search for: malicious

....2.0.0 Found ip-based phishing fraud from 255.255.255.255 Found ip-based phishing fraud from 10.1.0.0 Found ip-based phishing fraud from 255.255.255.255 . MailScanner has detected a possible fraud attempt from "ee.ee.ee.ee" claiming to be MailScanner warning: numerical links are often malicious: ee.ee.ee.ee Sent: Wednesday, February 08, 2006 6:01 PM - Show quoted text - \n Subject: Fwd: 16 new messages in 8 topics \n - digest \n ---------- Forwarded message ---------- From: comp.dcom.sys.cisco \n group <noreply at googlegroups.com> Date: \n Feb 8, 2006 5:03 PM Subj...

All, Has anyone had any thoughts/discussion on providing a malicious call trace feature within Asterisk. Most legacy PBX's support this feature which allows a handset user to indicate using DTMF during a call that it's a malicious call which instructs the PBX to send a specific Q931 message over the ISDN to the providers switch telling it to log the call det...

Dear list, I''m running Shorewall on a dedicated Fedora 7 box. Shorewall is working well as an office DSL router (dynamic IP) with loc and dmz zones. I am now trying to configure IPSec to connect a VPS, "casp", with a static IP to both the firewall and to the loc network behind it. The host to host SA works fine. However, pings from "loc" to "casp" can be

Use scripts to create some malicious directories. Here is my creation process. How can I prevent the creation of these directories? I used the python imapclient script to create a directory. There may be no big threat to dovecot, but it is dangerous for doveadm. -------------- next part -------------- An HTML attachment was scru...

Hi iproute2, I have a network to reach which is 192.168.2.0/24. It is a branch of the company. I have currently added a route to that network via one gateway ( 192.168.0.254) in following way. ip route add 192.168.2.0/24 via 192.168.0.254 Now, We got another gateway which is 192.168.0.250. Now I want to add a route to the same network which is 192.168.2.0/24 via this gateway ( 192.168.0.250)

Hai Marcio, Please keep mailing to the list, that helps everybody. ;-) Question, does the Windows AD domain contain MS Exchange also? Ow and my bad.. This : samba-tool domain tombstones expunge You need to purge the tombstones on the windows server, but forget that all. I had a new look and noticed: root at samba4dc:/etc/init.d# samba-tool domain join empresa.com.br DC

...nbind libpam-krb5 krb5-config krb5-user samba -V ? ?Version 4.10.5-Debian netstat -lntup Conex?es Internet Ativas (sem os servidores) Proto Recv-Q Send-Q Endere?o Local ? ? ? ? ?Endere?o Remoto ? ? ? ? Estado ? ? ?PID/Program name tcp ? ? ? ?0 ? ? ?0 MailScanner warning: numerical links are often malicious: MailScanner warning: numerical links are often malicious: 0.0.0.0:10050 ? ? ? ? ? 0.0.0.0:* ? ? ? ? ? ? ? OU?A ? ? ? 398/zabbix_agentd tcp ? ? ? ?0 ? ? ?0 MailScanner warning: numerical links are often malicious: MailScanner warning: numerical links are often malicious: 0.0.0.0:139 ? ? ? ? ? ? 0.0...

...; samba -V > Version 4.10.5-Debian > > netstat -lntup > Conex?es Internet Ativas (sem os servidores) > Proto Recv-Q Send-Q Endere?o Local Endere?o Remoto Estado > PID/Program name > tcp 0 0 MailScanner warning: numerical links are often > malicious: MailScanner warning: numerical links are often malicious: > 0.0.0.0:10050 0.0.0.0:* OU?A > 398/zabbix_agentd > tcp 0 0 MailScanner warning: numerical links are often > malicious: MailScanner warning: numerical links are often malicious: > 0.0.0.0:...

This repository has begun triggering alerts in my enterprises trend micro solution this morning. centos.firehosted.com/7.2.1511/updates/x86_64/repodata/repomd.xml Any tips on ensuring this repository is never queried by my systems ? It seems to keep getting picked up on freshly deployed vagrants for development at this time. Thanks, Corey Erickson

Hello Osama, and Hisham, At 1330GMT there was some malicious activity coming from your network IP 37.75.210.90. Please act accordingly. Things that may be of use "972599779558" N.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2012-4544 / XSA-25 Xen domain builder Out-of-memory due to malicious kernel/ramdisk ISSUE DESCRIPTION ================= The Xen PV domain builder contained no validation of the size of the supplied kernel or ramdisk either before or after decompression. This could cause the toolstack to consume all available RAM in the domain running the domain builder. IMPACT ==...

https://bugzilla.samba.org/show_bug.cgi?id=11949 Bug ID: 11949 Summary: A malicious sender can still use symlinks to overwrite files Product: rsync Version: 3.1.2 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: core Assignee: wayned at s...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2012-4544,CVE-2012-2625 / XSA-25 version 2 Xen domain builder Out-of-memory due to malicious kernel/ramdisk UPDATES IN VERSION 2 ==================== Clarify that XSA-25 is reporting, via the Xen.org security process, both CVE-2012-4544 and CVE-2012-2625. Also we would like to apologise for the fact that xen-announce''s copy of version 1 of this advisory was delayed in mailing l...

Directory name have some malicious characters, is it safe?How can I exclude some characters,thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20190520/e3ea2c53/attachment.html> -------------- next part -------------- A non-text attachm...

...t find any information about what I would like to do. And therefore I now send a mail to this mailinglist in hope that someone can either help me, or point me in the right direction. What I want to do is the following: Make a transparent bridge that starts dropping ICMP packets that are oversized(malicious icmp), drop all syn packets that comes from spoofed hosts(non existent ip''s), drop other obvious malicious traffic. My problem is not dropping packets(hehe), the problem is dropping packets based on these rules, so that legit icmp/syn traffic etc will not be affected by the rules. I'...

Hello All, My username is MikeThompson The link to configure Aide at the bottom of this page: https://wiki.centos.org/HowTos/OS_Protection Is dead, and says its dead, however, the old link to http://www.bofh-hunter.com/2008/04/10/centos-5-and-aide/ now redirects to a malicious website. One of my less than savvy users got his windows machine infected there last night. I'm wondering if it makes sense to change the link to point to one of the following guides which are very decent: http://www.server-world.info/en/note?os=CentOS_6&p=aide http://www.server-world.in...

...ook into your MUA setup. You keep breaking threading for this thread (In-Reply-To header is set incorrectly). On Tue, 2020-02-11 at 13:40 +0000, user wrote: > > On Thu, 2020-02-06 at 19:20 +0000, user wrote: > > > 2020-01-08 09:59, Marvin Scholz wrote: > > > Expectation on malicious activity force me to put icecast behind reverse > > > proxy. It was not easy, but works very well. > > > > So, what kind of "malicious activity" exactly? And what exact HTTP level > > software is more robust against those activities than Icecast? > > &gt...

...mote server knows there's no point refusing the > > slient offered keys one after the other, as none will work. Why then > > not telling the client there's no point trying, use password instead? > > The server knows that there is no point in trying, but the (possibly > malicious) client does not know that. And server is trying to tell > the client the least possible amount of information (basic rule of > security). Right. Still, how much more damage could a malicious client do if it ware presented with a password prompt? Is it worth annoying the non-malicious clie...

...nbind libpam-krb5 krb5-config krb5-user samba -V ? ?Version 4.10.5-Debian netstat -lntup Conex?es Internet Ativas (sem os servidores) Proto Recv-Q Send-Q Endere?o Local ? ? ? ? ?Endere?o Remoto ? ? ? ? Estado ? ? ?PID/Program name tcp ? ? ? ?0 ? ? ?0 MailScanner warning: numerical links are often malicious: 0.0.0.0:10050 ? ? ? ? ? 0.0.0.0:* ? ? ? ? ? ? ? OU?A ? ? ? 398/zabbix_agentd tcp ? ? ? ?0 ? ? ?0 MailScanner warning: numerical links are often malicious: 0.0.0.0:139 ? ? ? ? ? ? 0.0.0.0:* ? ? ? ? ? ? ? OU?A ? ? ? 23945/smbd tcp ? ? ? ?0 ? ? ?0 MailScanner warning: numerical links are often malici...

...that reconfigure the manager.conf file to allow remote access to AMI logins that allow Originate (by default, the manager.conf remains configured to deny login to any system except localhost). I want to have a guideline on how to proceed in order to make these applications work, without allowing malicious users to compromise the system. I know that one way to proceed is to deny remote access to AMI, and build an application-specific proxy that will perform the Originate on behalf of the remote requester, after filtering the values. However, I want to know if there is a simpler way to remove the dan...