| |
| |
| |
|
Page: 1 2
Comments:
<0>
<0> is it possible to use snort to detect p2p and pf to block it, or i can block p2p directly thru pf?
<1> depends on the p2p, the protocol, and the network. you may have to write something and hope it never has false positives
<2> yes, take a look at snortsam
<2> the p2p signature that i've seen don't false too much
<2> actually, i'm not sure if snortsam works with pf, I've never used them together. But it should
<0> ok thanks ceec
<0> hey ceec do you know anything about snort2pf?
<3> sheesh
<3> got openbsd running on another laptop, and on that one the wireless works since it is an older intel/802.1b card
<3> even the apm works, or so I thought
<3> apm -S and zzz don't do anything, ho hum, back to the drawing board
<3> is there any push to get apm better supported in opnebsd?
<4> there haven't been a lot of apm-related commits recently, no
<3> too bad really, from my searches on the net, it seems my experience is far from unique
<4> no, it's rather common
<4> it hasn't been a high priority
<4> supporting all the various quirks of laptop apm/acpi implementations is a PITA
<4> marco@'s done some work on ACPI
<4> i think his work is hampered by a lack of access to hardware
<4> he just recently receive two more donated laptops
<4> but it's slow work without physical access to machines that don't work
<3> yah, I may have to look at ACPI, but then I might as well run a different OS if I am going to be tinkering with kernel recompiling
<4> ACPI isn't ready yet
<4> when it is, it'll be in GENERIC
<3> I really want to get openbsd settled on my gear tho, so this is causing much heartburn for me
<4> (and no tinkering will be required)
<3> :(
<4> run what works
<4> i've run OpenBSD on my laptops for a long time
<4> suspend and all that stuff isn't important for me, so it works fine
<3> I am a student, so traveling between cl***es and commuting means I need to conserve battery life as much as I can, it really isn't much of an option
<4> i was a student too
<4> i just powered my laptop off
<3> so I am guessing you get my drift on this
<4> or plugged it in
<3> most of my seminar rooms don't really have much access to electrical outlets... no really
<4> < lt_kije> run what works
<4> it works for me
<4> so i run it
<3> yah, me too but on desktops looks to be my only pratical choice with what I have, ho hum
<3> it just stinks, cause that is the last hurdle, everything esle works... okay I am done, this is starting to sound like a country song :-)
<4> most country songs seem to rhyme
<3> boo hoo for me
<3> heh
<3> as far as the GENERIC ACPI support goes, is that a release away, a year, two years, x years away?
<4> you'd have to ask marco
<4> it seems like it's approaching usability
<4> again, read the threads on misc@
<3> thanks will do
<5> Morning
<5> Has anyone here ever dealt with a Sharp Actius?
<1> baggy: i've been using it for about a month, activated by editing GENERIC. it works fairly well
<3> jb_: thanks, I tinkered woth several things, read lotso "it works" and "it doesn't work" posts, etc, but no luck. I am just gonna have to face the fact that my gear just doesn't play nice with apm in openbsd. Too bad for me, as I will have to slink back to that other free Un*x -like OS.
<1> baggy: i've got it working on an IBM thinkpad 600x
<1> i suspect your gear will work fine
<1> apm seems to be anti-acpi right now
<1> and acpid was, aparently, pulled from /etc/rc
<6> can someone reccomend a good power supply brand or two - i heard antec is going downhill.
<7> I've had ones from almost all the manufacturers I've encountered blow up if the conditions are right, so I'm no help
<6> heh
<6> i'm just looking for something stable, in the past i'd stuck with antecs, and haven't had too many problems with them
<3> jb_: it doesn't work on one laptop, looks like does on the other, but really doesn't, and from what I have seen on the posts and such, my experience is far from unique.... anyhow I threw in the towel on this hours ago, but thanks for the note anyhow
<8> ``Spike: I have heard that fortron is one of the best manufacturers
<8> and yes, do NOT get an antec
<8> my antec blew up this autumn, after not even three years of use
<8> and I built a computer for my girl with antec case + psu too. that one has started to make strange sounds and will probably not last long
<8> ``Spike: however, I've had an enermax running 24/7 since 2001 or 2002 or so. No problems, no strange sounds, no instability yet
<9> hi, can someone tell me more about the boot procedure... i want to try encrypt as much of my disk as i can (with svnd), so my plan is to run vnconfig as early in rc as possible (i was thinking of rigth before fsck)
<9> so i'm trying to find out which files need to be accessible until then
<9> apart from the obvious kernel, /bin and /sbin
<10> why not keep it simple, and just encrypt a single partition for private data?
<9> fun
<9> ;P
<10> oh, well, in that case, have a ball.
<9> plus i want all (wall all that are possible) logs to be encrypted
<9> an i think its harder to be sure you moved everything to a private disk
<10> hmmm...
<9> than to check the stuff taht you didn't move
<9> i already read the rc scipt
<10> well, I have a small (< 1G) partition on my laptop that has all my encrypted data. It's significantly smaller than /home, and certainly works fine for me that way. I don't care to encrypt /var/log ....
<10> I just use symbolic links, for things like ~/.thunderbird.
<9> hum
<10> and it gets mounted during /etc/rc.local; I don't touch /etc/rc.
<9> yeah
<9> i know thats the current techniqe
<10> yep.
<9> but i want to go a little further for fun
<9> well
<9> fo you know about any good resources for this
<10> As far as I know, once init launched /etc/rc ...
<9> besides the man pages/kernel sources
<10> it's up to /etc/rc to mount what it needs, such as /usr and /var.
<9> ok
<10> you could easily alter it so that it does vnconfig's first.
<9> so does the kernel acess any file besides init?
<10> but ... vnconfig is in /usr/sbin
<9> yeah
<9> that why whant to statically link it
<9> and move it to /sbin
<10> You could certainly "play" with sandbox hardware or qemu, and see what you'd need.
<9> well
<9> its an old sparcstation ipx
<9> so i can just d o a reinstall if anything braks
<9> thats not much of a problem
<10> you may not have to, if you have a spare partition.
<9> hehe
<9> i wish i had ;P
<9> but i thik
<9> its not really that hard to figure out what is neede
<10> booting with "-a" will cause the kernel to prompt for root partition; you could build a root on cd-rw or a usb stick if you don't have a spare partition.
<9> just not many documantation on this topic :/
<9> well its got neither
<9> nfs would be an option
<9> i think the kernel supports that
<7> barely
<9> but thats not really the point
<9> i also could netboot an rescue system quite easily i guess
<9> to repair stuff
<10> if you boot -s, you will discover what the root partition has, and what you might need.
<9> its just that i don't whant to use trial& error on this;P
<9> how can i see what i need?
<10> you said it was for "fun" -- so enjoy your OJT.
<11> why would you want to encrypt anything aside from your own stuff?
<9> well logs
<9> are a bit harder
<11> why would you want to encrypt logs?
<11> you could rotate them very often and encrypt the rotated logs
<9> the main point with this also is that i don't know the system well enough to te tell in wich places some information might lurk
<11> what information?
<11> or just mount /var/log on a vnd
<9> so i'd rather have an sortof opt-in for files that are unencrypted
<11> you can do that easily enough after boot
<11> do it an hup syslog
<9> hum..
<9> well i think my only choice is to do some guessing :/
<9> anyway thanks for the help
<10> I guess my first question thenop, is ....
<10> what does encrypting data on disk do for you?
<10> in that, are you concerned about physical security?
<9> yes
<9> i am ;P
<9> well
<9> its just a spare system i have
<9> and i whant to set it up as a textmode irc client
<10> encryption, alone, will not eliminate physical security issues.
<9> well
<9> you men like somone walking up to the console?
<9> mean
<10> sure
<10> nor will it eliminate logical security issues.
Return to
#openbsd
or
Go to some related
logs:
Euphonee
#gentoo
#freebsd
#3dsmax
#bsd
#flash
#italy
#delphi
#beginner
oxycin q
|
|