openSUSE Security February 2006

security@lists.opensuse.org

32 participants
22 discussions

Statefull packet inspection in SuSEfirewall2
by pronco＠conae.gov.ar 25 Jul '06

25 Jul '06

Hi, Is it there any way to configure stateful packet inspection rules in SuSEfirewall2 for masquerade networks? When I configure a rule in FW_MASQ_NETS in order to allow traffic from the outside to the DMZ, I also have to configure a rule for responses. Example: Incoming traffic to my web server in a DMZ with private addresses FW_FORWARD_MASQ="0/0,192.168.1.5,tcp,80 I also need to set up the following rules in order to let responses out FW_MASQ_NETS="192.168.1.5/32,0/0,tcp,1024:65535" This rule permits not only established sessions, but additionally it allows my web server to establish connections to the outside world. Dont know why the FW_FORWARD rules are stateful as I want, but FW_MASQ_NETS ones dont. Any suggestion? Is it possible to math the SYN, ACK and FIN TCP bits with SuSEfirewall2? Thanks in advance. Pablo Ronco

4 5

APT & RPM signatures
by Administrator 01 Mar '06

01 Mar '06

I'm having a problem with apt on suse 10.0. I've install all of the available rpmkeys, but I'm still getting rpms rejected with unrecognised signatures. I've found the sigs in the pgp key servers, and downloaded them, but rpm import doesn't seem to be adding them to the rpm sigs database. rpm -qa rpmkeys-* isn't showing keys with these ids in the list. HELP. What am I doing wrong? Attached are the errors reported, and the two public keys I found and have tried to add to the rpm keys database. Thanks in advance for any help ... David

2 1

changing group on /var/log/messages
by David Bear 01 Mar '06

01 Mar '06

suse makes the group owner of /var/log/messages root. I was wondering what might break if I changed the group owner to be wheel. I would like members of wheel to be able to read /var/log/messages without having to sudo . -- David Bear phone: 480-965-8257 fax: 480-965-9189 College of Public Programs/ASU Wilson Hall 232 Tempe, AZ 85287-0803 "Beware the IP portfolio, everyone will be suspect of trespassing"

4 4

kernel don't accept ide0=0x1f0,0x3f6
by Tolmino 28 Feb '06

28 Feb '06

hi, i have multiple controllers on my computer: i use two ide channels on motherboard and a pci sil 0680 with another two. kernel wonna see first sil's ide channels, but i would have first ide on MB. what is changed? how can i do this? thanks.... Tolmino

1 0

wrong MD5 sum in advisory SUSE-SA:2006:009
by Malte Gell 28 Feb '06

28 Feb '06

http://www.novell.com/linux/security/advisories/2006_09_gpg.html The given MD5 5098f06cba2e38aa0b5181fb3f9cd7f3 for the SUSE 10.0 GnuPG 1.4.2-5.2 source RPM ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/gpg-1.4.2-5.2.src.rpm is wrong, on my machine I get fe3233bc0b60f6fa67ac6f062af2c793. But the rpm seems to be signed correctly with the package key 0x9c800aca Malte

3 4

RE: [suse-security] root password as normal user
by GarUlbricht7＠netscape.net 27 Feb '06

27 Feb '06

Sean wrote on Thu, 23 Feb 2006 6:44:47 PM EST: > Hi, > > I'm a newbie with linux. Using SUSE 9.3 Pro > > My root user ID and password work fine. > > When I log in as a normal user, > SUSE Watcher alerts me that new updates are available. > I click on the check for updates. > Because of permissions, I get prompted for the root password. > I put in the root password but it says it's invalid. > This did work at one time. > Hi Sean, I ran into a similar problem. It has to do with how the path is set. So what I do is just close the "SUSE Watcher" window and then I either start up "fou4s" Or "YOU" as root, where "YOU" is "yast on-line update". With fou4s, I use a root shell which I start via a "console" by doing "sux -" and then entering the root password. (by doing "sux -" the path is correct...) and with "YOU" I have an icon on my desktop, and when I click on it it it asks me for the root password. (Of couse I could start yast from a root console, similar to how I start "fou4s" or by doing doing the run command {"alt + F2" )) Going back to "yast" I then click on ("Software") ==> "On Line Update" ==> etc. I could set-up either fou4s <http://fou4s.gaugusch.at/> or YOU to run auto-magically, but I prefer to do my patches manually, so that way I know what I need to re-start, etc. For a discussion on what needs re-starting, see the thread starting: [suse-security] Patch Noifications http://lists.suse.com/archive/suse-security/2006-Jan/0025.html Hope this helps, Gar -- __________________________________________________________________ Switch to Netscape Internet Service. As low as $9.95 a month -- Sign up today at http://isp.netscape.com/register Netscape. Just the Net You Need. New! Netscape Toolbar for Internet Explorer Search from anywhere on the Web and block those annoying pop-ups. Download now at http://channels.netscape.com/ns/search/install.jsp

1 0

Re: [suse-security-announce] SUSE Security Summary Report SUSE-SR:2006:004
by Frank Steiner 27 Feb '06

27 Feb '06

Hi, Marcus Meissner wrote > - resmgr security problems > The resmgr package was updated to fix following problems: > > - resmgrd granted access to all usb devices if access to one one usb > device was granted via "usb:<bus>,<dev>" notation. > > - Class specific exclude rules did not match devices that set their > class ID at interface level. > I'm missing an update for 9.1. Which SuSE versions are affected? cu, Frank -- Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/ Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/ LMU, Amalienstr. 17 Phone: +49 89 2180-4049 80333 Muenchen, Germany Fax: +49 89 2180-99-4049 * Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *

2 1

root password as normal user
by Sean 23 Feb '06

23 Feb '06

Hi, I'm a newbie with linux. Using SUSE 9.3 Pro My root user ID and password work fine. When I log in as a normal user, SUSE Watcher alerts me that new updates are available. I click on the check for updates. Because of permissions, I get prompted for the root password. I put in the root password but it says it's invalid. This did work at one time. I know it is good because I can switch users and log in as root with the same password. At one time I renamed my "normal" user ID. The updates still worked though. I have just deleted my normal user and created a new user. This did not help. Other than what I've done thus far, I have no idea where to go next. Sean Everything's easy once you know how

1 0

SUSE Security present at FOSDEM
by Marcus Meissner 23 Feb '06

23 Feb '06

Hi folks, SUSE Security will be present at FOSDEM, we have: - A presentation on AppArmor by Crispin Cowan (AppArmor Architect) in the security track on Sunday 2pm. - A presentation on the SUSE Security day-to-day business by Marcus Meissner (yours truly) in the openSUSE developer room (also Sunday 2pm currently, perhaps rescheduled). Of course we (all of the Novell/SUSE folks) are present on both Saturday and Sunday, and especially invite you to drop by the openSUSE developer room and demo point. Ciao, Marcus

1 0

Re: [suse-security] Intrusion spyware malware key stroke detection
by Randall R Schulz 22 Feb '06

22 Feb '06

Kendy, On Wednesday 22 February 2006 08:05, Kendy Kutzner wrote: > On 2006-02-22T07:44:23-0800, Randall R Schulz wrote: > > There is no output from "ps" that's available to root only. > > There is. Normal users can't read the environment from others. ps > option 'e' shows the environment. Yes. I overlooked that. When you think about it, it's odd that arguments are disclosed without respect to user IDs but environment variable are not. It's rather arbitrary and I can't think of a reason why arguments are considered less sensitive than environment variables are. > Kendy Randall Schulz

1 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

1996

openSUSE Security February 2006