New: nouveau KMS produces no output on a Dell 3008WFP monitor
http://bugs.freedesktop.org/show_bug.cgi?id=23495 Summary: nouveau KMS produces no output on a Dell 3008WFP monitor Product: xorg Version: unspecified Platform: x86-64 (AMD64) OS/Version: Linux (All) Status: NEW Severity: normal Priority: medium Component: Driver/nouveau AssignedTo: nouveau at
2005 May 23
2
How to setup IPSec tunnel between FreeBSD and Linux systems...?
Hi, I am trying to setup ipsec tunnel between Freebsd (host1) and Linux (host2) systems.And I also interested in executing some ipsec test cases( Like TAHI conformance test suite) on the same connection. Please, suggest me some details regarding this setup and Specify any materials which can be obtained from from any locations(site).. I have enabled IPSec support for FreeBSD (4.11 Release) and