On 02/03/2015 04:56 AM, Les Mikesell wrote:
> On Mon, Feb 2, 2015 at 4:17 PM, Warren Young wrote:
>>>
>> Let’s flip it around: what’s your justification *for* weak passwords?
>>
> You don't need to write them down. Or trust some 3rd party password
> keeper to keep them.Whereas when 'not weak'
On 02/05/15 16:41, Karanbir Singh wrote:
On 02/04/2015 04:06 PM, dE wrote:
Although you can choose this in the installer, isnt the provided values
supposed to be the default?
I tired the following
inst.repo=hd:/dev/sdb1:/repo
Result: /dev/sdb1 is not mounted.
inst.repo=nfs:[fc00::6009]:/home
On 02/05/2015 01:03 PM, g wrote:
On 02/02/2015 02:15 PM, Tim wrote:
Am 1. Februar 2015 21:30:52 MEZ, schrieb g :
greetings.
while attempting to install c7, i got lost at 'repository' entry.
i canceled, loaded centos.org, looked for help for installing c7,
but did not find.
i know, i did not
On Fri, 2015-02-06 at 10:50 +1100, Kahlil Hodgson wrote:
> On 6 February 2015 at 10:23, Always Learning wrote:
> > Logically ?
> >
> > 1. to change the permissions on shadow from -rw-x-- or from
> > -- to -rw-r--r-- requires root permissions ?
> >
> > 2. if so, then what is the advan
Jonathan Billings billings at negate.org Tue Feb 3 20:35:44 UTC 2015
> Honestly, of all the faults and foibles in the Red Hat/CentOS installer,
> I'm
> amazed that someone is complaining about that.
Someone is trying to keep the scope of such faults and foibles on topic,
otherwise they'd easil
On Thu, 2015-02-05 at 17:36 -0600, Valeri Galtsev wrote:
> > Logically ?
> >
> > 1. to change the permissions on shadow from -rw-x-- or from
> > -- to -rw-r--r-- requires root permissions ?
> >
> > 2. if so, then what is the advantage of changing those permissions when
> > the entity
On 2015-02-05, Valeri Galtsev wrote:
>
> On Thu, February 5, 2015 5:23 pm, Always Learning wrote:
>>
>> On Thu, 2015-02-05 at 16:39 -0600, Valeri Galtsev wrote:
>>
>>> >>>
>>> >>> -rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
>>
>>> Be it me, I would consider box compromised. All done on/f
Warren Young wyml at etr-usa.com Tue Feb 3 00:32:15 UTC 2015
> Are you telling me you cannot memorize a series of 8 characters that do
> not violate those rules?
Keep in mind the original context isn't for production computers, it's
testing Fedora. Many testers do dozens of installs per week, so
On 6 February 2015 at 10:23, Always Learning wrote:
> Logically ?
>
> 1. to change the permissions on shadow from -rw-x-- or from
> -- to -rw-r--r-- requires root permissions ?
>
> 2. if so, then what is the advantage of changing those permissions when
> the entity possessing root auth
On Thu, February 5, 2015 5:23 pm, Always Learning wrote:
>
> On Thu, 2015-02-05 at 16:39 -0600, Valeri Galtsev wrote:
>
>> >>>
>> >>> -rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
>
>> Be it me, I would consider box compromised. All done on/from that box
>> since probable day it happened c
On Thu, Feb 5, 2015 at 5:29 PM, Valeri Galtsev
wrote:
>
>>> Be it me, I would consider box compromised. All done on/from that box
>>> since probable day it happened compromised as well. If there is no way
>>> to
>>> establish the day, then since that system originally build. With full
>>> blown sw
On Thu, February 5, 2015 5:07 pm, Les Mikesell wrote:
> On Thu, Feb 5, 2015 at 4:39 PM, Valeri Galtsev
> wrote:
>>
>>>
>>> Yes, /etc/shadow would have always been readable only by root by
>>> default. The interesting question here is whether an intruder did
>>> it, clumsily leaving evidence beh
On 2/5/2015 10:59 AM, Lamar Owen wrote:
However, another password with similar characteristics would be fine.
You just never want to use it on more than one server to be safe.
there's a very useful tool built into centos's 'expect' package...
$ mkpasswd -l 15 -d 3 -C 5
5ufkpX@SDxa2DF3
On Thu, 2015-02-05 at 16:39 -0600, Valeri Galtsev wrote:
> >>>
> >>> -rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
> Be it me, I would consider box compromised. All done on/from that box
> since probable day it happened compromised as well. If there is no way to
> establish the day, then
On Thu, Feb 5, 2015 at 4:39 PM, Valeri Galtsev
wrote:
>
>>
>> Yes, /etc/shadow would have always been readable only by root by
>> default. The interesting question here is whether an intruder did
>> it, clumsily leaving evidence behind, or whether it is just a local
>> change from following some
On Thu, February 5, 2015 4:29 pm, Les Mikesell wrote:
> On Thu, Feb 5, 2015 at 4:19 PM, Keith Keller
> wrote:
>
>>> On C5 the default appears to be:-
>>>
>>> -rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
>>
>> It is much more likely that someone has screwed up your system. I think
>> eve
On Thu, 2015-02-05 at 14:19 -0800, Keith Keller wrote:
> On 2015-02-04, Always Learning wrote:
> > On C5 the default appears to be:-
> >
> > -rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
>
> It is much more likely that someone has screwed up your system. I think
> even CentOS 4 had shado
On Thu, Feb 5, 2015 at 4:19 PM, Keith Keller
wrote:
>> On C5 the default appears to be:-
>>
>> -rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
>
> It is much more likely that someone has screwed up your system. I think
> even CentOS 4 had shadow as 400. And what on earth would the point b
On 2015-02-04, Always Learning wrote:
> On C5 the default appears to be:-
>
> -rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
It is much more likely that someone has screwed up your system. I think
even CentOS 4 had shadow as 400. And what on earth would the point be
in having a world-rea
On Thu, 2015-02-05 at 13:59 -0500, Lamar Owen wrote:
> On 02/05/2015 10:34 AM, Always Learning wrote:
> > Surely its time for the Feds to arrest and change them ?
> The Feds in which country?
The USA for a start. The USA's law enforcement is never slow at working
with foreign countries law enfo
On Thu, 2015-02-05 at 12:35 -0600, Valeri Galtsev wrote:
> On Thu, February 5, 2015 10:08 am, Always Learning wrote:
> > On Thu, 2015-02-05 at 09:41 -0600, Valeri Galtsev wrote:
> >> I know, I know, everybody is reasonable, it is just I didn't have my
> >> coffee yet...
> > Your logic is amazin
On Thu, February 5, 2015 12:45 pm, m.r...@5-cent.us wrote:
> Valeri Galtsev wrote:
>> On Thu, February 5, 2015 10:08 am, Always Learning wrote:
>
I know, I know, everybody is reasonable, it is just I didn't have my
coffee yet...
>>>
>>> Your logic is amazingly good for a coffee drinker.
On 01/31/2015 02:06 AM, Johnny Hughes wrote:
We are almost ready to release an i686 version of C7 .. but for mock,
all our build root is available publicly here:
http://buildlogs.centos.org/
Thanks for the help, Johnny. I've got the packages that I needed built.
Still, I'm surprised that bui
On 02/05/2015 10:34 AM, Always Learning wrote:
On Thu, 2015-02-05 at 09:51 -0500, Lamar Owen wrote:
Those crackers who build these botnets are the ones who rent out
botnet time to people who just was to get the work done. There is a
large market in botnet time.
Surely its time for the Feds t
On 02/04/2015 10:22 PM, Ted Miller wrote:
> On 02/02/2015 03:15 PM, Tim wrote:
>> What are you exactly searching for?
>
> Sounds like he is doing a network install, and is looking for the
> network path that must be supplied in order to do the install.
correct.
> If he doesn't have a local repo
On Thu, February 5, 2015 10:08 am, Always Learning wrote:
>
> On Thu, 2015-02-05 at 09:41 -0600, Valeri Galtsev wrote:
>
>> >> > wac4140SoeTer'#621strAAt0918;@@
>> >
>> > Gee thanks. I'll use it for root on every server ;-)
>
>> I know this is joke. Yet (in a slim chance someone out there
re-sending to list. other attempt got addressed wrong.
On 02/02/2015 02:15 PM, Tim wrote:
> Am 1. Februar 2015 21:30:52 MEZ, schrieb g :
>>
>> greetings.
>>
>> while attempting to install c7, i got lost at 'repository' entry.
>>
>> i canceled, loaded centos.org, looked for help for installing c7,
On Thu, 2015-02-05 at 10:10 -0600, Les Mikesell wrote:
> On Thu, Feb 5, 2015 at 9:59 AM, Always Learning wrote:
> Or unless you have some sort of proof that a current Windows 2012
> server is less secure or stable than a Linux distro.
Not every 'home' or business user uses, or can afford to p
On Wed, February 4, 2015 17:55, Warren Young wrote:
>
> But of course the same people fighting this move to more secure
> password minima are the same ones that turn off SELinux.
>
Ah. Sorry, NO.
First, we are not talking about a more secure password minima. We are
discussing an arbitrary chang
On Thu, Feb 5, 2015 at 9:59 AM, Always Learning wrote:
>
> Foolish and stupid implicit trust in a third party. Just look at the
> Windoze world ever since Win95 (first edition of many) materialised.
> Trust M$ and get a free virus every time !
I wouldn't go there unless you want to compare agains
On Thu, 2015-02-05 at 09:41 -0600, Valeri Galtsev wrote:
> >> > wac4140SoeTer'#621strAAt0918;@@
> >
> > Gee thanks. I'll use it for root on every server ;-)
> I know this is joke. Yet (in a slim chance someone out there can follow it
> with seriousness) I would strongly suggest:
>
> Don't do i
On Thu, 2015-02-05 at 09:27 -0600, Valeri Galtsev wrote:
> .. I feel like
> there is brave new world of admins who feel it right to have
> "iPad-like" everything, i.e. boxes cooked up and sealed by vendor, and
> you have no way even to look inside, not to say re-shape interior to
> you
On Wed, February 4, 2015 17:16, Lamar Owen wrote:.
>
> Now, I have seen this happen, on a system in the wild, where the very
> first thing the attacker did was grab a copy of /etc/shadow, even with
> an interactive reverse shell and root access being had. So even when
> you recover your system fro
On Thu, Feb 5, 2015 at 9:27 AM, Valeri Galtsev
wrote:
>
> ... there seem to be many
> "Windows" brew people up on the top of IT ladder these days). I feel like
> there is brave new world of admins who feel it right to have "iPad-like"
> everything, i.e. boxes cooked up and sealed by vendor, and yo
On Thu, February 5, 2015 9:34 am, Always Learning wrote:
>
> On Thu, 2015-02-05 at 09:51 -0500, Lamar Owen wrote:
>
>> On 02/04/2015 07:55 PM, Always Learning wrote:
>> > Rent ? That costs money. Just crack open some Windoze machines and do
>> > it for free. That is what many hackers do.
>>
>> Th
On Thu, February 5, 2015 12:49 am, Keith Keller wrote:
> On 2015-02-04, Valeri Galtsev wrote:
>>
>> I'm neutral to sudo (even though I was taught "the smaller number of
>> SUID/SGID files you have, the better). Yet, I'm considering it less safe
>> to have regular user who can log in with GUI inte
On Thu, 2015-02-05 at 09:51 -0500, Lamar Owen wrote:
> On 02/04/2015 07:55 PM, Always Learning wrote:
> > Rent ? That costs money. Just crack open some Windoze machines and do
> > it for free. That is what many hackers do.
>
> Those crackers who build these botnets are the ones who rent out bot
On 02/04/2015 05:55 PM, Warren Young wrote:
On Feb 4, 2015, at 3:16 PM, Lamar Owen wrote:
There have been remotely exploitable vulnerabilities where an arbitrary file
could be read
CVEs, please?
CVE-2006-3392 for one. As this one was against Webmin, well, webmin by
nature has to have root a
On 02/04/2015 07:55 PM, Always Learning wrote:
Rent ? That costs money. Just crack open some Windoze machines and do
it for free. That is what many hackers do.
Those crackers who build these botnets are the ones who rent out botnet
time to people who just was to get the work done. There is a
On Thu, February 5, 2015 9:06 am, James B. Byrne wrote:
>
> On Wed, February 4, 2015 16:55, Warren Young wrote:
>>> On Feb 4, 2015, at 12:16 PM, Lamar Owen wrote:
>>>
>>> Again, the real bruteforce danger is when your /etc/shadow is
>>> exfiltrated by a security vulnerability
>>
>> Unless you hav
On Wed, February 4, 2015 16:55, Warren Young wrote:
>> On Feb 4, 2015, at 12:16 PM, Lamar Owen wrote:
>>
>> Again, the real bruteforce danger is when your /etc/shadow is
>> exfiltrated by a security vulnerability
>
> Unless you have misconfigured your system, anyone who can copy
> /etc/shadow alr
On 02/04/2015 04:06 PM, dE wrote:
> Although you can choose this in the installer, isnt the provided values
> supposed to be the default?
>
> I tired the following
>
> inst.repo=hd:/dev/sdb1:/repo
>
> Result: /dev/sdb1 is not mounted.
>
> inst.repo=nfs:[fc00::6009]:/home/auser/repo
>
> Result:
>-Original Message-
>From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
>Behalf Of Alexander Dalloz
>Sent: 04 February 2015 22:44
>To: CentOS mailing list
>Subject: Re: [CentOS] multipathd
>
>Am 04.02.2015 um 15:02 schrieb Rushton Martin:
>> Our cluster was supplied with
Yep, that's what I do at home. The trouble for off-net machines is the
download time - over 24 hours for CentOS 7 + epel, and then copy over.
If you don't grab everything, the one package you miss is the one that
stops the update. :-(
>-Original Message-
>From: centos-boun...@centos.org [
44 matches
Mail list logo
