similar to: Default permissions of /home/user..

Dear list, A few days ago one of my machines were attacked by a DDoS-attack using UDP on random ports.. When I later on analyzed the logs, I found this in my dmesg: xl0: initialization of the rx ring failed (55) xl0: initialization of the rx ring failed (55) xl0: initialization of the rx ring failed (55) I tried to find out on google what it ment, but without any luck. What does that mean and

Hello, For some reason, I thought little about the "clear" command today.. Let's say a privileged user (root) logs on, edit a sensitive file (e.g, a file containing a password, running vipw, etc) .. then runs clear and logout. Then anyone can press the scroll-lock command, scroll back up and read the sensitive information.. Isn't "clear" ment to clear the

Heya.. By reading my /usr/local/etc/apache2/httpd.conf, I can find out that my Apache is running as the user "www" and the group "www" .. Yet, when I run sockstat, it tells me one of the forks are runned as root and listening on port 80 as well as the other forks are runned by www:www.. If I got a lot of users connecting to my server on port 80, will thier requests ever be

Hi, First of all, I know that not dropping SYN/FIN isn't really a big deal, it just makes no sense. But since it doesn't make any sense, I don't see the reason why not to discard them. I'm running pf on FreeBSD 5.4-RELEASE-p3 and I scrub any traffic. I've read some other posts on google and as far as I can tell, clearly invalid packets (like packets with SYN/RST set) is

Heya.. Yesterday someone "attacked" by box by connection to several ports.. In other words, a simple portscan.. yet, since my box has "log_in_vain" enabled, so it tries to log everything to /var/log/messages, since the logfile got full and the size went over 100K, it tried to rotate the log to save diskspace. (Apr 16 21:00:00 omikron newsyslog[32137]: logfile turned over due

https://bugzilla.mindrot.org/show_bug.cgi?id=3147 Bug ID: 3147 Summary: Confusing error message when the public key is missing. Product: Portable OpenSSH Version: -current Hardware: All OS: OpenBSD Status: NEW Severity: trivial Priority: P5 Component: ssh

Hello.. I've noticed a delay between when the security advisories are sent and when the cvsup servers, ftp mirrors and web mirrors are updated. Is this delay on purpose to give the users some time to update/patch their system(s) before it hit pages like bugtraq, etc.. or is it just a caused by the delay between when the ftp/cvsup servers are synced? Best regard, Jesper Wallin

Hi, I am using IPFW on FreeBSD 4.11 I am facing two problems: - SSH sessions timeout after a while - When I run "/sbin/ipfw -q -f flush" in the rules script all connection get reset (and I am thrown out of the box). Is this standard functioning of ipfw or do I need to change any configuration? Thanks, Siddhartha

Dear list, About a week ago, right after 5.4-RELEASE was released, I received a mail from Gentoo Linux's security announcement list about a flaw in tcpdump and gzip. Since none of them are operating system related, I assumed a -p1 and -p2 of the 5.4-RELEASE. Instead, we got a patch for the HTT security issue so I wonder, is the FreeBSD version of tcpdump and/or gzip are secured or simply

Heya folks First of all, sorry if this isn't the correct list, but yet, I think spam is a kind of network attack and should be treated as a security issue.. I run a working mail server using Postfix, MySQL, Courier-IMAP, SpamAssassin and ClamAV (amavisd-new) .. I've checked the configuration file for SpamAssassin, but yet I havn't find any good solution for spam.. Sure, spam will

Hi All, I am confused about users. IIRC, ftp users are just ordinary users on the system (/etc/passwd) Is there an add user wizard from the command-line? I dont quite get all of the steps to add a user, dont let login except FTP, etc, etc -Jason

There's been an ongoing discussion (started by Colin Percival's recent work on nologin) about environment-poisoning attacks via "login -p". I thought I saw a way to address this, but the more I learn, the uglier this looks. Maybe some of the good folks who read freebsd-security can puzzle this one out: Problem: login -p can be used to propagate environment flags in order to

Hi all, I have a samba 2.2.8a install runing on a debian woody. The samba is working fine and I am able to map shared drives. I want to use a Primary Domain Controller to authenticate users. I have included the necessary options in smb.conf, # separate domain and username with '+', like DOMAIN+username winbind separator = + # use uids from 10000 to 20000 for domain users winbind uid

Hi folks, While investigating OpenBSD's cron implementation, I found that they set the systemwide crontab (a.k.a. /etc/crontab) to be readable by the superuser only. The attached patch will bring this to FreeBSD by moving crontab out from BIN1 group and install it along with master.passwd. This change should not affect the current cron(1) behavior. Cheers, -- Xin LI <delphij frontfree

Hi, I''m running into a problem with the user type with puppet 0.20.1... this worked before with 0.19.x at least, not sure about 0.20. But I''ve got adduser.pp: <snip> define adduser($uid, $gid, $groups="users", $membership="minimum") { group { $name: gid => $gid, allowdupe => false, ensure

Hi, I wanted to get some opinions on this subject before I submit a PR about it. I don't know if there are any pitfalls with the 'fix' I suggested and though it best to run it past people here before submitting. If there's a better place to post this please let me know (freebsd-ports?). The send-pr output I was about to send explains everything so I'll just paste it here:

Hi, I've to migrate transparently a NT4 PDC to a SAMBA-LDAP-PDC with 1000 users. Each user has a roaming profile on the NT server. Of course, I want to migrate all the roaming profiles automaticaly on the Samba server without any intervention on clients ! How can do that ? How to preserve the ownership of each profile ? Thank you, -- Rapha?l Berghmans <rberghmans@arafox.com>

On Tue, 14 May 2024 06:11:01 -0700 Gregory Sloop via samba <samba at lists.samba.org> wrote: > > > > On Mon, 13 May 2024 17:10:20 -0700 > > Gregory Sloop via samba <samba at lists.samba.org> wrote: > > >> I feel like this should be super easy, and that I must be doing > >> something dumb, but I need to create another sudo user for the VM's

Hello, I am attempting to add a Redhat 9 box to our NT4 domain as a member server. I want to enumerate user and group info so I don't have to make two sets of user and group accounts. I've setup samba (version 2.2.7a) and pamd the way I think I'm supposed to, but wbinfo -u always returns 0xc0000022. I've found this particular error mentioned in a few articles, but applying the

> On Mon, 13 May 2024 17:10:20 -0700 > Gregory Sloop via samba <samba at lists.samba.org> wrote: >> I feel like this should be super easy, and that I must be doing >> something dumb, but I need to create another sudo user for the VM's >> the DC's are running on. >> I've created a "domain admin" equivalent user in AD - and perhaps >>