Displaying 20 results from an estimated 1000 matches similar to: "4.x, PAM, password facility"
2003 Sep 15
1
md5 salt
Hi,
I was looking at the crypt(3) manpage, and I'm having a hard time figuring
out what the allowed characters are for the salt in md5 and blowfish
encryption. For DES, it clearly states that only numbers, letters and
digits may be used.
Does anyone know the rules for md5/blowfish salt characters?
Thanks,
Charles
--
Charles Sprickman
spork@inch.com
2004 Jan 13
3
pam_chroot
Has anyone got the pam_chroot module to successfully work in FreeBSD? I
have FreeBSD 5.2-RELEASE installed. I copied the appropriate binaries and
libraries into my chroot, I can chroot -u test -g test /home/test
/usr/local/bin/bash and it works perfectly. So now I am trying to get the
pam module to work. I added
session required pam_chroot.so debug
into the
2003 Aug 06
2
Checking realpath file up to date
On the advisory about the realpath problem it says that it was corrected:
RELENG_4_8
src/UPDATING 1.73.2.80.2.3
src/lib/libc/stdlib/realpath.c 1.9.14.1
src/sys/conf/newvers.sh 1.44.2.29.2.2
I ran cvsup and when I look at my src/lib/libc/stdlib/realpath.c I see
2004 Feb 06
1
ipfw question
Dear All.
I want to use 'not' for 2 addresses (for both) in ipfw2 rule.
The only way that looks like what I need is
# ipfw add count from IP1 to not IP2,IP3
But does this rule indeed makes what I want? Does it count all
packets destined to addresses other then IP2 AND IP3?!
No other syntax works.
For example more logically correct
not IP2 AND not IP3
or even
not { IP2 or IP3 }
are
2003 May 28
1
FW: Question about logging.
I'm forwarding this to security@, as I'm getting no replies on ipfw@.
Hope it's relevant enough for you :(
---Original Message-----
From: owner-freebsd-ipfw@freebsd.org [mailto:owner-freebsd-ipfw@freebsd.org]
On Behalf Of Erik Paulsen Skålerud
Sent: Wednesday, May 28, 2003 1:02 AM
To: ipfw@freebsd.org
Subject: Question about logging.
Sorry for asking this, It's probably been
2004 Apr 07
5
Changing `security@freebsd.org' alias
Hello Folks,
The official email address for this list is
`freebsd-security@freebsd.org'. Due to convention, there is an email
alias for this list: security@freebsd.org, just as there is for
hackers@ & freebsd-hackers@, arch@ & freebsd-arch@, and so on.
The security@freebsd.org alias has been the source of occassional
problems. Several times in the past, postings have been made to
2004 Feb 19
1
[Fwd: [gentoo-announce] [ GLSA 200402-07 ] Clamav 0.65 DoSvulnerability]
Hi
The FreeBSD port has been updated for the DoS vulnerability but the
version is still
the same.
See:
http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/clamav/
David Peall
Systems Administrator
Western Cape Schools' Network
http://www.wcsn.org.za/
PO Box 44460, Claremont 7735, Cape Town
Fax +27 (021) 683-6766, Helpdesk +27 (021) 674-9140
> -----Original Message-----
> From:
2003 Sep 05
1
MD5 checksum missmatch for bpft4
Hello freebsd-security,
Apologize if it's offtopic, but:
The message digest checksum for bpft4 from ports/net/bpft does not
matchs the one printed on the sources page at
http://www.freebsd.org/cgi/pds.cgi?ports/net/bpft
My digests are 3810114b068f438cc7e8e0b1af745953 from top 6 links.
Only last ftp://rusunix.org/pub/FreeBSD/distfiles/bpft4-latest.tgz
gave the right cheksum -
2003 Jun 16
1
AC97
Hi,
I can't find any LINT file
in the /usr/src/sys/i386/conf
at my new 5.1 FreeBSD. Can u help me?
2003 Aug 05
6
Problems with JAIL in 4.8R
Hi, i've set the outside ip for the jail..It works.. When i try to ssh to
jail'ed system from the main system (in which is created jail) the
connection is successful, but when i try to connect to jailed system from
anywhere else i get this message:
ssh: connect to host IP_NUMBER port 22: Operation timed out
What can be wrong here? How to solve this problem?
2004 Jan 02
1
Questions about MAC
FreeBSD 5.1-RELEASE
Hi,
I'm examining Biba and MLS MAC policies and something is
not clear for me. Unless I'm doing something wrong,
it seems policies are enforced only for reading, but
not writing.
1) Biba
I've created test file with biba/127 label:
$ echo "Message" > file_biba_127.txt
$ setfmac biba/127 file_biba_127.txt
$ getfmac file_biba_127.txt
2003 May 12
4
xdelta files for security patches
Has xdelta (in ports under misc/xdelta) ever been considered as a means of
delivering binary patches for security updates?
It seems to be a pretty neat.
--
Regards,
Michael Nottebrock
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: signature
Url :
2004 Apr 23
2
use keep state(strict) to mitigate tcp issues?
Hi,
When deploying a BSD with IPF in at the network perimeter
and using rules like these:
pass in .. proto tcp ... keep state(strict)
it's possible to refuse tcp packets which arrive out of order.
This would increase the difficulty doing blind attack resets and blind
data injection attack, cause then you'd have to "guess" the exact expected
number. Checpoint has a similar
2003 May 27
4
multihost master.passwd sync
-----BEGIN PGP SIGNED MESSAGE-----
Just wondered if anyone had any suggestions about syncing up master.passwd
files between multiple machines that didn't involve allowing root login
remotely? The users need to be able to log in remotely and own files on the
different machines.
~~
Andy Harrison
ah##@httpsite.com
ICQ: 123472 AIM/Y!: AHinMaine
[full headers for details]
-----BEGIN PGP
2004 Jan 07
1
keystroke logging
>
>
>What do you recommend for keeping track of user
>activities? For preserving bash histories I followed
>these recommendations:
>
>http://www.defcon1.org/secure-command.html
>
Interesting reading but, as others have noted, of limited use.
Keystroke logging can be disabled by - as others have noted - either
spawning another (perhaps different) shell, using a remote
2003 Aug 24
2
weird problem with chkrootkit and checksums
Hello,
last night, my chkrootkit crontab returned an alarm message :
> Checking `lkm'... You have 1 process hidden for readdir command
> You have 2 process hidden for ps command
> Warning: Possible LKM Trojan installed
Some research on google make me think it's probably a false positive. I
tried few things :
re-launching chkrootkit : "Checking `lkm'...
[da@securityfocus.com: ISS Security Brief: ProFTPD ASCII File Remote Compromise Vulnerability (fwd)]
2003 Sep 23
2
[da@securityfocus.com: ISS Security Brief: ProFTPD ASCII File Remote Compromise Vulnerability (fwd)]
Recent proftpd security vulnerability release FYI. Ports has latest
patched proftpd distribution.
--
Jez
http://www.munk.nu/
-------------- next part --------------
An embedded message was scrubbed...
From: Dave Ahmad <da@securityfocus.com>
Subject: ISS Security Brief: ProFTPD ASCII File Remote Compromise
Vulnerability (fwd)
Date: Tue, 23 Sep 2003 10:25:54 -0600 (MDT)
Size: 4588
Url:
2004 Mar 03
2
tripwire port broken?
Dear list!
I've tried to compile
tripwire-2.3.1-2 port on
my 5.2 release. Two diffe-
rent tarballs have failed
with message, that port
was broken, all in one
sentence. No any details.
Well! Makefile has so-
mething like:
.if ${OSVERSION} >= 500000
BROKEN= "Fails to build inder 5.X"
.endif
One more:
USE_GMAKE= yes
Has someone compiled
it successfully? Is it
for a good
2003 Nov 13
2
Apache leaks sensitive info in PHP phpinfo() calls
Hi,
I wanted to get some opinions on this subject before I submit a PR about
it. I don't know if there are any pitfalls with the 'fix' I suggested
and though it best to run it past people here before submitting. If
there's a better place to post this please let me know (freebsd-ports?).
The send-pr output I was about to send explains everything so I'll just
paste it here:
2004 Sep 07
1
ACS-38 SmartCard reader
Hi,
Has anybody tried to get an ACR-38 USB smart card reader working with
the devel/pcsc-lite library under FreeBSD? The vendor, Advanced Card
Systems, seems to provide a Linux driver with sources, which I could
probably port without too much hassle (depending on the license and
such) at http://www.acs.com.hk/downloads_drivers.asp#ACR38, but neither
that page nor Google nor marc.theaimsgroup.com