Re: Internet packages from Cell Providers
Sammy, Orange plan is ONLY for some data SIM only, which means they require a SIM that will ONLY be used for data communication. You want to use it for talking too? pay much more for calls. Cellcom's plan is pricier (129NIS), but you can use your iPhone in that plan. You also get a USB modem in that plan (for "free" if you join the plan) so you can stick it to your laptop/desktop and surf. Hetz On Fri, May 16, 2008 at 3:45 PM, sammy ominsky <[EMAIL PROTECTED]> wrote: > Just as a follow-up to Hetz's announcement of new internet packages from > cell providers, I'll share my experience. > > I went to Orange yesterday and asked them to switch me from my 200MB package > to the 5GB one mentioned. The rep told me it was a smart move because it's > the same price! 80 shekels. > > But then he went into the computer to switch me, and a warning popped up > that he's not allowed to do it. He asked the manager, who said it appears > that even though it's advertised, the package is not yet allowed to be added > to any plans. he said I should call the Orange Data Services number and > they could add it when it's available. > > So I called them when I got home, and they said it's only for a modem, not > for a phone. I explained that I have an iPhone and that I can easily use > the same data plan as a laptop. She said that would be fine, and went to > switch me, but then apologized and said she couldn't. It can only go for a > modem, she said. I told her how ridiculous I thought that was, and asked > "what if I use my phone as a modem to connect my laptop to the internet?" > She agreed with me, but was powerless to change it. > > So no 5GB plan for me. If anyone else has more luck, let me know! > > Shabbat shalom, > > --sambo > > = > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > > -- Skepticism is the lazy person's default position. my blog (hebrew): http://benhamo.org = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Google repositories
Hi guys, I found it really useful using ubuntu packages that google offers the availability to get ubuntu packages for google applications, so if you need deb or rpm packages go to http://www.google.com/linuxrepositories/index.html Regards. -- Cyril SCETBON = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Internet packages from Cell Providers
Just as a follow-up to Hetz's announcement of new internet packages from cell providers, I'll share my experience. I went to Orange yesterday and asked them to switch me from my 200MB package to the 5GB one mentioned. The rep told me it was a smart move because it's the same price! 80 shekels. But then he went into the computer to switch me, and a warning popped up that he's not allowed to do it. He asked the manager, who said it appears that even though it's advertised, the package is not yet allowed to be added to any plans. he said I should call the Orange Data Services number and they could add it when it's available. So I called them when I got home, and they said it's only for a modem, not for a phone. I explained that I have an iPhone and that I can easily use the same data plan as a laptop. She said that would be fine, and went to switch me, but then apologized and said she couldn't. It can only go for a modem, she said. I told her how ridiculous I thought that was, and asked "what if I use my phone as a modem to connect my laptop to the internet?" She agreed with me, but was powerless to change it. So no 5GB plan for me. If anyone else has more luck, let me know! Shabbat shalom, --sambo = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: SSH vulnerable key package?
The new ssl and ssh packages don't work if they are given known vulnerable During upgrade/update they upgrade/replace bad keys Thanks, Noam Rathaus Beyond Security -Original Message- From: "Geoffrey S. Mendelson" <[EMAIL PROTECTED]> Date: Fri, 16 May 2008 11:42:53 To:Israel Linux Mailing list Subject: SSH vulnerable key package? Is there a package of some sort that checks your keys to see if they are vulnerable? Since the list of vulnerable keys is known, it should not be too difficult to write a program which scans your authorized keys file(s) looking for them. Hopefully someone has already and made it available. I'm not looking for something that tries to ssh to a user using the keys, I want an authorized key scanner I can run on my computer. Thanks, Geoff. -- Geoffrey S. Mendelson, Jerusalem, Israel [EMAIL PROTECTED] N3OWJ/4X1GM = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: PGP/GPG keys impact?
Omer Zak wrote: On Fri, 2008-05-16 at 11:09 +0300, Shachar Shemesh wrote: I'll try to give context to Amos's message, as I think it is important. If you are running an ssh server on a machine which is not Debian, and was never affected by the openssl key generation bug, you may be under the impression that there is no need to do anything. This is not exactly the case. One more piece of context which I feel to be necessary: Does the vulnerability affect also PGP/GPG keys generated during the last two years? If yes, how to invalidate those keys when they are already at large? --- Omer The advisory (http://www.debian.org/security/2008/dsa-1571) claims that GnuPG was not affected. Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: SSH vulnerable key package?
Geoffrey S. Mendelson wrote: Is there a package of some sort that checks your keys to see if they are vulnerable? Since the list of vulnerable keys is known, it should not be too difficult to write a program which scans your authorized keys file(s) looking for them. Hopefully someone has already and made it available. I'm not looking for something that tries to ssh to a user using the keys, I want an authorized key scanner I can run on my computer. see http://ubuntu-tutorials.com/2008/05/13/openssh-openssh-vulnerabilities-confirm-fix-instructions/ you can get the perl script http://security.debian.org/project/extra/dowkd/dowkd.pl.gz and run it on your host with perl dowkd.pl user your_user regards Thanks, Geoff. -- Cyril SCETBON = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: SSH vulnerable key package?
"Debian and Ubuntu's openssh package includes a check on the SSH host key and also includes a tool to check user keys. Where possible, run ssh-vulnkey -a as root to check all users' keys and authorized_keys for the vulnerable ones" Source: http://www.sungate.co.uk/?p=314 Alex On Fri, May 16, 2008 at 11:42 AM, Geoffrey S. Mendelson <[EMAIL PROTECTED]> wrote: > Is there a package of some sort that checks your keys to see if they > are vulnerable? > > Since the list of vulnerable keys is known, it should not be too difficult > to write a program which scans your authorized keys file(s) looking for > them. > > Hopefully someone has already and made it available. > > I'm not looking for something that tries to ssh to a user using the > keys, I want an authorized key scanner I can run on my computer. > > Thanks, > > Geoff. > -- > Geoffrey S. Mendelson, Jerusalem, Israel [EMAIL PROTECTED] N3OWJ/4X1GM > > = > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > > -- | | Alex Alexander | http://linuxized.blogspot.com | http://www.nerd.gr \
PGP/GPG keys impact? (was: Re: Fwd: Debian SSH vulnerability: act now!)
On Fri, 2008-05-16 at 11:09 +0300, Shachar Shemesh wrote: > I'll try to give context to Amos's message, as I think it is important. > > If you are running an ssh server on a machine which is not Debian, and > was never affected by the openssl key generation bug, you may be under > the impression that there is no need to do anything. This is not exactly > the case. One more piece of context which I feel to be necessary: Does the vulnerability affect also PGP/GPG keys generated during the last two years? If yes, how to invalidate those keys when they are already at large? --- Omer -- "Kosher" Cellphones (cellphones with blocked SMS, video and Internet) are menace to the deaf. They must be outlawed! (See also: http://www.zak.co.il/tddpirate/2006/04/21/the-grave-danger-to-the-deaf-from-kosher-cellphones/) My own blog is at http://www.zak.co.il/tddpirate/ My opinions, as expressed in this E-mail message, are mine alone. They do not represent the official policy of any organization with which I may be affiliated in any way. WARNING TO SPAMMERS: at http://www.zak.co.il/spamwarning.html = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
SSH vulnerable key package?
Is there a package of some sort that checks your keys to see if they are vulnerable? Since the list of vulnerable keys is known, it should not be too difficult to write a program which scans your authorized keys file(s) looking for them. Hopefully someone has already and made it available. I'm not looking for something that tries to ssh to a user using the keys, I want an authorized key scanner I can run on my computer. Thanks, Geoff. -- Geoffrey S. Mendelson, Jerusalem, Israel [EMAIL PROTECTED] N3OWJ/4X1GM = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Fwd: Debian SSH vulnerability: act now!
I'll try to give context to Amos's message, as I think it is important. If you are running an ssh server on a machine which is not Debian, and was never affected by the openssl key generation bug, you may be under the impression that there is no need to do anything. This is not exactly the case. It is possible that some of your users were running affected machines when they generated their keys, and they placed these keys into their "authorized_keys" file on your server. This means that an attacker has a bunch of relatively small keys, well know, that she can use for public key authentication as said users to your machine. What the ssh-vulnkey package does is to disable some known keys. In other words, people who posted known vulnerable keys into authorized_keys will not be able to use those keys in order to automatically log into your system, and neither will the attackers. This is an important upgrade. Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
