Re: [CentOS] php 5.1.6 vulnerability in CentosPlus repo
You can also build the packages yourself and keep abreast of the mailing list On Sun, Jul 3, 2011 at 9:11 AM, John R. Dennison j...@gerdesas.com wrote: On Sun, Jul 03, 2011 at 02:29:12PM +0200, Alain Péan wrote: So 5.1.6 is the current package on CentOS, at least in base repo, I don't know for CentOSPlus, and your question is totally valid. The php in base, for both C4 and C5, gets updates. I've not seen an update for the C4 plus package since, well, 2008. This also brings up the question what stack this package was part of upstream; I'm not able to locate it in Redhat's mirrors. I am not using PHP, so I am not aware of the last vulnerabilities, but you should know that RedHat backports security fixes, and features, from further releases, so the version number is not that informative. See for example this rather old thread (2010) : They only backport for supported packages. It appears that this package may have been orphaned upstream. http://forums.whirlpool.net.au/archive/1424743 Returns a 404. John -- When there are too many policemen, there can be no liberty. When there are too many soldiers, there can be no peace. When there are too many lawyers, there can be no justice. -- Lin Yutang (10 October 1895 - 26 March 1976), Chinese writer and translator, as quoted in Alexander, James (2005). The World's Funniest Laws. Cheam: Crombie Jardine. pp. page 6 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.theboxery.com -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Power-outage
They have cheaper smaller UPS's that should be able to help you. On Fri, Jul 1, 2011 at 7:05 AM, Timothy Murphy gayle...@eircom.net wrote: I have a CentOS-5.6 remote server in a house in Italy, where there are occasional thunder-storms. There was one yesterday, when the electricity went off 3 times, for a second or so on each occasion. My server, an HP MicroServer, came back (re-booted) on 2 of the 3 occasions, but not on the third. I assume that the problem arises because the machine does not close down properly. (Although it is also possible that a voltage surge might have been responsible - I have no surge protector on this supply.) It seems to me that it should be possible to have a simple, torch-battery operated, system which will keep the machine alive long enough to make a graceful exit. A full-blown UPS would be excessive, I think, as I only want the machine to re-boot when the current comes back on. I know there is a Remote Management (iLO) card for this machine, which might be useful for this. Unfortunately, I've already used the PCIe slot for a second ethernet card. Any advice or suggestions gratefully received. -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.theboxery.com -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] httpd and robots.txt
The best way is to remove it from your directory from the google webmaster tools. Also some bots don't listen so additionally to robots.txt use the webmaster central. James On Sun, Jan 17, 2010 at 9:31 AM, Kai Schaetzl mailli...@conactive.comwrote: Add User-agent: Slurp Crawl-delay: 86400 to stop misbehaving Yahoo bots. Slurp is often misbehaving, but it at least follows these rules. Something you can't say of Googlebot, for instance. Kai -- Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.astorandblack.com -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Are SSD disks worth the cost for server usage?
I concur that I would not use them on anything important. On Thu, Jan 14, 2010 at 12:13 AM, Noob Centos Admin centos.ad...@gmail.comwrote: Hi, - A: one is with 80 GB SSD (and 12 GB memory) http://www.ovh.co.uk/products/eg_ssd.xml - B: the other with 750 GB SATA2 (and 8 GB memory). http://www.ovh.co.uk/products/eg_best_of.xml The Intel SSD are fast but have a history of firmware problems. So I wouldn't suggest using them on a mission critical data. Personally I think asking for more RAM on the SATA server would do more for performance especially since you are going to be running several VM. Just my noobish 2 cents' worth. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] James Matthews wants to connect on LinkedIn
LinkedIn James Matthews requested to add you as a connection on LinkedIn: -- Romeo, I'd like to add you to my professional network on LinkedIn. - James Matthews Accept invitation from James Matthews http://www.linkedin.com/e/c640Z0zoY42Hba6yQ6iWhZknxFvA/blk/I1698721392_2/pmpxnSRJrSdvj4R5fnhv9ClRsDgZp6lQs6lzoQ5AomZIpn8_cBYOejcNczsUejoNiiZ9gmB1d5kMqiYMcPkUej4SdzALrCBxbOYWrSlI/EML_comm_afe/ View invitation from James Matthews http://www.linkedin.com/e/c640Z0zoY42Hba6yQ6iWhZknxFvA/blk/I1698721392_2/39vczAPcj8Te3ASckALqnpPbOYWrSlI/svi/ -- DID YOU KNOW your LinkedIn profile helps you control your public image when people search for you? Setting your profile as public means your LinkedIn profile will come up when people enter your name in leading search engines. Take control of your image! http://www.linkedin.com/e/ewp/inv-22/ -- (c) 2009, LinkedIn Corporation ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Docx format ?
You can also use google docs On Fri, Nov 27, 2009 at 4:02 PM, MHR mhullr...@gmail.com wrote: On Fri, Nov 27, 2009 at 5:37 AM, Sorin Srbu sorin.s...@orgfarm.uu.se wrote: So basically, CentOS+OOO3.1 vs WinXP+OOO3.1 scores 1 to 0. Good work CentOS and OOO teams! RBFG Thanks for the laugh, Sorin! mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://nifloh.wordpress.com/ -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.3 on X86_64: yum installs both i386 and x86_64 packages
Frank Cox posted above this line, ' yum remove \*.i?86 ' What I do is put the package name and then the platform. E.g php-cli.x86_64 On Wed, Oct 14, 2009 at 1:25 PM, Patrick McEvoy pmce...@silvacapitalmanagement.com wrote: I have just found this post regarding the removal of .i?86 packages on a x86_64 machine, http://bugs.centos.org/view.php?id=2590. I assume that these issues still exist for CentOS 5.3. Anyone have advice on how to remove the duplicate packages safely? Thanks, Patrick Mathieu Baudier wrote: Out of pure curiosity: Does anybody know why both i386 and x86_64 are installed by default? On other x86_64 platforms I rather tend to cherrypick the i386 packages and install them on a case by case basis. On Wed, Oct 14, 2009 at 06:49, Vnpenguin vnpeng...@vnoss.org wrote: I removed all i?86 on my x86_64 servers. No problem. -- http://vnoss.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Patrick McEvoy System Administrator Silva Capital Management, LLC 625 N. Michigan Ave, Suite 412 Chicago, IL 60611 Office: 312-397-0400, Fax: 312-397-0404 Cell: 773-517-1287 pmce...@silvacapitalmgmt.com Silva Capital Management, LLC http://www.silvacapitalmgmt.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Simple way to banish IP addresses ?
Removing my services from the standard ports, I saw a massive drop in these requests. On Mon, Oct 12, 2009 at 5:01 PM, Lucian @ lastdot.org luc...@lastdot.orgwrote: On Mon, Oct 12, 2009 at 9:36 PM, nate cen...@linuxpowered.net wrote: Amos Shapira wrote: There is an iptables geoip module to allow you to specify countries. I never used it thought. I love linux, been using it for about 14 years but a good firewall it does not make.. http://www.openbsd.org/faq/pf/tables.html A table is used to hold a group of IPv4 and/or IPv6 addresses. Lookups against a table are very fast and consume less memory and processor time than lists. For this reason, a table is ideal for holding a large group of addresses as the lookup time on a table holding 50,000 addresses is only slightly more than for one holding 50 addresses [..] Tables can also be populated from text files containing a list of IP addresses and networks: table spammers persist file /etc/spammers block in on fxp0 from spammers to any [..] Tables can be manipulated on the fly by using pfctl(8). For instance, to add entries to the spammers table created above: # pfctl -t spammers -T add 218.70.0.0/16 -- Myself I'd be interested in seeing a iptables system running with 50,000 rules for matching against. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos That's why i was recommending ipset earlier. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 10 Year old IT Infrastructure
Approach him like this. Tell him if he plans on moving his business forward within the next 5 years he should think accordingly. On Sun, Oct 11, 2009 at 11:26 PM, R-Elists list...@abbacomm.net wrote: Specific arguments I can think of would be: - Hard/Impossible to find replacement hardware - Lack of support for both H/W and S/W - Possibly unable to run current versions of CentOS - Higher probability of hardware failures over time - Performance bottlenecks Any other thoughts? Shawn __ Shawn, i dont think you mentioned the specific hardware involved... i.e. brand and model number and config it makes a difference in how we would approach it... mainly because we have some 10 year old and older hardware that has been running rock solid it's entire life and we expect several more years out of some of it... we keep hot and cold spares of everything though... to be semi generic, i am talking about business / industrial rackmount Compaq HP servers, and some telco quality Cisco of course... :-) please do share... - rh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to autoconfigure network?
Do you wish to configure it using a DHCP server? On Wed, Sep 30, 2009 at 11:45 AM, happymaster23 happymaste...@gmail.comwrote: Hello, I have installed new network card under CentOS 5.3, but there are some problems. I want delete existing ifcfg-eth0 and automatically make new on as it is during OS installation process. Is it possible? Thank you ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS vs Fedora?
I wouldn't use Fedora for my servers. It's a great distro for desktop use but I didn't like it's server usage. On Wed, Sep 9, 2009 at 2:35 PM, David Suhendrik da...@pnyet.web.id wrote: Ron Blizzard wrote: On Tue, Sep 8, 2009 at 6:31 PM, David Suhendrikda...@pnyet.web.id da...@pnyet.web.id wrote: Dear All, I'm newbie and i want to know Your opinion about CentOS vs Fedora, hopefully this isn't make a flame, and just to curious.. Actucally now I'm using CentOS as some servers. ^_^' For me CentOS is just a better choice. I prefer stability to cutting edge -- even for my desktop computers (I don't have any servers). I've tried several versions of Fedora -- liked the earlier versions, thought versions 7 through 9 were a bit too cutting edge, but am impressed with 10 and 11. Still, due to the nature of Fedora, you've got a *lot* of upgrades and I think that would beat me down after a while. If CentOS (or Scientific Linux) didn't exist, I would probably use Fedora. I'm using CentOS with reason same as You, I'm isn't beta tester and won't using tester on productive servers. But sometimes i'm using Fedora repos for upgrade some packages. Cheers... -- Regards, David -- ./nobody ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.jewelerslounge.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kernel NULL pointer vulnerability
There is a very large issue with all people running VPS machines that are waiting for upgrades. On Fri, Aug 14, 2009 at 2:44 PM, Akemi Yagi amy...@gmail.com wrote: On Fri, Aug 14, 2009 at 8:15 AM, Akemi Yagiamy...@gmail.com wrote: Upstream bugzilla to follow: https://bugzilla.redhat.com/show_bug.cgi?id=516949 Just a note to say that the issue is also being tracked in the CentOS forums: http://www.centos.org/modules/newbb/viewtopic.php?topic_id=21740forum=42 So, if you have additional info, I would appreciate your posting it there as well. Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Lowest latency remote file system
Hi, I need to deploy some network storage and I want to know which type your would recommend. The disks are Raid 10 but the storage needs to be remote (within a private network) Thanks James -- http://www.goldwatches.com f ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH without password on CentOS 5 ?
Would it be good to have a double login both the RSA key and a password. Remember a fedora box was rooted cause a hacker got the admin key. On Tue, Jul 21, 2009 at 9:57 AM, Radu-Cristian FOTESCU beranger...@yahoo.ca wrote: Maybe this CentOS wiki helps? http://wiki.centos.org/HowTos/Network/SecuringSSH I just gave it a try: works like a charm. I was smarter 3 years ago, I mean I knew it :-) http://beranger.org/index.php?article=1308 R-C __ Yahoo! Canada Toolbar: Search from anywhere on the web, and bookmark your favourite sites. Download it now http://ca.toolbar.yahoo.com. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is there an openssh security problem?
I think if you use double authentication (both keys and a password) and put your SSH server on a different port then you are doing the best you can. You hope to prevent a 0-day but you cannot fully protect yourself... James On Fri, Jul 10, 2009 at 7:06 PM, Rob Townley rob.town...@gmail.com wrote: On Fri, Jul 10, 2009 at 9:33 AM, Peter Kjellstromc...@nsc.liu.se wrote: On Friday 10 July 2009, Rob Kampen wrote: Coert Waagmeester wrote: ... it only allows one NEW connection to ssh per minute. That is also a good protection right? ... Not really protection - rather a deterrent - it just makes it slower for the script kiddies that try brute force attacks Basically it's not so much about protection in the end as it is about keeping your secure-log readable. Or maybe also a sense of being secure... It's always good to limit your exposure but you really have to weigh cost against the win. Two examples: Limit from which hosts you can login to a server: Configuration cost: trivial setup (one iptables line) Additional cost: between no impact and some impact depending on your habits Positive effect: 99.9+% of all scans and login attempts are now gone Verdict: Clear win as long as the set of servers are easily identifiable Elaborate knocking/blocking setup: Configuration cost: significant (include keeping it up-to-date) Additional cost: setup of clients for knocking, use of -p XXX for new port Positive effect: standard scans will probably miss but not air tight Verdict: Harder to judge, I think it's often not worth it Other things worth looking into are, for example, access.conf (pam_access.so) and ensuring that non-trivial passwords are used. my €0.02, Peter ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Virtual Networks are such as tinc-vpn.org or hamachi create an encrypted network only accessible to members of the virtual network. So if your server's virtual nic has an address of 5.4.3.2, then the only other host that may see your server would be your laptop with address 5.4.3.3. No other internet hosts would even see 5.4.3.2... It is like IPSec, but much easier. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Program to ban sniffers
However if you are referring to packet sniffers there is no solid way of blocking them. On Sun, Jun 21, 2009 at 3:49 AM, Joseph L. Casale jcas...@activenetwerx.com wrote: In other words, anyone hitting those ports that are not being used at all except by our sniff protector, would allow instant banning. So...does something like this exist? I don't know of a program that specifically listens to defined ports and acts on that, but fail2ban would accomplish the end result adequately. jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.jewelerslounge.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Yum Repo that has xcache
My only question is how does lighttpd and APC play together? (Let's hope nicely) James On Thu, Jun 18, 2009 at 10:04 AM, Nicolas Sulek nicolas.su...@gmail.comwrote: Hello, maybe, you can use APC : http://www.howtoforge.com/apc-php5-apache2-fedora8 (it is for Fedora, but it works on Centos) 2009/6/17 James Matthews nytrok...@gmail.com Hi, I am wondering where I can get a repo that has xcache. (Or if anyone has any tips on a PHP optimizer) Thanks James -- http://www.goldwatches.com http://www.jewelerslounge.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Yum Repo that has xcache
Hi, I am wondering where I can get a repo that has xcache. (Or if anyone has any tips on a PHP optimizer) Thanks James -- http://www.goldwatches.com http://www.jewelerslounge.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Viewer for .docx M$ WORD files?
You can also view them in Zoho Reader On Tue, Jun 9, 2009 at 11:28 PM, Bill Campbell cen...@celestial.com wrote: On Tue, Jun 09, 2009, Lanny Marcus wrote: Is there a Viewer for .docx M$ WORD files? If so, where can I get it? This file type cannot be opened with OpenOffice.org 2.3.TIA! The .docx files work fine with NeoOffice 2.2.5 Patch 10, OpenOffice.org for Mac native interface. Given that's usually a bit behind the regular OpenOffice.org releases, I would thing there would not be a problem with it. Bill -- INTERNET: b...@celestial.com Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way Voice: (206) 236-1676 Mercer Island, WA 98040-0820 Fax:(206) 232-9186 Skype: jwccsllc (206) 855-5792 bad economics will sink any economy no matter how much they believe this time things are different. They aren't. -- Arthur Laffer ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] MySql Query Cache
Hi, One of the servers I run is a VPS running Lighttpd fcgi which I am running a simple wordpress blog off of. Since RAM is the biggest limitation I have disabled the query cache on MySql. Now I have the following questions. 1. What does the FCGI server cache now? 2. How can I speed up this setup? 3. Will turning on the query cache speed things up? I am trying to make sure the system doesn't swap much so things stay snappy. Thanks James -- http://www.jewelerslounge.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP 5.2 or greater availability
Same here. Although I use quite a few community repos so I don't know which one it's from. On Tue, May 19, 2009 at 8:18 PM, Kaplan, Andrew H. ahkap...@partners.orgwrote: Hi there -- Thanks for the info...I added the c5-testing repository, and the package updated successfully. -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Steve Walsh - Nerdvana Hosting Sent: Tuesday, May 19, 2009 1:42 AM To: CentOS mailing list Subject: Re: [CentOS] PHP 5.2 or greater availability Kaplan, Andrew H. wrote: Hi there -- Is there a repository that has php version 5.2 or greater available for use with the Centos 5.3 distribution? This includes the development libraries package. Thanks. There's packages in testing ( http://wiki.centos.org/AdditionalResources/Repositories / http://dev.centos.org/centos/5/CentOS-Testing.repo) rebuilt from the RHWAS packages. The more people use them and provide feedback, the quicker they'll hit a more mainstream (ie - centos) repo; [e...@centos-boxen ~]$ sudo yum info --disablerepo=* --enablerepo=c5-testing php snip Available Packages Name : php Arch : i386 Version: 5.2.6 Release: 2.el5s2 Size : 1.2 M Repo : c5-testing Summary: The PHP HTML-embedded scripting language URL: http://www.php.net/ License: PHP Description: PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in : database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The : most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module which adds support for the PHP language to : Apache HTTP Server. [e...@centos-boxen ~]$sudo yum search --disablerepo=* --enablerepo=c5-testing php Loaded plugins: fastestmirror, protectbase Loading mirror speeds from cached hostfile 0 packages excluded due to repository protections === Matched: php php-pear.noarch : PHP Extension and Application Repository framework php.i386 : The PHP HTML-embedded scripting language php-bcmath.i386 : A module for PHP applications for using the bcmath library php-cli.i386 : Command-line interface for PHP php-common.i386 : Common files for PHP php-dba.i386 : A database abstraction layer module for PHP applications php-debuginfo.i386 : Debug information for package php php-devel.i386 : Files needed for building PHP extensions php-gd.i386 : A module for PHP applications for using the gd graphics library php-imap.i386 : A module for PHP applications that use IMAP php-ldap.i386 : A module for PHP applications that use LDAP php-mbstring.i386 : A module for PHP applications which need multi-byte string handling php-mysql.i386 : A module for PHP applications that use MySQL databases php-ncurses.i386 : A module for PHP applications for using ncurses interfaces php-odbc.i386 : A module for PHP applications that use ODBC databases php-pdo.i386 : A database access abstraction module for PHP applications php-pgsql.i386 : A PostgreSQL database module for PHP php-snmp.i386 : A module for PHP applications that query SNMP-managed devices php-soap.i386 : A module for PHP applications that use the SOAP protocol php-suhosin.i386 : Advanced protection system for PHP installations php-suhosin-debuginfo.i386 : Debug information for package php-suhosin php-xml.i386 : A module for PHP applications which use XML php-xmlrpc.i386 : A module for PHP applications which use the XML-RPC protocol (non-relevant packages removed for clarity) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos The information in this e-mail is intended only for the person to whom it is addressed. If you believe this e-mail was sent to you in error and the e-mail contains patient information, please contact the Partners Compliance HelpLine at http://www.partners.org/complianceline . If the e-mail was sent to you in error but does not contain patient information, please contact the sender and properly dispose of the e-mail. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.astorandblack.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dealing with brute force attacks
What you can try doing is putting some services on a non standered port (like SSH on port 4583) This will stop most (not all) attacks coming in at port 22. James On Fri, May 15, 2009 at 8:21 PM, James B. Byrne byrn...@harte-lyne.cawrote: On: Thu, 14 May 2009 13:00:09 -0700, Scott Silva ssi...@sgvwater.com wrote: http://packages.sw.be/fail2ban/ Thank you, got it. In the meantime I revised my existing iptables rules to throttle connections to ssh, pop3, imap and ftp (which service is not running in any case). Thanks for all the help from everybody. -- *** E-Mail is NOT a SECURE channel *** James B. Byrnemailto:byrn...@harte-lyne.ca Harte Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] When will we be moving to lighttpd 1.5?
I know I can compile it however I prefer to use the package manager and having an updated version. -- http://www.goldwatches.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iso creation with dd
Use mkisofs next time. It is designed to create iso files (cd images) On Tue, May 12, 2009 at 2:27 AM, Al Sparks data...@yahoo.com wrote: I placed a CD in a drive. I ran sudo dd sudo dd if=/dev/cdrom of=HMI_B_Image_File_4-23-09_disk_1.iso It completed. I then transferred the ISO file to an XP machine, use Sonic to burn the ISO file to another CD, and there was a file missing (the largest) in the burned CD. Seems like the data got transferred through the dd, but not a file name. What might I be doing wrong? === Al ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com/Watches.asp?Brand=71 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Hardening
It also depends on which service you are running on the server. It depends on what you are running etc On Fri, May 8, 2009 at 4:59 PM, Lanny Marcus lmmailingli...@gmail.comwrote: On Fri, May 1, 2009 at 11:19 AM, Jason Todd Slack-Moehrle mailingli...@mailnewsrss.com wrote: What tips does everyone have on hardening a CenOS Server that is running web, e-mail, ssh, ftp, mysql, coldfusion and will be processing payments from www? I was out of town and I just read your post. I would strongly suggest that you download the free manual about hardening RHEL 5, in .pdf form, from nsa.gov As I recall, they do *NOT* recommend running more than one service on a server, if possible. Among many other recommendations. Search for Guide to the Secure Configuration of Red Hat Enterprise Linux 5, Revision 2, December 20, 2007. HTH ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com/Watches.asp?Brand=71 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Best mobile SSH client?
On the iPhone there are quite a few nice ones. However I have an AJAX one with my provider On Mon, May 4, 2009 at 3:34 AM, Sean Carolan scaro...@gmail.com wrote: I'm up for a cell phone contract renewal and am considering upgrading my handset. I looked at some devices at my local ATT store but nothing really jumped out at me. I'm particularly interested in a cell phone that has a reliable ssh client, with ssh-agent and public key authentication abilities. Those of you who administer systems remotely, what mobile ssh client do you recommend? What phone would you recommend? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.astorandblack.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Reading the output of uptime
Hi, I am wondering how I would interpret the load average: 0.00, 0.01, 0.00 within the uptime. Thanks James http://www.astorandblack.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Bzip2 Compress directories
Hi, How do you get bzip2 to compress directories? Thanks James -- http://www.astorandblack.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] (no subject)
Hi, I am trying to install postfix but I am not able to get the config screen to setup the base system. Is there a way to do it? -- http://www.astorandblack.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Sending a postfix email to my domain.
Hi, I have setup postfix on my server (for my blog to send out emails) however I host my email on google apps. I want my server to be able to send emails towards my GoogleApps account but it's sending it to the user within the system (I know this is normal but I need it to be a bit different). Any Help Thanks James -- http://www.astorandblack.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] Godaddy hell...
ServerBeach hosted YouTube before they moved to Google On Sat, Apr 4, 2009 at 8:39 AM, Chuck Munro chu...@rmtcentral.net wrote: Jason Pyeron wrote: Can I get some recommendations: We are looking for a hosting provider (other than godaddy) with 1: SLA 2: SSH access 3: subversion/rsync or the ability to install binaries / compile source. Would like them to include http/https and email. Any suggestions? -Jason --- If you want serious control over the machine and are willing to pay a bit more for a dedicated server, take a look at ServerBeach. They offer several operating systems, including CentOS, and give you control over the box to the point that you can even re-image the disk remotely if you truly screw something up. If you do something nasty to it and cause it to lock up, you can still remotely reboot. Hardware RAID-1 is available. You get out-of-the-box CentOS and are allowed to install pretty well anything you like, including virtual machines on top. If you need reverse DNS lookups you can request whatever response you'd like for the IP address(es) you have. Just be aware that what you get is simply a complete machine fully exposed to the Internet, and you're responsible for your own iptables firewalling, etc. Their support staff is friendly and responsive, but they expect you to be your own geek. For DNS service I use Nettica because they are relatively inexpensive and give you control over all of the records. I use GoDaddy strictly as a registrar, and have been very happy with the service, but I don't consider them a serious hosting provider because there's not enough control. I have used several of the free hosting and DNS services out there, but when it comes down to the crunch, you get what you pay for (CentOS is a great exception!) BTW, I have no connection with these companies, I just happen to like their services. A lot. Chuck ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com/Watches.asp?Brand=71 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Yum trying to install both i386 and x64 binaries
Thanks On Fri, Apr 3, 2009 at 12:23 AM, D Tucny d...@tucny.com wrote: 2009/4/3 James Matthews nytrok...@gmail.com Hi, I am trying to install lighttpd and yum wants to install both versions. == PackageArch Version Repository Size == Installing: lighttpd-fastcgi x86_64 1.4.20-6.el5epel42 k lighttpd-fastcgi i386 1.4.20-6.el5epel42 k Installing for dependencies: lighttpd x86_64 1.4.20-6.el5epel 378 k luax86_64 5.1.2-1.el5 epel 225 k spawn-fcgi x86_64 1.4.20-6.el5epel17 k Transaction Summary == Install 5 Package(s) Update 0 Package(s) Remove 0 Package(s) Anyways to disable it? yum install lighttpd-fastcgi.x86_64 would only install the x86_64 version this time... If installing other packages that exist for both archs in the future, you'd still have to remember to suffix the arch you want though if you don't want both... d ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- http://www.goldwatches.com/Watches.asp?Brand=71 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Yum trying to install both i386 and x64 binaries
Hi, I am trying to install lighttpd and yum wants to install both versions. == PackageArch Version Repository Size == Installing: lighttpd-fastcgi x86_64 1.4.20-6.el5epel42 k lighttpd-fastcgi i386 1.4.20-6.el5epel42 k Installing for dependencies: lighttpd x86_64 1.4.20-6.el5epel 378 k luax86_64 5.1.2-1.el5 epel 225 k spawn-fcgi x86_64 1.4.20-6.el5epel17 k Transaction Summary == Install 5 Package(s) Update 0 Package(s) Remove 0 Package(s) Anyways to disable it? James -- http://www.goldwatches.com/Watches.asp?Brand=71 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos