similar to: unwanted oper login

I''m considering adding a seperate subnet to my loc network making loc1 (192.168.1.0/24) and loc2 (192.168.0.1/24) with the goal of seperating my wireless traffic from my wired LAN traffic. Has anyone had success doing this, or is it still possible to sniff the traffic of a seperate zone on the same interface with tools like ettercap?

Hi, do somebody knows how to sniff RTP and SIP traffic only for a faster debugging ? Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20090629/5e160c92/attachment.htm

Recently, I was thinking if my setup is secure. When the workstations start, they also start a script, which connects to a Samba share with username/password (and there is software in this share, with the registration keys etc. important data). On a workstation, this script can't be read by a normal user (I was considering some sort of simple pseudo-encrypting, which would turn plaintext

I can think of several potential differences. ?You may miss any bridge specific traffic (STP, LLDP) using the interfaces generated by the bridge itself. If you have vlan tagged sub interfaces you might also miss that traffic if you were snooping a particular interface. Obviously you will miss any on-wire broadcast traffic specific to the layer1 connection a particular interface was connected to

if I: ssh -fND localhost:6000 somebody at 192.168.56.5 -p PORTNUMBER from computer "A" to computer "B" [B = 192.168.56.5] then I can set the SOCKS proxy for e.g.: Firefox to use "localhost:6000" on computer "A". Ok. I can surf the web through "B". But: - Can anyone sniff the traffic of "A"? [e.g.: computers on same subnet as

> Hopefully.. considering their DSP guy and a handful of others were laid > off.. the new DSP they have really blows too so I'm forced into using the > old one.. oh well. The ogg plugin author was not an employee. He was a contractor. He's still working on the plugin regardless. > Oh that's cool.. and I assume the WMP plugin is available through the wacky > MS

I''m getting 2 or three of these a day...Any ideas ? The 192.168.250.zz is a eth0:3 on a box that currently only has eth0:1 active Dec 1 15:47:40 machine-name kernel: Shorewall:all2all:REJECT:IN= OUT=eth0 SRC=my.real.ip.addr DST=66.228.216.22 LEN=68 TOS=0x00 PREC=0xC0 TTL=255 ID=12031 PROTO=ICMP TYPE=3 CODE=1 [SRC=66.228.216.22 DST=192.168.250.zz LEN=40 TOS=0x00 PREC=0x00 TTL=46

http://www.uniras.gov.uk/vuls/2004/236929/index.htm ----Quote---- "The impact of this vulnerability varies by vendor and application, but in some deployment scenarios it is rated critical. Please see the vendor section below for further information. Alternatively contact your vendor for product specific information. If exploited, the vulnerability could allow an attacker to create a

Here is the scenario: I have one server with kernel 2.4.24 with a bridge br0 made of 2 interfaces, eth0 and tap0 (the last is an OpenVPN tunnel), and one remote computer connetting through tap0. If I assign a static IP to the remote computer, the bridge works perfecly (so I think the problem is not OpenVPN-related). If I start a DHCPd on the server and I configure the remote client to get the

Hi, I'm relatively new to linux world.I'm just trying to setup a bridge firewall between a router and LAN. I've installed Red Hat Linux 9.0 - 2.4.20-8 from installation CDs and upgraded to 2.4.25 successfully. I've patched my kernel to support bridge firewall also loaded ebtables module,so far so good.Now I tried to create a bridge using the code given in the following link

> > systems which no longer seem to have this. This file contained an archive of > > the trojan''s that were inserted into the compromised system - does anybody know > > what is in these trojans? > > Check the Linux RootKit ... (LRK).. > > Typically LRK to use config-files.. (and typically LRK-users to place > files in /dev.. find /dev -type f | grep -v

Hello all, I want to sniff all these info to test a sip ip phone talking to a asterisk server. I have used tcpdump, but It just shows the UDP, length: 602 Anyway to see the sip uri. Host info? Regards, Dinesh. -------------- next part -------------- An HTML attachment was scrubbed... URL:

I have a really basic question (I think). We have two boxes connected to a lan segment on a hub. One is a Windows box running "Show Traffic", the other is a CentOS 5 Linux box running "ntop". Both boxes should be able to sniff all of the traffic on that hub (not a switch). The Windows box does just fine, Show Traffic is able to display traffic destined for other boxes

Hello, I thinking about using PCI passthrough to dedicated a domU as firewall. I understand PCI passthrough concept. When done, my domU will see network card and the dom0 won''t any more. So I''ll be able to filter all trafic from outside, since it will go through network domU. Then, how will I be able to connect other domU (and maybe dom0) to the network domU ? In a normal way,

In an environment with Win7 Embedded server and client where UNC pathnames are used to pull files, can Samba >= 3 be used on both sides (and Windows' own SMB disabled) so that communications can be encrypted? (We can't use IPsec, and it doesn't look like SMB 3.0 will be coming to Win7. Next thought was Samba. If not that, then I guess I'll look into a VPN.)

I had similar problems when my auth.php was on password protected http server...but after applying the following configuration i've got it working: <mount> <mount-name>/Test</mount-name> <authentication type="url"> <option name="listener_add" value="http://user:pass@127.0.0.1/auth/action.php"/> <option

So I have been reading the ssh attack thread and finally want to ask about something. I doubt there is a program like this, but I would love to have a program that listens at common ports that I do not use at all...and only allow that program to listen to it, especially the usual ssh port (using a different one for real ssh)... That program would then, upon receiving a 'sniff' or

The trojaned ssh client is nothing new to the hacker community, and the statement in the previous thread claiming "This type of man-in-the-middle attack (trojaned ssh) is not theoretical anymore, and password authentication is broken." is an example of how many poeple still think "hacking" is something very difficult and nothing short of a genius is required to make the

Hello! I wonder if it is possible to send a logoff rpc signal? If it is not possible as today would it be possible if we could trace the rpc logoff signal sent p? MS own products? Any suggestions are welcome! Regards Henrik

Dear authors of Opus, currently, the manpages that come with opus-tools are written in the traditional man(7) markup language. I am proposing to rewrite them into the semantic markup of the mdoc(7) language. I am willing to do the work. Both the man(7) and mdoc(7) languages have been around for decades, and are supported by the prevalent formatters: groff(1) on most Linuxes and mandoc(1) on the