Re: [CentOS] Using keepass on Centos 6

[Valeri Galtsev]

On Wed, September 21, 2016 5:25 pm, Gordon Messmer wrote:
> On 09/21/2016 02:48 PM, Valeri Galtsev wrote:
>> I use KeepassX. That one has versions for pretty much all open source
>> systems (Linux, *BSD) and for variety of others widely used systems:
>> MacOS, Android, iOS, MS Windows (just listed the ones I know of).
>
> So we're back to this...  KeepassX is compatible with the Keepass 2
> database format, but is not Keepass.  KeepassX has OS X and Windows
> ports, but the mobile clients you're referring to are also ports of
> Keepass (not KeepassX) or are Keepass-compatible applications.
>
> KeepassX doesn't support plugins at all, so none of these are available:
> http://keepass.info/plugins.html

Aha, great, thanks for setting us straight!

>
>> Thanks
>> to that I can open the same encrypted password store on pretty much all
>> devices and systems I use. However, no, I don't consider it reasonable
>> for
>> myself to use it from inside web browser
>
> Do you use KeepassX's auto-type?  That's (approximately) what KeeFox
> does, except that the plugin interface is more secure.  Note that
> KeepassX doesn't offer that feature on OS X and Windows.  Since web
> passwords are probably the most common use of a password manager,
> auto-fill of web login forms should be considered an essential function
> for such a program.  Between the two, Keepass is a much better option.
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using keepass on Centos 6

[Gordon Messmer]

On 09/21/2016 02:48 PM, Valeri Galtsev wrote:

I use KeepassX. That one has versions for pretty much all open source
systems (Linux, *BSD) and for variety of others widely used systems:
MacOS, Android, iOS, MS Windows (just listed the ones I know of).


So we're back to this...  KeepassX is compatible with the Keepass 2 
database format, but is not Keepass.  KeepassX has OS X and Windows 
ports, but the mobile clients you're referring to are also ports of 
Keepass (not KeepassX) or are Keepass-compatible applications.


KeepassX doesn't support plugins at all, so none of these are available:
http://keepass.info/plugins.html


Thanks
to that I can open the same encrypted password store on pretty much all
devices and systems I use. However, no, I don't consider it reasonable for
myself to use it from inside web browser


Do you use KeepassX's auto-type?  That's (approximately) what KeeFox 
does, except that the plugin interface is more secure.  Note that 
KeepassX doesn't offer that feature on OS X and Windows.  Since web 
passwords are probably the most common use of a password manager, 
auto-fill of web login forms should be considered an essential function 
for such a program.  Between the two, Keepass is a much better option.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using keepass on Centos 6

[Valeri Galtsev]

On Wed, September 21, 2016 5:15 pm, Keith Keller wrote:
> On 2016-09-21, Valeri Galtsev  wrote:
>>
>> On Wed, September 21, 2016 4:30 pm, Keith Keller wrote:
>>> On 2016-09-21, Gordon Messmer  wrote:
 On 09/21/2016 11:30 AM, H wrote:

 https://www.passwordstore.org/
>>>
>>> This looks very cool, but is there a version for Android?  One of the
>>> reasons I picked KeePass is that I could use a copy of the same
>>> password
>>> file with clients on linux, OS X, or Android.  (And if I had an iOS
>>> device KeePass works there too.)
>>
>> I use KeepassX. That one has versions for pretty much all open source
>> systems (Linux, *BSD) and for variety of others widely used systems:
>> MacOS, Android, iOS, MS Windows (just listed the ones I know of). Thanks
>> to that I can open the same encrypted password store on pretty much all
>> devices and systems I use.
>
> I was pretty dumb in asking this question: right at the top of the web
> page, it says that third parties have made Android and iOS apps.  Sorry
> about that!
>
>> However, no, I don't consider it reasonable for
>> myself to use it from inside web browser, hence I would recommend
>> reconsider this part in favor of universal tool.
>
> While pass does have a Firefox plugin, I don't think I'd use it, but I
> can imagine someone else might.  It sounds like this is different from
> keeping your key store in The Cloud (TM),

And no, I would not keep _my_ password store on any "Cloud" except maybe
on my own server running open source owncloud instance. If security is
concerned, paranoia is your friend ;-)

Valeri

> but I didn't read the plugin
> page carefully.
>
> --keith
>
> --
> kkel...@wombat.san-francisco.ca.us
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using keepass on Centos 6

[Keith Keller]

On 2016-09-21, Valeri Galtsev  wrote:
>
> On Wed, September 21, 2016 4:30 pm, Keith Keller wrote:
>> On 2016-09-21, Gordon Messmer  wrote:
>>> On 09/21/2016 11:30 AM, H wrote:
>>>
>>> https://www.passwordstore.org/
>>
>> This looks very cool, but is there a version for Android?  One of the
>> reasons I picked KeePass is that I could use a copy of the same password
>> file with clients on linux, OS X, or Android.  (And if I had an iOS
>> device KeePass works there too.)
>
> I use KeepassX. That one has versions for pretty much all open source
> systems (Linux, *BSD) and for variety of others widely used systems:
> MacOS, Android, iOS, MS Windows (just listed the ones I know of). Thanks
> to that I can open the same encrypted password store on pretty much all
> devices and systems I use.

I was pretty dumb in asking this question: right at the top of the web
page, it says that third parties have made Android and iOS apps.  Sorry
about that!

> However, no, I don't consider it reasonable for
> myself to use it from inside web browser, hence I would recommend
> reconsider this part in favor of universal tool.

While pass does have a Firefox plugin, I don't think I'd use it, but I
can imagine someone else might.  It sounds like this is different from
keeping your key store in The Cloud (TM), but I didn't read the plugin
page carefully.

--keith

-- 
kkel...@wombat.san-francisco.ca.us


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using keepass on Centos 6

[Valeri Galtsev]

On Wed, September 21, 2016 4:30 pm, Keith Keller wrote:
> On 2016-09-21, Gordon Messmer  wrote:
>> On 09/21/2016 11:30 AM, H wrote:
>>> You are right, I'll look at it again. Let me ask, what other password
>>> managers are people using, if any?
>>
>>
>> I use keepass, but I know people who like:
>>
>> https://www.passwordstore.org/
>
> This looks very cool, but is there a version for Android?  One of the
> reasons I picked KeePass is that I could use a copy of the same password
> file with clients on linux, OS X, or Android.  (And if I had an iOS
> device KeePass works there too.)

I use KeepassX. That one has versions for pretty much all open source
systems (Linux, *BSD) and for variety of others widely used systems:
MacOS, Android, iOS, MS Windows (just listed the ones I know of). Thanks
to that I can open the same encrypted password store on pretty much all
devices and systems I use. However, no, I don't consider it reasonable for
myself to use it from inside web browser, hence I would recommend
reconsider this part in favor of universal tool.

Just my $0.02

Valeri

>
> --keith
>
> --
> kkel...@wombat.san-francisco.ca.us
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using keepass on Centos 6

[Keith Keller]

On 2016-09-21, Gordon Messmer  wrote:
> On 09/21/2016 11:30 AM, H wrote:
>> You are right, I'll look at it again. Let me ask, what other password 
>> managers are people using, if any?
>
>
> I use keepass, but I know people who like:
>
> https://www.passwordstore.org/

This looks very cool, but is there a version for Android?  One of the
reasons I picked KeePass is that I could use a copy of the same password
file with clients on linux, OS X, or Android.  (And if I had an iOS
device KeePass works there too.)

--keith

-- 
kkel...@wombat.san-francisco.ca.us


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS-build-reports] Build Done: firefox 45.4.0-1.el7.centos.plus.x86_64 on c7-plus

[buildsys]

logs/c7-plus/firefox/20160921204646/45.4.0-1.el7.centos.plus.x86_64
logs/c7-plus/firefox/20160921204646/45.4.0-1.el7.centos.plus.x86_64/build.log
logs/c7-plus/firefox/20160921204646/45.4.0-1.el7.centos.plus.x86_64/firefox-45.4.0-1.el7.centos.plus.src.rpm
logs/c7-plus/firefox/20160921204646/45.4.0-1.el7.centos.plus.x86_64/firefox-45.4.0-1.el7.centos.plus.x86_64.rpm
logs/c7-plus/firefox/20160921204646/45.4.0-1.el7.centos.plus.x86_64/firefox-debuginfo-45.4.0-1.el7.centos.plus.x86_64.rpm
logs/c7-plus/firefox/20160921204646/45.4.0-1.el7.centos.plus.x86_64/mock.cfg
logs/c7-plus/firefox/20160921204646/45.4.0-1.el7.centos.plus.x86_64/mock.exitcode
logs/c7-plus/firefox/20160921204646/45.4.0-1.el7.centos.plus.x86_64/root.log
logs/c7-plus/firefox/20160921204646/45.4.0-1.el7.centos.plus.x86_64/state.log
logs/c7-plus/firefox/20160921204646/45.4.0-1.el7.centos.plus.x86_64/stderr
logs/c7-plus/firefox/20160921204646/45.4.0-1.el7.centos.plus.x86_64/stdout
___
CentOS-build-reports mailing list
CentOS-build-reports@centos.org
https://lists.centos.org/mailman/listinfo/centos-build-reports

[CentOS] CentOS-6.8 PCI Hwdr issue?

[James B. Byrne]

I have begun to see these messages in my morning reports:

 WARNING:  Kernel Errors Present
pciehp :00:1c.0:pcie04: Link Training Error occurs  ...:  146
Time(s)
pciehp 0ng Error occurs  ...:  1 Time(s)
pcieport :00:1c.0:   bridge window [mem 0xd0a00.0 failed
with error -22 ...:  1 Time(s)
r8168: probe of :01:00.0 failed with error -22 ...:  702 Time(s)
r8168: probe of :01:00.0 failed with erroridge to [bus 01-0

The system is the KVM host for a number of our virtual guest servers. 
Investigating this further has revealed that these messages being
produced in vast numbers and that the messages log file is bloated in
consequence.


Sep 16 23:20:01 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 16 23:20:02 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 16 23:20:03 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 16 23:20:04 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 16 23:20:05 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 16 23:20:06 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 16 23:20:07 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 16 23:20:08 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 16 23:20:09 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 16 23:20:10 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 16 23:20:10 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 16 23:20:10 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 16 23:20:10 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 16 23:20:10 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 16 23:20:10 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 16 23:20:10 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 16 23:20:10 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on SSep 18 03:20:01 vhost01 kernel: pciehp
:00:1c.0:pcie04: Card present on Slot(0)
Sep 18 03:20:01 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 18 03:20:01 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 18 03:20:02 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 18 03:20:02 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 18 03:20:02 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 18 03:20:02 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 18 03:20:02 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 18 03:20:02 vhost01 kernel: pcieport :00:1c.0: PCI bridge to
[bus 01-01]
Sep 18 03:20:02 vhost01 kernel: pcieport :00:1c.0:   bridge window
[io  0xe000-0xefff]
Sep 18 03:20:01 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 18 03:20:02 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 18 03:20:02 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 18 03:20:02 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 18 03:20:02 vhost01 kernel: pciehp :00:1c.0:pcie04: Card
present on Slot(0)
Sep 18 03:20:02 vhost01 kernel: pciehp :00:1c.0:pcie04: Card not
present on Slot(0)
Sep 18 03:20:02 vhost01 kernel: pcieport :00:1c.0: PCI bridge to
[bus 01-01]
Sep 18 03:20:02 vhost01 kernel: pcieport :00:1c.0:   bridge window
[io  0xe000-0xefff]
Sep 18 03:20:02 vhost01 kernel: pcieport :00:1c.0:   bridge window
[mem 0xd080-0xd08f]
Sep 18 03:20:02 vhost01 kernel: pcieport :00:1c.0:   bridge window
[mem 0xd0a0-0xd0cf 64bit pref]
Sep 18 03:20:02 vhost01 kernel: pci :01:00.0: no hotplug settings
from platform
Sep 18 03:20:02 vhost01 kernel: pci :01:00.0: using default PCI
settings
Sep 18 03:20:02 vhost01 kernel: r8168 Gigabit Ethernet driver
8.040.00-NAPI loaded
Sep 18 03:20:02 vhost01 kernel: r8168 :01:00.0: PCI INT ? -> GSI
18 (level, low) -> IRQ 18

These messages are generated ceaselessly.

Research reveals that this error is possibly related to some sort of
driver incompatibility involving Realtek chip sets.

However, I do not seem to have this hardware installed on this host:

 lspci
00:00.0 Host bridge: Intel Corporation 4 Series Chipset DRAM
Controller (rev 03)
00:02.0 VGA compatible controller: Intel Corporation 4 Series Chipset
Integrated Graphics Controller (rev 03)
00:02.1 Display controller: Intel Corporation 4 Series Chipset
Integrated Graphics Controller (rev 03)
00:03.0 Communication controller: Intel Corporation 4 Series Chipset
HECI Controller (rev 03)
00:19.0 Ethernet controller: Intel Corporation 82567V-2 Gigabit
Network Connection
00:1a.0 USB controller: Intel Corporation 82801JI (ICH10 

Re: [CentOS] Using keepass on Centos 6

[Gordon Messmer]

On 09/21/2016 11:30 AM, H wrote:

You are right, I'll look at it again. Let me ask, what other password managers 
are people using, if any?



I use keepass, but I know people who like:

https://www.passwordstore.org/

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using keepass on Centos 6

[Charles Whitby]

sticky notes

On Wed, Sep 21, 2016 at 2:45 PM, Frank Cox 
wrote:

> On Wed, 21 Sep 2016 14:30:43 -0400
> H wrote:
>
> > what other password managers are people using, if any?
>
> I personally use revelation.
>
> --
> MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6.8, Iptables 1.4.7, and MASQUERADE

[geo.inbox.ignored]

On 09/20/2016 04:03 PM, Robert Heller wrote:
> I have a server that is also a firewall router at a public library with
> a fiber optic Internet connection. It is running kernel 
> 2.6.32-642.4.2.el6.x86_64 (current CentOS 6.8) and Iptables 1.4.7
> (current stock CentOS 6.8). I having trouble with Internet throughput. I
> am supposed to be getting 20Mbits down and 20MBits up, but I am not
> getting that. It has no problem doing 20MBits down, but for uploads of
> *large* files (using different protocols, such as ssh or http), the
> upload starts at 20MBits, but over time quickly slows down to about
> 3MBits. Speedtests claim I am getting about 20/20. I seem to be about to
> get 3Mbits *per transfer*, even if the transfers are concurrent and MRTG
> shows total throughput edging up to 6Mbits.
>
> What can possibly be going on. My ISP is not believing there is anything 
> wrong on their end. About the only thing left is maybe some sort of
> weirdness with Iptables imposing some sort of I/O overhead, maybe related
> to the MASQUERADE postrouting. Does this even make sense?
>
==>

as for your problem of slow down, i find that a lot of sites will
throttle back, possible because they have their system set up to
do so.

i found that many speed test sites use a poor way of testing speed
and do not really test.

searched for better tester and so far have had good results using;

  http://speedof.me/

have a look at;

  http://speedof.me/howitworks.html

for explanation of testing process and you will see why it is
better.


-- 

peace out.

CentOS GNU/Linux 6.8

tc,hago.

g
.

=+=
Tired of having your microsoft os hacked?
Change to Linux os, used by microsoft hackers.
=+=
in a world with out fences, who needs gates.
=+=
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using keepass on Centos 6

[Frank Cox]

On Wed, 21 Sep 2016 14:30:43 -0400
H wrote:

> what other password managers are people using, if any?

I personally use revelation.

-- 
MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using keepass on Centos 6

[H]

On September 21, 2016 2:25:37 PM EDT, Gordon Messmer  
wrote:
>On 09/21/2016 09:16 AM, H wrote:
>> I wish there was one, it makes all the difference by allowing
>automated login to websites.
>
>
>Maybe you should take another look at keepass, then?  Mono is available
>
>in EPEL.  keepass runs reasonably well in it.  keefox should work as 
>expected.  The technical barriers here are .. basically non-existent.
>
>___
>CentOS mailing list
>CentOS@centos.org
>https://lists.centos.org/mailman/listinfo/centos

You are right, I'll look at it again. Let me ask, what other password managers 
are people using, if any?
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using keepass on Centos 6

[Gordon Messmer]

On 09/21/2016 09:16 AM, H wrote:

I wish there was one, it makes all the difference by allowing automated login 
to websites.



Maybe you should take another look at keepass, then?  Mono is available 
in EPEL.  keepass runs reasonably well in it.  keefox should work as 
expected.  The technical barriers here are .. basically non-existent.


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] PHP vulnerability CVE-2016-4073

[Alice Wonder]

On 09/21/2016 05:43 AM, Прокси wrote:

On 2016-Sep-21 14:35, Adrian Sevcenco wrote:

On 09/21/2016 02:02 PM, Прокси wrote:

Hello,

My server with CentOS 6.8 just failed PCI scan, so I'm looking into
vulnerable packages. PHP 5.3.3 have multiple vulnerabilities, some of
them are fixed/patched or have some kind of workaround. But I can't find
a way to fix this one. Red Hat state: under investigation.

https://access.redhat.com/security/cve/cve-2016-4073

This CVE is 6 months old, and it doesn't look like it will be fixed.
Does anyone knows the way to go around this? Except blocking mb_strcut()
function.

you could try the unsupported php from remi repos... you can find there php 7.0 
..


I use CentOS because I need stable and patched packages, so I can be
sure that all applications work without unpleasant surprises. Going to
unsupported packages would be my last option.


I feel the same way but I find that it is generally safe and beneficial 
to update the LAMP stack on servers and the multimedia stack on the desktop.


Things like HTTP/2 are not available in the Apache that ships even with 
CentOS 7 and the PHP is so outdated that it causes problems when using 
third party projects because the developers of those projects aren't 
using anything that old anymore. And for the TLS stack, mobile really 
benefits from chacha20 ciphers.


With respect to multimedia, there's the fluendo codec pack but 
interestingly FireFox won't play mp3 with the fluendo codec pack, it 
wants the libmad plugin.


And even more bizarre, maybe they have fixed it, but GStreamer 1.x in 
CentOS 7 when it shipped was not capable of decoding the VP9 codec used 
in WebM2. CentOS 7 came with tools to encode VP9 but the GStreamer was 
too crusty to decode it, and the commercial fluendo plugins were of no 
help there - replacing the GStreamer 1.x packages with a modern build 
was the only option.


Stability is pointless when it doesn't serve the intended purpose.

PHP even in CentOS 7 should be updated for a production server.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS-build-reports] Build Fail: firefox 45.4.0-1.el7.centos.plus.x86_64 on c7-plus

[buildsys]

ROOT log: -( last 500 lines )-\n\n
DEBUG util.py:399:   cairo-gobject-devel   x86_64 1.14.2-1.el7  
   c7.1511.00  17 k
DEBUG util.py:399:   cdparanoia-libs   x86_64 10.2-17.el7   
   c7.00.0355 k
DEBUG util.py:399:   centos-indexhtml  noarch 7-9.el7.centos
   c7.00.0491 k
DEBUG util.py:399:   check x86_64 0.9.9-5.el7   
   c7.00.03   101 k
DEBUG util.py:399:   check-devel   x86_64 0.9.9-5.el7   
   c7.00.0326 k
DEBUG util.py:399:   colord-libs   x86_64 1.2.7-2.el7   
   c7.1511.00 173 k
DEBUG util.py:399:   cryptsetupx86_64 1.6.7-1.el7   
   c7.1511.00 118 k
DEBUG util.py:399:   cryptsetup-libs   x86_64 1.6.7-1.el7   
   c7.1511.00 181 k
DEBUG util.py:399:   ctags x86_64 5.8-13.el7
   c7.00.03   154 k
DEBUG util.py:399:   cups-libs x86_64 1:1.6.3-22.el7
   c7.1511.00 354 k
DEBUG util.py:399:   dbus  x86_64 1:1.6.12-14.el7_2 
   c7.1511.u  305 k
DEBUG util.py:399:   dbus-develx86_64 1:1.6.12-14.el7_2 
   c7.1511.u   51 k
DEBUG util.py:399:   dbus-glib x86_64 0.100-7.el7   
   c7.00.03   101 k
DEBUG util.py:399:   dbus-glib-devel   x86_64 0.100-7.el7   
   c7.00.0352 k
DEBUG util.py:399:   dbus-libs x86_64 1:1.6.12-14.el7_2 
   c7.1511.u  150 k
DEBUG util.py:399:   device-mapper x86_64 7:1.02.107-5.el7_2.5  
   c7.1511.u  251 k
DEBUG util.py:399:   device-mapper-libsx86_64 7:1.02.107-5.el7_2.5  
   c7.1511.u  304 k
DEBUG util.py:399:   docbook-dtds  noarch 1.0-60.el7
   c7.00.03   225 k
DEBUG util.py:399:   docbook-style-dsssl   noarch 1.79-18.el7   
   c7.01.u250 k
DEBUG util.py:399:   docbook-style-xsl noarch 1.78.1-3.el7  
   c7.00.03   2.0 M
DEBUG util.py:399:   docbook-utils noarch 0.6.14-36.el7 
   c7.00.0370 k
DEBUG util.py:399:   dosfstoolsx86_64 3.0.20-9.el7  
   c7.00.03   100 k
DEBUG util.py:399:   dracutx86_64 033-360.el7_2.1   
   c7.1511.u  310 k
DEBUG util.py:399:   e2fsprogs x86_64 1.42.9-7.el7  
   c7.01.00   696 k
DEBUG util.py:399:   e2fsprogs-libsx86_64 1.42.9-7.el7  
   c7.01.00   164 k
DEBUG util.py:399:   emacs-filesystem  noarch 1:24.3-18.el7 
   c7.1511.00  57 k
DEBUG util.py:399:   expat-devel   x86_64 2.1.0-8.el7   
   c7.00.0355 k
DEBUG util.py:399:   flac-libs x86_64 1.3.0-5.el7_1 
   c7.01.u168 k
DEBUG util.py:399:   fontconfigx86_64 2.10.95-7.el7 
   c7.00.03   227 k
DEBUG util.py:399:   fontconfig-devel  x86_64 2.10.95-7.el7 
   c7.00.03   127 k
DEBUG util.py:399:   fontpackages-filesystem   noarch 1.44-8.el7
   c7.00.03   8.8 k
DEBUG util.py:399:   freetype  x86_64 2.4.11-11.el7 
   c7.1511.00 390 k
DEBUG util.py:399:   gamin x86_64 0.1.10-16.el7 
   c7.00.03   127 k
DEBUG util.py:399:   gdisk x86_64 0.8.6-5.el7   
   c7.01.00   186 k
DEBUG util.py:399:   gdk-pixbuf2   x86_64 2.31.6-3.el7  
   c7.1511.00 558 k
DEBUG util.py:399:   gdk-pixbuf2-devel x86_64 2.31.6-3.el7  
   c7.1511.00 215 k
DEBUG util.py:399:   gl-manpages   noarch 1.1-7.20130122.el7
   c7.00.03   993 k
DEBUG util.py:399:   glib-networking   x86_64 2.42.0-1.el7  
   c7.1511.00 122 k
DEBUG util.py:399:   glib2-devel   x86_64 2.42.2-5.el7  
   c7.1511.00 447 k
DEBUG util.py:399:   gnome-vfs2x86_64 2.24.4-14.el7 
   c7.00.03   838 k
DEBUG util.py:399:   gnutlsx86_64 3.3.8-14.el7_2
   c7.1511.u  661 k
DEBUG util.py:399:   graphite2 x86_64 1.3.6-1.el7_2 
   c7.1511.u  111 k
DEBUG util.py:399:   gsettings-desktop-schemas x86_64 3.14.2-1.el7  
   c7.1511.00 475 k
DEBUG util.py:399:   gsm   x86_64 1.0.13-11.el7 
   c7.00.0328 k
DEBUG util.py:399:   gstreamer1x86_64 1.4.5-1.el7   
   c7.1511.00 988 k
DEBUG util.py:399:   gstreamer1-plugins-base   x86_64 1.4.5-2.el7   
   c7.1511.00 1.2 M
DEBUG util.py:399:   gtk-doc   noarch 1.19-3.el7
   c7.00.03   263 k
DEBUG util.py:399:   gtk2  x86_64 2.24.28-8.el7 
   c7.1511.00 3.4 M
DEBUG util.py:399:   gtk3  x86_64 3.14.13-16.el7
   c7.1511.00 

[CentOS-docs] Proposed Contribution for the "How To's" Section

[Rob Morrison]

Hello,

My username is RobMorrison

The proposed subject of my Wiki contribution is "Backing up with Bacula"

Some background information in case you are not aware of Bacula:

According to Source Forge statistics (rank and downloads), Bacula is by 
far the most popular Open Source backup program. It eables you (or the 
system administrator) to manage backup, recovery, and verification of 
computer data across a network of computers of different kinds. Bacula 
is relatively easy to use and very efficient, while offering many 
advanced storage management features that make it easy to find and 
recover lost or damaged files. In technical terms, it is an Open Source, 
network based backup program.


So far there have been over 3Million downloads of Bacula, and it is used 
by many leading data centers and research establishments around the 
world, such as NASA.


The proposed location of my Wiki contribution is   
https://wiki.centos.org/HowTos/BaculaBackups


Many thanks and best regards,

Rob

http://blog.bacula.org/


___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

[CentOS-build-reports] Build Done: firefox 45.4.0-1.el7.centos.plus.i386 on c7-plus

[buildsys]

logs/c7-plus/firefox/20160921160741/45.4.0-1.el7.centos.plus.i386
logs/c7-plus/firefox/20160921160741/45.4.0-1.el7.centos.plus.i386/build.log
logs/c7-plus/firefox/20160921160741/45.4.0-1.el7.centos.plus.i386/firefox-45.4.0-1.el7.centos.plus.i686.rpm
logs/c7-plus/firefox/20160921160741/45.4.0-1.el7.centos.plus.i386/firefox-45.4.0-1.el7.centos.plus.src.rpm
logs/c7-plus/firefox/20160921160741/45.4.0-1.el7.centos.plus.i386/firefox-debuginfo-45.4.0-1.el7.centos.plus.i686.rpm
logs/c7-plus/firefox/20160921160741/45.4.0-1.el7.centos.plus.i386/mock.cfg
logs/c7-plus/firefox/20160921160741/45.4.0-1.el7.centos.plus.i386/mock.exitcode
logs/c7-plus/firefox/20160921160741/45.4.0-1.el7.centos.plus.i386/root.log
logs/c7-plus/firefox/20160921160741/45.4.0-1.el7.centos.plus.i386/state.log
logs/c7-plus/firefox/20160921160741/45.4.0-1.el7.centos.plus.i386/stderr
logs/c7-plus/firefox/20160921160741/45.4.0-1.el7.centos.plus.i386/stdout
___
CentOS-build-reports mailing list
CentOS-build-reports@centos.org
https://lists.centos.org/mailman/listinfo/centos-build-reports

Re: [CentOS] Using keepass on Centos 6

[H]

On September 21, 2016 12:10:18 PM EDT, Valeri Galtsev 
 wrote:
>
>On Wed, September 21, 2016 10:57 am, Gordon Messmer wrote:
>> On 09/21/2016 06:50 AM, H wrote:
>>> Thank you, downloaded and installed keepassx2 from EPEL since
>keepassx
>>> seemed to suffer from a bug per the home page.
>>
>> Which URL describes the bug?
>>
>>>   The database opened fine but unfortunately the KeeFox extension
>for
>>> Firefox does not seem to be compatible...
>>
>>
>> KeeFox, AFAIK, is an extension that interfaces with Keepass, the .Net
>> application.  KeepassX is a different product.  I don't see a browser
>> plugin that interfaces with that one.
>
>And I for one wouldn't trust any browser (huge sophisticated chunk of
>code, capable executing someone's else code - like java scripts etc) to
>go
>inside my encrypted password database. If you want security, paranoia
>is
>your friend. If you don't want security, why use KeepassX in the first
>place?
>
>Valeri
>
>
>
>Valeri Galtsev
>Sr System Administrator
>Department of Astronomy and Astrophysics
>Kavli Institute for Cosmological Physics
>University of Chicago
>Phone: 773-702-4247
>
>___
>CentOS mailing list
>CentOS@centos.org
>https://lists.centos.org/mailman/listinfo/centos

Well, I am not sure how KeeFox and Keepass work together. At some time the 
browser needs the userid and password to login.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using keepass on Centos 6

[H]

On September 21, 2016 11:57:14 AM EDT, Gordon Messmer 
 wrote:
>On 09/21/2016 06:50 AM, H wrote:
>> Thank you, downloaded and installed keepassx2 from EPEL since
>keepassx seemed to suffer from a bug per the home page.
>
>Which URL describes the bug?
>
>>   The database opened fine but unfortunately the KeeFox extension for
>Firefox does not seem to be compatible...
>
>
>KeeFox, AFAIK, is an extension that interfaces with Keepass, the .Net 
>application.  KeepassX is a different product.  I don't see a browser 
>plugin that interfaces with that one.
>
>___
>CentOS mailing list
>CentOS@centos.org
>https://lists.centos.org/mailman/listinfo/centos

I wish there was one, it makes all the difference by allowing automated login 
to websites. I have not gotten Auto-Type to work...
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using keepass on Centos 6

[Valeri Galtsev]

On Wed, September 21, 2016 10:57 am, Gordon Messmer wrote:
> On 09/21/2016 06:50 AM, H wrote:
>> Thank you, downloaded and installed keepassx2 from EPEL since keepassx
>> seemed to suffer from a bug per the home page.
>
> Which URL describes the bug?
>
>>   The database opened fine but unfortunately the KeeFox extension for
>> Firefox does not seem to be compatible...
>
>
> KeeFox, AFAIK, is an extension that interfaces with Keepass, the .Net
> application.  KeepassX is a different product.  I don't see a browser
> plugin that interfaces with that one.

And I for one wouldn't trust any browser (huge sophisticated chunk of
code, capable executing someone's else code - like java scripts etc) to go
inside my encrypted password database. If you want security, paranoia is
your friend. If you don't want security, why use KeepassX in the first
place?

Valeri



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using keepass on Centos 6

[Gordon Messmer]

On 09/21/2016 06:50 AM, H wrote:

Thank you, downloaded and installed keepassx2 from EPEL since keepassx seemed 
to suffer from a bug per the home page.


Which URL describes the bug?


  The database opened fine but unfortunately the KeeFox extension for Firefox 
does not seem to be compatible...



KeeFox, AFAIK, is an extension that interfaces with Keepass, the .Net 
application.  KeepassX is a different product.  I don't see a browser 
plugin that interfaces with that one.


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS-build-reports] Build Fail: firefox 45.4.0-1.el7.centos.plus.x86_64 on c7-plus

[buildsys]

ROOT log: -( last 500 lines )-\n\n
DEBUG util.py:399:   cairo-gobject-devel   x86_64 1.14.2-1.el7  
   c7.1511.00  17 k
DEBUG util.py:399:   cdparanoia-libs   x86_64 10.2-17.el7   
   c7.00.0355 k
DEBUG util.py:399:   centos-indexhtml  noarch 7-9.el7.centos
   c7.00.0491 k
DEBUG util.py:399:   check x86_64 0.9.9-5.el7   
   c7.00.03   101 k
DEBUG util.py:399:   check-devel   x86_64 0.9.9-5.el7   
   c7.00.0326 k
DEBUG util.py:399:   colord-libs   x86_64 1.2.7-2.el7   
   c7.1511.00 173 k
DEBUG util.py:399:   cryptsetupx86_64 1.6.7-1.el7   
   c7.1511.00 118 k
DEBUG util.py:399:   cryptsetup-libs   x86_64 1.6.7-1.el7   
   c7.1511.00 181 k
DEBUG util.py:399:   ctags x86_64 5.8-13.el7
   c7.00.03   154 k
DEBUG util.py:399:   cups-libs x86_64 1:1.6.3-22.el7
   c7.1511.00 354 k
DEBUG util.py:399:   dbus  x86_64 1:1.6.12-14.el7_2 
   c7.1511.u  305 k
DEBUG util.py:399:   dbus-develx86_64 1:1.6.12-14.el7_2 
   c7.1511.u   51 k
DEBUG util.py:399:   dbus-glib x86_64 0.100-7.el7   
   c7.00.03   101 k
DEBUG util.py:399:   dbus-glib-devel   x86_64 0.100-7.el7   
   c7.00.0352 k
DEBUG util.py:399:   dbus-libs x86_64 1:1.6.12-14.el7_2 
   c7.1511.u  150 k
DEBUG util.py:399:   device-mapper x86_64 7:1.02.107-5.el7_2.5  
   c7.1511.u  251 k
DEBUG util.py:399:   device-mapper-libsx86_64 7:1.02.107-5.el7_2.5  
   c7.1511.u  304 k
DEBUG util.py:399:   docbook-dtds  noarch 1.0-60.el7
   c7.00.03   225 k
DEBUG util.py:399:   docbook-style-dsssl   noarch 1.79-18.el7   
   c7.01.u250 k
DEBUG util.py:399:   docbook-style-xsl noarch 1.78.1-3.el7  
   c7.00.03   2.0 M
DEBUG util.py:399:   docbook-utils noarch 0.6.14-36.el7 
   c7.00.0370 k
DEBUG util.py:399:   dosfstoolsx86_64 3.0.20-9.el7  
   c7.00.03   100 k
DEBUG util.py:399:   dracutx86_64 033-360.el7_2.1   
   c7.1511.u  310 k
DEBUG util.py:399:   e2fsprogs x86_64 1.42.9-7.el7  
   c7.01.00   696 k
DEBUG util.py:399:   e2fsprogs-libsx86_64 1.42.9-7.el7  
   c7.01.00   164 k
DEBUG util.py:399:   emacs-filesystem  noarch 1:24.3-18.el7 
   c7.1511.00  57 k
DEBUG util.py:399:   expat-devel   x86_64 2.1.0-8.el7   
   c7.00.0355 k
DEBUG util.py:399:   flac-libs x86_64 1.3.0-5.el7_1 
   c7.01.u168 k
DEBUG util.py:399:   fontconfigx86_64 2.10.95-7.el7 
   c7.00.03   227 k
DEBUG util.py:399:   fontconfig-devel  x86_64 2.10.95-7.el7 
   c7.00.03   127 k
DEBUG util.py:399:   fontpackages-filesystem   noarch 1.44-8.el7
   c7.00.03   8.8 k
DEBUG util.py:399:   freetype  x86_64 2.4.11-11.el7 
   c7.1511.00 390 k
DEBUG util.py:399:   gamin x86_64 0.1.10-16.el7 
   c7.00.03   127 k
DEBUG util.py:399:   gdisk x86_64 0.8.6-5.el7   
   c7.01.00   186 k
DEBUG util.py:399:   gdk-pixbuf2   x86_64 2.31.6-3.el7  
   c7.1511.00 558 k
DEBUG util.py:399:   gdk-pixbuf2-devel x86_64 2.31.6-3.el7  
   c7.1511.00 215 k
DEBUG util.py:399:   gl-manpages   noarch 1.1-7.20130122.el7
   c7.00.03   993 k
DEBUG util.py:399:   glib-networking   x86_64 2.42.0-1.el7  
   c7.1511.00 122 k
DEBUG util.py:399:   glib2-devel   x86_64 2.42.2-5.el7  
   c7.1511.00 447 k
DEBUG util.py:399:   gnome-vfs2x86_64 2.24.4-14.el7 
   c7.00.03   838 k
DEBUG util.py:399:   gnutlsx86_64 3.3.8-14.el7_2
   c7.1511.u  661 k
DEBUG util.py:399:   graphite2 x86_64 1.3.6-1.el7_2 
   c7.1511.u  111 k
DEBUG util.py:399:   gsettings-desktop-schemas x86_64 3.14.2-1.el7  
   c7.1511.00 475 k
DEBUG util.py:399:   gsm   x86_64 1.0.13-11.el7 
   c7.00.0328 k
DEBUG util.py:399:   gstreamer1x86_64 1.4.5-1.el7   
   c7.1511.00 988 k
DEBUG util.py:399:   gstreamer1-plugins-base   x86_64 1.4.5-2.el7   
   c7.1511.00 1.2 M
DEBUG util.py:399:   gtk-doc   noarch 1.19-3.el7
   c7.00.03   263 k
DEBUG util.py:399:   gtk2  x86_64 2.24.28-8.el7 
   c7.1511.00 3.4 M
DEBUG util.py:399:   gtk3  x86_64 3.14.13-16.el7
   c7.1511.00 

[CentOS-build-reports] Build Done: firefox 45.4.0-1.el7.centos.x86_64 on c7.1511.u

[buildsys]

logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.x86_64
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.x86_64/build.log
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.x86_64/firefox-45.4.0-1.el7.centos.src.rpm
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.x86_64/firefox-45.4.0-1.el7.centos.x86_64.rpm
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.x86_64/firefox-debuginfo-45.4.0-1.el7.centos.x86_64.rpm
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.x86_64/mock.cfg
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.x86_64/mock.exitcode
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.x86_64/root.log
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.x86_64/state.log
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.x86_64/stderr
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.x86_64/stdout
___
CentOS-build-reports mailing list
CentOS-build-reports@centos.org
https://lists.centos.org/mailman/listinfo/centos-build-reports

Re: [CentOS] Using keepass on Centos 6

[H]

On September 20, 2016 3:43:17 PM EDT, H  wrote:
>Is anyone running keepass on C6? I have a rather large password
>database under Windows that I want also to use on my Centos systems. It
>seems that keepass is not available, it relies on mono and there may be
>bugs.
>
>Googling also seems to suggest that I should download the source code
>and compile to install. The nux repository seems to have a version for
>C7, but not for C6.
>
>Many suppositions and few facts - perhaps someone knows better?
>
>Thanks!
>
>___
>CentOS mailing list
>CentOS@centos.org
>https://lists.centos.org/mailman/listinfo/centos

Thank you, downloaded and installed keepassx2 from EPEL since keepassx seemed 
to suffer from a bug per the home page. The database opened fine but 
unfortunately the KeeFox extension for Firefox does not seem to be compatible...
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ipset and blacklisting

[Albert McCann]

> -Original Message-
> From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
> Behalf Of tdu...@palmettoshopper.com
> Sent: Wednesday, September 21, 2016 9:10 AM
> To: CentOS mailing list 
> Subject: Re: [CentOS] ipset and blacklisting

> I do a:
> 
> ipset save blacklist, and service ipset save
> 
> I use three scripts:
> 
> access_log_ips.sh

Thanks, I need to do this myself.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS-build-reports] Build Done: firefox 45.4.0-1.el7.centos.i386 on c7.1511.u

[buildsys]

logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.i386
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.i386/build.log
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.i386/firefox-45.4.0-1.el7.centos.i686.rpm
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.i386/firefox-45.4.0-1.el7.centos.src.rpm
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.i386/firefox-debuginfo-45.4.0-1.el7.centos.i686.rpm
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.i386/mock.cfg
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.i386/mock.exitcode
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.i386/root.log
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.i386/state.log
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.i386/stderr
logs/c7.1511.u/firefox/20160921124410/45.4.0-1.el7.centos.i386/stdout
___
CentOS-build-reports mailing list
CentOS-build-reports@centos.org
https://lists.centos.org/mailman/listinfo/centos-build-reports

Re: [CentOS] ipset and blacklisting

[tdukes]

 Original Message 
Subject: Re: [CentOS] ipset and blacklisting
From: "Albert McCann" 
Date: Wed, September 21, 2016 5:34 am
To: "'CentOS mailing list'" 

How are you saving and reloading the ipsets over a reboot?

> -Original Message-
> From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
> Behalf Of TE Dukes
> Sent: Tuesday, September 20, 2016 9:46 PM
> To: 'CentOS mailing list' 
> Subject: [CentOS] ipset and blacklisting
> 
> This is what ipset can do for traffic on a home server that's not wanted
> on
> a slow 6MB DSL connection.
> 
> http://palmettoshopper.com/httpd_traffic.jpg
> 
> I only use my home server for zoneminder, testing my commercial website
> and
> streaming movies.
> 
> Got tired of hackers looking for files that don't exist on my home server
> and non-complying robots.
> 
> Check the drop in bandwidth.
> 
> Setup up a redirect to the NSA webite. They can deal with the hackers.
> 
> HTH
> 

I do a:

ipset save blacklist, and service ipset save

I use three scripts:

access_log_ips.sh

#!/bin/bash
##
cp /root/blacklist /root/blacklist.old

sed -e 's/\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\).*$/\1/' -e t -e d
/var/log/httpd/access_log | sort | uniq > blacklist

exit 0



import_blacklist.sh

#!/bin/bash
##
sed s/,/\\n/g /root/blacklist |while read i; do ipset add blacklist $i

/usr/sbin/ipset save blacklist

# rm -f /root/blacklist.old

done

and most importantly so I don't ban myself,

ipset_whitelist.sh

#!/bin/bash
##
ipset del blacklist 192.168.1.102
ipset del blacklist 192.168.1.110
ipset del blacklist 107.161.163.5
ipset del blacklist 24.168.204.125
ipset del blacklist 107.161.163.4
ipset del blacklist 66.87.133.247
ipset del blacklist 107.161.163.10
ipset del blacklist 192.240.96.67
ipset del blacklist 107.161.163.8
ipset del blacklist 192.240.96.133
ipset del blacklist 127.0.0.1

ipset save blacklist

service ipset save

exit 0

I combined the three in another script that runs 4 times a day.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] PHP vulnerability CVE-2016-4073

[Прокси]

On 2016-Sep-21 14:45, Eero Volotinen wrote:
> https://pci.qualys.com/static/help/merchant/questionnaires/compensating_controls_definition.htm
> 
> Eero

Well, I was hoping to get some ideas for compensating controls in this
case. Anyhow, I just added mb_strcut() to disable_functions. I'll be
able to live without it.

 
> 2016-09-21 14:02 GMT+03:00 Прокси :
> 
> > Hello,
> >
> > My server with CentOS 6.8 just failed PCI scan, so I'm looking into
> > vulnerable packages. PHP 5.3.3 have multiple vulnerabilities, some of
> > them are fixed/patched or have some kind of workaround. But I can't find
> > a way to fix this one. Red Hat state: under investigation.
> >
> > https://access.redhat.com/security/cve/cve-2016-4073
> >
> > This CVE is 6 months old, and it doesn't look like it will be fixed.
> > Does anyone knows the way to go around this? Except blocking mb_strcut()
> > function.
> >
> > Thanks!
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> >
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] PHP vulnerability CVE-2016-4073

[Прокси]

On 2016-Sep-21 14:35, Adrian Sevcenco wrote:
> On 09/21/2016 02:02 PM, Прокси wrote:
> > Hello,
> > 
> > My server with CentOS 6.8 just failed PCI scan, so I'm looking into
> > vulnerable packages. PHP 5.3.3 have multiple vulnerabilities, some of
> > them are fixed/patched or have some kind of workaround. But I can't find
> > a way to fix this one. Red Hat state: under investigation.
> > 
> > https://access.redhat.com/security/cve/cve-2016-4073
> > 
> > This CVE is 6 months old, and it doesn't look like it will be fixed.
> > Does anyone knows the way to go around this? Except blocking mb_strcut()
> > function.
> you could try the unsupported php from remi repos... you can find there php 
> 7.0 ..

I use CentOS because I need stable and patched packages, so I can be
sure that all applications work without unpleasant surprises. Going to
unsupported packages would be my last option. 
 


> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ipset and blacklisting

[Albert McCann]

How are you saving and reloading the ipsets over a reboot?

> -Original Message-
> From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
> Behalf Of TE Dukes
> Sent: Tuesday, September 20, 2016 9:46 PM
> To: 'CentOS mailing list' 
> Subject: [CentOS] ipset and blacklisting
> 
> This is what ipset can do for traffic on a home server that's not wanted
> on
> a slow 6MB DSL connection.
> 
> http://palmettoshopper.com/httpd_traffic.jpg
> 
> I only use my home server for zoneminder, testing my commercial website
> and
> streaming movies.
> 
> Got tired of hackers looking for files that don't exist on my home server
> and non-complying robots.
> 
> Check the drop in bandwidth.
> 
> Setup up a redirect to the NSA webite. They can deal with the hackers.
> 
> HTH
> 
> 
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] PHP vulnerability CVE-2016-4073

[Eero Volotinen]

https://pci.qualys.com/static/help/merchant/questionnaires/compensating_controls_definition.htm

Eero

2016-09-21 14:02 GMT+03:00 Прокси :

> Hello,
>
> My server with CentOS 6.8 just failed PCI scan, so I'm looking into
> vulnerable packages. PHP 5.3.3 have multiple vulnerabilities, some of
> them are fixed/patched or have some kind of workaround. But I can't find
> a way to fix this one. Red Hat state: under investigation.
>
> https://access.redhat.com/security/cve/cve-2016-4073
>
> This CVE is 6 months old, and it doesn't look like it will be fixed.
> Does anyone knows the way to go around this? Except blocking mb_strcut()
> function.
>
> Thanks!
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] PHP vulnerability CVE-2016-4073

[Adrian Sevcenco]

On 09/21/2016 02:02 PM, Прокси wrote:
> Hello,
> 
> My server with CentOS 6.8 just failed PCI scan, so I'm looking into
> vulnerable packages. PHP 5.3.3 have multiple vulnerabilities, some of
> them are fixed/patched or have some kind of workaround. But I can't find
> a way to fix this one. Red Hat state: under investigation.
> 
> https://access.redhat.com/security/cve/cve-2016-4073
> 
> This CVE is 6 months old, and it doesn't look like it will be fixed.
> Does anyone knows the way to go around this? Except blocking mb_strcut()
> function.
you could try the unsupported php from remi repos... you can find there php 7.0 
..

HTH,
Adrian

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] PHP vulnerability CVE-2016-4073

[Прокси]

Hello,

My server with CentOS 6.8 just failed PCI scan, so I'm looking into
vulnerable packages. PHP 5.3.3 have multiple vulnerabilities, some of
them are fixed/patched or have some kind of workaround. But I can't find
a way to fix this one. Red Hat state: under investigation.

https://access.redhat.com/security/cve/cve-2016-4073

This CVE is 6 months old, and it doesn't look like it will be fixed.
Does anyone knows the way to go around this? Except blocking mb_strcut()
function.

Thanks!
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos