[BlueOnyx:20938] Re: Mysql issues

[Richard Barker]

Now II am getting this error as I had to rebot yet again today
Stopping container ...
Container was stopped
vzquota : (error) Quota off syscall for id 104: Device or resource busy
vzquota : (error)   Possible reasons:
vzquota : (error)   - Container's root is not unmounted
vzquota : (error)   - there are opened files inside container's 
root/private area
vzquota : (error)   - your current working directory is inside a 
container directory

vzquota : (error) root/private area
vzquota : (error)   Currently used file(s):
/vz/private/104/var/log/mariadb/mariadb.log
vzquota off failed [3]

--

/*Richard C. Barker Sr.
CEO & President
1-813-873-8942
ProBass Networks Inc. */
www.probassnetworks.net 
www.probass.net 
***
DISCLAIMER : -
This e-mail is confidential and intended only for the use
of the individual or entity named above and may contain
information that is privileged. If you are not the intended
recipient, you are notified that any dissemination, distribution
or copying of this e-mail is strictly prohibited. If you have
received this email in error, please notify us immediately
by return email or telephone and destroy the original message.

___
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

[BlueOnyx:20939] WPScan conflicts?

[Michael Aronoff]

I have been looking at installing WPScan (https://wpscan.org/) on a server
in order to automate scanning of local WordPress sites with cron jobs.
However WPScan needs some stuff installed so I thought I would check before
doing so on a 5209R

 

Here is what will need to be installed according to their directions
(https://blog.sucuri.net/2015/10/install-wpscan-wordpress-vulnerability-scan
.html):

git

gcc

ruby-devel

libxml2

libxml2-devel

libxslt

libxslt-devel

libcurl-devel

patch

 

Will any of this conflict with BlueOnyx packages? Anyone else install WPScan
and have anything I should know?

 

Thanks,

 

__
M Aronoff Out

 

___
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

[BlueOnyx:20940] Re: WPScan conflicts?

[Michael Stauber]

Hi Michael,

> Will any of this conflict with BlueOnyx packages?

If all that is from the standard CentOS repositories then it should be fine.

-- 
With best regards

Michael Stauber
___
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

[BlueOnyx:20941] WOW New software in my All bundle package

[Richard Barker]

Did anyone else see the OpenVPN package looking at some of the cool things.
Nice Package Michael &  Greg

Thanks RC


--

/*Richard C. Barker Sr.
CEO & President
1-813-873-8942
ProBass Networks Inc. */
www.probassnetworks.net 
www.probass.net 
***
DISCLAIMER : -
This e-mail is confidential and intended only for the use
of the individual or entity named above and may contain
information that is privileged. If you are not the intended
recipient, you are notified that any dissemination, distribution
or copying of this e-mail is strictly prohibited. If you have
received this email in error, please notify us immediately
by return email or telephone and destroy the original message.

___
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

[BlueOnyx:20942] Re: OpenSSH and PCI on 5208R

[Greg Kuhnert]

Even better, the new OpenVPN package availability is quite timely. I have not 
yet tried this, but it should be possible to use the new OpenVPN package, and 
lock down SSH from all sources except for the OpenVPN source IP’s… Possibly 
even going further and locking down 81, 444, ftp, and a few more. That should 
make it easier to pass a network based PCI scan. Port is not open = pass :)

GK

> On 21 Apr 2017, at 3:04 am, Michael Stauber  wrote:
> 
> Hi Jim,
> 
>> Going out on a limb, is there a remote chance of getting openssh 7.4 on
>> this server that is still running 5208R, or would the only way to get to
>> that version be doing a full update to 5209R? I'm trying to avoid that.
> 
> Like Chris said: I'd rather not provide updated OpenSSH packages. There
> is no compelling reason to do so. But once started, I would have to
> continue providing updated OpenSSH PKGs until the EOL of the OS I offer
> them for.
> 
> As it is right now neither security nor missing "must have" features
> give a compelling incentive for that.
> 
> As for CVE-2016-10012: It's indeed such a non-issue that I can
> understand that RedHat puts a fix for it on the back burner.
> CVE-2016-10012 is only exploitable if the box is already hacked beyond
> rescue and then why would someone bother with hacking OpenSSH from the
> inside if he's already in?
> 
> Therefore the best advice would indeed be: Lock SSH down so that it's
> unreachable for IP's other than the ones you're using to connect to the
> box. Or turn it off and enable it via the GUI whenever you need it.
> 
> If you have APF installed you can easily do it this way:
> 
> In the list of open ports remove the SSH port from the list. It's
> usually port 22 unless you changed it. Then via the GUI add this line to
> the Allow Hosts rules:
> 
> tcp:in:d=22:s=
> 
> That will then allow TCP access to port 22 from  and for
> anyone else SSH will appear to be closed.
> 
> -- 
> With best regards
> 
> Michael Stauber
> ___
> Blueonyx mailing list
> Blueonyx@mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx


___
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx