On Sat, Nov 12, 2005 at 12:04:38PM +0100, the unit calling itself Fabien Germain wrote: > On 11/11/05, J Moore <[EMAIL PROTECTED]> wrote: > > > > pass in quick on $ext_if proto tcp from any to ($ext_if) port 22 keep > > > > state > > > > (max-src-conn-rate 3/10, overload <attackers> flush) > > > > > > which only works with OpenBSD >= 3.7 ( and my server is 3.5 :-( ) > > > > > Just out of curiosity, why haven't you upgraded? > > Because when I installed the server, I used the only OpenBSD CDs I had > (v3.5) whereas current version was 3.7... and I don't really know if > it is difficult or not to upgrade, and since the server is in > production, I'm frightened to break it :-( So I never did it ! Maybe > I first should try on a simple PC, before the server...
I'm the same way - I do not look forward to spending an afternoon upgrading a box, and then manually hacking through the config files checking for changes. After 30 minutes of this mind-numbing minutae, I usually start making mistakes which leads to more time consumed. Getting a "practice box" is what I did in the beginning. Then after a while you find some use for the "practice box", and then hate to take it down :) It's what they call a "vicious cycle" I think :) Anyway - most upgrades are not so bad, but I've found if I get more than 2 releases behind a fresh install is usually the best medicine. Jay
