similar to: Re: Security problems in bind -- persisting?

Displaying 20 results from an estimated 7000 matches similar to: "Re: Security problems in bind -- persisting?"

1999 Nov 27
1
Re: Programming ...
From: Wade Maxfield <maxfield@ctelcom.net> > Many thanks to the moderator who pointed out errors and suggested the > correct information on this post. Over half the ideas are due to him. ;) > 1. Programs put data in local variables in functions. These variables > are on the computer stack. Feeding data to those variables (usually > string variables) causes the
1999 Nov 26
4
Programming ....
Hi, I am building my own TCP daemon for easing some routine admin stuff... I am no expert on security,. I would really appreciate it if someone sent me some pointers to writing TCP daemons that are hacker-proof( i know there is nothing like that...but I do not want to be making mistakes in coding that are well known.. ;) The daemon runs as root....so that is why I am woried.... Thx, Arni
1999 Feb 10
1
When a shell says no (clobber) it means maybe.
As will be seen from these code fragments (and experiment) a noclobber option in bash or pdksh (or ksh on AIX) will do limited clobbers. 1) They will clobber named pipes. (mknod /tmp/predicted p cat /tmp/predicted > $stolen cat $switched > /tmp/predicted ) & 2) They will clobber symlinks. ln -s /some/new/target /tmp/predicted 3) They can be raced.
1999 Nov 12
1
[RHSA-1999:054-01] Security problems in bind (fwd)
Woops... this didn't show up here but it did on BugTraq. Questions answered! -- Chuck Mead, CTO, MoonGroup Consulting, Inc. <http://moongroup.com> Mail problems? Send "s-u-b-s-c-r-i-b-e mailhelp" (no quotes and no hyphens) in the body of a message to mailhelp-request@moongroup.com. Public key available at: wwwkeys.us.pgp.net ----------
1998 Feb 22
0
resource starvation against passwd(1)
Standard apology if old... This demonstrates a resource starvation attack on the setuid root passwd(1) program. In the case I tested it was the Red Hat Linux passwd-0.50-7 program without shadowing. #include <stdio.h> #include <sys/time.h> #include <stdlib.h> #include <unistd.h> #include <sys/resource.h> main () { struct rlimit rl, *rlp; rlp=&rl;
1999 Dec 01
0
Security Patches for Slackware 7.0 Available (fwd)
---------- Forwarded message ---------- Date: Tue, 30 Nov 1999 12:14:09 -0800 (PST) From: David Cantrell <david@slackware.com> To: slackware-security@slackware.com Subject: Security Patches for Slackware 7.0 Available There are several security updates available for Slackware 7.0. We will always post bug fixes and security fixes to the /patches subdirectory on the ftp site:
1999 Jul 28
6
You got some 'splaininn to do Lucy ;-)
We just had a security application vendor come in. We asked about Linux support and he said that putting a security application on top of an insecure OS was useless. When I asked what he meant by insecure he replied that Linux does not have a true Auditing capability - as opposed to HP-UX & Solaris which they do support. Can anyone explain to me what he was talking about? Thanks, Marty
2004 Dec 03
1
not logging as exspected
hello logging is not working as i exspect it. i am not sure if this is due to a but or a misunderstanding on my part. i use shorewall 2.0.4 and for logging metalog 0.8. the problem is that new connections of certain (most) types don''t get logged. when i browse for example i see such: ---------------------------------------------------------------------- Dec 3 15:49:12 [kernel]
2000 Feb 29
4
ICMP
After the recent attacks on the major servers on the web my ISP has decided to stop all ICMP messages from his ISP. I have red the RFCs and it seems that he cant do that... As a result pings and traceroutes will not work. I need a friendly person out there to tell me a way to break the news to him that he has to allow ICMP packets through his network... any suggestions would be helpfull [mod:
1998 Sep 01
5
/bin/login problem
I would be surprised if someone hasn''t encountered this already, but I haven''t found any discussion of the nature of this problem. I run RehHat 5.0. If a user makes a mistake in the login process such as the following: login: mistake password: xxx Login incorrect! login: username password xxxx bash$ a ps will show, among other things, 2333 /bin/login --mistake. Since
1998 Jun 29
2
Re: A switch? A router? What am I looking for??
At 01:59 PM 6/29/98 +0000, Kokoro Security Administrator wrote: >Hello everyone - > >I am looking for the name of a piece of hardware, and don''t know what it >is called. I am told that there exists such a thing (a switch? a router? >a special hub?) that will only send me traffic that is destined for me. simple definitions: --router: looks at a layer 3 address (such as
1998 Jun 16
7
Ethernet card addr <-> IP
-----BEGIN PGP SIGNED MESSAGE----- Hi everyone - Someone I''m working with has a requirement to map ethernet card addresses to unique IP addresses, and then have a Linux IP masquerade server know of this mapping list and not allow any data to pass from any ethernet card that a) it doesn''t know about, or b) isn''t assigned the right IP. Ideally it would also log this
1998 Oct 13
5
compare / contrast of linux fw and others
Hi, I was wondering how a linux box configured as a firewall stacked up against some of the commercial products like checkpoint-1 and gauntlet. Can someone direct me to a good book or online doc that compares linux to some other firewall methods? Mind you, I''m not talking about a firewall in the classical sense, ie ip forwarding turned off and used as a proxy, but the typical Linux box
2004 Feb 17
12
Metalog and Shorewall
Hi Tom and list, Still trying to set up Shorewall logging. I understand that Shorewall require syslog to get logging working, however I have metalog. Is this possible to use metalog as logging facility for Shorewall? I was reading http://www.shorewall.net/shorewall_logging.html and it describes other method ( ULOG ). I understand that I have to compile ULOG support in the kernel... where do I
2020 Oct 09
11
Feature request.
Hi, I get my Email from my own SMTP server on the internet using "fetchmail". Some time ago I did the smart thing and configured dovecot to use SSL and the letsencrypt certificate that automatically renews. Welllll..... a few days ago my certificate expired and the fetchmail deamon running in the background had nowhere to complain. So I didn't notice. It turns out that dovecot
2000 May 31
1
[RHSA-2000:005-05] New majordomo packages available
--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: New majordomo packages available Advisory ID: RHSA-2000:005-05 Issue date: 2000-01-20 Updated on: 2000-05-31 Product: Red Hat Powertools Keywords: majordomo Cross references: N/A
2002 Jul 03
3
EXT3-fs error on kernel 2.4.18-pre3
Hi, I just noticed that my file server running 2.4.18-pre3 + IDE patches & NTFS patches has this error message in the logs: EXT3-fs error (device md(9,4)): ext3_free_blocks: Freeing blocks not in datazone - block = 33554432, count = 1 This is the only ext3 error I have seen and the uptime is currently over 74 days. The error actually appeared two weeks ago. The timing coincides well with
1999 May 07
1
Re: Redhat Linux 6.0 Problem
On Fri, 7 May 1999 jlewis@lewis.org wrote: > # ldd ./ls > /lib/libNoVersion.so.1 => /lib/libNoVersion.so.1 (0x40014000) > libc.so.6 => /lib/libc.so.6 (0x4001c000) > /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000) > > I''ve never heard of libNoVersion. All the /home/ftp/bin stuff in 6.0 uses > it...but it doesn''t exist.
2008 Aug 31
5
DO NOT REPLY [Bug 5727] New: rsync crashes while copying large directory.
https://bugzilla.samba.org/show_bug.cgi?id=5727 Summary: rsync crashes while copying large directory. Product: rsync Version: 2.6.9 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P3 Component: core AssignedTo: wayned@samba.org ReportedBy: r.e.wolff@bitwizard.nl
1999 Aug 19
1
[RHSA-1999:029-01] Denial of service attack in in.telnetd
--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Denial of service attack in in.telnetd Advisory ID: RHSA-1999:029-01 Issue date: 1999-08-19 Updated on: Keywords: telnet telnetd Cross references: --------------------------------------------------------------------- 1. Topic: A denial of service attack has been fixed in