Re: [gentoo-user] Curious pattern in log files from ssh...
On Thursday 04 December 2008, Steve wrote: > Simon wrote: > > Since it is very unlikely that the attacker is targeting you > > specifically, changing the port number (and removing root access) will > > very likely stop the attack forever. Though, if the attacker did > > target you, then you will need some more security tools (intrusion > > detection, etc...). > > I recognise that this doesn't seem to be a targeted attack - but it is > still frustrating to find that someone has evaded my IP blocking > strategy... even though they pose only a slightly elevated risk by > having done so. (Of course, I don't permit root login - that would be > madness... and, as far as I'm aware, no-one has guessed even a valid > user name... they're all obscure!) > > The thing that strikes me is that, in evading my blocking strategy, they > clearly identified a bot-net of compromised hosts. With this in mind, > ideally, I'd like to: > > 1. Automatically detect and block all future attacks on all ports from > all hosts which are involved in this coordinated attack. These hosts > can't be trusted not to be malicious. > 2. Somehow inform the administrator of the hosts attacking me (in a > respectful way) since, I presume, they are unaware that their host is > involved in the attack. > 3. Ideally, share this kind of information so that myself and others are > better protected from bot-net attacks in future. > > It's the sort of thing I imagine has already been done - and there's no > point in re-inventing the wheel. I recall something similar whereby the attacked machines would automatically launch an attack on the botnet/spammer to effect a DoS. Then the spammers complained and the guys who had written the software were forced by the police to recall it . . . sometimes I wonder. Anyway, I'm a bit thin on details - this was all the rage about 4-5 years ago as a legit way to defend yourself against spam. What I think is required is a script which will identify the compromised machine and promptly reformat its MSWindows OS - problem solved. Of course how you keep tabs on this tool not being misused is another thing. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] emerge --update pulling in enlightenment-0.16.9999.050
On Friday 05 December 2008 05:46:30 Jorge Peixoto de Morais Neto wrote: > > I should give e17 another try when it gets a little more stable, or > > when at least Vapier finds the time to update the snapshot ebuilds > > (which, last time I checked, were horribly outdated). > > > > Regards, > >Jorge Peixoto > > Oh, great, it seems vapier updated the snapshots! > Alan, would you recommend an e17 snapshot (dated 2008-09-25) to a > system that is mostly stable? I love simplicity, weightlessness and > speed, but I don't want too many (or severe) bugs. The snapshots are really just cvs dumps at a point in time where the devs get relatively few bugs reports. IIRC, august/september was a quiet period with no breakages so it should be ok to try out. The only gotcha I can think of is that there's a new base EFL package called eina and the ebuilds might not include it. See what "eix eina" returns. If nothing, then copy one of the smaller e17 libs ebuilds into your private overlay, change the obvious places to "eina" and emerge it first. Then emerge e. -- alan dot mckinnon at gmail dot com
[gentoo-user] gentoo package source CD available?
Hello, Want to swith to gentoo, but - no internet connection and - still want to compile the source for my specific architecture/processor to make my system speedy Are there CD/DVDs available that contains sources (burn to CD/DVD at a point of time) of all the gentoo packages? If yes, pls point me to a link about how can I install gentoo using these CD/DVDs. If not, any other method to achieve this? Thanks for your time. -hiren
Re: [gentoo-user] emerge --update pulling in enlightenment-0.16.9999.050
> I should give e17 another try when it gets a little more stable, or > when at least Vapier finds the time to update the snapshot ebuilds > (which, last time I checked, were horribly outdated). > > Regards, >Jorge Peixoto Oh, great, it seems vapier updated the snapshots! Alan, would you recommend an e17 snapshot (dated 2008-09-25) to a system that is mostly stable? I love simplicity, weightlessness and speed, but I don't want too many (or severe) bugs. -- Software is like sex: it is better when it is free - Linus Torvalds
Re: [gentoo-user] emerge --update pulling in enlightenment-0.16.9999.050
> e17 doesn't like transparency and compiz-style effects. You can get it to work > with the bling module or by using a compositing manager like xcompmgr or a > derivative, but I found it wasn't exactly stable on nVidia. You may have > better luck with ATI. Going offtopic, I for myself don't care about "fancy" eye-candy at all. I consider it futile. For example, my Xfce (with all compositing effects disabled) looks beautiful enough, and is fast, lightweight, customizable, simple and understandable. The things I miss from e17 are that e17 is even more configurable (you can configure what keyboard+mouse combination resizes a windows, for example, while on Xfce it seems hardwired to right-click, while I would prefer to use middle-click, since I often have to use GNOME and would like to use the same shortcuts), and even more lightweight (disk space, memory, speed) than Xfce. I should give e17 another try when it gets a little more stable, or when at least Vapier finds the time to update the snapshot ebuilds (which, last time I checked, were horribly outdated). Regards, Jorge Peixoto -- Software is like sex: it is better when it is free - Linus Torvalds
Re: [gentoo-user] ssmtp & at&t woes
On Thu, Dec 4, 2008 at 5:03 PM, Håkon Alstadheim <[EMAIL PROTECTED]>wrote: > Since this thread has been going on for so long without a resolution, I > thought I'd mention that I recently switched to nullmailer from ssmtp. Im > using port 587 with STARTTLS, and I find nullmailer way easier to set up. > Just put --user and --pass parameters in /etc/nullmailer/remotes. Thanks for this suggestion. I tried nullmailer, and it is, indeed, easier to set up. And I think it worked, too, but then I ran afoul of a "553" error in t&t/yahoo's smtp server - something about an unverified alternate email address. I'm guessing that nullmailer worked, but that at&t/yahoo have some additional layer of requirements for a working smtp connection. I've run out of patience with this and am now relaying my mail to smtp.gmail.com via ssmtp. That worked immediately without any of the at&t pain. Thanks to everyone who responded! John
[gentoo-user] Re: [OT] Other repositories
Etaoin Shrdlu <[EMAIL PROTECTED]> writes: > On Thursday 4 December 2008, 23:16, Harry Putnam wrote: > >> I've seen it discussed here about how to access other repositories >> besides the default ones shown on the mirrors link at gentoo.org. >> >> But am completely drawing blanks now trying to remember how I might go >> about accessing other repos... also could use a word of advice as to >> which are reliable or whatever. > > If by "other repositories" you mean overlays, see this: > > http://www.gentoo.org/proj/en/overlays/userguide.xml I see yes, but how do you tell what the member overlays are about? Those with names like `Apache' `perl' `VMware' etc are obvious enough but what about things like `Sunrise Gentoo User Overlay' or the ones just named after developers? layman -L just shows the source address. http://overlays.gentoo.org/ Shows little more Is there no handy way to get an idea what you might encounter in the different overlays? There doesn't seem to be any descriptions anywhere.
Re: [gentoo-user] Curious pattern in log files from ssh...
On December 4, 2008, Adam Carter wrote: > > Open a Wiki page on Wikipedia, update it every so often and > > provide simple > > parser for it so others can recycle same IPs. Since it's a > > Wiki page - others > > can update it as well (including botnet owners, but then > > they'd have to reveal themselves - tricky situation) :) > > Reveal themselves in what way? If you're taking about source IP, they can > just use one of their bots to make the page update... true. -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245 signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Curious pattern in log files from ssh...
Dmitry S. Makovey wrote: On December 3, 2008, Steve wrote: Dmitry S. Makovey wrote: well. Nobody but you knows your requiremens and specifics - we're just listing options. It's up to you to either take 'em or leave 'em ;) Fair enough - but I've still not found an option for sharing/using shared block lists for bot-nets. Open a Wiki page on Wikipedia, update it every so often and provide simple parser for it so others can recycle same IPs. Since it's a Wiki page - others can update it as well (including botnet owners, but then they'd have to reveal themselves - tricky situation) :) I hear the botnet owners have 1 or 2 spare machine scattered around the world they can proxy through... :) Shawn
Re: [gentoo-user] Audacious annoyance (special chars)
quoth the Dave Jones: > darren kirby wrote on 04/12/08 23:32: > > I've just noticed that my audacious will not play songs with special > > characters in the filename (ie: acute and grave accents, umlauts, > > cedillas etc) no matter how I try. Needless to say, this is very annoying > > as I have a lot of 'world music' that uses such characters. > > > > Version is 1.5.1-r1, USE flags are: 'chardet nls session sse2' > > The same audacious version played Jethro Tull Bourée and Animalée tracks > fine here. My USE flags are 'nls session sse2' > > Cheers, Dave OK, well, I rebuilt audacious with USE -chardet and now it plays these songs fine, however, it has created a new (worse!) annoyance, in that when I select a new song to play whilst one is already playing it spawns another audacious and plays the two songs simultaneously yersh.. -d -- darren kirby :: Part of the problem since 1976 :: http://badcomputer.org "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972
Re: [gentoo-user] Audacious annoyance (special chars)
darren kirby wrote on 04/12/08 23:32: > I've just noticed that my audacious will not play songs with special > characters in the filename (ie: acute and grave accents, umlauts, cedillas > etc) no matter how I try. Needless to say, this is very annoying as I have a > lot of 'world music' that uses such characters. > > Version is 1.5.1-r1, USE flags are: 'chardet nls session sse2' The same audacious version played Jethro Tull Bourée and Animalée tracks fine here. My USE flags are 'nls session sse2' Cheers, Dave
Re: [gentoo-user] Buying a low-cost printer for Linux
KH wrote on 04/12/08 19:47: > I have been told not to touch the Samsung drivers. I am using > net-print/foo2zjs. foo2zjs works well with the cheap HP CLJ1600 laser printer. Cheap, fast, no more expensive dried-up inkjet cartridges, good deal. Cheers, Dave
RE: [gentoo-user] Curious pattern in log files from ssh...
> > Also take a note that there are no "known-compromised hosts" > > What about hosts listed in RBLs? > http://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists. It > would be interesting to see if how much correlation there is > between ssh brute forcing bots and the contents of the various lists. Maybe http://wiki.duskglow.com/tiki-index.php?page=Packetbl "PacketBL is a program that uses DNS blocklists to determine whether to accept or reject packets" Used with dnsbl.ahbl.org "Aggregate zone, contains UCE/bulk email senders, open proxies, open relays, trojaned/infected machines, comment/trackback spammers" would be a good solution.
Re: [gentoo-user] confusing depclean output
On 04/12/08 Michael P. Soulier said: > The docs on this seem wrong. And yet they're not, since this is an update and not a depclean. I'll be quiet now. Mike pgp1Jsqf0XLxk.pgp Description: PGP signature
RE: [gentoo-user] Curious pattern in log files from ssh...
> Open a Wiki page on Wikipedia, update it every so often and > provide simple > parser for it so others can recycle same IPs. Since it's a > Wiki page - others > can update it as well (including botnet owners, but then > they'd have to reveal themselves - tricky situation) :) Reveal themselves in what way? If you're taking about source IP, they can just use one of their bots to make the page update...
Re: [gentoo-user] confusing depclean output
On 04/12/08 Dale said: > Yep, I had to add that option to mine a while back for --depclean to > work. Add that and it should run cleanly afterwards. You could also > --oneshot those in the list and it should work. I haven't tried that yet > but read it works. The docs on this seem wrong. --with-bdeps < y | n > In dependency calculations, pull in build time dependencies that are not strictly required. This defaults to 'n' for installa- tion actions and 'y' for the --depclean action. This setting can be added to EMERGE_DEFAULT_OPTS (see make.conf(5)) and later overridden via the command line. But it doesn't seem to default to y for --depclean. I get completely different results when I set --with-bdeps=y on --depclean. Mike -- Michael P. Soulier <[EMAIL PROTECTED]> "Any intelligent fool can make things bigger and more complex... It takes a touch of genius - and a lot of courage to move in the opposite direction." --Albert Einstein pgpDvvw1Qpctq.pgp Description: PGP signature
[gentoo-user] Cannot authenticate successfully with SSH
Anyone know if RSA keys are incompatible between ssh-3.8 and sshd-4.2? I have this combination between 2 clients and 1 server. RSA keys consistently fail, DSA keys consistently succeed. The clients are on FreeBSD 5.4 and 5.5, server is FreeBSD 6.1 I found one report on google of a similar case with a MacOS client connecting to a Gentoo server where the user reported upgrading to sshd-4.3 fixed it, but the key type was not mentioned and I cannot find any reference about it in OpenSSH's Changelogs, or it's bugzilla -- alan dot mckinnon at gmail dot com
RE: [gentoo-user] Curious pattern in log files from ssh...
> Also take a note that there are no "known-compromised hosts" What about hosts listed in RBLs? http://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists. It would be interesting to see if how much correlation there is between ssh brute forcing bots and the contents of the various lists. > because ANY IP can be forged. Its easy enough to forge a SYN, but to setup a session so you can make a password guessing attempt requires that you also get the packets back from the server, which is an order of magnitude more difficult. Ever since OSes have implemented well chosen initial sequence numbers, spoofing of TCP sessions has become very difficult.
[gentoo-user] Audacious annoyance (special chars)
Hi All, I've just noticed that my audacious will not play songs with special characters in the filename (ie: acute and grave accents, umlauts, cedillas etc) no matter how I try. Needless to say, this is very annoying as I have a lot of 'world music' that uses such characters. Can audacious be coerced into playing these songs? I should perhaps note that konqueror and even konsole display the characters just fine. The problem appears to be solely with audacious. Version is 1.5.1-r1, USE flags are: 'chardet nls session sse2' Thanks in advance -d -- darren kirby :: Part of the problem since 1976 :: http://badcomputer.org "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972
Re: [gentoo-user] ssmtp & at&t woes
Since this thread has been going on for so long without a resolution, I thought I'd mention that I recently switched to nullmailer from ssmtp. Im using port 587 with STARTTLS, and I find nullmailer way easier to set up. Just put --user and --pass parameters in /etc/nullmailer/remotes.
Re: [gentoo-user] ssmtp & at&t woes
On Thu, Dec 4, 2008 at 3:33 PM, <[EMAIL PROTECTED]> wrote: > > Hi John, > > I suppose you use a wrong username. According to > http://helpme.att.net/article.php?item=287 you have to use the full mail > address. Otherwise check your password for correctness. Tried that. Didn't help. I've been known to supply incorrect passwords, but I think it's correct in my ssmtp.conf. > > > Another problem might be the line in your revaliases file. The separator > between the columns is a colon not equals (right after the 'root'). If you > don't send mail to other people from your root account you do not need that > line anyway. You're right, but correcting this doesn't solve the problem,. either. Thanks for both suggestions. John
Re: [gentoo-user] [OT] Other repositories
On Thursday 4 December 2008, 23:16, Harry Putnam wrote: > I've seen it discussed here about how to access other repositories > besides the default ones shown on the mirrors link at gentoo.org. > > But am completely drawing blanks now trying to remember how I might go > about accessing other repos... also could use a word of advice as to > which are reliable or whatever. If by "other repositories" you mean overlays, see this: http://www.gentoo.org/proj/en/overlays/userguide.xml
[gentoo-user] [OT] Other repositories
I've seen it discussed here about how to access other repositories besides the default ones shown on the mirrors link at gentoo.org. But am completely drawing blanks now trying to remember how I might go about accessing other repos... also could use a word of advice as to which are reliable or whatever.
Re: [gentoo-user] Re: Buying a low-cost printer for Linux
Mark Knecht wrote: > On Thu, Dec 4, 2008 at 12:47 PM, Dale <[EMAIL PROTECTED]> wrote: > > >> My friend had two printers. I think it was the OLD Apple printer that >> did that. The HP, in another room, never had a problem. Might I add, >> the HP printed faster too. ;-) >> >> We seem to like HP on this list. lol >> >> Dale >> >> :-) :-) >> > > Yeah, it does. They are nice printers although on NewEgg probably > 15%-25% more expensive. I guess it's good to be king... ;-) > > Cheers, > Mark > > > froogle is your friend. What gets me about newegg nowadays, the shipping. I want to buy two 120mm fans, the shipping is more than the fans, by a wide margin. Looking for other places to buy those or some free shipping deals. My brother is stuck on that slow and clunky Lexmark. That is the noisiest thing I ever heard. It sounds like a someone beating something with a hammer when it prints. LOL Dale :-) :-)
Re: [gentoo-user] Re: Buying a low-cost printer for Linux
On Thu, Dec 4, 2008 at 12:47 PM, Dale <[EMAIL PROTECTED]> wrote: > > My friend had two printers. I think it was the OLD Apple printer that > did that. The HP, in another room, never had a problem. Might I add, > the HP printed faster too. ;-) > > We seem to like HP on this list. lol > > Dale > > :-) :-) Yeah, it does. They are nice printers although on NewEgg probably 15%-25% more expensive. I guess it's good to be king... ;-) Cheers, Mark
Re: [gentoo-user] Curious pattern in log files from ssh...
On Thursday 04 December 2008 21:03:17 Christian Franke wrote: > On 12/03/2008 09:02 PM, Steve wrote: > > I've recently discovered a curious pattern emerging in my system log > > with failed login attempts via ssh. > > > > I'm not particularly concerned - since I'm confident that all my users > > have strong passwords... but it strikes me that this data identifies a > > bot-net that is clearly malicious attempting to break passwords. > > > > Sure, I could use IPtables to block all these bad ports... or... I could > > disable password authentication entirely... but I keep thinking that > > there has to be something better I can do... any suggestions? Is there > > a simple way to integrate a block-list of known-compromised hosts into > > IPtables - rather like my postfix is configured to drop connections from > > known spam sources from the sbl-xbl.spamhaus.org DNS block list, for > > example. > > I just don't see what blocking ssh-bruteforce attempts should be good > for, at least on a server where few _users_ are active. Two reasons: a. Maybe, just maybe, you overlooked something. Belts, braces and a drawstring for good measure is not a bad thing. b. You probably want to get all that crap out of your log files off into some other place where you can cope with it. Parsing auth log files that are 95% brute force attempts is no fun. I like to have the crap in place A and the real stuff in place B, makes my job so much easier > > The chance that security of a well configured system will be compromised > by that is next to zero, and on recent systems it is also impossible to > cause significant load with ssh-login-attempts. Uh-huh. We all said that for many years. Then some bright spark actually looked at the patches the debian openssh maintainer was applying and we all had one of those special "oops..." moments Did you have any idea of just how weak certs made on a debian box were before it hit the headlines? No-one I know did. > Also, things like fail2ban add new attack-possibilities to a system, I > remember the old DoS for fail2ban, resulting from a wrong regex in log > file parsing, but I think at least this is fixed now. Whereas that is true enough in itself, the actual risk of such is rather low in comparison to the gains. Hence it is not a valid reason to not use fail2ban and such-like apps. If it were, we should all just stop using iptables and libwrap and openssl on the off-chance that maybe, just maybe, they open an attack vector. But that's silly reasoning right? -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] Re: Buying a low-cost printer for Linux
Grant Edwards wrote: > On 2008-12-04, Dale <[EMAIL PROTECTED]> wrote: > > >> I have a friend that owned a business that was closed on weekends. >> Every Monday we had to fan the paper and take out the toner cartridge >> and give it a little shake. I have heard that if it is a humid location >> that you either have to leave the printer on or print a lot. The claim >> was the toner would start to clump from the moister in the air. I have >> never seen that happen myself. >> > > I've had an HP LaserJet 1200 for about 4-5 years now. I only > print once or twice a month, and I've never had a single > problem. It's still on the original toner cartridge, and I > don't think I've even got through an entire ream of paper yet. > > It does Postscript, and there's a .ppd file for it, so it "just > works" with CUPS. It gets pretty hot/humid in the summer and > pretty cold/dry in the winter, and it doesn't seem to affect > the printer. > > It doesn't do color, but I write all my code in black and white > anyway... > > My friend had two printers. I think it was the OLD Apple printer that did that. The HP, in another room, never had a problem. Might I add, the HP printed faster too. ;-) We seem to like HP on this list. lol Dale :-) :-)
[gentoo-user] Re: Buying a low-cost printer for Linux
On 2008-12-04, Dale <[EMAIL PROTECTED]> wrote: > I have a friend that owned a business that was closed on weekends. > Every Monday we had to fan the paper and take out the toner cartridge > and give it a little shake. I have heard that if it is a humid location > that you either have to leave the printer on or print a lot. The claim > was the toner would start to clump from the moister in the air. I have > never seen that happen myself. I've had an HP LaserJet 1200 for about 4-5 years now. I only print once or twice a month, and I've never had a single problem. It's still on the original toner cartridge, and I don't think I've even got through an entire ream of paper yet. It does Postscript, and there's a .ppd file for it, so it "just works" with CUPS. It gets pretty hot/humid in the summer and pretty cold/dry in the winter, and it doesn't seem to affect the printer. It doesn't do color, but I write all my code in black and white anyway... -- Grant Edwards grante Yow! I have the power to at HALT PRODUCTION on all visi.comTEENAGE SEX COMEDIES!!
Re: [gentoo-user] xf86-video-intel, compiz, mplayer -fs file.avi freeze
On Sun, Nov 30, 2008 at 4:21 PM, <[EMAIL PROTECTED]> wrote: >> I cannot solve your problem because I know little of X and nothing >> about compiz (which I consider futile), but for this kind of problem, >> you may want to know about the magic SysRq key. It allows you to at >> least reboot your system cleanly when the system seems locked, and >> some times can even help you kill the bad program an resume work. >> http://www.kernel.org/doc/Documentation/sysrq.txt >> > > Thanks. > > I solved problem by recompiling whole Xorg to version same as in ubuntu. > > This is part from portage.keywords: > > <=x11-drivers/xf86-video-intel-2.4.2-r3 > <=x11-base/xorg-x11-7.3 > <=x11-base/xorg-server-1.5.2 > <=x11-libs/libpciaccess-0.10.3 > <=x11-proto/xproto-7.0.13 > <=x11-apps/xauth-1.0.3 > <=x11-libs/libXrender-0.9.4 > <=x11-proto/renderproto-0.9.3 > <=x11-proto/xextproto-7.0.3 > <=x11-libs/libXau-1.0.4 > <=x11-libs/libXext-1.0.4 > <=x11-proto/inputproto-1.4.4 > <=x11-apps/rgb-1.0.3 > <=x11-libs/libX11-1.1.5 > <=x11-apps/xinit-1.0.8-r3 > <=x11-proto/xf86driproto-2.0.4 > <=x11-libs/libXxf86vm-1.0.2 > <=x11-proto/randrproto-1.2.2 > <=x11-libs/libXfont-1.3.3 > <=x11-drivers/xf86-video-v4l-0.2.0 > <=x11-drivers/xf86-video-fbdev-0.4.0 > <=x11-drivers/xf86-input-keyboard-1.3.1 > <=x11-drivers/xf86-input-evdev-2.0.6 > <=x11-drivers/xf86-input-synaptics-0.15.2-r2 > <=x11-drivers/xf86-input-mouse-1.3.0 > <=x11-libs/xtrans-1.2.2 > <=media-libs/mesa-7.2 > <=x11-proto/printproto-1.0.4 > <=x11-libs/libdrm-2.3.1 > <=x11-libs/pixman-0.12.0 > <=x11-misc/xkeyboard-config-1.3 How about you replace the <= symbols by '~', such that revision updates are also alwowed? -- Software is like sex: it is better when it is free - Linus Torvalds
Re: [gentoo-user] ssmtp & at&t woes
John Blinka wrote: I recently switched to at&t from another isp. At that other isp, my ssmtp setup worked perfectly. With at&t, a similar ssmtp setup (modified appropriately to point to at&t's smtp server) does not work at all. AT&T told me to use the server smtp.att.yahoo.com and port 465. So my ssmtp.conf file looks like: Debug=YES [EMAIL PROTECTED] mailhub=smtp.att.yahoo.com:465 AuthUser=xxx AuthPass=yyy rewriteDomain=att.net FromLineOverride=YES UseTLS=YES and my revaliases file looks like [EMAIL PROTECTED]:smtp.att.yahoo.com:465 The result of the command mail -v -s test [EMAIL PROTECTED] is: [<-] 220 smtp122.sbc.mail.sp1.yahoo.com ESMTP [->] EHLO tobey [<-] 250 8BITMIME [->] AUTH LOGIN [<-] 334 VXNlcm5hbWU6 [->] am9obi5ibGlua2E= [<-] 334 UGFzc3dvcmQ6 [<-] 535 authorization failed (#5.7.0) send-mail: Authorization failed (535 authorization failed (#5.7.0)) Can't send mail: sendmail process failed with error code 1 I read somewhere that some people can't get at&t's port 465 to work with ssmtp and that they have used port 587 successfully. Not so for me. Using port 587 (replacing 465 by 587 in ssmtp.conf and revaliases), the result of mail -v -s test [EMAIL PROTECTED] is: SSL_connect: Success send-mail: Cannot open smtp.att.yahoo.com:587 Can't send mail: sendmail process failed with error code 1 I have no problem at all sending mail to my att.net account from various gmail accounts I use, so I know that my password and username combination functions. I can telnet to smtp.att.yahoo.com at either port 465 or 587 and get a response, so nothing is blocking either port. Any insights or suggestions? John Blinka Hi John, I suppose you use a wrong username. According to http://helpme.att.net/article.php?item=287 you have to use the full mail address. Otherwise check your password for correctness. Another problem might be the line in your revaliases file. The separator between the columns is a colon not equals (right after the 'root'). If you don't send mail to other people from your root account you do not need that line anyway. ms
Re: [gentoo-user] Curious pattern in log files from ssh...
On December 4, 2008, Christian Franke wrote: > I just don't see what blocking ssh-bruteforce attempts should be good > for, at least on a server where few _users_ are active. Considering how much creative paranoia I've exposed in this thread it might come as a surprise, but I do agree with the above statement. Strong passwords (or key-only authentication) would prevent brute-force attacks from being successfull. The only thing that is semi-usefull side-effect is that you can identify compromised machines and deny ANY type of traffic from them preventing possible DoS launched against you. But then IPs are so easy to spoof :) Balance is what makes sysadmin comfortable enough and doesn't compromise usability of the server, so everybody decides for themselves. OP obviously wants that "extra" layer of protection and notification so with a bit of creativity and some external tools it's possible to achieve. As long as he doesn't forget about other aspects of security - he should do just fine with all those extra measures :) -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245 signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Buying a low-cost printer for Linux
Mark Knecht wrote: > On Wed, Dec 3, 2008 at 11:52 PM, Dale <[EMAIL PROTECTED]> wrote: > >> Dominic Kexel wrote: >> >>> That's right, i totaly agree. If you buy a HP-printer, you (almost) can't >>> do something wrong. I am using a HP Deskjet F2180 (40€). Printing and >>> scanning both work without problems. >>> >>> On Wed, 3 Dec 2008 22:00:28 -0800 >>> "Manuel McLure" <[EMAIL PROTECTED]> wrote: >>> >>> >>> >>> >> I have a HP Deskjet D4260 that I got from newegg for less than $50.00. >> It works very well. Before that I had a little Deskjet 3820 which I had >> for years. It finally lost its head. Turn it on and it just goes from >> side to side until I cut it off. The 4260 also has the option of using >> the hi yield cartridges too. It can print for a long time without >> running out of ink. >> >> I think if you get a HP printer, you will do all right. I wouldn't get >> the latest thing unless I checked for drivers first tho. Also, to get >> my old 3820 to work, I googled for the ppd file and put it in the right >> place for cups. That was before hplip came out. I don't remember >> having to do that with the 4260. >> >> Hope that helps give you some ideas. >> >> Dale >> >> > > Thanks Dale, and everyone who suggests HP. This is probably the best > way to go if he decides to stay with an inexpensive ink-jet. > > I'm intrigued by Albert's suggestion to look for a $400 color laser > printer. It's not a great solution for my house by my Dad's flush so > he might like that sort of solution. > > A question I have about laser printers, from the old days whn I had > one, is aren't they really pretty bad reliability for low print volume > applications. My old laser printer, made by some off-brand company > that was early into the Postscript clone game, was that the rollers > very quickly got flat spots because we didn't print every day. When we > would print the paper wouldn't feed correctly and the quality was bad. > I don't think my Dad is going to print more than 2-3 pages/day on > average and since they travel now and again it could sit idle for a > week or two. > > I suppose I could make some sort of cron job that printed one page a > day if that was a reasonable solution. > > Very interested in your ideas and greatful for all the responses. > > Cheers, > Mark > I have a friend that owned a business that was closed on weekends. Every Monday we had to fan the paper and take out the toner cartridge and give it a little shake. I have heard that if it is a humid location that you either have to leave the printer on or print a lot. The claim was the toner would start to clump from the moister in the air. I have never seen that happen myself. That was a long time ago and surely by now they have fixed those "issues". Laser is good but also keep your light bill in mind. They do use a good bit more electricity. Dale :-) :-)
Re: [gentoo-user] FAT/VFAT fs analyser ???
On Thu, Dec 4, 2008 at 1:31 PM, Daniel Pielmeier <[EMAIL PROTECTED]> wrote: > [EMAIL PROTECTED] schrieb am 02.12.2008 04:31: >> I have solved my little problem with a tool called "fatsort". > > Just another update. Today fatsoft entered the portage tree [1]. > > [1] http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-fs/fatsort/ It seems useful, thanks! :)
Re: [gentoo-user] FAT/VFAT fs analyser ???
[EMAIL PROTECTED] schrieb am 02.12.2008 04:31: > I have solved my little problem with a tool called "fatsort". Just another update. Today fatsoft entered the portage tree [1]. [1] http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-fs/fatsort/ signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Buying a low-cost printer for Linux
Mark Knecht schrieb: > On Thu, Dec 4, 2008 at 10:18 AM, KH <[EMAIL PROTECTED]> wrote: > >> Albert Hopkins schrieb: >> >> Some weeks ago I bought Samsung clp-300 color laser printer for less >> than 130 Euros. I use cups and I don't have any problems. Did not have >> to by new "color" jet. I have been told I can print 7000 pages before I >> have to :-) >> You can go cheap and good. The model is from 2006 or so. >> >> kh >> >> >> > > Is it roughly this model? > > http://www.newegg.com/Product/Product.aspx?Item=N82E16828112054 > > Do you plug this into a PC via USB or run it over the network using > the Ethernet port? > > Any comments on the roller problem I had on my old laser printer? do > the paper rollers remain engaged when the printer isn't printing and > thus potentially cause flat spots? > > Thanks, > Mark > > I have the version without the network connection. I am running it over the usb port. I have no idea about the roller problem. kh
Re: [gentoo-user] Buying a low-cost printer for Linux
On Thu, Dec 4, 2008 at 10:56 AM, Chris Thomas <[EMAIL PROTECTED]> wrote: > I've heard the some Samsung laser printers will only print a pre-set > number of pages for each toner cartridge even if you have toner > remaining. > > I would probably stay away from the 510s. > > http://www.dunfield.com/clp510/ > > > -Chris > Resourceful guy. Interesting page and interesting that he replaced it with an HP 2605DN which is, as per one of my original comments about buying printers, no longer available through NewEgg so it's not clear to me what price range his printer was in. Clearly the cartridges are expensive though. These printers have short lifetimes in the retail chain...
Re: [gentoo-user] Curious pattern in log files from ssh...
On 12/03/2008 09:02 PM, Steve wrote: > I've recently discovered a curious pattern emerging in my system log > with failed login attempts via ssh. > > I'm not particularly concerned - since I'm confident that all my users > have strong passwords... but it strikes me that this data identifies a > bot-net that is clearly malicious attempting to break passwords. > > Sure, I could use IPtables to block all these bad ports... or... I could > disable password authentication entirely... but I keep thinking that > there has to be something better I can do... any suggestions? Is there > a simple way to integrate a block-list of known-compromised hosts into > IPtables - rather like my postfix is configured to drop connections from > known spam sources from the sbl-xbl.spamhaus.org DNS block list, for > example. I just don't see what blocking ssh-bruteforce attempts should be good for, at least on a server where few _users_ are active. The chance that security of a well configured system will be compromised by that is next to zero, and on recent systems it is also impossible to cause significant load with ssh-login-attempts. Also, things like fail2ban add new attack-possibilities to a system, I remember the old DoS for fail2ban, resulting from a wrong regex in log file parsing, but I think at least this is fixed now. Regards, Christian Franke signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Buying a low-cost printer for Linux
I've heard the some Samsung laser printers will only print a pre-set number of pages for each toner cartridge even if you have toner remaining. I would probably stay away from the 510s. http://www.dunfield.com/clp510/ -Chris On Thu, Dec 4, 2008 at 1:47 PM, KH <[EMAIL PROTECTED]> wrote: > Arttu V. schrieb: >> On 12/4/08, KH <[EMAIL PROTECTED]> wrote: >> >>> Some weeks ago I bought Samsung clp-300 color laser printer for less >>> than 130 Euros. I use cups and I don't have any problems. Did not have >>> to by new "color" jet. I have been told I can print 7000 pages before I >>> have to :-) >>> You can go cheap and good. The model is from 2006 or so. >>> >> >> I have bad experiences with Samsung, though not with that exact model. >> Samsung proprietary driver may be some sort of world record of ugly >> hacks and hairy stuff. See, e.g., Gentoo bug #139715 and all the >> complaints from Samsung-trying Linux-users in the blogosphere / >> Intertubes. >> >> But I'm glad if they've fixed their stuff recently. >> >> > I have been told not to touch the Samsung drivers. I am using > net-print/foo2zjs. > > kh > >
[gentoo-user] xulrunner and swt (Gentoo bug 241400)
Hi! The problem is decribed here: http://bugs.gentoo.org/show_bug.cgi?id=241400 Has anybody success strory wrt resolving (working around) the isuue? It's real showstopper for me. Andrew
Re: [gentoo-user] Buying a low-cost printer for Linux
Arttu V. schrieb: > On 12/4/08, KH <[EMAIL PROTECTED]> wrote: > >> Some weeks ago I bought Samsung clp-300 color laser printer for less >> than 130 Euros. I use cups and I don't have any problems. Did not have >> to by new "color" jet. I have been told I can print 7000 pages before I >> have to :-) >> You can go cheap and good. The model is from 2006 or so. >> > > I have bad experiences with Samsung, though not with that exact model. > Samsung proprietary driver may be some sort of world record of ugly > hacks and hairy stuff. See, e.g., Gentoo bug #139715 and all the > complaints from Samsung-trying Linux-users in the blogosphere / > Intertubes. > > But I'm glad if they've fixed their stuff recently. > > I have been told not to touch the Samsung drivers. I am using net-print/foo2zjs. kh
Re: [gentoo-user] Buying a low-cost printer for Linux
On Thu, Dec 4, 2008 at 10:18 AM, KH <[EMAIL PROTECTED]> wrote: > Albert Hopkins schrieb: >> On Wed, 2008-12-03 at 19:44 -0800, Mark Knecht wrote: >> >>> Does anyone have a good way of figuring out what printers that you can >>> actually buy in the retail market place actually have support in >>> Linux? I sure don't. >>> >> >> [snip] >> >> My suggestion would be not go go cheap. Nowadays you can get a color >> laser w/ built-in PostScript for around $400. The output is fast and >> great (compared to ink jets) and It Just Works [tm] with Linux. I'd >> rather spend the extra money and be happy with my choice, but that's >> just me. >> >> -a >> > Some weeks ago I bought Samsung clp-300 color laser printer for less > than 130 Euros. I use cups and I don't have any problems. Did not have > to by new "color" jet. I have been told I can print 7000 pages before I > have to :-) > You can go cheap and good. The model is from 2006 or so. > > kh > > Is it roughly this model? http://www.newegg.com/Product/Product.aspx?Item=N82E16828112054 Do you plug this into a PC via USB or run it over the network using the Ethernet port? Any comments on the roller problem I had on my old laser printer? do the paper rollers remain engaged when the printer isn't printing and thus potentially cause flat spots? Thanks, Mark
Re: [gentoo-user] Buying a low-cost printer for Linux
On 12/4/08, KH <[EMAIL PROTECTED]> wrote: > Some weeks ago I bought Samsung clp-300 color laser printer for less > than 130 Euros. I use cups and I don't have any problems. Did not have > to by new "color" jet. I have been told I can print 7000 pages before I > have to :-) > You can go cheap and good. The model is from 2006 or so. I have bad experiences with Samsung, though not with that exact model. Samsung proprietary driver may be some sort of world record of ugly hacks and hairy stuff. See, e.g., Gentoo bug #139715 and all the complaints from Samsung-trying Linux-users in the blogosphere / Intertubes. But I'm glad if they've fixed their stuff recently. -- Arttu V.
Re: [gentoo-user] Buying a low-cost printer for Linux
If you don't need color, I would seriously look at b/w personal laser printers that are network-ready; newer HP models like the 1000 series work very well and and can be found for less than $200. Older HP lasers like the 5si models are built like tanks and are extremely durable and long lasting. -Chris On Thu, Dec 4, 2008 at 1:18 PM, KH <[EMAIL PROTECTED]> wrote: > Albert Hopkins schrieb: >> On Wed, 2008-12-03 at 19:44 -0800, Mark Knecht wrote: >> >>> Does anyone have a good way of figuring out what printers that you can >>> actually buy in the retail market place actually have support in >>> Linux? I sure don't. >>> >> >> [snip] >> >> My suggestion would be not go go cheap. Nowadays you can get a color >> laser w/ built-in PostScript for around $400. The output is fast and >> great (compared to ink jets) and It Just Works [tm] with Linux. I'd >> rather spend the extra money and be happy with my choice, but that's >> just me. >> >> -a >> > Some weeks ago I bought Samsung clp-300 color laser printer for less > than 130 Euros. I use cups and I don't have any problems. Did not have > to by new "color" jet. I have been told I can print 7000 pages before I > have to :-) > You can go cheap and good. The model is from 2006 or so. > > kh > >
Re: [gentoo-user] Buying a low-cost printer for Linux
Albert Hopkins schrieb: > On Wed, 2008-12-03 at 19:44 -0800, Mark Knecht wrote: > >> Does anyone have a good way of figuring out what printers that you can >> actually buy in the retail market place actually have support in >> Linux? I sure don't. >> > > [snip] > > My suggestion would be not go go cheap. Nowadays you can get a color > laser w/ built-in PostScript for around $400. The output is fast and > great (compared to ink jets) and It Just Works [tm] with Linux. I'd > rather spend the extra money and be happy with my choice, but that's > just me. > > -a > Some weeks ago I bought Samsung clp-300 color laser printer for less than 130 Euros. I use cups and I don't have any problems. Did not have to by new "color" jet. I have been told I can print 7000 pages before I have to :-) You can go cheap and good. The model is from 2006 or so. kh
Re: [gentoo-user] Buying a low-cost printer for Linux
On Wed, Dec 3, 2008 at 11:52 PM, Dale <[EMAIL PROTECTED]> wrote: > Dominic Kexel wrote: >> That's right, i totaly agree. If you buy a HP-printer, you (almost) can't do >> something wrong. I am using a HP Deskjet F2180 (40€). Printing and scanning >> both work without problems. >> >> On Wed, 3 Dec 2008 22:00:28 -0800 >> "Manuel McLure" <[EMAIL PROTECTED]> wrote: >> >> >> > > I have a HP Deskjet D4260 that I got from newegg for less than $50.00. > It works very well. Before that I had a little Deskjet 3820 which I had > for years. It finally lost its head. Turn it on and it just goes from > side to side until I cut it off. The 4260 also has the option of using > the hi yield cartridges too. It can print for a long time without > running out of ink. > > I think if you get a HP printer, you will do all right. I wouldn't get > the latest thing unless I checked for drivers first tho. Also, to get > my old 3820 to work, I googled for the ppd file and put it in the right > place for cups. That was before hplip came out. I don't remember > having to do that with the 4260. > > Hope that helps give you some ideas. > > Dale > Thanks Dale, and everyone who suggests HP. This is probably the best way to go if he decides to stay with an inexpensive ink-jet. I'm intrigued by Albert's suggestion to look for a $400 color laser printer. It's not a great solution for my house by my Dad's flush so he might like that sort of solution. A question I have about laser printers, from the old days whn I had one, is aren't they really pretty bad reliability for low print volume applications. My old laser printer, made by some off-brand company that was early into the Postscript clone game, was that the rollers very quickly got flat spots because we didn't print every day. When we would print the paper wouldn't feed correctly and the quality was bad. I don't think my Dad is going to print more than 2-3 pages/day on average and since they travel now and again it could sit idle for a week or two. I suppose I could make some sort of cron job that printed one page a day if that was a reasonable solution. Very interested in your ideas and greatful for all the responses. Cheers, Mark
Re: [gentoo-user] Buying a low-cost printer for Linux
On Wed, Dec 3, 2008 at 11:18 PM, Heinrichs, Dirk (EXT-Capgemini - DE/Dusseldorf) <[EMAIL PROTECTED]> wrote: > Am Mittwoch, den 03.12.2008, 20:29 -0800 schrieb ext Mark Knecht: >> Thanks for the idea. I'd not heard of them. > > TurboPrint is actually a port of an old Amiga software. They already > were ahead of time in the printing area back then. > > OTOH, there was this article on german Heise Online (english version) a > few weeks ago: > http://www.heise-online.co.uk/news/Gutenprint-5-2-1-drivers-for-Linux-and-Mac-OS-X-improve-printer-support--/111788 > > However, version 5.2.1 didn't make it into portage, yet. > > HTH... > >Dirk > -- Thanks. No change in support for two of my currently unsupported printers in earlier versions of Gutenprint. However it does look pretty good on the surface. Thanks, Mark
Re: [gentoo-user] Buying a low-cost printer for Linux
On Wed, Dec 3, 2008 at 9:05 PM, Volker Armin Hemmann <[EMAIL PROTECTED]> wrote: > On Donnerstag 04 Dezember 2008, Mark Knecht wrote: >> On Wed, Dec 3, 2008 at 8:16 PM, Volker Armin Hemmann >> >> <[EMAIL PROTECTED]> wrote: >> > On Donnerstag 04 Dezember 2008, Mark Knecht wrote: >> >> Does anyone have a good way of figuring out what printers that you can >> >> actually buy in the retail market place actually have support in >> >> Linux? I sure don't. >> > >> > forget the 'opensource' printers, and buy a turboprint licence. It rocks. >> > It really does. >> >> I'll have to write them and get some answers. Can I run it on multiple >> machines using a singe license. None of my printers were in their >> supported list so do they support them or not? They should be able to >> answer those sorts of questions. >> >> However, their list of supported devices is still much smaller than >> the Open Source list so it begs the same question... Even though they >> have support for a nice set of printers, which of those printers can >> be purchased new today through normal retail channels? >> >> Thanks for the idea. I'd not heard of them. >> >> Cheers, >> Mark > > my story: I have a canon pixma ip3300. With opensource drivers I got either no > picture, wrong colours or the paper was completly wet. > > I asked turboprint, shortly afterwards I was able to buy a licence for a > driver perfectly supporting my printer on amd64. > They seem to be nice guys. Responded to my questions pretty quickly. Basically it seems that they try to support new printers as soon as reasonably possible. I guess they wait for requests and queue your printer up or something. No input from them as to finding a new printer that is supported out of the box. They may be getting a bit expensive for me. Our printers are attached to 3 different machines in different houses. Their single license only allows me to run two printers on a single machine so I have to start buying licenses for each house. I will definitely keep them in mind. thanks, Mark
Re: [gentoo-user] Buying a low-cost printer for Linux
G'day; Most Manufacturers support Post Script out of the box (it's a 30 year old standard); you just need to make sure that your kernel has the appropriate driver. And you have the appropriate sub-system installed. (LPR, CUPS whatever). HP makes a concerted effort to support all operating systems (linux,Unix, BSD, Windows, QNX ...) you get the picture. So get a low cost HP printer and you'll do fine; lexmark is also a very good place to look but make sure that the printer is supported by whatever subsystem you choose (let's say you choose CUPS then make sure it's compatable with the model you are interested in first). This is the bane of the linux camp; enjoy. On Thu, Dec 4, 2008 at 11:25 AM, Albert Hopkins <[EMAIL PROTECTED]>wrote: > On Wed, 2008-12-03 at 19:44 -0800, Mark Knecht wrote: > > Does anyone have a good way of figuring out what printers that you can > > actually buy in the retail market place actually have support in > > Linux? I sure don't. > > My first Linux printer was a *used* Apple LaserWriter (with serial > port). I knew it worked with Linux because it had built-in PostScript > and they guy I bought it from actually used it on his Sun workstation. > It weighed 600 lbs and printed 0.25 pages per minute but the output was > awesome! > > My second Linux printer was a Lexmark LED printer. I knew it was > Linux-compatible because it actually came with a CD that had Linux > drivers on it. It was relatively inexpensive although the cartridges > weren't. > > My third Linux printer was a Canon ink jet. It would be my first and > last ink jet printer. I bought it because it was cheap, color and > worked with Linux. Big mistake. I rarely print out color and the color > jets dried out and were unusable. Tossed it. > > My fourth (current) printer is a Ricoh color laser. It was not cheap > though. I knew it worked with Linux because it has built-in PostScript > *and* PDF, supports ipp, LPD, etc. and it's built-in OS is actually > based on FreeBSD. It also comes with PPD files on CD. Although the > printer itself wasn't cheap, the cartridges are actually not bad. > > My suggestion would be not go go cheap. Nowadays you can get a color > laser w/ built-in PostScript for around $400. The output is fast and > great (compared to ink jets) and It Just Works [tm] with Linux. I'd > rather spend the extra money and be happy with my choice, but that's > just me. > > -a > > > > -- Hazen Valliant-Saunders IT/IS Consultant (613) 355-5977
Re: [gentoo-user] Buying a low-cost printer for Linux
On Wed, 2008-12-03 at 19:44 -0800, Mark Knecht wrote: > Does anyone have a good way of figuring out what printers that you can > actually buy in the retail market place actually have support in > Linux? I sure don't. My first Linux printer was a *used* Apple LaserWriter (with serial port). I knew it worked with Linux because it had built-in PostScript and they guy I bought it from actually used it on his Sun workstation. It weighed 600 lbs and printed 0.25 pages per minute but the output was awesome! My second Linux printer was a Lexmark LED printer. I knew it was Linux-compatible because it actually came with a CD that had Linux drivers on it. It was relatively inexpensive although the cartridges weren't. My third Linux printer was a Canon ink jet. It would be my first and last ink jet printer. I bought it because it was cheap, color and worked with Linux. Big mistake. I rarely print out color and the color jets dried out and were unusable. Tossed it. My fourth (current) printer is a Ricoh color laser. It was not cheap though. I knew it worked with Linux because it has built-in PostScript *and* PDF, supports ipp, LPD, etc. and it's built-in OS is actually based on FreeBSD. It also comes with PPD files on CD. Although the printer itself wasn't cheap, the cartridges are actually not bad. My suggestion would be not go go cheap. Nowadays you can get a color laser w/ built-in PostScript for around $400. The output is fast and great (compared to ink jets) and It Just Works [tm] with Linux. I'd rather spend the extra money and be happy with my choice, but that's just me. -a
Re: [gentoo-user] Curious pattern in log files from ssh...
On December 3, 2008, Steve wrote: > Dmitry S. Makovey wrote: > >> Erm - surely I either need to set up my client to port-knock... which > >> is a faff I'd rather avoid... in order to use the technique. > > > > nope. just start connection. wait a minute. cancel. start another one. > > wait a minute. cancel. start new one - voila! :) > > Eeew... especially as this would apply to all connections - even the > ones where I have a DSA key. I might be able to cope with this if it > only applied to my initial connection, from which I could grab a copy of > the DSA key. Ok, let's theoreticise some more. My paranoia feels particularly frisky today, so here it is: remember, I've mentioned origianlly that once you authenticate successfully once with DSA key - your IP is whitelisted. So subsequent connections go right through. > > well. Nobody but you knows your requiremens and specifics - we're just > > listing options. It's up to you to either take 'em or leave 'em ;) > > Fair enough - but I've still not found an option for sharing/using > shared block lists for bot-nets. Open a Wiki page on Wikipedia, update it every so often and provide simple parser for it so others can recycle same IPs. Since it's a Wiki page - others can update it as well (including botnet owners, but then they'd have to reveal themselves - tricky situation) :) P.S. I think I'd better stop with my mad science projects here before I go too far and invent brand new theory on host protection ;) -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245 signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] cannot burn dvd
That didn't help, and I still get the error. At least now it shows the ata exception that can be found in dmesg logs from googling "cdrecord ahci sata". It looks like a controller timeout (this has happened before, causing DMAR error lines in dmesg). Is it worth disabling AHCI or not? And should this be also asked on lkml because this looks like a controller/driver/ahci issue? I don't want to contribute to the information overload between the [PATCH X/Y] foo and other messages. On 2008-12-04, Andrey Vul <[EMAIL PROTECTED]> wrote: > On Thu, Dec 4, 2008 at 03:43, Joerg Schilling > <[EMAIL PROTECTED]> wrote: >> "Andrey Vul" <[EMAIL PROTECTED]> wrote: >> >>> cdrecord (2.01.01a53) hangs when trying to write to a SATA dvd drive >>> using libsg. When I set SATA mode in BIOS to Compatability, the >>> burning works but somehow the 8x speed is reduced to 1x. >>> >>> Chipset: Intel ICH9M (AHCI) >>> DVD Burner: Hitachi-LG DVD-Multi mini-SATA >> >> Try ts=63k >> It may be that the Linux kernel has a problem with biger DMA sizes. >> I am going to go back to this as default after it turns out that only >> FreeBSD is able to handle biger sizes correctly. >> > > > Well, nvidia has a binary blob for FreeBSD and if iwl5000 is > supported, bye-bye Linux, hello FreeBSD! > > -- > Andrey Vul > > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? > A: Top-posting. > Q: What is the most annoying thing in e-mail? > > Steve Martin - "I've got to keep breathing. It'll be my worst > business mistake if I don't." > -- Andrey Vul A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail?
Re: [gentoo-user] emerge --update pulling in enlightenment-0.16.9999.050
On Thursday 04 December 2008 16:50:20 Willie Wong wrote: > > It's a convention. No sane coder will ever release a package with version > > , that is conventionally used by devs for their development stuff in > > cvs/svn/git/whatever, so vapier is just falling in line. > > Not exactly what I meant. But your answer above already solve the > problem: in my opinion it is one thing to "fall in line" for each > package (in this case, enlightenment) separately, and a completely > different thing to just make the assumption that version numbers > will never be used (practical experience aside, of course :) ). yeah, those things that will "never happen" somehow always do happen. Like Y2k :-) > I will probably just suck it up and install e17 anyway: I use DR16 on > my stable desktop, but mostly fvwm on my testing laptop. I tried DR17 > a bit back on my laptop, but way back then something in the chain of > DR17-Xorg-my ATI video card doesn't like the eye candy. I'll give it > another try to see if it has miraculously gotten better. (Though I am > rather fond of my fvwm setup now; I just wish I can figure out a way > to get transparencies to play nice with some of the quirky stuff I > have in my configs.) e17 doesn't like transparency and compiz-style effects. You can get it to work with the bling module or by using a compositing manager like xcompmgr or a derivative, but I found it wasn't exactly stable on nVidia. You may have better luck with ATI. -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] emerge --update pulling in enlightenment-0.16.9999.050
On Thu, Dec 04, 2008 at 09:08:53AM +0200, Penguin Lover Alan McKinnon squawked: > The answer is not in the ebuild, it's in the eclass. You will find it at > $PORTDIR/ecalss/enlightenment.eclass. I'll take you through the relevant bits > step by step. Lines 34 to 58 are the relevant ones, and everything afterwards > depends on the value assigned to E_STATE. I'll assume you are familiar with > bash's parameter expansion syntax (man bash, line 1135 if not) > > E_STATE="release" > if [[ ${PV/} != ${PV} ]] ; then > E_STATE="live" > elif [[ -n ${E_SNAP_DATE} ]] ; then > E_STATE="snap" > else > E_STATE="release" > fi D'oh. My earlier snip was also from the same eclass. For some reason I just didn't look hard enough to see if those variables were defined in the same file. Thanks! > > In other words, is it hardcoded somethere in portage that all > > version numbers automatically trigger that variable above to be live? > > Or is there some configuration somewhere? > > It's a convention. No sane coder will ever release a package with version > , that is conventionally used by devs for their development stuff in > cvs/svn/git/whatever, so vapier is just falling in line. Not exactly what I meant. But your answer above already solve the problem: in my opinion it is one thing to "fall in line" for each package (in this case, enlightenment) separately, and a completely different thing to just make the assumption that version numbers will never be used (practical experience aside, of course :) ). > so you could simply emerge a specific version and as long as your keywords > were correct in portage.keywords, the right thing would happen. Okay, so since I run a mostly ~x86 system, I can just keyword mask e17 if I don't want those packages. I will probably just suck it up and install e17 anyway: I use DR16 on my stable desktop, but mostly fvwm on my testing laptop. I tried DR17 a bit back on my laptop, but way back then something in the chain of DR17-Xorg-my ATI video card doesn't like the eye candy. I'll give it another try to see if it has miraculously gotten better. (Though I am rather fond of my fvwm setup now; I just wish I can figure out a way to get transparencies to play nice with some of the quirky stuff I have in my configs.) > I recommend you do what I did - read the eclass and all the ebuilds, plus man > 5 ebuild, plus a long wiki document I found on the dev section at gentoo.org > written by Ciaran McCreesh. I've read man 5 ebuild and the HOWTO on the gentoo.org page. Haven't seen Ciaran's wiki document yet. I think (if I have some time) I should take your advice and just read the eclass and the ebuilds. I read about ebuilds when I was trying to write a ebuild myself--3 days into the effort, something still wasn't working, and someone else beat me by putting one into sunrise. C'est la vie. Thanks W PS, I'll give e17 another look. Perhaps I'll take you up on your offer for the overlay. -- I couldn't repair your brakes, so I made your horn louder. Sortir en Pantoufles: up 727 days, 13:15
Re: [gentoo-user] cannot burn dvd
On Thu, Dec 4, 2008 at 03:43, Joerg Schilling <[EMAIL PROTECTED]> wrote: > "Andrey Vul" <[EMAIL PROTECTED]> wrote: > >> cdrecord (2.01.01a53) hangs when trying to write to a SATA dvd drive >> using libsg. When I set SATA mode in BIOS to Compatability, the >> burning works but somehow the 8x speed is reduced to 1x. >> >> Chipset: Intel ICH9M (AHCI) >> DVD Burner: Hitachi-LG DVD-Multi mini-SATA > > Try ts=63k > It may be that the Linux kernel has a problem with biger DMA sizes. > I am going to go back to this as default after it turns out that only > FreeBSD is able to handle biger sizes correctly. > Well, nvidia has a binary blob for FreeBSD and if iwl5000 is supported, bye-bye Linux, hello FreeBSD! -- Andrey Vul A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Steve Martin - "I've got to keep breathing. It'll be my worst business mistake if I don't."
Re: [gentoo-user] ssmtp & at&t woes
On Wed, Dec 3, 2008 at 1:28 PM, Mick <[EMAIL PROTECTED]> wrote: > > > Have a go at adding: > > UseSTARTTLS=YES > > and remove: > > UseTLS=YES > > -- > Thanks for the suggestion, but ssmtp doesn't like it: [<-] 220 smtp119.sbc.mail.sp1.yahoo.com ESMTP [->] EHLO tobey [<-] 250 8BITMIME [->] STARTTLS [<-] 502 unimplemented (#5.5.1) send-mail: Cannot open smtp.att.yahoo.com:587 Can't send mail: sendmail process failed with error code 1 John
Re: [gentoo-user] Curious pattern in log files from ssh...
Simon wrote: > Since it is very unlikely that the attacker is targeting you > specifically, changing the port number (and removing root access) will > very likely stop the attack forever. Though, if the attacker did > target you, then you will need some more security tools (intrusion > detection, etc...). I recognise that this doesn't seem to be a targeted attack - but it is still frustrating to find that someone has evaded my IP blocking strategy... even though they pose only a slightly elevated risk by having done so. (Of course, I don't permit root login - that would be madness... and, as far as I'm aware, no-one has guessed even a valid user name... they're all obscure!) The thing that strikes me is that, in evading my blocking strategy, they clearly identified a bot-net of compromised hosts. With this in mind, ideally, I'd like to: 1. Automatically detect and block all future attacks on all ports from all hosts which are involved in this coordinated attack. These hosts can't be trusted not to be malicious. 2. Somehow inform the administrator of the hosts attacking me (in a respectful way) since, I presume, they are unaware that their host is involved in the attack. 3. Ideally, share this kind of information so that myself and others are better protected from bot-net attacks in future. It's the sort of thing I imagine has already been done - and there's no point in re-inventing the wheel.
Re: [gentoo-user] Curious pattern in log files from ssh...
Steve пишет: I've recently discovered a curious pattern emerging in my system log with failed login attempts via ssh. Previously, I noticed dictionary attacks launched - which were easy to detect... and I've a process to block the IP address of any host that repeatedly fails to authenticate. What I see now is quite different... I'm seeing a dictionary attack originating from a wide range of IP addresses - testing user-names in sequence... it has been in progress since 22nd November 2008 and has tried 7195 user names in alphabetical order from 521 distinct hosts - with no successive two attempts from the same host. I'm not particularly concerned - since I'm confident that all my users have strong passwords... but it strikes me that this data identifies a bot-net that is clearly malicious attempting to break passwords. Sure, I could use IPtables to block all these bad ports... or... I could disable password authentication entirely... but I keep thinking that there has to be something better I can do... any suggestions? Is there a simple way to integrate a block-list of known-compromised hosts into IPtables - rather like my postfix is configured to drop connections from known spam sources from the sbl-xbl.spamhaus.org DNS block list, for example. Break in attempts today (attempted username/IP address): -- Hi. Best of all you can add iptables rules. It's better then use any script. Also take a note that there are no "known-compromised hosts" because ANY IP can be forged. I've sometimes seen such rules in the internet. These I use in my firewall: iptables -A INPUT -i eth0 -p tcp -m state --state NEW --dport 22 -m recent --name sshattack --set iptables -A INPUT -i eth0 -p tcp -m state --state NEW --dport 22 -m recent --name sshattack --rcheck --seconds 60 --hitcount 4 -j LOG -m limit --limit 3/minute --limit-burst 3 --log-level 4 --log-prefix 'SSH REJECT: ' iptables -A INPUT -i eth0 -p tcp -m state --state NEW --dport 22 -m recent --name sshattack --rcheck --seconds 60 --hitcount 4 -j REJECT --reject-with tcp-reset These rules give you possibility to use your ssh service from any IP but reject repeated login attempts from malicious users. You can tune parameter --hitcount to limit amount of sequential login attempts per minute. Also you can look at /proc/net/ipt_recent/sshattack for malicious IPs and how often they were used. Best regards, Evgeniy B. smime.p7s Description: S/MIME Cryptographic Signature
Re: [gentoo-user] gtk-sharp or glade-sharp : what to do
2008/12/4 Helmut Jarausch <[EMAIL PROTECTED]>: > > Unfortunately, that's not a solution > emerge dev-dotnet/art-sharp > > gives > > All ebuilds that could satisfy >=dev-dotnet/gtk-sharp-2.12[glade] > are masked. Do you use stable portage? So I guess after > All ebuilds that could satisfy >=dev-dotnet/gtk-sharp-2.12[glade] comes masked by EAPI=2 or similar. So you need portage >=2.1.6_rc1. -- Regards, Daniel
Re: [gentoo-user] checksumming files
On Thu, 4 Dec 2008 07:10:06 +, Mick wrote: > Despite that the concatenated file often works > (e.g. if it is a video file it'll play alright). > > Can you explain this? Should I be using a different check to verify > the integrity of the ftp'd file? An MD5 check will fail if one bit is changed, which won't affect the playback of a video file. Try it with a large compressed tarball and you'll notice a difference. -- Neil Bothwick --T-A+G-L-I+N-E--+M-E-A+S-U-R+I-N-G+--G-A+U-G-E-- signature.asc Description: PGP signature
Re: [gentoo-user] gtk-sharp or glade-sharp : what to do
On 3 Dec, Florian Philipp wrote: > Helmut Jarausch schrieb: >> Hi, >> >> some packages need gtk-sharp, others glade-sharp and >> mono-tools needs both. >> >> But gtk-sharp-2.12.6-r1 has a negative dependency on >> glade-sharp. >> >> So, one cannot install both. >> >> Who cuts this Gordian knot? >> >> Helmut. > > gtk-sharp-2.10 doesn't block glade-sharp. > simply do: > echo '>gtk-sharp-2.10.2' >> /etc/portage/package.mask > Unfortunately, that's not a solution emerge dev-dotnet/art-sharp gives All ebuilds that could satisfy >=dev-dotnet/gtk-sharp-2.12[glade] are masked. -- Helmut Jarausch Lehrstuhl fuer Numerische Mathematik RWTH - Aachen University D 52056 Aachen, Germany
Re: [gentoo-user] fixed in cvs - which cvs ?
2008/12/4 Helmut Jarausch <[EMAIL PROTECTED]>: > reading bug reports, I often see 'fixed in cvs'. > > Which cvs and how can I check it out? This means the CVS-repository holding the portage tree. Take a look here [1] in the gentoo-x86 repository (aka portage-tree). There is no need to check it out wait a few hours and sync your tree to get the changes applied. [1] http://sources.gentoo.org/ -- Regards, Daniel
Re: [gentoo-user] cannot burn dvd
"Andrey Vul" <[EMAIL PROTECTED]> wrote: > cdrecord (2.01.01a53) hangs when trying to write to a SATA dvd drive > using libsg. When I set SATA mode in BIOS to Compatability, the > burning works but somehow the 8x speed is reduced to 1x. > > Chipset: Intel ICH9M (AHCI) > DVD Burner: Hitachi-LG DVD-Multi mini-SATA Try ts=63k It may be that the Linux kernel has a problem with biger DMA sizes. I am going to go back to this as default after it turns out that only FreeBSD is able to handle biger sizes correctly. Jörg -- EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin [EMAIL PROTECTED](uni) [EMAIL PROTECTED] (work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
[gentoo-user] fixed in cvs - which cvs ?
Hi, reading bug reports, I often see 'fixed in cvs'. Which cvs and how can I check it out? Many thanks for a hint, Helmut. -- Helmut Jarausch Lehrstuhl fuer Numerische Mathematik RWTH - Aachen University D 52056 Aachen, Germany
[gentoo-user] cannot burn dvd
cdrecord (2.01.01a53) hangs when trying to write to a SATA dvd drive using libsg. When I set SATA mode in BIOS to Compatability, the burning works but somehow the 8x speed is reduced to 1x. Chipset: Intel ICH9M (AHCI) DVD Burner: Hitachi-LG DVD-Multi mini-SATA None of the google links helped me. -- Andrey Vul A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail?