On Monday, September 26, 2011 06:41:16 PM Ross Walker wrote:
> Might it be possible you ran KVM on the host and accidentally set the guest
> disk to /dev/sda?
/dev/sde is the OP's LUN device.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos
On Monday, September 26, 2011 11:18:06 AM Paras pradhan wrote:
> On Mon, Sep 26, 2011 at 5:53 AM, Lamar Owen wrote:
> > May I ask what sort of SAN?
> Its a Hitachi OpenV fibre channel SAN (4Gbps HBA). My storage admin
> checked if this LUN can be accessible by others and he
On Wednesday, September 28, 2011 07:47:15 PM Bob Hoffman wrote:
> I do not want my raid 1 mirror OS to be on sdc, sdd, and sdeit just
> looks weird.
It's related to PCI enumeration order, and may not be changeable. You could
try the add-on card in another slot.
However, if you think that's
On Thursday, September 29, 2011 05:16:16 PM Les Mikesell wrote:
> So how do you propose getting a uuid or label on a disk in the first
> place if you can't identify which is which physically? And how do you
> know which to move when you want the content in some other box?
Drive model number plus
On Tuesday, September 27, 2011 12:28:38 AM Joseph L. Casale wrote:
> >ftp://ftp.muug.mb.ca/mirror/fedora/linux/updates/testing/15/SRPMS/zoneminder
> >-1.24.4-3.fc15.src.rpm
>
> My bad, thought you had to modify the spec...
> There were some recent changes to a bz I was following that got resolved
On Friday, September 30, 2011 11:41:02 AM Les Mikesell wrote:
> Because I can. Why wouldn't you?
...
> That doesn't any more sense than having to label all your shipping
> containers descriptively before you know what you are going to put in
> them. And besides, most of the labels are applied
On Friday, September 30, 2011 12:26:28 PM Les Mikesell wrote:
> On Fri, Sep 30, 2011 at 11:03 AM, Lamar Owen wrote:
> >
> For example when mounting by label was
> first implemented, having a duplicate label (very likely if you move
> disks around at all since the installer al
On Friday, September 30, 2011 03:36:50 PM Bob Hoffman wrote:
> Below is the issue I am talking about. The system ignores the sda/sdb
> etc labeling to use UUID and things like hd0, hd1...
> Yet mdstat shows you the drives in the useless labeling way...sda sdab
...
Useless? Those names are what th
On Saturday, October 01, 2011 12:56:46 AM Cliff Pratt wrote:
> prompt> tune2fs /dev/sdb1 -U c491d94e-7004-4b08-9993-4c9a7a25b6b1
As the saying goes, try typing that fast ten times and see how many times
the UUID ends up being fat-fignered.
Unless the UUID contains spellable words that use on
On Wednesday, October 12, 2011 03:26:03 PM m.r...@5-cent.us wrote:
> > yum list *php*
>
> clean all might be a good idea, but I always use escaped wildcards, so
> there's no chance of shell interaction. Works fine fer me. Here's the
> first bit of what I get:
Incidentally, kmail (for one MUA) re
On Thursday, October 13, 2011 02:32:05 AM Bob Hoffman wrote:
> There has to be a way to get a video or text install locally from the default
> virt host package without
> installing x windows system, gnome, or kdealthough many little bits of
> those packages were installed.
>
> it really fee
On Tuesday, October 18, 2011 01:07:02 PM Les Mikesell wrote:
> I don't think anything is immune to failure. Another fun case is a
> randomly-bad memory bit causing different things to be written to
> software raid mirrors. I had one that took 3+ days of running
> memtest86 to catch.
ECC RAM?
___
On Friday, October 28, 2011 04:10:05 AM Steve Brooks wrote:
> I have a few "sl6.1" worstations that do not have "xorg-x11-xauth"
> installed and it does *not* seem to appear in the repos. Yet
> X11-Forwarding works fine.
That's mighty strange, as a basically scratch SL6.1 install here shows:
[r
On Friday, October 21, 2011 10:17:18 AM Giles Coochey wrote:
> It appears that this is not the case, and my only option is to take my
> servers down the beta route to Centos 6.1 Release Candidates.
This is one area in which CentOS and Scientific Linux are different (and it's
interesting, readin
On Friday, October 21, 2011 02:22:26 PM Les Mikesell wrote:
> Which is explicitly imposing additional restrictions. Which is
> explicitly prohibited in section 6. I don't see any exceptions
> relating to what the consequences of those restrictions might be.
The RHN AUP simply says that if you re
On Friday, October 28, 2011 11:29:52 AM Les Mikesell wrote:
> On Fri, Oct 28, 2011 at 10:20 AM, Lamar Owen wrote:
> >
> > Even GPL only requires redistribution by upstream to its customers.
>
> With _no additional restrictions_ on subsequent redistribution.
Losing access t
On Friday, October 28, 2011 05:55:06 PM Karanbir Singh wrote:
> We should have all the announcements out and caught up by the middle of
> next week.
FWIW, announcements or no announcements, I've been pretty happy to see the
updates coming through CR, and I thank you and the team for this. Back w
On Saturday, October 29, 2011 07:28:27 AM John Hodrien wrote:
> On Sat, 29 Oct 2011, John R Pierce wrote:
> > well, there's the subtle clue that the first time you log onto a
> > particular account with X forwarding, xauth prints a message about
> > saving the .Xauth file
> Sure, but that mean
On Saturday, October 29, 2011 07:26:04 PM John Hodrien wrote:
> ssh tells you when it creates a .Xauthority file for the first time. Why does
> it do that?
Being totally pedantic here, but isn't it /usr/bin/xauth that issues the
message telling that the .Xauthority file has been created?
_
On Saturday, October 29, 2011 06:31:46 PM Jerry Geis wrote:
> I cannot find anything out there as far as an update.
This has been a useful discourse since the new difficulties that the team is
facing are now more widely known. Sometimes the pot needs a good stirring, and
this time we got what i
On Monday, October 31, 2011 07:46:59 AM William Warren wrote:
> Like I said before It it too
> bad RH is doing what they are doing. It is going to mean the death of
> RHEL rebuilds...look at what is happening to Centos. Per Johnny's
> statement they can't truly maintain 100% binary compatibili
On Tuesday, November 01, 2011 11:24:24 AM Les Mikesell wrote:
> If, in fact, you cannot rebuild a src rpm and get a working
> copy then in that respect you might as well be using closed,
> proprietary software.
"Working" and "binary compatible" are two different things, and typically the
100% bin
On Tuesday, November 01, 2011 01:46:57 AM Bob Hoffman wrote:
> Personally I am thinking of staying away from all red hat clones due to
> redhat's actions for my own security.
> The only thing on the horizon I see is ubuntu server as best supported
> and up to date.
There are really two good ente
On Wednesday, November 02, 2011 12:44:27 PM Les Mikesell wrote:
> Does Debian include all the same drivers as Ubuntu these days?
Sounds like a question for a Debian list, not here.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman
On Wednesday, November 02, 2011 12:53:29 PM Les Mikesell wrote:
> Try the other way around: build RHEL from their src rpms, try to run
> the 3rd party binary... I thought you said that didn't work. If you
> can't rebuild that source so it works, you might as well not use open
> source.
Ok, let m
On Wednesday, November 02, 2011 03:19:07 PM Marcio Carneiro wrote:
> 2011/11/2 Lamar Owen
> > There are really two good enterprise-grade alternatives, in my opinion,
> > one free and one not:
> OpenIndiana.org
I was limiting myself to Linux, and I really should have said so.
Posted, in case you haven't seen it already:
http://qaweb.dev.centos.org/qa/node/116
Good news.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
On Thursday, November 10, 2011 10:33:38 AM Craig White wrote:
> [Ubuntu is] different - not better, not worse (save for the fact that with
> Ubuntu I have been able to get timely updates this year). Also, I much prefer
> their packaging of Apache & BIND9 to Red Hat's.
[snip]
> If your expectation
On Thursday, November 10, 2011 12:16:18 PM Craig White wrote:
> I would generally agree with this (brevity is not your strongest trait)
That would be correct. As Mark Twain once said, "I didn't have time to write a
short letter, so I wrote a long one instead." And I type (and read) relatively
On Thursday, November 10, 2011 11:49:30 AM Sean Carolan wrote:
> Anyone have a script or utility to convert an RTF file to ANSI? The
> main idea here is to preserve the color codes that are specified in
> the RTF file, so they can be displayed easily in a terminal window.
unrtf --vt
Unrtf is ava
On Thursday, November 10, 2011 02:20:25 PM Bob Hoffman wrote:
> The newer stuff is cool, but it lacks the polish of a ready to go
> system. Centos has the polish, but lacks the new stuff.
> sigh.
And right there is the core (or maybe it's 'sore') point to all of this; it
really depends on what y
On Saturday, November 12, 2011 11:51:42 AM Craig White wrote:
> On Sat, 2011-11-12 at 09:25 -0600, Johnny Hughes wrote:
>
> > ... there is a learning curve to get
> > proficient at doing Debian/Ubuntu.
>
> ... There's only what you know, how you
> can adapt what you know and how well you can
On Monday, November 28, 2011 11:23:57 AM Les Mikesell wrote:
> Even if all the users are working at the same
> console, they should have different logins.
You know, reading through this thread is frustrating.
Frustrating in that the OP's question has yet to be answered; instead, yet
again, the O
On Monday, November 28, 2011 12:40:59 PM m.r...@5-cent.us wrote:
> You missed one: he may not have the authority to do so.
Yep, I did. I keep forgetting that others don't have the flexibility that I
do, so thanks for that reminder.
___
CentOS mailing l
On Monday, November 28, 2011 01:15:30 PM Les Mikesell wrote:
> None of which justifies someone else helping to continue a misguided
> and insecure practice...
Not all systems are Internet connected, and not all sites need the same
security; one size does not fit all.
In the OP, we have a basic
On Wednesday, November 23, 2011 06:11:31 AM Guitart Francesc wrote:
> How I can force always the request of login and password?
In System -> Administration -> Authentication, 'Options' tab, is 'Cache User
Information' checked?
___
CentOS mailing list
C
On Tuesday, November 29, 2011 11:14:16 AM Timothy Madden wrote:
> The router has the 'DNS relay' option enabled, and all 7 computers use
> the router as the DNS server, which in turn will forward DNS requests to
> the ISP DNS server. That way I can understand that simple, plain,
> default DNS is
On Tuesday, November 29, 2011 01:56:59 PM Johnny Hughes wrote:
> rpm -qa > somefile
>
> rsync somefile to the other machines and then:
>
> yum install $(cat somefile)
[Note: Johnny's advice is good, and this reply is more addressed to the OP than
to Johnny, as he already knows what I'm getting
On Wednesday, November 30, 2011 08:54:04 AM Timothy Madden wrote:
> Is there a way to get the name service switch to use wins, while the DNS
> configuration is handled by DHCP client ?
Yes, there is (or at least should be). While I know some will object strongly
to doing it this way, here's how
On Wednesday, November 30, 2011 03:59:58 AM Fajar Priyanto wrote:
> How fast the Switches can recognize the new mac? Any other pitfall?
There are a couple of things I've run into, mostly in failover situations or in
situations where a machine was moved from one switch to another.
ARP cache timeo
On Wednesday, November 30, 2011 10:32:24 AM Fajar Priyanto wrote:
> Thanks all for all the insights from your experience. Much appreciated.
You're quite welcome. Please let us know how it went.
> I will do it during weekend when no users are working.
> (this creates the saying about sysadmin: pe
On Wednesday, November 30, 2011 06:40:44 PM Ross Walker wrote:
> I have heard of people setting their PERCs in pass-through mode and doing
> software RAID, or setting the drives up as a bunch of single disk RAID0
> drives and doing software RAID, so I wouldn't rule it out.
FWIW, I've done this i
On Thursday, December 01, 2011 10:08:27 AM Craig White wrote:
> I think the actual controller might make a difference and also details such
> as whether/how much write back cache was available and also, which RAID level
> would likely be significant too. Almost guessing that you were talking abou
On Thursday, December 01, 2011 01:53:59 PM m.r...@5-cent.us wrote:
> So, I've done pgscan, vgscan, see the group name, tried vgchange --mknod,
> but the groups aren't active, nor is there a VolGroup directory created
> down in /dev. Anyone know what I've missed?
vgchange -ay perhaps?
_
On Friday, December 02, 2011 08:42:42 AM Les Mikesell wrote:
> [netbios naming is] like a roomfull of people yelling out their own
> name all the time as a means of identification with no way to handle
> those out of hearing distance or to arbitrate duplicates.
...
> But that's a matter of luck,
On Friday, December 02, 2011 06:36:25 AM Timothy Madden wrote:
> Sorry to say the instructions did not work for me.
...
> Still, no success in ping-ing other (samba) machines in my network. But
> I could ping the same machines from a Windows workstation...
...
> I the end, I had to revert to stati
On Friday, December 02, 2011 10:38:11 AM Craig White wrote:
> indeed but to continue Les's fairly adept analogy, this is akin to running
> wires & a PA system to another office so the yelling happens not just in one
> room but in several rooms.
Uh, no. With properly configured WINS (both server
On Friday, December 02, 2011 10:47:53 AM Craig White wrote:
> I think 'recommended' is a bit of a stretch - it is a possibility.
'Recommended' if you don't want to (or can't) use either old-style NT domains
or ActiveDirectory. When you need to support routable SMB/CIFS traffic for
WinXP Home, V
On Friday, December 02, 2011 11:06:51 AM Craig White wrote:
> ummm... there are WINS master browser elections on every subnet ...
'Master browser election broadcasts' != 'broadcast-based name resolution.'
I have measured significant broadcast traffic reduction when migrating from
non-WINS to WIN
On Friday, December 02, 2011 11:02:18 AM Craig White wrote:
> I'm sort of surprised no one pointed out that mDNS/avahi type of name
> resolution was probably the way to go for a heterogenous network but yes, it
> too is not generally installed/configured on a normal Linux install.
While there is
On Friday, December 02, 2011 11:43:48 AM Les Mikesell wrote:
> Nobody cares much about hardware/network efficiency these days since
> you are likely to have plenty except in those marginal wifi areas, but
> broadcasts get accepted by every NIC on the network and pushed up the
> network stacks until
On Friday, December 02, 2011 11:40:39 AM Craig White wrote:
> On Dec 2, 2011, at 9:17 AM, Lamar Owen wrote:
> > I have measured significant broadcast traffic reduction when migrating from
> > non-WINS to WINS SMB/CIFS name resolution.
...
> As for how much broadcast occurs.
On Friday, December 02, 2011 12:40:32 PM Les Mikesell wrote:
> On Fri, Dec 2, 2011 at 11:16 AM, Lamar Owen wrote:
> > But, lacking metrics, it's somewhat of a moot point.
> My point is that every device on your network has to process every
> broadcast packet. Maybe you have
On Friday, December 02, 2011 01:17:19 PM m.r...@5-cent.us wrote:
> Within our division, we
> control the horizontal, we control the vertical
And now we have reached the outer limits of topicality.
/me
___
CentOS mailing list
CentOS@centos.org
On Monday, December 05, 2011 02:56:18 PM John R Pierce wrote:
> indeed, that was my point. its silly to expect the latest release of
> ENTERPRISE LINUX, a distribution clearly targeted at servers, to have to
> support every funky old box end users can throw at it.
If EL6 is targeted at servers,
On Monday, December 05, 2011 03:48:12 PM John R Pierce wrote:
> the chipset doesn't support over 2GB ram. the Pentium-M was based on
> the Pentium-III core, which afaik didn't have PAE. /me shrugs. They
> added it back in for the Core family.
That's the odd thing; PAE has been there since t
On Monday, December 05, 2011 03:52:11 PM Les Mikesell wrote:
> On Mon, Dec 5, 2011 at 2:34 PM, Lamar Owen wrote:
> > You know, I don't exactly agree with that. The D600 (and D610) are still
> > relatively useful laptops that, with the right desktop environment, can
&g
On Monday, December 05, 2011 06:02:27 PM Les Mikesell wrote:
> On Mon, Dec 5, 2011 at 4:55 PM, Lamar Owen wrote:
>> It's only when doing multiple things, or doing multithreaded things, that the
>> Core2Duo pulls away.
> OK, but who just runs a single process?
For th
On Monday, December 05, 2011 11:11:45 AM Akemi Yagi wrote:
> FYI, the ELRepo project now provides kernel-ml for EL6 [1] that
> includes a non-PAE kernel [2] (thanks to Alan Bartlett). However, one
> has to create an install disk/image with that kernel to perform the
> installation.
This is good; t
On Monday, December 05, 2011 06:58:53 PM Ljubomir Ljubojevic wrote:
> I plan on releasing unofficial CentOS Desktop oriented LiveDVD with all
> the goodies like newest Firefox and ElRepo kernel modules for NIC's and
> wireless, and "upgrade" repository with missing or newer packages of
> Desktop
As much as I hate to be the bearer of news, I saw over 400 updates this morning
on my upstream 6.1 box checking the upstream website, yeah, EL6.2 is out,
at least for updates. I didn't see ISO's in my subscribed channel yet, though.
I figured someone would notice soon enough.
So before any
On Tuesday, December 06, 2011 10:40:30 AM Eero Volotinen wrote:
> 2011/12/6 Lamar Owen :
> > As much as I hate to be the bearer of news, I saw over 400 updates this
> > morning on my upstream 6.1 box checking the upstream website, yeah,
> > EL6.2 is out, at least for u
On Tuesday, December 06, 2011 02:21:09 PM m.r...@5-cent.us wrote:
> Reindl Harald wrote:
> > the device name is totally uninteresting, the IDs are
> > mdadm /dev/mdx --add /dev/sdex
> No, it's not uninteresting. I can't be sure that when it reboots, it won't
> come back as /dev/sda.
The RAIDsets
On Tuesday, December 06, 2011 02:12:04 PM Johnny Hughes wrote:
> You should see 6.2 significantly faster than 6.1 ... especially the CR rpms.
Thanks for the info, Johnny. Looking forward to it.
___
CentOS mailing list
CentOS@centos.org
http://lists.cent
On Tuesday, December 06, 2011 02:46:24 PM m.r...@5-cent.us wrote:
> Booting purposes is the point: /dev/md0 is /boot. And as the slot's ATA0,
> it should come up as sda. You mention getting the bootloader sectors over
> - do you mean, after it's rebuilt and active, to then rerun grub-install?
Eith
On Tuesday, December 06, 2011 03:09:42 PM Lamar Owen wrote:
> I've seen that happen before. It was a tad disconcerting at first, but, yes,
> in the case I saw it a reboot made it back to sda.
Oh, and /dev/sda is not necessarily the BIOS boot device, by the way. For
instance, on my
On Tuesday, December 06, 2011 03:39:06 PM m.r...@5-cent.us wrote:
> Ack! So I actually need to run grub-install, and do it for both; didn't
> know that (always had /boot as a plain vanilla primary partition)?!
If /dev/sdb doesn't have the stage1.5 in the first 60 or so sectors after the
MBR (whic
On Tuesday, December 06, 2011 04:45:04 PM Johnny Hughes wrote:
> If I had to guess, I would say that the attackers probably developed
> their code on CentOS, so they were looking for a CentOS machine to
> deploy their code on in the wild. That would be why I would say CentOS
> was the OS used.
I
On Tuesday, December 06, 2011 04:58:42 PM Lamar Owen wrote:
> I happen to have a copy of an older brute-forcer dictionary here (somewhere)
> and it's very large and has lots of very secure-seeming passwords in it.
I ran down the copy I have; here's an excerpt of one of
On Tuesday, December 06, 2011 05:31:58 PM Fajar Priyanto wrote:
> Dec 7, 2011 5:58 AM Lamar Owen 작성:
> >I happen to have a copy of an older brute-forcer dictionary here (somewhere)
> >and it's very large and has lots of very secure-seeming passwords in it.
> Why not don&
On Wednesday, December 07, 2011 05:48:24 AM Adam Tauno Williams wrote:
> *DISABLE* password authentication on public-facing [and preferably all]
> servers. Isn't that securing a server rule#1?
Interestingly enough, there are vulnerability scanning tools out there that
will flag the lack of a pas
On Tuesday, December 06, 2011 08:06:55 PM James A. Peltier wrote:
> [Changing the port #] is completely and utterly retarded. You have done
> *NOTHING* to secure SSH by doing this. You have instead made it only
> slightly, and I mean ever so slightly, more secure. A simple port scan of
> your
On Wednesday, December 07, 2011 04:59:52 AM Nicolas Thierry-Mieg wrote:
> alphanumeric only isn't so secure-seeming is it? Is this for admins who
> log in with a cell phone instead of a real keyboard? ;-)
> seriously: I thought the consensus was that a secure password should
> contain at least on
On Wednesday, December 07, 2011 05:32:00 AM Ljubomir Ljubojevic wrote:
> There is also use of denyhosts and fail2ban. They allow only few
> attempts from one IP, and all users can share attacking IP's (default is
> every 30 min) so you are automatically protected from known attacking
> IP's. Any
On Wednesday, December 07, 2011 07:37:34 AM Always Learning wrote:
...
> The essential aspect of this suggestion is such a web site must be Linux
> non-denominational. Centos fans working with Ubuntu fans working with
> other flavours too including Red Hat et al. A genuine community
> Enterprise be
On Wednesday, December 07, 2011 12:30:27 PM Rui Miguel Silva Seabra wrote:
> The fact that they immediately (first thing, actually) did was to
> upgrade OpenSSH does suggest that there is a Zero Day bug around.
While at first blush that would appear to be so, it may be that the openssh was
upgrad
On Wednesday, December 07, 2011 10:44:10 AM Michael Simpson wrote:
> SELinux is great but didn't save Russell Coker from having his play
> machine owned with the vmsplice exploit.
> http://etbe.coker.com.au/2008/04/03/trust-and-play-machine/
> http://www.coker.com.au/selinux/play.html
In this par
On Friday, December 09, 2011 07:39:54 AM James Hogarth wrote:
> Funny thing I went through a similar thing a ways back - but for me
> was vmware esx 3.5 to centos 5.5
James, I'd be interested in knowing some of how you handled the ESX to KVM
migration, and some caveats you might have found along
On Monday, December 12, 2011 09:13:13 AM Rudi Ahlers wrote:
> And then you still have the iSCSI applicance / server to worry about.
> It can fail as well. Even with redundancy PSU's it could fail - the
> RAM, CPU, motherboard, controller card, expensive RAID card, etc can
> fail as well.
These pro
For those who don't follow the QA RSS, see:
http://qaweb.dev.centos.org/qa/node/120
to get the latest info on the status of 6.2. Looks good so far!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
On Monday, December 12, 2011 02:02:41 PM John R Pierce wrote:
> On 12/12/11 10:23 AM, Digimer wrote:
> > Shared cache is, I think, a single-point-of-failure.
>
> no, its done with replication over a private channel between the storage
> controllers. standard feature on all redundant controller
On Monday, December 12, 2011 11:48:38 AM Patrick Lists wrote:
> Wow that is amazing progress. You guys are doing a great job!
> Kudos to all involved!
Indeed.
>From what I can tell, being that I have an upstream EL6.2 box running, the 6.0
>to 6.1 transition is much more disruptive (in terms of p
On Thursday, December 15, 2011 09:51:52 AM Leonard den Ottolander wrote:
> Please do not ask people to include log files or other attachments to a
> public mailing list! Information like that should be pasted online (f.e.
> at http://pastebin.com/ ) and a link to the resource should be used.
I mus
On Wednesday, December 28, 2011 10:38:30 PM Craig White wrote:
> the top priority was to get the machine back online?
>
> Seems to me that you threw away the only opportunity to find out what
> you did wrong and to correct that so it doesn't happen again. You are
> left to endlessly suffer the end
On Tuesday, December 27, 2011 10:13:12 PM Bennett Haselton wrote:
> Roughly what percent of the time is there such an unpatched exploit in the
> wild, so that the machine can be hacked by someone keeping up with the
> exploits?
While I did reply elsewhere in the thread, I want to address this sp
On Thursday, December 29, 2011 12:33:41 PM Ljubomir Ljubojevic wrote:
> If you use denyhosts or fail2ban, attacker needs 10,000 attack PC's that
> never attacked any denyhosts or fail2ban server in recent time.
That would be a very small botnet.
And with gamers out there with CUDA-capable GPU's
On Friday, December 30, 2011 10:24:15 AM Johnny Hughes wrote:
> Agree with this. At the very least, some kind of image (dd) of the
> original disk for further study even if you have to get the machine back
> on line and you don't have a failover machine.
Speaking of dd, ddrescue in my experience
On Friday, December 30, 2011 11:19:46 AM Marko Vojinovic wrote:
> You are basically saying that, given enough resources, you can precalculate
> all hashes for all possible passwords in advance.
> Can the same be said for keys? Given enough resources, you could precalculate
> all possible public/
On Tuesday, January 03, 2012 03:24:34 PM Bennett Haselton wrote:
> That there are 10^21 possible random 12-character alphanumeric passwords
> -- making it secure against brute-forcing -- is a fact, not an opinion.
> To date, *nobody* on this thread has ever responded when I said that
> there ar
On Sunday, January 01, 2012 06:27:32 PM Bennett Haselton wrote:
> (I have already practically worn out my keyboard explaining the math behind
> why I think a 12-character alphanumeric password is secure enough :) )
Also see:
https://lwn.net/Articles/369703/
___
On Tuesday, January 03, 2012 06:12:10 PM Bennett Haselton wrote:
> I'm not sure what their logic is for recommending 80. But 72 bits
> already means that any attack is so improbable that you'd *literally*
> have to be more worried about the sun going supernova.
I'd be more worried about Eta Car
[Distilling to the core matter; everything else is peripheral.]
On Jan 4, 2012, at 2:58 PM, Bennett Haselton wrote:
To be absolutely clear: Do you, personally, believe there is more
than a
1 in a million chance that the attacker who got into my machine, got
it
by brute-forcing the password?
On Wednesday, January 04, 2012 08:47:47 PM Bennett Haselton wrote:
> Well yes, on average, password-authentication is going to be worse
> because it includes people in the sample who are using passwords like
> "Patricia". Did they compare the break-in rate for systems with 12-char
> passwords v
On Thursday, January 05, 2012 02:25:50 PM Ljubomir Ljubojevic wrote:
> What is sentiment about having dedicated box with only ssh, and then use
> that one to raise ssh tunnels to inside systems? So there is no exploits
> to be used, denyhosts in affect?
Without being too specific, I already do t
On Jan 5, 2012, at 11:13 PM, email builder wrote:
I don't mean to thread-hijack, but I'm curious, if apache runs as its
own non-root user and /etc/shadow is root-owned and 0400, then
how could any exploit of software not running as root ever have
access to that file??
To listen on the default
On Saturday, January 07, 2012 11:15:35 AM Bennett Haselton wrote:
> Hence the idea for having SELinux send messages to the terminal saying
> "SELinux blocked such-and-such". There's probably some better way.
Huh?
CentOS has done this by default since CentOS 4. At least I see
SELinux-generated
On Monday, January 09, 2012 02:03:23 PM John R Pierce wrote:
> Is there another tool I can use for GPT partitions over 2TB ?
Hmm, I have an EL6.2 installation (i386) with four mounted volumes over 2TB;
IIRC parted was used to make them. I don't recall doing anything special to
get the partition
On Tuesday, January 10, 2012 04:38:27 PM Les Mikesell wrote:
> But the hardest part is that these things are application specific and
> there is no standardization for locations where applications do
> things. In fact, distributions intentionally move those locations
> around in their packaging.
On Wednesday, January 11, 2012 10:47:44 AM m.r...@5-cent.us wrote:
> I'll have to disagree, Lamar. There *are* large distros: RH & its
> derivatives, SuSE, and Debian & its derivatives (i.e., Ubuntu), and though
> there are kit distros (fedora?), they're more like the Big Three
> automakers of the
On Wednesday, January 11, 2012 12:06:31 PM Les Mikesell wrote:
> I was thinking more of Ford getting people to forget about the Pinto -
> which I think they have done fairly successfully although it may just
> have to do with aging memory. Let's see, that was around 1980.
> Maybe I'll try Fedora a
201 - 300 of 949 matches
Mail list logo
