On Fri, Sep 30, 2016 at 01:26:30AM +, Alceu R. de Freitas Jr. wrote:
> I may be a little bit late... but isn't this something already handled by
> mod_security?
>
>
mod_security is no longer in the ports tree
Chris
On 2016-09-29, mxb wrote:
> Unfortunately, this is a remote, IPMI machine - no kbd while it is in ddb
Many machines with IPMI do give you keyboard in ddb. It may be worth
disabling usb3 in bios. Not certain if it will help but maybe. Or switch
to serial-over-lan instead
I may be a little bit late... but isn't this something already handled by
mod_security?
De: Murk Fletcher
Para: Daniel Ouellet
Cc: misc@openbsd.org
Enviadas: Quinta-feira, 29 de Setembro de 2016 20:57
Assunto: Re: Looking for a way to
rack-attack itself is very small, and its configuration is minimal. Use it
if you have a Ruby-based web app and want to add that extra layer of
protection to it that pf can't provide.
On Fri, Sep 30, 2016 at 1:30 AM, Daniel Ouellet wrote:
> On 9/29/16 7:20 PM, Murk Fletcher
On 9/29/16 7:20 PM, Murk Fletcher wrote:
> There's Kickstarter's Rack::Attack if you're willing to "upgrade" to ie.
> Ruby on Rails:
>
> https://github.com/kickstarter/rack-attack
>
> I find this quite nice along with those pf bruteforce tables mentioned
> earlier.
Sure I guess you can, but
There's Kickstarter's Rack::Attack if you're willing to "upgrade" to ie.
Ruby on Rails:
https://github.com/kickstarter/rack-attack
I find this quite nice along with those pf bruteforce tables mentioned
earlier.
Murk
On Fri, Sep 30, 2016 at 12:54 AM, Daniel Ouellet
wrote:
> I don't think bruteforce will be helpful in my case. I do occasionally
> get bruteforce attacks, but not very often.
> What I usually get are identical attacks of a certain set of variations
> of URLs from one IP address. A little later the same thing from another
> IP, then another, etc.
>
>
Hi,
I got this startup script for my app:
https://gist.github.com/anonymous/c0339b1dae3eeff3a461b8787824838b
where I'm trying to contain stuff in functions so I can go about stuff more
easily, but in debugging I see these functions can't be found. Anybody know?
Thanks!
Murk F.
I gave a talk about moving from mod_perl to Plack and FastCGI at the local
perlmonger group. It was fairly straight forward and there are a fair number
of options on the CPAN, although I'm unsure which have ports.
http://cvs.afresh1.com/~andrew/talks/cgi_to_psgi_pdx_pm/
There is also some
Thanks to stu@, he's informed me that mod_perl is a big problem for
OpenBSD modernising its Perl forward.
So I'm going to try and move to FastCGI.
I can't find any info online about transition from mod_perl to FastCGI,
so I'll have to work that out myself. Any useful links would be
appreciated.
Dear PF users and coders,
If someone strictly follow the BNF of pf.conf man pages (thansk for the
great doc guys)
the declaration after route-to would be able to be (ifX:someting)@ifY.
It does not make much sense as the first part would be a gateway if i
understood
well enough.
Maybe the :peer
Tried to play around with ports nsd/unbound listens on?
//Мэксб
> On 29 sep. 2016, at 09:48, Gregory Edigarov wrote:
>
> Hi,
>
> Need an advice.
>
> I have a bgp router with 3 interfaces:
>
> em0 (xxx.yyy,zzz.1/24),
> em1, em2 - looking at uplinks
>
> bgp is up and running,
Yet another one with “rcctl stop relayd”.
Same or similar trace.
Unfortunately, this is a remote, IPMI machine - no kbd while it is in ddb
(supermicro branded java crap).
And also in production. It gets stuck in “sync disk” and no reboot after
(don’t drop to ddb is ON on this machine).
Nor have I
On Sep 28, 2016, at 10:04 PM, Chris Bennett
wrote:
>
> I don't think bruteforce will be helpful in my case. I do occasionally
> get bruteforce attacks, but not very often.
> What I usually get are identical attacks of a certain set of variations
> of URLs from
Hi Lads,
I was testing out the openvpn port package and openbsd 6.0
and I found that while the tunnels are very stable,
there is considerable jitter when sending
small packets / small pings across the tunnel,
while if I used large packets the latency was much more in line with
network
On 2016-09-28, Chris Bennett wrote:
> I am not sure what is appropriate, given netiqette and practicality for
> my server. I am sick of thousands of identical requests in my error log,
> plus I want to be able to look over my logs easily to find any real
>
On 2016-09-28, Peer Janssen wrote:
> # tftpd -d /tftpboot
>
> tftpd: 192.168.0.81: read request for 'pxeboot'
> tftpd: 192.168.0.81: read request for 'pxeboot'
> tftpd: 192.168.0.81: read request for 'pxeboot'
> tftpd: 192.168.0.81: read request for 'pxeboot'
> tftpd: 192.168.0.81:
Hi Craig,
On 29.09.16 13:28, Craig Skinner wrote:
Hi Gregory,
On Thu, 29 Sep 2016 10:48:37 +0300 Gregory Edigarov wrote:
em0 (xxx.yyy,zzz.1/24),
em1, em2 - looking at uplinks
...
outgoing-interface: 0.0.0.0
Removing the outgoing-interface line would probably resolve it.
Adding
Hi Gregory,
On Thu, 29 Sep 2016 10:48:37 +0300 Gregory Edigarov wrote:
> em0 (xxx.yyy,zzz.1/24),
> em1, em2 - looking at uplinks
> ...
>
> outgoing-interface: 0.0.0.0
Removing the outgoing-interface line would probably resolve it.
Adding this private-addres line might help too:
On Wed, Sep 28, 2016 at 02:36:10PM -0600, Theo de Raadt wrote:
> > So, *binary* logs. Sounds familiar to me. And then:
>
> Your type of person seems familiar to be me. Undeducated *check*
> opinioned *check* Contrasting authoritatively without any education
> to back it up *check*
>
> pflog
On 29/09/2016 02:28, Joe Holden wrote:
You can achieve full sized frames via pppoe in that case, mtu 1508 on the re
interface facing the modem, mtu 1500 in the pppoe config. Will negate the
need for nasty scrubbing which doesn't always prevent problems anyway.
awesome, now set as per the man
corrected unbound.conf snippet, just to be sure I am properly understood
On 29.09.16 10:48, Gregory Edigarov wrote:
Hi,
Need an advice.
I have a bgp router with 3 interfaces:
em0 (xxx.yyy,zzz.1/24),
em1, em2 - looking at uplinks
bgp is up and running, packets are forwarded just fine. also
Hi,
Need an advice.
I have a bgp router with 3 interfaces:
em0 (xxx.yyy,zzz.1/24),
em1, em2 - looking at uplinks
bgp is up and running, packets are forwarded just fine. also there is
nsd, listening on both em1,em2 serving my reverse zone.
so far everything works.
now I want this host also
23 matches
Mail list logo