search for: penetr

Hi, I'm currently at CentOS 5.8. After some penetration testing, found some high severity OpenSSH issues which would require its upgrade. But till CentOS 5.9 the latest rpm available is openssh-4.3p2-82.el5 (which I'm currently using). Is it fine to upgrade to CentOS 6 rpms while I'm on CentOS 5? Thanks, Anumeha

...figures for other R books, as it appears that publishers are closed-mouthed about such figures. And no, I can't reveal which particular book this was, so don't ask.) Conclusion: Very few books sell to more than 12% of the population of potential buyers, and most books have a far lower penetration -- 1% or less is not uncommon. A 12% penetration for the book in question implies 42,000 R users; a more reasonable 5% penetration implies 100,000 users. A low 1% penetration implies 500,000 users. 3. There are a total of 3225 unique subscribers to the three R mailing lists.

Hey guys. I have a server that is owned by me and can confirm through servint that it is owned by me. I would like to do a penetration test and of course to allow you to upload files on the server and kind of trash it to the point where it is always restarting and running out of memory etc etc. This is going to be mainly script kiddie stuff, however will be able to get you hired on with me for some other jobs that are invovl...

...system TODO, but so far I'm a bit > skeptic about LLVM relevance on the non-Unix world. The Windows build > can be broken for a long period before anyone notices. The VS2003 > support is broken since a long time ago and, apart from myself, no > other > user cares. Seems that LLVM penetration on Windows, for instance, is > almost nil. Is it really worth the trouble to support things like > testing on systems that almost nobody (wants to) use?. > > -- > Oscar I, for one, hugely appreciate your effort and the CMake build files. My primary target is the Windows platfo...

...ck if my Asterisk is an "Open > Relay" that accept connections from every peer? Someone on this list is bound to have the wherewithal to be able to do that. All they will need to know is the IP address of your Asterisk server. I suggest that if anyone offers to help you by remotely penetration-testing your system, you post "on-list" that you'll contact them "off-list" to give them the server IP. That way, everyone gets to know that a deal has been established, but only the directly-concerned parties have all the necessary information. -- AJS Note: Or...

...level access to the OS, so thats nothing new. Most all servers I run have remote KVM via IPMI, or are VM's, so this can be done without physical presence, unless somehow mokutil disables KVM (keyboard/video/mouse, not kernel virtualization) AND refuses to run in a VM. Sure, if someone has penetrated my IPMI and/or virtualization management, I'm already in a world of hurt, but no physical presence is required. -- john r pierce, recycling bits in santa cruz

...runs on Rails and PostgreSQL. Right now it is FCGI based but we''re moving to Apache+Mongrel next week. It is looking like they are going to have the #1 selling album in the country this week with Dashboard Confessional''s new record. Just a note to let people know that Rails has penetrated Billboard!

...d that to my CMake build system TODO, but so far I'm a bit skeptic about LLVM relevance on the non-Unix world. The Windows build can be broken for a long period before anyone notices. The VS2003 support is broken since a long time ago and, apart from myself, no other user cares. Seems that LLVM penetration on Windows, for instance, is almost nil. Is it really worth the trouble to support things like testing on systems that almost nobody (wants to) use?. -- Oscar

Hello, I have been on a dynamic ip for about 5 years and have just upgraded to a static ip. I know I need to change my network setup on my eth0 nic to static and stop ddclient from trying to update my address but is there _really_ anything else I need to change. I have a couple of websites on this address using *:80 in my httpd.conf. I can easily change this but don't think it would really

OK, folks. You're doing a great job of describing the current milieu with a rough description of some best practices. Now how about some specific sources you personally used to learn your craft that we can use likewise? PatrickD

...ed up, you can even do courses with SANS. Reading about the security infrastructure that you are already using is a good idea, often accessible via mysterious things called "man pages". I learned a lot simply by reading about pam, iptables, and selinux. Thinking about you systems from a penetration testing perspective can be helpful. For example, "Always Learning" has just told us that he uses single character root passwords on his testing machines, that he is testing 7 days a week and does not turn off his test machines. A pen tester or cracker could use that information to...

On Tue, 2015-02-03 at 15:02 +1100, Kahlil Hodgson wrote: > Thinking about you systems from a penetration testing perspective can > be helpful. For example, "Always Learning" has just told us that he > uses single character root passwords on his testing machines, that he > is testing 7 days a week and does not turn off his test machines. Yes single character. Writing and testi...

Dear, I am a newbie to R. Now I am learning to draw boxplot using graphics(). I want to change the vertical line penetrating the box from dashed line to solid line Please kindly share the command and thank you. Elaine [[alternative HTML version deleted]]

...speakers list is complete [1] and our timetable has been finalised [2]. Below is a list of presentations for RUXCON 2005 (in order of acceptance): 1. Breaking Mac OSX - Ilja Van Sprundel & Neil Archibald 2. Binary protection schemes - Andrew Griffiths 3. Using OWASP Guide 2.0 for Deep Penetration Testing - Andrew van der Stock 4. Black Box Web Application Penetration Testing - David Jorm 5. Long Filename, Long Parameter, Malformed Data. Another Day, Another Vulnerability. Same Bug, Different App. - Brett Moore 6. Computer Forensics: Practise and Procedure - Adam Daniel 7. P...

...as anyone made a webpage with a link to a theora-file that automatically (or with a few clicks on Accept/OK) installs the needed codecs on a unmodified Windows machine? (The links to theora-files on www.theora.org does not do this, which is a shame). I am afraid if this is not possible to do, then penetrating the Windows-segement will be very hard indeed. /Ole

...e the SL1 protocol. Does anyone have any more information on the SL1 protocol? I don't expect * to support it currently but I'm more interested in investigating what is required. I think that allowing * to play with these systems nicely will go a LONG way in furthering Asterisk's penetration into the small/mid business market. Aside: Since we moved to the new building (and * is handling all calls and faxes for us) our * system has handled over 11500 calls. That's over 5500 calls a month, incoming, outgoing and faxes. Not a bad start. :-) -A.

...arket Cisco, WiSIP, Zyxel are all rated at 10mW. I'm not really sure if I want to stick something with that power to my ear. Assuming a reasonable antenna gain of 2.2dBi, we're talking about 22.2dBm - that's nearly 200mW of power radiating out of the phone. At 2.4GHz, it has higher penetration power than cells phones. My question: Does anyone know if cell phone SAR rules apply to WiFi phones as well? Over here in Singapore, there seems to be a loophole. As long as your equipment is in 2.4GHz, approval is not required if Tx power is <200mW.

...;ll work on any ole machine. Nor do I know what is involved in making it happen. Clues would be appreciated. Thanks! -- ---- Fred Smith -- fredex at fcshome.stoneham.ma.us ----------------------------- "For the word of God is living and active. Sharper than any double-edged sword, it penetrates even to dividing soul and spirit, joints and marrow; it judges the thoughts and attitudes of the heart." ---------------------------- Hebrews 4:12 (niv) ------------------------------ -------------- next part -------------- A non-text attachment was scrubbed... Name: not a...

I am a website developer. We deploy a Nginx server on centos to provide HTTP services. Recently, some customers of our website were complaining about that occasionally they could not open the webpage, the web browser show that the tcp connection was reset. I checked the Nginx logs and source code and found that the function "recv" return 0 when some customers made HTTP requests. Our

...term expiry date set. People are careless. And their motivations are subject to change. So having a guillotine date on a personal certificate makes sense from an administrative standpoint. One wants to fail safe. But modifying certificates on sealed servers?. Really, unless one has evidence of penetration and theft of the key store, what possible benefit accrues from changing secured device keys on a frequent basis? We mainly use 4096bit keys which will be secure from brute force until the advent of Quantum computing. At which point brute force attacks will become a pointless worry. Not becau...