Norton AntiVirus detected and quarantined a virus in a message you sent.
Recipient of the infected attachment: GOLDWAY, RUTH Y\Inbox Subject of the message: Japanese girl VS playboy One or more attachments were quarantined. Attachment Fjcp.exe was Quarantined for the following reasons: Virus W32.Klez.H@mm was found. application/ms-tnef
Re: Being new to Debian...
On Fri, 2002-11-15 at 22:22, Sonny Kupka wrote: Being new to Debian distro, I was just wondering what people's thoughts were on running testing in a ISP environment on a main server.. I don't want bleeding edge I just want up to date software on my servers.. If you're new to Debian, I woudn't. Start with stable until you're familiar with Debian. When you know the basic things about the packaging systems, read the apt_preferences man page: you can easily run stable and install some important software from testing. Remember: testing does *not* have security support. If a security issue is discovered, it's solved for stable, and probably very quickly in unstable, too. testing takes at least 3 days (often more) to catch up - so you'll be installing things from unstable - this may work or it may not... cheers -- vbi -- this email is protected by a digital signature: http://fortytwo.ch/gpg NOTE: keyserver bugs! get my key here: https://fortytwo.ch/gpg/92082481 signature.asc Description: This is a digitally signed message part
Bind8 to Bind9
Hey *, I am planning the move from Bind8 to Bind9 on woody and was wondering if anyone has any tips, gotchas or pointers I should know before the move. Thanks in advance. Pete -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Bind8 to Bind9
Pete, I just recently move to bind9, and the only thing that was a little unexpected, is that ndc has apparently been replaced with rndc, and you need an rndc.conf. It was relatively easy to configure these from the documentation. Just be aware that if you have any scripts or anything that depends on ndc, they will probably fail... -Victor On Sat, 2002-11-16 at 15:19, Peter Billson wrote: Hey *, I am planning the move from Bind8 to Bind9 on woody and was wondering if anyone has any tips, gotchas or pointers I should know before the move. Thanks in advance. Pete -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: New BIND 4 8 Vulnerabilities
On Wed, Nov 13, 2002 at 12:46:14PM +1100, Craig Sanders wrote: the main thing i'm worried about is that bind9 had enormous memory leaks when i tried 9.0 several months ago. i hope they're fixed now. FYI, doesn't look like the memory leaks have been fixed: # ps v -Cnamed PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND 6799 ?S 0:00111 232 336175 200968 39.1 /usr/sbin/named -u bind 6801 ?S 0:00 0 232 336175 200968 39.1 /usr/sbin/named -u bind 6802 ?S466:10 2757 232 336175 200968 39.1 /usr/sbin/named -u bind 6803 ?S 0:04 1 232 336175 200968 39.1 /usr/sbin/named -u bind 6804 ?R 49:56 1 232 336175 200968 39.1 /usr/sbin/named -u bind this is on a machine where bind 8 used to use about 150MB. bind 9 has been running for only 4 days. i'm going to revert back to bind 8 now that the patched 8.3.3-3 has been uploaded to unstable. craig -- craig sanders [EMAIL PROTECTED] Fabricati Diem, PVNC. -- motto of the Ankh-Morpork City Watch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Bind8 to Bind9
On Sat, Nov 16, 2002 at 03:19:02PM -0500, Peter Billson wrote: I am planning the move from Bind8 to Bind9 on woody and was wondering if anyone has any tips, gotchas or pointers I should know before the move. bind 9 will use a LOT more memory than bind 8. at least double or triple the memory. i'd advise upgrading to the latest bind 8 instead and configuring it to run as user/group 'bind' rather than root. - install the latest bind 8.3.3 package, which has been patched against the recent vulnerability. - create a user and group called bind - chown -R bind.bind /var/cache/bind/ - create or edit /etc/default/bind to look like: OPTIONS=-u bind -g bind - restart bind with /etc/init.d/bind restart. read the documentation in /usr/share/doc/bind before doing this. there are some things that bind can't do when running as a non-root user (e.g. it can't bind to new/dynamic IP addresses. not a problem on a static ip server, but requires a bind restart if your link is dialup/dsl/cable/etc and your IP changes). craig -- craig sanders [EMAIL PROTECTED] Fabricati Diem, PVNC. -- motto of the Ankh-Morpork City Watch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Bind8 to Bind9
On Sat, Nov 16, 2002 at 03:21:38PM -0500, Victor Felix wrote: I just recently move to bind9, and the only thing that was a little unexpected, is that ndc has apparently been replaced with rndc, and you need an rndc.conf. It was relatively easy to configure these from the documentation. Just be aware that if you have any scripts or anything that depends on ndc, they will probably fail... On Sat, 2002-11-16 at 15:19, Peter Billson wrote: Hey *, I am planning the move from Bind8 to Bind9 on woody and was wondering if anyone has any tips, gotchas or pointers I should know before the move. A good way to setup rndc is to run 'rndc-confgen -a' which will create /etc/rndc.key, which rndc and named will use to negotiate a control channel between them. Comment out the controls section in your bind8 named.conf and odds are that you won't need to make a single other change to your old named.conf. As long as your zone files start with a $TTL line (which has been required since BIND 8.2 or 8.3, can't remember which off the top of my head) you should be able to run BIND 9. Ignore syslog messages about obsolete directives in named.conf until you're sure you're sticking with BIND 9, at which point you can remove the offending lines (BIND 9 just ignores them, so it hurts nothing to leave them). Cricket Liu just authored a DNS BIND Cookbook, which will help with all this little stuff we're covering here. It's worth the money if you run BIND anywhere on your network. -- Nate Campi http://www.campin.net I trust Microsoft. I trust them to be spectacularly unable to get anything right, including and especially hard things like large-scale industrial espionage. Sure, they'll make clownish, clumsy stabs at it and fail in predictable, amusing and embarassing ways, and then do it all over again. And their victi^H^H users will not only forgive them but spend a lot of energy making up excuses for them. msg07206/pgp0.pgp Description: PGP signature
Norton AntiVirus detected and quarantined a virus in a message yo u sent.
Recipient of the infected attachment: GOLDWAY, RUTH Y\Inbox Subject of the message: Japanese girl VS playboy One or more attachments were quarantined. Attachment Fjcp.exe was Quarantined for the following reasons: Virus [EMAIL PROTECTED] was found. application/ms-tnef
Re: Being new to Debian...
On Fri, 2002-11-15 at 22:22, Sonny Kupka wrote: Being new to Debian distro, I was just wondering what people's thoughts were on running testing in a ISP environment on a main server.. I don't want bleeding edge I just want up to date software on my servers.. If you're new to Debian, I woudn't. Start with stable until you're familiar with Debian. When you know the basic things about the packaging systems, read the apt_preferences man page: you can easily run stable and install some important software from testing. Remember: testing does *not* have security support. If a security issue is discovered, it's solved for stable, and probably very quickly in unstable, too. testing takes at least 3 days (often more) to catch up - so you'll be installing things from unstable - this may work or it may not... cheers -- vbi -- this email is protected by a digital signature: http://fortytwo.ch/gpg NOTE: keyserver bugs! get my key here: https://fortytwo.ch/gpg/92082481 signature.asc Description: This is a digitally signed message part
Bind8 to Bind9
Hey *, I am planning the move from Bind8 to Bind9 on woody and was wondering if anyone has any tips, gotchas or pointers I should know before the move. Thanks in advance. Pete
Re: Bind8 to Bind9
Pete, I just recently move to bind9, and the only thing that was a little unexpected, is that ndc has apparently been replaced with rndc, and you need an rndc.conf. It was relatively easy to configure these from the documentation. Just be aware that if you have any scripts or anything that depends on ndc, they will probably fail... -Victor On Sat, 2002-11-16 at 15:19, Peter Billson wrote: Hey *, I am planning the move from Bind8 to Bind9 on woody and was wondering if anyone has any tips, gotchas or pointers I should know before the move. Thanks in advance. Pete -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: New BIND 4 8 Vulnerabilities
On Wed, Nov 13, 2002 at 12:46:14PM +1100, Craig Sanders wrote: the main thing i'm worried about is that bind9 had enormous memory leaks when i tried 9.0 several months ago. i hope they're fixed now. FYI, doesn't look like the memory leaks have been fixed: # ps v -Cnamed PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND 6799 ?S 0:00111 232 336175 200968 39.1 /usr/sbin/named -u bind 6801 ?S 0:00 0 232 336175 200968 39.1 /usr/sbin/named -u bind 6802 ?S466:10 2757 232 336175 200968 39.1 /usr/sbin/named -u bind 6803 ?S 0:04 1 232 336175 200968 39.1 /usr/sbin/named -u bind 6804 ?R 49:56 1 232 336175 200968 39.1 /usr/sbin/named -u bind this is on a machine where bind 8 used to use about 150MB. bind 9 has been running for only 4 days. i'm going to revert back to bind 8 now that the patched 8.3.3-3 has been uploaded to unstable. craig -- craig sanders [EMAIL PROTECTED] Fabricati Diem, PVNC. -- motto of the Ankh-Morpork City Watch
Re: Bind8 to Bind9
On Sat, Nov 16, 2002 at 03:19:02PM -0500, Peter Billson wrote: I am planning the move from Bind8 to Bind9 on woody and was wondering if anyone has any tips, gotchas or pointers I should know before the move. bind 9 will use a LOT more memory than bind 8. at least double or triple the memory. i'd advise upgrading to the latest bind 8 instead and configuring it to run as user/group 'bind' rather than root. - install the latest bind 8.3.3 package, which has been patched against the recent vulnerability. - create a user and group called bind - chown -R bind.bind /var/cache/bind/ - create or edit /etc/default/bind to look like: OPTIONS=-u bind -g bind - restart bind with /etc/init.d/bind restart. read the documentation in /usr/share/doc/bind before doing this. there are some things that bind can't do when running as a non-root user (e.g. it can't bind to new/dynamic IP addresses. not a problem on a static ip server, but requires a bind restart if your link is dialup/dsl/cable/etc and your IP changes). craig -- craig sanders [EMAIL PROTECTED] Fabricati Diem, PVNC. -- motto of the Ankh-Morpork City Watch
Re: Bind8 to Bind9
On Sat, Nov 16, 2002 at 03:21:38PM -0500, Victor Felix wrote: I just recently move to bind9, and the only thing that was a little unexpected, is that ndc has apparently been replaced with rndc, and you need an rndc.conf. It was relatively easy to configure these from the documentation. Just be aware that if you have any scripts or anything that depends on ndc, they will probably fail... On Sat, 2002-11-16 at 15:19, Peter Billson wrote: Hey *, I am planning the move from Bind8 to Bind9 on woody and was wondering if anyone has any tips, gotchas or pointers I should know before the move. A good way to setup rndc is to run 'rndc-confgen -a' which will create /etc/rndc.key, which rndc and named will use to negotiate a control channel between them. Comment out the controls section in your bind8 named.conf and odds are that you won't need to make a single other change to your old named.conf. As long as your zone files start with a $TTL line (which has been required since BIND 8.2 or 8.3, can't remember which off the top of my head) you should be able to run BIND 9. Ignore syslog messages about obsolete directives in named.conf until you're sure you're sticking with BIND 9, at which point you can remove the offending lines (BIND 9 just ignores them, so it hurts nothing to leave them). Cricket Liu just authored a DNS BIND Cookbook, which will help with all this little stuff we're covering here. It's worth the money if you run BIND anywhere on your network. -- Nate Campi http://www.campin.net I trust Microsoft. I trust them to be spectacularly unable to get anything right, including and especially hard things like large-scale industrial espionage. Sure, they'll make clownish, clumsy stabs at it and fail in predictable, amusing and embarassing ways, and then do it all over again. And their victi^H^H users will not only forgive them but spend a lot of energy making up excuses for them. pgpNYtAMmYAdq.pgp Description: PGP signature
