search for: cjc

Dear all This is a follow-up to an earlier posting today regarding a regular expression question. In the meantime, this is the best approximation I could come up with and should give you a better idea what I am talking about. a<-c("<w AT0>a <w NN1>blockage <w CJC>and <w DT0>that<c PUN>.", "<w AT0>a <w NN1>blockage <w CJC>and <ptr target=KB2LC003><w DT0>that<c PUN>.", "<w AT0>a <w NN1>blockage <w CJC>and<c PUN>, <w DT0>that<c PUN>.",...

Heya.. Yesterday someone "attacked" by box by connection to several ports.. In other words, a simple portscan.. yet, since my box has "log_in_vain" enabled, so it tries to log everything to /var/log/messages, since the logfile got full and the size went over 100K, it tried to rotate the log to save diskspace. (Apr 16 21:00:00 omikron newsyslog[32137]: logfile turned over due

...but so what. Obviously, I may be missing something. Any interest in this? Let me know if you try it out and any successes or failures. Patches! CURRENT and RELENG_4 version attached. The documentation is included as a patch to the syslogd(8) man page. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org -------------- next part -------------- Index: src/usr.sbin/syslogd/syslogd.8 =================================================================== RCS file: /ncvs/src/us...

Hi folks, I've been working on getting my WiFi network running with IPsec. I'm at the point where all traffic on the wifi subnet is encrypted (i.e. ESP). Then I tried to add AH to the equation. I failed. This picture describes the network setup: http://beta.freebsddiary.org/images/ipsec-wireless.gif Here's what I'm trying and failing with. With these rules, I get no

Security pundits have been warning about the dangers implicit with Web services for years. A good starting point for understanding the security issues related to Web services can be found at: http://searchwebservices.techtarget.com/originalContent/0,289142,sid26_gci872720,00.html Of course to really understand the security risks posed by Web services, you need to understand the basics of Web

Can anyone help with this. Bridge is enabled, even in sysctl. Firewall is enabled and configured. But my reality is done this way.. Cisco (NATing 192.168.1.0/24) ---- Freebsd Bridge (Public IP) ------ stations (Public IP) (NATing 172.16.0.0/24 192.168.1.xx or something similar) 172.16.0.xx and on one public IP one

Dear list! I have a little problem, trying to enable logging of deny rule. I have enabled it via kernel: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=3 It is ipfw2. After that, my inten- tion was to use syslogd and !ipfw *.* /var/log/ipfw.log and newsyslog with /var/log/ipfw.log 600 3 100 * J In rc.conf I have firewall_enable="YES"

hi all i'm trying to get ipfilter set up on my new 5.1-RELEASE box. ipfilter seems to be working fine. i just have a couple of issues that are probably not very serious... one thing is that during network startup at boot, i get the message IPFilter: already initialized repeated 4 times. i think i have everything configured properly my kernel config looks like options IPFILTER options

I have two data frames. One (arr) has all arrivals to an airport for a year, and the other (gw) has the dates and quarter hour of the day when the weather is good. arr has a Date and quarter hour column. >names(arr) [1] "Date" "weekday" "hour" "month" "minute" [6] "quarter" "ICAO"

[ -netters, please Cc me or security@ with replies. ] I'm running into trouble integrating dynamic racoon-based IPSec into a network with ipfw and natd. I need to be able to allow VPN access from any address from authenticated clients. I've got the dynamic VPN working, with racoon negotiating SAs and installing SPs, but the problem is that I can't tell whether an incoming packet on

Just rebuilt and installed/world kernel: FreeBSD 4.8-STABLE #0: Fri Apr 11 14:34:37 EDT 2003 Using the latest Makefile for squid25: # fgrep \$FreeBSD /usr/ports/www/squid/Makefile # $FreeBSD: ports/www/squid/Makefile,v 1.100 2003/04/09 08:31:30 adrian Exp $ Modified with: # fgrep CONFIGURE_ARGS Makefile |fgrep -v \# CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --sysconfdir=${PREFIX}/etc/squid \

Hello list. I would like to get your opinion on what is a safe multi-user environment. The scenario: We would like to offer to some customers of ours some sort of network backup/archive. They would put daily or weekly backups from their local machine on our server using rsync and SSH. Therefore, they all have a user account on our server. However, we must ensure that they would absolutely not be

On Sat, 29 May 2004 12:00:52 -0700 (PDT), <freebsd-security-request@freebsd.org> wrote: Hello ! Today i see in snort logs : [**] [1:528:4] BAD-TRAFFIC loopback traffic [**] [Classification: Potentially Bad Traffic] [Priority: 2] 06/07-09:44:39.044590 127.0.0.1:80 -> 10.6.148.173:1566 TCP TTL:128 TOS:0x0 ID:577 IpLen:20 DgmLen:40 ***A*R** Seq: 0x0 Ack: 0x75830001 Win: 0x0 TcpLen:

hello, I have turned on sysctls variables: net.inet.tcp.log_in_vain: 1 net.inet.udp.log_in_vain: 1 And i have plenty of strange connection attempts on udp protocol Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53 Apr 13 23:56:53 pals /kernel: Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53 Connection attempt to UDP

Hi There, I've been having an issue trying to figure out a way to policy route outbound packets from a multihomed machine through the proper interface using IPFW to no avail. I've tried several different incantations of IPFW fwd/forward statements, and none of them seem to do the trick. Basically, I have a host that has multiple Internet connections. This host is running FreeBSD 4.9

550.ipfwlimit check in /etc/periodic/security takes into account only global/default verbosity limit and does not account for a specific logging limit set for a particular rule e.g.: $ ipfw -a l | fgrep log 65000 *521* 41764 deny log logamount *1000* ip from any to any $ sysctl -n net.inet.ip.fw.verbose_limit *100* >From security run output: ipfw log limit reached: 65000 519

Hi, I have been doing some tests using hping2 and TCP SYN pings targeting local and remote hosts from two FreeBSD 4.7-RELEASE-p10 and one Linux 2.4.18 host. The three machines have the same hardware configuration and have been running for 6 months now. The average load isnt too high (usually 0.01 to 0.15) on the FreeBSD machines. Here is the output from hping2 (excuse me the line wrap),

Hi, I'd appreciate any help. I'm getting this odd error when I add in a new samba share to the existing ones on a machine. The error seems to affect some of my NT clients, yielding a message "A remote procedure call (RPC) protocol error occurred." This does not happen to all my NT clients, nor does it seem to affect smbclient on my other samba server. The samba server is

Thanks for the module, I think its a good idea to commit it to FreeBSD for a few reasons: 1) Some folks just prefer more static kernels. 2) Securelevel is a great thing, but can be a pain to do upgrades around remotely. [A lot of folks use FreeBSD simply because its a breeze to run remotely]. 3) Until someone writes code to add modules to a kernel via /dev/mem and releases it to the script

Hello, ctags(1) uses external application sort(1) for sorting the tags file. It calls it via system(3) function. Look at the /usr/src/usr.bin/ctags/ctags.c file, there are such lines here: if (uflag) { (void)asprintf(&cmd, "sort -o %s %s", outfile, outfile); if (cmd == NULL) err(1, "out of space"); system(cmd); free(cmd); cmd = NULL; } This code will be