RE: dos attack
On Sun, 5 Jan 2003, Michael wrote: Thanks for all that responded. Your ideas are great but they will just slow the dos down if even that. I guess no one has either thought of a true way to stop a DOS or maybe its really impossible because your allowing them in to begin with. Easier said than done. Some types of attacks such as SYN flooding and smurfs can be prevented, to a point. How can a peice of software determine the difference between legit traffic and traffic intended to bring down your server? It would be very hard to write a program that can tell the difference between someone downloading a large file off your website with a high through-put and someone flooding your services with invalid requests. Even if there was something like that, what are the chances of false positives? Look at all the problems trying to prevent spam. Both of these problems will likely need to be prevented through legislation, not code, before we will really see a declide. Yes, I am referring to Lawrence Lessig's idea for spam control. Anyways, this is not the place for that discussion. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: DOS ATTACK. Any Suggestions?
Of course, people who don't do enough to secure their systems deserve what they get... ...at least, that's what so many in the security field seem to say. It's a ridiculous statement, of course -- we don't say, people who don't do enough to secure their homes deserve what they get, do we? Not where I'm from, usually (and if we all really believed that, then why don't we have doors on our houses like the ones found on bank vaults? Instead, we take smaller precautions (deadbolts, window blinds, perhaps owning a gun or other weapon) and meanwhile rely somewhat on the law to sort out home break-ins; although, I doubt that the American legal system could knowledgeably handle a computer security case), yet I can't count the number of times I've seen this mantra repeated... Anyway, that's my $0.02, I'll get off my soapbox now. :) I wish I could help you more, but I can't offer any real advice other than to look for patterns among the incoming IP's (and block them, at least temporarily), possibly limit the connection rate for each TCP connection (if FreeBSD or Apache is able to do this - I don't know offhand), see if you can find out who the moron is that thinks he's cool for DoS'ing you, replace your homepage with a small text-only version to reduce the bandwdith used (again, temporarily, until the attack stops anyway -- don't feed the attacker's ego with a message on the replacement page saying I'm going to find you and slice off your balls, etc. as that'll probably only encourage him/them), etc... -ES On Sunday 05 January 2003 11:20 pm, Jimi Thompson wrote: I forgot to add that hacking is now a terrorist act and can be prosecuted as such. On Sunday, January 5, 2003, at 05:28 PM, Anti wrote: more an issue with apache than freebsd i think... perhaps mod_dosevasive (http://www.networkdweebs.com/stuff/security.html) could be of use? `Anti` On Sun, 5 Jan 2003 17:53:23 -0500 (EST) Michael [EMAIL PROTECTED] wrote: Sigh. I have had my website for well over a few years now. I am very upset with the internet and where it is going due to the fact that their is so many children on it whose parents dont know how to do their jobs and they allow their children to perform dos attacks and god only knows what else on daddys fast connection. The internet falls the perfect place for every child/grownup who was/is pushed around in school, the unpopular kids no one likes, the fat kid in class and the guys that cant even get laid to go online and be the man behind the monitor. It is the only place they can go and be something in power As lame as that is this must be how they look at it in their sick mind. I have been dossed many times. Heres the latest. I go to http://www.unixhideout.com/server-status which you can also look at if it actually loads for you.. and i see around 80-100 of these 24/7 1-0 50860 1/4/4 K 0.40 10 1134 0.0 0.00 0.00 24.67.253.203 www.unixhideout.com GET / HTTP/1.1 all from different (at least 100 ips) over and over again bringing my server to its knees. As i said previously i have been dossed by the nobodys many times and it usually just goes away. This has been going on since january first. I am running IPFW with very strict rules, on FreeBSD 4.7 IPFW does me no good because i am allowing the port they are abusing (80) due to the last DOS attack and my few hours research i have the following options already in my rc.conf tcp_extensions=NO tcp_keepalive=YES tcp_restrict_rst=YES icmp_bmcastecho=NO icmp_drop_redirect=YES firewall_enable=YES firewall_script=/etc/rc.firewall firewall_type=custom firewall_quiet=NO firewall_logging_enable=YES log_in_vain=YES Im sure you can notice some mistakes. I try to keep the research on this lame shit to a minumum as it does not interest me to learn how to hurt other people. Please help me get the best out of this immature child and continue my website which is a complete gift to FreeBSD and its community, not that you owe me a god damn thing but you understand what i mean.. I have dealt with this many times. As soon as my site gets big and i have a lot of users in irc, some little jealous network comes along and destroys what i worked on. The last time this happened my ISP shut ME off because it took out one of their facilities. -- Mike [EMAIL PROTECTED] The unixhideout network, http://www.unixhideout.com need to get ahold of me? finger [EMAIL PROTECTED] - Free, secure and stable email from UnixHideout The UnixHideout network http://www.unixhideout.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To
Re: DOS ATTACK. Any Suggestions?
more an issue with apache than freebsd i think... perhaps mod_dosevasive (http://www.networkdweebs.com/stuff/security.html) could be of use? `Anti` On Sun, 5 Jan 2003 17:53:23 -0500 (EST) Michael [EMAIL PROTECTED] wrote: Sigh. I have had my website for well over a few years now. I am very upset with the internet and where it is going due to the fact that their is so many children on it whose parents dont know how to do their jobs and they allow their children to perform dos attacks and god only knows what else on daddys fast connection. The internet falls the perfect place for every child/grownup who was/is pushed around in school, the unpopular kids no one likes, the fat kid in class and the guys that cant even get laid to go online and be the man behind the monitor. It is the only place they can go and be something in power As lame as that is this must be how they look at it in their sick mind. I have been dossed many times. Heres the latest. I go to http://www.unixhideout.com/server-status which you can also look at if it actually loads for you.. and i see around 80-100 of these 24/7 1-0 50860 1/4/4 K 0.40 10 1134 0.0 0.00 0.00 24.67.253.203 www.unixhideout.com GET / HTTP/1.1 all from different (at least 100 ips) over and over again bringing my server to its knees. As i said previously i have been dossed by the nobodys many times and it usually just goes away. This has been going on since january first. I am running IPFW with very strict rules, on FreeBSD 4.7 IPFW does me no good because i am allowing the port they are abusing (80) due to the last DOS attack and my few hours research i have the following options already in my rc.conf tcp_extensions=NO tcp_keepalive=YES tcp_restrict_rst=YES icmp_bmcastecho=NO icmp_drop_redirect=YES firewall_enable=YES firewall_script=/etc/rc.firewall firewall_type=custom firewall_quiet=NO firewall_logging_enable=YES log_in_vain=YES Im sure you can notice some mistakes. I try to keep the research on this lame shit to a minumum as it does not interest me to learn how to hurt other people. Please help me get the best out of this immature child and continue my website which is a complete gift to FreeBSD and its community, not that you owe me a god damn thing but you understand what i mean.. I have dealt with this many times. As soon as my site gets big and i have a lot of users in irc, some little jealous network comes along and destroys what i worked on. The last time this happened my ISP shut ME off because it took out one of their facilities. -- Mike [EMAIL PROTECTED] The unixhideout network, http://www.unixhideout.com need to get ahold of me? finger [EMAIL PROTECTED] - Free, secure and stable email from UnixHideout The UnixHideout network http://www.unixhideout.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: dos attack
Thanks for all that responded. Your ideas are great but they will just slow the dos down if even that. I guess no one has either thought of a true way to stop a DOS or maybe its really impossible because your allowing them in to begin with. I figured it was worth a shot to ask. Ill just wait it out for now. Eventually they will go away. They can try to take us out the game but unixhideout isnt going anywhere. So they just better get used to being second place. -- Mike [EMAIL PROTECTED] The unixhideout network, http://www.unixhideout.com need to get ahold of me? finger [EMAIL PROTECTED] - Free, secure and stable email from UnixHideout The UnixHideout network http://www.unixhideout.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: dos attack
Michael wrote: Thanks for all that responded. Your ideas are great but they will just slow the dos down if even that. Well, that seems like it's better than nothing. I have always regarded DOS attacks as crimes of opportunity: as you say, it doesn't take a lot of smarts to pull one off. If you make it too hard, they'll give up. So take what steps you can. I guess no one has either thought of a true way to stop a DOS or maybe its really impossible because your allowing them in to begin with. Well, it is impossible unless you shut down your site. I figured it was worth a shot to ask. Ill just wait it out for now. Eventually they will go away. They can try to take us out the game but unixhideout isnt going anywhere. So they just better get used to being second place. What concerns me about this thread is that by doing nothing, it makes the choice of UNIX as a secure OS less credible. One of the strengths of open source is that it allows rapid response to threats. By not taking what steps you can, you risk undermining that point. My two cents, of course. -- Paul Beard: seeking UNIX/internet engineering work http://paulbeard.no-ip.org/paulbeard.html 8040 27th Ave NE Seattle WA 98115 / 206 529 8400 To envision how a 4-processor system running [SunOS] 4.1.x works, think of four kids and one bathroom. -- John DiMarco To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: DOS ATTACK. Any Suggestions?
As soon as my site gets big and i have a lot of users in irc, some little jealous network comes along and destroys what i worked on. The last time this happened my ISP shut ME off because it took out one of their facilities. I think this is your core problem... In all my years working tech support, I've seen that the vast majority of people being DOSed fall into three categories, Child Porn, Spammers, and IRC. If you run IRC, you will be DOSed by some snot nosed script kiddie. You are 100% correct in your assessment of their mentality, they basically find the only place where they can be the man is behind a keyboard, the sad thing is most of them don't have the slightest idea about the code behind their tools, they just know how to run them. The only way to get rid of a DOS attack is to either ride it out until they get bored, or contact your host and ask their network engineers to null route the source IP's that are sending to you. You could use IPFW to block those network packets at your kernel level, but by then the packets have already came down the wire to your server and have already affected you. If the network techs can null route the DOS upstream of you, then you should be able to remain online. Good Luck. One last thing, I had some fool trying to DOS me once from his own IP address. I simply portscanned him with Nmap and suddenly he just blinked off line. I guess it scared him sufficiently to go to sleep. - Sean To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: DOS ATTACK. Any Suggestions?
Since the IP range seems to belong to shawcable.net (24.67.253.203)I would send an E-mail to them. The scanning back has worked for me as well BUT be carefull or you might be labled the bad one. Normaly I always poke back just to see who they are and e-mail the host if it becomes a problem. Also if you are using DSL with a CISCO 675 / 678 there are tools and patchs that can filter out most DDOS attacks. Here's some reading. You'll notice he's running some interesting Services and will find the http site is blocked. If you dig some more you'll find other interesting things as well. And no I am not and do not condone hacking just investigatingg Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) No tcp,udp, or ICMP scantype specified, assuming SYN Stealth scan. Use -sP if you really don't want to portscan (and just want to see what hosts are up). Host px1ht.ok.shawcable.net (24.67.253.203) appears to be up ... good. Initiating SYN Stealth Scan against px1ht.ok.shawcable.net (24.67.253.203) Adding open port 80/tcp Adding open port 514/tcp Adding open port 554/tcp Adding open port 23/tcp Adding open port 8080/tcp Adding open port 3128/tcp Adding open port 53/tcp Bumping up senddelay by 1 (to 1), due to excessive drops Bumping up senddelay by 2 (to 3), due to excessive drops Bumping up senddelay by 3 (to 6), due to excessive drops The SYN Stealth Scan took 225 seconds to scan 1601 ports. Interesting ports on px1ht.ok.shawcable.net (24.67.253.203): (The 1577 ports scanned but not shown below are in state: closed) Port State Service 23/tcp opentelnet 53/tcp opendomain 71/tcp filterednetrjs-1 74/tcp filterednetrjs-4 80/tcp openhttp 112/tcpfilteredmcidas 314/tcpfilteredopalis-robot 341/tcpfilteredunknown 514/tcpopenshell 535/tcpfilterediiop 551/tcpfilteredcybercash 554/tcpopenrtsp 574/tcpfilteredftp-agent 597/tcpfilteredptcnameservice 632/tcpfilteredunknown 643/tcpfilteredunknown 683/tcpfilteredunknown 785/tcpfilteredunknown 819/tcpfilteredunknown 950/tcpfilteredoftep-rpc 1380/tcp filteredtelesis-licman 1652/tcp filteredxnmp 3128/tcp opensquid-http 8080/tcp openhttp-proxy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sean J. Countryman Sent: Sunday, January 05, 2003 5:04 PM To: FreeBSD Questions; Michael Subject: RE: DOS ATTACK. Any Suggestions? As soon as my site gets big and i have a lot of users in irc, some little jealous network comes along and destroys what i worked on. The last time this happened my ISP shut ME off because it took out one of their facilities. I think this is your core problem... In all my years working tech support, I've seen that the vast majority of people being DOSed fall into three categories, Child Porn, Spammers, and IRC. If you run IRC, you will be DOSed by some snot nosed script kiddie. You are 100% correct in your assessment of their mentality, they basically find the only place where they can be the man is behind a keyboard, the sad thing is most of them don't have the slightest idea about the code behind their tools, they just know how to run them. The only way to get rid of a DOS attack is to either ride it out until they get bored, or contact your host and ask their network engineers to null route the source IP's that are sending to you. You could use IPFW to block those network packets at your kernel level, but by then the packets have already came down the wire to your server and have already affected you. If the network techs can null route the DOS upstream of you, then you should be able to remain online. Good Luck. One last thing, I had some fool trying to DOS me once from his own IP address. I simply portscanned him with Nmap and suddenly he just blinked off line. I guess it scared him sufficiently to go to sleep. - Sean To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: DOS ATTACK. Any Suggestions? - Some helpful links
Here's some links you may find interesting Apache mod http://www.networkdweebs.com/stuff/security.html not a complete solution but it will slow them down In an article from http://slashdot.org/articles/02/10/27/140212.shtml?tid=172 there is a link http://www.research.att.com/ ~smb/papers/pushback-impl.pdf pushback on FreeBSD Traffic filtering http://www10.org/cdrom/papers/409/ Hope some of this helps... Can't stand hearing a great UNIX site is being screwed with... Cheers M;) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Mike Sent: Sunday, January 05, 2003 7:00 PM To: 'FreeBSD Questions' Subject: RE: DOS ATTACK. Any Suggestions? Since the IP range seems to belong to shawcable.net (24.67.253.203)I would send an E-mail to them. The scanning back has worked for me as well BUT be carefull or you might be labled the bad one. Normaly I always poke back just to see who they are and e-mail the host if it becomes a problem. Also if you are using DSL with a CISCO 675 / 678 there are tools and patchs that can filter out most DDOS attacks. Here's some reading. You'll notice he's running some interesting Services and will find the http site is blocked. If you dig some more you'll find other interesting things as well. And no I am not and do not condone hacking just investigatingg Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) No tcp,udp, or ICMP scantype specified, assuming SYN Stealth scan. Use -sP if you really don't want to portscan (and just want to see what hosts are up). Host px1ht.ok.shawcable.net (24.67.253.203) appears to be up ... good. Initiating SYN Stealth Scan against px1ht.ok.shawcable.net (24.67.253.203) Adding open port 80/tcp Adding open port 514/tcp Adding open port 554/tcp Adding open port 23/tcp Adding open port 8080/tcp Adding open port 3128/tcp Adding open port 53/tcp Bumping up senddelay by 1 (to 1), due to excessive drops Bumping up senddelay by 2 (to 3), due to excessive drops Bumping up senddelay by 3 (to 6), due to excessive drops The SYN Stealth Scan took 225 seconds to scan 1601 ports. Interesting ports on px1ht.ok.shawcable.net (24.67.253.203): (The 1577 ports scanned but not shown below are in state: closed) Port State Service 23/tcp opentelnet 53/tcp opendomain 71/tcp filterednetrjs-1 74/tcp filterednetrjs-4 80/tcp openhttp 112/tcpfilteredmcidas 314/tcpfilteredopalis-robot 341/tcpfilteredunknown 514/tcpopenshell 535/tcpfilterediiop 551/tcpfilteredcybercash 554/tcpopenrtsp 574/tcpfilteredftp-agent 597/tcpfilteredptcnameservice 632/tcpfilteredunknown 643/tcpfilteredunknown 683/tcpfilteredunknown 785/tcpfilteredunknown 819/tcpfilteredunknown 950/tcpfilteredoftep-rpc 1380/tcp filteredtelesis-licman 1652/tcp filteredxnmp 3128/tcp opensquid-http 8080/tcp openhttp-proxy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sean J. Countryman Sent: Sunday, January 05, 2003 5:04 PM To: FreeBSD Questions; Michael Subject: RE: DOS ATTACK. Any Suggestions? As soon as my site gets big and i have a lot of users in irc, some little jealous network comes along and destroys what i worked on. The last time this happened my ISP shut ME off because it took out one of their facilities. I think this is your core problem... In all my years working tech support, I've seen that the vast majority of people being DOSed fall into three categories, Child Porn, Spammers, and IRC. If you run IRC, you will be DOSed by some snot nosed script kiddie. You are 100% correct in your assessment of their mentality, they basically find the only place where they can be the man is behind a keyboard, the sad thing is most of them don't have the slightest idea about the code behind their tools, they just know how to run them. The only way to get rid of a DOS attack is to either ride it out until they get bored, or contact your host and ask their network engineers to null route the source IP's that are sending to you. You could use IPFW to block those network packets at your kernel level, but by then the packets have already came down the wire to your server and have already affected you. If the network techs can null route the DOS upstream of you, then you should be able to remain online. Good Luck. One last thing, I had some fool trying to DOS me once from his own IP address. I simply portscanned him with Nmap and suddenly he just blinked off line. I guess it scared him sufficiently to go to sleep. - Sean To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED
Re: DOS ATTACK. Any Suggestions?
Track'em and prosecute them. On Sunday, January 5, 2003, at 05:28 PM, Anti wrote: more an issue with apache than freebsd i think... perhaps mod_dosevasive (http://www.networkdweebs.com/stuff/security.html) could be of use? `Anti` On Sun, 5 Jan 2003 17:53:23 -0500 (EST) Michael [EMAIL PROTECTED] wrote: Sigh. I have had my website for well over a few years now. I am very upset with the internet and where it is going due to the fact that their is so many children on it whose parents dont know how to do their jobs and they allow their children to perform dos attacks and god only knows what else on daddys fast connection. The internet falls the perfect place for every child/grownup who was/is pushed around in school, the unpopular kids no one likes, the fat kid in class and the guys that cant even get laid to go online and be the man behind the monitor. It is the only place they can go and be something in power As lame as that is this must be how they look at it in their sick mind. I have been dossed many times. Heres the latest. I go to http://www.unixhideout.com/server-status which you can also look at if it actually loads for you.. and i see around 80-100 of these 24/7 1-0 50860 1/4/4 K 0.40 10 1134 0.0 0.00 0.00 24.67.253.203 www.unixhideout.com GET / HTTP/1.1 all from different (at least 100 ips) over and over again bringing my server to its knees. As i said previously i have been dossed by the nobodys many times and it usually just goes away. This has been going on since january first. I am running IPFW with very strict rules, on FreeBSD 4.7 IPFW does me no good because i am allowing the port they are abusing (80) due to the last DOS attack and my few hours research i have the following options already in my rc.conf tcp_extensions=NO tcp_keepalive=YES tcp_restrict_rst=YES icmp_bmcastecho=NO icmp_drop_redirect=YES firewall_enable=YES firewall_script=/etc/rc.firewall firewall_type=custom firewall_quiet=NO firewall_logging_enable=YES log_in_vain=YES Im sure you can notice some mistakes. I try to keep the research on this lame shit to a minumum as it does not interest me to learn how to hurt other people. Please help me get the best out of this immature child and continue my website which is a complete gift to FreeBSD and its community, not that you owe me a god damn thing but you understand what i mean.. I have dealt with this many times. As soon as my site gets big and i have a lot of users in irc, some little jealous network comes along and destroys what i worked on. The last time this happened my ISP shut ME off because it took out one of their facilities. -- Mike [EMAIL PROTECTED] The unixhideout network, http://www.unixhideout.com need to get ahold of me? finger [EMAIL PROTECTED] - Free, secure and stable email from UnixHideout The UnixHideout network http://www.unixhideout.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: DOS ATTACK. Any Suggestions?
I forgot to add that hacking is now a terrorist act and can be prosecuted as such. On Sunday, January 5, 2003, at 05:28 PM, Anti wrote: more an issue with apache than freebsd i think... perhaps mod_dosevasive (http://www.networkdweebs.com/stuff/security.html) could be of use? `Anti` On Sun, 5 Jan 2003 17:53:23 -0500 (EST) Michael [EMAIL PROTECTED] wrote: Sigh. I have had my website for well over a few years now. I am very upset with the internet and where it is going due to the fact that their is so many children on it whose parents dont know how to do their jobs and they allow their children to perform dos attacks and god only knows what else on daddys fast connection. The internet falls the perfect place for every child/grownup who was/is pushed around in school, the unpopular kids no one likes, the fat kid in class and the guys that cant even get laid to go online and be the man behind the monitor. It is the only place they can go and be something in power As lame as that is this must be how they look at it in their sick mind. I have been dossed many times. Heres the latest. I go to http://www.unixhideout.com/server-status which you can also look at if it actually loads for you.. and i see around 80-100 of these 24/7 1-0 50860 1/4/4 K 0.40 10 1134 0.0 0.00 0.00 24.67.253.203 www.unixhideout.com GET / HTTP/1.1 all from different (at least 100 ips) over and over again bringing my server to its knees. As i said previously i have been dossed by the nobodys many times and it usually just goes away. This has been going on since january first. I am running IPFW with very strict rules, on FreeBSD 4.7 IPFW does me no good because i am allowing the port they are abusing (80) due to the last DOS attack and my few hours research i have the following options already in my rc.conf tcp_extensions=NO tcp_keepalive=YES tcp_restrict_rst=YES icmp_bmcastecho=NO icmp_drop_redirect=YES firewall_enable=YES firewall_script=/etc/rc.firewall firewall_type=custom firewall_quiet=NO firewall_logging_enable=YES log_in_vain=YES Im sure you can notice some mistakes. I try to keep the research on this lame shit to a minumum as it does not interest me to learn how to hurt other people. Please help me get the best out of this immature child and continue my website which is a complete gift to FreeBSD and its community, not that you owe me a god damn thing but you understand what i mean.. I have dealt with this many times. As soon as my site gets big and i have a lot of users in irc, some little jealous network comes along and destroys what i worked on. The last time this happened my ISP shut ME off because it took out one of their facilities. -- Mike [EMAIL PROTECTED] The unixhideout network, http://www.unixhideout.com need to get ahold of me? finger [EMAIL PROTECTED] - Free, secure and stable email from UnixHideout The UnixHideout network http://www.unixhideout.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message