unsubscribe
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hello,
We have an ongoing effort to keep all DSA translated to french. But we have
a problem with the DSA125:
Yuji Takahashi discovered a bug in analog which allows a cross-site
scripting type attack. It is easy for an attacker to insert arbitrary
strings into any web server logfile. If
how to unsubscribe.
--
Best regards.
áÄÍÉÎÉÓÔÒÁÔÏÒ óÅÔÉ ïïï ôÒÁÎËÏÍ ëÏÒÏÂÁÎÏ× óÅÒÇÅÊ é×ÁÎÏ×ÉÞ.
ph (248) 3-96-47
(095) 745-09-50
mailto: [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Fri, 2002-04-26 at 09:58, Trancom wrote:
how to unsubscribe.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Look here
Or Here \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/
--
To UNSUBSCRIBE,
I hate to say this, but I think I have reason to believe that PGP
might actually be an easy crack. Before now, it probably was
only easy to those with access to specially designed analog computers,
which means that it really wasn't a problem. But there is
now in the public domain an
On Wed, Apr 24, 2002 at 11:26:16AM -0400, Andrew Kaplan wrote:
How do I disable RPC. I know the scripts can be removed from init.d But I
know there's a command similar to apt-get remove ??? or something similar.
That removes is completely.
Read
On Wed, Apr 24, 2002 at 01:23:02AM +0200, Luis Gómez Miralles wrote:
Hi,
Simple. Do the init=/bin/sh trick. When you're booted, mount / -o
remount,rw
Then edit /etc/passwd and add this to /etc/passwd:
root2::0:0:root:/root:/bin/bash
This should do the trick :)
If you want more
On Fri, Apr 26, 2002 at 11:18:16AM +0200, DSC Siltec wrote:
Now, define this function to be F, and define P to be the product of
a whole bunch of functions F. Now, define that a function F is to be
centered at any integer location where the value of the function is 1.
Consider the case of a
On Fri, Apr 26, 2002 at 11:18:16AM +0200, DSC Siltec wrote:
Specifically, I think that if you have the public key, and the
encrypted data, and know (or can guess) what the unencrypted data
is, then you can quickly deduce the private key.
I forgot to mention: in encryption scenarios with RSA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
Michael Robinson wrote:
[snip]
| Finding the unencrypted data in this case is equivalent to either
| cracking the session key RNG, or cracking the symmetric cipher, the
| ability to do either of which obviates the need to deduce the RSA
|
On Fri, Apr 26, 2002 at 08:59:50AM +0200, Martin Quinson wrote:
What is a cross-site scripting type attack ?
One of the first analyses was published by Marc Slemko of the Apache
Group at http://httpd.apache.org/info/css-security/ . You'll
probably have to read the CERT links on that page as
Hallo Brane,
I'm actually a K-13 student, and so in my 'strategic'
position I'm on both sides, admin of debian box and 3v1l cracker :)
No, well.. I was just kidding, I have really better things to
do than actually cracking Debian boxes in pubblic environments,
but anyway I what do you think
Htaccess:
---
You should be aware, that when you use normal .htaccess protection, browser
never logout..With eg. Internet Explorer, all intances of IE have to be
closed to make the browser forget the login..
There are several tricks to make the browser forget the login, but none
really
Michael Robinson wrote:
On Fri, Apr 26, 2002 at 11:18:16AM +0200, DSC Siltec wrote:
Now, define this function to be F, and define P to be the product of
a whole bunch of functions F. Now, define that a function F is to be
centered at any integer location where the value of the function
First check if your reverse DNS is working, after that, try to put the line:
sshd: 192.168.1.10 192.168.1.11
In your /etc/hosts.allow.
Regards
[EMAIL PROTECTED] escreveu em Wed, 24 Apr 2002 22:18:14 +0700 (JAVT):
Dear all,
I am a beginner in linux os,
I try to configure tcp_wrapper
also sprach eim [EMAIL PROTECTED] [2002.04.26.1757 +0200]:
With https data will be encripted and it's impossible to
find out login and password because they're not sent over
the net in a clear way.
never say impossible.
--
martin; (greetings from the heart of the sun.)
\
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
DSC == DSC Siltec [EMAIL PROTECTED] writes:
DSC Actually, the beauty of the Parker Souchacki method is that it
DSC would allow the simultaneous solution of a system of equations that
DSC has one functional solution. Which means that you only need
also sprach Dan Faerch [EMAIL PROTECTED] [2002.04.26.1955 +0200]:
Second more, if your users are allowed to have pages on the same
address as the login system, the browser can, without much effort,
be tricked into giving away your systems username and password to
a personal user page...
how?
Trust not in switches.
They too can be easily manipulated unless you have locked them down at a
mac address and port level.
'apt-get install dsniff' ; 'man arpspoof'
Another option would be to run switches instead of normal hub or bus
topology. Switches tend not to allow other nodes on a
unsubscribe
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hello,
We have an ongoing effort to keep all DSA translated to french. But we have
a problem with the DSA125:
Yuji Takahashi discovered a bug in analog which allows a cross-site
scripting type attack. It is easy for an attacker to insert arbitrary
strings into any web server logfile. If
how to unsubscribe.
--
Best regards.
Администратор Сети ООО Транком Коробанов Сергей Иванович.
ph (248) 3-96-47
(095) 745-09-50
mailto: [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Fri, 2002-04-26 at 09:58, Trancom wrote:
how to unsubscribe.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Look here
Or Here \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/
--
To UNSUBSCRIBE,
I hate to say this, but I think I have reason to believe that PGP
might actually be an easy crack. Before now, it probably was
only easy to those with access to specially designed analog computers,
which means that it really wasn't a problem. But there is
now in the public domain an algorithm
On Wed, Apr 24, 2002 at 01:23:02AM +0200, Luis Gómez Miralles wrote:
Hi,
Simple. Do the init=/bin/sh trick. When you're booted, mount / -o
remount,rw
Then edit /etc/passwd and add this to /etc/passwd:
root2::0:0:root:/root:/bin/bash
This should do the trick :)
If you want more
On Fri, Apr 26, 2002 at 11:18:16AM +0200, DSC Siltec wrote:
Now, define this function to be F, and define P to be the product of
a whole bunch of functions F. Now, define that a function F is to be
centered at any integer location where the value of the function is 1.
Consider the case of a
On Fri, Apr 26, 2002 at 11:18:16AM +0200, DSC Siltec wrote:
Specifically, I think that if you have the public key, and the
encrypted data, and know (or can guess) what the unencrypted data
is, then you can quickly deduce the private key.
I forgot to mention: in encryption scenarios with RSA
Hi,
today I saw something mysterious with IPtables. I had a little mistake
in my script. To test the funktionality. i pinged a host in the www and
changed then the wrong entries in my script. I looked with tcpdump if
the ping becomes a reply. But erverything i've done, no reply came back.
Then i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
Michael Robinson wrote:
[snip]
| Finding the unencrypted data in this case is equivalent to either
| cracking the session key RNG, or cracking the symmetric cipher, the
| ability to do either of which obviates the need to deduce the RSA
|
On Fri, Apr 26, 2002 at 08:59:50AM +0200, Martin Quinson wrote:
What is a cross-site scripting type attack ?
One of the first analyses was published by Marc Slemko of the Apache
Group at http://httpd.apache.org/info/css-security/ . You'll
probably have to read the CERT links on that page as
Hallo Brane,
I'm actually a K-13 student, and so in my 'strategic'
position I'm on both sides, admin of debian box and 3v1l cracker :)
No, well.. I was just kidding, I have really better things to
do than actually cracking Debian boxes in pubblic environments,
but anyway I what do you think
Htaccess:
---
You should be aware, that when you use normal .htaccess protection, browser
never logout..With eg. Internet Explorer, all intances of IE have to be
closed to make the browser forget the login..
There are several tricks to make the browser forget the login, but none
really
Michael Robinson wrote:
On Fri, Apr 26, 2002 at 11:18:16AM +0200, DSC Siltec wrote:
Now, define this function to be F, and define P to be the product of
a whole bunch of functions F. Now, define that a function F is to be
centered at any integer location where the value of the function
On Fri, Apr 26, 2002 at 07:55:06PM +0200, Dan Faerch wrote:
You should be aware, that when you use normal .htaccess protection,
browser never logout..With eg. Internet Explorer, all intances of IE
have to be closed to make the browser forget the login..
Actually, I think instances of IE that
First check if your reverse DNS is working, after that, try to put the line:
sshd: 192.168.1.10 192.168.1.11
In your /etc/hosts.allow.
Regards
[EMAIL PROTECTED] escreveu em Wed, 24 Apr 2002 22:18:14 +0700 (JAVT):
Dear all,
I am a beginner in linux os,
I try to configure tcp_wrapper in
also sprach eim [EMAIL PROTECTED] [2002.04.26.1757 +0200]:
With https data will be encripted and it's impossible to
find out login and password because they're not sent over
the net in a clear way.
never say impossible.
--
martin; (greetings from the heart of the sun.)
\
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
DSC == DSC Siltec [EMAIL PROTECTED] writes:
DSC Actually, the beauty of the Parker Souchacki method is that it
DSC would allow the simultaneous solution of a system of equations that
DSC has one functional solution. Which means that you only need
also sprach Dan Faerch [EMAIL PROTECTED] [2002.04.26.1955 +0200]:
Second more, if your users are allowed to have pages on the same
address as the login system, the browser can, without much effort,
be tricked into giving away your systems username and password to
a personal user page...
how?
38 matches
Mail list logo
