similar to: IPFW logging brokeness?

Yes, I've been reading /. :) But this isn't the first time this has occured to me. With all the security vulnerbilties, would it be unreasonable to either change the default MTA from sendmail to Exim/Qmail/Postfix, or give people the option of installing something instead of Sendmail at install time? -- Avleen Vig "Say no to cheese-eating surrender-monkeys"

Can anyone provide more details about the posting below ? >Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm >List-Id: <bugtraq.list-id.securityfocus.com> >List-Post: <mailto:bugtraq@securityfocus.com> >List-Help: <mailto:bugtraq-help@securityfocus.com> >List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> >List-Subscribe:

In the next month or two I've got to upgrade a number of servers that are currently on an EOL'd version of 4-STABLE. I foresee that I'll have very limited time to do full OS upgrades on these systems in the coming several years, so I want to make sure I bring them onto an extended-life branch. Right now 4.11 has the furthest projected EOL date (Jan 31 2007), and the projected EOL

I think, there is a neat exploit in the phpbb2.0.8 because I found my home page defaced one dark morning. The patch for phpBB is here. http://www.phpbb.com/downloads.php The excerpt of the log is attached. I believe the link to the described exploit is here. http://secunia.com/advisories/13239 The defacement braggen page is here filter to show the exploited FreeBSD machines that aneurysm.inc

This might be more related to an Apache-security list, but as the machine is running FreeBSD, I thought I'd ask here first. In the last two weeks, I've been seeing some very strange errors in my logs a few times daily around the same times. While this happens, load averages go through the roof (I've seen 36+, which is outragous), and the machine becomes very unresponsive. First

On Solaris 10, I found that if $CC=gcc, and $LD=gcc, the following combination of things will cause problems: 1. Using gcc provided by Sun to make 64bit binaries 2. Setting CFLAGS=-m64 3. OpenSSL was compiled 64bit OpenSSH compiles up to the point of linking. Because $CFLAGS isn't used when linking, gcc is called without -m64. This causes the following fatal error: Wrong ELF class:

Hi. On my FreeBSD 4.8 configured IPFW2+IPF+IPNAT and I use them all: - IPFW - traffic accounting, shaping, balancing and filtering; - IPFilter - policy routing; - IPNAT - masquerading. I want to know, how IP-packets flow through all of this components? What's the path? incoming: IPFW Layer2 -> IPFW&Dummynet -> IPNAT -> IPFilter ? outgoing: IPFW Layer2 ->

Hi all. I recently turned net.inet.udp.log_in_vain on on some of my boxen and have been seeing UDP connection attempts to port 67 on the local host. This initially seemed odd, as the target ip addres was indeed that of a DHCP-configured interface and the source address was that of my DHCP server. However, it turns out this is totally valid, as dhclient(8) does not bind(2) on the bootpc port but

Hi all: I have strange probelm with rc.conf. I set up ipfw (compiled into kernel) on freebsd-5.4 and it doesn't seem to load ipfw rulesets (it uses default ruleset 65335 locking out everything). I have to do "sh /etc/ipfw.rules" in order to load the rulesets, once I did that, I can access the box from remote locations here is my rc.conf: host# more /etc/rc.conf

Hi, first i must tell you, that my english is not the best, i hav learned my english from manpages and documentation. Please excuse this. I have setted up a Box w/FreeBSD 4.7-RELEASE for connecting to the w3 through an DSL/ATM-Connection. Now i know the stateful handling of firewall-rules under linux with iptables.In the second i have understand that FreeBSD comes with the netfilter-extensions.

Hello Folks, The official email address for this list is `freebsd-security@freebsd.org'. Due to convention, there is an email alias for this list: security@freebsd.org, just as there is for hackers@ & freebsd-hackers@, arch@ & freebsd-arch@, and so on. The security@freebsd.org alias has been the source of occassional problems. Several times in the past, postings have been made to

>> 3. I'm intrested in blocking kazaa/P2P trafic with IPFW any help in this issue you could possibly block connections at known p2p ports. deny tcp from any to any 6699 step but most of the newer protocols use dynamic ports and in turn, are configurable. so ipfw isn't exactly ideal on it's own for this. -r. -----Original Message----- From: Pons [mailto:pons@gmx.li] Sent:

Hi there, Is there some way to configure ipfw to do traffic normalizing ("scrubbing", as in ipf for OpenBSD)? Is there any tool to do it for FreeBSD firewalling? I've heard that ipf was ported on current, anything else? TIA, /Dorin. __________________________________ Do you Yahoo!? Yahoo! Mail SpamGuard - Read only the mail you want. http://antispam.yahoo.com/tools

does anyone what is the ipfw equivalent line for this one? rdr fxp0 external_ip_addres/32 port 69 -> 192.168.66.3 port 69 udp i use a tftpd server behind a nat and i want to redirect all trafic coming from internet on port 69 to the tftpd server 10x for help __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around

Hi, I am using IPFW on FreeBSD 4.11 I am facing two problems: - SSH sessions timeout after a while - When I run "/sbin/ipfw -q -f flush" in the rules script all connection get reset (and I am thrown out of the box). Is this standard functioning of ipfw or do I need to change any configuration? Thanks, Siddhartha

Hi all. I didn't find any thread discussing it, sorry if I am re-posting the same subject. Is there a way to check the ipfilter/ipfw out-flow with bridge? Is it implemented? I've heard its not done due a performance issue (it's writen in ipf-howto), but performance is not the main goal for me in this single situation. I would like to have the stateful firewall and the bridge _fully_

The Samba ports are not filtered. The firewall is between STG-DC and SAMBADC (both of them sync correctly). The sync problems happen in VIG-DC3, which is behind the same firewall of STG-DC. Here's nmap output (SAMBADC is 172.16.50.9): root at vig-dc3:~# nmap -Pn 172.16.50.9 Starting Nmap 7.93 ( https://nmap.org ) at 2024-05-23 08:22 UTC Nmap scan report for SAMBADC.ugt.ldap (172.16.50.9)

I made a mistake setting my shell and have set the root users shell to /bin/bash instead of /bin/sh. I am curiuos if anyone knows how to fix this. The machines is FreeBSD 4.8-RELEASE-p4 and does not have sudo only su.

This message was sent to bugtraq today: While playing around with FreeBSD 5.4 and jailing I discovered that it was possible to put an ethernet interface into promiscious mode from within the jailed environment, allowing a packetsniffer to gather data not meant for the jailed box. This also affects FreeBSD 5.3 (tested) but not FreeBSD 4.x This can be reproduced on boxes where BPF support is

I am not sure if something is wrong with my programming or is a bug of chron or something else. In the following script, db is a large dataframe (dim(db)=c(60698,14)), then I select a very small part for a specific date and compute some basic statistics. date.base is a chron object foo<-function(db,date.base){ date.base<-as.numeric(date.base) #convert to number