Re: [CentOS-es] Off-topic.
Gracias Eduardo, Voy a aportar el manual (tipo dummy) de como instalar Pykota (Software para la contabilización de impresiones) en CentOS 5/ RHEL 5 que no es nada trivial como si lo es en Debian/Ubuntu. El autor de Pykota no coloca algunos tips en la documentación que al no saberlos pasan la promesa de Jerome Alet (el autor) de que la instalación del Pykota es una brisa a un quebradero de cabeza que en la mayoria de los casos (No fue el mio ya que o lo hacia funcionar o me quedaba sin empleo) nos hace desistir de realizar la instalación de ese excelente software. Voy a escribirle a la persona que me relacionas en este correo. Saludos y gracias nuevamente. Carlos Restrepo M. Administrador de Sistemas Bogotá - Colombia. El 30 de agosto de 2011 15:11, Eduardo Grosclaude eduardo.groscla...@gmail.com escribió: 2011/8/30 carlos restrepo restrcar...@gmail.com: Cordial saludo. Cual es el procedimiento y metodologia para subir un manual a la wiki es español de CentOS?, a quien debo dirigir el documento?. Hola Carlos, Yo he revisado la lista centos-docs para estudiar qué protocolo se sigue y he visto que la mayoría de la gente se presenta ante Ralph Angenendt solicitando una cuenta y autorización. -- Eduardo Grosclaude Universidad Nacional del Comahue Neuquen, Argentina ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Instalación Servidor DNS CentOS 6
Revisa el archivo /etc/resolv.conf. Carlos R. 2011/8/30 Ariel Hernández ariel@gmail.com Ok! ahora si :D gracias por su ayuda!! 2011/8/30 Jesus Rudas Simmonds jrud...@gmail.com Revisa el firewall, debes tener abierto el puerdo del DNS -Mensaje original- De: centos-es-boun...@centos.org [mailto:centos-es-boun...@centos.org] En nombre de Ariel Hernández Enviado el: Martes, 30 de Agosto de 2011 02:08 p.m. Para: centos-es@centos.org Asunto: Re: [CentOS-es] Instalación Servidor DNS CentOS 6 Ok! muchas gracias lo logre realizar, ahora tengo una consulta, resutal que cuando hago un nslookup para mi servidor me funciona, pero si ahora hago un nslookup a un sitio externo, como por ejemplo wikipedia.org este no funciona, que pasa entonces?? El 29 de agosto de 2011 23:32, Ernesto Pérez Estévez cen...@nuestroserver.com escribió: On Mon, 2011-08-29 at 19:25 -0500, Edg@r Rodolfo wrote: Hola a todos, resulta que instale CentOs 6 en mi maquina virtual y debo montar un servidor DNS, he leído manuales de instalación del servidor DNS pero en CentOs 5 y la verdad es que no sé como hacerlo para esta versión de CentOS. http://ecualug.org/2010/03/04/comos/dns_en_centos ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Ariel Hernández Pastén Ingeniero Civil Informático ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Ariel Hernández Pastén Ingeniero Civil Informático ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Carlos Restrepo M. Administrador de Sistemas Profesional Linux LPI 101 - 102 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] Instalaciòn Asterisk
ola a todos, resulta que estoy intentando instalar asterisk en mi CentOs y cuando quiero hacer: *yum install bison bison-devel ncurses ncurses-devel zlib zlib-devel openssl openssl-devel gnutls-devel gcc gcc-c++ make* me aparece el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 Error: Package: glibc-headers-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 You could try using --skip-broken to work around the problem* Como puedo solucionar esto??. Tengo CentOs 6. Gracias por su ayuda desde ya. Saludos. -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Instalaciòn Asterisk
Si no recuerdo mal habia una maquina virtual con Asterisk preinstalado en CentOS Saludos miguel --- El mié, 31/8/11, Ariel Hernández ariel@gmail.com escribió: De: Ariel Hernández ariel@gmail.com Asunto: [CentOS-es] Instalaciòn Asterisk Para: centos-es@centos.org Fecha: miércoles, 31 de agosto, 2011 11:28 ola a todos, resulta que estoy intentando instalar asterisk en mi CentOs y cuando quiero hacer: *yum install bison bison-devel ncurses ncurses-devel zlib zlib-devel openssl openssl-devel gnutls-devel gcc gcc-c++ make* me aparece el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 Error: Package: glibc-headers-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 You could try using --skip-broken to work around the problem* Como puedo solucionar esto??. Tengo CentOs 6. Gracias por su ayuda desde ya. Saludos. -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Instalaciòn Asterisk
yum clean all e intenta nuevamente. Carlos R. El 31 de agosto de 2011 10:34, Miguel Gonzalez miguel_3_gonza...@yahoo.esescribió: Si no recuerdo mal habia una maquina virtual con Asterisk preinstalado en CentOS Saludos miguel --- El mié, 31/8/11, Ariel Hernández ariel@gmail.com escribió: De: Ariel Hernández ariel@gmail.com Asunto: [CentOS-es] Instalaciòn Asterisk Para: centos-es@centos.org Fecha: miércoles, 31 de agosto, 2011 11:28 ola a todos, resulta que estoy intentando instalar asterisk en mi CentOs y cuando quiero hacer: *yum install bison bison-devel ncurses ncurses-devel zlib zlib-devel openssl openssl-devel gnutls-devel gcc gcc-c++ make* me aparece el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 Error: Package: glibc-headers-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 You could try using --skip-broken to work around the problem* Como puedo solucionar esto??. Tengo CentOs 6. Gracias por su ayuda desde ya. Saludos. -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Carlos Restrepo M. Administrador de Sistemas Profesional Linux LPI 101 - 102 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Instalaciòn Asterisk
Me sigue dando el mismo problema carlos. El 31 de agosto de 2011 13:05, carlos restrepo restrcar...@gmail.comescribió: yum clean all e intenta nuevamente. Carlos R. El 31 de agosto de 2011 10:34, Miguel Gonzalez miguel_3_gonza...@yahoo.esescribió: Si no recuerdo mal habia una maquina virtual con Asterisk preinstalado en CentOS Saludos miguel --- El mié, 31/8/11, Ariel Hernández ariel@gmail.com escribió: De: Ariel Hernández ariel@gmail.com Asunto: [CentOS-es] Instalaciòn Asterisk Para: centos-es@centos.org Fecha: miércoles, 31 de agosto, 2011 11:28 ola a todos, resulta que estoy intentando instalar asterisk en mi CentOs y cuando quiero hacer: *yum install bison bison-devel ncurses ncurses-devel zlib zlib-devel openssl openssl-devel gnutls-devel gcc gcc-c++ make* me aparece el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 Error: Package: glibc-headers-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 You could try using --skip-broken to work around the problem* Como puedo solucionar esto??. Tengo CentOs 6. Gracias por su ayuda desde ya. Saludos. -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Carlos Restrepo M. Administrador de Sistemas Profesional Linux LPI 101 - 102 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Instalaciòn Asterisk
primero prueba si existe : yum search (paquete ) El 31 de agosto de 2011 12:19, Ariel Hernández ariel@gmail.comescribió: Me sigue dando el mismo problema carlos. El 31 de agosto de 2011 13:05, carlos restrepo restrcar...@gmail.com escribió: yum clean all e intenta nuevamente. Carlos R. El 31 de agosto de 2011 10:34, Miguel Gonzalez miguel_3_gonza...@yahoo.esescribió: Si no recuerdo mal habia una maquina virtual con Asterisk preinstalado en CentOS Saludos miguel --- El mié, 31/8/11, Ariel Hernández ariel@gmail.com escribió: De: Ariel Hernández ariel@gmail.com Asunto: [CentOS-es] Instalaciòn Asterisk Para: centos-es@centos.org Fecha: miércoles, 31 de agosto, 2011 11:28 ola a todos, resulta que estoy intentando instalar asterisk en mi CentOs y cuando quiero hacer: *yum install bison bison-devel ncurses ncurses-devel zlib zlib-devel openssl openssl-devel gnutls-devel gcc gcc-c++ make* me aparece el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 Error: Package: glibc-headers-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 You could try using --skip-broken to work around the problem* Como puedo solucionar esto??. Tengo CentOs 6. Gracias por su ayuda desde ya. Saludos. -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Carlos Restrepo M. Administrador de Sistemas Profesional Linux LPI 101 - 102 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Atentamente : Hector Cuadros Prosopio . Movil :(511)995-412-884 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Instalaciòn Asterisk
Los encontro todos, solo que cada paquete aparece con un nuemro al final del nombre, ejemplo: yum search bison, aparece como bison-devel.i686, debere instalar asi entonces el paquete o no??, pero lo que encuentro extraño es que me tira error con el paquete glibc. El 31 de agosto de 2011 14:21, Hector Cuadros Prosopio ohmi...@gmail.comescribió: primero prueba si existe : yum search (paquete ) El 31 de agosto de 2011 12:19, Ariel Hernández ariel@gmail.com escribió: Me sigue dando el mismo problema carlos. El 31 de agosto de 2011 13:05, carlos restrepo restrcar...@gmail.com escribió: yum clean all e intenta nuevamente. Carlos R. El 31 de agosto de 2011 10:34, Miguel Gonzalez miguel_3_gonza...@yahoo.esescribió: Si no recuerdo mal habia una maquina virtual con Asterisk preinstalado en CentOS Saludos miguel --- El mié, 31/8/11, Ariel Hernández ariel@gmail.com escribió: De: Ariel Hernández ariel@gmail.com Asunto: [CentOS-es] Instalaciòn Asterisk Para: centos-es@centos.org Fecha: miércoles, 31 de agosto, 2011 11:28 ola a todos, resulta que estoy intentando instalar asterisk en mi CentOs y cuando quiero hacer: *yum install bison bison-devel ncurses ncurses-devel zlib zlib-devel openssl openssl-devel gnutls-devel gcc gcc-c++ make* me aparece el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 Error: Package: glibc-headers-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 You could try using --skip-broken to work around the problem* Como puedo solucionar esto??. Tengo CentOs 6. Gracias por su ayuda desde ya. Saludos. -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Carlos Restrepo M. Administrador de Sistemas Profesional Linux LPI 101 - 102 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Atentamente : Hector Cuadros Prosopio . Movil :(511)995-412-884 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Instalaciòn Asterisk
[root@srvsquid ~]# yum search glibc Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Exiting on user cancel [root@ ~]#* yum search glibc* === Matched: glibc compat-glibc.i386 : Compatibility C library compat-glibc-headers.i386 : Header files for development using standard C libraries. glibc.i686 : The GNU libc libraries. glibc.i386 : The GNU libc libraries. glibc-common.i386 : Common binaries and locale data for glibc glibc-devel.i386 : Object files for development using standard C libraries. glibc-headers.i386 : Header files for development using standard C libraries. glibc-utils.i386 : Development utilities from GNU C library y le das un* yum install glibc* El 31 de agosto de 2011 12:25, Ariel Hernández ariel@gmail.comescribió: Los encontro todos, solo que cada paquete aparece con un nuemro al final del nombre, ejemplo: yum search bison, aparece como bison-devel.i686, debere instalar asi entonces el paquete o no??, pero lo que encuentro extraño es que me tira error con el paquete glibc. El 31 de agosto de 2011 14:21, Hector Cuadros Prosopio ohmi...@gmail.comescribió: primero prueba si existe : yum search (paquete ) El 31 de agosto de 2011 12:19, Ariel Hernández ariel@gmail.com escribió: Me sigue dando el mismo problema carlos. El 31 de agosto de 2011 13:05, carlos restrepo restrcar...@gmail.com escribió: yum clean all e intenta nuevamente. Carlos R. El 31 de agosto de 2011 10:34, Miguel Gonzalez miguel_3_gonza...@yahoo.esescribió: Si no recuerdo mal habia una maquina virtual con Asterisk preinstalado en CentOS Saludos miguel --- El mié, 31/8/11, Ariel Hernández ariel@gmail.com escribió: De: Ariel Hernández ariel@gmail.com Asunto: [CentOS-es] Instalaciòn Asterisk Para: centos-es@centos.org Fecha: miércoles, 31 de agosto, 2011 11:28 ola a todos, resulta que estoy intentando instalar asterisk en mi CentOs y cuando quiero hacer: *yum install bison bison-devel ncurses ncurses-devel zlib zlib-devel openssl openssl-devel gnutls-devel gcc gcc-c++ make* me aparece el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 Error: Package: glibc-headers-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 You could try using --skip-broken to work around the problem* Como puedo solucionar esto??. Tengo CentOs 6. Gracias por su ayuda desde ya. Saludos. -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Carlos Restrepo M. Administrador de Sistemas Profesional Linux LPI 101 - 102 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Atentamente : Hector Cuadros Prosopio . Movil :(511)995-412-884 ___ CentOS-es mailing list CentOS-es@centos.org
Re: [CentOS-es] Instalaciòn Asterisk
se soluciono tu problema? Date: Wed, 31 Aug 2011 12:29:01 -0500 From: ohmi...@gmail.com To: centos-es@centos.org Subject: Re: [CentOS-es] Instalaciòn Asterisk [root@srvsquid ~]# yum search glibc Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Exiting on user cancel [root@ ~]#* yum search glibc* === Matched: glibc compat-glibc.i386 : Compatibility C library compat-glibc-headers.i386 : Header files for development using standard C libraries. glibc.i686 : The GNU libc libraries. glibc.i386 : The GNU libc libraries. glibc-common.i386 : Common binaries and locale data for glibc glibc-devel.i386 : Object files for development using standard C libraries. glibc-headers.i386 : Header files for development using standard C libraries. glibc-utils.i386 : Development utilities from GNU C library y le das un* yum install glibc* El 31 de agosto de 2011 12:25, Ariel Hernández ariel@gmail.comescribió: Los encontro todos, solo que cada paquete aparece con un nuemro al final del nombre, ejemplo: yum search bison, aparece como bison-devel.i686, debere instalar asi entonces el paquete o no??, pero lo que encuentro extraño es que me tira error con el paquete glibc. El 31 de agosto de 2011 14:21, Hector Cuadros Prosopio ohmi...@gmail.comescribió: primero prueba si existe : yum search (paquete ) El 31 de agosto de 2011 12:19, Ariel Hernández ariel@gmail.com escribió: Me sigue dando el mismo problema carlos. El 31 de agosto de 2011 13:05, carlos restrepo restrcar...@gmail.com escribió: yum clean all e intenta nuevamente. Carlos R. El 31 de agosto de 2011 10:34, Miguel Gonzalez miguel_3_gonza...@yahoo.esescribió: Si no recuerdo mal habia una maquina virtual con Asterisk preinstalado en CentOS Saludos miguel --- El mié, 31/8/11, Ariel Hernández ariel@gmail.com escribió: De: Ariel Hernández ariel@gmail.com Asunto: [CentOS-es] Instalaciòn Asterisk Para: centos-es@centos.org Fecha: miércoles, 31 de agosto, 2011 11:28 ola a todos, resulta que estoy intentando instalar asterisk en mi CentOs y cuando quiero hacer: *yum install bison bison-devel ncurses ncurses-devel zlib zlib-devel openssl openssl-devel gnutls-devel gcc gcc-c++ make* me aparece el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 Error: Package: glibc-headers-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 You could try using --skip-broken to work around the problem* Como puedo solucionar esto??. Tengo CentOs 6. Gracias por su ayuda desde ya. Saludos. -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Carlos Restrepo M. Administrador de Sistemas Profesional Linux LPI 101 - 102 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es --
Re: [CentOS-es] Instalaciòn Asterisk
OK.! gracias, si recien se soluciono, no entiendo porque me marcaba error en los paquetes, al final hice un yum install kernel-devel, y de ahi todos los otros paquetes los instale correctamente. Muchas gracias por la ayuda de todos. El 31 de agosto de 2011 14:37, ces can arvega...@hotmail.com escribió: se soluciono tu problema? Date: Wed, 31 Aug 2011 12:29:01 -0500 From: ohmi...@gmail.com To: centos-es@centos.org Subject: Re: [CentOS-es] Instalaciòn Asterisk [root@srvsquid ~]# yum search glibc Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Exiting on user cancel [root@ ~]#* yum search glibc* === Matched: glibc compat-glibc.i386 : Compatibility C library compat-glibc-headers.i386 : Header files for development using standard C libraries. glibc.i686 : The GNU libc libraries. glibc.i386 : The GNU libc libraries. glibc-common.i386 : Common binaries and locale data for glibc glibc-devel.i386 : Object files for development using standard C libraries. glibc-headers.i386 : Header files for development using standard C libraries. glibc-utils.i386 : Development utilities from GNU C library y le das un* yum install glibc* El 31 de agosto de 2011 12:25, Ariel Hernández ariel@gmail.com escribió: Los encontro todos, solo que cada paquete aparece con un nuemro al final del nombre, ejemplo: yum search bison, aparece como bison-devel.i686, debere instalar asi entonces el paquete o no??, pero lo que encuentro extraño es que me tira error con el paquete glibc. El 31 de agosto de 2011 14:21, Hector Cuadros Prosopio ohmi...@gmail.comescribió: primero prueba si existe : yum search (paquete ) El 31 de agosto de 2011 12:19, Ariel Hernández ariel@gmail.com escribió: Me sigue dando el mismo problema carlos. El 31 de agosto de 2011 13:05, carlos restrepo restrcar...@gmail.com escribió: yum clean all e intenta nuevamente. Carlos R. El 31 de agosto de 2011 10:34, Miguel Gonzalez miguel_3_gonza...@yahoo.esescribió: Si no recuerdo mal habia una maquina virtual con Asterisk preinstalado en CentOS Saludos miguel --- El mié, 31/8/11, Ariel Hernández ariel@gmail.com escribió: De: Ariel Hernández ariel@gmail.com Asunto: [CentOS-es] Instalaciòn Asterisk Para: centos-es@centos.org Fecha: miércoles, 31 de agosto, 2011 11:28 ola a todos, resulta que estoy intentando instalar asterisk en mi CentOs y cuando quiero hacer: *yum install bison bison-devel ncurses ncurses-devel zlib zlib-devel openssl openssl-devel gnutls-devel gcc gcc-c++ make* me aparece el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 Error: Package: glibc-headers-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 You could try using --skip-broken to work around the problem* Como puedo solucionar esto??. Tengo CentOs 6. Gracias por su ayuda desde ya. Saludos. -- *Ariel Hernández Pastén* *Ingeniero Civil Informático* ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Carlos Restrepo M. Administrador de Sistemas
Re: [CentOS-es] Instalaciòn Asterisk
aggh! me volvio el problema con el glibc, hago un yum clean all, luego un yum install glibc, y me manda el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 Error: Package: glibc-headers-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 You could try using --skip-broken to work around the problem * lo mismo pasa cuando hago yum install gcc y cuando verfico si el paquete esta instalado me aparece correcto: [root@localhost src]# rpm -q glibc glibc-2.12-1.7.el6.i686 glibc-2.12-1.7.el6_0.5.i686 El 31 de agosto de 2011 14:39, Ariel Hernández ariel@gmail.comescribió: OK.! gracias, si recien se soluciono, no entiendo porque me marcaba error en los paquetes, al final hice un yum install kernel-devel, y de ahi todos los otros paquetes los instale correctamente. Muchas gracias por la ayuda de todos. El 31 de agosto de 2011 14:37, ces can arvega...@hotmail.com escribió: se soluciono tu problema? Date: Wed, 31 Aug 2011 12:29:01 -0500 From: ohmi...@gmail.com To: centos-es@centos.org Subject: Re: [CentOS-es] Instalaciòn Asterisk [root@srvsquid ~]# yum search glibc Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Exiting on user cancel [root@ ~]#* yum search glibc* === Matched: glibc compat-glibc.i386 : Compatibility C library compat-glibc-headers.i386 : Header files for development using standard C libraries. glibc.i686 : The GNU libc libraries. glibc.i386 : The GNU libc libraries. glibc-common.i386 : Common binaries and locale data for glibc glibc-devel.i386 : Object files for development using standard C libraries. glibc-headers.i386 : Header files for development using standard C libraries. glibc-utils.i386 : Development utilities from GNU C library y le das un* yum install glibc* El 31 de agosto de 2011 12:25, Ariel Hernández ariel@gmail.com escribió: Los encontro todos, solo que cada paquete aparece con un nuemro al final del nombre, ejemplo: yum search bison, aparece como bison-devel.i686, debere instalar asi entonces el paquete o no??, pero lo que encuentro extraño es que me tira error con el paquete glibc. El 31 de agosto de 2011 14:21, Hector Cuadros Prosopio ohmi...@gmail.comescribió: primero prueba si existe : yum search (paquete ) El 31 de agosto de 2011 12:19, Ariel Hernández ariel@gmail.com escribió: Me sigue dando el mismo problema carlos. El 31 de agosto de 2011 13:05, carlos restrepo restrcar...@gmail.com escribió: yum clean all e intenta nuevamente. Carlos R. El 31 de agosto de 2011 10:34, Miguel Gonzalez miguel_3_gonza...@yahoo.esescribió: Si no recuerdo mal habia una maquina virtual con Asterisk preinstalado en CentOS Saludos miguel --- El mié, 31/8/11, Ariel Hernández ariel@gmail.com escribió: De: Ariel Hernández ariel@gmail.com Asunto: [CentOS-es] Instalaciòn Asterisk Para: centos-es@centos.org Fecha: miércoles, 31 de agosto, 2011 11:28 ola a todos, resulta que estoy intentando instalar asterisk en mi CentOs y cuando quiero hacer: *yum install bison bison-devel ncurses ncurses-devel zlib zlib-devel openssl openssl-devel gnutls-devel gcc gcc-c++ make* me aparece el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3
Re: [CentOS-es] Instalaciòn Asterisk
entonces dererias hacer antes un yum update; fijate que no tengas otros repositorios a parte de los que tiene centos. saludos Date: Wed, 31 Aug 2011 13:49:29 -0400 From: ariel@gmail.com To: centos-es@centos.org Subject: Re: [CentOS-es] Instalaciòn Asterisk aggh! me volvio el problema con el glibc, hago un yum clean all, luego un yum install glibc, y me manda el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 Error: Package: glibc-headers-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed: glibc-2.12-1.7.el6.i686 (@anaconda-centos-201106051823.i386/6.0) glibc = 2.12-1.7.el6 Available: glibc-2.12-1.7.el6_0.3.i686 (updates) glibc = 2.12-1.7.el6_0.3 Available: glibc-2.12-1.7.el6_0.4.i686 (updates) glibc = 2.12-1.7.el6_0.4 Available: glibc-2.12-1.7.el6_0.5.i686 (updates) glibc = 2.12-1.7.el6_0.5 You could try using --skip-broken to work around the problem * lo mismo pasa cuando hago yum install gcc y cuando verfico si el paquete esta instalado me aparece correcto: [root@localhost src]# rpm -q glibc glibc-2.12-1.7.el6.i686 glibc-2.12-1.7.el6_0.5.i686 El 31 de agosto de 2011 14:39, Ariel Hernández ariel@gmail.comescribió: OK.! gracias, si recien se soluciono, no entiendo porque me marcaba error en los paquetes, al final hice un yum install kernel-devel, y de ahi todos los otros paquetes los instale correctamente. Muchas gracias por la ayuda de todos. El 31 de agosto de 2011 14:37, ces can arvega...@hotmail.com escribió: se soluciono tu problema? Date: Wed, 31 Aug 2011 12:29:01 -0500 From: ohmi...@gmail.com To: centos-es@centos.org Subject: Re: [CentOS-es] Instalaciòn Asterisk [root@srvsquid ~]# yum search glibc Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Exiting on user cancel [root@ ~]#* yum search glibc* === Matched: glibc compat-glibc.i386 : Compatibility C library compat-glibc-headers.i386 : Header files for development using standard C libraries. glibc.i686 : The GNU libc libraries. glibc.i386 : The GNU libc libraries. glibc-common.i386 : Common binaries and locale data for glibc glibc-devel.i386 : Object files for development using standard C libraries. glibc-headers.i386 : Header files for development using standard C libraries. glibc-utils.i386 : Development utilities from GNU C library y le das un* yum install glibc* El 31 de agosto de 2011 12:25, Ariel Hernández ariel@gmail.com escribió: Los encontro todos, solo que cada paquete aparece con un nuemro al final del nombre, ejemplo: yum search bison, aparece como bison-devel.i686, debere instalar asi entonces el paquete o no??, pero lo que encuentro extraño es que me tira error con el paquete glibc. El 31 de agosto de 2011 14:21, Hector Cuadros Prosopio ohmi...@gmail.comescribió: primero prueba si existe : yum search (paquete ) El 31 de agosto de 2011 12:19, Ariel Hernández ariel@gmail.com escribió: Me sigue dando el mismo problema carlos. El 31 de agosto de 2011 13:05, carlos restrepo restrcar...@gmail.com escribió: yum clean all e intenta nuevamente. Carlos R. El 31 de agosto de 2011 10:34, Miguel Gonzalez miguel_3_gonza...@yahoo.esescribió: Si no recuerdo mal habia una maquina virtual con Asterisk preinstalado en CentOS Saludos miguel --- El mié, 31/8/11, Ariel Hernández ariel@gmail.com escribió: De: Ariel Hernández ariel@gmail.com Asunto: [CentOS-es] Instalaciòn Asterisk Para: centos-es@centos.org Fecha: miércoles, 31 de agosto, 2011 11:28 ola a todos, resulta que estoy intentando instalar asterisk en mi CentOs y cuando quiero hacer: *yum install bison bison-devel ncurses ncurses-devel zlib zlib-devel openssl openssl-devel gnutls-devel gcc gcc-c++ make* me aparece el siguiente error: *Error: Package: glibc-devel-2.12-1.7.el6_0.5.i686 (updates) Requires: glibc = 2.12-1.7.el6_0.5 Installed:
Re: [CentOS-es] Instalaciòn Asterisk
AHí está lo malo.. El 31/08/11 14:49, Ariel Hernández escribió: [root@localhost src]# rpm -q glibc glibc-2.12-1.7.el6.i686 glibc-2.12-1.7.el6_0.5.i686 ACÁ...debiera indicarte sólo uno.. dale un rpm -qa|sort y verifica que no esten duplicados los programas.. en este caso, tienes instaladas 2 versiones del glibc.. la solución es desinstalar una de ellas..y luego dar un yum update. -- Ernesto Miranda R. Encargado de Infraestructura y Sistemas Universidad Arturo Prat Iquique (+56 57)394388 - (+56 9)78640175 La diferencia entre ser eficaz y eficiente consiste en que el primero sólo cumple con el objetivo, mientras que el segundo no sólo lo cumple, sino que lo hace generando el menor gasto de recursos. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
Are you a dog lover ? I like dogs too. They usually bark at strangers. Paul. PLONK see also http://en.wikipedia.org/wiki/Plonk_%28Usenet%29 best regards --- Michael ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: help with email list reading programs w/ best features to read the centos and other lists that can filter people etc
Hello R, On Tue, 30 Aug 2011 21:46:53 -0700 R - elists list...@abbacomm.net wrote: we need to filter out various peoples posts on this list would some kind soul(s) please direct us in locating the best email list reading programs w/ the best features to read the centos and other lists. the CentOS list signal/noise ratio is so bad that we need something better than just outlook like clients or whatever appropriate windows and linux recommendations would be most appreciated Claws Mail does that work for me for ages. Filtering (dispatching mails, quick filtering view), tagging, coloring, etc.. Regards, -- wwp signature.asc Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache warns Web server admins of DoS attack tool
m.r...@5-cent.us said the following on 25/08/11 18:33: Anyone have any idea how soon RHEL and CentOS will be releasing the patch package? Apparently Apache just released a patch: https://www.apache.org/dist/httpd/Announcement2.2.html Source: http://nakedsecurity.sophos.com/2011/08/31/apache-2-2-20-released-to-fix-dos-vulnerability/ Ciao, luigi -- / +--[Luigi Rosa]-- \ Sinclair: Good morning, Lieutenant Commander. Sleep well? Ivanova: Sleeping is not the problem. Waking up, that is a problem. I've always had a hard time getting up when it's dark outside. Sinclair: But in space it's always dark. Ivanova: I know. I know. --Signs and Portents ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] (Centos 5.6) Server Time NTP Facility
Am 31.08.2011 01:58, schrieb Always Learning: I also notice our servers successfully contacting official time references centres which are not those sites trying to connect to us. I notice too the installed time software is listening on every available IP. I can not identity any options in any configuration files to turn-off this listening. ntpd shipping with CentOS 6 has an option -I iface; see man 8 ntpd. Edit /etc/sysconfig/ntpd accordingly. ntpd shipping with CentOS 5 does not have that and thus always binds to all available interfaces. Thanks, Paul. Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, Aug 31, 2011 at 04:43:46AM +0100, Always Learning wrote: That you for the useful enlightenment. I was unaware it was an OpenVZ. I thought is was XEN on Ubuntu. Next time, try posting more usefull information stating that you are indeed running CentOS on a CentOS support mailing list and not some other voices. http://wiki.centos.org/irc_centos_request 3. Kernel Version and CentOS Release ... http://wiki.centos.org/AdditionalResources/OtherVoices Well I cut-out the unnecessary parts and produced a uname -r. It was the kernel version that interested me. I just happened to know it is 'Linux' and 'GNU' so did not need a reminder. full output not what *you* think is enough. Tru -- Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance) http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xBEFA581B pgp231P8NgEGR.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Tue, Aug 30, 2011 at 10:24 PM, Always Learning cen...@u61.u22.net wrote: On a VPS I wanted to add to IP tables:- iptables -A -p tcp -m string --algo bm --string 'login' -j DROP I got: iptables: Unknown error 18446744073709551615 uname -a = 2.6.35.4 #2 (don't know how this got installed) lsmod | grep ipt = ipt_LOG 5419 2 uname -a = 2.6.18-274.el5 #1 You're probably running in an OpenVZ container. You can find out through http://wiki.openvz.org/BC_proc_entries ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache warns Web server admins of DoS attack tool
On 08/30/2011 11:33 PM, Thomas Harold wrote: Someday, perhaps we'll end up back on an authenticated version of NNTP, with support for bbcode, images, and the front end reader of your choice... Thats quite a good idea - and something that we explored at length when looking for a replacement software for the existing forums. And while that would be nice to have, reduce content duplication and assert some level of authority across venues etc, its still not really the master-solution. The bridge would be good to have, but there are lots of people who chose a venue to work with based on their own expectations, comfort level and media they prefer working with. In some cases, like the people here on the list - mailing lists are the way to go. Others prefer to use the forums. While plenty hang out on IRC. Lets not take the choice away from people. - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache warns Web server admins of DoS attack tool
thus Karanbir Singh spake: On 08/30/2011 11:33 PM, Thomas Harold wrote: Someday, perhaps we'll end up back on an authenticated version of NNTP, with support for bbcode, images, and the front end reader of your choice... Thats quite a good idea - and something that we explored at length when looking for a replacement software for the existing forums. And while that would be nice to have, reduce content duplication and assert some level of authority across venues etc, its still not really the master-solution. The bridge would be good to have, but there are lots of people who chose a venue to work with based on their own expectations, comfort level and media they prefer working with. In some cases, like the people here on the list - mailing lists are the way to go. Others prefer to use the forums. While plenty hang out on IRC. Lets not take the choice away from people. - KB Just released: https://www.apache.org/dist/httpd/Announcement2.2.html ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] xendomains not starting at boot
On one of my xen hosts a virtual machine does not start at boot. I can see that xendomains gives an error: service xendomains start Starting auto Xen domains: fszeleNo handlers could be found for logger xend Error: Disk isn't accessible No handlers could be found for logger xend Error: Disk isn't accessible An error occured while creating domain fszele: Usage: xm create ConfigFile [options] [vars] Create a domain based on ConfigFile. Options: -h, --help Print this help. --help_configPrint the available configuration variables (vars) for the configuration script. -q, --quiet Quiet. --path=PATH Search path for configuration scripts. The value of PATH is a colon-separated directory list. -f=FILE, --defconfig=FILE Use the given Python configuration script.The configuration script is loaded after arguments have been processed. Each command-line option sets a configuration variable named after its long option name, and these variables are placed in the environment of the script before it is loaded. Variables for options that may be repeated have list values. Other variables can be set using VAR=VAL on the command line. After the script is loaded, option values that were not set on the command line are replaced by the values set in the script. -F=FILE, --config=FILE Domain configuration to use (SXP). SXP is the underlying configuration format used by Xen. SXP configurations can be hand-written or generated from Python configuration scripts, using the -n (dryrun) option to print the configuration. -n, --dryrun Dry run - prints the resulting configuration in SXP but does not create the domain. -p, --paused Leave the domain paused after it is created. -c, --console_autoconnect Connect to the console after the domain is created. ! [failed] [FAILED] The actual command executed turns out to be: XMC=`xm create --quiet --defconfig $dom` where dom=/etc/xen/auto/fszele If I issue the command from the command line, the dom starts as expected. After some debugging on /etc/init.d/xendomains it turns out to work if I change this line: diff xendomains* 283c283 XMC=$(xm create --quiet --defconfig $dom) --- XMC=`xm create --quiet --defconfig $dom` or diff xendomains* 283c283 XMC=`echo debug;xm create --quiet --defconfig $dom` --- XMC=`xm create --quiet --defconfig $dom` So I fixed the problem using $() instead of back-ticks, but I like to understand what can be the root cause of this problem. It seems to happen on only one of my hosts. cat /etc/redhat-release CentOS release 5.6 (Final) rpm -qf xendomains xen-3.0.3-120.el5_6.3 uname -a Linux xenzele.greenpeak.com 2.6.18-238.19.1.el5xen #1 SMP Fri Jul 15 08:16:59 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux Theo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
Am 31.08.2011 04:24, schrieb Always Learning:
On a VPS I wanted to add to IP tables:-
iptables -A -p tcp -m string --algo bm --string 'login' -j DROP
I got:
iptables: Unknown error 18446744073709551615
uname -a = 2.6.35.4 #2 (don't know how this got installed)
lsmod | grep ipt = ipt_LOG 5419 2
yum upgrade iptables* = nothing to install.
I had similar problems back with CentOS 5.4 and non-distro kernel 2.6.32
when I tried to use the MARK target.
The fix was to get a more recent iptables from netfilter.org.
iptables-1.4.7 work for me, currently CentOS 5.6 and kernel 2.6.35.14
in production.
Since I only require the newer iptables command when adding MARK targets
to the mangle table, I've installed netfilter.org iptables to /opt/iptables
and set export PATH=/opt/iptables/sbin:${PATH} in scripts where needed.
Yes, no custom rpm built, just a quick and dirty install to /opt...
FYI, kernels 2.6.32 and 2.6.35 work fine with CentOS 5 except for the
the iptables issue above and a (minor) mcelog problem, IIRC.
Hope that helps,
Walter
PS: To install iptables from source is pretty straightforward:
get the tarball from netfilter.org, unpack and run:
./configure --prefix=/opt/iptables make make install
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] (Centos 5.6) Server Time NTP Facility
On Wed, 2011-08-31 at 10:13 +0200, Alexander Dalloz wrote: ntpd shipping with CentOS 6 has an option -I iface; see man 8 ntpd. Edit /etc/sysconfig/ntpd accordingly. ntpd shipping with CentOS 5 does not have that and thus always binds to all available interfaces. That explains why I can not find a parameter to turn-off. Thank you. Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] (Centos 5.6) Server Time NTP Facility
On Tuesday, August 30, 2011 08:15:28 PM brian wrote: ...to your rule list will allow the specified net address(es) to contact you on port 123. the above, of course, assumes your input port is eth0 (change that, if different on your system), and that the NTP server uses TCP protocol (change that to UDP, otherwise). should be enough to get you started on the right track, anyway. NTP uses UDP. Also, NTP uses addresses in the 127/8 space locally for configuration purposes; see the NTP man pages and the main ntp.org website for thorough documentation on all the options and what those other addresses in 127/8 do. This is one of those cases where you read the full upstream documentation set before you change anything; kindof like attempting an automatic transmission rebuild project where the instructions say clearly 'read entire procedure before performing any work' and the instructions mean that very literally. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Tuesday, August 30, 2011 10:24:41 PM Always Learning wrote: On a VPS I wanted to add to IP tables:- iptables -A -p tcp -m string --algo bm --string 'login' -j DROP iptables: Unknown error 18446744073709551615 uname -a = 2.6.35.4 #2 (don't know how this got installed) This is not a CentOS-provided kernel; as has been said elsewhere in the thread, this is likely an OpenVZ kernel. Your hosting provider will have to install the modules necessary to make this function. If they either cannot or will not, then you can't use the options you want to use. The CentOS repositories and lists are unable to help you with your hosting provider's kernel modules. Further support may be found either from your provider or from an OpenVZ mailing list, but OpenVZ container (VPS) support is beyond the scope of this list because it is so different from 'real' CentOS. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: help with email list reading programs w/ best features to read the centos and other lists that can filter people etc
On Wednesday, August 31, 2011 12:46:53 AM R - elists wrote: we need to filter out various peoples posts on this list would some kind soul(s) please direct us in locating the best email list reading programs w/ the best features to read the centos and other lists. While I use Kmail (which can do very powerful filtering based on a number of criteria; I use the filters to folderize the list into its own CentOS folder, in addition to plonking senders), Outlook's junk mail filter can be configured to do what you're after. Or, go to office.microsoft.com, and search for the phrase Add a name to the Blocked Senders List and I think you'll find what you want. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 09:01 -0400, Lamar Owen wrote: On Tuesday, August 30, 2011 10:24:41 PM Always Learning wrote: uname -a = 2.6.35.4 #2 (don't know how this got installed) This is not a CentOS-provided kernel; as has been said elsewhere in the thread, this is likely an OpenVZ kernel. Your hosting provider will have to install the modules necessary to make this function. If they either cannot or will not, then you can't use the options you want to use. A very helpful and knowledgeable poster, Walter Haidinger, in his email dated Wed, 31 Aug 2011 13:10:16 +0200 (12:10 BST), gave what appears to be an ideal solution. * get a more recent iptables from netfilter.org * install to a different location * how to install it The server provider's suggestion modprobe ipt_string did not work so I have mention to them the OpenVZ comments made by several posters. ... OpenVZ container (VPS) ... is so different from 'real' CentOS. So I am observing. Thank you. Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: help with email list reading programs w/ best features to read the centos and other lists that can filter people etc
Lamar Owen wrote: On Wednesday, August 31, 2011 12:46:53 AM R - elists wrote: snip While I use Kmail (which can do very powerful filtering based on a number snip So how is kmail these days? I jumped ship to t-bird about '03 or '05, when I got tired of kmail munging my mbox (I tend to have thousands of emails stored there, before I get around to moving them to a dated folder...). mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: help with email list reading programs w/ best features to read the centos and other lists that can filter people etc
On Wed, 2011-08-31 at 09:25 -0400, m.r...@5-cent.us wrote: So how is kmail these days? I jumped ship to t-bird about '03 or '05, when I got tired of kmail munging my mbox (I tend to have thousands of emails stored there, before I get around to moving them to a dated folder...). Why not store them in a correspondence database ? I wrote one which has capacity for 999,999 main entries, each entry can have 99 sub-entries and data can be retrieved by any partial key-word (6 different key word fields), date (partial of whole), reference number, partial match of main entry description, separate names database reference, text search. Main entries can be linked via key-words to other main entries and there is user settable 'revision date' so one can see what is overdue. One can also email directly from within the database, which stores the outgoing email automatically. Retrieval time is about 1 to 3 seconds providing the Internet is up. Regards, Always Programming. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On 08/31/2011 12:10 PM, Walter Haidinger wrote: PS: To install iptables from source is pretty straightforward: get the tarball from netfilter.org, unpack and run: ./configure --prefix=/opt/iptables make make install And at that point you lose. All management capability or the ability to audit / track or even upgrade along the distro. Installing from source, is almost always the wrong solution; There are *some* places where it might be a workable solution, but really do you want your first line of machine defence to be from source ? Just the amount of effort needed to make something like that work is huge. - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache warns Web server admins of DoS attack tool
Hi, On 08/31/2011 10:56 AM, Timo Schoeler wrote: Just released: https://www.apache.org/dist/httpd/Announcement2.2.html thanks. I guess we should wait on a fix from upstream, make sure its tested etc. If there is interest in doing a local fix/build for c4/5/6 testing repo's, please submit a patch and I can push it through the buildsys. For the main distro, lets wait on the upstream fix. - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: help with email list reading programs w/ best features to read the centos and other lists that can filter people etc
On Wednesday, August 31, 2011 09:25:06 AM m.r...@5-cent.us wrote: Lamar Owen wrote: On Wednesday, August 31, 2011 12:46:53 AM R - elists wrote: snip While I use Kmail (which can do very powerful filtering based on a number snip So how is kmail these days? Kmail beats the Dickens out of me sometimes A tale of two mailreaders 'It was the best of times, it was the worst of times...' It's been better (in ways), and it's been worse (much worse). The Scalix integration quit working upon an upgrade to KDE4 (don't really miss it that much), and if you do a large and long search, be sure to do a short one before you quit kmail, as it will redo the search to populate the 'Searches' folder *every time you start* and not tell you that is what it is doing; it just feels like it has hung, for however long the search may take (and my mail store is, uh, 8.3GB currently) ... At the KDE SC 4.6.x level, things are about as stable as they've ever been, once you get Akonadi and Nepomuk operable. But this is the primary reason I'm somewhat loathe to go back down to KDE 4.3.4 in EL 6; I've forgotten what was broken at that level, and I'm used to what is currently working in F14 which is partly why I'll periodically pop up and ask if anyone has done a KDE 4.6.x repo for EL6... I'm at the moment happy with 1.13.7 that ships with KDE SC 4.6.5. It's crashed the least of any kmail I've run, since a long time ago (I forget just when I went to kmail (from Netscape Communicator), but it was, IIRC, in KDE 1.x days). I've kept essentially the same mailstore the whole time; it is a melange of maildir and mbox, depending upon how old the folder is... :-) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: help with email list reading programs w/ best features to read the centos and other lists that can filter people etc
On Wednesday, August 31, 2011 09:34:48 AM Always Learning wrote: Why not store them in a correspondence database ? Kmail is working towards full Akonadi integration, and the full 'semantic desktop' paradigm is (or will be) available. So it's already being done, to a degree, and in a very flexible manner. Currently it is a tad slow with my 1 million e-mails in my archive, but it has been slower. Much slower. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wednesday, August 31, 2011 09:18:26 AM Always Learning wrote: A very helpful and knowledgeable poster, Walter Haidinger, in his email dated Wed, 31 Aug 2011 13:10:16 +0200 (12:10 BST), gave what appears to be an ideal solution. * get a more recent iptables from netfilter.org It's less than ideal to install anything from source, as Karanbir has so correctly pointed out downthread. Sometimes it is necessary; but it is never ideal, for the reasons KB stated. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
Perhaps the most important point here is that the script kiddies and/or bots usually make sure the target string, 'login' in your example is *not* contained within a single packet. You can verify this with wireshark. In any case just be aware that your solution will likely not have the desired effect. This a decent read: http://spamcleaner.org/en/misc/w00tw00t.html Specifically the Conclusion section near the bottom. On Wed, 31 Aug 2011, Always Learning wrote: On a VPS I wanted to add to IP tables:- iptables -A -p tcp -m string --algo bm --string 'login' -j DROP I got: iptables: Unknown error 18446744073709551615 uname -a = 2.6.35.4 #2 (don't know how this got installed) lsmod | grep ipt = ipt_LOG 5419 2 yum upgrade iptables* = nothing to install. --- On a standalone server (C 5.6) iptables -A -p tcp -m string --algo bm --string 'login' -j DROP is accepted. uname -a = 2.6.18-274.el5 #1 lsmod | grep ipt = ipt_LOG39617 1 iptable_filter 36161 1 ip_tables 55457 1 iptable_filter x_tables 50505 6 xt_string,xt_state,ipt_LOG,xt_tcpudp,ip_tables,ip6_tables Appreciate suggestions on how to get kernel 2.6.35.4 to install the whole IP tables package, especially the STRING and RECENT options (in -m). Thank you. Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 09:54 -0400, Lamar Owen wrote: It's less than ideal to install anything from source, as Karanbir has so correctly pointed out downthread. Sometimes it is necessary; but it is never ideal, for the reasons KB stated The service provider has suggested it needs the xt_tcpudp module which involves a kernel change. I'll try that. All I want to do is to stop the hacker, who is now targeting a different web site with the well-known phpmyadmin variations. Paul. -- With best regards, Paul. England, EU. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: help with email list reading programs w/ best features to read the centos and other lists that can filter people etc
On Tue, Aug 30, 2011 at 11:46 PM, R - elists list...@abbacomm.net wrote: we need to filter out various peoples posts on this list would some kind soul(s) please direct us in locating the best email list reading programs w/ the best features to read the centos and other lists. the CentOS list signal/noise ratio is so bad that we need something better than just outlook like clients or whatever appropriate windows and linux recommendations would be most appreciated I didn't expect this, but I am beginning to like gmail's web interface better than dedicated mail programs. I used to use fetchmail to pull it to an imap server that I managed and accessed from various clients and my phone via imap, but for an assortment of reasons I want to retire that server and recently have been accessing gmail directly through imap, the gmail phone app, and the web interface, and after configuring the options a bit the web interface seems to be winning. It now has a fuzzy concept of 'important' mail that it can display first, and its folder operations are conceptually more like tagging where 'inbox' is just another tag, although from imap they appear as typical folders.The normal thing to do with disposed mail is to 'archive' it which puts it out of sight, but it still appears in searches and threaded conversation view - and being google, they obviously have better search capability than you are going to find in your own mail client. For me, the conceptual differences are more than making up for what you lose in a web-based interface - and when you want you can always use a real client via imap as long as you don't subscribe to the massive 'all mail' folder that holds the archive. I don't do any pre-filtering or sorting since you can just archive everything and still be able to find it in a search, but the facility is there if you want it and the results appear the same via multiple imap clients, the phone app, or the web interface. And yes, I know it is all just a ploy to get you to stay logged in all the time in the browser so your google search queries are tied to your login as well as your IP, but they are really, really good at it... -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On 08/31/11 7:22 AM, Always Learning wrote:
In the current 4,000 to 6,000 daily hits, the lunatic uses
login.php
contact.php
forgotten_password.php
your 'lunatic' aka 'hacker' is undoubtably a blind script ('bot')
running on distributed previously hacked hosts, and probing a long long
list of targets of which your hosts only a tiny part of. 4000 hits a
day to 404 pages is background noise.
--
john r pierceN 37, W 122
santa cruz ca mid-left coast
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 08:07 -0700, John R Pierce wrote:
On 08/31/11 7:22 AM, Always Learning wrote:
In the current 4,000 to 6,000 daily hits, the lunatic uses
login.php
contact.php
forgotten_password.php
your 'lunatic' aka 'hacker' is undoubtably a blind script ('bot')
running on distributed previously hacked hosts, and probing a long long
list of targets of which your hosts only a tiny part of. 4000 hits a
day to 404 pages is background noise.
I would like to use the facilities in the excellent Centos operating
system to reduce hacking attacks. Implementing an IP Tables string
facility is a useful learning experience. When that works, I'll try
'recent'. Dangerous to ignore any background noise - far better to
firmly shut the door and fill-in all known holes.
Paul.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: help with email list reading programs w/ best features to read the centos and other lists that can filter people etc
Christopher, It's not an email program but I think it has the best filtering capabilities of all - the brain. umm, yeah, exactly, i want to use my brain to program certain peoples posts from never reaching my eyeballs arent they called threaded email readers? i really didnt find much on the www yet maybe i should have been looking for old style nntp type readers? maybe that is what i need to check into Huh? What signal/noise ratio? I don't see any of the usual can't be bother to read manuals/to use google suspects...unless you're complaining about our most recent top poster... obviously signal/noise is always relevant and your tolerance is different than ours. sometimes people on the list just get beligerant, drunk, and/or stupid and need to be filtered. - rh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
John R Pierce wrote:
On 08/31/11 7:22 AM, Always Learning wrote:
In the current 4,000 to 6,000 daily hits, the lunatic uses
login.php
contact.php
forgotten_password.php
your 'lunatic' aka 'hacker' is undoubtably a blind script ('bot')
running on distributed previously hacked hosts, and probing a long long
list of targets of which your hosts only a tiny part of. 4000 hits a
day to 404 pages is background noise.
Maybe not, for a small website. However, let me re-suggest fail2ban, with
three lines from one of our config files:
failregex = HOST -.*GET .*(php|pma|PMA|p/m/a|db|sql|admin).*/(config/c
onfig\.inc|main)\.php.*.*404.*
^HOST -.*GET .*(phpmyadmin).*\.php.*.*404.*
^HOST -.*GET /w00tw00t\.at
mark
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache warns Web server admins of DoS attack tool
On Wed, Aug 31, 2011 at 4:32 AM, Karanbir Singh mail-li...@karan.org wrote: On 08/30/2011 11:33 PM, Thomas Harold wrote: Someday, perhaps we'll end up back on an authenticated version of NNTP, with support for bbcode, images, and the front end reader of your choice... Thats quite a good idea - and something that we explored at length when looking for a replacement software for the existing forums. And while that would be nice to have, reduce content duplication and assert some level of authority across venues etc, its still not really the master-solution. Unless there are hub sites that aggregate all the feeds this sounds like it would require per-target, per-client, per-platform configuration to set up authenticated access, which would be fairly horrible for anyone who likes to use multiple programs on multiple devices to access a large number of sites. And inventing a new protocol for programs that don't exist to do something that many of us think is already handled correctly by email probably isn't a great idea. The bridge would be good to have, but there are lots of people who chose a venue to work with based on their own expectations, comfort level and media they prefer working with. In some cases, like the people here on the list - mailing lists are the way to go. Others prefer to use the forums. While plenty hang out on IRC. Lets not take the choice away from people. I still think rss could work with existing aggregators like google reader to make forum reading tolerable and clicking through to reply not too annoying, but the feed needs to include the whole posting or enough to catch most of them without having to click through. Is that something that can be configured? I tried to look on the xoops newbb site but their rss feed actually just gives an error which doesn't look promising. Also, it would be nice if the web side had a mobile view so you didn't have to zoom in to be able to read each article when you click through on a phone. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 11:16 -0400, m.r...@5-cent.us wrote: Maybe not, for a small website. However, let me re-suggest fail2ban, with three lines from one of our config files: failregex = HOST -.*GET .*(php|pma|PMA|p/m/a|db|sql|admin).*/(config/c onfig\.inc|main)\.php.*.*404.* ^HOST -.*GET .*(phpmyadmin).*\.php.*.*404.* ^HOST -.*GET /w00tw00t\.at Mark, Looking at your example seems to suggest Fail2Ban is an 'after the event' response. I would like to implement 'before the event' filtering which prevents, even on the first detected hacking attempt, anything reaching HTTPD. Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On 8/31/2011 11:22 AM, Always Learning wrote: On Wed, 2011-08-31 at 11:16 -0400, m.r...@5-cent.us wrote: Maybe not, for a small website. However, let me re-suggest fail2ban, with three lines from one of our config files: failregex = HOST -.*GET .*(php|pma|PMA|p/m/a|db|sql|admin).*/(config/c onfig\.inc|main)\.php.*.*404.* ^HOST -.*GET .*(phpmyadmin).*\.php.*.*404.* ^HOST -.*GET /w00tw00t\.at Mark, Looking at your example seems to suggest Fail2Ban is an 'after the event' response. I would like to implement 'before the event' filtering which prevents, even on the first detected hacking attempt, anything reaching HTTPD. I assume this is an Apache server. Have you looked at mod_security (http://www.modsecurity.org/)? It is available from the epel repository. There is a bit of a learning curve to get it running, but it protects against a ton of hacking attempts. -- Bowie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 11:29 -0400, Bowie Bailey wrote: I assume this is an Apache server. Have you looked at mod_security (http://www.modsecurity.org/)? It is available from the epel repository. There is a bit of a learning curve to get it running, but it protects against a ton of hacking attempts. Thank you very much for that helpful suggestion. I'll look now. Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
Always Learning wrote: On Wed, 2011-08-31 at 11:16 -0400, m.r...@5-cent.us wrote: Maybe not, for a small website. However, let me re-suggest fail2ban, with three lines from one of our config files: failregex = HOST -.*GET .*(php|pma|PMA|p/m/a|db|sql|admin).*/(config/c onfig\.inc|main)\.php.*.*404.* ^HOST -.*GET .*(phpmyadmin).*\.php.*.*404.* ^HOST -.*GET /w00tw00t\.at Looking at your example seems to suggest Fail2Ban is an 'after the event' response. I would like to implement 'before the event' filtering which prevents, even on the first detected hacking attempt, anything reaching HTTPD. It is an after the event: after 3? 5? (I forget the default, but that can be configured), it adds a rule to iptables to ban that IP for a limited time. That, too, can be changed; I haven't done it, but I'd be surprised if you can't configure it to ban that IP permanently. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: help with email list reading programs w/ best features to read the centos and other lists that can filter people etc
On Wed, Aug 31, 2011 at 10:15 AM, R - elists list...@abbacomm.net wrote: sometimes people on the list just get beligerant, drunk, and/or stupid and need to be filtered. But filters tend to be stupid as well. And once you are involved in a conversation you should have a certain responsibility to follow it to the bitter end. Filters mostly don't understand that (but gmail will push a reply to your own message into the 'important' view). -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] new memory not getting regonized
On Tue, Aug 30, 2011 at 03:30:46PM +0200, Dennis Jacobfeuerborn wrote: On 08/27/2011 09:12 PM, sylvan.dcu...@gmail.com wrote: Dear Dennis, Thanks a lot for the wise reply.. really did boost my knowledge.. honestly was unware of the fact that dom0 is just like another VM ... Anyway I had never restricted dom0 mem and since my 4 vms were working fine with no issues i never bothered much. Yes, this is different from KVM where the VMs really are just normal processes on the host system and the host system itself isn't a VM. On a Xen system if you look at /etc/grub.conf you'll notice that it looks slightly different than on a non-virtualized system. Specifically you'll find the following line: kernel /xen.gz-2.6.18-164.el5 That's the actual hypervisor and really the host system and once started it will basically start dom0 and give it special privileges. So Dom0 and the DomU's all run on top of the actual hypervisor. It was only after I added more 32 gb to existing 32 gb i did realise the above issue.. Apparently dom0 has a 32G limit but that shouldn't be an issue unless you actually really require more than 32G specifically for dom0 and not the VMs. anyway I will try to restrict my dom0 to 1 GB ... and check it out. Remember that the problems with the dynamic memory management are most likely fixed nowadays so the limitation is not strictly necessary. But then 1G will probably be more than enough for dom0 so it doesn't really hurt either. Still today you should dedicate a fixed amount of memory for dom0! say, 1GB, or so. It's because of how Linux kernel allocates (and wastes) page struct memory: http://wiki.xen.org/xenwiki/XenBestPractices -- Pasi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On 08/31/11 8:22 AM, Always Learning wrote: Looking at your example seems to suggest Fail2Ban is an 'after the event' response. I would like to implement 'before the event' filtering which prevents, even on the first detected hacking attempt, anything reaching HTTPD. so you want another piece of software to parse the http protocol and analyze the traffic, before passing it on to your web server, which is going to parse the http protocol and deliver content? good luck with that. of course, to even consider doing such you would have to, in very precise terms, define exactly what comprises a 'hacking attempt'. do you give this filter a list of all valid URLs and trigger your block on any that aren't on that list? anyways, the design of such would better be discussed on a security tools mail list as its a very general topic, there's nothing here even remotely centos specific. -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: help with email list reading programs w/ best features to read the centos and other lists that can filter people etc
But filters tend to be stupid as well. And once you are involved in a conversation you should have a certain responsibility to follow it to the bitter end. Filters mostly don't understand that (but gmail will push a reply to your own message into the 'important' view). i hear ya Les thing is, the term plonk from a most recent post reminded me what i am looking for, ie killfile ...i just have to figure out how to best implement. now, please dont get me wrong, ive made a mistake or three on lists, yet gave apology. i am suprised that more folks havent spoken up about favorite threaded email readers or has everyone just gone to Thunderbird or other similar? reason: some say changing subject or hijacking messes things up... - rh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On 8/31/2011 11:32 AM, Always Learning wrote: On Wed, 2011-08-31 at 11:29 -0400, Bowie Bailey wrote: I assume this is an Apache server. Have you looked at mod_security (http://www.modsecurity.org/)? It is available from the epel repository. There is a bit of a learning curve to get it running, but it protects against a ton of hacking attempts. Thank you very much for that helpful suggestion. I'll look now. Just keep a close eye on it at first. The current version tends to be *very* aggressive. I had to modify or disable several rules to get it to play nice with my websites. -- Bowie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 08:41 -0700, John R Pierce wrote: On 08/31/11 8:22 AM, Always Learning wrote: Looking at your example seems to suggest Fail2Ban is an 'after the event' response. I would like to implement 'before the event' filtering which prevents, even on the first detected hacking attempt, anything reaching HTTPD. so you want another piece of software to parse the http protocol and analyze the traffic, before passing it on to your web server, which is going to parse the http protocol and deliver content? good luck with that. No I do not want another piece of software to parse the http protocol and analyze the traffic. IT Tables, in which I have great confidence and trust, can do it. Thank you for your 'good luck' wishes. of course, to even consider doing such you would have to, in very precise terms, define exactly what comprises a 'hacking attempt'. do you give this filter a list of all valid URLs and trigger your block on any that aren't on that list? My definition: a hacking attempt is deliberately, meaning not a typing error, sending an invalid web page request. Obviously one should exclude the 'standard' wrong URLs issued by some software like the M$ Office responses and crossdomain requests. Inspection in IP Tables is performed before the data is passed to HTTPD. Therefore it is impossible to determine, at that point in the transmission process, the validity of incoming HTTP requests. Only HTTPD can decide that issue. anyways, the design of such would better be discussed on a security tools mail list as its a very general topic, there's nothing here even remotely centos specific. IP Tables is and Centos Ops or Sys Admins or others may wish to deploy the IP Tables blocking suggestion. Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 11:51 -0400, Bowie Bailey wrote: On 8/31/2011 11:32 AM, Always Learning wrote: On Wed, 2011-08-31 at 11:29 -0400, Bowie Bailey wrote: I assume this is an Apache server. Have you looked at mod_security (http://www.modsecurity.org/)? It is available from the epel repository. There is a bit of a learning curve to get it running, but it protects against a ton of hacking attempts. Thank you very much for that helpful suggestion. I'll look now. Just keep a close eye on it at first. The current version tends to be *very* aggressive. I had to modify or disable several rules to get it to play nice with my websites. Thank you. Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On 08/31/11 9:00 AM, Always Learning wrote: No I do not want another piece of software to parse the http protocol and analyze the traffic. IT Tables, in which I have great confidence and trust, can do it. iptables will filter on packet headers and such at layer 3, it can't and won't analyze the content of packets, regardless of your emotional attachments. of course, to even consider doing such you would have to, in very precise terms, define exactly what comprises a 'hacking attempt'. do you give this filter a list of all valid URLs and trigger your block on any that aren't on that list? My definition: a hacking attempt is deliberately, meaning not a typing error, sending an invalid web page request. Obviously one should exclude the 'standard' wrong URLs issued by some software like the M$ Office responses and crossdomain requests. I said precisely. computers don't understand 'deliberate' vs 'typing error', those are subjective measures. -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Error installing latest CentOS kernel from %post section of kickstart
I'm running the command yum -y update from a script called from the the post section of my kickstart config file, and I get the following error: Installing : kernel-2.6.32-71.29.1.el6.i686 185/378 grubby fatal error: unable to find a suitable template After the install, if I log in to the system and remove that RPM and then re-install it with yum install kernel, the grub.conf file is updated correctly. Any ideas why this might be failing from kickstart? Anyone else seen this? Alfred ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
UPDATE: I started with kernel 2.6.35.4 #2 and lsmod | grep ipt = ipt_LOG 5419 2. My service provider produced a replacement kernel 2.6.24-28-xen #1. Now lsmod | grep ipt reveals .. ipt_LOG 8192 2 iptable_filter 4608 1 ip_tables 24232 1 iptable_filter x_tables 23432 5 xt_string,ipt_LOG,xt_state,xt_tcpudp,ip_tables and, to my personal joy and pleasure, iptables -A -p tcp -m string --algo bm --string 'login' -j DROP is accepted by IP Tables. Thank you to everyone who contributed to this thread. With best regards, Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: help with email list reading programs w/ best features to read the centos and other lists that can filter people etc
On Wed, Aug 31, 2011 at 10:48 AM, R - elists list...@abbacomm.net wrote: But filters tend to be stupid as well. And once you are involved in a conversation you should have a certain responsibility to follow it to the bitter end. Filters mostly don't understand that (but gmail will push a reply to your own message into the 'important' view). i hear ya Les thing is, the term plonk from a most recent post reminded me what i am looking for, ie killfile ...i just have to figure out how to best implement. now, please dont get me wrong, ive made a mistake or three on lists, yet gave apology. i am suprised that more folks havent spoken up about favorite threaded email readers or has everyone just gone to Thunderbird or other similar? reason: some say changing subject or hijacking messes things up... Threads really only matter when responses are slow enough that you forget the context - in which case you probably aren't all that interested anyway. With thunderbird I normally don't use a threaded view but sometimes flip to it (which is sort of awkward except on a Mac where you can use OS facilities to map a key to a multi-step operation). But in gmail I do like their normal 'conversation' presentation where the previously read messages are mostly hidden but accessible with a click and the unread messages are all opened together with large blocks of quoted text mostly hidden. I'm used to reading 'backwards' in time order so I know what has already been answered, but the gmail view is a little nicer to see the new portion in order and in context. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 09:11 -0700, John R Pierce wrote: iptables will filter on packet headers and such at layer 3, it can't and won't analyze the content of packets, regardless of your emotional attachments. I believe IP Tables '-m string' will. If you think the custodians and maintainers of IP Tables are making untrue claims, you may wish to acquaint them with your disbelieve. However it might be prudent for you to read the following before telling the IP Tables folks they are wrong. http://www.netfilter.org/ Net Filter : The Home of IP Tables http://ipset.netfilter.org/iptables.man.html The IP Tables Manual http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html Frozentux : Detailed Technical Explanation of TCP/UCP and IP Tables (2006) http://wiki.archlinux.org/index.php/Simple_stateful_firewall_HOWTO Arch Linux : How To http://wiki.centos.org/HowTos/Network/IPTables Centos How-To : IP Tables http://www.centos.org/docs/5/html/5.2/Deployment_Guide/ch-iptables.html Centos Deployment Guide : Section 43.9 I said precisely. computers don't understand 'deliberate' vs 'typing error', those are subjective measures. Wrong. Some can be determined by machine searching for 'known' invalid URL strings which are not remotely similar to valid web page names. Obviously this is site dependant. For example which accidentally typed URL contains login.php or password.php when nothing like those names are used in valid web page names ? -- With best regards, Paul. England, EU. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wednesday, August 31, 2011 11:15:20 AM Always Learning wrote: Dangerous to ignore any background noise - far better to firmly shut the door and fill-in all known holes. The unknown holes are the ones that will get you. You are also setting yourself up for a denial-of-service vector. Refresh yourself on the three-way TCP handshake and how HTTP is embedded in that and be enlightened (IOW, there is a connection allready set up and a listener thread connected by the time the GET HTTP directive is issued). Also understand that IP address spoofing is fairly common... and within the reach of the most green script kiddie. The fail2ban solution, while it is somewhat of a 'shut the barn door after the horses are out' thing, is less likely to cause a DoS. And it will likely prevent escalation, which is what you're really after. Plus, you'll want to see how much of a load the string matching at the IPtables level puts on your VPS; it may be enough to create a DoS vector there, too. On today's Internet you are simply not going to catch 100% of the attacks, full stop. You can mitigate them (SELinux is one tool in the mitigation arsenal, as is fail2ban and IPtables). But that is all. You will be attacked; that is axiomatic on today's Internet. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On 08/31/11 9:32 AM, Always Learning wrote: Wrong. Some can be determined by machine searching for 'known' invalid URL strings which are not remotely similar to valid web page names. there's an infinite number of invalid strings, and only a finite number of valid ones. anyways, your webserver already filters these out, its not going to respond to an invalid URL with anything other than '404'. thats its job. -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 10:17 -0700, John R Pierce wrote: anyways, your webserver already filters these out, its not going to respond to an invalid URL with anything other than '404'. thats its job. The 'error' is trapped; a PHP routine examines the URL for known (in a list) hacker strings; if an established 'hacker' string is detected the site's .htaccess file is updated with a 'deny from' statement; in all instances an email is sent to the systems' monitor. Oh, and a suitable customised web page is displayed in response. An improvement is the real-time adding of block IP commands to IP Tables. Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, Aug 31, 2011 at 12:17 PM, John R Pierce pie...@hogranch.com wrote: Wrong. Some can be determined by machine searching for 'known' invalid URL strings which are not remotely similar to valid web page names. there's an infinite number of invalid strings, and only a finite number of valid ones. anyways, your webserver already filters these out, its not going to respond to an invalid URL with anything other than '404'. thats its job. The idea isn't as crazy as it sounds - expensive firewalls offer the option to block URLs including known exploits and it is a much faster way to protect a farm of servers behind it than waiting for the OS vendor to come up with a service pack to make the servers less vulnerable. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 13:01 -0400, Lamar Owen wrote: On today's Internet you are simply not going to catch 100% of the attacks, full stop. Rather than being a willing or passive victim to 100% of the attacks, I aim to reduce the penetrability of most of them. Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On 08/31/11 10:33 AM, Always Learning wrote: Rather than being a willing or passive victim to 100% of the attacks, I aim to reduce the penetrability of most of them. an attempted access of a non-vunerability won't be any more effective the millionth time its run than the first time. its the unknown vunerabilities that get you, and your approach will do nothing for these. -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 10:38 -0700, John R Pierce wrote: On 08/31/11 10:33 AM, Always Learning wrote: Rather than being a willing or passive victim to 100% of the attacks, I aim to reduce the penetrability of most of them. an attempted access of a non-vunerability won't be any more effective the millionth time its run than the first time. It can be effective especially if the IP address is blocked (indefinitely or temporarily). its the unknown vunerabilities that get you, and your approach will do nothing for these. Wrong because the IP address used for the unknown attack may have been blocked previously by the procedures already described. Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Question re: CentOS-6.0, KVM, and /dev/sr0
On Tue, August 30, 2011 18:57, psprojectplann...@gmail.com wrote: On 29/08/2011 15:46, James B. Byrne wrote: I am experimenting with KVM and I wish to create a virtual machine image in a logical volume. I can create the new lv without problem but when I go to format its file system then I get these warnings: Warning: WARNING: the kernel failed to re-read the partition table on /dev/sda (Device or resource busy). As a result, it may not reflect all of your changes until after reboot. . . . The favour of a direct copy of any reply to the mailing list is requested as I am a digest subscriber. You do not need to reboot every time you adjust a Logical Volume. Do you also need to format the file system for a KVM guest's Logical Volume? I formatted the new lv as ext4. I'm currently juggling servers to try and get a free machine to test KVM on Centos 6, but i have recently found, with another RHEL clone I'm testing, that if you do not set up the LogVol with virsh or i suppose virt-manager you will have issues getting the guest machines to run. I am using virt-manager to set up the vms If you look at chapter 26.1.4.1 26.1.4.2 of the Red Hat Visualization Guide, for RHEL6, it explains how to use fdisk to create an partition for the Logical Volume, set it to a Linux LVM type and create the storage pool for the KVM guests (page 217 218). I am using that guide and I thank you for the specific reference. Nonetheless, I had the same problems when I used fdisk. On my current RHEL clone test system, to create the VolGroup / Storage pool i used the virsh commands on pages 222 223 of the Red Hat Visualization Guide (which were similar to the following): # virsh pool-define-as guest_images_lvm logical - - /dev/cciss/c0d0p3 libvirt_lvm /dev/libvirt_lvm # virsh pool-build VolGroupGuests # virsh pool-start guest_images_lvm # virsh pool-autostart guest_images_lvm # virsh pool-list --all Name State Autostart - guest_images_lvm active yes To create the actual logical volume for the virtual machine I used the following command: # virsh --connect qemu:///system vol-create-as guest_images_lvm volume1 20G I don't remember formatting a file system prior to installing the KVM guest, but new i am new to KVM and I'm experimenting as well. jk I believe that the main problem I experienced was due to a change in the behaviour of virt-manager from 5.6 to 6.0. A change that I consider a defect and have reported as Bug 734529. Essentially, the parted error messages are meaningless insofar as the new lv is indeed properly formatted and found and mounted as is shown in the output of parted -l Model: Linux device-mapper (linear) (dm) Disk /dev/mapper/vg_inet02-lv_guest01: 129GB Sector size (logical/physical): 512B/512B Partition Table: loop Number Start EndSize File system Flags 1 0.00B 129GB 129GB ext4 I have no idea what is causing the errors to be reported by parted but it evidently has no impact on the result. However, the behaviour of virtual machine manager has changed so that it no longer permits the operator to specific an alternate location and image file name, unless that file already exists. What happens is that if one chooses to navigate to an alternate location, say /var/vms/lv_guest_01, in the file browser; and if that location has no content, then the file browser enters an indefinite wait state which can only be ended by navigating to somewhere else in the file system that has content. In 5.6, one could navigate to an empty directory and then supply a new file name which would be used to hold the new image. In 6.0 one must first create that file name in the desired location and only then can the virtual machine manager use it to save the new image because only then can it be selected in the file browser. Otherwise, one has to enter the host's storage options and add storage volumes there. This appears at first blush to give equivalent functionality to the old behaviour but it is far from being obvious to the user. It was the combination of the parted errors and encountering the unexpected behaviour of the virtual machine manager that had me confused. I inferred that the second issue was consequential to the first when in fact the first had no effect and neither had anything to do with the other. -- *** E-Mail is NOT a SECURE channel *** James B. Byrnemailto:byrn...@harte-lyne.ca Harte Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wednesday, August 31, 2011 01:33:31 PM Always Learning wrote: Rather than being a willing or passive victim to 100% of the attacks, I aim to reduce the penetrability of most of them. Getting the last 10% will cost you 90% of your time. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 13:55 -0400, Lamar Owen wrote: On Wednesday, August 31, 2011 01:33:31 PM Always Learning wrote: Rather than being a willing or passive victim to 100% of the attacks, I aim to reduce the penetrability of most of them. Getting the last 10% will cost you 90% of your time. I'll be satisfied with 99% and that time and effort investment can be introduced on multiple servers and VPS and, when suitable, on laptops etc. Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS 6, KDE 4: bad DNS traffic
On my new CentOS 6, KDE 4, running WireShark I see what appears to be frequent nonsensical DNS queries, for example: settings-personal.desktop and settings-system.desktop. The DNS response is always:No such name. Do tell! These appear especially when I click on things on the KDE menus. On my old CentOS 5 box, on the same LAN, I see no such thing. I note that I have replaced the original /etc/hosts with my own. Might these have been resolved in the original? Thanks for your comments. Mike. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Error installing latest CentOS kernel from %post section of kickstart
On 31/08/11 17:12, Alfred von Campe wrote: I'm running the command yum -y update from a script called from the the post section of my kickstart config file, and I get the following error: Installing : kernel-2.6.32-71.29.1.el6.i686 185/378 grubby fatal error: unable to find a suitable template After the install, if I log in to the system and remove that RPM and then re-install it with yum install kernel, the grub.conf file is updated correctly. Any ideas why this might be failing from kickstart? Anyone else seen this? Alfred Yes, it's a known issue: https://www.redhat.com/archives/rhelv6-list/2011-January/msg6.html https://bugzilla.redhat.com/show_bug.cgi?id=625216 https://bugzilla.redhat.com/show_bug.cgi?id=657257 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] new memory not getting regonized
On 08/31/2011 05:38 PM, Pasi Kärkkäinen wrote: On Tue, Aug 30, 2011 at 03:30:46PM +0200, Dennis Jacobfeuerborn wrote: On 08/27/2011 09:12 PM, sylvan.dcu...@gmail.com wrote: Dear Dennis, Thanks a lot for the wise reply.. really did boost my knowledge.. honestly was unware of the fact that dom0 is just like another VM ... Anyway I had never restricted dom0 mem and since my 4 vms were working fine with no issues i never bothered much. Yes, this is different from KVM where the VMs really are just normal processes on the host system and the host system itself isn't a VM. On a Xen system if you look at /etc/grub.conf you'll notice that it looks slightly different than on a non-virtualized system. Specifically you'll find the following line: kernel /xen.gz-2.6.18-164.el5 That's the actual hypervisor and really the host system and once started it will basically start dom0 and give it special privileges. So Dom0 and the DomU's all run on top of the actual hypervisor. It was only after I added more 32 gb to existing 32 gb i did realise the above issue.. Apparently dom0 has a 32G limit but that shouldn't be an issue unless you actually really require more than 32G specifically for dom0 and not the VMs. anyway I will try to restrict my dom0 to 1 GB ... and check it out. Remember that the problems with the dynamic memory management are most likely fixed nowadays so the limitation is not strictly necessary. But then 1G will probably be more than enough for dom0 so it doesn't really hurt either. Still today you should dedicate a fixed amount of memory for dom0! say, 1GB, or so. It's because of how Linux kernel allocates (and wastes) page struct memory: http://wiki.xen.org/xenwiki/XenBestPractices Very good to know. Thanks for the information! Regards, Dennis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6, KDE 4: bad DNS traffic
On Wed, 31 Aug 2011, Michael D. Berger wrote: On my new CentOS 6, KDE 4, running WireShark I see what appears to be frequent nonsensical DNS queries, for example: settings-personal.desktop and settings-system.desktop. The DNS response is always:No such name. Do tell! These appear especially when I click on things on the KDE menus. On my old CentOS 5 box, on the same LAN, I see no such thing. I note that I have replaced the original /etc/hosts with my own. Might these have been resolved in the original? Random stab in the dark... Are you running the autofs with /net or similar configured? jh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 19:00 +0100, Always Learning wrote: On Wed, 2011-08-31 at 13:55 -0400, Lamar Owen wrote: On Wednesday, August 31, 2011 01:33:31 PM Always Learning wrote: Rather than being a willing or passive victim to 100% of the attacks, I aim to reduce the penetrability of most of them. Still useless: it is not the attacks that you know about and that show themselves as errors in your logs (and filter from the log, that is the only gain), but those where you have a real security hole that you have to worry about. And those will be exploited from one of the many other bots in the hackers botnet. An empty log may give you a nice feeling of security, but it is false... A lot of work, but very little if any gain. Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6, KDE 4: bad DNS traffic
On Wed, 31 Aug 2011 20:02:09 +0100, John Hodrien wrote: On Wed, 31 Aug 2011, Michael D. Berger wrote: On my new CentOS 6, KDE 4, running WireShark I see what appears to be frequent nonsensical DNS queries, for example: settings-personal.desktop and settings-system.desktop. The DNS response is always:No such name. Do tell! These appear especially when I click on things on the KDE menus. On my old CentOS 5 box, on the same LAN, I see no such thing. I note that I have replaced the original /etc/hosts with my own. Might these have been resolved in the original? Random stab in the dark... Are you running the autofs with /net or similar configured? jh How would I know? I get nothing from: ps -ef | grep -i autofs yum -y list installed | grep -i autofs Mike. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] dealing with spoofing
Here's a thought I just thunk, folks: some scum, apparently in eastern Europe, has harvested my email, and is using it in the Reply-To: in its spamming efforts. Now, I realize that some mails go out from noreply, but other than that, is there a good reason why a mailserver would not be configured to send delivery failure to *both* Reply-To and From? mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6, KDE 4: bad DNS traffic
Michael D. Berger wrote: On Wed, 31 Aug 2011 20:02:09 +0100, John Hodrien wrote: On Wed, 31 Aug 2011, Michael D. Berger wrote: On my new CentOS 6, KDE 4, running WireShark I see what appears to be frequent nonsensical DNS queries, for example: settings-personal.desktop and settings-system.desktop. The DNS response is always:No such name. Do tell! These appear especially when I click on things on the KDE menus. On my old CentOS 5 box, on the same LAN, I see no such thing. I note that I have replaced the original /etc/hosts with my own. Might these have been resolved in the original? Random stab in the dark... Are you running the autofs with /net or similar configured? How would I know? I get nothing from: ps -ef | grep -i autofs yum -y list installed | grep -i autofs Does rpm -qi autofs show nothing? If so, I'm a tad surprised, since that takes care of not only nfs but also CD/DVDs and USB keys. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
On 08/31/2011 01:16 PM, m.r...@5-cent.us wrote: Here's a thought I just thunk, folks: some scum, apparently in eastern Europe, has harvested my email, and is using it in the Reply-To: in its spamming efforts. Now, I realize that some mails go out from noreply, but other than that, is there a good reason why a mailserver would not be configured to send delivery failure to *both* Reply-To and From? There are two parts to an email that relate to routing; envelope header and email header. The only consideration given to routing is the envelope header which has sender and recipient, nothing else. Reply-To is part of the email header and is there for the email client to use. (See RFCs 2821, 2822.) HTH, -- Josh Miller Open Source Solutions Architect http://itsecureadmin.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
Here's a thought I just thunk, folks: some scum, apparently in eastern Europe, has harvested my email, and is using it in the Reply-To: in its spamming efforts. Now, I realize that some mails go out from noreply, but other than that, is there a good reason why a mailserver would not be configured to send delivery failure to *both* Reply-To and From? You don't want to send rejects to more than one address 'cos you then have a simple message multiplier; send one message, generate two bounces; the mail server will be doubling the back-scatter problem! Anyway, the SMTP server should send the delivery failure to the envelope address, which may be different to both the From and Reply-To addresses. -- rgds Stephen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
Stephen Harris wrote: Here's a thought I just thunk, folks: some scum, apparently in eastern Europe, has harvested my email, and is using it in the Reply-To: in its spamming efforts. Now, I realize that some mails go out from noreply, but other than that, is there a good reason why a mailserver would not be configured to send delivery failure to *both* Reply-To and From? You don't want to send rejects to more than one address 'cos you then have a simple message multiplier; send one message, generate two bounces; the mail server will be doubling the back-scatter problem! Anyway, the SMTP server should send the delivery failure to the envelope address, which may be different to both the From and Reply-To addresses. That would be lovely. Unfortunately, a high percentage seem to use the Reply-To address. Trust me, the last four or five months, I've gotten probably hundreds, if not more, of delivery failures. And I wind up at least glancing at them, in case email to this list, or to a friend, has bounced. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
Spam filter that'll authorize the sending before receiving? Just a thought to stop the hundreds of emails... On Wed, Aug 31, 2011 at 4:27 PM, m.r...@5-cent.us wrote: Stephen Harris wrote: Here's a thought I just thunk, folks: some scum, apparently in eastern Europe, has harvested my email, and is using it in the Reply-To: in its spamming efforts. Now, I realize that some mails go out from noreply, but other than that, is there a good reason why a mailserver would not be configured to send delivery failure to *both* Reply-To and From? You don't want to send rejects to more than one address 'cos you then have a simple message multiplier; send one message, generate two bounces; the mail server will be doubling the back-scatter problem! Anyway, the SMTP server should send the delivery failure to the envelope address, which may be different to both the From and Reply-To addresses. That would be lovely. Unfortunately, a high percentage seem to use the Reply-To address. Trust me, the last four or five months, I've gotten probably hundreds, if not more, of delivery failures. And I wind up at least glancing at them, in case email to this list, or to a friend, has bounced. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
On 08/31/2011 01:27 PM, m.r...@5-cent.us wrote: Stephen Harris wrote: Here's a thought I just thunk, folks: some scum, apparently in eastern Europe, has harvested my email, and is using it in the Reply-To: in its spamming efforts. Now, I realize that some mails go out from noreply, but other than that, is there a good reason why a mailserver would not be configured to send delivery failure to *both* Reply-To and From? You don't want to send rejects to more than one address 'cos you then have a simple message multiplier; send one message, generate two bounces; the mail server will be doubling the back-scatter problem! Anyway, the SMTP server should send the delivery failure to the envelope address, which may be different to both the From and Reply-To addresses. That would be lovely. Unfortunately, a high percentage seem to use the Reply-To address. Trust me, the last four or five months, I've gotten probably hundreds, if not more, of delivery failures. And I wind up at least glancing at them, in case email to this list, or to a friend, has bounced. Mark, The Reply-To address is an optional component of the email header and is not used in email routing by mail servers. If the Reply-To is absent, mail clients compose a message to be sent to the sender listed in the From field instead. Mail server will send NDRs (non-delivery receipts) back to the envelope sender every time with no regard for From or Reply-To. -- Josh Miller Open Source Solutions Architect http://itsecureadmin.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
Josh Miller wrote: On 08/31/2011 01:27 PM, m.r...@5-cent.us wrote: Stephen Harris wrote: Here's a thought I just thunk, folks: some scum, apparently in eastern Europe, has harvested my email, and is using it in the Reply-To: in its spamming efforts. Now, I realize that some mails go out from snip Anyway, the SMTP server should send the delivery failure to the envelope address, which may be different to both the From and Reply-To addresses. That would be lovely. Unfortunately, a high percentage seem to use the Reply-To address. Trust me, the last four or five months, I've gotten The Reply-To address is an optional component of the email header and is not used in email routing by mail servers. I'm well aware that it's an optional component. snip Mail server will send NDRs (non-delivery receipts) back to the envelope sender every time with no regard for From or Reply-To. You're saying it uses the envelope, not if exists Reply-To, else From? The problem I have with that is that a few of them have returned the email, with full headers, and I see the *only* reference to my email address is in the Reply-To. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
On 08/31/2011 01:33 PM, m.r...@5-cent.us wrote: Josh Miller wrote: On 08/31/2011 01:27 PM, m.r...@5-cent.us wrote: Stephen Harris wrote: Here's a thought I just thunk, folks: some scum, apparently in eastern Europe, has harvested my email, and is using it in the Reply-To: in its spamming efforts. Now, I realize that some mails go out from snip Anyway, the SMTP server should send the delivery failure to the envelope address, which may be different to both the From and Reply-To addresses. That would be lovely. Unfortunately, a high percentage seem to use the Reply-To address. Trust me, the last four or five months, I've gotten The Reply-To address is an optional component of the email header and is not used in email routing by mail servers. I'm well aware that it's an optional component. Thank you for that clarification. snip Mail server will send NDRs (non-delivery receipts) back to the envelope sender every time with no regard for From or Reply-To. You're saying it uses the envelope, not if exists Reply-To, else From? The problem I have with that is that a few of them have returned the email, with full headers, and I see the *only* reference to my email address is in the Reply-To. You are seeing the full email headers. You will not see the envelope headers unless you capture packets or view mail server logs, etc.. -- Josh Miller Open Source Solutions Architect http://itsecureadmin.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
On 08/31/2011 01:37 PM, Josh Miller wrote: On 08/31/2011 01:33 PM, m.r...@5-cent.us wrote: Josh Miller wrote: On 08/31/2011 01:27 PM, m.r...@5-cent.us wrote: Stephen Harris wrote: Here's a thought I just thunk, folks: some scum, apparently in eastern Europe, has harvested my email, and is using it in the Reply-To: in its spamming efforts. Now, I realize that some mails go out from snip Anyway, the SMTP server should send the delivery failure to the envelope address, which may be different to both the From and Reply-To addresses. That would be lovely. Unfortunately, a high percentage seem to use the Reply-To address. Trust me, the last four or five months, I've gotten The Reply-To address is an optional component of the email header and is not used in email routing by mail servers. I'm well aware that it's an optional component. Thank you for that clarification. snip Mail server will send NDRs (non-delivery receipts) back to the envelope sender every time with no regard for From or Reply-To. You're saying it uses the envelope, not if exists Reply-To, else From? The problem I have with that is that a few of them have returned the email, with full headers, and I see the *only* reference to my email address is in the Reply-To. You are seeing the full email headers. You will not see the envelope headers unless you capture packets or view mail server logs, etc.. Mark, Why don't you use your SPF record to prevent spoofing (to most providers...)? dig -t txt 5-cent.us ... 5-cent.us. 14400 IN TXT v=spf1 a mx ptr include:hostmonster.com ?all ... You have one but you're not using it to prevent spoofing. -- Josh Miller Open Source Solutions Architect http://itsecureadmin.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
On Wed, Aug 31, 2011 at 04:27:00PM -0400, m.r...@5-cent.us wrote: Stephen Harris wrote: Anyway, the SMTP server should send the delivery failure to the envelope address, which may be different to both the From and Reply-To addresses. That would be lovely. Unfortunately, a high percentage seem to use the Reply-To address. Trust me, the last four or five months, I've gotten probably hundreds, if not more, of delivery failures. And I wind up at least glancing at them, in case email to this list, or to a friend, has bounced. Envelopes can be forged just as easily as any header. -- rgds Stephen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
On 8/31/2011 4:37 PM, Josh Miller wrote: On 08/31/2011 01:33 PM, m.r...@5-cent.us wrote: You're saying it uses the envelope, not if exists Reply-To, else From? The problem I have with that is that a few of them have returned the email, with full headers, and I see the *only* reference to my email address is in the Reply-To. You are seeing the full email headers. You will not see the envelope headers unless you capture packets or view mail server logs, etc.. Actually, what you are interested in is the envelope sender that the remote server saw. And there is no way for you to see that unless you have access to the remote server's logs. -- Bowie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
http://www.openspf.org/Introduction - SPF FTW On Wed, Aug 31, 2011 at 4:47 PM, Stephen Harris li...@spuddy.org wrote: On Wed, Aug 31, 2011 at 04:27:00PM -0400, m.r...@5-cent.us wrote: Stephen Harris wrote: Anyway, the SMTP server should send the delivery failure to the envelope address, which may be different to both the From and Reply-To addresses. That would be lovely. Unfortunately, a high percentage seem to use the Reply-To address. Trust me, the last four or five months, I've gotten probably hundreds, if not more, of delivery failures. And I wind up at least glancing at them, in case email to this list, or to a friend, has bounced. Envelopes can be forged just as easily as any header. -- rgds Stephen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
On 08/31/2011 01:48 PM, Bowie Bailey wrote: On 8/31/2011 4:37 PM, Josh Miller wrote: On 08/31/2011 01:33 PM, m.r...@5-cent.us wrote: You're saying it uses the envelope, not if exists Reply-To, else From? The problem I have with that is that a few of them have returned the email, with full headers, and I see the *only* reference to my email address is in the Reply-To. You are seeing the full email headers. You will not see the envelope headers unless you capture packets or view mail server logs, etc.. Actually, what you are interested in is the envelope sender that the remote server saw. And there is no way for you to see that unless you have access to the remote server's logs. That is not true as the remote server will present the envelope header to your mail server upon connection. -- Josh Miller Open Source Solutions Architect http://itsecureadmin.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
Josh Miller wrote: On 08/31/2011 01:37 PM, Josh Miller wrote: On 08/31/2011 01:33 PM, m.r...@5-cent.us wrote: Josh Miller wrote: On 08/31/2011 01:27 PM, m.r...@5-cent.us wrote: Stephen Harris wrote: Here's a thought I just thunk, folks: some scum, apparently in eastern Europe, has harvested my email, and is using it in the Reply-To: in its spamming efforts. Now, I realize that some snip Anyway, the SMTP server should send the delivery failure to the envelope address, which may be different to both the From and Reply-To addresses. snip Why don't you use your SPF record to prevent spoofing (to most providers...)? dig -t txt 5-cent.us ... 5-cent.us. 14400 IN TXT v=spf1 a mx ptr include:hostmonster.com ?all ... You have one but you're not using it to prevent spoofing. Um, because I'm not that deep into that? Thank you, I'll look at setting that up. One question: is that in my registrar, or my hosting site? Given it's an MX record, I'm guessing it's the former. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
On 08/31/2011 01:57 PM, m.r...@5-cent.us wrote: Josh Miller wrote: On 08/31/2011 01:37 PM, Josh Miller wrote: On 08/31/2011 01:33 PM, m.r...@5-cent.us wrote: Josh Miller wrote: On 08/31/2011 01:27 PM, m.r...@5-cent.us wrote: Stephen Harris wrote: Here's a thought I just thunk, folks: some scum, apparently in eastern Europe, has harvested my email, and is using it in the Reply-To: in its spamming efforts. Now, I realize that some snip Anyway, the SMTP server should send the delivery failure to the envelope address, which may be different to both the From and Reply-To addresses. snip Why don't you use your SPF record to prevent spoofing (to most providers...)? dig -t txt 5-cent.us ... 5-cent.us. 14400 IN TXT v=spf1 a mx ptr include:hostmonster.com ?all ... You have one but you're not using it to prevent spoofing. Um, because I'm not that deep into that? Thank you, I'll look at setting that up. One question: is that in my registrar, or my hosting site? Given it's an MX record, I'm guessing it's the former. It's a DNS record. Hostmonster is authoritative for your domain, so you'll likely use them. -- Josh Miller Open Source Solutions Architect http://itsecureadmin.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
On 8/31/2011 4:50 PM, Josh Miller wrote: On 08/31/2011 01:48 PM, Bowie Bailey wrote: On 8/31/2011 4:37 PM, Josh Miller wrote: On 08/31/2011 01:33 PM, m.r...@5-cent.us wrote: You're saying it uses the envelope, not if exists Reply-To, else From? The problem I have with that is that a few of them have returned the email, with full headers, and I see the *only* reference to my email address is in the Reply-To. You are seeing the full email headers. You will not see the envelope headers unless you capture packets or view mail server logs, etc.. Actually, what you are interested in is the envelope sender that the remote server saw. And there is no way for you to see that unless you have access to the remote server's logs. That is not true as the remote server will present the envelope header to your mail server upon connection. Yes, but the issue was in confirming which email address was used in that connection. If you assume that the remote server is replying to the envelope header, then yes. But if you are trying to confirm that, then you do not have enough data. You could, of course, create your own message with known (and differing) From, Reply-To, and envelope headers and watch the result. -- Bowie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 22:08 +0200, Louis Lagendijk wrote: On Wed, 2011-08-31 at 19:00 +0100, Always Learning wrote: On Wed, 2011-08-31 at 13:55 -0400, Lamar Owen wrote: On Wednesday, August 31, 2011 01:33:31 PM Always Learning wrote: Rather than being a willing or passive victim to 100% of the attacks, I aim to reduce the penetrability of most of them. Still useless: it is not the attacks that you know about and that show themselves as errors in your logs (and filter from the log, that is the only gain), but those where you have a real security hole that you have to worry about. And those will be exploited from one of the many other bots in the hackers botnet. Geachte Louis, Ik ben niet hek ook niet stom! Ik weet het wel dat it is the undetected attacks that potentially can cause most damage. Perhaps I know this better than most people because when I first got a Centos VPS, and it was doing nothing, a partially installed Horde provided a entry for some Romanians who used that server as a IRC host. It was careful reading of the logs which revealed the successful break-in. I therefore highly recommend reading the various logs because they may reveal unusual happenings. An empty log may give you a nice feeling of security, but it is false... A lot of work, but very little if any gain. Onzin. An empty log never ever gives me a sense of security because the first thing I am thinking is why is the log empty. Sensitive applications have a self-generated log stored away from the conventional logs and regularly perused. My logic to is seal-off as many potential accesses as possible. Your logic seems to be do not bother because the successful attack will be unexpected. Ik ben zeker niet eens met jouw. I certainly disagree with that philosophy. ADULT EDUCATION ADVERTISEMENT The more one does in Centos investigating things and sealing-off IPs and ports and experimenting with IP Tables etc., the more one learns about the functioning of the Centos operating system. This acquired learning evolves into skills and is beneficial. Its acquisition will encourage people to understand more about their Centos installation(s) and make them more aware of the various risks and the wonderful things Centos can offer. Hoogachtend of mvg, Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Error installing latest CentOS kernel from %post section of kickstart
On Aug 31, 2011, at 14:58, Ned Slider wrote: Yes, it's a known issue: https://www.redhat.com/archives/rhelv6-list/2011-January/msg6.html https://bugzilla.redhat.com/show_bug.cgi?id=625216 https://bugzilla.redhat.com/show_bug.cgi?id=657257 Thanks, the workarounds described in the bugzilla issues did indeed fix the problem, and this will be fixed and CentOS 6.1 when it becomes available. Alfred ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
On Wed, 2011-08-31 at 16:16 -0400, m.r...@5-cent.us wrote: Here's a thought I just thunk, folks: some scum, apparently in eastern Europe, has harvested my email, and is using it in the Reply-To: in its spamming efforts. Now, I realize that some mails go out from noreply, but other than that, is there a good reason why a mailserver would not be configured to send delivery failure to *both* Reply-To and From? May I suggest you create a sub-domain and a user name the use that in public places ? For example:- m...@xyz.5-cent.us As soon as the nasty get that email address simple change the sub-domain. If you receive your own mails (meaning run your own mail server) then do not accept emails from sites where the host name does not exist or does not resolve to the HELO / EHLO or the IP address of the sending server. There are lots of other things you can do to reduce the spam, but only if you run your own mail server or use Google to filer-out the spam. Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
On Wed, 2011-08-31 at 16:33 -0400, m.r...@5-cent.us wrote: You're saying it uses the envelope, not if exists Reply-To, else From? The problem I have with that is that a few of them have returned the email, with full headers, and I see the *only* reference to my email address is in the Reply-To. Will you tell us what mail server (MTA) is doing that ? Paul. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Unable to run yum update
Folks The system involved is a 32-bit system, installed via the net about a week ago. The command yum update encountered the following diagonstic Error: Package: yaf-1.3.2-1.el6.rf.x86_64 (@rpmforge) Requires: libfixbuf-0.9.0.so.8()(64bit) Removing: libfixbuf-0.9.0-1.el6.rf.x86_64 (@rpmforge) libfixbuf-0.9.0.so.8()(64bit) Updated By: libfixbuf-1.0.1-1.el6.rf.x86_64 (rpmforge) Not found You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest The repositories I use are: base epel extras rpmforge updates virtualbox I wonder if using priorities would help? Rpmforge is supposed to be non-conflicting, but then Please let me know what I should do. David ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dealing with spoofing
On Wed, 2011-08-31 at 13:50 -0700, Josh Miller wrote: That is not true as the remote server will present the envelope header to your mail server upon connection. Surely the FROM is ? Paul ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6, KDE 4: bad DNS traffic
On Wed, 31 Aug 2011 16:19:05 -0400, m.roth-x6lchVBUigD1P9xLtpHBDw wrote: Michael D. Berger wrote: On Wed, 31 Aug 2011 20:02:09 +0100, John Hodrien wrote: On Wed, 31 Aug 2011, Michael D. Berger wrote: On my new CentOS 6, KDE 4, running WireShark I see what appears to be frequent nonsensical DNS queries, for example: settings-personal.desktop and settings-system.desktop. The DNS response is always:No such name. Do tell! These appear especially when I click on things on the KDE menus. On my old CentOS 5 box, on the same LAN, I see no such thing. I note that I have replaced the original /etc/hosts with my own. Might these have been resolved in the original? Random stab in the dark... Are you running the autofs with /net or similar configured? How would I know? I get nothing from: ps -ef | grep -i autofs yum -y list installed | grep -i autofs Does rpm -qi autofs show nothing? If so, I'm a tad surprised, since that takes care of not only nfs but also CD/DVDs and USB keys. mark Running: rpm -qi autofs shows: package autofs not installed at levels 3 and 5. Mike. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
