ropers wrote:
On 23/10/2007, Jeff Quast [EMAIL PROTECTED] wrote:
I would like to vouch for openbsd working great as a guest, but my
guest has crashed a dozen times. However I think this is due to the
debian linux dom0 having broken sata code for the controller in use.
dom0's dmesg is filled
On Tue, 2007-10-23 at 01:11 +0200, ropers wrote:
unavoidable. The question is, is that a worthwhile trade-off? Is this
a reason not to support Xen? Or should the user be given that option
regardless of the inherent limitations and consequences?
A proper Dom0 port of XEN to OpenBSD would solve
On Mon, 22 Oct 2007, Cyrus wrote:
I've been looking for some time now for biometric software for openbsd, to
work in XDM or KDM.
I need it to support Keytronic F-SCAN-K001US, if nothing exists, I guess its
back to a regular keyboard. I dont think I can run Bio-Logon 3.0 through
wine as a system
Hi All,
i am trying to setup a carp'ed pair of firewalls and am fighting with
strange CARP behavior.
frw1 is i386, frw2 is amd64, but both run i386 OpenBSD 4.2
On each machine i have configured 4 vlans on the sk0 interface.
The carp interfaces are configured on top of the vlan interfaces (see
On Tue, Oct 23, 2007 at 11:10:32AM +0200, Heinrich Rebehn wrote:
What happens:
1. I boot frw1, it becomes MASTER on all carps - good.
2. I boot frw2, it becomes BACKUP on all carps except carp0, which
becomes MASTER - bad.
Any ideas?
Do you have pass quick for carp and pfsync *before*
Heinrich Rebehn wrote:
Hi All,
i am trying to setup a carp'ed pair of firewalls and am fighting with
strange CARP behavior.
frw1 is i386, frw2 is amd64, but both run i386 OpenBSD 4.2
On each machine i have configured 4 vlans on the sk0 interface.
The carp interfaces are configured on top of
Jonathan Kent [EMAIL PROTECTED] wrote:
Been trying in vain to get daap/mdns traffic through my OpenBSD 4.1
firewall to talk to my mt-daap server.
From tcpdumping I can see the multicast traffic coming into sis1
interface but not coming out of the sis0 interface so I can only assume
that I
On Tue, Oct 23, 2007 at 11:10:32AM +0200, Heinrich Rebehn wrote:
Googling showed up quite a few posts of people having problems with CARP
and the incorrect hash message, but none really helped me.
the most common reason for incorrect hash messages is
that your configuration isn't in sync.
Hi all,
I just recently purchased a brand new HP Pavilion
G3035L Desktop PC (spec:
http://www.anugrahpratama.com/product/21/1092/HP-Pavilion-G3035L-Desktop-PC).
It's using Intel Core Duo processor. I tried to
install OpenBSD's latest snapshot to this machine last
night. The thing is it freezes
I might be flamed for this statement but not being able to run inside a
virtualized environment is not an option in the future.
Most servers you can buy today are to powerful for only taking care of
one task.
It is really handy to be able to shuffle around the cpu:s to the
virtual machine that
Hi all,
this is to clarify (for me, anyway) the status of
audio drivers present in the (recently GPLed) OSS.
http://www.opensound.com/osshw.html
What is the relation of OpenBSD's audio drivers to the OSS project?
What, if anything, does opensourcing (GPL, I know) their code mean for
our audio
Per-Erik Persson wrote:
... not being able to run inside a
virtualized environment is not an option in the future.
Virtualization is available already. See the package qemu.
http://www.openbsd.org/4.1_packages/
Or are you aiming for Xen specifically?
Keep in mind that the most
What is the most efficient and secure way to keep the clocks of
servers on a network in sync?
Because OpenNTPD was designed with security in mind from the start, I
was thinking about using ntpd only on all systems. One system would get
time from the NTP pool and all other servers on the
On 10/23/07, Per-Erik Persson [EMAIL PROTECTED] wrote:
I might be flamed for this statement but not being able to run inside a
virtualized environment is not an option in the future.
The future is not now, no-one is saying openBSD will never run in a
virtualized environment.
Most servers you
Clint Pachl [EMAIL PROTECTED] wrote:
I was thinking about using ntpd only on all systems. One system would get
time from the NTP pool
... or from a time signal sensor...
and all other servers on the network would sync
to the local server. Is this the best way?
Yes.
Then I discovered
* Tony Sarendal [EMAIL PROTECTED] [2007-10-22 18:33]:
I didn't get that opinion from marketing.
No matter, we disagree, lets leave it at that.
well, yeah, nontheless, I wanna point out the essence why stateful is
better (the way we do it in OpenBSD):
1) it moves the limit where the box starts
* Brian [EMAIL PROTECTED] [2007-10-22 20:39]:
Joshua Smith wrote:
Out of curiosity what are these two extremely rare cases?
[snip]
One example off the top of my head (and ipsec.conf(5)) is the enc0
interface. You wouldn't set your state-policy to this, but each
individual rule would use
* carlopmart [EMAIL PROTECTED] [2007-10-23 09:13]:
IMHO I think that OpenBSD needs to capable to install and run as a
paravirtualized domU guest, with some limitations if you like.
Last year I have do the same question. Then it was said that only needed
NetBSD do the xen port, and from
Per-Erik Persson wrote:
To get the best performance out of qemu you need to run linux.
I'm no expert in virtualization, but may I ask if you are remembering to
use kqemu ?
There is also virtual box.
http://www.virtualbox.org/
It may or may not run on an OpenBSD host, but does run
* Beavis [EMAIL PROTECTED] [2007-10-22 18:29]:
hi folks,
I saw this performance issue with pf on a AMD64firewall: below is the link
http://www.nabble.com/firewall-is-very-slow%2C-something%27s-wrong-t4572653i20.html
it states that pf on 4.2 performs much better than in 4.1. having
* Clint Pachl [EMAIL PROTECTED] [2007-10-23 12:55]:
Because OpenNTPD was designed with security in mind from the start, I was
thinking about using ntpd only on all systems. One system would get time
from the NTP pool and all other servers on the network would sync to the
local server. Is
On Tue, Oct 23, 2007 at 02:10:43PM +0200, Henning Brauer wrote:
* Brian [EMAIL PROTECTED] [2007-10-22 20:39]:
Joshua Smith wrote:
Out of curiosity what are these two extremely rare cases?
[snip]
One example off the top of my head (and ipsec.conf(5)) is the enc0
interface. You
Hi,
On 23/10/2007, Jan Stary [EMAIL PROTECTED] wrote:
Hi all,
this is to clarify (for me, anyway) the status of
audio drivers present in the (recently GPLed) OSS.
http://www.opensound.com/osshw.html
What is the relation of OpenBSD's audio drivers to the OSS project?
What, if anything,
Henning Brauer [EMAIL PROTECTED] writes:
doing teh boring, pretty riskless 10 minutes taking 4.2 upgrade everybody
could easily do,
for some combinations of crappy old hardware, too small memory size
and nonsensically large filesystems it might stretch into 20-odd
minutes, but otherwise my
Hey,
as a reminder, you can visit the Systems expo this week in Munchen,
there is an OpenBSD/OpenSSH booth in Halle B2 110-2, run by DaN, Nikolay
Sturm and Marco Pfatschbacher
There are of course 4.2 CDs and Tshirts, so if you did not pre-order,
this is the quickest way to get one this month.
That code is not free enough for us to use, and therefore we don't
use it.
that's the whole story.
this is to clarify (for me, anyway) the status of
audio drivers present in the (recently GPLed) OSS.
http://www.opensound.com/osshw.html
What is the relation of OpenBSD's audio drivers to the
Hello Clint,
Tuesday, October 23, 2007, 5:42:47 AM, you wrote:
CP One system would get time from the NTP pool and all other servers on
CP the network would sync to the local server.
You don't really need ntpd on all systems. One (timeserver) runs ntpd,
and others use rdate, called from
What is the relation of OpenBSD's audio drivers to the OSS project?
What, if anything, does opensourcing (GPL, I know) their code mean for
our audio drivers? In particular, does that mean (future) support for
the high-end soundcards such as M-Audio Delta?
OpenBSD uses an implementation
{ this is a resend }
I am currently experiencing difficulty in writing text files containing
French characters on my OpenBSD 4.0 server via SSH.
On both the FreeBSD client system and on the OpenBSD server system I
have the following:
~/.profile:
export LANG=C
export LC_CTYPE=fr_CA.ISO8859-1
On 23/10/2007, Jan Stary [EMAIL PROTECTED] wrote:
Which underlying hardware driver does it use?
uaudio
--
Best Regards
Edd
---
http://students.dec.bournemouth.ac.uk/ebarrett
On 10/23/07, Boris Goldberg [EMAIL PROTECTED] wrote:
You don't really need ntpd on all systems. One (timeserver) runs ntpd,
and others use rdate, called from cron (once a day is usually enough).
While your suggestion would work, it would also entail more work
without adding benefit. Upon
I've put up some notes about NextG networking on OpenBSD at
http://www.ajd.net.au/nextg/openbsd.html
including a kernel patch to suit ZTE handsets which will probably work
with other Qualcomm-based handsets.
Regards,
Andrew Dalgleish
On 10/23/07, Rogier Krieger [EMAIL PROTECTED] wrote:
Using ntpd gets you better synchronisation without the need of setting
something up with cron. Rdate will work, but the work developers put
into (further integrating) ntpd makes rdate appear rather ...
outdated.
Rdate provides a single
* Boris Goldberg [EMAIL PROTECTED] [2007-10-23 15:50]:
CP One system would get time from the NTP pool and all other servers on
CP the network would sync to the local server.
You don't really need ntpd on all systems. One (timeserver) runs ntpd,
and others use rdate, called from cron
On 10/23/07, Henning Brauer [EMAIL PROTECTED] wrote:
* Tony Sarendal [EMAIL PROTECTED] [2007-10-22 18:33]:
I didn't get that opinion from marketing.
No matter, we disagree, lets leave it at that.
well, yeah, nontheless, I wanna point out the essence why stateful is
better (the way we do
Christian Weisgerber wrote:
Clint Pachl [EMAIL PROTECTED] wrote:
I was thinking about using ntpd only on all systems. One system would get
time from the NTP pool
... or from a time signal sensor...
and all other servers on the network would sync
to the local server. Is this the best
This happend after connecting an network interface! It was previously
connected to a HP SWitch, I moved the cable to a lan port on a Cisco
PIX 501. The crash was almost instant I Think.
It happend in a test lab I am setting up. So probably some config
error on my side, but still
I typed the
On Wed, Oct 24, 2007 at 12:18:36AM +1000, Andrew Dalgleish wrote:
I've put up some notes about NextG networking on OpenBSD at
http://www.ajd.net.au/nextg/openbsd.html
including a kernel patch to suit ZTE handsets which will probably work
with other Qualcomm-based handsets.
Regards,
Andrew
Hello list,
Is anyone working on getting the gpio pins supported on the PCEngines
ALIX boards?
I'd like to be able to control the LEDs using gpioctl, just like on
the WRAP.
-martin
On Tue, 2007-10-23 at 01:42 -0700, Reza Muhammad wrote:
Hi all,
I just recently purchased a brand new HP Pavilion
G3035L Desktop PC (spec:
http://www.anugrahpratama.com/product/21/1092/HP-Pavilion-G3035L-Desktop-PC).
It's using Intel Core Duo processor. I tried to
install OpenBSD's
Hello Rogier,
Tuesday, October 23, 2007, 9:01:32 AM, you wrote:
RK On 10/23/07, Boris Goldberg [EMAIL PROTECTED] wrote:
You don't really need ntpd on all systems. One (timeserver) runs ntpd,
and others use rdate, called from cron (once a day is usually enough).
RK While your suggestion
* Tony Sarendal [EMAIL PROTECTED] [2007-10-23 17:06]:
I wish to implement things in a way where the link is the limitation,
not the box.
as I said before, you cannot buy a box that can handle 100M under all
circumstances.
When I have some time free I'll test it in the lab to see that
Hi Christoph,
Right now, on the OpenBSD misc mailing list, there is this discussion:
http://www.sigmasoft.com/~openbsd/archives/html/openbsd-misc/2007-10/threads.html#01149
about OpenBSD/Xen.
We last spoke last year, when I put your BSDtalk interview transcript
online at
On Tue, Oct 23, 2007 at 03:32:07PM +0200, Jan Stary wrote:
What is the relation of OpenBSD's audio drivers to the OSS project?
What, if anything, does opensourcing (GPL, I know) their code mean for
our audio drivers? In particular, does that mean (future) support for
the high-end
On 10/23/07, Chris Kuethe [EMAIL PROTECTED] wrote:
Rdate provides a single valuable service: the ability to poll a device
to see what time it thinks it is (ie. probing the health of my time servers).
Good point; I should probably add that to my monitoring setup.
Thanks for the suggestion,
On 10/23/07, Per-Erik Persson [EMAIL PROTECTED] wrote:
If OpenBSD doesn't adopt to the virtualization trend it will used only
as an obscure firewall box.
people have been saying if openbsd doesn't do what i want it will
only be used as an obscure firewall box for years. what else is new?
On 10/23/07, Boris Goldberg [EMAIL PROTECTED] wrote:
It's always better to don't run a demon if you don't have to. :)
That sort of remark has often started endless debates. :)
For me, trusting rdate to provide time or using ntpd for it is pretty
much the same, but feel free to disagree. There
Boris Goldberg [EMAIL PROTECTED] wrote:
Hello Rogier,
Tuesday, October 23, 2007, 9:01:32 AM, you wrote:
RK On 10/23/07, Boris Goldberg [EMAIL PROTECTED] wrote:
You don't really need ntpd on all systems. One (timeserver)
runs ntpd, and others use rdate, called from cron (once a day is
On 23/10/2007, Tony Sarendal [EMAIL PROTECTED] wrote:
On 10/23/07, Henning Brauer [EMAIL PROTECTED] wrote:
* Tony Sarendal [EMAIL PROTECTED] [2007-10-22 18:33]:
I didn't get that opinion from marketing.
No matter, we disagree, lets leave it at that.
well, yeah, nontheless, I wanna
On Tue, Oct 23, 2007 at 12:25:03PM +0200, Jan Stary wrote:
What is the relation of OpenBSD's audio drivers to the OSS project?
What, if anything, does opensourcing (GPL, I know) their code mean for
our audio drivers? In particular, does that mean (future) support for
the high-end soundcards
On 23/10/2007, Jeff Quast [EMAIL PROTECTED] wrote:
On 22/10/2007, carlopmart [EMAIL PROTECTED] wrote:
Hi all,
I know that time to time somebody do the same question, but I need to
know it: is it planned at some point to release a paravirtualized xen
kernel
for OpenBSD
Hello Pierre-Yves,
Tuesday, October 23, 2007, 11:39:10 AM, you wrote:
You don't really need ntpd on all systems. One (timeserver)
runs ntpd, and others use rdate, called from cron (once a day is
usually enough).
PYR I hope nobody takes what you say seriously. Running rdate instead of
PYR
On 10/23/07, ropers [EMAIL PROTECTED] wrote:
On 23/10/2007, Tony Sarendal [EMAIL PROTECTED] wrote:
On 10/23/07, Henning Brauer [EMAIL PROTECTED] wrote:
* Tony Sarendal [EMAIL PROTECTED] [2007-10-22 18:33]:
I didn't get that opinion from marketing.
No matter, we disagree, lets
On Tue, Oct 23, 2007 at 12:05:58PM -0500, Boris Goldberg wrote:
| The ntpd from OBSD is raw and lame yet. It takes days (!) to really
| synchronize, adjusting time and clock frequency back and forth (even if you
| start with -s) so it's too early to say that using it is right. It will
|
On 10/23/07, Boris Goldberg [EMAIL PROTECTED] wrote:
The ntpd from OBSD is raw and lame yet. It takes days (!) to really
synchronize, adjusting time and clock frequency back and forth (even if you
start with -s) so it's too early to say that using it is right. It will
be right after
Hello Paul,
Tuesday, October 23, 2007, 12:38:43 PM, you wrote:
PdW ... run rdate, it has the -n switch.
Here we go! :D
--
Best regards,
Borismailto:[EMAIL PROTECTED]
Hi,
just installed a MegaRAID SAS 8204ELP Controller and according to the BIOS:
LSI MegaRAID Software RAID BIOS Version M1068e.01.01021804R
LSI Logic MPT RAID Found at PCI Bus No:04 Dev No:00
SAS/SATA RAID key is Detected.
Bringing up the Controller. Please wait...
Scanning for Port 00...
On 10/23/07, Lars NoodC)n [EMAIL PROTECTED] wrote:
Per-Erik Persson wrote:
... not being able to run inside a
virtualized environment is not an option in the future.
Virtualization is available already. See the package qemu.
http://www.openbsd.org/4.1_packages/
Or are you aiming
On 10/23/07, Lars Noodin [EMAIL PROTECTED] wrote:
Per-Erik Persson wrote:
To get the best performance out of qemu you need to run linux.
The choices narrow.
Can kqemu be compiled for OBSD? Is virtualbox an option?
I had this thought a couple of weeks ago and started looking through
the
On Tue, Oct 23, 2007 at 11:49:57AM -0600, Chris Kuethe wrote:
On 10/23/07, Boris Goldberg [EMAIL PROTECTED] wrote:
The ntpd from OBSD is raw and lame yet. It takes days (!) to really
synchronize, adjusting time and clock frequency back and forth (even if you
start with -s) so it's
I may be able to inherit an ASROCK 775Dual-VSTA mainboard. The board
does not have on-board graphics, so I would need to buy a graphics
card. The board supports AGP, PCI, and PCI Express Graphics slots.
Can anyone recommend a graphics card?
I am looking for a mature graphics solution that's well
On 23/10/2007, Chris Kuethe [EMAIL PROTECTED] wrote:
check the xorg supported hardware list... or the SEE ALSO section of Xorg(1)
(...)
Thank you. (Thanks to Dmitrij as well.)
I gather ATI and NVIDIA appear to be better supported than most
others. Is that true?
In case I end up making a
Hi,
Just wondering if the PF mailing list is still blocking gmail users.
Can't contact Daniel because his email ID is also on the same mail server.
Any Idea which all domains are blocked in the PF mailing list so that
I can subscribe to a free email service that is not blocked?
Thank you so
Hi list,
My system was freeze and when reboot show:
/dev/rsd0a: file system is clean;not checking
/dev/rsd0d: file system is clean;not checking
/dev/rsd0e: file system is clean;not checking
/dev/rsd0g: INCORRECT BLOCK COUNT I=2699655 (20 should be 16) (CORRECTED)
PARTIALLY TRUNCATED INODE
On Tue, 23 Oct 2007, ropers wrote:
In case I end up making a (small) new purchase: Are there any vendors
who have been behaving well documentation-wise, and whom I should
reward with my custom?
In my opinion:
ATI.
Has anyone been a dick who should be avoided?
Nvidia.
--
Antti Harri
Siju George [EMAIL PROTECTED] writes:
Just wondering if the PF mailing list is still blocking gmail users.
Can't contact Daniel because his email ID is also on the same mail server.
It could be that gmail's pool of possible outgoing servers is a little
too big and the retries too random for
Darrin Chandler wrote:
On Tue, Oct 23, 2007 at 11:49:57AM -0600, Chris Kuethe wrote:
On 10/23/07, Boris Goldberg [EMAIL PROTECTED] wrote:
The ntpd from OBSD is raw and lame yet. It takes days (!) to really
synchronize, adjusting time and clock frequency back and forth (even if
Nobody? Sad, it's still doing it.
On Sun, Oct 21, 2007 at 02:22:43PM -0500, david l goodrich wrote:
I've set up a max-src-conn-rate rule on my gateway router to
mitigate brute-force ssh attacks. This router protects a /28
subnet, 25.108.82.80/28.
The relevant rules:
# pfctl -sr | grep
That is a very interesting anecdote. That has got to make Henning proud;
hell I'm proud of him. The amazing thing is that the ntpd binary on my
i386 is only 34.4K. The ntpd binary (non-OpenNTPD) on my i386 FreeBSD
media center is 263K, not to mention all of the other ntp* binaries,
which
Chris Kuethe [EMAIL PROTECTED] wrote:
If that's not good enough for you, the ntp.org daemon is in ports.
Actually, the ntp.org daemon performs poorly on OpenBSD since we
don't supply ntp_adjtime(2).
--
Christian naddy Weisgerber [EMAIL PROTECTED]
David,
Was the offending client completing the 3-way handshake everytime it
connected?
For stateful TCP connections, limits on established connections (connec-
tions which have completed the TCP 3-way handshake) can also be enforced
per source IP. The max-src-conn-rate number/seconds limit the
On 10/23/07, david l goodrich [EMAIL PROTECTED] wrote:
Nobody? Sad, it's still doing it.
On Sun, Oct 21, 2007 at 02:22:43PM -0500, david l goodrich wrote:
I've set up a max-src-conn-rate rule on my gateway router to
mitigate brute-force ssh attacks. This router protects a /28
subnet,
On Tue, Oct 23, 2007 at 09:40:08AM -0400, Juan Miscaro wrote:
I am currently experiencing difficulty in writing text files containing
French characters on my OpenBSD 4.0 server via SSH.
On both the FreeBSD client system and on the OpenBSD server system I
have the following:
~/.profile:
Theo de Raadt wrote:
That is a very interesting anecdote. That has got to make Henning proud;
hell I'm proud of him. The amazing thing is that the ntpd binary on my
i386 is only 34.4K. The ntpd binary (non-OpenNTPD) on my i386 FreeBSD
media center is 263K, not to mention all of the other ntp*
Henning Brauer wrote:
* Boris Goldberg [EMAIL PROTECTED] [2007-10-23 15:50]:
CP One system would get time from the NTP pool and all other servers on
CP the network would sync to the local server.
You don't really need ntpd on all systems. One (timeserver) runs ntpd,
and others use
2007/10/23, Darrin Chandler [EMAIL PROTECTED]:
pool.ntp.org and score quite well. In fact, they compare favorably to
servers running the more heavyweight ntp daemons.
While we are talking about ntpd: Is there hope of an update of the
portable version? The debian port is still at 3.9...
Best
What is the relation of OpenBSD's audio drivers to the OSS project?
What, if anything, does opensourcing (GPL, I know) their code mean for
our audio drivers? In particular, does that mean (future) support for
the high-end soundcards such as M-Audio Delta?
There's work in progress on
On Tue, Oct 23, 2007 at 02:55:41PM -0700, Rob wrote:
On 10/23/07, david l goodrich [EMAIL PROTECTED] wrote:
Nobody? Sad, it's still doing it.
On Sun, Oct 21, 2007 at 02:22:43PM -0500, david l goodrich wrote:
I've set up a max-src-conn-rate rule on my gateway router to
mitigate
On Tue, Oct 23, 2007 at 03:16:31PM +0300, Lars NoodC)n wrote:
Granted that quote is from a competitor (VMware, which seems to be a
broken linux kernel) but MS has 'partnered' with XenSource and we know
what the ultimate results will be.
The choices narrow.
Can kqemu be compiled for OBSD?
Virtualization seems to have a lot of security benefits. Rootkits can lie to
DomU but not Dom0, and of course snapshotting, migration etc is *really* nice.
Dom0 in OpenBSD in a current Xen implementation (with HVM) would be a dream.
I'd switch wholesale, and buy a CD for every server (as I
On 10/23/07, david l goodrich [EMAIL PROTECTED] wrote:
On Tue, Oct 23, 2007 at 02:55:41PM -0700, Rob wrote:
On Sun, Oct 21, 2007 at 02:22:43PM -0500, david l goodrich wrote:
I've set up a max-src-conn-rate rule on my gateway router to
mitigate brute-force ssh attacks. This router
Virtualization seems to have a lot of security benefits.
You've been smoking something really mind altering, and I think you
should share it.
x86 virtualization is about basically placing another nearly full
kernel, full of new bugs, on top of a nasty x86 architecture which
barely has correct
On Tue, 23 Oct 2007, Theo de Raadt wrote:
Virtualization seems to have a lot of security benefits.
You've been smoking something really mind altering, and I think you
should share it.
x86 virtualization is about basically placing another nearly full
kernel, full of new bugs, on top of a
On October 23, 2007 07:30:25 pm david l goodrich wrote:
On Tue, Oct 23, 2007 at 02:55:41PM -0700, Rob wrote:
On 10/23/07, david l goodrich [EMAIL PROTECTED] wrote:
Nobody? Sad, it's still doing it.
On Sun, Oct 21, 2007 at 02:22:43PM -0500, david l goodrich wrote:
I've set up a
On 2007 Oct 23, at 5:57 PM, [EMAIL PROTECTED] wrote:
Virtualization seems to have a lot of security benefits.
``Seems'' is the key word, here.
On hardware like an IBM mainframe that can acutally support what's
necessary for secure virtual machines, sure. On x86? Well, it'll
keep your kid
On Tue, Oct 23, 2007 at 05:59:31PM -0700, Rob wrote:
On 10/23/07, david l goodrich [EMAIL PROTECTED] wrote:
On Tue, Oct 23, 2007 at 02:55:41PM -0700, Rob wrote:
Note that I wouldn't use a flush global directive for a rule like
this, because it can lead to a neat DoS where somebody can
On 10/23/07, Ben Goren [EMAIL PROTECTED] wrote:
But that's about it. I suppose running Windows virtual machines on
a real OpenBSD machine might ``have a lot of security benefits''
in some perverted sense of the words, but it's not like the VM is
magically going to protect the virtual
On Tue, Oct 23, 2007 at 05:46:45PM -0400, Calomel wrote:
David,
Was the offending client completing the 3-way handshake everytime it
connected?
For stateful TCP connections, limits on established connections (connec-
tions which have completed the TCP 3-way handshake) can also be enforced
On 10/23/07, Theo de Raadt [EMAIL PROTECTED] wrote:
Virtualization seems to have a lot of security benefits.
You've been smoking something really mind altering, and I think you
should share it.
Sure! Here's some research one of my colleagues (with whom I've
discussed this a lot) did on the
89 matches
Mail list logo