search for: imperson

i have a CentOS 5.1 server running sshd (exposed to the outside world). i'd like to use iptables to fool nmap into thinking i'm running another O/S. e.g.: iptables -t mangle -A PREROUTING -d 192.168.0.64 -j PERS \ --tweak dst --local --conf /etc/personalities/macos9.conf iptables -t mangle -A OUTPUT -d 192.168.0.64 -j PERS \ --tweak src --local --conf

...3e6 fixme:rpc:RpcMgmtWaitServerListen not waiting for server calls to finish fixme:ntdll:NtFsControlFile FSCTL_PIPE_IMPERSONATE: impersonating self err:ole:ClientRpcChannelBuffer_SendReceive called from wrong apartment, should have been 0x3300000034 err:ole:xCall RpcChannelBuffer...

I actually didn't quite catch,why oVirt can't just pass user information and you could check against it? This may require to create some configuration files for libvirt about end users. What is a advantage of authenticating oVirt, and then impersonation for end user? 2018-05-11 16:37 GMT+03:00 Daniel P. Berrangé <berrange@redhat.com>: > On Fri, May 11, 2018 at 04:26:36PM +0300, Anastasiya Ruzhanskaya wrote: > > Excuse me for renewing this discussion, but I am curious if you would add > > new module, which will be able t...

Pablo Neira Ayuso <pablo at netfilter.org> has used the 'sudo' feature to access Bugzilla using your account. Pablo Neira Ayuso <pablo at netfilter.org> did not provide a reason for doing this. If you feel that this action was inappropriate, please contact pablo at netfilter.org. For more information on this feature, visit

Excuse me for renewing this discussion, but I am curious if you would add new module, which will be able to process users not based on unix processes, from where do you plan to get usernames? I mean, virt-manager could give them, as there is authentication in GUI, but for example when using oVirt, none of the usernames reach libvirt through the communication between server and nodes. 2018-05-09

Hey guys I desperately want to install FSX, please don't post anything referring me to another sim, I already have it on another comp and I want to link them, I decided to use linux(Ubuntu 10.1) on this machine(programming reasons) so using wine that I installed three days ago, should have Wine triks, I attempted to install FSX but I got err. 1603. Help please?

...tual) > > the smbd process is running as your user for security and permissions > as which user should it run without a unix user > root? > Hi, I perfectly understand your reasons. My question stems from the fact that, while connected to an AD domain, samba (or better, winbind) is impersonating remote users without problems. This is done using the "winbind" keyword in /etc/nsswitch.conf So, I wonder if winbind is capable of doing something similar with tdbsam users, impersonating them _without_ a local entry in /etc/passwd. Basically, what I want is to tell samba/winbin...

...ADV (S-1-5-21-1292501092-333717336-619646970-1503) -> users-adv Users Acctg (S-1-5-21-1292501092-333717336-619646970-1504) -> users-acctg Users Web (S-1-5-21-1292501092-333717336-619646970-1505) -> users-web Users Remote (S-1-5-21-1292501092-333717336-619646970-1506) -> users-remote MTS Impersonators (S-1-5-21-1292501092-333717336-619646970-1003) -> MTS Impersonators WWW access (S-1-5-21-1292501092-333717336-619646970-1015) -> WWW access Account Operators (S-1-5-32-548) -> Account Operators Guests (S-1-5-32-546) -> Guests Server Operators (S-1-5-32-549) -> Server Operators D...

...der the search filter by subject is a much better approach, for participating on a conversation. >From a security point of view the logic says that the sender of an e-mail should not use other than its own e-address as sender; it is logic people out there (yahoo) not liking a service (list) that impersonates someone else. > Changing the behavior of the "Reply-To:" > field might or might not improve the current > situation. > If the list sends a properly crafted e-mail coming from its own address and domain why do you think would be a problem? > The problem (not > on...

...as successful in connecting some servers of mine around in switch mode, but now comes the hard part: How can I authenticate clients on my network? I would also need to direct static leases and subnets to them, is this safely possible on switch mode? What other kind of attacks should I be aware of? (Impersonation, Any kinds of malicious broadcasts, etc) For now, my configuration is that every peer connects to a master node where there's also a dnsmasq daemon which hands out IPs. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/piperm...

Hello! I still want to clarify one question. Instead of making authentication of oVirt and then impersonation of each user, oVirt can just pass user information inside messages and libvirt at the end can read this user information inside rpc messages (perhaps user login could be written in one of string fields in RPC message, simply login = <...> inside message). Why this (assume that it is poss...

hi in samba/cifs/windows is there a thing similar to "su"? i'll explain: as root with "su" i can switch to another user without knowing his password i want to do the same thing, as domain admin, when i mount a share: mount the share impersonating another user without knowing his password i need it to test permissions on this share thanks in advance

...age ID: Unknown (65652) Process Id: 0x0000feff Tree Id: 0x12c24d77 Session Id: 0x00000000771ae25b Signature: 00000000000000000000000000000000 [Response in: 65258] Create Request (0x05) StructureSize: 0x0039 Oplock: No oplock (0x00) Impersonation level: Impersonation (2) Create Flags: 0x0000000000000000 Reserved: 0000000000000000 Access Mask: 0x00100081 File Attributes: 0x00000000 Share Access: 0x00000007, Read, Write, Delete Disposition: Open (if file exists open it, else fail) (1)...

Hi. I used to have samba set up on a Fedora Core 3 server that acted as a PDC for a dozen Windows XP clients. I hade roaming profiles working fine. Then I decided to upgrade (reformat) to Fedora Core 6 for the added harware support. I didn't save the right files and hosed my roaming profile (SID issue, I guess). Now I'm remaking the PDC on Fedora Core 6. I'll start everyone off

...l) L"dargaud" (nil) 0x405bd70 (nil) 0x405bd74 0x405bd68 - stub fixme:advapi:LookupAccountNameW (null) L"dargaud" 0x1f4870 0x405bd70 0x1f86f0 0x405bd74 0x405bd68 - stub fixme:rpc:RpcMgmtWaitServerListen not waiting for server calls to finish fixme:ntdll:NtFsControlFile FSCTL_PIPE_IMPERSONATE: impersonating self fixme:ntdll:NtFsControlFile FSCTL_PIPE_IMPERSONATE: impersonating self fixme:ntdll:NtFsControlFile FSCTL_PIPE_IMPERSONATE: impersonating self fixme:ntdll:NtFsControlFile FSCTL_PIPE_IMPERSONATE: impersonating self fixme:ntdll:NtFsControlFile FSCTL_PIPE_IMPERSONATE: impersonati...

...s the server with the new alias. I get prompted for credentials (first issue), and even if I enter valid domain u/p I get rejected. After restarting Samba I'm able to browse the shares but not to enter them. I get this in logs: [2020/05/20 16:42:23.869228, 5] ../../source3/smbd/uid.c:298(print_impersonation_info) print_impersonation_info: Impersonated user: uid=(3000020,3000020), gid=(0,100), cwd=[/tmp] [2020/05/20 16:42:23.869262, 8] ../../source3/modules/vfs_dfs_samba4.c:121(dfs_samba4_get_referrals) dfs_samba4: Requested DFS name: \server\SHARE1 utf16-length: 26 [2020/05/20 16:42:23.86927...

Greetings all... We are thinking about using the master DB, so a few admins can impersonate an ordinary user. So, we want to define one master for a set of users. And this administrator cannot be master of the other users? Can this be done somehow? Reading the docs, it seems that if a user is defined as master, it can login as everyone. Thanks for any hint.

We have discovered a security vulnerability (“AltNames Vulnerability”) whereby a malicious attacker can impersonate the Puppet master using credentials from a Puppet agent node. This vulnerability cannot cross Puppet deployments, but it can allow an attacker with elevated privileges on one Puppet-managed node to gain control of any other Puppet-managed node within the same infrastructure. All Puppet Enterpri...

> On Sun, Jan 18, 2015 at 8:18 AM, Patrick Masotta <masottaus at yahoo.com> wrote: > > Hi Gene: > > Everything that comes from the list goes to my spam folder > > because the message looks as spam to yahoo. > > A simple filter resolves this: > > Deliver to "Inbox" if > To/CC contains "syslinux at zytor.com" > > > why is

...r_token) UNIX token of user 10000 Primary group is 10002 and contains 1 supplementary groups Group[ 0]: 10002 [2017/03/20 19:22:05.622904, 5, pid=20151, effective(10000, 10002), real(10000, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user) Impersonated user: uid=(10000,10000), gid=(0,10002) [2017/03/20 19:22:05.622917, 5, pid=20151, effective(10000, 10002), real(10000, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1404(api_pipe_request) Requested samr rpc service [2017/03/20 19:22:05.622929, 4, pid=20151, effecti...