Re: Wasting our Freedom
Am 16.09.2007 um 12:05 schrieb J.C. Roberts: Can I ask a question here? You're getting worked up over nothing. Open Source doesn't work without Open Hardware. The level of the software is approaching a good level to use for Open Hardware, IMO. While it's your time to relax the hardware hackers are at turn now, don't you think? Thanks. -p On Sunday 16 September 2007, Kyle Moffett wrote: Secondly, what the HELL is with you guys and the personal attacks?!?!? You said I am hopelessly misinformed, or a habitual liar??? You are right and I apologize. I've received plenty of personal attacks from your group, and failed to hold my temper when dealing with you. You and the rest of the linux kernel devs need to realize there are a lot of angry people who are tired of being ignored by the powers that be in the GNU/FSF/GPL/SFLC. The claimed distinction between the linux kernel, the linux operating system, the various linux distros, the GNU project, the FSF, and the SFLC is pedantic at best to the rest of the outside world. As far as everyone else on the outside is concerned, you are all one large project working together. When some part of your project is indulging in code theft, it makes all of you look bad, regardless if it's upstream, downstream, sidestream or otherwise. When linux/gpl developers and linux/gpl lawyers refuse to take a stance against code theft, you look like one big happy family doing everything you can to put as much code as possible under your preferred license regardless if it's illegal or immoral. I knew darn well that I wouldn't be winning any new friends in the linux/gpl/gnu camp by voicing an unpopular opinion to your project, but after being ignored, you too would want to find the people on the other side with the spine to stand up and say code theft is wrong. Would you stand by quietly, tolerate being ignored, and accept delay tactics of unethical lawyers if the roles were reverse? Would you be willing to be called every untoward name in the book by voicing your dissenting opinions clearly and loudly? I have. jcr
Re: FREEZE UPS! (I'M STILL HERE WOLF!)
00:12:50 oberon /bsd: pckbd0 at pckbc0 (kbd slot) May 4 00:12:50 oberon /bsd: pckbc0: using irq 1 for kbd slot May 4 00:12:50 oberon /bsd: wskbd0 at pckbd0: console keyboard, using wsdisplay0 May 4 00:12:50 oberon /bsd: pcppi0 at isa0 port 0x61 May 4 00:12:50 oberon /bsd: midi0 at pcppi0: PC speaker May 4 00:12:50 oberon /bsd: spkr0 at pcppi0 May 4 00:12:50 oberon /bsd: lpt0 at isa0 port 0x378/4 irq 7 May 4 00:12:50 oberon /bsd: lm0 at isa0 port 0x290/8: W83627THF May 4 00:12:50 oberon /bsd: fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 May 4 00:12:50 oberon /bsd: fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec May 4 00:12:50 oberon /bsd: usb1 at ohci0: USB revision 1.0 May 4 00:12:50 oberon /bsd: uhub1 at usb1 May 4 00:12:50 oberon /bsd: uhub1: NVIDIA OHCI root hub, rev 1.00/1.00, addr 1 May 4 00:12:50 oberon /bsd: uhub1: 10 ports with 10 removable, self powered May 4 00:12:50 oberon /bsd: uplcom0 at uhub1 port 1 May 4 00:12:50 oberon /bsd: uplcom0: ATEN International Serial, rev 1.10/0.01, addr 2 May 4 00:12:50 oberon /bsd: ucom0 at uplcom0 May 4 00:12:50 oberon /bsd: uhidev0 at uhub1 port 2 configuration 1 interface 0 May 4 00:12:50 oberon /bsd: uhidev0: Logitech USB-PS/2 Optical Mouse, rev 2.00/20.00, addr 3, iclass 3/1 May 4 00:12:50 oberon /bsd: ums0 at uhidev0: 3 buttons and Z dir. May 4 00:12:50 oberon /bsd: wsmouse0 at ums0 mux 0 May 4 00:12:50 oberon /bsd: uhub2 at uhub1 port 4 May 4 00:12:50 oberon /bsd: uhub2: ALCOR macally Kbd Hub, rev 1.10/1.00, addr 4 May 4 00:12:50 oberon /bsd: uhub2: 3 ports with 2 removable, bus powered May 4 00:12:50 oberon /bsd: uhidev1 at uhub2 port 1 configuration 1 interface 0 May 4 00:12:50 oberon /bsd: uhidev1: ALCOR macally Kbd Hub, rev 1.10/1.00, addr 5, iclass 3/1 May 4 00:12:50 oberon /bsd: ukbd0 at uhidev1: 8 modifier keys, 6 key codes, country code 1 May 4 00:12:50 oberon /bsd: wskbd1 at ukbd0 mux 1 May 4 00:12:50 oberon /bsd: wskbd1: connecting to wsdisplay0 May 4 00:12:50 oberon /bsd: uhub3 at uhub1 port 5 May 4 00:12:50 oberon /bsd: uhub3: Atmel UHB124 hub, rev 1.10/3.00, addr 6 May 4 00:12:50 oberon /bsd: uhub3: 4 ports with 4 removable, self powered May 4 00:12:50 oberon /bsd: uscanner0 at uhub1 port 6 May 4 00:12:50 oberon /bsd: uscanner0: EPSON EPSON Scanner, rev 1.10/1.00, addr 7 May 4 00:12:50 oberon /bsd: dkcsum: wd0 matches BIOS drive 0x80 May 4 00:12:50 oberon /bsd: dkcsum: wd1 matches BIOS drive 0x81 May 4 00:12:50 oberon /bsd: root on wd0a May 4 00:12:50 oberon /bsd: rootdev=0x0 rrootdev=0x300 rawdev=0x302 May 4 00:12:50 oberon savecore: no core dump May 4 00:12:51 oberon routed[32060]: pppoe0 has a bad address May 4 00:12:51 oberon routed[32060]: static route -- 0.0.0.0 impossibly lacks ifp May 4 00:12:51 oberon ripd[27299]: WARNING: IP forwarding NOT enabled May 4 00:12:51 oberon ospfd[14178]: WARNING: IP forwarding NOT enabled, running as stub router May 4 00:12:51 oberon bgpd[9988]: setup_listeners setsockopt TTL: Invalid argument May 4 00:12:51 oberon bgpd[9988]: neighbor 10.2.1.1: session_connect bind: Can't assign requested address May 4 00:12:51 oberon bgpd[9988]: neighbor 10.0.2.0 (upstream2): session_connect bind: Can't assign requested address May 4 00:12:51 oberon bgpd[9988]: neighbor 10.2.0.2 (peering AS 65042): session_connect bind: Can't assign requested address May 4 00:12:51 oberon bgpd[9988]: neighbor 10.2.0.1 (peering AS 65042): session_connect bind: Can't assign requested address May 4 00:12:51 oberon bgpd[9988]: neighbor 10.1.0.3 (AS 65001 peer 2): session_connect bind: Can't assign requested address May 4 00:12:51 oberon bgpd[9988]: neighbor 10.1.0.2 (AS 65001 peer 1): connect: Can't assign requested address May 4 00:12:52 oberon inetd[13749]: telnet1/tcp: unknown service May 4 00:12:53 oberon postfix/postfix-script: warning: /var/spool/postfix/etc/services and /etc/services differ May 4 00:12:53 oberon bgpd[29013]: change req for ff02:5::/32: not in table May 4 00:12:53 oberon /bsd: pppoe: alien host unique tag, no session found May 4 00:12:53 oberon /bsd: pppoe: received PADO but could not find request for it -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,137p http://centroid.eu So long and thanks for all the fish!!! -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,137p http://centroid.eu So long and thanks for all the fish!!!
sox reverse question
Hi, I can't seem to reverse any .wav files with the command sox file1.wav file2.wav reverse What happens is file2.wav will turn out to be 44 bytes (header?). Is this feature broken? neptune$ cd /var/db/pkg neptune$ ls -ld sox* drwxr-xr-x 2 root wheel 512 Mar 1 13:13 sox-12.18.2 -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,137p http://centroid.eu So long and thanks for all the fish!!!
small question regarding snapshots checksums
Hi, I recently tested a new way of checking checksums of different mirrors, I call to an ISP in France (from Germany) in order to pull the MD5 and checksum files from a list of mirrors. I then cross-check these with my ISP's openbsd mirror. The process I can automate a little better but it seems to work. data: -rw-r--r-- 1 root wheel 3775 Jan 9 12:10 129.128.5.191.cksums -rw-r--r-- 1 root wheel 3775 Jan 9 12:10 130.237.237.229.cksums -rw-r--r-- 1 root wheel 3777 Jan 9 12:10 131.188.40.91.cksums -rw-r--r-- 1 root wheel 3777 Jan 9 12:10 192.43.244.161.cksums -rw-r--r-- 1 root wheel 3648 Jan 9 12:10 200.32.4.56.cksums -rw-r--r-- 1 root wheel 3648 Jan 9 12:10 203.16.234.85.cksums -rw-r--r-- 1 root wheel 3648 Jan 9 12:10 203.16.234.86.cksums -rw-r--r-- 1 root wheel 3648 Jan 9 12:10 203.8.116.111.cksums -rw-r--r-- 1 root wheel 3777 Jan 9 12:10 204.152.184.203.cksums -rw-r--r-- 1 root wheel 3777 Jan 9 12:10 209.242.32.10.cksums -rw-r--r-- 1 root wheel 3648 Jan 9 12:10 62.116.6.182.cksums -rw-r--r-- 1 root wheel 3778 Jan 9 11:54 ftp.freenet.de.cksums At that point (if you look at the timestamp) it's been 4 hours since the OpenBSD main source did a change in the kernel versions and all the other mirrors hadn't picked up the changes. So there was a checksum mismatch. I was wondering whether a history file of checksums is a good thing to include on the main ftp site? That way one can check whether older revisions of binaries are the right checksum? Otherwise one would not know (and there would be no point of checksums then right?). Perhaps there is a better way to check checksums in a more secure way than FTP? What way would this be, at best? My calls to France hope to at least find some out of band channel to cross-check binary checksums, but it's not economical until I update my long-distance phone plan (I'm just testing the water right now). Regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,137p http://centroid.eu So long and thanks for all the fish!!!
problem with gcc
Hi misc@, I have a slight problem trying to compile a program on an i386 box that has 3.9 installed. The box until recently ran 4.0-beta but I installed the base packages as well as comp.tgz from the 3.9 on it. It now runs on a 3.9 kernel as well. However I have this problem, when I compile I get this message: # cc -g -o c-exchange c-exchange.c cc: Internal error: Bad system call (program cc1) Please submit a full bug report. See URL:http://gcc.gnu.org/bugs.html for instructions. So when I ktrace it (with the -i flag) it shows it's bailing on syscall 304 which on 3.9 is: # grep 304 /usr/include/sys/syscall.h #define SYS_MAXSYSCALL 304 and on 4.0-beta this seems to be: # grep 304 /usr/include/sys/syscall.h #define SYS___getcwd304 The only binaries that the compile process works through according to ktrace is the following: # kdump | awk '$0 ~ /^ [0-9]*/ { print $2 }' | sort -u sys/types.h == cc cc1 error: ktrace So in the exec path there isn't too much to go through. Should these be right for 3.9 (OpenBSD CD)? # sysctl kern.version kern.version=OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC # md5 /usr/lib/gcc-lib/i386-unknown-openbsd3.9/3.3.5/cc1 /usr/bin/cc MD5 (/usr/lib/gcc-lib/i386-unknown-openbsd3.9/3.3.5/cc1) = 1f2eeaf84b871d8548613341003ea537 MD5 (/usr/bin/cc) = d255b8067c3dc7daf696b13abac1d4ec # ldd /usr/bin/cc /usr/bin/cc: StartEnd Type Open Ref GrpRef Name exe 10 0 /usr/bin/cc 0c2b7000 2c2be000 rlib 01 0 /usr/lib/libiberty.so.8.0 0a5cb000 2a5fc000 rlib 01 0 /usr/lib/libc.so.39.3 0d9a6000 0d9a6000 rtld 01 0 /usr/libexec/ld.so # ldd /usr/lib/gcc-lib/i386-unknown-openbsd3.9/3.3.5/cc1 /usr/lib/gcc-lib/i386-unknown-openbsd3.9/3.3.5/cc1: StartEnd Type Open Ref GrpRef Name exe 10 0 /usr/lib/gcc-lib/i386-unknown-openbsd3.9/3.3.5/cc1 02bfe000 22c05000 rlib 01 0 /usr/lib/libiberty.so.8.0 0062d000 2065e000 rlib 01 0 /usr/lib/libc.so.39.3 0352b000 0352b000 rtld 01 0 /usr/libexec/ld.so So I hope I have provided enough information for someone to pinpoint exactly what is missing, or where the problem lies. Can anyone give me some of their time in helping debugging this problem? (please contact me privately I'm not subscribed to the list). -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,137p http://centroid.eu So long and thanks for all the fish!!!
Re: problem with gcc
On Wed, Jan 03, 2007 at 05:18:13PM -0700, Theo de Raadt wrote: I have a slight problem trying to compile a program on an i386 box that has 3.9 installed. The box until recently ran 4.0-beta but I installed the base packages as well as comp.tgz from the 3.9 on it. It now runs on a 3.9 kernel as well. However I have this problem, when I compile I get this message: You cannot go backwards. We've said so many times before, and it it rather obvious! You CANNOT go backwards because we are always building newer interfaces. Ok, I'll have to get another snapshot then, until I purchase 4.x. Question for you and openbsd, there is a mirror at my provider ftp://ftp.freenet.de/pub/ftp.openbsd.org/pub/OpenBSD and so on. Does the OpenBSD project periodically cross-check for any possible trojans in these mirrors? Would you recommend getting the CKSUM and MD5 files periodically (and through other ISP's) to make sure that what one gets is really genuine? I know I'm often an idiot and often paranoia and mistrust have the upper hand, so how can I feel better about such a thing? I value your kind words. (the latest funny thing I had happen to my 4.0-beta was that on the local ftpd an mget on the ftp client failed with the error read-only filesystem, which to me was interesting and discouraging since an mget would hardly write to disk right? This message only happened once, after that ftpd would spit back i/o error or something similar. I hardly have the time to check every source code and binary myself so I accepted what happened there and left it for the new year, this was on the local home LAN (non-wifi although there is wifi access)). -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,137p http://centroid.eu So long and thanks for all the fish!!!
looking for (custom) dial-in
Hi misc@, I know OpenBSD isn't a telco nor an internet service provider, but perhaps someone out there has a spare POTS line where they can hook a modem to. I'm looking for people in the following countries willing to provide dial-in service for 10 hours a month at no more than 12 euros a year. If your POTS is sitting around doing nothing and you could use 12 euros a year, the internet connectivity does not need to give an IP it can be NAT service just as long as one can get Internet. I'm looking for connects in denmark, belgium, netherlands, luxemburg, switzerland, czech republic, france, austria, poland and germany. The service can be anything from 2400 bps through whatever is highest now, just as long as my modems can completely handshake. Whether the services behind the dial-in are OpenBSD-run is irrelevant to me. Alternatively if it isn't too much of your time send me a list of Internet providers that provide cheap dial-in in your respective country. Yer a great bunch fellers! -p
Re: looking for (custom) dial-in
Yes you may ask why. I'm german, and like any german I plan on taking over the world. In fact I'm working on germanys neighbouring countries first. ktx. Am 28.12.2006 um 10:45 schrieb Lawrence Horvath: May i ask why? I'm sure google could tell you quite a few dial-up company's in the country's you would like On 12/28/06, Peter Philipp [EMAIL PROTECTED] wrote: Hi misc@, I know OpenBSD isn't a telco nor an internet service provider, but perhaps someone out there has a spare POTS line where they can hook a modem to. I'm looking for people in the following countries willing to provide dial-in service for 10 hours a month at no more than 12 euros a year. If your POTS is sitting around doing nothing and you could use 12 euros a year, the internet connectivity does not need to give an IP it can be NAT service just as long as one can get Internet. I'm looking for connects in denmark, belgium, netherlands, luxemburg, switzerland, czech republic, france, austria, poland and germany. The service can be anything from 2400 bps through whatever is highest now, just as long as my modems can completely handshake. Whether the services behind the dial-in are OpenBSD-run is irrelevant to me. Alternatively if it isn't too much of your time send me a list of Internet providers that provide cheap dial-in in your respective country. Yer a great bunch fellers! -p -- -Lawrence -Student ID 1028219
hermes wi(4) reading of incomplete frames?
Is there any modes to wi(4) for reading incomplete frames (ie. jammed/interrupted/collided) that obviously don't have a valid checksum? I am using the hermes chipsets. Please reply in private. -p
Re: Do mp3 concatenation programs exist?
On Sat, Oct 28, 2006 at 10:11:30AM -0500, J Moore wrote: Doesn't 'audacity' concatenate mp3 files? Thanks for the suggestion. Lots of feedback now. Too bad it didn't come around 3 months ago. I've made my own tools now and it's a lot of fun. Just made an MP3 proxy/multiplexer that takes a stream and multiplexes it for multiple connections on the same stream. A multicast version is coming up for LAN's and multicast capable WANS. Watch the next few entries in my blog for the source of this and explaining how I do this. Whenever something comes up I go the hard way, it seems to be that way in my entire lifespan. However I keep my sovereignty on whatever that way. -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,137p http://centroid.eu So long and thanks for all the fish!!!
Re: Soundblaster Audigy LS (SE, PCI subsys id = 0x100a1102)
On Fri, Oct 27, 2006 at 05:10:44PM +0200, Alexandre Ratchov wrote: hi, I'm insterested. If no other developpers want it, i'd like to try to make it work on openbsd. thanks, -- Alexandre Ok, I just need an address where to drop it off. Thanks for taking this off my hands. -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,137p http://centroid.eu So long and thanks for all the fish!!!
Soundblaster Audigy LS (SE, PCI subsys id = 0x100a1102)
Hi, Any poor soul living in Frankfurt and running Linux or Windows needing a Soundblaster (PCI) card? I have a Soundblaster Audigy LE card to give away as there is no BSD support for this one (checked FreeBSD project as well). I tried fooling around with it, putting support into it, after pretty well copying the Linux driver but it didn't seem to work. This card doesn't seem to be ac97 compatible so no ac97 driver could attach to it. I'm giving it away as it's completely worthless to me. Let me know where to deliver it to, I'll drop it off at your door. Please reply individually as I'm not subscribed to this list. -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,137p http://centroid.eu So long and thanks for all the fish!!!
Re: Do mp3 concatenation programs exist?
On Fri, Oct 20, 2006 at 11:41:43PM +0300, Peter Philipp wrote: license for your own programs. Now all I gotta do is bang out my program based on this info. :-) Just a followup on this, I did bang out this program and have been spending the greater part of the day re-concatenating my old mp3 clips. Remember my original need for this, I disconnect/reconnect my pppoe every minute. This gives me a new IP every minute. Since there is an overlap on the MP3 streaming server I'm able to concatenate the pieces together based on a series of checksums that are part of the MP3 format. If you would like to see my program you can download it from https://ssl-id.de/centroid.eu/peter/merge-mp3-clips.c [checksum: MD5 (src/misc/merge-mp3-clips.c) = 9281305ab48233aa86d2df3c184b0b93 ] To make it use for your stuff it probably needs a bit of editing/hardcoding. I hardcoded the directories and the files have the format ckln.`date +%s`. The listening of this is a pleasure again without skips, repeats and screeches. This program can also be used for groups on the Internet. Say you want to protect your identity from MP3 streaming vendors and have a few friends on the Internet you can all download a minute of listening at different offsets in time (crontabbed perhaps?) and then change your IP. During the download of the stream you don't do any network activity, that way noone can correlate your IP to any other service on the Internet (prior to the download you also change IP). At the end of each download the MP3 clip is uploaded to a central server or on a P2P network and re-assembled with similar programs such as this for your uninterupted listening pleasure. This pretty well protects your privacy globally and noone can be sure who is listening into a certain program for a long time, noone can proove that you are interested in a certain topic/discussion (say if someone talks about coups, rebellions, dissent), all they'll be able to tell is that someone listened for a minute and then had enough (hardly incriminating them in orwellian societies/states). Have fun! -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,137p http://centroid.eu So long and thanks for all the fish!!!
arm yourself with RFC1661
Hi, In this link you complained about kernel pppoe not working: http://marc.theaimsgroup.com/?l=openbsd-miscm=116131360627151w=2 but you're only mentioning that it's not working. Can you be a little bit more specific? What isn't working? The PPPoE exchange or the PPP exchange/authentication? Take a look at one of my posts to openbsd-tech: http://marc.theaimsgroup.com/?l=openbsd-techm=116082407306482w=2 Notice lots of packet dumps. That's what people are looking for so they can actually see your problem and not just guess it. Let me explain to you how PPPoE works.. First it sends a PADI packet, this is a Discovery packet it intitially looks for PPPoE capable Network Access Servers (NAS). The NAS replies with a PADO (Offer), there may be multiple NAS's on the same link offering but for simplicities sake it's only one (your provider). Then PPPoE sends a PADR (Session request) to the NAS asking for a PPP session which then replies with a PADS (session confirmation). This entire exchange is done with Ethernet frames where the ethernet ident field is set to 0x8863, when the session is confirmed the session packets continue with an ID of 0x8864 which encapsulate the PPP packets. All this can be tracked with RFC 2516. Now on to the PPP exchange, first PPP starts up with a request for configuration with Link Control Packets (LCP), things such as MRU/MTU, Authentication mechanism and other things such as a MAGIC are exchanged. Once the requested and offered fields are ACK'ed (acknowledged) the exchange continues with authentication, it sends a PAP or CHAP packet which then gets confirmed. At this point only the IP needs to be exchanged through the IPCP protocol, and once that is finished PPP will continue with encapsulating IP packets. This is detailed with RFC 1661. So you can see by my post to openbsd-tech a bunch of debugging. One is done with tcpdump I usually set it with flags '-v -n -i rl1 -e -X -s 200' where rl1 is my PPPoE interface. This does a hexdump with appropriate header interpretation of whatever goes over the ethernet. You can also set debugging on the pppoe link itself, you do this with: ifconfig pppoe0 debug This logs to kernel log and thus will show up in your syslog messages file. After turning debugging on your box may feel sluggish due to the intense writing to log files. To turn debugging off you type: ifconfig pppoe0 -debug So why don't you do this, while at the same time using RFC1661 as a chart to understand the PPP exchange, and you'll then see what's going on and you'll be more informed on exactly what isn't working and can focus on that instead of saying it just doesn't work. Where are the rfc's at? http://www.rfc-editor.org Have a good Weekend, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,137p http://centroid.eu So long and thanks for all the fish!!!
Do mp3 concatenation programs exist?
Hi, 3 months ago I asked if any programs exist that do this according to this thread: http://marc.theaimsgroup.com/?l=openbsd-miscm=115298981814514w=2 A bunch of you jumped on me like starving wolves, and well I didn't get any of the help I was looking for. So tonight at the beginning of the weekend I set out to learn how an MP3 frame is constructed and I reversed the GNU code of MPlayer, feel free to use this information under a BSD license for your own programs. Now all I gotta do is bang out my program based on this info. :-) Kind regards, -peter MP3 Header [explanation from RFC 3119] 2. The Structure of MP3 Frames In this section we give a brief overview of the structure of a MP3 frame. (For more detailed description, see the MPEG 1 audio [3] and MPEG 2 audio [4] specifications.) Each MPEG audio frame begins with a 4-byte header. Information defined by this header includes: - Whether the audio is MPEG 1 or MPEG 2. - Whether the audio is layer I, II, or III. (The remainder of this document assumes layer III, i.e., MP3 frames) - Whether the audio is mono or stereo. - Whether or not there is a 2-byte CRC field following the header. - (indirectly) The size of the frame. The following structures appear after the header: - (optionally) A 2-byte CRC field - A side info structure. This has the following length: - 32 bytes for MPEG 1 stereo - 17 bytes for MPEG 1 mono, or for MPEG 2 stereo - 9 bytes for MPEG 2 mono - Encoded audio data, plus optional ancillary data (filling out the rest of the frame) For the purpose of this document, the side info structure is the most important, because it defines the location and size of the Application Data Unit (ADU) that an MP3 decoder will process. In particular, the side info structure defines: - main_data_begin: This is a back-pointer (in bytes) to the start of the ADU. The back-pointer is counted from the beginning of the frame, and counts only encoded audio data and any ancillary data (i.e., ignoring any header, CRC, or side info fields). An MP3 decoder processes each ADU independently. The ADUs will generally vary in length, but their average length will, of course, be that of the of the MP3 frames (minus the length of the header, CRC, and side info fields). (In MPEG literature, this ADU is sometimes referred to as a bit reservoir.) --- [Reverse engineered from MPlayer-1.0pre7/libmpdemux/mpeg_hdr.c] [// based on libmpeg2/header.c by Aaron Holtzman [EMAIL PROTECTED]] [which has the following license: ] /* * header.c * Copyright (C) 2000-2003 Michel Lespinasse [EMAIL PROTECTED] * Copyright (C) 2003 Regis Duchesne [EMAIL PROTECTED] * Copyright (C) 1999-2000 Aaron Holtzman [EMAIL PROTECTED] * * This file is part of mpeg2dec, a free MPEG-2 video stream decoder. * See http://libmpeg2.sourceforge.net/ for updates. * * mpeg2dec is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * mpeg2dec is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * * * Modified for use with MPlayer, see libmpeg-0.4.0.diff for the exact changes. * detailed CVS changelog at http://www.mplayerhq.hu/cgi-bin/cvsweb.cgi/main/ * $Id: header.c,v 1.18 2005/02/19 02:32:12 diego Exp $ */ +++++ | |[D]|[B]|[E| [F] |[C]|G| |[H]| [I] | | 13 bits set [A] | | |] | | |*| | || +++++ [ following struct written by Peter Philipp (could be erroneous) based on ] [ the information taken from the above mentioned files ] /* network byte order */ struct mp3_header { u_int16_t first; #define FIRST_13_BITS 0xFFE0 /* must be set */ #define HAS_CRC 0x1 /* if set CRC trails header */ #define HAS_LAYER3 0x2 #define HAS_LAYER2 0x4 #define HAS_LAYER1 0x6 #define HAS_MPEG1 0x8 /* if not set MPEG 2.0 leftshift 1 */ #define HAS_MPEG1ORMPEG2 0x16 /* if not set MPEG 2.5 */ u_int16_t second; #define HAS_MONO0xC0/* if set is MONO (1 channel) */ #define HAS_PADDING 0x200 /* if set has padding byte */ /* sample frequency if none set it's MPEG 1.0 */ #define HAS_SAMPLE_FQ1
How is xlock authenticating?
Hello dear OpenBSD, I had a look around the system today, actually I think I musta been high these last few weeks/months because xlock ceased authenticating. Now I took a look at the /etc/spwd.db file and here are its permissions: -rw-r- 1 root _shadow 40960 Sep 19 17:15 /etc/spwd.db Notice: group _shadow This is important. -rwxr-sr-x 1 root auth 2303706 Aug 18 06:49 /usr/X11R6/bin/xlock That's the permissions of xlock, on OpenBSD/amd64 and OpenBSD/i386. How exactly is OpenBSD's xlock communicating with the master password file? Is there another program it exec's that is setgid to _shadow? Just wondering, seems kinda odd.. Please help me for I am a blind man, and the system is complex. (plus I don't have the XF4 sources handy, to go through the xlock sources..) Have a nice day, -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p http://centroid.eu So long and thanks for all the fish!!!
Re: BGP questions
On Wed, Jul 12, 2006 at 03:10:40PM +0200, Peter Philipp wrote: Uhm. I had some time and because I was working on similar code I created what I conceived in this. Basically tun(2) in link-layer mode are able to be bridged (yay), didn't know it could be done. The code proved it. However the CARP doesn't ARP when it's on another interface so it won't work. I've submitted a bug report regarding this, it is labelled as kernel/5178. Not sure if it's deemed as important to make functional. Marco Pfatschbacher (mpf (at) ... ) just committed a patch to -current that solves this issue and the bug report is closed. Apparently this issue was worth fixing, maybe I'll play with it some day, if anyone else wants they have my code in this thread that they can simply change to their needs. http://marc.theaimsgroup.com/?l=openbsd-cvsm=115619634803691w=2 regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: looking for clue
On Thu, Jul 20, 2006 at 10:54:28PM +0530, Rahul Sharma wrote: Hi Peter Phillips, It is not Mr. Eric Pancer but me (rahulthehacker) who is asking for help on dhcpd lease. Now it is because of you Mr. Mind that till last month I didnot believe on Communities (like openBSD) but after joining this community I come to know abt. the power of open system. But it is due to u Mastermind that some body like me are still far away from this community. I am not speak any Martian also. But sorry to tell u change ur attitude plz Rahul Hi Rahul! Listen. Don't get me wrong. You are almighty, I know that. What we need to do now is write only privately very quiet between the two of us and we'll take over the world together ok? Share your problems with me in private mail and we'll figure out a way together. TTYL. Regards, -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: looking for clue
On Thu, Jul 20, 2006 at 11:28:17PM -0400, Eric Furman wrote: Please take your medication regularly and not just when you feel like it. I promise you, if you take your Thorazine like your doctor describes, all the 'Bad People' will go away and stop bothering you. -- Eric Furman [EMAIL PROTECTED] I sense angryness in the force. Eric you stay out of it. This is between me and Rahul. -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
looking for clue
Hi I'm looking for clue. Does anyone have any? -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p There is no such thing as a certified security specialist Security is the countermeasure to a constantly changing idea of how to compromise a system when given the opportunity What you really mean is a certified security historian, and even that depends on how up-to-date you are and on your cognitive abilities Feeling special still? How well can you program? Finally respect a brain that can recite lyrics perfectly, the cognitive abilities are unmatched So long and thanks for all the fish!!!
Re: looking for clue
On Wed, Jul 19, 2006 at 11:33:16AM -0700, Darrin Chandler wrote: On Wed, Jul 19, 2006 at 08:21:01PM +0200, Peter Philipp wrote: Hi I'm looking for clue. Does anyone have any? Given your recent questions, I would suggest further reading on Threat Modeling and specifically Attack Trees. -- Darrin Chandler| Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/ | Dear Darrin, Thanks for your reply. I'll get back to you. -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p There is no such thing as a certified security specialist Security is the countermeasure to a constantly changing idea of how to compromise a system when given the opportunity What you really mean is a certified security historian, and even that depends on how up-to-date you are and on your cognitive abilities Feeling special still? How well can you program? Finally respect a brain that can recite lyrics perfectly, the cognitive abilities are unmatched So long and thanks for all the fish!!!
Do mp3 concatenation programs exist?
Hi misc@, I have a an original setup at home. I crontab logging on and off the Internet on a minutely basis, so that I aquire a new IP every minute. I do this for personal reasons and I like it this way. At the same time I also stream mp3's from a radio station in Toronto. Since my IP changes every minute I have about a minute of streaming before I tcpdrop(8) and cycle pppoe(4). At the end of a day I concatenate the snippets into one large mp3 but at times the concatenation isn't perfect and there is a repeat, or a chop off or a squeak. Because the mp3 snippets have a time-delay buffer and overlap nothing is really lost but I'm looking for better software to concatenate these. Take 4 mp3 files representing 4 minutes as an example: ckln.1152650587 ckln.1152650647 ckln.1152650707 ckln.1152650767 (If you're interested in making this work I can give you the URLs to download these for testing). Here is the script that I now concatenate these with: --- #!/bin/sh # # To do an entire day this script will run 3 hours # FILE=ckln-radio-stream`date +%Y%m%d`.mp3 sleep 61 rm -f /export/ckln/$FILE for i in `find /export/ckln -name ckln.1* -ctime -1 -print`; do dd if=$i of=/export/ckln/$FILE bs=128 count=1 break; done for i in `find /export/ckln -name ckln.1* -ctime -1 -print`; do SIZE=`ls -l $i | awk '{printf(%s\n, int($5 / 614400)); }'` VARIABLE=`mplayer -ao null -nosound -speed 100 -v -v $i | grep len= | awk '{ split($6, a, =); total += a[2]; if (total 15000) { if (! startmessage) { printf(start: %s , total + 128); startmessage++; start = total; }; counton += a[2]; framecount++;} if (counton = multiplier 1) ? 1 : multiplier) * 614400) - 15000 )) { printf(%s bytes %s frames\n, counton - 128, framecount); exit 0; }}' multiplier=$SIZE` SKIP=`echo $VARIABLE | awk '{print $2}'` COUNT=`echo $VARIABLE | awk '{print $3}'` echo $VARIABLE dd if=$i of=$HOME/tmp.$$ skip=$SKIP count=$COUNT bs=1 cat $HOME/tmp.$$ /export/ckln/$FILE rm -f $HOME/tmp.$$ done --- As you can see I run mplayer at speed 100 with full verbose messages so that I can see how large the individual frames are (with padding), with that count I can then dd the stuff out. Obviously it's not perfect. What I'm looking for at best is something that checksums or hashes every mp3 frame (I think they are around 360 bytes each or so) and finds the exact overlap on the next mp3 file. ( I can't imagine the streaming server making a new mp3 for every connection there is, but rather doing it once for all connections so the frames should all be the same value around the overlap and hence checksumming should work to make the exact splice, right?) I've thought about disecting the de-multiplex functions in mplayer to a customized program to do this but before I do, I want to ask if there is something like this out there already saving me time? regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: Do mp3 concatenation programs exist?
On Sat, Jul 15, 2006 at 08:24:04PM +0100, z0mbix wrote: This is just the most idiotic thing I've ever heard. You are creating a whole bunch of unneccessary problems for yourself. I don't operate in a box that's made for me. I go further. Stop the namecalling and reconsider if you don't have a useful answer. -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: Do mp3 concatenation programs exist?
On Sat, Jul 15, 2006 at 10:15:06PM +0200, Tobias Weisserth wrote: This is just the most idiotic thing I've ever heard. You are creating a whole bunch of unneccessary problems for yourself. It's pretty obvious he's trying to hide his true identity because of these mp3 activities on the Internet. If he's that paranoid about his probably illegal activities I don't understand why he talks about them in detail on a public mailing list... :-) Illegal activities? Naw man! I just like moving like a Mack truck. See, I'm already gone! Once I was upset that they didn't give everyone static IP's, and then I thought about the words Vint Cerf said, and I got enlightened. Anonymity rocks when you're taking charge of it. If you linger around for 20 hours a day someone can track you and the dynamic IP is useless. So I'm turning it around, into the intended direction. And I know I'm on the right path. There is a lot of things you see when you push the technology to the limits, like why does pppoe(4) take 6 seconds to authenticate you over Ethernet when you cycle the pppoeX interface? Obviously streamlining can be done to push this down below a second. Somewhere there is a loop too many in the sppp or pppoe code or a timeout too long. Anyhow per day I see around 1440 IP's, I know my connecting netblock.. do you know yours? $ grep new ip for now /var/log/all | awk '{print $NF}' | sort -u | wc -l 17991 $ There's your odds if you want to find me at any minute. And if you scan how do you know that I won't disconnect before the scan reaches me and re- appear to an IP that the scan already passed? Linear portscanning won't work. You may as well send a random packet and hope it comes across my ways. cheers, Tobias So you can't help me with a useful answer either? Sad. -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: Do mp3 concatenation programs exist?
On Sat, Jul 15, 2006 at 11:09:13PM +0200, Timo Schoeler wrote: if there were some more guys like you authenticating every minute, there'd be no chance to get authenticated in a decent amount of time. you'd be offline due do a self caused DDoS, rendering the RADIUS machines (or whatever they might use) into slaves doing dull work :D It's not a DDoS. Computers are almighty today, if they can't be pushed to do their freakin' work they may as well be sniffing your packets all day long right? If RADIUS is too slow, start caching, memory is cheap. There is a lot of solutions and technical solutions around this. And it's this service that people pay for anyhow. You haven't heard of an mp3 concatenate utility either right? greets, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: Do mp3 concatenation programs exist?
On Sat, Jul 15, 2006 at 11:34:33PM +0200, Timo Schoeler wrote: It's not a DDoS. sure it is. Your own customers aren't DDoS'ing you when they try to authenticate. A Distributed Denial of Service by definition is a computer crime with intent to disable your services with malice, which this isn't. Computers are almighty today, :D Dude, back in '97 we ran an ISP on P120's and P166's. Trust me. cut If RADIUS is too slow, start caching, memory is cheap. There is a lot of solutions and technical solutions around this. And it's this service that people pay for anyhow. you pay taxes. so you pay for the firefighters. do you call them every minute to ask what to do in case there'd be really fire? That isn't even comparable. Comparable is going to the bathroom and it has 16000 doors. Instead of taking the same damn door you take another whichever you feel at the time. And yes someone does clean that bathroom, they also can use any door if they feel up to it. this attitude really sucks. you demand people/organizations to buy an IBM p595 just for running RADIUS, instead of letting their good ol' Ultra 2 running the next decade until it falls apart. you're wasting ressources and energy. No, you will see that I am right. You haven't heard of an mp3 concatenate utility either right? no, and i certainly never will :) Then perhaps I'll share when I get a hold of it. get a life, peter. please. there are *real* problems in the world outside... ? Just because my problem doesn't suit you ? Sorry! -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: Do mp3 concatenation programs exist?
On Sat, Jul 15, 2006 at 11:49:34PM +0200, RedShift wrote: Computers aren't almighty. Why the hell am I even replying to you? If you don't want to authenticate, don't use PPPoE then. What you are trying to do is idiotic. This topic is by far the most ridiculous I have ever read. What's the point? What do you expect from us? And you ARE bothering your ISP's authentication servers. Just because they have enough of processing power to serve your requests, doesn't allow to abuse it. Get a life, you computer pervert! I guess I should send them an apology note for hurting the authentication servers feelings? You don't have a clue! -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: Do mp3 concatenation programs exist?
On Sat, Jul 15, 2006 at 04:58:35PM -0500, Eric Pancer wrote: Jesus you're a fucking idiot. I mean, seriously: this thread has got to be one of the more idiotic things I've ever read here. Ok I'm about to fucking blow a fuse! What's your fucking problem! You're a shark! Nasty, bloodthirsty beast! Respect my needs without calling me names or questioning my logic. Here ! http://www.snickers.org/~pjp/find-blow-a-fuse.mp3. Anyway - the truly paranoid connect to different ISPs. Your provider has the source port you're coming from, your MAC address, and prolly the MAC of your DSL router in their CAM tables. You've achieved nothing, lackey. Oh did I say I change my MAC? Since it takes so long for the modem to learn it, I only do this on a daily basis. But I don't expect you to copy my behaviour or anything... -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: Do mp3 concatenation programs exist?
On Sat, Jul 15, 2006 at 04:03:52PM -0700, smith wrote: If I'm going to provide my customers internet access I better keep track of the traffic that my customers' dsl modems generate. This is to protect me from lawsuits and abuse of the services I provide. Hmmm. Looking through the I guess it's illegal nowadays to symlink your logs to /dev/null. logs I notice that all of a sudden my dhcp server is sending out IP leases every minute, why? Or when I look at my graphs, there is a spike in dhcp leases and plateaus for the rest of the day. Hmmm. This one customer with a dsl mac address such and such and/or phone number such and such is the one making all the request for a new leases. I wonder what he's up too? Hmm. Most of his traffic is mp3's. Hmmm. Funny scenario, does not apply to me. :) Just from the fact that you make all those request for new leases makes you stand out. And? The ISP cannot do anything. They can write a new clause to their EULA that re-connecting within X amount of time is excessive and forbidden, and notify the customer on that, so that they may adjust their settings. And I'm sure they'd be pretty bored with POP3 traffic and HTTP, and the occasional ftp to download open source ports. I see no problem. Thanks for the info though. -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: Do mp3 concatenation programs exist?
On Sat, Jul 15, 2006 at 11:21:43PM -0400, Eric Furman wrote: There are no useful answers for idiots. Remember this is the same idiot who started the USB keyboard encryption BS thread. His tinfoil cap is on too tight. -- Eric Furman [EMAIL PROTECTED] Tinfoil is useless for any paranoid reasons. Tinfoil caps only serve well for decorational dress. You too are just jealous. -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: BGP questions
On Fri, Jul 07, 2006 at 07:00:10PM +0200, Peter Philipp wrote: You may even do it cheaper than that with a bit of programming and it doesn't require a purchase of any network gear, however the functionality may not be there in the tun(4) driver. Basically what I'm thinking of is the following: The x.y.z.w/29 and a.b.c.d/29 interfaces have a rdr pf rule that redirects everything inbound into a daemon that runs a tun(4) interface in layer 3 mode, this daemon writes the incoming packets out another tun(4) interface that is in layer 2 mode which is also bridged within a set of ethernet interfaces (192.168.0.0/24) that also have CARP devices on each end. This is where I'm unsure if this is functional, (bridging a layer 2 tun(4) device), anyhow the MAC address that it writes to is the CARP virtual Address (or you could implement rudimentary ARP into the daemon as well) and you should have failover as long as the firewalls themselves don't fail. Required on each firewall is 4 ethernet interfaces and the tun(4) userland daemon. You should see some overhead with this due to copying the packets into userland and then back to kernel via the tun(4) interfaces. Gee I'm feeling really creative today. Let the imagination flow. Uhm. I had some time and because I was working on similar code I created what I conceived in this. Basically tun(2) in link-layer mode are able to be bridged (yay), didn't know it could be done. The code proved it. However the CARP doesn't ARP when it's on another interface so it won't work. I've submitted a bug report regarding this, it is labelled as kernel/5178. Not sure if it's deemed as important to make functional. Anyhow perhaps carp'ing isn't the right solution for this but perhaps ospfd, dunno, I don't have multiple gateways nor enough machines to give that a try so I likely have a misconception about it, like most things. Either way, if you like trying out new things, playing with code here is what I have created. It does almost exactly what I described in the previous mail. And best of all it's under a BSD license. It takes input on the first tun(4) device which has the 192.168.40.0/24 block and spits it out the second tun(4) device with netblock 192.168.41.0/24 which has a configurable (-r) router IP as gateway. Perhaps with a route-to rule it would work as I had imagined. The last argument to this program is the bridge group you want to join (ie. bridge1), you don't have one make one. Regards, -peter /* * Copyright (c) 2002-2006 Peter Philipp * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright *notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright *notice, this list of conditions and the following disclaimer in the *documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products *derived from this software without specific prior written permission * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include sys/param.h #include sys/socket.h #include sys/time.h #include sys/wait.h #include sys/sysctl.h #include sys/ioctl.h #include sys/stat.h #include net/if.h #include net/if_tun.h #include netinet/in.h #include netinet/in_systm.h #include netinet/if_ether.h #include net/if_bridge.h #include net/if_arp.h #include net/ethertypes.h #include netinet/ip.h #include netinet/ip_var.h #include netinet/if_ether.h #include stdio.h #include string.h #include stdlib.h #include unistd.h #include fcntl.h #include errno.h #include signal.h #include time.h #define POINT_A 192.168.40.1 #define POINT_B 192.168.40.2 #define AB_NETMASK 255.255.255.0 #define POINT_C 192.168.41.1 #define POINT_D 192.168.41.2 #define CD_NETMASK 255.255.255.0 #define ROUTER POINT_D #define TUNNEL_P2P 0x1 #define TUNNEL_BROADCAST0x2 char *pointa = POINT_A , *pointb = POINT_B; char *ab_netmask = AB_NETMASK; char *cd_netmask = CD_NETMASK; char *pointc = POINT_C , *pointd = POINT_D; char
Re: News From HiFn
On Wed, Jul 12, 2006 at 09:45:59AM -0500, Travers Buda wrote: Oh noes! Theo made an anti-American comment! Well we need all the anti- bull comments we can get about stupid policy, stupid wars, stupid everything! Infact, Theo has got that original American spirit--freedom from tyrrany, freedom of speech, freedom do do as he pleases. That's what being American is all about, freedom. Freedom has different interpretations. A 1944 Soviet Anthem sung in english does tell that the people are free. I think every system will tell its people that the people are free, what another system thinks of this may not be free to them. I do agree with you the freedoms you mentioned are part of the package of what I call ultimately freedom. There is a few more I'd add but this isn't about me. It's about America and it's past since World War 2. Is America against global tyranny that Hitlers Germany strived for, or did they beat them down just to take their place? And history books for us fools do tell us that Hitlers Tyranny did lose the war right? Right? Unamerican or anti-american then can be interpreted as being anti-tyranny, anti-globalpolice, anti-ultracapitalism, anti-globalterror, anti-military. So I think criticism such as this it can be forgiven if you're a decent human being and american. Wars, wartime policy, domestic surveilance, asinine export laws, (crypto is a munition? pass the spoon!) skewing the system of checks and balances, loading the courts with fundamentalists, etc, is as un- American as you can get. If I live to be 60, it'll be interesting how the world shaped itself since now. regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: News From HiFn
On Wed, Jul 12, 2006 at 09:45:19AM -0600, Bob Beck wrote: On Wed, Jul 12, 2006 at 09:45:59AM -0500, Travers Buda wrote: Oh noes! Theo made an anti-American comment! Well we need all the anti- [ yadda yadda ] (I tried to shut up and not continue this thread but you've sucked me in...) Well I tried to shut up too, but Travers sucked me in, who was sucked in by another guy who was uhm.. 3 weeks late after the thread sorta died? You freaking boneheads :) Just being human y'know!? Read what the hell he said. He said american companies are generally hiding behind non disclosure for everything, while compaies from outside (like taiwan) give developers information. That's just a statement of fact. It's not anti-american. we're talking about companies, not the government or the american people. It's not anti-capitalist. Fer crissake we're talking about TAIWAN - taiwan's attitude toward corporations and what they are allowed to do makes the united states look like a government controlled socialist business enclave. Well there was that statement about cruise missiles too, after the US cut funding to POSSE. Uhm. I thought it was right on. Ian Darwin also had a nice commentary about that. Possibly one can find it through Google (an american company). regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: News From HiFn
On Wed, Jul 12, 2006 at 07:22:26PM +0200, Sigfred H?versen wrote: So I think criticism such as this it can be forgiven if you're a decent human being and american. That pretty much sums up your definition of ultimate freedom, does it not? /Sigfred No it does not. -p -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: News From HiFn
On Wed, Jul 12, 2006 at 08:11:37PM +0200, Sigfred H?versen wrote: No it does not. So disagreements (criticisms, whatever) of US policies can be forgiven if a) you are decent, and b) a human beeing and c) an American. I am sure I missed something in what you mean with ultimate freedom. /Sigfred Did you mean to send this in private mail? I'm going to unsubscribe from this list for a couple of days via the nice interface that lets you do this for a couple of days, so that this can die. Have a nice week. -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: IPv6 kindergarten
On Tue, Jul 11, 2006 at 05:54:34PM +1000, Rod.. Whitworth wrote: Absolute beginner at practical use of IPv6. Reading man pages and tutorials and presentations. Now for a bit of hands-on to make sure I'm not storing inaccurate concepts by misinterpreting something so it won't work in practice. Scenario: 2 hosts on my LAN first one, fox: # ifconfig fxp0 fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:02:b3:8b:d5:08 groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.80.3 netmask 0xff00 broadcast 192.168.80.255 inet6 fe80::202:b3ff:fe8b:d508%fxp0 prefixlen 64 scopeid 0x1 Second one, po: # ifconfig rl0 rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:01:80:0f:66:83 groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.80.117 netmask 0xff00 broadcast 192.168.80.255 inet6 fe80::201:80ff:fe0f:6683%rl0 prefixlen 64 scopeid 0x1 When I try to ping6 from one to the other I see no replies unless I use -I $if when it works fine. Of course when I try to telnet to port 25 to test email sending I see no route to host messages. I would have thought that link-level addresses would have worked but decided to try site-level by adding a line to each in ifconfig simply changing the fe80 to fec0 and then everything works fine. The line appears like this: inet6 fec0::201:80ff:fe0f:6683 prefixlen 64 added to the end of the above. Can someone please point me at documentation that will lead me to know why I can't use link-level addresses like that? I managed to find loads of stuff about IPv6 routers, DNS, tunnelling etc but not much early stage education that I can implement for lab work to get me up to speed. Thanks, Rod/ Last I played with IPv6 was in 1999/2000 possibly. Freenet6 gave me some 6bone blocks, 3ffe:b00:4028::/48 I think. This was sufficient to make everything work. But there is shitloads of reading up on all this stuff. :) Sites like 6bone.net and ipv6.net or something were helpful but what I ended up doing at the time was print out IPv6 RFC's and hang them up like pictures along my apartment walls. I had a studio like apartment back then which was about 6 meters by 10 meters so, the IPv6 RFC actually fit side by side. Since I have little furniture I could now look at this RFC like looking at paintings at an art exhibition. :) Searching specifics was easy as well. I think you'll find the most direct answers in the RFC's and they're free, but they aren't an easy read, IMO (as I'm a fool). Anyhow what you should do is try to get a hold of real IPv6 addresses instead of this link-local address stuff , for which I found some information in RFC 2373, page 11: -- | 10 | | bits|54 bits | 64 bits | +--+-++ |111010| 0 | interface ID | +--+-++ Link-Local addresses are designed to be used for addressing on a single link for purposes such as auto-address configuration, neighbor discovery, or when no routers are present. -- That pretty well sums it up. Anyhow RFC 2928 is interesting in what IPv6 TLA's are out there. 6bone gave up its addresses in June 2006 and the 3ffe:: addresses aren't expected to be used anywhere anymore. Since IPv6 is such immense space perhaps you can bum some 2001::/96 netblocks from someone for play (and you'd still have enough address space to hold the IPv4 Internet. Other than that the Site-Local addresses are sufficient for play I'd assume. Quote RFC 2373, page 12: -- Site-Local addresses have the following format: | 10 | | bits| 38 bits | 16 bits | 64 bits| +--+-+---++ |111011|0| subnet ID | interface ID | +--+-+---++ Site-Local addresses are designed to be used for addressing inside of a site without the need for a global prefix. Routers must not forward any packets with site-local source or destination addresses outside of the site. -- I'd assume reading some KAME IPv6 code in the BSD kernels also helps you find references to RFC's in comments and you'd see how the real-world implementations work. I've been a fan of KAME since attending a talk of Itojun (Hagino?) at FreeBSDCon in 1999. The presentation was interesting to say the least. :) Take care! -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p
Re: IPv6 kindergarten
On Tue, Jul 11, 2006 at 10:22:09AM +0200, Claudio Jeker wrote: inet6 fe80::201:80ff:fe0f:6683%rl0 prefixlen 64 scopeid 0x1 ^^^ Because IPv6 is a broken and designed by a IETF-let's-overengeneer-everything-with-useless-features standart comitee. You know it is not enough to have 128bit address space to identify hosts, no you need an additional information -- the scope -- to make link local addresses useable on systems with more then one interface. I found some explanation to scope in RFC 2373 page 14. Here is a paste: --- scop is a 4-bit multicast scope value used to limit the scope of the multicast group. The values are: 0 reserved 1 node-local scope 2 link-local scope 3 (unassigned) 4 (unassigned) 5 site-local scope 6 (unassigned) 7 (unassigned) 8 organization-local scope 9 (unassigned) A (unassigned) B (unassigned) C (unassigned) --- A scope of 0x1 would be node local and would need to be 0x2 possibly for one to ping another host on the same LAN. So to ping systems via their link local address you need to specify the outgoing interface in the address like this: ping6 fe80::2d0:b7ff:fe4c:3365%em0 Cool isn't it? Ugh :P~~~. :) And by the way I think that site local addresses where killed from the standart some time ago (it caused even more troubles to handle these correctly). So don't start using them. I managed to find loads of stuff about IPv6 routers, DNS, tunnelling etc but not much early stage education that I can implement for lab work to get me up to speed. As you may realize I'm a big fan of IPv6. I'm sure you're not the only one! ;) High regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p There is no such thing as a certified security specialist Security is the countermeasure to a constantly changing idea of how to compromise a system when given the opportunity What you really mean is a certified security historian, and even that depends on how up-to-date you are and on your cognitive abilities Feeling special still? How well can you program? So long and thanks for all the fish!!!
PowerPC G3 Power saving modes
Hi, At this URL (http://active-hardware.com/english/archives/arc0-2001.html) there is talks about a G3 having 3 modes: nap, doze (with bus snoop), and sleep. Are any of these implemented in OpenBSD? Is it worth it to implement them? Anyhow if anyone has links that explain exactly what these modes do that would be great! Or if you know what they do and want to share, let's hear ya! regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
OT: how far are light based logic gates?
How far in development are CPU's that only use light as their input and have a series of optical logic gates to do processing? Alternatively they have electric inputs to power laser emitting diodes. Does something exist yet in the 21st century? I'd imagine it would have incredible power savings in operation and for cooling purposes. regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
USB keyboards / encryption
I know that wireless keyboards have built-in encryption, but do wired keyboards or specifically USB keyboards exist that encrypt the typed input for the USB bus? I suspect something like public key encryption on the keyboard which choses a random key for the key-input and exchanges it securely with the operating system. Does it exist? I'm currently using a macally USB keyboard (for macs) on both my amd64 and macppc (unplugging it / plugging it when I change computers), and it feels great on the hands/fingers but the USB communication isn't encrypted I suspect. The keyboards case is seethrough and I can see the circuits to the keys, as well as the built-in USB hub. Has anyone ever opened one of these and modded the keyboard to change the mapping of the keys? Is easily done? Here is the dmesg of the keyboard: Jun 28 18:40:58 neptune /bsd: uhub3: ALCOR macally Kbd Hub, rev 1.10/1.00, addr 3 Jun 28 18:40:58 neptune /bsd: uhub3: 3 ports with 2 removable, bus powered Jun 28 18:40:58 neptune /bsd: uhidev1 at uhub3 port 1 configuration 1 interface 0 Jun 28 18:40:58 neptune /bsd: uhidev1: ALCOR macally Kbd Hub, rev 1.10/1.00, addr 4, iclass 3/1 Jun 28 18:40:58 neptune /bsd: ukbd0 at uhidev1: 8 modifier keys, 6 key codes Jun 28 18:40:58 neptune /bsd: wskbd1 at ukbd0 mux 1 Jun 28 18:40:58 neptune /bsd: wskbd1: connecting to wsdisplay0 regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: SOCK_RAW description
On Sun, Jul 09, 2006 at 03:32:41PM +0200, Karel Kulhavy wrote: Hello The types SOCK_RAW, which is available only to the superuser, and SOCK_RDM, which is planned, but not yet implemented, are not described here. (man socket) Where is SOCK_RAW described, then? Why is not at least a pointer to the description included in the manpage? Feel free to update the manpage. These features were probably left out because the designers thought it only suits packet monkeys perhaps? $ grep -n SOCK_RAW /usr/include/sys/socket.h 52:#define SOCK_RAW3 /* raw-protocol interface */ $ I would like to port a program for testing free space optics devices from Linux to OpenBSD. It sends raw Ethernet frames, one filled with all 0's and another filled with 01 pattern. It's important to fill as large part of the packet with these patterns as possible because it's for benchmarking the amplifiers. Uhm, SOCK_RAW only allows you to send layer 3 packets. Perhaps you are confusing it with SOCK_PACKET which is linux only afaik and does not exist in BSD. To send layer 2 frames from userland your only option is bpf(4) injects and tun(4) writes when in layer 2 mode. Should I investigate SOCK_RAW or is there a different mechanism under OpenBSD how to send a raw Ethernet frame? Or is it not implemented at all? CL What you should do is read the book Unix Network Programming Volume 1 by the late W. R. Stevens, he describes most Layer 2 api's for what you want to do. Regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: USB keyboards / encryption
On Sun, Jul 09, 2006 at 03:08:19PM +0200, Joachim Schipper wrote: On Sun, Jul 09, 2006 at 02:25:12PM +0200, Peter Philipp wrote: I know that wireless keyboards have built-in encryption, but do wired keyboards or specifically USB keyboards exist that encrypt the typed input for the USB bus? I suspect something like public key encryption on the keyboard which choses a random key for the key-input and exchanges it securely with the operating system. Does it exist? The most sensible implementation of what you want is a laptop + ssh, I suppose. I am not aware of any keyboard of the sort you describe, nor do I see the use of such a thing. Seriously, what are you trying to protect against? Hardware keyloggers? Exactly. Evil external USB Hubs, or other USB hardware that has access to a USB bus. You already know I'm paranoid, but consider when technology allows it *someone* is gonna make something of the sorts, and it's responsiblity of the industry to protect everyone from that. I'm not wrong in this, or am I confusing a wicked world with a wonderland that treats everyone fairly regardless of their political, social, race, sex or religious status? snip regarding macally keyboard It should be possible, but it's not necessarily easy. Again, is there a point? Just map it something exotic in software (kbd(8) might help) if that's what you want, no need to do in hardware what can be done in software. Joachim Well I'm more or less wondering if anyone has ever done it. I'm looking for experiences here. If I rewire my keyboard that's my business (I did buy it after all, it is not partially owned by any government, corporation, or other entity, not even god, it's mine and I shall do with it as I wish) and I suspect rewriting the keyboard mapping in the kernel isn't all that hard. regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
What (stream) ciphers exist in the kernel?
Hi, I'm looking for a stream cipher in the kernel that is fairly secure. Does it exist? Alternatively I'm looking for a block cipher that does CFB (Cipher Feedback Mode). There is a prototype stub for DES CFB in /sys/crypto/des.h but I don't see a des.c file in the 3.9 sources, is it taken out of a userland library? thanks, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: USB keyboards / encryption
On Sun, Jul 09, 2006 at 06:01:43PM +0200, Joachim Schipper wrote: Well I'm more or less wondering if anyone has ever done it. I'm looking for experiences here. If I rewire my keyboard that's my business (I did buy it after all, it is not partially owned by any government, corporation, or other entity, not even god, it's mine and I shall do with it as I wish) and I suspect rewriting the keyboard mapping in the kernel isn't all that hard. This shouldn't be too hard, given suitable electronics (probably something old and very heavy should be favoured if you really want to go ahead) and some coding experience, but what's the point? Someone with a little skill will soon figure out that two characters followed by enter is most likely 'ls'; this quickly leads to discovering what ' ' is, and so on. A simple substitution cipher isn't particularly hard to defeat. Oh yes I don't deny that, however I'm more or less trying to get around easter eggs in USB key loggers that break devices when they detect a certain key sequence, by either being the devices themselves that break, or overloading a device with high current if the monitoring device is a hub. Another thing they could do is try to contact a LAN device on the same USB bus and attempt to send a packet out to an Internet host. Surely later analysis of key logs can reconstruct UNIX commands if they were simply scrambled by rewiring the keyboard, but real-time investigation may not. The suggestion above - laptop+ssh - was not a joke; it would actually do most of what you want, without requiring you to disassemble an - apparently - favoured keyboard with unpredictable results. Yeah, I already use my iBook as console (believe it or not the iBook consumes less power than my 17 LCD monitor which consumes ~150 Watts), but an external keyboard is very comfortable as I can put my feet up without putting the thing on my lap and the keys are spaced wider apart for more comfortable typing. Another bonus is that I know that I'm not wearing out the keys on the iBook, as I've actually lost/broken a few keys before, thanks to a servicing site in Toronto they replaced a control key with an alt/option key though. Only disadvantage having the macally on the iBook is when you want to break into DDB from console you have to use the native iBook keyboard (after entry into ddb surprisingly only the USB keyboard will work... :P) Joachim regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: USB keyboards / encryption
On Sun, Jul 09, 2006 at 09:38:21AM -0700, Darrin Chandler wrote: Well, it's very hard to say that someone isn't trying to bug his keyboard. It might be a valid concern. However, if someone *is* then you have to look at all the other possibilities as well. A small audio bug can be enough to pick up key clicks, and some interesting work has been done in reconstructing input based on inter-key timing. The better typist you are, the better it works. That's one small example. What Would mixing keyboard noises at random into your music / external speaker at random be a useful countermeasure against that? about the many, many others given physical access to the environment? I'm not saying that anyone should forget about securing their computer and environment, just that if you're going to consider a new area to secure, you should think about all the other ways an attacker with such access might glean information. Pretend you're travelling with a zaurus like device and you take an external USB keyboard with you including a USB hub and shitloads of little USB devices that you can then use in the hotel room or hostel common room (I've actually seen a Swede have such a setup at a hostel in Ottawa). If you're in a foreign country and all of a sudden the USB hub blows up. You go out to buy a new one at the nearest computer store and they have bugged equipment you're up shits creek. People with unquestioned need to secure their environment choose to create a physically secure area, rather than try to allow free access and secure individual components from tampering. It's cheaper. It's also more effective since it also prevents the placing of surveillance equipment *without* tampering with legitimate equipment, and prevents tampering with some component you haven't thought about yet. Yeah well, if someone has a key to my apartment they can pet my computers including swap USB devices, and they can do it quite easily, and if it looks the same I probably wouldn't know a diff. It probably doesn't make sence to spy on an open source developer since they likely will release the source for free anyhow, however in the movie antitrust they did. And movies for some reason either shape behaviour or are a reflection of behaviour in the real world. Anyhow finding out that your devices are tampered with or, have spy functionality, or easter eggs, _after the fact_ is too late. Pro-activity to securing this stuff is key. -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: USB keyboards / encryption
On Sun, Jul 09, 2006 at 08:22:10PM +0200, Tobias Ulmer wrote: Encrypting data from the keyboard is also not a real option, because you need a shared secret (or something like hostkeys, how do you know that the usb sniffer can't do MITM attacks?). The keyboard needs to be pretty intelligent to do that. Uhm.. I think I did say public key encryption right? Where exactly is a shared secret needed in this? Rewiring the keys... , you get something like a rot13 encryption, anybody can figure that out. Yeah but it works against devices that are confident that everything has rot26 encryption. And if you can mod your keyboard in 10 minutes for nothing at all, except perhaps a 2 euro plug for the cables, why not? Anyway, the electromagnetic radiation(?) is probably so high that nobody bothers with usb sniffers. I know it was possible to see a good image of a crt in about 25m distance by just amplifying the signal back in '96 (I was interested in building mini-bugs and have a few books about the technology available to this time). Perhaps a keyboard that uses light instead of electrical signals is an overall better solution? Aren't laser emitting diodes fairly cheap today and the price of roughly 4 meters of fibre-optic cable should be acceptable for a keyboard right? Until then, USB keyboards encrypting would be better right? How much are you willing to spend for a secure keyboard anyhow? How much are people spending for wireless keyboards? The only practical solution i can see is using a laptop with good shielding and build a grounded copper case arround it. Make sure that there is no HF going out on any cables, no external devices etc. To meassure that the stuff really works, you may need an oscilloscope... Not everyone likes laptops. I think the best is not to rely on encryption of hardware at all and consider everything 'buged'. The only 'secure' thing is ram and the cpu. Don't have a firewire port in your computer, it allows access to any memory location [2]. That's not a guarantee. But little change by little change will isolate insecurities until a system is secure, right? (didn't somene coin the phrase security is a process?) Tinfoil hat linux [3] is worth a look (There are more interresting links on that page) Still paranoid? ;) [snip] Tobias [1] http://64.233.183.104/search?q=cache:JcI2ggxM8OEJ:www.rootsecure.net/content/downloads/pdf/ssh_timing_attack.pdf [2] http://64.233.183.104/search?q=cache:YZy7R1pb6bUJ:pacsec.jp/psj04/psj04-dornseif-e.ppt [3] http://tinfoilhat.shmoo.com/ regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: What (stream) ciphers exist in the kernel?
On Sun, Jul 09, 2006 at 06:06:35PM +0200, Joachim Schipper wrote: I'm looking for a stream cipher in the kernel that is fairly secure. Does it exist? Alternatively I'm looking for a block cipher that does CFB (Cipher Feedback Mode). There is a prototype stub for DES CFB in /sys/crypto/des.h but I don't see a des.c file in the 3.9 sources, is it taken out of a userland library? The kernel includes quite a bit of crypto, though I'm not sure how to get at all of it - but svnd(4) uses Blowfish, and ipsec(4) uses almost all of the well-known block algorithms. What are you trying to do? Joachim I'm trying to encrypt a stream, per byte (8 bit) instead of per block (usually 8 bytes) in the kernel. CFB and OFB ciphers are ok if they are a block cipher as they pretty well can encrypt per byte according to applied cryptography from schneier. Anyhow I'll take a look at the svnd code, perhaps the author of the device uses CFB or OFB cipher modes as blowfish is a 8 byte block cipher. Oh yeah, I considered a one time pad as an alternative for the purpose, but I cannot do it, as the receiving is not guaranteed to be in sequence which one time pads need to be to effectively change a byte back to cleartext. I also cannot get around that with error correction / checksumming. kind regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: What (stream) ciphers exist in the kernel?
On Sun, Jul 09, 2006 at 02:53:29PM -0500, Matthew R. Dempsky wrote: as they pretty well can encrypt per byte according to applied cryptography from schneier. What about CTR? OpenBSD can do AES-CTR. Oh wow my applied cryptography second edition is getting old. ;) There is no mention of CTR mode in it, I had to look it up online. I think it may work that way. I found the functions for aes_ctr_crypt() et al. in /sys/crypto/xform.c: xform.c:int aes_ctr_setkey(u_int8_t **, u_int8_t *, int); xform.c:void aes_ctr_zerokey(u_int8_t **); xform.c:void aes_ctr_reinit(caddr_t, u_int8_t *); xform.c:void aes_ctr_crypt(caddr_t, u_int8_t *); xform.c:aes_ctr_crypt, As I'm unfamiliar with this function, perhaps someone experienced can explain how this works. I read the code briefly for aes_ctr_crypt() and noticed it does manipulate AESCTR_BLOCKSIZE (16) bytes on the second argument, how do I make it work for just 1 byte streaming, I suppose I must make sure I pass it such many bytes.. are the remaining 15 bytes just padding that I can throw away? I'm talking about this: for (i = 0; i AESCTR_BLOCKSIZE; i++) data[i] ^= keystream[i]; Why is there a AESCTR_BLOCKSIZE? Pardon my ignorance on this cipher, cipher mode and implementation in OpenBSD's kernel. Any provided official stream cipher would beat a simple XOR. regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: USB keyboards / encryption
On Sun, Jul 09, 2006 at 10:23:15PM +0200, Joachim Schipper wrote: Because if it's eventually read by a human, a human that bothered to bug your keyboard in the first place, it can be easily decoded. Of course. That's not my point of doing this though, as I had tried to explain. Just because it seems senseless to do doesn't mean that it hasn't a purpose. When someone smuggles a bugged USB device into somewhere they heighten their odds of getting caught if they have to come back to pick up the data that's been recorded. If they can just go in once and have the device remotely update them, they will prefer that. Even then if the device is inside shielded surroundings a radio signal is not guaranteed to make it out. A vendor in the United Arab Emirates cannot get his hopes up that he'll be able to retrieve a bugged device when it's sold to a foreigner. So that leaves devices that are rather passive like a timebomb that explodes only at a certain altitude is detected or a landmine that detects the mass of a heavy vehicle. And the programming of these devices better rot13 every character typed 25 times in order to find keywords. If they don't, and this is what I'm hoping on, there is a hole and the function of possible easter-eggs has been bypassed (surely after this post someone will change the programming of such things, but my devices bought before are safe). Also the way most corporations work is they only do the basic functionality as needed, if no USB keyboard rot13's their keys they won't see a need to check for such input (again until now). Perhaps a keyboard that uses light instead of electrical signals is an overall better solution? Aren't laser emitting diodes fairly cheap today and the price of roughly 4 meters of fibre-optic cable should be acceptable for a keyboard right? Until then, USB keyboards encrypting would be better right? How much are you willing to spend for a secure keyboard anyhow? How much are people spending for wireless keyboards? Light-conducting cables are apparently harder to tap than electrical, but they certainly can be tapped by one of the big TLAs. Of course. As to secure keyboard prices, I wouldn't bother buying one, even if it was no more expensive than a regular keyboard - none of my hard drives are encrypted, so an encrypted keyboard is nonsense. Oh, your hard drives *are* encrypted, no? Otherwise, this discussion would be quite pointless. Not exactly. If a neighbour has a parabolic antenna pointed at my computers location in hopes that they'll pick up any electro-magnetic radiation that escaped the weak-shielded USB cable, and they can reconstruct the keys typed, then there is point for concern as the security has been breached and it's been breached without physical access. If the USB keyboard did encrypt which is the point of this discussion then they have to throw computing power at cracking the keys first which makes their purpose more expensive. Also I was more concerned about _other_ USB devices being dogged bastards on the USB bus initially. No amount of painting over holes will ever make something secure. (See Internet Explorer for a fine example...) Joachim Perhaps. What exactly do you think OpenBSD has been doing for 10+ years? First it was strcat/strcpy - strlcat/strlcpy, next it was W^X, and after that mmap()'ed malloc() with stackgap to protect the heap. Seems to me it was a process over time, to get us to where we are now. Was it not painting over holes? Nobody re-designed the entire system new. Am I wrong? If anyone can find USB keyboards that do encryption over the USB bus, please share the URL. regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: USB keyboards / encryption
On Sun, Jul 09, 2006 at 10:55:47PM +0200, Tobias Ulmer wrote: Depends on your needs. If want to protect against a casual attacker, it may just be enough, but it's wasted time if some TLA tries to shut down your international muslim terrorist attack planing mailinglist server somewhere in russia good luck ;) Sorry, but I believe that my right to privacy, and right to working USB devices that don't blow up at random because some programmer thought I entered a terrorist word outweighs any hassling TLA. This is a legal issue and should be continued in federal and international courts. I just don't find it cool that a TLA shuts someone down at all. Who'd want to buy these products then? And how stupid do you have to be? Lastly why would a state allow its citizens to buy such products? Oh yeah warranty right? Who's really got time to go back to the store they bought something at just because they entered a suspicious word, or had another suspicious device on the hub? The danger here is that people will be turned off from technology increasing the gap between an elite and regular people. When such a gap widens productivity and evolution suffers. Orwellian societies evolve out of it; but TLA sounds so great doesn't it? It's like bragging about your big brother that beats everyone up. What joy. -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: USB keyboards / encryption
On Mon, Jul 10, 2006 at 12:11:25AM +0200, Joachim Schipper wrote: Did you find an actual consumer-grade USB device that blows up if you enter terrorist words? Al Quaeda is really cool, we're going to bomb those American pigs - well, this one still works. Must be because it's a pre-9/11 keyboard. ;-) Joachim How would I know? Stuff doesn't have to blow up right way but have a timer on it and only blow up 3 reboots later. Do you play chess? -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: BGP questions
On Thu, Jul 06, 2006 at 09:02:47PM -0500, Jacob Yocom-Piatt wrote: (1) i have 2 blocks of 8 static IPs at my disposal, one at home and one at work, So two /29's ? and both connections are 3Mb/512Kb ADSL via PPPoE. the upstream traffic at work is beginning to saturate the connection and i would like to share some of the load with the home connection. would BGP allow me to multihome a site across both connections to split the load? would i need an AS number if this would work? Yup. That's not all. You need at least a /20 (AFAIK) to be able for large backbones to even consider routing your advertisement. But this was heresay years ago, I don't know if it still holds. The investment though is in the thousands of dollars a year though (ARIN fees http://www.arin.net/billing/fee_schedule.html) and you have to justify using that much IP space. (2) are there any particular online docs that are recommended reading for BGP? RFC's, NANOG archives perhaps too what about books? (3) the home gateway machine is a PII-350 w/ 64MB ram. is this too slow for doing what i have asked about in (1)? Dunno. I suspect you won't be able to load a full BGP table. BGP is really a big boys(tm) protocol not sure if 2 ADSL connection classifies you as that. If it did then they would quickly run out of the 16 bit ASN space wouldn't you think? Perhaps considering a protocol like CARP is more what you want? -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: BGP questions
On Fri, Jul 07, 2006 at 10:56:11AM -0500, Jacob Yocom-Piatt wrote: already have available (the 2 ADSL connections + old hw). i think CARPing machines when they're in different public IP blocks won't work, i.e. x.y.z.w/29 and a.b.c.d/29 cannot have a single address CARPed across blocks. do tell if i'm wrong on this one since this would work nicely for the situation i've described. cheers, jake I think you can do it with the following: Get 2 cheap routers that can pass 3Mb/s, no big functionality needed except that they do ethernet (Cisco 2500's? they should be cheap by now..), 2 switches for the etherlink between the two locations (if a direct ethernet link can't be established perhaps use an OpenBSD bridge with ethernet over gif(4)?) and then the existing routers configured with carp. In ascii it would look like so: 0.0.0.0/0 (cloud) | +--++ | | | ADSL 1| ADSL 2 +---+ +---+ | | CARP| | +---+ +---+ | | | 192.168.0.0/24 | +---{ ethernet (gif) }--+ | | | | +---+ +---+ | | Cisco 2500| | Cisco 2500 +---+ +---+ | | | | x.y.z.w/29 a.b.c.d/29 With this setup you can ensure that OUTGOING ip packets make their destination on a redundant setup, provided the ADSL links do not filter egress traffic, which they might (worth checking). For INCOMING traffic to both x.y.z.w/29 and a.b.c.d/29 to work the upstream ISP must have similar failover on their end to re-route traffic into the ADSL 2 router if ADSL 1 link is detected as down. This may be harder to set up, but maybe it is not. If you're wondering why the RFC1918 address within the switch, don't worry about it. Those IP's aren't expected to talk to anything anyhow they just route. @HOME used to do it years ago, and people bitched but they got over it. Just filter any packets with a TTL of 1 and noone will know either way, except that traceroute has a small pause on that hop. regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: BGP questions
On Fri, Jul 07, 2006 at 06:30:06PM +0200, Peter Philipp wrote: I think you can do it with the following: Get 2 cheap routers that can pass 3Mb/s, no big functionality needed except that they do ethernet (Cisco 2500's? they should be cheap by now..), 2 switches for the etherlink between the two locations (if a direct ethernet link can't be established perhaps use an OpenBSD bridge with ethernet over gif(4)?) and then the existing routers configured with carp. In ascii it would look like so: You may even do it cheaper than that with a bit of programming and it doesn't require a purchase of any network gear, however the functionality may not be there in the tun(4) driver. Basically what I'm thinking of is the following: The x.y.z.w/29 and a.b.c.d/29 interfaces have a rdr pf rule that redirects everything inbound into a daemon that runs a tun(4) interface in layer 3 mode, this daemon writes the incoming packets out another tun(4) interface that is in layer 2 mode which is also bridged within a set of ethernet interfaces (192.168.0.0/24) that also have CARP devices on each end. This is where I'm unsure if this is functional, (bridging a layer 2 tun(4) device), anyhow the MAC address that it writes to is the CARP virtual Address (or you could implement rudimentary ARP into the daemon as well) and you should have failover as long as the firewalls themselves don't fail. Required on each firewall is 4 ethernet interfaces and the tun(4) userland daemon. You should see some overhead with this due to copying the packets into userland and then back to kernel via the tun(4) interfaces. Gee I'm feeling really creative today. Let the imagination flow. -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
modified data on freelist
, version 1.0, legacy support usb1 at ohci1: USB revision 1.0 uhub1 at usb1 uhub1: NVIDIA OHCI root hub, rev 1.00/1.00, addr 1 uhub1: 4 ports with 4 removable, self powered ehci0 at pci0 dev 2 function 2 NVIDIA nForce3 250 USB2 rev 0xa2: irq 10 usb2 at ehci0: USB revision 2.0 uhub2 at usb2 uhub2: NVIDIA EHCI root hub, rev 2.00/1.00, addr 1 uhub2: 8 ports with 8 removable, self powered nfe0 at pci0 dev 5 function 0 NVIDIA nForce3 LAN rev 0xa2: irq 11, address 00:XX:XX:XX:XX:XX eephy0 at nfe0 phy 1: Marvell 88E Gigabit PHY, rev. 2 auich0 at pci0 dev 6 function 0 NVIDIA nForce3 250 AC97 rev 0xa1: irq 11, nForce3 AC97 ac97: codec id 0x414c4790 (Avance Logic ALC850) audio0 at auich0 pciide0 at pci0 dev 8 function 0 NVIDIA nForce3 250 IDE rev 0xa2: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility pciide0: channel 0 disabled (no drives) atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: PLEXTOR, DVDR PX-716A, 1.03 SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 4 pciide1 at pci0 dev 9 function 0 NVIDIA nForce3 250 SATA rev 0xa2: DMA pciide1: using irq 10 for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: SAMSUNG HD160JJ wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 pciide2 at pci0 dev 10 function 0 NVIDIA nForce3 250 SATA rev 0xa2: DMA pciide2: using irq 5 for native-PCI interrupt ppb0 at pci0 dev 11 function 0 NVIDIA nForce3 250 AGP rev 0xa2 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon 9550 rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) ATI Radeon 9550 Sec rev 0x00 at pci1 dev 0 function 1 not configured ppb1 at pci0 dev 14 function 0 NVIDIA nForce3 250 PCI-PCI rev 0xa2 pci2 at ppb1 bus 2 wi0 at pci2 dev 6 function 0 Eumitcom WL11000P rev 0x02: irq 3 wi0: Lucent Technologies, WaveLAN/IEEE, Version 01.01 wi0: Firmware 6.06 variant 1, address 00:XX:XX:XX:XX:XX xl0 at pci2 dev 7 function 0 3Com 3c905 100Base-TX rev 0x00: irq 11, address 00:XX:XX:XX:XX:XX nsphy0 at xl0 phy 24: DP83840 10/100 PHY, rev. 1 rl0 at pci2 dev 8 function 0 Realtek 8139 rev 0x10: irq 5, address 00:XX:XX:XX:XX:XX rlphy0 at rl0 phy 0: RTL internal PHY rl1 at pci2 dev 9 function 0 Realtek 8139 rev 0x10: irq 10, address 00:XX:XX:XX:XX:XX rlphy1 at rl1 phy 0: RTL internal PHY ahc0 at pci2 dev 10 function 0 Adaptec AHA-19160B U160 rev 0x02: irq 11 scsibus1 at ahc0: 16 targets sd0 at scsibus1 targ 0 lun 0: SEAGATE, ST39236LW, 0005 SCSI3 0/direct fixed sd0: 8761MB, 14384 cyl, 3 head, 415 sec, 512 bytes/sec, 17942584 sec total VIA VT6306 FireWire rev 0x46 at pci2 dev 12 function 0 not configured re0 at pci2 dev 13 function 0 Realtek 8169 rev 0x10: irq 3, address 00:XX:XX:XX:XX:XX rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 0 pchb1 at pci0 dev 24 function 0 AMD AMD64 HyperTransport rev 0x00 pchb2 at pci0 dev 24 function 1 AMD AMD64 Address Map rev 0x00 pchb3 at pci0 dev 24 function 2 AMD AMD64 DRAM Cfg rev 0x00 pchb4 at pci0 dev 24 function 3 AMD AMD64 Misc Cfg rev 0x00 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 lm0 at isa0 port 0x290/8: W83627THF fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec uhidev0 at uhub0 port 1 configuration 1 interface 0 uhidev0: Logitech USB-PS/2 Optical Mouse, rev 2.00/20.00, addr 2, iclass 3/1 ums0 at uhidev0: 3 buttons and Z dir. wsmouse0 at ums0 mux 0 dkcsum: wd0 matches BIOS drive 0x81 ahc0: target 0 using 16bit transfers ahc0: target 0 synchronous at 20.0MHz, offset = 0x1f dkcsum: sd0 matches BIOS drive 0x80 root on sd0a rootdev=0x400 rrootdev=0xd00 rawdev=0xd02 pppoe0: phase establish regards, -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: modified data on freelist
On Thu, Jul 06, 2006 at 11:04:02AM +0200, Peter Philipp wrote: tcpresets a connection and then brings the pppoe0 interface down and back up it's either in tcpreset(8) or in pppoe(4) that causes this. I'm going to send Oops I meant tcpdrop(8) of course. (tcpreset was a script of mine once that did the exact same thing except modify the kernel). regards, -peter
Re: Kernel pppoe (and the german ISP Hansenet)
On Thu, Jul 06, 2006 at 11:02:32AM +0200, [EMAIL PROTECTED] wrote: pppoedev xl1 !/sbin/ifconfig xl1 up !/usr/sbin/spppcontrol \$if myauthproto=pap myauthname=MYTEL \ myauthkey=MYPASS !/sbin/ifconfig \$if inet 0.0.0.0 0.0.0.1 netmask 0x !/sbin/route add default 0.0.0.1 up .. Kind regards, Sebastian if you ifconfig pppoe0 you should see an IP address like this: pppoe0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1492 dev: rl1 state: session sid: 0x1cdf PADI retries: 1 PADR retries: 0 time: 00:01:56 groups: pppoe egress inet 89.48.16.171 -- 0.0.0.1 netmask 0x inet6 fe80::211:9ff:fecb:9532%pppoe0 - prefixlen 64 scopeid 0xb in my case the IP for the moment was 89.48.16.171. After that make sure net.inet.ip.forwarding is 1, and enable pf(4) NAT if you have private IP's. Do read the pppoe(4) manpage (man 4 pppoe) and make sure you consider the scrub mss stuff. You may want to enable that. If you've been given a bunch of static IP's make sure the ISP even routes them to you, you can debug this with tcpdump and another connection and ping. Oh yeah, you fail to mention your OpenBSD version, I think in 3.9-current they got rid of spppcontrol. Might wanna check. regards, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: Kernel pppoe (and the german ISP Hansenet)
On Thu, Jul 06, 2006 at 12:52:23PM +0200, [EMAIL PROTECTED] wrote: I wont blame the developers because they offen said the userland pppoe has a lot overhead but that`s simply a bad joke. :-( Userland pppoe copies the pppoe session frame from kernel to userland via bpf(4) into the pppoe(8) program which then writes it back to the kernel (into a pipe) and back to the ppp(1) program and then back into the kernel via the tun(4) interface, it will then be recv(2)'ed from the proper program that has a session/connection. So you're bouncing around from kernel to userland back to kernel back to userland back to kernel back to userland for receiving just one frame of data. *ponder* I'm not sure if a context switch can be saved in this execution path if between pppoe(8) and ppp(1) a shared memory segment exists, and packets are copied that way. It could speed things up perhaps. With kernel pppoe(4) the pppoe session frame enters the kernel and gets recv(2)'ed from userland. A lot less switching back and forth from userland to kernel. But I hope the kernel-pppoe will provide me nearly the same bandwith like the Windows-pppoe-Tool. :-) So if you4ve a DSL-connection wich is maybe faster then 4Mbit.. use the kernel pppoe (even I don4t know how good it performs). :) Good luck, -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: ddb question
On Thu, Jul 06, 2006 at 03:06:46PM +0200, Miod Vallat wrote: Kernel crash dumps are silently disabled if swap encryption is used. You need to disable it (e.g. by uncommenting the relevant line in /etc/sysctl.conf). Miod Hmm that's odd. I wonder why that is. I've done boot dump's before in DDB and swapencrypt was enabled and it worked then. -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
hexdump observation
I just tested running hexdump -x on two different systems. One system is a macppc and the other and amd64. On the same file the order (endian) of the hexpairs are swapped. Is this supposed to be like that? If there was an effort to make hexdump -x endian safe, which order should it prefer (little or big)? And if it shouldn't be changed is there a chance for an extra flag that would make it endian-safe? -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: DDOS attack
On Tue, Jul 04, 2006 at 08:08:39PM +0700, sonjaya wrote: Dear all How to blok ddos/Flooding/ssh brute attack with pf . -sonjaya- I usually bind sshd on another port. The scripted ssh brute forcing stops. The logs are happy. -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: Encrypting files
On Sun, Jul 02, 2006 at 02:56:03PM -0400, Nick Guenther wrote: I have some questions though: How can you make a keylogger on UNIX? I thought that UNIX segmented it's memory spaces, unlike Windows which has the problem of a global key trampoline (I'm sorry, I read this somewhere once and do not remember exactly what it was called). I suppose if you replaced the kernel than you could do this but I don't think that's what was meant. I think this was meant. man wskbd tells a little about the keyboard and the routines for this are in /sys/dev/wscons I think. Because you have the source, can recompile and the code is written with KISS in mind you'll be able to patch something up. However if you do you should check your morals, they come back to haunt you if you abuse them. Running a default kernel compiled by deraadt directly from the CD-ROM should ensure that no keylogger of any sort is installed in the kernel. There really isn't much reason to compile your own kernel unless you add your own stuff or want to change something. -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: Encrypting files
On Sun, Jul 02, 2006 at 10:25:35PM +0200, Joachim Schipper wrote: Well, provided the BIOS (or equivalent) cannot be flashed from the kernel, yes. Of course, worrying about this requires raging paranoia. But from a Paranoia isn't necessarily a bad thing. It motivates people to seek true or possible points of compromise in a system. Motivation is the key in productivity and security. -peter
Re: News From HiFn
On Sat, Jul 01, 2006 at 04:00:03AM -0700, Clint Pachl wrote: Don't; just drop it and act like a man. No, Theo needs an apology because his feelings are hurt. Holy shit, you sound like my sister and her bitch friends. What exactly do men act like? It seems you don't know, you only report what your sister acts like. The comments made by Theo over the years have been very childish and ignorant. I can't believe anybody would give him anything. He's just like the prissy little baby you see who crys, bitches, and moans until her mommy gives her her way. Then, she still acts like she deserves more. That's not an opinion, that's fact. Just read any of his posts where issues get a little heated. I heard he bitches because he's right most of the time and people realise this. So why are you bitching? Happy Canada day; Bon fete Canada! -peter Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: News From HiFn
On Sat, Jul 01, 2006 at 02:10:05PM -0500, Tony Abernethy wrote: Peter Philipp wrote: [snip] I heard he bitches because he's right most of the time and people realise this. Actually 90+ percentile. (Particularly when he ought to be only 50+ percentile) With close to 20,000 commits in nearly 4000 days and averaging nearly 5 commits per day, a 90+ percentile in bitching is allowed. Statistics gathered from the following fine data gathering place: URL: http://www.oxide.org/cvs/deraadt.html (someone oughta make OpenBSD committer trading cards, would be fun for the younglings I bet ;) -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
Re: Encrypting files
On Sun, Jul 02, 2006 at 02:14:59AM +0200, Rico Secada wrote: Hi I have been thinking about encrypting some private files on my laptop, in case it gets stolen. I have no prior experience in this field. I have been thinking about using mcrypt with blowfish, but is this a good way to go about? Are there a better alternative? And is blowfish the best way to encrypt it? Please bear with me if these questions are ignorent. Best regards, Rico I use openssl if I have to encrypt a file, it's fairly portable across systems. $ echo supersecretcontent file $ openssl enc -bf-cbc -in file -out file.X enter bf-cbc encryption password: Verifying - enter bf-cbc encryption password: $ hexdump -C file.X 53 61 6c 74 65 64 5f 5f 48 bf cb c8 f0 42 b0 35 |Salted__H?KHpB05| 0010 ba 2a 39 32 e6 63 92 a4 52 78 b1 f8 ce 09 ac 6e |:*92fc.$Rx1xN.,n| 0020 d0 e7 6a e6 26 0d 48 b0 |Pgjf.H0| 0028 $ # this is important afterwards $ rm -P file $ -peter -- Here my ticker tape .signature My name is Peter Philipp lynx -dump http://en.wikipedia.org/w/index.php?title=Pufferfisholdid=20768394; | sed -n 131,136p So long and thanks for all the fish!!!
odd kernel messages, whats it mean?
Hi, Data modified on freelist: word 0 of object 0x81d9dc00 size 0x40 previous type ??? (invalid addr 0x21004e00770d0011) Data modified on freelist: word 0 of object 0x81d9dc00 size 0x40 previous type ??? (0x547bec00 != 0xdeadbeef) The messages come from /sys/kern/kern_malloc.c, function malloc(), line 258, Here the /var/run/dmesg.boot (edit of MAC addresses): OpenBSD 3.9 (GENERIC) #462: Thu Mar 2 03:52:16 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 1073278976 (1048124K) avail mem = 908550144 (887256K) using 22937 buffers containing 107536384 bytes (105016K) of memory mainbus0 (root) cpu0 at mainbus0: (uniprocessor) cpu0: AMD Athlon(tm) 64 Processor 3500+, 2210.34 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,NXE,MMXX,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative pci0 at mainbus0 bus 0: configuration mode 1 pchb0 at pci0 dev 0 function 0 NVIDIA nForce3 250 PCI Host rev 0xa1 pcib0 at pci0 dev 1 function 0 NVIDIA nForce3 250 ISA rev 0xa2 nviic0 at pci0 dev 1 function 1 NVIDIA nForce3 250 SMBus rev 0xa1 iic0 at nviic0 iic1 at nviic0 unknown at iic1 addr 0x2f not configured ohci0 at pci0 dev 2 function 0 NVIDIA nForce3 250 USB rev 0xa1: irq 10, version 1.0, legacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: NVIDIA OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 4 ports with 4 removable, self powered ohci1 at pci0 dev 2 function 1 NVIDIA nForce3 250 USB rev 0xa1: irq 10, version 1.0, legacy support usb1 at ohci1: USB revision 1.0 uhub1 at usb1 uhub1: NVIDIA OHCI root hub, rev 1.00/1.00, addr 1 uhub1: 4 ports with 4 removable, self powered ehci0 at pci0 dev 2 function 2 NVIDIA nForce3 250 USB2 rev 0xa2: irq 10 usb2 at ehci0: USB revision 2.0 uhub2 at usb2 uhub2: NVIDIA EHCI root hub, rev 2.00/1.00, addr 1 uhub2: 8 ports with 8 removable, self powered nfe0 at pci0 dev 5 function 0 NVIDIA nForce3 LAN rev 0xa2: irq 11, address XX:XX:XX:XX:XX:XX eephy0 at nfe0 phy 1: Marvell 88E Gigabit PHY, rev. 2 auich0 at pci0 dev 6 function 0 NVIDIA nForce3 250 AC97 rev 0xa1: irq 11, nForce3 AC97 ac97: codec id 0x414c4790 (Avance Logic ALC850) audio0 at auich0 pciide0 at pci0 dev 8 function 0 NVIDIA nForce3 250 IDE rev 0xa2: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility pciide0: channel 0 disabled (no drives) atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: PLEXTOR, DVDR PX-716A, 1.03 SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 4 pciide1 at pci0 dev 9 function 0 NVIDIA nForce3 250 SATA rev 0xa2: DMA pciide1: using irq 10 for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: SAMSUNG HD160JJ wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 pciide2 at pci0 dev 10 function 0 NVIDIA nForce3 250 SATA rev 0xa2: DMA pciide2: using irq 5 for native-PCI interrupt ppb0 at pci0 dev 11 function 0 NVIDIA nForce3 250 AGP rev 0xa2 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon 9550 rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) ATI Radeon 9550 Sec rev 0x00 at pci1 dev 0 function 1 not configured ppb1 at pci0 dev 14 function 0 NVIDIA nForce3 250 PCI-PCI rev 0xa2 pci2 at ppb1 bus 2 wi0 at pci2 dev 6 function 0 Eumitcom WL11000P rev 0x02: irq 3 wi0: Lucent Technologies, WaveLAN/IEEE, Version 01.01 wi0: Firmware 6.06 variant 1, address XX:XX:XX:XX:XX:XX xl0 at pci2 dev 7 function 0 3Com 3c905 100Base-TX rev 0x00: irq 11, address XX:XX:XX:XX:XX:XX nsphy0 at xl0 phy 24: DP83840 10/100 PHY, rev. 1 rl0 at pci2 dev 8 function 0 Realtek 8139 rev 0x10: irq 5, address XX:XX:XX:XX:XX:XX rlphy0 at rl0 phy 0: RTL internal PHY rl1 at pci2 dev 9 function 0 Realtek 8139 rev 0x10: irq 10, address XX:XX:XX:XX:XX:XX rlphy1 at rl1 phy 0: RTL internal PHY ahc0 at pci2 dev 10 function 0 Adaptec AHA-19160B U160 rev 0x02: irq 11 scsibus1 at ahc0: 16 targets sd0 at scsibus1 targ 0 lun 0: SEAGATE, ST39236LW, 0005 SCSI3 0/direct fixed sd0: 8761MB, 14384 cyl, 3 head, 415 sec, 512 bytes/sec, 17942584 sec total VIA VT6306 FireWire rev 0x46 at pci2 dev 12 function 0 not configured re0 at pci2 dev 13 function 0 Realtek 8169 rev 0x10: irq 3, address XX:XX:XX:XX:XX:XX rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 0 pchb1 at pci0 dev 24 function 0 AMD AMD64 HyperTransport rev 0x00 pchb2 at pci0 dev 24 function 1 AMD AMD64 Address Map rev 0x00 pchb3 at pci0 dev 24 function 2 AMD AMD64 DRAM Cfg rev 0x00 pchb4 at pci0 dev 24 function 3 AMD AMD64 Misc Cfg rev 0x00 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
DHCP question
Hi, I'm wondering whether it's possible to have dhcpd give out addresses more randomly and changing the addresses more for hosts that renew their lease. I don't understand DHCP too well but I'm trying to make sense of the RFC. Is it not wanted that hosts on DHCP enjoy a random IP? Or is use of DHCP mainly for making configuration of hosts easier in a large network? In my setup here at home the router changes addresses frequently (this has many benefits, such as deterring people from using static ip's on the wifi) however I'd like the DHCP clients to enjoy a rather ever changing address as well, I've set the leases to 10 seconds or so but the other host seems to not want to move away from the IP it was given. I was hoping it would pick an IP out of the range option in dhcpd.conf. Thanks for feedback, -peter
Re: sendmail question
On Wed, Jun 21, 2006 at 06:39:28PM -0400, Hugo Villeneuve wrote: Here is what I stuck in my sendmail .mc file: define(`confMESSAGEID_HEADER', `[EMAIL PROTECTED]')dnl Put that in submit.mc and recreate submit.cf. Sendmail doesn't allow the rewriting of message-id, that rule is used when one needs to be created. Thanks! That worked like a charm. -peter
sendmail question
Hi, I'm trying to modify my outgoing Message-Id, with my mailer MUA (mutt) I can configure this. However when I try to use mail(1) it does not update the Message-Id, I read a bit in the source and it doesn't seem to be set in mail(1), and a ktrace shows that it pipes everything to sendmail directly. Here is what I stuck in my sendmail .mc file: define(`confMESSAGEID_HEADER', `[EMAIL PROTECTED]')dnl That's how I'd like it to look here is how it looks in the H config in the .cf file: H?M?Resent-Message-Id: [EMAIL PROTECTED] H?M?Message-Id: [EMAIL PROTECTED] I read up what the ?M? means.. it means that if the flags M are set, Mlocal, P=/usr/local/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, Mprog, P=/bin/sh, F=lsDFMoqeu9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/, Msmtp, P=[IPC], F=mDFMuX, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, Mesmtp, P=[IPC], F=mDFMuXa, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, Msmtp8, P=[IPC], F=mDFMuX8, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, Mdsmtp, P=[IPC], F=mDFMuXa%, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, Mrelay, P=[IPC], F=mDFMuXa8, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=2040, ... and so they are. But it still doesn't overwrite the Message-Id: to how I want it. What am I missing? Thanks for any useful replies, -peter
/etc/resolv.conf.tail
Hi, This is not really worth the bug report; I'm thinking a template file of /etc/resolv.conf.tail in the default system would be a great thing. This file is used by the dhclient script, here is a sample: # /etc/resolv.conf.tail is appended to /etc/resolv.conf by dhclient script. # A sample entry would look like this... lookup file bind --- This file is appended to /etc/resolv.conf which is built by the dhclient program when it receives nameserver information from the DHCP server. I believe it's better that hosts like localhost are forced to look into /etc/hosts than use DNS, don't you? Cheers, -peter
Pulled out an old song..
Hi all, I was just going through my OpenBSD cd's and came across the first cd with a song... Interestingly enough I didn't find an mp3 with it as combined with newer releases. Anyhow can anyone confirm this rmd160 checksum after the song is cdparanoia'd? # rmd160 track02.cdda.wav RMD160 (track02.cdda.wav) = 1053805b53962e22028768516285da1cba5e4454 Thanks OpenBSD; keep up the great work! -peter
Wondering about security...
Hi, I had this USB stick called CHEER, see message ID Message-ID: [EMAIL PROTECTED] here is a clip from messages showing the ID, May 11 16:05:41 neptune /bsd: umass0: CHEER USB_DISK, rev 2.00/2.00, addr 2 May 11 16:05:41 neptune /bsd: sd1 at scsibus2 targ 1 lun 0: CHEER, USB_DISK, 1.00 SCSI2 0/direct removable bash-3.1$ grep sd1 /var/log/all | more May 11 16:05:41 neptune /bsd: sd1 at scsibus2 targ 1 lun 0: CHEER, USB_DISK, 1. 00 SCSI2 0/direct removable May 11 16:05:41 neptune /bsd: sd1: 1010MB, 1010 cyl, 64 head, 32 sec, 512 bytes/ sec, 2069760 sec total May 11 16:06:12 neptune /bsd: sd1 detached May 26 15:12:31 neptune /bsd: sd1 at scsibus2 targ 1 lun 0: SKYMEDI, USB Drive, 1.0 SCSI2 0/direct removable May 26 15:12:31 neptune /bsd: sd1(umass0:1:0): only the first 4,294,967,295 sect ors will be used. May 26 15:12:31 neptune /bsd: sd1: 2097151MB, 2097151 cyl, 64 head, 32 sec, 512 bytes/sec, 4294967295 sec total May 26 15:12:44 neptune /bsd: sd1 detached Anyhow... yesterday was a holiday here in germany. And I left my apartment with the iBook turned off. Someone musta done an exchange of my USB stick drive while I was out. Surprisingly it booted OpenBSD like usual and I did not notice a change until it blew up today and wiped itself. When I plugged it into my host neptune I noticed the different USB Id... The USB drive looks exactly the same coincidentally. So... To get to the point. What are some recommendations by OpenBSD users for physical security, other than run and don't look back (kidding, heh), As a hind thought, how possible is it for a device to blow up and change its own ID but then still being detected by the USB protocol? Kind regards, -peter
Re: What does that drive access every 3 seconds?
On Mon, May 15, 2006 at 06:27:32PM -0400, Nick Guenther wrote: On the thumbdrives I've used a rapid flashing means disk-IO and a steady slow flashy just means ready. It's probably just telling you it's ready. -Nick Yeah, would be nice if they documented this in the documentation. That's what it seems to be however since the flash drive seems to flash like this even in open firmware with no kernel loaded. Thanks for all your help misc@, -peter
Re: What does that drive access every 3 seconds?
On Mon, May 15, 2006 at 10:21:26PM +0200, RedShift wrote: Can you show us the output of lsof? I hope fstat will do. I already did this once privately to someone who didn't find anything or didn't care to reply yet. Here goes... USER CMD PID FD MOUNTINUM MODE R/WDV|SZ user ksh13565 wd / 41218 drwxr-xr-x r 512 user ksh135650 pipe 0x19791f8 state: user ksh135651 / 83241 crw--w--w- rwttyp2 user ksh135652 / 83241 crw--w--w- rwttyp2 user ksh13565 10 / 83730 crw-rw-rw- rw tty user ksh13565 11 / 83241 crw--w--w- rwttyp2 user fstat 13886 wd / 41218 drwxr-xr-x r 512 user fstat 138860 / 83241 crw--w--w- rwttyp2 user fstat 138861 pipe 0x19791f8 state: user fstat 138862 / 83241 crw--w--w- rwttyp2 user fstat 138863 / 83731 crw-r- r mem user fstat 138864 / 83732 crw-r- r kmem user fstat 138865 / 83739 crw-r- r drum user fstat 138866 / 83834 -rw-r--r-- r 630784 user fstat 138867 / 62314 -rw-r--r-- r40960 user fstat 138868 / 84712 -rw-r--r-- r49152 user ksh21073 wd / 41218 drwxr-xr-x r 512 user ksh210731 / 83241 crw--w--w- rwttyp2 user ksh210732 / 83241 crw--w--w- rwttyp2 user ksh21073 10 / 83730 crw-rw-rw- rw tty user ksh21073 11 / 83241 crw--w--w- rwttyp2 root cu 13076 wd / 41218 drwxr-xr-x r 512 root cu 130760 / 83237 crw--w--w- rwttyp0 root cu 130761 / 83237 crw--w--w- rwttyp0 root cu 130762 / 83237 crw--w--w- rwttyp0 root cu 130763 / 83398 crw-rw rwcuaU0 root cu 130764 / 103504 -rw-r--r-- w 3056 root cu 130765 pipe 0x1979168 state: root cu 130766 pipe 0x1979168 state: root cu 130767 pipe 0x19790d8 state: root cu 130768 pipe 0x19790d8 state: root cu 16202 wd / 41218 drwxr-xr-x r 512 root cu 162020 / 83237 crw--w--w- rwttyp0 root cu 162021 / 83237 crw--w--w- rwttyp0 root cu 162022 / 83237 crw--w--w- rwttyp0 root cu 162023 / 83398 crw-rw rwcuaU0 root cu 162024 / 103504 -rw-r--r-- w 3056 root cu 162025 pipe 0x1979168 state: root cu 162026 pipe 0x1979168 state: root cu 162027 pipe 0x19790d8 state: root cu 162028 pipe 0x19790d8 state: user ksh 3432 wd / 41218 drwxr-xr-x r 512 user ksh 34320 / 83237 crw--w--w- rwttyp0 user ksh 34321 / 83237 crw--w--w- rwttyp0 user ksh 34322 / 83237 crw--w--w- rwttyp0 user ksh 3432 10 / 83730 crw-rw-rw- rw tty user screen 7358 wd / 41218 drwxr-xr-x r 512 user screen 73580 / 83733 crw-rw-rw- r null user screen 73581 / 83733 crw-rw-rw- w null user screen 73582 / 83733 crw-rw-rw- w null user screen 73583 / 83382 crw--- rwttyC0 user screen 73584 /tmp5 prwx-- r0 user screen 73585 / 62204 -rw-r--r-- r22248 user screen 73587 / 83238 crw-rw-rw- rwptyp0 user screen 73589 / 83242 crw-rw-rw- rwptyp2 user screen 13544 wd / 41218 drwxr-xr-x r 512 user screen 135440 / 83382 crw--- rwttyC0 user screen 135441 / 83382 crw--- rwttyC0 user screen 135442 / 83382 crw--- rwttyC0 user ksh25045 wd / 41218 drwxr-xr-x r 512 user ksh250450 / 83382 crw--- rwttyC0 user ksh250451 / 83382 crw--- rwttyC0 user ksh250452 / 83382 crw--- rwttyC0 user ksh25045 10 / 83730 crw-rw-rw- rw tty root apmd 656 wd / 2 drwxr-xr-x r 512 root apmd 6560 / 83733 crw-rw-rw- rw null root apmd 656
What does that drive access every 3 seconds?
Hi, I have an ibook that has a broken ata controller and thus I boot and run the OS off an USB stick. It ran fine for months on a 512 MB stick until 3.9 which increased the size (I think of the libraries) of OpenBSD, I switched to a 1 gig stick which surprisingly came down in cost the last little while. I've configured the system to use disk as little as possible, it uses a small MFS for /tmp, processes like cron are disabled, syslogd writes to its memory ringbuffers, filesystems when possible are noatime. However on the led on the USB stick I notice a disk operation every 3 seconds or so. I ktraced every process and found that none is writing or reading, so it must come from the kernel. What operation in the kernel causes reads / writes like this? I originally thought update does this but I'm sorta skeptical since there is nothing to write/sync to the filesystem.. Here is some data if it helps any.. $ df -h Filesystem SizeUsed Avail Capacity Mounted on /dev/sd0a 815M515M259M67%/ mfs:21581 15.7M6.0K 14.9M 0%/tmp $ mount /dev/sd0a on / type ffs (local, noatime) mfs:21581 on /tmp type mfs (asynchronous, local, nodev, nosuid, size=32768 512-blocks) $ ps ax PID TT STAT TIME COMMAND 1 ?? Is 0:00.01 /sbin/init 21581 ?? Is 0:00.02 /sbin/mount_mfs -o rw -s 32768 -o nodev -o nosuid /dev/sd0 2635 ?? Is 0:00.01 dhclient: gem0 (dhclient) 6060 ?? Is 0:00.01 syslogd: [priv] (syslogd) 25663 ?? I 0:00.23 syslogd -a /var/empty/dev/log -s /var/run/syslogd.sock -a 193 ?? Is 0:00.01 /usr/sbin/apmd 11319 ?? Is 0:13.87 SCREEN (screen) 6351 p0 Is 0:00.08 /bin/ksh 29520 p0 I+ 0:00.06 /usr/bin/cu -l /dev/cuaU0 -s 9600 25830 p0 I+ 0:01.30 /usr/bin/cu -l /dev/cuaU0 -s 9600 3676 p1 Is 0:00.07 /bin/ksh 4394 p1 R+ 0:00.01 ps -ax 11940 C0- I 0:00.00 dhclient: gem0 [priv] (dhclient) 12415 C0 Is 0:01.10 -ksh (ksh) 24495 C0 I+ 0:00.03 screen $ [ using 338996 bytes of bsd ELF symbol table ] console out [ATY,RageM3p29s]console in [keyboard] ADB found : memaddr 9400 size 400, : consaddr 96008000, : ioaddr 9002, size 2: memtag 8000, iotag 8000: width 1024 linebytes 1024 height 768 depth 8 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2006 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 3.9 (GENERIC) #853: Tue Feb 28 22:42:40 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC real mem = 134217728 (131072K) avail mem = 110862336 (108264K) using 1254 buffers containing 6709248 bytes (6552K) of memory mainbus0 (root): model PowerBook4,1 cpu0 at mainbus0: 750 (Revision 0x2214): 499 MHz: 256KB backside cache memc0 at mainbus0: uni-n ki2c0 at memc0 offset 0xf8001000 iic0 at ki2c0 mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 11 function 0 Apple Pangea AGP rev 0x00 vgafb0 at pci0 dev 16 function 0 ATI Mobility M3 rev 0x02, mmio wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation) mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x0 pci1 at mpcpcibr1 bus 0 pchb1 at pci1 dev 11 function 0 Apple Pangea rev 0x00 macobio0 at pci1 dev 23 function 0 Apple Pangea Macio rev 0x00 openpic0 at macobio0 offset 0x4: version 0x4614 macgpio0 at macobio0 offset 0x50 macgpio1 at macgpio0 irq 47 programmer-switch at macgpio0 not configured firewire-linkon at macgpio0 not configured gpio1 at macgpio0 not configured gpio9 at macgpio0 not configured extint-gpio4 at macgpio0 not configured extint-gpio12 at macgpio0 not configured escc-legacy at macobio0 offset 0x12000 not configured zsc0 at macobio0 offset 0x13000: irq 22,23 zstty0 at zsc0 channel 0 zstty1 at zsc0 channel 1 tumbler0 at macobio0 offset 0x1: irq 30,1,2 timer at macobio0 offset 0x15000 not configured adb0 at macobio0 offset 0x16000 irq 25: via-pmu, 3 targets akbd0 at adb0 addr 2: PowerBook G4 keyboard (Inverted T) wskbd0 at akbd0: console keyboard, using wsdisplay0 ams0 at adb0 addr 3: EMP trackpad tpad 2-button, 400 dpi wsmouse0 at ams0 mux 0 abtn0 at adb0 addr 7: brightness/volume/eject buttons apm0 at adb0: battery flags 0x5, 100% charged battery at macobio0 offset 0x0 not configured backlight at macobio0 offset 0xf300 not configured ki2c1 at macobio0 offset 0x18000 iic1 at ki2c1 wdc0 at macobio0 offset 0x1f000 irq 19: DMA wd0 at wdc0 channel 0 drive 0: IBM-IC25N015ATDA04-0 wd0: 16-sector PIO, LBA, 14403MB, 29498112 sectors wd0(wdc0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 4 audio0 at tumbler0 ohci0 at pci1 dev 24 function 0 Apple Pangea USB rev 0x00: irq 27, version 1.0 usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: Apple OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered ohci1 at pci1 dev 25 function 0 Apple Pangea USB rev 0x00: irq 28, version 1.0 usb1 at ohci1: USB revision 1.0 uhub1
much props to the green developers!
Hi, For the past few days I've been running 3.9-current which have the AMD64 cool-n-quiet patches. I'm very delighted by this! Thank you so much. My power consumption is down by 0.5 KW/h per day on average gathered and averaged in the last 6 days, compared to a power consumption average of 3.5 KW/h per day gathered over 188 days. Since lately I've been working well into the night, so daylight savings doesn't really affect the power savings and I'm also running more computers and longer than usual (I mostly turned my computer off at night, and now at times it's 24 hours). I'm very pleased with this Green patch. Much props to the people who made the code work! -peter
Re: much props to the green developers!
On Sun, May 14, 2006 at 02:04:17PM +0200, Peter Philipp wrote: cool-n-quiet patches. I'm very delighted by this! Thank you so much. My power consumption is down by 0.5 KW/h per day on average gathered and averaged in the last 6 days, compared to a power consumption average of Oh.. uhm.. I forget to calculate the fact that I didn't use my electric stove once or twice last week, that makes up a large chunk of these savings nontheless I'm sure cool'n'quiet is going to save me a few euros on my power bill! :P -peter
Re: laptops needed
On Fri, May 12, 2006 at 09:25:11PM +1000, John Kintaro Tate wrote: Who wants to code when you've got island life outside? Palm trees, fishing, swimming, bikinis, seafood, etc. I think drinking beer under a palm tree beats drinking beer at a keyboard any day. Also, maybe from Theo's perspective, I've heard tell that it can get pretty cold in Canada. I live in Australia, there are beautiful national parks and great weather outside, but im not going anywhere unless the girlfriend asks. Came across this recently, http://en.wikipedia.org/wiki/Lucky_Country interesting is this excerpt: Horne's statement was actually made ironically, as an indictment of 1960s Australia. His intent was to comment that, while other nations developed based on clever means such as technology and other innovations, Australia did not. [1] ... I keep wondering how Australia keeps pace with its relatively low population in a world where a country like China floods the world with electronics equipment. How does Australia keep its sovereignty? Obviously someone has to check whether electronic hardware from elsewhere is going to profit or harm a country. Sit under yer palm tree all ya want though... :) To reduce any effort of reverse engineering software to find backdoors an Open Source Operating System like OpenBSD is just the right thing, as reading source is a lot better than disassembling binary. Also pushing for open hardware documentation would only make sense for a country such as .au. Regards, -p
unsupported Wifi USB stick for Developer
Hi, I just bought a Wifi USB stick and it doesn't seem to work on OpenBSD. Instead of returning it (39 euros) I'm willing to send this to an OpenBSD developer who wants to make a driver work for this. Not sure how non-blob friendly the maker of this hardware is... Maker: Fritz! WLAN, AVM Model: Fritz!WLAN USB Stick, 802.11g++, 125 Mbit/s, WPA2 (802.11i) dmesg usbdevs output: -- cd1 at scsibus2 targ 1 lun 0: FRITZ!, WLAN selfinstall, 1.00 SCSI0 5/cdrom removable umass0: at uhub2 port 8 (addr 2) disconnected cd1 detached scsibus2 detached umass0 detached ugen0 at uhub2 port 8 ugen0: AVM GmbH WLAN USB Device, rev 2.00/1.00, addr 2 -- -- Controller /dev/usb2: addr 1: high speed, self powered, config 1, EHCI root hub(0x), NVIDIA(0x10de), rev 1.00 uhub2 port 1 powered port 2 powered port 3 powered port 4 powered port 5 powered port 6 powered port 7 powered port 8 addr 2: high speed, power 500 mA, config 1, WLAN USB Device(0x6201), AVM GmbH(0x057c), rev 1.00 ugen0 -- Anyhow, serious inquiries only! I'll pay shipping. If anyone from AVM is reading this and would like to provide documentation for this hardware I would welcome your contribution! Sincerely, -peter
Re: unsupported Wifi USB stick for Developer
Ok folks, Marc Balmer is going to take it, he'll take it along to the hackathon and distribute it further on whoever wants it from there. Thanks. -peter
Re: Kernel panic on fresh 3.8 amd64 after make build
On Tue, Jan 17, 2006 at 03:02:09PM +0100, Koen Van Impe wrote: cd /usr/src ftp ftp://ftp.openbsd.org/pub/OpenBSD/3.8/src.tar.gz tar zxvf src.tar.gz Should stick a -p in here as well.. cd /usr/src cvs -d [EMAIL PROTECTED]:/cvs -q up -rOPENBSD_3_8 -Pd cd /usr/src/sys/arch/amd64/conf/ /usr/sbin/config GENERIC cd /usr/src/sys/arch/amd64/compile/GENERIC/ make clean make depend make cd /usr/src/sys/arch/amd64/compile/GENERIC/ cp /bsd /bsd-old cp bsd /bsd reboot cd /usr/src rm -r /usr/obj/* make obj make build I usually update the sources, then make build, then compile the kernel , install the kernel and reboot. Staying with -current that way hasn't given me any stress in the last year afaik. And even -current is somewhat forgiving if you don't update or mergemaster your rc files, devices and chroot sandboxes immediately. I understand you track -stable, I don't have experience with that, but try booting with the backed up kernel then making build and then compiling the kernel again and use that on next boot. -peter
Re: ssh to computer with variable ip address
On Sun, Jan 15, 2006 at 11:45:35AM -0500, Dave Feustel wrote: I now have a working ssh connection to a computer on my subnet by using the (hardwired) ip address in the known_hosts file. How can ssh be used to connect to a computer with a (variable) dhcp-assigned ip address, given that the ip address can change at any time? I do this although not on a LAN with DHCP addressing but on the Internet on several computers registering to a self-made lookup service. On a LAN with DHCP you may be able to configure Dynamic DNS to identify what hosts have what IP address. You should take care of the StrictHostKeyChecking which will complain that a known hosts will have a different Public Host Key. You'll get those this could mean a man-in-middle attack type messages which you'll have to ignore and possibly edit the .ssh/known_hosts to get rid of any entries there. Also you won't really know for sure what host is what so it's probably safer to resort to rsa/dsa key authentication as password authentication should be avoided since the host behind an IP could be a malicious host with purpose to gobble up passwords. Cheers, -peter
Re: tar(1) File is too long for ustar
On Mon, Jan 02, 2006 at 11:31:13PM +0100, Otto Moerbeek wrote: OK, then the cpio man page in -current is in error. That's my mistake, I asked jmc@ to change it to 64GB where it is actually 8GB, cpio doesn't add a space or null termination on the 12th digit so it should be ok, only tar and ustar were off. When I looked at it I must have looked at tar_rd() and saw it use asc_ul() which doesn't care much for the terminator and didn't look at tar_wr() which uses uqd_oct() that adds the terminator thus shortening the amount of digits for the octal value. Here is the updated patch: Index: cpio.1 === RCS file: /cvs/src/bin/pax/cpio.1,v retrieving revision 1.22 diff -u -r1.22 cpio.1 --- cpio.1 15 Nov 2005 00:00:28 - 1.22 +++ cpio.1 3 Jan 2006 16:54:12 - @@ -292,8 +292,8 @@ .It bcpio Ta 4 Gigabytes .It sv4cpio Ta 4 Gigabytes .It cpio Ta 8 Gigabytes -.It tar Ta 64 Gigabytes -.It ustar Ta 64 Gigabytes +.It tar Ta 8 Gigabytes +.It ustar Ta 8 Gigabytes .El .Sh BUGS The CUT HERE --- BTW, to solve the OP problem: try using dump(8) instead of tar(1). -Otto Sorry for the misinformation which was caused by me. -peter
Re: Telnet daemon retired in 3.8 ?
On Tue, Nov 08, 2005 at 07:05:24AM -0500, Nick Holland wrote: there's a point. You use OpenBSD for security. Then you do horribly insecure things to access it. huh? Nick. Yeah using telnet these days is not a good idea. General Question: Anyone bored and got nothing to do? Then perhaps replace the S/Key example in the FAQ where someone telnets into an OpenBSD box and is challenged with S/Key. Perhaps replacing the telnet session with an SSH session would be appropriate. http://www.openbsd.org/faq/faq8.html#SKey Regards, -peter
Re: OT: 10 things i hate most on unix
On Sun, Nov 06, 2005 at 06:22:29AM -0600, Andrew Daugherity wrote: At first I thought perhaps my sarcasm detector (now _there's_ a real useful invention!) was broken, but apparently this guy is serious. I'm seriously falling into this troll trap.. oh well. It's an interesting article but in the end it doesn't really say anything and leaves the reader with nothing. If this guy was serious he'd proactively provide an alternative to UNIX. But he doesn't. He just cries about how much UNIX sucks for his purposes. He mentions QNX and how nice that is, but he fails to mention that QNX isn't Open Source and that you gotta buy it. And you probably don't get the source with it either. I for one think the Unix-like Operating System of my choice outweighs any nitpicks of this crank. -peter
Re: new audio drivers for macppc
On Tue, Nov 01, 2005 at 12:03:25AM -0500, Brad wrote: A heads up to any macppc users. -current now has 3 new audio drivers for macppc. aoa(4), daca(4) and tumbler(4). If you have a macppc system which currently does not have supported built-in audio; then I would ask that you please try out the latest snapshot at ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/macppc I'm very bad at following instructions, so I didn't do this. But I did compile my sources from the -current and tumbler gets detected. to find out if any of the 3 drivers listed above are at least detected. there is no guarentee the driver will work once detected. there is one known defect so far, and that is that with the tumbler driver at the moment there is an issue with the i2s code which prevents the driver from working on some iBook laptops. I would very much encourage as many I have an iBook and that's pretty well what I'm seeing. Every time I try to play an MP3 I get the following message on console: i2s_set_rate: timeout users as possible to try out this snapshot to get a wide range of testers for the audio drivers. I would also ask that you please send a dmesg from your system to the list if you have do have the appropriate audio hardware and mention whether it works or not and any other details. Below is my dmesg: OpenBSD 3.8-current (GENERIC) #0: Sun Nov 6 00:53:29 CET 2005 [EMAIL PROTECTED]:/sys/arch/macppc/compile/GENERIC real mem = 134217728 (131072K) avail mem = 112095232 (109468K) using 1254 buffers containing 6709248 bytes of memory mainbus0 (root): model PowerBook4,1 cpu0 at mainbus0: 750 (Revision 0x2214): 499 MHz: 256KB backside cache memc0 at mainbus0: uni-n mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff find_node_intr unable to find step size pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 11 function 0 Apple Pangea AGP rev 0x00 vgafb0 at pci0 dev 16 function 0 ATI Mobility M3 rev 0x02, mmio wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation) mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x0 pci1 at mpcpcibr1 bus 0 pchb1 at pci1 dev 11 function 0 Apple Pangea rev 0x00 macobio0 at pci1 dev 23 function 0 Apple Pangea Macio rev 0x00 openpic0 at macobio0: version 0x4614 macgpio0 at macobio0 macgpio1 at macgpio0 irq 47 zsc0 at macobio0: irq 22,23 zstty0 at zsc0 channel 0 zstty1 at zsc0 channel 1 tumbler0 at macobio0: irq 30,1,2 adb0 at macobio0 irq 25: via-pmu, 3 targets aed0 at adb0 addr 0: ADB Event device akbd0 at adb0 addr 2: PowerBook G4 keyboard (Inverted T) wskbd0 at akbd0: console keyboard, using wsdisplay0 ams0 at adb0 addr 3: EMP trackpad tpad 2-button, 400 dpi wsmouse0 at ams0 mux 0 abtn0 at adb0 addr 7: brightness/volume/eject buttons apm0 at adb0: battery flags 0x5, 99% charged ki2c0 at macobio0 wdc0 at macobio0 irq 19: DMA wd0 at wdc0 channel 0 drive 0: IBM-IC25N015ATDA04-0 wd0: 16-sector PIO, LBA, 14403MB, 29498112 sectors wd0(wdc0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 4 audio0 at tumbler0 ohci0 at pci1 dev 24 function 0 Apple Pangea USB rev 0x00: irq 27, version 1.0 usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: Apple OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered ohci1 at pci1 dev 25 function 0 Apple Pangea USB rev 0x00: irq 28, version 1.0 usb1 at ohci1: USB revision 1.0 uhub1 at usb1 uhub1: Apple OHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered mpcpcibr2 at mainbus0 pci: uni-north, Revision 0x16 pci2 at mpcpcibr2 bus 0 pchb2 at pci2 dev 11 function 0 Apple Pangea PCI rev 0x00 Apple Pangea FireWire rev 0x00 at pci2 dev 14 function 0 not configured gem0 at pci2 dev 15 function 0 Apple Pangea GMAC rev 0x00: irq 41, address 00:03:93:14:3f:be bmtphy0 at gem0 phy 0: BCM5221 100baseTX PHY, rev. 3 uplcom0 at uhub1 port 1 uplcom0: ATEN International Serial, rev 1.10/0.01, addr 2 ucom0 at uplcom0 bootpath: '/[EMAIL PROTECTED]/ethernet/bsd' boot device: gem0. nfs_boot: using network interface 'gem0' nfs_boot: client_addr=172.16.2.255 nfs_boot: server_addr=172.16.2.2 hostname=triton root on 172.16.2.2:/usr/triton/root swap on 172.16.2.2:/usr/triton/swap wd0(wdc0:0:0): timeout type: ata c_bcount: 0 c_skip: 0 i2s_set_rate: timeout i2s_set_rate: timeout i2s_set_rate: timeout i2s_set_rate: timeout i2s_set_rate: timeout
Re: in-kernel pppoe and automatic reconnect
On Wed, Nov 02, 2005 at 12:12:36PM +, Dulmandakh Sukhbaatar wrote: I'm new to OBSD, and configured in-kernel pppoe as my internet gateway. I found out that with userland pppoe automatic reconnect is posible, but with in-kernel pppoe everytime pppoe connection lost, I need to reboot the system. I don't know how to manually reconnect the connection. Any suggestions? Please help. To make kernel pppoe reconnect I cycle the interface: ifconfig pppoe0 down ifconfig pppoe0 up Outgoing traffic should then still not work because the default route needs to be set anew. I came up with a small daemon that sets a new default route automatically when the IP changes on the pppoe0 interface and posted it to this list, to this day I use this and it works formidable. Someone replied to my post saying you don't need the daemon since another mode in pppoe (-link1 in ifconfig) does this. Whether it does or not I don't know since I never use it. Anyhow, here is the link for your experimentation: http://marc.theaimsgroup.com/?l=openbsd-miscm=111973574009710w=2 Regards, -peter