comp.os.linux.security
  Home FAQ Contact Sign in
comp.os.linux.security only
 
Advanced search
July 2008
motuwethfrsasuw
 123456 27
78910111213 28
14151617181920 29
21222324252627 30
28293031    31
2008
 Jan   Feb   Mar   Apr 
 May   Jun   Jul   Aug 
 Sep   Oct   Nov   Dec 
2008 2007 2006  
total
comp.os.linux.security Profile…
RELATED GROUPS

POPULAR GROUPS

more...
 Up
  FireHOL firewall, "allow all, deny x, deny y, deny z"         


Author: Flo Sidler
Date: Jul 17, 2008 08:33

Hello there.

Eventhough nobody would ever want to attack a useless no-thing-doing
dedicated machine like mine, i want to add a little bit o fsecurity to
it by using a simple firewall.
I have, in the past, used "FireHOL" for these tasks.

Now, here's my problem:

I want my machine to generally allow all client ports but deny some,
and generally deny all server ports but allow some.

Now, denying all server ports but allowing specific ports is easy; By
simply writing a line for every server port i wish to allow, the rest
remains blocked.

However, how do i set it up to allow all client ports, but deny some
specific ones?

I tried to do it like this:
Show full article (1.22Kb)
2 Comments
  kill -9 -1         


Author: aarklon
Date: Jul 16, 2008 08:27

Hi all,

I was going through the book "Hacking Ubuntu" by Neil Krawetz, in this
book it is said that never do kill -9 -1 as root.

in my office i tried this command as root on an RHEL4 machine

but there was'nt any system crash as i expected only the x-server got
crashed, and the commands like ps, ls were n't giving any o/p.

when i rebooted the machine everything was back to normal

my question why init process wasn't killed ?
1 Comment
  intrusion?         


Author: gtu2003
Date: Jul 16, 2008 03:52

In my /var/log/messages I have a lot (6000+) of:

Jul 16 12:51:20 sole sshd[6669]: Invalid user clamav from 72.3.243.92
Jul 16 12:51:21 sole sshd[6671]: Invalid user appserver from 72.3.243.92
Jul 16 12:51:23 sole sshd[6673]: Invalid user mailman from 72.3.243.92
Jul 16 12:51:25 sole sshd[6675]: Invalid user cyrusimap from 72.3.243.92
Jul 16 12:51:27 sole sshd[6677]: Invalid user qtss from 72.3.243.92
Jul 16 12:51:28 sole sshd[6679]: Invalid user eppc from 72.3.243.92
Jul 16 12:51:30 sole sshd[6681]: Invalid user telnetd from 72.3.243.92
Jul 16 12:51:32 sole sshd[6683]: Invalid user identd from 72.3.243.92
Jul 16 12:51:33 sole sshd[6685]: Invalid user gnats from 72.3.243.92
Jul 16 12:51:35 sole sshd[6687]: Invalid user jeff from 72.3.243.92
Jul 16 12:51:37 sole sshd[6689]: Invalid user irc from 72.3.243.92

what is it? I need to write to something like abuse@72.3.243.92 ?
13 Comments
  per user pam configuration         


Author: Reji
Date: Jul 15, 2008 10:19

Do we have anything similar to pam_user.conf (as in HP-UX) in linux so
that if I want to do a per user pam configuration, I can do the same.

Also if its not there is there any way I can achieve a similar
behaviour?.

Thanks
Reji
no comments