similar to: No subject

>From owner-freebsd-ports@freebsd.org Wed Jul 5 08: 39:46 2006 Received: from spqr.komquats.com (cwfw [10.1.1.254]) by cwsys.cwsent.com (8.13.6/8.13.6) with ESMTP id k65Fdk7u034242 for <cy@cwsys.cwsent.com>; Wed, 5 Jul 2006 08:39:46 -0700 (PDT) (envelope-from owner-freebsd-ports@freebsd.org) Received: by spqr.komquats.com (Postfix) id E55BF4C60B; Wed, 5 Jul 2006 08:39:45 -0700 (PDT)

freebsd-questions@freebsd.org Cc: Bcc:gruand Subject: Re: 100.chksetuid in /etc/periodic/security resets the mashine Reply-To: In-Reply-To: <20041112173824.GT26202@horsey.gshapiro.net> Hello, kolleages! I have a problem. When I (or system) start the script 100.chksetuid in /etc/periodic/security my machine resets. The machine: Timecounter "i8254" frequency 1193182 Hz

Hi all! Short question: could anyone point me to documents regarding topics: jails! & nat & (ipfw|ip tables) - I'm in process to build a new system... Planned layout: NET---router/nat-----gateway:freebsd5.x/nat--------inner net | | | | | L- apache/php (lo_alias1) | L------ mail server (lo_alias2)

I have asked this before in -questions but due to a odd security requirement, I need the option to auto lock a normal user's account (root and those in the wheel group must be excluded) after let say, 3, login failures. I know this can cause a DoS issue but I HAVE to have the option of doing it in FreeBSD. Any info is appreciated Thanks. Mike C carlson39@llnl.gov

>From owner-majordomo Thu Dec 28 05:29:23 1995 Received: from irz301.inf.tu-dresden.de (irz301.inf.tu-dresden.de [141.76.1.11]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id FAA04159 for <announce@freebsd.org>; Thu, 28 Dec 1995 05:29:12 -0800 (PST) Received: from sax.sax.de by irz301.inf.tu-dresden.de (8.6.12/8.6.12-s1) with ESMTP id OAA04823 for

> These are false positives. I had this showing on a box of mine > (chkrootkit-0.43). And What I did was remove the binarys and resync'ed my > source > and did a new build. Yea, this is basically what I did. re'synched my sources, pulled the ethernet cable, made world, and it's still showing that. I'm pretty sure this is a false positive, but just wanted to touch base

Yeah but if you are uncertain about your own box my VERY STRONG advise is that you reinstall. IF your host is indeed owned, then you are a lot further away then just reinstalling, god knows what issues can arrise when a cracker exploits the system to do bogus tasks.. Then i say: Too bad for your time, sorry but it's like that -- Kind regards, Remko Lodder Elvandar.org/DSINet.org

The man page gives this example, however, when I attempt to use it, it ssems to block the whole set? Could someone tell me what's going wrong here please. Thanks heaps.. This works, ${fwcmd} add deny log all from any to 203.1.96.1 in via ${oif} This blocks the whole IP block, not just the list? ${fwcmd} add deny log all from any to 203.1.96.0/24{2,6-25,27-154,156-19

[This email is either empty or too large to be displayed at this time]

-- Fernando C?rdova Su?rez

Hi, I attach 2 files in this email, the first is a Makefile and the second is jail.conf. For demonstre my idea i resolved create one "Pseudo Prototyping", for test is necessary: 1 - Create dir /usr/local/basejail 2 - Copy Makefile to /usr/local/basejail 3 - Copy jail.conf to /etc 4 - The initial basejail is precompiled is distributed in CD1, for simular basejail is necessary a

forgot this addr. -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van: Remko Lodder [mailto:remko@elvandar.org] Verzonden: vrijdag 23 januari 2004 10:53 Aan: Nick Twaddell Onderwerp: RE: [Freebsd-security] ipfw + named problem did you tcpdump the packets so that you can

that only works when you are presuming that the host was not hacked already because i would clear those logs when i hacked a system :) but indeed it's a try, If you remain unsure, it is best to reinstall the system to be sure that a fresh and newly updated (yeah update it when installed :)) system is not compromised at that time.. loads of work, but it gives you some relief to know that

On Wed, 2 Jan 2002, John Hay wrote: > Well I can accept your argument for -stable, although bigger changes has > gone in -stable in the past, but what about -current? My -current boxes > also still claim: "sshd version OpenSSH_2.9 FreeBSD localisations > 20011202" And this is the problem, if we don't have -current upgraded > we have little chance in getting wrinkles

Hi I am re-sending this message to this list, because freebsd-security list could be more suitable for my question about UID / GID settings of Postfix virtual users accounts. in one sentence: "If all virtual users have same UID/GID, is there some real security risk?" Thank You and I am sorry for my bad english ================================== original message from freebsd-isp:

Hi all, I use FreeBSD for severals years and this Project now have a possibility the full security update (src) with freebsd-update, is really great for Release users but is break for Stable user. Ok !!! Exist a possibility for apply manual patch and compile issue, but for me problem existe in fix kernel issue in stable branch because is require a update for last stable and this

On Fri, 3 Sep 2004 freebsd-security-request@freebsd.org wrote: > Send freebsd-security mailing list submissions to > freebsd-security@freebsd.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.freebsd.org/mailman/listinfo/freebsd-security > or, via email, send a message with subject or body 'help' to >

Hello, Please, don't use chkrootkit 0.46 on production machines. The "chkproc" process sends a SIGXFSZ (25) signal to init, that interprets this signal as a "disaster" and reboots after a 30s sleep. I'm contacting the chkrootkit maintainer to fix this problem. Sorry, Cordeiro

Forwarded message: > From R.v.Gogh@kappe-int.com Wed Mar 3 07:54:28 2004 > Message-ID: <0FDD52D38220D611B7CC0004763B37441B2572@HNTS-04> > From: "Gogh, Ruben van" <R.v.Gogh@kappe-int.com> > To: Darren Reed <avalon@caligula.anu.edu.au> > Subject: RE: IPFilter and FreeBSD (was Re: mbuf vulnerability) > Date: Tue, 2 Mar 2004 21:54:23 +0100 >

I'm forwarding this to security@, as I'm getting no replies on ipfw@. Hope it's relevant enough for you :( ---Original Message----- From: owner-freebsd-ipfw@freebsd.org [mailto:owner-freebsd-ipfw@freebsd.org] On Behalf Of Erik Paulsen Skålerud Sent: Wednesday, May 28, 2003 1:02 AM To: ipfw@freebsd.org Subject: Question about logging. Sorry for asking this, It's probably been