similar to: Problem with TCP_wrappers

Hi Are there any known security holes or necessary precautions in using port forwarding with ipportfw? I'm planning on forwarding ports from an outer firewall/router (connected to the Internet) to a host in the DMZ, then on from the DMZ host to the inner firewall, and finally from the inner firewall to some host on the inside. Thanks, Jens jph@strengur.is From mail@mail.redhat.com Wed

I have a RedHat 6.0 x86 server which is serving a number of minor things, which I wish to add shell access to. I'm currently running sshd and am quite happy with it, the exceptiong being that I am unable to make sshd perform a chroot for shell account users. I have been reading man pages and howto's, many of which discuss sshd or chroot, but never the two together. Is this not an

Parsing bug was discussed here: <http://lists.alioth.debian.org/pipermail/nut-upsuser/2010-September/006230.html> Parsing bug summary ------------------- working /etc/hosts.allow: upsd 127.0.0.1 [::1] : ALLOW broken in /etc/hosts.allow: upsd localhost : ALLOW It looks like upsd originally intended to match nut username with system username? This is not the case now. This causes

Hello, I just upgraded my nut 2.2.1 setup to 2.4.1. The "upsdrvctl shutdown" command now works using a APC Backup-UPS CS350 via USB. Great! The removed ACL/allowfrom functionality can be replaced by tcp_wrappers. Unfortunately there isn't much documentation about the migration. First you have to compile nut with "--with-wrap". I have a special "nutadmin"

Hello, I have just found little bug in OpenSSH's tcp_wrappers handling. In file sshd.c you can find: if (!hosts_access(&req)) { close(sock_in); close(sock_out); refuse(&req); } If username was not requierd for authorization (for example you are refusing all connection from specific

http://bugzilla.mindrot.org/show_bug.cgi?id=948 Summary: high CPU in sshd after tcp_wrappers deny Product: Portable OpenSSH Version: 3.9p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=948 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- URL| |http://www.aet.tu- | |cottbus.de/rt2/Ticket/Displa |

Most certainly YES!!! Next to iptables tcp_wrappers is a solid seconde line of defense. The argument that is is no longer developped is rubbish. The package does what is should do, functionality isexactly what it should be and it is bug free. Also it is flexible enough to do other tricks with it like spawning something depending on the ip address the incoming connection is coming from. It is a

Hi, I've just started using Dovecot (v1.1.14), and I'm noticing a lot of dictionary attacks. I searched through the documentation and the mailing list archives hoping to find support for tcp_wrappers (hosts.deny) support. I did find some suggested patches in the list from last year, but as far as I can tell, there is no support in the released versions. Is this implemented and

I was under the impression it was just compatibility, and not actually built-in, but I thought I'd ask here and just make sure of what I'm saying. :) TIA. -- Austin Gonyou Systems Architect, CCNA Coremetrics, Inc. Phone: 512-698-7250 email: austin at coremetrics.com "It is the part of a good shepherd to shear his flock, not to skin it." Latin Proverb -------------- next part

-----BEGIN PGP SIGNED MESSAGE----- ##### ## ## ###### ## ### ## ## ##### ## # ## ## ## ## ### ## ##### . ## ## . ###### . Secure Networks Inc. Security Advisory

Hi, attached is a patch by Chris Faylor <cgf at cygnus.com> relative to 2.2.0p1. Description: OpenSSH does not allow port gatewaying by default. This means that only the local host can access forwarded ports. Adding "GatewayPorts yes" to .ssh/config usually does this job. Unfortunately, OpenSSH does not recognize the same hosts.allow/ hosts.deny options as ssh.com's sshd

http://bugzilla.mindrot.org/show_bug.cgi?id=948 ------- Additional Comments From dtucker at zip.com.au 2005-01-19 20:01 ------- Also worth trying: patch #772 in bug #973 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

In file included from libopts.c:23: ./makeshell.c:138:26: warning: more '%' conversions than data arguments "unset OPT_ARG_VAL || :\n%2$s"; This is not correct. The format below uses the first argument twice and the second argument once. The "clang" analysis does not properly recognize the "1$" and "2$" modifiers. This is POSIX for a while,

On Sun, 27 Jun 2004 15:43:30 +0700 <arkady-parabel@ngs.ru> wrote: > Hi. > > I'm using a powerpc-based board (CPU - Motorolla 82855, 50 > Mhz) with 32 Mb of RAM, Big Endian. > Linux kernel - 2.4.22, bridge - statically linked & as a > module > brctl - 0.9.6 > Ethernet - fec (arch/ppc/8xx_io/fec.c) > All this was compiled with gcc version 3.2.2 20030217

-----BEGIN PGP SIGNED MESSAGE----- Hi, I''ve got several replies, thank you for them. Let me summarize: o Many people say there is a PAMified version of ssh available at ftp://ftp.replay.com/pub/crypto/redhat/SRPMS (the source) ftp://ftp.replay.com/pub/crypto/redhat/i386 (Intel binaries) (there are analogous paths for the other architectures). The packages are made by Jan

Hi all, Would appreciate if you can help me resolve this issue. I'm getting following error on running configure: The library libcrypto.a is under "/opt/freeware/lib" and is the only instance of libcrypto.a. And I'm using IBM AIX C compiler 6.0. configure: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) *** CONFIGURE $ ./configure

http://bugzilla.mindrot.org/show_bug.cgi?id=954 Summary: configure w/PAM & tcp_wrapper crashes on Irix 6.5 Product: Portable OpenSSH Version: 3.8.1p1 Platform: MIPS OS/Version: IRIX Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-bugs at mindrot.org

On Monday 14 March 2005 06:29 pm, Mark Williamson wrote: > > I don''t know if this is the right place to post, but I can''t find any > > info about my problem on the net. > > Yes, this is the right place. > > > title Xen2610 > > kernel /boot/xen.gz dom0_mem=131072 console=vga > > module /boot/vmlinuz-2.6.10-xen0 root=/dev/hde1 ro console=tty0

Hi all, This is a proposal for supporting keyword arguments to Sizer#add following the thread below : http://rubyforge.org/pipermail/wxruby-development/2008-March/001244.html After a deeper look at lib/wx/keyword_ctors.rb and lib/wx/keyword_defs.rb, I understood the whole thing :-). I just reused and modified slightly the method args_as_list. The new Sizer#add_item combines the features of add