On Mon, Mar 09, 2009 at 04:50:51PM +0100, Felipe Alfaro Solana wrote:
ARP is insecure by default. If you care, move to IPv6 and use IPSec/SeND.
SeND will not be coming to OpenBSD any time soon.
http://www.ietf.org/rfc/rfc3971.txt
http://www.ietf.org/rfc/rfc3972.txt
80 pages across two RFCs for
On Mon, Mar 9, 2009 at 7:36 AM, irix i...@ukr.net wrote:
Hello Misc,
In www.openbsd.org wrote Only two remote holes in the default
install, in more than 10 years!, this not true. I using OpenBSD
like customer, not like administrator. And my OpenBSD were attacked,
by simple MiTM
* Felipe Alfaro Solana felipe.alf...@gmail.com [2009-03-09 17:07]:
ARP is insecure by default. If you care, move to IPv6 and use IPSec/SeND.
hah. IPv6 makes arp look like the brightest invention ever.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de
* irix i...@ukr.net [2009-03-09 15:55]:
In www.openbsd.org wrote Only two remote holes in the default
install, in more than 10 years!, this not true. I using OpenBSD
like customer, not like administrator. And my OpenBSD were attacked,
by simple MiTM attack in arp protocol.
Han Boetes h...@mijncomputer.nl writes:
Paul Irofti wrote:
Hello Mr. Troll, thanks for flaming by. Have a good day!
Never attribute to malice that which is adequately explained by
stupidity.
That doesn't seem to be a good idea when you're working with security.
Weren't we talking about
On Tue, Mar 10, 2009 at 10:11:12AM +0100, Artur Grabowski wrote:
Always attribute to malice even that which has been explained by
stupidity. Stupidity is easy to fake.
Surprisingly enough, most often it's not.
I've met more actual stupidity than faked one.
* Artur Grabowski a...@blahonga.org [2009-03-10 10:11:12]:
Han Boetes h...@mijncomputer.nl writes:
Paul Irofti wrote:
Hello Mr. Troll, thanks for flaming by. Have a good day!
Never attribute to malice that which is adequately explained by
stupidity.
That doesn't seem to be a good
Hello Misc,
In www.openbsd.org wrote Only two remote holes in the default
install, in more than 10 years!, this not true. I using OpenBSD
like customer, not like administrator. And my OpenBSD were attacked,
by simple MiTM attack in arp protocol. How then can we talk about the
because it is.
On Mon, Mar 09, 2009 at 04:36:47PM +0200, irix wrote:
Hello Misc,
In www.openbsd.org wrote Only two remote holes in the default
install, in more than 10 years!, this not true. I using OpenBSD
like customer, not like administrator. And my OpenBSD were attacked,
On Mon, Mar 09, 2009 at 04:36:47PM +0200, irix wrote:
Hello Misc,
In www.openbsd.org wrote Only two remote holes in the default
install, in more than 10 years!, this not true. I using OpenBSD
like customer, not like administrator. And my OpenBSD were attacked,
by simple
How do you define remote holes? Which remotely accessible services were
compromised by this?
Hey, somone hijacked facebook and I entered my password and submitted
it to them AND OPENBSD DID NOT SAVE ME OMG!!! OpenBSD is so
insecure.
There may or may not be a reason for applying sth
On Mon, Mar 9, 2009 at 10:36 AM, irix i...@ukr.net wrote:
When this is introduced in OpenBSD, so you can say with confidence
that the system really Secure by default ?
Then shouldn't you be using freebsd, and go bug them?
--
http://www.glumbert.com/media/shift
On Mon, Mar 9, 2009 at 3:36 PM, irix i...@ukr.net wrote:
Hello Misc,
In www.openbsd.org wrote Only two remote holes in the default
install, in more than 10 years!, this not true. I using OpenBSD
like customer, not like administrator. And my OpenBSD were attacked,
by simple
On Mon, Mar 9, 2009 at 2:56 PM, Marco Peereboom sl...@peereboom.us wrote:
because it is.
And therein lies some of the problem with the OpenBSD community. Don't
get me wrong, I like OpenBSD, I use it, and have donated to the
project. But here we have a user that has security concerns, and
rather
If FreeBSD solve your problem, use it.
On Mon, Mar 9, 2009 at 12:10 PM, bofh goodb...@gmail.com wrote:
On Mon, Mar 9, 2009 at 10:36 AM, irix i...@ukr.net wrote:
When this is introduced in OpenBSD, so you can say with confidence
that the system really Secure by default ?
Then shouldn't
On Mon, Mar 9, 2009 at 3:36 PM, irix i...@ukr.net wrote:
In www.openbsd.org wrote Only two remote holes in the default
install, in more than 10 years!, this not true. I using OpenBSD
like customer, not like administrator.
So it wasn't default install anymore, was it ?
And my
- Tethys wrote:
On Mon, Mar 9, 2009 at 2:56 PM, Marco Peereboom sl...@peereboom.us wrote:
because it is.
And therein lies some of the problem with the OpenBSD community. Don't
get me wrong, I like OpenBSD, I use it, and have donated to the
project. But here we have a user that has
On Mon, Mar 09, 2009 at 03:48:05PM +, - Tethys wrote:
On Mon, Mar 9, 2009 at 2:56 PM, Marco Peereboom sl...@peereboom.us wrote:
because it is.
And therein lies some of the problem with the OpenBSD community. Don't
get me wrong, I like OpenBSD, I use it, and have donated to the
project.
If this issue matters to you and you want the OS to fix it you are doing
it wrong. ARP has some inherent qualities that are questionable. You
can hack ARP all up but it won't ever fix it so instead one needs to
embrace the issues and fix them where it makes sense.
This is not about an issue
At 04:50 PM 3/9/2009 +0100, Felipe Alfaro Solana wrote:
On Mon, Mar 9, 2009 at 3:36 PM, irix i...@ukr.net wrote:
Hello Misc,
In www.openbsd.org wrote Only two remote holes in the default
install, in more than 10 years!, this not true. I using OpenBSD
like customer, not like
On Mon, Mar 9, 2009 at 11:48 AM, - Tethys tet...@gmail.com wrote:
And therein lies some of the problem with the OpenBSD community. Don't
get me wrong, I like OpenBSD, I use it, and have donated to the
Depends on whether it is a valid concern. I believe it was pointed
out in the other thread
Paul Irofti wrote:
Hello Mr. Troll, thanks for flaming by. Have a good day!
Never attribute to malice that which is adequately explained by
stupidity.
# Han
On 2009-03-09, Felipe Alfaro Solana felipe.alf...@gmail.com wrote:
On Mon, Mar 9, 2009 at 3:36 PM, irix i...@ukr.net wrote:
Hello Misc,
In www.openbsd.org wrote Only two remote holes in the default
install, in more than 10 years!, this not true. I using OpenBSD
like customer,
2009/3/9 bofh goodb...@gmail.com:
On Mon, Mar 9, 2009 at 11:48 AM, - Tethys tet...@gmail.com wrote:
Maybe it's a troll. Maybe not. Can we afford to be turning away
potential users on the off chance?
OpenBSD exists solely for the developers
That's a silly thing to say.
--
jm
On Mar 09 15:48:05, - Tethys wrote:
Maybe it's a troll. Maybe not.
Take a wild guess.
Can we afford to be turning away
potential users on the off chance?
Assuming that we means the dev team, of which
neither you or me are members, then yes, we can.
--
The greatest shortcoming of the
On Mon, Mar 9, 2009 at 11:48 AM, - Tethys tet...@gmail.com wrote:
On Mon, Mar 9, 2009 at 2:56 PM, Marco Peereboom sl...@peereboom.us wrote:
because it is.
And therein lies some of the problem with the OpenBSD community. Don't
get me wrong, I like OpenBSD, I use it, and have donated to the
On 9 March 2009 P3. 21:29:47 Juan Miscaro wrote:
2009/3/9 bofh goodb...@gmail.com:
On Mon, Mar 9, 2009 at 11:48 AM, - Tethys tet...@gmail.com wrote:
Maybe it's a troll. Maybe not. Can we afford to be turning away
potential users on the off chance?
OpenBSD exists solely for the
L. V. Lammert wrote:
PMFJI, but isn't the issue simpler than that? If he has a MiTM attack via
arp, doesn't that mean the attacker has access to the local subnet?
Remote access to a machine on that subnet would do. It does not have to be
physical. Probably a compromised Windows box that
28 matches
Mail list logo