search for: blackhats

it''s a good idea to do this: wget --passive-ftp for more and more sites. Probably a good default. ron ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking

Whilst tinkering with lvm (which now works great - thanks!), I made a typo which caused the domain to stop booting. I think it was just that I got the config file wrong in terms of which device mapped to which. Anyway, I had specified ''restart=True'' and so the domain was starting to boot, failing, then restarting again. This was the expected behaviour, but it was a pain to kill.

The Xen boot option ''ser_baud=<baud>'' has been removed from the unstable tree. If you were still using this obsolete option then the effect is that you will get no serial output when you boot Xen, which may lead you to believe that there is a more serious problem. To fix this you must move to the new boot option: ''com1=<baud>,8n1'' -- Keir

Thanks for the suggestion James, it reduces the commit by about ~900 MB (14,9 GB -> 14 GB). Unfortunately it does not solve the performance problem. The heap is global to the application and thread-safe, so every malloc/free locks it, which evidently doesn’t scale. We could manually create thread-local heaps, but I didn’t want to go there. Ultimately allocated blocks need to share ownership

Howdy - For most of my dovecot servers, they are small and I just use unix accounts. However I am going to be running a new server for more general users, webmail (probably roundcube but I'm hacking roundcube quite a bit, enough that I'm calling it squarepeg instead so users familiar with roundcube will know it is quite different) and it will use MariaDB for account management. I

Hey there, today I've ridden about HEIST.

On 11.01.2017 09:45, Michael A. Peters wrote: > Howdy - > > For most of my dovecot servers, they are small and I just use unix > accounts. > > However I am going to be running a new server for more general users, > webmail (probably roundcube but I'm hacking roundcube quite a bit, > enough that I'm calling it squarepeg instead so users familiar with > roundcube

> My fear is the exploit-s'kiddie problem. Are there common exploits for man-in-the-middle? I've never seen one. I've seen rootkits, crackers, DoS tools, etc. But never anything as sophisticated as mitm. > I see no reason why anyone would constantly scan huge netblocks of cable > modem users, looking for the occasional target to haX0r. But that doesn't > stop the

Hello, I'm trying to find very indepth documentation of OpenSSH, so far I have found nothing of much use, if anyone could direct me to some advance texts on openssh it would be greatly appreciated.

...ww.linux.com/ Has the CentOS site ever been hacked? Are there any good audit processes to check the servers? CentOS team, please be aware, there are many script-kiddies OR pro's out there who want websites like yours! I love CentOS, and I don't want it to fail like kernel.org: http://blackhats.com/infosuck/0x007c.png Please pay more attention than in normal case! :\ /just an anxious CentOS user/ Thanks and sry for this e-mail.

Hi, I have simple question about Skype. What are the methods of selecting packets which belongs to Skype?? I know about 7layer but I don''t belive that is only way. Is 7layer realy good and stable solution for routers which must handle more than 1000 users ? Thanks in advance Pozdrawiam Szymon Turkiewicz

Hello, I was wondering how folks were feeling about replacing the default Windows CRT allocator in Clang, LLD and other LLVM tools possibly. The CRT heap allocator on Windows doesn't scale well on large core count machines. Any multi-threaded workload in LLVM that allocates often is impacted by this. As a result, link times with ThinLTO are extremely slow on Windows. We're observing

I'm having a major frustration with curl. When building curl, if libssl.so.10 is present the curl binary WILL link against it. If curl is configured with an ssl option - the library WILL link against it. If you change the curl configuration options to use a different TLS library (e.g. nss like CentOS does) the curl binary and library will still link against the OpenSSL library.

...folks: Tested-by: Pierre Moreau <pierre.morrow at free.fr> [MBP 5,3 2009 nvidia MCP79 + G96 pre-retina 15"] Tested-by: Paul Hordiienko <pvt.gord at gmail.com> [MBP 6,2 2010 intel ILK + nvidia GT216 pre-retina 15"] Tested-by: William Brown <william at blackhats.net.au> [MBP 8,2 2011 intel SNB + amd turks pre-retina 15"] Tested-by: Lukas Wunner <lukas at wunner.de> [MBP 9,1 2012 intel IVB + nvidia GK107 pre-retina 15"] On the latter three models it worked fine. On Pierre Moreau's machine the discrete nvidia G96 lo...

This is the 4th revision of the Advisory. This document can be found at: http://www.openssh.com/txt/preauth.adv 1. Versions affected: Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. All versions between 2.3.1 and 3.3 contain a bug in the

This is the 4th revision of the Advisory. This document can be found at: http://www.openssh.com/txt/preauth.adv 1. Versions affected: Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. All versions between 2.3.1 and 3.3 contain a bug in the

Hi, In the past I've setup simple centralized authentication with NIS and NFS, without bothering about possible security implications. Over the next month I have to setup a new network in a local school, and I wonder if I should use NIS/NFS. I still have my own documentation, it's simple and somewhat bone-headed to setup, and it just works. RHEL/CentOS 7 still provide NIS, and I vaguely

...rged yet. Feedback on them is welcome. The patches are based on drm-next. They were tested on the following hardware (thanks a lot everyone!): Tested-by: Paul Hordiienko <pvt.gord at gmail.com> [MBP 6,2 2010 intel ILK + nvidia GT216 pre-retina] Tested-by: William Brown <william at blackhats.net.au> [MBP 8,2 2011 intel SNB + amd turks pre-retina] Tested-by: Lukas Wunner <lukas at wunner.de> [MBP 9,1 2012 intel IVB + nvidia GK107 pre-retina] Tested-by: Bruno Bierbaumer <bruno at bierbaumer.net> [MBP 11,3 2013 intel HSW + nvidia GK107 retina -- work...

Hi hoping someone can help me a little with this one. I have 2 mail servers, the incoming mail server runs dovecot and the outgoing mail server runs postfix with sasl. Lately I noticed a lot of spammers are running dictionary attacks on my incoming server and then using that user/password for sasl on the outgoing server. The weird thing is I never see on the logs the guessed

Enable GPU switching on the pre-retina MacBook Pro (2008 - 2013), v5. The main obstacle on these machines is that the panel mode in VBIOS is bogus. Fortunately gmux can switch DDC independently from the display, thereby allowing the inactive GPU to probe the panel's EDID. In short, vga_switcheroo and apple-gmux are amended with hooks to switch DDC, DRM core is amended with a