[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Issues

To: linuxkb-list@seul.org
Subject: Re: Issues
From: "Aaron D. Turner" <aturner@best.com>
Date: Fri, 15 Jan 1999 12:59:10 -0800 (PST)
In-Reply-To: <19990115091659.B15978@pluto.ashtech.net>
Reply-To: linuxkb-list@seul.org
Sender: owner-linuxkb-list@seul.org

-----BEGIN PGP SIGNED MESSAGE-----



On Fri, 15 Jan 1999, Jason Pincin wrote:

[snip]
 
> > I've given it some thought and done some research.  The good news is that
> > I can't find any 'sploits for the most recent version of bind (8.1.2) and
> 
> I assume that's the version we're running then?  I supose as long as we keep on top

Yes.

> of it... :)  Forgive my paranoia... bind bothers me because it's one of two hacks
> I've ever actually seen done to a box in our network.  :)  As I said above, I'll
> check out the zone files and get back to you on everything... including mx records
> and qmail info.

Understandable.  It's not something I was sure we wanted to do either.
But I looked at some hacker sites and my BugTraq/CERT archives to see if
there was anything for the recent version... all looks ok.  If something
does come out, I'm sure I'll hear about it (I'm subscribed to CERT,
BugTraq, and frequent visitor to freshmeat & rootshell.)

[snip]

 
> > modules I compiled in were usertrack, expires, and cern_meta.  We may
> > never use cern_meta, but expires and usertrack should prove very useful.
> 
> I'm not familiar with any of those modules.

cern_meta allows you to do certain META tags in your HTML to force browser
refreshes, etc.  Expires allows you to expire documents, forcing browsers
to reload the page instead of using the cache.  Usertrack is a built in
way in Apache to use cookies to track users as they go through the site
(like when we talked about people loggin in to submit entries, etc).
 
> > Not right now.  I'm working on getting htdig as it should be.  I take care
> > of named too.  I'm also trying to figure out why Apache doesn't give
> > directory listings in the public_html directories.  That and I picked up
> 
> 'K.  If you need ideas/help on any of that lemme know.  I am going to check out the
> zone files... let ya know about that then.
> 
> > websites via mod_perl.  If people get me IP's/networks I'll stick them in
> > tcp wrappers for ssh.
> 
> OK... here are the networks I need open:
> 199.234.236.0 255.255.255.0
> 199.234.238.0 255.255.255.0
> 199.234.239.0 255.255.255.0
> 
> And here is the static I need:
> 205.166.61.57 255.255.255.255
> 
> All the 199.x.x.x networks are behind a firewall at my employer.  Little danger
> there... Only 199.234.236 above is accesible to dialup customers.  The other two
> are for DHCP fr the workstations here.  
> 
> Please let me know where you'll be placing that file as I'll need to mod it
> eventually for Al.  Thanks.

I'll keep these in my notebook for now.  Until I hear from everyone, I
can't start adding them.  (There's an explicit deny at the end.)


- -- 
Aaron Turner           | Either which way, one half dozen or another. 
aturner@pobox.com      | Check out the Red Hat Linux User's FAQ Online!
www.pobox.com/~aturner | http://www.pobox.com/~aturner/RedHat-FAQ/
All emails from this account are PGP signed.  Lack of a signature is "bad".
PGP Key fingerprint = FB E1 CE ED 57 E4 AB 80  59 6E 60 BF 45 1B 20 E8



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNp+sITM3jpXy1kJtAQHkYQP/RmvReW5AIIERouhjAO/ODpIwa5pCAWoe
ri42FmoQba3Eq+MidqEBwsyXsjBpDXtEhIwxiE3VgEbHxBgltBKlvZJFY8gphxEB
KisiS4RfrJBeshe2nNhY0L5ENwg9BxjF/VilM9N7Fd13RRoQkSgu8e1DAOb7zNYG
RpDZfpFC+/M=
=mM3y
-----END PGP SIGNATURE-----

References:
- Re: Issues
  - From: Jason Pincin <jpincin@ashtech.net>

Prev by Date: Re: WTF?!?
Next by Date: Update: Perl 5.004m4 -> 5.005
Prev by thread: Re: Issues
Next by thread: Re: Issues
Index(es):
- Date
- Thread