SecLists.Org Security Mailing List Archive

Any hacker will tell you that the latest news and exploits are not found on any web site—not even Insecure.Org. No, the cutting edge in security research is and will continue to be the full disclosure mailing lists such as Bugtraq. Here we provide web archives and RSS feeds (now including message extracts), updated in real-time, for many of our favorite lists. Browse the individual lists below, or search them all:

Insecure.Org Lists

Nmap Development — Unmoderated technical development forum for debating ideas, patches, and suggestions regarding proposed changes to Nmap and related projects. Subscribe here.

smb NSE scripts with special characters password Carlos Gomes - FCHS (Oct 31)
Hello Everyone

I'm trying to do a nmap scan using some smb nse scripts, mostly with
authenticated shares parsing user / password within the script-args.

But when the share uses special characters, the scan breaks and some escape
characters are needed within the arguments.

For example, this scan:
nmap -PE -PS80,69,443,3389,8080 -PP -PA21 -PU161,137-139,123 -sS -sU -sV -O
-d2 -vv -pT:0-65535,U:137,161 --script...

Won't switch to monitor mode on windows 10 Joshua Van Doren (Oct 27)

Nmap issue : Error compiling our pcap filter: expression rejects all packets Thuse, Saurabh (Sep 29)
Hi All,

We are getting below error with Nmap 7.91 while doing port scanning.

Issue :
Nmap port scan fails with Error compiling our pcap filter: expression rejects all packets

Description :
When we are running Nmap port scanning from Windows we get below error with details

nmap.exe" -oX - --privileged --min-rtt-timeout 500ms -sS -sU -T4 -PE -p
T:513,5985,5986,3940,5988,902,135,5989,80,21,22,23,443,U:161 10.77.160.110 10.66.0.112...

How to set MTU for "Adapter for loopback capture" device? David Aldrich (Sep 16)
Hi

I am working on Windows and need to capture packets from a test app, using
Wireshark, via a loopback device. The goal is to test my Wireshark
dissector.

I understand that Wireshark's recommendation is to use the "Adapter for
loopback capture" device (\Device\NPF_Loopback). I am doing this and it
works fine.

I now need to test with large messages to see how my dissector handles
fragmented messages (in TCP).

To do this I need...

TypeError: encoded string too long (589, maximum length 519) error javinzatwarniski (Sep 16)
I am receiving this error every time I try to scan an IP with Zenmap on
Windows.

Version: 7.92

Traceback (most recent call last):

File "zenmapGUI\ScanInterface.pyo", line 389, in start_scan_cb

File "zenmapGUI\ScanInterface.pyo", line 465, in execute_command

File "zenmapCore\NmapCommand.pyo", line 173, in __init__

File "tempfile.pyo", line 307, in mkstemp

File "tempfile.pyo", line...

Re: Ubiquiti routers now run nmap automatically causing an interesting situation Dario Ciccarone (dciccaro) via dev (Aug 25)
Well . . .

DISCLAIMER: the following is my *own personal opinion* and should in no way be interpreted as my employer's position or
opinion. My statements here are my own.

I recently bought a NETGEAR Orbi kit, to update my home network replacing both an Ubiquiti AP and an Ubiquiti
"router/firewall". If for no other reason than the Ubiquiti gear was just not able to keep up to my 1Gbps ATT Fiber
connection to the Internet.

I...

Re: Ubiquiti routers now run nmap automatically causing an interesting situation James M. Scardelis, CISA, CIPP, CIPP/IT, MCT, MCSE, CTT+ (Aug 25)
Running port scanners without permission from the user is, um, problematic. Strongly recommend reporting this "bug" to
Ubiquiti.

On 8/25/21, 8:09 PM, "dev on behalf of Dario Ciccarone (dciccaro) via dev" <dev-bounces () nmap org on behalf of dev
() nmap org> wrote:

Hey, Nick:

One other option missing here is - contacting Ubiquiti and talk to them ? About the issues their default
behavior is creating...

Re: Ubiquiti routers now run nmap automatically causing an interesting situation Dario Ciccarone (dciccaro) via dev (Aug 25)
Hey, Nick:

One other option missing here is - contacting Ubiquiti and talk to them ? About the issues their default
behavior is creating ? And I assume they're not only scanning *your devices*, but probably the whole L3 subnet, so
others may also experience similar issues. Or worse - if the device doesn't react properly to the scan . . .

So I would contact Ubiquiti, explain the situation, see what they say....

Ubiquiti routers now run nmap automatically causing an interesting situation Nick Kelsey (Aug 25)
Interesting situation...

At my day job (Silicondust) we have started getting support
questions/complaints from customers who have Ubiquiti routers at home -
it seems that Ubiquiti routers now run Nmap automatically, not sure if
daily.

When Nmap probes a Silicondust HDHomeRun tuner it works well - Nmap
finds port 80 (device webpages) and port 5004 (http for video) and
correctly identifies it as a HDHomeRun device.

Likewise the HDHomeRun...

ncat --ssl-alpn in listen mode David Timber (Jul 20)
Hi,

I'd just like to know why I can't use --ssl-alpn with -l? I'm trying to use
ncat as a "replay station" to debug my program and I didn't want to write a
new program when I can use ncat for the job.
I'm attempting to remove this restriction on ncat. I'll send you the patch
if you're interested.

Thanks,

Does nping connect without a full handshake? CoDDoC via dev (Jul 20)
Hello to all!

I nping my test server to check iptables rules.
My command is (from Windows host):
nping --tcp --dest-ip x.x.x.x --dest-port xxxx --flags syn --count 1

I see only sent packet without answer:

Starting Nping 0.7.91 ( https://nmap.org/nping ) at 2021-07-20 13:45 RTZ 2 (ceia)
SENT (0.0470s) TCP y.y.y.y:yyyy > x.x.x.x:xxxx S ttl=64 id=30211 iplen=40 seq=2267374717 win=1480
Max rtt: N/A | Min rtt: N/A | Avg rtt: N/A
Raw...

Re: npcap 1.50 receiving too many packets. Daniel Miller (Jul 01)
Michael,

Thanks for pointing this out. I'll investigate and get back to you. The
extra packets I believe are "protocol unreachable" errors that we had
previously been stripping out within Npcap. We had removed the code that
stripped them from the packet stream in the interest of transparency and
simplicity, so the solution is likely to restore that code, but I will
investigate other ways as well.

Dan

On Thu, Jun 24, 2021 at 4:37...

Known issues with nmap and TOE? Brian Milliron (Jul 01)
Recently I had an nmap scan (flags -n -A and -p 1-65535) DoS a
customer's network. This is the first time I have encountered this so I
did some digging to find out what went wrong. The scan logs stop on
some network hardware from Chelsio Communications. I'm not familiar
with them, but they sell a line of products that seem to be involved
in some kind of TCP offloading which they call Unified Wire and
Protocol Acceleration. From what I...

Nmap Announce — Moderated list for the most important new releases and announcements regarding the Nmap Security Scanner and related projects. We recommend that all Nmap users subscribe.

Nmap 7.92 Defcon Release! Gordon Fyodor Lyon (Aug 07)
Hi folks. Many of us can't attend Defcon in person this year due to global
pandemic, but we won't let that stop our traditional Defcon Nmap release!
We just posted Nmap 7.92 to https://nmap.org/download.html. It includes
dozens of performance improvements, feature enhancements, and bug fixes
that we've made over the last 10 months.

The biggest improvement (at least for Windows users) is the inclusion of
version 1.50 of Npcap (...

Npcap 1.50 Release Brings Nmap & Wireshark to Windows ARM devices Gordon Fyodor Lyon (Jun 28)
Hi folks. The Nmap Project is pleased to release Npcap version 1.50 at
https://npcap.org. There are many improvements in this release, but the
one we're most excited about is support for the ARM architecture! This
allows apps like Nmap and Wireshark to run for the first time on a newer
generation of hardware which often includes all-day battery life and
always-on LTE/5G capabilities. Devices vary from the $349 Samsung Galaxy
Book Go...

Npcap 1.30 Released: Raw WiFi + Better Performance Gordon Fyodor Lyon (Apr 12)
Hi folks. The Nmap Project is pleased to release Npcap Version 1.30 at
https://npcap.org. We hope Nmap and Wireshark users will be especially
happy with the raw WiFi improvements, since you tend to be particularly
savvy about low-level network inspection. It turns out that some of the
issues we thought were caused by lower level hardware drivers were actually
bugs in our driver. Oops! But at least that means we can fix them
ourselves, and we did....

Npcap 1.20 released Gordon Fyodor Lyon (Mar 16)
Nmap/Npcap Community:

I'm happy to report the release of version 1.20 of the Npcap Windows packet
capturing/sending driver! It's the first release of 2021 and includes
better capabilities for selecting timestamp methods as well as many other
improvements and bug fixes. These include updating the underlying libpcap
library to version 1.10 and building our installer now with NSIS 3. More
details on all this are available from the...

Nmap 7.91 Bugfix Release Gordon Fyodor Lyon (Oct 14)
Hello everyone. I'm glad Nmap 7.90 was so well received! There were so
many improvements that the official announcement (
https://seclists.org/nmap-announce/2020/1) was a bit unwieldy. So Daniel
Miller (who made most of those changes) Tweeted his top highlights at
https://twitter.com/bonsaiviking/status/1313247253197393920

While we do work hard to avoid bugs during development and to catch them
pre-release through continuous integration...

Nmap 7.90 Released! First release since August 2019. Gordon Fyodor Lyon (Oct 03)
Hello everyone. Hot on the heels of the big Npcap 1.00 release (
https://seclists.org/nmap-announce/2020/0), we're delighted to announce a
new Nmap--version 7.90! It's the first Nmap release since Defcon 2019, even
though we've made 16 Npcap releases since then. Raw packets are so
fundamental to Nmap that we really wanted to get it right. With the
production-ready and highly performant Npcap 1.00 driver included, we can
finally...

Npcap 1.00 was just released and a new Nmap is on the way! Gordon Fyodor Lyon (Sep 28)
Hello everyone. I hope you are all safe and well during this nasty
pandemic. I obviously haven't been wearing my marketing hat enough given
that this is my first mail to the Nmap Announcement list since last
August's Nmap 7.80 release. But we've been heads-down programming since
then and have great news to report!

The biggest news is that, after more than 7 years of development and 170
previous public releases, we're...

Full Disclosure — A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.

My Movie Collection Sinatra App - (Login) XSS Vulnerabilities info () vulnerability-lab com (Nov 02)
Document Title:
===============
My Movie Collection Sinatra App - (Login) XSS Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2293

Release Date:
=============
2021-11-01

Vulnerability Laboratory ID (VL-ID):
====================================
2293

Common Vulnerability Scoring System:
====================================
5.1

Vulnerability Class:
====================
Cross Site...

My Movie Collection Sinatra App - (Movie) XSS Vulnerability info () vulnerability-lab com (Nov 02)
Document Title:
===============
My Movie Collection Sinatra App - (Movie) XSS Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2294

Release Date:
=============
2021-11-01

Vulnerability Laboratory ID (VL-ID):
====================================
2294

Common Vulnerability Scoring System:
====================================
5.6

Vulnerability Class:
====================
Cross Site...

Hotel Listing (WP Plugin) v3.x - MyAccount XSS Vulnerability info () vulnerability-lab com (Nov 02)
Document Title:
===============
Hotel Listing (WP Plugin) v3.x - MyAccount XSS Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2277

Release Date:
=============
2021-10-28

Vulnerability Laboratory ID (VL-ID):
====================================
2277

Common Vulnerability Scoring System:
====================================
5.3

Vulnerability Class:
====================
Cross Site...

PHPJabbers Simple CMS v5 - Persistent XSS Vulnerability info () vulnerability-lab com (Nov 02)
Document Title:
===============
PHPJabbers Simple CMS v5 - Persistent XSS Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2300

Release Date:
=============
2021-10-28

Vulnerability Laboratory ID (VL-ID):
====================================
2300

Common Vulnerability Scoring System:
====================================
5.4

Vulnerability Class:
====================
Cross Site...

Backdoor.Win32.Agent.sah / Heap Corruption malvuln (Nov 02)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/3ee7a90b5fc3f2b7ba68911e8220df17.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.sah
Vulnerability: Heap Corruption
Description: The malware listens on TCP port 33308. Third-party attackers
who can reach infected systems can send a 32 byte junk payload causing a
heap corruption overwriting the ECX...

Trojan.Win32.Delf.bna / Information Disclosure malvuln (Nov 02)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/6bf08611410e3ef7df67d781a2e8efed.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Delf.bna
Vulnerability: Information Disclosure
Description: The malware listens on TCP port 9000 and has the option to set
a password in "Config.ini". Third party attackers who can reach an infected
system can view the...

Trojan.Win32.Phires.zm / Insecure Permissions malvuln (Nov 02)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/34fb086a88f3a2506b61a17cced3b476.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Phires.zm
Vulnerability: Insecure Permissions
Description: The malware creates an dir with insecure permissions
containing a registry file with a ".desc" extension, under c:\ drive
granting change (C) permissions to the...

Trojan.Win32.Pasta.mca / Insecure Permissions malvuln (Nov 02)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/4692b129b0034fd53cd76867d9869e49.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Pasta.mca
Vulnerability: Insecure Permissions
Description: The malware writes an .DLL file with insecure permissions
under c:\ drive granting change (C) permissions to the authenticated user
group. Standard users can rename the...

Viruscreds - Malware password database malvuln (Nov 02)
Viruscreds - Database of backdoor passwords used by Malware, uncovered by
the Malvuln project.

https://github.com/malvuln/viruscreds

Backdoor.Win32.Prorat.ntz / Weak Hardcoded Password malvuln (Oct 29)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/ab96d7f9e008a0774239be6be0c8e7bb_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Prorat.ntz
Vulnerability: Weak Hardcoded Password
Description: The malware runs an FTP server on TCP port 2121. The authors
handle "NeoKurD" displayed in the FTP banner response is reused as the
password, just in...

Backdoor.Win32.Prorat.ntz / Port Bounce Scan malvuln (Oct 29)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/ab96d7f9e008a0774239be6be0c8e7bb.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Prorat.ntz
Vulnerability: Port Bounce Scan
Description: The malware runs an FTP server that listens on TCP port 2121.
Third-party attackers who successfully logon can abuse the backdoor FTP
server as a man-in-the-middle machine...

Virus.Win32.Ipamor.c / Unauthenticated Remote System Reboot malvuln (Oct 29)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/b6bfdfe91c3e37865b6a269dc9ff9302.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Virus.Win32.Ipamor.c
Vulnerability: Unauthenticated Remote System Reboot
Description: The malware listens on UDP port 139. Third-party attackers can
send a single uppercase char "D" datagram packet to the infected machine
causing it to...

Backdoor.Win32.Antilam.14.o / Unauthenticated Remote Command Execution malvuln (Oct 29)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/2914f01e65d848655d4f1aac51ff04d1.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Antilam.14.o
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP ports 47891, 29559. Third party
attackers who can reach infected systems can execute commands made
available by the...

HEUR.Backdoor.Win32.Generic / Unauthenticated Open Proxy malvuln (Oct 29)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/6a96fc226fbe9f0efbcc8a7b2e34b807.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HEUR.Backdoor.Win32.Generic
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on TCP ports 8080, 1080. Third-party
attackers who can connect to the infected system can relay requests from
the original connection to the...

Backdoor.Win32.Mazben.es / Unauthenticated Open Proxy malvuln (Oct 29)
Discovery / credits: Malvuln - malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/fcd611ccbc756fab43761f4b18372b81.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Mazben.es
Vulnerability: Unauthenticated Open Proxy
Description: The malware listens on random TCP ports like 2608, 6751, 3087,
5947. Third-party attackers who can connect to the infected system can
relay requests from the original...

Other Excellent Security Lists

Bugtraq — The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!

Info Security News — Carries news items (generally from mainstream sources) that relate to security.

Daily Dave — This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.

Re: Active Directory - a clear and present danger Moses Frost via Dailydave (Jul 26)
I am always in shock when people cannot see the forests from the tree's even when talking to peers. First things first,
Azure AD and many IdP's are not impervious to attack. Through Oauth2 and other privilege abuse angles in the IdP
itself, backdooring systems are (and will continue to be) a thing. For those on defense, I hope you are checking on
those MS Graph enabled Service Principals while I am waving at the other end (hello)....

Re: Active Directory - a clear and present danger François Zöfel via Dailydave (Jul 26)
Speaking for a heavily regulated EU business here: a US cloud based solution will most probably not fit our needs. Both
GDPR and rules about not being dependent on 3rd party businesses to conduct our own mean we’re stuck with an on-prem AD.

I’m very interested to hear about any potential alternative.

François

Le dim., juil. 25, 2021 à 07:50, Peter Bance via Dailydave <dailydave () lists aitelfoundation org> a écrit :

Dailydave...

Re: Active Directory - a clear and present danger Peter Bance via Dailydave (Jul 25)
Funnily enough, I’ve just decommissioned our last Domain Controller - as you rightly say, AD is just too much pain/risk
to keep in place. Azure AD for us - still not 100% ideal, but rapidly improving, and transfers a lot of the
infrastructure/config pain to Microsoft themselves.

Obviously admins can still make horrible mistakes, but that’s easier to monitor than all config across an on-prem
forest, and it’s far simpler to limit (or even...

Active Directory - a clear and present danger Dave Aitel via Dailydave (Jul 24)
So I definitely have a different mental history of active directory than
most people, and recently I was doing a Glasshouse podcast with Pablo Breuer
<https://www.linkedin.com/in/pablobreuer/> and here
<https://youtu.be/Z0d6qNLevUY?t=2714> he says basically the same thing
everyone says, which is that it's impossible to move off of technology even
when that technology has a history of severe flaws, or a design flaw that
means it...

"Hack the Planet" Dave Aitel via Dailydave (May 20)
[image: image.png]

Ok ya'll - you're letting me down. There's a thousand ways you and your
friends can use 10k to improve the world - engineering a solution nobody
would pay for because it's not something you can put at a booth at RSAC.

EVERYONE ON THIS LIST needs to either submit for a grant, or find someone
who will submit for a grant. You're telling me not one of those
superhackers at Microsoft and Google can find a...

Plausible. Dave Aitel via Dailydave (Apr 11)
A while back I was chatting with someone at INFILTRATE, over fried
alligator and more alcohol than I probably should have imbibed, and he
said, "We're going to make fuzzing obsolete, because we have more CPUs on
the problem than anyone can reasonably duplicate, and we're going to
exhaust the space".

And it's PLAUSIBLE in a way. I've watched a few of the live streams that
Brandon Falk does, and you can see how like,...

PaulDotCom — General discussion of security news, research, vulnerabilities, and the PaulDotCom Security Weekly podcast.

BHIS Sorta Top Used Tools of 2018 John - Black Hills Information Security (Dec 06)
Free Webcast

Hello all,

For our next webcast we will cover some of the core tools we use all the time at Black Hills Information Security.
However, there will be a twist. We will not talk about Nessus, Nmap, or Metasploit. Why? Because there are a ton of new
(and older) tools we use that fall outside of the standard tools you see in every security book/blog out there.

Basically, we are trying to be edgy and different.

You may want to come...

BHIS Webcast - Tues 10/2 @ 11am MDT John Strand - Black Hills Information Security (Sep 26)
Hello All,

In this next webcast I want to cover what I am doing with the BHIS Systems team to create a C2/Implant/Malware test
bed. Testing our C2/malware solutions is important because vendors tend to lie or over-hype their capabilities. I will
cross reference some different malware specimens to the MITRE ATT&CK framework and we will cover how you can use these
techniques to test your defensive solutions at both the endpoint and the...

BHIS Webcast: The PenTest Pyramid of Pain 9/4 - 11am MDT Sierra - Black Hills Information Security (Aug 29)
Hello!

How are you all? We had a fantastic webcast last week with John Strand and Chris Brenton and we're still working
through some unexpected hiccups to get the recording up and posted. The podcast version is on our blog, and the YouTube
version will be posted shortly on the Active Countermeasures channel and blog as well. Thanks for all of you who
ventured over to attend!

Ready for another awesome BHIS webcast? Dakota is back and...

Webcast with CJ: Tues 7/24 at 11am Sierra - Black Hills Information Security (Jul 19)
Our upcoming webcast will be about POLICY...

Did you check out when you heard “policy”? Policy can often seem like a drudgery, but it’s also an important and
potentially overlooked part of business and procedure; it’s the framework on which security is really built!

CJ, our COO and Head of Sales has experience writing, assessing and implementing policies for many different kinds of
companies. And if you are worried it will be dry and...

Microsoft Sec Notification — Beware that MS often uses these security bulletins as marketing propaganda to downplay serious vulnerabilities in their products—note how most have a prominent and often-misleading "mitigating factors" section.

Microsoft Security Update Minor Revisions Microsoft (Dec 11)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: December 11, 2018
********************************************************************

Summary
=======

The following CVE has undergone a minor revision
increment:

* CVE-2018-8172

Revision Information:
=====================

- CVE-2018-8172 | Visual Studio Remote Code Execution
Vulnerability
-...

Microsoft Security Update Minor Revisions Microsoft (Nov 14)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: November 14, 2018
********************************************************************

Summary
=======

The following CVEs and advisory have undergone a minor revision
increment:

* CVE-2018-8454
* CVE-2018-8552
* ADV990001

Revision Information:
=====================

- CVE-2018-8454 | Windows Audio Service...

Microsoft Security Update Minor Revisions Microsoft (Oct 24)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: October 24, 2018
********************************************************************

Summary
=======

The following CVE has undergone a minor revision increment:

* CVE-2018-8512

Revision Information:
=====================

- CVE-2018-8512 | Microsoft Edge Security Feature Bypass
Vulnerability
-...

Microsoft Security Update Releases Microsoft (Oct 19)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 19, 2018
********************************************************************

Summary
=======

The following CVE been added to the October 2018 Security updates:

* CVE-2018-8569

Revision Information:
=====================

- CVE-2018-8569 | Yammer Desktop Application Remote Code Execution
Vulnerability
-...

Microsoft Security Update Releases Microsoft (Oct 17)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 17, 2018
********************************************************************

Summary
=======

The following CVEs have undergone a major revision increment:

* CVE-2010-3190

Revision Information:
=====================

- CVE-2010-3190 | MFC Insecure Library Loading Vulnerability
-...

Microsoft Security Update Minor Revisions Microsoft (Oct 09)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: October 9, 2018
********************************************************************

Summary
=======

The following CVE has undergone a minor revision increment:

* CVE-2018-8531

Revision Information:
=====================

- CVE-2018-8531 | Azure IoT Device Client SDK Memory Corruption
Vulnerability
-...

Microsoft Security Update Releases Microsoft (Oct 09)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 9, 2018
********************************************************************

Summary
=======

The following CVE been added to the October 2018 Security updates:

* CVE-2018-8292

Revision Information:
=====================

- CVE-2018-8292 | .NET Core Information Disclosure Vulnerability
-...

Microsoft Security Update Releases Microsoft (Oct 09)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 9, 2018
********************************************************************

Summary
=======

The following bulletin has undergone a major revision increment:

* MS11-025

Revision Information:
=====================

- https://docs.microsoft.com/en-us/security-updates/
SecurityBulletins/2011/ms11-025:...

Microsoft Security Update Summary for October 9, 2018 Microsoft (Oct 09)
********************************************************************
Microsoft Security Update Summary for October 9, 2018
Issued: October 9, 2018
********************************************************************

This summary lists security updates released for October 9, 2018.

Complete information for the October 2018 security update release can
Be found at
<https://portal.msrc.microsoft.com/en-us/security-guidance>.

Please note the...

Microsoft Security Update Releases Microsoft (Oct 02)
********************************************************************
Title: Microsoft Security Update Releases
Issued: October 2, 2018
********************************************************************

Summary
=======

The following CVE has undergone a major revision increment:

* CVE-2018-0952

Revision Information:
=====================

- CVE-2018-0952 | Diagnostic Hub Standard Collector Elevation of
Privilege Vulnerability
-...

Microsoft Security Advisory Notification Microsoft (Sep 12)
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: September 12, 2018
********************************************************************

Security Advisories Released or Updated on September 12, 2018
===================================================================

* Microsoft Security Advisory ADV180022

- Title: Windows Denial of Service Vulnerability
-...

Microsoft Security Update Minor Revisions Microsoft (Sep 12)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: September 12, 2018
********************************************************************

Summary
=======

The following CVEs have undergone a minor revision increment:

* CVE-2018-8421
* CVE-2018-8468

Revision Information:
=====================

- CVE-2018-8421 | .NET Framework Remote Code Execution
Vulnerability...

Microsoft Security Update Summary for September 11, 2018 Microsoft (Sep 11)
********************************************************************
Microsoft Security Update Summary for September 11, 2018
Issued: September 11, 2018
********************************************************************

This summary lists security updates released for September 11, 2018.

Complete information for the September 2018 security update release can
Be found at
<https://portal.msrc.microsoft.com/en-us/security-guidance>....

Microsoft Security Update Releases Microsoft (Sep 11)
********************************************************************
Title: Microsoft Security Update Releases
Issued: September 11, 2018
********************************************************************

Summary
=======

The following CVE has undergone a major revision increment:

* CVE-2018-8154

Revision Information:
=====================

- CVE-2018-8154 | Microsoft Exchange Memory Corruption
Vulnerability
-...

Microsoft Security Advisory Notification Microsoft (Sep 11)
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: September 11, 2018
********************************************************************

Security Advisories Released or Updated on September 11, 2018
===================================================================

* Microsoft Security Advisory ADV180002

- Title: Guidance to mitigate speculative execution...

Funsec — While most security lists ban off-topic discussion, Funsec is a haven for free community discussion and enjoyment of the lighter, more humorous side of the security community

Verizon: 1.5M of Contact Records Stolen, Now on Sale Jeffrey Walton (Mar 26)
http://www.mobipicker.com/verizon-1-5m-contact-records-stolen-now-sale/:

A business to business telecommunication giant,
Verizon Enterprise Solutions, a Basking Ridge,
New Jersey-based company, has been the latest
victim of a cyber crime that stole 1.5 million contact
records of the customers of Verizon...

I don't quite understand this double talk. Could someone explain to me:

A spokesperson from Verizon said that...

Statement on Lavabit Citation in Apple Case Jeffrey Walton (Mar 16)
(From John Young on another list):
http://www.facebook.com/KingLadar/posts/10156714933135038

As many of you already know, the government cited the Lavabit case in
a footnote. The problem is their description insinuates a precedent
that was never created. Obviously I was somewhat disturbed by their
misrepresentation. So I decided to draft a statement. And keep in
mind, these are the same people who say "trust us." Click continue to
read...

The NSA's back door has given every US secret to our enemies Jeffrey Walton (Feb 29)
http://www.businessinsider.com/john-mcafee-nsa-back-door-gives-every-us-secret-to-enemies-2016-2

Deng Xiaoping, in 1979 - his second year as supreme leader of China -
perceived a fundamental truth that has yet to be fully grasped by most
Western leaders: Software, if properly weaponized, could be far more
destructive than any nuclear arsenal.

Under Deng’s leadership, China began one of the most ambitious and
sophisticated meta- software...

Can Spies Break Apple Crypto? Jeffrey Walton (Feb 27)
Here's an interesting exchange between Cryptome and Michael Froomkin,
Law Professor at University of Miami, on the All Writs Act
(http://cryptome.org/2016/02/can-spies-break-apple-crypto.htm):

-----

A. Michael Froomkin:

The factual posture in the key Supreme Court precedent, New York
Telephone, involved a situation where only the subject of the order
was capable of providing the assistance at issue. This is the basis
for Apple's...

The FBI's iPhone Problem: Tactical vs. Strategic Thinking Jeffrey Walton (Feb 23)
http://www.technewsworld.com/story/83130.html

I'm an ex-sheriff, and I've been in and out of security jobs for much
of my life, so I've got some familiarity with the issues underlying
the drama between the FBI and Apple. FBI officials -- and likely those
in every other three-letter agency and their counterparts all over the
world -- would like an easier way to do their jobs. Wouldn't we all?

If they could put cameras in...

Wanted: Cryptography Products for Worldwide Survey Jeffrey Walton (Jan 01)
(http://www.schneier.com/crypto-gram/archives/2015/1215.html):

In 1999, Lance Hoffman, David Balenson, and others published a survey
of non-US cryptographic products. The point of the survey was to
illustrate that there was a robust international market in these
products, and that US-only export restrictions on strong encryption
did nothing to prevent its adoption and everything to disadvantage US
corporations. This was an important contribution...

CERT Advisories — The Computer Emergency Response Team has been responding to security incidents and sharing vulnerability information since the Morris Worm hit in 1986. This archive combines their technical security alerts, tips, and current activity lists.

Open Source Security — Discussion of security flaws, concepts, and practices in the Open Source community

Barrier "software KVM switch" multiple remote security issues Matthias Gerstner (Nov 02)
Hello list,

recently the Barrier project [1] published new releases that address a couple
of security issues I reported to them. Following is the full review report I
shared with upstream on 2021-07-30. Attached to this email is a tarball
containing reproducer scripts that are mentioned in the report.

[1]: https://github.com/debauchee/barrier

I. Introduction
===============

Barrier is a software based approach to a "KVM" switch. It...

Re: Trojan Source Attacks Siddhesh Poyarekar (Nov 01)
That's because unicode rendering is a UI element and calling compilers
"impacted" is misunderstanding the issue. There's scope for adding
new diagnostics to square with UI representation of unicode, but
that's at best an optional warning and it may not even be feasible in
all cases. A comprehensive language aware CI lint check is perhaps
more suitable but if such a check devolves into "7-bit ascii only...

Re: Trojan Source Attacks Jan Engelhardt (Nov 01)
Perhaps a case of "not my problem".

The filesystem layer of many an operating system does not care about filenames.
The only rules, if any, are the special meaning of the hierarchy separator (if
any) and perhaps a string terminator (if any).

Compilers - could be the same thing. As long as the grammar is satisfied,
why should they bother what comes in. ("Write/use better editors and frontends")

Re: Trojan Source Attacks Santiago Torres (Nov 01)
Along the same lines, there were a myriad of attacks using bash-style
sequences to obscure parts of patches inside of git show/git log/less/
other pagers not too long ago (circa 2017, maybe?). We even discussed
similar possibilities on this paper[1] (sec 4.3) when mentioning git
commit signing of content displayed on collaborative coding platforms.

Overall there's a plethora of work around "punycode meets tool X" that
I'm...

Re: Trojan Source Attacks Perry E. Metzger (Nov 01)
If it was known to everyone, then why are so many language interpreters
and compilers impacted? Surely if this was truly something that was well
understood by the community, then it wouldn't be a problem. (Claims that
people who write compilers are fools will be cheerfully ignored.)

There's a phenomenon in many social groupings of there being "folklore"
that people don't seem to find worth writing down because...

CVE-2021-41973: Apache MINA HTTP listener DOS Emmanuel Lecharny (Nov 01)
Severity: critical

Description:

In Apache MINA, a specifically crafted, malformed HTTP request may
cause the HTTP Header decoder to loop indefinitely. The decoder
assumed that the HTTP Header begins at the beginning of the buffer and
loops if there is more data than expected. Please update MINA to 2.1.5
or greater.

References:...

Re: Trojan Source Attacks Jan Engelhardt (Nov 01)
Not so novel. At one time, this picture made the rounds
(https://twitter.com/acronis/status/1019152990022787072 - the pic is likely
older than this 2018 tweet), and anyone who knew that Unicode had zero-width
characters already made the connection.

And I can imagine an attacker would rather try to inject Evil Unicode-Based
Code through a preprocessor of sorts (e.g. a bison .y file), because the output
of such generators is something few people...

Trojan Source Attacks Nicholas Boucher (Nov 01)
OSS Security teams,

We have identified an issue affecting all compilers and interpreters
that support Unicode. We believe that the techniques described hereafter
can be used to generate adversarial encodings of source code files that
can be used to craft targeted attacks against source code that cannot be
seen by human reviewers in rendered text. This is of concern to the open
source community because, absent defenses, supply chain attacks...

Re: CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code Dave Horsfall (Nov 01)
[...]

Am I the only one here who remembers the original ALGOL specification that
what is printed on the paper is the language?

We've seen the same in the DNS, so I guess that it was only a matter of
time.

-- Dave

Re: CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code Jakub Wilk (Nov 01)
Is it intentional that (here and elsewhere in the patch) they didn't
include all the characters with the Bidi_Control property?

$ grep -w Bidi_Control /usr/share/unicode/PropList.txt
061C ; Bidi_Control # Cf ARABIC LETTER MARK
200E..200F ; Bidi_Control # Cf [2] LEFT-TO-RIGHT MARK..RIGHT-TO-LEFT MARK
202A..202E ; Bidi_Control # Cf [5] LEFT-TO-RIGHT EMBEDDING..RIGHT-TO-LEFT OVERRIDE
2066..2069...

CVE-2021-27644: Apache DolphinScheduler: DolphinScheduler mysql jdbc connector parameters deserialize remote code execution Calvin Kirs (Nov 01)
Severity: low

Description:

In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center.
(Only applicable to MySQL data source with internal login account password)

Credit:

This issue was discovered by Jinchen Sheng of Ant FG Security Lab

[ANNOUNCE] Apache MINA 2.0.22 & 2.1.5 released Emmanuel Lecharny (Nov 01)
The Apache MINA project is pleased to announce MINA 2.0.22 and 2.1.5 !

Apache MINA (http://mina.apache.org) is a network application
framework which helps users develop high performance and high
scalability network applications easily by providing an abstract,
event-driven, asynchronous API over various transports such as TCP/IP
and UDP/IP vis Java NIO.

The Apache MINA project website includes resources such as
introductory presentation slides,...

CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code Pietro Albini (Oct 31)
The Rust Security Response WG was notified of a security concern affecting
source code containing "bidirectional override" Unicode codepoints: in some
cases the use of those codepoints could lead to the reviewed code being
different than the compiled code.

This is a vulnerability in the Unicode specification, and its assigned
identifier is CVE-2021-42574. While the vulnerability itself is not a rustc
flaw, we're taking proactive...

Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 Salvatore Bonaccorso (Oct 31)
Hi,

I did not got a reply but apparently the CVE entry got re-populated
at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30851 and
now reads as "A memory corruption vulnerability was addressed with
improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS
8, iOS 15 and iPadOS 15. Processing maliciously crafted web content
may lead to code execution."

Regards,
Salvatore

CVE website transition from cve.mitre.org to cve.org Alan Coopersmith (Oct 29)
FYI for those who aren't subscribed to the CVE newsletter or blog and
don't follow https://twitter.com/CVEannounce/ - they've sent out this
announcement in this month's newsletter:

> Introducing the all-new CVE Program website at its new “CVE.ORG” web address:
> WWW.CVE.ORG. The new website includes many new features and is optimized for
> users.
>
> This is the first step in transitioning from the old...

Educause Security Discussion — Securing networks and computers in an academic environment.

Internet Issues and Infrastructure

NANOG — The North American Network Operators' Group discusses fundamental Internet infrastructure issues such as routing, IP address allocation, and containing malicious activity.

Re: CenturyLink Fiber Latency Issues (Seattle, WA) Neel Chauhan (Nov 02)
I tried that back in September, it didn't work. It doesn't happen on my
hop but the one after that. Even a second GPON connection shows the
issues if one is running the offending traffic.

The issue occurs even if I'm using 50 Mbps out of my 940.

It may be bufferbloat on CL's side but they keep denying the issue.

I guess I'll have to break the bank and get Comcast Gigabit Pro.

CenturyLink should just get bought out...

RE: CenturyLink Fiber Latency Issues (Seattle, WA) Ryan Hamel (Nov 01)
Neel,

Sounds like buffer bloat.

Run a speed test, whatever is your maximum for your download and upload take
10% away from it, and setup traffic shaping in OPNsense
(https://docs.opnsense.org/manual/shaping.html) with those values. If the
issue goes away, then you're exceeding the buffer of CenturyLink's device
with the bursts of traffic.

Ryan

-----Original Message-----
From: NANOG <nanog-bounces+ryan=rkhtech.org () nanog org>...

CenturyLink Fiber Latency Issues (Seattle, WA) Neel Chauhan (Nov 01)
Hi NANOG Mailing List,

I don't know if any of you work at CenturyLink/Lumen, very less on their
Fiber network in Seattle, WA. However, here's my story.

If I attempt to run certain applications that use 1000, or 10000 TCP
connections, I get latency spikes. It is based on how many connections,
but also how much bandwidth is used. This means certain things like Tor
relays are off limits to me (which I wish to run).

On an idle...

Re: Need for historical prefix blacklist (`rogue' prefixes) information David Conrad (Nov 01)
I’m a little confused. I thought the concern was about decrypting intentionally mis-routed traffic, not a suggestion
that ROV uses encryption…

Regards,
-drc

South Korea KT to pay USD$33.97 million for network outage Sean Donelan (Nov 01)
https://www.koreatimes.co.kr/www/tech/2021/11/133_318025.html
KT to pay W40 bil. in compensation for network outage

KT will pay out up to 40 billion won ($33.97 million) in compensation to
customers of its wired and wireless services, which underwent nationwide
disruptions Oct. 25, the company said.

[...]
KT said it will pay compensation for 10 times the disruption time of 89
minutes...

[...]
NTT Docomo, AT&T, Verizon and T-Mobile...

Re: possible rsync validation dos vuln Giovane C. M. Moura via NANOG (Nov 01)
Good news: the disclosure has been postponed

Quoting from:

https://english.ncsc.nl/latest/news/2021/october/29/upcoming-announcement-of-rpki-cvd-procedure

Update 31 October: Talks have resumed, disclosure is postponed.

Since 30 October, constructive conversation is fortunately taking place
with the parties involved. As such, the NCSC will not publish details
about this vulnerability on Monday 1 November, as previously announced,
but at a...

Re: Need for historical prefix blacklist (`rogue' prefixes) Jakob Heitz (jheitz) via NANOG (Oct 31)
It may be possible to create a fake certificate for a fake ROA.
However, to do that requires a lot of steps to go right.

First, the RSA private key needs to be derived from the public key.
The quantum computer physics exists to do it.
However, the known technology is massively behind and may never materialize.
OTOH, it is a wide open field and someone may find a way to create enough
qubits and entangle them all and keep them stable long enough...

Re: PCH Peering Survey 2021 Adam Thompson (Oct 31)
Question: if I have a written contract with a peer that covers the link and IP service in general, but that contract
does not specifically discuss BGP or peering, is that a Yes or No?
Also, how should I indicate "unknown" , particularly for the Written Contract field?
-Adam

Adam Thompson
Consultant, Infrastructure Services
[1593169877849]
100 - 135 Innovation Drive
Winnipeg, MB, R3T 6A8
(204) 977-6824 or 1-800-430-6404 (MB only)...

Re: Need for historical prefix blacklist (`rogue' prefixes) information J. Hellenthal via NANOG (Oct 30)
He answered it completely. "You" worried about interception of RPKI exchange over the wire are failing to see that
there is nothing there important to decrypt because the encryption in the transmission is not there !

And yet you've failed to even follow up to his question... "What's your point regarding your message? ROV does not use
(nor needs) encryption."

So maybe you could give some context on that so someone...

Re: Need for historical prefix blacklist (`rogue' prefixes) information A Crisan (Oct 30)
Hi Matthew,

Quantum computing exists as POCs, IBM being one of those advertising them
and announced to extend their project. There are others on the market,
Amazon advertised quantum computing as a service back in 2019:
https://www.theverge.com/2019/12/2/20992602/amazon-is-now-offering-quantum-computing-as-a-service.
The bottle neck of the current technology is scalability: we will not see
QC as personal computing level just yet (to go in more...

Re: Need for historical prefix blacklist (`rogue' prefixes) information Amir Herzberg (Oct 30)
I am very grateful for the help I received from several people (mostly off
list, which is great to avoid spamming the list).

In particular, +Giotsas, Vasileios <v.giotsas () lancaster ac uk> , introduced
by Joe Provo, provided a wonderful RIPE resource which provides convenient
API to data from (at least) UCEprotect and SpamHaus, perfectly meeting out
current needs: https://stat.ripe.net/docs/data_api#blocklist.

Let me also use this email...

Re: Comcast? Layer2 / ELAN TJ Trout (Oct 29)
I would request an on-site rfc test that should clear things up quickly

Re: Need for historical prefix blacklist (`rogue' prefixes) information Amir Herzberg (Oct 29)
(this is an answer to Matthew but also with a question to all NANOGers, see
below, under `is this true?')

Matthew, thanks for your feedback on our paper - always welcome - although
the email I sent wasn't about ROV++ but on our need for historical data on
blacklisted prefixes. (our use is not limited to ROV++ as we are
investigating other attacks and defenses, including our own and proposed by
others).

Anyway let me briefly respond to...

Re: Comcast? Layer2 / ELAN Livingood, Jason via NANOG (Oct 29)
I’ll reply off-list in a sec

From: NANOG <nanog-bounces+jason_livingood=cable.comcast.com () nanog org> on behalf of Joe Carroll <joe () theneutral
net>
Date: Friday, October 29, 2021 at 14:16
To: nanog list <nanog () nanog org>
Subject: Comcast? Layer2 / ELAN

Greetings Fellow Nanog'ers

Are there any Comcast engineers in the group that could help to sort out a 10GB layer2 ELAN issue in Florida?

We are short of...

RE: possible rsync validation dos vuln Jean St-Laurent via NANOG (Oct 29)
https://www.ncsc.nl/actueel/nieuws/2021/oktober/29/aanstaande-bekendmaking-cvd-procedure-rpki

-----Original Message-----
From: NANOG <nanog-bounces+jean=ddostest.me () nanog org> On Behalf Of Niels Bakker
Sent: October 29, 2021 2:01 PM
To: nanog () nanog org
Subject: Re: possible rsync validation dos vuln

* nanog () nanog org (Jean St-Laurent via NANOG) [Fri 29 Oct 2021, 19:57 CEST]:

| X-Mailer: Microsoft Outlook 16.0

The posted link...

Interesting People — David Farber moderates this list for discussion involving internet governance, infrastructure, and any other topics he finds fascinating

Locales en venta Palermo con o sin renta HORACIO BIELLI PROPIEDADES (Nov 01)

 

Local 1 con Renta, mas informacion haciendo cliek aqui

 

Local 2 sin Renta, mas informacion haciendo click aqui

 

Saludos cordiales

Paola A. Carminatti

11 4195-4292

pcarminatti () bielli com ar

HORACIO BIELLI PROPIEDADES

Martillero Publico

Corredor Inmobiliario

 

 

hace click aquí para reenviar este email a un amigo

 

*Enviamos tu Campaña a Nuestras Bases*

podes...

Mira Aqui Los Mejores Deptos La Capitana (Oct 29)

La Capitana Real Estate de Marisa G. Snatman

Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA

3 De Febrero 820 2°D (CABA 1426),  Ruta Nacional N 8 KM.52 (Pilar)

 

 

 

 

Si este Correo Electronico le ha llegado y no fue solicitado por usted,

le pedimos disculpas, el mismo posee una opcion para removerse

Para remover su dirección de esta lista...

Cañitas / Polo, Barrio Norte, Parque Centenario, Nuñez, etc. La Capitana (Oct 28)

La Capitana Real Estate de Marisa G. Snatman,

Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA,

3 De Febrero 820 2°D (CABA 1426),  Ruta Nacional N 8 KM.52 (Pilar)

 

 

 

 

Si este Correo Electronico le ha llegado y no fue solicitado por usted,

le pedimos disculpas, el mismo posee una opcion para removerse

Para remover su dirección...

Los Mejores Deptos, Miralos Aqui La Capitana (Oct 27)

La Capitana Real Estate de Marisa G. Snatman

Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA

3 De Febrero 820 2°D (CABA 1426),  Ruta Nacional N 8 KM.52 (Pilar)

 

 

Si este Correo Electronico le ha llegado y no fue solicitado por usted,

le pedimos disculpas, el mismo posee una opcion para removerse

Para remover su dirección de esta lista haga <a
href="...

Deptos con Pronta Entrega algunos con BALCON TERRAZA La Capitana (Oct 26)

Villa Devoto, Av San Martin: 1, 2 y 3 ambientes, entrega verano 2021/22, + info haciendo click en las fotos

Saavedra, 3 amb BALCON ATERRAZADO con PARRILLA y GRAN TERRAZA PROPIA, + info haciendo click en las fotos

Palermo Hollywood, Niceto Vega, 1, 2 y 3 amb, con BALCON TERRAZA Piso Alto, entrega Octubre 2021, + info
haciendo click en las fotos

Nuñez, Crisologo Larralde, 1 y 2...

Casas en Alquiler de Verano La Capitana Real Estate (Oct 25)

Casas en Alquiler de Verano

https://www.lacapitana.com.ar/p/1282547-Casa-en-Alquiler-temporario-en-Santa-Maria-De-Tigre---------Sta-Maria-de-Tigre--Enero/Febrero

 

https://www.lacapitana.com.ar/p/2228906-Casa-en-Alquiler-temporario-en-Santa-Maria-De-Tigre-Sta-maria-de-Tigre

 

https://www.lacapitana.com.ar/p/2173156-Casa-en-Alquiler-temporario-en-Altamira---------Altamira-Enero-

 ...

Highland Park Country Club, Casas y Lotes La Capitana Real Estate (Oct 23)

La Capitana Real Estate de Marisa G. Snatman
Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA
3 De Febrero 820 2°D (CABA 1426),  Ruta Nacional N 8 KM.52 (Pilar)

 

 

 

Si este Correo Electronico le ha llegado y no fue solicitado por usted,

le pedimos disculpas, el mismo posee una opcion para removerse

Para remover su dirección de esta lista haga...

Los Mejores Departamentos para Vos La Capitana (Oct 21)

Villa Crespo, 2 amb, Piso Alto, Amplio Balcon, Muy Luminoso, Vista Abierta + info haciendo click aqui

   

Gran Vista Abierta Almagro, 2 amb, TORRE FULL AMENITTES, + info haciendo click aqui

   

Almagro 1, 2 y 3 ambientes a Estrenar + info click aqui

    

Parque Centenario 1 y 2 ambientes a Estrenar + info...

Proyectos, Pre-Ventas, Emprendimientos en Pozo La Capitana (Oct 19)

Saavedra 3 y 4 ambientes, FULL AMENITIES, entrega Febrero 2022

Parque Donado, 4 ambientes, Amenities, + info hace click aqui

   

Amenities: Conserjeria, Storage Room Bicicletero Piscina, Co-working, SUM/Salon Parrillero Gym Living-Terrace Laundry

Almagro 1- 2 y 3 ambientes, amenities, entrega 2023

Nuñez, Conesa, 3 ambientes, Piso 7 con BALCON TERRAZA y PARRILLA PROPIA, + info hace click aqui...

Casas en Ayres del Pilar, Lagartos CC, Belgrano, etc La Capitana (Oct 15)

🍀 + Verde + Libre + Aire + Espacio ☀️

La Capitana Real Estate de Marisa G. Snatman

Martillera y Corredora Publica, matriculas n° 5633 CSI /3921 CUCICBA

3 De Febrero 820 2°D (CABA 1426),  Ruta Nacional N 8 KM.52 (Pilar)

 

 

 

hace click aquí para reenviar este email a un amigo

 

Si este Correo Electronico le ha llegado y no fue solicitado por usted,

le...

INVERSIÓN EN PUNTA DEL ESTE Green Park, Solanas (Oct 15)
Invertí en un lugar que nunca te va a dejar de sorprender

 

*Enviamos tu Campaña a Nuestras Bases*

podes ver nuestros Trabajos y Bases aqui

 

 

Si este Correo Electronico le ha llegado y no fue solicitado por usted,

le pedimos disculpas, el mismo posee una opcion para removerse

Para remover su dirección de esta lista haga <a
href="...

TERRENOS en CABA, PILAR, TIGRE, CORREDOR ZONA NORTE, ETC La Capitana (Oct 14)

Belgrano a una cuadra de Av. Cabildo, demolido, USAA, para 1650m2 vendibles

PREMIUM AAA *Belgrano R*, Av. Melian entre Mendoza y Juramento, *LINDO FRENTE* de 13,70x23,58, lote de 323m2,
por enrase, sup vendible  cubiertos 1.652m2 + 433,92m2 terrazas/balcones, total 2.096m2 vendibles, *se podria
negociar 40% m2 terminados en deptos chicos*

Belgrano, Manuel Ugarte entre Av. Cramer y Conesa, USAA,...

Paquetiza tus servicios en Movistar y obtene beneficios Marcelo Perez (Oct 13)

 

¡NOVEDADES!

PRIMEROS 3 MESES 10 GIGAS ADICIONALES POR LÍNEA (TEST DRIVE)

PASA GIGAS A OTRAS LÍNEAS (APLICA DEL ABONO 5GB EN ADELANTE)

GUARDA POR 30 DÍAS LOS GIGAS QUE NO USASTE EL MES ANTERIOR EN TU PLAN.

 

- Todos tienen 10000 minutos libres para hablar a otras compañías
- Todos tienen 10000 minutos para hablar a otros movistar y fijos de telefónica
- Todos tienen mensajes de texto de texto ilimitados...

Cambio de Cheques Personales x Efectivo en el Acto Financialcheq (Oct 12)

Consulta mas rapido por whatsapp aqui 11-5949-6944

Descuento de Cheques.
A titulares de Cuenta Corrientes

Aprobación Telefónica Inmediata

Reciba el dinero en el día en su Domicilio

Absoluta Confidencialidad

Conozca las características de nuestra propuesta a:...

No construyas sin antes comprar este libro!!!! Selvas Natatorios (Oct 11)

No construyas sin antes comprar este libro!!!!

 

*Enviamos tu Campaña a Nuestras Bases* 

podes ver nuestros Trabajos y BASES haciendo click aqui

 

 

Si este Correo Electronico le ha llegado y no fue solicitado por usted,

le pedimos disculpas, el mismo posee una opcion para removerse

Para remover su dirección de esta lista haga <a
href="...

The RISKS Forum — Peter G. Neumann moderates this regular digest of current events which demonstrate risks to the public in computers and related systems. Security risks are often discussed.

Risks Digest 32.91 RISKS List Owner (Oct 30)
RISKS-LIST: Risks-Forum Digest Saturday 30 October 2021 Volume 32 : Issue 91

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.91>
The current issue can also be found at
<...

Risks Digest 32.90 RISKS List Owner (Oct 17)
RISKS-LIST: Risks-Forum Digest Sunday 17 October 2021 Volume 32 : Issue 90

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.90>
The current issue can also be found at
<...

Risks Digest 32.89 RISKS List Owner (Oct 03)
RISKS-LIST: Risks-Forum Digest Sunday 3 October 2021 Volume 32 : Issue 89

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.89>
The current issue can also be found at
<...

Risks Digest 32.88 RISKS List Owner (Sep 18)
RISKS-LIST: Risks-Forum Digest Saturday 18 September 2021 Volume 32 : Issue 88

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.88>
The current issue can also be found at
<...

Risks Digest 32.87 RISKS List Owner (Sep 11)
RISKS-LIST: Risks-Forum Digest Saturday 11 September 2021 Volume 32 : Issue 87

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.87>
The current issue can also be found at
<...

Risks Digest 32.86 RISKS List Owner (Sep 05)
RISKS-LIST: Risks-Forum Digest Sunday 5 September 2021 Volume 32 : Issue 86

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.86>
The current issue can also be found at
<...

Risks Digest 32.85 RISKS List Owner (Sep 01)
RISKS-LIST: Risks-Forum Digest Wednesday 1 September 2021 Volume 32 : Issue 85

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.85>
The current issue can also be found at
<...

Risks Digest 32.84 RISKS List Owner (Aug 26)
RISKS-LIST: Risks-Forum Digest Thursday 26 August 2021 Volume 32 : Issue 84

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.84>
The current issue can also be found at
<...

Risks Digest 32.83 RISKS List Owner (Aug 19)
RISKS-LIST: Risks-Forum Digest Thursday 19 August 2021 Volume 32 : Issue 83

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.83>
The current issue can also be found at
<...

Risks Digest 32.82 RISKS List Owner (Aug 13)
RISKS-LIST: Risks-Forum Digest Friday 13 August 2021 Volume 32 : Issue 82

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.82>
The current issue can also be found at
<...

Risks Digest 32.81 RISKS List Owner (Aug 07)
RISKS-LIST: Risks-Forum Digest Saturday 7 August 2021 Volume 32 : Issue 81

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.81>
The current issue can also be found at
<...

Risks Digest 32.80 RISKS List Owner (Aug 05)
RISKS-LIST: Risks-Forum Digest Thursday 5 August 2021 Volume 32 : Issue 80

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.80>
The current issue can also be found at
<...

Risks Digest 32.79 RISKS List Owner (Aug 02)
RISKS-LIST: Risks-Forum Digest Monday 2 August 2021 Volume 32 : Issue 79

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.79>
The current issue can also be found at
<...

Risks Digest 32.78 RISKS List Owner (Jul 27)
RISKS-LIST: Risks-Forum Digest Tuesday 27 July 2021 Volume 32 : Issue 78

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.78>
The current issue can also be found at
<...

Risks Digest 32.77 RISKS List Owner (Jul 22)
RISKS-LIST: Risks-Forum Digest Thursday 22 July 2021 Volume 32 : Issue 77

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.77>
The current issue can also be found at
<...

BreachExchange — BreachExchange focuses on all things data breach. Topics include actual data breaches, cyber insurance, risk management, metrics and more. This archive includes its predecessor, the Data Loss news and discussion lists.

Open Source Tool Development

Wireshark — Discussion of the free and open source Wireshark network sniffer. No other sniffer (commercial or otherwise) comes close. This archive combines the Wireshark announcement, users, and developers mailing lists.

Re: Wiki editor permission request Gerald Combs (Oct 31)
Done.

Wiki editor permission request manabu hirose (Oct 31)
Hi,I would like permission to edit the Wireshark wiki. My GitLab
username is @manabapp.

Re: How to generate epan/dissectors/packet-skinny.c? Jirka Novak (Oct 30)
Hi ALexis,

Thank you for test. So it looks that issue is in python2 vs. python3.

For my fedora python2 is available only in python 2.7 version which is
not supported anymore so I can't build it.
I will check whether I can update the script to run on python 3...

Best regards,

Jirka

Re: How to generate epan/dissectors/packet-skinny.c? Alexis La Goutte (Oct 30)
Hi Jirka,

from packet-skinny.c.in
# Dependencies:
# - python2.x
# - cog.py: (pip install cogapp / http://nedbatchelder.com/code/cog/)
# - python.xml
# - python.xml.sax
#

Tested on Ubuntu 18.04 (TLS) (with python2) and work for me..

How to generate epan/dissectors/packet-skinny.c? Jirka Novak (Oct 30)
Hi,

based on notice of Jörg Mayer (thank you), I tried to generate
epan/dissectors/packet-skinny.c from epan/dissectors/packet-skinny.c.in.
The command line should be:

cog.py -D xmlfile=tools/SkinnyProtocolOptimized.xml -d -c -o
epan/dissectors/packet-skinny.c epan/dissectors/packet-skinny.c.in

but it fails with error:

Traceback (most recent call last):
File "epan/dissectors/packet-skinny.c.in", line 109, in <module>...

Re: Gitlab missing feature compared to Github Jaap Keuter (Oct 30)
Hi,

What about just entering the commit in the GitLab search box? There you get the commit, parent commit, the merge
request, the pipeline, etc. all just one click away.
Basically the same thing.

Thanks,
Jaap

Re: Gitlab missing feature compared to Github Ivan Nardi (Oct 30)
+1. I really miss this feature (of Gerrit)! Incredibly useful

Ivan

Gitlab missing feature compared to Github Joerg Mayer (Oct 30)
Hello,

there is one very valuable feature of github that was lost in the transition to giblab:
The commit message does no longer reference the merge request, making it way harder to
look at the discussion leading to a merge.
Can this feature please be readded?

Thanks!
Jörg

Re: make rpm-package does not build custom dissectors ... Richard Sharpe (Oct 29)
OK, a moment's peripatetic thought informed me of the problem.

Since I am not adding the files I generated to git and the packaging
process is using git to extract the files for building, they didn't
make it into the build.

Re: Issue with the NR-RRC Di-sector Jaap Keuter (Oct 29)
Hi,

This all points to things related to the actual traffic in the capture. As Pascal says, without a capture file itself
this is virtually impossible to address.
For the first issue you could file a complete filled out report at https://gitlab.com/wireshark/wireshark/-/issues
<https://gitlab.com/wireshark/wireshark/-/issues>

Regards,
Jaap

make rpm-package does not build custom dissectors ... Richard Sharpe (Oct 29)
Hi folks,

In one project I have a bunch of custom dissectors in a 3.5.0 build.

They are all defined in epan/dissectors/CMakeListsCustom.txt.

When I run cmake it tells me it found the custom stuff.

Then when I run make it builds them (it logs each custom dissector being build.)

However, when I run make rpm-package the custom dissectors are not
built and there are not .o files in the build directory for the custom
dissectors.

Where should I...

Re: pipeline failed Gerald Combs (Oct 28)
The file that doesn't exist is GitLab CI's job cache[1]. The job cache lets you share files between builds, and many of
our jobs use it to store ccache data. I'm not sure why it prints a red "FATAL" message; it's not fatal. Other than
disabling the cache it's not something we have direct control over.

The relevant errors are near the bottom on line 62 and 63:

----
License 'UNKNOWN' for...

pipeline failed Zoran Bošnjak (Oct 28)
Hello wireshark developers,
please advice how do I reproduce the pipeline build failure in local environment.

In particular, this one:
https://gitlab.com/zoranbosnjak/wireshark/-/pipelines/397393242

The following problems are reported on merge request:

1. Checking cache for Code Checks + Clang Warnings-master...
FATAL: file does not exist
I have no idea, which file does not exist.

2. GCC warnings
Based on error output, I have found some...

Re: Issue with the NR-RRC Di-sector Pascal Quantin (Oct 28)
Hi,

Le jeu. 28 oct. 2021 à 17:45, Chilla Sunil Kumar-Trainee <
cskumar () parallelwireless com> a écrit :

your SIB1 message is not properly encoded of a bug in Wireshark.

(potentially patented) code to perform deciphering (that would be UE
specific also due to the different ciphering key).

Issue with the NR-RRC Di-sector Chilla Sunil Kumar-Trainee (Oct 28)
Hi,
I had an issue with RRC messages.

1. In F1Setup Request message , it is not Showing the complete message information. SIB1 Information is missing and
showing that [Expert Info (Warning/Undecoded): something unknown here [too long
integer(per_normally_small_nonnegative_whole_number)]]
[something unknown here [too long integer(per_normally_small_nonnegative_whole_number)]]
[Severity level: Warning]
[Group: Undecoded]. Please find this in...

Snort — Everyone's favorite open source IDS, Snort. This archive combines the snort-announce, snort-devel, snort-users, and snort-sigs lists.

Snort Subscriber Rules Update 2021-10-28 Research (Oct 28)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos has added and modified multiple rules in the file-multimedia,
indicator-scan, malware-cnc, malware-other, server-apache and
server-webapp rule sets to provide coverage for emerging threats from
these technologies.

For a complete list of new and modified rules please see:

https://www.snort.org/advisories

Snort Subscriber Rules Update 2021-10-26 Research (Oct 26)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos has added and modified multiple rules in the malware-cnc,
pua-adware and server-webapp rule sets to provide coverage for emerging
threats from these technologies.

For a complete list of new and modified rules please see:

https://www.snort.org/advisories

Re: [Snort-users] If i put my snort 3 server on a dmz i will bring the back of my screen since the server i speak ? Dorian ROSSE via Snort-devel (Oct 21)
This is a try and an ask,

I hope don't need spend money for replace a new server!

Regards.

Dorian Rosse.
________________________________
From: Joel Esler (jesler) <jesler () cisco com>
Sent: Tuesday, October 19, 2021 7:09:31 PM
To: Dorian ROSSE <dorianbrice () hotmail fr>
Cc: Jeremy Hines <Jeremy () priceapples com>; snort-users () lists snort org <snort-users () lists snort org>;
snort-devel () lists snort org...

Re: [Snort-users] If i put my snort 3 server on a dmz i will bring the back of my screen since the server i speak ? Dorian ROSSE via Snort-devel (Oct 21)
Yes,

And the support is bad you have ever answer finaly you don't understand how to help,

Regards.

Dorian Rosse.
________________________________
From: Joel Esler (jesler) <jesler () cisco com>
Sent: Tuesday, October 19, 2021 6:27:42 PM
To: Dorian ROSSE <dorianbrice () hotmail fr>
Cc: Jeremy Hines <Jeremy () priceapples com>; snort-users () lists snort org <snort-users () lists snort org>;
snort-devel () lists...

Re: [Snort-users] If i put my snort 3 server on a dmz i will bring the back of my screen since the server i speak ? Dorian ROSSE via Snort-devel (Oct 21)
I use Word-Référence !

The server at power on it power on the screen this is after some time where it shutdown the screen (this is a IBM
laptop),

The problem is here i can't update the server or use it !

Regards.

Dorian Rosse.
________________________________
From: Jeremy Hines <Jeremy () priceapples com>
Sent: Monday, October 18, 2021 5:31:03 PM
To: Dorian ROSSE <dorianbrice () hotmail fr>
Subject: RE: [Snort-users] If i...

Snort Subscriber Rules Update 2021-10-21 Research (Oct 21)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos has added and modified multiple rules in the
indicator-compromise, indicator-obfuscation, malware-other and
server-webapp rule sets to provide coverage for emerging threats from
these technologies.

For a complete list of new and modified rules please see:

https://www.snort.org/advisories

Re: Snort3 (3.1.8.0): file_log does not log all file events for captured files Russ Combs (rucombs) via Snort-devel (Oct 21)
Yes, that should go to snort-users. Include where you added that debug print and the shutdown stats. A wild guess is
that you really only have two files.
________________________________
From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of Meridoff via Snort-devel <snort-devel () lists
snort org>
Sent: Tuesday, October 19, 2021 3:30 PM
To: snort-devel () lists snort org <snort-devel () lists snort org>...

Snort3 (3.1.8.0): file_log does not log all file events for captured files Meridoff via Snort-devel (Oct 19)
Hello, maybe this message should be sent to snort-users? I don't know.

I have a running snort with an inspector file set to capturing files and
logging all events.
But in fille.log there are only a few events (not all).

*1.Here is my config *part concerning file inspector:

file_id = { file_rules = file_magic , capture_dir =
"/var/log/snort/captured" }
file_id.capture_block_size = 65536
file_id.capture_max_size = 10048576...

Re: snort3 how to Save the attack packet Katura Harvey (katharve) via Snort-devel (Oct 19)
Take a look at the logger modules. If you're looking to dump the packet along with the alert, you should be able to use
alert_fast with the packet option set to true.

Thanks,
Katura

From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of 文浩 via Snort-devel <snort-devel () lists snort
org>
Reply-To: 文浩 <15135147016 () 163 com>
Date: Tuesday, October 19, 2021 at 4:42 AM
To: "snort-devel ()...

Re: [Snort-users] If i put my snort 3 server on a dmz i will bring the back of my screen since the server i speak ? Joel Esler (jesler) via Snort-devel (Oct 19)
Have you figured out how Snort causing the server to not have a shell?

Yes,

And the support is bad you have ever answer finaly you don't understand how to help,

Regards.

Dorian Rosse.
________________________________
From: Joel Esler (jesler) <jesler () cisco com<mailto:jesler () cisco com>>
Sent: Tuesday, October 19, 2021 6:27:42 PM
To: Dorian ROSSE <dorianbrice () hotmail fr<mailto:dorianbrice () hotmail fr>>...

Re: [Snort-users] If i put my snort 3 server on a dmz i will bring the back of my screen since the server i speak ? Joel Esler (jesler) via Snort-sigs (Oct 19)
Is Snort involved in this shutdown?

I use Word-Référence !

The server at power on it power on the screen this is after some time where it shutdown the screen (this is a IBM
laptop),

The problem is here i can't update the server or use it !

Regards.

Dorian Rosse.
________________________________
From: Jeremy Hines <Jeremy () priceapples com<mailto:Jeremy () priceapples com>>
Sent: Monday, October 18, 2021 5:31:03 PM
To:...

Snort Subscriber Rules Update 2021-10-19 Research (Oct 19)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos has added and modified multiple rules in the file-office,
file-pdf, malware-cnc and server-webapp rule sets to provide coverage
for emerging threats from these technologies.

For a complete list of new and modified rules please see:

https://www.snort.org/advisories

snort3 how to Save the attack packet 文浩 via Snort-devel (Oct 19)
ips , How to Retain attack evidence packets after an alert generated_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

Re: [Snort-users] If i put my snort 3 server on a dmz i will bring the back of my screen since the server i speak ? Jeremy Hines (Oct 18)
Sounds like you'd be better served having a local technician that speaks your native language and that is familiar with
your firewall technology to help you.

Jeremy Hines

IT Manager

Price Cold Storage & Packing Co., LLC

509-972-5244

jeremy () priceapples com

370 Breaum Road

Yakima, WA 98908

Sent from my Verizon, Samsung
Galaxy smartphone
Get Outlook for Android<https://aka.ms/AAb9ysg>
________________________________
From:...

RPM Digest Jason Smith via Snort-devel (Oct 18)
Attempting to install snort-2.9.18.1-1.centos8.x86_64-1.rpm on centos8
yields the error "DIGESTS NOT OK"
Running "rpm --checksig -v" on the rpm yields
"Header SHA1 digest: OK
Payload SHA256 digest: NOTFOUND
MD5 digest: NOTFOUND"
Could the additional digests be included in the rpm build process?
These checks possibly only apply when FIPS mode is enabled.

Thanks
Jason

More Lists

Related Resources

We're always looking for great network security related lists to archive. To suggest one, mail Fyodor.