On Sat, May 21, 2011 at 08:26:50AM +1000, Rod Whitworth wrote:
> Better tha
> iptables?
> http://www.esecurityplanet.com/news/article.php/3934151/Fedora-15-Boosts
> -Linux-Security.htm
> maybe...
>
> But apps opening pinholes?
That's just asking for trouble!
>
> Oh dear.
>
> Those of us runnin
Have you tried downloading from different sites? What is the latency to
those sites?
You may be running into an issue with bandwidth delay product though I
thought recent OpenBSD releases autotuned the needed parameters.
See http://www.psc.edu/networking/projects/tcptune/ for better
understandin
On Mon, May 02, 2011 at 05:21:11PM +0200, Tobias Crefeld wrote:
> I think about installing an OpenBSD-guest on a XEN-Host (Debian
> Squeeze), all OS as 64bit-version alias "amd64". Are there any
> experiences with OpenBSD as Dom-U?
It's probably much more straightforward to run kvm-qemu instead o
On Thu, Apr 28, 2011 at 08:07:01PM -0400, Jean-Philippe Ouellet wrote:
> Dear Misc, This is somewhat off topic, but it's been on my mind for
> quite some time, and someone just brought up irc, so I thought I'd
> ask.
>
> I've been looking to set up an irc server for some time now. It
> would be mo
On Wed, Sep 22, 2010 at 08:43:16AM +0800, jo...@wonghome.net wrote:
> you are looking for -X option to tcpdump(8). Read the man page for more
> details.
>
> Yes, i tried it before (-X).
> but that is not what i want to get.
>
> I want to get is something like that
> Data: Post /from.php?q=123 abc
Read about bandwidth delay product:
http://www.psc.edu/networking/projects/tcptune/
John
On \!Thu, Feb 04, 2010 at 09:36:01PM +0100, Jean-Francois wrote:
> Le jeudi 04 fivrier 2010 20:00:54, Sebastiano Pomata a icrit :
> > If I may ask, I post to the list this question (I have no purpose on
> > c
On Fri, Jan 22, 2010 at 10:56:14AM +0800, Zamri Besar wrote:
> The insecurity of OpenBSD
> http://allthatiswrong.wordpress.com/2010/01/20/the-insecurity-of-openbsd/
>
> -zamri-
Sometimes the "add-on" security enhancements directly weaken system
security:
http://www.milw0rm.com/exploits/9191
"""
On Thu, Oct 29, 2009 at 04:26:49PM +0200, Kasper Adel wrote:
> Hi,
>
> I am trying to troubleshoot a problem that is totally random and the one
> idea that would help me is to have a bash script that will ping a few
> destinations every minute, then do a traceroute to these destinations,
> record
On Thu, Oct 29, 2009 at 12:18:40PM +0100, Toni Mueller wrote:
> Hi,
>
> On Tue, 14.07.2009 at 11:27:13 -0600, Bob Beck wrote:
> > and/or ask the linux people to fix KVM to make it really a PC.
>
> I'm running kvm 85+dfsg-4~bpo5 and see the following interesting
> behaviour with OpenBSD 4.6:
>
>
On Fri, Sep 18, 2009 at 10:29:54AM -0400, bofh wrote:
> Hi,
> Just wanted to see how you guys manage authorized_keys. I'm trying to
> move everyone off "legacy" protocols onto openssh, and one of my
> proposals will involve using authorized keys for scripts/automated
> processes.
>
> There's 400+
If you're running Linux as the host OS anyway, you may want to look into
kvm and kvm-qemu for virtualization duties. OpenBSD and other OSes have
been running well for me as guests under Debian. Just make sure to use
e1000 as the NIC model.
John
On Mon, Jan 26, 2009 at 09:59:59AM -0600, L. V. La
On Thu, Jan 22, 2009 at 02:54:21PM -0500, Morris, Roy wrote:
> I know this is more of a general 'huh' kind of thing, but I figured someone
> could kick start my brain for me. Anyone know why this doesn't work? It
> appears to find the files ok but the -exec part thinks it can't?
>
>
> spider:/var
On Tue, Dec 09, 2008 at 07:49:04AM +1100, Rod Whitworth wrote:
> I have a friend who has two internet connections. Lucky B!
>
> He wants me to have a look at some of his operation without travelling
> to his site (lng way). I would need to be able to effectively
> duplicate some of his system
On Wed, Nov 19, 2008 at 08:18:00PM -0800, Jeff Simmons wrote:
> I need, at a minimum, which virtual server at a particular IP address is
> being
> accessed, and the contents of any GET commands (methods). If there's a way to
> get this via tcpdump I haven't found it yet.
>
> On Wednesday 19 Nov
If you're using Debian you may have better luck just running OpenBSD's
isakmpd on the Debian host. Just read the docs, 'apt-get install
isakmpd' and proceed as normal. The standard Debian kernels have the
necessary modules enabled by default. I've had success with that
approach to a Debian<->Ope
On Tue, Oct 28, 2008 at 11:04:34PM -0500, John Jackson wrote:
> On Wed, Oct 29, 2008 at 03:48:25PM +1300, Paul M wrote:
> > I'm looking for a way to encrypy backup files for secure storage.
> >
> > Gpg is an obvious candidate, but I'm wondering if there's anyth
On Tue, Oct 28, 2008 at 11:04:34PM -0500, John Jackson wrote:
> On Wed, Oct 29, 2008 at 03:48:25PM +1300, Paul M wrote:
> > I'm looking for a way to encrypy backup files for secure storage.
> >
> > Gpg is an obvious candidate, but I'm wondering if there's anyth
On Wed, Oct 29, 2008 at 03:48:25PM +1300, Paul M wrote:
> I'm looking for a way to encrypy backup files for secure storage.
>
> Gpg is an obvious candidate, but I'm wondering if there's anything in
> base, perhaps a creative use of ssh or some other tool, though not
> something liable to break,
On Fri, Oct 24, 2008 at 03:54:01PM +0200, Christoph Leser wrote:
>
> If it is a buffer size problem, why can he transmit 500mb/sec between bsd and
> local linux?
As Otto mentioned, read up on 'bandwidth delay product'. There's higher
network latency between the remote sites vs hosts on the local
Maybe the simplest usage:
tar cfz - /somedir | ssh somehost "dd of=/somefile.tgz"
John
On Thu, Oct 16, 2008 at 10:42:17AM -0400, Douglas A. Tutty wrote:
> On Wed, Oct 15, 2008 at 09:28:56PM -0700, Neko wrote:
>
> > since my partitions have 16% free on all systems, i cant tarball the
> > drive
If that's the case the original poster should take a look:
http://openbsd.org/faq/pf/rdr.html#reflect
I've had to solve similar problems by NAT'ing the internal network(s) to
the firewalls internal interface IP so that traffic hitting the internal
server appears to come from the firewall itself
Comments are inline.
On Sun, Sep 21, 2008 at 10:00:58PM -0700, Parvinder Bhasin wrote:
> I have users that can access the website fine (75.44.229.18) and some
> user that complain they can't access it. I don't know what gives. I
> have asked on the list for help but haven't still resolved th
It may also be worth noting that Debian has OpenBSD's isakmpd packaged,
'apt-get install isakmpd'. I've had success using isakmpd on Debian to
create VPN's between OpenBSD and Debian gateways.
John
On Mon, Aug 25, 2008 at 03:52:42PM +0300, Imre Oolberg wrote:
> Hi!
>
> >
> >I'm basically trying
Your "pass" rules need to reference the IP address after processing by
the "rdr" rule. So it should be passing traffic destined to '10.0.0.17'
See http://openbsd.org/faq/pf/rdr.html#filter for more info.
John
On Thu, Jun 05, 2008 at 03:46:57PM -0700, Lord Sporkton wrote:
> on OpenBSD fire.spork
Keep in mind that all Solid State Disks are NOT the same. I made the
same mistake and purchased a Transcend 8 GB model. My 8 GB model used
old technology and not the newer, faster flash. It was noticeably
slower than traditional spinning disks.
Just check some of the published specs and benchma
OpenBSD as DomU works using hardware virtualization for me. There's
the occasional lockup that I haven't looked into too much. You can
launch vncviewer to get a console. My working config is at the bottom.
John
On Wed, Feb 06, 2008 at 11:55:05PM +0100, Julien Cabillot wrote:
> It's work but I
This is great news! Hopefully I'll find the time to help test.
John
On Wed, Dec 05, 2007 at 11:52:12AM +0100, Reyk Floeter wrote:
> Hi!
>
> I just imported snmpd(8) and snmpctl(8), an initial attempt to
> implement a new SNMP daemon for OpenBSD. SNMP is the "Simple Network
> Management Proto
I've had success with the Sierra Wireless Aircard 860 on a Thinkpad X40.
Lately though the card seems to be acting flakey and causing hard
lockups. That could be a combination of the firmware which on the
Aircard and the carrier which is AT&T. From what I've read, it's
recommended to keep the fir
> inet 10.0.0.0 netmask 0xff00 broadcast 255.255.255.0
John
Without looking at anything else, that line jumps out at me. Are you
certain that you want your broadcast set to '255.255.255.0'? Sounds
like a netmask to me.
On Fri, Oct 05, 2007 at 02:48:00PM -0400, a.padilla wrote:
> ifco
Have you tried tcpdumping on the enc0 interface on both gateways to see
what happens on when pinging? tcpdump -n -s 1600 -i enc0
Is there a firewall enabled on the non-responsive end hosts? I've seen
recent versions of Windows block or drop icmp echo requests, maybe some
recent service pack rele
30 matches
Mail list logo
