From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> On Thu, 5 Oct 2006 11:13:05 -0500
> Damian Wiest <[EMAIL PROTECTED]> wrote:
> >
> > Sorry, I didn't mean to apologize for them. Just making
> some guesses
> > at how Intel is rationalizing the decision to not release
> information.
> > Perso
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> When adding a user to a system, I am required by a client's
> security policies to set a one time password that must be
> changed by the user the first time she logs in. Is there a
> simple way to do this?
>
> 1) Obviously, a slightly complex
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> > Intel may just be worried that there _might_ be a problem
> they don't
> > know about and are trying to protect themselves. I imagine
> that there
> > are plenty of opportunities for someone to either willfully or
> > accidentally introdu
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Will Maier wrote:>
> >On Fri, Sep 22, 2006 at 01:29:56PM -0700, John Draper wrote:
> >
> >
> >>Here is what I did...
> >>
> >>htpasswd -c /var/www/conf/auth/passwd edp < I set the
> password here >
> >>
> >>chown root.nogroup /var/www/conf/au
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> I am considering doing an OpenBSD transparent bridge with
> spamd/pf to add greylisting to two of our existing email
> servers. Both servers have equally waited MX records pointing
> at each of them and they both reside on the same
> subnet/e
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> > Trunk(4) provides link redundancy. Say you had a NIC on a
> box cabled
> > into a switch. That switch port dies, your box falls off
> the network.
> > Introduce trunk, now you have two NICs in your box, cabled to two
> > switch ports. One
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Tim Pushor wrote:
> > Steve Glaus wrote:
> >>
> >> Ok, I gotcha, trunk just looked like a ready mad solution
> for what I
> >> was trying to do... Could you tell me WHY it's not able to be used
> >> for that and what it is for?
> >> I've gone
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Following OpenBSD's automatic generation of ssh and isakmp
> keys, prehaps the following would be a worthwhile addition to
> /etc/rc to generate a key/config for rndc/named.
/etc/rc already handles that during named startup.
DS
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> htpasswd -c /var/www/conf/auth/passwd edp < I set the password here >
>
> chown root.nogroup /var/www/conf/auth/passwd chmod 640
> /var/www/conf/auth/passwd
>
>
> Setting the Config to use this file
> ---
>
>
http://www.openbsd.org/40.html
Every time I go through the release notes I can't help but squirm with
happiness in my seat.
The progress is always impressive and out of so many other OSS projects that
stagnate and undergo "questionable" changes of one kind or another, I can
always look forward to
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> I looked in the OpenBSD FAQ and documentation area, and
> cannot seem to find out the best place to keep my apache
> password files.
>
> According to the Apache docs (I couldn't find anything in
> the OpenBSD Site), they recommend I setup
From: Gustavo Rios [mailto:[EMAIL PROTECTED]
> > > I am trying to get soekris box boot with information to
> the console,
> > > but no success so far.
> > >
> > > I am doing this in my workstation and the only message i see is
> > > "connectec".
> > >
> > > Does any body have any tips ?
> > >
>
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> I am trying to get soekris box boot with information to the
> console, but no success so far.
>
> I am doing this in my workstation and the only message i see
> is "connectec".
>
> Does any body have any tips ?
>
> # cu -l cua00 -s 19200
> C
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> I didn't see any "Can't access Tickmaster.ca" entries; but I
> think I have the rest covered.
>
> No other sites have this problem. The firewall sits in front
> of an office of 15 or so, so I believe I would have heard
> something. Logging is
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> > What we really want is not just documentation, but support
> from their
> > engineers. The Linux community is starting to get this in
> some places.
>
> Yes. In many cases, the reason a company doesn't want to
> release documentation is
From: Charles M. Hannum [mailto:[EMAIL PROTECTED]
> On Fri, Sep 01, 2006 at 10:40:01AM -0700, Spruell, Darren-Perot wrote:
> > Like, what docs does a vendor engineering division give to the
> > developers who write the drivers internally? They don't
> give them bad
&
From: Charles M. Hannum
> On Fri, Sep 01, 2006 at 01:08:13AM +0200, Matthias Kilian wrote:
> > They don't have to write device drivers at all, they just
> should write
> > good documentation.
>
> What we really want is not just documentation, but support
> from their engineers. The Linux commu
> Maybe I was too verbose, from all appearances the key pair works fine
> for ethant:
>
> [EMAIL PROTECTED]:/home/ethant# ssh rice
> Last login: Fri Aug 25 00:14:42 2006 from grits
> OpenBSD 4.0-beta (GENERIC) #1083: Mon Aug 21 21:24:02 MDT 2006
>
> Welcome to OpenBSD: The proactively secure Unix
> I have a machine with FreeBSD (5.3). I cannot use the CD nor the
> floppy disk. I have just an access with ssh and KVM.
>
> Which is best the way of installing OpenBSD in this situation?
Can you take the HDD out and install it on a machine you do have access to
working CDROM or floppy at?
Alte
> > If a hacker is on your system, he'll also manage to install
> the compiler
> > himself before using it.
>
> It's still a valid concern. If someone's going to try to
> break into your system and do nefarious deeds, you should be
> trying to make them work for it as much as possible.
Layered
From: bablam [mailto:[EMAIL PROTECTED]
> Yes I did get them confused, being somewhat new to the pkg
> software distro system and the packages themselves how do I check the
> software version? I did not see a switch in the man page to even
> allow me to check it. -v, which I would have thought to
From: [EMAIL PROTECTED]
> But what do i know ?
> I am just some dude in a public forum!
And too overly sensitive. Lay off the estrogen supplements, at least for a
while.
The facts still stand. The dumb admins are the ones that don't read the man
pages.
DS
From: [EMAIL PROTECTED]
> Good afternoon all,
> I have just removed openbgpd 3.7_2 from my pfsense box and
> installed 3.9. When I attempt to run bgpd I get the following error;
>
> /libexec/ld-elf.so.1: Shared object "libc.so.7" not found,
> required by "bgpd"
>
> How can I install that
From: [EMAIL PROTECTED]
> PPS,
> The version says it is, in fact, 3.7_2.
>
> Fetching
> ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.1-rele
> ase/Latest/openbgpd.tbz...
> Done.
> pkg_add: package 'openbgpd-3.7_2' or its older version
> already installed
You're confusing the soft
From: [EMAIL PROTECTED]
> Man pages drives me nuts some times!
> its the formating of them that gets me!
> but i will use them with a open mind.
That's something you'll have to get over - UNIX without the manual pages = 1
dumb admin.
> Just seems kinds wild one of the best OS's
> in the world ha
From: [EMAIL PROTECTED]
> As for books, you might consider:
One other that I like:
Mastering FreeBSD and OpenBSD Security (O'Reilly, 2005)
http://www.oreilly.com/catalog/mfreeopenbsd/
DS
From: Alastair Johnson
> I have 2 OpenBSD 4.0beta firewalls arranged in a CARP
> failover configuration with PFsync.
>
> It seems to work very well for everything except NFS.
> My ssh, remote desktop and telnet connections seem to
> survive a failover very nicely.
[snip]
> Unfortunately we only
From: [EMAIL PROTECTED]
> That's not an easy scenario.
>
> Perhaps the simplest solution would work for you.
[snip login shell]
[snip read file from UNC]
[snip cartwheels and demonic contortions]
'A' for creativity, F for "solution != simplest".
If the users are logging into Windows workstati
From: [EMAIL PROTECTED]
> Note that at least Postfix has an independent greylisting
> implementation
> (postgrey); I'm fairly sure it's not the only one, and also
> fairly sure
> that there is a piece of code matching /milter/ and /grey/ around.
http://www.greylisting.org/implementations/sendma
For diskless clients that bootstrap from and mount filesystems from an NFS
server, is it feasible to provide highly-available NFS service using 2
servers in a CARP cluster? A friend reports having tested this out and
having everything work properly on the master, but as soon as CARP failover
occure
From: [EMAIL PROTECTED]
> On Thu, Aug 03, 2006 at 02:26:40PM -0600, Tim Pushor wrote:
> > Well, after playing a little with trunk(4), etherchannel,
> and carp I am
> > wondering something:
> >
> > Trying to achieve both firewall redundancy (via carp) and ethernet
> > redundancy (via trunk(4)),
From: [EMAIL PROTECTED]
> On Thu, Aug 03, 2006 at 11:27:16PM +1000, Shane J Pearson wrote:
> > What about an open wireless network, which does not allow
> anything to
> > be routed out of the OpenBSD WAP unless it is authpf
> authorised. Then
> > only VPN traffic.
>
> What does authpf+VPN p
From: [EMAIL PROTECTED]
> CARP comes very close to solving the problem, but it's not specific to
> individual tcp ports afaik. So it would help if a box becomes
> completely unreachable, but if only the service stops working it's not
> that useful.
>
> Essentially I'm looking for a very simple da
From: [EMAIL PROTECTED]
> Stuart Henderson wrote:
> > The vlan idea makes a fair bit of sense - carp(4) over vlan(4)
> > over trunk(4) over $some_nic(4) or some other mix - but if this
> > is used for security be aware that your switch then becomes a
> > security device. Google will find more info
From: [EMAIL PROTECTED]
> > You *will* require the 'access network' to pass ESP,
> > 500/UDP (IKE), and
> > 4500/UDP (IPsec NAT-T), of course.
> >
>
> Regarding NAT-T, does it have to be enabled both in
> clients and the VPN server ? If yes and if we're
> talking about windows clients - does it
Word is, there is a flaw in IKEv1 that allows for an attacker to create IKE
sessions faster than previous attempts expire. The security research firm
who found the flaw only lists Cisco VPN devices as being vulnerable while
Cisco maintains that the flaw is in the IKE protocol itself.
Research Firm
From: Marian Hettwer [mailto:[EMAIL PROTECTED]
> OpenBSD is secure in many ways, but if the third party app has a
> security flaw and released a bugfix, I'd like to see an
> updated package
> / port too.
> Otherwise I would need to compile the bugfixed version from source,
> which doesn't make sen
From: elaconta.com Webmaster
> Thanks for the oppinions and wise advices of everyone on the mailing
> list. I've given some deep thought to the subject and i'm
> going with an
> OpenBSD bridge and a separate box for DNS caching. We're going to have
> some work reconfiguring the LAN clients but it'
From: [EMAIL PROTECTED]
> > Good job Edmund! This is one of the worst articles on security I
> > have ever read. Talk about missing the point.
>
> Yep, let's do talk about it since I see you as a blind horse that
> misses the point because you cannot read. The title contains the two
> words "p
From: [EMAIL PROTECTED]
> Now, thing is, the Linux firewall has two NICs:
>
> NIC 1: 192.168.1.121
> NIC 2: 192.168.1.122
>
> The two NICs on the Linux box are configured with 192.168.1.121 and
> 192.168.1.122, both interfaces on the same subnet.
> 192.168.1.121 acesses
> the company router (19
From: [EMAIL PROTECTED]
> On 7/26/06, Leonardo Rodrigues <[EMAIL PROTECTED]> wrote:
> > Would you please implement the C99 %a string format support that is
> > missing in our libc? :DD
> > I'd love if someone could do it =)
> >
> > Anyway, you could start by taking a look at the bug tracking syste
From: [EMAIL PROTECTED]
> MIME has been around for 14 years. There's no excuse for any
> MUA not to
> be able to deal with it at least minimally. In the case of
> /usr/bin/Mail
> that means recognizing content types and only displaying
> text/* sections
> when printing to the screen. It d
From: [EMAIL PROTECTED]
> > Why isn't there a MIME encoding/decoding solution in the
> default install?
> > (Or maybe there is, but I'm ignorant of it?)
Why does it matter? There are lots of things not in the default install.
Why do people always act like not having something in the default i
From: [EMAIL PROTECTED]
> what is the best way to stop those robots and spiders from getting in?
>
> .htaccess?
> robot.txt and apache directives?
> find them on the access_log and block with pf?
>
> i should also ask whether it is a good idea to block robots
> in the first place
> since some
From: [EMAIL PROTECTED]
> > Not again ..
> >
> > http://marc.theaimsgroup.com/?l=openbsd-misc&m=114885344906668&w=2
> >
> >
> Thanks, but all the solutions presented in that thread can't
> clear the
> screen when you're typing something AND keep what you've
> already typed.
These threads gr
From: Pekka Niiranen
> I installed OpenBSD/current on 8.July because the official v3.9
> had a nasty bug: if I did not keep on pressing "enter " during
> dmesg -listings of boot, the keyboard did not respond at logon prompt.
> I am using AMD64 with Linksys KVM dual port switch.
>
> OpenBSD v3.8 di
From: [EMAIL PROTECTED]
> you may have to fish online for some of the option
> descriptions since stuff like
> correct_des3_mic aren't in the manpage for krb5.conf. is
> there any plan to
> update the manpage with these missing options?
Nope. gssapi(3) has that and more.
DS
From: [EMAIL PROTECTED]
>> So I think criticism such as this it can be forgiven if
>> you're a decent
>> human being and american.
>
> That pretty much sums up your definition of "ultimate
> freedom", does it not?
Blah blah blah. Let's please drop this sociopolitical debate and get onto
some
From: [EMAIL PROTECTED]
> >Assuming this works for you, I'd be interested in knowing
> what the exact
> >nature of the problem is, I hate fixing something blindly
> without knowing
> >why it's fixed.
>
> this has fixed most of the problems, except i can't ssh out
> from the KDC using
> kerberos
From: [EMAIL PROTECTED]
> Is there any UTF-8-aware text editor (for terminal use) available
> for OpenBSD? Vi(m) and similar is out of question for me, I never
> learned those.
As ubiquitous as vi is on Unix, it seems a shallow reason.
Really, it takes all of 15 minutes to pick up what you need
From: [EMAIL PROTECTED]
> I have been looking into encrypting my e-mails and was
> thinking about GPG together with Sylpheed, since I am using Sylpheed.
>
> But I am wondering is there another and "stronger" or
> "better" way than GPG.
GPG (and the other one, PGP) is really nothing more than a
From: [EMAIL PROTECTED]
> the KDC is the only machine on the network that is running
> current (snap
> upgraded last night), the rest are on 3.9 release. here are
> the debugging outputs:
> debug1: Next authentication method: gssapi-with-mic
> debug2: we sent a gssapi-with-mic packet, wait for r
From: [EMAIL PROTECTED]
> The only relevant point I could see in the faq is the for
> /etc/authpf/authpf.conf to exist and it does. It is empty.
> Is there another reason I'm overlooking?
What do your logs tell you? Can you tell if the user is being rejected
because of authentication failures? In
From: [EMAIL PROTECTED]
> | (2) are there any particular online docs that are
> recommended reading for
> BGP?
>
> The RFC (I think it's 1771) is very good, check it out.
Superseded by RFC4271. I also found
http://www.iana.org/assignments/bgp-parameters to be a good reference, with
other relate
From: [EMAIL PROTECTED]
> so how do you install that, i was thinking it would just be
> # pkg_add /home/music/xbase39.tgz
> Can't resolve /home/music/xbase39.tgz
>
> but that didnt work, how do you install that package?
You start with the FAQ:
http://www.openbsd.org/faq/faq4.html#AddFileSet
DS
From: [EMAIL PROTECTED]
> ANy issue with adding X to an upgrade when the original
> version on the system did not have it? (I listened to way too
> much bad advice setting this system up with my co-worker, now
> I have to fix it)
No. The only thing it does is unpack a distribution set (a bun
From: [EMAIL PROTECTED]
> A client is setting up a password policy, and would like to
> prevent users from
> reusing a password for a period of time (four changes ninety
> days apart). Is
> there a way to do this, either within the OS or via a program
> in ports? I've
> been looking for quit
From: [EMAIL PROTECTED]
> > In tree mail/imp depends on devel/horde that has exploit(s)
> in the wild.
> >
> > /Sigfred
> >
>
> I had a look on IMP and looks fine to me cause you can have
> POP3 too as well. I actually dodn't intend to isntall an IMAP server.
>
> As a result is IMP a good so
From: [EMAIL PROTECTED]
> Is there a special reason why we couldn't see the
>
> set skip on interface
>
> in the display of the rules in pf with the regular:
>
> pfctl -sr
If this was to be implemented, it might be more appropriate to show in the
runtime state (pfctl -si) than the rule output.
One question regarding Kerberos authentication in ftpd is whether the daemon
supports only password authentication against the kerberos database, or if
it can support authentication using a service ticket from a user who has
already gotten a TGT (passwordless login).
Also, what (if any) openbsd-co
From: [EMAIL PROTECTED]
> > useful implementation of a redundancy protocol. It's
> technically better
> > than HSRP or any of the versions of VRRP but the problems
> till stands
> > that it is not an "official" protocol, which simply means
> adoption and
> > inter operability will suffer to som
From: [EMAIL PROTECTED]
> I also tried playing with setting DESTDIR, but that didn't work very
> well. After a lot of messing around, I got a useable tar file, but it
> sure wasn't elegant.
> (http://seattlecentral.edu/~dmartin/docs/binpatch.html for my notes on
> that experience).
>
> My next i
From: [EMAIL PROTECTED]
> At first I didn't understand the reason for all the partitions (
> http://archives.neohapsis.com/archives/openbsd/2001-01/1654.ht
> ml) now I
> can't have enough partitions
An example of a problem you can run into with "overpartioning" is being too
carve-happy. You've go
From: [EMAIL PROTECTED]
> I'm now at the point to create tunnels to other systems which
> need to use
> sasync but not finding alot of documentation regarding sasync
> at this time.
>
> I've check the FAQ and did googlin in hopes to find a dry
> step by step on it.
>
> If anyone has done this
From: [EMAIL PROTECTED]
> On 6/26/06, Damien Miller wrote:
> > just please don't bug people on OpenBSD lists about private hacks
> > like this.
>
> I, for one, find discussion about private hacks like this to be
> valuable. And I think it falls under the heading of, "Miscellaneous
> discussion ab
From: [EMAIL PROTECTED]
> Har, har. :-)
> However, I don't think it would be a big deal to write a script that
> could be run after installation that walked you through your network
> setup. And a mention of it in afterboot; 'If you want to set up a
> network connection run blahblah script before
From: [EMAIL PROTECTED]
> > i file nfs traffic into the "stuff not supposed to be going through
> > the firewall" category. a firewall implies there are bad people on
> > one side of it, and you don't want bad people to access nfs, ever.
> > i'd use a vpn of some sort to tunnel through the firewa
From: [EMAIL PROTECTED]
> > Obvious, but ensure that /var/www/cgi-bin/nagios is a valid
> directory
> > from the perspective of your chroot'd server.
> >
>
> I would say that it is a valid directory... it was on my
> installation. Isn't /var/www/cgi-bin a valid chroot directory
> by definitio
From: [EMAIL PROTECTED]
> I've installed and configured nagios, and I can open the start page
> with no problems. But I don't have access to the links that monitor
> services, such as Tatical Overview. At apache log I have the following
> error messages:
>
> [Fri Jun 23 15:42:51 2006] [error] (13
From: [EMAIL PROTECTED]
> Is it not wanted that hosts on DHCP enjoy a random IP? Or is
> use of DHCP
> mainly for making configuration of hosts easier in a large network?
Does a random IP taste better to the interface card than a static one?
The *whole* point of DHCP is to make configuration o
From: [EMAIL PROTECTED]
> > The machine in question doesn't run pf, and the DSL router
> that it is
> > connected to doesn't have the option to change ports... :(
> >
> > So I'd like to settle this with named alone. :)
> >
> > Thanks,
> > Constantine.
>
>
> Correct me if I'm wrong (and I usua
From: Travers Buda via [EMAIL PROTECTED]
[snip attitude I intentionally avoided in my original posting,]
> "Security patch
> announcements are sent to the [EMAIL PROTECTED] mailing
> list."
And in fairness, announcments *are* sent to the list. Check the archives.
They end up there. Some are qui
For sysadmins that want to know as soon as possible about issues which
are deemed patch-worthy (security vulnerabilities, critical
reliability issues), what is the "best" way to stay on top of these
issues as they are resolved?
The canonical source of information seems to be errta.html, which does
From: [EMAIL PROTECTED]
> p.s. this question comes from the need to know the exact packages to
> download and burn to CD in order to get a reasonably usable desktop
> system running gnome, when said system has no connection to
> the interweb
See also: 'make print-build-depends' and 'make pri
From: [EMAIL PROTECTED]
> If one does not have OpenBSD installed how would one obtain a
> list of
> the dependencies of a certain package, say gnome-desktop for
> arguments sake?
$ cd /usr/ports/x11/gnome/desktop/
$ make describe
gnome-desktop-2.10.2p1|x11/gnome/desktop||components for the G
From: [EMAIL PROTECTED]
> Sorry, a little more detail. Pf is not running on any of these ftpd
> servers.
>
> My ftpd setup consist mainly of:
>
> /etc/rc.conf.local = ftpd_flags="-DllUSAn"
> /etc/ftpusers = has the admin account in there
> /etc/ftpchroot = the account that will receive the sc
From: [EMAIL PROTECTED]
> So if people route specific unused email addresses to spam traps,
> what do they actually do with the received emails to reduce spam
> to legitimate addresses ?
If you're not making the connection, you don't understand how spamd(8)
works.
Your MX receives mail for your
From: [EMAIL PROTECTED]
> > we used to have 'spammers ? spam this [EMAIL PROTECTED]' at the
> > bottom of each page so that crawlers would spam it. also, we had a
> > few systems accounts, not supposed to receive mail, act as spam
> > traps which proved to be quite efficient.
> >
> >
> So what do
From: [EMAIL PROTECTED]
> > > The fact that a company restricts documentation to US
> download to satisfy
> > > export concerns is quite valid.
> >
> >No, it is not. There are no export concerns over documentation.
>
> Huh? Better get yourself a lawyer before you land in jail!
> OTOH, you're n
From: [EMAIL PROTECTED] on Behalf Of Bharj, Gagan
> but they know our VPN gateway's IP address. I tried setting up our
> isakmpd.conf in a similar manner, except that I put 0.0.0.0/0
> for the peer
> gateway, but then isakmpd complains that it can't create a
> connection to the
> IP address 0.0.0
From: [EMAIL PROTECTED]
> There has been some discussion of late on this list about
> Hifn's policy
> with respect to releasing documentation to the general public. That
> discussion lead to a great deal of uninformed speculation and
> unflattering statement's about Hifn's unfriendliness towards
From: [EMAIL PROTECTED]
> Until recently I also pictured pf as feature complete. However, after
> having had hands-on experience with writing a rule set with special
> queueing of traffic directed to a (relative high) number of
> unsucceeding
> port numbers, I am annoyed with the limited table
From: [EMAIL PROTECTED]
> > I understand. You're not saying anything regarding intercepting an
> > existing
> > session and accessing the data; it's akin to getting an Ethernet
> > cable on a
> > LAN (since you have the PSK for authentication) and
> negotiating a new
> > communication session
From: Stuart Henderson [mailto:[EMAIL PROTECTED]
> > I would challenge that by intercepting WPA-protected traffic
> > you can obtain cleartext so simply.
>
> This is no WPA crack.
>
> A wireless LAN is still susceptible to normal attacks which
> can be mounted from one node on a LAN to another.
>
From: [EMAIL PROTECTED]
> On 2006/06/06 10:40, Gaby vanhegan wrote:
> > Isn't there a pre-shared key used as an IV of some sort in
> WEP (and
> > therefore WPA)? Yes, the traffic will be coming to you,
> but it's on
> > a wireless network, so you can sniff if passively if you want, you
>
From: [EMAIL PROTECTED]
> > If somebody is determined to get in, they will.
>
> You said, "I'm more concerned with stopping people sniffing
> other wireless traffic."
>
> Unless you use something that avoids running ARP-based protocols
> directly on 802.11 (pppoe?), WPA does not stop users of yo
From: [EMAIL PROTECTED]
> Although a VPN is a possibility, I'm thinking more along the
> lines of
> a wireless hotspot than an extended network. I want to make it as
> plain and simple as possible for punters to walk in off the street
> and get internet access. No client downloads, no con
From: [EMAIL PROTECTED]
> WEP is pretty much out, WPA isn't supported, IPSec is probably too
> complicated for the general public to get going, and that's about
> it. If I can't do it in OpenBSD, I may have to use a
> separate access
> point, but I'd rather keep it all in one box.
>
> Any
From: [EMAIL PROTECTED]
> Authenticated MACs are converted to an IP address, using
> dhcpd.leases
> to do the lookup. Then, as a double check, it will use the
> ARP cache
> to confirm that the IP and the MAC match up, so users can't steal
> access from a stale IP somewhere. If a user pic
From: [EMAIL PROTECTED]
> Hey did you hear that in Windows vista they implemented ASLR
> , somethink
> similar to the technology of random memory allocation in open
> bsd. So I gues
> Windows is copying bsd. Cool.
We'll see, like many other security features in Windows, if they implement
it *pr
> huh? "bedroom"? is this a joke?
KOMHATA.
Not that I'd really consider this "multi-language" support... :)
DS
From: [EMAIL PROTECTED]
> I got another kernel panic: free: non-malloced addr 0x10 type temp
>
> Many programs seg fault with "Program terminated with signal 11,
> Segmentation fault"
>
> The memory has been tested with memtest86.
>
> Any idees?
I've had memtest86 report good memory when I had
From: [EMAIL PROTECTED]
> * Wikipedia yielded the correct solution to also add
>
> #include // for std::cout and std::endl
>
> which can then be used by writing either std::cout, or
> instead having
> a namespace declaration in front (that came after my time, thanks,
> Steffen!).
>
>
From: [EMAIL PROTECTED]
> I just pulled down ftp.openbsd.org/pub/OpenBSD/3.9/ports.tar.gz
>
> and it too contains only clamav-0.88 not clamav-0.88.2
The updated ports come from CVS.
http://www.openbsd.org/anoncvs.html
DS
From: [EMAIL PROTECTED]
> When I started trying to resolve this, I knew that the add-in
> card was a
> possible solution, and I am leaning towards it more now, especially
> since the Adaptec 39160 that the tech suggested is on the OpenBSD
> supported hardware list.
> I am not committed to that ap
From: [EMAIL PROTECTED]
> Bugger.
>
> # cd /
> # tar xzf /var/spool/ftp/pub/OpenBSD/3.9/i386/xbase39.tgz
> # cd $OLDPWD
> # pkg_add mailgraph-1.12.tgz
> mailgraph-1.12:gd-2.0.33p2: complete
> mailgraph-1.12:rrdtool-1.0.49p3: complete
> mailgraph-1.12: complete
Bad habit to unpack *.tgz distribut
From: [EMAIL PROTECTED]
> > It's been imported as the new ftp-proxy:
> >
> > http://marc.theaimsgroup.com/?m=111708277030478
>
> This is good news. However, I can't get the configuration
> correct to
> allow me to put an FTP server behind a PF firewall, and allow
> inbound
> client con
From: Adam Douglas [mailto:[EMAIL PROTECTED]
> Okay, but this is only part of the problem from what I understand from
> reading the provided link. How can I have multiple sites on the same
> server then if I don't use name-based virtual hosts without using
> multiple IP addresses?
2 non-SSL sites
From: [EMAIL PROTECTED]
> At startup of Apache I get a warning notice of "[warn] NameVirtualHost
> xxx.xxx.xxx.xxx:443 has no VirtualHosts".
>
> I have two virtual hosts for port 80 based on IP to ServerName. I then
> have one virtual host for SSL port 443. I have "NameVirtualHost
> xxx.xxx.xxx.x
From: [EMAIL PROTECTED]
> The problem with the ports version of php, and I did try that
> the first time I setup the box, was the dependency list was
> huge and it installed a whole bunch of stuff that I didn't
> really need/want. The php install took almost a full day of
> downloading/compli
1 - 100 of 205 matches
Mail list logo
