Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
Am Montag, den 04.04.2011, 16:04 +0200 schrieb David Sommerseth: > On 04/04/11 15:35, henry ritzlmayr wrote: > > Am Montag, den 04.04.2011, 15:07 +0200 schrieb Rainer Traut: > >> Am 04.04.2011 12:34, schrieb Marian Marinov: > >>>> How is it possible for an attacker to try to logon more then 4 times? > >>>> Can the attacker do this with only one TCP/IP connection without > >>>> establishing a new one? > >>>> Or have the scripts been adapted to this? > >>> > >>> The attackers are not trying constantly.. Just a few bursts of trys. > >>> > >>> Look at denyhosts ( http://denyhosts.sourceforge.net/ ). > >>> I also have a tool for protecting from brute force attacks called Hawk ( > >>> https://github.com/hackman/Hawk-IDS-IPS ). > >> > >> Ok, thanks to both of you, it seems the scripts getting better and better. > >> Will change my iptables rule to keep the blacklist for longer. > >> > >> Thx > >> Rainer > > > > Also check MaxAuthTries in /etc/ssh/sshd_config > > > > Specifies the maximum number of authentication attempts permitted per > > connection. > > That won't do too much. It only tells the ssh server how many attempts to > accept before closing the TCP connection. The attacker can still just > re-connect and try again, which is what usually happens during these > attempts. Of course, setting MaxAuthTries to 1, will slow the attacker a > little bit down, as it needs to re-establish the SSH connection again. Right, but with setting MaxAuthTries to 1, the iptables rule specified by the OP jumps in much earlier. > Moving over to disallowing password authentication and only use pubkey with > ~/.ssh/authorized_keys is probably going to do a better job securing the > server. > > > kind regards, > > David Sommerseth Henry > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
Am Montag, den 04.04.2011, 15:07 +0200 schrieb Rainer Traut: > Am 04.04.2011 12:34, schrieb Marian Marinov: > >> How is it possible for an attacker to try to logon more then 4 times? > >> Can the attacker do this with only one TCP/IP connection without > >> establishing a new one? > >> Or have the scripts been adapted to this? > > > > The attackers are not trying constantly.. Just a few bursts of trys. > > > > Look at denyhosts ( http://denyhosts.sourceforge.net/ ). > > I also have a tool for protecting from brute force attacks called Hawk ( > > https://github.com/hackman/Hawk-IDS-IPS ). > > Ok, thanks to both of you, it seems the scripts getting better and better. > Will change my iptables rule to keep the blacklist for longer. > > Thx > Rainer Also check MaxAuthTries in /etc/ssh/sshd_config Specifies the maximum number of authentication attempts permitted per connection. Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OpenOffice.org 3.1.1 Calc autofill does not work
Am Mittwoch, den 11.08.2010, 15:33 +0800 schrieb Nicholas: > Hi all, > > > Has anyone upgraded OpenOffice.org 3.1.1 on Centos 5.3? > > > Everything seemed fine but I have found 1 problem on Calc. The autofill > does not work. Example, when I type "Jan" in cell A5 and drag the handle > to cell D5, the Fill Settings dialog box pops up instead of the Feb, > Mar, Apr filling in the cell automatically. This functionality has been removed upstream since the are some IP concerns. (same in fedora) Henry > -- > Nicholas AS > > > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Success moving Xen LVMs from 32 to 64bit host
> Next, we copied the /etc/xen/xm_c32_001 configuration file to the > replacement server. We generated a new UUID using the "uuidgen" > utility. We also created a new MAC address. Finally, we started the > instance: Since you moved your virtual machine, you wouldn´t have to create a new UUID and no new MAC address. This is only required if you copy a virtual machine and if you want both up at the same time. > xm create xm_c32_001 > > Everything came up, but no network. From the root console we logged > in then edited the /etc/sysconfig/network-scripts/ifcfg-eth0. Xen had > apparently renamed the script and put in a DHCP configuration. We just > renamed the backup file and commented out the MAC address line and > restarted networking, *and* ifdown eth0 then ifup eth0. This is because you changed the MAC address. If you would have left it at the original value, the network would have started right away with the old config. Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] unattended fsck on reboot
> > > I don't bother changing the setting for local disks as it is > usually > pretty quick to scan them. You must have a pretty big and/or > slow > file system for fsck to take 2+ hours. > > nate > > > ___ > > > > > > This particular server has 2x 500GB HDD's with failry "full" XEN VM's > on it, each with it's own LVM volumes, so I guess it's a bit more > complex than a normal ext2 system :) > If you have your XEN VMs in LVM volumes there is no filesystem for fsck to check - so no 2+ hours for the physical. Do you mean with "2+ hours" the accumulated time for the filesystems in all VMs being checked? Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dovecot under brute force attack - nice attacker
Am Donnerstag, den 04.06.2009, 10:31 +0200 schrieb Kai Schaetzl: > Henry Ritzlmayr wrote on Thu, 04 Jun 2009 08:21:04 +0200: > > > the logs you are referring to are only produced if you enable > > > > auth_verbose = yes > > > > right? > > That's possible, I didn't check. In that case and if I recall right I > added that directive because I was missing the IP numbers in some log > lines. > > > > > Which (when I read the docs correctly) should only be used for figuring > > out why authentication isn't working. > > And that's maybe why they log only the last occurence. Nice hole :-) > > > > > If you disable auth_verbose those logs should be gone, and only the last > > try gets logged as I stated. > > I won't test that, but I can believe that. I suggest you take this issue > over to the dovecot mailing list, it's not CentOS-specific. > > Kai > It's on the dovecot mailing list now. thanks Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dovecot under brute force attack - nice attacker
Am Dienstag, den 02.06.2009, 14:13 -0700 schrieb Scott Silva: > on 6-2-2009 5:51 AM henry ritzlmayr spake the following: > > Hi List, > > > > optimizing the configuration on one of our servers (which was > > hit by a brute force attack on dovecot) showed an odd behavior. > > > > The short story: > > On one of our servers an attacker did a brute force > > attack on dovecot (pop3). > > Since the attacker closed and reopened the connection > > after every user/password combination the logs showed > > many lines like this: > > dovecot: pop3-login: Aborted login: user=,.. > > > > The problem: > > If the attacker wouldn't have closed and reopened the connection > > no log would have been generated and he/she would have endless > > tries. Not even an iptables/hashlimit or fail2ban would have kicked in. > > > > How to reproduce: > > telnet dovecot-server pop3 > > user test > > pass test1 > > user test > > pass test2 > > ... > > QUIT > > ->Only the last try gets logged. > > > > Question: > > Is there any way to close the connection after the > > first wrong user/pass combination. So an attacker would be forced > > to reopen it? > > > > Any other Ideas? > > Henry > Are you using the hopelessly outdated 0.99 dovecot package in CentOS 4 by any > chance? No, dovecot-1.0.7-2.el5 is running here. On the next weekend the update to 5.3 is in the queue for this machine. Henry > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dovecot under brute force attack - nice attacker
Am Dienstag, den 02.06.2009, 17:31 +0200 schrieb Kai Schaetzl: > Henry ritzlmayr wrote on Tue, 02 Jun 2009 14:51:23 +0200: > > > ->Only the last try gets logged. > > can't reproduce this. The following was done in one connection to > localhost. > > Jun 2 17:09:10 d01 dovecot-auth: pam_unix(dovecot:auth): check pass; user > unknown > Jun 2 17:09:10 d01 dovecot-auth: pam_unix(dovecot:auth): authentication > failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=:::127.0.0.1 > Jun 2 17:09:10 d01 dovecot-auth: pam_succeed_if(dovecot:auth): error > retrieving information about user bongo > > Jun 2 17:09:30 d01 dovecot-auth: pam_unix(dovecot:auth): check pass; user > unknown > Jun 2 17:09:30 d01 dovecot-auth: pam_unix(dovecot:auth): authentication > failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=:::127.0.0.1 > Jun 2 17:09:30 d01 dovecot-auth: pam_succeed_if(dovecot:auth): error > retrieving information about user bongo2 > > > Kai > Hi Kai, the logs you are referring to are only produced if you enable auth_verbose = yes right? Which (when I read the docs correctly) should only be used for figuring out why authentication isn't working. If you disable auth_verbose those logs should be gone, and only the last try gets logged as I stated. Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Dovecot under brute force attack - nice attacker
Hi List, optimizing the configuration on one of our servers (which was hit by a brute force attack on dovecot) showed an odd behavior. The short story: On one of our servers an attacker did a brute force attack on dovecot (pop3). Since the attacker closed and reopened the connection after every user/password combination the logs showed many lines like this: dovecot: pop3-login: Aborted login: user=,.. The problem: If the attacker wouldn't have closed and reopened the connection no log would have been generated and he/she would have endless tries. Not even an iptables/hashlimit or fail2ban would have kicked in. How to reproduce: telnet dovecot-server pop3 user test pass test1 user test pass test2 ... QUIT ->Only the last try gets logged. Question: Is there any way to close the connection after the first wrong user/pass combination. So an attacker would be forced to reopen it? Any other Ideas? Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] options netloop nloopbacks= ignored
Am Dienstag, den 21.04.2009, 17:29 +0200 schrieb henry ritzlmayr: > Hi list, > > since release 5.3 all kernels ignore > > options netloop nloopbacks= > > within /etc/modprobe.conf > > If is smaller than four there are always four > vifs created. > If is bigger than four the appropriate number > of vifs are created. > > Is this expected/new/feature/bug? > > Henry Forgot to add that this probably came from https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=358281 where I have no access to. Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] options netloop nloopbacks= ignored
Hi list, since release 5.3 all kernels ignore options netloop nloopbacks= within /etc/modprobe.conf If is smaller than four there are always four vifs created. If is bigger than four the appropriate number of vifs are created. Is this expected/new/feature/bug? Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: scp partition "not a regular file"
Am Dienstag, den 30.09.2008, 06:25 +0530 schrieb partha chowdhury: > henry ritzlmayr wrote: > > Hi list, > > > > should it be possible to scp a partition with this command: > > > > scp /dev/sda7 backupserver:/backup/sda7.img > > > > I always get "not a regular file" - which is a clear and understandable > > error, but my googling tells me that some people are doing this - and it > > seems to work - at least at their systems. > > > > i think there are two simple ways to do this : > > 1> mount /dev/sda7 under say /mnt and scp -r /mnt > 2> and rsync - i think it is most simple and suitable for backup through > ssh. If the content of /dev/sda7 is a filesystem I agree, but if its a raw device (databases, or xen DOM-Us), then this won´t work. What I am trying to figure out is, why does this work on some (not mine) systems? Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Re: scp partition "not a regular file"
Am Montag, den 29.09.2008, 13:48 -0700 schrieb nate: > henry ritzlmayr wrote: > > http://sammoffatt.com.au/knowledge-base-mainmenu/6-daily-linux/9-scp-and-ssh > > > > Describes exactly this procedure - which looks like it works there. > > hmm strange. I wouldn't expect it to work though I so rarely > use scp anymore, rsync is better, and it behaves as I described. > > In any case I believe copying directly from the device like that is > a bad practice to get into, unless you always plan to have that > volume unmounted. You risk considerable data corruption if any > data is written to the device while you are reading from it. > > nate /dev/sda7 was just used to keep the example simple. I use this to copy lvm based xen Dom-Us from one system to the other - either for backup or for creating a test environment. I am fully aware that only unmounted, it will be consistent. Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: scp partition "not a regular file"
Am Montag, den 29.09.2008, 09:27 -0700 schrieb nate: > henry ritzlmayr wrote: > > Hi list, > > > > should it be possible to scp a partition with this command: > > > > scp /dev/sda7 backupserver:/backup/sda7.img > > /dev/sda7 is just a file, if you copy it it doesn't mean you'll > copy the contents of the partition you'll just copy the block > file itself, equivalent to running the mknod command on the > other end. > > You need to stream the contents of the file to get the data from > it, like your dd example. > > nate Thanks for the answer nate, I get your idea. There are just a few odd things with it. scp backupserver:/backup/sda7.img /dev/sda7 Works like a charm - meaning it copies the content. cp /dev/sda7 /backup/sda7.img Works like a charm as well. And the research for example: http://sammoffatt.com.au/knowledge-base-mainmenu/6-daily-linux/9-scp-and-ssh Describes exactly this procedure - which looks like it works there. Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] scp partition "not a regular file"
Hi list, should it be possible to scp a partition with this command: scp /dev/sda7 backupserver:/backup/sda7.img I always get "not a regular file" - which is a clear and understandable error, but my googling tells me that some people are doing this - and it seems to work - at least at their systems. I know that I can avoid this by simply doing dd if=/dev/sda7 | ssh backupserver dd of=/backup/sda7.img So its not a big deal - just curious. System here is a fully updated CentOS 5.2 x86_64 if that matters any thoughts? Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Logwatch doesn´t report on dovecot
Am Mittwoch, den 27.08.2008, 11:03 +0200 schrieb Ralph Angenendt: > henry ritzlmayr wrote: > > Hi List, > > > > Centos 5(.2) ships with dovecot-1.0.7-2.el5 and logwatch-7.3-6.el5 > > > > However the shipped logwatch is not aware of dovecot 1.x meaning none of > > the log entries (var/log/maillog) are processed at all. > > > > Should I file a bug report on this? Upstream? > > See <https://bugzilla.redhat.com/show_bug.cgi?id=424031> - not that that > helps much at the moment. > > Cheers, > > Ralph Hi Ralph, its not a big deal for me. I patched the scripts here on my own and it works now. I just wanted to report this, so that others don´t have to do the same, and I can revert to standard afterwards. Thanks for the bugzilla link. cheers Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Logwatch doesn´t report on dovecot
Hi List, Centos 5(.2) ships with dovecot-1.0.7-2.el5 and logwatch-7.3-6.el5 However the shipped logwatch is not aware of dovecot 1.x meaning none of the log entries (var/log/maillog) are processed at all. Should I file a bug report on this? Upstream? cheers Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Slow HVM IO performance with newer kernels
Hi list. I am testing CentOS 5.2 now. I experience much slower IO under HVM Guests with the newer kernels, so I started some measurements. DOM-0 is a fully upgraded CentOS 5.2. DOM-U is CentOS 5.0 not upgraded at all for testing purposes. DOM-U sits on an LVM Volume. No other services are running. Hardware was freshly rebooted every time. within DOM-0 dd if=/dev/vgpentanol/lvol2 of=/dev/null bs=1M count=1000 gives 134 MB/s so thats the bare metal value. within DOM-U dd if=/dev/hda of=dev/null bs=1M count 1000 gives 50 MB/s with DOM-0 kernel 2.6.18-53.1.19.el5xen 10 MB/s with DOM-0 kernel 2.6.18-92.1.1.el5xen 10 MB/s with DOM-0 kernel 2.6.18-92.1.6.el5xen so there has been a drop to 20% of the performance within 2.6.18-53. Any Ideas? The machine is a test system - so I am open to any changes in configuration you might suggest. As a side note: A PV Guest gets 85 MB/s no matter which kernel. Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: apt on Centos 5.1
Am Dienstag, den 17.06.2008, 16:28 -0600 schrieb Stephen John Smoogen: > On Tue, Jun 17, 2008 at 3:30 PM, Benjamin Smith > <[EMAIL PROTECTED]> wrote: > > On Tuesday 17 June 2008, Mike wrote: > >> Just read on planet centos that you can easily install apt on Centos too > >> using yum. > > > > Why would you want to do this? > > > > Some people like the apt interface more than the yum interface. Some > people feel that it is faster or meets their needs better. The reasons > are outlined in DAGs post. Personally, I would rather port yum to > debian systems.. so I can understand the want. > Especially interfaces on top of apt like aptitude need this as well. I personally prefer ncurses based interfaces over X-graphical ones when it comes to server management on remote sites. Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Re: Not seeing all memory in CentOS 5.1 x86_64
Am Mittwoch, den 11.06.2008, 10:06 -0700 schrieb MHR: > On Wed, Jun 11, 2008 at 8:36 AM, Ruslan Sivak <[EMAIL PROTECTED]> wrote: > > > > I guess it has something to do with the ballooning driver for Dom0. It > > looks like I just tried to allocation too much memory to DomU and the box > > went down hard. I think there's a setting in xen to the min amount of > > memory to go down to, but I'm not sure why Dom0 is using 600mb of RAM. Is > > there a mini installation of CentOS that I can do that would use less RAM? > > I've already unchecked all the boxes when installing CentOS. I would like > > Dom0 to be as small as possible, both due to RAM usage and from a security > > perspective. > > I've not familiarized myself with xen yet, but have you considered > VMware Server? I haven't had any serious problems with it, and none > at all since v1.0.5 came out (1.0.6 is the current one). Works > nicely, stays within its memory allocation, and top et al work as > you'd expect them to. > > HTH > > mhr I evaluated VMware Server myself (v1.0.3) and at that time, Disk I/O was pretty bad within a virtual machine. The only solution I found was XEN with paravirtualization. Has there been any progress on that with later releases? For example: dd if=/dev/md5 of=/dev/null bs=1M count=1000 on bare metal gave 272 MB/s same within VMware gave only 47,9 MB/s I know that dd is not a benchmark - but for measuring sequential reads within a system its fair enough for me. Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Re: Not seeing all memory in CentOS 5.1 x86_64
Am Mittwoch, den 11.06.2008, 11:36 -0400 schrieb Ruslan Sivak: > Tim Verhoeven wrote: > > On Wed, Jun 11, 2008 at 4:46 PM, Ruslan Sivak <[EMAIL PROTECTED]> wrote: > > > >> While it seems to make sense (and both xentop and virsh nodeinfo) show the > >> right amount of memory, even when I shut down one of the VM's, free and top > >> still think I only have 6GB of ram. > >> > > > > That is normal, the memory that was used by VM's is not automatically > > returned to the dom0 and therefore won't show when running free and > > top. > > > > Regards, > > Tim > > > > > I guess it has something to do with the ballooning driver for Dom0. It > looks like I just tried to allocation too much memory to DomU and the > box went down hard. I think there's a setting in xen to the min amount > of memory to go down to, but I'm not sure why Dom0 is using 600mb of > RAM. Is there a mini installation of CentOS that I can do that would > use less RAM? I've already unchecked all the boxes when installing > CentOS. I would like Dom0 to be as small as possible, both due to RAM > usage and from a security perspective. > > Russ The option you think of is called dom0-min-mem and can be found in /etc/xen/xend-config.sxp Regarding to a mini installation of CentOS - not that I know of, but you must have some daemons running, since on my installations here DOM0 only consumes 373MB and I have postfix running on DOM0 as well. Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Not seeing all memory in CentOS 5.1 x86_64
Am Dienstag, den 10.06.2008, 22:54 -0700 schrieb John R Pierce: > Ruslan Sivak wrote: > > John R Pierce wrote: > >> > >> whats cat /proc/meminfo say? > >> > > # cat /proc/meminfo > > MemTotal: 6104064 kB > > ... > > HighTotal: 0 kB > > HighFree:0 kB > > LowTotal: 6104064 kB > > LowFree: 1992580 kB > > ... > > > Linux version 2.6.18-53.1.21.el5xen ([EMAIL PROTECTED]) > > (gcc version 4.1.2 20070626 (Red Hat 4.1.2-14)) #1 SMP Tue May 20 > > 10:03:27 EDT 2008 > > BIOS-provided physical RAM map: > > Xen: - 0001ef8fb000 (usable) > that range is about 7.9 GiBytes, so the rest is getting lost somewhere. > > I'm unfamiliar with Xens innards.. How many VMs are running and how much memory do they consume? This memory is not shown in DOM0 any more. The total memory should be visible within xentop. wkr Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: eth1 changed to __tmp78668633 in recent kernels
Am Donnerstag, den 15.05.2008, 14:06 +0200 schrieb henry ritzlmayr: > Hi list, > > kernel-xen-2.6.18-53.1.14.el5 and > kernel-xen-2.6.18-53.1.19.el5 > do not detect/initialize/whatever my eth1 network card any more. > > With > kernel-xen-2.6.18-53.1.13.el5 > everything is working as expected. > > With the two recent kernels I only get an Interface named __tmp786686833 > which is not added to xenbr... > > lspci -v to the adapter in question says > > 02:00.0 Ethernet controller: Intel Corporation 82572EI Gigabit Ethernet > Controller (Copper) (rev 06) > Subsystem: Intel Corporation PRO/1000 PT Desktop Adapter > Flags: bus master, fast devsel, latency 0, IRQ 17 > Memory at febe (32-bit, non-prefetchable) [size=128K] > Memory at febc (32-bit, non-prefetchable) [size=128K] > I/O ports at ec00 [size=32] > Expansion ROM at feba [disabled] [size=128K] > Capabilities: [c8] Power Management version 2 > Capabilities: [d0] Message Signalled Interrupts: 64bit+ > Queue=0/0 Enable- > Capabilities: [e0] Express Endpoint IRQ 0 > > ip link says > > 2: __tmp786686833: mtu 1500 qdisc noop qlen 1000 > link/ether 00:1b:21:0e:a9:3b brd ff:ff:ff:ff:ff:ff > > In modprobe.conf I have > alias eth1 e1000 > for the adapter in question. The module itself is loaded. > > > > Any Ideas how to fix this? > > cheers > Henry Update: Thanks to Christopher Isip from the xen-list. I found a solution for the problem. Disabling xend at runlevel 2. With this configuration every kernel works as expected. With xend enabled at runlevel 2 only the older kernel works as expected. Is this intended - did I miss something? cheers Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] eth1 changed to __tmp78668633 in recent kernels
Hi list, kernel-xen-2.6.18-53.1.14.el5 and kernel-xen-2.6.18-53.1.19.el5 do not detect/initialize/whatever my eth1 network card any more. With kernel-xen-2.6.18-53.1.13.el5 everything is working as expected. With the two recent kernels I only get an Interface named __tmp786686833 which is not added to xenbr... lspci -v to the adapter in question says 02:00.0 Ethernet controller: Intel Corporation 82572EI Gigabit Ethernet Controller (Copper) (rev 06) Subsystem: Intel Corporation PRO/1000 PT Desktop Adapter Flags: bus master, fast devsel, latency 0, IRQ 17 Memory at febe (32-bit, non-prefetchable) [size=128K] Memory at febc (32-bit, non-prefetchable) [size=128K] I/O ports at ec00 [size=32] Expansion ROM at feba [disabled] [size=128K] Capabilities: [c8] Power Management version 2 Capabilities: [d0] Message Signalled Interrupts: 64bit+ Queue=0/0 Enable- Capabilities: [e0] Express Endpoint IRQ 0 ip link says 2: __tmp786686833: mtu 1500 qdisc noop qlen 1000 link/ether 00:1b:21:0e:a9:3b brd ff:ff:ff:ff:ff:ff In modprobe.conf I have alias eth1 e1000 for the adapter in question. The module itself is loaded. Any Ideas how to fix this? cheers Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
