@mike I love this one so far, and I liked the predecessor from the same source a lot too.
This one has a nice aluminum chassis and is essentially noiseless so far.
More bang for the buck than thinkpads but no option for trackpoint-ish pointer device -- the only downside I see.
OpenBSD and the modern laptop http://bsdly.blogspot.com/2017/07/openbsd-and-modern-laptop.html - in which I OpenBSDize a 13.3inch, 1.5kg i7 kaby lake-equipped 32GB+2.5TB laptop and love it
On the Insecurity of TIOCSTI http://undeadly.org/cgi?action=article&sid=20170701132619&mode=expanded&count=0
KARL - kernel address randomized link http://undeadly.org/cgi?action=article&sid=20170613041706
OpenBSD Daily, code review, and you http://undeadly.org/cgi?action=article&sid=20170609165410
Freshly discovered pet hate: Apps that claim to resume file transfers but actually restart them. Bonus for reaching 98.7% before doing just that.
For those who care about email, my 2012 piece "In The Name Of Sane Email: Setting Up OpenBSD's spamd(8) With Secondary MXes In Play - A Full Recipe" http://bsdly.blogspot.no/2012/05/in-name-of-sane-email-setting-up-spamd.html has been slightly modernized. Enjoy! (yes, #OpenBSD #spamd)
The actual presentation for our #OpenBSD #PF tutorial https://www.bsdcan.org/2017/schedule/events/805.en.html at @bsdcan is inching closer to being ready for prime time. (now with working url, thanks @kurtm)
@lattera I may be missing something (getting late here in CEST land) but try rules that deal specifically with passing and if necessary rdr for ssh.
also route-to is a bit scary because it depends on the endpoint having a sensible answer (route).
Anyway, the way forward is to add log (all) to relevant rules, get friendly with tcupdump :).
BTW does freebsd have log(matches) yet? would be ideal here on selected rules.
The actual presentation for our #OpenBSD #PF tutorial https://www.bsdcan.org/2017/schedule/events/805.en.htmlat @bsdcan is inching closer to being ready for prime time.
heh. looks like my old rant on "Why not use port knocking?" http://bsdly.blogspot.com/2012/04/why-not-use-port-knocking.html is getting some attention again, somewhere. Enjoy those Unicode passwords, all!
Just got to love it when one connection yields two new spamtraps, from a sender that tries to pose as the receiving domain: May 13 07:14:14 skapet spamd: new entry 188.8.131.52 from <email@example.com> to <firstname.lastname@example.org>, helo bsdly.com.
In case you missed it - the "OpenBSD and you - How to have fund with the world's most important free software project" https://home.nuug.no/~peter/openbsd_and_you/ presentation has been updated with #OpenBSD 6.1 and past info.