search for: fwtk

Hi, I'm having trouble getting an answer to the following problem on -questions - I hope someone here has done something similar and can help. I'd like to compile support for FreeBSD OPIE into sshd. Presently I have to use PAM to achieve one-time password support. On a 4.x system I have in /etc/ssh/sshd_config ChallengeResponseAuthentication yes and in /etc/pam.conf sshd auth

...but not in the usual way that some people have attempted. I was thinking of: user <-via clear-> telnet/SSH proxy <-via SSH-> server This requires no changes to client, except that the client needs to know to telnet to the SSH proxy and open a connection outward from there, similar to FWTK telnet proxy (which is a great proxy!) The other alternative, which I'm using now is: user <-via SSH-> dumb plug/filter <-via SSH-> server Not nice. Any thoughts, comments? One way to do this (which I saw in the archives, and may be more widely applicable): user <-via SSH-&...

rsync versions: all known socks5 hangs while trying to do rsync through it. So does plug-gw from fwtk. There is one peculiarity in rsync protocol. It even occurs not on every rsync module, only while trying to do something like: rsync -avvz cvs.xemacs.org::xemacscvs/XEmacs/xemacs/ ./ In rsync both client and server may send bulk data to each other in the same time on the same connection. In co...

...nning any of these programs can be a victim. Take for instance traceroute, or ping both of which fall prey to this problem. Aside from stock UN*X programs which ship with most vendor operating systems, there appears to be problems related to h_length in external software packages. Due to the flaw, FWTK (Firewall Toolkit) a freely available firewall kit appears vulnerable. The generic routine, conn_server(), which is utilizied by the proxy servers, appears to trust the data as well. Vulnerable Systems ~~~~~~~~~~~~~~~~~~ At this point we would assume that most vendor systems who have incorporated...

YO All! Have you guys been following the SSH discussion on Bugtraq lately? I like their idea the X forwarding should be OFF by default on the client. RGDS GARY --------------------------------------------------------------------------- Gary E. Miller Rellim 20340 Empire Ave, Suite E-3, Bend, OR 97701 gem at rellim.com Tel:+1(541)382-8588 Fax: +1(541)382-8676 ---------- Forwarded message

...wrapper for /usr/lib/sendmail or qmail-inject is written (see glue.c). It processes "glue" pre-header created by Pegasus, defines destination addresses and gives the rest of message (including standard header) to sendmail stdin. The whole idea with fork() is got from SMAPD wrapper in TIS FWTK. I am beginner in safe Unix programming, but some necessary checks seems to be done. Note that this wrapper always runs with sender's rights. 4. Known problems. 4.1. Pop3 daemon improprerly does TOP on messages touched by Pegasus (read, then marked as unread). Whole message is downloaded. See...