On Dec 11 00:30:15, Chris Zakelj wrote:
> Curious problem here, though I'm probably missing something obvious. I
> have apm enabled through /etc/rc.conf.local (apmd_flags=""), and when I
> issue 'shutdown -h -p now', the system powers off correctly. However,
> if I try to use sleep or suspend
Dear Sally,
I am running 4.2-stable on a Dell Latitude LS (dmesg bellow) with the
BIOS upgraded to A09 (the latest available). It also dual-boots FreeBSD;
I would like to get rid of that, and what stops me is power management
support. I want to scale CPU frequency according to the load, I want
som
Juan Miscaro wrote:
Hi,
I am using OpenBSD 4.2 as my WAP with a ral adapter. My wireless
client is running Kubuntu.
The server is running dnsmasq (DHCP/DNScaching) and everything works.
However, after a while the connection breaks completely and the only
thing that rectifies the situation is
Lynx is secure ;)
There are no insecure browsers, just insecure sites.
On Jan 18, 2008 4:39 PM, Tony Abernethy <[EMAIL PROTECTED]> wrote:
>
> Alexey Vatchenko wrote:
> > On 2008-01-18, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
> > > On Thu, Jan 17, 2008 at 06:24:16PM -0700, Clint Pachl wrote:
>
On Thu, Jan 17, 2008 at 10:11:47PM -0500, Steve Shockley wrote:
> Douglas A. Tutty wrote:
> >I have a box that I want to keep as secure as I can but I also need to
> >be able to use a graphical browser from it (I know that this is a
> >trade-off).
>
> Assuming you've already decided to run X, then
On Fri, 2008-01-18 at 11:49 -0200, John Nietzsche wrote:
> Dear gentleman,
>
> i am starting with vlan topic right now. I am in need to get two dell
> powerconnect 2724 switches to implement 3 vlan. I know how to
The Dee PC2724 cant move its mgmnt vlan from VLAN1, and *BSD vlan(1)
wont transmit V
On Fri, Jan 18, 2008 at 03:14:05PM +, Alexey Vatchenko wrote:
> On 2008-01-18, Tony Abernethy <[EMAIL PROTECTED]> wrote:
> > Alexey Vatchenko wrote:
> >> On 2008-01-18, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
> >> > On Thu, Jan 17, 2008 at 06:24:16PM -0700, Clint Pachl wrote:
> >> >> If yo
Hello misc,
after a successful upgrade of a X4100 M2 to the latest snapshot, the
server fails to reboot after having issued the reboot(8) command as
root. This was working fine before with the snapshot which was from
early December (also i386 .mp, ACPI enabled manually back then, which
is now imp
> On Fri, Feb 01, 2008 at 08:40:01PM -0600, Aaron wrote:
> > Albeit i don't have to alter my /etc config files, the .mc files that
> > have to be edited lie in the /usr/src
you didn't find the version in /usr/share/sendmail/cf then? :-)
copy openbsd-proto.mc to something else and edit that inste
2007/12/30, Hannah Schroeter <[EMAIL PROTECTED]>:
>
> If you type rm foo and foo was the last link to the file (the underlying
> inode) and there was no open file descriptor and no mapped memory
> referring to the inode, either (I hope I've covered the important kinds
>
So, is there a 'sure way' t
2008/1/16, Henning Brauer <[EMAIL PROTECTED]>:
> * Piotrek Kapczuk <[EMAIL PROTECTED]> [2008-01-16 18:59]:
> > Hi
> >
> > 2008/1/16, Henning Brauer <[EMAIL PROTECTED]>:
> > > * Piotrek Kapczuk <[EMAIL PROTECTED]> [2008-01-16 15:51]:
> > > > 2008/1/16, Henning Brauer <[EMAIL PROTECTED]>:
> > > > > *
* Brian A. Seklecki (Mobile) <[EMAIL PROTECTED]> [2008-01-18 16:35]:
> On Fri, 2008-01-18 at 11:49 -0200, John Nietzsche wrote:
> > Dear gentleman,
> >
> > i am starting with vlan topic right now. I am in need to get two dell
> > powerconnect 2724 switches to implement 3 vlan. I know how to
>
> T
On Fri, Jan 18, 2008 at 06:25:41PM +1300, Joel Wiramu Pauling wrote:
> chroot ;-).
>
See the previous threads on this list about the false sense of security
with virtualization and chroots in this context.
Also see the previous thread for how I'm separating things between
"secure", "entertainmen
On Fri, Feb 01, 2008 at 08:40:01PM -0600, Aaron wrote:
> Douglas A. Tutty wrote:
> >However, there have been threads here detailing the recompilation
> >necessary for sendmail to handle SSL Auth (or whatever its called). If
> >you have to recompile sendmail (as opposed to changing a config),
> >pr
On 2008-01-18, Diana Eichert <[EMAIL PROTECTED]> wrote:
> On Fri, 18 Jan 2008, John Nietzsche wrote:
>
>> Dear gentleman,
^^^ means one of them :)
Bachman Kharazmi wrote:
> yeay!
> outputs.speaker.eapd=off -> on
> did turn off the mute led. and now I get should ;)
> ...
I think you meant "sound"... ;)
"should" means something entirely different...
-Nix Fan.
Juan Miscaro <[EMAIL PROTECTED]> writes:
> Anyway, I'm pretty pissed because my research led me to conclude that
> the ral device was well supported. I paid top dollar for the thing.
Are you quite sure the problem is in fact on the access point side?
It may not be relevant to your situation, bu
Alexey Vatchenko wrote:
> On 2008-01-18, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
> > On Thu, Jan 17, 2008 at 06:24:16PM -0700, Clint Pachl wrote:
> >> If you want security, get rid of X.
> >>
> > Even if it's OpenBSD's X? The one that you need should you need to
> > build any ports (including
--- Alexander Hall <[EMAIL PROTECTED]> wrote:
> Juan Miscaro wrote:
> > Hi,
> >
> > I am using OpenBSD 4.2 as my WAP with a ral adapter. My wireless
> > client is running Kubuntu.
> >
> > The server is running dnsmasq (DHCP/DNScaching) and everything
> works.
> >
> > However, after a while the
On 2008/01/18 11:49, John Nietzsche wrote:
> Dear gentleman,
>
> i am starting with vlan topic right now. I am in need to get two dell
> powerconnect 2724 switches to implement 3 vlan. I know how to
> configure the ports for desktops, but i am having a hard time
> configuring the port(s) that shou
On Fri, Jan 18, 2008 at 02:33:30PM +0100, Han Boetes wrote:
> Most secure goes a long way. I run firefox on a sepperate user
> account. I doubt it's the most secure solution but it sure is
> quite a bit more secure, and I'm quite sure you really don't want
> to the most secure solution. :-)
>
> ht
On Thu, Jan 17, 2008 at 06:24:16PM -0700, Clint Pachl wrote:
> No kidding. Having X installed on a main server is a bad idea. What does
> this main server do? If you need a GUI on your server you should
> probably use Linux or Windows.
>
> If you just need a browser to view documentation on th
Most secure goes a long way. I run firefox on a sepperate user
account. I doubt it's the most secure solution but it sure is
quite a bit more secure, and I'm quite sure you really don't want
to the most secure solution. :-)
http://www.xs4all.nl/~hanb/documents/firefox_for_paranoid_people
# Han
Bachman Kharazmi writes:
> yeay!
> outputs.speaker.eapd=off -> on
> did turn off the mute led. and now I get should ;)
Great. :)
> I can adjust level using for example mixerctl
> outputs.speaker=200,200 but the control in aumix is not
> adjustable.
This is the biggest problem with that driver:
On Fri, Jan 18, 2008 at 08:39:57AM -0600, Tony Abernethy wrote:
> Alexey Vatchenko wrote:
> > On 2008-01-18, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
> > > On Thu, Jan 17, 2008 at 06:24:16PM -0700, Clint Pachl wrote:
> > >> If you want security, get rid of X.
> > >>
> > > Even if it's OpenBSD's
On Sat, Jan 19, 2008 at 03:08:36AM +1100, Sunnz wrote:
> 2007/12/30, Hannah Schroeter <[EMAIL PROTECTED]>:
> >
> > If you type rm foo and foo was the last link to the file (the underlying
> > inode) and there was no open file descriptor and no mapped memory
> > referring to the inode, either (I ho
Hi all,
http://openbsd.org/42.html#new says
New piixpcib(4) driver for System Management Mode initiated
speedstep frequency scaling on certain pairings of the Intel
PIIX4 ISA bridges and Intel Pentium 3 processors.
Now I wonder which certain pairings are supported. My HW
I have the beginning of a port of k3b. There are just a lot of things
in the realm of cd/dvd handling that need porting. It's not just a few
patches, and it will work.
On Saturday 19 January 2008, Juan Miscaro wrote:
> --- Alexander Hall <[EMAIL PROTECTED]> wrote:
> > Juan Miscaro wrote:
> > > Hi,
> > >
> > > I am using OpenBSD 4.2 as my WAP with a ral adapter. My wireless
> > > client is running Kubuntu.
> > >
> > > The server is running dnsmasq (DHCP/DNScachin
On Fri, Jan 18, 2008 at 05:10:58PM +0200, Dusty wrote:
> There are no insecure browsers, just insecure sites.
OK, but how do you tell a secure site from an insecure site? If a site
turns out to be insecure, if the browser isn't vulnerable to the attacks
that the insecure site can exploit, then th
On 1/18/08, Dirk Mast <[EMAIL PROTECTED]> wrote:
> Diana Eichert wrote:
> > diana (who spent last night working on Cisco, Foundry and Netscreen gear.)
>
> Maybe you stop telling in every fifth post that you are a woman
> and that you'd like special treatment.
only for very large values of five...
Hi
On Fri, Jan 18, 2008 at 09:49:10PM +0100, [EMAIL PROTECTED] wrote:
> In the last couple of weeks I have been reading a lot of security
> related literature with a strong emphasis on web related issues.
>
> It seems to me that a lot of people tend to call themselves "Security
> Experts" and the
On Fri, Jan 18, 2008 at 09:55:24PM +, Jacob Meuser wrote:
Hi!
> please see ports@ (where this thread belongs). let me know if you
> have different (better) patches.
My modifications are basically same, but there aren't many ways
to do it ;)
--
rix
http://www.ripe.net/perl/[EMAIL PROTECTED
On Fri, Jan 18, 2008 at 09:55:24PM +, Jacob Meuser wrote:
Hi!
> la la la, beat you to it ;P
I did the porting about half a year ago but didn't have enough
time/motivation to clean it up ;P mkhybrid+cdio tao is enough for
me.
--
rix
http://www.ripe.net/perl/[EMAIL PROTECTED]
On Fri, Jan 18, 2008 at 09:30:01PM +0200, Jussi Peltola wrote:
> Most of the replies are missing the point. You do not only want to
> protect the rest of your system from your browser. You also want to
> avoid your browser doing anything an attacker wants when he finds an
> exploit in it.
>
> If y
I'm trying to install the BerkeleyDB Perl module via CPAN without
sucess on OpenBSD 4.2.
Can anyone corroborate?
Crash:
CPAN.pm: Going to build P/PM/PMQS/BerkeleyDB-0.33.tar.gz
Parsing config.in...
Looks Good.
Checking if your kit is complete...
Looks good
Note (probably harmless): No librar
A uname -a and the relevant snippets of hoststated.conf would go a
long way in assisting you...
On 1/18/08, Rami Sik <[EMAIL PROTECTED]> wrote:
> I have been using PF on openBSD as a firewall box without any problem. I
> have two boxes in redundant configuration with CARP. Afterwards, I
> needed
On 1/18/08, Sunnz <[EMAIL PROTECTED]> wrote:
> From what I understand, if foo isn't the last hard link to the file,
> and `rm foo` will NOT delete the file...
>
> Say if the current version of OpenSSH has a security hole, and some
> user create a hard link to it, it would be the that version of Ope
I have been using PF on openBSD as a firewall box without any problem. I
have two boxes in redundant configuration with CARP. Afterwards, I
needed to use load balancing for both http and https using hoststated.
However, load balancing does not seem to stable. In my case, it is
almost working for a
On 1/18/08, Alexey Vatchenko <[EMAIL PROTECTED]> wrote:
> The problem is not in blobbyness (all drivers that come with OpenBSD are open
> sourced), the problem is that the userland program (X server) has access to
> the
> things that must be allowed only to kernel.
and if you don't run X, it does
dude, from what your saying, then run a browser, in chroot via ssh. To your
remote X server. You may also want to rub a scrubbing proxy in that environ,
(i.e dans guardian or somesuch). While a chroot is not ideal, it is a step
up from running just plain ol unprivileged. And it's not like chroots a
On Fri, 18 Jan 2008, John Nietzsche wrote:
> Dear gentleman,
That's a very sexist way to address the people on this list.. be a bit more
gender neutral next time.
-Nix Fan.
* Piotrek Kapczuk <[EMAIL PROTECTED]> [2008-01-18 17:13]:
> 2008/1/16, Henning Brauer <[EMAIL PROTECTED]>:
> > * Piotrek Kapczuk <[EMAIL PROTECTED]> [2008-01-16 18:59]:
> > > Hi
> > >
> > > 2008/1/16, Henning Brauer <[EMAIL PROTECTED]>:
> > > > * Piotrek Kapczuk <[EMAIL PROTECTED]> [2008-01-16 15:5
On Fri, 18 Jan 2008, John Nietzsche wrote:
Dear gentleman,
Good thing you made this initial comment, it kept me from wasting my time
explaining how to do this task.
diana (who spent last night working on Cisco, Foundry and Netscreen gear.)
On 2008-01-18, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
> On Thu, Jan 17, 2008 at 06:24:16PM -0700, Clint Pachl wrote:
>> If you want security, get rid of X.
>>
> Even if it's OpenBSD's X? The one that you need should you need to
> build any ports (including if you follow current and need secu
On Jan 18, 2008 4:28 PM, Ted Unangst <[EMAIL PROTECTED]> wrote:
> On 1/18/08, Sunnz <[EMAIL PROTECTED]> wrote:
> > From what I understand, if foo isn't the last hard link to the file,
> > and `rm foo` will NOT delete the file...
>
> what does it matter if somebody keeps a link to it? if you have
On Sat, 19 Jan 2008 08:47:56 +1300, Joel Wiramu Pauling wrote:
> One other note, if your planning on doing any internet banking, your pretty
> much stuck with Firefox or Opera (using binary emulation). Haven't tried ie
> under wine on openbsd, it may work also.
>
> Why? Because a lot of the inter
Hi.
In the last couple of weeks I have been reading a lot of security
related literature with a strong emphasis on web related issues.
It seems to me that a lot of people tend to call themselves "Security
Experts" and they work with security and they write articles and/or
books about the subject.
On Fri, Jan 18, 2008 at 07:47:08PM +, rivo nurges wrote:
> On Fri, Jan 18, 2008 at 07:56:34PM +0100, Marc Espie wrote:
>
> Hi!
>
> > It compiled, that's not too difficult to achieve, but it doesn't do anything
> > yet.
>
> I have working(its able to erase/write CDs and DVDs at least) port
>
On Fri, 18 Jan 2008, Dirk Mast wrote:
SNIP
Maybe you stop telling in every fifth post that you are a woman
and that you'd like special treatment.
Really? I feel proud, you can count to five and I helped. Too bad, you
can't use the other fingers to learn to count to ten, but that hand is
pro
On Sat, 19 Jan 2008 08:41:18 +1300
"Joel Wiramu Pauling" <[EMAIL PROTECTED]> wrote:
> but to me sounds like your making a non-issue into a mole hill. Even
> the most limited of hardware can run decent browsers. Why you are
> insisting on using your access box, when you have another machine is
> be
2008/1/19, Ted Unangst <[EMAIL PROTECTED]>:
> what does it matter if somebody keeps a link to it? if you have idiot
> users who insist on using broken software, you have bigger problems.
> what if they download the old version and compile it themselves?
>
I guess you are right... but still, that
On Fri, Jan 18, 2008 at 10:44:18PM +, rivo nurges wrote:
> On Fri, Jan 18, 2008 at 09:55:24PM +, Jacob Meuser wrote:
>
> Hi!
>
> > la la la, beat you to it ;P
> I did the porting about half a year ago but didn't have enough
> time/motivation to clean it up ;P
well, IMO, the ports system
On 19/01/2008, Stuart Henderson <[EMAIL PROTECTED]> wrote:
>
> On 2008/01/19 08:47, Joel Wiramu Pauling wrote:
> > One other note, if your planning on doing any internet banking, your
> pretty
> > much stuck with Firefox or Opera (using binary emulation).
>
> lynx works fine for me. with some of th
On 2008/01/19 08:47, Joel Wiramu Pauling wrote:
> One other note, if your planning on doing any internet banking, your pretty
> much stuck with Firefox or Opera (using binary emulation).
lynx works fine for me. with some of the things that are being
suggested, isn't it easier to just change bank?
On Jan 18, 2008 8:12 AM, Jan Stary <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> http://openbsd.org/42.html#new says
>
> New piixpcib(4) driver for System Management Mode initiated
> speedstep frequency scaling on certain pairings of the Intel
> PIIX4 ISA bridges and Intel Pentiu
On 2008-01-18, Tony Abernethy <[EMAIL PROTECTED]> wrote:
> Alexey Vatchenko wrote:
>> On 2008-01-18, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
>> > On Thu, Jan 17, 2008 at 06:24:16PM -0700, Clint Pachl wrote:
>> >> If you want security, get rid of X.
>> >>
>> > Even if it's OpenBSD's X? The one
On Fri, Jan 18, 2008 at 05:17:26PM +0100, Rolf Sommerhalder wrote:
> Hello misc,
>
> after a successful upgrade of a X4100 M2 to the latest snapshot, the
> server fails to reboot after having issued the reboot(8) command as
> root. This was working fine before with the snapshot which was from
> e
Dude, you want a proxy with different user ACLs. This is not a browser thing
at all.
2 firefox profiles will do the same thing, each having a different proxy
user set. Hell have 2 user accounts on your entertainment box, and ssh -X
[EMAIL PROTECTED] when you want to bring up your secure account.
K
Dear gentleman,
i am starting with vlan topic right now. I am in need to get two dell
powerconnect 2724 switches to implement 3 vlan. I know how to
configure the ports for desktops, but i am having a hard time
configuring the port(s) that should interconnect the switches itself.
Since the traffic
Diana Eichert wrote:
> On Fri, 18 Jan 2008, John Nietzsche wrote:
>
>> Dear gentleman,
>
> Good thing you made this initial comment, it kept me from wasting my time
> explaining how to do this task.
>
> diana (who spent last night working on Cisco, Foundry and Netscreen gear.)
Maybe you stop t
Marc Espie wrote:
I have the beginning of a port of k3b. There are just a lot of things
in the realm of cd/dvd handling that need porting. It's not just a few
patches, and it will work.
That is a great news! I am sure that it is much more difficult than I
anticipated because of the way Ope
On Fri, 01 Feb 2008 17:51:06 -0600, Aaron wrote:
> ...When i update or upgrade my system, am i going to need to
> manually go back every time and recreate the steps to get my mail
> system working again? Does the openbsd-proto.mc get overwritten
> every time i update the source via cvs. I jus
On Fri, Jan 18, 2008 at 11:27:42AM -0700, Predrag Punosevac wrote:
> Marc Espie wrote:
> >I have the beginning of a port of k3b. There are just a lot of things
> >in the realm of cd/dvd handling that need porting. It's not just a few
> >patches, and it will work.
> >
> >
>
> That is a great news
Most of the replies are missing the point. You do not only want to
protect the rest of your system from your browser. You also want to
avoid your browser doing anything an attacker wants when he finds an
exploit in it.
If you try to solve the problem with virtualization, different users or
another
On Fri, Jan 18, 2008 at 07:56:34PM +0100, Marc Espie wrote:
Hi!
> It compiled, that's not too difficult to achieve, but it doesn't do anything
> yet.
I have working(its able to erase/write CDs and DVDs at least) port
of k3b(svn) for openbsd, it just needs little cleanup. I'll try to
finish it in
One other note, if your planning on doing any internet banking, your pretty
much stuck with Firefox or Opera (using binary emulation). Haven't tried ie
under wine on openbsd, it may work also.
Why? Because a lot of the internet banking sites are useless and while
things like konqueror load them, b
Hi,
I have a USB serial adapter that is recognized as
uftdi0 at uhub1
port 2 "FTDI FT232R USB UART" rev 2.00/6.00 addr 2
ucom0 at uftdi0 portno 1
I have a "Point View LR"
(http://www.pointsix.com/cgi-bin/PointSix.cgi?pointview) connected to it
but I can't get any data from it.
This is what
salz, mi-au suspendat contu de mail :(( nu sunt akasa, o sa iti dau noua
mea adresa, asta e a unei prietene. apropo uite un site nou al unui
tovaras, inregistreaza-te si tu, e un fel de hi5 www.limpa.ro pune-ti si
tu poza aici ca am si eu cont si ne dam voturi,comentarii etc hai k ne
mai auzim, cia
On Fri, Jan 18, 2008 at 11:27:42AM -0700, Predrag Punosevac wrote:
> Marc Espie wrote:
> >I have the beginning of a port of k3b. There are just a lot of things
> >in the realm of cd/dvd handling that need porting. It's not just a few
> >patches, and it will work.
I got that mostly straightened out
On Jan 19, 2008 5:04 AM, Jonathan Gray <[EMAIL PROTECTED]> wrote:
> Try this diff:
Great, that fixed it, thank you.
Now, will you commit it so that it will be included in a next snapshot?
On 19/01/2008, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
> As for the security record of popular browsers, this is the question.
> Is a browser with a long history of few security bugs more or less
> secure than a browser with a long history of many security bugs?
> Someone suggested that Dillo,
On 1/17/08, Juan Miscaro <[EMAIL PROTECTED]> wrote:
> I am using OpenBSD 4.2 as my WAP with a ral adapter. My wireless
> client is running Kubuntu.
>
> However, after a while the connection breaks completely and the only
> thing that rectifies the situation is a reboot on the serverside.
>
> I tho
73 matches
Mail list logo
