search for: guessabl

Displaying 19 results from an estimated 19 matches for "guessabl".

Did you mean: guessable
2006 May 24
2
PDF Writing without Cached File
...an output the PDF on-the-fly to the browser rather than having a temporary PDF file? I just can''t have these files laying around since they contain sensitive information. I thought about just generating the PDF file and naming it the session ID or something that''s not easily guessable, but I''d rather just generate it in memory and dump it to the browser if possible. -- Posted via http://www.ruby-forum.com/.
2009 Mar 26
1
Is there a public blacklist of hackers' IPaddresses?
...going to be a lot faster than attempting a brute-force mathematical attack against MD5... and switching from MD5 to SHA-1 provides no significant defense against dictionary attacks. The only good way to keep passwords secure against dictionary attacks, is to make sure that the passwords aren't guessable by that means... no common words, no names, no simple permutations or birthdates or anything like that. Use a decent random-number generator and number-to-character conversion algorithm to generate SIP passwords that are sufficiently long and very DTR8FBWF_==F?Z@\.-+!N$ and you'll be well def...
2009 Jan 07
9
''zfs recv'' is very slow
On Wed 07/01/09 20:31 , Carsten Aulbert carsten.aulbert at aei.mpg.de sent: > Brent Jones wrote: > > > > Using mbuffer can speed it up dramatically, but > > this seems like a hack> without addressing a real problem with zfs > > send/recv.> Trying to send any meaningful sized snapshots > > from say an X4540 takes> up to 24 hours, for as little as 300GB
2008 Dec 09
8
pop3 attack
I was looking at my maillog and it looks like someone is trying to get into my pop3 server. Dec 9 15:28:54 mailserver dovecot: pop3-login: Aborted login: user=<alexis>, method=PLAIN, rip=::ffff:66.167.184.203, lip=::ffff:192.168.1.2 Dec 9 15:29:08 mailserver dovecot: pop3-login: Aborted login: user=<alfonso>, method=PLAIN, rip=::ffff:66.167.184.203, lip=::ffff:192.168.1.2 Dec 9
2010 Jul 25
2
using Lazy_Expunge to enforce retention policy
Hi, I've been experimenting with using Lazy_Expunge as a tool to enforce document retention policies (by keeping users from deleting emails forever, instead expiring them after a set time). My problem is, how do I keep the user from deleting/expunging mails *inside the expunge folder itself*? I am using dovecot-1.2.10 built from FreeBSD's ports tree, and I am using the following
2001 Jun 02
1
ssh-keygen(1) misinfo: English prose entropy 0.6 - 1.3 b/char!
Quoth manpage: otherwise easily guessable (English prose has only 1-2 bits of entropy per word, and provides very bad passphrases). The passphrase can be Whoever wrote that manpage is either possessed of some amazing human insight to which I am not privvy, chose a very non-representative sample of English prose, or is just plain wrong....
2002 Dec 29
1
Deleted from partition table
I accidentally removed an ext3 partition from the partition table. I know roughly where it started. Is there any way of finding the superblock and reconstructing it? TIA, Dave (Yes I have a backup of the important stuff!)
2009 Jul 29
1
Misunderstood thing
Hello, I'm novice on the SIP protocol also on Asterisk. Could someone explain me why the Asterisk is using username and secret config on peer connection? Does Asterisk can send call to peer without username and secret configuration ? Sincerely, Tseveen.
2001 Aug 02
1
AIM can't find "Application Data" folder
when I try to run aim.exe under wine, i get the following error: err:shell:SHGetSpecialFolderPathA Failed to create directory 'C:\WINNT\Application Data'. why is it looking for that folder there? The partition is a win2k install, so it would find it under "C:\Documents and Settings\Administrator\Application Data". How do I make it look there? Erik
2009 Nov 19
7
AXVoice Server Hacked.. accounts info leaked
AXvoice server hacked. Here are few working accounts USE XLITE to make calls.... Registrar/Proxy magnum.axvoice.com:9060 Free Sample account.... username=xMaxwellSmartx secret=thanksapache username=woodsy type=friend secret=haramikuttasala username=wumingzi type=friend secret=kickyourass Enjoy! B.R BaBa Jigger -------------- next part -------------- An HTML attachment was scrubbed... URL:
2010 Jun 23
6
one for your filters
Some !@$#@@# in the Czech Republic used one of our SIP accounts to place four thousand calls to what appears to be a toll number in Zimbabwe last night. Filter 82.150.165.5. A more overriding problem for me is how do we know what *destinations* to filter so this idea of war dialing a toll number is something we can cutoff before it gets to our upstream provider? Is there some collected
2024 Jun 18
7
Call for testing: openssh-9.8
...by the same client address will accrue greater penalties, up to a configurable maximum. Address ranges may be exempted from penalties using the PerSourcePenaltyExemptList option. We hope these options will make it significantly more difficult for attackers to find accounts with weak/guessable passwords or exploit bugs in sshd(8) itself. This option is enabled by default. * ssh(8): allow the HostkeyAlgorithms directive to disable the implicit fallback from certificate host key to plain host keys. Bugfixes -------- * misc: fix a number of inaccuracies in the PROTOCOL.* docu...
2010 Jun 11
7
How to stop intruder from registering sip?
This is a small 12 line system, internal extensions 150 - 180. I didn't have a phone on 151. Here's the sip.conf stanza: ;;[151] ;;type=friend ;;context=longdistance ;;callerid="Conf Room" <151> ;;secret=0000 ;;host=dynamic ;;qualify=yes ;;dtmfmode=rfc2833 ;;allow=all ;;defaultuser=151 ;;nat=yes ;;canreinvite=no There's no DISA. And then somehow (how???) ip address
2004 Aug 13
6
sequences in the auth.log
Hi all, I found similar sequences in the /var/auth.log files of freebsd boxes, I supervise.: Aug 13 13:56:08 www sshd[26091]: Illegal user test from 165.21.103.20 Aug 13 13:56:11 www sshd[26093]: Illegal user guest from 165.21.103.20 Aug 13 13:56:15 www sshd[26096]: Illegal user admin from 165.21.103.20 Aug 13 13:56:18 www sshd[26103]: Illegal user admin from 165.21.103.20 Aug 13 13:56:21 www
1998 May 09
4
Apparent SNMP remote-root vulnerability.
I just had a remote root break-in on my machine (x86 running Red Hat Linux 5.0 with all the updates except for kernel-2.0.32-3) this morning at 06:03:28 EDT. From what I''ve been able to gather, it appears to have been through snmpd, which I missed when I was weeding out unused daemons. Sorry for the feeble message, but all I know (or at least strongly suspect) is that there''s a
2018 Nov 03
7
Log ssh sessions using open source tools
Hi, Are there any open source tools to keep track of ssh sessions? For example, if a specific user is ssh logging to remote server and what commands or scripts are being run. Basically, i need to log all users sessions. Thanks in Advance and i look forward to hearing from you. Best Regards, Kaushal
2014 Nov 10
7
[Bug 2311] New: simple attack when control channel muxing is used
https://bugzilla.mindrot.org/show_bug.cgi?id=2311 Bug ID: 2311 Summary: simple attack when control channel muxing is used Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: security Priority: P3 Component: ssh Assignee: unassigned-bugs at
2006 Feb 13
11
ssh attack
Hi, I get ssh connect attempts all the time, to my servers at home and at work. I've noticed lately they come from a certain ip address, hitting every 3 or 4 seconds, trying 50 or 100 different user names and passwords. And I get these sweeps from 2 or 3 ip addresses a day. I guess this is an automated attempt to guess a user/pass and break into a system. I tried to secure ssh better by
2005 May 06
17
FYI: watch out for google's web accelerator - can empty your app of data
Hi All, A co-worker passed this info on to me: http://37signals.com/svn/archives2/google_web_accelerator_hey_not_so_fast_an_alert_for_web_app_designers.php The Skinny: Google has a "Web Accelerator" that pre-caches pages by following url''s. If you have any plain/simple URL''s that don''t take paramaters (like what often happens in rails apps), it will try to