FWIIW
http://xkcd.com/1354/
--
Requiescas in pace o email Two identifying characteristics
of System Administrators:
Ex turpi causa non oritur actio Infallibility, and the ability to
learn from their
Don't think for one second that using malloc directly would have
saved OpenSSL here. By default malloc does not zero freed memory
it returns. It is a feature that needs to be enabled. If OpenSSL
wanted to zero memory it was returning could have done that itself.
The only difference is that
I'd be interested in the other 0 days they have..;)
Sent from my T-Mobile 4G LTE Device
Original message
From: Frank Bulk frnk...@iname.com
Date: 04/11/2014 11:24 PM (GMT-07:00)
To: valdis.kletni...@vt.edu,Matt Palmer mpal...@hezmatt.org
Cc: nanog@nanog.org
Subject: RE:
But it doesn't really matter if you zero out freed memory. Maybe it'll
prevent you from gaining some stale session info and the like. But even if
that were the case, this would still be a serious bug - you're not going to
reread your private key before encrypting each bit of data after all -
Hi Folks,
It occurs to me that Yahoo's deployment of DMARC p=reject, and the
choice of several big mail operators to honor that, has created a
situation not unlike a really routing table or nameserver, snafu ---
someone's published information that's caused lots of things to break.
At an
On 04/11/2014 10:45 PM, Jimmy Hess wrote:
The vulnerability is related to re-used memory pages within the same process.
It also does not help that OpenSSL has its own wrapper around malloc()
And instead of using the standard system libraries for memory
allocation, apparently uses a high-risk
On Sat, Apr 12, 2014 at 10:12 AM, Miles Fidelman
mfidel...@meetinghouse.net wrote:
What kind of responses are available? In the broader scope of things, what
kinds of responses are typical if someone publishes corrupted information
and then doesn't cooperate in fixing the situation - be that
On Sat, 12 Apr 2014 10:12:09 -0400, Miles Fidelman said:
It occurs to me that Yahoo's deployment of DMARC p=reject, and the
choice of several big mail operators to honor that, has created a
situation not unlike a really routing table or nameserver, snafu ---
It's more like a peering war.
On Sat, Apr 12, 2014 at 9:17 AM, Michael Thomas m...@mtcc.com wrote:
Malloc doesn't write over to-be allocated memory, calloc does. Using a
Zero'ing newly allocated memory is not the desired behavior. The
desired behavior is that a segmentation fault occurs, when an
application breaks the
William Herrin wrote:
On Sat, Apr 12, 2014 at 10:12 AM, Miles Fidelman
mfidel...@meetinghouse.net wrote:
What kind of responses are available? In the broader scope of things, what
kinds of responses are typical if someone publishes corrupted information
and then doesn't cooperate in fixing the
valdis.kletni...@vt.edu wrote:
On Sat, 12 Apr 2014 10:12:09 -0400, Miles Fidelman said:
It occurs to me that Yahoo's deployment of DMARC p=reject, and the
choice of several big mail operators to honor that, has created a
situation not unlike a really routing table or nameserver, snafu ---
Sounds like:
https://isc.sans.edu/forums/diary/Linksys+Worm+TheMoon+Summary+What+we+know+so+far/17633
g
On Sat, 12 Apr 2014 00:32:55 -0400
Joly MacFie j...@punkcast.com wrote:
Any comments?
-- Forwarded message --
From: Dave Farber d...@farber.net
Date: Fri, Apr 11, 2014
On 04/12/2014 10:10 AM, Jimmy Hess wrote:
On Sat, Apr 12, 2014 at 9:17 AM, Michael Thomas m...@mtcc.com wrote:
Malloc doesn't write over to-be allocated memory, calloc does. Using a
Zero'ing newly allocated memory is not the desired behavior. The
desired behavior is that a segmentation fault
Suppose you have an existing server closet. You want to split it so that
two different organizations can have access to it. Separate doors and a
divider in the middle. Does anyone make kit for this for hosting centers?
Thanks,
Hank
Please don't reply to a message on the list and change the subject line.
Doing so causes your new topic to show under the previous one for
those using mail readers that thread properly, and may cause your
message to be missed altogether if someone has blocked that thread.
Instead, save the
On Sat, Apr 12, 2014 at 1:12 PM, Miles Fidelman
mfidel...@meetinghouse.net wrote:
valdis.kletni...@vt.edu wrote:
On Sat, 12 Apr 2014 10:12:09 -0400, Miles Fidelman said:
It occurs to me that Yahoo's deployment of DMARC p=reject, and the
choice of several big mail operators to honor that, has
On 4/12/2014 2:38 PM, Jim Popovitch wrote:
On Sat, Apr 12, 2014 at 1:12 PM, Miles Fidelman
mfidel...@meetinghouse.net wrote:
someone needs to get a legal opinion wrt
the DMARC group's effort to have all mailinglists change their From:
address.
The DMARC group (presumably referring to the
On 04/11/2014 07:16 AM, Glen Kent wrote:
VPN, on the other hand, is a totally different world of pain for this
issue.
What about VPNs?
SSL VPN's could possibly be vulnerable.
On Sat, Apr 12, 2014 at 5:56 PM, Dave Crocker d...@dcrocker.net wrote:
On 4/12/2014 2:38 PM, Jim Popovitch wrote:
On Sat, Apr 12, 2014 at 1:12 PM, Miles Fidelman
mfidel...@meetinghouse.net wrote:
someone needs to get a legal opinion wrt
the DMARC group's effort to have all mailinglists
Dave Crocker wrote:
On 4/12/2014 2:38 PM, Jim Popovitch wrote:
On Sat, Apr 12, 2014 at 1:12 PM, Miles Fidelman
mfidel...@meetinghouse.net wrote:
someone needs to get a legal opinion wrt
the DMARC group's effort to have all mailinglists change their From:
address.
The DMARC group
Divided into vertical sections, it requires a new set of hinges and doors and
lock slots front and rear, as well as solid shelves between the sections.
Think about it for a moment, or go visit your nearest colocation center and ask
to see a 1/2 or 1/3 rack. I actually have a 1/3 rack at one
Didn't Cisco already release a bunch of updates related to Anyconnect and
heartbleed?
Cheers,
Harry
On Apr 12, 2014, at 6:03 PM, Lamar Owen lo...@pari.edu wrote:
On 04/11/2014 07:16 AM, Glen Kent wrote:
VPN, on the other hand, is a totally different world of pain for this
issue.
What
On Sat, Apr 12, 2014 at 9:12 AM, Miles Fidelman
mfidel...@meetinghouse.net wrote:
- Yahoo (operationally) and the DMARC authors are intentionally
un-responsive (as are hotmail, comcast, a few others; gmail, I note is not
bouncing mail)
How do we respond as operators, beyond late-night, ad-hoc
On 4/12/2014 8:55 PM, Harry Hoffman wrote:
Didn't Cisco already release a bunch of updates related to Anyconnect and
heartbleed?
There were AnyConnect for iOS (little i, not big I) issues with
heartbleed, but everything else has been mostly phone and UCS related.
IOS XE is affected if you have
massive porn spam is making it through spamassassin. new filter oops?
randy, still researching
Hi,
g
I suspect I've been hit by the same run, looks like the RIPE database has been
harvested since I got at least one copy on an e-mail address that I've only
used for the RIPE db. I also saw a lot of peering@ and noc@ addresses in
from/to/cc fields. So far I've received about a hundred
Question:
Years ago Yahoo! bought major mailing list provider egroups formerly
onelist, eventually absorbing it into yahoo clubs and making something
called yahoogroups.
Does this break yahoogroups too? How are THEY handling it?
--
We are not using spamasassin and only major RBLs in place and seeing the same
wave of spam. Seems like a new botnot has just appeared.
-- Babak
--
Babak Farrokhi
On Apr 13, 2014, at 8:09 AM, Randy Bush ra...@psg.com wrote:
massive porn spam is making it through spamassassin. new filter
28 matches
Mail list logo