On 9/20/07, Nick Holland [EMAIL PROTECTED] wrote:
Can someone please inform me if this is a really bad idea or not,
ideally with some nice reasoning?
Cheers,
Josh
Read this:
http://advosys.ca/viewpoints/2007/04/fuzzing-virtual-machines/
Read the paper linked there as well.
On 9/21/07, Siju George [EMAIL PROTECTED] wrote:
I have a similar doubt.
What happens when I have a lot of windows open in my fvwm2 and I click
on my desktop and click Exit Fvwm2 ?
Will all the X11 applications be shutdown decently?
Or is it better to type halt in an xterm?
What is the
Gregory Edigarov wrote:
Just an update: I've made /usr/xobj directory, then run the same
command again, with same result.
read the README file, under the hopeless case section...
that helped me (I am a hopeless case, too, but not hopless ;)
OK, thanks, guys. It worked. And sorry for
Matthew Szudzik wrote:
I don't know the history of the operator group, but it almost seems as if
it dates back to the days when BSD ran on mainframes whose only form of
removable media was a tape drive. Of course, computers are being used
much differently nowadays, so it makes sense to
The One.
The one gonad.
Get a proper email account you cowardly faggot.
Darren Spruell wrote:
On 9/20/07, Nick Holland [EMAIL PROTECTED] wrote:
Can someone please inform me if this is a really bad idea or not,
ideally with some nice reasoning?
Anyone who told you VM technology and security had anything to do with
each other was full of doo-doo.
I'll echo
* Craig Skinner [EMAIL PROTECTED] [2007-09-21 10:02]:
Maybe there is need for an additional group for other functions that are
now more common?
halter? :)
--
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS
Jake Conk [EMAIL PROTECTED] writes:
I added this rdr rule to my pf.conf:
rdr on $ext_if proto tcp from any to any port ftp - 192.168.10.9 port ftp
FTP is a special case. Like Jason pointed out, you most likely need
to hook ftp-proxy into your configuration.
- P
--
Peter N. M. Hansteen,
Hello Everybody,
Supposing I have several identical NIC's in my server, can I predict
which become int0, which become int1, etc?
A link to document explaining (or man something) would absolutely suffice.
Thank you.
--
With best regards,
Gregory Edigarov
Henning Brauer wrote:
* Craig Skinner [EMAIL PROTECTED] [2007-09-21 10:02]:
Maybe there is need for an additional group for other functions that are
now more common?
halter? :)
For a while I supported Sun's Netconnect service, which is a fancy
Nagios for Solaris. It watches the logs for
Marian Hettwer wrote:
Hi All,
Question is:
How do I fiddle around with my routing table, that basically the wget running
on my router is using sis2 (with the pppoe uplink), while the rest (my existing
working lan) is still using sis0 with my good-guys cable modem uplink?
just do:
route
Gregory Edigarov schrieb:
Marian Hettwer wrote:
Hi All,
Question is:
How do I fiddle around with my routing table, that basically the wget
running on my router is using sis2 (with the pppoe uplink), while the
rest (my existing working lan) is still using sis0 with my good-guys
cable modem
Like Darrin suggested try matching Modelines and Modes :
On xorg.conf
Enable only this (comment the rest of the modellines) :
Modeline 1680x1050_60.00 147.14 1680 1784 1968 2256 1050 1051
1054 1087 -HSync +Vsync
Modify the screen section :
Section Screen
Identifier Screen0
On 2007/09/21 11:12, Marian Hettwer wrote:
route add som.eth.in.g your pppoe server ip and you're set
This would basically mean, if som.eth.in.g is let's say 123.123.123.123,
that every connection to that destination goes through my pppoe uplink.
Right?
Yes.
Isn't there a way to say
I've now reached the french alps by bike. I will soon cycle beside the mediterranean sea near the coast. I have taken some pictures and written some about my expedition. If you're interested you can point your brower too the following address:
http://www.narfstrom.se
Friendly regards from
Well to answer my question apparently I could use inetd to also do
port forwarding which is included in base and really easy to do. After
figuring that out I was suddenly able to figure out my pf problems and
got pf to port forward correctly also.
Thanks guys,
- Jake
On 9/21/07, Peter N. M.
Tried and as before it stuck at 75Hz resulting in 1280x1024. Some time
ago I've somewhere read that on linux with Xorg 7.2 someone also had
this problem (I don't know if I can call it same problem, it has
widescreen LCD, i810 driver) and solved it by updating i810 driver,
xrandr to 1.2 and
On 20.09-19:17, Daniel Ouellet wrote:
[ ... ]
Do, as you see fit, but my advise to you, wouldn't be to help trying to
get it up as is now, but first run 4.1, then try the new way of doing
it. I think that would be much better spend of time.
thanks for the advice. unfortunately both systems
Gregory Edigarov wrote:
Hello Everybody,
Supposing I have several identical NIC's in my server, can I predict
which become int0, which become int1, etc?
A link to document explaining (or man something) would absolutely suffice.
Thank you.
Not Easily, at least if you are referring to a
Hi all,
last night, I installed 4.1 on the new ALIX.1C:
http://www.pcengines.ch/alix1c.htm (see dmesg at bottom).
The intended use of the box is a home router/firewall/NAT/DNS/DHCP
for my home network of about four computers (heterogeneous).
Everything works fine (as usual with OpenBSD), but
-Urspr|ngliche Nachricht-
Von: Christoph Leser
Gesendet: Freitag, 21. September 2007 12:58
An: 'n0g0013'
Betreff: AW: isakmp phase 2 negotiation failed
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Auftrag
von n0g0013
Gesendet:
Some commercial firewalls (i.e. Juniper/NetScreen ScreenOS-based gear)
have been offering virtual-systems for years now. I think the negative
comments received here may be appropriate when sharing the system with
non-secure guest OSs, but it seems that it might be alright if its
nothing but
Hi,
I tryed to set up spamd on OpenBSD4.1
but after preloading the database at /var/db/spamd
using:
isabsd # /usr/libexec/spamd-setup -d
Getting http://www.openbsd.org/spamd/nixspam.gz
blacklist nixspam 39960 entries
whitelist override 40138 entries
Getting
On Fri, 21 Sep 2007, Stefan Sczekalla-Waldschmidt wrote:
isabsd # /usr/libexec/spamd-setup -d
See your pf(4) table spamd
pfctl -t spamd -T show | wc -l
pfctl -t spamd -T show | tail
spamdb does not show any entries ...
isabsd # spamdb
That is unrelated. spamdb only touches the hash
It sounds to me like the comments here are largely appropriate,
virtualizing firewalls in the limited context that has been explained
probably isn't a real good idea...at least due to perceived load.
Additionally, if there are that many fireuwalls being ran, instead of
numerous interfaces in
On 9/21/07, Kent Watsen [EMAIL PROTECTED] wrote:
Some commercial firewalls (i.e. Juniper/NetScreen ScreenOS-based gear)
have been offering virtual-systems for years now. I think the negative
comments received here may be appropriate when sharing the system with
non-secure guest OSs, but it
On 2007/09/21 08:01, Jeremy C. Reed wrote:
On Fri, 21 Sep 2007, Stefan Sczekalla-Waldschmidt wrote:
isabsd # /usr/libexec/spamd-setup -d
See your pf(4) table spamd
This changed in 4.1; unless you use -b, it's no longer
necessary to keep the blacklist in a PF table.
Jan Stary wrote:
Hi all,
last night, I installed 4.1 on the new ALIX.1C:
http://www.pcengines.ch/alix1c.htm (see dmesg at bottom).
The intended use of the box is a home router/firewall/NAT/DNS/DHCP
for my home network of about four computers (heterogeneous).
Everything works fine (as usual
--- Stefan Sczekalla-Waldschmidt [EMAIL PROTECTED] wrote:
Hi,
I tryed to set up spamd on OpenBSD4.1
but after preloading the database at /var/db/spamd
using:
isabsd # /usr/libexec/spamd-setup -d
Getting http://www.openbsd.org/spamd/nixspam.gz
blacklist nixspam 39960 entries
www.aei.mpg.de/~pau/skype.png
(BIG png, watch out, I don't want to kill your modem connection)
was working fine. I installed it as an exercise and then deleted it...
because I don't use it
Cheers,
Pau
2007/9/21, Siju George [EMAIL PROTECTED]:
On 9/20/07, Siju George [EMAIL PROTECTED] wrote:
On Fri, Sep 21, 2007 at 08:53:02AM +0100, Craig Skinner wrote:
The One.
The one gonad.
Get a proper email account you cowardly faggot.
Lets not get into WW II morale-boosting songs :)
Doug.
On 9/21/07, Scott Wells [EMAIL PROTECTED] wrote:
However, I don't fully agree with the sentiment that running a firewall
in a virtual machine (let's be specific, VMWare ESX) guest environment.
I'm running my firewall on a ESX 3.0.2 guest, and it works perfectly
fine. That being said, you have
Josh wrote:
Hello there.
We have a bunch of obsd firewalls, 8 at the moment, all working nice
and so forth. But we
need to add about another 4 in there for new connections and
networks, which means more
machines to find room for.
So basically I have been asked to investigate running
Jan Stary [EMAIL PROTECTED] wrote:
last night, I installed 4.1 on the new ALIX.1C:
http://www.pcengines.ch/alix1c.htm (see dmesg at bottom).
The intended use of the box is a home router/firewall/NAT/DNS/DHCP
for my home network of about four computers (heterogeneous).
I recently got a
Jan Stary wrote:
I am concerned
about the CF wearing off. As these articles are from 2005 - do these
things still apply to newer CF cards, and should I therefore set up
a mfs? What else should I do to make the CF card live longer (noatime
comes to mind of course).
Remote sysloging
On Sep 21 09:49:20, Nick Holland wrote:
http://www.pcengines.ch/alix1c.htm (see dmesg at bottom).
The intended use of the box is a home router/firewall/NAT/DNS/DHCP
for my home network of about four computers (heterogeneous).
Firstly, swap (i don't really mind reinstalling). Install guide
-Urspr|ngliche Nachricht-
Von: Christoph Leser
Gesendet: Freitag, 21. September 2007 16:44
An: '[EMAIL PROTECTED]'
Betreff: Re: isakmp phase 2 negotiation failed
w
#$OpenBSD: ipsec.conf,v 1.5 2006/09/14 15:10:43 hshoexer Exp $
#
# See ipsec.conf(5) for
Darren Spruell wrote:
At least in a traditional non-virtualized firewall model, the attacker
would have to pull out real exploits and attack real (secured)
services to compromise the firewall, and it wouldn't fall at the same
time as the other hosts.
Yes, these kinds of of flaws have (so far)
Nick Holland wrote:
Gregory Edigarov wrote:
Hello Everybody,
Supposing I have several identical NIC's in my server, can I predict
which become int0, which become int1, etc?
A link to document explaining (or man something) would absolutely suffice.
Thank you.
Not Easily, at least
Hi all,
I finally found a solution to my ftp-proxy problem. The machine is a Dell
2950 with broadcom gigabit NICs, so I'm using the bnx driver included in the
generic kernel. It seems that the TCP checksum offloading causes problems
in certain cases. I found a reference to this on another
Something like iftab on debian.
On 9/21/07, Gregory Edigarov [EMAIL PROTECTED] wrote:
The best thing however would be to have the ability to set the name of
an intreface based on it's mac address, perhaps somebody is working on
it/having it on the todo list?
--
With best regards,
On 9/21/07, Pau Amaro-Seoane [EMAIL PROTECTED] wrote:
www.aei.mpg.de/~pau/skype.png
(BIG png, watch out, I don't want to kill your modem connection)
was working fine. I installed it as an exercise and then deleted it...
because I don't use it
Thanks a lot pau for the reply :-)
What version
On 9/21/07, Adam PAPAI [EMAIL PROTECTED] wrote:
Could you please write me the procedure a little bit detailed?
You downloaded the skype binary, installed the redhat-* stuff, enabled
linux_compat and you had to copy some files from where?
OK :-)
I did this on a 4.1/i386.
For other versions
Siju George wrote:
Call Failed : Problem with audio playback
It is unlikely that Skype will ever work on OpenBSD for more than
chatting, as it uses ALSA for audio output (same as Flash 9.)
That's not something compat_linux(8) can handle, only OSS audio output
is emulated.
Moritz
I don't use X much and instead use lots of Virtual Terminals.
Since I'm on dialup, sometimes I need to leave multiple VTs open to do
things, perhaps downloading something, or its just that I'm in the
middle of things.
How can I lock the whole virtual termial setup? lock(1) only lets me
lock
On Fri, 2007-09-21 at 10:52 -0400, Douglas A. Tutty wrote:
I don't understand the logic of having multiple firewalls on one box.
If one box can handle the throughput requirements of all the NICs, why
not just one big firewall?
Overlapping IP address space.
ciao
Luca
The kid's an idiot. Set up qemu on the mandatory windows machine and run
your Ubuntu. The sentence said nothing about running an emulated OS on your
monitored OS. The kid is just a whiner First they give me two felonies,
then they throw me in prison, and now this. As if using Windows is more
I sent a message and it looks like it got rejected... basically I found out
that ia32e is EM64T(Intel's marketing name for it).
I was thinking it was the itanium arch which is actually ia64. But either
way...
EM64T is supposed to run on AMD64... and it appears that the Intel chips do
support
Hello Daniel,
Just want to make sure that we are on the same page: I'm talking about
i386. It seems from below that your concern is more about amd64, but I
didn't really try it, because my CPU isn't even a Xeon.
Wednesday, September 19, 2007, 6:00:16 PM, you wrote:
I have pretty
That's why god created competant network admins and NAT.
On 9/21/07, Luca Corti [EMAIL PROTECTED] wrote:
On Fri, 2007-09-21 at 10:52 -0400, Douglas A. Tutty wrote:
I don't understand the logic of having multiple firewalls on one box.
If one box can handle the throughput requirements of
On 9/21/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
[snip]
EM64T is supposed to run on AMD64... and it appears that the Intel chips do
support the NXE bit since around 2005.
Can anyone confirm that the newer ia32e chips (made after early 2005) are
actually supporting W^X? It seems that
Vous avez besoin pour votre entreprise et aussi ` titre personnel de
sauvegarder vos anciens films (8, Super8, VHS, Hi8, Video8, DV et autres) et
leur donner une nouvelle jeunesse en les mettant sur DVD, ceci ` moindre co{t.
Ne cherchez plus, nous sommes l`.
Nous sommes prisents sur le marchi
On 2007/09/21 14:29, bofh wrote:
That's why god created competant network admins and NAT.
And VRF.
Isn't one of the core2 bugs that nx is only honored for one of the
cores but not the other?
On 9/20/07, Ted Unangst [EMAIL PROTECTED] wrote:
On 9/20/07, Darren Spruell [EMAIL PROTECTED] wrote:
On 9/20/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
According to:
On 9/21/07, Darren Spruell [EMAIL PROTECTED] wrote:
Here's an entirely realistic scenario at this point:
- Administrator pays loads of money for VMware ESX; for better ROI, he
intends to replace several systems on the network with one big system
running a number of VMs. Maybe there is a full
On 9/21/07, bofh [EMAIL PROTECTED] wrote:
Isn't one of the core2 bugs that nx is only honored for one of the
cores but not the other?
do you have an errata number?
Sorry, iirc it was in that link that Theo posted on core 2 errata.
Hopefully I didn't read it incorrectly. But I disclaim everything...
On 9/21/07, Ted Unangst [EMAIL PROTECTED] wrote:
On 9/21/07, bofh [EMAIL PROTECTED] wrote:
Isn't one of the core2 bugs that nx is only honored for one of
On Fri, Sep 21, 2007 at 04:39:49PM +0200, Christoph Egger wrote:
Which form is better (a) or b))?
a)
char slave[80];
...
if (openpty(masterfd, slavefd, slave, NULL, NULL) 0)
char slave[PATH_MAX] ?
I think it's a reasonable assumption that no library function
will return (on any
On Fri, 2007-09-21 at 20:51 +0100, Stuart Henderson wrote:
On 2007/09/21 14:29, bofh wrote:
That's why god created competant network admins and NAT.
And VRF.
We are talking about OpenBSD here, and support for VRF is not there.
ciao
Luca
On Fri, 2007-09-21 at 14:29 -0500, bofh wrote:
That's why god created competant network admins and NAT.
You are not always in control of all things. Powerful technology is
about choice, not about one absolute right way. BTW, NAT sucks.
ciao
Luca
On 9/21/07, bofh [EMAIL PROTECTED] wrote:
Sorry, iirc it was in that link that Theo posted on core 2 errata.
Hopefully I didn't read it incorrectly. But I disclaim everything...
there is an errata that disabling the NX bit causes it to be disabled
on both cores, but this hardly relevant.
Hi,
I'm trying to concatenate 2 disks using ccd. With an interleave factor
of 0, as described by the man page of ccd(4), it doesn't work. An
interleave factor of 1 works, though. Also, the fstype is 4.2BSD in my
example, but there's no difference if I set it to CCD.
This resembles a bug
I'm seeing some sendto: No buffer space available errors along with some ssh
session hangs. The symptoms are intermitent and look a lot like this
thread.
http://monkey.org/openbsd/archive/misc/0309/msg00827.html
The system is 4.1 stable generic with the sangoma wanpipe driver. Most
traffic is
On Fri, Sep 21, 2007 at 11:16:37PM +0200, Luca Corti wrote:
On Fri, 2007-09-21 at 20:51 +0100, Stuart Henderson wrote:
On 2007/09/21 14:29, bofh wrote:
That's why god created competant network admins and NAT.
And VRF.
We are talking about OpenBSD here, and support for VRF is not there.
List,
Does anyone know of an embedded single board computer, much like a
WRAP/ALIX.C, which has at least one miniPCIe slot?
having no luck on the intertubes am i right in thinking that these board
just are not suitable for 802.11n networking? considering power
requirements, bus bandwidth
On 9/21/07, Claudio Jeker [EMAIL PROTECTED] wrote:
On Fri, Sep 21, 2007 at 11:16:37PM +0200, Luca Corti wrote:
On Fri, 2007-09-21 at 20:51 +0100, Stuart Henderson wrote:
On 2007/09/21 14:29, bofh wrote:
That's why god created competant network admins and NAT.
And VRF.
We are
On 9/20/07, Josh [EMAIL PROTECTED] wrote:
Hello there.
We have a bunch of obsd firewalls, 8 at the moment, all working nice and
so forth. But we
need to add about another 4 in there for new connections and networks,
which means more
machines to find room for.
So basically I have been
On Sat, 2007-09-22 at 00:34 +0200, Claudio Jeker wrote:
We are talking about OpenBSD here, and support for VRF is not there.
That may change faster then you expect
These are great news. If the implementation will allow to assign
interfaces to different VRFs it would solve the virtual
Thanks for the responses from Peter and others.
The CAVEAT seems only to apply to the USB variant - mine is a PCI:
# dmesg| grep ral0
ral0 at pci0 dev 15 function 0 Ralink RT2560 rev 0x01: irq 5,
address 00:13:d3:6a:bb:9d
ral0: MAC/BBP RT2560 (rev 0x04), RF RT2525
I've tried setting
Douglas A. Tutty wrote:
...
I don't understand the logic of having multiple firewalls on one box.
If one box can handle the throughput requirements of all the NICs, why
not just one big firewall?
There are lots of places where multiple firewalls are better than a
single firewall. If one
Boris Goldberg wrote:
Hello Daniel,
Just want to make sure that we are on the same page: I'm talking about
i386. It seems from below that your concern is more about amd64, but I
didn't really try it, because my CPU isn't even a Xeon.
You are 100% right. An oversight on my part here.
On Fri, Sep 21, 2007 at 11:12:10PM -0400, [EMAIL PROTECTED] wrote:
Douglas A. Tutty wrote:
...
I don't understand the logic of having multiple firewalls on one box.
If one box can handle the throughput requirements of all the NICs, why
not just one big firewall?
There are lots of places
Jan Stary wrote:
Hi all,
last night, I installed 4.1 on the new ALIX.1C:
http://www.pcengines.ch/alix1c.htm (see dmesg at bottom).
The intended use of the box is a home router/firewall/NAT/DNS/DHCP
for my home network of about four computers (heterogeneous).
Everything works fine (as usual
73 matches
Mail list logo