search for: unauthenticated

Displaying 20 results from an estimated 435 matches for "unauthenticated".

2006 Oct 12
5
unauthenticated calls
Hi list, i noticed from the cli my asterisk box is accepting unauthenticated calls how can i prevent this? CLI: -- Accepting UNAUTHENTICATED call from 192.168.0.2: > requested format = gsm, > requested prefs = (), > actual format = ulaw, > host prefs = (g729|ulaw|alaw), > priority = mine -------------- next part --------...
2023 Mar 18
4
Minimize sshd log clutter/spam from unauthenticated connections
Dear OpenSSH developers, a publicly accessible sshd on port 22 generates a lot of log clutter from unauthenticated connections. For an exemplary host on a university network, sshd accumulates 5~20k log lines on a single day (more than 90% of the total amount of syslog lines). That is despite the host having a restricted configuration (no SSH password authentication, firewall rate limit for new SSH connectio...
2008 Mar 18
0
AST-2008-003: Unauthenticated calls allowed from SIP channel driver
...oject Security Advisory - AST-2008-003 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Unauthenticated calls allowed from SIP channel | | | driver | |--------------------+---------------------------------------------------| | Nature of Advisory | Authentication Bypass | |--------------------+----...
2008 Mar 18
0
AST-2008-003: Unauthenticated calls allowed from SIP channel driver
...oject Security Advisory - AST-2008-003 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Unauthenticated calls allowed from SIP channel | | | driver | |--------------------+---------------------------------------------------| | Nature of Advisory | Authentication Bypass | |--------------------+----...
2023 Mar 18
1
Minimize sshd log clutter/spam from unauthenticated connections
...it can indicate cause for concern. David Lang On Sat, 18 Mar 2023, Carsten Andrich wrote: > Date: Sat, 18 Mar 2023 13:15:29 +0100 > From: Carsten Andrich <carsten.andrich at tu-ilmenau.de> > To: openssh-unix-dev at mindrot.org > Subject: Minimize sshd log clutter/spam from unauthenticated connections > > Dear OpenSSH developers, > > a publicly accessible sshd on port 22 generates a lot of log clutter from > unauthenticated connections. For an exemplary host on a university network, > sshd accumulates 5~20k log lines on a single day (more than 90% of the total &...
2018 May 18
2
Disconnecting unauthenticated IMAP entities faster?
...y sit there until the three-minute timeout is hit, blocking legit users. The only workaround is to raise both the imap and imap-login processes to a massive amount to support all the pre-auth hung open connections. It would be a lot easier to find a reasonable process limit if we could boot these unauthenticated connections off in a more reasonable amount of time, like 5-10 seconds, but I'm not seeing a way to accomplish that? Thanks
2005 Jun 23
1
Rate Limit Unauthenticated connections ?
I am seeing a recent increase in SSH harvesting attempts and brute forcing in the log of my system. I'm interested in opening up some discussion around what OpenSSH can do itself to counter measure against: * DoS attack where too many unauthenticated connections are open. I'm not interested in stopping the professional saboteur but the casual script kiddie (to use IRC terms) from downloading the latest SSH harvesting program and running it from their limited internet connection. * The reason why OpenSSH should actively have internal su...
2018 May 18
0
Disconnecting unauthenticated IMAP entities faster?
...e until the three-minute timeout is hit, blocking legit users. The only workaround is to raise both the imap and imap-login processes to a massive amount to support all the pre-auth hung open connections. > > It would be a lot easier to find a reasonable process limit if we could boot these unauthenticated connections off in a more reasonable amount of time, like 5-10 seconds, but I'm not seeing a way to accomplish that? > https://github.com/PowerDNS/weakforced <https://github.com/PowerDNS/weakforced> is just for situations like this. Sami -------------- next part -------------- An HT...
2004 Jul 29
1
Unauthenticated calls from a specific IP
Skipped content of type multipart/alternative-------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/jpeg Size: 4055 bytes Desc: not available Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20040729/85af8309/attachment.jpeg
2008 Feb 27
0
Prevent unauthenticated PDC users to login locally
...ain controller refuses to authenticate the user. The user is not able to access the shares but can use the local machine. How can I prevent windows to login the user locally when the domain controller refuses authentication? thankz, -- View this message in context: http://www.nabble.com/Prevent-unauthenticated-PDC-users-to-login-locally-tp15479155p15479155.html Sent from the Samba - General mailing list archive at Nabble.com.
2018 Feb 23
6
RADIUS
...; the ones that use PXE boot.? I tried things out with a switch, and it would >> basically work.? If it makes sense to go any further with this and how now >> needs to be determined ... > > A client that can't authenticate gets the network it's provided with by being > unauthenticated.? If an unauthenticated client can't have any network access, > that's what they get.? Presumably you could drop an unauthenticated machine > into a different VLAN. That would be a problem because clients using PXE-boot require network access, and it wouldn?t contribute to security i...
2009 Nov 12
3
allowguest defaults to yes for SIP
In your sip.conf file allowguest defaults to yes. This means that anyone that can reach the SIP ports on that system has access to make unauthenticated calls, by default. The administrator actually has to go in and turn it off to prevent unauthenticated SIP calls (in whatever context [general] points at). Does anyone else agree with me that this is a poor default? I'd like to see the default setting changed. It seems to me that this def...
2018 May 17
2
Decoding SIP register hack
I need some help understanding SIP dialog. Some actor is trying to access my server, but I can't figure out what he's trying to do ,or how. I'm getting a lot of these warnings. [May 17 10:08:08] WARNING[1532]: chan_sip.c:4068 retrans_pkt: Retransmission timeout reached on transmission _zIr9tDtBxeTVTY5F7z8kD7R.. for seqno 101 With SIP DEBUG I tracked the Call-ID to this INVITE :
2013 May 15
1
Puppet 3.2.0-0.1rc2.el6 SSL problem
I am having an issue adding new clients to puppet. The master is not accepting connections from unauthenticated clients, even though my auth.conf that worked with v3.1.1 has not changed. If I test ssl via curl -k, the puppet master returns "can''t convert nil into String" to the client. The http log on the master shows a 400 return code. Also note, I''m using passenger &...
2023 Mar 19
1
Minimize sshd log clutter/spam from unauthenticated connections
To radically cut down on SSH log spam you can also hide it completely behind a firewall, and allow access only by some port knocking sequence. I quite like having a process listen on port 53 and wait for a dns query containing a totp string to grant (temporary) access; that's a 2fa, and doing a "host 123456. my-ip" is easily automated in a shell script as well...
2023 Jun 11
0
Minimize sshd log clutter/spam from unauthenticated connections
On 10.06.23 11:19, Carsten Andrich wrote: > For the time being, I've deployed a quasi-knocking KISS solution that > sends an unencrypted secret via a single UDP packet. Server side is ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > realized entirely with nftables ... frankly, for that reason, I like fwknop (in my case, straight from OS repos) better ... I'd still have to see fwknopd exit
2006 Nov 22
0
in Asterisk Manger its Unauthentication User and Host ..........
Hello Users......... I'm Now doing on Asterisk Manager for My knowledge Growth, Can anybody explan me on Asterisk Manager settings....... in manager.conf [general] enabled =yes port = 5038 bindaddr = 192.168.2.75 displayconnects = yes [hyperion] secret = hyperion permit=192.168.2.76/255.255.255.0 deny=0.0.0.0/0.0.0.0 read = system,call,log,verbose,command,agent,user write =
2023 Mar 18
3
Minimize sshd log clutter/spam from unauthenticated connections
...ms of log spam on disk. Regardless of which syslog solution is being used, I find it inconvenient to manually assemble and maintain a filter list. I believe an sshd configuration option, which of course defaults to false, would be the best solution. Currently, the sheer amount of messages from unauthenticated connections drowns out anything else. I took this opportunity to sift through sshd's messages of almost 2 years via: journalctl -t sshd -o cat \ | grep -v '^Accepted ' \ | sed -E 's/[Uu]ser \S+/user .../' \ | sed -E 's/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/0.0.0.0/...
2018 Feb 22
4
RADIUS
Gordon Messmer wrote: > On 02/14/2018 08:37 AM, hw wrote: >> Then what?? How do I make it so that the users are actually able to authenticate? > > > Look for documentation on 802.11x authentication for the specific client you want to authenticate. Thanks, I figured it is what I might need to look into. How about a client that uses PXE boot? > WiFi is pretty
2006 Apr 24
1
E1 testing
...-- next part -------------- Console logs from Asterisk A: Executing Dial("SIP/test0-5821", "Zap/6/327557670||Tt") in new stack -- Requested transfer capability: 0x00 - SPEECH -- Called 6/327557670 -- Zap/6-1 is proceeding passing it to SIP/test0-5821 -- Accepting UNAUTHENTICATED call from 195.66.73.122: > requested format = alaw, > requested prefs = (alaw|gsm), > actual format = alaw, > host prefs = (alaw|gsm), > priority = mine -- Executing Set("IAX2/soekris2-1", "CALLERID(number)=0327557574") in ne...