Ever since someone told me that one of my servers might have been hacked
(not the most recent instance) because I wasn't applying updates as soon as
they became available, I've been logging in and running "yum update"
religiously once a week until I found out how to set the yum-updatesd
service to
On 12/28/2011 02:01 PM, Bennett Haselton wrote:
> Yeah I know that most break-ins do happen using third-party web apps;
> fortunately the servers I'm running don't have or need any of those.
>
> But then what about what my friend said:
> "For example, there was a while back ( ~march ) a kernel expl
On 12/28/2011 04:40 PM, Bennett Haselton wrote:
> On Tue, Dec 27, 2011 at 10:17 PM, Rilindo Foster wrote:
>> On Dec 27, 2011, at 11:29 PM, Bennett Haselton
>>
>> What was the nature of the break-in, if I may ask?
>>
>
> I don't know how they did it, only that the hosting company had to take the
>
On Wed, Dec 28, 2011 at 4:04 PM, Bennett Haselton wrote:
> Power users can always change it if they want; the question is what would
> be better for the vast majority of users who don't change defaults. In
> that case it would seem better to have updates on, so that they'll get
> patched if an ex
On 12/28/2011 06:02 AM, Michael Lampe wrote:
>> nope. its actually quite a major pain to manage..
>>
>> you forgot to mention what you installed, how you did it and what you
>> expected V/s achieved
>
> I have installed all the packages from the two x86_64 DVDs with
> (eventually):
>
> yum in
On Wed, 2011-12-28 at 04:40 +, Karanbir Singh wrote:
> On 12/27/2011 01:10 PM, B.J. McClure wrote:
> > I tried CentOS 6.0 and 6.1 on Mac-Air with SSD. Installer could not
> > find SSD and Google did not help. FWIW, Ubuntu installed fine. If you
>
> I've seen a couple of MacbookAir's now run
On 12/28/2011 02:04 AM, Bennett Haselton wrote:
> Ever since someone told me that one of my servers might have been hacked
> (not the most recent instance) because I wasn't applying updates as soon as
> they became available, I've been logging in and running "yum update"
> religiously once a week u
On 12/27/2011 10:42 PM, Bennett Haselton wrote:
> Everything installed on the machine had been installed with "yum". So I
> assumed that meant that it would also be updated by "yum" if an update was
> available from the distro.
>
1. Are you running PHP apps on the web server? Perl apps? Bad c
On 12/27/2011 11:01 PM, Bennett Haselton wrote:
> Yeah I know that most break-ins do happen using third-party web apps;
> fortunately the servers I'm running don't have or need any of those.
>
> But then what about what my friend said:
> "For example, there was a while back ( ~march ) a kernel exp
On 12/28/2011 01:40 AM, Bennett Haselton wrote:
> On Tue, Dec 27, 2011 at 10:17 PM, Rilindo Foster wrote:
>
>>
>>
>>
>>
>> On Dec 27, 2011, at 11:29 PM, Bennett Haselton
>> wrote:
>>
>>> On Tue, Dec 27, 2011 at 8:33 PM, Gilbert Sebenste <
>>> seben...@weather.admin.niu.edu> wrote:
>>>
On Tu
On 12/28/2011 01:44 AM, Bennett Haselton wrote:
> On Tue, Dec 27, 2011 at 10:08 PM, Ken godee wrote:
>
>>> password"? That's what I'm talking about -- how often does this sort of
>>> thing happen, where you need to be subscribed to be a security mailing
>> list
>>> in order to know what workarou
On 12/28/2011 07:55 AM, Johnny Hughes wrote:
> On 12/28/2011 01:40 AM, Bennett Haselton wrote:
>> On Tue, Dec 27, 2011 at 10:17 PM, Rilindo Foster wrote:
>>
>>>
>>>
>>>
>>>
>>> On Dec 27, 2011, at 11:29 PM, Bennett Haselton
>>> wrote:
>>>
On Tue, Dec 27, 2011 at 8:33 PM, Gilbert Sebenste <
>
http://www.awe.com/mark/blog/20110727.html
--
Eero
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Ljubomir Ljubojevic wrote:
> Biarch is actually only needed for libraries and support packages.
> Running native i386 application on x86_64 does not make much sense
> (third-party apps are another thing).
I also like the option to compile, run, test, debug, etc. my own
programs as 32 bit. That's
Hi dnk,
Le 23/12/2011 07:23, dnk a écrit :
> Can anyone point me to a tutorial on using Active Directory to authenticate
> a centos 6 server? I just want to use it to authenticate, ssh and restrict
> access to a particular ad group. I prefer to use the lightest method
> possible. I know you can us
On Wed, Dec 28, 2011 at 10:25 AM, Michael Lampe
wrote:
>
>> Biarch is actually only needed for libraries and support packages.
>> Running native i386 application on x86_64 does not make much sense
>> (third-party apps are another thing).
>
> I also like the option to compile, run, test, debug, etc
Am 28.12.2011 17:48, schrieb Les Mikesell:
> On Wed, Dec 28, 2011 at 10:25 AM, Michael Lampe
> wrote:
>>
>>> Biarch is actually only needed for libraries and support packages.
>>> Running native i386 application on x86_64 does not make much sense
>>> (third-party apps are another thing).
>>
>> I
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ..
Hello listmates.
It appears that in order to authenticate a Mac OS X Lion client via NIS the
passwords in passwd and passwd.byname maps need to be MD5 encrypted. How do
I see what encryption has been used in my maps? How do I change it?
Thanks.
Boris.
Les Mikesell wrote:
> Why not use a virtual machine for that and have a cleaner separation
> of the architectures?
Biarch runs natively and therfore faster, it can use
hardware-accelerated OpenGL, it is easier to setup and use, and it is
fully supported by TUV. To me the separation of arcitectu
Reindl Harald wrote:
> compilers and devel-packages should usually be seperated from
> working-computers and the compiled software packed as RPM
> in a dedicated vritual machine
I'm using CentOS not only as a mail/web/etc. server, but also on my
development workstation, on a compute server and o
On Wed, Dec 28, 2011 at 11:06 AM, Michael Lampe
wrote:
> Les Mikesell wrote:
>
>> Why not use a virtual machine for that and have a cleaner separation
>> of the architectures?
>
> Biarch runs natively and therfore faster, it can use
> hardware-accelerated OpenGL, it is easier to setup and use, and
Am 28.12.2011 18:13, schrieb Michael Lampe:
> Reindl Harald wrote:
>
>> compilers and devel-packages should usually be seperated from
>> working-computers and the compiled software packed as RPM
>> in a dedicated vritual machine
>
> I'm using CentOS not only as a mail/web/etc. server, but also
Reindl Harald wrote:
> compiling is not the problem
Indeed. And thanks to biarch, this works ootb.
> there is ONE virtual machine neough for all users
Biarch reduces this even to one less: none. It's obvioulsy the simpler
solution.
> however i can not imagine a usecase for 32bit software thes
Boris Epstein wrote:
> Hello listmates.
>
> It appears that in order to authenticate a Mac OS X Lion client via NIS the
> passwords in passwd and passwd.byname maps need to be MD5 encrypted. How do
> I see what encryption has been used in my maps? How do I change it?
I think it is the case that L
On 12/28/2011 10:25 AM, Michael Lampe wrote:
> Ljubomir Ljubojevic wrote:
>
>> Biarch is actually only needed for libraries and support packages.
>> Running native i386 application on x86_64 does not make much sense
>> (third-party apps are another thing).
>
> I also like the option to compile, r
Hi Alain,
I had tried that tutorial, and had issues with that one as well. I
obviously was missing something when I tried it.
I actually got my machine in AD using likewise open. It works quite well,
with minimal config.
I appreciate the pointers though!
D
On Wednesday, December 28, 2011, Al
On Wednesday, December 28, 2011, Johnny Hughes wrote:
> On 12/28/2011 02:04 AM, Bennett Haselton wrote:
>> Ever since someone told me that one of my servers might have been hacked
>> (not the most recent instance) because I wasn't applying updates as soon
as
>> they became available, I've been log
The 'E' in CentOS stands for Enterprise. Enterprises use change
control. Servers do not update themselves whenever they see an update.
Updates are tested (not so much), approved and scheduled, hopefully in
line with a maintenance window. In most enterprises that I've been in,
a server can't even
Johnny Hughes wrote:
> There is a variable in yum.conf called multilib_policy ...
>
> The default in CentOS 5 is all ... the default in CentOS 6 is best.
Ah, ok. Part of my playing around with 6.2 ist finding all the
differences with respect to 5.x. ;)
> I can tell you that I would personally u
On 12/28/2011 12:53 PM, Michael Lampe wrote:
> Johnny Hughes wrote:
>
>> There is a variable in yum.conf called multilib_policy ...
>>
>> The default in CentOS 5 is all ... the default in CentOS 6 is best.
>
> Ah, ok. Part of my playing around with 6.2 ist finding all the
> differences with resp
Maybe we're talking about different things here. I'm definitely not
talking about how to build a distribution. That's why I'm using your's
on not running my own.
I'm talking about the usefulness of biarch. Not in the sense of building
packages for redistribution, especially not as RPMs. It's ju
Am 28.12.2011 23:19, schrieb Michael Lampe:
> Maybe we're talking about different things here. I'm definitely not
> talking about how to build a distribution. That's why I'm using your's
> on not running my own.
you need not to build a distribution to build clean packages
in a clean build-envi
Reindl Harald wrote:
> you need not to build a distribution to build clean packages
> in a clean build-envirnonment - this is simply in your own
> interest over the long and any quick& dirty solution
> will eat your time later
Please tell me in detail what ends up quick and dirty, when doing wha
On Wed, Dec 28, 2011 at 4:19 PM, Michael Lampe
wrote:
> Maybe we're talking about different things here. I'm definitely not
> talking about how to build a distribution. That's why I'm using your's
> on not running my own.
If you are moving binaries to any other machine, you are likely to
have odd
Am 28.12.2011 23:32, schrieb Michael Lampe:
> Reindl Harald wrote:
>
>> you need not to build a distribution to build clean packages
>> in a clean build-envirnonment - this is simply in your own
>> interest over the long and any quick& dirty solution
>> will eat your time later
>
> Please tell
(Sorry to be a little talkative today, but I will easily refute everything.)
Les Mikesell wrote:
> If you are moving binaries to any other machine, you are likely to
> have odd failures if you don't carefully control the libraries in the
> build environment.
The linker doesn't and cannot link 64
Am 28.12.2011 23:54, schrieb Michael Lampe:
> Three examples I have already given. To repeat one: a user has a code
> base that is not 64-bit clean? What am I to do? Tell him to f***,
> fix it myself for him, or what?
YES damend
force him to cleanup hsi crap or chain him in a virtual mach
Johnny Hughes wrote:
> System Administration is a time consuming and complicated thing. That
> is why there are System Administrators. That is why there are
> certifications like RHCT, RHCE, CISSP. There are a whole slew of things
> that people who want to run secure server need to know, and do
On 12/28/11 2:54 PM, Reindl Harald wrote:
> do what you believe and let us look where you end in 5-6 years
> after doing a couple of updates with "./configure&& make&& make install)
>
> it IS DIRTY because it does NOT remove obsoleted files
> and yes i have seen environemnets where as example mys
Reindl Harald wrote:
> it IS DIRTY because it does NOT remove obsoleted files
> and yes i have seen environemnets where as example mysql did not
> compile any longer as long all pieces of the old version were not
> deleted manually
Hardly ever do I type 'make install'. I stick to
Base/Updates/Ep
Am 28.12.2011 23:54, schrieb Michael Lampe:
> They update with everything else, there's no bandwidth limitation for
> these machines and the discs are big enough. (The 'everything' I
> described shortly elsewhere + a lot of extras totals to ~16 GB of disc
> space. That's nothing.)
and becaus
Am 29.12.2011 00:01, schrieb John R Pierce:
> On 12/28/11 2:54 PM, Reindl Harald wrote:
>> do what you believe and let us look where you end in 5-6 years
>> after doing a couple of updates with "./configure&& make&& make install)
>>
>> it IS DIRTY because it does NOT remove obsoleted files
>> a
Reindl Harald wrote:
> on a clean environment $HOME does not contain software
> this is the apple-way having binaries running where your user
> have write-access and from the viewpoints of security and
> modern system-managment worst practice
The three Federal Computing Centers in Germany (Jueli
Greetings,
I have a centos 5.7 (2.6.18-274.12.1.el5) server with mock
(mock-1.0.25-1.el5) installed. When initialize epel-6 chroot in centos 5.7
it failed, below are the snippet of error in the terminal output,
...
...
rpmlib(PayloadIsXz) is needed by mingetty-1.08-5.el6.x86_64
rpmlib(FileDigests
On 12/29/2011 01:00 AM, Jason Wee wrote:
> Greetings,
>
> I have a centos 5.7 (2.6.18-274.12.1.el5) server with mock
> (mock-1.0.25-1.el5) installed. When initialize epel-6 chroot in centos 5.7
> it failed, below are the snippet of error in the terminal output,
> srpm in C5 mock for C6 or is
On Thu, Dec 29, 2011 at 9:03 AM, Karanbir Singh wrote:
> On 12/29/2011 01:00 AM, Jason Wee wrote:
> > Greetings,
> >
> > I have a centos 5.7 (2.6.18-274.12.1.el5) server with mock
> > (mock-1.0.25-1.el5) installed. When initialize epel-6 chroot in centos
> 5.7
> > it failed, below are the snippet
On Wed, 2011-12-28 at 13:47 +0900, 夜神 岩男 wrote:
> With the vast majority of web applications being developed on frameworks
> like Drupal, Django and Plone, the overwhelming majority of "server
> hacks" with regard to the web have to do with attacking these structures
> (at least initially), not
On Wed, Dec 28, 2011 at 5:13 PM, Michael Lampe
wrote:
>
> Stuttgarts former top class machine is running CentOS 5. I never tried
> the 32-bit feature there myself, because my code _is_ 64-bit clean. But
> I would have been pissed if ...
You _can_ cross-compile code for a whole bunch of different
On Wed, Dec 28, 2011 at 5:01 PM, Timothy Murphy wrote:
>>
>> Running your own server is not like using a toaster. It requires
>> someone with a detailed level of knowledge to install and maintain it.
>
> What about home servers?
Are they exposed to inbound internet traffic? If so, expect people
On Wed, 2011-12-28 at 07:43 -0600, Johnny Hughes wrote:
> There have been NO critical kernel updates. A critical update is one
> where someone can remotely execute items at the root users.
>
> Almost all critical updates are Firefox, Thunderbird, telnetd (does
> anyone still allow telnet?), or s
Les Mikesell wrote:
> You _can_ cross-compile code for a whole bunch of different
> environments. That doesn't make it a particularly good idea, even if
> it does happen to be fairly easy in this one particular case. How
> many cases do you want to support?
Exactly this one. The only relevant c
On Wed, 2011-12-28 at 00:40 -0700, Bennett Haselton wrote:
> On Tue, Dec 27, 2011 at 10:17 PM, Rilindo Foster wrote:
> > What was the nature of the break-in, if I may ask?
> >
>
> I don't know how they did it, only that the hosting company had to take the
> server offline because they said it wa
Hi List,
Just loaded our favorite OS onto my new ASUS laptop.
Practically everything worked out of the box - I used the live DVD to
check things out and installed from there.
I have followed
http://forum.notebookreview.com/asus-gaming-notebook-forum/553474-g73-asus-wmi-linux-driver-i-need-your-hel
- Original Message -
| Hi Alain,
|
| I had tried that tutorial, and had issues with that one as well. I
| obviously was missing something when I tried it.
|
| I actually got my machine in AD using likewise open. It works quite
| well,
| with minimal config.
|
| I appreciate the pointers
John R Pierce wrote:
> who says he's building system packages?I got the impression he's
> building his own applications, stuff that typically runs in $HOME rather
> than /usr or whatever.
Exactly. Wasn't that clear from the very beginning?
-Michael
_
On Wednesday, December 28, 2011, James A. Peltier wrote:
> - Original Message -
> | Hi Alain,
> |
> | I had tried that tutorial, and had issues with that one as well. I
> | obviously was missing something when I tried it.
> |
> | I actually got my machine in AD using likewise open. It work
57 matches
Mail list logo
