similar to: Recent breakins / SSHD root hole?

>From http://www.apache.org/info/20010519-hack.html: "The ssh client at SourceForge had been compromised to log outgoing names and passwords, so the cracker was thus able get a shell on apache.org." user's ssh --> SF's ssh --> apache.org's sshd So basically the user's password was entered in the clear to an untrusted program (SF's ssh). Never mind that

Crap. I hit send too fast. Last sentence in first paragraph should have read "no completely secure way" for authentication to be passed-- because the agent-based forwarding program could have been compromised as well--except for the cases already mentioned such as SRP and RSAAuth where the auth. information is better protected. Even if the SF server had been capable of forwarding the

All-- But it's not as simple as forwarding the password-based authentication. Regardless of what method was used to SSH from system one (user's) to system two (SF), the user then started up *a second* SSH session to go from two (SF) to three (Apache). There is no effective way for any authentication information from the first session to be passed to the second, in my mind. Remember

I''d like to hear some suggestions about securely administering a system remotely. Here''s the application: a project is going to scatter some server machines around the US. The server machines will be running Linux, with the only network servers being a custom application. Ignoring the separate question of physical security, how can I remotely check the system''s

Greetings all, I'm trying to create a CentOS 4.4 kickstart CD (not a network install), duplicating what I've done for Fedora Core 3. I am having a cirular dependency for initscripts, which causes initscripts not to be installed (no /etc/inittab when the boot gets to INIT) The cascade is: initscripts-7.39.25.EL-1.centos4 requires /sbin/nash /sbin/nash is in mkinitrd-4.2.1.8-1

There is a recent article in the German magazine C''t that may be of interest to those on this list. It describes a cracker program, Juggernaut, which can hijack telnet sessions. The program is written specifically to run under Linux. An english translation of the article is available at: http://www.ix.de/ct/english/9710142/ It also mentions that they are working on a version of the

Hai Mark, I see the bugreport for this is still untouched. https://bugzilla.samba.org/show_bug.cgi?id=11998 Is vfs_full_audit not an option? with %I you can log the IP address of the client machine. But i dont know if that wil work of if vfs_full_audit hase that option. With something like this. full_audit:prefix = %u|%I|%m|%S full_audit:failure = connect full_audit:success = connect

Is there some automated system to import windows accounts into a samba or a samba ldap situation? I've got a few hundred users on an NT domain, and I'd like to migrate them sometime before the last piece of hardware supported by NT4 rusts. Right now several linux based samba servers are doing all of the heavy lifting (shared files printers etc), but they are all looking at the domain

This may have been asked before, but I can't find it. I am getting repeated external attempted to log into our AD/DC (running Samba 4.4.14). In /var/log/samba/log.samba I get entried like: 2017/09/19 05:02:25.562957, 2] ../source4/auth/ntlm/auth.c:430(auth_check_password_recv) auth_check_password_recv: sam_ignoredomain authentication for user [HPRS\333] FAILED with error

Is it wise to use an outage to promote your business, not on the user's list and not multiple times? Put it in your signature or something ;-) Thanks, Steve Totaro http://www.asteriskhelpdesk.com KB3OPB > -----Original Message----- > From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users- > bounces@lists.digium.com] On Behalf Of Shane Breen > Sent: Wednesday,

On Tue, 2017-09-19 at 17:02 +0200, L.P.H. van Belle via samba wrote: > Hai Mark, > > I see the bugreport for this is still untouched. > https://bugzilla.samba.org/show_bug.cgi?id=11998 I've closed that bug now. Extensive work has been done to add this feature to Samba 4.7, due out this week: https://wiki.samba.org/index.php/Setting_up_Audit_Logging Two new debug classes,

Hi, I have a 4.9-STABLE FreeBSD box apparently hacked! Yesterday I ran chkrootkit-0.41 and I don't like some of the outputs. Those are: chfn ... INFECTED chsh ... INFECTED date ... INFECTED ls ... INFECTED ps ... INFECTED But all the rest is NOT PROMISC, NOT INFECTED, NOTHING FOUND, NOTHING DELETED, or NOTHING DETECTED. I know by the FreeBSD-Security archives that

Hello- I had to reinstall my system completely, due to a cracker (a script kiddie). I've added the CRAN recommended lines to my sources.list. I removed my old R package (0.92, I believe) and intalled a new one, but it's the 1.3.1 If I remember correctly, this is not the __latest__ version is it? What's happening than, since my /etc/apt/sources.list is correct? TIA Regards

Hi. I'm trying to get plugger to work with ogg123 and it does - sort of. No matter what the song is, it plays 24 seconds of the song and then dies. Same spot every time - I've tried with a short song (Janis Joplin Mercedes Benz) and a long song (Cracker Eurotrash Girl). I have this as the mime identification in the plugger rc file: audio/ogg: ogg: Vorbis Ogg audio application/x-ogg: ogg:

Hi all developers. I cannot consider myself to be a software developer ( only have a fair exposure to some C++, but mostly Perl nad alot of PHP), so forgive my ignorance. I recently had an idea about improving security of a system to make it impossible for another party to hack a system via a login procedure. Now I'm not sure how current authentication systems work, but I think that if

OpenSSH Security Advisory (adv.trojan) 1. Systems affected: OpenSSH version 3.2.2p1, 3.4p1 and 3.4 have been trojaned on the OpenBSD ftp server and potentially propagated via the normal mirroring process to other ftp servers. The code was inserted some time between the 30th and 31th of July. We replaced the trojaned files with their originals at 7AM MDT, August 1st. 2. Impact: Anyone who has

Hi, everyone: My system was compromised a few days ago. The cracker attacked the system through openssh 2.9p2 release 8.7. I attached part of the log file. Thanks. Pin Lu (pin at stredo.com) Nov 25 11:33:05 ns sshd[10627]: Disconnecting: Corrupted check bytes on input. Nov 25 11:33:36 ns named[10478]: Lame server on '55.254.58.211.in-addr.arpa' (in

Means "acclaim" in both Norwegian languages (there are new official rules out today for writing both of the 2 Indo-European Norwegian languages). What made me write this acclaim is the number of postings I've seen about Samba's instability - i.e. run-away processes, profiles going wrong, ACL problems and more. My (high school) site with around 80 w2k workstations, of which

Below the trojaned and clean md5s are given. ---------- Forwarded message ---------- Date: Thu, 1 Aug 2002 13:39:22 +0200 From: Magnus Bodin <magnus at bodin.org> To: Wojtek Pilorz <wpilorz at bdk.pl> Cc: openssh-unix-dev at mindrot.org Subject: Re: openssh-3.4p1.tar.gz on ftp.openbsd.org changing rather than frozen On Thu, Aug 01, 2002 at 09:20:29AM +0200, Wojtek Pilorz wrote:

Hi, just wishing you a merry christmas and happy new year, by presenting to you a new trojan for Linux. It`s professionally made by Apple Computer Inc. (must be somebody who threatened them to do it). <https://www.anubis-ca.com/tmp/IMG_20181210_173521.jpg> <https://www.anubis-ca.com/tmp/IMG_20181210_175350.jpg> ---------Videresendt melding------- Fra: Arun I. Gurung <arun-g at