Re: Intel Core 2
rough translation from swedish to english of: http://strombergson.com/kryptoblog/?p=311 begin Intel Advannced Management Technology - Rootkit's for everyone intel just released a new x86 cpu, one new addition avaiding the news is the AMT (Active Management Technology) AMT is a technology intended to facilitate survailance, maintenance and control computers remotely. AMT allows for the following funcitons among others: * Monitor and control (filter) the network traffic - before/under the running operatingsystem * sending out patches to computers - even if they are turned off. * Control, upgrade, change, add and remove software * isolate and shutdown computers infected with viruses * control on/off of the power supply * re-route hdd access to a location on the network * re-route mouse, keyboard, screen and other extras to a location on the network AMT is based on functions in the chipset that allows chipsets to communicate with other chips out-of-band from the CPU, options include LAN, serial interfaces or a direct ethernet interface. image http://softwarecommunity.intel.com/UserFiles/en-us/figure_1(1).gif /image Ergo, there is a microcontroller in the MCU that is always on (as long as the system has power through the power supply) and can recieve and perform instructions even though the system appears to be turned off. The microcontroller is floating in a software environment that implements a huge number of service functions and gives customers the option to add their own functions translators note: does anyone remember the bios resident virus of mid to late 90's? end translators note. image http://softwarecommunity.intel.com/UserFiles/en-us/figure_2(1).gif /image one of the most important parts is the feature or function to communicate with the machine through a separate TCP/IP stack, in other words, even if there is a firewall or other security countermeasures in place protecting the operatingsystems TCP/IP stack, there is a side channel into the system. translators note: rant goes here end translators note. image http://softwarecommunity.intel.com/UserFiles/en-us/figure_3.gif /image So AMT gives systemowners and administrators brand new ways to monitor and control a large number of PC's. AMT will be shipped with a XML (SOAP) based system for managing and administrating AMT clients. But at the same time, the hair on my arms and raise thinking of what would happend should this technology be used for evil purposes. How easy would it be to detect and protect oneself from the rootkits that will sneak into AMT. Rutkowskas Blue Pill is in theory dangerously close. There are security functions in AMT to ensure this will not happend, namely Kerberos and Active Directory based authentication, further on the built in sidechannel TCP/IP stack offers TLS based communication. For those that want to know more about AMT link 1 there are several pages on intel's website link 2. There is also a developerskit (SDK) for AMT available free of change on intels site link 3 link 1 http://www.intel.com/technology/manage/iamt/ link 2 : http://www.intel.com/business/vpro/index.htm link 3 : http://www.intel.com/cd/ids/developer/asmo-na/eng/321157.htm On 6/27/07, Rui Miguel Silva Seabra [EMAIL PROTECTED] wrote: On Wed, Jun 27, 2007 at 04:25:08PM -0300, Leonardo Rodrigues wrote: http://www.geek.com/images/geeknews/2006Jan/core_duo_errata__2006_01_21__full .gif Show stopper Potentially Catastrophic Those are some warm and fuzzy words =) Geez, that's a whole lot of bugs... I never imagined that processors could be so bugged. Theo says that AMD is getting less helpful towards open source OS. Well, that's great. We only have 2 big proc developers for i386, and now those two are turning out crap products with diminishing documentation =( I wonder where this road will lead us. If you really want to know... http://strombergson.com/kryptoblog/?p=311 I'd really love to read a translation of that document, but it seems to say something along the lines of... Basically, the new Celeron seems to have a separate memory and process manager that can hide the thread and memory that does ... stuff. But the chip is creepier than that. If I am understanding Strvmbergson correctly, this chip is the first step in a brave new world where you have no clue what really goes on when you buy a chip. About Strombergson: Strvmbergson is one of Sweden's foremost experts on hardware design (ASIC) and keeps a couple of software patents too (trie sorting ip addresses for routing i.e). -- Or not. Today is Pungenday, the 32nd day of Confusion in the YOLD 3173 + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...? [demime 1.01d removed an attachment of type application/pgp-signature] -- -- JPL
Re: OBSD4.0 on IBM Thinkpad T60
On 3/8/07, Jonathan Gray [EMAIL PROTECTED] wrote: On Thu, Mar 08, 2007 at 01:35:46PM +0100, Johan P. Lindstr?m wrote: I seem to recall that the new T60's feature the ICH7 (or 6) chipset and thus the HDD connects via SATA interface. This may give you issues, though there is a compatibility mode switch in BIOS (F1) to make the hdd show up as wd instead of sd. The performance is a bit lower as from what i recall, but it works well. I tested this on one of the first T60's to hit the scandinavian markets, so much may have changed since then. There is no need to change anything here. APM should still work like a charm, though I can not comment on the The newer ThinkPads no longer emulate APM so it doesn't work like a charm. Most noteably this means suspend is not yet supported on T60. wifi equipment, to my experiance, it is often intel or broadcom. The Wifi is Intel PRO/Wireless 3945ABG wpi(4) Great update, thanks! -- -- JPL
Stanford SRP auth.
The Stanford SRP Authentication Project The Secure Remote Password protocol is the core technology behind the Stanford SRP Authentication Project. The Project is an Open Source initiative that integrates secure password authentication into new and existing networked applications. more info at: http://srp.stanford.edu/ They claim to wrap telnet and FTP and provide authentication. Personally I see no reason to drop ssh and scp, though I thought I should share the URL. -- JPL
Re: OBSD4.0 on IBM Thinkpad T60
I seem to recall that the new T60's feature the ICH7 (or 6) chipset and thus the HDD connects via SATA interface. This may give you issues, though there is a compatibility mode switch in BIOS (F1) to make the hdd show up as wd instead of sd. The performance is a bit lower as from what i recall, but it works well. I tested this on one of the first T60's to hit the scandinavian markets, so much may have changed since then. APM should still work like a charm, though I can not comment on the wifi equipment, to my experiance, it is often intel or broadcom. The wired interface is usually em and they still use a hardware mixer for volume and mute, if I am not mistaken. Some of the newer models have a amber/orange LED in the notch of the screen, instead of the classic white/ice blue one. A new interesting development as well is the hardware slider, that you disable (hot-plug disconnect, USB?) the wifi and bluetooth adapters with, boy can you feel stupid =) The above is based on my observations of 10-15 different type-model varieties, your results may vary. FYI: As I understand, the X40+ family is quire popular among our praised developers. -- JPL On 3/8/07, atstake atstake [EMAIL PROTECTED] wrote: Anyone running OBSD 4.0 or -current on Thinkpad T60? I'm getting one of these and trying to make sure OBSD will run without a fuss. A reply from anyone with T60 - OBSD4.0 experience would be much appreciated. Thanks. -- -- JPL
Politics, but worth a read.
For everyone interested in hardware drivers and the open source world, an interesting read. http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.txt -- JPL
Re: Which tools the OpenBSD developers are using?
So far, only NetBSD runs on the AK* architecture. -- JPL On 11/29/06, Ioan Nemes [EMAIL PROTECTED] wrote: That's the problem, you should use an AK45! Much-much cheaper than the AR-15 (I've been offred one for $US15.00 in Sudan), and is widely available. Ioan Diana Eichert [EMAIL PROTECTED] 11/29 9:58 am I use a soldering iron, dremel tool, sheet metal/plastic nibbler and solder wick. diana PS Then I load my AR-15 to see if I can shoot any holes in my code. -- // Johan
Re: Lenovo notebooks
Lenovo has been building the ThinkPads for some 5 odd years, they just bourght the brand from IBM. I have the following hardware running 4.0 or earlier from the pre-order CD's. You should really get yours too, not buying the CD's will not improve the hardware support now will it? Shame on everyone who dont buy their CD's. Try it out from a local FTP and when the time comes, twice a year so far, get your release on CD, plenty of nice stickers and the artwork is always amazing. /ranthw list * ThinkPad T30 * ThinkPad T40 * ThinkPad T41 * ThinkPad T42 * ThinkPad T43 * ThinkPad T60 * ThinkPad Z60 * ThinkPad R50 * Dell D600 Ethernet works on all (most often its a fxp0 on ThinkPads), wifi on some, pcmcia card with wifi works great. -- Johan On 10/26/06, martin g [EMAIL PROTECTED] wrote: Hello all Has anyone got experience with Lenovo notebooks running OpenBSD. If you are so kind to share your experience. tnx. -- // Johan
BOINC
I'm sorry if this comes across as flame bait, that's not my intention. With that out of the way; How about that BOINC initiative, http://boinc.berkeley.edu is that something that interests anyone else? I can come to think of plenty of reasons why one would not want a port of it, I use obsd for my critical servers where I want as few pieces of sw as possible. Is there a need /desire for it? // Johan
Re: OT: Quad Ethernet cards feedback on OpenBSD
On 11/17/05, Stephan Leemburg [EMAIL PROTECTED] wrote: The D-Link cards are bad and do not work well under OpenBSD (pre 3.8 I haven't used them with 3.8). You should avoid them. I had two in one firewall and one in another, I replaced them with Intel Pro cards, to get rid of frequent kernel panics. I was planning to try to work on the driver, but the Intel cards just function that well that I think I'm not going to spend time on it. -- Stephan On 17-nov-2005, at 9:00, Guido Tschakert wrote: Daniel Ouellet wrote: Sorry for this off topic question. Looking at the archive, SK (Henning love them! (;) is what look likes the best Ethernet cards to use, a few months ago anyway. The network cards are changing so quickly that what was true 6 months ago, may well not be today. For quad, can someone confirmed, deny or offer alternative known to work well before I get 12 of them. Hopefully I may be able to fit them into the Sun X2100, but will see. Also, any issue to run a minimum of 100 VLan on them? I didn't see issue in the archive, so I take it as been no problem! I don't think of any. Any other suggestions is also welcome, I am more concern at the efficiency of the cards as they will be routing and supporting many VLan and PF will in some of the setup use individual VLan firewall configuration, up to 125 in one case. Will see if I can make that work well, not sure of my possible success, but will see... Thanks for your time. Hello, the D-Link Card DFE-580TX works under OpenBSD, but their greatest advantage is that they are cheap (around 100 Euro in Germany). Don't expect to much performance. The are useful if you have to connect a lot of networks (with small traffic) and have not enough pci slots and money ;-) I think you need something with better performance regarding to your setup. guido I do not agree, I have 10 or 12 D-Link DGE-530T running 3.7 atleast since CD release time and no issues what so ever, they are attached as sk(4) devices and I couldn't be a happier camper. Though that is most likely due to the chipset, not D-Link as a brand. These cards are very cheap, some 20 euros a pop in here in Sweden. Browse the OpenBSD metastore and/or the manual pages, em(4) and sk(4) should get you started on your quest. -- // Johan
Re: Bug bounty for pciide/atapiscsi
On 11/10/05, Stephen Nelson [EMAIL PROTECTED] wrote: tongue-in-cheek Thanks for your help. /tongue-in-cheek I would appreciate your suggestions on how to spin this as an interesting problem worthy of an OpenShaman. I've found a workaround by using usb flash media, but I'd still like to get this problem fixed. tongue-in-cheek Stephen, you have made a gross miscalculation. If you had taken the time to acquaint yourself with the required readings, you would know that OpenBSD dogma prescribes that developers work only on those things that interest them. Neither money, personal recognition, crass commercial interests, and least of all the problems of unwashed, ignorant users are of any concern to them. Just what the hell were you thinking, anyway? How dare you attempt to bribe an OpenShaman with money. You have sickened us all. /tongue-in-cheek I am guessing you want to use the CD because you can't write to it (but you can replace it with a dirty one) What about solid state memory? as in the Soekris boxes, use a industrial grade CompactFlash solution, you'll still mount the CF as ro? look at the other threads for today for some hints. -- // Johan
Re: OpenBSD Desktop Document
On 11/9/05, Roy Morris [EMAIL PROTECTED] wrote: Roy Morris wrote: I have been working on a document for newbies that helps them put together a basic/functional desktop under OpenBSD. If anyone has time, I'd like feed back. www.openalternatives.com/OpenBSD/OpenBSD-Desktop.pdfhttp://www.openaltern atives.com/OpenBSD/OpenBSD-Desktop.pdf Thanks Roy Thanks to all those that replied. I have made the changes suggestedand placed the document as {ps,pdf,txt} at www.openalternatives.com/OpenBSD/OpenBSD-Desktop.txthttp://www.openalternati ves.com/OpenBSD/OpenBSD-Desktop.txt www.openalternatives.com/OpenBSD/OpenBSD-Desktop.pshttp://www.openalternativ es.com/OpenBSD/OpenBSD-Desktop.ps www.openalternatives.com/OpenBSD/OpenBSD-Desktop.pdfhttp://www.openalternati ves.com/OpenBSD/OpenBSD-Desktop.pdf Cheers, Roy Great work, though you may want to have a peek at rotating your pdf, it's in landscape format. // Johan
Re: Fujitsu-Siemens Primergy 150 S2/S3
If you are (in Sweden) looking for Intel based rackmountable servers that run obsd, take a look at www.mullet.se Bought one a few months ago and it's humming along w.o issues so far. -- J On 10/29/05, Per-Olov Sjvholm [EMAIL PROTECTED] wrote: Hi Does anybody know if the Fujitsu-Siemens Primergy 150 S3 server runs ok with OpenBSD. Can't find anything on misc. No need to comment the disk controller as I always put in my LSI MegaRAID stuff that I can trust. The network card is not important either as a new one cost almost no money. I am primarily interrested in chipset, Interrupt Router errors and other motherboard related stuff that can make the machine unusable for OpenBSD. I will go from OBSD 3.8 stable with it (not a snapshot after 3.8)... Thanks in advance Per-Olov -- GPG keyID: 4DB2 83CE GPG fingerprint: 45E8 3D0E DE05 B714 D549 45BC CFB4 BBE9 4DB2 83CE [demime 1.01d removed an attachment of type application/pgp-signature] -- // Johan
Re: Which SATA controller to purchase
On 9/26/05, Bryan Irvine [EMAIL PROTECTED] wrote: For example, i was looking at the Promise SATA 150TX4 and i have not yet been able to find what chip that controller uses. Any suggestions on what controller card i should get? Good luck with Promise. I went through this a while back, and the guys at Promise are clueless. I called them up and asked, I even had the cipset numbers and they still couldn't tell me what they used on their cards. Look in the archives for my interesting experiences with them. I ended up getting an Adaptec 1210sa. I didn't need RAID though, my understanding is the RAID support is really sketchy on these. --Bryan Try to avoid buying Adaptec since they do not want your business, google for openbsd +adaptec and you'll get a hint, it's also mentioned on i386.html -- // Johan
Re: To secure WiFi networks
On 9/20/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: The squid solution only would encrypt http or ftp traffic if I'm familiar with the basic working, leaving out e-mail encryption, which would be quit an issue for the security-sensitive wifi users. The Google solution is nothing but a vpn client with a google paint job. On Tue, Sep 20, 2005 at 06:09:49PM +0200, Johan P. Lindstr?m wrote: On 7/15/05, Johan P. Lindstrvm [EMAIL PROTECTED] wrote: Good afternoon list, I'm just going to throw out an idea here and lets take turns kicking at it. I'm not too familiar with the inner workings of the needed technologies (sometimes a pro, often a con) but what if one would use a https proxy, like say squid with SSL/TLS support, to obfuscate the http traffic leaving your laptop over the WiFi LAN to your local OpenBSD box that runs the proxy, that would then with some magic serve you the pages. So that http traffic could not be intercepted on the open WiFi network. Is someone doing something similar already? Googling did not turn up anything helpful here apart from the SSL support in Squid, but would the protocols allow something like this? -- Johan I probably shouldn't be kicking my own dead thread, but in lack of better knowledge... I just found someone who is doing roughly what I was trying to explain. http://wifi.google.com/faq.html Haven't tried it since I'm about 10-11 hours in a Airbus 330 away... http://wifi.google.com/download.html -- // Johan -- mitc groningen 9736cp Fair enough. What I was aiming for was to kick around alternatives to WEP or WPA in a WiFi network, and I don't know if I made it clear earlier but http traffic only, is fine with me. -- // Johan
Re: HW: Wireles PCCARD
Just got word from 3com The RCPAG175 PCCARD uses the Atheros AR5001+ chipset. No knowledge of chip changes and revisions, as in they would not know even if there where changes. There is also a new model on the horizon, RCPAG175B, that should be using the AR5414 single chip solution. I have not had the opportunity to test mentioned hardware in any way, but someone might find the info usefull.
SATA cards (not looking for RAID)
Looking in my heap of spare parts, it seems I am able to build a P4 bucket, this could be fun, though the motherboard only takes IDE/PATA drives, I scavenged 4x 250GB SATA drives so I'm on the lookout for SATA cards. I am not interested in RAID (or the lack there of in the SATA controllers) for this assembly. Is there a specific vendor that one should honor buying new controllers. Experiences with ccd and SATA are welcome. -- // Johan
HW: Wireles PCCARD
As I am browsing the hw page http://www.openbsd.org/i386.html looking for a WiFi PCCARD cross checking with my usual supplier I hit the Netgear WAG511 (Atheros AR5001X+) and WG511T (Atheros AR5002g), knowing that the usual suspects change the chipsets but keep the product name I called Netgear and put forth my query, 10 minutes or so (that's quick no?) of elevator music later I am told that the cards should be equipped with above mentioned chipsets, how ever she could not confirm if there where revisions released of those cards. Now this differs from what I read on the manpage where supported chipsets are AR5210, AR5211 and AR5212. At Atheros site (http://www.atheros.com/pt/index.html) the products section shows only families of chipsets. So, what is my best bet? -- // Johan
Re: [OT]: good home switch?
HP's ProCurve series are a bit on the steep side, though they come with lifetime warranty, got two 2524 (managed) 10/100 and I haven't seen any issues with them so far, next to them I got two D-Link (unmanaged) 10/100/1000 16 port switches, on one of them the fan sounded like a lawnmower and failed after about a month, on the other one I noticed 2 dead ports, haven't tested all of the d-link ports yet but I suspect to find more when I do. The rack also sports a Linksys 32 port 10/100 switch with no issues to date, haven't tested all ports there either. The equipment is about 18 months (HP) and 13 months (the rest) old. - J On 9/4/05, Przemyslaw Nowaczyk [EMAIL PROTECTED] wrote: Hi misc, I'm trying to find buy a stable reliable 5 to 8 port 100Mbit switch for my home network. My first impression was to buy the 3COM OfficeConnect Dual Speed Switch 10/100 5 Plus (3C16790) or the D-Link DES-1005D Switch 10/100 Mbit/s 5-port but I thought that it might be a good idea to ask here for some advice, not only about those two mentioned above but in general. Thanks in advance, -- Przemyslaw Nowaczyk [EMAIL PROTECTED] CS student @ Poznan University of Technology -- // Johan
Re: OpenBox in OpenBSD
On 8/30/05, Alari Kask [EMAIL PROTECTED] wrote: I put together some tips, to get openbox up and running quickly in openbsd, maybe someone find it helpful :-) http://php.khk.tartu.ee/~alari/ That desktop looks very nice, thanks for the hints! // Johan
New device sporting OpenBSD
While making friends with my ZyXEL ZyWALL P1 adapters, using tcpdump -novelf (pf.os as of 3.7-release), I noticed that they are identified as running OpenBSD. This gave me that warm fuzzy feeling and I felt a need to share this, there we are... Have a nice evening! // Johan
Re: 1U server recommendation
On 7/27/05, Matthew Bettinger [EMAIL PROTECTED] wrote: Hello, Can anyone recommend a decent rack server from HP, Dell, IBM or CDW that will run OpenBSD for webserver use? I would prefer a machine that has SCSI drives with Mirror Raid capabilities. I know I can go piecemeal one from FRY's but I need one that can have a hardware support agreement tied to it. I was glancing at the sunfire v20z , ibm xseries 306 and HP DL360 with Smart Array 6i. The dl360 looks like it fits the bill but I have had problems in the past with the smart array on older DL class boxes. The server(s) will be used for web shell and sftp services under medium loads. Thank you. -mb www.mullet.se offers *BSD tested servers from 1U and up, I placed an order for a 1U box last week, don't know how they ship outside sweden though. -- // Johan
Re: twiki
On 8/22/05, Scott Francis [EMAIL PROTECTED] wrote: On 8/21/05, Johan P. Lindstrvm [EMAIL PROTECTED] wrote: I would like to co-write an installation guide for twiki (it's in packages) for us less seasoned obsd monglers, I am finding it not-so-straight-forward and would like to help every one else on their way, does anyone know whom I may contact about this matter or do you feel the spotlight? I am more then willing to supply first line support for this package if it would come to that. I haven't installed Twiki myself, but I would imagine it's probably fairly similar to Kwiki http://www.kwiki.org/, and you may be interested in a write-up I did on installing Kwiki inside OpenBSD's chrooted Apache. http://darkuncle.net/sysadmin/kwiki_in_chroot.txt -- [EMAIL PROTECTED],darkuncle.net} || 0x5537F527 encrypted email to the latter address please http://darkuncle.net/pubkey.asc for public key Thank you so much Scott! This is probably what I am looking for, will try it out and share my results. //Johan
twiki
I would like to co-write an installation guide for twiki (it's in packages) for us less seasoned obsd monglers, I am finding it not-so-straight-forward and would like to help every one else on their way, does anyone know whom I may contact about this matter or do you feel the spotlight? I am more then willing to supply first line support for this package if it would come to that. //Johan
Re: fortinet experiences
On 8/18/05, mdff [EMAIL PROTECTED] wrote: dear misc, not related to misc, but to security, so has anyone experiences with boxes from fortinet? details: http://www.fortinet.com/ cu... Fortinet and Clavister seems to be similar, though Fortinet a little looks better in terms of proxying (if memory serves right), I imagine you want to protect windows boxes, remember that there is no alternative to host security as well. I have one Clavister R33 that I pensioned when I got my obsd 3.6 cd's some time ago, the only use I can imagine for the Clavister now is if I ever wanted to run L2TP tunneling from a Windows XP roaming client. Though with web mail and ZyXEL ZyWALL P1 crypto adapters it's pretty moot. Now when I come to think of it, the Clavister box looks like a Soekris, so maby I should try fitting OBSD on it and start using it again...
Re: OpenBSD on Dell Dimension 2400 or 3000?
On 8/17/05, Chris Zakelj [EMAIL PROTECTED] wrote: Kevin wrote: A friend needs to order a basic computer with a good warranty, to run as a very basic OpenBSD 3.7 firewall for a cablemodem. I'd put one together from parts, but I don't relish doing won't boot hardware support from 1600 miles away. Looking at the Dell Dimension line (probably the 2400 or 3000) one concern is that I don't see *any* reports, success or failure, running OpenBSD on this particular product? One reason to choose the Dell (with a CPU that is way overkill) is that the box may be eventually repurposed as an XP desktop... Alternately, any other suggestions for a US mail order PC vendor with fair prices, quick turnaround, a hardware warranty and a pre-built small tower which will reliably run OpenBSD? This is just going to get shoved under a desk, so rackmount is not a consideration, and it doesn't need to be perfectly quiet. Thanks, Kevin I used one of the Dell Optiplex line about 2 years ago to build a firewall at a chemical plant. I specifically asked my boss to get me the bloody cheapest thing he could that had a PCI slot, and that's what I ended up with. As long as you stick to the hardware compatibility list, you shouldn't have any trouble. I will note that when I built that firewall, the embedded NIC was an xl, which of course threw out all sorts of Command not completed errors. Whether or not that is still a problem on current kernels (this was built in the 3.3 days), I couldn't tell you, as my current home firewall has an rl and an fxp in it. I still use (in 3.7-release) several 3Com 3C905B-TX fast etherlink PCI boards and I don't see any errs as far as I can tell.
Re: generel software RAID-Question (IBMx330, raid failed, where to look for errors? )
That's nice to hear, got three of them with adaptec without an excuse for existence in my hall, I think, perhaps it's time to investigate that, there might be a use for them after all... On 8/5/05, Richard Welty [EMAIL PROTECTED] wrote: On Fri, 5 Aug 2005 12:43:10 +0200 Johan P. Lindstrvm [EMAIL PROTECTED] wrote: The IBM e-server x330 usually sports a branded Adaptec SCSI RAID card (IBM ServeRAID) and... well google the archives if you haven't been following thie list. um, the onboard controller is an adaptec, but the rebranded scsi raid card is generally a mylex in these beasts, not an adaptec. richard -- Richard Welty [EMAIL PROTECTED] Averill Park Networking Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security Well, if you're not going to expect unexpected flames, what's the point of going anywhere? -- Truckle the Uncivil
Re: generel software RAID-Question (IBMx330, raid failed, where to look for errors? )
The IBM e-server x330 usually sports a branded Adaptec SCSI RAID card (IBM ServeRAID) and... well google the archives if you haven't been following thie list. Anywho, IBM servers have plenty of HW failure checks, it's a 1U case we are talking about no? just look on the inside of the lid panel and you should have a big nice blueprint of the layout. Last week there was a qusetion about raidframe and it appears there are no known issues with raidframe and the src has not needed a polish for two or three years, so you are probably looking at a hw or config failure. On 8/3/05, Stephan Tesch [EMAIL PROTECTED] wrote: Am Mittwoch, 3. August 2005 02:11 schrieben Sie: Hi Sebastian, Are there any problems known with the raidframe-device? Not that I know of. In my case: I've a IBM X330 with dual P3 800Mhz and 2 SCSI-HDDs. One is about 160Gb and the other is smaler. I created a raid for the /home but today the server stoped working. I've just remote acces so the tecnican (a guy I know) told me the server wont boot up and stops during raid-initialisation. Did it really stop, or was it just rebuilding the array after an unclean shutdown? Did he try abort that operation (ctrl-c)? I ask because RAIDframe isn't in the default-Kernel so I'm not sure if it's a good choice for productiv servers. I would be happy if somebody with much more experience would give me some hints where to look for potential errors. I've got RAIDframe running for a couple of months now on my web/mailserver on sparc64, and it is rock solid. Never had a problem with it so far. A better description what really happens when you boot the server would be nice. E.g. what messages do you see on the console, is there any activity on the hdd's, does the server pass the BIOS tests, etc. Regards, Stephan
Re: network adapter order
Or you just take out your magic marker and print fxp on the card(s) and print numbers next to the PCI slots. hint ifconfig inet fxp0 192.168.1.1 netmask 255.255.255.0 arp description --==[OnBoard]==-- On 8/1/05, Michiel van der Kraats [EMAIL PROTECTED] wrote: Hi, Is it possible to change the order in which the kernel detects and names network interfaces? I have a system which has one fxp onboard and one fxp as a PCI card. With the PCI card, the onboard NIC is named fxp1 and the PCI card fxp0. Can something be done to change the ordering? It's conceptually easier to tell people the onboard NIC is their internal network. Thanks, -- Michiel van der Kraats
Re: OpenBSD website vintage looks
I must admitt I havent been around as long as most of the others here... But how spiff is that? getting your cvs diffs by email? how cool is that, this is something for pimp-my-CVS-server! On 8/5/05, Siju George [EMAIL PROTECTED] wrote: Hi, Just happened to get a glimpse of how the OpenBSD website looked some while back when I had never heard about and is a bit thrilled about it :-) Dec 24, 1996 http://web.archive.org/web/1996122431/http://openbsd.org/ Mar 27, 1997 http://web.archive.org/web/19970327004719/http://www.openbsd.org/ Feb 12, 1998 http://web.archive.org/web/19980212062954/http://www.openbsd.org/ Jan 17, 1999 http://web.archive.org/web/19990117075126/http://openbsd.org/ Mar 02, 2000 http://web.archive.org/web/2302133316/http://www.openbsd.org/ Jan 18, 2001 http://web.archive.org/web/20010118233800/http://www.openbsd.org/ and for those interested on the whole list http://web.archive.org/web/*/http://www.openbsd.org enjoy! kind regards Siju
Re: OpenBSD website vintage looks
On 8/5/05, J. Lievisse Adriaanse [EMAIL PROTECTED] wrote: On Fri, 5 Aug 2005 15:52:11 +0530 Siju George [EMAIL PROTECTED] wrote: Hi, Just happened to get a glimpse of how the OpenBSD website looked some while back when I had never heard about and is a bit thrilled about it :-) Dec 24, 1996 http://web.archive.org/web/1996122431/http://openbsd.org/ Mar 27, 1997 http://web.archive.org/web/19970327004719/http://www.openbsd.org/ Feb 12, 1998 http://web.archive.org/web/19980212062954/http://www.openbsd.org/ Jan 17, 1999 http://web.archive.org/web/19990117075126/http://openbsd.org/ Mar 02, 2000 http://web.archive.org/web/2302133316/http://www.openbsd.org/ Jan 18, 2001 http://web.archive.org/web/20010118233800/http://www.openbsd.org/ and for those interested on the whole list http://web.archive.org/web/*/http://www.openbsd.org enjoy! kind regards Siju So? Have you never heard of OpenBSD's CVSweb (http://www.openbsd.org/cgi-bin/cvsweb/www/) ? Jasper -- Security is decided by quality -- Theo de Raadt Sure I have, that's common, mail delivery of cvs updates is not as common anymore, or is it?, no it can't be... can it?
Re: OpenBSD 3.7 on VM Workstation 5
On 7/27/05, Johan P. Lindstrvm [EMAIL PROTECTED] wrote: Just finished installing OpenBSD 3.7 from CD onto VM Ware Workstation 5 build 13124 with Windows XP sp2 as host OS. --- cut --- Look how interesting this got, now in this thread we have a way to dodge the virtual terminal issue and better knowledge of what to [not] do when posting to the list. btw, does anyone run vm ware 5 on obsd under linux emulation? experiences? I found this googling, I can't tell how accurate it is for 3.7 and 5 though, or is there a smarter solution? http://www.monkey.org/~marius/pages/?page=VMWare_for_OpenBSD Everyone is a beginner at some point in time... I apologize if I have offended someone. -- JPL
Re: Linksys EG1032 not SysKonnect anymore as of rev. 3
For what it's worth, in my efforts of finding and acquiring sk(4) based network adapters I have found that the D-LINK DGE-530T cards are still att first revision as of today's date and the tech support team (.se) knows of no plans to change chipsets. -- JPL
Re: Anyone know of a mavell based dual gigE copper card
On 7/26/05, Bill Chmura [EMAIL PROTECTED] wrote: From what everyone told me last time, the SK stuff is good. So I can fit my network together with a few dual cards, trunk the smaller stuff together and then be on my way. Trouble is I cannot find (for the life of me) anything dual based on the marvell stuff. The obsd man page http://www.openbsd.org/cgi-bin/man.cgi?query=skapropos=0sektion=0manpath=OpenBSD+Currentarch=i386format=html For dual it only lists the SK-9822 SK-NET GE-T dual port, copper adapter, which from threads I read is now realTek chips in the newer revs. I've tried contacting Marvell for info on products made using them, but no answer yet. I've searched, prodded, poked and cursed and I still have not found one. Thoughts or suggestions? I appreciate the advice from the last round... I am using much of it. -- Bill Chmura Note that I have only seen Linksys EG1032 gigabit adapters sporting RealTek chips, rev.2 is Marvel/SysKonnect (good) and the rev.3 is RealTek (bad/ugly) though they seem to attach after some jedi skills by Brad. How ever, as the man 4 sk page says, there are many other vendors that use the good chipset. The page also details that there is only one known vendor of dual port copper cards with this sk chip lineup. Somewhere in the archives there should be refs. to the syskonnect site (or google for it) as I cant remember the URL, you should be able to buy them from there. -- JPL
Re: To secure WiFi networks
Thanks Bob I will certainly have a peek, I am starting to think authpf is the way to go, but the users at the intended facility are far from self sufficient/ self educating (plain lack of interest) and that usually spells trouble when helping out... or a fortune if you are a consultant, if you don't want to read the manual, then have some one else do it for you @ $110+ an hour =) -- Johan On 7/27/05, Bob Beck [EMAIL PROTECTED] wrote: authpf and a decent ruleset. use a central box and tunnel it back. redirect all unauthenticated http traffic to a website showing them what to do to get authenticted. see http://www.ualberta.ca/CNS/wireless/ for a description of what we use here. * Johan P. Lindstrvm [EMAIL PROTECTED] [2005-07-16 10:48]: Thanks for all the replies, I see now that I should explain myself further. The scenario I am thinking of is when you run a public WiFi access point at let's say a campus with many new visitors from different organisations and you don't want to start messing around with WAP, WEP, IPSec, PPP or L2TP, having staff/manuals to help visitors setting up tunnels on their Windows XP / 2000 laptops is just not feasible. I am after a zero configuration solution for just the HTTP traffic, and if the sites browsed does not support https then there is little I can do on my end. On 7/15/05, Nick Holland [EMAIL PROTECTED] wrote: On Fri, Jul 15, 2005 at 06:03:01PM +0200, Johan P. Lindstrvm wrote: ... I'm not too familiar with the inner workings of the needed technologies (sometimes a pro, often a con) but what if one would use a https proxy, like say squid with SSL/TLS support, to obfuscate the http traffic leaving your laptop over the WiFi LAN to your local OpenBSD box that runs the proxy, that would then with some magic serve you the pages. So that http traffic could not be intercepted on the open WiFi network. ... Before you worry about this too much... IF you are worried about people packet sniffing your wireless connection, you should probably be running some kind of encryption on the traffic already, wireless or not. What's the point of encrypting from your laptop to the firewall, if it is then sent plain-text to the remote end over the common cable that many of your neighbors are also attached to. By this point in time, any communications over the internet which should not be sniffed should be encrypted end-to-end. That was a specific answer to a specific question. the above reply is not meant to imply wireless security issues don't matter. IF the question is, How do I keep people out of my wireless network, or how do I keep them from sniffing internal traffic in my network, my answer would be very different...but that wasn't the question. Nick. -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of Alberta True Evil hides its real intentions in its street address.
OpenBSD 3.7 on VM Workstation 5
Just finished installing OpenBSD 3.7 from CD onto VM Ware Workstation 5 build 13124 with Windows XP sp2 as host OS. As Client OS I chose FreeBSD, VM Ware tools not installed, virtual terminals CTRL+ALT+Fn does not work since CTRL+ALT releases control from the VM Ware application. Here is the dmesg.boot OpenBSD 3.7 (GENERIC) #50: Sun Mar 20 00:01:57 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) 4 CPU 3.00GHz (GenuineIntel 686-class) 3 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,PNI real mem = 267952128 (261672K) avail mem = 237731840 (232160K) using 3296 buffers containing 13500416 bytes (13184K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(a5) BIOS, date 02/11/05, BIOS32 rev. 0 @ 0xfd880 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown pcibios0 at bios0: rev 2.1 @ 0xfd880/0x780 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf30/176 (9 entries) pcibios0: PCI Interrupt Router at 000:07:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xdc000/0x4000! 0xe/0x4000! cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x01 ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x01 pci1 at ppb0 bus 1 pcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x08 pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: VMware Virtual IDE Hard Drive wd0: 64-sector PIO, LBA, 4096MB, 8388608 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: _NEC, DVD_RW ND-3520A, 1.04 SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 uhci0 at pci0 dev 7 function 2 Intel 82371AB USB rev 0x00: irq 9 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered Intel 82371AB Power Mgmt rev 0x08 at pci0 dev 7 function 3 not configured vga1 at pci0 dev 15 function 0 VMware Virtual SVGA II rev 0x00 wsdisplay0 at vga1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) mpt0 at pci0 dev 16 function 0 Symbios Logic 53c1030 rev 0x01: irq 11 mpt0: running in vmware, skipping pageretrieval mpt0: IM support: 0 scsibus1 at mpt0: 16 targets le1 at pci0 dev 17 function 0 AMD 79c970 PCnet-PCI rev 0x10: irq 10 le1: address 00:0c:29:91:ef:ac le1: 8 receive buffers, 2 transmit buffers eap0 at pci0 dev 18 function 0 Ensoniq AudioPCI97 rev 0x02: irq 9 ac97: codec id 0x43525913 (Cirrus Logic CS4297A rev 3) audio0 at eap0 midi0 at eap0: AudioPCI MIDI UART isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard, using wsdisplay0 pmsi0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pmsi0 mux 0 pcppi0 at isa0 port 0x61 midi1 at pcppi0: PC speaker sysbeep0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec biomask eb65 netmask ef65 ttymask ffe7 pctr: user-level cycle counter enabled dkcsum: wd0 matched BIOS disk 80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302
Re: Need Quad Ethernet for router box
For the sk(4) cards, if you buy the Linksys ones (only single seaters i believe) you should make sure to get the rev.2 ones, as the rev.3 is realtek based, you can tell on the retail box, it shows the little crab on the chip. Happy hunting - J On 7/21/05, Bill Chmura [EMAIL PROTECTED] wrote: After getting some much needed sleep I realized the key things I left out of the last post. Ethernet wise, currently the whole mess is at 100MB... It will be that way at least for 12 months after this. As far as heavily used, I just got on the scene myself and the usage is way down. School, summers off. But the end of the year is crazy for them network wise. So in the end, all I can say at this point is that its barely running at peak usage on 100MB. I was thinking Gigabit for the larger buffers they have, and support future expansion - In a few months, or sooner I want to bring one of the segments up to GigE from the router out to the switches in that building. Part of the segmentation is to get students and faculity onto different segments and give me more control at either the inner firewall or the outer firewall. I can however, as you suggested, aggregate a few into one subnet. I will look into that today - but the lightly used ones can be definately be done that way. The other reason for segmentation is the incredible sprawl this has... It stretches from each end of campus to the other. Space is not a factor, I can fit a 6U into the rack without much trouble. I too looked for the sk cards, but there is no Quad for them. I was hoping to reduce interrupts by using Quad cards... If I went with several sk dual cards, say 3 of them, would my interrupts be killing me? Thanks Bill On Thu, 21 Jul 2005 02:09:22 -0500 Kevin [EMAIL PROTECTED] wrote: On 7/21/05, Bill Chmura [EMAIL PROTECTED] wrote: We finally got some money to build a router for the center of a 200-300 user network. Upon arrival I found it to be one giant segment with old old switches (sort of - not real ones) and terrible sprawl. I need to build a router that will handle 7 segments, 4 of which are very heavily used, 3 of which are pretty light. Can you define very heavily used ? Have you considered aggregating the lightly-used segments in a slightly more modern switch (e.g. a 3524XL), configuring a trunk port from the switch to uplink multiple VLANs to a single GigE physical interface on the BSD router? Alternately, if you really do need router throughput at or above 1000Mbps, you might want to consider a purpose-built gigabit router from Cisco :) Both suggestions are under the assumption that the router is not primarily intended as a security separation between subnets. I was contemplating a Quad gigabit card and a 100MB Quad card (to keep the price down). I've got a budget of $3000 US to build this thing. I was thinking the Intel Pro 1000 Quad cards, but thats pretty pricy considering I have to aquire the hardware also. We are very happy with the Intel PRO/1000MT quad copper GigE cards, but we are not coming close to pushing their limits, I'm still waiting for OC-3. Can someone recommend another good obsd friendly good performer / value for the price Quad Ethernet 1000 card? If I can keep it down, I would use two and not do the 100MB on the slow segments. Also is going PCI-X going to get me much? I was reading some notes in the archives (obsd?) that showed the cards won't need it that much, and another post saying it was going to be slammed by a Quad card. If you expect to push hundreds of megabits at peak through the multiport card, then PCI-X will buy you some headroom. One caveat, many PCI-X motherboards can only run one card at the full 133Mhz speed. Kevin Kadow
Re: To secure WiFi networks
Thanks for all the replies, I see now that I should explain myself further. The scenario I am thinking of is when you run a public WiFi access point at let's say a campus with many new visitors from different organisations and you don't want to start messing around with WAP, WEP, IPSec, PPP or L2TP, having staff/manuals to help visitors setting up tunnels on their Windows XP / 2000 laptops is just not feasible. I am after a zero configuration solution for just the HTTP traffic, and if the sites browsed does not support https then there is little I can do on my end. On 7/15/05, Nick Holland [EMAIL PROTECTED] wrote: On Fri, Jul 15, 2005 at 06:03:01PM +0200, Johan P. Lindstrvm wrote: ... I'm not too familiar with the inner workings of the needed technologies (sometimes a pro, often a con) but what if one would use a https proxy, like say squid with SSL/TLS support, to obfuscate the http traffic leaving your laptop over the WiFi LAN to your local OpenBSD box that runs the proxy, that would then with some magic serve you the pages. So that http traffic could not be intercepted on the open WiFi network. ... Before you worry about this too much... IF you are worried about people packet sniffing your wireless connection, you should probably be running some kind of encryption on the traffic already, wireless or not. What's the point of encrypting from your laptop to the firewall, if it is then sent plain-text to the remote end over the common cable that many of your neighbors are also attached to. By this point in time, any communications over the internet which should not be sniffed should be encrypted end-to-end. That was a specific answer to a specific question. the above reply is not meant to imply wireless security issues don't matter. IF the question is, How do I keep people out of my wireless network, or how do I keep them from sniffing internal traffic in my network, my answer would be very different...but that wasn't the question. Nick.
To secure WiFi networks
Good afternoon list, I'm just going to throw out an idea here and lets take turns kicking at it. I'm not too familiar with the inner workings of the needed technologies (sometimes a pro, often a con) but what if one would use a https proxy, like say squid with SSL/TLS support, to obfuscate the http traffic leaving your laptop over the WiFi LAN to your local OpenBSD box that runs the proxy, that would then with some magic serve you the pages. So that http traffic could not be intercepted on the open WiFi network. Is someone doing something similar already? Googling did not turn up anything helpful here apart from the SSL support in Squid, but would the protocols allow something like this? -- Johan
Re: sk gigabit NICs
I hear you, I bought 2 rev.2 sk cards that perform nice, low interrupt load, it seems that is the foremost quality of the cards, apart from the jumbo frames. Then I ordered 10 more and I ended up with an unsupported rev.3 card with a realtek chipset but it is still identified as a Linksys EG1032 in the dmesg, I just noticed that you can actually see the realtek chip on the picture of the card (in rev.3) on the outside of the shrink wrapped box. I would be happy to ship one to someone who feels like crafting a driver for it. On 7/12/05, Adam [EMAIL PROTECTED] wrote: I already read through man sk and it only mentions the older series of NICs which are no longer in production. I wouldn't even bother asking but people like Henning keep mentioning how sk NICs are the best ones out there so in my new firewall I'd like to put the best. -Adam Johan P. Lindstrvm wrote: Maby you already tried it, but check out man sk On 7/12/05, *Adam* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Does anyone know if the Syskonnect SK-9S22 (dual port gigabit PCI-X nic) works well with OpenBSD? I know that the SK-9822 is supported, but I can't seem to find those for sale anymore. I think they are no longer made. The two cards are significantly different, but I think the main things are that the 9S22 is PCI-X and the 9822 is PCI, and the Yukon II vs. Yukon chipsets. If anyone knows if the new line of cards is supported, and/or knows where to get the SK-9822 nics, I'd appreciate a response. Thanks, -Adam
Re: Linksys EG1032 not SysKonnect anymore as of rev. 3
Now this is odd, I finally got some time over to install the new Linksys card, this is a cut down dmesg from a box with two of the old (rev.2) Linksys EG1032 cards (sk) and one new (rev.3) (sk?) EG1032 card. OpenBSD 3.7 (GENERIC) #50: Sun Mar 20 00:01:57 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium III (GenuineIntel 686-class) 930 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,F XSR,SSE real mem = 401055744 (391656K) avail mem = 358821888 (350412K) cut OK, so here is the first one skc0 at pci1 dev 8 function 0 Linksys EG1032 rev 0x12: irq 11 skc0: Marvell Yukon Gigabit Ethernet (0x1) sk0 at skc0 port A: address 00:12:17:51:e0:14 eephy0 at sk0 phy 0: Marvell 88E1011 Gigabit PHY, rev. 3 Number two skc1 at pci1 dev 13 function 0 Linksys EG1032 rev 0x12: irq 5 skc1: Marvell Yukon Gigabit Ethernet (0x1) sk1 at skc1 port A: address 00:12:17:51:e0:16 eephy1 at sk1 phy 0: Marvell 88E1011 Gigabit PHY, rev. 3 But what about this? I was not expecting this at all I must say. skc2 at pci1 dev 14 function 0 Linksys EG1032 rev 0x10: can't find mem space cut Would anyone give me some hints on how to resolve this can't find mem space issue? The sk man page does not detail this specific issue. I have tried swapping slots with the cards and tried the new card solo, but without success, same issue... Googling the archives I found some references to pcibios(4), after reading it, I'm not sure how to use it, though my BIOS PnP OS mode is disabled. // Johan On 7/1/05, Johan P. Lindstrvm [EMAIL PROTECTED] wrote: On 6/30/05, Martin Reindl [EMAIL PROTECTED] wrote: Johan P. Lindstrvm [EMAIL PROTECTED] wrote: It is with great sorrow I must report that the Linksys EG1032 cards as of revision 3 no longer features the SySKonnect (sk) chips. I bought 2 of them, they turned out to be revision 2 (SySKonnect), as per the hardware section on www.openbsd.org http://www.openbsd.org/ http://www.openbsd.org (should probably be updated, im too green to submit a diff, sorry) Now I bought 10 more, and imagine my face when i saw the stupid crab on the chip, for those who know these things, it also says: RLT8169S-32 Probably supported by re(4), send a dmesg. Martin It would seem so, the chip, 8169S is at least, I will make sure to send a dmesg to dmesg@ Any ideas as of where / how to get hold of older batches with the skchips? Where could I ask my vendor to turn? And just to explain my pov. I'm not in any way claiming that realtek is bad, I just did not get what I was under the impression I bought. -- J
Linksys EG1032 not SysKonnect anymore as of rev. 3
It is with great sorrow I must report that the Linksys EG1032 cards as of revision 3 no longer features the SySKonnect (sk) chips. I bought 2 of them, they turned out to be revision 2 (SySKonnect), as per the hardware section on www.openbsd.org http://www.openbsd.org (should probably be updated, im too green to submit a diff, sorry) Now I bought 10 more, and imagine my face when i saw the stupid crab on the chip, for those who know these things, it also says: RLT8169S-32 45135A1 412C TAIWAN There is also another chip about the same size (area) but twice as high, it says YLC(r) PG243001 0510 Printed on the face side of the board I find following three lines A\N: PCGM1670-000-RR4LC P\N: GM1670 Rev.RR START: 2005/02/25 and on the back there's a table: LOT NO. 540015 SMT 67 DIP 15 ICT blank PTEST A32 // Johan
Re: Linksys EG1032 not SysKonnect anymore as of rev. 3
On 6/30/05, Martin Reindl [EMAIL PROTECTED] wrote: Johan P. Lindstrvm [EMAIL PROTECTED] wrote: It is with great sorrow I must report that the Linksys EG1032 cards as of revision 3 no longer features the SySKonnect (sk) chips. I bought 2 of them, they turned out to be revision 2 (SySKonnect), as per the hardware section on www.openbsd.org http://www.openbsd.org http://www.openbsd.org (should probably be updated, im too green to submit a diff, sorry) Now I bought 10 more, and imagine my face when i saw the stupid crab on the chip, for those who know these things, it also says: RLT8169S-32 Probably supported by re(4), send a dmesg. Martin It would seem so, the chip, 8169S is at least, I will make sure to send a dmesg to dmesg@ Any ideas as of where / how to get hold of older batches with the sk chips? Where could I ask my vendor to turn? And just to explain my pov. I'm not in any way claiming that realtek is bad, I just did not get what I was under the impression I bought. -- J
cal output
Does anyone render the output of cal(1) with LaTeX or similar to a one page per month page suitable for printing, or is there a better way to do this? -- Johan
Re: cal output
sweet, thank very much! On 6/21/05, Sebastiaan Indesteege [EMAIL PROTECTED] wrote: On Tue, Jun 21, 2005 at 04:29:01PM +0200, Johan P. Lindstrvm wrote: Does anyone render the output of cal(1) with LaTeX or similar to a one page per month page suitable for printing, or is there a better way to do this? -- Johan Take a look at /usr/ports/print/pscal It generates nice looking PostScript calendars (1 page per month); ready for printing. Sebastiaan
Re: Printers?
Almost all HP lasers you can find nowadays will do PCL 4 or better, don't go for the PS rendering it's often done in the printer driver. On 6/20/05, Ryan Corder [EMAIL PROTECTED] wrote: On Sat, 2005-06-18 at 11:58 -0700, Brian wrote: I would be looking for laser printer under $300. Any suggestions? check out the HP LaserJet 1012 or 1320. I have a 1012 myself at home and there are several 1320 models deployed at work. The 1012 can be had for US $199 and the 1320 is currently on special via CompUSA for US $299. The 1320 offers duplexing and also comes in a network-capable model. later. ryanc
Re: OpenBSD in commercial firewalls?
Just to add a comment, there is the greenbow VPN client ( http://www.thegreenbow.com) for the MS universe of products (quite some appliance boxes as well) based on OBSD 3.4 if' I'm not mistaken, and they bang their drum pretty hard about it, they make good cheese, whine and rational cars (got a headlight from one I busted (burnout 3 anyone?) from AVIS on top of my rack =D ) but I don't know about SW, have no other reason to doubt them though. =D ok, ok, ok frog legs then, but with garlic and parsley is sure beats chicken any day of the week. Then there is always the Soekris boards that will run OBSD from one of the veterans (kudos), I'm still tough on the sauce tonite if you did not notice so far. Somebody stop me, get me away from this email right now!!! I'm about to create a mess I can't handle... // Johan On 6/14/05, Paul Greene [EMAIL PROTECTED] wrote: Just speculating out loud, I would suspect that some vendors use OBSD but don't admit it. From a marketing and pricing perspective, they can probably charge more if they can get clients to believe that they've developed their own customized proprietary hardened OS. Paul James Harless wrote: I know that several firewall vendors use various flavors of Linux as the basis for their devices. Are there any that use OpenBSD similarly? If so, which? Any comments on the devices? Links would be appreciated. -James
Re: howto clean disks ?
Thanks Tim!, that was the link I was grepping for at wikipedia, my memory seems to be good but short... =) On 6/1/05, Timothy Donahue [EMAIL PROTECTED] wrote: On Wednesday 01 June 2005 08:06 am, Johan P. Lindstrvm wrote: The military (at least in Sweden) bakes a Trotyl / Pentyl cake with the drives as stuffing, don't know if that would change the magnetic properties but most likely make the process of collecting/organizing the pieces of the same drive quite labourious. I read an article on encasing your drives with Magnesium and Aluminium-Oxide and hook it up to the power supply through some programmable circut to remotely melt your drives, this would create a plasma at some 3000+ Celcius. Cant seem to find it again though... http://en.wikipedia.org/wiki/Plasma http://en.wikipedia.org/wiki/Exothermic_reaction You are might be thinking about using something like thermite. (Please note that thermite is dangerous stuff to play with because it does reach around 3000 C.) An oxy-acetyleme torch would be just as effective and a whole lot safer. http://en.wikipedia.org/wiki/Thermite Tim Donahue