Re: need some advice
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Dick Hoogendijk wrote: On 28 Jul Trevor Sullivan wrote: I would recommend purchasing an Athlon 64 3000+ Venice core. I just picked one of these up along with 2 gigs of ram and a 6600GT and it runs sooo nice. Not only that, but it's cheap. I tend to switch to this 3000+ Venice core thing. Problem is finding a motherboard that ALSO is fully supported by FreeBSD. It seems lots of those 939 boards are not ;-( If you are running fbsd, which motherboard did you choose? Finding the rest is no problem ;-) Well, I bought the ECS KN1 Extreme (awesome board). I didn't really check compatibility with FreeBSD because I run Windows XP on my client machines. The reasons I went with this board are that it is well featured, it was relatively cheap compared to other socket 939 boards, and I also learned that ECS manufactures boards for other companies that rebrand them. You can never be sure what you're actually buying, so I went with the real manufacturer if that makes any sense. Sorry I couldn't be of more help. Figured I'd at least evangelize the Venice core (good choice...it runs fast and cool! :-) Trevor -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD8DBQFC6omWoGycRpOgdeERA++yAKCNi/FwpBqbwVX4K/oRFFCE5ftsogCgt6ls dcfvX2f01ytCFpJLSX2vcHk= =2Bge -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: need some advice
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 dick hoogendijk wrote: I have the chance to buy a new computer. It will take a long time before I can do this again. My options are: Athlon64-3000+ (Newcastle) on a MSI K8T NEO-FSR board (1Gb 3200 mem) Athlon64-3400+ (Clawhammer on the same board Intel Prescott 3.4Mhz on a Intel 915p board (1024 Mb DDRII pc4300 memory) Is there much difference between the athlon3000/3400 ?? Will the intel platform have (dis)advantages ? I will run FreebSD on it (compile a lot of ports) and (windows-xp/98se) for gaming. Price is important. I.e. buying the athlon3000 gives me the opportunity to buy something else, BUT if the speed of the 3400+ is much better, I can buy that other stuff later.. if you see what I mean. I just want a machine that last a litthle longer... I.e. the intel MB has a PCIe grahics slot. How important is that (or not). I will buy a Geforce-6600GT videocard (offer most for less money..) Any advice is welcome. I would recommend purchasing an Athlon 64 3000+ Venice core. I just picked one of these up along with 2 gigs of ram and a 6600GT and it runs sooo nice. Not only that, but it's cheap. Read up on the new Rev. E (Venice) chips @ http://www.techreport.com/reviews/2005q2/athlon64-venice/index.x?pg=1. Can't say I'd recommend purchasing an intel chip for desktop usage. They consume a lot of power, and that implies that they run pretty darn hot too. I avoid them at all costs. See http://www.techreport.com/reviews/2005q2/athlon64-venice/power-load.gif Trevor -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD8DBQFC6Wu7oGycRpOgdeERA5B8AKCPf2dhr6Sx04+s71Hb9uzc1f+zYwCfU6CN 21p008fkgqhsQvcRFFehTgE= =YPNN -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Restrict Tunneling thru SSH
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Hornet wrote: On 7/22/05, Trevor Sullivan [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Hornet wrote: On 7/21/05, Trevor Sullivan [EMAIL PROTECTED] wrote: Hello list, I am curious as to whether or not it is possible to restrict certain users from tunneling traffic through SSH. I would like to be able to tunnel my own traffic, but provide user logins that are restricted from accessing the rest of my inside network. Is it possible to restrict this by user? Thanks Trevor I'm pretty sure it is an all or nothing config option in sshd.conf in the global sense. But you can make specific options for specific hosts. So could I possibly restrict SSH tunneling by IP (host)? I guess my concern is that if I create a user account, it will be able to tunnel to other machines on my network w/o restriction. Is the way to do this maybe a DMZ or separate VLAN? Trevor Yes, should be able to do this via your sshd config. I would recommend using webmin for this. I have not done this before, but it looks do able. Are your user going to be using ssh, or is this just a SMB box? If it is just a SMB box, then I would just set the shell account to nologin since that is separate from the SMB account. Also I guess you could set a up firewall and restrict the ports that can talk on the LAN. -Erik- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Well I was thinking about setting up vsftpd as my ftp server. I tried it a while ago and was having some issues with PAM while configuring virtual users so I decided to use pure-ftpd for a while because that was quite a bit easier to use. In the case of vsftpd, I don't really hope to setup virtual users (as big a PITA that was), so instead I'm going to just use unix authentication. I guess...I could still just set their shell to nologin huh? Didn't even think about that...lol. I do have a question though...I understand that for Mac OSX, there is a program that establishes SSH tunnels w/o actually being an SSH client per se...would this till allow the user to use something like that? Trevor -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD8DBQFC4oOdoGycRpOgdeERA36iAJoCN1k/Sf4nu1sx1ypgPhDeyyBREQCfUWKq t3a7LwrSKVZkPr44m4SsmiE= =g305 -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Restrict Tunneling thru SSH
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Hornet wrote: On 7/21/05, Trevor Sullivan [EMAIL PROTECTED] wrote: Hello list, I am curious as to whether or not it is possible to restrict certain users from tunneling traffic through SSH. I would like to be able to tunnel my own traffic, but provide user logins that are restricted from accessing the rest of my inside network. Is it possible to restrict this by user? Thanks Trevor I'm pretty sure it is an all or nothing config option in sshd.conf in the global sense. But you can make specific options for specific hosts. So could I possibly restrict SSH tunneling by IP (host)? I guess my concern is that if I create a user account, it will be able to tunnel to other machines on my network w/o restriction. Is the way to do this maybe a DMZ or separate VLAN? Trevor -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD8DBQFC4VNYoGycRpOgdeERA319AJ0Q44VnovrE/nqGuTnB3NfAnb42IgCfRPot OL28pYsfdGzXBe7oF9OuLSE= =AcY1 -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Restrict Tunneling thru SSH
Hello list, I am curious as to whether or not it is possible to restrict certain users from tunneling traffic through SSH. I would like to be able to tunnel my own traffic, but provide user logins that are restricted from accessing the rest of my inside network. Is it possible to restrict this by user? Thanks Trevor ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Starting MySQL at bootup
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gerard Seibert wrote: This is probably a dumb question, but I will ask it anyway. I have 'mysql' installed. From what I have deduced from the documentation, I should start it using 'mysqld_safe'. I am assuming that I would use the syntax 'mysqld_safe ' to force the program into the background upon starting. What I can not seem to figure out is how to get the program to start automatically upon boot up. I actually just got throug this last night myself...there are a couple of ways to look at it depending on how you installed MySQL (from source or ports tree, etc), one being the FreeBSD handbook, and the other is the MySQL documentation. The latter provides a startup script in the MySQL source that you simply copy to /usr/local/etc/rc.d. See the following page for specifics: http://dev.mysql.com/doc/mysql/en/unix-post-installation.html Hope this helps, Trevor -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD8DBQFCrsUzoGycRpOgdeERArnzAJ0dNnCo5CBxI+lOMB6DIwuINQ6RtgCeMPeA KW16PhPZl8bdVujSjFb068s= =MpZf -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: best practices for administration
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Bear wrote: Since the BSD community seems to be more security conscious than other (read windows system administrators) groups, I wanted to see if anyone here would have any pointers to best practices documents when administering ANY operating system, not just FreeBSD. I am assuming that many of you must manage other operating systems as well. The nexus of my query lies in my attempt to have our central IT folks issue additional identities for users to have when administering the systems versus doing productivity work on them. I'd like to understand what is done generally when granting users permissions to do things on the operating system that imply 'administration', ie installing software, adding printers, modifying system scripts, etc. There are some here who think that putting standard user ID's into administrative 'groups' is sufficient for granting such priveledges. hopefully, I'm not being too obscure. A while ago I happened across the CentOS documentation (copied from RedHat's basically) which you can find here: http://www.centos.org/docs/4/. This has been quite helpful for me, especially regarding things such as user notification, problem resolution etc. - -Trevor -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD8DBQFCgoAqoGycRpOgdeERAmRpAKDLu9LWcAZHpB2ke3pB0bl2S91AwQCeIrf3 8kMj+UdYHASQPWViTfqQsDk= =A0JV -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: The FreeBSD Handbook, in Wiki form.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ryan J. Cavicchioni wrote: I would love to see a wiki for FreeBSD. I think that it would be really beneficial for the project. It would take some work to establish it but if there were enough participants, it could turn into a very robust documentation project. Some hard work would be required to make the wiki healthy and to police it but the spirit of a wiki is many users reviewing each other. Benjamin Keating wrote: A wiki would eliminate that bottle neck (PR). Some parts are out of date. Others fail to mention FAQ , etc. that could really help. For instance, the NAT/DHCP articles could easily include a 'typical home user' HOWTO rather then tricking the user into reading that one line where it says you have to recompile your kernel with IPFIREWALL support. Things like that bring noise to this mailing list. Idon't know about you but I'd rather just add my new found info to the site rather find a PR addy, submit it and wait for it to be added. We have software that does this now. Lets use it! :) - bpk On 5/3/05, Kris Kennaway [EMAIL PROTECTED] wrote: On Tue, May 03, 2005 at 05:00:06PM -0700, Benjamin Keating wrote: Is there anything being done to help keep the handbook just a little more updated? It's a great handbook, if it's content wasn't so out of date. What is out of date? Generally, if you want to improve something in the handbook, just submit a PR. Kris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Wiki's in general are a great idea, I agree. However, you must still consider that anyone can add to a wiki, and the content within could become very cumbersome to maintain. It would (still) require the FreeBSD development team considerable time to verify what is in it and make sure that it isn't going to throw people off. For official documentation, I would have to say that a wiki is not the best idea (unless it is exclusively maintained by the FreeBSD team). Don't get me wrong, wiki's are really cool, but if you want to get down to the facts in official documentation, you can't allow it to get out of hand. My 2 cents...any thoughts? :-) - -Trevor -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD8DBQFCeN/CoGycRpOgdeERAu0yAJ9nPTcBrW5unJyr4ljWd03t/+a2UgCdHnp0 7tT7lRLsLqHJnmMCZBtLOjU= =BdIK -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Please respond in 24 hrs (ref # 624 633 394)
Dave Horsfall wrote: On Mon, 25 Apr 2005, Benjamin Rossen wrote: To never hear from us again just1ce.com/gone.asp Hey! Is that possible? Spamming on the list! What can be done? It's an open list i.e. you don't have to be a subscriber, and is therefore a spammer's wet dream. There seem to be some anti-spam measures in place, but plainly not enough. -- Dave ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] FYI I have just received my FIRST g-mail spam this morning at both of my gmail accounts which is extremely bizarre...at my workplace we have seen an overall increase in spam also...I see that more people are getting into that horrid business. :\ Also, my mail client (Thunderbird) is showing the original spam message dated tomorrow morning...anyone else see that? -Trevor ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 5.3 random reboot problems
Subhro wrote: Trevor Sullivan wrote: My server is randomly rebooting when I try to do almost anything on it (I was trying to create a custom kernel post-install) and even just modifying a configuration file caused it to reboot. Anything indicated in /var/log/messages?Regards S. Hey thanks for replying...umm, no I don't see anything in that file that would relate to this I don't think. The only problem I see is that the filesystems were unmounted improperly :-) a result of my problem in the first place. Is there anything specific I should look for? -Trevor ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
5.3 random reboot problems
Hi I'm having the same problem as the person in the following post: http://lists.freebsd.org/pipermail/freebsd-questions/2005-January/072548.html My problem is with a Compaq Proliant DL380, and a fresh (standard) installation of FreeBSD 5.3. I've had several quirks on it that I haven't really understood, but after doing some research it seems like the older Proliant servers had some hardware compatibility issues with the FreeBSD 5 branch. My server is randomly rebooting when I try to do almost anything on it (I was trying to create a custom kernel post-install) and even just modifying a configuration file caused it to reboot. It's getting really irritating, and it had no problems with several different linux installations. I don't want to go back to FreeBSD 4, but if I mustthanks for any help, any ideas? -Trevor ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]