From owner-freebsd-security Sun Oct 25 03:14:19 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA00345 for freebsd-security-outgoing; Sun, 25 Oct 1998 03:14:19 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from hotmail.com (f155.hotmail.com [207.82.251.34]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id DAA00338 for ; Sun, 25 Oct 1998 03:14:12 -0800 (PST) (envelope-from madrapour@hotmail.com) Received: (qmail 23217 invoked by uid 0); 25 Oct 1998 11:13:36 -0000 Message-ID: <19981025111336.23216.qmail@hotmail.com> Received: from 208.218.169.84 by www.hotmail.com with HTTP; Sun, 25 Oct 1998 03:13:35 PST X-Originating-IP: [208.218.169.84] From: "N. N.M" To: freebsd-security@FreeBSD.ORG Subject: RE: Again logging! Content-Type: text/plain Date: Sun, 25 Oct 1998 03:13:35 PST Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, Thanks everybody who helped me in this regard. At last I had to re-copy the inetd deamon and it worked. So half of problem has been solved (with your help). The other half is relevant to tcpd logging! I have the following lines in inetd.conf: telnet stream tcp nowait root /usr/local/libexec/tcpd /usr/libexec/telnetd ftp stream tcp nowait root /usr/local/libexec/tcpd /usr/libexec/ftpd -l And the following lines in syslogd.conf: !inetd *.*/var/log/inetd.log !tcpd *.*/var/log/tcpd And a file named tcpd in the /var/log which is owned to root and its permission is 774. What else should I do to make it work? Nazila N. ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Oct 25 05:39:45 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA13711 for freebsd-security-outgoing; Sun, 25 Oct 1998 05:39:45 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from server01.nexnet.com.mx (server01.nexnet.com.mx [167.114.26.118]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA13706 for ; Sun, 25 Oct 1998 05:39:43 -0800 (PST) (envelope-from intermed@server01.nexnet.com.mx) Received: from localhost (intermed@localhost) by server01.nexnet.com.mx (8.8.5/8.8.5) with SMTP id HAA14309 for ; Sun, 25 Oct 1998 07:43:38 -0600 (CST) Date: Sun, 25 Oct 1998 07:43:38 -0600 (CST) From: Intermedia To: freebsd-security@FreeBSD.ORG Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org subscribe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Oct 25 18:52:36 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA14845 for freebsd-security-outgoing; Sun, 25 Oct 1998 18:52:36 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from carp.gbr.epa.gov (carp.gbr.epa.gov [204.46.159.110]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA14838 for ; Sun, 25 Oct 1998 18:52:30 -0800 (PST) (envelope-from mjenkins@carp.gbr.epa.gov) Received: (from mjenkins@localhost) by carp.gbr.epa.gov (8.8.8/8.8.8) id TAA06945; Sun, 25 Oct 1998 19:25:29 -0600 (CST) (envelope-from mjenkins) Date: Sun, 25 Oct 1998 19:25:29 -0600 (CST) From: Mike Jenkins Message-Id: <199810260125.TAA06945@carp.gbr.epa.gov> To: madrapour@hotmail.com Subject: RE: Again logging! Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <19981025111336.23216.qmail@hotmail.com> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > From: "N. N.M" > Subject: RE: Again logging! > > !tcpd > *.*/var/log/tcpd > > And a file named tcpd in the /var/log which is owned to root and its > permission is 774. > > What else should I do to make it work? I just installed the tcp_wrappers package and wrapped telnetd to test. The first thing I noticed was that tcpd only syslogged denied connections. (The message went to /var/log/messages.) The second thing I noticed was that argv[0] is the service name (telnetd) and not tcpd. Therefore, the tag for tcpd in syslog.conf is not going to work. Turns out tcpd logs both allowed and denied connections. You only see the denied ones because the default syslog.conf logs auth.notice but not auth.info (the tcp_wrappers port/package uses the auth facility). Add an auth line to the top of syslog.conf sort of like this: auth.*/var/log/auth.log And, of course, create /var/log/auth.log and HUP syslogd. Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Oct 25 20:28:45 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA24444 for freebsd-security-outgoing; Sun, 25 Oct 1998 20:28:45 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from peak.mountin.net (peak.mountin.net [207.227.119.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA24437 for ; Sun, 25 Oct 1998 20:28:44 -0800 (PST) (envelope-from jeff-ml@mountin.net) Received: (from daemon@localhost) by peak.mountin.net (8.9.1/8.9.1) id WAA12352; Sun, 25 Oct 1998 22:28:13 -0600 (CST) Received: from harkol-68.isdn.mke.execpc.com(169.207.64.196) by peak.mountin.net via smap (V1.3) id sma012349; Sun Oct 25 22:27:51 1998 Message-Id: <3.0.3.32.19981025222819.00fd1a00@207.227.119.2> X-Sender: jeff-ml@207.227.119.2 X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Sun, 25 Oct 1998 22:28:19 -0600 To: Mike Jenkins , madrapour@hotmail.com From: "Jeffrey J. Mountin" Subject: RE: Again logging! Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <199810260125.TAA06945@carp.gbr.epa.gov> References: <19981025111336.23216.qmail@hotmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 07:25 PM 10/25/98 -0600, Mike Jenkins wrote: >I just installed the tcp_wrappers package and wrapped telnetd to test. >The first thing I noticed was that tcpd only syslogged denied connections. >(The message went to /var/log/messages.) The second thing I noticed was >that argv[0] is the service name (telnetd) and not tcpd. Therefore, >the tag for tcpd in syslog.conf is not going to work. Interesting. >Turns out tcpd logs both allowed and denied connections. You only >see the denied ones because the default syslog.conf logs auth.notice >but not auth.info (the tcp_wrappers port/package uses the auth facility). >Add an auth line to the top of syslog.conf sort of like this: > > auth.*/var/log/auth.log > >And, of course, create /var/log/auth.log and HUP syslogd. I don't think he wanted it to go to auth. Still prefer to change line 319 of patch-aa, recompile, and edit syslog.conf. ################################################################ # Optional: Changing the default disposition of logfile records *************** *** 484,490 **** # # The LOG_XXX names below are taken from the /usr/include/syslog.h file. ! FACILITY= LOG_MAIL # LOG_MAIL is what most sendmail daemons use # The syslog priority at which successful connections are logged. --- 484,491 ---- # # The LOG_XXX names below are taken from the /usr/include/syslog.h file. ! #FACILITY= LOG_MAIL # LOG_MAIL is what most sendmail daemons use ! FACILITY= LOG_LOCAL7 ^^^^^^^^^^ Pretty simple. Jeff Mountin - Unix Systems TCP/IP networking jeff@mountin.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Oct 25 21:59:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id VAA03715 for freebsd-security-outgoing; Sun, 25 Oct 1998 21:59:37 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from chickenbean.ais-gwd.com (chickenbean.com [205.160.97.50]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA03574; Sun, 25 Oct 1998 21:57:41 -0800 (PST) (envelope-from charlespeters@chickenbean.com) Received: from ci1000971-d.sptnbrg1.sc.home.com (ci1000971-d.sptnbrg1.sc.home.com [24.4.115.200]) by chickenbean.ais-gwd.com (8.8.8/8.8.8) with SMTP id BAA02260; Mon, 26 Oct 1998 01:09:12 -0500 (EST) (envelope-from charlespeters@chickenbean.com) Reply-To: From: "Charles A. Peters" To: , , , , , , , , , , , , , , , , Date: Mon, 26 Oct 1998 00:51:11 -0500 Message-ID: <000001be00a5$5e2d8d40$c8730418@ci1000971-d.sptnbrg1.sc.home.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org subscribe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Oct 25 23:47:16 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA12966 for freebsd-security-outgoing; Sun, 25 Oct 1998 23:47:16 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from hotmail.com (f199.hotmail.com [207.82.251.90]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id XAA12957 for ; Sun, 25 Oct 1998 23:47:14 -0800 (PST) (envelope-from madrapour@hotmail.com) Received: (qmail 21682 invoked by uid 0); 26 Oct 1998 07:46:41 -0000 Message-ID: <19981026074641.21681.qmail@hotmail.com> Received: from 208.218.169.84 by www.hotmail.com with HTTP; Sun, 25 Oct 1998 23:46:40 PST X-Originating-IP: [208.218.169.84] From: "N. N.M" To: mjenkins@carp.gbr.epa.gov, jeff-ml@mountin.net Cc: freebsd-security@FreeBSD.ORG, jkb@best.com Subject: RE: Again logging! Content-Type: text/plain Date: Sun, 25 Oct 1998 23:46:40 PST Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Thanks all specially Mike, Jeff and Andrew. I tried all what you said. There is still a problem. But I think it's better for me to follow that in freebsd-questions mailing list as Jan said. Sorry if it was irrelevant to security, but you know, I'm rather new to FreeBSD! (-: Thanks again, Nazila N. ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Oct 26 11:23:09 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA11106 for freebsd-security-outgoing; Mon, 26 Oct 1998 11:23:09 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ms13.url.com.tw (gemini.accton.com.tw [210.68.148.7]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id LAA11100 for ; Mon, 26 Oct 1998 11:23:07 -0800 (PST) (envelope-from willer@ms13.url.com.tw) Date: Mon, 26 Oct 1998 11:23:07 -0800 (PST) Received: from willer ([202.145.254.42]) by AccSMTP/NT 2.5 (210.68.148.49) [210.68.148.49]; Tue, 27 Oct 1998 01:27:35 +0800 Message-ID: <012b01be0106$08f443d0$8eab91ca@willer.willer.net> To: From: "willer" Subject: =?big5?B?sXqkQKl3rW6lzsD0q0+lUrlxuXGmwA==?= MIME-Version: 1.0 Content-Type: text/plain; charset="big5" X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-Mimeole: Produced By Microsoft MimeOLE V4.72.2106.4 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by hub.freebsd.org id LAA11101 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ¥DÃD ·R¥xÆW ±z¤@©w­n¥ÎÀô«O¥R¹q¹q¦À ¦U Ãþ ¤T¸¹¹q¦À¤ñ¸û ¹q¦À¯S©Ê Àô«OÆP©Ê¹q¦À ´¶³q¹q¦À ÂìÂð¹q¦À Àô«O Âì ²B¹q¦À ¥i¥R¹q¦¸¼Æ ¹s¦¸ ¹s¦¸ ¬ù¤@¨Õ¦¸ ¤j©ó¤­¨Õ¦¸ §t­«ª÷ÄݦìV·½ µL µL §tÂ𭫪÷ÄÝ µL °ª¯Ó¹q¨Ï¥Î ¾A¦X ¤£¾A¦X ¾A¦X ¾A¦X °ª«ù¤[©Ê ¬O §_ §_ ¬O ¥R¹q°O¾Ð©Ê -- -- ¦³ ¦³ ¦pªG±z·R¥xÆW³o¶ô¤j¦a ½Ð±z¨Ï¥ÎµL¦¾¬VÂì²BÀô«O¥R¹q¹q¦À ¦³¥R¹q°O¾Ð©Êªº¹q¦À ¸ûµLªkµo´§¹q¤O ¥²»Ý§¹¥þ©ñ¹q«á¤~¯à¥R¹q ´ö²L¤T¸¹©Î ¥|¸¹µL¦¾¬VÂì²BÀô«O¥R¹q¹q¦À ºô¸ô°â»ù 99 ¤¸ YUASA NiMH AA or AAA type, NTD 99 Each ´ö²L ª¾¼z«¬¥R¹q¾¹ ? ºô¸ô°â»ù 399 ¤¸ YUASA Recharger of NiMH, NTD 399 Tel: (03)3278012 BBC: 060224189-099 Mobile: 0933926100 Miss Eileen Lin ªL¤p©j To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Oct 26 13:19:58 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA23947 for freebsd-security-outgoing; Mon, 26 Oct 1998 13:19:58 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from accessone.com (blaze.accessone.com [198.68.191.19]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA23940 for ; Mon, 26 Oct 1998 13:19:56 -0800 (PST) (envelope-from chadth@atvideo.com) Received: from scan.atvideo.com (root@scan.atvideo.com [204.118.35.14]) by accessone.com (8.8.5/8.8.5/PIH) with ESMTP id NAA00009 for ; Mon, 26 Oct 1998 13:19:19 -0800 (PST) Received: from chadth.atvideo.com (pip.atvideo.com [204.118.35.21]) by scan.atvideo.com (8.9.1/8.8.5) with SMTP id NAA09641 for ; Mon, 26 Oct 1998 13:22:56 -0500 Received: by chadth.atvideo.com with Microsoft Mail id <01BE00E3.2EDE9D70@chadth.atvideo.com>; Mon, 26 Oct 1998 13:18:55 -0800 Message-ID: <01BE00E3.2EDE9D70@chadth.atvideo.com> From: Chad Thunberg To: "'freebsd-security@freebsd.org'" Subject: FW: firewall + internal mail server Date: Mon, 26 Oct 1998 13:18:54 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id NAA23943 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----Original Message----- From: Chad Thunberg [SMTP:chadth@atvideo.com] Sent: Monday, October 26, 1998 1:02 PM To: 'Jim Flowers' Cc: 'freebsd-securirty@freebsd.org'; 'freebsd-questions@freebsd.org' Subject: RE: firewall + internal mail server Jim, Thank you for your response but I am unable to get this below to work. It appears that natd is not listening to that port. Do I need to do anything to make natd monitor the port? Sendmail is disabled on the firewalling machine, making port 25 available to be bound too. I also tried redirect_port tcp ip.of.mail.server:25 25 as well as redirct_port tcp ip.of.mail.server:25 ip.of.public.interface:25 Any more input would be great. Thanks, -Chad -----Original Message----- From: Jim Flowers [SMTP:jflowers@ezo.net] Sent: Thursday, October 22, 1998 12:35 PM To: Chad Thunberg Cc: freebsd-security@FreeBSD.ORG; freebsd-questions@FreeBSD.ORG Subject: Re: firewall + internal mail server Just did it. Very simple to implement NAT (natd) and use the redirect-port capability: natd - interface ed0 redirect_port other_host:smtp smtp \ * redirect_port other_host:pop3 pop3 All your other reserved addresses will be translated per usual. Works like a charm with MS Exchange. Jim Flowers #4 ISP on C|NET, #1 in Ohio On Thu, 22 Oct 1998, Chad Thunberg wrote: > I am setting up a firewall and enabled natd but have an internal mail > server. Is there a way to still be able to access the internal mail server > from the outside for sending and receiving email? I thought about giving > the firewall a vhost of mail.host.com and diverting packets that came in > from 110 and 25 to the internal mail server but from the man pages, divert > seems to be used for diverting packets from one port to another on the same > machine instead of diverting them to a new or ineternal ip. Any help on the > subject would be great. I would rather not put the mail server outside of > the firewall. good idea, although on a perimeter network with a good wrapper is even better. > > Thanks, > -Chad > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Oct 26 15:41:14 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA08391 for freebsd-security-outgoing; Mon, 26 Oct 1998 15:41:14 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from carp.gbr.epa.gov (carp.gbr.epa.gov [204.46.159.110]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA08385 for ; Mon, 26 Oct 1998 15:41:13 -0800 (PST) (envelope-from mjenkins@carp.gbr.epa.gov) Received: (from mjenkins@localhost) by carp.gbr.epa.gov (8.8.8/8.8.8) id RAA08360; Mon, 26 Oct 1998 17:40:30 -0600 (CST) (envelope-from mjenkins) Date: Mon, 26 Oct 1998 17:40:30 -0600 (CST) From: Mike Jenkins Message-Id: <199810262340.RAA08360@carp.gbr.epa.gov> To: chadth@atvideo.com Subject: Re: FW: firewall + internal mail server Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <01BE00E3.2EDE9D70@chadth.atvideo.com> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Thank you for your response but I am unable to get this below to work. It appears that natd is not listening to that port. Do I need to do anything to make natd monitor the port? Sendmail is disabled on the firewalling machine, making port 25 available to be bound too. I also tried redirect_port tcp ip.of.mail.server:25 25 as well as redirct_port tcp ip.of.mail.server:25 ip.of.public.interface:25 Any more input would be great. So you're starting natd sort of like (minus the pop3): /usr/sbin/natd -interface ed0 -redirect_port tcp internalhost:smtp smtp and you've got IPFIREWALL in the kernel and you're diverting packets to natd: /sbin/ipfw add 100 divert natd all from any to any via ed0 And it doesn't work? Maybe read the natd manual page to make sure you got it set up correctly. Also maybe add the -log option to see if natd is having problems. Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Oct 26 15:59:11 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA10597 for freebsd-security-outgoing; Mon, 26 Oct 1998 15:59:11 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from accessone.com (blaze.accessone.com [198.68.191.19]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA10586; Mon, 26 Oct 1998 15:59:09 -0800 (PST) (envelope-from chadth@atvideo.com) Received: from scan.atvideo.com (root@scan.atvideo.com [204.118.35.14]) by accessone.com (8.8.5/8.8.5/PIH) with ESMTP id PAA24972; Mon, 26 Oct 1998 15:58:28 -0800 (PST) Received: from chadth.atvideo.com (pip.atvideo.com [204.118.35.21]) by scan.atvideo.com (8.9.1/8.8.5) with SMTP id QAA11059; Mon, 26 Oct 1998 16:02:05 -0500 Received: by chadth.atvideo.com with Microsoft Mail id <01BE00F9.6AD9FC00@chadth.atvideo.com>; Mon, 26 Oct 1998 15:58:05 -0800 Message-ID: <01BE00F9.6AD9FC00@chadth.atvideo.com> From: Chad Thunberg To: "'Damon Hopkins'" Cc: "'freebsd-security@freebsd.org'" , "'freebsd-questions@freebsd.org'" Subject: RE: firewall + internal mail server Date: Mon, 26 Oct 1998 15:58:04 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id PAA10589 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Here are all my settings. I went over everything again and even have rc.firewall set to open so no firewalling rules would get in the way. I know natd is working properly because everything is getting out, only the firewalls ip is showing up on servers. I also made sure everything was being diverted to natd in rc.firewall. I have this in my rc.conf. Where vx0 is 204.118.35.21 natd_enable="YES" # Enable natd if firewall_enable. natd_interface="vx0" # Public interface to use with natd if natd_enable. natd_flags="-l -m -f /etc/natd.conf" # Additional flags for natd. My natd.conf looks like: #smtp redirect_port tcp 204.118.35.14:25 204.118.35.21:25 redirect_port udp 204.118.35.14:25 204.118.35.21:25 #pop3 redirect_port tcp 204.118.35.14:110 204.118.35.21:110 redirect_port udp 204.118.35.14:110 204.118.35.21:110 Where 204.118.35.14 is my mail server and 204.118.35.21 is my firewall. Both are accessible from the inet now, I would like to make this work before I put the mail server behind the firewall. Thanks, -Chad -----Original Message----- From: Damon Hopkins [SMTP:dhopkins@rtci.com] Sent: Monday, October 26, 1998 3:39 PM To: Chad Thunberg Subject: Re: firewall + internal mail server are you using a file to do this and starting natd with the -f option? I use natd -f /etc/natd.conf also you need to specify it like this redirect_port tcp inner.machine.ip:port outer.machine.ip:port redirect_port udp inner.machine.ip:port outer.machine.ip:port make sure the firewall rules state that everything needs to go through natd like this in the rc.firewall $fwcmd add divert natd all from any to any via ${oif} here is MY rc.firewall fwcmd="/sbin/ipfw" homeip="216.27.37.67" oif="ed0" onet="216.27.37.0" omask="255.255.255.128" oip="216.27.237.251" iif="ed1" inet="10.0.0.0" imask="255.255.255.0" iip="10.0.0.1" # Flush rules $fwcmd -f flush # Block stupid rwho from going out wrong port and causing log messages $fwcmd add deny udp from not ${oip} who to any who out #incase i fry natd at home allow my one machine through to telnet :) $fwcmd add pass tcp from ${homeip} to ${oip} 23 via ${oif} # Run everything through natd $fwcmd add divert natd all from any to any via ${oif} # Stop spoofing and LOG it $fwcmd add deny log all from 192.168.0.0:255.255.0.0 to any via ${oif} $fwcmd add deny log all from 172.16.0.0:255.240.0.0 to any via ${oif} $fwcmd add deny log all from 10.0.0.0:255.0.0.0 to any via ${oif} $fwcmd add deny log all from ${onet}:${imask} to any via ${iif} in # Stop LAND and LOG it $fwcmd add deny log all from ${oip} to ${oip} via ${oif} $fwcmd add deny log all from ${iip} to ${iip} via ${iif} #allow everything else $fwcmd add pass all from any to any ----------------------------------------------------- And here if my natd.conf file kinda long ----------------------------------------------------- interface ed0 unregistered_only yes same_ports yes #All ssh to inside box redirect_port tcp 10.0.0.2:22 216.27.37.251:22 redirect_port udp 10.0.0.2:22 216.27.37.251:22 redirect_port tcp 10.0.0.2:22 216.27.37.252:22 redirect_port udp 10.0.0.2:22 216.27.37.252:22 #All smtp to inside box redirect_port tcp 10.0.0.2:25 216.27.37.251:25 redirect_port udp 10.0.0.2:25 216.27.37.251:25 redirect_port tcp 10.0.0.2:25 216.27.37.252:25 redirect_port udp 10.0.0.2:25 216.27.37.252:25 #ALL pop3 to inside box redirect_port tcp 10.0.0.2:110 216.27.37.251:110 redirect_port udp 10.0.0.2:110 216.27.37.251:110 redirect_port tcp 10.0.0.2:110 216.27.37.252:110 redirect_port udp 10.0.0.2:110 216.27.37.252:110 #all imap to inside box redirect_port tcp 10.0.0.2:143 216.27.37.251:143 redirect_port udp 10.0.0.2:143 216.27.37.251:143 redirect_port tcp 10.0.0.2:143 216.27.37.252:143 redirect_port udp 10.0.0.2:143 216.27.37.252:143 #redirect telnet for oxygen.rtci.com to totally.schizo.com redirect_port tcp 10.0.0.2:23 216.27.37.252:23 redirect_port udp 10.0.0.2:23 216.27.37.252:23 #ftp for inside freebsd machine redirect_port tcp 10.0.0.2:21 216.27.37.252:21 redirect_port udp 10.0.0.2:21 216.27.37.252:21 #ftp for windows box inside nat redirect_port tcp 10.0.0.3:21 216.27.37.251:2121 redirect_port udp 10.0.0.3:21 216.27.37.251:2121 #http for totally.schizo.com (2 ip's) redirect_port tcp 10.0.0.2:80 216.27.37.251:80 redirect_port udp 10.0.0.2:80 216.27.37.251:80 redirect_port tcp 10.0.0.5:80 216.27.37.252:80 redirect_port udp 10.0.0.5:80 216.27.37.252:80 #ident for totally.schizo.com redirect_port tcp 10.0.0.2:113 216.27.37.252:113 redirect_port udp 10.0.0.2:113 216.27.37.252:113 -------------------------------------------------------- Hope this helps Damon Hopkins Chad Thunberg wrote: > > Damon, > Thank you for your response but I am unable to make this work. Do I need to set something so natd listens to port 25 and 110? I have sendmail turned off on the firewalling server so that natd can bind to that port. I tried just adding redirect_port port mail.server.ip 25 as well as your example below but still can't connect to the specified port at all. > > Thanks, > > -Chad > > -----Original Message----- > From: Damon Hopkins [SMTP:dhopkins@rtci.com] > Sent: Thursday, October 22, 1998 12:58 PM > To: Chad Thunberg > Cc: freebsd-security@FreeBSD.ORG; freebsd-questions@FreeBSD.ORG > Subject: Re: firewall + internal mail server > > I do it this way.. I don't think that the udp stuff is necessary but I > put it in there because Im to lazy to find out > > my natd.conf file > #smtp > redirect_port tcp 10.0.0.2:25 216.27.37.251:25 > redirect_port udp 10.0.0.2:25 216.27.37.251:25 > > #pop3 > redirect_port tcp 10.0.0.2:110 216.27.37.251:110 > redirect_port udp 10.0.0.2:110 216.27.37.251:110 > > #imap > redirect_port tcp 10.0.0.2:143 216.27.37.251:143 > redirect_port udp 10.0.0.2:143 216.27.37.251:143 > > Chad Thunberg wrote: > > > > I am setting up a firewall and enabled natd but have an internal mail > > server. Is there a way to still be able to access the internal mail > server > > from the outside for sending and receiving email? I thought about giving > > the firewall a vhost of mail.host.com and diverting packets that came in > > from 110 and 25 to the internal mail server but from the man pages, divert > > seems to be used for diverting packets from one port to another on the > same > > machine instead of diverting them to a new or ineternal ip. Any help on > the > > subject would be great. I would rather not put the mail server outside of > > the firewall. > > > > Thanks, > > -Chad > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Oct 26 17:18:47 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA18516 for freebsd-security-outgoing; Mon, 26 Oct 1998 17:18:47 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ns1.seidata.com (ns1.seidata.com [208.10.211.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA18486 for ; Mon, 26 Oct 1998 17:18:33 -0800 (PST) (envelope-from mike@seidata.com) From: mike@seidata.com Received: from localhost (mike@localhost) by ns1.seidata.com (8.8.8/8.8.5) with ESMTP id UAA04350; Mon, 26 Oct 1998 20:17:27 -0500 (EST) Date: Mon, 26 Oct 1998 20:17:26 -0500 (EST) To: Mike Jenkins cc: chadth@atvideo.com, freebsd-security@FreeBSD.ORG Subject: Re: FW: firewall + internal mail server In-Reply-To: <199810262340.RAA08360@carp.gbr.epa.gov> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 26 Oct 1998, Mike Jenkins wrote: Interesting that this thread is going on... I've been playing with natd myself this week. :) FWIW, some comments about my setup... I'm just experimenting with a basic straight-through setup, which will eventually expand to cover a small-ish LAN: [serverA]--x--[ipfw_nat]---[inet] 'serverA' (NT4) is connected to 'ipfw_nat' (FreeBSD 3.0-REL). The fbsd box is doing basic ipfw stuff + nat, since the 'serverA' box (and eventually the internal net) are on a dummy class (192.168.1.0). Everything must pass through the fbsd box to get to the internal server, and everything from the server must pass through the fbsd box to reach the world... the fbsd and NT boxes are attached via a de facto cross-over. serverA is 192.168.1.2 and it connects to xl1 (internal net) on the fbsd box which is 192.168.1.1. From there nat will hopefully work its magic and translate to the real IP addy associated with xl0 (external net) on the fbsd box. > So you're starting natd sort of like (minus the pop3): > /usr/sbin/natd -interface ed0 -redirect_port tcp internalhost:smtp smtp Personally, it's something like this (xl0 is my public 'world' interface): natd -f /etc/natd.conf -u -m -n xl0 /etc/natd.conf just contains: redirect_port tcp 192.168.1.2:21 21 redirect_port tcp 192.168.1.2:80 80 As you can see, I'm only interested in letting ftp and http traffic hit the internal server. I'm not running ftpd or httpd on the fbsd box, so the ports are open... and the ports are allowing 'pass' to the internal box from the host I'm testing from... > and you've got IPFIREWALL in the kernel and you're diverting packets to natd: The relevant options entries from my kernel config are: options IPFIREWALL options IPDIVERT > /sbin/ipfw add 100 divert natd all from any to any via ed0 Yes, I'm just using the 'simple' firewall config from rc.firewall, with a few modifications (which will be removed when I'm done testing)... rc.firewall adds this automatically if natd is setup. > And it doesn't work? Nope... attempts to ftp to the internal box from 'outside' just results in a long pause followed by an 'operation timed out' message. > Maybe read the natd manual page to make sure you got it set up > correctly. Also maybe add the -log option to see if natd is having > problems. I have... I've been staring at it for a few hours now - maybe that's my problem. You know how managemnet is... 'We need a firewall for x number of hosts - as cheaply as possible... today.' ;P Of course I know I've fumble-fingered something... somewhere. I just happened to check my mail and, since this thread was already going on, I figured I'd detail my setup (maybe someone can help me, or maybe this will help someone else). Later, -mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Oct 26 17:30:16 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA19972 for freebsd-security-outgoing; Mon, 26 Oct 1998 17:30:16 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from accessone.com (blaze.accessone.com [198.68.191.19]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA19965; Mon, 26 Oct 1998 17:30:14 -0800 (PST) (envelope-from chadth@atvideo.com) Received: from scan.atvideo.com (root@scan.atvideo.com [204.118.35.14]) by accessone.com (8.8.5/8.8.5/PIH) with ESMTP id RAA22469; Mon, 26 Oct 1998 17:29:37 -0800 (PST) Received: from chadth.atvideo.com (pip.atvideo.com [204.118.35.21]) by scan.atvideo.com (8.9.1/8.8.5) with SMTP id SAA00641; Mon, 26 Oct 1998 18:33:23 -0500 Received: by chadth.atvideo.com with Microsoft Mail id <01BE0106.268DEEA0@chadth.atvideo.com>; Mon, 26 Oct 1998 17:29:14 -0800 Message-ID: <01BE0106.268DEEA0@chadth.atvideo.com> From: Chad Thunberg To: "'freebsd-security@freebsd.org'" , "'freebsd-questions@freebsd.org'" Subject: RE: firewall + internal mail server Date: Mon, 26 Oct 1998 17:29:13 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id RAA19966 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org It appears that if I kill -9 natd then enter "natd -interface vx0 -redirect_port tcp 204.118.35.14:25 25 -m" at the shell prompt, everything works. I now need to track down why this is happening. : ) -Chad To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Oct 26 18:32:02 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA26204 for freebsd-security-outgoing; Mon, 26 Oct 1998 18:32:02 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ns1.seidata.com (ns1.seidata.com [208.10.211.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA26170 for ; Mon, 26 Oct 1998 18:31:54 -0800 (PST) (envelope-from mike@seidata.com) From: mike@seidata.com Received: from localhost (mike@localhost) by ns1.seidata.com (8.8.8/8.8.5) with ESMTP id VAA23161; Mon, 26 Oct 1998 21:30:00 -0500 (EST) Date: Mon, 26 Oct 1998 21:30:00 -0500 (EST) To: Mike Jenkins cc: chadth@atvideo.com, freebsd-security@FreeBSD.ORG Subject: Re: FW: firewall + internal mail server In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 26 Oct 1998 mike@seidata.com wrote: > Interesting that this thread is going on... I've been playing with > natd myself this week. :) [snip] Disregard... I putzed around a bit more and things work now... ahh, the wonders of RTFM - and email. ;) Funny thing is I don't think I really changed anything other than the layout or arrangement of where/how/when options are called by natd. Now to tweak the firewall rules to allow only necessary services. Later, -mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Oct 26 22:47:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id WAA17868 for freebsd-security-outgoing; Mon, 26 Oct 1998 22:47:37 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ns.itep.ru (ns.itep.ru [193.124.224.35]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA17863 for ; Mon, 26 Oct 1998 22:47:34 -0800 (PST) (envelope-from Fedor.Gubarev@itep.ru) Received: from raven.itep.ru (raven.itep.ru [193.124.227.26]) by ns.itep.ru (8.8.5-MVC-ITEP-100697/8.8.5) with ESMTP id KAA15573 for ; Tue, 27 Oct 1998 10:47:16 +0300 (GMT+0300) Received: from localhost (gubarev@localhost) by raven.itep.ru (8.8.8/8.8.8) with SMTP id JAA03652 for ; Tue, 27 Oct 1998 09:46:18 +0300 (MSK) (envelope-from Fedor.Gubarev@itep.ru) X-Authentication-Warning: raven.itep.ru: gubarev owned process doing -bs Date: Tue, 27 Oct 1998 09:46:18 +0300 (MSK) From: Fedor Gubarev X-Sender: gubarev@raven.itep.ru Reply-To: Fedor Gubarev To: freebsd-security@FreeBSD.ORG Subject: Re: nestea v2 against freebsd 3.0-Release In-Reply-To: <4.1.19981023093637.00af1df0@adm.ujf-grenoble.fr> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I wonder why there is no response at all on this mail. It seems a little bit surprising at least..... On Fri, 23 Oct 1998, Gilles Bruno wrote: > Hi everyone, > we tested yesterday the old nestea v2 against a brand new > 3.0-Release : it has prooved to be effective against it > (the box rebooted - invalid page fault while in kernel > mode). The same test against 2.2.[6,7]-Release didn't harm > at all. > > Am I missing something ? some sysctl ? a special kernel config ? > > Let us know... > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 00:22:28 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA24744 for freebsd-security-outgoing; Tue, 27 Oct 1998 00:22:28 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from adelphi.physics.adelaide.edu.au (adelphi.physics.adelaide.edu.au [129.127.36.247]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA24739 for ; Tue, 27 Oct 1998 00:22:25 -0800 (PST) (envelope-from kkennawa@physics.adelaide.edu.au) Received: from mercury (mercury [129.127.36.44]) by adelphi.physics.adelaide.edu.au (8.8.8/8.8.8/UofA-1.5) with SMTP id SAA01732; Tue, 27 Oct 1998 18:51:45 +1030 (CST) Received: from localhost by mercury; (5.65v3.2/1.1.8.2/27Nov97-0404PM) id AA12217; Tue, 27 Oct 1998 18:51:44 +1030 Date: Tue, 27 Oct 1998 18:51:44 +1030 (CST) From: Kris Kennaway To: Fedor Gubarev Cc: freebsd-security@FreeBSD.ORG Subject: Re: nestea v2 against freebsd 3.0-Release In-Reply-To: Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 27 Oct 1998, Fedor Gubarev wrote: > I wonder why there is no response at all on this mail. > It seems a little bit surprising at least..... I forwarded your mail to -current the other day after I verified the problem, since thats where most of the developers hang out, and the answer is that it's a bug for which a patch is under consideration for committing (unless I misunderstood Don Lewis's message, it's a legitimate vulnerability in the networking code). Presumably a security advisory will be issued once the fix is available and tested. If you need to patch this immediately, I can forward you a copy of the latest proposed patch I've seen, which might however have other unforseen consequences (i.e. it's not "official"). Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 00:38:56 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA26703 for freebsd-security-outgoing; Tue, 27 Oct 1998 00:38:56 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA26698 for ; Tue, 27 Oct 1998 00:38:55 -0800 (PST) (envelope-from gdonl@tsc.tdk.com) Received: from sunrise.gv.tsc.tdk.com (root@sunrise.gv.tsc.tdk.com [192.168.241.191]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id AAA22182; Tue, 27 Oct 1998 00:33:33 -0800 (PST) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by sunrise.gv.tsc.tdk.com (8.8.5/8.8.5) with ESMTP id AAA16619; Tue, 27 Oct 1998 00:33:32 -0800 (PST) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id AAA01115; Tue, 27 Oct 1998 00:33:30 -0800 (PST) From: Don Lewis Message-Id: <199810270833.AAA01115@salsa.gv.tsc.tdk.com> Date: Tue, 27 Oct 1998 00:33:30 -0800 In-Reply-To: Fedor Gubarev "Re: nestea v2 against freebsd 3.0-Release" (Oct 27, 9:46am) X-Mailer: Mail User's Shell (7.2.6 alpha(3) 7/19/95) To: Fedor Gubarev , freebsd-security@FreeBSD.ORG Subject: Re: nestea v2 against freebsd 3.0-Release Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Oct 27, 9:46am, Fedor Gubarev wrote: } Subject: Re: nestea v2 against freebsd 3.0-Release } } I wonder why there is no response at all on this mail. } It seems a little bit surprising at least..... I posted a couple of potential patches for this to the -current list about 24 and 48 hours ago. The following is the first patch (the second has the same fix plus some optimization). --- ip_input.c.orig Fri Oct 23 02:17:19 1998 +++ ip_input.c Sun Oct 25 01:50:20 1998 @@ -750,7 +750,7 @@ * if they are completely covered, dequeue them. */ for (; q != NULL && ip->ip_off + ip->ip_len > GETIP(q)->ip_off; - p = q, q = nq) { + q = nq) { i = (ip->ip_off + ip->ip_len) - GETIP(q)->ip_off; if (i < GETIP(q)->ip_len) { } On Fri, 23 Oct 1998, Gilles Bruno } wrote: } } > Hi everyone, } > we tested yesterday the old nestea v2 against a brand new } > 3.0-Release : it has prooved to be effective against it } > (the box rebooted - invalid page fault while in kernel } > mode). The same test against 2.2.[6,7]-Release didn't harm } > at all. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 14:28:32 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA02498 for freebsd-security-outgoing; Tue, 27 Oct 1998 14:28:32 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ms13.url.com.tw (gemini.accton.com.tw [210.68.148.7]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id OAA02483 for ; Tue, 27 Oct 1998 14:28:30 -0800 (PST) (envelope-from willer@ms13.url.com.tw) Date: Tue, 27 Oct 1998 14:28:30 -0800 (PST) Received: from willer ([202.145.254.42]) by AccSMTP/NT 2.5 (210.68.148.49) [210.68.148.49]; Wed, 28 Oct 1998 03:44:28 +0800 Message-ID: <009b01be01e2$51523010$8eab91ca@willer.willer.net> From: "willer" To: Subject: =?big5?B?sXqkQKl3rW6lzsD0q0+lUrlxuXGmwA==?= MIME-Version: 1.0 Content-Type: text/plain; charset="big5" X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by hub.freebsd.org id OAA02488 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ¥DÃD ·R¥xÆW ±z¤@©w­n¥ÎÀô«O¥R¹q¹q¦À ¦U Ãþ ¤T¸¹¹q¦À¤ñ¸û ¹q¦À¯S©Ê Àô«OÆP©Ê¹q¦À ´¶³q¹q¦À ÂìÂð¹q¦À Àô«O Âì ²B¹q¦À ¥i¥R¹q¦¸¼Æ ¹s¦¸ ¹s¦¸ ¬ù¤@¨Õ¦¸ ¤j©ó¤­¨Õ¦¸ §t­«ª÷ÄݦìV·½ µL µL §tÂ𭫪÷ÄÝ µL °ª¯Ó¹q¨Ï¥Î ¾A¦X ¤£¾A¦X ¾A¦X ¾A¦X °ª«ù¤[©Ê ¬O §_ §_ ¬O ¥R¹q°O¾Ð©Ê -- -- ¦³ ¦³ ¦pªG±z·R¥xÆW³o¶ô¤j¦a ½Ð±z¨Ï¥ÎµL¦¾¬VÂì²BÀô«O¥R¹q¹q¦À ¦³¥R¹q°O¾Ð©Êªº¹q¦À ¸ûµLªkµo´§¹q¤O ¥²»Ý§¹¥þ©ñ¹q«á¤~¯à¥R¹q ´ö²L¤T¸¹©Î ¥|¸¹µL¦¾¬VÂì²BÀô«O¥R¹q¹q¦À ºô¸ô°â»ù 99 ¤¸ YUASA NiMH AA or AAA type, NTD 99 Each ´ö²L ª¾¼z«¬¥R¹q¾¹ ? ºô¸ô°â»ù 399 ¤¸ YUASA Recharger of NiMH, NTD 399 Tel: (03)3278012 BBC: 060224189-099 Mobile: 0933926100 Miss Eileen Lin ªL¤p©j To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 14:51:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA05110 for freebsd-security-outgoing; Tue, 27 Oct 1998 14:51:20 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ms13.url.com.tw (gemini.accton.com.tw [210.68.148.7]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id OAA05102 for ; Tue, 27 Oct 1998 14:51:17 -0800 (PST) (envelope-from willer@ms13.url.com.tw) Date: Tue, 27 Oct 1998 14:51:17 -0800 (PST) Received: from willer ([202.145.254.42]) by AccSMTP/NT 2.5 (210.68.148.49) [210.68.148.49]; Wed, 28 Oct 1998 03:44:53 +0800 Message-ID: <017001be01e2$609ea940$8eab91ca@willer.willer.net> To: From: "willer" Subject: =?big5?B?sXqkQKl3rW6lzsD0q0+lUrlxuXGmwA==?= MIME-Version: 1.0 Content-Type: text/plain; charset="big5" X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by hub.freebsd.org id OAA05105 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ¥DÃD ·R¥xÆW ±z¤@©w­n¥ÎÀô«O¥R¹q¹q¦À ¦U Ãþ ¤T¸¹¹q¦À¤ñ¸û ¹q¦À¯S©Ê Àô«OÆP©Ê¹q¦À ´¶³q¹q¦À ÂìÂð¹q¦À Àô«O Âì ²B¹q¦À ¥i¥R¹q¦¸¼Æ ¹s¦¸ ¹s¦¸ ¬ù¤@¨Õ¦¸ ¤j©ó¤­¨Õ¦¸ §t­«ª÷ÄݦìV·½ µL µL §tÂ𭫪÷ÄÝ µL °ª¯Ó¹q¨Ï¥Î ¾A¦X ¤£¾A¦X ¾A¦X ¾A¦X °ª«ù¤[©Ê ¬O §_ §_ ¬O ¥R¹q°O¾Ð©Ê -- -- ¦³ ¦³ ¦pªG±z·R¥xÆW³o¶ô¤j¦a ½Ð±z¨Ï¥ÎµL¦¾¬VÂì²BÀô«O¥R¹q¹q¦À ¦³¥R¹q°O¾Ð©Êªº¹q¦À ¸ûµLªkµo´§¹q¤O ¥²»Ý§¹¥þ©ñ¹q«á¤~¯à¥R¹q ´ö²L¤T¸¹©Î ¥|¸¹µL¦¾¬VÂì²BÀô«O¥R¹q¹q¦À ºô¸ô°â»ù 99 ¤¸ YUASA NiMH AA or AAA type, NTD 99 Each ´ö²L ª¾¼z«¬¥R¹q¾¹ ? ºô¸ô°â»ù 399 ¤¸ YUASA Recharger of NiMH, NTD 399 Tel: (03)3278012 BBC: 060224189-099 Mobile: 0933926100 Miss Eileen Lin ªL¤p©j To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 14:57:31 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA06510 for freebsd-security-outgoing; Tue, 27 Oct 1998 14:57:31 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from firestorm.exit109.com (firestorm.exit109.com [208.225.64.14]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA06500 for ; Tue, 27 Oct 1998 14:57:29 -0800 (PST) (envelope-from chris@exit109.com) Received: from localhost (chris@localhost) by firestorm.exit109.com (8.8.8/8.8.8) with SMTP id RAA13467; Tue, 27 Oct 1998 17:56:47 -0500 (EST) Date: Tue, 27 Oct 1998 17:56:47 -0500 (EST) From: Chris To: willer cc: freebsd-security@FreeBSD.ORG Subject: Re: =?big5?B?sXqkQKl3rW6lzsD0q0+lUrlxuXGmwA==?= In-Reply-To: <017001be01e2$609ea940$8eab91ca@willer.willer.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org willer- I cant read taiwanese and im sure a lot of people cant either... heh. -------------------------------- Chris O'Hara Network/Systems Administration ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Atlantic Internet Technologies 628 Shrewsbury Av. Red Bank, NJ 07701 Web Hosting/Design, Dialup, Co-Location http://www.exit109.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 15:18:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA09612 for freebsd-security-outgoing; Tue, 27 Oct 1998 15:18:20 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from kerouac.deepwell.com (deepwell.com [209.63.174.12]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id PAA09607 for ; Tue, 27 Oct 1998 15:18:18 -0800 (PST) (envelope-from freebsd@deepwell.com) Received: (qmail 5339 invoked from network); 27 Oct 1998 23:43:21 -0000 Received: from terry.dcomm.net (HELO terry) (209.63.174.33) by deepwell.com with SMTP; 27 Oct 1998 23:43:21 -0000 Message-Id: <4.1.0.67.19981027151534.00a3e2c0@mail1.dcomm.net> X-Sender: freebsd@mail.deepwell.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1.0.67 (Beta) Date: Tue, 27 Oct 1998 15:16:37 -0700 To: freebsd-security@FreeBSD.ORG From: Deepwell Internet Subject: Re: =?big5?B?sXqkQKl3rW6lzsD0q0+lUrlxuXGmwA==?= In-Reply-To: <009b01be01e2$51523010$8eab91ca@willer.willer.net> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id PAA09608 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I disagree wholehartedly. At 02:28 PM 10/27/98 -0800, you wrote: >¥DÃD ·R¥xÆW ±z¤@©w­n¥ÎÀô«O¥R¹q¹q¦À > >¦U Ãþ ¤T¸¹¹q¦À¤ñ¸û > >¹q¦À¯S©Ê Àô«OÆP©Ê¹q¦À ´¶³q¹q¦À ÂìÂð¹q¦À Àô«O Âì ²B¹q¦À >¥i¥R¹q¦¸¼Æ ¹s¦¸ ¹s¦¸ ¬ù¤@¨Õ¦¸ ¤j©ó¤­¨Õ¦¸ >§t­«ªÄݦìV·½ µL µL §tÂ𭫪ÄÝ µL >°ª¯Ó¹q¨Ï¥Î ¾A¦X ¤£¾A¦X ¾A¦X ¾A¦X >°ª«ù¤[©Ê ¬O §_ §_ ¬O >¥R¹q°O¾Ð©Ê -- -- ¦³ ¦³ > >¦pªG±z·R¥xÆW³o¶ô¤j¦a ½Ð±z¨Ï¥ÎµL¦¾¬VÂì²BÀô«O¥R¹q¹q¦À > >¦³¥R¹q°O¾Ð©Êªº¹q¦À ¸ûµLªkµo´§¹q¤O ¥²»Ý§¹¥þ©ñ¹q«á¤~¯à¥R¹q > >´ö²L¤T¸¹©Î ¥|¸¹µL¦¾¬VÂì²BÀô«O¥R¹q¹q¦À ºô¸ô°â»ù 99 ¤¸ YUASA NiMH AA or AAA >type, NTD 99 Each > >´ö²L ª¾¼z«¬¥R¹q¾¹ ? ºô¸ô°â»ù 399 ¤¸ YUASA Recharger of NiMH, NTD 399 > >Tel: (03)3278012 >BBC: 060224189-099 >Mobile: 0933926100 > >Miss Eileen Lin ªL¤p©j > > > > > > > > > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 15:27:46 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA10886 for freebsd-security-outgoing; Tue, 27 Oct 1998 15:27:46 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from Gatekeeper.Alameda.net (gatekeeper.Alameda.net [207.90.181.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA10881 for ; Tue, 27 Oct 1998 15:27:43 -0800 (PST) (envelope-from ulf@Gatekeeper.Alameda.net) Received: by Gatekeeper.Alameda.net (8.8.8/8.8.6) id PAA07330; Tue, 27 Oct 1998 15:27:03 -0800 (PST) Message-ID: <19981027152703.B6883@Alameda.net> Date: Tue, 27 Oct 1998 15:27:03 -0800 From: Ulf Zimmermann To: Chris , willer Cc: freebsd-security@FreeBSD.ORG Subject: Re: =?iso-8859-1?Q?=B1z=A4=40=A9w=ADn=A5=CE=C0=F4=ABO=A5R=B9q=B9q=A6=C0?= Reply-To: ulf@Alameda.net References: <017001be01e2$609ea940$8eab91ca@willer.willer.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.91.1i In-Reply-To: ; from Chris on Tue, Oct 27, 1998 at 05:56:47PM -0500 Organization: Alameda Networks, Inc. X-Operating-System: FreeBSD 2.2.6-STABLE Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I can't read it either, but I think it is spam. Showed up on several lists and seems to be the same everytime. On Tue, Oct 27, 1998 at 05:56:47PM -0500, Chris wrote: > willer- > > I cant read taiwanese and im sure a lot of people cant either... heh. > > -------------------------------- > Chris O'Hara > Network/Systems Administration > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Atlantic Internet Technologies > 628 Shrewsbury Av. > Red Bank, NJ 07701 > > Web Hosting/Design, Dialup, Co-Location > http://www.exit109.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Regards, Ulf. --------------------------------------------------------------------- Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-769-2936 Alameda Networks, Inc. | http://www.Alameda.net | Fax#: 510-521-5073 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 15:34:38 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA12077 for freebsd-security-outgoing; Tue, 27 Oct 1998 15:34:38 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from hack.dyn.ml.org (port10.dialC2.fullwave.net [207.198.136.105]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA12070; Tue, 27 Oct 1998 15:34:32 -0800 (PST) (envelope-from pal@PaLaDiN7.dyn.ml.oRg) Received: from localhost (localhost [127.0.0.1]) by hack.dyn.ml.org (8.9.1/8.9.1) with ESMTP id SAA01393; Tue, 27 Oct 1998 18:33:50 -0500 (EST) (envelope-from pal@PaLaDiN7.dyn.ml.oRg) Date: Tue, 27 Oct 1998 18:33:49 -0500 (EST) From: pal X-Sender: pal@hack.dyn.ml.org To: questions@FreeBSD.ORG cc: freebsd-security@FreeBSD.ORG Subject: FreeBSD & NTFS? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org hi Is there a way to read NTFS (v.4) partition from FreeBSD? thanx, pal To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 15:43:34 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA13421 for freebsd-security-outgoing; Tue, 27 Oct 1998 15:43:34 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from aniwa.sky (aniwa.actrix.gen.nz [203.96.56.186]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA13401 for ; Tue, 27 Oct 1998 15:43:23 -0800 (PST) (envelope-from andrew@squiz.co.nz) Received: from localhost (andrew@localhost) by aniwa.sky (8.8.8/8.8.7) with SMTP id MAA08581; Wed, 28 Oct 1998 12:41:35 +1300 (NZDT) (envelope-from andrew@squiz.co.nz) Date: Wed, 28 Oct 1998 12:41:35 +1300 (NZDT) From: Andrew McNaughton X-Sender: andrew@aniwa.sky Reply-To: andrew@squiz.co.nz To: Chris cc: willer , freebsd-security@FreeBSD.ORG Subject: Re: =?big5?B?sXqkQKl3rW6lzsD0q0+lUrlxuXGmwA==?= In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by hub.freebsd.org id PAA13411 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 27 Oct 1998, Chris wrote: > Date: Tue, 27 Oct 1998 17:56:47 -0500 (EST) > From: Chris > To: willer > Cc: freebsd-security@FreeBSD.ORG > Subject: Re: [big5] ±z¤@©w­n¥ÎÀô«O¥R¹q¹q¦À > > willer- > > I cant read taiwanese and im sure a lot of people cant either... heh. > > -------------------------------- > Chris O'Hara > Network/Systems Administration > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Then again, a lot of people don't read english. FreeBSD seems to have a significant effort going on to support a variety of languages in the OS. >From http://www.freebsd.org/support.html: Several non-English mailing lists are also available: Czech -- majordomo@freebsd.cz German -- majordomo@de.freebsd.org. French -- majordomo@freebsd.francenet.fr or WWWW. Hungarian -- majordomo@hu.freebsd.org Japanese -- majordomo@jp.freebsd.org Polish -- majordomo@pap.waw.pl Portuguese -- WWW or listproc@br.freebsd.org Slovakian -- majordomo@sk.freebsd.org Spanish -- majordomo@es.freebsd.org So where does one go I wonder with a security issue if one speaks taiwanese but not english? Andrew McNaughton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 16:56:05 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA24956 for freebsd-security-outgoing; Tue, 27 Oct 1998 16:56:05 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA24951 for ; Tue, 27 Oct 1998 16:56:03 -0800 (PST) (envelope-from brett@lariat.org) Received: (from brett@localhost) by lariat.lariat.org (8.8.8/8.8.6) id RAA17854; Tue, 27 Oct 1998 17:55:23 -0700 (MST) Message-Id: <4.1.19981027175358.0673a3c0@127.0.0.1> X-Sender: brett@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Tue, 27 Oct 1998 17:55:17 -0700 To: freebsd-security@FreeBSD.ORG From: Brett Glass Subject: Re: =?big5?B?sXqkQKl3rW6lzsD0q0+lUrlxuXGmwA==?= In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Why am I getting this blorghnurphing frobnicating glumbphschnitzel? --Brett Glass To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 17:28:04 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA28465 for freebsd-security-outgoing; Tue, 27 Oct 1998 17:28:04 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from gjp.erols.com (alex-va-n008c079.moon.jic.com [206.156.18.89]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA28456 for ; Tue, 27 Oct 1998 17:28:02 -0800 (PST) (envelope-from gjp@gjp.erols.com) Received: from gjp.erols.com (gjp@localhost.erols.com [127.0.0.1]) by gjp.erols.com (8.9.1/8.8.7) with ESMTP id UAA08090; Tue, 27 Oct 1998 20:27:11 -0500 (EST) (envelope-from gjp@gjp.erols.com) To: Brett Glass cc: freebsd-security@FreeBSD.ORG From: "Gary Palmer" Subject: Re: =?big5?B?sXqkQKl3rW6lzsD0q0+lUrlxuXGmwA==?= In-reply-to: Your message of "Tue, 27 Oct 1998 17:55:17 MST." <4.1.19981027175358.0673a3c0@127.0.0.1> Date: Tue, 27 Oct 1998 20:27:11 -0500 Message-ID: <8086.909538031@gjp.erols.com> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Brett Glass wrote in message ID <4.1.19981027175358.0673a3c0@127.0.0.1>: > Why am I getting this blorghnurphing frobnicating glumbphschnitzel? I think because a foreign spammer has gotten a hold of a few freebsd lists. Its not the first time that non-english spam has hit us. Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 17:55:34 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA01951 for freebsd-security-outgoing; Tue, 27 Oct 1998 17:55:34 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from time.cdrom.com (time.cdrom.com [204.216.27.226]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA01946 for ; Tue, 27 Oct 1998 17:55:33 -0800 (PST) (envelope-from jkh@time.cdrom.com) Received: from time.cdrom.com (jkh@localhost.cdrom.com [127.0.0.1]) by time.cdrom.com (8.8.8/8.8.8) with ESMTP id RAA22499; Tue, 27 Oct 1998 17:54:40 -0800 (PST) (envelope-from jkh@time.cdrom.com) To: andrew@squiz.co.nz cc: Chris , willer , freebsd-security@FreeBSD.ORG Subject: Re: =?big5?B?sXqkQKl3rW6lzsD0q0+lUrlxuXGmwA==?= In-reply-to: Your message of "Wed, 28 Oct 1998 12:41:35 +1300." Date: Tue, 27 Oct 1998 17:54:40 -0800 Message-ID: <22495.909539680@time.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > So where does one go I wonder with a security issue if one speaks > taiwanese but not english? Nowhere. There aren't any Taiwanese mailing lists hosted at freebsd.org and I don't know of any in Taiwan. If someone there wishes to rectify that, I'm sure it would be appreciated by the local market. In the meantime, however, sending such messages to freebsd-security is not an appropriate stopgap solution. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 18:41:17 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA07536 for freebsd-security-outgoing; Tue, 27 Oct 1998 18:41:17 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from xylan.com (postal.xylan.com [208.8.0.248]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA07528 for ; Tue, 27 Oct 1998 18:41:14 -0800 (PST) (envelope-from wes@softweyr.com) Received: from mailhub.xylan.com by xylan.com (8.8.7/SMI-SVR4 (xylan-mgw 2.2 [OUT])) id SAA17369; Tue, 27 Oct 1998 18:39:41 -0800 (PST) Received: from utah.XYLAN.COM by mailhub.xylan.com (SMI-8.6/SMI-SVR4 (mailhub 2.1 [HUB])) id SAA20039; Tue, 27 Oct 1998 18:39:41 -0800 Received: from softweyr.com by utah.XYLAN.COM (SMI-8.6/SMI-SVR4 (xylan utah [SPOOL])) id TAA08706; Tue, 27 Oct 1998 19:39:40 -0700 Message-ID: <363683EC.DFAC5A23@softweyr.com> Date: Tue, 27 Oct 1998 19:39:40 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.5 [en] (X11; I; FreeBSD 2.2.6-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: andrew@squiz.co.nz CC: freebsd-security@FreeBSD.ORG Subject: Re: =?iso-8859-1?Q?=B1z=A4=40=A9w=ADn=A5=CE=C0=F4=ABO=A5R=B9q=B9q=A6=C0?= References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Andrew McNaughton wrote: > > Several non-English mailing lists are also available: > > Czech -- majordomo@freebsd.cz > German -- majordomo@de.freebsd.org. > French -- majordomo@freebsd.francenet.fr or WWWW. > Hungarian -- majordomo@hu.freebsd.org > Japanese -- majordomo@jp.freebsd.org > Polish -- majordomo@pap.waw.pl > Portuguese -- WWW or listproc@br.freebsd.org > Slovakian -- majordomo@sk.freebsd.org > Spanish -- majordomo@es.freebsd.org > > So where does one go I wonder with a security issue if one speaks > taiwanese but not english? Andrew raises a valid question here. Ideally, we'd have an assistant, or "national" security officer for each of the "officially" supported languages, who can also communicate effectively in (written, at least) english. So, which languages are you going to step up to support, Andrew? I can probably track down (non-technical) speakers of both Ute and Navajo, and possibly Shoshone if I'm willing to drive a bit. I can also translate into "sailor speak." If you don't know what that is, consider yourself lucky. Or read Mr. Buffett's new book, "A Pirate Looks at Fifty." (That'd be Jimmy, not Warren. ;^) -- Where am I, and what am I doing in this handbasket? Wes Peters aka "Barnacle Wes" +1.801.915.2061 Softweyr LLC wes@softweyr.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 19:02:35 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA09574 for freebsd-security-outgoing; Tue, 27 Oct 1998 19:02:35 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from aniwa.sky (aniwa.actrix.gen.nz [203.96.56.186]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA09568 for ; Tue, 27 Oct 1998 19:02:29 -0800 (PST) (envelope-from andrew@squiz.co.nz) Received: from localhost (andrew@localhost) by aniwa.sky (8.8.8/8.8.7) with SMTP id QAA10573; Wed, 28 Oct 1998 16:00:52 +1300 (NZDT) (envelope-from andrew@squiz.co.nz) Date: Wed, 28 Oct 1998 16:00:52 +1300 (NZDT) From: Andrew McNaughton X-Sender: andrew@aniwa.sky Reply-To: andrew@squiz.co.nz To: Wes Peters cc: freebsd-security@FreeBSD.ORG Subject: Re: =?iso-8859-1?Q?=B1z=A4=40=A9w=ADn=A5=CE=C0=F4=ABO=A5R=B9q=B9q= A6=C0?= In-Reply-To: <363683EC.DFAC5A23@softweyr.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 27 Oct 1998, Wes Peters wrote: > Andrew McNaughton wrote: > > > So where does one go I wonder with a security issue if one speaks > > taiwanese but not english? > > Andrew raises a valid question here. Ideally, we'd have an assistant, > or "national" security officer for each of the "officially" supported > languages, who can also communicate effectively in (written, at least) > english. > > So, which languages are you going to step up to support, Andrew? I don't understand more than a smattering of any non-programming languages other than English. It would be nice to have contact people for various languages, but this would never be comprehensive. Personally though I think if it's important it's better posted in a language most don't understand than not posted at all. If it's important then there's a fair chance someone will translate it for the benefit of others. Any mailing list I read is going to carry some proportion of stuff which for one reason or another I don't understand. I don't see that flaming the authors of those posts as being an appropriate response. That goes doubly for sending the flames to the list. The flames bugged me a lot more than the original post, and there were many more of them. Andrew McNaughton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 19:13:08 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA10889 for freebsd-security-outgoing; Tue, 27 Oct 1998 19:13:08 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mail.dynamite.com.au (mail.dynamite.com.au [203.17.154.40]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA10883 for ; Tue, 27 Oct 1998 19:13:06 -0800 (PST) (envelope-from jseng@pobox.org.sg) Received: from moebius (isp92.unl.can.dynamite.com.au [203.37.26.96]) by mail.dynamite.com.au (8.8.5/8.8.5) with SMTP id OAA01322; Wed, 28 Oct 1998 14:14:15 +1100 Message-Id: <3.0.32.19981028141343.006c9210@student.anu.edu.au> X-Sender: s3080696@student.anu.edu.au X-Mailer: Windows Eudora Pro Version 3.0 (32) Date: Wed, 28 Oct 1998 14:13:49 +1100 To: "Jordan K. Hubbard" , andrew@squiz.co.nz From: James Seng Subject: Re: =?big5?B?sXqkQKl3rW6lzsD0q0+lUrlxuXGmwA==?= Cc: Chris , willer , freebsd-security@FreeBSD.ORG Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 05:54 PM 10/27/98 -0800, Jordan K. Hubbard wrote: >> So where does one go I wonder with a security issue if one speaks >> taiwanese but not english? >Nowhere. There aren't any Taiwanese mailing lists hosted at >freebsd.org and I don't know of any in Taiwan. If someone there >wishes to rectify that, I'm sure it would be appreciated by the local >market. In the meantime, however, sending such messages to >freebsd-security is not an appropriate stopgap solution. Taiwanese is a 'local dialect' of Chinese which isnt widespread. The mail is actually in Chinese using BIG5 encoding. However, trust me there is nothing related to FreeBSD in it (unless FreeBSD have to support enviromental-safe batteries *8P). It is nothing more than a spam. -James Seng To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 19:24:00 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA11922 for freebsd-security-outgoing; Tue, 27 Oct 1998 19:24:00 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mcfeely.interaccess.com (mcfeely.interaccess.com [207.70.126.131]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA11917 for ; Tue, 27 Oct 1998 19:23:58 -0800 (PST) (envelope-from ras@interaccess.com) Received: from wildrock (d91.tp.interaccess.com [199.88.134.91]) by mcfeely.interaccess.com (8.9.0/8.9.0) with SMTP id VAA16784; Tue, 27 Oct 1998 21:22:48 -0600 (CST) From: "Chris Silva" To: , "'Wes Peters'" Cc: Subject: =?windows-1252?B?UkU6ILF6pECpd61upc7A9KtPpVK5cblxpsA=?= Date: Tue, 27 Oct 1998 21:25:08 -0600 Message-ID: <000001be0222$90b53190$0100000a@wildrock.interaccess.com> MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2377.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 In-reply-to: Importance: Normal Disposition-Notification-To: "Chris Silva" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Umm, well - lets look at thin in another light. English *is* the international spoken word. So it seems to be fitting. I myself would like to see this thread die. So let's please consider what this list means to us - and to the ones that really want to learn to secure FBSD. Just my pennt and a half... - -----Original Message----- From: owner-freebsd-security@FreeBSD.ORG [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Andrew McNaughton Sent: Tuesday, October 27, 1998 9:01 PM To: Wes Peters Cc: freebsd-security@FreeBSD.ORG Subject: Re: ±z¤@©w­n¥ÎÀô«O¥R¹q¹q¦À On Tue, 27 Oct 1998, Wes Peters wrote: > Andrew McNaughton wrote: > > > So where does one go I wonder with a security issue if one speaks > > taiwanese but not english? > > Andrew raises a valid question here. Ideally, we'd have an assistant, > or "national" security officer for each of the "officially" supported > languages, who can also communicate effectively in (written, at least) > english. > > So, which languages are you going to step up to support, Andrew? I don't understand more than a smattering of any non-programming languages other than English. It would be nice to have contact people for various languages, but this would never be comprehensive. Personally though I think if it's important it's better posted in a language most don't understand than not posted at all. If it's important then there's a fair chance someone will translate it for the benefit of others. Any mailing list I read is going to carry some proportion of stuff which for one reason or another I don't understand. I don't see that flaming the authors of those posts as being an appropriate response. That goes doubly for sending the flames to the list. The flames bugged me a lot more than the original post, and there were many more of them. Andrew McNaughton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.0 Comment: Out of NT, over the ISDN link, via my ISP - Nuthin' but net! iQA/AwUBNjaOlC1lXdbofSOaEQJqLQCePv052wmjG4iZsxeyn5m/RHFa6joAoKOt 88jbueAxkTm/YHBieXRaGtIV =Ad/V -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 22:55:45 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id WAA26144 for freebsd-security-outgoing; Tue, 27 Oct 1998 22:55:45 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from peak.mountin.net (peak.mountin.net [207.227.119.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA26139 for ; Tue, 27 Oct 1998 22:55:43 -0800 (PST) (envelope-from jeff-ml@mountin.net) Received: (from daemon@localhost) by peak.mountin.net (8.9.1/8.9.1) id AAA20317; Wed, 28 Oct 1998 00:55:13 -0600 (CST) Received: from aridius-96.isdn.mke.execpc.com(169.207.66.223) by peak.mountin.net via smap (V1.3) id sma020312; Wed Oct 28 00:54:49 1998 Message-Id: <3.0.3.32.19981028005438.00fd188c@207.227.119.2> X-Sender: jeff-ml@207.227.119.2 X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Wed, 28 Oct 1998 00:54:38 -0600 To: "Chris Silva" From: "Jeffrey J. Mountin" Subject: Re: speaking of irritating mail (was =?windows-1252?B?UkU6ILF6pECpd61upc7A9KtPpVK5cblxpsA=?=) Cc: In-Reply-To: <000001be0222$90b53190$0100000a@wildrock.interaccess.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 09:25 PM 10/27/98 -0600, Chris Silva wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Umm, well - lets look at thin in another light. English *is* the >international >spoken word. So it seems to be fitting. Hmmm... when one out of five speaks at least one dialect of Chinese? I can say hello, goodbye, and Fu in Mandarin, but don't read a bit of it. >I myself would like to see this thread die. So let's please consider >what this >list means to us - and to the ones that really want to learn to secure >FBSD. Agreed, but take a moment to consider how US-centric the net is and the resentment of this by some in the world community. Hopefully it will help in the long term, but I need to bite my tongue from time to time. 8-) I'd follow this up to -chat, but I'm not subscribed there. >Just my pennt and a half... Also.... Would you be so kind as to turn off your disposition notification, which IMO rates higher for flaming than HTML formatted mail. Not to be rude, but it is the most irritating "feature" for mail. And er , sending responses to an HTML formatted one... including the list. Now I just trash HTML mail, but I forgot about: Disposition-Notification-To: cheers! Jeff Mountin - Unix Systems TCP/IP networking jeff@mountin.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Oct 27 23:10:57 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA27490 for freebsd-security-outgoing; Tue, 27 Oct 1998 23:10:57 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from peak.mountin.net (peak.mountin.net [207.227.119.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA27485 for ; Tue, 27 Oct 1998 23:10:55 -0800 (PST) (envelope-from jeff-ml@mountin.net) Received: (from daemon@localhost) by peak.mountin.net (8.9.1/8.9.1) id BAA20335; Wed, 28 Oct 1998 01:10:14 -0600 (CST) Received: from aridius-96.isdn.mke.execpc.com(169.207.66.223) by peak.mountin.net via smap (V1.3) id sma020330; Wed Oct 28 01:09:56 1998 Message-Id: <3.0.3.32.19981028010944.00fd188c@207.227.119.2> X-Sender: jeff-ml@207.227.119.2 X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Wed, 28 Oct 1998 01:09:44 -0600 To: Wes Peters , andrew@squiz.co.nz From: "Jeffrey J. Mountin" Subject: =?iso-8859-1?Q?Re:_=B1z=A4@?= =?iso-8859-1?Q?=A9w=ADn=A5=CE=C0=F4=ABO=A5R=B9q=B9q=A6=C0?= Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <363683EC.DFAC5A23@softweyr.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 07:39 PM 10/27/98 -0700, Wes Peters wrote: >Andrew McNaughton wrote: >> >> Several non-English mailing lists are also available: >> >> Czech -- majordomo@freebsd.cz >> German -- majordomo@de.freebsd.org. >> French -- majordomo@freebsd.francenet.fr or WWWW. >> Hungarian -- majordomo@hu.freebsd.org >> Japanese -- majordomo@jp.freebsd.org >> Polish -- majordomo@pap.waw.pl >> Portuguese -- WWW or listproc@br.freebsd.org >> Slovakian -- majordomo@sk.freebsd.org >> Spanish -- majordomo@es.freebsd.org Looks like the list has grown. No Chinese though, which is suprising. --snip-- >I can probably track down (non-technical) speakers of both Ute and Navajo, >and possibly Shoshone if I'm willing to drive a bit. Sorry guys, but I just get this picture of an Indian on a horse, bow and quiver across his back, typing away at a notebook mounted on the saddlehorn. >I can also translate into "sailor speak." If you don't know what that >is, consider yourself lucky. Or read Mr. Buffett's new book, "A Pirate >Looks at Fifty." (That'd be Jimmy, not Warren. ;^) And a water-proof notebook this gentl... ah, sailor. Not to be offensive, but I'm certainly not impressed by being politically correct and the image was just to clear. Besides "native american" is cumbersome. Frankly I don't like " american" terms, they in and of themselves segregate, IMO. FWIW, when mayor Norquist (Milwaukee) used the term "european american" I just about dropped to the floor laughing. Just another person or if you must, a US citizen. Or avid FBSD user. ;) cheers to all! Jeff Mountin - Unix Systems TCP/IP networking jeff@mountin.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 02:20:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA13185 for freebsd-security-outgoing; Wed, 28 Oct 1998 02:20:15 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ocean.campus.luth.se (ocean.campus.luth.se [130.240.194.116]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA13165 for ; Wed, 28 Oct 1998 02:20:08 -0800 (PST) (envelope-from karpen@ocean.campus.luth.se) Received: (from karpen@localhost) by ocean.campus.luth.se (8.9.1/8.9.1) id LAA05531; Wed, 28 Oct 1998 11:14:23 +0100 (CET) (envelope-from karpen) From: Mikael Karpberg Message-Id: <199810281014.LAA05531@ocean.campus.luth.se> Subject: Re: [?big5?] In-Reply-To: from Andrew McNaughton at "Oct 28, 98 12:41:35 pm" To: andrew@squiz.co.nz Date: Wed, 28 Oct 1998 11:14:23 +0100 (CET) Cc: chris@exit109.com, willer@ms13.url.com.tw, freebsd-security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL32 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org According to Andrew McNaughton: > Several non-English mailing lists are also available: > > Czech -- majordomo@freebsd.cz > German -- majordomo@de.freebsd.org. > French -- majordomo@freebsd.francenet.fr or WWWW. > Hungarian -- majordomo@hu.freebsd.org > Japanese -- majordomo@jp.freebsd.org > Polish -- majordomo@pap.waw.pl > Portuguese -- WWW or listproc@br.freebsd.org > Slovakian -- majordomo@sk.freebsd.org > Spanish -- majordomo@es.freebsd.org > > > So where does one go I wonder with a security issue if one speaks > taiwanese but not english? To school and learn English. /Mikael To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 03:15:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA17655 for freebsd-security-outgoing; Wed, 28 Oct 1998 03:15:12 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from haldjas.folklore.ee (Haldjas.folklore.ee [193.40.6.121]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA17637; Wed, 28 Oct 1998 03:15:04 -0800 (PST) (envelope-from narvi@haldjas.folklore.ee) Received: from haldjas.folklore.ee (haldjas.folklore.ee [172.17.2.1] (may be forged)) by haldjas.folklore.ee (8.8.8/8.8.4) with SMTP id NAA02089; Wed, 28 Oct 1998 13:13:51 +0200 (EET) Date: Wed, 28 Oct 1998 13:13:51 +0200 (EET) From: Narvi To: Mikael Karpberg cc: freebsd-security@FreeBSD.ORG, freebsd-chat@FreeBSD.ORG Subject: Re: [?big5?] In-Reply-To: <199810281014.LAA05531@ocean.campus.luth.se> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Let's take this to -chat, OK? On Wed, 28 Oct 1998, Mikael Karpberg wrote: > According to Andrew McNaughton: > > Several non-English mailing lists are also available: > > [snip] > > > > So where does one go I wonder with a security issue if one speaks > > taiwanese but not english? > > To school and learn English. > The real question is - *if* he does not speak english at all, not even enought to word his security related question, then how did he manage to operate it in the first place? > /Mikael > Sander There is no love, no good, no happiness and no future - all these are just illusions. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 09:42:54 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA22494 for freebsd-security-outgoing; Wed, 28 Oct 1998 09:42:54 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from xylan.com (postal.xylan.com [208.8.0.248]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA22481 for ; Wed, 28 Oct 1998 09:42:52 -0800 (PST) (envelope-from wes@softweyr.com) Received: from mailhub.xylan.com by xylan.com (8.8.7/SMI-SVR4 (xylan-mgw 2.2 [OUT])) id JAA23544; Wed, 28 Oct 1998 09:40:53 -0800 (PST) Received: from utah.XYLAN.COM by mailhub.xylan.com (SMI-8.6/SMI-SVR4 (mailhub 2.1 [HUB])) id JAA22717; Wed, 28 Oct 1998 09:40:53 -0800 Received: from softweyr.com by utah.XYLAN.COM (SMI-8.6/SMI-SVR4 (xylan utah [SPOOL])) id KAA14816; Wed, 28 Oct 1998 10:40:51 -0700 Message-ID: <36375723.CEE7A90@softweyr.com> Date: Wed, 28 Oct 1998 10:40:51 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.5 [en] (X11; I; FreeBSD 2.2.6-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Chris Silva CC: andrew@squiz.co.nz, freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD multinational security References: <000001be0222$90b53190$0100000a@wildrock.interaccess.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > On Tue, 27 Oct 1998, Wes Peters wrote: > > > Andrew McNaughton wrote: > > > > > So where does one go I wonder with a security issue if one speaks > > > taiwanese but not english? > > > > Andrew raises a valid question here. Ideally, we'd have an > > assistant, or "national" security officer for each of the "officially" > > supported languages, who can also communicate effectively in (written, > > at least) english. > > > > So, which languages are you going to step up to support, Andrew? > > I don't understand more than a smattering of any non-programming > languages other than English. It would be nice to have contact people > for various languages, but this would never be comprehensive. Personally > though I think if it's important it's better posted in a language most > don't understand than not posted at all. If it's important then there's > a fair chance someone will translate it for the benefit of others. > > Any mailing list I read is going to carry some proportion of stuff > which for one reason or another I don't understand. I don't see that > flaming the authors of those posts as being an appropriate response. > That goes doubly for sending the flames to the list. The flames bugged > me a lot more than the original post, and there were many more of them. Yeah, there were several who thought they had to be funny too. I certainly don't see any flames in the message you quote, I just asked how you were going to help. I'm not proposing a multinational tech support organization here, just someone who can read and write both english and another language, and who has the time to translate security alerts, and perhaps to help with email when a non-english speaker has a FreeBSD security problem. The only non-english human language I have studied is French, and there are many here whose native language is French and whose English skills are the equal of mine, so I'm of little help there. I have access to technical people who speak two, or perhaps three languages native to Utah simply because of my geographical location and contacts in the local community; not that FreeBSD usage seems to be that common among the Ute, Navajo, and Shoshone communities. Yes, this was said partly in jest. So, the question remains, what can YOU do about it? If you don't know languages other than English, can you coordinate the efforts of those who do? Can you write an article in Daemon News (or elsewhere) soliciting the help of those who do, and proposing an organization? Chris Silva wrote: > > Umm, well - lets look at thin in another light. English *is* the > international spoken word. So it seems to be fitting. > > I myself would like to see this thread die. So let's please consider > what this list means to us - and to the ones that really want to learn > to secure FBSD. Even if you find no value in the concept of translating security alerts into other languages, I'm sure others do. I've posted this with a more appropriate subject line, which you are certainly free to filter out if you wish. I hope you don't. By the way, do YOU know any other (human) languages? ;^) -- Where am I, and what am I doing in this handbasket? Wes Peters +1.801.915.2061 Softweyr LLC wes@softweyr.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 11:15:02 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA02215 for freebsd-security-outgoing; Wed, 28 Oct 1998 11:15:02 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from kitsune.swcp.com (swcp.com [198.59.115.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA02202 for ; Wed, 28 Oct 1998 11:14:59 -0800 (PST) (envelope-from synk@swcp.com) Received: (from synk@localhost) by kitsune.swcp.com (8.8.8/1.2.3) id MAA07942 for freebsd-security@freebsd.org; Wed, 28 Oct 1998 12:14:20 -0700 (MST) Date: Wed, 28 Oct 1998 12:14:20 -0700 (MST) From: Brendan Conoboy Message-Id: <199810281914.MAA07942@kitsune.swcp.com> To: freebsd-security@FreeBSD.ORG Subject: getpwnam() problem? Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org A couple weeks ago I filled out a little bug report with the GNATS form, but it's received no attention (maybe I should have marked it as critical?). Anyway, since it may well be security related, I wanted to point it out here. The condensed version is that if getpwnam() is given a very large string (say a few thousand characters) it will sigsegv or sigbus. This is true for 2.2.7-stable (as of a few weeks ago) and 3.0-release. Perhaps it's nothing, perhaps it's something, but it certainly doesn't happen on a whole slew of other OSes. The problem report is at: http://www.freebsd.org/cgi/query-pr.cgi?pr=8176 -Brendan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 11:27:13 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA03679 for freebsd-security-outgoing; Wed, 28 Oct 1998 11:27:13 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from Mercury.unix.acs.cc.unt.edu (mercury.acs.unt.edu [129.120.220.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA03674 for ; Wed, 28 Oct 1998 11:27:11 -0800 (PST) (envelope-from john@unt.edu) Received: from leonardo.cascss.unt.edu (leonardo.cascss.unt.edu [129.120.32.203]) by Mercury.unix.acs.cc.unt.edu (8.8.8/8.8.8) with ESMTP id NAA00431; Wed, 28 Oct 1998 13:26:18 -0600 (CST) Received: (from john@localhost) by leonardo.cascss.unt.edu (8.8.8/8.6.9) id NAA23973; Wed, 28 Oct 1998 13:26:17 -0600 (CST) From: john Message-Id: <199810281926.NAA23973@leonardo.cascss.unt.edu> Subject: Re: FreeBSD multi security (babelfish on the web translation) In-Reply-To: <36375723.CEE7A90@softweyr.com> from Wes Peters at "Oct 28, 98 10:40:51 am" To: wes@softweyr.com (Wes Peters) Date: Wed, 28 Oct 1998 13:26:17 -0600 (CST) Cc: freebsd-security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL32 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org You may check out http://babelfish.altavista.digital.com/ It handles translation from/to some laguages and English. French, German, Italian, Portuguese, and Spanish. It worked well on a German GPF error I had in an application and I know a few people that have used the German - English option with success. > I certainly don't see any flames in the message you quote, I just asked how > you were going to help. I'm not proposing a multinational tech support > organization here, just someone who can read and write both english and > another language, and who has the time to translate security alerts, and > perhaps to help with email when a non-english speaker has a FreeBSD > security problem. > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 12:26:33 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA14062 for freebsd-security-outgoing; Wed, 28 Oct 1998 12:26:33 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from Mercury.unix.acs.cc.unt.edu (mercury.acs.unt.edu [129.120.220.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA14057 for ; Wed, 28 Oct 1998 12:26:29 -0800 (PST) (envelope-from john@unt.edu) Received: from leonardo.cascss.unt.edu (leonardo.cascss.unt.edu [129.120.32.203]) by Mercury.unix.acs.cc.unt.edu (8.8.8/8.8.8) with ESMTP id OAA12908 for ; Wed, 28 Oct 1998 14:25:39 -0600 (CST) Received: (from john@localhost) by leonardo.cascss.unt.edu (8.8.8/8.6.9) id OAA24244 for freebsd-security@freebsd.org; Wed, 28 Oct 1998 14:25:38 -0600 (CST) From: john Message-Id: <199810282025.OAA24244@leonardo.cascss.unt.edu> Subject: RootShell homepage hacked via SSH? To: freebsd-security@FreeBSD.ORG Date: Wed, 28 Oct 1998 14:25:38 -0600 (CST) X-Mailer: ELM [version 2.4ME+ PL32 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org http://www.antionline.com/SpecialReports/rootshell/statement.html Does anyone have any more information on this? ---------------------------------------------- John Booth Computer Support Specialist University of North Texas Arts & Sciences Computing Services phone: (940)565-4498, campus extension 4498 Internet: john@unt.edu GroupWise: cas.po7.john To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 15:02:22 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA29309 for freebsd-security-outgoing; Wed, 28 Oct 1998 15:02:22 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from phoenix.volant.org (phoenix.volant.org [205.179.79.193]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA29296 for ; Wed, 28 Oct 1998 15:02:18 -0800 (PST) (envelope-from patl@phoenix.volant.org) From: patl@phoenix.volant.org Received: from asimov.phoenix.volant.org ([205.179.79.65]) by phoenix.volant.org with smtp (Exim 1.92 #8) for security@freebsd.org id 0zYeav-0002Gm-00; Wed, 28 Oct 1998 15:01:37 -0800 Received: from localhost by asimov.phoenix.volant.org (SMI-8.6/SMI-SVR4) id PAA12303; Wed, 28 Oct 1998 15:01:35 -0800 Date: Wed, 28 Oct 1998 15:01:35 -0800 (PST) Reply-To: patl@phoenix.volant.org Subject: Cause of NetBIOS-NS requests from outside To: security@FreeBSD.ORG Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I've recently started logging more of the packets which are denied by my filters. Since then, I've noticed occasional bursts of UDP packets aimed at the NetBIOS-NS port (137) on my primary server. Is this more likely to be M$ brain-damage, or an attempted probe by some script-kiddie? -Pat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 15:25:09 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA02188 for freebsd-security-outgoing; Wed, 28 Oct 1998 15:25:09 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ns.mt.sri.com (sri-gw.MT.net [206.127.105.141]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA02178 for ; Wed, 28 Oct 1998 15:25:05 -0800 (PST) (envelope-from nate@mt.sri.com) Received: from mt.sri.com (rocky.mt.sri.com [206.127.76.100]) by ns.mt.sri.com (8.8.8/8.8.8) with SMTP id QAA17268; Wed, 28 Oct 1998 16:24:22 -0700 (MST) (envelope-from nate@rocky.mt.sri.com) Received: by mt.sri.com (SMI-8.6/SMI-SVR4) id QAA13189; Wed, 28 Oct 1998 16:24:21 -0700 Date: Wed, 28 Oct 1998 16:24:21 -0700 Message-Id: <199810282324.QAA13189@mt.sri.com> From: Nate Williams MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit To: patl@phoenix.volant.org Cc: security@FreeBSD.ORG Subject: Re: Cause of NetBIOS-NS requests from outside In-Reply-To: References: X-Mailer: VM 6.34 under 19.16 "Lille" XEmacs Lucid Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I've recently started logging more of the packets which are denied > by my filters. Since then, I've noticed occasional bursts of UDP > packets aimed at the NetBIOS-NS port (137) on my primary server. > > Is this more likely to be M$ brain-damage, or an attempted probe > by some script-kiddie? Both, but most likely M$ brain-damage. I see them *ALL* the time on my network, and I've learned to ignore them. :( Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 17:23:29 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA02762 for freebsd-security-outgoing; Wed, 28 Oct 1998 17:23:29 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from phoenix.volant.org (phoenix.volant.org [205.179.79.193]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA02757 for ; Wed, 28 Oct 1998 17:23:26 -0800 (PST) (envelope-from patl@phoenix.volant.org) From: patl@phoenix.volant.org Received: from asimov.phoenix.volant.org ([205.179.79.65]) by phoenix.volant.org with smtp (Exim 1.92 #8) id 0zYfoy-0002vX-00; Wed, 28 Oct 1998 16:20:13 -0800 Received: from localhost by asimov.phoenix.volant.org (SMI-8.6/SMI-SVR4) id QAA12331; Wed, 28 Oct 1998 16:20:04 -0800 Date: Wed, 28 Oct 1998 16:20:04 -0800 (PST) Reply-To: patl@phoenix.volant.org Subject: Re: Cause of NetBIOS-NS requests from outside To: Kenneth Ingham cc: security@FreeBSD.ORG In-Reply-To: <19981028171202.A4585@i-pi.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > On Wed, Oct 28, 1998 at 03:01:35PM -0800, patl@phoenix.volant.org wrote: > > I've recently started logging more of the packets which are denied > > by my filters. Since then, I've noticed occasional bursts of UDP > > packets aimed at the NetBIOS-NS port (137) on my primary server. > > > > Is this more likely to be M$ brain-damage, or an attempted probe > > by some script-kiddie? > > M$ brain-damage. > > I worked with one of the people who was bouncing off of my firewall one > time. If you are using WINS for anything, it tries to use it for > everything. I now ignore them, and really should tell the firewall to > not even log them. So it's probably trying to contact my DNS server via NetBIOS-NS protocol? I can easily understand how any local M$ machines could be sending these packets to my servers; but what has me puzzled is why an outside machine would try to contact my server for WINS info. This doesn't seem to be any real threat; and since it is much more likely to be M$ brain-damage, I'll probably add a filter rule to explicitly deny them without logging. But I would like to have a better understanding of the underlying reasons. (That is, reasons more specific than 'M$ is completely clueless'.) -Pat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 17:30:29 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA04264 for freebsd-security-outgoing; Wed, 28 Oct 1998 17:30:29 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from socrates.i-pi.com (socrates.i-pi.com [198.49.217.5]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA04230 for ; Wed, 28 Oct 1998 17:30:13 -0800 (PST) (envelope-from ingham@i-pi.com) Received: (from ingham@localhost) by socrates.i-pi.com (8.8.8/8.8.7) id RAA04603; Wed, 28 Oct 1998 17:12:02 -0700 (MST) (envelope-from ingham) Message-ID: <19981028171202.A4585@i-pi.com> Date: Wed, 28 Oct 1998 17:12:02 -0700 From: Kenneth Ingham To: patl@phoenix.volant.org, security@FreeBSD.ORG Subject: Re: Cause of NetBIOS-NS requests from outside References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.1i In-Reply-To: ; from patl@phoenix.volant.org on Wed, Oct 28, 1998 at 03:01:35PM -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, Oct 28, 1998 at 03:01:35PM -0800, patl@phoenix.volant.org wrote: > I've recently started logging more of the packets which are denied > by my filters. Since then, I've noticed occasional bursts of UDP > packets aimed at the NetBIOS-NS port (137) on my primary server. > > Is this more likely to be M$ brain-damage, or an attempted probe > by some script-kiddie? M$ brain-damage. I worked with one of the people who was bouncing off of my firewall one time. If you are using WINS for anything, it tries to use it for everything. I now ignore them, and really should tell the firewall to not even log them. Kenneth To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 19:56:50 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA23950 for freebsd-security-outgoing; Wed, 28 Oct 1998 19:56:50 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ns.mt.sri.com (sri-gw.MT.net [206.127.105.141]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA23936 for ; Wed, 28 Oct 1998 19:56:37 -0800 (PST) (envelope-from nate@mt.sri.com) Received: from mt.sri.com (rocky.mt.sri.com [206.127.76.100]) by ns.mt.sri.com (8.8.8/8.8.8) with SMTP id UAA19042; Wed, 28 Oct 1998 20:55:59 -0700 (MST) (envelope-from nate@rocky.mt.sri.com) Received: by mt.sri.com (SMI-8.6/SMI-SVR4) id UAA14862; Wed, 28 Oct 1998 20:55:53 -0700 Date: Wed, 28 Oct 1998 20:55:53 -0700 Message-Id: <199810290355.UAA14862@mt.sri.com> From: Nate Williams MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit To: patl@phoenix.volant.org Cc: Kenneth Ingham , security@FreeBSD.ORG Subject: Re: Cause of NetBIOS-NS requests from outside In-Reply-To: References: <19981028171202.A4585@i-pi.com> X-Mailer: VM 6.34 under 19.16 "Lille" XEmacs Lucid Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > > I've recently started logging more of the packets which are denied > > > by my filters. Since then, I've noticed occasional bursts of UDP > > > packets aimed at the NetBIOS-NS port (137) on my primary server. > > > > > > Is this more likely to be M$ brain-damage, or an attempted probe > > > by some script-kiddie? > > > > M$ brain-damage. ... > So it's probably trying to contact my DNS server via NetBIOS-NS > protocol? Nope, it's doing a 'broadcast' on port 137, and it may have even gotten a reponse from a machine inside your network, depending on how you have your firewall setup. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 20:05:59 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA25447 for freebsd-security-outgoing; Wed, 28 Oct 1998 20:05:59 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from phoenix.volant.org (phoenix.volant.org [205.179.79.193]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA25435 for ; Wed, 28 Oct 1998 20:05:57 -0800 (PST) (envelope-from patl@phoenix.volant.org) From: patl@phoenix.volant.org Received: from asimov.phoenix.volant.org ([205.179.79.65]) by phoenix.volant.org with smtp (Exim 1.92 #8) id 0zYjLJ-0004ko-00; Wed, 28 Oct 1998 20:05:49 -0800 Received: from localhost by asimov.phoenix.volant.org (SMI-8.6/SMI-SVR4) id UAA12398; Wed, 28 Oct 1998 20:05:43 -0800 Date: Wed, 28 Oct 1998 20:05:43 -0800 (PST) Reply-To: patl@phoenix.volant.org Subject: Re: Cause of NetBIOS-NS requests from outside To: Nate Williams cc: security@FreeBSD.ORG In-Reply-To: <199810290355.UAA14862@mt.sri.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > > > I've recently started logging more of the packets which are denied > > > > by my filters. Since then, I've noticed occasional bursts of UDP > > > > packets aimed at the NetBIOS-NS port (137) on my primary server. > > > > > > > > Is this more likely to be M$ brain-damage, or an attempted probe > > > > by some script-kiddie? > > > > > > M$ brain-damage. > ... > > So it's probably trying to contact my DNS server via NetBIOS-NS > > protocol? > > Nope, it's doing a 'broadcast' on port 137, If it's doing a broadcast, why is the destination address the IP address of my server instead of one of the broadcast addresses for my network? Or is this Micro$oft's definition of 'broadcast'? > and it may have even gotten > a reponse from a machine inside your network, depending on how you have > your firewall setup. Hmm. Maybe at some point in the past; but I've been blocking them for several weeks now. -Pat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 21:42:28 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id VAA05250 for freebsd-security-outgoing; Wed, 28 Oct 1998 21:42:28 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id VAA05244 for ; Wed, 28 Oct 1998 21:42:24 -0800 (PST) (envelope-from imp@village.org) Received: from harmony [10.0.0.6] by rover.village.org with esmtp (Exim 1.71 #1) id 0zYkqd-0006as-00; Wed, 28 Oct 1998 22:42:15 -0700 Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.1/8.8.3) with ESMTP id WAA06814; Wed, 28 Oct 1998 22:41:53 -0700 (MST) Message-Id: <199810290541.WAA06814@harmony.village.org> To: Nate Williams Subject: Re: Cause of NetBIOS-NS requests from outside Cc: patl@phoenix.volant.org, security@FreeBSD.ORG In-reply-to: Your message of "Wed, 28 Oct 1998 16:24:21 MST." <199810282324.QAA13189@mt.sri.com> References: <199810282324.QAA13189@mt.sri.com> Date: Wed, 28 Oct 1998 22:41:53 -0700 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <199810282324.QAA13189@mt.sri.com> Nate Williams writes: : Both, but most likely M$ brain-damage. I see them *ALL* the time on my : network, and I've learned to ignore them. :( We have 204.144.255.xxx netblock from our ISP. Every time a new user would join our ISP, or every time that a new Win95 machine would be added to the network, we'd get boatloads of traffic from it. seems like it was a common bug to have 204.144.x.x be the network (eg use a 255.255.0.0 netmask).... We filter them all out, and used to send hate mail when we saw them. We no longer have a filter dropped report, so we no longer send hate mail :-) Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Oct 28 21:43:24 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id VAA05365 for freebsd-security-outgoing; Wed, 28 Oct 1998 21:43:24 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id VAA05356 for ; Wed, 28 Oct 1998 21:43:21 -0800 (PST) (envelope-from imp@village.org) Received: from harmony [10.0.0.6] by rover.village.org with esmtp (Exim 1.71 #1) id 0zYkrZ-0006au-00; Wed, 28 Oct 1998 22:43:14 -0700 Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.1/8.8.3) with ESMTP id WAA07783; Wed, 28 Oct 1998 22:42:52 -0700 (MST) Message-Id: <199810290542.WAA07783@harmony.village.org> To: patl@phoenix.volant.org Subject: Re: Cause of NetBIOS-NS requests from outside Cc: Nate Williams , security@FreeBSD.ORG In-reply-to: Your message of "Wed, 28 Oct 1998 20:05:43 PST." References: Date: Wed, 28 Oct 1998 22:42:52 -0700 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message patl@phoenix.volant.org writes: : If it's doing a broadcast, why is the destination address the IP : address of my server instead of one of the broadcast addresses : for my network? Or is this Micro$oft's definition of 'broadcast'? Likely a badly configured client :-(. We get lots of traffic to 204.144.255.255 from various people because of this MS misfeature. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 00:02:32 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA17256 for freebsd-security-outgoing; Thu, 29 Oct 1998 00:02:32 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mail.webspan.net (mail.webspan.net [206.154.70.7]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA17251 for ; Thu, 29 Oct 1998 00:02:30 -0800 (PST) (envelope-from opsys@mail.webspan.net) Received: from orion.webspan.net (orion.webspan.net [206.154.70.5]) by mail.webspan.net (WEBSPAN/970608) with SMTP id DAA14965 for ; Thu, 29 Oct 1998 03:02:28 -0500 (EST) Date: Thu, 29 Oct 1998 03:02:31 -0500 (EST) From: Open Systems Networking X-Sender: opsys@orion.webspan.net To: freebsd-security@FreeBSD.ORG Subject: IPFW problems... Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Im at a loss for this problem I am having with IPFW in 2.2.7-stable. I have a kernel that I built with 2.2.7-RELEASE before cvsuping kernel source to stable. It has firewall support in it and boots fine with a firewall type of open. But EVERY kernel I build from stable wedges the machine, with the following errors: Oct 28 15:56:54 pm330 /kernel: FreeBSD 2.2.7-STABLE #0: Wed Oct 28 15:54:08 CST 1998 Oct 28 15:56:54 pm330 /kernel: ed0 at 0x280-0x29f irq 10 on isa Oct 28 15:56:54 pm330 /kernel: ed0: address 00:80:ad:b3:16:15, type NE2000 (16 bit) Oct 28 15:56:55 pm330 /kernel: 1 3C5x9 board(s) on ISA found at 0x300 Oct 28 15:56:55 pm330 /kernel: ep0 at 0x300-0x30f irq 5 on isa Oct 28 15:56:55 pm330 /kernel: ep0: utp[*UTP*] address 00:10:5 Oct 28 15:56:55 pm330 /kernel: a:1c:8c:ee Oct 28 15:56:55 pm330 /kernel: IP packet filtering initialized, divert enabled, logging disabled Oct 28 15:56:56 pm330 xntpd[107]: using xntpd phase-lock loop Oct 28 15:56:57 pm330 xntpd[107]: sendto(128.252.19.1): Permission denied Oct 28 15:56:58 pm330 xntpd[107]: sendto(128.105.201.11): Permission denied Oct 28 15:59:54 pm330 syslogd: exiting on signal 15 And on numerous occasions I have received this which I have never seen. Oct 28 15:56:55 pm330 /kernel: ip_fw_ctl: len=104, want 96 Right after the IP packet filtering initialized, etc.. message is when this shows up. I searched the arvhices for the error I get at console: ipfw: setsockopt(IP_FW_ADD): Invalid argument And I *DO* have IPFIREWALL and IPDIVERT in the kernel config. No matter how many times I rebuild the 2.2.7-STABLE kernel it will not boot but throws out the above errors, booting the old 2.2.7-RELEASE kernel works fine. And this puzzles me. Its an open type of firewall, and nothing changes configuration wise between booting the 2.2.7-RELEASE kernel and the 2.2.7-STABLE kernel. Something in the kernel is doing it. The rc.firewall is the same, the firewall type in rc.conf is the same. The only thing I see from the mail archives is not adding the IPFIREWALL and IPDIVERT options the kernel, and there both in there. Anyone have an idea? Chris -- "You both seem to be ignoring the fact that the networking market is driven by so-called 'IT professionals' these days, most of whom can't tell the difference between an ARP and a carp." --Wes Peters ===================================| Open Systems FreeBSD Consulting. FreeBSD 3.0 is available now! | Phone: (402)573-9124 / ICQ # 20016186 -----------------------------------| 3335 N. 103 Plaza, Omaha, NE 68134 FreeBSD: The power to serve! | E-Mail: opsys@open-systems.net http://www.freebsd.org | Consulting, Network Engineering, Security ===================================| http://open-systems.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 01:21:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA26258 for freebsd-security-outgoing; Thu, 29 Oct 1998 01:21:20 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from aniwa.sky (aniwa.actrix.gen.nz [203.96.56.186]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA26247 for ; Thu, 29 Oct 1998 01:21:15 -0800 (PST) (envelope-from andrew@squiz.co.nz) Received: from localhost (andrew@localhost) by aniwa.sky (8.8.8/8.8.7) with SMTP id WAA26680; Thu, 29 Oct 1998 22:19:46 +1300 (NZDT) (envelope-from andrew@squiz.co.nz) Date: Thu, 29 Oct 1998 22:19:46 +1300 (NZDT) From: Andrew McNaughton X-Sender: andrew@aniwa.sky Reply-To: andrew@squiz.co.nz To: Open Systems Networking cc: freebsd-security@FreeBSD.ORG Subject: Re: IPFW problems... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 29 Oct 1998, Open Systems Networking wrote: > Im at a loss for this problem I am having with IPFW in 2.2.7-stable. > I have a kernel that I built with 2.2.7-RELEASE before cvsuping kernel > source to stable. It has firewall support in it and boots fine with a > firewall type of open. But EVERY kernel I build from stable wedges the > machine, with the following errors: > Oct 28 15:56:55 pm330 /kernel: ip_fw_ctl: len=104, want 96 I had this one when my build world was out of sync with my kernel build. I presume there's been a change since the release (dummynet?) which has changed the size of the data structure passed from ipfw to the kernel. Currently I can't get my 2.2.7 PAO kernel to work with my ipfw (2.2.5-RELEASE source cvsup'ed to 2.2.7-RELEASE). If someone can tell me how to cvsup my source to the original 2.2.7-RELEASE rather than the latest STABLE then I'd be most obliged. The data cost of my link is significant, and I was hoping to wait till 2.2.8 before buying my next CD release. Andrew McNaughton. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 01:33:51 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA27407 for freebsd-security-outgoing; Thu, 29 Oct 1998 01:33:51 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mail.webspan.net (mail.webspan.net [206.154.70.7]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA27402 for ; Thu, 29 Oct 1998 01:33:48 -0800 (PST) (envelope-from opsys@mail.webspan.net) Received: from orion.webspan.net (orion.webspan.net [206.154.70.5]) by mail.webspan.net (WEBSPAN/970608) with SMTP id EAA22406; Thu, 29 Oct 1998 04:33:41 -0500 (EST) Date: Thu, 29 Oct 1998 04:33:44 -0500 (EST) From: Open Systems Networking X-Sender: opsys@orion.webspan.net To: Andrew McNaughton cc: freebsd-security@FreeBSD.ORG Subject: Re: IPFW problems... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 29 Oct 1998, Andrew McNaughton wrote: > I had this one when my build world was out of sync with my kernel build. > I presume there's been a change since the release (dummynet?) which has > changed the size of the data structure passed from ipfw to the kernel. I wish that was it :) But since I only have 2.2.7-RELEASE kernel sources installed then cvsup'ed to 2.2.7-STABLE I dont quite see how the os could be out of sync with the kernel. its the same release. It appears that message comes from ip_fw.c And I think the last one to touch this in 2.2 was luigi. Im gonna rebuild ipfw and see if that helps. Chris -- "You both seem to be ignoring the fact that the networking market is driven by so-called 'IT professionals' these days, most of whom can't tell the difference between an ARP and a carp." --Wes Peters ===================================| Open Systems FreeBSD Consulting. FreeBSD 3.0 is available now! | Phone: (402)573-9124 / ICQ # 20016186 -----------------------------------| 3335 N. 103 Plaza, Omaha, NE 68134 FreeBSD: The power to serve! | E-Mail: opsys@open-systems.net http://www.freebsd.org | Consulting, Network Engineering, Security ===================================| http://open-systems.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 02:00:16 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA01163 for freebsd-security-outgoing; Thu, 29 Oct 1998 02:00:16 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from cheops.anu.edu.au (cheops.anu.edu.au [150.203.224.24]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA01152 for ; Thu, 29 Oct 1998 02:00:13 -0800 (PST) (envelope-from avalon@coombs.anu.edu.au) Message-Id: <199810291000.CAA01152@hub.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA176265191; Thu, 29 Oct 1998 20:59:51 +1100 From: Darren Reed Subject: Re: IPFW problems... To: andrew@squiz.co.nz Date: Thu, 29 Oct 1998 20:59:51 +1100 (EDT) Cc: opsys@mail.webspan.net, freebsd-security@FreeBSD.ORG In-Reply-To: from "Andrew McNaughton" at Oct 29, 98 10:19:46 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In some mail from Andrew McNaughton, sie said: > > On Thu, 29 Oct 1998, Open Systems Networking wrote: > > > Im at a loss for this problem I am having with IPFW in 2.2.7-stable. > > I have a kernel that I built with 2.2.7-RELEASE before cvsuping kernel > > source to stable. It has firewall support in it and boots fine with a > > firewall type of open. But EVERY kernel I build from stable wedges the > > machine, with the following errors: > > > Oct 28 15:56:55 pm330 /kernel: ip_fw_ctl: len=104, want 96 > > I had this one when my build world was out of sync with my kernel build. > I presume there's been a change since the release (dummynet?) which has > changed the size of the data structure passed from ipfw to the kernel. > > Currently I can't get my 2.2.7 PAO kernel to work with my ipfw > (2.2.5-RELEASE source cvsup'ed to 2.2.7-RELEASE). If someone can tell me > how to cvsup my source to the original 2.2.7-RELEASE rather than the > latest STABLE then I'd be most obliged. The data cost of my link is > significant, and I was hoping to wait till 2.2.8 before buying my next CD > release. Just install IP Filter and convert your ruleset :-) Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 02:10:49 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA02380 for freebsd-security-outgoing; Thu, 29 Oct 1998 02:10:49 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mail.webspan.net (mail.webspan.net [206.154.70.7]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA02365 for ; Thu, 29 Oct 1998 02:10:44 -0800 (PST) (envelope-from opsys@mail.webspan.net) Received: from orion.webspan.net (orion.webspan.net [206.154.70.5]) by mail.webspan.net (WEBSPAN/970608) with SMTP id FAA25232; Thu, 29 Oct 1998 05:10:32 -0500 (EST) Date: Thu, 29 Oct 1998 05:10:36 -0500 (EST) From: Open Systems Networking X-Sender: opsys@orion.webspan.net To: Darren Reed cc: andrew@squiz.co.nz, freebsd-security@FreeBSD.ORG Subject: Re: IPFW problems... In-Reply-To: <199810291000.FAA24396@mail.webspan.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 29 Oct 1998, Darren Reed wrote: > > > Oct 28 15:56:55 pm330 /kernel: ip_fw_ctl: len=104, want 96 > > > > I had this one when my build world was out of sync with my kernel build. > > I presume there's been a change since the release (dummynet?) which has > > changed the size of the data structure passed from ipfw to the kernel. > > > > Currently I can't get my 2.2.7 PAO kernel to work with my ipfw > > (2.2.5-RELEASE source cvsup'ed to 2.2.7-RELEASE). If someone can tell me > > how to cvsup my source to the original 2.2.7-RELEASE rather than the > > latest STABLE then I'd be most obliged. The data cost of my link is > > significant, and I was hoping to wait till 2.2.8 before buying my next CD > > release. > > Just install IP Filter and convert your ruleset :-) Bingo, you had to rebuild ipfw. This fixes that problem of the wrong length. Just grab stable source and update ipfw. Problem solved. Did this have to go into stable? Darren If I had a dime everytime you have said this the above :-) While going through the mail archives youll see darren reply to posts about problems with ipfw and him declaring that ipfw is junk and to install ipfilter and your problems go away. :-) Darren you really know how to advocate a peice of code you should be our mascot for advocacy. I will try ipfilter for another firewall box im setting up. I like alot of the cool stuff, proxy support etc.. Although I think ipfw does that not to unless im mistaken, but there is no harm in trying them both. So ill give ipfilter a shot next time around. Chris *whos in a pretty odd mood at 4 AM* -- "You both seem to be ignoring the fact that the networking market is driven by so-called 'IT professionals' these days, most of whom can't tell the difference between an ARP and a carp." --Wes Peters ===================================| Open Systems FreeBSD Consulting. FreeBSD 3.0 is available now! | Phone: (402)573-9124 / ICQ # 20016186 -----------------------------------| 3335 N. 103 Plaza, Omaha, NE 68134 FreeBSD: The power to serve! | E-Mail: opsys@open-systems.net http://www.freebsd.org | Consulting, Network Engineering, Security ===================================| http://open-systems.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 02:21:31 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA03773 for freebsd-security-outgoing; Thu, 29 Oct 1998 02:21:31 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from witch.xtra.co.nz (witch.xtra.co.nz [202.27.184.8]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA03762 for ; Thu, 29 Oct 1998 02:21:27 -0800 (PST) (envelope-from junkmale@pop3.xtra.co.nz) Received: from wocker (210-55-210-87.ipnets.xtra.co.nz [210.55.210.87]) by witch.xtra.co.nz (8.9.1/8.9.1) with SMTP id XAA05790; Thu, 29 Oct 1998 23:20:27 +1300 (NZDT) Message-Id: <199810291020.XAA05790@witch.xtra.co.nz> From: "Dan Langille" Organization: DVL Software Limited To: Darren Reed , opsys@mail.webspan.net Date: Thu, 29 Oct 1998 23:20:37 +1300 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: IPFW problems... Reply-to: junkmale@xtra.co.nz CC: freebsd-security@FreeBSD.ORG In-reply-to: <199810291000.CAA01152@hub.freebsd.org> References: from "Andrew McNaughton" at Oct 29, 98 10:19:46 pm X-mailer: Pegasus Mail for Win32 (v3.01b) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 29 Oct 98, at 20:59, Darren Reed wrote: > Just install IP Filter and convert your ruleset :-) Yeah, OK. That's twice in the past week you've said that. So I took you up on it and installed IP Filter but couldn't get ping or traceroute to work with the example firewall rules provided. Searching the IP Filter mailings lists seemed to indicate a known problem with IP Filter. If anyone is interested, all the info is on my website. Darren, any ideas? In the meantime, I'm back to ifpw/natd. ;-) -- Dan Langille The FreeBSD Diary - my [mis]adventures http://www.FreeBSDDiary.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 02:28:24 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA04439 for freebsd-security-outgoing; Thu, 29 Oct 1998 02:28:24 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ns.cityip.co.za (ns.cityip.co.za [196.25.223.140]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id CAA04434 for ; Thu, 29 Oct 1998 02:28:20 -0800 (PST) (envelope-from wjv@cityip.co.za) Received: from wjv by ns.cityip.co.za with local (Exim 1.82 #2) id 0zYpJM-0003p4-00; Thu, 29 Oct 1998 12:28:12 +0200 Message-ID: <19981029122811.A14672@cityip.co.za> Date: Thu, 29 Oct 1998 12:28:11 +0200 From: Johann Visagie To: security@FreeBSD.ORG Subject: Connections succeed even though denied by IPFW Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.91.1i X-PGP: ftp://ftp.cityip.co.za/users/wjv/pubkey.asc Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have a rather strange situation here, on a 2.2.5-REL box which currently has an uptime of over 100 days (I don't know if that might affect it in any way). Basically, connections which are denied by the IPFW settings in /etc/rc.firewall succeed, _even though IPFW logs the packets as being denied_! Here is an example of an attempt to connect to my telnetd and popper. Note that IPFW successfully denies the packets, but tcpd then gets to reject the connections: Oct 27 15:09:16 ns /kernel: ipfw: 6410 Deny TCP 196.15.149.140:1030 196.25.223.161:23 in via ed0 Oct 27 15:09:17 ns telnetd[5955]: refused connect from jhb140.shisas.co.za Oct 27 15:09:17 ns /kernel: ipfw: 6410 Deny TCP 196.15.149.140:1033 255.255.255.255:110 in via ed0 Oct 27 15:09:19 ns telnetd[5956]: refused connect from jhb140.shisas.co.za Oct 27 15:09:19 ns popper[5957]: refused connect from jhb140.shisas.co.za Oct 27 15:09:20 ns /kernel: ipfw: 6410 Deny TCP 196.15.149.140:1052 196.25.223.161:110 in via ed0 Oct 27 15:09:22 ns popper[5959]: refused connect from jhb140.shisas.co.za I have double checked - if I configure my TCP wrappers to allow a specific connection, then it can be made successfully, even though the packet filtering rules should disallow it (and log it that they do). In a word: "Huh?" -- V Johann Visagie | wjv@CityIP.co.za | Tel: +27 21 419-7878 | ICQ: 20645559 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 02:43:53 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA06386 for freebsd-security-outgoing; Thu, 29 Oct 1998 02:43:53 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from adelphi.physics.adelaide.edu.au (adelphi.physics.adelaide.edu.au [129.127.36.247]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA06378 for ; Thu, 29 Oct 1998 02:43:50 -0800 (PST) (envelope-from kkennawa@physics.adelaide.edu.au) Received: from mercury (mercury [129.127.36.44]) by adelphi.physics.adelaide.edu.au (8.8.8/8.8.8/UofA-1.5) with SMTP id VAA23646; Thu, 29 Oct 1998 21:13:46 +1030 (CST) Received: from localhost by mercury; (5.65v3.2/1.1.8.2/27Nov97-0404PM) id AA25594; Thu, 29 Oct 1998 21:13:45 +1030 Date: Thu, 29 Oct 1998 21:13:45 +1030 (CST) From: Kris Kennaway To: Open Systems Networking Cc: Andrew McNaughton , freebsd-security@FreeBSD.ORG Subject: Re: IPFW problems... In-Reply-To: Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 29 Oct 1998, Open Systems Networking wrote: > On Thu, 29 Oct 1998, Andrew McNaughton wrote: > > > I had this one when my build world was out of sync with my kernel build. > > I presume there's been a change since the release (dummynet?) which has > > changed the size of the data structure passed from ipfw to the kernel. > > I wish that was it :) > But since I only have 2.2.7-RELEASE kernel sources installed then cvsup'ed > to 2.2.7-STABLE I dont quite see how the os could be out of sync with the > kernel. its the same release. It appears that message comes from ip_fw.c xxx-STABLE isnt "the same release" as xxx-RELEASE, and they're not guaranteed to be backwards compatible - the numbering in the -STABLE name refers to the most recent previous release along that development branch). i.e the xxx-RELEASEs are just snapshot of -STABLE taken at a certain time. So 2.2.7-STABLE keeps creeping along from the 2.2.7-RELEASE codebase, and the name will change to 2.2.8-STABLE once 2.2.8-RELEASE is out the door. It isn't supposed to happen in -STABLE very often, but occasionally the kernel structures change (to add features, etc) and becomes incompatible with a world which was not compiled expecting those changes. Almost certainly this is the problem you are seeing (in fact I seem to remember reading about something Luigi Rizzo did to ipfw in -stable which broke backwards-compatibility of the ipfw binary). If you're goign to track a -stable kernel, you should be subscribed to the freebsd-stable mailing list for exactly this reason (so you know when you have to update your world sources as well). Recompiling ipfw with sources taken from -stable at the same point your kernel sources were from should make the problem go away. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 02:46:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA07059 for freebsd-security-outgoing; Thu, 29 Oct 1998 02:46:20 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from cheops.anu.edu.au (cheops.anu.edu.au [150.203.224.24]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA07051 for ; Thu, 29 Oct 1998 02:46:16 -0800 (PST) (envelope-from avalon@coombs.anu.edu.au) Message-Id: <199810291046.CAA07051@hub.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA181547960; Thu, 29 Oct 1998 21:46:00 +1100 From: Darren Reed Subject: Re: IPFW problems... To: junkmale@xtra.co.nz Date: Thu, 29 Oct 1998 21:45:59 +1100 (EDT) Cc: avalon@coombs.anu.edu.au, opsys@mail.webspan.net, freebsd-security@FreeBSD.ORG In-Reply-To: <199810291020.XAA05790@witch.xtra.co.nz> from "Dan Langille" at Oct 29, 98 11:20:37 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In some mail from Dan Langille, sie said: > > On 29 Oct 98, at 20:59, Darren Reed wrote: > > > Just install IP Filter and convert your ruleset :-) > > Yeah, OK. That's twice in the past week you've said that. So I took you > up on it and installed IP Filter but couldn't get ping or traceroute to > work with the example firewall rules provided. Searching the IP Filter > mailings lists seemed to indicate a known problem with IP Filter. If > anyone is interested, all the info is on my website. Darren, any ideas? traceroute/UDP was fixed on the weekend last, the pc (ICMP) version may not yet work. as for ping, I've not heard any problems with this. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 02:48:33 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA07460 for freebsd-security-outgoing; Thu, 29 Oct 1998 02:48:33 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from cheops.anu.edu.au (cheops.anu.edu.au [150.203.224.24]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA07443 for ; Thu, 29 Oct 1998 02:48:29 -0800 (PST) (envelope-from avalon@coombs.anu.edu.au) Message-Id: <199810291048.CAA07443@hub.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA181898092; Thu, 29 Oct 1998 21:48:12 +1100 From: Darren Reed Subject: Re: IPFW problems... To: opsys@mail.webspan.net (Open Systems Networking) Date: Thu, 29 Oct 1998 21:48:12 +1100 (EDT) Cc: avalon@coombs.anu.edu.au, andrew@squiz.co.nz, freebsd-security@FreeBSD.ORG In-Reply-To: from "Open Systems Networking" at Oct 29, 98 05:10:36 am X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In some mail from Open Systems Networking, sie said: > > On Thu, 29 Oct 1998, Darren Reed wrote: > > > > Just install IP Filter and convert your ruleset :-) [...] > Darren If I had a dime everytime you have said this the above :-) Well, others have been saying it too so I thought I'd give it a go myself ;) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 04:35:55 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA18421 for freebsd-security-outgoing; Thu, 29 Oct 1998 04:35:55 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ns.cityip.co.za (ns.cityip.co.za [196.25.223.140]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id EAA18416 for ; Thu, 29 Oct 1998 04:35:52 -0800 (PST) (envelope-from wjv@cityip.co.za) Received: from wjv by ns.cityip.co.za with local (Exim 1.82 #2) id 0zYrIp-0003xH-00; Thu, 29 Oct 1998 14:35:47 +0200 Message-ID: <19981029143547.A15193@cityip.co.za> Date: Thu, 29 Oct 1998 14:35:47 +0200 From: Johann Visagie To: security@FreeBSD.ORG Subject: Re: Connections succeed even though denied by IPFW References: <19981029122811.A14672@cityip.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.91.1i In-Reply-To: <19981029122811.A14672@cityip.co.za>; from Johann Visagie on Thu, Oct 29, 1998 at 12:28:11PM +0200 X-PGP: ftp://ftp.cityip.co.za/users/wjv/pubkey.asc Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Following up to my own posting, with a very red face: On Thu, 29 Oct 1998 at 12:28 SAT, Johann Visagie wrote: > > I have a rather strange situation here, on a 2.2.5-REL box which currently > has an uptime of over 100 days (I don't know if that might affect it in any > way). [ snip ] Problem solved. It was all due to a gross misconfiguration of IPFW rules by yours truly. Worse, this situation has persisted for some months - time to do a thorough security audit on the box in question. :-( Again, sorry to have wasted everyone's time. -- V Johann Visagie | wjv@CityIP.co.za | Tel: +27 21 419-7878 | ICQ: 20645559 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 05:42:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA23881 for freebsd-security-outgoing; Thu, 29 Oct 1998 05:42:12 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from brooklyn.slack.net (brooklyn.slack.net [206.41.21.102]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA23876 for ; Thu, 29 Oct 1998 05:42:10 -0800 (PST) (envelope-from andrewr@brooklyn.slack.net) Received: from localhost (andrewr@localhost) by brooklyn.slack.net (8.8.7/8.8.7) with SMTP id IAA01139; Thu, 29 Oct 1998 08:42:28 -0500 (EST) Date: Thu, 29 Oct 1998 08:42:28 -0500 (EST) From: andrewr To: Open Systems Networking cc: Darren Reed , andrew@squiz.co.nz, freebsd-security@FreeBSD.ORG Subject: Re: IPFW problems... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 29 Oct 1998, Open Systems Networking wrote: > On Thu, 29 Oct 1998, Darren Reed wrote: > > > > > Just install IP Filter and convert your ruleset :-) I agree.. IP Filter is solid. > Chris *whos in a pretty odd mood at 4 AM* I always thouhgt you were in a pretty odd mood? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 06:11:50 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA26087 for freebsd-security-outgoing; Thu, 29 Oct 1998 06:11:50 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from nordmail.nordnet.fr (nordmail.nordnet.fr [194.206.126.252]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA26058; Thu, 29 Oct 1998 06:11:42 -0800 (PST) (envelope-from ericd@elabs.fr) Received: from Eric (gate7-167.nordnet.fr [195.146.225.167]) by nordmail.nordnet.fr (8.9.0/8.9.0) with SMTP id PAA22145; Thu, 29 Oct 1998 15:11:32 +0100 Message-ID: <000301bdfc2b$9182bea0$3c0aa8c0@Eric.labo.lan> From: "Eric D'HEM" To: , Subject: suscribe Date: Tue, 20 Oct 1998 15:14:27 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org suscribe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 06:20:51 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA27654 for freebsd-security-outgoing; Thu, 29 Oct 1998 06:20:51 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from alecto.physics.uiuc.edu (alecto.physics.uiuc.edu [130.126.8.20]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA27649 for ; Thu, 29 Oct 1998 06:20:50 -0800 (PST) (envelope-from igor@alecto.physics.uiuc.edu) Received: (from igor@localhost) by alecto.physics.uiuc.edu (8.9.0/8.9.0) id IAA09817; Thu, 29 Oct 1998 08:20:40 -0600 (CST) From: Igor Roshchin Message-Id: <199810291420.IAA09817@alecto.physics.uiuc.edu> Subject: Re: Cause of NetBIOS-NS requests from outside In-Reply-To: <199810290542.WAA07783@harmony.village.org> from "Warner Losh" at "Oct 28, 1998 10:42:52 pm" To: imp@village.org (Warner Losh) Date: Thu, 29 Oct 1998 08:20:40 -0600 (CST) Cc: patl@phoenix.volant.org, nate@mt.sri.com, security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > In message patl@phoenix.volant.org writes: > : If it's doing a broadcast, why is the destination address the IP > : address of my server instead of one of the broadcast addresses > : for my network? Or is this Micro$oft's definition of 'broadcast'? > > Likely a badly configured client :-(. We get lots of traffic to > 204.144.255.255 from various people because of this MS misfeature. > > Warner > I don't know if this helps, but when you are setting up a new WinNT (and I assume, 95/98 does the same) - when you are setting the TCP/IP - you enter IP, host name, domain name, .. If you have, say you host 204.144.103.22, and gateway is 204.144.102.1, Windows will "suggest" (and set) the mask to be 255.255.0.0, and unless you change it to what you need (255.255.254.0 in my case) - your host might be broadcasting (I didn't check it, but it should, if the network configuration allows, and the router/switch does not filter this packets out) to 204.144.255.255. IgoR To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 08:42:47 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA14275 for freebsd-security-outgoing; Thu, 29 Oct 1998 08:42:47 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from carp.gbr.epa.gov (carp.gbr.epa.gov [204.46.159.110]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA14268 for ; Thu, 29 Oct 1998 08:42:45 -0800 (PST) (envelope-from mjenkins@carp.gbr.epa.gov) Received: (from mjenkins@localhost) by carp.gbr.epa.gov (8.8.8/8.8.8) id KAA12888; Thu, 29 Oct 1998 10:42:39 -0600 (CST) (envelope-from mjenkins) Date: Thu, 29 Oct 1998 10:42:39 -0600 (CST) From: Mike Jenkins Message-Id: <199810291642.KAA12888@carp.gbr.epa.gov> To: wjv@cityip.co.za Subject: Re: Connections succeed even though denied by IPFW Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <19981029143547.A15193@cityip.co.za> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Date: Thu, 29 Oct 1998 14:35:47 +0200 > From: Johann Visagie > > Problem solved. It was all due to a gross misconfiguration of IPFW rules by > yours truly. Worse, this situation has persisted for some months - time to > do a thorough security audit on the box in question. :-( Brings back memories of the classic packet filtering paper by Brent Chapman entitled "Network (In)Security Through IP Packet Filtering". Things have improved with packet filters but it can still be difficult to get it right. Of course, you might run a scanner (nmap) to see if your rules are working. Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 09:09:26 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA17535 for freebsd-security-outgoing; Thu, 29 Oct 1998 09:09:26 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from under.suspicion.org ([216.27.37.14]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA17530 for ; Thu, 29 Oct 1998 09:09:23 -0800 (PST) (envelope-from ventrex@UNDER.suspicion.org) Received: from UNDER.SUSPICION.ORG (x0@UNDER.SUSPICION.ORG [216.27.37.14]) by under.suspicion.org (8.9.1/8.9.1) with ESMTP id MAA05520; Thu, 29 Oct 1998 12:09:08 -0500 (EST) (envelope-from ventrex@UNDER.suspicion.org) Date: Thu, 29 Oct 1998 12:09:02 -0500 (EST) From: Thomas Stromberg To: patl@phoenix.volant.org cc: security@FreeBSD.ORG Subject: Re: Cause of NetBIOS-NS requests from outside In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org If you enable "Windows resolution through DNS" in NT (there is a similar setting in Windows95/98), every TCP access that machine ever makes sends a NetBIOS-ns (137) packet to try to find out its Windows equivalent name to store in its cache. ======================================================================== Thomas Stromberg | smtp -> thomas@stromberg.org System Administrator, RTC Inc. | http -> thomas.stromberg.org (919) 380-9771 ext. 3210 : talk -> ventrex@stromberg.org "the more we know, the less we are" . irc -> ventrex@EFnet ======================================================================== On Wed, 28 Oct 1998 patl@phoenix.volant.org wrote: > I've recently started logging more of the packets which are denied > by my filters. Since then, I've noticed occasional bursts of UDP > packets aimed at the NetBIOS-NS port (137) on my primary server. > > Is this more likely to be M$ brain-damage, or an attempted probe > by some script-kiddie? > > > > -Pat > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 09:49:38 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA21542 for freebsd-security-outgoing; Thu, 29 Oct 1998 09:49:38 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from phoenix.volant.org (phoenix.volant.org [205.179.79.193]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA21535 for ; Thu, 29 Oct 1998 09:49:34 -0800 (PST) (envelope-from patl@phoenix.volant.org) From: patl@phoenix.volant.org Received: from asimov.phoenix.volant.org ([205.179.79.65]) by phoenix.volant.org with smtp (Exim 1.92 #8) id 0zYwCP-0002WF-00; Thu, 29 Oct 1998 09:49:29 -0800 Received: from localhost by asimov.phoenix.volant.org (SMI-8.6/SMI-SVR4) id JAA13028; Thu, 29 Oct 1998 09:49:20 -0800 Date: Thu, 29 Oct 1998 09:49:19 -0800 (PST) Reply-To: patl@phoenix.volant.org Subject: Re: Cause of NetBIOS-NS requests from outside To: Thomas Stromberg cc: security@FreeBSD.ORG In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > If you enable "Windows resolution through DNS" in NT (there is a similar > setting in Windows95/98), every TCP access that machine ever makes sends a > NetBIOS-ns (137) packet to try to find out its Windows equivalent name to > store in its cache. Finally, an explanation that fits observed behavour. (The broadcast theories don't fit the packets I've actually observed; which are all directed explicitly to my primary server.) Does it still do this if the "Client for Microsoft Networks" is disabled? Thanks, -Pat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 10:03:42 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA23783 for freebsd-security-outgoing; Thu, 29 Oct 1998 10:03:42 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from poseidon.host4u.net (poseidon.host4u.net [209.150.128.23]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA23771 for ; Thu, 29 Oct 1998 10:03:35 -0800 (PST) (envelope-from no-spam@dvl-software.com) Received: from wocker (210-55-210-87.ipnets.xtra.co.nz [210.55.210.87]) by poseidon.host4u.net (8.8.5/8.8.5) with SMTP id MAA28448; Thu, 29 Oct 1998 12:03:19 -0600 Message-Id: <199810291803.MAA28448@poseidon.host4u.net> From: "System Abuse Reporter" Organization: DVL Software Limited To: Darren Reed Date: Fri, 30 Oct 1998 07:03:17 +1300 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: IPFW problems... Reply-to: no-spam@dvl-software.com CC: freebsd-security@FreeBSD.ORG In-reply-to: <199810291046.CAA07051@hub.freebsd.org> References: <199810291020.XAA05790@witch.xtra.co.nz> from "Dan Langille" at Oct 29, 98 11:20:37 pm X-mailer: Pegasus Mail for Win32 (v3.01b) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 29 Oct 98, at 21:45, Darren Reed wrote: > traceroute/UDP was fixed on the weekend last, the pc (ICMP) version may > not yet work. OK. Good! Can you guess when the other version will work? > as for ping, I've not heard any problems with this. As you should not have. I've just checked my notes and my previous message was incorrect. I did get ping working. Sorry about claiming otherwise. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 10:04:28 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA23973 for freebsd-security-outgoing; Thu, 29 Oct 1998 10:04:28 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from witch.xtra.co.nz (witch.xtra.co.nz [202.27.184.8]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA23962 for ; Thu, 29 Oct 1998 10:04:25 -0800 (PST) (envelope-from junkmale@pop3.xtra.co.nz) Received: from wocker (210-55-210-87.ipnets.xtra.co.nz [210.55.210.87]) by witch.xtra.co.nz (8.9.1/8.9.1) with SMTP id HAA15509; Fri, 30 Oct 1998 07:03:08 +1300 (NZDT) Message-Id: <199810291803.HAA15509@witch.xtra.co.nz> From: "Dan Langille" Organization: DVL Software Limited To: Darren Reed Date: Fri, 30 Oct 1998 07:03:17 +1300 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: IPFW problems... Reply-to: junkmale@xtra.co.nz CC: opsys@mail.webspan.net, freebsd-security@FreeBSD.ORG In-reply-to: <199810291048.CAA07443@hub.freebsd.org> References: from "Open Systems Networking" at Oct 29, 98 05:10:36 am X-mailer: Pegasus Mail for Win32 (v3.01b) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 29 Oct 98, at 21:45, Darren Reed wrote: > traceroute/UDP was fixed on the weekend last, the pc (ICMP) version may > not yet work. OK. Good! Can you guess when the other version will work? > as for ping, I've not heard any problems with this. As you should not have. I've just checked my notes and my previous message was incorrect. I did get ping working. Sorry about claiming otherwise. -- Dan Langille The FreeBSD Diary - my [mis]adventures http://www.FreeBSDDiary.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 10:05:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA24269 for freebsd-security-outgoing; Thu, 29 Oct 1998 10:05:15 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from witch.xtra.co.nz (witch.xtra.co.nz [202.27.184.8]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA24248 for ; Thu, 29 Oct 1998 10:05:10 -0800 (PST) (envelope-from junkmale@pop3.xtra.co.nz) Received: from wocker (210-55-210-87.ipnets.xtra.co.nz [210.55.210.87]) by witch.xtra.co.nz (8.9.1/8.9.1) with SMTP id HAA15512; Fri, 30 Oct 1998 07:03:08 +1300 (NZDT) Message-Id: <199810291803.HAA15512@witch.xtra.co.nz> From: "Dan Langille" Organization: DVL Software Limited To: Open Systems Networking Date: Fri, 30 Oct 1998 07:03:17 +1300 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: IPFW problems... Reply-to: junkmale@xtra.co.nz CC: freebsd-security@FreeBSD.ORG References: <199810291000.FAA24396@mail.webspan.net> In-reply-to: X-mailer: Pegasus Mail for Win32 (v3.01b) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 29 Oct 98, at 5:10, Open Systems Networking wrote: > Darren If I had a dime everytime you have said this the above :-) > While going through the mail archives youll see darren reply to posts > about problems with ipfw and him declaring that ipfw is junk and to > install ipfilter and your problems go away. :-) Darren you really know how > to advocate a peice of code you should be our mascot for advocacy. Well, that's what prompted me to try IP Filter. > I will > try ipfilter for another firewall box im setting up. I like alot of the > cool stuff, proxy support etc.. Although I think ipfw does that not to > unless im mistaken, but there is no harm in trying them both. So ill give > ipfilter a shot next time around. If you do, maybe http://www.freebsddiary.com/freebsd/ipfilter.htm will help. If it does, good! If it doesn't, please tell me where it misled you or whatever. cheers. -- Dan Langille The FreeBSD Diary - my [mis]adventures http://www.FreeBSDDiary.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 10:08:25 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA25124 for freebsd-security-outgoing; Thu, 29 Oct 1998 10:08:25 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from witch.xtra.co.nz (witch.xtra.co.nz [202.27.184.8]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA25117 for ; Thu, 29 Oct 1998 10:08:22 -0800 (PST) (envelope-from junkmale@pop3.xtra.co.nz) Received: from wocker (210-55-210-87.ipnets.xtra.co.nz [210.55.210.87]) by witch.xtra.co.nz (8.9.1/8.9.1) with SMTP id HAA15796; Fri, 30 Oct 1998 07:07:49 +1300 (NZDT) Message-Id: <199810291807.HAA15796@witch.xtra.co.nz> From: "Dan Langille" Organization: DVL Software Limited To: Mike Jenkins Date: Fri, 30 Oct 1998 07:07:59 +1300 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: Connections succeed even though denied by IPFW Reply-to: junkmale@xtra.co.nz CC: freebsd-security@FreeBSD.ORG In-reply-to: <199810291642.KAA12888@carp.gbr.epa.gov> References: <19981029143547.A15193@cityip.co.za> X-mailer: Pegasus Mail for Win32 (v3.01b) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 29 Oct 98, at 10:42, Mike Jenkins wrote: > Brings back memories of the classic packet filtering paper by Brent > Chapman entitled "Network (In)Security Through IP Packet Filtering". > Things have improved with packet filters but it can still be difficult to > get it right. Of course, you might run a scanner (nmap) to see if your > rules are working. Is it correct to assume that firewall proxies are not suspectible the same problem? I don't think so. That's why I'm curious as to why Chapman mentions packet filtering, not proxies. -- Dan Langille The FreeBSD Diary - my [mis]adventures http://www.FreeBSDDiary.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 11:13:25 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA05106 for freebsd-security-outgoing; Thu, 29 Oct 1998 11:13:25 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from whistle.com (s205m131.whistle.com [207.76.205.131]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA05099; Thu, 29 Oct 1998 11:13:23 -0800 (PST) (envelope-from archie@whistle.com) Received: (from smap@localhost) by whistle.com (8.7.5/8.6.12) id LAA22847; Thu, 29 Oct 1998 11:13:18 -0800 (PST) Received: from bubba.whistle.com(207.76.205.7) by whistle.com via smap (V1.3) id sma022843; Thu Oct 29 11:13:15 1998 Received: (from archie@localhost) by bubba.whistle.com (8.8.7/8.6.12) id LAA26982; Thu, 29 Oct 1998 11:13:15 -0800 (PST) From: Archie Cobbs Message-Id: <199810291913.LAA26982@bubba.whistle.com> Subject: Re: getpwnam() problem? In-Reply-To: <199810281914.MAA07942@kitsune.swcp.com> from Brendan Conoboy at "Oct 28, 98 12:14:20 pm" To: synk@swcp.com (Brendan Conoboy) Date: Thu, 29 Oct 1998 11:13:15 -0800 (PST) Cc: freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL38 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Brendan Conoboy writes: > A couple weeks ago I filled out a little bug report with the GNATS > form, but it's received no attention (maybe I should have marked it as > critical?). Anyway, since it may well be security related, I wanted to > point it out here. The condensed version is that if getpwnam() is > given a very large string (say a few thousand characters) it will > sigsegv or sigbus. This is true for 2.2.7-stable (as of a few weeks > ago) and 3.0-release. Perhaps it's nothing, perhaps it's something, > but it certainly doesn't happen on a whole slew of other OSes. The > problem report is at: > > http://www.freebsd.org/cgi/query-pr.cgi?pr=8176 I've located the bug and supplied a patch in a followup... Very simple bug, someone please commit in 2.2 and 3.0. Thanks, -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 11:42:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA11161 for freebsd-security-outgoing; Thu, 29 Oct 1998 11:42:20 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from carp.gbr.epa.gov (carp.gbr.epa.gov [204.46.159.110]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA11134 for ; Thu, 29 Oct 1998 11:42:14 -0800 (PST) (envelope-from mjenkins@carp.gbr.epa.gov) Received: (from mjenkins@localhost) by carp.gbr.epa.gov (8.8.8/8.8.8) id NAA13229; Thu, 29 Oct 1998 13:42:05 -0600 (CST) (envelope-from mjenkins) Date: Thu, 29 Oct 1998 13:42:05 -0600 (CST) From: Mike Jenkins Message-Id: <199810291942.NAA13229@carp.gbr.epa.gov> To: junkmale@xtra.co.nz Subject: Re: Connections succeed even though denied by IPFW Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <199810291807.HAA15796@witch.xtra.co.nz> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > From: "Dan Langille" > Date: Fri, 30 Oct 1998 07:07:59 +1300 > > Is it correct to assume that firewall proxies are not suspectible the same > problem? I don't think so. That's why I'm curious as to why Chapman > mentions packet filtering, not proxies. Chapman's paper was about using packet filters for network security and was not about firewalls. It may have been sort of pre-firewall days (1992). See the Firewall FAQ (http://www.interhack.net/pubs/fwfaq/) for more info on firewalls. Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 12:03:16 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA13490 for freebsd-security-outgoing; Thu, 29 Oct 1998 12:03:16 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from Raccoon.ChipChat.com (Raccoon.ChipChat.com [206.2.228.130]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA13485 for ; Thu, 29 Oct 1998 12:03:14 -0800 (PST) (envelope-from mrc@ChipChat.com) Received: from Piman-Orange.ChipChat.com (Piman-Orange.ChipChat.com [206.2.228.146]) by Raccoon.ChipChat.com (8.9.1/8.9.1) with SMTP id UAA28353; Thu, 29 Oct 1998 20:02:11 GMT Date: Thu, 29 Oct 1998 20:02:11 +0000 (GMT) From: Marty Cawthon To: patl@phoenix.volant.org cc: security@FreeBSD.ORG Subject: Re: Cause of NetBIOS-NS requests from outside In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 29 Oct 1998 patl@phoenix.volant.org wrote: > > If you enable "Windows resolution through DNS" in NT (there is a similar > > setting in Windows95/98), every TCP access that machine ever makes sends a > > NetBIOS-ns (137) packet to try to find out its Windows equivalent name to > > store in its cache. > > Finally, an explanation that fits observed behavour. (The broadcast > theories don't fit the packets I've actually observed; which are all > directed explicitly to my primary server.) I run an OS/2 Warp Server Network, a derivative of LAN Manager, and so common ancestry with Microsoft Networks. This network uses NetBIOS and "NetBIOS over TCP/IP" (TCPBeui). The TCPBeui sounds to be the same as that described above and in related messages. To get the TCPBeui to work properly it was required to add the Warp-Server IP addresses to a "Broadcast" list. At first I setup the network with true IP subnet broadcast addresses in that file. When I had trouble, IBM support advised me to specifically add the Warp-Server IP addresses to the Broadcast list. This resulted in the TCPBeui network functioning properly. I don't understand the details of why/how, but submit this information in response to the "broadcast theories/explicit server address" comment above. It may be that the true story about the behavior you see may include "specific destination addresses in a broadcast list". Marty Cawthon ChipChat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 12:10:21 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA14658 for freebsd-security-outgoing; Thu, 29 Oct 1998 12:10:21 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from phoenix.volant.org (phoenix.volant.org [205.179.79.193]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA14652 for ; Thu, 29 Oct 1998 12:10:18 -0800 (PST) (envelope-from patl@phoenix.volant.org) From: patl@phoenix.volant.org Received: from asimov.phoenix.volant.org ([205.179.79.65]) by phoenix.volant.org with smtp (Exim 1.92 #8) id 0zYyOd-0003hD-00; Thu, 29 Oct 1998 12:10:15 -0800 Received: from localhost by asimov.phoenix.volant.org (SMI-8.6/SMI-SVR4) id MAA13072; Thu, 29 Oct 1998 12:10:11 -0800 Date: Thu, 29 Oct 1998 12:10:11 -0800 (PST) Reply-To: patl@phoenix.volant.org Subject: Re: Cause of NetBIOS-NS requests from outside To: Marty Cawthon cc: security@FreeBSD.ORG In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I run an OS/2 Warp Server Network, a derivative of LAN Manager, and so > common ancestry with Microsoft Networks. This network uses NetBIOS > and "NetBIOS over TCP/IP" (TCPBeui). The TCPBeui sounds to be the same > as that described above and in related messages. > > To get the TCPBeui to work properly it was required to add the > Warp-Server IP addresses to a "Broadcast" list. At first I setup the > network with true IP subnet broadcast addresses in that file. > > When I had trouble, IBM support advised me to specifically add the > Warp-Server IP addresses to the Broadcast list. This resulted in the > TCPBeui network functioning properly. > > I don't understand the details of why/how, but submit this information > in response to the "broadcast theories/explicit server address" comment > above. It may be that the true story about the behavior you see may > include "specific destination addresses in a broadcast list". Not likely in this case, since my server is a FreeBSD box that has never offered any NetBIOS services; and the packets in question are coming from outside my network. (I.e., There is absolutely no legitimate reason why the machine sending the packets should have been configured with my server's IP address listed as -any- server.) I think it is much more likely that they are doing a DNS resolution from my DNS server; and then attempting to obtain a 'Windows' name for the host via NetBIOS-NS, also from my DNS server. -Pat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 14:50:08 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA05645 for freebsd-security-outgoing; Thu, 29 Oct 1998 14:50:08 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from banshee.cs.uow.edu.au (banshee.cs.uow.edu.au [130.130.188.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA05528 for ; Thu, 29 Oct 1998 14:49:53 -0800 (PST) (envelope-from ncb05@banshee.cs.uow.edu.au) Received: (from ncb05@localhost) by banshee.cs.uow.edu.au (8.9.1a/8.9.1) id JAA05604; Fri, 30 Oct 1998 09:49:36 +1100 (EST) Date: Fri, 30 Oct 1998 09:49:36 +1100 (EST) From: Nicholas Charles Brawn X-Sender: ncb05@banshee.cs.uow.edu.au To: Mike Jenkins cc: freebsd-security@FreeBSD.ORG Subject: Re: Connections succeed even though denied by IPFW In-Reply-To: <199810291642.KAA12888@carp.gbr.epa.gov> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 29 Oct 1998, Mike Jenkins wrote: : Brings back memories of the classic packet filtering paper by Brent : Chapman entitled "Network (In)Security Through IP Packet Filtering". : Things have improved with packet filters but it can still be difficult : to get it right. Of course, you might run a scanner (nmap) to see if : your rules are working. : : Mike Anyone know where I could get a copy of that paper? Sounds like a worthwhile read. Nick -- Email: ncb05@uow.edu.au - http://rabble.uow.edu.au/~nick Key fingerprint = DE 30 33 D3 16 91 C8 8D A7 F8 70 03 B7 77 1A 2A To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 15:22:38 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA10978 for freebsd-security-outgoing; Thu, 29 Oct 1998 15:18:34 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from dingo.cdrom.com (dingo.cdrom.com [204.216.28.145]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA10950; Thu, 29 Oct 1998 15:18:26 -0800 (PST) (envelope-from mike@dingo.cdrom.com) Received: from dingo.cdrom.com (localhost.cdrom.com [127.0.0.1]) by dingo.cdrom.com (8.9.1/8.8.8) with ESMTP id PAA00654; Thu, 29 Oct 1998 15:18:11 -0800 (PST) (envelope-from mike@dingo.cdrom.com) Message-Id: <199810292318.PAA00654@dingo.cdrom.com> X-Mailer: exmh version 2.0.2 2/24/98 To: Archie Cobbs cc: synk@swcp.com (Brendan Conoboy), freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: getpwnam() problem? In-reply-to: Your message of "Thu, 29 Oct 1998 11:13:15 PST." <199810291913.LAA26982@bubba.whistle.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 29 Oct 1998 15:18:11 -0800 From: Mike Smith Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > http://www.freebsd.org/cgi/query-pr.cgi?pr=8176 > > I've located the bug and supplied a patch in a followup... > Very simple bug, someone please commit in 2.2 and 3.0. Done. -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 16:25:16 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA20805 for freebsd-security-outgoing; Thu, 29 Oct 1998 16:25:16 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from gatekeeper.iserver.com (gatekeeper.iserver.com [206.107.170.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA20774; Thu, 29 Oct 1998 16:25:10 -0800 (PST) (envelope-from hart@iserver.com) Received: by gatekeeper.iserver.com; Thu, 29 Oct 1998 17:25:05 -0700 (MST) Received: from unknown(192.168.1.109) by gatekeeper.iserver.com via smap (V3.1.1) id xma019844; Thu, 29 Oct 98 17:24:37 -0700 Received: (hart@localhost) by anchovy.orem.iserver.com (8.8.8) id RAA07147; Thu, 29 Oct 1998 17:23:57 -0700 (MST) Date: Thu, 29 Oct 1998 17:23:57 -0700 (MST) From: Paul Hart X-Sender: hart@anchovy.orem.iserver.com To: Archie Cobbs cc: Brendan Conoboy , freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: getpwnam() problem? In-Reply-To: <199810291913.LAA26982@bubba.whistle.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 29 Oct 1998, Archie Cobbs wrote: > Brendan Conoboy writes: > > > A couple weeks ago I filled out a little bug report with the GNATS > > form, but it's received no attention (maybe I should have marked it as > > critical?). Anyway, since it may well be security related, I wanted to > > point it out here. The condensed version is that if getpwnam() is > > given a very large string (say a few thousand characters) it will > > sigsegv or sigbus. This is true for 2.2.7-stable (as of a few weeks > > ago) and 3.0-release. Perhaps it's nothing, perhaps it's something, > > but it certainly doesn't happen on a whole slew of other OSes. The > > problem report is at: > > > > http://www.freebsd.org/cgi/query-pr.cgi?pr=8176 > > I've located the bug and supplied a patch in a followup... > Very simple bug, someone please commit in 2.2 and 3.0. I'm running 2.2.7-RELEASE and the How-To-Repeat section in the PR above lists: #include #include #include char zeename[] = "AVeryLongStringGoesHere"; struct passwd *gunk; main() { gunk = getpwnam(zeename); } as sample code to exercise the bug in getpwnam(). However, it seems to have no affect. No SIGBUS or SIGSEGV that I can see. The patch in the PR for /usr/src/lib/libc/gen/getpwent.c shows that I have (presumably) vulnerable code at the diff location, but I don't seem to be experiencing problems with it. Has anyone else noticed these symptoms? Paul Hart -- Paul Robert Hart ><8> ><8> ><8> Verio Web Hosting, Inc. hart@iserver.com ><8> ><8> ><8> http://www.iserver.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 17:06:04 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA27018 for freebsd-security-outgoing; Thu, 29 Oct 1998 17:06:04 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from whistle.com (s205m131.whistle.com [207.76.205.131]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA27009; Thu, 29 Oct 1998 17:06:01 -0800 (PST) (envelope-from archie@whistle.com) Received: (from smap@localhost) by whistle.com (8.7.5/8.6.12) id RAA27680; Thu, 29 Oct 1998 17:05:58 -0800 (PST) Received: from bubba.whistle.com(207.76.205.7) by whistle.com via smap (V1.3) id sma027677; Thu Oct 29 17:05:48 1998 Received: (from archie@localhost) by bubba.whistle.com (8.8.7/8.6.12) id RAA09541; Thu, 29 Oct 1998 17:05:48 -0800 (PST) From: Archie Cobbs Message-Id: <199810300105.RAA09541@bubba.whistle.com> Subject: Re: getpwnam() problem? In-Reply-To: from Paul Hart at "Oct 29, 98 05:23:57 pm" To: hart@iserver.com (Paul Hart) Date: Thu, 29 Oct 1998 17:05:48 -0800 (PST) Cc: archie@whistle.com, synk@swcp.com, freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL38 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Paul Hart writes: > > > http://www.freebsd.org/cgi/query-pr.cgi?pr=8176 > > > > I've located the bug and supplied a patch in a followup... > > Very simple bug, someone please commit in 2.2 and 3.0. > > I'm running 2.2.7-RELEASE and the How-To-Repeat section in the PR above > lists: > > #include > #include > #include > > char zeename[] = "AVeryLongStringGoesHere"; > struct passwd *gunk; > > main() > { > gunk = getpwnam(zeename); > } > > as sample code to exercise the bug in getpwnam(). However, it seems to > have no affect. No SIGBUS or SIGSEGV that I can see. The patch in the PR > for /usr/src/lib/libc/gen/getpwent.c shows that I have (presumably) > vulnerable code at the diff location, but I don't seem to be experiencing > problems with it. Has anyone else noticed these symptoms? The sample program doesn't cause the bug. Try replacing "zeename" with a string of 12000 characters.. then you'll see it. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Oct 29 17:44:27 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA02570 for freebsd-security-outgoing; Thu, 29 Oct 1998 17:44:27 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from matrix.42.org (matrix.42.org [194.246.250.200]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA02560 for ; Thu, 29 Oct 1998 17:44:15 -0800 (PST) (envelope-from sec@42.org) Received: (from sec@localhost) by matrix.42.org (8.8.8/8.8.5) id CAA02270 for freebsd-security@freebsd.org (sender ); Fri, 30 Oct 1998 02:44:04 +0100 (CET) Date: Fri, 30 Oct 1998 02:44:04 +0100 From: Stefan `Sec` Zehl To: freebsd-security@FreeBSD.ORG Subject: Re: IPFW problems... Message-ID: <19981030024404.A2255@matrix.42.org> X-Current-Backlog: 354 messages References: <199810291020.XAA05790@witch.xtra.co.nz> <199810291046.CAA07051@hub.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.94.10i In-Reply-To: <199810291046.CAA07051@hub.freebsd.org>; from Darren Reed on Thu, Oct 29, 1998 at 12:25:55PM +0100 I-love-doing-this: really Accept-Languages: de, en X-URL: http://sec.42.org/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Oct 29, 1998 at 12:25:55PM +0100, Darren Reed wrote: > > > Just install IP Filter and convert your ruleset :-) > traceroute/UDP was fixed on the weekend last, the pc (ICMP) version may > not yet work. That's nice to hear. As I'm already using ipfilter (and am happy with it so far) I read lugi's announcement for the dummynet code, and wonder if you plan something like this in ipfilter, too ? CU, Sec -- I didn't say we *can't* do it. In fact we can. We also can calculate digits of sqrt(2) in the background, drive space shuttles, or have an AI algorithm write poems in Swahili while inside the pager. -- daia@stoilow.imar.ro To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Oct 30 01:26:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA09149 for freebsd-security-outgoing; Fri, 30 Oct 1998 01:26:37 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from matrix.42.org (matrix.42.org [194.246.250.200]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA09144 for ; Fri, 30 Oct 1998 01:26:32 -0800 (PST) (envelope-from sec@42.org) Received: (from sec@localhost) by matrix.42.org (8.8.8/8.8.5) id KAA07279 for freebsd-security@freebsd.org (sender ); Fri, 30 Oct 1998 10:26:26 +0100 (CET) Date: Fri, 30 Oct 1998 10:26:25 +0100 From: Stefan `Sec` Zehl To: freebsd-security@FreeBSD.ORG Subject: Re: Cause of NetBIOS-NS requests from outside Message-ID: <19981030102625.B2255@matrix.42.org> X-Current-Backlog: 355 messages References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.94.10i In-Reply-To: ; from Thomas Stromberg on Thu, Oct 29, 1998 at 06:44:30PM +0100 I-love-doing-this: really Accept-Languages: de, en X-URL: http://sec.42.org/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Oct 29, 1998 at 06:44:30PM +0100, Thomas Stromberg wrote: > If you enable "Windows resolution through DNS" in NT (there is a similar > setting in Windows95/98), every TCP access that machine ever makes sends a > NetBIOS-ns (137) packet to try to find out its Windows equivalent name to > store in its cache. Has anybody tried to reply to this packets with an equivalent of 'FIX-YOUR-SETUP' as name ? CU, Sec -- Wunder von Microsoft I: Ich habe mal eine Testmaschine nach einer Neuinstallation rebootet. Sie blieb aber mit "No processors found" stehen. -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Oct 30 04:07:56 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA26840 for freebsd-security-outgoing; Fri, 30 Oct 1998 04:07:56 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from hosting.doublesquare.com (hosting.doublesquare.com [195.5.128.151]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA26832 for ; Fri, 30 Oct 1998 04:07:52 -0800 (PST) (envelope-from ark@eltex.ru) From: ark@eltex.ru Received: from eltex.ru (eltex-spiiras.nw.ru [195.19.204.46] (may be forged)) by hosting.doublesquare.com (8.8.8/8.8.8) with ESMTP id PAA01081; Fri, 30 Oct 1998 15:06:49 +0300 (MSK) Received: from border.eltex.spb.ru (root@border.eltex.ru [195.19.198.2]) by eltex.ru (8.8.8/8.8.8) with SMTP id PAA02280; Fri, 30 Oct 1998 15:08:12 +0300 (MSK) Received: by border.eltex.spb.ru (ssmtp TIS-0.5alpha, 19 Oct 1998); Fri, 30 Oct 1998 15:07:29 +0300 Received: from undisclosed-intranet-sender id xma001833; Fri, 30 Oct 98 15:07:01 +0300 Date: Fri, 30 Oct 1998 15:05:37 +0300 Message-Id: <199810301205.PAA08404@paranoid.eltex.spb.ru> In-Reply-To: <19981030102625.B2255@matrix.42.org> from "Stefan `Sec` Zehl " Organization: "Klingon Imperial Intelligence Service" Subject: Re: Cause of NetBIOS-NS requests from outside To: sec@42.org Cc: freebsd-security@FreeBSD.ORG Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- nuqneH, I am not very familliar with netbios protocol, could you please write an sample program to do this ;)? Stefan `Sec` Zehl said : > On Thu, Oct 29, 1998 at 06:44:30PM +0100, Thomas Stromberg wrote: > > If you enable "Windows resolution through DNS" in NT (there is a similar > > setting in Windows95/98), every TCP access that machine ever makes sends a > > NetBIOS-ns (137) packet to try to find out its Windows equivalent name to > > store in its cache. > > Has anybody tried to reply to this packets with an equivalent of > 'FIX-YOUR-SETUP' as name ? > > CU, > Sec > -- > Wunder von Microsoft I: > Ich habe mal eine Testmaschine nach einer Neuinstallation rebootet. Sie > blieb aber mit "No processors found" stehen. -- > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > _ _ _ _ _ _ _ {::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_ (##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_| [||] [||] [||] Do i believe in Bible? Hell,man,i've seen one! -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBNjmrjqH/mIJW9LeBAQEojwP+OUKtxq2ja6iETlC+xCnCWqMtoe7AYpii T9ovWdVRgNdhn2a2ceuwD/6ue6YifMz7b4jthHGK1sr/hU/HZNrbvzYGCyg+aJ4p R4ZI2IUz2bnGStxRrYrNoMq8oEO1n2n7e+xyavhRfT/4rXbLNOE7hf2JcWonwWLs mheKAIXDL64= =th7c -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Oct 30 04:44:36 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA01527 for freebsd-security-outgoing; Fri, 30 Oct 1998 04:44:36 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from blackstar.krsu.edu.kg (blackstar.krsu.edu.kg [195.254.160.163]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA01443 for ; Fri, 30 Oct 1998 04:43:59 -0800 (PST) (envelope-from fygrave@blackstar.krsu.edu.kg) Received: from localhost (fygrave@localhost) by blackstar.krsu.edu.kg (8.9.1a/8.9.1) with SMTP id RAA00446; Fri, 30 Oct 1998 17:50:35 +0500 (KGT) Date: Fri, 30 Oct 1998 17:50:34 +0500 (KGT) From: CyberPsychotic Reply-To: fygrave@tigerteam.net To: freebsd-security@FreeBSD.ORG cc: ark@eltex.ru Message-ID: Confirm-receipt-to: fygrave@usa.net MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-162764713-909751834=:440" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --0-162764713-909751834=:440 Content-Type: TEXT/PLAIN; charset=US-ASCII Here I was playing around with the similar thing. I guess you could use this for the sample. --0-162764713-909751834=:440 Content-Type: APPLICATION/octet-stream; name="tellme.tar.gz" Content-ID: Content-Description: Content-Transfer-Encoding: BASE64 H4sIAMVn4jUAA+w8C3Bc1XV3JTlIi0CysfEHE1/k365Yr3ZlSbZli8herWzV +qHV2hBjNk9v3+q99eo99X0kiyDHZC2CulajdJwOTUkHGtphOknLUCZNiCex sYsx48lQ2kkJeBhCSbqAJ0OJmxJw2Z5z3327kmxjOo1NJ9kzenvu55xzzz33 3vPuezr3mVIqVUeuLtCGwIbGRkooQmAO5hna1Lgh0NC0vmlDkNJgILh+A6GN V1kvBpZhCjqlRNc08+PoRmVJSl0Lha4tmDj+XcI+KaGkpKvURjAQaGpouPz4 NzZusMc/uKGxfv16GP9gU2MjoYGrpM8s+D0f/5V0u6RKumBKcSpYpjYkmIoo pFJjNKFrQ9SZGX5FpQNjVNTUhDJo6ZLfHQq1DIqiu7NjW6TF3dEd6d/a2dlS Zxl63YCi1ikqmDWVoutEd8+2P4i04DQbkvya2w2lzdTOusWUJKjN7gp9iNb6 NV4KjeiSmwuAylUeLt3rELBWUhqoydriwuKKYV5eIFfdD1JNy3ByoiDK+aqU Nugk5XzH3X6N6RAKeaEzFBLtnVu3R7x0VSt1u+0GmqEYe+nNE+ab5hWA0VBe 96c93BfBrPUPo3w12rjS+ge3X1j/QfAFwfr6pkBx/V8LgGXcGgq12uu4FX9b 86u5lSdai2v4//Ua/r8AW/+Oxa5SG1dY/8H6xqYZ9/9G+/5fX1z/1wLqavPr xU8vuxeYdeuntLbODXwrLTUuJeiOrbvCsS5Y2z2h2A6sWgmliirZFZH+vo7u 7RGoCc6puDsS6+/oCl9cE+3uiPS3XZojEu4Mh/pZ3ZxKVnERS09oZxhLZ+i7 u6evLRLb1rE93N3WsbUbNXavVBKXqMrLisXCnbHOnu7tnv1e6gEAdMcdtL7B S9fQwP4Ag/Z2L72f3uOml4I8z8YCS3t7IOClV+LZsqXAgxyfkMfRzWYBJq97 pZQypMv0aT9Wq3ElwWxRGFfbrFCn65pOu2CxUFkYkehaQ0pJormWJixVNBVN paZGRzV9n48amq6P3eaImy2NDcelpGniPukTSPu0V8vvHszy/5/O/i8YXM+e /5vWN9Q3NKxvYPu/hqai/78WcCkn7p5ZmHfgs0vz3ntWseO6L6J1/LZ7dg33 LtZFLsJ9aWdd9NRFT12E3ybM8P+4t7sqN4Ar+f9AYz33/0DZEGBPBPXri/7/ WkBcTdFeXRMlw6CmrBgUH5jpqGLK7BEAZwYu8WFdi1uiRIXCcwA1RF0ZNv3u raFYR3dHv2dAs1Rlv1/0Ykmop7u9Y3tsR3hrW7jP42wwvG43NhiSJXEfNAWu BQQP6sKQwcT09vVsj4VC+SR/aXARU0oZ0AVdkWyu0I5waGcMns09qpHyDQmK 6p1dbPssXjNXliwJcUln3bbF2SrDfa8tVBBjF0Y8Q/A4pIl+mRqmrqiDBqbG jDpTGZIgCf03zDgvs/3upfpsjg1L4GkNH0qxRBOMCWlBjYNxh4ZBEZ2KsqAL oinpIFAReT9n3O9YFmwc6Z+hMt6QL2OrsbzDnmmz9mh3KOKxFaW2lUBbqO6J 9vdG+z3OCxQodBc9+u8kMP9vv+i6am2AV/+Y//+tD9Y3NOb//xdswv//BSFV 9P/XAs6QBw8SColqOy+7CKHVhfro5M/T58p2Raassql7y6Z2lacPlBHTPZ0p ST9bNnHM+q9NN42Wpp+9MLnokSZC0puJeVum9FtlQUIObiTmoumDG+usiqkd rskbsKwVCq1zp8IXCIxtJnxh4pg5L3scmsk1Insk15Td8xlCerM/XUHItP2O WBmQ9ktiXSruNzQS0qxUXF1rUm1YUinxu0m7oKTwbqSDHwePTBmdm2wT4nRI GFTEZqckJKiqZkLhsF1CPaa0H/zdJSrigilcsmLAMKDcziSgYSlOmilxO3Zq 2xVJkiSRHwEDJudltTJCJsNvpk9Wp9/PWZ9L3ij/HVaUJMuy/VCVXGATYr4N 8umTNFki/9ApCiKJK+nKeljdkiSdih7ty1lvJkuzi1gRiF0xujx5s3zc4fnv Us5zvpTxZKJHH3zv+AvVD76XeOCD613mqsQD40fPEHN5cr78ssP0vMP0I5vp VPj1HEDVP0SPIhP4iKbv41T4Af488MEZ+DVvmSvZ/X3qkEy+MPnTd26Ynp5+ BicVY72zL0lQ85LkvJx1DCz0j1CY7SlF+5xNn1yF9lmeXCK/7ejU4Oh0u63T DGVquQo1c1WYP6vgDLF2ZrqOzWD0ccblcxmvn/raCmj4nfmg89TXclWQ/Axg mIIPvEHezeXe2TI9PVvU6snnubCFc4WVTm2lk8++U8FkoQGCp53eL0iW5qyT mejZ0uixPtsEnSXYvXz/S+c7/S9x+s8IlqTHnyfmTpxcKOp1eQEaCqQ9n4ke K42eLI2e5QI/dM0QuFhe7gj8NxcX+IqLD3KWrUG2bCejsCbf/Uo15nGZTkbP nwq/j5MTlypAxjqbfo5O7T0bSZblfvKt+4EmE4U1bwZRWHm6BUtyVROPAu3E S9bSCOjGyRZVQjNzKa37kpVyg6Pbdpc9m1uQiJjbMow601eZe2nyxMSrZhCW xVaHeBkQT74C5AfB11w3ve1gM7E+8L7SF2G1qC3UJV1ym8PwFuE9f53YpmQq kAM32s3k9OqseAshU9LTe+49fQLXMddj4WOs3qrMWeUZknvx9AkY0+CxWTTV nKY801rGKL6HS+f0CfQHmWglJ7PmIdu03bLrSzcxpj7GVc7lcjlldulCLI1I +ogCe25LFUbA1wgDGKAxo+1KxpNprUTi7/35IkJOn7j7rju/gQN2HblTd51g ypyY5e+jhjAoNdPVBjjMIc2UYqOKOiSIMr5o2KNaQwOSHtMSsWEBN4PGXje/ B4BW8rvQQnbHMmzGig8TVTIHFM1YpxpEFNAlwy5WS41IXDCVNcNUBdhWSLq+ zt5cgq8EUpMOKLDXjbb10oIMOqzpZjMxoFEg1YZNyl49NJMIvk8Av841ooZy nxTfs1rZi8S4cUWsxk2tmfiJW5dESRmR4py82b1unZusFgnD3E8/cO4gJHbv imT2lmesyux4Kc7zh2FekefC0yT9oetL8+FG9BmwHcyanqVwJ5qeTn9YcmBl bqQ8e2opOq2H0yfh7sfoXvuI0a216eSmm+Em2gw/2a8j5YlkdZJMhd/tzR5Y ivL/oySRCZUnJsPv5UbKsgOMBCblxKvWfDmMXFVLcbpmX15CcLGXJEuyjUh0 Kn2yciI3vlAWkejtJYzo75ewNpPV2MDubNlSnOCVE8fGl8rDSHYC6ndnv2kT P8iIT4WfwCFNlk+Fn+iV0RByLodUP1qCzAvRcSyWv4rcE4w7ZnPvAJQzKqfC 53szoepcIPsVLK+XH0PK9UvQgrj4AT1uoyOELTfwjw9vih6pmvoy2Pfg+DSp mtgPqamuFye7Dk9Fn5yMPjT5m+NvzZvsOjT5fvr1Fc/gMEwe/+c3JqMHkzRn Hc7ejA1B6qFs5RJ0OwczXYcq+qdehOvJqfCjvegQHwLCqe2u3uzPFufd3+p0 y6Pg28qqDr2HvTyKij61GLt0eDHrkgVo2pY3AbLMmG3HJHZrYRAJM4ttj/F+ vXm7fBIF/CErKbNFb7BuADG7oOitw9DENGRuQ5nyGST9LCTlc42Q8jGm8nxT L5riVPiRXrsxmcC9XD7E2vsQ+Cafw+nw6wOt8o9RysvwE3wVmtz0q/FbYayr vptG2l75Tax95mYmObTpV/f/Qv53LHkCfj4KTwNDLnwk0/Xwpq4j425m90Pf gYm6O4tDK59D0nEUfWzqr0yY6HvujZ0+wdd65AcPgdbpFvwl5o1w7ytNnwDv Bps763xm7wVGiHSPHUY6MPXS4LF0y7RDPt2a3jLBctZ/Mv9dBWWZsm8ide7F ndZ5uRqcSPaX4E5sacynHWSOsurUPEzgJMj+me1JZ4MKdxO4MftGANcAPgD4 BsAPAl4N+I8Bg3TfnwJeC/gINAre/fBfQB6Wh++vAcOdwfe3gBcA/i7gmwD/ EDDsYHzPAYYB8f0YcDngnwAG/+B7LcC2yL5fAF4O+JeAYVh9vwa8EPBHgFcC Ludb6QrC9GIX0BGYuqgfymJ+CK8b4YLbO6mEC4yBclnPQR7qQK6Hax5h+hLY FZMq5thtuJ5j5F3GZd3EaW7hOizgvEt4ehGnIbyNm2fYFdNLua638vRaLvs2 LvOzXEfKaVbwslU8XcPrVnKeNbzMy8sIp63ltvBwGsLbIryMcB7CaR1gfecP hWg/tDEuBsL7PQ+MWb3IzmM/XJD/F05/K8+fDBT0uA6MHef8TZy/gfN/juef 5PkdnP8M5+932ltm5wcdfXjQ6gjPH+b5CU6/kdM/zOXdz+U9yvUp4/p8m9M7 z2JPcfqznP4Znn+c55/l+W/z/As8/zTPv8Tz53n+Z1z+Kj4Jsrz9ft7+bzj9 OU7vctn1C3l9ucuuf4TXV/H8YZ5f6iJ5QNoVvP5NXu932XP7ArXzjS7bXrgd RbiD06c4fTvPH+X5Lk7/KKfv5/Umr/88z1/g+S+47P6+y/ub4PWHeP0Qr7+L j7fJ64/w+vtd9vwzef/TvP3HefsPcf5DfHxjsba7u7d2dYRIbMBKkFg8hU+s kIGtD/yK2vAY0Ej7FTMWt4aGxmJxSUwhmZjSDAkTbP9DYoUdEdDH4lpsMKUN CKkY7Hh0A4va+nv6Yp0dkf5YDLOh2dkCg2gzDOuKaiawCl+9sg0avgEB6fYe DSjyLeO2CjFus0hsEDSBLenAGGOKWbiTnN0HXQLBQ9KQgWJ03IIBd0qShiEn iSMYUYoNG+1MGG4QHWESPosDUkcUXQMzCSaKBUPdJ+mgAmikImJlgqkp0Iyg AF3eWsYYiE4kUpYhAx0+wKO0ODbHKN+ntm8tJfbEFEkRilCEIhShCEUoQhGK UIQiFKEIvz/A3lcGCPF8gmCLLLXxF4A2DteTywjpvYWQJ5bb5fhO7i78xz0+ YlP7nRa+r5t+64Mc/pNhOvsex28DdgF+A3AJ4FcAlwJ+CXAZ4BcAzwP8LODr AD8DuBzwU4ArAP8NYDfgvwR8PeBvAK4E/CeAbwD8R4BvBPxl/D824PsAVwPW Ac8HnAS8APAA4JvI/uCcjuJLWv7+ioZ2bv1YwFedrtns8bnyilCEIhShCEUo QhGKUIQiFKEIRfiUAeOMMLYIn9MxhsiJqcE4ISeeBmN/nFiZdaQQJ+PEzGCM jBMvg/EwfaQQCyOQQhzMMCnEwKRJId7lq6QQ6/J1UohLeYQUYlK+QwrxJ0/z NMZ2YRyME0dynBRiSF4ghfiQfyKF2I9/JYU4j9dIIabj56QQz/E2KcRyYOwg xjahbiUuO42BsBgGXsbTy2akfZwG7dDI0/iepMV1+ZiQTxIG8tsI/bg45ONy MRw8dsMO1Zgbm8GDMewADB55cYmIC+f0Rp2omwG/RpzPB5FBUayP8ZNucT/S D6pWviAmEluAnwd8AC7CVYMZ57/8Vysm5grnf5vqgw2F818N9vd/moLF81/X Aupq6aAyIhl0TLOcyP3dirqpsW7TRtrFDwagy/C7aS382UeDdSml4HkEPA2s SvaHAAweqG/AD9TYAfh0FA9s0QGJSqpmDcqOFCUuCXRUwCOqlhqnikpFJWH4 zf0m3aENDCjmWgMkDEu6n3pk0xxurqsbHR31CyOKAI5BH/SiECOlDMpmCr9N FJfi+JGi0NiApPcaY6KsmYpIPYmxQV0YkVoHUqANDrR/n25Yfilu+fcxGezb P6qYsuISrXFOKdfMKONLA8rwE0IzIQhXPZ5fhAvmL23EqQzXBrg2wrWJHW3H JizVUAZV0BBP9VLmW/fsbam5Z38gANd6jp0rOCcfqJn9AYmaQl09XA3A3zAA V3DudTHfxTTXni+vu5MGvgrGsNk9x1Jwk9wTDNQ37IUaRTUpu1t5WFXtEAsc 9Lq/6K6wIxo9Nf/Loy33qDU+LmWze9xuAe87HkwI+qDos1uqhfQINoTlACoK aAlu5vlhEWawudltH+WmGCEpQUWtMVwo08R9Qjyux2CaY9BjvgIzjBgTSJGv ScEiknSG7IYMFOLT8fSLT2a/ymZ3Io7hoVRPxH2jiXieGU+jjwgpCgtMYcGj m+ncOciPybQENrN5PQprXIJK58yOnwqggyQYpt+PM1hJUA+aZEs9GIKPA5pl T2AvGI9SvE97grYdQZymU9veVEvkD+6YGnMRM8XdUc8G0LYohnXaQutRaAUS sZotLQEvZXPkEk3bU6egAObHQQ1juGVWvKqnpnDWqMZXY8WHa4DaDbrb8aqe Ndh3Hw342AkjLeHBvJf1DlN+cGuxhDCkgLtpoVvbYx3d4f5ZlXiACaqM4XV3 GCwDtdgHD3VGF2pnhb3a/Qju9XppSwvtjnZ2gjkqqB1/66n52FNVqH3FHLPL ki7hULKzsfyjB3RUVkQZS0eVVArsJ+UHwhkYPiDUw+ZYi83o4V304ZdgYm3b +7Z2gXFA0y3wy1Yd13Lm6a6LlLLlYsyzLdznmbMkaK3XNvwso7NWKE61Qjsf f3CMtcz2zHZDcxShbCX5UzFN1RIJGIfA5oKjAsvFNTW/5pg5PLQQd81Vp5Ge Tv5dHEzDRrt7e7jPRz0jmhLHfiB/fvZgxuttaVkXxG7ke3HR+bYrKe5moeIe Zwqtu0OOIfatyc87lp1Zn5LUQVPG2e14xsufoatxDM/uSt512KrtD8AkMPtG 0erOhDF1QcF+wdgMjMFcxLsnEA/r0jpFVUxFSCmGwPYC+OEJ/lkJJHL8kN8c AYcloteZWWTxMiZt1tSEyQtbCTyEzT0WFdQxFAkNeGzPC4x2YgtzFnTNGnpb /hQgr7r9dpyy7or2ttjnw309njXgMdHQ+fxoPh8J9/PxnkE0o5BTum3/ZPfR rrs9yFgYic/DXXOtNwAFvK9smeOEqPgi8wzsQaqlJdzR3d/nxa2UqaiWBNIr 8PtP4O0Ks4YddGRzhTs8OmfOOMUFR1gx7q74n/a+vq+pJGl0/518ip4IBiJJ CC86wsQdRFSedcQrOOM+BONJchLOmuRkchKBUe5nv/XWbycnEBxl9/5Wdsd0 9+murn6rrqqurr78AVCFToXaYEhhCamzUcQjRxhA2/YPU60DtugTtw7bh1cA 5CtNkfR8WVmdvaZzP6RW9Y81lZ5u0BeAqm0o3eTkhpouwm7be3nw+M3TQ7WM yOEf3SuQlioFCW7/wR6gyIdWRr/g/mB4hjJVxfcGoB3teDImkn8pvZbEfaDY OOdhEaCLAVXmHTGz+0am+xSSkCVF+zWQG337QTICY6P7EYLL0IfYJjWzI+/S jo9kEbdCp6G6GfVB+uJrfVAqAYdDDcbFEsE6iX4mfLYjWA9KF11s5RGf44g2 XWUh6vKwxWrg9+5t4+7+AboAplMXlqVmE1Jcf7GC7YG5R3uxP1VtDQh9FI4n owHQY8j375aF/hv/XPn/3+T/Vz2oPtDy/9rqffH/+93/9638GUn3Z/JjdTEM k/Lpo5yfzPydnw4cGAhW40o0gHTlfAiAtlfwk5+fKHkK9Ljdi5pTaZFk62S4 lTT5tKutR477wkzvlH77yE/XzDLGS6Uu9bPryCu7mHWPacpo12CZBayTTYOZ dirm5Hd6uT3VQwjeT2vhwGHSjcff9//3DSbY39j/08z1X93Y3Fg3/v83Nmn9 r61VN76v/9v4u/OjIgf8yWkud0c9m6AfwI9BD36Zib9IxmG/1A5BpGyjquJj MCLNX8L+6oAlAnZS+4lLyrnZ74lMkEWwTgU/hsCMgKiwVq6uAflQuyDmjFCf p5Z2l1X14cO1FfVwHf7bgP824b/76ukoDNVh3BmfBSDoPkXNIYkbK2p/0IKq AcoRujBMuyhU6NYQyyZSdluNT8OZ4AAMq0Qng17Uj7AlwJ/2oyQRf6coka0o fKtgFDUn45C6oh/Dyr1Q0biMHfkk7AST3jjZygWtxmnYG9Yw0ObUBkhMnei8 Zt9AgBI7INgA0xeRjz5+fMV1y7mFUPdFyvozJMbUGQyUNZoXIPmLiz/sCfc7 OW/FRidBn/W5MIAJpUiZFdLsQsF2kJzC19ZpAOJwG9uLrnhHIPjh+DYnUa9d e3nwci9HDy80cNxr5Yr7GEMOHXbpRlJW5GI5NIgbPGlqEBxA3SYZmMwJTYla zi0qDiIbWWnJpDOVBkLqIIGp229gK2vJyjn8L5cAliArwi/WnIxa7WhUy8HK 74aCAczHJrCptdx5Q8hqwh/OG8bdJCegEgJKFxY+Oe28xFVUyCUzPib0VXyZ ZWWQT4UcHqRJBlP4FCYowL5IsJdTH8MxFKIcbXwXI0x9bsV9qBfnWNZXmCCE 1QyMCjnpilQxSS3k4l7bzUET2nyMBp14qmAnLuT6wSCVDimFrAkewwQd2Wlc ziUTxDWp5X6lJzxq6tedf+xxEIr/GpxH/UnfUT7SrCUHppMxnjIECiZ3r8eq snbcmvRhWpRxbfaD8wamNqhIrbqWw1RA8GMNtQ0KIrxScu0Y1YaAbIfWD2aJ 4kkiC4kUqUgdUYdM4FdgpaHylWiDQsFxHILEVBqo/IJUkSeKNCAFOqluzZda fcHUzAp2gxVpAUQWhEgnQrRaQRJyaSkDrYbkUrFWXJY2AF6192HrNPbzfQYi 0laFpHJcagSlP3dK/7taenhSrFUqhfdqG4ViDwInhUnQ4t7YabVCILXYI1Ef dXKoOdq96A4mLkE2xCaJtUaiHQXdQYx6yYthDEM8qxHYCl5dgGppKmhCOiC/ y16nSSnCXUDUig48N+KEbdCEoD8JspTT2ELX5BE8wUdaydm9kA7IbwpDyioI ErEtWhBO2AZNyKBEWbMwIvJcIhe/WGRW1IuRA3MnwQnboAnpgPzyj99Cu29I My0a0pTZCak4RFPYeRnciBO2QRPSAd2Fzt6W1Y9CpKnMdNgGTUgH5NfvEA2B e0NvAEUXuhdzI07YBp1uaQe6SRpSZnuiBAlsSSDomEGzAzs2LF8hG3ZhfkaS UUK38JVSURdDgkEF76jX4b9QB8z8xvg0wIM11ucCkYvaQow1fed8ZSrrUklb q+DhkCpDqRonlUq38N6lpHhgxHTOEKAtUbu70LaAujA6kkB45FX10d21bVIc quq2uiSQQGRndkkauVKlgRg5RD0cYDMbC59s7svaIDbDwN9lFHTkZoMgpWAM JKlWLt7qgDh7x3/ygMzYJ/GPtkpaixRzN70L6DX5QjvfNUNbsEutYAcZmKwS Mz48zpbpMvH0d46bRW2SvJgbccI26JXXAfn1KZKLE1MlByuhMy6TX0xjPpXi kCSTmMrkR72YG0lBsp9MSFM8F8MsqtcFCQhL2F/+WZbFctBM4l44BnERj01L JRSQMDMvCIw1IKYnBUJESY9guAH5NVBBpGTuNhqMw9EAZg+wl7HUpTkk5Fn7 IFYTQ9UDUVP1UDRH1grl6LIAI3kX1igei6OYO45j1Yv5uKKJ7vpZW4SsLwLa qbx5q9bLVVjnZVkGY3yDZO/gaU7MJyyvdiyonKhjlN9Ocgcc31LHIsgmCBdk Iz6sCzrQHAVyEwndVDK3K9BIsN7CLnI396f7L/b0cRZxEURhRmGiYWMGKkT9 OfVHRwn8bIH0AWUexCVRTLh/7ZjonHyJJ2MUCUhrQYX+mER4XF4qsajoF+KK 6u9b6Fcfu79cLugqubhWZ2QjGBp1B8gk9l0FpL+MT9v2e+5JBKLwOB5dkF6B +CSiw9x9Mp9fvd57uv/WVKTfWw1GrVMQcelNgRJwpkZvQw3FLuWC2W/S0N/x wpSm4oRqdpf3nqk/s+aMeveur5h0E7AW3UqFvX6y/9rNCutxRMt7Mmb9BlSA WY6lFhTGuXySCYDVWipo96HgVXASA8iR3R1YonW4EoaUZDCaC/PxwZPFUjzo XcweQOIiGfRVfajxRoWA9IBVGziV2hr55K6kLaWcegy0cCzYp/QMAo9UX8ww fCX0W3Ffet3TXGj8nQrnwB64GTOEGXMpbhJLhDaE9mGRrEFkII6+wwG0670j ksZAyjAAX2eiYaQAoMZhEA9K3VbLAHO1KxoX1rD4LcJUo9tge4wpfDoxQxBV TKpL+iiWXwUAMsiEGKVXBP51UAwnbWM8GbWc/rCbC8o70MZy+USoGq2jFHWD GM4foVm4pwm1QZWsrDwijR4M0QoevnmKhYIhgZDYnCCMErFESkR8jOb1zq9X TNzRZEBcpuRU1GXZ9eBei0Wcrfc5bK/0KgyTeJbfH7/Zf/HEqcL2HU4OyoM7 O9TEOY/pp/b84PCI+5SUrhj1MPXB0OfjLqr9wzYXE6Xo0c7rZ3tHM4rJx2P+ lTqfMtvLJwNoCICbI7dIi4ZP93aO3rzWe75srvoUS39c0vuAkYHkC4hKy7wT ecnHNcDiRE3BOYZkZM64WcS8vdrZ/cfOM1OCNhIliRn5gUnQRXyU3WIOum4d BtnzktEnO8vkrUGXFzyKYYY8YiGrdLal3trXfNKF9KxKaxeRcfJFMBbAdCfS YDHmhvUE9iPuDtBGbMuAcIUtksBWDc+Lk/ezzDcdkF9fqqAMLE7Q3CyaYjZo QpqJp89Z3LslolRiVtSLuREjRXDcBk1IB/xWOBVxWxxqXkyhkk5Ixf2oI9hw ivvZCdug7iOnwuyeom1CSqXDNmhCOpBuOBfVrea9p+iC9WJuxAnboEWfC2fh zns2lUgHTchHU7IxlrLlFx0AbsQJa2Qk0wxchAXUpTKjXsyNmOHluA2a0FRL dAWmNZoHLaZQSCek4n7UmWmc4n52wk6f6Goy+8Vl0rjwlSnpBIuMSfOjXsyN pEraoAnpgPymOthDU/rY4ziL083JSJtOcnvYpKazpeJ+dAqC+9kJ26AJmWHz 0M4aOWb/qFg6aEI6IL/84/ejlOUOFJay6EB1I07YBk1IB3QTpHwW7oMOa1js 71V6G9zKO0NHc9MZwg5tYBmNwWdPf+DG3IgTNqNEURNiXOxpt6Mkgs/mrFvn n5mQiru1cZIXcyNO2AZNyOBnj90dFD0ZhcpcnZJOMGjaND/qxdyIE/aBmJAO yC//+PPRR5anpS92FacblZE2neSsSpuazpaK+1EvlgbnfLRBE9IBvTh89LPW iKNGTgdNSAfkl3/8/vQ0wZ6CdzrihG3QhHRAN+EK7awvEkr5q5OmUkzvOomp uB9Nt9u1PTHt90TVYgZmWYnOULvp01mnUtIJtu88y5ir+pBFYg/MrKSplCm0 ITEV96PZfSj1+X0oonoxA7OsxIw+xPTprFMp6YR0H0qdV/WhrxPwwKU+pXH0 Ps/8clWxGemzi2SmzsqekZaddSrFz4ZJqSx+NHtm+BZbqRmS0sQUr+j3jNnh Zbii8NVFZxa8qtiMQrOLZBaYlT0jczorJk5lSyek10HKei5rPfyBEOi0hED5 IR2QX/7ReMnJCqalgyakA4yWmO05nEni2P1Mh23QhHRAfv0pmHj2QIlnA5QV cyNO2On6pGkz6c5NrrAR8jXqXPCaJFuXk5pOSMX96BQEN+KEbdCE3KLym+pS H3vpWf/coJjRzqxEt1+d9OmsUynphAxIfhYv5kacsA/EfDDD7Lcnc7QjPTJO INV/+EV6LbIt84KmRkzNrGdk1BLpoAnpgPymsBg5agdR8hcdeG7ECdugCRlc RzP1B/aEisvMiHoxN2JHheI2aEI6IL+pttr6pL32xKyYwiidkIr7UXe+UIr7 2QnboAmZXrM1Z/Uc6+qpTDpoQjogv/zj94CU5daL/r/oQHUjTtgGTUgHNP5S Pgv3j5hTrK6p0HTYBk2IwWpjbWdj0AfskjEVtkETEhsR3xxJdc3theZF9mWF fIYOnBT/3HQO2v7lc5CrjbaozG2ZbAlGX8lkS6BZky1JmMtka7pz0sh9S5Mt UgORwZbUOsNgS6uP7PhS7OZDjMVudWD/inHkLQ7szOFwTCNL51daZZ07mr1z lyzY0zcavVlRL+ZGDAU/t0dCFDQhHfBJqr1FImTVOQYsplBJJ6TiftTZVM7d 46BzPhAyYRvUtNi52JJFj50jRyk5K+5HHXQ4xY04YRs0IR1Id52tWPedPQ0t ppGbSkkneD3GaX4WL+ZGnLAN2u60KGT1J1Chq1cYUwm7wDiupzVZvKHnjdP4 jN3eZC86rk2fpGUSBiFHHl0AolDOIgpTCJ8Fo0E06GajfKoNFxg3lwpoVPLn C3zRK4/uH87xBtWcVAgvh5CFkm97EA/YCw6dXGNEuBekn+T66EriJJfO3G3E 6UbaIdoAlFzXXHFNZzbWdE8QLzrK7R8cw1LJIYQAR5mxaAAhxDGYQhlv84Aw PlSFUV+VOiPqBESoSKF22EkwNArpn3JRFcsUwypavTAY0OWFRIMsqKpaU9VN vGT1FMVsbaYJHUqTaws+rCoQXgbtYIQO2YaTMSRV2f6QDjH4auQaN5StPGRy JJC+zjatbFmXqH5wwX6IIuqBSjv8WBmPLyDjBk5wHDmyEPrHpBkDU3oUQc3w 8b7SJpY41uhrQ1tZUn1iGgoZN5U4jBzZHEmADjDQlxxfRuzFXTOM+QXWJeRV TV1gv8hA0rns/UeE32DS6+XIbYhJv1vFkaDI5iNzyxEB53gC1HNkgsu9FA/G QTRIyEmNwWo4ituTFjOUGmfxbJMbTQbYf3aGr2BnBbCy2mFz0u2S6W7HWQBo EgzwcZaNIVjO0cyhYT0cw3iiXatyT7DYvMM7YUpibPyFsW1F1CdDvDO604Nv f0ziMfvZgSmc6EaRZz9iSPrhOEAnYkFrDA2hu3MGvwYWMfflIIKX5VzOjQgk 30j7Bmdusl38ZxywyZ25vMoXPxfzP+C/x/Xj+kn9/9bv1Bfq7+p368X6Un25 /ql+Wa/XP9e36z/XH9X/fkK0fLpXqf/8NFWQPmVmVXO+cxQ0Y2Fv8THZu6Ne vjhUg0mUBIMWX+g+ICvRkOyY2X3YLk7KoIc2pPSlrPC6MXzrT2Cp4aRqhlRi MoB6+U4z3gEHYM2wFeAGh5nQbFjTC7pjTORHheVuWb3YefmstquWIB9wvxfq cPdguUzE6xyn4ovdxq97h4c7z/YO6QImrOxEHcY92I6BDpzy/WlSZvaAcEEB YKP1vXYgEO8BucKP2Nh4UNpFaLtH/3y1p3M0oWUfiDyRYwWmSWWHlnxC9O4B kMs87B01bCtTFMF7myRE8giHCdu8/7jldxs7L14IBK88fUAIujwlbE+X1+3P BqK/+pB0agY46gDTpDQ4+srtcsBR6rbsrtCbemcqn6oAvaIl6uAQaR6ZEeC9 WsW+yRTdqxeh58ne00Pa68PzVhi2yznc8EadjA2vjNfTd/bfqtZwqNCnUIK7 CJbsD8dsE0cXS+neRILkMho7RFm7KgrUIDxDbMpMwx+5FWANBInOIiaD6I8J TXm6ZCCCyQr6P4Vp9VG+kDWrmOxjk6QnmGJHOOEcN3zY0l4cfyBeBoqTrSxS bfQ2xVo3cmEwQohEXRkJvozYjCF2Xm7xPu5Z2bJN4ArCQcMPMttFD6u40pJh 2Io6Efau4Wv+xD2RKrRsDdTGSfoCQNhGYSpHV02odW5bna2Buoc5ihWeNDi+ QxBoB3TpmRifuFtbWLW0DZVaLl8Udz8zV7RYOX5XOcH/iguLiyQkalbSFsUZ zwlYMo9+3xy4WKdoHJ0yOcuW/ghzTEn7Kwt+Lzv8qcAoIzxkBJg5yOqmQZxz 1tRc4O0CzACYZlSu45RxmGkuOTbXTtPZ2DqLNZY2fRF8mT8ZUKEv4P/Sffq2 +SeOX9rL5ov1JRzn+nIFhrpexcGGmf1qFHbogsewF7WiMW0/6IMnlOswyCN5 vkXM55icVHhzfPfg5dP9Z43D/aO9/HTXny/w8XmmdOIUhV2UM/LVCs0JkrZe fwnHLTc973auD2rqhk0W1OlMGRVwPwvDhYl8sRoHx6lyWxEfZvplJHNO5/f8 D9BY9eJAvDmPjRsVvwhlLqcBMUopEQqrszeqbWV+VXwFzM2YwwqcBMOc8zwl oWRWwUdeQdyfAM/wfFxrobMZchmBhJYN0Il0wKaiuZNSd0WVDlYUdHg5pZXD bMbNCherFRZ2X71S+A/BLTBPTKw+ernY3S21Wpeq1IIsXLHJana58gKjR+w8 AYAd6oNbOjZ5M8AsvHgyA97Ci/3HhwK1NYqTRDCDjmPS+JEIaKMFQfzMTlu5 hxEQ5Ku3YMgopbqytrK+DKu3OwqHqqWs3GTGFAURkCBR8v0NPeQE6vC31xtc gLxwqxLu0sFForqnwZ/RL60gGpZHk3EXpQn0zM0TlVEA6VuQSGOA9COplAaV 80FFI3Q+yMKI6PWgRmNcK+QKGBjXCj8U3PVJWUo8EWqcI03yDYh6S2DQtMoh xdo7H6NARBtkJwJGVp3FIEbHHZXvtlp5YkuQGQFCStcy3Ssh7FId2fJyDplm eodBQbFtrAXh1BbWcmajHMDMd2RkSsNM+TyKyzSkRJDv59LkfHPtwZbKLqtQ iIReZ1UsTbK6aJAKC4XCp4IzU3Z3C8QnFt7Xhe1MrWjBconWX3vZx4m709Ou 7O56HIitp0bfYEq9YOmD7/3FH2Fbitp8NZbmuoa6//QQinzCH/XDZZ76D5UC jaiDYhCkQ5rNdLlF5IppJzFeQDVf7Rw9F3KpnF2Ec2g2Q7MYTkM6SvJUdKd6 aq5Uu3BSyBcSNqyKikinboqDfz7HpJ56xYOWz83sTevlZZznvnQHwfuKunb6 iHPa30AdgFfO9C+b6N9gnm/e/z7Pp+a5cMqNER07Mcd6W7Pf43TdXMTF08XG SatZabV8ZXQG0iiNGFe/kk1Uu1Od+gVrTCO6kK44xY3fUb+H8nZFoJpxl69I kjuoYHyakkLJuz4MJmn22QmUnf7+WsZPp1Fn7EydhTvAjozRY7npGaodZmCC K6wddYBZxv3WaERZ+wHIAGbomApFXS73PD5DTFZwjZ6KAzi6v9YMEhJ5V0Q9 KI0ip/FNqUxXzsuefUpjQ3Z3kSP/F+p+qKSA4pMMohOwHduL7IyLbqbbFxnT I7/wSz6VP710fnH44NsjkcqnkLg0ZgtQAxBYyD8WP5rSss+e1GnJZev/M0nh 2WlITtGwX3ftkC8BEpYvFG5wGWnzh+R6inl/dcOhmF9SBRHW7yz2nCw23v19 NA3o55/xGucd0pTdr244I5RPPVPD2qp8jh4sWf7EXrSXVpe3L+kmKMz2T8BB 4yZHQ+2MdPWnLdjyFqT19fwyIb4tuXX6slqj1Euc1zzRE4Nv1ibWogX7ITHq on3tch7fsJig573xKPoYQR3CEqzgdxx4iDdJxyseQhV1kpl3Wh7g0xeuH9cJ ojiD2U93OG91Lq8/lYPRtvz+1EruBJF7l/ssSLZ40vNN7qmx5E9ZPcSaovSx nj5Q0pQoo6QsXnePSmeBbWoQz3FKKZfTWUsYj8wE4QQckV7Y33JXP4yk4z7F 8XeRoVTCbvzrtCtK9Fwo6axzULL1n76YkmVVSON41chQfkFmvsV/ZdfImuCl 8OzlG7U7R5s31jPanAHpJtwvSCh/nf1N0bmWpnDsD7vRALR2Gw3IiLyV9n5t CBj29+jCJdB7DqzC9kwat7mmaRyUzyJxkGwoHBK5zyokBQIaDlmigjmqWcQO +oYIhtUNuF94fZsNPGveoPjHHZW5mtHrh89vPgOehkkUAoP8DZ69yOFziI9u RDmN/KzJwAH8JEmpAZyaOaa/mWdJYK+eYxLef5AxCbNA3WQWwqrp/vVpyLDp nZ4O7JaXBW9SetLuezvZushOOHMXZ8P7TAkOsZwxIeiTQ/Fdgn/lFMGC0oqU /OQMv3fsx3pmPer+NGBd9Iydozt11KChYB8crPmKbP2J0+2OiVPUnNT4s5Kx VJ8/O4DzWicbTM5JosylRFE5DNOHKDj9TBD+n1ZpWwlU9rZScupzBboiyaeT JXsjOeVek2wOGJgHLINoMdL25HS15a9TbTmjWq1Y97Qztug81kneSY7Twnik nIrn6P7MTT/QdgYN8ihTc9sl5xb0wcmYTJpZ2SDZMyzJyIOStTjAS071K5Np h8Nlc1AaqG4cmzZrPq6sUJQe8nlTADyC5u+WOkEyDkfLK1AeJGK0M7PO5EFw JmABmvqQj2qA83gy5lNvFoJH8YcQWSsoD5w7sATAWqHwJ6bkCRpcHV4kvyk6 1RG0VhTpQvDCkE7CbJPBwSF/cfKiu+zX+29VOjcekFdSSU+leNBJzhL3oz6Y 7kfJaTBoo1OZAbT1POKHCVFXhwigBt9oaVJFx2SoiW7iRdp3AXRH8WSo8lCg 0wEZRpXTpUVRiNNzEMaTBM39xCNe84J1KKTNKDsLozxbSRiox4dPlNPdUur6 /evB2kZKaTgTlt7A7CLcf3l4tPPihV6Bc2xuwfhUk4C/vr9doRHkDzfXfJND b3w7jXINw3gIHXB2yo7UzUNwSY8fC0C/glAaCGOINo+Jdi6pzb5w1Rpz/crn Mv6/8plmc/GznfISlmQ3yU5cScCJaG3+xfyVzMMPn1bJ6u1w90AdPDlS6+VV 8/wBnoOfDcTkvuMQPa1J5B5BIoBt6mpqIb/NpA1UIMaYTjIddoU6FMHJmP7g 6PV0RTVDlO7eNaDwj1jSdjLsJ90peDPY1B9k7PbfmqbB5GBdXzDwKREenYvx IdpPAVEq6/LQiZWq2+oALQMnaHHD+Kyo5oRI4YQce0nBLfzhd9ccOduZ6rX8 VDtwk/vB7HJqDSOwlfxglLqirMU//x5HphYXZzpxVi7T9Gkak2mrKV5HvJCt /tAp4rFB0McoLfYCdlgaj8YrhgAmvfhMjCV5z+Bdhl9U5MPqQIAgfJp1UjEd kfA7BWzUY6xtVozmjKymUDErMLjj+KkE7XZNxD4yYaMKI3E3aq13okTK48ui H8P2CjEBHaPExtHVdk7l6c6x/ItVv/rMrCaKIujcUW+S0NBM3Rja2zbQZM/Z gtClrFiYfPoYjEpASy/R+G+fnL0OPiTO6RM9LsclFMiP/MlcmgE+IhlH4wnP 7imC3RB/faS+TaWh3ClJl4VcRtknO0c7XkFMcEupUl/d39iAwrM3LFTgYUNL vUEyzy71YDO1S/kAaGsiHV6zAZ0gljfwpdAoUE4xvLlYLFfulRYbjWEDbW6u 37AQ4IIF/Nf3LL1gUXcKMwp/8jmOUFOUkrQ5dKUPflqfQ1dqX3jGRyQ5kNtW 5gVCdZ3u9MHD1a+nO01bOeb0PajM/kbpMv+VdZM3xGAQ57OkWBk/dziZAM+a UxZ6wQHPMwlbmX0yg1+0NMxKkBEWrdGbalCpmegyw/ne3fE79woc3jgj+25F ny8qQbMFk6N7Gv3rQ68/iId/AEGZfDw7v/izsvN498ne02fP9//nHy9+fXnw 6v+8Pjx689vvb//5v3yBj2alazmqJyTEcEouGBRVlaYVlHFnt0zu68+Z5qAc /Dzf9cTjp+pPM4mHwMimH/zx/y8SwjjfhIr8tHb/NqjIT+vr36nIfzQVkanz n09IBNG5aUk2McELhvi68WQg5yTodnkUAwcGbO0cVOX+mkNVrgZGcwZvlCDf R69A9UO8spfQOat+l84yqeXUuf2rV3m7HNqSYoYaIjXXCJvP5m2Oee1+Xr36 GiK5fpwBzSKaZJHbjifIk9IFK2g8Gebzs8k6SXPF2Bl4g64bjukw1bCxdL9N Lh3oVxdJ2s1rvXWebTZwfBBSn26Jcd/knYOUPME94FF6Gb49WkGzhNIejhzz 0OQQfXw6iifdU0ngM7ECGfYn4WiFYGAzxPaD87aG5GdxHor74MEcFNd5WjaB Wukl1sOLwTg4V3uo1aRVIWdFLLcNhxnUypWXzdd4Ms7nZhHqn9ZvcIxEtg8j 2DFJai99VIV3qnivoNyq3k+pbqGEnVtb0ysYvwuh/Xb0Oj03FLqO0re2StCb +TmH8+E8Jgv/ruF8uLr63zOc+F5BBToua6/NSPKNqmg6IN1kPQrH/Qz5jKMu v1zKrgopN+sBZjK0Oy8P91PvIFy/+zxcW0/xtFlg5jxy5DKNZNz++mffWQvm 4dpPN1owMx7MDkbd65+I7vTigNbat1pe6/dvd3llzPypUXQPZW95FU7jMuMU OHUo65SYsjnlg6CN8rnSIww8RcgWdu2w1UN7j37YL67Q1Tx6KAB4BVwQ5XkE oIeb86hRsqaZSDxL9u3SrFmV5+FXn7HjaeDzgG3rFEdjhtGFoaF/pYddi/Y5 enn/cFetlVfLa0qvt+lexuekv7SXH1S/cNF/cS8jtv9ZfUxHOfy2zf4oOi9t QH9vIrtL548louF897ofoNkUvsWN75+xWrsUDJLIvY+dMrxK353cuglNfrh2 o+EhLInUisC2f/ji4Pe910utZbVUCArq55rCMIgt+AOxwp+FZZP76ODNq1eS 2yn5d1XYKah7agkjJQVwltUWArAl3x68XoI52IGCS0shVfDjUmd5Gc0sln6U FExYNioLhToLFCBUtE175VIEPbW6rSL1s1rbvA+Be/eWaY4BdPiKJxloLxct r+h2YYTqGMeT4ZA/4t1JaQh/RquApbXl7RyZB6BdKpD8a/Qi1dXVv64YoTZf aSmay+bOvsoW4NlzXrN4Rj5HdpXJmAMh2wR09krL0i7UXfXC4dGT3cbzvZ0n e68PtYKB0OGT0NM2nQ33g14vbkFpJvkIJ7lIKii6Q3AyiKBqSeOruOVT9PxB 6pxO6L42DQDzMzSIV978wXLXMoPV1fXVjJs/VOeNOMAFwfxWuEDAevNGJEfa 9M1Yuerqxi2LStcoEVOjkqHGvDW27iq0Zug2r9ViCpyCBvQlWkyYD6zFtB4V cO2alTZbQ1mulBZnKykbjcbiTfSUWCmTEXWtPpJviV9tD928wMc6R9A/5Asp Uc2oi2bCwWAecnA/yxj8CpBzUolWwxT5KqcYPsjaZPBhEJ+hO6zDkE7uka4O AzRXA1aUuptVdI//ebTXOHgNtJvZpLn4z+rqg5uRG6L0wOQkKSHTIvXIPxRB +271o4MccAs/Pt5/1th7+WR/5yVFX+wfHb3Yk5ScXFTj9gvLp83Bb3K2Ul39 yUihoq7Mol7yyTEBn02HyOoA+f9t4EzPYIhDM5GisYxGGwUAp4H0eON4ztF4 uHoLo+EMBvBqFtUce2uKutL3X9Tp1dXqV+706TUxJch/O5ndrTZb2vmaiGSA T3F3Dj5AY4Q42CON+USgeYyC6dAGoZkGnLLzP3sdiyCnLX9vwOpU1+YRfo2s AlArRbXDd2h70XjcQ8rtzNe/K/UUzUOfB6NmlMSDu4fjEBjQslLFChQGzjQm g2jqAXoYu8c2ZOjBTrWOk+jPMAZxBz8tn+CnSzXBn0m5Bz1YJe9oJMNMyqnc IJZVT1QNMoGcc/0aWd+4ReEmcyLfkryTXrVfIPA4ILIFHn9J3Ejg+R2o4GED KKDQakfmmSmA4NU6sZRM5rCzqFY304YWPoS52QzKfjtCSPX+zW2ocrA43/RA JDxX/WiY4Aki35dPyCEYr0LcrPC2F5bEVQctOF472eau0CnqfBuBaQVntVzN BsbLlkoW9U9ruM3pxeKQoLzc2yWTddLhzUYMZNlJC4hdjJh9wn/OV9TF9uV2 Dt9wiFrKy8C1/RmOYhiFT6srq5dUF1ravn2hdlW1vIpKw1W/IqQ1wj8Qie1B Uy/iCR7oshsNvFjAoN8WuSZ9f19uFtDVafj/qI+w8Pn4AbCEpfB8OAoTcmh5 Ro4AIA32/7G+cB0w1AAwd7JiD5puV0W0Pc6zSJ+HPmwNIX63i2qnrvq76pa6 akutLlM7n79681Y9gOZ5XRkmQGoB6L17NApYfglBF4vLiselZdJSw7as4PMn JO9oqL1eXvu4kT1MQquL420dFAh42XUV8GToAHCVVGRODkhi78jje/dI0QV0 mquM+yG5DrbWpIf4gvNkOIS+bPcuRAOpL4zSkTqj5mFGk+b4BGfE2uaKqj64 JCRjNhAHDDoxTpe758ertLncuwcJFguo8nAXJo7ya3P7QJVKZGqNY4poBs34 I/e5UnplOfVFw/EIK8JfNeQ2Y7VDU+nVExYdM8FsoC1S5T+U0aML0Ye1MjoP qm6u3i+trm2qpcNldTAMR2h6oC0cAvdd9h650hREZSElonz817aLcjA8Xj9B ftDNWGxuq2bp0b+gBZsG9Tcvjl7vvy2tr6nf1oFALL0OP6qHy+pjatrIpDE1 8BhUafRvxtiuVde+EWNL2N0uU8tVZjO0szdi2bCyN2HuY+/K+bX7L5e5ZtM1 97ZZwYizzNE3omVME4gjm9XwA4hz7Mpr61nXpG9Qxc10iAjpdrbutfUbHiPP FiG5+W6qTvE2flmn4z6QViAtN1tUGw++yaJyuv02F5Zb7c0Wl1PySrU+Zrgp l3u0/+te4/f9o+eNw38eNjDmMrpau9+ZDOgIjnX2YveIivsrVfFYap7l9qCa oYunwnMuJMzb0IVuaSk9mMcGGPdu8lutrUzGsWiCVKORjCdNfWqJVOU0Hobo AOlCdcIznHbjmBbfCm2y9hYkVtCLWmP2kkZsjG770jLshmEvPmO+I8uCClA6 0P7C0Hd7t9VaU8RNDtjlCtdKrlPpkiq6TUbxn0FC8d/J7RhXrO0QadFH3VNc +uMWmwHKUidoyI5SVdSW5iTqjYldbVsfwOYdBIvDGd3WTcbIVAXDYe/C4e2d JmcIG0dQP7myUPz2xoWjDo34Rh8WJtdB0rUgu0f9odxLJDSxC3pn6IASSQF3 997LA1gogAdyhg4MPOsHNn1CXmbRPLVNIMhu9ZRuQI6B6ab9BME0GrrxsCeO +tDz5Pcuost3QS8KEj2CHaM6XOIpYyY6Ha6mPzbsZ+in+APaeeTu0MR2e0y0 dzckyA8f3ppBurek/w3m6H79sw9srjmxITAFDedLzmuo/tSBDZHjzwo498Ls 45qCKsw+rbnJSQ3VdsOjGn6RxDwmYikqXzLUm5Cyb2KQTx33LiRfQ6T8idAT etMDaYkZfQCB/Z6QSpJeCkHRhEmufr5Cbo7LS5XNcHwWhgMPBFfIVNikk4Ez X4oVURkIHdBnrIYFbnmSgC4cdjwX8hpVlOD5NudZwC+8fAjD4QqlI+fINypR Uxm2kf6MARZAe0zkCh06rzj40K1a87SIXA9NnKub5Ncefcprf8cROd+LHLUC 3bfXLzJA4/4JiGD/dNFHvderp/i2EMEtkUP5p/sv9sTZmr7D77kUNBhs88BF 6A/g7FQWILeA0Dhjgk+3ih0HDGYQIjzPSiZNbdsfhcmKGUt+Y9Q0Gbv+WfSR TH1cZO1Jdjuie8cJ5Yd8K0T77aMppv6yccZfRq0OeUMEUj5E8h+Mx3zvWbvx t63FDsbRpA6MSPQGQCV86wM5GqfHRiHOUbe+nF4D6CGyB7s2bQ/4Hk5HnY2i sX8x1/W8wM8S0MVXfokChx2l/7NQodYfIQxiUiYGI/IgKGOiEtrjVhS+zIAd s0KTPux0olZELvjvwM62IpMWr/C7dTEi+s5sUpDKsZBo95JTcuCC2LOvh2QM bM+IVxa5eGviQuaxhdXIgd4F4k+SVcjqInUKzIRqRmPtLdPpcbHwQrdVSRJ1 zaAAXoDKEoCgHahKhm3kWuD9Eh6YD4NWWAOquK1MlvfsaqBoPte1h4A7/PSH XTn82o08twAI45QM2m25kaGW+M5GibO5t4kFHO6yiarDH1/MqNdXpMVt802+ LIvjS7xUNJDrQ3SBKJ9UCpUCwigUKt186tO7en3p2Ll9VMQNyEuo15drkKmM gUq9Xq3VFz7hD4BcK1xWhuaFK5XuBmmlaT4SnlH4xyQasf+NVweH+2+pT+Sx INs1XmP4ktS7axEFPBFNwLJaAxwB0zXAr2Dxw6v9evOiuYEbcas/RF7D8edu v0/b+BlDkzO3xJSD+8mwfYX3eMtj8Gffm7zjB4CB0TaiAU4GuE7Y02cWbD74 sEwHt/PbvPbFh4P2kQN54wBZOE5it0TeMwM59kNMvlfC8yERkvOwJV/LBqaT 6AF20vE2PIfwCv0dtYOvStHq1k+j/UZ+Q0jaSEghStWOYybT7GZQb1x84R8J EdBBWZituAd0eDTpyXYiWy9vkTgsgzBs47sntJnj/i48CRf0nPaSn14+zMf9 nPZt56EI/dgFNLXsegH7OEQnRoXKu2P1w0mRGkSh2vG7rZPiQqVdSL/mZt9m ONo5emM9ihanBxBfx6mVnhCnKIWeY0/+zu+JEvb5ciW/Is+vIaeV8AMz2ilL x/h3lC2wnNtCx2wuCjXDgHCWS1FZGJ7DxziX1QxhB1NtE97zRzb5TfAJn2fm jV3/FY/mhb9vv54I56cf/QAixe4naeuYjMTrseO6sqyZT+vnAt/AMWDJZxPv yrS5whSgtwTfL+EPCWsgfU0oUBp4Z6tiS1X94/0WcXMLq+Z9FfuwFn3Z1Yp8 GCDca/0X4MxLb8J3eoyL+3TQCr8dpNxn54TxI34PxpF8ZCUNesGvln9DD/ml B+DYcC0nGBb/UxTGNyZP8lobxDyN+2JbfSFIPbZrGKDPDjNkwzZoQjogv/zj vr2s38Cr2yn5fO/Fi5LMl8vsjvaejPNfeNMPNEOdXw2mvCx340emdUB++cdt fWqwbv78NGBFT4V+1m+GSkB++cetkQZVT5r8tgequHxVpurUa3GQCTnkQUO/ tcS/Nt26jNHeYFIbnZgGm7usMtVPtZEwMEBbx+/USbECnNH7KyglUhmRfDMp ED0rBIxLC5iYbkAunJohzjt5iHJEaq4E9Wek1aL3RZDfcx6U1ORTHu9c/KXy yy8V4Dsrvyzq0GK3vlD5pQth+BeCSeUYGbu7iycV+q10oQsTzL0oRX/B0hTC /IvdiuedElFAubq+i41Y0NtNDnZf6EcMJYu/sFfFXxbF1edilxLFcTUmS1A+ vH1rPkiQP+BeA4n4wwniGRfSJCTJ+48pDX44wdnxId2J8WfzxU8kvU6DHukD CtRvINGlTFkfuBAsX5hekIkDnJiY1MRN7kVNxIS/2Ah/BFYt4C8SElAXCfFb DM1E5CNpGnAOhJLBS5BaY9jLnDxe3CBmkDKJ+pCJPtgIf4x7be+7F9flO7Eu TCFOxpf3KJUDMgF2ceh3OZLyegRfUil+NvRx5OTBqJluPNMgmqPJSqtu1pKs y5o8HPZYvPaEq4RFJhAUwxIaXbXVMApb4rMNVl9C6lZUKODNBKWfGBxM+k2g tfy6IB5cAysJy/tJ1AV+vCdezTDj81elN2/Jt3w/OG8AwEar305qD1dBMvo1 OI/6k74GBsSABeUx+75j51xIHNi1FwIh5UQVyr40ZTR3gp8oTzPsUpanxMTS aQMxZul84aBNPLmLGL4MggWCDlqHkM+x2QD6IBg0COXaFt3A0K3L53Ns0Lfg 5Uo5Ul1gXOnNiaojNRExrq6QLzX4ftneVhQGfC//yKcIlkvAFqSDXKmJgN24 uOfV7UdX/Wyz+b5Xnb7oBLpyX92bjWD6toLuRP99Eq93SRTOgis7tgadKuZC 1y5HZkMRr3h6zr1H2x6ls6h7qvpef8f5tsAdrJNwatkSEIMC6an2Pjfbz+x0 J7gtgZWOcs6Vq54+SiJqHg9rlkOjeMlwAvnLK7d0oh/6GFNevMMTSRcYzmz3 pT/dk/TUX7nsXEc8RMOfEWQCjh2zHG8BFXV+y+XyyQnIWCIokxKWPtR0iXI0 yJcN42yrYkXUFj/Mi0mNaODeh6Jc+t1LEhi35MlL5Q90domtchGzu6//6kp4 fWHsEpFzeDdq8k6bnHYE9i1T5t3wBephQ4eRWGrXhER7PQVumUG9Zpmb6BJ5 BKViSJhJPSniForTSr1MvftLnjkBpH4YJuDnhZxDEWjA7HdB0w8L0dg63a+P qrzvZWcRi55WjiqYuNs2XrCWSxOctv8UUv8Duk41SXqZ4TOeyaSD6o98xTYE knU73tXLFWxAXlDYAREeZHjq4TAAmcnx0jjQhQVm2VQTj5OaB15yeL1VXATI i13qLPcBDAdJA4yXvjeJXe5eJnN52T6LKtM0TSgQmhAJZzaZ7IiHm+40Agoa 9GmM8aVinrro7lUKTKHmdwBWbaFntEOvFpy6MvlRAyQqTacY4nNNXXKk7FeX VS61AtN9bLxlUicfVxZOAEHP42Yqn26El8ev2M+ra/YVO3ax5PTW6CVZETka AP9Ty8/S3pDRqr9uoYgezXKRZryv48nPJJh6F9APmvdRxZavRvU6al5SOKUe P6e8fpMtPpA9qWVjSer2xXeL6YGrLObl29aimv4IYmlOaVdh2qxJBLMUosAg p1JEshiJmMIBTrRzCj7YiMeOW04ckvNui7CdwE44vgLM7r2MSjrN83SibXak m+aKijk+w0pCapuw2GwRMUS7E9KTJqxRy++olzu/7qnH/LOrftt58WZPPcmj m++QTh7pQyTnmsMhW8iICK6tHXDb4JKR9uPam7AyN5Gs1Pd8nIrT3Z4sSdaB yutzbqqRwOWZhSf2uL1TIwq8RDra+vIdCXEhDMoHeiGq/bhW4AySevwOfxfr 1Tv1Nc6xCznWOfikVgBSy6hN5Pgnfweftu8QNnm2EjHus5u9AM2PSdbJQpuf /56BcH2ZAHvYERoTg3N9mRFlyILlZBdPyygE+NY3DMbhTIxj1+f3XEiHN0U6 BKQXMrANDbah9K77br3WiPP9dfHp/KPr1Pk6tZB5mVlg1PJGAzUH/xldwYIK wO9M6EwmNHXCoElSbkpE64yCro2JPk5fLb8V8o7TIE1dH7kosXcLJJlabeUa 4NBicdUGtijQrYT5ZOvkL5EDr+EoRg8bfBzPQPTsxF5AjQQfLdhkpXYGbT4p 2/qaKs9ZoPh2ymRAh8JtRedr7bjFJn/TYFIDi41P35LFG+Syvkh5yqrTuxXc 9yC68P5kERMxqqkPkJOd0v8GpT8bJxLQ582qyAfOizQP2zuX9SqHHpvQ7mV9 jUNPLhe7QwCLYfxnYqIT/CfEKKElh94dH2lnvB+lmphqNuTO6YMqZ3MFUWzY I8/nQoHZEhQ+0psKigug1RLqwpIAncJ36IWR8Dxg+w9jVpHQmDboAL9xePDm 9e6efnIDAAxHobvn6iN/PhDjg0SRz2j7dsx56CaMeEKit2mN5WukLzynGm8G c5EPSO/Qv9RAswmIlQAMnwRg/GCXrRTVXQWMo15bj8nT/WSYqkBbq7onoCRX BqwKhEbJgkJdIvaLN00TFnPjXptVi1SUFYusSYRGxiDqpgZxDPuhKNS2+NAs aImuSTxhtFTZx/Q90Xn9EelMosL+cHyhTwppNxlIGu0pejzw2o4xTJuWuKje PLnlMeKupJXCP/TjsfxUwDZrke6o39GcR3dS2CZNa2oFj2OfCpc12S5M2VMT kf75Z1T9Fqa3TGGRaaGhvgmrYQwv/0gNZ1ZZrnOXd+y0jmxqe3iU3iBSQ0f7 Yf+jl8v7OrsBogFNNaGdbkJqmkxhQFTBxwEzpjJkMeb04Wq25Jr989QYesL6 0psaUJe5juXRfDnvkeu0PS72f+p7Vvc7dj2af7JlZjzt6fMf9PzIoHUaDLph O5+l2j11lR5fV09l1Shz66pcTckX66vm1FjdSGclSmWx6bDacH9+nrqfyIZJ JMfrj16vZaTZT9gqZzztx2117zzT5MTussW08ZPYJS0M4gYf4YtRNhLFmWYA PjaQk0+Vc/j3t/+GvzHslpXXIKr8uvfN6qiurt7f2FB/o3m5mvqFv83NdaXu bz5Y3bi/fn/zvlLVanV17W9q9Zth5PxN8AaHUn8bxfH4qnzACIW920Dodv+2 SsvMVsqlHPTfHvBpKzJKHbS/R0Z00I7/RE1QawJMw0VZbS2rHB0gsNOQXg94 lN/3X+6/Usf24BR2SXqRiHQ0qCwaoKF+By0Xu2zePRme5IgKR/ykET4EPyTL ay4nLKt2aT4mxyB4nX3Sxyejl4mr+/3g9T+evT5482olx5S8T0bhRB/leLSH mvQV84Ffusd6zePTYlZIVwByKFjj/R0yKVP7RP3p8Sa0dwL6/vrpLvFqg3Dc jOIEyMyYrA8HscYbPaSze6kcUcnyfwk9+f73/e/73/e/73/f/77//ef//T/m g+/YAEABAA== --0-162764713-909751834=:440-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Oct 30 05:28:17 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA05686 for freebsd-security-outgoing; Fri, 30 Oct 1998 05:28:17 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ujf.ujf-grenoble.fr (ujf.ujf-grenoble.fr [193.54.232.33]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA05681 for ; Fri, 30 Oct 1998 05:28:14 -0800 (PST) (envelope-from Gilles.Bruno@ujf-grenoble.fr) Received: from antigua (adm-bruno.ujf-grenoble.fr [193.54.232.177]) by ujf.ujf-grenoble.fr (8.8.5/8.8.5) with SMTP id OAA11284 for ; Fri, 30 Oct 1998 14:28:09 +0100 (MET) Message-Id: <4.1.19981030141631.0180cd10@adm.ujf-grenoble.fr> X-Sender: bruno@adm.ujf-grenoble.fr X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Fri, 30 Oct 1998 14:27:22 +0100 To: freebsd-security@FreeBSD.ORG From: Gilles Bruno Subject: Re: Cause of NetBIOS-NS requests from outside In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi everyone, this M$ product illness has been discussed on the samba-technical list a few days ago : some have discovered that in some circumstances M$'made "gethostbyname" syscall were first "netbios-mapped" and then "dns-mapped" (you can define the priority have these calls, but it also depends of your 'netbios-node-type' broadcast, wins, mixed...) I've given up this treat, but afaik, there was no means to prevent those brain-dead 'doze from acting so... I recall this problem was mentionned on the win95netbug site (http://www.euronet.nl/~gco_fvee/win95netbugs/faq.html) my 0.2$ -- Gilles BRUNO Universite Joseph Fourier - CRIP Domaine Universitaire 38041 St Martin d'Heres FRANCE Tel (33) 04 76 63 56 68 Fax (33) 04 76 51 42 74 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Oct 30 06:02:59 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA11133 for freebsd-security-outgoing; Fri, 30 Oct 1998 06:02:59 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from carp.gbr.epa.gov (carp.gbr.epa.gov [204.46.159.110]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA11126 for ; Fri, 30 Oct 1998 06:02:56 -0800 (PST) (envelope-from mjenkins@carp.gbr.epa.gov) Received: (from mjenkins@localhost) by carp.gbr.epa.gov (8.8.8/8.8.8) id IAA14329; Fri, 30 Oct 1998 08:02:49 -0600 (CST) (envelope-from mjenkins) Date: Fri, 30 Oct 1998 08:02:49 -0600 (CST) From: Mike Jenkins Message-Id: <199810301402.IAA14329@carp.gbr.epa.gov> To: ncb05@uow.edu.au Subject: Re: Connections succeed even though denied by IPFW Cc: freebsd-security@FreeBSD.ORG In-Reply-To: Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Anyone know where I could get a copy of that paper? Sounds like a > worthwhile read. ftp://ftp.greatcircle.com/pub/firewalls/papers/chapman/pkt_filtering.ps.Z Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message