search for: intruder

Hi I have looked through the wiki and search the mailing list, but I cannot find a way to intrude on a call, can asterisk do this feature? if so how? Thanks for your help Robb

Guys, Im looking for a good text file editor for asterisk config files that can be embedded on a web page for online editing (on an interface), any recommendations? ________________________________________________________________ Anton Krall Direccion General Intruder Consulting A Division of IntruderEnterprises S.A. de C.V. www.Intruder.com.mx www.IntruderStore.com.mx Tel. 3872-2200 ext. 201 Tel. 01-800-INTRUDER (01-800-468-7833) Email: akrall at intruder.com.mx Como lo estoy haciendo? Contacte a mi Director:

...ave a point. I am advocating people to use DSA-keys and a config file with this: Protocol 2 ForwardAgent yes ForwardX11 yes Compression yes CompressionLevel 9 and running ssh-agent and ssh-add, and then loggin in without giving keys. One commenter said that this has big holes. An intruder with root privileges could set SSH_AUTH_SOCKET to at socket for ssh-agent found in /tmp, and he could also find the keys in the /proc area for the ssh-agent. Is that true? Are the keys visible under Linux in the /proc memory mapping for ssh-agent? Could there be done something to better these vul...

Hello, I'm using tinc for a few years now and that this is my first post to this list tells a lot about the quality of tinc, I think. It's just great, thanks a lot for your fine work! Recently I've discovered these messages in my syslog: Dec 28 16:34:06 vdr tinc.grue[9731]: Possible intruder ix (192.168.178.25 port 60882): wrong keylength Dec 28 16:34:06 vdr tinc.grue[9731]: Error while processing METAKEY from ix (192.168.178.25 port 60882) Could you give me a hint about the reason? I've compared the public keys and they match. Also, there's no problem to connect from host vd...

CentOS 5 - Intruder alert Somebody that uses windows has infiltrated the upstream. Alert, alert, weeeeep weeeeeeeeepppp bweeeeeeeeeepppppp screeeeeccchhhhhh :-) [root at tstream11 ~]# ls -axl /bin/tracert lrwxrwxrwx 1 root root 10 Apr 20 17:56 /bin/tracert -> traceroute - rh -- Abba Communications Internet...

Hi all, I need to install an anti-rootkid in a lot of servers. I know that there're several options: tripwire, aide, chkrootkit... ?What do you prefer? Obviously, I have to define my needs: - easy setup and configuration - actively developed -- Thanks, Jordi Espasa Clofent

...y is at the end of this file. Systems Affected * Systems running various versions of BIND I. Description Six vulnerabilities have been found in BIND, the popular domain name server from the Internet Software Consortium (ISC). One of these vulnerabilities may allow remote intruders to gain privileged access to name servers. Vulnerability #1: the "nxt bug" Some versions of BIND fail to properly validate NXT records. This improper validation could allow an intruder to overflow a buffer and execute arbitrary code with the privileges of the name server...

My question is regarding the possibility of someone wiretapping the communication and repeat the action. What if an intruder notice that there's a secure session starting (by guessing at the dst IP address and unintelligible payload) and then start capturing all the packets on this session for the purpose of repeating the whole session again? The secure user could add/delete interfaces and stuff, therefore just by re...

I've used ipmitool any number of times, but never for more than getting info, or setting the server name on a Dell LCD screen. However, I had a server screaming about intruder alert, intruder alert, er, "Chassis intrusion detected", and I thought there might be a way to shut it up (this after pulling the server and reseating the lid). A quick google found, on the first page, an 8 page document by Dell called "Managing Dell PowerEdge Servers Using IPMItool&...

Guys. Im having some audio problems. My asterisk box is the router for my network but remote softphone cant connect to it. I tried running 1.2beta1 and cvs-head with the same luck and etheral throws this: 577.358145 201.138.93.80 -> 201.129.249.28 SIP Request: REGISTER sip:voip.intruder.com.mx:5060 577.359698 201.129.249.28 -> 201.138.93.80 SIP Status: 100 Trying (1 bindings) 577.359723 201.129.249.28 -> 201.138.93.80 SIP Status: 401 Unauthorized (1 bindings) 577.420875 201.129.249.28 -> 201.138.93.80 SIP Request: OPTIONS sip:2@192.168.1.127:5060 577.424962 201.138.93....

Guys.. which free softphone is the best,grandest,most recommended one out there? based on your own experiences..

...ERT Advisory CA-98-13-tcp-denial-of-service Original Issue Date: December 21, 1998 Last Revised Topic: Vulnerability in Certain TCP/IP Implementations Affected Systems Some systems with BSD-derived TCP/IP stacks. See Appendix A for a complete list of affected systems. Overview Intruders can disrupt service or crash systems with vulnerable TCP/IP stacks. No special access is required, and intruders can use source-address spoofing to conceal their true location. I. Description By carefully constructing a sequence of packets with certain characteristics, an intruder ca...

Hi list Several people have physical access to my FreeBSD box and I have the feeling that somebody try to get access with boot -s options . Can I log activity after boot -s option (change user password, install software and etc.). I use boot -s and change user password, but after reboot i can't find this atcivity in log files. The BSD box is shutdown and run again many time at day. Best

Guys. What does this error mean? -- Playing '/var/spool/asterisk/voicemail/intruder/201/unavail' (language 'sp') -- Playing 'vm-intro' (language 'sp') -- Playing 'beep' (language 'sp') -- Recording the message -- x=0, open writing: /var/spool/asterisk/voicemail/intruder/201/INBOX/msg0000 format: wav, 0x812b4f0 -- User...

I've been noticing yum updates on several servers I manage over the last few weeks, which I know I didn't perform and could not explain until this morning. At first I suspect a break-in, but found no other evidence or reason an intruder would run the yum updates I was viewing. Yum updates are logged in /var/log/yum.log, which is what Logwatch scans. Seems that the format of the log entries is: "MMM DD", the year is missing! This morning looking at this log sequentially I noticed I did do yum updates on Apr 02 and Apr...

...we have not received any >reports indicating this vulnerability has been successfully exploited. > >- ----------------------------------------------------------------------------- > >I. Description > >A vulnerability in some MIME-aware mail and news clients could allow >an intruder to execute arbitrary code, crash the system, or gain >administrative rights on vulnerable systems. The vulnerability has >been discovered by Marko Laakso and Ari Takanen of the Secure >Programming Group of the University of Oulu. It has received >considerable public attention in the med...

Guys. How do those callcenter apps work with Asterisk where a call comes in and * send a URL and some screen popup up based on callerid or something or username or id and shows all the customers info? Anybody done that? What do you need to do that? If you are using ATAs or IP Phones, how do those integrate with the PC so the screen would popup?

Hello All, Wondering what sort of real world mileage people are getting out of different internet connecions - i.e. different DSL connection speeds, cable modems, etc... Is it reasonable to hope to carry 10 - 15 concurrent calls on a 768K DSL? I'm not talking about theoretical BW or looking for any difinitive absolute guarantee... With DSL and Cable - there is no guarantee, so I'm

...ND 8 Releases 3. Denial-of-Service Vulnerability in BIND 8 Releases - ---------------------------------------------------------------------------- I. Description This advisory describes three distinct problems in BIND. Topic 1 describes a vulnerability that may allow a remote intruder to gain root access on your name server or to disrupt normal operation of your name server. Topics 2 and 3 deal with vulnerabilities that can allow an intruder to disrupt your name server. Detailed descriptions of each problem and its solutions are included in the individual se...

...hich connects to multiple machines, one of which is considered potentially unsafe. So, it would be nice to have agent forwarding to that machine combined with the confirmation option of ssh-add (-c). If the 'forwarded key' is used on this machine, the user is prompted on the workstation. An intruder cannot use the authentication information without the user knowing (at least that is how I understood the idea of agent confirmation). Using ssh-add -c on the workstation together with setting 'ForwardAgent=yes' in the .ssh/config achieves the desired behaviour. Unfortunately, this means...