From owner-freebsd-security Sun Aug 4 3:24:20 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3541E37B401 for ; Sun, 4 Aug 2002 03:24:15 -0700 (PDT) Received: from borja.sarenet.es (borja.sarenet.es [192.148.167.77]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7CE1843E6A for ; Sun, 4 Aug 2002 03:24:13 -0700 (PDT) (envelope-from borjamar@sarenet.es) Received: from nenuial.arnor.es (localhost [127.0.0.1]) by borja.sarenet.es (8.12.3/8.12.3) with ESMTP id g74AOAxh009554 for ; Sun, 4 Aug 2002 12:24:11 +0200 (CEST) (envelope-from borjamar@sarenet.es) Content-Type: text/plain; charset="iso-8859-1" From: Borja Marcos To: Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG toipsec/racoontroubles, help please ...] Date: Sun, 4 Aug 2002 12:24:10 +0200 User-Agent: KMail/1.4.2 References: In-Reply-To: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200208041224.10309.borjamar@sarenet.es> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Friday 02 August 2002 23:47, Matthew Grooms wrote: > Its only backwards if you are used to implimenting IPSEC communications > in a non-giff'd confguration. As mentioned before, this is endorsed by > many how-to's available. If you don't like this method, don't use it. I > for one prefer the giffed alternative but will be more than happy to > admit that the benifits appear to be mostly cosmetic. =09I am not using gif right now, but I see two important advantages. =09I suppose it will be possible to put firewall rules in a gif interface= =2E=20 Imagine that you establish a tunnel with a not so trusted party, only for= a=20 limited purpose. =09I suppose as well that it is possible to sniff traffic in a gif interf= ace.=20 Tools such as Argus, Ntop, can be used with encrypted tunnels. Otherwise,= you=20 are blind. =09Borja. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Aug 4 3:55:44 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 244AD37B400 for ; Sun, 4 Aug 2002 03:55:38 -0700 (PDT) Received: from mail.crypton.pl (ns.crypton.pl [195.216.109.11]) by mx1.FreeBSD.org (Postfix) with SMTP id B2C2943E5E for ; Sun, 4 Aug 2002 03:55:36 -0700 (PDT) (envelope-from mailman@mail.crypton.pl) Received: (qmail 34129 invoked by uid 1002); 4 Aug 2002 10:55:35 -0000 Date: Sun, 4 Aug 2002 12:55:35 +0200 From: Nomad To: Brad Davis Cc: freebsd-security@freebsd.org Subject: Re: SSH upgrade? Message-ID: <20020804125535.A32133@killer.crypton.pl> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from striker_d@hotmail.com on Fri, Aug 02, 2002 at 06:20:36PM -0600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello I upgraded only openssh to 3_4_4 version on the same 4.5-RELEASE (without upgrading to 4.6-STABLE like you) and now I get "Host key for IP address 'ip_address' not known in list of known hosts'". The problem is that the this key is already in known_hosts but onlu for DNS name for specified host. So I added copy of host key with DNS name replaced by IP adress and everything is OK: no weird messages at all. I think that's something wrong with this version of openssh. Maybe this fenomena in connection with some entries in ssh_config results in denying connections to outside world. On my host this connections were possible, only this strange infos appeared. Nomad On Fri, Aug 02, 2002 at 06:20:36PM -0600, Brad Davis wrote: > Hello, > > I just upgraded a machine from 4.5-RELEASE to 4.6-STABLE and included in the > upgrade was to OpenSSH 3.4p1. Since then I have not been able to ssh from > this box out to the world. I get an error that Host authentication failed. > It does work from the root account but not from my user account so I deleted > ~/.ssh and that hasn't helped either. Any ideas? > > > Thanks, > Brad > > > > _________________________________________________________________ > Send and receive Hotmail on your mobile device: http://mobile.msn.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Aug 4 4:11:24 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 80B9C37B400 for ; Sun, 4 Aug 2002 04:11:13 -0700 (PDT) Received: from mail.crypton.pl (ns.crypton.pl [195.216.109.11]) by mx1.FreeBSD.org (Postfix) with SMTP id 6EE4E43E42 for ; Sun, 4 Aug 2002 04:11:12 -0700 (PDT) (envelope-from mailman@mail.crypton.pl) Received: (qmail 35073 invoked by uid 1002); 4 Aug 2002 11:11:11 -0000 Date: Sun, 4 Aug 2002 13:11:11 +0200 From: Nomad To: Borja Marcos Cc: freebsd-security@freebsd.org Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG toipsec/racoontroubles, help please ...] Message-ID: <20020804131111.B32133@killer.crypton.pl> References: <200208041224.10309.borjamar@sarenet.es> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <200208041224.10309.borjamar@sarenet.es>; from borjamar@sarenet.es on Sun, Aug 04, 2002 at 12:24:10PM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, Hm, advantages or disadvantages... possibility of sniffing packets is disadvantage in security manner I thing... Anyway building firewall rules to the IPSec connection configured without gif interface is also possible. I have this on my IPSEc VPN gateway. Packets goes via ipfw 2 times: first encoded, in normal IPv4 form, second time encapsulated in EPS frames. Of course my rules are applied on the first visit of packets in my ipfw. I don't know if it works the same whet sysctl's fw_onepass is set to 1 (on my gateway is set to 0) but filtering packets before they passed to the IPSec tunnel is possible and it works without gif's. I think that it will be work on workstations (in my case there are gateways). Of course in that case sniffing is possible to:with ipfw's tee, fwd or divert rules. On gateway it's posiible to sniff on "clear" interface and compare it with ESP traffic on "encrypted" interface. Anyway: without gif's you are not blind. Nomad On Sun, Aug 04, 2002 at 12:24:10PM +0200, Borja Marcos wrote: > On Friday 02 August 2002 23:47, Matthew Grooms wrote: > > Its only backwards if you are used to implimenting IPSEC communications > > in a non-giff'd confguration. As mentioned before, this is endorsed by > > many how-to's available. If you don't like this method, don't use it. I > > for one prefer the giffed alternative but will be more than happy to > > admit that the benifits appear to be mostly cosmetic. > > I am not using gif right now, but I see two important advantages. > > I suppose it will be possible to put firewall rules in a gif interface. > Imagine that you establish a tunnel with a not so trusted party, only for a > limited purpose. > > I suppose as well that it is possible to sniff traffic in a gif interface. > Tools such as Argus, Ntop, can be used with encrypted tunnels. Otherwise, you > are blind. > > > Borja. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Aug 4 5:21:24 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 19C8A37B401 for ; Sun, 4 Aug 2002 05:21:19 -0700 (PDT) Received: from smx.pair.com (smx.pair.com [209.68.1.56]) by mx1.FreeBSD.org (Postfix) with SMTP id 9BA8143E6A for ; Sun, 4 Aug 2002 05:21:18 -0700 (PDT) (envelope-from sigma@smx.pair.com) Received: (qmail 82778 invoked by uid 1000); 4 Aug 2002 12:21:15 -0000 Message-ID: <20020804122115.82777.qmail@smx.pair.com> From: sigma@smx.pair.com Subject: zlib 1.1.4 To: freebsd-security@freebsd.org Date: Sun, 4 Aug 2002 08:21:15 -0400 (EDT) X-Mailer: ELM [version 2.4ME+ PL40 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Is there some reason zlib 1.1.3 seems to be part of 4.6-STABLE? cvsweb shows 1.1.4 imported "on the vendor branch". There was a major security advisory in March 2002 for 1.1.3. A diff suggests only minor changes between the 1.1.4 source (from gzip.org) and the source used by 4.6-STABLE, but it's still labeled 1.1.3, which is enough to raise questions. Thanks, Kevin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Aug 4 6:14:58 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CE79237B400 for ; Sun, 4 Aug 2002 06:14:55 -0700 (PDT) Received: from ik.ku.lt (ik.ku.lt [193.219.76.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9BB9E43E42 for ; Sun, 4 Aug 2002 06:14:54 -0700 (PDT) (envelope-from garska@ik.ku.lt) Received: from daemon (daemon.ku.lt [193.219.76.199]) by ik.ku.lt (8.11.6/8.11.6) with ESMTP id g74DIgN26924 for ; Sun, 4 Aug 2002 15:18:42 +0200 (EET) (envelope-from garska@ik.ku.lt) Reply-To: From: "Rolandas Garska" To: Subject: FW: SA-02:35 Date: Sun, 4 Aug 2002 15:14:44 +0200 Organization: Klaipeda University Message-ID: <000401c23bb8$e9b9bbc0$c74cdbc1@daemon> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3416 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Does anyone know something about SA-02:35? -----Original Message----- From: owner-freebsd-security@FreeBSD.ORG [mailto:owner-freebsd-security@FreeBSD.ORG] On Behalf Of Oleg Derevenetz Sent: Friday, August 02, 2002 8:16 PM To: freebsd-security@FreeBSD.ORG Subject: SA-02:35 Hi all, I recently visited ftp.freebsd.org, and found directory SA-02:35 in CERT/patches without corresponding advisory in CERT/advisories. Does anyone know something about this SA ? As I understand, it belongs to ffs subsystem. Is it recommended ? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Aug 4 8: 2:59 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 23D1937B400 for ; Sun, 4 Aug 2002 08:02:57 -0700 (PDT) Received: from ho.com (vic-dial-196-30-233-7.mweb.co.za [196.30.233.7]) by mx1.FreeBSD.org (Postfix) with SMTP id CAEBF43E3B for ; Sun, 4 Aug 2002 08:02:52 -0700 (PDT) (envelope-from l.@ho.com) From: "." <"l."@ho.com> To: Subject: Mime-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Date: Sun, 4 Aug 2002 23:02:12 +0800 X-Priority: 1 (Highest) Content-Transfer-Encoding: 8bit Message-Id: <20020804150252.CAEBF43E3B@mx1.FreeBSD.org> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Aug 4 9:10:33 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C8ECF37B400 for ; Sun, 4 Aug 2002 09:10:29 -0700 (PDT) Received: from gaia.nimnet.asn.au (nimbin.lnk.telstra.net [139.130.45.143]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6010F43E5E for ; Sun, 4 Aug 2002 09:10:25 -0700 (PDT) (envelope-from smithi@nimnet.asn.au) Received: from localhost (smithi@localhost) by gaia.nimnet.asn.au (8.8.8/8.8.8R1.2) with SMTP id BAA09130 for ; Mon, 5 Aug 2002 01:46:18 +1000 (EST) (envelope-from smithi@nimnet.asn.au) Date: Mon, 5 Aug 2002 01:46:18 +1000 (EST) From: Ian Smith To: freebsd-security@FreeBSD.org Subject: port 6112 ? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'd been seeing lots of widely sourced, irregular scans over our public subnet for TCP port 6112 ('dtspcd'?), along with some other ports that are also being scanned semi-regularly, including 1524 (ingreslock, more likely pcserver trojan) and TCP 17300 (?) along with bucketloads of TCP 1433 (ms-sql-s) .. as does everyone else, I guess. I recently added ipfw rules to separate these out from the general (denied) cruft, so as not to blow out the log limiting and thus obscuring the more interesting stuff, Today I notice a dialup user getting and sending UDP packets on 6112, with various IPs; looks to be a fairly steady stream of in- and outbound traffic at about 800cps each way over, say, half-hour sessions. Game, trojan, or yet another messenger type thing? I've already checked http://www.robertgraham.com/pubs/firewall-seen.html Cheers, Ian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Aug 4 9:15:37 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E15BA37B400 for ; Sun, 4 Aug 2002 09:15:35 -0700 (PDT) Received: from bastet.rfc822.net (bastet.rfc822.net [64.81.113.233]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8DE1043E6A for ; Sun, 4 Aug 2002 09:15:35 -0700 (PDT) (envelope-from pde@bastet.rfc822.net) Received: by bastet.rfc822.net (Postfix, from userid 1001) id 984EB9ECDA; Sun, 4 Aug 2002 11:16:18 -0500 (CDT) Date: Sun, 4 Aug 2002 11:16:18 -0500 From: Pete Ehlke To: Ian Smith Cc: freebsd-security@FreeBSD.org Subject: Re: port 6112 ? Message-ID: <20020804161618.GA40069@rfc822.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.27i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Aug 05, 2002 at 01:46:18AM +1000, Ian Smith wrote: > > Today I notice a dialup user getting and sending UDP packets on 6112, > with various IPs; looks to be a fairly steady stream of in- and outbound > traffic at about 800cps each way over, say, half-hour sessions. > > Game, trojan, or yet another messenger type thing? > Gamer. Probably starcraft or one of its cousins. -P. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Aug 4 9:21:25 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5551C37B400 for ; Sun, 4 Aug 2002 09:21:22 -0700 (PDT) Received: from patrocles.silby.com (d118.as6.nwbl0.wi.voyager.net [169.207.128.118]) by mx1.FreeBSD.org (Postfix) with ESMTP id E4FD743E4A for ; Sun, 4 Aug 2002 09:21:20 -0700 (PDT) (envelope-from silby@silby.com) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.5/8.12.5) with ESMTP id g74GOIB1031437; Sun, 4 Aug 2002 11:24:18 -0500 (CDT) (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.5/8.12.5/Submit) with ESMTP id g74GOD3p031434; Sun, 4 Aug 2002 11:24:16 -0500 (CDT) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Sun, 4 Aug 2002 11:24:13 -0500 (CDT) From: Mike Silbersack To: Ian Smith Cc: freebsd-security@FreeBSD.org Subject: Re: port 6112 ? In-Reply-To: Message-ID: <20020804112115.M31370-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 5 Aug 2002, Ian Smith wrote: > Today I notice a dialup user getting and sending UDP packets on 6112, > with various IPs; looks to be a fairly steady stream of in- and outbound > traffic at about 800cps each way over, say, half-hour sessions. > > Game, trojan, or yet another messenger type thing? > > I've already checked http://www.robertgraham.com/pubs/firewall-seen.html > > Cheers, Ian 6112 is Starcraft, Warcraft 3, and probably Diablo as well. No need to be concerned. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Aug 4 10:20:21 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0578137B401 for ; Sun, 4 Aug 2002 10:20:13 -0700 (PDT) Received: from gaia.nimnet.asn.au (nimbin.lnk.telstra.net [139.130.45.143]) by mx1.FreeBSD.org (Postfix) with ESMTP id 346AA43E65 for ; Sun, 4 Aug 2002 10:20:11 -0700 (PDT) (envelope-from smithi@nimnet.asn.au) Received: from localhost (smithi@localhost) by gaia.nimnet.asn.au (8.8.8/8.8.8R1.2) with SMTP id DAA11166; Mon, 5 Aug 2002 03:19:46 +1000 (EST) (envelope-from smithi@nimnet.asn.au) Date: Mon, 5 Aug 2002 03:19:46 +1000 (EST) From: Ian Smith To: Mike Silbersack Cc: Putinas Piliponis , Pete Ehlke , freebsd-security@FreeBSD.ORG Subject: Re: port 6112 ? In-Reply-To: <20020804112115.M31370-100000@patrocles.silby.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, 4 Aug 2002, Mike Silbersack wrote: > 6112 is Starcraft, Warcraft 3, and probably Diablo as well. No need to be > concerned. Thanks Mike, Putinas, Pete. I've seen what some games can do to our V.90 net connection, but this one looks relatively tame. Will look it up, and quietly let it pass. Cheers, Ian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Aug 4 14: 8:56 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 55FEC37B400 for ; Sun, 4 Aug 2002 14:08:54 -0700 (PDT) Received: from spiral.inspiral.net (spiral.inspiral.net [194.204.49.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4F2B543E5E for ; Sun, 4 Aug 2002 14:08:53 -0700 (PDT) (envelope-from mauri@spiral.inspiral.net) Received: (from root@localhost) by spiral.inspiral.net (8.12.2/8.12.2) id g74L8p5K075271 for security@freebsd.org; Mon, 5 Aug 2002 00:08:51 +0300 (EEST) (envelope-from mauri@spiral.inspiral.net) Received: from spiral.inspiral.net (localhost [127.0.0.1]) by spiral.inspiral.net (8.12.2/8.12.2av) with ESMTP id g74L8llU075263 for ; Mon, 5 Aug 2002 00:08:47 +0300 (EEST) (envelope-from mauri@spiral.inspiral.net) Received: from localhost (mauri@localhost) by spiral.inspiral.net (8.12.2/8.12.2/Submit) with ESMTP id g74L8kWG075260 for ; Mon, 5 Aug 2002 00:08:47 +0300 (EEST) Date: Mon, 5 Aug 2002 00:08:46 +0300 (EEST) From: Lauri Laupmaa To: security@freebsd.org Subject: resolv bug & compat3x Message-ID: <20020805000550.B75251-100000@spiral.inspiral.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by AMaViS perl-11 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi As I understand from SA-02:28, older libraries are also vulnerable to buffer overflow. But if I take a look @ /usr/src/lib/compat/compat3x.i386/ then all files are from Feb 10 2001. Is there some probability those will be updated sometime soon? TIA L. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Aug 5 1:17:28 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5687F37B400 for ; Mon, 5 Aug 2002 01:17:27 -0700 (PDT) Received: from m-net.arbornet.org (m-net.arbornet.org [209.142.209.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id BCFB943E7B for ; Mon, 5 Aug 2002 01:17:26 -0700 (PDT) (envelope-from polytarp@m-net.arbornet.org) Received: from m-net.arbornet.org (localhost [127.0.0.1]) by m-net.arbornet.org (8.12.3/8.11.2) with ESMTP id g758JlcD007927; Mon, 5 Aug 2002 04:19:47 -0400 (EDT) (envelope-from polytarp@m-net.arbornet.org) Received: from localhost (polytarp@localhost) by m-net.arbornet.org (8.12.3/8.12.3/Submit) with ESMTP id g758JlTx007924; Mon, 5 Aug 2002 04:19:47 -0400 (EDT) Date: Mon, 5 Aug 2002 04:19:46 -0400 (EDT) From: pgreen To: sonam singh Cc: freebsd-security@FreeBSD.ORG Subject: Re: testing please donot reply In-Reply-To: <20020801100253.49251.qmail@web14407.mail.yahoo.com> Message-ID: <20020805041938.O7894-100000@m-net.arbornet.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Okay. On Thu, 1 Aug 2002, sonam singh wrote: > testing please donot reply > > __________________________________________________ > Do You Yahoo!? > Yahoo! Health - Feel better, live better > http://health.yahoo.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Aug 5 5:13:53 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AD9B437B401 for ; Mon, 5 Aug 2002 05:13:45 -0700 (PDT) Received: from bodb.mc.mpls.visi.com (bodb.mc.mpls.visi.com [208.42.156.104]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C6B343E3B for ; Mon, 5 Aug 2002 05:13:45 -0700 (PDT) (envelope-from hawkeyd@visi.com) Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193]) by bodb.mc.mpls.visi.com (Postfix) with ESMTP id 362005A72; Mon, 5 Aug 2002 07:13:42 -0500 (CDT) Received: (from hawkeyd@localhost) by sheol.localdomain (8.11.6/8.11.6) id g75CDfn31929; Mon, 5 Aug 2002 07:13:41 -0500 (CDT) (envelope-from hawkeyd) Date: Mon, 5 Aug 2002 07:13:41 -0500 (CDT) Message-Id: <200208051213.g75CDfn31929@sheol.localdomain> Mime-Version: 1.0 X-Newsreader: knews 1.0b.1 Reply-To: hawkeyd@visi.com Organization: if (!FIFO) if (!LIFO) break; References: <000401c23bb8$e9b9bbc0$c74cdbc1_daemon@ns.sol.net> In-Reply-To: <000401c23bb8$e9b9bbc0$c74cdbc1_daemon@ns.sol.net> From: hawkeyd@visi.com (D J Hawkey Jr) Subject: Re: FW: SA-02:35 X-Original-Newsgroups: sol.lists.freebsd.security To: garska@ik.ku.lt, freebsd-security@freebsd.org Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In article <000401c23bb8$e9b9bbc0$c74cdbc1_daemon@ns.sol.net>, garska@ik.ku.lt writes: > Does anyone know something about SA-02:35? ---8<--- ftp://ftp.FreeBSD.org:21/pub/FreeBSD/CERT/patches/SA-02:35/ffs.patch RCS file: /home/ncvs/src/sys/ufs/ffs/ffs_vfsops.c,v retrieving revision 1.117.2.9 retrieving revision 1.117.2.10 diff -u -p -r1.117.2.9 -r1.117.2.10 --- sys/ufs/ffs/ffs_vfsops.c 2002/04/08 09:39:30 1.117.2.9 +++ sys/ufs/ffs/ffs_vfsops.c 2002/06/23 22:34:52 1.117.2.10 @@ -758,6 +758,9 @@ ffs_mountfs(devvp, mp, p, malloctype) ump->um_savedmaxfilesize = fs->fs_maxfilesize; /* XXX */ maxfilesize = (u_int64_t)0x40000000 * fs->fs_bsize - 1; /* XXX */ + /* Enforce limit caused by vm object backing (32 bits vm_pindex_t). */ + if (maxfilesize > (u_int64_t)0x80000000u * PAGE_SIZE - 1) + maxfilesize = (u_int64_t)0x80000000u * PAGE_SIZE - 1; if (fs->fs_maxfilesize > maxfilesize) /* XXX */ fs->fs_maxfilesize = maxfilesize; /* XXX */ if (ronly == 0) { --->8--- ---8<--- /var/tmp/cvsup.out Script started on Wed Jul 31 15:45:59 2002 Parsing supfile "/usr/sup/standard-supfile" .... Edit src/sys/ufs/ffs/ffs_vfsops.c Add delta 1.117.2.7.2.1 2002.07.31.17.55.12 jedgar .... --->8--- ---8<--- /usr/src/UPDATING .... 20020731: p14 A bounds checking error in FFS filesize limits was corrected. .... --->8--- Whatever it does exactly, it made it into the RELENG_4_5 CVS tree. My guess is that someone didn't get it into the advisories. Dave -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" > -----Original Message----- > From: owner-freebsd-security@FreeBSD.ORG > [mailto:owner-freebsd-security@FreeBSD.ORG] On Behalf Of Oleg Derevenetz > Sent: Friday, August 02, 2002 8:16 PM > To: freebsd-security@FreeBSD.ORG > Subject: SA-02:35 > > Hi all, > > I recently visited ftp.freebsd.org, and found directory SA-02:35 in > CERT/patches > without corresponding advisory in CERT/advisories. Does anyone know > something > about this SA ? As I understand, it belongs to ffs subsystem. Is it > recommended ? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Aug 5 7:10:23 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CEEBF37B400 for ; Mon, 5 Aug 2002 07:10:20 -0700 (PDT) Received: from musique.teaser.net (musique.teaser.net [213.91.2.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id D3D6F43E4A for ; Mon, 5 Aug 2002 07:10:19 -0700 (PDT) (envelope-from e-masson@kisoft-services.com) Received: from notbsdems.nantes.kisoft-services.com (nantes.kisoft-services.com [193.56.60.243]) by musique.teaser.net (Postfix) with ESMTP id 71D817252A; Mon, 5 Aug 2002 16:10:12 +0200 (CEST) Received: by notbsdems.nantes.kisoft-services.com (Postfix, from userid 1001) id EA2DB5AAE8; Mon, 5 Aug 2002 16:09:52 +0200 (CEST) To: cjclark@alum.mit.edu Cc: Matthew Grooms , dlavigne6@cogeco.ca, Mailing List FreeBSD Security Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG to ipsec/racoon troubles, help please ...] References: <20020730074813.GF89241@blossom.cjclark.org> <86znw5r9h3.fsf_-_@notbsdems.nantes.kisoft-services.com> <86k7n9qv08.fsf@notbsdems.nantes.kisoft-services.com> <20020802172729.GA6880@blossom.cjclark.org> From: Eric Masson In-Reply-To: <20020802172729.GA6880@blossom.cjclark.org> ("Crist J. Clark"'s message of "Fri, 2 Aug 2002 10:27:29 -0700") X-Operating-System: FreeBSD 4.6-STABLE i386 Date: Mon, 05 Aug 2002 16:09:51 +0200 Message-ID: <86wur5o0r4.fsf@notbsdems.nantes.kisoft-services.com> Lines: 26 User-Agent: Gnus/5.090007 (Oort Gnus v0.07) XEmacs/21.4 (Common Lisp, i386--freebsd) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >>>>> "Crist" == Crist J Clark writes: Crist> It's pretty much automagically done by way of the SPD entry. Any Crist> packet that matches the source and destination in the SPD gets Crist> put through the appropriate tunnel with the specified end Crist> points. Ok, I do understand now. Crist> It's not the same as the regular routing table and will not show Crist> up in 'netstat -rn.' It would be nice to have netstat -r show these routes with a new flag (like T for example), tunnelled end address as destination, tunneled origin address as gateway, and interface bound to tunnel origin address as netif. Does this look interesting or is this plain dumb ? Eric Masson -- > dvips -o $@ $< Faut faire gffe de pas te couper avec ton truc, t'as mis des ciseaux ($<) partout :)) -+- Dom in Guide du linuxien pervers - "J'aime pas les Makefile !" -+- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Aug 5 7:23:48 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3DC9437B405 for ; Mon, 5 Aug 2002 07:23:44 -0700 (PDT) Received: from cage.simianscience.com (cage.simianscience.com [64.7.134.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5925543E6A for ; Mon, 5 Aug 2002 07:23:43 -0700 (PDT) (envelope-from mike@sentex.net) Received: from house.sentex.net (fcage [192.168.0.2]) by cage.simianscience.com (8.12.5/8.12.5) with ESMTP id g75ENg6A005952; Mon, 5 Aug 2002 10:23:42 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <5.1.0.14.0.20020805102513.07c350b8@192.168.0.12> X-Sender: mdtancsa@192.168.0.12 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Mon, 05 Aug 2002 10:26:07 -0400 To: Eric Masson From: Mike Tancsa Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG to ipsec/racoon troubles, help please ...] Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <86wur5o0r4.fsf@notbsdems.nantes.kisoft-services.com> References: <20020802172729.GA6880@blossom.cjclark.org> <20020730074813.GF89241@blossom.cjclark.org> <86znw5r9h3.fsf_-_@notbsdems.nantes.kisoft-services.com> <86k7n9qv08.fsf@notbsdems.nantes.kisoft-services.com> <20020802172729.GA6880@blossom.cjclark.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: amavis-20020220 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 04:09 PM 8/5/2002 +0200, Eric Masson wrote: > Crist> It's not the same as the regular routing table and will not show > Crist> up in 'netstat -rn.' > >It would be nice to have netstat -r show these routes with a new flag >(like T for example), tunnelled end address as destination, tunneled >origin address as gateway, and interface bound to tunnel origin address >as netif. > >Does this look interesting or is this plain dumb ? Something like this would make things much more clear IMHO. ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Aug 5 10:42:11 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6A7FB37B400 for ; Mon, 5 Aug 2002 10:42:08 -0700 (PDT) Received: from sccrmhc01.attbi.com (sccrmhc01.attbi.com [204.127.202.61]) by mx1.FreeBSD.org (Postfix) with ESMTP id 72A1F43E4A for ; Mon, 5 Aug 2002 10:42:07 -0700 (PDT) (envelope-from crist.clark@attbi.com) Received: from blossom.cjclark.org ([12.234.91.48]) by sccrmhc01.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020805174206.PLTJ23732.sccrmhc01.attbi.com@blossom.cjclark.org>; Mon, 5 Aug 2002 17:42:06 +0000 Received: from blossom.cjclark.org (localhost. [127.0.0.1]) by blossom.cjclark.org (8.12.3/8.12.3) with ESMTP id g75Hg5JK063133; Mon, 5 Aug 2002 10:42:05 -0700 (PDT) (envelope-from crist.clark@attbi.com) Received: (from cjc@localhost) by blossom.cjclark.org (8.12.3/8.12.3/Submit) id g75HfuNC063132; Mon, 5 Aug 2002 10:41:56 -0700 (PDT) X-Authentication-Warning: blossom.cjclark.org: cjc set sender to crist.clark@attbi.com using -f Date: Mon, 5 Aug 2002 10:41:56 -0700 From: "Crist J. Clark" To: Eric Masson Cc: Matthew Grooms , dlavigne6@cogeco.ca, Mailing List FreeBSD Security Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG to ipsec/racoon troubles, help please ...] Message-ID: <20020805174156.GA62935@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <20020730074813.GF89241@blossom.cjclark.org> <86znw5r9h3.fsf_-_@notbsdems.nantes.kisoft-services.com> <86k7n9qv08.fsf@notbsdems.nantes.kisoft-services.com> <20020802172729.GA6880@blossom.cjclark.org> <86wur5o0r4.fsf@notbsdems.nantes.kisoft-services.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <86wur5o0r4.fsf@notbsdems.nantes.kisoft-services.com> User-Agent: Mutt/1.4i X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Aug 05, 2002 at 04:09:51PM +0200, Eric Masson wrote: > >>>>> "Crist" == Crist J Clark writes: > > Crist> It's pretty much automagically done by way of the SPD entry. Any > Crist> packet that matches the source and destination in the SPD gets > Crist> put through the appropriate tunnel with the specified end > Crist> points. > > Ok, I do understand now. > > Crist> It's not the same as the regular routing table and will not show > Crist> up in 'netstat -rn.' > > It would be nice to have netstat -r show these routes with a new flag > (like T for example), tunnelled end address as destination, tunneled > origin address as gateway, and interface bound to tunnel origin address > as netif. > > Does this look interesting or is this plain dumb ? Tunnelling is not the same as routing. The tunnelling actually has no effect on routing. A packet going through the tunnel is encapsulated and sent to a different destination. This is not like routing where we don't touch the source or destination addresses and merely manipulate where the packet is directed on the next hop. Once encapsulation is done, routing is done normally. Another place for confusion, what do you display for, spdadd 10.10.10.0/24[any] 10.99.99.0/24[25] tcp -P out ipsec esp/tunnel/10.10.11.1-10.99.98.1/require Where not all traffic, but only some, goes through the tunnel. (Yes, an odd use of tunnelling, but perfectly valid.) I think trying to add IPsec tunnels to 'netstat -r' is not a good idea. 'netstat -r' should show the routing table and nothing more. I think a command that displays the SPD and live SAD entries in more intuitive ways, possibly in a 'netstat -r'-like fashion would be very useful, but it shouldn't actually be in 'netstat -r.' -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Aug 5 11: 3: 3 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D16EF37B400 for ; Mon, 5 Aug 2002 11:03:01 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7BFE743E77 for ; Mon, 5 Aug 2002 11:03:01 -0700 (PDT) (envelope-from owner-bugmaster@freebsd.org) Received: from freefall.freebsd.org (peter@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g75I31JU035907 for ; Mon, 5 Aug 2002 11:03:01 -0700 (PDT) (envelope-from owner-bugmaster@freebsd.org) Received: (from peter@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g75I30rk035904 for security@freebsd.org; Mon, 5 Aug 2002 11:03:00 -0700 (PDT) Date: Mon, 5 Aug 2002 11:03:00 -0700 (PDT) Message-Id: <200208051803.g75I30rk035904@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: peter set sender to owner-bugmaster@freebsd.org using -f From: FreeBSD bugmaster To: security@FreeBSD.org Subject: Current problem reports assigned to you Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Current FreeBSD problem reports No matches to your query To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Aug 5 11:50:53 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D74DD37B400 for ; Mon, 5 Aug 2002 11:50:49 -0700 (PDT) Received: from femme.sapphite.org (pcp02268182pcs.longhl01.md.comcast.net [68.50.99.190]) by mx1.FreeBSD.org (Postfix) with ESMTP id DAFDF43E3B for ; Mon, 5 Aug 2002 11:50:43 -0700 (PDT) (envelope-from trish@bsdunix.net) Received: from localhost (trish@localhost [127.0.0.1]) by femme.sapphite.org (8.12.5/8.12.5) with ESMTP id g75Ipg6h004720; Mon, 5 Aug 2002 14:51:43 -0400 (EDT) (envelope-from trish@bsdunix.net) Date: Mon, 5 Aug 2002 14:51:42 -0400 (EDT) From: Trish Lynch X-X-Sender: To: =?iso-8859-2?Q?Maciej_Wi=B6niewski?= Cc: Subject: Re: [Q] FreeBSD IPSec Discussion. In-Reply-To: <20020803072211.A13088@killer.crypton.pl> Message-ID: <20020805144624.E482-100000@femme.sapphite.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, 3 Aug 2002, [iso-8859-2] Maciej Wi=B6niewski wrote: > Hello > > I have one question: why you use gif interface while esp doing all job fo= r you without any additional gif interfaces ??? the short answer is "because it works" the longer answer is that the person who set up prior tunnels on here did it via gif interfaces, I find that its nice to be able to physically see where my tunnels are between in the output of "ifconfig" as well. It also helped a lot when troubleshooting and visualizing the output of setkey -DP and the logs from racoon. > I have some network of gateways tunneling IP packets via IPSec and it's p= retty stable to. And I don't use any gifs or other extra toys: just clean I= PSec configuration. > Maybe it's something about which I should know ? > > Regards > Nomad > like I said, whatever works, between the ravlin, the esp is on the public and then the private net addresses are "in the clear" within the encapsulation. I know what interfaces are working, and can see the routes through 'netstat -rn' , the use of the gif interfaces enables me to separate things a bit for my own visualization and troubleshooting purposes. Considering theres very little information on how to set these things up, most people fiure them out by trial and error. I'm sorry I haven't gotten around to documenting, but I went on a trip to WV this weekend for some relaxation :) -Trish -- Trish Lynch=09=09=09=09=09trish@bsdunix.net FreeBSD=09=09=09=09=09=09The Power to Serve Ecartis Core Team=09=09=09=09trish@listmistress.org http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Aug 5 12: 2:21 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CB01A37B400 for ; Mon, 5 Aug 2002 12:02:18 -0700 (PDT) Received: from boleskine.patpro.net (boleskine.patpro.net [62.4.20.155]) by mx1.FreeBSD.org (Postfix) with ESMTP id 755EC43E4A for ; Mon, 5 Aug 2002 12:02:17 -0700 (PDT) (envelope-from patpro@patpro.net) Received: from localhost (cassandre [192.168.0.1]) by boleskine.patpro.net (8.11.3/8.11.3) with ESMTP id g75J2Hu30997 for ; Mon, 5 Aug 2002 21:02:18 +0200 (CEST) (envelope-from patpro@patpro.net) Date: Mon, 5 Aug 2002 21:02:15 +0200 Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:33.openssl [REVISED] Content-Type: text/plain; charset=ISO-8859-1; format=flowed Mime-Version: 1.0 (Apple Message framework v482) From: patpro To: security@FreeBSD.ORG Content-Transfer-Encoding: quoted-printable In-Reply-To: <200208051645.g75GjdZ6021996@freefall.freebsd.org> Message-Id: X-Mailer: Apple Mail (2.482) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On lundi, ao=FBt 5, 2002, at 06:45 , FreeBSD Security Advisories wrote: > Topic: openssl contains multiple vulnerabilities [cut] > The original correction for this problem (corresponding to the first > revision of this advisory) contained a typo and introduced another > bug. any details available ? does the typo introduced the new bug or are these 2 problemes unrelated = ? is the new bug a vulnerability or not ? patpro -- even god made buildworld only once in a week... why should I have to make it twice ? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Aug 5 16:19:27 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 39A4737B400 for ; Mon, 5 Aug 2002 16:19:26 -0700 (PDT) Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id C1D4C43E5E for ; Mon, 5 Aug 2002 16:19:25 -0700 (PDT) (envelope-from des@ofug.org) Received: by flood.ping.uio.no (Postfix, from userid 2602) id A7B72535D; Tue, 6 Aug 2002 01:19:23 +0200 (CEST) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Oleg Derevenetz Cc: freebsd-security@FreeBSD.ORG Subject: Re: SA-02:35 References: <1028312148.3d4acc54c5eef@webmail.vsi.ru> From: Dag-Erling Smorgrav Date: 06 Aug 2002 01:19:22 +0200 In-Reply-To: <1028312148.3d4acc54c5eef@webmail.vsi.ru> Message-ID: Lines: 11 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.2 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Oleg Derevenetz writes: > I recently visited ftp.freebsd.org, and found directory SA-02:35 in > CERT/patches without corresponding advisory in CERT/advisories. SA-02:35 is due out today. We release patches early to make sure they've propagated to all the mirrors by the time we release the advisory. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Aug 5 16:49:31 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D4E7737B405; Mon, 5 Aug 2002 16:49:09 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id A018A43E6A; Mon, 5 Aug 2002 16:48:47 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (nectar@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g75NmbJU097285; Mon, 5 Aug 2002 16:48:37 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: (from nectar@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g75Nmbg2097283; Mon, 5 Aug 2002 16:48:37 -0700 (PDT) Date: Mon, 5 Aug 2002 16:48:37 -0700 (PDT) Message-Id: <200208052348.g75Nmbg2097283@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-02:35.ffs Reply-To: security-advisories@freebsd.org Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:35.ffs Security Advisory The FreeBSD Project Topic: local users may read and write arbitrary blocks on an FFS filesystem Category: core Module: kernel Announced: 2002-08-05 Credits: Matt Dillon , Ian Dowse , Tor Egge Affects: All releases of FreeBSD up to and including 4.6.1-RELEASE-p4 4.6-STABLE prior to the correction date Corrected: 2002-06-23 22:34:52 UTC (RELENG_4) 2002-07-31 17:55:22 UTC (RELENG_4_6) 2002-07-31 17:55:11 UTC (RELENG_4_5) 2002-07-31 17:54:57 UTC (RELENG_4_4) FreeBSD only: YES I. Background The Berkeley Fast File System (FFS) is the default filesystem used by FreeBSD. II. Problem Description A bug in the calculation of the maximum permitted FFS file size allows users to create files that are larger than FreeBSD's virtual memory system can handle. The integer overflows that result when such files are accessed may map filesystem metadata into the user file, permitting access to arbitrary filesystem blocks. The bug is encountered only on FFS filesystems with a block size of 16k or greater on the i386 architecture, or 32k or greater on the alpha architecture. Also, the filesystem must have at least 6 blocks of free space, and the user must have write access to at least one file in the filesystem. The default FreeBSD FFS filesystem block size was changed from 8k to 16k on all architectures just before 4.5-RELEASE. III. Impact Local attackers may cause a denial of service by simply corrupting the filesystem. A local attacker may also be able to read and write arbitrary files on local filesystems, allowing them to gain superuser privileges. FFS filesystems with a block size less than 16k (on the i386 architecture) or 32k (on the alpha architecture), such as those created using the default FFS filesystem block size prior to 4.5-RELEASE, are not vulnerable. The following command can be used to determine the block size used on a given filesystem: # dumpfs /some/filesystem | grep '^bsize' IV. Workaround On filesystems with 16k blocks, the bug cannot be exploited when a process has a file size resource limit (RLIMIT_FSIZE) of 63 MB or less. This can be most easily accomplished by modifying /etc/login.conf so that the appropriate login classes (typically `default') contain a field entry such as the following: :filesize=63m:\ After editing /etc/login.conf, the corresponding capability database must be rebuilt with the following command: # cap_mkdb /etc/login.conf Please see login.conf(5) for details. Note that this will not affect currently running processes, nor new processes started by users who are already logged in. The corresponding limit appropriate for filesystems with 32k or larger blocks is not known at this time, and might be smaller or larger than 63 MB. It is the responsibility of applications such as `login' and `sshd' to read and honor login.conf. Be aware that 3rd party applications that provide login functionality may or may not honor login.conf. V. Solution 1) Upgrade your vulnerable system to 4.6-STABLE; or to any of the RELENG_4_6 (4.6.1-RELEASE-p5), RELENG_4_5 (4.5-RELEASE-p14), or RELENG_4_4 (4.4-RELEASE-p21) security branches dated after the respective correction dates. 2) To patch your present system: a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. The following patch has been tested to apply to all FreeBSD 4.x releases. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:35/ffs.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:35/ffs.patch.asc b) Recompile your kernel as described in http://www.freebsd.org/handbook/kernelconfig.html and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Path Revision Branch - ------------------------------------------------------------------------- sys/ufs/ffs/ffs_vfsops.c RELENG_4 1.117.2.10 RELENG_4_6 1.117.2.9.2.1 RELENG_4_5 1.117.2.7.2.1 RELENG_4_4 1.117.2.3.2.1 sys/conf/newvers.sh RELENG_4_6 1.44.2.23.2.10 RELENG_4_5 1.44.2.20.2.15 RELENG_4_4 1.44.2.17.2.20 - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iQCVAwUBPU8ML1UuHi5z0oilAQGkWQP/fJvzkrl2ptG87Qn2pIa24kLyax5WCnca uPhq9JxIhXIxAqdIZcrEbbTyeRo/ygtsLzxDKOP0G+A2VxilVL9Ld3a32OSM+nzM uiSnVHTIxPtmkyZnwdmyTcrBki290p/W3LnZhxzfAt1vdIRD+ibOkBXNAaXFxDRz T1UzIarVqgM= =wq5s -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Aug 5 16:52:49 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EE33137B401; Mon, 5 Aug 2002 16:52:29 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7598C43E6A; Mon, 5 Aug 2002 16:51:13 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (nectar@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g75Np6JU097812; Mon, 5 Aug 2002 16:51:06 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: (from nectar@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g75Np6Jt097810; Mon, 5 Aug 2002 16:51:06 -0700 (PDT) Date: Mon, 5 Aug 2002 16:51:06 -0700 (PDT) Message-Id: <200208052351.g75Np6Jt097810@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-02:36.nfs Reply-To: security-advisories@freebsd.org Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:36.nfs Security Advisory The FreeBSD Project Topic: Bug in NFS server code allows remote denial of service Category: core Module: nfs Announced: 2002-08-05 Credits: Mike Junk Affects: All releases prior to 4.6.1-RELEASE-p7 4.6-STABLE prior to the correction date Corrected: 2002-07-19 17:19:53 UTC (RELENG_4) 2002-08-01 19:31:55 UTC (RELENG_4_6) 2002-08-01 19:31:54 UTC (RELENG_4_5) 2002-08-01 19:31:54 UTC (RELENG_4_4) FreeBSD only: NO I. Background The Network File System (NFS) allows a host to export some or all of its filesystems, or parts of them, so that other hosts can access them over the network and mount them as if they were on local disks. NFS is built on top of the Sun Remote Procedure Call (RPC) framework. II. Problem Description A part of the NFS server code charged with handling incoming RPC messages had an error which, when the server received a message with a zero-length payload, would cause it to reference the payload from the previous message, creating a loop in the message chain. This would later cause an infinite loop in a different part of the NFS server code which tried to traverse the chain. III. Impact Certain Linux implementations of NFS produce zero-length RPC messages in some cases. A FreeBSD system running an NFS server may lock up when such clients connect. An attacker in a position to send RPC messages to an affected FreeBSD system can construct a sequence of malicious RPC messages that cause the target system to lock up. IV. Workaround 1) Disable the NFS server: set the nfs_server_enable variable to "NO" in /etc/rc.conf, and reboot. Alternatively, if there are no active NFS clients (as listed by the showmount(8) utility), just killing the mountd and nfsd processes should suffice. 2) Add firewall rules to block RPC traffic to the NFS server from untrusted hosts. V. Solution The following patch has been verified to apply to FreeBSD 4.4, 4.5, and 4.6 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:36/nfs.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:36/nfs.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel and modules as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Path Revision Branch - ------------------------------------------------------------------------- src/sys/nfs/nfs_socket.c RELENG_4 1.60.2.5 RELENG_4_6 1.60.2.3.2.1 RELENG_4_5 1.60.2.1.6.1 RELENG_4_4 1.60.2.3.4.1 - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iQCVAwUBPU8NTVUuHi5z0oilAQHMZAP+L80QudeELKHfZYxG5PPf6cuWkreACavl LP1oJDHLWuw32K4tM0Y+v505t+U2/wGnl2dSqwkfemzxlhzfsmrbubQx8EFgO6sb nhEEtSfu4t81ylHTY+qEWFtRweB5A1tGJaYV67wybWZxulkYJ9qnRLKF4PToc0E3 T1Y/CN0DNYA= =2YSa -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Aug 5 16:53:13 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B64EC37B407; Mon, 5 Aug 2002 16:52:39 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 75D6943EE1; Mon, 5 Aug 2002 16:52:13 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (nectar@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g75Nq3JU097928; Mon, 5 Aug 2002 16:52:03 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: (from nectar@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g75Nq3Is097926; Mon, 5 Aug 2002 16:52:03 -0700 (PDT) Date: Mon, 5 Aug 2002 16:52:03 -0700 (PDT) Message-Id: <200208052352.g75Nq3Is097926@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-02:37.kqueue Reply-To: security-advisories@freebsd.org Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:37.kqueue Security Advisory The FreeBSD Project Topic: local users can panic the system using the kqueue mechanism Category: core Module: kqueue Announced: 2002-08-05 Credits: Mark Delany Affects: FreeBSD 4.3-RELEASE FreeBSD 4.4-RELEASE FreeBSD 4.5-RELEASE FreeBSD 4.6-RELEASE FreeBSD 4.6-STABLE prior to the correction date Corrected: 2002-08-05 15:05:15 (RELENG_4) 2002-08-05 15:13:48 (RELENG_4_6) 2002-08-05 15:13:44 (RELENG_4_5) 2002-08-05 15:13:40 (RELENG_4_4) FreeBSD only: YES I. Background The kqueue mechanism allows a process to register interest in particular events on particular file descriptors, and receive asynchronous notification when these events occur on the selected descriptors. II. Problem Description If a pipe was created with the pipe(2) system call, and one end of the pipe was closed, registering an EVFILT_WRITE filter on the other end would cause a kernel panic. A common scenario in which this could occur is when a process uses a pipe to communicate with a child and uses kqueue to monitor the pipe, and the child dies shortly after the fork(2) call, before the parent has had time to register the filter. III. Impact A local attacker may cause the system to panic by executing their own malicious application. IV. Workaround There is no known workaround. V. Solution The following patch has been verified to apply to FreeBSD 4.4, 4.5, and 4.6 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:37/kqueue.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:37/kqueue.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Path Revision Branch - ------------------------------------------------------------------------- sys/kern/sys_pipe.c RELENG_4 1.60.2.13 RELENG_4_6 1.60.2.12.2.1 RELENG_4_5 1.60.2.11.2.1 RELENG_4_4 1.60.2.10.2.1 - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iQCVAwUBPU8OFlUuHi5z0oilAQFTugP/S+2u/BK8Oz53oFTcTY84ReNRJZMEJ8dX PVHMWZ7xl4stYoeo8iX+moq+R2riZqEfzT+lx1lYZBkYkkmIwGxI+6qJgBqkPriL acswOhfdzLSgwIoXNJsGdO9vlYwsNqiRsf5Yay+gKDqRUxCPA27X528uc1jhtAdd UzagA6Lhrk8= =uTZC -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 0:52: 4 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 457FF37B400 for ; Tue, 6 Aug 2002 00:52:00 -0700 (PDT) Received: from obsecurity.dyndns.org (adsl-67-115-73-77.dsl.lsan03.pacbell.net [67.115.73.77]) by mx1.FreeBSD.org (Postfix) with ESMTP id EE10043E72 for ; Tue, 6 Aug 2002 00:51:53 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id F108466DFC; Tue, 6 Aug 2002 00:51:51 -0700 (PDT) Date: Tue, 6 Aug 2002 00:51:51 -0700 From: Kris Kennaway To: sigma@smx.pair.com Cc: freebsd-security@freebsd.org Subject: Re: zlib 1.1.4 Message-ID: <20020806075151.GA59261@xor.obsecurity.org> References: <20020804122115.82777.qmail@smx.pair.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020804122115.82777.qmail@smx.pair.com> User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, Aug 04, 2002 at 08:21:15AM -0400, sigma@smx.pair.com wrote: > > Is there some reason zlib 1.1.3 seems to be part of 4.6-STABLE? cvsweb > shows 1.1.4 imported "on the vendor branch". There was a major security > advisory in March 2002 for 1.1.3. A diff suggests only minor changes > between the 1.1.4 source (from gzip.org) and the source used by 4.6-STABLE, > but it's still labeled 1.1.3, which is enough to raise questions. The version in -stable contains all necessary bugfixes, as is apparent from the FreeBSD security advisory on this topic. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 2: 3:14 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4077037B400 for ; Tue, 6 Aug 2002 02:03:12 -0700 (PDT) Received: from math.teaser.net (math.teaser.net [213.91.2.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3F23443E77 for ; Tue, 6 Aug 2002 02:03:11 -0700 (PDT) (envelope-from e-masson@kisoft-services.com) Received: from notbsdems.nantes.kisoft-services.com (nantes.kisoft-services.com [193.56.60.243]) by math.teaser.net (Postfix) with ESMTP id 6A1DD6C899; Tue, 6 Aug 2002 11:03:09 +0200 (CEST) Received: by notbsdems.nantes.kisoft-services.com (Postfix, from userid 1001) id 304B85AAED; Tue, 6 Aug 2002 10:51:31 +0200 (CEST) To: cjclark@alum.mit.edu Cc: Matthew Grooms , dlavigne6@cogeco.ca, Mailing List FreeBSD Security Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG to ipsec/racoon troubles, help please ...] References: <20020730074813.GF89241@blossom.cjclark.org> <86znw5r9h3.fsf_-_@notbsdems.nantes.kisoft-services.com> <86k7n9qv08.fsf@notbsdems.nantes.kisoft-services.com> <20020802172729.GA6880@blossom.cjclark.org> <86wur5o0r4.fsf@notbsdems.nantes.kisoft-services.com> <20020805174156.GA62935@blossom.cjclark.org> From: Eric Masson In-Reply-To: <20020805174156.GA62935@blossom.cjclark.org> ("Crist J. Clark"'s message of "Mon, 5 Aug 2002 10:41:56 -0700") X-Operating-System: FreeBSD 4.6-STABLE i386 Date: Tue, 06 Aug 2002 10:51:30 +0200 Message-ID: <86znw0z7xp.fsf@notbsdems.nantes.kisoft-services.com> Lines: 27 User-Agent: Gnus/5.090008 (Oort Gnus v0.08) XEmacs/21.4 (Common Lisp, i386--freebsd) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >>>>> "Crist" == Crist J Clark writes: Crist> Tunnelling is not the same as routing. The tunnelling actually Crist> has no effect on routing. A packet going through the tunnel is Crist> encapsulated and sent to a different destination. This is not Crist> like routing where we don't touch the source or destination Crist> addresses and merely manipulate where the packet is directed on Crist> the next hop. Once encapsulation is done, routing is done Crist> normally. Crist> I think a command that displays the SPD and live SAD entries in Crist> more intuitive ways, possibly in a 'netstat -r'-like fashion Crist> would be very useful, but it shouldn't actually be in 'netstat Crist> -r.' I was just thinking of a more friendly way to display tunnels, so netstat came to my mind, but it seems that a specialized command should be better. Thanks Eric Masson -- coucou m'man! Fais-moi plaisir, rИagis, que je puisse t'humilier en public! -+- Attila in : Bonne fЙte maman -+- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 2:32:43 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ACA8B37B400 for ; Tue, 6 Aug 2002 02:32:40 -0700 (PDT) Received: from kagnew.autoloop.com (kagnew.autoloop.com [207.99.30.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5536543E42 for ; Tue, 6 Aug 2002 02:32:40 -0700 (PDT) (envelope-from ash@kagnew.autoloop.com) Received: by kagnew.autoloop.com (Postfix, from userid 1000) id 02D0174479; Tue, 6 Aug 2002 09:32:37 +0000 (GMT) Date: Tue, 6 Aug 2002 05:32:37 -0400 From: Anatole Shaw To: Dag-Erling Smorgrav Cc: freebsd-security@freebsd.org Subject: advisory coordination (Re: SA-02:35) Message-ID: <20020806053237.A49851@kagnew.autoloop.com> References: <1028312148.3d4acc54c5eef@webmail.vsi.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from des@ofug.org on Tue, Aug 06, 2002 at 01:19:22AM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Aug 06, 2002 at 01:19:22AM +0200, Dag-Erling Smorgrav wrote: > Oleg Derevenetz writes: > > I recently visited ftp.freebsd.org, and found directory SA-02:35 in > > CERT/patches without corresponding advisory in CERT/advisories. > SA-02:35 is due out today. We release patches early to make sure > they've propagated to all the mirrors by the time we release the > advisory. In May, I had an exchange with two FreeBSD Security Officers about the release of advisory SA-02:25, which referenced patches that didn't yet exist on the FTP site. I recommended that patches and advisories be made available together. One SO told me that, in the future, patch propagation would be assured prior to advisory release, but that attaching patches to advisories was passe. It seems that this piecemeal bit of change is now in force, with the obvious results. On or before August 2nd, the same problem occured in reverse -- a patch for SA-02:35 (the FFS filesize bug) was propagated without a corresponding advisory, as noted by Oleg above. As a result, there were just about 3 days during which the security patch circulated with no explanation. Those were three days for blackhats to examine the patch, and for exploits to emerge and circulate, before most admins were aware of the bug or its impact. On the same day, Ache@ forwarded an unrelated CVS commit on setlocale.c to this list, adding nonchalantly, "That original BSD code bug can be exploitable." The advisory for this one is still in the works, I guess. I'm all for full-disclosure, but something is very wrong in these 2 cases. Known security problems are being released in fragments without any coordination. It seems that a basic Vulnerability Coordination function is broken or missing, and surely we can fix this. -- Anatole Shaw Autoloop Security Consulting http://www.autoloop.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 3: 8:43 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4480937B400 for ; Tue, 6 Aug 2002 03:08:41 -0700 (PDT) Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5DA2043E75 for ; Tue, 6 Aug 2002 03:08:40 -0700 (PDT) (envelope-from des@ofug.org) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 2939C535C; Tue, 6 Aug 2002 12:08:37 +0200 (CEST) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Anatole Shaw Cc: freebsd-security@freebsd.org Subject: Re: advisory coordination (Re: SA-02:35) References: <1028312148.3d4acc54c5eef@webmail.vsi.ru> <20020806053237.A49851@kagnew.autoloop.com> From: Dag-Erling Smorgrav Date: 06 Aug 2002 12:08:36 +0200 In-Reply-To: <20020806053237.A49851@kagnew.autoloop.com> Message-ID: Lines: 31 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.2 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Anatole Shaw writes: > I'm all for full-disclosure, but something is very wrong in these 2 cases. > Known security problems are being released in fragments without any > coordination. It seems that a basic Vulnerability Coordination function > is broken or missing, and surely we can fix this. What do you propose? Are you willing to, say, pay me to work full- time on FreeBSD security issues? The fact of the matter is that there's too much to do and too few people to do it - but adding more people to the team brings its own problems, such as the increasing possibility that one member of the team will break the trust put in us by CERT and vendors with whom we exchange information. Also, when you get to the bottom line, this is an open source project, and open source isn't good at secrecy. Black hats may be tipped off by patches on the FTP server, but they're just as likely to be tipped off by commit messages. A commit to a security branch is a dead giveaway that a security problem exists, yet we need time for QA and for commits to propagate to the CVSup mirrors, so advisories are not likely to be released less than about 24 hours after the corresponding commits. In the particular case of 02:35, we probably waited a bit too long. It was originally due out on Friday along with the revised 02:33, but there were still some unanswered questions about impact and possible workarounds, and 02:36 and 02:37 (which I wrote) weren't ready, so Jacques decided to hold 02:35 back and release all three on Monday. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 3:34: 4 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AD42C37B400 for ; Tue, 6 Aug 2002 03:34:01 -0700 (PDT) Received: from pd3mo1so.prod.shaw.ca (h24-71-223-10.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 19EAF43E65 for ; Tue, 6 Aug 2002 03:34:01 -0700 (PDT) (envelope-from Colin_Percival@sfu.ca) Received: from pd5mr2so.prod.shaw.ca (pd5mr2so-qfe3.prod.shaw.ca [10.0.141.233]) by l-daemon (iPlanet Messaging Server 5.1 HotFix 0.8 (built May 12 2002)) with ESMTP id <0H0F007D540OOP@l-daemon> for freebsd-security@FreeBSD.ORG; Tue, 06 Aug 2002 04:34:00 -0600 (MDT) Received: from pn2ml10so.prod.shaw.ca (pn2ml10so-qfe0.prod.shaw.ca [10.0.121.80]) by l-daemon (iPlanet Messaging Server 5.1 HotFix 0.8 (built May 12 2002)) with ESMTP id <0H0F008HL40O12@l-daemon> for freebsd-security@FreeBSD.ORG; Tue, 06 Aug 2002 04:34:00 -0600 (MDT) Received: from piii600.sfu.ca (h24-79-84-133.vc.shawcable.net [24.79.84.133]) by l-daemon (iPlanet Messaging Server 5.1 HotFix 0.8 (built May 12 2002)) with ESMTP id <0H0F00K9H40O0O@l-daemon> for freebsd-security@FreeBSD.ORG; Tue, 06 Aug 2002 04:34:00 -0600 (MDT) Date: Tue, 06 Aug 2002 03:33:59 -0700 From: Colin Percival Subject: Re: advisory coordination (Re: SA-02:35) In-reply-to: X-Sender: cperciva@popserver.sfu.ca To: Dag-Erling Smorgrav , Anatole Shaw Cc: freebsd-security@FreeBSD.ORG Message-id: <5.0.2.1.1.20020806031941.01febf28@popserver.sfu.ca> MIME-version: 1.0 X-Mailer: QUALCOMM Windows Eudora Version 5.0.2 Content-type: text/plain; charset=us-ascii; format=flowed Content-transfer-encoding: 7BIT X-Info-RBL1: ox.ac.uk filters email against various lists. X-Info-RBL2: If your replies bounce, try sending them to cperciva@sfu.ca References: <20020806053237.A49851@kagnew.autoloop.com> <1028312148.3d4acc54c5eef@webmail.vsi.ru> <20020806053237.A49851@kagnew.autoloop.com> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 12:08 06/08/2002 +0200, Dag-Erling Smorgrav wrote: >Anatole Shaw writes: > > I'm all for full-disclosure, but something is very wrong in these 2 > cases. > > Known security problems are being released in fragments without any > > coordination. It seems that a basic Vulnerability Coordination function > > is broken or missing, and surely we can fix this. > >What do you propose? It wouldn't be a panacea, but if the mirrors could be set to update automatically when a security issue arises (instead of operating on their normal schedule) then the issue of advisories coming out before relevant files were mirrored would not be a danger. I can't see that this would cause any problems, since any blackhats looking for unannounced patches would be looking on the main ftp server anyway. Apart from that... is there anything wrong with issuing a preliminary notice and following up with full details later? I think everyone knows you're volunteering -- and is very happy with everything you're doing -- and would not complain if you miss a few details in order to send out a warning sooner. Colin Percival To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 4:30:17 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 829EF37B400 for ; Tue, 6 Aug 2002 04:30:14 -0700 (PDT) Received: from web20105.mail.yahoo.com (web20105.mail.yahoo.com [216.136.226.42]) by mx1.FreeBSD.org (Postfix) with SMTP id 5531743E65 for ; Tue, 6 Aug 2002 04:30:14 -0700 (PDT) (envelope-from freefabri@yahoo.it) Message-ID: <20020806113013.1491.qmail@web20105.mail.yahoo.com> Received: from [193.227.212.160] by web20105.mail.yahoo.com via HTTP; Tue, 06 Aug 2002 13:30:13 CEST Date: Tue, 6 Aug 2002 13:30:13 +0200 (CEST) From: =?iso-8859-1?q?Fabrizio=20Ravazzini?= Subject: OpenSSh trojan on fbsd 4.5 To: freebsd-security@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello all I've installed a server on Freebsd 4.5 Stable. I know that latest versions of OpenSSH, such 3.2.2p1 3.4p1 and 3.4 are trojaned. I think that Openssh on my system is something like 3.0.2, is that right? Or, is the version of ssh in my box trojaned? Thanx bye ______________________________________________________________________ Scarica il nuovo Yahoo! Messenger: con webcam, nuove faccine e tante altre novitЮ. http://it.yahoo.com/mail_it/foot/?http://it.messenger.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 4:49:50 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E8A1C37B400 for ; Tue, 6 Aug 2002 04:49:45 -0700 (PDT) Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id CF26743E75 for ; Tue, 6 Aug 2002 04:49:41 -0700 (PDT) (envelope-from nectar@nectar.cc) Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111]) by gw.nectar.cc (Postfix) with ESMTP id 1DAFD95; Tue, 6 Aug 2002 06:49:41 -0500 (CDT) Received: from madman.nectar.cc (localhost [IPv6:::1]) by madman.nectar.cc (8.12.3/8.12.3) with ESMTP id g76Bnevd094894; Tue, 6 Aug 2002 06:49:40 -0500 (CDT) (envelope-from nectar@madman.nectar.cc) Received: (from nectar@localhost) by madman.nectar.cc (8.12.3/8.12.3/Submit) id g76Bnegu094893; Tue, 6 Aug 2002 06:49:40 -0500 (CDT) Date: Tue, 6 Aug 2002 06:49:40 -0500 From: "Jacques A. Vidrine" To: Anatole Shaw Cc: Dag-Erling Smorgrav , freebsd-security@freebsd.org Subject: Re: advisory coordination (Re: SA-02:35) Message-ID: <20020806114939.GF94762@madman.nectar.cc> Mail-Followup-To: "Jacques A. Vidrine" , Anatole Shaw , Dag-Erling Smorgrav , freebsd-security@freebsd.org References: <1028312148.3d4acc54c5eef@webmail.vsi.ru> <20020806053237.A49851@kagnew.autoloop.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020806053237.A49851@kagnew.autoloop.com> X-Url: http://www.nectar.cc/ User-Agent: Mutt/1.5.1i-ja.1 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Aug 06, 2002 at 05:32:37AM -0400, Anatole Shaw wrote: > As a result, there were just about 3 days during which the security patch > circulated with no explanation. Those were three days for blackhats to > examine the patch, and for exploits to emerge and circulate, before most > admins were aware of the bug or its impact. The bug fix in question was actually in the -CURRENT and -STABLE branches as many as 6 weeks ago. The commit to the security branches on July 31 would have been the first indication that there would be an advisory for the issue. Adding the patch to the FTP site didn't disclose any further information. > On the same day, Ache@ forwarded an unrelated CVS commit on setlocale.c to > this list, adding nonchalantly, "That original BSD code bug can be > exploitable." The advisory for this one is still in the works, I guess. He made a mistake (two, actually): = he meant to mail security-officer@freebsd.org, rather than security@freebsd.org = he was wrong ... there was no security issue > I'm all for full-disclosure, but something is very wrong in these 2 cases. > Known security problems are being released in fragments without any > coordination. It seems that a basic Vulnerability Coordination function > is broken or missing, and surely we can fix this. I don't think is anything wrong, other than a bit of back-seat driving. I make plenty of Actual Mistakes for you to pick on if you like --- this was not one of them. :-) Cheers, -- Jacques A. Vidrine http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 4:58:32 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F04D237B400 for ; Tue, 6 Aug 2002 04:58:29 -0700 (PDT) Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6271643E77 for ; Tue, 6 Aug 2002 04:57:49 -0700 (PDT) (envelope-from nectar@nectar.cc) Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111]) by gw.nectar.cc (Postfix) with ESMTP id C978195; Tue, 6 Aug 2002 06:57:38 -0500 (CDT) Received: from madman.nectar.cc (localhost [IPv6:::1]) by madman.nectar.cc (8.12.3/8.12.3) with ESMTP id g76Bvcvd094952; Tue, 6 Aug 2002 06:57:38 -0500 (CDT) (envelope-from nectar@madman.nectar.cc) Received: (from nectar@localhost) by madman.nectar.cc (8.12.3/8.12.3/Submit) id g76BvciD094951; Tue, 6 Aug 2002 06:57:38 -0500 (CDT) Date: Tue, 6 Aug 2002 06:57:38 -0500 From: "Jacques A. Vidrine" To: Colin Percival Cc: Dag-Erling Smorgrav , Anatole Shaw , freebsd-security@FreeBSD.ORG Subject: Re: advisory coordination (Re: SA-02:35) Message-ID: <20020806115738.GG94762@madman.nectar.cc> Mail-Followup-To: "Jacques A. Vidrine" , Colin Percival , Dag-Erling Smorgrav , Anatole Shaw , freebsd-security@FreeBSD.ORG References: <20020806053237.A49851@kagnew.autoloop.com> <1028312148.3d4acc54c5eef@webmail.vsi.ru> <20020806053237.A49851@kagnew.autoloop.com> <5.0.2.1.1.20020806031941.01febf28@popserver.sfu.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5.0.2.1.1.20020806031941.01febf28@popserver.sfu.ca> X-Url: http://www.nectar.cc/ User-Agent: Mutt/1.5.1i-ja.1 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Aug 06, 2002 at 03:33:59AM -0700, Colin Percival wrote: > It wouldn't be a panacea, but if the mirrors could be set to update > automatically when a security issue arises (instead of operating on their > normal schedule) then the issue of advisories coming out before relevant > files were mirrored would not be a danger. I can't see that this would > cause any problems, since any blackhats looking for unannounced patches > would be looking on the main ftp server anyway. As I implied in my previous message, no patches will hit any FTP server or other public source before being committed to the FreeBSD security branches. Once they are in the security branches, the patches themselves are public and available. > Apart from that... is there anything wrong with issuing a preliminary > notice and following up with full details later? Not in and of itself. In this case, I released the advisory as soon as I believed that we had enough information to do so. Cheers, -- Jacques A. Vidrine http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 5: 2:45 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1389537B400 for ; Tue, 6 Aug 2002 05:02:41 -0700 (PDT) Received: from anchor-post-34.mail.demon.net (anchor-post-34.mail.demon.net [194.217.242.92]) by mx1.FreeBSD.org (Postfix) with ESMTP id 78B8243E6E for ; Tue, 6 Aug 2002 05:02:40 -0700 (PDT) (envelope-from kevin@caomhin.demon.co.uk) Received: from caomhin.demon.co.uk ([62.49.21.186]) by anchor-post-34.mail.demon.net with esmtp (Exim 3.35 #1) id 17c32t-000HsO-0Y; Tue, 06 Aug 2002 13:02:39 +0100 Message-ID: Date: Tue, 6 Aug 2002 13:01:28 +0100 To: Fabrizio Ravazzini Cc: freebsd-security@freebsd.org From: Kevin Golding Subject: Re: OpenSSh trojan on fbsd 4.5 References: <20020806113013.1491.qmail@web20105.mail.yahoo.com> In-Reply-To: <20020806113013.1491.qmail@web20105.mail.yahoo.com> MIME-Version: 1.0 X-Mailer: Turnpike Integrated Version 5.01 U Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Someone, quite probably Fabrizio Ravazzini, once wrote: >Hello all I've installed a server on Freebsd 4.5 >Stable. >I know that latest versions of OpenSSH, such 3.2.2p1 >3.4p1 and 3.4 are trojaned. >I think that Openssh on my system is something like >3.0.2, is that right? 2.9 iirc ssh -V will tell you accurately. >Or, is the version of ssh in my box trojaned? >Thanx bye Basically you were only at risk if you installed a later version deliberately, and if you did that from ports you would have still needed to explicitly tell the install to ignore certain security checks. Basically a default install is unaffected. Kevin -- kevin@caomhin.demon.co.uk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 5: 7:37 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EF47D37B400 for ; Tue, 6 Aug 2002 05:07:34 -0700 (PDT) Received: from web20110.mail.yahoo.com (web20110.mail.yahoo.com [216.136.226.47]) by mx1.FreeBSD.org (Postfix) with SMTP id 7C84D43E75 for ; Tue, 6 Aug 2002 05:07:34 -0700 (PDT) (envelope-from freefabri@yahoo.it) Message-ID: <20020806120734.76242.qmail@web20110.mail.yahoo.com> Received: from [193.227.212.160] by web20110.mail.yahoo.com via HTTP; Tue, 06 Aug 2002 14:07:34 CEST Date: Tue, 6 Aug 2002 14:07:34 +0200 (CEST) From: =?iso-8859-1?q?Fabrizio=20Ravazzini?= Subject: Re: OpenSSh trojan on fbsd 4.5 To: Kevin Golding Cc: freebsd-security@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Ok thanks for the help Bye --- Kevin Golding ha scritto: > Someone, quite probably Fabrizio Ravazzini, once > wrote: > >Hello all I've installed a server on Freebsd 4.5 > >Stable. > >I know that latest versions of OpenSSH, such > 3.2.2p1 > >3.4p1 and 3.4 are trojaned. > >I think that Openssh on my system is something > like > >3.0.2, is that right? > > 2.9 iirc > > ssh -V will tell you accurately. > > >Or, is the version of ssh in my box trojaned? > >Thanx bye > > Basically you were only at risk if you installed a > later version > deliberately, and if you did that from ports you > would have still needed > to explicitly tell the install to ignore certain > security checks. > > Basically a default install is unaffected. > > Kevin > -- > kevin@caomhin.demon.co.uk > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of > the message ______________________________________________________________________ Scarica il nuovo Yahoo! Messenger: con webcam, nuove faccine e tante altre novitЮ. http://it.yahoo.com/mail_it/foot/?http://it.messenger.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 5:16:20 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 225A037B400 for ; Tue, 6 Aug 2002 05:16:17 -0700 (PDT) Received: from serv2.vsi.ru (serv2.vsi.ru [80.82.32.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id D20D543E5E for ; Tue, 6 Aug 2002 05:16:15 -0700 (PDT) (envelope-from oleg@vsi.ru) Received: (from nobody@localhost) by serv2.vsi.ru (8.9.3/8.9.3) id QAA30480 for freebsd-security@freebsd.org; Tue, 6 Aug 2002 16:13:26 +0400 (MSD) (envelope-from oleg@vsi.ru) To: freebsd-security@freebsd.org Subject: Merged security patches for 4.3-RELEASE Message-ID: <1028636005.3d4fbd6600b65@webmail.vsi.ru> Date: Tue, 06 Aug 2002 16:13:26 +0400 (MSD) From: Oleg Derevenetz MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit User-Agent: IMP/PHP IMAP webmail program 2.2.8 X-Originating-IP: 80.82.32.19 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi all, I have a number of 4.0-RELEASE and 4.3-RELEASE systems, that cannot be upgraded for some reasons, but I want to keep them up-to-date (as far as possible) in security aspect. I have a number of security patches (almost all non-ports, released cince 4.0-RELEASE), merged (if necessary) with 4.0-RELEASE and 4.3-RELEASE source code here: ftp://ftp.vsi.ru/pub/FreeBSD/patches Does the FreeBSD community concerned with these "merged" and tested patches ? Since I forced to merge these (and all new) security patches to 4.0 and 4.3, I always can grant them to FreeBSD community. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 8: 9:53 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C913837B400 for ; Tue, 6 Aug 2002 08:09:48 -0700 (PDT) Received: from mx1.FreeBSD.org (host-66-133-58-214.verestar.net [66.133.58.214]) by mx1.FreeBSD.org (Postfix) with SMTP id A4D7243E88 for ; Tue, 6 Aug 2002 08:08:56 -0700 (PDT) (envelope-from agogo@mail.com) From: "MRS. AGOGO KOBE" Date: Tue, 06 Aug 2002 16:08:49 To: FreeBSD-security@FreeBSD.org Subject: NEXT OF KIN MIME-Version: 1.0 Content-Type: text/plain;charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <20020806150856.A4D7243E88@mx1.FreeBSD.org> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org UNION BANK NIGERIA PLC LAGOS NIGERIA 40/46 marina street Lagos FROM THE DESK OF MRS. AGOGO KOBE MANAGER,BILLS AND EXCHANGE. TEL:234-80-33357110 ATTN , REQUEST FOR BUSINESS PARTNERSHIP I AM THE MANAGER OF BILLS AND EXCHANGE AT THE FOREIGN REMITTANCE DEPARTMENT OF THIS BANK. IAM WRITING YOU FOLLOWING THE IMPRESSIVE INFORMATION ABOUT YOU THROUGH ONE OF MY FRIENDS WHO WORKED WITH THE NIGERIAN CHAMBER OF COMERCE BEFORE HIS TRANSFER TO THE NIGERIAN TRADE MISSION IN HONG KONG. HE ASSURED ME OF YOUR CAPABILITY AND RELIABILITY TO CHAMPION A BUSINESS OF GREAT MAGNITUDE LIKE THIS ONE,ALTHOUGH I DID NOT TELL HIM THE NATURE OF THIS BUSINESS BECAUSE OF THE CONFIDENTIALITY IT REQUIRES. IN MY DEPARTMENT, WE DISCOVERED AN ABANDONED SUM OF USD25MILLION(TWENTY FIVE MILLION UNITED STATES DOLLARS ONLY) IN A DOMICILIARY ACCOUNT THAT BELONGS TO ONE OF OUR FOREIGN CUSTOMERS WHO DIED IN A GHASTLY PLANE CRASH IN JANUARY 2000 ABOARD KENYA AIRWAYS ALONG WITH HIS ENTIRE FAMILY. SINCE WE GOT THE INFORMATION ABOUT HIS DEATH, WE HAVE EXPECTED HIS NEXT- OF- KIN TO COME OVER AND CLAIM THE MONEY BECAUSE WE CANNOT RELEASE IT UNLESS SOMEBODY APPLIES FOR IT AS THE NEXT OF KIN OR RELATION TO THE DECEASED AS INDICATED IN OUR BANKING GUIDELINES. UNFORTUNATELY WE LEARNT THAT ALL HIS SUPPOSED NEXT OF KIN OR RELATIONS DIED ALONG WITH HIM AT THE PLANE CRASH LEAVING NOBODY BEHIND FOR THE CLAIM. IT IS UPON THIS DISCOVERY THEREFORE, THAT I AND ONE KEY OFFICIALS IN MY DEPARTMENT NOW DECIDED TO MAKE BUSINESS WITH YOU AND RELEASE THE MONEY TO YOU AS THE NEXT OF KIN OR RELATION OF THE DECEASED FOR SAFE-KEEPING AND SUBSEQUENT DISBURSEMENT WITH YOU SINCE NOBODY IS COMING FOR IT AND WE DO NOT WANT THIS MONEY TO BE RECYCLED INTO THE BANK'S BOUNDED ACCOUNT AS AN UNCLAIMED FUND. THE REQUEST FOR A FOREIGNER AS NEXT OF KIN IN THIS BUSINESS IS OCCASIONED BY THE FACT THAT THE CUSTOMER WAS A FOREIGNER AND A NIGERIA CANNOT STAND AS NEXT OF KIN TO A FOREIGNER. WE HAVE AGREED THAT 25% OF THIS MONEY WILL BE FOR YOU AS FOREIGN PARTNER, THEREAFTER MY COLLEAGUE AND I WILL VISIT YOUR COUNTRY FOR THE DISBURSEMENT ACCORDING TO THE AGREED PERCENTAGES. PERSONALLY, I WOULD WANT YOU TO ADVISE ME ON THE BEST AREA OF INVESTMENT BECAUSE I AM CONSIDERING TO INVEST THE GREATER PROPORTION OF MY SHARE IN YOUR COUNTRY. THEREFORE TO ENABLE THE IMMEDIATE TRANSFER OF THE FUND VIA OUR CORRESPONDENT FINANCE HOUSE IN ABORAD TO YOU AS ARRANGED, YOU SHOULD FIRST APPLY TO THE BANK AS THE NEXT OF KIN OR BUSINESS PARTNER OF THE DECEASED INDICATING YOUR ACCOUNT DETAILS WHEREIN THE MONEY WILL BE REMITED. UPON RECEIPT OF YOUR REPLY MAIL, I SHALL SEND TO YOU THE TEXT OF THE APPLICATION WHICH YOU WILL BE REQUIRED TO SUMIT TO THE BANK FOR THE BANK'S PROCEDURAL AUTHENTICATION AND IMMEDIATE REMITTANCE OF THE MONEY TO THE ACCOUNT YOU ARE GOING TO NOMINATE. AS SOON AS YOU RECEIVE THIS MAIL, DO CONTACT ME AT ONCE THROUGH MY FAX INDICATED 234-1-7590893, AT ONCE OR BETTER STILL YOU CALL ME ON MY ABOVE TELEPHONE NUMBER FOR MORE CLARIFICATION. AND I WOULD ALSO LIKE YOU TO INDICATE YOUR PRIVATE AND CONFIDENTIAL TELEPHONE, FAX,CELLULAR AND E-MAIL FOR THE EFFECTIVE COMMUNICATION REQUIRED. *BE INFORMED THAT ALL NECESSARY ARRANGEMENTS TOWARDS THE SUCCESSFUL TRANSFER OF THE FUND VIA OUR CORRESPONDENT FINANCE HOUSE IN ABORAD HAVE BEEN CONCLUDED AND IT IS 100% RISK FREE. TRUSTING TO HEAR FROM YOU IMMEDIATELY. YOURS FAITHFULLY, MRS. AGOGO KOBE To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 9:56:49 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E10DB37B400 for ; Tue, 6 Aug 2002 09:56:46 -0700 (PDT) Received: from photon.look.ca (photon.look.ca [207.136.80.123]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8746A43E75 for ; Tue, 6 Aug 2002 09:56:46 -0700 (PDT) (envelope-from melange@yip.org) Received: from qc-mon-pel-ap3-12-48.look.ca ([209.148.72.95] helo=lust.inside.int) by photon.look.ca with esmtp (Exim 4.05) id 17c7dU-0004Ls-00; Tue, 06 Aug 2002 16:56:45 +0000 Received: from yip.org (localhost.inside.int [127.0.0.1]) by lust.inside.int (8.11.6/8.11.6) with ESMTP id g76Gv5N04139; Tue, 6 Aug 2002 12:57:07 -0400 (EDT) (envelope-from melange@yip.org) Message-ID: <3D4FFFDD.5070704@yip.org> Date: Tue, 06 Aug 2002 12:57:01 -0400 From: Bob K User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.1b) Gecko/20020718 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Oleg Derevenetz Cc: freebsd-security@FreeBSD.ORG Subject: Re: Merged security patches for 4.3-RELEASE References: <1028636005.3d4fbd6600b65@webmail.vsi.ru> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Oleg Derevenetz wrote: > > I have a number of 4.0-RELEASE and 4.3-RELEASE systems, that cannot be upgraded > for some reasons, but I want to keep them up-to-date (as far as possible) in > security aspect. I have a number of security patches (almost all non-ports, > released cince 4.0-RELEASE), merged (if necessary) with 4.0-RELEASE and > 4.3-RELEASE source code here: > > ftp://ftp.vsi.ru/pub/FreeBSD/patches > > Does the FreeBSD community concerned with these "merged" and tested patches ? > Since I forced to merge these (and all new) security patches to 4.0 and 4.3, I > always can grant them to FreeBSD community. Whether or not they get merged in with the older security branches, perhaps you could combine your resources with these guys? http://www.visi.com/~hawkeyd/freebsd-backports.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 11: 3:11 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A98DD37B400 for ; Tue, 6 Aug 2002 11:03:08 -0700 (PDT) Received: from kagnew.autoloop.com (kagnew.autoloop.com [207.99.30.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id A0DF143E65 for ; Tue, 6 Aug 2002 11:03:07 -0700 (PDT) (envelope-from ash@kagnew.autoloop.com) Received: by kagnew.autoloop.com (Postfix, from userid 1000) id A1EAF74479; Tue, 6 Aug 2002 18:03:00 +0000 (GMT) Date: Tue, 6 Aug 2002 14:03:00 -0400 From: Anatole Shaw To: Dag-Erling Smorgrav Cc: freebsd-security@freebsd.org Subject: Re: advisory coordination (Re: SA-02:35) Message-ID: <20020806140300.A24745@kagnew.autoloop.com> References: <1028312148.3d4acc54c5eef@webmail.vsi.ru> <20020806053237.A49851@kagnew.autoloop.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from des@ofug.org on Tue, Aug 06, 2002 at 12:08:36PM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Aug 06, 2002 at 12:08:36PM +0200, Dag-Erling Smorgrav wrote: > What do you propose? I think that a policy of issuing "early warning" advisories, as Colin Percival extrapolated from my original post, is one right solution. That is, an incomplete advisory is better than no advisory at all, when bug details (i.e. patch) are already circulating. Some other OS vendors issue advisories that say little more than "hurry up and download the patch," but at least those make admins aware that an issue exists. I'd be happy to help make a (better, obviously) "early warning system" happen for FreeBSD, if people agree that it's a good idea. We're all on the same boat here. Regards, -- Anatole Shaw Autoloop Security Consulting http://www.autoloop.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 11:40:58 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 49D1B37B400 for ; Tue, 6 Aug 2002 11:40:56 -0700 (PDT) Received: from serv2.vsi.ru (serv2.vsi.ru [80.82.32.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id F203543E6A for ; Tue, 6 Aug 2002 11:40:54 -0700 (PDT) (envelope-from oleg@vsi.ru) Received: (from nobody@localhost) by serv2.vsi.ru (8.9.3/8.9.3) id WAA10018 for freebsd-security@freebsd.org; Tue, 6 Aug 2002 22:38:01 +0400 (MSD) (envelope-from oleg@vsi.ru) To: freebsd-security@freebsd.org Subject: Re: Merged security patches for 4.3-RELEASE Message-ID: <1028659081.3d50178945f68@webmail.vsi.ru> Date: Tue, 06 Aug 2002 22:38:01 +0400 (MSD) From: Oleg Derevenetz MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit User-Agent: IMP/PHP IMAP webmail program 2.2.8 X-Originating-IP: 80.82.32.19 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Цитирую Bob K : > > Does the FreeBSD community concerned with these "merged" and tested > patches ? > > Since I forced to merge these (and all new) security patches to 4.0 > and 4.3, I > > always can grant them to FreeBSD community. > > Whether or not they get merged in with the older security branches, > perhaps you could combine your resources with these guys? > > http://www.visi.com/~hawkeyd/freebsd-backports.html All right, I just wrote e-mail to hawkeyd@visi.com, and it was rejected by odd antispam filter. Does anybody know how to contact with this person ? Can I see him there, for example ? It seems that his antispam filter passion (see link on his page) plays poor joke with him ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 12:20:33 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 42A3C37B400 for ; Tue, 6 Aug 2002 12:20:31 -0700 (PDT) Received: from clink.schulte.org (clink.schulte.org [209.134.156.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id B3AEE43E6A for ; Tue, 6 Aug 2002 12:20:30 -0700 (PDT) (envelope-from schulte+freebsd@nospam.schulte.org) Received: from localhost (localhost [127.0.0.1]) by clink.schulte.org (Postfix) with ESMTP id 9B903243CF; Tue, 6 Aug 2002 14:20:29 -0500 (CDT) Received: from schulte-laptop.nospam.schulte.org (carpnod.schulte.org [209.134.156.200]) by clink.schulte.org (Postfix) with ESMTP id 902FB243F7; Tue, 6 Aug 2002 14:20:26 -0500 (CDT) Message-Id: <5.1.1.6.2.20020806141858.03e18680@localhost> X-Sender: (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 5.1.1 Date: Tue, 06 Aug 2002 14:19:43 -0500 To: Oleg Derevenetz , freebsd-security@freebsd.org From: Christopher Schulte Subject: Re: Merged security patches for 4.3-RELEASE In-Reply-To: <1028659081.3d50178945f68@webmail.vsi.ru> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by AMaViS 0.3.12pre6 on clink.schulte.org Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 10:38 PM 8/6/2002 +0400, Oleg Derevenetz wrote: >All right, I just wrote e-mail to hawkeyd@visi.com, and it was rejected by odd >antispam filter. Does anybody know how to contact with this person ? Can I see >him there, for example ? It seems that his antispam filter passion (see >link on >his page) plays poor joke with him ;-) I have exchanged correspondence with this individual. I have forwarded your message. Good luck. -- Christopher Schulte http://www.schulte.org/ Do not un-munge my @nospam.schulte.org email address. This address is valid. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 12:28: 0 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1453A37B400 for ; Tue, 6 Aug 2002 12:27:56 -0700 (PDT) Received: from bran.mc.mpls.visi.com (bran.mc.mpls.visi.com [208.42.156.103]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9C61C43E4A for ; Tue, 6 Aug 2002 12:27:55 -0700 (PDT) (envelope-from hawkeyd@visi.com) Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193]) by bran.mc.mpls.visi.com (Postfix) with ESMTP id BF81F4B20; Tue, 6 Aug 2002 14:27:54 -0500 (CDT) Received: (from hawkeyd@localhost) by sheol.localdomain (8.11.6/8.11.6) id g76JRrN23297; Tue, 6 Aug 2002 14:27:53 -0500 (CDT) (envelope-from hawkeyd) Date: Tue, 6 Aug 2002 14:27:53 -0500 (CDT) Message-Id: <200208061927.g76JRrN23297@sheol.localdomain> Mime-Version: 1.0 X-Newsreader: knews 1.0b.1 Reply-To: hawkeyd@visi.com Organization: if (!FIFO) if (!LIFO) break; References: <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net> In-Reply-To: <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net> From: hawkeyd@visi.com (D J Hawkey Jr) Subject: Re: Merged security patches for 4.3-RELEASE X-Original-Newsgroups: sol.lists.freebsd.security To: oleg@vsi.ru, freebsd-security@freebsd.org Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In article <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net>, oleg@vsi.ru writes: > Цитирую Bob K : > >> > Does the FreeBSD community concerned with these "merged" and tested >> patches ? >> > Since I forced to merge these (and all new) security patches to 4.0 >> and 4.3, I >> > always can grant them to FreeBSD community. >> >> Whether or not they get merged in with the older security branches, >> perhaps you could combine your resources with these guys? >> >> http://www.visi.com/~hawkeyd/freebsd-backports.html > > All right, I just wrote e-mail to hawkeyd@visi.com, and it was rejected by odd > antispam filter. Does anybody know how to contact with this person ? Can I see > him there, for example ? It seems that his antispam filter passion (see link on > his page) plays poor joke with him ;-) No, SpamFilters isn't playing any joke - SpamAssassin flagged your mail with "CHARSET_FARAWAY", meaning it isn't something I'm able to read (supposedly), so SpamFilters rejected it accordingly. I've lifted that particular SpamAssassin status, if you wish to try again. Thanks for thinking of me and my FreeBSD Backports page though! Dave PS, I didn't know anyone here knew I had put up SpamFilters! Yes, spam has become passion of mine. -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 13: 2:31 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E53FF37B400 for ; Tue, 6 Aug 2002 13:02:28 -0700 (PDT) Received: from bodb.mc.mpls.visi.com (bodb.mc.mpls.visi.com [208.42.156.104]) by mx1.FreeBSD.org (Postfix) with ESMTP id 78DD943E70 for ; Tue, 6 Aug 2002 13:02:28 -0700 (PDT) (envelope-from hawkeyd@visi.com) Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193]) by bodb.mc.mpls.visi.com (Postfix) with ESMTP id 994A14A61; Tue, 6 Aug 2002 15:02:27 -0500 (CDT) Received: (from hawkeyd@localhost) by sheol.localdomain (8.11.6/8.11.6) id g76K2QA23480; Tue, 6 Aug 2002 15:02:26 -0500 (CDT) (envelope-from hawkeyd) Date: Tue, 6 Aug 2002 15:02:26 -0500 (CDT) Message-Id: <200208062002.g76K2QA23480@sheol.localdomain> Mime-Version: 1.0 X-Newsreader: knews 1.0b.1 Reply-To: hawkeyd@visi.com Organization: if (!FIFO) if (!LIFO) break; References: <1028636005.3d4fbd6600b65_webmail.vsi.ru@ns.sol.net> In-Reply-To: <1028636005.3d4fbd6600b65_webmail.vsi.ru@ns.sol.net> From: hawkeyd@visi.com (D J Hawkey Jr) Subject: Re: Merged security patches for 4.3-RELEASE X-Original-Newsgroups: sol.lists.freebsd.security To: oleg@vsi.ru, freebsd-security@freebsd.org Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In article <1028636005.3d4fbd6600b65_webmail.vsi.ru@ns.sol.net>, oleg@vsi.ru writes: > Hi all, > > I have a number of 4.0-RELEASE and 4.3-RELEASE systems, that cannot be upgraded > for some reasons, but I want to keep them up-to-date (as far as possible) in > security aspect. I have a number of security patches (almost all non-ports, > released cince 4.0-RELEASE), merged (if necessary) with 4.0-RELEASE and > 4.3-RELEASE source code here: > > ftp://ftp.vsi.ru/pub/FreeBSD/patches > > Does the FreeBSD community concerned with these "merged" and tested patches ? > Since I forced to merge these (and all new) security patches to 4.0 and 4.3, I > always can grant them to FreeBSD community. I am interested in your patches, yes. Please leave them there for a week or so, that I might pick them up. In the mean time, please visit http://www.visi.com/~hawkeyd/freebsd-backports.html to see if my terms for releasing your patches agrees with your philosophy. Note that I am not associated with The FreeBSD Project in any official capacity. I'm just filling a hole [as I perceive it] as best I can in my own little way. Dave -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 13:20:30 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D12D637B400 for ; Tue, 6 Aug 2002 13:20:26 -0700 (PDT) Received: from d188h80.mcb.uconn.edu (d188h80.mcb.uconn.edu [137.99.188.80]) by mx1.FreeBSD.org (Postfix) with SMTP id EF89743E3B for ; Tue, 6 Aug 2002 13:20:25 -0700 (PDT) (envelope-from sirmoo@cowbert.2y.net) Received: (qmail 67562 invoked by uid 1001); 6 Aug 2002 20:20:25 -0000 Date: Tue, 6 Aug 2002 16:20:24 -0400 From: "Peter C. Lai" To: Anatole Shaw Cc: Dag-Erling Smorgrav , freebsd-security@freebsd.org Subject: Re: advisory coordination (Re: SA-02:35) Message-ID: <20020806162024.A67456@cowbert.2y.net> Reply-To: peter.lai@uconn.edu References: <1028312148.3d4acc54c5eef@webmail.vsi.ru> <20020806053237.A49851@kagnew.autoloop.com> <20020806140300.A24745@kagnew.autoloop.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020806140300.A24745@kagnew.autoloop.com>; from shaw@autoloop.com on Tue, Aug 06, 2002 at 02:03:00PM -0400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Aug 06, 2002 at 02:03:00PM -0400, Anatole Shaw wrote: > On Tue, Aug 06, 2002 at 12:08:36PM +0200, Dag-Erling Smorgrav wrote: > > What do you propose? > > I think that a policy of issuing "early warning" advisories, as Colin > Percival extrapolated from my original post, is one right solution. That > is, an incomplete advisory is better than no advisory at all, when bug > details (i.e. patch) are already circulating. It depends. We have already seen multiple cases where we have had multiple revisions of the same advisory. I believe 3 of the more recent advisories were revised due to revisions of the original release. This makes support hard for the customers; I have had to build world about 3 times in the last two weeks (tracking RELENG_4_6) whereas prior to the openssh debacle I lasted a few months without building world. This is probably worse for the large-installation administrators who are currently tracking a moving target even with the help of build farms and build testing. Still, the openssl revision along with the stdio repatch seems to suggest that we may want to balance haste with quality of the patches. > > Some other OS vendors issue advisories that say little more than "hurry up > and download the patch," but at least those make admins aware that an > issue exists. I'd be happy to help make a (better, obviously) "early > warning system" happen for FreeBSD, if people agree that it's a good idea. > We're all on the same boat here. > > Regards, > > -- > Anatole Shaw > Autoloop Security Consulting > http://www.autoloop.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology | Undergraduate Research Assistant Yale University School of Medicine Center for Medical Informatics | Research Assistant http://cowbert.2y.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 14:17:41 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B032A37B401 for ; Tue, 6 Aug 2002 14:17:39 -0700 (PDT) Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id 468DA43E72 for ; Tue, 6 Aug 2002 14:17:37 -0700 (PDT) (envelope-from des@ofug.org) Received: by flood.ping.uio.no (Postfix, from userid 2602) id B47A7535F; Tue, 6 Aug 2002 23:17:35 +0200 (CEST) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: hawkeyd@visi.com Cc: oleg@vsi.ru, freebsd-security@freebsd.org Subject: Re: Merged security patches for 4.3-RELEASE References: <1028636005.3d4fbd6600b65_webmail.vsi.ru@ns.sol.net> <200208062002.g76K2QA23480@sheol.localdomain> From: Dag-Erling Smorgrav Date: 06 Aug 2002 23:17:35 +0200 In-Reply-To: <200208062002.g76K2QA23480@sheol.localdomain> Message-ID: Lines: 12 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.2 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org hawkeyd@visi.com (D J Hawkey Jr) writes: > Note that I am not associated with The FreeBSD Project in any official > capacity. I'm just filling a hole [as I perceive it] as best I can in my own > little way. You are, of course, free to do so, and I am certain that your efforts are much appreciated by those who for some reason or other are still running old releases. Keep it up! DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Aug 6 14:32:19 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 94F4637B400 for ; Tue, 6 Aug 2002 14:32:17 -0700 (PDT) Received: from pd4mo3so.prod.shaw.ca (h24-71-223-10.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6AE0A43E72 for ; Tue, 6 Aug 2002 14:32:16 -0700 (PDT) (envelope-from Colin_Percival@sfu.ca) Received: from pd2mr4so.prod.shaw.ca (pd2mr4so-ser.prod.shaw.ca [10.0.141.107]) by l-daemon (iPlanet Messaging Server 5.1 HotFix 0.8 (built May 12 2002)) with ESMTP id <0H0F00KA5YHSD1@l-daemon> for freebsd-security@FreeBSD.ORG; Tue, 06 Aug 2002 15:32:16 -0600 (MDT) Received: from pn2ml8so.prod.shaw.ca (pn2ml8so-qfe0.prod.shaw.ca [10.0.121.152]) by l-daemon (iPlanet Messaging Server 5.1 HotFix 0.8 (built May 12 2002)) with ESMTP id <0H0F009C0YHS6X@l-daemon> for freebsd-security@FreeBSD.ORG; Tue, 06 Aug 2002 15:32:16 -0600 (MDT) Received: from piii600.sfu.ca (h24-79-84-133.vc.shawcable.net [24.79.84.133]) by l-daemon (iPlanet Messaging Server 5.1 HotFix 0.8 (built May 12 2002)) with ESMTP id <0H0F00K2HYHR5L@l-daemon> for freebsd-security@FreeBSD.ORG; Tue, 06 Aug 2002 15:32:16 -0600 (MDT) Date: Tue, 06 Aug 2002 14:32:12 -0700 From: Colin Percival Subject: Re: advisory coordination (Re: SA-02:35) In-reply-to: <20020806162024.A67456@cowbert.2y.net> X-Sender: cperciva@popserver.sfu.ca To: peter.lai@uconn.edu, Anatole Shaw Cc: Dag-Erling Smorgrav , freebsd-security@FreeBSD.ORG Message-id: <5.0.2.1.1.20020806142610.01fe55b8@popserver.sfu.ca> MIME-version: 1.0 X-Mailer: QUALCOMM Windows Eudora Version 5.0.2 Content-type: text/plain; charset=us-ascii; format=flowed Content-transfer-encoding: 7BIT X-Info-RBL1: ox.ac.uk filters email against various lists. X-Info-RBL2: If your replies bounce, try sending them to cperciva@sfu.ca References: <20020806140300.A24745@kagnew.autoloop.com> <1028312148.3d4acc54c5eef@webmail.vsi.ru> <20020806053237.A49851@kagnew.autoloop.com> <20020806140300.A24745@kagnew.autoloop.com> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 16:20 06/08/2002 -0400, Peter C. Lai wrote: >On Tue, Aug 06, 2002 at 02:03:00PM -0400, Anatole Shaw wrote: > > I think that a policy of issuing "early warning" advisories, as Colin > > Percival extrapolated from my original post, is one right solution. That > > is, an incomplete advisory is better than no advisory at all, when bug > > details (i.e. patch) are already circulating. > >[...] Still, the openssl revision along with the >stdio repatch seems to suggest that we may want to balance haste >with quality of the patches. I didn't mean at all that the quality of the patches should be endangered in order to issue an advisory quickly; rather, I meant that once everyone involved agreed that a patch was good, issuing an advisory saying "there's a problem, here's the patch, we don't know what the possible workarounds might be" would be preferable to waiting until you had analyzed exactly when there is a security risk and what the workarounds might be. Colin Percival To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Aug 7 5:38:25 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BC1A337B401 for ; Wed, 7 Aug 2002 05:38:23 -0700 (PDT) Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 08F1043E3B for ; Wed, 7 Aug 2002 05:38:23 -0700 (PDT) (envelope-from nectar@nectar.cc) Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111]) by gw.nectar.cc (Postfix) with ESMTP id 7EF91D; Wed, 7 Aug 2002 07:38:22 -0500 (CDT) Received: from madman.nectar.cc (localhost [IPv6:::1]) by madman.nectar.cc (8.12.3/8.12.3) with ESMTP id g77CcMvd004561; Wed, 7 Aug 2002 07:38:22 -0500 (CDT) (envelope-from nectar@madman.nectar.cc) Received: (from nectar@localhost) by madman.nectar.cc (8.12.3/8.12.3/Submit) id g77CcKNh004560; Wed, 7 Aug 2002 07:38:20 -0500 (CDT) Date: Wed, 7 Aug 2002 07:38:20 -0500 From: "Jacques A. Vidrine" To: Colin Percival Cc: peter.lai@uconn.edu, Anatole Shaw , Dag-Erling Smorgrav , freebsd-security@FreeBSD.ORG Subject: Re: advisory coordination (Re: SA-02:35) Message-ID: <20020807123820.GF4401@madman.nectar.cc> Mail-Followup-To: "Jacques A. Vidrine" , Colin Percival , peter.lai@uconn.edu, Anatole Shaw , Dag-Erling Smorgrav , freebsd-security@FreeBSD.ORG References: <20020806140300.A24745@kagnew.autoloop.com> <1028312148.3d4acc54c5eef@webmail.vsi.ru> <20020806053237.A49851@kagnew.autoloop.com> <20020806140300.A24745@kagnew.autoloop.com> <5.0.2.1.1.20020806142610.01fe55b8@popserver.sfu.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5.0.2.1.1.20020806142610.01fe55b8@popserver.sfu.ca> X-Url: http://www.nectar.cc/ User-Agent: Mutt/1.5.1i-ja.1 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Aug 06, 2002 at 02:32:12PM -0700, Colin Percival wrote: > rather, I meant that once > everyone involved agreed that a patch was good, issuing an advisory saying > "there's a problem, here's the patch, we don't know what the possible > workarounds might be" Track the current security branch (RELENG_4_6 at the moment) and that is essentially what you will get. Cheers, -- Jacques A. Vidrine http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Aug 7 8:43: 7 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5369137B400 for ; Wed, 7 Aug 2002 08:43:05 -0700 (PDT) Received: from quarry.com (mail.quarry.com [205.189.158.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id BDC8A43E6E for ; Wed, 7 Aug 2002 08:43:04 -0700 (PDT) (envelope-from ctaylor@quarry.com) Received: from mr-t.quarry.com (10.1.7.145) by quarry.com with ESMTP (Eudora Internet Mail Server 3.0.1) for ; Wed, 7 Aug 2002 11:43:01 -0400 Content-Type: text/plain; charset="us-ascii" From: Craig Taylor To: FreeBSD-security@FreeBSD.org Subject: subscribe Date: Wed, 7 Aug 2002 11:42:41 -0400 X-Mailer: KMail [version 1.4] MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200208071142.41138.ctaylor@quarry.com> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Aug 7 9:10:59 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BBD6E37B400 for ; Wed, 7 Aug 2002 09:10:54 -0700 (PDT) Received: from blackhelicopters.org (geburah.blackhelicopters.org [209.69.178.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3AF4643E72 for ; Wed, 7 Aug 2002 09:10:54 -0700 (PDT) (envelope-from mwlucas@blackhelicopters.org) Received: from blackhelicopters.org (mwlucas@localhost [127.0.0.1]) by blackhelicopters.org (8.12.4/8.12.4) with ESMTP id g77GAncC047691; Wed, 7 Aug 2002 12:10:49 -0400 (EDT) (envelope-from mwlucas@blackhelicopters.org) Received: (from mwlucas@localhost) by blackhelicopters.org (8.12.4/8.12.4/Submit) id g77GAmub047690; Wed, 7 Aug 2002 12:10:48 -0400 (EDT) Date: Wed, 7 Aug 2002 12:10:48 -0400 From: Michael Lucas To: D J Hawkey Jr Cc: oleg@vsi.ru, freebsd-security@FreeBSD.ORG Subject: Re: Merged security patches for 4.3-RELEASE Message-ID: <20020807121048.A47502@blackhelicopters.org> References: <1028636005.3d4fbd6600b65_webmail.vsi.ru@ns.sol.net> <200208062002.g76K2QA23480@sheol.localdomain> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200208062002.g76K2QA23480@sheol.localdomain>; from hawkeyd@visi.com on Tue, Aug 06, 2002 at 03:02:26PM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Aug 06, 2002 at 03:02:26PM -0500, D J Hawkey Jr wrote: > Note that I am not associated with The FreeBSD Project in any official > capacity. I'm just filling a hole [as I perceive it] as best I can in my own > little way. And *that*, folks, is how things happen in FreeBSD. ==ml -- Michael Lucas mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org http://www.oreillynet.com/pub/q/Big_Scary_Daemons Absolute BSD: http://www.nostarch.com/abs_bsd.htm To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Aug 7 18:14:50 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B2DB937B400 for ; Wed, 7 Aug 2002 18:14:47 -0700 (PDT) Received: from localhost.neotext.ca (h24-70-64-200.ed.shawcable.net [24.70.64.200]) by mx1.FreeBSD.org (Postfix) with ESMTP id 01E6143E75 for ; Wed, 7 Aug 2002 18:14:46 -0700 (PDT) (envelope-from campbell@babayaga.neotext.ca) Received: from babayaga.neotext.ca (localhost.neotext.ca [127.0.0.1]) by localhost.neotext.ca (8.11.6/8.11.0) with ESMTP id g781F7c79024; Wed, 7 Aug 2002 19:15:07 -0600 (MDT) (envelope-from campbell@babayaga.neotext.ca) From: "Duncan Patton a Campbell is Dhu" To: Michael Lucas , D J Hawkey Jr Cc: oleg@vsi.ru, freebsd-security@FreeBSD.ORG Subject: Re: Merged security patches for 4.3-RELEASE Date: Wed, 7 Aug 2002 19:15:06 -0600 Message-Id: <20020808011506.M36793@babayaga.neotext.ca> In-Reply-To: <20020807121048.A47502@blackhelicopters.org> References: <1028636005.3d4fbd6600b65_webmail.vsi.ru@ns.sol.net> <200208062002.g76K2QA23480@sheol.localdomain> <20020807121048.A47502@blackhelicopters.org> X-Mailer: Open WebMail 1.70 20020712 X-OriginatingIP: 127.0.0.1 (campbell) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org He's a twit who threatens to x-communication people if they laugh about his pathetic spam block -- by putting them in his spam list. Ostrich syndrome, for sure. On the other hand, I haven't yet decided whether to upgrade my 4.3 systems or byte the bullet and upgrade them... So I may wind up depending on the good-work of Ostriches, spam-blocked or not ;-) Duncan Patton a Campbell is Duibh ;-) ---------- Original Message ----------- From: Michael Lucas To: D J Hawkey Jr Sent: Wed, 7 Aug 2002 12:10:48 -0400 Subject: Re: Merged security patches for 4.3-RELEASE > On Tue, Aug 06, 2002 at 03:02:26PM -0500, D J Hawkey > Jr wrote: > > Note that I am not associated with The FreeBSD Project in any official > > capacity. I'm just filling a hole [as I perceive it] as best I can in my own > > little way. > > And *that*, folks, is how things happen in FreeBSD. > > ==ml > > -- > Michael Lucas mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org > http://www.oreillynet.com/pub/q/Big_Scary_Daemons > > Absolute BSD: http://www.nostarch.com/abs_bsd.htm > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the > message ------- End of Original Message ------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Aug 8 9:47: 8 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B426F37B400 for ; Thu, 8 Aug 2002 09:47:05 -0700 (PDT) Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id A36C643E42 for ; Thu, 8 Aug 2002 09:47:04 -0700 (PDT) (envelope-from rjh@mohawk.net) Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21]) by mohegan.mohawk.net (8.11.4/8.11.3) with ESMTP id g78Gl3w09942 for ; Thu, 8 Aug 2002 12:47:03 -0400 (EDT) Date: Thu, 8 Aug 2002 12:47:03 -0400 (EDT) From: Ralph Huntington To: Subject: security upgrade question Message-ID: <20020808123953.X75214-100000@mohegan.mohawk.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi all, forgive me is this is an obvious question. We have numerous fbsd boxes with versions from 4.2 on up. I know I need to cvsup RELENG_4_4 for 4.4-RELEASE, RELENG_4_5 for 4.5, and RELENG_4_6 for 4.6. What's not clear to me is: Are the security patches included in RELENG_4 to use for earlier 4.x boxes? In other words, are the libc problem and the openssl problem and the bind problem and whatever else problem has been advised about recently taken care of in RELENG_4 ?? Thanks much for your advice. - Ralph To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Aug 8 9:53:14 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 608B537B400 for ; Thu, 8 Aug 2002 09:53:12 -0700 (PDT) Received: from radix.cryptio.net (radix.cryptio.net [199.181.107.213]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0B45343E3B for ; Thu, 8 Aug 2002 09:53:12 -0700 (PDT) (envelope-from emechler@radix.cryptio.net) Received: from radix.cryptio.net (localhost [127.0.0.1]) by radix.cryptio.net (8.12.5/8.12.5) with ESMTP id g78Gr2k6008752 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 8 Aug 2002 09:53:02 -0700 (PDT) (envelope-from emechler@radix.cryptio.net) Received: (from emechler@localhost) by radix.cryptio.net (8.12.5/8.12.5/Submit) id g78Gr2a8008751; Thu, 8 Aug 2002 09:53:02 -0700 (PDT) Date: Thu, 8 Aug 2002 09:53:02 -0700 From: Erick Mechler To: Ralph Huntington Cc: freebsd-security@FreeBSD.ORG Subject: Re: security upgrade question Message-ID: <20020808165302.GM343@techometer.net> References: <20020808123953.X75214-100000@mohegan.mohawk.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020808123953.X75214-100000@mohegan.mohawk.net> User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org :: What's not clear to me is: Are the security patches included in RELENG_4 :: to use for earlier 4.x boxes? In other words, are the libc problem and the :: openssl problem and the bind problem and whatever else problem has been :: advised about recently taken care of in RELENG_4 ?? RELENG_4 is the main branch for the FreeBSD 4.x series (-STABLE). Patches into the RELENG_4_4, RELENG_4_5, RELENG_4_6 branch, etc, are, by definition, a part of the main -STABLE branch, RELENG_4. See http://www.freebsd.org/doc/handbook/cvs-tags.html for more information about the various CVS tags in use. Cheers - Erick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Aug 8 10: 1:28 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4BA0D37B400 for ; Thu, 8 Aug 2002 10:01:25 -0700 (PDT) Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9D08B43E77 for ; Thu, 8 Aug 2002 10:01:24 -0700 (PDT) (envelope-from rjh@mohawk.net) Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21]) by mohegan.mohawk.net (8.11.4/8.11.3) with ESMTP id g78H1Lw13337; Thu, 8 Aug 2002 13:01:21 -0400 (EDT) Date: Thu, 8 Aug 2002 13:01:21 -0400 (EDT) From: Ralph Huntington To: Erick Mechler Cc: Subject: Re: security upgrade question In-Reply-To: <20020808165302.GM343@techometer.net> Message-ID: <20020808130033.A75214-100000@mohegan.mohawk.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Thank you. That helps a lot. I wonder if those problems are patched in RELENG_3 as well. On Thu, 8 Aug 2002, Erick Mechler wrote: > :: What's not clear to me is: Are the security patches included in RELENG_4 > :: to use for earlier 4.x boxes? In other words, are the libc problem and the > :: openssl problem and the bind problem and whatever else problem has been > :: advised about recently taken care of in RELENG_4 ?? > > RELENG_4 is the main branch for the FreeBSD 4.x series (-STABLE). Patches > into the RELENG_4_4, RELENG_4_5, RELENG_4_6 branch, etc, are, by > definition, a part of the main -STABLE branch, RELENG_4. See > > http://www.freebsd.org/doc/handbook/cvs-tags.html > > for more information about the various CVS tags in use. > > Cheers - Erick > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Aug 8 10: 6:29 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5A2FC37B400 for ; Thu, 8 Aug 2002 10:06:28 -0700 (PDT) Received: from radix.cryptio.net (radix.cryptio.net [199.181.107.213]) by mx1.FreeBSD.org (Postfix) with ESMTP id E2C3243E6E for ; Thu, 8 Aug 2002 10:06:27 -0700 (PDT) (envelope-from emechler@radix.cryptio.net) Received: from radix.cryptio.net (localhost [127.0.0.1]) by radix.cryptio.net (8.12.5/8.12.5) with ESMTP id g78H6Rk6009038 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 8 Aug 2002 10:06:27 -0700 (PDT) (envelope-from emechler@radix.cryptio.net) Received: (from emechler@localhost) by radix.cryptio.net (8.12.5/8.12.5/Submit) id g78H6Rxg009037; Thu, 8 Aug 2002 10:06:27 -0700 (PDT) Date: Thu, 8 Aug 2002 10:06:27 -0700 From: Erick Mechler To: Ralph Huntington Cc: freebsd-security@FreeBSD.ORG Subject: Re: security upgrade question Message-ID: <20020808170627.GO343@techometer.net> References: <20020808165302.GM343@techometer.net> <20020808130033.A75214-100000@mohegan.mohawk.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020808130033.A75214-100000@mohegan.mohawk.net> User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org :: Thank you. That helps a lot. You're welcome. :: I wonder if those problems are patched in RELENG_3 as well. I'm not sure, but I've seen this page referred to on this list in regard to backports. http://www.visi.com/~hawkeyd/freebsd-backports.html Cheers - Erick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Aug 8 10:10:57 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D794C37B40A for ; Thu, 8 Aug 2002 10:10:51 -0700 (PDT) Received: from hendrix.bsd.st (ADSL235-21.advancedsl.com.ar [200.51.235.21]) by mx1.FreeBSD.org (Postfix) with SMTP id AC34743E5E for ; Thu, 8 Aug 2002 10:10:49 -0700 (PDT) (envelope-from root@datafull.com) Received: (qmail 1557 invoked from network); 8 Aug 2002 17:10:34 -0000 Received: from unknown (HELO datafull.com) (10.0.0.1) by 0 with SMTP; 8 Aug 2002 17:10:34 -0000 Message-ID: <3D52A649.8020101@datafull.com> Date: Thu, 08 Aug 2002 14:11:37 -0300 From: "JP Villa (::DATAFULL.COM::)" Organization: Cuatro Cabezas SA User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2.1) Gecko/20010901 X-Accept-Language: en-us MIME-Version: 1.0 To: Ralph Huntington Cc: freebsd-security@FreeBSD.ORG Subject: Re: security upgrade question References: <20020808130033.A75214-100000@mohegan.mohawk.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org When you cvsup a new src tree, always look for a /usr/src/UPDATING file, which has the info you need now. It's a good practice to look at this before make world, to be sure that src-all is ok. Best regards Juan Pablo Villa Datafull.com Sysadmin Cuatro Cabezas SA Buenos Aires, Argentina Ralph Huntington wrote: > Thank you. That helps a lot. > > I wonder if those problems are patched in RELENG_3 as well. > > > On Thu, 8 Aug 2002, Erick Mechler wrote: > > >>:: What's not clear to me is: Are the security patches included in RELENG_4 >>:: to use for earlier 4.x boxes? In other words, are the libc problem and the >>:: openssl problem and the bind problem and whatever else problem has been >>:: advised about recently taken care of in RELENG_4 ?? >> >>RELENG_4 is the main branch for the FreeBSD 4.x series (-STABLE). Patches >>into the RELENG_4_4, RELENG_4_5, RELENG_4_6 branch, etc, are, by >>definition, a part of the main -STABLE branch, RELENG_4. See >> >> http://www.freebsd.org/doc/handbook/cvs-tags.html >> >>for more information about the various CVS tags in use. >> >>Cheers - Erick >> >> > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Aug 8 10:24: 3 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 995A237B400 for ; Thu, 8 Aug 2002 10:23:59 -0700 (PDT) Received: from d188h80.mcb.uconn.edu (d188h80.mcb.uconn.edu [137.99.188.80]) by mx1.FreeBSD.org (Postfix) with SMTP id EA44843E4A for ; Thu, 8 Aug 2002 10:23:58 -0700 (PDT) (envelope-from sirmoo@cowbert.2y.net) Received: (qmail 18692 invoked by uid 1001); 8 Aug 2002 17:23:58 -0000 Date: Thu, 8 Aug 2002 13:23:58 -0400 From: "Peter C. Lai" To: Ralph Huntington Cc: freebsd-security@FreeBSD.ORG Subject: Re: security upgrade question Message-ID: <20020808172357.GA16252@cowbert.2y.net> Reply-To: peter.lai@uconn.edu References: <20020808123953.X75214-100000@mohegan.mohawk.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020808123953.X75214-100000@mohegan.mohawk.net> User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Aug 08, 2002 at 12:47:03PM -0400, Ralph Huntington wrote: > Hi all, forgive me is this is an obvious question. We have numerous fbsd > boxes with versions from 4.2 on up. I know I need to cvsup RELENG_4_4 for > 4.4-RELEASE, RELENG_4_5 for 4.5, and RELENG_4_6 for 4.6. > > What's not clear to me is: Are the security patches included in RELENG_4 > to use for earlier 4.x boxes? In other words, are the libc problem and the > openssl problem and the bind problem and whatever else problem has been > advised about recently taken care of in RELENG_4 ?? No. RELENG_4 is -STABLE, which is always newer than RELENG_4_6. On the newness scale (measured by the number of commits per time, and corresponding stability) you see: 5-CURRENT (RELENG_5?) <-- most new; active development version STABLE (RELENG_4), <-- fbsd 4.x stable leading on to the next point release SECURITY RELEASE (RELENG_4_X), <-- only security patches version 3 (RELENG_3), <-- no new code introduced at all decrepitly old (RELENG_2?) <-- fbsd 2.x Hopefully no one uses this anymore Changes are made to -CURRENT and after tested for stability are MFC'd to -STABLE. To minimize new code introduction to maintain further stability, security branch was created; these only contain the security patches, unlike releng_4 that contain new code trickled down from 5. There are backports available for older releases. Recently we were plugging DJ Hawkey's work: http://www.visi.com/~hawkeyd/freebsd-backports.html > > Thanks much for your advice. - Ralph > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology | Undergraduate Research Assistant Yale University School of Medicine Center for Medical Informatics | Research Assistant http://cowbert.2y.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Aug 8 11:11:27 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 11EFB37B400 for ; Thu, 8 Aug 2002 11:11:25 -0700 (PDT) Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5CA9B43E5E for ; Thu, 8 Aug 2002 11:11:24 -0700 (PDT) (envelope-from rjh@mohawk.net) Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21]) by mohegan.mohawk.net (8.11.4/8.11.3) with ESMTP id g78IBNw30953; Thu, 8 Aug 2002 14:11:23 -0400 (EDT) Date: Thu, 8 Aug 2002 14:11:23 -0400 (EDT) From: Ralph Huntington To: Cc: Subject: Re: security upgrade question In-Reply-To: <20020808172357.GA16252@cowbert.2y.net> Message-ID: <20020808140643.O75214-100000@mohegan.mohawk.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Thank you, Peter... > > ... have the libc problem and the openssl problem and > > the bind problem and whatever else problem been > > taken care of in RELENG_4 ?? > > No. RELENG_4 is -STABLE, which is always newer than RELENG_4_6. So, if RELENG_4 is always newer than RELENG_4_6 and RELENG_4_6 has been patched for the problems mentioned above, wouldn't RELENG_4 either be patched or have newer versions of the programs? In other words, if RELENG_4 is the STABLE version leading to the next point RELEASE, wouldn't it have the security problems taken care of already? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Aug 8 11:32:49 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 767F937B400 for ; Thu, 8 Aug 2002 11:32:47 -0700 (PDT) Received: from radix.cryptio.net (radix.cryptio.net [199.181.107.213]) by mx1.FreeBSD.org (Postfix) with ESMTP id DC0DA43E5E for ; Thu, 8 Aug 2002 11:32:46 -0700 (PDT) (envelope-from emechler@radix.cryptio.net) Received: from radix.cryptio.net (localhost [127.0.0.1]) by radix.cryptio.net (8.12.5/8.12.5) with ESMTP id g78IWkk6011125 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 8 Aug 2002 11:32:46 -0700 (PDT) (envelope-from emechler@radix.cryptio.net) Received: (from emechler@localhost) by radix.cryptio.net (8.12.5/8.12.5/Submit) id g78IWkKW011124; Thu, 8 Aug 2002 11:32:46 -0700 (PDT) Date: Thu, 8 Aug 2002 11:32:46 -0700 From: Erick Mechler To: Ralph Huntington Cc: peter.lai@uconn.edu, freebsd-security@FreeBSD.ORG Subject: Re: security upgrade question Message-ID: <20020808183246.GS343@techometer.net> References: <20020808172357.GA16252@cowbert.2y.net> <20020808140643.O75214-100000@mohegan.mohawk.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020808140643.O75214-100000@mohegan.mohawk.net> User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org :: patched or have newer versions of the programs? In other words, if :: RELENG_4 is the STABLE version leading to the next point RELEASE, wouldn't :: it have the security problems taken care of already? Yes it will. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Aug 8 11:37:38 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 75FC537B405 for ; Thu, 8 Aug 2002 11:37:35 -0700 (PDT) Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1947F43E7B for ; Thu, 8 Aug 2002 11:37:34 -0700 (PDT) (envelope-from rjh@mohawk.net) Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21]) by mohegan.mohawk.net (8.11.4/8.11.3) with ESMTP id g78IbVw37413; Thu, 8 Aug 2002 14:37:31 -0400 (EDT) Date: Thu, 8 Aug 2002 14:37:31 -0400 (EDT) From: Ralph Huntington To: Erick Mechler Cc: , Subject: Re: security upgrade question In-Reply-To: <20020808183246.GS343@techometer.net> Message-ID: <20020808143659.P75214-100000@mohegan.mohawk.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > :: patched or have newer versions of the programs? In other words, if > :: RELENG_4 is the STABLE version leading to the next point RELEASE, wouldn't > :: it have the security problems taken care of already? > > Yes it will. Okay, I think I understand about it now. Thanks to all who responded. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Aug 8 18:27:13 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3CB8537B400 for ; Thu, 8 Aug 2002 18:27:07 -0700 (PDT) Received: from localhost.neotext.ca (h24-70-64-200.ed.shawcable.net [24.70.64.200]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9D20243E6E for ; Thu, 8 Aug 2002 18:27:05 -0700 (PDT) (envelope-from campbell@babayaga.neotext.ca) Received: from babayaga.neotext.ca (localhost.neotext.ca [127.0.0.1]) by localhost.neotext.ca (8.11.6/8.11.0) with ESMTP id g791RkA38220; Thu, 8 Aug 2002 19:27:46 -0600 (MDT) (envelope-from campbell@babayaga.neotext.ca) From: "Duncan Patton a Campbell is Dhu" To: hawkeyd@visi.com, Duncan Patton a Campbell is Dhu Cc: freebsd-security@FreeBSD.ORG Subject: Was: Merged security patches, now SPAM Date: Thu, 8 Aug 2002 19:27:46 -0600 Message-Id: <20020809012746.M17312@babayaga.neotext.ca> In-Reply-To: <20020806192150.A23951@sheol.localdomain> References: <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net> <200208061927.g76JRrN23297@sheol.localdomain> <20020806234806.M95953@babayaga.neotext.ca> <20020806192150.A23951@sheol.localdomain> X-Mailer: Open WebMail 1.70 20020712 X-OriginatingIP: 127.0.0.1 (campbell) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hmm. I've been thinking that the problem of spam is one of human identity and not a machine issue -- an identifiable human signator of an email is a fairly good bet that you want to read it. So probably a more general approach to reducing robo-mail would be to have standardised hooks to PGP in all emailers, useable by the massess. When email was first introduced, this should have been a standard feature, but for various reasons wasn't. Authorship provides human authority to otherwise meaningless clusters of bits. This application of security technology is actually of more significance than is secrecy. The reason this is not a signed message is that I'm always trying out web/email clients and long ago found that they don't make pgp integration easy in all of them. Interestingly, I am currently using a thing called Openwebmail, which is descended from something called Neomail. The first pc mail client I built was called neomail, and from its inception, contained full pgp integration. Which, I might add, made a lot of folks unhappy at the time. To wax philosophic, I'd have to say that SPAM is Murphy's revenge for an unfinished implementation. Duncan Patton a Campbell is Duibh ;-) ---------- Original Message ----------- From: D J Hawkey Jr To: Duncan Patton a Campbell is Dhu Sent: Tue, 6 Aug 2002 19:21:50 -0500 Subject: Re: Merged security patches for 4.3-RELEASE > On Aug 06, at 05:48 PM, Duncan Patton a Campbell is > Dhu wrote: > > > > Spamset Faraway??? Keeps out all that nasty spam from the > > Viking probe, > > I guess. > > > > Duncan Patton a Campbell is Duibh ;-) > > Am I supposed to understand any of this? Does it have > anything to do with FreeBSD security issues? > > Or shall I see to it I shan't see you again? > > > ---------- Original Message ----------- > > From: hawkeyd@visi.com (D J Hawkey Jr) > > To: oleg@vsi.ru, freebsd-security@FreeBSD.ORG > > Sent: Tue, 6 Aug 2002 14:27:53 -0500 (CDT) > > Subject: Re: Merged security patches for 4.3-RELEASE > > > > > In article > > > <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net>, > > > oleg@vsi.ru writes: > > > > Цитирую Bob K : > > > > > > > >> > Does the FreeBSD community concerned with these "merged" > > and tested > > > >> patches ? > > > >> > Since I forced to merge these (and all new) security > > patches to 4.0 > > > >> and 4.3, I > > > >> > always can grant them to FreeBSD community. > > > >> > > > >> Whether or not they get merged in with the older security > > branches, > > > >> perhaps you could combine your resources with these guys? > > > >> > > > >> http://www.visi.com/~hawkeyd/freebsd-backports.html > > > > > > > > All right, I just wrote e-mail to hawkeyd@visi.com, and it > > was rejected by odd > > > > antispam filter. Does anybody know how to contact with this > > person ? Can I see > > > > him there, for example ? It seems that his antispam filter > > passion (see link on > > > > his page) plays poor joke with him ;-) > > > > > > No, SpamFilters isn't playing any joke - SpamAssassin > > > flagged your mail with "CHARSET_FARAWAY", meaning it > > > isn't something I'm able to read (supposedly), so > > > SpamFilters rejected it accordingly. > > > > > > I've lifted that particular SpamAssassin status, if > > > you wish to try again. > > > > > > Thanks for thinking of me and my FreeBSD Backports > > > page though! Dave > > > > > > PS, I didn't know anyone here knew I had put up > > > SpamFilters! Yes, spam has become passion of mine. > > > > > ------- End of Original Message ------- ------- End of Original Message ------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Aug 9 0:17:55 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 27D8637B400 for ; Fri, 9 Aug 2002 00:17:49 -0700 (PDT) Received: from localhost.neotext.ca (h24-70-64-200.ed.shawcable.net [24.70.64.200]) by mx1.FreeBSD.org (Postfix) with ESMTP id E45B043E70 for ; Fri, 9 Aug 2002 00:17:47 -0700 (PDT) (envelope-from campbell@babayaga.neotext.ca) Received: from babayaga.neotext.ca (localhost.neotext.ca [127.0.0.1]) by localhost.neotext.ca (8.11.6/8.11.0) with ESMTP id g797IOA39022; Fri, 9 Aug 2002 01:18:25 -0600 (MDT) (envelope-from campbell@babayaga.neotext.ca) From: "Duncan Patton a Campbell is Dhu" To: dsyphers@uchicago.edu Cc: security@freebsd.org Subject: Re: Was: Merged security patches, now SPAM Date: Fri, 9 Aug 2002 01:18:24 -0600 Message-Id: <20020809071824.M49009@babayaga.neotext.ca> In-Reply-To: <200208082210.40484.dsyphers@uchicago.edu> References: <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net> <20020806192150.A23951@sheol.localdomain> <20020809012746.M17312@babayaga.neotext.ca> <200208082210.40484.dsyphers@uchicago.edu> X-Mailer: Open WebMail 1.70 20020712 X-OriginatingIP: 127.0.0.1 (campbell) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hmm. Either you didn't read what I wrote, or we don't agree. The current spam flood is a direct result of "security" organizations with an inability to recognize a necessary and appropriate use of encryption technology. Many of these groups (but not all of them) reside in your country. Security in a systems sense includes concepts of accuracy, availability and salience of information. Spam is an example where a lot of technologically illiterate trained house-cats in the "Security" business failed to comprehend this and crippled an entire technology with a flawed implementation. The question I put (in roundabout fashion) was "Why isn't PGP an integral part of email clients". In this sense it is germaine to "security@freebsd.org". Thanks, Duncan Patton a Campbell is Duibh ;-) ---------- Original Message ----------- From: David Syphers To: "Duncan Patton a Campbell is Dhu" Sent: Thu, 8 Aug 2002 22:10:40 -0500 Subject: Re: Was: Merged security patches, now SPAM > Merged security patches was a topic appropriate for > freebsd-security. The general philosophy of SPAM is > not. Thanks. > > -David > > On Thursday 08 August 2002 08:27 pm, Duncan Patton a > Campbell is Dhu wrote: > > Hmm. I've been thinking that the problem of spam is one of > > human identity > > and not a machine issue -- an identifiable human signator of an > > email is > > a fairly good bet that you want to read it. So probably a more > > general > > approach to reducing robo-mail would be to have standardised > > hooks > > to PGP in all emailers, useable by the massess. > > > > When email was first introduced, this should have been a > > standard feature, > > but for various reasons wasn't. Authorship provides human > > authority to otherwise meaningless clusters of bits. This > > application of security technology > > is actually of more significance than is secrecy. > > > > The reason this is not a signed message is that I'm always > > trying out > > web/email clients and long ago found that they don't make pgp > > integration easy in all of them. Interestingly, I am currently > > using > > a thing called Openwebmail, which is descended from something > > called Neomail. The first pc mail client I built was > > called > > neomail, and from its inception, contained full pgp integration. > > Which, I might add, made a lot of folks unhappy at the time. > > > > To wax philosophic, I'd have to say that SPAM is Murphy's > > revenge for an unfinished implementation. > > > > Duncan Patton a Campbell is Duibh ;-) > > > > ---------- Original Message ----------- > > From: D J Hawkey Jr > > To: Duncan Patton a Campbell is Dhu > > Sent: Tue, 6 Aug 2002 19:21:50 -0500 > > Subject: Re: Merged security patches for 4.3-RELEASE > > > > > On Aug 06, at 05:48 PM, Duncan Patton a Campbell is > > > Dhu wrote: > > > > > > > > Spamset Faraway??? Keeps out all that nasty spam from the > > > > Viking probe, > > > > I guess. > > > > > > > > Duncan Patton a Campbell is Duibh ;-) > > > > > > Am I supposed to understand any of this? Does it have > > > anything to do with FreeBSD security issues? > > > > > > Or shall I see to it I shan't see you again? > > > > > > > ---------- Original Message ----------- > > > > From: hawkeyd@visi.com (D J Hawkey Jr) > > > > To: oleg@vsi.ru, freebsd-security@FreeBSD.ORG > > > > Sent: Tue, 6 Aug 2002 14:27:53 -0500 (CDT) > > > > Subject: Re: Merged security patches for 4.3-RELEASE > > > > > > > > > In article > > > > > <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net>, > > > > > oleg@vsi.ru writes: > > > > > > Цитирую Bob K : > > > > > > > > > > > >> > Does the FreeBSD community concerned with these > > "merged" > > > > and tested > > > > > >> patches ? > > > > > >> > Since I forced to merge these (and all new) security > > > > patches to 4.0 > > > > > >> and 4.3, I > > > > > >> > always can grant them to FreeBSD community. > > > > > >> > > > > > >> Whether or not they get merged in with the older > > security > > > > branches, > > > > > >> perhaps you could combine your resources with these > > guys? > > > > > >> > > > > > >> http://www.visi.com/~hawkeyd/freebsd-backports.html > > > > > > > > > > > > All right, I just wrote e-mail to hawkeyd@visi.com, and > > it > > > > was rejected by odd > > > > > > antispam filter. Does anybody know how to contact with > > this > > > > person ? Can I see > > > > > > him there, for example ? It seems that his antispam > > filter > > > > passion (see link on > > > > > > his page) plays poor joke with him ;-) > > > > > > > > > > No, SpamFilters isn't playing any joke - SpamAssassin > > > > > flagged your mail with "CHARSET_FARAWAY", meaning it > > > > > isn't something I'm able to read (supposedly), so > > > > > SpamFilters rejected it accordingly. > > > > > > > > > > I've lifted that particular SpamAssassin status, if > > > > > you wish to try again. > > > > > > > > > > Thanks for thinking of me and my FreeBSD Backports > > > > > page though! Dave > > > > > > > > > > PS, I didn't know anyone here knew I had put up > > > > > SpamFilters! Yes, spam has become passion of mine. > > > > > > > > > ------- End of Original Message ------- > > ------- End of Original Message ------- > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > ------- End of Original Message ------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Aug 9 1:23:23 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1E37437B400; Fri, 9 Aug 2002 01:23:17 -0700 (PDT) Received: from blues.jpj.net (blues.jpj.net [208.210.80.156]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6868743E6E; Fri, 9 Aug 2002 01:23:16 -0700 (PDT) (envelope-from trevor@jpj.net) Received: from blues.jpj.net (localhost.jpj.net [127.0.0.1]) by blues.jpj.net (8.12.3/8.12.3) with ESMTP id g798Mmot094811; Fri, 9 Aug 2002 04:22:48 -0400 (EDT) (envelope-from trevor@jpj.net) Received: from localhost (trevor@localhost) by blues.jpj.net (8.12.3/8.12.3/Submit) with ESMTP id g798MlWM094808; Fri, 9 Aug 2002 04:22:48 -0400 (EDT) X-Authentication-Warning: blues.jpj.net: trevor owned process doing -bs Date: Fri, 9 Aug 2002 04:22:47 -0400 (EDT) From: Trevor Johnson To: "Peter C. Lai" Cc: Dag-Erling Smorgrav , Mike Tancsa , Ruslan Ermilov , Subject: Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1] In-Reply-To: <20020801124049.B18439@cowbert.2y.net> Message-ID: <20020801125134.R19455-100000@blues.jpj.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Peter C. Lai wrote: > On Thu, Aug 01, 2002 at 08:38:11AM -0400, Trevor Johnson wrote: > > On 1 Aug 2002, Dag-Erling Smorgrav wrote: > > > > > Trevor Johnson writes: > > > > This is the section of http://www.openbsd.org/security.html#default which > > > > I had hoped you would read: > > > > [...] > > > > > > This is the section of Webster's 7th edition dictionary which I had > > > hoped you would read: > > > > > > 1. no \(')n{o-}\ av [ME, fr. OE n{a-}, fr. ne not + > > > {a-} always; akin to ON & OHG ne not, L ne-, Gk > > > n{e-}- -- more at AYE] chiefly Scot > > > 1a: NOT > > > > Why not? Do you have a reason? > > Production level reasons. > 1. We already stated that it would be difficult for management of large installations to do this. Some large organizations have standardized on protocol version 2. Changing the default to protocol version 1 creates difficulties for them. NERSC recently (winter 2001-2002) upgraded all its machines to the most secure protocol 2 versions of SSH. [...] NERSC strongly recommends that you use protocol 2 if possible. --http://hpcf.nersc.gov/help/access/unixssh/ [...] anyone still running version 1 of the SSH protocol should be restricting access to their servers as far as possible and looking to upgrade to servers and clients that support version 2. -- http://www.ja.net/CERT/JANET-CERT/activity/reports/200112.html > 2. Stable is supposed to be stable. We've still got lots of people on 4.2,4.3,4.4, and 4.5 out there > who are living quite nicely with their setups. > We've got people who's installation is destined to sit in a corner to gather > dust and do some processing every day, week, or month while the maintainers > have either left or moved on and no one really notices it is there but would > seriously "miss" it should it be disturbed in some way. (Note that lack > of maintenance doesn't imply that the system wasn't set up or designed for this > eventuality). This means that getting rid of protocol 1 completely > really wouldn't "increase" the number of secure systems from a statistical > standpoint. I'm not asking that protocol version 1 be removed, only that it not be set as the default in the configuration files. The existence of unmaintained computers does not justify making new installations vulnerable. > 3. We aren't OpenBSD. > Our target audience is somewhat different. We wish to deliver an > enterprise level operating solution for free. > That is all we claim to do. We aren't trying to set any records (regarding > security or otherwise). > > Making other people's lives harder for the sake of some hypothetical gains > isn't good customer service or marketing. Migrate to OpenBSD if you want > that sort of thing (and post your wishes on their mailing lists instead of here). > The list charter when I joined said: FREEBSD-SECURITY Security issues FreeBSD computer security issues (DES, Kerberos, known security holes and fixes, etc). This is a known security hole: SSH Communications Security considers the SSH1 protocol deprecated and does not recommend the use of it. As of 1 May 2001, SSH Secure Shell 1.x will no longer be available from this site. Please modify your product plans accordingly. The SSH2 protocol is in the process of becoming an IETF standard and is not subject to the security vulnerabilities found in SSH1. Therefore, we will continue to focus on the newer SSH2 protocol as we offer, update, upgrade and maintain SSH Secure Shell 2.x (and higher) of the software. -- http://www.ssh.com/products/ssh/deprecation.cfm X-Force recommends upgrading to new SSH Version 2 support if possible. If SSH Version 1 is not used, disable fallback and remove old sshd Version 1 binaries. Please refer to your vendor to obtain patch and upgrade information. -- http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?id=advise100 If you are running sshd, disable the use of the SSH1 protocol in OpenSSH. SSH1 contains inherent protocol deficiencies and is not recommended for use in high-security environments. -- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:24.ssh.asc -- Trevor Johnson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Aug 9 4:50:19 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4A4AB37B400 for ; Fri, 9 Aug 2002 04:50:17 -0700 (PDT) Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 86AB143E4A for ; Fri, 9 Aug 2002 04:50:16 -0700 (PDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: from khavrinen.lcs.mit.edu (localhost [IPv6:::1]) by khavrinen.lcs.mit.edu (8.12.3/8.12.5) with ESMTP id g79Bo586004885 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=OK); Fri, 9 Aug 2002 07:50:05 -0400 (EDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.12.3/8.12.5/Submit) id g79Bo48Z004882; Fri, 9 Aug 2002 07:50:04 -0400 (EDT) (envelope-from wollman) Date: Fri, 9 Aug 2002 07:50:04 -0400 (EDT) From: Garrett Wollman Message-Id: <200208091150.g79Bo48Z004882@khavrinen.lcs.mit.edu> To: "Duncan Patton a Campbell is Dhu" Cc: security@FreeBSD.ORG Subject: Re: Was: Merged security patches, now SPAM In-Reply-To: <20020809071824.M49009@babayaga.neotext.ca> References: <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net> <20020806192150.A23951@sheol.localdomain> <20020809012746.M17312@babayaga.neotext.ca> <200208082210.40484.dsyphers@uchicago.edu> <20020809071824.M49009@babayaga.neotext.ca> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org < said: > The question I put (in roundabout fashion) was "Why isn't PGP an > integral > part of email clients". In this sense it is germaine to > "security@freebsd.org". No, it is not. Now please drop it. If you care about this so much, then go annoy the lists for the relevant MUAs. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Aug 9 8:51:29 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2092C37B400 for ; Fri, 9 Aug 2002 08:51:26 -0700 (PDT) Received: from smtp-send.myrealbox.com (smtp-send.myrealbox.com [192.108.102.143]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9ADD243E6E for ; Fri, 9 Aug 2002 08:51:24 -0700 (PDT) (envelope-from keyboard_sialan@myrealbox.com) Received: from revenge keyboard_sialan@smtp-send.myrealbox.com [202.158.47.167] by smtp-send.myrealbox.com with NetMail SMTP Agent $Revision: 3.11 $ on Novell NetWare; Fri, 09 Aug 2002 09:51:24 -0600 Message-ID: <001a01c23fbc$8c2dab80$cd01a8c0@revenge> From: "-=r4hm4n=-" To: Subject: mail anti virus Date: Fri, 9 Aug 2002 22:50:48 +0700 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0015_01C23FF7.3444EEC0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0015_01C23FF7.3444EEC0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable any body can tell me what is best mail antivirus for freebsd ? ------=_NextPart_000_0015_01C23FF7.3444EEC0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
any body can tell me what is best mail = antivirus=20 for freebsd ?
 
 
------=_NextPart_000_0015_01C23FF7.3444EEC0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Aug 9 9: 1:40 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C1AC637B400 for ; Fri, 9 Aug 2002 09:01:34 -0700 (PDT) Received: from gate.bulinfo.net (gate.bulinfo.net [212.72.195.1]) by mx1.FreeBSD.org (Postfix) with SMTP id 176C443E7B for ; Fri, 9 Aug 2002 09:01:33 -0700 (PDT) (envelope-from kleo@bulinfo.net) Received: (qmail 4812 invoked from network); 9 Aug 2002 15:54:47 -0000 Received: from vertigo.bulinfo.net (HELO djaba) (212.72.195.3) by gate.bulinfo.net with SMTP; 9 Aug 2002 15:54:47 -0000 Message-ID: <002701c23fbd$180d7860$0a02a8c0@bulinfo.net> From: "Kliment Ognianov" To: References: <001a01c23fbc$8c2dab80$cd01a8c0@revenge> Subject: Re: mail anti virus Date: Fri, 9 Aug 2002 18:54:50 +0300 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0024_01C23FD6.3D2855C0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0024_01C23FD6.3D2855C0 Content-Type: text/plain; charset="windows-1251" Content-Transfer-Encoding: quoted-printable Probably the best is the KAVKeeper from Kaspersky Lab. The Power to Serve!=20 ..................................... : Kliment Ognianov : : Network Administrator & Developer : : BulInfo Networks Department : :...................................: : http://www.bulinfo.net/ : :...................................: : +(359)-2-9699165 : : ICQ #16864572, #64866894 : :...................................: ----- Original Message -----=20 From: -=3Dr4hm4n=3D-=20 To: freebsd-security@FreeBSD.ORG=20 Sent: Friday, August 09, 2002 6:50 PM Subject: mail anti virus any body can tell me what is best mail antivirus for freebsd ? ------=_NextPart_000_0024_01C23FD6.3D2855C0 Content-Type: text/html; charset="windows-1251" Content-Transfer-Encoding: quoted-printable
Probably the best is the KAVKeeper from Kaspersky=20 Lab.
 
The Power to=20 Serve! 
.....................................
: Kliment Ognianov                  :
: Network Administrator & Developer :
: BulInfo Networks Department       :
:...................................:
: http://www.bulinfo.net/           :
:...................................:
: +(359)-2-9699165                  :
: ICQ #16864572, #64866894          :
:...................................:
----- Original Message -----
From:=20 -=3Dr4hm4n=3D- =
Sent: Friday, August 09, 2002 = 6:50=20 PM
Subject: mail anti virus

any body can tell me what is best = mail antivirus=20 for freebsd ?
 
 
------=_NextPart_000_0024_01C23FD6.3D2855C0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Aug 9 10: 9:37 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 765D737B406 for ; Fri, 9 Aug 2002 10:09:35 -0700 (PDT) Received: from mail.dada.it (mail2.dada.it [195.110.100.2]) by mx1.FreeBSD.org (Postfix) with SMTP id 11C5D43EB7 for ; Fri, 9 Aug 2002 10:09:29 -0700 (PDT) (envelope-from ale@unixmania.net) Received: (qmail 4909 invoked from network); 9 Aug 2002 17:09:21 -0000 Received: from unknown (HELO libero.sunshine.ale) (195.110.114.252) by mail.dada.it with SMTP; 9 Aug 2002 17:09:21 -0000 Received: by libero.sunshine.ale (Postfix, from userid 1001) id 287C05FA7; Fri, 9 Aug 2002 19:09:22 +0200 (CEST) Date: Fri, 9 Aug 2002 19:09:22 +0200 From: Alessandro de Manzano To: -=r4hm4n=- Cc: freebsd-security@FreeBSD.ORG Subject: Re: mail anti virus Message-ID: <20020809190922.A75419@libero.sunshine.ale> Reply-To: Alessandro de Manzano References: <001a01c23fbc$8c2dab80$cd01a8c0@revenge> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <001a01c23fbc$8c2dab80$cd01a8c0@revenge>; from keyboard_sialan@myrealbox.com on Fri, Aug 09, 2002 at 10:50:48PM +0700 X-Operating-System: FreeBSD 4.6-STABLE Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Aug 09, 2002 at 10:50:48PM +0700, -=r4hm4n=- wrote: > any body can tell me what is best mail antivirus for freebsd ? Of course it depends. However we are very happy with RAV for FreeBSD. www.ravantivirus.com works great! -- bye! Ale To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Aug 9 10:15:45 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4505A37B400 for ; Fri, 9 Aug 2002 10:15:43 -0700 (PDT) Received: from www.opentrade.cl (50-126-141.leased.cust.tie.cl [200.50.126.141]) by mx1.FreeBSD.org (Postfix) with ESMTP id 42A0843E4A for ; Fri, 9 Aug 2002 10:15:41 -0700 (PDT) (envelope-from jseverino@fritz.cl) Received: from pc ([192.168.1.10]) by www.opentrade.cl (8.12.2/8.12.2) with SMTP id g79HIXQU026114 for ; Fri, 9 Aug 2002 10:18:33 -0700 (PDT) Message-ID: <000e01c23fc8$c64c6660$0a01a8c0@opentrade.cl> Reply-To: "Jorge Severino Diaz" From: "Jorge Severino Diaz" To: References: <20020808143659.P75214-100000@mohegan.mohawk.net> Subject: unsubscribe Date: Fri, 9 Aug 2002 13:18:26 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org unsubscribe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Aug 9 10:46: 3 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5E91637B400 for ; Fri, 9 Aug 2002 10:46:01 -0700 (PDT) Received: from I-Sphere.COM (shell.i-sphere.com [209.249.146.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id EE2C543E3B for ; Fri, 9 Aug 2002 10:46:00 -0700 (PDT) (envelope-from fasty@shell.i-sphere.com) Received: from shell.i-sphere.com (fasty@shell [209.249.146.70]) by I-Sphere.COM (8.12.3/8.12.3) with ESMTP id g79HkaMj058027; Fri, 9 Aug 2002 10:46:36 -0700 (PDT) (envelope-from fasty@shell.i-sphere.com) Received: (from fasty@localhost) by shell.i-sphere.com (8.12.3/8.12.3/Submit) id g79HkaKq058026; Fri, 9 Aug 2002 10:46:36 -0700 (PDT) Date: Fri, 9 Aug 2002 10:46:36 -0700 From: faSty To: -=r4hm4n=- Cc: freebsd-security@FreeBSD.ORG Subject: Re: mail anti virus Message-ID: <20020809174636.GB57936@i-sphere.com> Mail-Followup-To: faSty , -=r4hm4n=- , freebsd-security@FreeBSD.ORG References: <001a01c23fbc$8c2dab80$cd01a8c0@revenge> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <001a01c23fbc$8c2dab80$cd01a8c0@revenge> User-Agent: Mutt/1.4i X-Virus-Scanned: by amavisd-milter (http://amavis.org/) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org amavisd-new with milter. You will need have Sendmail support feature of milter. -fasty On Fri, Aug 09, 2002 at 10:50:48PM +0700, -=r4hm4n=- wrote: > any body can tell me what is best mail antivirus for freebsd ? > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Aug 9 11:18:22 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8417A37B400 for ; Fri, 9 Aug 2002 11:18:19 -0700 (PDT) Received: from walter.dfmm.org (walter.dfmm.org [209.151.233.240]) by mx1.FreeBSD.org (Postfix) with ESMTP id 21B6843E65 for ; Fri, 9 Aug 2002 11:18:19 -0700 (PDT) (envelope-from jason@shalott.net) Received: (qmail 53354 invoked by uid 1000); 9 Aug 2002 18:18:13 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 9 Aug 2002 18:18:13 -0000 Date: Fri, 9 Aug 2002 11:18:13 -0700 (PDT) From: Jason Stone X-X-Sender: To: -=r4hm4n=- Cc: Subject: Re: mail anti virus In-Reply-To: <001a01c23fbc$8c2dab80$cd01a8c0@revenge> Message-ID: <20020809111727.N15576-100000@walter> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > any body can tell me what is best mail antivirus for freebsd ? I use sophos with qmail and qmail-scanner. I'm pretty pleased with it. -Jason ----------------------------------------------------------------------- I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say "Daddy, where were you when they took freedom of the press away from the Internet?" -- Mike Godwin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: See https://private.idealab.com/public/jason/jason.gpg iD8DBQE9VAdlswXMWWtptckRAg9WAJ47a8feKAJI7cQ0ShxaCE7R0BRGnACdG2lb 48PkxjpqgrGjpArj/Trj7us= =iGfF -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Aug 9 17:21:14 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 85FCD37B400 for ; Fri, 9 Aug 2002 17:21:08 -0700 (PDT) Received: from ns3.ideathcare.com (mail.allneo.com [216.185.96.68]) by mx1.FreeBSD.org (Postfix) with SMTP id A536C43E42 for ; Fri, 9 Aug 2002 17:21:07 -0700 (PDT) (envelope-from jps@funeralexchange.com) Received: (qmail 44035 invoked by uid 85); 9 Aug 2002 17:25:45 -0000 Received: from jps@funeralexchange.com by ns3.ideathcare.com with qmail-scanner-1.03 (uvscan: v4.1.40/v4121. . Clean. Processed in 0.167457 secs); 09 Aug 2002 17:25:45 -0000 Received: from unknown (HELO pimpin) (216.138.114.143) by mail.allneo.com with SMTP; 9 Aug 2002 17:25:45 -0000 Reply-To: From: "Jeremy Suo-Anttila" To: "Alessandro de Manzano" , "-=r4hm4n=-" Cc: Subject: RE: mail anti virus Date: Fri, 9 Aug 2002 12:20:31 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300 Importance: Normal In-Reply-To: <20020809190922.A75419@libero.sunshine.ale> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Real men use qmail & qmail-scanner ;) -----Original Message----- From: owner-freebsd-security@FreeBSD.ORG [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Alessandro de Manzano Sent: Friday, August 09, 2002 12:09 PM To: -=r4hm4n=- Cc: freebsd-security@FreeBSD.ORG Subject: Re: mail anti virus On Fri, Aug 09, 2002 at 10:50:48PM +0700, -=r4hm4n=- wrote: > any body can tell me what is best mail antivirus for freebsd ? Of course it depends. However we are very happy with RAV for FreeBSD. www.ravantivirus.com works great! -- bye! Ale To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Aug 9 17:58:36 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0A44137B401 for ; Fri, 9 Aug 2002 17:58:30 -0700 (PDT) Received: from newmail.halenet.com.au (newmail.halenet.com.au [203.55.33.235]) by mx1.FreeBSD.org (Postfix) with ESMTP id 57C5943E72 for ; Fri, 9 Aug 2002 17:58:27 -0700 (PDT) (envelope-from timbo@halenet.com.au) Received: (from root@localhost) by newmail.halenet.com.au (8.11.6/8.11.6) id g7A102F54877 for freebsd-security@freebsd.org; Sat, 10 Aug 2002 11:00:02 +1000 (EST) (envelope-from timbo@halenet.com.au) Received: from laptop (modem-131-st.halenet.com.au [203.55.33.131]) by newmail.halenet.com.au (8.11.6/8.11.6) with SMTP id g7A0xvp54785 for ; Sat, 10 Aug 2002 10:59:58 +1000 (EST) (envelope-from timbo@halenet.com.au) Message-ID: <049901c24008$5217c240$6500a8c0@halenet.com.au> From: "Tim McCullagh" To: References: <20020809111727.N15576-100000@walter> Subject: Re: mail anti virus Date: Sat, 10 Aug 2002 10:53:16 +1000 MIME-Version: 1.0 X-scanner: scanned by Inflex 1.0.10 - (http://pldaniels.com/inflex/) Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4807.1700 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I have used / and use Amavis and inflex with either mcafee or sophos. all worked well. Sophos have / had a better licence agreement so I am using their antivirus now with Amavis and inflex. Inflex allows you to scan for text as well and block some spam Regards Tim From: "Jason Stone" To: "-=r4hm4n=-" Cc: Sent: Saturday, August 10, 2002 4:18 AM Subject: Re: mail anti virus > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > > any body can tell me what is best mail antivirus for freebsd ? > > I use sophos with qmail and qmail-scanner. I'm pretty pleased with it. > > > -Jason > > ----------------------------------------------------------------------- > I worry about my child and the Internet all the time, even though she's > too young to have logged on yet. Here's what I worry about. I worry > that 10 or 15 years from now, she will come to me and say "Daddy, where > were you when they took freedom of the press away from the Internet?" > -- Mike Godwin > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (FreeBSD) > Comment: See https://private.idealab.com/public/jason/jason.gpg > > iD8DBQE9VAdlswXMWWtptckRAg9WAJ47a8feKAJI7cQ0ShxaCE7R0BRGnACdG2lb > 48PkxjpqgrGjpArj/Trj7us= > =iGfF > -----END PGP SIGNATURE----- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sat Aug 10 0:32:36 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5496437B400; Sat, 10 Aug 2002 00:32:31 -0700 (PDT) Received: from www.esn.net (www.gld.com [207.14.235.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5594443E6A; Sat, 10 Aug 2002 00:32:30 -0700 (PDT) (envelope-from www@www.esn.net) Received: by www.esn.net (8.11.6/8.10.1) id g7A7iMO26575; Sat, 10 Aug 2002 03:44:22 -0400 (EDT) Date: Sat, 10 Aug 2002 03:44:22 -0400 (EDT) Message-Id: <200208100744.g7A7iMO26575@www.esn.net> To: , www.mountolivetribune.com@FreeBSD.ORG, , www.mountolivetribune.com@FreeBSD.ORG, , www.mountolivetribune.com@FreeBSD.ORG, , www.mountolivetribune.com@FreeBSD.ORG, , www.mountolivetribune.com@FreeBSD.ORG From: sharmainep@ihug.com (sharmainep@ihug.com) Subject: Webcams!... Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Below is the result of your feedback form. It was submitted by sharmainep@ihug.com (sharmainep@ihug.com) on Saturday, August 10, 2002 at 03:44:22 --------------------------------------------------------------------------- 916s0c: Hi, just got done putting up the cams, so come and take a look http://rd.yahoo.com/dir/?http://members.lycos.co.uk/hyaif893/livecams.html Click here! 5lllo1lodj --------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sat Aug 10 4:39:12 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 312FE37B400 for ; Sat, 10 Aug 2002 04:39:10 -0700 (PDT) Received: from diablo.nbi.com.ua (diablo.nbi.com.ua [80.78.36.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3EA3943E6A for ; Sat, 10 Aug 2002 04:39:08 -0700 (PDT) (envelope-from ingoth@nbi.com.ua) Received: from mail.nbi.com.ua (mail.nbi.com.ua [80.78.37.239]) by diablo.nbi.com.ua (8.12.5/8.12.5) with ESMTP id g7ABd0BI062296; Sat, 10 Aug 2002 14:39:01 +0300 (EEST) (envelope-from ingoth@nbi.com.ua) Date: Sat, 10 Aug 2002 14:39:00 +0300 (EEST) From: Aleksandr Kuzminsky To: -=r4hm4n=- Cc: freebsd-security@FreeBSD.ORG Subject: Re: mail anti virus In-Reply-To: <001a01c23fbc$8c2dab80$cd01a8c0@revenge> Message-ID: <20020810143115.D51600-100000@diablo.nbi.com.ua> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 9 Aug 2002, -=r4hm4n=- wrote: > Date: Fri, 9 Aug 2002 22:50:48 +0700 > From: -=r4hm4n=- > To: freebsd-security@FreeBSD.ORG > Subject: mail anti virus > > any body can tell me what is best mail antivirus for freebsd ? As for me, DrWEB(http://www.sald.com/) is the best one. It wokrs with Sendmail, Exim, QMail Postfix, Communigate Pro, Samba and ZMailer. Under free licence it just check mail for viruses and quarantines infected. Full-licenced version can cure mail. It support customised reports. Good update-script is included in distribution. --- Aleksandr Kuzminsky, AK476-RIPE System Administrator, AK16-UANIC ISP NBI. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sat Aug 10 5:49: 7 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EFD6637B400; Sat, 10 Aug 2002 05:48:21 -0700 (PDT) Received: from hotmail.com (dsl-212-135-221-183.dsl.easynet.co.uk [212.135.221.183]) by mx1.FreeBSD.org (Postfix) with SMTP id E63CC43E72; Sat, 10 Aug 2002 05:48:13 -0700 (PDT) (envelope-from konar_adrienne@hotmail.com) Received: from unknown (HELO rly-yk05.pesdets.com) (4.71.194.105) by rly-xw05.oxyeli.com with smtp; 10 Aug 0102 05:43:31 +0400 Received: from [30.153.34.83] by rly-yk04.aolmd.com with QMQP; 10 Aug 0102 09:39:42 -0400 Received: from 49.12.206.153 ([49.12.206.153]) by asy100.as122.sol-superunderline.com with asmtp; 10 Aug 0102 05:35:53 +0800 Received: from unknown (HELO sydint1.microthink.com.au) (192.84.95.243) by rly-xw05.oxyeli.com with NNFMP; 10 Aug 0102 13:32:04 +0900 Received: from [73.69.104.251] by sydint1.microthink.com.au with asmtp; Sat, 10 Aug 0102 22:28:15 -1000 Reply-To: Message-ID: <001a37b61b1a$4536e3c7$3ce38ec4@snawaf> From: To: , , , , , , Subject: Are you ready to Invest now Date: Sat, 10 Aug 0102 11:21:40 +0100 MiME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_00D0_85E10D4E.D7384B52" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: eGroups Message Poster Importance: Normal Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ------=_NextPart_000_00D0_85E10D4E.D7384B52 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: base64 VkVTVEVER0UgQUxFUlQ6IFZvbHVtZSAxNSwgSXNzdWUgNw0KICAgICAgICAg ICAgIA0KICAgICAgICAgICAgWFJBWU1FRElBIFRBUFMgSU5UTyBCSUxMSU9O UywgV0hJTEUgSEVMUElORyBBTEwgQlVTSU5FU1NFUyBHUk9XIA0KICAgICAg ICAgICAgVEhST1VHSCBGSU5BTkNJTkcgQURWRVJUSVNJTkcgUFVSQ0hBU0VT ISEhDQogICAgICAgICAgICAgDQogICAgICAgICAgICAqKioqKklNTUVESUFU RSBTVFJPTkcgQlVZIEFMRVJUIFhSQVlNRURJQSAoT1RDQkI6IFhSTUQpDQog ICAgICAgICAgICAgDQogICAgICAgICAgICBYUkFZTUVESUEgKE9UQ0JCOiBY Uk1EKQ0KICAgICAgICAgICAgODAsMDAwLDAwMCBlc3QuIHNoYXJlcyBvdXRz dGFuZGluZw0KICAgICAgICAgICAgMTUsMDAwLDAwMCBlc3QuIGZsb2F0DQog ICAgICAgICAgICA2MCUgZXN0LiBjb250cm9sbGVkIGJ5IGluc2lkZXJzIA0K ICAgICAgICAgICAgIA0KICAgICAgICAgICAgKioqKioqKioqKioqKioqKioq KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioq KioqKioqKioqKioqKioqKioqKg0KICAgICAgICAgICAgQXMgb3VyIFJFU0VB UkNIIFRFQU0gaXMgYWx3YXlzIGxvb2tpbmcgZm9yIHRoZSBuZXh0IHJpc2lu ZyBTVEFSLCANCiAgICAgICAgICAgIGRlc3BpdGUgbWFya2V0IGNvbmRpdGlv bnMgY29tcGFuaWVzIE5PVyBJREVOVElGSUVEIGFyZSB0aG9zZSB0aGF0IA0K ICAgICAgICAgICAgSEVMUCBCVUlMRCBUSEUgRUNPTk9NWSBhbmQgSEVMUCBB TEwgQlVTSU5FU1NFUyBHUk9XLiBUSEVZIERFU0VSVkUgDQogICAgICAgICAg ICBPVVIgU1BFQ0lBTCBBVFRFTlRJT04gYW5kIGhhdmUgUFJPVkVOIFRIRVkg QVJFIE9OIFRIRSBSSUdIVCBUUkFDSyEhISANCiAgICAgICAgICAgIFZFU1RF REdFIGlzIE9OTFkgaW50ZW5kZWQgZm9yIHRoZSBTRVJJT1VTIElOVkVTVE9S LiANCiAgICAgICAgICAgICoqKioqKioqKioqKioqKioqKioqKioqKioqKioq KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioq KioqKioqKioNCiAgICAgICAgICAgICANCiAgICAgICAgICAgIEdST1dUSCBJ UyBUSEUgS0VZLCBvdXIgc291cmNlcyBnYXZlIHVzIFhSQVlNRURJQSAoT1RD QkI6IFhSTUQpIGFzIA0KICAgICAgICAgICAgb3VyIGxhc3QgTUFKT1IgV0lO TkVSIG1vdmluZyBpdCBVUCBuaWNlbHkgYXMgaXQgU1RBUlRTIFRPIE1BS0Ug SVRTIA0KICAgICAgICAgICAgTU9WRSEhISBJbiB0aGlzIExPVyBwcmljZSBy YW5nZSB3ZSBoYXZlIEJPVUdIVCBMQVJHRSBhbmQgV0UnTEwgDQogICAgICAg ICAgICBDT05USU5VRSB0byBCVVkgTEFSR0UsIGFzIHRoZSByZXN0IG9mIFdB TExTVFJFRVQgY2F0Y2hlcyBPTiwgaXQgd2lsbCANCiAgICAgICAgICAgIFBP UCBVUCBvdmVyIHRoZSBzaG9ydCB0ZXJtIHRvIG91ciBUQVJHRVQgb2YgIiQx LjAwIHBlciBzaGFyZSIuIFdlIA0KICAgICAgICAgICAgYmVsaWV2ZSBpdCB3 aWxsIFRIRU4gY29udGludWUgdG8gTU9WRSBhcyB0aGV5IFBST0dSRVNTIGJ5 IEhFTFBJTkcgDQogICAgICAgICAgICBBTEwgQ09NUEFOSUVTIEdST1cgUkVW RU5VRVMgdGhyb3VnaCB0aGVpciBSRVZPTFVUSU9OQVJZIExJVkUgDQogICAg ICAgICAgICBORUdPVElBVElORyBURUNITk9MT0dZIGZvciB0aGUgQURWRVJU SVNJTkcgSU5EVVNUUlkgY291cGxlZCB3aXRoIA0KICAgICAgICAgICAgdGhl aXIgcmVjZW50IGFiaWxpdHkgdG8gRklOQU5DRSBBRFZFUlRJU0lORyBQVVJD SEFTRVMsIHRoaXMgY29tcGFueSANCiAgICAgICAgICAgIGhhcyBhIHZlcnkg UE9XRVJGVUwgYnVzaW5lc3MgcGxhbiBhbmQgUFJPVklORyBJVCEhIQ0KICAg ICAgICAgICAgIA0KICAgICAgICAgICAgT24gSlVMWSAyNSwgMjAwMiAtIFRI RVkgQU5OT1VOQ0VEIEEgJDUwMCwwMDAuMDAgQURWRVJUSVNJTkcgDQogICAg ICAgICAgICBGSU5BTkNJTkcgREVBTCB3aXRoIE1PUkUgaW4gdGhlIHdvcmtz LCBOT1cgVEhBVCdTIFdIQVQgV0UgQ0FMTCBUSEUgDQogICAgICAgICAgICBG QVNUIFRSQUNLLCBrZWVwIGl0IFVQIEdVWVMhISEgSW4gb3VyIG9waW5pb24g dGhleSBhcmUgVFJVTFkgSEVMUElORyANCiAgICAgICAgICAgIE9VUiBFQ09O T01ZISEhIFRIRSBSRUNFTlQgUlVNT1JTIEhFQVRJTkcgVVAgV0FMTCBTVFJF RVQgaGFzIA0KICAgICAgICAgICAgWFJBWU1FRElBIGxhYmVsZWQgYXMgIlRI RSBORVhUIE1BSk9SIFBMQVlFUiIgaW4gdGhlICJNRURJQSBJTkRVU1RSWSIg DQogICAgICAgICAgICB3aXRoIHRoZSBNT1NUIFNPUEhJU1RJQ0FURUQgU09G VFdBUkUgSU4gVEhFIElORFVTVFJZISEhDQogICAgICAgICAgICAgDQogICAg ICAgICAgICBXZSd2ZSBoZWFyZCAiQlVZLU9VVCIgd2UndmUgaGVhcmQgIlRB S0UtT1ZFUiIsIGFuZCBhZnRlciBvdXIgDQogICAgICAgICAgICBkaWxpZ2Vu Y2UgdGhpcyBjb21wYW55IGhhcyBOTyBpbnRlbnRpb25zIG9mIGJlaW5nIEJP VUdIVC1PVVQsIGluIA0KICAgICAgICAgICAgRkFDVCB0aGVpciBsYXN0IE5F V1MgUkVMRUFTRSBzdGF0ZXMgdGhleSBhcmUgTk9XIEZJTkFOQ0lORyANCiAg ICAgICAgICAgIEFEVkVSVElTSU5HIFBVUkNIQVNFUyBvZiBhbGwgc2l6ZXMh ISEgVEhFWSBISVQgVEhFIEFEVkVSVElTSU5HIA0KICAgICAgICAgICAgSU5E VVNUUlkgaW4gdGhlIFJJR0hUIFNQT1QhISEgDQogICAgICAgICAgICAgDQog ICAgICAgICAgICBPTkNFIEFHQUlOLCB0aGlzIElOVkVTVE1FTlQgaXMgYSBu by1icmFpbmVyIHdoZW4geW91IGxvb2sgYXQgdGhlIA0KICAgICAgICAgICAg cG9zaXRpb24gdGhlIGNvbXBhbnkgaXMgaW4uIElOIFRISVMgTE9XIFBSSUNF IFJBTkdFIHdlIGNhbiBidXkgYSANCiAgICAgICAgICAgIHRvbiwgbXVsdGlw bGllZCBncm93dGggY3VydmUsIGZ1bmRhbWVudGFsIHRpbWluZywgdGhlIGNv bXBhbnkncyANCiAgICAgICAgICAgIHJlY2VudCBhbm5vdW5jZW1lbnRzIHNl ZW0gdG8gYmUgbW92aW5nIHRvd2FyZHMgQSBNQUpPUiBTV0lORywgYmlnIA0K ICAgICAgICAgICAgcmV2ZW51ZSB0aHJvdWdoIGl0cyBORVcgQURWRVJUSVNJ TkcgRklOQU5DRSBERVBBUlRNRU5ULCBNRURJQSANCiAgICAgICAgICAgIFBB UlRORVJTLCBzdXN0YWluZWQgZ3Jvd3RoIGZyb20gQVJFQSBQQVJUTkVSUywg cG90ZW50aWFsbHkgYnJpbmdpbmcgDQogICAgICAgICAgICBpbiBNSUxMSU9O UyBvZiBkb2xsYXJzIGluIHRyYW5zYWN0aW9ucyBwZXIgZGF5LCBhbmQgd2Ug bG92ZSBpdCwgd2UgDQogICAgICAgICAgICB3aWxsIGNvbnRpbnVlIHRvIEJV WSBGQVNUIEFORCBIVUdFISBJdCBpcyBhbWF6aW5nIGhvdyBzaW1wbGUgaXQg aXMsIA0KICAgICAgICAgICAgYmVpbmcgSU4sIGF0IHRoZSByaWdodCBQUklD RSwgYXQgdGhlIHJpZ2h0IFRJTUUgYW5kIHdhdGNoaW5nIGl0IA0KICAgICAg ICAgICAgTVVMVElQTFkhISEgVGhlIGltbWVuc2Ugc2l6ZSBvZiB0aGUgYWR2 ZXJ0aXNpbmcgaW5kdXN0cnkgaXMgbm8gDQogICAgICAgICAgICBzZWNyZXQs IGFzIGEgd2hvbGUsIHRyYWRpdGlvbmFsIGFuZCBvbmxpbmUgYWR2ZXJ0aXNp bmcgaXMgcHVsbGluZyBpbiANCiAgICAgICAgICAgIHdlbGwgb3ZlciAkNTAw IGJpbGxpb24gYW5udWFsbHkgaW4gTm9ydGggQW1lcmljYSBhbG9uZS4gWFJB WU1FRElBIA0KICAgICAgICAgICAgaGFzIHBvc2l0aW9uZWQgaXRzIHNlbGYg YXMgYSBjb25kdWl0IHRvIGNoYW5uZWwgdGhhdCByZXZlbnVlIHRocm91Z2gg DQogICAgICAgICAgICB0aGVpciBnZW5lcmFsIGJ1c2luZXNzIGNvbW11bml0 eSBieSBsYXVuY2hpbmcgYSAiTElWRSBNRURJQSBUUkFESU5HIA0KICAgICAg ICAgICAgQ0VOVEVSIiBhbmQgaGFzIGRlZmluaXRlbHkgYXR0cmFjdGVkIHRo ZSBBVFRFTlRJT04gb2YgdGhlIEJJRyBCT1lTIA0KICAgICAgICAgICAgd2l0 aCBOTyBJTlRFTlRJT05TIG9mIFNFTExJTkcgT1VUISEhIA0KICAgICAgICAg ICAgIA0KICAgICAgICAgICAgU2VlaW5nIHRoaXMgY29tcGFueSBtb3ZlIGlu dG8gdGhlIGluZHVzdHJ5IGF0IHN1Y2ggYSBoaWdoIGVudHJ5IA0KICAgICAg ICAgICAgcG9pbnQgUFJPVkVTIE9VUiBSRVNFQVJDSCBURUFNIGhhcyBnb3Qg UFVMTCBvciBqdXN0IHBsYWluIGhhcmQgd29yaywgDQogICAgICAgICAgICBl aXRoZXIgd2F5IGF0IHBlbm5pZXMgYSBzaGFyZSwgWFJBWU1FRElBIGlzIGFu IGludmVzdG1lbnQgZHJlYW0gY29tZSANCiAgICAgICAgICAgIHRydWUuIE9u Y2UgdGhleSBzdXN0YWluIHRoZWlyIFJFVkVOVUUgb3IgTUVSR0Ugb3IgR0VU IEJPVUdIVCBPVVQsIHdlIA0KICAgICAgICAgICAgYXJlIGxvb2tpbmcgZm9y IGEgdGFyZ2V0IHByaWNlIG9mICQ1LjAwLSAkMTAuMDAgZG9sbGFycyBwZXIv c2hhcmUgDQogICAgICAgICAgICBwcmV0dHkgcXVpY2ssIHRoYXQncyB3aHkg d2UgYnV5IHRoZXNlIHR5cGVzIG9mIEhJR0ggR1JPV1RIIGNvbXBhbWllcy4g DQoJDQogICAgICAgICAgICAgDQogICAgICAgICAgICBUaGV5IGhhdmUgc29t ZSBhbWF6aW5nIHRlY2hub2xvZ3k7IHdlIHVuZGVyc3RhbmQgdGhlIGNsb3Nl c3QgDQogICAgICAgICAgICB0ZWNobm9sb2d5IGNvbXBldGl0b3JzIGFyZSB1 c2luZyBkYXRlZCBhdWN0aW9uIHRlY2hub2xvZ3kgc2ltaWxhciB0byANCiAg ICAgICAgICAgIEVCQVkgb3IgWUFIT08gYW5kIHN0aWxsIHB1bGxpbmcgaW4g bWlsbGlvbnMgb2YgZG9sbGFycyBhIGRheSBpbiANCiAgICAgICAgICAgIHJl dmVudWUgYXVjdGlvbmluZyBhZHZlcnRpc2luZyBzcGFjZS4gWFJBWU1FRElB J3MgdGVjaG5vbG9neSBJUyBUSEUgDQogICAgICAgICAgICBNQUpPUiBUQVJH RVQgYW5kIGl0IGNhbiB0YWtlIHRoaXMgcmV2ZW51ZSB0byB0aGUgbmV4dCBs ZXZlbC4gUGF0ZW50IA0KICAgICAgICAgICAgUGVuZGluZyBMaXZlIE1lZGlh IFRyYWRpbmcgdGhyb3VnaCB0aGUgSW50ZXJuZXQganVzdCBsaWtlIHRoZSBT VE9DSyANCiAgICAgICAgICAgIE1BUktFVCwgd2UndmUgZ290IHRvIGp1c3Qg bG92ZSBpdCEhIQ0KICAgICAgICAgICAgIA0KICAgICAgICAgICAgVGhlaXIg TWVkaWEgU3VwZXJQb3J0YWwgYW5kIExpdmUgTWVkaWEgTWFya2V0cGxhY2Ug d2FzIGRldmVsb3BlZCB0byANCiAgICAgICAgICAgIGNyZWF0ZSBhIHJlYWwt dGltZSB0cmFkaW5nIGVudmlyb25tZW50IGZvciBtZWRpYSBhbmQgYWR2ZXJ0 aXNpbmcgDQogICAgICAgICAgICBpbmR1c3RyeSwgdGhleSBjb3ZlciBhbGwg dGhlIG1lZGlhIHNlY3RvcnMgbGlrZSBUViwgUmFkaW8sIFByaW50LCANCiAg ICAgICAgICAgIE9ubGluZSwgT3V0LW9mLUhvbWUgYW5kIFNwZWNpYWx0eSBB ZHZlcnRpc2luZy4gSXQgZ2l2ZXMgYnV5ZXJzIGFuZCANCiAgICAgICAgICAg IHNlbGxlcnMgdGhlIG9wcG9ydHVuaXR5IHRvIG5lZ290aWF0ZSB3aXRoIDEs IDEwLCAxMDAgcGVvcGxlIGFsbCBhdCANCiAgICAgICAgICAgIHRoZSBzYW1l IHRpbWUgYW5kIG5vIG9uZSBzZWVzIHdoYXQgdGhlIG90aGVycyBhcmUgZG9p bmcsIGFsbCBpbiByZWFsIA0KICAgICAgICAgICAgdGltZS4gVGhpcyBpcyBh IHJlYWwgbW9uZXkgbWFrZXIsIFhSQVlNRURJQSBtYWtlcyBpdHMgbW9uZXkg YnkgDQogICAgICAgICAgICBjaGFyZ2luZyBicm9rZXIgZmVlcyBvbiBjbG9z ZWQgZGVhbHMganVzdCBsaWtlIHRoZSBTVE9DSyBCUk9LRVJTIGFuZCANCiAg ICAgICAgICAgIERJU0NPVU5UIElOVEVSTkVUIFRSQURJTkcgSE9VU0VTLCB3 ZSB0aGluayB0aGV5IGtuZXcgd2hhdCB0aGV5IHdoZXJlIA0KICAgICAgICAg ICAgZG9pbmcgYnkgY2hvb3NpbmcgdGhlIHJpZ2h0IGluZHVzdHJ5IGF0IHRo ZSByaWdodCB0aW1lLiAkMTAwIG1pbGxpb24gDQogICAgICAgICAgICBkb2xs YXIgcmV2ZW51ZSBwYXJ0bmVycywgYWQgYWdlbmNpZXMsIG1lZGlhIGJ1eWlu ZyBmaXJtcywgYmx1ZSBjaGlwIA0KICAgICAgICAgICAgY29tcGFuaWVzIHVz aW5nIHRoZSB0ZWNobm9sb2d5LCB0aGUgZ3Jvd3RoIHBvdGVudGlhbCBpcyBy ZXNvdW5kaW5nLiANCiAgICAgICAgICAgIFdlIGhhdmVuJ3QgaGFkIGJhY2st dG8tYmFjayBtYWpvciB3aW5uZXJzIGluIGEgd2hpbGUgdGhpcyBpcyBnb29k OyANCiAgICAgICAgICAgIFNlZWluZyB0aGlzIGNvbXBhbnkgZ3JvdyB0byBi bHVlIGNoaXAgc3RhdHVzIGlzIG91ciBsb25nLXRlcm0gZ29hbCwgDQogICAg ICAgICAgICBzaG9ydCB0ZXJtIHRoZSBjb21wYW55IGhhcyBzb21lIHNlcmlv dXMgd2hlZWxzLCB0aGlzIGlzIG91ciB0b3AgcGljayANCiAgICAgICAgICAg IGZvciBwcmljZSBhbmQgcGVyY2VudGFnZSBnYWlucywgbWFrZSBzdXJlIHlv dSdyZSBvbiBib2FyZCBub3cgYW5kIA0KICAgICAgICAgICAgd2UnbGwgc2Vl IHlvdSBhdCB0aGUgYmlnIHBhcnR5IQ0KICAgICAgICAgICAgIA0KICAgICAg ICAgICAgIA0KICAgICAgICAgICAgKioqVGhpcyByZXBvcnQgaXMgYmFzZWQg b24gb3VyIHJlc2VhcmNoIGFuZCBvdXIgc291cmNlcyBpZGVudGlmeWluZyAN CiAgICAgICAgICAgIGltbWVkaWF0ZSBncm91bmQgZmxvb3IgaW52ZXN0bWVu dCBvcHBvcnR1bml0aWVzIGZvciB0aGUgZ2VuZXJhbCANCiAgICAgICAgICAg IHB1YmxpYy4gTWFraW5nIGEgdGltZWx5IGludmVzdG1lbnQgY2FsbCBhbmQg bWF4aW1pemluZyB5b3VyIHJldHVybiANCiAgICAgICAgICAgIGlzIG91ciBn b2FsLiBWRVNURURHRSBoYXMgKk5PVCogYmVlbiBjb21wZW5zYXRlZCB0byBw cm9kdWNlIHRoaXMgb3IgDQogICAgICAgICAgICBhbnkgb2Ygb3VyIG9waW5p b25zLiBUaGlzIHJlcG9ydCBpcyBmcmVlIHRvIHRoZSBwdWJsaWMgYW5kIHN0 cmljdGx5IA0KICAgICAgICAgICAgY29tcHJpc2VkIG9mIG91ciBvcGluaW9u cyBhbmQgeW91IHNob3VsZCBhbHdheXMgZG8geW91ciBvd24gDQogICAgICAg ICAgICBkaWxpZ2VuY2UgYW5kIG1ha2Ugc3VyZSB5b3UgdGFrZSBjb250cm9s IG9mIHlvdXIgb3duIGludmVzdG1lbnQgDQogICAgICAgICAgICBkZWNpc2lv bnMgd2hpbGUgY29uc3VsdGluZyB5b3VyIGJyb2tlciBvciBpbnZlc3RtZW50 IGNvdW5zZWwuDQogICAgICAgICAgICAgDQogICAgICAgICAgICA= To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sat Aug 10 12:28: 5 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4B33F37B400 for ; Sat, 10 Aug 2002 12:28:03 -0700 (PDT) Received: from hotmail.com (f11.pav0.hotmail.com [64.4.33.82]) by mx1.FreeBSD.org (Postfix) with ESMTP id 112D943E5E for ; Sat, 10 Aug 2002 12:28:03 -0700 (PDT) (envelope-from cdgaming@msn.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sat, 10 Aug 2002 12:28:02 -0700 Received: from 24.207.183.177 by pv0fd.pav0.hotmail.msn.com with HTTP; Sat, 10 Aug 2002 19:28:02 GMT X-Originating-IP: [24.207.183.177] From: "Chest Rockwell" To: freebsd-security@FreeBSD.ORG Subject: screen question/problem. Date: Sat, 10 Aug 2002 14:28:02 -0500 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 10 Aug 2002 19:28:02.0981 (UTC) FILETIME=[0B657D50:01C240A4] Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org i created a user but when i login as that user and try to use screen, i get this error. You are not the owner of /tmp/uscreens/S-gdiggers. can anyone tell me how to fix this? _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sat Aug 10 13: 7:33 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BC5FA37B400 for ; Sat, 10 Aug 2002 13:07:30 -0700 (PDT) Received: from mail47.fg.online.no (mail47-s.fg.online.no [148.122.161.47]) by mx1.FreeBSD.org (Postfix) with ESMTP id D93CD43E5E for ; Sat, 10 Aug 2002 13:07:28 -0700 (PDT) (envelope-from pulz@pulz.no) Received: from elixor (ti500720a080-0075.bb.online.no [80.213.72.75]) by mail47.fg.online.no (8.9.3/8.9.3) with SMTP id WAA19052; Sat, 10 Aug 2002 22:07:26 +0200 (MET DST) Message-ID: <001901c240a9$85917bb0$fa00a8c0@elixor> From: =?iso-8859-1?Q?Geir_R=E5ness?= To: "Chest Rockwell" Cc: References: Subject: Re: screen question/problem. Date: Sat, 10 Aug 2002 22:07:15 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org rm -fr /tmp/uscreens/S-gdiggers (as root) and start the screen, now it shuld work (from the user) =20 ----- Original Message -----=20 From: "Chest Rockwell" To: Sent: Saturday, August 10, 2002 9:28 PM Subject: screen question/problem. >=20 > i created a user but when i login as that user and try to use screen, = i get=20 > this error. >=20 >=20 > You are not the owner of /tmp/uscreens/S-gdiggers. >=20 >=20 > can anyone tell me how to fix this? >=20 > _________________________________________________________________ > Send and receive Hotmail on your mobile device: http://mobile.msn.com >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message >=20 >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sat Aug 10 22:20:41 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1A9D737B400 for ; Sat, 10 Aug 2002 22:20:39 -0700 (PDT) Received: from mail.yazzy.org (mail.wrs.no [80.232.16.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id 40D3343E6E for ; Sat, 10 Aug 2002 22:20:38 -0700 (PDT) (envelope-from yazzy@yazzy.org) Received: by mail.yazzy.org (Postfix, from userid 81) id 6E8056C8D316; Sat, 10 Aug 2002 21:37:28 +0200 (CEST) Received: from 80.232.16.66 (SquirrelMail authenticated user yazzy.yazzy.org) by www.yazzy.org with HTTP; Sat, 10 Aug 2002 21:37:28 +0200 (CEST) Message-ID: <42247.80.232.16.66.1029008248.squirrel@www.yazzy.org> Date: Sat, 10 Aug 2002 21:37:28 +0200 (CEST) Subject: Re: screen question/problem. From: "Marcin Jessa" To: , In-Reply-To: References: X-Priority: 3 Importance: Normal X-MSMail-Priority: Normal Reply-To: yazzy@yazzy.org X-Mailer: SquirrelMail (version 1.2.6) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org How is your screen mounted, what do you have in your fstab? Chest Rockwell said: > > i created a user but when i login as that user and try to use screen, i > get this error. > > > You are not the owner of /tmp/uscreens/S-gdiggers. > > > can anyone tell me how to fix this? > > _________________________________________________________________ > Send and receive Hotmail on your mobile device: http://mobile.msn.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sat Aug 10 22:26:44 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 38CA837B400 for ; Sat, 10 Aug 2002 22:26:41 -0700 (PDT) Received: from mail.yazzy.org (mail.wrs.no [80.232.16.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id BC47543E4A for ; Sat, 10 Aug 2002 22:26:40 -0700 (PDT) (envelope-from yazzy@yazzy.org) Received: by mail.yazzy.org (Postfix, from userid 81) id ED1846301BD3; Sun, 11 Aug 2002 07:26:33 +0200 (CEST) Received: from 80.232.16.66 (SquirrelMail authenticated user yazzy.yazzy.org) by www.yazzy.org with HTTP; Sun, 11 Aug 2002 07:26:33 +0200 (CEST) Message-ID: <48016.80.232.16.66.1029043593.squirrel@www.yazzy.org> Date: Sun, 11 Aug 2002 07:26:33 +0200 (CEST) Subject: Re: screen question/problem. From: "Marcin Jessa" To: Importance: Normal X-MSMail-Priority: Normal X-Priority: 3 In-Reply-To: <42247.80.232.16.66.1029008248.squirrel@www.yazzy.org> References: <42247.80.232.16.66.1029008248.squirrel@www.yazzy.org> Reply-To: yazzy@yazzy.org X-Mailer: SquirrelMail (version 1.2.6) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi. Ugh, a tired man should stay away from helping other people. What I ment is how is your tmp mounted. It may have some special flags in the fstab file preventing you from accessing anything in it. Marcin Jessa said: > How is your screen mounted, what do you have in your fstab? > > Chest Rockwell said: >> >> i created a user but when i login as that user and try to use screen, >> i get this error. >> >> >> You are not the owner of /tmp/uscreens/S-gdiggers. >> >> >> can anyone tell me how to fix this? >> >> _________________________________________________________________ Send >> and receive Hotmail on your mobile device: http://mobile.msn.com >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-security" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message