similar to: on "BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload"

I''ve created an IPSec VPN using shorewall and racoon-tool under Debian 3.1. I''m not using the patched iptables/kernel for policy match, therefore I''m using the tunnels/hosts config method rather than the ipsec config file method. I''m running the latest 2.6.13 kernel. I have no problem getting my VPN connection up and running with one exception. Without

Hi, sorry I don't know if I send this to the correct channel. I have notice that OpenSSH has recognized the presence of the user enumeration as a vulnerability, http://seclists.org/fulldisclosure/2016/Jul/51 (CVE-2016-6210). I want to make an appreciation, this is a old vulnerability already announced three years ago.

Are there any 64bit CentOS5 kernels available that are immune against the exploit mentioned in the subject? Turning off 32bit support is no option to me.. Gerhard Schneider P.S.: Source code can be found at http://seclists.org/fulldisclosure/2010/Sep/268 and is working "well" on 2.6.18-194.11.3.el5.centos.plus -- Gerhard Schneider Institute of Lightweight Design and e-Mail: gs

Hi all! I found this today on FD: http://seclists.org/fulldisclosure/2012/Aug/4

Cf. http://seclists.org/fulldisclosure/2008/Jul/0090.html This Mrdkaaa character claims to have exploited this, but does not say how. The issue is that if do_pam_account() fails, do_authloop() will call packet_disconnect() with loginmsg as the format string (classic printf(foo) instead of printf("%s", foo) bug). The stuff that do_authloop() appends to loginmsg is harmless (the user

TITLE: KAME Project "ipcomp6_input()" Denial of Service CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote DESCRIPTION: A vulnerability has been reported in the KAME Project, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "ipcomp6_input()" function in

Hi, I''m researching for WAN optimizations with linux. My network is composed for MPLS network connecting 200 branches against a central site. I use Linux machines to provide security with IPSEC in the branches and in the central site. Now I''m lookup for techniques for optimization the link. My first ideas was use IPCOMP and proxy to cache traffic of HTTP applications. Somebody

Testing out tipc for cluster development, and running into an immediate snag. tipcutils was found in EPEL but despite having a "compatible" kernel, it doesn't seem to actually work. It's a completely updated system, Intel i5 with 16 GB of RAM, nothing remarkable. Any ideas? [root at backup2 ~]# tipc-config -netid=1234 -a=1.1.1 -be=eth:eth0 TIPC module not installed

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In this release: 1) Dynamic Ipsec Zones now work. 2) Output Traffic Accounting by user/group is supported (thanks to Tuomas Jormola). 3) The following negative test options are added in /etc/shorewall/ipsec and /etc/shorewall/masq: reqid!=<number> spi!=<number> proto!=esp|ah|ipcomp mode!=tunnel|transport

Hi! The Netfilter project proudly presents: iptables 1.6.2 iptables is the userspace command line program used to configure the Linux 2.4.x and later packet filtering ruleset. It is targeted towards system administrators. This update contains accumulated bugfixes, a few new extensions and lots of translations via iptables-translate to ease migration to nftables. See ChangeLog that comes

I am trying to build a custom kernel for the HIPL code (infrahip.hip.fi), using the patch for the Linux 2.6.18 kernel. I followed all the instructions for getting the kernel source and making a custom kernel provided on the wiki. The rpmbuild fails with the following messages: Get an error on this step (figured out my other problem): Patch #40000

Hi, I''m designing a new API for my project, and I want to return objects that have nested children as json. For that purpose i''ve decided to use RABL. I want the client side to be able to understand whether the object is valid, and if not which fields are missing in order to save it correctly. The design I thought of should include some fields as optional, under an optional

https://bugzilla.netfilter.org/show_bug.cgi?id=627 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME --- Comment #5 from Phil Oester

Hi! The Netfilter project proudly presents: iptables 1.6.0 This release includes accumulated fixes and enhancements for the following matches: * ah * connlabel * cgroup * devgroup * dst * icmp6 * ipcomp * ipv6header * quota * set * socket * string and targets: * CT * REJECT * SET * SNAT * SNPT,DNPT * SYNPROXY * TEE We also got rid of the very very old MIRROR and SAME targets and the

On 12.02.2013 08:25, shyam btrfs wrote: > Hi Arne, Jan, > > I am using btrfs directly from Linux 3.8rc5 (commit > 949db153b6466c6f7cad5a427ecea94985927311). I am trying to use qgroups > functionality & with a basic random-write workload, it constantly > keeps leaking memory & within few minutes of IO, there is either > out-of-memory killer trying to kill some tasks or

Hi Recently I upgraded my kernel to 2.6.11 (debian) and applied some patches from pom-ng (netfilter) and the iproute2-ss050330 package I have been experiencing a lot of crashes in the kernel (snip below) ================================== Apr 5 20:00:21 sydlxfw01 kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000221 Apr 5 20:00:21 sydlxfw01 kernel: printing eip:

When pass :cache param to ActionDispatch::Session::MemCacheStore, it should be removed from options, otherwise it remains "published". This violates the OOP encapsulation principle. I created a LH ticket with a patch http://bit.ly/cGDaWs Luca -- lucaguidi.com twitter.com/jodosha -- You received this message because you are subscribed to the Google Groups "Ruby on Rails:

Has there been any discussion of ICMP encapsulation in cases where UDP fails? -------------- next part -------------- A non-text attachment was scrubbed... Name: rhammond.vcf Type: text/x-vcard Size: 234 bytes Desc: not available URL: <http://www.tinc-vpn.org/pipermail/tinc-devel/attachments/20150619/6ba98a4d/attachment.vcf>

Hi everyone, Has someone tried the new GENEVE protocol ? http://datatracker.ietf.org/doc/draft-gross-geneve/ It is included in last kernel versions. May it be a "replacement" of Tinc ? What are the advantages/drawbacks of each ?

Hi All, I'm new to R from a C and Octave/Matlab background. I am trying to construct some classes in R to which I want to attach pieces of data. First, is attr(obj, 'member name') <- data the accepted way of doing this? Second, having attached member data with attr is there anything wrong with accessing it by the asperand (@), i.e. > t = "" > attr(t,