Re: IPFW lockout.

2005-09-04 Thread James Bowman Sineath, III
Hi all, I have a small problem on one of my dev boxes. I have a bod bootup ipfw rulset and I find myself locked out of the machine. There will be a technician at the NOC on Tuesday that will be able to assist me. My question is: Will he/she be able to simply reboot, logon as root as

Re: and the winner is...

2005-09-01 Thread James Bowman Sineath, III
I there, i was trying freebsd for a while, and comparing it against debian/linux. The winner was Debian by far... Freebsd could be stable, but it is not faster... and Debian is far much more 'usable'. Freebsd package installation is very laborious compared with Debian's apt system. I have to

Re: Re[4]: how to know if i'm under flood?

2005-08-29 Thread James Bowman Sineath, III
Thanks for reply! If u have more experience, please give some example about what sysctl variable to set, There are a variety of them, I can give you a few examples of ones that I set but depending upon the attack and what it is targetting, they may proveto be ineffective. Keep in mind that

Re: interface alias at start-up

2005-08-27 Thread James Bowman Sineath, III
FWIW: That doesnt work for me :( Make sure that you replaced rl0 with the name of your interface, which can be found with a simple ifconfig -a. any other way? write a simple shell script to do it or do it manually with the following: ifconfig interface inet ip netmask subnet mask alias

Re: Re[2]: how to know if i'm under flood?

2005-08-27 Thread James Bowman Sineath, III
In response to your first question, I would highly recommend setting up a verbose firewall if you have not already done so. Personally, I use ipfw but there are a variety of options available to you (pf/ipf/ipfw/ipfw2), so check out the handbook and figure out which one you want to use. Doing

Re: anonymous ssh forwarding

2005-08-26 Thread James Bowman Sineath, III
I would highly discourage you from doing this, especially without the permission of your company. Just make sure that your admin knows that you are doing this and make sure that your BSD box at home is properly secured. Keep in mind that if your system at home is compromised then your system at

Re: NAT router confusion

2005-06-24 Thread James Bowman Sineath, III
My understanding is that the netmask (255.255.255.0 as you put it) is only to determine how much of the IP address is used for the subnet address. I'm a newb with this as well, so please, someone correct me if i'm wrong. If your IP is 192.168.1.10 and your netmask is 255.255.255.0, then only

Re: ipf blocking pass rule

2005-06-09 Thread James Bowman Sineath, III
other pass in rules except for port number. Thanks again. James Bowman Sineath, III wrote: James, You should send messages to the list directly. When you start your question by hitting reply to a question about shell accounts, your message will be lumped under there in a lot of mail clients

ipf blocking pass rule

2005-06-08 Thread James Bowman Sineath, III
I have the following rule in my ipf.rules: pass in log first quick on xl0 proto tcp from any to any port = 25 keep state for some reason it will pass the first connection but block the next. A log is below. Any ideas on why this is happening would be much appreciated. Jun 8 16:11:38

Re: FreeBSD Co-location

2005-06-05 Thread James Bowman Sineath, III
I would also check out lomag at http://www.lomag.net/ I've worked with them for the past 3 or 4 years and their service is amazing. Their connectivity is very good as well. - Original Message - From: Peter Thoenen [EMAIL PROTECTED] To: Bob Perry [EMAIL PROTECTED]; [EMAIL PROTECTED];

Diskless with read-only /etc?

2004-05-05 Thread James Bowman
I'm running a diskless 5.2-CURRENT, and it has a read-only /etc. sshd can't start, because it can't create /etc/ssh/ssh_host_key. I can work around this myself, of course, but is there a better way? Thanks. -- James Bowman http://acelere.net