connect to the ssh daemon via port 22.
It was a ugly hack but it worked for us. I shall have a backup copy somewhere on
my powerbook at home...
On Thu, Nov 6, 2008 at 3:33 PM, Charlie Clark <[EMAIL PROTECTED]> wrote:
Hi,
I have noticed that people constantly try to brute force sshd on
Hi,
I have noticed that people constantly try to brute force sshd on my
openbsd box, on my server I use fail2ban to prevent this and wondered if
there is a similar solution for openbsd.
Regards,
--
Charlie Clark
Network Engineer
Lemon Computing Ltd
Unit 9
26-28 Priests Bridge
London
SW14
On Monday 20 October 2008 04:20:15 am Charlie Clark wrote:
Hi,
I am trying to setup an openbsd router but are having a big problem
getting it to work.
Here is the scenario:
The router has 3 public IP's, with 2 internet connections and sits just
outside a DMZ. Behind the r
re something I am missing here?
The filter rules look fine and nothing is being blocked
I would appreciate any help.
Thanks,
--
Charlie Clark
Network Engineer
Lemon Computing Ltd
Unit 9
26-28 Priests Bridge
London
SW14 8TA
UK
Tel: +44 208 878 2138
Fax: +44 208 878 2163
Email: [EMAIL PRO
pass out on $ext_if proto tcp from $ext_if to any modulate state
flags
S/SA
pass out on $ext_if proto { udp, icmp } all keep state
# block msn
pass out quick inet proto tcp from $ip_admin to $msn port
ar
as I am aware
If it's natting or filtering packets it's a gateway.
--
Cezary Morga
"If you live to be one hundred, you've got it made. Very few people die
past that age." (George Burns)
--
Charlie Clark
Network Engineer
Lemon Computing Ltd
Unit 9
26-28 Pri
Could u please explain me better.
Sorry to bother u.
Thanks
-Mensagem original-----
De: Charlie Clark [mailto:[EMAIL PROTECTED]
Enviada em: quarta-feira, 15 de outubro de 2008 13:38
Para: Ricardo Augusto de Souza
Assunto: Re: Filtering outgoing connections in pf
Hi Ricardo,
Thats bec
.99 netmask 0xff00 broadcast 122.166.40.255
inet6 fe80::2e0:4dff:fe06:2b68%rl2 prefixlen 64 scopeid 0x3
sk0: flags=8843 mtu 1500
lladdr 00:0f:3d:88:9e:d4
media: Ethernet autoselect (100baseTX full-duplex,flag0,flag1)
status: active
inet 172.17.1.0 netmask 0xfff000
Stuart Henderson wrote:
On 2008-07-28, Charlie Clark <[EMAIL PROTECTED]> wrote:
Stuart Henderson wrote:
On 2008/07/28 11:37, Charlie Clark wrote:
don't you have some way to handle the other situations where pfctl -sr
doesn't output exactly what pfctl -f was f
Stuart Henderson wrote:
On 2008/07/28 11:37, Charlie Clark wrote:
don't you have some way to handle the other situations where pfctl -sr
doesn't output exactly what pfctl -f was fed as input? how do you handle
macros or the ruleset optimiser?
There are no macro'
imiser is set using a set option, at the moment I cannot query any
'set' options in my ruleset to compare new rulesets against
--
Charlie Clark
Network Engineer
Lemon Computing Ltd
Unit 9
26-28 Priests Bridge
London
SW14 8TA
UK
Tel: +44 208 878 2138
Fax: +44 208 878 2163
Email: [EMAI
what would you do if that same admin that locked himself
out did an accidental halt or rm -rf / ? Surely you have a means to
fix that ? Why is the firewall so special ?
I have, the root is mounted readonly, and halt is not possible :)
--
Charlie Clark
Network Engineer
Lemon Computing Ltd
Un
that the ruleset
was loaded correctly, which means that the file it creates to compare
newly loaded rulesets against might not have been the currently running
config
--
Charlie Clark
Network Engineer
Lemon Computing Ltd
Unit 9
26-28 Priests Bridge
London
SW14 8TA
UK
Tel: +44 208 878 2138
Fax
g to commit the same
ruleset.
Does this make more sence?
--
Charlie Clark
Network Engineer
Lemon Computing Ltd
Unit 9
26-28 Priests Bridge
London
SW14 8TA
UK
Tel: +44 208 878 2138
Fax: +44 208 878 2163
Email: [EMAIL PROTECTED]
Site: http://www.lemon-computing.com/
Lemon Computing is a
Henning Brauer wrote:
* Charlie Clark <[EMAIL PROTECTED]> [2008-07-25 14:41]:
Is this going to be implemented soon or is it there and I'm missing
something?
that is probably never going to be implemented, as some options just
affect further parsing and aren't load
Stuart Henderson wrote:
On 2008-07-25, Charlie Clark <[EMAIL PROTECTED]> wrote:
Hi,
I have noticed that you are unable to view the currently loaded options
for pf using pfctl, even 'pfctl -sa' doesn't show the options eg. set
skip on tun0.
Is this going to be impl
Hi,
I have noticed that you are unable to view the currently loaded options
for pf using pfctl, even 'pfctl -sa' doesn't show the options eg. set
skip on tun0.
Is this going to be implemented soon or is it there and I'm missing
something?
Regards,
--
Charlie Clark
Net
Hi,
I have noticed that you are unable to view the currently loaded options
for pf using pfctl, even 'pfctl -sa' doesn't show the options eg. set
skip on tun0.
Is this going to be implemented soon or is it there and I'm missing
something?
Regards,
--
Charlie Clark
Net
18 matches
Mail list logo