Re: [CentOS] crontab for nobody

On Sunday 20 July 2008 22:32:49 John Horne wrote: > On Sun, 2008-07-20 at 17:28 -0400, Stephen Harris wrote: > > On Sun, Jul 20, 2008 at 10:04:00PM +0100, Anne Wilson wrote: > > > I can't think of anything that explains this. I have a 6-month-old > > > CentOS 5.2 install, with nothing out of the o

Re: [CentOS] crontab for nobody

On Sunday 20 July 2008 22:31:22 John Horne wrote: > On Sun, 2008-07-20 at 22:04 +0100, Anne Wilson wrote: > > On Sunday 20 July 2008 21:23:52 Stephen Harris wrote: > > > What does > > > find /var/spool/cron -type f ! -size 0 > > > show? > > > > Does that mean 'not = size 0'? > > Yes. > > > I can'

Re: [CentOS] crontab for nobody

Anne Wilson wrote: ... -rw--- 1 root root 0 Jul 7 16:07 /var/spool/cron/nobody ... /var/log/yum.log shows nothing between 3rd and 11th June. Jun 03 16:04:30 Updated: commoncpp2.i386 1.6.2-1.el5.rf Jun 11 17:33:22 Updated: clamav-db.i386 0.93.1-1.el5.rf Jun 11 17:33:28 Updated: clamav

Re: [CentOS] Load Average ~0.40 when idle

William Warren escribió: post it on the centos bug tracker to start..:) listmail wrote: On Sat, 19 Jul 2008 21:56:45 -0700, John R Pierce wrote Stephen John Smoogen wrote: On Sat, Jul 19, 2008 at 2:48 PM, listmail <[EMAIL PROTECTED]> wrote: I am running CentOS 5 on a dual-dual-core Intel ma

[CentOS] OCI

Am running centos5 , I want to compile my apache with php to support the following './configure' '--with-apxs2=/usr/local/apache/bin/apxs' '--with-mysql=/usr/local/mysql' '--with-zlib-dir=/usr/lib/' '--enable-versioning' '--enable-track-vars=yes' '--enable-url-includes--enable-sysvshm=yes' '--ena

Re: [CentOS] crontab for nobody

On Monday 21 July 2008 08:49:51 Mogens Kjaer wrote: > Anne Wilson wrote: > ... > > >>-rw--- 1 root root 0 Jul 7 16:07 /var/spool/cron/nobody > > ... > > > /var/log/yum.log shows nothing between 3rd and 11th June. > > > > Jun 03 16:04:30 Updated: commoncpp2.i386 1.6.2-1.el5.rf > > Jun 11 17

Re: [CentOS] OCI

On Mon, Jul 21, 2008 at 5:37 AM, Mad Unix <[EMAIL PROTECTED]> wrote: > Am running centos5 , I want to compile my apache with php to support the > following > > './configure' '--with-apxs2=/usr/local/apache/bin/apxs' > '--with-mysql=/usr/local/mysql' '--with-zlib-dir=/usr/lib/' > '--enable-versioni

Re: [CentOS] OCI

We do have 2xDB on the System One for the Core based on Oracle10g and the rivate one based for MySQL normally I do Apache Install and php from the source and bind it Oracle10g OCI This time i installed Apache/MySQL through yum install Thanks On Mon, Jul 21, 2008 at 1:01 PM, Jim Perrin <[EMAIL PR

Re: [CentOS] Load Average ~0.40 when idle

the issue occurs even on a live cd so the machine's software load isn't suspect. It's the nics. Lorenzo Martínez Rodríguez wrote: William Warren escribió: post it on the centos bug tracker to start..:) listmail wrote: On Sat, 19 Jul 2008 21:56:45 -0700, John R Pierce wrote Stephen John Smo

[CentOS] Memory for crash kernel

when I run dmesg PE2950 Dell Server I see the following line Linux version 2.6.18-92.1.6.el5 ([EMAIL PROTECTED]) (gcc version 4.1.2 20071124 (Red Hat 4.1.2-42)) #1 SMP Wed J un 25 13:45:47 EDT 2008 Command line: ro root=/dev/VolGroup00/LogVol00 rhgb quiet BIOS-provided physical RAM map: BIOS-e820

Re: [CentOS] Bind Firewall Rules

Johnny Hughes wrote: John Hinton wrote: OK, so does anybody have a good firewall rule solution for what we're supposed to be doing with bind these days? Obviously port 53 is no longer enough. how do you mean? opening port 53 in is still enough ... the outbound port is what is randomized

Re: [CentOS] Memory for crash kernel

On Mon, Jul 21, 2008 at 02:33:30PM +0200, Mad Unix enlightened us: > when I run dmesg PE2950 Dell Server I see the following line > > Linux version 2.6.18-92.1.6.el5 ([EMAIL PROTECTED]) (gcc > version 4.1.2 20071124 (Red Hat 4.1.2-42)) #1 SMP Wed J > un 25 13:45:47 EDT 2008 > Command line: ro root

Re: [CentOS] Memory for crash kernel

On Mon, Jul 21, 2008 at 02:33:30PM +0200, Mad Unix wrote: > when I run dmesg PE2950 Dell Server I see the following line > > Linux version 2.6.18-92.1.6.el5 ([EMAIL PROTECTED]) (gcc ... > Memory for crash kernel (0x0 to 0x0) notwithin permissible range > ^^^

Re: [CentOS] Re: configuration request

Unfortunately, the ISP is sort of an independent outfit, and while they are not small in any sense of the word, their equipment room is stacked full of servers from floor to ceiling. I'm not aware of any power related switches where one could ssh into a "box" and cycle the power for one server

Re: [CentOS] Memory for crash kernel

Thanks On Mon, Jul 21, 2008 at 2:42 PM, Tru Huynh <[EMAIL PROTECTED]> wrote: > On Mon, Jul 21, 2008 at 02:33:30PM +0200, Mad Unix wrote: > > when I run dmesg PE2950 Dell Server I see the following line > > > > Linux version 2.6.18-92.1.6.el5 ([EMAIL PROTECTED]) (gcc > ... > > Memory for crash ker

[CentOS] Swatch monitor for inactivity?

I would like to use swatch to tail a log file for "PageTurnEvent", and if this is not seen in the past 15 minutes then a restart script should be run. Does anyone know if this is possible with the swatch program? ___ CentOS mailing list CentOS@centos.org

[CentOS] copy

I want to copy all the following files/folder/subfolders under /usr/local/apache/htdocs to a remote server within this directory /var/www/html/ Am I correct with this command, or far away o tar zcvf - /usr/local/apache/htdocs | ssh [EMAIL PROTECTED] "cat > /var/www/html/htdocs.tar.gz" Thanks

Re: [CentOS] Re: configuration request

On Mon, 2008-07-21 at 08:45 -0400, Sam Drinkard wrote: > > the machine down there, I actually had maybe 2 hours, or the time it > took to install CentOS on the drive and get the FS set up for the task. > Only later did I learn there was a problem remote rebooting. Ahhh. That prompts a possi

Re: [CentOS] copy

On Mon, July 21, 2008 10:09 am, Mad Unix wrote: > I want to copy all the following files/folder/subfolders under > /usr/local/apache/htdocs to a remote server within this directory > /var/www/html/ > Am I correct with this command, or far away o > > tar zcvf - /usr/local/apache/htdocs | ssh [E

[CentOS] How to get additional packages? How secure is Yum?

Hello, I'm coming from Slackware and I'm searching for another distribution to run on my desktop and in near future also on a server. The *top priority* for me is security! I've test-installed CentOS on one of my test systems. So far anything went OK. After trying a bit, I would like to ask so

Re: [CentOS] How to get additional packages? How secure is Yum?

On Mon, Jul 21, 2008 at 8:08 AM, Manuel Reimer <[EMAIL PROTECTED]> wrote: > - My second question is about: > http://www.cs.arizona.edu/people/justin/packagemanagersecurity/attacks-on-package-managers.html Please read: http://planet.centos.org/ Akemi __

Re: [CentOS] copy

I want to copy all the following files/folder/subfolders under /usr/local/apache/htdocs to a remote server within this directory /var/www/html/ Am I correct with this command, or far away o tar zcvf - /usr/local/apache/htdocs | ssh [EMAIL PROTECTED] "cat > /va

Re: [CentOS] How to get additional packages? How secure is Yum?

Manuel Reimer wrote: > Hello, > > I'm coming from Slackware and I'm searching for another distribution to run > on my desktop and in near future also on a server. > > The *top priority* for me is security! > > I've test-installed CentOS on one of my test systems. So far anything went > OK. After tr

[CentOS] Boot from iso file (xen)

Hi, I don't remember how to boot from iso file. My current config file is: name = "devel" uuid = "4223e2e8-a3a7-91a7-aabf-e7b9f6f8a4a8" maxmem = 256 memory = 256 vcpus = 1 boot= "d" on_poweroff = "destroy" on_reboot = "restart" on_crash = "restart" vfb = [ "type=vnc,vncunused=1,keymap=en-us" ] di

[CentOS] recommended repo for php 5.2.3 +

Good day all, I have been searching on google for the recommended repo for php 5.2.3 + for centos... I saw at one point it was in the testing repo, but was pulled due to no one testing it. Is there a recommended repo that people feel is safe for a CentOS 5.x to get php 5.23 + ? I know i

Re: [CentOS] copy

How would you do the tar zcvf - /usr/local/apache/htdocs | ssh [EMAIL PROTECTED] "cat > /var/www/html/htdocs.tar.gz" with rsync and the to have it in the crontab to run everyday. Thanks On Mon, Jul 21, 2008 at 5:20 PM, Tom Brown <[EMAIL PROTECTED]> wrote: > > I w

Re: [CentOS] Load Average ~0.40 when idle

On Mon, 21 Jul 2008 08:06:54 -0400, William Warren wrote > the issue occurs even on a live cd so the machine's software load > isn't suspect. It's the nics. > It sure does look like it. I submitted a bug to the CentOS bug tracker, so hopefully someone better equipped than I to resolve this can d

Re: [CentOS] OCI

My Question is: How to build the OCI8 extension module for php5 under CentOS5? Thanks On Mon, Jul 21, 2008 at 1:47 PM, Mad Unix <[EMAIL PROTECTED]> wrote: > We do have 2xDB on the System One for the Core based on Oracle10g and the > rivate one based for MySQL > normally I do Apache Install and ph

Re: [CentOS] Load Average ~0.40 when idle

On Sun, Jul 20, 2008 at 4:52 PM, listmail <[EMAIL PROTECTED]> wrote: > On Sat, 19 Jul 2008 21:56:45 -0700, John R Pierce wrote >> Stephen John Smoogen wrote: >> > On Sat, Jul 19, 2008 at 2:48 PM, listmail <[EMAIL PROTECTED]> wrote: >> > >> >> I am running CentOS 5 on a dual-dual-core Intel machine,

[CentOS] Re: Memory for crash kernel

on 7-21-2008 5:56 AM Mad Unix spake the following: On Mon, Jul 21, 2008 at 2:42 PM, Tru Huynh <[EMAIL PROTECTED] > wrote: On Mon, Jul 21, 2008 at 02:33:30PM +0200, Mad Unix wrote: > when I run dmesg PE2950 Dell Server I see the following line > >

[CentOS] ps to pdf

I need a way to convert files that I save with Firefox as a 'print to file' to 'pdf' I tried 'convert' but that rendered the text as graphics which grew the file and wasn't what I wanted. How would someone accomplish this - or can I just print to a PDF? Craig ___

Re: [CentOS] ps to pdf

On Mon, 21 Jul 2008 at 9:35am, Craig White wrote I need a way to convert files that I save with Firefox as a 'print to file' to 'pdf' I tried 'convert' but that rendered the text as graphics which grew the file and wasn't what I wanted. How would someone accomplish this - or can I just print t

Re: [CentOS] ps to pdf

Craig White wrote: > I need a way to convert files that I save with Firefox as a 'print to > file' to 'pdf' > > I tried 'convert' but that rendered the text as graphics which grew the > file and wasn't what I wanted. > > How would someone accomplish this - or can I just print to a PDF? ps2pdf [EM

Re: [CentOS] ps to pdf

On 21-Jul-08, at 9:35 AM, Craig White wrote: I need a way to convert files that I save with Firefox as a 'print to file' to 'pdf' I tried 'convert' but that rendered the text as graphics which grew the file and wasn't what I wanted. How would someone accomplish this - or can I just print t

Re: [CentOS] Swatch monitor for inactivity?

On Mon, Jul 21, 2008, Sean Carolan wrote: >I would like to use swatch to tail a log file for "PageTurnEvent", and >if this is not seen in the past 15 minutes then a restart script >should be run. > >Does anyone know if this is possible with the swatch program? I don't see how as swatch is looking

Re: [CentOS] Swatch monitor for inactivity?

>>Does anyone know if this is possible with the swatch program? > > I don't see how as swatch is looking for things that happen, not > those that don't. I figured as much. Before I go and write my own, are there any general purpose utilities that can simply monitor a log file for inactivity? In

Re: [CentOS] ps to pdf

Craig White wrote: I need a way to convert files that I save with Firefox as a 'print to file' to 'pdf' I tried 'convert' but that rendered the text as graphics which grew the file and wasn't what I wanted. How would someone accomplish this - or can I just print to a PDF? If it's already i

Re: [CentOS] ps to pdf

On Mon, 2008-07-21 at 12:38 -0400, Joshua Baker-LePain wrote: > On Mon, 21 Jul 2008 at 9:35am, Craig White wrote > > > I need a way to convert files that I save with Firefox as a 'print to > > file' to 'pdf' > > > > I tried 'convert' but that rendered the text as graphics which grew the > > file a

Re: [CentOS] ps to pdf

On Mon, 2008-07-21 at 11:55 -0500, Robert wrote: > > Craig White wrote: > > I need a way to convert files that I save with Firefox as a 'print to > > file' to 'pdf' > > > > I tried 'convert' but that rendered the text as graphics which grew the > > file and wasn't what I wanted. > > > > How would

Re: [CentOS] copy

On Mon, July 21, 2008 12:14 pm, Mad Unix wrote: > How would you do the > tar zcvf - /usr/local/apache/htdocs | ssh [EMAIL PROTECTED] > > "cat > /var/www/html/htdocs.tar.gz" > > with rsync and the to have it in the crontab to run everyday. > > Thanks > > On Mon, Jul 21,

Re: [CentOS] Kernels From CentOS Plus

On Sun, 2008-07-20 at 23:01 -0700, Akemi Yagi wrote: > On Sun, Jul 20, 2008 at 10:39 PM, Bob Taylor <[EMAIL PROTECTED]> wrote: > > > Centosplus's priority was 1. I had totally forgotten a special kernel > > was in that repo and no, I don't have the kernel excluded in > > base/updates. I have sinc

Re: [CentOS] Load Average ~0.40 when idle

On Mon, 21 Jul 2008 10:20:53 -0600, Stephen John Smoogen wrote > On Sun, Jul 20, 2008 at 4:52 PM, listmail <[EMAIL PROTECTED]> wrote: > OK, I downloaded the CentOS 5.2 Live CD and booted from it. To eliminate > > load from the GUI, I forced the system into runlevel 3 and ran top. > > I see the sam

Re: [CentOS] Load Average ~0.40 when idle

On Mon, Jul 21, 2008 at 11:00 AM, listmail <[EMAIL PROTECTED]> wrote: > On Mon, 21 Jul 2008 10:20:53 -0600, Stephen John Smoogen wrote >> On Sun, Jul 20, 2008 at 4:52 PM, listmail <[EMAIL PROTECTED]> wrote: > > > OK, I downloaded the CentOS 5.2 Live CD and booted from it. To eliminate >> > load fro

[CentOS] where is printconf-tui on CENTOS 5.2 (migrate printer configuration)????

we are migrated CENTOS from 4.X to 5.2 on seperate DELL servers.  For printer definition migrate on CENTOS 4.X , we can use following command:     printconf-tui --Ximport < printers.xml I can not find "printconf-tui" command on CENTOS 5.2.  Does anyone know how to migrate printer configuration

Re: [CentOS] recommended repo for php 5.2.3 +

dnk wrote: Good day all, I have been searching on google for the recommended repo for php 5.2.3 + for centos... I saw at one point it was in the testing repo, but was pulled due to no one testing it. Is there a recommended repo that people feel is safe for a CentOS 5.x to get php 5.23 + ?

Re: [CentOS] where is printconf-tui on CENTOS 5.2 (migrate printer configuration)????

Hi (maybe?) On Tue, Jul 22, 2008 at 01:35:12AM +0800, mcclnx mcc wrote: > we are migrated CENTOS from 4.X to 5.2 on seperate DELL servers.  For printer > definition migrate on CENTOS 4.X , we can use following command: > >     printconf-tui --Ximport < printers.xml > > I can not find "printconf

Re: [CentOS] recommended repo for php 5.2.3 +

On 21-Jul-08, at 10:35 AM, Johnny Hughes wrote: dnk wrote: Good day all, I have been searching on google for the recommended repo for php 5.2.3 + for centos... I saw at one point it was in the testing repo, but was pulled due to no one testing it. Is there a recommended repo that people fe

Re: [CentOS] OCI

Mad Unix wrote: My Question is: How to build the OCI8 extension module for php5 under CentOS5? You will need to rebuild the RPM with ociheaders installed and with the --with-oci8 switch ... http://www.2question.com/demo/install_php_on_redhat_linux_with_10g.html signature.asc Descriptio

Re: [CentOS] Re: configuration request

On Mon, Jul 21, 2008 at 7:45 AM, Sam Drinkard <[EMAIL PROTECTED]> wrote: > Unfortunately, the ISP is sort of an independent outfit, and while they are > not small in any sense of the word, their equipment room is stacked full of > servers from floor to ceiling. I'm not aware of any power related s

Re: [CentOS] ps to pdf

Craig White wrote: I need a way to convert files that I save with Firefox as a 'print to file' to 'pdf' I tried 'convert' but that rendered the text as graphics which grew the file and wasn't what I wanted. How would someone accomplish this - or can I just print to a PDF? My firefox in cento

Re: [CentOS] OCI

Mad Unix wrote: My Question is: How to build the OCI8 extension module for php5 under CentOS5? I've had some success using these instructions / rpms / srpms: http://freshrpms.net/docs/oracle/ Jacob Leaver Sr Systems Administrator ReachONE Internet

[CentOS] perl module to parse httpd log on C5

hello, Looking for alternative ideas to parse the combined Apache log: /var/log/httpd/access_log (is how I named it) What I've tried so far is a CPAN search, which pointed me to a recently created module called ApacheLog::Parser >From the C5 shell, I used something like this (heavily refine

Re: [CentOS] ps to pdf

On Mon, 2008-07-21 at 12:38 -0400, Joshua Baker-LePain wrote: > On Mon, 21 Jul 2008 at 9:35am, Craig White wrote > > > I need a way to convert files that I save with Firefox as a 'print to > > file' to 'pdf' > > > > I tried 'convert' but that rendered the text as graphics which grew the > > file

Re: [CentOS] OCI

I am a bit hesitant to suggest this, but Oracle has already built RHEL-compatible php packages, including php-OCI8. You can find the files at http://oss.oracle.com/projects/php/, built for both RHEL 4u6 and RHEL 5u1. The php-oci8 package depend on the Oracle Instant Client (also available as

RE: [CentOS] copy

-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Mad Unix Sent: Monday, July 21, 2008 11:14 AM To: CentOS mailing list Subject: Re: [CentOS] copy >How would you do the >tar zcvf - /usr/local/apache/htdocs | ssh [EMAIL PROTECTED] PROTECTED]

[CentOS] nspluginwrapper included in CentOS 5.2 fails completely

I was wondering if anyone else had this problem. I run CentOS 5.2 x86_64 on my workstation at home. Since 5.2 came out with nepluginwrapper bundled into it, none of my plugins work. I thought it was just a problem with the flash plugin, but neither the mplayerplug-in plugins nor the adobe acroba

RE: [CentOS] Personal Wiki for CentOS

Joseph L. Casale wrote: > For ages I have been keeping docs and notes in Public Folders inside > an Exchange server > and want to move this out to a more modern facility that allows > tagging and searching via > a web interface for keywords so I can keep all my notes more > organized. > > Anyon

[CentOS] Ideas for stopping ssh brute force attacks

just wanted to get some feedback from the community. Over the last few days I have noticed my web server and email box have attempted to ssh'd to using weird names like admin,appuser,nobody,etc None of these are valid users. I know that I can block sshd all together with iptables but that will

RE: [CentOS] Ideas for stopping ssh brute force attacks

I have been using fail2ban to limit the attacks. It works exactly as they advertise and I am happy with it. -- Andrew > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Bo Lynch > Sent: Monday, July 21, 2008 2:43 PM > To: centos@centos.org > Subject:

Re: [CentOS] nspluginwrapper included in CentOS 5.2 fails completely

On Mon, Jul 21, 2008 at 2:18 PM, MHR <[EMAIL PROTECTED]> wrote: > I was wondering if anyone else had this problem. > > I run CentOS 5.2 x86_64 on my workstation at home. Since 5.2 came out > with nepluginwrapper bundled into it, none of my plugins work. I > thought it was just a problem with the

Re: [CentOS] Ideas for stopping ssh brute force attacks

easiest way with centos board tools is iptable recent module ... simply limit the amount of connections a host is allowed to the ssh port iptables -N SSHSCAN iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSHSCAN iptables -A SSHSCAN -m recent --set --name SSH iptables -A SSHSCAN -m r

Re: [CentOS] Ideas for stopping ssh brute force attacks

Bo Lynch wrote: just wanted to get some feedback from the community. Over the last few days I have noticed my web server and email box have attempted to ssh'd to using weird names like admin,appuser,nobody,etc None of these are valid users. I know that I can block sshd all together with iptab

Re: [CentOS] Ideas for stopping ssh brute force attacks

On Mon, Jul 21, 2008 at 3:43 PM, Bo Lynch <[EMAIL PROTECTED]> wrote: > just wanted to get some feedback from the community. Over the last few > days I have noticed my web server and email box have attempted to ssh'd to > using weird names like admin,appuser,nobody,etc None of these are > valid

RE: [CentOS] Ideas for stopping ssh brute force attacks

> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Behalf Of Bo Lynch > Sent: Monday, July 21, 2008 3:43 PM > To: centos@centos.org > Subject: [CentOS] Ideas for stopping ssh brute force attacks > > > just wanted to get some feedback from the community. Over the la

Re: [CentOS] Ideas for stopping ssh brute force attacks

On Mon, Jul 21, 2008 at 4:11 PM, Dan Carl <[EMAIL PROTECTED]> wrote: > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Behalf Of Bo Lynch > > Sent: Monday, July 21, 2008 3:43 PM > > To: centos@centos.org > > Subject: [CentOS] Ideas for stopping ssh brute

Re: [CentOS] Ideas for stopping ssh brute force attacks

Bo Lynch wrote: just wanted to get some feedback from the community. Over the last few days I have noticed my web server and email box have attempted to ssh'd to using weird names like admin,appuser,nobody,etc None of these are valid users. I know that I can block sshd all together with iptab

Re: [CentOS] Ideas for stopping ssh brute force attacks

On Mon, Jul 21, 2008 at 4:08 PM, Lanny Marcus <[EMAIL PROTECTED]> wrote: > On Mon, Jul 21, 2008 at 3:43 PM, Bo Lynch <[EMAIL PROTECTED]> wrote: >> just wanted to get some feedback from the community. Over the last few >> days I have noticed my web server and email box have attempted to ssh'd to >>

RE: [CentOS] Ideas for stopping ssh brute force attacks

Bo Lynch wrote: > just wanted to get some feedback from the community. Over the last few > days I have noticed my web server and email box have attempted to > ssh'd to using weird names like admin,appuser,nobody,etc None of > these are valid users. I know that I can block sshd all together with

Re: [CentOS] nspluginwrapper included in CentOS 5.2 fails completely

On Mon, Jul 21, 2008 at 2:01 PM, Lanny Marcus <[EMAIL PROTECTED]> wrote: > > I am running the 32 bit kernel on my Desktop and I do *NOT* have that > problem. Of course not - nspluginwrapper is a 64-bit mozilla plugin that wraps 32-bit plugins so they'll work with a 64-bit browser. :-) > Possibl

Re: [CentOS] Ideas for stopping ssh brute force attacks

Dan Carl wrote: Just change the default port. You can also limit the allowed nocks on door with iptables, but changing the port is much eaieer. Cleans up the logs real nice. Dan I'll second that. Combining that with the SSH iptables entries to limit the number of attempts will help as wel

Re: [CentOS] nspluginwrapper included in CentOS 5.2 fails completely

I run CentOS 5.2 x86_64 on my workstation at home. Since 5.2 came out with nepluginwrapper bundled into it, none of my plugins work. I thought it was just a problem with the flash plugin, but neither the mplayerplug-in plugins nor the adobe acrobat reader plugin work, either. I have no problem

Re: [CentOS] Ideas for stopping ssh brute force attacks

"Bo Lynch" <[EMAIL PROTECTED]> wrote: >> Just wanted to know if anyone had any experience with anything like these programs or have any other advice. << No need for any add-ons. Just do two things: 1. Disable password logins. In /etc/ssh/sshd_config, add PasswordAuthentication no Now you will

Re: [CentOS] Ideas for stopping ssh brute force attacks

iptables -N SSHSCAN iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSHSCAN iptables -A SSHSCAN -m recent --set --name SSH iptables -A SSHSCAN -m recent --update --seconds 300 --hitcount 3 --name SSH -j DROP hey, this is awesome. we're currently filtering log files looking for multi

Re: [CentOS] Ideas for stopping ssh brute force attacks

"Lanny Marcus" <[EMAIL PROTECTED]> wrote: >> The above link is mostly dead. The data isn't there yet. << I did a write-up on generating SSH keys on both Windows and Linux, along with some additional tips on OpenSSH configuration. It's at http://www.lesbell.com.au/Home.nsf/web/SSH+for+Server+Admi

Re: [CentOS] nspluginwrapper included in CentOS 5.2 fails completely

On Mon, Jul 21, 2008 at 3:22 PM, MHR <[EMAIL PROTECTED]> wrote: > On Mon, Jul 21, 2008 at 2:01 PM, Lanny Marcus <[EMAIL PROTECTED]> wrote: >> >> I am running the 32 bit kernel on my Desktop and I do *NOT* have that >> problem. > > Of course not - nspluginwrapper is a 64-bit mozilla plugin that wra

Re: [CentOS] nspluginwrapper included in CentOS 5.2 fails completely

On Mon, Jul 21, 2008 at 4:01 PM, Lanny Marcus <[EMAIL PROTECTED]> wrote: > On Mon, Jul 21, 2008 at 2:18 PM, MHR <[EMAIL PROTECTED]> wrote: >> I was wondering if anyone else had this problem. >> >> I run CentOS 5.2 x86_64 on my workstation at home. Since 5.2 came out >> with nepluginwrapper bundled

Re: [CentOS] Ideas for stopping ssh brute force attacks

Provided you have ssh set up to ensure that root cannot login directly and/or keys instead of passwords must be used, you aren't in much danger of being compromised. To ensure the logs are mostly kept clean however, you need yet another solution such as changing the port, port-knocking, or a scrip

Re: [CentOS] Ideas for stopping ssh brute force attacks

When using denyhosts, you'll want to keep your IP's in hosts.allow so even if you're "banned" you can still get access. :-) Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 - Original Message - From: "D Steward" <[EMAIL PROTECTED]> To: "CentOS mailing list" Sent: Mon

Re: [CentOS] Ideas for stopping ssh brute force attacks

On Mon, 2008-07-21 at 17:09 -0500, Tim Nelson wrote: > When using denyhosts, you'll want to keep your IP's in hosts.allow so even if > you're "banned" you can still get access. :-) Yup. Unfortunately, my ISP's plan uses dynamic IPs, so I have to enter various subnets to stay safe. :( ___

Re: [CentOS] Ideas for stopping ssh brute force attacks

On Tue, Jul 22, 2008, D Steward wrote: >On Mon, 2008-07-21 at 17:09 -0500, Tim Nelson wrote: >> When using denyhosts, you'll want to keep your IP's in hosts.allow so even >> if you're "banned" you can still get access. :-) > >Yup. >Unfortunately, my ISP's plan uses dynamic IPs, so I have to enter

Re: [CentOS] Ideas for stopping ssh brute force attacks

D Steward wrote: > Because I don't believe a solution such as fail2ban will scale (it can't > be healthy having tens of thousands of IPs in iptables), I use denyhosts Wherever possible I use layer 2 bridging OpenBSD firewalls in front of my networks, I don't have a problem with brute force attack

Re: [CentOS] Ideas for stopping ssh brute force attacks

Bo Lynch wrote: just wanted to get some feedback from the community. Over the last few days I have noticed my web server and email box have attempted to ssh'd to using weird names like admin,appuser,nobody,etc None of these are valid users. I know that I can block sshd all together with iptab

Re: [CentOS] Ideas for stopping ssh brute force attacks

nate wrote: I don't like/use OpenBSD for anything other than firewalls. But I do think as a firewall, pf really can't be beat, the configuration for typical rules just 'flows'. IPTables by comparison is so cryptic. (speaking as a past user of ipfwadm, ipfw, ipchains, iptables, pf, and Cisco PIX,

Re: [CentOS] Personal Wiki for CentOS

Bowie Bailey wrote: Joseph L. Casale wrote: For ages I have been keeping docs and notes in Public Folders inside an Exchange server and want to move this out to a more modern facility that allows tagging and searching via a web interface for keywords so I can keep all my notes more organize

Re: [CentOS] Ideas for stopping ssh brute force attacks

Pfsense rules...in my humble opinion, does the job better than iptables. and like John said it can be easily configured via web. -- "It is human nature to think wisely and act in an absurd fashion." "Todo el desorden del mundo proviene de las profesiones mal o mediocremente servidas" ___

[CentOS] /etc/hosts missing localhost?

Is there any reason why /etc/hosts would be missing the line, 127.0.0.1 localhost? I just spent an hour trying to figure out why I could not connect to postgresql using ``psql -h ...'', finally figuring out that the /etc/hosts file was the problem. Bill -- INTERNET: [EMAIL PROTECTED] Bill Cam

Re: [CentOS] /etc/hosts missing localhost?

Bill Campbell wrote: > Is there any reason why /etc/hosts would be missing the line, > 127.0.0.1 localhost? no. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] /etc/hosts missing localhost?

On Mon, Jul 21, 2008 at 9:20 PM, Bill Campbell <[EMAIL PROTECTED]> wrote: > Is there any reason why /etc/hosts would be missing the line, > 127.0.0.1 localhost? Nope. It's there by default in some form or another. By default, it usually looks like this -> 127.0.0.1 installname localhost.l

[CentOS] harddisc or nfs based install

When choosing either of these methods and using an iso, how does CentOS determine the right iso file to mount? Is there an expected file name format? Thanks! jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ideas for stopping ssh brute force attacks

On Mon, July 21, 2008 6:47 pm, Bill Campbell wrote: > On Tue, Jul 22, 2008, D Steward wrote: >>On Mon, 2008-07-21 at 17:09 -0500, Tim Nelson wrote: >>> When using denyhosts, you'll want to keep your IP's in hosts.allow so >>> even if you're "banned" you can still get access. :-) >> >>Yup. >>Unfort

Re: [CentOS] Ideas for stopping ssh brute force attacks

Bo Lynch wrote: we have been looking at implementing OpenVPN to allow access to the internal LAN. For a firewall, we basically have iptables with 2 nics doing NAT. So would the OpenVPN server live inside of our private network and just do some forwards with iptables on the firewall or would it be

Re: [CentOS] /etc/hosts missing localhost?

On Mon, Jul 21, 2008, Jim Perrin wrote: >On Mon, Jul 21, 2008 at 9:20 PM, Bill Campbell <[EMAIL PROTECTED]> wrote: >> Is there any reason why /etc/hosts would be missing the line, >> 127.0.0.1 localhost? > >Nope. It's there by default in some form or another. > >By default, it usually looks like th

Re: [CentOS] Ideas for stopping ssh brute force attacks

On Mon, Jul 21, 2008, John R Pierce wrote: > Bo Lynch wrote: >> we have been looking at implementing OpenVPN to allow access to the >> internal LAN. For a firewall, we basically have iptables with 2 nics doing >> NAT. So would the OpenVPN server live inside of our private network and >> just do som

Re: [CentOS] Ideas for stopping ssh brute force attacks

Michael Gabriel wrote: just wanted to get some feedback from the community. Over the last few days I have noticed my web server and email box have attempted to ssh'd to using weird names like admin,appuser,nobody,etc None of these are valid users. I know that I can block sshd all together wi

Re: [CentOS] harddisc or nfs based install

--- On Mon, 7/21/08, Joseph L. Casale <[EMAIL PROTECTED]> wrote: > From: Joseph L. Casale <[EMAIL PROTECTED]> > Subject: [CentOS] harddisc or nfs based install > To: "'CentOS mailing list'" > Date: Monday, July 21, 2008, 6:57 PM > When choosing either of these methods and using an iso, how > d

Re: [CentOS] OCI

any one used this method on CenTOS5 64bit http://pecl.php.net/package/oci8 #pecl install oci8 On Mon, Jul 21, 2008 at 8:59 PM, Jay Leafey <[EMAIL PROTECTED]> wrote: > I am a bit hesitant to suggest this, but Oracle has already built > RHEL-compatible php packages, including php-OCI8. You can fi

RE: [CentOS] Personal Wiki for CentOS

>the only downside is that the default theme >is a bit crusty looking. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos John, Got a pointer to a theme that's appealing? Thanks! jlc

Re: [CentOS] harddisc or nfs based install

On Mon, 2008-07-21 at 21:34 -0700, Mark Pryor wrote: > > > --- On Mon, 7/21/08, Joseph L. Casale <[EMAIL PROTECTED]> wrote: > > > From: Joseph L. Casale <[EMAIL PROTECTED]> > > Subject: [CentOS] harddisc or nfs based install > > To: "'CentOS mailing list'" > > Date: Monday, July 21, 2008, 6:5

Re: [CentOS] Personal Wiki for CentOS

Joseph L. Casale wrote: the only downside is that the default theme is a bit crusty looking. Got a pointer to a theme that's appealing? big pile of them here... http://wiki.splitbrain.org/wiki%3Atpl%3Atemplates ___ CentOS mailing list CentOS@cen

RE: [CentOS] harddisc or nfs based install

>I am just wondering if you might be experiencing a problem connected to >the updated script language...some commands changed or deprecated...I >know I went thru some of that at the advent of c5.0...just a thought No problem (I always do PXE installs via http if I need to)... It was just a questio

  1   2   >