| |
| |
| |
|
Page: 1 2 3 4 5 6 7
Comments:
<0> no more hunting down rpms and getting pissed off when they break all the time. Now you have ebuilds that install alot smarter.
<0> and you can use real words like --pretend to see what dependecies will also be built. I forget what the rpm equivlent is
<0> what was it "rpm -d" or something?
<0> tell me quazx
<1> don;t got the question
<1> what??
<1> man you choose a distro for a purpose
<1> me slack serves me better
<1> maybe other debian
<1> now i need onlye a routing maybe an advance routing later, a redirect
<1> easy stuff
<1> an apche
<1> an email server
<1> an irc server
<1> why to booter instaling gentoo when slack does it very good and is very easy to install it
<1> just to brag that i have gentoo
<0> same here I got apache, postfix, qpopper,ssh,bind(for name caching),proftpd, telnetd(Shh don't tell anyone).
<0> I'm not here for bragging writes. But I did want a system that would force me to learn linux more
<1> good for you
<1> i cand aford to loose to much time
<0> sorry to here that.
<0> you sound like a canidate for knoppix
<0> :)
<0> for real though go ask in #linux. Be sure to give them your slackware rules comments too.
<2> I just picked a very drunk irish bloke up
<1> crc
<1> anywaay
<1> a lot of talk for nothing
<1> instead of talking which is the best bla bla
<1> maybe we resolved thata redirect problem
<1> and the gentoo rules
<1> :D
<0> I'm cool.
<0> Just playing with python.
<0> I wasn't realy arguing.
<1> i know
<1> but indeed a waste a precious time
<1> and here are minus 20 degress
<1> i'm freezing
<0> I don't want to touch ipchains untill I get some real documentation on it.
<0> :(
<1> c;mon didn't you redirect a simple port to an internal machine?
<1> i can't believe this
<0> I really hate it when I see documentation that read "ok configer foobar.conf to your likeing and type /etc/init.d/foobar
<0> QuazX yea with an actual NAT router. I've never placed a linux machine directly on the edge of a network.
<0> not sure If I'm comfterbal with any kind PC running at the edge.
<1> :D
<0> I like straight hardware sitting at the edge.
<1> what you thing it'll get fire if i put a command line?
<1> cmon man
<0> no, I know that its based on smaller code thats harder to exploit vs a computer with nearly bottemless memory running a ton of code.
<0> And besides your the one with the iptable issue not me.
<0> explain the whole iptables things to me.
<0> or at least point me to good documentation on it.
<3> Aren't you glad that emacs autosaves?
<0> yea autosaves save your ***
<3> Power just went.
<4> went where?
<3> Out.
<4> sooo go get it
<3> Yeah, it came back.
<4> better tie it down this time
<4> im goin to watch the office
<0> how do you watch an office?
<0> you at work?
<1> apache work only tcp? or i must make rules for the udp as well?
<0> tcp
<0> only with tcp I mean
<0> don't forget to forward 443 if your useing https
<0> use ethereal to see whats really happening.
<1> i tried
<1> tcp
<1> udp
<1> forward
<1> input
<1> all togheter
<1> DNAT
<5> you can't watch it
<1> my rc.local
<1> is a mess
<5> they use switch
<5> so unless you are on the server there is "no" way
<0> I'm saying run ethereal on the machine thats doing all the forwarding to see if the port numbers are actually being changed.
<0> I'm not talking about spying on other nodes. ;)
<1> i ran iptables -L
<5> QuazX: are you on the server?
<0> besides he can still mac flood if he want to spy on switches.
<1> my machine accept all the input and all the forward statement
<5> crc: not all switch will work well with that attack
<1> the secon machine as well
<1> a****aka
<1> yes i am
<5> QuazX: ettercap
<0> I'm sure his cheap one will
<0> how about arp poisoning
<0> are switches ammume to that too?
<5> it all depend on how they implement everything
<5> and the buffer size and all
<0> I doubt the switch even has a spanning tree.
<5> will the switch disable itself when the memrory is full? will it flush the table? will it use a FILA or FIFO queue?
<0> FIFO most likely
<5> don't private QuazX
<0> if the switch turns off its even worse
<0> I wish I had a real switch :(
<5> I wish I had a 1gb switch and a AP
<5> I use my router only for it's switch and wifi
<0> I wish I had a cisco router so I could play with the console to see whats so cool about it.
<6> nothing
<6> it's just obscure/arcane
<6> security through obscurity
<3> Hi lenox.
<6> hi zaei.
<0> Thats what I'm thinking. But they insist people get certified in it.
<6> yep
<3> More money for them.
<5> I don't understand why people all complain about security by obscurity...
<6> i am sure cisco has other stuff going for it
<6> like .. good hardware in general
<0> we complain because cause it doesn't work.
<5> it's a good mesure... but it need other mesure
<7> A****aka: the problem is that if something is obscure to me, i will think it is obscure to everyone else
<6> if it's obscure to the admin, the admin might make a mistake with the rules
<7> just because i don't understand how sendmail works doesn't mean an attacker is too dumb to
<6> and leave a huge gaping hole
<6> for an attacker
<5> some expert say that you shouln't even do that
<7> the problem is 'obscurity' is a relative term
<0> Most people thinking security should be publicly audited and inspected for holes. Security through obscurity just hopes people won't understand enough about the system to attack it.
<5> here I close everything, then hide everthing via iptables
<0> do you have any usefull documents on iptables a****aka?
<0> one that doesn't ***ume I already know what a table or chain is?
<5> crc: security by obscurity is good, it help alot to hide what is really running
<0> are we talking about the same thing?
<6> oh man
<6> i always type in the wrong window :/
<0> Well it doesn't fly with encryption. Its like saying if only I know how the algorithm works no one else can attack it.
<5> i.e. you could run mysql to only accept a connection from one specific host... normally it would deny the connection to all the others... why advertise it? hide it, no one will know that you run mysql so they won't even try...
<0> if your talking about bannerID changing on webservers and hiding version strings then yes its a good thing. But I didn't think that was what they ment by security through obscurity
<0> yea thats fine.
<0> I thought you meant like. My encryption algorithm is secret only to me for that sake of security.
<8> Is 'All' Digital Camera suppose to be compatible ?
<8> strange question
<8> :P
<5> security expert only look at one thing only... obscurity OR configuration OR version OR banner...
<0> theres no mandate for it, but it is the end goal if thats what you mean.
<8> yep like most of everything
<8> :)
<7> version/banner/obscurity don't fall into the same category? :P
<5> no
Return to
#gentoo
or
Go to some related
logs:
#MissKitten
#mirc
#skype
#linux
#AllNiteCafe
linux sata2 raid compatibility list
modprod linux
extazy of gold metallica
aim higher counterstrike cl_bob
#linux
|
|