[IMAGE] Duracisn: 10 Horas de entrenamiento. Presentado por nuestro experto consultor: Lic. Gerardo Coronado L. !Promociones Especiales para Grupos! Mayores informes responda este correo electrsnico con los siguientes datos. Empresa: Nombre: Telifono: Email: Nzmero de Interesados: Y en breve le haremos llegar la informacisn completa del evento. O bien comunmquense a nuestros telifonos un ejecutivo con gusto le atendera Tels. (33) 8851-2365, (33)8851-2741. Copyright ...

I'm attempting to setup OpenLDAP, Samba and ypldap on 4.7. OpenLDAP is up and running along with Samba, and I've used the smbldap tools to populate the directory. I'm having trouble getting the full list of LDAP groups with getent. At first I ran "getent group" and didn't see any of the LDAP groups. Then I noticed that the ypldap.conf example uses basedn "ou=Users,dc=domain,dc=tld", so I changed it to basedn "dc=domain,dc=tld". Now getent group shows only the first of the LDAP groups: # ...

EuroBSDCon 2011 =============== EuroBSDCon is the European technical conference for users and developers on BSD based systems. The EuroBSDCon 2011 conference will be held in the Netherlands from thursday 6 october 2011 to sunday 9 october 2011, with tutorials on thursday and friday and talks on saturday and sunday. Call for Proposals ------------------ The EuroBSDCon conference is inviting developers and users of BSD based systems to submit innovative and original papers not submitted ...

Les informations concernant votre compte: Cher Client de La Banque Postale : Attention! Votre Compte ` ete limite! Dans le cadre de nos mesures de sicuriti, nous procedons regulierement ` la virification du bien jtre de nos clients .Postale d'apprendre recemment Vous ont contacte apres avoir releve un probleme sur votre Account.We demande des informations Aupres de vous pour la raison suivante: Notre systeme a detecte charges inhabituelles une carte de credit liee ` votre Compte La ...

You could use blowfish to store them; the code already exists in the openbsd base. Storing multiple previous passwords has always seemed gratuitous to me, but we're not discussing technical

Mettre a jour votre Carte Credit en ligne Cher Client Notre salutations Nous Vous Informons Que :Votre Carte Bancaire Sera suspendue , pour la remarque d'un problC)me administratif .Pour proteger la votre et la mettre a jour, Cliquez ici , et vous devez bien completer les informations indiquC)es .Merci de votre confiance C votre Banque La Banque Postale Libre rC)ponse 83130 51049 ChC"lons en Champagne Cedex Cliquez ici pour mettre a jour ...

Perhaps lower hanging fruit would be for those that regularly tweak /etc to occasionally send in sanitized diffs against the originals with comments as to why the changes were made. Changes that appear for many people probably should eventually go into the FAQ. (Sorry, I don't have any tweaks... 4.7 required no tweaks outside of turning on IP forwarding in /etc/sysctl.conf...) Thanks, Chris Dukes

would any of the openbsd devs like a franklin (sprint) u300 wireless card? i'll ship it for free to canada or within the u.s. -scott

with ffmpeg? can you share your command, I've never gotten it to work. -- jakemsr@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org

Remove it from /etc/shells instead. Replacing csh with ksh is evil, and I don't mean that in a good way. -- Darrin Chandler | Phoenix BSD User Group | MetaBUG dwchandler@stilyagin.com | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation

They're not the same shell. I can't think of any security reasons because I'm not familiar with the code but as far as logs and noise factor I imagine it would go up or various things might start breaking that depend on csh.

Base seems to only have two shells as ksh and sh have the same md5 checksum. I'm hoping csh is only included for historical reasons or in honor of Bill Joy or something such as that. Brad

Replying to myself. I can't seem to make csh auto logout inactive users. So I did this: rm /bin/csh cp /bin/ksh /bin/csh Any good reason to not do this? Brad

Why do you want to logout idle users? You just forced your csh users to use ksh. Why do you want them to hate you? Or maybe to be used by the thousands of people that want to use it.

Unbelievable.

You could try "boot -c", "disable apm" and "quit", preferably with 4.8 or -current. Might help, might not. There are also newer bioses available, there's a chance they may help, but there's also a chance you end up with a dead motherboard by attempting to flash. From what I remember some of those early VIA KT chipsets had pretty broken PCI implementations...

There are big differences between well-designed hardware, poorly designed and implemented hardware, hardware is working properly and hardware that is malfunctioning. A lot of hardware out there was tested with Windows-of-the-Day (and maybe the day before) and that's it. Anything else it works with, great, but it was by luck, not design. A lot of "early" AMD stuff was junk. I'm not talking about the AMD chips themselves, I'm talking about the REST of the computer. I've got a few AMD K6 ...

can you get me a backtrace when the system panics? ive been trying to reproduce this locally without success. cheers, dlg heavy (over)loaded ESX vmware cluster. From to time to the disk backend may boxes just paniced. (And Solaris 10 just kept on running. Probably some really

Well, I don't think so. You only need to logon to the console when you have big problems, and we just have set a really long and complicated password for the root user and stored it away for emergency use in a safe. You still have the external shell protection by restricting who can access the server room. All other users must use sudo anyway, so you don't need the root password on a daily basis, and that's enough for PCI DSS. /Leif -----Original Message----- From: Brad Tilley ...

See passwdqc.conf(5).

Hi! We have just figured out a different approach, and will discuss our new idea with our QSA tomorrow. The idea is to completely turn of the possibility to log in with passwords, and to use SSH key pairs with long and good passphrases instead. It will lead to more work with administrating accounts and there is a small problem on how to distribute the public key to all servers, but we don't have to set up a RADIUS server just yet! I will let you know what the response from our QSA ...

I concluded the same for requirement 8. See my rough notes here. I plan to add to that page as I do more testing: RADIUS may do it if the backend can enforce those things (I don't know enough about this to comment, but OpenLDAP may work). If that cannot do it, read Appendix B of the PCI DSS carefully. They allow compensating controls when the requirements cannot be followed precisely. Brad

Have you tried install48.iso (which includes the sets)? You should be able to get OpenBSD installed correctly, one that's done, you can test the network properly.

Hi, this means... (1) that only either iked OR isakmpd can run on one box? (2) on one IP, but share the same box? (3) or that iked has a dispatch mechanism to forward IKEv1 connections to a bystanding isakmpd, and cooperate with it to allow for using both types of connections on one IP? My guess is that it's (1), but my preference would be (3), of course. -- Kind regards, --Toni++