not wanting to speak for someone else, but I'm pretty sure it was sarcasm.
On March 5, 2024 8:21:40 AM MST, ofthecentury <ofthecent...@gmail.com> wrote: >Well, that's not very noice. Where is security? > >On Tue, Mar 5, 2024 at 7:45 PM Theo de Raadt <dera...@openbsd.org> wrote: > >> PID 6504 was my shell. I've logged off now. >> >> What are you expecting here?? >> >> >> ofthecentury <ofthecent...@gmail.com> wrote: >> >> > Yes, I'm tcdupming pflog and ALL my dropped packets >> > reference some PID 6504 that is not found among >> > the processes that are running. I was actually not fishing >> > for PIDs, I just saw the PID referenced in the standard >> > tcpdump output. For forensics I just want to find the link >> > between PID referenced in tcpdump to the process, >> > and I cannot, and I believe I should be able to for security. >> > >> > >> > >> > On Tue, Mar 5, 2024 at 7:12 PM Janne Johansson <icepic...@gmail.com> >> wrote: >> > >> > > Den tis 5 mars 2024 kl 14:35 skrev ofthecentury < >> ofthecent...@gmail.com>: >> > > > >> > > > Hi, I'm on a fresh install of OpenBSD 7.4. >> > > > I am watching output of tcpdump and >> > > > seeing some drops that all reference >> > > > UID 0, pid 6504. I cannot find that PID >> > > > among running processes. Does anyone >> > > > know what is that process and why it's >> > > > not running but tcpdump references it? >> > > >> > > OpenBSD has random pids, so unless you ask about pid 0 or 1, noone can >> > > divine what process had pid 6504 on your system at that time. >> > > >> > > As for this report, it looks like you are tcpdumping pflog in order to >> > > see "drops" with pids, but since you didn't mention what you ran, it's >> > > hard to tell. Nor did you state how you looked for pids, perhaps not >> > > using all the possible options? >> > > >> > > >> > > -- >> > > May the most significant bit of your life be positive. >> > > >>
