On Mon, Jun 7, 2010 at 4:35 PM, Jacob L. Leifman wrote:
> (yes, I am aware that there are
> specialized applications that do require the use of a monster-sized
> dump truck with an engine to match, but in reality how many places have
> a genuine need of a database that even with fully optimized d
I have a pair of freshly installed OpenBSD 4.7/amd64-RELEASE systems.
They're running redundant failover pairs with fw1 being the master.
It seems I've got a problem getting pfsync to properly pass a full
bulk update over, so longer term sessions time out when the MASTER
takes over for the BACKUP
Build an anchor, have a ruleset loaded to it by cron, and removed at
the specified time later.
On Mon, May 17, 2010 at 7:03 AM, Leonardo Carneiro - Veltrac
wrote:
> There is a way to do time-based rules on pf? Something like "this packet
> will /pass/ from 10h to 13h" or "this packet will /pass/
On Thu, Apr 15, 2010 at 10:34 AM, Thomas Pfaff wrote:
> There's non-free software in the ports tree.
Good thing it's in ports, then. Keeps that shady license where we can
see it, and choose to suffer with it or not.
On Sat, Apr 10, 2010 at 7:55 AM, Jozsi Vadkan wrote:
> Can someone [same subnet, e.g.: with a hub, not switch..] sniff my skype
> password when i'm using Skype? Is it encrypted?
Why are you asking a Skype support question on an OpenBSD mailing list?
The best way to know is to dump the data yours
On Fri, Feb 26, 2010 at 4:44 PM, Citra Cool wrote:
> Can I selling openBSD in CD for profit??
The OpenBSD project has a hard enough time making money on the CDs
they're selling to fund the project.
But, give this a read anyway.
http://openbsd.org/policy.html
On Sun, Feb 21, 2010 at 10:15 PM, Siju George wrote:
> Hi,
>
> I get a few of this kind of error during a forced manual fsck at boot.
>
> Feb 15 15:43:51 fw2 /bsd: wd0g: uncorrectable data error reading fsbn
> 5392325 (wd0 bn 24734585; cn 1539 tn 167 sn 29)
> Feb 15 15:43:51 fw2 /bsd: wd0g: uncorr
On Fri, Feb 19, 2010 at 8:21 AM, L. V. Lammert wrote:
> No, that isn't going to work. This isn't some elitist club - if we can't
> provide a simple, sane, safe way for a [priviledged] user to push a backup
> image out to a DR server, than *we* have failed as technologists.
Wait.
What the hell i
On Wed, Feb 17, 2010 at 7:59 PM, Jason Beaudoin wrote:
> From a compliance perspective, I don't have much choice. From the
> costs, infrastructure, and administrative perspectives, I am currently
> evaluating whether or not I should be leaning towards and IDS or IPS
> solution, and of course which
On Wed, Jan 27, 2010 at 4:53 PM, Denis Doroshenko
wrote:
> so the OS needs to do something. what should it do? should it just
> panic? or may be losing one process is better than losing them all?
> then, what are the criteria for choosing processes to be killed?..
>
> wondering if "random" means
On Mon, Jan 25, 2010 at 10:05 AM, Alessandro Baggi
wrote:
> Johan Beisser wrote:
> Hi Johan. Thanks for the answer. I've reduced my pf.conf on client and
> server side to:
>
> ext="rl0"
> int="rl1"
>
> nat on $ext from $int:network -> $ext:0
&g
On Mon, Jan 25, 2010 at 5:45 AM, Alessandro Baggi
wrote:
> Hi list! I'm setting up a vpn between two openbsd firewall:
> This is the scenario:
>
> FW1 FW2
> $ext 192.168.1.33 $ext 192.168.1.2
> $int 10.1.1.1
On Thu, Jan 21, 2010 at 11:54 PM, Otto Moerbeek wrote:
>> You could makefs on /dev/sd0c instead. Nothing really forces you to
>> create other slices (or partitions) on the device.
>
> Bad advice. disklabel does not record some redundant information for
> the c partitiion. Which may bite you in ca
On Thu, Jan 21, 2010 at 10:43 PM, Song Li wrote:
> On Fri, Jan 22, 2010 at 6:44 AM, Bret S. Lambert
> wrote:
>> On Fri, Jan 22, 2010 at 05:42:25AM +0100, Song Li wrote:
> "fdisk sd0" is not a problem to me now either after I've seen Aaron's
> comments on fdisk. The problem on mount still exists
On Thu, Jan 21, 2010 at 8:42 PM, Song Li wrote:
> For the mount device: what's the device naming convention and the
> rationale behind it? I do not think it's a good idea to search through
> all the device and find out the device name. Linux and FreeBSD use
> slightly different convention but the
t; That's for 4.6 and the syntax is completely different from 4.6 to -current
>
>
>
> - Original Message -
> From: Johan Beisser
> To: Wade, Daniel
> Sent: Tue Dec 29 20:02:34 2009
> Subject: Re: Problem with nat-to on -current
>
> On Tue, Dec 29, 20
On Sat, Dec 19, 2009 at 4:00 PM, Marco Peereboom wrote:
>
> There is no limit to shit code produced by amateurs and "professionals".
Out of this whole thread this is the only statement I agree with completely.
Feeding the troll, sorry.
On Sat, Dec 5, 2009 at 2:45 PM, rhubbell wrote:
>
> Not sure how care plays into this. A simple question that the folks here
> would rather not answer but instead would rather meander about.
I gave you the file where GENERIC for all kernels is configured.
If you bother
On Sat, Dec 5, 2009 at 12:52 PM, Jussi Peltola wrote:
> At least some developers hang on misc@ and surely know how to disable
> ipv6. The question is: do they care?
In my experience, no.
On Sat, Dec 5, 2009 at 12:44 PM, rhubbell wrote:
> On Sat, 5 Dec 2009 15:28:09 -0500
> STeve Andre' wrote:
>
>> mostly a waste of time, except for the educational aspects of what not
>> to do.
>
> Thanks for the nice story. I get a kick out of how far folks here go out
> of their way not to help
Two words: Filesystem Overhead.
On Tue, Oct 27, 2009 at 11:59 PM, Jennifer Ma wrote:
> hi all, lately, i obtained a seagate 200g(wd1) harddisk from my elder
> brother, after i disklabel, newfs and mount the disk. only 174g is
> shown as available, in windows(through samba), said 9.16g already be
On Mon, Sep 14, 2009 at 6:53 PM, patrick keshishian wrote:
> ahhh... Do you know if there are any open-source clients that are able
> to connect through their service? I'm unable to google any specifics
> on what "protocol" they use, or rather what their java app does after
> it is launched. Is i
On Mon, Sep 14, 2009 at 5:39 PM, patrick keshishian wrote:
> I didn't want to hijack the other VPN thread for this purpose, so here
> is a new thread. Anyone know much about how Juniper SSL-VPN networks
> work?
It's a java based client that's run on the "client-side" and forwards
specified packet
On Fri, Sep 4, 2009 at 11:31 AM, Sha'ul wrote:
> Thank you for the info. I was not looking for anything for how to install
> OpenBSD, but only for how to use it as a router and wireless access point
> system for network
The difference between the two installs is almost zero. Understanding
one with
On Fri, Aug 21, 2009 at 7:34 AM, Uwe Dippel wrote:
> Now I am pretty sure that this is what we see here.
> It also makes sense, since all those users sit on a tightly controlled LAN;
> while that machine is 'further out'. So that restricted services can be
> accessed through some tunneling.
> Now:
On Tue, Jun 9, 2009 at 2:50 PM, Ted Unangst wrote:
> The short answer is that you can't use more than 1GB of memory.
Out of curiosity, what's the long answer?
2009/6/9 Thanasis :
> They are not static, but they are fixed and they actually get assigned
They're fixed then. Yes, it's normal behavior because they're not
considered a lease, and rather viewed as what they are: assigned and
reserved.
> So in this case is it normal, not having any entries in
On Mon, Jun 8, 2009 at 6:43 AM, Anton Parol wrote:
> I still can't believe that I saw mpf@ on my train this morning. I thought I
> remembered his face from hackathon pics, but then he pulls out his thinkpad
> and I see the blue console messages come up. I was like, woah, very cool.
> Thats a good s
On Wed, May 27, 2009 at 10:44 PM, SJP Lists wrote:
> I know this is an option, but forcing the resending of traffic doesn't
> seem to be the most efficient method to me, when I could instead just
> shape that same traffic when it leaves another interface.
It's a horrible option, but it's what wa
On Wed, May 27, 2009 at 12:02 PM, SJP Lists wrote:
> Thanks Lars and Johan,
>
> I was trying to highlight to irix that once traffic is received, it is
> too late to alter the bandwidth it already used coming in.
>
> In other words, doing it on the incoming is pointless. Thus, as in
> your exampl
On Wed, May 27, 2009 at 10:26 AM, STeve Andre' wrote:
> I've never tried installing OpenBSD on a 600x but I'm a little surprised
that
> it isn't working fine.
You're in for a few surprises when you do then. It should work fine,
but there's some ACPI issues that have never been addressed.
> Sinc
On Wed, May 27, 2009 at 11:04 AM, SJP Lists wrote:
> How do you shape traffic that you have already received? Or to put it
> another way, how do you alter the past?
I've always just assigned inbound traffic to the existing outbound
queues. My assumption is that the responding traffic would use t
On Thu, May 14, 2009 at 10:41 AM, Jose Perez Rodriguez
wrote:
> Today i was installing OpenBSD 4.5 and i type:
> export PKG_PATH=ftp://tp.openbsd.org/pub/OpenBSD/4.5/packages/i386/
"tp.openbsd.org"?
On Wed, May 13, 2009 at 2:38 PM, Renaud Allard wrote:
> Sounds like you never tried exim, or at least v4. Currently, no other MTA is
> able to do what exim does. Its licence may not be the best one, but it is
> able to do more than any other existing MTA.
Such as?
I please ignorance, I haven't
On Mon, May 11, 2009 at 3:54 PM, Dan wrote:
> So it seems like the goal is for it to be as good or better than qmail
> if it's going to be smaller, easier to maintain, secure, etc. Then
> where's the problem?
Saying qmail has good design is a firm hand you've not actually really
worked with it or
On Apr 16, 2009, at 2:08 PM, Fred Crowson wrote:
Plug it in and if /var/log/messages has a line like:
Apr 16 21:57:45 x41 /bsd: ucom0 at umodem0
You might be in luck.
You may want to check that your provider permits tethering as a modem.
Some do, quite a few don't.
If they do, make sur
On Feb 27, 2009, at 3:36 AM, Mihai Popescu B.S. wrote:
I don't want to be a smart ass, but I was a little bit confused about
some answers on undeadly.org message post by me. Basicaly, I was
saying that even 1 euro matters for the donations. I was thinking that
thousands of OpenBSD users donating
On Feb 23, 2009, at 9:11 PM, patrick keshishian wrote:
why all the "quick" stuff? This is supposed to be a very simple set
up. Granted we don't exactly understand what the OP wants to do, but
from what I gather, he most likely wants to allow all outbound traffic
with NAT and everything else get
Comments inline.
On Feb 23, 2009, at 5:58 PM, Hilco Wijbenga wrote:
Hi all,
I've been trying to get a simple firewall system up-and-running in
OpenBSD. I have "The Book of PF" and "Secure Architectures
with OpenBSD" so I thought it would be very simple. Well, we're two
weeks later now and stil
On Mon, Feb 23, 2009 at 10:48 AM, Dave Wilson
wrote:
> On the contrary, I find OpenBSD remarkably user-friendly. Almost
> everything I want is already in base, most things are set up with
> intelligent and safe defaults, I can't even remember the last time I had
> to even *have* an xorg.conf, let
On Feb 13, 2009, at 12:10 PM, Jean-Frangois wrote:
Hi,
It's for sharing btw Linux / OpenBSD. Last one is server. Probably
other
than Linux client one day. However for Windowd there are ways to
install
NFS client.
And, all of those ways suck. Sadly, to windows Samba is about the best
method th
On Feb 13, 2009, at 11:41 AM, Jean-Frangois wrote:
I am mounting network drives. Would you recommand the use of NFS or
SAMBA for home use ?
What would you be serving to? PC Boxen? MacOS X? Linux? Another
OpenBSD box?
Both protocols are appropriate for similar - but not entirely the same
- setu
I'd gladly trade look(1) for wake(8).
That's almost 8k right there.
On 2/9/09, Emilio Perea wrote:
> On Mon, Feb 09, 2009 at 09:05:13PM +1300, Richard Toohey wrote:
>> On 9/02/2009, at 6:31 PM, Thomas Pfaff wrote:
>>
>>> I think this could use some explaining for those of us that are not
>>> int
A little more googling would have introduced you to relayd(8).
On 2/8/09, Xavier Beaudouin wrote:
> Hello,
>
> Just a quick question, what is the status of hoststated ?
>
> I ran into http://www.openbsd.org/papers/eurobsdcon07/pyr-
> loadbalancing/ and I found that a quite exiting projet.
>
> U
On Jan 16, 2009, at 12:05 PM, Allie Daneman wrote:
BingoI don't run this stuff voluntarily...I have to for work.
If work is all SAE, and you have metric and SAE tools, do you bring
your metric tools on the job site? No, because for the most part they
won't fit, and you might strip the b
On Jan 16, 2009, at 11:00 AM, Allie Daneman wrote:
I need to run Java on the guest...hence the reason Qemu doesn't work
for me. T need virtualization software that runs java on an XP
guest. The version of OpenBSD doesn't matter ;) I've been running it
since 2.8 and am running current today
On Jan 15, 2009, at 9:38 AM, Sevan / Venture37 wrote:
The hammer FS seems promising from the BSDtalk Will & Matthew did.
Outside of a single person who's doing porting (to an unknown OS),
there's not been much in the way of updates on the status. It's a BETA
filesystem at best, and still b
On Jan 13, 2009, at 6:42 AM, Dan Colish wrote:
On Tue, Jan 13, 2009 at 8:11 AM, Arno Kumpel
wrote:
I have a new email address!You can now email me at: arkump...@yahoo.com
*- I have the sum of $8.5USD for offshore investment*. I will
appreciate
it so immersely if you could give details an
On Jan 3, 2009, at 7:27 AM, Ed Ahlsen-Girard wrote:
You're right. You're so right, in fact, that I'd already changed the
code; even I noticed that my original was bad practice.
You're doing this in perl, and not using Net::FTP?
But my real problem was getting the download to work inside a s
I don't think any are bankrupt due to RT.
On 12/23/08, Ted Unangst wrote:
> On Tue, Dec 23, 2008 at 6:44 PM, bofh wrote:
>> Here's a vote for RT. I've installed it, and also used it at F100
>> companies.
>
> Faint praise considering how many F100 companies are bankrupt. :)
On Dec 22, 2008, at 5:25 PM, Henning Brauer wrote:
yurop is different
And one day, the US might stop playing ketchup.
On Dec 22, 2008, at 12:27 PM, Henning Brauer wrote:
* Todd T. Fries [2008-12-05 13:27]:
Ironically, IPv6 cannot solve this scenario either, since by
definition
using ipv6 tends to require a tunnel
a few ISPs here (too many) are stupid enough to deal with v6 to the
extend of handing out v6
You need the KDE Samba package.
http://www.openbsd.org/4.4_packages/i386/kdesamba-3.5.9.tgz-long.html
On Dec 21, 2008, at 10:41 PM, Siju George wrote:
Hi,
I am running 4.4 and have both kdebase package and samba package
installed.
$ uname -a
OpenBSD risen.hifxchn2.local 4.4 GENERIC#1021 i
On Nov 26, 2008, at 3:27 PM, Keith Lofstrom wrote:
>
> I would love to see an ALIX version of this. While I am still
> having fun learning about the ALIX by doing my own setup, I
> expect I will be setting up more than one ALIX board with
> members of the Portland Linux Unix Group, and being abl
I was considering something similar for OpenBSD on Soekris and ALIX
boards. I'll take a closer look at your stuff this afternoon.
Thanks.
On 2008-11-26, Tyler Booth <[EMAIL PROTECTED]> wrote:
> Following up on Russell's excellent presentation on OpenWRT last week,
> I've developed a set of scr
On Nov 17, 2008, at 9:26 PM, Russell Senior wrote:
>
> The $173 includes the board, small enclosure, the CF and power supply.
> The enclosure is for indoors and doesn't need mounting hardware beyond
> the little rubber feet it comes with.
That's a pretty good cost. I'm tempted to grab one for my
What little I've seen of the ALIX board impressed me.
But, is the cost including mouting hardware and the minipci wifi card?
The $173 price tag strikes me that it doesn't.
Am I correct to assume no chassis and transplanting the existing wifi
card from the nucab?
On 17 Nov 2008 19:31:17 -0800
PoPToP is in ports.
On 11/17/08, jul <[EMAIL PROTECTED]> wrote:
> Hello
>
> has someone setup a vpn tunnel between openbsd and an iphone ?
>
> it seems ipsec part is strictly limited to "cisco ipsec" with a user
> account/password so not good for us.
> Else there is pptp and l2tp but i'm not sur
Did you turn off chroot?
Also, why is "Starting Pure-FTPd" in the log?
On 11/16/08, Andrei Pirvan <[EMAIL PROTECTED]> wrote:
> Hello
>
> The problem I have is that default apache can't load PHP module. PHP
> was installed from packages (php5-core-5.2.6.tgz), so here is nothing
> custom made. The
It may not work with the release version of 4.4. Upgreade to a
snapshot and cross your fingers.
On 11/16/08, Tony Berth <[EMAIL PROTECTED]> wrote:
> On 11/16/08, Stephan Andreas <[EMAIL PROTECTED]> wrote:
>> Am Sonntag, 16. November 2008 18:32:55 schrieben Sie:
>>> Dear Group,
>>>
>>> I just rea
Check your bind config. It's likely not configured to respond to
non-local network IP addresses.
On 11/15/08, Vivek Ayer <[EMAIL PROTECTED]> wrote:
> Hey guys,
>
> Need some help with DNS queries behind a router. I set up a DNS server
> in my network and it responds when I'm within my network. I
On Nov 11, 2008, at 5:38 PM, igor denisov wrote:
???
Would you tell me for sure what ports http, ssl, https, X, and lpt
runs
on, as well as daemons for them?
Why? These are all documented already. Look at /etc/services and man
pages.
On Nov 8, 2008, at 4:21 PM, Alfredo Perez wrote:
On Sat, Nov 08, 2008 at 04:00:23PM -0800, johan beisser wrote:
On Nov 8, 2008, at 3:34 PM, Alfredo Perez wrote:
Hi
I have the following configuration
router/firewall <--- OPENBSD BOX <- Wireless switch
I'm confused. Wh
On Nov 8, 2008, at 3:34 PM, Alfredo Perez wrote:
Hi
I have the following configuration
router/firewall <--- OPENBSD BOX <- Wireless switch
I'm confused. Why isn't the OpenBSD box the router/firewall?
nat.conf shows
nat on rl0 from dc0/24 to any -> rl0
nat.conf? Do you mean pf.con
On Nov 7, 2008, at 9:44 AM, Dave Anderson wrote:
Network configuration has bugged me a bit ever since I started using
OpenBSD, not just the real security issue that Harald Dunkel points
out
but general ease of administration issues. For example, on a typical
single-NIC system one ought to be
On Nov 3, 2008, at 11:28 AM, elflord woods wrote:
hello
i've just installed 4.4 and answered yes during installation for the
default
start of sshd
yet the sshd didn't start after reboot
and then i add enable_sshd=YES in /etc/rc.local
but then it complains that it could not load host key
A
Interesting. I had this problem on an IBM 600x, but due to the age of
the hardware assumed it was some quirkiness with its ACPI/apm
implementation.
In the end, I had to use a Windows install to manage the IRQs to stop
a conflict between sone subsystems. It helped make the keyboard freeze
less ofte
On Oct 28, 2008, at 4:11 PM, Stevoid wrote:
I've burnt the various *.iso files to CD but my laptop doesn't
recognise
them as bootable but I know whet work. I've begun the installation
process
on several machines using these disks and they work.
Are you 100% certain you burned the iso as an
No need to appoligize. If you ask in English I'll do my best to help
you out. I've been using Soekris hardware for a while now.
My french, for what it's worth, is so bad I didn't try too hard to
read yours, so the person who should appoligize is me.
And I was right in guessing that your English i
Problem 1: you're asking about FreeBSD on an OpenBSD mailing list.
Problem 2: this list has standardized on English, since that is the
common language for most (if not all) of the developers.
Problem 3: misc@ doesn't really support minicom directly. Someone may
be able to help you anyway, though.
On Oct 18, 2008, at 2:23 AM, Matthew Dempsky wrote:
I know, but I understood "ssh will compress what goes through its
tunnel to begin with" to imply this is the default behavior. Maybe
Johan meant "can" instead of "will."
You're right, I did. Sorry for the confusion, I was typing on the
bla
You know ssh will compress what goes through its tunnel to begin with, right?
So, you can eliminate at least one command there..
On 10/17/08, Girish Venkatachalam <[EMAIL PROTECTED]> wrote:
> On 17:29:56 Oct 17, Mike wrote:
>> >
>> > will work out much faster and better than plain old dd(1).
>>
the wifidog authserver (that ipaddr
> specifically). I can ping it from elsewhere, but not from red&black.
> If I'm right, it looks like it's time to advise them to switch ISPs.
>
>
> --
> Russell Senior, Secretary
> [EMAIL PROTECTED]
>
> >
>
On Oct 16, 2008, at 1:59 PM, Jose Fragoso wrote:
So my question is: what is the best way to deal with this
kind of situation. Should I reduce the value of whiteexp ?
Has anybody thought of way of cleaning such road-warrior
addresses on a daily basis ? To be fare, these address
should not stay in
Either switch to passive ftp, or open your ftp-data port.
That should solve some of your problems.
On 10/16/08, Kendall Shaw <[EMAIL PROTECTED]> wrote:
> I get no reply when I try to subscribe to the pf mailing list, so I'll
> ask here. I'm running OpenBSD 4.3 stable on amd64. I use what is in t
The board's PCI slot has to be molded to support it. If not, a dremmel
and a little precision will permit the card to sit in the slot with no
problems.
Shave a few mm off the PCI slot's side, don't cut the card.
.
On 10/16/08, J.C. Roberts <[EMAIL PROTECTED]> wrote:
> On Wednesday 15 October 2008
On Oct 10, 2008, at 10:11 AM, Christopher Chen wrote:
>
> You just want a bucket truck.
Who doesn't?
--~--~-~--~~~---~--~~
The Personal Telco Project - http://www.personaltelco.net/
Donate to PTP: http://www.personaltelco.net/donate
Archives: http://news.gmane.o
On Oct 4, 2008, at 2:40 PM, Jason C. Wells wrote:
You obviously haven't been upgrading enough. One day I will tell
you teh story of teh "make world".
You gonna sit him on your lap, pawpaw?
___
freebsd-chat@freebsd.org mailing list
http://lists.free
sn't been up since last Friday.
>
> Thanks!
>
>
> --
> Russell Senior, Secretary
> [EMAIL PROTECTED]
>
> >
>
--
Johan Beisser
UNIX Contracting: infrastructure design, network security, disaster
planning and recovery
--~--~-~--~~--
On Sep 26, 2008, at 9:16 PM, Steve Shockley wrote:
I'm running -current from September 9 on a Dell SC440. When I try
to do
a bulk ports build using dpb, it runs for a couple of hours and hangs.
The console screen is blank and doesn't respond to keyboard, but I can
still ping the machine. If
It's always time for that hat.
On 9/19/08, Stuart VanZee <[EMAIL PROTECTED]> wrote:
>> From: Ted Unangst
>> Sent: Friday, September 19, 2008 1:12 PM
>> Cc: Misc OpenBSD
>> Subject: Re: NSA Resources For Rapid Targeting and Routing Analysis
>>
>>
>> On Fri, Sep 19, 2008 at 12:38 PM, Doug Milam
>> <
On Sep 13, 2008, at 5:49 AM, steve szmidt wrote:
Yes, the US had it for a while but a recent ruling has reversed that.
Really? I never heard of it ever being passed in the first place.
If it's the case I'm thinking of, the key couldn't be compelled from
the guy due to how they were trying t
On Sep 13, 2008, at 3:21 AM, Toni Spets wrote:
What about some known patterns like "screen (-r)" from the start of
every session for example in an IRC shell where most people do that
first? Could it be used with lots of data to crack open future
sessions?
I would say "yes it's possible. B
On Sep 12, 2008, at 9:43 PM, Darrin Chandler wrote:
I'm saying what he's wanting to prevent - Eve watching input and
output to
figure out passwords, based on keyboard timing and typing patterns
- isn't
really an easy attack for Eve to accomplish without a huge amount
of data
being coll
On Sep 12, 2008, at 6:41 PM, Darrin Chandler wrote:
On Fri, Sep 12, 2008 at 05:42:08PM -0700, johan beisser wrote:
It's just a improbable attack. One that's easily defended against by
maintaining the interactive shell/echoback and simply push additional
Was it you who said earlie
On Sep 12, 2008, at 4:08 PM, Damien Miller wrote:
There is no reason to believe that keystroke timing attacks will be
impossible against protocol 2 where they work against protocol 1.
They might just be a little more tricky.
I don't think I discounted an updated version of this attack against
On Sep 12, 2008, at 3:12 PM, Philip Guenther wrote:
On Fri, Sep 12, 2008 at 2:05 PM, johan beisser <[EMAIL PROTECTED]> wrote:
This about security. Being realistic means *not* being optimistic
that extracting data will be "too hard", "too unlikely", "only
applic
On Sep 12, 2008, at 2:28 PM, Stuart Henderson wrote:
On 2008/09/12 14:05, johan beisser wrote:
I'm not going to say "It's impossible." It's not. How about "really
highly unlikely" that Eve will pick up enough useful signal to
decrypt
which letters are b
On Sep 12, 2008, at 2:28 PM, Stuart Henderson wrote:
On 2008/09/12 14:05, johan beisser wrote:
I'm not going to say "It's impossible." It's not. How about "really
highly unlikely" that Eve will pick up enough useful signal to
decrypt
which letters are b
On Sep 12, 2008, at 7:02 AM, Kevin Neff wrote:
Thanks for all the comments. I think we're all pretty much on the
same
page.
First order of business is to look at how much of a weakness this
may be.
Then, implement several potential solutions. Finally, test to see
if the
"fixes" improve
On Sep 12, 2008, at 1:16 PM, Stuart Henderson wrote:
Wait, how do you know someone is typing a password inside the session
and not just writing a text file or typing arbitrary commands?
e.g. when eve's machine that's hijacking the network packets picks
up an outgoing SSH connection.
I'm not g
Hell you say. I wear glasses and have been punched. Hard. In the face.
Good to know I'll be immune from you.
On 9/10/08, Aaron Glenn <[EMAIL PROTECTED]> wrote:
> On Wed, Sep 10, 2008 at 7:56 PM, STeve Andre' <[EMAIL PROTECTED]> wrote:
>>
>> How about people with severe physical problems? I know
On Sep 4, 2008, at 12:23 PM, Redd Vinylene wrote:
I was quite shocked today when I heard I could use pf to block
against DDoS
attacks, using Stateful Tracking Options,
http://www.openbsd.org/faq/pf/filter.html#stateopts.
But does anybody have any nice setups of this they'd want to share?
I'd
On Sep 2, 2008, at 10:08 AM, Stefan Sczekalla wrote:
I'm somewhat uncertain on how NAT behaves especially on nearly
concurrent rules.
e.g.
assumption: ( ext_if has two addresse e.g. 82.100.200.1 and and ALIAS
82.100.200.2 )
nat pass on $ext_if form $internal_networks to 192.168.47.11 ->
82.10
On Sep 1, 2008, at 11:44 AM, Khalid Schofield wrote:
Hi,
I'm running openbsd 4.0 (yeh old I know but it's a vital system that
I'm replacing but it processes data that makes a lot of money).
Better replace the disk tomorrow, then. Or, implement the software on
a new system, and take the hit
As a rule, anything not in base is installed to /usr/local. Take the
time to make sure your library isn't already in ports (or a package)
before installing it.
I've recently taken to putting my own packages and manually compiled
binaries under /opt/local. It's non-standard, but works for me.
-jb
I've been poking around the Misc archives, and haven't seen anything
related to solving this specific issue, at least with my own preferred
router software: OpenBSD.
So, while researching on implementation details for a community
wireless system, I found out about Hazy-Sighted Link State Ro
On Aug 28, 2008, at 4:06 PM, Nick Guenther wrote:
The trouble with that is that these days you rarely want to just
connect to the first open wifi you see (and most wifi isn't open
anyway).
Well, admittedly, it'd have to be rewritten and revised anyway.
Ifstated(8) didn't exist the last time
On Aug 28, 2008, at 12:48 PM, Vadim Zhukov wrote:
ifstated(8) + ifconfig(8) (see "-M" option of ifconfig)?
Interestingly, I had a script that would use "ifconfig -M" to figure
out which AP it should use, sorted by rank (first match) and avoiding
using generic or brand names. No match, and
On Thu, Aug 21, 2008 at 2:39 PM, ropers <[EMAIL PROTECTED]> wrote:
> http://www.openbsd.org/cgi-bin/cvsweb/src/?sortby=";> style="position:absolute;top:10px;font-size:150pt">Only 2
> Remote bugs
I find it more amusing that it's just injecting HTML in to what's
being rendered. CVSWEB has a bug.
101 - 200 of 277 matches
Mail list logo