Re: [CentOS] ultrasecure sshd server

[Eero Volotinen]

2011/6/10 Devin Reade :
> --On Friday, June 10, 2011 08:55:47 PM +0200 Ljubomir Ljubojevic
>  wrote:
>
>> Devin Reade wrote:
>>> Another option that you might want to look at is putting up an OpenBSD
>>> gateway running authpf (see ).
> [snip]
>> That is not something to strive for.
>
> Depends on the requirements.

Adding more boxes to network and still not resolving the original
problem is not really good way.

--
Eero
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6 LiveCD top 5 apps

[Keith Roberts]

On Sat, 11 Jun 2011, n...@li.nux.ro wrote:

> To: centos@centos.org
> From: n...@li.nux.ro
> Subject: [CentOS] C6 LiveCD top 5 apps
> 
> Regarding http://twitter.com/CentOS/statuses/79336297579282432
>
> I don't have a twitter account so I'm spamming the list since it looks on
> topic :)
>
> I'd like to see on the LiveCD the following:
> 1. latest dd_rescue
> 2. latest gparted
> 3. ntfs-3g
> 4. screen
> 5. mc
>
> How about you?

mc is the first thing I install on top of a basic DVD 
kickstart installation. It allows me to continue easily with 
the rest of the installation and configuration. So having it 
on live cd would be fine as well.

Regards,

Keith

-
Websites:
http://www.karsites.net
http://www.php-debuggers.net
http://www.raised-from-the-dead.org.uk

All email addresses are challenge-response protected with
TMDA [http://tmda.net]
-
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6 LiveCD top 5 apps

[cornel panceac]

2011/6/11 

> Regarding http://twitter.com/CentOS/statuses/79336297579282432
>
> I don't have a twitter account so I'm spamming the list since it looks on
> topic :)
>
> I'd like to see on the LiveCD the following:
> 1. latest dd_rescue
> 2. latest gparted
> 3. ntfs-3g
> 4. screen
> 5. mc
>
> How about you?
>
> system rescue cd
sysresccd.org
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Vim scripting - cursor motion

[Jussi Hirvi]

On 10.6.2011 21.42, Les Mikesell wrote:
> I thought the point of using vim instead of something more appropriate
> for scripting was that you already knew how to use it.

I only wrote that I know vim *better* than sed, awk or perl. Obviously 
there is a lot about vim that I don't know.

 > Why not do:
> vim -W script testfile
> and go through the motions you know (which can include 1G to go to the
> 1st line and G to go to the last).
> Then run
> vim -s script realfile
> to do the same actions again.

Ok, that helped me along. For some reason the motions (like 1G0 for 
beginning of file, or G$ for last char in file) work, when the script is 
called from command-line with -s flag (vim -s myscript myfile). But they 
don't work when the script is called from inside vim (:source myscript). 
I wonder why.

However, this script does more or less what I want - transforms a 
tab-text file to a comma-separated (CVS) file:

:% s/\t/","/g
:% s/\r\n/\r/g
:% s/\n/"),\r("/g
1G0I("^[
Gdd
G$xa;^[
:w

Comments to lines:
1) replace tabs
2) make line endings regular
3) insert quotes and brackets to end & beginning fo each line
4) handle the beginning of file
5) remove the last line (created by this script)
(the command G works, but it rings the bell for some reason)
6) handle the end of file
7) write file

So this was my first-ever vim script. So far I am not convinced about 
vim scripting (ok, I was warned, too)... Test cycle is slow (modify 
script, quit the realfile, open realfile again with vim -s script). 
Verbal error messages would be useful. There is supposed to be 
"integrated debugger". I would like to know more.

- Jussi

-- 
Jussi Hirvi * Green Spot
Suvilahdenkatu 1 B 78 * 00500 Helsinki * Finland
Tel. +358 9 493 981 * Mobile +358 40 771 2098 (only sms)
jussi.hi...@greenspot.fi * http://www.greenspot.fi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6 LiveCD top 5 apps

[Ljubomir Ljubojevic]

n...@li.nux.ro wrote:
> Regarding http://twitter.com/CentOS/statuses/79336297579282432
> 
> I don't have a twitter account so I'm spamming the list since it looks on 
> topic :)
> 
> I'd like to see on the LiveCD the following:
> 1. latest dd_rescue
> 2. latest gparted
> 3. ntfs-3g
> 4. screen
> 5. mc
> 
> How about you?
> 

It's nice list but a bit small for my taste :-D

Official LiveCD can not have anything from other repos.

When C6 is released I am going to create LiveCD with:
2, 3, 4, 5, 6,
krusader
lvm (if it is not already in kernel but I think it is)
mdmonitor
gftp
pidgin
thunderbird
xchat
ktorrent
d4x
skype
amarok-extras-freeworld
smplayer
nmap-frontend
rdesktop
tsclient
k3b
kdiff3
krename
yumex
gftp
fuse-ntfs-3g
isomaster
system-config-lvm
mc
webmin
shorewall
ghostscript
kmod-nvidia?(elrepo modules)?
nvidia-x11-drv?(elrepo modules)?
fglrx*?(elrepo modules)?
gksu(or alternative)
plnet-release (my own release package)
madwifi+madwifi module with AR5007EG support.
webmin
shorewall
non-free codecs

Some things will not be added, some will, etc.

List is from my LiveCD on CentOS 5.3 with added services: 
cups,haldaemon,mcstrans,NetworkManager,portmap,restorecond,mdmonitor

You can download and use it: 
http://rpms.plnet.rs/plnet-centos5-i386/CentOS-5.3-PLNet-i386-LiveCD.iso
but be warned that it is not an Official LiveCD and that is contains 
custom packages from mine and other third-party repositories. And that 
my packages were not signed back then.

Ljubomir
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6 LiveCD top 5 apps

[Arun Khan]

On 6/11/11, cornel panceac  wrote:
>> system rescue cd
> sysresccd.org

+1 and it has a whole lot more.  The swiss knife of rescue/Live CDs.

-- 
Arun Khan
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Vim scripting - cursor motion

[Les Mikesell]

On 6/11/11 4:03 AM, Jussi Hirvi wrote:
>>
> So this was my first-ever vim script. So far I am not convinced about
> vim scripting (ok, I was warned, too)... Test cycle is slow (modify
> script, quit the realfile, open realfile again with vim -s script).
> Verbal error messages would be useful. There is supposed to be
> "integrated debugger". I would like to know more.

I'd still recommend learning to do it in perl as being likely faster and more 
generally useful, especially if the sql db you mentioned can be accessed 
directly. The regeps will be approximately the same and it is easy to find perl 
example code for DBI operations and manipulating files.  And unlike working in 
shell/awk/editors, you very seldom find an operation that perl can't do itself 
so it often ends up simpler than the shell wrapper you need for other tools.

-- 
   Les Mikesell
lesmikes...@gmail.com

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ultrasecure sshd server

[Les Mikesell]

On 6/10/11 10:48 AM, Eero Volotinen wrote:
> 2011/6/10 Les Mikesell:
>> On 6/10/2011 3:35 AM, Ljubomir Ljubojevic wrote:
>>> Robert Spangler wrote:
 On Thursday 09 June 2011 17:34, the following was written:

>How to configure sshd to required both ssh public key and user
>password also? yes, stupid, but required on my setup..

 Have you thought about securing your ssh keys with a pasword? I do that 
 here
 so if someone would happen to get a hold of my keys they still could not 
 use
 them.  I am guessing that is why you are looking for both keys and 
 passwords.


>>> Not really. My view is so he can authenticate from his own PC without
>>> the need to type the password, but if he is on someone else's system he
>>> whould use regular password. That is what I would like to be able to do.
>>
>> That's just normal behavior when both are enabled.  If the key works,
>> you don't get the password prompt.  But even in the 'ultrasecure'
>> scenario of requiring both, do you really want people typing their
>> passwords on equipment that might have a keylogger running?
>
> Yes, because of compliancy requirements. ssh public key does not
> support expiring public keys. (maybe you can use cron job to delete too
> old public keys from server?)

You could do that - or disable the logins where old keys exist, but you'd need 
to keep your own database of old keys to check since they are appended in the 
file and you probably wouldn't trust the timestamp anyway.  And you'd need some 
way to fix the situation after the user is locked out.

How about running openvpn with client certs to get through a firewall, then ssh 
with passwords?  That could all run on the same box or you could only block 
port 
22 from 'outside' for more convenient access.

-- 
   Les Mikesell
lesmikes...@gmail.com


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Vim scripting - cursor motion

[Alain Péan]

Le 11/06/2011 17:56, Les Mikesell a écrit :
> On 6/11/11 4:03 AM, Jussi Hirvi wrote:
>> So this was my first-ever vim script. So far I am not convinced about
>> vim scripting (ok, I was warned, too)... Test cycle is slow (modify
>> script, quit the realfile, open realfile again with vim -s script).
>> Verbal error messages would be useful. There is supposed to be
>> "integrated debugger". I would like to know more.
> I'd still recommend learning to do it in perl as being likely faster and more
> generally useful, especially if the sql db you mentioned can be accessed
> directly. The regeps will be approximately the same and it is easy to find 
> perl
> example code for DBI operations and manipulating files.  And unlike working in
> shell/awk/editors, you very seldom find an operation that perl can't do itself
> so it often ends up simpler than the shell wrapper you need for other tools.
>

I hope not to begin a flame war, but I would recommend Python. It can do 
the same things as Perl (regexp ansd so on), but is easier and faster to 
learn, and the code is also much more readeable...

Alain
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Vim scripting - cursor motion

[Les Mikesell]

On 6/11/11 11:08 AM, Alain Péan wrote:
>
>>> So this was my first-ever vim script. So far I am not convinced about
>>> vim scripting (ok, I was warned, too)... Test cycle is slow (modify
>>> script, quit the realfile, open realfile again with vim -s script).
>>> Verbal error messages would be useful. There is supposed to be
>>> "integrated debugger". I would like to know more.
>> I'd still recommend learning to do it in perl as being likely faster and more
>> generally useful, especially if the sql db you mentioned can be accessed
>> directly. The regeps will be approximately the same and it is easy to find 
>> perl
>> example code for DBI operations and manipulating files.  And unlike working 
>> in
>> shell/awk/editors, you very seldom find an operation that perl can't do 
>> itself
>> so it often ends up simpler than the shell wrapper you need for other tools.
>>
>
> I hope not to begin a flame war, but I would recommend Python. It can do
> the same things as Perl (regexp ansd so on), but is easier and faster to
> learn, and the code is also much more readeable...

There is sort-of a tradeoff in the syntax choices between the languages.  Perl 
is easier to write because it is flexible and you can use a syntax that 
resembles something you already know (shell/c/awk) with simple changes.  That 
makes other peoples perl less readable, but not your own.  The other win for 
perl is that any operation that would take more than a page of code that you 
are 
likely to want to do has almost certainly already been done and is available as 
a module on CPAN (and possibly packaged as an rpm).  Does python have anything 
to match that yet?  How many database types can it access with available 
modules?  Perl's DBI/DBD connector list is pretty large.

-- 
   Les Mikesell
 lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Vim scripting - cursor motion

[Alain Péan]

Le 11/06/2011 18:22, Les Mikesell a écrit :
> On 6/11/11 11:08 AM, Alain Péan wrote:
 So this was my first-ever vim script. So far I am not convinced about
 vim scripting (ok, I was warned, too)... Test cycle is slow (modify
 script, quit the realfile, open realfile again with vim -s script).
 Verbal error messages would be useful. There is supposed to be
 "integrated debugger". I would like to know more.
>>> I'd still recommend learning to do it in perl as being likely faster and 
>>> more
>>> generally useful, especially if the sql db you mentioned can be accessed
>>> directly. The regeps will be approximately the same and it is easy to find 
>>> perl
>>> example code for DBI operations and manipulating files.  And unlike working 
>>> in
>>> shell/awk/editors, you very seldom find an operation that perl can't do 
>>> itself
>>> so it often ends up simpler than the shell wrapper you need for other tools.
>>>
>> I hope not to begin a flame war, but I would recommend Python. It can do
>> the same things as Perl (regexp ansd so on), but is easier and faster to
>> learn, and the code is also much more readeable...
> There is sort-of a tradeoff in the syntax choices between the languages.  Perl
> is easier to write because it is flexible and you can use a syntax that
> resembles something you already know (shell/c/awk) with simple changes.  That
> makes other peoples perl less readable, but not your own.  The other win for
> perl is that any operation that would take more than a page of code that you 
> are
> likely to want to do has almost certainly already been done and is available 
> as
> a module on CPAN (and possibly packaged as an rpm).  Does python have anything
> to match that yet?  How many database types can it access with available
> modules?  Perl's DBI/DBD connector list is pretty large.
>

Here it is. It seems to me rather large, even if I don't know the 
equivalent list for Perl :
http://wiki.python.org/moin/DatabaseInterfaces

There are also a very large number of Python modules available, and 
tools to easily install them, for example there :
http://pypi.python.org/pypi

Alain
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6 LiveCD top 5 apps

[Lamar Owen]

On Saturday, June 11, 2011 01:56:08 AM n...@nux.ro wrote:
> R P Herrold writes:
> > CentOS 6 Live CD would composed of packges from the 
> > distribution's packages

> Why? What's wrong with a few extra packages from EPEL?

EPEL is not part of CentOS, that's what.  Nothing per se is wrong with EPEL; 
it's just that the Official CentOS LiveCD needs to contain packages from the 
Official CentOS Repositories and nothing more.

You should install Revisor, and master your own Live media with EPEL or ATrpms 
or ELrepo or rpmforge or remi or whatnot packages; it's not that hard.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Vim scripting - cursor motion

[Jussi Hirvi]

On 11.6.2011 19.08, Alain Péan wrote:
> I hope not to begin a flame war, but I would recommend Python. It can do
> the same things as Perl (regexp ansd so on), but is easier and faster to
> learn, and the code is also much more readeable...

In practice, any language you know well enough... This is a simple task.

- Jussi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6 LiveCD top 5 apps

[Les Mikesell]

On 6/11/11 11:54 AM, Lamar Owen wrote:
> On Saturday, June 11, 2011 01:56:08 AM n...@nux.ro wrote:
>> R P Herrold writes:
>>> CentOS 6 Live CD would composed of packges from the
>>> distribution's packages
>
>> Why? What's wrong with a few extra packages from EPEL?
>
> EPEL is not part of CentOS, that's what.  Nothing per se is wrong with EPEL; 
> it's just that the Official CentOS LiveCD needs to contain packages from the 
> Official CentOS Repositories and nothing more.
>
> You should install Revisor, and master your own Live media with EPEL or 
> ATrpms or ELrepo or rpmforge or remi or whatnot packages; it's not that hard.

Is revisor scriptable to the point where people could share their list of 
repos/packages and anyone could run the script and get an identical (but up to 
date) iso?

-- 
   Les Mikesell
lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6 LiveCD top 5 apps

[Lamar Owen]

On Saturday, June 11, 2011 01:56:33 PM Les Mikesell wrote:
> On 6/11/11 11:54 AM, Lamar Owen wrote:
> > You should install Revisor, and master your own Live media with EPEL or 
> > ATrpms or ELrepo or rpmforge or remi or whatnot packages; it's not that 
> > hard.
 
> Is revisor scriptable to the point where people could share their list of 
> repos/packages and anyone could run the script and get an identical (but up 
> to 
> date) iso?

AFAIK, it uses a kickstart file to compose.  The docs are on the 
FedoraProject's pages.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6 LiveCD top 5 apps

[Ljubomir Ljubojevic]

Lamar Owen wrote:

On Saturday, June 11, 2011 01:56:33 PM Les Mikesell wrote:

On 6/11/11 11:54 AM, Lamar Owen wrote:

You should install Revisor, and master your own Live media with EPEL or ATrpms 
or ELrepo or rpmforge or remi or whatnot packages; it's not that hard.
 
Is revisor scriptable to the point where people could share their list of 
repos/packages and anyone could run the script and get an identical (but up to 
date) iso?


AFAIK, it uses a kickstart file to compose.  The docs are on the 
FedoraProject's pages.


I used livecd-tools package from EPEL and Fedora howto: 
http://fedoraproject.org/wiki/How_to_create_and_use_a_Live_CD


I took CentOS official LiveCD .ks file and adapted it for desired 
packages and repos.


I have attached my .ks file. It uses my plnet repository for some extra 
packages. Also attached is centos-livecd-desktop.ks with only official 
repositories, so you can compare and see what I have changed.


Ljubomir
lang en_US.UTF-8
keyboard us
timezone US/Eastern
auth --useshadow --enablemd5
selinux --disabled
firewall --enabled
repo --name=a-base--baseurl=http://mirror.centos.org/centos/5/os/$basearch
repo --name=a-updates 
--baseurl=http://mirror.centos.org/centos/5/updates/$basearch
repo --name=a-extras  
--baseurl=http://mirror.centos.org/centos/5/extras/$basearch
repo --name=a-centosplus  
--baseurl=http://centos.plnet.rs/mrepo/plnet-centos5-i386/RPMS.centosplus
repo --name=a-live
--baseurl=http://www.nanotechnologies.qc.ca/propos/linux/centos-live/$basearch/live
repo --name=a-epel  
--baseurl=http://centos.plnet.rs/mrepo/plnet-centos5-i386/RPMS.epel
repo --name=a-elrepo  
--baseurl=http://centos.plnet.rs/mrepo/plnet-centos5-i386/RPMS.elrepo
repo --name=a-plnet-downloaded  
--baseurl=http://rpms.plnet.rs/centos5-i386/RPMS.plnet-downloaded
repo --name=a-plnet-releases  
--baseurl=http://rpms.plnet.rs/centos5-i386/RPMS.plnet-releases
repo --name=a-plnet  --baseurl=http://rpms.plnet.rs/centos5-i386/RPMS.plnet
xconfig --startxonboot
part / --size 4096
services 
--enabled=cups,haldaemon,mcstrans,NetworkManager,portmap,restorecond,mdmonitor,bluetooth,netfs,network
 
--disabled=anacron,auditd,cpuspeed,gpm,hidd,ip6tables,microcode_ctl,nfslock,readahead_early,readahead_later,rpcgssd,rpcidmapd,sshd


%packages
syslinux
kernel

@admin-tools
#packages removed from @admin-tools
-sabayon
-system-config-kdump
#@admin-tools 


@base
#package added to @base
squashfs-tools
#packages removed from @base
-amtu
-bind-utils
-ccid
-conman
-coolkey
-crash
-dump
-ibmasm
-iptstate
-jwhois
-kexec-tools
-ksh
-lftp
-libaio
-logwatch
-mailcap
-nc
-nss_db
-nss_ldap
-oddjob
-pax
-pkinit-nss
-psacct
-quota
-redhat-lsb
-sendmail
-specspo
-stunnel
-talk
-tcpdump
-tree
-yum-updatesd
-vixie-cron
#@base 


@base-x
#packages removed from @base-x
-bitstream-vera-fonts
-linuxwacom
-rhgb
-vnc-server
-xorg-x11-server-Xnest
-xorg-x11-twm
-xterm
#@base-x 


@core
#packages removed from @core
-ed
-gnu-efi
-libhugetlbfs
#@core 


@dialup
#packages added to @dialup
statserial
#@dialup 


@gnome-desktop
#packages added to @gnome-desktop
compiz
gnome-bluetooth
gnome-pilot-conduits
gnome-spell
gnome-themes
#packages removed from @gnome-desktop
-esc
-eog
-gimp-print-utils
-gtkhtml3
-gnome-backgrounds
-gnome-user-share
-gok
-nautilus-sendto
-orca
-sabayon-apply
-vino
#@gnome-desktop 


@graphical-internet
#packages added to @graphical-internet
gftp
pidgin
thunderbird
xchat
#ktorrent
#d4x
#skype
#@graphical-internet 


@graphics
#packages removed from @graphics
-gimp-data-extras
-gimp-help
#@graphics 


@mysql
#packages added to @mysql
php-mysql
#@mysql 


@office
#packages added to @office
#ooo3-en-US
#ooo3-sh
#packages removed from @office
-evolution
-evolution-connector
-evolution-webcal
-openoffice.org-*2.3*
#@office 


@printing
#packages added to @printing
bluez-utils-cups
#@printing 


@sound-and-video
#packages added to @sound-and-video
#amarok-extras-freeworld
#smplayer
#packages removed from @sound-and-video
-rhythmbox
-vorbis-tools
#@sound-and-video 


@system-tools
#packages added to @system-tools
nmap-frontend
rdesktop
tsclient
#packages removed from @system-tools
-bluez-hcidump
-OpenIPMI
-openldap-clients
-xdelta
-zisofs-tools
-zsh
#@system-tools 


@text-internet
#packages removed from @text-internet
-elinks
-fetchmail
-mutt
-slrn
#@text-internet 


@web-server
#packages removed from @web-server
-httpd-manual
-tux
-webalizer
#@web-server 

# Other packages we don't want to include in the Live CD
-*debuginfo
-bind-libs
-compat*
-exim
-gamin-python
-nscd
-oddjob-libs
-procmail
-python-ldap
-rmt
-tclx
-yp-tools

# For the x86_64 version, one could want to remove i386 and i686 libs
#-*.i386
#-*.i686

# other usefull packages
Cluster_Administration-en-US
Deployment_Guide-en-US
Global_File_System-en-US
Virtualization-en-US
busybox
mailx
memtest86+
patch
yum-fastestmirror
yum-metadata-parser
krusader
gparted
k3b
kdiff3
krename
yumex
gftp
fuse-ntfs-3g
isomaster
system-config-lvm
mc
#webmin
#shorewall
ghostscri

Re: [CentOS] C6 LiveCD top 5 apps

[Ljubomir Ljubojevic]

Ljubomir Ljubojevic wrote:
> Lamar Owen wrote:
>> On Saturday, June 11, 2011 01:56:33 PM Les Mikesell wrote:
>>> On 6/11/11 11:54 AM, Lamar Owen wrote:
 You should install Revisor, and master your own Live media with EPEL 
 or ATrpms or ELrepo or rpmforge or remi or whatnot packages; it's 
 not that hard.
>>  
>>> Is revisor scriptable to the point where people could share their 
>>> list of repos/packages and anyone could run the script and get an 
>>> identical (but up to date) iso?
>>
>> AFAIK, it uses a kickstart file to compose.  The docs are on the 
>> FedoraProject's pages.
> 
> I used livecd-tools package from EPEL and Fedora howto: 
> http://fedoraproject.org/wiki/How_to_create_and_use_a_Live_CD
> 
> I took CentOS official LiveCD .ks file and adapted it for desired 
> packages and repos.
> 
> I have attached my .ks file. It uses my plnet repository for some extra 
> packages. Also attached is centos-livecd-desktop.ks with only official 
> repositories, so you can compare and see what I have changed.
> 
> Ljubomir
> 
Hm, I failed to change epel, centosplus and elrepo repositories to 
official ones. I guess I am going to pay for that if more people start 
using it without changing them to official ones. Oh well...

Ljubomir
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] What is someone trying to do?

[Jason]

Hi All,

My Logwatch was very long today with 404 requests to the Apache server. I dont 
understand what the person was trying to do by what they were attempting to 
access. Can anyone explain a method to their madness? The whole things seems 
weird...

Below

-Jason

--

Requests with error response codes
404 Not Found
/!document.body: 1 Time(s)
/.exec: 1 Time(s)
/.google-analytics.com/ga.js (http://google-analytics.com/ga.js): 1 Time(s)
/.player.play: 1 Time(s)
/J.cur: 1 Time(s)
/Math.pow: 1 Time(s)
/VideoJS.isIE: 1 Time(s)
/a: 2 Time(s)
/apple-touch-icon-precomposed.png: 2 Time(s)
/apple-touch-icon.png: 2 Time(s)
/blue_bg.png: 1 Time(s)
/event.type: 1 Time(s)
/favicon.ico: 4 Time(s)
/fn.call: 1 Time(s)
/lib/flash/mediaroom/video/apple_history/t ... nerds_part1.mp4: 1 Time(s)
/lib/flash/mediaroom/video/apple_history/w ... o_macintosh.mp4: 1 Time(s)
/lib/js/!==location.host: 1 Time(s)
/lib/js/!Fa.test: 1 Time(s)
/lib/js/!b.orig: 1 Time(s)
/lib/js/!c.data: 1 Time(s)
/lib/js/!d.guid: 1 Time(s)
/lib/js/!h.guid: 1 Time(s)
/lib/js/!h.handler.guid: 1 Time(s)
/lib/js/!ia.test: 1 Time(s)
/lib/js/!s&&!x.test: 1 Time(s)
/lib/js/!t.body: 1 Time(s)
/lib/js/$.exec: 1 Time(s)
/lib/js/%25d;c.data: 1 Time(s)
/lib/js/&&!/!=/.test: 1 Time(s)
/lib/js/&&!Ca.test: 1 Time(s)
/lib/js/&&!F.call: 1 Time(s)
/lib/js/&&!eb.test: 1 Time(s)
/lib/js/&&!o.match.ID.test: 1 Time(s)
/lib/js/&&!s&&t.body: 1 Time(s)
/lib/js/&&$a.test: 1 Time(s)
/lib/js/&&Da.test: 1 Time(s)
/lib/js/&&Ua.test: 1 Time(s)
/lib/js/&&c.css: 1 Time(s)
/lib/js/&&c.data: 1 Time(s)
/lib/js/&&c.timers.push: 1 Time(s)
/lib/js/&&e.old.call: 1 Time(s)
/lib/js/&&jb.test: 1 Time(s)
/lib/js/&&ta.test: 1 Time(s)
/lib/js/+a.guid: 1 Time(s)
/lib/js/+c.now: 1 Time(s)
/lib/js/,I=J.cur: 1 Time(s)
/lib/js/,N.call: 1 Time(s)
/lib/js/,a.now: 1 Time(s)
/lib/js/,b.find: 1 Time(s)
/lib/js/,d=b.css: 1 Time(s)
/lib/js/,e=Ia.test: 1 Time(s)
/lib/js/,e=d.html: 1 Time(s)
/lib/js/,f=c.data: 1 Time(s)
/lib/js/,k=c.css: 1 Time(s)
/lib/js/,l=c.css: 1 Time(s)
/lib/js/,l=qb.test: 1 Time(s)
/lib/js/,w=c.data: 1 Time(s)
/lib/js/-1?c.map: 1 Time(s)
/lib/js/-Math.cos: 1 Time(s)
/lib/js/.length,style:/red/.test: 1 Time(s)
/lib/js/0&&n.exec: 1 Time(s)
/lib/js/0,a.now: 1 Time(s)
/lib/js/0?this.bind: 1 Time(s)
/lib/js/1&&i.nodeType===9&&!O&&o.match.ID.test: 1 Time(s)
/lib/js/1&&x.exec: 1 Time(s)
/lib/js/512&&b===t&&!Ca.test: 1 Time(s)
/lib/js/:Ja.test: 1 Time(s)
/lib/js/:O.call: 1 Time(s)
/lib/js/:a.now: 1 Time(s)
/lib/js/:c.css: 1 Time(s)
/lib/js/:c.data: 1 Time(s)
/lib/js/:c.each: 1 Time(s)
/lib/js/:f.css: 1 Time(s)
/lib/js/:this.die: 1 Time(s)
/lib/js/:w.open: 1 Time(s)
/lib/js/;Za.test: 1 Time(s)
/lib/js/;b.each: 1 Time(s)
/lib/js/;b.map: 1 Time(s)
/lib/js/;c.curCSS=c.css;c.each: 1 Time(s)
/lib/js/;c.data: 1 Time(s)
/lib/js/;c.each: 1 Time(s)
/lib/js/;c.event.add: 1 Time(s)
/lib/js/;d&&h.each: 1 Time(s)
/lib/js/;d.filter=Ea.test: 1 Time(s)
/lib/js/;d.text: 1 Time(s)
/lib/js/;e.call: 1 Time(s)
/lib/js/;f.className=c.trim: 1 Time(s)
/lib/js/;f=c.data: 1 Time(s)
/lib/js/;h.html: 1 Time(s)
/lib/js/;j=L.exec: 1 Time(s)
/lib/js/;o+=Math.max: 1 Time(s)
/lib/js/;r.remove&&r.remove.call: 1 Time(s)
/lib/js/;this.each: 1 Time(s)
/lib/js/;this.options.complete.call: 1 Time(s)
/lib/js/;v!==H&&z.push: 1 Time(s)
/lib/js/===a.type?f.push: 1 Time(s)
/lib/js/Ba.exec: 1 Time(s)
/lib/js/C.add: 1 Time(s)
/lib/js/C.push: 1 Time(s)
/lib/js/C.test: 1 Time(s)
/lib/js/D.pop: 1 Time(s)
/lib/js/Fa.test: 1 Time(s)
/lib/js/G&&s.call: 1 Time(s)
/lib/js/Na.test: 1 Time(s)
/lib/js/T.test: 1 Time(s)
/lib/js/a&&a.type: 1 Time(s)
/lib/js/a,b,this.handle.elem: 1 Time(s)
/lib/js/a.call: 1 Time(s)
/lib/js/a.nodeType===1&&a!==b&&d.push: 1 Time(s)
/lib/js/a.style.display=c.data: 1 Time(s)
/lib/js/b&&b.type: 1 Time(s)
/lib/js/b.beforeSend&&b.beforeSend.call: 1 Time(s)
/lib/js/b.data: 1 Time(s)
/lib/js/b.data&&T.test: 1 Time(s)
/lib/js/b.map: 1 Time(s)
/lib/js/b.type: 1 Time(s)
/lib/js/b.url: 1 Time(s)
/lib/js/b.url;if(!d)%7Bvar: 1 Time(s)
/lib/js/b===b.ownerDocument.body: 1 Time(s)
/lib/js/b=b.call: 1 Time(s)
/lib/js/c.css: 1 Time(s)
/lib/js/c.data: 1 Time(s)
/lib/js/c.each: 1 Time(s)
/lib/js/c.event.add: 1 Time(s)
/lib/js/c.offset.doesAddBorderForTableAndCells&&xb.test: 1 Time(s)
/lib/js/d.call: 1 Time(s)
/lib/js/d.exec: 1 Time(s)
/lib/js/d.guid===C.guid: 1 Time(s)
/lib/js/d.push: 1 Time(s)
/lib/js/d=k.set: 1 Time(s)
/lib/js/e.call: 1 Time(s)
/lib/js/e.old: 1 Time(s)
/lib/js/e.push: 1 Time(s)
/lib/js/e=c.data: 1 Time(s)
/lib/js/e=d.nodeType?c.data: 1 Time(s)
/lib/js/e=h.get: 1 Time(s)
/lib/js/f,a,bb.call: 1 Time(s)
/lib/js/f.call: 1 Time(s)
/lib/js/f.push: 1 Time(s)
/lib/js/f=k.get: 1 Time(s)
/lib/js/function(i)%7Breturn%20i.getAttrib ... %20class='TEST': 1 Time(s)
/lib/js/h.html: 1 Time(s)
/lib/js/h=c.data: 1 Time(s)
/lib/js/j.call: 1 Time(s)
/lib/js/ja.test: 1 Time(s)
/lib/js/m.push: 1 Time(s)
/lib/js/n.push: 1 Time(s)
/lib/js/o.match.POS.test: 1 Time(s)
/lib/js/o=sb.exec: 1 Time(s)
/lib/js/q.expr,q.set: 1 Time(s)
/lib/js/q=D.pop: 1 Ti

Re: [CentOS] What is someone trying to do?

[Barry Brimer]

> My Logwatch was very long today with 404 requests to the Apache server. I 
> dont understand what the person was trying to do by what they were attempting 
> to access. Can anyone explain a method to their madness? The whole things 
> seems weird...
>
> Requests with error response codes
> 404 Not Found
> /!document.body: 1 Time(s)
> /.exec: 1 Time(s)


Probing your web server for known vulnerabilities/information gathering.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6 LiveCD top 5 apps

[Steven Crothers]

On Sat, Jun 11, 2011 at 5:33 PM, Ljubomir Ljubojevic wrote:

> Hm, I failed to change epel, centosplus and elrepo repositories to
> official ones. I guess I am going to pay for that if more people start
> using it without changing them to official ones. Oh well...
>
> Ljubomir
>

Technically not your fault, there's not enough organization in the project
to prevent an easily overlooked mistake like that from hitting the public.

You could release your work to something like Github, but I'm sure the
CentOS team doesn't want that...

-- 
Steven Crothers
steven.croth...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] What is someone trying to do?

[Jason]

I get that, Barry, what I dont get is what vulnerabilities they think they are 
going to find.

-- 
Jason


On Saturday, June 11, 2011 at 6:41 PM, Barry Brimer wrote:

> > My Logwatch was very long today with 404 requests to the Apache server. I 
> > dont understand what the person was trying to do by what they were 
> > attempting to access. Can anyone explain a method to their madness? The 
> > whole things seems weird...
> > 
> > Requests with error response codes
> > 404 Not Found
> > /!document.body: 1 Time(s)
> > /.exec: 1 Time(s)
> 
> 
> Probing your web server for known vulnerabilities/information gathering.
> ___
> CentOS mailing list
> CentOS@centos.org (mailto:CentOS@centos.org)
> http://lists.centos.org/mailman/listinfo/centos


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] What is someone trying to do?

[steve]

On Sat, Jun 11, 2011 at 06:14:36PM -0700, Jason wrote:
> Hi All,
> 
> My Logwatch was very long today with 404 requests to the Apache server. I 
> dont understand what the person was trying to do by what they were attempting 
> to access. Can anyone explain a method to their madness? The whole things 
> seems weird...

Taking one of the probed requests from your email, it turns up a hit for jQuery:

/jquery-1.4.4.min.js

So my guess is they're fuzzing/scanning for potential weaknesses in jQuery...

Steve
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] What is someone trying to do?

[John R Pierce]

On 06/11/11 6:14 PM, Jason wrote:
> I dont understand what the person was trying to do

its not really a person... its a bot script, running on another infected 
host, thats just blindly trying long lists of known exploits hoping to 
find a weakness.


-- 
john r pierceN 37, W 122
santa cruz ca mid-left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] C6 LiveCD top 5 apps

[R P Herrold]

On Sat, 11 Jun 2011, Steven Crothers wrote:

> You could release your work to something like Github, but 
> I'm sure the CentOS team doesn't want that...

ehh?  The CentOS team has been quite clear that its product 
carries the license of the underlying packages, and then GPL 
for released CentOS source code; I am aware of no exceptions 
as to released binary content from the project)

CentOS private signing keys have never been released, and will 
not be, to avoid forged content is the project's name; CentOS' 
branding changes are all knowable from the SRPMs released; 
CentOS' trademarks (the brand name, and the logo, are what 
come to mind) would need to be replaced, but this is 
straightforward, and as noted, the sources are published

SME, and ClearOS, and others have worked forward from a CentOS 
base for years without objection from the project

The only material restriction is that of not falsely 
representing non-CentOS content as of CentOS origin. 
'mash-up's' from some VPS vendors that sell under the 'CentOS' 
name, but deliver some hacked up knockoff, carrying a 
mish-mash of cruft, and sending their support load into 
CentOS channels, are what really raise my hackles

I don't know why a VCS such as github is needed for such a 
small set of revisor CLI control scripts, but it may of course 
be done

The thing that would be galling is if a sub-project author 
'hijacked' CentOS mailing lists on a sustained basis, rather 
than having the honesty to announce and publish and thereafter 
run their own infrastructure -- El Repo is an example of such 
a well-run sub-project, off the top of my head; alternatively 
some have published content under the CC license of the CentOS 
wiki, and that may well serve here for documenting a revisor 
recipe.  The -docs mailing list is the provided venue for 
getting rights to slot such content in

My $0.02

-- Russ herrold
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos