similar to: scp in batch mode

Hello, we are interested to learn how Shorewall can be configured to look into a packet''s payload, say to look for footprints of Red Code or Nimbda (for example). From the site web page features section we understand Shorewall only looks into the packet''s header. Your enlightening answer will be appreciated. Regards Jose.

I would like deliver to reject certain users. Since supposedly deliver only uses userdb, not passwd, I can't use deny=yes for that. Or does userdb support deny=yes? Yes, I should rather reject them right in the MTA, but that currently takes too long to implement. Or how to reject gast* in postfix using nss authentication?

Update, for those that want to know... The attacker used a worm or bot that tried hundreds (if not thousands) of connections through SMBD. (Samba). I was running 2.2.7. I noticed the attempts for a week, but the log file always showed "access denied" so I wasn't too worried about it. Well, obviously, one of those attempts got through... At this time, the worm (or bot) modified

Greetings CentOS community! I connect to a very large number of new machines with a handful of my CentOS boxen. Whenever I connect to a new host, I *REALLY* would like to *NOT* see the error message such as this: The authenticity of host 'w.x.y.z (w.x.y.z)' can't be established. RSA key fingerprint is 62:7a:6c:e5:03:f5:47:be:23:a5:c5:e5:c3:60:9b:8d. Are you sure you want to continue

So I have been reading the ssh attack thread and finally want to ask about something. I doubt there is a program like this, but I would love to have a program that listens at common ports that I do not use at all...and only allow that program to listen to it, especially the usual ssh port (using a different one for real ssh)... That program would then, upon receiving a 'sniff' or

I want to connect to an InFocus projector that sits behind a Panduit VGA adapter. I use a Thinkpad P51 with a mini display-port to VGA converter. The laptop runs Manjaro and has the video-hybrid-intel-nouveau-prime installed and it works with other monitors. For some reason it does not detect the projector that is connected through the Panduit. The keyboard shortcut to switch monitor configuration

Recent proftpd security vulnerability release FYI. Ports has latest patched proftpd distribution. -- Jez http://www.munk.nu/ -------------- next part -------------- An embedded message was scrubbed... From: Dave Ahmad <da@securityfocus.com> Subject: ISS Security Brief: ProFTPD ASCII File Remote Compromise Vulnerability (fwd) Date: Tue, 23 Sep 2003 10:25:54 -0600 (MDT) Size: 4588 Url:

SSH.COM says their SSH2 is not vulnerable to the ZLIB problem even though they use the library (details below). Can OpenSSH say the same thing? In either case, it seems like there ought to be an openssh-unix-announce message about what the situation is. I may have missed it, but I don't believe there was one. Yes, openssh doesn't have its own copy of zlib source but it would still be

Colin, good day! Spotted two patches for x11-servers/xorg-server port: see entries for x11r6.9.0-dbe-render.diff and x11r6.9.0-cidfonts.diff at http://xorg.freedesktop.org/releases/X11R6.9.0/patches/index.html Seems like they are not applied to the xorg-server-6.9.0_5. May be it should be added to the VuXML document? There is a ports/107733 issue that incorporates these patches. May be you

Hello, For some reason, I thought little about the "clear" command today.. Let's say a privileged user (root) logs on, edit a sensitive file (e.g, a file containing a password, running vipw, etc) .. then runs clear and logout. Then anyone can press the scroll-lock command, scroll back up and read the sensitive information.. Isn't "clear" ment to clear the

http://www.securityfocus.com/bid/12825/info/ no patch or anything, is there any action on this?

I did not see any commits to the OpenSSL code, recently; is anybody going to commit the fix? See http://www.securityfocus.com/archive/1/480855/30/0 for details ... Regards, STefan

The following is pasted from SecurityFocus Newsletter #254: ------------------------- Asterisk PBX Multiple Logging Format String Vulnerabilities BugTraq ID: 10569 Remote: Yes Date Published: Jun 18 2004 Relevant URL: http://www.securityfocus.com/bid/10569 Summary: It is reported that Asterisk is susceptible to format string vulnerabilities in its logging functions. An attacker may use these

Good day. Just spotted the new advisory from CORE: http://www.securityfocus.com/archive/1/462728/30/0/threaded Not an expert, but FreeBSD's src/sys/kern/uipc_mbuf2.c has the very simular code. Robert, anyone, could you please check? Thank you. -- Eygene

Le Jeudi 11 Avril 2002 21:09, m.ibarra at cdcixis-na.com a ?crit : > I was curious to know if you had any luck in getting openssh's sftp > server properly configured to allow chrooted sftp logins? I have had > no success and need something quickly. Dear Mike, Unfortunately, I did not succeed to have it work. I got in contact with James Dennis <jdennis at law.harvard.edu>, who

Hi, According to IETF draft draft-ietf-secsh-transport-14.txt, different ciphers(encryption), MAC and compression can be used for one direction say server-to-client and a completely different cipher, MAC and compression for the other direction client-to-server of the same connection. Is this supported today in OpenSSH, and if not, are there plans to support it in any future releases of the code?

I have upgraded my computer from win95 to win98 and now I'm getting "The password is incorrect. Try again." on shares that were working. Any ideas??? Thanks Rob -- ------------------------------------------------------- Stonebridge Technologies ------------------------------------------------------- Robert Spiecha rspiecha@sbti.com SE (Memphis) (888) 541-5879

hello, maybe an outdated question: there was a message on the securityfocus mailing list (bugtraq) today (and several month before) about a remote buffer overflow in icecast v1.3.10 (which seems to be a package in debian). does this affect 1.3.11 too or is the version at http://www.icecast.org/download.html fixed? thanks, uno <p>--- >8 ---- List archives: http://www.xiph.org/archives/

it was said: >>On Fri, Mar 18, 2005 at 08:52:30AM +1000, Timothy Smith wrote: >> http://www.securityfocus.com/bid/12825/info/ > >That URL doesn't seem to have any details. > >> openbsd and netbsd have taken action on this, but i see no >>movment in >> the freebsd camp.... > >Well, you wouldn't, on the freebsd-questions list. Security

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Has anyone see this alert? http://www.securityfocus.com/archive/1/353352 It seems to work on Linux, but when I tried the proof of concept on 4.3.0,1 running 5.2 RELEASE, I couldn't get the X server to core dump or segmentation fault. So, it seems likely to me that FreeBSD is not vulnerable to this. Any other thoughts on this matter? John