N'ayez pas peur d'y aller
Si vous ne visualisez pas ce message, suivez ce lien Pour chaque dossier transmis par Internet, 1 ? est versi ` l'association + Entrepreneurs du Monde ;, qui accompagne des dizaines de milliers de micro-entreprises dans le monde par l'attribution de microcridits accordis aux entrepreneurs les plus dishiritis. Le slogan de l'association est "Avec presque rien on peut changer presque tout". Recouvrement de criances amiable et judiciaire, France & International depuis 1970 Pour l'encaissement de vos impayis : PAS DE SUCCHS, PAS D'HONORAIRES Binificiez en plus de l'option TOUT COMPRIS Les frais de procidure judiciaire sont avancis par FRANCE CREANCES. L'option TOUT COMPRIS vous est offerte ` la remise du dossier. Sociiti spicialisie depuis 1970, en recouvrement amiable et judiciaire, en France et ` l'international, FRANCE CREANCES est membre de l'ANCR et signataire de la charte de diontologie professionnelle qui implique la couverture par une assurance responsabiliti professionnelle souscrite auprhs de la Cie MMA. La certification ISO 9001 (dilivrie par l'AFAQ) garantit le respect des procidures de traitement des dossiers de recouvrement confiis ` FRANCE CREANCES. Le montant des encaissements est reversi au 30 de chaque mois et le bilan de la sociiti fait apparantre trhs clairement les sommes disponibles pour le compte de ses clients, en sus d'une caution bancaire. Rifirencie par des centaines de PME⁄PMI, FRANCE CREANCES intervient aussi pour des grands groupes, des banques et des Etablissements Publics Industriels et Commerciaux. Le centre de traitement International de FRANCE CREANCES travaille en Anglais, Allemand, Espagnol, Italien, Polonais. Pour vous disabonner, collez ce lien dans votre navigateur : http://www.gce-mailer-4.com/unsuscribe.asp?lang=francais&id_formulaire=4&email=misc@openbsd.org&id_message=847
Ejemplar de cortesia
EJEMPLAR DE CORTESIA Estimado Lector: Agradeceremos sea tan amable en analizar la siguiente publicacisn, que contiene pronssticos de ECONOMIA de la REPUBLICA MEXICANA y ESTADOS UNIDOS. http://www.divavu.net/Azul.pdf Si usted desea recibir GRATUITAMENTE dos ejemplares de nuestro BOLETIN INFORMATIVO TENDENCIAS ECONOMICAS Y FINANCIERAS VIA E-MAIL uno cada semana, o conoce a quien este involucrado en el ambito Financiero y tuviera interis en leer nuestra informacisn, le pido de favor notificarmelo por este medio a: tendencias.ven...@yahoo.com.mx proporcionandome los correos y telifonos, para enviarsela. Estoy a sus srdenes: Cordialmente. Enviado por SATELINET S.A. DE C.V. www.tendencias.com.mx 01 (55) 3095-3942 al 47 LUCIA CARRASCO Si no desea recibir este boletin por favor responda este correo con el asunto REMOVER unsuscriber reply REMOVE
Re: restore wants a new tape but none exists!
On Wed, Mar 09, 2011 at 11:13:33PM -0700, Theo de Raadt wrote: > If you feel so strongly about it that you feel it to forward private > correspondence, then please leave our mailing lists. > Only following your lead. > I am sure others will feel the same; those of you who do, feel free > to explain the concept to him. > Ah the invitation for the brands and pitchforks. How nice to rally the troops to do your dirty work and muddy the thread with random flagellation attempts. > I still think you are a loser. If you have endured a real bug for > a long time, and not filed a bug report to have it fixed.. and then > feel it is your right to scold people who attempt to explain the bug, > then quite frankly, then YOU TOTALLY SUCK. > Certainly not unusual on this list for people to scold people for real bugs, perhaps I am guilty of this now too.. Show us the code for this one, I would like to understand it. Certainly, ever since I have been a system admin the recommended way of running dump was in single user mode if you could to ensure a consistent backup. Maybe I have misunderstood what Pass III and Pass IV of the dump messages mean. -- Brett Lymn "Warning: The information contained in this email and any attached files is confidential to BAE Systems Australia. If you are not the intended recipient, any use, disclosure or copying of this email or any attachments is expressly prohibited. If you have received this email in error, please notify us immediately. VIRUS: Every care has been taken to ensure this email and its attachments are virus free, however, any loss or damage incurred in using this email is not the sender's responsibility. It is your responsibility to ensure virus checks are completed before installing any data sent in this email to your computer."
Re: restore wants a new tape but none exists!
If you feel so strongly about it that you feel it to forward private correspondence, then please leave our mailing lists. I am sure others will feel the same; those of you who do, feel free to explain the concept to him. I still think you are a loser. If you have endured a real bug for a long time, and not filed a bug report to have it fixed.. and then feel it is your right to scold people who attempt to explain the bug, then quite frankly, then YOU TOTALLY SUCK. > On Wed, Mar 09, 2011 at 10:59:45PM -0700, Theo de Raadt wrote: > > > > And when you did, did not file a bug report. > > > > Not on OpenBSD. > > > And you did work on a patch. > > > > Not on OpenBSD > > > So you suck. > > > > > I am sure both myself and Jeff will be thrilled when you find the bug. > > > thanks. > > > > You are a pathetic loser. > > And it is this sort of nasty backchannel sniping that ensures it won't > be on OpenBSD. I don't care about your opinion Theo. Not one bit. > > -- > Brett Lymn > "Warning: > The information contained in this email and any attached files is > confidential to BAE Systems Australia. If you are not the intended > recipient, any use, disclosure or copying of this email or any > attachments is expressly prohibited. If you have received this email > in error, please notify us immediately. VIRUS: Every care has been > taken to ensure this email and its attachments are virus free, > however, any loss or damage incurred in using this email is not the > sender's responsibility. It is your responsibility to ensure virus > checks are completed before installing any data sent in this email to > your computer."
Re: restore wants a new tape but none exists!
On Wed, Mar 09, 2011 at 10:59:45PM -0700, Theo de Raadt wrote: > > And when you did, did not file a bug report. > Not on OpenBSD. > And you did work on a patch. > Not on OpenBSD > So you suck. > > > I am sure both myself and Jeff will be thrilled when you find the bug. > > thanks. > > You are a pathetic loser. And it is this sort of nasty backchannel sniping that ensures it won't be on OpenBSD. I don't care about your opinion Theo. Not one bit. -- Brett Lymn "Warning: The information contained in this email and any attached files is confidential to BAE Systems Australia. If you are not the intended recipient, any use, disclosure or copying of this email or any attachments is expressly prohibited. If you have received this email in error, please notify us immediately. VIRUS: Every care has been taken to ensure this email and its attachments are virus free, however, any loss or damage incurred in using this email is not the sender's responsibility. It is your responsibility to ensure virus checks are completed before installing any data sent in this email to your computer."
Re: restore wants a new tape but none exists!
On Thu, Mar 10, 2011 at 04:25:50PM +1030, Brett Lymn wrote: > On Wed, Mar 09, 2011 at 10:47:54PM -0700, Theo de Raadt wrote: > > Instead of helping a person who might have found a bug, I think you > > are talking out of your ass. > > > > If you say so Theo. Oddly, I have experienced exactly those systems sorry... "symptoms" not systems. -- Brett Lymn "Warning: The information contained in this email and any attached files is confidential to BAE Systems Australia. If you are not the intended recipient, any use, disclosure or copying of this email or any attachments is expressly prohibited. If you have received this email in error, please notify us immediately. VIRUS: Every care has been taken to ensure this email and its attachments are virus free, however, any loss or damage incurred in using this email is not the sender's responsibility. It is your responsibility to ensure virus checks are completed before installing any data sent in this email to your computer."
Re: restore wants a new tape but none exists!
On Wed, Mar 09, 2011 at 10:47:54PM -0700, Theo de Raadt wrote: > Instead of helping a person who might have found a bug, I think you > are talking out of your ass. > If you say so Theo. Oddly, I have experienced exactly those systems with backups from an file system that was being actively changed while dump was doing its work. I am sure both myself and Jeff will be thrilled when you find the bug. thanks. -- Brett Lymn "Warning: The information contained in this email and any attached files is confidential to BAE Systems Australia. If you are not the intended recipient, any use, disclosure or copying of this email or any attachments is expressly prohibited. If you have received this email in error, please notify us immediately. VIRUS: Every care has been taken to ensure this email and its attachments are virus free, however, any loss or damage incurred in using this email is not the sender's responsibility. It is your responsibility to ensure virus checks are completed before installing any data sent in this email to your computer."
=?windows-1252?Q?2011_-_CHARLA_INFORMATIVA_=BFQu=E9_es_el_Modelo_Sist=E9mico??=
[IMAGE] Director: Dr. Horacio Serebrinsky - Director Acadimico: Dr. Marcelo R. Ceberio Formacisn de Terapeutas sistimicos, investigacisn y asistencia psicolsgica CHARLA INFORMATIVA ?QUE ES EL MODELO SISTIMICO? Coordina: Dr. Marcelo R. Ceberio Viernes 11 de Marzo de 20 hs Actividad gratuita - Reservar vacante Consulte por las actividades de formacisn: POSTGRADOS 2011: Curso superior de formacisn en el modelo sistimico. Terapia sistimica de pareja. Tratamiento sistimico de las adicciones. Management sistimico. Especializacisn en terapia de grupo sistimica. CURSOS DE ESPECIALIZACISN ANUALES: Trastornos alimentarios y obesidad. Psicodiagnsstico laboral. CURSOS CUATRIMESTRALES: Violencia familiar CURSOS BIMESTRALES: Operador socioterapiutico. Acompaqante terapiutico. Hipnosis ericksoniana SEMINARIOS: Tratamiento de las depresiones. Prevencisn. Diversidades familiares. Manejo del Estris. El estilo terapiutico. Entrenamiento en la mirada sistimica. Tratamiento sistimico-cognitivo-PINE de los trastornos de panico. Fray Justo S. M. de Oro 1843 (C1414DBC) Cap. Fed. Te/Fax: 4774-2875/6112 4899-1053 - i...@escuelasistemica.com.ar / www.escuelasistemica.com.
Re: restore wants a new tape but none exists!
On Wed, Mar 09, 2011 at 08:28:31AM -0700, Jeff Ross wrote: > On 03/08/11 16:20, Brett Lymn wrote: > > > >Unlikely to be a bug more likely that you did a dump of a file system > >that was changing while the dump was in progress. This breaks the > >backup and produces the sort of symptoms you are seeing when trying to > >do a restore. > > > > That's not very likely since this is from my OpenBSD workstation at work > taken in the middle of the night when I'm not there and httpd is only > set up to listen on localhost. > No log rotations? Changing directory entries seems to be the most likely culprit for having the problem. > > That's the bug I'm asking about, but if what you write above is correct > my belief that dump is an adequate backup is now in question. No where > in the dump man page does it say that and that certainly flies in the > face of everything I thought I knew about how dump does its job. > It is not likely to be a bug it is far more likely that your backup was broken by things changing under dump's feet. It was broken because you had an incomplete understanding of how dump works. Dump is fine to use when the system is in multiuser as long as you take care to ensure changes to meta-data is not done during the backup. -- Brett Lymn "Warning: The information contained in this email and any attached files is confidential to BAE Systems Australia. If you are not the intended recipient, any use, disclosure or copying of this email or any attachments is expressly prohibited. If you have received this email in error, please notify us immediately. VIRUS: Every care has been taken to ensure this email and its attachments are virus free, however, any loss or damage incurred in using this email is not the sender's responsibility. It is your responsibility to ensure virus checks are completed before installing any data sent in this email to your computer."
Re: restore wants a new tape but none exists!
On Wed, Mar 09, 2011 at 06:54:07PM +0100, Benny Lofgren wrote: > > I don't think the problem is so much with dump as it is with restore, > and even there it's likely not more than a nuisance for the operator. > Don't gamble any important data solely on that opinion, though... > When I have seen this situation myself it has resulted in data loss. The backup is bad. -- Brett Lymn "Warning: The information contained in this email and any attached files is confidential to BAE Systems Australia. If you are not the intended recipient, any use, disclosure or copying of this email or any attachments is expressly prohibited. If you have received this email in error, please notify us immediately. VIRUS: Every care has been taken to ensure this email and its attachments are virus free, however, any loss or damage incurred in using this email is not the sender's responsibility. It is your responsibility to ensure virus checks are completed before installing any data sent in this email to your computer."
Fim de semana Gastronomico
A presente e-newsletter destina-se znica e exclusivamente a informar e nco pode ser considerada SPAM. De acordo com a legislagco internacional que regulamenta o correio electrsnico, "o e-mail nco podera ser considerado SPAM quando incluir uma forma do receptor ser removido da lista". Caso o seu nome faga parte da nossa lista por engano, desde ja apresentamos as nossas desculpas. Dado que o processo de remogco i automatico, pedimos o favor de verificar qual o e-mail onde receberam a nossa e-newsletter antes de solicitar a remogco Se nco deseja continuar a receber a nossa e-newsletter, clique Cancelar subscrigco [demime 1.01d removed an attachment of type image/jpeg which had a name of paredes hotel apartamento 06 - cartaz fim de semana gastronómico 19 e 20 março baixaii.jpg]
Re: obtaining openbsd.pbr from windows 7
On 03/09/11 13:09, marc wrote: > First of all, thanks for all the feedback. > > (at FAQ 4.9) I still think that adding a note that rsd0 is the name of > the raw character device associated to the device sd0 and that > consequently you can find the correct parameter for dd in your system by > adding an 'r' to the device listed in disklabel which is associated to > /, would be useful to future illiterates like me. The most important section of 4.9 is often ignored, in spite of my putting it in the first paragraph: "Multibooting is having several operating systems on one computer, and some means of selecting which OS is to boot. It is not a trivial task! If you don't understand what you are doing, you may end up deleting large amounts of data from your computer. New OpenBSD users are strongly encouraged to start with a blank hard drive on a dedicated machine, and then practice your desired configuration on a non-production system before attempting a multiboot configuration on a production machine. FAQ 14 has more information about the OpenBSD boot process." Note the 2nd, 3rd and 4th sentences. Multibooting is not for novice users. This section is not for teaching you how OpenBSD works or any of dozens of other OSs that could be multibooted with OpenBSD. It is to provide guidance for people who are very familiar with all the OSs they are planning on using on one machine. > On 3/9/2011 2:04 PM, Stuart Henderson wrote: >> On 2011-03-09, marc wrote: >>> I also think it would be great to add msdos and ntfs support in the >>> installation cdrom (no it's not there). >> msdos support *is* there on most arch. > not on amd64 (OpenBSD 4.8)... I doubled checked. There are only > mount_cdf9660,mount_ffs,mount_udf. >> ntfs support wouldn't be worth the space, considering you >> can't safely write files with it. >> >>> Ubuntu has it >> irrelevant. > well Ubuntu has it, and I never had problems writing files with it. > if there is open source code around that works, I don't think this is > irrelevant... It might provide some great inspiration... (even if it is > probably hard work). Read up on licensing. "open source" code by the Linux definition can not be used in a system following the BSD/ISC/MIT license. http://www.openbsd.org/policy.html Nick.
Re: obtaining openbsd.pbr from windows 7
On Wed, 09 Mar 2011 19:09 +0100, "marc" wrote: > First of all, thanks for all the feedback. > > (at FAQ 4.9) I still think that adding a note that rsd0 is the name of > the raw character device associated to the device sd0 and that > consequently you can find the correct parameter for dd in your system by > adding an 'r' to the device listed in disklabel which is associated to > /, would be useful to future illiterates like me. Read a book on UNIX. Seriously. Knowing the difference between raw and block devices sorta falls under the category of basic UNIX knowledge. When using a utility like dd, OpenBSD man pages assume you have basic UNIX knowledge. The man pages nor the FAQ are considered to be tutorials in the use of UNIX. I'm not trying to be a smartass. I'm trying to help you before some one is actually rude to you if you persist in this line of argument.
Re: 802.11n
it requires driver modifications for all 802.11n supporting chips, and ieee80211 infrastructure update to add support for new modulation rates other new 11n techniques that are tied into the stack Hugo Osvaldo Barrera [h...@osvaldobarrera.com.ar] wrote: > I know that 802.11n is not supported yet, however, I was wondering: > > Is anyone working on this? > What needs to be done to add support to "n"? I'd like to contribute if > possible, I don't mind if it's a LOT of work, but I will probably get > stuck if it's very complicated. > Does just ieee80211(9) need to be modified, or do drivers need to be > updated as well? (I feel modifying drivers is really out of my league > as far as programming experience goes)? > > > -- > Hugo Osvaldo Barrera > Sent using my PC -- the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
2011 RUSYA Parsiyel Karayolu Hizmeti
'. 2011 RUSYA Parsiyel Karayolu Hizmeti MPS ,Rusya Parsiyel Karayolu Servisi ]le M|~terilerine En ]yi Hizmeti Sunmay} hedefliyor. MPSnin T|rkiye RUSYA aras}nda 2011 y}l}nda hizmete giren MPS,RUSYA Karayolu Servisi hizmet ap}n} geni~leterek m|~terilerine en kaliteli ve en yayg}n hizmeti sunmaya devam ediyor. MPS,RUSYA Karayolu Servisi ile T|rkiyede bir ilke imza atarak karayolu ile yap}lan ta~}mac}l}kta da her t|rl| gvnderiyi kap}dan al}p kap}ya teslim ediyor. Uluslararas} dap}t}m yapan diper firmalar gvnderileri g|mr|kten al}p g|mr|pe teslim ederken, MPS,Karayolu Servisi gvnderileri m|~terinin kap}s}ndan al}p g|mr|k i~lemleri tamamland}ktan sonra gidecepi yerde de kap}ya kadar tesli! m ediyor. Kalk}~ta ve var}~ta y|zde 99un |zerinde performans gvsteren MPS,RUSYA Karayolu Servisi, ihracatg} ve ithalatg} firmalar}n 30 kilogramdan ba~layan ap}rl}klardaki t|m gvnderilerini ta~}yor ayr}ca Rusyan}n t|m ~ehirlerine d|zenli servis veriyor. MPS T|rkiye m|~terileri son derece geli~mi~ teknoloji ap} sayesinde gvnderilerinin durumunu ve teslimat}n} kon~imento |zerindeki barkod numaras} ile www.mpscargo.com web adresinden takip edebiliyor. T|rkiyeden her hafta Pazartesi, Gar~amba ve Cuma g|nleri ihracat gvnderilerini yapan MPS ayn} g|nlerde saat 12:00de son mal kabul| yap}l}p saat 18:00 de hareket ederek ihracat gvnderilerini ta~}yor. MPS Karayolu Servisi ayn} bir ugak gibi tam zaman}nda kalk}yor ve m|~terilerinin t|m beklentilerini kar~}l}yor. G|mr|k Dahil fiyatland}rma igin l|tfen , mpsca...@mail.ru adresine mail ,Packing List veProforma Faturalar}n} gvnderdikleri takdirde fiyatland}rma sunabiliriz.. .' Gok Vzel tan}t}m fiyatlar}m}zdan yararlanmak igin a~ap}daki formu bize gvndermeniz yeterli olacakt}r.Abonelik ba~vurusu E-B|lteni almak istemiyorsan}z l|tfen buray} t}klay}n}z. Capr} Merkezi 444 0 108 Telefon +90 (212) 444 0 108 (DHL- 120) Fax +90 (212) 573 21 84 E-Mail ha...@mpscargo.com Web Adresi www.mpscargo.com [IMAGE]
Re: obtaining openbsd.pbr from windows 7
On 3/9/2011 10:39 PM, Rod Whitworth wrote: On Wed, 09 Mar 2011 13:01:17 +0100, marc wrote: openbcd looks interesting but it's a shame it's not open source... Is that an alternate bcdedit or a typo meaning OpenBSD? dislexia. I meant easybcd. The FAQ (4.9, Windows 7) steps work perfectly though and they are very simple once you get the .pbr file and place it at c:\openbsd.pbr. *** NOTE *** Please DO NOT CC me. I subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
Programa de Planeación y Gestión TOTAL para Compradores
[IMAGE] Pms Capacitacisn Efectiva de Mixico presenta: Herramientas para Planear y Gestionar Compras 360 0 Exclusiva presentacisn 7 y 8 de Abril en la Ciudad de Mixico Expositor: Lic. Ariel Valero C. 16 horas de entrenamiento Empresa Registrada ante la STPS Reg. COLG640205CP30005 Smguenos en Twitter@pmscapacitacion o bien en Facebook PMS de Mixico Solicite Mayores informes responda este correo electrsnico con los siguientes datos. Empresa: Nombre: Telifono: Email: Nzmero de Interesados: Y en breve le haremos llegar la informacisn completa del evento. O bien comunmquense a nuestros telifonos un ejecutivo con gusto le atendera Tels. (33) 8851-2365, (33)8851-2741. Copyright (C) 2010, PMS Capacitacisn Efectiva de Mixico S.C. Derechos Reservados. PMS de Mixico, El logo de PMS de Mixico son marcas registradas. ADVERTENCIA PMS de Mixico no cuenta con alianzas estratigicas de ningzn tipo dentro de la Republica Mexicana. NO SE DEJE ENGAQAR - DIGA NO A LA PIRATERIA. Todos los logotipos, marcas comerciales e imagenes son propiedad de sus respectivas corporaciones y se utilizan con fines informativos solamente. Este Mensaje ha sido enviado a misc@openbsd.org como usuario de Pms de Mixico o bien un usuario le refiris para recibir este boletmn. Como usuario de Pms de Mixico, en este acto autoriza de manera expresa que Pms de Mixico le puede contactar vma correo electrsnico u otros medios. Si usted ha recibido este mensaje por error, haga caso omiso de el y reporte su cuenta respondiendo este correo con el subject BAJACOMPRASUnsubscribe to this mailing list, reply a blank message with the subject UNSUBSCRIBE BAJACOMPRAS Tenga en cuenta que la gestisn de nuestras bases de datos es de suma importancia y no es intencisn de la empresa la inconformidad del receptor. [demime 1.01d removed an attachment of type image/jpeg which had a name of image00compras1.jpg]
Re: what is the “Online Certificate Status Protocol”
The simple answer as to why OCSP isn't itself via HTTPS is that this would be a cyclical dependency: if you need to accept a certificate, you need to confirm its continuing validity. If you have to use a connection relying on that same logic to confirm validity, at what point are you then able to make a connection? The cryptographic component of OCSP, as WIkipedia points out, is providing a validating signature with the response. On 9 Mar 2011, at 09:30, erikmccaskey64 wrote: > But: with wireshark i can see some "OCSP" packets [ http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol ] > > > Question: What are these packets? Why aren't there in HTTPS? [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: what is the “Online Certificate Status Protocol”
On Wed, Mar 09, 2011 at 03:03:22PM -0430, Andres Perera wrote: > On Wed, Mar 9, 2011 at 9:27 AM, Joachim Schipper > wrote: > > On Wed, Mar 09, 2011 at 01:30:39AM -0800, erikmccaskey64 wrote: > >> I use privoxy. In the user.action file i have a redirect rule and a > >> few websites: > >> > >> > >> { +redirect{s@http://@https://@} } > >> .twitter.com > >> .facebook.com > > > > (...) your setup seems to work just fine (or as well as SSL does in > > the first place). The "HTTPS Everywhere" Firefox extension would be a > > less hacky solution, though. > > i'm curious as to why do you say that. afaik, https everywhere also > works by rewriting the uri, just like privoxy or squid would, while > not being limited to one browser, not being unable to log actions, not > being unable to scale for a whole site instead of a single system, > etc. I dislike "transparently" messing with connections. If you use HTTPS Everywhere, it's still your browser talking to Facebook/Twitter/whatever. Additionally, if Facebook ever sets its session cookes on, say, facebookapi.com instead of facebook.com, the extension is likely to receive an upgrade. But yes, this is somewhat subjective; I'll try to make that clearer next time. Joachim -- TFMotD: perlrequick (1) - Perl regular expressions quick start http://www.joachimschipper.nl/
Re: obtaining openbsd.pbr from windows 7
On Wed, 09 Mar 2011 13:01:17 +0100, marc wrote: >openbcd looks interesting but it's a shame it's not open source... > Is that an alternate bcdedit or a typo meaning OpenBSD? *** NOTE *** Please DO NOT CC me. I subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
Re: what is the “Online Certificate Status Protocol”
On Wed, Mar 9, 2011 at 9:27 AM, Joachim Schipper wrote: > On Wed, Mar 09, 2011 at 01:30:39AM -0800, erikmccaskey64 wrote: >> I use privoxy. In the user.action file i have a redirect rule and a few websites: >> >> >> { +redirect{s@http://@https://@} } >> .twitter.com >> .facebook.com >> >> >> Ok! it's working great, e.g.: if i visit any "*twitter.com" URL it gets redirected to HTTPS! >> >> >> But: with wireshark i can see some "OCSP" packets [ http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol ] >> >> >> Question: What are these packets? Why aren't there in HTTPS? >> >> >> Is my redirection method with privoxy is secure? > > The keys to legitimate certificates may fall in the hands of bad guys > (e.g. when they hack a HTTPS server). This would allow the bad guys to > redirect your HTTPS connections to their own machines without you seeing > any warnings until the stolen certificates are no longer valid (which > should allow them something like a year to steal your credit card). > > In order to prevent this, your computer asks a special server whether > the certificate has been revoked. This is done over the OCSP protocol > (there are other solutions); the connection is not encrypted, but the > OCSP server's responses are digitally signed. > > So yes, your setup seems to work just fine (or as well as SSL does in > the first place). The "HTTPS Everywhere" Firefox extension would be a > less hacky solution, though. i'm curious as to why do you say that. afaik, https everywhere also works by rewriting the uri, just like privoxy or squid would, while not being limited to one browser, not being unable to log actions, not being unable to scale for a whole site instead of a single system, etc. > > B B B B B B B B Joachim > > -- > PotD: biology/bioperl - perl tools for bioinformatics > http://www.joachimschipper.nl/
Re: Relayd -- FQDN length limit?
An update, I have had a chance to start Relayd with verbose logging to troubleshoot this, and I get the following on startup with any FQDN longer than 32 characters in relayd.conf (config details are the same as in my previous email): SSL library error: ..com: relay_ssl_ctx_create: error:140DB111:SSL routines:SSL_CTX_set_session_id_context:ssl session id context too long fatal: relay_init: failed to create SSL context: Invalid argument It doesn't look like there's a hard limit for FQDN length in the source for relayd, anybody have any ideas? Thanks, Andrew Klettke Systems Admin Optic Fusion NOC 253-830-2943 On 02/04/2011 04:04 PM, Andrew Klettke wrote: Hello all, It looks like we've run into a limit for the length of a SSL hostname in relayd. If we define a relay with a hostname that is longer than 32 characters, we get the following: Feb 1 22:14:00 fw02 relayd[22062]: fatal: relay_init: failed to create SSL context: No buffer space available However, shorter hostnames do not cause relayd to throw the error. We've tested this with multiple domain names. Is this an expected behavior of relayd? Here is the defined protocol and the relay giving us the issue in relayd.conf (FQDN censored): http protocol "httpsfilter" { tcp { nodelay, sack, socket buffer 65536, backlog 100 } return error header append "$REMOTE_ADDR" to "X-Forwarded-For" header append "$SERVER_ADDR:$SERVER_PORT" to "X-Forwarded-By" header change "Keep-Alive" to "$TIMEOUT" ssl { sslv3, tlsv1, no sslv2, ciphers "HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM" } } relay "..com" { listen on "..com" port 443 ssl protocol "httpsfilter" forward to port 443 mode loadbalance check http "/" code 200 }
Re: obtaining openbsd.pbr from windows 7
First of all, thanks for all the feedback. (at FAQ 4.9) I still think that adding a note that rsd0 is the name of the raw character device associated to the device sd0 and that consequently you can find the correct parameter for dd in your system by adding an 'r' to the device listed in disklabel which is associated to /, would be useful to future illiterates like me. On 3/9/2011 2:04 PM, Stuart Henderson wrote: On 2011-03-09, marc wrote: I also think it would be great to add msdos and ntfs support in the installation cdrom (no it's not there). msdos support *is* there on most arch. not on amd64 (OpenBSD 4.8)... I doubled checked. There are only mount_cdf9660,mount_ffs,mount_udf. ntfs support wouldn't be worth the space, considering you can't safely write files with it. Ubuntu has it irrelevant. well Ubuntu has it, and I never had problems writing files with it. if there is open source code around that works, I don't think this is irrelevant... It might provide some great inspiration... (even if it is probably hard work).
Re: restore wants a new tape but none exists!
On 2011-03-09 16.28, Jeff Ross wrote: > The only way I found out of this loop is to ctrl-c. > > That's the bug I'm asking about, but if what you write above is correct > my belief that dump is an adequate backup is now in question. No where > in the dump man page does it say that and that certainly flies in the > face of everything I thought I knew about how dump does its job. I don't think the problem is so much with dump as it is with restore, and even there it's likely not more than a nuisance for the operator. Don't gamble any important data solely on that opinion, though... /B -- internetlabbet.se / work: +46 8 551 124 80 / "Words must Benny Lvfgren/ mobile: +46 70 718 11 90 / be weighed, / fax:+46 8 551 124 89/not counted." /email: benny -at- internetlabbet.se
Re: obtaining openbsd.pbr from windows 7
On Wed, Mar 9, 2011 at 4:01 AM, marc wrote: > I think it would be nice to add a little note in the docs explaining what > 'r' stands for and that you should add it in front of your device name to > access it while being used. > See Section 14.1 of the FAQ.
Re: OpenBSD 4.8 HP ProLiant DL360 G7 Install OK?
On Wed, Mar 09, 2011 at 01:08:07PM +0100, rancor wrote: > No, sadly not. The machines are now in use and I don't have any to > spare. I needed that information when I reported the problem, it's > kind of late now but I sure will use the information next time I run > into problem when I'm validating a new environment. > > Best Regards OK, I'll close the PR and you can submit a new one when you have time/hardware to test. Thanks. Ken
Re: Ideas for securing OpenVPN on an OpenWrt router
> On Tue, 08 Mar 2011 23:40:16 -0800, erikmccaskey64 wrote: > >> Why does using only UDP gives more security?? > He didn't say it did. > > TCP-over-TCP is the problem. > > TCP-over-UDP is less fractious. > > http://sites.inka.de/bigred/devel/tcp-tcp.html > > True. Also it's more resilient to dos attacks than on tcp. http://openvpn.net/index.php/open-source/documentation/howto.html#security Giannis [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
WebOutlet.24hu hírlevél
( http://www.weboutlet24.hu/ ) MinEsC)gi mC!rkC!s ruhC!k hihetetlen C!ron! Megnyitott a weboutlet24.hu ruhC!zati webC!ruhC!z. Szia! Ezt a levelet azC)rt kapod, mert az elmC:lt 6 C)vben mC!r regisztrC!ltC!l valamelyik weboldalamon, ahol elfogadtad, hogy hC-rlevelet kChttp://www.weboutlet24.hu ( http://www.weboutlet24.hu/ ) --> az oldalon a tetszik gombra kattintva kedvelheted oldalunkat! AktuC!lis akciC3k Nike fehC)r C:j nEi felsE S mC)ret ( http://www.weboutlet24.hu/index.php?page=shop.product_details&flypage=flypage.tpl&product_id=148&category_id=32&option=com_virtuemart&Itemid=5 ) Cr: 5500 Ft. NEi Adidas Pro Conf 2 black/white 39-42-ig. ( http://www.weboutlet24.hu/index.php?option=com_virtuemart&Itemid=5&category_id=20&page=shop.browse&limit=20&limitstart=0 ) Cr: 11.990 Ft. Adidas clima h. ujjC: pC3lC3 L ( http://www.weboutlet24.hu/index.php?page=shop.product_details&flypage=flypage.tpl&product_id=390&category_id=75&option=com_virtuemart&Itemid=5 ) - FC)rfi Cr: 3990 Ft. VC!sC!rolj Te is kC)nyelmesen otthonodbC3l hihetetlen C!ron! Minden ruha illetve ruhC!zati termC)k C:j, 100%-ig eredeti C)s hibC!tlan C!llapotban kaphatC3! Forgalmazott mC!rkC!k: Nike, Adidas, Puma, Mexx, Morgan, Naf Naf, C&A. http://www.weboutlet24.hu ( http://www.weboutlet24.hu/ ) Hogyan veheted igC)nybe a 10%-os kedvezmC)nyt? Semmi mC!s dolgod nincs, mint regisztrC!lni webC!ruhC!zunkban C)s mC!ris tiC)d a 10% kedvezmC)ny az elsE vC!sC!rlC!sbC3l. Ne vC!rj tovC!bb, mert a 10%-os kedvezmC)nyre csak azon felhasznC!lC3k jogosultak akik 2011.03.14. -ig regisztrC!lnak! SzeretnC)l leiratkozni a hC-rlevC)lrEl? Ide kattintva megteheted ( http://www.weboutlet24.hu/index.php?option=com_acymailing&ctrl=user&task=optout&mailid=10&subid=49274&key=0bccaebac909f4990d0c3c6339f4a21a ) Nike fehC)r C:j nEi felsE S mC)ret
Re: what is the “Online Certificate Status Protocol”
On Wed, Mar 9, 2011 at 4:30 AM, erikmccaskey64 wrote: > I use privoxy. In the user.action file i have a redirect rule and a few > websites: What version of OpenBSD are you running? -- -- Paul D. Ouderkirk Senior UNIX System Administrator p...@ouderkirk.ca -- laughing, in the mechanism -- William Gibson
Re: restore wants a new tape but none exists!
On 03/08/11 16:20, Brett Lymn wrote: On Tue, Mar 08, 2011 at 02:50:19PM -0700, Jeff Ross wrote: Is this worthy of a bug report or is there a peback afoot here? Unlikely to be a bug more likely that you did a dump of a file system that was changing while the dump was in progress. This breaks the backup and produces the sort of symptoms you are seeing when trying to do a restore. That's not very likely since this is from my OpenBSD workstation at work taken in the middle of the night when I'm not there and httpd is only set up to listen on localhost. Regardless, the problem I was writing about is that restore is asking for a next volume and telling me to enter "none" if there are no more tapes and when I enter none, or "none" or any other combination of none, it says: "You have read volumes: 1 Specify next volume #: none Volume number invalid: none Specify next volume #: none Volume number invalid: none If I enter the non-existent volume number of 2, it tells me "Cannot open 2" and then asks for the next volume. The only way I found out of this loop is to ctrl-c. That's the bug I'm asking about, but if what you write above is correct my belief that dump is an adequate backup is now in question. No where in the dump man page does it say that and that certainly flies in the face of everything I thought I knew about how dump does its job. Thanks Jeff
Re: restore wants a new tape but none exists!
On 2011-03-09 07.48, Brett Lymn wrote: > On Wed, Mar 09, 2011 at 01:49:04AM +0100, Benny Lofgren wrote: >> I don't know about the rest of you guys, but to me that sounds exactly >> like a bug... especially since nothing is mentioned of such behaviour in >> the dump man page. > Well, you would have to totally redo the guts of dump if you want to > "fix" this well known behaviour. Dump scans and writes the meta-data > first and then writes the data for the files. If you have ever used > restore you would note that it builds the directory structure first and > then puts the data back. Dump comes unstuck when the file system meta > data changes during the backup - when files are added or deleted. The > safest way to do a dump is when the machine is in single user mode for > this very reason but many people play fast and loose because they cannot > wear the outage for a backup, in that case you must quiesce the file > systems as best you can. Really, this is well known unix sys admin > procedure. Oh, I'm well aware of how dump and restore works. I only objected to the behaviour the OP described not being labeled as a bug. (Ok, in fact there is a mention in man restore, where it states in the bugs section that "restore can get confused when doing incremental restores from dumps that were made on active file systems". The definition of "confused" however, is... well, confusing. :-) ) I may have misread the OP (english not being my first language, after all), but my interpretation was that the question of whether there is a bug was concerning the endless loop due to not recognizing "none" rather than restore:s confusion as to how many dump volumes there were in the dump set. > Have a go at fixing it, by all means, but note that people _like_ the > interactive restore mode where you can select the files to restore by > browsing and would find it unacceptable to wait for a full tape scan > before they can perform this task. It will be interesting to see how > you go about handling files appearing and disappearing during the > backup. Not having looked at the source I'm probably putting my foot in my mouth here, but it wouldn't seem that impossible to fix restore so that it recognizes the "none" input properly in the OP:s described context (especially since it recommends it itself in the prompt!). Regards, /Benny -- internetlabbet.se / work: +46 8 551 124 80 / "Words must Benny LC6fgren/ mobile: +46 70 718 11 90 / be weighed, / fax:+46 8 551 124 89/not counted." /email: benny -at- internetlabbet.se
Re: what is the “Online Certificate Status Protocol”
On Wed, Mar 09, 2011 at 01:30:39AM -0800, erikmccaskey64 wrote: > I use privoxy. In the user.action file i have a redirect rule and a few > websites: > > > { +redirect{s@http://@https://@} } > .twitter.com > .facebook.com > > > Ok! it's working great, e.g.: if i visit any "*twitter.com" URL it gets > redirected to HTTPS! > > > But: with wireshark i can see some "OCSP" packets [ > http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol ] > > > Question: What are these packets? Why aren't there in HTTPS? > > > Is my redirection method with privoxy is secure? The keys to legitimate certificates may fall in the hands of bad guys (e.g. when they hack a HTTPS server). This would allow the bad guys to redirect your HTTPS connections to their own machines without you seeing any warnings until the stolen certificates are no longer valid (which should allow them something like a year to steal your credit card). In order to prevent this, your computer asks a special server whether the certificate has been revoked. This is done over the OCSP protocol (there are other solutions); the connection is not encrypted, but the OCSP server's responses are digitally signed. So yes, your setup seems to work just fine (or as well as SSL does in the first place). The "HTTPS Everywhere" Firefox extension would be a less hacky solution, though. Joachim -- PotD: biology/bioperl - perl tools for bioinformatics http://www.joachimschipper.nl/
Re: obtaining openbsd.pbr from windows 7
On Wed, Mar 09, 2011 at 01:01:17PM +0100, marc wrote: > On 3/7/2011 9:03 PM, Joachim Schipper wrote: > >I have no idea what you think you've been told, but: > > > >a) do NOT post private mail publicly - it's rude; > Sorry. I didn't realize. > > >b) follow the FAQ, including the 'r' in /dev/rsd0a - it works. > > Thanks Joachim. That's it, it works. I didn't know what rsd0a meant as > fdisk and disklabel were refering to sd0a... > > I think it would be nice to add a little note in the docs explaining > what 'r' stands for and that you should add it in front of your device > name to access it while being used. The distinction between raw character devices and block devices is very old and fundamental in Unixes. It will be hard to add that little note in all places it might be useful. The hints are there in the docs and probably in the archives to be found... dd(1): : EXAMPLES Write an OpenBSD floppy image to a floppy disk: # dd if=floppy34.fs of=/dev/rfd0c bs=32k Create an ISO-9660 image of a CD-ROM: # dd if=/dev/rcd0c of=disk.iso bs=32k disklabel(8): : diskSpecify the disk to operate on. It can be specified by its full pathname, by an abbreviated disk form, or by its disklabel UID. In its abbreviated form, the path to the device, the `r' denoting "raw device", and the partition letter, can all be omitted. For example, the first IDE disk can be specified as either /dev/rwd0c, /dev/wd0c, or wd0. FAQ 14 - Disk Setup : Partition identification An OpenBSD filesystem is identified by the disk it is on, plus the file system partition on that disk. So, file systems may be identified by identifiers like "sd0a" (the "a" partition of the first "sd" device), "wd2h" (the "h" partition of the third "wd" device), or "sd1c" (the entire second sd device). The device files would be /dev/sd0a for the block device, /dev/rsd0a would be the device file for the "raw" (character) device. > > I also think it would be great to add msdos and ntfs support in the > installation cdrom (no it's not there). Ubuntu has it, it should be > possible. There is msdos filesystem support in bsd.rd: OpenBSD 4.9-beta (RAMDISK_CD) #304: Tue Feb 1 19:19:33 MST 2011 # mount -t msdos /dev/sd0i /mnt It works just fine. The mount programs in /sbin in bsd.rd are: mount_cd9660, mount_ext2fs, mount_ffs, mount_msdos and mount_udf. There is no newfs_msdos, if that is what you mean. Nevertheless msdos filesystems are preferably created from Windows. That ramdisk kernel should be the same as on an install CD. I have used mount_msdos from bsd.rd numerous times to transfer an OpenBSD boot sector to the Windows bootloader using a msdos partition on a USB flash key. You can even partition the disk from the OpenBSD installer, create the msdos filesystem from Windows, and mount it writable from OpenBSD. > > openbcd looks interesting but it's a shame it's not open source... > > thanks everybody for your comments, > > best > marc -- / Raimo Niskanen, Erlang/OTP, Ericsson AB
Re: restore wants a new tape but none exists!
Brett Lymn writes: > [...] > The safest way to do a dump is when the machine is in single user mode > for this very reason but many people play fast and loose because they > cannot wear the outage for a backup, in that case you must quiesce the > file systems as best you can. Really, this is well known unix sys > admin procedure. That make sense but it makes me wonder how one practically use dump/restore to do regular backup ? Tell users, go to the machine room, boot -s and dump ? I thought that it was something done in cron on a running machine. -- Manuel Giraud
Re: OpenBSD 4.8 HP ProLiant DL360 G7 Install OK?
On Wed, Mar 09, 2011 at 11:39:16AM +0100, rancor wrote: > I have been asking for how I can provide more information but the question > was not answered. Im not whining, Im just providing my experience. > > I would be happy to provide more information if some body asked my in my > report and also told me what to do because I don't know and If I did I had > provided that information in the first place. > > If you got better experience with DL360 G7 (and G6) please tell us how your > setup was so that this user can install without any problem and I can > resolve my issues. In other case please shut up with your lame attitude and > start to help instead of beeing an arsehole. The requirements for a useful bug report are also laid out at http://openbsd.org/report.html Of particular interest in point 5 of "How to Create a Bug Report" is "Panic reports without panic message, traceback and ps output are useless." And if one follows the link in the PR, this is indeed a panic report, not a system hang. With no trace of the crash or even mentioning the panic message, the report does not provide anything we can work on. The panic message is visible via the link you posted but would be more likely to be read if included in the report. All that said, many many bugs in pfsync/carp in particular are fixed in 4.9, and reproducing the problem on 4.9-current would be extremely useful. A 4.6 report with no useful information is likely to be closed soon. Ken
Re: OpenBSD 4.8 HP ProLiant DL360 G7 Install OK?
No, sadly not. The machines are now in use and I don't have any to spare. I needed that information when I reported the problem, it's kind of late now but I sure will use the information next time I run into problem when I'm validating a new environment. Best Regards 2011/3/9 Tobias Ulmer : > On Wed, Mar 09, 2011 at 11:39:16AM +0100, rancor wrote: >> I have been asking for how I can provide more information but the question >> was not answered. Im not whining, Im just providing my experience. >> >> I would be happy to provide more information if some body asked my in my >> report and also told me what to do because I don't know and If I did I had >> provided that information in the first place. >> >> If you got better experience with DL360 G7 (and G6) please tell us how your >> setup was so that this user can install without any problem and I can >> resolve my issues. In other case please shut up with your lame attitude and >> start to help instead of beeing an arsehole. > > Awww, how about you take a cold shower and read the mail again. The first > paragraph has all the steps to write a more detailed bug report. > >> >> Regards >> Den 9 mar 2011 11.21 skrev "Tobias Ulmer" : >> > On Wed, Mar 09, 2011 at 08:03:25AM +0100, rancor wrote: >> >> We are running stock OpenBSD 4.8 on several DL360 G6 and G7 and a >> >> additional HP NC364T PCI Express Quad Port Gigabit Server Adapter. We >> >> are running them in pairs as a firewall cluster with pfsync and carp >> >> and also as stand alone as a router but we have problem with random >> >> freezes. We have tried both AMD64 and i386, all patched up to latest >> >> errata but we can't make them work stable. Now are we using VMware >> >> ESXi as a layer between the hardware and OpenBSD and every thing works >> >> just perfect, not a single freeze since we did this .. work around >> >> >> >> Our bug report on this matter: >> >> http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yes&numbers=6321 >> > >> > That bug report is not very useful to a developer and way too old. Get a >> > serial cable and run the latest snapshot (without disabling any >> > devices). Capture dmesg and panic, type "trace", "ps" - "show >> > registers" may also be helpful. No screenshots. >> > >> > If you want help, YOU need to provide this information OR ship the hw to >> > someone who wants to look into it. Whining on misc@ is certainly not >> > going to fix anything. >> > >> >> >> >> Since we don't know how to resolve this our future with OpenBSD is >> >> most unsure, we have more then 50 installations on different platforms >> >> and it's only G6 och G7 that are causing any problem. >> >> >> >> It's hard to say if it's only us since I never hear anything about >> >> this issue but we sure feels alone. >> >> >> >> Regards >> >> >> >> 2011/3/9 l l j7 : >> >> > I am looking to purchase the server for OpenBSD 4.8 >> >> > >> >> > OpenBSD 4.8 HP ProLiant DL360 G7 Install OK? >> >> > >> >> > Or another Recent HP Server ? >> >> > >> >> > >> >> > >> >> > Help me PLZ
Re: obtaining openbsd.pbr from windows 7
On 2011-03-09, marc wrote: > I also think it would be great to add msdos and ntfs support in the > installation cdrom (no it's not there). msdos support *is* there on most arch. ntfs support wouldn't be worth the space, considering you can't safely write files with it. > Ubuntu has it irrelevant.
Re: OpenBSD 4.8 HP ProLiant DL360 G7 Install OK?
>From an HP DL360 G6... OpenBSD 4.7 (GENERIC.MP) #1: Fri Feb 11 22:42:45 UTC 2011 r...@example.com:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Xeon(R) CPU E5504 @ 2.00GHz ("GenuineIntel" 686-class) 2.01 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR real mem = 3747373056 (3573MB) avail mem = 3647221760 (3478MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/31/99, BIOS32 rev. 0 @ 0xf, SMBIOS rev. 2.6 @ 0xdf7fe000 (127 entries) bios0: vendor HP version "P64" date 03/30/2010 bios0: HP ProLiant DL360 G6 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP SPCR MCFG HPET SPMI ERST APIC SRAT BERT HEST DMAR SSDT SSDT SSDT SSDT SSDT acpi0: wakeup devices acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: unknown i686 model 0x1a, can't get bus clock (0x0) cpu0: apic clock running at 133MHz cpu1 at mainbus0: apid 4 (application processor) cpu1: Intel(R) Xeon(R) CPU E5504 @ 2.00GHz ("GenuineIntel" 686-class) 2.01 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Xeon(R) CPU E5504 @ 2.00GHz ("GenuineIntel" 686-class) 2.01 GHz cpu2: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR cpu3 at mainbus0: apid 6 (application processor) cpu3: Intel(R) Xeon(R) CPU E5504 @ 2.00GHz ("GenuineIntel" 686-class) 2.01 GHz cpu3: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16, xTPR ioapic0 at mainbus0: apid 8 pa 0xfec0, version 20, 24 pins ioapic1 at mainbus0: apid 0 pa 0xfec8, version 20, 24 pins acpiprt0 at acpi0: bus 1 (IP2P) acpiprt1 at acpi0: bus -1 (IPT1) acpiprt2 at acpi0: bus 3 (PT01) acpiprt3 at acpi0: bus 10 (PT02) acpiprt4 at acpi0: bus 7 (PT03) acpiprt5 at acpi0: bus 11 (PT04) acpiprt6 at acpi0: bus 12 (PT05) acpiprt7 at acpi0: bus 13 (PT06) acpiprt8 at acpi0: bus 14 (PT07) acpiprt9 at acpi0: bus 2 (PT08) acpiprt10 at acpi0: bus 4 (PT09) acpiprt11 at acpi0: bus 15 (PT0A) acpiprt12 at acpi0: bus 0 (PCI0) acpicpu0 at acpi0: C3, C3, C1 acpicpu1 at acpi0: C3, C3, C1 acpicpu2 at acpi0: C3, C3, C1 acpicpu3 at acpi0: C3, C3, C1 acpitz0 at acpi0: critical temperature 31 degC bios0: ROM list: 0xc/0xb000 0xcb000/0x3600! 0xce600/0x2c00! 0xd1200/0x4000 ipmi at mainbus0 not configured cpu0: EST: PSS not yet available for this processor pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 "Intel 5520 Host" rev 0x13 ppb0 at pci0 dev 1 function 0 "Intel X58 PCIE" rev 0x13 pci1 at ppb0 bus 3 ciss0 at pci1 dev 0 function 0 "Hewlett-Packard Smart Array" rev 0x01: apic 0 int 4 (irq 7) ciss0: 1 LD, HW rev 2, FW 3.00/3.00, 64bit fifo rro scsibus0 at ciss0: 1 targets sd0 at scsibus0 targ 0 lun 0: SCSI3 0/direct fixed sd0: 69973MB, 512 bytes/sec, 143305920 sec total ppb1 at pci0 dev 2 function 0 "Intel X58 PCIE" rev 0x13 pci2 at ppb1 bus 10 ppb2 at pci0 dev 3 function 0 "Intel X58 PCIE" rev 0x13 pci3 at ppb2 bus 7 em0 at pci3 dev 0 function 0 "Intel PRO/1000 PT (82571EB)" rev 0x06: apic 0 int 0 (irq 7), address 00:15:17:ff:ff:ff em1 at pci3 dev 0 function 1 "Intel PRO/1000 PT (82571EB)" rev 0x06: apic 0 int 10 (irq 11), address 00:15:17:ff:ff:ff ppb3 at pci0 dev 4 function 0 "Intel X58 PCIE" rev 0x13 pci4 at ppb3 bus 11 ppb4 at pci0 dev 5 function 0 "Intel X58 PCIE" rev 0x13 pci5 at ppb4 bus 12 ppb5 at pci0 dev 6 function 0 "Intel X58 PCIE" rev 0x13 pci6 at ppb5 bus 13 ppb6 at pci0 dev 7 function 0 "Intel X58 PCIE" rev 0x13 pci7 at ppb6 bus 14 ppb7 at pci0 dev 8 function 0 "Intel X58 PCIE" rev 0x13 pci8 at ppb7 bus 2 bnx0 at pci8 dev 0 function 0 "Broadcom BCM5709" rev 0x20: apic 0 int 7 (irq 7) bnx1 at pci8 dev 0 function 1 "Broadcom BCM5709" rev 0x20: apic 0 int 15 (irq 11) ppb8 at pci0 dev 9 function 0 "Intel X58 PCIE" rev 0x13 pci9 at ppb8 bus 4 ppb9 at pci0 dev 10 function 0 "Intel X58 PCIE" rev 0x13 pci10 at ppb9 bus 15 pchb1 at pci0 dev 13 function 0 vendor "Intel", unknown product 0x343a rev 0x13 pchb2 at pci0 dev 13 function 1 vendor "Intel", unknown product 0x343b rev 0x13 pchb3 at pci0 dev 13 function 2 vendor "Intel", unknown product 0x343c rev 0x13 pchb4 at pci0 dev 13 function 3 vendor "Intel", unknown product 0x343d rev 0x13 pchb5 at pci0 dev 13 function 4 "Intel 5520/X58 QuickPath" rev 0x13 pchb6 at pci0 dev 13 function 5 "Intel 5520 QuickPath" rev 0x13 pchb7 at pci0 dev 13 function 6 vendor "Intel", unknown product 0x341a rev 0x13 pchb8 at pci0 dev 14 function 0 vendor "Intel", unknown product 0x341c rev 0x
Re: obtaining openbsd.pbr from windows 7
On 3/7/2011 9:03 PM, Joachim Schipper wrote: I have no idea what you think you've been told, but: a) do NOT post private mail publicly - it's rude; Sorry. I didn't realize. b) follow the FAQ, including the 'r' in /dev/rsd0a - it works. Thanks Joachim. That's it, it works. I didn't know what rsd0a meant as fdisk and disklabel were refering to sd0a... I think it would be nice to add a little note in the docs explaining what 'r' stands for and that you should add it in front of your device name to access it while being used. I also think it would be great to add msdos and ntfs support in the installation cdrom (no it's not there). Ubuntu has it, it should be possible. openbcd looks interesting but it's a shame it's not open source... thanks everybody for your comments, best marc
Re: OpenBSD 4.8 HP ProLiant DL360 G7 Install OK?
On Wed, Mar 09, 2011 at 11:39:16AM +0100, rancor wrote: > I have been asking for how I can provide more information but the question > was not answered. Im not whining, Im just providing my experience. > > I would be happy to provide more information if some body asked my in my > report and also told me what to do because I don't know and If I did I had > provided that information in the first place. > > If you got better experience with DL360 G7 (and G6) please tell us how your > setup was so that this user can install without any problem and I can > resolve my issues. In other case please shut up with your lame attitude and > start to help instead of beeing an arsehole. Awww, how about you take a cold shower and read the mail again. The first paragraph has all the steps to write a more detailed bug report. > > Regards > Den 9 mar 2011 11.21 skrev "Tobias Ulmer" : > > On Wed, Mar 09, 2011 at 08:03:25AM +0100, rancor wrote: > >> We are running stock OpenBSD 4.8 on several DL360 G6 and G7 and a > >> additional HP NC364T PCI Express Quad Port Gigabit Server Adapter. We > >> are running them in pairs as a firewall cluster with pfsync and carp > >> and also as stand alone as a router but we have problem with random > >> freezes. We have tried both AMD64 and i386, all patched up to latest > >> errata but we can't make them work stable. Now are we using VMware > >> ESXi as a layer between the hardware and OpenBSD and every thing works > >> just perfect, not a single freeze since we did this .. work around > >> > >> Our bug report on this matter: > >> http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yes&numbers=6321 > > > > That bug report is not very useful to a developer and way too old. Get a > > serial cable and run the latest snapshot (without disabling any > > devices). Capture dmesg and panic, type "trace", "ps" - "show > > registers" may also be helpful. No screenshots. > > > > If you want help, YOU need to provide this information OR ship the hw to > > someone who wants to look into it. Whining on misc@ is certainly not > > going to fix anything. > > > >> > >> Since we don't know how to resolve this our future with OpenBSD is > >> most unsure, we have more then 50 installations on different platforms > >> and it's only G6 och G7 that are causing any problem. > >> > >> It's hard to say if it's only us since I never hear anything about > >> this issue but we sure feels alone. > >> > >> Regards > >> > >> 2011/3/9 l l j7 : > >> > I am looking to purchase the server for OpenBSD 4.8 > >> > > >> > OpenBSD 4.8 HP ProLiant DL360 G7 Install OK? > >> > > >> > Or another Recent HP Server ? > >> > > >> > > >> > > >> > Help me PLZ
Re: OpenBSD 4.8 HP ProLiant DL360 G7 Install OK?
I have been asking for how I can provide more information but the question was not answered. Im not whining, Im just providing my experience. I would be happy to provide more information if some body asked my in my report and also told me what to do because I don't know and If I did I had provided that information in the first place. If you got better experience with DL360 G7 (and G6) please tell us how your setup was so that this user can install without any problem and I can resolve my issues. In other case please shut up with your lame attitude and start to help instead of beeing an arsehole. Regards Den 9 mar 2011 11.21 skrev "Tobias Ulmer" : > On Wed, Mar 09, 2011 at 08:03:25AM +0100, rancor wrote: >> We are running stock OpenBSD 4.8 on several DL360 G6 and G7 and a >> additional HP NC364T PCI Express Quad Port Gigabit Server Adapter. We >> are running them in pairs as a firewall cluster with pfsync and carp >> and also as stand alone as a router but we have problem with random >> freezes. We have tried both AMD64 and i386, all patched up to latest >> errata but we can't make them work stable. Now are we using VMware >> ESXi as a layer between the hardware and OpenBSD and every thing works >> just perfect, not a single freeze since we did this .. work around >> >> Our bug report on this matter: >> http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yes&numbers=6321 > > That bug report is not very useful to a developer and way too old. Get a > serial cable and run the latest snapshot (without disabling any > devices). Capture dmesg and panic, type "trace", "ps" - "show > registers" may also be helpful. No screenshots. > > If you want help, YOU need to provide this information OR ship the hw to > someone who wants to look into it. Whining on misc@ is certainly not > going to fix anything. > >> >> Since we don't know how to resolve this our future with OpenBSD is >> most unsure, we have more then 50 installations on different platforms >> and it's only G6 och G7 that are causing any problem. >> >> It's hard to say if it's only us since I never hear anything about >> this issue but we sure feels alone. >> >> Regards >> >> 2011/3/9 l l j7 : >> > I am looking to purchase the server for OpenBSD 4.8 >> > >> > OpenBSD 4.8 HP ProLiant DL360 G7 Install OK? >> > >> > Or another Recent HP Server ? >> > >> > >> > >> > Help me PLZ
Re: what is the “Online Certificate Status Protocol”
On 03/09/11 09:30, erikmccaskey64 wrote: > I use privoxy. In the user.action file i have a redirect rule and a few > websites: > > > { +redirect{s@http://@https://@} } > .twitter.com > .facebook.com > > > Ok! it's working great, e.g.: if i visit any "*twitter.com" URL it gets > redirected to HTTPS! > > > But: with wireshark i can see some "OCSP" packets [ > http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol ] > > > Question: What are these packets? Why aren't there in HTTPS? > > > Is my redirection method with privoxy is secure? > > > Thank you for any tips/opinions! > > Hi, SSL Certificates chains should be validated before they are used, OCSP is one method used as part of the validation process, this is done during the establishment of an SSL connection and is not encrypted. SSL encryption should only be used once the certificate / public key chain has been validated. If a certificate chain is compromised you don't want to use it, because someone might be decrypting the traffic thought to be safe. Look in the certificates you will find URLs for CRL, and/or OSCP. Regards Nigel Taylor
Re: Custom bsd.rd contents
Hi, On Sun, 27.02.2011 at 18:52:28 -0500, Adam Van Ymeren wrote: > I'm trying to modify the contents of the ram disk in a bsd.rd kernel. > Is there any documentation on this process? Or can anyone point in my > a good direction to start looking? you might find this example interesting: http://nbender.com/install.netboot/install.html Kind regards, --Toni++
Re: OpenBSD 4.8 HP ProLiant DL360 G7 Install OK?
On Wed, Mar 09, 2011 at 08:03:25AM +0100, rancor wrote: > We are running stock OpenBSD 4.8 on several DL360 G6 and G7 and a > additional HP NC364T PCI Express Quad Port Gigabit Server Adapter. We > are running them in pairs as a firewall cluster with pfsync and carp > and also as stand alone as a router but we have problem with random > freezes. We have tried both AMD64 and i386, all patched up to latest > errata but we can't make them work stable. Now are we using VMware > ESXi as a layer between the hardware and OpenBSD and every thing works > just perfect, not a single freeze since we did this .. work around > > Our bug report on this matter: > http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yes&numbers=6321 That bug report is not very useful to a developer and way too old. Get a serial cable and run the latest snapshot (without disabling any devices). Capture dmesg and panic, type "trace", "ps" - "show registers" may also be helpful. No screenshots. If you want help, YOU need to provide this information OR ship the hw to someone who wants to look into it. Whining on misc@ is certainly not going to fix anything. > > Since we don't know how to resolve this our future with OpenBSD is > most unsure, we have more then 50 installations on different platforms > and it's only G6 och G7 that are causing any problem. > > It's hard to say if it's only us since I never hear anything about > this issue but we sure feels alone. > > Regards > > 2011/3/9 llj7 : > > I am looking to purchase the server for OpenBSD 4.8 > > > > OpenBSD 4.8 HP ProLiant DL360 G7 Install OK? > > > > Or another Recent HP Server ? > > > > > > > > Help me PLZ
Re: Ideas for securing OpenVPN on an OpenWrt router
On Tue, 08 Mar 2011 23:40:16 -0800 erikmccaskey64 wrote: > 3 - if i don't use my router - e.g.: when i'm sleeping i just turn it > off. Well that's a controversial one, yes it's said an attacker will wait to see if your online for long before attacking but it's more of a Windows type defence and could be seen as trading security for obscurity. The boot up phase whilst likely one of the cleanest stages is also one of the most priviledged and vulnerable. Of course it's a lot easier to protect your bios/chips and have a read only root on OpenBSD ;-) which IMO is definately the best OS for a router money can buy. I can't believe off the shelf linux routers being rebooted is tollerated or ones that send packets you haven't told them too (cisco and a freebsd one I had). I was in PC World seeing out of interest if they had ANY laptops that weren't widescreen once and asked if this laser printer came with toners more than a third full (printers cheaper than the toners!!!). He said I'll have a lookHold on I'll just go and reset the router, and they're the ones telling people what to buy, too.
Re: Ideas for securing OpenVPN on an OpenWrt router
ohh, ok, got it! my opinion: using vpn with tcp could be good, because there could be firewalls only allowing tcp [on port e.g.: 443], if you want to vpn home from youre workplace Be Wed, 09 Mar 2011 01:11:38 -0800 Rod WhitworthC-rta On Tue, 08 Mar 2011 23:40:16 -0800, erikmccaskey64 wrote: >Why does using only UDP gives more security?? He didn't say it did. TCP-over-TCP is the problem. TCP-over-UDP is less fractious. http://sites.inka.de/bigred/devel/tcp-tcp.html *** NOTE *** Please DO NOT CC me. I subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
what is the “Online Certificate Status Protocol”
I use privoxy. In the user.action file i have a redirect rule and a few websites: { +redirect{s@http://@https://@} } .twitter.com .facebook.com Ok! it's working great, e.g.: if i visit any "*twitter.com" URL it gets redirected to HTTPS! But: with wireshark i can see some "OCSP" packets [ http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol ] Question: What are these packets? Why aren't there in HTTPS? Is my redirection method with privoxy is secure? Thank you for any tips/opinions!
Re: Ideas for securing OpenVPN on an OpenWrt router
On Tue, 08 Mar 2011 23:40:16 -0800, erikmccaskey64 wrote: >Why does using only UDP gives more security?? He didn't say it did. TCP-over-TCP is the problem. TCP-over-UDP is less fractious. http://sites.inka.de/bigred/devel/tcp-tcp.html *** NOTE *** Please DO NOT CC me. I subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
Vos clients vous paient tous au jour prevu ?
Si vous ne visualisez pas ce message, suivez ce lien En partenariat avec FRANCE CREANCES Comment iviter l'impayi et encaisser vos factures ` ichiance ? Une journie de formation pour optimiser votre recouvrement et amiliorer votre trisorerie en priservant votre image commerciale La journie de formation au "recouvrement par tiliphone", c'est : gagner en compitence et renforcer l'efficaciti du recouvrement. compliter ses connaissances par une mithodologie de relances. cerner l'intirjt d'un encaissement rapide en tenant compte des spicificitis de chaque mitier. Le formateur : Madeleine GORRIAS Dipltmie d'itudes supirieures de Doctorat en Droit, est spicialisie dans le traitement d'impayis et a diveloppi pour les clients de FRANCE CREANCES une approche concrhte de tout ce qui concerne la gestion du risque client. Les + de GORRIAS CONSULTANTS : les formations de GORRIAS CONSULTANTS sont certifiies ISO 9001. l'agriment des formations qui permet la prise en charge auprhs de votre OPCA. Les participants recevront gratuitement le "Lexique juridique pour l'entreprise" dont Madeleine GORRIAS est co-auteur. Un support de formation remis ` chaque stagiaire. Une assistance GRATUITE par le formateur pendant les 3 mois suivants la formation. Ils ont fait confiance ` GORRIAS CONSULTANTS : A+BENNES, ACTIMAIL, ATELIER DES TERRITOIRES, AIRCELLES (GROUPE SAFRAN), ARTISANAT SEL, BATIR ET VOIR, BRIOUDE INTERNET, BURO CLUB, CABINET SURIA, ARTCHITECTE, CIVEDI, ESPACE ISOLATION, EFFIA PARKING, FRANCE INDUSTRIE, FERMIERS DE ROCAMADOUR, HOLDING TROPHY, HORIZON SOFTWARE, IRFIP, INTERNET.FR, SIMON AVOCATS ASSOCIES, IPSOS FRANCE, JS SERVICES, PANAMETRICS, MINALE DESIGN STRATEGY, MT3E, MASTER IMPACT, ORDINAL, TECHNOLOGIES, POTEL & CHABOT, TELECONTACT, SOFRECOM, SOGIRC, SOGECID, WEB ISI, EXPERTISE GALTIER, IDFA, UDOWEB, FASTBOOKING, HUHTAMAKI, SPRING TECHNOLOGIES, OTIS, INTUITION INFORMATIQUE, FITEC, LAN, JOURNAL LA LOI, OCAI, IVALUA, BASF, TRANSPORTS FOURNIER, CABINET D'EXPERTS COMPTABLES CREUZOT, etc. Pour vous disabonner, collez ce lien dans votre navigateur : http://www.gce-mailer-15.com/unsuscribe.asp?lang=francais&id_formulaire=4&email=misc@openbsd.org&id_message=824