date:20060211

at http://www.hackinglinuxexposed.com/articles/ 
is a 3-part series on X-11 exploits which those who
think they understand x11 security might wish to
read and comment upon. I clearly don't understand 
x11 security so I have no comments, but I will read
with great interest comments by anyone else.

05-Jul-2004: SSH Users beware: The hazards of X11 forwarding
 Logging into another machine can compromise your desktop...

08-Jun-2004: The ease of (ab)using X11, Part 2
 Abusing X11 for fun and passwords.

13-May-2004: The ease of (ab)using X11, Part 1
 X11 is the protocol that underlies your graphical desktop environment, and you 
need to be aware of its security model.

Dave Feustel
-- 
Lose, v., experience a loss, get rid of, lose the weight
Loose, adj., not tight, let go, free, loose clothing

Re: MIPS CPU

On Sat, 11 Feb 2006 13:00:30 +0200, Edgars [EMAIL PROTECTED] wrote:

I just want to know, is that MIPS cpu supported by openbsd, didn't 
find info on hw pages.
http://www.routerboard.com/rb500.html


(sigh) You should try reading *all* the hardware pages again:
http://www.openbsd.org/plat.html

The old, discontinued (unsupported) PMAX port is for machines using the
MIPS R2000, R3000 and R4000 CPU's.

The old, discontinued (unsupported) ARC port is for machines using the
MIPS R4000 and R5000 CPU's.

The new, (active development) SGI port is for O2 machines using the MIPS
R5000 R5200 R7000 R1000 and R12000 CPU's.

As for running OpenBSD on your esoteric routerboard you had better
hope the required docs are available, be prepared to do a lot of work to
create your own OS port and cross your fingers that the device is well
made.

JCR

Re: X11 exploit info

2006-02-11 Thread Matthias Kilian

On Sat, Feb 11, 2006 at 06:03:51AM -0500, Dave Feustel wrote:
 13-May-2004: The ease of (ab)using X11, Part 1
  X11 is the protocol that underlies your graphical desktop
  environment, and you need to be aware of its security model.

Whow! So if I get root access to your computer, I have access to
your X server. What a security threat!

Sorry, I'll not waste my time reading the other exploit infos.

Sudo

I don't know whether this is or would be considered as a bug, 
or whether it is generally known, but sudo, when successfully 
invoked  with a password  in one shell, becomes active in all 
shells of that user for the timed duration.

Dave Feustel
-- 
Lose, v., experience a loss, get rid of, lose the weight
Loose, adj., not tight, let go, free, loose clothing

Re: Upgrading 3.6 to 3.8, and compiling -current

2006-02-11 Thread Constantine A. Murenin

On 11/02/06, Nick Guenther [EMAIL PROTECTED] wrote:
 I'm hardly an expert so I hope you get some other opinions but here
 are my thoughts:

 On 2/10/06, Constantine A. Murenin [EMAIL PROTECTED] wrote:
  At a remote location, I have two boxes that are connected with each
  other via a serial cable, and through a router to the internet.
 
  One of the boxes is OpenBSD 3.6, and I'd like to upgrade it to 3.8,
  and then compile -current (I want to play with the kernel alongside
  sensors.h / lm(4)).
 
  What's the best way to do it?
 
  I guess, wget'ing the bsd.rd from ftp.openbsd.org mirror would be the
  best installation media, but then upon reboot should I choose
  'upgrade' and do 3.6 - 3.7, then repeat the procedure with 3.7 -
  3.8, then cvsup and compile the -current from sources?  Or should I
  'install' 3.8, then cvsup -current, and compile?
 

 The FAQ somewhere suggests of course, starting with a fresh install
 is always best.

  If I'll choose to install 3.8, then will I be able to leave my
  partitioning scheme and contents of my custom partitions intact? Or
  will I have to repartition the drive?

 The install script does run fdisk and disklabel but there's no reason
 you can't simply quit both immediately without making changes. All
 installing consists of is untarring the various install sets,
 writing some /etc/*.conf files with info from the user, using MAKEDEV
 to make various device nodes (not that I really understand what that
 means) and--oh--running newfs. I guess it would kill your partitions
 then. Probably upgrading is your best bet then, and I'm pretty sure
 you can go 3.6-3.8 immediately. Perhaps you could install by hand if
 all else fails?

The FAQ says skipping releases is not supported. :-)


  tvc:constant {172} df -h ; disklabel wd0 ; fdisk wd0
  FilesystemSize   Used  Avail Capacity  Mounted on
 ...
  /dev/wd0m 7.9G   2.0K   7.5G 0%/mozilla

 You have an entire partition for mozilla? I'm curious why (I'm
 somewhat a newbie, I like enlightenment).

I am a mozilla contributor. :-) I used to build it in /home on
FreeBSD, which actually was /usr (/usr/home), and it all got too messy
(`find /usr -name somename` became too awkward etc). So I decided to
play it cool with OpenBSD, in case I'd like to hack mozilla again.

Constantine.

Re: X11 exploit info

On 2/11/06, Matthias Kilian [EMAIL PROTECTED] wrote:
 On Sat, Feb 11, 2006 at 06:03:51AM -0500, Dave Feustel wrote:
  13-May-2004: The ease of (ab)using X11, Part 1
   X11 is the protocol that underlies your graphical desktop
   environment, and you need to be aware of its security model.

 Whow! So if I get root access to your computer, I have access to
 your X server. What a security threat!

 Sorry, I'll not waste my time reading the other exploit infos.


Some funny quotes:
If someone on the server can read your ~/.Xauthority file (hopefully
only root, but if you have bad file permissions you're in trouble),
and can connect to the port that sshd has bound (which anyone can)
then they can access your desktop's X11 server

This means that any time you SSH to another machine, that machine's
administrators could attack you or they could just... you know... use
their admin powers to go a much more direct route to attack you.

Actually couldn't admins having access to a user's windows let them
watch the users type in passwords and things? Or is the assumption in
Unix that all admins are trusted?

First, log into the victim's desktop, become root

Being a very intelligent and worldly guy, he naturally wanted a Linux
box. -- heh

Now I need to get access to his magic cookies. Since I'm root, I can
read all files on the filesystem [...] The key here is that I should
not be allowed to show things on his X11 server -- if I can, I can do
other nastier things.

:)
-Kousu

Re: Sudo

2006-02-11 Thread Matthew Weigel


Dave Feustel wrote:
I don't know whether this is or would be considered as a bug, 
or whether it is generally known, 


Take a look at the tty_tickets option of sudoers(5) and the -k and -K 
arguments to sudo(1).  Some other operating systems use a default 
configuration file that turns it on, which may be why you were surprised.

--
 Matthew Weigel
 hacker
 [EMAIL PROTECTED]

Re: Sudo

2006-02-11 Thread Otto Moerbeek

On Sat, 11 Feb 2006, Dave Feustel wrote:

 I don't know whether this is or would be considered as a bug, 
 or whether it is generally known, but sudo, when successfully 
 invoked  with a password  in one shell, becomes active in all 
 shells of that user for the timed duration.

This is pathetic. Why don't you read the docs before posting such a
discovery? 

-Otto

Re: Sudo

On Saturday 11 February 2006 10:42, Otto Moerbeek wrote:
 
 On Sat, 11 Feb 2006, Dave Feustel wrote:
 
  I don't know whether this is or would be considered as a bug, 
  or whether it is generally known, but sudo, when successfully 
  invoked  with a password  in one shell, becomes active in all 
  shells of that user for the timed duration.
 
 This is pathetic. Why don't you read the docs before posting such a
 discovery? 
 
   -Otto

Which docs? 

-- 
Lose, v., experience a loss, get rid of, lose the weight
Loose, adj., not tight, let go, free, loose clothing

Re: Sudo

On 2006-02-11 10:49:54 -0500, Dave Feustel wrote:
 On Saturday 11 February 2006 10:42, Otto Moerbeek wrote:
  This is pathetic. Why don't you read the docs before posting such a
  discovery? 
 Which docs? 

Normal OBSD users start with man afterboot. You should try it
too. Hint: It points to docs on sudo.

HTH. HAND
Martin
-- 
http://www.tm.oneiros.de

ohci3: ? scheduling overruns USB ural attached

2006-02-11 Thread Ed Wandasiewicz

I have the following dmesg with a ural device attached to a macppc,
following current, as of 8 Feb 2006. 

Any suggestions?
Ed.

OpenBSD 3.9-beta (GENERIC) #0: Fri Feb 10 09:47:45 GMT 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC
real mem = 1073741824 (1048576K)
avail mem = 978100224 (955176K)
using 1254 buffers containing 53686272 bytes (52428K) of memory
mainbus0 (root): model PowerMac10,1
cpu0 at mainbus0: 7447A (Revision 0x102): 1249 MHz: 512KB L2 cache
memc0 at mainbus0: uni-n
hw-clock at memc0 not configured
ki2c0 at memc0 offset 0xf8001000
iic0 at ki2c0
mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff
pci0 at mpcpcibr0 bus 0
pchb0 at pci0 dev 11 function 0 Apple UniNorth AGP rev 0x00
vgafb0 at pci0 dev 16 function 0 ATI Radeon 9200 rev 0x01, mmio
wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation)
mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x5
pci1 at mpcpcibr1 bus 0
pchb1 at pci1 dev 11 function 0 Apple UniNorth PCI rev 0x00
macobio0 at pci1 dev 23 function 0 Apple Intrepid rev 0x00
openpic0 at macobio0 offset 0x4: version 0x4614
macgpio0 at macobio0 offset 0x50
modem-reset at macgpio0 offset 0x1d not configured
modem-power at macgpio0 offset 0x1c not configured
macgpio1 at macgpio0 offset 0x9 irq 47
programmer-switch at macgpio0 offset 0x11 not configured
gpio5 at macgpio0 offset 0x6f not configured
gpio6 at macgpio0 offset 0x70 not configured
extint-gpio15 at macgpio0 offset 0x67 not configured
escc-legacy at macobio0 offset 0x12000 not configured
zsc0 at macobio0 offset 0x13000: irq 22,23
zstty0 at zsc0 channel 0
zstty1 at zsc0 channel 1
aoa0 at macobio0 offset 0x1: irq 30,1,2
audio0 at aoa0
timer at macobio0 offset 0x15000 not configured
adb0 at macobio0 offset 0x16000 irq 25: via-pmu, 0 targets
apm0 at adb0: battery flags 0x0, 0% charged
pi2c0 at adb0
iic1 at pi2c0
maxtmp0 at iic1 addr 0xc8: max6642
ki2c1 at macobio0 offset 0x18000
iic2 at ki2c1
wdc0 at macobio0 offset 0x2 irq 24: DMA
ohci0 at pci1 dev 24 function 0 Apple Intrepid USB rev 0x00: irq 0, version 
1.0, legacy support
usb0 at ohci0: USB revision 1.0
uhub0 at usb0
uhub0: Apple OHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
ohci1 at pci1 dev 25 function 0 Apple Intrepid USB rev 0x00: irq 0, version 
1.0, legacy support
usb1 at ohci1: USB revision 1.0
uhub1 at usb1
uhub1: Apple OHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
ohci2 at pci1 dev 26 function 0 Apple Intrepid USB rev 0x00: irq 29, version 
1.0, legacy support
usb2 at ohci2: USB revision 1.0
uhub2 at usb2
uhub2: Apple OHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
ohci3 at pci1 dev 27 function 0 NEC USB rev 0x43: irq 63, version 1.0
usb3 at ohci3: USB revision 1.0
uhub3 at usb3
uhub3: NEC OHCI root hub, rev 1.00/1.00, addr 1
uhub3: 3 ports with 3 removable, self powered
ohci4 at pci1 dev 27 function 1 NEC USB rev 0x43: irq 63, version 1.0
usb4 at ohci4: USB revision 1.0
uhub4 at usb4
uhub4: NEC OHCI root hub, rev 1.00/1.00, addr 1
uhub4: 2 ports with 2 removable, self powered
ehci0 at pci1 dev 27 function 2 NEC USB rev 0x04: irq 63
usb5 at ehci0: USB revision 2.0
uhub5 at usb5
uhub5: NEC EHCI root hub, rev 2.00/1.00, addr 1
uhub5: 5 ports with 5 removable, self powered
mpcpcibr2 at mainbus0 pci: uni-north, Revision 0x6
pci2 at mpcpcibr2 bus 0
pchb2 at pci2 dev 11 function 0 Apple UniNorth PCI rev 0x00
kauaiata0 at pci2 dev 13 function 0 Apple Intrepid ATA rev 0x00
wdc1 at kauaiata0 irq 39: DMA
wd0 at wdc1 channel 0 drive 0: HTS548040M9AT00
wd0: 16-sector PIO, LBA, 38154MB, 78140160 sectors
atapiscsi0 at wdc1 channel 0 drive 1
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: MATSHITA, CD-RW CW-8124, DACD SCSI0 5/cdrom 
removable
wd0(wdc1:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2
cd0(wdc1:0:1): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2
Apple UniNorth Firewire rev 0x81 at pci2 dev 14 function 0 not configured
gem0 at pci2 dev 15 function 0 Apple Uni-N2 GMAC rev 0x80: irq 41, address 
00:11:24:8b:aa:18
bmtphy0 at gem0 phy 0: BCM5221 100baseTX PHY, rev. 4
ural0 at uhub5 port 2
ural0: ASUS 802.11g WLAN Drive, rev 2.00/0.01, addr 2
ural0: MAC/BBP RT2570 (rev 0x03), RF RT2526, address 00:11:d8:dc:2b:3c
ueagle0 at uhub3 port 1
ueagle0: U.S. Robotics USR9000 SureConnect ADSL, rev 1.00/40.0b, addr 2
ueagle0: address: 00:c0:49:b7:37:4a
bootpath: '/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]/bsd'
boot device: wd0.
root on wd0a
rootdev=0x0 rrootdev=0xb00 rawdev=0xb02
ohci3: 1 scheduling overruns
ohci3: 2 scheduling overruns
ohci3: 1 scheduling overruns
ohci3: 1 scheduling overruns

Re: X11 exploit info

2006-02-11 Thread Roman Hunt

Dude what is your major f*^%! malfunction? Years ago this sh!^ would've
never been allowed to fly on this list.  

Maybe you think that posting all this ridiculous shit is funny but it's
really not.

Go take a class at a community college and learn the basics before you post
again. PLEASE! And definitely stop wasting your time trying
To discover how to exploit systems you are unable to comprehend.  

That said If you ever need serious system administration help for a
serious issue (not one you make up when you are all paranoid and gunning 
to be a BIG HACKER HERO) then feel free to ask me and I'll be happy to help.

-
Roman



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Dave Feustel
Sent: Saturday, February 11, 2006 6:04 AM
To: misc@openbsd.org
Subject: X11 exploit info


at http://www.hackinglinuxexposed.com/articles/ 
is a 3-part series on X-11 exploits which those who
think they understand x11 security might wish to
read and comment upon. I clearly don't understand 
x11 security so I have no comments, but I will read
with great interest comments by anyone else.

05-Jul-2004: SSH Users beware: The hazards of X11 forwarding  Logging into
another machine can compromise your desktop...

08-Jun-2004: The ease of (ab)using X11, Part 2
 Abusing X11 for fun and passwords.

13-May-2004: The ease of (ab)using X11, Part 1
 X11 is the protocol that underlies your graphical desktop environment, and
you need to be aware of its security model.

Dave Feustel
-- 
Lose, v., experience a loss, get rid of, lose the weight Loose, adj., not
tight, let go, free, loose clothing

Re: Sudo

On Saturday 11 February 2006 11:04, [EMAIL PROTECTED] wrote:
 man sudo for starters.
 (actually that's quite enough even for a noob like me)
 (even a very out of date linux is enough)
 sheesh

Actually --with-tickets is not mentioned in sudo.
(I was sent '--with-tickets' info off-list by a helpful person.)
I found out via a google search on 'tickets sudo' about
the behavior I had discovered and reported. Then after Otto
let me know how pathetic my post was,  I went back to man sudo
but found nothing about tickets or about sudo being active in
all shells. There may be something in the sudo man page that 
describes this behavior, but I haven't spotted it yet. 
My reading skills must be deteriorating.


-- 
Lose, v., experience a loss, get rid of, lose the weight
Loose, adj., not tight, let go, free, loose clothing

Re: Sudo

2006-02-11 Thread Tony

man sudo for starters.
(actually that's quite enough even for a noob like me)
(even a very out of date linux is enough)
sheesh

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
 Dave Feustel
 Sent: Saturday, February 11, 2006 9:50 AM
 To: Otto Moerbeek
 Cc: misc@openbsd.org
 Subject: Re: Sudo

 On Saturday 11 February 2006 10:42, Otto Moerbeek wrote:

  On Sat, 11 Feb 2006, Dave Feustel wrote:

   I don't know whether this is or would be considered as a bug, 
   or whether it is generally known, but sudo, when successfully 
   invoked  with a password  in one shell, becomes active in all 
   shells of that user for the timed duration.

  This is pathetic. Why don't you read the docs before posting such a
  discovery? 

  -Otto

 Which docs? 

 -- 
 Lose, v., experience a loss, get rid of, lose the weight
 Loose, adj., not tight, let go, free, loose clothing

Re: Sudo

2006-02-11 Thread Tobias Weingartner

On Saturday, February 11, Dave Feustel wrote:
 
 I found out via a google search on 'tickets sudo' about
 the behavior I had discovered and reported. Then after Otto
 let me know how pathetic my post was,  I went back to man sudo
 but found nothing about tickets or about sudo being active in
 all shells. There may be something in the sudo man page that 
 describes this behavior, but I haven't spotted it yet. 
 My reading skills must be deteriorating.

From the first paragraph under DESCRIPTION:

  Once a user has been authenticated, a timestamp is updated and the
  user may then use sudo without a password for a short period of time
  (5 minutes unless overridden in sudoers).

Note, it says user, not shell the user is using.

--Toby.

Re: Sudo

2006-02-11 Thread Otto Moerbeek

On Sat, 11 Feb 2006, Dave Feustel wrote:

 On Saturday 11 February 2006 11:04, [EMAIL PROTECTED] wrote:
  man sudo for starters.
  (actually that's quite enough even for a noob like me)
  (even a very out of date linux is enough)
  sheesh
 
 Actually --with-tickets is not mentioned in sudo.
 (I was sent '--with-tickets' info off-list by a helpful person.)
 I found out via a google search on 'tickets sudo' about
 the behavior I had discovered and reported. Then after Otto
 let me know how pathetic my post was,  I went back to man sudo
 but found nothing about tickets or about sudo being active in
 all shells. There may be something in the sudo man page that 
 describes this behavior, but I haven't spotted it yet. 
 My reading skills must be deteriorating.

Why do you think cross references to other manual pages exist in
almost all man pages?

-Otto

Re: Sudo

On Saturday 11 February 2006 12:17, Steve Tornio wrote:
 man sudoers

Thanks to all who replied.
I will try hard to be more thorough in the future.

Dave
-- 
Lose, v., experience a loss, get rid of, lose the weight
Loose, adj., not tight, let go, free, loose clothing

external usb enclosure and ide hard disk

2006-02-11 Thread Carlos Alberto Pereira Gomes

Hi,



is there a way to control an ide hard disk connected to an usb
external

enclosure, as to put it into idle or standby
mode?



I tried 'atactl'  without
success.



here is the relevant part of my
dmesg:



umass0 at uhub0 port 2 configuration 1 interface
0

umass0: Myson Century, Inc. USB Mass Storage Device, rev 2.00/b0.08,

addr
2

umass0: using ATAPI over
Bulk-Only

scsibus1 at umass0: 2
targets

sd0 at scsibus1 targ 1 lun 0: SAMSUNG, SV4012H, RM10 SCSI0
0/direct

fixed

sd0: 38204MB, 38204 cyl, 64 head, 32 sec, 512 bytes/sec, 78242976
sec

total







Thanks,



--
Carlos

Re: Sudo

2006-02-11 Thread Tony

You sudo something, it asks for your password
You do it again soon after, it doesn't ask.
So somehow it remembers you.
Definitely more trouble, and probably opens some holes 
for nasties, if it also remembers which version of you.
That's without knowing enough to have an opinion.

 -Original Message-
 From: Dave Feustel [mailto:[EMAIL PROTECTED]
 Sent: Saturday, February 11, 2006 10:58 AM
 To: [EMAIL PROTECTED]
 Cc: Otto Moerbeek; misc@openbsd.org
 Subject: Re: Sudo
 
 
 On Saturday 11 February 2006 11:04, [EMAIL PROTECTED] wrote:
  man sudo for starters.
  (actually that's quite enough even for a noob like me)
  (even a very out of date linux is enough)
  sheesh
 
 Actually --with-tickets is not mentioned in sudo.
 (I was sent '--with-tickets' info off-list by a helpful person.)
 I found out via a google search on 'tickets sudo' about
 the behavior I had discovered and reported. Then after Otto
 let me know how pathetic my post was,  I went back to man sudo
 but found nothing about tickets or about sudo being active in
 all shells. There may be something in the sudo man page that 
 describes this behavior, but I haven't spotted it yet. 
 My reading skills must be deteriorating.
 
 
 -- 
 Lose, v., experience a loss, get rid of, lose the weight
 Loose, adj., not tight, let go, free, loose clothing

Re: Sudo

2006-02-11 Thread Tony

Tobias Weingartner wrote:
 
 On Saturday, February 11, Dave Feustel wrote:
  
  I found out via a google search on 'tickets sudo' about
  the behavior I had discovered and reported. Then after Otto
  let me know how pathetic my post was,  I went back to man sudo
  but found nothing about tickets or about sudo being active in
  all shells. There may be something in the sudo man page that 
  describes this behavior, but I haven't spotted it yet. 
  My reading skills must be deteriorating.
 
 From the first paragraph under DESCRIPTION:
 
   Once a user has been authenticated, a timestamp is updated and the
   user may then use sudo without a password for a short period of time
   (5 minutes unless overridden in sudoers).
 
 Note, it says user, not shell the user is using.
 
 --Toby.

I'm outa my depth here, but seems that any implementation
of something like sudo that belongs to the shell
is an open invitation to security disasters.

Re: Sudo

On 2006-02-11 11:58:29 -0500, Dave Feustel wrote:
 all shells. There may be something in the sudo man page that 
 describes this behavior, but I haven't spotted it yet. 

SEE ALSO
   grep(1), su(1), stat(2), login_cap(3), sudoers(5),
   passwd(5), visudo(8)

 My reading skills must be deteriorating.

Try http://www.catb.org/~esr/faqs/smart-questions.html

HTH. HAND
Martin
-- 
http://www.tm.oneiros.de

Re: BSD on x86 and virus

On Fri, 10 Feb 2006 17:10:41 +0530, Siju George [EMAIL PROTECTED]
wrote:

Hi,

BSD on x86 has also suffered at the hands of these maniac virus
coders, so much so that there are hardly any BSD x86 web servers on
the web that haven't been repeatedly p0wned.

http://www.webpronews.com/expertarticles/expertarticles/wpn-62-20060209SecurityThroughObscurityThreatenedasMacsBecomeMorePopular.html

is the above sentence even remotely true???

Thankyou so much

Kind Regards

Siju

Hi Siju,

As I told you this a long time ago in a private email, when I first
started seeing your posts to the list, I actually thought you were just
trolling. Eventually, I figured out you're just inexperienced and you're
just trying to learn while fighting against both language and culture
barriers.

As others have pointed out, you simply misunderstood the article and
then posted to the list what many people would consider an inflammatory
question. This is not the first time where your reading skills have
failed to comprehend the meaning of an article and you posted such
questions to the list. Don't feel bad about it because you're not the
only one. Heck, Dave Feustel is constantly misreading security stuff and
posting questions to the list -and he's an American. ;-)

Just as Dave (and nearly all people, myself included) have trouble
understanding all the various implications of security in one particular
technical context or another, the goal is to truly understand what you
read and be able to answer your own questions.

Some of your comprehension problem is cultural, since various forms of
communication in Western English, such as sarcasm, Westerners speaking
very directly (rather than hinting) and many other nuances, takes a good
deal of practice to understand and accept. It is very difficult, if not
impossible, to completely separate language from culture, so just
knowing the language leaves you without the context of the culture
needed for comprehension.

Is Shiva the restorer of worlds, the destroyer of worlds or the healer?

Another part of the problem is a matter of study. You may want to do
some studying on critical analysis (also called critical reading and
more formally called exegesis -the ability to evaluate, interpret and
deconstruct what you read so you fully understand it). Another area you
will want to study is formal logic (-the ability to evaluate a logical
arguments, statements, and derived conclusions).

The time you invest in studying these two areas, and learning the
culture behind the language will give you the tools you need to better
understand things written in Western English.

BTW, if you ever get an email from Rod Whitworth, dlg@ or any of the
other list members in Australia and the email is written in Strine
you'll definitely need a dictionary, and no, the dictionary won't help
very much. :-)

kind regards,
jcr

Re: X11 exploit info

2006-02-11 Thread Ricardo Lucas

wow... No more words!!!

2006/2/11, Dave Feustel [EMAIL PROTECTED]:

 On Saturday 11 February 2006 10:59, Roman Hunt wrote:
 
  Dude what is your major f*^%! malfunction? Years ago this sh!^ would've
  never been allowed to fly on this list.

 Sorry. I don't intend to offend or to irritate. Just out of curiosity, how
 old are you?
 Also, to which post are you referring?

  Maybe you think that posting all this ridiculous shit is funny but it's
  really not.

 Actually, I don't think it's rediculous or funny, but you have a right to
 your opinion and
 also to express it.

  Go take a class at a community college and learn the basics before you
 post
  again.

 I may well be the only person in Fort Wayne using OpenBSD or even
 pretending to know anything about it.
 I am not aware of any courses in BSD around here.

  PLEASE! And definitely stop wasting your time trying
  To discover how to exploit systems you are unable to comprehend.

 Actually, I am in defensive mode. My system is clearly being penetrated.
 I am trying to find and plug the holes. So far running pf with a block in
 all' seems to
 be the most effective defense.  I opened up port 80 to run Apache, but I
 started having problems again, so I went back to the 'block all' rule.
 I've found and reported to kde and misc a security problem in the way
 kde is currently ported to OpenBSD. The kde developers understand the
 problem
 and, last I heard, had a fix in the pipeline. I've got a kludge fix for
 that problem now.
 But I am still seeing signs of intrusion, so there are either still
 unblocked (kde or x11) holes
 that I haven't found that provide intruders with at least user privileges,
 or my system
 was rooted at some point in the past and will continue to be rooted until
 I either reinstall or
 upgrade to 3.9 sometime after May. Today I found two attempts to access
 port 6000.
 One from China, the other from Korea.

  That said If you ever need serious system administration help for a
  serious issue (not one you make up when you are all paranoid and gunning
  to be a BIG HACKER HERO) then feel free to ask me and I'll be happy to
 help.

 I have no interest in being a cracker. I've looked at what is typically
 involved in
 cracking a system or creating shell code and I have no interest in
 spending my
 time doing either, although I have more than enough experience with x86
 assembly
 code for that time-wasting activity.  I have other projects that I need
 to spend time on. Are you interested in general relativity,
 electromagnetism, or
 tensors? I definitely need help with tensors.

 And I do appreciate your offer of help. I only wish it weren't so hard to
 explain things by
 email.

 Dave
  -
  Roman
 
 
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
 Of
  Dave Feustel
  Sent: Saturday, February 11, 2006 6:04 AM
  To: misc@openbsd.org
  Subject: X11 exploit info
 
 
  at http://www.hackinglinuxexposed.com/articles/
  is a 3-part series on X-11 exploits which those who
  think they understand x11 security might wish to
  read and comment upon. I clearly don't understand
  x11 security so I have no comments, but I will read
  with great interest comments by anyone else.
 
  05-Jul-2004: SSH Users beware: The hazards of X11 forwarding  Logging
 into
  another machine can compromise your desktop...
 
  08-Jun-2004: The ease of (ab)using X11, Part 2
   Abusing X11 for fun and passwords.
 
  13-May-2004: The ease of (ab)using X11, Part 1
   X11 is the protocol that underlies your graphical desktop environment,
 and
  you need to be aware of its security model.
 
  Dave Feustel

 --
 Lose, v., experience a loss, get rid of, lose the weight
 Loose, adj., not tight, let go, free, loose clothing




--
Abragos
Ricardo Lucas

We have to stop been egoist and think more on ourselves.

iwi(4): man-page needs update, Peter's address @intel does not work

2006-02-11 Thread Constantine A. Murenin

Our friend Peter seems to be gone or is hiding: Intel no longer
accepts mail for his account as listed in manuals for ipw(4) and
iwi(4).

URL:http://marc.theaimsgroup.com/?l=openbsd-miscm=109994542424009w=2
(2004-11-08)

Cheers,
Constantine.

-- Forwarded message --
From: Mail Delivery Subsystem [EMAIL PROTECTED]
Date: 11-Feb-2006 17:32
Subject: Delivery Status Notification (Failure)
To: [EMAIL PROTECTED]


This is an automatically generated Delivery Status Notification

Delivery to the following recipient failed permanently:

 [EMAIL PROTECTED]

Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 9): 501 #5.1.1 bad address
[EMAIL PROTECTED]

Re: ohci3: ? scheduling overruns USB ural attached

On 2/11/06, Ed Wandasiewicz [EMAIL PROTECTED] wrote:
 I have the following dmesg with a ural device attached to a macppc,
 following current, as of 8 Feb 2006.

 Any suggestions?
 Ed.
 wd0(wdc1:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2
 cd0(wdc1:0:1): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2
 Apple UniNorth Firewire rev 0x81 at pci2 dev 14 function 0 not configured
 gem0 at pci2 dev 15 function 0 Apple Uni-N2 GMAC rev 0x80: irq 41, address 
 00:11:24:8b:aa:18
 bmtphy0 at gem0 phy 0: BCM5221 100baseTX PHY, rev. 4
 ural0 at uhub5 port 2
 ural0: ASUS 802.11g WLAN Drive, rev 2.00/0.01, addr 2
 ural0: MAC/BBP RT2570 (rev 0x03), RF RT2526, address 00:11:d8:dc:2b:3c
 ueagle0 at uhub3 port 1
 ueagle0: U.S. Robotics USR9000 SureConnect ADSL, rev 1.00/40.0b, addr 2
 ueagle0: address: 00:c0:49:b7:37:4a
 bootpath: '/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]/bsd'
 boot device: wd0.
 root on wd0a
 rootdev=0x0 rrootdev=0xb00 rawdev=0xb02
 ohci3: 1 scheduling overruns
 ohci3: 2 scheduling overruns
 ohci3: 1 scheduling overruns
 ohci3: 1 scheduling overruns


I notice the 'uhub'. Is this an external hub or an internal one? Also,
does the device work a) flawlessly b) somewhat (drops packets etc) c)
not at all? I'm guessing it's just that the processor (or something?)
can't keep up with all the data from the uhub and thus the queue gets
overrun. I can't really say any more though, grep the ohci and uhub
source code for scheduling overruns perhaps.

-Kousu

Re: ohci3: ? scheduling overruns USB ural attached

2006-02-11 Thread Ed Wandasiewicz

On Sat, Feb 11, 2006 at 01:54:21PM -0500, Nick Guenther wrote:
 On 2/11/06, Ed Wandasiewicz [EMAIL PROTECTED] wrote:
  I have the following dmesg with a ural device attached to a macppc,
  following current, as of 8 Feb 2006.
 
  Any suggestions?
  Ed.
  wd0(wdc1:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2
  cd0(wdc1:0:1): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2
  Apple UniNorth Firewire rev 0x81 at pci2 dev 14 function 0 not configured
  gem0 at pci2 dev 15 function 0 Apple Uni-N2 GMAC rev 0x80: irq 41, 
  address 00:11:24:8b:aa:18
  bmtphy0 at gem0 phy 0: BCM5221 100baseTX PHY, rev. 4
  ural0 at uhub5 port 2
  ural0: ASUS 802.11g WLAN Drive, rev 2.00/0.01, addr 2
  ural0: MAC/BBP RT2570 (rev 0x03), RF RT2526, address 00:11:d8:dc:2b:3c
  ueagle0 at uhub3 port 1
  ueagle0: U.S. Robotics USR9000 SureConnect ADSL, rev 1.00/40.0b, addr 2
  ueagle0: address: 00:c0:49:b7:37:4a
  bootpath: '/[EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]/bsd'
  boot device: wd0.
  root on wd0a
  rootdev=0x0 rrootdev=0xb00 rawdev=0xb02
  ohci3: 1 scheduling overruns
  ohci3: 2 scheduling overruns
  ohci3: 1 scheduling overruns
  ohci3: 1 scheduling overruns
 
 
 I notice the 'uhub'. Is this an external hub or an internal one? Also,
 does the device work a) flawlessly b) somewhat (drops packets etc) c)
 not at all? I'm guessing it's just that the processor (or something?)
 can't keep up with all the data from the uhub and thus the queue gets
 overrun. I can't really say any more though, grep the ohci and uhub
 source code for scheduling overruns perhaps.
 
 -Kousu

Internal hub, inside a mac mini. ural device works 99% of the time. I do get
occasional dmesg of scrolling usbd_dump_queue messages, but happens
quite rarely.

Ed.

sorry to reask ... keyboard mapping not working in current Xorg 6.9 on a hp nc6000 laptop

2006-02-11 Thread Didier Wiroth

Hello,
Regarding my previous post:
 x11 problem in current: The XKEYBOARD keymap compiler (xkbcomp) reports...
(the dmesg and Xorg.0.log can be found in the 2 posts)

Sorry to reask, but I searched via google etc and I did not find any solution.
Loading the keyboard layout via setxkbmap does not work either.
~ $ setxkbmap fr_CH
Error loading new keyboard description

(==) Using config file: /etc/X11/xorg.conf
The XKEYBOARD keymap compiler (xkbcomp) reports:
 Error:Can't find file pc/fr_CH for symbols include
   Exiting
   Abandoning symbols file default
Errors from xkbcomp are not fatal to the X server

I am running current on other boxes and XkbLayout fr_CH does work?!  

Here is my latest not working current InputDevice Section (I tried many 
different possible solutions/options here, without success)
Section InputDevice
Identifier  Keyboard0
Driver  kbd
Option  CoreKeyboard
Option  XkbRules xorg
Option  XkbModel microsoft
Option  XkbVariantnodeadkeys
Option  XkbLayout fr_CH
EndSection

Is this related to the keyboard driver that is not supported on the laptop (hp 
- nc6000)?

Many many thanks for helping!!!

Re: ohci3: ? scheduling overruns USB ural attached

On 2/11/06, Ed Wandasiewicz [EMAIL PROTECTED] wrote:
 On Sat, Feb 11, 2006 at 01:54:21PM -0500, Nick Guenther wrote:
  On 2/11/06, Ed Wandasiewicz [EMAIL PROTECTED] wrote:
   rootdev=0x0 rrootdev=0xb00 rawdev=0xb02
   ohci3: 1 scheduling overruns
   ohci3: 2 scheduling overruns
   ohci3: 1 scheduling overruns
   ohci3: 1 scheduling overruns
  
 
  I notice the 'uhub'. Is this an external hub or an internal one? Also,
  does the device work a) flawlessly b) somewhat (drops packets etc) c)
  not at all? I'm guessing it's just that the processor (or something?)
  can't keep up with all the data from the uhub and thus the queue gets
  overrun. I can't really say any more though, grep the ohci and uhub
  source code for scheduling overruns perhaps.
 
  -Kousu

 Internal hub, inside a mac mini. ural device works 99% of the time. I do get
 occasional dmesg of scrolling usbd_dump_queue messages, but happens
 quite rarely.

 Ed.

Well then I wouldn't worry about it, the driver just can't keep up and
drops some packets. I don't know where to look in the source to alter
the rate but I imagine it could be done. Perhaps post a bug report and
include as much information as you can on the hardware and maybe it'll
help improve the driver.

-Kousu

Re: OpenBSD USB question

On 2/11/06, Danny [EMAIL PROTECTED] wrote:
 Good Day,

 Background:

 I am busy with a project whereby all employees will be authenticated
 with their
 own SD cards. Read more about the cards here:
 http://www.sandisk.com/Products/Catalog(1039)-SanDisk_SD_Cards.aspx

 The user will enter a secure room, insert his/hers SD card into a
 card reader, type in his/hers username, password and id (and maybe
 some other requested info), and if the information corresponds to
 the info on the SD card, the employee could then enter the building.


Interesting! When you get it finished it would be nice if you post a
full summary here for the record.

 Also the card will be checked for tampering by means of last access date
 or something along that line. That is why we cannot use normal magnetic
 I.D cards.

Can't the last access date be modified though?

 I know the SD cards are small, and people can loose them, but I was
 told to go with SD cards. I think maybe because SD cards can be
 instantly
 wtite to, and information can be changed quicker than with a magnetic
 card
 for instance.

 I would like to know if OpenBSD will be able to recognise and access
 the SanDisk ImageMateR 12-in-1 Reader/Writer SDDR-89.

 More info on this piece of hardware can be found here:
 http://www.sandisk.com/Products/Item(1145)-SDDR-89-SanDisk_ImageMate_12i
 n1_ReaderWriter.aspx

I remember reading that that particular device is supported, but I
don't remember where. Sorry. Anyway, it's easy enough to test: startup
the install media but stop it at the boot prompt (just bash random
keys) and then key in boot cd0c:/3.8/i386/bsd and hit enter (I
think, you will have to tailor the cd0c part to match up with the
device you are booting from, and the path to match up with the kernel
you are booting from). This will bring up the full GENERIC kernel with
all the drivers loaded. Then just plug in one of the readers and watch
the blue text that comes up. if it says something like not
configured then you're out of luck, but otherwise it will probably
list of several devices that it's just installed. Plug in an SD card
and it should display something like sd0: gfdgfdgfdgfdgfdgfdgfdg. Do
'mount /dev/sd0 /mnt' to access the card then.

Of course I could be totally wrong.

-Kousu

bash: delete key sends ~ instead of [del]

Hi,
on my freshly installed 3.7 in bash the delete key sends an ~
instead of [del]. How can I fix this?

Sorry if this is a FAQ, but Google et.al. don't allow searching
for ~ :-(

TIA
Martin
-- 
http://www.tm.oneiros.de

Re: bash: delete key sends ~ instead of [del]

Yeah, it does that. I don't know why, I assume historical reasons, and
I would like to learn from someone here who does know. Use backspace
instead.

On 2/11/06, Martin Schrvder [EMAIL PROTECTED] wrote:
 Hi,
 on my freshly installed 3.7 in bash the delete key sends an ~
 instead of [del]. How can I fix this?

 Sorry if this is a FAQ, but Google et.al. don't allow searching
 for ~ :-(

 TIA
 Martin
 --
 http://www.tm.oneiros.de

Re: bash: delete key sends ~ instead of [del]

2006-02-11 Thread Juan J.

El sab, 11-02-2006 a las 17:17 -0500, Nick Guenther escribis:
 Yeah, it does that. I don't know why, I assume historical reasons, and
 I would like to learn from someone here who does know. Use backspace
 instead.

Or look what says google:
http://www.google.es/search?q=delete+key+bash

 On 2/11/06, Martin Schrvder martin@ wrote:
  Hi,
  on my freshly installed 3.7 in bash the delete key sends an ~
  instead of [del]. How can I fix this?
 
  Sorry if this is a FAQ, but Google et.al. don't allow searching
  for ~ :-(

Yes... search for: delete key bash

regards,

Juanjo

-- 
Desarrollo y sistemas: http://www.usebox.net/
  Pagina Personal: http://www.usebox.net/jjm/

Re: BSD on x86 and virus

2006-02-11 Thread Daniel Ouellet


J.C. Roberts wrote:

As others have pointed out, you simply misunderstood the article and
then posted to the list what many people would consider an inflammatory
question. This is not the first time where your reading skills have
failed to comprehend the meaning of an article and you posted such
questions to the list. Don't feel bad about it because you're not the
only one. Heck, Dave Feustel is constantly misreading security stuff and
posting questions to the list -and he's an American. ;-) 


Outch!!!

Been put in the same boat... (;

I have some problem at times to understand some stuff too, but this one 
really hurts. Personally I would prefer be called a moron and I have 
been called so at times too. But it was easier to receive. (;


I guess the pass showed as well that I am not an American either.

Not sure, can this be classify as sarcasm? (; May be my sarcasm jokes 
still need some work!


Daniel

Re: OpenBSD USB question

On 2/11/06, Nick Guenther [EMAIL PROTECTED] wrote:
 
  More info on this piece of hardware can be found here:
  http://www.sandisk.com/Products/Item(1145)-SDDR-89-SanDisk_ImageMate_12i
  n1_ReaderWriter.aspx


I actually just tested my ImageMate 6-in-1 and it works flawlessly and
I assume the 12-in-1 is no different. The SD slot is sd1 for me, you
may need to (but probably won't) guess-and-check which slot is sd1 on
the 12. Do 'disklabel sd1' to see the available partitions on an
inserted SD card. You will probably have a single FAT partition which
is labelled i'. You can use use mount -t msdos /dev/sd1i /mnt to
mount the card, then use the standard filesystem tools to navigate.

Good luck on your project.

-Kousu

p.s. Why use 12-in-1 when you can use 6-in-1, or even just a straight
forward one-slot SD card reader?

Re: OpenBSD USB question

2006-02-11 Thread Danny

Thank you for responding,

Obviously I cannot say too much about the project though, but what I can
say is this:
(I know it sounds a bit like a sci-fi movie :-) )

Only a few employees would be required to use this authentication
method, (the ones
working on the sensitive information). And only these employees would go
through the
secure room everytime they pitch up for work.

I know that the last-modified date can be tampered with, so instead of
using human readable
files, I would do something like in MySQL (when you want to encrypt
passwords, you use
any word (refered to as salt), to encrypt a password. And everytime
you want to access
that particular encrypted file, you must supply the salted word
otherwise you can forget
about decrypting it. Or else I would just use one of the available
encryption methods.

Anyway, the idea also is to not allow an employee to be in possession of
the same
SD card for longer than 2 days. And it will be required of them to
change their access
details at least twice a week.

I just needed to know if OpenBSD would be able to detect the reader, and
read and write to
the SD card. I have convinced my employer to use OpenBSD, and so far
everything is geared
towards OpenBSD. So if you guys tell me that OpenBSD will not be able to
detect the USB reader
and read/write to the SD cards, then I might be in a bit of trouble.

Linux (in all it's forms) is totally out of the question. FreeBSD was
also an option, but I went
for OpenBSD because of it's obscurity and security.

I didn't choose USB, USB chose me. Nowadays almost nothing has a
parallel port or serial port
connected to it, not even mentioning PS/2. The other day I read that
even sound cards are going
the USB way (strange but true).

Any way

Please continue posting your help and suggestions.

(If there is any other way I can do this authentication, I would be
too glad to hear about it)

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Nick Guenther
Sent: Saturday, February 11, 2006 10:41 PM
To: misc@openbsd.org
Subject: Re: OpenBSD USB question


On 2/11/06, Danny [EMAIL PROTECTED] wrote:
 Good Day,

 Background:

 I am busy with a project whereby all employees will be authenticated 
 with their own SD cards. Read more about the cards here:
 http://www.sandisk.com/Products/Catalog(1039)-SanDisk_SD_Cards.aspx

 The user will enter a secure room, insert his/hers SD card into a card

 reader, type in his/hers username, password and id (and maybe some 
 other requested info), and if the information corresponds to the info 
 on the SD card, the employee could then enter the building.


Interesting! When you get it finished it would be nice if you post a
full summary here for the record.

 Also the card will be checked for tampering by means of last access 
 date or something along that line. That is why we cannot use normal 
 magnetic I.D cards.

Can't the last access date be modified though?

 I know the SD cards are small, and people can loose them, but I was 
 told to go with SD cards. I think maybe because SD cards can be 
 instantly wtite to, and information can be changed quicker than with a

 magnetic card
 for instance.

 I would like to know if OpenBSD will be able to recognise and access 
 the SanDisk ImageMateR 12-in-1 Reader/Writer SDDR-89.

 More info on this piece of hardware can be found here: 
 http://www.sandisk.com/Products/Item(1145)-SDDR-89-SanDisk_ImageMate_1
 2i
 n1_ReaderWriter.aspx

I remember reading that that particular device is supported, but I don't
remember where. Sorry. Anyway, it's easy enough to test: startup the
install media but stop it at the boot prompt (just bash random
keys) and then key in boot cd0c:/3.8/i386/bsd and hit enter (I think,
you will have to tailor the cd0c part to match up with the device you
are booting from, and the path to match up with the kernel you are
booting from). This will bring up the full GENERIC kernel with all the
drivers loaded. Then just plug in one of the readers and watch the blue
text that comes up. if it says something like not configured then
you're out of luck, but otherwise it will probably list of several
devices that it's just installed. Plug in an SD card and it should
display something like sd0: gfdgfdgfdgfdgfdgfdgfdg. Do 'mount /dev/sd0
/mnt' to access the card then.

Of course I could be totally wrong.

-Kousu

Infomail regarding working Proliant DL380 G4

2006-02-11 Thread Per-Olov Sjöholm

Hi misc

I have seen at 
http://www.armorlogic.com/openbsd_information_server_compatibility_list.html 
that Proliant DL380 G4 wont work on 3.8. Also I have seen misc list posts 
with different results (some work and some do not).

So therefor I just wanted to post a dmesg for Proliant DL380 G4 which works 
really great. (The dmesg is with OpenBSD 3.8 RELEASE without stable patches.)


dmesg is below my signature.

Regards
Per-Olov Sjvholm



OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Xeon(TM) CPU 3.00GHz (GenuineIntel 686-class) 3 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,CNXT-ID
real mem  = 1073270784 (1048116K)
avail mem = 972730368 (949932K)
using 4278 buffers containing 53768192 bytes (52508K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 12/31/99, BIOS32 rev. 0 @ 0xf
pcibios0 at bios0: rev 2.1 @ 0xf/0x2000
pcibios0: PCI BIOS has 7 Interrupt Routing table entries
pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801EB/ER LPC rev 0x00)
pcibios0: PCI bus #7 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0x4000! 0xcc000/0x1600 0xee000/0x2000!
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel E7710 SMCH rev 0x0c
ppb0 at pci0 dev 2 function 0 Intel E7710 MCH PCIE rev 0x0c
pci1 at ppb0 bus 1
ppb1 at pci1 dev 0 function 0 Intel PCIE-PCIE rev 0x09
pci2 at ppb1 bus 2
bge0 at pci2 dev 1 function 0 Broadcom BCM5704C rev 0x10, BCM5704 B0 
(0x2100): irq 5 address 00:15:60:55:e1:37
brgphy0 at bge0 phy 1: BCM5704 10/100/1000baseT PHY, rev. 0
bge1 at pci2 dev 1 function 1 Broadcom BCM5704C rev 0x10, BCM5704 B0 
(0x2100): irq 5 address 00:15:60:55:e1:36
brgphy1 at bge1 phy 1: BCM5704 10/100/1000baseT PHY, rev. 0
ppb2 at pci1 dev 0 function 2 Intel PCIE-PCIE rev 0x09
pci3 at ppb2 bus 3
ciss0 at pci3 dev 3 function 0 Compaq Smart Array 64xx rev 0x01: irq 5
ciss0: 1 LD HW rev 1 FW 2.58/2.58
lmap 4000:0 scsibus0 at ciss0: 1 targets
sd0 at scsibus0 targ 0 lun 0: HP, LOGICAL VOLUME, 2.58 SCSI0 0/direct fixed
ciss0: cmd_stat 2 scsi_stat 0x0
ciss0: cmd_stat 2 scsi_stat 0x0
sd0: 34727MB, 34727 cyl, 64 head, 32 sec, 512 bytes/sec, 71122560 sec total
ppb3 at pci0 dev 6 function 0 Intel E7710 MCH PCIE rev 0x0c
pci4 at ppb3 bus 4
ppb4 at pci4 dev 0 function 0 Intel PCIE-PCIE rev 0x09
pci5 at ppb4 bus 5
ppb5 at pci4 dev 0 function 2 Intel PCIE-PCIE rev 0x09
pci6 at ppb5 bus 6
uhci0 at pci0 dev 29 function 0 Intel 82801EB/ER USB rev 0x02: irq 5
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 Intel 82801EB/ER USB rev 0x02: irq 5
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2 Intel 82801EB/ER USB rev 0x02: irq 5
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhci3 at pci0 dev 29 function 3 Intel 82801EB/ER USB rev 0x02: irq 5
usb3 at uhci3: USB revision 1.0
uhub3 at usb3
uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7 Intel 82801EB/ER USB rev 0x02: irq 5
usb4 at ehci0: USB revision 2.0
uhub4 at usb4
uhub4: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub4: 8 ports with 8 removable, self powered
ppb6 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0xc2
pci7 at ppb6 bus 7
vga1 at pci7 dev 3 function 0 ATI Rage XL rev 0x27
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
vendor Compaq, unknown product 0xb203 (class system subclass miscellaneous, 
rev 0x01) at pci7 dev 4 function 0 not configured
vendor Compaq, unknown product 0xb204 (class system subclass miscellaneous, 
rev 0x01) at pci7 dev 4 function 2 not configured
ichpcib0 at pci0 dev 31 function 0 Intel 82801EB/ER LPC rev 0x02
pciide0 at pci0 dev 31 function 1 Intel 82801EB/ER IDE rev 0x02: DMA, 
channel 0 configured to compatibility, channel 1 configured to compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0: TSSTcorp, CD-ROM TS-L162C, N203 SCSI0 5/cdrom 
removable
cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 disabled (no drives)
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
sysbeep0 at pcppi0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at

Re: bash: delete key sends ~ instead of [del]

2006-02-11 Thread Craig M

I just installed bash to test this.
Then I created /etc/.inputrc with the contents:
\e[3~: delete-char
rebooted, got an xterm up, started bash and the delete key works.
It produced a tilde, prior to the reboot.

HTH.

Regards,

Craig

On Sun, 2006-02-12 at 00:05 +0100, Martin Schrvder wrote:
 On 2006-02-11 23:37:31 +0100, Juan J. Martmnez wrote:
  Or look what says google:
  http://www.google.es/search?q=delete+key+bash
 
 I did.
 
   On 2/11/06, Martin Schrvder martin@ wrote:
Hi,
on my freshly installed 3.7 in bash the delete key sends an ~
instead of [del]. How can I fix this?
   
Sorry if this is a FAQ, but Google et.al. don't allow searching
for ~ :-(
  
  Yes... search for: delete key bash
 
 I did. Did you look at the results? They only discuss problems
 with delete and backspace. Did you find anything on ~?
 
 Best
 Martin

Re: bash: delete key sends ~ instead of [del]

2006-02-11 Thread Craig M

CORRECTION

I just installed bash to test this.
Then I created ~/.inputrc with the contents:
\e[3~: delete-char
logged out of X, or log out if you are in console mode, and then 
your del key will work as required.

HTH.

Regards,

CraigOn Sun, 2006-02-12 at 00:05 +0100, Martin Schrvder wrote:
 On 2006-02-11 23:37:31 +0100, Juan J. Martmnez wrote:
  Or look what says google:
  http://www.google.es/search?q=delete+key+bash
 
 I did.
 
   On 2/11/06, Martin Schrvder martin@ wrote:
Hi,
on my freshly installed 3.7 in bash the delete key sends an ~
instead of [del]. How can I fix this?
   
Sorry if this is a FAQ, but Google et.al. don't allow searching
for ~ :-(
  
  Yes... search for: delete key bash
 
 I did. Did you look at the results? They only discuss problems
 with delete and backspace. Did you find anything on ~?
 
 Best
 Martin

Re: X11 exploit info

2006-02-11 Thread Matthew Closson


On Sat, 11 Feb 2006, Dave Feustel wrote:


On Saturday 11 February 2006 10:59, Roman Hunt wrote:


Dude what is your major f*^%! malfunction? Years ago this sh!^ would've
never been allowed to fly on this list.


Sorry. I don't intend to offend or to irritate. Just out of curiosity, how old 
are you?
Also, to which post are you referring?


Maybe you think that posting all this ridiculous shit is funny but it's
really not.


Actually, I don't think it's rediculous or funny, but you have a right to your 
opinion and
also to express it.


Go take a class at a community college and learn the basics before you post
again.


I may well be the only person in Fort Wayne using OpenBSD or even
pretending to know anything about it.
I am not aware of any courses in BSD around here.


PLEASE! And definitely stop wasting your time trying
To discover how to exploit systems you are unable to comprehend.


Actually, I am in defensive mode. My system is clearly being penetrated.
I am trying to find and plug the holes. So far running pf with a block in all' 
seems to
be the most effective defense.  I opened up port 80 to run Apache, but I
started having problems again, so I went back to the 'block all' rule.
I've found and reported to kde and misc a security problem in the way
kde is currently ported to OpenBSD. The kde developers understand the problem
and, last I heard, had a fix in the pipeline. I've got a kludge fix for that 
problem now.
But I am still seeing signs of intrusion, so there are either still unblocked 
(kde or x11) holes
that I haven't found that provide intruders with at least user privileges, or 
my system
was rooted at some point in the past and will continue to be rooted until I 
either reinstall or
upgrade to 3.9 sometime after May. Today I found two attempts to access port 
6000.
One from China, the other from Korea.


That said If you ever need serious system administration help for a
serious issue (not one you make up when you are all paranoid and gunning
to be a BIG HACKER HERO) then feel free to ask me and I'll be happy to help.


I have no interest in being a cracker. I've looked at what is typically 
involved in
cracking a system or creating shell code and I have no interest in spending my
time doing either, although I have more than enough experience with x86 assembly
code for that time-wasting activity.  I have other projects that I need
to spend time on. Are you interested in general relativity, electromagnetism, or
tensors? I definitely need help with tensors.

And I do appreciate your offer of help. I only wish it weren't so hard to 
explain things by
email.

Dave

-
Roman



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Dave Feustel
Sent: Saturday, February 11, 2006 6:04 AM
To: misc@openbsd.org
Subject: X11 exploit info


at http://www.hackinglinuxexposed.com/articles/
is a 3-part series on X-11 exploits which those who
think they understand x11 security might wish to
read and comment upon. I clearly don't understand
x11 security so I have no comments, but I will read
with great interest comments by anyone else.

05-Jul-2004: SSH Users beware: The hazards of X11 forwarding  Logging into
another machine can compromise your desktop...

08-Jun-2004: The ease of (ab)using X11, Part 2
 Abusing X11 for fun and passwords.

13-May-2004: The ease of (ab)using X11, Part 1
 X11 is the protocol that underlies your graphical desktop environment, and
you need to be aware of its security model.

Dave Feustel


--
Lose, v., experience a loss, get rid of, lose the weight
Loose, adj., not tight, let go, free, loose clothing




Okay, seriously whoever is cracking into Dave's system will you please 
post to the list what your magic hole is so we can all get on with life? 
And Dave, you did read the carefully prepared memo on commonly used passwords 
didn't you?  Thanks,


-Matt-

Re: bash: delete key sends ~ instead of [del]

On 2006-02-11 23:36:11 +, Craig M wrote:
 I just installed bash to test this.
 Then I created /etc/.inputrc with the contents:
 \e[3~: delete-char
 rebooted, got an xterm up, started bash and the delete key works.
 It produced a tilde, prior to the reboot.

~/.inputrc does the trick here, /etc/.inputrc or /etc/inputrc is
useless here. 

Thanks!

I had testet it before, but only with bind -- it didn't work
then.

Btw: Why reboot?

Best
Martin
-- 
http://www.tm.oneiros.de

Re: bash: delete key sends ~ instead of [del]

2006-02-11 Thread Craig M

On Sun, 2006-02-12 at 00:53 +0100, Martin Schrvder wrote:
 On 2006-02-11 23:36:11 +, Craig M wrote:
  I just installed bash to test this.
  Then I created /etc/.inputrc with the contents:
  \e[3~: delete-char
  rebooted, got an xterm up, started bash and the delete key works.
  It produced a tilde, prior to the reboot.
 
 ~/.inputrc does the trick here, /etc/.inputrc or /etc/inputrc is
 useless here. 
 
CORRECTION

I just installed bash to test this.
Then I created ~/.inputrc with the contents:
\e[3~: delete-char
logged out of X, or log out if you are in console mode, and then 
your del key will work as required.

 Thanks!
 
 I had testet it before, but only with bind -- it didn't work
 then.
 
 Btw: Why reboot?
 
Yes, sorry about that. I got all excited at actually being able to 
provide a solution and went about it a little wrong. Reboot was not 
required, just needed to log out and back in, as far as I can tell. 
That will teach me to stay calm and not get carried away. ;) 
 Best
 Martin

Regards,

Craig

Looking Glass for OpenBGP in 3.9?

2006-02-11 Thread unixgeek

I read somewhere that there was a 'Looking Glass' implementaion 'in the
works' for OpenBSD/OpenBGP 3.9. I was wondering if that was the case?
Thanks,
Glenn

higher resolution on tty

2006-02-11 Thread Moritz Lutz


Hi list,

i want to set up my screen resolution on tty to 1024x768 and smaller  
fonts,
because i only work on tty on this maschine and this big fonts are a  
very

bad on a 10,4 display. So is there a way to get this work. Because
i don't find anything in the FAQ and with google.

mfg

eSpo

Re: higher resolution on tty

2006-02-11 Thread Constantine A. Murenin

On 12/02/06, Moritz Lutz [EMAIL PROTECTED] wrote:
 Hi list,

 i want to set up my screen resolution on tty to 1024x768 and smaller
 fonts,
 because i only work on tty on this maschine and this big fonts are a
 very
 bad on a 10,4 display. So is there a way to get this work. Because
 i don't find anything in the FAQ and with google.

 mfg

 eSpo

Have you seen this: URL:http://www.openbsd.org/faq/faq7.html#80x50
(How do I use a console resolution of 80x50?)?

Cheers,
Constantine.

Sun E220R, cdrom problem

2006-02-11 Thread Joshua Sandbrook

Hello..

Im trying to install openbsd onto an E220R. It has a toshiba DVD drive in it, 
and when I type boot cdrom, it just hangs.. the drive light does not blink or 
anything.

probe-scsi shows the cdrom drive, and devalias for cdrom points to the right 
device, slice f.

Any ideas on what to try next?

Thanks,
Josh.

Re: syslogd question

2006-02-11 Thread jared r r spiegel

On Fri, Feb 10, 2006 at 05:51:41PM -0500, Mitch Parker wrote:
 
 I'm going to second this, even though I don't work at an ISP (however, I do
 work with large amounts of syslog data).
 
 If you want to keep things organized, it's better to keep the syslog files
 organized by service.

  i would cast my vote in the camp of it's better to keep the logfiles 
  organized however you find you really need to, or rather, in a way that
  involves you writing the least amount of scripts or infrastructure to
  find the information from those logfiles that you're going to end
  up referencing from them most commonly.

  for the OP's question of having each machine log to a seperate file,
  without changing the facility/level on the remote machines, i believe
  that the stock openbsd syslogd does not provide a method for seperating
  the output logfiles based on incoming host.

  syslog-ng is in ports, and it is a pretty recent version, and would provide
  the ability to write a file based on the incoming hostname ( it has a 
  couple built-in macros ).

  i'm not going to advocate syslog-ng any further than saying that if you
  find that you still choose to have individual log files per-host,
  it can do it.

  on the downside, you may have mixed feelings about running a core 
  service from ports.

-- 

  jared

[ openbsd 3.9-beta GENERIC ( jan 30 ) // i386 ]

Re: BSD on x86 and virus

On Sat, 11 Feb 2006 17:35:58 -0500, Daniel Ouellet [EMAIL PROTECTED]
wrote:

J.C. Roberts wrote:
 As others have pointed out, you simply misunderstood the article and
 then posted to the list what many people would consider an inflammatory
 question. This is not the first time where your reading skills have
 failed to comprehend the meaning of an article and you posted such
 questions to the list. Don't feel bad about it because you're not the
 only one. Heck, Dave Feustel is constantly misreading security stuff and
 posting questions to the list -and he's an American. ;-) 

Outch!!!

Been put in the same boat... (;

I have some problem at times to understand some stuff too, but this one 
really hurts. Personally I would prefer be called a moron and I have 
been called so at times too. But it was easier to receive. (;


As I said, you should not feel bad about it. Absolutely *everyone* is in
the same situation facing these communication problems. As difficult as
it may be to imagine, even those who have English as their first
language (langue maternelle) regularly fail to completely understand the
English words they read.

I have tremendous respect for you and Siju and everyone who tries to
learn multiple languages so they can communicate with other people from
other cultures. It is a very difficult task. Even when you misunderstand
something, you should still be proud of the fact you actually tried to
understand it. Regardless of your results, the *effort* you put into
comprehending deserves respect.

The things I pointed out to Siju are simply tools to help him get better
results from his efforts. You can consider them leverage since they
allow you to understand more with less effort or you can think of them
like wearing the glasses that bring the things you read into better
focus.

kind regards,
jcr

Re: OpenBSD USB question

2006-02-11 Thread jared r r spiegel

On Sat, Feb 11, 2006 at 08:07:30PM +0200, Danny wrote:
 
 I would like to know if OpenBSD will be able to recognise and access
 the SanDisk ImageMateR 12-in-1 Reader/Writer SDDR-89.
 
 More info on this piece of hardware can be found here:
 http://www.sandisk.com/Products/Item(1145)-SDDR-89-SanDisk_ImageMate_12i
 n1_ReaderWriter.aspx

  i have that one.  actually shows up as a '14-in-1', iirc.
  on the PC i tried it on, which is abit KW7 motherboard, it worked.

  i used the compact flash socket for soekris stuff
  and the little SD socket to copy pictures out of the digicam's 
  memory card

-- 

  jared

[ openbsd 3.9-beta GENERIC ( jan 30 ) // i386 ]

Re: higher resolution on tty

On Sun, 12 Feb 2006 02:51:17 +0100, Moritz Lutz [EMAIL PROTECTED]
wrote:

Hi list,

i want to set up my screen resolution on tty to 1024x768 and smaller  
fonts,
because i only work on tty on this maschine and this big fonts are a  
very
bad on a 10,4 display. So is there a way to get this work. Because
i don't find anything in the FAQ and with google.

mfg

eSpo

As Constintine pointed out there is a FAQ entry dealing with how to
change the character resolution on terminal displays. Unfortunately, not
all hardware supports switching character resolution.

More importantly, you need to realize that monitors have more than one
mode. Though there are some rare specialty monitors out there,
usually, a monitor only two modes; (1) character mode and (2) graphics
mode. From there, these two modes are further divided into sub-modes,
such as graphics resolution (1024x768) and character resolution
(80x40).

Equally important, you need to realize that not all video output
hardware (i.e. commonly called video cards graphics cards or frame
buffers) supports all the possible monitor modes and sub-modes.

When you say 1024x768 you are talking about a graphics mode measured
in dots per inch.

Terminals (tty) are almost always character mode, where 80x40 measures
the number of character column and character rows.

In other words, you are talking about two entirely different things.

In most situations, the only thing you can do to the character mode
output of tty is change the character resolution and Constintine pointed
out the relevant FAQ entry.

The most commonly used way to venture into the world of graphics mode is
to run an X server and xterm's.

I hope this makes things clear.

kind regards,
JCR

Re: MIPS CPU

2006-02-11 Thread Alexander Yurchenko

On Sat, Feb 11, 2006 at 01:00:30PM +0200, Edgars wrote:
 I just want to know, is that MIPS cpu supported by openbsd, didn't find info 
 on hw pages.
 http://www.routerboard.com/rb500.html

nope. and since it's mips32 i doubt it will be supported.

 
 **
 Scanned by  MailScan Anti-Virus and Content Security Software.
 Visit http://www.mwti.net for more info on eScan and MailScan.
 **

-- 
   Alexander Yurchenko

Re: Sun E220R, cdrom problem