---
http://reedandink.com
Not directly about OpenBSD, but worth reading:
http://blogs.techrepublic.com.com/security/?p=3007
This article, http://is.gd/6k4q7, reminded me why I use OpenBSD for my router,
however weak the exploit may be.
It also reminds me to make a donation, which I'll be doing now. I encourage
everyone to keep supporting OpenBSD however they can!
--"Good luck verifying the mathematics yourself, though."
No small statement, that
On Sat, Nov 21, 2009 at 05:42:48PM -0500, Samuel Baldwin wrote:
> 2009/11/21 AG :
> > Depends on whether one trusts the NSA or not.
>
> That's the nice thing about open source software; we don't have to,
> becaus
Will OpenBSD be the next to be 'helped'?
http://www.npr.org/blogs/thetwo-way/2009/11/nsa_microsoft_windows_7.html
Thanks; I'll work with that. Incidentally, my use of mfs for /tmp was so that
ports would compile faster... perhaps I should stick to packages!
--- On Fri,
9/25/09, Bob Beck wrote:
> From: Bob Beck
> Subject: Re: startx fails as non-root user
> To: "Doug
Milam"
>
I'm sorry I cannot reproduce the output here, but when I "startx" as a non-root
user on my 4.5/amd64/bsd.mp box (not -stable, but the stock install), several
errors are displayed (in paraphrase):
1. "X is already running on the console" -- though I have just logged in after
a reboot.
2. "Can't
Thanks very much. I'm trying to keep it as simple as possible, and yet I'm
wondering too about multiple NICs... another post.
--- On Tue, 9/15/09, Josh Hoppes wrote:
> From: Josh Hoppes
> Subject: Re: dhcpd and net.inet.ip.mforwarding / multipath
> To: "Doug Mil
Hello,
I want to be sure that the following two sysctl variables are not needed for a
basic internet router/gateway with NAT:
net.inet.ip.mforwarding
net.inet.ip.multipath
I've already enabled:
net.inet.ip.forwarding
Perhaps the first two are needed for 'exotic' services like Bonjour, etc.?
: Chris Kuethe <[EMAIL PROTECTED]>
> Subject: Re: Turning off sendmail
> To: [EMAIL PROTECTED]
> Date: Friday, November 14, 2008, 9:55 AM
> it's unwise because you won't get the daily security
> mails. it's
> unnecessary because it only listens on localhost.
>
To cut down on services I don't use, I'd like to disable sendmail, unless this
is unwise. If so, I'd like to know why. Thanks.
I've followed the SSL instructions in the FAQ,
http://www.openbsd.org/faq/faq10.html#HTTPS, but I get the following error in
Firefox (other browsers don't work either)
"SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)"
PF allows conn
Thanks; that's straightforward and refreshingly more direct than I thought. A
hallmark of OpenBSD!
* *
http://milam.homeunix.net
--- On Sun, 11/2/08, Tobias Ulmer <[EMAIL PROTECTED]> wrote:
From: Tobias Ulmer <[EMAIL PROTECTED]>
Subject: Re: Perpetually Current
To: &qu
I'm also fairly new to OpenBSD. As I understand from this thread, having
installed -current (4.4) from a snapshot CD, the easiest way to keep -current
is to burn a subsequent snapshot to a CD and follow the upgrade process from
there?
On Fri, Sep 19, 2008 at 10:12 AM, Ted Unangst <[EMAIL PROTECTED]> wrote:
> On Fri, Sep 19, 2008 at 12:38 PM, Doug Milam <[EMAIL PROTECTED]> wrote:
>> Subject: NSA Resources For Rapid Targeting and Routing Analysis
>> Date: Sat, 2 Jun 2007 08:53:31 +0200 (CEST)
>>
Coincidence?
Subject: NSA Resources For Rapid Targeting and Routing Analysis
Date: Sat, 2 Jun 2007 08:53:31 +0200 (CEST)
In order to send ICMP or TCP packets (or spoofed UDP packets), "pinging" for
rapid
acquisition and analysis of a target IP's packet traffic routing data at the
Internet
IX
, Marc Espie <[EMAIL PROTECTED]> wrote:
From: Marc Espie <[EMAIL PROTECTED]>
Subject: Re: Stop in line 73 of Makefile
To: "Doug Milam" <[EMAIL PROTECTED]>
Cc: "Philip Guenther" <[EMAIL PROTECTED]>, "Misc OpenBSD"
Date: Monday, September 8, 2
Date: Sunday, September 7, 2008, 12:32 PM
On Sun, Sep 7, 2008 at 9:18 AM, Doug Milam <[EMAIL PROTECTED]> wrote:
> Performing 'make build' as root...there is no 'schg' flag
on /bin/chgrp
>
> ===> bin/chmod
> install -c -s -o root -g bin -m 555 chmod /bin/
Performing 'make build' as root...there is no 'schg' flag on /bin/chgrp
===> bin/chmod
install -c -s -o root -g bin -m 555 chmod /bin/chmod
strip: Bad address
(cd /usr/sbin; ln -sf ../../sbin/chown .; ln -sf ../../bin/chgrp .)
(cd /usr/bin; ln -sf ../../bin/chmod chflags)
install -c -o root -g
"ln /bsd /obsd" worked after changing to "noschg" and rebuilding under
securelevel -1.
* *
The most dangerous man, to any government, is the man who is able to think
things out for himself, without regard to the prevailing superstitions and
taboos. --Mencken
--- On Thu
It does not, no
> Doug Milam wrote:
> > ln: /obsd: Operation not permitted
> > *** Error code 1
> >
> > Stop in /usr/src/sys/arch/i386/compile/GENERIC (line
> 888 of Makefile).
> >
> > --running as root
> >
>
> Does make install work when run outside of your script?
>
> Tom
I have not set an immutable flag, but the current flag is schg for /bsd
> On Thu, Sep 04, 2008 at 08:01:35AM -0700, Doug Milam wrote:
> >ln: /obsd: Operation not permitted
> >*** Error code 1
>
> >Stop in /usr/src/sys/arch/i386/compile/GENERIC (line
> 888 of Makefil
ln: /obsd: Operation not permitted
*** Error code 1
Stop in /usr/src/sys/arch/i386/compile/GENERIC (line 888 of Makefile).
--running as root
bsd: Operation not permitted
> To: [EMAIL PROTECTED]
> Cc: "Misc OpenBSD"
> Date: Sunday, August 24, 2008, 10:36 PM
> On Sun, Aug 24, 2008 at 10:26 PM, Doug Milam
> <[EMAIL PROTECTED]> wrote:
> > The following error occurs after the command
> >
> >&
The following error occurs after the command
> cd /usr/src/sys/arch/i386/compile/GENERIC;
> make clean && make depend && make
"ln /bsd /obsd
ln: /obsd: Operation not permitted
*** Error code 1"
Ideas/suggestions welcome, thanks.
Thanks! That makes sense, although I'm not familiar with creating dev and null
-- for what exactly?
Jean Raby <[EMAIL PROTECTED]> wrote: On Tue, Jun 3, 2008 at 5:30 PM, Doug Milam
wrote:
> Wondering if anyone has had any luck running the Perl blog Blosxom on their
> Open
now. I'm very glad also
that ftpd works so well and is secure as any ftp daemon can be. It's great not
to rely on third-party tools here.
The OS does what I want while remaining clean and uncluttered. Keep up the good
work!
Regards,
Doug Milam
---
Hello,
From reading the documentation, I couldn't quite tell where the antispoofing
rule should fall in a pf ruleset.
Is this syntax correct? I thought I'd be able to access another LAN machine
freely via ssh (I've already tested that ssh does work without a firewall), but
I cannot.
Greetings,
I'm having trouble getting FTP to work in passive mode. (I've set the machine
up as an FTP server).
I can connect in active mode, with a PORT connection, but I'm seeing a 425
error ("can't open passive connection; can't assign requested address") for
passive attempts.
The FTP serve
29 matches
Mail list logo
