Re: Sun E220R, cdrom problem
On Sun, 12 Feb 2006 16:03:12 +1300, Joshua Sandbrook <[EMAIL PROTECTED]> wrote: >Hello.. > >Im trying to install openbsd onto an E220R. It has a toshiba DVD drive in it, >and when I type boot cdrom, it just hangs.. the drive light does not blink or >anything. > >probe-scsi shows the cdrom drive, and devalias for cdrom points to the right >device, slice f. > >Any ideas on what to try next? > >Thanks, > Josh. Sun hardware, particularly older sun hardware, can be *VERY* picky about CDROM drives. In general, the drive *must* support 512byte sectors. On well made drives, 512byte sectors is the default or there is a jumper setting to make it use 512byte sectors. This might be the problem you're facing. kind regards, JCR
Re: MIPS CPU
On Sat, Feb 11, 2006 at 01:00:30PM +0200, Edgars wrote: > I just want to know, is that MIPS cpu supported by openbsd, didn't find info > on hw pages. > http://www.routerboard.com/rb500.html nope. and since it's mips32 i doubt it will be supported. > > ** > Scanned by MailScan Anti-Virus and Content Security Software. > Visit http://www.mwti.net for more info on eScan and MailScan. > ** -- Alexander Yurchenko
Re: higher resolution on tty
On Sun, 12 Feb 2006 02:51:17 +0100, Moritz Lutz <[EMAIL PROTECTED]>
wrote:
>Hi list,
>
>i want to set up my screen resolution on tty to 1024x768 and smaller
>fonts,
>because i only work on tty on this maschine and this big fonts are a
>very
>bad on a 10,4" display. So is there a way to get this work. Because
>i don't find anything in the FAQ and with google.
>
>mfg
>
>eSpo
As Constintine pointed out there is a FAQ entry dealing with how to
change the character resolution on terminal displays. Unfortunately, not
all hardware supports switching character resolution.
More importantly, you need to realize that monitors have more than one
mode. Though there are some rare "specialty" monitors out there,
usually, a monitor only two modes; (1) character mode and (2) graphics
mode. From there, these two modes are further divided into sub-modes,
such as graphics resolution ("1024x768") and character resolution
(80x40).
Equally important, you need to realize that not all video output
hardware (i.e. commonly called "video cards" "graphics cards" or "frame
buffers") supports all the possible monitor modes and sub-modes.
When you say "1024x768" you are talking about a graphics mode measured
in dots per inch.
Terminals (tty) are almost always character mode, where "80x40" measures
the number of character column and character rows.
In other words, you are talking about two entirely different things.
In most situations, the only thing you can do to the character mode
output of tty is change the character resolution and Constintine pointed
out the relevant FAQ entry.
The most commonly used way to venture into the world of graphics mode is
to run an X server and xterm's.
I hope this makes things clear.
kind regards,
JCR
Re: OpenBSD USB question
On Sat, Feb 11, 2006 at 08:07:30PM +0200, Danny wrote: > > I would like to know if OpenBSD will be able to recognise and access > the SanDisk ImageMateR 12-in-1 Reader/Writer SDDR-89. > > More info on this piece of hardware can be found here: > http://www.sandisk.com/Products/Item(1145)-SDDR-89-SanDisk_ImageMate_12i > n1_ReaderWriter.aspx i have that one. actually shows up as a '14-in-1', iirc. on the PC i tried it on, which is abit KW7 motherboard, it worked. i used the compact flash socket for soekris stuff and the little "SD" socket to copy pictures out of the digicam's memory card -- jared [ openbsd 3.9-beta GENERIC ( jan 30 ) // i386 ]
Re: BSD on x86 and virus
On Sat, 11 Feb 2006 17:35:58 -0500, Daniel Ouellet <[EMAIL PROTECTED]> wrote: >J.C. Roberts wrote: >> As others have pointed out, you simply misunderstood the article and >> then posted to the list what many people would consider an inflammatory >> question. This is not the first time where your reading skills have >> failed to comprehend the meaning of an article and you posted such >> questions to the list. Don't feel bad about it because you're not the >> only one. Heck, Dave Feustel is constantly misreading security stuff and >> posting questions to the list -and he's an American. ;-) > >Outch!!! > >Been put in the same boat... (;> > >I have some problem at times to understand some stuff too, but this one >really hurts. Personally I would prefer be called a moron and I have >been called so at times too. But it was easier to receive. (;> > As I said, you should not feel bad about it. Absolutely *everyone* is in the same situation facing these communication problems. As difficult as it may be to imagine, even those who have English as their first language (langue maternelle) regularly fail to completely understand the English words they read. I have tremendous respect for you and Siju and everyone who tries to learn multiple languages so they can communicate with other people from other cultures. It is a very difficult task. Even when you misunderstand something, you should still be proud of the fact you actually tried to understand it. Regardless of your results, the *effort* you put into comprehending deserves respect. The things I pointed out to Siju are simply tools to help him get better results from his efforts. You can consider them leverage since they allow you to understand more with less effort or you can think of them like wearing the glasses that bring the things you read into better focus. kind regards, jcr
Re: syslogd question
On Fri, Feb 10, 2006 at 05:51:41PM -0500, Mitch Parker wrote: > > I'm going to second this, even though I don't work at an ISP (however, I do > work with large amounts of syslog data). > > If you want to keep things organized, it's better to keep the syslog files > organized by service. i would cast my vote in the camp of it's better to keep the logfiles organized however you find you really need to, or rather, in a way that involves you writing the least amount of scripts or infrastructure to find the information from those logfiles that you're going to end up referencing from them most commonly. for the OP's question of having each machine log to a seperate file, without changing the facility/level on the remote machines, i believe that the stock openbsd syslogd does not provide a method for seperating the output logfiles based on incoming host. syslog-ng is in ports, and it is a pretty recent version, and would provide the ability to write a file based on the incoming hostname ( it has a couple built-in macros ). i'm not going to advocate syslog-ng any further than saying that if you find that you still choose to have individual log files per-host, it can do it. on the downside, you may have mixed feelings about running a core service from ports. -- jared [ openbsd 3.9-beta GENERIC ( jan 30 ) // i386 ]
Re: bash: delete key sends ~ instead of [del]
On Sat, Feb 11, 2006 at 05:17:29PM -0500, Nick Guenther wrote: > Yeah, it does that. I don't know why, I assume historical reasons, and > I would like to learn from someone here who does know. Use backspace > instead. > > On 2/11/06, Martin Schrvder <[EMAIL PROTECTED]> wrote: > > Hi, > > on my freshly installed 3.7 in bash the delete key sends an ~ > > instead of [del]. How can I fix this? it *is* sending del. rather, the characters sent when you strike the delete key are recognized by the shell and the shell executes the editing command "delete-char-backward". problem is it also sends a tilde after the sequence that the shell recognizes. ^[[3~ is what i get here if i just go to a normal console terminal and hit delete. that is one character more than my shell is listening for. i believe, at least with respect to ksh, bound keys are editing commands that are executed when the shell sees a a control character, which may be have a prefix-character in front of it, come across. the ksh manpage (/ for bind) describes it better than i do, but basically, look at it like this: ^[[3~ is three parts. ^[[, 3, and ~. ^[[ == ^X, 3 == 3, ~ == ~. when the shell sees that, it recognizes "^[[" as 'prefix-2', or ^X. ^X3 is (i think?) set to 'delete-char-backward'. at that point, the shell does that. the ~ was not part of the sequence of keys the shell recognized because it is too many chars. you get a "prefix" and a "control char", not a prefix and two control chars. if you type: blah and hit 'delete', usually you'll end up with bla~ because it did the delete-char-backward, which killed the 'h', but then the '~' showed up after any shell-recognition was done and so it made it out to the terminal as a normal character. a hackish way around that is to use '-m' and make it so that the shell substitutes "^[[3" with a control-X. eg: $ bind -m '^[[3'='^X' ( where '^X' isn't "-<6>, -", but rather: "-, -". ) and then $ bind '^X~'=delete-char-backward which makes it to that when the shell sees '^[[3', it substitutes that for a real ^X. if i'm hitting , the ~ is also sent by my keypress, but at that point, the sequence has become '^X~', which then executes 'delete-char-backward'. perhaps bash is the same... -- jared [ openbsd 3.9-beta GENERIC ( jan 30 ) // i386 ]
Re: OpenBSD USB question
I'm no security expert, but from that standpoint, just having the cards match the provided information doesn't sound very secure. An attacker could modify an existing card or simply present their own (compatible) card. Additionally, any information on a card would be compromised if one were ever lost. Two-factor authentication would be preferable - google it if you aren't familiar. There are a number of commercial vendors that have hardware token solutions, both static and dynamic, that you can use for inspiration. With the ease that SD can be rewritten, a semi-dynamic solution would be quite doable, such as validating a random field that is updated with every entry/exit. --david On 2/11/06, Danny <[EMAIL PROTECTED]> wrote: > Thank you for responding, > > Obviously I cannot say too much about the project though, but what I can > say is this: > (I know it sounds a bit like a "sci-fi" movie :-) ) > > Only a few employees would be required to use this authentication > method, (the ones > working on the sensitive information). And only these employees would go > through the > "secure room" everytime they pitch up for work. > > I know that the last-modified date can be tampered with, so instead of > using human readable > files, I would do something like in MySQL (when you want to "encrypt" > passwords, you use > any word (refered to as "salt"), to "encrypt" a password. And everytime > you want to access > that particular "encrypted" file, you must supply the "salted" word > otherwise you can forget > about decrypting it. Or else I would just use one of the available > encryption methods. > > Anyway, the idea also is to not allow an employee to be in possession of > the same > SD card for longer than 2 days. And it will be required of them to > change their access > details at least twice a week. > > I just needed to know if OpenBSD would be able to detect the reader, and > read and write to > the SD card. I have convinced my employer to use OpenBSD, and so far > everything is geared > towards OpenBSD. So if you guys tell me that OpenBSD will not be able to > detect the USB reader > and read/write to the SD cards, then I might be in a bit of trouble. > > Linux (in all it's forms) is totally out of the question. FreeBSD was > also an option, but I went > for OpenBSD because of it's "obscurity" and security. > > I didn't choose USB, USB chose me. Nowadays almost nothing has a > parallel port or serial port > connected to it, not even mentioning PS/2. The other day I read that > even sound cards are going > the USB way (strange but true). > > Any way > > Please continue posting your help and suggestions. > > (If there is any other way I can do this "authentication", I would be > too glad to hear about it) > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > Of Nick Guenther > Sent: Saturday, February 11, 2006 10:41 PM > To: misc@openbsd.org > Subject: Re: OpenBSD USB question > > > On 2/11/06, Danny <[EMAIL PROTECTED]> wrote: > > Good Day, > > > > Background: > > > > I am busy with a project whereby all employees will be authenticated > > with their own SD cards. Read more about the cards here: > > http://www.sandisk.com/Products/Catalog(1039)-SanDisk_SD_Cards.aspx > > > > The user will enter a secure room, insert his/hers SD card into a card > > > reader, type in his/hers username, password and id (and maybe some > > other requested info), and if the information corresponds to the info > > on the SD card, the employee could then enter the building. > > > > Interesting! When you get it finished it would be nice if you post a > full summary here for the record. > > > Also the card will be checked for tampering by means of last access > > date or something along that line. That is why we cannot use normal > > magnetic I.D cards. > > Can't the last access date be modified though? > > > I know the SD cards are small, and people can loose them, but I was > > told to go with SD cards. I think maybe because SD cards can be > > instantly wtite to, and information can be changed quicker than with a > > > magnetic card > > for instance. > > > > I would like to know if OpenBSD will be able to recognise and access > > the SanDisk ImageMateR 12-in-1 Reader/Writer SDDR-89. > > > > More info on this piece of hardware can be found here: > > http://www.sandisk.com/Products/Item(1145)-SDDR-89-SanDisk_ImageMate_1 > > 2i > > n1_ReaderWriter.aspx > > I remember reading that that particular device is supported, but I don't > remember where. Sorry. Anyway, it's easy enough to test: startup the > install media but stop it at the boot> prompt (just bash random > keys) and then key in "boot cd0c:/3.8/i386/bsd" and hit enter (I think, > you will have to tailor the cd0c part to match up with the device you > are booting from, and the path to match up with the kernel you are > booting from). This will bring up the full GENERIC kernel with all the > drivers loaded. Then just plug in one of the r
Sun E220R, cdrom problem
Hello.. Im trying to install openbsd onto an E220R. It has a toshiba DVD drive in it, and when I type boot cdrom, it just hangs.. the drive light does not blink or anything. probe-scsi shows the cdrom drive, and devalias for cdrom points to the right device, slice f. Any ideas on what to try next? Thanks, Josh.
Re: higher resolution on tty
On 12/02/06, Moritz Lutz <[EMAIL PROTECTED]> wrote:
> Hi list,
>
> i want to set up my screen resolution on tty to 1024x768 and smaller
> fonts,
> because i only work on tty on this maschine and this big fonts are a
> very
> bad on a 10,4" display. So is there a way to get this work. Because
> i don't find anything in the FAQ and with google.
>
> mfg
>
> eSpo
Have you seen this: http://www.openbsd.org/faq/faq7.html#80x50>
("How do I use a console resolution of 80x50?")?
Cheers,
Constantine.
higher resolution on tty
Hi list, i want to set up my screen resolution on tty to 1024x768 and smaller fonts, because i only work on tty on this maschine and this big fonts are a very bad on a 10,4" display. So is there a way to get this work. Because i don't find anything in the FAQ and with google. mfg eSpo
Looking Glass for OpenBGP in 3.9?
I read somewhere that there was a 'Looking Glass' implementaion 'in the works' for OpenBSD/OpenBGP 3.9. I was wondering if that was the case? Thanks, Glenn
Re: bash: delete key sends ~ instead of [del]
On Sun, 2006-02-12 at 00:53 +0100, Martin Schrvder wrote: > On 2006-02-11 23:36:11 +, Craig M wrote: > > I just installed bash to test this. > > Then I created /etc/.inputrc with the contents: > > "\e[3~": delete-char > > rebooted, got an xterm up, started bash and the delete key works. > > It produced a tilde, prior to the reboot. > > ~/.inputrc does the trick here, /etc/.inputrc or /etc/inputrc is > useless here. > CORRECTION I just installed bash to test this. Then I created ~/.inputrc with the contents: "\e[3~": delete-char logged out of X, or log out if you are in console mode, and then your del key will work as required. > Thanks! > > I had testet it before, but only with bind -- it didn't work > then. > > Btw: Why reboot? > Yes, sorry about that. I got all excited at actually being able to provide a solution and went about it a little wrong. Reboot was not required, just needed to log out and back in, as far as I can tell. That will teach me to stay calm and not get carried away. ;) > Best > Martin Regards, Craig
Re: bash: delete key sends ~ instead of [del]
On 2006-02-11 23:36:11 +, Craig M wrote: > I just installed bash to test this. > Then I created /etc/.inputrc with the contents: > "\e[3~": delete-char > rebooted, got an xterm up, started bash and the delete key works. > It produced a tilde, prior to the reboot. ~/.inputrc does the trick here, /etc/.inputrc or /etc/inputrc is useless here. Thanks! I had testet it before, but only with bind -- it didn't work then. Btw: Why reboot? Best Martin -- http://www.tm.oneiros.de
Re: X11 exploit info
On Sat, 11 Feb 2006, Dave Feustel wrote: On Saturday 11 February 2006 10:59, Roman Hunt wrote: Dude what is your major f*&^%! malfunction? Years ago this sh!^ would've never been allowed to fly on this list. Sorry. I don't intend to offend or to irritate. Just out of curiosity, how old are you? Also, to which post are you referring? Maybe you think that posting all this ridiculous shit is funny but it's really not. Actually, I don't think it's rediculous or funny, but you have a right to your opinion and also to express it. Go take a class at a community college and learn the basics before you post again. I may well be the only person in Fort Wayne using OpenBSD or even pretending to know anything about it. I am not aware of any courses in BSD around here. PLEASE! And definitely stop wasting your time trying To discover how to exploit systems you are unable to comprehend. Actually, I am in defensive mode. My system is clearly being penetrated. I am trying to find and plug the holes. So far running pf with a block in all' seems to be the most effective defense. I opened up port 80 to run Apache, but I started having problems again, so I went back to the 'block all' rule. I've found and reported to kde and misc a security problem in the way kde is currently ported to OpenBSD. The kde developers understand the problem and, last I heard, had a fix in the pipeline. I've got a kludge fix for that problem now. But I am still seeing signs of intrusion, so there are either still unblocked (kde or x11) holes that I haven't found that provide intruders with at least user privileges, or my system was rooted at some point in the past and will continue to be rooted until I either reinstall or upgrade to 3.9 sometime after May. Today I found two attempts to access port 6000. One from China, the other from Korea. That said If you ever need serious system administration help for a serious issue (not one you make up when you are all paranoid and gunning to be a BIG HACKER HERO) then feel free to ask me and I'll be happy to help. I have no interest in being a cracker. I've looked at what is typically involved in cracking a system or creating shell code and I have no interest in spending my time doing either, although I have more than enough experience with x86 assembly code for that time-wasting activity. I have other projects that I need to spend time on. Are you interested in general relativity, electromagnetism, or tensors? I definitely need help with tensors. And I do appreciate your offer of help. I only wish it weren't so hard to explain things by email. Dave - Roman -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Feustel Sent: Saturday, February 11, 2006 6:04 AM To: misc@openbsd.org Subject: X11 exploit info at http://www.hackinglinuxexposed.com/articles/ is a 3-part series on X-11 exploits which those who think they understand x11 security might wish to read and comment upon. I clearly don't understand x11 security so I have no comments, but I will read with great interest comments by anyone else. 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging into another machine can compromise your desktop... 08-Jun-2004: The ease of (ab)using X11, Part 2 Abusing X11 for fun and passwords. 13-May-2004: The ease of (ab)using X11, Part 1 X11 is the protocol that underlies your graphical desktop environment, and you need to be aware of its security model. Dave Feustel -- Lose, v., experience a loss, get rid of, "lose the weight" Loose, adj., not tight, let go, free, "loose clothing" Okay, seriously whoever is "cracking" into Dave's system will you please post to the list what your magic hole is so we can all get on with life? And Dave, you did read the carefully prepared memo on commonly used passwords didn't you? Thanks, -Matt-
Re: bash: delete key sends ~ instead of [del]
CORRECTION I just installed bash to test this. Then I created ~/.inputrc with the contents: "\e[3~": delete-char logged out of X, or log out if you are in console mode, and then your del key will work as required. HTH. Regards, CraigOn Sun, 2006-02-12 at 00:05 +0100, Martin Schrvder wrote: > On 2006-02-11 23:37:31 +0100, Juan J. Martmnez wrote: > > Or look what says google: > > http://www.google.es/search?q=delete+key+bash > > I did. > > > > On 2/11/06, Martin Schrvder wrote: > > > > Hi, > > > > on my freshly installed 3.7 in bash the delete key sends an ~ > > > > instead of [del]. How can I fix this? > > > > > > > > Sorry if this is a FAQ, but Google et.al. don't allow searching > > > > for "~" :-( > > > > Yes... search for: delete key bash > > I did. Did you look at the results? They only discuss problems > with delete and backspace. Did you find anything on "~"? > > Best > Martin
Re: bash: delete key sends ~ instead of [del]
I just installed bash to test this. Then I created /etc/.inputrc with the contents: "\e[3~": delete-char rebooted, got an xterm up, started bash and the delete key works. It produced a tilde, prior to the reboot. HTH. Regards, Craig On Sun, 2006-02-12 at 00:05 +0100, Martin Schrvder wrote: > On 2006-02-11 23:37:31 +0100, Juan J. Martmnez wrote: > > Or look what says google: > > http://www.google.es/search?q=delete+key+bash > > I did. > > > > On 2/11/06, Martin Schrvder wrote: > > > > Hi, > > > > on my freshly installed 3.7 in bash the delete key sends an ~ > > > > instead of [del]. How can I fix this? > > > > > > > > Sorry if this is a FAQ, but Google et.al. don't allow searching > > > > for "~" :-( > > > > Yes... search for: delete key bash > > I did. Did you look at the results? They only discuss problems > with delete and backspace. Did you find anything on "~"? > > Best > Martin
Re: bash: delete key sends ~ instead of [del]
On 2006-02-11 23:37:31 +0100, Juan J. Martmnez wrote: > Or look what says google: > http://www.google.es/search?q=delete+key+bash I did. > > On 2/11/06, Martin Schrvder wrote: > > > Hi, > > > on my freshly installed 3.7 in bash the delete key sends an ~ > > > instead of [del]. How can I fix this? > > > > > > Sorry if this is a FAQ, but Google et.al. don't allow searching > > > for "~" :-( > > Yes... search for: delete key bash I did. Did you look at the results? They only discuss problems with delete and backspace. Did you find anything on "~"? Best Martin -- http://www.tm.oneiros.de
Infomail regarding working Proliant DL380 G4
Hi misc
I have seen at
http://www.armorlogic.com/openbsd_information_server_compatibility_list.html
that Proliant DL380 G4 wont work on 3.8. Also I have seen misc list posts
with different results (some work and some do not).
So therefor I just wanted to post a dmesg for Proliant DL380 G4 which works
really great. (The dmesg is with OpenBSD 3.8 RELEASE without stable patches.)
dmesg is below my signature.
Regards
Per-Olov Sjvholm
OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Xeon(TM) CPU 3.00GHz ("GenuineIntel" 686-class) 3 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,CNXT-ID
real mem = 1073270784 (1048116K)
avail mem = 972730368 (949932K)
using 4278 buffers containing 53768192 bytes (52508K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 12/31/99, BIOS32 rev. 0 @ 0xf
pcibios0 at bios0: rev 2.1 @ 0xf/0x2000
pcibios0: PCI BIOS has 7 Interrupt Routing table entries
pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82801EB/ER LPC" rev 0x00)
pcibios0: PCI bus #7 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0x4000! 0xcc000/0x1600 0xee000/0x2000!
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel E7710 SMCH" rev 0x0c
ppb0 at pci0 dev 2 function 0 "Intel E7710 MCH PCIE" rev 0x0c
pci1 at ppb0 bus 1
ppb1 at pci1 dev 0 function 0 "Intel PCIE-PCIE" rev 0x09
pci2 at ppb1 bus 2
bge0 at pci2 dev 1 function 0 "Broadcom BCM5704C" rev 0x10, BCM5704 B0
(0x2100): irq 5 address 00:15:60:55:e1:37
brgphy0 at bge0 phy 1: BCM5704 10/100/1000baseT PHY, rev. 0
bge1 at pci2 dev 1 function 1 "Broadcom BCM5704C" rev 0x10, BCM5704 B0
(0x2100): irq 5 address 00:15:60:55:e1:36
brgphy1 at bge1 phy 1: BCM5704 10/100/1000baseT PHY, rev. 0
ppb2 at pci1 dev 0 function 2 "Intel PCIE-PCIE" rev 0x09
pci3 at ppb2 bus 3
ciss0 at pci3 dev 3 function 0 "Compaq Smart Array 64xx" rev 0x01: irq 5
ciss0: 1 LD HW rev 1 FW 2.58/2.58
lmap 4000:0 scsibus0 at ciss0: 1 targets
sd0 at scsibus0 targ 0 lun 0: SCSI0 0/direct fixed
ciss0: cmd_stat 2 scsi_stat 0x0
ciss0: cmd_stat 2 scsi_stat 0x0
sd0: 34727MB, 34727 cyl, 64 head, 32 sec, 512 bytes/sec, 71122560 sec total
ppb3 at pci0 dev 6 function 0 "Intel E7710 MCH PCIE" rev 0x0c
pci4 at ppb3 bus 4
ppb4 at pci4 dev 0 function 0 "Intel PCIE-PCIE" rev 0x09
pci5 at ppb4 bus 5
ppb5 at pci4 dev 0 function 2 "Intel PCIE-PCIE" rev 0x09
pci6 at ppb5 bus 6
uhci0 at pci0 dev 29 function 0 "Intel 82801EB/ER USB" rev 0x02: irq 5
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 "Intel 82801EB/ER USB" rev 0x02: irq 5
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2 "Intel 82801EB/ER USB" rev 0x02: irq 5
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhci3 at pci0 dev 29 function 3 "Intel 82801EB/ER USB" rev 0x02: irq 5
usb3 at uhci3: USB revision 1.0
uhub3 at usb3
uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7 "Intel 82801EB/ER USB" rev 0x02: irq 5
usb4 at ehci0: USB revision 2.0
uhub4 at usb4
uhub4: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub4: 8 ports with 8 removable, self powered
ppb6 at pci0 dev 30 function 0 "Intel 82801BA AGP" rev 0xc2
pci7 at ppb6 bus 7
vga1 at pci7 dev 3 function 0 "ATI Rage XL" rev 0x27
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
vendor "Compaq", unknown product 0xb203 (class system subclass miscellaneous,
rev 0x01) at pci7 dev 4 function 0 not configured
vendor "Compaq", unknown product 0xb204 (class system subclass miscellaneous,
rev 0x01) at pci7 dev 4 function 2 not configured
ichpcib0 at pci0 dev 31 function 0 "Intel 82801EB/ER LPC" rev 0x02
pciide0 at pci0 dev 31 function 1 "Intel 82801EB/ER IDE" rev 0x02: DMA,
channel 0 configured to compatibility, channel 1 configured to compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0: SCSI0 5/cdrom
removable
cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 disabled (no drives)
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0:
spkr0 at pcppi0
sysbeep0 at pcppi0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 ir
Re: OpenBSD USB question
Thank you for responding, Obviously I cannot say too much about the project though, but what I can say is this: (I know it sounds a bit like a "sci-fi" movie :-) ) Only a few employees would be required to use this authentication method, (the ones working on the sensitive information). And only these employees would go through the "secure room" everytime they pitch up for work. I know that the last-modified date can be tampered with, so instead of using human readable files, I would do something like in MySQL (when you want to "encrypt" passwords, you use any word (refered to as "salt"), to "encrypt" a password. And everytime you want to access that particular "encrypted" file, you must supply the "salted" word otherwise you can forget about decrypting it. Or else I would just use one of the available encryption methods. Anyway, the idea also is to not allow an employee to be in possession of the same SD card for longer than 2 days. And it will be required of them to change their access details at least twice a week. I just needed to know if OpenBSD would be able to detect the reader, and read and write to the SD card. I have convinced my employer to use OpenBSD, and so far everything is geared towards OpenBSD. So if you guys tell me that OpenBSD will not be able to detect the USB reader and read/write to the SD cards, then I might be in a bit of trouble. Linux (in all it's forms) is totally out of the question. FreeBSD was also an option, but I went for OpenBSD because of it's "obscurity" and security. I didn't choose USB, USB chose me. Nowadays almost nothing has a parallel port or serial port connected to it, not even mentioning PS/2. The other day I read that even sound cards are going the USB way (strange but true). Any way Please continue posting your help and suggestions. (If there is any other way I can do this "authentication", I would be too glad to hear about it) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nick Guenther Sent: Saturday, February 11, 2006 10:41 PM To: misc@openbsd.org Subject: Re: OpenBSD USB question On 2/11/06, Danny <[EMAIL PROTECTED]> wrote: > Good Day, > > Background: > > I am busy with a project whereby all employees will be authenticated > with their own SD cards. Read more about the cards here: > http://www.sandisk.com/Products/Catalog(1039)-SanDisk_SD_Cards.aspx > > The user will enter a secure room, insert his/hers SD card into a card > reader, type in his/hers username, password and id (and maybe some > other requested info), and if the information corresponds to the info > on the SD card, the employee could then enter the building. > Interesting! When you get it finished it would be nice if you post a full summary here for the record. > Also the card will be checked for tampering by means of last access > date or something along that line. That is why we cannot use normal > magnetic I.D cards. Can't the last access date be modified though? > I know the SD cards are small, and people can loose them, but I was > told to go with SD cards. I think maybe because SD cards can be > instantly wtite to, and information can be changed quicker than with a > magnetic card > for instance. > > I would like to know if OpenBSD will be able to recognise and access > the SanDisk ImageMateR 12-in-1 Reader/Writer SDDR-89. > > More info on this piece of hardware can be found here: > http://www.sandisk.com/Products/Item(1145)-SDDR-89-SanDisk_ImageMate_1 > 2i > n1_ReaderWriter.aspx I remember reading that that particular device is supported, but I don't remember where. Sorry. Anyway, it's easy enough to test: startup the install media but stop it at the boot> prompt (just bash random keys) and then key in "boot cd0c:/3.8/i386/bsd" and hit enter (I think, you will have to tailor the cd0c part to match up with the device you are booting from, and the path to match up with the kernel you are booting from). This will bring up the full GENERIC kernel with all the drivers loaded. Then just plug in one of the readers and watch the blue text that comes up. if it says something like "not configured" then you're out of luck, but otherwise it will probably list of several devices that it's just installed. Plug in an SD card and it should display something like "sd0: gfdgfdgfdgfdgfdgfdgfdg". Do 'mount /dev/sd0 /mnt' to access the card then. Of course I could be totally wrong. -Kousu
Re: OpenBSD USB question
On 2/11/06, Nick Guenther <[EMAIL PROTECTED]> wrote: > > > > More info on this piece of hardware can be found here: > > http://www.sandisk.com/Products/Item(1145)-SDDR-89-SanDisk_ImageMate_12i > > n1_ReaderWriter.aspx > I actually just tested my ImageMate 6-in-1 and it works flawlessly and I assume the 12-in-1 is no different. The SD slot is sd1 for me, you may need to (but probably won't) guess-and-check which slot is sd1 on the 12. Do 'disklabel sd1' to see the available partitions on an inserted SD card. You will probably have a single FAT partition which is labelled "i'. You can use use "mount -t msdos /dev/sd1i /mnt" to mount the card, then use the standard filesystem tools to navigate. Good luck on your project. -Kousu p.s. Why use 12-in-1 when you can use 6-in-1, or even just a straight forward one-slot SD card reader?
Re: BSD on x86 and virus
J.C. Roberts wrote: As others have pointed out, you simply misunderstood the article and then posted to the list what many people would consider an inflammatory question. This is not the first time where your reading skills have failed to comprehend the meaning of an article and you posted such questions to the list. Don't feel bad about it because you're not the only one. Heck, Dave Feustel is constantly misreading security stuff and posting questions to the list -and he's an American. ;-) Outch!!! Been put in the same boat... (;> I have some problem at times to understand some stuff too, but this one really hurts. Personally I would prefer be called a moron and I have been called so at times too. But it was easier to receive. (;> I guess the pass showed as well that I am not an American either. Not sure, can this be classify as "sarcasm"? (;> May be my sarcasm jokes still need some work! Daniel
Re: bash: delete key sends ~ instead of [del]
El sab, 11-02-2006 a las 17:17 -0500, Nick Guenther escribis: > Yeah, it does that. I don't know why, I assume historical reasons, and > I would like to learn from someone here who does know. Use backspace > instead. Or look what says google: http://www.google.es/search?q=delete+key+bash > On 2/11/06, Martin Schrvder wrote: > > Hi, > > on my freshly installed 3.7 in bash the delete key sends an ~ > > instead of [del]. How can I fix this? > > > > Sorry if this is a FAQ, but Google et.al. don't allow searching > > for "~" :-( Yes... search for: delete key bash regards, Juanjo -- Desarrollo y sistemas: http://www.usebox.net/ Pagina Personal: http://www.usebox.net/jjm/
Re: bash: delete key sends ~ instead of [del]
Yeah, it does that. I don't know why, I assume historical reasons, and I would like to learn from someone here who does know. Use backspace instead. On 2/11/06, Martin Schrvder <[EMAIL PROTECTED]> wrote: > Hi, > on my freshly installed 3.7 in bash the delete key sends an ~ > instead of [del]. How can I fix this? > > Sorry if this is a FAQ, but Google et.al. don't allow searching > for "~" :-( > > TIA > Martin > -- > http://www.tm.oneiros.de
bash: delete key sends ~ instead of [del]
Hi, on my freshly installed 3.7 in bash the delete key sends an ~ instead of [del]. How can I fix this? Sorry if this is a FAQ, but Google et.al. don't allow searching for "~" :-( TIA Martin -- http://www.tm.oneiros.de
Re: OpenBSD USB question
On 2/11/06, Danny <[EMAIL PROTECTED]> wrote: > Good Day, > > Background: > > I am busy with a project whereby all employees will be authenticated > with their > own SD cards. Read more about the cards here: > http://www.sandisk.com/Products/Catalog(1039)-SanDisk_SD_Cards.aspx > > The user will enter a secure room, insert his/hers SD card into a > card reader, type in his/hers username, password and id (and maybe > some other requested info), and if the information corresponds to > the info on the SD card, the employee could then enter the building. > Interesting! When you get it finished it would be nice if you post a full summary here for the record. > Also the card will be checked for tampering by means of last access date > or something along that line. That is why we cannot use normal magnetic > I.D cards. Can't the last access date be modified though? > I know the SD cards are small, and people can loose them, but I was > told to go with SD cards. I think maybe because SD cards can be > instantly > wtite to, and information can be changed quicker than with a magnetic > card > for instance. > > I would like to know if OpenBSD will be able to recognise and access > the SanDisk ImageMateR 12-in-1 Reader/Writer SDDR-89. > > More info on this piece of hardware can be found here: > http://www.sandisk.com/Products/Item(1145)-SDDR-89-SanDisk_ImageMate_12i > n1_ReaderWriter.aspx I remember reading that that particular device is supported, but I don't remember where. Sorry. Anyway, it's easy enough to test: startup the install media but stop it at the boot> prompt (just bash random keys) and then key in "boot cd0c:/3.8/i386/bsd" and hit enter (I think, you will have to tailor the cd0c part to match up with the device you are booting from, and the path to match up with the kernel you are booting from). This will bring up the full GENERIC kernel with all the drivers loaded. Then just plug in one of the readers and watch the blue text that comes up. if it says something like "not configured" then you're out of luck, but otherwise it will probably list of several devices that it's just installed. Plug in an SD card and it should display something like "sd0: gfdgfdgfdgfdgfdgfdgfdg". Do 'mount /dev/sd0 /mnt' to access the card then. Of course I could be totally wrong. -Kousu
Re: ohci3: ? scheduling overruns USB ural attached
On 2/11/06, Ed Wandasiewicz <[EMAIL PROTECTED]> wrote: > On Sat, Feb 11, 2006 at 01:54:21PM -0500, Nick Guenther wrote: > > On 2/11/06, Ed Wandasiewicz <[EMAIL PROTECTED]> wrote: > > > rootdev=0x0 rrootdev=0xb00 rawdev=0xb02 > > > ohci3: 1 scheduling overruns > > > ohci3: 2 scheduling overruns > > > ohci3: 1 scheduling overruns > > > ohci3: 1 scheduling overruns > > > > > > > I notice the 'uhub'. Is this an external hub or an internal one? Also, > > does the device work a) flawlessly b) somewhat (drops packets etc) c) > > not at all? I'm guessing it's just that the processor (or something?) > > can't keep up with all the data from the uhub and thus the queue gets > > "overrun". I can't really say any more though, grep the ohci and uhub > > source code for "scheduling overruns" perhaps. > > > > -Kousu > > Internal hub, inside a mac mini. ural device works 99% of the time. I do get > occasional dmesg of scrolling "usbd_dump_queue" messages, but happens > quite rarely. > > Ed. Well then I wouldn't worry about it, the driver just can't keep up and drops some packets. I don't know where to look in the source to alter the rate but I imagine it could be done. Perhaps post a bug report and include as much information as you can on the hardware and maybe it'll help improve the driver. -Kousu
sorry to reask ... keyboard mapping not working in current Xorg 6.9 on a hp nc6000 laptop
Hello, Regarding my previous post: x11 problem in current: "The XKEYBOARD keymap compiler (xkbcomp) reports..." (the dmesg and Xorg.0.log can be found in the 2 posts) Sorry to reask, but I searched via google etc and I did not find any solution. Loading the keyboard layout via setxkbmap does not work either. ~ $ setxkbmap fr_CH Error loading new keyboard description (==) Using config file: "/etc/X11/xorg.conf" The XKEYBOARD keymap compiler (xkbcomp) reports: > Error:Can't find file "pc/fr_CH" for symbols include > Exiting > Abandoning symbols file "default" Errors from xkbcomp are not fatal to the X server I am running current on other boxes and XkbLayout fr_CH does work?! Here is my latest not working current InputDevice Section (I tried many different possible solutions/options here, without success) Section "InputDevice" Identifier "Keyboard0" Driver "kbd" Option "CoreKeyboard" Option "XkbRules" "xorg" Option "XkbModel" "microsoft" Option "XkbVariant""nodeadkeys" Option "XkbLayout" "fr_CH" EndSection Is this related to the keyboard driver that is not supported on the laptop (hp - nc6000)? Many many thanks for helping!!!
Re: ohci3: ? scheduling overruns USB ural attached
On Sat, Feb 11, 2006 at 01:54:21PM -0500, Nick Guenther wrote: > On 2/11/06, Ed Wandasiewicz <[EMAIL PROTECTED]> wrote: > > I have the following dmesg with a ural device attached to a macppc, > > following current, as of 8 Feb 2006. > > > > Any suggestions? > > Ed. > > wd0(wdc1:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2 > > cd0(wdc1:0:1): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2 > > "Apple UniNorth Firewire" rev 0x81 at pci2 dev 14 function 0 not configured > > gem0 at pci2 dev 15 function 0 "Apple Uni-N2 GMAC" rev 0x80: irq 41, > > address 00:11:24:8b:aa:18 > > bmtphy0 at gem0 phy 0: BCM5221 100baseTX PHY, rev. 4 > > ural0 at uhub5 port 2 > > ural0: ASUS 802.11g WLAN Drive, rev 2.00/0.01, addr 2 > > ural0: MAC/BBP RT2570 (rev 0x03), RF RT2526, address 00:11:d8:dc:2b:3c > > ueagle0 at uhub3 port 1 > > ueagle0: U.S. Robotics USR9000 SureConnect ADSL, rev 1.00/40.0b, addr 2 > > ueagle0: address: 00:c0:49:b7:37:4a > > bootpath: '/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]/bsd' > > boot device: wd0. > > root on wd0a > > rootdev=0x0 rrootdev=0xb00 rawdev=0xb02 > > ohci3: 1 scheduling overruns > > ohci3: 2 scheduling overruns > > ohci3: 1 scheduling overruns > > ohci3: 1 scheduling overruns > > > > I notice the 'uhub'. Is this an external hub or an internal one? Also, > does the device work a) flawlessly b) somewhat (drops packets etc) c) > not at all? I'm guessing it's just that the processor (or something?) > can't keep up with all the data from the uhub and thus the queue gets > "overrun". I can't really say any more though, grep the ohci and uhub > source code for "scheduling overruns" perhaps. > > -Kousu Internal hub, inside a mac mini. ural device works 99% of the time. I do get occasional dmesg of scrolling "usbd_dump_queue" messages, but happens quite rarely. Ed.
Re: ohci3: ? scheduling overruns USB ural attached
On 2/11/06, Ed Wandasiewicz <[EMAIL PROTECTED]> wrote: > I have the following dmesg with a ural device attached to a macppc, > following current, as of 8 Feb 2006. > > Any suggestions? > Ed. > wd0(wdc1:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2 > cd0(wdc1:0:1): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2 > "Apple UniNorth Firewire" rev 0x81 at pci2 dev 14 function 0 not configured > gem0 at pci2 dev 15 function 0 "Apple Uni-N2 GMAC" rev 0x80: irq 41, address > 00:11:24:8b:aa:18 > bmtphy0 at gem0 phy 0: BCM5221 100baseTX PHY, rev. 4 > ural0 at uhub5 port 2 > ural0: ASUS 802.11g WLAN Drive, rev 2.00/0.01, addr 2 > ural0: MAC/BBP RT2570 (rev 0x03), RF RT2526, address 00:11:d8:dc:2b:3c > ueagle0 at uhub3 port 1 > ueagle0: U.S. Robotics USR9000 SureConnect ADSL, rev 1.00/40.0b, addr 2 > ueagle0: address: 00:c0:49:b7:37:4a > bootpath: '/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]/bsd' > boot device: wd0. > root on wd0a > rootdev=0x0 rrootdev=0xb00 rawdev=0xb02 > ohci3: 1 scheduling overruns > ohci3: 2 scheduling overruns > ohci3: 1 scheduling overruns > ohci3: 1 scheduling overruns > I notice the 'uhub'. Is this an external hub or an internal one? Also, does the device work a) flawlessly b) somewhat (drops packets etc) c) not at all? I'm guessing it's just that the processor (or something?) can't keep up with all the data from the uhub and thus the queue gets "overrun". I can't really say any more though, grep the ohci and uhub source code for "scheduling overruns" perhaps. -Kousu
iwi(4): man-page needs update, Peter's address @intel does not work
Our friend Peter seems to be gone or is hiding: Intel no longer accepts mail for his account as listed in manuals for ipw(4) and iwi(4). http://marc.theaimsgroup.com/?l=openbsd-misc&m=109994542424009&w=2> (2004-11-08) Cheers, Constantine. -- Forwarded message -- From: Mail Delivery Subsystem <[EMAIL PROTECTED]> Date: 11-Feb-2006 17:32 Subject: Delivery Status Notification (Failure) To: [EMAIL PROTECTED] This is an automatically generated Delivery Status Notification Delivery to the following recipient failed permanently: [EMAIL PROTECTED] Technical details of permanent failure: PERM_FAILURE: SMTP Error (state 9): 501 #5.1.1 bad address [EMAIL PROTECTED]
Re: X11 exploit info
wow... No more words!!! 2006/2/11, Dave Feustel <[EMAIL PROTECTED]>: > > On Saturday 11 February 2006 10:59, Roman Hunt wrote: > > > > Dude what is your major f*&^%! malfunction? Years ago this sh!^ would've > > never been allowed to fly on this list. > > Sorry. I don't intend to offend or to irritate. Just out of curiosity, how > old are you? > Also, to which post are you referring? > > > Maybe you think that posting all this ridiculous shit is funny but it's > > really not. > > Actually, I don't think it's rediculous or funny, but you have a right to > your opinion and > also to express it. > > > Go take a class at a community college and learn the basics before you > post > > again. > > I may well be the only person in Fort Wayne using OpenBSD or even > pretending to know anything about it. > I am not aware of any courses in BSD around here. > > > PLEASE! And definitely stop wasting your time trying > > To discover how to exploit systems you are unable to comprehend. > > Actually, I am in defensive mode. My system is clearly being penetrated. > I am trying to find and plug the holes. So far running pf with a block in > all' seems to > be the most effective defense. I opened up port 80 to run Apache, but I > started having problems again, so I went back to the 'block all' rule. > I've found and reported to kde and misc a security problem in the way > kde is currently ported to OpenBSD. The kde developers understand the > problem > and, last I heard, had a fix in the pipeline. I've got a kludge fix for > that problem now. > But I am still seeing signs of intrusion, so there are either still > unblocked (kde or x11) holes > that I haven't found that provide intruders with at least user privileges, > or my system > was rooted at some point in the past and will continue to be rooted until > I either reinstall or > upgrade to 3.9 sometime after May. Today I found two attempts to access > port 6000. > One from China, the other from Korea. > > > That said If you ever need serious system administration help for a > > serious issue (not one you make up when you are all paranoid and gunning > > to be a BIG HACKER HERO) then feel free to ask me and I'll be happy to > help. > > I have no interest in being a cracker. I've looked at what is typically > involved in > cracking a system or creating shell code and I have no interest in > spending my > time doing either, although I have more than enough experience with x86 > assembly > code for that time-wasting activity. I have other projects that I need > to spend time on. Are you interested in general relativity, > electromagnetism, or > tensors? I definitely need help with tensors. > > And I do appreciate your offer of help. I only wish it weren't so hard to > explain things by > email. > > Dave > > - > > Roman > > > > > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > Of > > Dave Feustel > > Sent: Saturday, February 11, 2006 6:04 AM > > To: misc@openbsd.org > > Subject: X11 exploit info > > > > > > at http://www.hackinglinuxexposed.com/articles/ > > is a 3-part series on X-11 exploits which those who > > think they understand x11 security might wish to > > read and comment upon. I clearly don't understand > > x11 security so I have no comments, but I will read > > with great interest comments by anyone else. > > > > 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging > into > > another machine can compromise your desktop... > > > > 08-Jun-2004: The ease of (ab)using X11, Part 2 > > Abusing X11 for fun and passwords. > > > > 13-May-2004: The ease of (ab)using X11, Part 1 > > X11 is the protocol that underlies your graphical desktop environment, > and > > you need to be aware of its security model. > > > > Dave Feustel > > -- > Lose, v., experience a loss, get rid of, "lose the weight" > Loose, adj., not tight, let go, free, "loose clothing" > > -- Abragos Ricardo Lucas We have to stop been egoist and think more on ourselves.
Re: BSD on x86 and virus
On Fri, 10 Feb 2006 17:10:41 +0530, Siju George <[EMAIL PROTECTED]> wrote: >Hi, > >BSD on x86 has also suffered at the hands of these maniac virus >coders, so much so that there are hardly any BSD x86 web servers on >the web that haven't been repeatedly p0wned. > >http://www.webpronews.com/expertarticles/expertarticles/wpn-62-20060209SecurityThroughObscurityThreatenedasMacsBecomeMorePopular.html > >is the above sentence even remotely true??? > >Thankyou so much > >Kind Regards > >Siju Hi Siju, As I told you this a long time ago in a private email, when I first started seeing your posts to the list, I actually thought you were just trolling. Eventually, I figured out you're just inexperienced and you're just trying to learn while fighting against both language and culture barriers. As others have pointed out, you simply misunderstood the article and then posted to the list what many people would consider an inflammatory question. This is not the first time where your reading skills have failed to comprehend the meaning of an article and you posted such questions to the list. Don't feel bad about it because you're not the only one. Heck, Dave Feustel is constantly misreading security stuff and posting questions to the list -and he's an American. ;-) Just as Dave (and nearly all people, myself included) have trouble understanding all the various implications of security in one particular technical context or another, the goal is to truly understand what you read and be able to answer your own questions. Some of your comprehension problem is cultural, since various forms of communication in Western English, such as sarcasm, Westerners speaking very directly (rather than hinting) and many other nuances, takes a good deal of practice to understand and accept. It is very difficult, if not impossible, to completely separate language from culture, so just knowing the language leaves you without the context of the culture needed for comprehension. Is Shiva the restorer of worlds, the destroyer of worlds or the healer? Another part of the problem is a matter of study. You may want to do some studying on "critical analysis" (also called "critical reading" and more formally called "exegesis" -the ability to evaluate, interpret and deconstruct what you read so you fully understand it). Another area you will want to study is formal logic (-the ability to evaluate a logical arguments, statements, and derived conclusions). The time you invest in studying these two areas, and learning the culture behind the language will give you the tools you need to better understand things written in Western English. BTW, if you ever get an email from Rod Whitworth, dlg@ or any of the other list members in Australia and the email is written in "Strine" you'll definitely need a dictionary, and no, the dictionary won't help very much. :-) kind regards, jcr
Re: Sudo
On 2006-02-11 11:58:29 -0500, Dave Feustel wrote: > all shells. There may be something in the sudo man page that > describes this behavior, but I haven't spotted it yet. SEE ALSO grep(1), su(1), stat(2), login_cap(3), sudoers(5), passwd(5), visudo(8) > My reading skills must be deteriorating. Try http://www.catb.org/~esr/faqs/smart-questions.html HTH. HAND Martin -- http://www.tm.oneiros.de
Re: Sudo
Tobias Weingartner wrote: > > On Saturday, February 11, Dave Feustel wrote: > > > > I found out via a google search on 'tickets sudo' about > > the behavior I had discovered and reported. Then after Otto > > let me know how pathetic my post was, I went back to man sudo > > but found nothing about tickets or about sudo being active in > > all shells. There may be something in the sudo man page that > > describes this behavior, but I haven't spotted it yet. > > My reading skills must be deteriorating. > > >From the first paragraph under DESCRIPTION: > > Once a user has been authenticated, a timestamp is updated and the > user may then use sudo without a password for a short period of time > (5 minutes unless overridden in sudoers). > > Note, it says "user", not "shell the user is using". > > --Toby. I'm outa my depth here, but seems that any implementation of something like sudo that belongs to the shell is an open invitation to security disasters.
Re: Sudo
You sudo something, it asks for your password You do it again soon after, it doesn't ask. So somehow it remembers you. Definitely more trouble, and probably opens some holes for nasties, if it also remembers which version of you. That's without knowing enough to have an opinion. > -Original Message- > From: Dave Feustel [mailto:[EMAIL PROTECTED] > Sent: Saturday, February 11, 2006 10:58 AM > To: [EMAIL PROTECTED] > Cc: Otto Moerbeek; misc@openbsd.org > Subject: Re: Sudo > > > On Saturday 11 February 2006 11:04, [EMAIL PROTECTED] wrote: > > man sudo for starters. > > (actually that's quite enough even for a noob like me) > > (even a very out of date linux is enough) > > sheesh > > Actually --with-tickets is not mentioned in sudo. > (I was sent '--with-tickets' info off-list by a helpful person.) > I found out via a google search on 'tickets sudo' about > the behavior I had discovered and reported. Then after Otto > let me know how pathetic my post was, I went back to man sudo > but found nothing about tickets or about sudo being active in > all shells. There may be something in the sudo man page that > describes this behavior, but I haven't spotted it yet. > My reading skills must be deteriorating. > > > -- > Lose, v., experience a loss, get rid of, "lose the weight" > Loose, adj., not tight, let go, free, "loose clothing"
external usb enclosure and ide hard disk
Hi, is there a way to control an ide hard disk connected to an usb external enclosure, as to put it into idle or standby mode? I tried 'atactl' without success. here is the relevant part of my dmesg: umass0 at uhub0 port 2 configuration 1 interface 0 umass0: Myson Century, Inc. USB Mass Storage Device, rev 2.00/b0.08, addr 2 umass0: using ATAPI over Bulk-Only scsibus1 at umass0: 2 targets sd0 at scsibus1 targ 1 lun 0: SCSI0 0/direct fixed sd0: 38204MB, 38204 cyl, 64 head, 32 sec, 512 bytes/sec, 78242976 sec total Thanks, -- Carlos
Re: Sudo
On Saturday 11 February 2006 12:17, Steve Tornio wrote: > man sudoers Thanks to all who replied. I will try hard to be more thorough in the future. Dave -- Lose, v., experience a loss, get rid of, "lose the weight" Loose, adj., not tight, let go, free, "loose clothing"
Re: Sudo
On Sat, 11 Feb 2006, Dave Feustel wrote: > On Saturday 11 February 2006 11:04, [EMAIL PROTECTED] wrote: > > man sudo for starters. > > (actually that's quite enough even for a noob like me) > > (even a very out of date linux is enough) > > sheesh > > Actually --with-tickets is not mentioned in sudo. > (I was sent '--with-tickets' info off-list by a helpful person.) > I found out via a google search on 'tickets sudo' about > the behavior I had discovered and reported. Then after Otto > let me know how pathetic my post was, I went back to man sudo > but found nothing about tickets or about sudo being active in > all shells. There may be something in the sudo man page that > describes this behavior, but I haven't spotted it yet. > My reading skills must be deteriorating. Why do you think cross references to other manual pages exist in almost all man pages? -Otto
Re: Sudo
On Saturday, February 11, Dave Feustel wrote: > > I found out via a google search on 'tickets sudo' about > the behavior I had discovered and reported. Then after Otto > let me know how pathetic my post was, I went back to man sudo > but found nothing about tickets or about sudo being active in > all shells. There may be something in the sudo man page that > describes this behavior, but I haven't spotted it yet. > My reading skills must be deteriorating. >From the first paragraph under DESCRIPTION: Once a user has been authenticated, a timestamp is updated and the user may then use sudo without a password for a short period of time (5 minutes unless overridden in sudoers). Note, it says "user", not "shell the user is using". --Toby.
Re: Sudo
man sudo for starters. (actually that's quite enough even for a noob like me) (even a very out of date linux is enough) sheesh > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of > Dave Feustel > Sent: Saturday, February 11, 2006 9:50 AM > To: Otto Moerbeek > Cc: misc@openbsd.org > Subject: Re: Sudo > > > On Saturday 11 February 2006 10:42, Otto Moerbeek wrote: > > > > On Sat, 11 Feb 2006, Dave Feustel wrote: > > > > > I don't know whether this is or would be considered as a bug, > > > or whether it is generally known, but sudo, when successfully > > > invoked with a password in one shell, becomes active in all > > > shells of that user for the timed duration. > > > > This is pathetic. Why don't you read the docs before posting such a > > "discovery"? > > > > -Otto > > Which docs? > > -- > Lose, v., experience a loss, get rid of, "lose the weight" > Loose, adj., not tight, let go, free, "loose clothing"
Re: Sudo
On Saturday 11 February 2006 11:04, [EMAIL PROTECTED] wrote: > man sudo for starters. > (actually that's quite enough even for a noob like me) > (even a very out of date linux is enough) > sheesh Actually --with-tickets is not mentioned in sudo. (I was sent '--with-tickets' info off-list by a helpful person.) I found out via a google search on 'tickets sudo' about the behavior I had discovered and reported. Then after Otto let me know how pathetic my post was, I went back to man sudo but found nothing about tickets or about sudo being active in all shells. There may be something in the sudo man page that describes this behavior, but I haven't spotted it yet. My reading skills must be deteriorating. -- Lose, v., experience a loss, get rid of, "lose the weight" Loose, adj., not tight, let go, free, "loose clothing"
Re: X11 exploit info
Dude what is your major f*&^%! malfunction? Years ago this sh!^ would've never been allowed to fly on this list. Maybe you think that posting all this ridiculous shit is funny but it's really not. Go take a class at a community college and learn the basics before you post again. PLEASE! And definitely stop wasting your time trying To discover how to exploit systems you are unable to comprehend. That said If you ever need serious system administration help for a serious issue (not one you make up when you are all paranoid and gunning to be a BIG HACKER HERO) then feel free to ask me and I'll be happy to help. - Roman -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Feustel Sent: Saturday, February 11, 2006 6:04 AM To: misc@openbsd.org Subject: X11 exploit info at http://www.hackinglinuxexposed.com/articles/ is a 3-part series on X-11 exploits which those who think they understand x11 security might wish to read and comment upon. I clearly don't understand x11 security so I have no comments, but I will read with great interest comments by anyone else. 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging into another machine can compromise your desktop... 08-Jun-2004: The ease of (ab)using X11, Part 2 Abusing X11 for fun and passwords. 13-May-2004: The ease of (ab)using X11, Part 1 X11 is the protocol that underlies your graphical desktop environment, and you need to be aware of its security model. Dave Feustel -- Lose, v., experience a loss, get rid of, "lose the weight" Loose, adj., not tight, let go, free, "loose clothing"
Re: X11 exploit info
On Saturday 11 February 2006 10:59, Roman Hunt wrote: > > Dude what is your major f*&^%! malfunction? Years ago this sh!^ would've > never been allowed to fly on this list. Sorry. I don't intend to offend or to irritate. Just out of curiosity, how old are you? Also, to which post are you referring? > Maybe you think that posting all this ridiculous shit is funny but it's > really not. Actually, I don't think it's rediculous or funny, but you have a right to your opinion and also to express it. > Go take a class at a community college and learn the basics before you post > again. I may well be the only person in Fort Wayne using OpenBSD or even pretending to know anything about it. I am not aware of any courses in BSD around here. > PLEASE! And definitely stop wasting your time trying > To discover how to exploit systems you are unable to comprehend. Actually, I am in defensive mode. My system is clearly being penetrated. I am trying to find and plug the holes. So far running pf with a block in all' seems to be the most effective defense. I opened up port 80 to run Apache, but I started having problems again, so I went back to the 'block all' rule. I've found and reported to kde and misc a security problem in the way kde is currently ported to OpenBSD. The kde developers understand the problem and, last I heard, had a fix in the pipeline. I've got a kludge fix for that problem now. But I am still seeing signs of intrusion, so there are either still unblocked (kde or x11) holes that I haven't found that provide intruders with at least user privileges, or my system was rooted at some point in the past and will continue to be rooted until I either reinstall or upgrade to 3.9 sometime after May. Today I found two attempts to access port 6000. One from China, the other from Korea. > That said If you ever need serious system administration help for a > serious issue (not one you make up when you are all paranoid and gunning > to be a BIG HACKER HERO) then feel free to ask me and I'll be happy to help. I have no interest in being a cracker. I've looked at what is typically involved in cracking a system or creating shell code and I have no interest in spending my time doing either, although I have more than enough experience with x86 assembly code for that time-wasting activity. I have other projects that I need to spend time on. Are you interested in general relativity, electromagnetism, or tensors? I definitely need help with tensors. And I do appreciate your offer of help. I only wish it weren't so hard to explain things by email. Dave > - > Roman > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Dave Feustel > Sent: Saturday, February 11, 2006 6:04 AM > To: misc@openbsd.org > Subject: X11 exploit info > > > at http://www.hackinglinuxexposed.com/articles/ > is a 3-part series on X-11 exploits which those who > think they understand x11 security might wish to > read and comment upon. I clearly don't understand > x11 security so I have no comments, but I will read > with great interest comments by anyone else. > > 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging into > another machine can compromise your desktop... > > 08-Jun-2004: The ease of (ab)using X11, Part 2 > Abusing X11 for fun and passwords. > > 13-May-2004: The ease of (ab)using X11, Part 1 > X11 is the protocol that underlies your graphical desktop environment, and > you need to be aware of its security model. > > Dave Feustel -- Lose, v., experience a loss, get rid of, "lose the weight" Loose, adj., not tight, let go, free, "loose clothing"
ohci3: ? scheduling overruns USB ural attached
I have the following dmesg with a ural device attached to a macppc, following current, as of 8 Feb 2006. Any suggestions? Ed. OpenBSD 3.9-beta (GENERIC) #0: Fri Feb 10 09:47:45 GMT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC real mem = 1073741824 (1048576K) avail mem = 978100224 (955176K) using 1254 buffers containing 53686272 bytes (52428K) of memory mainbus0 (root): model PowerMac10,1 cpu0 at mainbus0: 7447A (Revision 0x102): 1249 MHz: 512KB L2 cache memc0 at mainbus0: uni-n hw-clock at memc0 not configured ki2c0 at memc0 offset 0xf8001000 iic0 at ki2c0 mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 11 function 0 "Apple UniNorth AGP" rev 0x00 vgafb0 at pci0 dev 16 function 0 "ATI Radeon 9200" rev 0x01, mmio wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation) mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x5 pci1 at mpcpcibr1 bus 0 pchb1 at pci1 dev 11 function 0 "Apple UniNorth PCI" rev 0x00 macobio0 at pci1 dev 23 function 0 "Apple Intrepid" rev 0x00 openpic0 at macobio0 offset 0x4: version 0x4614 macgpio0 at macobio0 offset 0x50 modem-reset at macgpio0 offset 0x1d not configured modem-power at macgpio0 offset 0x1c not configured macgpio1 at macgpio0 offset 0x9 irq 47 programmer-switch at macgpio0 offset 0x11 not configured gpio5 at macgpio0 offset 0x6f not configured gpio6 at macgpio0 offset 0x70 not configured extint-gpio15 at macgpio0 offset 0x67 not configured escc-legacy at macobio0 offset 0x12000 not configured zsc0 at macobio0 offset 0x13000: irq 22,23 zstty0 at zsc0 channel 0 zstty1 at zsc0 channel 1 aoa0 at macobio0 offset 0x1: irq 30,1,2 audio0 at aoa0 timer at macobio0 offset 0x15000 not configured adb0 at macobio0 offset 0x16000 irq 25: via-pmu, 0 targets apm0 at adb0: battery flags 0x0, 0% charged pi2c0 at adb0 iic1 at pi2c0 maxtmp0 at iic1 addr 0xc8: max6642 ki2c1 at macobio0 offset 0x18000 iic2 at ki2c1 wdc0 at macobio0 offset 0x2 irq 24: DMA ohci0 at pci1 dev 24 function 0 "Apple Intrepid USB" rev 0x00: irq 0, version 1.0, legacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: Apple OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered ohci1 at pci1 dev 25 function 0 "Apple Intrepid USB" rev 0x00: irq 0, version 1.0, legacy support usb1 at ohci1: USB revision 1.0 uhub1 at usb1 uhub1: Apple OHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered ohci2 at pci1 dev 26 function 0 "Apple Intrepid USB" rev 0x00: irq 29, version 1.0, legacy support usb2 at ohci2: USB revision 1.0 uhub2 at usb2 uhub2: Apple OHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ohci3 at pci1 dev 27 function 0 "NEC USB" rev 0x43: irq 63, version 1.0 usb3 at ohci3: USB revision 1.0 uhub3 at usb3 uhub3: NEC OHCI root hub, rev 1.00/1.00, addr 1 uhub3: 3 ports with 3 removable, self powered ohci4 at pci1 dev 27 function 1 "NEC USB" rev 0x43: irq 63, version 1.0 usb4 at ohci4: USB revision 1.0 uhub4 at usb4 uhub4: NEC OHCI root hub, rev 1.00/1.00, addr 1 uhub4: 2 ports with 2 removable, self powered ehci0 at pci1 dev 27 function 2 "NEC USB" rev 0x04: irq 63 usb5 at ehci0: USB revision 2.0 uhub5 at usb5 uhub5: NEC EHCI root hub, rev 2.00/1.00, addr 1 uhub5: 5 ports with 5 removable, self powered mpcpcibr2 at mainbus0 pci: uni-north, Revision 0x6 pci2 at mpcpcibr2 bus 0 pchb2 at pci2 dev 11 function 0 "Apple UniNorth PCI" rev 0x00 kauaiata0 at pci2 dev 13 function 0 "Apple Intrepid ATA" rev 0x00 wdc1 at kauaiata0 irq 39: DMA wd0 at wdc1 channel 0 drive 0: wd0: 16-sector PIO, LBA, 38154MB, 78140160 sectors atapiscsi0 at wdc1 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable wd0(wdc1:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2 cd0(wdc1:0:1): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2 "Apple UniNorth Firewire" rev 0x81 at pci2 dev 14 function 0 not configured gem0 at pci2 dev 15 function 0 "Apple Uni-N2 GMAC" rev 0x80: irq 41, address 00:11:24:8b:aa:18 bmtphy0 at gem0 phy 0: BCM5221 100baseTX PHY, rev. 4 ural0 at uhub5 port 2 ural0: ASUS 802.11g WLAN Drive, rev 2.00/0.01, addr 2 ural0: MAC/BBP RT2570 (rev 0x03), RF RT2526, address 00:11:d8:dc:2b:3c ueagle0 at uhub3 port 1 ueagle0: U.S. Robotics USR9000 SureConnect ADSL, rev 1.00/40.0b, addr 2 ueagle0: address: 00:c0:49:b7:37:4a bootpath: '/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]/bsd' boot device: wd0. root on wd0a rootdev=0x0 rrootdev=0xb00 rawdev=0xb02 ohci3: 1 scheduling overruns ohci3: 2 scheduling overruns ohci3: 1 scheduling overruns ohci3: 1 scheduling overruns
Re: Sudo
On 2006-02-11 10:49:54 -0500, Dave Feustel wrote: > On Saturday 11 February 2006 10:42, Otto Moerbeek wrote: > > This is pathetic. Why don't you read the docs before posting such a > > "discovery"? > Which docs? Normal OBSD users start with man afterboot. You should try it too. Hint: It points to docs on sudo. HTH. HAND Martin -- http://www.tm.oneiros.de
Re: Sudo
On Saturday 11 February 2006 10:42, Otto Moerbeek wrote: > > On Sat, 11 Feb 2006, Dave Feustel wrote: > > > I don't know whether this is or would be considered as a bug, > > or whether it is generally known, but sudo, when successfully > > invoked with a password in one shell, becomes active in all > > shells of that user for the timed duration. > > This is pathetic. Why don't you read the docs before posting such a > "discovery"? > > -Otto Which docs? -- Lose, v., experience a loss, get rid of, "lose the weight" Loose, adj., not tight, let go, free, "loose clothing"
Re: Sudo
On Sat, 11 Feb 2006, Dave Feustel wrote: > I don't know whether this is or would be considered as a bug, > or whether it is generally known, but sudo, when successfully > invoked with a password in one shell, becomes active in all > shells of that user for the timed duration. This is pathetic. Why don't you read the docs before posting such a "discovery"? -Otto
Re: Sudo
Dave Feustel wrote: I don't know whether this is or would be considered as a bug, or whether it is generally known, Take a look at the tty_tickets option of sudoers(5) and the -k and -K arguments to sudo(1). Some other operating systems use a default configuration file that turns it on, which may be why you were surprised. -- Matthew Weigel hacker [EMAIL PROTECTED]
Re: X11 exploit info
On 2/11/06, Matthias Kilian <[EMAIL PROTECTED]> wrote: > On Sat, Feb 11, 2006 at 06:03:51AM -0500, Dave Feustel wrote: > > 13-May-2004: The ease of (ab)using X11, Part 1 > > X11 is the protocol that underlies your graphical desktop > > environment, and you need to be aware of its security model. > > Whow! So if I get root access to your computer, I have access to > your X server. What a security threat! > > Sorry, I'll not waste my time reading the other "exploit" infos. > Some funny quotes: "If someone on the server can read your ~/.Xauthority file (hopefully only root, but if you have bad file permissions you're in trouble), and can connect to the port that sshd has bound (which anyone can) then they can access your desktop's X11 server" "This means that any time you SSH to another machine, that machine's administrators could attack you" or they could just... you know... use their admin powers to go a much more direct route to "attack" you. Actually couldn't admins having access to a user's windows let them watch the users type in passwords and things? Or is the assumption in Unix that all admins are trusted? "First, log into the victim's desktop, become root" "Being a very intelligent and worldly guy, he naturally wanted a Linux box." <-- heh "Now I need to get access to his magic cookies. Since I'm root, I can read all files on the filesystem [...] The key here is that I should not be allowed to show things on his X11 server -- if I can, I can do other nastier things." :) -Kousu
Re: Upgrading 3.6 to 3.8, and compiling -current
On 11/02/06, Nick Guenther <[EMAIL PROTECTED]> wrote:
> I'm hardly an expert so I hope you get some other opinions but here
> are my thoughts:
>
> On 2/10/06, Constantine A. Murenin <[EMAIL PROTECTED]> wrote:
> > At a remote location, I have two boxes that are connected with each
> > other via a serial cable, and through a router to the internet.
> >
> > One of the boxes is OpenBSD 3.6, and I'd like to upgrade it to 3.8,
> > and then compile -current (I want to play with the kernel alongside
> > sensors.h / lm(4)).
> >
> > What's the best way to do it?
> >
> > I guess, wget'ing the bsd.rd from ftp.openbsd.org mirror would be the
> > best "installation media", but then upon reboot should I choose
> > 'upgrade' and do 3.6 -> 3.7, then repeat the procedure with 3.7 ->
> > 3.8, then cvsup and compile the -current from sources? Or should I
> > 'install' 3.8, then cvsup -current, and compile?
> >
>
> The FAQ somewhere suggests "of course, starting with a fresh install
> is always best".
>
> > If I'll choose to install 3.8, then will I be able to leave my
> > partitioning scheme and contents of my custom partitions intact? Or
> > will I have to repartition the drive?
>
> The install script does run fdisk and disklabel but there's no reason
> you can't simply quit both immediately without making changes. All
> "installing" consists of is untarring the various install sets,
> writing some /etc/*.conf files with info from the user, using MAKEDEV
> to make various device nodes (not that I really understand what that
> means) and--oh--running newfs. I guess it would kill your partitions
> then. Probably upgrading is your best bet then, and I'm pretty sure
> you can go 3.6->3.8 immediately. Perhaps you could install by hand if
> all else fails?
The FAQ says skipping releases is not supported. :-)
> > tvc:constant {172} df -h ; disklabel wd0 ; fdisk wd0
> > FilesystemSize Used Avail Capacity Mounted on
> ...
> > /dev/wd0m 7.9G 2.0K 7.5G 0%/mozilla
>
> You have an entire partition for mozilla? I'm curious why (I'm
> somewhat a newbie, I like enlightenment).
I am a mozilla contributor. :-) I used to build it in /home on
FreeBSD, which actually was /usr (/usr/home), and it all got too messy
(`find /usr -name "somename"` became too awkward etc). So I decided to
play it cool with OpenBSD, in case I'd like to hack mozilla again.
Constantine.
Re: Sudo
On Sat, Feb 11, 2006 at 09:02:41AM -0500, Dave Feustel wrote: > I don't know whether this is or would be considered as a bug, > or whether it is generally known, but sudo, when successfully > invoked with a password in one shell, becomes active in all > shells of that user for the timed duration. this is normal. see timestamp_timeout in sudoers(5) if you want it to always ask for validation. steven Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
Sudo
I don't know whether this is or would be considered as a bug, or whether it is generally known, but sudo, when successfully invoked with a password in one shell, becomes active in all shells of that user for the timed duration. Dave Feustel -- Lose, v., experience a loss, get rid of, "lose the weight" Loose, adj., not tight, let go, free, "loose clothing"
Re: X11 exploit info
On Sat, Feb 11, 2006 at 06:03:51AM -0500, Dave Feustel wrote: > 13-May-2004: The ease of (ab)using X11, Part 1 > X11 is the protocol that underlies your graphical desktop > environment, and you need to be aware of its security model. Whow! So if I get root access to your computer, I have access to your X server. What a security threat! Sorry, I'll not waste my time reading the other "exploit" infos.
Re: MIPS CPU
On Sat, 11 Feb 2006 13:00:30 +0200, Edgars <[EMAIL PROTECTED]> wrote: >I just want to know, is that MIPS cpu supported by openbsd, didn't >find info on hw pages. >http://www.routerboard.com/rb500.html > (sigh) You should try reading *all* the hardware pages again: http://www.openbsd.org/plat.html The old, discontinued (unsupported) PMAX port is for machines using the MIPS R2000, R3000 and R4000 CPU's. The old, discontinued (unsupported) ARC port is for machines using the MIPS R4000 and R5000 CPU's. The new, (active development) SGI port is for O2 machines using the MIPS R5000 R5200 R7000 R1000 and R12000 CPU's. As for running OpenBSD on your esoteric "routerboard" you had better hope the required docs are available, be prepared to do a lot of work to create your own OS port and cross your fingers that the device is well made. JCR
X11 exploit info
at http://www.hackinglinuxexposed.com/articles/ is a 3-part series on X-11 exploits which those who think they understand x11 security might wish to read and comment upon. I clearly don't understand x11 security so I have no comments, but I will read with great interest comments by anyone else. 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging into another machine can compromise your desktop... 08-Jun-2004: The ease of (ab)using X11, Part 2 Abusing X11 for fun and passwords. 13-May-2004: The ease of (ab)using X11, Part 1 X11 is the protocol that underlies your graphical desktop environment, and you need to be aware of its security model. Dave Feustel -- Lose, v., experience a loss, get rid of, "lose the weight" Loose, adj., not tight, let go, free, "loose clothing"
MIPS CPU
I just want to know, is that MIPS cpu supported by openbsd, didn't find info on hw pages. http://www.routerboard.com/rb500.html ** Scanned by MailScan Anti-Virus and Content Security Software. Visit http://www.mwti.net for more info on eScan and MailScan. **
Re: netgear ma521
On Feb 11, 2006, at 4:13 AM, Jonathan Gray wrote: On Sat, Feb 11, 2006 at 02:42:42AM +0100, Moritz Lutz wrote: Hi there, i got an problem here. I got an old laptop 100mhz 10,4". So there is no internal network interface so i want to run an wireless lan card in it (cardbus). But i don't get it work. I was already reading the OpenBSD FAQ but no effect if i plugged in the card i got this error as output of dmesg : cic_chip_socket_enable: status cpcic_wait_ready: ready never happened, status = 0c maybe someone can help me with this or can give me a link with an detail installation. Sounds like the laptop is too old to support 32 bit CardBus cards. Provide a full dmesg in future, but what you want to look for is the presence of cbb(4) in your dmesg. You might have some luck aquiring an old prism card off ebay, look for a card without the golden bar on the end, those are 16bit PCMCIA cards which should work fine. sry that i dont put the full dmesg on the list but i dont get the dmesg from the laptop to the ibook only a floppy is availible at the laptop :>. But here the result of dmesg | grep cbb cbb0 at pci0 dev 4 function 1 "Texas Instruments PCI1130 CardBus" rev 0x04pci_intr_map: no mapping for pin A cbb1 at pci0 dev 4 function 0 "Texas Instruments PCI1130 CardBus" rev 0x04pci_intr_map: no mapping for pin B mfg eSpo
