|
|
otgovarya Ot: muss Na: 21-11-2003@9:54 GMT+2 Otsenka: 1/Neutralenv 11:54 probvah - bachka si ?
[Otgovori na tozi komentar]
Kum: otgovarya Ot: mironcho <mironcho< at >linux-bg< dot >org> Na: 21-11-2003@9:56 GMT+2 Otsenka: 1/NeutralenStava duma za http://us.debian.org
[Otgovori na tozi komentar]
Kum: Kum: otgovarya Ot: N. Antonov <nikola __@__ linux-bg__dot__org> Na: 21-11-2003@10:00 GMT+2 Otsenka: 1/NeutralenDa, stava duma za tsentralniia amerikanski survur, ot koito tegliat paketi vsichki ostanali ogledalni survuri.
Ako tazi informatsiia e dostoverna, to ednistvenoto predpolozhenie mozhe da bude, che tova e delo na chovek, koito raboti ili e rabotil za proekta i poznava infrastrukturata na tsialata sistema otvutre.
[Otgovori na tozi komentar] Kum: Kum: Kum: otgovarya Ot: new Na: 21-11-2003@10:14 GMT+2 Otsenka: 1/NeutralenEdinstvenoto prepolojenie moje da e, che linux (v sluchaia debian) ima sastite problemi sas sigurnostta kakto i windows.
Informaciata izglejda dostoverna, pone po mail-a poluchih podobno saobstenie ot priatel, koito se zanimava s linux za korporativni reshenia.
Ta tam ima preduprejdenie da se vazdarjam, ot kakvito i da sa instalacii na debian i kakvito i da sa updat-i do izisniavane na problema. Opaseniata sa, che nestata moje bi sa dosta po-loshi ( nadiavam se da ne sa).
A inache e goliam sram.
Dano da reheat problema barzo, za da ima s kakvo da se pohvalim.
[Otgovori na tozi komentar] Kum: Kum: otgovarya Ot: muss Na: 21-11-2003@11:14 GMT+2 Otsenka: 1/Neutralenups ... az pqk tqpo si sledvah linka :))
[Otgovori na tozi komentar]
Poturdeno e Ot: Ognian Kulev <ogi__at__fmi __tochka__ uni-sofia __tochka__ bg> Na: 21-11-2003@11:35 GMT+2 Otsenka: 1/NeutralenPoluchih pismo, v koeto novinata se potvurzhdava. Eto izvadka:
Some Debian Project machines have been compromised
This is a very unfortunate incident to report about. Some Debian servers were found to have been compromised in the last 24 hours.
The archive is not affected by this compromise!
In particular the following machines have been affected:
. master (Bug Tracking System)
. murphy (mailing lists)
. gluck (web, cvs)
. klecker (security, non-us, web search, www-master)
[Otgovori na tozi komentar] Instsenirovka Ot: N. Antonov <nikola< at >linux-bg__dot__org> Na: 21-11-2003@14:46 GMT+2 Otsenka: 1/NeutralenIstoriiata za proslovutoto krakvane na debian.org mai se okaza mnogo po-interesna i za shtastie opravda purvonachalnoto mi nedoverie kum informatsiiata, che vsuchku survuri bili komprometirani.
Eto kakvo se poiavi v listata na Debian po tazi tema:
Ot:
smurfd <smurfd@smurfnet.homelinux.net>
Za:
debian-user@lists.debian.org
Data:
Dnes 15:49:40
Hmm well i might be totaly out of line here,but dont you think, that IF
it were a real threat, that someone over at Debian would have commented
it, and since the one claiming the server 'problem' would have had some
real proof?
Have a little faith in the debian folks!
I sure do!
What i dont trust, is some one claiming such things, and not having a
@debian.org mailadress :-)
So what, its a new revision release coming up, they surely know that
there will be a lot for the servers to do. so they take them down, and
upgrade all packages. and perhaps throw in some tuning.. or something..
Relax, they will sure post a note about it soon enough, especially if
they notice all the Roumble it has created on this list ;-)
/smurfd
Taka che, gospoda, ne burzaite da zlobeete. Problemite na Linuks ili na Debian niamat nishto obshto s problemite na niakoi drugi OS, s koito niakoi si pozvoliavat da go sravniavat;)
[Otgovori na tozi komentar]
RAMEN !?. Ot: the_real_maniac Na: 21-11-2003@15:34 GMT+2 Otsenka: 1/NeutralenAko si spomniate za RAMEN - cherveicheto kakvi dobrini napravi ;) I niakude mozhe i oshte da ... :P Taka che , ako sa haknati / zashtoto ne sa naraneni finansovi interesi - Debian e istinski bezplaten ;) :) :) / - to e za dobro - samo dano sa gi i svetnali kude tochno e golemiia gaf ;) Bug po-skoro :) Ako sa si svaleni ot Debian TEAM da go kazhem - emi pak e na dobre , taka che tova e free obshtestvo ... Ot koeto mogat da proiztechut 99% hubavi neshta , niama miasto za osobeno bezpokoistvo , osven ako e bilo umishleno ot M$ && SCO i drugi nedobrozhelateli deianie !!!
Sko da sprut Novel ( znam che e druga tema ) , he da be da kak li puk ne , te sa se hvanali za Suse kato mravkata slamkata ;)
Puk i da ne gi kupiat Suse pak dobre, taka che ... spokoino i trezveno mislene , a i programirane ;))) :)
[Otgovori na tozi komentar]
Ne po temata. Ot: webmastera <webmastera__at__vip __tochka__ bg> Na: 21-11-2003@21:34 GMT+2 Otsenka: 1/NeutralenZnam che tova koeto iskam da popitam ne e mnogo svyrzano s temata, no vse pak. Znachi za dve sedmici pretyrpiah dve ataki na home pc-to si. V edinia sluchai beshe probiv prez ProFTPD server-a i DDoS, vtoria pyt mislia che e bilo samo DDoS(poneze veche biah razkaral ProFTPD), no az vednaga go resetnah i se svyrshi problema, za tova pyk prednia pyt gorkoto mi Thunderbird-che e rabotilo cial den na 100% :( . Ta znachi vyprosa mi e ima li nachi i ako da kak po-tochno da ogranicha vsiakakvi vyzmozni ataki otvyn, dori ping za edin ot interfeisite?
[Otgovori na tozi komentar]
Kum: Ne po temata. Ot: bozhan Na: 22-11-2003@11:27 GMT+2 Otsenka: 1/Neutraleniptables
http://www.iptables.org/documentation/HOWTO//packet-filtering-HOWTO-7.html
Syn-flood protection:
# iptables -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT
Furtive port scanner:
# iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
Ping of death:
# iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
i t.n.
e niakakvo reshenie vse pak
[Otgovori na tozi komentar]
Kum: Kum: Ne po temata. Ot: webmastera <webmastera (a) vip __tochka__ bg> Na: 22-11-2003@12:00 GMT+2 Otsenka: 1/NeutralenMnogo ti blagodaria za informaciata :). Samoche tazi mashina mi e i ruter kym vytreshna mreza, dali niama da povliae niakak izpylnenieto na tezi komandi. Vmomenta za rutirane polzvam:
----------------------------------
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -P INPUT DROP
iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -A FORWARD -i eth1 -o eth1 -j REJECT
------------------------------------
[Otgovori na tozi komentar] Kum: Kum: Kum: Ne po temata. Ot: N. Antonov <nikola (a) linux-bg[ tochka ]org> Na: 22-11-2003@12:15 GMT+2 Otsenka: 1/NeutralenNiama da povliiae. Pravilata, koito sa ti dali, se otnasiat do protokola icmp i po-tochno tipa --echo-request, koito se polzva za icmp flood. Tochno tova e dobre da zabranish na rutera si, zashtoto shte ti spesti trafik - povecheto zarazeni bozi bulvat takiva zaiavki, kogato cherveite v tiah se razmurdat. Sushtoto mozhesh da napravish i chrez manipulirane na /proc/sys/net/ipv4 na nivo kernel. Vizh /etc/sysctl.conf. Mozhesh da poglednesh pri men, v http://config.debian-nikola.homelinux.net .
Togava rabota suvsem se opicha;) Kogato zaiavkite ne minavat prez rutera, ostava poveche miasto za normalniia trafik.
Vuobshte windows generira tolkova izlishen trafik, che ako svetut beshe normalen, bi triabvalo da se zabrani za izpolzvane v mrezha.
[Otgovori na tozi komentar]
Imia niakakuv problem Ot: p Na: 22-11-2003@12:26 GMT+2 Otsenka: 1/NeutralenIzglezhda ima neshto viarno v informatsiiata.
Ot niakolko chasa se mucha da polzvam tursachkata i tursachkata na paketi v saita im i ne rabotiat.
Niakoi ima li informatsiia kakvo stava?
[Otgovori na tozi komentar] iskam Debian Ot: StoneToDeath <varnaboy __@__ mail< dot >bg> Na: 22-11-2003@13:43 GMT+2 Otsenka: 1/NeutralenAm toq site si e OK ama ne moa da razbera samo 1:
6to podqvolite ne vzemete da slojite 7-te install disk-a na Debian ili pone link kym nqkoi FTP ot kydeto moje da se download ...
[Otgovori na tozi komentar]
Kum: iskam Debian Ot: N. Antonov <nikola< at >linux-bg< dot >org> Na: 22-11-2003@13:45 GMT+2 Otsenka: 1/Neutralen:)
Predi da si zadadesh vuprosa, na koito izobshto ne mu e miastoto tuk, mozheshe da poglednesh v razdela "Distributsii";)
[Otgovori na tozi komentar]
Debian: Attack Didn't Harm Source Code Ot: coldy <coldy< at >linuxmail__dot__org> Na: 23-11-2003@21:46 GMT+2 Otsenka: 1/NeutralenOshte informatsiia ot eWeek http://eweek.com/article2/0,4149,1394538,00.asp
Redaktiran na: 23-11-2003@21:52
[Otgovori na tozi komentar]
|
|
|
|
|
|
|
|