similar to: Quick demo guide for SPA ( re: the port knocking thread )

On 10.06.23 11:19, Carsten Andrich wrote: > For the time being, I've deployed a quasi-knocking KISS solution that > sends an unencrypted secret via a single UDP packet. Server side is ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > realized entirely with nftables ... frankly, for that reason, I like fwknop (in my case, straight from OS repos) better ... I'd still have to see fwknopd exit

Jochen Bern <Jochen.Bern at binect.de> writes: > (And since you mention "port knocking", I'd like to repeat how fond I > am of upgrading that original concept to a single-packet > crypto-armored implementation like fwknop.) I am reluctantly considering to use some kind of port knocking mechanism on some machines, however I really don't want to carry around shared

R 3.4.3 OS X Colleagues I have a 20K line script in which I encounter an unexpected problem. If the script detects presence of a particular file USERCODE.txt, it executes: source(?USERCODE.txt?) If that file is not present, the script executes without a problem. There might be syntax errors in USERCODE.txt; therefore, the code above is embedded in a try command:

Only the default error handler puts the error message in a buffer where it can be retrieved with geterrmessage. try() replaces the default error handler. Either look at the value returned by try() or use tryCatch with conditionMessage. Best, luke On Thu, 22 Feb 2018, Dennis Fisher wrote: > R 3.4.3 > OS X > > Colleagues > > I have a 20K line script in which I encounter an

I haven't been keeping up with the internals, I'm afraid. Does OpenSSH have support for Port Knocking? I might be interested in looking into that, as a way of reacquainting myself with the current code base. --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |

Luke Thanks ? I revised the code to: ERRORMESSAGE <- try(source(USERSCRIPTFILE, local=T), silent=T) print(ERRORMESSAGE) now returns: $value [1] 0 $visible [1] FALSE Not clear what to make of that. Dennis Dennis Fisher MD P < (The "P Less Than" Company) Phone / Fax: 1-866-PLessThan (1-866-753-7784) www.PLessThan.com > On Feb 22, 2018, at 12:45 PM, luke-tierney at

Dear Verotel Customer, Thank you for your email. We appreciate your business and would like to point the following out: 1. Cancellation of your subscription ------------------------------------ If you would like to cancel your membership or subscription you previously purchased with Verza or Verotel and you wish not to be billed again, please login to http://cancel.verotel.com 2. If your

On 04.07.24 01:41, Manon Goo wrote: > - some users private keys are lost Then you go and remove the corresponding pubkeys from wherever they're configured. Seriously, even if you do not scan which pubkey is configured where *now* (as is part of our usual monitoring), it'll be your "number <3" task *then* to go hunt it down. > And you want to lock down the sshd

Simon Josefsson wrote in <87jzi1fg24.fsf at kaka.sjd.se>: |Jochen Bern <Jochen.Bern at binect.de> writes: |> (And since you mention "port knocking", I'd like to repeat how fond I |> am of upgrading that original concept to a single-packet |> crypto-armored implementation like fwknop.) | |I am reluctantly considering to use some kind of port knocking

And if you're really security conscious consider using port knocking (knock server - amazingly easy to set up. Or use fwknop, a little more difficult to set up but not much. Finally, for the hard core who really like pain - write the iptables rules yourself). ----- Original Message ----- From: "Pete Biggs" <pete at biggs.org.uk> To: "centos" <centos at

https://bugzilla.mindrot.org/show_bug.cgi?id=3539 Bug ID: 3539 Summary: sshbuf memory leak in recv_rexec_state() Product: Portable OpenSSH Version: 9.1p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=505 ------- Additional Comments From mbr@cipherdyne.org 2007-03-24 06:01 MET ------- I've tested the proposed patch against the iptables-1.3.7 source, and find that it works in the reported broken case: # iptables -A INPUT -m string --algo kmp --string 111\"222 -j LOG # ./iptables-save > ipt.out # ./iptables-restore

I've seen pam_shield recommended several times for protecting against malicious login attempts; but I'm not quite clear if this requires one to be already running some pam-based software? Also, I'm running shorewall, and would prefer a shorewall based protection, but the advice I read on googling for this seemed excessively complicated. -- Timothy Murphy e-mail: gayleard /at/

https://bugzilla.mindrot.org/show_bug.cgi?id=3540 Bug ID: 3540 Summary: fix minor memory leak for kex_names_cat() returned string Product: Portable OpenSSH Version: 9.1p1 Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: ssh

Steffen Nurpmeso wrote in <20240704180538.iV4uex29 at steffen%sdaoden.eu>: |Simon Josefsson wrote in | <87jzi1fg24.fsf at kaka.sjd.se>: ||Jochen Bern <Jochen.Bern at binect.de> writes: ||> (And since you mention "port knocking", I'd like to repeat how fond I ||> am of upgrading that original concept to a single-packet ||> crypto-armored

Just installed psad and am testing it. This morning I awoke to an email saying: [-] You may just need to add a default logging rule to the /sbin/ip6tables ''filter'' ''INPUT'' chain on hydra. For more information, see the file "FW_HELP" in the psad sources directory or visit: http://www.cipherdyne.org/psad/docs/fwconfig.html Well I have

All, A friend gave me access to an svn(+ssh) repository the other day, and told me that I needed to do some port knocking to open up ssh. It occurred to me that it would be extremely convenient if I could add a "knock" configuration option for the host to my ~/.ssh/config file and never think about this again (rather than creating a shell script to accomplish this behavior,

So I found an excellent port knocking tutorial using ONLY iptables rules that looks to be among the best I've ever seen. (warning: techno music, tough to read screen, you don't need to type it in because I post a link to script below) http://www.youtube.com/watch?v=0zFQocf7C_0 It works fabulously for simply opening a port to a locally managed service, but I can't seem to get it

Hi, (I'm not subscribed to the list, so please CC me on reply.) I'd like to request adding a feature to OpenSSH: Task: ~~~~~ It is quite sometime useful to invoke a program prior to connecting to an ssh server. The most common use case will probably be port knocking. That is a small program sends certain packets to a server and the server reacts to this by unlocking the ssh port, which

Hi, I like shorewall and I''ve been using it for a long time. I now have a requirement to block worms / trojans in a public free wifi network I''m running. fwsnort ( http://www.cipherdyne.org/fwsnort/) translates Snort rules to iptables rules and it seems to fit my requirements. What is the best way to integrate shorewall and fwsnort? I tried googling for information about this