Linux Intrusion Detection System

info | 1 May 2005 05:27

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20

campbellm | 2 May 2005 03:36

Picon

Picon

Issue with passing LD variables (LD_ASSUME_KERNEL=2.4.1)

Hi,

I was wondering what LIDS capability blocks passing env variables such
as LD_ASSUME_KERNEL to programs. When I run 'iptables -L' to list my
firewall rules, I get the following error:

May  2 11:33:47 cpanel3 kernel: LIDS:  bash (dev 3:1 inode 128014) pid
817 ppid 17363 uid/gid (0/0) on (pts) : Attempt to give
[LD_ASSUME_KERNEL=2.4.1] to privileged program /sbin/iptables (dev 3:1
inode 16115)

This variable is set in my bash environment.

I have tried enabling CAP_SYS_ADMIN and CAP_SETUID but neither of these
allow it. Does anyone know what capability in LIDS blocks passing such a
variable? 

Cheers,

Campbell

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20

info | 2 May 2005 05:23

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20

Yusuf Wilajati Purna | 2 May 2005 09:20

Picon

Re: Issue with passing LD variables (LD_ASSUME_KERNEL=2.4.1)

Hi,

> May  2 11:33:47 cpanel3 kernel: LIDS:  bash (dev 3:1 inode 128014) pid
> 817 ppid 17363 uid/gid (0/0) on (pts) : Attempt to give
> [LD_ASSUME_KERNEL=2.4.1] to privileged program /sbin/iptables (dev 3:1
> inode 16115)
> 
> This variable is set in my bash environment.
> 
> I have tried enabling CAP_SYS_ADMIN and CAP_SETUID but neither of these
> allow it. Does anyone know what capability in LIDS blocks passing such a
> variable? 

Try to enable CAP_SYS_PTRACE.

Regards,
purna

--

-- 
Yusuf Wilajati Purna <ywpurna <at> users.sourceforge.net>
1024D/7354A078
Key fingerprint = 7F4F 8433 C65F 3502 BC93  F529 BFDE F939 7354 A078

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20

info | 3 May 2005 20:23

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20

James Z. Li | 3 May 2005 05:24

Picon

Re: catnot open /proc/sys/lids/locks

I met the same problem a couple of times. You can try:
First, rebuild the kernel and re-install lids-tools. 
BEFORE reboot your machine, please do:
enable all capabilities in lids.cap and lids.boot.cap
remove all configurations in lids.conf and lids.boot.conf
set  ACL_DISCOVERY=1  in lids.ini
Finally, you reboot the machine.
Hopefully,  "lidsadm -I" and "lidsadm -S  ..." will not prompt 
that open lock error

James

On 4/27/05, dreamping shao <dreamping.shao <at> gmail.com> wrote:
> i have installed lids2.2.6.1 without outputing error,
> after rebooting the computer,
> i can't see any files in /boot except kernel.h
> i think it indicate that lids is active,
> but why i can enter /etc/lids?
> also ,when i command:
> #lidsadm -S -- +LIDS  or
> #lidsadm -S -- -LIDS
> there are the same errors ,
> SWITCH
> open: No such file or directory
> lidsadm : cannot open /proc/sys/lids/locks
> 
> -------------------------------------------------------
> SF.Net email is sponsored by: Tell us your software development plans!
> Take this survey and enter to win a one-year sub to SourceForge.net
> Plus IDC's 2005 look-ahead and a copy of this survey

(Continue reading)

info | 4 May 2005 05:20

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20

root | 4 May 2005 22:10

Picon

Problemas com o e-mail

O email madmax <at> radmin.com nao existe no servidor.

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20

info | 5 May 2005 05:20

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20

root | 5 May 2005 15:48

Picon

Problemas com o e-mail

O email jim <at> xnet.ro nao existe no servidor.

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20

Group

gmane.linux.lids.

Advertisement

Project Web Page

Linux Intrusion Detection System

Search Archive

Page

1 | 2 | 3 | 4 | 5 | 6

Articles in period: 53

May 2005

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane

Recent entries

纪梵希焕颜美肌——分享心得，赢取第二套试用 (19 Jun 2013)
[SPAM] 财富688投资美股6大优势，美股0开户费投资无忧 (19 Jun 2013)
(no subject) (7 Jun 2013)
[SPAM] FT中文网Lex专栏：微信推高腾讯股价 (1 Jun 2013)
[SPAM] 部门主管管理技能提升 (1 Jun 2013)
企业绩_效考核与薪_酬体系设计【上海】【深� (31 May 2013)
[SPAM] lids-user产品经理的野蛮成长19:50:56 (30 May 2013)
[SPAM] lids-user，成为上司的得力助手50044 (29 May 2012)
[SPAM] DISTRIBUTION DE FLYERS (28 May 2013)
FT中文网Lex专栏：微信推高腾讯股价 (28 May 2013)
[SPAM] 最后一周预订抢鲜！山东烟台大樱桃自家种植！ (27 May 2013)
[SPAM] 最后一周预订抢鲜！山东烟台大樱桃自家种植� (26 May 2013)
[SPAM] lids-user：研发类课程系列448994 (24 May 2013)
[SPAM] 远亲不如近邻，圈圈猫帮你发现身边的惊喜！ (24 May 2013)
[SPAM] Lisa试用期最后1天辞退员工，企业赔偿的概率非� (24 May 2013)
[SPAM] 专业PPT与Excel使用 (24 May 2013)
[SPAM] 真皮沙发5折抢 (23 May 2013)
[SPAM] Migrez vers la vitesse supérieure ! (22 May 2013)
[SPAM] lids-user：大客户营销管理437283 (22 May 2013)
[SPAM] lids-user：营销数据分析437214 (22 May 2013)
[SPAM] 粒粒精心清晨采摘绿色无公害快来预订吧最 (22 May 2013)

Archives

18	June 2013
50	May 2013
36	April 2013
32	March 2013
12	February 2013
20	January 2013
22	December 2012
27	November 2012
20	October 2012
10	September 2012
17	August 2012
16	July 2012
20	June 2012
11	May 2012
7	April 2012
21	March 2012
3	February 2012
7	January 2012
8	December 2011
2	October 2011
4	September 2011
1	August 2011
3	July 2011
1	May 2011
13	April 2011
5	March 2011
7	February 2011
3	January 2011
5	December 2010
1	October 2010
16	September 2010
27	August 2010
31	July 2010
52	June 2010
49	May 2010
25	April 2010
15	March 2010
7	February 2010
19	January 2010
22	December 2009
9	November 2009
18	October 2009
14	September 2009
18	August 2009
28	July 2009
24	June 2009
40	May 2009
19	April 2009
12	March 2009
17	February 2009
5	January 2009
40	December 2008
4	November 2008
16	October 2008
25	September 2008
15	August 2008
11	July 2008
3	June 2008
14	May 2008
12	April 2008
2	March 2008
5	February 2008
9	January 2008
6	December 2007
8	November 2007
24	October 2007
17	September 2007
19	August 2007
22	July 2007
10	June 2007
5	May 2007
4	April 2007
1	March 2007
6	February 2007
4	January 2007
13	December 2006
17	November 2006
1	October 2006
3	September 2006
1	August 2006
5	July 2006
9	June 2006
11	May 2006
7	April 2006
9	March 2006
12	February 2006
20	January 2006
15	December 2005
12	November 2005
10	October 2005
27	September 2005
13	August 2005
5	July 2005
51	June 2005
53	May 2005
53	April 2005
35	March 2005
43	February 2005
44	January 2005
43	December 2004
25	November 2004
37	October 2004
40	September 2004
74	August 2004
35	July 2004
50	June 2004
31	May 2004
46	April 2004
69	March 2004
27	February 2004
16	January 2004
35	December 2003
27	November 2003
30	October 2003
30	September 2003
34	August 2003
52	July 2003
39	June 2003
6	May 2003
1	November 2002
4	January 2002

Design

Zawodny | Right Menu | Left Menu

Your Own Design

Paste the URL of your CSS below. Download CSS template