search for: miscreant

...strator]@[ROVER] This latter string (with no timestamp, making it hard to find/correlate) does give the hostname of the offending computer, but not the IP. Yes, the IP would be very useful. In this case ROVER is my personal laptop, but all it gives me is the hostname. The IP would indicate if the miscreant was connecting from inside the domain (probably OK), or outside the domain (probably very bad). An IP would also give us a clue as to which IP[range] to firewall if needed. --Mark -----Original Message----- > To: samba at lists.samba.org > From: mourik jan heupink <heupink at merit.unu.e...

I am using rsync to back up across a VPN. Unfortunately, every so often the home office miscreants drop a big block of data into the backup and that particular backup cycle takes many hours. These same people also complain when net pipe is filled during the day. What I need is an ability to change the bwlimit based on time of day. Any suggestions as to how to do this?

...seems quite steep to me. Since the Mitel had a default admin password, it seems possible that somebody accessed its UI over the network, and then accessed and copied its SIP credentials for your Asterisk server. If that's the case, the calls might not have been placed through the phone. The miscreant could have configured the purloined credentials into another hardphone, or a softphone app on any PC or tablet or cellphone which was able to access your LAN. The "cloned" phone would not have needed to actually register with Asterisk... it could simply have send an INVITE to place a call...

...igh-performance compiled C application that can run off a log file or a pipe from syslogd to sshguard, meaning that it can respond a lot more quickly than once a minute, and works with very modest overhead on the host system. It also has features such as touchiness, so that it can get tougher on a miscreant as time goes on; my own shell script is naive in that once it passes a threshold, there's just a permanent rule generated. This worries me if I ever have a situation where a legitimate remote client gets messed up and tries the wrong password or something like that; sshguard does a much nicer...

hi, i found this explanation of the flac fingerprint somewhere: 'A FLAC Fingerprint is generated only for the audio data portion of the file. (Therefore, changing the filename or the tags or FlacMetadata does not change the fingerprint calculation.) In contrast, an .md5 is generated against the whole file, including header portions.' so i was wondering what advantages it could give me

...aintenance effort (1-2 branches at a time). ## Code of Conduct We've discussed a simple but effective code of conduct, along the lines of: use common sense: don't abuse others and don't misbehave. When anyone does, folk should tell the mergers, who will be generally annoyed at the miscreants, and may take actions. OK, so I think this covers all the initial important points, if I've missed anything then please feel free to add that. Thanks, Laurence [1] https://gitlab.com/freedesktop-sdk/freedesktop-sdk [2] https://gitlab.com/freedesktop-sdk/freedesktop-sdk/tree/test-conversio...

...thing, but can be a pain to do upgrades around remotely. [A lot of folks use FreeBSD simply because its a breeze to run remotely]. 3) Until someone writes code to add modules to a kernel via /dev/mem and releases it to the script kiddie world, the bar has been effectively raised for 99% of the miscreants out there. 4) Marketing-wise, it will make folks who don't understand the issues very deeply more comfortable. And as in #3, that is probably a 99% accurate feeling. 5) For those of us using automatic updating systems, having modules and kernels out of sync is bad potentially, so NO_KLD h...

I often find myself doing, whois some.damned.ip.address and then copying and pasting the address range for the miscreant in question, and doing, shorewall iprange x.x.x.x-y.y.y.y with the aim to drop the entire range. My one minor complaint is that I often have to edit out the spaces between the hyphen when copying and pasting the address range returned by whois. I tweaked the shorewall script to avoid this by ch...

...t; This latter string (with no timestamp, making it hard to find/correlate) does > give the hostname of the offending computer, but not the IP. Yes, the IP would > be very useful. In this case ROVER is my personal laptop, but all it gives me is > the hostname. The IP would indicate if the miscreant was connecting from inside the > domain (probably OK), or outside the domain (probably very bad). An IP would > also give us a clue as to which IP[range] to firewall if needed. > > --Mark Yes, agreed. However, for many of the failed logins I see [username]@[(null)] I'm guessing t...

...f you also certify that internally stored fingerprint against a list of correct fingerprints in another file, then you know you have a properly encoded .flac file of the *right* audio, and that the person who sent you the .flac files didn't accidentally provide a wrong file instead. Yes, a miscreant who would intentionally switch .flac files on you would also alter the .ffp file to show the fingerprint of the wrong file instead of the right one, but that could not happen by accident. Sending a set of .flac files with an .ffp file says, "I wouldn't deliberately deceive you"; s...

...xus host before it can chew up yet more bandwidth. The right answer might involve having the portable tunneling host inform the nexus host that an attack was forwarded on a particular port at a particular time. Then the nexus host, having kept a lot of records of such things, would look up the miscreant IP on that basis, add it to the banned ipset, and the attack would stop. Sounds inelegant and perhaps dangerous. Thoughts?

...a seems quite steep to me. Since the Mitel had a default admin password, it seems possible that somebody accessed its UI over the network, and then accessed and copied its SIP credentials for your Asterisk server. If that's the case, the calls might not have been placed through the phone. The miscreant could have configured the purloined credentials into another hardphone, or a softphone app on any PC or tablet or cellphone which was able to access your LAN. The "cloned" phone would not have needed to actually register with Asterisk... it could simply have send an INVITE to place a call...

...eachers invalid users = +BGS\pupils create mask = 0660 directory mask = 770 force user = %U force group = %G [pupils] comment = Shared Directory for Pupils path = /share/pupils browseable = yes read list = +"BGS\Domain Admins" +BGS\"Domain Users" +BGS\pupils +BGS\teachers +BGS\miscreants write list = +"BGS\Domain Admins" +BGS\"Domain Users" +BGS\pupils +BGS\teachers +BGS\miscreants create mask = 660 directory mask =770 force user = %U force group = +BGS\teachers veto files = /*.exe/*.mp3/*.scr/*.vbs/*.asf/*.wma/*.wmv/*.mp4/*.mpg/*.mpeg/*.ra/*.ram/*.bas/*.bat/...

...gt; Since the Mitel had a default admin password, it seems possible that > somebody accessed its UI over the network, and then accessed and copied its > SIP credentials for your Asterisk server. > > If that's the case, the calls might not have been placed through the phone. > The miscreant could have configured the purloined credentials into another > hardphone, or a softphone app on any PC or tablet or cellphone which was > able to access your LAN. > The "cloned" phone would not have needed to actually register with > Asterisk... it could simply have send an IN...

...hat internally stored fingerprint against a list of > correct fingerprints in another file, then you know you have a properly > encoded .flac file of the *right* audio, and that the person who sent > you the .flac files didn't accidentally provide a wrong file instead. > > Yes, a miscreant who would intentionally switch .flac files on you would > also alter the .ffp file to show the fingerprint of the wrong file > instead of the right one, but that could not happen by accident. > Sending a set of .flac files with an .ffp file says, "I wouldn't > deliberately dece...

Hello Dovecot developers, Apple has made and tested significant changes to Dovecot v1.1 and now is ready to contribute them back to your open source project. The changes include: Scalability and performance: allow pop/imap mail processes to handle multiple clients larger listen queues Stability and maintenance: fix to allow cross-compilation workarounds for Mac OS X bugs a couple general

For dovecot 2.1 as per wiki2, is this still valid? noticed a problem before and saw it does seem to be triggering, I use: maxretry = 6 findtime = 600 bantime = 3600 and there was like, 2400 hits in 4 minutes, it is pointing to the correct log file, but I am no expert with fail2ban, so not sure if the log format of today is compatible with the wiki2 entry filter.d/dovecot.conf [Definition]

...d the lpd man pages, the Printing-HOWTO (at http://metalab.unc.edu/pub/Linux/docs/HOWTO/Printing-HOWTO) as well as other web resources and have tried the various suggestions, but I'm confounded as to why this isn't working. I'm going to be working on other printers tomorrow including a miscreant Fuji-Xerox Laser Press 4300, an Epson LP-8600F, and a Xerox Docu-Color 1250, all guaranteed to thoroughly test my patience. So I'm hoping somebody will provide me a solution while I sleep tonight. ;-) - --------------< LINUX: The choice of a GNU generation. >-------------- Steve Frampt...

This patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1438) creates a kbdint device that provides a server-based authentication mechanism. The server generates and emails you a random string when you attempt to login. You're authenticated if you can correctly answer the challenge. You can use a regular email account, a pager, cell phone or other email capable device to receive the

...ies in the /etc/hosts file like this: 127.0.1.1 hostname We would like to remove these lines. Now I know this can be done with a simple exec of sed but if possible I would like to use it as a good test exercise with Augeas. Now, it''s pretty easy to do this with augtool, as follows: root@miscreant:/home/pre500# augtool augtool> match /files/etc/hosts/*/ipaddr 127.0.1.1 /files/etc/hosts/4/ipaddr augtool> rm /files/etc/hosts/4 rm : /files/etc/hosts/4 3 augtool> save Saved 1 file(s) But I can''t see how this would translate to work in Puppet as I need to match the relevant pat...