On Sat, Aug 16, 2008 at 2:33 PM, Travers Buda <[EMAIL PROTECTED]> wrote:
> Are they protecting DefCon from the internet or the internet from DefCon?
Does it have to be one or the other?
On Sat, Aug 16, 2008 at 12:37 PM, David Newman <[EMAIL PROTECTED]> wrote:
> Is there some other way to install ports across machines?
You'll have to either map the root user (-maproot=user) in exports(5),
or build the package (see ports(7)) on the build system, then install
it via pkg_add(1) on t
On Thu, Aug 14, 2008 at 1:15 PM, Pedro Martelletto
<[EMAIL PROTECTED]> wrote:
> You're all apparently missing out on a great tool called "GHome Mover"
> (http://www.brookepeig.com/ghomemover/). I know the guy said he is
> logging in from remote, but it is definitely worth the effort having X
> ins
On Thu, Aug 14, 2008 at 11:14 AM, skogzort <[EMAIL PROTECTED]> wrote:
> Hello,
> Ib m trying to copy all the contents of "/root/var/namedb from a remote
> OpenBSD3.8 DNS server to my local PC. I am using WinSCP for file transfer. I
> have found that I am unable to download some of the directories:
On Fri, Aug 8, 2008 at 2:59 PM, phoenixcomm <[EMAIL PROTECTED]> wrote:
> Hi Gang,
> well heres my 3 cents,
> first why use a stupid PC (any os) for routing.. REALY BAD jue,jue brake
> down and buy a old Cisco 7200, 7500, 3600 they are all very good routers, I
> used a 7500 for a while and now
On Fri, Aug 8, 2008 at 2:39 PM, phoenixcomm <[EMAIL PROTECTED]> wrote:
> hi gang,
> I have a OpenBSD transparent bridge running (pf)!!! Best firewall yet..
> PROBLEM (Beware my stupid light is light. :-O any way. a few months ago I
> upgraded my login password from 8 chars to 10, and then promptly
Yeah, that's Tiger.
I don't know if leopard quartz composer constructs work in Tiger. It
might be worth a shot.
You might also just want to play with QuartzComposer.app.
On Sat, May 3, 2008 at 1:56 PM, Dan Langille <[EMAIL PROTECTED]> wrote:
>
> On May 3, 2008, at 4:20 P
Leopard or Tiger?
On Sat, May 3, 2008 at 12:11 PM, Dan Langille <[EMAIL PROTECTED]> wrote:
> I need help. I need someone to create a screen saver to run on my Mac.
> This screen saver will be used during the opening session of BSDCan.
>
> In short; I have about 20 emails I wish to have displaye
Hmm. Gotta review CARP again, it seems. When did this go in?
On Mar 23, 2008, at 2:29 AM, Ryan McBride wrote:
On Sat, Mar 22, 2008 at 10:49:26AM -0700, johan beisser wrote:
I would like to reach a state, if possible, in which load
balancing is
performed, but at the same time, if one machine
On Mar 22, 2008, at 5:44 AM, Rico Secada wrote:
Hi.
A customer with very limited resources needs to set up a high
available
system running apache, mysql, postfix and dovecot and I have gotten
the
task.
it's doable, but the unanswered question is what do each of these
components have to
On Feb 25, 2008, at 6:39 AM, Douglas A. Tutty wrote:
But if the switches don't know how to handle this setup, then
they'll go
crazy. I don't know if these switches can be told how to handle this.
They can. The Dell Powerconnect 2700 are basically rebranded Cisco
switches running CatOS.
Did you configure STP, or are the switches figuring this out on their
own?
On Feb 24, 2008, at 1:09 PM, John Nietzsche wrote:
Dear gentleman/madam,
i was given 4 2724 dell powerconnect switches and only 6 patch cords.
Besides that, i was given a challenge to connect them each other
having a
On Feb 23, 2008, at 2:54 PM, Mark Zimmerman wrote:
I just installed the latest amd64 snapshot and wanted to test some
packages. Firefox will not install due to a chain of dependencies
stretching back to glitz which requires libGL.6. The snapshot I
installed this morning has libGL.7. Since the sna
On Feb 23, 2008, at 7:35 PM, Jay Hart wrote:
I've looked at or modified every file in roots and one users home
directory
without having the prompt displayed upon initial login. Once I
login, and run
'bash', the prompt will be displayed as I set it. This leads me to
believe
that I have an i
On Feb 23, 2008, at 6:29 PM, Jay Hart wrote:
I use bash as my shell.
I'm trying to set the bash prompt to display:
ttyC1 [EMAIL PROTECTED]
I've created a .bashrc in the users home directory (in this case
root), and
used the following line:
PS1="\l [EMAIL PROTECTED] #"
So, what happens w
On Feb 23, 2008, at 5:44 PM, Antonio Lobato wrote:
I know it is better to use 4.2, but it does not depends only of my
opnion,
I'm configuring the firewall for a customer, and now I can at most
make a advice.
Advise them to use 4.2. There are significant speed improvements to
pf, among othe
I
On Feb 23, 2008, at 1:26 PM, Chris wrote:
I have upgraded my 4.2-release to 4.3-beta. But I am a bit confused as
I cannot see snmpd.conf, relayd in /etc. However, I can see them in
/usr/src/etc/. When I login it says, 4.3-beta and uname -amp shows 4.3
I've been using mergemaster(8) to follow
On Feb 22, 2008, at 8:19 PM, David Murphy wrote:
I'd be happy to provide any information requested. I'm quite new to
*BSD,
but I'm pretty well-versed in Linux, so tell me what you need, and
I'll
find it. If you need more information about the box than what I gave
at the
end of my first po
On Feb 22, 2008, at 5:32 PM, David Murphy wrote:
PS: another piece of info I left out is that my modem is a Motorola
Surfboard SB5120, and my cable ISP is Charter.
Does charter require PPPoE?
On Feb 6, 2008, at 5:45 PM, Need Coffee wrote:
Does anyone run OpenBSD on blade servers? I don't mean
"Sun Blade 150" kind of hardware, but rather blade chassis
with server blades (a la Sun Blade 8000, HP, Dell, etc.).
I've been running FreeBSD on an Intel blade chassis with varying
amounts
Your pass rule for the web server is screwed up, so it won't match.
The rule after it matches and should permit it to pass.
On Feb 3, 2008, at 10:31 PM, Bales, Tracy wrote:
# macros
ext_if="dc0"
int_if="dc1"
web_server="192.168.0.4"
# scrub
scrub in
# nat
nat on $ext_if from !($ext_if) to a
On Feb 3, 2008, at 9:12 PM, Ted Unangst wrote:
you still don't gain anything. what percentage of your traffic is
coming from unallocated space?
I'm not disagreeing with you in that it's wasted effort. It is. This
is why I personally use overload tables.
On Feb 2, 2008, at 3:17 PM, Chris wrote:
On Feb 3, 2008 9:27 AM, johan beisser <[EMAIL PROTECTED]> wrote:
C) to use cu(1) with a USB serial: "cu -l /dev/cuaU0"
I tried "cu -l /dev/cuaU0", "cu -l /dev/cuaU0 -s 9600" - it says
"Connected" after t
A) don't bother initializing a modem. Forget minicom. It's nearly
useless for what you're doing.
B) openbsd has a utility built in to do just these kinds of things:
"cu(1)"
C) to use cu(1) with a USB serial: "cu -l /dev/cuaU0"
On Feb 2, 2008, at 1:57 PM, Chris wrote:
On Feb 2, 2008 10
On Feb 2, 2008, at 6:32 AM, Wijnand Wiersma wrote:
I don't think bogons are able to complete the TCP handshake since you
don't know how to route back. Filtering those will not make sure there
are less log messages about ssh logins
Not entirely true. Bogons are not supposed to be routed, or
On Feb 1, 2008, at 4:18 AM, Erich Dollansky wrote:
It could be anything from more support for FreeBSD to no support
from Yahoo's side at all anymore.
I like to think that MS learned their lesson on pulling FreeBSD from
production use when they bought Hotmail. Perhaps not.
"Eat your own do
I've simply added in an overload rule to pf on my server. This has
helped significantly.
On Jan 31, 2008, at 11:11 PM, Chris wrote:
my logs are filled with useless ssh bruteforce attempts - is there
anything i can do to avoid logging random brute force attacks? since i
disallow ssh root logi
On Jan 30, 2008, at 7:45 PM, scott wrote:
If MHz are the issue ... you can get SUN NETRA T1 machine off ebay
from
50-300$ depending on its age and ingredients. These used Netra's
range
from 400M-1.2G Hz. These are 1U units. They offer far greater
performance bang then x86's at at like MHz.
On Jan 28, 2008, at 11:10 AM, Gilles Chehade wrote:
"RELEASE DECENT LINUX DRIVERS!"
I won't sign and I doubt it is a good idea to say to a vendor that
we want decent drivers
when this will only encourage them into providing blobs instead of
documentation.
The average user doesn't know the
On Jan 28, 2008, at 11:46 AM, Lord Sporkton wrote:
what keywords should be be searching for?
i have no idea what this would be called?
Parallel processing.
Massively Parallel-processing Systems can usually have assigned CPU
usage.
I believe Solaris permits some level of CPU assignment, bu
On Jan 27, 2008, at 9:24 PM, Lord Sporkton wrote:
I am setting up a duel core server, the server will be doing 2 things,
firewall/routing and user-services
since my needs are pretty small for this server and its a duel 2.0
64bit i was hoping to sort of partition the cpus such that
firewalling/k
On Jan 17, 2008, at 5:37 PM, Douglas A. Tutty wrote:
However, there have been threads here detailing the recompilation
necessary for sendmail to handle SSL Auth (or whatever its called).
If
you have to recompile sendmail (as opposed to changing a config),
presumably you'd have to make the sa
On Jan 17, 2008, at 5:02 PM, ropers wrote:
It can be useful for (esp. junior) sysadmins who've hooked up a
monitor and keyboard to a server and are sitting in front of it to
administer it, and who may not be confident enough of their choices
without googling and reading through a number of pages
On Jan 17, 2008, at 3:36 PM, Frank Bax wrote:
Have you considered running the browser in a virtual environment?
Outside of virtualization providing snapshots, it doesn't do anything
to truly improve security.
On Jan 16, 2008, at 3:58 PM, Unix Fan wrote:
I notice a lot of people forward several ports when using
bittorrent
You know, It's not written in stone that you "need" to use more then
a single port...
The standard bittorrent client usually only handles a single port at a
time per ins
Just a fast followup.
While pulling 133K down via BitTorrent I decided to run some tests
through the 4.1 firewall with hping. Nothing serious, just different
flags.
My queues, from pftop:
qo_tcp_ack priq 7 790K 49M 0 0
0 163 9939
qo_dns
On Jan 15, 2008, at 5:23 PM, Brian wrote:
How are you testing for latency, so I can duplicate on my side?
When I was doing my tests, I was running a simple ICMP echo through
the default queue (what bittorrent runs in). Were I to test this
again, I'd probably run a full test using hping2/hp
On Jan 15, 2008, at 9:34 AM, Stuart Henderson wrote:
I thought the performance improvement came from 4.1 with the
removal of per
packet interrupts.
http://www.openbsd.org/42.html
Huge performance improvements in the network stack, including:
# In pf, store routing table ID, queue ID etc direc
On Jan 15, 2008, at 1:35 AM, Stuart Henderson wrote:
On 2008/01/14 19:40, johan beisser wrote:
The hardware is a slightly loaded Soekris net4501 with 64mb of RAM
running OpenBSD 4.1 (GENERIC).
This will handle much more traffic if you upgrade to 4.2.
I thought the performance improvement
On Jan 14, 2008, at 5:10 PM, Brian wrote:
--- Max Hayden Chiz <[EMAIL PROTECTED]> wrote:
Perhaps this problem is specific to my configuration (or specific to
DOCSIS cable modems). But if it makes Brian (or someone else's
problem) go away, then it is likely that this problem is not unique.
I
On Jan 14, 2008, at 12:09 PM, Nikns Siankin wrote:
If you get money from selling CDs/soft, its just clearly unfair to not
support it. Yes, I'm talking about stable ports.
Actually, the OpenBSD OS is supported. Your argument is pointless.
Stable ports are NOT supported because, well, it's not
On Jan 12, 2008, at 9:29 PM, Daniel O'Connor wrote:
On Sun, 13 Jan 2008, johan beisser wrote:
Pitty the few I have seen are basically unmaintained :(
(eg Papercut)
Hmm I wonder how hard it would be to write a forum scraper
Not too difficult. Quite a few forums provide RSS feeds.
On Jan 12, 2008, at 4:37 PM, Daniel O'Connor wrote:
A usenet<->forum bridge would be nice since news looks enough like
email
for oldies to use :)
Pitty the few I have seen are basically unmaintained :(
(eg Papercut)
Hmm I wonder how hard it would be to write a forum scraper
Not too dif
On Jan 8, 2008, at 1:15 PM, Douglas A. Tutty wrote:
Well, right now, I just do full backups. Incrementals get rather
tedius. Especially since they find new files but they don't notice a
file that has been deleted. So I don't need a list of what files
are in
which tarball but rather just wha
On Jan 8, 2008, at 7:29 AM, Douglas A. Tutty wrote:
However, if you have one directory you wish to put on tape, e.g. as an
archive of old OS .iso's (in case the origionals get scratched), as
far
as I know, you can't use dump (which is only for entire filesystems).
Or, is there any reason that
On Jan 8, 2008, at 6:29 AM, Douglas A. Tutty wrote:
I know that the FAQ says to just use dump to make backups but what if
you want a tape of a specific group of files for archiving? When last
did the dump format change? Since it reads the filesystem directly,
I'd
assume that its filesystem-
On Jan 8, 2008, at 8:05 AM, Sewan wrote:
Hi,
I have an apache-php website running on windows server 2003 port 80,
i have
correct rdr rules that pointing my web server, i can view website
inside my
LAN, but i can't view page outside of my network. I've checked all
dns- ip
settings, everyth
On Jan 7, 2008, at 4:06 PM, Eduardo Alvarenga wrote:
If you read here[1], you can notice that by paying $49, you can keep
on downloading PFW updated iso images ** UNTIL ** OpenBSD 5.0.
That's a lot of time IMHO :-)
[1] http://www.allard.nu/pfw/iso (How much is it and what do I get?)
Oddly,
On Jan 7, 2008, at 4:05 PM, Eduardo Alvarenga wrote:
If you read here[1], you can notice that by paying $49, you can keep
on downloading PFW updated iso images ** UNTIL ** OpenBSD 5.0.
That's a lot of time IMHO :-)
[1] http://www.allard.nu/pfw/iso (How much is it and what do I get?)
It's his
On Jan 7, 2008, at 9:55 AM, badeguruji wrote:
Hello,
I figure that i will need to give some runtime arguments to
following commands for upgrading my fvwm installation. as per README
from fvwm package...
can someone tell me what is the right value for PREFIX and EPREFIX?
Since they are n
On Jan 7, 2008, at 9:14 AM, Richard Stallman wrote:
> The evidence of this discussion shows that's not a good description
> for what I am saying. Many of the people on this list were told that
> I want OpenBSD to "erect barriers against" installing non-free
> programs. And their words show that t
On Jan 6, 2008, at 5:35 PM, Sevan / Venture37 wrote:
Alright Theo, where have you stashed the code??
http://www.allard.nu/pfw/pics/buynow.png
http://www.allard.nu/pfw/
Hmm. PHP5 based interface with the PF ruleset? Only thing it's really
missing is some method to manage interfaces, dhcp, et
On Jan 7, 2008, at 3:31 AM, Richard Stallman wrote:
If I understand that correctly, it means that OpenBSD does distribute
binary-only firmware, which isn't free. This would be a second reason
why I should not endorse OpenBSD. The systems I endorse try to
exclude such firmware.
Then, sir, you
On Jan 6, 2008, at 8:18 PM, Richard Stallman wrote:
By publishing it, and telling only me--not anyone who could fix
it--you made sure a day would go by when others know about the problem
but our sysadmins did not. It would have been better practice to tell
our sysadmins privately first, and give
On Jan 6, 2008, at 11:09 AM, Good Good wrote:
Hello,
My ISP (free.fr) now proposes to me a native connectivity in IPV6.
I wish to implement this functionality on my network, that here:
SwitchFirewallISP BoxISP Network/
Internet
__ ___
On Jan 6, 2008, at 2:46 AM, Richard Stallman wrote:
Absolutely. FSF staff checked the BSD versions and told me what
found. I do not redo their work after they do it; I trust that they
did it well.
Their report about OpenBSD was accurate.
Except, sir, at some point, someone made a mistake. A
On Jan 6, 2008, at 1:28 AM, Karthik Kumar wrote:
Deliberately ignoring the point doesn't make it any less relevant.
I am saying that the secure by default doesn't hold because lots of
people use ports.
Most people do. Extending your UNIX system to make it work as you want
is a basic, and
On Jan 5, 2008, at 11:54 PM, Karthik Kumar wrote:
openvpn 2.0.x is in the ports: not by default. PF is not enabled by
default.
Deliberately ignoring the point doesn't make it any less relevant.
On Jan 5, 2008, at 11:22 PM, Karthik Kumar wrote:
Secure by default. Ship with nothing and call it secure. Wow! Maybe it
shouldn't start the network by default, huh? Then that's secure, isn't
it? Start no daemons, start no shells: ZOMG!!! it's secure :P
Oddly, I find this more sensible than "s
On Jan 5, 2008, at 7:48 PM, Ted Unangst wrote:
On 1/5/08, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
Is there anything that, bug-wise, could go wrong with that remote
browser that would be able to read or alter anything on the local
machine? I'm talking about using ssh's X forwarding features
On Jan 5, 2008, at 4:56 PM, Rui Miguel Silva Seabra wrote:
Yes. But even if it's legally redistributable, the question remains
wether it's free software or not.
Fortunately OpenBSD is Free Software. Unfortunately it recommends and
distributes proprietary software on it's servers (and it wasn't
On Jan 5, 2008, at 8:06 AM, Shane J Pearson wrote:
I think the first computers I witnessed in a work place, were
actually analog computers (Navy).
Where a mix of humans, transistors, valves, gears and three-phase
motors/sensors, got the job done.;-)
They're still in use as of the lat
[slight legibility edit]
On Jan 5, 2008, at 9:39 AM, Marco Peereboom wrote:
On Sat, Jan 05, 2008 at 07:30:36AM -0800, johan beisser wrote:
On Jan 5, 2008, at 6:31 AM, Richard Stallman wrote:
I doubt I would have looked at the AROS web site myself. To find
out
the status of the BSD systems
On Jan 5, 2008, at 6:31 AM, Richard Stallman wrote:
I doubt I would have looked at the AROS web site myself. To find out
the status of the BSD systems, recently, I asked the FSF staff to
check for me.
Wait, you have someone else do the research, and this persons opinions
get reflected in wha
On Jan 2, 2008, at 4:29 PM, Erik Wikstrvm wrote:
The preferable way to solve this would probably be to use two disks
but
that is not an option for me. So I was wondering if it is possible to
instead split the disk in two parts, the first is used to install
OpenBSD on, and the rest is split in tw
On Jan 2, 2008, at 10:17 AM, Nick Golder wrote:
I inherited a system that is attempting (poorly) to QoS traffic going
across a tun interface (which is being used by OpenVPN). Examples,
books, and ML suggest to tag on the internal interface ingress traffic
and QoS on the external interface egres
On Dec 29, 2007, at 10:41 PM, Girish Venkatachalam wrote:
What on earth is this?
http://www.cyberciti.biz/faq/rhel-centos-debian-ubuntu-jumbo-frames-configuration/
Jumbo frames. Ethernet frames with more than 1500 bytes of payload/
larger MTU than 1500..
I was under the impression that E
On Dec 25, 2007, at 12:57 PM, badeguruji wrote:
I want to setup postfix and dovecot. i want to authenticate my users
thru ldap.
for that i have installed openldap server package.
Is there a place where i can find some 'ponited' help on how to
build such an 'email users' database? i do not wa
On Dec 24, 2007, at 12:34 AM, Lord Sporkton wrote:
i could be wrong but here is my 2 cents:
ive seen something like this related to upnp, i would venture to guess
your 2 friends have routers which support upnp and so far as i know
openbsd does not support upnp.
I would suggest either consultin
On Dec 23, 2007, at 1:42 AM, scott wrote:
RE: tunnelblick
you should look at
ssh -w tun0:tun0 ...
option; it's comparatively new and a tad under documented but works
nicely, albeit on tcp.
My complaint with the "-w" option is not a lack of it working (works
great), but lack of support thr
On Dec 22, 2007, at 6:57 PM, Sunnz wrote:
Yes I have tried an OpenVPN client on a Mac before... it feels kind of
hackish to be honest... haven't tried the Windows one yet... but if
that's the only thing that works then I don't have a choice I guess.
I can understand that. What's worked really
No.
After searching around, playing with PoPToP, and trying various other
solutions, I settled on OpenVPN.
The advantages are pretty well spelled out. OpenVPN supports just
about ever OS out there. My only complaint is a lack of privsep.
> Hi,
>
> I have been thinking to set up a VPN on
On Nov 13, 2007, at 12:39 PM, Paul Wouters wrote:
Instead of creating noise, one should fix the problem of sending out
plaintext email, and encourage people to use email encryption such as
Enigma for Thunderbird. Encrypt IM conversations with OTR, and via
other ways pro-actively protect ones o
On Nov 11, 2007, at 1:26 PM, Duncan Simpson wrote:
The signal-to-noise logic probably does work, but I am not sure the
legal
angle does. If you were *deliberately* ran the software that acidently
downloaded that kiddie porn the suggested angle might not work.
That's been an ongoing question
On Nov 10, 2007, at 9:28 AM, Paul Sebastian Ziegler wrote:
> The mechanism is quite easy: It searches Google for random words and
> picks random pages among the results, then spiders from there (well it
> is spidering except that it only follows one URL at a time within a
> session thus simulatin
On Nov 12, 2007, at 11:27 AM, Matt D. Harris wrote:
However some of these issues can be mitigated without too much
trouble. For example, one could have a dynamically growing
dictionary of words to search for based on random words in random
results pages that it grabs. At the very least,
On Nov 10, 2007, at 9:28 AM, Paul Sebastian Ziegler wrote:
The mechanism is quite easy: It searches Google for random words and
picks random pages among the results, then spiders from there (well it
is spidering except that it only follows one URL at a time within a
session thus simulating a us
201 - 277 of 277 matches
Mail list logo
