similar to: compare / contrast of linux fw and others

Hi, When php3 module is compiled in apache, files in any directory will be interpreted by the parser and executed. This is a security breach. There is a way to correct this? Any comments? Thanks, lacj --- <levy@null.net> Levy Carneiro Jr. Linux & Network Admin From mail@mail.redhat.com Sat May 8 02:32:02 1999 Received: (qmail 28372 invoked from network); 8 May 1999 07:05:57

Hi, There have been a bunch of useful submissions for the compare /contrast thread. To reduce the load on your mailbox, they are gathered here in one go... Roger. Date: Wed, 28 Oct 1998 15:11:37 +0000 From: "David L. Sifry" <dsifry@linuxcare.com> To: "Matthew S. Crocker" <matthew@crocker.com> CC: Rob Bringman <rob@trion.com>,

Ran into a weird problem, and this seemed a good forum to toss it out into -- if I've gaffed, please let me know. Just upgraded my RH5.0 box to RH5.2. Went well, worked nearly seamlessly. When running 5.0, though, I'd installed the opie-fied ftpd that comes with the most recent opie package (ftp://ftp.inner.net/pub/opie/opie-2.32.tar.gz) and had it work without a hitch. I'd also

This may be, or may not be a security issue, however, since alot of people still use tripwire-1.2 or lesser versions(this is what shipped with R.H. Linux 5.2 at least), they might be interested in following detail: Chuck Campbell (campbell@neosoft.com) pointed me out that tripwire dies with coredump on R.H. linux, if it hits a filename containing 128-255 characters. Playing a bit with debugger I

below. Dan ___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 |

-----BEGIN PGP SIGNED MESSAGE----- Hi everyone - Someone I''m working with has a requirement to map ethernet card addresses to unique IP addresses, and then have a Linux IP masquerade server know of this mapping list and not allow any data to pass from any ethernet card that a) it doesn''t know about, or b) isn''t assigned the right IP. Ideally it would also log this

We just had a security application vendor come in. We asked about Linux support and he said that putting a security application on top of an insecure OS was useless. When I asked what he meant by insecure he replied that Linux does not have a true Auditing capability - as opposed to HP-UX & Solaris which they do support. Can anyone explain to me what he was talking about? Thanks, Marty

After the recent attacks on the major servers on the web my ISP has decided to stop all ICMP messages from his ISP. I have red the RFCs and it seems that he cant do that... As a result pings and traceroutes will not work. I need a friendly person out there to tell me a way to break the news to him that he has to allow ICMP packets through his network... any suggestions would be helpfull [mod:

Woops... this didn't show up here but it did on BugTraq. Questions answered! -- Chuck Mead, CTO, MoonGroup Consulting, Inc. <http://moongroup.com> Mail problems? Send "s-u-b-s-c-r-i-b-e mailhelp" (no quotes and no hyphens) in the body of a message to mailhelp-request@moongroup.com. Public key available at: wwwkeys.us.pgp.net ----------

I would be surprised if someone hasn''t encountered this already, but I haven''t found any discussion of the nature of this problem. I run RehHat 5.0. If a user makes a mistake in the login process such as the following: login: mistake password: xxx Login incorrect! login: username password xxxx bash$ a ps will show, among other things, 2333 /bin/login --mistake. Since

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: New majordomo packages available Advisory ID: RHSA-2000:005-05 Issue date: 2000-01-20 Updated on: 2000-05-31 Product: Red Hat Powertools Keywords: majordomo Cross references: N/A

Michel, One approach that hasn't been suggested is to block access to the netbios nameservice port on the samba host with a firewalling rule. That way the other computers on the subnet can't register themselves with nmbd. Suppose that your internal network is all within the 192.168.15.0/24 network. Each Windows workstation will automatically announce itself with a udp packet broadcast

Hello Everyone, I have installed samba-1.9.17p4 on a linux 2.0.29 box, but the server work correctly only as a client. Testparm runs ok, but when i try to list the shares available on my server, this is the output: Added interface ip = 195.32.68.131 bcast = 195.32.68.191 nmask = 255.255.255.192 Session request failed (0,0) with myname = DNS2 destname = DNS2 Unspecified error 0x0 Your server

At 01:59 PM 6/29/98 +0000, Kokoro Security Administrator wrote: >Hello everyone - > >I am looking for the name of a piece of hardware, and don''t know what it >is called. I am told that there exists such a thing (a switch? a router? >a special hub?) that will only send me traffic that is destined for me. simple definitions: --router: looks at a layer 3 address (such as

I just downloaded samba-1.9.18p3.tar.gz and compiled it on a DEC 3000/300 running OSF/1 v3.0 (uname -mrsv gives: "OSF1 V3.0 347 alpha") using the built-in cc compiler. The compiler gives the following warning: Compiling nmbd_incomingdgrams.c /usr/lib/cmplrs/cc/cfe: Warning: nmbd_incomingdgrams.c, line 452: Unknown character \ ignored ((DEBUGLEVEL>=(5))?(Debug1

Hi, i have a annoying problem that drives me crazy. We have set up a Digital/Unix box with samba and the clients (W95) can mount the shares from this box. On the Unix side we create a textfile which will be periodically (or not) appended with new data. A Application on the W95 side reads this file. The Problem is, that the textfile has new lines, the Application don't see them !!! To

Hi, I get my Email from my own SMTP server on the internet using "fetchmail". Some time ago I did the smart thing and configured dovecot to use SSL and the letsencrypt certificate that automatically renews. Welllll..... a few days ago my certificate expired and the fetchmail deamon running in the background had nowhere to complain. So I didn't notice. It turns out that dovecot

Samba digest 1966, Jeremy Allison wrote: > For people who are looking for some objective > numbers to help recommend Samba to their employers (I > know there are some of you on this list :-) you might > want to look at the following couple of articles. > > The first one is in Smart Reseller (a USA trade press > magazine) at : > >

Hi, I just noticed that my file server running 2.4.18-pre3 + IDE patches & NTFS patches has this error message in the logs: EXT3-fs error (device md(9,4)): ext3_free_blocks: Freeing blocks not in datazone - block = 33554432, count = 1 This is the only ext3 error I have seen and the uptime is currently over 74 days. The error actually appeared two weeks ago. The timing coincides well with

On Fri, 7 May 1999 jlewis@lewis.org wrote: > # ldd ./ls > /lib/libNoVersion.so.1 => /lib/libNoVersion.so.1 (0x40014000) > libc.so.6 => /lib/libc.so.6 (0x4001c000) > /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000) > > I''ve never heard of libNoVersion. All the /home/ftp/bin stuff in 6.0 uses > it...but it doesn''t exist.