similar to: Information disclosure?

Hi, First of all, I know that not dropping SYN/FIN isn't really a big deal, it just makes no sense. But since it doesn't make any sense, I don't see the reason why not to discard them. I'm running pf on FreeBSD 5.4-RELEASE-p3 and I scrub any traffic. I've read some other posts on google and as far as I can tell, clearly invalid packets (like packets with SYN/RST set) is

Heya.. Yesterday someone "attacked" by box by connection to several ports.. In other words, a simple portscan.. yet, since my box has "log_in_vain" enabled, so it tries to log everything to /var/log/messages, since the logfile got full and the size went over 100K, it tried to rotate the log to save diskspace. (Apr 16 21:00:00 omikron newsyslog[32137]: logfile turned over due

Heya.. By reading my /usr/local/etc/apache2/httpd.conf, I can find out that my Apache is running as the user "www" and the group "www" .. Yet, when I run sockstat, it tells me one of the forks are runned as root and listening on port 80 as well as the other forks are runned by www:www.. If I got a lot of users connecting to my server on port 80, will thier requests ever be

Hello.. I've asked this question before without getting any further help really.. When a new user is added using "adduser" on 5.x (havn't really checked if it's the same under 4.x or not), the default homedir permission is 755 (drwxr-xr-x) which to me, looks a bit insecure? It's of course pretty easy to solve it by a simple chmod, but yet, isn't there anyway to

Dear list, A few days ago one of my machines were attacked by a DDoS-attack using UDP on random ports.. When I later on analyzed the logs, I found this in my dmesg: xl0: initialization of the rx ring failed (55) xl0: initialization of the rx ring failed (55) xl0: initialization of the rx ring failed (55) I tried to find out on google what it ment, but without any luck. What does that mean and

https://bugzilla.mindrot.org/show_bug.cgi?id=3147 Bug ID: 3147 Summary: Confusing error message when the public key is missing. Product: Portable OpenSSH Version: -current Hardware: All OS: OpenBSD Status: NEW Severity: trivial Priority: P5 Component: ssh

Hello.. I've noticed a delay between when the security advisories are sent and when the cvsup servers, ftp mirrors and web mirrors are updated. Is this delay on purpose to give the users some time to update/patch their system(s) before it hit pages like bugtraq, etc.. or is it just a caused by the delay between when the ftp/cvsup servers are synced? Best regard, Jesper Wallin

Heya folks First of all, sorry if this isn't the correct list, but yet, I think spam is a kind of network attack and should be treated as a security issue.. I run a working mail server using Postfix, MySQL, Courier-IMAP, SpamAssassin and ClamAV (amavisd-new) .. I've checked the configuration file for SpamAssassin, but yet I havn't find any good solution for spam.. Sure, spam will

Dear list, About a week ago, right after 5.4-RELEASE was released, I received a mail from Gentoo Linux's security announcement list about a flaw in tcpdump and gzip. Since none of them are operating system related, I assumed a -p1 and -p2 of the 5.4-RELEASE. Instead, we got a patch for the HTT security issue so I wonder, is the FreeBSD version of tcpdump and/or gzip are secured or simply

Hello List! We're having trouble making call deflection on ISDN PRI. We would like to transfer a call to an external extension but keeping the callerid of the caller so it can be presented to the receiver of the transferred call. At the time we're using Zaptel 1.4.5.1, Asterisk 1.4.11 and Digium hardware TE420B. We've ordered the service (CD) from the phone company. The

> On 6/14/20 1:39 PM, Jay Hart wrote: >> You may need to modify /etc/shadow for consistency. >> >> I don't know what to do here. Need some guidance please. > > > Run "vipw -s" and make the same change to that file's record for ABCLast. > In /etc/passwd the directory was shown in plain text. So I just moved over in the line and changed

Hi. Only indirectly related to zfs. I need to test diskusage/performance on zfs shared via nfs. I have installed nevada b64a. Historically uid/gid for user www has been 16/16 but when I try to add uid/gid www via smc with the value 16 I''m not allowed to do so. I''m coming from a FreeBSD backgroup. Here I alter uid using vipw and edit /etc/group afterwards. -- regards Claus

Hello, Sorry to be a pest, but I need to try to get some clarification of how the machine name works when setting up a machine account on the Samba server. The Samba How-To page http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html#id2536400 talks about the "common error" of including the $ in the machine name on the server machine. However, all of the

Well, colleagues, I'm stuck a bit. I tried many different ways to setup system with vinum root (the only reference I found yet besides old "bootstrapping vinum" article is Joerg's commit message: http://freebsd.rambler.ru/bsdmail/cvs-all_2003/msg01225.html I failed. I have 4-stable system set up at ad0, and tried to set up pair of drives for new system at ad2 and ad3 (actually,

Hi, I've been experiencing serious tearing in compiz when screen is painted only partly. Either "Sync To Vblank" option in compiz doesn't work or copying repainted parts from backbuffer to frontbuffer is too slow. And since many people rely on driver's implementation of Sync to Vblank, it would be optimal to always use glXSwapBuffers. This can be accomplished via keeping

I modified a users name on my system. From ABCLast, to ALast (used as an example). I modified the username, then the group name of the user (to align with the new name), and then I moved the users home directory from /home/ABCLast, to /home/ALast. Then using vipw, edited the home directory to use /home/ALast. When I got finished editing the passwd file, I got the following message: You have

Hello, could somebody to comment PR bin/51148? It is suggestion how to pass a value of cache size to pwd_mkdb when we are doing vipw or such. It can give a greate speed-up when master.passwd is really big (and sometimes it is). Appropriate cache size can make process 10 to 100 or more times faster. I gave the results of measurements in that problem report. Thanks in advance! SY, Alex

Hi, freebsd-security. I have FreeBSD 5.3-STABLE. When I try to change user's password (via passwd) I recieve the following: passwd: entry inconsistent passwd: pam_chauthtok(): error in service module passwd: in pam_sm_chauthtok(): pw_copy() failed and password stays unchanged. There are no other errors in the authorization system at all. Contents of /etc/pam.d stayed unchanged (compared to

Hello, Got some at the time surprising errors some days ago when building a local r-devel installation on a cluster, with apparent outdated or missing dev versions of some files. After reading the r-devel news ( https://developer.r-project.org/blosxom.cgi/R-devel/NEWS), it turned out that " Use of the included versions of ?zlib?, ?bzlib?, ?xz? and PCRE is deprecated: these are frozen and

Hi, I'm toying with the SMP/i386 ACPI suspend/resume patches in -9. Thanks so much for this! I've noticed though that the video backlight stays off after resume. A common problem on -9, so I set hw.acpi.reset_video=1. That restores the backlight. However, the video mode isn't restored. I have my console set to VGA_80x60 and the resume seems to set it up "wrong". I get half