gt; recommended solution is ucode update.
I created an rc script for this, including a check that the system is
actually running a Zen 2 CPU:
https://gist.github.com/Freaky/2560975d3c94246b86f464b8be75c967
--
Thomas 'Freaky' Hurst
https://hur.st/
On Sun, 8 Sep 2019 at 16:58, Victor Sudakov wrote:
> Which client is now recommended to work with Let's Encrypt?
>
> I see numerous clients in the ports tree, some deleted, some renamed...
> Which one is good?
I use net/traefik as reverse proxy. It has Let's encrypt support
built-in, see https:/
who knows about NTP
will chime in. Thanks!
Best regards,
Thomas Steen Rasmussen
___
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
box.
Blocking TCP *fragments* will accomplish nothing except perhaps
break DNSSEC and other things.
Please speak up if you believe anything I wrote is incorrect,
Best regards,
Thomas Steen Rasmussen
[1]
http://lists.freebsd.org/pipermail/freebsd-security/2014-May/007683.html
[2] http://www.fre
D Project
>
> Topic: TCP reassembly vulnerability
>
Hello everyone,
Does anyone have a PoC exploit for this ? I want to see what we can do
in IPS and so on at $work to protect against this until the patches can
be applied.
Thanks!
/Thomas
_
massive,
certificates will need to be replaced and so on. I don't want to
repeat the page, so go read that.
Best regards,
/Thomas Steen Rasmussen
ps. there is a bit on the openssl site too:
https://www.openssl.org/news/secadv_20140407.txt
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
-
the down side is that any root or matching uid can delete the queue on the
host system.
Transscript - First the host
root@Thomas-FreeBSD:/home/sparrevo # ~sparrevo/mqueue
Testing creation of Queue /Talk
Making sure it does not exist deleted
/Talk Created
On 8/24/12 5:49 PM, Simon L. B. Nielsen wrote:
> On Fri, Aug 24, 2012 at 1:52 PM, Thomas wrote:
>> On 8/19/12 4:46 PM, Paul Schenkeveld wrote:
>>> On Thu, Aug 09, 2012 at 11:44:02AM +0200, Roberto wrote:
>>>
>>> Having read all responses so far I think a
ct release information.
AFAIK snmp uses kern.version and kern.osrelease for this.This sysctls
are read only. Any ideas how this issue can be fixed for
snmp in a easy way?
Regards,
Thomas
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
sing Varnish or similar. However,
accf_http doesn't help at all, since HTTP POST requests bypass the
filter. HTTP POST can be enabled by passing the -httpready switch to
Slowloris.
Please report back with your findings, I've been wondering how it
would perform under load.
Best of luck w
at that.
These servers have peak loads at around 1000 queries per second. They
are both quad core 2-3ghz boxes with a couple of gigs of ram, and the
cpu is around 50% utilized when the servers are busy.
If you need more information please let me know.
Best regards
--
Cordialement,
Beugin Thomas
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
6.x affected too? It looks the System has file 4.12. The
port has 4.20.
Regards,
Thomas
--
Terry Lambert:
"It is not unix's job to stop you from shooting your foot. If you so
choose to do so, then it is UNIX's job to deliver Mr. Bullet to Mr Foot
idn't investigate it
much beyond that when I learned that.
Hmm i think it should, I have 3 different location, all connected to HQ
using openvpn, and all location can talk to each other, just dont use
UDP transmission. ( it have a problem )
rega
m BSD private to ISA
private seems to be flowing, but return traffic appears to be flowing from
the ISA private side to the BSD public address. I was just curious if
anyone has done any work getting these two talking so I can not reinvent
the wheel.
Thanks,
Mark Thomas - [EMAIL PROTECTED]
c does not
look like this. But I'm not sure.
Regards,
Thomas
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
16 matches
Mail list logo
