similar to: security in samba

ALL, Our Primary DNS has been broken into twice in the last week. The first time it happened I noticed the hacker used named for means of gaining entry. This guy was good at hiding his/her tracks so we reinstalled the OS and left a minimum install to see if it was done again. We logged all goings on from a secure remote machine. We got the hacker''s IP address and even some of what

Dave CB: I reconfigured the mail client on the shared dial up computer at the school to read the latest samba articles. I apparently made a typo. The email address is hhacker@calweb.com. The school, Kit Carson Middle School is NOT a university. If it were a university, it would have Internet access besides a lame dial up. Its a 6/7/8 grade school in a slightly worse off section of town.

I can't answer any of this, but the following was taken from a thread on the "Novell Technology Transfer Partners List <NOVTTP@LISTSERV.SYR.EDU>" and passed over to me by my boss... Any comments/refutations/etc most definitely accepted... Please note that *I'm* the Senior Unix Systems Administrator at the University I work at, and have been moving us towards Samba since I

Hi folks I'm new to Dovecot. I'm wonderng if it's a way that dovecot delete a message just after the DELE POP3 command and not just mark the message for deletion and wait until the QUIT command is received. The main reason is for slow and unstable links fetching mail this is madness. Any suggestions? David

This morning someone tried to make sip call through my Asterisk. My server just drop these calls and record them in CDR with IP address: 2012-11-28 06:30:51 SIP/216... 1000 "1000" <1000> Hangup 999011972592249388 ANSWERED 00:01 Hacker: 168.63.67.239 2. 2012-11-28 06:30:49 SIP/216... 1000 "1000" <1000> Hangup 88011972592249388 ANSWERED 00:01 Hacker:

Everyone, This morning I received a notice from PayPal that one of our sites got hacked and was spoofing a PayPal web site. When I checked the the site, I was surprised to find they were correct. About 5 days a go we had a server that got hacked and somehow the file paypal.com.tar got uploaded to our server and then stored in a a subdirectory of /var/www/. I had previously started a mysqld

How much latency are we talking about? It seems that this issue cannot be easily pinpointed, but if it turns out to be related to the Speex Resampler let me know and I will put it on my task list. - Sherief -----Original Message----- From: speex-dev-bounces at xiph.org [mailto:speex-dev-bounces at xiph.org] On Behalf Of Colin Guthrie Sent: Monday, December 06, 2010 9:47 AM To: speex-dev at

It's at this point where I think about filing a full bug report with llvm. Any hints before I do? On Mon, Jan 07, 2019 at 04:00:02PM -0500, Shawn Webb wrote: > It looks like this commit breaks CSU initialization with > statically-compiled applications. > > With a very simple application at [1], compiled with: > cc -g -O0 -flto -static -o pid pid.c > > The application

If you can produce a simple minimal repro that exhibits this issue on some procedural signal (sine wave, etc) I'd love to look into it some more - I'm maintaining a hardened version of the Speex Resampler and would be very concerned if this bug made it into production. - Sherief -----Original Message----- From: speex-dev-bounces at xiph.org [mailto:speex-dev-bounces at xiph.org] On

Thanks for providing the patch! I got around to testing it this morning and it appears it fixes compilation, but produces a non-working system. I know that's kinda vague and I'll have more details soon, including sample binaries. I at least wanted to give a status update so you didn't think you were being ignored. Thanks, -- Shawn Webb Cofounder and Security Engineer HardenedBSD

Hello, I would like to use Public Key authentication with OpenSSH. I am trying to use a public / private key set created using CA.pl. http://www.openssl.org/docs/apps/CA.pl.html I am not sure but I think my OpenSSL keys will not work until some conversion takes place. I was able to get them working between Windows (Putty.EXE) and my SSHD server but PuttyGen.EXE converted the public keys

I'd like to have an extension "join" a call. That is, C can join A and B, just as if it were an analog extension phone. ChanSpy works, sort of. The problem is that once A or B hangs up, the channel is gone. With an analog extension, C would remain connected with B if A hung up. Can I throw A and B into a confbridge and then add C? Create a new channel that grabs the A

Time for some all time pimpage folks. Me and Matt Pelletier wrote a small PDF book on Mongrel entitled: "Mongrel: Serving, Deploying, and Extending Your Ruby Applications" since we really wanted you to know what it was about. It''s published by Addison Wesley Professional, has just over 100 pages of goodness, and is available for $14.99 at: http://safari.oreilly.com/0321483502

Hola: En el trabajo tengo que montar acceso a investigadores a uno de los servidores de cálculo de la unidad, y he conseguido ya montar un R dentro de una jaula ssh con JailKit (chroot). http://olivier.sessink.nl/jailkit/ https://launchpad.net/jailkit Ahora bien, quería probar que los usuarios pudieran también abrir alguna GUI al conectarse con ''ssh -X foo@server'' (por

Hello May i please know if asterisk is now supporting sip call encryption. It has been a requirement from one of my client to ensure that all conversation is well secured from any potential sniffers or inside hackers Please help or suggest any solution that you feel may help Kind regards Sam

I would like to have a list of IPs (hacker list) that I can do a lookup on so that if anyone tries to authenticate to dovecot they always fail if they are on my list. I have the list - and the list is available as a DNS blacklist. I'd like to have it work with both local IP lists or RBL lookup. The idea is so hackers from known IP addresses never succeed. If Dovecot provides the feature

在 2017年04月26日 16:51, Simon Dardis 写道: > Hi Leslie, > > I've been seeing those failures as well (I own those buildbots). Like yourself, I'm a bit > uncertain as to why they're occurring. I'm currently investigating. I suspect it's a case > that the build directory has gone stale. Perhaps! and buildbots cover how many LLVM Backend targets? thanks! > >

Hi All. If I were to enable samba on the internet facing side of my system, what security issues would I face. Does the list think that it is a bad idea and security will be badly compramised? What other methiods of file sharing over the internet should I look at, given that all the users are not really robust... a

Hey Peter, Here you go! https://hardenedbsd.org/~shawn/2018-11-28_reproduce-01.tar Thanks, -- Shawn Webb Cofounder and Security Engineer HardenedBSD Tor-ified Signal: +1 443-546-8752 Tor+XMPP+OTR: lattera at is.a.hacker.sx GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE On Wed, Nov 28, 2018 at 05:30:57PM -0800, Peter

Hello debug-info fans, There has been a lot of activity in the debug-info area lately, and I was wondering if there's interest in a BoF session this April. Alternatively we could just have a hacker-lab table again, which worked out pretty well at the last US meeting. Some potential discussion topics for the BoF/table could be: * Improving debugging of optimized code ** Defining what -Og