Re: Hardware Spec Search Engine?

[Rod Whitworth]

On Sat, 17 Jul 2010 01:19:08 -0400, Arnaud Bergeron wrote:

 As for Firewire, it was supported at one point
and then taken out.  I can't remember why and I don't care enough to
search the archives.

I don't know why for certain either but it is one of the most insecure
connections that is easily physically accessible on any PC/Mac. That
would be enough for me.

With no intervention by the CPU it can DMA access lots of RAM and you
can't (IIRC) set the lower bound to be above the lowest page. I've seen
a demo with a sneaky quick connection sucking out the keyboard buffer
of a PC.



*** NOTE *** Please DO NOT CC me. I am subscribed to the list.
Mail to the sender address that does not originate at the list server is 
tarpitted. The reply-to: address is provided for those who feel compelled to 
reply off list. Thankyou.

Rod/
---
This life is not the real thing.
It is not even in Beta.
If it was, then OpenBSD would already have a man page for it.

Re: Hardware Spec Search Engine?

[Dmitrij D. Czarkoff]

Arnaud Bergeron aberge...@gmail.com wrote:
 On the other and I'm pretty sure that Broadcom card is not supported
 (since they won't give docs), and firewire is also not supported.

Everybody tells bcm4312 to be non-functional. Am I the only OpenBSD user who
used it under OpenBSD on real hardware?

--
Dmitrij D. Czarkoff

Re: Hardware Spec Search Engine?

[Dmitrij D. Czarkoff]

jwesleycoo...@cox.net wrote:
 -00:1b.0 Audio device: Intel Corporation 82801I (ICH9 Family) HD Audio 
 Controller (rev 03)

alzalia(4)

 -00:1f.0 ISA bridge: Intel Corporation ICH9M LPC Interface Controller (rev 03)

Actually ISA bus support is common throughout controllers as I understand.
Still, any ICH device should be supported.

 -00:1f.2 SATA controller: Intel Corporation ICH9M/M-E SATA AHCI Controller 
 (rev 03)

pciide(4)

 -00:1f.3 SMBus: Intel Corporation 82801I (ICH9 Family) SMBus Controller (rev 
 03)

piixpm(4)

 -08:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B 
 PCI Express Gigabit Ethernet controller (rev 03)

re(4)

 -0e:00.0 Network controller: Broadcom Corporation BCM4312 802.11b/g LP-PHY 
 (rev 01)

bwi(4)

 -1a:00.0 FireWire (IEEE 1394): O2 Micro, Inc. Device 10f7 (rev 01)

Not supported AFAIK.

 1a:00.1 SD Host controller: O2 Micro, Inc. Device 8120 (rev 01)

sdmmc(4) or sd(4) ?

 1a:00.2 Mass storage controller: O2 Micro, Inc. Device 8130 (rev 01)

sd(4) ?

All the manuals metioned above You can find on OpenBSD site.

 The ones I marked with a dash are those I can't seem to find on the amd64 
 compatibility list... so will they not work, and/or what must I do to make 
 them work after or during the install?

For bwi(4) You'll have to download a firmware (consult the manual). This is
generally wise to read i386 HCL too as everything applicable to i386 should be
true for amd64. Think of amd64 HCL as of extension to i386 one.

 Anyway, what's really getting me is that no matter what I do, I can't seem
 to figure out how on Earth one determines what exactly will work and what
 won't?  What search or analysis techniques are used to figure this out?  I
 just can't seem to locate this kind of info on my own, and it's driving me
 *nuts*, so please, tell me how on earth you guys actually figure this stuff
 out in the first place...

So, the first stage is to determine the actual hardware. This is done by
inspecting the device manager of Your OS and (the lazy way) seraching the
partname with linux keyword appended.

The second stage is reading HCLs, Changelogs and (the lazy way again)
searching partname with OpenBSD keyword added.

Personally I've found everything in HCL except for piixpm(4) which I found by
looking up SMBus in WikiPedia as I had no idea what it was. There I've noticed
it's I2C extension and looked I2C up in HCL.

--
Dmitrij D. Czarkoff

Re: Hardware Spec Search Engine?

[Christian Weisgerber]

Arnaud Bergeron aberge...@gmail.com wrote:

  -08:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B
 PCI Express Gigabit Ethernet controller (rev 03)
 
 For the wired network card, check the rl(4) and/or re(4)
 man page for it.

It's a re(4).

 As for Firewire, it was supported at one point and then taken
 out.  I can't remember why and I don't care enough to search the
 archives.

Somewhat embarrassingly, OpenBSD has never had a working Firewire
implementation.

-- 
Christian naddy Weisgerber  na...@mips.inka.de

Re: EM_MIPS==LOONGSON?

[Miod Vallat]

 I was reading ELF headers from different arches when I found that for
 Loongson binaries em_machine==EM_MIPS. However, elf(5) and
 elf_abi.h-sys/exec_elf.h describe EM_MIPS as /* MIPS R3000
 Big-Endian only */, whereas I think Loongson processors are little
 endian(objdump says elf64-littlemips).
 
 So, do these descriptions need to be changed or is it something else?

Yes and no. This value was initially registered by Mips as R3000 BE, but
as the various operating systems availble on mips-compatible cpus
switched from ECOFF to ELF, they have reused this value even if the
processor model or endianness was different.

This doesn't mattter much since endianness and 32 vs 64 bit information
is found in the e_ident field of the ELF header.

Miod

Re: Hardware Spec Search Engine?

[Tony Abernethy]

Christian Weisgerber wrote:

 Somewhat embarrassingly, OpenBSD has never had a working Firewire
 implementation.

As I understand it, only the malware writers are embarrassed.
You don't need a back door when the front door is missing.
Any time all of system memory is open to Read/Write access by
hardware (with the assist of local BIOSes etc), ...

Re: Hardware Spec Search Engine?

[Rod Whitworth]

On Sat, 17 Jul 2010 06:57:09 -0400, Tony Abernethy wrote:

Christian Weisgerber wrote:

 Somewhat embarrassingly, OpenBSD has never had a working Firewire
 implementation.

As I understand it, only the malware writers are embarrassed.
You don't need a back door when the front door is missing.
Any time all of system memory is open to Read/Write access by
hardware (with the assist of local BIOSes etc), ...

Try this page: http://www.storm.net.nz/projects/16
The demo I saw was documented in the pdf linked on the above linked
page.
Its URL is
http://www.storm.net.nz/static/files/ab_firewire_rux2k6-final.pdf


*** NOTE *** Please DO NOT CC me. I am subscribed to the list.
Mail to the sender address that does not originate at the list server is 
tarpitted. The reply-to: address is provided for those who feel compelled to 
reply off list. Thankyou.

Rod/
---
This life is not the real thing.
It is not even in Beta.
If it was, then OpenBSD would already have a man page for it.

Re: Hardware Spec Search Engine?

[Jiri B.]

On Sat, 17 Jul 2010 10:45:10 + (UTC)
na...@mips.inka.de (Christian Weisgerber) wrote:

  As for Firewire, it was supported at one point and then taken
  out.  I can't remember why and I don't care enough to search the
  archives.
 
 Somewhat embarrassingly, OpenBSD has never had a working Firewire
 implementation.
 

As others wrote, Firewire is big hole. I'm confused if it is totally OS
independent or not, also I read somewhere the same attack can be done
via pcmcia (??)

There's already a Windows tool to auto-search for truecrypt keys in
dumped memory image :DD

http://md.hudora.de/presentations/firewire/

jirib

Re: Hardware Spec Search Engine?

[Tomas Bodzar]

On Sat, Jul 17, 2010 at 12:45 PM, Christian Weisgerber
na...@mips.inka.de wrote:
 Arnaud Bergeron aberge...@gmail.com wrote:

  -08:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd.
RTL8111/8168B
 PCI Express Gigabit Ethernet controller (rev 03)

 For the wired network card, check the rl(4) and/or re(4)
 man page for it.

 It's a re(4).

 As for Firewire, it was supported at one point and then taken
 out. B I can't remember why and I don't care enough to search the
 archives.

 Somewhat embarrassingly, OpenBSD has never had a working Firewire
 implementation.


Maybe this is one of the reasons for that
http://www.mpegla.com/main/programs/1394/Pages/Intro.aspx

 --
 Christian naddy Weisgerber B  B  B  B  B  B  B  B  B  B  B  B 
B na...@mips.inka.de





--
bIf youbre good at something, never do it for free.bB bThe Joker

Re: Hardware Spec Search Engine?

[Christian Weisgerber]

Tony Abernethy t...@servasoftware.com wrote:

  Somewhat embarrassingly, OpenBSD has never had a working Firewire
  implementation.
 
 As I understand it, only the malware writers are embarrassed.

The fanboys here need to understand that OpenBSD does have actual
deficiencies, and trying to rationalize them away as conscious
security decisions is just stupid.

The reason OpenBSD doesn't have Firewire support is that the three
or so attempts by developers to implement it have all petered out
without result.

 Any time all of system memory is open to Read/Write access by
 hardware (with the assist of local BIOSes etc), ...

This can be disabled with the flip of a bit.  (On FreeBSD, set
hw.firewire.phydma_enable=0 in the boot loader.)  If you are worried
about a remaining attack window, then OpenBSD's lack of support
does nothing to fix it.

Firewire's memory access can also be used to implement remote kernel
debugging.  Every general hackathon, one developer or the other can
be overheard wishing for such a facility.

-- 
Christian naddy Weisgerber  na...@mips.inka.de

force image size converting possible with convert command ?

[Aaron Lewis]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,
I'm trying to convert a image , which will make a change on its size.

% convert -resize 1024x768 my-1280x800.png my-1024x768.png

Like 1280x800 to 1024x768 , i will end up with a size at 1024x600 ,
just because 1280/800 != 1024/768 , but 1024/600.

So how can i get a image at the `right' size , i just don't know how to
describe this problem ..

Many thanks.

- -- 
Best Regards,
Aaron Lewis - PGP: 0x4A6D32A0
FingerPrint EA63 26B2 6C52 72EA A4A5 EB6B BDFE 35B0 4A6D 32A0
irc: A4r0n on freenode
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkxBq1wACgkQvf41sEptMqC6jACfTTQ9TyNN/2BZxZm3+3CrFYoo
XRcAoLLaZffm+8bdHPAMqO2wic3GFMXl
=kAVD
-END PGP SIGNATURE-

Re: force image size converting possible with convert command ?

[Chris Bennett]

On 07/17/10 08:08, Aaron Lewis wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,
I'm trying to convert a image , which will make a change on its size.

%  convert -resize 1024x768 my-1280x800.png my-1024x768.png

Like 1280x800 to 1024x768 , i will end up with a size at 1024x600 ,
just because 1280/800 != 1024/768 , but 1024/600.

So how can i get a image at the `right' size , i just don't know how to
describe this problem ..

Many thanks.

- --
Best Regards,
Aaron Lewis - PGP: 0x4A6D32A0
FingerPrint EA63 26B2 6C52 72EA A4A5 EB6B BDFE 35B0 4A6D 32A0
irc: A4r0n on freenode
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkxBq1wACgkQvf41sEptMqC6jACfTTQ9TyNN/2BZxZm3+3CrFYoo
XRcAoLLaZffm+8bdHPAMqO2wic3GFMXl
=kAVD
-END PGP SIGNATURE-




see :
file:///usr/local/share/doc/ImageMagick/www/convert.html


-resize width
-resize widthxheight{%} {...@} {!} {} {} {^}

   resize an image.

   By default, the width and height are maximum values. That is, the 
image is expanded or contracted to fit the width
   and height value while maintaining the aspect ratio of the image. 
Append an exclamation point to the geometry to
   force the image size to exactly the size you specify. For example, 
if you specify 640x480! the image width is set to

   640 pixels and height to 480.

Re: force image size converting possible with convert command ?

[Aaron Lewis]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 07/17/2010 09:18 PM, Kenneth Gober wrote:
 describe the problem correctly, and you're halfway to a solution.  1024/600
 *is* the 'right' size.  what you want to do is convert the image to the
 'wrong' size, by stretching it, or cropping it, or padding it with bars at
 the top and bottom, or something else.  but before you can do this, you will
 have to decide how, exactly, you want to do it 'wrong'.  once you've figured
 out how you want to distort the image, you can then do that as the first
 step, then convert as the last step.

Just like what we do in GIMP , Scale Image with the `Yellow lock'
besides the size unlocked.

Tried -crop size , -linear-stretch not working at all.

 
 -ken
 
 On Sat, Jul 17, 2010 at 9:08 AM, Aaron Lewis aaron.lewis1...@gmail.comwrote:
 



- -- 
Best Regards,
Aaron Lewis - PGP: 0x4A6D32A0
FingerPrint EA63 26B2 6C52 72EA A4A5 EB6B BDFE 35B0 4A6D 32A0
irc: A4r0n on freenode
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEUEARECAAYFAkxBuX0ACgkQvf41sEptMqDL4ACUC0HRw1nLRG6R+aULctzM+EJ3
VQCgoPd7qzH4cWSn4D9TXiPvhLwC7vY=
=g9yb
-END PGP SIGNATURE-

[SOLVED] Re: force image size converting possible with convert command ?

[Aaron Lewis]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 07/17/2010 09:18 PM, Chris Bennett wrote:
 On 07/17/10 08:08, Aaron Lewis wrote:


 see :
 file:///usr/local/share/doc/ImageMagick/www/convert.html


 -resize width
 -resize widthxheight{%} {...@} {!} {} {} {^}

Oh , really nice , just need a exclamation mark.

resize an image.

By default, the width and height are maximum values. That is, the
 image is expanded or contracted to fit the width
and height value while maintaining the aspect ratio of the image.
 Append an exclamation point to the geometry to
force the image size to exactly the size you specify. For example, if
 you specify 640x480! the image width is set to
640 pixels and height to 480.

Thanks Chris , and all of you.


- -- 
Best Regards,
Aaron Lewis - PGP: 0x4A6D32A0
FingerPrint EA63 26B2 6C52 72EA A4A5 EB6B BDFE 35B0 4A6D 32A0
irc: A4r0n on freenode
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkxBuikACgkQvf41sEptMqC2IgCgoHUt6AZjJ3XSq+vJtDMhHsBk
Nl4AoI8g7n4vdZS6oPS/D9Ul1sQxWlDU
=rAj1
-END PGP SIGNATURE-

OpenBSD users.

[Mateusz Gierblinski]

Hi misc@

I'm just wondering. Where are you OpenBSD users from?

I'm from Belgium, anyone else?

Take care

Re: OpenBSD users.

[Floor Terra]

On Sun, Jul 18, 2010 at 1:07 AM, Mateusz Gierblinski
mateusz.gierblin...@gmail.com wrote:
 Hi misc@

 I'm just wondering. Where are you OpenBSD users from?

For the developers just pkg_add openbsd-developers.
There is no equivalent openbsd-users package. Are you creating one?

Floor


-- 
Floor Terra flo...@gmail.com
www: http://brobding.mine.nu/

Re: OpenBSD users.

[Andres Genovez]

2010/7/17 Mateusz Gierblinski mateusz.gierblin...@gmail.com

 Hi misc@

 I'm just wondering. Where are you OpenBSD users from?

 I'm from Belgium, anyone else?

 Take care


Ecuador :) Rare race of South America


--
Atentamente

Andris Genovez Tobar / Sistemas
Elastix ECE - Linux  LPI-1 - Novell CLA - Apple ACMT
http://www.cspmsa.com
ageno...@cspmsa.com

Jabber:  bitfr...@asgard.crice.org
Comunidad: http://www.crice.org

Re: OpenBSD users.

[Frank Bax]

Mateusz Gierblinski wrote:

Hi misc@

I'm just wondering. Where are you OpenBSD users from?

I'm from Belgium, anyone else?

Take care



There is an OpenBSD user in every country on this planet.

ipv6 pf ruleset

[Matt S]

Hello,

Could someone tell me why, given the following ruleset, I cannot get to my
machine from the outside on ipv6?  Obviously, I just masked out the ipv6
address for security.  Any insight would be much appreciated.  Normally, I
am decent with pf when it comes to ipv4.  But, I am utterly lost.  Perhaps I
don't understand what the gif0 interface is truely doing.  I know that I
have it configured to encapsulate IPv6 traffic in IPv4 but I don't know how
to troubleshoot it well.

wanif=tun0
ip6if=gif0
intif=em0
intnet4=10.40.60.0/24
host=::X:XXX::1
tcp_services={ssh,domain,mail,ftp,http,https}
udp_services={domain}
set skip on {lo,$intif}
block in all
pass out all
pass out on $wanif scrub (max-mss 1440)
match out on $wanif inet from $intnet4 to any nat-to ($wanif)
pass inet proto ipv6 from any to any
pass in on $ip6if inet6 proto icmp6 icmp6-type {echoreq,unreach}
pass in on $ip6if inet6 proto tcp from any to $host port $tcp_services
pass in on $ip6if inet6 proto udp from any to $host port $tcp_services

Thank you,
Matt