Greetings,
I am trying to establish ipsec between a 4.2-current box and a Cisco
3005 concentrator, without going to manual keying or setting up
isakmpd.conf or .policy.
I have come across a few folks who have been successful using 4.0 and
4.1 with isakmpd.conf or isakmpd.policy, but my
On Tue, 4 Dec 2007, Antoine Jacoutot wrote:
On Tue, 4 Dec 2007, Markus Hennecke wrote:
But since it replaced pine the UTF-8 support is broken for me, and the
arrow
UTF-8 works fine here.
If I set the xterm to UTF-8 it works here too, but no way on the
console. It did work with pine
On Fri, 7 Dec 2007, Antoine Jacoutot wrote:
On Fri, 7 Dec 2007, Markus Hennecke wrote:
If I set the xterm to UTF-8 it works here too, but no way on the console.
It did work with pine without setting this option.
Oh, common. I don't want to sound harsh or anything, but please read the
On Fri, 7 Dec 2007, Markus Hennecke wrote:
Hm, I could not find the file tech-notes.txt which was distributed with pine.
It is missing from the PLIST in the port. Apparently the option character-set
was replaced. The manual (the man page) does not provide this information.
Below is a patch
Here is two messages from Hugo Leisink (Hiawatha developer). You'll
note that the first has a newer date than the later, that's because I
delete it, and I asked Hugo to send it to me again :P
Thought that his words could be useful.
Greetings.
-- Forwarded message --
From: Hugo
On Fri, 7 Dec 2007, Markus Hennecke wrote:
If I set the xterm to UTF-8 it works here too, but no way on the console. It
did work with pine without setting this option.
Oh, common. I don't want to sound harsh or anything, but please read
the manual.
Setting display-character-set=ISO-8859-1 in
I'm using bacula and the daemons communicate over stunnel.
I have a lot of clients, which are servers too ( Bacula File Daemon ). My
question is: Can I use for all this clients the same server-certificate or
should I generate for every client a server-certificate?
Or would I ease an attack
Here is two messages from Hugo Leisink (Hiawatha developer). You'll
note that the first has a newer date than the later, that's because I
delete it, and I asked Hugo to send it to me again :P
Thought that his words could be useful.
Only useful if you are trolling.
Hilter.
Godwin.
Done.
Jason George wrote:
Here is two messages from Hugo Leisink (Hiawatha developer). You'll
note that the first has a newer date than the later, that's because I
delete it, and I asked Hugo to send it to me again :P
Thought that his words could be useful.
It is interesting and honestly I didn't
On 2007/12/07 00:53, visc wrote:
I'm going to toss out some generalities here before I resort to posting
debugs from isakmpd because I think I'm only missing one critical factor
in Phase2.
You can usually identify the problem more easily by looking at
packet traces, than by looking at logs.
On Dec 7, 2007 10:51 AM, Daniel Ouellet [EMAIL PROTECTED] wrote:
Jason George wrote:
Here is two messages from Hugo Leisink (Hiawatha developer). You'll
note that the first has a newer date than the later, that's because I
delete it, and I asked Hugo to send it to me again :P
Thought
Ste Jones wrote:
Just to say lighttpd appears to be BSD licensed
http://trac.lighttpd.net/trac/browser/trunk/COPYING
Between appears to be and being, there is a difference.
Right from the home page,
http://www.lighttpd.net/
fifth line And best of all it's Open Source licensed under the
On Friday 07 December 2007 5:15:13 am Dongsheng Song wrote:
When I compile jdk from port, after few hours, errors occured:
[...]
../../../src/share/native/sun/awt/image/BufImgSurfaceData.c:17:
../../../src/solaris/native/sun/awt/awt.h:20:27: X11/Intrinsic.h: No
such file or directory
[...]
badeguruji wrote:
I am getting constant hacking attempt into my computer
from following IPs. Although, I have configured my ssh
config and tcp-wrappers to deny such attempts. But I
wish some expert soul in this community 'fix' this
rouge hacker for ever, for everyones good.
Not sure that I
I am getting constant hacking attempt into my computer
from following IPs. Although, I have configured my ssh
config and tcp-wrappers to deny such attempts. But I
wish some expert soul in this community 'fix' this
rouge hacker for ever, for everyones good.
This hacker could be spoofing the IPs,
hi list,
just wanted to ask some pf folks here. is there a way to skip
(bypass) filtering for just no nat statements? I'm currently working
on some rules in which i need to have some servers on the other side
of my fw to talk to internal machines without any translation
(application
On 12/7/07, Andris [EMAIL PROTECTED] wrote:
Here is two messages from Hugo Leisink (Hiawatha developer). You'll
First of all, you have to take a look at the webserver market. You use
Apache, IIS, Lighttpd or you don't use anything at all. If you want
Ok, I'll take the bait:
On Dec 7, 2007 10:03 AM, Daniel Ouellet [EMAIL PROTECTED] wrote:
badeguruji wrote:
I am getting constant hacking attempt into my computer
from following IPs. Although, I have configured my ssh
config and tcp-wrappers to deny such attempts. But I
wish some expert soul in this community
On Dec 7, 2007 12:41 PM, Eric Furman [EMAIL PROTECTED] wrote:
The deal breaker for Hiawatha, IMO (and I know it counts for nothing),
was his I will never abandon the GPL statement.
People really need to read the entire email before commenting. I'm
not negative towards using the BSD
license for
Ok, fair enough. I just went through their feature list on the site,
my two cents are it should be on by default. I'm not saying anything
bad about it though, as I haven't used it.
My point still stands though, ultimately the weakest links in any such
app will probably be the username/password
On Dec 7, 2007 2:41 PM, Eric Furman [EMAIL PROTECTED] wrote:
On Fri, 7 Dec 2007 10:39:39 -0600, Gregg Reynolds [EMAIL PROTECTED]
said:
On 12/7/07, Andris [EMAIL PROTECTED] wrote:
Here is two messages from Hugo Leisink (Hiawatha developer). You'll
First of all, you have to take a look
Siju George wrote:
On Dec 2, 2007 1:39 PM, Predrag Punosevac [EMAIL PROTECTED] wrote:
Dear All,
I was wondering if I could get some feed back about running Skype on the
OpenBSD 4.2. (i386 with the generic kernel)
I read wonderful article about installation of Skype on OpenBSD
On Dec 7, 2007, at 9:41, Eric Furman [EMAIL PROTECTED] wrote:
On Fri, 7 Dec 2007 10:39:39 -0600, Gregg Reynolds
[EMAIL PROTECTED]
said:
On 12/7/07, Andris [EMAIL PROTECTED] wrote:
Here is two messages from Hugo Leisink (Hiawatha developer). You'll
First of all, you have to take a look at
mikeypl wrote:
Hi!
I need to chroot user not to /home/username, but to /var/www/users/username
. In man ftpd i found something about ftp-dir, which I should set in
/etc/login.conf, but i don't know how to set this to be user-depended... i
don't want to set :ftp-dir:/var/www/pub but
On Dec 7, 2007 4:56 PM, Antoine Jacoutot [EMAIL PROTECTED] wrote:
On Sat, 8 Dec 2007, Gilbert Fernandes wrote:
c'est hallucinant de voir que l'un des meilleur os
disponibles rassemble autant de connards pretentieux
qui ont rien d'autre a fouttre que d'emmerder les
gens qui tentent
On Dec 7, 2007 8:43 PM, Theo de Raadt [EMAIL PROTECTED] wrote:
I simply bought a USB serial adaptor. The cheapest that Bamboo Charlie
had in stock.
It just worked. It was so low priced that if it didn't I'd have just
tossed it in the spare parts box and bought another. AFAIK most of them
On 12/7/07, badeguruji [EMAIL PROTECTED] wrote:
Steve, you were able to understand my concern/wish.
Aren't all security experts, just building their own
islands with the problem [of unsecure space] remaining
as it always was? we should try to build a secure
'atmosphere' where 'clouds of all
viq-2 wrote:
Disclaimer
Q: Why bother signing messages at all?
A: Because I feel like it.
Yes, I know inline signing is frowned upon, and MIME won't make it do
the list, but that's besides the point as well.
/Disclaimer
So, having gotten that out of the way, do you have any opinions
badeguruji wrote:
I am getting constant hacking attempt into my computer
from following IPs. Although, I have configured my ssh...
This is so common that we ignore it at Virginia Tech. Some days, we log 20k
- 30k ssh brute force attempts... I'd like to track 'em down and string 'em
up too,
Greetings,
It seems that the dumbing down of laptops is a constant
preoccupation/sadistic joy for the
laptop manufacturers, and the RS-232/422/485 protocols are destined to
be extinct by them.
My daily work requires to access a number headless *NIX systems in
different places, so I
need
Disclaimer
Q: Why bother signing messages at all?
A: Because I feel like it.
Yes, I know inline signing is frowned upon, and MIME won't make it do
the list, but that's besides the point as well.
/Disclaimer
So, having gotten that out of the way, do you have any opinions on
either? The
On Fri, Dec 07, 2007 at 04:28:27PM -0800, Greg Thomas wrote:
So why bother posting that???
on my laptop i use screen. every machine i use
(netbsd, openbsd, debian..) has its console there,
so i can talk to each machine and each os from
one machine with ease. when i did post that line,
i thought
On Dec 7, 2007 4:08 PM, Gilbert Fernandes
[EMAIL PROTECTED] wrote:
On Fri, Dec 07, 2007 at 04:02:15PM -0800, Ted Unangst wrote:
In my fstab I have :
/dev/cgd0b noneswap sw 0 0
and you are not running openbsd.
the machine which is hosting mutt is not
my soekris is
On Fri, Dec 07, 2007 at 03:14:19PM +, Jason George wrote:
Only useful if you are trolling.
Hilter.
Godwin.
Done.
you forgot one step my dear friend :
1. hilter
2. godwin
3. ?
4. profit !
ok ok im out. i know the way out...
-[]
--
unzip ; strip ; touch ; grep ; find ;
while people are still reading this thread, i'll take this opportunty to
remind folks that if you'd like to help, please _test_ the very
important ipv6 patchset for the existing httpd(8).
http://undeadly.org/cgi?action=articlesid=20071206151810
On Fri, Dec 07, 2007 at 10:18:24PM +, Gilbert Fernandes wrote:
On Fri, Dec 07, 2007 at 01:57:47PM -0800, Jake Conk wrote:
I want to put my /tmp partition in RAM and I got the following example
from the fstab's man page:
swap /tmp mfs rw,nodev,nosuid,-s=153600 0 0
The
On Fri, Dec 07, 2007 at 01:57:47PM -0800, Jake Conk wrote:
Hello,
I want to put my /tmp partition in RAM and I got the following example
from the fstab's man page:
swap /tmp mfs rw,nodev,nosuid,-s=153600 0 0
The problem is that I don't want to have any swap in RAM, only my /tmp
On Fri, Dec 07, 2007 at 01:57:47PM -0800, Jake Conk wrote:
I want to put my /tmp partition in RAM and I got the following example
from the fstab's man page:
swap /tmp mfs rw,nodev,nosuid,-s=153600 0 0
The problem is that I don't want to have any swap in RAM, only my /tmp
partition so
On Sat, 08 Dec 2007 04:05:34 +0700, Unix Fan [EMAIL PROTECTED] wrote:
I think this is the second time you've posted something similar to
this... I have news for you
Everyone gets such traffic in their logs.. from DoS'ers and other
mischievous individuals..
There really isn't much
One thing I didn't see mentioned is public key certificates. Jacob's
need to control access in a granular fashion might be solvable through
the use of client certificates and SSL, rather than one-time
passwords?
Overall Vin makes good points, and includes useful links, so I won't
re-write my
I think this is the second time you've posted something similar to this... I
have news for you
Everyone gets such traffic in their logs.. from DoS'ers and other mischievous
individuals..
There really isn't much you can do about it either, and if you report back to
each IP's abuse
Please pardon the wide post but I'm curious why `cvs diff` is telling me about
files that don't exist when run on a fresh checkout?
It doesn't do any harm but the files look like left-overs from -stable, so I'm
wondering if I've managed to screw up my cvs tags?
Thanks,
JCR
$ echo $CVSROOT
Whatever.
I'm responsible for tracking down an annoying bug Antoine Jacoutot had
with hiawatha on some machines. Namely, hiawatha was not starting up if
you had 1024 file descriptors available, or something really weird like that.
Turns out the culprit was bad coding habits. Some system call was
STeve Andre' wrote:
The one time I did send mail to an ISP was when one little
vandal developed an inordinate fondness for the web server,
and hit it 110,000 times in a week. Fortunately the ISP did
do something about that one. But the lice, I don't think you
can do anything about, unless you
i don't do pf/carp on them, but ibm x3550's are awesome general
purpose servers and I do not see why they would not be excellent pf
boxes.
On Dec 7, 2007 2:13 PM, Bob Beck [EMAIL PROTECTED] wrote:
* Matthew Dempsky [EMAIL PROTECTED] [2007-12-06 15:54]:
Does anyone have recommendations on
This horse is dead, Jim.
Well, fix it, Bones.
Sorry Jim, there's no way to do that.
Damnit, Bones.
--
Christopher Linn celinn at mtu.edu | By no means shall either the CEC
System Administrator II | or MTU be held in any way liable
Center for Experimental Computation | for any
On Friday 07 December 2007 12:51:52 badeguruji wrote:
I am getting constant hacking attempt into my computer
from following IPs. Although, I have configured my ssh
config and tcp-wrappers to deny such attempts. But I
wish some expert soul in this community 'fix' this
rouge hacker for ever,
* Matthew Dempsky [EMAIL PROTECTED] [2007-12-06 15:54]:
Does anyone have recommendations on server hardware for setting up a
redundant OpenBSD firewall? Right now our network handles several
million HTTP requests per day, and we expect that to continue growing.
I expect a simple pair of Dell
On Fri, 7 Dec 2007 10:39:39 -0600, Gregg Reynolds [EMAIL PROTECTED]
said:
On 12/7/07, Andris [EMAIL PROTECTED] wrote:
Here is two messages from Hugo Leisink (Hiawatha developer). You'll
First of all, you have to take a look at the webserver market. You use
Apache, IIS, Lighttpd or you
On Dec 7, 2007 4:15 PM, Daniel Ouellet [EMAIL PROTECTED] wrote:
Ste Jones wrote:
Just to say lighttpd appears to be BSD licensed
http://trac.lighttpd.net/trac/browser/trunk/COPYING
Between appears to be and being, there is a difference.
Right from the home page,
http://www.lighttpd.net/
On Dec 7, 2007 5:10 AM, Andris [EMAIL PROTECTED] wrote:
Here is two messages from Hugo Leisink (Hiawatha developer). You'll
note that the first has a newer date than the later, that's because I
delete it, and I asked Hugo to send it to me again :P
-- Forwarded message --
On Dec 7, 2007 1:03 PM, Daniel Ouellet [EMAIL PROTECTED] wrote:
badeguruji wrote:
I am getting constant hacking attempt into my computer
from following IPs. Although, I have configured my ssh
config and tcp-wrappers to deny such attempts. But I
wish some expert soul in this community
Hi Jake,
While it is true that RSA, for some 15 years, used a NSA-certified
proprietary hash to generate the SecurID's one-time password, five years ago
RSA replaced the classic SecurID with an AES-based token, so your concern
about the proprietary hash is a little out of date. To the best of my
These units are really cheap. Just buy them. If they don't work,
send them to us, and we'll try to improve support for the remaining
ones.
But skip the Keyspans, right?
Heh. Yes, don't send us any non-free-requiring usb serial devices.
They're basically non-existant in the market
On Fri, Dec 07, 2007 at 08:07:07PM -0800, new_guy wrote:
It seems that most companies use PGP to sign stuff, while individuals may be
more inclined to use S/MIME for MTA reasons. I use both, but prefer PGP for
the simplicity.
I'd always thought it was the other way around: most individuals
Yeah as great as OpenBSD is for some reason there are tons of idiots
on this mailing list that like to get pissed off at you for stupid
things. For instance, I never knew there was a difference between top/
middle/and bottom posting! When I first joined this mailing list I got
flamed so
On Sat, 8 Dec 2007 01:48:28 +0100, viq wrote:
Disclaimer
Q: Why bother signing messages at all?
A: Because I feel like it.
Yes, I know inline signing is frowned upon, and MIME won't make it do
the list, but that's besides the point as well.
/Disclaimer
So, having gotten that out of the way, do
On Fri, Dec 07, 2007 at 04:02:15PM -0800, Ted Unangst wrote:
In my fstab I have :
/dev/cgd0b noneswap sw 0 0
and you are not running openbsd.
the machine which is hosting mutt is not
my soekris is (openbsd 4.2)
the chmod should do the trick (1777)
--
unzip ; strip ;
On 12/7/07, Gilbert Fernandes [EMAIL PROTECTED] wrote:
In my fstab I have :
/dev/cgd0b noneswap sw 0 0
and you are not running openbsd.
Hello,
I want to put my /tmp partition in RAM and I got the following example
from the fstab's man page:
swap /tmp mfs rw,nodev,nosuid,-s=153600 0 0
The problem is that I don't want to have any swap in RAM, only my /tmp
partition so I'm wondering if I simply remove the swap entry from
What is wrong with using the ports/packages system?
Why do people keep asking to replace x with y in base?
Whenever something is ready for base it'll happen. Until then you are
saying: you idiots don't know what you are doing because you are using
x instead of y. Nice start to get a discussion
On Sat, 08 Dec 2007 11:26:53 +1100, mufurcz wrote:
Greetings,
It seems that the dumbing down of laptops is a constant
preoccupation/sadistic joy for the
laptop manufacturers, and the RS-232/422/485 protocols are destined to
be extinct by them.
My daily work requires to access a number
Hi misc,
[i guess misc is better than ports for that..]
I ran the patched httpdv6 with the stock httpd.conf
- it was only bound to v6
README.v6 suggests _for_Vhost_operation_ one needs
Listen :: 80
Listen 0.0.0.0 80
my test suggests even without vhosts these are needed to run both v4 and v6.
I simply bought a USB serial adaptor. The cheapest that Bamboo Charlie
had in stock.
It just worked. It was so low priced that if it didn't I'd have just
tossed it in the spare parts box and bought another. AFAIK most of them
work.
There are roughly 20 USB serial variants on the market.
8
badeguruji wrote:
And seriously, 'anything' in self-defense is not
violence (or e-violence) - I am not going in hackers'
territory to teach him a lesson, i am only trying to
build a wall [by asking the experts] which can save
all those who are NOT-hacking into other people's
computers, and
On Sat, 8 Dec 2007, Gilbert Fernandes wrote:
c'est hallucinant de voir que l'un des meilleur os
disponibles rassemble autant de connards pretentieux
qui ont rien d'autre a fouttre que d'emmerder les
gens qui tentent d'apporter de l'aide aux autres.
vous avez que ca a fouttre bande de cons.
Go
On Fri, Dec 07, 2007 at 03:06:05PM -0800, Jake Conk wrote:
Ok so I added that entry and it worked fine except for one problem and that
is root only had permissions to write to that directory so some services
did not start up properly. I then gave the /tmp directory 0777 with chmod
and
On Dec 7, 2007, at 2:18 PM, Gilbert Fernandes wrote:
On Fri, Dec 07, 2007 at 01:57:47PM -0800, Jake Conk wrote:
I want to put my /tmp partition in RAM and I got the following
example
from the fstab's man page:
swap /tmp mfs rw,nodev,nosuid,-s=153600 0 0
The problem is that I don't want to
On Dec 7, 2007 12:51 PM, badeguruji [EMAIL PROTECTED] wrote:
I am getting constant hacking attempt into my computer
from following IPs. Although, I have configured my ssh
config and tcp-wrappers to deny such attempts. But I
wish some expert soul in this community 'fix' this
rouge hacker for
Thanks guys.
Steve, you were able to understand my concern/wish.
Yes, I have posted the same issue earlier, that time i
was looking for a solution for 'myself', this time i
wish: if something can be done 'for everyone', so i
publicized the IPs hacker('net lice') was coming from.
I was adviced
$ lynx http://hiawatha.leisink.org
Looking up hiawatha.leisink.org
Unable to locate remote host hiawatha.leisink.org.
Alert!: Unable to connect to remote host.
lynx: Can't access startfile http://hiawatha.leisink.org/
What an extremely reliable webserver!
(Yea, server-reliability !=
Daniel Ouellet wrote:
Ste Jones wrote:
Just to say lighttpd appears to be BSD licensed
http://trac.lighttpd.net/trac/browser/trunk/COPYING
Between appears to be and being, there is a difference.
Just to clarify: 1- the author claims that it is under the BSD license.
Well, the author is the
On Dec 2, 2007 1:39 PM, Predrag Punosevac [EMAIL PROTECTED] wrote:
Dear All,
I was wondering if I could get some feed back about running Skype on the
OpenBSD 4.2. (i386 with the generic kernel)
I read wonderful article about installation of Skype on OpenBSD
Hi!
I need to chroot user not to /home/username, but to /var/www/users/username
. In man ftpd i found something about ftp-dir, which I should set in
/etc/login.conf, but i don't know how to set this to be user-depended... i
don't want to set :ftp-dir:/var/www/pub but
On Dec 7, 2007 7:32 PM, Andris [EMAIL PROTECTED] wrote:
On Dec 7, 2007 3:57 PM, Ste Jones [EMAIL PROTECTED] wrote:
But hey I am not an Openbsd developer and can't comment on the
security of lighttpd's code, but I think most people would agree it
would be better to have a maintained piece of
Wow, excellent help thank you. That's helped me track down some other
problems as well.
I have success!
And in the interests of full disclosure...
I,
um,
was missing a character in the PSK. [shame and embarrasment]
That's what you get when you generate a nice 63 character key and have
When I compile jdk from port, after few hours, errors occured:
...
/usr/bin/touch
/usr/ports-4.2/devel/jdk/1.5/w-jdk-1.5.0.12/control/build/bsd-i586/tmp/sun/sun.awt/awt/obj/.class.headers.i586
/usr/bin/gcc -O2 -fno-strict-aliasing -fPIC -W -Wall -Wno-unused
-Wno-parentheses -pipe
The latter is far more accurate than the former.
Greg
Good god folks, just stop it. It's GPL, so it isn't going to happen.
-Bob
On Dec 7, 2007 8:21 AM, Nick Guenther [EMAIL PROTECTED] wrote:
As to this point, I see both sides not really giving a chance to
listen to the other. He finds BSDers abrasive; Funny, I've more found
linux to be the bastion of irritating screechy fanbois. This is a sign
that we (myself
On Dec 7, 2007 3:57 PM, Ste Jones [EMAIL PROTECTED] wrote:
But hey I am not an Openbsd developer and can't comment on the
security of lighttpd's code, but I think most people would agree it
would be better to have a maintained piece of BSD software opposed to
a fairly stagnant bit of GPL.
On 12/7/07, Bob Beck [EMAIL PROTECTED] wrote:
I run an awful lot of simple pairs of Dell Rackmounted servers. (as
well as hp, ibm. etc.) I've done this with dell 950's, 1650, 1750,
1850, and 1435's - lately I buy 1435's...
Awesome, we actually have two spare 1435s that we decided to
On Dec 7, 2007 2:41 PM, Eric Furman [EMAIL PROTECTED] wrote:
OK, I'll add my own two p.
Even tho I know nobody asked.
http://www.acme.com/software/thttpd/
Not feature rich, but it's small, fast and strives for security.
Seems to have a BSDish license as well.
License example of thttpd:
/*
As far as packages go, we know how to do signing. At least the technical
part.
The issue is not technical.
As always with distributed authentication schemes.
On Dec 7, 2007 5:06 PM, Jake Conk [EMAIL PROTECTED] wrote:
How do I have it so that anyone can write to the directory when the
computer starts up?
The answer to your question is in man mount_mfs:
If the -P file option is not used,
the owner and mode of the created mfs file system will
84 matches
Mail list logo