Re: Cold Boot Attacks on Encryption Keys

On 2/21/08, Travers Buda <[EMAIL PROTECTED]> wrote: > * Ted Unangst <[EMAIL PROTECTED]> [2008-02-21 16:32:47]: > > 1. what happens when the bad people pull the plug on a running computer? > > > > 2. how long do the bad people have to read your memory after you turn it > off? > > Who said anyt

Re: Cold Boot Attacks on Encryption Keys

On 2/21/08, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > 1. what happens when the bad people pull the plug on a running computer? > > > Well that's why I personaly mentioned a modified libary or the kernel wich > may could overwrite the RAM 3 times or so in case it has nothing to do. The

Re: Cold Boot Attacks on Encryption Keys

On 2/21/08, Nick Holland <[EMAIL PROTECTED]> wrote: > Twenty+ years ago, I'd noticed this, having completely powered down my > computer, decided I had something more to do, flipped the power switch > right back on, and I was sitting at a command prompt. I marveled, I did > it again, it worked

Re: Cold Boot Attacks on Encryption Keys

On 2/21/08, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Think about bigger netroks! You do know ANY devices wich has NO ram? > Even a simple client-PC wich boots via network has ram. And in > universities or so with about 129k users you just can't ensure that NOBODY > turns off the PC, gets

Re: Projector/external monitor not working on OpenBSD 4.2-current on Thinkpad X60

On Thu, Feb 21, 2008 at 11:11 AM, Amarendra Godbole <[EMAIL PROTECTED]> wrote: > I am unable to move the display to a projector or an external monitor > on my Thinkpad X60, which is running OpenBSD 4.2-current. Fn-F7 is the > keycombination to be used to switch displays, but it does not work. >

Re: ssh complaining about bad file descriptor on 4.3beta.

On Fri, 22 Feb 2008, Chris Smith wrote: > On Thursday 21 February 2008, Allie D. wrote: > > I'm getting bad file descriptor errors on every ssh connection on a > > box that I built from source on 4.3 beta last night. Anyone else > > seeing this as well ? > > > > Feb 21 09:54:43 crusty sshd[21741]:

Re: Cold Boot Attacks on Encryption Keys

On Fri, 22 Feb 2008, Brett Lymn wrote: > On Thu, Feb 21, 2008 at 05:19:28PM -0600, Marco Peereboom wrote: > > > > Let me give you an engineering opinion: bwahahahahahaha this is > > retarded. > > > > Well, let me give you another engineering opinion based on actual > experience working on a m

Re: ssh complaining about bad file descriptor on 4.3beta.

On Thursday 21 February 2008, Allie D. wrote: > I'm getting bad file descriptor errors on every ssh connection on a > box that I built from source on 4.3 beta last night. Anyone else > seeing this as well ? > > Feb 21 09:54:43 crusty sshd[21741]: error: getsockname failed: Bad > file descriptor > >

Re: ifstated and ping

Giancarlo Razzolini wrote: Aaron escreveu: I am trying to configure ifstated on an i386 4.2 Stable pair of openbsd firewalls but having some issues on how to determine connectivity of a backup/secondary wan interface. The carp states seem solid and preempt seems to work great. The only thin

Re: Cold Boot Attacks on Encryption Keys

On Thu, 21 Feb 2008 23:32:22 -0500 (EST), mcb, inc. wrote: >On Thu, 21 Feb 2008, Marco Peereboom wrote: > >> Let me give you an engineering opinion: bwahahahahahaha this is retarded. > >A lesson from history for those who fail to learn from it. >Rebooting from the latent image in core memory after

Re: Cold Boot Attacks on Encryption Keys

* Nick Holland <[EMAIL PROTECTED]> [2008-02-21 22:43:44]: > Marco Peereboom wrote: > > I really have a hard time buying this. I can see how you ended up with > > some crap in that memory upon reboot but I fail to see how that memory > > could retain its contents. Not knowing the situation you mi

Re: Cold Boot Attacks on Encryption Keys

* Douglas A. Tutty <[EMAIL PROTECTED]> [2008-02-21 22:17:08]: > On Fri, Feb 22, 2008 at 02:41:40AM +0100, [EMAIL PROTECTED] wrote: > > > Of course there many kinds of attack but if somebody shutdowns your box > > and reads the infos from your memory there's something we can do about it: > > Over

Re: Cold Boot Attacks on Encryption Keys

* Ted Unangst <[EMAIL PROTECTED]> [2008-02-21 16:32:47]: > On 2/21/08, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > My suggestion is to overwrite memory like 3 times if a programm free's the > > memory or if a reboot is commanded via the shell. Of course this harms > > "old" boxes but it's sti

Re: Cold Boot Attacks on Encryption Keys

On Thu, 21 Feb 2008, Marco Peereboom wrote: Let me give you an engineering opinion: bwahahahahahaha this is retarded. A lesson from history for those who fail to learn from it. Rebooting from the latent image in core memory after months or even years without power was not particularly remarkab

Re: There's something about OpenBSD...

On Thu, Feb 21, 2008 at 6:26 PM, Jason Dixon <[EMAIL PROTECTED]> wrote: > > On Thu, Feb 21, 2008 at 06:15:32PM -0500, Nick Bender wrote: > > On Thu, Feb 21, 2008 at 5:08 PM, Jussi Peltola <[EMAIL PROTECTED]> wrote: > > > > > Displaying the name of the file and the matched line nicely like grep

Re: Cold Boot Attacks on Encryption Keys

Marco Peereboom wrote: > I really have a hard time buying this. I can see how you ended up with > some crap in that memory upon reboot but I fail to see how that memory > could retain its contents. Not knowing the situation you might have > had some huge caps on that machine; or even battery back

Re: Cold Boot Attacks on Encryption Keys

On Thu, Feb 21, 2008 at 08:04:07PM -0600, Marco Peereboom wrote: > I really have a hard time buying this. Yes, I can understand that - I was the same until I saw the remnants of the display come up on the screen. > I can see how you ended up with > some crap in that memory upon reboot but I fail

Re: Cold Boot Attacks on Encryption Keys

On Fri, Feb 22, 2008 at 9:33 AM, <[EMAIL PROTECTED]> wrote: > Not at all! RAM keeps the information partly for MINUTES! It not a real > race condition or so... it's about physics and electricity. Wow! For minutes! While the research is interesting the chances of actually being a victim to this

Re: Cold Boot Attacks on Encryption Keys

On Fri, Feb 22, 2008 at 02:41:40AM +0100, [EMAIL PROTECTED] wrote: > Of course there many kinds of attack but if somebody shutdowns your box > and reads the infos from your memory there's something we can do about it: > Overwriting > Well my oppinion is still: If you modify the libs so that

Re: Cold Boot Attacks on Encryption Keys

On Fri, Feb 22, 2008 at 9:22 AM, <[EMAIL PROTECTED]> wrote: > So seriously: if you've any "productive" or "critical" comment feel free > to post it just stop bitching 'course it does not help/solve anything > except of wasting YOUR bandwith.. right? Right... :) I guess he's just too busy actua

Re: Cold Boot Attacks on Encryption Keys

On Thu, Feb 21, 2008 at 6:41 PM, <[EMAIL PROTECTED]> wrote: > > The paper you mentioned has some info on possible countermeasures. The > > best (IMO) is physically securing your RAM. This seems to fit in best > > with OpenBSD's philosophy, which has never been to put much time into > > thwartin

Re: There's something about OpenBSD...

On Thu, Feb 21, 2008 at 07:26:29PM -0500, Jason Dixon wrote: > On Thu, Feb 21, 2008 at 06:15:32PM -0500, Nick Bender wrote: > > On Thu, Feb 21, 2008 at 5:08 PM, Jussi Peltola <[EMAIL PROTECTED]> wrote: > > > Never used -r so I'm not sure what the output looks like but how about: > > > > find .

Re: Remote syslog

Terrific! Thanks to all who responded.

Re: Cold Boot Attacks on Encryption Keys

[EMAIL PROTECTED] escreveu: >> [EMAIL PROTECTED] writes: >> >> > My suggestion is to overwrite memory like 3 times if a programm free's >> the >> > memory or if a reboot is commanded via the shell. Of course this harms >> > "old" boxes but it's still btter then loosing your SSH-Key or whatever >

Re: Cold Boot Attacks on Encryption Keys

STeve Andre' escreveu: > > The research is very interesting, but it doesn't apply to OpenBSD. > > --STeve Andre' > > Why doesn't apply to openbsd? And secondly, would vnd devices be affected by this kind of attack? I particularly believe that this could be done, i also saw those kind of display "du

Re: Cold Boot Attacks on Encryption Keys

On Fri, Feb 22, 2008 at 02:22:45AM +0100, [EMAIL PROTECTED] wrote: > Well Marco just fuck you and piss off...ok? I would love to but you make me reply every single time you post this type of uninteresting shit. > If you don't care stfu and do something else and let people talk who may > care abou

Re: Cold Boot Attacks on Encryption Keys

> [EMAIL PROTECTED] writes: > > > My suggestion is to overwrite memory like 3 times if a programm free's > the > > memory or if a reboot is commanded via the shell. Of course this harms > > "old" boxes but it's still btter then loosing your SSH-Key or whatever > > resists in your ram. > > If so

Re: Cold Boot Attacks on Encryption Keys

> The paper you mentioned has some info on possible countermeasures. The > best (IMO) is physically securing your RAM. This seems to fit in best > with OpenBSD's philosophy, which has never been to put much time into > thwarting attacks that require physical access to the box -- if you > have that,

Re: Cold Boot Attacks on Encryption Keys

I really have a hard time buying this. I can see how you ended up with some crap in that memory upon reboot but I fail to see how that memory could retain its contents. Not knowing the situation you might have had some huge caps on that machine; or even battery backed up ram. This combined with

Re: Cold Boot Attacks on Encryption Keys

On Thursday 21 February 2008, Marti Martinez wrote: > The paper you mentioned has some info on possible countermeasures. The > best (IMO) is physically securing your RAM. This seems to fit in best > with OpenBSD's philosophy, which has never been to put much time into > thwarting attacks that requi

Re: Cold Boot Attacks on Encryption Keys

Well Marco just fuck you and piss off...ok? If you don't care stfu and do something else and let people talk who may care about "physical" things. And "phyisical" in the meaning of something related to physics... (just in case you don't know it's the thing you may missed in school...) Or why don't

Re: Cold Boot Attacks on Encryption Keys

On Thu, Feb 21, 2008 at 07:12:58PM -0600, Marco Peereboom wrote: > And the power plug wasn't plugged in right? > Correct. We are not talking PC DRAM here - this was custom hardware with a circuit breaker that really cut power to everything. Often when you powered it up before the firmware got a

Re: Cold Boot Attacks on Encryption Keys

And the power plug wasn't plugged in right? On Fri, Feb 22, 2008 at 10:45:56AM +1030, Brett Lymn wrote: > On Thu, Feb 21, 2008 at 05:19:28PM -0600, Marco Peereboom wrote: > > > > Let me give you an engineering opinion: bwahahahahahaha this is > > retarded. > > > > Well, let me give you anothe

Re: Cold Boot Attacks on Encryption Keys

> On 2/21/08, [EMAIL PROTECTED] <[EMAIL PROTECTED]> > wrote: >> My suggestion is to overwrite memory like 3 times if a programm free's >> the >> memory or if a reboot is commanded via the shell. Of course this harms >> "old" boxes but it's still btter then loosing your SSH-Key or whatever >> resist

Re: Cold Boot Attacks on Encryption Keys

On Thursday 21 February 2008 19:15:56 Brett Lymn wrote: > On Thu, Feb 21, 2008 at 05:19:28PM -0600, Marco Peereboom wrote: > > Let me give you an engineering opinion: bwahahahahahaha this is > > retarded. > > Well, let me give you another engineering opinion based on actual > experience working on

Re: There's something about OpenBSD...

On Fri, Feb 22, 2008 at 12:08:54AM +0200, Jussi Peltola wrote: > On Thu, Feb 21, 2008 at 11:22:25PM +0200, [EMAIL PROTECTED] wrote: > > For instance 'ggrep -r ...' instead of 'grep -r ...' to search recursively > > with gnu grep (a worthless feature imho). > > Displaying the name of the file and t

Re: There's something about OpenBSD...

> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Jussi Peltola > Sent: Friday, 22 February 2008 8:39 AM > To: misc@openbsd.org > Subject: Re: There's something about OpenBSD... > > On Thu, Feb 21, 2008 at 11:22:25PM +0200, > [EMAIL PROTECTED] wrote: >

Re: Cold Boot Attacks on Encryption Keys

On Thu, Feb 21, 2008 at 05:19:28PM -0600, Marco Peereboom wrote: > > Let me give you an engineering opinion: bwahahahahahaha this is > retarded. > Well, let me give you another engineering opinion based on actual experience working on a machine with a custom graphics system - it is not 100% re

Re: Cold Boot Attacks on Encryption Keys

On 2/21/08, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > My suggestion is to overwrite memory like 3 times if a programm free's the > memory or if a reboot is commanded via the shell. Of course this harms > "old" boxes but it's still btter then loosing your SSH-Key or whatever > resists in your r

Re: There's something about OpenBSD...

On Thu, Feb 21, 2008 at 06:15:32PM -0500, Nick Bender wrote: > On Thu, Feb 21, 2008 at 5:08 PM, Jussi Peltola <[EMAIL PROTECTED]> wrote: > > > Displaying the name of the file and the matched line nicely like grep -r > > does is not elegant with find + grep without using a script or a long > > a

Re: Cold Boot Attacks on Encryption Keys

The paper you mentioned has some info on possible countermeasures. The best (IMO) is physically securing your RAM. This seems to fit in best with OpenBSD's philosophy, which has never been to put much time into thwarting attacks that require physical access to the box -- if you have that, there are

Re: There's something about OpenBSD...

On Thu, Feb 21, 2008 at 11:22:25PM +0200, [EMAIL PROTECTED] wrote: Yes quite, its all there but in odd places. Also not that make is in /usr/ccs/bin The thing that put me off sx developer edition is that it requires a whopping 760MB of RAM for install. Solaris 10 and Solaris Express and Indian

Re: Cold Boot Attacks on Encryption Keys

On Thu, Feb 21, 2008 at 11:55:39PM +0100, [EMAIL PROTECTED] wrote: > My suggestion is to overwrite memory like 3 times if a programm free's the > memory or if a reboot is commanded via the shell. Of course this harms > "old" boxes but it's still btter then loosing your SSH-Key or whatever > resists

Re: Cold Boot Attacks on Encryption Keys

Someone please send me some coffee; I can't stay awake. Somehow I knew some moron would send it to the list. I honestly guessed the person right. Let me give you an engineering opinion: bwahahahahahaha this is retarded. On Feb 21, 2008, at 4:55 PM, [EMAIL PROTECTED] wrote: Little blog:

Re: There's something about OpenBSD...

On Thu, Feb 21, 2008 at 5:08 PM, Jussi Peltola <[EMAIL PROTECTED]> wrote: > Displaying the name of the file and the matched line nicely like grep -r > does is not elegant with find + grep without using a script or a long > and inelegant alias - or if it is, I'd be interested in how it can be >

Re: There's something about OpenBSD...

What's wrong with: find . -name *.[ch] -exec grep blah {} \; -print On Feb 21, 2008, at 4:08 PM, Jussi Peltola <[EMAIL PROTECTED]> wrote: On Thu, Feb 21, 2008 at 11:22:25PM +0200, [EMAIL PROTECTED] wrote: For instance 'ggrep -r ...' instead of 'grep -r ...' to search recursively with gnu gr

Cold Boot Attacks on Encryption Keys

Little blog: http://citp.princeton.edu/memory/ Paper: http://citp.princeton.edu.nyud.net/pub/coldboot.pdf Well some months ago I asked (not here.. more directly) if it would be possible to may overwrite memory serval times in case the Box has nothing to do. Back then there was like no interest be

Re: Why does pf work with last matching rule wins

> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Darrin Chandler > Sent: Friday, 22 February 2008 12:52 AM > To: Guido Tschakert > Cc: OpenBSD Misc > Subject: Re: Why does pf work with last matching rule wins [snip] > Don't use quick that way. If you

Re: Why does pf work with last matching rule wins

On Thursday, February 21, 2008, 12:11:27, Darrin Chandler wrote: > On Thu, Feb 21, 2008 at 10:50:50AM -0500, Rod Dorman wrote: >> ... >> When I'm working with a Cisco IOS access-list I find its much easier to >> state each specific "allow routing to this port on this host" and let >> the fina

Re: There's something about OpenBSD...

On Thu, Feb 21, 2008 at 11:22:25PM +0200, [EMAIL PROTECTED] wrote: > For instance 'ggrep -r ...' instead of 'grep -r ...' to search recursively > with gnu grep (a worthless feature imho). Displaying the name of the file and the matched line nicely like grep -r does is not elegant with find + grep

Re: There's something about OpenBSD...

Marco Peereboom ha scritto: real men use find or locate (1) Francesco

Re: There's something about OpenBSD...

On Thu, Feb 21, 2008 at 01:40:28PM -0500, Nick Holland wrote: > Mayuresh Kathe wrote: > >What is it about OpenBSD that I can't resist it? > > > >After the past long exchange about "our ultimate goal" and a lot of > >people advising me to go over to Solaris 10, I did, I removed OpenBSD > >from one o

Re: OpenBSD 4.2 with ftp-proxy, named, spamd on Alix2c1 board (+dmesg)

On Thu, 21 Feb 2008, Klaus Botschen wrote: Writing into /dev, /tmp and /var would definitely NOT "destroy the CF card". Might be. I used none-industrial-grade CF cards, so the chance is of course higher. Yes, I did it. Just let /var run full and try to log a lot of stuff and you will write

Re: Remote Admin Card - Dell DRAC or HP ILO2 ?

You are right. I think I'll put a box like soekris in front of ILO ports to prevent hack on ILO By this way I 'll be able to push CD / floppy image to the HP's servers. During upgrade of the soerkis box. I'll use the firewall server COM port and PXE if I should do a full reinstall. Xavier.

Re: Why does pf work with last matching rule wins

Vijay Sankar escreveu: > On February 21, 2008 05:19:54 am Guido Tschakert wrote: >> Hi, >> >> I wonder why pf works from top to bottom in filtering with last matching >> rule wins but in adress translation from top to bottom with first >> matching rule wins. >> >> Sure, I can use "quick" on every r

Re: ham,Re: ham,Re: Monitoring Bandwidth Usage, based on ports, service, client, etc.

On Sat, Feb 16, 2008 at 1:59 PM, Simon Slaytor <[EMAIL PROTECTED]> wrote: > Sorry Richard, should have mentioned the RRD voodoo, hopefully Peter has > set you on the right track. > > I never really liked the 'rough' graphs produced by the version of RRD > Graph available from the packages collec

Re: There's something about OpenBSD...

real men use find On Thu, Feb 21, 2008 at 02:30:30PM -0500, Jason Dixon wrote: > On Feb 21, 2008, at 1:40 PM, Nick Holland wrote: > >> Mayuresh Kathe wrote: >>> What is it about OpenBSD that I can't resist it? >>> >> yeah, I've been doing some things with Solaris for work, it's stunned >> me that

Re: There's something about OpenBSD...

Jason Dixon wrote: > Sun Microsystems Inc. SunOS 5.10 Generic January 2005 > -bash-3.00$ grep -r foo * > grep: illegal option -- r > Usage: grep -hblcnsviw pattern file . . . You are not using the default shell. :-) The ksh implementation that comes with solaris is horrible indeed. # Han

Re: There's something about OpenBSD...

On Thu, Feb 21, 2008 at 2:30 PM, Jason Dixon <[EMAIL PROTECTED]> wrote: > On Feb 21, 2008, at 1:40 PM, Nick Holland wrote: > > > Mayuresh Kathe wrote: > >> What is it about OpenBSD that I can't resist it? > >> > > > yeah, I've been doing some things with Solaris for work, it's stunned > > me th

Re: Remote Admin Card - Dell DRAC or HP ILO2 ?

I really like PXE too. But the servers to be administrate remotely would be the firewalls (two in carp association). Xavier

Re: Remote Admin Card - Dell DRAC or HP ILO2 ?

I really like PXE too. But the servers to be administrate remotely would be the firewalls (two in carp association). Xavier 2008/2/21, Jussi Peltola <[EMAIL PROTECTED]>: > > On Thu, Feb 21, 2008 at 07:01:21PM +0100, Xavier Millihs-Lacroix wrote: > > We need to be able to do 'quite' everything rem

Question about ports-stable

Are there any plans underway to resume ports-stable maintenance? I'm aware that maintaining ports-stable is not a project goal or high on the todo list. I'd like to volunteer to assist, but I'm not sure what is needed. Thanks.

Re: Remote Admin Card - Dell DRAC or HP ILO2 ?

On Thu, Feb 21, 2008 at 07:50:52PM +, Stuart Henderson wrote: > I normally go for the time-honoured serial console to a box running > conserver and a masterswitch though (on a separate lan: you don't > really want this sort of thing, ILO/DRAC or masterswitch or IP KVM > or whatever else, on you

Re: pkill.c warn when "no such process"

$ pkill bob; echo $? 1 $ Just live with it.. ;) Breaking compatibility just to convenience you... is not an option. -Nix Fan.

Re: There's something about OpenBSD...

On Feb 21, 2008, at 1:40 PM, Nick Holland wrote: Mayuresh Kathe wrote: What is it about OpenBSD that I can't resist it? yeah, I've been doing some things with Solaris for work, it's stunned me that an OS can take most of DVD...and still be missing what I would call absolute basics that OpenBS

Re: Remote Admin Card - Dell DRAC or HP ILO2 ?

On 2008/02/21 14:21, Steve Shockley wrote: > Xavier Millihs-Lacroix wrote: >> Who wins in the OpenBSD world? DRAC (Dell Remote Admin Card) or iLo (HP's >> Integrated Lights Out) (or better ilo2) ? > > I prefer HP ILO. Both do more or less the same thing, but Dell seems to > change their card int

Nike's Darcy Winslow to Address Lean and Green Summit

Darcy Winslow of Nike to Present Organizers of the first annual Lean and Green Summit announced the completion of the conference agenda. This "next generation" event will feature keynote presenter Darcy Winslow of Nike. Darcy is head of Nike's Women's Footwear Division and is a champion for the com

Re: Remote Admin Card - Dell DRAC or HP ILO2 ?

On Thu, 21 Feb 2008 19:01:21 +0100 "Xavier Millihs-Lacroix" <[EMAIL PROTECTED]> wrote: > Who wins in the OpenBSD world? DRAC (Dell Remote Admin Card) or iLo > (HP's Integrated Lights Out) (or better ilo2) ? > > We're looking at new servers and are wondering if these are worth the > cash, or which

Re: ssh_config, chroot, or user rights to restrict user access?

Henri Salo wrote: ... Where did you get this information? ... It's a question, hence the question mark. Not a statement of fact, hence the absence of a period. Serves me right for having two topics in the same message. The topic that is more interesting to me is getting group level access

Re: Remote Admin Card - Dell DRAC or HP ILO2 ?

Xavier Millihs-Lacroix wrote: Who wins in the OpenBSD world? DRAC (Dell Remote Admin Card) or iLo (HP's Integrated Lights Out) (or better ilo2) ? I prefer HP ILO. Both do more or less the same thing, but Dell seems to change their card interface every other week, and HP builds them into the

Re: There's something about OpenBSD...

Mayuresh Kathe wrote: What is it about OpenBSD that I can't resist it? After the past long exchange about "our ultimate goal" and a lot of people advising me to go over to Solaris 10, I did, I removed OpenBSD from one of my machines and installed "Solaris Express Developers Edition". It was slic

Re: IPSec transport mode and traceroute

The short answer is no, not over IPSec. You could change your IPSec filter to only match for TCP traffic, but that's not be a feasible solution if you need to IPSec protect ALL traffic. Without IPSec in the picture, traceroute works by sending a UDP packet from 128.164.144.144 to 128.164.159.159

Re: IPSEC + Performance

That depends what kind of hardware you have and what type of setting it will be used in. For example, have used a 100Mhz net4511 on a home-based connection without much trouble, but it would be inappropriate for much above that. -Will On Thu, Feb 21, 2008 at 12:37 PM, Gustavo Polillo <[EMAIL PRO

Balanced Score Center Newsletter

Y X*X4X1Y
YX1YX2 X'YX'X/X'X! X'YYX*YX'X2Y X(X/X9YX*YY YX-X6YX1 X#X-X/X+ X'YY X1X'YX, X'YX*X/X1Y X(Y X) YX'YYX$X*YX1X'X* YX9X'Y 2008 http://www.bsdubai.org This message was sent by: Heba Munier, Al-Qusaif T-Dubai, Dubai, Dubai 56970, United Arab Emirates Powered by iConta

Re: Remote Admin Card - Dell DRAC or HP ILO2 ?

On Thu, Feb 21, 2008 at 07:01:21PM +0100, Xavier Millihs-Lacroix wrote: > We need to be able to do 'quite' everything remotely (from installing > (virtual floppy / cd / dvd) to exploitation). I prefer PXE booted bsd.rd and a serial console, with BIOS serial redirection it is quite close to a LOM m

Re: There's something about OpenBSD...

* raven <[EMAIL PROTECTED]> [2008-02-21 18:50]: > Now, you have to kiss all their ass. err, I'll pass... -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Ho

Re: Why does pf work with last matching rule wins

On 2/21/08, Rod Dorman <[EMAIL PROTECTED]> wrote: > Isn't the general rule of thumb to allow only what you explicitly need > and reject everything else? > > When I'm working with a Cisco IOS access-list I find its much easier to > state each specific "allow routing to this port on this host"

Remote Admin Card - Dell DRAC or HP ILO2 ?

Who wins in the OpenBSD world? DRAC (Dell Remote Admin Card) or iLo (HP's Integrated Lights Out) (or better ilo2) ? We're looking at new servers and are wondering if these are worth the cash, or which is the one to go for ? I see some problem with ILO2 on HP DL320 G5 (/G5p ?). We need to be abl

IPSEC + Performance

How much OpenBSD performance is losted with IPSEC enable?

ssh complaining about bad file descriptor on 4.3beta.

I'm getting bad file descriptor errors on every ssh connection on a box that I built from source on 4.3 beta last night. Anyone else seeing this as well ? Feb 21 09:54:43 crusty sshd[21741]: error: getsockname failed: Bad file descriptor Wanted to see if anyone else is seeing it as well before I

Re: There's something about OpenBSD...

Sorry for my dumbness, to all developers :) On Thu, Feb 21, 2008 at 10:56 PM, raven <[EMAIL PROTECTED]> wrote: > And...you forgot to say: "Sorry for my dumbness" to all developers that > give you an answer. > Now, you have to kiss all their ass. > > Francesco > > Mayuresh Kathe ha scritto: > >

Re: Why does pf work with last matching rule wins

On Thu, Feb 21, 2008 at 10:50:50AM -0500, Rod Dorman wrote: > On Thursday, February 21, 2008, 09:22:25, Darrin Chandler wrote: > > ... > > One good reason for last match wins is that the rules proceed from most > > general to most specific. This is a normal way for humans to think, and > > once y

HFSC rules not working/parsing as supposed to

Hello all. A while back (several months ago), I had a dialogue with Henning regarding hfsc in pf not working as it was supposed to. To be more specific, according to previous posts and discussions, the following bare-bones ruleset should parse OK: ext_if = "hme0" int_if = "fxp0" altq on $

Re: There's something about OpenBSD...

And...you forgot to say: "Sorry for my dumbness" to all developers that give you an answer. Now, you have to kiss all their ass. Francesco Mayuresh Kathe ha scritto: What is it about OpenBSD that I can't resist it? After the past long exchange about "our ultimate goal" and a lot of people adv

Re: There's something about OpenBSD...

On Thu, 21 Feb 2008 21:53:43 +0530 "Mayuresh Kathe" <[EMAIL PROTECTED]> wrote: > What is it about OpenBSD that I can't resist it? > > After the past long exchange about "our ultimate goal" and a lot of > people advising me to go over to Solaris 10, I did, I removed OpenBSD > from one of my machine

Re: ssh_config, chroot, or user rights to restrict user access?

On Thu, 21 Feb 2008 14:03:40 +0100 Hannah Schroeter <[EMAIL PROTECTED]> wrote: > Hi! > > On Thu, Feb 21, 2008 at 01:49:02PM +0200, Lars Noodin wrote: > >1) What is the timeline for completely dropping scp? > > I hope never. > > >[...] > > Kind regards, > > Hannah. Where did you get this informati

There's something about OpenBSD...

What is it about OpenBSD that I can't resist it? After the past long exchange about "our ultimate goal" and a lot of people advising me to go over to Solaris 10, I did, I removed OpenBSD from one of my machines and installed "Solaris Express Developers Edition". It was slick looking, very graphica

'Work from Home' 'Web Developer' & 'Web Programmer' Oppurtunites

Hi, We are recruting 'web designers' and 'web programmers' to work with us in part time and full time in Contract basis. If you or your friends or your family members are looking for oppurtunities to work from home contact us ASAP by phone or email or by 'yahoo messanger' 'yahoo messanger' : [EMA

Re: Why does pf work with last matching rule wins

On Thursday, February 21, 2008, 09:22:25, Darrin Chandler wrote: > ... > One good reason for last match wins is that the rules proceed from most > general to most specific. This is a normal way for humans to think, and > once you get used to it I bet you like it better. For me it makes it > easie

Re: make release errors

On 2008/02/21 10:12, Chris Smith wrote: > On Thursday 21 February 2008, Alexander Hall wrote: > > Thanks to the "pretty much" part, I assumed that is was ok, but > > anyone more educated may be of another opinion. > > Thanks. > > It's been announced that OpenBSD turned 4.3-beta, does that > mean

Re: Why does pf work with last matching rule wins

On February 21, 2008 05:19:54 am Guido Tschakert wrote: > Hi, > > I wonder why pf works from top to bottom in filtering with last matching > rule wins but in adress translation from top to bottom with first > matching rule wins. > > Sure, I can use "quick" on every rule in filtering to have "first

Re: Projector/external monitor not working on OpenBSD 4.2-current on Thinkpad X60

On Thu, Feb 21, 2008 at 03:41:30PM +0530, Amarendra Godbole wrote: > I am unable to move the display to a projector or an external monitor > on my Thinkpad X60, which is running OpenBSD 4.2-current. Fn-F7 is the > keycombination to be used to switch displays, but it does not work. > Now, I am not t

Re: make release errors

On Thursday 21 February 2008, Alexander Hall wrote: > Thanks to the "pretty much" part, I assumed that is was ok, but > anyone more educated may be of another opinion. Thanks. It's been announced that OpenBSD turned 4.3-beta, does that mean -current is now 4.3-beta? If so, is there anything spec

Re: Why does pf work with last matching rule wins

Darrin Chandler wrote: One good reason for last match wins is that the rules proceed from most general to most specific. ... I'm fairly comfortable with PF, but that way of looking at it really helps. Regards, -Lars

Re: What is our ultimate goal??

SO now do you want FireEngine? Or rather SMPng networking? Or would you like ReallyHyperFastZoomStreamCyberWoosh? Now that you've brought it up, I would really like a ReallyHyperFastZoomStreamCyberWoosh TCP stack. Just make sure it doesn't require 1.2Jigawatts of power and have interesting si

Re: inspircd + libunwind?

Is this the library you're looking for http://www.nongnu.org/libunwind/ ? I found it via Google and it wasn't exactly very hard. -Nix Fan.

Dubai Balanced Score Center

Dubai Balanced Score Training Center Up Coming Program Mar 2008 - [http://www.bsdubai.org/programs_details.php?type=course&cat=510] Strategies Of Modem Public Relations Dubai - City Seasons Hotel - Mar 02To 06 / 2008 - [http://www.bsdubai.org/programs_details.php?type=co

Re: What is our ultimate goal??

On Thu, Feb 21, 2008 at 8:52 AM, knitti <[EMAIL PROTECTED]> wrote: > SO now do you want FireEngine? Or rather SMPng networking? Or > would you like ReallyHyperFastZoomStreamCyberWoosh? Now that you've brought it up, I would really like a ReallyHyperFastZoomStreamCyberWoosh TCP stack. Just make

Re: Why does pf work with last matching rule wins

On Thu, Feb 21, 2008 at 12:19:54PM +0100, Guido Tschakert wrote: > I wonder why pf works from top to bottom in filtering with last matching > rule wins but in adress translation from top to bottom with first > matching rule wins. I've wondered about the difference between NAT and filter rules myse

Re: OpenBSD 4.2 with ftp-proxy, named, spamd on Alix2c1 board (+dmesg)

Hi, > Writing into /dev, /tmp and /var would definitely NOT "destroy the CF > card". Might be. I used none-industrial-grade CF cards, so the chance is of course higher. > running for about half a year now, with all filesystems being regular Thats fine. The machines that got replaced by the Ali

  1   2   >