MarcoP 2017-01-31 13:47:30
nacc I got i downloaded thanks
MarcoP 2017-01-31 13:47:33
it
pos 2017-01-31 13:57:54
multiple vulnerabilities in tcpdump: CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984,
pos 2017-01-31 13:57:59
CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, CVE-2017-5486
Ben64 2017-01-31 13:58:06
pos: can you not
k1l_ 2017-01-31 13:59:01
pos: if there are patches for thos issues, than the security team will patch the ubuntu packages. look at ubuntu.com/usn
pos 2017-01-31 13:59:02
oh, I'm sorry. there is a root RCE vuln in a package and I listed the CVEs
pos 2017-01-31 13:59:20
k1l_, there are, debian fixed this almost a week ago
Ben64 2017-01-31 13:59:30
pos: you keep coming in here and pasting a bunch of CVEs, I'm not sure what you think that accomplishes
k1l_ 2017-01-31 13:59:52
pos: use the cve tracker on the site i mentioned
wedgie 2017-01-31 14:00:00
debian released patches Sunday. Give it a few days
pos 2017-01-31 14:00:00
yesterday I came in here and reminded you that there were multiple vulns in openssl
Ben64 2017-01-31 14:00:13
this isn't the place for that
nacc 2017-01-31 14:00:20
pos: this is the support channel, not the developer channel, and the security team is presumably aware
k1l_ 2017-01-31 14:00:41
pos: this is the community support channnel. canonical got a security team. use the site i linked to get to know the status of cves.
pos 2017-01-31 14:00:45
new openssl packages arrived today, as to whether this is a result of me nagging I don't know
k1l_ 2017-01-31 14:00:56
pos: no its not.
nacc 2017-01-31 14:00:57
pos: it's not.
theskilltest 2017-01-31 14:01:16
i setup znc on my ubuntu box, but i go to https://ip:port that i set it up to, and it doesn't connect
k1l_ 2017-01-31 14:01:46
theskilltest: dont use https to connect
theskilltest 2017-01-31 14:02:02
ERR_CONNECTION_REFUSED
k1l_ 2017-01-31 14:02:02
use just ip:port.
theskilltest 2017-01-31 14:02:13
it must be firewall
k1l_ 2017-01-31 14:02:28
theskilltest: homenetwork?
theskilltest 2017-01-31 14:02:40
its a linode vps
wedgie 2017-01-31 14:02:46
or the service isn't acutally running. ''sudo netstat -tnl'' do you see the port listening?
wedgie 2017-01-31 14:03:00
theskilltest: ^^
theskilltest 2017-01-31 14:03:42
https://i.imgur.com/VTOy3oJ.png
theskilltest 2017-01-31 14:03:52
5678, yep i know its running cuz it connected to some irc channels
k1l_ 2017-01-31 14:04:00
pos: if you find a cve not already tracked there file a bugreport and link the cve there.
pos 2017-01-31 14:04:23
k1l_, i've tested ten of them, none seem to be tracked
dax 2017-01-31 14:04:33
http://people.canonical.com/~ubuntu-security/cve/pkg/tcpdump.html begs to differ
pos 2017-01-31 14:04:44
http://people.canonical.com/~ubuntu-security/cve/?pkg=tcpdump lists nothing for me
theskilltest 2017-01-31 14:04:57
hmmm tcp6?
tatertots 2017-01-31 14:04:58
theskilltest: make sure accessing a GUI/x is included in the linode plan you have.... :)
dax 2017-01-31 14:05:20
the security team, unsurprisingly, keeps track of pending CVEs. they do not particularly need someone manually keeping track of something they are doing automatically
theskilltest 2017-01-31 14:05:31
a gui? the znc you access it just by ip:port via web browser
k1l_ 2017-01-31 14:06:02
theskilltest: did you try to restart znc to make sure it uses the correct state of config?
theskilltest 2017-01-31 14:08:29
interesting. sudo service znc restart Failed to restart znc.service: Unit znc.service not found.
theskilltest 2017-01-31 14:09:12
but its running somehow, lol its idling in channels as we speak
theskilltest 2017-01-31 14:09:57
https://i.imgur.com/bdbzI66.png
k1l_ 2017-01-31 14:10:00
theskilltest: wait, that is only listening on ipv6 on that port
theskilltest 2017-01-31 14:10:14
yea that would be a problem i think
Ben64 2017-01-31 14:10:38
check with nmap
k1l_ 2017-01-31 14:12:12
theskilltest: look at your znc config
theskilltest 2017-01-31 14:12:34
4 and 6 were set to true, so im now setting ipv6 to false
k1l_ 2017-01-31 14:13:37
if you set listener6 than it will only use ipv6
theskilltest 2017-01-31 14:14:01
how do i kill this znc process so i can start it again
theskilltest 2017-01-31 14:14:13
pkill or something
wedgie 2017-01-31 14:14:55
does it not have a startup script? ''sudo sytemctl restart znc.service'' or something lik ethat?
theskilltest 2017-01-31 14:15:29
nope, i guess that part isn't setup
k1l_ 2017-01-31 14:15:57
didnt you use the repo package?
theskilltest 2017-01-31 14:16:40
i used apt-get znc
theskilltest 2017-01-31 14:17:12
then i ran znc --makeconf
theskilltest 2017-01-31 14:17:52
BOOM tcp 0 0 0.0.0.0:5678 0.0.0.0:* LISTEN
theskilltest 2017-01-31 14:18:01
but still ERR_CONNECTION_REFUSED
theskilltest 2017-01-31 14:18:13
its got to be iptables or something
Ben64 2017-01-31 14:18:22
check with nmap
theskilltest 2017-01-31 14:20:45
nmap https://i.imgur.com/fkSIjk5.png
Ben64 2017-01-31 14:21:07
you know, paste.ubuntu.com exists
Ben64 2017-01-31 14:21:14
and there you go, port closed
theskilltest 2017-01-31 14:21:56
how do i open the port, these iptable commands are confusing
theskilltest 2017-01-31 14:22:02
i tried iptables -A
Ben64 2017-01-31 14:22:10
closed means nothing is listening on that port
theskilltest 2017-01-31 14:22:54
hmm but thats not what sudo netstat -tnl is saying on the server
wedgie 2017-01-31 14:23:01
or that it is being rejected by a firewall
Ben64 2017-01-31 14:23:13
wedgie: that'd be "filtered"
wedgie 2017-01-31 14:23:42
Ben64: there's a difference between -j DROP and -j REJECT. REJECT results in "connection refused"
k1l_ 2017-01-31 14:24:13
theskilltest: are you sure the pw you use is correct for znc? did you check the config?
theskilltest 2017-01-31 14:24:23
http://paste.ubuntu.com/23902794/
wedgie 2017-01-31 14:24:31
theskilltest: what does ''sudo iptables -L'' show?
k1l_ 2017-01-31 14:24:50
theskilltest: http://wiki.znc.in/FAQ#Why_do_I_get_an_.22Incorrect_Password.22_every_time_I_connect_even_though_my_pass_is_correct.3F
theskilltest 2017-01-31 14:25:33
wedgie http://paste.ubuntu.com/23902797/
wedgie 2017-01-31 14:26:22
theskilltest: ok, the problem is that the ACCEPT rules for 5678 are after the REJECT rules for everything
theskilltest 2017-01-31 14:27:28
does this iptables live in a file somewhere i can rearrage
wedgie 2017-01-31 14:28:25
yes, but i'm having trouble finding out where... one sec
theskilltest 2017-01-31 14:31:23
http://unix.stackexchange.com/questions/146349/move-iptables-rule-w-o-removing-and-adding
wedgie 2017-01-31 14:31:31
theskilltest: there they are. Seems to be in /etc/ufw
wedgie 2017-01-31 14:33:03
my goodness, for being the "Uncomplicated FireWall" they sure didn't make this straightforward
litupbrains 2017-01-31 14:34:53
hey guys..this is a kali linux question..=)..what is a release file?and how do i get one..?my apt-get update isn't updating the repo..
xangua 2017-01-31 14:35:20
litupbrains: this is no Kali channel
pc_ 2017-01-31 14:35:39
thunderbird mail works with protonmail? i tried and failed.
xangua 2017-01-31 14:35:48
And last I knew Kali was abandonware
theskilltest 2017-01-31 14:36:10
BOOM working =]
litupbrains 2017-01-31 14:36:27
xangua: yeah just thought id try though..if anyone could help me, do pm..thanks in advance..cheers to all!=)
wedgie 2017-01-31 14:36:30
xangua: when did that happen?
xangua 2017-01-31 14:36:56
wedgie: no idea? Who cares? This is #Ubuntu?
wedgie 2017-01-31 14:37:30
xangua: sure, but not need to give misinformation.
wedgie 2017-01-31 14:37:54
litupbrains: they do have their own channel
xangua 2017-01-31 14:38:04
pc_: don't know about proto mail, Thunderbird works fine with my Gmail/IMAP setup
pc_ 2017-01-31 14:38:19
I see, thank you.
pc_ 2017-01-31 14:38:28
i will stick with the browser.