Luigi Rizzo wrote:
> On Thu, Jun 20, 2002 at 08:25:28PM -0700, Terry Lambert wrote:
> > Giorgos Keramidas wrote:
> > > I've been thinking for quite some time to add per-client-IP limiting
> > > to ftpd, and I had almost decided upon something like the following,
> ...
> > Someone just did somethin
On Thu, 20 Jun 2002, Terry Lambert wrote:
> Lamont Granquist wrote:
> > Cyrus imapd is a real pain in the ass to administer local user accounts
> > with though.
>
> You mean that it doesn't integrate well with the UNIX credentials
> system. THe issue here is that Cyrus needs to be able to hook
I think that libsafe would "protect" against this bug to at least prevent
against any possible malicious code execution. I think it still leaves
the DoS possibility open though... Even some kind of non-exec stack
protection patched into FBSD would only generate a SEGV if it got
triggered[*]. V
On Thu, 20 Jun 2002 19:59:20 -0700
Terry Lambert <[EMAIL PROTECTED]> wrote:
> Patrick Thomas wrote:
> > Is it possible to patch/recompile FreeBSD 4.5 in such a way that your
> > system is no longer vulnerable to the "chunking" attack, even if you are
> > still running a vulnerable apache ?
Why n
On 20 Jun, Mike Makonnen wrote:
> On Thu, 20 Jun 2002 00:04:41 -0700 (PDT)
> Don Lewis <[EMAIL PROTECTED]> wrote:
>
>>
>> Your patch also looks like it should fix the bug. I prefer my patch,
>> though, because I think the resultant code is structured better and
>> should be easier to understand
On Thu, Jun 20, 2002 at 08:25:28PM -0700, Terry Lambert wrote:
> Giorgos Keramidas wrote:
> > I've been thinking for quite some time to add per-client-IP limiting
> > to ftpd, and I had almost decided upon something like the following,
...
> Someone just did something similar for inetd (per IP per
ok - i've noticed (on an awe64,
p200 W/ 128 mb of ram),
that recording a sound at 44100 hz stareo:
rec -r 44100 -c 2 file.wav
takes up all my cpu, but under linux, it barely takes up any.
freebsd creates a lot of stuttering/clipping because it's taking up all the CPU
recording. is this an audio d
John,
Please keep us informed as to your progress. I'm sure I'm not the only one
who would be *very* happy to see your work come to fruition!
If I can help in any way (testing or whatever), let me know.
--
Conrad Sabatier <[EMAIL PROTECTED]>
Think of it! With VLSI we can pack 100 ENIACs in
On Wed, 19 Jun 2002, Daniel Eischen wrote:
> Try the patch included at the bottom.
Thanks! I will, but I don't have the library sources installed at
the moment so it will be a few days before I can test.
--
Andrew I MacIntyre "These thoughts are mine alone..."
E-mail: [EMAI
Lamont Granquist wrote:
> Cyrus imapd is a real pain in the ass to administer local user accounts
> with though.
You mean that it doesn't integrate well with the UNIX credentials
system. THe issue here is that Cyrus needs to be able to hook
create/delete actions on accounts, and UNIX fails to pr
Giorgos Keramidas wrote:
> I've been thinking for quite some time to add per-client-IP limiting
> to ftpd, and I had almost decided upon something like the following,
> where each child of ftpd has two numbers associated with it. The
> client IP address, and the PID of the ftpd child that serves
Dan Ellard wrote:
> Has anyone done a side-by-side benchmark of the FreeBSD, OpenBSD, and
> NetBSD NFS servers on the same hardware? Note that I'm interested in
> server performance, not client performance.
>
> I'm particularly interested in read performance, but anything would be
> interesting.
Patrick Thomas wrote:
> Is it possible to patch/recompile FreeBSD 4.5 in such a way that your
> system is no longer vulnerable to the "chunking" attack, even if you are
> still running a vulnerable apache ?
Not FreeBSD, but it's possible to reconfigure Apache.
The way you would deal with this wo
Kris Kennaway wrote:
> Surely it's easier to just upgrade the apache port, instead of
> recompiling your kernel and the entire OS.
Not always. (I'm running an old version of Covalent Raven SSL and I'm
loathe to upgrade. "If it works, don't fix it" and there are only so
many hours in a day.)
--
On Thu, Jun 20, 2002 at 02:17:41PM -0700, Patrick Thomas wrote:
>
> Is it possible to patch/recompile FreeBSD 4.5 in such a way that your
> system is no longer vulnerable to the "chunking" attack, even if you are
> still running a vulnerable apache ?
Surely it's easier to just upgrade the apache
Darren Pilgrim wrote:
> Personally I'm all for courier-imap. IMAP and POP3, Maildirs, SSL, and
> the ability to access both real and virtual mailboxes.
Courrier is derived from one of the two under discussion, just
like the Netscape IMAP server.
-- Terry
To Unsubscribe: send mail to [EMAIL PRO
Cyrus imapd is a real pain in the ass to administer local user accounts
with though. The cyradm program is extremely deficient. Its great if you
want to offer people imap e-mail without offering them shell access. For
local access, though, there's a higher administrative overhead. I'm back
to
Jason Andresen wrote:
> "Brandon D. Valentine" wrote:
> > On Tue, 18 Jun 2002, Darren Pilgrim wrote:
> > >It's not exactly FreeBSD, but how about rewriting pine and uw-imap?
> > >Last I heard they could use a little work.
> >
> > It would have to be a complete reimplementation thanks to the retard
Hi there,
I have a problem with some application, which is supposed
to receive lots of network connections. For some time now,
it cannot accept any connections at all. Trussing it gives following
output:
# truss -p 57897
accept(0x4,0xbfbff9ac,0xbfbff9a8)ERR#35 'Resource
tempor
> The output of "ls -l /dev/acd0c" should look something like:
>
> crw-r- 4 root operator 117, 0 Apr 27 20:24 /dev/acd0c
And, if for some reason it does not look like that, and for some reason
you do not have an appropriate MAKEDEV, you can create it by hand with:
# rm -rf /dev
On 2002-06-21 03:09 +, Giorgos Keramidas wrote:
> Below is a prototype I'm playing the last few days with, trying to
> make something that implements the above scheme using
> macros. Now, what do you all think about this? Does it sound like a
> nice idea to pursue further?
It would be nice
Hello all,
I've been thinking for quite some time to add per-client-IP limiting
to ftpd, and I had almost decided upon something like the following,
where each child of ftpd has two numbers associated with it. The
client IP address, and the PID of the ftpd child that serves it. The
hash at the
On Thu, 20 Jun 2002 00:04:41 -0700 (PDT)
Don Lewis <[EMAIL PROTECTED]> wrote:
>
> Your patch also looks like it should fix the bug. I prefer my patch,
> though, because I think the resultant code is structured better and
> should be easier to understand. For instance, the reason for the
> assi
You an do this for OUTGOING packets using ipfw and teh 'fwd' keyword.
(it can be used to override 'next hop' routing decisions.)
INCOMING is a whole different problem.
On Thu, 20 Jun 2002, Peter J. Blok wrote:
> Hi,
>
> I know this topic has been brought up numerous times. I have 4 IP4 intern
In message <[EMAIL PROTECTED]>, jogegabsd wr
ites:
>I just upgrade to 4.6-RELEASE.
...
># mount_cd9660 /dev/acd0c /cdrom
>/dev/acd0c: Device not configured
What way did you upgrade? The device minor number for acdXc changed
between 4.5 and 4.6, so you need to ensure that you have an up-to-date
/d
On Thu, 20 Jun 2002, Dan Ellard wrote:
>In lieu of actual data, which system do people think makes the best
>NFS server for heavily-loaded systems?
I've got no numbers to back it up but I'd say the performance I've seen
is in this order:
IRIX/XFS/NFSv3
FreeBSD/FFS/NFSv3
Linux/XFS/NFSv3
Brandon
On Thu, 20 Jun 2002, Darren Pilgrim wrote:
>Personally I'm all for courier-imap. IMAP and POP3, Maildirs, SSL, and
>the ability to access both real and virtual mailboxes.
See my other recent message about the security implications of running
courier-imap. Also, maildirs are a mediocre idea for
Has anyone done a side-by-side benchmark of the FreeBSD, OpenBSD, and
NetBSD NFS servers on the same hardware? Note that I'm interested in
server performance, not client performance.
I'm particularly interested in read performance, but anything would be
interesting.
In lieu of actual data, whi
I just upgrade to 4.6-RELEASE.
In the 4.5-RELEASE I was able to mount and umount my
CD-R/DVD with no problems. In both versions my dmesg
shows:
acd0: CD-RW at ata1-master PIO4
But after the upgrade I try to mount a cd and I get
# mount_cd9660 /dev/acd0c /cdrom
/dev/acd0c: Device not configure
On Thu, Jun 20, 2002 at 11:13:02PM +0200, Pawel Jakub Dawidek wrote:
+> What You think about something like that:
+> [17:33:39] [ttyv8] [61] leila:root:/sys/miscfs/procfs# diff procfs_subr.c.orig
+procfs_subr.c
[...]
+> This gives us new sysctl (vfs.procfs.umask) and with this we can control
+> p
On Thu, 20 Jun 2002, Jason Andresen wrote:
>I thought the strength of uw-imap was that it was fairly easy to
>configure for a machine with local users.
The strength of uw-imap is clearly that it's fairly easy to allow remote
users to root your machine. courier-imap has a bit better track record
On Thu, Jun 20, 2002 at 11:29:17PM +0200, Peter J. Blok wrote:
> Since this seems not possible with the both stable and current, I would like
> to make a solution for it, inside the kernel. I am thinking of creating a
> routing table based on source address and designate the right gateway.
man
Hi,
I know this topic has been brought up numerous times. I have 4 IP4 internal
networks (sf0 .. sf3)
I have a cable modem connection ep0 and a DSL ep1 connection too. I'd like to
route all traffic from sf0 and sf1 to the DSL connection and the others to
the cable modem. At the same time I'd
Hoping to find some answers here...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Qing Li
Sent: Wednesday, June 19, 2002 6:45 PM
To: FreeBSD Stable
Subject: pcmcia weirdness
I encountered this problem in both 4.5 and 4.6 PREREL.
I ha
Is it possible to patch/recompile FreeBSD 4.5 in such a way that your
system is no longer vulnerable to the "chunking" attack, even if you are
still running a vulnerable apache ?
I ask because I see in one of the chunking exploits that:
* Remote OpenBSD/Apache exploit for the "chunking" vulnera
What You think about something like that:
[17:33:39] [ttyv8] [61] leila:root:/sys/miscfs/procfs# diff procfs_subr.c.orig
procfs_subr.c
42a43
> #include
80a82,119
>
> SYSCTL_NODE(_vfs, OID_AUTO, procfs, CTLFLAG_RW, 0, "vfs-procfs-level");
>
> int procfsumask = 077;
>
> static int
> sysctl_vfs_
Great list, thanks for that. While I think LRP and TCP Rate Halving are quite
interesting, I think tackling the SMP Safe Queues makes the best use my resources.
I fear that testing some of the other items requires setups that are not
feasible for me.
Cheers,
Aram
Terry Lambert wrote:
Ara
On Thu, 20 Jun 2002, Brooks Davis wrote:
> On Wed, Jun 19, 2002 at 10:09:07PM -0400, David E. Cross wrote:
> > He is however "quite sick" of networking, and was originally looking at
> > the VM code as a potential area (he is gaining an interest in
> > parallelization and synchronization).
>
On Thu, 20 Jun 2002, Bosko Milekic wrote:
> Hey, this is awesome stuff! Thanks! How come we don't have a port?
I've been busy. ;-)
Feel free to do the port if you get time before I do.
Brandon D. Valentine
--
http://www.geekpunk.net [EMAIL PROTECTED]
++[>++<-]>
On Thu, Jun 20, 2002 at 03:27:24PM -0500, Brandon D. Valentine wrote:
> On Thu, 20 Jun 2002, Bosko Milekic wrote:
>
> >On Thu, Jun 20, 2002 at 01:10:39PM -0700, Matthew Hunt wrote:
> >> This shouldn't be hard to glue together without modifying mutt itself.
> >> Make a little program, foo, that t
On Thu, Jun 20, 2002 at 04:18:38PM -0400, Bosko Milekic wrote:
> Interesting. How would you have a key bound sequence in mutt set off
> the script on the message, though? For instance, if I do a "ctrl+B", how
> would you ensure that the Right Thing happens, without modifying mutt
> code?
By
On Thu, 20 Jun 2002, Bosko Milekic wrote:
>On Thu, Jun 20, 2002 at 01:10:39PM -0700, Matthew Hunt wrote:
>> This shouldn't be hard to glue together without modifying mutt itself.
>> Make a little program, foo, that takes the message on stdin, passes
>> it through "formail -x subject", massages it
Based on the amount of effort we had to put in, I have to agree that you're
going to have to need a _lot_ of hardware for the software effort to pay off.
-Kip
On Thu, 20 Jun 2002, Brandon D. Valentine wrote:
> On Thu, 20 Jun 2002, Bruce A. Mah wrote:
>
>
On Thu, Jun 20, 2002 at 01:10:39PM -0700, Matthew Hunt wrote:
> On Thu, Jun 20, 2002 at 03:24:54PM -0400, Bosko Milekic wrote:
>
> > cool if mutt did it). What this does is pretty straightforward: I see
> > a thread with subject "foo." I don't like it. I really don't like it.
> > I hit a key
On Thu, 20 Jun 2002, Bruce A. Mah wrote:
>PS. It's crossed my mind that the staff time involved in making this
>work could quickly exceed the cost of buying equivalent (maybe even
>better) "normal" hardware. :-)
s/could/will/
If I were you I'd look at the 1U dual Xeon servers from SuperMicro.
On Thu, Jun 20, 2002 at 03:24:54PM -0400, Bosko Milekic wrote:
> cool if mutt did it). What this does is pretty straightforward: I see
> a thread with subject "foo." I don't like it. I really don't like it.
> I hit a key combination such as, I don't know, CTRL+B (or something not
> bound yet),
Having had to make Lilo boot Linux on these boards I have some familiarity with
them. They don't have a standard BIOS, so they don't support the standard
routines that the newer bootloader expects (e.g. memory sizing). If you have
more questions feel free to follow up off list - I doubt the partic
Sorry to interrupt various flamewars with some actual technical
discussion... :-)
At ${REALJOB}, we've got a couple of Maxtor MaxAttach boxes we're trying
to play with. These are dedicated NFS/SMB servers. Physically they are
1U boxes with four 70GB IDE disks on them (wd0, wd1, wd2, wd3). Th
On Thu, Jun 20, 2002 at 02:36:41PM -0500, Sean Kelly wrote:
> On Thu, Jun 20, 2002 at 03:24:54PM -0400, Bosko Milekic wrote:
> >
> > Hi,
> >
> > Two ideas have come up recently to extend the features of the mutt(1)
> > Email client. I'm not one who has hacked on mutt, nor who really
> > inte
On Thu, Jun 20, 2002 at 03:24:54PM -0400, Bosko Milekic wrote:
>
> Hi,
>
> Two ideas have come up recently to extend the features of the mutt(1)
> Email client. I'm not one who has hacked on mutt, nor who really
> intends to (if I can avoid it, I will), so hence the reason for this
> post.
I
Hi,
Two ideas have come up recently to extend the features of the mutt(1)
Email client. I'm not one who has hacked on mutt, nor who really
intends to (if I can avoid it, I will), so hence the reason for this
post.
So this post is directed at those people who have some extra time on
their ha
Jason Andresen wrote:
> "Brandon D. Valentine" wrote:
> > uw-imap has also been quite surpassed, it's called cyrus.
>
> I thought the strength of uw-imap was that it was fairly easy to
> configure for a machine with local users. The same certainly
> couldn't be said for Cyrus. Heck, I nearly sl
On Wed, Jun 19, 2002 at 10:09:07PM -0400, David E. Cross wrote:
> He is however "quite sick" of networking, and was originally looking at
> the VM code as a potential area (he is gaining an interest in
> parallelization and synchronization).
Something I'd like to see which is unfortunatly networ
At 11:24 AM 6/20/2002 -0500, Brandon D. Valentine wrote:
>Different hotmail account[0], same X-Originating-IP. If
>[EMAIL PROTECTED] would reply to this email confirming that this is
>indeed an attempt at identity theft it would be appreciated.
>
>[0] - s/flamerola/fumerola/ this time around.
Th
On Thu, 20 Jun 2002, Bill Fumerola wrote:
>So some people have privately e-mailed asking me who I am. I'll give a hint,
>yes, I am a committer, and no, I'm not Bill Huey.
Different hotmail account[0], same X-Originating-IP. If
[EMAIL PROTECTED] would reply to this email confirming that this is
55 matches
Mail list logo