Firstly I apologise if this is the wrong list to ask this question,
I have some linux knowledge but have run out of my depth on this, hopefully
there is a simple answer that someone will share with me.
We have just "upgraded" our main school domain controllers to windows 2003
sp1 (from NT4), I have then upgraded the suse 9.1 boxes to Samba 3.0.14a
and Kerberos 0.6, this following the guidance in the samba how-to enables
me to use the machines as member servers, allowing single sign on for mail
etc.
However, our intranet, which is based around apache 1.3 and Mod_auth runs
on a suse 8.2 box, although samba 3.0.14a has been rpmed for this Kerberos
0.6 has not, 0.6 is the minimum version for joining a windows 2003 domain.
The question is, what can I do now, even if I download the source and
compile it, is it likely to work? Ideally I could do with a RPM but 0.4 is
the latest available for suse 8.2 that I could find.
Could anyone help me out.
--
Rob Keeling
Network Manager
Queen Elizabeth's Grammar School
Ashbourne
Does anyone remove netcat from their environment?
Our security team likes to have netcat removed from
SLES 9, however, the yast2 rpm depends on netcat. I am
interested to know what functionalities I may lose in
administrating the systems. I understand I will not be
able to use yast, but I think I can manually update
the config files, and do most of everything in command
line, right?
Thank you.
RBW
____________________________________________________
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
hi everyone:
I need help on the remote backup between hp10.20
and suse9.2.
I using dump, this is what I did:
/sbin/dump 0u -f jj3:/dev/rmt/1mn /
and I got error messages says:
DUMP:Poll: protocol failure in circuit
setup
DUMP:login to tdf03 as root fail.
The jj3 is the hp-ux and accecpting the rlogin and
ssh, the linux is only accept ssh. I was able to
rlogin to jj3 through rlogin without password.
Can someone give me some hint on above issue?
thanks in advance.
Wayne Yu
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
I have no intention to make the discussion as a
"security" bashing (i.e our security team), but if
anyone considered removing netcat as unreasonable, it
was also decided to remove timezone, they also asked
to remove util-linux :-), which obviously cannot be
removed. It was at that point that I decided no point
to reason with them. (This is true, I cannot believe
anyone suggest this)
Anyway, I was trying to find out whether anyone did
remove netcat and so far, for those responded, no one
seems to have removed netcat.
Thank you for letting me know that I am not the
minority.
--- François Pinard <pinard(a)iro.umontreal.ca> wrote:
> [Bill Wilson]
>
> > The reason they decided to remove netcat is that
> they "found" out
> > netcat is hacker's tool via a google search :-).
>
> Hackers also use `ls' and `cp', you know :-)
> Rootkits often replace
> `ls', among other tools. So, you might suggest `ls'
> be removed as well!
> What I really mean here is that some common sense is
> needed. `netcat' is
> a useful tool for you, just like a flurry of others.
>
> --
> François Pinard http://pinard.progiciels-bpi.ca
>
____________________________________________________
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
hello all
I updated apache2 through YOU.
I noticed that nearly no file has been changed except httpd2-prefork
I have chrooted apache2 so every time that a apache2-patch comes to
surface i check the apache2*.rpm for recent chagnes (in bytes,
timestamp) and then copy it to the chrooted area.
I noticed that /usr/sbin/httpd2-prefork has new timestamp (22/jul) but
the same size (in bytes) with the older one.
Can anyone explain to me what does this mean?
How the patch has fit in that binary and the size remains the same?
Thanks in advance
John
John,
I don't know what's changed in this patch, as I haven't read the release
notes for it, but you could run bdiff, sum or cksum to see if there are
differences between the to binary files.
-Alain.
-----Original Message-----
From: John [mailto:isofroni@cc.uoi.gr]
Sent: Wednesday, July 27, 2005 11:44 AM
To: suse-security(a)suse.com
Subject: [suse-security] apache2 patch
hello all
I updated apache2 through YOU.
I noticed that nearly no file has been changed except httpd2-prefork
I have chrooted apache2 so every time that a apache2-patch comes to
surface i check the apache2*.rpm for recent chagnes (in bytes,
timestamp) and then copy it to the chrooted area.
I noticed that /usr/sbin/httpd2-prefork has new timestamp (22/jul) but
the same size (in bytes) with the older one.
Can anyone explain to me what does this mean?
How the patch has fit in that binary and the size remains the same?
Thanks in advance
John
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help(a)suse.com
Security-related bug reports go to security(a)suse.de, not here
Hi again,
If you take a close look, it might me a security Problem:
SQUID protects my WIN-Clients and filters out unwanted content.
..and I'm sorry to say but this list often has questions (discussions) witch have nothing to do with security --> unsubscription
Of course I searched the net before I asked this list and of course I found answers. But none of this answers was helpful.
So please , if somebody knows where, give me a link where I can find some useful answers.
thanks a lot
Robert
________________________________
Von: Dieter Bloms [mailto:dieter@bloms.de]
Gesendet: Mi 27.07.2005 13:05
An: suse-security(a)suse.com
Betreff: Re: [suse-security] HTTP/1.1 --> Squid --> HTTP/1.0
Hi,
On Wed, Jul 27, Rasp, Robert wrote:
> i'm trying to configure squid for HTTP/1.1.
> In the moment every Request from HTTP/1.1 is convertetd to HTTP/1.0
> Does anyboy know how to do this ?
is this a security problem ?
If not, this is the wrong mailing list
Please have a look at the mailing list archive of squid.
You will find your question several times (with answers).
--
Gruß
Dieter
--
I do not get viruses because I do not use MS software.
If you use Outlook then please do not put my email address in your
address-book so that WHEN you get a virus it won't use my address in the
>From field.
Hello,
i'm trying to configure squid for HTTP/1.1.
In the moment every Request from HTTP/1.1 is convertetd to HTTP/1.0
Does anyboy know how to do this ?
Thanks
Robert