On Wed, Mar 25, 2020 at 11:06:57PM +, Cord wrote:
>
> > Read a LOT of man pages and misc@ tech@ ports@ bugs@
> >
> > Maybe even tell us which version of VAX your laptop runs on?
>
> VAX ???
>
> > Is it OpenBSD version 4.9?
> >
>
> 4.9 ???
>
> I'm sorry, I'm in the future.
But, my joking
> > What is your opinion ?
> > could be a MITM from my router and a kernel 0day on the tcp/ip stack
> > implementation ?
> > could be MITMed pkg_add ?
> > the encryption algorithm (AES_128_GCM) behind https is really secure ?
> > Can some code be injected i
youtube but the
> system was pretty stable. Those freeze was happened maybe 10 days ago. But I
> haven't had other freeze.
> Now the "signs" of the previous hacking are appeared again in the new laptop
> then most probably the laptop was been hacked again.
>
> What is
at is your opinion ?
could be a MITM from my router and a kernel 0day on the tcp/ip stack
implementation ?
could be MITMed pkg_add ?
the encryption algorithm (AES_128_GCM) behind https is really secure ?
Can some code be injected in an encrypted stream ?
Thank you.
Cord.
DNS and UDP gets spoofed all THE time (look at ddos amplifying attacks), THE
source IP can allways be spoofed however as long as THE traffic is encrypted
with SSL or simular it allways Will be able to mitm THE requests just not get
THE data cuz its encrypted, however lets say that your not useing
> Thanks. I see the concept when you are in a LAN. But with a WAN, I can't see
> how you can accomplish this. For example: ip public source address is 1.1.1.1,
> destination public ip address is 2.2.2.2 and attacker ip public address is
> 3.3.3.3. To establish communications between these three
via VPN IPsec tunnels. But this
> >> > morning we have received a request from one of these cutomers to access
> >> > to our development servers using only one acl to permit their public IP
> >> > address (without using VPN IPsec, or VPN SSL tunnels).
> >> >
o access
>> > to our development servers using only one acl to permit their public IP
>> > address (without using VPN IPsec, or VPN SSL tunnels).
>> >
>> > And my (OT) question: how easy is to do a MITM attack (DNS spoofing
>> > for example, or another type
;>> morning we have received a request from one of these cutomers to access
> >>> to our development servers using only one acl to permit their public IP
> >>> address (without using VPN IPsec, or VPN SSL tunnels).
> >>>
> >>> And my (OT
elopment servers using only one acl to permit their public IP
>>> address (without using VPN IPsec, or VPN SSL tunnels).
>>>
>>> And my (OT) question: how easy is to do a MITM attack (DNS spoofing
>>> for example, or another type of attack that permits to
dress (without using VPN IPsec, or VPN SSL tunnels).
> >
> > And my (OT) question: how easy is to do a MITM attack (DNS spoofing
> > for example, or another type of attack that permits to fake source
> > public ip address) in this scenario?
>
> For an at
customers via VPN IPsec tunnels. But this
> morning we have received a request from one of these cutomers to access
> to our development servers using only one acl to permit their public IP
> address (without using VPN IPsec, or VPN SSL tunnels).
>
> And my (OT) question: how easy is to do a MITM
t this morning we
> have received a request from one of these cutomers to access to our
> development servers using only one acl to permit their public IP address
> (without using VPN IPsec, or VPN SSL tunnels).
>
> And my (OT) question: how easy is to do a MITM attack (DNS
e cutomers to access to our development
servers using only one acl to permit their public IP address (without using VPN
IPsec, or VPN SSL tunnels).
And my (OT) question: how easy is to do a MITM attack (DNS spoofing for
example, or another type of attack that permits to fake source public i
Thanks Uwe Werler!
I have not yet estabilished chain described in first message, but it is due to
lack of time
I didn't tried.
Firefox runs as firefox user.
I have actually MitM on relayd *using divert* with this pf-magic:
cat /etc/pf_kop.conf
ns are secured with TLS, so privoxy can
> >not filter them.
> >Is there any way to do something like that:
> >Firefox -> decrypt [MitM] -> privoxy -> encrypt securely -(NIC)-> Internet?
> >It is my PC, so I can install new certificate or something like t
Am 24.11.2015 14:52:58, schrieb Jiri B:
> > With a little bit pf-magic this
works like this:
> > pass out log on $ext_if proto tcp to any port 443
route-to lo0
> > pass out log on
> > $ext_if proto tcp to any port 443 user
_relayd
> > pass in log on lo0 proto tcp to
> > any port 443 divert-to
> With a little bit pf-magic this works like this:
> pass out log on $ext_if proto tcp to any port 443 route-to lo0
> pass out log on
> $ext_if proto tcp to any port 443 user _relayd
> pass in log on lo0 proto tcp to
> any port 443 divert-to 127.0.0.1 port 8443
Have you actually tested this? The
, I don't think is possible. At least not without hacking
privoxy itself. But hey, if you are gonna hack privoxy, why not hack it
to work with divert and do the mitm itself?
> I have also problem with Reyk's config because I can not divert outgoing
> traffic using pf.
> I have tried w
Am 24.11.2015 14:17:41, schrieb Lampshade:
> Ok, I know that relayd can
decrypt traffic, then log, then encrypt. The thing is that I want to
> send
decrypted traffic to another process (privoxy), and then re-encrypt it.
> I
have also problem with Reyk's config because I can not divert outgoing
On Tue, Nov 24, 2015 at 02:17:41PM +0100, Lampshade wrote:
> I want to intercept and alter traffic on the same box that I run Firefox.
> Is this possible using pf and relayd or I must use something else?
IIRC this is not possible.
j.
Ok, I know that relayd can decrypt traffic, then log, then encrypt. The thing
is that I want to
send decrypted traffic to another process (privoxy), and then re-encrypt it.
I have also problem with Reyk's config because I can not divert outgoing
traffic using pf.
I have tried with rdr-to and
that:
Firefox -> decrypt [MitM] -> privoxy -> encrypt securely -(NIC)-> Internet?
It is my PC, so I can install new certificate or something like that,
but neverthless I don't know how to achieve that result.
Is this possible using relayd?
Is it possible with other tool in ports or somethin
Hello,
I would like to use privoxy to scrub/delete
some informations in application layer (HTTP) going out from my PC.
Problem is that a lot of connections are secured with TLS, so privoxy can not
filter them.
Is there any way to do something like that:
Firefox -> decrypt [MitM] -> p
* irix i...@ukr.net [2009-03-09 17:40]:
Sorry, if I been rude. I not administartor of network, i am client.
And other client use MiTM. This network is use unmanaged switches, and
ISP spit on it. That's why i try to find out to protect my
workstation from MiTM, with out static
Hello Misc,
I am a customer and not the network administrator, and someone in
the network makes MiTM attack, a network of billet in the
uncontrolled swithes and ISP will not translate everything on the managed.
Therefore, software implementation of this patch for openbsd
irix wrote:
Hello Misc,
I am a customer and not the network administrator, and someone in
the network makes MiTM attack, a network of billet in the
uncontrolled swithes and ISP will not translate everything on the managed.
Therefore, software implementation of this patch
Jacob Yocom-Piatt wrote:
irix wrote:
Hello Misc,
I am a customer and not the network administrator, and someone in
the network makes MiTM attack, a network of billet in the
uncontrolled swithes and ISP will not translate everything on the
managed.
Therefore, software
On Mon, Mar 09, 2009 at 02:34:07PM +, michal wrote:
Jacob Yocom-Piatt wrote:
irix wrote:
Hello Misc,
I am a customer and not the network administrator, and someone in
the network makes MiTM attack, a network of billet in the
uncontrolled swithes and ISP
On Mon, Mar 9, 2009 at 10:34 AM, michal mic...@sharescope.co.uk wrote:
Funny, I would say you are being more rude then he is
Why? Jacob was simply telling him why he was rude.
--
http://www.glumbert.com/media/shift
http://www.youtube.com/watch?v=tGvHNNOLnCk
This officer's men seem to follow
On Mon, Mar 9, 2009 at 1:11 PM, irix i...@ukr.net wrote:
Hello Misc,
How to protect your server from such attacks without the use of static arp
entries?
By freebsd 5.0 patch was written arp_antidote (
http://freecap.ru/if_ether.c.patch),
somebody could port it on openbsd?
Also, in
not administartor of network, i am client.
And other client use MiTM. This network is use unmanaged switches, and
ISP spit on it. That's why i try to find out to protect my
workstation from MiTM, with out static arp entry. What would have been
easy and transparent. Variant with the patch, I think
On Mon, 9 Mar 2009 16:54:27 +0100, Felipe Alfaro Solana
felipe.alf...@gmail.com said:
On Mon, Mar 9, 2009 at 1:11 PM, irix i...@ukr.net wrote:
Hello Misc,
How to protect your server from such attacks without the use of static arp
entries?
By freebsd 5.0 patch was written
Hello Paul,
The problem is that, I am not an administrator of the network.
I am a client of the network. The network is built on the unmanaged switches.
ISP to the problem do not care, so interested in this patch. May you
help with patch on OpenBSD ?
Monday, March 9, 2009, 3:02:23 PM, you
On Mon, Mar 9, 2009 at 9:15 AM, Eric Furman ericfur...@fastmail.net wrote:
On Mon, 9 Mar 2009 16:54:27 +0100, Felipe Alfaro Solana
felipe.alf...@gmail.com said:
On Mon, Mar 9, 2009 at 1:11 PM, irix i...@ukr.net wrote:
Hello Misc,
How to protect your server from such attacks without the
The problem is that, I am not an administrator of the network.
I am a client of the network. The network is built on the unmanaged
switches.
ISP to the problem do not care, so interested in this patch. May you
help with patch on OpenBSD ?
The network is built wrong.
No, we will not
.
Sorry, if I been rude. I not administartor of network, i am client.
And other client use MiTM. This network is use unmanaged switches, and
ISP spit on it. That's why i try to find out to protect my
workstation from MiTM, with out static arp entry. What would have been
easy
On Mon, Mar 09, 2009 at 07:18:59PM +0200, irix wrote:
| Hello Paul,
|
| The problem is that, I am not an administrator of the network.
| I am a client of the network. The network is built on the unmanaged
switches.
| ISP to the problem do not care, so interested in this patch.
As has been
On Mon, Mar 09, 2009 at 02:34:07PM +, michal wrote:
Jacob Yocom-Piatt wrote:
irix wrote:
Hello Misc,
I am a customer and not the network administrator, and someone in
the network makes MiTM attack, a network of billet in the
uncontrolled swithes and ISP
Hello Misc,
Theo and other, thanks.
--
Best regards,
irix mailto:i...@ukr.net
40 matches
Mail list logo