Re: undeadly dead

27;ve been thinking its a prob with my net connection cause sometimes > i don't get some selected sites. seems it is down for some reason :-( > > kind regards > > Siju > -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of Alberta True Evil hides its real intentions in its street address.

Re: links vs firefox vs ..

anking. Should support > java script and ssl... > > > > > Sell on Yahoo! Auctions  no fees. Bid on great items. > http://auctions.yahoo.com/ > -- Bob Beck C

Re: To secure WiFi networks

; That was a specific answer to a specific question. > > the above reply is not meant to imply wireless security issues "don't > > matter". IF the question is, "How do I keep people out of my wireless > > network", or "how do I keep them from sniffing inter

Re: Writes to samba server very, very slow (SOLVED)

3: ns16550a, 16 byte fifo > >fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 > >fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec > >isapnp0 at isa0 port 0x279: read port 0x203 > >sb1 at isapnp0 "Creative SB AWE64 PnP, CTL0042, , Audio" port > >0x220/16,0x330/2,0x388/4

Re: spamd greylisting, masking on /24

based) don't list networks with a common spool unless more than a /24 > is involved (there are some /24 listed with other factors requiring > whitelisting, e.g. unique sender addresses per delivery attempt). > -- Bob Beck Computing and Network Se

Re: spamd greylisting, masking on /24

Henderson <[EMAIL PROTECTED]> [2005-07-27 18:12]: > --On 27 July 2005 13:50 -0600, Bob Beck wrote: > > > You really do not need to do this in spamd. Do it in pf. > >table persist file "/etc/mail/nogreylist" > > Been doing that for months, but it takes qu

Re: 1U server recommendation

with Smart Array 6i. The dl360 looks like it fits the bill but I > have had problems in the past with the smart array on older DL class > boxes. The server(s) will be used for web shell and sftp services > under medium loads. Thank you. > > -mb > -- Bob Beck

Re: 1U server recommendation

* Marco Peereboom <[EMAIL PROTECTED]> [2005-07-27 19:52]: > I run heaps off Dell PowerEdge 1550, 1650, 1750 and 1850 without issues. FWIW I also run a pile of dell 650, 750, 1650, 1750 machines with good success. I use the ami builtin for raid on the 1650 and 1750 with good success running

Re: 1U server recommendation

> At work I don't really have a choice -- we can either buy Sun or > Dell, or spend weeks justifying not using the approved vendors. > Then my reccomendation under your supported hardware agreement is exactly what I use: sun V20Z server Dell Perc4/DC raid card

Re: OpenBSD vs FreeBSD (network performance)

> Btw. FreeBSD is doing bind so fast because they have random ephemeral > ports disabled by default. Translation for those who don't get that: They sacrifice security for performance by default, making many tcp attacks easier. They then have a knob to turn on better security. -Bo

Re: 1U opteron servers from tier-1 vendors?

> Have anyone bought any servers from a Tier-1 (ibm, hp, dell[1]) recently > that is opteron based, that works fine with openbsd? The IBM's I bought are all 325's, I will have a 326 shortly. > > Additionally, any success with hardware raid? I realize you can use > non-onboard PCI cards, b

Re: 1U server recommendation

* Shawn K. Quinn <[EMAIL PROTECTED]> [2005-07-28 14:58]: > On Thu, 2005-07-28 at 17:36 -0300, Gustavo Rios wrote: > > Why do you say that? performance and security implications > > amd64 supports W^X in hardware, i386 doesn't. > Bingo. You got it. -Bob

Re: 1U server recommendation

> That is not a valid security reason. Sorry. > Hogwash. It is when the machine doesn't run OpenBSD. Not all of mine do. and I don't count on *any* vendor other than OpenBSD doing anything like W^X on i386. (i.e. solaris, windows, etc.) I do expect in the next year or two we will see stu

Re: Is there a problem with multiple catp interfaces on one net?

* stan <[EMAIL PROTECTED]> [2005-07-29 14:12]: > I've been off and on fighting a problem with the "carp0 incorrect hash" > error message on 2 mahcines I'm trying to set up. I replaced the network > cards in question, check cables, swithces aet all. Verified passwords etc. > > Today finally I notic

Re: Ammunition needed to defend OpenBSD/pf

rce code you can not only look at, but > modify if you're so inclined. ... and it doesn't fall over and die under load. -Bob -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of

Re: SCSI RAID cards for 3.7?

t; > > > > > -- > > J.D. Bronson > > Information Services > > Aurora Health Care - Milwaukee, Wisconsin > > Office: 414.978.8282 // Fax: 414.314.8787 > -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of Alberta True Evil hides its real intentions in its street address.

Re: Dell PowerEdge 750 SATA

r a price that is in the same ballpark, you should go with the 1850s. > They've got faster PCI buses that'll be a big help: > >PE750: >1x 64-bit/66Mhz PCI-X >1x 32-bit/33Mhz PCI > >PE1850 >1x 64-bit/133Mhz PCI-X >1x 6

Re: authpf-like functionality via a web interface?

* Andy Bradford <[EMAIL PROTECTED]> [2005-08-02 21:36]: > Thus said "Barry, Christopher" on Tue, 02 Aug 2005 18:43:56 EDT: > > > Authpf seems to do this via ssh, but I'll need to service non-ssh > > equipped sales folk, etc. Is there a project around that provides this > > functionality, or w

Re: software testing

doing my tests, or > 1) do himself the test. > > Thanks a lot for your time and cooperation, > > best regards. > -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of Alberta True Evil hides its real intentions in its street address.

Re: Via C3 IPSec test result

c.theaimsgroup.com/?l=openbsd-cvs&m=111859519015510&w=2 > > Is actually that one hlt hlt bug ? > > -- > Massimo.run(); > -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of Alberta True Evil hides its real intentions in its street address.

Re: Soekris & OBSD as servers

towards specific tasks (typically networking, not > > user management, databases, web serving, etc. etc.), and can run > > OpenBSD or other operating systems. > > > > If you have this firmly in mind already and I'm just misparsing your > > English, my apologies. > >

Re: authpf doesn't seem to be creating user_ip

* Ray Percival <[EMAIL PROTECTED]> [2005-08-08 12:17]: > I have the following pf.conf and authpf.rules. When I try to load the rules > into the anchor I get > > authpfbob# pfctl -a authpf -f /etc/authpf/authpf.rules > /etc/authpf/authpf.rules:3: macro 'user_ip' not defined > /etc/authpf/authpf.r

Re: what is next? 3.10 or 4.0???

* Bryan Brake <[EMAIL PROTECTED]> [2006-03-03 13:39]: > if the x.x.x versioning is followed 4.0 would mean > there is a major upgrade to the OS, while 3.10 is > minor updates. > Why would 4.0 mean that? where does it say that. Unmitigated horseshit - and OpenBSD release is an openbsd rel

Re: question about spamdb -a

* frantisek holop <[EMAIL PROTECTED]> [2006-03-07 03:15]: > hmm, on Mon, Feb 27, 2006 at 03:12:14PM -0700, Bob Beck said that > > because you're only added the whitelist entry, not deleted > > a grey one. > > > > The grey entry is harmless, it will

Re: hardening openbsd firewall

* Joachim Schipper <[EMAIL PROTECTED]> [2006-03-08 12:13]: > 1. Use sudo exclusively - set an empty or nonsense root password Stupid - if there is only one user with sudo-ability then this is the same as just having root. if there are more, there are now two passwords out there to g

Re: fxp driver crash!

* Alex Feldman <[EMAIL PROTECTED]> [2006-03-17 09:10]: > Hi overone, > > I install fresh Openbsd 3.8 and i got fxp driver crahsed couple time on my > machine. > I found number of email on internet about the same crash at > > >pool_get > >fxp_add_rfabuf > >fxp_intr > Is this the cras

Re: why is 'passwd' located in /usr/bin instead of /bin?

Because passwd is actually a big old command that uses lots of shared libraries. - and may use other network calls, such as yp or kerberos. commands in /bin are staticly linked. The short answer is if you want to do things like vi or passwd in single user mode - mount /usr - it's

Re: Will BGP be obsolete soon?

> 1) Will BGP get obsolete soon? if so in what time frame? ( Just > wondering if Henning's, Claudio's and Esben's work on OpenBGPD will be > of little value in the comming years) > > 2) Henning used say about Theo motivating hime to write OpenBGPD, so I > wonder why Theo did not ask them to write

Re: old libs removal

If you do this - any apps which are linked against the older versions will likely stop working. the reason "upgrade" leaves them lying around is so that your applications which were built using an older version of the OS will continue to get the correct share library.

Re: /emul size

Caveat emptor - hope it's not a high security application. With that out of the way, I never put in in /emul - I put it in /usr/local/emul and I ln -s /usr/local/emul /emul Having said that on my linux-emul-infected-machine that currently holds about 100MB of redhat pack

3.9 Release Available

ill helped us with our goal of improving the quality of the software. Our developers are: Aaron Campbell, Aleksander Piotrowski, Alex Feldman, Alexander Guy, Alexander von Gernler, Alexander Yurchenko, Alexandre Anriot, Andreas Gunnarsson, Angelos D. Keromytis, Anil Madhavapeddy, A

Re: 3.9 build on AMD64

* Ed V. <[EMAIL PROTECTED]> [2006-05-01 12:34]: > Install from "bare metal." > > Install completed without errors. What did you install? a snapshot that you are now attempting to build 3.9 overtop of? -Bob > > CVS checkout of '-r OPENBSD_3_9' from 'anoncvs3.usa' was successful

Re: Compilers make a system less secure?

In my experience it's simple. Generally speaking, not installing a compiler makes the system less secure. Why? real easy. Most systems I have ever seen without a compiler has software running on it that is behind on it's updates. When you ask the system administrator why, it is "Oh I don't

Re: www.openbsd.org defaults to Japanese

you've been redirected elsewhere? Sure doesn't here. -Bob * Tan Dang <[EMAIL PROTECTED]> [2006-05-02 18:04]: > Any reason why www.openbsd.org displays Japanese by default now? > > Tan > -- | | | The ASCII Fork Campaign \|/ against gratuitous use of threads. |

Re: patch validation

* [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2006-05-02 20:07]: > yea. i'll keep that in mind. too bad it doesnt work in an audit. (Ahem) horseshit. If you as your regular business practice set up a procedure that the admins keep notes on a system and documents whenever fixes are applied (t

Re: OpenBSD alternative for Bruce Schneier's "password safe"

> How do you people store passwords in OpenBSD if you have so many of > them and would need to copy one of them to a password prompt while > others are aroud you watching your screen? (ahem) I simply wouldn't do this. it's stupid. > > I know I ca encrypt password files but when I decryp

Re: Any recommendations on Dell servers for use with openbsd?

Most dell stuff works very well. there are few gotchas at the moment - but it depends what you are buying ,(machine, raid, switches, disk, san, etc.) -Bob * kyle <[EMAIL PROTECTED]> [2006-05-15 11:03]: > Hey all, > > I want to purchase some new gear, and I need to purcha

Re: 3.9-STABLE make build crash

you're trying to build stable from a -current machine. -Bob * edgarz <[EMAIL PROTECTED]> [2006-05-16 08:14]: > What might be a wrong? > Here is a last line from "make build" output > > cc -o kdc 524.o config.o connect.o kerberos5.o kerberos4.o log.o > main.o misc.o print_vers

Re: 3.9-STABLE make build crash

9 cureent, snapshot from last february > or first march dates, then i upgrade it to 3.9 release. Now upgrading to > STABLE. Kernel compiled without problems, now i'm trying to "make build" > and got those errors. > > Bob Beck wrote: > > you&#x

Re: vlan router problems

... Marlon Brando's weight in diamond studded platinum.. Hey, I resemble that remark... Get the right metaphor for the right developers.. Stella! -Bob

Re: mfi

I should buy a few of these :) -Bob * Marco Peereboom <[EMAIL PROTECTED]> [2006-05-18 17:13]: > I just enabled the mfi driver (LSI/Dell MegaRAID SAS) in GENERIC on i386 & > amd64. > > I could use some test reports from the field concerning this controller. If > you have one ple

Re: they say openbsd is not as scalable as others

> i read somewhere that openbsd is not as scalable as other OS. this atricle, > for example. http://www.serverwatch.com/sreviews/article.php/3415651 I read somewhere that Windows was more Scalable tha linux too. I'm sure you should go run that. -Bob

Re: keeping spamd's whitelist over a rebuild

* Fred Crowson <[EMAIL PROTECTED]> [2006-05-26 02:31]: ... > man 8 spamd-setup not doing it? > > with a line like: > > table persist file "/yourspamdwhitelocation/spamd-white" > That doesn't do the same thing. he wants to keep his 30 day whitelist. you are turing it into a permanent o

Anyone with a SCSI tape changer with a barcode reader in Calgary?

Also for something that is being worked on at the hackathon we could really use a SCSI tape changer with a barcode reader, and at least a few tapes with barcodes on them. If anyone might have this in Calgary, please contact me or theo off-list. Thanks, -Bob Beck

Re: LinuxWochen Wien May 31 - June 2, 2006, Austria

* Wim Vandeputte <[EMAIL PROTECTED]> [2006-05-28 22:45]: > Hey, > > just a quick heads up that we'll be at LinuxWochen in Vienna this week, > I'll be there Wednesday noon to Sunday, drop by to say hello. LinuxWurstchen?

Re: Spamd log question

That would be correct. -Bob > What would the remainder be then if 16 out of 17 are black. Is the remaining > 1 a greylist connection? > > > > Darrin Chandler wrote: > >On Wed, May 31, 2006 at 10:31:18PM -0400, Mike Spenard wrote: > > > >>I can't seem to find an explanation f

Tape Changer ch(4) and Tape st(4) support changes - and hardware needed

A lot of work has been done by myself and krw@ at the hackathon to improve support for st(4) and ch(4) devices. In particular we have fixed up support for tape and changer devices so that opening a scsi tape device should be much more reliable (an open of the tape device should acutally mou

Re: complex.h under OpenBSD

> > > Do you know where can I get the complex.h file, or please can you point > > > me in the right direction? I am puzzled now. What you posted is not a C program it is a C++ program. If you actually use the C++ compiler it works fine. You don't need to "find the header file" if you actua

Re: Time limited internet connection

On Saturday, September 24, Kiraly Zoltan wrote: > I want to build a home network using OpenBSD as gateway. A child in > network have a computer, and like to surf the Internet. I want to drop > her Internet connection at night (11:00AM) because the child don't go to > sleep. > > I don't want to

Re: One time passwords?

Why?. Why why why why why If you're going to trust the untrusted machine anyway running a virus run-time environment just google for putty, download and run it. Having said that I'd never log in from crap like that. your risk of getting nailed by a keylogger or garba

Re: One time passwords?

> I don't like the idea of logging in from an unknown host, but I > might have to. I'd like to think the above plan is reasonable, > but as always, am open to criticism. :) > My criticism is as before: "have to" - versus $99.00 laptop on ebay - if you can't afford that you're e

Re: One time passwords?

> Keylogging I understand fine... What do you mean by followed in? > Honest question - I thought with a one-time challenge like skey, > you'd be fairly safe? The man page doesn't mention any such > risk, nor does the FAQ. I am completely uneducated on skey, as > I've simply never had a need for

Re: PF story, happy ending.

n I'd like to have had when I started > my troubleshooting process. > > So now my buddy, realizing it was one of his Windows systems, becomes very > contrite and apologizes for interupting me at the office. > > diana > -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of Alberta True Evil hides its real intentions in its street address.

Re: track release cycle by mumber of whiny posts to misc@

* [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2005-10-19 13:08]: > Quoting Diana Eichert <[EMAIL PROTECTED]>: > > > Perhaps I should post a URL for a plot of whiny posts vs. worthwhile > > posts over time. > > A Signal to Noise Ratio of sorts? We could measure it in decitrolls! > Just make s

Re: congrats on OpenBSD SAN... one little question

> i can certainly see how this would be annoying from a > scalability standpoint, but how often are you changing user > storage limits? it would, however, be most convenient to just > have one huge-ass partition :). > Annoying from a scalability standpoint? gimme a break. one huge filesy

Re: tar(1) problem with long file names.

directories, there's often longer file names than 100 characters. So doing > backups or transporting the files is slightly difficult. > > Thanks. I'm using 3.7-STABLE. > > - Eric > -- Bob Beck Computing and Network Services [EMAIL PROTEC

Re: Limiting Shell Access Damage (was Guruness)

Everything said to this point is very good... > > A typical attack vector, however, for 1000+ account sites is a > compromised account. You can assume at least 5 per 1000 accounts are > compromised or have easily guessable passwords. Those will not heed your > policy forms whatever you

Re: spamd extension

spamdb -a `spamdb | grep '<[EMAIL PROTECTED]>|<[EMAIL PROTECTED]>' | cut -d '|' -f 2` -Bob * James Harless <[EMAIL PROTECTED]> [2005-10-25 15:50]: > I would like some advice on extending spamd functionality. I'm not > sure the best approach to this problem. > > Problem: > > I administ

Re: spamd extension

based on user > input.. before their initial email has been sent. In this somewhat typical > scenario, the user has contacted me and said "I don't want mail from > [EMAIL PROTECTED] to be delayed... whitelist them, please." > > --James > > On 10/25/05, Bob Beck &

Re: spamd -s option

gt; In the source to to spamd, specifically spamd.c , I see that the > maximum value of the -s option is 10 (seconds). > > What is the reason for this please? Anyone know or hazard a guess? > > Thanks. > > Tim > > -- > Email: [EMAIL PROTECTED] > W

Re: perl interface to pf?

* Marco Peereboom <[EMAIL PROTECTED]> [2005-11-01 10:11]: > This is the weirdest thing I have heard all week. > > On Tue, Nov 01, 2005 at 08:36:59AM -0800, John N. Brahy wrote: > > Is there a perl interface to pf? > 8< #!/usr/bin/perl if ((not 0 && not 1) != (!0 && !1)) { print

Re: perl interface to pf?

> But, I need it in Ruby said the Whiney User. > But I think Mauve has more RAM.

Re: what am I missing? -sparc64

It's there on the ones I look at. Try a different mirror, the one you are trying may not have it all yet. -Bob * Bob Ababurko <[EMAIL PROTECTED]> [2005-11-01 10:50]: > I was excited to install the new 3.8 this morning and looking at all of > the ftp servers I could log into, I d

Re: FYI: new mailing list anti-spam measures

Thank you. -Bob * Todd C. Miller <[EMAIL PROTECTED]> [2005-11-06 07:28]: > After talking to some folks who would be negatively impacted by > this I've decided to drop the dial-ups blacklist and hope that > greylisting catches the bulk of the spam (which for most compromised > win

Re: FYI: new mailing list anti-spam measures

This is horseshit. the SORBS dialup list is inaccurate as hell. it includes my legitimately purchased static business IP's. They are not dialups, and it is impossible to get SORBS to correct it. It also includes my ISP's mail server, and in any case relaying mail through a smarthost such a

Re: su on 3.8 soekris

u're missing something here. after making /etc/group have those entries in it, did you log out of "admin" and log back in? i.e. show us the shell output of something like this, as user admin: $ groups beck wheel $ su Password: # The "groups" command tells you

Re: pf and cable modems

- buttheads on your cable modem segment with bogus IP's - The buttheads in your ISP exposing such addresses to you. -Bob * J.D. Bronson <[EMAIL PROTECTED]> [2005-11-21 17:31]: > I noticed that when I reboot my cable modem ( I have a pool of statics ) > I see this on the console of the obsd box:

Re: RAID controller recommendation

> Any good RAID card will autorebuild a failed array. > Caveat Emptor: There is also a lot of crap out there. Marco you know as well as I do that this statement will be read by people who say "It says Adaptec on the box so it must be good" - and then be surprised when it doesnt. So, I'm sa

Re: spamd vs the sober worm

My running blacklist (24 hour expiry) from my greytraps bloated from a usual total of about 6000 hosts to over 20,000 during the worst of it. Net result being most of them hit the wall, unless they came via a previously whitelisted mailhost - and then you go at them other ways.

Re: Openbsd.org down?

now fixed. -Bob * Paulo Rodriguez <[EMAIL PROTECTED]> [2005-11-28 15:39]: > Hi guys, > > Subject says it all. Error: > > Forbidden > You don't have permission to access / on this server. > > Apache/1.3.27 Server at www.openbsd.org Port 80 > > Issues? > > P > -- | | |

Re: I have $300

Actually, when I am in a position to use carp and pfsync I often do not bother with embedded, unless I have power concerns. If you want embedded buy the comell box suggested earlier, but if you really have no budget, dont bother with raid or other such nonsense. go find two cheap garage-a

Re: #define failure opportunity

* Theo de Raadt <[EMAIL PROTECTED]> [2005-11-28 15:38]: > This is why OpenBSD/OpenSSH does not need to hire a spin doctor. > > Other people do it for us ;) > > http://www.ssh.com/company/newsroom/article/684/ Heck, I wanna meet the person who wrote that. It's brilliant spin. It's just delici

Re: Will spamd work with db on a RAM disk?

> Or are you saying that caching the reads would help with the I/O bottle > neck just as effectively? I would be surprised by that, especially > since it's RAID1. > HorseCookies. Think about it. The slowest ram on earth [1] runs rings around the fastest raid stuff you can find. Disk i

Re: spamd and spews1

Spews seems to be having some issues. www.spews.org refuses connections from here. The spews list will be updated once their site is again reachable from www.openbsd.org -Bob * Bryan Irvine <[EMAIL PROTECTED]> [2005-12-30 10:49]: > Recently the spews1 file that gets down

Re: OpenBSD VMWare image too popular

* Graham Toal <[EMAIL PROTECTED]> [2006-01-05 12:14]: > If it's that popular it's worth setting up a torrent! > > G Eeek. I walked into this thread initially thinking this was a picture or logo or something... now shuddering violently at the thought of running an OS image downloa

Re: ftp-proxy help needed...

Judging by the error message, likely you are either blocking the outbound data channel connection to the real server, or the server itself is filtering it. The first place I'd start looking is in your "other" pf rules to see what's getting blocked. set your block rules to log stuf

Re: CVSync servers not syncing?

I believe this has to do with routing issues at the U of A guys, At the moment it appears ok at this end, but if anyone running a server still notices problems please contact me offlist and include a traceroute so I can beat on some people. Thanks -Bob * Jason C

Re: Securia Rates OpenBSD

* Matthias Kilian <[EMAIL PROTECTED]> [2006-01-23 15:58]: > On Mon, Jan 23, 2006 at 05:08:00PM -0500, Dave Feustel wrote: > > Securia gives OpenBSD a pretty nice security rating at > > http://secunia.com/product/100/ > > Those statistics say nothing at first glance. For example, I could > argue th

Re: Anonym.OS - OpenBSD-based live CD

> I don't think there's a single person that can say they did something > early in their SysAdmin / Programming learning curve and when they came > back to it years later and thought, "What a piece of crap". With me it's usually a wisftul bemoaning of the fact that the drugs and rose colou

Re: webstore software: safe and configurable?

> However, all this mitigating points taken together do not suffice to > convince me that PHP is the language to choose if you want to lead a > quiet, secure life. Language has very little to do with it. The code that is written in the language is ususally the problem :) ... > [1] Though

Re: NYCBUG dmesg tracker

> > http://www.nycbug.org/index.php?NAV=dmesgd > > Super cool site. This brings a question to mind: is there a reason > that no useful sites like this are linked to the main site (at least, > none that I found)? > Because while it looks cool and minty, it's no substitute for sending dmes

Re: Odd traffic when greylisting

> I've seen both behaviors with greylisting, and other behaviors as well. > They still don't get past spamd, so I don't worry much about them. There > are many different behaviors depending on what spam sending software > they're using, and it'll change somewhat next week or next month. Rather > th

Re: Windows CLI FTP and OBSD 3.9 ftp-proxy

* Joachim Schipper <[EMAIL PROTECTED]> [2006-02-02 12:19]: > On Thu, Feb 02, 2006 at 01:28:03PM -0500, Peter Fraser wrote: > > The windows firewall expects the originating port > > of the ftp data to be port ftpdata, if it isn't > > the firewall rejects the packet. The ftp rfc > > does say that t

Re: OpenBSD hardware router

> Underpowered? I think that is a really relative term. Underpowered for > datamining a 1 TB database? Yeah it probably is, however from my experience > I could saturate a 1.5 Mb SDSL or T-1 link using an IPSEC VPN on between a > Soekris 4501 and a 1GHz Dell POS. If all you are looking to do

Re: SpamD, Postfix and mobile users

* Stuart Henderson <[EMAIL PROTECTED]> [2006-02-03 13:16]: > On 2006/02/03 20:28, [EMAIL PROTECTED] wrote: > > But I was hoping SpamD had some kind of understanding of SASL. > > I'm quite glad it *doesn't*. Port 587 (msa/submission) is the right > answer here. I wouldn't want a daemon that's inten

Re: Anonymous sftp

Why? if you allow anyone to connect to it anonymously what do you gain by using ssh? sftp (non anonymous) exists for a real reason (secure authenticated-by-ssh file transfer, i.e. particularly to allow up and download...) If all you want is something "less evil for firewalls" Try u

Re: SpamD, Postfix and mobile users

* [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2006-02-03 15:11]: > Thanks a bunch fella's. > > I got TLS working. Except for the fact that I cannot use port 587 in > (yes I know) Outlook Express. If I keep it at port 25, everything runs > like a charm. The server is listening on port tcp 587. However,

Re: ami0: timeout ccb 33

Theirry, I have had this once on about 15 ami's. in my case it repeased itself on reboot, and I simply assumed the card was bad - I pulled it, put another one in, and it worked like a champ again - send the "dead" one back to dell with "It's busticated" and they sent me a new one.

Re: location of krb5.conf

/etc/kerberosV/krb5.conf is correct - those other locations are erroneous. I'll get them fixed. thanks. -Bob * Antoine Jacoutot <[EMAIL PROTECTED]> [2006-02-16 09:11]: > Hi. > > Under OpenBSD, the Kerberos documentation sometimes refer to the config file > as > /etc/krb5.conf o

Re: spamd-setup doesn't return

I think this was because you had two spamd-setups running. spamd will only service once configuration connection at a time. -Bob * knitti <[EMAIL PROTECTED]> [2006-02-21 13:55]: > On 2/21/06, Bob Beck <[EMAIL PROTECTED]> wrote: > > > >

Re: spamd-setup doesn't return

That's very suspicious.. sounds like a bug, but I'm not sure how to chase it with you. please contact me off list should it happen again. * knitti <[EMAIL PROTECTED]> [2006-02-22 11:54]: > On 2/22/06, Bob Beck <[EMAIL PROTECTED]> wrote: > > I thi

Re: auto-adding bad hosts to a table

* Chris Smith <[EMAIL PROTECTED]> [2006-02-23 09:34]: > On Wednesday 22 February 2006 15:37, Ray Lai wrote: > > Do ``block in log on port 25'' and listen to pflog0 to add bad > > hosts. > > Bit of a openBSD n00b here. How would I go about listening to pflog0? I > thought that required tcpdump run

Re: basic fail-over mechanism for home networking.

two boxes at home, carped and pfsynced. Primary runs your squid, backup either runs a backup squid yourself, or does an rdr for the connections to it to the isp's proxy. -Bob * [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2006-02-23 09:40]: > -BEGIN PGP SIGNED MESSAGE- > Hash

Re: question about spamdb -a

because you're only added the whitelist entry, not deleted a grey one. The grey entry is harmless, it will get reaped out of there in 4 hours when it expires.. -Bob * frantisek holop <[EMAIL PROTECTED]> [2006-02-27 15:03]: > hi there, > > when i explicitly whit

Re: automatically shape dhcp client

ask [EMAIL PROTECTED] for code. he's doing something for us here that may help you.. if he does it right it may end up in a future release, help him test it. -Bob * Lars Hansson <[EMAIL PROTECTED]> [2006-02-28 04:27]: > On Tuesday 28 February 2006 19:11, [EMAIL PROTECTE

Re: Binat roaming vpn clients

er_ip to any tagged vpn_traffic -> > 192.168.10.X" work on 3.7 (as binat tagged isn't supported in 3.6)? > - Am I thinking too much and binating directly on $IntIF from $user_ip > without tagging would be perfectly safe of accidental collisions? > - Any other clues? > > > JC > -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of Alberta True Evil hides its real intentions in its street address.

Re: spamdb migration

uot;down under": Australia. > Do we look from up over? > > Do NOT CC me - I am subscribed to the list. > Replies to the sender address will fail except from the list-server. > -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of Alberta True Evil hides its real intentions in its street address.

Re: ssh

> > What part of the words "Do *NOT* login as root" have you failed to > > understand? this is crap. logging in as root is not a sin. we recently removed this poopoo advice from OpenBSD anyway. See my rant about this in the archives. -Bob

Re: Dell HW?

1650/1750. > 2) SAN? > > In the alternative, any to avoid? SAN in general :) use scsi it's cheaper. -Bob -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of Alberta True Evil hi

Re: OpenBSD - UEFI Secure Boot

On Sat, Jul 7, 2012 at 11:25 AM, Tomas Bodzar wrote: > > World is trying much worse stuff than UEFI > > http://extratorrent.com/article/2263/uk+prime+minister+calls+for+online+porn+ban.html > > > What? they're going to ban porn? That's it, I'm quitting the internets.

<    1   2   3   4   5   >