On 2020-11-20 17:15, Erik Lauritsen wrote:
> Is it recommended to run some kind of intrusion detection on an
> OpenBSD router/firewall?
>
> I suspect that any kind of system like Snort or Suricata will give a
> lot of false positives?
MY philosophy is it is much easier to keep 'em out than to
On Fri, Nov 20, 2020 at 11:21:00PM -0500, Predrag Punosevac wrote:
>
> Hi Misc,
>
> Has anybody else noticed a new race condition causing Unbound to fail
> due to the fact that OpenVPN interface is not available.
>
> Since a few releases ago I have this in my rc.conf.local to start
> openvpn
> 21 нояб. 2020 г., в 07:24, Predrag Punosevac
> написал(а):
>
>
> Hi Misc,
>
> Has anybody else noticed a new race condition causing Unbound to fail
> due to the fact that OpenVPN interface is not available.
>
> Since a few releases ago I have this in my rc.conf.local to start
>
On 2020-11-20 17:15, Erik Lauritsen wrote:
> Is it recommended to run some kind of intrusion detection on an
> OpenBSD router/firewall?
>
What do you mean by "some kind of intrusion detection" (IDS). At the
risk of sounding patronizing I would start by clarifying terminology.
I got confused by
Thanks to everyone replaying to this thread. I carefully re-reading as
kindly pointed out by Stefan. I ended up implementing this paragraph
Using an /etc/hostname.* file without persist-tun
-
OpenVPN normally re-creates the tun/tap interface at
On 2020-11-21, Kasak wrote:
>
>
>> 21 нояб. 2020 г., в 07:24, Predrag Punosevac
>> написал(а):
>>
>>
>> Hi Misc,
>>
>> Has anybody else noticed a new race condition causing Unbound to fail
>> due to the fact that OpenVPN interface is not available.
>>
>> Since a few releases ago I have
On 2020-11-18, mabi wrote:
>> The DNS RRL techniques typically still reply to a proportion of queries
>> (either directly with the answer, or with a "retry over TCP" response
>> code) reducing impact if the source IP is also used by real queries as
>> well as the attack traffic.
>
> I've been
7 matches
Mail list logo
