There seems to be no clamav-db-0.87-0.1.i586.rpm for SuSE 9.1
Is there a reason for this?
BAR Informatik AG
T: 0041 27 9224848
F: 0041 27 9224849
sorry that this is not really for this list, but anyway.
Where can i find the smbfs module for SLES 9?
I need it to mount a vfat drive on a windows machine with smbmount.
Thanks for the coop,
imagine a ftpserver and a webserver running in two xen virtual machines
on one box; now say the ftpserver is hacked, the attacker gains root
How much does xen protect the other vm (webserver) against the attacker?
Is it as if the webserver was running on a different physical box?
In /usr/share/doc/packages/xen the main focus seems to be flexibility
rather than security.
Anyone with experience?
I'm experiencing troubles with the configuration of using pam_mysql for
vsftpd. I've created a database called 'ftp' containing a 'user' table
consisting of two columns: 'username' and 'password'. The latter contains
encrypted passwords using the mysql password() function. The user table
contains a single record with username 'test' and password 'test' (though
encoded). Doing the following:
# ftp 127.0.0.1 <http://127.0.0.1>
Connected to localhost.
220 (vsFTPd 1.2.0)
Name: test 331
Please specify the password.
530 Login incorrect.
ftp: Login failed.
As you can see it fails. However... the mysql select statement worked fine.
The problem is as follows (considering /var/log/messages):
Sep 18 14:40:22 Srv vsftpd: pam_mysql - SELECT password FROM user WHERE
username = 'test'
Sep 18 14:40:22 Srv vsftpd: pam_mysql - pam_mysql_sql_log() called.
Sep 18 14:40:22 Srv vsftpd: pam_mysql - pam_mysql_sql_log() returning 0.
Sep 18 14:40:22 Srv vsftpd: pam_mysql - pam_mysql_check_passwd() returning
Sep 18 14:40:22 Srv vsftpd: pam_mysql - pam_sm_authenticate() returning 0.
Sep 18 14:40:22 Srv PAM-warn: function=[pam_sm_acct_mgmt]
service=[vsftpd] terminal= user=[test] ruser=
Sep 18 14:40:22 Srv vsftpd: pam_mysql - pam_mysql_release_ctx()
Sep 18 14:40:22 Srv vsftpd: pam_mysql - pam_mysql_destroy_ctx()
Sep 18 14:40:22 Srv vsftpd: pam_mysql - pam_mysql_close_db() called.
The PAM-warn statement is what bugs me. When I add a new user using 'useradd
test' (without password) I can make use of the ftp login providing my
test/test account from the db. I cannot login passing an other password. I
would like to decouple the pam_mysql stuff completely from the linux account
management. PAM should just stop at the succesful mysql authentication. I
want to be able to insert ftp users in my database, not adding actual linux
accounts. My /etc/pam.d/vsftpd contains the following:
#%PAM-1.0 auth required pam_mysql.so \
verbose=1 user=xxx passwd=xxx db=ftp table=user \
usercolumn=username passwdcolumn=password \
Hope anyone has any ideas.
SuSE Prof. 9.1
After updating to the latest kernel rpm on our webserver, we experience
consistant delay in access times to all web pages of about .2 seconds.
Running tcpdump on page access shows a pause just before server
pushes first full data packet after acknowlaging get request from client.
After many days of hair pulling, flapping about of managers and
pestering of network people, I traced this down to the SuSEfirewall,
specifically a mangle rule in the postrouting table:
-A OUTPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --sport 80 -j TOS --set-tos 0x08
After extracting this rule with iptables-save/restore, the delay is gone.
iptables-save -c >/tmp/fw_rules.before
cp /tmp/fw_rules.before /tmp/fw_rules.after
iptables-restore < /tmp/fw_rules.after
Boring example section:
isis:/tmp # time wget http://web4.ucop.edu/welcome.html 2>/dev/null
17:37:49.368030 IP isis.ucop.edu.56928 > web4.ucop.edu.http: S 976613069:976613069(0) win 5840 <mss 1460,sackOK,timestamp 1061325334 0,nop,wscale 0>
17:37:49.369175 IP web4.ucop.edu.http > isis.ucop.edu.56928: S 3542901817:3542901817(0) ack 976613070 win 5792 <mss 1460,sackOK,timestamp 1058046393 1061325334,nop,wscale 0>
17:37:49.369256 IP isis.ucop.edu.56928 > web4.ucop.edu.http: . ack 1 win 5840 <nop,nop,timestamp 1061325335 1058046393>
17:37:49.369971 IP isis.ucop.edu.56928 > web4.ucop.edu.http: P 1:119(118) ack 1 win 5840 <nop,nop,timestamp 1061325336 1058046393>
17:37:49.370298 IP web4.ucop.edu.http > isis.ucop.edu.56928: . ack 119 win 5792 <nop,nop,timestamp 1058046394 1061325336>
17:37:49.572037 IP web4.ucop.edu.http > isis.ucop.edu.56928: P 1:1449(1448) ack 119 win 5792 <nop,nop,timestamp 1058046595 1061325336>
17:37:49.572056 IP isis.ucop.edu.56928 > web4.ucop.edu.http: . ack 1449 win 8688 <nop,nop,timestamp 1061325538 1058046595>
17:37:49.572713 IP web4.ucop.edu.http > isis.ucop.edu.56928: P 1449:2897(1448) ack 119 win 5792 <nop,nop,timestamp 1058046596 1061325538>
isis:/tmp # time wget http://web4.ucop.edu/welcome.html 2>/dev/null
17:41:07.739979 IP isis.ucop.edu.56929 > web4.ucop.edu.http: S 1175547782:1175547782(0) win 5840 <mss 1460,sackOK,timestamp 1061523741 0,nop,wscale 0>
17:41:07.740787 IP web4.ucop.edu.http > isis.ucop.edu.56929: S 3744031582:3744031582(0) ack 1175547783 win 5792 <mss 1460,sackOK,timestamp 1058244790 1061523741,nop,wscale 0>
17:41:07.740814 IP isis.ucop.edu.56929 > web4.ucop.edu.http: . ack 1 win 5840 <nop,nop,timestamp 1061523742 1058244790>
17:41:07.741554 IP isis.ucop.edu.56929 > web4.ucop.edu.http: P 1:119(118) ack 1 win 5840 <nop,nop,timestamp 1061523742 1058244790>
17:41:07.741981 IP web4.ucop.edu.http > isis.ucop.edu.56929: . ack 119 win 5792 <nop,nop,timestamp 1058244792 1061523742>
17:41:07.742705 IP web4.ucop.edu.http > isis.ucop.edu.56929: . 1:1449(1448) ack 119 win 5792 <nop,nop,timestamp 1058244792 1061523742>
17:41:07.742729 IP isis.ucop.edu.56929 > web4.ucop.edu.http: . ack 1449 win 8688 <nop,nop,timestamp 1061523743 1058244792>
17:41:07.742823 IP web4.ucop.edu.http > isis.ucop.edu.56929: . 1449:2897(1448) ack 119 win 5792 <nop,nop,timestamp 1058244792 1061523742>
Did you try poking at it with a stick?
I want to make portmap bind to a single ip address. This is not only for security reasons - I have found that if I block the portmapper on the external interface NFS and NIS can hang because the portmapper binds to both addresses and makes connection using the first IP, which happens to be the one that is blocked by the firewall, so it never receives any responses from the NFS server.
I googled this:
Which suggests a solution, but I'm afraid that if I implement it some later SuSE update might overwrite my mods. How can I install a custom portmapper, so that it satisfies dependant packages and does not get replaced by SuSE updates?
Or am I missing something basic above?
I'm not sure I should have posted this question here, but since I'm subscribing
to this group I dare giving it a shot:
The problem is that SuSE 9.2 can't find my Aironet when I try adding it through
YAST, so I try to add it manually using all the tricks I know - through YAST.
Yast finds eth0 and eth1.
I still get this error when I run "/etc/init.d/network start":
"eth2 No configuration found for eth2 unused"
I've been "grep-ing" my entire disk looking for files that might reference "eth0"
and "eth1" thinking that I could edit a file and everything would be OK.
Needless to say: I didn't find any info on it!
As far I can tell, the "network" rc-file checks "/sys/class/net" looking for devices.
If I "rmmod airo" then there is no "eth2"-directory in /sys/class/net" and
"/etc/init.d/network start" doesn't bother checking for eth2.
Can anyone help me out here? I need to make the network-rc-file to somehow
understand that "eth2" should be connected to /etc/sysconfig/network/ifcfg-eth-id....
etc, thus I get rid of the "No configuration found for eth2"-message.
Odd Arne Beck
I have a SuSE 9.3 machine using SuSEfirewall2 (as configured via YAST) to open a few ports for services such as sshd and cups. However I want to restrict which hosts and/or networks can connect. For this purpose I have used hosts.allow/deny for ssh and /etc/cups/cupsd.conf for cups. But is possible to add an ACL via SuSEfirewall2?
Does anyone know what the story is behind these in my inbox?
From: PayPal [mailto:firstname.lastname@example.org]
Sent: Friday, September 09, 2005 2:57 PM
Subject: [suse-security] SPAM: This email confirms that you paid
MICROBAZAR (sales(a)microbazaar.com) $175.85 USD using PayPal
wedding dress from mating ritual, over rattlesnake, and over turkey are
what made America great!Any gypsy can take a peek at spider over, but it
takes a real ribbon to inside lover.toward hockey player sell to dust
bunny living with tomato.