Search Results

Search found 689 results on 28 pages for 'tls psk'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 3/28 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Setup VPN issue on Ubuntu Server 12.04

    - by Yozone W.
    I have a problem with setup VPN server on my Ubuntu VPS, here is my server environments: Ubuntu Server 12.04 x86_64 xl2tpd 1.3.1+dfsg-1 pppd 2.4.5-5ubuntu1 openswan 1:2.6.38-1~precise1 After install software and configuration: ipsec verify Checking your system to see if IPsec got installed and started correctly: Version check and ipsec on-path [OK] Linux Openswan U2.6.38/K3.2.0-24-virtual (netkey) Checking for IPsec support in kernel [OK] SAref kernel support [N/A] NETKEY: Testing XFRM related proc values [OK] [OK] [OK] Checking that pluto is running [OK] Pluto listening for IKE on udp 500 [OK] Pluto listening for NAT-T on udp 4500 [OK] Checking for 'ip' command [OK] Checking /bin/sh is not /bin/dash [WARNING] Checking for 'iptables' command [OK] Opportunistic Encryption Support [DISABLED] /var/log/auth.log message: Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [RFC 3947] method set to=115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] meth=114, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-08] meth=113, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-07] meth=112, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-06] meth=111, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-05] meth=110, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-04] meth=109, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: ignoring Vendor ID payload [FRAGMENTATION 80000000] Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [Dead Peer Detection] Oct 16 06:50:54 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: responding to Main Mode from unknown peer [My IP Address] Oct 16 06:50:54 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 Oct 16 06:50:54 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: STATE_MAIN_R1: sent MR1, expecting MI2 Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): peer is NATed Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: STATE_MAIN_R2: sent MR2, expecting MI3 Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000 Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: Main mode peer ID is ID_IPV4_ADDR: '192.168.12.52' Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT" Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: deleting connection "L2TP-PSK-NAT" instance with peer [My IP Address] {isakmp=#0/ipsec=#0} Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: new NAT mapping for #5, was [My IP Address]:2251, now [My IP Address]:2847 Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp1024} Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: Dead Peer Detection (RFC 3706): enabled Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: the peer proposed: [My Server IP Address]/32:17/1701 -> 192.168.12.52/32:17/0 Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: NAT-Traversal: received 2 NAT-OA. using first, ignoring others Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: responding to Quick Mode proposal {msgid:8579b1fb} Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: us: [My Server IP Address]<[My Server IP Address]>:17/1701 Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: them: [My IP Address][192.168.12.52]:17/65280===192.168.12.52/32 Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: Dead Peer Detection (RFC 3706): enabled Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x08bda158 <0x4920a374 xfrm=AES_256-HMAC_SHA1 NATOA=192.168.12.52 NATD=[My IP Address]:2847 DPD=enabled} Oct 16 06:51:16 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: received Delete SA(0x08bda158) payload: deleting IPSEC State #6 Oct 16 06:51:16 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: ERROR: netlink XFRM_MSG_DELPOLICY response for flow eroute_connection delete included errno 2: No such file or directory Oct 16 06:51:16 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: received and ignored informational message Oct 16 06:51:16 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: received Delete SA payload: deleting ISAKMP State #5 Oct 16 06:51:16 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address]: deleting connection "L2TP-PSK-NAT" instance with peer [My IP Address] {isakmp=#0/ipsec=#0} Oct 16 06:51:16 vpn pluto[3963]: packet from [My IP Address]:2847: received and ignored informational message xl2tpd -D message: xl2tpd[4289]: Enabling IPsec SAref processing for L2TP transport mode SAs xl2tpd[4289]: IPsec SAref does not work with L2TP kernel mode yet, enabling forceuserspace=yes xl2tpd[4289]: setsockopt recvref[30]: Protocol not available xl2tpd[4289]: This binary does not support kernel L2TP. xl2tpd[4289]: xl2tpd version xl2tpd-1.3.1 started on vpn.netools.me PID:4289 xl2tpd[4289]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. xl2tpd[4289]: Forked by Scott Balmos and David Stipp, (C) 2001 xl2tpd[4289]: Inherited by Jeff McAdams, (C) 2002 xl2tpd[4289]: Forked again by Xelerance (www.xelerance.com) (C) 2006 xl2tpd[4289]: Listening on IP address [My Server IP Address], port 1701 Then it just stopped here, and have no any response. I can't connect VPN on my mac client, the /var/log/system.log message: Oct 16 15:17:36 azone-iMac.local configd[17]: SCNC: start, triggered by SystemUIServer, type L2TP, status 0 Oct 16 15:17:36 azone-iMac.local pppd[3799]: pppd 2.4.2 (Apple version 596.13) started by azone, uid 501 Oct 16 15:17:38 azone-iMac.local pppd[3799]: L2TP connecting to server 'vpn.netools.me' ([My Server IP Address])... Oct 16 15:17:38 azone-iMac.local pppd[3799]: IPSec connection started Oct 16 15:17:38 azone-iMac.local racoon[359]: Connecting. Oct 16 15:17:38 azone-iMac.local racoon[359]: IPSec Phase1 started (Initiated by me). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Initiator, Main-Mode message 1). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKE Packet: receive success. (Initiator, Main-Mode message 2). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Initiator, Main-Mode message 3). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKE Packet: receive success. (Initiator, Main-Mode message 4). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Initiator, Main-Mode message 5). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKEv1 Phase1 AUTH: success. (Initiator, Main-Mode Message 6). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKE Packet: receive success. (Initiator, Main-Mode message 6). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKEv1 Phase1 Initiator: success. (Initiator, Main-Mode). Oct 16 15:17:38 azone-iMac.local racoon[359]: IPSec Phase1 established (Initiated by me). Oct 16 15:17:39 azone-iMac.local racoon[359]: IPSec Phase2 started (Initiated by me). Oct 16 15:17:39 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1). Oct 16 15:17:39 azone-iMac.local racoon[359]: IKE Packet: receive success. (Initiator, Quick-Mode message 2). Oct 16 15:17:39 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3). Oct 16 15:17:39 azone-iMac.local racoon[359]: IKEv1 Phase2 Initiator: success. (Initiator, Quick-Mode). Oct 16 15:17:39 azone-iMac.local racoon[359]: IPSec Phase2 established (Initiated by me). Oct 16 15:17:39 azone-iMac.local pppd[3799]: IPSec connection established Oct 16 15:17:59 azone-iMac.local pppd[3799]: L2TP cannot connect to the server Oct 16 15:17:59 azone-iMac.local racoon[359]: IPSec disconnecting from server [My Server IP Address] Oct 16 15:17:59 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Information message). Oct 16 15:17:59 azone-iMac.local racoon[359]: IKEv1 Information-Notice: transmit success. (Delete IPSEC-SA). Oct 16 15:17:59 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Information message). Oct 16 15:17:59 azone-iMac.local racoon[359]: IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA). Anyone help? Thanks a million!

    Read the article

  • TLS-SRP ciphersuites support in browsers

    - by dag
    i'm doing some research on how browsers support TLS-SRP (RFC5054). I know that TLS-SRP is implemented in GnuTLS, OpenSSL as of release 1.0.1, Apache mod_gnutls, cURL, TLS Lite and SecureBlackbox. I don't find any fresh source of information, only this from 2011: http://sim.ivi.co/2011/07/compare-tls-cipher-suites-for-web.html I'm testing them manually at the moment, but as far as i know nobody seems to support it. My interest is then in understanding if browsers are planning to support these ciphersuites in the future, apart from the current state. Actual findings (i'm sorry i can't include more than 2 links): Firefox: BugZilla bug id: 405155 IE: Microsoft connect Bug ID:788412 , date:22/05/2013 (closed) Chromium/Chrome: the interesting work by quinn slack http://qslack.com/2011/04/tls-srp-in-chrome-announcement/ Chromium code review: 6804032 Any other help?

    Read the article

  • How to use SSL3 instead of TLS in a particular HttpWebRequest?

    - by Anton Tykhyy
    My application has to talk to different hosts over https, and the default setting of ServicePointManager.SecurityProtocol = TLS served me well up to this day. Now I have some hosts which (as System.Net trace log shows) don't answer the initial TLS handshake message but keep the underlying connection open until it times out, throwing a timeout exception. I tried setting HttpWebRequest's timeout to as much as 5mins, with the same result. Presumably these hosts are waiting for an SSL3 handshake since both IE and Firefox are able to connect to these hosts after a 30-40 seconds' delay. There seems to be some fallback mechanism in .NET which degrades TLS to SSL3, but it doesn't kick in for some reason. FWIW, here's the handshake message my request is sending: 00000000 : 16 03 01 00 57 01 00 00-53 03 01 4C 12 39 B4 F9 : ....W...S..L.9.. 00000010 : A3 2C 3D EE E1 2A 7A 3E-D2 D6 0D 2E A9 A8 6C 03 : .,=..*z>......l. 00000020 : E7 8F A3 43 0A 73 9C CE-D7 EE CF 00 00 18 00 2F : ...C.s........./ 00000030 : 00 35 00 05 00 0A C0 09-C0 0A C0 13 C0 14 00 32 : .5.............2 00000040 : 00 38 00 13 00 04 01 00-00 12 00 0A 00 08 00 06 : .8.............. 00000050 : 00 17 00 18 00 19 00 0B-00 02 01 00 : ............ Is there a way to use SSL3 instead of TLS in a particular HttpWebRequest, or force a fallback? It seems that ServicePointManager's setting is global, and I'd really hate to have to degrade the security protocol setting to SSL3 for the whole application.

    Read the article

  • Ubuntu Server 14.04 Apache 2.4 TLSv1.2/TLSv1.1 support

    - by Jan
    Recently I upgraded my server from Ubuntu Server 12.04 to Ubuntu Server 14.04 by means of a new installation from scratch. Only one problem remains. In 12.04 Apache 2.2 with mod_ssl supported TLS version 1, 1.1 and 1.2. After upgrading to 14.04 and Apache 2.4, Apache only supports TLS version 1, support for 1.1 and 1.2 is missing. I followed both the migration guide for 2.2 - 2.4 (no changes to the mod_ssl settings) as well as the documentation of mod_ssl regarding the SSLProtocol configuration option. Both SSLProtocol TLSv1.2 TLSv1.1 TLSv1 and SSLProtocol TLSv1.2 do not work. Is there any way to convince Apache to support the new TLS versions as well? Problem seems to be solved now without any change from my side. Apparently libssl was initially compiled without TLSv1.1/TLSv1.2 support.

    Read the article

  • VSFTPD - FTP over TLS - Upload stops after exactly 82k?

    - by Redsandro
    I installed a VSFTP daemon on a CentOS server, using a RSA certificate for logging in using explicit TLS. Now, I cannot upload more than 82k. With files under that limit, there is no problem. The FTP works like a charm. But as soon as a file reaches 82k with FileZilla (81,952 bytes to be exact), the transfer will stop, and the FTP client hangs until time out is reached. FTP client console: 15:10:21 Command: STOR jquery-1.7.2.min.js 15:10:21 Response: 150 Ok to send data. 15:11:21 Error: Connection timed out 15:11:21 Error: File transfer failed after transferring 82 KB in 60 seconds /var/log/vsftpd.log FTP command: Client "x.x.x.x", "STOR jquery-1.7.2.min.js" FTP response: Client "x.x.x.x", "150 Ok to send data." OK UPLOAD: Client "x.x.x.x", "jquery-1.7.2.min.js", 81952 bytes, 1.32Kbyte/sec FTP response: Client "x.x.x.x", "226 File receive OK." // NOT okay, file is bigger // No mention of error here I cannot find relevant info about this problem, apart from a possible problem with trans_chunk_size (not mentioned in default config), but I tried different sizes and it has no impact on the problem. trans_chunk_size=4096 trans_chunk_size=8192 trans_chunk_size=9999 Ofcourse, after every configuration change, I restarted the server: /etc/init.d/vsftpd restart What else can cause this? It's not the latest version, but it's the latest update within the repositories that has been deemed fit for enterprise usage: Package info: $ yum info vsftpd Loaded plugins: fastestmirror Installed Packages Name : vsftpd Arch : x86_64 Version : 2.0.5 Release : 24.el5_8.1 Size : 286 k Repo : installed Summary : vsftpd - Very Secure Ftp Daemon URL : http://vsftpd.beasts.org/ License : GPL Description: vsftpd is a Very Secure FTP daemon. It was written completely from scratch.

    Read the article

  • BlackBerry OS 7.1 secured TLS connection is closed after very short time

    - by MrVincenzo
    To make a long story short: Same client-server configuration, same network topology, same device (Bold 9900) - works perfectly well on OS 7.0 but doesn't work as expected on OS 7.1 and the secured tls connection is being closed by the server after a very short time. My application opens a secured tls connection to a server. The connection is kept alive by a application layer keep-alive mechanism and remains open until the client closes it. Attached is a simplified version of the actual code that opens connection and reads from the socket. The code works perfectly on OS 5.0-7.0 but doesn't work as expected on OS 7.1. When running on OS 7.1, the blocking read() returns with -1 (end of the stream has been reached) after very short time (10-45 seconds). For OS 5.0-7.0 the call to read() remains blocking until next data arrives and the connection is never closed by the server. Connection connection = Connector.open(connectionString); connInputStream = connection.openInputStream(); while (true) { try { retVal = connInputStream.read(); if (-1 == retVal) { break; // end of stream has been reached } } catch (Exception e ) { // do error handling } // data read from stream is handled here } UPDATE 1: Apparently, the problem appears only when I use secured tls connection (either using mobile network or WiFi) on OS 7.1. Everything works as expected when opening a non secured connection on OS 7.1. For tls on mobile networks I use the following connection string: connectionString = "tls://someipaddress:443;deviceside=false;ConnectionType=mds-public;EndToEndDesired"; For tls on Wifi I use the following connection string: connectionString = "tls://someipaddress:443;deviceside=true;interface=wifi;EndToEndRequired" UPDATE 2: The connection is never idle. I am constantly receiving and sending data on it. The issue appears both when using mobile connection and WiFi. The issue appears both on real OS 7.1 devices and simulators. I am starting to suspect that it is somehow related either to the connection string I am using or to the tls handshake. UPDATE 3: According to Wireshark's captures that I made with the OS 7.1 simulator, the secured tls connection is being closed by the server (client receives FIN). For the moment I don't have the server's private key therefore I unable to debug the tls handshake.

    Read the article

  • TLS/SSL and .NET Framework 4.0

    The Secure Socket Layer is now essential for the secure exchange of digital data, and is most generally used within the HTTPS protocol. .NET now provides the Windows Communication Foundation (WCF) to implement secure communications directly. Matteo explains the TLS/SSL protocol, and takes a hands-on approach to investigate the SslStream class to show how to implement a secure communication channel

    Read the article

  • Unable to connect to FTP server using Filezilla with router in-between

    - by pkswatch
    While connecting to my web server using filezilla, i am getting this error: Status: Resolving address of ftp.mysite.org.in Status: Connecting to 199.199.199.18:21... Status: Connection established, waiting for welcome message... Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- Response: 220-You are user number 1 of 150 allowed. Response: 220-Local time is now 17:58. Server port: 21. Response: 220-This is a private system - No anonymous login Response: 220-IPv6 connections are also welcome on this server. Response: 220 You will be disconnected after 5 minutes of inactivity. Command: AUTH TLS Response: 234 AUTH TLS OK. Status: Initializing TLS... Error: GnuTLS error -9: A TLS packet with unexpected length was received. Status: Server did not properly shut down TLS connection Error: Could not connect to server I use a cradlepoint CTR35 wifi router to connect to the wired internet connection. When i connect to the same server without this router, the connection works flawlessly. So i guess there is some problem with my router firewall settings, but i dont know what! Can somebody help me out please? Note: The server requires EXPLICIT FTP OVER TLS and does not work with plain FTP sessions. And i can connect to other servers using plain FTP with the router in between.

    Read the article

  • Overhead of TLS/SSL on a TCP socket connection?

    - by TK Kocheran
    Is there any bandwidth overhead on using SSL on a TCP connection? I understand, of course, the processing/memory usage overhead in encrypting and decrypting packets, but as far as bandwidth is concerned, what is the difference, if any? For example, given a XML file which is 64KB, will there be any tangible difference in the transfer size of the file over HTTP vs. HTTPS? (Ignoring mod_deflate and mod_gzip, of course)

    Read the article

  • Why can't I connect to a Cisco wireless access point?

    - by spinlock
    I'm running a Lucid Netbook Remix on my Dell Inspiron 600m and I was not able to connect to the wireless network at the Hacker Dojo in Mountain View yesterday. There were plenty of other people on the network - MS, Mac, and Linux boxes - but my laptop would never get an ip address. I can connect to my home network, which is open, and I've never had a problem connecting at the coffee shop, which uses WPA. The Hacker Dojo is running WPA and we checked the password a number of times but got no love. Any ideas would be greatly appreciated. Additional Info: $iwlist eth1 scan eth1 Scan completed : Cell 01 - Address: EC:C8:82:FA:63:92 ESSID:"HackerDojo-gwifi" Protocol:IEEE 802.11g Mode:Master Frequency:2.412 GHz (Channel 1) Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 54 Mb/s Quality:62 Signal level:0 Noise level:0 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK Extra: Last beacon: 280ms ago Cell 02 - Address: 00:18:4D:24:08:61 ESSID:"Green Zone" Protocol:IEEE 802.11bg Mode:Master Frequency:2.417 GHz (Channel 2) Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 54 Mb/s Quality:23 Signal level:0 Noise level:0 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK Extra: Last beacon: 11516ms ago Cell 03 - Address: 08:17:35:32:6E:13 ESSID:"\x00" Protocol:IEEE 802.11g Mode:Master Frequency:2.437 GHz (Channel 6) Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 54 Mb/s Quality:71 Signal level:0 Noise level:0 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK Extra: Last beacon: 2760ms ago Cell 04 - Address: EC:C8:82:FA:63:90 ESSID:"HackerDojo" Protocol:IEEE 802.11g Mode:Master Frequency:2.412 GHz (Channel 1) Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 54 Mb/s Quality:61 Signal level:0 Noise level:0 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK Extra: Last beacon: 772ms ago Cell 05 - Address: 08:17:35:32:6E:11 ESSID:"HackerDojo-Presenter" Protocol:IEEE 802.11g Mode:Master Frequency:2.437 GHz (Channel 6) Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 54 Mb/s Quality:65 Signal level:0 Noise level:0 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK Extra: Last beacon: 3308ms ago Cell 06 - Address: 08:17:35:32:7E:31 ESSID:"HackerDojo-Presenter" Protocol:IEEE 802.11g Mode:Master Frequency:2.462 GHz (Channel 11) Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 54 Mb/s Quality:88 Signal level:0 Noise level:0 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK Extra: Last beacon: 1668ms ago Cell 07 - Address: 38:E7:D8:01:46:1E ESSID:"JWS_Incredible" Protocol:IEEE 802.11bg Mode:Master Frequency:2.412 GHz (Channel 1) Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 500 kb/s; 54 Mb/s Quality:31 Signal level:0 Noise level:0 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK Extra: Last beacon: 2848ms ago Cell 08 - Address: 08:17:35:32:6E:10 ESSID:"HackerDojo" Protocol:IEEE 802.11g Mode:Master Frequency:2.437 GHz (Channel 6) Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 54 Mb/s Quality:67 Signal level:0 Noise level:0 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK Extra: Last beacon: 7848ms ago Cell 09 - Address: 08:17:35:32:7E:30 ESSID:"HackerDojo" Protocol:IEEE 802.11g Mode:Master Frequency:2.462 GHz (Channel 11) Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 54 Mb/s Quality:85 Signal level:0 Noise level:0 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK Extra: Last beacon: 8300ms ago Cell 10 - Address: 08:17:35:32:6E:12 ESSID:"HackerDojo-gwifi" Protocol:IEEE 802.11g Mode:Master Frequency:2.437 GHz (Channel 6) Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 54 Mb/s Quality:68 Signal level:0 Noise level:0 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK Extra: Last beacon: 232ms ago Cell 11 - Address: 08:17:35:32:7E:32 ESSID:"HackerDojo-gwifi" Protocol:IEEE 802.11g Mode:Master Frequency:2.462 GHz (Channel 11) Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 54 Mb/s Quality:86 Signal level:0 Noise level:0 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK Extra: Last beacon: 168ms ago Cell 12 - Address: EC:C8:82:FA:63:91 ESSID:"HackerDojo-Presenter" Protocol:IEEE 802.11g Mode:Master Frequency:2.412 GHz (Channel 1) Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 54 Mb/s Quality:62 Signal level:0 Noise level:0 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK Extra: Last beacon: 7408ms ago $iwconfig eth1 eth1 unassociated ESSID:"HackerDojo-gwifi" Nickname:"ipw2100" Mode:Managed Channel=0 Access Point: Not-Associated Bit Rate:0 kb/s Tx-Power:16 dBm Retry short limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality:0 Signal level:0 Noise level:0 Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0

    Read the article

  • How much network overhead does TLS add compared to a non-encrypted connection?

    - by Daniel Sterling
    (Approximately) how many more bits of data must be transferred over the network during an encrypted connection compared to an unencrypted connection? IIUC, once the TLS handshake has completed, the number of bits transferred is equal to those transferred during an unencrypted connection. Is this accurate? As a follow up, is transferring a large file over https significantly slower than transferring that file over http, given fast processors and the same (ideal) network conditions?

    Read the article

  • How long do FireFox, Chrome, Safari, and Opera cache SSL/TLS session keys?

    - by MJ
    To try to use a reason SSL/TLS session key timeout on the server-side, I'd like to know how long popular browsers cache session keys on the client. Microsoft describes this information for Windows/IE here: http://technet.microsoft.com/en-us/library/cc776467(WS.10).aspx But, I haven't been able to find similar information for other popular browsers. Does anyone know? Thanks!

    Read the article

  • proftpd - TLS connection hangs authenticating

    - by greydet
    I setup a proftpd server that uses TLS/SSL certificate for authentication. Everything works well when I connect through lftp or Filezilla (with explicit connection). But once I attempt connecting with simple ftp connection from Filezilla, the USER command ends with the 550 response (SSL/TLS required). After that any further connection through lftp or Filezilla (with explicit connection) will hang authenticating. Anyone knows how to workaround this issue? Is there a way to ask Filezilla to automatically use TLS/SSL if required? I am using Ubuntu server 10.04 with proftpd 1.3.2c. There is no error message in the log files.

    Read the article

  • Bugzilla mail_delivery_method using TLS for Gmail

    - by Matt
    I installed the TLS as described in http://www.dawood.in/bugzilla%5Falerts%5Fusing%5Fgmail.html and verified that the package is installed. Restarted the Apache server. Log in as admin to the bugzilla. Gone to Administration - Parameters - Email I can't see the option for SMTP::TLS under mail_ delivery_method. Any ideas, Thanks, Matt

    Read the article

  • Help turning off TLS in Qmail

    - by user22492
    How do you turn off STARTTLS in Qmail (running on RH)? I initially installed the forcetls patch, but have since needed to use fixcrio which doesn't work with TLS (plus I don't need TLS for my setup anyway). I've tried a few different things, such as: echo 0 /var/qmail/control/smtpforcetls & adding DENY_TLS=1; export DENY_TLS to my /var/qmail/supervise/qmail-smtpd/run file and none of them have worked. Any help would be greatly appreciated.

    Read the article

  • Virtual SMTP not sending mails

    - by DoStuffZ
    Hi I have been googling for the better part of the last two hours without finding any conclusion. My mails are not being sent from the production webserver. If I stop/start the Virtual SMTP I get this in the event log: No usable TLS server certificate for SMTP virtual server instance '1' could be found. TLS will be disabled for this virtual-server. We recently updated the webapplication running and I assume something went amiss during that. Googling the message straight up gave me a list that just as well could have been in greek. I found a security certificate on the server, installing that gave no change. I basicly played russian roulette with the certificate file (.cer), though I was somewhat certain it would not have a negative effect. (Russian roulette with a 6 chamber gun and 2 bullets.) I found a .pfx in our local documentation folder, though I'm far from certain that to have a positive effect. (6 chambers and 5 bullets). I found a site describing how the Virtual SMTP - Properties - Access - should have a button saying Certificates. I have a text saying "Did not find any TLS certificates" and a grayed out tick box saying "Require TLS certificate". I found the TLS being SSL ver3.1+ (3.1-3.3). So question goes - How do I enable the SMTP to once again send emails, like before.

    Read the article

  • smtpd_tls_auth_only exclude 127.0.0.1

    - by Pol Hallen
    I configurated postfix to force uses TLS. When an external client try to send an email using this server there is not any problems. But using webmail (127.0.0.1) postfix wants TLS: delivery temporarily suspended: TLS is required, but was not offered by host 127.0.0.1[127.0.0.1]) Which changes I need to do to master.cf? smtp_use_tls = yes smtp_tls_security_level = encrypt smtpd_use_tls = yes smtpd_tls_auth_only = yes smtpd_tls_key_file = /etc/postfix/ssl/xxx.key smtpd_tls_cert_file = /etc/postfix/ssl/xxx.crt smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

    Read the article

  • Unable to install rubygems in ubuntu 10.04

    - by loganathan
    I had installed the ruby 1.8.7 with patch level 253 successfully on my ubuntu 10.04, but while installing ruby gems I am facing the below error, can anybody help me on this. ruby -v ruby 1.8.7 (2010-04-19 patchlevel 253) [i686-linux], MBARI 0x8770, Ruby Enterprise Edition 2010.02 gem install mongrel *** longjmp causes uninitialized stack frame ***: /usr/bin/ruby terminated ======= Backtrace: ========= /lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x50)[0x3612d0] /lib/tls/i686/cmov/libc.so.6(+0xe223a)[0x36123a] /usr/bin/ruby[0x80577b9] /usr/bin/ruby[0x80577d5] /usr/bin/ruby(rb_thread_schedule+0x9fc)[0x80652ac] /usr/bin/ruby(rb_thread_kill+0x14)[0x8066c74] /usr/bin/ruby[0x806071d] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806a869] /usr/bin/ruby[0x806a290] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806a869] /usr/bin/ruby[0x806995b] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806aaa5] /usr/bin/ruby[0x8069d54] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x805df2d] /usr/bin/ruby[0x8069581] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x806a0eb] /usr/bin/ruby[0x805e630] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806aaa5] /usr/bin/ruby[0x806a715] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806a869] /usr/bin/ruby[0x805e48b] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806aaa5] /usr/bin/ruby[0x805e58a] /usr/bin/ruby[0x805e4aa] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806a869] /usr/bin/ruby[0x805e48b] /usr/bin/ruby[0x80693f1] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x806a0eb] /usr/bin/ruby[0x805e630] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806a869] /usr/bin/ruby[0x805e48b] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x806a0eb] /usr/bin/ruby[0x805e630] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806aaa5] /usr/bin/ruby[0x805e48b] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x8060601] ======= Memory map: ======== 00110000-00112000 r-xp 00000000 08:06 3805677 /usr/lib/ruby/1.8/i686-linux/etc.so 00112000-00113000 r--p 00001000 08:06 3805677 /usr/lib/ruby/1.8/i686-linux/etc.so 00113000-00114000 rw-p 00002000 08:06 3805677 /usr/lib/ruby/1.8/i686-linux/etc.so 00114000-0012e000 r-xp 00000000 08:06 3805682 /usr/lib/ruby/1.8/i686-linux/syck.so 0012e000-0012f000 r--p 00019000 08:06 3805682 /usr/lib/ruby/1.8/i686-linux/syck.so 0012f000-00130000 rw-p 0001a000 08:06 3805682 /usr/lib/ruby/1.8/i686-linux/syck.so 00130000-00131000 r-xp 00000000 08:06 3805666 /usr/lib/ruby/1.8/i686-linux/fcntl.so 00131000-00132000 r--p 00000000 08:06 3805666 /usr/lib/ruby/1.8/i686-linux/fcntl.so 00132000-00133000 rw-p 00001000 08:06 3805666 /usr/lib/ruby/1.8/i686-linux/fcntl.so 00133000-00150000 r-xp 00000000 08:06 11403438 /lib/libgcc_s.so.1 00150000-00151000 r--p 0001c000 08:06 11403438 /lib/libgcc_s.so.1 00151000-00152000 rw-p 0001d000 08:06 11403438 /lib/libgcc_s.so.1 001e2000-00206000 r-xp 00000000 08:06 11403697 /lib/tls/i686/cmov/libm-2.11.1.so 00206000-00207000 r--p 00023000 08:06 11403697 /lib/tls/i686/cmov/libm-2.11.1.so 00207000-00208000 rw-p 00024000 08:06 11403697 /lib/tls/i686/cmov/libm-2.11.1.so 0024d000-00256000 r-xp 00000000 08:06 11403688 /lib/tls/i686/cmov/libcrypt-2.11.1.so 00256000-00257000 r--p 00008000 08:06 11403688 /lib/tls/i686/cmov/libcrypt-2.11.1.so 00257000-00258000 rw-p 00009000 08:06 11403688 /lib/tls/i686/cmov/libcrypt-2.11.1.so 00258000-0027f000 rw-p 00000000 00:00 0 0027f000-003d2000 r-xp 00000000 08:06 11403695 /lib/tls/i686/cmov/libc-2.11.1.so 003d2000-003d4000 r--p 00153000 08:06 11403695 /lib/tls/i686/cmov/libc-2.11.1.so 003d4000-003d5000 rw-p 00155000 08:06 11403695 /lib/tls/i686/cmov/libc-2.11.1.so 003d5000-003d8000 rw-p 00000000 00:00 0 0047e000-00488000 r-xp 00000000 08:06 3805680 /usr/lib/ruby/1.8/i686-linux/socket.so 00488000-00489000 r--p 00009000 08:06 3805680 /usr/lib/ruby/1.8/i686-linux/socket.so 00489000-0048a000 rw-p 0000a000 08:06 3805680 /usr/lib/ruby/1.8/i686-linux/socket.so 004f2000-00507000 r-xp 00000000 08:06 11403690 /lib/tls/i686/cmov/libpthread-2.11.1.so 00507000-00508000 r--p 00014000 08:06 11403690 /lib/tls/i686/cmov/libpthread-2.11.1.so 00508000-00509000 rw-p 00015000 08:06 11403690 /lib/tls/i686/cmov/libpthread-2.11.1.so 00509000-0050b000 rw-p 00000000 00:00 0 00524000-00525000 r-xp 00000000 00:00 0 [vdso] 00544000-00557000 r-xp 00000000 08:06 11403553 /lib/libz.so.1.2.3.3 00557000-00558000 r--p 00012000 08:06 11403553 /lib/libz.so.1.2.3.3 00558000-00559000 rw-p 00013000 08:06 11403553 /lib/libz.so.1.2.3.3 00639000-0063c000 r-xp 00000000 08:06 3805679 /usr/lib/ruby/1.8/i686-linux/thread.so 0063c000-0063d000 r--p 00002000 08:06 3805679 /usr/lib/ruby/1.8/i686-linux/thread.so 0063d000-0063e000 rw-p 00003000 08:06 3805679 /usr/lib/ruby/1.8/i686-linux/thread.so 00649000-0064d000 r-xp 00000000 08:06 11403714 /lib/tls/i686/cmov/libnss_dns-2.11.1.so 0064d000-0064e000 r--p 00004000 08:06 11403714 /lib/tls/i686/cmov/libnss_dns-2.11.1.so 0064e000-0064f000 rw-p 00005000 08:06 11403714 /lib/tls/i686/cmov/libnss_dns-2.11.1.so 00663000-006a3000 r-xp 00000000 08:06 4329500 /usr/lib/ruby/site_ruby/1.8/i686-linux/openssl.so 006a3000-006a4000 r--p 0003f000 08:06 4329500 /usr/lib/ruby/site_ruby/1.8/i686-linux/openssl.so 006a4000-006a5000 rw-p 00040000 08:06 4329500 /usr/lib/ruby/site_ruby/1.8/i686-linux/openssl.so 006a5000-006a6000 rw-p 00000000 00:00 0 0070d000-0070f000 r-xp 00000000 08:06 11403689 /lib/tls/i686/cmov/libdl-2.11.1.so 0070f000-00710000 r--p 00001000 08:06 11403689 /lib/tls/i686/cmov/libdl-2.11.1.so 00710000-00711000 rw-p 00002000 08:06 11403689 /lib/tls/i686/cmov/libdl-2.11.1.so 00711000-0084b000 r-xp 00000000 08:06 11403909 /lib/libcrypto.so.0.9.8 0084b000-00853000 r--p 00139000 08:06 11403909 /lib/libcrypto.so.0.9.8 00853000-00861000 rw-p 00141000 08:06 11403909 /lib/libcrypto.so.0.9.8 00861000-00864000 rw-p 00000000 00:00 0 00864000-00865000 ---p 00000000 00:00 0 00865000-00966000 rwxp 00000000 00:00 0 00977000-00979000 r-xp 00000000 08:06 11403476 /lib/libnss_mdns4_minimal.so.2 00979000-0097a000 r--p 00001000 08:06 11403476 /lib/libnss_mdns4_minimal.so.2 0097a000-0097b000 rw-p 00002000 08:06 11403476 /lib/libnss_mdns4_minimal.so.2 009fa000-00a04000 r-xp 00000000 08:06 11403691 /lib/tls/i686/cmov/libnss_files-2.11.1.so 00a04000-00a05000 r--p 00009000 08:06 11403691 /lib/tls/i686/cmov/libnss_files-2.11.1.so 00a05000-00a06000 rw-p 0000a000 08:06 11403691 /lib/tls/i686/cmov/libnss_files-2.11.1.so 00ac0000-00ac4000 r-xp 00000000 08:06 3805670 /usr/lib/ruby/1.8/i686-linux/stringio.so 00ac4000-00ac5000 r--p 00003000 08:06 3805670 /usr/lib/ruby/1.8/i686-linux/stringio.so 00ac5000-00ac6000 rw-p 00004000 08:06 3805670 /usr/lib/ruby/1.8/i686-linux/stringio.so 00af3000-00b0e000 r-xp 00000000 08:06 11403607 /lib/ld-2.11.1.so 00b0e000-00b0f000 r--p 0001a000 08:06 11403607 /lib/ld-2.11.1.so 00b0f000-00b10000 rw-p 0001b000 08:06 11403607 /lib/ld-2.11.1.so 00c35000-00c45000 r-xp 00000000 08:06 11403692 /lib/tls/i686/cmov/libresolv-2.11.1.so 00c45000-00c46000 r--p 00010000 08:06 11403692 /lib/tls/i686/cmov/libresolv-2.11.1.so 00c46000-00c47000 rw-p 00011000 08:06 11403692 /lib/tls/i686/cmov/libresolv-2.11.1.so 00c47000-00c49000 rw-p 00000000 00:00 0 00d51000-00d59000 r-xp 00000000 08:06 4329502 /usr/lib/ruby/site_ruby/1.8/i686-linux/zlib.so 00d59000-00d5a000 r--p 00007000 08:06 4329502 /usr/lib/ruby/site_ruby/1.8/i686-linux/zlib.so 00d5a000-00d5b000 rw-p 00008000 08:06 4329502 /usr/lib/ruby/site_ruby/1.8/i686-linux/zlib.so 00d60000-00d61000 r-xp 00000000 08:06 3805664 /usr/lib/ruby/1.8/i686-linux/rational.so 00d61000-00d62000 r--p 00000000 08:06 3805664 /usr/lib/ruby/1.8/i686-linux/rational.so 00d62000-00d63000 rw-p 00001000 08:06 3805664 /usr/lib/ruby/1.8/i686-linux/rational.so 00de6000-00de9000 r-xp 00000000 08:06 3805691 /usr/lib/ruby/1.8/i686-linux/digest.so 00de9000-00dea000 r--p 00002000 08:06 3805691 /usr/lib/ruby/1.8/i686-linux/digest.so 00dea000-00deb000 rw-p 00003000 08:06 3805691 /usr/lib/ruby/1.8/i686-linux/digest.so 00e63000-00e6a000 r-xp 00000000 08:06 11403700 /lib/tls/i686/cmov/librt-2.11.1.so 00e6a000-00e6b000 r--p 00006000 08:06 11403700 /lib/tls/i686/cmov/librt-2.11.1.so 00e6b000-00e6c000 rw-p 00007000 08:06 11403700 /lib/tls/i686/cmov/librt-2.11.1.so 00f70000-00fb4000 r-xp 00000000 08:06 11403907 /lib/libssl.so.0.9.8Aborted

    Read the article

  • Unable to logon to vpn

    - by nitin pande
    My openvpn client log file- The interesting bit: Tue Oct 26 12:32:49 2010 TLS Error: cannot locate HMAC in incoming packet from 67.228.223.12:3389 Tue Oct 26 12:32:49 2010 Fatal TLS error (check_tls_errors_co), restarting Tue Oct 26 12:32:49 2010 TCP/UDP: Closing socket The rest of the log just in case: Tue Oct 26 12:32:35 2010 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006 Tue Oct 26 12:32:48 2010 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue Oct 26 12:32:48 2010 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file Tue Oct 26 12:32:48 2010 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Oct 26 12:32:48 2010 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Oct 26 12:32:48 2010 LZO compression initialized Tue Oct 26 12:32:48 2010 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ] Tue Oct 26 12:32:48 2010 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Tue Oct 26 12:32:48 2010 Local Options hash (VER=V4): 'ee93268d' Tue Oct 26 12:32:48 2010 Expected Remote Options hash (VER=V4): 'bd577cd1' Tue Oct 26 12:32:48 2010 Attempting to establish TCP connection with 67.228.223.12:3389 Tue Oct 26 12:32:48 2010 TCP connection established with 67.228.223.12:3389 Tue Oct 26 12:32:48 2010 TCPv4_CLIENT link local: [undef] Tue Oct 26 12:32:48 2010 TCPv4_CLIENT link remote: 67.228.223.12:3389 Tue Oct 26 12:32:49 2010 TLS: Initial packet from 67.228.223.12:3389, sid=bd5f79fe 8475497f Tue Oct 26 12:32:49 2010 TLS Error: cannot locate HMAC in incoming packet from 67.228.223.12:3389 Tue Oct 26 12:32:49 2010 Fatal TLS error (check_tls_errors_co), restarting Tue Oct 26 12:32:49 2010 TCP/UDP: Closing socket Tue Oct 26 12:32:49 2010 SIGUSR1[soft,tls-error] received, process restarting Tue Oct 26 12:32:49 2010 Restart pause, 5 second(s) Tue Oct 26 12:32:54 2010 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue Oct 26 12:32:54 2010 Re-using SSL/TLS context Tue Oct 26 12:32:54 2010 LZO compression initialized Tue Oct 26 12:32:54 2010 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ] Tue Oct 26 12:32:54 2010 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Tue Oct 26 12:32:54 2010 Local Options hash (VER=V4): 'ee93268d' Tue Oct 26 12:32:54 2010 Expected Remote Options hash (VER=V4): 'bd577cd1' Tue Oct 26 12:32:54 2010 Attempting to establish TCP connection with 67.228.223.12:3389 Tue Oct 26 12:32:54 2010 TCP connection established with 67.228.223.12:3389 Tue Oct 26 12:32:54 2010 TCPv4_CLIENT link local: [undef] Tue Oct 26 12:32:54 2010 TCPv4_CLIENT link remote: 67.228.223.12:3389 Tue Oct 26 12:32:54 2010 TLS: Initial packet from 67.228.223.12:3389, sid=1643b931 ce240d5f Tue Oct 26 12:32:54 2010 TLS Error: cannot locate HMAC in incoming packet from 67.228.223.12:3389 Tue Oct 26 12:32:54 2010 Fatal TLS error (check_tls_errors_co), restarting Tue Oct 26 12:32:54 2010 TCP/UDP: Closing socket Tue Oct 26 12:32:54 2010 SIGUSR1[soft,tls-error] received, process restarting Tue Oct 26 12:32:54 2010 Restart pause, 5 second(s) Tue Oct 26 12:32:59 2010 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue Oct 26 12:32:59 2010 Re-using SSL/TLS context Tue Oct 26 12:32:59 2010 LZO compression initialized Tue Oct 26 12:32:59 2010 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ] Tue Oct 26 12:32:59 2010 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Tue Oct 26 12:32:59 2010 Local Options hash (VER=V4): 'ee93268d' Tue Oct 26 12:32:59 2010 Expected Remote Options hash (VER=V4): 'bd577cd1' Tue Oct 26 12:32:59 2010 Attempting to establish TCP connection with 67.228.223.12:3389 Tue Oct 26 12:33:00 2010 TCP connection established with 67.228.223.12:3389 Tue Oct 26 12:33:00 2010 TCPv4_CLIENT link local: [undef] Tue Oct 26 12:33:00 2010 TCPv4_CLIENT link remote: 67.228.223.12:3389 Tue Oct 26 12:33:00 2010 TLS: Initial packet from 67.228.223.12:3389, sid=cd439fb2 d625ca0d Tue Oct 26 12:33:00 2010 TLS Error: cannot locate HMAC in incoming packet from 67.228.223.12:3389 Tue Oct 26 12:33:00 2010 Fatal TLS error (check_tls_errors_co), restarting Tue Oct 26 12:33:00 2010 TCP/UDP: Closing socket Tue Oct 26 12:33:00 2010 SIGUSR1[soft,tls-error] received, process restarting Tue Oct 26 12:33:00 2010 Restart pause, 5 second(s) Tue Oct 26 12:33:05 2010 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue Oct 26 12:33:05 2010 Re-using SSL/TLS context Tue Oct 26 12:33:05 2010 LZO compression initialized Tue Oct 26 12:33:05 2010 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ] Tue Oct 26 12:33:05 2010 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Tue Oct 26 12:33:05 2010 Local Options hash (VER=V4): 'ee93268d' Tue Oct 26 12:33:05 2010 Expected Remote Options hash (VER=V4): 'bd577cd1' Tue Oct 26 12:33:05 2010 Attempting to establish TCP connection with 67.228.223.12:3389 Tue Oct 26 12:33:06 2010 TCP connection established with 67.228.223.12:3389 Tue Oct 26 12:33:06 2010 TCPv4_CLIENT link local: [undef] Tue Oct 26 12:33:06 2010 TCPv4_CLIENT link remote: 67.228.223.12:3389 Tue Oct 26 12:33:06 2010 TLS: Initial packet from 67.228.223.12:3389, sid=28f0cb87 69c90cde Tue Oct 26 12:33:06 2010 TLS Error: cannot locate HMAC in incoming packet from 67.228.223.12:3389 Tue Oct 26 12:33:06 2010 Fatal TLS error (check_tls_errors_co), restarting Tue Oct 26 12:33:06 2010 TCP/UDP: Closing socket Tue Oct 26 12:33:06 2010 SIGUSR1[soft,tls-error] received, process restarting Tue Oct 26 12:33:06 2010 Restart pause, 5 second(s) Tue Oct 26 12:33:11 2010 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue Oct 26 12:33:11 2010 Re-using SSL/TLS context Tue Oct 26 12:33:11 2010 LZO compression initialized Tue Oct 26 12:33:11 2010 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ] Tue Oct 26 12:33:11 2010 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Tue Oct 26 12:33:11 2010 Local Options hash (VER=V4): 'ee93268d' Tue Oct 26 12:33:11 2010 Expected Remote Options hash (VER=V4): 'bd577cd1' Tue Oct 26 12:33:11 2010 Attempting to establish TCP connection with 67.228.223.12:3389 Tue Oct 26 12:33:11 2010 TCP connection established with 67.228.223.12:3389 Tue Oct 26 12:33:11 2010 TCPv4_CLIENT link local: [undef] Tue Oct 26 12:33:11 2010 TCPv4_CLIENT link remote: 67.228.223.12:3389 Tue Oct 26 12:33:12 2010 TLS: Initial packet from 67.228.223.12:3389, sid=128becf9 f62adf0c Tue Oct 26 12:33:12 2010 TLS Error: cannot locate HMAC in incoming packet from 67.228.223.12:3389 Tue Oct 26 12:33:12 2010 Fatal TLS error (check_tls_errors_co), restarting Tue Oct 26 12:33:12 2010 TCP/UDP: Closing socket Tue Oct 26 12:33:12 2010 SIGUSR1[soft,tls-error] received, process restarting Tue Oct 26 12:33:12 2010 Restart pause, 5 second(s) Tue Oct 26 12:33:17 2010 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue Oct 26 12:33:17 2010 Re-using SSL/TLS context Tue Oct 26 12:33:17 2010 LZO compression initialized Tue Oct 26 12:33:17 2010 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ] Tue Oct 26 12:33:17 2010 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Tue Oct 26 12:33:17 2010 Local Options hash (VER=V4): 'ee93268d' Tue Oct 26 12:33:17 2010 Expected Remote Options hash (VER=V4): 'bd577cd1' Tue Oct 26 12:33:17 2010 Attempting to establish TCP connection with 67.228.223.12:3389 Tue Oct 26 12:33:20 2010 TCP/UDP: Closing socket Tue Oct 26 12:33:20 2010 SIGTERM[hard,init_instance] received, process exiting Guys I am extremely sorry for not presenting my error Log properly, please forgive me and give me your valuable advice. I am using windows 7 and I am using openvpn mainly to bypass censorship at UAE. I am using only client config file. Ca.crt file is in config folder Thanks and regards Nitin My error Log with Config1 file Tue Oct 26 21:24:34 2010 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006 Tue Oct 26 21:24:46 2010 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue Oct 26 21:24:46 2010 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file Tue Oct 26 21:24:46 2010 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Oct 26 21:24:46 2010 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Oct 26 21:24:46 2010 LZO compression initialized Tue Oct 26 21:24:46 2010 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ] Tue Oct 26 21:24:46 2010 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Tue Oct 26 21:24:46 2010 Local Options hash (VER=V4): 'ee93268d' Tue Oct 26 21:24:46 2010 Expected Remote Options hash (VER=V4): 'bd577cd1' Tue Oct 26 21:24:46 2010 Attempting to establish TCP connection with 67.228.223.12:3389 Tue Oct 26 21:24:47 2010 TCP connection established with 67.228.223.12:3389 Tue Oct 26 21:24:47 2010 TCPv4_CLIENT link local: [undef] Tue Oct 26 21:24:47 2010 TCPv4_CLIENT link remote: 67.228.223.12:3389 Tue Oct 26 21:24:47 2010 TLS: Initial packet from 67.228.223.12:3389, sid=4244e662 e5a0572a Tue Oct 26 21:24:47 2010 TLS Error: cannot locate HMAC in incoming packet from 67.228.223.12:3389 Tue Oct 26 21:24:47 2010 Fatal TLS error (check_tls_errors_co), restarting Tue Oct 26 21:24:47 2010 TCP/UDP: Closing socket Tue Oct 26 21:24:47 2010 SIGUSR1[soft,tls-error] received, process restarting client config file: client dev tun proto tcp remote openvpn1.flashvpn.com 3389 float resolv-retry infinite nobind persist-key persist-tun ca ca.crt ns-cert-type server tls-auth ta.key 1 comp-lzo verb 3 mute 20 auth-user-pass route-method exe route-delay 2

    Read the article

  • TLS: hostname does not match CN in peer certificate

    - by borjamf
    im trying to connect LDAP over StartTLS but Im stuck with an issue. I've followed step by step this guide https://help.ubuntu.com/12.04/serverguide/openldap-server.html#openldap-tls and LDAP it's working OK as well as "ldapsearch -xZZ -h 172.25.80.144" on my Ubuntu Sever 12.04 However, in my Ubuntu Desktop 11.04 Client I get this error: ldapsearch -x -H 172.25.80.144 -ZZ ldap_start_tls: Connect error (-11) additional info: **TLS: hostname does not match CN in peer certificate** Server /etc/ldap/ldap.conf BASE dc=prueba,dc=borja URI ldap://prueba.borja SIZELIMIT 12 TIMELIMIT 15 DEREF never TLS_CACERT /etc/ssl/certs/ca-certificates.crt Client /etc/ldap.conf ssl start_tls tls_checkpeer no /etc/ldap/ldap.conf BASE dc=prueba,dc=borja URI ldap://prueba.borja SIZELIMIT 12 TIMELIMIT 15 DEREF never TLS_REQCERT allow Anybody could tell me how to fix this? I think that the hostname its ok. Thanks!

    Read the article

  • OpenLDAP mirror mode replication failing with TLS behind a load balancer

    - by Lynn Owens
    I have two OpenLDAP servers that are both running TLS. They are: ldap1.mydomain.com ldap2.mydomain.com I also have a load balancer cluster with a dns name of it's own: ldap.mydomain.com The SSL certificate has a CN of ldap.mydomain.com, with SANs of ldap1.mydomain.com and ldap2.mydomain.com. Everything works... Except mirror mode replication. My mirror mode replication is setup like this: ldap.conf TLS_REQCERT allow cn=config.ldif olcServerID: 1 ldap://ldap1.mydomain.com olcServerID: 2 ldap://ldap2.mydomain.com On ldap1, olcDatabase{1}hdb.ldif olcMirrorMode: TRUE olcSyncrepl: {0}rid=001 provider=ldap://ldap2.mydomain.com bindmethod=simple bindmethod=simple binddn="cn=me,dc=mydomain,dc=com" credentials="REDACTED" starttls=yes searchbase="dc=mydomain,dc=com" schemachecking=on type=refreshAndPersist retry="60 +" On ldap2, olcDatabase{1}hdb.ldif olcMirrorMode: TRUE olcSyncrepl: {0}rid=001 provider=ldap://ldap1.mydomain.com bindmethod=simple bindmethod=simple binddn="cn=me,dc=mydomain,dc=com" credentials="REDACTED" starttls=yes searchbase="dc=mydomain,dc=com" schemachecking=on type=refreshAndPersist retry="60 +" Here's the errors I'm getting in syslog: Dec 1 21:05:01 ldap1 slapd[6800]: slap_client_connect: URI=ldap://ldap2.mydomain.com DN="cn=me,dc=mydomain,dc=com" ldap_sasl_bind_s failed (-1) Dec 1 21:05:01 ldap1 slapd[6800]: do_syncrepl: rid=001 rc -1 retrying Dec 1 21:05:08 ldap1 slapd[6800]: conn=1111 fd=20 ACCEPT from IP=ldap.mydomain.com:2295 (IP=ldap1.mydomain.com:636) Dec 1 21:05:08 ldap1 slapd[6800]: conn=1111 fd=20 closed (TLS negotiation failure) Any ideas? I've been working on OpenLdap for way too long now.

    Read the article

  • Server suddenly running out of entropy

    - by Creshal
    Since a reboot yesterday, one of our virtual servers (Debian Lenny, virtualized with Xen) is constantly running out of entropy, leading to timeouts etc. when trying to connect over SSH / TLS-enabled protocols. Is there any way to check which process(es) is(/are) eating up all the entropy? Edit: What I tried: Adding additional entropy sources: time_entropyd, rng-tools feeding urandom back into random, pseudorandom file accesses – netted about 1 MiB additional entropy per second, problems still persisted Checking for unusual activity via lsof, netstat and tcpdump – nothing. No noticeable load or anything Stopping daemons, restarting permanent sessions, rebooting the entire VM – no change in behaviour What in the end worked: Waiting. Since about yesterday noon, there are no connection problems anymore. Entropy is still somewhat low (128 Bytes peak), but TLS/SSH sessions have no noticeable delay anymore. I'm slowly switching our clients back to TLS (all five of them!), but I don't expect any change in behavior now.

    Read the article

  • Authenticate Teamcity against LDAP using TLS

    - by aseq
    I am running a 6.5 version of Teamcity on a Debian Squeeze server and I use OpenLDAP to authenticate users. I know I can use SSL to be able to use encrypted password authentication, however this has been deprecated by the OpenLDAP developers, see: http://www.openldap.org/faq/data/cache/605.html I would like to know if there is a way to configure LDAP authentication in Teamcity to use TLS on port 389. I can't find anything about it here: http://confluence.jetbrains.net/display/TCD65/LDAP+Integration Or here: http://therightstuff.de/2009/02/02/How-To-Set-Up-Secure-LDAP-Authentication-With-TeamCity.aspx

    Read the article

  • Is it possible to run dhcpd3 as non-root user in a chroot jail?

    - by Lenain
    Hi everyone. I would like to run dhcpd3 from a chroot jail on Debian Lenny. At the moment, I can run it as root from my jail. Now I want to do this as non-root user (as "-u blah -t /path/to/jail" Bind option). If I start my process like this : start-stop-daemon --chroot /home/jails/dhcp --chuid dhcp \ --start --pidfile /home/jails/dhcp/var/run/dhcp.pid --exec /usr/sbin/dhcpd3 I get stuck with these errors : Internet Systems Consortium DHCP Server V3.1.1 Copyright 2004-2008 Internet Systems Consortium. All rights reserved. For info, please visit http://www.isc.org/sw/dhcp/ unable to create icmp socket: Operation not permitted Wrote 0 deleted host decls to leases file. Wrote 0 new dynamic host decls to leases file. Wrote 0 leases to leases file. Open a socket for LPF: Operation not permitted strace : brk(0) = 0x911b000 fcntl64(0, F_GETFD) = 0 fcntl64(1, F_GETFD) = 0 fcntl64(2, F_GETFD) = 0 access("/etc/suid-debug", F_OK) = -1 ENOENT (No such file or directory) access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb775d000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/tls/i686/cmov/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/tls/i686/cmov", 0xbfc2ac84) = -1 ENOENT (No such file or directory) open("/lib/tls/i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/tls/i686", 0xbfc2ac84) = -1 ENOENT (No such file or directory) open("/lib/tls/cmov/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/tls/cmov", 0xbfc2ac84) = -1 ENOENT (No such file or directory) open("/lib/tls/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/tls", 0xbfc2ac84) = -1 ENOENT (No such file or directory) open("/lib/i686/cmov/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i686/cmov", 0xbfc2ac84) = -1 ENOENT (No such file or directory) open("/lib/i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i686", 0xbfc2ac84) = -1 ENOENT (No such file or directory) open("/lib/cmov/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/cmov", 0xbfc2ac84) = -1 ENOENT (No such file or directory) open("/lib/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260e\1\0004\0\0\0t"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1294572, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb775c000 mmap2(NULL, 1300080, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb761e000 mmap2(0xb7756000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x138) = 0xb7756000 mmap2(0xb7759000, 9840, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7759000 close(3) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb761d000 set_thread_area({entry_number:-1 - 6, base_addr:0xb761d6b0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 mprotect(0xb7756000, 4096, PROT_READ) = 0 open("/dev/null", O_RDWR) = 3 close(3) = 0 brk(0) = 0x911b000 brk(0x913c000) = 0x913c000 socket(PF_FILE, SOCK_DGRAM, 0) = 3 fcntl64(3, F_SETFD, FD_CLOEXEC) = 0 connect(3, {sa_family=AF_FILE, path="/dev/log"...}, 110) = 0 time(NULL) = 1284760816 open("/etc/localtime", O_RDONLY) = 4 fstat64(4, {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 fstat64(4, {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb761c000 read(4, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\f\0\0\0\f\0\0\0\0\0"..., 4096) = 2945 _llseek(4, -28, [2917], SEEK_CUR) = 0 read(4, "\nCET-1CEST,M3.5.0,M10.5.0/3\n"..., 4096) = 28 close(4) = 0 munmap(0xb761c000, 4096) = 0 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: Intern"..., 73, MSG_NOSIGNAL) = 73 write(2, "Internet Systems Consortium DHCP "..., 46Internet Systems Consortium DHCP Server V3.1.1) = 46 write(2, "\n"..., 1 ) = 1 time(NULL) = 1284760816 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: Copyri"..., 75, MSG_NOSIGNAL) = 75 write(2, "Copyright 2004-2008 Internet Syst"..., 48Copyright 2004-2008 Internet Systems Consortium.) = 48 write(2, "\n"..., 1 ) = 1 time(NULL) = 1284760816 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: All ri"..., 47, MSG_NOSIGNAL) = 47 write(2, "All rights reserved."..., 20All rights reserved.) = 20 write(2, "\n"..., 1 ) = 1 time(NULL) = 1284760816 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: For in"..., 77, MSG_NOSIGNAL) = 77 write(2, "For info, please visit http://www"..., 50For info, please visit http://www.isc.org/sw/dhcp/) = 50 write(2, "\n"..., 1 ) = 1 socket(PF_FILE, SOCK_STREAM, 0) = 4 fcntl64(4, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"...}, 110) = -1 ENOENT (No such file or directory) close(4) = 0 socket(PF_FILE, SOCK_STREAM, 0) = 4 fcntl64(4, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"...}, 110) = -1 ENOENT (No such file or directory) close(4) = 0 open("/etc/nsswitch.conf", O_RDONLY) = 4 fstat64(4, {st_mode=S_IFREG|0644, st_size=475, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb761c000 read(4, "# /etc/nsswitch.conf\n#\n# Example "..., 4096) = 475 read(4, ""..., 4096) = 0 close(4) = 0 munmap(0xb761c000, 4096) = 0 open("/lib/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/tls/i686/cmov/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/tls/i686/cmov", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/tls/i686/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/tls/i686", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/tls/cmov/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/tls/cmov", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/tls/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/tls", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/i686/cmov/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i686/cmov", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/i686/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i686", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/cmov/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/cmov", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/lib/i486-linux-gnu/tls/i686/cmov/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i486-linux-gnu/tls/i686/cmov", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/lib/i486-linux-gnu/tls/i686/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i486-linux-gnu/tls/i686", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/lib/i486-linux-gnu/tls/cmov/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i486-linux-gnu/tls/cmov", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/lib/i486-linux-gnu/tls/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i486-linux-gnu/tls", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/lib/i486-linux-gnu/i686/cmov/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i486-linux-gnu/i686/cmov", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/lib/i486-linux-gnu/i686/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i486-linux-gnu/i686", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/lib/i486-linux-gnu/cmov/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i486-linux-gnu/cmov", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/lib/i486-linux-gnu/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i486-linux-gnu", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/i486-linux-gnu/tls/i686/cmov/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i486-linux-gnu/tls/i686/cmov", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/i486-linux-gnu/tls/i686/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i486-linux-gnu/tls/i686", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/i486-linux-gnu/tls/cmov/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i486-linux-gnu/tls/cmov", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/i486-linux-gnu/tls/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i486-linux-gnu/tls", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/i486-linux-gnu/i686/cmov/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i486-linux-gnu/i686/cmov", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/i486-linux-gnu/i686/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i486-linux-gnu/i686", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/i486-linux-gnu/cmov/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i486-linux-gnu/cmov", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/usr/lib/i486-linux-gnu/libnss_db.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i486-linux-gnu", 0xbfc2ad5c) = -1 ENOENT (No such file or directory) open("/lib/libnss_files.so.2", O_RDONLY) = 4 read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\30\0\0004\0\0\0\250"..., 512) = 512 fstat64(4, {st_mode=S_IFREG|0644, st_size=38408, ...}) = 0 mmap2(NULL, 41624, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0xb7612000 mmap2(0xb761b000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x8) = 0xb761b000 close(4) = 0 open("/etc/services", O_RDONLY|O_CLOEXEC) = 4 fcntl64(4, F_GETFD) = 0x1 (flags FD_CLOEXEC) fstat64(4, {st_mode=S_IFREG|0644, st_size=18480, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7611000 read(4, "# Network services, Internet styl"..., 4096) = 4096 read(4, "9/tcp\t\t\t\t# Quick Mail Transfer Pr"..., 4096) = 4096 read(4, "note\t1352/tcp\tlotusnotes\t# Lotus "..., 4096) = 4096 read(4, "tion\nafs3-kaserver\t7004/udp\nafs3-"..., 4096) = 4096 read(4, "backup\t2989/tcp\t\t\t# Afmbackup sys"..., 4096) = 2096 read(4, ""..., 4096) = 0 close(4) = 0 munmap(0xb7611000, 4096) = 0 time(NULL) = 1284760816 open("/etc/protocols", O_RDONLY|O_CLOEXEC) = 4 fstat64(4, {st_mode=S_IFREG|0644, st_size=2626, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7611000 read(4, "# Internet (IP) protocols\n#\n# Upd"..., 4096) = 2626 close(4) = 0 munmap(0xb7611000, 4096) = 0 socket(PF_INET, SOCK_RAW, IPPROTO_ICMP) = -1 EPERM (Operation not permitted) time(NULL) = 1284760816 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: unable"..., 80, MSG_NOSIGNAL) = 80 write(2, "unable to create icmp socket: Ope"..., 53unable to create icmp socket: Operation not permitted) = 53 write(2, "\n"..., 1 ) = 1 open("/etc/dhcp3/dhcpd.conf", O_RDONLY) = 4 lseek(4, 0, SEEK_END) = 1426 lseek(4, 0, SEEK_SET) = 0 read(4, "#----------------------------\n# G"..., 1426) = 1426 close(4) = 0 mmap2(NULL, 401408, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75b0000 mmap2(NULL, 401408, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb754e000 mmap2(NULL, 401408, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb74ec000 brk(0x916f000) = 0x916f000 close(3) = 0 socket(PF_FILE, SOCK_DGRAM, 0) = 3 fcntl64(3, F_SETFD, FD_CLOEXEC) = 0 connect(3, {sa_family=AF_FILE, path="/dev/log"...}, 110) = 0 time(NULL) = 1284760816 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: Inter"..., 74, MSG_NOSIGNAL) = 74 time(NULL) = 1284760816 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: Copyr"..., 76, MSG_NOSIGNAL) = 76 time(NULL) = 1284760816 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: All r"..., 48, MSG_NOSIGNAL) = 48 time(NULL) = 1284760816 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: For i"..., 78, MSG_NOSIGNAL) = 78 open("/var/lib/dhcp3/dhcpd.leases", O_RDONLY) = 4 lseek(4, 0, SEEK_END) = 126 lseek(4, 0, SEEK_SET) = 0 read(4, "# The format of this file is docu"..., 126) = 126 close(4) = 0 open("/var/lib/dhcp3/dhcpd.leases", O_WRONLY|O_CREAT|O_APPEND, 0666) = 4 fstat64(4, {st_mode=S_IFREG|0644, st_size=126, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb74eb000 fstat64(4, {st_mode=S_IFREG|0644, st_size=126, ...}) = 0 _llseek(4, 126, [126], SEEK_SET) = 0 time(NULL) = 1284760816 time(NULL) = 1284760816 open("/var/lib/dhcp3/dhcpd.leases.1284760816", O_WRONLY|O_CREAT|O_TRUNC, 0664) = 5 fcntl64(5, F_GETFL) = 0x1 (flags O_WRONLY) fstat64(5, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb74ea000 _llseek(5, 0, [0], SEEK_CUR) = 0 close(4) = 0 munmap(0xb74eb000, 4096) = 0 time(NULL) = 1284760816 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: Wrote"..., 70, MSG_NOSIGNAL) = 70 write(2, "Wrote 0 deleted host decls to lea"..., 42Wrote 0 deleted host decls to leases file.) = 42 write(2, "\n"..., 1 ) = 1 time(NULL) = 1284760816 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: Wrote"..., 74, MSG_NOSIGNAL) = 74 write(2, "Wrote 0 new dynamic host decls to"..., 46Wrote 0 new dynamic host decls to leases file.) = 46 write(2, "\n"..., 1 ) = 1 time(NULL) = 1284760816 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: Wrote"..., 58, MSG_NOSIGNAL) = 58 write(2, "Wrote 0 leases to leases file."..., 30Wrote 0 leases to leases file.) = 30 write(2, "\n"..., 1 ) = 1 write(5, "# The format of this file is docu"..., 126) = 126 fsync(5) = 0 unlink("/var/lib/dhcp3/dhcpd.leases~") = 0 link("/var/lib/dhcp3/dhcpd.leases", "/var/lib/dhcp3/dhcpd.leases~") = 0 rename("/var/lib/dhcp3/dhcpd.leases.1284760816", "/var/lib/dhcp3/dhcpd.leases") = 0 socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 4 ioctl(4, SIOCGIFCONF, {0 - 64, NULL}) = 0 ioctl(4, SIOCGIFCONF, {64, {{"lo", {AF_INET, inet_addr("127.0.0.1")}}, {"eth0", {AF_INET, inet_addr("192.168.0.10")}}}}) = 0 ioctl(4, SIOCGIFFLAGS, {ifr_name="lo", ifr_flags=IFF_UP|IFF_LOOPBACK|IFF_RUNNING}) = 0 ioctl(4, SIOCGIFFLAGS, {ifr_name="eth0", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_RUNNING|IFF_MULTICAST}) = 0 ioctl(4, SIOCGIFHWADDR, {ifr_name="eth0", ifr_hwaddr=00:c0:26:87:55:c0}) = 0 socket(PF_PACKET, SOCK_PACKET, 768) = -1 EPERM (Operation not permitted) time(NULL) = 1284760816 stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0 send(3, "Sep 18 00:00:16 dhcpd: Open "..., 74, MSG_NOSIGNAL) = 74 write(2, "Open a socket for LPF: Operation "..., 46Open a socket for LPF: Operation not permitted) = 46 write(2, "\n"..., 1 ) = 1 exit_group(1) = ? I understand that dhcpd wants to create sockets on port 67... but I don't know how to authorize that through the chroot. Any idea?

    Read the article

  • What might cause https failure when not specifying SSL protocol?

    - by user35042
    I have a VBScript program that retrieves a web page from a server not under my control. The URL looks something like https://someserver.xxx/index.html. I use this code to create the object that does the page getting: Set objWinHttp = CreateObject("WinHttp.WinHttpRequest.5.1") When I wrote my program it had no problem retrieving this page. Recently, the web server serving this page went through an upgrade. Now my program can no longer fetch the page. Some clues: Clue 1. I can fetch the web page if I use a browser (I tried Firefox, IE, and Chrome). Clue 2. The VBScript code yields this error: The message received was unexpected or badly formatted. Clue 3. I can fetch the web page from the command line in certain cases but not in others: curl --sslv3 -v -k 'https://someserver.xxx/index.html' # WORKS! curl --sslv2 -v -k 'https://someserver.xxx/index.html' # WORKS! curl -v -k 'https://someserver.xxx/index.html' # FAILS curl --tlsv1 -v -k 'https://someserver.xxx/index.html' # FAILS In the case where I do not specify a protocol I get this error: * SSLv3, TLS handshake, Client hello (1): * error:14077417:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert illegal parameter * Closing connection #0 In the case where I specify --tlsv1 I get this error: * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS alert, Server hello (2): * error:14094417:SSL routines:SSL3_READ_BYTES:sslv3 alert illegal parameter * Closing connection #0 A. Does anyone have any suggestions or ideas on what might be going on at the web server end (I am unable to talk to the admins of the web server to find out what they changed). B. Is there a way I can change my VBScript code to work around this issue? Can the SSL version be forced?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >