At the risk of sounding last decade…
Sourcing a scanner that attempts to illustrates the goals of an attacker could
make for a worthwhile project.
As an aside a postfix version really ought to exist with it’s myriad of
status codes.
Regards
Patrick
> On Sep 28, 2016, at 9:04 PM, Chris Bennett
On Wed, Sep 28, 2016 at 08:54:14PM -0400, trondd wrote:
> On Wed, September 28, 2016 1:20 pm, Chris Bennett wrote:
> >
> > Right now I am using a simple script from the error log to block
> > permanently any requests from that IP using OpenBSD pf.
> >
> > That simply doesn't work well enough anymor
I’ve been working on transitioning to an all Alix 2d13 environment for my
home set up. Using 6.0 base, I had no problems with PXE (DHCP or tftp) on my
Alix 2d13 machine. The server in this case is running on a MacBook Pro with
VMware Fusion with a (just freshly built) 6.0 (Stable) install. Despi
On Wed, September 28, 2016 1:20 pm, Chris Bennett wrote:
>
> Right now I am using a simple script from the error log to block
> permanently any requests from that IP using OpenBSD pf.
>
> That simply doesn't work well enough anymore due to the time lag between
> 20+ requests at once getting to the
On 28.09.2016 21:33, Evgeny Grin wrote:
> Hi!
>
> I configured freshly installed OpenBSD 6.0-release with kern.maxfiles=131072
> in /etc/sysctl.conf
> and
> :openfiles-max=40960:openfiles-cur=40960:
> for daemon in /etc/login.conf
>
> And each boot I see message
> kern.maxfiles: 7030 -> 1
> /etc/
Hi!
I configured freshly installed OpenBSD 6.0-release with
kern.maxfiles=131072
in /etc/sysctl.conf
and
:openfiles-max=40960:openfiles-cur=40960:
for daemon in /etc/login.conf
And at each boot I see message:
kern.maxfiles: 7030 -> 131072
/etc/rc: ulimit: bad -n limit: Invalid argument
I loo
On 09/28/16 22:25, Walter Alejandro Iglesias wrote:
> I'm about to run my own web server using OpenBSD. I'm giving my first
> steps with pf. I was very enthusiastic till I got to this point:
>
> https://www.openbsd.org/faq/pf/logging.html
>
> It says:
>
> The log file written by pflogd is
On 09/28/2016 04:25 PM, Walter Alejandro Iglesias wrote:
> And this "uncommon" practice among unix system administrators (sarcasm),
> needs a "workaround". You end with a file with a curious termination:
>
> Create the file /var/log/pflog.txt ...
You can name it pflog.log versus pflog.txt, i
On 09/28/2016 03:25 PM, Walter Alejandro Iglesias wrote:
I know complaining is useless. Forgive me this time.
I'm about to run my own web server using OpenBSD. I'm giving my first
steps with pf. I was very enthusiastic till I got to this point:
https://www.openbsd.org/faq/pf/logging.html
It
> I know complaining is useless. Forgive me this time.
>
> I'm about to run my own web server using OpenBSD. I'm giving my first
> steps with pf. I was very enthusiastic till I got to this point:
>
> https://www.openbsd.org/faq/pf/logging.html
>
> It says:
>
> The log file written by pfl
On Wed, 28 Sep 2016, Walter Alejandro Iglesias wrote:
> I know complaining is useless. Forgive me this time.
>
> I'm about to run my own web server using OpenBSD. I'm giving my first
> steps with pf. I was very enthusiastic till I got to this point:
>
> https://www.openbsd.org/faq/pf/logging.
I know complaining is useless. Forgive me this time.
I'm about to run my own web server using OpenBSD. I'm giving my first
steps with pf. I was very enthusiastic till I got to this point:
https://www.openbsd.org/faq/pf/logging.html
It says:
The log file written by pflogd is in binary for
On Wed, Sep 28, 2016 at 02:45:26PM +0200, Murk Fletcher wrote:
> Hi,
>
> Anybody ever been in a similar situation?
>
> % su
> Password:
> you are not in group wheel
> Sorry
> % groups
> wheel
> % cat /etc/doas.conf
> permit nopass keepenv :wheel
>
> Thanks!
>
> Murk
>
You did remember to relo
In my opinion, the appropriate thing to do here is drop the connection
(so most clients would time out) for bad requests, along with a short
term ip "block" for stuff that becomes real problems. Not a true
block, though, but instead a fixed content "your address is being used
as a part of a hostile
Hi, thanks for replying
On 28/09/2016 15:20, Stuart Henderson wrote:
No baby jumbos with rl(4) so you are stuck with 1492 MTU, so you need
PF so you can do "scrub (max-mss 1440)" as described in pppoe(4)'s
"MTU/MSS ISSUES" section.
I was mistaken. These are re not rl. How does this alter thin
I am not sure what is appropriate, given netiqette and practicality for
my server. I am sick of thousands of identical requests in my error log,
plus I want to be able to look over my logs easily to find any real
problems.
Below is a copy of the question I sent to modp...@perl.apache.org
So far th
On Wed, 28 Sep 2016 06:48:35 +0200
"L.R. D.S." wrote:
> Also, as a side question, I remember some discussion here on misc or tech,
> about no
> support for binary packages on armv7 port. Is it still right, I'll have to
> compile
> all by myself? I'm already feeling the pain to compile ffmpeg
On Wed, Sep 28, 2016 at 2:09 AM, Bryan Linton wrote:
> On 2016-09-27 20:00:04, Dekker wrote:
> > I have started encountering a wierd problem with my OpenBSD Laptop
> > Running 6.0 Current (latest snapshot 25.09.2016)
> > I run OpenVPN to connect this laptop to a remote server and I get the
> > f
On 2016-09-28, tech-lists wrote:
> Hello misc@
>
> Hoping someone can help me please. I have a bit of a chicken and egg
> situation with regard to routing real IPs through a PPPoE connection in
> that I know some of the terms but my understanding is limited on others.
> I've read around pppoe o
On Wed, Sep 28, 2016 at 02:45:26PM +0200, Murk Fletcher wrote:
> Hi,
>
> Anybody ever been in a similar situation?
>
> % myscript_start
> /etc/rc.d/myscript: need root privileges
> % doas myscript_start
> doas: myscript_start: command not found
> % su
> Password:
> you are not in group wheel
> So
Hello misc@
Hoping someone can help me please. I have a bit of a chicken and egg
situation with regard to routing real IPs through a PPPoE connection in
that I know some of the terms but my understanding is limited on others.
I've read around pppoe on freebsd and openbsd and openbsd seems to m
Hi,
Anybody ever been in a similar situation?
% myscript_start
/etc/rc.d/myscript: need root privileges
% doas myscript_start
doas: myscript_start: command not found
% su
Password:
you are not in group wheel
Sorry
% groups
wheel
% cat /etc/doas.conf
permit nopass keepenv :wheel
Thanks!
Murk
Am 28.09.2016 um 13:27 schrieb Solène Rapenne:
> Le 2016-09-28 12:45, Peer Janssen a écrit :
>> TFTP pxeboot requests:
>>
>> 12:15:45.064076 192.168.0.81.2070 > alix.fritz.box.tftp: 24 RRQ
>> "pxeboot"
>> : 4500 0034 0002 1411 24ea c0a8 0051 E..4..$Q
>> 0010: c0a8 002c 0816 00
because it drops privs once initialization done.
On 28.09.16 14:24, johnw wrote:
On 09/28/2016 07:05 PM, Janne Johansson wrote:
Apart from PF failing the syntax, what would one expect to achieve with
=0 ?
That would always cover all users, since its never a negative number.
/usr/include/sys/t
Le 2016-09-28 12:45, Peer Janssen a écrit :
TFTP pxeboot requests:
12:15:45.064076 192.168.0.81.2070 > alix.fritz.box.tftp: 24 RRQ
"pxeboot"
: 4500 0034 0002 1411 24ea c0a8 0051 E..4..$Q
0010: c0a8 002c 0816 0045 0020 f181 0001 7078 ...,...E. px
0020: 6562 6f6f 740
On 09/28/2016 07:05 PM, Janne Johansson wrote:
> Apart from PF failing the syntax, what would one expect to achieve with
> >=0 ?
>
> That would always cover all users, since its never a negative number.
> /usr/include/sys/types.h:typedef__uid_t uid_t;
> /* user id */
> /usr
Apart from PF failing the syntax, what would one expect to achieve with
>=0 ?
That would always cover all users, since its never a negative number.
/usr/include/sys/types.h:typedef__uid_t uid_t; /*
user id */
/usr/include/sys/_types.h:typedef __uint32_t __uid_t;
On Wed, Sep 28, 2016 at 10:22:10AM +0200, Stefan Sperling wrote:
> On Wed, Sep 28, 2016 at 06:48:35AM +0200, L.R. D.S. wrote:
> > Hi,
> > I'm thinking of buying a new toy board like BeagleBone Black to test the
> > armv7 port.
> > It's already possible to do full disk encryption on these boards?
>
Am 28.09.2016 um 11:33 schrieb Peer Janssen:
> the request seems to be constructed in different ways. This goes
> beyond what tftpd man page says about tftpd's options. Indeed, it
> looks like there aren't any tftpd options for this kind of variation
> at all, so it seems to me at this time that a
Le 2016-09-28 11:05, Peer Janssen a écrit :
Am 28.09.2016 um 10:50 schrieb Solène Rapenne:
Le 2016-09-28 10:21, Peer Janssen a écrit :
The target system for an OpenBSD 6.0 install, an alix.2d13, is
directly
connected to an alix.3x box serving dhcp and tftp.
alix.3x (Server):
# tftp localhost
Am 28.09.2016 um 11:05 schrieb Peer Janssen:
> Am 28.09.2016 um 10:50 schrieb Solène Rapenne:
>> Le 2016-09-28 10:21, Peer Janssen a écrit :
>>> The target system for an OpenBSD 6.0 install, an alix.2d13, is directly
>>> connected to an alix.3x box serving dhcp and tftp.
>>> alix.3x (Server):
>>>
>
On 2016-09-27 20:00:04, Dekker wrote:
> I have started encountering a wierd problem with my OpenBSD Laptop
> Running 6.0 Current (latest snapshot 25.09.2016)
> I run OpenVPN to connect this laptop to a remote server and I get the
> following output.
>
[snip]
> I also receive the 'Too many level
Hi everyone @ misc!
I'm trying to determine what the state is of using iked (OpenIKED) with
redundancy (with CARP). Should such a setup work in OpenBSD 6.0?
The iked.conf (5) man page implies that using CARP for
redundancy is a supported configuration: "This option is used for
setups using sasy
Am 28.09.2016 um 10:50 schrieb Solène Rapenne:
> Le 2016-09-28 10:21, Peer Janssen a écrit :
>> The target system for an OpenBSD 6.0 install, an alix.2d13, is directly
>> connected to an alix.3x box serving dhcp and tftp.
>> alix.3x (Server):
>>
>> # tftp localhost
>> tftp> get pxeboot
>> Received
Hi, I have some problem setup pf, to pass out traceroute with user keyword.
below rule do WORK.
pass out quick on $ext_if inet proto udp from ($ext_if) to any
or below one also WORK.
pass out quick on $ext_if inet proto udp from ($ext_if) to any user != 1
but below one, do NOT WORK.
pass ou
Le 2016-09-28 10:21, Peer Janssen a écrit :
The target system for an OpenBSD 6.0 install, an alix.2d13, is directly
connected to an alix.3x box serving dhcp and tftp.
alix.3x (Server):
# tftp localhost
tftp> get pxeboot
Received 81965 bytes in 0.1 seconds
tftp>
Hello,
Can you try the LAN ip
On Wed, Sep 28, 2016 at 06:48:35AM +0200, L.R. D.S. wrote:
> Hi,
> I'm thinking of buying a new toy board like BeagleBone Black to test the
> armv7 port.
> It's already possible to do full disk encryption on these boards?
I don't think the armv7 bootloader has softraid support at present.
You cou
The target system for an OpenBSD 6.0 install, an alix.2d13, is directly
connected to an alix.3x box serving dhcp and tftp.
alix.3x (Server):
# dmesg | head -n 1
OpenBSD 6.0 (GENERIC) #1917: Tue Jul 26 12:48:33 MDT 2016
# ifconfig vr0
vr0: flags=8b43
mtu 1500
lladdr 00:0d:b9:13:3c:30
Simply go to your favorite openbsd mirror and check the packages
directory. You will get up to date information about what packages are
available and which are not.
>From what I've seen, there is no package for armv7 / openbsd6.0. I
haven't checked snapshots.
2016-09-28 6:48 GMT+02:00 L.R. D.S. :
Dear misc@
I have searched the archives and read the documentation of login.conf(5),
ksh(1):ulimit and can not find how to limit the amount of physical memory a
process may use.
I have the following limits where I have set down ulimit -m and ulimit -l
to 1 kbytes in an attempt to limit the pr
40 matches
Mail list logo
