> Date: Tue, 11 Jul 2006 09:20:26 +0800
> From: zHihaO <zhihao (at) root (dot) sg [email concealed]>
> To: focus-linux (at) securityfocus (dot) com [email concealed]
> Subject: Re: smtp proxy that takes in smtp auth?
>
> i'm looking at this senario :
>
> we have got a lot of clients in china who have problems connecting to
> our servers locally. For so

[ more ]  [ reply ]

Hi list,

does anyone knows of a good software that works like perdition, but for
SMTP? the ideal software will be a service running on port 25, listens
for smtp connections, takes in the email user id and password, forwards
the user credentials to the correct server based on a database lookup
a

[ more ]  [ reply ]

Hi all,

I'm in a sticky situation now because of the filtering of internet
traffic out from China. Our users in china have got alot of problems
connecting to our servers here to pop their emails and as a result, we
have to get a server up in a datacentre in china and setup ssh port
forwarding o

[ more ]  [ reply ]

Hi all,

I have been discussing Linux's security at a more profound level, and I would like any security expert's input on the discussion. This discussion is quite in-depth, as it deals more with reference monitors, SELinux's implementation, LIDS, permissions, privileges and ACLs, and other featu

[ more ]  [ reply ]

OSSEC HIDS is an Open Source Host-based Intrusion
Detection System. It performs log analysis, integrity
checking, rootkit detection, time-based alerting and
active response.
It runs on most operating systems, including Linux,
OpenBSD, FreeBSD, Solaris and Windows.

This is the first version off

[ more ]  [ reply ]

The following interview was published on SecurityFocus today:

The quest for ring 0
interview by Federico Biancuzzi
2006-05-10

Federico Biancuzzi interviews French researcher Loïc Duflot to learn more about
the System Management Mode attack, how to mitigate it, what hardware is
vulnerable, and wh

[ more ]  [ reply ]

Hello, I am looking for a CMS that uses a linux server for indexing. It
will be utilized within a medical setting so strong, flexible ACLs are a
must. Also file conversion tools (to allow us to use handhelds to view
word docs and such as HTML) would be good. We do not want to spend more
then 10

[ more ]  [ reply ]

That sounds awesome, mind showing your work as I would be very interested in seeing how well your script work. It would be great to implement that in my work center.

Thanks

[ more ]  [ reply ]

Hello, all.

As you know, /dev/shm is 1777 and attackers used to write his backdoors at
that directory.
So I have saw the partition for some time and I can't see any creation of
the files.
So I changed this permission to 755, and there was no problem.

1. What's the role of the /dev/shm?
shm me

[ more ]  [ reply ]

Thanks for all the answers!
I'v started making a script for doing this in bash (ye, not perl!).
The script will first collect all the iptables-save from a couple of
servers, sort out dublicates, sort out ips that is whitelistet (if
any) and then dist the rules with ssh and public key and the ssh
com

[ more ]  [ reply ]

I am not sure if this is exactly what you want: It is an extention to iptables to allow syncing of rules and state tables (if you use it statefull) for HA firewalls.
I haven't tested it.

Unfortunately the article is on German. Maybe there is an English translation in the US version of the magazin o

[ more ]  [ reply ]