similar to: Tips punching through tight firewalls

Hello Guus. I've reading mailing list archives threads about it at http://www.tinc-vpn.org/pipermail/tinc/2011-July/thread.html#2757 and http://rutschle.net/pipermail/sslh/2011-July/thread.html and now trying to hide tinc server behind sslh multiplexer but without luck. First of all directly it works fine. Initiator (instance of tincd with ConnectTo statement) successfully establishes

Hi all! I'm using sslh. It's a multiplexer, used to let you have ssh, https, stunnel, etc on one port. In 6.2 there is a change in default behaviour: * ssh(1): When SSH protocol 2 only is selected (the default), ssh(1) now immediately sends its SSH protocol banner to the server without waiting to receive the server's banner, saving time when connecting. which, i suppose,

I know that this has been discussed before and I know that you should avoid it, and use a real VPN solution. I would like to move from port-forwarding via ssh to VPN and I have only the ssh port open. What is the current state of the art if you want to create VPN over ssh? Regards, Thomas -- Thomas Guettler http://www.thomas-guettler.de/ I am looking for feedback:

Hi all, few days ago I have installed sslh on my server and I discover that recently OpenVPN support was added. Reading the code I found that sslh use the first few bytes of the new connection to decide what kind of connection it is, than it muxes the connection on the appropriate deamon. There is a "sign" for the tinc connection?

Hi all, I am behind a firewall which only let UDP 80 go through. In order to connect to an outside public node by UDP, I can set ... Port = 80 ... However, an httpd is running on the public node, occupying TCP 80. How can I configure tinc to bind on TCP 8080 but listen to UDP 80? Redirecting UDP 80 to UDP 8080 on the public node is one method. Is there a more elegant way to

With pleasure we announce the release of tinc version 1.0.23. Here is a summary of the changes: * Start authentication immediately on outgoing connections (useful for sslh). * Fixed segfault when Name = $HOST but $HOST is not set. * Updated the build system and the documentation. * Clean up child processes left over from Proxy = exec. This version of tinc is compatible with 1.0pre8, 1.0

With pleasure we announce the release of tinc version 1.0.23. Here is a summary of the changes: * Start authentication immediately on outgoing connections (useful for sslh). * Fixed segfault when Name = $HOST but $HOST is not set. * Updated the build system and the documentation. * Clean up child processes left over from Proxy = exec. This version of tinc is compatible with 1.0pre8, 1.0

I ran across an interesting article (http://www.heise-security.co.uk/articles/print/82481) (1) that I think any and all firewall administrators should take a few moments to read. I personally have known that using "-m state --state ESTABLISHED,RELATED" was not the most secure thing to use for returning traffic. Namely this will allow you to make a valid connection to a web server,

Even if the hole punching is executed, the modification time of the file is not updated. So, current time is set to inode. Signed-off-by: Tsutomu Itoh <t-itoh@jp.fujitsu.com> --- fs/btrfs/file.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/btrfs/file.c b/fs/btrfs/file.c index 110d3cb..15fecc1 100644 --- a/fs/btrfs/file.c +++ b/fs/btrfs/file.c @@ -1964,6 +1964,9 @@ out_trans:

Hi, I read about the invitation protocol that will be introduced in 1.1pre8. Is there any mechanism of UDP hole punching to establish a VPN behind NAT? Cheers, Nik -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet. -------------- n?chster Teil -------------- Ein Dateianhang mit HTML-Daten wurde abgetrennt... URL:

This patch provides a simple way to break out of a tight loop and bug: from the hypervisor monitor press ctrl-A, ctrl-A, ctrl-Z Signed-off-by: Robert S. Phillips (rphillips@virtualiron.com) _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel

On Mon, Mar 2, 2009 at 4:58 PM, Jonathan Turner <probata at hotmail.com> wrote: > The crux of the example still seems intact. Have you tried putting something non-trivial (like asm("nop;");) where you'd put the code that runs on the timeout? -Eli

On Wed, Oct 28, 2020 at 2:31 PM Kingsley Tart - Barritel Ltd < kingsley.tart at barritel.com> wrote: > Hi, > > We're using Asterisk 13.17.0 with PJSIP 2.8 bundled. > > I've found an issue when Asterisk tries to make a SIP call out using > auth, but has the wrong credentials and keeps getting returned a SIP > 407, in this example to an OpenSIPs server requiring

On Wed, 2020-10-28 at 14:40 -0300, Joshua C. Colp wrote: > This is not yet fixed, but is being worked on. I have it as a > security issue currently out of caution (although I don't think we'll > treat it as one after further investigation). Right OK, thanks. Do you have any idea of the sort of timescale, and whether it'll be available as a patch that we can apply to our

dovecot-1.2.8 creates /var/run/dovecot mode 750. I run postfix+dovecot in a virtual user setup. Postfix calls deliver as user vmail group vmail. Nov 29 12:53:04 imap.invalid dovecot: [ID 583609 mail.error] deliver(frank): userdb lookup: connect(/var/run/dovecot/auth-master) failed: Permission denied (euid=500(vmail) egid=500(vmail) missing +x perm: /var/run/dovecot) I will say this:

Hi - I saw your posting on the R-help mailing list. Were you ever able to get this working? did you end up switching to use the rsge library? I'm trying to do the same, and not having very much luck getting it going. Thanks! Peter Waltman [[alternative HTML version deleted]]

How do I specify a "tight" y-axis, where the plot completely fills the y-axis range, inside the prepanel function? For example, consider the following code: require(lattice) set.seed(12345) x <- 1:1000 y <- cumsum(rnorm(length(x))) prepanel.test <- function(x, y, groups = NULL, subscripts = NULL, ...) { if (is.null(groups)) { result <- list(ylim = range(y)) }

Hi, What if some fail2ban magic could keep OpenSIPs response from hitting Asterisk after N attempts ? Le mer. 28 oct. 2020 à 18:32, Kingsley Tart - Barritel Ltd < kingsley.tart at barritel.com> a écrit : > Hi, > > We're using Asterisk 13.17.0 with PJSIP 2.8 bundled. > > I've found an issue when Asterisk tries to make a SIP call out using > auth, but has the wrong

hello i am a new user of R I wonna run a double exponential function with nonlinear quantile regresion model the double exponential function is Y=( ab1978*ab1979*ab1980*ab1981*ab1982*ab1983*ab1984*ab1985*ab1986*ab1987*ab1988*ab1989* ab1990* ab1991*ab1992*ab1993*ab1994* 6670*ab7175*ab7680*ab8185*ab8690*ab9193*abgg*abgf*abgu*abgj*abgd*abfg*abff*abfu*abfj*abfd*abug*abuf*abuj*abud*

On Mon, Mar 2, 2009 at 11:38 AM, Jonathan Turner <probata at hotmail.com> wrote: > With gcc -O3 4.2 and 4.4 we match 1.0s.   The LLVM, after running it through > opt -std-compile-opts, is around 1.7s. Hmm, on my computer, I get around 2.5 seconds with both gcc -O3 and llvm-gcc -O3 (using llvm-gcc from svn). Not sure what you're doing differently; I wouldn't be surprised if