Greetings, everybody
I've browsed around a bit, but there seems to be no single practical
list of this kind.
What would you do to make a new Centos server which must run apache,
IMAP (Dovecot) and SMTP (PostFix) and nothing else for a few domains
as secure from attacks as possible, using only sta
On Fri, Jul 20, 2007 15:12:34 PM -0600, Stephen John Smoogen
([EMAIL PROTECTED]) wrote:
> My first point is going over the long list
> http://iase.disa.mil/stigs/stig/unix-stig-v5r1.pdf and figuring out
> what meets the local environment.
> >- set up only ssh2 on a non standard port
>
> Depending
On Sat, Jul 21, 2007 10:33:14 AM +0200, Ralph Angenendt
([EMAIL PROTECTED]) wrote:
> > - set up itables (what would the safest iptables script to do all and
> > only the services listed above?
>
> Depends on from where you want to connect to your imap server. From
> everywhere?
yes. More exact
On Sat, Jul 21, 2007 12:19:23 PM -0500, Johnny Hughes
([EMAIL PROTECTED]) wrote:
> >> Don't turn off SELinux.
> >
> > Hmmm... I had also forgotten this side of the package. I will be
> > running on a rented VPS, can SELinux be used in such contexts?
> >
> > Also, frankly I am not up to date on t
On Sun, Jul 22, 2007 23:45:38 PM -0600, Stephen John Smoogen
([EMAIL PROTECTED]) wrote:
> >> >- set up only ssh2 on a non standard port
> >
> >I agree, but I have noticed in the past, and read in several places,
> >that it's not security through obscurity: its main usefulness would
> >not as much
On Fri, Jul 27, 2007 09:42:17 AM +0200, io ([EMAIL PROTECTED]) wrote:
> Before launching rpm or yum, however, I'd like to ask the list which
> way you think is the best way to do this. By "best" I mean the way
> which:
>
> * has no known issues, gotchas, extra configuration tricks...
> * has as l
Greetings,
I would like to install Postfix 2.3 or 2.4 (I need support for SASL
authentication via Dovecot) on a Centos 4.4 server.
I have already found rpm packages at
http://postfix.wl0.org/en/available-packages/ and pages about using
the centosplus repo for postfix.
Before launching rpm or yum
On Fri, Jul 27, 2007 16:52:20 PM +0700, beast ([EMAIL PROTECTED])
wrote:
> If this is a dedicated mailserver, i prefer installing postfix from
> source.
I don't, I explicitly mentioned I want to maintain the server via yum/rpm
without installing compilers and what not. Thanks anyway,
Marco
--
Hello,
while doing some maintenance on a Centos 4.4 box, I ran rpm -qa --last
and got:
error: rpmdb: damaged header #91 retrieved -- skipping.
...lots of lines identical to the one above and finally:
the_last_package_I_installed_yesterday.rpm
all the other rpms in reverse installation order
I'v
On Sat, Oct 06, 2007 04:24:35 AM -0700, Akemi Yagi ([EMAIL PROTECTED]) wrote:
> On 10/6/07, Steven Haigh <[EMAIL PROTECTED]> wrote:
>
> > 2) rpm --rebuilddb will do what you need.
>
> Run this command with lots of caution. Take a look at this page:
>
> http://www.oldrpm.org/hintskinks/repairdb
On Fri, Jun 15, 2007 06:32:42 AM -0700, Paul Heinlein
> You don't need a CA to create a single self-signed certificate.
I see. Actually, this is just one of those things that is not clear at
all from the online docs I found.
> >1) cd /usr/share/ssl
> >2) modify openssl.cnf to have your Common Na
On Fri, Jun 15, 2007 15:21:31 PM -0500, Jay Leafey
([EMAIL PROTECTED]) wrote:
> I have a strong aversion to re-inventing the wheel,
Me too, unless when it's a hidden wheel. Fact is, this is the *first*
time I hear mention of this approach. See my original comments about
SSL being one of the worst
On Fri, Jun 15, 2007 17:14:55 PM -0700, Karl R. Balsmeier
([EMAIL PROTECTED]) wrote:
># *openssl genrsa -out /etc/ssl/private/server.key 1024*
>
># *openssl req -new -key /etc/ssl/private/server.key -out
>/etc/ssl/private/server.csr*
>
># *openssl x509 -req -days 365 -in /etc/ss
On Tue, Jun 10, 2008 15:03:50 PM +1000, Harry Sukumar wrote:
> I am trying to help (voluntary service) a country side school
> (Aboriginal community) in Northern Queensland Australia
Harry,
does/will this school have a website, or at least one web page
somewhere, where it presents itself and men
On Wed, Sep 28, 2011 16:06:23 PM +1000, Christopher Hawker wrote:
> When you login to your vps, are you authenticating the connection via
> password or certificate?
password
thanks,
Marco
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org
sorry for the vague subject, but I couldn't find a better one.
I have the website http://digifreedom.net running on a Centos 4 VPS
with Apache and Drupal 6.10 . This is a multisite Drupal setup: only
one installation, with subdirectories in sites/, and a separate mysql
database for each website. F
On Sat, May 16, 2009 19:32:46 PM -0400, Stephen Harris wrote:
>
> The owner needs to pay their bill.
I *had* paid it yesterday morning or Thursday morning, and also got
from the ISP the confirmation that the payment was OK...
Marco
___
CentOS mailing
On Sun, May 17, 2009 00:36:00 AM +0200, Marco Fioretti wrote:
> I have the website http://digifreedom.net running on a Centos 4 VPS
> with Apache and Drupal 6.10... Everything worked perfectly for
> months, if not years... what happens now is that, if I type
> http://digifreedom.net/node/82 the br
On Thu, Jun 11, 2009 07:42:28 AM -0400, David McGuffey wrote:
> So...what is the appropriate way to respond when one is receiving
> the digest version?
It probably is to automatically split the digest into the original,
separate message as soon as it arrives, using procmail or
formail. Search for
Hi,
there is a remote (VPS) Centos 4.2 server which *may* have been
compromised. Reinstalling everything from scratch isn't a problem, it
may even be an occasion to improve a few things, the question is
another.
There are backups of necessary shell script, ASCII configuration files
and more or le
On Thu, Sep 04, 2008 01:15:41 AM -0500, Mike McCarty wrote:
> M. Fioretti wrote:
>> Hi,
>>
>> there is a remote (VPS) Centos 4.2 server which *may* have been
>> compromised. Reinstalling everything from scratch isn't a problem, it
>> may even be an occasion to
On Tue, Sep 16, 2008 14:23:30 PM -0500, Mike McCarty wrote:
> Scott Silva wrote:
>>
>>>
>>> Thanks (even if late!) for the suggestions, I've applied them.
>>>
>> A reply in 3 days is late? That is good for a lot of lists.
>> Your thank you almost 2 weeks later is what is late.
>
> I think that's wh
On Tue, Dec 18, 2012 23:51:38 PM -0500, Digimer wrote:
> I used it for many years, but switched to RoundCube as SM seems to
> not be growing much anymore. Been happy with RC so far.
I too use Squirrelmail, but found myself thinking more and more
frequently in the last months to find an alternativ
On Fri, Jan 11, 2013 12:29:48 PM -0500, ken wrote:
> Considering using rsync on a couple systems for backup, I was
> wondering if it's possible, and if so how difficult is it...
sorry to step in so late, but I have another question on this very topic.
I have noticed that if I just _change_ the n
On Fri, Jan 18, 2013 08:07:40 AM -0500, SilverTip257 wrote:
> Yes, that's the way it works. If you change a directory name, rsync
> has no way of knowing that you moved it.
I was almost sure that this was the case, but it didn't hurt to ask
for confirmation. Thanks to you, Reindl and all the oth
On Sat, Jan 19, 2013 20:29:02 PM +0100, Nicolas Thierry-Mieg wrote:
> I don't recall whether the OP expressed whether that was the case or
> not, though I think he mentioned wanting to backup family pictures,
> so it might very well be to a usb HD.
I am the OP. I explicitly made the example of on
On Sat, Oct 05, 2013 10:43:34 AM -0600, Frank Cox wrote:
> What is the best way to approach this?
the one you already mentioned:
> set up fetchmail (or something) to do the pop downloads of incoming
> mail, and have some kind of a local imap server running though which
> I access the actual mail
On Fri, March 30, 2012 5:26 am, Nataraj wrote:
> So for example if I assign an email address for incoming mail from a
> mailing list and then setup a whitelist entry that only allows that
> address to receive email from the mailservers that serve that mailing
> list and then blacklist all other i
On Thu, September 6, 2012 7:14 pm, Marco Fioretti wrote:
> Greetings,
> I run my own email server for some domains I administer, on a centos
> vps server with a very small number of users.
>
> The only services are smtp, imap/pop, webmail
>
> Everything was running without problems until this morn
Greetings,
I have accounts on two Centos servers, A and B, each hosted on a remote
VPS by a different provider/datacenter.
Until yesterday night, I could connect without problems via SSH to both
servers from my home Fedora 16 desktop.
Yesterday I completed (fingers crossed) the switch to a diffe
On Fri, September 14, 2012 5:32 pm, Scott Silva wrote:
> Could the server A have a firewall that had allow ranges for your
> original ip range? Or denyhosts... something like that
No, there are no such settings.
Answering to other questions:
> have you checked with your ADSL provider, to
> see
On Fri, September 14, 2012 9:06 pm, Karl Vogel wrote:
>>> On Fri, 14 Sep 2012 17:09:46 +0200 (CEST),
>>> "M. Fioretti" said:
>
> M> Yesterday I completed (fingers crossed) the switch to a different ADSL
> M> provider. From the moment I turned on th
On Fri, September 14, 2012 10:09 pm, m.r...@5-cent.us wrote:
>> I'll try that as the server is reachable again.
>
> It's now reachable?
No, it's not, sorry for the confusion. I meant to write "as soon as the
server is reachable again"
Marco
___
CentOS
On Fri, September 14, 2012 11:48 pm, Stephen Harris wrote:
> 1) What happens if you run "telnet yourhost 22".
this is what happens (with the proper IP of course):
> Trying 1.2.3.4...
> Connected to yourhost (1.2.3.4)
> Escape character is '^]'.
> Connection closed by foreign
On Sat, September 15, 2012 12:10 am, Ken Smith wrote:
> Stephen Harris wrote:
>> On Fri, Sep 14, 2012 at 10:21:29PM +0200, M. Fioretti wrote:
>>
>>> No, it's not, sorry for the confusion. I meant to write "as soon as the
>>> server is reachable agai
On Sat, September 15, 2012 4:00 am, Paul Tader wrote:
> Can you post the (sanitized ) output from "ssh -vv my mybadhost.com" ?
Such output is exactly the same I get with only one "v" and already posted
in an earlier reply this morning
Thanks,
Marco
__
On Sat, September 15, 2012 7:44 am, Ken Smith wrote:
> Which suggests that there is something about A you need to know more
> about. As said earlier what happens if you run
>
> telnet ip-of-a whatever-port-ssh-is -on--normally-22
I had already answered to this:
http://lists.centos.org/piperma
37 matches
Mail list logo
