On Wed, Feb 17, 2010 at 03:35:24AM +0200, Kapetanakis Giannis wrote:
> On 17/02/10 03:16, FRLinux wrote:
>
> >Mmmh, you picked my interest here. You mentioned your cisco 6500 but I
> >guess you are going to use only gigabit NICs, so you have no need on
> >the 10gb range? Just asking, not trying to
On Wed, Feb 17, 2010 at 01:47:48AM +, FRLinux wrote:
> On Wed, Feb 17, 2010 at 1:35 AM, Kapetanakis Giannis
> wrote:
> > b) 10G Xenpack for C6500 costs around $25K if I'm not wrong.
>
> Err, the backplane cost us about 10.000 euros for the card and 2500
> euros per xenpack, and we have 4. So
On 17 feb 2010, at 02.07, Randal L. Schwartz wrote:
>> "Paul" == Paul de Weerd writes:
>
> Paul> Jeez... As an asker, you don't really get to decide how or what other
> Paul> people answer, or if they even answer at all.
>
> As I snipped off a Usenet group once:
>
>Get real! This is a di
En caso de no poder ver correctamente este correo favor de dar haga clic aqum
Le interesa recibir nuestros email?
Al mencionar este mail en su reservacisn,
dos desayunos Americanos diarios para adultos GRATIS
20% de descuento en alimentos y bebidas.
Frente al World Trade
--- On Tue, 2/16/10, Corey wrote:
> From: Corey
> Subject: VLANs and security (was:network performance
problems)
> To: misc@openbsd.org
> Received: Tuesday, February 16, 2010, 8:54
PM
> >>I did put all interfaces
> (in,out,pfsync,management) through VLANs in
msk0
>
> Throwing out a topic for di
Just remember that "VLAN separation" is a misnomer. The VLAN tag
is inserted in the Ethernet Frame,
http://upload.wikimedia.org/wikipedia/commons/2/23/TCPIP_802.1Q.jpg
There isn't anything magical about an 802.1q tag.
It is possible to overload a switches CAM table which effectively
turns them i
Newsletter Lebanonwww.gmtdc.com
Dear Sir/Madam,
Our company GMTDC "General Management Training and Development Consultant" is
organizing the following seminars in Beirut-Lebanon:
Upcoming Seminars in Lebanon
Description Start Date End Date
February, 2010
Time Management16/2/201017/2/2010
Negotiat
On 17/02/10 03:54, Corey wrote:
>>I did put all interfaces (in,out,pfsync,management) through VLANs in
msk0
Throwing out a topic for discussion...I have seen a couple of posts on
here regarding use of VLANs to segregate traffic that I would usually
use separate interfaces for. I am just curious
On 17/02/2010, at 12:12 PM, Jason Dixon wrote:
> On Tue, Feb 16, 2010 at 07:54:47PM -0600, Corey wrote:
>>
>> Throwing out a topic for discussion...I have seen a couple of posts on
>> here regarding use of VLANs to segregate traffic that I would usually
>> use separate interfaces for. I am just c
On Wed, Feb 17, 2010 at 1:52 AM, Kapetanakis Giannis
wrote:
> Did you put any openbsd in front/behind that Cisco?
> Bandwidth? packets/sec? What kind of server?
I do, but it is used as a backup, so i am not looking for performance
but rather as a slower replacement able to run (openbsd 4.5 as 4.6
On Tue, Feb 16, 2010 at 07:54:47PM -0600, Corey wrote:
>
> Throwing out a topic for discussion...I have seen a couple of posts on
> here regarding use of VLANs to segregate traffic that I would usually
> use separate interfaces for. I am just curious what the thoughts of the
> list are on th
On 2010-02-16, trustlevel-...@yahoo.co.uk wrote:
> I've seen examples of earlier versions than Apache 1.3.29 said to be working
> with byte-range requests, has anyone got the byte range requests to work with
> openbsd without using php code or know how this can be done or if it works by
> default.
>>I did put all interfaces (in,out,pfsync,management) through VLANs in msk0
Throwing out a topic for discussion...I have seen a couple of posts on
here regarding use of VLANs to segregate traffic that I would usually
use separate interfaces for. I am just curious what the thoughts of the
list
On Wed, Feb 17, 2010 at 1:35 AM, Kapetanakis Giannis
wrote:
> b) 10G Xenpack for C6500 costs around $25K if I'm not wrong.
Err, the backplane cost us about 10.000 euros for the card and 2500
euros per xenpack, and we have 4. So that sounds about right :)
> If future demands for more than 1G I wi
On 17/02/10 03:47, FRLinux wrote:
Err, the backplane cost us about 10.000 euros for the card and 2500
euros per xenpack, and we have 4. So that sounds about right :)
If future demands for more than 1G I will probably bond 1G cards (cheap
solution) or buy a new L2 10G switch to do the link as w
On 17/02/10 03:16, FRLinux wrote:
Mmmh, you picked my interest here. You mentioned your cisco 6500 but I
guess you are going to use only gigabit NICs, so you have no need on
the 10gb range? Just asking, not trying to start a war :)
Cheers,
Steph
:)
Well not at them moment. 10G is a thought bu
On Wed, Feb 17, 2010 at 12:43 AM, Kapetanakis Giannis
wrote:
> perfectly ok for my test case. I'm pretty sure that with Intel network
> controllers the setup will rock and beat the hell out of my Cisco 6500 with
> the features of pf.
Mmmh, you picked my interest here. You mentioned your cisco 650
Hello,
My name is John Freeman from John freeman pty ltd,i will like to purchase some
order from your store to our store here, but before i proceed to advise the
needed items,i will like to confirm the terms of payment you accept either Visa
or Master card, and if you do ship to Australia as w
> "Paul" == Paul de Weerd writes:
Paul> Jeez... As an asker, you don't really get to decide how or what other
Paul> people answer, or if they even answer at all.
As I snipped off a Usenet group once:
Get real! This is a discussion group, not a helpdesk. You post
something -- we di
On 16/02/10 11:41, Jordi Espasa Clofent wrote:
As Claudio has pointed you out, try (if you can) a better driver em(4)
on good Intel hardware NICs.
I use simple Supermicro hardware with Intel NIC PCI-E and em(4) an I
move around 400/500MBps without any problem.
Claudio was right.
Upgrading th
On Wed, Feb 17, 2010 at 12:40:02AM +0100, Per-Olov Sj?holm wrote:
| Amazing that so many people in this forum cannot read and therefor answer to B
| when I ask for A.
It's amazing that you get so much free (and good, imo) advice and then
not only completely ignore it, but even go out of your way t
On 16 feb 2010, at 17.17, Eugene Yunak wrote:
> 2010/2/16 Per-Olov Sjvholm :
>> Hi "misc"
>>
>> I am looking for a tool use as a trigger for dynamically open PF ports
from
>> certain IP:s.
>>
>> I will access non critical info but want at least a port knocker as
security.
>>
>> If I access an IP
Greetings from TunaRez! How Did We Get Your Information? You first
contacted TunaRez on through our listing on a Job Board.
At that time you completed a profile stating you were looking for
a position with a salary of 60k+.
2010/2/16 Per-Olov SjC6holm :
> Hi "misc"
>
> I am looking for a tool use as a trigger for dynamically open PF ports
from
> certain IP:s.
>
> I will access non critical info but want at least a port knocker as
security.
>
> If I access an IP on my DMZ that is not in use on a port that is fake I
wa
SOFTWARE ENGINEER: PHP IS THE KEY HERE...EVERYTHING ELSE IS OPTIONAL AND YOU
WILL COME TO WORK WITH---LOCATION: BURLINGTON TO WALTHAM
PHP is the key. Will be building API's for use internally and by external
folks.
Key Responsibility Areas/Activities:
* Web development engineer for M
Hi,
The Question first (may save time)
I've seen examples of earlier versions than Apache 1.3.29 said to be working
with byte-range requests, has anyone got the byte range requests to work with
openbsd without using php code or know how this can be done or if it works by
default.
The Story
I'
SQl Server DBA
JOB LOCATION: WALTHAM
Job Description: The Production DBA is part of the Support Services team that
provides technical support and consultation to managed hosting and licensed
customers. The databases in these environments are complex, distributed, highly
transactional database
On Tue, Feb 16, 2010 at 12:27 PM, Per-Olov SjC6holm wrote:
There is no authentication available in most RSS clients. If it was, i would
> of course prefer or at least consider that. I am not that stupid you know.
>
>
https://example.com/feed.php?user=floort&passwd=SUPERSECRET
Every feed reader i
> So if anybody can come up with a better approach I will be very happy.
You've already been told, by multiple people, that a better approach is
to use the things that are available to you via the rich possibilities
of HTTP to solve this problem.
Sometimes, you're the lone genius who is misunders
Hello.
I'm using OpenBSD 4.6.
I've made the following steps:
- Installed the system, so wd0 and wd1 both has disklabels:
# size offset fstype [fsize bsize cpg]
a: 1060227 63 4.2BSD 2048 16384 1
b: 1060290 1060290 swap
c: 312579695 0 unused
d: 310456125 2120580 RAID
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
J.C. Roberts wrote:
> Stop bitching and think.
>
> 1.) You do not have a name. You only have an email address.
>
> 2.) If your email address really indicates your location, then you are
> on a tiny island *EAST* of Madagascar in the Indian ocean.
>
Per-Olov Sjvholm writes:
> we have to use something that works from all places. The content is
> not a secret, but something you have to pay a little for. So... not
> critical.
Being the lazy git that I am, I could imagine that simply generating a
sufficiently obfuscated set of file or director
On 16 feb 2010, at 12.06, Peter N. M. Hansteen wrote:
> Per-Olov Sjvholm writes:
>
>> None said anything about a password.. From where did you get that? I don't
>> have a plain text password.
>
> A port knocking sequence is for most purposes a password, encoded in a
> 16 bit alphabet. That's it
On Tue, Feb 16, 2010 at 12:27:44PM +0100, Per-Olov Sj?holm wrote:
>
> On 16 feb 2010, at 12.07, Bret S. Lambert wrote:
>
> > On Tue, Feb 16, 2010 at 11:44:12AM +0100, Per-Olov Sj?holm wrote:
> >> See my post to Peter H. You obviously have not worked with security
> >
> > Why? Because I'm unwilli
On 16 feb 2010, at 12.07, Bret S. Lambert wrote:
> On Tue, Feb 16, 2010 at 11:44:12AM +0100, Per-Olov Sj?holm wrote:
>> See my post to Peter H. You obviously have not worked with security
>
> Why? Because I'm unwilling to endorse your preferred approach?
>
>> and the tradeoffs you _always_ have to
On 16 feb 2010, at 11.57, Stuart Henderson wrote:
> On 2010-02-16, Per-Olov Sj?holm wrote:
>> The reason is to use and RSS reader that cannot autenticate. I want some
sort
>> of security for it even though it's not critical.
>
> https://some.host/super-sekrit-password-here/feed.rss gives more
> s
On 16 February 2010 19:34, Otto Moerbeek wrote:
> On Tue, Feb 16, 2010 at 07:06:32PM +1100, SJP Lists wrote:
>
>> On 16 February 2010 06:33, wrote:
>>
>> > If you want i can send you my Paypal receipts to prove it. I never
received
>> > the books.
>> > It is a swindle ! nothing else ...
>>
>> I
On 16 feb 2010, at 12.06, Lars Nooden wrote:
> Per-Olov Sjvholm wrote:
>> ...Or did miss something here?
>
> You missed quite a lot. I would recommend looking up the following
> before aggravating a larger public:
> client - server architecture
> client application
> server (dae
Per-Olov Sjvholm wrote:
> ...Or did miss something here?
You missed quite a lot. I would recommend looking up the following
before aggravating a larger public:
client - server architecture
client application
server (daemon)
rss
ssh
http, https
Per-Olov Sjvholm writes:
> None said anything about a password.. From where did you get that? I don't
> have a plain text password.
A port knocking sequence is for most purposes a password, encoded in a
16 bit alphabet. That's it - port numbers run from 0 through 64k,
although the practical ra
On Tue, Feb 16, 2010 at 11:44:12AM +0100, Per-Olov Sj?holm wrote:
> See my post to Peter H. You obviously have not worked with security
Why? Because I'm unwilling to endorse your preferred approach?
> and the tradeoffs you _always_ have to make.
Yes, you make tradeoffs, but you're asking for obs
Just put your data on some funny port, then? Or give it a long and hard
to guess name, that might actually have sufficient entropy to be any
use.
A less-than-16-bit "random" port is rather easy to guess.
And, if you really want to do port blocking, read the pf man page. It is
possible with a rule
Hi again Lars...
And important addition below
On 16 feb 2010, at 11.44, Lars Nooden wrote:
> Per-Olov Sjvholm wrote:
>> On 16 feb 2010, at 11.11, Lars Nooden wrote:
>>
>>> http://rsug.itd.umich.edu/software/fugu/
>>
>>
>> Noop. Can't see that these will work and all phones and computers
>>
On 2010-02-16, Per-Olov Sj?holm wrote:
> The reason is to use and RSS reader that cannot autenticate. I want some sort
> of security for it even though it's not critical.
https://some.host/super-sekrit-password-here/feed.rss gives more
security than trying to use a web browser (which is highly li
On 16 feb 2010, at 11.35, Bret S. Lambert wrote:
> On Tue, Feb 16, 2010 at 11:28:28AM +0100, Per-Olov Sj?holm wrote:
>>
>> On 16 feb 2010, at 11.17, Bret S. Lambert wrote:
>>
> There is a way to do port knocking in pf without any external help.
Maybe
> you can figure it out. I will not giv
Per-Olov Sjvholm wrote:
> On 16 feb 2010, at 11.11, Lars Nooden wrote:
>
>> http://rsug.itd.umich.edu/software/fugu/
>
>
> Noop. Can't see that these will work and all phones and computers
> seamlessly with ease of use for the users.
You appear to have asked about clients for the iphone, not al
On 16 feb 2010, at 11.44, Lars Nooden wrote:
> Per-Olov Sjvholm wrote:
>> On 16 feb 2010, at 11.11, Lars Nooden wrote:
>>
>>> http://rsug.itd.umich.edu/software/fugu/
>>
>>
>> Noop. Can't see that these will work and all phones and computers
>> seamlessly with ease of use for the users.
>
> You ap
On Tue, Feb 16, 2010 at 11:28:28AM +0100, Per-Olov Sj?holm wrote:
>
> On 16 feb 2010, at 11.17, Bret S. Lambert wrote:
>
> >>> There is a way to do port knocking in pf without any external help. Maybe
> >>> you can figure it out. I will not give more hints since port knocking is a
> >>> dumb idea
My name is Jean Pierre HONVI. I am a French citizen. I am a producer with a
farm revised edition of 1000 hectares Binin.Avec this surface, I am the
biggest producer of this pays.J can 'therefore produce food products such as:
lemon, pineapple, cashew nuts and much more. After production of food, I
On 16 feb 2010, at 11.17, Peter N. M. Hansteen wrote:
> Per-Olov Sjvholm writes:
>
>> How do you use authpf from a IPhone or similar...
>
> There are ssh clients for iphones, just look in the app store. The
> one i ended up installing has gone up in price it seems to (shock,
> horror) NOK 35 (ab
On 16 feb 2010, at 11.17, Bret S. Lambert wrote:
>>> There is a way to do port knocking in pf without any external help. Maybe
>>> you can figure it out. I will not give more hints since port knocking is
a
>>> dumb idea better spend your time reading on authpf(8).
>>>
>>> --
>>> :wq Claudio
>>>
>>
> > There is a way to do port knocking in pf without any external help. Maybe
> > you can figure it out. I will not give more hints since port knocking is a
> > dumb idea better spend your time reading on authpf(8).
> >
> > --
> > :wq Claudio
> >
>
> How do you use authpf from a IPhone or similar.
On 16 feb 2010, at 11.11, Lars Nooden wrote:
> http://rsug.itd.umich.edu/software/fugu/
Noop. Can't see that these will work and all phones and computers seamlessly
with ease of use for the users.
The reason for the post was just to see if there is already any tools for this
purpose, which is t
Per-Olov Sjvholm writes:
> How do you use authpf from a IPhone or similar...
There are ssh clients for iphones, just look in the app store. The
one i ended up installing has gone up in price it seems to (shock,
horror) NOK 35 (about USD 6), but I see one at NOK 6 (about a dollar).
And of cours
On 16 feb 2010, at 11.04, Floor Terra wrote:
> Why not require a authentication token in the url?
>
> On 16 Feb 2010 10:59, "Per-Olov SjC6holm" wrote:
>
> On 16 feb 2010, at 10.40, Claudio Jeker wrote:
>
>> On Tue, Feb 16, 2010 at 10:22:04AM +0100, Per-Olov...
> How do you use authpf from a IPhon
Per-Olov SjC6holm wrote:
> How do you use authpf from a IPhone or similar...
Probably Fugu or Cyberduck or, if you can get a shell, plain openssh, as
Fugu is a UI for the client.
http://rsug.itd.umich.edu/software/fugu/
http://cyberduck.ch/
/Lars
Why not require a authentication token in the url?
On 16 Feb 2010 10:59, "Per-Olov SjC6holm" wrote:
On 16 feb 2010, at 10.40, Claudio Jeker wrote:
> On Tue, Feb 16, 2010 at 10:22:04AM +0100, Per-Olov...
How do you use authpf from a IPhone or similar...
The reason is to use and RSS reader that
On 16 feb 2010, at 10.40, Claudio Jeker wrote:
> On Tue, Feb 16, 2010 at 10:22:04AM +0100, Per-Olov Sjvholm wrote:
>> Hi "misc"
>>
>> I am looking for a tool to use as a trigger for dynamically open PF ports
from
>> certain IP:s.
>>
>> I will access non critical info but want at least a port knock
Hi,
What tools do you use to split .wav (.flac, .ape, etc) by CUE sheet?
Stas
On 02/13/2010 04:44 PM, Kapetanakis Giannis wrote:
I did a binary upgrade to latest snapshot and followed -current.
I've seen huge improvement on server-client performance on the
msk0 (internal side) but packet forwarding didn't change at all.
4.6-release:
server max in: 300Mbps
server max out:
On Tue, Feb 16, 2010 at 10:22:04AM +0100, Per-Olov Sjvholm wrote:
> Hi "misc"
>
> I am looking for a tool to use as a trigger for dynamically open PF ports from
> certain IP:s.
>
> I will access non critical info but want at least a port knocker as security.
>
> If I access an IP on my DMZ that
On Tue, Feb 16, 2010 at 10:22:04AM +0100, Per-Olov Sj?holm wrote:
> Hi "misc"
>
> I am looking for a tool to use as a trigger for dynamically open PF ports from
> certain IP:s.
>
> I will access non critical info but want at least a port knocker as security.
>
> If I access an IP on my DMZ that
> I will access non critical info but want at least a port knocker as security.
s/security/inappropriate self-touching/
Hi "misc"
I am looking for a tool to use as a trigger for dynamically open PF ports from
certain IP:s.
I will access non critical info but want at least a port knocker as security.
If I access an IP on my DMZ that is not in use on a port that is fake I want
to dynamically add a PF rule for a tot
On Tue, Feb 16, 2010 at 07:06:32PM +1100, SJP Lists wrote:
> On 16 February 2010 06:33, wrote:
>
> > If you want i can send you my Paypal receipts to prove it. I never received
> > the books.
> > It is a swindle ! nothing else ...
>
> I have been waiting too. But I have heard people speak of
On 16 February 2010 06:33, wrote:
> If you want i can send you my Paypal receipts to prove it. I never received
> the books.
> It is a swindle ! nothing else ...
I have been waiting too. But I have heard people speak of Jacek being
ill a few times over the years, to the point that his publicat
66 matches
Mail list logo
