Yes, I'm tcdupming pflog and ALL my dropped packets
reference some PID 6504 that is not found among
the processes that are running. I was actually not fishing
for PIDs, I just saw the PID referenced in the standard
tcpdump output. For forensics I just want to find the link
between PID referenced
PID 6504 was my shell. I've logged off now.
What are you expecting here??
ofthecentury wrote:
> Yes, I'm tcdupming pflog and ALL my dropped packets
> reference some PID 6504 that is not found among
> the processes that are running. I was actually not fishing
> for PIDs, I just saw the PID
And once upon the time 'offtheshell' was around.. :D
Theo de Raadt :
> PID 6504 was my shell. I've logged off now.
>
> What are you expecting here??
>
>
> ofthecentury wrote:
>
>> Yes, I'm tcdupming pflog and ALL my dropped packets
>> reference some PID 6504 that is not found among
>> the
Well, that's not very noice. Where is security?
On Tue, Mar 5, 2024 at 7:45 PM Theo de Raadt wrote:
> PID 6504 was my shell. I've logged off now.
>
> What are you expecting here??
>
>
> ofthecentury wrote:
>
> > Yes, I'm tcdupming pflog and ALL my dropped packets
> > reference some PID 6504
If you want to track which executable was running which pid at a
specific time, you need to put that information in a log, so you can
associate pid and time with the executable path.
--
Raul
On Tue, Mar 5, 2024 at 10:26 AM ofthecentury wrote:
>
> Well, that's not very noice. Where is security?
not wanting to speak for someone else, but I'm pretty sure it was sarcasm.
On March 5, 2024 8:21:40 AM MST, ofthecentury wrote:
>Well, that's not very noice. Where is security?
>
>On Tue, Mar 5, 2024 at 7:45 PM Theo de Raadt wrote:
>
>> PID 6504 was my shell. I've logged off now.
>>
>> What
Thanks. I'm new, so did not realize PIDs are randomly
numbered, which is fantastic. Just for a
fleeting moment I thought I wasn't going to be lonely,
with Theo's shell lurking in the background.
On Tue, Mar 5, 2024 at 8:30 PM Raul Miller wrote:
>
> If you want to track which executable was
And often we would live off
a desktop environment as we aware of.
this is poetry I think..
Mar 5, 2024 16:44:50 deich...@placebonol.com:
> not wanting to speak for someone else, but I'm pretty sure it was sarcasm.
>
> On March 5, 2024 8:21:40 AM MST, ofthecentury wrote:
>> Well, that's not
Hi, I'm on a fresh install of OpenBSD 7.4.
I am watching output of tcpdump and
seeing some drops that all reference
UID 0, pid 6504. I cannot find that PID
among running processes. Does anyone
know what is that process and why it's
not running but tcpdump references it?
Thanks!
Den tis 5 mars 2024 kl 14:35 skrev ofthecentury :
>
> Hi, I'm on a fresh install of OpenBSD 7.4.
> I am watching output of tcpdump and
> seeing some drops that all reference
> UID 0, pid 6504. I cannot find that PID
> among running processes. Does anyone
> know what is that process and why it's
>
I have asked myself the same question.
When runninng tcpdump -n -i pflog0 with the -e -v flags (and only in
that combination), it outputs tuples that looks like they should be a
uid and pid:
16:40:47.110033 rule 2/(match) [uid 0, pid 92257] block in on trunk0: ...
(it's 92257 on the machine
The past days I was managing to try it
the admin interface of BookMyName (iliad) and
sorry for the wanted advertisement.. (it is affordable)
Suddenly I found myself in front of a
transliteral (from the French) saying very
closed to the following:
"Please fill in a backup email address
Please consider to start a blog about your adventures. Thanks.
Regards,
-ext
Daniele B. írta 2024. márc.. 5, K-n 18:58 órakor:
> The past days I was managing to try it
> the admin interface of BookMyName (iliad) and
> sorry for the wanted advertisement.. (it is affordable)
> Suddenly I found
On 2024-03-05, Raul Miller wrote:
> If you want to track which executable was running which pid at a
> specific time, you need to put that information in a log, so you can
> associate pid and time with the executable path.
see accton(8), lastcomm(1)
--
Please keep replies on the mailing list.
Darling, they know me as an ethical guy.
So, my true blogs are usually offline cause the italo-american
meritocracy and their "liberty".., I'm really sorry for the business...
NB: I suggest you to adopt true western names to make your tricks,
indeed, they are so cool
-Dan
Mar 5, 2024
1. The UEFI BIOS on this machine does not have an option to disable
symmetric multi threading.
2. The machine has experienced intermittent hangs/freezes from the
time it was built and commissioned about 2 years ago.
3. All installNN.img files listed below, were successfully installed
On Tue, Mar 5, 2024 at 12:24 PM Markus Wernig wrote:
> When I reload the pf ruleset with pfctl, the number in the pid field
> changes. So my assumption is that it is the pid of the pfctl process
> that inserted the rule. Is that correct?
>
I believe you are correct. while running tcpdump in
Hi. I cannot find what cipher is used for full
disk encryption on OpenBSD. I saw a mention
of salting too, but really no specifics on what
the encryption algorithm is. Is there somewhere
I can read about it? And really, what is the cipher
used?
https://github.com/openbsd/src/blob/master/sys/dev/softraid.c
Judging by the source code it's aes-512-xts now.
Such hard. Very cipher. Hacking can't. NSA oh no.
On Wed, Mar 6, 2024 at 12:02 PM Janne Johansson wrote:
>
> Den ons 6 mars 2024 kl 07:17 skrev ofthecentury :
> >
> > Hi. I cannot find
Den ons 6 mars 2024 kl 07:17 skrev ofthecentury :
>
> Hi. I cannot find what cipher is used for full
> disk encryption on OpenBSD. I saw a mention
> of salting too, but really no specifics on what
> the encryption algorithm is. Is there somewhere
> I can read about it? And really, what is the
I'm stumped. Pls help.
I plug a TPLink USB ethernet dongle in, it
is identified by OpenBSD, and I get a ure0
interface. It says ure0 is up and running. I
give it the ip address, default route, but
nothing happens, I don't get connectivity.
I do everything the same for the USB dongle
as for the
On Wed, Mar 06, 2024 at 12:43:28PM +0500, ofthecentury wrote:
> I'm stumped. Pls help.
> I plug a TPLink USB ethernet dongle in, it
> is identified by OpenBSD, and I get a ure0
> interface. It says ure0 is up and running. I
> give it the ip address, default route, but
> nothing happens, I don't
22 matches
Mail list logo