search for: scheidell

...ion, with no head, no monitor, its hard trying to figure out just WHY 'system won't boot'. (it booted, but sshd didn't start!) There is enough random[pun intended] things that can happen when you install a new system, that I would like to try to eliminate one of them. -- Michael Scheidell, CTO SECNAP Network Security / www.secnap.com scheidell@secnap.net / 1+561-999-5000, x 1131

...of /opt/bin,/usr/opt/bin,/usr/bin//spare/user/opt/bin/,/opt/sfw and the mired of other paths. It looks like mixed message there, with one page saying it supports the v100, another saying it does yet. And if nor FBSD, then which one? OpenBSD, NetBSD? Anyone have any performance tests? -- Michael Scheidell SECNAP Network Security, LLC Sales: 866-SECNAPNET / (1-866-732-6276) Main: 561-368-9561 / www.secnap.net

Tobez: no disrespect intended, obviously you saw a problem with the master sites for perl 5.8.7 and did what you could to help, and with your position as a maintainer, I know that the trust we have in you and your patches is well earned, so don't take this question as anything but my well-earned paranoia rearing its ugly head: Yes, building perl5.8.7 did seem like it had a lot of problems

Attempted to install dlint port. Only distribution site is www.domtools.com Email to 'content@domtools.com' and pab@domtools.com bounces (can't relay) Phone number missing on whois record. Fetch of tarball fails checksum (it delivers a generic 'web hosted search engine that just hijacked someone's domain' web page. Maybe domtools didn't renew? New web company

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:14.arp Security Advisory The FreeBSD Project Topic: denial of service due to ARP resource starvation Category: core Module: sys Announced:

I got some weird mail back, claiming that my e-mail was blocked, w/o indicating what server was blocked, after the mail appeared in the mailing list. Is this some BS shakedown? I use postfix on a DSL line forwarding to earthlink, this is hardly something that should be rare in the BSD world... the mail appeared to come from a web mail server and the first link has the following lovely text:

If you are running ntop on 5.4, what compile options? Use ports version? Or surgefile tarball? It makes a great security forensics tools, but I can't get it to stop segfaulting.Was wondering if anyone found a fix for it. -- Michael Scheidell, CTO 561-999-5000, ext 1131 SECNAP Network Security Corporation Take a vacation from spam: http://www.spammertrap.com

Hi Colin! I would like to know, that these following "vulnerabilities" does affect FreeBSD's reliability? If the answer is "yes", what version of FreeBSD affected, when will be fixed, etc. http://projects.info-pull.com/moab/MOAB-12-01-2007.html http://projects.info-pull.com/moab/MOAB-10-01-2007.html Thank you! -- kobi

Hi, I am using IPFW on FreeBSD 4.11 I am facing two problems: - SSH sessions timeout after a while - When I run "/sbin/ipfw -q -f flush" in the rules script all connection get reset (and I am thrown out of the box). Is this standard functioning of ipfw or do I need to change any configuration? Thanks, Siddhartha

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:07.bind Security Advisory The FreeBSD Project Topic: Predictable query ids in named(8) Category: contrib Module: bind Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:07.bind Security Advisory The FreeBSD Project Topic: Predictable query ids in named(8) Category: contrib Module: bind Announced:

Gang, For months now, we're all seeing repeated bruteforce attempts on SSH. I've configured my pf install to ratelimit TCP connections to port 22 and to automatically add IP-addresses that connect too fast to a table that's filtered: table <lamers> { } block quick from <lamers> to any pass in quick on $ext_if inet proto tcp from any to ($ext_if) port 22 modulate

I have a need to have users SSH into a server where they are limited to a chroot jail (sandbox). Once they are there, they need to be able to execute 'ssh' and 'scp' to other systems. I've no problem setting up the basic chroot jail and providing basic functionality (ls, cat, less, etc). The part that is stopping me is setting it up so that that user can then 'ssh'

This was in bugtraq, and hasn't shown up in portaudit yet so I thought I would send it and the fix to you. I submitted a pr for a patch as well. (but for some reason, ir bounced) Problem #1: Clamav 87 has been found to have a security vulnerability that could lead to remote code execution Problem #2 patch patch-clamav-milter_clamav-milter.c won't