On Jan 5, 2008, at 7:48 PM, Ted Unangst wrote:
On 1/5/08, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
Is there anything that, bug-wise, could go wrong with that remote
browser that would be able to read or alter anything on the local
machine? I'm talking about using ssh's X forwarding features
On Jan 5, 2008, at 11:22 PM, Karthik Kumar wrote:
Secure by default. Ship with nothing and call it secure. Wow! Maybe it
shouldn't start the network by default, huh? Then that's secure, isn't
it? Start no daemons, start no shells: ZOMG!!! it's secure :P
Oddly, I find this more sensible than "s
On Jan 5, 2008, at 11:54 PM, Karthik Kumar wrote:
openvpn 2.0.x is in the ports: not by default. PF is not enabled by
default.
Deliberately ignoring the point doesn't make it any less relevant.
On Jan 6, 2008, at 1:28 AM, Karthik Kumar wrote:
Deliberately ignoring the point doesn't make it any less relevant.
I am saying that the secure by default doesn't hold because lots of
people use ports.
Most people do. Extending your UNIX system to make it work as you want
is a basic, and
On Jan 6, 2008, at 2:46 AM, Richard Stallman wrote:
Absolutely. FSF staff checked the BSD versions and told me what
found. I do not redo their work after they do it; I trust that they
did it well.
Their report about OpenBSD was accurate.
Except, sir, at some point, someone made a mistake. A
On Jan 6, 2008, at 11:09 AM, Good Good wrote:
Hello,
My ISP (free.fr) now proposes to me a native connectivity in IPV6.
I wish to implement this functionality on my network, that here:
SwitchFirewallISP BoxISP Network/
Internet
__ ___
On Jan 6, 2008, at 8:18 PM, Richard Stallman wrote:
By publishing it, and telling only me--not anyone who could fix
it--you made sure a day would go by when others know about the problem
but our sysadmins did not. It would have been better practice to tell
our sysadmins privately first, and give
On Jan 7, 2008, at 3:31 AM, Richard Stallman wrote:
If I understand that correctly, it means that OpenBSD does distribute
binary-only firmware, which isn't free. This would be a second reason
why I should not endorse OpenBSD. The systems I endorse try to
exclude such firmware.
Then, sir, you
On Jan 6, 2008, at 5:35 PM, Sevan / Venture37 wrote:
Alright Theo, where have you stashed the code??
http://www.allard.nu/pfw/pics/buynow.png
http://www.allard.nu/pfw/
Hmm. PHP5 based interface with the PF ruleset? Only thing it's really
missing is some method to manage interfaces, dhcp, et
On Jan 7, 2008, at 9:14 AM, Richard Stallman wrote:
> The evidence of this discussion shows that's not a good description
> for what I am saying. Many of the people on this list were told that
> I want OpenBSD to "erect barriers against" installing non-free
> programs. And their words show that t
On Jan 7, 2008, at 9:55 AM, badeguruji wrote:
Hello,
I figure that i will need to give some runtime arguments to
following commands for upgrading my fvwm installation. as per README
from fvwm package...
can someone tell me what is the right value for PREFIX and EPREFIX?
Since they are n
On Jan 7, 2008, at 4:05 PM, Eduardo Alvarenga wrote:
If you read here[1], you can notice that by paying $49, you can keep
on downloading PFW updated iso images ** UNTIL ** OpenBSD 5.0.
That's a lot of time IMHO :-)
[1] http://www.allard.nu/pfw/iso (How much is it and what do I get?)
It's his
On Jan 7, 2008, at 4:06 PM, Eduardo Alvarenga wrote:
If you read here[1], you can notice that by paying $49, you can keep
on downloading PFW updated iso images ** UNTIL ** OpenBSD 5.0.
That's a lot of time IMHO :-)
[1] http://www.allard.nu/pfw/iso (How much is it and what do I get?)
Oddly,
On Jan 8, 2008, at 8:05 AM, Sewan wrote:
Hi,
I have an apache-php website running on windows server 2003 port 80,
i have
correct rdr rules that pointing my web server, i can view website
inside my
LAN, but i can't view page outside of my network. I've checked all
dns- ip
settings, everyth
On Jan 8, 2008, at 6:29 AM, Douglas A. Tutty wrote:
I know that the FAQ says to just use dump to make backups but what if
you want a tape of a specific group of files for archiving? When last
did the dump format change? Since it reads the filesystem directly,
I'd
assume that its filesystem-
On Jan 8, 2008, at 7:29 AM, Douglas A. Tutty wrote:
However, if you have one directory you wish to put on tape, e.g. as an
archive of old OS .iso's (in case the origionals get scratched), as
far
as I know, you can't use dump (which is only for entire filesystems).
Or, is there any reason that
On Jan 8, 2008, at 1:15 PM, Douglas A. Tutty wrote:
Well, right now, I just do full backups. Incrementals get rather
tedius. Especially since they find new files but they don't notice a
file that has been deleted. So I don't need a list of what files
are in
which tarball but rather just wha
On Jan 14, 2008, at 12:09 PM, Nikns Siankin wrote:
If you get money from selling CDs/soft, its just clearly unfair to not
support it. Yes, I'm talking about stable ports.
Actually, the OpenBSD OS is supported. Your argument is pointless.
Stable ports are NOT supported because, well, it's not
On Jan 14, 2008, at 5:10 PM, Brian wrote:
--- Max Hayden Chiz <[EMAIL PROTECTED]> wrote:
Perhaps this problem is specific to my configuration (or specific to
DOCSIS cable modems). But if it makes Brian (or someone else's
problem) go away, then it is likely that this problem is not unique.
I
On Jan 15, 2008, at 1:35 AM, Stuart Henderson wrote:
On 2008/01/14 19:40, johan beisser wrote:
The hardware is a slightly loaded Soekris net4501 with 64mb of RAM
running OpenBSD 4.1 (GENERIC).
This will handle much more traffic if you upgrade to 4.2.
I thought the performance improvement
On Jan 15, 2008, at 9:34 AM, Stuart Henderson wrote:
I thought the performance improvement came from 4.1 with the
removal of per
packet interrupts.
http://www.openbsd.org/42.html
Huge performance improvements in the network stack, including:
# In pf, store routing table ID, queue ID etc direc
On Jan 15, 2008, at 5:23 PM, Brian wrote:
How are you testing for latency, so I can duplicate on my side?
When I was doing my tests, I was running a simple ICMP echo through
the default queue (what bittorrent runs in). Were I to test this
again, I'd probably run a full test using hping2/hp
Just a fast followup.
While pulling 133K down via BitTorrent I decided to run some tests
through the 4.1 firewall with hping. Nothing serious, just different
flags.
My queues, from pftop:
qo_tcp_ack priq 7 790K 49M 0 0
0 163 9939
qo_dns
On Jan 16, 2008, at 3:58 PM, Unix Fan wrote:
I notice a lot of people forward several ports when using
bittorrent
You know, It's not written in stone that you "need" to use more then
a single port...
The standard bittorrent client usually only handles a single port at a
time per ins
On Jan 17, 2008, at 3:36 PM, Frank Bax wrote:
Have you considered running the browser in a virtual environment?
Outside of virtualization providing snapshots, it doesn't do anything
to truly improve security.
On Jan 17, 2008, at 5:02 PM, ropers wrote:
It can be useful for (esp. junior) sysadmins who've hooked up a
monitor and keyboard to a server and are sitting in front of it to
administer it, and who may not be confident enough of their choices
without googling and reading through a number of pages
On Jan 17, 2008, at 5:37 PM, Douglas A. Tutty wrote:
However, there have been threads here detailing the recompilation
necessary for sendmail to handle SSL Auth (or whatever its called).
If
you have to recompile sendmail (as opposed to changing a config),
presumably you'd have to make the sa
On Jan 27, 2008, at 9:24 PM, Lord Sporkton wrote:
I am setting up a duel core server, the server will be doing 2 things,
firewall/routing and user-services
since my needs are pretty small for this server and its a duel 2.0
64bit i was hoping to sort of partition the cpus such that
firewalling/k
On Jan 28, 2008, at 11:46 AM, Lord Sporkton wrote:
what keywords should be be searching for?
i have no idea what this would be called?
Parallel processing.
Massively Parallel-processing Systems can usually have assigned CPU
usage.
I believe Solaris permits some level of CPU assignment, bu
On Jan 28, 2008, at 11:10 AM, Gilles Chehade wrote:
"RELEASE DECENT LINUX DRIVERS!"
I won't sign and I doubt it is a good idea to say to a vendor that
we want decent drivers
when this will only encourage them into providing blobs instead of
documentation.
The average user doesn't know the
On Jan 30, 2008, at 7:45 PM, scott wrote:
If MHz are the issue ... you can get SUN NETRA T1 machine off ebay
from
50-300$ depending on its age and ingredients. These used Netra's
range
from 400M-1.2G Hz. These are 1U units. They offer far greater
performance bang then x86's at at like MHz.
I've simply added in an overload rule to pf on my server. This has
helped significantly.
On Jan 31, 2008, at 11:11 PM, Chris wrote:
my logs are filled with useless ssh bruteforce attempts - is there
anything i can do to avoid logging random brute force attacks? since i
disallow ssh root logi
On Feb 2, 2008, at 6:32 AM, Wijnand Wiersma wrote:
I don't think bogons are able to complete the TCP handshake since you
don't know how to route back. Filtering those will not make sure there
are less log messages about ssh logins
Not entirely true. Bogons are not supposed to be routed, or
A) don't bother initializing a modem. Forget minicom. It's nearly
useless for what you're doing.
B) openbsd has a utility built in to do just these kinds of things:
"cu(1)"
C) to use cu(1) with a USB serial: "cu -l /dev/cuaU0"
On Feb 2, 2008, at 1:57 PM, Chris wrote:
On Feb 2, 2008 10
On Feb 2, 2008, at 3:17 PM, Chris wrote:
On Feb 3, 2008 9:27 AM, johan beisser <[EMAIL PROTECTED]> wrote:
C) to use cu(1) with a USB serial: "cu -l /dev/cuaU0"
I tried "cu -l /dev/cuaU0", "cu -l /dev/cuaU0 -s 9600" - it says
"Connected" after t
On Feb 3, 2008, at 9:12 PM, Ted Unangst wrote:
you still don't gain anything. what percentage of your traffic is
coming from unallocated space?
I'm not disagreeing with you in that it's wasted effort. It is. This
is why I personally use overload tables.
Your pass rule for the web server is screwed up, so it won't match.
The rule after it matches and should permit it to pass.
On Feb 3, 2008, at 10:31 PM, Bales, Tracy wrote:
# macros
ext_if="dc0"
int_if="dc1"
web_server="192.168.0.4"
# scrub
scrub in
# nat
nat on $ext_if from !($ext_if) to a
On Feb 6, 2008, at 5:45 PM, Need Coffee wrote:
Does anyone run OpenBSD on blade servers? I don't mean
"Sun Blade 150" kind of hardware, but rather blade chassis
with server blades (a la Sun Blade 8000, HP, Dell, etc.).
I've been running FreeBSD on an Intel blade chassis with varying
amounts
On Feb 22, 2008, at 5:32 PM, David Murphy wrote:
PS: another piece of info I left out is that my modem is a Motorola
Surfboard SB5120, and my cable ISP is Charter.
Does charter require PPPoE?
On Feb 22, 2008, at 8:19 PM, David Murphy wrote:
I'd be happy to provide any information requested. I'm quite new to
*BSD,
but I'm pretty well-versed in Linux, so tell me what you need, and
I'll
find it. If you need more information about the box than what I gave
at the
end of my first po
I
On Feb 23, 2008, at 1:26 PM, Chris wrote:
I have upgraded my 4.2-release to 4.3-beta. But I am a bit confused as
I cannot see snmpd.conf, relayd in /etc. However, I can see them in
/usr/src/etc/. When I login it says, 4.3-beta and uname -amp shows 4.3
I've been using mergemaster(8) to follow
On Feb 23, 2008, at 5:44 PM, Antonio Lobato wrote:
I know it is better to use 4.2, but it does not depends only of my
opnion,
I'm configuring the firewall for a customer, and now I can at most
make a advice.
Advise them to use 4.2. There are significant speed improvements to
pf, among othe
On Feb 23, 2008, at 6:29 PM, Jay Hart wrote:
I use bash as my shell.
I'm trying to set the bash prompt to display:
ttyC1 [EMAIL PROTECTED]
I've created a .bashrc in the users home directory (in this case
root), and
used the following line:
PS1="\l [EMAIL PROTECTED] #"
So, what happens w
On Feb 23, 2008, at 7:35 PM, Jay Hart wrote:
I've looked at or modified every file in roots and one users home
directory
without having the prompt displayed upon initial login. Once I
login, and run
'bash', the prompt will be displayed as I set it. This leads me to
believe
that I have an i
On Feb 23, 2008, at 2:54 PM, Mark Zimmerman wrote:
I just installed the latest amd64 snapshot and wanted to test some
packages. Firefox will not install due to a chain of dependencies
stretching back to glitz which requires libGL.6. The snapshot I
installed this morning has libGL.7. Since the sna
Did you configure STP, or are the switches figuring this out on their
own?
On Feb 24, 2008, at 1:09 PM, John Nietzsche wrote:
Dear gentleman/madam,
i was given 4 2724 dell powerconnect switches and only 6 patch cords.
Besides that, i was given a challenge to connect them each other
having a
On Feb 25, 2008, at 6:39 AM, Douglas A. Tutty wrote:
But if the switches don't know how to handle this setup, then
they'll go
crazy. I don't know if these switches can be told how to handle this.
They can. The Dell Powerconnect 2700 are basically rebranded Cisco
switches running CatOS.
On Mar 22, 2008, at 5:44 AM, Rico Secada wrote:
Hi.
A customer with very limited resources needs to set up a high
available
system running apache, mysql, postfix and dovecot and I have gotten
the
task.
it's doable, but the unanswered question is what do each of these
components have to
Hmm. Gotta review CARP again, it seems. When did this go in?
On Mar 23, 2008, at 2:29 AM, Ryan McBride wrote:
On Sat, Mar 22, 2008 at 10:49:26AM -0700, johan beisser wrote:
I would like to reach a state, if possible, in which load
balancing is
performed, but at the same time, if one machine
On Fri, Aug 8, 2008 at 2:39 PM, phoenixcomm <[EMAIL PROTECTED]> wrote:
> hi gang,
> I have a OpenBSD transparent bridge running (pf)!!! Best firewall yet..
> PROBLEM (Beware my stupid light is light. :-O any way. a few months ago I
> upgraded my login password from 8 chars to 10, and then promptly
On Fri, Aug 8, 2008 at 2:59 PM, phoenixcomm <[EMAIL PROTECTED]> wrote:
> Hi Gang,
> well heres my 3 cents,
> first why use a stupid PC (any os) for routing.. REALY BAD jue,jue brake
> down and buy a old Cisco 7200, 7500, 3600 they are all very good routers, I
> used a 7500 for a while and now
On Thu, Aug 14, 2008 at 11:14 AM, skogzort <[EMAIL PROTECTED]> wrote:
> Hello,
> Ib m trying to copy all the contents of "/root/var/namedb from a remote
> OpenBSD3.8 DNS server to my local PC. I am using WinSCP for file transfer. I
> have found that I am unable to download some of the directories:
On Thu, Aug 14, 2008 at 1:15 PM, Pedro Martelletto
<[EMAIL PROTECTED]> wrote:
> You're all apparently missing out on a great tool called "GHome Mover"
> (http://www.brookepeig.com/ghomemover/). I know the guy said he is
> logging in from remote, but it is definitely worth the effort having X
> ins
On Sat, Aug 16, 2008 at 12:37 PM, David Newman <[EMAIL PROTECTED]> wrote:
> Is there some other way to install ports across machines?
You'll have to either map the root user (-maproot=user) in exports(5),
or build the package (see ports(7)) on the build system, then install
it via pkg_add(1) on t
On Sat, Aug 16, 2008 at 2:33 PM, Travers Buda <[EMAIL PROTECTED]> wrote:
> Are they protecting DefCon from the internet or the internet from DefCon?
Does it have to be one or the other?
On Thu, Aug 21, 2008 at 2:39 PM, ropers <[EMAIL PROTECTED]> wrote:
> http://www.openbsd.org/cgi-bin/cvsweb/src/?sortby=";> style="position:absolute;top:10px;font-size:150pt">Only 2
> Remote bugs
I find it more amusing that it's just injecting HTML in to what's
being rendered. CVSWEB has a bug.
On Aug 28, 2008, at 12:48 PM, Vadim Zhukov wrote:
ifstated(8) + ifconfig(8) (see "-M" option of ifconfig)?
Interestingly, I had a script that would use "ifconfig -M" to figure
out which AP it should use, sorted by rank (first match) and avoiding
using generic or brand names. No match, and
On Aug 28, 2008, at 4:06 PM, Nick Guenther wrote:
The trouble with that is that these days you rarely want to just
connect to the first open wifi you see (and most wifi isn't open
anyway).
Well, admittedly, it'd have to be rewritten and revised anyway.
Ifstated(8) didn't exist the last time
I've been poking around the Misc archives, and haven't seen anything
related to solving this specific issue, at least with my own preferred
router software: OpenBSD.
So, while researching on implementation details for a community
wireless system, I found out about Hazy-Sighted Link State Ro
As a rule, anything not in base is installed to /usr/local. Take the
time to make sure your library isn't already in ports (or a package)
before installing it.
I've recently taken to putting my own packages and manually compiled
binaries under /opt/local. It's non-standard, but works for me.
-jb
On Sep 1, 2008, at 11:44 AM, Khalid Schofield wrote:
Hi,
I'm running openbsd 4.0 (yeh old I know but it's a vital system that
I'm replacing but it processes data that makes a lot of money).
Better replace the disk tomorrow, then. Or, implement the software on
a new system, and take the hit
On Sep 2, 2008, at 10:08 AM, Stefan Sczekalla wrote:
I'm somewhat uncertain on how NAT behaves especially on nearly
concurrent rules.
e.g.
assumption: ( ext_if has two addresse e.g. 82.100.200.1 and and ALIAS
82.100.200.2 )
nat pass on $ext_if form $internal_networks to 192.168.47.11 ->
82.10
On Sep 4, 2008, at 12:23 PM, Redd Vinylene wrote:
I was quite shocked today when I heard I could use pf to block
against DDoS
attacks, using Stateful Tracking Options,
http://www.openbsd.org/faq/pf/filter.html#stateopts.
But does anybody have any nice setups of this they'd want to share?
I'd
Hell you say. I wear glasses and have been punched. Hard. In the face.
Good to know I'll be immune from you.
On 9/10/08, Aaron Glenn <[EMAIL PROTECTED]> wrote:
> On Wed, Sep 10, 2008 at 7:56 PM, STeve Andre' <[EMAIL PROTECTED]> wrote:
>>
>> How about people with severe physical problems? I know
On Sep 12, 2008, at 1:16 PM, Stuart Henderson wrote:
Wait, how do you know someone is typing a password inside the session
and not just writing a text file or typing arbitrary commands?
e.g. when eve's machine that's hijacking the network packets picks
up an outgoing SSH connection.
I'm not g
On Sep 12, 2008, at 7:02 AM, Kevin Neff wrote:
Thanks for all the comments. I think we're all pretty much on the
same
page.
First order of business is to look at how much of a weakness this
may be.
Then, implement several potential solutions. Finally, test to see
if the
"fixes" improve
On Sep 12, 2008, at 2:28 PM, Stuart Henderson wrote:
On 2008/09/12 14:05, johan beisser wrote:
I'm not going to say "It's impossible." It's not. How about "really
highly unlikely" that Eve will pick up enough useful signal to
decrypt
which letters are b
On Sep 12, 2008, at 2:28 PM, Stuart Henderson wrote:
On 2008/09/12 14:05, johan beisser wrote:
I'm not going to say "It's impossible." It's not. How about "really
highly unlikely" that Eve will pick up enough useful signal to
decrypt
which letters are b
On Sep 12, 2008, at 3:12 PM, Philip Guenther wrote:
On Fri, Sep 12, 2008 at 2:05 PM, johan beisser <[EMAIL PROTECTED]> wrote:
This about security. Being realistic means *not* being optimistic
that extracting data will be "too hard", "too unlikely", "only
applic
On Sep 12, 2008, at 4:08 PM, Damien Miller wrote:
There is no reason to believe that keystroke timing attacks will be
impossible against protocol 2 where they work against protocol 1.
They might just be a little more tricky.
I don't think I discounted an updated version of this attack against
On Sep 12, 2008, at 6:41 PM, Darrin Chandler wrote:
On Fri, Sep 12, 2008 at 05:42:08PM -0700, johan beisser wrote:
It's just a improbable attack. One that's easily defended against by
maintaining the interactive shell/echoback and simply push additional
Was it you who said earlie
On Sep 12, 2008, at 9:43 PM, Darrin Chandler wrote:
I'm saying what he's wanting to prevent - Eve watching input and
output to
figure out passwords, based on keyboard timing and typing patterns
- isn't
really an easy attack for Eve to accomplish without a huge amount
of data
being coll
On Sep 13, 2008, at 3:21 AM, Toni Spets wrote:
What about some known patterns like "screen (-r)" from the start of
every session for example in an IRC shell where most people do that
first? Could it be used with lots of data to crack open future
sessions?
I would say "yes it's possible. B
On Sep 13, 2008, at 5:49 AM, steve szmidt wrote:
Yes, the US had it for a while but a recent ruling has reversed that.
Really? I never heard of it ever being passed in the first place.
If it's the case I'm thinking of, the key couldn't be compelled from
the guy due to how they were trying t
It's always time for that hat.
On 9/19/08, Stuart VanZee <[EMAIL PROTECTED]> wrote:
>> From: Ted Unangst
>> Sent: Friday, September 19, 2008 1:12 PM
>> Cc: Misc OpenBSD
>> Subject: Re: NSA Resources For Rapid Targeting and Routing Analysis
>>
>>
>> On Fri, Sep 19, 2008 at 12:38 PM, Doug Milam
>> <
On Sep 26, 2008, at 9:16 PM, Steve Shockley wrote:
I'm running -current from September 9 on a Dell SC440. When I try
to do
a bulk ports build using dpb, it runs for a couple of hours and hangs.
The console screen is blank and doesn't respond to keyboard, but I can
still ping the machine. If
The board's PCI slot has to be molded to support it. If not, a dremmel
and a little precision will permit the card to sit in the slot with no
problems.
Shave a few mm off the PCI slot's side, don't cut the card.
.
On 10/16/08, J.C. Roberts <[EMAIL PROTECTED]> wrote:
> On Wednesday 15 October 2008
Either switch to passive ftp, or open your ftp-data port.
That should solve some of your problems.
On 10/16/08, Kendall Shaw <[EMAIL PROTECTED]> wrote:
> I get no reply when I try to subscribe to the pf mailing list, so I'll
> ask here. I'm running OpenBSD 4.3 stable on amd64. I use what is in t
On Oct 16, 2008, at 1:59 PM, Jose Fragoso wrote:
So my question is: what is the best way to deal with this
kind of situation. Should I reduce the value of whiteexp ?
Has anybody thought of way of cleaning such road-warrior
addresses on a daily basis ? To be fare, these address
should not stay in
You know ssh will compress what goes through its tunnel to begin with, right?
So, you can eliminate at least one command there..
On 10/17/08, Girish Venkatachalam <[EMAIL PROTECTED]> wrote:
> On 17:29:56 Oct 17, Mike wrote:
>> >
>> > will work out much faster and better than plain old dd(1).
>>
On Oct 18, 2008, at 2:23 AM, Matthew Dempsky wrote:
I know, but I understood "ssh will compress what goes through its
tunnel to begin with" to imply this is the default behavior. Maybe
Johan meant "can" instead of "will."
You're right, I did. Sorry for the confusion, I was typing on the
bla
Problem 1: you're asking about FreeBSD on an OpenBSD mailing list.
Problem 2: this list has standardized on English, since that is the
common language for most (if not all) of the developers.
Problem 3: misc@ doesn't really support minicom directly. Someone may
be able to help you anyway, though.
No need to appoligize. If you ask in English I'll do my best to help
you out. I've been using Soekris hardware for a while now.
My french, for what it's worth, is so bad I didn't try too hard to
read yours, so the person who should appoligize is me.
And I was right in guessing that your English i
On Oct 28, 2008, at 4:11 PM, Stevoid wrote:
I've burnt the various *.iso files to CD but my laptop doesn't
recognise
them as bootable but I know whet work. I've begun the installation
process
on several machines using these disks and they work.
Are you 100% certain you burned the iso as an
Interesting. I had this problem on an IBM 600x, but due to the age of
the hardware assumed it was some quirkiness with its ACPI/apm
implementation.
In the end, I had to use a Windows install to manage the IRQs to stop
a conflict between sone subsystems. It helped make the keyboard freeze
less ofte
On Nov 3, 2008, at 11:28 AM, elflord woods wrote:
hello
i've just installed 4.4 and answered yes during installation for the
default
start of sshd
yet the sshd didn't start after reboot
and then i add enable_sshd=YES in /etc/rc.local
but then it complains that it could not load host key
A
On Nov 7, 2008, at 9:44 AM, Dave Anderson wrote:
Network configuration has bugged me a bit ever since I started using
OpenBSD, not just the real security issue that Harald Dunkel points
out
but general ease of administration issues. For example, on a typical
single-NIC system one ought to be
On Nov 8, 2008, at 4:21 PM, Alfredo Perez wrote:
On Sat, Nov 08, 2008 at 04:00:23PM -0800, johan beisser wrote:
On Nov 8, 2008, at 3:34 PM, Alfredo Perez wrote:
Hi
I have the following configuration
router/firewall <--- OPENBSD BOX <- Wireless switch
I'm confused. Wh
On Nov 8, 2008, at 3:34 PM, Alfredo Perez wrote:
Hi
I have the following configuration
router/firewall <--- OPENBSD BOX <- Wireless switch
I'm confused. Why isn't the OpenBSD box the router/firewall?
nat.conf shows
nat on rl0 from dc0/24 to any -> rl0
nat.conf? Do you mean pf.con
On Nov 11, 2008, at 5:38 PM, igor denisov wrote:
???
Would you tell me for sure what ports http, ssl, https, X, and lpt
runs
on, as well as daemons for them?
Why? These are all documented already. Look at /etc/services and man
pages.
Check your bind config. It's likely not configured to respond to
non-local network IP addresses.
On 11/15/08, Vivek Ayer <[EMAIL PROTECTED]> wrote:
> Hey guys,
>
> Need some help with DNS queries behind a router. I set up a DNS server
> in my network and it responds when I'm within my network. I
It may not work with the release version of 4.4. Upgreade to a
snapshot and cross your fingers.
On 11/16/08, Tony Berth <[EMAIL PROTECTED]> wrote:
> On 11/16/08, Stephan Andreas <[EMAIL PROTECTED]> wrote:
>> Am Sonntag, 16. November 2008 18:32:55 schrieben Sie:
>>> Dear Group,
>>>
>>> I just rea
Did you turn off chroot?
Also, why is "Starting Pure-FTPd" in the log?
On 11/16/08, Andrei Pirvan <[EMAIL PROTECTED]> wrote:
> Hello
>
> The problem I have is that default apache can't load PHP module. PHP
> was installed from packages (php5-core-5.2.6.tgz), so here is nothing
> custom made. The
PoPToP is in ports.
On 11/17/08, jul <[EMAIL PROTECTED]> wrote:
> Hello
>
> has someone setup a vpn tunnel between openbsd and an iphone ?
>
> it seems ipsec part is strictly limited to "cisco ipsec" with a user
> account/password so not good for us.
> Else there is pptp and l2tp but i'm not sur
On Fri, Jun 22, 2012 at 5:57 AM, Eric Furman wrote:
> So what is wrong with perl??
> It is nearly a standard in the UNIX Admin world.
It's a terrible language, and you should feel terrible for using it.
You're confusing a SOCKS proxy with a HTTP proxy. They are not the same thing.
Sent form my iFoe.
On Jul 18, 2012, at 16:07, Paolo Aglialoro wrote:
> @Abel
>
> I've had a look at dsocks page, the "instructions" are kinda criptic but
> just did something this way:
>
> # ssh -D 1080 user@sshdhost
On Mon, Jul 23, 2012 at 9:01 AM, Wojciech Puchar
wrote:
> http://www.gwebtools.com/ns-spy/
>
> Anyone know from what data does it get such an info? By scanning every
> possible registered domain ?
Legal? I don't know. Ask a lawyer who specializes in these things.
They exist. My assumption is "yes
I've hit a bit of a wall digging around getting L2TP working with OpenBSD 5.1.
I've enabled pipex in kernel:
# sysctl -a | grep -E '(pipex|gre)'
net.inet.gre.allow=0
net.inet.gre.wccp=0
net.pipex.enable=1
Before anyone asks, yes, I had GRE enabled as well. But, I'm not
looking to run PPTP via npp
t;
> On Wed, 15 Aug 2012 09:11:06 -0700
> Johan Beisser wrote:
>> I've hit a bit of a wall digging around getting L2TP working with OpenBSD
5.1.
>>
>> I've enabled pipex in kernel:
>> # sysctl -a | grep -E '(pipex|gre)'
>> net.inet.gre.allow=
Yep, that was exactly it.
Thank you, again.
On Aug 15, 2012, at 16:01, YASUOKA Masahiko wrote:
> Hi,
>
>> real.local.concentrate: tun0
>
> this should be
>
> realm.local.concentrate: tun0
>
> I hope this will help you.
>
> --yasuoka
>
> On Wed,
101 - 200 of 253 matches
Mail list logo
