Hello Christoph!
Do not use testing or unstable on machines exposed to the public.
There is no security support for them:
http://www.debian.org/security/faq#testing
Hmmm .. is this information accurate?
apt-setup gives me:
deb http://security.debian.org/ testing/updates main contrib non-free
Is thi
zd in sarge, or?
Any better ideas to solve the problem?
rgds,
j.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
tpd/auth/../conf/PureDB: "yes": No such file
??
ANdrew
--
+++
Andrew Mancey
Sys Admin, Network/info specialist Phone (592) 227-5989,227-6198
Sustainable Development Networking Programme (Guyana)
http://www.sdnp.org.gy
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +
Hello All!
I wondering is someone knows how to add an X-Envelope-To header to all
incoming e-mails which reveal the "real" username even when working with
virtuals.
I tried several apoaches like:
---
# cat /etc/procmailrc
ENV_TO=$1
:0f
* ENV_TO ?? .
| formail -i "X-Envelope-To: $ENV_TO"
:0fE
| f
; if the switches and servers are
distributed to 2 rooms)
Both Servers have one NIC per "network X".
If you change to the new setup you will lose redundancy!
(if this is not the question you setup will be fine)
Rgds,
j.
Leonardo Boselli wrote:
Il 11 Sep 2004 alle 21:30 Andre
Replying to myself:
1.) tulip driver in 2.6 does work with VLAN
(test was: ping -s 1472 vs. ping -s 1468)
2.) I wrote about a framesize of a tagged frame with 1504 byte
I correct myself by quoting candelatech:
---
2 - 802.1q tagging adds an additional header field (4 Bytes) to the
ethernet heade
ch to terminate the vlan - there is a
confirmed bug in the cisco asic. Don't wonder why the error LEDs blink.
Mr. Sascha Pollok wrote a patch that add a padding to the frames so the
cisco gets more happy.
6.) To our experience the usage of VLAN does not cause siginifcant CPU
load
Russell Coker wrote:
On Tue, 10 Aug 2004 20:52, Dale E Martin <[EMAIL PROTECTED]> wrote:
I've noticed a fair number of attempted root logins on my various boxes
Same here. Also attempted logins to "test", "admin", and some other accounts.
^ ^ ^ ^ ^ ^ ^ ^^
Uh
find this most secure--no more worries about password cracks (I just have
to worry about the physical security of the USB key on my keychain).
Regards,
Mark
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
--
To UNSUBSCRIBE, email to
ny customers. Let's say classical broadcasting :)
Good Luck!
Andreas
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
On Fri, Jul 09, 2004 at 11:02:46AM +0200, Stefan Neufeind wrote:
Or you might want to try out the Helix Server (from
ny customers. Let's say classical broadcasting :)
Good Luck!
Andreas
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
On Fri, Jul 09, 2004 at 11:02:46AM +0200, Stefan Neufeind wrote:
Or you might want to try out the Helix Server (from
Best to use 2U machines with the maximum number of disks IMHO. A 2U machine
should be able to have 5 disks.
I say: 9 Disks without problems. e.g. pcicase
http://www.pcicase.de/catalog/produktweb/IPC-C2-X/IPC-C2D.htm
Best to use 2U machines with the maximum number of disks IMHO. A 2U machine
should be able to have 5 disks.
I say: 9 Disks without problems. e.g. pcicase
http://www.pcicase.de/catalog/produktweb/IPC-C2-X/IPC-C2D.htm
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe"
Hi!
1.) Set users shell to /bin/false and add it to /etc/shells.
This will prevent ssh access for users, but allows ftp etc.
But what you are asking for is that (I think)
2.) http://chrootssh.sourceforge.net/index.php
Chroot your ssh for non-admin users by
- patching ssh
- replacing Users homedir
Hi!
1.) Set users shell to /bin/false and add it to /etc/shells.
This will prevent ssh access for users, but allows ftp etc.
But what you are asking for is that (I think)
2.) http://chrootssh.sourceforge.net/index.php
Chroot your ssh for non-admin users by
- patching ssh
- replacing Users homedir
any chipset with NAPI support in today's kernels?
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
any chipset with NAPI support in today's kernels?
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
Hola!
(2) http://jodies.de/ipcalc
My answer to (2) in intl. language :-)
apt-get install sipcalc
Hola!
(2) http://jodies.de/ipcalc
My answer to (2) in intl. language :-)
apt-get install sipcalc
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ter the traffic between myself and the server
via a CIPE tunnel stopped working when the packets got tooo large)
- Or is there a bug in packet fragmentation in the linux kernel?
Regards
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
ter the traffic between myself and the server
via a CIPE tunnel stopped working when the packets got tooo large)
- Or is there a bug in packet fragmentation in the linux kernel?
Regards
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
--
To UNS
This may be interesting to all kind of ISPs.
Not really Debian realted, but IMO it's worth mentioning here.
FTC's opinion to DROA practices and refund decision!
http://www.ftc.gov/opa/2003/12/domainreg.htm
Rgds,
j.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 6
This may be interesting to all kind of ISPs.
Not really Debian realted, but IMO it's worth mentioning here.
FTC's opinion to DROA practices and refund decision!
http://www.ftc.gov/opa/2003/12/domainreg.htm
Rgds,
j.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 6
but not to me... is there any difference compared
to using iptables DNAT?
cheers
-- vbi
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
but not to me... is there any difference compared
to using iptables DNAT?
cheers
-- vbi
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
it won't be,
> given the dns caching problem mentioned above. Is there a way to have
> that 1 dns server act as a proxy or port forwarder in some way? Can that
> be done between two different class A networks?
As above, as long as both new and old servers are serving the same (ne
it won't be,
> given the dns caching problem mentioned above. Is there a way to have
> that 1 dns server act as a proxy or port forwarder in some way? Can that
> be done between two different class A networks?
As above, as long as both new and old servers are serving the same (ne
own that safe_mode is not really safe.
You might want to restrict access with open_basedir .
The most secure solution is still to install php's cgi executable in an
suexec environment.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
own that safe_mode is not really safe.
You might want to restrict access with open_basedir .
The most secure solution is still to install php's cgi executable in an
suexec environment.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
r "LDAP using GSSAPI/SASL to Auth"? I
would be interested in it.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
r "LDAP using GSSAPI/SASL to Auth"? I
would be interested in it.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
6 => /lib/libc.so.6 (0x40296000)
libdl.so.2 => /lib/libdl.so.2 (0x403c9000)
libgdbm.so.3 => /usr/lib/libgdbm.so.3 (0x403cc000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000)
Any ideas about where I should go from here?
thanks,
Adam
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
6 => /lib/libc.so.6 (0x40296000)
libdl.so.2 => /lib/libdl.so.2 (0x403c9000)
libgdbm.so.3 => /usr/lib/libgdbm.so.3 (0x403cc000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000)
Any ideas about where I should go from here?
thanks,
Adam
--
Andreas John
net-lab
ften false positives, but this is no reason not look
for a trojan. read the perl code to see what it checks. it's quite
simple, it checks the existence of certain hidden directories, files or
processes. try to invstigate, why they exist on your machine.
rgds,
j.
--
Andreas John
net-lab GmbH
Lu
ften false positives, but this is no reason not look
for a trojan. read the perl code to see what it checks. it's quite
simple, it checks the existence of certain hidden directories, files or
processes. try to invstigate, why they exist on your machine.
rgds,
j.
--
Andreas John
net-lab GmbH
Lu
n
www.cshore.com
"A management team distracted by a series of short-term targets is as
pointless as a dieter stepping on a scale every half-hour," Larry Page, one
of Google's co-founders
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
n
www.cshore.com
"A management team distracted by a series of short-term targets is as
pointless as a dieter stepping on a scale every half-hour," Larry Page, one
of Google's co-founders
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-la
ore an for
some weired reason there is d #define in the kernel source of 2.2.series
that made it into Andrew's special 2.4.x.
Andrew: Did you upgrade the "256er"-boxen from 2.2? Did you use "make
oldconfig" or took you parts (patches) from the kernel before?
rgds,
A
ore an for
some weired reason there is d #define in the kernel source of 2.2.series
that made it into Andrew's special 2.4.x.
Andrew: Did you upgrade the "256er"-boxen from 2.2? Did you use "make
oldconfig" or took you parts (patches) from the kernel before?
rgds,
A
ymore :)
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
ymore :)
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
but in the end the config was just too much
and too complex.
Any suggestions are welcome.
Thanks
Craig
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
but in the end the config was just too much
and too complex.
Any suggestions are welcome.
Thanks
Craig
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe&quo
knows whether or not any advantage
to running raiserFS is swallowed by NFS?
RaiserFs is a realy fast filesystem for very much smal files
Greetings
Michelle
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
list knows whether or not any advantage
to running raiserFS is swallowed by NFS?
RaiserFs is a realy fast filesystem for very much smal files
Greetings
Michelle
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
--
To UNSUBSCRIBE, e
lly when it comes to mail. With Maildir you will have less
problems than with mbox,
but you still do NOT have atomic transactions, and as such you will at
some stage
statistically have a problem.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
cially when it comes to mail. With Maildir you will have less
problems than with mbox,
but you still do NOT have atomic transactions, and as such you will at
some stage
statistically have a problem.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://ww
nother practical approch is an USB Stick as installer:
http://d-i.pascal.at/
You may mount this an put modules to it's initrd easily. I could send
you an dump vom my about 4 weeks old d-i on stick.
Rgds,
j.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
ty,
XFS offers ACLs by default, alloffer journals, reiser4 ships with a
"database structure", for extX there are most recue utils out, for
laptops a journaling FS can cause power consumption, so ext2 may be cool
for them. Large file access may be better with FS A, databases may like
-)]
Another practical approch is an USB Stick as installer:
http://d-i.pascal.at/
You may mount this an put modules to it's initrd easily. I could send
you an dump vom my about 4 weeks old d-i on stick.
Rgds,
j.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700
ty,
XFS offers ACLs by default, alloffer journals, reiser4 ships with a
"database structure", for extX there are most recue utils out, for
laptops a journaling FS can cause power consumption, so ext2 may be cool
for them. Large file access may be better with FS A, databases may like
CRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact
[EMAIL PROTECTED]
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
CRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact
[EMAIL PROTECTED]
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ll mail comming
directly from an dialup ip, so I think it would be an accepted way to
try what Pulu wants to do.
Rgds,
j.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
ll mail comming
directly from an dialup ip, so I think it would be an accepted way to
try what Pulu wants to do.
Rgds,
j.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
Hello!
Before all this begins to get silly:
You are playing with amount of money which I would not concern as
pennyware. As from you mails before, it's clearly to recognize that you
haven an idea, but no concept nor the skills you need. You will need
probably consultants who help you to find a c
Hello!
Before all this begins to get silly:
You are playing with amount of money which I would not concern as
pennyware. As from you mails before, it's clearly to recognize that you
haven an idea, but no concept nor the skills you need. You will need
probably consultants who help you to find a
w, anyone ideas?)
I don't want to spread fear, so
1.) Boot superrescue, knoppix or so
2.) Run chkrootkit (deb package is mostly a little old)
3.) If you run chkrotokit on Debian, chkrootkit reports one false
positive! (AFAIR it was lkm rootkit, debian reports some ps processes
to much,
know, anyone ideas?)
I don't want to spread fear, so
1.) Boot superrescue, knoppix or so
2.) Run chkrootkit (deb package is mostly a little old)
3.) If you run chkrotokit on Debian, chkrootkit reports one false
positive! (AFAIR it was lkm rootkit, debian reports some ps processes
to much,
c/d you could also think about:
cat /etc/procmailrc
# Spamassassin
:0fw
| /usr/bin/spamc
I weant spam only to be filtered when delivered locally, i.e. I don't
want outgoing mail to be tagghed as spam, this sometimes happened.
Amavis alterntively has a "local domains" variable.
HTH.
rgds,
/d you could also think about:
cat /etc/procmailrc
# Spamassassin
:0fw
| /usr/bin/spamc
I weant spam only to be filtered when delivered locally, i.e. I don't
want outgoing mail to be tagghed as spam, this sometimes happened.
Amavis alterntively has a "local domains" variable.
HTH.
irror say stable .. testing
.. unstable i386 only?
OR
Are there utilities in Debian that will make it easy to maintain a mirror of
i386 Debian ?
Thanks!
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
mirror say stable .. testing .. unstable i386 only?
OR
Are there utilities in Debian that will make it easy to maintain a mirror of i386 Debian ?
Thanks!
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331
http://www.net-lab.net
--
To UNSUBSCRIBE, email to [EMAIL P
based solutions, i.e. RocketRAID (1520 two channel ... 1820 8
channel). My experience with Highpoint is gerenally better than with
Promise, but I ordered my first RR 1520 Controller 2 Days ago. It's not
here yet ;-)
Rgds,
j.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel
based solutions, i.e. RocketRAID (1520 two channel ... 1820 8
channel). My experience with Highpoint is gerenally better than with
Promise, but I ordered my first RR 1520 Controller 2 Days ago. It's not
here yet ;-)
Rgds,
j.
--
Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbac
65 matches
Mail list logo
