similar to: /bin/login problem

We just had a security application vendor come in. We asked about Linux support and he said that putting a security application on top of an insecure OS was useless. When I asked what he meant by insecure he replied that Linux does not have a true Auditing capability - as opposed to HP-UX & Solaris which they do support. Can anyone explain to me what he was talking about? Thanks, Marty

At 01:59 PM 6/29/98 +0000, Kokoro Security Administrator wrote: >Hello everyone - > >I am looking for the name of a piece of hardware, and don''t know what it >is called. I am told that there exists such a thing (a switch? a router? >a special hub?) that will only send me traffic that is destined for me. simple definitions: --router: looks at a layer 3 address (such as

Hi, I'm looking for a solution to access pop mails (sendmail in linux) securely. Most of the access would be from window clients (outlook express etc). Is there a way to encrypt the password (like ssh2) when authenticating with sendmail? Any info is greatly appereceiated. Thx. Regards, Wong.

Hi Are there any known security holes or necessary precautions in using port forwarding with ipportfw? I'm planning on forwarding ports from an outer firewall/router (connected to the Internet) to a host in the DMZ, then on from the DMZ host to the inner firewall, and finally from the inner firewall to some host on the inside. Thanks, Jens jph@strengur.is From mail@mail.redhat.com Wed

Hi, I was wondering how a linux box configured as a firewall stacked up against some of the commercial products like checkpoint-1 and gauntlet. Can someone direct me to a good book or online doc that compares linux to some other firewall methods? Mind you, I''m not talking about a firewall in the classical sense, ie ip forwarding turned off and used as a proxy, but the typical Linux box

On Fri, 26 Mar 1999, Thomas Biege wrote: > Date: Fri, 26 Mar 1999 09:34:10 +0100 (MET) > From: Thomas Biege <thomas@suse.de> > To: Jan-Philip Velders <jpv@jvelders.tn.tudelft.nl> > Cc: linux-security@redhat.com > Subject: Re: [Security - intern] [linux-security] *ALERT*: ADM Worm. Worm for Linux x86 found in wild. > The worm just exploits old security holes, so

Hi, I''m running into something weird here. I''m using RH5.1 with tcp_wrappers 7.6. The syntax for hosts.allow and hosts.deny is: <service list> : <access list> [ : <shell_command> ] Everything works when I _don''t_ use the shell_command. I used the _exact_ line as in the man-pages utilising "safe_finger" (comes with tcp_wrappers), tcpdchk

Woops... this didn't show up here but it did on BugTraq. Questions answered! -- Chuck Mead, CTO, MoonGroup Consulting, Inc. <http://moongroup.com> Mail problems? Send "s-u-b-s-c-r-i-b-e mailhelp" (no quotes and no hyphens) in the body of a message to mailhelp-request@moongroup.com. Public key available at: wwwkeys.us.pgp.net ----------

After the recent attacks on the major servers on the web my ISP has decided to stop all ICMP messages from his ISP. I have red the RFCs and it seems that he cant do that... As a result pings and traceroutes will not work. I need a friendly person out there to tell me a way to break the news to him that he has to allow ICMP packets through his network... any suggestions would be helpfull [mod:

Hi, I get my Email from my own SMTP server on the internet using "fetchmail". Some time ago I did the smart thing and configured dovecot to use SSL and the letsencrypt certificate that automatically renews. Welllll..... a few days ago my certificate expired and the fetchmail deamon running in the background had nowhere to complain. So I didn't notice. It turns out that dovecot

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: New majordomo packages available Advisory ID: RHSA-2000:005-05 Issue date: 2000-01-20 Updated on: 2000-05-31 Product: Red Hat Powertools Keywords: majordomo Cross references: N/A

Hi all, perhaps this is something of interest to all of us RedHat users ? Later Crispin added: | In response to many comments pointing out a glaring omission (grovel | grovel) the SOURCE CODE for StackGuard is now on line, both as a complete | tar ball and as a source patch to gcc 2.7.2.3, available here: | | http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/compiler.html Greetings,

On Fri, 7 May 1999 jlewis@lewis.org wrote: > # ldd ./ls > /lib/libNoVersion.so.1 => /lib/libNoVersion.so.1 (0x40014000) > libc.so.6 => /lib/libc.so.6 (0x4001c000) > /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000) > > I''ve never heard of libNoVersion. All the /home/ftp/bin stuff in 6.0 uses > it...but it doesn''t exist.

https://bugzilla.samba.org/show_bug.cgi?id=5727 Summary: rsync crashes while copying large directory. Product: rsync Version: 2.6.9 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P3 Component: core AssignedTo: wayned@samba.org ReportedBy: r.e.wolff@bitwizard.nl

https://bugzilla.samba.org/show_bug.cgi?id=10532 Summary: Rsync fails with older version. Product: rsync Version: 3.1.1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P5 Component: core AssignedTo: wayned at samba.org ReportedBy: r.e.wolff at bitwizard.nl

Hi, well, swift response! Qualcomm has a patched qpopper (2.5) Greetings, Jan-Philip Velders <jpv@jvelders.tn.tudelft.nl> ---------- Forwarded message ---------- Date: Mon, 29 Jun 1998 21:43:18 -0700 From: Praveen Yaramada <pyaramad@QUALCOMM.COM> To: BUGTRAQ@NETSPACE.ORG Subject: Patched Qpopper2.5 release Notification. Hello Folks, As you are already aware that qpopper

I think this is an issue of serious interest to many of the subscribers of these lists; it would effectively ban a lot of security-related tools that many of use now find indispensable, e.g. ssh, pgp. ------- Start of forwarded message ------- Date: 21 Mar 1997 10:11:57 GMT From: rja14@cl.cam.ac.uk (Ross Anderson) Approved: R.E.Wolff@BitWizard.nl Subject: DTI proposals on key escrow The British

Oops. Missed one line in the last patch.... Roger. -- ** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2600998 ** *-- BitWizard writes Linux device drivers for any device you may have! --* * The Worlds Ecosystem is a stable system. Stable systems may experience * * excursions from the stable situation. We are currently in such an * * excursion: The stable situation does

Someone I was speaking with this evening claimed they have installed the latest named rpms yet they are still getting exploited daily and being hacked. Do the latest rpm''s for the named 4.9.x stuff fix all the root exploits or is this person just an idiot who probably has holes elsewhere in the system?

Hi, I just noticed that my file server running 2.4.18-pre3 + IDE patches & NTFS patches has this error message in the logs: EXT3-fs error (device md(9,4)): ext3_free_blocks: Freeing blocks not in datazone - block = 33554432, count = 1 This is the only ext3 error I have seen and the uptime is currently over 74 days. The error actually appeared two weeks ago. The timing coincides well with