Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: lists.debian.org > debian-user-digest > 07 > 070208.html (Request Expert lists.debian.org Support)

debian-user-digest Digest V2007 #2028

From: <debian-user-digest-request(at)lists.debian.org>
Date: Thu Jul 26 2007 - 14:42:41 EDT


Content-Type: text/plain

debian-user-digest Digest Volume 2007 : Issue 2028

Today's Topics: 

  Re: what is this in tcpdump?          [ Nigel Henry  ]
  why do iceweasel et al have more fre  [ Douglas Allan Tutty  ]
  Re: why do iceweasel et al have more  [ John Hasler  ]
  Where is Lame in Sarge?               [ Hal Vaughan  ]
  Re: How to generate script with Apac  [ "Mumia W.."  ]
  Re: How Debian BTS and its tools can  [ Joey Hess  ]
  Re: why do iceweasel et al have more  [ Douglas Allan Tutty 

Date: Thu, 26 Jul 2007 18:17:40 +0200


From: Nigel Henry <cave.dnb@tiscali.fr>


To: debian-user@lists.debian.org


Subject: Re: what is this in tcpdump?

Message-Id: <200707261817.41114.cave.dnb@tiscali.fr>
Content-Disposition: inline
Content-Type: Multipart/Mixed;



  boundary="Boundary-00=_kkMqGHLZPqZkLVm"



--Boundary-00=_kkMqGHLZPqZkLVm


Content-Type: text/plain;


  charset="utf-8"


Content-Transfer-Encoding: 7bit


Content-Disposition: inline



On Thursday 26 July 2007 00:47, Andrew Sackville-West wrote:

> I get a lot of these in my tcpdump on my machine:
>
> 15:45:47.427003 IP basement.ipp > 192.168.1.31.ipp: UDP, length 129
> 15:45:48.427004 IP basement.ipp > 192.168.1.31.ipp: UDP, length 167
>
> 192.168.1.31 is my broadcast address, and basement is me. They usually
>           come in pairs like this, though sometimes split up by other
>           traffic. Always, though, its one of length 129 and one of
>           167
>
> A

Hi Andrew. It looks like these are just broadcasts from your print server. The 
difference in packet size seems to indicate that you have 2 printers. I have 
2 broadcasts every 30 secs. One is 189bytes, and the other 190bytes. I only 
have one printer. Printer1 on the Wireshark output attached should not be 
there, and will have to look into that, and get rid of the duplicated entry.


Do you need help?X

I have a bunch of distros that run on the machine that has the printer 
physically attached to it, and even more distros on the other machine that is 
using network printing. I've  obviously misconfigured something somewhere, 
which is very easy to do.



See attachment below.



Nigel.



--Boundary-00=_kkMqGHLZPqZkLVm


Content-Type: application/octet-stream;


  name="Wireshark-capture-20070726"


Content-Transfer-Encoding: base64


Content-Disposition: attachment;


        filename="Wireshark-capture-20070726"



1MOyoQIABAAAAAAAAAAAAP//AAABAAAAZ8SoRqz+BAC9AAAAvQAAAP///////wBQ2rU4SQgARQAA
rwTgQABAEXPQwKgA5v////8CdwJ3AJuv/TkwMGUgMyBpcHA6Ly9sb2NhbGhvc3Q6NjMxL3ByaW50
ZXJzL3ByaW50ZXIgIiIgIkNyZWF0ZWQgYnkgcmVkaGF0LWNvbmZpZy1wcmludGVyIDAuNi54IiAi
RXBzb24gU3R5bHVzIEM0MlVYIEZvb21hdGljL2dpbXAtcHJpbnQtaWpzIChyZWNvbW1lbmRlZCki
CmjEqEbCBQUAvgAAAL4AAAD///////8AUNq1OEkIAEUAALAE4UAAQBFzzsCoAOb/////AncCdwCc
QTk5MDBlIDMgaXBwOi8vbG9jYWxob3N0OjYzMS9wcmludGVycy9wcmludGVyMSAiIiAiQ3JlYXRl
ZCBieSByZWRoYXQtY29uZmlnLXByaW50ZXIgMC42LngiICJFcHNvbiBTdHlsdXMgQzQyVVggRm9v
bWF0aWMvZ2ltcC1wcmludC1panMgKHJlY29tbWVuZGVkKSIKhsSoRkTwBAC9AAAAvQAAAP//////
/wBQ2rU4SQgARQAArwTiQABAEXPOwKgA5v////8CdwJ3AJuv/TkwMGUgMyBpcHA6Ly9sb2NhbGhv
c3Q6NjMxL3ByaW50ZXJzL3ByaW50ZXIgIiIgIkNyZWF0ZWQgYnkgcmVkaGF0LWNvbmZpZy1wcmlu
dGVyIDAuNi54IiAiRXBzb24gU3R5bHVzIEM0MlVYIEZvb21hdGljL2dpbXAtcHJpbnQtaWpzIChy
ZWNvbW1lbmRlZCkiCofEqEaJ7wQAvgAAAL4AAAD///////8AUNq1OEkIAEUAALAE40AAQBFzzMCo
AOb/////AncCdwCcQTk5MDBlIDMgaXBwOi8vbG9jYWxob3N0OjYzMS9wcmludGVycy9wcmludGVy
MSAiIiAiQ3JlYXRlZCBieSByZWRoYXQtY29uZmlnLXByaW50ZXIgMC42LngiICJFcHNvbiBTdHls
dXMgQzQyVVggRm9vbWF0aWMvZ2ltcC1wcmludC1panMgKHJlY29tbWVuZGVkKSIKpcSoRrblBAC9
AAAAvQAAAP///////wBQ2rU4SQgARQAArwTkQABAEXPMwKgA5v////8CdwJ3AJuv/TkwMGUgMyBp
cHA6Ly9sb2NhbGhvc3Q6NjMxL3ByaW50ZXJzL3ByaW50ZXIgIiIgIkNyZWF0ZWQgYnkgcmVkaGF0
LWNvbmZpZy1wcmludGVyIDAuNi54IiAiRXBzb24gU3R5bHVzIEM0MlVYIEZvb21hdGljL2dpbXAt
cHJpbnQtaWpzIChyZWNvbW1lbmRlZCkiCqbEqEaC7wQAvgAAAL4AAAD///////8AUNq1OEkIAEUA
ALAE5UAAQBFzysCoAOb/////AncCdwCcQTk5MDBlIDMgaXBwOi8vbG9jYWxob3N0OjYzMS9wcmlu
dGVycy9wcmludGVyMSAiIiAiQ3JlYXRlZCBieSByZWRoYXQtY29uZmlnLXByaW50ZXIgMC42Lngi
ICJFcHNvbiBTdHlsdXMgQzQyVVggRm9vbWF0aWMvZ2ltcC1wcmludC1panMgKHJlY29tbWVuZGVk
KSIKxMSoRlfXBAC9AAAAvQAAAP///////wBQ2rU4SQgARQAArwTmQABAEXPKwKgA5v////8CdwJ3
AJuv/TkwMGUgMyBpcHA6Ly9sb2NhbGhvc3Q6NjMxL3ByaW50ZXJzL3ByaW50ZXIgIiIgIkNyZWF0
ZWQgYnkgcmVkaGF0LWNvbmZpZy1wcmludGVyIDAuNi54IiAiRXBzb24gU3R5bHVzIEM0MlVYIEZv
b21hdGljL2dpbXAtcHJpbnQtaWpzIChyZWNvbW1lbmRlZCkiCsXEqEaf1gQAvgAAAL4AAAD/////
//8AUNq1OEkIAEUAALAE50AAQBFzyMCoAOb/////AncCdwCcQTk5MDBlIDMgaXBwOi8vbG9jYWxo
b3N0OjYzMS9wcmludGVycy9wcmludGVyMSAiIiAiQ3JlYXRlZCBieSByZWRoYXQtY29uZmlnLXBy
aW50ZXIgMC42LngiICJFcHNvbiBTdHlsdXMgQzQyVVggRm9vbWF0aWMvZ2ltcC1wcmludC1panMg
KHJlY29tbWVuZGVkKSIK48SoRurIBAC9AAAAvQAAAP///////wBQ2rU4SQgARQAArwToQABAEXPI
wKgA5v////8CdwJ3AJuv/TkwMGUgMyBpcHA6Ly9sb2NhbGhvc3Q6NjMxL3ByaW50ZXJzL3ByaW50
ZXIgIiIgIkNyZWF0ZWQgYnkgcmVkaGF0LWNvbmZpZy1wcmludGVyIDAuNi54IiAiRXBzb24gU3R5
bHVzIEM0MlVYIEZvb21hdGljL2dpbXAtcHJpbnQtaWpzIChyZWNvbW1lbmRlZCkiCuTEqEYwyAQA
vgAAAL4AAAD///////8AUNq1OEkIAEUAALAE6UAAQBFzxsCoAOb/////AncCdwCcQTk5MDBlIDMg
aXBwOi8vbG9jYWxob3N0OjYzMS9wcmludGVycy9wcmludGVyMSAiIiAiQ3JlYXRlZCBieSByZWRo
YXQtY29uZmlnLXByaW50ZXIgMC42LngiICJFcHNvbiBTdHlsdXMgQzQyVVggRm9vbWF0aWMvZ2lt
cC1wcmludC1panMgKHJlY29tbWVuZGVkKSIKAsWoRkDGBAC9AAAAvQAAAP///////wBQ2rU4SQgA
RQAArwTqQABAEXPGwKgA5v////8CdwJ3AJuv/TkwMGUgMyBpcHA6Ly9sb2NhbGhvc3Q6NjMxL3By
aW50ZXJzL3ByaW50ZXIgIiIgIkNyZWF0ZWQgYnkgcmVkaGF0LWNvbmZpZy1wcmludGVyIDAuNi54
IiAiRXBzb24gU3R5bHVzIEM0MlVYIEZvb21hdGljL2dpbXAtcHJpbnQtaWpzIChyZWNvbW1lbmRl
ZCkiCgPFqEZ+xQQAvgAAAL4AAAD///////8AUNq1OEkIAEUAALAE60AAQBFzxMCoAOb/////AncC
dwCcQTk5MDBlIDMgaXBwOi8vbG9jYWxob3N0OjYzMS9wcmludGVycy9wcmludGVyMSAiIiAiQ3Jl
YXRlZCBieSByZWRoYXQtY29uZmlnLXByaW50ZXIgMC42LngiICJFcHNvbiBTdHlsdXMgQzQyVVgg
Rm9vbWF0aWMvZ2ltcC1wcmludC1panMgKHJlY29tbWVuZGVkKSIKFsWoRnodDAA8AAAAPAAAAP//

/////wBQ2rU4SQgGAAEIAAYEAAEAUNq1OEnAqADmAAAAAAAAwKgAAQAAAAAAAAAAAAAAAAAAAAAA


ACHFqEbsswQAvQAAAL0AAAD///////8AUNq1OEkIAEUAAK8E7EAAQBFzxMCoAOb/////AncCdwCb
r/05MDBlIDMgaXBwOi8vbG9jYWxob3N0OjYzMS9wcmludGVycy9wcmludGVyICIiICJDcmVhdGVk
IGJ5IHJlZGhhdC1jb25maWctcHJpbnRlciAwLjYueCIgIkVwc29uIFN0eWx1cyBDNDJVWCBGb29t
YXRpYy9naW1wLXByaW50LWlqcyAocmVjb21tZW5kZWQpIgoixahGPLMEAL4AAAC+AAAA////////
AFDatThJCABFAACwBO1AAEARc8LAqADm/////wJ3AncAnEE5OTAwZSAzIGlwcDovL2xvY2FsaG9z
dDo2MzEvcHJpbnRlcnMvcHJpbnRlcjEgIiIgIkNyZWF0ZWQgYnkgcmVkaGF0LWNvbmZpZy1wcmlu
dGVyIDAuNi54IiAiRXBzb24gU3R5bHVzIEM0MlVYIEZvb21hdGljL2dpbXAtcHJpbnQtaWpzIChy
ZWNvbW1lbmRlZCkiCg==



--Boundary-00=_kkMqGHLZPqZkLVm--


Do you need more help?X

Date: Thu, 26 Jul 2007 12:23:23 -0400


From: Douglas Allan Tutty <dtutty@porchlight.ca>
To: debian-user@lists.debian.org


Subject: why do iceweasel et al have more frequent security issues?

Message-ID: <20070726162323.GA8760@titan>
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline


It seems that the mozilla-derived browsers have security issues
requiring updates far more frequently than other browsers like Konqueror
or links2.



I'm curious as to why this is.  Does anyone have any ideas?  



I'm on dialup and switched to Konq for this very reason but sometimes I
have a website that doesn't work and its handy to see if iceweasel will
view it.  (so far the only one is the adobe flashplayer test page).



Doug.



Date:  Thu, 26 Jul 2007 12:24:34 -0400


From: Kamaraju S Kusumanchi <kamaraju@bluebottle.com>
To: debian-user@lists.debian.org


Subject:  Re: How Debian BTS and its tools can be improved (user poll).

Message-ID:  
Content-Type:  text/plain; charset=us-ascii
Content-Transfer-Encoding:  7Bit

> What, on your opinion, can be done better in Debian BTS, reportbug?
> 
> Why do you think it's better than current approach (if exists)?
> 
> What can you do to help with that?
> 
  1.   In http://www.debian.org/Bugs/ , I would like to see an option to search
just within the title of the bug reports.

  
  2.   If I report a bug, I would automatically like to be subscribed to it so
that I receive all the future communications. Currently let's say I report
a bug. Then if the maintainer replies only to the bug report, I have no way
of knowing about it unless I manually subscribe to that bug number.
Manually subscribing to each bug report you submit is tiresome.

  
  3.   If I report a bug, I want to see it immediately in bugs.debian.org and
not after some 20 minutes delay. (that's way it works with other bug
reporting systems, ex:- kde, gcc bug reporting systems)



Can we help you?X

Those are my only complaints. Otherwise BTS is just great.



raju


-- 
Kamaraju S Kusumanchi
http://www.people.cornell.edu/pages/kk288/http://malayamaarutham.blogspot.com/

Date: Thu, 26 Jul 2007 19:13:48 +0200
From: Mathias Brodala <info@noctus.net>
To: debian-user@lists.debian.org
Subject: Re: why do iceweasel et al have more frequent security issues?
Message-ID: <46A8D64C.8060705@noctus.net>
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="------------enig6FCB804BF721FDB9B176DE88"

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig6FCB804BF721FDB9B176DE88
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi Douglas.

Douglas Allan Tutty, 26.07.2007 18:23:

> It seems that the mozilla-derived browsers have security issues
> requiring updates far more frequently than other browsers like Konquero=

r

> or links2.


Aside from the fact that one software really can be more secure than anot=
her one
is this the result of an increased usage. The more people use Gecko brows=
ers,
the more bugs can be found willingly or unwillingly. And the more people =
use
Gecko browsers, the more lucrative is it to find security holes and damag=
e
systems this way.


Regards, Mathias


--=20
debian/rules


--------------enig6FCB804BF721FDB9B176DE88
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGqNZMYfUFJ3ewsJgRArpWAKCIA2ZjbiIiJkvbzz/ahmUq+Ru8JwCeNi7g
AvEKIgtqyNtbj6oC9PHP+hU=
=0Lzm
-----END PGP SIGNATURE-----

--------------enig6FCB804BF721FDB9B176DE88--



Date: Thu, 26 Jul 2007 11:40:47 -0500
From: John Hasler <jhasler@debian.org>
To: debian-user@lists.debian.org
Subject: Re: why do iceweasel et al have more frequent security issues?
Message-ID: <87tzrrxgmo.fsf@toncho.dhh.gt.org>
Content-Type: text/plain; charset=us-ascii

Doug writes:

> It seems that the mozilla-derived browsers have security issues requiring
> updates far more frequently than other browsers like Konqueror or links2.

> I'm curious as to why this is.  Does anyone have any ideas? 


How many people are looking for holes in Konq or Links2? 
-- 
John Hasler



Date: Thu, 26 Jul 2007 13:17:25 -0400
From: Hal Vaughan <hal@thresholddigital.com>
To: debian-user@lists.debian.org
Subject: Where is Lame in Sarge?
Message-Id: <200707261317.26027.hal@thresholddigital.com>
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

I have a server running Sarge.  I tried to find lame and got this:

[root@mainserver:root]$ aptitude show lame
Package: lame
State: not a real package

This was after trying to install it just by the name "lame."  Then I did 
this:

[root@mainserver:root]$ aptitude search lame
p  flamethrower - Multicast file distribution utility
c  glame - versatile audio processor
v  lame -
p  systemimager-server-flamethrowerd - SystemImager boot binaries for
	 i386 client nodes
p   toolame - MPEG-1 layer 2 audio encoder

(Extra spaces removed.)

Neither toolame or glame provide lame itself.  It's LPGL, does that 
create a conflict with Debian's social contract?

Do I have to go out of the repositories to add lame?

Thanks!

Hal



Date: Thu, 26 Jul 2007 13:21:06 -0400
From: Celejar <celejar@gmail.com>
To: debian-user <debian-user@lists.debian.org>
Subject: Re: [Solved] XKB broken
Message-Id: <20070726132106.52331001.celejar@gmail.com>
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

On Thu, 26 Jul 2007 02:52:15 -0400
I wrote:

[snipped lots of hair pulling over my mysterious and unreproducible broken xkb system]

Solved !!!

/var was full.  I thought I had told aptitude to remove obsolete
packages from the cache, but the option was somehow unselected.
'aptitude auto-clean' freed about 1.6 GB.  I seem to remember seeing
somewhere that a full var can cause strange problems; I've learned the
hard way, and I don't think I'll forget this too quickly.

I found, by googling for the "bad length in CompatMap" message, the
answer on a thread on a German forum [0], and very helpfully translated
by Google, too.

Thanks, Florian.

[0] http://www.linuxforen.de/forums/showthread.php?t=210862

Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator



Date: Thu, 26 Jul 2007 11:17:27 -0500
From: "Mumia W.." <paduille.4061.mumia.w+nospam@earthlink.net>
To: Debian User List <debian-user@lists.debian.org>
Subject: Re: How to generate script with Apache and run it by root avoiding
 to "kill" security
Message-ID: <46A8C917.3090200@earthlink.net>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

On 07/26/2007 10:18 AM, Guillermo Garron wrote:

> Hi List,
> 
> I am creating a PHP small program that will interact with MySQL and
> will have the policies for the people in my office, i.e.:
> Who can or can not access MSN messenger
> Who can or can not access WWW
> 
> etc. once this is stored, a shell script with the iptables rules
> should be created, and then run.
> 
> I do not want to run it with Apache, so I was thinking on creating a
> CRON job that will run it as root once every n minutes, but the issue
> i see here, is that if somebody "break" my Apache security he will be
> able to create any script he likes and my CRON will run it, killing my
> server security.
> 
> any better ideas about how can I achieve my goal?
> 
> thanks in advance.
> 
> best regards.
> 


It depends upon how simple the iptables rules are meant to be; however, 
you can let the web script write a list of port numbers to disk, and the 
cron-job could take that list, validate it, and convert it to a list of 
iptables rules.

The validation done by the cron-job would be the key security effort.

HTH



Date: Thu, 26 Jul 2007 20:18:52 +0200
From: Mathias Brodala <info@noctus.net>
To: debian-user@lists.debian.org
Subject: Re: why do iceweasel et al have more frequent security issues?
Message-ID: <46A8E58C.8070705@noctus.net>
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="------------enigB5A8096E597F4CE109F3B78A"

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigB5A8096E597F4CE109F3B78A
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi Douglas.

Douglas Allan Tutty, 26.07.2007 20:06:

> On Thu, Jul 26, 2007 at 07:13:48PM +0200, Mathias Brodala wrote:
>> Douglas Allan Tutty, 26.07.2007 18:23:
>>> It seems that the mozilla-derived browsers have security issues
>>> requiring updates far more frequently than other browsers like Konque=

ror

>>> or links2.
>> Aside from the fact that one software really can be more secure than a=

nother one

>> is this the result of an increased usage. The more people use Gecko br=

owsers,

>> the more bugs can be found willingly or unwillingly. And the more peop=

le use

>> Gecko browsers, the more lucrative is it to find security holes and da=

mage

>> systems this way.
>=20
> So this suggests that its a tradeoff: more users of Gecko means more
> people reporting bugs and therefore more bug fixes but also a more
> lucrative target for security threats; Konq may have more undiscovered
> security holes but they are undiscovered both by bug fixers and securit=

y

> threats? =20
>=20
> Is this the gist of the situation?


Basically, yes.


Regards, Mathias

--=20
debian/rules


--------------enigB5A8096E597F4CE109F3B78A
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGqOWMYfUFJ3ewsJgRAqL/AJ4sfjr5jmDyIGM3f512FQ8jYRvAEQCcCNM6
qJVpFv81YAyYO8a7m1Kt5/I=
=MBTF
-----END PGP SIGNATURE-----

--------------enigB5A8096E597F4CE109F3B78A--


Can't find what you're looking for?X

Date: Thu, 26 Jul 2007 14:20:21 -0400
From: Joey Hess <joeyh@debian.org>
To: debian-user@lists.debian.org
Subject: Re: How Debian BTS and its tools can be improved (user poll).
Message-ID: <20070726182021.GA15025@kitenet.net>
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="mYCpIKhGyMATD0i+"
Content-Disposition: inline

--mYCpIKhGyMATD0i+
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Kamaraju S Kusumanchi wrote:

> 1) In http://www.debian.org/Bugs/ , I would like to see an option to sear=

ch

> just within the title of the bug reports.


In my experience, the titles of bug reports are often useless.

There is, however, a full-text search of the BTS available here:
http://merkel.debian.org/~don/cgi/search.cgi
> 2) If I report a bug, I would automatically like to be subscribed to it so
> that I receive all the future communications. Currently let's say I report
> a bug. Then if the maintainer replies only to the bug report, I have no w=

ay

> of knowing about it unless I manually subscribe to that bug number.
> Manually subscribing to each bug report you submit is tiresome.


I agree.


> 3) If I report a bug, I want to see it immediately in bugs.debian.org and
> not after some 20 minutes delay. (that's way it works with other bug
> reporting systems, ex:- kde, gcc bug reporting systems)


Well, it used to be an average of a 15 minute delay. Now the average is
2 minutes.

--=20
see shy jo

--mYCpIKhGyMATD0i+
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGqOXld8HHehbQuO8RAj23AKDsLkZuSKdAqktdpcwh4jZr4EmPZACfWqw0
rfg3qHNpJpCvlLvNGyfq8ws=
=my69
-----END PGP SIGNATURE-----

--mYCpIKhGyMATD0i+--



Date: Thu, 26 Jul 2007 14:06:11 -0400
From: Douglas Allan Tutty <dtutty@porchlight.ca>
To: debian-user@lists.debian.org
Subject: Re: why do iceweasel et al have more frequent security issues?
Message-ID: <20070726180611.GA10268@titan>
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Thu, Jul 26, 2007 at 07:13:48PM +0200, Mathias Brodala wrote:

> Douglas Allan Tutty, 26.07.2007 18:23:
> > It seems that the mozilla-derived browsers have security issues
> > requiring updates far more frequently than other browsers like Konqueror
> > or links2.
> 
> Aside from the fact that one software really can be more secure than another one
> is this the result of an increased usage. The more people use Gecko browsers,
> the more bugs can be found willingly or unwillingly. And the more people use
> Gecko browsers, the more lucrative is it to find security holes and damage
> systems this way.


So this suggests that its a tradeoff: more users of Gecko means more
people reporting bugs and therefore more bug fixes but also a more
lucrative target for security threats; Konq may have more undiscovered
security holes but they are undiscovered both by bug fixers and security
threats?  

Is this the gist of the situation?

Doug.



Date: Wed, 25 Jul 2007 16:42:46 -0700
From: Andrew Sackville-West <andrew@farwestbilliards.com>
To: debian-user@lists.debian.org
Subject: Re: what is this in tcpdump?
Message-ID: <20070725234246.GE4520@localhost.localdomain>
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="jTMWTj4UTAEmbWeb"
Content-Disposition: inline

--jTMWTj4UTAEmbWeb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jul 25, 2007 at 04:23:27PM -0700, David Brodbeck wrote:

>
> On Jul 25, 2007, at 3:47 PM, Andrew Sackville-West wrote:
>
>> I get a lot of these in my tcpdump on my machine:
>>
>> 15:45:47.427003 IP basement.ipp > 192.168.1.31.ipp: UDP, length 129
>> 15:45:48.427004 IP basement.ipp > 192.168.1.31.ipp: UDP, length 167
>>
>> 192.168.1.31 is my broadcast address, and basement is me. They usually
>>           come in pairs like this, though sometimes split up by other
>>           traffic. Always, though, its one of length 129 and one of
>>           167
>
> IPP is Internet Printing Protocol.  My guess is CUPS is probably set to=

=20

> broadcast to other systems so they can automatically discover printers.



doh. thanks. I knew it was something like that...=20

I had some spurious net traffic today on my local machine which has a
couple ports forwarded to it. I had the torrent ports still open from
downloading an RMS talk the other day, and it was causing all sorts of
activity. The short of it is, I ended up watching my tcpdump for a
while and... well, you start to freak out about stuff...

A

--jTMWTj4UTAEmbWeb
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGp9/2aIeIEqwil4YRAqpLAJ9nCuOaJrEAJGKijrHHJl1PCYHpugCgiBqr
6SXACrvYqOEWPlpJ3xDRkW0=
=KApP
-----END PGP SIGNATURE-----

--jTMWTj4UTAEmbWeb--



Date: Wed, 25 Jul 2007 19:41:42 -0700
From: Andrew Sackville-West <andrew@farwestbilliards.com>
To: debian-user@lists.debian.org
Subject: Re: Cron and mail
Message-ID: <20070726024142.GF4520@localhost.localdomain>
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="mrJd9p1Ce66CJMxE"
Content-Disposition: inline

--mrJd9p1Ce66CJMxE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Wed, Jul 25, 2007 at 11:00:36PM -0300, Sergio Belkin wrote:

> Hi
> Non-root users are not getting information mail about scheduled tasks.
> I've included the line MAIL=joendoe in jondoe user. Task are performed
> but users are not notified.
>
> I am using Etch and exim4. What's wrong with this?


per

man 5 crontab

you should use MAILTO=jondoe not MAIL

A

--mrJd9p1Ce66CJMxE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGqAnmaIeIEqwil4YRAjHHAJ9xoNbJai4AeFWoB+ekLSLInprE3ACgnivx
7tqw26MSfyP8gbnRvqKuI3g=
=kQnN
-----END PGP SIGNATURE-----

--mrJd9p1Ce66CJMxE--



Date: Wed, 25 Jul 2007 19:51:52 -0700
From: Andrew Sackville-West <andrew@farwestbilliards.com>
To: debian-user@lists.debian.org
Subject: Re: adduser kills sound pt. 3
Message-ID: <20070726025152.GG4520@localhost.localdomain>
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="m0vRWufqUC70IDnR"
Content-Disposition: inline

--m0vRWufqUC70IDnR
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jul 25, 2007 at 09:46:15PM -0400, Rick Spillane wrote:

> OK. So I investigated what statoverride is, and its a list of names
> that can be used to install packages under. I checked
> /var/lib/dpkg/statoverride, and it seems as though there is indeed a
> name 'root' in there, thus doubling my confusion. My guess is that the
> there was once a root group in /etc/group, however it is no longer
> there (I checked). Could someone post an /etc/group so I can try to
> piece back together my /etc/group? I think this is the core of my
> problems.


I think it might be better, next time, if you post your part 2's and
part 3' as replies to the original thread...

okay. Its a little confusing, but it sounds like you are using some
gui interface to add users but its crashing, right? I would think that
could definitely corrupt your /etc/group as there is usually a group
created for each user... I recommend you _not_ use a gui to add users
and instead use adduser from the cli. Also you should probably scan
the bugs of the gui you've been using and see if you problem has been
reported or not and whether the corrupting of /etc/group is included
in such a reprot, if it exists. If there is no report, then probably
you should make one.=20

There could be other problems... if the group file is corrupted, some
of the other user related files may be corrupted as well... such as
your /etc/passwd or /etc/shadow... I recommend you don't reboot until
you've verified that those files are okay...

finally, here is my /etc/group if it helps...

I'm not sure whether you should just recreate it in an editor or
actually use one of the tools like addgroup to recreate it. and I
surely have things you don't have and vice versa

A


cat /etc/group

root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:cupsys
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:andrew,cupsys
fax:x:21:
voice:x:22:
cdrom:x:24:andrew
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:andrew
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:andrew
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:andrew
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:
ssh:x:103:
andrew:x:1000:
lpadmin:x:104:andrew
messagebus:x:105:
powerdev:x:107:
camera:x:108:
scanner:x:109:cupsys
saned:x:110:
haldaemon:x:106:
ntpd:x:111:
stb-admin:x:112:
avahi:x:113:
netdev:x:114:
vde2-net:x:115:

--m0vRWufqUC70IDnR
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGqAxIaIeIEqwil4YRAtq4AJ4iBA7SRxptojqL6ZVNoHxxb5A+DQCg5Gdp
xbOGtCONV9PLBEpKMN8isT4=
=YvtL
-----END PGP SIGNATURE-----

--m0vRWufqUC70IDnR--



Date: Thu, 26 Jul 2007 10:22:33 -0700
From: Andrew Sackville-West <andrew@farwestbilliards.com>
To: debian-user@lists.debian.org
Subject: Re: what is this in tcpdump?
Message-ID: <20070726172233.GJ4520@localhost.localdomain>
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="tAmVnWIZ6lqEAvSf"
Content-Disposition: inline

--tAmVnWIZ6lqEAvSf
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Jul 26, 2007 at 06:17:40PM +0200, Nigel Henry wrote:

> On Thursday 26 July 2007 00:47, Andrew Sackville-West wrote:
> > I get a lot of these in my tcpdump on my machine:
> >
> > 15:45:47.427003 IP basement.ipp > 192.168.1.31.ipp: UDP, length 129
> > 15:45:48.427004 IP basement.ipp > 192.168.1.31.ipp: UDP, length 167
> >
> > 192.168.1.31 is my broadcast address, and basement is me. They usually
> >           come in pairs like this, though sometimes split up by other
> >           traffic. Always, though, its one of length 129 and one of
> >           167
> >
> > A
>=20
> Hi Andrew. It looks like these are just broadcasts from your print server=

=2E The=20

> difference in packet size seems to indicate that you have 2 printers. I h=

ave=20

> 2 broadcasts every 30 secs. One is 189bytes, and the other 190bytes. I on=

ly=20

> have one printer. Printer1 on the Wireshark output attached should not be=

=20

> there, and will have to look into that, and get rid of the duplicated ent=

ry.


hmmm... maybe my fax printer is shared too...

thanks

A

--tAmVnWIZ6lqEAvSf
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGqNhZaIeIEqwil4YRAgjlAKCOCvfr/MVrdvrhWTlqGmmBO+JqhACgshow
OhmryDONr4nN7B0B3szsbkk=
=ji9l
-----END PGP SIGNATURE-----

--tAmVnWIZ6lqEAvSf--

End of debian-user-digest Digest V2007 Issue #2028
**************************************************

Received on Thu Jul 26 14:40:29 2007

This archive was generated by hypermail 2.1.8 : Thu Aug 09 2007 - 19:05:30 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library