Russell Coker said:
> Also it makes it slightly more difficult for good filters to catch the
> spam,
> but at the cost of making the spam less effective.
>
> Guys who will get their credit card out when reading a clear message
> offering
> to double their penis size probably won't do so if the pen
I am exposing another machine as http mirror, and am trying to secure it.
Done with iptables.
configured portsentry to auto-block portscans.
How to block TRACE in apache?
I believe you do it with rewriting rule like such, but does not work.
#security changes
RewriteCond %{REQUEST_METHOD} ^TRACE
R
I accidentally posted this with the last message i was replying to...
so reposting..., I apologize for the mistake.
Lucas Albers said:
> I am exposing another machine as http mirror, and am trying to secure it.
> Done with iptables.
> configured portsentry to auto-block portscans.
&
Matt Wehland said:
> So you just install a stable system, keep up with the security updates,
> build
> your own local repository (plenty of ways to do this) and build the few
> packages that you need newer versions of.
> This is what I am doing (just got apt-proxy working and it's great).
> This g
I created directions on converting a system to run its rood on software
raid. This doc will be included in the next mdadm software raid tools
release.
This can be done completelly remotelly with no loss of data.
(assuming you have an extra disk just sitting in a remote computer.)
I thought I would
Robert Waldner said:
> Another advantage is that there's no "integrated" admin-tool which
> will destroy your precious hand-crafted config files, no "yast" or
> "suseconfig" or somesuch. The downside to that is that you have to
> know how to use an editor, of course, and there's mostly no "setu
Rod Rodolico said:
> Becoming a firm believer that you CAN have it all, stability and the
> latest packages :)
>
> There are other places to get backports, BTW. This one works for me.
>
Rod,
Yes I agree with your statements.
Thanks for the link I'll use it on one of my systems...
But you don't e
I'm no expert.
I run chkrootkit on a regular basis.
Run a virus scanner it will find some exploits.
Hacafee found a few rootkits and known kernel exploits.
I use mcafee for linux.
Analyze history files for certain keywords.
The best way would be to analyze command frequency in history files and
loo
I am working on setting up a backup mx mailer for domain.
It will be our first debian system we will be using for a main production
system.
I have read through the documentation, and it appears I have everything
configured correctly.
I am planning to set it up as a relay for an exchange server and
I use systemimager for complete image backups of machines.
You can upgrade a system completelly remotely.
Has deb files.
And configure it so the network address is set for each machine.
I use it for 140 linux desktops.
I also use it for my servers, my primary webserver went down...so I
grabbed a ne
Dan MacNeil said:
>
> anomy sanitizer works well with postfix, but as far as I can tell, it
> can't be configured to drop messages instead of defanging them.
>
> I plan to configure sanitizer to add a tag to bad messages and then use
> procmail to quarantine messages with that tag. Is there better
Angus D Madden said:
> Assuming you have a working cpan cofniguration, you can use dh-make-perl.
>
> dh-make-perl --cpan module
>
> I have used this before and it just worked. ymmv.
I use mimedefang testing, spamaassassing unstable, and kernel 2.4.23, on
my production external mx server.
Everyt
Just recently I had my mail server swamped by a single virus machine that
kept resending a virus message, ignoring my 5xx rejection code.
Is it possbile to block this via an iptables smtp max connection throttle
code?
How do you handle this?
Via iptables?, or via qmail/postfix/exim/sendmail inter
I would deploy debian on more desktops, but the hardware detections is
just not up to par compared to fedora 1.
only 1 in 4 does it successfuly detects and configures x.
I would like to replace my 140 boxes of redhat with debian, but the
hardware detection configuration is just not as good.
Systemi
Ole-Christian S. Hagenes said:
> So you see, it shows every package that is going to be installed and it
> shows that the mysql-doc package is sugested to. You might want that one
I usually do a debootstrap chroot build environment, so apache users don't
have access to any of the build tools.
--
Stephen Gran said:
> relay). What I want to do is not accept mail unless it comes from one
> of a few IP's, or is authenticated. Say the domain is foo.com, and this
> servers hostname is mail.foo.com. It is not listed as an MX record, so
> no legitimate emails should ever arrive there, only spa
How else is it going to have permissions to backup everything on the system?
The port it locked to a particular backup server...
So only that ip address can connect to that port.
we use legato to backup:
suse 8x,redhat 6x,7x clients,windows nt2k,xpwin2k clients.
sgi
Works great!, we love it.
Have
you can turn if off with mod_rewrite so it does not show product type at all.
I couldn't get it to work, but you could do it
Fraser Campbell said:
>> the ServerSignature directive to switch it off.
> ServerSignature On
> ServerTokens Prod
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
wi
I recently received a hp proliant ml 330 which I installed redhat and then
debian linux on it.
I requires the megaide modules to see the raid disks correctly.
They can be compiled from source, from this location.(see below.)
I could not determine how to compile them statically into the kernel,
or
I got it work, but I was trying to make boot floppies so I could load the
drivers from the install cd, so I could install direct on it.
Could not find directions on this anywhere, or how to compile it
statically in the kernel.
Markus Oswald said:
> The Controller used in the ProLiant ML330 series
I really wish HP would get off their chairs and provide support for debian
installer for all their HP proliants.
HP to expand Debian Linux support (December 04, 2003)
http://www.infoworld.com/article/03/12/04/HNhpdebian_1.html
They haven't done anything to support debian.
They just need to make
Nathan Eric Norman said:
>> > This is true, but d-i doesn't support booting off the SmartArray
>> > because the cciss driver is a module. I already installed onto a
>> > DL360, but couldn't install a bootblock.
>>
>> Hu? I installed Woody (bf24) on a couple of DL380G3 without a hitch -
>> the cci
I've also had a lot of success using mimefang on our external mail server.
It's easy to configure for any of your mail filtering needs.
Bojens, Kai said:
> I don't have a solution for your particular problem but i am using
> the milter interface via MIMEdefang which provides a nice way to
> use it
I've been unable to find some good numbers to use with the bonnie
benchmark program.
What is a good mix of values to benchmark against?
I'm trying to benchmark some software raid configurations on a production
server.
Could someone please post a starting point for bonnie benchmark runs they
use to
Marek Bra¾ina said:
> http://www.tldp.org/HOWTO/Boot+Root+Raid+LILO.html
>
> I always do it acording to this howto and it works..
>
> Marek
I wrote this raid howto it might help.
http://rootraiddoc.alioth.debian.org
It has a section on lilo entries specific to raid.
I have not encountered your sp
> Install spamassassin 2.63 which had filtered last
> night around 480 SPAMS from 78 Mailinglists...
>
and then enable surbl, and set it to score at 6.0.
Then submit 1-10 spam's that slip by per day to spamcop.
I just enabled surbl on my external debian mail relay, and it is grabbing
around 30% mor
Rod Rodolico said:
> 2) spamassassin uses some processing power, so I am only running it
> against unknown senders
What is your mail volume?
You really need a serious amount of mail for SA to bog down.
As you all realized, mail volume is relative.
>From what I've seen you can handle 100-200K mess
Michelle Konzack said:
> I do not know about 'surbl' but which files are the same ?
>
> Why not renaming the binaries ?
>
> On the other side I had a very little program which check
> IP's with rbl but unfortunately I have lost it...
>
> I had a procmail recipe like for SA and it has marked the
>
Dirk Tamme said:
> The solution was to install mod_perl:
>
> cd /usr/local/src
> wget http://perl.apache.org/dist/mod.perl-1.0-current.tar.gz
> tar -xzf mod.perl-1.0-current.tar.gz
> cd /usr/local/src/mod_perl-1.29
> perl Makefile.PL NO_HTTPD=1
> make
> make install
Just install it from apt, via:
Dale E Martin said:
> Perhaps SA would be better implemented in something else, but like
> everyone
> else says, memory is cheap. Whatever makes the SA developers most
> effective is fine by me at this point.
As the other post mentioned, try SA+mimedefang if you need to run it on a
box with low
Would it break things to reject completelly non-english messages.
That is messages in which the body was completelly non english for the
debian-isp mailing list?
This SA rule: UNWANTED_LANGUAGE_BODY
I realize we have posters posting from all over the world, but they are
all posting in english. An
I currently have 2 compaq systems:
1 running rhel3
hp proliant ml350
and the other debian3.0r2.
proliant ml 330.
I have been unable to find a consistent listing of where I can get the
software to do, disk and various hardware monitoring on the system.
I am planning to purchase a rackmount,
DL360G3
I have been using snort-mysql with acidlab for intrusion monitoring of the
computers on my network.
It has been working great.
I've also been using bleedingsnort.org for some updated rule sets for
virus threats and similar.
I have been unable to configure the portscan detection to work correctly.
Thought I would share my squid configuration to allow caching of
windowsupdate/mcafee and similar for clients.
Needs ims config to work correctly.
Sure saves bandwidth, and vastly speeds up updates, for windows clients.
Not a transparent configuration.
http://www.mail-archive.com/[EMAIL PROTECTED]/
Giles Nunn said:
> Hi all,
>
> I tried the dd route to do exactly the same thing. I wanted to recreate
> a server or a variation of it quickly and easily. Eventually I gave up
> and used systemimager instead. It is quick and simple. It is based on
> rsync and it is in woody. I have it working usin
Are most people running php stable?
Or are you upgrading php to 4.38 from unstable?
I'm stuck running 4.3.4 because I needed better pear support, and am leery
of upgrading to 4.3.8 because stupidly enough it requires apache 1.3.31 as
part of the upgrade.
I was considering using the dotdeb backport
I have directions on grub and lilo config for software raid systems.
Switching to software raid from non-raid and setting lilo.conf and
grub.conf correctly.
This might help:
http://rootraiddoc.alioth.debian.org
--
--Luke CS Sysadmin, Montana State University-Bozeman
--
To UNSUBSCRIBE, email
I have a script that connects to all my machines and runs:
apt-get update.
If instead I run apt-get upgrade, it gives an error about:
Not being able to find the path, correctly.
dpkg: `ldconfig' not found on PATH.
dpkg: `start-stop-daemon' not found on PATH.
dpkg: `install-info' not found on PATH
Try this mailing list, it talks about HP+Linux stuff:
To unsubscribe, e-mail: [EMAIL PROTECTED] with the phrase
"unsubscribe
compaqandlinux" in the message body
For additional commands, e-mail: [EMAIL PROTECTED] with the
phrase "help
compaqandlinux" in the message body
For the archives : http://ww
Why not use vsftpd it's much more secure.
It scales much much better.
It's in stable.
I believe it can limit ftp login per user.
Which is the equivalent effect.
Shannon R. said:
> Is anyone using proftpd's RejectValidShell directive
> in a box running stable? That is, reject users with
> valid shel
Norbert Tretkowski said:
> * Ivan Adams wrote:
>> My quiestion is how I can avoid that kind of problems when on some
>> Debian I have that kind of apt scripts.
>
> Disable those kind of scripts, and use apt-cron to let you inform by
> mail when updates are available.
I'de also reccomend running ap
Arnt Karlsen said:
> ..play with this:
> #!/bin/sh
> /bin/cp -f /usr/share/grub/i386-pc/* /boot/grub
> /usr/sbin/grub --batch < /dev/null 2> /dev/null
> # device (hd0) /dev/hda
> # device (hd1) /dev/hdc
> device (md0) /dev/md0
> root (md0,0)
> # setup (hd0) #installs onto /dev/hda
> # setup (hd2)
I am trying to resolve an error message I am seeing on some mail passing
through my external mail server, running mimedefang 2.39 and sendmail
8.12.3 to our internal mail server.
Users are seeing the following message in their mailbox:
"<<< no Message Collected >>>"
It appears via the changelog f
Christian Hammers said:
> Hello
>
> On 2004-09-17 Wieslaw wrote:
>> I seek patch which makes possible making the virtual ervers.
Debian supports this nativelly.
Search the debian archives.
apt-cache search vserver.
then subscribe to the vserver mailing list.
I've been using the debian vserver prod
Donovan Baarda said:
> See the util-vserver, kernel-patch-ctx, and vserver-debiantools packages
> for details. I'm not sure how up-to-date the debs are though...
About a 2% performance slowdown versus a non vserver.
Worth the performance slowdown, imo.
The debs are maintained pretty well, the bu
Christian Storch said:
>> So I would assume storing the greylist-triple it's neccessary (->1) for
> greylistd which is part of "the mail server". You need to collect the
> greylist tripels only until the mail has been received for the second
> and final time.
> After the first message would be acc
Russell Coker said:
> Also it makes it slightly more difficult for good filters to catch the
> spam,
> but at the cost of making the spam less effective.
>
> Guys who will get their credit card out when reading a clear message
> offering
> to double their penis size probably won't do so if the pen
I am exposing another machine as http mirror, and am trying to secure it.
Done with iptables.
configured portsentry to auto-block portscans.
How to block TRACE in apache?
I believe you do it with rewriting rule like such, but does not work.
#security changes
RewriteCond %{REQUEST_METHOD} ^TRACE
R
I accidentally posted this with the last message i was replying to...
so reposting..., I apologize for the mistake.
Lucas Albers said:
> I am exposing another machine as http mirror, and am trying to secure it.
> Done with iptables.
> configured portsentry to auto-block portscans.
&
Matt Wehland said:
> So you just install a stable system, keep up with the security updates,
> build
> your own local repository (plenty of ways to do this) and build the few
> packages that you need newer versions of.
> This is what I am doing (just got apt-proxy working and it's great).
> This g
I created directions on converting a system to run its rood on software
raid. This doc will be included in the next mdadm software raid tools
release.
This can be done completelly remotelly with no loss of data.
(assuming you have an extra disk just sitting in a remote computer.)
I thought I would
Robert Waldner said:
> Another advantage is that there's no "integrated" admin-tool which
> will destroy your precious hand-crafted config files, no "yast" or
> "suseconfig" or somesuch. The downside to that is that you have to
> know how to use an editor, of course, and there's mostly no "setu
Rod Rodolico said:
> Becoming a firm believer that you CAN have it all, stability and the
> latest packages :)
>
> There are other places to get backports, BTW. This one works for me.
>
Rod,
Yes I agree with your statements.
Thanks for the link I'll use it on one of my systems...
But you don't e
I'm no expert.
I run chkrootkit on a regular basis.
Run a virus scanner it will find some exploits.
Hacafee found a few rootkits and known kernel exploits.
I use mcafee for linux.
Analyze history files for certain keywords.
The best way would be to analyze command frequency in history files and
loo
I am working on setting up a backup mx mailer for domain.
It will be our first debian system we will be using for a main production
system.
I have read through the documentation, and it appears I have everything
configured correctly.
I am planning to set it up as a relay for an exchange server and
I use systemimager for complete image backups of machines.
You can upgrade a system completelly remotely.
Has deb files.
And configure it so the network address is set for each machine.
I use it for 140 linux desktops.
I also use it for my servers, my primary webserver went down...so I
grabbed a ne
Dan MacNeil said:
>
> anomy sanitizer works well with postfix, but as far as I can tell, it
> can't be configured to drop messages instead of defanging them.
>
> I plan to configure sanitizer to add a tag to bad messages and then use
> procmail to quarantine messages with that tag. Is there better
Angus D Madden said:
> Assuming you have a working cpan cofniguration, you can use dh-make-perl.
>
> dh-make-perl --cpan module
>
> I have used this before and it just worked. ymmv.
I use mimedefang testing, spamaassassing unstable, and kernel 2.4.23, on
my production external mx server.
Everyt
Just recently I had my mail server swamped by a single virus machine that
kept resending a virus message, ignoring my 5xx rejection code.
Is it possbile to block this via an iptables smtp max connection throttle
code?
How do you handle this?
Via iptables?, or via qmail/postfix/exim/sendmail inter
Ole-Christian S. Hagenes said:
> So you see, it shows every package that is going to be installed and it
> shows that the mysql-doc package is sugested to. You might want that one
I usually do a debootstrap chroot build environment, so apache users don't
have access to any of the build tools.
--
Stephen Gran said:
> relay). What I want to do is not accept mail unless it comes from one
> of a few IP's, or is authenticated. Say the domain is foo.com, and this
> servers hostname is mail.foo.com. It is not listed as an MX record, so
> no legitimate emails should ever arrive there, only spa
How else is it going to have permissions to backup everything on the system?
The port it locked to a particular backup server...
So only that ip address can connect to that port.
we use legato to backup:
suse 8x,redhat 6x,7x clients,windows nt2k,xpwin2k clients.
sgi
Works great!, we love it.
Have
you can turn if off with mod_rewrite so it does not show product type at all.
I couldn't get it to work, but you could do it
Fraser Campbell said:
>> the ServerSignature directive to switch it off.
> ServerSignature On
> ServerTokens Prod
I recently received a hp proliant ml 330 which I installed redhat and then
debian linux on it.
I requires the megaide modules to see the raid disks correctly.
They can be compiled from source, from this location.(see below.)
I could not determine how to compile them statically into the kernel,
or
I got it work, but I was trying to make boot floppies so I could load the
drivers from the install cd, so I could install direct on it.
Could not find directions on this anywhere, or how to compile it
statically in the kernel.
Markus Oswald said:
> The Controller used in the ProLiant ML330 series
I really wish HP would get off their chairs and provide support for debian
installer for all their HP proliants.
HP to expand Debian Linux support (December 04, 2003)
http://www.infoworld.com/article/03/12/04/HNhpdebian_1.html
They haven't done anything to support debian.
They just need to make
Nathan Eric Norman said:
>> > This is true, but d-i doesn't support booting off the SmartArray
>> > because the cciss driver is a module. I already installed onto a
>> > DL360, but couldn't install a bootblock.
>>
>> Hu? I installed Woody (bf24) on a couple of DL380G3 without a hitch -
>> the cci
I've also had a lot of success using mimefang on our external mail server
I've been unable to find some good numbers to use with the bonnie
benchmark program.
What is a good mix of values to benchmark against?
I'm trying to benchmark some software raid configurations on a production
server.
Could someone please post a starting point for bonnie benchmark runs they
use to
Marek Bra¾ina said:
> http://www.tldp.org/HOWTO/Boot+Root+Raid+LILO.html
>
> I always do it acording to this howto and it works..
>
> Marek
I wrote this raid howto it might help.
http://rootraiddoc.alioth.debian.org
It has a section on lilo entries specific to raid.
I have not encountered your sp
> Install spamassassin 2.63 which had filtered last
> night around 480 SPAMS from 78 Mailinglists...
>
and then enable surbl, and set it to score at 6.0.
Then submit 1-10 spam's that slip by per day to spamcop.
I just enabled surbl on my external debian mail relay, and it is grabbing
around 30% mor
Rod Rodolico said:
> 2) spamassassin uses some processing power, so I am only running it
> against unknown senders
What is your mail volume?
You really need a serious amount of mail for SA to bog down.
As you all realized, mail volume is relative.
>From what I've seen you can handle 100-200K mess
Michelle Konzack said:
> I do not know about 'surbl' but which files are the same ?
>
> Why not renaming the binaries ?
>
> On the other side I had a very little program which check
> IP's with rbl but unfortunately I have lost it...
>
> I had a procmail recipe like for SA and it has marked the
>
Dirk Tamme said:
> The solution was to install mod_perl:
>
> cd /usr/local/src
> wget http://perl.apache.org/dist/mod.perl-1.0-current.tar.gz
> tar -xzf mod.perl-1.0-current.tar.gz
> cd /usr/local/src/mod_perl-1.29
> perl Makefile.PL NO_HTTPD=1
> make
> make install
Just install it from apt, via:
Dale E Martin said:
> Perhaps SA would be better implemented in something else, but like
> everyone
> else says, memory is cheap. Whatever makes the SA developers most
> effective is fine by me at this point.
As the other post mentioned, try SA+mimedefang if you need to run it on a
box with low
Would it break things to reject completelly non-english messages.
That is messages in which the body was completelly non english for the
debian-isp mailing list?
This SA rule: UNWANTED_LANGUAGE_BODY
I realize we have posters posting from all over the world, but they are
all posting in english. An
I currently have 2 compaq systems:
1 running rhel3
hp proliant ml350
and the other debian3.0r2.
proliant ml 330.
I have been unable to find a consistent listing of where I can get the
software to do, disk and various hardware monitoring on the system.
I am planning to purchase a rackmount,
DL360G3
I have been using snort-mysql with acidlab for intrusion monitoring of the
computers on my network.
It has been working great.
I've also been using bleedingsnort.org for some updated rule sets for
virus threats and similar.
I have been unable to configure the portscan detection to work correctly.
Thought I would share my squid configuration to allow caching of
windowsupdate/mcafee and similar for clients.
Needs ims config to work correctly.
Sure saves bandwidth, and vastly speeds up updates, for windows clients.
Not a transparent configuration.
http://www.mail-archive.com/debian-user@lists.
Francesco P. Lovergine said:
> I run apache using dchroot to avoid the most common problems.
> Breaking a chroot is possible, but not so easy and it's more
> difficult within dchroot which _should_ drops privileges properly AFAIK
80 matches
Mail list logo
