Re: DoS prevention techquies.
On Mon, Jul 16, 2001 at 09:59:26PM -0600, Stefan Srdic wrote: Why can't I change the mc_forwarding parameter? Do you have CONFIG_MROUTE compiled into your kernel? What exactly do these paramters do, and should I be toying around with them? mc_forwarding enables/disables multicast routing [See ip-sysctl.txt in your kernel docs]. You decide :) Ciao Charl __ The loon Left me chuckling In the mist __ [ Charl Matthee ] [ +27-11-721-3800 ] [ Reality Manufacturing ] [ +27-11-405-6508 ] __ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: shared root account
On Tue, Jul 10, 2001 at 05:29:32AM -0800, Ethan Benson wrote: nice to know pam_pwdfile gained md5 support, iirc it only did the anchient crappy crypt before.. now there just needs to be a passwd command to work with this... htpasswd -- Nick Phillips -- [EMAIL PROTECTED] Don't feed the bats tonight. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
apt and other sources.
When I first install the Debian, I have specified apt source - cdrom. But, after I downloaded a deb pack. into the harddisk, I could not install it by using apt-get install ... Can you give example changes in the /usr/share/doc/apt/examples/source.list file? Should I configure this file or take another action to achieve installing a deb package in the harddisk (e.g /dev/hda1). Sevgi, Saygi, LINUX!!! (Love, Respect, LINUX!!!) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
apt and other sources.
Sevgi, Saygi, LINUX!!! On Tue, 17 Jul 2001, Halil Demirezen wrote: When I first install the Debian, I have specified apt source - cdrom. But, after I downloaded a deb pack. into the harddisk, I could not install it by using apt-get install ... Can you give example changes in the /usr/share/doc/apt/examples/source.list file? Should I configure this file or take another action to achieve installing a deb package in the harddisk (e.g /dev/hda1). Sevgi, Saygi, LINUX!!! (Love, Respect, LINUX!!!) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: apt and other sources.
On Tue, 17 Jul 2001, Halil Demirezen wrote: When I first install the Debian, I have specified apt source - cdrom. But, after I downloaded a deb pack. into the harddisk, I could not install it by using apt-get install ... Can you give example changes in the /usr/share/doc/apt/examples/source.list file? Hello, you can install an individual package by: dpkg --install package.deb But if you want to download more packages and use apt, add these lines to /etc/apt/sources.list: deb ftp://ftp.nl.uu.net/debian testing main contrib non-free deb ftp://ftp.nl.uu.net/debian stable main contrib non-free deb http://non-us.debian.org/debian-non-US stable/non-US main contrib non-free deb http://non-us.debian.org/debian-non-US testing/non-US main contrib non-free deb http://security.debian.org/debian-security/ potato/updates main contrib deb http://security.debian.org/debian-non-US/ potato/non-US main contrib deb-src ftp://ftp.nl.uu.net/debian stable main contrib non-free This will give you access to the stable (potato) and testing (woody) archive, as well as to non-us, security updates and sources. Change ftp.nl.uu.net with your favorite (nearby) server. Then run: apt-get update If you install a package now with apt, dependencies are solved. Should I configure this file or take another action to achieve installing a deb package in the harddisk (e.g /dev/hda1). You could have a local archive for packages, but that is only attractive if you have losts of non-debian distributed packages. Greetz, Sebastiaan Sevgi, Saygi, LINUX!!! (Love, Respect, LINUX!!!) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: shared root account
On Tue, Jul 17, 2001 at 12:29:45PM +0100, Nick Phillips wrote: On Tue, Jul 10, 2001 at 05:29:32AM -0800, Ethan Benson wrote: nice to know pam_pwdfile gained md5 support, iirc it only did the anchient crappy crypt before.. now there just needs to be a passwd command to work with this... htpasswd doesn't provide proper restrictions and authentication. (for other uses then sudo passwords). whats really needed is a passwd command that behaves exactly the same as passwd, only with alternate passwd files. -- Ethan Benson http://www.alaska.net/~erbenson/ PGP signature
Re: apt and other sources.
On Tue, Jul 17, 2001 at 02:04:23PM +0200, Sebastiaan wrote: But if you want to download more packages and use apt, add these lines to /etc/apt/sources.list: deb ftp://ftp.nl.uu.net/debian testing main contrib non-free deb ftp://ftp.nl.uu.net/debian stable main contrib non-free ...as his previously all-stable machine turns slowly into a testing system. deb http://security.debian.org/debian-security/ potato/updates main contrib deb http://security.debian.org/debian-non-US/ potato/non-US main contrib And since most packages in testing will have higher version numbers than those in either stable *or* in security, he won't get too many security updates, either. deb-src ftp://ftp.nl.uu.net/debian stable main contrib non-free And he will only have easy access to stable source code that will be increasingly irrelevant to his rapidly-approaching-testing system. Instead, how about: deb ftp://your.nearby.debian.mirror/debian potato main contrib non-free deb ftp://non-us.debian.org/debian-non-US potato/non-US main contrib non-free deb ftp://security.debian.org/ potato/updates main contrib non-free and deb-src ftp://your.nearby.debian.mirror/debian RELEASE main contrib non-free deb-src ftp://non-US.debian.org/debian-non-US RELEASE/non-US main contrib non-free (In the deb-src lines, use either stable, testing, or unstable where I've indicated RELEASE) -- Mike Renfro / RD Engineer, Center for Manufacturing Research, 931 372-3601 / Tennessee Technological University -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: apt and other sources.
Instead, how about: deb ftp://your.nearby.debian.mirror/debian potato main contrib non-free deb ftp://non-us.debian.org/debian-non-US potato/non-US main contrib non-free deb ftp://security.debian.org/ potato/updates main contrib non-free and deb-src ftp://your.nearby.debian.mirror/debian RELEASE main contrib non-free deb-src ftp://non-US.debian.org/debian-non-US RELEASE/non-US main contrib non-free deb http://http.us.debian.org/debian stable main contrib non-free deb http://non-us.debian.org/ stable non-US/main non-US/contrib non-US/non-free deb http://security.debian.org/ stable/updates main contrib non-free deb http://security.debian.org/debian-non-US stable/non-US main contrib non-free deb http://security.debian.org/debian-security stable/updates main contrib non-free deb http://http.us.debian.org/debian dists/proposed-updates/ Over the years, this is what I seem to have accumulated. Any comments/suggestions? The proposed-updates, was because of a package not making it into security.d.o due to whatever reason it was at the time. Mike Dresser -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Debian hosting an open relay?
On Mon, Jul 16, 2001 at 01:54:48PM -0700, Wade Richards wrote: All of my mail from the debian-security list is appearing in my spam folder, because it appears that murphy.debian.org is in the ORBS list. Does anyone know if this is a Debian problem (I find it hard to believe that there really is an open relay), or an ORBS problem? ORBS has closed down, and one of the orbs.org authoritative nameservers has configured his nameserver to return positive responses for all ORBS queries because Alan Brown refuses to remove him from the nameserver list. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: DoS prevention techquies.
Charl Matthee wrote: On Mon, Jul 16, 2001 at 09:59:26PM -0600, Stefan Srdic wrote: Why can't I change the mc_forwarding parameter? Do you have CONFIG_MROUTE compiled into your kernel? Nope, I excluded the multicast routing option during the kernel configuration. My Debian system is mainly used for a home desktop and a LAN server. I have no need for some of the advanced options of the Linux kernel. mc_forwarding enables/disables multicast routing [See ip-sysctl.txt in your kernel docs]. You decide :) Ciao Charl Thanks, I always apreciate the time and effort. Stef -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: DoS prevention techquies.
* Stefan Srdic ([EMAIL PROTECTED]) [010716 21:01]: snip What exactly do these paramters do, and should I be toying around with them? Sorry for the smarmy repsonse, but the answer to the second question is at least not until you are able to answer the first question. Too bad I can't help you answer the first question without doing some reading myself... we'll see if somebody beats me to it. Vineet pgpwVVzfxAoll.pgp Description: PGP signature
Re: DoS prevention techquies.
On Mon, Jul 16, 2001 at 09:59:26PM -0600, Stefan Srdic wrote: Why can't I change the mc_forwarding parameter? Do you have CONFIG_MROUTE compiled into your kernel? What exactly do these paramters do, and should I be toying around with them? mc_forwarding enables/disables multicast routing [See ip-sysctl.txt in your kernel docs]. You decide :) Ciao Charl __ The loon Left me chuckling In the mist __ [ Charl Matthee ] [ +27-11-721-3800 ] [ Reality Manufacturing ] [ +27-11-405-6508 ] __
Re: shared root account
On Tue, Jul 10, 2001 at 05:29:32AM -0800, Ethan Benson wrote: nice to know pam_pwdfile gained md5 support, iirc it only did the anchient crappy crypt before.. now there just needs to be a passwd command to work with this... htpasswd -- Nick Phillips -- [EMAIL PROTECTED] Don't feed the bats tonight.
apt and other sources.
When I first install the Debian, I have specified apt source - cdrom. But, after I downloaded a deb pack. into the harddisk, I could not install it by using apt-get install ... Can you give example changes in the /usr/share/doc/apt/examples/source.list file? Should I configure this file or take another action to achieve installing a deb package in the harddisk (e.g /dev/hda1). Sevgi, Saygi, LINUX!!! (Love, Respect, LINUX!!!)
apt and other sources.
Sevgi, Saygi, LINUX!!! On Tue, 17 Jul 2001, Halil Demirezen wrote: When I first install the Debian, I have specified apt source - cdrom. But, after I downloaded a deb pack. into the harddisk, I could not install it by using apt-get install ... Can you give example changes in the /usr/share/doc/apt/examples/source.list file? Should I configure this file or take another action to achieve installing a deb package in the harddisk (e.g /dev/hda1). Sevgi, Saygi, LINUX!!! (Love, Respect, LINUX!!!)
Re: apt and other sources.
On Tue, 17 Jul 2001, Halil Demirezen wrote: When I first install the Debian, I have specified apt source - cdrom. But, after I downloaded a deb pack. into the harddisk, I could not install it by using apt-get install ... Can you give example changes in the /usr/share/doc/apt/examples/source.list file? Hello, you can install an individual package by: dpkg --install package.deb But if you want to download more packages and use apt, add these lines to /etc/apt/sources.list: deb ftp://ftp.nl.uu.net/debian testing main contrib non-free deb ftp://ftp.nl.uu.net/debian stable main contrib non-free deb http://non-us.debian.org/debian-non-US stable/non-US main contrib non-free deb http://non-us.debian.org/debian-non-US testing/non-US main contrib non-free deb http://security.debian.org/debian-security/ potato/updates main contrib deb http://security.debian.org/debian-non-US/ potato/non-US main contrib deb-src ftp://ftp.nl.uu.net/debian stable main contrib non-free This will give you access to the stable (potato) and testing (woody) archive, as well as to non-us, security updates and sources. Change ftp.nl.uu.net with your favorite (nearby) server. Then run: apt-get update If you install a package now with apt, dependencies are solved. Should I configure this file or take another action to achieve installing a deb package in the harddisk (e.g /dev/hda1). You could have a local archive for packages, but that is only attractive if you have losts of non-debian distributed packages. Greetz, Sebastiaan Sevgi, Saygi, LINUX!!! (Love, Respect, LINUX!!!) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: shared root account
On Tue, Jul 17, 2001 at 12:29:45PM +0100, Nick Phillips wrote: On Tue, Jul 10, 2001 at 05:29:32AM -0800, Ethan Benson wrote: nice to know pam_pwdfile gained md5 support, iirc it only did the anchient crappy crypt before.. now there just needs to be a passwd command to work with this... htpasswd doesn't provide proper restrictions and authentication. (for other uses then sudo passwords). whats really needed is a passwd command that behaves exactly the same as passwd, only with alternate passwd files. -- Ethan Benson http://www.alaska.net/~erbenson/ pgpVOKL2WOz61.pgp Description: PGP signature
Re: apt and other sources.
On Tue, Jul 17, 2001 at 02:04:23PM +0200, Sebastiaan wrote: But if you want to download more packages and use apt, add these lines to /etc/apt/sources.list: deb ftp://ftp.nl.uu.net/debian testing main contrib non-free deb ftp://ftp.nl.uu.net/debian stable main contrib non-free ...as his previously all-stable machine turns slowly into a testing system. deb http://security.debian.org/debian-security/ potato/updates main contrib deb http://security.debian.org/debian-non-US/ potato/non-US main contrib And since most packages in testing will have higher version numbers than those in either stable *or* in security, he won't get too many security updates, either. deb-src ftp://ftp.nl.uu.net/debian stable main contrib non-free And he will only have easy access to stable source code that will be increasingly irrelevant to his rapidly-approaching-testing system. Instead, how about: deb ftp://your.nearby.debian.mirror/debian potato main contrib non-free deb ftp://non-us.debian.org/debian-non-US potato/non-US main contrib non-free deb ftp://security.debian.org/ potato/updates main contrib non-free and deb-src ftp://your.nearby.debian.mirror/debian RELEASE main contrib non-free deb-src ftp://non-US.debian.org/debian-non-US RELEASE/non-US main contrib non-free (In the deb-src lines, use either stable, testing, or unstable where I've indicated RELEASE) -- Mike Renfro / RD Engineer, Center for Manufacturing Research, 931 372-3601 / Tennessee Technological University -- [EMAIL PROTECTED]
Re: apt and other sources.
Instead, how about: deb ftp://your.nearby.debian.mirror/debian potato main contrib non-free deb ftp://non-us.debian.org/debian-non-US potato/non-US main contrib non-free deb ftp://security.debian.org/ potato/updates main contrib non-free and deb-src ftp://your.nearby.debian.mirror/debian RELEASE main contrib non-free deb-src ftp://non-US.debian.org/debian-non-US RELEASE/non-US main contrib non-free deb http://http.us.debian.org/debian stable main contrib non-free deb http://non-us.debian.org/ stable non-US/main non-US/contrib non-US/non-free deb http://security.debian.org/ stable/updates main contrib non-free deb http://security.debian.org/debian-non-US stable/non-US main contrib non-free deb http://security.debian.org/debian-security stable/updates main contrib non-free deb http://http.us.debian.org/debian dists/proposed-updates/ Over the years, this is what I seem to have accumulated. Any comments/suggestions? The proposed-updates, was because of a package not making it into security.d.o due to whatever reason it was at the time. Mike Dresser
Re: Debian hosting an open relay?
On Mon, Jul 16, 2001 at 01:54:48PM -0700, Wade Richards wrote: All of my mail from the debian-security list is appearing in my spam folder, because it appears that murphy.debian.org is in the ORBS list. Does anyone know if this is a Debian problem (I find it hard to believe that there really is an open relay), or an ORBS problem? ORBS has closed down, and one of the orbs.org authoritative nameservers has configured his nameserver to return positive responses for all ORBS queries because Alan Brown refuses to remove him from the nameserver list.
Re: DoS prevention techquies.
Charl Matthee wrote: On Mon, Jul 16, 2001 at 09:59:26PM -0600, Stefan Srdic wrote: Why can't I change the mc_forwarding parameter? Do you have CONFIG_MROUTE compiled into your kernel? Nope, I excluded the multicast routing option during the kernel configuration. My Debian system is mainly used for a home desktop and a LAN server. I have no need for some of the advanced options of the Linux kernel. mc_forwarding enables/disables multicast routing [See ip-sysctl.txt in your kernel docs]. You decide :) Ciao Charl Thanks, I always apreciate the time and effort. Stef
Re: shared root account
On Tue, Jul 17, 2001 at 04:17:23AM -0800, Ethan Benson wrote: On Tue, Jul 17, 2001 at 12:29:45PM +0100, Nick Phillips wrote: On Tue, Jul 10, 2001 at 05:29:32AM -0800, Ethan Benson wrote: nice to know pam_pwdfile gained md5 support, iirc it only did the anchient crappy crypt before.. now there just needs to be a passwd command to work with this... htpasswd doesn't provide proper restrictions and authentication. (for other uses then sudo passwords). whats really needed is a passwd command that behaves exactly the same as passwd, only with alternate passwd files. Hmm, shouldn't some PAM-aware passwd implementation be able to do this? -- Daniel Jacobowitz Carnegie Mellon University MontaVista Software Debian GNU/Linux Developer