Re: Use of Swap Space
On Saturday 31 January 2009 21:01:14 David Fox wrote: It isn't that RAM has a FAT - those things only are present on filesystems. It is more likely that free's interpretation doesn't include kernel memory. Also, 4gb may be 4*1024*1024 not 4*1000*1000, although that is more likely to be a concern with hard disk capacity. No, the issue is that manufactures advertise in *1000, while computers use bytes in *1024. The recent convention that's come into place to represent this is between Kilo/Mega/Giga-bytes (*1000) and Kibi/Mebi/Gibi-bytes (*1024). So a stick of memory advertised as 4 Gigabytes is going to present itself to your computer as 3.84 Gibibytes, roughly. http://xkcd.com/394/ Lee -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Use of Swap Space
On Sunday 01 February 2009 17:04:38 Nuno Magalhães wrote: So a stick of memory advertised as 4 Gigabytes is going to present itself to your computer as 3.84 Gibibytes, roughly. Er... what's the standard in Debian? 1024, right? We're still being logical here, right? Sorry, it's more like 3.72 Gibibytes. Anyway, it has nothing to do with Debian. It has to do with the fact that computers are binary, and memory manufacturers advertise their products by measuring in multiples of 10. Some might say that practice is dishonest, but it is also universal at this point. And the Kibibyte/Mebibyte/Gibibyte nomenclature was introduced by the IEEE like 10 years ago, so people really should be familiar with it by now. :) signature.asc Description: This is a digitally signed message part.
Re: Use of Swap Space
On Sunday 01 February 2009 17:59:07 Ron Johnson wrote: On 02/01/2009 02:49 PM, Lee Glidewell wrote: No, the issue is that manufactures advertise in *1000, while computers use Hard drive manufacturers, not RAM manufacturers. My beard's grey enough to remember when drive manufacturers measured drive capacity in binary KB, not decimal. bytes in *1024. The recent convention that's come into place to represent this is between Kilo/Mega/Giga-bytes (*1000) and Kibi/Mebi/Gibi-bytes (*1024). So a stick of memory advertised as 4 Gigabytes is going to present itself to your computer as 3.84 Gibibytes, roughly. If that were true, I'd have 8 * 10^9 bytes of RAM, and this demonstrates that error: snipped work Okay, I stand corrected. I guess I had assumed that RAM was sold this way as well, and hadn't bothered to do the math to check it. You know what they say about people who assume. ;) I'll go stand in the corner now. Lee -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Non-Debian Provided Packages
On Friday 17 October 2008 11:40:55 pm Jason C. Wells wrote: Is it advisable to install non-Debian provided packages? For example .deb files are out for openoffice3 but they haven't made their way to lenny yet. It seems like the Sun provided .deb files aren't quite so slick with handling dependencies. That or I am missing some important bit of understanding on how .debs work. Thanks, Jason I installed OpenOffice.org3 in Lenny with no problems. The Debian installer sends files to /opt, and so avoids overwriting any existing packages. The tarball is just a pack of .deb files for the individual applications in the suite, which have a non-obvious dependency order. It would have been nice to include an installation script, but lacking that, I simply went to the untarred directory and ran dpkg -i *deb Works well for me, ymmv. Lee -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Which package provides lvcreate
On Monday 13 October 2008 08:37:39 pm Stephen Liu wrote: Hi folks, Debian Etch I need the tool lvcreate to create LV. Please advise which of following packages I have to install; lvm-common lvm2 ??? Or I have to install both? TIA What are their main operation? B.R. Stephen L Hi Stephen, That's provided by the package lvm2. As far as I can tell, there is no package named lvm-common (at least not in Lenny). By the way, you can search packages for individual files by running: $ dpkg-query -S filename In the same way, you can list filenames included in a package with $ dpkg-query -L package Best, Lee -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Wireless issues -- Lenovo R61 ThinkPad
On Saturday 20 September 2008 08:58:27 am Ken Heard wrote: This laptop has Lenny installed. It has a built in IBM 3945 wireless card. Once I installed the firmware-iwlwifi package the laptop recognized this card and allowed me to configure it. While I usually use a RJ-45 cable connection to connect to networks, I am presently temporarily located where a wireless connection is more convenient. snip settings explanations These are the same settings I have been using all week, and now they don't work. I would certainly like to know why, and what to do -- not only to get the connection working again, but also to be able to activate it on boot up. Regards, Ken Heard I don't have a solution to the problem (which is that KDE's network manager has trouble with WEP keys), but I can offer my own workaround, with which I have had no problems so far: iwconfig wlan0 essid $wap_essid enc $wep_passkey; dhclient Replace (I hope obviously) the $ words with the actual values used. Basically, iwconfig handles WEP very well, whereas KNetworkManager is much better at handling WPA/2. At least in my experience. I am, fwiw, using the same card as you are. Hope this helps. Lee -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: test, plz ignore
On Wednesday 09 July 2008 06:29:22 pm T o n g wrote: On Wed, 09 Jul 2008 17:24:17 -0700, Paul Johnson wrote: They're not getting lost, they're getting through. Please stop using high circulation lists as your own personal feedback loop. First of all, please note that the message subject clearly stated that it is for testing purposed and asked you explicitly to ignore it. You are getting into trouble involving into this yourself. Secondly, FYI, what you see is less than 1/3 of of the test messages that I sent -- there is a reason for my testing. Third, if you don't believe me, try posting the above ulr without space through gmane.linux.debian.user, and you will know yourself. Please don't judge others using your ignorance. thank you. -- Tong (remove underscore(s) to reply) http://xpt.sourceforge.net/techdocs/ http://xpt.sourceforge.net/tools/ I'm with Paul on this. Using this list to test whatever it is you're testing is abuse, and the fact that you state that it should be ignored does not change that. Please desist. -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: More than one xserver?
On Sunday 06 July 2008 02:49:07 am Andrei Popescu wrote: On Sat, Jul 05, 2008 at 04:38:05PM -0500, Karl O. Pinc wrote: Hi, What's the right way to run more than one X server? You will probably get a few different answers to this question as there is no one true Right Way to do it. Here is a very simple one: 1. login at the console with the user for the first X 2. run 'startx' 3. switch to some other console and login as the user for the second X (can also be the same user) 4. run 'startx -- DISPLAY=:1' Regards, Andrei (I hope this minor thread hijacking isn't resented too much) I tried that, and every variation returns an error telling me that X is already running, and I should try removing some lock file if I feel that this message was received in error. I don't have any reason to need two X servers, so am really just curious for my own edification. Is there some configuration I need to tweak to allow more than one display? -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Help interpreting nmap scan on localhost running Lenny.Strange port?
On Wednesday 02 July 2008 01:27:19 pm Luis Maceira wrote: I recently installed Lenny(testing) and I have very few software installed,yet. I did a nmap scan which showed this: Interesting ports on localhost (127.0.0.1): Not shown: 1710 closed ports PORT STATE SERVICE VERSION 25/tcp open smtp Exim smtpd 4.69 111/tcp open rpcbind 113/tcp open ident 832/tcp open unknown 8118/tcp open privoxy? 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at snip the fingerprint above appears that the port 832/tcp is related to privoxy however when I kill privoxy and repeat the scan only 8118/tcp port(clearly identified by nmap as privoxy stuff) closes.So what port is that not identified by nmap?I do not think it is a backdoor or so as I record all my Internet traffic(tcpdump) and run 2 IDSs and none reports problems. My system was freshly installed with all cautions:checking sigs md5sums etc.. First of all: port scans on localhost are never, ever going to confirm or deny the presence of a backdoor. The localhost interface only allows communication between a shell and a service running on the *same computer*. Anyone able to exploit a localhost service would have already owned your machine some other way. Second, netstat is the command that should help you determine definitively which service is listening on 832. Lee -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: incoming connections refused
On Monday 30 June 2008 12:17:15 pm Nobody Famous wrote: The problem I'm having is that when I run a server on my Debian Linux machine, I can access the server from the local loopback interface, but the connection gets refused if I use the external IP address. snipped details/examples I can get to the outside world just fine, it's just connections coming in on the NIC that always get refused. Thanks, Rich _ The i’m Talkathon starts 6/24/08. For now, give amongst yourselves. http://www.imtalkathon.com?source=TXT_EML_WLH_LearnMore_GiveAmongst It sounds like you don't have these services listening on externally available interfaces. Some servers are designed to listen externally by default, but (afaik) Telnet and MySQL are not among them (and for good reason). Anyway, a netstat -tunva will give you a rundown of all connections, and will list anything that's listening and where. If it indicates that MySQL really is listening for outside connections, then there is something legitimately odd going on here. But, to get those services to listen externally, you will need to edit their configuration files in the /etc directory. Lee -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: dvd and cd burning and ripping
On Friday 27 June 2008 11:57:21 pm Daniel Dalton wrote: Isn't k3b qt based (kde)? Yes, it is. For a Gtk based burning application, take a look at Brasero. wodim is very easy to use, though, and the man page contains examples of most use cases (including audio files). -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: dvd and cd burning and ripping
On Saturday 28 June 2008 12:31:55 am Daniel Dalton wrote: Yes, it is. For a Gtk based burning application, take a look at Brasero. wodim Can that do dvds? (that will play in all dvd players?) Yes, it can. That said, whether or not it plays in a DVD player is more a function of the file creation software than the burning software. So, if you have files/filesystem images that play in DVD player, the burned DVD will play. -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: debian-40r3-i386-netinst.iso
On Thursday 26 June 2008 11:50:49 am Vwaju wrote: On Jun 26, 1:10 pm, Thierry Chatelet [EMAIL PROTECTED] wrote: On Thursday 26 June 2008 18:59:12 Adrian Chapela wrote: Vwaju escribió: I downloaded debian-40r3-i386-netinst.iso from http://www.debian.org/distrib/. and copied it to a CD. It appears to be about the right size (163,392KB), but it fails to boot on any of the follwoing computers: Have you calculated the md5sum ? was it the right md5sum ? Gateway Solo 1100 laptop Dell Dimension 4100 Dell Inspiron 8500 (I set the boot order to boot the CD drive first. However, the CD is bypassed in every case. And does it boot on any other computers? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] As far as I can tell, there is no pre-computed md5 checksum provided with the download (http://www.debian.org/distrib/netinst#smallcd). Am I missing something? I have tried only these 3 computers, and haven't yet found one that boots from debian-40r3-i386-netinst.iso. Try this link: http://www.debian.org/CD/http-ftp/#stable Anyway, the md5sum for the CD you mention is: 1df0cf02ba4213dd94b3e8bbe20cfe73 There is no reputable Linux distro that ships CD images without providing hashes. -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [OT]: possible spyware?
On Wednesday 25 June 2008 07:42:25 am Dotan Cohen wrote: 2008/6/25 Andrei Popescu [EMAIL PROTECTED]: Maybe it changed, but there used to be no password for the root account... https://help.ubuntu.com/community/RootSudo no, it hasn't changed. Nowhere does that document say that there is no password for root. what it does say is this: By default, the root account password is locked in Ubuntu. There is a root password, but the user does not know it. There is not a root password. There is a hash for the root password, but this hash matches no possible value, meaning that there is no password (the password, in order to exist as such, would have to validate against the hash stored in /etc/shadow). What Ubuntu does is nothing special: you can see for yourself by creating a dummy account and locking its password: # passwd -l dummy-account Now, look at /etc/shadow. You will see a ! character in the password hash field. All it does is set the password hash to an exclamation point. Since this is not a valid hash, no possible string will ever unlock this account through any login manager that uses said hash. -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Restarting X from command line
On Monday 23 June 2008 02:40:22 pm Andrea Ganduglia wrote: Hi. How can I restarting X from command line? I do not use login manager, then /etc/init.d/gdm restart cannot work. I use startx after autologin (inittab) [startx is in .bashrc] Thanks! -- Openclose.it - Idee per il software libero Openclose.it - Some ideas about free software http://www.openclose.it Ctrl-alt-backspace will kill just about any graphical session, if that's what you're asking. Apart from that, I'm not too clear on the question: generally you restart things the same way you started them the first time. If you use startx, then you'd have to run that again. -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: configuring shell autologin
On Friday 20 June 2008 12:20:12 am Mumia W.. wrote: On 06/20/2008 12:43 AM, Lee Glidewell wrote: snip I have so far tried two autologin solutions: [ failed solutions snipped ] Try this instead: 13:23:respawn:/sbin/getty -l /usr/local/bin/auto-login.2 -n 38400 tty13 ---auto-login.2--- #!/bin/sh /bin/login -f lee If you experience problems with this, try removing the -n option. Then all you need to do is to press any character at the login prompt--followed by enter--and you're in as the user lee. BTW, the 13th virtual console is accessed through RightAlt+F1 That did the trick (the -n option didn't work, though). Many thanks! -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
configuring shell autologin
First of all, why: this is for a single-user laptop with an encrypted hard drive. If someone gets past the initial passkey, they have all of my respect as well as my data. I'm trying to cut down on the amount of typing I have to do at startup (currently, between the hdd, the login, setting up wireless and unlocking the keyring that stores my e-mail/web passwords, I type 4 passwords/-keys). I have so far tried two autologin solutions: rungetty, and this script (named as /sbin/autologin): #!/bin/bash exec 0/dev/$1 1/dev/$1 21 cat /etc/issue shift exec $* I have setup tty1 to use these scripts for autologin, and get the same error message with both. Here are the inittab lines I used for each of the two: 1:2345:respawn:/sbin/rungetty tty1 --autologin lee and 1:2345:respawn:/sbin/autologin tty1 login -f lee In both cases, the response I get is that the terminal is respawning too frequently, and the terminal is locked for five minutes. I don't understand the getty applications well enough to figure out what to do next. What am I missing? :) -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Lenovo Thinkpad, HP, or Vostro/Latitude? was Re: OT: Laptop for College Bound Student?
On Sunday 15 June 2008 01:27:14 am Anthony Campbell wrote: snip Wireless works with th old ipw3945 stuff but I have never managed to get iwlwifi to do anything, so I can't use a later kernel than 2.6.23, Well, it Works For Me(tm). The procedure for getting iwlwifi up and running is slightly different from the older driver, but it definitely works (with a few known bugs, admittedly, such as poor LED indicator support). I would never choose a wifi chip other than Intel, so I want to say both 1) it shouldn't present compatibility problems, and 2) encourage anyone who's had such problems to post them here, along with what they've done, so that if these *are* serious problems, I can stop suggesting Intel wifi. Because otherwise, I plan to suggest that. Lee -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: netinst CD with OpenSSL fix?
On Sunday 15 June 2008 01:23:17 pm Tzafrir Cohen wrote: On Sun, Jun 15, 2008 at 07:35:41PM +0800, Bob wrote: Does such a thing exist? If you do a networked installation, you'll get the latest version at install time anyway. The issue here would be using the fixed random number generator to setup whole disk encryption. Upgrading after installation won't help with that. -- Lee Glidewell | PGP key: D5D686A7 [EMAIL PROTECTED] | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Which IM, blog and email service are best for debian users?
On Saturday 14 June 2008 06:32:59 pm Star Liu wrote: Hi Everyone, I'm sorry to ask this silly question here. I'm now using the microsoft live messenger, live spaces and hotmail as my IM, blog and email service provider, because i'm a windows user for a so long time. Two weeks before, I installed debian etch and lenny, and i like it very much. I'd like to get your opinions about which IM, blog and email services which suits debian best. Thanks! There's no reason you can't use those services with Debian. Hotmail webmail is, of course, OS-independent; Kopete and Pidgin have limited support for MSN Messenger (as well as all the other popular IM protocols), and Emesene has more full-featured support; I'm not sure about Live Spaces, as this is the first I've heard of it, but if it's web-based and doesn't require ActiveX, it will work fine with any OS. If you're looking for things that are ideologically compatible with Debian's mission statement, then Jabber would be your IM protocol (jabber.org and GoogleTalk being the major providers here), Wordpress would be your blogging engine, and any POP3/IMAP mail provider would work. Lee -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [debian-user] How to copy a laptop HD?
Have a look at partimage. Specifically you might be interested in the CloneZilla live distro. It's built specifically for the purpose of porting installations between hard disks. Lee On Tuesday 20 May 2008 01:47:03 pm Javier Vasquez wrote: Hi, I have an old laptop with a 10G HD. I have it partitioned into a swap partition hda5, an ext3 boot partition hda6, and an ext3 root partition hda7 (all logical). I acquired an 80G HD, and through an USB interface I have it partitioned the same way, only with bigger root partition, :). I did a copy of the contents of each partitions, except by /proc under root, into the new created ones, but I used cp -a instead of dd. This might have prevented copying the boot sector, necessary for the boot sector probably... Do you suggest using dd instead? Would it work even if the destine partition is bigger (I read somewhere it works perfectly when source and destine are the same size, but I never read it works perfectly when destine is bigger)... What about the HD MBR? I've tried already using dd if=/dev/hda of=~/full_mbr.bin bs=512 count=1 dd if=~/full_mbr.bin of=/dev/sda bs=446 count=1, but it didn't seem to work... I wouldn't know if using count=2 to include the boot sector would work since the boot partition is the 2nd one (the swap is the 1st one)... Any ways, I'm still on trials, but I haven't gotten grub to work yet. I tried also grub-install on sda, but that doesn't seem to work, it only does with chroot to the mounted root of sda and with a bind to the mounted boot of sda, however partially since it doesn't get to read stage2. Running manually grub over the chroot seems to overcome the stage2 thing, but I still don't get grub to work after booting. The thing is that as this is a laptop, and changing the HD on the only IDE slot is getting less fun each time, I was thinking what would be a good recipy to follow. Maybe using dd for each partition, or for the whole HD would work, although I find it hard to believe it would (the partition tables at least should be different, since the difference in sizes), but I just might be too skeptical, and using dd for the whole HD is what works out of the box after partitioning the HD, :). Please suggest, recommend, etc, :). Thanks, -- Javier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Cloning hda to new internal disk (was Re: [debian-user] How to copy a laptop HD?)
On Tuesday 20 May 2008 07:20:17 pm Ron Johnson wrote: In a similar vein to OP's question, I am going to buy a new boot disk, because my hda is old enough -- and drives are cheap enough -- that I'd rather replace it before it fails. So I checked out CloneZilla, but it seems to be aimed at institutional use. Even partimage seems to need an intermediary step. Is there any way to directly clone /dev/hda to /dev/sdX, so that I can then boot off of /dev/sdX? Yes, CloneZilla is capable of doing that. The default behavior is to create a full disk image, including the MBR and partition table, so if you use the disk-to-disk option you'll end with a ready-to-use, bootable hard disk. By intermediary step I'm guessing that you meant the compressed (gzip) disk image partimage can create -- but that's optional. There is the option to simply clone one disk onto another. Lee -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Debian secure by default?
On Friday 16 May 2008 07:02:59 pm Paul Johnson wrote: On Friday 16 May 2008 07:01:38 pm lostson wrote: My 2 cents a default firewall would be nice You mean like Windows has? How about not. Here's why: http://samspade.org/d/firewalls.html The money quote from that link: So... what does a 'personal firewall' actually do? Well, effectively it listens on all the ports on your system. This provides no real additional security over turning off the services that you don't use. The nature and purpose of a firewall seems to be greatly misunderstood. Personally, I think security vendor hype is as much to blame as naivete. Lee -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Debian secure by default?
On Friday 16 May 2008 07:39:27 pm lostson wrote: On Fri, 2008-05-16 at 19:09 -0700, Lee Glidewell wrote: On Friday 16 May 2008 07:02:59 pm Paul Johnson wrote: On Friday 16 May 2008 07:01:38 pm lostson wrote: My 2 cents a default firewall would be nice You mean like Windows has? How about not. Here's why: http://samspade.org/d/firewalls.html The money quote from that link: So... what does a 'personal firewall' actually do? Well, effectively it listens on all the ports on your system. This provides no real additional security over turning off the services that you don't use. The nature and purpose of a firewall seems to be greatly misunderstood. Personally, I think security vendor hype is as much to blame as naivete. Lee So basically a firewall is useless ? LostSon Well, no, I wouldn't go that far. I would say, however, that a generic, all-purpose software firewall isn't going improve Debian's out of the box security. If you know what you're doing, on the other hand, packet filtering software is incredibly useful. The point about the hardware firewalls boils down to two facts: 1) If you're serious about security, you should separate services. This means giving iptables its own box (e.g., a retail NAT router) rather than assigning a workstation to double-duty. 2) If you don't want to set up your own filtering rules, a retail NAT router is a better solution than an iptables configuration utility. The bottom line, IMO, is that a firewall is only a set of rules. How useful it is can only be judged in light of the specific function of the computer it's protecting. Lee -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Blocking Gmail ads
The stable one does, yes, but it's switching to WebKit. The epiphany-webkit package has been in the Testing repository for some time now. It's very fast, but last time I used it, it had quite a few hiccups when loading dynamic pages. On Thursday 15 May 2008 08:49:55 pm Ron Johnson wrote: Epiphany uses Gecko. -- Ron Johnson, Jr. Jefferson LA USA ESPN makes baseball players better. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
touchpad problem
I've been running Ubuntu on my laptop for some time, mainly because it doesn't require much fussing with power-saving and wireless settings that make laptops more difficult. With Ubuntu development continuing to depart from what I want or need, and with the advent of iwlwifi (the card is a 3945ABG), I decided to give Testing another shot. I only ran into one problem that I couldn't solve quickly. The touchpad's scroll area wouldn't function. I added the usual parameters for the touchpad to xorg.conf (including SHMConfig = on), but this made no difference. What's more, when I tried to run GSynaptics, it repeatedly told me to enable shared memory, despite the fact that I had already done what I thought was required for that. (i.e, setting SHMConfig to on or true and restarting X). Anyway, I have a feeling this was a fluke, since the last time I tried Lenny on this machine, the touchpad worked as expected. The same is true with the most recent Sidux live CD. This was last week's snapshot, fwiw. Any hints or suggestions are much appreciated. I've partimaged my old installation back onto the laptop in the meantime, but I plan to try to install Lenny again soon, and it would be very helpful to have some idea what to do if I run into this again. TIA. Lee -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: External IP
On Tuesday 22 April 2008 10:12:41 pm Rafael Fontenelle wrote: I can see that you're running behind a router or something similar. If you want to use a shell script to return the IP to the stdout, you could probably use 'curl'. I have this feeling that my last response to this thread never made it through or something. ;) curl *definitely* works with shell scripts, and like I pointed out, www.whatismyip.org (not .com) is specifically designed for tools such as curl. Running that URL as the argument for curl will return only the current machine's public IP address, with no extra formatting or HTML messiness. Thus, it is the ideal way of getting this output cleanly. It can even be used as input, e.g.: nmap $(curl www.whatismyip.org) Lee -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: HS: How to ban some IP's to connect to apache server
On Monday 21 April 2008 10:08:22 pm Thierry Chatelet wrote: Hello I know it's not really debian related, but: A site call ripe.net is trying all sorts of addresses to go inside my sites, like mysite.com/var/www/documents and so on. About a month ago, I email to the owner of the site, and it stopped, until this WE. So, I would like to ban him (they have about 10 different IP addresses hosted on servers from Netherland to Asia) to log into my server. I known, I can do it using deny from + IP in each virtual host. What I would prefer to do is deny those IP's from the server, not from each host.My server is running etch - apache2.2.3-4. How can I do that? Thierry Thierry, You could block the IP address (/range) in iptables, I suppose. That's normally pretty extraneous as a security measure (that's not going to stop anyone who's targeting you), but if there's a bot on that server that's constantly bugging you, that should be a quick way of making it stop filling up your access logs. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: What are proper permissions for home directory?
On Sunday 20 April 2008 07:33:33 pm Owen Townend wrote: On 21/04/2008, Dylan Garrett [EMAIL PROTECTED] wrote: What should the permissions of the files in my home directory be? Hey, The default is 755 though it is common to use 750 for a little privacy. IIRC the warning displays if you have the write bit set for anyone but you. This is true. The only question I have is whether the script modified the permissions recursively, in which case the warnings would be explained. Many of the hidden config files in the user's home root are supposed to be 644 or 600. In some cases, wrong permissions on those files can all but brick the account. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
OpenOffice.org widgets-set option
In other distros I've used, OOo is skinned to fit in with the rest of the desktop. I'm trying to replicate this with Debian, but not finding much in the way of how to do this. The OOo man page indicates that programs in the suite can be run with the --widgets-set option, but I can't figure out what arguments this takes. I've tried running it with the names of various toolkits, toolkit themes, and the various OOo styles I have installed, but the default (Gtk circa 2001) style keeps reappearing. Any pointers appreciated, even rtfm if you happen to know which m I should r. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
