Rob W wrote:
What about http://www.securityfocus.com/bid/16375 and
http://docs.freebsd.org/cgi/mid.cgi?200601251013.k0PAD9lO059018 (Fixed
in cvs, but NO patch for 3.8 or 3.7 and NO security announce -
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/if_bridge.c.diff?r1=1.147&r2=1.148)
Fixe
I see, thanks Miod :-)
2006/1/27, Miod Vallat <[EMAIL PROTECTED]>:
>
> At the moment, there is no way to specify a particular charset when
> mounting filesystems. This is being worked on, however (at least for
> cd9660, udf and ntfs filesystems).
>
> Miod
> After I switched to OpenBSD, there are still some data in my old NTFS
> partition. I've made the NTFS support into kernel, and successfully
> mounted the NTFS partision.
>
> The problem is, some filename of the data is encoded other than
> ISO8859-1. In other UNIX-like systems, I could use savio
Rob W wrote:
What about http://www.securityfocus.com/bid/16375
Fixed in -current, 3.8-stable and 3.7-stable
See http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_norm.c
Cheers,
Dries
AndrC)s Delfino wrote:
> What I'm trying to ask is this: if a user turns on the computer, and
> can't log in, is it safe to power off the computer without using halt,
> or shutdown, (ie. pressing the power off button)?
SHOULD you power down uncleanly? No.
Can you? Usually. :)
I would even go as
Hi all :-)
After I switched to OpenBSD, there are still some data in my old NTFS
partition. I've made the NTFS support into kernel, and successfully
mounted the NTFS partision.
The problem is, some filename of the data is encoded other than
ISO8859-1. In other UNIX-like systems, I could use savio
Completely irrelevant. Please take this elsewhere.
On Jan 26, 2006, at 8:04 PM, Constantine A. Murenin wrote:
It's a bit offtopic, but after some speculation in one slashdot-like
local forum, I've come to a conclusion that Linus has now rejected GPL
v3 for the same reasons that Theo rejects GP
It's a bit offtopic, but after some speculation in one slashdot-like
local forum, I've come to a conclusion that Linus has now rejected GPL
v3 for the same reasons that Theo rejects GPL in general, and Apache 2
licence in particular. :-) Well, I assume, it's a good start for them.
:-)
http://lkml.
Edd Barrett <[EMAIL PROTECTED]> wrote:
> Most odd. Im using iwi driver on my thinkpad r50e, and it works great but
> you only get 1 chance to configure it. after you run dhclient, if it fails,
> you have to reboot and try again.
With the 2200BG in my Thinkpad X40 there is no problem starting iwi
Hi there!
I am trying to set up a host to site IPSEC VPN tunnel between computers
connected to the internet via a typical wireless cable.
I have successfully set up several site to site VPN tunnels between my OBSD
and checkpoint, cisco, et. al.
I am quite confused about how to make two aspects o
I was wondering if this setup is OK or totally wrong...
/etc/pf.conf:
# bge0 = int_inf (LAN)
# bge1 = ext_inf (WAN)
scrub on bge0 reassemble tcp no-df random-id fragment reassemble
scrub on bge1 reassemble tcp no-df random-id fragment reassemble
I am not sure if this is double redundant or any
From: Joachim Schipper [mailto:[EMAIL PROTECTED]
> Yes, and root can do quite a few other nasty things as well.
> Where did I
> say this was something completely new? Where did I say that
> it fixed the
> problem?
>
> It does two things:
> 1. It makes a single avenue of attack ('the most o
> > When pinging and endpoint from one end of an IPSec tunnel to the other,
> > occasionally the ping returns with one of the 10.X.X.X IP's of a router
> > along
> > the path. The router IP shows up on traceroute and is more often than not
> > the
[...]
> > Main question is this, why does the
On Thu, Jan 26, 2006 at 03:12:07PM -0800, Ted Unangst wrote:
> On 1/26/06, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> > I agree with your assessment - but disallowing mounts in securelevel 2
> > fixes the most obvious attack (that anybody with even a little UNIX
>
> no, it fixes nothing. root
On Thu, Jan 26, 2006 at 12:09:15PM -0700, Bob DeBolt wrote:
> Greets
>
> OpenBSD 3.8 stable
>
> Cable connection to remote town
>
> Normal internal network IP's are DT 192.168.10/24, Remote 192.168.8/24
>
> When pinging and endpoint from one end of an IPSec tunnel to the other,
> occasionally
On 26/01/06, Thordur I. Bjornsson <[EMAIL PROTECTED]> wrote:
>
> Damien Bergamini <[EMAIL PROTECTED]> wrote on Thu 26.Jan'06 at
> 23:02:28 +0100
>
> > Please try to force 11g mode by hand:
> >
> > % ifconfig iwi0 mode 11g
> >
> > I'm pretty sure the firmware crashes when scanning channels in
> > th
Lukasz Sztachanski wrote:
> On Fri, Jan 27, 2006 at 01:42:13AM +1100, Shane J Pearson wrote:
> >
> > ~~~
> > OpenBSD
> > by hahiss
> >
> > How is it that OpenBSD is able to be so secure by design with so few
> > resources and yet all of Microsoft's resources cannot stem the tide of
> > security pro
3 * PII 350s on a small office LAN, all 3.8 release & binary only:
LAN server, home dirs, backups, mail, 2 * 3Gig drives, 128Mb ram:
Filesystem SizeUsed Avail Capacity Mounted on
/dev/wd0a 49.3M 23.3M 23.6M50%/
/dev/wd0h 295M6.0K280M 0%/tmp
/dev/wd0
On Thu, Jan 26, 2006 at 10:45:10AM -0500, Paul Thorn wrote:
> On Thu, 26 Jan 2006, Joachim Schipper wrote:
>
> >On Wed, Jan 25, 2006 at 10:40:44AM -0500, Paul Thorn wrote:
> >>Hi,
> >>I'm open to any suggestions on how else this might be most easily
> >>accomplished.
> >
> >I don't know about the
Damien Bergamini <[EMAIL PROTECTED]> wrote on Thu 26.Jan'06 at 23:02:28 +0100
> Please try to force 11g mode by hand:
>
> % ifconfig iwi0 mode 11g
>
> I'm pretty sure the firmware crashes when scanning channels in
> the 5GHz band. This bug should affect 2915ABG adapters only.
> Scanning of thos
On Thu, Jan 26, 2006 at 06:13:51PM +0200, Juha Erkkila wrote:
> On Thu, Jan 26, 2006 at 10:45:10AM -0500, Paul Thorn wrote:
> > While the tar method would work if I split the data into smaller
> > segments, retrieval would be cumbersome at best, I fear. The
> > resulting encrypted tar files would n
On 1/26/06, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> I agree with your assessment - but disallowing mounts in securelevel 2
> fixes the most obvious attack (that anybody with even a little UNIX
no, it fixes nothing. root can alter processes' memory. you gain
*nothing* by preventing mount.
On Thu, Jan 26, 2006 at 05:55:22PM +0100, Henning Brauer wrote:
> * Joachim Schipper <[EMAIL PROTECTED]> [2006-01-26 15:26]:
> > You might want to read a little about the recent polemic surrounding
> > securelevels. Basically, they work, but files that are supposed to be
> > unchangeable can be mad
On 1/26/06, Will H. Backman <[EMAIL PROTECTED]> wrote:
> "By sending carefully crafted sequence of IP packet fragments, a remote
> attacker can cause a system running pf with a ruleset containing a
> 'scrub fragment crop' or 'scrub fragment drop-ovl' rule to crash."
>
> 1: Has this been verified to
Greetings misc@,
I am having an unusual problem attempting to setup ftp-chroot for users
via login.conf(5).
I have added (what I believe to be) the proper declarations for the
desired login class, as well as the default class.
From what I understand, ftpd(8) has login class support enabled
On Thu, Jan 26, 2006 at 07:57:38PM +0100, Jonathan Glaschke wrote:
> Hallo,
>
> the manpage of chmod (3) says that the the perm symbol `X' is
> not included in POSIX.2, but it is in POSIX (1003.1 2004).
>
> Maybe this could be updated, because 1003.2 is now integrated in
> 1003.1 and 1003.1 has t
On Thu, 26 Jan 2006 16:44:19 -0500, James Strandboge wrote:
>On Thu, 2006-01-26 at 14:17 -0600, Robert C Wittig wrote:
>
>> Mmap indicates that pop3 is listening and smtp is present but closed
>> on the WAN side of my firewall, and I have pinholes setup for both
>> pop3 and smtp as per the instruc
Rob W wrote:
http://www.securityfocus.com/bid/16375 is minor but important enough to
report?
A way to remotly crash a OpenBSD box is minor?
From http://openbsd.org/security.html:
"Security information moves very fast in cracker circles. On the other
hand, our experience is that coding and re
Please try to force 11g mode by hand:
% ifconfig iwi0 mode 11g
I'm pretty sure the firmware crashes when scanning channels in
the 5GHz band. This bug should affect 2915ABG adapters only.
Scanning of those channels was disabled in 3.8.
Damien
http://www.securityfocus.com/bid/16375 is minor but important enough to
report?
A way to remotly crash a OpenBSD box is minor?
From http://openbsd.org/security.html:
"Security information moves very fast in cracker circles. On the other hand,
our experience is that coding and releasing of pro
On Thu, 2006-01-26 at 14:17 -0600, Robert C Wittig wrote:
> Mmap indicates that pop3 is listening and smtp is present but closed
> on the WAN side of my firewall, and I have pinholes setup for both
> pop3 and smtp as per the instructions for my Netopia Router, which
> worked with Apache (TCP/with
On 1/26/06, Rob W <[EMAIL PROTECTED]> wrote:
> Maybe it is a minor issue but where is the limit for when a security
> announce and a patch is made available?
do you know what the preconditions necessary for exploit are? do you
know the consequences of the bug?
>
> I got a "vendor confirmed" ale
Hello,
I have my 'test' OpenBSD server up and running, and serving pages at:
http://70.142.248.62/ This was pretty easy.
Now I am attempting to set up a 'test' email server using sendmail
8.13.3 (OpenBSD 3.7).
The default installation (localhost.cf) works fine out of the box,
sending mail betwee
> > http://www.nycbug.org/index.php?NAV=dmesgd
>
> Super cool site. This brings a question to mind: is there a reason
> that no useful sites like this are linked to the main site (at least,
> none that I found)?
>
Because while it looks cool and minty, it's no
substitute for sending dmes
On Thu, Jan 26, 2006 at 10:17:39AM -0500, Will H. Backman wrote:
> For those of you who are sending dmesg output to the developers, you may
> also want to post your dmesg to the New York City BSD Users Group dmesg
> tracker.
>
> From their site:
> "Upload your dmesg so others can see your kernel bo
All:
Regarding the future of IPMI and SNMP, where do they intersect in the
evolution of enterprise free software (aka, BSD) ?
Specifically, the OpenBSD implementation we're seeing here seems to
provide sysctl style access to Sensor data, watchdog info, etc., but what
about other IPMI functio
[EMAIL PROTECTED] wrote:
>fox wrote:
>>According to http://openbsd.org/security.html, the
>last two releases
>>of OpenBSD have had 8 vulnerabilities (and that
>includes two that
>>apply to both releases - so really 6 for both
>releases of OpenBSD).
>
>What about http://www.securityfocus.com/bid/163
On 1/26/06, Rob W <[EMAIL PROTECTED]> wrote:
> Is there other bugs that haven't made it to the errate page?
yes. you can find an exhaustive list here:
http://marc.theaimsgroup.com/?l=openbsd-cvs&r=1&w=2
but don't let the word get out. let's keep this quiet.
Greets
OpenBSD 3.8 stable
Cable connection to remote town
Normal internal network IP's are DT 192.168.10/24, Remote 192.168.8/24
When pinging and endpoint from one end of an IPSec tunnel to the other,
occasionally the ping returns with one of the 10.X.X.X IP's of a router along
the path. The
Hallo,
the manpage of chmod (3) says that the the perm symbol `X' is
not included in POSIX.2, but it is in POSIX (1003.1 2004).
Maybe this could be updated, because 1003.2 is now integrated in
1003.1 and 1003.1 has this `X'.
http://www.unix.org/single_unix_specification/
"The perm symbol X shal
[IMAGE]
[IMAGE]
Borghi Toscani | E - mail | Registrati | Inserisci un locale | Meteo |
News
[IMAGE]
NUOVI
INSERIMENTI
Newsletter della 5B0 settimana 2006
LINK
CONSIGLIATI
Hotel I Presidi
LAST MINUTE IN TOSCANA
OFFERTE SOGGIORNI IN TOSCANA
OFFERTE LAST MINUTE FIRENZE
Last Minute Abetone
KumaloGreen CORPORATE TRAINING FOCUSED ON RESULTS
Services SETA Accredited: (Decision No. 0798) www.kumalogreen.co.za
Negotiating for Win-Win Results
===
16 17 February 2006
8 9 June 2006
12
fox wrote:
According to http://openbsd.org/security.html, the last two releases
of OpenBSD have had 8 vulnerabilities (and that includes two that
apply to both releases - so really 6 for both releases of OpenBSD).
What about http://www.securityfocus.com/bid/16375 and
http://docs.freebsd.org/cg
Gregory Steuck wrote:
"jarett" == jarett stevens <[EMAIL PROTECTED]> writes:
jarett> I'm receiving an error in 3.8-current using the iwi driver.
jarett> When configuring the interface (iwi0) with a standard
jarett> ifconfig command, the following error immediately appears on
jar
On Thu, Jan 26, 2006 at 10:45:10AM -0500, Paul Thorn wrote:
> While the tar method would work if I split the data into smaller
> segments, retrieval would be cumbersome at best, I fear. The
> resulting encrypted tar files would need to be significantly < 4GB
> for the same reasons that the large vn
I go through the 3.8 -stable, using the FAQ, and when I get to the
portion about adding my network information, I get the following error
right after I put in my netmask...
bce0: timed out disabling ethernet mac
bce0: timed out writing pkt filter ctl
I restarted
Here! Here! I am so sick of these crappie articles down playing
something when they don't even come close to the truth and the facts.
What really amazes me the most is the fact that the average user just
sits back and does nothing about the problems they have with MS or
Windows. They just accept th
* Joachim Schipper <[EMAIL PROTECTED]> [2006-01-26 15:26]:
> You might want to read a little about the recent polemic surrounding
> securelevels. Basically, they work, but files that are supposed to be
> unchangeable can be made inaccessible by (transparently?) mounting a
> filesystem on top. This
On Thu, Jan 26, 2006 at 01:51:48PM +0100, Rob W wrote:
> What about http://www.securityfocus.com/columnists/380
>
Oh please! Could we please stop this immutable files (non-)issue.
This securityfocus article shows only one thing the incompetence of the
columnist and securityfocus itself. Probably
On 2006/01/26 10:17, Will H. Backman wrote:
> For those of you who are sending dmesg output to the developers, you may
> also want to post your dmesg to the New York City BSD Users Group dmesg
> tracker.
Oh, it's accepting submissions again is it...I had a couple I wanted
to send in a few months
On Fri, Jan 27, 2006 at 01:42:13AM +1100, Shane J Pearson wrote:
>
> ~~~
> OpenBSD
> by hahiss
>
> How is it that OpenBSD is able to be so secure by design with so few
> resources and yet all of Microsoft's resources cannot stem the tide of
> security problems that impact everyone, including thos
On Thu, 26 Jan 2006, Joachim Schipper wrote:
On Wed, Jan 25, 2006 at 10:40:44AM -0500, Paul Thorn wrote:
Hi,
I'm open to any suggestions on how else this might be most easily
accomplished.
I don't know about the specific application, but since DVDs are
read-only anyway, and encrypted data te
fox wrote:
Second, it is not completely accurate to say that OpenBSD is more
secure. If you compare vulnerability counts just from the last 3 months,
OpenBSD had 79 for November, December and January compared to 11 for
Microsoft (and that includes one each for Office and Exchange - so
really 9 f
For those of you who are sending dmesg output to the developers, you may
also want to post your dmesg to the New York City BSD Users Group dmesg
tracker.
From their site:
"Upload your dmesg so others can see your kernel boot messages and
related troubleshooting details. Each dmesg is searchabl
> Second, it is not completely accurate to say that OpenBSD is more
> secure. If you compare vulnerability counts just from the last 3 months,
> OpenBSD had 79 for November, December and January compared to 11 for
> Microsoft (and that includes one each for Office and Exchange - so
> really 9 for a
Shane J Pearson wrote:
What an incredible load of tripe!...
From:http://interviews.slashdot.org/article.pl?sid=06/01/26/131246
Second, it is not completely accurate to say that OpenBSD is more
secure. If you compare vulnerability counts just from the last 3 months,
OpenBSD had 79 for Novem
On Thu, Jan 26, 2006 at 09:44:28AM -0300, Andr??s Delfino wrote:
> What I'm trying to ask is this: if a user turns on the computer, and
> can't log in, is it safe to power off the computer without using halt,
> or shutdown, (ie. pressing the power off button)?
>
> Good luck
>
>
As others have an
What an incredible load of tripe!...
From:http://interviews.slashdot.org/article.pl?sid=06/01/26/131246
~~~
OpenBSD
by hahiss
How is it that OpenBSD is able to be so secure by design with so few
resources and yet all of Microsoft's resources cannot stem the tide of
security problems that im
What about http://www.securityfocus.com/columnists/380
_
Find dine dokumenter lettere med MSN Toolbar med Windows-pc-sxgning:
http://toolbar.msn.dk
On Thu, Jan 26, 2006 at 09:44:28AM -0300, Andris Delfino wrote:
> What I'm trying to ask is this: if a user turns on the computer, and
> can't log in, is it safe to power off the computer without using halt,
> or shutdown, (ie. pressing the power off button)?
As pointed out, no, but you might get
Nick Holmes wrote:
Dear Misc@,
I am looking to build a new OpenBSD workstation for home and would
like to have a dual-headed setup using DVI. I have seen some recent
previous dicussion on this matter (Matrox P650 series not supported
because of Parhelia chipset)
Hm, few weeks ago I bought
On Thu, Jan 26, 2006 at 01:31:04AM -0500, [EMAIL PROTECTED] wrote:
> On Thursday, January 26, 2006, at 00:53AM, Ted Unangst <[EMAIL PROTECTED]>
> wrote:
>
> >On 1/25/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> >> 3.9 beta was not fun for me, so I am reinstalling to 3.8 -Stable.
> >> For wh
On Wed, Jan 25, 2006 at 06:56:53PM -0500, Mike Hernandez wrote:
> On Wed, Jan 25, 2006 at 05:45:52PM -0600, Igor Vilensky wrote:
> > How does one control appearance of console/fonts on the screen?
> > On one laptop, letters are quite large and console fills entire screen, on
> > another, letter
On Wed, Jan 25, 2006 at 10:06:23PM +0100, Tomasz Kniaz wrote:
> On Wed, 25 Jan 2006 21:04:43 +0100, Joakim Roubert wrote:
>
> >Or perhaps the home directories?
>
> Yes, $HOME/something (e.g. $HOME/MAIL/inbox ) is a fine place for
> incoming mail (and other mboxes/maildirs).
It is, but only provi
On Wed, Jan 25, 2006 at 10:40:44AM -0500, Paul Thorn wrote:
> Hi,
>
> This may not be OpenBSD specific, but I'm looking for a way to encrypt
> the contents of a DVD such that only a user with the correct passphrase
> would be able to mount the contents. Sort of an optical equivilent to:
>
>vn
On Thu, 26 Jan 2006, Daniel Polak wrote:
SNIP
> To provide a balanced view:
> In July last year SysKonnect provided a few SK-9S22 cards to Brad and me
> so OpenBSD support could be added.
>
> It took it bit of doing but they were definitely willing to help.
>
> Daniel
Taking 9 months from their fi
On 2006/01/26 16:17, Alexander Yurchenko wrote:
> On Thu, Jan 26, 2006 at 02:13:33PM +0100, Johan L wrote:
> > Hi!
> >
> > We are trying to install OpenBSD 3.8 on a Fujitsu-Siemens PRIMERGY RX100
> > S2 server.
> > The install CD boots fine, but we get warnings about the Intel 6300ESB:
> >
> > >v
On Thu, Jan 26, 2006 at 02:13:33PM +0100, Johan L wrote:
> Hi!
>
> We are trying to install OpenBSD 3.8 on a Fujitsu-Siemens PRIMERGY RX100
> S2 server.
> The install CD boots fine, but we get warnings about the Intel 6300ESB:
>
> >vendor "Intel", unknown product 0x257e (class system subclass
>
Hi!
We are trying to install OpenBSD 3.8 on a Fujitsu-Siemens PRIMERGY RX100
S2 server.
The install CD boots fine, but we get warnings about the Intel 6300ESB:
vendor "Intel", unknown product 0x257e (class system subclass
miscellaneous, rev 0x02) at pci0 dev 6 function 0 not configured
"Intel
On 26/01/06, Andris Delfino <[EMAIL PROTECTED]> wrote:
> What I'm trying to ask is this: if a user turns on the computer, and
> can't log in, is it safe to power off the computer without using halt,
> or shutdown, (ie. pressing the power off button)?
>
No. There quite a few things that might be g
What about http://www.securityfocus.com/bid/16375
_
Ta' pe udsalg eret rundt pe MSN Shopping: http://shopping.msn.dk - her
finder du altid de bedste priser
Dear Misc@,
I am looking to build a new OpenBSD workstation for home and would like to
have a dual-headed setup using DVI. I have seen some recent previous
dicussion on this matter (Matrox P650 series not supported because of
Parhelia chipset) and would like to ask a few questions about an nVi
On Thu, Jan 26, 2006 at 09:44:28AM -0300, Andris Delfino wrote:
> What I'm trying to ask is this: if a user turns on the computer, and
> can't log in, is it safe to power off the computer without using halt,
there are always `logged in' users( i.e. daemon users) ;)
> or shutdown, (ie. pressing the
What I'm trying to ask is this: if a user turns on the computer, and
can't log in, is it safe to power off the computer without using halt,
or shutdown, (ie. pressing the power off button)?
Good luck
Maybe it is a minor issue but where is the limit for when a security
announce and a patch is made available?
Quote from http://openbsd.org/security.html:
"Like many readers of the BUGTRAQ mailing list, we believe in full
disclosure of security problems. In the operating system arena, we were
p
On Wed, Jan 25, 2006 at 06:56:53PM -0500, Mike Hernandez wrote:
> > How does one control appearance of console/fonts on the screen?
> > On one laptop, letters are quite large and console fills entire screen,
on
> > another, letters are tiny and the console fills a fraction
> > of the screen.
> Ch
Original message from Diana Eichert at 25-1-2006 20:09
On Wed, 25 Jan 2006, Christoph Fritz wrote:
Am Mittwoch, 25. Januar 2006 16:20 schrieb Adam Dennis:
I noticed that openbsd-current doesn't have support for Marvell
Yukon88E8053 PCI-E Gigabit (onboard).
I have the same
> "jarett" == jarett stevens <[EMAIL PROTECTED]> writes:
jarett> I'm receiving an error in 3.8-current using the iwi driver.
jarett> When configuring the interface (iwi0) with a standard
jarett> ifconfig command, the following error immediately appears on
jarett> the console: "
* Davin Flatten <[EMAIL PROTECTED]> [2006-01-26 02:28]:
> Hello-
>
> We have OpenBSD 3.5 running as a filtering bridge on our network using
> two Allied Telesyn AT-2971SX cards. The traffic across the bridge is
> about 150 Mb/s on average. We are experiencing the following errors in
> our log
79 matches
Mail list logo