similar to: LOG_AUTHPRIV and the default syslog.conf

hi all i'm trying to get ipfilter set up on my new 5.1-RELEASE box. ipfilter seems to be working fine. i just have a couple of issues that are probably not very serious... one thing is that during network startup at boot, i get the message IPFilter: already initialized repeated 4 times. i think i have everything configured properly my kernel config looks like options IPFILTER options

Hi ! While browsing Linux manpages (man 3 syslog) I noticed that the manual says that the LOG_AUTH facility is deprecated use LOG_AUTHPRIV instead. Is there a good reason why OpenSSH doesn't have an option to use LOG_AUTHPRIV facility ? (Looks like that tcpd/telnet etc. use the AUTHPRIV facility (in RH6.2)). Shouldn't be too hard to add the AUTH_PRIV facility ? Cheers, -Jarno --

In regards to FreeBSD-SA-03:05.xdr, does anyone know which static binaries or tools under /bin or /sbin actually use that problem code? The recent XDR fixes the xdrmem_getlong_aligned(), xdrmem_putlong_aligned(), xdrmem_getlong_unaligned(), xdrmem_putlong_unaligned(), xdrmem_getbytes(), and/or xdrmem_putbytes() functions, but it is difficult to know what uses these (going backwards manually).

Hi all. This might seem really naive, but can mtree be used effectively as a native-to-core-OS tripwire equivalent? Would it be as efficient in terms of time-to-run and resource requirements? What sort of pitfalls should I be aware of? Has anyone here done this? If so, would you care to share your scripts/techniques? Thanks, Dave -- ______________________

I hope this isn't too off topic, but I'd like a quick solution to a problem. I have a small network behind a NAT firewall (FreeBSD of course) and I'd like to block/redirect all traffic from the internal network to the local mail server (same box as firewall) in order to prevent direct smtp requests to the outside world (mainly virus/trokan programs). I think I have it right in this

I seem to remember seeing somewhere (on this list/on the web -- don't remember) that there was some ``Snort-like'' software that was available under the BSD license. Unfortunately, I'm unable to find any information about such software. Was I dreaming, or can anybody else jog my memory? :) Kind regards, Devon H. O'Dell

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:18.openssl Security Advisory The FreeBSD Project Topic: OpenSSL vulnerabilities in ASN.1 parsing Category: crypto Module: openssl Announced:

I'm failing to understand how getrusage() works, which is a bit perplexing, because it doesn't seem like it would be terribly complicated. I've attached the code. My aim is to verify that I can use getrusage() to do (admittedly crude) instrumentation of which functions in my program are allocating lots of memory[1]. So I figure I can call getrusage() at various points and look at

There's been an ongoing discussion (started by Colin Percival's recent work on nologin) about environment-poisoning attacks via "login -p". I thought I saw a way to address this, but the more I learn, the uglier this looks. Maybe some of the good folks who read freebsd-security can puzzle this one out: Problem: login -p can be used to propagate environment flags in order to

Recently i have been using a dialup 56k account to access the net and have noticed that when my ssh session times out and I am editing a file in ` ee ' the system goes to 99% cpu usage and stays like this till the pid is killed. This is a standard user account (not root/su) Would a user be able to create a denial of service condition on the remote system using this bug? (sorry if this is

Hello Folks, Just a status on upcoming advisories. FreeBSD-SA-03:15.openssh This is in final review and should be released today. Fixes for this issue entered the tree on September 24. I apologize for the delay in getting this one out. FreeBSD-SA-03:16.filedesc A reference counting bug was discovered that could lead to kernel memory disclosure or a system panic.

In http://docs.freebsd.org/cgi/mid.cgi?200402260743.IAA18903 it seems RELENG_4 is vulnerable. Is there any work around to a system that has to have ports open ? Version: 1 2/18/2004@03:47:29 GMT >Initial report > <<https://ialert.idefense.com/KODetails.jhtml?irId=207650>https://ialert.idefense.com/KODetails.jhtml?irId=207650; >ID#207650: >FreeBSD Memory Buffer

Hello everybody, I'm a newbie in this list, so I don't know if it's the appropriate place for my question. Anyway, I'd be happy to find out the solution. Please, has anyone simple answer for: I'm looking for an exact list of files, which: 1. MUST have... 2. HAVE FROM BSD INSTALLATION... 3. DO NOT NEED... 4. NEVER MAY... ...the suid-bit set. Of course, it's no problem to

This affects only 3.7p1 and 3.7.1p1. The advice to leave PAM disabled is far from heartening, nor is the semi-lame blaming the PAM spec for implementation bugs. I happen to like OPIE for remote access. Subject: Portable OpenSSH Security Advisory: sshpam.adv This document can be found at: http://www.openssh.com/txt/sshpam.adv 1. Versions affected: Portable OpenSSH versions 3.7p1

Hi, I set up the syslog.conf to log local0 and local1 to a remote log server: *.info;mail.none;authpriv.none;cron.none;local0.none;local1.none /var/log/messages local0.*;local1.* @192.168.1.2 The messages from local0 worked fine, all sent to the remote log server. But all messages from local1 were still displayed in /var/log/messages despite it has been

I am trying to configure syslog.conf to send messages from one of my hosts to a select file for that host. The host is currently sending messages to the syslog server and they are being logged but I would like to have all the messages from this host go to a separate file. FreeBSD 4.9-RELEASE # $FreeBSD: src/etc/syslog.conf,v 1.13.2.4 2003/05/12 13:59:23 yar Exp $ # # Spaces ARE valid field

From bugtraq :-( >-----BEGIN PGP SIGNED MESSAGE----- > >Sendmail, Inc., and the Sendmail Consortium announce the availability >of sendmail 8.12.9. It contains a fix for a critical security >problem discovered by Michal Zalewski whom we thank for bringing >this problem to our attention. Sendmail urges all users to either >upgrade to sendmail 8.12.9 or apply a patch for

On 04/18/2016 07:09 PM, lingpanda101 at gmail.com wrote: > On 4/18/2016 12:52 PM, Johannes Amorosa | Celluloid VFX wrote: >> >> On 04/15/2016 04:36 PM, lingpanda101 at gmail.com wrote: >>> On 4/15/2016 10:08 AM, Johannes Amorosa | Celluloid VFX wrote: >>>> Hello, >>>> we're using sambas internal DNS server. >>>> >>>> Is

Hello , i want all my log messages from python to have in /var/log/python Now they are in /var/log/messages: Jun 9 12:10:51 sx1 kernel: klogd 1.4.1, log source = /proc/kmsg started. Jun 9 12:11:01 sx1 python: MM_MEMBERS [it] Nothing to do. Jun 9 12:11:02 sx1 python: MM_MEMBERS [research] Nothing to do. Jun 9 12:12:01 sx1 python: MM_MEMBERS [it] Nothing to do. Jun 9 12:12:01 sx1 python:

Heya.. Yesterday someone "attacked" by box by connection to several ports.. In other words, a simple portscan.. yet, since my box has "log_in_vain" enabled, so it tries to log everything to /var/log/messages, since the logfile got full and the size went over 100K, it tried to rotate the log to save diskspace. (Apr 16 21:00:00 omikron newsyslog[32137]: logfile turned over due