search for: unsecur

Hi to all. Is it possible to disable unsecure POP3 protocol at all in Dovecot 2.1? There was "protocols" option in 1.x version, and there was separate pop3 and pop3s modules. There is no "pop3s" in configuration files in 2.1.

Hi, I try to set up dovecot as a proxy server, to proxy requests to several dovecot-based backend servers. I wand external clients who connects to this proxy Dovecot to use TLS (this is easy to set up) while want to have unsecured (plain IMAP/POP) connections to backends. You see, links to backends are over LAN so no TLS needed, and these backends are poor old machines (with old Docecots like 2.0.6) this is why I don't want to use TLS to acces backends. But as I did the test setup I can see proxy Dovecot uses TLS to...

...;> > I try to set up dovecot as a proxy server, to proxy requests to > > >> > several dovecot-based backend servers. I wand external clients who > > >> > connects to this proxy Dovecot to use TLS (this is easy to set up) > > >> > while want to have unsecured (plain IMAP/POP) connections to > backends. > > >> > > > >> > You see, links to backends are over LAN so no TLS needed, and these > > >> > backends are poor old machines (with old Docecots like 2.0.6) this > is > > >> > why I don...

I am trying to download a version of OpenSSH newer than the one preinstalled with my OS. But sadly I find that I can only download it through *unsecured* plain http/ftp/rsync protocol, vulnerable to attacks by anyone in the network path. It is odd that *the* software about security and encryption across untrusted network is distributed to everyone insecurely and not encrypted. Is there any future plan to distribute OpenSSH over secured channel, s...

...proxy server, to proxy requests to > > > > >> > several dovecot-based backend servers. I wand external clients > who > > > > >> > connects to this proxy Dovecot to use TLS (this is easy to set > up) > > > > >> > while want to have unsecured (plain IMAP/POP) connections to > > > backends. > > > > >> > > > > > >> > You see, links to backends are over LAN so no TLS needed, and > these > > > > >> > backends are poor old machines (with old Docecots like 2.0.6) &gt...

...quests to > > > > > >> > several dovecot-based backend servers. I wand external clients > > who > > > > > >> > connects to this proxy Dovecot to use TLS (this is easy to set > > up) > > > > > >> > while want to have unsecured (plain IMAP/POP) connections to > > > > backends. > > > > > >> > > > > > > >> > You see, links to backends are over LAN so no TLS needed, and > > these > > > > > >> > backends are poor old machines (with old...

On Tue, 18 Jun 2019 16:41:06 -0600 "@lbutlr via dovecot" <dovecot at dovecot.org> wrote: > What is the reason for wanting to enable CRAM-MD5? That was intended > to use on unsecured connections; you should not be allowing > authentication on unsecured connections in 2019. > > Establish a secure submission on port 587 or smtps on 465 and do not > use CRAM-MD5 at all. > Possibly a backwards compatibility thing? (eg: legacy mail settings migrating to a new dov...

I am trying to run the CyberMegaPhone demo to see the WebRTC Video Conference demonstration from AstriDevCon 2017 I have been able to make WebRTC work on this same box with SIPML5 demo but not the CMP2K. When I attempt to access the https://myip:8089/cmp2k I am prompted for the unsecure web. I enable unsecure web. (Using the asterisk local certificate generation from the SIPML5 demo). After that, I'm only seeing "Access Denied" web page. "You do not have permission to access the requested URL. .... Asterisk/16.1.1 I do not get to the Welcome to Cyber Mega...

...y to set up dovecot as a proxy server, to proxy requests to > > > >> > several dovecot-based backend servers. I wand external clients who > > > >> > connects to this proxy Dovecot to use TLS (this is easy to set up) > > > >> > while want to have unsecured (plain IMAP/POP) connections to > > backends. > > > >> > > > > >> > You see, links to backends are over LAN so no TLS needed, and these > > > >> > backends are poor old machines (with old Docecots like 2.0.6) this > > is > >...

...l websites and an icecast 2.4.4 running an online radio. The radio on icecast can be listen through its website (on my server too) with an html5 player. Of course since end of january I started to have notifications from listeners that were unable to hear anything due to Chrome browser update and unsecure content (website is of course under SSL with its cert). A patch has been forwarded by myself to the Chrome listeners by instructing them how to allow the unsecure content from the radio's website in the settings of chrome, then I started to find the solution. As you of course know, the windo...

Howdy, I'm using dovecot and mysql users, and i'm creating the password with: ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) So far so good, everything's fine. Today saw that i didn't enabled CRAM-MD5, but if I do, and the (at least) IMAP client (roundcube/thunderbird/etc) issues CRAM-MD5 it doesn't authenticate. What am i doing wrong, or

...e harddrive encryption for FreeBSD using GBDE/GELI and the problem I have is it all depends on a bootable removable token that can by physically secured. While an excellent solution for laptop / desktop users it just doesn't work with a remote colo users. No way you can physically remove your unsecure boot token or at least not remove it and hope to recover remotely from a panic / reboot / failure in a timely manner. Anybody have any ideas on a solution how to do this with a colo'd server. Ideally you could, during boot, send some token (or lock file) via ssh or other secure method but bo...

...is simple, we have existing OpenLDAP and Kerberos authentication system, and I want MS Windows to be able to mount shares from my server using credentials from that authentication system. In the old days (Samba 3), it can use LDAP for login but doing that by storing password in LDAP field using unsecure encryption, and I cannot do that now. I thought now with Samba 4 it will be possible to do with Kerberos. Thank you. -- ____ ____ ____ ____ (stephan paul) Arif Sahari Wibowo /___ /___/ /___/ /___ http://www.arifsaha.com/ ____/ / / / ____/

Hello, I saw that OpenSSH release 6.7 removed all CBC ciphers by default. Is CBC therefore considered as broken and unsecure (in general or SSH implementation)? I also read a lot of references (see below) but still not clear to me what's the actual "security status" of CBC and why it has been removed in general. http://www.openssh.com/txt/release-6.7 sshd(8): The default set of ciphers and MACs has be...

...There has been work > already done to address some of them for Linux (e.g. snprintf). We are > attempting to solve this issue in a comprehensive fashion across all > platforms. Most of the functions identified are for manipulating strings. > Memcpy is the most commonly used of all these unsecure methods. The > following table lists all these functions are their recommended secure > alternatives. I am strongly opposed to using *_s functions. The issue is that they are no more "secure" than original functions. One can still pass the destination buffer length incorrectly,...

This option was considered unsecure, found a fix on the generated opensuse images instead. --- customize/customize_run.ml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/customize/customize_run.ml b/customize/customize_run.ml index ad0ab7f..6cb2328 100644 --- a/customize/customize_run.ml +++ b/customize/cust...

...t; <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/> </filesystem> /etc/libvirt/qemu.conf : user = "root" group = "root" dynamic_ownership = 0 clear_emulator_capabilities = 0 even with this unsecure configuration I wasn't able to achieve that newly created files/dirs in guest machine have ownership of guest machine user but they are still created under root user id. Also strange is that group of those files/dirs are correct. Can somebody help me with this? Thank you. Vojtech

Hi, I install centos 7.2 with kernel version of 3.10.0-327.36.4.el7.x86_64. Where to get its kernel source? Thanks! Regards andrew

...in" <arrfab at centos.org> wrote: >On 13/06/2019 07:47, qw wrote: >> Hi, >> >> >> I install centos 7.2 with kernel version of 3.10.0-327.36.4.el7.x86_64. Where to get its kernel source? >> > >So multiple points: > >- 7.2 is *really* old and unsecure and you shouldn't use that at all >- https://wiki.centos.org/Sources has the instructions on where to find >sources >- http://vault.centos.org also has the src.rpm packages for all releases > >-- >Fabian Arrotin >The CentOS Project | https://www.centos.org >gpg key: 56...

...nd the (at least) > IMAP client (roundcube/thunderbird/etc) issues CRAM-MD5 it doesn't > authenticate. > What am i doing wrong, or that can be done so that all types work (SASL > PLAIN LOGIN + CRAM-MD5)? What is the reason for wanting to enable CRAM-MD5? That was intended to use on unsecured connections; you should not be allowing authentication on unsecured connections in 2019. Establish a secure submission on port 587 or smtps on 465 and do not use CRAM-MD5 at all. -- "Part of the inhumanity of the computer is that, once it is competently programmed and working smoothly, i...