search for: identif

...Everyone, Are these indications of attacks on this system? I specifically have port 22 disabled at all times and only port forward it to server when I access SSH for a minute or so. Shouldn't UNKNOWN be an actual IP address? */var/log/secure:* May 14 00:35:39 pbx sshd[9011]: Did not receive identification string from UNKNOWN May 14 00:36:09 pbx sshd[9040]: Did not receive identification string from UNKNOWN May 14 00:36:39 pbx sshd[9075]: Did not receive identification string from UNKNOWN May 14 00:37:10 pbx sshd[9102]: Did not receive identification string from UNKNOWN May 14 00:37:40 pbx ssh...

...-3] [AERC=0] [TrmTsk=0] NormACA=0 HiSUP=0 Resp_data_format=0 SCCS=1 ACC=0 TPGS=1 3PC=0 Protect=0 [BQue=0] EncServ=0 MultiP=0 [MChngr=0] [ACKREQQ=0] Addr16=0 [RelAdr=0] WBus16=1 Sync=1 Linked=0 [TranDis=0] CmdQue=1 length=36 (0x24) Peripheral device type: disk Vendor identification: MacroSAN Product identification: LU Product revision level: 1.0 Unit serial number: fd01ece6-8540-f4c7-0000-fe170142b300 >From the fedora 19 vm: [root@fedoravm ~]# sg_inq /dev/sdb standard INQUIRY: PQual=0 Device_type=0 RMB=0 version=0x05 [SPC-3] [AERC=0] [TrmTsk=0] NormACA...

On 09/03/2015 22:36, Rowland Penny wrote: > Hmm, everything looks ok and it shouldn't matter whether you use the > standard 3.6 from debian or 4.1.17 from backports except for the fact > that 3.6 isn't just old, it is EOL , so you may have to rely on debian > backporting any security updates themselves. > > I take it that the three nameservers in the clients

...ve system. This SUN machine was the server of a number of Lynux (Mandrake) and Windows (95,98, XP) computers in a TCP/IP network with fixed IP numbers. We were oblied to change to DHCP recently. As our network has a huge number of computers I am running the smbd and nmbd daemos of the Samba with an identification in such a way that only those windows computers having the WINS protocolo with the same identification were able 'to see' this machine. Under DHCP, at least for Windows 98, there is no any configuration for this protocol in such a way that now although my subnetwork is transparent f...

Hello, I am trying to apply the "called party identification" patch (patch 8824) and managed to make it work with a static data. Where do I take the name of the called person (the "equivalent" of CALLERID, but the other way...)? BTW, one note to the above patch: To make it work the device should have the parameter sendrpid set to true....

...[ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: fatal: Timeout before authentication for [:[:alnum:].]+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: nss_ldap: reconnect(ing|ed) to LDAP server(\.\.\.| after [0-9]+ attempt\(s\))$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive identification string from ([:[:xdigit:].]|UNKNOWN)+$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Did not receive identification string from ([:[:xdigit:].]+|UNKNOWN)+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Authorized to [^[:space:]]+, krb5 principal [^[:space:]]+ \(krb5_kuserok\)$ ^...

I'm seeing lines like the following in my security logs: Oct 14 06:56:32 srv sshd[41370]: Bad protocol version identification '\200b\001\003\001' from 24.203.221.239 From what I've read, this is a buffer overflow attack on the sshd whereby the attacker triggers the overflow before the identification string is sent then attempts commands to see if elevated priveleges were obtained. The log message is...

...All the "read" part is done and is working well, but I am having a little problem while coding the "write" part of the API. In the docs (I use http://www.xiph.org/ogg/vorbis/doc/Vorbis_I_spec.html#id4726648), I founded everything I want but there is still some bytes in the identification header that I can't understand. And I saw (using some app to write tags), thats these bytes change when the comments header length change, I guess that it is the file length or something, but I can't find anything about them in the docs (I'm sure that I just don't found t...

...nd of proxies. What are your thoughts on the attached patch? Rationale behind the design of the patch: A name based SSH proxy will need to accept connections from clients and based on data send by the client choose a backend server to connect to. The proxy will not be able to forward the version identification from the backend to the client until after it has connected to the backend. Thus the proxy will need to extract the hostname from the data send by the client before any version identification has been send in the other direction. This leaves the version identification send from client to se...

Hi everybody, I've connected Asterisk 1.2.5 (libpri 1.2.2, zaptel 1.2.4, Linux 2.6.13.2) to an Avaya-Tenovis PBX via a PRI/E1-line. Calls from SIP-phones via * to the PBX work fine. However, incoming calls to * only result in: -- XXX Missing handling for mandatory IE 24 (cs0, Channel Identification) XXX -- which seems to be an * problem, because a Windows-fax-machine works fine on a PRI line with the same configuration. I was able to get it to work somehow by commenting out the following block in libpri/q931.c, line 3194: -- /* JH for (x=0;x<MAX_MAND_IES;x++) {...

Hi, How does LLVM identify induction variables of a loop? Is the algorithm based on SSA graphs? I have a complicated loop and I need to do some analysis around it. Can anyone please point me to source of identification part? -- *Disclaimer: Views, concerns, thoughts, questions, ideas expressed in this mail are of my ow...

We received a notice from our pci-dss auditors respecting this: CVE-2002-0510 The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. The NVD entry for which contains this note: CHANGE> [Cox changed vote from REVIEWING to NOOP] Cox> So I asked some kernel guys about this - it's not...

...p. Given the code/output included below, how do I pull 'Model' and 'Fit' (AIC) from each summary() so that I can combine them into an array/data frame to be sorted by AIC? 2. Apart from EACF, are you aware perhaps of another function in R that can help solve the issue of ARMA order identification? Thank you, b. > arma <- arma(var, order=c(1,1), lag=NULL, coef=NULL, + include.intercept = TRUE, series = NULL) > summary(arma) Call: arma(x = var, order = c(1, 1), lag = NULL, coef = NULL, include.intercept = TRUE, series = NULL) Model: ARMA(1,1) Residuals: Min...

http://bugzilla.mindrot.org/show_bug.cgi?id=537 Summary: Identification should depend on port number Product: Portable OpenSSH Version: 3.5p1 Platform: Other OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org...

Does * support Called Party Identification? Say for example, I dial extension 2000, SIP sends back John Doe from the sip.conf file where extension 2000 is defined? Would this violate the SIP RFC? - Brent

Hi, While creating identification header in the function * theora_encode_heade*r in *encoder_toplevel.c*, it assigns bits not mentioned in the current theora spec released on Octomber 29, 2007 (page 40 &41). But this implementation in function* theora_encode_heade*r is correct according to the *Figure 6.2 (page...

http://bugzilla.mindrot.org/show_bug.cgi?id=1246 Summary: Protocol version identification errors don't log the sender IP anymore, always UNKNOWN Product: Portable OpenSSH Version: 4.4p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: sshd...

...sp_data_format=0 > > SCCS=1 ACC=0 TPGS=1 3PC=0 Protect=0 [BQue=0] > > EncServ=0 MultiP=0 [MChngr=0] [ACKREQQ=0] Addr16=0 > > [RelAdr=0] WBus16=1 Sync=1 Linked=0 [TranDis=0] CmdQue=1 > > length=36 (0x24) Peripheral device type: disk > > Vendor identification: MacroSAN > > Product identification: LU > > Product revision level: 1.0 > > Unit serial number: fd01ece6-8540-f4c7-0000-fe170142b300 > > > > From the fedora 19 vm: > > [root@fedoravm ~]# sg_inq /dev/sdb > > standard INQUIRY: > > PQual=0...

Greetings, The Polycom SIP 1.5 Admin Guide says this: "3.1.8 Connected Party Identification Where possible, the identity of the remote party to which the user has connected is displayed and logged. The connected party identity is derived from the network signaling. In some cases the remote party will be different from the called party identity due to network call diversion....

Hello all, We got a report [1], that we miss "p1" suffix in the sshd identification strings in Fedora. I dig in and found out that it is also missing from portable usptream since 2004, when you were rewriting version.h header file with this information. Debian somehow patched this information back during the time in some places (ssh_api.c is missing). It does not lo...