rt.fm CVS Mirror going funny?

Hey All, Has anyone else noticed issues with pulling src/sbin/ping/ping.c from anon...@rt.fm:/cvs? I get this error cvs [server aborted]: EOF while looking for end of string \ in RCS file /cvs/src/sbin/ping/ping.c,v Does anyone know what might cause this? I tried removing

Re: Why so cool OS doesn't have vuln database?

I tried this db app on DragonFly,but guess what.You installed sudo,then you install this vulnerability-check and it say that you installed sudo which has local security bug.So what was help for me then?But if you are admin of some servers then you are reading about security problems in similar

Re: route add -interface

On Sun, May 17, 2009 at 01:13:29AM +0200, Felipe Alfaro Solana wrote: Hi misc, route add allows one to specify a directly-connected route reachable over an interface, using the -interface switch. However, I can't seem to figure out if it's possible to specify just the interface name to the

Re: rt.fm CVS Mirror going funny?

On 5/17/09 2:07 AM, Aaron W. Hsu wrote: Hey All, Has anyone else noticed issues with pulling src/sbin/ping/ping.c from anon...@rt.fm:/cvs? I get this error cvs [server aborted]: EOF while looking for end of string \ in RCS file /cvs/src/sbin/ping/ping.c,v Does anyone

Re: route add -interface

On Sun, May 17, 2009 at 9:57 AM, Claudio Jeker cje...@diehard.n-r-g.comwrote: On Sun, May 17, 2009 at 01:13:29AM +0200, Felipe Alfaro Solana wrote: Hi misc, route add allows one to specify a directly-connected route reachable over an interface, using the -interface switch. However, I

Re: route add -interface

On Sun, May 17, 2009 at 11:39 AM, Felipe Alfaro Solana felipe.alf...@gmail.com wrote: On Sun, May 17, 2009 at 9:57 AM, Claudio Jeker cje...@diehard.n-r-g.comwrote: On Sun, May 17, 2009 at 01:13:29AM +0200, Felipe Alfaro Solana wrote: Hi misc, route add allows one to specify a

4.4BSD-Lite sources available

Hi all, I've put the 4.4BSD-Lite sources available in my mirror (1). The complete URL is: ftp://mirror.cdmon.com/pub/bsd-sources/ Currently, I'm playing with the code using the Stevens' volumes; I hope it will be useful for others. (1) Official OpenBSD mirror in

Re: Why so cool OS doesn't have vuln database?

2009/5/17, Yuriy Grishin grishin-mailing-li...@minselhoz.samara.ru: OpenBSD just uses different approach, got it. It's not a technological problem. Search the archives for discussions of security upgrades to ports. In short: The devs all run current and such don't need it; not enough users

Re: route add -interface

On 2009-05-17, Felipe Alfaro Solana felipe.alf...@gmail.com wrote: The problem with incorrectly-sourced IP datagrams seems to be NAT: nat on vr2 inet from 172.16.0.1/24 to any - (vr2) round-robin This rule is created as: nat on $ext_if from $int_if:network to any - ($ext_if) I understand

Re: route add -interface

On Sun, May 17, 2009 at 01:38:07PM +, Stuart Henderson wrote: On 2009-05-17, Felipe Alfaro Solana felipe.alf...@gmail.com wrote: The problem with incorrectly-sourced IP datagrams seems to be NAT: nat on vr2 inet from 172.16.0.1/24 to any - (vr2) round-robin This rule is created

Re: Why so cool OS doesn't have vuln database?

Martin Schrvder wrote: 2009/5/17, Yuriy Grishin grishin-mailing-li...@minselhoz.samara.ru: OpenBSD just uses different approach, got it. It's not a technological problem. Search the archives for discussions of security upgrades to ports. In short: The devs all run current and such

Re: Why so cool OS doesn't have vuln database?

Read the FAQ please http://www.openbsd.org/stable.html 1) Get and update source code trough CVS 2) Rebuild kernel and boot with it 3) Rebuild binaries 4) Done There was thread about it last month I think.You haven't packages updated in -stable.You must use -current if you want updated

Re: route add -interface

On Sun, May 17, 2009 at 11:39:43AM +0200, Felipe Alfaro Solana wrote: On Sun, May 17, 2009 at 9:57 AM, Claudio Jeker cje...@diehard.n-r-g.comwrote: On Sun, May 17, 2009 at 01:13:29AM +0200, Felipe Alfaro Solana wrote: Hi misc, route add allows one to specify a directly-connected route

Re: route add -interface

On Sun, May 17, 2009 at 3:38 PM, Stuart Henderson s...@spacehopper.orgwrote: On 2009-05-17, Felipe Alfaro Solana felipe.alf...@gmail.com wrote: The problem with incorrectly-sourced IP datagrams seems to be NAT: nat on vr2 inet from 172.16.0.1/24 to any - (vr2) round-robin This rule

Re: route add -interface

On Sun, May 17, 2009 at 3:52 PM, Claudio Jeker cje...@diehard.n-r-g.comwrote: On Sun, May 17, 2009 at 01:38:07PM +, Stuart Henderson wrote: On 2009-05-17, Felipe Alfaro Solana felipe.alf...@gmail.com wrote: The problem with incorrectly-sourced IP datagrams seems to be NAT: nat

Re: route add -interface

On Sun, May 17, 2009 at 4:13 PM, Claudio Jeker cje...@diehard.n-r-g.comwrote: On Sun, May 17, 2009 at 11:39:43AM +0200, Felipe Alfaro Solana wrote: On Sun, May 17, 2009 at 9:57 AM, Claudio Jeker cje...@diehard.n-r-g.com wrote: On Sun, May 17, 2009 at 01:13:29AM +0200, Felipe Alfaro

Kylin

I just noticed this: http://www.physorg.com/news161355225.html about a secure os that's been under development in China since around 2k and is now being deployed by the Chinese Gov. Interestingly, it is built for a hardened CPU that, I'd guess, lacks many of the advanced features of iNTel

Re: Kylin

Everyone can try it http://www.honeytechblog.com/downlod-kylin-operating-system-by-chinaqingbo-wu/ 2009/5/17 Duncan Patton a Campbell campb...@neotext.ca: I just noticed this: http://www.physorg.com/news161355225.html about a secure os that's been under development in China since around 2k

old and new pf tandem test ---help

I want to test two pf firewalls in-line - an old openBSD (3.7 #50, i386) is on the 'outside' and a new FreeBSD (7.2 #0 amd64) is on the 'inside.' Here is the setup INTERNET ===[outside port bridged to inside port OLD pf] === [outside port bridged to inside port NEW pf] === LAN I took the old

Re: Kylin

After quick search on web it looks like it's based on FreeBSD 5.3 (initial version) with Windows like GUI.So it doesn't looks so secure now :-) But government agencies must have reason to receive money so why don't make wave about dangerous China with their new ultra-hyper-super secure system?

Re: Kylin

TomC!E! BodEC!r escribiC3: After quick search on web it looks like it's based on FreeBSD 5.3 (initial version) with Windows like GUI.So it doesn't looks so secure now :-) But government agencies must have reason to receive money so why don't make wave about dangerous China with their new

Re: old and new pf tandem test ---help

mehma sarja wrote on Sun, May 17, 2009 at 10:35:27AM -0700: I want to test two pf firewalls in-line - an old openBSD (3.7 #50, That makes absolutely no sense. Don't run real servers with historical software. Run 4.5. i386) is on the 'outside' and a new FreeBSD (7.2 #0 amd64) is on the

Re: Kylin

Do you really think Chineese governmnt make source public? Not all of course ;) Regards, Jesus Sanchez, 05/17/09 20:58: TomC!E! BodEC!r escribiC3: After quick search on web it looks like it's based on FreeBSD 5.3 (initial version) with Windows like GUI.So it doesn't looks so secure now :-)

aucat freezes sparc64 on -current

Hi all, I updated my machine to snapshot 2009-05-15 and the machine freezes when I start aucat : mattieu:/home/mattieu:2$ /usr/bin/aucat -l mattieu:/home/maschizo0: pci bus A error The kernel doesn't panic, the machine just stay at this point. This is the output from a serial console. Here is

Re: Kylin

I know,that's why they choose BSD-style licenced OS ;-) 2009/5/17 Cem Kayali cemkay...@eticaret.com.tr: Do you really think Chineese governmnt make source public? Not all of course ;) Regards, Jesus Sanchez, 05/17/09 20:58: TomC!E! BodEC!r escribiC3: After quick search on web it

mp3 stick as both an mp3 stick and an obsd install

Scenario: 4.5 installed on Emtec 2GB-FM mp3 player, using 1G of the 2G, the rest being 1G of FAT (a separate fdisk partition, labeled as sd0i). Everyting works BSD-wise, provided the machine I plug it in can boot off USB at all. Now, I still want to be able to use it as a mp3 player. I created

Re: old and new pf tandem test ---help

Ingo, Thanks for a detailed response, really. It is my fault that I did not set the context and here it is: a. The old firewall is in production and is running as expected - blocking and passing as we need. b. I am in the process of replacing it with a new one. It happens that OpenBSD was

Re: Why so cool OS doesn't have vuln database?

On Sun, May 17, 2009 at 03:04:18AM +0200, Ingo Schwarze wrote: Hi Joachim, hi Yurij, Joachim Schipper wrote on Sat, May 16, 2009 at 01:23:20PM +0200: On Fri, May 15, 2009 at 10:39:06PM +0500, Yuriy Grishin wrote: I've installed OpenBSD 4.5 on my home gateway. Random pids and critical

Re: ADSL2+ PCI card

Thanks for all the responses everyone it looks like the viking card may be what im after. - it presents itself as an eathernet adapter - it has a cli to configure te onboard ADSL2+ router - the network adapter REL8139 is suported by the rl driver Thanks all

Re: old and new pf tandem test ---help

Hi Yudhvir, mehma sarja wrote on Sun, May 17, 2009 at 01:27:12PM -0700: a. The old firewall is in production and is running as expected - blocking and passing as we need. b. I am in the process of replacing it with a new one. It happens that OpenBSD was inconvenient on the hardware we

Package for kde4

Hello! Could it be possible to include kde4 and its dependent ports into (snapshot) packages, so that we can test it? Compiling kde4 takes so much time and few people can test it without pre-built packages. Regards, Cem

Re: Kylin

On Sun, 17 May 2009 21:08:57 +0200 TomC!E! BodEC!r tomas.bod...@gmail.com wrote: I know,that's why they choose BSD-style licenced OS ;-) 2009/5/17 Cem Kayali cemkay...@eticaret.com.tr: Do you really think Chineese governmnt make source public? Not all of course ;) Regards,

Re: Kylin

2009/5/17 Toma Bodar tomas.bod...@gmail.com: I know,that's why they choose BSD-style licenced OS ;-) Yes, because China's respect for copyright and intellectual property is legendary. -HKS 2009/5/17 Cem Kayali cemkay...@eticaret.com.tr: Do you really think Chineese governmnt make source

Re: Kylin

On Sun, 17 May 2009 20:32:59 -0400 (private) HKS hks.priv...@gmail.com wrote: 2009/5/17 Toma Bodar tomas.bod...@gmail.com: I know,that's why they choose BSD-style licenced OS ;-) Yes, because China's respect for copyright and intellectual property is legendary. -HKS Perhaps this is

Re: old and new pf tandem test ---help

Ingo and the rest of OpenBSD pf-ers, Thanks Ingo for your thoughts. Let me ask a simpler question, is there something wrong with the following line on a FreeBSD 7.2 pf? pass in log quick on em0 inet proto tcp from any to 121.209.23.121 port = imaps flags S/SA modulate state Yudhvir

Re: old and new pf tandem test ---help

Ingo et all, I suspect modulate state may be the culprit. Here is what the manual says: modulate state - works only with TCP. PF will generate strong Initial Sequence Numbers (ISNs) for packets matching this rule. So we have 2 machines generating ISNs for the same connection. Could this be the

Re: Kylin

Jesus Sanchez wrote: TomC!E! BodEC!r escribiC3: After quick search on web it looks like it's based on FreeBSD 5.3 (initial version) with Windows like GUI.So it doesn't looks so secure now :-) But government agencies must have reason to receive money so why don't make wave about dangerous

Re: Kylin

Common,you think that big western companies which have support from western governments care about it?And please don't make white knight from western civilization.Everywhere are pros and cons.What type of copyright and intellectual property you think?Like Disney which have stories based on older