search for: countermeasurements

On Wed, Jan 09, 2019 at 08:17:31PM +0530, Pankaj Gupta wrote: > This patch series has implementation for "virtio pmem". > "virtio pmem" is fake persistent memory(nvdimm) in guest > which allows to bypass the guest page cache. This also > implements a VIRTIO based asynchronous flush mechanism. At Pankaj's request I looked at information leak

On 04.02.19 23:56, Michael S. Tsirkin wrote: > > On Wed, Jan 09, 2019 at 08:17:31PM +0530, Pankaj Gupta wrote: >> This patch series has implementation for "virtio pmem". >> "virtio pmem" is fake persistent memory(nvdimm) in guest >> which allows to bypass the guest page cache. This also >> implements a VIRTIO based asynchronous flush

Hi Michael, Thanks for looking into this and summarizing in detail. > > This patch series has implementation for "virtio pmem". > > "virtio pmem" is fake persistent memory(nvdimm) in guest > > which allows to bypass the guest page cache. This also > > implements a VIRTIO based asynchronous flush mechanism. > > > At Pankaj's request

Hello, My team and I have recently published an LLVM-based tool at “Cryptography and Security in Computing Systems 2016” (CS2), and we would like to add it on the list of LLVM related publications. The goal of our tool is to automatically protect the code being compiled against fault injection attacks *Title:* Compilation of a Countermeasure Against Instruction-Skip Fault Attacks Available

I am running a Rails 4 app in semi-production and I constantly get exceptions from crawler bots that use a HEAD HTTP method, which causes the CSRF protection to kick in. Shouldn''t HEAD requests normally be handled like GET requests? I am not sure if I''m just being stupid or that hit is a bug somewhere. Michiel -- You received this message because you are subscribed to the

Portable OpenSSH 2.5.2p2 is now available from the mirror sites listed at http://www.openssh.com/portable.html Security related changes: Improved countermeasure against "Passive Analysis of SSH (Secure Shell) Traffic" http://openwall.com/advisories/OW-003-ssh-traffic-analysis.txt The countermeasures introduced in earlier OpenSSH-2.5.x versions caused interoperability problems with

Portable OpenSSH 2.5.2p2 is now available from the mirror sites listed at http://www.openssh.com/portable.html Security related changes: Improved countermeasure against "Passive Analysis of SSH (Secure Shell) Traffic" http://openwall.com/advisories/OW-003-ssh-traffic-analysis.txt The countermeasures introduced in earlier OpenSSH-2.5.x versions caused interoperability problems with

Hi, I have the SSH Terrapin Prefix Truncation Weakness on Red Hat Enterprise Linux release 8.7 (Ootpa). The details are as follows. # rpm -qa | grep openssh openssh-8.0p1-16.el8.x86_64 openssh-askpass-8.0p1-16.el8.x86_64 openssh-server-8.0p1-16.el8.x86_64 openssh-clients-8.0p1-16.el8.x86_64 # cat /etc/redhat-release Red Hat Enterprise Linux release 8.7 (Ootpa) # SSH Terrapin Prefix Truncation

You might find RedHat's CVE page on this useful: https://access.redhat.com/security/cve/cve-2023-48795 On Tue, Jan 23, 2024 at 10:04?AM Kaushal Shriyan <kaushalshriyan at gmail.com> wrote: > Hi, > > I have the SSH Terrapin Prefix Truncation Weakness on Red Hat Enterprise > Linux release 8.7 (Ootpa). The details are as follows. > > # rpm -qa | grep openssh >

Hi all, Over the past 10 years, there has been some discussion and several patches concerning keystroke timing being revealed by the timing of openssh packet network transmission. The issue is that keystroke timing is correlated with the plaintext, and openssh users expect their communications to be kept entirely secret. Despite some excellent ideas and patches, such as Jason Coit's

Hi, I'm a student who is going to make a countermeasure for dangling pointers in c for his thesis. I need to make my source transformation using llvm. Nobody in my university already used LLVM. I already read a some documentation about llvm but i'm still lost. Do there exist some " examples/Tutorials" for making small source transformations. Or is there somebody who can help

An interesting paper http://www.acm.org/sigcomm/sigcomm2003/papers/p75-kuzmanovic.pdf ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike

...? > > Well, you could add nasty user-agent sniffing, but it's pretty > > pointless. > > streamripper can identify itself as any user-agent you want ... As said above: We're not talking about "there is always a way around". I'm just talking about what easy countermeasurements could be taken (and what is needed for icecast2 to actually use these countermeasurements) to give starters (not professionals) at least some feeling of "stream can't be downloaded". Customers are (mostly) not technicians. But if you give them a http- URL to listen and they can eas...

I've setup a portable system (ubuntu 16.04) joined to my AD domain, that in their primary network works as expected. But in this 'COVID time', the portable start to roam around, and users say me that, suddenly after some days of use, get incredibly sloooowww... after that users reboot, and cannot get back in, login refused. I've setup a VPN, but clearly if users cannot login

On Tuesday 02 March 2004 02:23, Michael Smith wrote: > Shoutcast just does user-agent sniffing. This makes it look like you can't > download the stream easily, but that's just misleading you - it's > completely trivial to do so. Yes , i'd say the same . > > The most clean solution in my eyes would be to implement mms:// or > > rtp:// for mp3/ogg-streams in

OpenSSH 9.6 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested

On 10/1/12 9:26 PM, Magee, Josh wrote: > Hello, > > I plan to implement "Stack Smashing Protection - Strong" support in LLVM. > Below is a description of this feature and an overview of the implementation > plan. I have divided up the implementation into stages that can be delivered > incrementally. > > I'm looking for any feedback (suggestions, requests,

On Fri, 2019-02-15 at 15:57 +1100, Darren Tucker wrote: > That was the original intent (and it's mentioned in RFC4419) however > each moduli file we ship (70-80 instances of 6 sizes) takes about 1 > cpu-month to generate on a lowish-power x86-64 machine. Most of it > is > parallelizable, but even then it'd likely take a few hours to > generate > one of each size. I

This message is a few years old so I cannot reply to the original, but it is still of current research interest. > So one of my coworkers is doing a little research on SSH usage in the > wild using netflow data. One of the things he's trying to do is > determine a way to differentiate between data transfers and interactive > sessions. We thought of a couple of ways but we wanted

I used to also get related log messages of the form: auth_check_password_send: Checking password for unmapped user [HPRS]\[mark]@[ROVER] auth_check_password_send: mapped user is: [HPRS]\[mark]@[ROVER] but now all I get is the auth_check_password_recv in the log. Perhaps the change is due to an upgrade to Samba, or perhaps a change I made to my smb.conf log options? (see log config in my