Re: Longsoon/Godson MIPS boxes, where to buy?
Henning Brauer lists-open...@bsws.de wrote: I feel the price is too high then don't buy a lemote, case closed. The question was about where to get a good price on one. Scroll up asshole. the person you insulted. I insulted nobody except people who attacked me for daring to express the opinion that the price of the mini is too FUCKING HIGH!!! keep going, 2 developers insulted. that is going to give you a lot of karma points here. Shaking and quaking ;-) you have no idea what I do or don't. But you do about me? I got a bulletin for you, your crystal ball needs rebooting aha. again you know sth about me I haven't said. genius! Lot of that going around it is arguable wether we argue or are just making fun of the OP (you, aparently). keep jerking off if it makes you feel better my only assumption was that you want to run OpenBSD. And that should be a pretty safe assumption on misc@ _OPENBSD_ .org. Uh no. OpenBSD is one of the OS that runs on MIPS. I thought I could get some help on where to find a cheap MIPS box, specifically the Lemote. Oh well! Arrogant motherfucker! we tell you to just not buy the device in question if you don't wanna pay its price. that doesn't even require you to make your genius and superiour morals public. But your bandwidth is justified in your own eyes I am sure hey miod, we must convince the rest of us to leave openbsd, this guy here said so, and he's obviously an omniscient genius. Don't try to twist my words. I said nothing bad about OpenBSD or miod. You're a shit stirring little fagot doing your best to draw everyone into your little sharkfest. If you don't have signal to add to the thread at least don't add to the noise.
Re: Longsoon/Godson MIPS boxes, where to buy?
Are we a tourette treatment center? -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk This officer's men seem to follow him merely out of idle curiosity. -- Sandhurst officer cadet evaluation. Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted. -- Gene Spafford learn french: http://www.youtube.com/watch?v=30v_g83VHK4
Re: Longsoon/Godson MIPS boxes, where to buy?
On Mon, 02 Jan 2012 18:10:19 +0100, Nomen Nescio nob...@dizum.com wrote: Why not? They're using their own chip design. I doubt they pay MIPS.inc for a license but maybe they do. FYI, they has a MIPS license. Thank you. I stand corrected.
Re: Longsoon/Godson MIPS boxes, where to buy?
Hi, On, 03 Jan 2012 o 08:59 CET Anonymous cri...@ecn.org wrote: If you don't have signal to add to the thread at least don't add to the noise. Could you please follow your own advise and simply STFU? -- Rafal Bisingier
Re: create a backup of an online server
On Wed, 28 Dec 2011 08:59:40 +0100 Vitali coonar...@gmail.com wrote: Wouldn't you consider AMANDA http://www.amanda.org I had been using it for long in my previous support engineering life. It's nice. Yeah, AMANDA is great, but seems to be an overkill when you just need to backup one or 2 servers, or your changes are minimal. -- With best regards, Gregory Edigarov
Re: Longsoon/Godson MIPS boxes, where to buy?
On Mon, Jan 2, 2012 at 6:10 PM, Nomen Nescio nob...@dizum.com wrote: Instead you motherfuckers are lecturing me on why I should pay 200 or 250 bucks for 5 dollars worth of slave-labor hardware as if you're all shareholders. Apple's iPhone is slave-labor hardware too: how much does it cost? ...As well as all the other electronic gadgets on the market, btw... ciao David
Re: Please help me
I never mean to disturb you with what is going on in my family but I am crying out loud to request your help. My twin sister has been suffering from breast cancer for a while and its become worse so we had to conclude on her surgery for her to get cured as said by the doctors but the cost is high. The doctors said the cost of the surgery is $12,550 and since my dad left us alone in 2002, our mom has been the only one taking care of me, my twin sister and my younger brother. That is TERRIBLE news! I am glad that many of our family members and friends did their best and we've been able to put together $11,770 but it remains $780 for the surgery. I don't want her to die, Sonia is my twin sister and I love her so much. The pains she has been going through is hard. Call tekmote.nl. They make a bundle on selling Lemote minis for a few hundred times actual cost. Not sure where the markup is, maybe they are not to blame. Who knows. One thing's for sure they have the money you need. Please, I will be glad if you are able to render any help to my family for her to be cured. Either donating to you or buying a Lemote mini. H decisions decisions!
Re: Longsoon/Godson MIPS boxes, where to buy?
I know a bunch of people with SGI O2's that might let them go for that. How many do you want? Not familiar with those. I'll have a look thanks.
Re: Longsoon/Godson MIPS boxes, where to buy?
Apple's iPhone is slave-labor hardware too: how much does it cost? Too right. How many people have thrown themselves from Foxconn's towers? ...As well as all the other electronic gadgets on the market, btw... Not all but many. It is worthwhile looking into how what we buy affects people.
Re: TCO, txpause, rxpause and other nice things on em adapters
On 2012-01-03, ??? chipits...@gmail.com wrote: 2012/1/2 Christian Weisgerber na...@mips.inka.de: Ilya Shipitsin chipits...@gmail.com wrote: I'm running servers with em NICs. People on list reported things like hwfeatures=8037CSUM_IPv4,CSUM_TCPv4,CSUM_UDPv4,VLAN_MTU,VLAN_HWTAGGING,WOL , I do not see such options in ifconfig output. Try ifconfig em0 hwfeatures on -current. f2n0:/root#ifconfig em0 hwfeatures ifconfig: hwfeatures: bad value it doesn't work on 5.0RELEASE ? There wouldn't be much point saying on -current if it worked in 5.0. You won't see much output for em(4) though, we don't use offloading there.
Re: Longsoon/Godson MIPS boxes, where to buy?
Are we a tourette treatment center? Why don't you add it to your .sig shithead ;-) -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk This officer's men seem to follow him merely out of idle curiosity. -- Sandhurst officer cadet evaluation. Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted. -- Gene Spafford learn french: http://www.youtube.com/watch?v=30v_g83VHK4
Re: Longsoon/Godson MIPS boxes, where to buy?
If you don't have signal to add to the thread at least don't add to the noise. Could you please follow your own advise and simply STFU? -- Rafal Bisingier As long as you shitheads keep your gang bang going the STFU is going to have to come from you.
PF Snort tutorial
I've been looking around for a good tutorial on implementing snort with PF and everything I see is old, does anyone know of or have implemented a solution using an IDS/IPS with PF on the same box? If possible I'd like snort of some other IDS inspect packets and have pf drop them based on the fact they match certain signatures. Thanks in advance.
[PF] bug in port range.
Hello, happy new year. I think there is a off-by-one error in Packet Filter port ranges, for example with an exclude boundary range : port1 port2 PF or pfctl does not check that port1 = port2 and if port1 port2 the port range is not correct. For example 82 80 is not the same as 80 82 (but should IMO). I've tested with these rules: pass in quick block out quick proto tcp from self to 94.23.254.147 port 82 80 pass out quick Then, port 81 is not filtered out. Thanks, regards.
Re: problem running named in non 0 rdomain
On Sun, Jan 1, 2012 at 5:40 PM, Stuart Henderson s...@spacehopper.org wrote: I'm pretty sure the child will be inheriting the rdomain from the process which forked it. I can offer the anecdote that when I ran sshd using the route -exec wrapper my child session would exist in whatever rdomain was hosting the daemon. Ended up backing away from this approach and sticking with pf rules, so I didn't have sshd parent processes littering my machine. I'll assume you don't want to use pf to land queries on the daemon, so the next question is did you try creating a loopback address in the non-zero rdomain to get the control port you need?
Re: [PF] bug in port range.
* Patrick Lamaiziere patf...@davenulle.org [2012-01-03 17:45]: I think there is a off-by-one error in Packet Filter port ranges, for example with an exclude boundary range : port1 port2 nope. Ports and ranges of ports are specified using these operators: : (range including boundaries) (range excluding boundaries) yes, that is from the manpage, of course. explicitely EXCLUDES the boundaries. now where is that off by one? PF or pfctl does not check that port1 = port2 and if port1 port2 the port range is not correct. pf does what you, the operator, tells it to do. For example 82 80 is not the same as 80 82 (but should IMO). should? why? port 82 80 defines a range that can't match, and it doesn't. as in, all is good. when you mean 80 82 you ought to write 80 82 and not 82 80. Then, port 81 is not filtered out. correct, that is exactly what you told pf to do and it does. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: [PF] bug in port range.
For those of us playing the CS home game. Is this an example of left-to right evaluation? My thought on this was that the value 81 isn't greater than 82 and isn't less than 80, so the rule doesn't match.
Re: [PF] bug in port range.
Le Tue, 3 Jan 2012 17:54:18 +0100, Henning Brauer lists-open...@bsws.de a icrit : Hello, * Patrick Lamaiziere patf...@davenulle.org [2012-01-03 17:45]: I think there is a off-by-one error in Packet Filter port ranges, for example with an exclude boundary range : port1 port2 nope. Ports and ranges of ports are specified using these operators: : (range including boundaries) (range excluding boundaries) yes, that is from the manpage, of course. explicitely EXCLUDES the boundaries. now where is that off by one? Please forget the off-by-one, I've found that 82:80 differs from 80:82 :) PF or pfctl does not check that port1 = port2 and if port1 port2 the port range is not correct. pf does what you, the operator, tells it to do. For example 82 80 is not the same as 80 82 (but should IMO). should? why? Well because for me 80:82 is (80, 81, 82) and 82:80 the same items and so the same range. But you are right, the man page is explicit. I should re-read it more often. So what is the meaning for PF of the range 82:80? If this is a non sense, an error from pfctl would be cool. port 82 80 defines a range that can't match, and it doesn't. as in, all is good. when you mean 80 82 you ought to write 80 82 and not 82 80. Sure, but when using service name it's easy to make a mistake. In fact I've found this strange behavior while translating a Cisco acl : permit tcp any any range ftp ftp-data Translated to port ftp:ftp-data, which if I understand well does not mean anything for PF. Thanks, regards.
Re: problem running named in non 0 rdomain
On 1. jan. 2012, at 23.40, Stuart Henderson wrote:
On 2012-01-01, Pete Vickers p...@systemnet.no wrote:
snippet from /etc/named-gn.conf :
controls {
inet 10.20.30.2 port 954 allow {10.20.30.2;} keys {rndc-key;};
};
then it also fails and complains thus:
Jan 1 09:01:49 ns0 named[8504]: [child]: disallowed port 954
Jan 1 09:01:49 ns0 named[8504]: /etc/named-gn.conf:19: couldn't add
command
channel 10.20.30.2#954: permission denied
Jan 1 09:01:49 ns0 named[8504]: running
So I guess that named's (unprivileged?) child does not honour (inherit?)
the
parent's rdomain, and thus cannot bind to either rdomain '0' or '1',
succesfully ?
The child process only allows binding to ports 53/953/921, see
usr.sbin/bind/lib/isc/unix/privsep.c line 190.
I'm pretty sure the child will be inheriting the rdomain from the process
which forked it.
ahh. Indeed. Once I used an approved port, it appear happy even in the
non-defualt table:
root@ns0 ~ # route -T 1 exec rndc -s 10.20.30.2 status
number of zones: 3
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
thanks for the clue.
/Pete
Re: PF Snort tutorial
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Tue, 3 Jan 2012 10:57:16 -0500 schrieb Bentley, Dain dbent...@nas.edu: I've been looking around for a good tutorial on implementing snort with PF and everything I see is old, does anyone know of or have implemented a solution using an IDS/IPS with PF on the same box? If possible I'd like snort of some other IDS inspect packets and have pf drop them based on the fact they match certain signatures. Thanks in advance. Hi Dain, have you seen this before: http://www.kernel-panic.it/openbsd/nagios/ It's not SNORT but Nagios, but Daniele Mazzocchio did an awful good job in explaining why and how he set up his system. Though it's still related to OBSD 4.6 the principles are still true. Kind regards, STEFAN iEYEARECAAYFAk8DW0oACgkQdClntJwm8dCOxgCdFUNvhzV57ZA5dwECrKEUEVZa HZEAoJcWQeXwvsPM7bEuUZk0t+VeebqF =S6AJ -END PGP SIGNATURE-
Re: PF Snort tutorial
2012/1/3 Bentley, Dain dbent...@nas.edu I've been looking around for a good tutorial on implementing snort with PF and everything I see is old, does anyone know of or have implemented a solution using an IDS/IPS with PF on the same box? If possible I'd like snort of some other IDS inspect packets and have pf drop them based on the fact they match certain signatures. Thanks in advance. Implimenting that is really a Pain in the hell out..I did it on a 4.9, i need to do it from sources, there is no complete tutorial, it works on 4.9, not implemented with PF tought... Greetings... -- Atentamente Andris Genovez Tobar / Tecnico Elastix ECE - Linux LPI-1 - Novell CLA - Apple ACMT http://www.puntonet.ec
Re: TCO, txpause, rxpause and other nice things on em adapters
Stuart Henderson s...@spacehopper.org wrote: There wouldn't be much point saying on -current if it worked in 5.0. You won't see much output for em(4) though, we don't use offloading there. We use it on the receive side, but that doesn't show up in hwfeatures. For transmission, TCP/UDP checksumming is disabled because em(4) is one of those NICs that needs the pseudo-header checksum to be initialized and pf's checksum fixup breaks this for localhost redirects. I guess IP header checksum offload could be enabled for TX, but I doubt that this would produce any gain. -- Christian naddy Weisgerber na...@mips.inka.de
Re: PF Snort tutorial
ughthat's what I thought. I'm reading through some OSSEC docs right now and it seems pretty promising. Having trouble finding anything about having it read from pflog. From: Andres Genovez [andresgeno...@gmail.com] Sent: Tuesday, January 03, 2012 3:04 PM To: Bentley, Dain Cc: misc@openbsd.org Subject: Re: PF Snort tutorial 2012/1/3 Bentley, Dain dbent...@nas.edumailto:dbent...@nas.edu I've been looking around for a good tutorial on implementing snort with PF and everything I see is old, does anyone know of or have implemented a solution using an IDS/IPS with PF on the same box? If possible I'd like snort of some other IDS inspect packets and have pf drop them based on the fact they match certain signatures. Thanks in advance. Implimenting that is really a Pain in the hell out..I did it on a 4.9, i need to do it from sources, there is no complete tutorial, it works on 4.9, not implemented with PF tought... Greetings... -- Atentamente Andris Genovez Tobar / Tecnico Elastix ECE - Linux LPI-1 - Novell CLA - Apple ACMT http://www.puntonet.ec
Como Pagarle a la Fuerza de Ventas
CC3mo Pagar a la Fuerza de Ventas. B!Es muy simple! Le presentamos un renovado programa que le darC! a conocer de manera integral, todas las variables que deben considerarse en el momento de pagarle a la FUERZA DE VENTAS. Toda empresa que basa una parte importante de sus ganancias en la labor de su fuerza de ventas, debe estar consciente que el pago a sus vendedores no puede ser C:nicamente de tipo econC3mico y este es el momento de evaluar si el sistema de pago actual que utiliza es el mC!s adecuado, es el momento de enriquecerlo con incentivos y esquemas de motivaciC3n que le ayuden a formar equipos de vendedores que disfruten de su trabajo e incrementen notablemente sus resultados. Encuentre nuevas formas de pago para su fuerza de ventas a travC)s de este completC-simo evento. Incluye: - Una metodologC-a que proporciona la visiC3n integral de los aspectos clave de un esquema de pago e incentivos competitivo para la fuerza de ventas de su empresa. - Comprender la importancia del pago en especie y reconocimientos dentro de un esquema de pago para vendedores. - CC3mo desarrollar un esquema de incentivos que cubra las necesidades del equipo de ventas de la compaC1C-a. - CC3mo evaluar y medir los esquemas de pago, para el diseC1o de programas de remuneraciC3n competitivos y rentables. - DiseC1o de un esquema de pago que permita mantener motivada a su fuerza de ventas. B!Para Obtener la InformaciC3n Completa! OpciC3n.A) Responda este correo con los siguientes datos: -Empresa: -Nombre: -Puesto: -Tel: ( ) -Marque la Ciudad de su interC)s: ( )MC)xico D.F. 12 de Enero - ( )Monterrey 13 de Enero - ( )Guadalajara 17 de Enero - ( )ON-LINE en vivo 18 de Enero -E-mail: misc@openbsd.org OpciC3n.B) Llamando a nuestra lada sin costo (01800) 2501 020 -Si desea reenviarselo a un compaC1ero, solo presione en replay desde su gestor de correos electrC3nicos. -Para que nuestros participantes tengan un mC!ximo aprovechamiento manejamos Cupo Limitado. -Usted puede dejar de recibir nuestras invitaciones respondiendo con la clave en el asunto, DFEV2012
Re: PF Snort tutorial
Maybe you should try snort2pf from pkg ? Information for http://ftp.spline.de/pub/OpenBSD/5.0/packages/i386/snort2pf-4.5p0.tgz Comment: block nasty hosts with pf(4) based on Snort's rules Description: Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the naughty hosts for a given amount of time using pfctl. Maintainer: The OpenBSD ports mailing-list po...@openbsd.org WWW: http://sourceforge.net/projects/snort2pf/ --- Thanks, Vadim Agarkov On Tue, 3 Jan 2012 17:56:13 -0500, Bentley, Dain wrote: ughthat's what I thought. I'm reading through some OSSEC docs right now and it seems pretty promising. Having trouble finding anything about having it read from pflog. From: Andres Genovez [andresgeno...@gmail.com] Sent: Tuesday, January 03, 2012 3:04 PM To: Bentley, Dain Cc: misc@openbsd.org Subject: Re: PF Snort tutorial 2012/1/3 Bentley, Dain dbent...@nas.edumailto:dbent...@nas.edu I've been looking around for a good tutorial on implementing snort with PF and everything I see is old, does anyone know of or have implemented a solution using an IDS/IPS with PF on the same box? If possible I'd like snort of some other IDS inspect packets and have pf drop them based on the fact they match certain signatures. Thanks in advance. Implimenting that is really a Pain in the hell out..I did it on a 4.9, i need to do it from sources, there is no complete tutorial, it works on 4.9, not implemented with PF tought... Greetings... -- Atentamente Andris Genovez Tobar / Tecnico Elastix ECE - Linux LPI-1 - Novell CLA - Apple ACMT http://www.puntonet.ec
Correos masivos - Host - Soluciones web
Si usted no visualiza bien este mail, haga click aqum Hosting desde $100.000 anuales con CPanel [IMAGE] [IMAGE] [IMAGE] [IMAGE] Servicio de Correos masivos - Email Marketing Consiga mas clientes o fidelice sus actuales, con Promociones, Propuestas, Alertas, Noticias, Novedades de la empresa, Invitaciones, Newsletter por correo electronico masivo. Descripcion Paquete Mailing [IMAGE] LA CANTIDAD TOTAL emails (incluye) + Diseqo grafico o adaptacisn del mensaje + Estadmsticas + Envmo + Cuenta administrativa + *Formulario de captura de datos (*opcional). desde 20.000 registros por $800.000 Conozca los Servicios de posicionamiento en internet: [IMAGE] Email marketing [IMAGE] Clicks efectivos en Facebook, Google. [IMAGE] Diseqo y Desarrollo web [IMAGE] Nombres de Dominio [IMAGE] Alojamiento de Sitios Web [IMAGE] Por favor no responder a este email; ha sido enviado de una direccisn que no es monitoreada. Para asegurarse que continuara recibiendo comunicaciones de Conexionvirtual.com, por favor aqadir nuestro dominio (@conexionvirtual.com) a su lista segura de envmos.Conexionvirtual.com respeta su privacidad. Para obtener mas informacisn, lea nuestra Declaracisn de Privacidad en lmnea. Si no deseas recibir nuestros correos, haz click sobre el siguiente link: retirar =
