Sean Knox wrote:
tcpdump logs and pf.conf snipped
The only people who can help is your ISP. Talk to them and hopefully
they can trace the attack upstream.
I once added this to pf.conf to mitigate a DDoS. It appeared to have
worked, but it may have been a placebo effect ;)
set optimization
thank you Matt and jeff ,you are right.
now
# tcpdump tcp port www #
14:15:07.899030 167.189.45.0.15724 XXX.XXX.X.XXX.www: S
1731350873:1731350873(0) win 16384
14:15:07.899132 23.138.127.48.17439 XXX.XXX.X.XXX.www: S
1731350793:1731350793(0)
jeff wrote:
Sean Knox wrote:
tcpdump logs and pf.conf snipped
The only people who can help is your ISP. Talk to them and hopefully
they can trace the attack upstream.
I once added this to pf.conf to mitigate a DDoS. It appeared to have
worked, but it may have been a placebo effect ;)
Define a filter to drop the packets with SYN+FIN flags set.
Mihai
jeff wrote:
Sean Knox wrote:
tcpdump logs and pf.conf snipped
The only people who can help is your ISP. Talk to them and hopefully
they can trace the attack upstream.
I once added this to pf.conf to mitigate a DDoS. It
Disable logging since it takes up a lot of resources and ``set
block-policy drop'' so your machine won't attempt to reply to
bogus requests.
Normally I'm not in favour of these measures. Logging a ddoss for
a while must be done to gather evidence, logging must done at all
other times as well.
It
The scrubbing process will cause PF to drop any incomin packets with illegal
TCP flag
combinations(such as SYN+FIN).It happened before pass and block.
Define a filter to drop the packets with SYN+FIN flags set.
Mihai
jeff wrote:
Sean Knox wrote:
tcpdump logs and pf.conf snipped
The only
Hi,
I was doing some research and google that wasn't very conclusive. Basically
I have a roommate that's taking all of the bandwidth at home and everybody
else in the house is sick of it, so I'd like to limit his bandwidth to like
384k or something around there. My question: Is altq the way to go
On Fri, Jul 29, 2005 at 12:43:35AM -0500, Teren Sapp wrote:
I was doing some research and google that wasn't very conclusive. Basically
I have a roommate that's taking all of the bandwidth at home and everybody
else in the house is sick of it, so I'd like to limit his bandwidth to like
384k or
Hello!
On Thu, Jul 28, 2005 at 07:44:54PM -0400, Nick Holland wrote:
[...]
Thanks for your explanation. They relate to much more current stuff
I guess.
[...]
However, I was able to install a simple bridge box on a 4MB box
through some level of hacking (of course not supported here for
Stephan Tesch [EMAIL PROTECTED] writes:
Am Donnerstag, 28. Juli 2005 23:43 schrieben Sie:
Hi Art,
I was just wondering why amdpm isnt included in GENERIC. Are there any
issues one should be aware of? Or is it just that noone uses it at all?
Why should it be?
You might have
Am Freitag, 29. Juli 2005 10:48 schrieben Sie:
Hi Art,
There is an infinite amount of things you might decide to enable, disable,
do, not do, ignore, examie, etc.
What particular reason do you have to be interested in this driver? What
problem are you trying to solve?
Originally I was
Was trying to upgrade a remote NIC in-flight from a (fixed) 10BASE-T FD
to (fixed) 100BASE-T FD; on a Cisco switch with fixed rates:
# ifconfig xl0 media 100baseTX mediaopt full-duplex
This is what I issued, then nothing more came up on my remote terminal
(ssh). Last resort: Had to drive a few
As stuart has pointed out, upgrading that will not be as easy as it
could with hw raid.
Yes, as long it is compatible with my budge ;)
Is there any reason why a bsd.raidframe (for example) kernel could not
be shipped with the distribution with all the device nodes static etc.
?
Edd
Was trying to upgrade a remote NIC in-flight from a (fixed) 10BASE-T FD
to (fixed) 100BASE-T FD; on a Cisco switch with fixed rates:
# ifconfig xl0 media 100baseTX mediaopt full-duplex
This is what I issued, then nothing more came up on my remote terminal
(ssh). Last resort: Had to drive
Hi,
before I install openbsd on my laptop, I was curious
if there is any method of getting wireless working
with my companies infrastructure. I have the intel
2915a/b/g card, and only Cisco extensions and LEAP
authentication is supported (ughh). Reading the
iwi(4) manpage, I don't think I will
On Fri, Jul 29, 2005 at 05:40:24AM -0700, b h wrote:
Hi,
before I install openbsd on my laptop, I was curious
if there is any method of getting wireless working
with my companies infrastructure. I have the intel
2915a/b/g card, and only Cisco extensions and LEAP
authentication is
On Friday 29 July 2005 07:40 am, b h wrote:
Hi,
before I install openbsd on my laptop, I was curious
if there is any method of getting wireless working
with my companies infrastructure. I have the intel
2915a/b/g card, and only Cisco extensions and LEAP
authentication is supported (ughh).
--- Jonathan Gray [EMAIL PROTECTED] wrote:
On Fri, Jul 29, 2005 at 05:40:24AM -0700, b h wrote:
Hi,
before I install openbsd on my laptop, I was
curious
if there is any method of getting wireless working
with my companies infrastructure. I have the
intel
2915a/b/g card, and only
With DOS, there was something you could do. With DDOS, you will have to
either get a huge pipe and systems to just take it, or move and have
your ISP do something like http://www.secsup.org/Tracking/
Bonjour,
Je suis en congis et je serai de retour le 1er ao{t.
D'ici l`, pour toute question concernant lavoixdunord.fr, icrivez ` [EMAIL
PROTECTED] ou contactez Fabien Lecoutre.
Cordialement.
Natalie Grosskopf
misc 07/29/05 15:45
RyHR8mF**y
8**E,yN5'qn**B*1u$J*p*[EMAIL
That is not a valid security reason. Sorry.
Hogwash. It is when the machine doesn't run OpenBSD. Not all of mine
do. and I don't count on *any* vendor other than OpenBSD doing
anything like W^X on i386. (i.e. solaris, windows, etc.) I do expect
in the next year or two we will see
Greetings,
While running a nessus scan my system clock runs dramatically slower,
such that by the end of the scan it may be behind by an hour or more.
The slowdown seems to coincide with nessus forking out 40+ processes as
it starts to run the tests. I've observed this behavior on multiple
I'm having an issue announcing a NO_EXPORT network to our upstream
and I'd like a way to prove that I am in fact sending the network in
question (if in fact I am). It seems the log updates does not apply
to sent updates, just received.
Any suggestions appreciated.
I utilized the dump
Hi all
Most stupid thing i ever did i did today.
I was setting up a server today.
The customer is using a USB backup drive for all the backing up.
When i reinstalled the server i acidentaly mounted the backup drive. I was
asked if i wanted to use the entire drive for OBSD, and i of course
On Fri, Jul 29, 2005 at 07:32:21PM +0200, Isak Lyberth wrote:
Hi all
Most stupid thing i ever did i did today.
I was setting up a server today.
The customer is using a USB backup drive for all the backing up.
When i reinstalled the server i acidentaly mounted the backup drive. I was
asked
On Fri, Jul 29, 2005 at 07:32:21PM +0200, Isak Lyberth wrote:
Is there a way to regain the partition info that is lost, or am i just fcked?
scan_ffs(8) may be a good start.
Ciao,
Kili
On Fri, Jul 29, 2005 at 02:22:08PM -0400, Nick Holland wrote:
If you recreate the partition and disklabel EXACTLY as it was before the
event, you will be in fine shape.
My experience with shredded mbrs and disklabels is that murphy's
law will apply whenever you think you've restored the disk
Cost Effective Direct E-Mail Advertising
Promote your Business Locally, Nationally, or Internationally
We Can Send Your Ad Or Website out to MILLIONS Of Our OPT-IN List Of
Clients.
Click Here and send us your contact information and best time to reach
you.
Most other traffic services send
On Fri, Jul 29, 2005 at 01:23:27PM -0400, G Douglas Davidson wrote:
I'm having an issue announcing a NO_EXPORT network to our upstream
and I'd like a way to prove that I am in fact sending the network in
question (if in fact I am). It seems the log updates does not apply
to sent updates,
I've been off and on fighting a problem with the carp0 incorrect hash
error message on 2 mahcines I'm trying to set up. I replaced the network
cards in question, check cables, swithces aet all. Verified passwords etc.
Today finally I noticed that wehn I booted a signle one of the 2 new
machines,
On Fri, 29 Jul 2005, Isak Lyberth wrote:
Hi all
Most stupid thing i ever did i did today.
I was setting up a server today.
The customer is using a USB backup drive for all the backing up.
When i reinstalled the server i acidentaly mounted the backup drive. I was
asked if i wanted to use the
On Fri, 29 Jul 2005, stan wrote:
Now, I suspect that might be because I have an existing pair of 3.5
machines doing carp, which are my firwall. Can I not have 2 different
carp0's on one netwokr, if they have different virtyal, and real addresses?
Just make sure you use different vhid's on the
Dear Misc,
Just got an Epson MFC-6800 laser printer.
So I install cups for the first time, google for a compatible driver. I can
print using lp. Abiword prints. Gnumeric prints. Firefox now just exits as
soon as I choose Print from the file menu (before I could print to file at
least).
Hello,
I was just given a new PC, which I intend to turn it into our
firewall. The motherboard is an Intel D915GAG, which sports a Marvell
Yukon 88E8050 PCI Express Gigabit Ethernet controller. After
installation of 3.7 RELEASE, I think this Ethernet controller is not
being correctly detected.
Start firefox from an xterm and then reproduce the crash and read
the message in the xterm.
# Han
I must be crazy because it's working now.
I'll keep starting it from an xterm so if it happens, I catch the error.
thanks,
CP
On or about Fri, 29 Jul 2005 23:50:29 +0200
Han Boetes [EMAIL PROTECTED] wrote:
Start firefox from an xterm and then reproduce the crash and read
the message in the
On Fri, Jul 29, 2005 at 11:16:30PM +0200, Johan Fredin wrote:
On Fri, 29 Jul 2005, stan wrote:
Now, I suspect that might be because I have an existing pair of 3.5
machines doing carp, which are my firwall. Can I not have 2 different
carp0's on one netwokr, if they have different virtyal, and
On Fri, Jul 29, 2005 at 04:51:20PM -0600, Bob Beck wrote:
* stan [EMAIL PROTECTED] [2005-07-29 14:12]:
I've been off and on fighting a problem with the carp0 incorrect hash
error message on 2 mahcines I'm trying to set up. I replaced the network
cards in question, check cables, swithces aet
Kevin wrote:
While Sun is offering some very nice AMD64 (and Sparc64) kit,
Sun just never seems to understand that customers want
embedded hardware RAID controllers on the motherboard.
Kevin Kadow
No need for such thing, it would make things (much) more expensive,
DiskSuite will do.
Ioan
Martin Schrvder wrote:
On 2005-07-28 13:21:06 -0600, Bob Beck wrote:
BTW, my one bitch about the v20z is sun are a bunch of retards
and put all the vents on the top and bottom, so I'm reluctant to rack
them one on top of the other.
The only thing from Sun on the v20z is the
40 matches
Mail list logo
