openSUSE Security April 2003

security@lists.opensuse.org

151 participants
116 discussions

Mail transfer through firewall
by Ingo Doerrie 20 Apr '03

20 Apr '03

Hello! I want to establish the following systems: A first firewall is set up to protect the DMZ and the internal LAN from the WEB A second firewall including an E-Mail-Filter and Proxies protects the LAN from the DMZ. My domain host can only deliver E-Mails if I request them with POP3. The E-Mail-Filter needs E-Mails send by SMTP. So I want to place a Linux-Box in the DMZ that gets all E-Mail from two providers and delivers them directly to the SMTP-Filtersystem on the 2nd firewall. This is thought to check for Virus, Spam etc and to send the filtered E-Mail to the internal Server. My problem: I do not have any idea on how to configure the Linux box in the DMZ to automatically poll the E-Mail by POP3, approx all 10 Minutes and to send this directly to the Filter-System. It needs to send ALL received E-Mail to the filter. Sadly I don´t have much time to do research on this and that´s why I ask you for help: Does anybody have a sample configuration for me or can tell me the source of a documentation on the web? Thank you for your answers, passed to ingo(a)doerrie-net.de in advance. Have a nice Easter Time! Greetz, Ingo

3 2

Mail-config?
by Ingo Doerrie 20 Apr '03

20 Apr '03

Hello! I want to fetch E-Mails from my POP3-Provider by a Linux-Box in the DMZ and forward ALL fetched E-Mail by SMTP through a Firewall with SMTP-Mailfilter to the final destination. Can anybody deliver a sample configuration or tell me where to find this on the Web? My problem is that I have not much time to do research on this task as it has to be finished shortly after Easter days. Thank you for your answers in advance! -- Freundliche Grüße kind regards Ingo

1 0

PROPFIND in weblogs
by Ken 20 Apr '03

20 Apr '03

hi, I'm new at Linux and web server security. So excuse me if these are stupid questions. First question: Could someone explain what this means, For about 1 hour I get these 2 message over and over in my log(log/apache/access.log): xxx.xxx.xxx.xxx - - [16/Apr/2003:08:49:49 +0200] "PROPFIND /c%24 HTTP/1.1" 404 208 xxx.xxx.xxx.xxx - - [16/Apr/2003:08:51:23 +0200] "OPTIONS / HTTP/1.1" 200 - Second question. When trying the above commands myself. The server gives out allot of information about my system and web modules that are installed. Can I disable it (so that it doesn't give out the info)? greets Ken

2 1

fou4s after KDE 3.1 upgrade
by Bryan Smith 18 Apr '03

18 Apr '03

# fou4s -e --buildtime ftp.gwdg.de: Checking [#################################] 100 % New kdebase3 3.0.4-53 (old 3.1-51) [security, 12787kB] [dl] New kdegraphics3-postscript 3.0.4-54 (old 3.1-62) [security, 197kB] [dl] New kdelibs3 3.0.5-12 (old 3.1-46) [security, 8165kB] [dl] Anyone else running into this? I've upgraded KDE to 3.1 manually, which conflicts with fou4s. Its not a huge problem. I can just ignore it. Just wondering if there's a way to inform my installed version of fou4s that 3.1-x is the _new_ version. I know a lot of SuSE updates / patches do not change version numbers to avoid dep issues. Thanks, -Bryan

2 1

Warning: Bogus ssh package on mirror ?
by Dan Am 16 Apr '03

16 Apr '03

Hi, I ran online_update on 2 SuSe 8.0 Servers. After that I was not able to use Key-Authentication with ssh on one of them. The other one was fine. md5sum on /usr/sbin/sshd was different for the two. I reinstalled the CD package and reran online-update (from ftp.gwdg.de )and it was fine. So: The package could have been bugged, or is there another reason imaginable ? The server in question is most probably ftp.leo.org. y2ftplog does not have dates/times, so I am not 100% sure. Regards Dan

2 1

RE: [suse-security] connection via telnet, XServer, ssh
by Peer Stefan 16 Apr '03

16 Apr '03

Hi > From: Habichtsberg, R. [mailto:reinhard.habichtsberg@unilux.de] > Hi all, > > how do you estimate the security risk of the following situation: > > I log into a linux-server from a windows-client via telnet as > normal user. Why don't you use ssh? There are many nice windows ssh clients out there, putty for example. > From the linux-server I start a x-session > (command: konsole -display windows-client:0,0) > to a x-server (MIXServer 5.6) on the windows-client. > > From this session I open a ssh-session to a second linux-server > where I have to work as root (su -). > > Now, if I would scan the data between the windows PC and the > linux-servers > could I read them not coded, particularly could I read the > root password > in plaintext? Yes. The password is transmitted via X over the network, which isn't encrypted afaik. But that's relatively easy to check - just sniff the network and try finding the passwort (or any other phrase you have entered on the console, e.g. something like echo "Find me in the sniffer log." > > TIA, > Reinhard regards, Stefan

1 0

connection via telnet, XServer, ssh
by Habichtsberg, R. 16 Apr '03

16 Apr '03

Hi all, how do you estimate the security risk of the following situation: I log into a linux-server from a windows-client via telnet as normal user. >From the linux-server I start a x-session (command: konsole -display windows-client:0,0) to a x-server (MIXServer 5.6) on the windows-client. >From this session I open a ssh-session to a second linux-server where I have to work as root (su -). Now, if I would scan the data between the windows PC and the linux-servers could I read them not coded, particularly could I read the root password in plaintext? TIA, Reinhard

1 0

Kmail and spamassassin
by Christof Schmitt 15 Apr '03

15 Apr '03

Hi list, maybe it is the wrong place to ask. If it is so, I am sorry. My problem is: I use kmail (with pop3) and installed spamassassin and procmail to minor spam in my linux-system. The installation was ok, but is there a chance, that kmail and spamassassin works together (only with the pop3, not with sendmail)? At this moment it seems, that kmail fetch the mails directly from the pop3-Server and I found no file at spamassassin to put the pop3-address in. If it would be so, kmail could fetch the mails throug 'localhost' from spamassassin (I thought, but I don't know how?). regards, Chris

5 4

Kmail and spamassassin
by Christof Schmitt 15 Apr '03

15 Apr '03

It seems to work. Thanks to everybody, especially to Frederik Voss, Gideon Hall and Markus Kohli! http://devel-home.kde.org/~kmail/tools.html does really help. I set the filters and all seems to be alright. Thanks to the alternative solutions, too. greetings, Chris

1 0

OPenSSI
by Miguel Rodríguez 15 Apr '03

15 Apr '03

Hi list, does anybody knows if a openssi cluster is possible on SUSE SLES8?? thanks in advance.

1 0

← Newer
1
2
3
4
5
6
7
8
9
...
12
Older →

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

1996

openSUSE Security April 2003