From owner-securedistros@nl.linux.org Tue Feb 15 17:46:41 2000 Received: by humbolt.nl.linux.org id ; Tue, 15 Feb 2000 17:44:51 +0100 Received: from pear.napri.sk ([195.146.16.2]:5109 "EHLO marsquake.terminus.sk") by humbolt.nl.linux.org with ESMTP id ; Tue, 15 Feb 2000 17:44:24 +0100 Received: from localhost (root@localhost) by marsquake.terminus.sk (8.9.3/8.9.3) with ESMTP id RAA04130; Tue, 15 Feb 2000 17:38:54 +0100 Date: Tue, 15 Feb 2000 17:38:49 +0100 (CET) From: Milan WWW Pikula To: medusa@medusa.fornax.sk, linux-kernel@vger.rutgers.edu, securedistros@nl.linux.org, bugtraq@securityfocus.com, security@rak.isternet.sk, linux@linux.cz, linux-security@redhat.com Subject: ANNOUNCE: Medusa DS9 security system Message-ID: X-NCC-RegID: sk.napri MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Greetings, I'd like to announce the release of stable version of the security system Medusa DS9. It's purpose is to increase the security of OS Linux. Medusa it one of projects of the Slovak Linux user group (SkLUG). It can be downloaded at http://medusa.fornax.sk/ Medusa consists of two major parts - linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, processes and they implement the communication protocol. Security daemon communicates with the kernel using character device to send and receive "packets". Daemon contains the whole logic and implements the concrete security policy. That means, that medusa can (as opposite to another approaches) implement any model of data protection - it depends only on configuration file, which is in fact an program in the internal programming language, somewhat similiar to C. At the logical level there are these changes: * separation of processes, files and IPC to the independent groups (virtual subsystems) * ability to detect, disable or modify any system call from any process * ability to detect, ... selected "process actions" like sending signals, exec, ... * ability to detect, redirect, ... selected file actions, such as access to the file and so * ability to enforce process to execute an arbitrary code. This feature is usefull to enforce logging drom that process and so. I'd like to answer some of frequently asked questions here: Q what relation is between medusa and capabilities? A medusa SUPPORTS linux capabilities and can test, set or change them. Q how remarkable is the slowdown of this communication between the kernel and user-space daemon in the real usage? A actually it's insensible. medusa was designed with the question of speed in mind, so all informations are stored in kernel. you can specify exactly what actions do you need to be watched. on the real servers with about 50 shell-account users, where we test medusa, is traffic about 11 packets per second or less. the fact that the daemon is in userspace, gives it the comfort in deciding about security reasons and it increases the portability of the whole system. (bsd?:) Q where it works? A linux 2.2.13, 2.2.14, intel. SMP is not fully tested, but it's reported to work. we are working on alpha port and other platforms will follow. Q where can I find more information? A at http://medusa.fornax.sk/ and in ``doc'' subdirectory in the source package. Kind regards, Medusa development team Marek Zelem Martin Ockajak Milan Pikula -- Milan Pikula, WWW. Finger me for Geek Code. http://fornax.elf.stuba.sk/~www, www@fornax.elf.stuba.sk .. dajte mi pevnu linku a pohnem zemegulou .. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Wed Feb 16 13:04:16 2000 Received: by humbolt.nl.linux.org id ; Wed, 16 Feb 2000 13:02:15 +0100 Received: from imap.atlas.cz ([195.119.187.150]:38674 "EHLO smtp.atlas.cz") by humbolt.nl.linux.org with ESMTP id ; Wed, 16 Feb 2000 13:01:40 +0100 Received: from mail pickup service by smtp.atlas.cz with Microsoft SMTPSVC; Wed, 16 Feb 2000 11:44:54 +0100 Received: from rak.isternet.sk ([195.72.0.6]) by smtp.atlas.cz with Microsoft SMTPSVC(5.5.1877.357.35); Tue, 15 Feb 2000 18:00:31 +0100 Received: (from majordomo@localhost) by rak.isternet.sk (8.9.3/8.9.3) id RAA29628 for security-list; Tue, 15 Feb 2000 17:46:00 +0100 X-Authentication-Warning: rak.isternet.sk: majordomo set sender to owner-security@rak.isternet.sk using -f Received: from marsquake.terminus.sk (pear.napri.sk [195.146.16.2]) by rak.isternet.sk (8.9.3/8.9.3) with ESMTP id RAA29621 for ; Tue, 15 Feb 2000 17:45:59 +0100 Received: from localhost (root@localhost) by marsquake.terminus.sk (8.9.3/8.9.3) with ESMTP id RAA04130; Tue, 15 Feb 2000 17:38:54 +0100 Date: Tue, 15 Feb 2000 17:38:49 +0100 (CET) From: Milan WWW Pikula To: medusa@medusa.fornax.sk, linux-kernel@vger.rutgers.edu, securedistros@nl.linux.org, bugtraq@securityfocus.com, security@rak.isternet.sk, linux@linux.cz, linux-security@redhat.com Subject: [security] ANNOUNCE: Medusa DS9 security system Message-ID: X-NCC-RegID: sk.napri MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Greetings, I'd like to announce the release of stable version of the security system Medusa DS9. It's purpose is to increase the security of OS Linux. Medusa it one of projects of the Slovak Linux user group (SkLUG). It can be downloaded at http://medusa.fornax.sk/ Medusa consists of two major parts - linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, processes and they implement the communication protocol. Security daemon communicates with the kernel using character device to send and receive "packets". Daemon contains the whole logic and implements the concrete security policy. That means, that medusa can (as opposite to another approaches) implement any model of data protection - it depends only on configuration file, which is in fact an program in the internal programming language, somewhat similiar to C. At the logical level there are these changes: * separation of processes, files and IPC to the independent groups (virtual subsystems) * ability to detect, disable or modify any system call from any process * ability to detect, ... selected "process actions" like sending signals, exec, ... * ability to detect, redirect, ... selected file actions, such as access to the file and so * ability to enforce process to execute an arbitrary code. This feature is usefull to enforce logging drom that process and so. I'd like to answer some of frequently asked questions here: Q what relation is between medusa and capabilities? A medusa SUPPORTS linux capabilities and can test, set or change them. Q how remarkable is the slowdown of this communication between the kernel and user-space daemon in the real usage? A actually it's insensible. medusa was designed with the question of speed in mind, so all informations are stored in kernel. you can specify exactly what actions do you need to be watched. on the real servers with about 50 shell-account users, where we test medusa, is traffic about 11 packets per second or less. the fact that the daemon is in userspace, gives it the comfort in deciding about security reasons and it increases the portability of the whole system. (bsd?:) Q where it works? A linux 2.2.13, 2.2.14, intel. SMP is not fully tested, but it's reported to work. we are working on alpha port and other platforms will follow. Q where can I find more information? A at http://medusa.fornax.sk/ and in ``doc'' subdirectory in the source package. Kind regards, Medusa development team Marek Zelem Martin Ockajak Milan Pikula -- Milan Pikula, WWW. Finger me for Geek Code. http://fornax.elf.stuba.sk/~www, www@fornax.elf.stuba.sk .. dajte mi pevnu linku a pohnem zemegulou .. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Wed Feb 16 13:05:22 2000 Received: by humbolt.nl.linux.org id ; Wed, 16 Feb 2000 13:03:20 +0100 Received: from imap.atlas.cz ([195.119.187.150]:17428 "EHLO smtp.atlas.cz") by humbolt.nl.linux.org with ESMTP id ; Wed, 16 Feb 2000 13:02:48 +0100 Received: from mail pickup service by smtp.atlas.cz with Microsoft SMTPSVC; Wed, 16 Feb 2000 11:44:49 +0100 Received: from rak.isternet.sk ([195.72.0.6]) by smtp.atlas.cz with Microsoft SMTPSVC(5.5.1877.357.35); Tue, 15 Feb 2000 22:43:43 +0100 Received: (from majordomo@localhost) by rak.isternet.sk (8.9.3/8.9.3) id WAA07679 for security-list; Tue, 15 Feb 2000 22:33:17 +0100 X-Authentication-Warning: rak.isternet.sk: majordomo set sender to owner-security@rak.isternet.sk using -f Received: from alfa.ranni-ptace.loc (datela-1-4-99.vol.cz [212.20.98.133]) by rak.isternet.sk (8.9.3/8.9.3) with SMTP id WAA07666 for ; Tue, 15 Feb 2000 22:32:54 +0100 Received: (qmail 11333 invoked from network); 15 Feb 2000 21:36:13 -0000 Received: from milada.troja.mff.cuni.cz by localhost with POP3 (fetchmail-5.0.7) for marian@localhost (single-drop); Tue, 15 Feb 2000 22:36:07 +0100 (CET) Received: from SpoolDir by MILADA (Mercury 1.31); 15 Feb 100 17:45:05 +0100 Received: from kerberos2.troja.mff.cuni.cz by milada.troja.mff.cuni.cz (Mercury 1.31); 15 Feb 100 17:44:58 +0100 Received: (qmail 1751 invoked from network); 15 Feb 2000 16:44:55 -0000 Received: from odysseus.fi.muni.cz (HELO odysseus.linux.cz) (147.251.48.205) by milada.troja.mff.cuni.cz with SMTP; 15 Feb 2000 16:44:55 -0000 Received: (qmail 22663 invoked by uid 30); 15 Feb 2000 16:44:38 -0000 Mailing-List: contact linux-help@linux.cz; run by ezmlm Delivered-To: mailing list linux@linux.cz Received: (qmail 22655 invoked from network); 15 Feb 2000 16:44:36 -0000 Date: Tue, 15 Feb 2000 17:38:49 +0100 (CET) From: Milan WWW Pikula To: medusa@medusa.fornax.sk, linux-kernel@vger.rutgers.edu, securedistros@nl.linux.org, bugtraq@securityfocus.com, security@rak.isternet.sk, linux@linux.cz, linux-security@redhat.com Subject: [security] ANNOUNCE: Medusa DS9 security system Message-Id: X-Ncc-Regid: sk.napri Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Transfer-Encoding: 8bit X-Mime2latin2: 1 MIME parts converted to iso-8859-2 Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Greetings, I'd like to announce the release of stable version of the security system Medusa DS9. It's purpose is to increase the security of OS Linux. Medusa it one of projects of the Slovak Linux user group (SkLUG). It can be downloaded at http://medusa.fornax.sk/ Medusa consists of two major parts - linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, processes and they implement the communication protocol. Security daemon communicates with the kernel using character device to send and receive "packets". Daemon contains the whole logic and implements the concrete security policy. That means, that medusa can (as opposite to another approaches) implement any model of data protection - it depends only on configuration file, which is in fact an program in the internal programming language, somewhat similiar to C. At the logical level there are these changes: * separation of processes, files and IPC to the independent groups (virtual subsystems) * ability to detect, disable or modify any system call from any process * ability to detect, ... selected "process actions" like sending signals, exec, ... * ability to detect, redirect, ... selected file actions, such as access to the file and so * ability to enforce process to execute an arbitrary code. This feature is usefull to enforce logging drom that process and so. I'd like to answer some of frequently asked questions here: Q what relation is between medusa and capabilities? A medusa SUPPORTS linux capabilities and can test, set or change them. Q how remarkable is the slowdown of this communication between the kernel and user-space daemon in the real usage? A actually it's insensible. medusa was designed with the question of speed in mind, so all informations are stored in kernel. you can specify exactly what actions do you need to be watched. on the real servers with about 50 shell-account users, where we test medusa, is traffic about 11 packets per second or less. the fact that the daemon is in userspace, gives it the comfort in deciding about security reasons and it increases the portability of the whole system. (bsd?:) Q where it works? A linux 2.2.13, 2.2.14, intel. SMP is not fully tested, but it's reported to work. we are working on alpha port and other platforms will follow. Q where can I find more information? A at http://medusa.fornax.sk/ and in ``doc'' subdirectory in the source package. Kind regards, Medusa development team Marek Zelem Martin Ockajak Milan Pikula -- Milan Pikula, WWW. Finger me for Geek Code. http://fornax.elf.stuba.sk/~www, www@fornax.elf.stuba.sk ... dajte mi pevnu linku a pohnem zemegulou .. --------------------------------------------------------------------------- Meta-FAQ (odhlá¹ení, archív, FAQ a dal¹í): http://www.linux.cz/mailing-list - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Thu Feb 17 07:05:13 2000 Received: by humbolt.nl.linux.org id ; Thu, 17 Feb 2000 07:03:43 +0100 Received: from f117.law3.hotmail.com ([209.185.241.117]:27919 "HELO hotmail.com") by humbolt.nl.linux.org with SMTP id ; Thu, 17 Feb 2000 07:03:07 +0100 Received: (qmail 29542 invoked by uid 0); 17 Feb 2000 05:58:16 -0000 Message-ID: <20000217055816.29541.qmail@hotmail.com> Received: from 12.73.96.82 by www.hotmail.com with =?ISO-8859-1?Q?HTTP;=0D?= Wed, 16 Feb 2000 21:58:16 PST X-Originating-IP: [12.73.96.82] From: "nels weber" To: securedistros@nl.linux.org Subject: I'm very interested in any info. you have to give. Date: Wed, 16 Feb 2000 21:58:16 PST Mime-Version: 1.0 Content-Type: text/plain; format=flowed Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Lately, I've become very interested in two things.. cryptography and linux. Frankly any blending of the two is an exciting prospect to me. If you have any information to pass on I'd appreciate it. Thank you. Nels Weber PS also if you could recomend a secure e-mail server on the web I'd appreciate it more than the other info. as all I can get on the net so far is alot of flack. ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Thu Feb 17 13:55:50 2000 Received: by humbolt.nl.linux.org id ; Thu, 17 Feb 2000 13:54:24 +0100 Received: from storm.ca ([209.87.239.69]:22449 "EHLO mail.storm.ca") by humbolt.nl.linux.org with ESMTP id ; Thu, 17 Feb 2000 13:53:56 +0100 Received: from storm.ca (ppp024.ottawa.storm.ca [209.87.227.24]) by mail.storm.ca (8.8.8+Sun/8.8.8) with ESMTP id HAA24327 for ; Thu, 17 Feb 2000 07:49:05 -0500 (EST) Message-ID: <38ABEE9D.33168951@storm.ca> Date: Thu, 17 Feb 2000 07:50:37 -0500 From: Sandy Harris X-Mailer: Mozilla 4.7 [en] (Win98; U) X-Accept-Language: en,fr MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: I'm very interested in any info. you have to give. References: <20000217055816.29541.qmail@hotmail.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list nels weber wrote: > > Lately, I've become very interested in two things.. cryptography and linux. > Frankly any blending of the two is an exciting prospect to me. If you have > any information to pass on I'd appreciate it. > Thank you. One project adding strong crypto to Linux is: http://www.freeswan.org Their collection of web links should lead you to others: http://www.freeswan.org/freeswan_trees/freeswan-1.3/doc/WWWref.html - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Thu Feb 17 20:05:20 2000 Received: by humbolt.nl.linux.org id ; Thu, 17 Feb 2000 20:03:41 +0100 Received: from ns1.umkc.edu ([134.193.1.2]:12805 "EHLO ns1.umkc.edu") by humbolt.nl.linux.org with ESMTP id ; Thu, 17 Feb 2000 20:03:19 +0100 Received: from cstp.umkc.edu (IDENT:david@lucy [134.193.69.99]) by ns1.umkc.edu (8.9.3/8.9.0) with ESMTP id MAA30051; Thu, 17 Feb 2000 12:58:26 -0600 (CST) Message-ID: <38AC44B7.91562A41@cstp.umkc.edu> Date: Thu, 17 Feb 2000 18:57:59 +0000 From: "David L. Nicol" Organization: University of Missouri - Kansas City network operations X-Mailer: Mozilla 4.7 [en] (X11; I; Linux 2.2.12-mosix i586) X-Accept-Language: en MIME-Version: 1.0 To: nels weber , securedistros@nl.linux.org Subject: Re: I'm very interested in any info. you have to give. References: <20000217055816.29541.qmail@hotmail.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list nels weber wrote: > > Lately, I've become very interested in two things.. cryptography and linux. > Frankly any blending of the two is an exciting prospect to me. If you have > any information to pass on I'd appreciate it. > Thank you. > > Nels Weber > > PS also if you could recomend a secure e-mail server on the web I'd > appreciate it more than the other info. as all I can get on the net so far > is alot of flack. > ______________________________________________________ > Get Your Private, Free Email at http://www.hotmail.com > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ qmail gnupg the fact that you are looking for a "secure e-mail server" indicates a certain ignorance, as SMTP protocol at this time specifies that the message stream is not encrypted, making it susceptible to "packet sniffing." This vulnerability can be overcome by encrypting the message using a tool such as the GNU Privacy Guard (largely based on the work of a certain Phil Zimmerman). There is not at this time a standard for encrypting the entire channel between mail servers, and it is unlikely that one will appear. When there is risk of people reading the traffic that goes by, a better solution is to encrypt the entire network into a "virtual private network." For use internal to your organization, encryption of the smtp stream can be added to any open source MTA without great difficulty. ___________________________________________________________________ David Nicol 816.235.1187 nicold@umkc.edu - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Thu Feb 17 20:51:34 2000 Received: by humbolt.nl.linux.org id ; Thu, 17 Feb 2000 20:49:18 +0100 Received: from polymorph.qcsn.com ([198.145.93.5]:11605 "EHLO polymorph.qcsn.com") by humbolt.nl.linux.org with ESMTP id ; Thu, 17 Feb 2000 20:48:24 +0100 Received: from localhost (IDENT:wcooley@localhost [127.0.0.1]) by polymorph.qcsn.com (8.9.3/8.9.3) with ESMTP id LAA13518 for ; Thu, 17 Feb 2000 11:43:33 -0800 Date: Thu, 17 Feb 2000 11:43:33 -0800 (PST) From: Wil Cooley X-Sender: wcooley@polymorph.qcsn.com To: securedistros@nl.linux.org Subject: Re: I'm very interested in any info. you have to give. In-Reply-To: <38AC44B7.91562A41@cstp.umkc.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list On Thu, 17 Feb 2000, David L. Nicol wrote: > There is not at this time a standard for encrypting the entire channel > between mail servers, and it is unlikely that one will appear. When > there is risk of people reading the traffic that goes by, a better > solution is to encrypt the entire network into a "virtual private > network." What about SMTP over SSL/TLS? While in MTA-MTA connections it's not likely that both will run SSL, and of course without an Internet-wide PKI you cannot guarantee hosts' identities, you can fairly easily secure connections between MUA-MTA, which, for remote users, is a big benefit. Wil -- W. Reilly Cooley wcooley@nakedape.cc The LNX System: Linux for a 2U case. http://lnxs.org - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Thu Feb 17 21:34:28 2000 Received: by humbolt.nl.linux.org id ; Thu, 17 Feb 2000 21:32:50 +0100 Received: from ns1.umkc.edu ([134.193.1.2]:10760 "EHLO ns1.umkc.edu") by humbolt.nl.linux.org with ESMTP id ; Thu, 17 Feb 2000 21:32:21 +0100 Received: from cstp.umkc.edu (IDENT:david@lucy [134.193.69.99]) by ns1.umkc.edu (8.9.3/8.9.0) with ESMTP id OAA31327; Thu, 17 Feb 2000 14:27:35 -0600 (CST) Message-ID: <38AC599B.ADD100D8@cstp.umkc.edu> Date: Thu, 17 Feb 2000 20:27:07 +0000 From: "David L. Nicol" Organization: University of Missouri - Kansas City network operations X-Mailer: Mozilla 4.7 [en] (X11; I; Linux 2.2.12-mosix i586) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org, wcooley@nakedape.cc Subject: Re: I'm very interested in any info. you have to give. References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Wil Cooley wrote: > > On Thu, 17 Feb 2000, David L. Nicol wrote: > > > There is not at this time a standard for encrypting the entire channel > > between mail servers, ^^^^^^^^^^^^^^^^^^^^ > What about SMTP over SSL/TLS? While in MTA-MTA connections it's not > likely that both will run SSL, and of course without an Internet-wide PKI > you cannot guarantee hosts' identities, you can fairly easily secure > connections between MUA-MTA, which, for remote users, is a big benefit. This is true, it protects you from packet sniffing from the next cubicle, which is obviously a more realistic threat than packet sniffing on the backbone. There was a freshmeat.net announcement recently of an add-on to provide SSL-SMTP to any SMTP MTA. ___________________________________________________________________ David Nicol 816.235.1187 nicold@umkc.edu wget rocks! - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Thu Feb 17 21:41:00 2000 Received: by humbolt.nl.linux.org id ; Thu, 17 Feb 2000 21:39:11 +0100 Received: from polymorph.qcsn.com ([198.145.93.5]:19808 "EHLO polymorph.qcsn.com") by humbolt.nl.linux.org with ESMTP id ; Thu, 17 Feb 2000 21:38:48 +0100 Received: from localhost (IDENT:wcooley@localhost [127.0.0.1]) by polymorph.qcsn.com (8.9.3/8.9.3) with ESMTP id MAA13954; Thu, 17 Feb 2000 12:33:55 -0800 Date: Thu, 17 Feb 2000 12:33:55 -0800 (PST) From: Wil Cooley X-Sender: wcooley@polymorph.qcsn.com To: "David L. Nicol" cc: securedistros@nl.linux.org Subject: Re: I'm very interested in any info. you have to give. In-Reply-To: <38AC599B.ADD100D8@cstp.umkc.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list On Thu, 17 Feb 2000, David L. Nicol wrote: > There was a freshmeat.net announcement recently of an add-on to > provide SSL-SMTP to any SMTP MTA. There's also patches for Postfix to use TLS. Wil -- W. Reilly Cooley wcooley@nakedape.cc The LNX System: Linux for a 2U case. http://lnxs.org - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Fri Feb 18 07:06:58 2000 Received: by humbolt.nl.linux.org id ; Fri, 18 Feb 2000 07:05:21 +0100 Received: from terra.geo.uu.nl ([131.211.29.16]:60549 "EHLO terra.geo.uu.nl") by humbolt.nl.linux.org with ESMTP id ; Fri, 18 Feb 2000 07:04:46 +0100 Received: from simulcara (ip93-ftl.aibusiness.net [208.235.123.93]) by terra.geo.uu.nl (8.9.3/8.9.3/TvZ) with ESMTP id GAA23755 for ; Fri, 18 Feb 2000 06:59:48 +0100 (MET) Received: from leto by simulcara with local (Exim 2.05 #1 (Debian)) id 12LgMT-0000ng-00; Fri, 18 Feb 2000 00:53:53 -0500 Date: Fri, 18 Feb 2000 00:53:53 -0500 From: Jonathan Leto To: securedistros@nl.linux.org Subject: Re: I'm very interested in any info. you have to give. Message-ID: <20000218005353.A3067@leto.net> References: <20000217055816.29541.qmail@hotmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/1.1.1i In-Reply-To: <20000217055816.29541.qmail@hotmail.com>; from nelsweber@hotmail.com on Wed, Feb 16, 2000 at 09:58:16PM -0800 X-Echelon-Bait: password kill bomb terrorist president cult Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list I beleive hushmail.com should be of interest to you. I think that if two people with hushmail accounts email each other, that the data never exists or is passed through any system unencrypted ( except maybe in your browser cache.) nels weber (nelsweber@hotmail.com) said: > Lately, I've become very interested in two things.. cryptography and linux. > Frankly any blending of the two is an exciting prospect to me. If you have > any information to pass on I'd appreciate it. > Thank you. > > Nels Weber > > PS also if you could recomend a secure e-mail server on the web I'd > appreciate it more than the other info. as all I can get on the net so far > is alot of flack. > ______________________________________________________ > Get Your Private, Free Email at http://www.hotmail.com > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ -- jonathan@leto.net http://leto.net "With pain comes clarity." - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Fri Feb 18 14:44:09 2000 Received: by humbolt.nl.linux.org id ; Fri, 18 Feb 2000 14:42:41 +0100 Received: from tube.net-tel.co.uk ([193.122.171.130]:44554 "EHLO tube.net-tel.co.uk") by humbolt.nl.linux.org with ESMTP id ; Fri, 18 Feb 2000 14:42:02 +0100 Received: from net-tel.co.uk (ice.net-tel.co.uk [193.122.171.250]) by tube.net-tel.co.uk (8.9.3/8.9.3) with ESMTP id NAA07662 for ; Fri, 18 Feb 2000 13:37:02 GMT From: Michael.Owen@net-tel.co.uk Received: from "/PRMD=NET-TEL/ADMD=Gold 400/C=GB/" by net-tel.co.uk (Route400-RFCGate); Fri, 18 Feb 2000 13:36:47 +0000 X400-Received: by mta "ice" in "/PRMD=net-tel/ADMD=gold 400/C=gb/"; Relayed; Fri, 18 Feb 2000 13:36:47 +0000 X400-Received: by mta "net-tel" in "/PRMD=net-tel/ADMD=gold 400/C=gb/"; Relayed; Fri, 18 Feb 2000 13:36:09 +0000 X400-Received: by "/PRMD=NET-TEL/ADMD=Gold 400/C=GB/"; Relayed; Fri, 18 Feb 2000 13:36:09 +0000 X400-MTS-Identifier: ["/PRMD=NET-TEL/ADMD=Gold 400/C=GB/";ORANGE:0081-000218133609-0ef4] X400-Content-Type: P2-1988 (22) X400-Originator: Michael.Owen@net-tel.co.uk Original-Encoded-Information-Types: IA5-Text, (2)(6)(1)(12)(0), (1)(2)(840)(113556)(3)(10)(1) X400-Recipients: securedistros@nl.linux.org Date: Fri, 18 Feb 2000 13:36:09 +0000 X400-Content-Identifier: RE: I'm very int Message-Id: <"GRAPE:05e8-000218133747-0004*/G=Michael/S=Owen/O=NET-TEL Computer Systems Ltd/PRMD=NET-TEL/ADMD=Gold 400/C=GB/"@MHS> To: securedistros@nl.linux.org In-Reply-To: <38AC44B7.91562A41@cstp.umkc.edu> Subject: RE: I'm very interested in any info. you have to give. Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list David L. Nicol wrote: > nels weber wrote: > > > There is not at this time a standard for encrypting the entire channel > between mail servers, and it is unlikely that one will appear. When > there is risk of people reading the traffic that goes by, a better > solution is to encrypt the entire network into a "virtual private > network." Well, there is an Internet draft at the moment, and there are products emerging which support domain to domain-based encryption and signing. Check out http://www.ietf.org/internet-drafts/draft-ietf-smime-domsec-03.txt for more details on the technical side of things. When the only thing that you actually want to encrypt is email, using a VPN is sort of like duck hunting with a bazooka. You also lose encryption coverage to remote clients who don't want/have VPNs, but have mail encryption tools handy. -- Michael Michael Owen IT Security Engineer NET-TEL Computer Systems Ltd Michael.Owen@net-tel.co.uk - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Sun Feb 20 01:12:42 2000 Received: by humbolt.nl.linux.org id ; Sun, 20 Feb 2000 01:11:02 +0100 Received: from terra.geo.uu.nl ([131.211.29.16]:47299 "EHLO terra.geo.uu.nl") by humbolt.nl.linux.org with ESMTP id ; Sun, 20 Feb 2000 01:10:25 +0100 Received: from mailmachine9397.compuserve.com (98AE29CB.ipt.aol.com [152.174.41.203]) by terra.geo.uu.nl (8.9.3/8.9.3/TvZ) with SMTP id BAA28507 for ; Sun, 20 Feb 2000 01:05:37 +0100 (MET) From: To: Date: Sat, 19 Feb 2000 15:29:05 Message-Id: <205.112797.858234@mailmachine9397.compuserve.com> Subject: AD:Family Reunion T Shirts & More Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Message sent by: Kuppler Graphics, 32 West Main Street, Maple Shade, New Jersey, 08052, 1-800-810-4330. This list will NOT be sold. All addresses are automatically added to our remove list. Hello. My name is Bill from Kuppler Graphics. We do screenprinting on T Shirts, Sweatshirts, Jackets, Hats, Tote Bags and more! Do you or someone you know have a Family Reunion coming up? Kuppler Graphics would like to provide you with some great looking T Shirts for your Reunion. Kuppler Graphics can also provide you with custom T's and promotional items such as imprinted magnets, keychains, pens, mugs, hats, etc. for your business or any fundraising activity (church, school, business etc.) We also can provide you with quality embroidery. We are a family owned company with over 15 years of experience. All work is done at this location. No middle man. Our prices are great! Click reply to email us or call 1-800-810-4330 for more info Bill Kuppler Graphics - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Sun Feb 20 03:27:40 2000 Received: by humbolt.nl.linux.org id ; Sun, 20 Feb 2000 03:26:04 +0100 Received: from adsl-216-103-8-86.dsl.sndg02.pacbell.net ([216.103.8.86]:55822 "HELO freeside.ultraviolet.org") by humbolt.nl.linux.org with SMTP id ; Sun, 20 Feb 2000 03:25:39 +0100 Received: (qmail 31060 invoked by uid 500); 20 Feb 2000 02:20:51 -0000 Date: Sat, 19 Feb 2000 18:20:51 -0800 From: Tracy R Reed To: securedistros@nl.linux.org Subject: Re: AD:Family Reunion T Shirts & More Message-ID: <20000219182051.I4759@ultraviolet.org> References: <205.112797.858234@mailmachine9397.compuserve.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <205.112797.858234@mailmachine9397.compuserve.com>; from hifiber7@compuserve.com on Sat, Feb 19, 2000 at 03:29:05PM +0000 Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list On Sat, Feb 19, 2000 at 03:29:05PM +0000, hifiber7@compuserve.com wrote: > 1-800-810-4330. This list will NOT be sold. All addresses Everyone call up "Bill" on his dime and let him enjoy some of your favorite tunes until his answering machine runs out of tape. He is currently enjoying "Miami" by Will Smith. :) -- Tracy Reed http://www.ultraviolet.org ``The lyf so short, the craft so long to lerne.'' - Chaucer - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Sun Feb 20 07:22:43 2000 Received: by humbolt.nl.linux.org id ; Sun, 20 Feb 2000 07:21:16 +0100 Received: from sense-nahlquis-101.oz.net ([216.39.152.101]:23436 "HELO sense-nahlquis-101.oz.net") by humbolt.nl.linux.org with SMTP id ; Sun, 20 Feb 2000 07:20:39 +0100 Received: (qmail 20738 invoked from network); 20 Feb 2000 06:13:18 -0000 Received: from localhost (127.0.0.1) by localhost with SMTP; 20 Feb 2000 06:13:18 -0000 Date: Sat, 19 Feb 2000 22:13:18 -0800 (PST) From: Norm Ahlquist X-Sender: norm@jhgrud To: securedistros@nl.linux.org Subject: Re: AD:Family Reunion T Shirts & More In-Reply-To: <205.112797.858234@mailmachine9397.compuserve.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Greetings to the list, perhaps. What the ... is this. Someone hacking the list? Kill the bugger. Norm On Sat, 19 Feb 2000 hifiber7@compuserve.com wrote: > Message sent by: Kuppler Graphics, 32 West Main Street, Maple > Shade, New Jersey, 08052, > 1-800-810-4330. This list will NOT be sold. All addresses > are automatically added to our remove list. > > Hello. My name is Bill from Kuppler Graphics. We do > screenprinting on T Shirts, Sweatshirts, > Jackets, Hats, Tote Bags and more! > > Do you or someone you know have a Family Reunion coming up? > Kuppler Graphics would like to > provide you with some great looking T Shirts for your Reunion. > > Kuppler Graphics can also provide you with custom T's and > promotional items such as imprinted > magnets, keychains, pens, mugs, hats, etc. for your business or > any fundraising activity > (church, school, business etc.) We also can provide you with > quality embroidery. > > We are a family owned company with over 15 years of experience. > > All work is done at this location. No middle man. Our prices > are great! > > Click reply to email us or call 1-800-810-4330 for more info > > > Bill > Kuppler Graphics > > > > > > > > > > > > > > - > Securedistros: A common list for all secured Linux distributions > Archive: http://humbolt.nl.linux.org/lists/ > - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Sun Feb 20 08:15:13 2000 Received: by humbolt.nl.linux.org id ; Sun, 20 Feb 2000 08:13:49 +0100 Received: from wirex.com ([208.161.110.91]:4974 "HELO mithra.wirex.com") by humbolt.nl.linux.org with SMTP id ; Sun, 20 Feb 2000 08:13:14 +0100 Received: from wirex.com (mithra.wirex.com [208.161.110.91]) by mithra.wirex.com (Postfix) with ESMTP id 32DBA3EC14 for ; Sat, 19 Feb 2000 23:07:01 -0800 (PST) Message-ID: <38AF7191.2AA96D92@wirex.com> Date: Sun, 20 Feb 2000 04:46:10 +0000 From: Crispin Cowan Organization: WireX Communications, Inc. X-Mailer: Mozilla 4.7 [en] (X11; U; Linux 2.0.35 i586) X-Accept-Language: en MIME-Version: 1.0 To: securedistros@nl.linux.org Subject: Re: AD:Family Reunion T Shirts & More References: <205.112797.858234@mailmachine9397.compuserve.com> <20000219182051.I4759@ultraviolet.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list Tracy R Reed wrote: > On Sat, Feb 19, 2000 at 03:29:05PM +0000, hifiber7@compuserve.com wrote: > > 1-800-810-4330. This list will NOT be sold. All addresses > > Everyone call up "Bill" on his dime and let him enjoy some of your favorite > tunes until his answering machine runs out of tape. > > He is currently enjoying "Miami" by Will Smith. :) I've often wanted to do that, but I'm concerned that I've heard of telphone hacks that can result in 1-800 numbers being a toll call. Can anyone confirm or deny whether one can be *assured* that a 1-800 number is in fact toll-free? Thanks, Crispin ----- Crispin Cowan, CTO, WireX Communications, Inc. http://wirex.com Free Hardened Linux Distribution: http://immunix.org JOBS! http://immunix.org/jobs.html - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Sun Feb 20 09:26:54 2000 Received: by humbolt.nl.linux.org id ; Sun, 20 Feb 2000 09:25:27 +0100 Received: from adsl-216-103-8-86.dsl.sndg02.pacbell.net ([216.103.8.86]:17932 "HELO freeside.ultraviolet.org") by humbolt.nl.linux.org with SMTP id ; Sun, 20 Feb 2000 09:24:54 +0100 Received: (qmail 12351 invoked by uid 500); 20 Feb 2000 08:20:06 -0000 Date: Sun, 20 Feb 2000 00:20:06 -0800 From: Tracy R Reed To: securedistros@nl.linux.org Subject: Re: AD:Family Reunion T Shirts & More Message-ID: <20000220002006.D6251@ultraviolet.org> References: <205.112797.858234@mailmachine9397.compuserve.com> <20000219182051.I4759@ultraviolet.org> <38AF7191.2AA96D92@wirex.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <38AF7191.2AA96D92@wirex.com>; from crispin@wirex.com on Sun, Feb 20, 2000 at 04:46:10AM +0000 Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list On Sun, Feb 20, 2000 at 04:46:10AM +0000, Crispin Cowan wrote: > I've often wanted to do that, but I'm concerned that I've heard of telphone > hacks that can result in 1-800 numbers being a toll call. Can anyone confirm > or deny whether one can be *assured* that a 1-800 number is in fact toll-free? I've heard of various PBX and other phone system social engineering hacks but they all involve you entering numbers other than 1-800. Besides, this guy clearly wants to sell you shirts and stuff, not get rich off of long distance scams. -- Tracy Reed http://www.ultraviolet.org - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/ From owner-securedistros@nl.linux.org Sun Feb 20 12:27:56 2000 Received: by humbolt.nl.linux.org id ; Sun, 20 Feb 2000 12:26:29 +0100 Received: from agratax.demon.nl ([212.238.108.69]:26119 "EHLO agratax.demon.nl") by humbolt.nl.linux.org with ESMTP id ; Sun, 20 Feb 2000 12:26:02 +0100 Received: from localhost ([127.0.0.1]:20743 "EHLO localhost") by mirkwood.nl.linux.org with ESMTP id ; Sun, 20 Feb 2000 12:02:15 +0100 Date: Sun, 20 Feb 2000 12:02:13 +0100 (CET) From: Rik van Riel X-Sender: riel@mirkwood.dummy.home To: securedistros@nl.linux.org cc: "David L. Nicol" Subject: Re: I'm very interested in any info. you have to give. In-Reply-To: Message-ID: Organisation: NL.linux.org (http://www.nl.linux.org/) X-Search-Engine-Bait: http://www.nl.linux.org/ MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-securedistros@nl.linux.org Precedence: bulk Reply-To: securedistros@nl.linux.org Return-Path: X-Orcpt: rfc822;securedistros-list On Thu, 17 Feb 2000, Wil Cooley wrote: > On Thu, 17 Feb 2000, David L. Nicol wrote: > > > There was a freshmeat.net announcement recently of an add-on to > > provide SSL-SMTP to any SMTP MTA. > > There's also patches for Postfix to use TLS. I believe zmailer and Exim can do TLS too. Rik -- The Internet is not a network of computers. It is a network of people. That is its real strength. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/