[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Some nasty rumours and minor problems.
- To: bugs_(_at_)_openbsd_(_dot_)_org
- Subject: Some nasty rumours and minor problems.
- From: "Terry Wilson" <linuxfreak_(_at_)_partition_(_dot_)_com>
- Date: 18 Jan 2001 22:33:50 -0000
The /etc/services file issues the UDP ports 1645 and 1646 to
RADIUS services, which is incorrect.
The RADIUS port is 1812
The RADIUS accounting port is 1813
The incorrect RADIUS port 1645 is for the "diametrics" service, go to http://www.freeradius.org/rfc/rfc2865.txt (bottom of page 1, under "Implementation Notice" to confirm.
The incorrect accounting port 1646 is for the "sa-msg-port" service, go to http://www.freeradius.org/rfc/rfc2866.txt (middle of page 1, under "Implementation Notice" to confirm.
Fixing it was simply a matter of changing the file /etc/services to the correct UDP port numbers and services. We might be the first ISP ever to use OpenBSD on our RADIUS, so this problem may have gone unnoticed. The performance of OpenBSD has proven otherwise perfect. I read the testimony that described the overnight cracking of a Red Hat server <i>after</i> I had to bimap my Red Hat workstation through our firewall with pass all rules so I could use its ftp service from the void (a different network in the same building, not linked to ours.) It appears that physically unplugging the box from the network whenever it didn't absolutely need network access was even sounder practice than I thought!!
Another minor problem is that bugs_(_at_)_openbsd_(_dot_)_org is the only email address I could find on the OpenBSD website for contacting the developers of OpenBSD.
As for the nasty rumours:
I heard that OpenBSD didn't have (nor was working towards) SNMP multiple processor support.
I heard from the same source that FreeBSD is considerably faster and better at handling large service loads (ie: web and email traffic.)
I find both of these statements extremely hard to believe considering my previous experience at operating OpenBSD. The user management system of OpenBSD is considerably improved, and I have found OpenBSD system management very easy both locally and remotely. As a sysad, I have been handed a heavily reconfigured FreeBSD box (I know nothing about FreeBSD aside from general Unix principles, and the person who handed it to me is the source of the above nasty rumours.) A typo managed to sneak into the root password when I changed it, so now I can't log into the box. I am confident I can eventually crack the FreeBSD box so I can reacquire its configuration. Any word on porting that configuration to a box sporting OpenBSD 2.8?
I forgot the sysctl.conf file in configuring my firewall. If you noticed the multiple installation syndrome from an IP 18.104.22.168 on ftp.openbsd.org, that was me.
Thanks for your help.
aka Tux the Linux Freak
PS: All my "Unix-dumb" friends think that Sushi Fugu (v2.8 cover) is cute, but agree that her well armed brother (with the translation :) is "cuter." I think the next release of <i>Maximum Security</i> (Anonymous, Sams.net 1997) should have Sushi Fugu on the cover!
Get Your Own Private, Free Email Account at http://www.dotcomemail.com
Now With Over 1,500 Com, Net, and Org Domains to Choose From!
Visit your host, monkey.org