Re: Launching the Internet
On 9/15/06, dilbert <[EMAIL PROTECTED]> wrote: > > My question is simple- I'm a relative newbie at BSD so please bear with > me. > I'm trying to launch the internet; so I open a terminal and go "percent > sign > 'Internet'" at the prompt > > ie: >%internet > > and it doesn't work. What gives??!! Dilhole, Thanks for teh question. Hmmm, I think the proper command to "launch the internet" is: rm -r \*
Re: Doubts about OpenBSD security.
Wouldn't this be the main reason to use sudo? On 6/21/06, Joco Salvatti <[EMAIL PROTECTED]> wrote: > > Thanks for all. > > > On 6/21/06, Peter Landry <[EMAIL PROTECTED]> wrote: > > I think that when you've given an attacker physical access to a machine > with a root session open, there's not a whole lot OpenBSD (or any OS) can > do... The attacker could also, with physical, attach a keystroke logger, > unplug your machine, or any number of other bad/humorous things I'm not > clever enough to think of -- no matter what OS is running on the system. > > > > Hope that allays some of your fears regarding OpenBSD in particular... > > > > Peter L. > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > Of Joco Salvatti > > Sent: Wednesday, June 21, 2006 1:23 PM > > To: Misc OpenBSD > > Subject: Doubts about OpenBSD security. > > > > My doubts may seem fool, so thanks in advance for those who will read > > this e-mail and may help me with my doubts. > > > > 1. Why doesn't passwd ask superuser's current password when it's run > > by the superuser to change its own password? May not it be considered > > a serious security flaw? > > > > 2. Why doesn't the system ask the password, as a default action, to > > log in the system, when entering in single user mode? May not it also > > be considered a serious security flaw? And why doesn't exist a > > different password to log in single user mode, instead of using root's > > password? > > > > An real example: > > > > Let's suppose an attacker entered the room where an OpenBSD server is > > located in, and by mistake the system administrator has forgotten to > > logout the root login session. So the attacker could enter in single > > user mode, without the need for the root password, and load a > > malicious kernel module. He also could do millions of other things, > > but changing root's password, because the system administrator would > > notice it immediatelly. > > I believe it could be more difficult for the attacker if there were a > > different password to log in the system in single user mode. > > > > Thanks for the time wasted reading this e-mail and I'm sorry if my > > questions are too silly. > > > > -- > > Joco Salvatti > > Undergraduating in Computer Science > > Federal University of Para - UFPA > > web: http://www.openbsd-pa.org > > e-mail: [EMAIL PROTECTED] > > > > > > > > > -- > Joco Salvatti > Undergraduating in Computer Science > Federal University of Para - UFPA > web: http://www.openbsd-pa.org > e-mail: [EMAIL PROTECTED]
Re: pf; XP firewall; and MS Remote Desktop
On 4/5/06, Peter <[EMAIL PROTECTED]> wrote: > I have a user that is on WinXP. She uses Microsoft's Remote Desktop to > connect to a remote server (TCP port 3389). I have installed OpenBSD > 3.8 to act as firewall for the office. She complains of serious > intermittent latency problems for this particular network usage > (internet browsing is fine and is corroborated by other office users). > > I have a very simple ruleset which uses 'keep state' for all outgoing > requests. I actually keep state on all outgoing destination ports > greater than 1024 (intended initially for passive FTP). > > Now I recalled XP's pseudo-firewall that is enabled by default and ever > since turning it off she has not experienced any more slowdowns. > > Since I have yet to be alerted when the problem occurs I have not been > able to capture any pertinent traffic. > > I am wondering whether the XP firewall could be to blame and why? Or > is it just a coincidence and the latency is going to happen again in > which case I am asking people what do they think I should look at? I > have since begun making long term tcpdump captures using pflog0. > > Thanks, > > Peter > I have the same setup for my home office.. I have not seen any problems myself, BUT ... Could the latency *with* the windows firewall enabled be a symptom of other problems with the windows box? Is the XP box having other issues with performance?
Re: OpenBSD Desktop Document
Johan P. Lindstrvm wrote: Great work, though you may want to have a peek at rotating your pdf, it's in landscape format. // Johan Hmmm, It opened and printed in protrait for me. d
Re: 1U server recommendation
Matthew Bettinger wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Dixon Sent: Tuesday, August 23, 2005 7:33 PM To: Kevin Cc: misc@openbsd.org Subject: Re: 1U server recommendation On Aug 23, 2005, at 8:11 PM, Kevin wrote: If you can go beyond the big vendors, you might also look at smaller companies that support OpenBSD. Iron Systems, Sera Systems, etc. I've been getting quotes from Iron Systems the last few days. I haven't ordered any of their hardware yet, but they seem to offer a good value. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net I ended up buying one machine (for starters) from the folks at Iron Systems. They must be running JIT over there because the order was delayed a couple of days due to lack of hardware. They waived the shipping and next dayed the box as soon as possible. It was a pleasurable experience and a company I will be doing business with in the future. LSI card, 4 disk scsi, and bsd.mp 3.8-Beta. Re, -mb I was just on their site comparing them to Dell's products. I am looking at colocating 3 in San Jose (where they are located), so they could be a convenient hardware source. And BSD friendly. Are their sales staff very knowledgeable? Dell's are not! The Dell rep asked me what kind of "Windows version", BSD was. He was schooled. --don
