questionable tcp ports
Hi Folks, I'm almost sure that my server has been compromised by some heinous cracker and am taking steps to remedy this. I've grepped tcp from lsof and came up with this and would like to know if there is something there that shouldn't be. dnsserver 478squid0u IPv4508 TCP localhost.localdomain:1024->localhost.localdomain:listen (ESTABLISHED) dnsserver 478squid1u IPv4508 TCP localhost.localdomain:1024->localhost.localdomain:listen (ESTABLISHED) dnsserver 479squid0u IPv4511 TCP localhost.localdomain:nterm->localhost.localdomain:1027 (ESTABLISHED) dnsserver 479squid1u IPv4511 TCP localhost.localdomain:nterm->localhost.localdomain:1027 (ESTABLISHED) dnsserver 480squid0u IPv4514 TCP localhost.localdomain:1028->localhost.localdomain:1029 (ESTABLISHED) dnsserver 480squid1u IPv4514 TCP localhost.localdomain:1028->localhost.localdomain:1029 (ESTABLISHED) dnsserver 481squid0u IPv4517 TCP localhost.localdomain:1030->localhost.localdomain:1031 (ESTABLISHED) dnsserver 481squid1u IPv4517 TCP localhost.localdomain:1030->localhost.localdomain:1031 (ESTABLISHED) dnsserver 483squid0u IPv4521 TCP localhost.localdomain:1032->localhost.localdomain:1033 (ESTABLISHED) dnsserver 483squid1u IPv4521 TCP localhost.localdomain:1032->localhost.localdomain:1033 (ESTABLISHED) httpd 420 root 16u IPv4457 TCP *:http (LISTEN) httpd 423 root 16u IPv4457 TCP *:http (LISTEN) httpd 424 root 16u IPv4457 TCP *:http (LISTEN) httpd 425 root 16u IPv4457 TCP *:http (LISTEN) httpd 426 root 16u IPv4457 TCP *:http (LISTEN) httpd 428 root 16u IPv4457 TCP *:http (LISTEN) httpd 429 root 16u IPv4457 TCP *:http (LISTEN) httpd 430 root 16u IPv4457 TCP *:http (LISTEN) httpd 431 root 16u IPv4457 TCP *:http (LISTEN) httpd 435 root 16u IPv4457 TCP *:http (LISTEN) httpd 436 root 16u IPv4457 TCP *:http (LISTEN) inetd 337 root5u IPv4304 TCP *:poppassd (LISTEN) inetd 337 root6u IPv4305 TCP *:pop-3 (LISTEN) inetd 337 root7u IPv4306 TCP *:auth (LISTEN) master 402 root 11u IPv4382 TCP *:smtp (LISTEN) named 353 root 21u IPv4323 TCP localhost.localdomain:domain (LISTEN) named 353 root 23u IPv4325 TCP bonifacio.centinet.com:domain (LISTEN) smtpd 1327 root4u IPv4382 TCP *:smtp (LISTEN) smtpd 1327 root7u IPv4 3260 TCP bonifacio.centinet.com:smtp->203.176.36.70:2144 (ESTABLISHED) squid 465 root2u IPv4507 TCP localhost.localdomain:listen->localhost.localdomain:1024 (ESTABLISHED) squid 465 root 33u IPv4619 TCP *: (LISTEN) squid 465 root3u IPv4510 TCP localhost.localdomain:1027->localhost.localdomain:nterm (ESTABLISHED) squid 465 root4u IPv4513 TCP localhost.localdomain:1029->localhost.localdomain:1028 (ESTABLISHED) squid 465 root5u IPv4516 TCP localhost.localdomain:1031->localhost.localdomain:1030 (ESTABLISHED) squid 465 root6u IPv4520 TCP localhost.localdomain:1033->localhost.localdomain:1032 (ESTABLISHED) Thanks in advance again. Mabuhay! Erik
Re: your mail
Yes, patch is the program you use for this ;) You can actualy run somethng like: patch -p0 < filetopatchkernelwith.wee That should do it, pray it applies cleanly and run a "make mrproper" afterwards. Second issue, the general config from Debian - not a problem. Copy it out first (before the patch and make mrproper) and then copy it back to the /usr/src/linux/.config spot and run "make oldconfig". That should fly through the previous selections and only ask you for input where it needs it. Then, run a "make menuconfig" and walk through the setting one by one to get to your "lean and mean" kernel. Good luck, Nathan p.s. It's amazing how theraputic doing online support can be after a knock-out drag-down with your girlfriend. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: RAID 5
Ok, I'll patch the !#@$%$ kernel, and no, I will not put the 2.4 ALPHA kernel on. This as an excuse to get a Mickeysoft person converted, and the last thing I need is to put a kernel on that is as bad as the NT he loves so well. :) Well, maybe not as bad, but still unreliable. No all I have to do is figure out how to patch. I assume that /usr/bin/patch is what I use to patch the kernel. Actually, I got the patch from RH, and tried to patch the kernel, but by that time it was way early in the morning and I am not completely sure my eyes were processing the full information read all the way to my brain. So, followup question. Patch is the correct program to patch the kernel? And, I assume the kernel howto or something will lead me through by the hand. I was planning on building a custom kernel anyway as I'm wanting to make this a fairly lean and mean kernel. Finally, is there any place anyone is aware of that has the configuration used by the Debian kernel binary builders? In other words, the /usr/src/linux/.config from when they build the kernel? In the past, when I downloaded the source, I just went through and removed/added things as I saw fit to the default configuration. But, I'd like to start with what already is working on my machine. Thanks for the advice. Rod > Depends on who you ask for that reccomendation, I used both without a > problem for quite a while. Also, the user was using a stock kernel with > (I think) the Debian distro and so "patch your kernel and > recompile" wasn't a suggestion I was going to give unless I felt it was a > good idea. > > Besides, if you are willing to patch the kernel, why not just go with a > pre-2.4? *grin* > > -Nathan (who loves background rebuilds) > > > On Tue, 19 Sep 2000, Tamas TEVESZ wrote: > > > On Tue, 19 Sep 2000, Nathan wrote: > > > > > so go with the regular package for now since it's proven stable. The > > > raidtools2 is there for people like me who can't stand running stock > > > kernels and love to have the latest stuff break our prodution boxes. > > > > actually this is not recommended. what is, getting the raid patches > > from people.redhat.com/~?mingo/raid-patches/raid-2.2.17-A0, patch > > the kernel, recompile the kernel, and use raidtools2. > > > > has some problems around raid1 i think.. use .16-A0 then. > > > > > > R. W. Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 214.827.2170 It appears I could be pursuing an untamed ornithoid to no purpose. --Brent Spiner as Data, Star Trek: The Next Generation -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
No Subject
Ok, I'll patch the !#@$%$ kernel, and no, I will not put the 2.4 ALPHA kernel on. This as an excuse to get a Mickeysoft person converted, and the last thing I need is to put a kernel on that is as bad as the NT he loves so well. :) Well, maybe not as bad, but still unreliable. No all I have to do is figure out how to patch. I assume that /usr/bin/patch is what I use to patch the kernel. Actually, I got the patch from RH, and tried to patch the kernel, but by that time it was way early in the morning and I am not completely sure my eyes were processing the full information read all the way to my brain. So, followup question. Patch is the correct program to patch the kernel? And, I assume the kernel howto or something will lead me through by the hand. I was planning on building a custom kernel anyway as I'm wanting to make this a fairly lean and mean kernel. Finally, is there any place anyone is aware of that has the configuration used by the Debian kernel binary builders? In other words, the /usr/src/linux/.config from when they build the kernel? In the past, when I downloaded the source, I just went through and removed/added things as I saw fit to the default configuration. But, I'd like to start with what already is working on my machine. Thanks for the advice. Rod > Depends on who you ask for that reccomendation, I used both without a > problem for quite a while. Also, the user was using a stock kernel with > (I think) the Debian distro and so "patch your kernel and > recompile" wasn't a suggestion I was going to give unless I felt it was a > good idea. > > Besides, if you are willing to patch the kernel, why not just go with a > pre-2.4? *grin* > > -Nathan (who loves background rebuilds) > > > On Tue, 19 Sep 2000, Tamas TEVESZ wrote: > > > On Tue, 19 Sep 2000, Nathan wrote: > > > > > so go with the regular package for now since it's proven stable. The > > > raidtools2 is there for people like me who can't stand running stock > > > kernels and love to have the latest stuff break our prodution boxes. > > > > actually this is not recommended. what is, getting the raid patches > > from people.redhat.com/~?mingo/raid-patches/raid-2.2.17-A0, patch > > the kernel, recompile the kernel, and use raidtools2. > > > > has some problems around raid1 i think.. use .16-A0 then. > > > > > > R. W. Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 214.827.2170 It appears I could be pursuing an untamed ornithoid to no purpose. --Brent Spiner as Data, Star Trek: The Next Generation -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
questionable tcp ports
Hi Folks, I'm almost sure that my server has been compromised by some heinous cracker and am taking steps to remedy this. I've grepped tcp from lsof and came up with this and would like to know if there is something there that shouldn't be. dnsserver 478squid0u IPv4508 TCP localhost.localdomain:1024->localhost.localdomain:listen (ESTABLISHED) dnsserver 478squid1u IPv4508 TCP localhost.localdomain:1024->localhost.localdomain:listen (ESTABLISHED) dnsserver 479squid0u IPv4511 TCP localhost.localdomain:nterm->localhost.localdomain:1027 (ESTABLISHED) dnsserver 479squid1u IPv4511 TCP localhost.localdomain:nterm->localhost.localdomain:1027 (ESTABLISHED) dnsserver 480squid0u IPv4514 TCP localhost.localdomain:1028->localhost.localdomain:1029 (ESTABLISHED) dnsserver 480squid1u IPv4514 TCP localhost.localdomain:1028->localhost.localdomain:1029 (ESTABLISHED) dnsserver 481squid0u IPv4517 TCP localhost.localdomain:1030->localhost.localdomain:1031 (ESTABLISHED) dnsserver 481squid1u IPv4517 TCP localhost.localdomain:1030->localhost.localdomain:1031 (ESTABLISHED) dnsserver 483squid0u IPv4521 TCP localhost.localdomain:1032->localhost.localdomain:1033 (ESTABLISHED) dnsserver 483squid1u IPv4521 TCP localhost.localdomain:1032->localhost.localdomain:1033 (ESTABLISHED) httpd 420 root 16u IPv4457 TCP *:http (LISTEN) httpd 423 root 16u IPv4457 TCP *:http (LISTEN) httpd 424 root 16u IPv4457 TCP *:http (LISTEN) httpd 425 root 16u IPv4457 TCP *:http (LISTEN) httpd 426 root 16u IPv4457 TCP *:http (LISTEN) httpd 428 root 16u IPv4457 TCP *:http (LISTEN) httpd 429 root 16u IPv4457 TCP *:http (LISTEN) httpd 430 root 16u IPv4457 TCP *:http (LISTEN) httpd 431 root 16u IPv4457 TCP *:http (LISTEN) httpd 435 root 16u IPv4457 TCP *:http (LISTEN) httpd 436 root 16u IPv4457 TCP *:http (LISTEN) inetd 337 root5u IPv4304 TCP *:poppassd (LISTEN) inetd 337 root6u IPv4305 TCP *:pop-3 (LISTEN) inetd 337 root7u IPv4306 TCP *:auth (LISTEN) master 402 root 11u IPv4382 TCP *:smtp (LISTEN) named 353 root 21u IPv4323 TCP localhost.localdomain:domain (LISTEN) named 353 root 23u IPv4325 TCP bonifacio.centinet.com:domain (LISTEN) smtpd 1327 root4u IPv4382 TCP *:smtp (LISTEN) smtpd 1327 root7u IPv4 3260 TCP bonifacio.centinet.com:smtp->203.176.36.70:2144 (ESTABLISHED) squid 465 root2u IPv4507 TCP localhost.localdomain:listen->localhost.localdomain:1024 (ESTABLISHED) squid 465 root 33u IPv4619 TCP *: (LISTEN) squid 465 root3u IPv4510 TCP localhost.localdomain:1027->localhost.localdomain:nterm (ESTABLISHED) squid 465 root4u IPv4513 TCP localhost.localdomain:1029->localhost.localdomain:1028 (ESTABLISHED) squid 465 root5u IPv4516 TCP localhost.localdomain:1031->localhost.localdomain:1030 (ESTABLISHED) squid 465 root6u IPv4520 TCP localhost.localdomain:1033->localhost.localdomain:1032 (ESTABLISHED) Thanks in advance again. Mabuhay! Erik -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Exim bounce message
I know I'm not the first one to try this out, but I can't find anything on the exim site, so I turn to you guys. :) As many of you know, I work at bnl.gov (Brookhaven National Lab) during the day. I've implemented a Perimeter Defense network (firewall) utilizing a Cisco Pix, and application proxies running Debian. Along with this, I have a smtp gateway that all mail must pass through. We are getting ready to start blocking email directly to the individual machines, and making all mail go to '[EMAIL PROTECTED]'. However, I'd like Exim, on the smtp gateway, to be able to send email back to the sender, if the email is sent to [EMAIL PROTECTED], sorta like "I'm sorry, mail to this machine is disabled. Please try sending mail to [EMAIL PROTECTED] bla bla bla". I can;t figure this out. Anyone else try something like this? Thanks, Tim -- >< >> Tim Sailer (at home) >< Coastal Internet, Inc. << >> Network and Systems Operations >< PO Box 671 << >> http://www.buoy.com >< Ridge, NY 11961 << >> [EMAIL PROTECTED]/[EMAIL PROTECTED] >< (631) 476-3031 << ><
Exim bounce message
I know I'm not the first one to try this out, but I can't find anything on the exim site, so I turn to you guys. :) As many of you know, I work at bnl.gov (Brookhaven National Lab) during the day. I've implemented a Perimeter Defense network (firewall) utilizing a Cisco Pix, and application proxies running Debian. Along with this, I have a smtp gateway that all mail must pass through. We are getting ready to start blocking email directly to the individual machines, and making all mail go to '[EMAIL PROTECTED]'. However, I'd like Exim, on the smtp gateway, to be able to send email back to the sender, if the email is sent to [EMAIL PROTECTED], sorta like "I'm sorry, mail to this machine is disabled. Please try sending mail to [EMAIL PROTECTED] bla bla bla". I can;t figure this out. Anyone else try something like this? Thanks, Tim -- >< >> Tim Sailer (at home) >< Coastal Internet, Inc. << >> Network and Systems Operations >< PO Box 671 << >> http://www.buoy.com >< Ridge, NY 11961 << >> [EMAIL PROTECTED][EMAIL PROTECTED] >< (631) 476-3031 << >< -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: logcheck
On Tue, Sep 19, 2000 at 06:03:48PM -0500, [EMAIL PROTECTED] wrote: > Hey Guys, > Do any of you know what may have caused this message in my syslogs? > > Unusual System Events > =-=-=-=-=-=-=-=-=-=-= > Sep 19 06:25:02 ghost su[322]: + ??? root-nobody > Sep 19 06:25:02 ghost PAM_unix[322]: (su) session opened for user nobody > by (uid=0) Likely, it's logrotate or somebody else who starts as nobody but has to get root to move things around. At least, that's the normal, non-threatening thing that probably happens every morning at about the same time, I'd guess. -- Art Sackett
slink repository
Where in God's name can I find slink packages? There are some security updates I want to quickly catch up on but my searching has been fruitless. Why are old distribs (hamm and slink for instance), not kept at any of the mirrors? Also, why is there no mention of slink at the debian homepage? What is the world coming to? -- Andrew Bell
logcheck
Hey Guys, Do any of you know what may have caused this message in my syslogs? Unusual System Events =-=-=-=-=-=-=-=-=-=-= Sep 19 06:25:02 ghost su[322]: + ??? root-nobody Sep 19 06:25:02 ghost PAM_unix[322]: (su) session opened for user nobody by (uid=0) I am unsure of what the ??? represents and what root-nobody is. Any help appriciated! D. Ghost
Re: RAID 5
Heh, shot down on that one. *shrug* worked for me anyway. -Nathan On Tue, 19 Sep 2000, Tamas TEVESZ wrote: > On Tue, 19 Sep 2000, Nathan wrote: > > > Depends on who you ask for that reccomendation, I used both without a > > undoubtedly true. for me, ingo himself turned out to be a very > authentic person to accept advices from in this question. > >
Re: RAID 5
On Tue, 19 Sep 2000, Nathan wrote: > Depends on who you ask for that reccomendation, I used both without a undoubtedly true. for me, ingo himself turned out to be a very authentic person to accept advices from in this question. -- [-] ``And there are plenty of other innovative pieces of software such as Napster and ICQ.'' -- comment on ``Systems Software Research is Irrelevant'' at http://freshmeat.net/news/2000/08/05/965534399.html
Re: RAID 5
Depends on who you ask for that reccomendation, I used both without a problem for quite a while. Also, the user was using a stock kernel with (I think) the Debian distro and so "patch your kernel and recompile" wasn't a suggestion I was going to give unless I felt it was a good idea. Besides, if you are willing to patch the kernel, why not just go with a pre-2.4? *grin* -Nathan (who loves background rebuilds) On Tue, 19 Sep 2000, Tamas TEVESZ wrote: > On Tue, 19 Sep 2000, Nathan wrote: > > > so go with the regular package for now since it's proven stable. The > > raidtools2 is there for people like me who can't stand running stock > > kernels and love to have the latest stuff break our prodution boxes. > > actually this is not recommended. what is, getting the raid patches > from people.redhat.com/~?mingo/raid-patches/raid-2.2.17-A0, patch > the kernel, recompile the kernel, and use raidtools2. > > has some problems around raid1 i think.. use .16-A0 then. > >
Re: RAID 5
On Tue, 19 Sep 2000, Nathan wrote: > so go with the regular package for now since it's proven stable. The > raidtools2 is there for people like me who can't stand running stock > kernels and love to have the latest stuff break our prodution boxes. actually this is not recommended. what is, getting the raid patches from people.redhat.com/~?mingo/raid-patches/raid-2.2.17-A0, patch the kernel, recompile the kernel, and use raidtools2. has some problems around raid1 i think.. use .16-A0 then. -- [-] ``And there are plenty of other innovative pieces of software such as Napster and ICQ.'' -- comment on ``Systems Software Research is Irrelevant'' at http://freshmeat.net/news/2000/08/05/965534399.html
Re: logcheck
On Tue, Sep 19, 2000 at 06:03:48PM -0500, [EMAIL PROTECTED] wrote: > Hey Guys, > Do any of you know what may have caused this message in my syslogs? > > Unusual System Events > =-=-=-=-=-=-=-=-=-=-= > Sep 19 06:25:02 ghost su[322]: + ??? root-nobody > Sep 19 06:25:02 ghost PAM_unix[322]: (su) session opened for user nobody > by (uid=0) Likely, it's logrotate or somebody else who starts as nobody but has to get root to move things around. At least, that's the normal, non-threatening thing that probably happens every morning at about the same time, I'd guess. -- Art Sackett -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
slink repository
Where in God's name can I find slink packages? There are some security updates I want to quickly catch up on but my searching has been fruitless. Why are old distribs (hamm and slink for instance), not kept at any of the mirrors? Also, why is there no mention of slink at the debian homepage? What is the world coming to? -- Andrew Bell -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
logcheck
Hey Guys, Do any of you know what may have caused this message in my syslogs? Unusual System Events =-=-=-=-=-=-=-=-=-=-= Sep 19 06:25:02 ghost su[322]: + ??? root-nobody Sep 19 06:25:02 ghost PAM_unix[322]: (su) session opened for user nobody by (uid=0) I am unsure of what the ??? represents and what root-nobody is. Any help appriciated! D. Ghost -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: RAID 5
Heh, shot down on that one. *shrug* worked for me anyway. -Nathan On Tue, 19 Sep 2000, Tamas TEVESZ wrote: > On Tue, 19 Sep 2000, Nathan wrote: > > > Depends on who you ask for that reccomendation, I used both without a > > undoubtedly true. for me, ingo himself turned out to be a very > authentic person to accept advices from in this question. > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: RAID 5
On Tue, 19 Sep 2000, Nathan wrote: > Depends on who you ask for that reccomendation, I used both without a undoubtedly true. for me, ingo himself turned out to be a very authentic person to accept advices from in this question. -- [-] ``And there are plenty of other innovative pieces of software such as Napster and ICQ.'' -- comment on ``Systems Software Research is Irrelevant'' at http://freshmeat.net/news/2000/08/05/965534399.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: RAID 5
Depends on who you ask for that reccomendation, I used both without a problem for quite a while. Also, the user was using a stock kernel with (I think) the Debian distro and so "patch your kernel and recompile" wasn't a suggestion I was going to give unless I felt it was a good idea. Besides, if you are willing to patch the kernel, why not just go with a pre-2.4? *grin* -Nathan (who loves background rebuilds) On Tue, 19 Sep 2000, Tamas TEVESZ wrote: > On Tue, 19 Sep 2000, Nathan wrote: > > > so go with the regular package for now since it's proven stable. The > > raidtools2 is there for people like me who can't stand running stock > > kernels and love to have the latest stuff break our prodution boxes. > > actually this is not recommended. what is, getting the raid patches > from people.redhat.com/~?mingo/raid-patches/raid-2.2.17-A0, patch > the kernel, recompile the kernel, and use raidtools2. > > has some problems around raid1 i think.. use .16-A0 then. > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: RAID 5
On Tue, 19 Sep 2000, Nathan wrote: > so go with the regular package for now since it's proven stable. The > raidtools2 is there for people like me who can't stand running stock > kernels and love to have the latest stuff break our prodution boxes. actually this is not recommended. what is, getting the raid patches from people.redhat.com/~?mingo/raid-patches/raid-2.2.17-A0, patch the kernel, recompile the kernel, and use raidtools2. has some problems around raid1 i think.. use .16-A0 then. -- [-] ``And there are plenty of other innovative pieces of software such as Napster and ICQ.'' -- comment on ``Systems Software Research is Irrelevant'' at http://freshmeat.net/news/2000/08/05/965534399.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: RAID 5
I believe that since you are using the 2.2 series, you will need to use the regular raidtools package. The raidtools2 package is great (and required) for recent (2.4) series kernels. One note however, when you do end up upgrading to 2.4 after it comes out and is deamed stable, raidtools2 *does* have the ability to upgrade your arrays to the new style raid devices (which rock - hotplug kicks). so go with the regular package for now since it's proven stable. The raidtools2 is there for people like me who can't stand running stock kernels and love to have the latest stuff break our prodution boxes. -Nathan On Tue, 19 Sep 2000, R. W. Rodolico wrote: > I am trying to get RAID 5 up and running under potato. I have four 4.5G > SCSI drives (sda-sdd) that were originally set up as a RAID device on > this same machine under RedHat. Now, I'm very confused as to whether to > use raidtools or raidtools2. raidtools2 says I must patch the kernel, > but I can find no patches for the 2.2.17 kernel that comes with potato. > I actually hoped that the kernel was already patched since it came with > the RAID 5 module. > > I have tried it with raidtools and raidtools5. I have the RAID 5 module > installed. I get errors about "read_ahead not defined" in /proc/mdstat, > and all four devices are listed but show they are not used. > > Have tried to make the raid device with raidtools and raidtools2. No > luck. Not sure I'm doing the raidtools creation correctly, but have > created /etc/raidtab from the samples, modified for my configuration. > > Any help is appreciated. > > Rod > > R. W. Rodolico > Daily Data, Inc. > POB 140465 > Dallas TX 75214-0465 > 214.827.2170 > > It appears I could be pursuing an untamed ornithoid to no purpose. > --Brent Spiner as Data, Star Trek: The Next Generation > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
RAID 5
I am trying to get RAID 5 up and running under potato. I have four 4.5G SCSI drives (sda-sdd) that were originally set up as a RAID device on this same machine under RedHat. Now, I'm very confused as to whether to use raidtools or raidtools2. raidtools2 says I must patch the kernel, but I can find no patches for the 2.2.17 kernel that comes with potato. I actually hoped that the kernel was already patched since it came with the RAID 5 module. I have tried it with raidtools and raidtools5. I have the RAID 5 module installed. I get errors about "read_ahead not defined" in /proc/mdstat, and all four devices are listed but show they are not used. Have tried to make the raid device with raidtools and raidtools2. No luck. Not sure I'm doing the raidtools creation correctly, but have created /etc/raidtab from the samples, modified for my configuration. Any help is appreciated. Rod R. W. Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 214.827.2170 It appears I could be pursuing an untamed ornithoid to no purpose. --Brent Spiner as Data, Star Trek: The Next Generation
Re: RAID 5
I believe that since you are using the 2.2 series, you will need to use the regular raidtools package. The raidtools2 package is great (and required) for recent (2.4) series kernels. One note however, when you do end up upgrading to 2.4 after it comes out and is deamed stable, raidtools2 *does* have the ability to upgrade your arrays to the new style raid devices (which rock - hotplug kicks). so go with the regular package for now since it's proven stable. The raidtools2 is there for people like me who can't stand running stock kernels and love to have the latest stuff break our prodution boxes. -Nathan On Tue, 19 Sep 2000, R. W. Rodolico wrote: > I am trying to get RAID 5 up and running under potato. I have four 4.5G > SCSI drives (sda-sdd) that were originally set up as a RAID device on > this same machine under RedHat. Now, I'm very confused as to whether to > use raidtools or raidtools2. raidtools2 says I must patch the kernel, > but I can find no patches for the 2.2.17 kernel that comes with potato. > I actually hoped that the kernel was already patched since it came with > the RAID 5 module. > > I have tried it with raidtools and raidtools5. I have the RAID 5 module > installed. I get errors about "read_ahead not defined" in /proc/mdstat, > and all four devices are listed but show they are not used. > > Have tried to make the raid device with raidtools and raidtools2. No > luck. Not sure I'm doing the raidtools creation correctly, but have > created /etc/raidtab from the samples, modified for my configuration. > > Any help is appreciated. > > Rod > > R. W. Rodolico > Daily Data, Inc. > POB 140465 > Dallas TX 75214-0465 > 214.827.2170 > > It appears I could be pursuing an untamed ornithoid to no purpose. > --Brent Spiner as Data, Star Trek: The Next Generation > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RAID 5
I am trying to get RAID 5 up and running under potato. I have four 4.5G SCSI drives (sda-sdd) that were originally set up as a RAID device on this same machine under RedHat. Now, I'm very confused as to whether to use raidtools or raidtools2. raidtools2 says I must patch the kernel, but I can find no patches for the 2.2.17 kernel that comes with potato. I actually hoped that the kernel was already patched since it came with the RAID 5 module. I have tried it with raidtools and raidtools5. I have the RAID 5 module installed. I get errors about "read_ahead not defined" in /proc/mdstat, and all four devices are listed but show they are not used. Have tried to make the raid device with raidtools and raidtools2. No luck. Not sure I'm doing the raidtools creation correctly, but have created /etc/raidtab from the samples, modified for my configuration. Any help is appreciated. Rod R. W. Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 214.827.2170 It appears I could be pursuing an untamed ornithoid to no purpose. --Brent Spiner as Data, Star Trek: The Next Generation -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
tftpd.
Hello, I am having problems with tftpd - I need to upload some files using tftp protocol, I've installed tftpd package, now it's being run from inetd, problem is - it doesen't work! and there is no documentation .. I found some docs, but they are about *BSD tftpd, and it has all nice options like -n - allow users to create files, and -d - specyifying upload directory. What can I do?
tftpd.
Hello, I am having problems with tftpd - I need to upload some files using tftp protocol, I've installed tftpd package, now it's being run from inetd, problem is - it doesen't work! and there is no documentation .. I found some docs, but they are about *BSD tftpd, and it has all nice options like -n - allow users to create files, and -d - specyifying upload directory. What can I do? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
