synproxy in pf already makes sure the 3-way handshake completes before
the connection is completed on the other side; rate limiting can also be
done on the OpenBSD firewall, so it's not clear why you would need an
extra box there.
The bigger problem with DDoS attacks is that the upstream pipe is
2008/7/19 Parvinder Bhasin [EMAIL PROTECTED]:
This maybe dumb but won't hurt to throw this out there, maybe this has to
be
built with combination of tools, technologies etc but i would definately
like to first collect as much info and then maybe work on this (or maybe
the
solution - open
On 2008-07-19, William Stuart [EMAIL PROTECTED] wrote:
Thanks everyone I figured it out!
19:13:46.334037 CARPv2-advertise 36: vhid=50 advbase=1 advskew=0
demote=0 (DF) [tos 0x10]
19:13:46.334299 CARPv2-advertise 36: vhid=50 advbase=1 advskew=0
demote=0 (DF) [tos 0x10]
Something is
On Mon, Jul 7, 2008 at 9:30 PM, macintoshzoom [EMAIL PROTECTED] wrote:
Which hex editor do you advise?
Should I have to umount the partition before?
the partition is 40 GB size on a secondary disk, OpenBSD old slice,
should I need at least such space (/tmp ?) to open it on the hex editor
from
Marc Balmer wrote:
* riwanlky wrote:
Hai all,
I have problem on clock with Alic3 board from Pc Engines on OpenBSD 4.3
dmesg-
OpenBSD 4.3 (GENERIC) #698: Wed Mar 12 11:07:05 MDT 2008
and the ntpd message on tail /var/log/daemon
Jul 17 16:14:44 pceng4 ntpd[5847]: adjusting local clock by
Alexander Hall wrote:
Marc Balmer wrote:
* riwanlky wrote:
Hai all,
I have problem on clock with Alic3 board from Pc Engines on OpenBSD 4.3
dmesg-
OpenBSD 4.3 (GENERIC) #698: Wed Mar 12 11:07:05 MDT 2008
and the ntpd message on tail /var/log/daemon
Jul 17 16:14:44 pceng4 ntpd[5847]:
* Alexander Hall wrote:
[...]
True. A little addition for the archives (since it's been a while now):
$ date -r 86908
Fri Jan 2 01:08:28 CET 1970
Oops. My bad. A better approach (combined with correct reading):
$ date -ur 0
Thu Jan 1 00:00:00 UTC 1970
$ date -ur 86908
Fri Jan 2
On Sat, Jul 19, 2008 at 5:23 AM, Die Gestalt [EMAIL PROTECTED] wrote:
On Mon, Jul 7, 2008 at 9:30 PM, macintoshzoom [EMAIL PROTECTED] wrote:
Which hex editor do you advise?
Should I have to umount the partition before?
the partition is 40 GB size on a secondary disk, OpenBSD old slice,
should
* Ryan McBride [EMAIL PROTECTED] [2008-07-19 10:16]:
The bigger problem with DDoS attacks is that the upstream pipe is filled
up with traffic
that was true in the 90s, and maybe the first half of this decade, but
really isn't any more. Most server installs I have worked with have
the pipe limit
After updating my i386 firewall cluster to the latest snapshot (16 Jul, 22:15)
# ifconfig vr0 priority 2
ifconfig: priority: bad value
Is this a regression, or did the syntax change since my last update
about one week ago? I did re-read the man page and also looked through
the CVS commits, but
My laptop (Thinkpad T41p) and I are going to be doing a lot of
travelling in the next year, so I'm investigating how to
(cryptographically) improve my security in case of loss/theft/seizure.
Right now I use cfs (ports) for a few sensitive subdirectories, but
95+% of my /home is still cleartext to
Hi,
I was just wondering if a date for OpenCON 2008 is known.
I would like to try to book earlier to save pennies :)
Thanks
--
Best Regards
Edd
http://students.dec.bmth.ac.uk/ebarrett
On Mon, 14 Jul 2008 16:26:45 +0200
Simon Vallet [EMAIL PROTECTED] wrote:
[...]
I suspect this is due to a problem with the raidframe label on wd0d, but
I have no clue on how to fix this :
It turns out the component label simply hadn't been written on wd0,
since my raid0.conf at -I time
On Sat, 19 Jul 2008 10:18:19 -0400
Nick Guenther [EMAIL PROTECTED] wrote:
On Sat, Jul 19, 2008 at 5:23 AM, Die Gestalt [EMAIL PROTECTED] wrote:
On Mon, Jul 7, 2008 at 9:30 PM, macintoshzoom [EMAIL PROTECTED] wrote:
Which hex editor do you advise?
Should I have to umount the partition
On Sat, Jul 19, 2008 at 05:34:10PM +0200, Rolf Sommerhalder wrote:
After updating my i386 firewall cluster to the latest snapshot (16 Jul, 22:15)
# ifconfig vr0 priority 2
ifconfig: priority: bad value
Is this a regression, or did the syntax change since my last update
about one week ago?
This might be a good time to try my giant softraid diff that makes
crypto useful.
On Sat, Jul 19, 2008 at 05:04:44PM +0100, Jonathan Thornburg wrote:
My laptop (Thinkpad T41p) and I are going to be doing a lot of
travelling in the next year, so I'm investigating how to
(cryptographically)
If you have some time and a spare disk, why not experiment with the 3
or 4 options available to you before settling on one.
- cfs
- svnd backed by a file in a filesystem
- svnd backed by a whole slice on disk
- softraid w/ crypto
softraid w/ crypto is still kind of a work in progress, but it's
You might want to try Photorec :
http://www.cgsecurity.org/wiki/PhotoRec
good luck
On Mon, Jul 7, 2008 at 1:48 PM, macintoshzoom [EMAIL PROTECTED] wrote:
I deleted a directory from an OpenBSD slice from my 2nd HD, and I need
to recover a single file.
I tried :
cjeker wrote:
This diff got removed from the latest snaps.
Thanks for prompt reply. That's bad news, as I am using it on the
firewall cluster to resolve a problem in connection with default
routes and dhclient, as per your previous recommendation.
Is this removal just a temporary measure until
On Sat, Jul 19, 2008 at 05:04:44PM +0100, Jonathan Thornburg wrote:
My laptop (Thinkpad T41p) and I are going to be doing a lot of
travelling in the next year, so I'm investigating how to
(cryptographically) improve my security in case of loss/theft/seizure.
Right now I use cfs (ports) for a
Hi all,
Lenovo X300, snapshot for i386, from 20080717 (also 20080716) dumps
into dbb on boot on uvideo:
uvm_fault(0xd0814b20, 0x0, 0, 1) - e
kernel: page fault trap, code=0
Stopped at uvideo_vs_negotiation+0x81: mov10x15(%eax),%eax
ddb{0}
//no console to capture output, made some
On Saturday 19 July 2008 18:33:33 you wrote:
Hi,
I was just wondering if a date for OpenCON 2008 is known.
I would like to try to book earlier to save pennies :)
Thanks
Hi,
28-30 November 2008
Venice, Italy
Bye
--
fabioFVZ
On Jul 19, 2008, at 1:26 AM, ropers wrote:
2008/7/19 Parvinder Bhasin [EMAIL PROTECTED]:
This maybe dumb but won't hurt to throw this out there, maybe this
has to be
built with combination of tools, technologies etc but i would
definately
like to first collect as much info and then maybe work
Suppose:
1. Dan Kaminsky's recently announced DNS cache poisoning vulnerability
is anywhere near as serious as he and others have made it out to be,
and
2. Simple UDP source port randomization of DNS requests is indeed
sufficient to mitigate the vulnerability.
I think we have
On Jul 19, 2008, at 1:26 AM, ropers wrote:
I don't mean to be impolite, but considering that these guys
http://www.rayservers.com/ddos-protection are the first Google hit
for firewall ddos protection openbsd (w/o quotation marks), it would
seem to me that you maybe didn't Use Teh Google.
* Parvinder Bhasin [EMAIL PROTECTED] [2008-07-19 23:12]:
Perhaps I didn't make it clear..maybe but yeah..I totally know that
there are PAY solutions, like I mentioned that I know of many devices
that can achieve this. I have done research on these devices and was
thinking maybe something (
On Jul 19, 2008, at 2:31 PM, ropers wrote:
On Jul 19, 2008, at 1:26 AM, ropers wrote:
I don't mean to be impolite, but considering that these guys
http://www.rayservers.com/ddos-protection are the first Google hit
for firewall ddos protection openbsd (w/o quotation marks), it
would
seem to me
btw: Ropers Thanks for the link.
On Jul 19, 2008, at 2:31 PM, ropers wrote:
On Jul 19, 2008, at 1:26 AM, ropers wrote:
I don't mean to be impolite, but considering that these guys
http://www.rayservers.com/ddos-protection are the first Google hit
for firewall ddos protection openbsd (w/o
On 7/19/08, Chris Kuethe [EMAIL PROTECTED] wrote:
- svnd backed by a whole slice on disk
I know some people have done this, but the code doesn't like it. I'd
stick with normal files.
On 7/19/08, Tobias Ulmer [EMAIL PROTECTED] wrote:
[4] # mount -o softdep /dev/sd0a /mnt
[5] # dd if=/dev/arandom bs=1m of=/mnt/imagefile count=...
prepare to wait a few days... there is known plaintext at specific
locations anyway, disklabel, filesystem metadata,...
very little really.
I am running an HP Vectra VL400 system under OpenBSD 4.4 beta 2007-07-11.
When I attempt to connect using ssvnc from my windows box using the ssh
option I am getting connection refused by server: Administratively
prohibited
When I check authlog, the error message is
July 19 23:19:22
31 matches
Mail list logo