similar to: patch schedule for TCP timestamp issue

Hello, Has anyone tried out the security scoring tool at http://www.cisecurity.org/bench_freebsd.html? Any thoughts or opinions? Regards, stheg __________________________________ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250

it was said: >>On Fri, Mar 18, 2005 at 08:52:30AM +1000, Timothy Smith wrote: >> http://www.securityfocus.com/bid/12825/info/ > >That URL doesn't seem to have any details. > >> openbsd and netbsd have taken action on this, but i see no >>movment in >> the freebsd camp.... > >Well, you wouldn't, on the freebsd-questions list. Security

Hello, all! In the beginning I want to say, that this question seems to be a security one, isn't it so?.. Recently I was googling for the subject and coulnd't find anything... Even in the opennet.ru forum nobody answered me about this. So, as far as I got to know, randomizing source ports in FreeBSD is impossible now? (to be exact - is not implemented?) It's very interesting to me

hello like if 6000 is the main exchange number. any one dial to 6000 will be asked for pressing his desired extension then he can press his desired extension then his number is diled exten=>6000,1,Background(enterdesiredexten) exten=>6000,2,Wait(2) exten=>2000,1,Dial(SIP/${EXTEN})

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:15.tcp Security Advisory The FreeBSD Project Topic: TCP connection stall denial of service Category: core Module: inet Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:15.tcp Security Advisory The FreeBSD Project Topic: TCP connection stall denial of service Category: core Module: inet Announced:

This is my second attempt trying to get help and I am hoping someone can. When the musiconhold extension is matched, Asterisk attempts to execute musiconhold and stops right away, this is what I gets: Executing MusicOnHold("OSS/dsp", "") in new stack -- Started music on hold, class 'default', on OSS/dsp -- Stopped music on hold on OSS/dsp Is there a file that

Hello security gurus, yesterday, I mistakenly posted a question on the questions list about this article : http://www.securityfocus.com/bid/13676/info/ which talks about a form of DOS vulnerability. I was curious as to the possibility of FreeBSD 5.x being affected, and if anyone was working on this or not. Ted Mittelstaedt posted this possible patch based upon the OpenBSD patch : in

Does anybody know of a script of a simple method of converting mbox mail stores to maildirs? I'm moving from an old pop3 system to imap and after installing about half our office with mboxes have found that mbox does not support subfolders which some people like to use. Is there any simple way of converting? I can go to each individual account and "manually" convert swaping data

TCP timestamps on some (but not all?) of our CentOs hosts are being reported as a vulnerability by OSSIM. I have looked into the matter briefly and cannot say that I consider this a serious security issue. The vulnerability seems limited to determining the uptime of the target host. The question therefore arises as to whether or not there is any way to reset the tcp timestamp present value to

On May 19, 2005, at 5:53 AM, Christian Brueffer wrote: > Hi, > > fixes for the vulnerability described in http://www.kb.cert.org/ > vuls/id/637934 > were checked in to CURRENT and RELENG_5 by ps in April. > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_input.c > > Revisions 1.270 and 1.252.2.16 > > He didn't commit it to RELENG_5_4 for some

Hello, I hope this isn't a stupid question, but after editing my sshd_config file to set HashKnownHosts to 'yes' after this feature was recently added it occured to me that many of those same hosts are listed in "Hosts" lines in my ssh_config file. (The servers I connect to use different ports and require different IdentityFiles, so I set the appropriate options for each

Hi guys, I setup an IPPBX and some IP Phones to register to it. IPPBX has 6 "register=> xxx@xxx.x.x.x.." sip accounts. When these sip accounts register timeout due to the WAN network problem all the extensions got logon failed. It seems IPPBX register to its own sip proxy server first. If it failed it cannot take the sip clients' request for registration. Anybody has

Hi, I'm planning to get my Asterisk box out of the LAN, get rid of my router and make the box acts as a Router, Firewall, DHCP Server (with Shorewall). I'll do that to be able to use some SIP clients remotely. Does anyone doing the same with the Asterisk box, is it a good idea, is there any other solution for the SIP emote Clients. Regards. __________________________________

Hi R People: I have a question about setClass please. I'm working thru "R Programming for Bioinformatics". Actually, I was wondering if there is such a thing as an updateClass, in order to change a "contains" option, please? that is, if I had setClass("dog", representation(name="character",paws="numeric",tail="character")) Fair

On Friday, the IC3 (FBI/NW3C/BJA) put out a security advisory on their website that contained a fairly vaguely worded warning about Asterisk systems being compromised and then being used as "vishing" (voice phishing) platforms. They were non-specific on the threat other than to advocate upgrading to "newer versions" of Asterisk. This announcement was done on Friday

XMCD is a popular unix audio cd-player with a unique feature that it will query remote databases over the Internet to determine the title, group, and song list for cds that are being played. The remote database of compact discs has become quite popular and is now supported by several Windows based cd players as well, including EasyCD2, DiscPlay, MyCDPLayer, and WinMCD. XMCD source is available

Hello, I have a problem with selecting the right type of sums of squares for an ANCOVA for my specific experimental data and hypotheses. I do have a basic understanding of the differences between Type-I, II, and III SSs, have read about the principle of marginality, and read Venable's "Exegeses on Linear Models" (http://www.stats.ox.ac.uk/pub/MASS3/Exegeses.pdf). I am pretty new to

On Aug 28, 2013, at 1:50 PM, Paul Robinson <pogo.work at gmail.com> wrote: > On Mon, Aug 26, 2013 at 9:14 PM, Todd Jackson <quantum.skyline at gmail.com>wrote: > >> Personally, I think it is necessary to go for the strongest random number >> generator possible. Cryptographically secure pseudorandom number >> generators have good properties that make them

On Jul 29, 2015, at 3:16 PM, Chris Murphy <lists at colorremedies.com> wrote: > > On Wed, Jul 29, 2015 at 2:15 PM, Warren Young <wyml at etr-usa.com> wrote: >> Just because one particular method of prophylaxis fails to protect against all threats doesn?t mean we should stop using it, or increase its strength. > > Actually it does.There is no more obvious head