similar to: lock out account after 3 failures

On 03/17/2017 02:41 AM, Ian Diddams wrote: > I?ve followed this > > > > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls Can you send the /etc/pam.d/system-auth that you used for your test?

Hi Timo, I have another problem, this time with user shared folders: User "markus" shared the folder "ForTest" to test: SETACL "INBOX/ForTest" test akxeilrwts dovecot-acl and shared-mailboxes.db have been successfully updated. As user "test" the folder (and "#User" namespace) is not visible. When I configure the shared namespace with

Hi, I've got a problem with user shared folders and subscriptions. When I try to subscribe a folder, dovecot returns "OK Subscribe completed", but the newly subscribed folder is not listed with LSUB: a1 login test at example.com ******* a1 OK [CAP..... a2 list "" "*" * LIST (\HasChildren) "/" "INBOX" * LIST (\Noselect \HasChildren)

Just trying to follow the instructions here https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_Virtual_Private_Networks.html I don't think I am doing anything special. At the point where there is some communication going on Getting this error packet from *****:1024: received Vendor ID payload [Cisco-Unity] Apr 01 17:33:44

hope thus comes under the remit of this mailking list... We use puppet, and Im trying to come up with "code" that will create two user accounts with a shared groiup ID eg? user1 with UID 1000user 2 with UID 1001 but I would like them BOTH to share the GID of 2000 I've tried the following accounts::groups:? ? jointgroup:? ? ? ? gid: '2000' accounts::users: ? ? user1:? ? ? ?

Hi, Short version: If I had a CPU with the aes-ni [1] feature would luks use it? I know that Upstream Vendors Security Guide [2] says: ...snip The default cipher used for LUKS (refer to cryptsetup --help) is aes-cbc-essiv:sha256 (ESSIV - Encrypted Salt-Sector Initialization Vector). Note that the installation program, Anaconda, uses by default XTS mode (aes-xts-plain64) snap... I also found a

Hi experts, Current I am doing FIPS gap analysis for our product, can someone help to have a look my questions? Our product is server running under CentOS 6.x, and according to the upstream (RedHat) document, CentOS can be configured to FIPS mode:

Hi All, I was searching around but was not able to find out. We all know that packet traverses through the Net Filter hooks but how to practically realize that. Please guide Regards Clove

Hi All:) I would like to start using a tool for automating of os hardening. I found some informations about Bastille. One things which attracted my attention is that in http://bastille-linux.sourceforge.net/news_updates.htm the last post is from January 29th, 2012 :D Is the tool ready to use at the moment with CentOS 6/7? Are there any alternatives which you can recommend? Thanks for all info

I generated according to the docs . Which produced my server.secrets as below used the command ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.d/www.example.com.secrets : RSA { # RSA 3328 bits ***.**.net Fri Apr 1 15:39:32 2016 # for signatures only, UNSAFE FOR ENCRYPTION

On Mon, February 9, 2015 3:14 pm, PatrickD Garvey wrote: > On Mon, Feb 9, 2015 at 11:12 AM, John R Pierce <pierce at hogranch.com> wrote: >> On 2/9/2015 11:06 AM, Always Learning wrote: >>> The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the PDF >>> shows every page appears to be readable. 11 pages devoted to BASH. Information on other interesting

Dear Linux Gurus I'm having problems with KVM and networking. My guest cannot use NAT through the host's connection. This is what I've done: I installed a new version of Centos 6.5 on the hardware. Starting with a Net-Install, I selected the Virtual Hosting, and later added "Desktop". I ran "yum update" with some reboots until nothing needed updating. The

2016-06-02 8:48 GMT+02:00 Volker Lendecke <Volker.Lendecke at sernet.de>: > On Wed, Jun 01, 2016 at 07:44:26PM +0000, Seth Goldin wrote: > > I disabled client signing from the client side, via OS X's global > nsmb.conf > > file: https://discussions.apple.com/message/30282470#30282470 > > > > The performance was back to over 600 MB/s, as compared to 60 MB/s

Hello all: I am looking at the documentation of the new firewalld service in CentOS 7. It looks like no matter what I configure with it, outgoing connections are still going to be allowed. That does not seem very secure. I always set my servers to default policy of DROP for everything incoming and outgoing and then add rules to allow very specific traffic through. Is this possible using the

Hi On 23 Aug 2005 at 12:03, Ravi.Vishnu at outokumpu.com wrote: > Dear All, > I spent an entire evening in debugging a small, fairly simple program > in R - without success. It was my Guru in Bayesian Analysis, Thomas > Fridtjof, who was able to diagonose the problem. He said that it took > a long time for him also to locate the problem. This program > illustrates in

Curring a long story short... we had a centos 5 server running jboss 6 and jboss 4.2.3GA because of centois 5 EOL TPTB have decreed this server needs migratiung to a Centos 7 server But... ?the hboss 4.2.3GA jboss app uses java 1.5.0 (_22 FTWT). I can't *(unsurprisingly!) find java 1.5.0 under yum. anyone got it in an rpm or know where it can found? (At his stage it is merely a guess that

We have sssd running on a centos 7 box... its logs of course (?!) go into /can't find any info on where this log directory is configured, or whether it is changeable. Anybody know differently? Cheers ian Disclaimer: This message is intended for the addressee only. It may contain information of a confidential or legally privileged nature. If you have received this message in error please

On Mon, Feb 9, 2015 at 3:42 PM, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote: > > > Still, there are many knowledgeable people on the list, they may give > different recommendation, which will create some pool of choices. I asked > John and Jonathan, I'd like to ask also Les Mikesell and Mr. SilverTip257: > what would you, gentlemen, recommend? Anybody? (I know

On Mon, Feb 9, 2015 at 2:06 PM, Les Mikesell <lesmikesell at gmail.com> wrote: > On Mon, Feb 9, 2015 at 3:42 PM, Valeri Galtsev > <galtsev at kicp.uchicago.edu> wrote: >> > >> Still, there are many knowledgeable people on the list, they may give >> different recommendation, which will create some pool of choices. I asked >> John and Jonathan, I'd

Hi, I would like to know if there is some feed for OVAL checks like in Redhat: https://www.redhat.com/security/data/oval/. Documentation: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Practical_Examples.html#sect-Auditing_Security_Vulnerabilities_Example Other distributions have an oval feed: - Redhat: