similar to: UDP Constant IP Identification Field Fingerprinting Vulnerability

We received a notice from our pci-dss auditors respecting this: CVE-2002-0510 The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. The NVD entry for which contains this note: CHANGE> [Cox changed vote from REVIEWING to NOOP] Cox> So I

On Mon, June 27, 2016 12:29, Gordon Messmer wrote: > On 06/26/2016 01:50 PM, James B. Byrne wrote: >> However, all I am seeking is knowledge on how to handle this using >> iptables. I am sure that this defect/anomaly has already been >> solved wherever it is an issue. Does anyone have an example on >> how to do this? > > > I think the bit you're missing is

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As you all may know Fyodor of nmap fame has terminated SCO's rights to distribute namp with its products. See: http://www.smh.com.au/articles/2004/02/27/1077676955381.html I know this is off-topic, but I am interested in opinions on the subject of SCO using Samba in it's products while they declare the GPL is unconstitutional and invalid.

Greetings, I am running into *possible* Samba/Firewall issues. Our Samba v3.0.11 server is also running iptables. In our log.nmbd file we have noticed the following: [2005/09/27 15:43:41, 1] libsmb/cliconnect.c:cli_connect(1313) Error connecting to 130.xx.xx.xx (Connection refused) [2005/09/27 15:50:21, 0] libsmb/nmblib.c:send_udp(790) Packet send failed to 130.xx.xx.xx(138) ERRNO=Operation

hello, could someone test the my icecast 2 server? there should be a stream at http://real.radiostudio.org:8000/vorbis, but I'm not able to listen to it. I don't know if the problem in winamp or in icecast or in my streaming application. You could also send a stream to it, it's the default icecast password. I would be very happy if someone could test it :)))))) mörk --- >8 ----

Hello Marco, On 05.02.2024 16:44, Marco Gaiarin wrote: > Mandi! Fyodor Kravchenko via samba > In chel di` si favelave... > >> Have to add about the environment - this is an unprivileged TurnKey >> Fileserver Linux container run under Proxmox. The extensive googling for >> the problem suggests Samba will not work in such environment because of >> ACL and such,

Hi all! I found this today on FD: http://seclists.org/fulldisclosure/2012/Aug/4

Are there any 64bit CentOS5 kernels available that are immune against the exploit mentioned in the subject? Turning off 32bit support is no option to me.. Gerhard Schneider P.S.: Source code can be found at http://seclists.org/fulldisclosure/2010/Sep/268 and is working "well" on 2.6.18-194.11.3.el5.centos.plus -- Gerhard Schneider Institute of Lightweight Design and e-Mail: gs

I''m playing around with the Postback action recipe listed in the recipes book. Here is the default code given: def edit @recipe = Recipe.find_by_id(params[:id]) || Recipe.new if request.post? @recipe.attributes = params[:recipe] redirect_to :main_url and return if @recipe.save end end Here is what my code sort of ended up looking like, altho i''ve ripped it apart

Hi, I've just tried to do a fresh checkout (git clone) with libvirt sources tree and had no luck because it seems to be inaccessible/non-existent at all. Is this temporary situation or I have to only use git:// proto? I'm asking because I'm sitting behind rather restrictive corporate proxy which does not allow anything but a little set of protocols such as HTTP(S). Thanks.

Thanks for the reply. Sorry for the typo in the earlier mail. I have PV-HVM of CentOS 7 & I need to convert it to PV kernel. Basically here I am trying to see whether my PV_HVM kernel is vulenrable to this issue given in the following link http://seclists.org/oss-sec/2015/q3/212 In the above link, it was mentioned that the PV kernel is not vulnerable to this bug, but HVM is. It didnt say

I'm trying to config a Linux box to integrate into a windows network using pam_smb and samba. Ive set it up so that using pam_smb I can get the user to log onto the linux desktop with their NT id and password. The only problem is once the user is logged on they need to be able to access shared resources disk, printers etc... without the need to reauthenticate to the domain, i.e. use a cache

Thanks for the reply. If we want to have PV kernel for CentOs 7 , are there any guidelines to follow? How we can know before hand itself that this kernel is PV or HVM, without installing kernel? On Wed, Aug 19, 2015 at 11:27 AM, John R Pierce <pierce at hogranch.com> wrote: > On 8/18/2015 10:37 PM, Venkateswara Rao Dokku wrote: > >> Thanks for the reply. >> Sorry for the

Mandi! Fyodor Kravchenko via samba In chel di` si favelave... > Thank you, nesting is set to 1. Is there anything else we could check? AFAIK, no. Next step is use a privileged container, but really in this vase better using a VM. -- Berlusconi: "Da oggi sono a dieta" Il Paese lo ? gi? da 4 anni (Il Ruggito del Coniglio)

Hi, When I run an nmap with UDP port scan option against one of the machines behind the shorewall, it shows tons of open ports on that server. I am sure I just missed something in the configuration. Can anyone suggest. Val _________________________________________________________________ Join the world’s largest e-mail service with MSN Hotmail. http://www.hotmail.com

Hello, I plan to create a commercial software that would automate the running of a few IT security tools and build a nice report, in order to help security auditors in their work. I saw your smbclient tool that could be really appropriate. As this tool is GPL'd, I would like to make sure you agree with the usage (running and parsing) I plan. Of course, should you have any requirement (e.g.

Hello, I have used socketConnection to connect to a TCP server. I havent figured out a way to do the same with a UDP server. i.e I have a server listening on 9000, communicating via UDP. I would like to , from R, send packets to this server, This does not work u <- socketConnection('localhost',9000) Error in socketConnection("localhost", 9000, blocking = F) : cannot open

Hi. Show you how to install oVirt in FC11/FC12? I acted on instructions http://ovirt.et.redhat.com/install-instructions.html, but there were problems with the versions of the module locale (requires 2.0.4 and installed 2.0.5). WBR, Fyodor.

The following threads suggest that the way to reclaim memory occupied by initramfs is to remove files from it: http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&frame=right&th=c6cb846bba1a7aea&seekm=SAUO.51B.21%40gated-at.bofh.it#link1 http://seclists.org/lists/linux-kernel/2003/Dec/0707.html However, there is no way to do it using utilities provided by klibs. Could you

Cf. http://seclists.org/fulldisclosure/2008/Jul/0090.html This Mrdkaaa character claims to have exploited this, but does not say how. The issue is that if do_pam_account() fails, do_authloop() will call packet_disconnect() with loginmsg as the format string (classic printf(foo) instead of printf("%s", foo) bug). The stuff that do_authloop() appends to loginmsg is harmless (the user