AW: apt-source (was Re: [zorp] Zorp Pro 2.0, post-installation)

Dominik Oestreicher zorp@lists.balabit.hu
Wed, 3 Dec 2003 09:31:44 +0100 

Hi,

to install and configure Zorp is not an easy thing, so no question is to =
easy with this software ;-)
I have added following line into my last installation:

deb https://<user>:<password>@apt.balabit.hu/zorp-os/ 2.1 zorp-os zorp =
zorp-common zms zms-gui zms-gui-common zms-agent satyr zas

Additionally I had to add

Acquire::https::Peer-Verify-Level "0";

into the /apt/apt/apt.conf (or something like that) file because I =
received an error message about an untrusted certificate.

At the moment I try to get the new virusbuster module running, but =
without success.

One problem I ran into lately where a configuration mistake with a =
transparent proxy. Hint: Do not use the same port for "proxy port" and =
"rule port" when creating a transparent listener.
It will not work and the error message will not really help ;-)

Regards
Dominik

> -----Urspr=FCngliche Nachricht-----
> Von: Michael D. (Mick) Bauer [mailto:darth.elmo@wiremonkeys.org]
> Gesendet: Dienstag, 2. Dezember 2003 22:57
> An: zorp@lists.balabit.hu
> Betreff: apt-source (was Re: [zorp] Zorp Pro 2.0, post-installation)
>=20
>=20
> Hi, Major.
>=20
> Bazsi just gave me a username & password for the apt-source site. What
> should my new sources.list entry look like? (Pardon the=20
> newbie question,
> but I don't use Debian often.)
>=20
> Thanks,
> Mick
>=20
>=20
> > On Tue, 2003-12-02 at 04:33, Michael D. (Mick) Bauer wrote:
> >> By changing the OUTPUT default policy on my firewall to=20
> ACCEPT, I was
> >> able to connect from my ZMS client (actually I could've=20
> achieved the
> >> same thing by leaving it at DROP but by inserting an "accept
> >> established" rule in the OUTPUT chain, right? And shouldn't that be
> >> the default?).
> >
> >    Yes, it should be the default. (also by default we don't use DROP
> > rule on OUTPUT chain)
> >
> >> But immediately after successful authentication, I=20
> received the error
> >> "Request: missing or invalid type", and my ZMS client quit.
> >
> >   It seems like you use zms-engine from the 2.0 series. Zms=20
> client for
> > windows is not available from the 2.0 series, but from the=20
> 2.1. These
> > are incompatible, so you have to upgrade your zms-engine to 2.1. The
> > upgrade is available from the apt.balabit.hu apt-source,=20
> but it require
> > username/password.
> >
> >   BTW: can you tell me the version of your installation CD? You can
> > check it by booting from it, and pressing F9 on the=20
> bootscreen, or mount
> > it on a working machine and view the file=20
> /cdrom/isolinux/version.scr.
> >
> > MCS
> >
> >
> >
> > _______________________________________________
> > zorp mailing list
> > zorp@lists.balabit.hu
> > http://lists.balabit.hu/mailman/listinfo/zorp
>=20
>=20
> /-------------------------------------------------\
> | Michael D. (Mick) Bauer                         |
> | Hired Goon Specializing in Information Security |
> | Security Editor, Linux Journal                  |
> | Dir. of Value-Subtracted Svcs., Wiremonkeys.org |
> \-------------------------------------------------/
>=20
>=20
> _______________________________________________
> zorp mailing list
> zorp@lists.balabit.hu
> http://lists.balabit.hu/mailman/listinfo/zorp
>=20