similar to: No subject

>From owner-freebsd-ports@freebsd.org Wed Jul 5 08: 39:46 2006 Received: from spqr.komquats.com (cwfw [10.1.1.254]) by cwsys.cwsent.com (8.13.6/8.13.6) with ESMTP id k65Fdk7u034242 for <cy@cwsys.cwsent.com>; Wed, 5 Jul 2006 08:39:46 -0700 (PDT) (envelope-from owner-freebsd-ports@freebsd.org) Received: by spqr.komquats.com (Postfix) id E55BF4C60B; Wed, 5 Jul 2006 08:39:45 -0700 (PDT)

freebsd-questions@freebsd.org Cc: Bcc:gruand Subject: Re: 100.chksetuid in /etc/periodic/security resets the mashine Reply-To: In-Reply-To: <20041112173824.GT26202@horsey.gshapiro.net> Hello, kolleages! I have a problem. When I (or system) start the script 100.chksetuid in /etc/periodic/security my machine resets. The machine: Timecounter "i8254" frequency 1193182 Hz

Hi all! Short question: could anyone point me to documents regarding topics: jails! & nat & (ipfw|ip tables) - I'm in process to build a new system... Planned layout: NET---router/nat-----gateway:freebsd5.x/nat--------inner net | | | | | L- apache/php (lo_alias1) | L------ mail server (lo_alias2)

I have asked this before in -questions but due to a odd security requirement, I need the option to auto lock a normal user's account (root and those in the wheel group must be excluded) after let say, 3, login failures. I know this can cause a DoS issue but I HAVE to have the option of doing it in FreeBSD. Any info is appreciated Thanks. Mike C carlson39@llnl.gov

>From owner-majordomo Thu Dec 28 05:29:23 1995 Received: from irz301.inf.tu-dresden.de (irz301.inf.tu-dresden.de [141.76.1.11]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id FAA04159 for <announce@freebsd.org>; Thu, 28 Dec 1995 05:29:12 -0800 (PST) Received: from sax.sax.de by irz301.inf.tu-dresden.de (8.6.12/8.6.12-s1) with ESMTP id OAA04823 for

> These are false positives. I had this showing on a box of mine > (chkrootkit-0.43). And What I did was remove the binarys and resync'ed my > source > and did a new build. Yea, this is basically what I did. re'synched my sources, pulled the ethernet cable, made world, and it's still showing that. I'm pretty sure this is a false positive, but just wanted to touch base

Yeah but if you are uncertain about your own box my VERY STRONG advise is that you reinstall. IF your host is indeed owned, then you are a lot further away then just reinstalling, god knows what issues can arrise when a cracker exploits the system to do bogus tasks.. Then i say: Too bad for your time, sorry but it's like that -- Kind regards, Remko Lodder Elvandar.org/DSINet.org

The man page gives this example, however, when I attempt to use it, it ssems to block the whole set? Could someone tell me what's going wrong here please. Thanks heaps.. This works, ${fwcmd} add deny log all from any to 203.1.96.1 in via ${oif} This blocks the whole IP block, not just the list? ${fwcmd} add deny log all from any to 203.1.96.0/24{2,6-25,27-154,156-19

[This email is either empty or too large to be displayed at this time]

-- Fernando C?rdova Su?rez

Hi, I attach 2 files in this email, the first is a Makefile and the second is jail.conf. For demonstre my idea i resolved create one "Pseudo Prototyping", for test is necessary: 1 - Create dir /usr/local/basejail 2 - Copy Makefile to /usr/local/basejail 3 - Copy jail.conf to /etc 4 - The initial basejail is precompiled is distributed in CD1, for simular basejail is necessary a

forgot this addr. -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van: Remko Lodder [mailto:remko@elvandar.org] Verzonden: vrijdag 23 januari 2004 10:53 Aan: Nick Twaddell Onderwerp: RE: [Freebsd-security] ipfw + named problem did you tcpdump the packets so that you can

On Wed, 2 Jan 2002, John Hay wrote: > Well I can accept your argument for -stable, although bigger changes has > gone in -stable in the past, but what about -current? My -current boxes > also still claim: "sshd version OpenSSH_2.9 FreeBSD localisations > 20011202" And this is the problem, if we don't have -current upgraded > we have little chance in getting wrinkles

Hi I am re-sending this message to this list, because freebsd-security list could be more suitable for my question about UID / GID settings of Postfix virtual users accounts. in one sentence: "If all virtual users have same UID/GID, is there some real security risk?" Thank You and I am sorry for my bad english ================================== original message from freebsd-isp:

that only works when you are presuming that the host was not hacked already because i would clear those logs when i hacked a system :) but indeed it's a try, If you remain unsure, it is best to reinstall the system to be sure that a fresh and newly updated (yeah update it when installed :)) system is not compromised at that time.. loads of work, but it gives you some relief to know that

Hi all, I use FreeBSD for severals years and this Project now have a possibility the full security update (src) with freebsd-update, is really great for Release users but is break for Stable user. Ok !!! Exist a possibility for apply manual patch and compile issue, but for me problem existe in fix kernel issue in stable branch because is require a update for last stable and this

Hi, I'm having trouble rationalizing the behaviour described below. Is this a security-issue (bug) or a feature? - An unprivileged user 'bztest' with read-only access to /dev/ar0: %id uid=1004(bztest) gid=1004(test) groups=1004(test), 5(operator) %ls -l /dev/ar0 crw-r----- 1 root operator 4, 21 Nov 23 17:34 /dev/ar0 - Now, the device ar0 has the standard mbr installed: %cmp

Hello, Please, don't use chkrootkit 0.46 on production machines. The "chkproc" process sends a SIGXFSZ (25) signal to init, that interprets this signal as a "disaster" and reboots after a 30s sleep. I'm contacting the chkrootkit maintainer to fix this problem. Sorry, Cordeiro

Any reason why portaudit and its associated infrastructure was not announced to this list or security-notifications? I recently discovered it, and discovered the feature was added to bsd.port.mk in the beginning of feburary. Seeing as the security officer apparently (without announcement) no longer issues security notices (SNs) for ports, I am assuming that portaudit has replaced SNs entirely,

Good day. I am posting the follow-up to the -hackers and CC'ing to the -security, because some more-or-less nasty points were found. Sat, Feb 23, 2008 at 10:32:02PM +0300, Eygene Ryabinkin wrote: > But there is another concern with bzero(): it is well-known function. > Especially for compilers. And it is bad: some arrays inside g_eli, > that hold decryption keys are the local