search for: guessers

I''ve been working with the RSpec on Rails plugin. Great job guys! The Rails spec runner (server) definitely speeds things up nicely. But I''m having some trouble keeping it functional. When I start the server, the first spec execution runs fine. Every following execution fails though. Each spec complains about the ''controller_path'' missing from my

> On Jul 30, 2015, at 12:20, Warren Young <wyml at etr-usa.com> wrote: > > Meanwhile over here in CentOS land, you still see SSH password guessers banging on every public IP that responds to port 22. Why? Because it still occasionally works. Increase the password strength minima, and this class of worm, too, will quickly die out. If the Windows fix was firewall on by default, why isn?t that the appropriate ?fix" for Linux distros? Wh...

Hi everybody! I am proud to present you a small project I have been working on for a while: Picolena, a documents search engine written in Rails. ( http://picolena.devjavu.com/ ). It obviously uses Ferret for indexing and searching, and adds some plain text extractors in order to index OOffice.org, pdf and MS Office documents (and some others as well). Everything is packed in a gem (gem install

On 7/30/2015 2:23 PM, Nathan Duehr wrote: >> >On Jul 30, 2015, at 12:20, Warren Young<wyml at etr-usa.com> wrote: >> > >> >Meanwhile over here in CentOS land, you still see SSH password guessers banging on every public IP that responds to port 22. Why? Because it still occasionally works. Increase the password strength minima, and this class of worm, too, will quickly die out. > If the Windows fix was firewall on by default, why isn?t that the appropriate ?fix" for Linux distros...

...centos.org Subject: Re: [CentOS] Fedora change that will probably affect RHEL On 7/30/2015 2:23 PM, Nathan Duehr wrote: >> >On Jul 30, 2015, at 12:20, Warren Young<wyml at etr-usa.com> wrote: >> > >> >Meanwhile over here in CentOS land, you still see SSH password guessers banging on every public IP that responds to port 22. Why? Because it still occasionally works. Increase the password strength minima, and this class of worm, too, will quickly die out. > If the Windows fix was firewall on by default, why isn?t that the appropriate ?fix" for Linux distros...

Hello, I tried building OpenSSH-2.9p1 on AIX 4.3.3(ML6) with gcc. I included the --with-tcp-wrappers flag in configure. Configure went just fine, make went just fine, but 'make install' failed with the following error: exec(): 0509-036 Cannot load program ./ssh-keygen because of the following errors: 0509-130 Symbol resolution failed for /usr/local/lib/libwrap.a(libwrap.so)

Weird Problem: I have 2 EXT. One will ring and NOT go into VM (eventually call will timeout/hang up), the other EXT goes into VM when the call is not answered like it should. If I enable DND, then the call will go directly in VM as it should. Any ideas what it might be? Thank you, Jake

On Jul 28, 2015, at 1:06 PM, Chris Adams <linux at cmadams.net> wrote: > > Once upon a time, Warren Young <wyml at etr-usa.com> said: >> Much of the evil on the Internet today ? DDoS armies, spam spewers, phishing botnets ? is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords. > > Since most of that crap comes

On Wed, Jul 29, 2015 at 4:37 PM, Warren Young <wyml at etr-usa.com> wrote: > Security is *always* opposed to convenience. False. OS X by default runs only signed binaries, and if they come from the App Store they run in a sandbox. User gains significant security with this, and are completely unaware of it. There is no inconvenience. What is the inconvenience of encrypting your device

Hi, funny or enlightening observation: With my qemu-system-i386 it would work if the detected Heads/Cylinder and Sectors/Head factors would change positions ! The effective read operation seems to use H/C = 32 , S/H = 63. The correct LBA would be addressed by H/C = 63 , S/H = 32. -------------------------------------------------------------------------- Reasoning: I have transplanted the

hi, I wrote a patch to openssh sshd.c which enables "exponential backoff", so that an attacker cannot brute force your password by making hundreds of login attempts. here is the code: http://sam.nipl.net/sshd-backoff/ An attacker who fails to login is locked out (by IP address) for 1 minute, and the lockout period doubles for each failed login after that. Normally three logins are

On Tue, Mar 21, 2017 at 09:03:35AM +0100, Thomas Schmitt via Syslinux wrote: > I think we should offer David a binary which he can combine with > the MBR of the ISO and the image with the recognizable blocks. > I will later today upload a binary version of my block producer > and post the URL. > > The combination will be: > 432 bytes from Martin's MBR > 80 bytes

Dear all, We are experiencing some trouble when compiling R packages using R 2.6.0 and the new Rtools installer under Windows XP. (1) First, compiling any package using the new setup stops with an errorrelated to some "/" issue on the inst folder. This folder only contains a CITATION file ---------- Making package FLCore ------------ adding build stamp to DESCRIPTION installing

...no longer applies. We didn?t get the immunity without a cost. I used to be able to ?message? a remote Windows computer merely by knowing its IP, and I could browse its registry without jumping through hoops. Can?t do that any more. Meanwhile over here in CentOS land, you still see SSH password guessers banging on every public IP that responds to port 22. Why? Because it still occasionally works. Increase the password strength minima, and this class of worm, too, will quickly die out. > Computers with strong passphrases still sometimes get pwned The occasional failure of a prophylactic mea...

...be minimally affected in terms of usability, the security will be vastly better than even if 5 or 6 digit PINs were employed and besides no one would accept that anyway. And that's where we are with computers and passwords. > Meanwhile over here in CentOS land, you still see SSH password guessers banging on every public IP that responds to port 22. Why? Because it still occasionally works. Increase the password strength minima, and this class of worm, too, will quickly die out. No they just get better, like they have been, at an exponential rate compared to our ability to recall login p...

FTS indexing is something I hear quite often nowadays. I?ve added some hacks to make it work better for some installations, but it?s about time to think about the whole design and how it could be improved for everyone in future. Here are some of my initial thoughts. Currently Dovecot supports 3 full text search engines: Solr, CLucene and Dovecot Squat. CLucene plugin has various features built

http://bugzilla.mindrot.org/show_bug.cgi?id=1322 Summary: pam_end() is not called if authentication fails, which breaks pam-abl Product: Portable OpenSSH Version: 4.6p1 Platform: Other URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405041 OS/Version: Linux Status: NEW Severity:

Once upon a time, Warren Young <wyml at etr-usa.com> said: > Much of the evil on the Internet today ? DDoS armies, spam spewers, phishing botnets ? is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords. Since most of that crap comes from Windows hosts, the security of Linux SSH passwords seems hardly relevant. > Your freedom to use