Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 29 Dec 2019 17:35:32 +0100
From: Adam Zabrocki <pi3@....com.pl>
To: lkrg-users@...ts.openwall.com
Subject: Re: LIST HASH IS DIFFERENT - nf_nat / nf_conntrack
 Linux version 5.3.0-0

Hi,

On Fri, Dec 27, 2019 at 10:56:18AM +0000, Patrick Schleizer wrote:
> Adam Zabrocki:
> > Can you confirm that you are using LKRG from the bitbucket repo?
> 
> 
> No, I am not using https://bitbucket.org/Adam_pi3/lkrg-main/ git master
> (since I cannot verify the code being malware free / coming from you
> unless gpg verified). I am using https://github.com/Whonix/lkrg which is
> at (gpg verified) git tag 0.7.
> 

Yes, I'm aware about that request and I'll try to research what does it look 
like to make it happend.

> Could that make the difference? Was this fixed/modified meanwhile in git
> master?
> 

Yes. I believe this is the exact commit fixing that issue:

https://bitbucket.org/Adam_pi3/lkrg-main/commits/29867f6ecdd487940454433b6c6b04529412b808

> In future reports, I will try to remember to mention my exact version.
> 

Most of the issues are usually fixed in the official repo which might affect 
specific LKRG release.

> > The easiest way to be able to test JUMP_LABEL is to enable / disable global 
> > kernel tracing, e.g.:
> > 
> > # echo 1 > /sys/kernel/debug/tracing/events/enable
> > # echo 0 > /sys/kernel/debug/tracing/events/enable
> 
> 
> root@...ian-buster-test:~# echo 1 > /sys/kernel/debug/tracing/events/enable
> root@...ian-buster-test:~# cat /sys/kernel/debug/tracing/events/enable
> X
> root@...ian-buster-test:~# echo 0 > /sys/kernel/debug/tracing/events/enable
> root@...ian-buster-test:~# cat /sys/kernel/debug/tracing/events/enable
> 0
> root@...ian-buster-test:~# echo 1 > /sys/kernel/debug/tracing/events/enable
> root@...ian-buster-test:~# cat /sys/kernel/debug/tracing/events/enable
> X
> 
> Not sure this is what was expected from me. If not, please kindly clarify.
> 

If you enable LKRG log_level >= 3 and run the following commands, you should be 
able to see in the kernel logs appropiate information generated by LKRG (LKRG's 
DB hash updates if everything works OK).

Thanks,
Adam


> Cheers,
> Patrick

-- 
pi3 (pi3ki31ny) - pi3 (at) itsec pl
http://pi3.com.pl

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.