[CentOS] md5sum from nautilus
Hi, Is there any nautilus extension that allow us to do md5sum? It would be nice to be able to do that from nautilus. Thank you. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 4 X 500 gb drives - best software raid config for a backup server?
> > If I have to do hardware raid, I'll definitely spec in a backup > controller. Learnt this the hard way when my raid 5 controller died > years after I first got it and I could no longer find a replacement. > > For high budget projects, having the extra raid controller as > insurance isn't a big deal. But for most budget setup and cost > conscious clients, soft raid obviates that hardware dependency. You forgot flaky hardware. Boards that lose their configuration from time to time and what not...I heard stories about Mylex for example... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 4 X 500 gb drives - best software raid config for a backup server?
On Sun, Feb 22, 2009 at 7:05 PM, Ian Forde wrote: > RAID in software, whether RAID1 or RAID5/6, always has manual steps > involved in recovery. If one is using standardized hardware, such as HP > DL-x80 hardware or Dell x950 boxes, HW RAID obviates the need for a > "recovery procedure". It's just easier. You can still boot from a > single drive, since that's what the bootloader sees. There are no > vendor instructions or utilities needed for recovery. Nor is there a > backup controller needed. > If I have to do hardware raid, I'll definitely spec in a backup controller. Learnt this the hard way when my raid 5 controller died years after I first got it and I could no longer find a replacement. For high budget projects, having the extra raid controller as insurance isn't a big deal. But for most budget setup and cost conscious clients, soft raid obviates that hardware dependency. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] probem with bind???
"fabian dacunha" wrote: > Dear All, > > I am sorry for posting this query here but hope someone can help me out > i have been running Centos 5 as my prinamry DNS n Mail server with bind 9.2 > > every thing works fine but in my/var/messages log i see continuosly the > below meesages > > Feb 22 09:14:46 kmdns1 named[2087]: client 62.109.4.89#17222: query > (cache) './NS/IN' denied > Feb 22 09:14:46 kmdns1 named[2087]: client 62.109.4.89#26398: query > (cache) './NS/IN' denied > Feb 22 09:14:51 kmdns1 named[2087]: client 62.109.4.89#65326: query > (cache) './NS/IN' denied > Feb 22 09:14:52 kmdns1 named[2087]: client 62.109.4.89#59870: query > (cache) './NS/IN' denied > > now in my firewall i tryied to block this ip but the messages dont stop > > i also upgraded bind to version bind-9.3.4-6.0.3.P1.el5_2 but no avail > the problem still there > > > i jus like to know whts this problem and how could i solve it > > is there a problem with my DNS server > > thnks and regards > > apprecite your kind help > > > fabian > I run a very small, personal presence on the internet (only a single web site, e-mail, etc. plus DNS for my own stuff) so this might not work if you have lots of sites or there are legitimate reasons why the same source IP address would hit your DNS with multiple, valid queries in a very short period. Typically, once a source IP has queried a DNS, the result is cached for the time to live (TTL) of the resulting record and the query should not normally be repeated. Given this, I added the following rules to my firewall: ... # Block cache poisoning attacks # Drop repeated DNS requests -A RH-Firewall-1-INPUT -p udp -m udp -m recent -i eth0 --dport 53 --update \ --seconds 660 --hitcount 7 --name DNSTHROTTLE --rsource -j DROP -A RH-Firewall-1-INPUT -p udp -m udp -m recent -i eth0 --dport 53 -j ACCEPT \ --set --name DNSTHROTTLE --rsource ... Note that eth0 is my external NIC so these rules only fire for DNS requests that are not from my local network. I came up with seven queries in eleven minutes was a reasonable sign of a cache poisoning attack. Your mileage may very. These two rules replaced about 30 IPs in my blacklist and are completely automatic. The funny this that a lot of the brute force cache poisoning attempts just keep banging away so the source IP stays on the blacklist. Every once in a while I'll see a new IP address hit seven attempts and then the blacklist rule kicks in and they're never heard from again. Cheers, Dave -- Politics, n. Strife of interests masquerading as a contest of principles. -- Ambrose Bierce ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] probem with bind???
Dear Robert,
Really apprecite your quick reply and thanks for the same..
it worked beautifully..
the badguys acl
now jus for my information if u can help me
by the way i had send a mail to the owners of the ips and they replied to
me saying that they had a DDOS attack on thier server n its been stop 5
days ago .
now i wd like to know if it was really stopped wht were the messages stating
was my server querying their server
or their server quering mine
since a rule in my firewall which blocked the below IP did not help
apprecite ur kind help
the messages in my logs are
Feb 22 21:45:36 kmdns1 named[2087]: client 62.109.4.89#24308: query
(cache) './NS/IN' denied
Feb 22 21:45:37 kmdns1 named[2087]: client 62.109.4.89#31958: query
(cache) './NS/IN' denied
Feb 22 21:45:38 kmdns1 named[2087]: client 62.109.4.89#29069: query
(cache) './NS/IN' denied
Feb 22 21:45:38 kmdns1 named[2087]: client 62.109.4.89#35868: query
(cache) './NS/IN' denied
Feb 22 21:45:39 kmdns1 named[2087]: client 62.109.4.89#26792: query
(cache) './NS/IN' denied
but moment i made the changes as sugessted by u in my named.conf the
messages stopped perfectly
Regards
Fabian
>
>> Feb 22 09:14:52 kmdns1 named[2087]: client 62.109.4.89#59870: query
>> (cache) './NS/IN' denied
>>
>> now in my firewall i tryied to block this ip but the messages
>> dont stop
>>
>> i also upgraded bind to version bind-9.3.4-6.0.3.P1.el5_2 but
>> no avail the problem still there
>>
>>
>> i jus like to know whts this problem and how could i solve it
>>
>> is there a problem with my DNS server
>>
>> thnks and regards
>>
>> apprecite your kind help
>>
>>
>> fabian
>
> fabian,
>
> you might try something like the bad-guys acl i setup a long time ago in
> named.conf
>
> change the ips as you see fit
>
>
>
> // Default named.conf generated by install of bind-9.2.4-2
> //
> // r.initials August 29 2005
> //
> acl "bad-guys" {
> 201.114.231.0/24;
> 201.114.236.0/24;
> };
> logging {
> category lame-servers { null; };
> };
> options {
> version "Bind";
> directory "/var/named"; // working directory
> listen-on { 127.0.0.1; redactedx.y.z.a; };
> listen-on-v6 { none; };
> allow-transfer { redactedx.y.z.a; redactedx.y.z.b;};
> blackhole { "bad-guys"; };
> dump-file "/var/named/data/cache_dump.db";
> statistics-file "/var/named/data/named_stats.txt";
> // pid-file "named.pid"; // Put pid file in working
> dir
> allow-query { any; }; // This is the default
> recursion yes; // Do provide recursive service or not???
> };
> include "/etc/rndc.key";
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 4 X 500 gb drives - best software raid config for a backup server?
Ian Forde wrote: > On Sat, 2009-02-21 at 18:09 -0600, Les Mikesell wrote: >> Yes, but raid1 in software has none of those problems, since as far as >> the boot loader is concerned, you are booting from a single drive. And >> there is a trade-off in complexity, since sw raid works the same on >> Linux across different hardware and you need to round up different >> vendors instructions and utilities for hardware raid - and have a backup >> controller around for recovery. > > RAID in software, whether RAID1 or RAID5/6, always has manual steps > involved in recovery. Don't forget that 'recovery' sometimes means taking the still-working drives and moving them to a new chassis. > If one is using standardized hardware, such as HP > DL-x80 hardware or Dell x950 boxes, HW RAID obviates the need for a > "recovery procedure". As long as you have an exactly-matching chassis/motherboard/controller to move to. > It's just easier. You can still boot from a > single drive, since that's what the bootloader sees. There are no > vendor instructions or utilities needed for recovery. Nor is there a > backup controller needed. Everything breaks eventually. If yours hasn't yet, good luck with that. > The *only* time I'd use software RAID on > Linux is if I didn't have a standard hardware base that supported > hotswap and commandless recovery, which in any enterprise within which I > were to be employed, I'd insist upon (and deploy)... You can have hot spares in software raid if you can't be bothered to type 'mdadm --add ' once every few years. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 4 X 500 gb drives - best software raid config for a backup server?
Kay Diederichs wrote: > A good place to start comparing benchmark numbers for different RAID > levels is > http://linux-raid.osdl.org/index.php/Performance > in particular the links given in section "Other benchmarks from 2007-2008" > I like this bit of info from http://linux-raid.osdl.org/index.php/Performance Right under "Fresh benchmarking tools" "To check out speed and performance of your RAID systems, do NOT use hdparm. It won't do real benchmarking of the arrays." ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 4 X 500 gb drives - best software raid config for a backup server?
>> You will have to prove that. I have previously posted posts with links >> to benchmarks that show that hardware raid with sufficient processing >> power beat the pants of software raid when it comes to raid5/6 >> implementations. Hardware raid cards no longer come with crappy i960 cpus. >> > > Just by doing some quick googling, I came across: > > http://blogs.zdnet.com/storage/?p=126 > http://storagemojo.com/2007/04/24/mo-better-zfs-performance-stats/ > http://milek.blogspot.com/2007/04/hw-raid-vs-zfs-software-raid-part-iii.html > I have an issue with that benchmark. I don't know what that EMC is made of nevermind the fancy FC. Regarding my posts...they were on the ubuntu-user list...not here...so...here are the links: Thread post: https://lists.ubuntu.com/archives/edubuntu-users/2008-December/004887.html Don't use underpowered hardward raid boards for raid5/6 http://www.chemistry.wustl.edu/~gelb/castle_raid.html Use hardware raid boards with enough cpu/cache for raid5/6 http://www.linux.com/feature/140734 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 4 X 500 gb drives - best software raid config for a backup server?
On Sat, 2009-02-21 at 18:09 -0600, Les Mikesell wrote: > Yes, but raid1 in software has none of those problems, since as far as > the boot loader is concerned, you are booting from a single drive. And > there is a trade-off in complexity, since sw raid works the same on > Linux across different hardware and you need to round up different > vendors instructions and utilities for hardware raid - and have a backup > controller around for recovery. RAID in software, whether RAID1 or RAID5/6, always has manual steps involved in recovery. If one is using standardized hardware, such as HP DL-x80 hardware or Dell x950 boxes, HW RAID obviates the need for a "recovery procedure". It's just easier. You can still boot from a single drive, since that's what the bootloader sees. There are no vendor instructions or utilities needed for recovery. Nor is there a backup controller needed. The *only* time I'd use software RAID on Linux is if I didn't have a standard hardware base that supported hotswap and commandless recovery, which in any enterprise within which I were to be employed, I'd insist upon (and deploy)... -I ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
