> On Jul 30, 2015, at 20:09, Always Learning wrote:
>
>
> On Thu, 2015-07-30 at 11:45 -0600, Nathan Duehr wrote:
>
>> Honestly I don’t know how you guys do it…
>
> By not using Windoze ?
>
I meant the time… the time… involved… so much time…
:-)
--
Nate Duehr
denverpi...@me.com
__
On Jul 30, 2015, at 4:27 PM, Gordon Messmer wrote:
>
> On 07/30/2015 12:35 PM, Chris Murphy wrote:
>> No fail2ban, no firewall rules, sshd by default, challengeresponseauth
>> by default,
>
> ChallengeResponseAuth is not on by default, on Red Hat derived systems. I'm
> pretty sure that was alr
On Thu, 2015-07-30 at 12:46 -0500, Valeri Galtsev wrote:
> Google has always been in making profit on information [about us] they
> can collect. But in general you are right. Likelihood wise, I'll stick
> to my opinion ;-)
Hey, don't be greedy. Its our opinion too ;-)
--
Regards,
Paul.
Engla
On Thu, 2015-07-30 at 11:45 -0600, Nathan Duehr wrote:
> Honestly I don’t know how you guys do it…
By not using Windoze ?
--
Regards,
Paul.
England, EU. England's place is in the European Union.
___
CentOS mailing list
CentOS@centos.org
http
On Thu, 2015-07-30 at 10:54 -0500, Valeri Galtsev wrote:
> "More secure" only to the level one can trust google ;-)
Trust and Google are mutually incompatible ;-)
> Just my $0.02
That's my €0.02
--
Regards,
Paul.
England, EU. England's place is in the European Union.
_
On Tue, 2015-07-28 at 14:46 -0600, Chris Murphy wrote:
> Windows Server has power shell disabled by default. The functional
> equivalent, sshd, is typically enabled on Linux servers. So I think
> it's overdue that sshd be disabled on Linux servers by default,
> especially because the minimum pass
On Tue, 2015-07-28 at 14:27 -0600, Chris Murphy wrote:
> The reality is all the bad practices happen because this
> quickly provisioned machine is forgotten about for one reason or
> another, and then it gets owned.
Linux users take a lot more care, and pride, in maintaining their
systems well a
On 07/30/2015 12:35 PM, Chris Murphy wrote:
No fail2ban, no firewall rules, sshd by default, challengeresponseauth
by default,
ChallengeResponseAuth is not on by default, on Red Hat derived systems.
I'm pretty sure that was already clarified, much earlier in this thread.
and a 9 character
hello,
host: centos6 64bit (dell desktop)
guest: windows 7 64bit
virtualbox: 4.3.30
problem: host has audio but guest does not.
i.e. when virtualbox comes up, it says:
No audio devices could be opened.
ErrorID: HostAudioNotResponding
#lspci -nn | grep -i audio
00:1b.0 Audio device [
On 7/30/2015 2:23 PM, Nathan Duehr wrote:
>On Jul 30, 2015, at 12:20, Warren Young wrote:
>
>Meanwhile over here in CentOS land, you still see SSH password guessers
banging on every public IP that responds to port 22. Why? Because it still
occasionally works. Increase the password strength
> On Jul 30, 2015, at 12:20, Warren Young wrote:
>
> Meanwhile over here in CentOS land, you still see SSH password guessers
> banging on every public IP that responds to port 22. Why? Because it still
> occasionally works. Increase the password strength minima, and this class of
> worm, t
On Thu, Jul 30, 2015 at 07:10:08PM +0100, Nux! wrote:
> Hi,
>
> I'm trying to deploy some non-linux OS via pxe and I was thinking to
> just launch CentOS in RAM and then run dd or qemu-img or something
> like this in order to complete the other OS install via template
> imaging. My first idea was
Tom Bishop wrote:
> On Thu, Jul 30, 2015 at 1:20 PM, Warren Young wrote:
>> On Jul 29, 2015, at 5:40 PM, Chris Murphy
>> wrote:
>> > On Wed, Jul 29, 2015 at 4:37 PM, Warren Young
>> wrote:
>> >
>> >> Security is *always* opposed to convenience.
>> >
>> > False. OS X by default runs only signed
On Thu, Jul 30, 2015 at 12:20 PM, Warren Young wrote:
> On Jul 29, 2015, at 5:40 PM, Chris Murphy wrote:
>>
>> On Wed, Jul 29, 2015 at 4:37 PM, Warren Young wrote:
>>
>>> Security is *always* opposed to convenience.
>>
>> False. OS X by default runs only signed binaries, and if they come
>> fro
On 7/30/2015 12:17 PM, Warren Young wrote:
No, what happens is that you call up your ISP to ask them for help blocking off
the DDoS attack, and you either get blown off or transferred to their sales
department to buy a “solution” to a problem they allow to exist because it
brings in extra reve
On Jul 29, 2015, at 6:19 PM, Nathan Duehr wrote:
>
>> On Jul 28, 2015, at 6:32 PM, Warren Young wrote:
>>
>> Now we have entrenched commercial interests that get paid more when you get
>> DDoS’d. I’ll give you one guess what happens in such a world.
>
> What happens? Folks have to think hard
On Thu, Jul 30, 2015 at 1:20 PM, Warren Young wrote:
> On Jul 29, 2015, at 5:40 PM, Chris Murphy wrote:
> >
> > On Wed, Jul 29, 2015 at 4:37 PM, Warren Young wrote:
> >
> >> Security is *always* opposed to convenience.
> >
> > False. OS X by default runs only signed binaries, and if they come
On Jul 29, 2015, at 5:40 PM, Chris Murphy wrote:
>
> On Wed, Jul 29, 2015 at 4:37 PM, Warren Young wrote:
>
>> Security is *always* opposed to convenience.
>
> False. OS X by default runs only signed binaries, and if they come
> from the App Store they run in a sandbox. User gains significant
Hi,
I'm trying to deploy some non-linux OS via pxe and I was thinking to just
launch CentOS in RAM and then run dd or qemu-img or something like this in
order to complete the other OS install via template imaging.
My first idea was to build a custom CentOS livecd and use that in combination
wit
On Thu, Jul 30, 2015 at 10:48:51AM -0700, John R Pierce wrote:
> On 7/30/2015 8:13 AM, Lamar Owen wrote:
> >No snipping with bottom posting is worse than any top posting,
> >IMHO. It wastes space and time and is equally bad in digests. But
> >you're not likely to get the worst offenders to change.
On 7/30/2015 8:13 AM, Lamar Owen wrote:
No snipping with bottom posting is worse than any top posting, IMHO.
It wastes space and time and is equally bad in digests. But you're
not likely to get the worst offenders to change.
totally concur but as long as people are going to use cell phones as
On Thu, July 30, 2015 11:54 am, Chris Murphy wrote:
> On Thu, Jul 30, 2015 at 9:54 AM, Valeri Galtsev
> wrote:
>
>>> Now I use Google. They offer MFA opt in. And now I'm more secure than
>>> I was with the myopic ISP.
>>
>> "More secure" only to the level one can trust google ;-)
>
> Yes I know,
> On Jul 30, 2015, at 03:37, Johnny Hughes wrote:
>
> Of course it makes sense. Those security updates are not released in a
> vacuum, and all the things they are built on/against also need to be
> released and installed for them to work.
>
> The source code for the ssecurity updates you are t
On Thu, Jul 30, 2015 at 9:54 AM, Valeri Galtsev
wrote:
>> Now I use Google. They offer MFA opt in. And now I'm more secure than
>> I was with the myopic ISP.
>
> "More secure" only to the level one can trust google ;-)
Yes I know, but I put them in approximately the same ballpark as
having to tr
On Thu, Jul 30, 2015 at 9:10 AM, Lamar Owen wrote:
> On 07/29/2015 07:40 PM, Chris Murphy wrote:
>>
>> On Wed, Jul 29, 2015 at 4:37 PM, Warren Young wrote:
>>
>>> Security is *always* opposed to convenience.
>>
>> False. OS X by default runs only signed binaries, and if they come
>> from the App
On Thu, Jul 30, 2015 at 8:32 AM, Lamar Owen wrote:
>From a hacked Linux server which was brute-forced and
> conscripted into being a slow bruteforcer node back in 2009 or so.
...
> Better enforcement of password policy on that server would have prevented
> the attack from succeeding and the machi
On Wed, July 29, 2015 4:16 pm, Chris Murphy wrote:
> On Wed, Jul 29, 2015 at 2:15 PM, Warren Young wrote:
>> Just because one particular method of prophylaxis fails to protect
>> against all threats doesnât mean we should stop using it, or increase
>> its strength.
>
> Actually it does.There is
Lamar Owen wrote:
> On 07/30/2015 10:24 AM, Wes James wrote:
>> What’s even more irritating to me than top posting is when someone
>> replies to a message that takes two page scrolls to get to the bottom
>> then there’s only a few words that are unrelated to the actual message!
>> What’s worse, to
On 07/29/2015 05:19 PM, Nathan Duehr wrote:
fail2ban isn’t in the stock package repo for CentOS 7, much less installed and
configured default. Until it is, it’s off-topic for this thread.
Didn’t realize that. Brilliant move, removing it… (rolls eyes at RH)…
I don't think it was removed... I
On 07/30/2015 10:24 AM, Wes James wrote:
What’s even more irritating to me than top posting is when someone replies to a
message that takes two page scrolls to get to the bottom then there’s only a
few words that are unrelated to the actual message! What’s worse, top posting
or no snipping?
On 07/29/2015 07:40 PM, Chris Murphy wrote:
On Wed, Jul 29, 2015 at 4:37 PM, Warren Young wrote:
Security is *always* opposed to convenience.
False. OS X by default runs only signed binaries, and if they come
from the App Store they run in a sandbox. User gains significant
security with this,
On 07/28/2015 03:06 PM, Chris Adams wrote:
Once upon a time, Warren Young said:
Much of the evil on the Internet today — DDoS armies, spam spewers, phishing
botnets — is done on pnwed hardware, much of which was compromised by previous
botnets banging on weak SSH passwords.
Since most of tha
What’s even more irritating to me than top posting is when someone replies to a
message that takes two page scrolls to get to the bottom then there’s only a
few words that are unrelated to the actual message! What’s worse, top posting
or no snipping?
-wes
_
On Thu, Jul 30, 2015 at 5:37 AM, Johnny Hughes wrote:
> On 07/29/2015 07:27 PM, Nathan Duehr wrote:
> >>
> >> On Jul 29, 2015, at 18:20, Nathan Duehr wrote:
> >>
> >>> On Jul 28, 2015, at 18:48, Peter wrote:
> >>>
> >>> On 07/29/2015 11:51 AM, Noam Bernstein wrote:
> Hi CentOS developers -
Am 30.07.2015 um 12:53 schrieb Johnny Hughes :
> On 07/30/2015 04:37 AM, Johnny Hughes wrote:
>>
>> Because we do CR, CentOS users had access to the 6.7 updates a full 3
>> days before anyone else made them available and CR was released less
>> than 5 days after the release of RHEL 6.7.
>>
>
> F
On 07/30/2015 06:22 AM, Andrew Holway wrote:
> The Redhat guys are normally responding very well to bug reports from
> Centos users. They don't seem to differentiate. Using bugs.centos.org seems
> quite pointless. I normally just use https://bugzilla.redhat.com/.
That is true, using bugs.centos.or
On 30 July 2015 at 13:22, Andrew Holway wrote:
> The Redhat guys are normally responding very well to bug reports from
> Centos users. They don't seem to differentiate. Using bugs.centos.org seems
> quite pointless. I normally just use https://bugzilla.redhat.com/.
>
Sorry for the top post. Didn
The Redhat guys are normally responding very well to bug reports from
Centos users. They don't seem to differentiate. Using bugs.centos.org seems
quite pointless. I normally just use https://bugzilla.redhat.com/.
On 30 July 2015 at 13:12, Johnny Hughes wrote:
> On 07/30/2015 03:37 AM, Stijn De W
On 07/30/2015 03:37 AM, Stijn De Weirdt wrote:
> hi all,
>
> i have a general question (a bit surprised ti's not on the centos faq):
>
> we found a bug in a package in a centos install, and we are wondering
> what the best approach is to get TUV to fix it (and release an update),
> so it gets fix
On 07/30/2015 04:37 AM, Johnny Hughes wrote:
> On 07/29/2015 07:27 PM, Nathan Duehr wrote:
>>>
>>> On Jul 29, 2015, at 18:20, Nathan Duehr wrote:
>>>
On Jul 28, 2015, at 18:48, Peter wrote:
On 07/29/2015 11:51 AM, Noam Bernstein wrote:
> Hi CentOS developers - I’ve been happily
On 07/30/2015 09:00 PM, Karanbir Singh wrote:
>> Re the kernel, how do the Springdale/PUIAS handle this issue? It might
>> be worth copying their approach and/or coordinating.
>
> I dont believe they do either, they are disabling/enableing stuff in the
> kernel's to be different from the x86_64 u
On 07/29/2015 07:27 PM, Nathan Duehr wrote:
>>
>> On Jul 29, 2015, at 18:20, Nathan Duehr wrote:
>>
>>> On Jul 28, 2015, at 18:48, Peter wrote:
>>>
>>> On 07/29/2015 11:51 AM, Noam Bernstein wrote:
Hi CentOS developers - I’ve been happily using CentOS for several
years now, so thanks fo
Am 30.07.2015 um 02:27 schrieb Nathan Duehr :
>>
>> On Jul 29, 2015, at 18:20, Nathan Duehr wrote:
>>
>>> On Jul 28, 2015, at 18:48, Peter wrote:
>>>
>>> On 07/29/2015 11:51 AM, Noam Bernstein wrote:
>>>
>>> It's currently in the CentOS CR repository and will be released when
>>> CentOS 6.7 d
On Wed, 29 Jul 2015 12:48:14 +1200
Peter wrote:
> On 07/29/2015 11:51 AM, Noam Bernstein wrote:
> > Hi CentOS developers - I’ve been happily using CentOS for several
> > years now, so thanks for all the good work. In the last week,
> > however, I noticed that while the items in RHSA-2015:1443 ha
On 30/07/15 00:20, Ian Pilcher wrote:
> On 07/29/2015 04:53 PM, Karanbir Singh wrote:
>> the biggest blocker to going GA on the x86 build is the kernel; the
>> distro kernel we end up with isnt going to be the same as the upstream
>> x86_64 kernel configs. However, there hasent been a huge level of
hi all,
i have a general question (a bit surprised ti's not on the centos faq):
we found a bug in a package in a centos install, and we are wondering
what the best approach is to get TUV to fix it (and release an update),
so it gets fixed in centos rebuild and thus on our nodes. or at the very
46 matches
Mail list logo
