having also not read the book, my guess would be that a transparent
proxy + firewall would increase security because people don't have the
the option to run SSH tunnels via the HTTP port. A good example would
be years ago I ran a sock4 proxy on port 80 on my home firewall to
allow me to download
[EMAIL PROTECTED] (Andreas Vvgele) writes:
Tom Menari writes:
Can anyone reccomend a client configuration for IPsec from a roaming
Linux machine that works with OpenBSD's ipsecctl?
I have tried Openswan and racoon and both have thier problems.
Currently using X509 certificates but if
On Mon, Mar 24, 2008 at 12:15:55AM -0700, Bryan Irvine wrote:
having also not read the book, my guess would be that a transparent
proxy + firewall would increase security because people don't have the
the option to run SSH tunnels via the HTTP port. A good example would
be years ago I ran a
The enc(4) man page states ``all rules on the enc interface should
explicitly set `keep state (if-bound)'.'' Defaulting stateful rules
to if-bound on the enc0 interface seems like a good candidate for
OpenBSD's reasonable defaults policy.
Looking at pfctl/parse.y, the main issue in implementing
Richard Daemon wrote:
I do pretty much the same as this, for years now on WRAP, Soekris and
now ALIX too (with BIOS 0.99b) but my fstab is a little different.
I install them via PXEbooting OpenBSD and they all run 4.2-stable
built on another, fast system, make via release(8) basically.
I'll
who cares about web cams? What's so important in looking at a pixeled,
almost-static face?
I have still not understood what they are good for.
I do understand what pf good for is.
I do understand what a public, anonymous CVS server good for is
I do understand what security and code auditing
I finally got this working with Openswan and X.509 certificates.
On the OpenBSD side:
ipsec.conf:
ike passive esp from 86.134.74.32 to any
Linux/Openswan side:
ipsec.conf:
version 2
include /etc/ipsec.d/examples/no_oe.conf
config work
auto=add
left=%defaultroute
On 2008-03-24, David Newman [EMAIL PROTECTED] wrote:
1. On a 4.2 i386 box, installing mediawiki from ports died during tk
install with the header error pasted below. This box has xbase installed
but none of the rest of the X stuff.
How to remedy?
You should have a full OS installation if
That's a pretty lame and negative response.
.
#1 developers are responsible enough to make their own decisions, and no one
asked the OBSD developers to do anything.
#2 if you don't use a webcam maybee you should join Richard Stahlman in
having your web pages e-mailed to you throgh a script
Your response was both rude and non-productive and contributed nothing to
the discussion accept an arrogant antiquated attitude. Your lame attempt to
describe why adding such a driver would be a security risk was best a terse
flimflam shot from the hip in response to a good question. No
On Mon, Mar 24, 2008 at 01:21:41PM +0100, Pau Amaro-Seoane wrote:
knock it off. your response was pointless.
I think you don't understand what obsd is about
I don't think you do either.
--
[EMAIL PROTECTED]
SDF Public Access UNIX System - http://sdf.lonestar.org
On 3/23/2008 at 4:38 PM Jussi Peltola wrote:
|On Sun, Mar 23, 2008 at 04:13:45PM +0200, Lars Noodin wrote:
| sonjaya wrote:
| any other device sugesstion?
|
| If you do not need the wireless card (see item 'J' in the diagram),
| *maybe* that could be replaced with an ethernet card:
|
ok, I have to apologise.
I don't mean to be unpolite but, please understand me:
I don't think there exists another OS as OpenBSD. It's unique.
I am afraid that the more popular it will become, the more thingies
new users will ask for. And complication leads to... well, see linux
and other OS.
I was the college intern that did ISIC for Kevin's group about 8 years ago
now. It was a good group to work for. I learned a lot and had a ton of
room to play. Accidentally took down ATT's early wireless network while
pen testing a special peering arrangement the two companies had. I did a
lot
On Mon, Mar 24, 2008 at 03:04:13PM +0300, Michael Spratt wrote:
And by the way if you have ever used a webcam now days they are no longer
pixilated... You must still be living in 1998. Of course you are a real
computer user and real computer users don't need webcams because they only
need
On Mon, Mar 24, 2008 at 01:34:24PM +0100, Pau Amaro-Seoane wrote:
ok, I have to apologise.
I don't mean to be unpolite but, please understand me:
I don't think there exists another OS as OpenBSD. It's unique.
I am afraid that the more popular it will become, the more thingies
new users
Unix Fan [EMAIL PROTECTED] wrote:
So who's working on OpenBSD's implementation? get busy!! :D :D :D
IIRC, someone's working on a webcam USB driver for NetBSD. I'd suggest
to wait 'till that works and then port it.
--
Jonathan
Hey guys, thanks for the replies... remember that my original intend
was to build a cheap home monitoring/surveillance system using free
open source softwares and OpenBSD just come to mind naturally... I
mean, the goal is the capture live footage of your own house, who
doesn't want it to be as
Hi,
I searched the FAQ and the man pages (for pf, pf.conf and pfctl.conf),
but I did not find a definition for the src-limit counter which is
showed by the command pfctl -si.
With pfctl -sa I saw this:
LIMITS:
stateshard limit 20
src-nodes hard limit1
frags
Sunnz wrote:
... things like Skype would be nice to communicate ...
*Like* skype but *not* actually skype itself, please.
Skype is neither open source nor open protocol. Two strikes. It's got
a rather bad security history. Three strikes.
Try for FOSS programs, but if you can't do that, then
2008/3/25, Lars NoodC)n [EMAIL PROTECTED]:
Sunnz wrote:
... things like Skype would be nice to communicate ...
*Like* skype but *not* actually skype itself, please.
Skype is neither open source nor open protocol. Two strikes. It's got
a rather bad security history. Three strikes.
Holidays in the unknown Italy
- Come to see the Italian Apennine, the enchanted Suviana lake, and its
bucolic and misterious Regional Park...
- This incontaminated and fairy-tale refuge is near Firenze, Bologna,
Pisa and the old roman thermal baths of Porretta.
- In the lake you can swim, fish
Does anyone happen to know a tool that sends out gratuitous arp from
userland on openbsd?
P.S. I know there is CARP, but I need to send out o;?gratuitous arp
anyway ;)
Thanks,
Stephan
Jose,
The 'src-limit' counter advances by one for every packet blocked by a rate
limited rule. If you write a pf rule using stateful tracking options to
allow connections at a rate of 20 per 60 seconds then packets arriving
faster than this would be blocked. You could then look at the 'src-limit'
Purely from a security standpoint, which is preferabe: installing the
1.9 version from packages or ports, or building the current release from
sources?
http://www.mediawiki.org/wiki/MediaWiki
Building from source on this particular web app is pretty simplistic- so
I'd read the security updates
Fratiman Vladut wrote:
Motherboard is Gigabyte GA-MA69VM-S2. I don't know if have IPMI
option. How can find without boot?
http://tw.giga-byte.com/Products/Motherboard/Products_Spec.aspx?ClassValue=MotherboardProductID=2500ProductName=GA-MA69VM-S2
Jonathan Schleifer wrote:
Unix Fan [EMAIL PROTECTED] wrote:
So who's working on OpenBSD's implementation? get busy!! :D :D :D
IIRC, someone's working on a webcam USB driver for NetBSD. I'd suggest
to wait 'till that works and then port it.
There's also this:
Hmm. I didn't realize there was an open standard for USB webcams.
From the Wiki: * These devices also have non-UVC equivalents by the same
name. Please check the product number to confirm UVC compatibility.
So, how common are these devices? Will they continue to be produced according
to
On 3/23/2008 4:57 PM, Jacob Meuser wrote:
On Sun, Mar 23, 2008 at 12:31:31PM -0700, Predrag Punosevac wrote:
Moreover it is also hard to justify time
spend in hacking those things if there is relatively inexpensive
hardware solution (video input devices supported by
bktr can be bought for
In reading through the recent Intel Mac Mini thread, I'm confused by what
appears to OpenBSD's support? OpenBSD now supports EFI? Or is EFI have some
compatibility mode with the older BIOS standard?
If the broader question is does OpenBSD work on the Mac mini x86? The answer
is yes. Simply
In response to Kyrre Nygerd [EMAIL PROTECTED]:
Sorry, I really don't know where else to ask.
I've been using Staminus for a while now and I've had it with the downtime.
Basically I want a place to host my Ruby on Rails / Git projects, an IRC
server as well as an internet radio channel.
On Mon, Mar 24, 2008 at 01:45:24PM -0500, Claus wrote:
On 3/23/2008 4:57 PM, Jacob Meuser wrote:
On Sun, Mar 23, 2008 at 12:31:31PM -0700, Predrag Punosevac wrote:
Moreover it is also hard to justify time
spend in hacking those things if there is relatively inexpensive
hardware solution
On Mon, Mar 24, 2008 at 02:44:46PM -0400, Bill Moran wrote:
In response to Kyrre Nygerd [EMAIL PROTECTED]:
Sorry, I really don't know where else to ask.
I've been using Staminus for a while now and I've had it with the downtime.
Basically I want a place to host my Ruby on Rails / Git
* Stephan A. Rickauer [EMAIL PROTECTED] [2008-03-24 16:15]:
Does anyone happen to know a tool that sends out gratuitous arp from
userland on openbsd?
P.S. I know there is CARP, but I need to send out o;?gratuitous arp
anyway ;)
sth like this
MAC=00:11:22:33:44:55
DNET=dnet
for IP in
Excellent choice...
But so far it looks like I'll be going for http://www.m5hosting.com.
Small is the new big, might wanna Google that. Besides, they look so
simple!
Kyrre
- Original Message -
From: Bill Moran [EMAIL PROTECTED]
Date: Tuesday, March 25, 2008 4:28 am
Subject: Re: Where
On 2008-03-24, Dan Farrell [EMAIL PROTECTED] wrote:
Purely from a security standpoint, which is preferabe: installing the
1.9 version from packages or ports, or building the current release from
sources?
http://www.mediawiki.org/wiki/MediaWiki
Building from source on this particular web
!Hola! Alguien muy especial te ha enviado una postal de
http://gusanito.com
[IMAGE]
Alguien muy especial te envis una postal de http://www.gusanito.com
Opcisn para ver la postal (modo seguro)
1. Copia este csdigo: 882398D49E3CD5F6DB16C2F389628FB3
2. Ingresa a Gusanito.com
3. Pega o
Sorry, I really don't know where else to ask.
I've been using Staminus for a while now and I've had it with the downtime.
Basically I want a place to host my Ruby on Rails / Git projects, an IRC server
as well as an internet radio channel.
Simple website / control panel design is ofcourse a
I have one here... nothing to complain.
www.serverpronto.com
On Mon, Mar 24, 2008 at 7:24 PM, Kyrre Nygerd [EMAIL PROTECTED] wrote:
Excellent choice...
But so far it looks like I'll be going for http://www.m5hosting.com.
Small is the new big, might wanna Google that. Besides, they look so
Hello all,
Me with my low-MHz project.
I have been given a Tyan dual-P-133 motherboard with CPUs but it doesn't
have much memory. The board is capable of taking 8 x 64 MB (standard,
EDO, or ECC) 72-pin SIMMS, installed in pairs.
I also have my IBM 486DX4-100 that needs 4 x 32 MB standard
My question might take this thread else where's, why hasn't the internet
community adopted ipv6?
ipv6 wasn't it to replace ipv6?
And what are the pros vs cons to using internal ipv6 on ones net work?
Peace,
Sent via BlackBerry from T-Mobile
-Original Message-
From:
On Mon, Mar 24, 2008 at 11:03 AM, Michael Dexter [EMAIL PROTECTED] wrote:
A system using GRUB may also need to have a root partition of under 512MB in
size. A GRUB is a bug after all...
Do you have more information regarding this comment?
Thanks.
Mike wrote:
My question might take this thread else where's, why hasn't the internet
community adopted ipv6?
ipv6 wasn't it to replace ipv6?
And what are the pros vs cons to using internal ipv6 on ones net work?
Well, that all depends on what you mean by adopted, internet
community,
Hi Kevin,
When I saw your listing for intern in information security at nabble.com, I
was eager to reply you for the intern. I have one year of experience in this
field, researching and implementing enterprise security tools.
I am at present doing my masters in information security at lewis
44 matches
Mail list logo