I have success install OpenBSD 4.3, but when i want install packages using
pkg_add, why i can't install it?
first i try from local ssh server from my LAN
---
# export PKG_PATH=scp://[EMAIL PROTECTED]/OpenBSD4.3/i386/
# pkg_add gdm
[EMAIL PROTECTED]'s
Hi all
I have an OBSD4.3 VPN gateway that authenticates users based on their
certificate and an isakmpd.policy, which works just fine. Now a user had
to renew his certificate: same CA, same CA certificate, same Subject DN,
same EVERYTHING. I'd have expected that he'd just need to close the
On Wed, Jul 09, 2008 at 01:04:38AM -0700, my mail wrote:
I have success install OpenBSD 4.3, but when i want install packages using
pkg_add, why i can't install it?
first i try from local ssh server from my LAN
---
# export PKG_PATH=scp://[EMAIL
Are there any alternative solutions that I should look at?
I've used an alternate standalone solution. Do a search for
Barix Barionet. Per unit it may appear to be more expensive, but
Thanks for that, I had not come across the Barix range of devices before.
Indeed, it does appear more
2008/7/9 David Schulz [EMAIL PROTECTED]:
can someone recommend me a good way to quickly determine who on the network
is using up most the Bandwith, and preferrably, what are the using it for?
ntop?
Best
Martin
Hi.
I guess OpenBSDs named is affected by the actual issue:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
http://www.kb.cert.org/vuls/id/800113
So I hope a patch is in progress ?
Or is OpenBSD not affected by this issue?
So long,
Andreas.
--
Windows 95: A 32-bit patch for a
On Wed, 9 Jul 2008 11:10:09 +0200, Andreas Maus wrote:
Hi.
I guess OpenBSDs named is affected by the actual issue:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
http://www.kb.cert.org/vuls/id/800113
So I hope a patch is in progress ?
Or is OpenBSD not affected by this issue?
So
Hi Andreas,
Aren't you dumping on the wrong interface here?
Should it not be your $ext_if where the alleged poisoning will come from?
2008/7/9 Rod Whitworth [EMAIL PROTECTED]:
On Wed, 9 Jul 2008 11:10:09 +0200, Andreas Maus wrote:
Hi.
I guess OpenBSDs named is affected by the actual
hi @misc
any suggestions beside UKC disable?
/bsd: ohci0: 1 scheduling overruns
/bsd: ohci0: 4 scheduling overruns
/bsd: ohci0: 1 scheduling overruns
/bsd: ohci0: 1 scheduling overruns
/bsd: ohci0: 2 scheduling overruns
/bsd: ohci0: 2 scheduling overruns
/bsd: ohci0: 3 scheduling overruns
/bsd:
On Wed, Jul 09, 2008 at 11:19:24AM +0100, mark reardon wrote:
Hi Andreas,
Aren't you dumping on the wrong interface here?
Should it not be your $ext_if where the alleged poisoning will come from?
Hi Mark.
Excuse me? The tcpdump was provided by Rod Whitworth
[EMAIL PROTECTED].
So long,
On Jul 9, 2008, at 4:53 AM, Rod Whitworth wrote:
# tcpdump -nettti rl0 dst port 53
tcpdump: listening on rl0, link-type EN10MB
Jul 09 19:48:27.786683 00:01:80:0f:2b:94 00:00:24:c6:18:85 0800 70:
192.168.80.4.16284 192.168.80.1.53: 57120+ A? pps.com.au. (28)
Jul 09 19:48:43.690332
Hi,
setup: 4.2 with tun0 being a pppoe(8) int and tun1 being a ssh-vpn
over tun0. altq is running on tun0.
I know that altq doesn't support interface groups (and that support is
not planned (see
http://marc.info/?l=openbsd-miscm=112431574118264w=2)) but is there
a way around this? Currently altq
I want my OpenBSD 4.3 to get clock from my serial GPS device.
The device is working
# cu -l /dev/cua00 -s 4800
Connected
$GPRMC,113516.000,A,0608.4965,S,10651.2976,E,0.07,229.06,090708,,,A*75
$GPRMC,113517.000,A,0608.4964,S,10651.2975,E,0.04,193.07,090708,,,A*76
On 2008-07-09, Steve Tornio [EMAIL PROTECTED] wrote:
I get a different result using the external interface of my caching
name server, and mine looks vulnerable.
named is. the stub resolver isn't.
mcbride@ pointed out that you can give named some more protection
by natting outbound udp
On 7/9/2008 at 5:58 AM Steve Tornio wrote:
|On Jul 9, 2008, at 4:53 AM, Rod Whitworth wrote:
|
|
| # tcpdump -nettti rl0 dst port 53
| tcpdump: listening on rl0, link-type EN10MB
| Jul 09 19:48:27.786683 00:01:80:0f:2b:94 00:00:24:c6:18:85 0800 70:
| 192.168.80.4.16284 192.168.80.1.53: 57120+ A?
On Wed, Jul 09, 2008 at 06:52:44PM +0700, riwanlky wrote:
I want my OpenBSD 4.3 to get clock from my serial GPS device.
The device is working
# cu -l /dev/cua00 -s 4800
Connected
$GPRMC,113516.000,A,0608.4965,S,10651.2976,E,0.07,229.06,090708,,,A*75
doxpara.com reports no issues with unbound FWIW.
Thanks to Stuart for this suggestion during the previous DJBware for ports
thread.
2008/7/9 Stuart Henderson [EMAIL PROTECTED]:
On 2008-07-09, Steve Tornio [EMAIL PROTECTED] wrote:
I get a different result using the external interface of my
On 2008-07-09, riwanlky [EMAIL PROTECTED] wrote:
server nmea0
it's not a server, it's a sensor.
Thanks you to point it out. Minor mistake big different.
It working.
Best regards,
Riwan
Stuart Henderson wrote:
On 2008-07-09, riwanlky [EMAIL PROTECTED] wrote:
server nmea0
it's not a server, it's a sensor.
On 2008-07-09, Stuart Henderson [EMAIL PROTECTED] wrote:
nat on egress proto udp from (self) to any port 53 - (self)
thanks to those who pointed out (self) includes 127.0.0.1, so you
don't want to use - (self), rather use - (egress).
e.g. nat on egress proto udp from (self) to any port 53 -
Good morning,
Today, I'm received alert from one of my friends regarding to
Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable
to cache poisoning.
http://www.kb.cert.org/vuls/id/800113
I checked the above site, and found that most of the *BSD status are
unknown. Is this bug
Vous m'avez dit ricemment :
Good morning,
Today, I'm received alert from one of my friends regarding to
Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable
to cache poisoning.
http://www.kb.cert.org/vuls/id/800113
I checked the above site, and found that most of the
Jacob Meuser wrote:
On Wed, Jul 09, 2008 at 01:04:38AM -0700, my mail wrote:
I have success install OpenBSD 4.3, but when i want install packages using
pkg_add, why i can't install it?
first i try from local ssh server from my LAN
---
# export
On Wed, Jul 09, 2008 at 10:45:09PM +0800, Zamri Besar wrote:
Good morning,
Today, I'm received alert from one of my friends regarding to
Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable
to cache poisoning.
http://www.kb.cert.org/vuls/id/800113
I checked the above
On Wed, Jul 09, 2008 at 04:52:39PM +0200, Mathieu SEGAUD wrote:
Vous m'avez dit ricemment :
Good morning,
Today, I'm received alert from one of my friends regarding to
Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable
to cache poisoning.
Why haven't the developers posted a formal annoncement clearifing
if the distributed BIND is vulnerable?
If so, where the hell is the patch?
-Nix Fan.
Why haven't the developers posted a formal annoncement clearifing
if the distributed BIND is vulnerable?
If so, where the hell is the patch?
You really should adjust your extremely pathetic attitude.
On Thu, Jul 03, 2008 at 11:19:54PM +0200, Rafal Brodewicz wrote:
I can't blank cd on i386, and getting: cdio: The media doesn't support
blanking message.
I'm using 4.4 snapshots on both machines.
I've tested same hardware (on which it doesn't blank) with 4.3-GENERIC
and cdio blanks cd's then.
Vous m'avez dit ricemment :
On Wed, Jul 09, 2008 at 04:52:39PM +0200, Mathieu SEGAUD wrote:
Vous m'avez dit ricemment :
Good morning,
Today, I'm received alert from one of my friends regarding to
Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable
to cache
Love your gimme gimme attitude. If you spent half a second thinking about this:
1). They didn't contact openbsd about this
2). Took them months to put the fix in
3). Takes time to figure out what the issue is, figure out how to fix
it, test, and deploy
4). Time that is not spend responding to
On Wednesday July 9 2008 10:48, you wrote:
Why haven't the developers posted a formal annoncement clearifing
if the distributed BIND is vulnerable?
If so, where the hell is the patch?
Just curious, how much did you pay for your support contract? Clearly if
you feel you are so entitled to a
Unix Fan escreveu:
Why haven't the developers posted a formal annoncement clearifing
if the distributed BIND is vulnerable?
If so, where the hell is the patch?
-Nix Fan.
Pal, i believe you won't even BE affected by this issue. If so, it will
take time. Time enough for developers to
On Thu, Jul 10, 2008 at 12:14 AM, Mathieu SEGAUD
[EMAIL PROTECTED] wrote:
Vous m'avez dit ricemment :
On Wed, Jul 09, 2008 at 04:52:39PM +0200, Mathieu SEGAUD wrote:
Vous m'avez dit ricemment :
Good morning,
Today, I'm received alert from one of my friends regarding to
Vulnerability
On 7/9/08, Stuart Henderson [EMAIL PROTECTED] wrote:
mcbride@ pointed out that you can give named some more protection
by natting outbound udp traffic destined for port 53 (even just on
the box running the resolver, it doesn't have to be on a firewall
in front). something like,
nat on
On Wed, Jul 09, 2008 at 12:22:17PM -0400, bofh wrote:
Love your gimme gimme attitude. If you spent half a second thinking about
this:
Hehehe ;)
Furthermore you can see in the US-CERT that this VULN was:
Date First Published07/08/2008 02:46:15 PM
As you know some developers may live
bofh wrote:
1). They didn't contact openbsd about this
The Cert Advisory document (the MS Word doc file) claims that OpenBSD
was notified on 2008-5-5 11:24:02. Obviously I have no idea if this is
true. Since it seems almost everyone was caught without a patch on
disclosure day, the
On Jul 9, 2008, at 12:19 PM, Ted Unangst wrote:
n front). something like,
nat on egress proto udp from (self) to any port 53 - (self)
I don't think this actually accomplishes much. It still lets poisoned
replies back in on the previous port number.
But does it allow a poisoned reply from
I'm not one to condone shitty attitudes.
However, I think in this case it's unfair to claim that one can have
no expectations of OpenBSD with regards to security patches. If I
could have no such expectations, I would not use OpenBSD in the first
place. I have these expectations based on a very
On 7/9/08, Steve Tornio [EMAIL PROTECTED] wrote:
I don't think this actually accomplishes much. It still lets poisoned
replies back in on the previous port number.
But does it allow a poisoned reply from the spoofed address?
oh, right. I think I forgot even UDP packets have IP
I'm not one to condone shitty attitudes.
However, I think in this case it's unfair to claim that one can have
no expectations of OpenBSD with regards to security patches. If I
could have no such expectations, I would not use OpenBSD in the first
place.
Then don't.
I have these
http://cr.yp.to/djbdns/run-cache.html
http://www.ro.kde.org/djbdns/mywork/jumbo/index.html
I never understood the mix of authoritive server and resolver ... Use dnscache
as resolver and you you're (AFAIK) save.
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED]
On Wednesday 09 July 2008 13:58:33 David Wilk wrote:
I'm not one to condone shitty attitudes.
However, I think in this case it's unfair to claim that one can have
no expectations of OpenBSD with regards to security patches. If I
could have no such expectations, I would not use OpenBSD in the
easy, Theo. I actually very much agree with you, and had not intended
to stir anything up here. If users wish to get involved in an attempt
(regardless of how hopeless) to encourage third parties to cooperate
with OpenBSD developers, then you can certainly abstain from enabling
that kind of help
I searched /etc/syslog.conf, but can't find how to disable it.
Jul 10 08:40:04 proxy /bsd: pf: loose state match: TCP in wire:
192.168.4.132:3833 58.253.67.248:80 stack: - [lo=3472355129
high=3472419308 win=65535 modulator=0] [lo=3167937694 high=3168002906
win=64857 modulator=0] 10:10 R
On Wed, Jul 9, 2008 at 6:48 PM, Dongsheng Song [EMAIL PROTECTED] wrote:
I searched /etc/syslog.conf, but can't find how to disable it.
Jul 10 08:40:04 proxy /bsd: pf: loose state match: TCP in wire:
192.168.4.132:3833 58.253.67.248:80 stack: - [lo=3472355129
high=3472419308 win=65535
Hello.
On two machines now, recent snapshots are not powering off properly on machines
which used to, when I run shutdown -p -h now.
It stops at syncing disks, and stays there forever. After a hard reset, / comes
up as not being unmounted successfully.
I am a quite busy right now, but if
--- On Wed, 7/9/08, Jacob Meuser [EMAIL PROTECTED] wrote:
From: Jacob Meuser [EMAIL PROTECTED]
Subject: Re: Can't install using pkg_add from FTP mirror and from Local Mirror
To: misc@openbsd.org
Date: Wednesday, July 9, 2008, 8:27 AM
On Wed, Jul 09, 2008 at 01:04:38AM -0700, my mail wrote:
--- On Wed, 7/9/08, STeve Andre' [EMAIL PROTECTED] wrote:
I expect the OpenBSD response will be excellent, and out on
its own timeframe.
I have to agree with this guy. The openBSD team all ways goes above and beyond
what we see other vendors do. The solutions have lasting value, rather
On Wed, Jul 9, 2008 at 7:45 PM, my mail [EMAIL PROTECTED] wrote:
thanks for your reply, but i have download OpenBSD 4.3 from this address
ftp://ftp.jaist.ac.jp/pub/OpenBSD/4.3/
and all packages i download from this
ftp://ftp.jaist.ac.jp/pub/OpenBSD/4.3/packages/
You should study Section
--- On Wed, 7/9/08, Louis V. Lambrecht [EMAIL PROTECTED] wrote:
Definitely a libraries mixup with gettext and libiconv
versions.
Just curious, what is the output of:
ls -ald /var/db/pkg/.*
guess there must be some list.
this a result from previous command
# ls -ald /var/db/pkg/.*
my mail wrote:
--- On Wed, 7/9/08, Louis V. Lambrecht [EMAIL PROTECTED] wrote:
Definitely a libraries mixup with gettext and libiconv
versions.
Just curious, what is the output of:
ls -ald /var/db/pkg/.*
guess there must be some list.
this a result from previous command
# ls -ald
On Wed, Jul 09, 2008 at 08:10:00PM -0700, my mail wrote:
--- On Wed, 7/9/08, Louis V. Lambrecht [EMAIL PROTECTED] wrote:
Definitely a libraries mixup with gettext and libiconv
versions.
Just curious, what is the output of:
ls -ald /var/db/pkg/.*
guess there must be some list.
Eric DILLENSEGER wrote:
drmOpenDevice: node name is /dev/drm0
drmOpenDevice: open result is -1, (Device not configured)
drmOpenDevice: Open failed
drmAvailable: no
drmOpenDevice: node name is /dev/drm0
drmOpenDevice: open result is -1, (Device not configured)
drmOpenDevice: Open failed
53 matches
Mail list logo