headers
info | 1 Jun 2005 05:42

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
Permalink | Reply | 0 comments |
headers
Sandrine Tchomdom | 1 Jun 2005 11:06
Picon
Favicon

Security Alerts Again

    Hi again an thank's for the answer.

    I've already gone through that link. It's the one I used to make the 
config of my kernel and everything was ok.
    I read the help given for the different options, but none of them 
mention anything about the security alerts.

    Does it means that we don't have to configure the security alerts for 
kernel 2.6.X? What should I do or where should I go in the system, to get 
security alerts?

>From: Sander Klein <roedie <at> roedie.nl>
>To: Sandrine Tchomdom <stchomdom <at> hotmail.com>
>
>Hi,
>
>the documentation you read is for LIDS for 2.4.X kernels.
>
>Since you are using lids on a 2.6 kernel you should read 
>http://wiki.lids.org/index.php/LIDS_2.2_Installation_Howto
>
>This will take you through the process of installing LIDS.
>
>LIDS for 2.6 kernels has other options then for 2.4 kernels
>
>Greets,
>
>Sander Klein
>
>Sandrine Tchomdom wrote:
(Continue reading)

Permalink | Reply | 4 comments |
headers
Sander Klein | 1 Jun 2005 21:17
Picon

Re: Security Alerts Again

Security alerts are logged to the syslog. So you can see them there. You 
could use a tool like logcheck to get them mailed to you.

There is no security alert through network anymore if that's what you mean.

Greets,

Sander Klein

Sandrine Tchomdom wrote:

>    Hi again an thank's for the answer.
>
>
>    I've already gone through that link. It's the one I used to make 
> the config of my kernel and everything was ok.
>    I read the help given for the different options, but none of them 
> mention anything about the security alerts.
>
>    Does it means that we don't have to configure the security alerts 
> for kernel 2.6.X? What should I do or where should I go in the system, 
> to get security alerts?
>
>> From: Sander Klein <roedie <at> roedie.nl>
>> To: Sandrine Tchomdom <stchomdom <at> hotmail.com>
>>
>> Hi,
>>
>> the documentation you read is for LIDS for 2.4.X kernels.
>>
(Continue reading)

Permalink | Reply | 3 comments |
headers
Sandrine Tchomdom | 1 Jun 2005 21:37
Picon
Favicon

RE: Re: Security Alerts Again

Ok, Now I understand. Thank's a lot. I'll download logcheck tool and see 
what I can do with. Thank's again for all your help.

>From: Sander Klein <roedie <at> roedie.nl>
>To: Sandrine Tchomdom <stchomdom <at> hotmail.com>
>CC: lids-user <at> lists.sourceforge.net
>Subject: [lids-user] Re: Security Alerts Again
>Date: Wed, 01 Jun 2005 21:17:45 +0200
>
>Security alerts are logged to the syslog. So you can see them there. You 
>could use a tool like logcheck to get them mailed to you.
>
>There is no security alert through network anymore if that's what you mean.
>
>Greets,
>
>Sander Klein
>
>Sandrine Tchomdom wrote:
>

_________________________________________________________________
MSN Hotmail : antivirus et antispam intégrés 
http://www.msn.fr/newhotmail/Default.asp?Ath=f

-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
(Continue reading)

Permalink | Reply | 0 comments |
headers
info | 2 Jun 2005 05:29

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
Permalink | Reply | 0 comments |
headers
info | 3 Jun 2005 05:28

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
Permalink | Reply | 0 comments |
headers
Sandrine Tchomdom | 3 Jun 2005 14:05
Picon
Favicon

response to scanning of ports


  Hello, it's me again.

  After what you told me, I tried ta make a scanning of the ports of my 
"LIDS computer". I disabled the firewall (just to see how the logs would 
be), and typed nmap -sS -O -F -PI -PT 193.51.149.46 on another "no lids 
computer"

Then I look at the log of the "lids computer" (/var/log/messages) and I saw 
something like this:
....LIDS: nifd (...) pid....ppid...uid (0/0 NULL tty): violated 
CAP_NET_ADMIN

  I don't understand: is it because of the scanning that I have this 
message? if not, what kind of message should I have had in response to my 
scan?

_________________________________________________________________
MSN Hotmail : antivirus et antispam intégrés 
http://www.msn.fr/newhotmail/Default.asp?Ath=f

-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
Permalink | Reply | 1 comment |
headers
info | 4 Jun 2005 02:37

EMAIL INACTIVO

TELES & PEREIRA, CONSULTADORIA EM TECNOLOGIAS DE INFORMAÇÃO, Lda.

info <at> teles-pereira.com

-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.  How far can you shotput
a projector? How fast can you ride your desk chair down the office luge track?
If you want to score the big prize, get to know the little guy.  
Play to win an NEC 61" plasma display: http://www.necitguy.com/?r=20
Permalink | Reply | 0 comments |
headers
Huagang Xie | 8 Jun 2005 11:10

Re: response to scanning of ports

If you are using LIDS for 2.6, there is no support for port scanner detector.
Only LIDS 1.2 for 2.4 or lower has this capabilities. The reason LIDS for 2.6
do not support port scanner is LIDS using the LSM framework and it do not
have the proper function hook to use to implement the port scan detector. 

huagang
On Fri, Jun 03, 2005 at 01:05:57PM +0100, Sandrine Tchomdom wrote:
> 
>  Hello, it's me again.
> 
>  After what you told me, I tried ta make a scanning of the ports of my 
> "LIDS computer". I disabled the firewall (just to see how the logs would 
> be), and typed nmap -sS -O -F -PI -PT 193.51.149.46 on another "no lids 
> computer"
> 
> Then I look at the log of the "lids computer" (/var/log/messages) and I saw 
> something like this:
> ....LIDS: nifd (...) pid....ppid...uid (0/0 NULL tty): violated 
> CAP_NET_ADMIN
> 
>  I don't understand: is it because of the scanning that I have this 
> message? if not, what kind of message should I have had in response to my 
> scan?
> 
> _________________________________________________________________
> MSN Hotmail : antivirus et antispam intégrés 
> http://www.msn.fr/newhotmail/Default.asp?Ath=f
> 
> 
>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Huagang Xie | 8 Jun 2005 11:28

Who is using LIDS?

Hello,

After several years development on LIDS project, I really want to know who
indeed are using LIDS and how they benefit from LIDS. 

If you know who is using LIDS or you are using LIDS, please drop me an email
on who you are, who is using it and how you are using it and what kind of
problems you are facing and what you will like to see in future LIDS. 

Thanks,
Huagang
Permalink | Reply | 4 comments |

Gmane