date:20120614


CentOS Errata and Bugfix Advisory 2012:0738

Upstream details at : http://rhn.redhat.com/errata/RHBA-2012-0738.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
1b9fd31792bc4cf959a942d8e1ef9fb03e8a8cfa913cc62e92e014929729e4b8  
gawk-3.1.5-16.el5.i386.rpm

x86_64:
8551946d42238c5c8df44d51b82218ae66ca8a9ce9f95d1a379c8b07d61d42fa  
gawk-3.1.5-16.el5.x86_64.rpm

Source:
c863aec9045f0a9e8a629eb3df290b902d1b6cfac69098a48c2fd03f22680815  
gawk-3.1.5-16.el5.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net

___
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2012:0737 CentOS 6 corosync Update


CentOS Errata and Bugfix Advisory 2012:0737 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-0737.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 


i386:
3120b000ba613d70bc9bb9d03c7d710a80416a4426c6a232638c9c2fdc7221a2  
corosync-1.4.1-4.el6_2.3.i686.rpm
2e890b0218462dd15c17d81ea176c1704d335f1252072db10c5313c33c8e2d9b  
corosynclib-1.4.1-4.el6_2.3.i686.rpm
7449f7bb3884d39d31f6603d6db3267aa91b271e65bb64aae4a0a0fce6632aec  
corosynclib-devel-1.4.1-4.el6_2.3.i686.rpm

x86_64:
f236368bfe3539deee104eab3ce3d22f768dbb32a2129381034157ac916a59e5  
corosync-1.4.1-4.el6_2.3.x86_64.rpm
2e890b0218462dd15c17d81ea176c1704d335f1252072db10c5313c33c8e2d9b  
corosynclib-1.4.1-4.el6_2.3.i686.rpm
935cef83b9f28f16180fd972d8a58a5cdedf02938136ea1880d5e91a6164ce82  
corosynclib-1.4.1-4.el6_2.3.x86_64.rpm
7449f7bb3884d39d31f6603d6db3267aa91b271e65bb64aae4a0a0fce6632aec  
corosynclib-devel-1.4.1-4.el6_2.3.i686.rpm
b05cbe8c2c2d2e1bc686d031c1ab1df918817d6c6bb1f8ab2e4d0b148ed80c50  
corosynclib-devel-1.4.1-4.el6_2.3.x86_64.rpm

Source:
f666c63498a2b0a47474255f5bebdac27f8b19d043aeb03ee3a0dceadda61be2  
corosync-1.4.1-4.el6_2.3.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net

___
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEEA-2012:0739 CentOS 6 mlx4_ib Update


CentOS Errata and Enhancement Advisory 2012:0739 

Upstream details at : https://rhn.redhat.com/errata/RHEA-2012-0739.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 


i386:
c67537efae105b7c70f56fadaa3e34834502ab152af7a16aa3f44b383999d094  
kmod-mlx4_ib-1.0.32.269-1.el6_2.i686.rpm

x86_64:
1c64fd86aa78e8f610622ee0ead655d5c73d229e47b191403259ed2b40516c42  
kmod-mlx4_ib-1.0.32.269-1.el6_2.x86_64.rpm

Source:
777bdacc77b367a9bfb853a458cd01d968c802b41f8d4a7b79bafb135207559d  
mlx4_ib-1.0.32.269-1.el6_2.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net

___
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEEA-2012:0739 CentOS 6 mlx4_en Update


CentOS Errata and Enhancement Advisory 2012:0739 

Upstream details at : https://rhn.redhat.com/errata/RHEA-2012-0739.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 


i386:
4535fe7fca08e503ad67afe4ba8371c3def9069118ac9528647cf264012f6f43  
kmod-mlx4_en-2.0.32.269-1.el6_2.i686.rpm

x86_64:
ee92c416be5b0390a2ff481678d5d072f6038c9dfdf6e8fd1de14411cee7c0a7  
kmod-mlx4_en-2.0.32.269-1.el6_2.x86_64.rpm

Source:
59d88b1ff8d4c248ab04e36d40e4342f0c68756bfca1aa7ecd38140b4e1836d9  
mlx4_en-2.0.32.269-1.el6_2.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net

___
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2012:0740 CentOS 6 apr Update


CentOS Errata and Bugfix Advisory 2012:0740 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-0740.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 


i386:
fb234149db1d4b3ef3b6e75bbaf11d848213e4a6e0656d50364d9da8bb860d28  
apr-1.3.9-5.el6_2.i686.rpm
37b9e9870317f6ba8b3752b0aa16e1eca6ea35738f5bb8369bd2b27b8ed5  
apr-devel-1.3.9-5.el6_2.i686.rpm

x86_64:
fb234149db1d4b3ef3b6e75bbaf11d848213e4a6e0656d50364d9da8bb860d28  
apr-1.3.9-5.el6_2.i686.rpm
6fa37b8f1ff2dabec810dd59e5b1de60660187755725d9de5f303fbfd8eb0366  
apr-1.3.9-5.el6_2.x86_64.rpm
37b9e9870317f6ba8b3752b0aa16e1eca6ea35738f5bb8369bd2b27b8ed5  
apr-devel-1.3.9-5.el6_2.i686.rpm
9df664b194f72be491a3ad6e31b7b9009a3ccc0bd916cdcbfe6928750e55078a  
apr-devel-1.3.9-5.el6_2.x86_64.rpm

Source:
9775f276bb8e6b80a33a5bdbfa2d1619a42e9499702c5507e22268358ff01c8d  
apr-1.3.9-5.el6_2.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net

___
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEEA-2012:0739 CentOS 6 mlx4_core Update


CentOS Errata and Enhancement Advisory 2012:0739 

Upstream details at : https://rhn.redhat.com/errata/RHEA-2012-0739.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 


i386:
cd17436881234bf53282fef05c00d459d58b88d804b1de21843c55270463c925  
kmod-mlx4_core-1.1.32.269-1.el6_2.i686.rpm

x86_64:
8727bad5734d882c761c6e3a537c478dd012b1a512dde109814a08227c7692fc  
kmod-mlx4_core-1.1.32.269-1.el6_2.x86_64.rpm

Source:
4c58d2912a6d1531973aca3fea9a63009f187c385d797ad7d2e21648318925e7  
mlx4_core-1.1.32.269-1.el6_2.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net

___
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-es] Bloquear HTTPS Dansguardian

2012-06-14 Thread Getzan Avila

Buenas Tardes Lista,


Hablar alguna manera de bloquear sitios con el dansguardian  pero para el https 
lo he googleado pero no he encontrado.

Espero que me puedan ayudar.


Slds

___
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es

Re: [CentOS-es] Bloquear HTTPS Dansguardian

2012-06-14 Thread Ernesto Pérez Estévez

On 06/14/2012 04:01 PM, Getzan Avila wrote:
Buenas Tardes Lista,

Hablar alguna manera de bloquear sitios con el dansguardian pero
para el https lo he googleado pero no he encontrado.
a ver, el dansguardian recibe las peticiones del squid. El squid recibe
las peticiones de dos formas:
1- mediante redireccionamiento de los paquetes que van saliendo hacia el
puerto 80
2- mediante el configurar directo en el browser la IP y puerto del
equipo donde esté el squid

la opción 2 es excelente pues te permite decirle al navegador que tenga
que recaer en el squid para todo tipo de conexión. Sin embargo casi
nadie le usa ya.

la opción 1 normalmente redirecciona el puerto 80 nada más, no el 443
(https), por diversísimas razones... y aún cuando le redireccione, no
creo que se vea dentro del paquete porque sería encriptado, creo.

En todo caso qué quieres? Bloquear facebook? Es la petición que
últimamente está de moda, puedes ver aquí para esto:

http://www.ecualug.org/2012/05/23/comos/centos6_%C2%BFc%C3%B3mo_bloquear_facebook_con_iptables

lo mismo puede usarse para bloquear por cualquier otra cadena.
saludos
epe

Espero que me puedan ayudar.

Slds

___ CentOS-es mailing
list CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es

Re: [CentOS-es] Bloquear HTTPS Dansguardian

2012-06-14 Thread Pablo Flores Aravena

Dansguardian no filtra el puerto https tampoco squid, lo que yo hago el
bloquear la ip por iptables.
Recuerda que el puerto 443 viaja encriptado.

Saludos

Pablo


-Mensaje original-
De: centos-es-boun...@centos.org [mailto:centos-es-boun...@centos.org] En
nombre de Getzan Avila
Enviado el: jueves, 14 de junio de 2012 17:02
Para: centos-es@centos.org
Asunto: [CentOS-es] Bloquear HTTPS Dansguardian

Buenas Tardes Lista,


Hablar alguna manera de bloquear sitios con el dansguardian  pero para el
https lo he googleado pero no he encontrado.

Espero que me puedan ayudar.


Slds

___
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es


___
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es

Re: [CentOS-es] Bloquear HTTPS Dansguardian

2012-06-14 Thread Diego Sanchez

Si configuras OpenDNS, se puede establecer que ademas filtre por
categoría de los sitios, todas las peticiones.
En mi empresa (bah, donde trabajo) fue implementado y ayudo bastante

--
Diego - Yo no soy paranoico! (pero que me siguen, me siguen)
___
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es

Re: [CentOS] Best way to duplicate a live Centos 5 server?

2012-06-14 Thread Emmanuel Noobadmin

On 6/14/12, Smithies, Russell russell.smith...@agresearch.co.nz wrote:
 How about using one of the backup tools to image the server?
 We use Symantec System Recovery and image all the disks. We then have the
 option of restoring to different hardware (physical or virtual) which works
 very well.
 There's a 60-day evaluation period.
 http://www.symantec.com/products/trialware.jsp?pcid=pcat_business_contpvid=1602_1

Not an option for me unfortunately, the only Windows systems on
location are at best Win7 Home Premium and SSR requires a Win Server
OS according to their page.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 6.2 32 default kernel support pae?

2012-06-14 Thread Arun Khan

A client is insisting to install CentOS 6.2 32 bit version [1] on a
system with 4GB RAM.

Lately, I have done 64 bit installations only; not sure if the 32 bit
kernel supports pae for = 4GB RAM.

If anyone knows the answer please let me know (will save me time on an
installation in my setup).

[1] The Client's ERP vendor has validated the application on the 32
bit platform only thus the reason for 32 bit version.

Thanks,
-- Arun Khan
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6.2 32 default kernel support pae?

2012-06-14 Thread Alexander Dalloz

Am 14.06.2012 09:46, schrieb Arun Khan:
 A client is insisting to install CentOS 6.2 32 bit version [1] on a
 system with 4GB RAM.
 
 Lately, I have done 64 bit installations only; not sure if the 32 bit
 kernel supports pae for = 4GB RAM.
 
 If anyone knows the answer please let me know (will save me time on an
 installation in my setup).
 
 [1] The Client's ERP vendor has validated the application on the 32
 bit platform only thus the reason for 32 bit version.
 
 Thanks,
 -- Arun Khan


https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.0_Release_Notes/kernel.html

see 12.6.1. Physical Address Extension (PAE)

Not said there, but support is up to 64GB of RAM.

Alexander
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6.2 32 default kernel support pae?

On 06/14/12 12:46 AM, Arun Khan wrote:
 [1] The Client's ERP vendor has validated the application on the 32
 bit platform only thus the reason for 32 bit version.


the client should find a ERP vendor who's not stuck back in the 90s.



-- 
john r pierceN 37, W 122
santa cruz ca mid-left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Two CentOS installations failed dual boot

2012-06-14 Thread Amindeed


Hello everybody,

I installed Centos 6.2 on a computer with an older version of it in 
order to dual boot both of them. I managed to install the new OS on a 
physically seperated hard drive, and configured grub to make the newly 
installed OS the default one.  Now the older OS won't boot and this 
error message shows: *error 13: invalid or unsupported executable format*.
I attached to the email the output of *fdisk -l*  and a copy of the 
*/etc/grub.conf* configuration file.


I have no experience dealing with boot/grub issues, so any help on this 
will be much appreciated.


Regards.
[root@mypc ~]# fdisk -l

Disk /dev/sda: 80.0 GB, 800 bytes
255 heads, 63 sectors/track, 9726 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0080

   Device Boot  Start End  Blocks   Id  System
/dev/sda1   *   1947276077056   83  Linux
/dev/sda294729726 2045952   82  Linux swap / Solaris

Disk /dev/sdb: 80.0 GB, 80032038912 bytes
255 heads, 63 sectors/track, 9730 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xdbdbdbdb

   Device Boot  Start End  Blocks   Id  System
/dev/sdb1   *   1  13  104391   83  Linux
/dev/sdb2  14973078051802+  8e  Linux LVM

Disk /dev/mapper/VolGroup00-LogVol01: 2080 MB, 2080374784 bytes
255 heads, 63 sectors/track, 252 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x30307800

Disk /dev/mapper/VolGroup00-LogVol01 doesn't contain a valid partition table

Disk /dev/mapper/VolGroup00-LogVol00: 77.8 GB, 77812727808 bytes
255 heads, 63 sectors/track, 9460 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x

Disk /dev/mapper/VolGroup00-LogVol00 doesn't contain a valid partition table
[root@mypc ~]# # grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You do not have a /boot partition.  This means that
#  all kernel and initrd paths are relative to /, eg.
#  root (hd1,0)
#  kernel /boot/vmlinuz-version ro root=/dev/sda1
#  initrd /boot/initrd-[generic-]version.img
#boot=/dev/sdb
default=0
timeout=5
splashimage=(hd1,0)/boot/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.32-220.17.1.el6.i686)
root (hd1,0)
kernel /boot/vmlinuz-2.6.32-220.17.1.el6.i686 ro 
root=UUID=b5d4d678-1e3d-47ce-acf1-d061097b6885 rd_NO_LUKS  KEYBOARDTYPE=pc 
KEYTABLE=fr LANG=en_US.UTF-8 rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb 
crashkernel=auto rd_LVM_LV=VolGroup00/LogVol01 rd_NO_DM
initrd /boot/initramfs-2.6.32-220.17.1.el6.i686.img
title CentOS IPBX (2.6.32-220.el6.i686)
root (hd1,0)
kernel /boot/vmlinuz-2.6.32-220.el6.i686 ro 
root=UUID=b5d4d678-1e3d-47ce-acf1-d061097b6885 rd_NO_LUKS  KEYBOARDTYPE=pc 
KEYTABLE=fr LANG=en_US.UTF-8 rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb 
crashkernel=auto rd_LVM_LV=VolGroup00/LogVol01 rd_NO_DM
initrd /boot/initramfs-2.6.32-220.el6.i686.img
title VoisGate
rootnoverify (hd0,0)
chainloader +1
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6.2 32 default kernel support pae?

2012-06-14 Thread Arun Khan

On Thu, Jun 14, 2012 at 1:35 PM, Alexander Dalloz ad+li...@uni-x.org wrote:

 https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.0_Release_Notes/kernel.html

 see 12.6.1. Physical Address Extension (PAE)

 Not said there, but support is up to 64GB of RAM.


Thanks very much for pointing out the Release Notes section :)

-- Arun Khan
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6.2 32 default kernel support pae?

2012-06-14 Thread Arun Khan

On Thu, Jun 14, 2012 at 1:46 PM, John R Pierce pie...@hogranch.com wrote:
 On 06/14/12 12:46 AM, Arun Khan wrote:
 [1] The Client's ERP vendor has validated the application on the 32
 bit platform only thus the reason for 32 bit version.


 the client should find a ERP vendor who's not stuck back in the 90s.


Agreed, I pointed it out to client but I am not the one who selected
the ERP vendor for them; sometimes one has to choose which battles to
fight.

-- Arun Khan
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Best way to duplicate a live Centos 5 server?

On Thu, Jun 14, 2012 at 2:32 AM, Emmanuel Noobadmin
centos.ad...@gmail.com wrote:
 On 6/14/12, Smithies, Russell russell.smith...@agresearch.co.nz wrote:
 How about using one of the backup tools to image the server?
 We use Symantec System Recovery and image all the disks. We then have the
 option of restoring to different hardware (physical or virtual) which works
 very well.
 There's a 60-day evaluation period.
 http://www.symantec.com/products/trialware.jsp?pcid=pcat_business_contpvid=1602_1

 Not an option for me unfortunately, the only Windows systems on
 location are at best Win7 Home Premium and SSR requires a Win Server
 OS according to their page.

Clonezilla-live is good for straight image copies, but you have to
shut down the source while taking the copy and it doesn't do raid.  It
does handle most filesystems including windows and knows enough to
only copy the used blocks.

ReaR will make the copy with the source running and handles most linux
disk layouts.   There is not much documentation at this point and
there are a lot of options, but if you have an NFS share to hold the
intermediate backup copy it only takes a couple of lines in a conf
file to set it up.   However, since it is designed for backup/restore,
the default is for the restore iso to use the same IP as the source
which is awkward for live cloning.   You can work around that but
should probably try a test system first.  It is definitely worth
looking at as a simple backup solution in any case.  If the target
hardware is different, both clonezilla and rear may require you to
build a new initrd with appropriate disk drivers included.

Using the VMware converter tool (free) might work.  I've done it with
windows, but so far it has not worked with the disk layouts on the
linux systems I have tried.  When it works, it works very well - and
you could probably do additional conversions from the vmware image.

-- 
   Les Mikesell
  lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 88, Issue 9

2012-06-14 Thread centos-announce-request

Send CentOS-announce mailing list submissions to
centos-annou...@centos.org

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org

You can reach the person managing the list at
centos-announce-ow...@centos.org

When replying, please edit your Subject line so it is more specific
than Re: Contents of CentOS-announce digest...


Today's Topics:

   1. CESA-2012:0731 Moderate CentOS 5 expat Update (Johnny Hughes)
   2. CESA-2012:0730 Important CentOS 5 java-1.6.0-openjdk Update
  (Johnny Hughes)
   3. CESA-2012:0729 Critical CentOS 6  java-1.6.0-openjdk Update
  (Johnny Hughes)
   4. CESA-2012:0731 Moderate CentOS 6 expat Update (Johnny Hughes)
   5. CEBA-2012:0738 CentOS 5 gawk FASTTRACK Update (Johnny Hughes)
   6. CEBA-2012:0737  CentOS 6 corosync Update (Johnny Hughes)
   7. CEEA-2012:0739  CentOS 6 mlx4_ib Update (Johnny Hughes)
   8. CEEA-2012:0739  CentOS 6 mlx4_en Update (Johnny Hughes)
   9. CEBA-2012:0740  CentOS 6 apr Update (Johnny Hughes)
  10. CEEA-2012:0739  CentOS 6 mlx4_core Update (Johnny Hughes)


--

Message: 1
Date: Wed, 13 Jun 2012 17:07:10 +
From: Johnny Hughes joh...@centos.org
Subject: [CentOS-announce] CESA-2012:0731 Moderate CentOS 5 expat
Update
To: centos-annou...@centos.org
Message-ID: 20120613170710.ga31...@chakra.karan.org
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2012:0731 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-0731.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
3cd68b239349db1f2a58ad30ef511148235cda9e7b692323d0b8606aa0f094e3  
expat-1.95.8-11.el5_8.i386.rpm
1a19aae09d3fae92d7e31244abe1d12804206a3f0445a7d56c34e363d16e870a  
expat-devel-1.95.8-11.el5_8.i386.rpm

x86_64:
3cd68b239349db1f2a58ad30ef511148235cda9e7b692323d0b8606aa0f094e3  
expat-1.95.8-11.el5_8.i386.rpm
9e40d6c5cfd8288231e0a3c7a193a1601fb6a909df00a917d59cc02e596ea7dd  
expat-1.95.8-11.el5_8.x86_64.rpm
1a19aae09d3fae92d7e31244abe1d12804206a3f0445a7d56c34e363d16e870a  
expat-devel-1.95.8-11.el5_8.i386.rpm
25f29550c06e68dbdd2847421e2c1db4f8fa3a02dab12f6cdfc7b2b3ab72e2c8  
expat-devel-1.95.8-11.el5_8.x86_64.rpm

Source:
f394a130aa92f025255ee20283d9dc9e93f73c8858bfb1a87736e211df8b65b6  
expat-1.95.8-11.el5_8.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net



--

Message: 2
Date: Wed, 13 Jun 2012 17:29:00 +
From: Johnny Hughes joh...@centos.org
Subject: [CentOS-announce] CESA-2012:0730 Important CentOS 5
java-1.6.0-openjdk Update
To: centos-annou...@centos.org
Message-ID: 20120613172900.ga31...@chakra.karan.org
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2012:0730 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-0730.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
f1f34d561b7a8792c87baa365b8c476dbc16149df94ea0a932e022d474097445  
java-1.6.0-openjdk-1.6.0.0-1.27.1.10.8.el5_8.i386.rpm
0cea3bb758babe5704bdf9897f07f29a96eb97c4be5ce21c618fc8d33747b04a  
java-1.6.0-openjdk-demo-1.6.0.0-1.27.1.10.8.el5_8.i386.rpm
71ab34ae5c8c4d7e43a61fcfae9e10f50941cbeebc2e0fe23d82285817b21efb  
java-1.6.0-openjdk-devel-1.6.0.0-1.27.1.10.8.el5_8.i386.rpm
21f4b7cbe5175549528a3dac11c505f28b7a668e9dde5ccbf17cf345cf83575b  
java-1.6.0-openjdk-javadoc-1.6.0.0-1.27.1.10.8.el5_8.i386.rpm
280419ee63d45161e204fef85af031d278eb0909e9cc1bafc452b0705db7836e  
java-1.6.0-openjdk-src-1.6.0.0-1.27.1.10.8.el5_8.i386.rpm

x86_64:
1b0412bd15d348d4877e0fbd9cd50e82c3e6dce631bf308f6f8858de98f7b5f2  
java-1.6.0-openjdk-1.6.0.0-1.27.1.10.8.el5_8.x86_64.rpm
b9dcd93b7fa94e31887896710a5fa359db59f4e9718560529595b54a68153434  
java-1.6.0-openjdk-demo-1.6.0.0-1.27.1.10.8.el5_8.x86_64.rpm
5f3e3f41f9e0f012d12d42fc238ca0c71bbebc2e50c090a104797ef9f216d723  
java-1.6.0-openjdk-devel-1.6.0.0-1.27.1.10.8.el5_8.x86_64.rpm
9a78d0538ab735128188ea3a6aa5664db2111d94c2e8162f1acd44875c4aaa29  
java-1.6.0-openjdk-javadoc-1.6.0.0-1.27.1.10.8.el5_8.x86_64.rpm
f5b83eb56f378bcf7dfbb99231b715455b98c0dd6c259b4373b6c5822bece004  
java-1.6.0-openjdk-src-1.6.0.0-1.27.1.10.8.el5_8.x86_64.rpm

Source:
49f7df8ca0562c4a706c0553ac41c4b625a2035d21ba7a730c154d3f79c95b43  
java-1.6.0-openjdk-1.6.0.0-1.27.1.10.8.el5_8.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net



--

Message: 3
Date: Wed, 13 Jun 2012 18:29:41 +
From: Johnny Hughes joh...@centos.org
Subject: [CentOS-announce] CESA-2012:0729 Critical CentOS 6
java-1.6.0-openjdk Update
To:

[CentOS] CentOS 4x Download

2012-06-14 Thread Shiv. Nath

Dear Community Friends,

i badly require CentOS 4x, because one of our application only work with 
that version, and current server has failed. The image which is 
available in CentOS following sites. CD is not boot able, cannot install.

http://vault.centos.org/4.9/
http://vault.centos.org/

can anyone help to guide me how can o get CD or DVD image CentOS 4x.

Thanks / Regards
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] OT - Is there a package to monitor network traffic

2012-06-14 Thread Steve Campbell

We have a situation here that is a real mystery.

Our MRTG on our outgoing router  and a firewall server that protects our 
web servers is showing a spike every six hours. I can't find the server 
behind the firewall that is generating such an extreme amount of 
packets, even though I've looked through the crontabs of nearly all 
servers, performed ps variations, and other types of investigation.

Is there any type of package I can install that will monitor traffic and 
report abnormal, over-threshold packets similar to what wireshark might 
do in a manner that would allow me to determine where these packets 
might be going or from where they originate?

Thanks for any help.

steve campbell

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT - Is there a package to monitor network traffic

2012-06-14 Thread Mike McCarthy

How about tcpdump?

Mike

On 06/14/2012 01:07 PM, Steve Campbell wrote:
 We have a situation here that is a real mystery.

 Our MRTG on our outgoing router  and a firewall server that protects our
 web servers is showing a spike every six hours. I can't find the server
 behind the firewall that is generating such an extreme amount of
 packets, even though I've looked through the crontabs of nearly all
 servers, performed ps variations, and other types of investigation.

 Is there any type of package I can install that will monitor traffic and
 report abnormal, over-threshold packets similar to what wireshark might
 do in a manner that would allow me to determine where these packets
 might be going or from where they originate?

 Thanks for any help.

 steve campbell

 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] unfsd scalability issues

2012-06-14 Thread Boris Epstein

On Wed, Jun 13, 2012 at 10:11 AM, m.r...@5-cent.us wrote:

 Boris Epstein wrote:
  On Sat, Jun 2, 2012 at 2:50 PM, John R. Dennison j...@gerdesas.com
 wrote:
  On Sat, Jun 02, 2012 at 10:59:13AM -0400, Boris Epstein wrote:
 snip
  To be specific, I use UNFSD to export a MooseFS file system. MooseFS, by
  the way, is userland-process based too.
 
  Be that as it may, I've seen situations where a comparably configured
  MooseFS client get to read at, say, 40 MB/s - which is fine - but the
  UNFSD at the same time reads at 40K/s(!) Why would that be? I mean, some
  degradation I can dig but 3 orders of magnitude? What is with this? Am I
  doing something wrong?
 snip
 I wonder... what's the architecture of what you're getting these results?
 I tried opening a bug with upstream over NFS4 and 6.x, and no one ever
 looked at it, and they closed it.

 100% repeatably: unpack a package locally, seconds.
 unpack it from an NFS mount onto a local drive, about 1
 min.
 unpack it from an NFS mount onto an NFS mount, even when
the target is exported FROM THE SAME MACHINE* that the
process is running on: 6.5 - 7 MINUTES.

 * That is,
 [server 1] [server 2]
/export/thatdir --NFS--/target/dir
/s2/source
/source/dir --NFS--/s2/source
 and cd [server 2]:/target/dir and unpack from /s2/source

 I suppose I'll try logging into upstream's bugzilla using our official
 licensed id; maybe then they'll assign someone to look at it

mark



Mark,

Thanks, my architecture is extremely similar to yours, except that in my
case the second layer, if I may say so, is MooseFS (
http://www.moosefs.org/ ), not NFS. MooseFS itself is blazing, by the way.

So the diagram in my case would look something like this:

   /export/thatdir --NFS--/target/dir
   /s2/source
   /source/dir -- MooseFS mount (mfsmount)
--/s2/source

The discrepancy in the resultant performance is comparable.

Thanks.

Boris.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 4x Download

On 06/14/2012 12:05 PM, Shiv. Nath wrote:
 Dear Community Friends,

 i badly require CentOS 4x, because one of our application only work with 
 that version, and current server has failed. The image which is 
 available in CentOS following sites. CD is not boot able, cannot install.

 http://vault.centos.org/4.9/
 http://vault.centos.org/

 can anyone help to guide me how can o get CD or DVD image CentOS 4x.


The CDs should be just fine as far as booting them goes.

You need to burn them as an image with your burning software and boot
any if the CD-1 or DVD-1 images.

If your machine does not boot from CD, you can create a pen drive boot
using bootdisk.img from here:

http://vault.centos.org/4.9/os/x86_64/images/

(or i386 instead of x86_64)



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 4x Download

2012-06-14 Thread Shiv. Nath




 On 06/14/2012 12:05 PM, Shiv. Nath wrote:
 Dear Community Friends,

 i badly require CentOS 4x, because one of our application only work with
 that version, and current server has failed. The image which is
 available in CentOS following sites. CD is not boot able, cannot
 install.

 http://vault.centos.org/4.9/
 http://vault.centos.org/

 can anyone help to guide me how can o get CD or DVD image CentOS 4x.


 The CDs should be just fine as far as booting them goes.

 You need to burn them as an image with your burning software and boot
 any if the CD-1 or DVD-1 images.

 If your machine does not boot from CD, you can create a pen drive boot
 using bootdisk.img from here:

 http://vault.centos.org/4.9/os/x86_64/images/

 (or i386 instead of x86_64)

 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos


Thanks Johnny.

I will give a try using pen drive.




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT - Is there a package to monitor network traffic

On Thu, Jun 14, 2012 at 12:07 PM, Steve Campbell campb...@cnpapers.com wrote:
 We have a situation here that is a real mystery.

 Our MRTG on our outgoing router  and a firewall server that protects our
 web servers is showing a spike every six hours. I can't find the server
 behind the firewall that is generating such an extreme amount of
 packets, even though I've looked through the crontabs of nearly all
 servers, performed ps variations, and other types of investigation.

 Is there any type of package I can install that will monitor traffic and
 report abnormal, over-threshold packets similar to what wireshark might
 do in a manner that would allow me to determine where these packets
 might be going or from where they originate?

If you can catch it while the event is happening, wireshark can help
you analyze the traffic.  Do a short capture, then
Statistics/Converstation list/ipv4 (or endpoint/ipv4) will give you a
sortable list of the bulk of the traffic.

If you are monitoring the traffic on all interfaces and switch ports
with SNMP (Cacti/OpenNMS etc.) you would probably see it too.  OpenNMS
generates nightly reports of 'top 20' interface usage although backups
sometimes show up there.   'Ntop' is also good at identifying traffic
and can summarize in different ways, but you have to run it on the
server where the traffic is happening.

-- 
   Les Mikesell
 lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] any reliable FTP server with HTTPS/FTPS, commercial or not

2012-06-14 Thread Gelen James



Hi all,

 Just like to know which secure FTP servers are popular in use on Linux, the 
FTP server should provides HTTPS, FTPS and SFTP methods.

 Current we are with Serv-U FTP server, but it has been crashed all the time 
for unknown reasons -- can not find any causes in its log file at all. Although 
we like its interfaces, but our customers complain its reliability a lot. 
Finally we are tired of it and would like an alternative. If you are satisfied 
with your ftp server, Please feel free to share with me. :)

Thanks.

--David
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 6 - Networking: Some Queries -- GURUS HELP PL

On Jun 13, 2012, at 2:52 AM, Sanjay Arora sanjay.k.ar...@gmail.com wrote:

 My machine is on LAN 192.168.1.0/24, has an IP of 192.168.1.3. This
 Network has GW 192.168.1.1 which is an adsl router in the office. No
 firewall on the router. Other LAN machines have IPs in the
 192.168.1.0/24 network  I'm not allowed to use those IPs. They are
 reserved for LAN use.
 
 Now My machine has a second card for LTSP Network (it is a LTSP
 Server) with IP 172.16.1.0/24

Can your VMs request IPs on this network or is it NAT'd as well?

 I want Virtual hosts on my machine so I have to have a different IP
 rangesay 192.168.2.0/24

Maybe better to use LTSP network IPs and use the 192.168 bridge interface for 
Internet only giving out dnsmasq IPs which are 169.X I believe?

 And I want routing among three as well as Internet access through the
 NATTED adsl router which has a dynamic IP.

If you have 172.16 IPs on the VMs for the LTSP bridged network, then use 
dnsmasq to assign dynamic IPs for the Internet NAT'd bridge on the 192.168 
network, set a default route out the Internet NAT'd bridged interfaces and you 
should get what you want.

-Ross

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT - Is there a package to monitor network traffic

On Jun 14, 2012, at 1:07 PM, Steve Campbell campb...@cnpapers.com wrote:

 We have a situation here that is a real mystery.
 
 Our MRTG on our outgoing router  and a firewall server that protects our 
 web servers is showing a spike every six hours. I can't find the server 
 behind the firewall that is generating such an extreme amount of 
 packets, even though I've looked through the crontabs of nearly all 
 servers, performed ps variations, and other types of investigation.
 
 Is there any type of package I can install that will monitor traffic and 
 report abnormal, over-threshold packets similar to what wireshark might 
 do in a manner that would allow me to determine where these packets 
 might be going or from where they originate?

Setup a nettop server and netflow on the routing interfaces and you will find 
tour culprit.

-Ross

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT - Is there a package to monitor network traffic

On Jun 14, 2012, at 6:44 PM, Ross Walker rswwal...@gmail.com wrote:

 On Jun 14, 2012, at 1:07 PM, Steve Campbell campb...@cnpapers.com wrote:
 
 We have a situation here that is a real mystery.
 
 Our MRTG on our outgoing router  and a firewall server that protects our 
 web servers is showing a spike every six hours. I can't find the server 
 behind the firewall that is generating such an extreme amount of 
 packets, even though I've looked through the crontabs of nearly all 
 servers, performed ps variations, and other types of investigation.
 
 Is there any type of package I can install that will monitor traffic and 
 report abnormal, over-threshold packets similar to what wireshark might 
 do in a manner that would allow me to determine where these packets 
 might be going or from where they originate?
 
 Setup a nettop server and netflow on the routing interfaces and you will find 
 tour culprit.

Nettop - ntop

-Ross

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] any reliable FTP server with HTTPS/FTPS, commercial or not

On 06/14/12 3:39 PM, Gelen James wrote:
   Just like to know which secure FTP servers are popular in use on Linux, the 
 FTP server should provides HTTPS, FTPS and SFTP methods.

sftp is part of SSH, not FTP.  https is HTTP not FTP.

ftps (FTP over SSL) is a non-standard mess and should be banned.

I use vsftp for a straight FTP server, and apache for a https server, 
openssh for a SSH server.  these are all standard CentOS components.

-- 
john r pierceN 37, W 122
santa cruz ca mid-left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] any reliable FTP server with HTTPS/FTPS, commercial or not

2012-06-14 Thread Gelen James

Hi John,

I had the same idea with you just a few years back that the ftp only servers 
FTP protocol. But nowadays a FTP server provides same contents over a lot of 
protocols at the same time: FTP/FTPS/SFTP/HTTP/HTTPS. 

 Please check the wiki 
page http://en.wikipedia.org/wiki/List_of_FTP_server_software. There are so 
many choices but it is difficult to find one that is reliable, secure and at 
the same time easy to use.

Thanks.

--David



 From: John R Pierce pie...@hogranch.com
To: centos@centos.org 
Sent: Thursday, June 14, 2012 3:59 PM
Subject: Re: [CentOS] any reliable FTP server with HTTPS/FTPS, commercial or not
 
On 06/14/12 3:39 PM, Gelen James wrote:
   Just like to know which secure FTP servers are popular in use on Linux, the 
FTP server should provides HTTPS, FTPS and SFTP methods.

sftp is part of SSH, not FTP.  https is HTTP not FTP.

ftps (FTP over SSL) is a non-standard mess and should be banned.

I use vsftp for a straight FTP server, and apache for a https server, 
openssh for a SSH server.  these are all standard CentOS components.

-- 
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] any reliable FTP server with HTTPS/FTPS, commercial or not

On 06/14/12 4:08 PM, Gelen James wrote:
 I had the same idea with you just a few years back that the ftp only servers 
 FTP protocol. But nowadays a FTP server provides same contents over a lot of 
 protocols at the same time: FTP/FTPS/SFTP/HTTP/HTTPS

thats just silly.  I suppose we should call NFS FTP too, because it 
serves files?

the classic FTP protocol is a hangover from the 1970s and really should 
be sent to pasture and allowed to die a peaceful death.I generally 
use http for serving anonymous read only files, and sftp/scp for 
authenticated transfers



-- 
john r pierceN 37, W 122
santa cruz ca mid-left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] any reliable FTP server with HTTPS/FTPS, commercial or not

On Thu, Jun 14, 2012 at 6:18 PM, John R Pierce pie...@hogranch.com wrote:

 thats just silly.  I suppose we should call NFS FTP too, because it
 serves files?

What do you call something like Alfresco that emulates all kinds of
file/web services while imposing additional logic compared to what the
OS would do?

-- 
   Les Mikesell
  lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] any reliable FTP server with HTTPS/FTPS, commercial or not

On 06/14/12 4:08 PM, Gelen James wrote:
 Please check the wiki 
 pagehttp://en.wikipedia.org/wiki/List_of_FTP_server_software. There are so 
 many choices


psst?  most of those are for MS Windows, which doesn't come with a 
decent FTP server built in.   many of them are commercial. there's 
really only a couple on that list suitable for a linux server, headed up 
with vsftpd, the default ftp server in CentOS.





-- 
john r pierceN 37, W 122
santa cruz ca mid-left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] any reliable FTP server with HTTPS/FTPS, commercial or not

2012-06-14 Thread John Hinton

On 6/14/2012 7:23 PM, John R Pierce wrote:
 On 06/14/12 4:08 PM, Gelen James wrote:
 Please check the wiki 
 pagehttp://en.wikipedia.org/wiki/List_of_FTP_server_software. There are so 
 many choices

 psst?  most of those are for MS Windows, which doesn't come with a
 decent FTP server built in.   many of them are commercial. there's
 really only a couple on that list suitable for a linux server, headed up
 with vsftpd, the default ftp server in CentOS.

I do hear good things about ProFTP and actually have it on one of my new 
installs, but haven't yet messed with it. I found it odd that it didn't 
make the wiki list. Maybe some others can give some feedback on it?

-- 
John Hinton
877-777-1407 ext 502
http://www.ew3d.com
Comprehensive Online Solutions

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Sendmail SMTP Brute-Force Attack

2012-06-14 Thread Gustavo Lacoste

Dear CentOS Community

Is totally clear there's no support sendmail platform today, but I need  to
stop SMTP brute-force attack on sendmail. My server is attacked today, my
maillog look like :

4...@myserver.com, proto=ESMTP, daemon=MTA, relay=myserver.com [127.0.0.1]
Jun 14 19:07:01 at6412 sendmail[24627]: q5EN71jC024627: from=, size=3958,
class=0, nrcpts=1, msgid=201206142307.q5en710u024...@myserver.com,
proto=ESMTP, daemon=MTA, relay=myserver.com [127.0.0.1]
Jun 14 19:07:23 at6412 sendmail[24868]: q5EN7M6D024868: from=
qmar...@qmarket.cl, size=2193, class=0, nrcpts=2, msgid=
20120614231448.1e99a13e...@smtp02qmarket.qmarket.cl, proto=ESMTP,
daemon=MTA, relay=[200.1.174.121]
Jun 14 19:07:24 at6412 sendmail[24961]: q5EN7OT4024961: from=
nob...@2012.123icq.cl, size=4716, class=0, nrcpts=1, msgid=
e1sfj8h-0005kv...@2012.123icq.cl, proto=ESMTP, daemon=MTA, relay=
pc1.globalmac.cl [200.29.231.61] (may be forged)
Jun 14 19:07:33 at6412 sendmail[25013]: q5EN7SqK025013: from=
a.pfsv...@yahoo.com, size=760, class=0, nrcpts=1, msgid=
1531549-634033...@owfzdl.net, proto=SMTP, daemon=MTA, relay=
h095159149119.ys.dsl.sakhalin.ru [95.159.149.119]
Jun 14 19:07:37 at6412 sendmail[25065]: q5EN7bCj025065: from=
en.viaimp...@gmail.com, size=4531, class=0, nrcpts=0, proto=ESMTP,
daemon=MTA, relay=186-105-73-29.baf.movistar.cl [186.105.73.29]


I need help for STOP this spamers right now.

Thanks in advance to anyone who can guide me


With Kind Regards,

 Gustavo A. Lacoste Z.
 Curacautín - Chile
 Skype: knxroot
 Msn  Gtalk: knx.root [at] gmail.com
 Home page: http://www.lacosox.org
- -
*Por favor, evite enviarme documentos adjuntos en formato Word o PowerPoint.
Lea http://www.gnu.org/philosophy/no-word-attachments.es.html*
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] any reliable FTP server with HTTPS/FTPS, commercial or not

On 06/14/12 4:22 PM, Les Mikesell wrote:
 What do you call something like Alfresco that emulates all kinds of
 file/web services while imposing additional logic compared to what the
 OS would do?

useless

hey, you asked what *I* would call it.   I have no use for that sort of 
silliness.   Maybe someone running a 'warez' server does, not me.





-- 
john r pierceN 37, W 122
santa cruz ca mid-left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail SMTP Brute-Force Attack

On 06/14/12 4:33 PM, Gustavo Lacoste wrote:
 I need help for STOP this spamers right now.

 Thanks in advance to anyone who can guide me

2 of the three relay IPs listed in your log fragment are listed on 
spamhaus' Zen combined list, http://www.spamhaus.org/zen/

this is free for use by low volume non-commercial email servers. see the 
terms linked on the above URL.
adding the following line to your sendmail.mc file, then rebuilding the 
.cf and restarting sendmail would reject all mail connections from 
servers listed via Spamhaus.

FEATURE(dnsbl,`zen.spamhaus.org',`Message from ${client_addr} rejected 
- see http://www.spamhaus.org/SBL/sbl-rationale.html') dnl


(note this file is in M4 syntax, and has to use 'funny' quoting, with a 
` as the opening quote).





-- 
john r pierceN 37, W 122
santa cruz ca mid-left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] any reliable FTP server with HTTPS/FTPS, commercial or not

2012-06-14 Thread Dennis Jacobfeuerborn

On 06/15/2012 01:28 AM, John Hinton wrote:
 On 6/14/2012 7:23 PM, John R Pierce wrote:
 On 06/14/12 4:08 PM, Gelen James wrote:
 Please check the wiki 
 pagehttp://en.wikipedia.org/wiki/List_of_FTP_server_software. There are so 
 many choices

 psst?  most of those are for MS Windows, which doesn't come with a
 decent FTP server built in.   many of them are commercial. there's
 really only a couple on that list suitable for a linux server, headed up
 with vsftpd, the default ftp server in CentOS.

 I do hear good things about ProFTP and actually have it on one of my new 
 installs, but haven't yet messed with it. I found it odd that it didn't 
 make the wiki list. Maybe some others can give some feedback on it?
 

If you are running a recent distro you should go with sftp. With the Match
directive you can even selectively create chroots for users and groups
which should cover most use-cases. FTP is just insecure (plaintext
passwords) and the secure variant FTPS makes firewall setups a pain because
the fixes for FTPs protocol layering violations (the conntrack and nat
modules for iptables) stop working.
Don't use FTP unless you absolutely have to.

Regards,
  Dennis
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail SMTP Brute-Force Attack

2012-06-14 Thread Diego Sanchez

You can use, also, fail2ban

http://www.fail2ban.org/wiki/index.php/Sendmail
http://www.fail2ban.org/wiki/index.php/HOWTOs

Work over the filter.
You can set that if 'x' connection from same IP in 'y' seconds, block
in firewall

-- 
Diego - Yo no soy paranoico! (pero que me siguen, me siguen)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail SMTP Brute-Force Attack

2012-06-14 Thread Gustavo Lacoste

The problem with my server is: I use it to offer webhosting services. Some
customers using Outlook are blocked because they use black listed ips (ips
simply are dynamic).



With Kind Regards,

 Gustavo A. Lacoste Z.
 Curacautín - Chile
 Skype: knxroot
 Msn  Gtalk: knx.root [at] gmail.com
 Home page: http://www.lacosox.org
- -
*Por favor, evite enviarme documentos adjuntos en formato Word o PowerPoint.
Lea http://www.gnu.org/philosophy/no-word-attachments.es.html*


2012/6/14 John R Pierce pie...@hogranch.com

 On 06/14/12 4:33 PM, Gustavo Lacoste wrote:
  I need help for STOP this spamers right now.
 
  Thanks in advance to anyone who can guide me

 2 of the three relay IPs listed in your log fragment are listed on
 spamhaus' Zen combined list, http://www.spamhaus.org/zen/

 this is free for use by low volume non-commercial email servers. see the
 terms linked on the above URL.
 adding the following line to your sendmail.mc file, then rebuilding the
 .cf and restarting sendmail would reject all mail connections from
 servers listed via Spamhaus.

 FEATURE(dnsbl,`zen.spamhaus.org',`Message from ${client_addr} rejected
 - see http://www.spamhaus.org/SBL/sbl-rationale.html') dnl


 (note this file is in M4 syntax, and has to use 'funny' quoting, with a
 ` as the opening quote).





 --
 john r pierceN 37, W 122
 santa cruz ca mid-left coast

 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail SMTP Brute-Force Attack


If you have disabled open relaying then I would look at grey listing and 
throttling to reduce the number of spam per hour that comes in.

Since your routing others emails there is no point in spam analysis cause your 
customers are probably doing it already. Just need to dissuade spammers from 
full throttling your edge severs.

-Ross


On Jun 14, 2012, at 8:58 PM, Gustavo Lacoste gust...@lacosox.org wrote:

 The problem with my server is: I use it to offer webhosting services. Some
 customers using Outlook are blocked because they use black listed ips (ips
 simply are dynamic).
 
 
 
 With Kind Regards,
 
 Gustavo A. Lacoste Z.
 Curacautín - Chile
 Skype: knxroot
 Msn  Gtalk: knx.root [at] gmail.com
 Home page: http://www.lacosox.org
 - -
 *Por favor, evite enviarme documentos adjuntos en formato Word o PowerPoint.
 Lea http://www.gnu.org/philosophy/no-word-attachments.es.html*
 
 
 2012/6/14 John R Pierce pie...@hogranch.com
 
 On 06/14/12 4:33 PM, Gustavo Lacoste wrote:
 I need help for STOP this spamers right now.
 
 Thanks in advance to anyone who can guide me
 
 2 of the three relay IPs listed in your log fragment are listed on
 spamhaus' Zen combined list, http://www.spamhaus.org/zen/
 
 this is free for use by low volume non-commercial email servers. see the
 terms linked on the above URL.
 adding the following line to your sendmail.mc file, then rebuilding the
 .cf and restarting sendmail would reject all mail connections from
 servers listed via Spamhaus.
 
 FEATURE(dnsbl,`zen.spamhaus.org',`Message from ${client_addr} rejected
 - see http://www.spamhaus.org/SBL/sbl-rationale.html') dnl
 
 
 (note this file is in M4 syntax, and has to use 'funny' quoting, with a
 ` as the opening quote).
 
 
 
 
 
 --
 john r pierceN 37, W 122
 santa cruz ca mid-left coast
 
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos
 
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail SMTP Brute-Force Attack

On Thu, Jun 14, 2012 at 7:58 PM, Gustavo Lacoste gust...@lacosox.org wrote:
 The problem with my server is: I use it to offer webhosting services. Some
 customers using Outlook are blocked because they use black listed ips (ips
 simply are dynamic).


Give them logins/passwords and only rely if the connection is authenticated.

-- 
Les Mikesell
  lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail SMTP Brute-Force Attack