Re: Multiboot OpenBSD with Vista
On Sat, May 16, 2009 at 04:19, Joachim Schipper joac...@joachimschipper.nl wrote: On Fri, May 15, 2009 at 01:08:14PM +0430, MANI wrote: Hi, First of all you need to know I am running OpenBSD on my laptop and PC at home happily as sole OS, but unfortunately I need to dual boot my PC at Office because of some proprietary softwares we need at company, the other OS is Microsucks Windows Vista AFAIK one of the way of dual booting is to copy openbsd.pbr on Drive C of windows, but How can I make openbsd.pbr. and why I can not boot to OpenBSD using bootable cd ? boot hd0a:/bsd not working for me. OpenBSD is on rwd0a - rwd0f and Vista is on rwd0g and rwd0h. If I go to shell on bootable cd and type: mount -t ffs /dev/wd0a /mnt I can mount wd0a wich is my root partition on /mnt and everythings seems ok. So what is the easiest solution to dual booting ? Many others have suggested various solutions, but I wrote up a solution I would consider easy at http://www.joachimschipper.nl/Dual-booting OpenBSD and Vista. (It wouldn't be the first time I loaned someone my laptop for a couple of minutes. Being able to say turn it on, select Windows is nicer than having to tell them which arcane incantations to enter...) A bootable CD should work too. I suppose you could do some tricks with VMWare and the like. But the above is what I use, and I've had no issues. B B B B B B B B Joachim I multi-boot Vista/OpenBSD on one of my homeservers. I use GAG. it Just Works http://gag.sourceforge.net/
Re: Why so cool OS doesn't have vuln database?
Thanks a lot! TomC!E! BodEC!r wrote: Read the FAQ please http://www.openbsd.org/stable.html 1) Get and update source code trough CVS 2) Rebuild kernel and boot with it 3) Rebuild binaries 4) Done There was thread about it last month I think.You haven't packages updated in -stable.You must use -current if you want updated packages.Ofcourse,that you can update packages on -stable,but really not all and you will be on your own in this case because FAQ : Keeping Things in Sync It is important to understand that OpenBSD is an Operating System, intended to be taken as a whole, not a kernel with a bunch of utilities stuck on. You must make sure your kernel, userland (the supporting utilities and files) and ports tree are all in sync, or unpleasant things will happen. Said another way (because people just keep making the error), you can not run brand new ports on a month old system, or rebuild a kernel from -current source and expect it to work with a -release userland. Yes, this does mean you need to upgrade your system if you want to run a new program which was added to the ports tree today. Sorry, but again, OpenBSD has limited resources available. One should also understand that the upgrade process is supported in only one direction: from older to newer, and from -stable to -current. You can not run 4.5-current (or a snapshot), then decide you are living too dangerously, and step back to 4.5-stable. You are on your own if you choose any path other than the supported option of reloading your system from scratch, do not expect assistance from the OpenBSD development team. Yes, this does mean you should think long and hard before committing yourself to using -current. 2009/5/17 Yuriy Grishin grishin-mailing-li...@minselhoz.samara.ru: Martin Schrvder wrote: 2009/5/17, Yuriy Grishin grishin-mailing-li...@minselhoz.samara.ru: B OpenBSD just uses different approach, got it. It's not a technological problem. Search the archives for discussions of security upgrades to ports. In short: The devs all run current and such don't need it; not enough users have stepped forward and started working on it. How does updating-to-stable work? It updates the kernel right (?) Does it update installed packages? -- Code cheap ($3 per an application) -- http://www.openbsd.org/lyrics.html -- Code cheap ($3 per an application)
Re: Why so cool OS doesn't have vuln database?
Indeed you're right. I've got the same experience with php5-gd library. The audit program told that this library is vulnerable but there was no patch available. So this message was about useless. On the other hand in most cases this sort of applications could save admin's time. TomC!E! BodEC!r wrote: I tried this db app on DragonFly,but guess what.You installed sudo,then you install this vulnerability-check and it say that you installed sudo which has local security bug.So what was help for me then?But if you are admin of some servers then you are reading about security problems in similar important applications and it's on you to fight with it. 2009/5/17 Yuriy Grishin grishin-mailing-li...@minselhoz.samara.ru: Jacob Meuser wrote: On Sun, May 17, 2009 at 09:16:17AM +0500, Yuriy Grishin wrote: Jacob Meuser wrote: On Sat, May 16, 2009 at 11:14:34PM +0500, Yuriy Grishin wrote: On the other hand maintaining the database is extremely huge work. Did it face some problems? maintaining the database is extremely huge work. It is for one guy. It is not for the community. exactly who is the community? You and me and that guy. Well, I've just realized that there would be an app like portupgrade in addition to portaudit and vulnDB (it's even more work). As I see (from your replicas) my question is burning but I didn't want to offend anyone of you (I'm not trolling). This is because of I migrated from FreeBSD and I'm a novice at OpenBSD. OpenBSD just uses different approach, got it. -- Code cheap ($3 per an application) -- Code cheap ($3 per an application)
Re: Why so cool OS doesn't have vuln database?
Yuriy Grishin wrote: Indeed you're right. I've got the same experience with php5-gd library. The audit program told that this library is vulnerable but there was no patch available. So this message was about useless. On the other hand in most cases this sort of applications could save admin's time. Ok, so make it work then: 1 Port the apps (easy) 2 Populate the database (huge work) 3 Build up trust so the average paranoid admin wants to use it (?) 4 Profit! I await someone saving my admin time. On the other hand maintaining the database is extremely huge work. It is not for the community. exactly who is the community? You and me and that guy.
Re: Why so cool OS doesn't have vuln database?
Hi, Joachim I've got that you wanted to say. There are some tools for that are available. The main problem is that they detect an intrusion *after* the server is compromised. Intrusion detection systems are good but intrusion prevention systems are better. Joachim Schipper wrote: On Sun, May 17, 2009 at 03:04:18AM +0200, Ingo Schwarze wrote: Hi Joachim, hi Yurij, Joachim Schipper wrote on Sat, May 16, 2009 at 01:23:20PM +0200: On Fri, May 15, 2009 at 10:39:06PM +0500, Yuriy Grishin wrote: I've installed OpenBSD 4.5 on my home gateway. Random pids and critical files permission are really cool. I just confused a little bit because I haven't found any way to check the vulnerabilities of my configuration. Are there any? This is not what you are asking for, but security(8) will run nightly and check various files. This detects unsophisticated intruders and - more importantly - makes it easy to spot and fix misconfigurations. But be aware of this: $ man security | tail -n 7 BUGS The name of this script may provide a false sense of security. There are perhaps an infinite number of ways the system can be compromised without this script noticing. Of course. Of course, it can be extended with your own critical files, if desired. Actually, security(8), in contrast to daily(8)/weekly/monthly, does not support security.local additions right now. I don't see a pressing need to implement that hook, either; it would be easy enough, though, just adding the two lines next_part Running /etc/security.local: run_script security.local at the very end of /etc/security does the trick. Apart from that, i would recommend against locally modifying the script /etc/security itself. You can use daily.local for local additions. Of course, you can also add files to the changelist(5). Perhaps the latter is what you were hinting at. Oh, I'm sorry, I should have been more clear. security(8) runs mtree(8) on, amongst others, /etc/mtree/*.secure. Such files can be freely added, no? That is what I intended to say, but I didn't actually say it... sorry for any confusion that may have resulted! Joachim
Re: Why so cool OS doesn't have vuln database?
As I said it's unreal for a guy from a Russian village. You may hit me for that but it's done in FreeBSD therefore it's possible. Janne Johansson wrote: Yuriy Grishin wrote: Indeed you're right. I've got the same experience with php5-gd library. The audit program told that this library is vulnerable but there was no patch available. So this message was about useless. On the other hand in most cases this sort of applications could save admin's time. Ok, so make it work then: 1 Port the apps (easy) 2 Populate the database (huge work) 3 Build up trust so the average paranoid admin wants to use it (?) 4 Profit! I await someone saving my admin time. On the other hand maintaining the database is extremely huge work. It is not for the community. exactly who is the community? You and me and that guy.
Re: Kylin
2009/5/18 (private) HKS hks.priv...@gmail.com: intellectual property Hello oxymoron.
Re: old and new pf tandem test ---help
Why come to an OpenBSD list asking about FreeBSD pf? I note that you didn't come to ask about getting OpenBSD running on your new hardware. (It might have been quite a simple thing to fix). You'd be better off asking on a FreeBSD list or the general pf list. Most of us here don't know FreeBSD pf. It's a bit different. They don't track OpenBSD's code particularly closely (which is newer and has more features) and we're not sure what works and what doesn't in their code. On 2009-05-18, mehma sarja mehmasa...@gmail.com wrote: Ingo and the rest of OpenBSD pf-ers, Thanks Ingo for your thoughts. Let me ask a simpler question, is there something wrong with the following line on a FreeBSD 7.2 pf? pass in log quick on em0 inet proto tcp from any to 121.209.23.121 port = imaps flags S/SA modulate state Yudhvir
Re: Problem with pf/nat (bug?) and aliases in internal interface
As a test, can you try it without using the 192.168.20.1-192.168.20.10 address range format, and see if that behaves any better? You can use this instead: {192.168.20.0/29 192.168.20.8/31 192.168.20.10} In gmane.os.openbsd.misc, you wrote: Scenario: int_if with two ip addresses in two differents lans (192.168.20.254, 192.168.21.254). more aliases in the external interfaces nat rules: every 10 internals ip use an external address for the nat. everything works fine, except for the second internal ip address. ip from 192.168.21.0/24 are natted with rules of net 192.168.20.0/24 machines from internal lan use .20.254 or .21.254 as a gateway. p.s. both of them works, but second ones use wrong nat. # uname -mprs OpenBSD 4.4 amd64 Intel(R) Xeon(R) CPU 5110 @ 1.60GHz # pfctl -vsr pass in log quick on bnx1 inet from 192.168.20.0/24 to any flags S/SA keep state [ Evaluations: 61921 Packets: 370618Bytes: 216808002 States: 4230 ] [ Inserted: uid 0 pid 12418 State Creations: 23774 ] pass in log quick on bnx1 inet from 192.168.21.0/24 to any flags S/SA keep state [ Evaluations: 628 Packets: 13136 Bytes: 10432453States: 117 ] [ Inserted: uid 0 pid 12418 State Creations: 202 ] # pfctl -vvsn | grep -A2 -e '@0' -e '@24' -e '@25' @0 nat on bnx0 inet from 192.168.20.1 - 192.168.20.10 to any - xxx.xxx.xxx.1 [ Evaluations: 34016 Packets: 57999 Bytes: 23576755States: 803 ] [ Inserted: uid 0 pid 12418 State Creations: 5402 ] @24 nat on bnx0 inet from 192.168.20.241 - 192.168.20.254 to any - xxx.xxx.xxx.25 [ Evaluations: 1079 Packets: 3353 Bytes: 1489982 States: 79 ] [ Inserted: uid 0 pid 12418 State Creations: 179 ] @25 nat on bnx0 inet from 192.168.21.1 - 192.168.21.10 to any - xxx.xxx.xxx.26 [ Evaluations: 793 Packets: 0 Bytes: 0 States: 0 ] [ Inserted: uid 0 pid 12418 State Creations: 0 ] -- Cris, member of G.U.F.I Italian FreeBSD User Group http://www.gufi.org/
Re: Problem with pf/nat (bug?) and aliases in internal interface
On 5/18/09 9:46 AM, Stuart Henderson wrote: As a test, can you try it without using the 192.168.20.1-192.168.20.10 address range format, and see if that behaves any better? You can use this instead: {192.168.20.0/29 192.168.20.8/31 192.168.20.10} I already tried with 192.168.21.1, 192.168.21.2 and with a table. Nothing change in nat rules. -- Cristiano Deana - FreeCRIS Ho iniziato a usare FreeBSD perche' m$ usava me. ed e' spiacevole
Por favor leiam. apelo de mae....
POR FAVOR. LEIAM !! Deixo com vocjs um apelo de mce, estou completamente desesperada. O meu filho se chama Igor de Oliveira terra tem 5 anos de idade, desapareceu no dia 10 de fevereiro de 2009 na cidade de belo horizonte. Estou usando de todas as formas para encontrar meu filho, por isso venho atravez deste e-mail pedir POR FAVOR, para que olhem o video e fotos com carinho, depois repassem para seus amigos e parentes. Video gravado, em sua festa de 5 anos de idade: Igor de Oliveira terra_video(517,3 KB) Todas as fotos tiradas de Igor de Oliveira terra que podem ajudar: Igor de Oliveira terra_fotos(238,17 KB) Oferecemos uma gratificagco para quem possa nos dar qualquer notmcia, do paradeiro do Igor. Email para contato: vanessa...@uol.com.br Telefone: (31) 3236-8215 Associagco Brasileira de Criangas Desaparecidas (0XX11) 3337-3331 ou 3337-3332, falar com Ivanice.
Re: Multiboot OpenBSD with legacy systems
Lars Nooden a icrit : Peter Kay - Syllopsium wrote: ... provided it's given plenty (32 bit : 2GB, 64 bit : 4GB) of RAM. I favour 64bit, even if the driver support is less comprehensive and the memory requirements are higher. Both can be pretty bad. I know very few stupid enough to try to use MS Vista, but some of those have had the gall to complain to me that they can't run larger apps without switching to XP. XP ought to run much better as a guest under Qemu, anyway. Not that it should be condoned either. Anyway, there was a message about WINE last December: http://kerneltrap.org/mailarchive/openbsd-misc/2008/12/28/4503544 I have to run V***A on my Laptop for work, and use dhcp with it :( I found out that TrueCrypt make a fine bootloader too. ESC at the TC password prompt, and it boots your OpenBSD installation happily ! YMMV Mathias
Re: Package for kde4
On May 18 02:42:07, Cem Kayali wrote: Hello! Could it be possible to include kde4 and its dependent ports into (snapshot) packages, so that we can test it? Sure. Go ahead.
Re: rt.fm CVS Mirror going funny?
On Sun, 17 May 2009 03:29:13 -0400 Jeremy Huiskamp jer...@kamper.ca wrote: On 5/17/09 2:07 AM, Aaron W. Hsu wrote: Hey All, Has anyone else noticed issues with pulling src/sbin/ping/ping.c from anon...@rt.fm:/cvs? I get this error cvs [server aborted]: EOF while looking for end of string \ in RCS file /cvs/src/sbin/ping/ping.c,v Does anyone know what might cause this? I tried removing it and refetching it, as well as using the -C option. Yes, always in that spot. I stopped using this mirror a while ago because of this. Something odd about that hostname rt.fm, I'd say. Dhu
Re: OpenBSD 3.4 hanging after boot
On Sat, 16 May 2009 15:46:35 -0400 Nick Holland n...@holland-consulting.net wrote: Also...32M would be about the minimum amount of RAM you would want to install on at the moment. If you don't have much of a scrap pile, you may have difficulty expanding old machines to the useful minimum. Nick. 16M will generally work. Dhu
Re: Raid controller?
On Fri, 15 May 2009 20:40:44 -0600 (MDT) Theo de Raadt dera...@cvs.openbsd.org wrote: On Fri, 15 May 2009, Chuck Robey wrote: I'm currently trying to verify something, because while I know makefiles really well, the ones for the FreeBSD kernel are too indirect for me, so I can't yet verify about the twa driver. Doesn't make any difference, 3Ware was abandoned by the project many years ago due to lack of support. There are many compatible cards out there: http://openbsd.org/i386.html#hardware Compare the drivers with the with bioctl compatibility list. No kidding. If any of the people we talked to at 3ware weren't such LYING BAGS OF HYPOCRITICAL SHIT we'd support their hardware Hard words, Theo. Do you think anyone you talked to could actually understand what you were sayin'? Dhu as well as we support just about everything else in the industry. We did not put them into that lofty position of not being supported by OpenBSD. They put themselves there. If I was angry about it I might say I hope they are happy with the result, but the fact is I stopped caring about it ages ago. You came to this mailing list and you brought up 3ware because you don't know how to use google.
Re: OpenBSD 3.4 hanging after boot
On Mon, May 18, 2009 at 04:46:33AM -0600, Duncan Patton a Campbell wrote: On Sat, 16 May 2009 15:46:35 -0400 Nick Holland n...@holland-consulting.net wrote: Also...32M would be about the minimum amount of RAM you would want to install on at the moment. If you don't have much of a scrap pile, you may have difficulty expanding old machines to the useful minimum. Nick. 16M will generally work. Dhu Are you sure you want to run a system where even init gets paged out? Nick is talking about a useful minimum. -Otto
Re: Raid controller?
Duncan Patton a Campbell wrote: On Fri, 15 May 2009 20:40:44 -0600 (MDT) Theo de Raadt dera...@cvs.openbsd.org wrote: If any of the people we talked to at 3ware weren't such LYING BAGS OF HYPOCRITICAL SHIT we'd support their hardware Hard words, Theo. Do you think anyone you talked to could actually understand what you were sayin'? Dhu Some of us lurk on this list specifically to get a handle on what hardware to avoid.
FW: Raid controller?
Theo does have a point...you gain nothing from tip toeing around these issues...especially when dealing with people like them -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Duncan Patton a Campbell Sent: 18 May 2009 12:04 To: Theo de Raadt Cc: chu...@telenix.org; l...@omnitec.net; ad...@bitwise.net; misc@openbsd.org Subject: Re: Raid controller? On Fri, 15 May 2009 20:40:44 -0600 (MDT) Theo de Raadt dera...@cvs.openbsd.org wrote: On Fri, 15 May 2009, Chuck Robey wrote: I'm currently trying to verify something, because while I know makefiles really well, the ones for the FreeBSD kernel are too indirect for me, so I can't yet verify about the twa driver. Doesn't make any difference, 3Ware was abandoned by the project many years ago due to lack of support. There are many compatible cards out there: http://openbsd.org/i386.html#hardware Compare the drivers with the with bioctl compatibility list. No kidding. If any of the people we talked to at 3ware weren't such LYING BAGS OF HYPOCRITICAL SHIT we'd support their hardware Hard words, Theo. Do you think anyone you talked to could actually understand what you were sayin'? Dhu as well as we support just about everything else in the industry. We did not put them into that lofty position of not being supported by OpenBSD. They put themselves there. If I was angry about it I might say I hope they are happy with the result, but the fact is I stopped caring about it ages ago. You came to this mailing list and you brought up 3ware because you don't know how to use google.
Re: Raid controller?
On Mon, 18 May 2009 05:04:24 -0600, Duncan Patton a Campbell wrote: Hard words, Theo. Do you think anyone you talked to could actually understand what you were sayin'? Dumb words, Dhu. Do you think anyone who reads this will think you could understand what you were meaning if you did not read archival research? *** NOTE *** Please DO NOT CC me. I am subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ /earth: write failed, file system is full cp: /earth/creatures: No space left on device
Re: old and new pf tandem test ---help
* mehma sarja mehmasa...@gmail.com [2009-05-17 19:43]: I want to test two pf firewalls in-line - an old openBSD (3.7 #50, i386) is on the 'outside' and a new FreeBSD (7.2 #0 amd64) is on the 'inside.' OpenBSD 3.7 and FreeBSD 7 are probably en par for pf. pf in a recent OpenBSD however is more than twice as fast as it was in the 3.7 days and gained a lot more you don't wanna miss. pf on !OpenBSD is the starter drug. no more. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: old and new pf tandem test ---help
* mehma sarja mehmasa...@gmail.com [2009-05-18 03:28]: Thanks Ingo for your thoughts. Let me ask a simpler question, is there something wrong with the following line on a FreeBSD 7.2 pf? pass in log quick on em0 inet proto tcp from any to 121.209.23.121 port = imaps flags S/SA modulate state how should we know what ancient parts of pf they use? -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
PROPOSSITION CONFIDENTIALE
You are invited to PROPOSSITION CONFIDENTIALE. By your host Deme Lamine: Date: Monday May 18, 2009 Time: 12:00 pm - 1:00 pm (GMT +00:00) Location: Cher Ami Bonjour, Je suis le Directeur en charge de l'audit Banque section de compte etrangee de la BANQUE INTERNATIONALE DU BURKINA (BIB), j'ai besoin de votre aide urgente dans le transfert de la somme de ($ 12,millions) Douze Millon de dollars americaine immidiatement ` votre compte.ci ga vous intersse je vous enverrons tous les ditails sur la fagon dont on va fait le demache et igalement noter que vous aurez 30% du montant indiqui ci-dessus si vous jtes d'accord pour m'aider ` exicuter cette Guests: * kmo...@yahoo.ca * claudette200...@yahoo.ca * galandav...@gmail.com * j...@yahoo.ca * eco...@yahoo.fr * collectiflibe...@yahoo.ca * aaao...@yahoo.ca * eric.arse...@sympatico.ca * misc@openbsd.org * janea...@yahoo.com.ph * m...@yahoo.ca * immigrant_infos.can...@yahoo.ca * d.boisv...@usherbrooke.ca * siriusk...@yahoo.ca * eric.lapoin...@usherbrooke.ca * agent.donaldcar...@yahoo.ca * agent_donaldcart...@yahoo.com * eric.wilso...@yahoo.com * eric.wil...@rediffmail.com * eric.sir...@bellnet.ca * ell40are...@yahoo.com * paces312...@yahoo.ca * ericbern...@yahoo.ca * jcen...@videotron.ca * isabel.deslauri...@mail.mcgill.ca * l.s...@yahoo.ca * shawna.saint-p...@usherbrooke.ca * sams...@videotron.ca * ble...@tlb.sympatico.ca * claudebeaugrand2...@yahoo.ca * ebed...@teluq.uqam.ca * shekh...@yahoo.ca * mn.6ab67d8703758a1f.90...@wtablettes.net * aaaoutl...@yahoo.ca * eric.arsenea...@sympatico.ca * josiane_mela...@yahoo.ca * elannegr...@sympatico.ca * e_berthom...@yahoo.fr * pachoun2...@yahoo.ca * a...@magic.fr * aclsmar...@yahoo.ca * m.beauv...@videotron.ca * c85elc...@yahoo.fr * c85belangerjoce...@yahoo.ca * humsec...@yahoo.ca. * daphne_mar...@yahoo.ca * mottet.e...@uqam.ca * eric.2.lan...@hec.ca * pledge...@yahoo.ca * dori...@sympatico.ca * lamer...@hotmail.com * rocketf...@yahoo.ca * patrickm...@hotmail.com * clawd...@hotmail.com * jo_part...@yahoo.ca * thea...@hotmail.com * drmikep2...@yahoo.ca * val...@shaw.ca * peturs...@yahoo.com * greg_la_po...@yahoo.ca * chant...@etu.unige.ch * eric.bre...@umontreal.ca * mariechristinetaille...@yahoo.ca * chau.t...@ices.on.ca * eric.bosche...@mail.mcgill.ca * jd_camer...@yahoo.ca * uncle.j...@videotron.ca * livelyli...@yahoo.ca * jnr_ayo...@yahoo.ca * patrimo...@videotron.ca * ctk.e...@gmail.com * ericmoisanbouch...@yahoo.ca * moisanboucharde...@ddace.com * rik...@yahoo.ca * clano...@yahoo.ca * gaulle_pie...@hotmail.fr * salamy-unile...@yahoo.ca * triry...@yahoo.ca * trili...@hotmail.com * larab...@videotron.ca invitation_add_to_your_yahoo_calendar: http://calendar.yahoo.com/?v=60ST=20090518T12%2BTITLE=PROPOSSITION+CONFIDENTIALEDUR=0100VIEW=din_loc=Cher+Ami+Bonjour,+Je+suis+le+Directeur+en+charge+de+l%27audit+Banque+section+de+compte+etrangee+de+la+BANQUE+INTERNATIONALE+DU+BURKINA+(BIB),+j%27ai+besoin+de+votre+aide+urgente+dans+le+transfert+de+la+somme+de+($+12,millions)+Douze+Millon+de+dollars+americaine+imm%c3%a9diatement+%c3%a0+votre+compte.ci+%c3%a7a+vous+intersse+je+vous+enverrons+tous+les+d%c3%a9tails+sur+la+fa%c3%a7on+dont+on+va+fait+le+demache+et+%c3%a9galement+noter+que+vous+aurez+30%25+du+montant+indiqu%c3%a9+ci-dessus+si+vous+%c3%aates+d%27accord+pour+m%27aider+%c3%a0+ex%c3%a9cuter+cetteTYPE=10 Copyright ) 2009 All Rights Reserved www.yahoo.com Privacy Policy: http://privacy.yahoo.com/privacy/us Terms of Service: http://docs.yahoo.com/info/terms/
Re: old and new pf tandem test ---help
On Mon, May 18, 2009 at 02:51:34PM +0200, Henning Brauer wrote: * mehma sarja mehmasa...@gmail.com [2009-05-18 03:28]: Thanks Ingo for your thoughts. Let me ask a simpler question, is there something wrong with the following line on a FreeBSD 7.2 pf? pass in log quick on em0 inet proto tcp from any to 121.209.23.121 port = imaps flags S/SA modulate state how should we know what ancient parts of pf they use? plus, pf rules have little meaning without context. -Otto
OT Re: Kylin
On Sun, 17 May 2009, Nick Holland wrote: SNIP rant I, for one, would appreciate government agencies taking a paranoid, security-oriented approach to computer systems, rather than the approach most governments and businesses are using, which seems to boil down to, Security Second to Everything Else. Or like this: http://www.fcw.com/Articles/2009/05/07/Hacker-demands-ransom-for-data.aspx where the only bad guy is the person who exploited an insecure system, not the fools and assholes who left and CREATED it insecure in the first place (you can tell them I said that). SNIP Nick If anyone is interested you might take a read at this, http://en.wikipedia.org/wiki/Shawn_Carpenter I used to work down the hall from him. Since both of us worked late we'd share some coffee. About the only thing I can say is he made the strongest coffee I've ever drank. :-) diana Past hissy-fits are not a predictor of future hissy-fits. Nick Holland(06 Dec 2005)
Re: HD 'Analysis'
On Tue, May 05, 2009 at 01:46:00PM +0200, Hannah Schroeter wrote: dd if=/dev/sd1c of=/dev/null bs=64k ^r Do yourself a favor and use the raw device. why? -- t.walkow...@wallstreet-online.de
Re: HD 'Analysis'
On Mon, May 18, 2009 at 03:21:25PM +0200, Tobias Walkowiak wrote: On Tue, May 05, 2009 at 01:46:00PM +0200, Hannah Schroeter wrote: dd if=/dev/sd1c of=/dev/null bs=64k ^r Do yourself a favor and use the raw device. why? Because you use block devices for mounting, and raw devices for anything else. In some cases a block devices might work for a particular purpose, but why take chances? -Otto
OT Re: Kylin
Duncan Patton a Campbell wrote: the chinese government really feels so vulnerable against U.S.? i mean, they say it like the WWIII will begin soon and we need to defend us on the cyberspace with our super-secure OS They're prob'ly as worried about their own hacks as anyone elses, but given they've built their own chip it's pretty clear they take the problems with iNtel rom/microcode seriously enough. Remember the foo-rah when Sony came up with it's own 64bit chip? All that bs about Sadman buying up a gross of playstations 'cause they're not trojaned with externally modifiable microcode ? seriously, the OS cannot be anything worth writing home to momma about. that they choose to run the OS on special cpus is notable since nobody really knows what the bios hackers put into their special sauce. intel and amd are originally 'western' companies so i wouldn't trust their work product as far i could throw it if i were the chinese. speaking of which i don't trust the security of products manufactured in china and that's most hardware afaik. i have speculated before that some hardware manufacturers intentionally leave exploitable problems in their products on purpose so the machines can be penetrated. it would not surprise me at all if this were the case.
Re: HD 'Analysis'
Hi! On Mon, May 18, 2009 at 03:21:25PM +0200, Tobias Walkowiak wrote: On Tue, May 05, 2009 at 01:46:00PM +0200, Hannah Schroeter wrote: dd if=/dev/sd1c of=/dev/null bs=64k ^r Do yourself a favor and use the raw device. why? If nothing else, it'll be much faster. Kind regards, Hannah.
Re: Why so cool OS doesn't have vuln database?
On Mon, May 18, 2009 at 11:51:02AM +0500, Yuriy Grishin wrote: Hi, Joachim I've got that you wanted to say. There are some tools for that are available. The main problem is that they detect an intrusion *after* the server is compromised. Intrusion detection systems are good but intrusion prevention systems are better. It is true that a properly updated database might reduce the window of opportunity for an attacker (then again, so does regularly running pkg_add -ui, or if you are willing to put in a little more work, reading a list like Full-Disclosure and reacting to new vulnerabilities immediately). However, if you cannot afford to be compromised, patch management isn't going to help you: you'll have to run programs that don't have holes in the first place. This really isn't impossible, especially not for server-side software. In other words, I personally don't really see the value of your proposed database. As far as possible, I run secure software; and as far as possible, I keep up to date on the latest known exploits for software that I run. Joachim
Re: HD 'Analysis'
On Mon, 18 May 2009, Otto Moerbeek wrote: On Mon, May 18, 2009 at 03:21:25PM +0200, Tobias Walkowiak wrote: On Tue, May 05, 2009 at 01:46:00PM +0200, Hannah Schroeter wrote: dd if=/dev/sd1c of=/dev/null bs=64k ^r Do yourself a favor and use the raw device. why? Because you use block devices for mounting, and raw devices for anything else. In some cases a block devices might work for a particular purpose, but why take chances? While this rule is probably right, a few tools, such as atactl(8) or smartctl from ports say something else in their respective man pages. Well, these two utilities are not handling the block themselves, but anyway. Is this a bug in the man pages? Regads, David
relayd - trunked web pages
Hi, I'm experiencing something very peculiar with relayd. I have relayd for quite sometime in production and I'm observing on a long term that relayd starts to trunk http responses and I don't seem to know why. When I restart relayd everything starts working again. Can anyone point to me a direction to where I can start looking to debug this issue, eventually resolve it ? Here is my relayd.conf relayd_addr=192.168.172.77 https_port=443 http_port=80 table web_hosts { 192.168.223.58 } interval 10 timeout 1000 prefork 5 log all http protocol httpssl { ssl { sslv3, tlsv1, ciphers MEDIUM:!ADH, no sslv2 } header append $REMOTE_ADDR to X-Forwarded-For } http protocol httpsimple { header append $REMOTE_ADDR to X-Forwarded-For } relay https-proxy { listen on $relayd_addr port $https_port ssl protocol httpssl forward to web_hosts port $http_port mode loadbalance check http / code 200 } relay http-proxy { listen on $relayd_addr port $http_port protocol httpsimple forward to web_hosts port $http_port mode loadbalance check http / code 200 } Here is my pf.conf: ext_if = vic0 int_if = vic1 ext_ip = 192.168.172.77 ftp_ip = 192.168.223.58 nat-anchor ftp-proxy/* nat on $ext_if inet from $int_if - ($ext_if) rdr-anchor relayd/* rdr-anchor ftp-proxy/* pass in on $ext_if inet proto tcp to $ext_ip port 21 flags S/SA keep state pass out on $int_if inet proto tcp to $ftp_ip port 21 user proxy flags S/SA keep state pass in log (all, to pflog1) on $ext_if inet proto tcp to $ext_if port 21 keep state anchor relayd/* anchor ftp-proxy/* UM
Re: Kylin
2009/5/18 Toma Bodar tomas.bod...@gmail.com: Common,you think that big western companies which have support from western governments care about it?And please don't make white knight from western civilization.Everywhere are pros and cons.What type of copyright and intellectual property you think?Like Disney which have stories based on older stories,but he has law from government on it now so original makers has nothing and Disney takes all?And when end of this copyright is near some magic happen in government and Disney (and others) has next 20 or 50 years.Sounds very respectable for copyright and intellectual property of original authors ;-) Or maybe you think something like we have.When you create your own song and sing it to people somewhere outside of your flat you must pay to OSA(something like BSA terrorists,but local).WTH is that.Sounds really like care about my copyright - I must pay for my own song ;-) Informations are here for share and we can move forward thanks to them.If some idiot have patent on double-click then what?One developer must incorporated triple-click to his product,next four-click and so on?Sounds like history - Earth is just pancake and everyone who want to find another idea must use our idea or he will be killed and who use our idea without our licence will be killed too.Really we need those times back?? For Christ's sake, get off your fucking high horse. My quip was in response to your implication that China chose a BSD license because it fit better with their intentions than GPL or similar. As if they gave a shit. -HKS 2009/5/18 (private) HKS hks.priv...@gmail.com: 2009/5/17 Toma Bod ar tomas.bod...@gmail.com: I know,that's why they choose BSD-style licenced OS ;-) Yes, because China's respect for copyright and intellectual property is legendary. -HKS 2009/5/17 Cem Kayali cemkay...@eticaret.com.tr: Do you really think Chineese governmnt make source public? Not all of course ;) Regards, Jesus Sanchez, 05/17/09 20:58: TomC!E! BodEC!r escribiC3: After quick search on web it looks like it's based on FreeBSD 5.3 (initial version) with Windows like GUI.So it doesn't looks so secure now :-) But government agencies must have reason to receive money so why don't make wave about dangerous China with their new ultra-hyper-super secure system? Ofcourse that there can be interesting modifications.Maybe I will try it in Qemu :-) the chinese government really feels so vulnerable against U.S.? i mean, they say it like the WWIII will begin soon and we need to defend us on the cyberspace with our super-secure OS and after all they based it on FreeBSD? I'm a OpenBSD user and I really feel that I've enought privacy, don't need a super-secret-ultra-secure OS nor to say Made In China xD Dne 17. kvD ten 2009 19:28 TomC!E! BodEC!r tomas.bod...@gmail.com napsal(a): Everyone can try it http://www.honeytechblog.com/downlod-kylin-operating-system-by-chinaqingbo-wu / 2009/5/17 Duncan Patton a Campbell campb...@neotext.ca: I just noticed this: http://www.physorg.com/news161355225.html about a secure os that's been under development in China since around 2k and is now being deployed by the Chinese Gov. Interestingly, it is built for a hardened CPU that, I'd guess, lacks many of the advanced features of iNTel architecture cpus. Anybody have any more info on this? Thanks, Dhu
Re: Kylin
I don't believe this is the final version... probably something running under Godson/Loongson ? http://en.wikipedia.org/wiki/Loongson []s Fosforo On Mon, May 18, 2009 at 12:08 PM, (private) HKS hks.priv...@gmail.com wrote: 2009/5/18 Toma Bod ar tomas.bod...@gmail.com: Common,you think that big western companies which have support from western governments care about it?And please don't make white knight from western civilization.Everywhere are pros and cons.What type of copyright and intellectual property you think?Like Disney which have stories based on older stories,but he has law from government on it now so original makers has nothing and Disney takes all?And when end of this copyright is near some magic happen in government and Disney (and others) has next 20 or 50 years.Sounds very respectable for copyright and intellectual property of original authors ;-) Or maybe you think something like we have.When you create your own song and sing it to people somewhere outside of your flat you must pay to OSA(something like BSA terrorists,but local).WTH is that.Sounds really like care about my copyright - I must pay for my own song ;-) Informations are here for share and we can move forward thanks to them.If some idiot have patent on double-click then what?One developer must incorporated triple-click to his product,next four-click and so on?Sounds like history - Earth is just pancake and everyone who want to find another idea must use our idea or he will be killed and who use our idea without our licence will be killed too.Really we need those times back?? For Christ's sake, get off your fucking high horse. My quip was in response to your implication that China chose a BSD license because it fit better with their intentions than GPL or similar. As if they gave a shit. -HKS 2009/5/18 (private) HKS hks.priv...@gmail.com: 2009/5/17 Toma Bod ar tomas.bod...@gmail.com: I know,that's why they choose BSD-style licenced OS ;-) Yes, because China's respect for copyright and intellectual property is legendary. -HKS 2009/5/17 Cem Kayali cemkay...@eticaret.com.tr: Do you really think Chineese governmnt make source public? Not all of course ;) Regards, Jesus Sanchez, 05/17/09 20:58: TomC!E! BodEC!r escribiC3: After quick search on web it looks like it's based on FreeBSD 5.3 (initial version) with Windows like GUI.So it doesn't looks so secure now :-) But government agencies must have reason to receive money so why don't make wave about dangerous China with their new ultra-hyper-super secure system? Ofcourse that there can be interesting modifications.Maybe I will try it in Qemu :-) the chinese government really feels so vulnerable against U.S.? i mean, they say it like the WWIII will begin soon and we need to defend us on the cyberspace with our super-secure OS and after all they based it on FreeBSD? I'm a OpenBSD user and I really feel that I've enought privacy, don't need a super-secret-ultra-secure OS nor to say Made In China xD Dne 17. kvD ten 2009 19:28 TomC!E! BodEC!r tomas.bod...@gmail.com napsal(a): Everyone can try it http://www.honeytechblog.com/downlod-kylin-operating-system-by-chinaqingbo-wu / 2009/5/17 Duncan Patton a Campbell campb...@neotext.ca: I just noticed this: http://www.physorg.com/news161355225.html about a secure os that's been under development in China since around 2k and is now being deployed by the Chinese Gov. Interestingly, it is built for a hardened CPU that, I'd guess, lacks many of the advanced features of iNTel architecture cpus. Anybody have any more info on this? Thanks, Dhu
Re: mp3 stick as both an mp3 stick and an obsd install
2009/5/17 Jan Stary h...@stare.cz: Scenario: 4.5 installed on Emtec 2GB-FM mp3 player, using 1G of the 2G, the rest being 1G of FAT (a separate fdisk partition, labeled as sd0i). Everyting works BSD-wise, provided the machine I plug it in can boot off USB at all. Now, I still want to be able to use it as a mp3 player. I created newfs_msdos on sd0i, can copy files back and forth. But when I turn the mp3 player on then, it says 'no song found'. (The FM player works.) After I (put my quarantine gloves on and) plugged the player into a windows machine and repartitioned the 1g partition with win's 'format', and copied some mp3's, the player _can_ see them and play them. If I newfs_msdos the partition again, the player cannot read it again. That makes me ask: is there something newfs_msdos doesn't that win FAT 'format' does that could be relevant to this? Did someone experience the same? This may be stating the obvious, but I presume you're aware that all FAT filesystems are not alike? newfs_msdos can create FAT12, FAT16, and FAT32 partitions. What kind of FAT partition did you create with Windows, and did you create the same kind with newfs_msdos? regards, --ropers
Re: FW: Raid controller?
If any of the people we talked to at 3ware weren't such LYING BAGS OF HYPOCRITICAL SHIT we'd support their hardware Hard words, Theo. Do you think anyone you talked to could actually understand what you were sayin'? I was not the only person who talked to 3Ware. Over the last 10 years numerous developers and users have gotten gotten enough hope to try to talk to them, and have received promises of forthcoming documentation. All of those promises were lies. Every person we talked to at 3ware is unaware what a promise means. And it goes all the way up to members of the board and the vice presidential level. They are LYING BAGS OF HYPOCRITICAL SHIT.
RAm capacity
in 4.5 release, what the RAM capacity ? 16,24,32,64GB?
Re: RAm capacity
On Mon, May 18, 2009 at 02:19:30PM -0300, Gustavo Polillo wrote: in 4.5 release, what the RAM capacity ? 16,24,32,64GB? 64MB (on a sun4c) -- :wq Claudio
Re: RAm capacity
in 4.5 release, what the RAM capacity ? 16,24,32,64GB? 64MB (on a sun4c) Actually, with the memory expansion board, you can use up to 128MB. Miod
Re: FW: Raid controller?
On Mon, 18 May 2009 10:40:29 -0600 Theo de Raadt dera...@cvs.openbsd.org wrote: If any of the people we talked to at 3ware weren't such LYING BAGS OF HYPOCRITICAL SHIT we'd support their hardware Hard words, Theo. Do you think anyone you talked to could actually understand what you were sayin'? I was not the only person who talked to 3Ware. Over the last 10 years numerous developers and users have gotten gotten enough hope to try to talk to them, and have received promises of forthcoming documentation. All of those promises were lies. Every person we talked to at 3ware is unaware what a promise means. And it goes all the way up to members of the board and the vice presidential level. They are LYING BAGS OF HYPOCRITICAL SHIT. Ok, a long history... sometimes I find it difficult to differentiate malice from plain blind incompetence. Dhu
Re: Kylin
On Mon, 18 May 2009 11:08:33 -0400 (private) HKS hks.priv...@gmail.com wrote: 2009/5/18 Toma Bodar tomas.bod...@gmail.com: Common,you think that big western companies which have support from western governments care about it?And please don't make white knight from western civilization.Everywhere are pros and cons.What type of copyright and intellectual property you think?Like Disney which have stories based on older stories,but he has law from government on it now so original makers has nothing and Disney takes all?And when end of this copyright is near some magic happen in government and Disney (and others) has next 20 or 50 years.Sounds very respectable for copyright and intellectual property of original authors ;-) Or maybe you think something like we have.When you create your own song and sing it to people somewhere outside of your flat you must pay to OSA(something like BSA terrorists,but local).WTH is that.Sounds really like care about my copyright - I must pay for my own song ;-) Informations are here for share and we can move forward thanks to them.If some idiot have patent on double-click then what?One developer must incorporated triple-click to his product,next four-click and so on?Sounds like history - Earth is just pancake and everyone who want to find another idea must use our idea or he will be killed and who use our idea without our licence will be killed too.Really we need those times back?? For Christ's sake, get off your fucking high horse. My quip was in response to your implication that China chose a BSD license because it fit better with their intentions than GPL or similar. As if they gave a shit. Actually I think their decision was quite telling. The Chinese Gove is not unaware of intellectual property concerns, they just don't give a shit for western idiots who patent wonton balls. Dhu -HKS 2009/5/18 (private) HKS hks.priv...@gmail.com: 2009/5/17 Toma Bod ar tomas.bod...@gmail.com: I know,that's why they choose BSD-style licenced OS ;-) Yes, because China's respect for copyright and intellectual property is legendary. -HKS 2009/5/17 Cem Kayali cemkay...@eticaret.com.tr: Do you really think Chineese governmnt make source public? Not all of course ;) Regards, Jesus Sanchez, 05/17/09 20:58: TomC!E! BodEC!r escribiC3: After quick search on web it looks like it's based on FreeBSD 5.3 (initial version) with Windows like GUI.So it doesn't looks so secure now :-) But government agencies must have reason to receive money so why don't make wave about dangerous China with their new ultra-hyper-super secure system? Ofcourse that there can be interesting modifications.Maybe I will try it in Qemu :-) the chinese government really feels so vulnerable against U.S.? i mean, they say it like the WWIII will begin soon and we need to defend us on the cyberspace with our super-secure OS and after all they based it on FreeBSD? I'm a OpenBSD user and I really feel that I've enought privacy, don't need a super-secret-ultra-secure OS nor to say Made In China xD Dne 17. kvD ten 2009 19:28 TomC!E! BodEC!r tomas.bod...@gmail.com napsal(a): Everyone can try it http://www.honeytechblog.com/downlod-kylin-operating-system-by-chinaqingbo-wu / 2009/5/17 Duncan Patton a Campbell campb...@neotext.ca: I just noticed this: http://www.physorg.com/news161355225.html about a secure os that's been under development in China since around 2k and is now being deployed by the Chinese Gov. Interestingly, it is built for a hardened CPU that, I'd guess, lacks many of the advanced features of iNTel architecture cpus. Anybody have any more info on this? Thanks, Dhu
Re: RAm capacity
On Monday 18 May 2009 13:19:30 Gustavo Polillo wrote: in 4.5 release, what the RAM capacity ? 16,24,32,64GB? Gustavo, OpenBSD runs on 17 or so hardware platforms, so your answer is kind of hard to answer. All the world is not i386. But I'll bet thats what you are asking about, and the answer is 3G for i386. I think that amd64 is 4G. --STeve Andre'
Re: aucat freezes sparc64 on -current
On Sun, May 17, 2009 at 09:03:06PM +0200, Mattieu Baptiste wrote: Hi all, I updated my machine to snapshot 2009-05-15 and the machine freezes when I start aucat : mattieu:/home/mattieu:2$ /usr/bin/aucat -l mattieu:/home/maschizo0: pci bus A error it seems related to the audio device driver; aucat is a simple user process so it cant freeze the box by itself. do you manage to freeze the box if you use ``aucat -m play -l'' ie playback only mode ? does it freeze if you start ``aucat -l -b 16384'' ? -- Alexandre
Re: aucat freezes sparc64 on -current
Hi, it seems related to the audio device driver; aucat is a simple user process so it cant freeze the box by itself. do you manage to freeze the box if you use ``aucat -m play -l'' ie playback only mode ? Play-only mode works fine (it doesn't freeze the box). does it freeze if you start ``aucat -l -b 16384'' ? Yes it freezes with this. -- Mattieu Baptiste /earth is 102% full ... please delete anyone you can.
make build fails on -STABLE
I just installed 4.5 yesterday from install45.iso on an old Dell Precision laptop. dmesg here: http://trumpetpower.com/pub/dmesg.boot I unpacked source from the tarballs and did ``cvs -q up -rOPENBSD_4_5 - PAd'' A new kernel built, installed, and booted just fine. However, every time I try to do a make build, it bombs out in the exact same spot. I've re-run cvs without it finding any new / modified / deleted / etc. files. Typescript here: http://trumpetpower.com/pub/build_fail.txt Suggestions would be most appreciated. Cheers, b [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: make build fails on -STABLE
On Mon, May 18, 2009 at 3:43 PM, Ben Goren b...@trumpetpower.com wrote: ... A new kernel built, installed, and booted just fine. However, every time I try to do a make build, it bombs out in the exact same spot. I've re-run cvs without it finding any new / modified / deleted / etc. files. What are the permissions on the /usr/include/kerberosV/ directory at the end of the build? Early on, you can see that it resets them from 700 to 755, but later error messages make it look like something in the build chmoded the directory back to 700. Hmm, perhaps the permissions get copied from the source tree along the way. What are the permissions on your source tree? Are any of the include directories there mode 700? If so, try changing them to 755 and give the build another shot. Philip Guenther
Re: make build fails on -STABLE
On 2009 May 18, at 4:27 PM, Philip Guenther wrote: On Mon, May 18, 2009 at 3:43 PM, Ben Goren b...@trumpetpower.com wrote: ... A new kernel built, installed, and booted just fine. However, every time I try to do a make build, it bombs out in the exact same spot. I've re-run cvs without it finding any new / modified / deleted / etc. files. What are the permissions on the /usr/include/kerberosV/ directory at the end of the build? Early on, you can see that it resets them from 700 to 755, but later error messages make it look like something in the build chmoded the directory back to 700. Hmm, perhaps the permissions get copied from the source tree along the way. What are the permissions on your source tree? Are any of the include directories there mode 700? If so, try changing them to 755 and give the build another shot. Actually I think I might have it figured out. If so, your idea was certainly very close. I have my umask set to 077 in my .profile. On a lark, before your note arrived, I set it to 022 and kicked off another make build. It seems to have made it past the point where it was bombing out. I'll send another note to the list to confirm (or deny) that that was the problem. I'll leave it to The Powers That Be (TM) to decide if this is something worth checking for or documenting. Cheers, b [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: mp3 stick as both an mp3 stick and an obsd install
ropers wrote: 2009/5/17 Jan Stary h...@stare.cz: Scenario: 4.5 installed on Emtec 2GB-FM mp3 player, using 1G of the 2G, the rest being 1G of FAT (a separate fdisk partition, labeled as sd0i). Everyting works BSD-wise, provided the machine I plug it in can boot off USB at all. Now, I still want to be able to use it as a mp3 player. I created newfs_msdos on sd0i, can copy files back and forth. But when I turn the mp3 player on then, it says 'no song found'. (The FM player works.) After I (put my quarantine gloves on and) plugged the player into a windows machine and repartitioned the 1g partition with win's 'format', and copied some mp3's, the player _can_ see them and play them. If I newfs_msdos the partition again, the player cannot read it again. That makes me ask: is there something newfs_msdos doesn't that win FAT 'format' does that could be relevant to this? Did someone experience the same? This may be stating the obvious, but I presume you're aware that all FAT filesystems are not alike? newfs_msdos can create FAT12, FAT16, and FAT32 partitions. What kind of FAT partition did you create with Windows, and did you create the same kind with newfs_msdos? regards, --ropers In addition to those very valid points, if you repartitioned it with Windows, you almost certainly ended up with the Windows partition at the beginning of the disk, and very probably as the first MBR partition, because that's how Windows does flash devices. Windows can't handle a Windows partition that is not first on a flash disk, so it wouldn't surprise me if the stripped-way-down-non-OS on an MP3 player would have even more significant limitations. Still, a cool thing to do. :) Nick.
Re: old and new pf tandem test ---help
Otto, Henning and Stuart to-the-point answers. Thanks guys. I have taken the post over to FreeBSD list. However, Henning, I am curious why you call pf on anything but OpenBSD a starter drug? Is the performance difference that huge? pf on FreeBSD 7.2 is version 4.1. You have piqued my interest and may convince me to switch to OpenBSD. Keep the posts coming. Yudhvir
Re: Kylin
How China can somewhat breach copyright and intellectual property with BSD licence? ;-) 2009/5/18 (private) HKS hks.priv...@gmail.com: 2009/5/18 Toma B Bod ar tomas.bod...@gmail.com: Common,you think that big western companies which have support from western governments care about it?And please don't make white knight from western civilization.Everywhere are pros and cons.What type of copyright and intellectual property you think?Like Disney which have stories based on older stories,but he has law from government on it now so original makers has nothing and Disney takes all?And when end of this copyright is near some magic happen in government and Disney (and others) has next 20 or 50 years.Sounds very respectable for copyright and intellectual property of original authors ;-) Or maybe you think something like we have.When you create your own song and sing it to people somewhere outside of your flat you must pay to OSA(something like BSA terrorists,but local).WTH is that.Sounds really like care about my copyright - I must pay for my own song ;-) Informations are here for share and we can move forward thanks to them.If some idiot have patent on double-click then what?One developer must incorporated triple-click to his product,next four-click and so on?Sounds like history - Earth is just pancake and everyone who want to find another idea must use our idea or he will be killed and who use our idea without our licence will be killed too.Really we need those times back?? For Christ's sake, get off your fucking high horse. My quip was in response to your implication that China chose a BSD license because it fit better with their intentions than GPL or similar. As if they gave a shit. -HKS 2009/5/18 (private) HKS hks.priv...@gmail.com: 2009/5/17 Toma B Bod ar tomas.bod...@gmail.com: I know,that's why they choose BSD-style licenced OS ;-) Yes, because China's respect for copyright and intellectual property is legendary. -HKS 2009/5/17 Cem Kayali cemkay...@eticaret.com.tr: Do you really think Chineese governmnt make source public? Not all of course ;) Regards, Jesus Sanchez, 05/17/09 20:58: TomC!E! BodEC!r escribiC3: After quick search on web it looks like it's based on FreeBSD 5.3 (initial version) with Windows like GUI.So it doesn't looks so secure now :-) But government agencies must have reason to receive money so why don't make wave about dangerous China with their new ultra-hyper-super secure system? Ofcourse that there can be interesting modifications.Maybe I will try it in Qemu :-) the chinese government really feels so vulnerable against U.S.? i mean, they say it like the WWIII will begin soon and we need to defend us on the cyberspace with our super-secure OS and after all they based it on FreeBSD? I'm a OpenBSD user and I really feel that I've enought privacy, don't need a super-secret-ultra-secure OS nor to say Made In China xD Dne 17. kvD ten 2009 19:28 TomC!E! BodEC!r tomas.bod...@gmail.com napsal(a): Everyone can try it http://www.honeytechblog.com/downlod-kylin-operating-system-by-chinaqingbo-wu / 2009/5/17 Duncan Patton a Campbell campb...@neotext.ca: I just noticed this: http://www.physorg.com/news161355225.html about a secure os that's been under development in China since around 2k and is now being deployed by the Chinese Gov. Interestingly, it is built for a hardened CPU that, I'd guess, lacks many of the advanced features of iNTel architecture cpus. Anybody have any more info on this? Thanks, Dhu
Re: old and new pf tandem test ---help
Otto, Henning and Stuart to-the-point answers. Thanks guys. I have taken the post over to FreeBSD list. However, Henning, I am curious why you call pf on anything but OpenBSD a starter drug? Is the performance difference that huge? pf on FreeBSD 7.2 is version 4.1. The people you are asking barely remember how OpenBSD 4.1's pf behaved. Take a moment and think back of what you were doing in February of 2007. This will momentary put you into the mindset that you are asking these guys to put themselves into. We don't remember.