similar to: New java update?

Lest anyone think STARTTLS MITM doesn't happen, https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/ Not only for security, I prefer port 993/995 as it's just plain simpler to initiate SSL from the get-go rather than to do some handshaking that gets you to the same point. Joseph Tam <jtam.home at gmail.com>

If I read this correctly, starttls will fail due to the MITM attack. That is the client knows security has been compromised. Using SSL/TLS, the MITM can use SSL stripping. Since most Postifx conf use "may" for security, the message would go though unencrypted. Correct??? Is there something to enable for perfect forward security with starttls? ? Original Message ? From: s.arcus at

> > On 30.9.2019 13.40, tovises wrote: >>> >>>> On 30 Sep 2019, at 13.13, tovises via dovecot <dovecot at dovecot.org> >>>> wrote: >>>> WOW! - amazing quickly, I'm really grateful. >>>> >>>> I was using: -u tovis imapc: nusi but still something wrong. >>>> Patstebin: https://pastebin.com/tH4wzJka

Hey all, Let's make an assumption: 1) I am a root user on a system. 2) I don't want said system being used as a jumping-off point if either a user account or the root account is compromised. Given an unencrypted private key, plus a known_hosts file, plus bash_history, it's a pretty easy avenue of attack once you're in the front door. And it's happened before*. Thus,

On 08/06/18 19:38, Phil Perry wrote: > On 08/06/18 15:54, lejeczek wrote: >> hi >> >> how do you pass vars to rpmbuild for definition? eg >> >> rpmbuild --define \'"${_definition2}"\' >> >> I've been fiddling with ways to escape, but none is >> fricking working.. >> I mean, rpmbuild rushes to work(no errors nor

hi how do you pass vars to rpmbuild for definition? eg rpmbuild --define \'"${_definition2}"\' I've been fiddling with ways to escape, but none is fricking working.. I mean, rpmbuild rushes to work(no errors nor failure) so if you try just the command line do not believe it, because later as it executes %if you will see process does not see these definitions. many

Hi everyone, I have a very annoying character encoding problem. Have a look to this: # ls -l M*mo-1.* -rw-rw-rw- 1 root root 8417218 6 sept. 2013 Mémo-1.aif -rwxr--r-- 1 hope hope 8417218 6 sept. 2013 Mémo-1.aif -rw-rw-rw- 1 root root 363175 6 sept. 2013 Mémo-1.m4a -rwxr--r-- 1 hope hope 363175 6 sept. 2013 Mémo-1.m4a Yes, it looks like two files have exactly the same name, but

The CentOS team has been looking at the issue called out in these stories: http://threatpost.com/en_us/blogs/trivial-password-flaw-leaves-mysql-databases-exposed-061112 http://arstechnica.com/information-technology/2012/06/security-flaw-in-mysql-mariadb-allows-access-with-any-password-just-keep-submitting-it/ http://www.net-security.org/secworld.php?id=13076 According to the upstream provider

On 21/08/17 22:18, Joseph Tam wrote: > > Lest anyone think STARTTLS MITM doesn't happen, > > https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/ > > Not only for security, I prefer port 993/995 as it's just plain simpler > to initiate SSL from the get-go rather than to do some handshaking that > gets you to the same

On 22.08.2017 03:56, Peter wrote: >>> Lest anyone think STARTTLS MITM doesn't happen, >>> >>> https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/ > Right, the attack does happen, but it can be prevented by properly > configuring the server and client. Dovecot, by default, requires STARTTLS before accepting plaintext

I like to retain some semblance of optimism for humanity, and so I'm just going to hope that this assertion is false. I have to hope that there is at least a large minority of people who correctly use ssh-agent for the suppression of password prompting, and protect their private keys with passwords.? -------- Original message -------- From: Dan Kaminsky <dan at doxpara.com> Date:

> > >> On 30 Sep 2019, at 13.13, tovises via dovecot <dovecot at dovecot.org> >> wrote: >>> >> WOW! - amazing quickly, I'm really grateful. >> >> I was using: -u tovis imapc: nusi but still something wrong. >> Patstebin: https://pastebin.com/tH4wzJka >> The most relevant part (I think) is: >>

OK, it's been a while since I drank from the pool of wisdom hear on the list. After cracking my head against the wall for a few days trying to figure this out, I have decided to swallow my pride and take the drink. So, on to my question: I have some agents/operators setup in sip.conf which point to a context where I have just about disabled outbound calls (only specific numbers can be

>> Lest anyone think STARTTLS MITM doesn't happen, >> >> https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/ Right, the attack does happen, but it can be prevented by properly configuring the server and client. >> Not only for security, I prefer port 993/995 as it's just plain >> simpler to initiate SSL from the get-go

Hi, I`m having an issue trying to get Windows XP 64bit to join my samba domain. I`m running Version 3.0.31-0.fc8, I currently have no problems joining my 32bit xp workstations to the domain, but xp x64 current refuses with "parameter is incorrect" error, I`ve turn debug ouput on but can`t see any obvious errors in the samba logs. Checking the ldap entry shows the machine is

On Thu, Apr 26, 2018 at 07:29:41PM +0200, Emmanuel Florac via samba wrote: > Hi everyone, > > I have a very annoying character encoding problem. Have a look to this: > > # ls -l M*mo-1.* > -rw-rw-rw- 1 root root 8417218 6 sept. 2013 Mémo-1.aif > -rwxr--r-- 1 hope hope 8417218 6 sept. 2013 Mémo-1.aif > -rw-rw-rw- 1 root root 363175 6 sept. 2013 Mémo-1.m4a >

On 08/06/18 15:54, lejeczek wrote: > hi > > how do you pass vars to rpmbuild for definition? eg > > rpmbuild --define \'"${_definition2}"\' > > I've been fiddling with ways to escape, but none is fricking working.. > I mean, rpmbuild rushes to work(no errors nor failure) so if you try > just the command line do not believe it, because later as

On 08/06/18 22:54, lejeczek wrote: > > > On 08/06/18 19:38, Phil Perry wrote: >> On 08/06/18 15:54, lejeczek wrote: >>> hi >>> >>> how do you pass vars to rpmbuild for definition? eg >>> >>> rpmbuild --define \'"${_definition2}"\' >>> >>> I've been fiddling with ways to escape, but none is

On 09/06/18 13:13, Phil Perry wrote: > On 08/06/18 22:54, lejeczek wrote: >> >> >> On 08/06/18 19:38, Phil Perry wrote: >>> On 08/06/18 15:54, lejeczek wrote: >>>> hi >>>> >>>> how do you pass vars to rpmbuild for definition? eg >>>> >>>> rpmbuild --define \'"${_definition2}"\'