I found LUKS recently through SUSE Linux 10.3,
and the other night a read an article in c't 2006/11.
I can't seriously appreciate the technical internals,
as I'm not too compentent there.
Anyway: Kudos to Clemens Fruhwirth!
But I am not really sure, whether I can trust, what I read in that article regarding the master key,
spefically that the master key can be read from the LUKS volume by the sys admin without any difficulties.
Does that really mean, that as soon as somebody gains control over my computer with a mounted LUKS encrypted (external) disc
and he also manages to gain root priviliges,
that he can retrieve the necessary information,
to mount that disc himself with LUKS-means again?!?
I mean without me passing the keys to him.
If that is seriously so,
I think I will have to find myself another disc encryption toolset,
as I cannot tolerate, that intruders can deal with my personal data without my explicit permission and support.
Whether those intruders have governmental permissions, I don't f...ing care.
I appreciate your serious comments.
J.
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security+help(a)opensuse.org
I was told to ask this question on this list by some Novell employees.
Can anyone say what level or form of encryption is used on the encrypted
filesystems (ext3) under opensuse 10.2?
--
kai ponte
www.perfectreign.com
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security+help(a)opensuse.org
Hi there,
after having some problems to reach some web sites I found some messages
in /var/log/firewall which all look like this:
Sep 1 15:54:38 linux kernel: SFW2-OUT-ERROR IN= OUT=dsl0
SRC=84.172.xxx.xx DST=205.188.234.120 LEN=52 TOS=0x00 PREC=0x00 TTL=64
ID=16961 DF PROTO=TCP SPT=29084 DPT=80 WINDOW=1954 RES=0x00 ACK FIN
URGP=0 OPT (0101080A001FDE00356C0128)
205.188.234.120 wich could not be reached is a Shoutcast machine. I
wonder why SuSEfirewall2 has blocked this.
I use a standard configuration, a DSL modem connected to eth0, OS is
SuSE Linux 10.0.
/etc/sysconfig/SuSEfirewall2 is left untouched, mainly only improtant
things are set like
FW_DEV_EXT="any dsl0 eth-id-00:30:84:75:fa:56 ippp0 ppp0"
Do you have any idea where this comes from?
TIA
Malte
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security+help(a)opensuse.org
Stefan Seifert wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Terje J. Hanssen wrote:
>
>> Next I
>> tried to enable the more secure vsftpd instead, but did't get any FTP
>> document, even not with the FireWall deactivated. Maybe also something
>> also has to be configured in vsftpd.conf?
>>
>
> You need to set local_enable and write_enable to YES in vsftpd.conf.
>
I tried this, disabled the firewall, but didn't get vsftpd to receive
ftp documents from my scanner.
--Terje
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security+help(a)opensuse.org
pure-ftpd vs vsftpd:
I wish to setup FTP on a OpenSUSE 10.2 workstation to receive scanned
documents from a networked MFP machine which has "Scan to FTP". First I
enabled pure-ftpd service with xinetd, deactivated SuSEFirewall and was
able to receive scanned ftp documents in my homedir as seleced. Next I
tried to enable the more secure vsftpd instead, but did't get any FTP
document, even not with the FireWall deactivated. Maybe also something
also has to be configured in vsftpd.conf?
SuseFirewall:
I have a default SuseFirewall setup just with SSH enabled for external
Zone access. My question is how configure SUSEFirewall preferably with
YaST to receive FTP documents from my network scanner?
I'm using fixed IP addresses on the LAN, not DHCP. I haven't activated
Firewall for the Internal zone and thought therefore everything on my
LAN had access, but scanned documents don't come through. I've read FTP
may need that port 20-21 both TCP and UDP in the Firewall, maybe this is
for External zone only?
Rgds,
Terje J. Hanssen
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security+help(a)opensuse.org