On Wed, Oct 09, 2013 at 06:20:56PM -0400, Joe Landman wrote:
I just worked out setting up new filters for the recent S/N
destroying, high tin-foil-hat content, on gmail. Since people
pleading for this to go away hasn't worked, technological measures
to restore S/N for my inbox on this list
On 10/10/2013 09:01 AM, Aristedes Maniatis wrote:
We get a lot of attempts to guess weak ftp passwords on our servers. A tool
which we've used before (and is really nice) is fail2ban. In response to a
certain type or number of failed attempts, it can run a script (for example,
to load a
On 10/10/2013 09:38, Thinker Rix wrote:
On 2013-10-10 01:13, Przemysław Pawełczyk wrote:
On Thu, 10 Oct 2013 00:05:22 +0300
Thinker Rix thinke...@rocketmail.com wrote:
Well, actually I started this thread with a pretty frank,
straight-forward and very simple question.
That's right and they
On 2013-10-10 01:20, Joe Landman wrote:
I just worked out setting up new filters for the recent S/N
destroying, high tin-foil-hat content, on gmail. Since people
pleading for this to go away hasn't worked, technological measures to
restore S/N for my inbox on this list have been engaged.
On 2013-10-10 01:27, Robison, Dave wrote:
On 10/09/2013 15:20, Joe Landman wrote:
I just worked out setting up new filters for the recent S/N destroying, high
tin-foil-hat content, on gmail. Since people pleading for this to go away
hasn't worked, technological measures to restore S/N for my
*I think I speak for everyone who was a member of this list before
10:20 AM EST today when I say that this discussion does not belong
here and we would all like it to stop.*
I guess it is wise to just speak for yourself, instead of using this
cheap rhetorical trick to pretend being a
Hi Giles
On 2013-10-10 12:39, Giles Coochey wrote:
On 10/10/2013 09:38, Thinker Rix wrote:
On 2013-10-10 01:13, Przemysław Pawełczyk wrote:
On Thu, 10 Oct 2013 00:05:22 +0300
Thinker Rix thinke...@rocketmail.com wrote:
Well, actually I started this thread with a pretty frank,
This discussion about security/NSA/encryption IS important. Please go on.
Von Samsung Mobile gesendet
Ursprüngliche Nachricht
Von: Giles Coochey gi...@coochey.net
Datum:10.10.2013 11:39 (GMT+01:00)
An: list@lists.pfsense.org
Betreff: Re: [pfSense] NSA: Is pfSense
I'm moving this to a fresh thread so that it will be unencumbered by the
other discussion that has strayed a bit. Even if one were to ignore
government agency interference, finding the best crypto choices is a
good topic, but it can easily get lost in the other discussion when some
people have
On 2013-10-10 15:55, Ian Bowers wrote:
On Thu, Oct 10, 2013 at 8:17 AM, Alexandre Paradis
alexandre.para...@gmail.com mailto:alexandre.para...@gmail.com wrote:
indeed, i vote to continue. Because you don't mind being
overlooked by NSA doesn't mean everybody don't care.
On Thu, Oct
On 10/10/2013 13:55, Ian Bowers wrote:
On Thu, Oct 10, 2013 at 8:17 AM, Alexandre Paradis
alexandre.para...@gmail.com mailto:alexandre.para...@gmail.com wrote:
indeed, i vote to continue. Because you don't mind being
overlooked by NSA doesn't mean everybody don't care.
On Thu,
On 2013-10-10 16:08, Giles Coochey wrote:
On 10/10/2013 13:55, Ian Bowers wrote:
On Thu, Oct 10, 2013 at 8:17 AM, Alexandre Paradis
alexandre.para...@gmail.com mailto:alexandre.para...@gmail.com wrote:
indeed, i vote to continue. Because you don't mind being
overlooked by NSA doesn't
On Thu, Oct 10, 2013 at 9:07 AM, Thinker Rix thinke...@rocketmail.comwrote:
On 2013-10-10 15:55, Ian Bowers wrote:
On Thu, Oct 10, 2013 at 8:17 AM, Alexandre Paradis
alexandre.para...@gmail.com wrote:
indeed, i vote to continue. Because you don't mind being overlooked by
NSA doesn't
I rarely participate in public political discussions but I have to say
something:
In the United States if the government sent someonean NSL - they would not be
allowed to comment. You have been told that already and have been told that to
the best knowledge of the people involved, no other
Trying to get this back on-topic, I will change the subject however, to
alleviate the issues the anti-tin-foil-hat-brigade have. (ps I am also
top-posting on purpose as I believe the conversation below has near to
no relevance to my questions, but simply is an argument as to whether
these
On Oct 10, 2013, at 9:08 AM, Giles Coochey gi...@coochey.net wrote:
On 10/10/2013 13:55, Ian Bowers wrote:
On Thu, Oct 10, 2013 at 8:17 AM, Alexandre Paradis
alexandre.para...@gmail.com wrote:
indeed, i vote to continue. Because you don't mind being overlooked by NSA
doesn't mean everybody
Dear Sir,
Through participating on the pfsense support and discussion list,
someone from an IP address under your control has attempted to
unsubscribe me from this list.
I see this as an abuse of the mailing list and hope that you take
appropriate action. The IP that the request came from
I've deliberately stayed out of the political discussion, but interested in
this more technical discussion…
On 10 Oct 2013, at 14:50, Giles Coochey gi...@coochey.net wrote:
2. Cipher Selection - we're not all cryptoanalysts, so statements like 'trust
the math' don't always mean much to us,
Can you configure your phones to use do a keepalive ping? It sounds like
the states are timing out.
On Wed, Oct 9, 2013 at 5:44 PM, palesius . pales...@gmail.com wrote:
To take a break from all the NSA talk...
I'm having some trouble routing traffic over an openvpn tunnel between two
We use Fail2Ban with pfSense with a custom php script (on the firewall)
that adds the appropriate firewall rules.
We have fail2ban set up with multiple levels - so the action to ban in
pfSense only happens after several attempts at other services on one
machine. That way we can assume the ban
Greetings list,
Does anyone know if it's possible to 'sync' alias lists across pfSense units?
I could probably knock something together in $scripting_language_du_jour to
backup each unit's config, update the alias list, then restore the new config
back to the device, but a) that would involve
On 2013-10-10 16:52, Paul Mather wrote:
On Oct 10, 2013, at 9:08 AM, Giles Coochey gi...@coochey.net
mailto:gi...@coochey.net wrote:
*BLINK!*
Incredible the way I am seeing the reaction to the initial
question, and trying to query very valid points are now leading me to
seriously
On Thu, Oct 10, 2013 at 9:50 AM, Giles Coochey gi...@coochey.net wrote:
Trying to get this back on-topic, I will change the subject however, to
alleviate the issues the anti-tin-foil-hat-brigade have. (ps I am also
top-posting on purpose as I believe the conversation below has near to no
same ip for me tried to remove me from the mailing list.
On Thu, Oct 10, 2013 at 9:57 AM, Giles Coochey gi...@coochey.net wrote:
Dear Sir,
Through participating on the pfsense support and discussion list, someone
from an IP address under your control has attempted to unsubscribe me from
The HA facility of pfSense will sync various configs. Look at the
checkboxes to determine what gets synced to see if that is suitable for
your need.
On Thu, Oct 10, 2013 at 10:13 AM, Chris Bagnall
pfse...@lists.minotaur.ccwrote:
Greetings list,
Does anyone know if it's possible to 'sync'
On 10 Oct 2013, at 15:25, Vick Khera vi...@khera.org wrote:
The HA facility of pfSense will sync various configs. Look at the checkboxes
to determine what gets synced to see if that is suitable for your need.
Is that not designed for multiple units at one site?
In this scenario, the client
Since we keep coming back to FreeBSD as it pertains to security:
3) FreeBSD is very mature, and very well reviewed. I've looked into
FreeBSD to my personal satisfaction. OpenBSD may be abrasive as a
community at times, but their work product is pretty impressive in terms of
being clean and
On Thu, Oct 10, 2013 at 02:50:41PM +0100, Giles Coochey wrote:
1. The random number generator - As pfSense uses FreeBSD this may
well be a FreeBSD specific question, however, are there any ways
within pfsense that we can improve the entropy pool that the random
number gets its randomness
Hi Giles,
On 2013-10-10 16:50, Giles Coochey wrote:
Trying to get this back on-topic, I will change the subject however
Giles, please note that Jim Pingle has already started a new thread for
this purpose that he named [pfSense] Crypto/RNG Suggestions today.
It seems to be beneficial to add
On Oct 10, 2013, at 10:13 AM, Thinker Rix thinke...@rocketmail.com wrote:
On 2013-10-10 16:52, Paul Mather wrote:
On Oct 10, 2013, at 9:08 AM, Giles Coochey gi...@coochey.net wrote:
*BLINK!*
Incredible the way I am seeing the reaction to the initial question,
and trying to query
On 10/10/2013 11:35 AM, Thinker Rix wrote:
I want to upgrade from 2.0.1 to 2.1 and am wondering which
FreeBSD-version 2.1 is based on, since I am using some packages from there.
The table found here
https://doc.pfsense.org/index.php/PfSense_and_FreeBSD_Versions has not
been updated yet, it
Hi Warren,
thank you for your quick reply!
On 2013-10-10 18:39, Warren Baker wrote:
On 10 Oct 2013 17:36, Thinker Rix thinke...@rocketmail.com
mailto:thinke...@rocketmail.com wrote:
Hi all!
I want to upgrade from 2.0.1 to 2.1 and am wondering which
FreeBSD-version 2.1 is based on, since
On 2013-10-10 18:54, Jim Pingle wrote:
On 10/10/2013 11:35 AM, Thinker Rix wrote:
Is there someone who knows wich version of FreeBSD 2.1 is based on?
8.3-RELEASE-p11
It was going to be 8.3 the TBD part was for the patchlevel. It ended up
being -p11 by the time 2.1 was released.
Thank you
Hi Paul.
On 2013-10-10 18:42, Paul Mather wrote:
Thank you for the valuable information about how to use mailing lists.
You are welcome! ;-)
I first started using mailing lists back in the mid/late 1980s, on the
JANET network (British academic network)---back when the Internet was
made up
On 10/10/2013 11:57 AM, Thinker Rix wrote:
Can you / someone please confirm that the following is the correct
repository for me to use, when installing packages of FreeBSD on pfSense
2.1:
http://ftp-archive.freebsd.org/pub/FreeBSD/releases/i386/8.3-RELEASE/packages/All/
You shouldn't need
On 2013-10-10 19:25, Jim Pingle wrote:
comprehensive explanation help
Thank you very much, Jim!
Best regards
Thinker Rix
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
On Oct 10, 2013, at 4:34 PM, Yehuda Katz yeh...@ymkatz.net wrote:
Since we keep coming back to FreeBSD as it pertains to security:
3) FreeBSD is very mature, and very well reviewed. I've looked into FreeBSD
to my personal satisfaction. OpenBSD may be abrasive as a community at
times,
On Oct 10, 2013, at 5:42 PM, Paul Mather p...@gromit.dlib.vt.edu wrote:
I first started using mailing lists back in the mid/late 1980s,
You’re not the only one. :-)
I too was entertained by the n00b trying to tell grandpa how to use email.
Jim
On Oct 10, 2013, at 6:25 PM, Jim Pingle li...@pingle.org wrote:
You shouldn't need the -archive bits since 8.3 is still a supported release.
Until next April, anyway.
___
List mailing list
List@lists.pfsense.org
On Oct 10, 2013, at 4:49 PM, Giles Coochey gi...@coochey.net wrote:
On 10/10/2013 15:04, Chris Bagnall wrote:
What made you change from AES to Blowfish, and is there any evidence to
suggest that Blowfish is more 'secure' than AES?
My understanding is that AES was championed by an agency
Hi Dan
What are your settings on the Firewall - Virtual IPs Menu for each
interface and device, especially VHID and advertising frequency? Please
also make sure not to tick Synchronize Virtual IPs on the HA Settings
Page.
Regards, Adrian.
On 9/27/13 5:09 PM, Dan wrote:
On 09/27/2013 10:43
On Thu, Oct 10, 2013 at 10:32 AM, Chris Bagnall
pfse...@lists.minotaur.ccwrote:
In this scenario, the client has units at different sites (not all in the
same country, even).
Oh, glossed over that part. :(
Perhaps you could have a script that fetched the aliases configuration and
pushed it
On Thu, Oct 10, 2013 at 10:37 AM, Jostein Elvaker Haande jehaa...@gmail.com
wrote:
I've talked to the development team about this in the past, and what I was
told back then was this: with 1.3, you could achieve an API like behavior
with using curl or similar tools, but this would be close to
43 matches
Mail list logo