Re: spammers getting less stupid?
/ Kurt Mosiejczuk wrote on Thu 1.Nov'12 at 16:02:06 -0400 / Jan Stary wrote: Strangely, the only occurence of 2.139.201.210 in the last month's maillog is just this; that's half an hour after it got WHITE. What happend at Mon Oct 29 14:49:24 CET 2012 that made it WHITE? Anyway, it seems (some) spambots got less demented and actually do resend, getting themselves whitelisted - thus working themselves around the whole premise of greylisting. Are people seeing something similar? I'm seeing it. I recently tweaked my greyscanner settings to pick up some spammers getting through who shouldn't (they were staying just under the threshold for further scrutiny). But I've still been getting a couple a day, and they only just got themselves whitelisted. So, you are not alone... --Kurt Yep, me too. It's constant battle. I spend quite a bit of time looking through logs for ip's to block.
Re: Syslog to remote server and local file
* Andy Bradford (amb-open...@bradfords.org) wrote: Thus said Joakim Aronius on Thu, 01 Nov 2012 17:54:28 BST: !!spamd daemon.err;daemon.warn;daemon.info /var/log/spamd daemon.err;daemon.warn;daemon.info @logserver A careful reading of man syslog.conf would seem to indicate that you can do something like: !spamd daemon.err;daemon.warn;daemon.info/var/log/spamd !!spamd daemon.err;daemon.warn;daemon.info@logserver Indeed, thanks a lot Andy. /Joakim
Re: smtpd(8), aliases(5), forward(5): non-zero exit code causes deliveries abort
On Thu, Nov 01, 2012 at 03:37:24PM +0100, Jan Stary wrote: On Apr 14 19:48:24, mcmer-open...@tor.at wrote: hello (opensmtpd-) folks, I think OpenSMTPd aborts delivery to multiple aliased recipients as soon as a delivery attempt returns non-zero. I consider this unwanted: a super user defined delivery list in aliases(5) is not applied if some foolish luser messes up her/his .forward. It shouldn't abort delivery to multiple aliases recipients if a *delivery* fails. If a ~/.forward file is messed up, the session will reject the recipient and failure will be logged, but in no circumstances should a mail be accepted then fail a whole recipient list because one delivery failed. are you sure that's what happening ? can you provide a smtpd -dv log while you reproduce the issue ? How I found out about this: in aliases(5): foobar: b_user, a_user (Verbose log shows this get's reordered to a_user, b_user. I'm not sure that is good.) It's expected and should have no effect, don't worry ;) forward(5) of a_user (that's the one tried first) |/usr/local/bin/procmail after that delivery to b_user is not attempted. THis is relevant to my previous post: why is procmail failing here in the first place? I find that procmail always fails for me without the -f option. No idea, maybe procmail is still running and waiting for something to quit ? Can you check for the procmail process with top ? If so, then it's expected and the process will be killed after a few minutes. I don't understand why delivery to user_b doesn't take place though, can you provide logs ? -- Gilles Chehade https://www.poolp.org @poolpOrg
Re: smtpd(8), aliases(5), forward(5): non-zero exit code causes deliveries abort
forward(5) of a_user (that's the one tried first) |/usr/local/bin/procmail after that delivery to b_user is not attempted. THis is relevant to my previous post: why is procmail failing here in the first place? I find that procmail always fails for me without the -f option. No idea, maybe procmail is still running and waiting for something to quit ? Can you check for the procmail process with top ? What happens is that procmail actually does append the message to the appropriate mailbox, but without the leading 'From ' line. (And apparently, it exits with a nonzero status, thus disturbing smtpd, which was the OP's problem as I understood it.) Jan
Re: spammers getting less stupid?
For instance on one mailserver I took over, I noticed that after adding a Spamhaus sbl-xbl check, required rDNS, and other basic stuff like requiring a legitimate HELO/EHLO, spam attempts dropped by perhaps a factor of 100. It was shocking. When you required rDNS I bet false positives went up by a factor of 1000. Many DSL users who have an ounce of security understanding and unhelpful ISPs will be blocked by that. Check the forums for annoyed MTA users. Anyway, it seems (some) spambots got less demented and actually do resend, getting themselves whitelisted - thus working themselves around the whole premise of greylisting. Lots of spammers use snowshoe hosts now, which run normal MTA software. The first rule of spamkill club. A spammer should not know your address The second rule of spamkill club. A spammer should not know your address If an address gets too much spam, warn that you will kill that address and educate. At the very least be pro-active from now on with disposable addresses. Your users will be very happy in the end when they are surprised by who the spam instigating culprits are especially when they have violated their policies. Then use spamd to cost spammers money. Even on old highly spammed addresses I get very few spam through and only the occasional false positive which I catch, usually due to the quorum.to list but it does catch some that other lists don't and more than it false positives so I haven't deleted it, yet. Far better than UK2s top anti-spam level which had a lot of false positives. -- ___ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) ___
Re: ttyC5, keyboard doesn't work : solved
I just put this in my .profile : echo running X ... /bin/sleep 5 /usr/X11R6/bin/startx -- Wesley Le 2012-11-02 9:25, Wesley a écrit : Le 2012-10-31 17:30, MERIGHI Marcus a écrit : I would try in .Xdefaults XTerm*loginShell:false OR you could do the following in .profile: pgrep -f -x /usr/X11R6/bin/X .* || /usr/X11R6/bin/xinit Hi, I tried both solutions. No error messages, but keyboard doesn't work. Cheers, Wesley
Re: spammers getting less stupid?
For instance on one mailserver I took over, I noticed that after adding a Spamhaus sbl-xbl check, required rDNS, and other basic stuff like requiring a legitimate HELO/EHLO, spam attempts dropped by perhaps a factor of 100. It was shocking. Required rDNS, so false positives went up by a factor of 1000. Many DSL users who have an ounce of security understanding and unhelpful ISPs will be blocked by that. Check the forums for annoyed MTA users. Anyway, it seems (some) spambots got less demented and actually do resend, getting themselves whitelisted - thus working themselves around the whole premise of greylisting. Lots of spammers use snowshoe hosts now, which run normal MTA software. The first rule of spamkill club. A spammer should not know your address The second rule of spamkill club. A spammer should not know your address If a user gets too much spam warn you will kill that address and educate. At the very least be pro-active from now on with disposable addresses. Your users will be very happy in the end when they are surprised by who the spam instigating culprits are especially when they have violated their policies. Even on old highly spammed addresses I get very few spam through and only the occasional false positive which I catch, usually due to the quorum.to list but it does catch some that other lists don't and more than it false positives so I haven't deleted it, yet. Far better than UK2s top anti-spam level which had a lot of false positives. -- ___ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) ___
Re: Upgrade to 5.2?
On 11/01/2012 07:04 AM, Kurt Mosiejczuk wrote: Otto Moerbeek wrote: untarring the sets and copying the kernel by hand is not recommended. I used the perfect phrase for this in a presentation on PF a week ago: You wouldn't ever do this... unless maybe you hate yourself. --Kurt Err, I do this all the time. if there is a better way I would love to hear it. as I pretty much had to figure it out myself. See my use case is I have a number of netboot trees and when I want to update one of them I have found the best way is to untar all the sets and put the kernel where it can be found, really I just more or less followed what the install script did. The hard part was getting /dev(first sparc64 machine) built. I think I used bsd.rd for this. I was going off the theory different archs would have different dev numbers(I could be wrong) Every once in a while I work on scripting the process but this is just for fun right now.
5.2 SSD machine won't boot
hp laptop with Intel SSD won't boot under 5.2 - the problem reported on screen appears to be the one described here: http://old.nabble.com/Re%3A-Fwd%3A--mSATA-failure-on-6501-w--OpenBSD-5.0-td32881415.html#a32884546 ahci0: stopping the port, softreset slot 31 was still active. ahci0: failed to reset port during timeout handling, disabling it Does anyone have a patch to try or is there a way to boot into the full system starting from a CD or network boot? -- devin -- Devin M. Ceartas, owner NacreData L.L.C. nacred...@gmail.com i...@nacredata.com (919) 442-8899 AIM: nacredata skype IM: nacredata
Re: 5.2 SSD machine won't boot
On Fri, Nov 2, 2012 at 2:39 PM, Devin Ceartas nacred...@gmail.com wrote: hp laptop with Intel SSD won't boot under 5.2 - the problem reported on Do you have a chance to try current snapshot on that? screen appears to be the one described here: http://old.nabble.com/Re%3A-Fwd%3A--mSATA-failure-on-6501-w--OpenBSD-5.0-td32881415.html#a32884546 ahci0: stopping the port, softreset slot 31 was still active. ahci0: failed to reset port during timeout handling, disabling it Does anyone have a patch to try or is there a way to boot into the full system starting from a CD or network boot? -- devin -- Devin M. Ceartas, owner NacreData L.L.C. nacred...@gmail.com i...@nacredata.com (919) 442-8899 AIM: nacredata skype IM: nacredata
low signal strength hostap
Description: I have two very identical box with integrated wlan. One of them have ral device and there is no problem with it: ral0 at pci1 dev 0 function 0 Ralink RT3090 rev 0x00: apic 2 int 16, address 00:12:0e:b1:6e:c7 ral0: MAC/BBP RT3071 (rev 0x0213), RF RT3020 (MIMO 1T1R) I'm able to work with wlan in large office with many rooms. Another system have rum device and even I change default antenna to: http://www.tp-link.com/en/products/details/?categoryid=217model=TL-ANT2408C#spec I only able to work with wifi near the box. At five meters distance signal and speed are lost. Second box inside: http://i.piccy.info/i7/1a7b8b084d13e55847dcd752803b92a4/4-48-83/45834655/SAM_5902.jpg uname: OpenBSD gw2.kh 5.2 GENERIC.MP#339 i386 dmesg: rum0 at uhub2 port 3 Ralink 802.11 bg WLAN rev 2.00/0.01 addr 3 rum0: MAC/BBP RT2573 (rev 0x2573a), RF RT2528, address 00:24:21:8b:7b:aa ifconfig rum0 rum0: flags=28843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,NOINET6 mtu 1500 lladdr 00:24:21:8b:7b:aa priority: 4 groups: wlan media: IEEE802.11 autoselect mode 11g hostap status: active ieee80211: nwid Monkey chan 8 bssid 00:24:21:8b:7b:aa wpakey 0xef79762bd4241d691eeaf9d5281a9604b62a96374ead5be90b6d012b92c7522e wpaprotos wpa2 wpaakms psk wpaciphers tkip,ccmp wpagroupcipher tkip 100dBm inet 192.168.44.1 netmask 0xff00 broadcast 192.168.44.255
5.2 SSD machine won't boot
hp laptop with Intel SSD won't boot under 5.2 - the problem reported on screen appears to be the one described here: http://old.nabble.com/Re%3A-Fwd%3A--mSATA-failure-on-6501-w--OpenBSD-5.0-td32881415.html#a32884546 ahci0: stopping the port, softreset slot 31 was still active. ahci0: failed to reset port during timeout handling, disabling it Does anyone have a patch to try or is there a way to boot into the full system starting from a CD or network boot? -- devin
Re: spammers getting less stupid?
On Fri, Nov 02, 2012 at 09:55:56AM +, Kevin Chadwick wrote: When you required rDNS I bet false positives went up by a factor of 1000. No, legitimate traffic remained steady and not a single complaint was registered. YMMV. Back on topic, in my personal experience, spamd is more effective than the Spamhaus zen or sbl-xbl lists by a good margin (remember not to use both, as the former contains the latter). Also it seems that the gulf is widening, making spamd even more valuable than before. But everyone's traffic is different. Nicolai
Re: 5.2 SSD machine won't boot
On 11/2/2012 6:39 AM, Devin Ceartas wrote: hp laptop with Intel SSD won't boot under 5.2 - the problem reported on screen appears to be the one described here: http://old.nabble.com/Re%3A-Fwd%3A--mSATA-failure-on-6501-w--OpenBSD-5.0-td32881415.html#a32884546 ahci0: stopping the port, softreset slot 31 was still active. ahci0: failed to reset port during timeout handling, disabling it Does anyone have a patch to try or is there a way to boot into the full system starting from a CD or network boot? -- devin If you have no reason not to, try disabling AHCI? A while ago (not now) I had a few motherboards with SSDs that did were not happy with AHCI on. They were extremely low disk use systems, though. Note this will change your disk device names from sdX to wdX (I think) so some minor fstab tinkering may be needed if you aren't using labels or anything. Unless you are booting a kernel that has strayed far from generic, I don't think it would matter if you got your kernel from a CD or the network -- it's still the same kernel going after the same hardware and will hit the same problem -- so going to current (as was already suggested) is the only direction to move in. Or to generic, if possible and not already.
Re: 5.2 SSD machine won't boot
On Nov 2, 2012, at 3:04 PM, Tyler Morgan wrote: On 11/2/2012 6:39 AM, Devin Ceartas wrote: hp laptop with Intel SSD won't boot under 5.2 - the problem reported on screen appears to be the one described here: http://old.nabble.com/Re%3A-Fwd%3A--mSATA-failure-on-6501-w--OpenBSD-5.0-td32881415.html#a32884546 ahci0: stopping the port, softreset slot 31 was still active. ahci0: failed to reset port during timeout handling, disabling it Does anyone have a patch to try or is there a way to boot into the full system starting from a CD or network boot? -- devin If you have no reason not to, try disabling AHCI? A while ago (not now) I had a few motherboards with SSDs that did were not happy with AHCI on. They were extremely low disk use systems, though. Note this will change your disk device names from sdX to wdX (I think) so some minor fstab tinkering may be needed if you aren't using labels or anything. Unless you are booting a kernel that has strayed far from generic, I don't think it would matter if you got your kernel from a CD or the network -- it's still the same kernel going after the same hardware and will hit the same problem -- so going to current (as was already suggested) is the only direction to move in. Or to generic, if possible and not already. Yes, running generic from CD. Have downloaded snapshot .iso and will try this weekend when I get a chance to burn to CD, install. How do I disable AHCI? -- devin
remote out-of-band management / intel vpro
for some of my remote customers, as well as my own office, i'm looking for an out-of-band management solution that's cheaper than iLO or DRAC. remote power management would be nice, but network KVM is a must. i read about intel vpro / amt recently and just started looking into it; it seems to be baked into most of their q-series chipsets. has anyone here successfully used the intel solution for KVM or anything else? how about unsuccessfully? having something baked into the chipset makes me worry about compatibility with openbsd, as i'm not sure just how transparent/non-invasive it is. reports either way would be appreciated - as would another usable solution.
Relayd issues with check icmp after upgrade to 5.2
Just upgraded to 5.2 on one of our backup firewalls, and we are having
issues with hosts that are being checked with ICMP:
Nov 2 14:58:38 fw02 relayd[30621]: table radius: 1 added, 1 deleted, 0
changed, 0 killed
Nov 2 14:58:38 fw02 relayd[5280]: recv_icmp: forged icmp packet?
Nov 2 14:58:48 fw02 relayd[5280]: recv_icmp: forged icmp packet?
Nov 2 14:58:48 fw02 relayd[5280]: host 192.168.1.11, check icmp (0ms),
state down - up, availability 15.79%
Nov 2 14:58:48 fw02 relayd[5280]: host 192.168.1.15, check icmp
(209ms), state up - down, availability 84.21%
Nov 2 14:58:58 fw02 relayd[30621]: table radius: 1 added, 1 deleted, 0
changed, 0 killed
Nov 2 14:58:58 fw02 relayd[5280]: recv_icmp: forged icmp packet?
Nov 2 14:58:58 fw02 relayd[5280]: host 192.168.1.15, check icmp (1ms),
state down - up, availability 85.00%
Nov 2 14:58:58 fw02 relayd[5280]: host 192.168.1.11, check icmp
(209ms), state up - down, availability 15.00%
Nov 2 14:59:08 fw02 relayd[30621]: table radius: 1 added, 1 deleted, 0
changed, 0 killed
Nov 2 14:59:08 fw02 relayd[5280]: recv_icmp: forged icmp packet?
Sometimes relayd accepts the ICMP packet is valid, and other times not;
one host seems to be up while the other is down, and then they switch.
The setup here is simple as can be, interface re1 is in the
192.168.1.0/24 subnet, and ARP entries for these servers can be seen in
`arp -na`:
$ arp -na
? (192.168.1.11) at **:**:**:93:b8:c1 on re1
? (192.168.1.15) at **:**:**:f0:62:ae on re1
We're relaying UDP for RADIUS authentication, so can't switch to
checking TCP for host health. Our other firewall in the pair, running
5.1, is having no issues at all.
In relayd.conf:
redirect radius {
listen on $ext_addr udp port 1812
# tag every packet that goes thru the rdr rule with RELAYD
tag RELAYD
forward to $host-at-192.168.1.11 check icmp
forward to $host-at-192.168.1.15 check icmp
}
Any ideas?
OpenBSD 5.2 (GENERIC.MP) #339: Wed Aug 1 10:13:24 MDT 2012
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Atom(TM) CPU 330 @ 1.60GHz (GenuineIntel 686-class)
1.61 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,LONG,SSE3,MWAIT,DS-CPL,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,LAHF
real mem = 2138238976 (2039MB)
avail mem = 2092429312 (1995MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 07/10/09, BIOS32 rev. 0 @ 0xf0010,
SMBIOS rev. 2.5 @ 0xfd170 (27 entries)
bios0: vendor American Megatrends Inc. version 1.0a date 07/10/2009
bios0: Supermicro X7SLA
acpi0 at bios0: rev 2
acpi0: sleep states S0 S1 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG SLIC OEMB
acpi0: wakeup devices P0P2(S4) P0P1(S4) PS2K(S4) PS2M(S4) EUSB(S4)
MC97(S4) P0P4(S4) P0P5(S4) P0P6(S4) P0P7(S4) P0P8(S4) LAN0(S1) P0P9(S4)
LAN1(S1) USB0(S4) USB1(S4) USB2(S4) USB3(S4) SLPB(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 133MHz
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Atom(TM) CPU 330 @ 1.60GHz (GenuineIntel 686-class)
1.61 GHz
cpu1:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,LONG,SSE3,MWAIT,DS-CPL,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,LAHF
cpu2 at mainbus0: apid 1 (application processor)
cpu2: Intel(R) Atom(TM) CPU 330 @ 1.60GHz (GenuineIntel 686-class)
1.61 GHz
cpu2:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,LONG,SSE3,MWAIT,DS-CPL,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,LAHF
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Atom(TM) CPU 330 @ 1.60GHz (GenuineIntel 686-class)
1.61 GHz
cpu3:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,LONG,SSE3,MWAIT,DS-CPL,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,LAHF
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 1, remapped to apid 4
acpimcfg0 at acpi0 addr 0xf000, bus 0-63
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (P0P2)
acpiprt2 at acpi0: bus 8 (P0P1)
acpiprt3 at acpi0: bus 5 (P0P4)
acpiprt4 at acpi0: bus -1 (P0P5)
acpiprt5 at acpi0: bus -1 (P0P6)
acpiprt6 at acpi0: bus -1 (P0P7)
acpiprt7 at acpi0: bus 6 (P0P8)
acpiprt8 at acpi0: bus 7 (P0P9)
acpicpu0 at acpi0
acpicpu1 at acpi0
acpicpu2 at acpi0
acpicpu3 at acpi0
acpibtn0 at acpi0: SLPB
acpibtn1 at acpi0: PWRB
bios0: ROM list: 0xc/0xaa00!
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 82945G Host rev 0x02
ppb0 at pci0 dev 1 function 0 Intel 82945G PCIE rev 0x02: apic 4 int 16
pci1 at ppb0 bus 1
ppb1 at pci1 dev 0 function 0 IDT 89HPES12N3A rev 0x04
pci2 at ppb1 bus 2
ppb2 at pci2 dev 0 function 0 IDT 89HPES12N3A rev 0x04
pci3 at ppb2 bus 3
em0 at
Re: 5.2 SSD machine won't boot
On Fri, Nov 2, 2012 at 3:10 PM, Devin Ceartas de...@nacredata.com wrote: On Nov 2, 2012, at 3:04 PM, Tyler Morgan wrote: On 11/2/2012 6:39 AM, Devin Ceartas wrote: hp laptop with Intel SSD won't boot under 5.2 - the problem reported on screen appears to be the one described here: http://old.nabble.com/Re%3A-Fwd%3A--mSATA-failure-on-6501-w--OpenBSD-5.0-td32881415.html#a32884546 ahci0: stopping the port, softreset slot 31 was still active. ahci0: failed to reset port during timeout handling, disabling it Does anyone have a patch to try or is there a way to boot into the full system starting from a CD or network boot? -- devin Boots reliably when running Current. Thanks, lesson learned.
Re: 5.2 SSD machine won't boot
On Fri, Nov 2, 2012 at 11:50 PM, Devin Ceartas de...@nacredata.com wrote: On Fri, Nov 2, 2012 at 3:10 PM, Devin Ceartas de...@nacredata.com wrote: On Nov 2, 2012, at 3:04 PM, Tyler Morgan wrote: On 11/2/2012 6:39 AM, Devin Ceartas wrote: hp laptop with Intel SSD won't boot under 5.2 - the problem reported on screen appears to be the one described here: http://old.nabble.com/Re%3A-Fwd%3A--mSATA-failure-on-6501-w--OpenBSD-5.0-td32881415.html#a32884546 ahci0: stopping the port, softreset slot 31 was still active. ahci0: failed to reset port during timeout handling, disabling it Does anyone have a patch to try or is there a way to boot into the full system starting from a CD or network boot? -- devin Boots reliably when running Current. Thanks, lesson learned. For changing kernel without need to recompile you can do http://www.openbsd.org/faq/faq5.html#BootConfig (of course that not everything can be done here, but for disabling ACPI it's ok). As you are on current now (better to say snapshots, on current you will be when following man release), but for most of the users it's easier to follow snapshots as you can 1) upgrade your system from bsd.rd binary (during boot at prompt boot boot /bsd.rd and choose (U)pgrade) 2) man sysmerge (-s and -x switches) 3) pkg_add -ui 4) checking current.html With that completely new system, configs and packages in a quick way without need to recompile plus latest bug/security fixes and version of packages. How often to do this is completely on you. You can run eg. for 6 months or more on snapshot, but if you will want to install some package then most probably you will hit some issues with libraries during install and that' simply sign that you really need to upgrade :-) That sign can come even after one week of usage of course, but as that binary update process Is so straightforward then it's no worry about that.
Re: remote out-of-band management / intel vpro
On Fri, Nov 2, 2012 at 9:07 PM, Dewey Hylton dewey.hyl...@gmail.com wrote: for some of my remote customers, as well as my own office, i'm looking for an out-of-band management solution that's cheaper than iLO or DRAC. remote power management would be nice, but network KVM is a must. i read about intel vpro / amt recently and just started looking into it; it seems to be baked into most of their q-series chipsets. has anyone here successfully used the intel solution for KVM or anything else? how about unsuccessfully? having something baked into the chipset makes me worry about compatibility with openbsd, as i'm not sure just how transparent/non-invasive it is. reports either way would be appreciated - as would another usable solution. Just saw it in 52.html Added support for using AMT to provide console-over-Ethernet (c.f. the amtterm package) http://openports.se/comms/amtterm So maybe good chance for you
