Log in

No account? Create an account
Linux Community's Journal
[Most Recent Entries] [Calendar View] [Friends View]

Tuesday, May 13th, 2008

Time Event
Debian OpenSSL Vulnerability
If you're running Debian or a Debian-derived Linux system such as Ubuntu, take note: a security vulnerability was introduced into OpenSSL in September, 2006. Any keys you've generated since that time are potentially guessable.

For the inexperienced, here are the commands you should run at a bare minimum in order to fix it:

apt-get update
apt-get install openssl libssl0.9.8
rm /etc/ssh/ssh_host*
apt-get install openssh-server --reinstall

You should also destroy and recreate all your user keys if you don't know they were created either before September 2006 or on something that isn't Debian.

I'm probably leaving stuff out, but I'm sure the more experienced of the people in this community will correct me.
SpamAssassin AWL query
I'm using SpamAssassin 3.2.3 w/ Perl 5.8.8 on Linux.

Collapse )

I had already discovered VBounceRuleset, but they told me how to take advantage of it.

I just had to stick a line with whitelist_bounce_relays mymailserver1 mymailserver2 mymailserver3 [...] in my user_prefs (or local.cf, but since I'm not the sysadmin I had to use user_prefs) in order to activate the bounce-checking rule. Then I added the following to my .procmailrc just before the rules that can spam into its own mailboxes.

* ^X-Spam-Status:.*ANY_BOUNCE_MESSAGE.*

And now I'm backscatter free! Yay!

Current Mood: bouncy

<< Previous Day 2008/05/13
Next Day >>
About LiveJournal.com