You can subscribe to this list here.
2000 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(32) |
Dec
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
2001 |
Jan
(1) |
Feb
(9) |
Mar
(5) |
Apr
(5) |
May
(4) |
Jun
(4) |
Jul
(22) |
Aug
(8) |
Sep
|
Oct
(59) |
Nov
(4) |
Dec
(2) |
2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(9) |
Jul
|
Aug
(2) |
Sep
(3) |
Oct
|
Nov
(1) |
Dec
(2) |
2003 |
Jan
(1) |
Feb
|
Mar
(2) |
Apr
|
May
(5) |
Jun
(11) |
Jul
(3) |
Aug
(4) |
Sep
|
Oct
(2) |
Nov
|
Dec
(1) |
2004 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
(3) |
Jun
(6) |
Jul
(4) |
Aug
(1) |
Sep
(1) |
Oct
|
Nov
(1) |
Dec
(2) |
2005 |
Jan
|
Feb
|
Mar
(2) |
Apr
(2) |
May
(7) |
Jun
(11) |
Jul
|
Aug
|
Sep
(5) |
Oct
(4) |
Nov
(1) |
Dec
(21) |
2006 |
Jan
(3) |
Feb
(3) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(1) |
Sep
|
Oct
(5) |
Nov
|
Dec
|
2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(1) |
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2013 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(2) |
Oct
|
Nov
|
Dec
|
2014 |
Jan
(2) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
|
2015 |
Jan
|
Feb
(1) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2016 |
Jan
|
Feb
|
Mar
|
Apr
(2) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: Twila R. <wab...@ho...> - 2004-12-06 14:43:19
|
<html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></head><body bgcolor="#FFFFFD" text="#C2B3DF"><p><a href="http://zfelza.nmchmcin.info/?SBUroDSkWWZy7aSynvl"><IMG SRC="cid:part1.03060608.07040409@hfr...@ya..." border="0" ALT=""></a></p><p><font color="#FFFFF4">date of birth at the far side Radio I enjoy it...</font></p><p><font color="#FFFFFA">The IRS Stock Quotes</font></p></body></html> |
From: Saima A. <no...@ho...> - 2004-11-11 03:08:09
|
80% of blindness is preventable Are you doing something to help ? "Care and Kindness Society is committed to spreading light in the life of thousand of children who are at the brink of blindness in Pakistan. Only if Sakina and thousands like her had received eye care at an early age her sight could have been saved." Blindness prevention activities: Ø Free eye clinic (on main Korangi Road, Karachi) Ø Free Eye Camps across Pakistan Ø Comprehensive free eye screening school programs in underprivileged areas The society also aims to establish a free Eye Hospital in the future. Send your Donation/Zakat to: Address: 302, Crystal Court, BC-7, Block 5, Clifton, Karachi. Tel: 5376189-5374598 email: ck...@cy... www.careandkindness.org.pk All donations are exempt from income tax vide income tax exemption No.JUD/CIT/ZE/2002-2003/540 This letter can not be considered spam as long as we include Contact information & remove instructions For Unsubscribe, Email at rem...@ga... Send your business offer to more then 500,000 Pakistani Internet Users. Email now: pak...@ga... |
From: CSS IP-T. <ip...@in...> - 2004-09-28 17:02:02
|
This email contains an HTML message. You may be seeing this message=20 in case your email client does not support HTML messages. To see the HTML message in the proper format, copy-paste http://www. intelliprintplus.com/mailer/september/sepiv=5Fmailer.html into your web=20 browser. Thank you CSS IP-Team. |
From: <SR...@oa...> - 2004-08-25 10:38:20
|
I would like to investigate extending Tripwire. It would be good to be able to specify rules like: - all filenames in a directory should be 4 characters long, all numeric - specify via a regular expression i.e. 0012 i.e. DB9999,=20 - filenames will increase over time, e.g. 0012 then 0013 will be created, so a rule saying filenames greater than existing filenames are OK. i.e. 0005 should not be created Please could somebody suggest a good starting place in the code to begin the investigation. Thanks, Simon |
From: W. W. G. <wwg...@au...> - 2004-07-08 22:20:41
|
Howdy, I think I've found a solution to this problem. In parserhelper.cpp, cParserHelper::CleanUp(). GenreContainer::iterator i; for( i = mAph.begin(); i != mAph.end(); i++ ) delete i->second; The seconds of the mAph static map are being deleted, but the map itself was left with items containing invalid pointers as seconds. Adding: mAph.clear(); after the loop appears to have cleared up my problem. No more crashing, and the parsed policy data looks accurate. W. W. Gilpin wwg...@au... On Jul 7, 2004, at 11:06 PM, W. W. Gilpin wrote: > Howdy, > > I am using the Tripwire 2.3.1-2 libraries, with Paul Herman's OSX > patch, compiled on Mac OSX 10.3, to build an application which (in > part) parses the contents of Tripwire policy files. > > To do this, I am using the cPolicyParser class, and it works very > nicely, but only once per execution. Subsequent calls to > cPolicyParser::Execute() or cPolicyParser::Check() cause my > application to crash with a Bad Access exception inside the Tripwire > code. > > I am instantiating cTWInit and calling cTWInit::Init() early in my > app's execution. Is there any additional initialization that I need to > do before/between uses of the policy parser? Any hints or help with > this problem would be greatly appreciated. > > Stack trace: > > #0 0x00081e6c in cParserUtil::CreateFCOSpecs(unsigned, > cGenreParseInfo*, cFCOSpecList&) at stl_alloc.h:651 > #1 0x00080498 in cParserHelper::Finit(cGenreSpecListVector*) at > stl_alloc.h:651 > #2 0x0003ccc4 in cPolicyParser::Execute(cGenreSpecListVector&, > cErrorBucket*) at stl_alloc.h:651 > #3 0x0001c544 in TWPolicyData::Load() at TWPolicyData.cp:114 > [...] > > Relevant class members are defined thusly: > > bool mLoaded; > cKeyFile *mSiteKeyFile; > cGenreSpecListVector *mGenreVector; > std::string mPolicyPath; > std::string mSiteKeyPath; > > > Here is my function: > > void TWPolicyData::Load() > { > if (false == mLoaded) > { > try > { > cTWUtil::OpenKeyFile(*mSiteKeyFile, mSiteKeyPath); > > std::string theText; > cTWUtil::ReadPolicyText(mPolicyPath.c_str(), theText, > mSiteKeyFile->GetPublicKey()); > > cGenreSwitcher::GetInstance()->SelectGenre(cGenreSwitcher:: > GetInstance()->GetDefaultGenre()); > > cErrorQueue theErrors; > std::istringstream theTextStream(theText); > cPolicyParser theParser(theTextStream); > theParser.Execute(*mGenreVector, &theErrors); > > mLoaded = true; > } > catch(...) > { > mLoaded = false; > } > } > } > > > W. W. Gilpin > wwg...@au... > > > > ------------------------------------------------------- > This SF.Net email sponsored by Black Hat Briefings & Training. > Attend Black Hat Briefings & Training, Las Vegas July 24-29 -digital > self defense, top technical experts, no vendor pitches,unmatched > networking opportunities. Visit www.blackhat.com > _______________________________________________ > Tripwire-dev mailing list > Tri...@li... > https://lists.sourceforge.net/lists/listinfo/tripwire-dev > > |
From: W. W. G. <wwg...@au...> - 2004-07-08 05:34:00
|
On Jul 7, 2004, at 11:26 PM, rjf wrote: > On Wed, 7 Jul 2004 23:06:58 -0500, W. W. Gilpin > <wwg...@au...> wrote: >> To do this, I am using the cPolicyParser class, and it works very >> nicely, but only once per execution. Subsequent calls to >> cPolicyParser::Execute() or cPolicyParser::Check() cause my >> application >> to crash with a Bad Access exception inside the Tripwire code. > > W, there is a function in the underlying yy_parse called reset() that > I do not think is exposed in cPolicyParser(). I think if you work it > out so that you can call mParser.reset() between invocations, you'll > be okay, something like: Howdy rjf, Thanks for the quick reply! I'm still crashing, though. Here's what I've tried. Any other suggestions? I added this into cPolicyParser's public section: void Reset() {mParser.yyreset();}; I then rebuilt the Tripwire libraries and changed my code to read: cErrorQueue theErrors; std::istringstream theTextStream(theText); cPolicyParser theParser(theTextStream); theParser.Reset(); theParser.Execute(*mGenreVector, &theErrors); theParser.Reset(); This resulted in no change in behavior. Same crash, same place as before. So I tried this: cErrorQueue theErrors; std::istringstream theTextStream(theText); cPolicyParser theParser(theTextStream); theParser.Reset(); theParser.Execute(*mGenreVector, &theErrors); theParser.Reset(); theParser.Execute(*mGenreVector, &theErrors); theParser.Reset(); The crash occurs in the second call to theParser.Execute(), with this stack trace (different from the one I posted earlier): #0 0x0013b3ec in cHashTable<std::string, std::string, cDefaultCompare<std::string>, cDefaultConvert<std::string> >::~cHashTable() at parserhelper.h:235 #1 0x0013b354 in cHashTable<std::string, std::string, cDefaultCompare<std::string>, cDefaultConvert<std::string> >::~cHashTable() at parserhelper.h:235 #2 0x00080944 in cParserHelper::CleanUp() at stl_alloc.h:651 #3 0x00080844 in cParserHelper::Finit(cGenreSpecListVector*) at stl_alloc.h:651 #4 0x0003cda0 in cPolicyParser::Execute(cGenreSpecListVector&, cErrorBucket*) at stl_alloc.h:651 #5 0x0001c614 in TWPolicyData::Load() at TWPolicyData.cp:117 W. W. Gilpin wwg...@au... |
From: rjf <it...@gm...> - 2004-07-08 04:26:39
|
On Wed, 7 Jul 2004 23:06:58 -0500, W. W. Gilpin <wwg...@au...> wrote: > To do this, I am using the cPolicyParser class, and it works very > nicely, but only once per execution. Subsequent calls to > cPolicyParser::Execute() or cPolicyParser::Check() cause my application > to crash with a Bad Access exception inside the Tripwire code. W, there is a function in the underlying yy_parse called reset() that I do not think is exposed in cPolicyParser(). I think if you work it out so that you can call mParser.reset() between invocations, you'll be okay, something like: cPolicyParser::reset() { mParser.reset(); } should do. It's been a while since I was in that code though... Mileage may vary... rjf& (tripwire) |
From: W. W. G. <wwg...@au...> - 2004-07-08 04:07:03
|
Howdy, I am using the Tripwire 2.3.1-2 libraries, with Paul Herman's OSX patch, compiled on Mac OSX 10.3, to build an application which (in part) parses the contents of Tripwire policy files. To do this, I am using the cPolicyParser class, and it works very nicely, but only once per execution. Subsequent calls to cPolicyParser::Execute() or cPolicyParser::Check() cause my application to crash with a Bad Access exception inside the Tripwire code. I am instantiating cTWInit and calling cTWInit::Init() early in my app's execution. Is there any additional initialization that I need to do before/between uses of the policy parser? Any hints or help with this problem would be greatly appreciated. Stack trace: #0 0x00081e6c in cParserUtil::CreateFCOSpecs(unsigned, cGenreParseInfo*, cFCOSpecList&) at stl_alloc.h:651 #1 0x00080498 in cParserHelper::Finit(cGenreSpecListVector*) at stl_alloc.h:651 #2 0x0003ccc4 in cPolicyParser::Execute(cGenreSpecListVector&, cErrorBucket*) at stl_alloc.h:651 #3 0x0001c544 in TWPolicyData::Load() at TWPolicyData.cp:114 [...] Relevant class members are defined thusly: bool mLoaded; cKeyFile *mSiteKeyFile; cGenreSpecListVector *mGenreVector; std::string mPolicyPath; std::string mSiteKeyPath; Here is my function: void TWPolicyData::Load() { if (false == mLoaded) { try { cTWUtil::OpenKeyFile(*mSiteKeyFile, mSiteKeyPath); std::string theText; cTWUtil::ReadPolicyText(mPolicyPath.c_str(), theText, mSiteKeyFile->GetPublicKey()); cGenreSwitcher::GetInstance()->SelectGenre(cGenreSwitcher:: GetInstance()->GetDefaultGenre()); cErrorQueue theErrors; std::istringstream theTextStream(theText); cPolicyParser theParser(theTextStream); theParser.Execute(*mGenreVector, &theErrors); mLoaded = true; } catch(...) { mLoaded = false; } } } W. W. Gilpin wwg...@au... |
From: <sf...@60...> - 2004-06-15 13:09:47
|
[2004/6/15 ¤U¤È 09:07:59] tea [t96Wxp] |
From: <vit...@ya...> - 2004-06-15 07:50:25
|
$BFMA3$N%a!<%k<:Ni$$$?$7$^$9!#(B $B6H3&=i!*JV6bBg4?7^!*8z2LJ]>ZIU!J#2(B,$B#1#0#01_(B $B@G9~!K<+?.$,M-$k$+$i=PMh$k!*(B $B!c#1K\$@$19XF~!"0{$s$G$7$^$C$?8e$G$b!"G<F@$$$+$J$1$l$PJV6bCW$7$^$9!#!d(B $B@-=U2sI|!*CK@-5!G=8~>e@-%I%j%s%/!!!V%S%?!&%^%s!WB(8z!u;}B3!&@:NO(BUp$B7r9/?)IJ$G$9!#0{MQ!"#4#0J,8e$+$i$,!"$*3Z$7$_!*!*(B $B#1K\;n$;$PG<F@!*=>$C$FEv<R$G$O!"C1IJCmJ84?7^!*$5$i$K!"8z2L$,F@$i$l$J$+$C$?>l9g!"$*5RMM8}:B$XA43[$4JV6bCW$7$^$9!#(B $BJ#?tK\9XF~$NJ}$b!"8z2LJ]>Z!J#1K\!K$@$1$G$O$J$/!"3+@r$7$F$$$J$$>&IJ$O!"$9$Y$FGcLa$7CW$7$^$9!#(B $B=w@-$NJ}$b$40{MQ2DG=!#Nd@-$NJ}$K$*$9$9$a!*(B $B:#$9$02<5-%[!<%`%Z!<%8$+$i$4CmJ82<$5$$!*(B http://www.vitamanjapan.com $BG[?.Dd;_$r$44uK>$NJ}$O!"$*<j?t$G$O$4$6$$$^$9$,!"(B $B7oL>$r!VG[?.Dd;_!W$H$7$F$$$?$@$-!V(Bvi...@ya...$B!W$^$G(BE-mail$B$K$F$*CN$i$;2<$5$$!#(B $B!c;v6H<T!d(B $B3t<02q<R%M%C%H%o!<%k%I%S%8%M%9(B $B%S%?%^%s;v6HIt(B $BEl5~ETJ85~6h8~5V(B2-37-6 |
From: Bill P. <Bi...@pi...> - 2004-06-03 18:47:24
|
please remove me from these mailing lists ----- Original Message ----- From: "Paul Herman" <ph...@fr...> To: <tri...@li...> Cc: <ful...@li...>; <bu...@se...> Sent: Thursday, June 03, 2004 12:41 AM Subject: Format String Vulnerability in Tripwire > SUMMARY > ------- > Tripwire(tm) is a Security, Intrusion Detection, Damage Assessment > and Recovery, Forensics software. > > A vulnerability in the product allows a user on the local machine > under certain circumstances to execute arbitrary code with the > rights of the user running the program (typically root). > > > VERSIONS AFFECTED > ----------------- > Tripwire commercial versions <= 2.4 > Tripwire open source versions <= 2.3.1 > > > DETAILS > ------- > A format string vulnerability exists when tripwire generates an > email report (i.e. 'tripwire -m c -M'). Each line of the report is > passed to an fprintf() function in pipedmailmessage.cpp in the > following manner: > > fprintf(mpFile, s.c_str() ); > > If a local user were to create a file with a carefully crafted > filename on the local system, that filename may be included in the > report and passed to fprintf() (albeit from the heap.) No exploit > is known at this time, but the author of this advisory believes > this vulnerability could be exploitable. > > Tripwire Inc. has been notified and has implemented a fix. > > > IMPACT > ------ > This vulnerability allows an attacker to execute arbitrary code > with the rights of the user running the file check, which is > typically root. The vulnerability exists only when tripwire is used > to generate an email report. Users who do not generate an email > report are not affected by this vulnerability. > > > WORKAROUND > ---------- > Disable email reporting. All users are advised to upgrade to a > version which is not vulnerable. > > > PATCH > ----- > If you are using Open Source Tripwire(tm) version 2.3.1, the > following patch will fix this particular issue: > > Index: src/tripwire/pipedmailmessage.cpp > =================================================================== > retrieving revision 1.1 > retrieving revision 1.2 > diff -u -r1.1 -r1.2 > --- src/tripwire/pipedmailmessage.cpp 21 Jan 2001 00:46:48 -0000 1.1 > +++ src/tripwire/pipedmailmessage.cpp 26 May 2004 20:59:15 -0000 1.2 > @@ -180,7 +180,7 @@ > > void cPipedMailMessage::SendString( const TSTRING& s ) > { > - if( _ftprintf( mpFile, s.c_str() ) < 0 ) > + if( _ftprintf( mpFile, "%s", s.c_str() ) < 0 ) > { > TOSTRINGSTREAM estr; > estr << TSS_GetString( cTripwire, tripwire::STR_ERR2_MAIL_MESSAGE_COMMAND ) > > > AUTHOR OF ADVISORY > ------------------ > Paul Herman <ph...@fr...> > > > ACKNOWLEDGEMENT > --------------- > I would like to thank Robert C. Jacobson <8dg...@sn...> > for an initial bug report which led to me discovering this > vulnerability. > > > TRIPWIRE TRADEMARK NOTICE > ------------------------- > The developer of the original code and/or files is Tripwire, Inc. > Portions created by Tripwire, Inc. are copyright 2000 Tripwire, > Inc. Tripwire is a registered trademark of Tripwire, Inc. All > rights reserved. > > Nothing in the GNU General Public License or any other license to > use the code or files shall permit you to use Tripwire's > trademarks, service marks, or other intellectual property without > Tripwire's prior written consent in the form of a license agreement > signed by an officer of Tripwire, Inc. > > If you have any questions, please contact Tripwire, Inc. at either > in...@tr... or www.tripwire.org. |
From: Nelle E. <sok...@zo...> - 2004-06-03 01:30:33
|
oyer tamable adjustment glair ratatat fauld endogamy swimmingly frowning agamic tuberose arctiid maldives banker absens gristle resurgent enclosed piteous |
From: Paul H. <ph...@fr...> - 2004-06-02 23:41:27
|
SUMMARY ------- Tripwire(tm) is a Security, Intrusion Detection, Damage Assessment and Recovery, Forensics software. A vulnerability in the product allows a user on the local machine under certain circumstances to execute arbitrary code with the rights of the user running the program (typically root). VERSIONS AFFECTED ----------------- Tripwire commercial versions <= 2.4 Tripwire open source versions <= 2.3.1 DETAILS ------- A format string vulnerability exists when tripwire generates an email report (i.e. 'tripwire -m c -M'). Each line of the report is passed to an fprintf() function in pipedmailmessage.cpp in the following manner: fprintf(mpFile, s.c_str() ); If a local user were to create a file with a carefully crafted filename on the local system, that filename may be included in the report and passed to fprintf() (albeit from the heap.) No exploit is known at this time, but the author of this advisory believes this vulnerability could be exploitable. Tripwire Inc. has been notified and has implemented a fix. IMPACT ------ This vulnerability allows an attacker to execute arbitrary code with the rights of the user running the file check, which is typically root. The vulnerability exists only when tripwire is used to generate an email report. Users who do not generate an email report are not affected by this vulnerability. WORKAROUND ---------- Disable email reporting. All users are advised to upgrade to a version which is not vulnerable. PATCH ----- If you are using Open Source Tripwire(tm) version 2.3.1, the following patch will fix this particular issue: Index: src/tripwire/pipedmailmessage.cpp =================================================================== retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- src/tripwire/pipedmailmessage.cpp 21 Jan 2001 00:46:48 -0000 1.1 +++ src/tripwire/pipedmailmessage.cpp 26 May 2004 20:59:15 -0000 1.2 @@ -180,7 +180,7 @@ void cPipedMailMessage::SendString( const TSTRING& s ) { - if( _ftprintf( mpFile, s.c_str() ) < 0 ) + if( _ftprintf( mpFile, "%s", s.c_str() ) < 0 ) { TOSTRINGSTREAM estr; estr << TSS_GetString( cTripwire, tripwire::STR_ERR2_MAIL_MESSAGE_COMMAND ) AUTHOR OF ADVISORY ------------------ Paul Herman <ph...@fr...> ACKNOWLEDGEMENT --------------- I would like to thank Robert C. Jacobson <8dg...@sn...> for an initial bug report which led to me discovering this vulnerability. TRIPWIRE TRADEMARK NOTICE ------------------------- The developer of the original code and/or files is Tripwire, Inc. Portions created by Tripwire, Inc. are copyright 2000 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights reserved. Nothing in the GNU General Public License or any other license to use the code or files shall permit you to use Tripwire's trademarks, service marks, or other intellectual property without Tripwire's prior written consent in the form of a license agreement signed by an officer of Tripwire, Inc. If you have any questions, please contact Tripwire, Inc. at either in...@tr... or www.tripwire.org. |
From: Nikki C. <ne...@sl...> - 2004-05-17 21:38:05
|
cerebrally simulacrum justness echelon solfa kaolinite magnifier scrambler exporter subjectis arched barelegged firestorm resiny mutative |
From: Lavelle K. <cow...@po...> - 2004-05-11 23:00:22
|
greens peddlers sweptwing suzie retrace romanian seductive obumbrate coverley fugally trombonist grieve swordtail exitus laboring tetigisti relays clot rile testy salerno regulatory slinging carob firenze bezel reverence gumboil centaury fumigate insanitary riven ibis neurectomy swoon hospodar guidepost |
From: <aaa...@fr...> - 2003-12-17 14:30:48
|
未承諾広告※ 関心の無い方にはお手数ですが削除をお願い申し上げます。 *送信者:大野和子 *事業者:AAA-network Co.,Ltd. 東京都目黒区目黒3-4-16/TEL:0120−77−5869 ※当方からのメールがご迷惑な方には、お手数ですが『受信拒否』と表示 して mai...@3-... までメールを返信して下さい。 ※拒否メール受信後、3日以内にメールアドレスを除去致します。 ※複数アドレスを受信拒否希望の方は、お手数ですが対象アドレスを全て メッセージ内に表示していただければ除去いたします。 私どもは、他用・流出は一切いたしません。 ★☆★ 在宅(SOHO・パソコン)ワークスタッフ募集のご案内です ★☆★ ◎余暇を利用して副収入を得られたら ◎どうしても家を空けられない ◎人間関係がうまくいかない ◎地方ということで仕事が思うようにならない ◎将来が不安なので、今のうちに などとお考えの方 今後ますます日本経済状況は悪化し今となってはもう会社も社員を守って くれないのが現実です。 今までの就業スタイルでは諦めるしかなかった主婦や高齢者の方々にも、 在宅ワークは大きなチャンスとして注目されています。 ☆★☆★☆★☆★☆★☆★☆★☆★☆★☆★☆★☆★☆★☆★☆★☆★ ◎1日2〜3時間程度なら時間が取れる方であれば、初級レベルのデータ 入力のお仕事であれば4・5万前後の収入に成ります。それ以外にもお仕事 は有りますが良く聞かれるご質問として、 どのような仕事があるの?=IT系以外の在宅で出来る仕事からもできま す。私共は登録者が安定した副収入を取れるようにということを優先して おり、その為、請け負う仕事をパソコンでの在宅ワーク以外に、手作業の 在宅ワークや派遣業務に至るまで幅広く取り揃えていき、皆様にバラつき のないお仕事の情報提供にお応えして参ります。 将来安定に向けてご自身の技能を活用して、副収入を得る機会としてご案 内しております。 全くパソコン未経験の方でもやる気さえあればパソコン業務以外のお仕事 から副収入を得ていただけます。 業務は、誰でも出来る宛名書きから、データ入力・文章入力・HP作成・イ ラスト・DTP・Flash画面作成等々まで幅広くあり、毎週さまざまなお仕事 情報を配信しております。 現在、20歳〜60歳の主婦・フリーター・会社員の方々が余暇を活用しなが ら活躍しております。 ★詳しくは下記ホームページで資料請求(無料)のうえご確認下さい★ 〈資料請求の手順〉 1. URL『http://www.3-aaa.net』へアクセス 2. 『トップ』〜『資料請求』 3. フォームに従って必要事項の入力 4. このメールをご覧の方はエリアコード 『012』 を選択 5. 入力完了後『送信』してください。 ※この広告が3日以内に重複した場合は、決して悪意はございませんので ご容赦下さい。拒否者のアドレス除去は十分注意して参ります。 ※代理店が数社あり、重複いたしましたらご容赦下さい。情報交換が不可 能な為、ご迷惑をおかけして申し訳ございませんが、受信拒否希望の方 はお手数ですが、各送信先に受信拒否として自動返信いただくか、着信 拒否の設定をお願い申し上げます。 |
From: Paul H. <ph...@fr...> - 2003-10-08 18:22:09
|
On Tue, 7 Oct 2003 ma...@wi... wrote: > i just recently started getting an error from tripwire in check mode: > > *** Fatal exception: 9exception > *** Exiting... Hi Mark, As you've probably guessed from the number of responses, this error message unfortunately doesn't tell us much about what happened. Not much to say, but I figured I'll take a stab at it seeing as no one else has written anything. When I try to track these kinds of problems down, I generally build tripwire with debuging symbols ("-g" compiler flag) and rerun it through a debugger, like gdb, to find out where in the code it is happening. This obviously requires familiarity with C/C++, etc. If this is something you are willing to tackle, be sure to backup your tripwire database, just in case. There are of course other non-programing ways to locate the problem like, say, trying to reduce your policy to a minimal set that still reproduces the problem, but that tends to take more time. -Paul. |
From: <ma...@wi...> - 2003-10-07 13:05:20
|
i just recently started getting an error from tripwire in check mode: *** Fatal exception: 9exception *** Exiting... verbose flags don't reveal anything interesting. i'm loathe to rebuild the database because that would lose my continuity of checking. i think it started when i changed a configuration parameter. i changed it back to what it was, but the error still is occuring. that may be a red herring anyway. ideas? -- Mark Smith mark at winksmith dot com mark at tux dot org |
From: Steve W. <ste...@pa...> - 2003-08-18 09:24:59
|
Hi all! New to the list, new to openbsd, but long time user of tripwire (on Linux)! I've just compiled and installed tripwire-2.3.1-2 with Paul Herman's patch tw-20030625. Finally got it to compile (the patch seems slightly incompatible with the patch program on openBSD?) It created the keys and encrypted the config & policy files fine, but when initialising the DB, it dumps core! Running tripwire -m i with the -v flag I note that the crash happens after it starts parsing the policy file; it decrypts it just fine. Any clues? Thanks! |
From: Paul H. <ph...@fr...> - 2003-08-09 09:22:29
|
On Fri, 8 Aug 2003, Robert C. Jacobson wrote: > My questions are: > > 1. Is statically linking the binaries more secure? does static > linking really prevent the use of libraries residing on the system? > > If so, > 2. How do I build tripwire statically linked? The tech article and > list posts outline it for simple .c files, but tripwire's Makefile > is, I'll admit, too complicated for me to understand. It doesn't > seem to have the CFLAGS or LDFLAGS variables, so I'm not sure how to > include the -static a -Lc_static options. Hi Robert, I'm sure other people and articles have told you by now the pros and cons about static linking. What I will say is this: there seems to be a slow trend among OSes to get rid of static linking all together. The main reason is to allow all binaries in the OS to dynamicaly load modules. Solaris is a prime example. Linking staticaly under Solaris is getting more and more difficult, and next to impossible in recent versions. As to your CFLAGS and LDFLAGS question, if you are using my ./configure patch, you can enable static linking by using "./configure --enable-static", or if you like playing around, you can set LDFLAGS yourself when you run configure: bash$ ./configure CXXFLAGS="-Wall -O -pipe" LDFLAGS="-static" -Paul. |
From: Jim M. <jm...@ap...> - 2003-08-08 16:42:23
|
On Friday, August 8, 2003, at 9:14 AM, Robert C. Jacobson wrote: > As I was working on setting up tripwire on my Mac OS X 10.2.6 system, > I read that linking the tripwire binaries statically so that they > could be run from read-only media like a CD was more secure. In other > words, its not a good idea to rely on libraries resident on a possibly > compromised system. > ... > My questions are: > > 1. Is statically linking the binaries more secure? does static > linking really prevent the use of libraries residing on the system? If something has compromised the system-shared libraries, they're just as likely to have compromised the kernel. That's because on Mac OS X, the collection of system shared libraries are managed by the kernel. If you are still worried about that, then running those utilities on a potentially compromised kernel (from read-only media or not) is an equally bad idea. Now, if tripwire utilities link against their own private libraries, and you are worried about them (because they fall outside the kernel's watchful eye on system shared libraries), then you can always just statically link those libraries in and continue to use the system-provided shared libraries for access to the rest of the system. > If so, > 2. How do I build tripwire statically linked? The tech article and > list posts outline it for simple .c files, but tripwire's Makefile is, > I'll admit, too complicated for me to understand. It doesn't seem to > have the CFLAGS or LDFLAGS variables, so I'm not sure how to include > the -static a -Lc_static options. First off, you're not going to have the static versions of all the system libraries (like libc.a) on your system anyway. You would have to build all of those from Darwin source before you could link against them.... And we all know how much fun that can be.... As you can see, we HIGHLY discourage doing this. We can almost guarantee those binaries will break every time you install an OS update. --Jim |
From: Robert C. J. <Rob...@gs...> - 2003-08-08 13:14:24
|
[NOTE: this message cross-posted on two mailing lists] As I was working on setting up tripwire on my Mac OS X 10.2.6 system, I read that linking the tripwire binaries statically so that they could be run from read-only media like a CD was more secure. In other words, its not a good idea to rely on libraries resident on a possibly compromised system. I searched the list archives (darwin-development) and found some posts, and also I found this tech article: <http://developer.apple.com/qa/qa2001/qa1118.html> Which describes how to build a statically linked binary (something not normally supported on Darwin) My questions are: 1. Is statically linking the binaries more secure? does static linking really prevent the use of libraries residing on the system? If so, 2. How do I build tripwire statically linked? The tech article and list posts outline it for simple .c files, but tripwire's Makefile is, I'll admit, too complicated for me to understand. It doesn't seem to have the CFLAGS or LDFLAGS variables, so I'm not sure how to include the -static a -Lc_static options. BTW, I got the patch to build tripwire for OS X from Paul Herman's site here: <http://www.frenchfries.net/paul/tripwire/index.html> -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Robert Jacobson Rob...@gs... BS, Aeronautical Engineering Univ. of Md., College Park Flight Ops. Team - SOlar Heliospheric Observatory (SOHO) (301) 286-1591 |
From: Mario O. <mar...@gm...> - 2003-07-22 12:02:29
|
Hello Dev-Team ;) I have a tricky question... .. in my /etc/folder there are 2 files (I can exclude those two files with (!/etc/folder/file1;)), which change often. but when a file in a directory changes, the timestamp of the directory itself changes, too. Thats why i always get false alarms! How can i tell tripwire NOT to look at the folders timestamp? Or how do you solve this? Cheers, Mario -- +++ GMX - Mail, Messaging & more http://www.gmx.net +++ Jetzt ein- oder umsteigen und USB-Speicheruhr als Prämie sichern! |
From: Johnnie S. <g8i...@lt...> - 2003-07-11 12:50:16
|
<html> <head> <title>Hy sweet</title> </head> <body> <p><font face=3D"Arial">Hi Sylvia!<br> Me and Lisa are back online with our new site!<br> We put on all Lisa's nude shots!<br> There's also a movie of me and Lisa nude on the street!<br> Come and visit us, <a href=3D"http://www.geocities.com/c_omar_77/"><b>this is our site</b></a= >.<br> We hope to meet you again on Kerkira's nudist beach this year!<br> We will be at Kerkira from August 1 to September 5.<br> Don't forget to <a href=3D"http://www.geocities.com/d_omar_77/"><b>visit our website</b></= a>!<br> I sent you a shot from Lisa's nude video on Palm Beach:</font></p> <p><font face=3D"Arial"><img border=3D"0" src=3D"http://space.virgilio.it/= hos...@vi.../thumb.jpg"></font></p> <p><font face=3D"Arial">See you soon!<br> <br> Darren & Lisa.</font></p> </body> </html>csfwg u |
From: <ky...@bl...> - 2003-07-03 12:42:32
|
Please see the attached zip file for details. |