Re: irq status

[opentrax]

On  3 Nov, Alexander Anderson wrote:
> In mailing.freebsd.hackers, you wrote:
> 
>> > Is their a tool out their or does anyone have a quick bit of code /
>> > hack that will "probe" all of the irqs on my box and tell me which
>> > ones are used / available??
>>
>> No.  You can glean some of this information from various
>> metaconfiguration interface, but the question you're asking suggests
>> that you're trying to do something wrong anyway.
>>
>> Why don't you tell us a bit more about what you want this information
>> for?
> 
> I got curious too and decided to join. If you have dealt with Linux, it
> has 'interrupts' file in /proc filesystem. It tells you what IRQs are
> currently in use and what's using them. Is there something similar on
> FreeBSD?
> 
In addition to the 'vmstat -i', you can use dmesg and filter irqs
with grep. This might work better for you since it also lists
the IO ports used with each IRQ. You do that like this:

 dmesg | grep irq





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: RPC not taking the same service twice: a bug or a security measure?

[opentrax]

On  8 Nov, Bill Paul wrote:
>> A coworker seems to have found an issue with portmap on FreeBSD.
>> Aparently, if you try and register the same service twice, but with
>> different protocols (UDP vs TCP), it doesn't work. I'm not entirely sure
>> I believe this, and I am digging for more details, but I am writing to
>> see if anyone can tell me anything that will save me having to do the
>> investigative work. :-) I'll follow up with more details as I can.
> 
> No you won't, because both you and your cow-orker are smoking entirely
> too much crack. (Him for hallucinating this problem in the first place,
> and you for believing him enough to post this query here.)
> 
Hey!! There is no need for this type of response. 
It's obvious the person writing has good intentions,
but has not read a TCP/IP book, that's worth a damm.
I would consider it a personal favor, if this might be
responded to in a less attacking manner.

best regards,
Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: printf()

[opentrax]

On  9 Nov, Alfred Perlstein wrote:
> * Zhenhai Duan <[EMAIL PROTECTED]> [001109 21:09] wrote:
>> A simple question:
>> 
>> Does the kernel function printf() flushes the output immediately, or it is
>> possible some data is buffered somewhere and gets lost without printing
>> to the console? like the corresponding funtion in the c library.
> 
> It's not buffered afaik.
> 
Actually my experince in writing drivers (for 386bsd) showed (me)
that the kernel printf() was buffered.

Jessem.






To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: printf()

[opentrax]

On 10 Nov, Mike Smith wrote:
>> >> Does the kernel function printf() flushes the output immediately, or it is
>> >> possible some data is buffered somewhere and gets lost without printing
>> >> to the console? like the corresponding funtion in the c library.
>> > 
>> > It's not buffered afaik.
>> > 
>> Actually my experince in writing drivers (for 386bsd) showed (me)
>> that the kernel printf() was buffered.
> 
> Considerable (ie. shitloads) of experience using the kernel printf with 
> FreeBSD (not to mention reading the code line by line as I ported it for 
> libstand) allows me to tell you that it isn't.
> 
> And you're welcome to go read the code yourself, should you choose to 
> take issue with that.  8)
> 
Sir, with regards to your experience and reading of the code, I should
say that as you have read it, that would appear to be the situation.
Better judgement - and testing to see how it might be buffered - would
seem to be a challange. However, before we quest into what might
be a futile battle on the definition of a word. Let's first
agree that taken the code at face value you are correct. I will 
certainly not deny - code taken on face value to be 
code taken on value.

Let us also agree that "buffering" might be defined in
different ways. For instance, we could say, "buffering
implies an actual level of intermediate storage that might
(for some unknown reason) be delaying the output of a printf()"
Show that be the case, then it would stem that our differences
are minor, and could simply be a difference in
interpetation or meaning of the word "buffered".

As such, let me NOT blather on with meaningless dribble.

Let us say, if we might, that there could be a delay in
output two (2) seperate kernel printf() statements. Or said
an other way, Is it possible for two (2) printf() statements
NOT to be outputed in a linear fashinon? Ie. the first printf()
statement get printed first, the second - second.

If we differ on this point, then perhaps a example might
be needed. As such, my example would only work under 386BSD,
as I stated. Being your stated experience with FreeBSD,
it is quite possible that I am incorrect. Should that be
the case, then I stand correct. However, I see no evidence to 
such. Further my understanding or *BSD kernels, could be skewed,
but past experience tells me otherwise.

Is there is way that I could perhaps demonstrate my reasoning,
such that it might be satisfactory to you?

best regards,
Jessem.






To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: printf()

[opentrax]

On 10 Nov, Mike Smith wrote:
>> 
>> Is there is way that I could perhaps demonstrate my reasoning,
>> such that it might be satisfactory to you?
> 
> No.
> 
Then, should I take it you concede the point?

Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: printf()

[opentrax]

On 10 Nov, Terry Lambert wrote:
>> A simple question:
>> 
>> Does the kernel function printf() flushes the output immediately, or it is
>> possible some data is buffered somewhere and gets lost without printing
>> to the console? like the corresponding funtion in the c library.
> 
> There is no buffering comparable to that of the stdio package;
> in other words, there is no such thing as an fflush() or setbuf()
> call.
> 
>>...[Trimmed]...
> 
> Hope this helps, and hope anyone who has any corrections to this
> wil provide them, since this type of documentation needs to be
> collected somewhere, and the mailing list archives seem to be the
> most appropriate place.
> 
Yes, Thanks Terry. Your explaination is much clearer
than mine and it certainly covers the material in
a much more concise manner than I know I could
in a single writing.

> Maybe we can set up an arch-doc list, which we can cross-post
> these responses to via Bcc:, without incurring the wrath of the
> mailing list manager?  An archive of such things (my contributions
> in this area are minor, trust me) would be a good thing; PHK
> posted a nice internals description the other day that I would
> not mind having archived for eternity, without it taking up space
> in my email archive.
> 
I agree. Additionally, such a idea could be extended
with some simple scripts, if the write wrote a few
key phrases at the head of such a message.

For instance in this case:

Scope: kernel internals
Lifetime: Eternal
Overrides: None

However, that might just be wishful thinking on my part. :-)

Jessem.






To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: printf()

[opentrax]

On 10 Nov, Warner Losh wrote:
> In message <[EMAIL PROTECTED]> Zhenhai 
>Duan writes:
> : Does the kernel function printf() flushes the output immediately, or it is
> : possible some data is buffered somewhere and gets lost without printing
> : to the console? like the corresponding funtion in the c library.
> 
> Yes.  It can be buffered, but that's a driver level thing.  I've seen
> serial consoles where things crashed after a printf I put in and never
> saw.
> 
> I've not seen anything similar on video consoles.
> 
I want to be clear on what you're saying Warner.
Are you saying that you put a printf() after your crash point,
but never saw your printf(). So in your code it might have
looked like:

printf("foo do foo\n");
crash_here();
printf("after the crash\n");

And never see the statement "foo do foo\n";
Is that correct?

Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: "iowait" CPU state

[opentrax]

On 15 Nov, Barry Lustig wrote:
> On Wed, 15 Nov 2000, Terry Lambert wrote:
>>
>>  I'm always tempted to set up a company where the main
>>  engineers have a centralized batch compile server, so as to
>>  not slow down developement, but requiring that they run no
>>  better than a 386SX/16 on their desktop.  If they are good,
>>  I'd give them a full 8M of real RAM, instead of 4M.
>>
> 
> That's what they did at NeXT.  The engineers got machines with slower  
> processors and small amounts of RAM.  It was designed to encourage them to  
> produce fast efficient code.
> 
Thats what we do also. We hired some engineers and it
seemed they spent more time on "build world",
than solving the problem. When one of them went on
vacation (for a few days), we told him we needed to
sell his computer. We replace a 350MHz PII with a
386dx @ 33Mhz. It took him about 3 days, but he
started thinking about the problem, not building
new code. It's become very effective in retraining
engineers.

Jessem.






To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: M_ZERO patches.

[opentrax]

Can someone email me with a brief explaination of this M_ZERO path?
I see it is about something to do with memory (malloc, bcopy, etc.)

Thanks Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: M_ZERO patches.

[opentrax]

On  4 Dec, Poul-Henning Kamp wrote:
> In message <[EMAIL PROTECTED]>, [EMAIL PROTECTED] writes
> :
>>Can someone email me with a brief explaination of this M_ZERO path?
>>I see it is about something to do with memory (malloc, bcopy, etc.)
>>
>>  Thanks Jessem.
> 
> Since a majority of malloc(9) uses immediately bzero(9) the allocation,
> I added an flag to malloc(9) so one can ask for a zero'ed allocation.
> 
> This saves a couple hundred calls to bzero(9), improves cache-locality
> and generally improves code readability as a result.
> 
> It will also allow us to operate a "idle-time-malloc(9)- zeroing-daemon"
> later.
> 
Very cool!



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Fwd: kyxtech: freebsd outsniffed by wintendo !!?!?

[opentrax]

On  7 Dec, Dragos Ruiu wrote:
> 
> (Hurm Wintendo outperforming unix???!??  Something's
>  improper about this, and it ought to be fixed...  :-) 
>  Comments?  Other OS numbers: more recent 
>  FreeBSD versions? Solaris? Tru64? Optimization
>  patches? Can those OO MSDN lobotomies actually
>  be good things? Hurm... The Italian gauntlet has
>  been thrown down   --dr :-)
> 
> url: http://netgroup-serv.polito.it/winpcap/docs/performance.htm
> 
I'm not sure if we could find someone of this caliber to
run the test again. For once I must agree with Mike Smith ;-)

Clearly the page:

http://netgroup-serv.polito.it/winpcap/

says, "partially sponsored by MicroSoft Research".

IMHO, it bait -- bad bait at that. IMO, M$ has found
some hole in the FreeBSD kernel and is intending to expose it.
Although I suspect the hole's been cleaned up by now by core.

If Terry Lambert can chimes in, I know we might get some
real answers. I'm not convinced by this M$ agent.

Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: R: [Ethereal-dev] Re: Fwd: kyxtech: freebsd outsniffed by wintendo !!?!?

[opentrax]

On 12 Dec, Fulvio Risso wrote:
> I do not agree with you.
> Partially supported by Ms Research means that we got:
> - software
> - 1 Dell workstation
> 
> That's it.
> I *strongly* suggest to ask someone before opening your mouth.
>
Your tone strongly suggest your research is less than
objective. Given that questioning technical ability
is something I'll leave to someone else. It's not
in my interest, nor is it benificial to continue
discussion with yourself when you readily admit to being
open to financial influences. 

I'll leave it at that and wish you well in life.

best regards,
Jessem.






To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

ssh - are you nuts?!?

[opentrax]

Thank you for your attention.
 
Next month I'm giving a talk about the evils of SSH.
The talk schedule is posted on:
http://www.svbug.com/events/
I've already circulated this message to the OpenBSD
'tech' mailing list and the NetBSD 'security' mailing
list. Now, I've like to hear from the FreeBSD community.

The question asked is: why you believe ssh is beter
than say telnet. Or what advantages SSH has in general.
Please note, I'm not here to flame or troll, just
ask questions. Your responses determine the tone
of all conversations.

Lastly, please trim the CC: line as you feel appropriate.


Thanks.
Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 22 Dec, Chris Costello wrote:
> On Friday, December 22, 2000, [EMAIL PROTECTED] wrote:
>> Thank you for your attention.
>>  
>> Next month I'm giving a talk about the evils of SSH.
> 
>If you don't know anything about it, why do you claim it's
> evil?
> 
I don't know if I've claimed either.

Jessem





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 23 Dec, Dan Langille wrote:
> On 23 Dec 2000, at 13:25, David Preece wrote:
> 
>> At 15:37 22/12/00 -0800, you wrote:
>> 
>> >The question asked is: why you believe ssh is beter
>> >than say telnet. Or what advantages SSH has in general.
>> 
>> Sorry, don't have time to reply to this properly.
>> 
>> The main evil of ssh is that server authentication is not enforced, making 
>> mounting a man-in-the-middle attack basically trivial.
> 
> It is possible.  It is not trivial.
> 
What leads you to believe that it's not trival?





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 22 Dec, Chris BeHanna wrote:
> On Sat, 23 Dec 2000, David Preece wrote:
> 
>> At 15:37 22/12/00 -0800, you wrote:
>> 
>> >The question asked is: why you believe ssh is beter than say
>> >telnet. Or what advantages SSH has in general.
>> 
>> Sorry, don't have time to reply to this properly.
>> 
>> The main evil of ssh is that server authentication is not enforced,
>> making mounting a man-in-the-middle attack basically trivial.
> 
> Man-in-the-middle or not, the fact that your data aren't
> transmitted in the clear automatically gives ssh a leg up over telnet,
> rsh, rlogin, and ftp.  (At least one large company I know of has
> stated flatly, for example, that sending a root password over the wire
> in the clear is grounds for immediate termination.) 
> 
Is it possible to get the name of that company?

> You can certainly
> do your own server authentication, by carrying your known hosts file
> around on a floppy.  ssh *does* warn you when you connect to a host
> that isn't present in your known hosts file--this isn't happening
> without your knowledge *and* consent.
> 
Some people have stated that the "first contact" scenario is
difficult to over come. How do you feel about that?

> ssh may have its weaknesses, but telnet has little use other than
> as a diagnostic tool, IMHO (I only use it to send protocol commands to
> popd or sendmail these days).  I'd *hardly* characterize ssh as "evil".
> 
I don't beleive I've ever said SSH is evil. It seems to be
a common interpetation of the statement I made. I see that
I'll have to make note of that in my talk.

Are there any other points you feel might be either a "plus"
or "minus" in behalf of ssh?

Jessem.






To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 22 Dec, Garance A Drosihn wrote:
> At 3:37 PM -0800 12/22/00, [EMAIL PROTECTED] wrote:
>>Thank you for your attention.
>>
>>Next month I'm giving a talk about the evils of SSH.
>>The talk schedule is posted on:
>>http://www.svbug.com/events/
>>I've already circulated this message to the OpenBSD
>>'tech' mailing list and the NetBSD 'security' mailing
>>list. Now, I've like to hear from the FreeBSD community.
> 
> People in the "FreeBSD community" are invited to read the
> rambling and pointless discussions that this sparked in
> the OpenBSD and NetBSD communities before repeating all
> those arguments in all the freebsd mailing lists.
> 
> If you still think you have something to say which wasn't
> said in those threads, well, have fun at it.
> 
Mr. Drosishn,
I'm not sure where you gather your information, but
but other mailing list have been very helpful about this 
subject. As matter of fact, the harshes critics to date
have been from OpenBSD. I'm not sure if we are both
reading the same material.

Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

Mr Clark,
Could I trouble you to use your comments in my talk?

Jessem.


On 22 Dec, Crist J. Clark wrote:
> 
>  
> ||_
> | PLEASE DO  |   | |
> |  NOT FEED  |   |  THANK  |
> | THE TROLLS |   |   YOU   |
> ||   |_|
>  || |   || |
>  || |   || |
>  || |   || |
>  || |   || |
>  || |```|| |`
> 
> Please, not on another list.




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 22 Dec, Kris Kennaway wrote:
> On Sat, Dec 23, 2000 at 01:25:11PM +1300, David Preece wrote:
>> At 15:37 22/12/00 -0800, you wrote:
>> 
>> >The question asked is: why you believe ssh is beter
>> >than say telnet. Or what advantages SSH has in general.
>> 
>> Sorry, don't have time to reply to this properly.
>> 
>> The main evil of ssh is that server authentication is not enforced, making 
>> mounting a man-in-the-middle attack basically trivial.
> 
> Incorrect..the problems with SSH come down to flaws in the human
> operator who ignore the warnings SSH gives them, and tell it
> explicitly to do insecure things like connect to a server which is
> suddenly not the one you're used to connecting to.
> 
Are you stateing that one of the issues with SSH is
a social issue and not a technical?

> These flaws can be all but eliminated by telling SSH to not even give
> the poor weak confused human the choice of answering yes to the
> question, by setting of a simple configuration option.
> 
> JMJr, a good place to start your talk on "The Evils of SSH" might be
> the Pavlovian conditioning of humans to answer "Yes" to every question
> a computer gives them..focus on the real problem here.
> 
I'm giving your comments some consideration. 
Is there any other evidence that might help this type of
arugement out?  I've consider it, but it is a weak arguement
and it really needs a solid foundation for presentation.

Can you site(sp?) and specific studies or experiments
that might aide in this area?

Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 24 Dec, Dan Langille wrote:
> On 23 Dec 2000, at 2:00, [EMAIL PROTECTED] wrote:
> 
>> On 23 Dec, Dan Langille wrote:
>> > On 23 Dec 2000, at 13:25, David Preece wrote:
>> > 
>> >> At 15:37 22/12/00 -0800, you wrote:
>> >> 
>> >> >The question asked is: why you believe ssh is beter
>> >> >than say telnet. Or what advantages SSH has in general.
>> >> 
>> >> Sorry, don't have time to reply to this properly.
>> >> 
>> >> The main evil of ssh is that server authentication is not enforced, making 
>> >> mounting a man-in-the-middle attack basically trivial.
>> > 
>> > It is possible.  It is not trivial.
>> > 
>> What leads you to believe that it's not trival?
> 
> You are the one claiming it is trivial.  The onus is on you to prove your 
> own claim.  Or conversely, prove me wrong.  I'm not feeding you.
> 
I'm sorry, even after reading the attributes at the
top of the messages. It says:

> At 15:37 22/12/00 -0800, you wrote:

That does not mean the portion written is
attibutable(sp?) to '[EMAIL PROTECTED]'.
I can see how there might be a confusion on this
since someone failed to put in attributes
for my original messages. Sorry I cannot help you answer
what is "not trivial".





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

Your comments noted.
thanks
Jessem.



On 23 Dec, Christian Weisgerber wrote:
> <[EMAIL PROTECTED]> wrote:
> 
>> I've already circulated this message to the OpenBSD
>> 'tech' mailing list and the NetBSD 'security' mailing
>> list.
> 
> Indeed.  Please ignore him, he's a troll.
> 




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

Your comments noted.
Jessem.



On 23 Dec, Bill Fumerola wrote:
> On Sat, Dec 23, 2000 at 02:00:54AM -0800, [EMAIL PROTECTED] wrote:
> 
>> > It is possible.  It is not trivial.
>> > 
>> What leads you to believe that it's not trival?
> 
> A functioning brain.
> 




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 23 Dec, Bengt Richter wrote:
> You are clueless as to the effect of your word choices.
> Thank you for reading that.
>
I would beg to differ.

> Please note that I am not writing this to flame, but in
> an attempt to be helpful ;-)
> 
I appreciate all person with the intent to help.

> At 15:37 2000-12-22 -0800 [EMAIL PROTECTED] wrote:
>>Thank you for your attention.
>   Your subject line got my attention, but so would having
>   someone tug at my sleeve, or worse impertinence. How about
>   "Please help me prepare for SSH talk" ?
>
While I did consider something like your suggestion,
my feeling was that it did not carry the correct impact
for getting "expert" consideration.

>> 
>>Next month I'm giving a talk about the evils of SSH.
>   If you don't know that the above sentence strongly
>   implies the existence of the referred-to "evils,"
>   may I suggest that you attend an English refresher.
>   (Please don't tell me an empty set can exist).
> 
>   If you are going to invite others to express their
>   opinions, the implicit assertion of your own as
>   unqualified fact is not a good starting point.
> 
I've re-read this sentence many times. I've made no
"implict" assertions. I you believe I have please
feel free to email me personally. Perhaps I could
have balace the statement with:

   "about the goods and evils of SSH."

But again, that would have negligible impact.
I realized that people might take my statement
to mean "SSH is evil". In that, I concluded
that those favoring SSH would defend it strongly,
as the have. Those disliking SSH would send
me information as to their sentiment(sp?) Those
sitting on either side would send my their
opinions and feelings, nothing more.

>>The talk schedule is posted on:
>>http://www.svbug.com/events/
>>I've already circulated this message to the OpenBSD
>>'tech' mailing list and the NetBSD 'security' mailing
>>list. Now, I've like to hear from the FreeBSD community.
>>
>>The question asked is: why you believe ssh is beter
>>than say telnet. Or what advantages SSH has in general.
>   Your foreplay stinks. You are trying to take advantage
>   of my natural interest, but your approach forces me
>   to overcome negative feelings before I can participate,
>   which I would otherwise willingly do. It's a shame, really.
> 
If you have negative feelings, then by all means
chime in. I have had a rather balanced response
and overall I feel the talk will go well, although
I am pressed for time. (This leaves no option, but to
ignore/minimalize non-substantive resonses.)


>>Please note, I'm not here to flame or troll, just
>>ask questions. Your responses determine the tone
>>of all conversations.
>>
>   Your subject line resonated with the tone of crass
>   attention grabbing. Do you disclaim all responsibility
>   re tone, after thus giving everyone a goosing in an
>   area of interest? If you are used that, you watch too
>   much TV.
> 
Hmmm... I appoligize if the material is not to
your suiting(sp?). Sometimes life is like that.
If you have feelings or opinin about SSH, please
email them to me.

I guess your right about TV. One (1) hour a night
of Star Trek is too much.

>>Lastly, please trim the CC: line as you feel appropriate.
>>
>>
>>Thanks.
>>Jessem.
>   That's ok. HTH. Really.
> 
Thanks for your comments.
They are noted.
Jessem.




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 23 Dec, Wes Peters wrote:
> [EMAIL PROTECTED] wrote:
>> 
>> Thank you for your attention.
>> 
>> Next month I'm giving a talk about the evils of SSH.
>> The talk schedule is posted on:
>> http://www.svbug.com/events/
>> I've already circulated this message to the OpenBSD
>> 'tech' mailing list and the NetBSD 'security' mailing
>> list. Now, I've like to hear from the FreeBSD community.
>> 
>> The question asked is: why you believe ssh is beter
>> than say telnet. Or what advantages SSH has in general.
> 
> The simple fact that it doesn't transmit passwords in clear text?
> 
Thanks for your comment. Are there any other things
you say about SSH?

> This is one of the stupidest trolls I've ever found, and is completely
> inappropriate for freebsd-security.  Try over on -chat.
> 
I'm not sure of this. SSH is about Secure SHell. It's this
where I might get technical answers about security?






To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 25 Dec, Kris Kennaway wrote:
> On Sat, Dec 23, 2000 at 02:16:51AM -0800, [EMAIL PROTECTED] wrote:
> 
>> > Incorrect..the problems with SSH come down to flaws in the human
>> > operator who ignore the warnings SSH gives them, and tell it
>> > explicitly to do insecure things like connect to a server which is
>> > suddenly not the one you're used to connecting to.
>> > 
>> Are you stateing that one of the issues with SSH is
>> a social issue and not a technical?
> 
> Yes, that is the single relevant (solvable) issue here. You're just
> going to make yourself sound ignorant, and possibly amuse, confuse or
> frighten a lot of your audience, if you claim otherwise.
> 
Thanks for your comments, Kris. I'm not claiming I'm
going to do anything at this  point. However,
I see you feel strongly about this as a "Social Issue".
Can you comment more on this?  I'd like to get your opinion and
more facts as to your position.

>> > These flaws can be all but eliminated by telling SSH to not even give
>> > the poor weak confused human the choice of answering yes to the
>> > question, by setting of a simple configuration option.
>> > 
>> > JMJr, a good place to start your talk on "The Evils of SSH" might be
>> > the Pavlovian conditioning of humans to answer "Yes" to every question
>> > a computer gives them..focus on the real problem here.
>> > 
>> I'm giving your comments some consideration. 
>> Is there any other evidence that might help this type of
>> arugement out?  I've consider it, but it is a weak arguement
>> and it really needs a solid foundation for presentation.
> 
> This comment was half tongue-in-cheek, but my assertion that the
> current flap over "insecurity" of SSH is not based on shortcomings or
> weaknesses of the SSH protocol, or even the UNIX SSH implementations
> of that protocol - is I think well justified (and fairly obvious to
> most people with crypto clue). For another reference which debunks the
> "End of SSH" article in more detail, see the article posted to
> slashdot yesterday. Be sure to distinguish between SSH and SSL when
> reading the original article or its followups (SSH has nothing to do
> with SSL except in a very broad sense).
> 
Wow!! Thanks I'll make not of your suggestion and follow up and 
my earliest time slot.  

Also, earlier in this message I said - send me positive "proof".
This last section is extremely helpful. Can I quote you in the
last paragraph you sent me. It would look like this:

"
> [...] my assertion that the
> current flap over "insecurity" of SSH is not based on shortcomings or
> weaknesses of the SSH protocol, or even the UNIX SSH implementations
> of that protocol - [The insecurity of it] is I think well justified
> (and fairly obvious to most people with crypto clue). [The
> "insecurity"  is the conditioning of humans to answer
> "Yes" to every question a computer gives them.]
>
"



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 25 Dec, David O'Brien wrote:
> On Fri, Dec 22, 2000 at 11:28:07PM -0800, Kris Kennaway wrote:
>> Incorrect..the problems with SSH come down to flaws in the human
>> operator who ignore the warnings SSH gives them, and tell it
>> explicitly to do insecure things like connect to a server which is
>> suddenly not the one you're used to connecting to.
> 
> And we, the FreeBSD Project, don't do a thing to help this situation.
> We change the SSH keys on the freebsd.org machines left and right w/o
> *ANY* notice to committers that they have been changed.  So we've trained
> our own committers to have sloppy habits that could lead a malicious code
> added to the FreeBSD CVS source repository.
> 
Is this correct?
Can anyone confirm this.
A message by Wes Peters suggests it to be so.

JKH, DG, CORE respond.



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 25 Dec, Warner Losh wrote:
> In message <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes:
> : JKH, DG, CORE respond.
> 
> Core does not respond to mail not directed to it.
> 
Posting rules do not allow me to send to more than to
groups. Can you recommend a course of action?





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 25 Dec, Mike Smith wrote:
>> > And we, the FreeBSD Project, don't do a thing to help this situation.
>> > We change the SSH keys on the freebsd.org machines left and right w/o
>> > *ANY* notice to committers that they have been changed.  So we've trained
>> > our own committers to have sloppy habits that could lead a malicious code
>> > added to the FreeBSD CVS source repository.
>>
>> Is this correct?
> 
> No, in several particulars.  "The FreeBSD Project" doesn't change the SSH
> keys on the FreeBSD.org machines.  Notice is given when they are intention
> ally changed. The FreeBSD Project doesn't "train" committers to have
> sloppy habits.
> 
> David has probably been drinking too much; it's Christmas, after all.  
> There were a couple of incidents some time back when freefall's SSH keys 
> were accidentally overwritten due to failure to follow procedure by 
> individual administrators.  The lengthy discussions which followed these 
> incidents could not possibly have been construed as "training committers 
> to have sloppy habits".
> 
>> Can anyone confirm this.
> 
> No.  But I'm damn sure that you'd have been fleeing Grover's Mill with 
> the rest of the sheep.
> 
>> JKH, DG, CORE respond.
> 
> Jordan is in Europe.  David is unlikely to pay any attention to this sort 
> of noise.  Core does not administer the FreeBSD.org machines, and if you 
> get a response at all, it will probably be "you are talking to the wrong 
> people".
> 
Mike,
I apprecitate your response. So, I'm paying particular attention
to details; I don't want to get this wrong. Your statement
says "in several particulars", What does this mean? 

I think you are meaning to say that "Notice is given when they are
intenting all changes", Is this correct?
Please, I'm just trying to get it straight what you are saying.

As for JKH or DG being out, I would imagine more than one
person is away for the holidays. Also, I see your name is
listed on the page listing "core" members, so I appreciate
this effor on your part.  However, this rumor (as
I read it now) sounds fantastic, so I'd like to get
facts, or at least core's POV (Point Of View).

Lastly, you are suggesting that I am talking to the "wrong"
people on this. If I am, who are the "right" people?





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 25 Dec, Peter Wemm wrote:
> "David O'Brien" wrote:
>> And the best we've
>> ever done is in the "HEADS UP: New host key for freefall!" thread started
>> by Peter Wemm on Tue, 16 May 2000 23:26:33.
> 
> ... which the thread and FUD was a total load of shit, because the original
> keys were never announced or signed or anything.  The new keys were no more
> or less trustworthy than the old ones.
> 
Wait, I'm trying to get this straight.
If I read what you are saying, and please correct me if I'm wrong,
you are saying "the original keys were never .".
Which original keys are you talking about?
Are you saying that the original SSH Public Keys for the servers
were always sent in the clear, without PGP signature or anything?

Is this correct?





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 26 Dec, Kris Kennaway wrote:
> On Mon, Dec 25, 2000 at 09:27:49PM -0800, David O'Brien wrote:
>> On Mon, Dec 25, 2000 at 08:29:01PM -0800, Kris Kennaway wrote:
>> > 
>> > Umm, are you actually talking about real incidents here, or just
>> > spreading FUD?
>> 
>> REAL incidents.  Please remember I've been a committer longer you have.
> 
>>.[TRIMMED]...
> 
> Since you insist, please check the following message IDs which contain
> PGP signed confirmations of the changed keys. The freefall one
> especially was just a mixup in timing, not an oversight or gap in
> policy:
> 
> Message-Id: <[EMAIL PROTECTED]>
> Message-Id: <[EMAIL PROTECTED]>
> Message-ID: <[EMAIL PROTECTED]>
> 
> So I say again, please stop spreading FUD and making it sound like
> FreeBSD admins routinely change SSH keys without warning or
> confirmation. It has happened once in the last year, and the new key
> was authoritatively confirmed very quickly thereafter.
> 
Wait. If what David says is correct and what Kris says is correct, 
then I guess the next question is: What is the policy when
a "commiter" reports this type of schenario?

My guess is that such a situation would not be ignored, and
as such, any commiter encountering such a situation should
report the incident immediately. This should be the policy
for if what I've read and heard about SSH is true, then
what David is saying merits a policy and investigation
by the SO.

If it is FUD as you claim, then the call should be made
by the SO. This would seem to be prudent policy.

Lastly, I'm not here to question policy, just report on
it.

respectfully,
Jessem.







To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 26 Dec, Kris Kennaway wrote:
> On Tue, Dec 26, 2000 at 04:22:59AM -0800, David O'Brien wrote:
>> If you feel I've given the wrong impression, fine.  Just say that, and
>> I'll clear up that I'm not saying it is intentionally done if that is
>> what people think.  But admit to the lack of care of the past.  What
>> happens after the next hardware failure?  Who ever gets the box running
>> again, will be glad their work is done, and they will not email out a
>> notice. 
> 
> You are complaining to the wrong audience. Talk to [EMAIL PROTECTED],
> not the FreeBSD user community.
> 
I disagree with your statement.

>From what I'm reading, it seems that "the enforcement of policy"
has been lacking of that current policies need revamping.

If the former is the case, then the new SO has his work
cut out for him.

If the later is the case, then his complaint merits attention,
and immediate action. Mind you I'm not suggesting this
change. However, one of my counter-proposals to SSH
(to be given at the talk) is the "enforcement of policy".
And to wit, if said policy is weak, then the underlying structure
(or framework) should be expected of similar condition.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 26 Dec, Wes Peters wrote:
> [EMAIL PROTECTED] wrote:
>> 
>> On 25 Dec, David O'Brien wrote:
>> > On Fri, Dec 22, 2000 at 11:28:07PM -0800, Kris Kennaway wrote:
>> >> Incorrect..the problems with SSH come down to flaws in the human
>> >> operator who ignore the warnings SSH gives them, and tell it
>> >> explicitly to do insecure things like connect to a server which is
>> >> suddenly not the one you're used to connecting to.
>> >
>> > And we, the FreeBSD Project, don't do a thing to help this situation.
>> > We change the SSH keys on the freebsd.org machines left and right w/o
>> > *ANY* notice to committers that they have been changed.  So we've trained
>> > our own committers to have sloppy habits that could lead a malicious code
>> > added to the FreeBSD CVS source repository.
>> >
>> Is this correct?
>> Can anyone confirm this.
>> A message by Wes Peters suggests it to be so.
> 
> No message from me suggested anything about ssh key handling by the FreeBSD
> project.  Don't start quoting me out of context.
> 
I'll go back to the original message that was posted,
if you like. Your message made a suggestion, nothing
more. What exactly it *MEANT* to say IS NOT CLEAR.
This is why I'm asking questions.

I'm not going to quote you, if I'm not clear on what you
are saying. But if you are saying something, please 
assist my understanding in this matter. Please email
me what you are saying. 

If you believe, I have wronged you, as you are stating,
I will appoligize, but I my original understanding
of your posting is -what I posted/questioned.

Jessem.








To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 26 Dec, Mark Murray wrote:
>> Which original keys are you talking about?
> 
> SSH public server keys. (Sometimes called "server identities").
> 
>> Are you saying that the original SSH Public Keys for the servers
>> were always sent in the clear, without PGP signature or anything?
> 
> David was saying that, but he's wrong. There was a time that we
> were very lax about confirming the server public keys.
> 
> The last round of changes have all been confirmed by digital
> signature by well-known server administrators.
> 
Okay, can you be specific about what you mean by
"There was a time that we were very lax".

I'll make the broad assumption that things are now "correct".





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 25 Dec, David O'Brien wrote:
> On Mon, Dec 25, 2000 at 06:34:09PM -0800, Mike Smith wrote:
>> No, in several particulars.  "The FreeBSD Project" doesn't change the SSH
>> keys on the FreeBSD.org machines.  
> 
> Not changed for change sake, but failure to do anything to preserve them.
> 
> 
>> David has probably been drinking too much; it's Christmas, after all.  
> 
> This was totally uncalled for in a public list.  Especially from one that
> has been critical of me lately.  I hate to tell you, but I've been on the
> BSDi clock all day long.
> 
> 
David,
   I belive that Mike meant to say David Green. I expected
that was what he meant. It was Christmas day.

Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Thread DIES [Re: ssh - are you nuts?!? ]

[opentrax]

On 26 Dec, Mike Smith wrote:
>> If it is FUD as you claim, then the call should be made
>> by the SO. This would seem to be prudent policy.
> 
> Jesse, Kris *is* the Security Officer.
> 
> Now, please let this thread die.
> 
Mike,
You and I don't often agree, but this time is worth noting.
I agree. Messages, flames and counter-claims have now 
reached a point of dis-information/noise.

If you have emailed me, and I have not responded -
I will privately. The only exception are 

Wes Peters, who claims I have mis-quoted him
If I have I must make a public appoligy.

Bill Fumerola, who states that security policy
information is un-available. However, I might
refer his comment to the Security Officer instead,
if Bill feels this appropriate.

Any further comments about this thread should
be emailed to me directly. If you post I will
respond, but privately.

Lastly, I formally request any further continuation
about this subject on this thread stop.

Jessem.







To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

Okay Wes, This is your original message.
You state:

"This is exactly the sort of problem we need to solve..."

In the context of this message I must assume that since
the subject is SSH, then you are referring to SSH.
If not, there is nothing in the message that would
lead me to believe otherwise.

If you I have mis-quoted you, please clarify your
statement so that I might make appropriate reperations.

respectfully,
Jessem.

BTW, your original message is below:
=
Message-ID: <[EMAIL PROTECTED]>

On 25 Dec, Wes Peters wrote:
> David O'Brien wrote:
>> 
>> On Fri, Dec 22, 2000 at 11:28:07PM -0800, Kris Kennaway wrote:
>> > Incorrect..the problems with SSH come down to flaws in the human
>> > operator who ignore the warnings SSH gives them, and tell it
>> > explicitly to do insecure things like connect to a server which is
>> > suddenly not the one you're used to connecting to.
>> 
>> And we, the FreeBSD Project, don't do a thing to help this situation.
>> We change the SSH keys on the freebsd.org machines left and right w/o
>> *ANY* notice to committers that they have been changed.  So we've trained
>> our own committers to have sloppy habits that could lead a malicious code
>> added to the FreeBSD CVS source repository.
> 
> This is exactly the sort of problem we need to solve in a usable and secure
> manner, so we can be an example to hold up and say "this is one way you can
> make it work."
> 
> I'm completely open to suggestions as to how we can accomplish that.  A few
> ideas leap to mind, but unfortunately, short of an heirarchical calling 
> list, none of them really work, relying on other key information that may 
> have changed also.  Sending an email with the new certs signed by the SO
> or other authoritative key would work, given that everyone already has the
> OS cert or key, unless it is the SO key that is changing.
> 
> With a little bit of perspiration, we could probably create a calling list
> that minimizes overseas and long distance calls, but reaching far-flung 
> people on the phone is often difficult, expensive work.
> 




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Thread DIES [Re: ssh - are you nuts?!? ]

[opentrax]

On 28 Dec, Bill Fumerola wrote:
> On Wed, Dec 27, 2000 at 04:04:36PM -0800, [EMAIL PROTECTED] wrote:
> 
>>  Bill Fumerola, who states that security policy
>>  information is un-available. However, I might
>>  refer his comment to the Security Officer instead,
>>  if Bill feels this appropriate.
> 
> for the public record:
> 
> Its unavailable in a "I don't know of any place that it is currently
> stored publicly, so I have no idea how JmJr was making references to it"-way
> as opposed to a "It's super-secret-elite and you can't have it"-way.
> 
My assumption was the former. Thank you for your response.
I will follow up with the SO now.

Thanks Again,
Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Thread DIES [Re: ssh - are you nuts?!? ]

[opentrax]

On 29 Dec, Wes Peters wrote:
> Bill Fumerola wrote:
>> 
>> On Wed, Dec 27, 2000 at 04:04:36PM -0800, [EMAIL PROTECTED] wrote:
>> 
>> >   Bill Fumerola, who states that security policy
>> >   information is un-available. However, I might
>> >   refer his comment to the Security Officer instead,
>> >   if Bill feels this appropriate.
>> 
>> for the public record:
>> 
>> Its unavailable in a "I don't know of any place that it is currently
>> stored publicly, so I have no idea how JmJr was making references to it"-way
>> as opposed to a "It's super-secret-elite and you can't have it"-way.
> 
> This is exactly what I meant when I wrote "we need to solve this problem."
> I.e., we need a published procedure for disseminating ssh keys for FreeBSD
> machines to those who need them.  Simply publishing what is currently done,
> perhaps in the committer section of the Handbook or even in the committers
> instructions, would meet this need just fine.
> 
> Boy, am I glad this is over.
> 
Wes,
I reget that your response does not reference your
original message. I have reposted your exact comments and your
the Message ID to which your comments pertain. If you'd like 
me to repost that message, I will. 

Let me make clear that I believe your words and your intent.

However, in light of your response being --un-referenced from
the original-- , I must consider this response as NOT a repudiation*
of earlier suggestions.

*repudiation - rejecting as invalid

respectfully,
Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: ssh - are you nuts?!?

[opentrax]

On 28 Dec, Mark Murray wrote:
>> Okay, can you be specific about what you mean by
>> "There was a time that we were very lax".
> 
> If there was a change of server identity, then we did not necessarily
> announce what the new identity was in a way that people could trust.
> 
> These days, a member of the Security Officer team sends out an
> announcement (cryptograhically signed of course) letting folks
> know what identity (fingerprint) to expect.
> 
I'm sorry, but this opens up a can of worms. However, I've
also promised further communications to be off-line.
Anyone else, interested in this subject, email me
and you'll be added to the CC on this issue.

Please email ONLY from this message, else I cannot
trace your request.

Mark, Please expect my response in about 24 hours from
the posting of this message.


Respectfully,
Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

The Talk: ssh - are you nuts!?!

[opentrax]

SSH - are you nuts!?!
by Jesus Monroy, Jr.

I'm too tired to get this out, but i promised it would
be available, so here it is.

The Offical Part

On Jan. 4, 2001, a talk entitled "ssh - are you nuts!?!"
will be given at the SVBUG (Silicon Valley BSD User Group)
monthly meeting by Club President Jesse Monroy, Jr.
Details available at:

http://www.svbug.com/events/


My part
---
Today at 7:45pm (local time) this talk will start.
People say I'm nuts, sometimes I think they are
right. Currently, I've heard hundreds of points
of views, read dozens of papers, and comtemplated
solutions with vicious circles. Two days before
Christmas I related this to my brother-in-law,
a Havard/Yale/Cambridge MBA. His response was,
"Builds character."; hmm.. Thanks.

Other club presidents ask me, "Are you serious
about this?" My business partner expressed, just 
after Christmas, "Is this worth it?"  I'll admit, 
at times, this whole thing has been a bit crazy.

So as I've said today at 7:45pm local time, here
in Silicon Valley, I will be speaking. 
The title is "SSH - are you nuts!?!"

What do I mean by this? Well to get exactly what
I mean you may:

1) Come to the talk. Details are available at:
http://www.svbug.com/events/
2) See my notes after the talk - posted to:
http://www.svbug.com/past/
3) Or see the event with on-line video
   when it's available later this year.

For those you you interested, below are selected points from my talk.
---
-What I won't  be saying
-SSH is evil.
-SSH is useless.
-SSH is a bad idea.
-Authentication/Encryption is a hoax or does not work.
-Public Key Encryption does not work. (I have no proof.)
-I can break Public Key Encryption. (At least, not now.)
-I USE SSH. (1 or 2)
-I never intend to use SSH.
-My systems have never been compromised.
-My frame of reference
-What I will be saying
-Voice my personal complaints
-Expose encryption/security myths
-Investigate the technical specs/issues
-Investigage Technical, Social, Economic, Financial Problems
-Investigate attackers and attacks
-Tell you where to get SSH
-Showing alternatives
-Why I'm doing this
-My Personal Complaints
-What people have to say
-SSHv1 vs. SSHv2
-SSHv2 Features
-The SSH Specs (the problems within)
-Authentication/Encryption - Two methods to argue
-can never be broken
-can always be broken
-SSH(v2) Faults
-New Technical problems it creates
-Technical Problems outside of SSH control
-There are common misconceptions about it's functionality
-Social Problems
-Economic Problems
-Financial Problems
-Still Subject to ...
-Who wants your data
-What is the Man-In-The-Middle
-Your Governments Involvement
-What SSH programs there are
-What alternatives you have
-Start with a Strategem
-Technical Prevention
-Technical Counter Measures
-Last words




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: [Question] CVS and CVS@freebsd

[opentrax]

On  7 Jan, Wes Peters wrote:
> [EMAIL PROTECTED] wrote:
>> 
>> [Trimmed]
>> Can anyone give me suggestion on implementing this?
>> Specifically I'd like to know about tools available,
>> concepts that would aid developers and any suggestions
>> out-of-scope that would aid developers.
> 
> Bugzilla.  The only thing not to like about it is the insanse insistence
> on MySQL; it would be ever so much better with PostgreSQL (says Wes the
> Berkeley license bigot).
> 
After some thought I remembered that durning the Mozilla Developer
Conference, many of the Mozilla people agree. They also thought that
support for other DB system would be appropriate. However, it is also
not on the top of their TODO list.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

[Q] Transient Core Dumps

[opentrax]

Just a quick question.
Tonight our DNS server dropped core after several other
program misbehaved. Chief amoung then was one of our
own. 

The problems thought seems to be more than one 
misbehaving programs. Along with DNS the machines runs,
LiveCam, our video over the internet solution, NCSA
webserver (part of LiveCam), Apache (port 8080) and
Mason. 

The machine went into a spin when LiveCam swamped
the swap space, then some tried to send email
via Apache/mason. Eventually, named also dumped
core. 

The machine is reset. I've turned off direct
access to Apache/Mason. The machines is now fine.
Granted one (very buggy) part of our LiveCam
has problems, but along with Mason, it seems
that the problems are hard to trace.

The question is: 
How do we diagnos (sp?) random core dumps?
I've seen quite a few go by in last days.
And up till now we usually ask for a dmesg
and one other thing.  Any comments?

Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: how to test out cron.c changes? (was: cvs commit: src/etc crontab)

[opentrax]

On  1 Jan, Doug Barton wrote:
> Gerhard Sittig wrote:
>> 
>> [ ... reminder after two weeks of silence ... ]
> 
>   Two weeks of silence is generally enough to let you know that no one is
> interested in this modification. If someone was, they'd generally have
> said something by now. 
> 
>   Speaking only for myself, I don't think your proposed changes are a
> good idea, which is why I refrained from offering any suggestions on how
> you can test them. 
> 
> Just so you wouldn't think you were being ignored,
> 
I didn't see this can you email me about it?



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: release with custom kernel

[opentrax]

On  4 Jan, Sven Huster wrote:
> hi there,
> 
> after asking this in questions for a while, i want to give hackers a try.
> 
> is there a possibility to make a release with a custom kernel?
> 
> i know how to create a release but it contains always the GENERIC kernel.
> 
Have you tried reading the handbook?

http://www.freebsd.org/handbook/

Specifically:

http://www.freebsd.org/handbook/kernelconfig.html





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: more than 8 colors in console?

[opentrax]

On  4 Jan, Peter Pentchev wrote:
> Hi,
> 
> I'm writing a console app, which needs to be quite colorful, and to use
> customizable colors.  Unfortunately, with ncurses, right after start_color(),
> I get a can_change_color() == FALSE.  Besides, COLORS is defined to as many
> as the Co termcap capability, which is 8.
> 
> Well, all (well, most ;) PC video adapters can display up to 16 colors,
> if I decide to drop the bold/blinking capabilities, and define all colors
> as suits my taste.  Is there a way to define more than 8 colors, and..
> uh.. is there a way to define *any* colors at all? :)
> 
Yes, there are many ways. My favorite is to use ANSI escape codes.
Althought I'm sure there are other codes that would work.

I think curses can do it. Someone correct me if I'm wrong.

Jessem.



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: open PR WRT syslogd vs. serial consoles

[opentrax]

On  5 Jan, Brian Reichert wrote:
> I'm chasing down a syslogd problem on a 3.4-R box, only to discover
> that I'm being bit (still!) by a PR I submitted two years ago:
> 
>   
> 
> I'm responsible for a wad of machines hanging off of a terminal server.
> 
> - I wanted syslog messages reported to the console, for revealing
>   critical errors.
> 
> - Due to cabling and the terminal server itself, using Big Digi
>   hardware, I need to have getty running off of cuaa0, not ttyd0.
> 
> Apparently, in three versions of FreeBSD, this is _still_ a problem.
> 
> Does anyone have any insight on this?
> 
Given the nature of the problem and other priorities,  
I would say you might need to fix it yourself. :-)
I'm not saying this to be spitefull, but it looks like
since not enough people are running this type of setup,
not enough people are complaining.

Your best bet would be to write the people who have
tried to fix this and ask what can be done. 
BTW, you can see all open/suspend/feedback needed
PR reports. Another strategy is to check with people 
encountering simliar problems (ie serial and syslog).

Best of Luck,
Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: [Question] CVS and CVS@freebsd

[opentrax]

On  7 Jan, Alex Kapranoff wrote:
> On Sat, Jan 06, 2001 at 08:16:29PM -0800, [EMAIL PROTECTED] wrote:
>> [Note: I've BCC'd to arch to get advanced implemention suggestions]
>> 
>> Hey everyone OpenCountry.org has asked me to setup
>> a CVS repository for them.  Their business plan includes
>> packageing, wrapping and selling LINUX open source software.
>> 
>> They want to build an infrastructure to support multiple unrelated
>> independent developers. It will include the usual web, mailing list
>> stuff, but they also want CVS, bug reporting and integrationg
>> with the message board (Twiki).
> 
>   If they want something like SourceForge, why not implemented it
> using SourceForge code? It's Open Source.
> 
That's an excellent suggestion. I'll make sure to look at it.
BTW, are they running *BSD? That is what I'm looking for.

Jessem.







To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Clustering FreeBSD

[opentrax]

On 16 Jan, Jamie Heckford wrote:
> Hi,
> 
> Does anyone have any details of Open Source, or software included
> with FreeBSD that allows the clustering of FreeBSD?
> 
> I have 55 racks sitting here to play with, and want to start doing
> some serious work (for me anyway!) with fBSD
> 
> Plz. let me know! :)
> 
I've been working on some stuff for over a year, but
it nowhere near anything. What was it you were planning on doing?

Jessem.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message