On 04/23/2010 11:41 PM, Patrick O'Callaghan wrote:
> On Fri, 2010-04-23 at 23:08 +0800, Ed Greshko wrote:
>
>> [...]
>> Sounds like a pithy quotation that should be found by google. But, I
>> was unable to unearth that quotation. Do you have a source?
>>
> Try http://www.google.co.ve/sea
On Fri, 2010-04-23 at 23:08 +0800, Ed Greshko wrote:
> [...]
> Sounds like a pithy quotation that should be found by google. But, I
> was unable to unearth that quotation. Do you have a source?
Try http://www.google.co.ve/search?q=needham+schroeder+dont+understand
poc
--
users mailing list
u
On Fri, 2010-04-23 at 23:08 +0800, Ed Greshko wrote:
> > "If you think your problem can be solved by cryptography, you don't
> > understand cryptography and you don't understand your problem."
> >
> Sounds like a pithy quotation that should be found by google. But, I
> was unable to unearth tha
On 04/23/2010 11:00 PM, Patrick O'Callaghan wrote:
> On Fri, 2010-04-23 at 10:09 -0400, Tom Horsley wrote:
>
>> On Fri, 23 Apr 2010 09:35:55 -0430
>> Patrick O'Callaghan wrote:
>>
>>
>>> More to the point, there would be widespread panic among banks and
>>> online shopping sites, webmail si
On Fri, 2010-04-23 at 10:09 -0400, Tom Horsley wrote:
> On Fri, 23 Apr 2010 09:35:55 -0430
> Patrick O'Callaghan wrote:
>
> > More to the point, there would be widespread panic among banks and
> > online shopping sites, webmail sites, and anywhere else that relies on a
> > public-key based securit
On Fri, 23 Apr 2010 09:35:55 -0430
Patrick O'Callaghan wrote:
> More to the point, there would be widespread panic among banks and
> online shopping sites, webmail sites, and anywhere else that relies on a
> public-key based security model, which is essentially all of them.
Nah, those aren't real
On Thu, 2010-04-22 at 23:21 -0700, Wolfgang S. Rupprecht wrote:
> David Liguori writes:
> > Wolfgang S. Rupprecht wrote:
> >> The core problem is to prevent someone from guessing users' passwords.
> >> You aren't going to achieve real security by hiding this or that
> >> attribute. If you don't w
David Liguori writes:
> Wolfgang S. Rupprecht wrote:
>> The core problem is to prevent someone from guessing users' passwords.
>> You aren't going to achieve real security by hiding this or that
>> attribute. If you don't want to worry about your users chosing bad
>> non-random passwords, don't
Wolfgang S. Rupprecht wrote:
>
> The core problem is to prevent someone from guessing users' passwords.
> You aren't going to achieve real security by hiding this or that
> attribute. If you don't want to worry about your users chosing bad
> non-random passwords, don't let them. Force them to u
On Wed, 2010-04-21 at 18:03 -0430, Patrick O'Callaghan wrote:
> while not replying to Pings may go some way to do so by hiding the IP
> address from the less sophisticated attacker.
And only from them. There's a difference between pinging an address
that doesn't reply back, and pinging an address
On Wed, 2010-04-21 at 11:26 -0700, Wolfgang S. Rupprecht wrote:
> g writes:
> > Steve Blackwell wrote:
> >
> >> so it appears that someone was trying to break in to my machine.
> >
> > do you have 'ping reply' enabled on your cable modem?
> >
> > if so, i would suggest that you disable it so you
On Wed, 2010-04-21 at 13:17 -0700, Marvin Kosmal wrote:
> HI
>
> I can't find the denyhosts.cfg file...
>
> Reading doc.. And it says it should be installed??
should be /etc/denyhosts.conf
if necessary, copy from /usr/share/doc/denyhosts-2.6/denyhosts.cfg-dist
to /etc/denyhosts.conf
Craig
HI
Sorry..
If found it
The FAQ is out of date..It is in /etc/denyhosts.conf...
YMMV
Marvin
On 4/21/10, Marvin Kosmal wrote:
> HI
>
> I can't find the denyhosts.cfg file...
>
> Reading doc.. And it says it should be installed??
>
> TIA
>
> Marvin
>
> On 4/21/10, Marvin Kosmal wrote:
>>
HI
I can't find the denyhosts.cfg file...
Reading doc.. And it says it should be installed??
TIA
Marvin
On 4/21/10, Marvin Kosmal wrote:
> On 4/21/10, Ryan Pugatch wrote:
>> On 04/21/2010 11:34 AM, Marvin Kosmal wrote:
>>> How can I tell if I have this package "denyhosts package" installed i
On 4/21/10, Ryan Pugatch wrote:
> On 04/21/2010 11:34 AM, Marvin Kosmal wrote:
>> How can I tell if I have this package "denyhosts package" installed in
>> F-12??
>>
>> TIA
>>
>> Marvin
>
> yum info denyhosts or rpm -q denyhosts
>
> Ryan
> --
> users mailing list
> users@lists.fedoraproject.org
>
g writes:
> Steve Blackwell wrote:
>
>> so it appears that someone was trying to break in to my machine.
>
> do you have 'ping reply' enabled on your cable modem?
>
> if so, i would suggest that you disable it so you are not visible.
>
> hth.
One should really point out that some icmp messages
On 04/21/2010 11:34 AM, users-requ...@lists.fedoraproject.org wrote:
> On 4/21/10, Kevin H. Hobbs wrote:
>> >
>> > Don't forget about the denyhosts package which will watch
>> > /var/log/secure for repeated failed login attempts and attempts for
>> > accounts like root and add the host to /etc/ho
On 04/21/2010 11:34 AM, Marvin Kosmal wrote:
> How can I tell if I have this package "denyhosts package" installed in F-12??
>
> TIA
>
> Marvin
yum info denyhosts or rpm -q denyhosts
Ryan
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://a
On 4/21/10, Kevin H. Hobbs wrote:
> On 04/21/2010 02:07 AM, users-requ...@lists.fedoraproject.org wrote:
>> Of course, combining methods
>> can work nicely.
>
> Don't forget about the denyhosts package which will watch
> /var/log/secure for repeated failed login attempts and attempts for
> account
On Wed, 21 Apr 2010 00:33:11 -0400
Steve Blackwell wrote:
> I was looking at my logwatch mail and saw:
>
> Failed logins from:
> 62.39.117.140 (140.117.39-62.rev.gaoland.net): 139 times
> 220.128.67.41: 9 times
>
> Illegal users from:
> 62.39.117.140 (140.117.39-62.rev.gaoland.ne
On Wed, 2010-04-21 at 06:07 +, g wrote:
> Steve Blackwell wrote:
>
> > so it appears that someone was trying to break in to my machine.
>
> do you have 'ping reply' enabled on your cable modem?
>
> if so, i would suggest that you disable it so you are not visible.
It might help against naiv
On 04/21/2010 02:07 AM, users-requ...@lists.fedoraproject.org wrote:
> Of course, combining methods
> can work nicely.
Don't forget about the denyhosts package which will watch
/var/log/secure for repeated failed login attempts and attempts for
accounts like root and add the host to /etc/hosts.de
Steve Blackwell wrote:
> so it appears that someone was trying to break in to my machine.
do you have 'ping reply' enabled on your cable modem?
if so, i would suggest that you disable it so you are not visible.
hth.
--
peace out.
tc,hago.
g
.
in a free world without fences, who needs
From: "Steve Blackwell"
Sent: Tuesday, 2010/April/20 21:33
>I was looking at my logwatch mail and saw:
>
> Failed logins from:
>62.39.117.140 (140.117.39-62.rev.gaoland.net): 139 times
>220.128.67.41: 9 times
>
> Illegal users from:
>62.39.117.140 (140.117.39-62.rev.gaoland.net): 2
On 4/20/10, Bruno Wolff III wrote:
> On Wed, Apr 21, 2010 at 00:33:11 -0400,
> Steve Blackwell wrote:
>>
>> I googled rev.gaoland.net (http://whois.domaintools.com/gaoland.net)
>> and it appears to be some kind of French ISP.
>> Is there some place to report this?
>
> It's probably not worth yo
On Wed, Apr 21, 2010 at 00:33:11 -0400,
Steve Blackwell wrote:
>
> I googled rev.gaoland.net (http://whois.domaintools.com/gaoland.net)
> and it appears to be some kind of French ISP.
> Is there some place to report this?
It's probably not worth your time.
If you really want to, you could try
I was looking at my logwatch mail and saw:
Failed logins from:
62.39.117.140 (140.117.39-62.rev.gaoland.net): 139 times
220.128.67.41: 9 times
Illegal users from:
62.39.117.140 (140.117.39-62.rev.gaoland.net): 229 times
220.128.67.41: 2 times
Received disconnect:
11: B
27 matches
Mail list logo
