I am not able to install this which i used to in debian.. i am now using centos. can you please tell me how to install apt-get install libnet-server-perl on centos?
Samuel Goldwyn<http://www.brainyquote.com/quotes/authors/s/samuel_goldwyn.html> - "I'm willing to admit that I may not always be right, but I am never wrong." On Mon, Nov 9, 2009 at 19:00, Wietse Venema <wie...@porcupine.org> wrote: > Andrzej Kukuła: > > On Mon, Nov 9, 2009 at 02:29, Wietse Venema <wie...@porcupine.org> > wrote: > > > Last week there was big news about a security hole in the TLS > > > protocol that allows a man-in-the-middle to prepend data to a > > > fully-secure TLS session. > > > > Thank you both gentlemen for your hard work on this. I've got possibly > > lame question. I assume STARTTLS is affected, but is also 'wrapper > > mode' vulnerable to this attack? I mean the mode in which client and > > server immediately estabilish encrypted channel, before issuing any > > SMTP command. > > It was left as an exercise for the reader. > > - At the top of the attack diagram, delete the plaintext phase (the > "SMTP 220 welcome", "SMTP hello" and "SMTP starttls" command and > reply boxes). > > - Insert "SMTP 220 welcome" as the first server response after the > renegotiation TLS handshake. > > This attack works when the server's TLS engine renegotiates the > session before it encrypts the server's "SMTP 220 welcome". > > In the Postfix SMTP server, wrappermode would not be affected for > the same reason that Postfix SMTP server STARTTLS is not affected. > Also, the same SMTP client defenses apply for detecting server > replies that are sent too soon. > > Wietse >
