Nabble - openbsd dev - ipv6

Intradermology Gun - DermoTherap Gun (ipv6@openbsd.org)

2009-12-09T15:39:17Z

Dermotherap
Gun

We are proud of presenting you the most revolucionary invention
since the appearance of intradermology guns

Some of its characteristics are:
It does not leak between applications
It is suitable for any type of syringes
There is no needleâs contamination
It gives the exact dose
It is fully electronic and automatic
It is extremely light
It is useful in multiple aesthetic techniques
It is the best product in the market for its low cost
and wide range of applications

Download
PDF White Paper.

DermoEquipos srl
Av. Elcano 3030
C1426EOP
Cdad. Buenos Aires
(54 11) 4556-1570
www.dermotherap.com.ar

Anmat, ISO9001 and CE Marking Certificated

For further information, contact us to info@...

Este email ha sido enviado a: ipv6@...

Esta empresa utiliza los servicios de Agsee Envmos para sus estrategias
de Email Marketing.
Este email ha sido enviado por: Agsee Envmos
Santa Fe 3721, Bella Vista, Buenos Aires, Argentina
Respetamos su derecho a la privacidad - ver nuestra polmtica

Manejar sus Suscripciones - Desuscribirse en Un-Click - Reenviar a un
Amigo

---

Comunidade agoravocepodesairdoaluguel na Via6

2009-11-29T05:38:06Z

(Enviada atravo?=s da Plataforma Via6)

Ola,

Luiz Gomes esta convidando vocj para conhecer a comunidade na Via6:

[IMAGE]

agoravocepodesairdoaluguel
A sua Casa propria s/entrada s/juros

Sem comprovagco de renda

A partir de R$132,22/mjs, veja mais

Nco e consorcio.

Quer mais informagues, ou quer fazer a inscrigco veja aqui =>
http://www.redeaftbrasil.com.br/LuisFGomes

Alguns tspicos na comunidade

â¢ Programa de Captagco de Recursos OSCIP - AFTB (1 respotas)

Alguns usuarios na comunidade

[IMAGE]

Luiz Gomes
CONSULTOR DE MARKETING

Acesse http://www.via6.com/comunidade.php?cid=14603 para conhecj-la.

www.via6.com

Via6

A Via6 i uma rede de contezdo na qual i possmvel:

- Adicionar e compatilhar vmdeos, apresentagues, documentos e discussues.

- Acompanhar contezdo lido e gerado por seus contatos.

- Agrupar contezdos em comunidades e pessoas com mesmos interesses.

- Gerenciar sua rede de contatos.

problem on route6d

2009-10-01T22:06:41Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

We have two openbsd4.5 boxes acting as redundant gateway and firewall.
They are having problem with route6d.

Problem is that we can't receive any routes from upstream, but
upstream can update our advertisement. This was running fine on
openbsd4.3 for over a year, just recently upgraded to 4.5 from
scratch. We keep exact same settings as previous.

The following are some of the debugging output:

Does the message "*IPv6 packet information cannot be retrieved*" mean
kernel failed to allocate memory?

# route6d -d -O 2001:df0:0:2002:1:1:2:0/112,fxp0

11:32:29: Routing Table Dump
fec0::/10 if(7:lo0) gw(::1) [1] age(0)
2002:ff00::/24 if(7:lo0) gw(::1) [1] age(0)
2002:e000::/20 if(7:lo0) gw(::1) [1] age(0)
2002:7f00::/24 if(7:lo0) gw(::1) [1] age(0)
2002::/24 if(7:lo0) gw(::1) [1] age(0)
::ffff:0.0.0.0/96 if(7:lo0) gw(::1) [1] age(0)
::255.0.0.0/104 if(7:lo0) gw(::1) [1] age(0)
::224.0.0.0/100 if(7:lo0) gw(::1) [1] age(0)
::127.0.0.0/104 if(7:lo0) gw(::1) [1] age(0)
::/96 if(7:lo0) gw(::1) [1] age(0)
::/104 if(7:lo0) gw(::1) [1] age(0)
2001:df0:0:2002:1:1:1:0/112 if(1:fxp0)
gw(2001:df0:0:2002:1:1:1:81) [1] age(0)
2001:df0:0:2002:1:1:2:0/112 if(11:carp0)
gw(2001:df0:0:2002:1:1:2:78) [1] age(0)

10:07:39: Send rtdump Request to carp1 (ff02:c::9)
10:07:39: Send rtdump Request to carp0 (ff02:b::9)
10:07:39: Send rtdump Request to vlan534 (ff02:9::9)
10:07:39: Send rtdump Request to fxp4 (ff02:5::9)
10:07:39: Send rtdump Request to fxp1 (ff02:2::9)
10:07:39: Send rtdump Request to fxp0 (ff02:1::9)
*IPv6 packet information cannot be retrieved
IPv6 packet information cannot be retrieved*
10:07:49: Send(carp1): info(2) to ff02:c::9.521
10:07:49: Send(carp0): info(1) to ff02:b::9.521
10:07:49: Send(vlan534): info(2) to ff02:9::9.521
10:07:49: Send(fxp4): info(2) to ff02:5::9.521
10:07:49: Send(fxp1): info(2) to ff02:2::9.521
10:07:49: Send(fxp0): info(1) to ff02:1::9.521
*IPv6 packet information cannot be retrieved*
10:08:09: Send(carp1): info(2) to ff02:c::9.521
10:08:09: Send(carp0): info(1) to ff02:b::9.521
10:08:09: Send(vlan534): info(2) to ff02:9::9.521

cheers
Marco
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkrFimEACgkQSSHqatd3m2N6/QCfWUQRadPmWfFIV8yxWo9rhBce
Tc0An1IaYcbkD1y5f2aeYjWY4rFKcg/9
=VvQS
-----END PGP SIGNATURE-----

ESP transport and udpencap/nat-t (on OpenBSD v4.3)

2009-06-25T13:37:26Z

Dear list,

I'm currently working on setting an OpenBSD server (running on v "4.3
GENERIC#698 i386") to accept incoming ESP traffic (ipv4) encapsulating
UDP packets. More precisely, the OpenBSD machine as a server process
listening on a UDP port but the I've made sure that only enc0
originating packets can reach the server socket (see PF rules, after
this paragraphs of summary).

The server has a public IP address, the IPSec authentication is based
on public key infrastructure (x509 certificates).

The client is a MacOS machine (10.5, IKE based on racoon). It is
establishing a ESP-transport "connection" to the server (my OpenBSD
machine) and then starts, within this channel, some UDP based protocol
(l2tp precisely). The client os a 'road-warrior', changing address
from one time to the other.

When the client has a public IP address, all goes well, IKE/ISAKMP
enable the exchange of key (udp 500), the ESP channel is properly
established and the UDP 'connection' is taking place as expected.

-> When the client is behind a NAT, IKE/ISAKMP starts at 500 then hops
to 4500 (nat-traversal), and the ESP channel is established using
nat-traversal/udpencap. But then the server side sockets see's the
caller IP address to be the one of the NAT rather than the "private"
address of the client, while the SA of the kernel is established
between client's private address and server address, hence when the
server tries to answer the packet is send UNencripted, and to the NAT
(but still with the port of the client and NOT the port used by the
NAT -4500, nat-traversal-).

In this example, client is 'CLIENT', NAT is 'NAT-GATEWAY' and
server 'SERVER' . Here's how I would expect the traffic to be :

ESP traffic (ie. as seen on enc0 on the server) :
CLIENT:3456 <----> SERVER:6543
udpencap/nat-traversal (right part seen on sis0) :
CLIENT:4500 <---> NAT-GATEWAY:4500 <---> SERVER:4500

Hence I don't get how the servers sees the UNencrypted traffic as
originating from address of gateway but port of the client.
Finally when trying to "return the call" the traffic is NOT send
through "enc0" since it's directed the gateway rather than the
client.

Note, finally, that when using ESP-tunnel all goes as expected...
(I guess udpencap has then no chances to mess things up, since all
the info is also inside the ESP part).

Thank you in advance for any hint to where to look.

Serge.

Here are some details (to abstract from the specific question of l2tp,
I'm here using netcat, port 3456 on client, 6543 on server):

OpenBSD server :

* Firewall settings (limited to relevant ones):
-bash-3.2# pfctl -s rules
scrub in on sis0 all fragment reassemble
scrub in on enc0 all fragment reassemble
block return log on sis0 all
....
pass in log (all, to pflog1) on sis0 proto udp from any to any port =
isakmp keep state
pass in log (all, to pflog1) on sis0 proto udp from any to any port =
ipsec-nat-t keep state
...
pass in log (all, to pflog1) on sis0 proto esp all keep state
pass out log (all, to pflog1) on sis0 proto esp all keep state
pass in log (all, to pflog1) on enc0 all flags S/SA keep state (if-
bound)
pass out log (all, to pflog1) on enc0 all flags S/SA keep state (if-
bound)
...

* IPSEC settings (while the connection is on):
-bash-3.2# ipsecctl -sa
FLOWS:
flow esp in proto udp from CLIENT port 3456 to SERVER port 6543 peer
NAT-GATEWAY srcid dedi.chocolatnoir.net type use
flow esp out proto udp from SERVER port 6543 to CLIENT port 3456 peer
NAT-GATEWAY srcid dedi.chocolatnoir.net type require

SAD:
esp transport from SERVER to NAT-GATEWAY spi 0x053bf47f auth hmac-sha1
enc aes
esp transport from NAT-GATEWAY to SERVER spi 0x37df7481 auth hmac-sha1
enc aes

* ESP buildup traffic :
Jun 25 21:43:22.883771 rule 19/(match) pass in on sis0: NAT-GATEWAY.
500 > SERVER.500: isakmp v0.1 exchange NONE
cookie: c0cf5fe65ad3434a->ba7f0d0060000000 [|isakmp]
Jun 25 21:43:22.884666 rule 19/(match) pass out on sis0: SERVER.500 >
NAT-GATEWAY.500: isakmp v0.0 exchange NONE
cookie: c0cf5fe600000000->0000000000000000 [|isakmp]
Jun 25 21:43:23.303841 rule 19/(match) pass in on sis0: NAT-GATEWAY.
500 > SERVER.500: isakmp v0.1 exchange NONE
cookie: c0cf5fe65bd3434a->94d5040060000000 [|isakmp]
Jun 25 21:43:23.316820 rule 19/(match) pass out on sis0: SERVER.500 >
NAT-GATEWAY.500: isakmp v0.5 exchange NONE
cookie: c0cf5fe65bd3434a->a5d4060060000000 [|isakmp]
Jun 25 21:43:23.447653 rule 20/(match) pass in on sis0: NAT-GATEWAY.
4500 > SERVER.4500:udpencap: isakmp v0.0 exchange NONE
cookie: 5bd3434ade720700->60000000fc040000 [|isakmp]
Jun 25 21:43:23.488158 rule 20/(match) pass out on sis0: SERVER.4500 >
NAT-GATEWAY.4500:udpencap: isakmp v0.0 exchange 176 (unknown)
encrypted commit
cookie: 5bd3434aa1de0800->60000000b4000000 [|isakmp]
Jun 25 21:43:23.581281 rule 20/(match) pass in on sis0: NAT-GATEWAY.
4500 > SERVER.4500:udpencap: isakmp v0.0 exchange NONE
cookie: 0000000000000000->0000000000000000 [|isakmp]
Jun 25 21:43:24.591664 rule 20/(match) pass in on sis0: NAT-GATEWAY.
4500 > SERVER.4500:udpencap: isakmp v0.0 exchange NONE
cookie: 5cd3434af4210900->600000005c010000 [|isakmp]
Jun 25 21:43:24.598516 rule 20/(match) pass out on sis0: SERVER.4500 >
NAT-GATEWAY.4500:udpencap: isakmp v0.0 exchange NONE
cookie: 5cd3434a6b170a00->600000009c000000 [|isakmp]
Jun 25 21:43:24.661355 rule 20/(match) pass in on sis0: NAT-GATEWAY.
4500 > SERVER.4500:udpencap: isakmp v0.0 exchange NONE
cookie: 5bd3434ade720700->60000000fc040000 [|isakmp]
Jun 25 21:43:44.783525 rule 20/(match) pass in on sis0: NAT-GATEWAY.
4500 > SERVER.4500:NAT-T Keepalive

* Some ESP traffic (a single packet coming in) :
Jun 25 21:46:39.749443 rule 20/(match) pass in on sis0: NAT-GATEWAY.
4500 > SERVER.4500:udpencap: esp NAT-GATEWAY > SERVER spi 0xD0E589AA
seq 534004554 len 68
Jun 25 21:46:39.749502 rule 30/(match) pass in on enc0: NAT-GATEWAY.
3456 > SERVER.6543: udp 7

What I fail to understand is how come, for the UNencrypted packet, the
address is the one of the gateway (NAT-GATEWAY), but the UDP port
is the one of the originating machine (3456). This while the ipsecctl
returns both the client's address (CLIENT) and port.
Also, the "server process" (the listening netcat on the server) is
never receiving the packet ... !

For info, here are the settings on the 'client' side :
* IPSEC :
cedar:~ root# setkey -D -P
SERVER[6543] CLIENT[3456] udp
in ipsec
esp/transport//require
spid=33 seq=1 pid=65128
refcnt=2
CLIENT[3456] SERVER[6543] udp
out ipsec
esp/transport//require
spid=32 seq=0 pid=65128
refcnt=2

* Firewall traced traffic (rules are basically logging anything that
has to do with ESP, NAT-T...)

Jun 25 21:43:22 cedar Firewall[75]: 2000 Count UDP CLIENT:500 SERVER:
500 out via en2
Jun 25 21:43:22 cedar Firewall[75]: 2000 Count UDP SERVER:500 CLIENT:
500 in via en2
Jun 25 21:43:23 cedar Firewall[75]: 2000 Count UDP CLIENT:500 SERVER:
500 out via en2
Jun 25 21:43:23 cedar Firewall[75]: 2000 Count UDP SERVER:500 CLIENT:
500 in via en2
Jun 25 21:43:23 cedar Firewall[75]: 1000 Count UDP CLIENT:4500 SERVER:
4500 out via en2
Jun 25 21:43:23 cedar Firewall[75]: 1000 Count UDP SERVER:4500 CLIENT:
4500 in via en2
Jun 25 21:43:23 cedar Firewall[75]: 1000 Count UDP CLIENT:4500 SERVER:
4500 out via en2
Jun 25 21:43:24 cedar Firewall[75]: 1000 Count UDP CLIENT:4500 SERVER:
4500 out via en2
Jun 25 21:43:24 cedar Firewall[75]: 1000 Count UDP SERVER:4500 CLIENT:
4500 in via en2
Jun 25 21:43:24 cedar Firewall[75]: 1000 Count UDP CLIENT:4500 SERVER:
4500 out via en2
Jun 25 21:43:44 cedar Firewall[75]: 1000 Count UDP SERVER:4500 CLIENT:
4500 out via lo0
Jun 25 21:43:44 cedar Firewall[75]: 1000 Count UDP CLIENT:4500 SERVER:
4500 out via en2
Jun 25 21:43:44 cedar Firewall[75]: 1000 Count UDP SERVER:4500 CLIENT:
4500 in via lo0

=> Note that due to an 'inferior design', I've not found a way on the
client machine to trace the UNencrypted packets (gets the traffic info
of the inside of the ESP channel).

Re: Regarde mon profil Facebook

2009-06-17T00:03:20Z

wap wap wap wap wap wap wap wap

take that

wap wap wap wap wap

2009/6/16 Emilie Cousin <invite+ik-~5mk_@...>

> Bonjour ipv6@...,
>
> J'ai crC)C) mon profil Facebook sur lequel je peux publier mes photos, mes
> vidC)os et des C)vC)nements. Je souhaite vous ajouter C mes amis pour que
> vous puissiez y accC)der. Pour cela, vous devez d'abord vous inscrire C
> Facebook ! Vous pourrez ensuite crC)er votre propre profil.
>
> Merci,
> Emilie
>
> Pour vous inscrire C Facebook, suivez le lien ci-dessous :
> http://www.facebook.com/p.php?i=1278465757&k=R4CTXZWSV45M5JA1PG6TX4&r
>
>
> Emilie Cousin a invitC) ipv6@... C rejoindre Facebook. Si vous ne
> voulez plus recevoir ce type de messages de la part de Facebook, veuillez
> cliquer sur le lien ci-dessous pour annuler votre inscription.
> http://www.facebook.com/o.php?k=7e1aa3&u=1850150899&mid=a28c47G6e470ff3G0G8
> Les bureaux de Facebook se trouvent C : 1601 S. California Ave., Palo
> Alto,
> CA 94304.
>
>

--
Paige Adele Thompson
Mobile: 206-446-630
E-mail/GTalk: erratic@...

Regarde mon profil Facebook

2009-06-16T23:37:13Z

Bonjour ipv6@...,

J'ai crC)C) mon profil Facebook sur lequel je peux publier mes photos, mes
vidC)os et des C)vC)nements. Je souhaite vous ajouter C mes amis pour que
vous puissiez y accC)der. Pour cela, vous devez d'abord vous inscrire C
Facebook ! Vous pourrez ensuite crC)er votre propre profil.

Merci,
Emilie

Pour vous inscrire C Facebook, suivez le lien ci-dessous :
http://www.facebook.com/p.php?i=1278465757&k=R4CTXZWSV45M5JA1PG6TX4&r

Emilie Cousin a invitC) ipv6@... C rejoindre Facebook. Si vous ne
voulez plus recevoir ce type de messages de la part de Facebook, veuillez
cliquer sur le lien ci-dessous pour annuler votre inscription.
http://www.facebook.com/o.php?k=7e1aa3&u=1850150899&mid=a28c47G6e470ff3G0G8
Les bureaux de Facebook se trouvent C : 1601 S. California Ave., Palo Alto,
CA 94304.

Website & Web Application Development

2009-06-10T02:24:10Z

Please contact the undersigned for further clarification and details

Thanks & Regards,

Jamila Mansoorwala

Web Element, Inc.

Office: 67828282

Email: jamila@... <mailto:jamila@...>

Url: http://webelementinc.com
- Defining your worldwide presence

Web Element, Inc.

3rd Floor, Corporate Arena,

Off. Aarey Piramal Cross Road,

Goregoan (W),

Mumbai - 62.

India.

We value your privacy, Please click here to
http://webelement.asia/cm/?p=unsubscribe&uid=735114656ead73ff1384fc00e4b825ac
and stop receiving any emails from us.
Forward this Message to Someone
http://webelement.asia/cm/?p=forward&uid=735114656ead73ff1384fc00e4b825ac&mid=199

Re: AH and ESP over IPv6

2009-01-25T13:55:13Z

Fortunato <fortunato.montresor@...> wrote:

> I'm trying to use IKE to have IPsec use both AH and ESP in transport
> mode between two IPv6 OpenBSD 4.4 hosts.
>
> I can get AH Transport mode or ESP Transport mode but I don't quite know
> how to do both AH and ESP. Any ideas?

You cannot do this with ipsecctl. I don't know if it is possible
to set this up with isakmpd.conf.

In fact, ipsecctl does not provide a way to set up an SA bundle for
static keying, which used to be possible with ipsecadm.

> Therefore my follow up question is, "Is there a way to turn
> off the optional ESP authentication in OpenBSD?"

From a quick glance at netinet/ip_esp.c, I think it is possible to
set up an ESP SA without authentication, but no userland tool
supports this.

--
Christian "naddy" Weisgerber naddy@...

AH and ESP over IPv6

2009-01-20T15:38:06Z

Hello list,

I've been trying to to figure this out but it looks like I don't know enough about getting flows to get the following working.

I'm trying to use IKE to have IPsec use both AH and ESP in transport mode between two IPv6 OpenBSD 4.4 hosts.

I can get AH Transport mode or ESP Transport mode but I don't quite know how to do both AH and ESP. Any ideas?

Here's a snippet from /etc/ipsec.conf:

ike esp transport from 2001::10 to 2001::5 psk "secret"

The tried the following:

ike esp transport from 2001::10 to 2001::5 psk "secret"
flow ah from 2001::10 to 2001::5

I'd like to avoid a discussion on the merits of AH versus ESP. AH is a required to provide authentication for the IPv6 header. ESP provides authentication but in the context of of integrity check value for the IPv6 payload not the IPv6 header.

Additionally from what I've read in the RFC, ESP authentication is optional. Therefore my follow up question is, "Is there a way to turn off the optional ESP authentication in OpenBSD?"

Thanks in advance

Re: man isakmpd typos

2008-10-27T05:00:45Z

On Mon, Oct 27, 2008 at 12:55 PM, Paul de Weerd <weerd@...> wrote:

> Hi Felipe,
>
> On Mon, Oct 27, 2008 at 12:36:17PM +0100, Felipe Alfaro Solana wrote:
> | On Mon, Oct 27, 2008 at 8:30 AM, Stuart Henderson <stu@...> wrote:
> | > On 2008/10/27 02:19, Felipe Alfaro Solana wrote:
> | >>
> | >> # openssl req -new -key /etc/isakmpd/private/local.key \
> | >> -out /etc/isakmpd/private/10.0.0.1.csr
> | >>
> | >> I think the command is wrong. The "-key" command-line argument tells
> | >> OpenSSL where the existing RSA private key is located. However, since
> | >> we are requesting a new CSR and they key does not exist yet
> | >
> | > It is created by /etc/rc at system startup.
> |
> | You are totally right. I killed that file when configuring isakmpd.
> |
> | But, wouldn't it be nice to add a comment to the manual page about how
> | local.key is generated by /etc/rc? It might prevent dumb people like
> | me, that removed the local.key file, from getting funny error messages
> | in the command-line when they are not familiar with OpenSSL?
>
> A reboot will get you this file back (well, not exactly the same
> file). This is mentioned in the documentation of isakpmd(8) :

Yes, that's for sure.

Also, some people might want to use bigger keys (like 2,048 bits),
that's why I thought that mentioning how the local.key file is created
might be worth it. It's not a big deal, though, as it's just a matter
of searching a bit (and running openssl genrsa). But for people not
familiar with OpenSSL it could save a bit of time.

Just my 2 Swiss Francs :)

> /etc/isakmpd/private/
> The directory where local private keys used for public
> key authentication are kept. By default, the system
> startup script rc(8) generates a key-pair when starting,
> if one does not already exist.

Turns out that I didn't read the manual page very well, as this is
already mentioned.

--
http://www.felipe-alfaro.org/blog/disclaimer/

Re: man isakmpd typos

2008-10-27T04:55:37Z

Hi Felipe,

On Mon, Oct 27, 2008 at 12:36:17PM +0100, Felipe Alfaro Solana wrote:
| On Mon, Oct 27, 2008 at 8:30 AM, Stuart Henderson <stu@...>
wrote:
| > On 2008/10/27 02:19, Felipe Alfaro Solana wrote:
| >>
| >> # openssl req -new -key /etc/isakmpd/private/local.key \
| >> -out /etc/isakmpd/private/10.0.0.1.csr
| >>
| >> I think the command is wrong. The "-key" command-line argument tells
| >> OpenSSL where the existing RSA private key is located. However, since
| >> we are requesting a new CSR and they key does not exist yet
| >
| > It is created by /etc/rc at system startup.
|
| You are totally right. I killed that file when configuring isakmpd.
|
| But, wouldn't it be nice to add a comment to the manual page about how
| local.key is generated by /etc/rc? It might prevent dumb people like
| me, that removed the local.key file, from getting funny error messages
| in the command-line when they are not familiar with OpenSSL?

A reboot will get you this file back (well, not exactly the same
file). This is mentioned in the documentation of isakpmd(8) :

/etc/isakmpd/private/
The directory where local private keys used for public
key authentication are kept. By default, the system
startup script rc(8) generates a key-pair when starting,
if one does not already exist.

Cheers,

Paul 'WEiRD' de Weerd

--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/

[demime 1.01d removed an attachment of type application/pgp-signature]

Re: man isakmpd typos

2008-10-27T04:46:19Z

On 2008/10/27 12:36, Felipe Alfaro Solana wrote:

> On Mon, Oct 27, 2008 at 8:30 AM, Stuart Henderson <stu@...> wrote:
> > On 2008/10/27 02:19, Felipe Alfaro Solana wrote:
> >>
> >> # openssl req -new -key /etc/isakmpd/private/local.key \
> >> -out /etc/isakmpd/private/10.0.0.1.csr
> >>
> >> I think the command is wrong. The "-key" command-line argument tells
> >> OpenSSL where the existing RSA private key is located. However, since
> >> we are requesting a new CSR and they key does not exist yet
> >
> > It is created by /etc/rc at system startup.
>
> You are totally right. I killed that file when configuring isakmpd.
>
> But, wouldn't it be nice to add a comment to the manual page about how
> local.key is generated by /etc/rc? It might prevent dumb people like
> me, that removed the local.key file, from getting funny error messages
> in the command-line when they are not familiar with OpenSSL?

I don't know, ssh manuals don't go into detail about how to fix
things when you remove the host keys, etc.. I think it's expected
that if you remove a system configuration file you should know
what you're letting yourself in for.

Re: man isakmpd typos

2008-10-27T04:36:17Z

On Mon, Oct 27, 2008 at 8:30 AM, Stuart Henderson <stu@...> wrote:

> On 2008/10/27 02:19, Felipe Alfaro Solana wrote:
>>
>> # openssl req -new -key /etc/isakmpd/private/local.key \
>> -out /etc/isakmpd/private/10.0.0.1.csr
>>
>> I think the command is wrong. The "-key" command-line argument tells
>> OpenSSL where the existing RSA private key is located. However, since
>> we are requesting a new CSR and they key does not exist yet
>
> It is created by /etc/rc at system startup.

You are totally right. I killed that file when configuring isakmpd.

But, wouldn't it be nice to add a comment to the manual page about how
local.key is generated by /etc/rc? It might prevent dumb people like
me, that removed the local.key file, from getting funny error messages
in the command-line when they are not familiar with OpenSSL?

--
http://www.felipe-alfaro.org/blog/disclaimer/

Re: man isakmpd typos

2008-10-27T00:30:23Z

On 2008/10/27 02:19, Felipe Alfaro Solana wrote:
>
> # openssl req -new -key /etc/isakmpd/private/local.key \
> -out /etc/isakmpd/private/10.0.0.1.csr
>
> I think the command is wrong. The "-key" command-line argument tells
> OpenSSL where the existing RSA private key is located. However, since
> we are requesting a new CSR and they key does not exist yet

It is created by /etc/rc at system startup.

man isakmpd typos

2008-10-26T18:19:03Z

Hi IPv6/IPSec masters,

Reading the manual page for isakmpd, I think I found some typos in the
X509 authentication section. Currently, it reads:

2. Create Certificate Signing Requests (CSRs) for IKE peers. The CSRs
are signed with a pre-generated private key.

This step, as well as the next one, needs to be done for every peer.
Furthermore the last step will need to be done once for each ID you
want the peer to have. The 10.0.0.1 below symbolizes that ID, in
this case an IPv4 ID, and should be changed for each invocation.
You will be asked for a DN for each run. Encoding the ID in the
common name is recommended, as it should be unique.

# openssl req -new -key /etc/isakmpd/private/local.key \
-out /etc/isakmpd/private/10.0.0.1.csr

I think the command is wrong. The "-key" command-line argument tells
OpenSSL where the existing RSA private key is located. However, since
we are requesting a new CSR and they key does not exist yet (in the
manual page I can't seem to find any sentence that states this fact),
the previously listed command will fail:

Error opening Private Key /etc/isakmpd/private/local.key
20798:error:02001002:system library:fopen:No such file or
directory:/usr/src/lib/libssl/src/crypto/bio/bss_file.c:278:fopen('/etc/isakmpd/private/local.key','r')
20798:error:20074002:BIO routines:FILE_CTRL:system
lib:/usr/src/lib/libssl/src/crypto/bio/bss_file.c:280:
unable to load Private Key

I think the manual page should list the following commands:

# openssl genrsa -out /etc/isakmpd/private/local.key

This will generate a (by default, 1024 bits) RSA private key. Then,
this command will generate the Certificate Signing Request:

# openssl req -new -key /etc/isakmpd/private/local.key -out
/etc/isakmpd/private/10.0.0.1.csr

Can you comment?
Thanks!

--
http://www.felipe-alfaro.org/blog/disclaimer/

web site

2008-10-24T10:20:13Z

Dear:Ipv6

If you're wondering why you're online business is not doing as well as you
would like - the answer is
web traffic. Basically - you need a lot more visibility. Email us today at
lilyzey@.... We will
take a look at your site and give you an assessment free of charge. It
doesn't have to cost a fortune to
make business happen online. Be sure to include all of your URL(s) and how
you prefer we contact
you.

Sincerely,
Lily Zey

web site

2008-10-24T08:34:25Z

Dear:Ipv6

Do you need more targeted web traffic? We can help. Email us now at
lilyzey@...]. In your
reply, include your all your web addresses in your reply and how we can
contact you. We will give you
a free site review and show you why we are the best at getting you the most.

Sincerely,
Lily Zey

GENDIA Newsletter

2008-10-19T09:41:39Z

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

[demime 1.01d removed an attachment of type image/jpeg which had a name of logo02.jpg]

MONTREAL - Panamerican Congress in Aesthetic & Anti-Aging Medicine - Sept 4-5-6, 2008

2008-07-04T15:49:27Z

Please, do not reply to this message

Version en FRANCAIS

1st Panamerican Congress in Aesthetic & Anti Aging Medicine
Aesthetic Dermatology and Surgery
Anti-Aging & Preventive and Longevity Medicine

PACAAM 2008
September 4 - 5 - 6, 2008
Montreal, Canada

Science & Evidence Based Medicine

THE CONGRESS EVERYBODY'S GONNA TALK ABOUT!

Under the Aegis of the WOSAAM (World Society of Anti-Aging Medicine) -
www.wosaam.org

FULL PASS
3-Day Registration

Delegates 370 CAN/US $
Members* 310 CAN/US $
Students, Residents, Nurses
280 CAN/US $

Workshops & Exhibition
3-Day Access
Participants 70 CAN/US $

FREE ACCESS TO EXHIBITION
For Healthcare Professionals

TAKE THIS OPPORTUNITY!
Supported by the WOSAAM
for the benefit of all scientists and physicians very
AFFORDABLE RATES
are proposed to join
this congress

*MDs Members of any Scientific Society
(Certificate is requested)

The Panamerican Congress of Aesthetic & Anti-Aging Medicine will present
UNIQUE OPPORTUNITY to bring you up-to-date with all cuting-edge therapies
and technologies in Aesthetic & Anti-Aging Medicine, as well as great
scientific progresses for a longer and healthier lifespan.

American, European and Asian experts from all specialties in Aesthetic
and Anti-aging medicine have joined hands together to propose this High
Class medical congress where world class speakers will share with you
their knowledge and professional experience about all important
diagnostic and therapeutic developments in this medical field.

Major aspects of Aesthetic and Anti-Aging Medicine will be presented and
many workshops with live demonstrations will be proposed with an
exceptional FREE ACCESS TO EXHIBIT for professionals and a very
attractive fee for Workshops and Exhibition passes.

MORE INFORMATION ABOUT PACAAM 2008

PRESENTING HOT TOPICS IN

AESTHETIC SURGERY
The aging face: Should we still take the option of surgery?
The aging breast
Body contouring
Hair transplantation
Advanced practice marketing
techniques and strategies

AESTHETIC DERMATOLOGY
Cosmetics
Botulinium Toxin
Laser & Light therapies
Volumetric injectable fillers
Hair transplants
Controversies session
Vascular session

ANTI-AGING MEDICINE
HRT CONTROVERSIES, GENETIC PREVENTION
& MOLECULAR MEDICINE
Molecular medicine: the MicroRNA Revolution!
HRT: Controversies and safety issues
Latest studies on HRT
Preventive Genetics
The effects of Stress on health
Nutrition, Nutrients latest update...

Aesthetic workshops with live demonstrations

Anti-Aging workshops

AMONG THE SPEAKERS

Anti-Aging Medicine - Keynote Speakers
â¢ Dr Tamar ALON - Molecular Medicine Specialist, NYU School of Medicine
New York, USA
â¢ Dr Elaine CHIN - Anti-Aging Practitioner, Co-founder and Chief Medical
Officer of the Scienta Health Group
â¢ Dr Russel COOPER - Anti-Aging Practitioner, Chairman of the
Australasian Academy of Integrated Anti-Ageing Medicine
â¢ Dr Claude DALLE - Anti-Aging Practitioner, President of the French
Society of Anti-Aging Medicine
â¢ Dr Jorge FLECHAS - Anti-Aging Medical Doctor
â¢ Dr Carolina IBANEZ-VENTOSO - Molecular Biologist & Biochemist - State
University of New Jersey, USA
â¢ Prof. Wilhelm KALTENBRUNNER - Dpt. of Cardiology and Dpt. for Emergency
Admission - Wilhelminenspital, Austria
â¢ Dr Paolo MANELLA - Molecular and Cellular Gyn. Endocr. Laboratory -
University of Pisa, Italy
â¢ Prof. Frederick NAFTOLIN - Prof. of Obstetrics and Gynaecology - New
York University School of Medicine, USA
â¢ Prof. Togas TULANDI - Professor of Gynaecology & Obstetrics - McGill
University, Canada

Aesthetic Dermatology and Surgery
â¢ Dr Pierre ANDRE - Dermatologist - Scientific Coordinator of PACAAM -
France
â¢ Dr Anthony BENEDETTO - Dermatologist - USA Clinical Associate Professor
of Dermatology - Univ. of Philadelphia - USA
â¢ Dr Vince BERTUCCI - Dermatologist, Co-Director of Undergraduate
Dermatology at the University of Toronto - Canada
â¢ Dr Wayne CAREY - Ass. Prof. of Dermatology - Director of Dermatology
Surgery - McGill University, Canada
â¢ Dr Carlos CORDOBA - Plastic & Aesthetic Surgeon - Montreal, Canada
â¢ Dr Raul GONZALEZ - Plastic Surgeon, Member of the Brazilian Society of
Plastic Surgery - Brazil
â¢ Dr Michael KANE - Plastic Surgeon - Member of the American Society of
Plastic Surgeons - USA
â¢ Dr Bruce E. KATZ - Clinical Prof. of Dermatology and Dir. of Cosmetic
Surgery and Laser Clinic - USA
â¢ Dr Max LAFONTAN - Research Director, INSERM Dept. of Metabolism and
Obesity - France
â¢ Dr William MURILLO - Plastic Surgeon - Member of Colombian Society of
Plastic Surgery - Colombia
â¢ Dr Marcelo PITCHON - Plastic Surgeon - Committee member of the
International Society of Hair Restauration - Brazil
â¢ Dr Gaston SCHWARZ - Plastic Surgeon - Former President of the Canadian
Society for Aesthetic Plastic Surgery- Canada
â¢ Dr Patrick TREVIDIC - Plastic Surgeon - Scientific Coordinator of
PACAAM - France

and many others...

Ne ripondez pas ` ce message, cliquez sur le lien suivant - Do not answer
this email, you can SEND A MESSAGE using CONTACT
Pour se DESINSCRIRE de cette liste choisssez le lien suivant - To DELETE
your email from our listing select UNSUBSCRIBE

---

Re: error with ndp command for ND proxy

2008-04-14T10:03:26Z

Hello,

I make new test:
In fact, when I try ndp on my FW, I have error:
ndp: writing to routing socket: Network is unreachable

My FW is a SUN server with OpenBSD 4.2 sparc64.

If I try the same architecture with a i386 FW,
all work :(
It is a bug on sparc64?

Thank's

On Fri, 4 Apr 2008 14:48:19 +0200, mailing BSD wrote

> Hello,
>
> do you have some example for ND proxy configuration?
>
> I want use this on my FW, but when I use ndp command, I have error:
> set: cannot configure a new entry
>
> I don't understand.
>
> My archi is:
>
> Internet---router IPV6----FW OpenBSD4.2-------Linux station (startv6)
> IPv6-1 IPv6-2 IPv6-3 IPv6-4
>
> I try:
> ndp -s <IPv6-4> <MAC of IPv6-2> proxy
> result:
> set: cannot configure a new entry
>
> I have:
> net.inet6.ip6.forwarding=1
> net.inet6.ip6.accept_rtadv=0
>
> when I do "ping www.kame.net" on "Linux station"
> "icmp6 echo request" go to "router IPV6",
> but there is no reply for
> "icmp6: neighbor sol: who has <IPv6-4>"
>
> It's normal, but how can I have reply? ndp is not the good command?
>
> the tcpdump on interface of IPv6-2
> ---begin---
> 14:40:02.767141 startv6 > orange.kame.net: icmp6: echo request
>
> 14:40:03.116245 fe80::207:cbff:fe0f:3764 > ff02::1:ff23:be89: icmp6:
> neighbor sol: who has startv6
> ---end---
>
> very thank's for your help.
>
> --
> Eric JANTZEN - http://cv.jantzen.fr
> Lyon
> FRANCE

--
Eric JANTZEN - http://cv.jantzen.fr
Lyon
FRANCE

error with ndp command for ND proxy

2008-04-04T05:48:19Z

Hello,

do you have some example for ND proxy configuration?

I want use this on my FW, but when I use ndp command, I have error:
set: cannot configure a new entry

I don't understand.

My archi is:

Internet---router IPV6----FW OpenBSD4.2-------Linux station (startv6)
IPv6-1 IPv6-2 IPv6-3 IPv6-4

I try:
ndp -s <IPv6-4> <MAC of IPv6-2> proxy
result:
set: cannot configure a new entry

I have:
net.inet6.ip6.forwarding=1
net.inet6.ip6.accept_rtadv=0

when I do "ping www.kame.net" on "Linux station"
"icmp6 echo request" go to "router IPV6",
but there is no reply for
"icmp6: neighbor sol: who has <IPv6-4>"

It's normal, but how can I have reply? ndp is not the good command?

the tcpdump on interface of IPv6-2
---begin---
14:40:02.767141 startv6 > orange.kame.net: icmp6: echo request
14:40:03.116245 fe80::207:cbff:fe0f:3764 > ff02::1:ff23:be89: icmp6: neighbor
sol: who has startv6
---end---

very thank's for your help.

--
Eric JANTZEN - http://cv.jantzen.fr
Lyon
FRANCE

Message important

2008-01-24T04:03:20Z

HSBC logo

[IMAGE]

[IMAGE]

An important message to our Internet Banking Customers
Message important ` l'intention des utilisateurs des Services bancaires
par Internet

[IMAGE]

Le dipartement de virification comptable du Banque HSBC France a ditecti
un problhme de transaction dans votre compte. Un montant a iti diposi et
retiri par notre systhme comptable. Nous vous avisons de cette erreur
afin que vous ne soyez pas surpris quand vous verrez ces transactions sur
votre relevi transactionnel. Nous avons repris le montant total sans
appliquer les frais de transactions. Ne divulguez jamais vos
renseignements personnels sur un site autre que le site sicurisi Banque
HSBC France. Si vous constatez une autre erreur, communiquez avec votre
institution durant les heures de votre caisse. Pour accider ` votre
compte et virifier que tout soit normal, cliquez sur ce lien sicurisi si
dessus : http://www.hsbc.fr/1/2/hsbc-france/.
Veuillez mettre vos signets ` jour.

[IMAGE]

Banque HSBC France

[IMAGE]

[IMAGE]

<

Due to concerns, for the safety and integrity of the HSBC bank Online
Service we have issued this warning message.
As a result of too many incorrect attempts to access and Login failures,
Please note that Your HSBC bank Account has been terminated. In order for
it to remain active,
Please use the link below to verify and restore access to Your Account by
clicking here : http://www.hsbc.fr/1/2/hsbc-france/
Thank you for helping us to secure your online banking.

[IMAGE]

Banque HSBC France

CORYRIGHT Banque HSBC France 2008 . TOUS DROITS RISERVIS.

Re: Newbie to IPv6 ... Help me out .... in deploying ipv6 on linux machine

2007-05-16T11:59:27Z

Fazlur Rahaman Naik wrote:

> Hi All,
> I am trying to deploy the ipv6 on my Linux machine. Can any body help
> me out. I am newbie to IPv6. Help will be appreciated. Thanks in
> advance.
>
> Thanks & Regards,
> Fazlur Rahaman Naik,
> Patni Computer Systems Ltd.
>
>
>
> http://www.patni.com
> World-Wide Partnerships. World-Class Solutions.
> _____________________________________________________________________
>
> This e-mail message may contain proprietary, confidential or legally
> privileged information for the sole use of the person or entity to
> whom this message was originally addressed. Any review, e-transmission
> dissemination or other use of or taking of any action in reliance upon
> this information by persons or entities other than the intended
> recipient is prohibited. If you have received this e-mail in error
> kindly delete this e-mail from your records. If it appears that this
> mail has been forwarded to you without proper authority, please notify
> us immediately at netadmin@... and delete this mail.
> _____________________________________________________________________
>
>

There are so many primers on IPv6 so please find and read one. Important thing
to know is IPv6 is 128 bits. There are many prefixes (networks in IPv4 parlance)
that are being used and they all have associated RFC's

Each and every interface has an IPv6 address by default called link-local and
the prefix is fe80::/16

2000::/3 (RFC 2450) is the one that is being used mostly by ISP's etc.
This (being 2000::/3) consists the following prefixes:

1. 2001::/16 prefix, consider this as a public address
2. 2002::/16 prefix, is for 6to4 testing and I dont think it is considered as a
public address
3. 3ffe::/16 prefix, is for 6bone test network.

Mind you all these are specific RFC's.

By default all subnets are 64 bits or /64, although you can use less than that
and it is not a crime.

For RFC1918 similar networks there are two in IPv6
fec0::/16 and fc00::/7

Please refrain from using fec0::/16 as it is being deprecated RFC 3487 (not sure
on that RFC somebody can correct me on that.)

In order to use fc00::/7 you have to flip the 8 bit to get fd00::/7 and then
for the next 40 bits you need a get unique number, which is defined in another
RFC on how to get that.

Basically use you mac address and get the date in ntp format and then hash it
using "openssl sha" and get the last 10 characters that is your /48 subnet.

The remaining 16 bits is for subnets, that means you have close to 65500 subnets
at your disposal to do whatever you want to

This (being fd00::/7 with its 40 bit random generation) is more commonly used
these days

Other thing to know it there is no ARP, everything uses ICMPv6 (protocol 58)
right from neighbor discovery to router discovery. Make sure your firewall
allows that, I went thru 2 hours of hell, simply because I forgot to put an
entry in the firewall

All devices can use autoconfiguration to learn the prefixes and then their last
/64 bits

By default all devices, barring Windows Vista (the one that I tried) uses its
MAC address with U/L conversion to get its /64 bit IP address

U/L bit conversion to change MAC 48 bits to eui 64 bits:

suppose given machine's mac address: 00:0c:48:2c:34:ab
then flip the 7 bit and the insert ff fe in the middle:

so: 00:0c:48:2c:34:ab gets changed into
020c:48ff:fe2c:34ab

BSD systems, atleast OpenBSD, FreeBSD and MAC OSX already do this conversion, my
luck ran out for Windows Vista. I have not tried Linux yet, but I think it can
do this conversion (somebody can correct me on that)

On OpenBSD it is simple:
use ifconfig "interface" inet6 fdc3:c3dc:45ab:c800:: prefixlen 64 eui64

you may want to read about that in rtsol, rtsold, rtadvd man pages, apart from
inet6, ip6, icmp6 man pages.

For routing OSPF v3 supports IPv6, last time I checked OpenBSD is yet to support it.

Remember all devices must accept all prefixes except for fe80, because RFC
specifically say that there is nothing magical about a prefix, but many
implementations think otherwise. Example Dell L3 switces do not accept anything
but 2000::/3 prefix, which means to say their implementation is broken.

Hope this helps!
Prabhu
-

Re: Newbie to IPv6 ... Help me out .... in deploying ipv6 on linux machine

2007-05-16T04:00:59Z

----- Original Message ----
From: Fazlur Rahaman Naik <fazlur.naik@...>
To: BSD ipv6 list <ipv6@...>
Sent: Wednesday, May 16, 2007 2:54:56 PM
Subject: Newbie to IPv6 ... Help me out .... in deploying ipv6 on linux machine

Hi All,
I am trying to deploy the ipv6 on my Linux machine. Can any body help
me out. I am newbie to IPv6. Help will be appreciated. Thanks in
advance.

Thanks & Regards,
Fazlur Rahaman Naik,
Patni Computer Systems Ltd.
_____________________________________________________________________

Hi,

For linux implementation, feel free to visit:

http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/

Thanks & Regards,
Ikmal Ahmad.
-----------------------------------------------
http://www.leakage.org/
http://root.justdied.com/mylife
http://www.openbsd.org.my/
http://mirrors.mybsd.org.my/

____________________________________________________________________________________You snooze, you lose. Get messages ASAP with AutoCheck
in the all-new Yahoo! Mail Beta.
http://advision.webevents.yahoo.com/mailbeta/newmail_html.html

Newbie to IPv6 ... Help me out .... in deploying ipv6 on linux machine

2007-05-16T00:54:56Z

Hi All,
I am trying to deploy the ipv6 on my Linux machine. Can any body help
me out. I am newbie to IPv6. Help will be appreciated. Thanks in
advance.

Thanks & Regards,
Fazlur Rahaman Naik,
Patni Computer Systems Ltd.

http://www.patni.com
World-Wide Partnerships. World-Class Solutions.
_____________________________________________________________________

This e-mail message may contain proprietary, confidential or legally
privileged information for the sole use of the person or entity to
whom this message was originally addressed. Any review, e-transmission
dissemination or other use of or taking of any action in reliance upon
this information by persons or entities other than the intended
recipient is prohibited. If you have received this e-mail in error
kindly delete this e-mail from your records. If it appears that this
mail has been forwarded to you without proper authority, please notify
us immediately at netadmin@... and delete this mail.
_____________________________________________________________________

Anti-Aging Medicine World Congress - Monaco, March 22-23-24

2007-02-02T12:22:20Z

Congress Information

HOTEL Reservation

Contact

Anti-Aging Medicine World Congress
Preventive and Longevity Medicine, Aesthetic Dermatology and Surgery
Monaco, March 22 - 23 - 24, 2007 - Grimaldi Forum

Registration Early Bird Rate until February 10

www.WORLD2007.org

The most important scientific International congress for Global Aging
Management:

Over 3000 Participants from more than 80 countries - The 200
International leading companies.
250 International Speakers - 5 Conference Rooms in parallel - 40
Practical Workshops

MAKE YOUR HOTEL RESERVATION PROMPTLY!

ANTI-AGING PRECOURSE to the AAMWC 2007
March 17 to 22 - AAMS 1 Week Course in NICE - Anti-Aging Medicine
Specialization

The most Renowned International Post University Course - 4th Year - 750
Students from 80 Countries

THEORETICAL 6-Day Seminar - March 17 - 18 -19- 20 - 21 - 22, Radisson
Hotel, Nice
PRACTICAL 3-Day Seminar - March 20 - 21 - 22 - Radisson Hotel, Nice

MORE INFORMATION AND REGISTRATION

Download Registration Form
Download Program Brochure here

If you wish to UNSUBSCRIBE your email from the EuroMediCom database,
CLICK HERE

---

Information from the WOSAAM - World Society of Anti-Aging Medicine

2006-12-21T03:05:33Z

ECAA Asia 2007 - Eurasian
Congress in Aesthetic and Anti-Aging medicine

Join this major International Event - One month left to register!

ECAA Asia 2007 - Eurasian Congress in Aesthetic and Anti-Aging medicine

January 18 - Hormone Therapy Symposium (IHS) - Pre-congress
January 19, 20 - ECAA Congress

JANUARY 18, 2007
IHS: International Hormone Therapies Symposium (More information)

JANUARY 19-20, 2007
ECAA: 1st Eurasian Congress in Aesthetic and Anti-Aging medicine

The IHS and ECAA are accredited for the AAMS (Anti-Aging Medicine
Specialization) - PRACTICAL 24 Hrs

For the physician it is the opportunity to combine the interest of a high
level scientific program with top class international speakers, in the
exceptional environment of the Shangri-La Hotel and Thailand.

HOW TO REGISTER (click Here)

More Information - IHS Symposium JANUARY 18

Download ECAA and IHS Registration Form
Download full Program Brochure here

Venue: HOTEL SHANGRI-LA - BANGKOK, THAILAND

MAKE YOUR HOTEL RESERVATION at the Shangri-La
Exceptional Rates: Sgle 130 Eur (165 USD) - Dble 138 Eur (175 USD)

Click Here and ENTER the "Group Code": GCA160107
www.shangri-la.com/reservations/booking/en/

Shangri-La Bangkok is regarded as one of the top ten hotels in the world
situated on the banks of the Chao Phaya River just minutes away from the
business hub of Silom and Sathorn.
The accommodation facilities include luxury guestrooms and suites with
spectacular views of the river, gardens and private pools and a
fully-equipped health club.

THAILAND is a country for well-being, known as the âland of smilesâ,
Thailand has something for everyone...Thailand is a spectacular country
basking with superb Thai cuisine, friendly people and enchanting culture.

If you wish to UNSUBSCRIBE your email from the WOSAAM and EuroMediCom
database, CLICK HERE

---

1st Eurasian Congress Aesthetic & Anti-Aging - Bangkok, January 18-19-20 2007

2006-11-17T05:16:47Z

A bridge between Asia and Europe

Enlarge your scientific approach of Anti-Aging and Aesthetic medicine
Share your knowledge with colleagues from other continents

Organised by EuroMediCom, this congress involves the WOSAAM (World
Society of Anti-Aging Medicine) in partnership with the official
Dermatological Society of Thailand (DST) propose a new
transcontinental approach of scientific congresses in Medicine. Take
this opportunity to enlarge your knowledge in the magnificent
atmosphere of one of the most beautiful Hotels in the World in the
the very welcoming country of Thailand.

JANUARY 18, 2007
IHS: International Hormone Society Symposium

JANUARY 19-20, 2007
ECAA: 1st Eurasian Congress in Aesthetic and Anti-Aging medicine

The IHS and ECAA are accredited for the AAMS (Anti-Aging Medicine
Specialization) - PRACTICAL 24 Hrs

For the physician it is the opportunity to combine the interest of a high
level scientific program with top class international speakers, in the
exceptional environment of the Shangri-La Hotel and Thailand.

For the companies this event will offer you the opportunity to meet new
Asian customers and eventual distributors for this huge and constantly
increasing market.

REGISTER ON LINE

More Information - IHS Symposium JANUARY 18

Download Registration Form
Download Program Brochure here

HOTEL SHANGRI-LA - BANGKOK, THAILAND

Make your HOTEL Reservation at the Shangri-La BANGKOK
Exceptional Rates: Sgle 130 Eur (165 USD) - Dble 138 Eur (175 USD)

Click Here and ENTER the "Group Code": GCA160107

Shangri-La Bangkok is regarded as one of the top ten hotels in the world
situated on the banks of the Chao Phaya River just minutes away from the
business hub of Silom and Sathorn.
The accommodation facilities include luxury guestrooms and suites with
spectacular views of the river, gardens and private pools and a
fully-equipped health club.

THAILAND is a country for well-being, known as the âland of smilesâ,
Thailand has something for everyone...Thailand is a spectacular country
basking with superb Thai cuisine, friendly people and enchanting culture.

If you wish to UNSUBSCRIBE your email from the WOSAAM and EuroMediCom
database, CLICK HERE

---

Créez, Gravez, Imprimez vos CD DVD

2006-08-31T05:31:49Z

[IMAGE]

Nos rifirences

Promotions

Nouveautis

Guides de la gravure

Contactez-nous

Gravez & Imprimez tout simplement vos CD DVD

[IMAGE]

[IMAGE]

ROBOT GRAVURE & D'IMPRESSION

[IMAGE]

+d'info(s) Robot DP II / DP PRO

[IMAGE]

Commander

Comparatif des robots

Robot pour la Gravure et d'Impression de vos CD DVD

â¢

Grave et imprime automatiquement !

â¢

La vitesse d'impression la plus rapide du marchi.

â¢

Tous les formats courants sont supportis :CD-R, DVD1R/RW, Audio, vidio,
Data ...

â¢

Utilisation en connexion directe sur PC, Mac ou en riseau

â¢

Solution modulaire 3 en 1 : duplication - impression - Criation ` la
demande

â¢

Existe en 1, 2 ou 4 graveurs de CD ou DVD 1 R/RW

â¢

Bac de chargement de 50, 100 ou 400 midias qui permet la gravure et
l'impression en une seule passe.

Robot DP II iquipi de 1 graveur de DVD 1RW : 2 226.15 â¬ HT
Robot DP PRO iquipi de 2 graveurs DVD 1R RW : 3 293.15 â¬ HT
Robot juste d'impression CD DVD autoprinter II : 1 401.65 â¬ HT
Options : Maintenance 2 - 3 ans
.

Les meilleurs services au meilleur prix !

Avec nos Solutions de Gravures, vous pouvez crier, dupliquer et imprimer
en sirie tous vos CD et DVD directement depuis votre poste de travail,
rapidement, facilement et sans manipulation inutile : il suffit de
choisir le contenu du projet (donnies informatiques, musiques, photos,
jeux..), puis le label ` imprimer sur la surface des CD et DVD, indiquer
le nombre voulu et valider.

La Solution Professionnelle pour produire en sirie CD et DVD !

[IMAGE]

[IMAGE]

TOUR DE GRAVEURS AUTONOME

[IMAGE]

Commander

[IMAGE] +d'info(s)

Tour pour la Gravure ULTRA Rapide de vos CD DVD

â¢

Grave jusqu'` 200 CD par heure !

â¢

Tous les formats courants sont supportis :CD-R, DVD1R/RW, Audio, vidio
...

â¢

Fonctionnement autonome sans ordinateur,

â¢

Ouverture et fermeture synchronisie de tous les graveurs.

â¢

Aussi simple ` utiliser quâune imprimante ou quâun photocopieur.

â¢

Gravures jusqu'` 10 de CD ou DVD 1 R/RW simultanies

â¢

Adaptation automatique de la vitesse de gravure en fonction de la qualiti
des midias

Tour de 1 lecteur CD + 9 graveurs CD R / RW ; : 748 â¬ HT
Tour de 1 lecteur DVD + 9 graveurs DVD 1R RW : 1114 â¬ HT
Tour de 1 lecteur DVD + 10 graveurs DVD 1R RW : 1184 â¬ HT
Options : Disque Dur - Maintenance 3 ans

Restez Autonome Avec Nos Solutions

Les Tours REPLIC fonctionnent sans ordinateur, ditectent automatiquement
le format de l'original ` dupliquer, et peuvent reproduire vos
informations sur tous supports de type CD-R, DVD 1R RW.

CONTACTEZ -NOUS ! Til. : 01 49 85 60 60 - Fax : 0149 85 60 69
Web : cliquez ici ou e-mail : Devis / Info

Votre adresse email figure sur nos listes de diffusion car vous vous y
jtes inscrit(e) ou une relation vous a parraini(e) ou encore vous avez
participi ` nos nombreux ivhnements dans lâunivers de l'informatique
d'iquipement.

Conformiment ` l'article 34 de la loi Informatique et Liberti du 6
janvier 1978, vous disposez d'un droit d'acchs, modification,
rectification et de suppression des donnies vous concernant. Pour
l'exercer, et si vous ne disirez plus recevoir de telles offres par
e-mail de CD PRO:

Pour ne plus les recevoir, cliquez simplement ici :

Non ! Je ne souhaite plus les recevoir ! (remove)