Andy,
May I ask what version of qmail you're on?
Eric
On 4/20/2020 10:15 PM, David Bray wrote:
Hi Andy - you have grasped the problem accurately
As I understand it, the transaction does not leave a great deal of
scope - negotiate the encryption, send a password successfully or
unsuccessfull
Hi Eric - was that for Andy or me
I'm on
- qmail-1.03-3.1.1.qt.el7.x86_64
- qmailadmin-1.2.16-2.qt.el7.x86_64
- qmailmrtg-4.2-3.qt.el7.x86_64
David Bray
0418 745334
2 ∞ & <
On Tue, 21 Apr 2020 at 23:34, Eric Broch wrote:
> Andy,
>
> May I ask what version of qmail you're on?
>
> Er
David,
I just received this OpenSSL security advisory which may be describing
your problem. It describes a vulnerability which allows a DOS attack by
submitting an invalid certificate.
https://www.openssl.org/news/secadv/20200421.txt
-Andy
On 4/20/2020 8:15 PM, David Bray wrote:
Hi
David,
I have no idea where (or even if) incoming TLS sessions are logged.
I've used "openssl s_client" numerous times to see the details of a
connection, but only from the client perspective.
Openssl does have the "s_server" complement of s_client, but I've never
used it:
https://www.open
The other is to leverage some of Andy’s suggestions and use tcpdump on that
port and see 😊
> Il giorno 21 apr 2020, alle ore 16:40, Andrew Swartz
> ha scritto:
>
> David,
>
> I have no idea where (or even if) incoming TLS sessions are logged.
>
> I've used "openssl s_client" numerous times
bes a vulnerability which allows a DOS attack by
> submitting an invalid certificate.
>
> https://www.openssl.org/news/secadv/20200421.txt
>
>
> -Andy
>
>
> On 4/20/2020 8:15 PM, David Bray wrote:
> > Hi Andy - you have grasped the problem accurately
> >
> >
Hey Remo, just looking at Andy's suggestion though
tcpdump - that only copies the data from the port ?
So if if I were to use Andy's idea - it would be an interference in the
port and the data would have to be proxied to the correct port (or lost)
tcpdump - can I use that on an existing connectio
HI David, you can use TCPDump with source IP example
tcpdump src 1.1.1.1
And or with ports if you want. Like this
tcpdump -nnvvS src thebadguyipaddress and dst port 25
> On Apr 21, 2020, at 17:15, David Bray wrote:
>
> Hey Remo, just looking at Andy's suggestion though
>
> tcpdump - tha