I'm interested in building a live, bootable OpenBSD CD for forensics, cloning
and data recovery. Basically, boot and try to automatically bring up any
existing network interface. I'm not interesated in a GUI or play things...
only good, old-fashioned Unix tools like dd, netcat, md5, etc.
I've goog
I've begun using OpenBSD on portable computers/laptops. I want to guard
against theft. I can't stand the thought of some crook pawing my laptop and
someone looking over my personal files... pictures of my family, my taxes,
etc... it keeps me awake at night.
I set the option to configure swap in sy
Tim Hume wrote:
>
> Hi,
>
> My current PC is not very healthy. I am considering building a new low
> power consumption machine. I want something a bit more powerful than a
> Soekris, but it doesn't have to be the fastest machine around. I will
> be using the machine for web browsing, Email, manag
I'm sure everything will work out in the end. I'm in the US and I've bought
CDs, t-shirts and made a few donations. I give the t-shirts to friends and
family. Not much. I'm just one guy, but I like OpenBSD and I enjoy doing my
small part (when I'm able) to keep it going. It is the gateway to my hom
L. V. Lammert wrote:
>
> PMFJI, but isn't the issue simpler than that? If he has a MiTM attack via
> arp, doesn't that mean the attacker has access to the local subnet?
>
Remote access to a machine on that subnet would do. It does not have to be
physical. Probably a compromised Windows box that
Vadim Zhukov wrote:
>
> 1. You need shell to run shell_exec().
>
> 2. You should specify path _inside_ chroot: "/test/hello".
>
Thanks guys. Because of your tips, I got it working. I've never dealt with a
chrooted Apache before. Off to read the docs.
--
View this message in context:
http:/
I compile some c code and link it statically. It's the simple 'hello world'
program. I name it 'hello' and put it in /var/www/test/
I then try to execute it through php using the shell_exec function like so:
$output = shell_exec("/var/www/test/hello");
echo $output;
I get no output at all. Same
Does anyone run regular OpenBSD (bsd instead of bsd.mp) on quad core devices?
I have a few quad core processors and I do not care to or need to do SMP
stuff. I'm assuming this is an OK practice? Probably a dumb question, but I
wanted to ask just to make sure.
--
View this message in context:
http
Theo de Raadt wrote:
>
> Or how about we skip the prizes, and Theo gets to do a bit of
> development once in a while, instead of making coffee mugs and signing
> CDs that are not even shipped out of the city where he lives?
>
> I thought the software and the ideas behind the software were enough
I mentioned this when I pre-ordered 4.4... I think folks thought that I was
joking. Do prizes for pre-orders. Nothing fancy just something like this:
1. First 50 pre-orders win a T-Shirt and Theo signs the CD case.
2. The 100th pre-order wins a coffee mug.
3. 200th "
4. 300th "
5. Do something spe
STeve Andre' wrote:
>
> You might want to try -current--it just might fix your problem. Lately
> I've been doing a trick that annoys my Linux friends--I take their USB
> wifi stick and stuff it into my thinkpad and use it. With very few
> exceptions, it just works.
>
At the same time, there ar
J.C. Roberts-3 wrote:
>
> When running -CURRENT snapshots, should we send in a new dmesg every
> time we install a new snapshot?
>
I sent one today. I seldom do, but an on board Ethernet device using (lii)
that had not worked in 4.4, worked in the latest snapshot (I had not ran a
snapshot since
I tried loading the most recent snapshot (2-28-2009) and running the tests
again. Same results. I loaded some screenshots and other information here:
http://filebox.vt.edu/users/rtilley/public/tcpdump
It could be I'm doing something incorrectly with syntax as I don't dp this
often. The exact comm
While doing some testing of a commercial IDS device, we were attempting to
verify the vendor's claim that the device is IPv6 capable and would detect
any IPv6 attack. So, we tested both an IPv4 attack and an IPv6 attack.
OpenBSD 4.4 i386 running nmap was the source of the attacks. Debian Linux
was
Brian Keefer wrote:
>
> That's weird. I have a nearly identical machine with almost the same
> configuration. The only difference without checking dmesg line-by-
> line is that mine has one disk drive rather than two. I'll check my
> dmesg when I get home.
>
Thanks for the help guys. We
Hi guys.
I'm helping a friend install 4.4 (Sparc64) on this SunFire V120 he got for
free :) It's a very nice box with a working Solaris install. It boots the
install.iso and proceeds to install, but when we get to the point of
selecting a root disk... the only option we have is [done]. OpenBSD see
Hi guys,
I searched the packages list, but did not see any. Does anyone use a packer
such as UPX on OpenBSD?
Thanks for any info,
--
View this message in context:
http://www.nabble.com/packer-for-C%2B%2B-Executbales-tp21715777p21715777.html
Sent from the openbsd user - misc mailing list archive
Martin SchrC6der wrote:
>
> Why do you maintain stable by issuing security patches for it if you
> don't care if anybody installs them (by not telling them about the
> patches through one of the designated channels)? Don't you want
> people installing them?
>
> Is it so hard to write a mail to the
David Schulz-5 wrote:
>
> yes, its awesome this time !
>
That's like telling your wife, "You look beautiful... today." It's better to
leave off the last part. "It's awesome" will suffice.
--
View this message in context:
http://www.nabble.com/OpenBSD-4.4-released%2C-Nov-1.--Enjoy%21-tp20269800
T D wrote:
>
> Hi all,
>
> I have installed 4.4 on a machine (ibm aptiva) with the below dmesg
> output.
> As I am somewhat new to this os, I would like some sugestions as to what I
> could/should do with this box and no I will not rm -rf /
> Any ideas/suggestions greatly apreciated.
> Thanks
> T
deraadt wrote:
>
> And if you really are worried, use the patch I mailed out earlier,
> and the load will always be zero. Then there are no more worries!
>
That's both cruel and funny at the same time.
--
View this message in context:
http://www.nabble.com/Oddly-high-load-average-tp20384695p
Tom-100 wrote:
>
> When (if ever) will support for installing OpenBSD with a USB CD-ROM
> be added?
>
I use it all the time. Have for quite some time. In fact, I just installed
4.4 using a very old Iomega 2x USB cd writer. No problems at all... just
slow b/c of the age of the drive.
--
View th
Lori Barfield wrote:
>
> SunOS 2.6 was released in 1999. if someone can really run a 9-yr-old
> release of *anything* exposed to the internet without "doing much to it,"
> and still avoid compromise, that would be a pretty good trick.
>
> ...lori
>
Yes, I agree. But I have seen systems that old
Douglas A. Tutty-2 wrote:
>
> If the box is running but no users are logged-in, why can't the data be
> encrypted and therefore private?
>
It can be. Use OpenSSL or GnuPG or PGP symmetrically (only store the
passphrase in your head) in addition to volume/disk level encryption. Tar up
your secre
I know. Longest uptime is silly, macho, pointless stuff... but I ran across
an old SunOS 2.6 box that had been up for 387 days. It had been hacked. The
only reason it was not an open mail relay is that /var was full. So, I
thought to myself, "I bet I could run an OpenBSD box for that amount of time
Pre-orders are worth the money, save up 50 bucks (that's just 8 dollars and
33 cents a month over 6 months time). I've only been a dedicated user since
4.2 release, but once you go OpenBSD, you can't use anything else. This has
got to be the simplest, most straight-forward, most logical operating s
Has anyone on misc every written source code, released it under the GPL and
then later switched the license to BSD or a similar license? This is
something I am considering. I understand that GPL cannot be revoked, etc.
However, as I hold the copyright, I should be able to do a new release and
from
Tobias Weingartner-2 wrote:
>
> make cpuid && ./cpuid | mail -s 'cpuid output' [EMAIL PROTECTED]
>
Perhaps this is implied by 'make', but for the sake of clarity, I did it
like this:
gcc cpuid.c -o cpuid | ...
And it worked OK.
--
View this message in context:
http://www.nabble.com/New-cpu
First time I've pre-ordered. Wondering when the 4.4 PKG_PATHs will be
available so that I can add packages?
--
View this message in context:
http://www.nabble.com/4.4-Packages-tp20049487p20049487.html
Sent from the openbsd user - misc mailing list archive at Nabble.com.
4.4 CDs arrived in Virginia (east coast USA). Thanks... the T-Shirt is cool
too.
--
View this message in context:
http://www.nabble.com/4.4-arriving-in-the-U.S.-tp19978347p19985423.html
Sent from the openbsd user - misc mailing list archive at Nabble.com.
Kurt Miller-3 wrote:
>
> Your negativity sucks. Porting Java to OpenBSD was and is not
> a trivial effort. It also serves as an excellent test bed for
> threads, the runtime linker and large memory applications.
>
> That was meant as a joke. I got 4.4 today and it had a sticker poking fun
> at Ja
Ben Adams-3 wrote:
>
> Just wondering if this will effect OpenBSD with java:
> Per the interim governance guidelines for Projects [1] I'm pleased
> to announce the creation of the BSD Port Project
>
Java is nasty. There... I said it and it is true. The goopy OOP of Java will
tarnish anything
Vivek Ayer wrote:
>
> Do you get to see anything before you press Ctrl+Break.
>
Yep... looks like this:
Netra t1 (UltraSPARC-IIi 440MHz), No Keyboard
OpenBoot 3.10.27 ME, 1024 MB memory installed, Serial #14272968.
Ethernet address 8:0:20:d9:c9:c8, Host ID: 80d9c9c8.
Boot device: disk File a
Vivek Ayer wrote:
>
> Well...i have the install43.iso cd. I don't think choosing the media
> is my problem. What's the quickest way to see a OpenPROM ok prompt on
> a foreign machine? What commands do I use (e.g., cu, tip, etc.)? If I
> can get an "ok" prompt, I'm golden.
>
I normally connect v
Vivek Ayer wrote:
>
> So assuming the cable is the right cable, in short, what would I have
> to do to install OpenBSD on a sparc64 from a i386 console?
>
I've used the miniroot method on Sun Netra's with good results. See this
URL:
http://openbsd.org/sparc.html
--
View this message in contex
Steve Shockley wrote:
>
> OpenBSD users can't shut down the system, either...
>
Hmmm... `shutdown -ph now` works OK for me. Is this an inside joke or
something? I don't get it.
--
View this message in context:
http://www.nabble.com/Rosetta-Stone-for-Unix-tp19890925p19903293.html
Sent from the
I get this output:
hw.sensors.cpu0.temp0=39.00 degC
hw.sensors.lm1.temp0=45.00 degC
hw.sensors.lm1.temp1=22.00 degC
hw.sensors.lm1.temp2=31.50 degC
hw.sensors.lm1.fan1=2070 RPM
But, I'm rather certain that the third line (22.00 degC) is the actual temp
of the CPU as this is what the BIOS reports
Theo de Raadt wrote:
>
> Pre-orders for OpenBSD 4.4 (CD, tshirt, poster) are up at
>
> http://www.openbsd.org/orders.html
>
>
Do the first X number of pre-orders get autographed... or something :)
--
View this message in context:
http://www.nabble.com/OpenBSD-4.4-pre-orders-tp19318
I was considering buying one of these (cheap, small and quiet) to be used as
an OpenBSD firewall. It has one free slot for an additional NIC. Has anyone
ran OpenBSD on one of these before? I can't try before buying.
Here are the hardware details:
http://www.newegg.com/Product/Product.aspx?Item=N82
When can 4.4 be pre-ordered?
Thanks,
Brad
--
View this message in context:
http://www.nabble.com/Pre-Order-4.4-tp19253902p19253902.html
Sent from the openbsd user - misc mailing list archive at Nabble.com.
new_guy wrote:
>
>
>
> Marco S Hyman wrote:
>>
>> "Brad Tilley" writes:
>> > performed from the OpenBSD 4.2 install CD. I'll send it to the one
>> > 'ISO Certified' company that agreed to examine it. If they cannot
>&g
Diana Eichert wrote:
>
> Eric if you were in MI (I really want to make a joke, but I won't)
> then you know that techniques related to data recovery from hard
> drives would be classified. The intelligence community is not
> prone to publicaly publish whitepapers on their operations.
>
> diana
Marco S Hyman wrote:
>
> "Brad Tilley" writes:
> > performed from the OpenBSD 4.2 install CD. I'll send it to the one
> > 'ISO Certified' company that agreed to examine it. If they cannot
>
> You keep throwing around the 'ISO Certified' tag as if it had some
> special meaning. Certified to wha
Marco Peereboom wrote:
>
> bullshit.
>
I decided to put my money where my mouth is :)
I bought a 80GB, Western Digital IDE hard drive. $60 USD. Attached it to a
Windows XP laptop (usb-ide bridge), initialized it, created one (1) primary
partition, formatted it NTFS and copied an older subversio
Marco Peereboom wrote:
>
> Grind them up. There is nothing else you can do to "permanently" wipe
> disks. Residual magnetism is always there provided good enough
> equipment. If your data is that sensitive there is nothing else but the
> grinder.
>
Be sure that you do this yourself or persona
xSAPPYx wrote:
>
> Someone linked me this article a couple calling into question the
> ability to actually read overwritten data:
> http://www.nber.org/sys-admin/overwritten-data-guttman.html
>
> I'de love to read something from the other side, showing real examples
> of getting usable data off o
Jon-113 wrote:
>
> Is there any program for OpenBSD that will clean up the disks so that
> deleted files cannot be recovered.
>
/dev/zero or /dev/urandom either will work fine (the first being quicker
than the last)
--
View this message in context:
http://www.nabble.com/delete-deleted-data-tp1
Darrin Chandler wrote:
>
> It's been a while, but iirc you can just do "boot cd" instead of all the
> other happy horseshit.
>
There was no internal IDE CD drive. So boot cd would not work... "failed to
find boot device" So that extra horse shit (and I agree 100% that it is
horse shit) was, unfo
Sorry for all the posts. I figured it out. I dd'ed floppy42.fs to one of the
unused drives and booted that way.
--
View this message in context:
http://www.nabble.com/sparc64-on-Sun-Netra-T1-with-external-CD-Drive-tp14518767p14526801.html
Sent from the openbsd user - misc mailing list archive at
Still no go. However, it doesn't appear to be a OpenBSD specific issue.
FreeBSD and Debian CD installers won't boot from the external CD drive
either. Currently, I can boot the machine with a Solaris install CD or from
Solaris that had been installed on the HDD prior to me receiving the
computer. C
Hi again,
>From the ok> prompt, I'm doing this:
boot /[EMAIL PROTECTED],0/[EMAIL PROTECTED],1/[EMAIL PROTECTED]/[EMAIL
PROTECTED],0:f
This boots the Solaris install CD OK, but not OpenBSD 4.2 CD. Any tips?
Thanks,
Brad
--
View this message in context:
http://www.nabble.com/sparc64-on-Sun-Net
I would like to install OpenBSD *once* and keep it patched and secured for
many years there after (5 - 7 years) in a production environment. Would it
be feasible to get a snapshot today and follow -current for many years w/o
having to reinstall? Basically, this approach would skip -stable and
-rele
I've looked, but can't find it. Before getting the source and compiling, is
this somewhere in ports?
Thanks,
Brad
--
View this message in context:
http://www.nabble.com/GnuPG2-package-or-port-tp14375855p14375855.html
Sent from the openbsd user - misc mailing list archive at Nabble.com.
Hi guys,
I just received an old Sun Netra T1 (105) that has an older version of
Solaris (SunOS 5.9). It has two 18GB SCSI drives, no cd or floppy drives.
There is a serial/LOM port that I can access and dual Ethernet ports. I can
get the ok prompt (Stop-A), the LOM prompt and boot SunOS in various
badeguruji wrote:
>
> Hello,
>
> Is there anything on OpenBSD like the one below for
> FreeBSD. It presents material very clearly and
> cleanly, makes look freebsd very attractive.
>
> http://people.freebsd.org/~kris/scaling/7.0 Preview.pdf
>
> Thank you.
>
> -BG
>
> _
Benjamin M. A'Lee-2 wrote:
>
> Also I assume you mean MUA, not MTA, since I don't know of any MTAs that
> directly support either PGP or S/MIME...
>
> Ben
>
Yes, sorry, it was late, I was tired, but at least I was consistently wrong
;)
--
View this message in context:
http://www.nabble
viq-2 wrote:
>
>
> Q: Why bother signing messages at all?
> A: Because I feel like it.
>
> Yes, I know inline signing is frowned upon, and MIME won't make it do
> the list, but that's besides the point as well.
>
>
> So, having gotten that out of the way, do you have any opinions on
> either?
badeguruji wrote:
>
> I am getting constant hacking attempt into my computer
> from following IPs. Although, I have configured my ssh...
>
This is so common that we ignore it at Virginia Tech. Some days, we log 20k
- 30k ssh brute force attempts... I'd like to track 'em down and string 'em
up to
Daniel Bosk wrote:
>
> Brad, you really did start some thread. Starting with a rather
> innocent question. Interesting reading though.
>
> My best to all of you,
>
> Daniel
>
Thanks, I love OpenBSD. I see the lack of signed code and signed
communication as a potential security issue. It *has
Bob Beck-2 wrote:
>
> If you want a secure binary. buy an official CD.. This is
> what most people do. PKI requires infrastructure that would cost OpenBSD
> money and developer time. Official CD's keep OpenBSD alive.
>
> Oh wait, we should devote resources to people who care about
>
BOFH-5 wrote:
>
> Would you consider Bruce Schneier to be knowledgeable about PKI? Have you
> read:
> http://www.schneier.com/paper-pki.html
>
Yes, I've read that. He's talking about CA's. He does not ridicule PGP keys
as you seem to. In fact, he has a few of his own:
Bruce Schneier <[
Nick Guenther wrote:
>
> Well, there's the MD5 files (e.g.
> http://openbsd.arcticnetwork.ca/pub/OpenBSD/4.2/i386/MD5).
> but yeah, for the most part OpenBSD doesn't need it.
> -Nick
>
Could you explain in more detail? Why doesn't OpenBSD need to use pgp keys?
Really, I'm not trying to start any
Harpalus a Como wrote:
>
> What is the benefit of doing so? What's the point? Is the website so
> likely
> to be hacked into, that the developers need to sign all communication just
> to ensure that it comes from them? There's absolutely no need to signing
> errata or official communications. Name
Lars Hansson-5 wrote:
>
> No. OpenBSD doesn't sign code.
>
> ---
> Lars Hansson
>
Oh that surprises me, are OpenPGP signatures used for anything? Errata,
official communication, etc... maybe this is a stupid question, by it seems
everyone does it these days... even small software projects. Not
I've searched OpenBSD.org and google for source code signing practices in
OpenBSD, nothing obvious stands out. I've probably overlooked it. Just
curious about this... is the process described someplace?
--
View this message in context:
http://www.nabble.com/Code-signing-in-OpenBSD-tf4947207.html#
> 375, 410, 468:
> Are these build numbers?
Yes.
So, the current stable kernel is 0?
OpenBSD amdthunder.home.local 4.2 GENERIC#0 i386
OpenBSD black.cirt.vt.edu 4.2 GENERIC#0 i386
--
View this message in context:
http://www.nabble.com/OpenBSD-version---build-question-tf4923181.html#a14163491
Se
Pedro de Oliveira wrote:
>
> Hello,
> Someone on IRC just posted this link http://www.delilinux.de/oksh/ , seems
> like someone ported OpenBSD ksh to Linux and licensed it under GPLv3.
> Isn't
> this a license violation?
>
> The ksh in OpenBSD is the pdksh (Public Domain). Slap a license on it if
Do you have xbase42.tgz installed ?
http://www.openbsd.org/faq/faq1.html#WhatsNew
Yup, that fixed my pkg_add errors as well. IMO, it seems best to specify
'all' when installing... even if you don't use any X components.
--
View this message in context:
http://www.nabble.com/Port-compile-and-pa
What is the difference between these two cvs commands? I know what the first
one does... checks out the source code to stable and assumes a CVSROOT is
around... but is the second command not the same? I understand all the
options... except for 'get'... how is that different from checkout?
cvs chec
Richard Wilson-5 wrote:
>
> http://www.xkcd.com/349/
>
In response to the comic after recently coming back to OpenBSD after
many years of not using it often, I found it refreshingly simple and easy to
install compared to the average Linux stuff out today! Dual-boot,
single-boot, etc... it's
Hey guys, I got whacked off-line with a clue stick about using screen or
nohup to prevent this sort of thing in the future... OK, will do but, since
'make build' was interrupted, does anything 'special' need to be done like a
make clean, etc? Or do I just redo the initial commands to build the
bina
Hi guys,
While updating 4.2-release to 4.2-stable remotely over a SSH session, the
SSH session died during the 'make build' stage of rebuilding the binaries...
I think make build had almost completed. I was following the instructions
located here:
http://openbsd.org/stable.html
Question, will thi
Girish Venkatachalam-2 wrote:
>
>
> Can't you bridge them or create separate subnets and route them?
>
> Is trunking the purpose here?
>
> Just wondering
>
It was just an experiment. I was trying to do some funky routing through the
wireless interface. I'll play with it some more. Thanks
Hi guys,
I have a Linksys WUSB11 v2.8 802.11 USB wireless adapter on a fresh OpenBSD
4.2 install. It is recognized as an atu0 device. Internally it works great.
I can ping all of the IPs inside the gateway (and ping the gateway) and
browse to internal web sites, etc. Externally, I have no connecti
Darren Spruell wrote:
>
>
> Sadly, justifying the obvious through these means is often a requirement.
>
> Here's an approach you might consider. Take a best practice /
> standards guide such as from NIST:
>
> http://www.itl.nist.gov/lab/bulletns/bltndec02.htm
> http://csrc.nist.gov/publications
If this is off-topic, I apologize. Just tell me and I'll go away ;)
I'm having discussions with a coworkers about moving to OpenBSD for
Apache/PHP web hosting. Right now, we use various Linux distros. I have no
problem with that. Linux is cool... but it's takes more time to secure and
manage. I li
Aaron Martinez wrote:
>
>
> can you log in using single user mode?
>
> boot> boot -s
>
> then change it?
>
> Aaron
>
> I forgot to mention the box was headless. I had to return to the site. I
> was hoping there was some other way to make the fix... not matter now. I
> visited the site this
Aaron Martinez wrote:
>
>
> can you log in using single user mode?
>
> boot> boot -s
>
> then change it?
>
> Aaron
>
> Thanks to all! I'm back up and running. I just feel like an idiot :)
>
>
>
--
View this message in context:
http://www.nabble.com/I%27ve-done-something-stupid-tf47755
Somehow as root, I changed my shell to a non-existent shell '/bin/tcsh' on
OpenBSD 4.2
When I try to su, I get this error:
su: /bin/tcsh: No such file or directory
I can't login as root, ssh in as root or su to root. I'm not in the sudoers
file (but I am in the wheel group) so I can't sudo chsh f
79 matches
Mail list logo
