Virus Notification: A virus has been detected in a message in which you where a recipient
From: Peter Wagner [SMTP:[EMAIL PROTECTED]] To: Date: Thu, Nov 02 2000, 4:34:51 AM Subject:US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)= The message contained 1 virus(es): domeo.jpg.vbs infected with the VBS/LoveLetter_based@mm virus - - - Virus Notification: A virus has been detected in a message in which you where a recipient! Check the original message. If the attachment could not be repaired it was Deleted from the message. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
ALERTE: VIRUS DETECTE DANS UN MESSAGE ENVOYE PAR owner-freebsd-security@FreeBSD.ORG
A L E R T E V I R U S Notre système de détection automatique anti-virus a détecté un virus dans un message qui vous a été envoyé par Peter Wagner [EMAIL PROTECTED]. La distribution de ce message a été stoppée. Veuillez vous rapprocher de l'émetteur Peter Wagner [EMAIL PROTECTED] pour régler avec lui le problème. *** V I R U S A L E R T Our anti-virus system has detected a virus in an email sent by Peter Wagner [EMAIL PROTECTED]. We have stopped the delivery of this email. We invite you to contact Peter Wagner [EMAIL PROTECTED] to solve the problem. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
VIRUS WARNING
WARNING! This mail is generated automatically by virus-scanning software. There was virus found in one or more attachment in e-mail sent by: Peter Wagner [EMAIL PROTECTED] at date: Thu, 2 Nov 2000 09:34:51 - , with subject "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)=". There is list of infected files: Found virus "VBS/LoveLetter.worm" in DOMEO.JPG.vbs Please clean files and resend Your message, Your message was dropped. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Antigen found =*.vbs file
Antigen for Exchange found DOMEO.JPG.vbs matching =*.vbs file filter. The file is currently Deleted. The message, "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO", was sent from Peter Wagner and was discovered in IMC Queues\Inbound located at SanBernardinoCounty/SBCOINT/GAUNTLET. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Virus Notification: A virus has been detected in a message in which you where a recipient
From: Peter Wagner [SMTP:[EMAIL PROTECTED]] To: Date: Thu, Nov 02 2000, 4:34:51 AM Subject:US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)= The message contained 1 virus(es): domeo.jpg.vbs infected with the VBS/LoveLetter_based@mm virus - - - Virus Notification: A virus has been detected in a message in which you where a recipient! Check the original message. If the attachment could not be repaired it was Deleted from the message. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Time to close the list?
Maybe it's time to close the list so that it only accepts messages from subscribers. The spam was bad enough, but the virus warnings are over the top. Sigh. -- Greg Black [EMAIL PROTECTED] Join the fight against spam: http://www.cauce.org/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Virus Notification: A virus has been detected in a message in which you where a recipient
From: Peter Wagner [SMTP:[EMAIL PROTECTED]] To: Date: Thu, Nov 02 2000, 3:34:51 AM Subject:US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)= The message contained 1 virus(es): domeo.jpg.vbs infected with the VBS/LoveLetter_based@mm virus - - - Virus Notification: A virus has been detected in a message in which you where a recipient! Check the original message. If the attachment could not be repaired it was Deleted from the message. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Antigen found =*.vbs file
Antigen for Exchange found DOMEO.JPG.vbs matching =*.vbs file filter. The file is currently Deleted. The message, "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO", was sent from Peter Wagner and was discovered in IMC Queues\Inbound located at SanBernardinoCounty/SBCOINT/GAUNTLET. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
FW: Postmaster notify: Data format error
You have a problem :-( Petr - DECROS s.r.o. J.S.Baara 40, Ceske Budejovice, Czech Republic Tel: +420-38-7312808 Fax: +420-38-7311480 http://www.decros.cz -Original Message- From: Mail Delivery Subsystem [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 02, 2000 8:44 AM To: [EMAIL PROTECTED] Subject: Postmaster notify: Data format error The original message was received at Thu, 2 Nov 2000 08:43:35 +0100 (CET) from mx1.FreeBSD.org [216.136.204.125] - The following addresses had permanent fatal errors - [EMAIL PROTECTED] (expanded from: [EMAIL PROTECTED]) [EMAIL PROTECTED] (expanded from: [EMAIL PROTECTED]) - Transcript of session follows - ANTIVIRUS SYSTEM FOUND VIRUSES /var/spool/mqueue/dfIAA91820 archive: Mail /var/spool/mqueue/dfIAA91820/DOMEO.JPG.vbsinfected: I-Worm.LoveLetter This message contains viruses. You may detect it and clean with Antiviral Toolkit Pro from http://www.avp.ru or with your preferred antivirus software. 554 [EMAIL PROTECTED]... Viruses were detected 501 [EMAIL PROTECTED]... Data format error 554 [EMAIL PROTECTED]... Viruses were detected 501 [EMAIL PROTECTED]... Data format error begin 600 ATT00940.TXT M4F5P;W)T:6YG+4U403H@9YS.R!NRYD96-R;W,N8WH-"E)E8V5I=F5D+49R M;VTM351!.B!$3E,[(UX,2YF5E0E-$+F]R9PT*07)R:79A;"U$871E.B!4 M:'4L(#(@3F]V(#(P,#`@,#@Z-#,Z,S4@*S`Q,#`@*$-%5"D-"@T*1FEN86PM M4F5C:7!I96YT.B!21D,X,C([(#QP+G!R:6)`95CF]S+F-Z/@T*6"U!8W1U M86PM4F5C:7!I96YT.B!21D,X,C([('`N')I8D!E-H86YG92YD96-R;W,N M8WH-"D%C=EO;CH@9F%I;5D#0I3=%T=7,Z(#4N-BXP#0I296UO=4M351! M.B!$3E,[(UX,2YF5E0E-$+F]R9PT*3%S="U!='1E;7!T+41A=4Z(%1H M=2P@,B!.;W8@,C`P,"`P.#HT,SHS."`K,#$P,"`H0T54*0T*#0I:6YA;"U2 M96-IEE;G0Z(%)0S@R,CL@/')E:]`95CF]S+F-Z/@T*6"U!8W1U86PM M4F5C:7!I96YT.B!21D,X,C([(')E:]`97AC:%N9V4N95CF]S+F-Z#0I! M8W1I;VXZ(9A:6QE9`T*4W1A='5S.B`U+C8N,`T*4F5M;W1E+4U403H@1$Y3 M.R!M#$N1G)E94)31"YOF-"DQAW0M071T96UP="U$871E.B!4:'4L(#(@ ?3F]V(#(P,#`@,#@Z-#,Z,S@@*S`Q,#`@*$-%5"D-"@== ` end begin 600 ATT00941.TXT M4F5T=7)N+5!A=@Z(#QO=VYEBUFF5E8G-D+7-E8W5R:71Y0$9R965"4T0N M3U)'/@T*4F5C96EV960Z(9R;VT@;7@Q+D9R965"4T0N;W)G("AM#$N1G)E M94)31"YOF@6S(Q-BXQ,S8N,C`T+C$R-5TI#0H)8GD@;G,N95CF]S+F-Z M("@X+CDN,R\X+CDN,RD@=VET:"!%4TU44"!I9"!)04$Y,3@R,#L-"@E4:'4L M(#(@3F]V(#(P,#`@,#@Z-#,Z,S4@*S`Q,#`@*$-%5"D-"@DH96YV96QO4M M9G)O;2!O=VYEBUFF5E8G-D+7-E8W5R:71Y0$9R965"4T0N3U)'*0T*4F5C M96EV960Z(9R;VT@:'5B+F9R965BV0N;W)G("AH=6(N1G)E94)31"YOF@ M6S(Q-BXQ,S8N,C`T+C$X72D-"@EB2!M#$N1G)E94)31"YOF@*%!OW1F M:7@I('=I=@@15--5%`-"@EI9"!$.$,R1C9%,S9"-SL@5V5D+"`@,2!.;W8@ M,C`P,"`R,SHT,CHR-2`M,#@P,"`H4%-4*0T*4F5C96EV960Z()Y(AU8BYF MF5E8G-D+F]R9R`H4]S=9I"P@9G)O;2!UV5R:60@-3,X*0T*"6ED(#$P M,S8X,S=".#,X.R!7960L("`Q($YO=B`R,#`P(#(S.C0R.C(R("TP.#`P("A0 M4U0I#0I296-E:79E9#H@9G)O;2!L;V-A;AOW0@*QO8V%L:]S="!;,3(W M+C`N,"XQ72D-"@EB2!H=6(N9G)E96)S9"YOF@*%!OW1F:7@I('=I=@@ M4TU44`T*"6ED(#0S,#(X,D4X,$-!.R!7960L("`Q($YO=B`R,#`P(#(S.C0R M.C(R("TP.#`P("A04U0I#0I296-E:79E9#H@8GD@:'5B+F9R965BV0N;W)G M("AB=6QK7VUA:6QEB!V,2XQ,BD[(%=E9"P@,2!.;W8@,C`P,"`R,SHT,CHR M,B`M,#@P,`T*15L:79EF5D+51O.B!FF5E8G-D+7-E8W5R:71Y09R965B MV0N;W)G#0I296-E:79E9#H@9G)O;2!S=6YS:71E+F%U8FDN94@*UA:6PN M875B:2UO;FQI;F4N94@6S8R+C$U.2XX,BXQ,S%=*0T*"6)Y(AU8BYFF5E M8G-D+F]R9R`H4]S=9I"D@=VET:"!%4TU44`T*"6ED(#$T-4,W,S="-C8W M.R!7960L("`Q($YO=B`R,#`P(#(S.C,X.C,W("TP.#`P("A04U0I#0I296-E M:79E9#H@9G)O;2!E-H86YG96(N875B:2YD92`H97AC:%N9V5B+F%U8FDN M94@6S$W,"XU-BXQ,C$N-UTI#0H)8GD@W5NVET92YA=6)I+F1E("@X+CDN M,RM3=6XO."XY+C,I('=I=@@15--5%`@:60@2D%!,C,P-#[#0H)5AU+"`R M($YO=B`R,#`P(#`Y.C,X.C,V("LP,C`P("A'350I#0I296-E:79E9#H@8GD@ M97AC:%N9V5B+F%U8FDN94@=VET:"!);G1EFYE="!-86EL(%-EG9I8V4@ M*#4N-2XR-C4P+C(Q*0T*"6ED(#Q664TS,S$Q33X[(%1H=2P@,B!.;W8@,C`P M,"`P.3HS-#HU,B`M,#`P,`T*365SV%G92U)1#H@/#=",45%1#!#-40U.$0T M,3%"-S,R,#`U,#A"1$4W-T(R,#1$1#%%05X8VAA;F=E8BYA=6)I+F1E/@T* M1G)O;3H@45T97(@5V%G;F5R(#QW86=N97)P0%U8FDN94^#0I4;SH@1G)E M94)31"!,:7-T(#QF5E0E-$3ES=$!A=6)I+F1E/@T*4W5B:F5C=#H@55,@ M4%)%4TE$14Y4($%.1"!0DD@4T5#4D544R`]4$Q%05-%(%9)4TE4(#T^("AH M='1P.B\O5U=7+C(V,#`N0T\-"@E-*3P]#0I$871E.B!4:'4L(#(@3F]V(#(P M,#`@,#DZ,S0Z-3$@+3`P,#`@#0I-24U%+59EG-I;VXZ(#$N,`T*6"U-86EL M97(Z($EN=5R;F5T($UA:6P@4V5R=FEC92`H-2XU+C(V-3`N,C$I#0I#;VYT M96YT+51Y4Z(UU;'1I%R="]M:7AE9#L-"@EB;W5N9%R3TB+2TM+5\] M7TYE'1087)T7S`P,%\P,4,P-#1","XR-CQ,$0Y,"(-"E-E;F1ECH@;W=N M97(M9G)E96)S9"US96-UFET4!F5E0E-$+D]21PT*6"U,;V]P.B!F5E ;0E-$+F]R9PT*4')E8V5D96YC93H@8G5L:PT* ` end To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Viruses are ok, but monkeys are becoming a problem
Can monkeys' owners keep them from posting to lists? Please? On Thu, 2 Nov 2000, Peter Wagner wrote: Date: Thu, 2 Nov 2000 09:34:46 - From: Peter Wagner [EMAIL PROTECTED] To: FreeBSD Hackers List [EMAIL PROTECTED] Subject: US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)= VERY JOKE..! SEE PRESIDENT AND FBI TOP SECRET PICTURES.. ...and infinite number of monkeys responded: From [EMAIL PROTECTED] Thu Nov 2 00:02:52 2000 Date: Thu, 2 Nov 2000 09:41:32 +0200 (EET) From: [EMAIL PROTECTED] To: Peter Wagner [EMAIL PROTECTED] Cc: FreeBSD Hackers List [EMAIL PROTECTED] Subject: VIRUS WARNING WARNING! This mail is generated automatically by virus-scanning software. There was virus found in one or more attachment in e-mail sent by: Peter Wagner [EMAIL PROTECTED] at date: Thu, 2 Nov 2000 09:34:46 - , with subject "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)=". There is list of infected files: Found virus "VBS/LoveLetter.worm" in DOMEO.JPG.vbs Please clean files and resend Your message, Your message was dropped. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message From [EMAIL PROTECTED] Thu Nov 2 00:03:05 2000 Date: Thu, 2 Nov 2000 01:41:59 -0600 From: Nemx Power Tools for MS Exchange Server_US-EA-GTWY-7_0 [EMAIL PROTECTED] To: FreeBSD List [EMAIL PROTECTED] Subject: Virus Notification: A virus has been detected in a message in whi ch you where a recipient From: Peter Wagner [SMTP:[EMAIL PROTECTED]] To: Date: Thu, Nov 02 2000, 3:34:51 AM Subject:US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)= The message contained 1 virus(es): domeo.jpg.vbs infected with the VBS/LoveLetter_based@mm virus - - - Virus Notification: A virus has been detected in a message in which you where a recipient! Check the original message. If the attachment could not be repaired it was Deleted from the message. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message From [EMAIL PROTECTED] Thu Nov 2 00:03:16 2000 Date: Thu, 2 Nov 2000 02:43:36 -0800 From: [EMAIL PROTECTED] To: FreeBSD List [EMAIL PROTECTED] Subject: Report to Recipient(s) Incident Information:- Originator:[EMAIL PROTECTED] Recipients:FreeBSD List [EMAIL PROTECTED] Subject: US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)= WARNING: The file DOMEO.JPG.vbs you received was infected with the VBS/LoveLetter@MM virus. The file attachment was not successfully cleaned. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message From [EMAIL PROTECTED] Thu Nov 2 00:03:25 2000 Date: Thu, 2 Nov 2000 08:43:08 +0100 (MET) From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Virus Alert Have detected a virus (VBS_LOVELETTR.AS) in your mail traffic on 11/02/2000 08:43:04 with an action move. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message From [EMAIL PROTECTED] Thu Nov 2 00:03:33 2000 Date: Thu, 2 Nov 2000 02:43:25 -0500 From: Nemx Power Tools for MS Exchange Server_US-BB-GTWY-3_0 [EMAIL PROTECTED] To: FreeBSD List [EMAIL PROTECTED] Subject: Virus Notification: A virus has been detected in a message in whi ch you where a recipient From: Peter Wagner [SMTP:[EMAIL PROTECTED]] To: Date: Thu, Nov 02 2000, 4:34:51 AM Subject:US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)= The message contained 1 virus(es): domeo.jpg.vbs infected with the VBS/LoveLetter_based@mm virus - - - Virus Notification: A virus has been detected in a message in which you where a recipient! Check the original message. If the attachment could not be repaired it was Deleted from the message. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message From [EMAIL PROTECTED] Thu Nov 2 00:03:47 2000 Date: Thu, 2 Nov 2000 08:43:56 +0100 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: ALERTE: VIRUS DETECTE DANS UN MESSAGE ENVOYE PAR [EMAIL PROTECTED] A L E R T E V I R U S Notre système de détection automatique anti-virus a détecté un virus dans un message qui vous a été envoyé par Peter Wagner [EMAIL PROTECTED]. La distribution de ce message a été stoppée. Veuillez vous rapprocher de l'émetteur Peter Wagner [EMAIL PROTECTED] pour régler avec lui le problème. *** V I R U S A L E R T Our anti-virus system has detected a virus in an email sent by Peter Wagner [EMAIL PROTECTED]. We have stopped the delivery of this email. We
Antigen found VBS/LoveLetter_based@mm virus
Antigen for Exchange found DOMEO.JPG.vbs infected with VBS/LoveLetter_based@mm virus. The file is currently Deleted. The message, "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO", was sent from Peter Wagner and was discovered in IMC Queues\Inbound located at SONY/AMEXCH1/US-TI-XIMS-1. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
THIS IS A VIRUS, DONT OPEN!
THIS IS A VIRUS! Peter Wagner wrote: VERY JOKE..! SEE PRESIDENT AND FBI TOP SECRET PICTURES.. Name: DOMEO.JPG.vbs DOMEO.JPG.vbsType: VBScript File (application/x-unknown-content-type-VBSFile) Encoding: quoted-printable To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Time to close the list?
On Thu, 2 Nov 2000, Greg Black wrote: Maybe it's time to close the list so that it only accepts messages from subscribers. The spam was bad enough, but the virus warnings are over the top. Sigh. -- Greg Black [EMAIL PROTECTED] Join the fight against spam: http://www.cauce.org/ Just having the list ensure that it was in the To: or Cc: header would be sufficient in this case. Such a change would block relay spam as well. Mike "Silby" Silbersack To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
VIRUS WARNING
WARNING! This mail is generated automatically by virus-scanning software. There was virus found in one or more attachment in e-mail sent by: Peter Wagner [EMAIL PROTECTED] at date: Thu, 2 Nov 2000 09:34:51 - , with subject "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)=". There is list of infected files: Found virus "VBS/LoveLetter.worm" in DOMEO.JPG.vbs Please clean files and resend Your message, Your message was dropped. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
VIRUS WARNING
WARNING! This mail is generated automatically by virus-scanning software. There was virus found in one or more attachment in e-mail sent by: Peter Wagner [EMAIL PROTECTED] at date: Thu, 2 Nov 2000 09:34:51 - , with subject "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)=". There is list of infected files: Found virus "VBS/LoveLetter.worm" in DOMEO.JPG.vbs Please clean files and resend Your message, Your message was dropped. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
VIRUS WARNING
WARNING! This mail is generated automatically by virus-scanning software. There was virus found in one or more attachment in e-mail sent by: Peter Wagner [EMAIL PROTECTED] at date: Thu, 2 Nov 2000 09:34:51 - , with subject "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)=". There is list of infected files: Found virus "VBS/LoveLetter.worm" in DOMEO.JPG.vbs Please clean files and resend Your message, Your message was dropped. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
VIRUS WARNING
WARNING! This mail is generated automatically by virus-scanning software. There was virus found in one or more attachment in e-mail sent by: Peter Wagner [EMAIL PROTECTED] at date: Thu, 2 Nov 2000 09:34:51 - , with subject "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)=". There is list of infected files: Found virus "VBS/LoveLetter.worm" in DOMEO.JPG.vbs Please clean files and resend Your message, Your message was dropped. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
VIRUS WARNING
WARNING! This mail is generated automatically by virus-scanning software. There was virus found in one or more attachment in e-mail sent by: Peter Wagner [EMAIL PROTECTED] at date: Thu, 2 Nov 2000 09:34:51 - , with subject "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)=". There is list of infected files: Found virus "VBS/LoveLetter.worm" in DOMEO.JPG.vbs Please clean files and resend Your message, Your message was dropped. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
VIRUS WARNING
WARNING! This mail is generated automatically by virus-scanning software. There was virus found in one or more attachment in e-mail sent by: Peter Wagner [EMAIL PROTECTED] at date: Thu, 2 Nov 2000 09:34:51 - , with subject "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)=". There is list of infected files: Found virus "VBS/LoveLetter.worm" in DOMEO.JPG.vbs Please clean files and resend Your message, Your message was dropped. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
VIRUS WARNING
WARNING! This mail is generated automatically by virus-scanning software. There was virus found in one or more attachment in e-mail sent by: Peter Wagner [EMAIL PROTECTED] at date: Thu, 2 Nov 2000 09:34:51 - , with subject "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)=". There is list of infected files: Found virus "VBS/LoveLetter.worm" in DOMEO.JPG.vbs Please clean files and resend Your message, Your message was dropped. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
RE: Time to close the list?
Seems more like someone is trying to crash the mail server by with these loopedy mail and replies from the virus programs ... :( On 02-Nov-00 Greg Black wrote: Maybe it's time to close the list so that it only accepts messages from subscribers. The spam was bad enough, but the virus warnings are over the top. Sigh. -- Greg Black [EMAIL PROTECTED] Join the fight against spam: http://www.cauce.org/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message ### # # # R.N. Bezuidenhout NetSeq Firewall # # [EMAIL PROTECTED] http://www.nanoteq.co.za# # # ### -- Date: 02-Nov-00 Time: 10:40:47 This message was sent by XFMail -- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Broken PCI-IDE RZ1000 ata
The RZ1000 PCI-IDE controller found on at least one Intel board is severely broken and requires a workaround which is available for Linux (at least it turned up in the config for 2.4.0, though the board should be a couple of years old, it's for regular Pentium-I). Could anyone comment on this to get it working with FreeBSD? sysinstalls gets write-errors after a couple of kilobytes, and when running an already installed system, mount/fsck bomb with sig 11, after that you find yourself in single-user mode with every command (including 'reboot'!) yielding a SIGILL. Funny sight, though. -- Volker Stolz * [EMAIL PROTECTED] * PGP + S/MIME To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Kernel calls, are they documented somewhere?
Michael Bacarella [EMAIL PROTECTED] writes: gcc does not generate code that can make FreeBSD system calls directly. Most system calls as we know them by the manual have corresponding wrappers in libc. See /usr/src/lib/libc if you have the source installed. Wrong. The threaded C library (libc_r) has wrappers for many syscalls so it won't block all threads when one is waiting for a syscall to complete, but apart from that, very few syscalls are wrapped. Adam, it's really quite simple: if the carry flag is set, the syscall failed, and the value returned is the errno (in your example, open(2) returned 2, which is ENOENT, i.e. the file didn't exist). If it succeeded, the value returned is the result (a file descriptor in open(2)'s case). DES -- Dag-Erling Smorgrav - [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Virus alerts messages
Anyone else receiving about 50 virus alerts messages in 30 minutes? Seems to me the virus-alerts is the virus now :-) begin:vcard n:Knepper;Arjan tel;fax:+31-(0)10-243-7314 tel;work:+31-(0)10-243-7362 x-mozilla-html:FALSE url:http://www.jak.nl org:JAK++ Software Development B.V. adr:;;Stoveer 247;Rotterdam;;3032 GB;Netherlands version:2.1 email;internet:[EMAIL PROTECTED] x-mozilla-cpt:;-7904 fn:Arjan Knepper end:vcard
Re: Kernel calls, are they documented somewhere?
On Thu, Nov 02, 2000 at 12:12:02AM -0500, Michael Bacarella wrote: This isn't such a daunting task with grep. Source code cross referencers can also help, but I don't use them nearly as often as I thought I would. Thanks for the grep suggestion. I think I found the source code for open() now (with grep): /usr/src/sys/kern/vfs_syscalls.c Indeed, when it fails, it returns an error. That happens to be 2 when the file does not exist (ENOENT = 2). Hmmm. That means that if I get a value above 2, it can be the file descriptor, or it can be an error. That's making me a bit nervous. I need to distinguish between errors and file descriptors. However, there seems to be a way, though not fullproof: Each open returns the file descriptor that is 1 higher than the last. Since stdin, stdout, and stderr are open already, the first fd = 3, the next 4, etc. I suppose I need to declare a variable and initialize it to 3. Whenever I call open, if the return value equals to that variable, the open probably succeeded, otherwise it failed. Then, of course, I need to increase the variable so I can use it with the next open. But this will probably not work if my program is called as a child of another which has some files opened already, will it? I am certainly open (no pun intended) to suggestions. Adam -- Roma non uno die aedificata est To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Time to close the list?
On Thu, 2 Nov 2000, Mike Silbersack wrote: Just having the list ensure that it was in the To: or Cc: header would be sufficient in this case. Such a change would block relay spam as well. Some places with not-so-nice connectivity to the rest of the Internet use local lists to distribute this list among users -- this is why there are messages with no to:/cc: [EMAIL PROTECTED] in the first place. And it will do nothing for autoresponders because autoresponder may happen to be subscribed directly just like anything else. So, real solutions are: 1. configure all autoresponders to never send anything with Precedence: bulk in the header, 2. close the list, as it was proposed. Considering that "offenders" are running their scanners as root, or even on Windows, first solution seems to be impossible to achieve. -- Alex -- Excellent.. now give users the option to cut your hair you hippie! -- Anonymous Coward To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
RE: VIRUS WARNING
Hello guys, I received many of warnings from You. I'm interested in what are U using to check e-mails for virus. I'm using sendmail. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Thursday, November 02, 2000 9:38 AM To: Peter Wagner Cc: FreeBSD List Subject: VIRUS WARNING WARNING! This mail is generated automatically by virus-scanning software. There was virus found in one or more attachment in e-mail sent by: Peter Wagner [EMAIL PROTECTED] at date: Thu, 2 Nov 2000 09:34:51 - , with subject "US PRESIDENT AND FBI SECRETS =PLEASE VISIT = (http://WWW.2600.CO M)=". There is list of infected files: Found virus "VBS/LoveLetter.worm" in DOMEO.JPG.vbs Please clean files and resend Your message, Your message was dropped. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD in good standing in netcraft survey
On Thu, Nov 02, 2000 at 09:57:03AM +1300, David Preece wrote: BTW, we didn't fare very well at all in the top *average* uptimes. Sun, OTOH, did. Bugger. IMO, this can be plausibly explained by the availability of updated code for the two platforms. With Sun they release patches relatively infrequently, kernel patches less frequently still..OTOH FreeBSD "releases patches" many times each day, encouraging the admin to upgrade frequently to scratch the itch of being "up to date". Kris PGP signature
Re: Time to close the list?
-On [20001102 09:45], Greg Black ([EMAIL PROTECTED]) wrote: Maybe it's time to close the list so that it only accepts messages from subscribers. The spam was bad enough, but the virus warnings are over the top. Sigh. I personally prefer mailing the backarsed company producing this piece of junk. I mean Precedence: bulk is a frigging standard. -- Jeroen Ruigrok van der Werven Network- and systemadministrator [EMAIL PROTECTED]VIA Net.Works The Netherlands BSD: Technical excellence at its best http://www.via-net-works.nl I sought for myself... To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Not a virus warning. This message is declared safe by Dumbscan2000
This mail message was not automatically generated by our Stupid2000 release of Dumbscan which did not find any virus infected files in the (0) or more attached file(s) in this message(s) in this/these posting(s). As such it seems to be an exceptional condition and we are choosing to respond to everyone and their dog to notify them of this rare occurence for this list. Should any other actual highly rare human generated messages be detected on this otherwise mail robot dominated list, our software will definitely notify you of this extraordinary occurence and deliver a novel form of list managed DoS through automated replies and thereby guarantee that your supply of highly repetitive robot messages is not put in jeopardy. We now return you to your regularly scheduled robots... -- Dragos Ruiu [EMAIL PROTECTED] dursec.com ltd. / kyx.net - we're from the future gpg/pgp key on file at wwwkeys.pgp.net To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Time to close the list?
Jeroen Ruigrok van der Werven writes: -On [20001102 09:45], Greg Black ([EMAIL PROTECTED]) wrote: Maybe it's time to close the list so that it only accepts messages from subscribers. The spam was bad enough, but the virus warnings are over the top. Sigh. I personally prefer mailing the backarsed company producing this piece of junk. If you can get through to them, go right ahead. I mean Precedence: bulk is a frigging standard. You know that and I know that and probably all the legitimate subscribers to the list know that -- but we're dealing with cretins here, and so we need to take effective steps against them. I don't want to unsubscribe, but I don't want all the junk either. -- Greg Black [EMAIL PROTECTED] Join the fight against spam: http://www.cauce.org/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Time to close the list?
-On [20001102 10:20], Mike Silbersack ([EMAIL PROTECTED]) wrote: On Thu, 2 Nov 2000, Greg Black wrote: Maybe it's time to close the list so that it only accepts messages from subscribers. The spam was bad enough, but the virus warnings are over the top. Sigh. Just having the list ensure that it was in the To: or Cc: header would be sufficient in this case. Such a change would block relay spam as well. To come back on my original message, it seems that the virus reporters sent their reports to [EMAIL PROTECTED] which in its turn forwarded it to the list. So the guilt/blame actually lies somewhere else for a change. Drat, another missed chance at flaming Exchange. :) -- Jeroen Ruigrok van der Werven Network- and systemadministrator [EMAIL PROTECTED]VIA Net.Works The Netherlands BSD: Technical excellence at its best http://www.via-net-works.nl To do injustice is more disgraceful than to suffer it... To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Virus alerts messages
On Thu, Nov 02, 2000 at 10:11:02AM +0100, Arjan Knepper wrote: Anyone else receiving about 50 virus alerts messages in 30 minutes? Stopped a minute ago here -- procmail's your friend ;). Okay, this doesn't keep your MDA from receiving them in the first place. I guess someone's going to get their heads washed. -- Volker Stolz * [EMAIL PROTECTED] * PGP + S/MIME To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Not a virus warning. This message is declared safe by Dumbscan2000
joke Nice product... where can I download this?? ;) Perhaps you should put this in the ports tree?? *chuckle* /joke Cheers, Marc On Thu, Nov 02, 2000 at 01:14:49AM -0800, Dragos Ruiu wrote: This mail message was not automatically generated by our Stupid2000 release of Dumbscan which did not find any virus infected files in the (0) or more attached file(s) in this message(s) in this/these posting(s). As such it seems to be an exceptional condition and we are choosing to respond to everyone and their dog to notify them of this rare occurence for this list. Should any other actual highly rare human generated messages be detected on this otherwise mail robot dominated list, our software will definitely notify you of this extraordinary occurence and deliver a novel form of list managed DoS through automated replies and thereby guarantee that your supply of highly repetitive robot messages is not put in jeopardy. We now return you to your regularly scheduled robots... -- Dragos Ruiu [EMAIL PROTECTED] dursec.com ltd. / kyx.net - we're from the future gpg/pgp key on file at wwwkeys.pgp.net -- Change will happen whether we're still or moving... -- Toad the Wet Sprocket To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Kernel calls, are they documented somewhere?
G. Adam Stanislav wrote: On Thu, Nov 02, 2000 at 12:12:02AM -0500, Michael Bacarella wrote: gcc does not generate code that can make FreeBSD system calls directly. Most system calls as we know them by the manual have corresponding wrappers in libc. See /usr/src/lib/libc if you have the source installed. I do have the source code, and I have studied it, but it is uncommented. And, it seems, not all of it is included. For example, there is a /usr/src/lib/libc/sys/open.2 but no corresponding open.c. I have been unable to find the source code for open() in libc. There is an open.c in /usr/src/lib/libstand/ but it makes no system calls. Actually, it looks like a system call (it assigns its own file descriptors to files it opens), but it does not behave like our kernel (since it returns -1 on errors, while our kernel has been returning 2 in my tests when trying to open a non-existing file as O_RDONLY: sub eax, eax; EAX = 0 = O_RDONLY pusheax pusheax pushesi ; points at file name pusheax ; fake return address int 80h add esp, byte 16 (That's NASM syntax.) If the file exists, I get a file descriptor in EAX, otherwise EAX = 2. It would be nice if I could get some kind of formal confirmation that this is how it is supposed to be, and that all FreeBSD versions behave like that. Here's open(2) implemented as a C function: open: mov $0x5,%eax int $0x80 jc .L1 ret .L1:jmp __cerror __cerror: mov %eax,errno mov $-1,%eax ret The idea is to check the carry flag, since the kernel returns two different things in %eax, depending on whether an error has occurred. Our function maintains errno, since this is how things are done in the C library. If you need more info, e-mail me directly. -- Robert Nordier [EMAIL PROTECTED] [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Time to close the list?
You know that and I know that and probably all the legitimate subscribers to the list know that -- but we're dealing with cretins here, and so we need to take effective steps against them. I don't want to unsubscribe, but I don't want all the junk either. I've just blocked them and a few other robot-driven sites who appear driven to only increase the problem by generating automated replies. - Jordan To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Kernel calls, are they documented somewhere?
On Thu, 2 Nov 2000, G. Adam Stanislav wrote: I do have the source code, and I have studied it, but it is uncommented. And, it seems, not all of it is included. For example, there is a /usr/src/lib/libc/sys/open.2 but no corresponding open.c. I have been unable to find the source code for open() in libc. There is an open.c The source for this type of syscalls is made "on the fly" in Makefile. Since normally you use /usr/obj for keeping built objects, the source files like e.g. open.S end up there. For open.S it contains the following: #include "SYS.h" RSYSCALL(open) which is a macro expanding to an asm wrapper around the syscall. (Mind you, I'm not an asm expert by any means, I just happen to know how the building process works.. :-) in /usr/src/lib/libstand/ but it makes no system calls. Actually, it looks like a system call (it assigns its own file descriptors to files it opens), but it does not behave like our kernel (since it returns -1 on errors, while our kernel has been returning 2 in my tests when trying to open a non-existing file as O_RDONLY: libstand is a very special animal - it's used only for providing BSD-like interface in BTX (bootloader) environment. Never use it when you run kernel. OTOH, it's very enlightening to look into it and see how you implement "syscalls" on a bare hardware... Andrzej Bialecki // [EMAIL PROTECTED] WebGiro AB, Sweden (http://www.webgiro.com) // --- // -- FreeBSD: The Power to Serve. http://www.freebsd.org // --- Small Embedded FreeBSD: http://www.freebsd.org/~picobsd/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Broken PCI-IDE RZ1000 ata
It seems Volker Stolz wrote: The RZ1000 PCI-IDE controller found on at least one Intel board is severely broken and requires a workaround which is available for Linux (at least it turned up in the config for 2.4.0, though the board should be a couple of years old, it's for regular Pentium-I). Could anyone comment on this to get it working with FreeBSD? sysinstalls gets write-errors after a couple of kilobytes, and when running an already installed system, mount/fsck bomb with sig 11, after that you find yourself in single-user mode with every command (including 'reboot'!) yielding a SIGILL. Well, that chip is so broken by design, no software workaround can help its misery, a hardware fix exists, but cant (easily) be retrofitted. Forget about it, buy a new Promise or whatever if you really need that board, a software only fix is _not_ possible, no matter what linux might tell you -Søren To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Virus in your letter
÷ÁÛÅ ÐÉÓØÍÏ ÎÅ ÂÙÌÏ ÄÏÓÔÁ×ÌÅÎÏ ÐÏ ÎÁÚÎÁÞÅÎÉÀ. AVP ÏÂÎÁÒÕÖÉÌ × ÎÅÍ ×ÉÒÕÓ ÉÌÉ ÔÒÏÑÎ: '/[From: Peter Wagner [EMAIL PROTECTED]][Date: Thu, 2 Nov 2000 09:34:46 -]:\DOMEO.JPG.vbsinfected: I-Worm.LoveLetter /var/spool/exim/input/X/13rHnX-000761-00-D/[From: Peter Wagner [EMAIL PROTECTED]][Date: Thu, 2 Nov 2000 09:34:51 -]:\DOMEO.JPG.vbs infected: I-Worm.LoveLetter'. ðÒÏ×ÅÒØÔÅ Ó×ÏÊ ËÏÍÐØÀÔÅÒ ! From: [EMAIL PROTECTED] (freebsd-hackers-digest) To: [EMAIL PROTECTED] Subject: freebsd-hackers-digest V4 #990 http://www.chat.ru http://www.avp.ru To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Linux' packet socket emulation
Hello, I'm looking for a way to emulate the Linux packet socket socket(AF_PACKET.. behavior on *BSD using bpf. I'd like to do it in order to port some Linux network and security utilities. (hunt, iptraf, etc.) Does anyone know if it's doable, if it was already done, or, general ideas about the implementation? Thank you in advance, --Roman Shterenzon, UNIX System Administrator and Consultant [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Time to close the list?
You know that and I know that and probably all the legitimate subscribers to the list know that -- but we're dealing with cretins here, and so we need to take effective steps against them. I don't want to unsubscribe, but I don't want all the junk either. I've just blocked them and a few other robot-driven sites who appear driven to only increase the problem by generating automated replies. - Jordan [ ... ] 1. configure all autoresponders to never send anything with Precedence: bulk in the header, 2. close the list, as it was proposed. 3. Automatically delete all MIME parts with: Content-Type: application/* Which are ever sent via the list software. 4. Refuse to accept messages with the header: X-Mailer: Internet Mail Service* (mail from users of Outlook) [The asterisks are a globbing pattern] It seems that this Peter person is the guy doing the resending; we could also just block him, until he upgrades his email client so that it's no longer vulnerable to this worm (not virus: people who write antivirus software are so bad with terminology). Terry Lambert [EMAIL PROTECTED] --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Time to close the list?
I personally prefer mailing the backarsed company producing this piece of junk. I mean Precedence: bulk is a frigging standard. Technically speaking, a virus scanner is not a an autoresponder. In general, they tend to be configurable, and "delete and warn sender" is a common default option. Technically speaking, this is a correct option, even if it's annoying as hell on a list, particularly when people are obviously being hit and resending to the list. If this Peter person were to quit resending the damn thing every time he gets it (he clearly has a vulnerable client), then the problem would have been limited to one set of reports to one list by frightened antivirus software (the fear is based on the idea that the people who bought it won't see its value when it comes time to upgrade, unless it screams bloody murder each time just to say "aren't you glad you bought me?!?"). A technical soloution is probably to get the AV software vendors to agree on a lavelling standard, such as: AntiVirus-Id: In which they place the message id of the infected message. Mailing list software could look for this header, and do what it wanted (all one warning through, warn once itself, or quietly eat all messages with the header). Obviously, the IETF isn't involved, and obviously no one (well, I did, actually, last year, but I'm above average 8-)) has thought through the consequences of widespread AV software deployment in MTAs, and mailing list interactions. The real pain in the ass, of course, is that to standardize, there has to be a standard, so, like "X-Envelope-To:", we will probably now see a spate of gratuitously incompatable "X-" headers "designed" to solve the problem, like qmail and the infamous RFC violating (and gratuitously different -- stupid qmail morons) "Delivered-To:" and the less common "X-Frontier-To:" headers. Of course, virus "venders" will make the "Message-Id:" random, do that if one gets through, it still cascades during propagation, but at least this would be O(1) instead of geometric. Ugh. Terry Lambert [EMAIL PROTECTED] --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD in good standing in netcraft survey
BTW, we didn't fare very well at all in the top *average* uptimes. Sun OTOH, did. Bugger. IMO, this can be plausibly explained by the availability of updated code for the two platforms. With Sun they release patches relatively infrequently, kernel patches less frequently still..OTOH FreeBSD "releases patches" many times each day, encouraging the admin to upgrade frequently to scratch the itch of being "up to date". This is an artifact of FreeBSD kernel modularity not being what it should be, rather than the (in)frequency of patches, one way or another. I personally think I should be able to "hot swap" any kernel subsystem, including the VM code, without rebooting my machine. The techniques for implementing this are both obvious and well known from object oriented programming: o Make all structures opaque o Use indirect reference to opaque objects o Use accessors and mutators, instead of direct structure element references o Only force a more complex upgrade when an accessor or mutator goes away in a provider, or a non-existant one starts being referenced by a consumer o Unless there are two mutually dependent subsystem modules (which is a broken object model, BTW), even in the more complex case, you can upgrade by doing a series upgrade, and tracking dependencies; this would mean externalizing imported and exported accessor/mutator references (and object types, if a new opaque object type comes into existance), but it's still quite doable. You would also need to version by interface instance, not provider of interfaces, to ensure that member function argument changes could be tracked. NB: This last technique is vastly superior to the way FreeBSD handles shared libraries, actually, since if anything like this changes in a shared library, you have to keep two copies of a library around, since a FreeBSD shared library can't export two different versions of the same interface to a library consumer. Also, since you could similarly version system calls, you'd avoid the mount/newmount screwup that FreeBSD has had dampening the "build world" upgrade process a number of times in the past. Terry Lambert [EMAIL PROTECTED] --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Broken PCI-IDE RZ1000 ata
The RZ1000 PCI-IDE controller found on at least one Intel board is severely broken and requires a workaround which is available for Linux (at least it turned up in the config for 2.4.0, though the board should be a couple of years old, it's for regular Pentium-I). Could anyone comment on this to get it working with FreeBSD? sysinstalls gets write-errors after a couple of kilobytes, and when running an already installed system, mount/fsck bomb with sig 11, after that you find yourself in single-user mode with every command (including 'reboot'!) yielding a SIGILL. Well, that chip is so broken by design, no software workaround can help its misery, a hardware fix exists, but cant (easily) be retrofitted. Forget about it, buy a new Promise or whatever if you really need that board, a software only fix is _not_ possible, no matter what linux might tell you The fix was to retry the call if an interrupt occurred during DMA. This is a very old bug. The old ATA driver in FreeBSD had this fix. Are you sure that you aren't just not setting the right flags on the device? This workaround used to be on by default in GENERIC. Alternately, it's possible that the "new, improved" ATA driver code is mearely "new". Terry Lambert [EMAIL PROTECTED] --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD in good standing in netcraft survey
David Preece writes: Possibly off topic, possibly not. Am I the only one who doesn't really care about uptimes? I certainly am not impressed by uptimes over about 100 days. They show that the site does not care about keeping current. And why should you care about "keeping current"? As the owner/maintainer of a few hundred FreeBSD systems, I can tell you that I'm not going to run around to each, every time there's a new release, because if I did, I'd never get anything else at all done. I certainly am not going to "keep current" at anything MORE frequent than that, either... If it made sense to have several hundred days of uptime, what is the point of all the development work done by the FreeBSD (and other OS) developers? These people work hard to improve the system and it makes sense to at least run the latest production release. In the case of FreeBSD, this means a reboot at least every three to four months when the CDs are released. Oh, like hell it does. For most applications, there's not very much I can do with a 4.1.1R box that I wasn't able to do with 2.1.0R. Some people use FreeBSD for the sake of the OS itself... others of us just use it as a means to an end. I use it as an application-running platform, which means that unless there's some deficiency that causes it to be unable to run my application, or a major security problem, I don't really care what release I run. Most of my production servers are still running 3.*, because 4.0 (and to a lesser extent 4.1*) was not stable enough to run some of the stuff I was doing, and other things like device drivers were missing. There are still other issues: vinum can't see more than 32 drives on 4.*, but works fine on 3.*. Also, some of us run systems in "highly secure" mode, which means that there is extensive firewalling, lots of detail to permissions and file flags, securemode, etc. This makes it a nuisance to upgrade systems, because you've got to singleuser them in order to do it. It also means they're an order of magnitude less vulnerable to your average kiddie script cracker. The major things which have tempted me to jump release versions in the past: 3.{0,1}R - 3.2Rin securemode, clock couldn't be stepped back (or forward, either, I think) - making xntpd rather useless. Part of my security policy is making sure clocks are sync'ed, for logs and stuff like that. I had been forcibly commenting out the kernel check for securemode when setting the clock. I upgraded some boxes to 3.2R that I had originally missed. 3.4R - 3.5Ron my routers, more than 65535 routes would cause instability on releases 3.5R. All the BGP speakers got upgraded to a 3.4-stable and will soon get upgraded to 3.5R. But every time I down a box for an upgrade, some service is being taken out of service. When I take down a big router, my BGP session flaps and my Internet connectivity goes to hell. Yeah, sure, that's something I want to do every three or four months, just for the hell of it. We all appreciate the hard work and efforts of the developers. That does not mean that we're obligated to upgrade our machines every time a release walks out the door. Up 'til two weeks ago, I had several routers that were still running 2.1.7R, and I even had a 2.0R box floating around (it had some old legacy services on it, and it was a choice of leave it running or turn it off). In general, all I really care about keeping current is the applications I run on the machines, since those tend to be visible (and exploitable) to the world. -- ... Joe --- Joe Greco - Systems Administrator [EMAIL PROTECTED] Solaria Public Access UNIX - Milwaukee, WI 414/342-4847 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Broken PCI-IDE RZ1000 ata
It seems Terry Lambert wrote: The RZ1000 PCI-IDE controller found on at least one Intel board is severely broken and requires a workaround which is available for Linux (at least it turned up in the config for 2.4.0, though the board should be a couple of years old, it's for regular Pentium-I). Could anyone comment on this to get it working with FreeBSD? sysinstalls gets write-errors after a couple of kilobytes, and when running an already installed system, mount/fsck bomb with sig 11, after that you find yourself in single-user mode with every command (including 'reboot'!) yielding a SIGILL. Well, that chip is so broken by design, no software workaround can help its misery, a hardware fix exists, but cant (easily) be retrofitted. Forget about it, buy a new Promise or whatever if you really need that board, a software only fix is _not_ possible, no matter what linux might tell you The fix was to retry the call if an interrupt occurred during DMA. This is a very old bug. The old ATA driver in FreeBSD had this fix. Are you sure that you aren't just not setting the right flags on the device? This workaround used to be on by default in GENERIC. Alternately, it's possible that the "new, improved" ATA driver code is mearely "new". Terry, that chip is broken, the fix you mention only fixes part of its trouble, it still corrupts your data without you knowing until you hit a binary that went bad or what have you. Granted the possibility is low, but it _does happen_. So instead of supplying a partial fix and lullabying users into believing its safe to use, the "new and improved" ATA driver states the fact that this chip is broken and can corrupt your data, end of story. -Søren To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Broken PCI-IDE RZ1000 ata
Am 02. Nov 2000 um 16:42 MET schrieb Terry Lambert: The RZ1000 PCI-IDE controller found on at least one Intel board is Well, that chip is so broken by design, no software workaround can help its misery, a hardware fix exists, but cant (easily) be retrofitted. Forget about it, buy a new Promise or whatever if you really need that board, a software only fix is _not_ possible, no matter what linux might tell you Are you sure that you aren't just not setting the right flags on the device? This workaround used to be on by default in GENERIC. Hm...You could set flags on wd?, but not on ata/ad. And this beast is so broken you never reach rc.sysctrl for setting pio. -- Volker Stolz * [EMAIL PROTECTED] * PGP + S/MIME To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Broken PCI-IDE RZ1000 ata
Am 02. Nov 2000 um 17:15 MET schrieb Soren Schmidt: ... the "new and improved" ATA driver states the fact that this chip is broken and can corrupt your data, end of story. Nope, I didn't find any references on this controller. -- Volker Stolz * [EMAIL PROTECTED] * PGP + S/MIME To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Is this how to use Freebsd?
Hello, I have some questions that maybe someone could help with. I leased a new server, and redhat 6 .2 was put as the operating system Shortly after that the machine was hacked. Apparently the machine was a peach because the hackers used the server to launch DOS attacks from. The high output hit 44MBS ! Well, the company did not explain how, or why it happened. The programmer I work with suggested BSD.Of course I wanted security! Well, I told the Network admin that I wanted some security because I thought the hackers would come back. He said, well, when we put you on a 10 pipe, (of your 10-100) the attacks stopped, so I don't think they will come back as they know they are detected. Also, in 98% of the cases they just move on. Well I didn't really think this was all that well thought out, and ripe for abuse, but what could I do? So I told them to leave the 10mbs pipe on for a few days in case they come back. Well guess what? They came back! Just a few hours later, and attacked with the 10 mbs pipe. And it took way longer to detect! Of course. At 44 mbs they detect it right away. So, when is the network guy gonna do something smart? Well, they gave me some explanation that the server was hacked at the xfs port. But later I was told that the ftp port on redhat 6.2 was the vulnerability, so they actually were not sure? They did little to tell me what to do either, other than to "Clean up". We decided best was to start over rather than look for back doors etc. So this is when we had the network people install Freebsd. And where my questions lie. Well, They didnt put a smp in the kernal, it was a dual processor. We fixed that, but the programmer I work with noticed that the files were not right. We have (2) 9 gig hard drives, and one had 8.3 gigs of space in /home, The other had 18 mb in / and /var had 19 mb /usr had 7.2 gigs . So, we were told that this is a normal out of the box configuration for Freebsd. Does that make sense? I do not know. But I need to know if my programmer is not really understanding the files and how they are used in Freebsd, Or if the Network guys made a mistake, and are thinking we won't catch it. Because...the network guys suggested we try (well at first one guy agreed and said, yeah, those files and partitions don't look right, I agree with your programmer) ...so he suggested that we do the following: / 48 mb -- 18 free/var --19 mb/usr -- 7.2 gigdrive 2/home 8.3mv /usr/* /usr/usrcp / /usrcp /var /usrreload boot software and edit /usr/etc (after copy) to make /usr /--Well, when our guy logged in and did that it shut his connection down. The computer just kept looking for a getty file. So his copy probably messed with the connection when the connection info was moved...or something I was told by the network guys. Well, I am not a program or a system guy.. But I am thinking that I, or we are not totally at fault with what happened here,and should not have to pay for a re install. So, could you comment and expand where possible on the following, it would be appreciated, and we could then have an idea what to do as well. 1).Does the network have any obligation to lock down a server, before they hand it over? They have been hit by 10 such attacks since mine and have changed the strategy to locking the systems down. 2).Does the file and partition system look ok for a 2 drive Freebsd install? We mainly want to use 1 hd and have one for back up of the first. 3). Is the following a system that defeats the purpose of Freebsd, or is not a good way to use it? *Not from programmer Tell them to set up the drives as follows:___1 paritition per drive___drive 1 mount to /drive 2 mount to /mnt/backup Ok, well I guess I have confused you enough. Please forward any ideas you may have on teh subject. Thanks D Muller
Re: Is this how to use Freebsd?
* Don Muller [EMAIL PROTECTED] [001102 08:40] wrote: Hello, I have some questions that maybe someone could help with. [snip...] 1).Does the network have any obligation to lock down a server, before they hand it over? They have been hit by 10 such attacks since mine and have changed the strategy to locking the systems down. Not unless you have a contract that says that they are responsible for locking the machine down. 2).Does the file and partition system look ok for a 2 drive Freebsd install? We mainly want to use 1 hd and have one for back up of the first. The default should be ok for drive 1, you can make drive 2 a seperate filesystem for doing backups and it would work fine. 3). Is the following a system that defeats the purpose of Freebsd, or is not a good way to use it? *Not from programmer Tell them to set up the drives as follows: ___1 paritition per drive___ drive 1 mount to / drive 2 mount to /mnt/backup That's a typlical 'Linux' partitioning choice, personally I dislike it and prefer something link: 120M / 300M /var 2xRAM swap (limit 1 gig) rest /usr /usr may be split into /usr and /usr/home, if so /usr usually gets about 1.5gigs and /usr/home gets the rest. A couple of suggestions: 1) please wrap lines at 70 characters when posting to the list. 2) you seem to be in pretty bad need for a skilled FreeBSD consultant or full time admin. see: http://www.freebsd.org/commercial/consulting_bycat.html or perhaps respond in private mail if you're interested in a training, perhaps we could work something out. best of luck, -- -Alfred Perlstein - [[EMAIL PROTECTED]|[EMAIL PROTECTED]] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Broken PCI-IDE RZ1000 ata
It seems Volker Stolz wrote: Am 02. Nov 2000 um 17:15 MET schrieb Soren Schmidt: ... the "new and improved" ATA driver states the fact that this chip is broken and can corrupt your data, end of story. Nope, I didn't find any references on this controller. The ATA driver states the buggyness in the probe. -Søren To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Broken PCI-IDE RZ1000 ata
Am 02. Nov 2000 um 17:58 MET schrieb Soren Schmidt: Nope, I didn't find any references on this controller. The ATA driver states the buggyness in the probe. How about putting this in the man-page ;) But why will 4.1-RELEASE happily use WDMA2? -- Volker Stolz * [EMAIL PROTECTED] * PGP + S/MIME To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Time to close the list?
On Thu, 2 Nov 2000, Alex Belits wrote: On Thu, 2 Nov 2000, Mike Silbersack wrote: Just having the list ensure that it was in the To: or Cc: header would be sufficient in this case. Such a change would block relay spam as well. Some places with not-so-nice connectivity to the rest of the Internet use local lists to distribute this list among users -- this is why there are messages with no to:/cc: [EMAIL PROTECTED] in the first place. And it will do nothing for autoresponders because autoresponder may happen to be subscribed directly just like anything else. So, real solutions are: I'm confused. Some people can't send mail to the lists directly? And it would fix the auto-responder problem, since auto-responders tend to answer to the From: field, which would never be the mailing list's name. 2. close the list, as it was proposed. If the icky [EMAIL PROTECTED] address was subscribed, it would've still gotten onto the list (though I suppose the virus scan response would've been stopped.) Mike "Silby" Silbersack To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Is this how to use Freebsd?
It seems to me like, your network administrators are a bit unexperienced with linux, bsd and system-security. If a machine gets compromised, it should be the first step, to unplug it from the network and try to analyze who hacked the machine. Since I think you were hacked by standard-script-kiddies, they probably left tracks. so, go thru logfiles, etc. Installing FreeBSD or any other OS is not a garantee for security. You should read the security documentation of the os and it is important to stay up-to-date with your patches. sign up for [EMAIL PROTECTED] for example and see if discovered bugs and holes concern your system. there are a lot of things you can do. I can't listen them all. Now to your mount-problem. First I have to say, that you should use the FreeBSD-partition/mountpoint-setup during the installation. the step 'mv /usr /usr/usr' is defnetely not understanable, since you mess up the whole system. the next steps you did are at least as bad as the first one. your new mount configuration seems really strange to me, aswell. Is it possible that the admin doesn't know much about unix? Anyway, I recommend you to read the FreeBSD-Handbook first, since it explains a lot. You can find it at www.freebsd.org/handbook/ --Original Message Text--- From: Don Muller Date: Thu, 2 Nov 2000 10:51:30 -0600 Hello, I have some questions that maybe someone could help with. I leased a new server, and redhat 6 .2 was put as the operating system Shortly after that the machine was hacked. Apparently the machine was a peach because the hackers used the server to launch DOS attacks from. The high output hit 44MBS ! Well, the company did not explain how, or why it happened. The programmer I work withsuggested BSD.Of course I wanted security! Well, I told the Network admin that I wanted some security because I thought the hackers would come back. He said, well, when we put you on a 10 pipe, (of your 10-100) the attacks stopped, so I don't think they will come back as they know they are detected. Also, in 98% of the cases they just move on. Well I didn't really think this was all that well thought out, and ripe for abuse, but what could I do? So I told them to leave the 10mbs pipe on for a few days in case they come back. Well guess what? They came back! Just a few hours later, and attacked with the 10 mbs pipe. And it took way longer to detect! Of course. At 44 mbs they detect it right away. So, when is the network guy gonna do something smart? Well, they gave me some explanation that the server was hacked at the xfs port. But later I was told that the ftp port on redhat 6.2 was the vulnerability, so they actually were not sure? They did little to tell me what to do either, other than to "Clean up". We decided best was to start over rather than look for back doors etc. So this is when we had the network people install Freebsd. And where my questions lie. Well, They didnt put a smp in the kernal, it was a dual processor. We fixed that, but the programmer I work with noticed that the files were not right. We have (2) 9 gig hard drives, and one had 8.3 gigs of space in /home, The other had 18 mb in /and /var had 19 mb/usr had 7.2 gigs . So, we were told that this is a normal out of the box configuration for Freebsd. Does that make sense? I do not know. But I need to know if my programmer is not really understanding the files and how they are used in Freebsd, Or if the Network guys made a mistake, and are thinking we won't catch it. Because...the network guys suggested we try (well at first one guy agreed and said, yeah, those files and partitions don't look right, I agree with your programmer) ...so he suggested that we do the following: / 48 mb-- 18 free /var--19 mb /usr -- 7.2 gig drive 2 /home8.3 mv /usr/*/usr/usr cp / /usr cp /var /usr reload boot software and edit /usr/etc (after copy) to make /usr/ -- Well, when our guy logged in and did that it shut his connection down. The computer just kept looking for a getty file. So his copy probably messed with the connection when the connection info was moved...or something I was told by the network guys. Well, I am not a program or a system guy.. But I am thinking that I, or we are not totally at fault with what happened here,and should not have to pay for a re install. So, could you comment and expand where possible on the following, it would be appreciated, and we could then have an idea what to do as well. 1).Does the network have any obligation to lock down a server, before they hand it over? They have been hit by 10 such attacks since mine and have changed the strategy to locking the systems down. 2).Does the file and partition system look ok for a 2 drive Freebsd install? We mainly want to use 1 hd and have one for back up of the first. 3). Is the following a system that defeats the purpose of Freebsd, or is not a good way to use it? *Not from programmer Tell them to set up the drives as follows: ___1 paritition per drive___
Re: Time to close the list?
On Thu, Nov 02, 2000 at 01:28:09AM -0800, Alex Belits wrote: Some places with not-so-nice connectivity to the rest of the Internet use local lists to distribute this list among users -- this is why there are messages with no to:/cc: [EMAIL PROTECTED] in the first place. And it will do nothing for autoresponders because autoresponder may happen to be subscribed directly just like anything else. So, real solutions are: Also when moving a discussion from one mailing list to another, most people use: To: freebsd-newlist Cc: all the people who were in the thread Bcc: freebsd-oldlist [ moving discussion -newlist ] etc -- Bill Fumerola - Network Architect, BOFH / Chimes, Inc. [EMAIL PROTECTED] / [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: AW: AW: Accessing the tty structure of an opened device
In message 10553.972652114@critter Poul-Henning Kamp writes: : the time between a pulse and a space often only takes : a few milliseconds. I have to meassure that with : gettimeofday(). : : You will need to do this in a device driver, there is no way you : can reliably measure that from userland. : : Trust me on this: I've tried. We at timing solutions had a heck of a time measuring timing things in userland and it became very easy to do it in kernel land. We used the parallel port to measure out pulses, but the same pps api that Poul should work for the serial port as well. And the advantage of the pps api is that it queues up events (iirc) and counts them so you know if the buffer overflowed and you missed any. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: AW: Accessing the tty structure of an opened device
In message [EMAIL PROTECTED] Mike Silbersack writes: : Stop trying to do this; you cannot poll the serial line at anything like : a useful speed to perform IR decoding. The entire approach you're trying : to take is unworkable. : : Hm, it seems like every motherboard made in the last few years has some : hookup for an IR port that will act as com 2. Are the parts for those : available? (Or would alexander be able to adapt his IR device to that : interface somehow?) The IR there is IrDA which is an extreme subset of the possible I/R applications. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
high speed timestamp counter
Title: high speed timestamp counter Hi there, I am trying to read the on board Pentium Time Stamp Counter. Is there an API in Unix that allows me to read it directly? Or some assembly language line that I can drop into my code? I need the high speed counters to profile some code. I don't want to use the classical time API that is provided in time.h -Hao
Re: Time to close the list?
On 02-Nov-00 Terry Lambert wrote: 3.Automatically delete all MIME parts with: Content-Type: application/* Which are ever sent via the list software. What about application/pgp-signature? -- John Baldwin [EMAIL PROTECTED] -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: high speed timestamp counter
Am 02. Nov 2000 um 19:00 MET schrieb Hao Zhang: I am trying to read the on board Pentium Time Stamp Counter. Is there an API in Unix that allows me to read it directly? Try 'man 4 perfmon'. Remember it requires an option in the kernel, though. -- Volker Stolz * [EMAIL PROTECTED] * PGP + S/MIME To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Time to close the list?
At 3:08 PM + 11/2/00, Terry Lambert wrote: 3. Automatically delete all MIME parts with: Content-Type: application/* Which are ever sent via the list software. This seems like a mighty good idea to me... Is there any reason we would ever expect an application sent in these mailing lists? How easy would this be to implement? -- --- Garance Alistair Drosehn= [EMAIL PROTECTED] Senior Systems Programmer or [EMAIL PROTECTED] Rensselaer Polytechnic Instituteor [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD in good standing in netcraft survey
On Thu, Nov 02, 2000 at 03:35:41PM +, Terry Lambert scribbled: | BTW, we didn't fare very well at all in the top *average* | uptimes. Sun OTOH, did. Bugger. | | IMO, this can be plausibly explained by the availability of updated | code for the two platforms. With Sun they release patches relatively | infrequently, kernel patches less frequently still..OTOH FreeBSD | "releases patches" many times each day, encouraging the admin to | upgrade frequently to scratch the itch of being "up to date". | | This is an artifact of FreeBSD kernel modularity not being | what it should be, rather than the (in)frequency of patches, | one way or another. | | I personally think I should be able to "hot swap" any kernel | subsystem, including the VM code, without rebooting my machine. As I understand, has there not been a plan to do a similiar thing in the future since FreeBSDCon1999? -- +--+ | [EMAIL PROTECTED] | [EMAIL PROTECTED] | | http://peorth.iteration.net/~keichii | Yes, BSD is a conspiracy. | +--+ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: 16 port 10/100 hubs/switches.
David Scheidt wrote: On Tue, 31 Oct 2000, Stephen Hocking wrote: :I just went out bought a D-Link 10/100 switch. There was another 16 port :10/100 switch on sale by netgear, for twice the price. Now I've established :that they're both switches (as opposed to hubs) and the three machines I :current have connected to it have sucessfully negotiated 100Mbs full-duplex :(speed is great!). Is there any reasons why I should've considered the netgear :unit? I didn't see anything on the box (after a rather cursory perusal) on it :about managability, SNMP et cetera. Probably not. If you don't see performance or reliability problems, no. It's conceivable that one switch can't do 100MB full duplex to every port at the same time. Actually, all these Taiwanese companies, Linksys, D-Link, NetGear, etc., make products that are amazingly similar. Usually the cheapest one is the newest design, and performance tends to favor the newest design as well. It might, or might not, be the cheaper one. Without test equipment its hard to say. (I've got a 5 port Dlink that I bought about New Year's, which has been great.) Too bad nobody is around to do some creditable testing on them. I don't have access to a SmartBits anymore. I bought a NetGear FS105 in January and pounded it with a SmartBits, it was able to sustain just under 800 Mbps through 4 ports running full-duplex. I couldn't quite figure out how to add in the fifth port; I'm not a SmartBits expert. I have one of the new Linksys switches now, too, and expect it perform on par with the NetGear. The Linksys is slightly smaller, has a much more attractive plastic case, and cost only $69 at Fry's a couple of weeks ago. I have just about enough computers at home to do some testing with tcpdump or spray. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC [EMAIL PROTECTED] http://softweyr.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Time to close the list?
3.Automatically delete all MIME parts with: Content-Type: application/* Which are ever sent via the list software. What about application/pgp-signature? Indeed. -- Greg Black [EMAIL PROTECTED] Join the fight against spam: http://www.cauce.org/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: high speed timestamp counter
On Thu, 2 Nov 2000, Hao Zhang wrote: Hi there, I am trying to read the on board Pentium Time Stamp Counter. Is there an API in Unix that allows me to read it directly? Or some assembly language line that I can drop into my code? I need the high speed counters to profile some code. I don't want to use the classical time API that is provided in time.h #define GET_RDTSC(var) {__asm__ volatile("rdtsc":"=A"(var)); } { long long timeval1, timeval2, diff; GET_RDTSC(timeval1); do_something(); GET_RDTSC(timeval2); diff = timeval2 - timeval1; } Is this what you had in mind? All the best, -Richard --- Richard Hodges | Matriplex, inc. title | 769 Basque Way [EMAIL PROTECTED] | Carson City, NV 89706 775-886-6477| www.matriplex.com To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: AW: AW: Accessing the tty structure of an opened device
In message [EMAIL PROTECTED], Warner Losh writes: And the advantage of the pps api is that it queues up events (iirc) and counts them so you know if the buffer overflowed and you missed any. Sorry: not it doesn't. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 [EMAIL PROTECTED] | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: vm_pageout_scan badness
On Wed, 25 Oct 2000 21:54:42 + (GMT), Terry Lambert [EMAIL PROTECTED] wrote: I think the idea of a fixed limit on the FS buffer cache is probably wrong in the first place; certainly, there must be high and low reserves, but: |--| all of memory |-| FS allowed use |-| non-FS allowed use || non-FSreserve || FS reserve ...in other words, a reserve-based system, rather than a limit based system. This is what Compaq Tru64 (aka Digital UNIX aka OSF/1) does. It splits physical RAM as follows: || physical RAM || Static wired memory |===| managed memory |=-| dynamic wired memory |-| UBC memory || VM The default configuration provides: - up to 80% of RAM can be wired. - UBC (unified buffer cache) uses a minimum of 10% RAM and can use up to 100% RAM. - The VM subsystem can steal UBC pages if the UBC is using 20% RAM There's no minimum limit for VM space. The UBC can't directly steal VM pages, just pages off the common free list. The VM manages the free list by paging and swapping based on target page counts (fixed number of pages, not % of RAM). The FS metadata cache is a fixed size wired pool. I can think of benefits with the ability to separately control FS and non-FS RAM usage. The Tru64 defaults are definitely a very poor match with the application we run on it[1] and being able to reduce the RAM associated with filesystem buffers is an advantage. [1] Basically a number of processes querying a _very_ large Oracle SGA. Peter To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
arch manual
Hi folks! I am interest into arch manual for intel/sparc! I would like to now from you where i can download sparc operating system manual (intel ones i do have), cause i have ever tried to download from sun site and no success. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Kernel calls, are they documented somewhere?
On Thu, Nov 02, 2000 at 09:59:02AM +0100, Dag-Erling Smorgrav wrote: Adam, it's really quite simple: if the carry flag is set, the syscall failed, and the value returned is the errno (in your example, open(2) returned 2, which is ENOENT, i.e. the file didn't exist). If it succeeded, the value returned is the result (a file descriptor in open(2)'s case). Aha! Thank you (and everyone else who answered). That did the trick. I just knew FreeBSD would use a simple and elegant solution, and this one is both. Thanks again! Adam -- Don't send me spam, I'm a vegetarian To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Time to close the list?
How about simply 3.Automatically delete all MIME parts /\/\ \/\/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Broken PCI-IDE RZ1000 ata
It seems Volker Stolz wrote: The RZ1000 PCI-IDE controller found on at least one Intel board is severely broken and requires a workaround which is available for Linux (at least it turned up in the config for 2.4.0, though the board should be a couple of years old, it's for regular Pentium-I). Could anyone comment on this to get it working with FreeBSD? sysinstalls gets write-errors after a couple of kilobytes, and when running an already installed system, mount/fsck bomb with sig 11, after that you find yourself in single-user mode with every command (including 'reboot'!) yielding a SIGILL. Well, that chip is so broken by design, no software workaround can help its misery, a hardware fix exists, but cant (easily) be As Volker notes; Linux can work round it. So can OS/2. I don't know the details, but there ARE modes where it works. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Is this how to use Freebsd?
Alfred Perlstein wrote: That's a typlical 'Linux' partitioning choice, personally I dislike it and prefer something link: 120M / 300M /var 2xRAM swap (limit 1 gig) rest /usr I like having a separate /tmp. / can then be 50 or 60 Mb. But, particularly, a 300Mb /var depends heavily on what the machine is being used for. It could well languish with 290 Mb free for some kinds of servers, and particularly for desktop machines. /usr may be split into /usr and /usr/home, if so /usr usually gets about 1.5gigs and /usr/home gets the rest. /usr and /home, please. :-) That's our default. A couple of suggestions: 1) please wrap lines at 70 characters when posting to the list. Furthermore, DO NOT send html-formatted messages. I, for one, delete without even reading all html-formatted messages. -- Daniel C. Sobral(8-DCS) [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] He has been convicted of criminal possession of a clue with intent to distribute. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Is this how to use Freebsd?
* Daniel C. Sobral [EMAIL PROTECTED] [001102 19:26] wrote: 1) please wrap lines at 70 characters when posting to the list. Furthermore, DO NOT send html-formatted messages. I, for one, delete without even reading all html-formatted messages. I usually do as well, but mutt sometimes decodes them to plain text, some mailers send mail in such a way that mutt doesn't those I nuke with extreme prejudice. :) -- -Alfred Perlstein - [[EMAIL PROTECTED]|[EMAIL PROTECTED]] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Broken PCI-IDE RZ1000 ata
It seems John Summerfield wrote: It seems Volker Stolz wrote: The RZ1000 PCI-IDE controller found on at least one Intel board is severely broken and requires a workaround which is available for Linux (at least it turned up in the config for 2.4.0, though the board should be a couple of years old, it's for regular Pentium-I). Could anyone comment on this to get it working with FreeBSD? sysinstalls gets write-errors after a couple of kilobytes, and when running an already installed system, mount/fsck bomb with sig 11, after that you find yourself in single-user mode with every command (including 'reboot'!) yielding a SIGILL. Well, that chip is so broken by design, no software workaround can help its misery, a hardware fix exists, but cant (easily) be As Volker notes; Linux can work round it. So can OS/2. I don't know the details, but there ARE modes where it works. Nope, there are not, even the manufacturer agrees to that -Søren To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message