similar to: SSH login attempts: tcpdump packet capture

Hello Samba people, I have been successfully using Samba for several years, across many minor versions of Samba across many minor versions of Linux kernel 2.4.x and 2.6.x, against a Windows 2000 and then in the past couple of years 2003 AD Domain. This morning, something broke... Setting the stage: RedHat Fedora based Linux box, FC8, updated over time using 'yum update'...,

Dear List... I have a similar question to the one that is copied below. I am trying to get instructions for configuring OpenSSH to use PKI based authentication. I understand that I can provide the server with the public keys of the client machines to get this working (one way) but the next step is where I would like to go... I want SSHD to authenticate my users based upon the "Root

I compiled OpenSSH 3.6.1p1 on NCR MP-RAS v4.3 (or at least "uname -a"'s output of 4.0.3.0 suggests v4.3, I'm not positive). I was able to compile zlib (1.1.4) and openssl (0.9.7a) with little trouble. OpenSSH took hand-hacking the includes.h file as follows: diff -cr openssh-3.6.1p1/includes.h openssh-3.6.1p1-customized/includes.h *** openssh-3.6.1p1/includes.h Sun Oct 20

More patch-o-rama :-( ---Mike >From: Michal Zalewski <lcamtuf@dione.ids.pl> >To: bugtraq@securityfocus.com, <vulnwatch@securityfocus.com>, > <full-disclosure@netsys.com> >X-Nmymbofr: Nir Orb Buk >Subject: [Full-Disclosure] Sendmail 8.12.9 prescan bug (a new one) >[CAN-2003-0694] >Sender: full-disclosure-admin@lists.netsys.com >X-BeenThere:

Due to unpleasant (but arguably valid) policy changes at work, any SSH server within the work firewall must accept only PKI authentication. Unless we can convince the higher-ups otherwise, we will also have to use the commercial SSH server within the firewall. Of course, I should be able to use whatever client I like. Unfortunately, it is not clear that I can get OpenSSH to use PKI authentication.

I'm accustomed to systems where even the first failed login attempt incurs a 5 second delay. I don't think that's too harsh, but everyone has their own needs and considerations. This could be made configurable. -Jay -----Original Message----- From: Rick Jones [mailto:rick.jones2 at hp.com] Sent: Wednesday, December 15, 2004 8:09 PM To: Jay Libove Cc: openssh-unix-dev at

http://bugzilla.mindrot.org/show_bug.cgi?id=238 ------- Additional Comments From djm at mindrot.org 2003-01-07 17:59 ------- What if the ephemeral key generation fails (e.g. not enough entropy, etc) ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

FYI >Mailing-List: contact vulnwatch-help@vulnwatch.org; run by ezmlm >List-Post: <mailto:vulnwatch@vulnwatch.org> >List-Help: <mailto:vulnwatch-help@vulnwatch.org> >List-Unsubscribe: <mailto:vulnwatch-unsubscribe@vulnwatch.org> >List-Subscribe: <mailto:vulnwatch-subscribe@vulnwatch.org> >Delivered-To: mailing list vulnwatch@vulnwatch.org

Has anyone around here heard of this ? ---Mike >Subject: Re: [Full-Disclosure] new ssh exploit? >From: christopher neitzert <chris@neitzert.com> >Reply-To: chris@neitzert.com >To: full-disclosure@lists.netsys.com >X-Mailer: Ximian Evolution 1.4.3.99 >Sender: full-disclosure-admin@lists.netsys.com >X-BeenThere: full-disclosure@lists.netsys.com

Hi Samba users - I recently upgraded my domain at home from being controlled by two somewhat messed up Windows DCs (one 2000 and the other 2003, messed up by my own inexpert management..) to a nice clean new single 2003 DC (SBS, if it matters). I rejoined all workstations, including a Redhat Fedora FC3 based machine, to the new domain. (Actually, I migrated all of the Windows workstations

Recent events, including vulnerabilities that were reported and the subsequent discussions about how they were handled, have made those of us that manage Asterisk development decide that it is time for the Asterisk project to have a formal security vulnerability and advisory reporting process. Over the next few weeks we will begin to formalize and document this process on the asterisk.org

Recent events, including vulnerabilities that were reported and the subsequent discussions about how they were handled, have made those of us that manage Asterisk development decide that it is time for the Asterisk project to have a formal security vulnerability and advisory reporting process. Over the next few weeks we will begin to formalize and document this process on the asterisk.org

Sorry for the cross post, but this is an important one potentially affecting all recipients. This just crossed the Full Disclosure mailman moderated mailing list. It bears a careful read, and thought about whether a response is needed. The implication is that if there is any use of a mailman password in common with a password you 'care' about, you need to take appropriate action at

http://bugzilla.mindrot.org/show_bug.cgi?id=238 Summary: sshd.pid file written AFTER key generation causes race condition Product: Portable OpenSSH Version: 3.1p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P5 Component: sshd AssignedTo:

Hi, I have only recently become aware of Dovecot and gave it a try. The previous 0.99.9.1 version didn't work well for me (OpenSSL), I dropped it, but 0.99.10 has come just in time (saw it on freshmeat) and I thought I'd give it another try if it promised SSL fixes, and it's sorta working for me (i. e. it works with mutt, Mozilla, sylpheed, but not cone -- but cone is beta and has SSL

Is it possible to access the described class in a shared behavior? I''m trying to do something like this: describe "Siberian feline", :shared => true do described_class_instance_as :feline, :name => "fluffy", :breed => "Siberian" # or maybe before(:all) do @feline = described_class.new(:name => "fluffy", :breed =>

You've probably already seen the latest sendmail vulnerability. http://lists.netsys.com/pipermail/full-disclosure/2003-September/010287.html I believe you can apply the following patch to any of the security branches: http://cvsweb.freebsd.org/src/contrib/sendmail/src/parseaddr.c.diff?r1=1.1.1.17&r2=1.1.1.18 Download the patch and: # cd /usr/src # patch -p1 < /path/to/patch #

You've probably already seen the latest sendmail vulnerability. http://lists.netsys.com/pipermail/full-disclosure/2003-September/010287.html I believe you can apply the following patch to any of the security branches: http://cvsweb.freebsd.org/src/contrib/sendmail/src/parseaddr.c.diff?r1=1.1.1.17&r2=1.1.1.18 Download the patch and: # cd /usr/src # patch -p1 < /path/to/patch #

http://bugzilla.mindrot.org/show_bug.cgi?id=540 Summary: sshd [priv] has PPID 1 and is killed by ^C in terminal Product: Portable OpenSSH Version: 3.6p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=617 Summary: /etc/services disregarded Product: Portable OpenSSH Version: 3.6.1p2 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: tiaan at netsys.co.za