similar to: dos-attack on inetd.

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Denial of service attack in in.telnetd Advisory ID: RHSA-1999:029-01 Issue date: 1999-08-19 Updated on: Keywords: telnet telnetd Cross references: --------------------------------------------------------------------- 1. Topic: A denial of service attack has been fixed in

[Mod: This message is a reason *why* linux-security is moderated list. This is also a reason why Rogier, myself, Alan Cox and others really do not want to have completely open lists that deal with security related aspects of running a system as way too many people just jump to conclusions and give suggestions without doing any reasearch on a subject. -- alex (co-moderator of

I''m in the process of locking down as much of my systems here as possible as to available ports. I am down to only a handful but am not sure how much of a security risk they pose and was wondering if anyone here might be able to comment, or suggest secure versions to run: 21/FTP (WU-ftpd v2.4.2 BETA 14) 22/SSH (1.22) 23/TELNET (Netkit 0.09) 25/SMTP (Sendmail

Marek Michalkiewicz <marekm@I17LINUXB.ISTS.PWR.WROC.PL> wrote: : It seems that most of the RedHat 5.3.12 security patches are in the : standard 5.4.17, except for the patch below. Also, there are more : (different) fixes in 5.4.18 (check h_length against sizeof(sin_addr) : in inet/rcmd.c and inet/rexec.c). : + { : +

Hi, attached a total revamp of the ssh-host-config and ssh-user-config scripts. The underlying idea is that one of our maintainers has contributed a unified configuration script environment for Cygwin, called csih. This is now used by the below ssh config scripts as well. There's also an additional file called sshd-inetd, which is a service configuration file for inetutils. The Makefile

Hi, I have a tftp client which loads quite happily from a tftpd built from netkit-tftp-0.16 but which fails to load from from a tftpd built from tftp-hpa 0.29. In both cases, tftpd was built from pristine sources and run from xinetd under Redhat 7.3. [netkit-tftp-0.16 is the ancestor of tftp-hpa, predating HPA's maintenance of same] [the tftp client also.. .. fails with the prebuilt tftpd

I''m looking for some evidence, backup up with dates and references, that shows that the Linux community responds to security problems more quickly than other OS vendors, and thus might be considered "more secure". A number of fairly high profile corporations are starting to look for such information as they consider Linux as an alternative solution to other UNIXes. Something

I just wanted to post this so that it was out there and Googleable. Hopefully it will save other people a bit of time. If you have a Cisco phone (I was testing with a 7970, though presumably it would affect 7960 and others as well) that is looping trying to fetch the CTL tlv file - it may be because you are using Debians 'tftpd' (should be netkit-tftpd...*cough*hey, Debian

Hi, Not sure when this stopped working, because I'm sure it used to. This is the cygwin build of rsync, with the standard cygwin rsh (which is a fairly old GNU inetutils 1.3.2). ~=> rsync --rsh=rsh -vv bibble: opening connection using rsh bibble rsync --server --sender -vvr . rsh: unknown option -- server Try `rsh --help' for more information. rsync: connection unexpectedly closed

I am interested in opinions regarding the use of xinetd versus the use of tcp wrappers. The two programs have similar functionality, but I find xinetd suits my needs better. The biggest problem is the age of xinetd, and AFAIK it is no longer being kept up. Are there any known security issues with xinetd? Another issue is that xinetd makes use of a non-standard inetd.conf layout, but

[mod: Executive summary: SNI found recent linux-distributions not-vulnerable -- REW] -----BEGIN PGP SIGNED MESSAGE----- ###### ## ## ###### ## ### ## ## ###### ## # ## ## ## ## ### ## ###### . ## ## . ######.

I''ve been poking around my system, and realized that having a tftp server would be handy. (I''m working with cisco routers, which have the capability to up and download configuration images via tftp.) However, I''m not content with the usual tftpd that comes with Linux. The whole "specify each directory you want" scheme is cock-eyed to me. I''d prefer

While nbdkit itself must run with SIGPIPE ignored, many applications expect to inherit SIGPIPE in the default state. What's worse, POSIX states that a non-interactive shell script cannot use 'trap' to undo an inherited SIG_IGN on SIGPIPE. I have seen several bug reports over the years of something that works for a developer but fails under a CI environment, where the root cause was

Hi, I've had extremely bad smbclient put performance when connecting from my Linux box to a Windows 95 box. I only get about 10KBytes/s! All other forms of data transfer work fine, and I get from 600-700KBytes/s. This is on a local 10BT LAN. I've seen a few other reports of this, but no solutions as of yet. smbclient does puts just fine to another Linux/Samba Server. I'm using

On Tue, 14 Jul 1998, cfb wrote: > The main problem seems to be with the way that debian starts bind using > the script /etc/init.d/bind. I thought it would be really neat to just > change the #!/bin/sh at the top of the script to something like : > #!/usr/sbin/chroot /chroot-dns/ /bin/sh > or > #!/usr/sbin/chroot /chroot-dns/ /chroot-dns/bin/sh try changing

ugh :) Today I became infected with the bliss virus, any info on this would be appreciated! How do I scan for files infected and is it possible to remove it? I first noticed the infection when running a program (not as root) messages flashed on the screen about transversing directories and such. The program (gimp) had been working fine since I downloaded the binary for gimp from their main

xend crashes at startup with following stack trace: ... File "/usr/lib64/python/xen/xend/XendPIF.py", line 68, in linux_get_phy_ifaces phy_ifaces.append((name, int(mtu), bridged_mac)) UnboundLocalError: local variable ''bridged_mac'' referenced before assignment The simple patch attached below prevent the crash, and allow xend to start normally. It seems the crash

(I am not on the rsync mailing list, so if you send a response to this message to the list, please be sure to CC me.) I first reported this bug go Red Hat in <URL:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=65350>. If you run rsync with a subshell through ssh.com's ssh and sshd and then kill the client with ctrl-C, the rsync server process running on the remote machine grows

Every few days I find that dovecot auth is using all my CPU. This is from dovecot 2.2.13, I've just upgraded to 2.2.18 strace -r -p 17956 output: Process 17956 attached 0.000000 lseek(19, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) 0.000057 getsockname(19, {sa_family=AF_LOCAL, NULL}, [2]) = 0 0.000043 epoll_ctl(15, EPOLL_CTL_ADD, 19, {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP,

Hello, I have several systems which I recently updated with yum -y update to all the latest packages. These systems use yum-priorities and use the CentOS (priority 1) EPEL (priority 5) and rpmforge (priority 10) repositories. After the updates, dhcpd stopped working with a SIGPIPE error which occurs shortly after it attempts to fork into the background. I worked around that problem by building