similar to: Re: Security problems in bind -- persisting?

From: Wade Maxfield <maxfield@ctelcom.net> > Many thanks to the moderator who pointed out errors and suggested the > correct information on this post. Over half the ideas are due to him. ;) > 1. Programs put data in local variables in functions. These variables > are on the computer stack. Feeding data to those variables (usually > string variables) causes the

Hi, I am building my own TCP daemon for easing some routine admin stuff... I am no expert on security,. I would really appreciate it if someone sent me some pointers to writing TCP daemons that are hacker-proof( i know there is nothing like that...but I do not want to be making mistakes in coding that are well known.. ;) The daemon runs as root....so that is why I am woried.... Thx, Arni

As will be seen from these code fragments (and experiment) a noclobber option in bash or pdksh (or ksh on AIX) will do limited clobbers. 1) They will clobber named pipes. (mknod /tmp/predicted p cat /tmp/predicted > $stolen cat $switched > /tmp/predicted ) & 2) They will clobber symlinks. ln -s /some/new/target /tmp/predicted 3) They can be raced.

Woops... this didn't show up here but it did on BugTraq. Questions answered! -- Chuck Mead, CTO, MoonGroup Consulting, Inc. <http://moongroup.com> Mail problems? Send "s-u-b-s-c-r-i-b-e mailhelp" (no quotes and no hyphens) in the body of a message to mailhelp-request@moongroup.com. Public key available at: wwwkeys.us.pgp.net ----------

Standard apology if old... This demonstrates a resource starvation attack on the setuid root passwd(1) program. In the case I tested it was the Red Hat Linux passwd-0.50-7 program without shadowing. #include <stdio.h> #include <sys/time.h> #include <stdlib.h> #include <unistd.h> #include <sys/resource.h> main () { struct rlimit rl, *rlp; rlp=&rl;

---------- Forwarded message ---------- Date: Tue, 30 Nov 1999 12:14:09 -0800 (PST) From: David Cantrell <david@slackware.com> To: slackware-security@slackware.com Subject: Security Patches for Slackware 7.0 Available There are several security updates available for Slackware 7.0. We will always post bug fixes and security fixes to the /patches subdirectory on the ftp site:

We just had a security application vendor come in. We asked about Linux support and he said that putting a security application on top of an insecure OS was useless. When I asked what he meant by insecure he replied that Linux does not have a true Auditing capability - as opposed to HP-UX & Solaris which they do support. Can anyone explain to me what he was talking about? Thanks, Marty

hello logging is not working as i exspect it. i am not sure if this is due to a but or a misunderstanding on my part. i use shorewall 2.0.4 and for logging metalog 0.8. the problem is that new connections of certain (most) types don''t get logged. when i browse for example i see such: ---------------------------------------------------------------------- Dec 3 15:49:12 [kernel]

After the recent attacks on the major servers on the web my ISP has decided to stop all ICMP messages from his ISP. I have red the RFCs and it seems that he cant do that... As a result pings and traceroutes will not work. I need a friendly person out there to tell me a way to break the news to him that he has to allow ICMP packets through his network... any suggestions would be helpfull [mod:

I would be surprised if someone hasn''t encountered this already, but I haven''t found any discussion of the nature of this problem. I run RehHat 5.0. If a user makes a mistake in the login process such as the following: login: mistake password: xxx Login incorrect! login: username password xxxx bash$ a ps will show, among other things, 2333 /bin/login --mistake. Since

At 01:59 PM 6/29/98 +0000, Kokoro Security Administrator wrote: >Hello everyone - > >I am looking for the name of a piece of hardware, and don''t know what it >is called. I am told that there exists such a thing (a switch? a router? >a special hub?) that will only send me traffic that is destined for me. simple definitions: --router: looks at a layer 3 address (such as

-----BEGIN PGP SIGNED MESSAGE----- Hi everyone - Someone I''m working with has a requirement to map ethernet card addresses to unique IP addresses, and then have a Linux IP masquerade server know of this mapping list and not allow any data to pass from any ethernet card that a) it doesn''t know about, or b) isn''t assigned the right IP. Ideally it would also log this

Hi, I was wondering how a linux box configured as a firewall stacked up against some of the commercial products like checkpoint-1 and gauntlet. Can someone direct me to a good book or online doc that compares linux to some other firewall methods? Mind you, I''m not talking about a firewall in the classical sense, ie ip forwarding turned off and used as a proxy, but the typical Linux box

Hi Tom and list, Still trying to set up Shorewall logging. I understand that Shorewall require syslog to get logging working, however I have metalog. Is this possible to use metalog as logging facility for Shorewall? I was reading http://www.shorewall.net/shorewall_logging.html and it describes other method ( ULOG ). I understand that I have to compile ULOG support in the kernel... where do I

Hi, I get my Email from my own SMTP server on the internet using "fetchmail". Some time ago I did the smart thing and configured dovecot to use SSL and the letsencrypt certificate that automatically renews. Welllll..... a few days ago my certificate expired and the fetchmail deamon running in the background had nowhere to complain. So I didn't notice. It turns out that dovecot

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: New majordomo packages available Advisory ID: RHSA-2000:005-05 Issue date: 2000-01-20 Updated on: 2000-05-31 Product: Red Hat Powertools Keywords: majordomo Cross references: N/A

Hi, I just noticed that my file server running 2.4.18-pre3 + IDE patches & NTFS patches has this error message in the logs: EXT3-fs error (device md(9,4)): ext3_free_blocks: Freeing blocks not in datazone - block = 33554432, count = 1 This is the only ext3 error I have seen and the uptime is currently over 74 days. The error actually appeared two weeks ago. The timing coincides well with

On Fri, 7 May 1999 jlewis@lewis.org wrote: > # ldd ./ls > /lib/libNoVersion.so.1 => /lib/libNoVersion.so.1 (0x40014000) > libc.so.6 => /lib/libc.so.6 (0x4001c000) > /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000) > > I''ve never heard of libNoVersion. All the /home/ftp/bin stuff in 6.0 uses > it...but it doesn''t exist.

https://bugzilla.samba.org/show_bug.cgi?id=5727 Summary: rsync crashes while copying large directory. Product: rsync Version: 2.6.9 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P3 Component: core AssignedTo: wayned@samba.org ReportedBy: r.e.wolff@bitwizard.nl

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Denial of service attack in in.telnetd Advisory ID: RHSA-1999:029-01 Issue date: 1999-08-19 Updated on: Keywords: telnet telnetd Cross references: --------------------------------------------------------------------- 1. Topic: A denial of service attack has been fixed in