openSUSE Security December 2003

security@lists.opensuse.org

159 participants
143 discussions

Freeswan client for Windows (2000/XP)?
by Michael Ryan 04 Jan '04

04 Jan '04

Hi list, Can anyone recommend a good commercial Freeswan/IPSec client for Windows which copes well with multiple configurations e.g. remote IPSec connections using: Analog dial-up GSM/GPRS card Home broadband behind router/firewall WLAN behind router/firewall Have been using Marcus Mullers' ipsec.exe tool over the past year but end users are increasingly dissatisfied with it TIA Michael

7 6

nmap on SuSE 9.0
by Mathias Homann 01 Jan '04

01 Jan '04

Yet again that topic is adressed here. in a good way, though: i have prepared a rpm package of nmap with the modification suggested in a post on the nmap developer list. feel free to grab it from ftp://ftp.eregion.de/pub/ and try it out. Source RPM is there as well, for the courious. bye, MH --

3 4

A question and some thanks
by Allen K 01 Jan '04

01 Jan '04

Hi all, I wanted to first say thanks. Everyone here seems very nice, and extremly intelligent. I'v been using SuSE for almost a year now and I used to be on this list and a few others before it. And I wanted to say thanks to everyone here because I have learned alot about securing Linux from being here. Question: I know uptime shouldn't be the reason patches are installed, I install all patches on my system but only like 2 have ever needed a reboot, and that was Nvidia drivers and the kernel. So I was wondering what everyone's best uptime they have ever seen was. Currently this box has ...Well, in about 30 minutes it will have 27 days, and it is used daily. 28 days was my best untill a power outage occured. But anyway, whats the best youv had? Or seen at a place of work? -- ____________________________________________________ We Are 138

7 6

RE: [suse-security] NT group defs from Samba?
by J J 31 Dec '03

31 Dec '03

Your surmises are correct, in my experience. Windows PDC is, of course, the most complete solution, although you then have the headaches of maintaining a Win 2k server plus the huge headaches of working out what client access licenses you'll need for it. Samba 3 is still pretty much alpha/beta. Much as I'm keen to move to it myself, our environment here needs fileshares as an absolutely critical service so until our architecture changes I just can't risk it. I expect that you are in the same situation really. There is one more alternative. The smbd daemon seems to respect ext2 privileges so you can use UNIX style groups for your users to implement privileges. The Windows clients don't handle this very gracefully, from memory it makes them think that there's a problem writing to the file (when they in fact don't have privilege). With modern kernels the ext2/ext3 and reiserfs file systems can have full ACLs as I understand it (untested) so you should be able to implement anything that you could implement on WinNT. The NT users will, of course, be slightly confused as to what's going on so you may need to educate them with a brief email or document. Carl Peto >From: timo <timo.raty(a)allgon.com> >To: suse-security(a)suse.com >Subject: [suse-security] NT group defs from Samba? >Date: Mon, 22 Dec 2003 09:21:58 +0200 > > >Newest version of samba for SuSE 8.1 seems to be based on 2.2 series >and there exists no build for 3.0.0 or 3.0.1? > >The problem is that I need to install a windows application that requires >about 10 groups from PDC - and the PDC is Samba 2.2.x on Linux. >Samba 2.2.x series does not seem to support the "domain group map" >so how do I provide these groups from Linux? > >What choices do I have and what is the suggested way of doing this? >I think options include at least: >- changing PDC to windowsNT >- obtaining prebuild 3.0.1 samba for SuSE 8.1 >- building and installing from 3.0.1 sources >- any others/suggestions? > >So how should I do this? Installing the windows software with >only "users" and "administrators" groups breaks its security - and >likely the rest of the system security after that. > >regards, > timo > > >-- >Check the headers for your unsubscription address >For additional commands, e-mail: suse-security-help(a)suse.com >Security-related bug reports go to security(a)suse.de, not here > _________________________________________________________________ Tired of 56k? Get a FREE BT Broadband connection http://www.msn.co.uk/specials/btbroadband

1 0

Tripwire beta packages for SuSE 9.0?
by Avtar Gill 30 Dec '03

30 Dec '03

I know the problems regarding tripwire and SuSE 9.0 have been mentioned quite a few times on this list. The last significant email was from Roman Drahtmueller.. http://lists.suse.com/archive/suse-security/2003-Dec/0342.html If there are going to be any beta updates for tripwire (perhaps at ftp://ftp.suse.com/pub/people/) then could someone from SuSE please let me or the list know. If any help is needed then I would be more than willing to test out any potential updates for this package before it is released. Thanks, Avtar

1 0

Re: [suse-security] Probleme_mit_timsieved_und_PLAIN_Kennwörtern_(SuSE_9.0)
by Thomas Ruch 29 Dec '03

29 Dec '03

Hallo Liste, das Problem ließ sich mit ein wenig Lesen (1 1/2 Tage) lösen. SuSE hat die einzelnen Authentisierungsmechanismen in einzelne RPMs ausgelagert, die sollte man natürlich auch installieren. Okay, jetzt funkt's Thomas "Thomas Ruch" <thomas(a)ruchs.de> wrote: > Hallo Liste, > > Ich setze gerade meinen Mailserver neu auf (SuSE 9.0) und will auch Sieve > (via Squirrelmails avelsieve z.B.) nutzen. Leider kriege ich per Sieve keine > Anmeldung hin (außer sieveshell, die klappt). Im /var/log/messages meckert > timsieved dann auch wie unten zu sehen rum. > > *** > > Dec 28 17:45:05 server master[19158]: about to exec > /usr/lib/cyrus/bin/timsieved Dec 28 17:45:05 server sieve[19158]: executed > Dec 28 17:45:05 server sieve[19158]: accepted connection Dec 28 17:45:05 > server timsieved[19158]: Couldn't find mech PLAIN Dec 28 17:45:05 server > timsieved[19158]: badlogin: localhost[127.0.0.1] PLAIN no mechanism > available Dec 28 17:45:05 server master[19118]: process 19158 exited, status > 0 > > *** > > Ein Telnet auf localhost 2000 bringt: > > *** > > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > "IMPLEMENTATION" "Cyrus timsieved v2.1.15" > "SASL" "LOGIN" > "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress > relational regex" > > *** > > Ergo, PLAIN garnicht dabei (Orginal RPM von SuSE). > Wer weiß Hilfe? > > Danke Thomas > > > > -- > Check the headers for your unsubscription address > For additional commands, e-mail: suse-security-help(a)suse.com > Security-related bug reports go to security(a)suse.de, not here > >

1 0

qpopper and SuSE 9.0
by temmink＠vrisned.com 29 Dec '03

29 Dec '03

Hello, I normally used the program qpopper, to get access to my mailboxes from my SuSE 8.2 server with outlook. But after a reinstall with SuSE 9.0 i'm not able to do so? how can i make this work again? with kind regards, Martin.

2 1

Probleme mit timsieved und PLAIN Kennwörtern (SuSE 9.0)
by Thomas Ruch 28 Dec '03

28 Dec '03

Hallo Liste, Ich setze gerade meinen Mailserver neu auf (SuSE 9.0) und will auch Sieve (via Squirrelmails avelsieve z.B.) nutzen. Leider kriege ich per Sieve keine Anmeldung hin (außer sieveshell, die klappt). Im /var/log/messages meckert timsieved dann auch wie unten zu sehen rum. *** Dec 28 17:45:05 server master[19158]: about to exec /usr/lib/cyrus/bin/timsieved Dec 28 17:45:05 server sieve[19158]: executed Dec 28 17:45:05 server sieve[19158]: accepted connection Dec 28 17:45:05 server timsieved[19158]: Couldn't find mech PLAIN Dec 28 17:45:05 server timsieved[19158]: badlogin: localhost[127.0.0.1] PLAIN no mechanism available Dec 28 17:45:05 server master[19118]: process 19158 exited, status 0 *** Ein Telnet auf localhost 2000 bringt: *** Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. "IMPLEMENTATION" "Cyrus timsieved v2.1.15" "SASL" "LOGIN" "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational regex" *** Ergo, PLAIN garnicht dabei (Orginal RPM von SuSE). Wer weiß Hilfe? Danke Thomas

1 0

strange mail possibly security risc
by Mario Neubert 28 Dec '03

28 Dec '03

hello list, since some days I get strange messages from my mailerdaemon. I replaced the orginal domainnames wiht mydomain.de. My Problem is that the sender of this mail can de-alias some internaly used names like in this sample the user1,user2. The message to postmaster (me): <snip> Received: from [filename /home/admin/domains.txt] (dhcp024-166-098-000.neo.rr.com [24.166.98.0]) by merkur.mydomain.de (mailerdeamon merkur.mydomain.de) with SMTP id 07AD53AC38F for <info(a)mydomain.de>; Sun, 28 Dec 2003 03:56:56 +0100 (CET) Message-ID: <841f01c3ccf1$97e500c1$a9fe135a@x3c2R9A> From: "Guard Your PC From Your Boss" <aGa@[filename /home/admin/domains.txt]> To: info(a)mydomain.de Subject: New Product Ready Date: Sat, 27 Dec 2003 22:21:15 -0500 Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_061_06CD_639706CD.639706CD" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Postmaster Copy: Undelivered Mail <xNlTVG@[filename /home/admin/domains.txt]>: bad host/domain syntax: "[filename /home/admin/domains.txt]" </snip> The message back to the sender(Bounce): <snip> This is the mailerdeamon merkur.mydomain.de program at host merkur.mydomain.de. I'm sorry to have to inform you that the message returned below could not be delivered to one or more destinations. For further assistance, please send mail to <postmaster> If you do so, please include this problem report. You can delete your own text from the message returned below. The mailerdeamon merkur.mydomain.de program <user1(a)mydomain.de>: host public/lmtp[public/lmtp] said: 501 5.5.4 Syntax error in parameters <user2(a)mydomain.de>: host public/lmtp[public/lmtp] said: 501 5.5.4 Syntax error in parameters </snip>

1 0

9.0 and nmap
by Sven 'Darkman' Michels 27 Dec '03

27 Dec '03

Hi there, afaig (as far as i googled ;) others had reported the problem with 9.0 and nmap already, but noone has a solution right now. On 9.0 no nmap i know does work. I tried multiple boxes with 9.0 with no success. A fresh builded nmap doesn't work, too. The same nmap sourcecode on other distro's and SuSE's works. Ok, nmap doesn't work isn't correctly, it 'works': Doing a nmap localhost as $user isn't a problem, scan completed in < 1 sec. su - and nmap again -> fails: Note: Host seems down. If it is really up, but blocking our ping probes, try -P0 Nmap run completed -- 1 IP address (0 hosts up) scanned in 36.408 seconds ok, all will now say: 'do what nmap said..' but that isn't a solution. nmap will run then, but doesn't give any output (it's running a few minutes now). A firewall isn't installed and manual ping localhost as root works. So anyone can say something about it? A solution would be nice cause many ppl on this list may use nmap ;) Regards, Sven

5 5

Jump to page:

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

1996

openSUSE Security December 2003