Re: HUAWEI not recognized properly (3 modem)
- Original Message - From: "Markus Bergkvist" <[EMAIL PROTECTED]> I borrowed a HUAWEI modem just to see how it is recognized. With umass enabled it is recognized as a CD. Disabling umass and it is found as ugen. From this thread http://marc.info/?l=openbsd-misc&m=118468178731619&w=2 I figured it should have been recognized as ubsa. Any suggestions? the modem you have (vendor id 0x1003) should be an E220 HSDPA modem. exactly the same device i tried to "run" last week on freebsd, where i got the same trouble as you. the problem is, that the device when plugged in, initially reports itself as a mass-storage device which will cause a cd-rom to be found. as far as i could figure out in tests (and some others pointed me in the right direction of course), the device needs some proper "message" to be transferred to switch from mass-storage mode into the modem mode. currently, there is a thread on the freebsd lists with the subject "huawei e220 hsdpa on freebsd 6.3-BETA2" regarding this. have a look on it, it'll help you out maybe... i'm currently testing the c-code which is provided there (i'm not a guru) but the first one does not look that bad (there are some errors and problems which i do not really have the time right now to look into). sorry, can't tell anything better right now on this, cheers ;)
Re: Real men don't attack straw men - FINALIZE!
sorry guys, but: from http://www.openbsd.org/mail.html: misc User questions and answers, general questions. This is the most active list. Please, read the FAQ and the installation documents, and see How to report a Problem before posting. advocacy Promoting the use of OpenBSD. Non-technical discussions in misc often get shunted here. would it be an idea to move this thread and stop flooding [EMAIL PROTECTED] thx... ps: of course you can start another flame war on that :) - just reply to misc@, im getting it there -
Re: SSH brute force attacks no longer being caught by PF rule
- Original Message - From: "Stuart Henderson" <[EMAIL PROTECTED]> To: "OpenBSD" Sent: Monday, August 13, 2007 1:30 PM Subject: Re: [misc] SSH brute force attacks no longer being caught by PF rule On 2007/08/13 12:14, Joachim Schipper wrote: > > This still needs a 3-way handshake to be completed, it's not so > easy to blindly spoof. Main problem is if the attacker comes from > the same IP address as a legitimate user (NAT etc). Yes, that is one of the main problems. The other is that it takes time to set up which would be better spent doing something useful - like setting up a log watcher. Well, this *is* useful, and much safer than some log watchers. See e.g. http://www.ossec.net/en/attacking-loganalysis.html which closes with these lines: Please be aware that a few other tools also "block ssh scans", but some of them are so vulnerable that I didn't even bother mentioning. My advice is don't use tools that are shell-script based or have not been updated in a while. Not only they are vulnerable to remote DoS, but also to command execution via hosts.deny (yes, you can configure it to execute programs) and other means. > > Plus, SSH scans are about as dangerous as some skiddie scanning for > > old > > versions of PHPMyAdmin, and we don't take steps to prevent the latter > > either. > > Depends how much CPU is spent handling the connections. I'm fairly sure that on a modern system attached to a 100 Mbps link network capacity will run out before this becomes a problem. Between the disk writes for logging, and the crypto setup, this can bring an otherwise-useful machine to it's knees, with much less than a 100Mbps. Been there, done that, written the PF rules, at least for the affected boxes that need SSH open from all locations (note to readers: for machines where you can restrict SSH to certain IP/IPv6 addresses only, it is a Good Idea to do so). > > Finally, Subversion over SSH uses lots of connections, should you > > ever > > want to use that. > > connection multiplexing can be useful for this sort of thing. Yes, it would be, but I never got it to work reliably (Subversion likes to close connections before opening the next one, etc). Did you? If so, could you share the script/... you used? I haven't tried with svn, but you can probably "ssh -N " first and leave that open until you're finished. maybe somewhat off-topic, but: why don't you just switch your ssh port to a different one. we've been running with this configuration since years and a log examination of the ssh-logs and connection logs from the firewall shows that there was not even 1 (!) connect to the ssh-port from "bad" IPs.
Re: Disk performance/benchmarking
> I was mainly wanting to see a rough estimation of disk throughput > (MB/sec). try this in a state, where the machine is more or less idle (you'd be able to setup a cronjob for this): you will .5GB space for that ;-) for i in 1 2 3 4 5 do h_file="/a/clean/dir/on/your/disk/test_$i.data"; time dd if=/dev/zero of=$h_file bs=1m count=100; time dd if=$h_file of=/dev/null bs=1m; done; don't forget to remove the files dd will give you an avg bytes/sec on transfer, but don't forget that these are with hw/os caching, interferences with other active processes, and so on... it's what you wanted: just rough estimation of how fast your system will do basic disk io from userland. this doesn't show how fast it could be, but will show faster values than normal processing would deliver. you could change the blocksize/count to increase/decrease the work the system has to do for writing a specific amount of data. the more the system has to work, the lesser the blocksize and the lesser the throughput will be. so "how fast is my disk" is always very depending on what kind of action you do with it. transferring/working on millions of small files will be much slower than working on a few large files.
Re: Partitions
> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of John Brahy > Sent: Thursday, June 29, 2006 11:00 PM > To: misc@openbsd.org > Subject: [misc] Partitions > > At first I didn't understand the reason for all the partitions ( > http://archives.neohapsis.com/archives/openbsd/2001-01/1654.ht > ml) now I > can't have enough partitions > > In my official OpenBSD CD sleeve it says to create these partitions: > / > swap > /tmp > /var > /usr > /home > > and over time I have learned to appreciate these, but lately > I have been > creating more partitions > /usr/src > /usr/obj > are two of the ones that are suggested when rebuilding my system and I > definitely like the speed of doing a newfs to /usr/obj > > I also have been putting mysql on it's own partition and then > I got a little > crazier and added more partitions and my list has grown to this: > > / > /home > /tmp > /var > /var/mysql > /usr > /usr/local > /usr/src > /usr/obj > /usr/Xbld > /usr/XF4 > /usr/local > /virtualhosts > > So am I going overboard? or am I missing any good partions. > > when I first posted Nick Holland replied with several reasons to have > multiple partions. Those being > security, fragmentation, protecting the filesystem from overfilling, > organization and space tracking. > > does increasing the amount of partitions increase access to > the files on > that partition? > > Any feedback would be appreciated. > > Thanks, > > John > well, from my point of view: if your setup or the things you load on the server needs it - have as many partitions as you want! you'll at latest will see if you went overboard, if it comes to upgrades, restores, etc... your environment has to fit your needs. i've seen machines with just / and swap, and i've seen machines where for example for the database itself have been more than 30 partitions as well. both setups were fine - for their respective needs. if it's manageable, secure and last but not least - FAST, it's fine ;-)
Re: openbsd and the money
it would be interesting to know about how MUCH money donated to the openbsd project you all are REALLY talking here... if there's any up-to-date published information, plz. let me know... best regards! ps: sorry guys, i couldn't 'stand it ;_)
Re: Empty root password
> Think of somebody who burgles your house to steal your privat > data. When *rofl* --> burgles your house to steal your privat data? come on, before this happens your dead and your home-cinema is gone! i'd bet, nobody is really interested in private data. the only thing i can imagine is something like TANs etc... and if someone comes into your house, he'll definitely doesn't look for post-its with passwords. instead he'll steal the whole box and satisfy his needs elsewhere. this kind of protection only helps against your half-educated small brother who's trying the 100th time to f* up your root- account ;-)
Re: Empty root password
> I accidentally entered a 'return' when it asked for the > root password, so I entered a 'return" again when > I was asked to repeat the password, thinking that > a empty password would be denied, and I would be asked > again. > man, if you want to enter an empty password, do it! unix is a system that will exactly DO what the admin tells it to do. no yes/no checks, no ya sure boxes, maybe some warnings. if things are obvious stupid (like newfs with more size than the disk) they won't work. but if it's the admin's decisition and it's possible, why not do it?
Re: Manually "naming" Multiple NICs
> Normally these devices come up in the same order each time. > > It is not gauranteed, unfortunately, because device bring up can > race against other devices. I've seen it be non-deterministic. > me, too. especially, if you plug in another nic on pci between 2 other nics. this is really confusing the box. also take care for your bios interrupt settings - if you have a lot of traffic, it sometimes can be smart to put all the nics on the same interrupt.
Re: OT: Serial2ssh device
> I am seeking advise prior to buying a "serial to ssh" device, > sometimes > refered to as "serial server" or "serial port server". I am > thinking of > a black box 19" rack mount thing where I can plug in >=16 cables from > the serial ports of all my OpenBSD boxes (growing number ;) ). This > 'thing' should then securely connect to ethernet and offer > some openssh > login. > > Any recommendations in addition to the colorful lies on the > web from all > the vendors? Experiences? Any pitfalls? > blackbox i personally like, but lantronix i setup and never wanted to leave ;-) they work very well, ssh-access possible, rj45 ports are standard, many many supported protocols... give them a try, if it's for a serverfarm, it's worth it ;-)
is openntpd 3.9 real?
hi, on you master ftp fanout and some mirrors (i didn't check all) there's an OpenNTPd archive with version no. 3.9. --> 05/11/2006 06:02 20,850 openntpd-3.9.tgz the changelog (ftp://ftp.openbsd.org/pub/OpenBSD/OpenNTPD/ChangeLog/) doesn't mention such a release. also, on the openntpd.org site, the last release is 3.7. is this a real release of henning/etc... or is there something wrong? if this is the daily dev-version from cvs i suggest naming it different like something with openntpd-3.9-RCx or openntpd-3.9bXY. cu...
