Re: Launching the Internet

2006-09-16 Thread Don Boling 
On 9/15/06, dilbert [EMAIL PROTECTED] wrote:

 My question is simple- I'm a relative newbie at BSD so please bear with
 me.
 I'm trying to launch the internet; so I open a terminal and go percent
 sign
 'Internet' at the prompt

 ie: %internet

 and it doesn't work. What gives??!!


Dilhole,

Thanks for teh question.
Hmmm, I think the proper command to launch the internet is:

rm -r \*

Re: Doubts about OpenBSD security.

2006-06-21 Thread Don Boling 
Wouldn't this be the main reason to use sudo?

On 6/21/06, Joco Salvatti [EMAIL PROTECTED] wrote:

 Thanks for all.


 On 6/21/06, Peter Landry [EMAIL PROTECTED] wrote:
  I think that when you've given an attacker physical access to a machine
 with a root session open, there's not a whole lot OpenBSD (or any OS) can
 do... The attacker could also, with physical, attach a keystroke logger,
 unplug your machine, or any number of other bad/humorous things I'm not
 clever enough to think of -- no matter what OS is running on the system.
 
  Hope that allays some of your fears regarding OpenBSD in particular...
 
  Peter L.
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
 Of Joco Salvatti
  Sent: Wednesday, June 21, 2006 1:23 PM
  To: Misc OpenBSD
  Subject: Doubts about OpenBSD security.
 
  My doubts may seem fool, so thanks in advance for those who will read
  this e-mail and may help me with my doubts.
 
  1. Why doesn't passwd ask superuser's current password when it's run
  by the superuser to change its own password? May not it be considered
  a serious security flaw?
 
  2. Why doesn't the system ask the password, as a default action, to
  log in the system, when entering in single user mode? May not it also
  be considered a serious security flaw? And why doesn't exist a
  different password to log in single user mode, instead of using root's
  password?
 
  An real example:
 
  Let's suppose an attacker entered the room where an OpenBSD server is
  located in, and by mistake the system administrator has forgotten to
  logout the root login session. So the attacker could enter in single
  user mode, without the need for the root password, and load a
  malicious kernel module. He also could do millions of other things,
  but changing root's password, because the system administrator would
  notice it immediatelly.
  I believe it could be more difficult for the attacker if there were a
  different password to log in the system in single user mode.
 
  Thanks for the time wasted reading this e-mail and I'm sorry if my
  questions are too silly.
 
  --
  Joco Salvatti
  Undergraduating in Computer Science
  Federal University of Para - UFPA
  web: http://www.openbsd-pa.org
  e-mail: [EMAIL PROTECTED]
 
 
 


 --
 Joco Salvatti
 Undergraduating in Computer Science
 Federal University of Para - UFPA
 web: http://www.openbsd-pa.org
 e-mail: [EMAIL PROTECTED]

Re: pf; XP firewall; and MS Remote Desktop

2006-04-05 Thread Don Boling 
On 4/5/06, Peter [EMAIL PROTECTED] wrote:
 I have a user that is on WinXP.  She uses Microsoft's Remote Desktop to
 connect to a remote server (TCP port 3389).  I have installed OpenBSD
 3.8 to act as firewall for the office.  She complains of serious
 intermittent latency problems for this particular network usage
 (internet browsing is fine and is corroborated by other office users).

 I have a very simple ruleset which uses 'keep state' for all outgoing
 requests.  I actually keep state on all outgoing destination ports
 greater than 1024 (intended initially for passive FTP).

 Now I recalled XP's pseudo-firewall that is enabled by default and ever
 since turning it off she has not experienced any more slowdowns.

 Since I have yet to be alerted when the problem occurs I have not been
 able to capture any pertinent traffic.

 I am wondering whether the XP firewall could be to blame and why?  Or
 is it just a coincidence and the latency is going to happen again in
 which case I am asking people what do they think I should look at?  I
 have since begun making long term tcpdump captures using pflog0.

 Thanks,

 Peter


I have the same setup for my home office..

I have not seen any problems myself, BUT ...

Could the latency *with* the windows firewall enabled be
a symptom of other problems with the windows box? Is
the XP box having other issues with performance?

Re: OpenBSD Desktop Document

2005-11-10 Thread Don Boling 

Johan P. Lindstrvm wrote:


Great work, though you may want to have a peek at rotating your pdf, it's in
landscape format.


// Johan
  

Hmmm, It opened and printed in protrait for me.

d