On Apr 29, 2016, at 4:43 PM, Roger Marquis wrote:
>>> What are the reasons FreeBSD has not deprecated ntpd in favor of
>>> openntpd?
>>
>> While I cannot speak for anyone other than myself, the two simply aren't
>> equivalent. As a conscious design choice, OpenNTPD trades off accuracy
>> for cod
On May 14, 2015, at 8:24 AM, Karl Denninger wrote:
> [ ... ]
> I'd love to lock out TLS 1.0 but if you do that anyone still running
> anything that uses XP cannot connect.
True for WinXP + IE6:
https://www.ssllabs.com/ssltest/viewClient.html?name=IE&version=6&platform=XP
However, large finan
On Apr 27, 2015, at 3:12 PM, Ronald F. Guilmette wrote:
> In message ,
> Charles Swiger wrote:
>> On Apr 27, 2015, at 11:37 AM, Ronald F. Guilmette
>> wrote:
>>> ...
>>> and/or whether FreeBSD provides any options which,
>>> for example, might auto
On Apr 27, 2015, at 11:37 AM, Ronald F. Guilmette
wrote:
> I am prompted to ask here whether or not FreeBSD performs any sort of
> logging of instances when "duplicate TCP packets but with different
> payloads" occurs,
Not normally. Such things can be visible in netstat -s output as "completely
On Sep 30, 2014, at 3:08 PM, Jung-uk Kim wrote:
> On 2014-09-30 18:00:31 -0400, Mike Tancsa wrote:
>> On 9/30/2014 5:25 PM, Charles Swiger wrote:
>>> bash-3.2$ echo "Testing Exploit 4 (CVE-2014-7186)"
>>> Testing Exploit 4 (CVE-2014-7186)
>>> bas
On Sep 30, 2014, at 12:46 PM, Bryan Drewery wrote:
[ ... ]
> I even saw a reddit post last night complaining that OSX had updated
> bash only to leave it "still vulnerable" because of the redir_stack issue.
It doesn't seem to be?
bash-3.2$ bash --version
GNU bash, version 3.2.53(1)-release (x86_
Hi, Ben--
Thanks for soliciting feedback.
On Jun 11, 2014, at 2:32 AM, Ben Laurie wrote:
> We (the OpenSSL team) are considering a more aggressive EOL strategy.
>
> In particular, we may EOL 0.9.8 right now, and 1.0.0 when 1.0.2 comes
> out (currently in beta).
>
> Going forward we would only
Hi--
On Apr 28, 2014, at 11:11 AM, Julian Elischer wrote:
>> OpenSSL 0.9.x and 1.0.x are *not* binary compatible.
>
> are they somewhat "API" compatible? can you compile most code against either?
Yes, you can compile most code against either OpenSSL 0.9x or 1.x.
The OpenSSL API defines OPENSS
Hi--
On Apr 24, 2014, at 3:58 AM, Ben Laurie wrote:
[ ... ]
>> It's worth noting that even if you believe that (e.g.) the clang static
>> analyzer isn't properly doing liveness analysis and misjudging whether
>> there's a dead assignment (writing to a variable which is never read), the
>> clan
On Apr 23, 2014, at 1:21 PM, Erik Cederstrand wrote:
[ ... ]
>> Not only are both of these shorter and they pass clang's static analyzer
>> without a warning, I'd argue that the second version is noticeably cleaner.
>
> I don't disagree with you, but rewriting 1000 if-else cases in
> single-thr
Hi--
On Apr 23, 2014, at 3:06 AM, Erik Cederstrand wrote:
> Den 23/04/2014 kl. 03.12 skrev Ronald F. Guilmette :
[ ... ]
>> I do imagine that the truth or falsehood of your assertion may depend
>> quite substantally on what one does or does not consider a "false
>> positive" in this context.
>
>
On Apr 21, 2014, at 6:38 PM, Ronald F. Guilmette wrote:
> In the aftermath of this whole OpenSSL brouhaha... which none other than
> Bruce Schneier publically pronounced to be a 12, on a scale from 1 to 10,
> in terms of awfulness... I do wonder if anyone has taken the time or effort
> to run the
Hi--
On Apr 9, 2014, at 12:44 PM, Nathan Dorfman wrote:
> Is it implausible to suggest that before embarking on the task of
> backporting, reviewing, testing and releasing the actual fix, an
> announcement could have been made immediately with the much simpler
> workaround of adding -DOPENSSL_NO_
Hi--
On Mar 20, 2014, at 12:33 PM, Ronald F. Guilmette
wrote:
> Here is what I am seeing now in response to an ntpdc "peers" query. I am
> not really all that familiar with this stuff, so if anybody else here can
> tell me if this looks messed up or not, I'd sure appreciate it.
>
>
> remo
On Apr 17, 2006, at 5:29 PM, Noah Silverman wrote:
[ ...redirected to freebsd-questions... ]
Take the following rules:
ipfw add 00280 allow tcp from any to any 22 out via bge0 setup keep-
state
ipfw add 00299 deny log all from any to any out via bge0
ipfw add 0430 allow log tcp from any to me
[ ...I guess freebsd-security is the mailing list other replies
(Allen) are using... ]
Hi, Robert--
This big an email may have frightened away the usual suspects, or
perhaps the discussion about bumping library version numbers is
stealing too much attention. :-)
Nevertheless, I'll toss
16 matches
Mail list logo
