Hi misc@,
Background
I am yet another Nokia IP330 owner seeking help to put a real
OS/Firewall onto one of these devices. I have a handful of these at
my disposal, all with AMD K6-2 400MHz CPUs, 1 SDRAM bank with 256MB of
CAS2 PC100 ECC SDRAM (the other is empty), 2xdc NICs, 3xfxp NICs,
Primary
On Wed, Dec 14, 2005 at 08:57:58AM +0100, raff wrote:
Hello.
i have 1 rule in my pf.conf, with wich i want to allow locally generated
traffic ONLY to 10.0.0.1 and port 22:
block out on $int_if proto {tcp,udp} from $int_ip to ! 10.0.0.1 \
port != 22
this rule allow to connect to
Hi,
Looking at /etc/daily I can see that backup is done by dd(1) command:
echo Backing up root filesystem:
echo copying /dev/r$rootdev to /dev/r$rootbak
dd if=/dev/r$rootdev of=/dev/r$rootbak bs=16b seek=1 skip=1 \
conv=noerror
fsck -y
HI All
I did a google search and found a little info, but nothing concise.
Maybe I used the wrong parameters, I dunno...
Anyway, my question.
Have any of you had any success connecting a mobile phone to openbsd,
using it as both a storage device and a gprs/3G modem?
From what I could gather, I
Just after I sent this mail, I did another search. Guess what I found?
Anyways guys, disregard my question for now.
Thanks.
-Original Message-
From: Marius Van Deventer - Umzimkulu
Sent: 14 December 2005 01:54 PM
To: misc@openbsd.org
Subject: Connecting Nokia (and other) phones to
On Wed, Dec 14, 2005 at 01:54:19PM +0200, Marius Van Deventer - Umzimkulu wrote:
HI All
I did a google search and found a little info, but nothing concise.
Maybe I used the wrong parameters, I dunno...
Anyway, my question.
Have any of you had any success connecting a mobile phone to
On Wed, Dec 14, 2005 at 02:07:13PM +0200, Marius Van Deventer - Umzimkulu wrote:
Just after I sent this mail, I did another search. Guess what I found?
Anyways guys, disregard my question for now.
Thanks.
Nah, my guess failed. Could you post your solution, or, if it is already
in the
-Original Message-
From: Jonathan Gray [mailto:[EMAIL PROTECTED]
Sent: 14 December 2005 02:14 PM
To: Marius Van Deventer - Umzimkulu
Cc: misc@openbsd.org
Subject: Re: Connecting Nokia (and other) phones to a pc
On Wed, Dec 14, 2005 at 01:54:19PM +0200, Marius Van Deventer
-
-Original Message-
From: Joachim Schipper [mailto:[EMAIL PROTECTED]
Sent: 14 December 2005 02:30 PM
To: misc@openbsd.org
Subject: Re: Connecting Nokia (and other) phones to a pc
On Wed, Dec 14, 2005 at 02:07:13PM +0200, Marius Van Deventer
- Umzimkulu wrote:
Just after I
vmware recently released a program which kind of
chroot jails the browser.
http://www.vmware.com/vmtn/vm/browserapp.html
im not a programmer myself, but i was wondering
if perhaps using a similar technique we could lock
down the browsers in openbsd?
seems to me that would increase security
On Wed, Dec 14, 2005 at 03:30:51PM +0200, Marius Van Deventer - Umzimkulu wrote:
-Original Message-
From: Joachim Schipper [mailto:[EMAIL PROTECTED]
Sent: 14 December 2005 02:30 PM
To: misc@openbsd.org
Subject: Re: Connecting Nokia (and other) phones to a pc
On Wed, Dec
Thanks everyone for trying to help.
I think that I will simply have to wait until the right driver becomes
available one day. Either that or use a different phone and try again.
Thanks again.
-Original Message-
From: Marius Van Deventer - Umzimkulu
Sent: 14 December 2005 03:31 PM
On Wed, 14 Dec 2005 05:41:30 -0800, Bob Smith [EMAIL PROTECTED] wrote:
vmware recently released a program which kind of
chroot jails the browser.
http://www.vmware.com/vmtn/vm/browserapp.html
im not a programmer myself, but i was wondering
if perhaps using a similar technique we could lock
down
-Original Message-
From: Stuart Henderson [mailto:[EMAIL PROTECTED]
Sent: 14 December 2005 04:16 PM
To: Marius Van Deventer - Umzimkulu; misc@openbsd.org
Subject: Re: Connecting Nokia (and other) phones to a pc
--On 14 December 2005 15:30 +0200, Marius Van Deventer - Umzimkulu
-Original Message-
From: Marius Van Deventer - Umzimkulu
Sent: 14 December 2005 04:39 PM
To: 'Stuart Henderson'; misc@openbsd.org
Subject: RE: Connecting Nokia (and other) phones to a pc
-Original Message-
From: Stuart Henderson [mailto:[EMAIL PROTECTED]
Sent:
Marius Van Deventer - Umzimkulu wrote:
Thanks everyone for trying to help.
I think that I will simply have to wait until the right driver becomes
available one day. Either that or use a different phone and try again.
Thanks again.
-Original Message-
From: Marius Van Deventer -
--On 14 December 2005 06:38 -0800, J.C. Roberts wrote:
Even VMware supports only one architecture for their player (x86-32)
They do actually support x86-64 on the player (I'm not sure if this
changed recently - 'player' is out of beta as of a day or two ago).
and only two possible host
--On 14 December 2005 05:41 -0800, Bob Smith wrote:
vmware recently released a program which kind of
chroot jails the browser.
Actually, they released a disk-image with an installation of Ubuntu
Linux including Firefox, that runs in their free-of-charge 'player' for
x86 Linux/Windows (basic
thanks for the explanation.
so it would be less work to try to chroot a browser then to make a
virtual machine? perhaps its even a better way of isolating?
i googled around a bit and found some threads about people trying to
chroot their browsers, but i couldnt find any successful story. is it
On Wed, Dec 14, 2005 at 05:41:30AM -0800, Bob Smith wrote:
vmware recently released a program which kind of
chroot jails the browser.
http://www.vmware.com/vmtn/vm/browserapp.html
im not a programmer myself, but i was wondering
if perhaps using a similar technique we could lock
down the
Recommendations for another POP3/IMAP/SMTP mail reader client (if one
exists) other than Mozilla?
Years ago I hopped directly from Elm on a host server to graphic mail
clients on my desktop
box without ever dealing with, e.g., mutt setting up sendmail. Now
Mozilla 1.7.2 crashes hard
on
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
Bob Smith
Sent: Wednesday, December 14, 2005 11:37 AM
To: J. C. Roberts
Cc: misc@openbsd.org
Subject: Re: browser security
thanks for the explanation.
so it would be less work to try to chroot a
On Wednesday 14 December 2005 17:37, Bob Smith wrote:
thanks for the explanation.
so it would be less work to try to chroot a browser then to make a
virtual machine? perhaps its even a better way of isolating?
i googled around a bit and found some threads about people trying to
chroot their
On Wed, Dec 14, 2005 at 09:35:36AM -0700, Jack Woehr wrote:
Recommendations for another POP3/IMAP/SMTP mail reader client (if one
exists) other than Mozilla?
mutt+msmtp: sucks less and avoids sendmail usage ;-)
Kind regards
Simon
Joachim Schipper wrote:
There was a lengthy thread about ccd mirroring here. Search the
archives, and check whether it's worth the risk of ccd 'eating your
data' first. (If not, go with RAID-1.)
Hi
Yes, I followed the thread, but to my understanding it was not
conclusive that ccd would be
On 12/14/05, Jack Woehr [EMAIL PROTECTED] wrote:
I'm just hoping to get around this
without weeks of learning how
to configure sendmail for mutt ...
I think nbSMTP (no-brainer SMTP) would be perfect for you. You can find it on
http://nbsmtp.ferdyx.org/
Download, compile, edit a simple config
I use mutt to access my email server via imaps and use msmtp for outbound
via TLS w/SMTP AUTH.
http://www.mutt.org/doc/manual/manual-4.html#ss4.11
Dload the msmtp-1.4.1.tgz package from your closest mirror in packages
--
Allie Daneman
Allnix,LLC.
http://www.allnix.net
On Wed, December 14, 2005
On 14/12/05, Simon Dassow [EMAIL PROTECTED] wrote:
On Wed, Dec 14, 2005 at 09:35:36AM -0700, Jack Woehr wrote:
Recommendations for another POP3/IMAP/SMTP mail reader client (if one
exists) other than Mozilla?
mutt+msmtp: sucks less and avoids sendmail usage ;-)
Correct me if I'm wrong but
Greets
I have a scenario that is simple but I am having trouble getting my head
around. Inside a 192.168.10/24 network there exists a 10.4.6/24 network for
VOIP. Everthing works fine.
The issue I have is setting up a route for a third party VOIP management
company who wants to access the
try sylpheed
(does exist as precompiled pkgs)
/bkw
On 14/12/05, Jack Woehr [EMAIL PROTECTED] wrote:
Recommendations for another POP3/IMAP/SMTP mail reader client (if one
exists) other than Mozilla?
Years ago I hopped directly from Elm on a host server to graphic mail
clients on my desktop
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jens Teglhus
Mxller
Sent: Monday, December 12, 2005 5:16 PM
To: misc@openbsd.org
Subject: Re: Just confirming: no way to do a pf rdr based on hostname?
Peter Landry wrote:
Hi All,
We're migrating an old
--On 14 December 2005 17:36 +, Simon Morgan wrote:
On 14/12/05, Simon Dassow [EMAIL PROTECTED] wrote:
On Wed, Dec 14, 2005 at 09:35:36AM -0700, Jack Woehr wrote:
Recommendations for another POP3/IMAP/SMTP mail reader client (if
one exists) other than Mozilla?
mutt+msmtp: sucks less and
I've got a server that needs to be on 2 separate networks with 2
different gateways. How would I go about setting up source based
routing?
Cody
Just a thought: sudo -u $some_restricted_user $your_preffered_browser ?
good that you brought this up; i been wondering about this too.
does it help? if so how come there isnt a default non-privileged user
created for, say, firefox when the pkg is installed? like there is for
bitlbee
On Wed, 14 Dec 2005 08:37:16 -0800, Bob Smith [EMAIL PROTECTED] wrote:
thanks for the explanation.
so it would be less work to try to chroot a browser then to make a
virtual machine? perhaps its even a better way of isolating?
i googled around a bit and found some threads about people trying to
Good day,
I have seen similar problems before.
You must be doing some sort of proxying or NAT to allow Internet sites to
communicate with hosts on the 192.168.10/24 subnet, right? So the site on
the Internet has to have a path back to a NAT'ed or Proxied service through
the 192.168.10/24 subnet
--On 14 December 2005 11:57 -0600, Cody Holland wrote:
I've got a server that needs to be on 2 separate networks with 2
different gateways. How would I go about setting up source based
routing?
See http://www.openbsd.org/faq/pf/pools.html#outgoing and pf.conf(5).
On 14/12/05, J.C. Roberts [EMAIL PROTECTED] wrote:
When you think about all the crap a graphical browser needs just to run
(fonts, mime types, library dependencies, plugins, cache, user
preferences, ...), it will probably be a major pain to chroot the beast
because you'll be duplicating tons
On Wed, 14 Dec 2005 19:32:18 +, Simon Morgan [EMAIL PROTECTED]
wrote:
On 14/12/05, J.C. Roberts [EMAIL PROTECTED] wrote:
When you think about all the crap a graphical browser needs just to run
(fonts, mime types, library dependencies, plugins, cache, user
preferences, ...), it will
On 14/12/05, J. C. Roberts [EMAIL PROTECTED] wrote:
On Wed, 14 Dec 2005 19:32:18 +, Simon Morgan [EMAIL PROTECTED]
wrote:
I've just had the most awesome idea: chroot the entire operating system!
It seems your mother never warned you that such levels of sarcasm
usually results in
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
Simon Morgan
Sent: Wednesday, December 14, 2005 2:32 PM
To: J.C. Roberts
Cc: misc@openbsd.org
Subject: Re: browser security
On 14/12/05, J.C. Roberts [EMAIL PROTECTED] wrote:
When you think about
Hi all,
Im running into a (silly) problem where I am seem not to be writing the boot
install images properly to a compact flash card. Ive been trying
cdrom38.fsand
floppy38.fs. I write the image under linux to the compact flash(seen as hde
device) as so:
cat floppy38.fs /dev/hde
or:
dd
On Wednesday 14 December 2005 19:48, Bob Smith wrote:
Just a thought: sudo -u $some_restricted_user $your_preffered_browser ?
good that you brought this up; i been wondering about this too.
does it help? if so how come there isnt a default non-privileged user
created for, say, firefox when
raff wrote:
Hello.
i have 1 rule in my pf.conf, with wich i want to allow locally generated
traffic ONLY to 10.0.0.1 and port 22:
block out on $int_if proto {tcp,udp} from $int_ip to ! 10.0.0.1 \
port != 22
this rule allow to connect to only 10.0.0.1, BUT to any port instead
only 22.
Alexander Hall wrote:
You should propably use somthing like:
block all
pass out proto tcp from any to 10.0.0.1 port ssh
Forgot to keep state; modulate state could be useful too:
pass out proto tcp from any to 10.0.0.1 port ssh keep state
/Alexander
Hi Folks,
I've Googled until I'm blue in the face and checked the bug reporting
system and cannot find an answer to my problem.
I have just completed two 3.8 release installs on two different hardware
platforms, both i386 but one a Celeron D / 75xx chipset box (Gigabyte
SR147S server
USAA Member Home
[IMAGE]
[IMAGE]
Dear USAA. member,
Our policy is to protect personal or financial information of USAA
members.
It has come to our attention that your account information needs to be
updated due to inactive members, frauds and spoof reports.
If you could please take
--On 14 December 2005 15:55 -0500, kyle wrote:
Im running into a (silly) problem where I am seem not to be writing
the boot install images properly to a compact flash card. Ive been
trying cdrom38.fs and floppy38.fs.
Can you install the OS (not just the installer) onto the CF on another
box,
On Wed, 2005-12-14 at 21:58 +0100, viq wrote:
On Wednesday 14 December 2005 19:48, Bob Smith wrote:
Just a thought: sudo -u $some_restricted_user $your_preffered_browser ?
good that you brought this up; i been wondering about this too.
does it help? if so how come there isnt a default
Bob Smith wrote:
vmware recently released a program which kind of
chroot jails the browser.
http://www.vmware.com/vmtn/vm/browserapp.html
im not a programmer myself, but i was wondering
if perhaps using a similar technique we could lock
down the browsers in openbsd?
seems to me that
On 14/12/05, Simon Slaytor [EMAIL PROTECTED] wrote:
Does anyones else have this issue and if so is there a workaround?
Yeah, use a different GUI. If you must insist on use buggy pieces of
crap like GNOME then your only real option is to file a bug. If you're
lucky and they don't ignore you it
On Wed, Dec 14, 2005 at 11:50:53AM -0500, Will H. Backman wrote:
Anyone dare try making a systrace policy for firefox?
and where's difficulty in writting such policy? It's 20'' of work: use
``wizard'' or automatic policy generation, and then clean up the ruleset
looking through syscalls and
On 14/12/05, Fletch [EMAIL PROTECTED] wrote:
Isn't this a mute point. I mean, unless you are surfing the web as
root, any remote browser exploit would only effect the user and a logoff
and login again would sort out *most* problems associated with remote
exploits.
Once a remote attacker has
Simon Morgan [EMAIL PROTECTED] wrote:
Correct me if I'm wrong but don't you still need to use something like
fetchmail to download your mail, and doesn't that rely on an MTA of
some sort?
mutt works with imap based folders
you just type in an imap url instead of a folder name when you hit
[IMAGE]Thank you for your interest in our Home Buyer CD's. Below
are some screen shots from the actual program. Your name
and contact information appear on the physical CD's as well
as through out the program, and even on anything the user prints.
The link that appears on the bottom of the screen
On Wednesday 14 December 2005 23:15, James Strandboge wrote:
systrace could provide an effective jail for firefox. 'man systrace'.
Yes, it was mentioned, and it sounds like a good idea.
While we're at systrace, I was wondering - could systrace reduce the risks
associated with running apache
On 14/12/05, Chris Cappuccio [EMAIL PROTECTED] wrote:
mutt works with imap based folders
you just type in an imap url instead of a folder name when you hit C
I was thinking more of POP3.
On 12/13/05, NetNeanderthal [EMAIL PROTECTED] wrote:
FreeBSD 6.0 dmesg
---8---
Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.0-RELEASE
Simon Morgan wrote:
I recommend Sylpheed Claws. BTW I hope you filed a bug report for that crash. :)
Bugzilla for Mozilla says don't bother for releases over two weeks old.
--
Jack J. Woehr # I never played fast and loose with the
PO Box 51, Golden, CO 80402 #
On 12/14/05, Jack Woehr [EMAIL PROTECTED] wrote:
Recommendations for another POP3/IMAP/SMTP mail reader client (if one
exists) other than Mozilla?
Years ago I hopped directly from Elm on a host server to graphic mail
clients on my desktop
box without ever dealing with, e.g., mutt setting up
On Wednesday 14 December 2005 17:35, Jack Woehr wrote:
Recommendations for another POP3/IMAP/SMTP mail reader client (if one
exists) other than Mozilla?
Years ago I hopped directly from Elm on a host server to graphic mail
clients on my desktop
box without ever dealing with, e.g., mutt
On Wed, 2005-12-14 at 23:38 +0100, viq wrote:
On Wednesday 14 December 2005 23:15, James Strandboge wrote:
systrace could provide an effective jail for firefox. 'man systrace'.
Yes, it was mentioned, and it sounds like a good idea.
While we're at systrace, I was wondering - could
That's what I did:
Terminal type? [xterm] vt220
# cd /usr/ports/net/ettercap/
# cvs -d [EMAIL PROTECTED]:/cvs up
-r1.14'patches/patch-configure
'
# ls
CVS distinfo pkg
Makefile patches w-ettercap-0.6.b
# vi Makefile #(_bump_w-ettercap-0.6.b)
# $OpenBSD:
We had some test prints of Wireframe Daemon T-shirts made a few years ago
using some weird colours. They may as well find a home, so I have added
a few of them temporarily to the order site -- look for extra colours
under the Daemon Wireframe colour selector. These are mostly only in XXL
or as
New project I'm trying to work out since the last was a flame-out.
Trying to get my firewall to double as a secured access point so I can
actually carry my laptop around. I've got a working card:
ral0 at pci0 dev 11 function 0 Ralink RT2560 rev 0x01: irq 12, address
00:11:50:14:f6:a0
ral0:
Mikolaj Kucharski wrote:
Hi,
Looking at /etc/daily I can see that backup is done by dd(1) command:
echo Backing up root filesystem:
echo copying /dev/r$rootdev to /dev/r$rootbak
dd if=/dev/r$rootdev of=/dev/r$rootbak bs=16b seek=1 skip=1 \
conv=noerror
kyle wrote:
Hi all,
Im running into a (silly) problem where I am seem not to be writing the boot
install images properly to a compact flash card. Ive been trying
cdrom38.fsand
floppy38.fs. I write the image under linux to the compact flash(seen as hde
device) as so:
cat floppy38.fs
On Thu, 2005-12-15 at 03:02 +0100, Andreas Bartelt wrote:
Hi,
James Strandboge wrote:
...
While we're at systrace, I was wondering - could systrace reduce the risks
associated with running apache with PHP?
Default apache is already chrooted, so systracing it won't be as much of
a
Hi,
James Strandboge wrote:
On Thu, 2005-12-15 at 03:02 +0100, Andreas Bartelt wrote:
...
Apache forks children with reduced priviledges (user www) while, at the
same time, there's always an Apache process running as root. Therefore,
a useful systrace policy for Apache probably won't be easy
Would it be possible to modify the following values in
/usr/src/sys/arch/i386/conf/GENERIC to match that of FreeBSD's
GENERIC.hints, then recompile? The biggest challenge is the lack of
debugging/diagnostic information or a way to get to it.
From OpenBSD
-
#option
Been trying to get a lkm compiled on Zaurus on -current
However the following errors appear
when compiling with
gcc -Wall -D_KERNEL -I/sys -c wafter.c
--errors---
In file included from /usr/include/arm/cpu.h:89,
from /usr/include/machine/cpu.h:4,
A number of employees officers at asw3nvjwbdddf provided support.
Find Great Deals on Holiday Gifts at Yahoo! Shopping
72 matches
Mail list logo