Boston Linux and Unix Installfest XX, Saturday March 4, 2006 9AM - 5PM
When: Saturday, March 4, 2006 9:00 am to 5:00PM Location: MIT Building E51 Room 061-063 Please note that there is ample parking in front of the building. The rooms are located on the basement floor opposite the elevator. A periodic get-together where volunteers from our group help people with Linux installation and other hands-on issues. We have reserved an additional room to use for some short seminars. We have limited space, so first come first served. Bring your complete system including Monitor, Keyboard, Mouse, power strips, power cords, etc. Please bring the Linux distribution you wish to load onto your system. We generally have a few copies available for use. We'll help you load all needed software onto your hard drive. Cost It's free! However, we DO have expenses, and contributions are welcome. Please consider contributing $25 per machine. For directions, parking, and more detailed instructions please check out the BLU website: http://www.blu.org/cgi-bin/calendar/2006-ifest20 -- Jerry Feldman [EMAIL PROTECTED] Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9 signature.asc Description: PGP signature
Bypassing DNS?
Hi all, Is there a way to tell the resolver libs that if you can't connect to the DNS service, to just abort and return? Setting /etc/nsswitch.conf to hosts: dns [unavail=continue|return] files still seems to result in a slight hang while the lookup occurs... -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Bypassing DNS?
On Thursday 23 February 2006 12:41 pm, Paul Lussier wrote: Hi all, Is there a way to tell the resolver libs that if you can't connect to the DNS service, to just abort and return? Setting /etc/nsswitch.conf to hosts: dns [unavail=continue|return] files still seems to result in a slight hang while the lookup occurs... That slight hang would be the timeout of the DNS request. I'm guessing it's about 2 seconds. If you want more immediate response, I would suggest running a local instance of BIND as a caching server. It can even just forward all requests to your primary DNS servers if you'd like. The benefit of doing this is that you can set more aggressive timeouts on your local instance without affecting other users of the real DNS server. Then, your resolv.conf can point to localhost and your nsswitch will fail back to files more quickly. Would that work? -N ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Bypassing DNS?
hosts: files [NOTFOUND=continue] dns [NOTFOUND=return]On 2/23/06, Paul Lussier [EMAIL PROTECTED] wrote:Hi all,Is there a way to tell the resolver libs that if you can't connect to the DNS service, to just abort and return? Setting /etc/nsswitch.conf tohosts: dns [unavail=continue|return] filesstill seems to result in a slight hang while the lookup occurs...--Seeya, Paul___gnhlug-discuss mailing listgnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss-- A strong conviction that something must be done is the parent of many bad measures.- Daniel Webster
Re: Bypassing DNS?
Tom Buskey [EMAIL PROTECTED] writes: hosts: files [NOTFOUND=continue] dns [NOTFOUND=return] Nope, still hangs: # time host foo Nameserver not responding eg.foo.com A record not found, try again real0m14.996s user0m0.000s sys 0m0.000s -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Bypassing DNS?
Neil Schelly [EMAIL PROTECTED] writes: That slight hang would be the timeout of the DNS request. Yeah, I know what it is, I need a work around for it :) I'm guessing it's about 2 seconds. More like 15: # time host foo Nameserver not responding foo.foo.com A record not found, try again real0m14.996s user0m0.000s sys 0m0.000s If you want more immediate response, I would suggest running a local instance of BIND as a caching server. It can even just forward all requests to your primary DNS servers if you'd like. snip Would that work? Probably not. This is for an embedded system, for which the desire is a little complexity as possible. Configuring a caching name server would a significant layer of complexity for which our support people are not qualified to deal with. Additionally, the configuration of the caching server would be a royal pain to build into our installation process. -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: list of commands utilities
[EMAIL PROTECTED] (Kevin D. Clark) writes: Might I suggest instead that you read the associated documentation for these things?: bash, tr, sed, awk, test, perl, cut, sort, uniq, mv, cp, find, grep, ssh, scp, tar, gzip, bzip2, fortune I'm sure that I missed quite a few things here, but this prunes the list down by quite a bit. Still, if you want to be familiar with command line tools, these are a good place to start. You can't go wrong by fully grokking what these things do. Additionally, each of the man pages for these commands should have See Also: section, which will, in turn, lead to more commands. -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
forensic evidence collection tools?
Hi all, I'm trying to debug a problem on a set of systems. Is there something I run, say from a usb key or a Knoppix CD which will collect all interesting information and deposit it somewhere else? -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Bypassing DNS?
Paul Lussier wrote: Neil Schelly [EMAIL PROTECTED] writes: That slight hang would be the timeout of the DNS request. Yeah, I know what it is, I need a work around for it :) I'm guessing it's about 2 seconds. More like 15: # time host foo Nameserver not responding foo.foo.com A record not found, try again real0m14.996s user0m0.000s sys 0m0.000s If you want more immediate response, I would suggest running a local instance of BIND as a caching server. It can even just forward all requests to your primary DNS servers if you'd like. snip Would that work? Probably not. This is for an embedded system, for which the desire is a little complexity as possible. Configuring a caching name server would a significant layer of complexity for which our support people are not qualified to deal with. Additionally, the configuration of the caching server would be a royal pain to build into our installation process. Try swapping the order of hosts and dns in /etc/nsswitch. Also, have you tried options timeout:1 in /etc/resolv.conf? (This will give you a 1 second timeout). --Bruce ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
RE: forensic evidence collection tools?
Title: RE: forensic evidence collection tools? Paul, I work on and contribute to the ftimes project which does very well to collect all file system information. It can also search for a unique pattern (pcre) across a file system, which I've used to identify trojan files. It can be found here: http://ftimes.sourceforge.net/FTimes/index.shtml If you're trying to do incident response, I would recommend webjob. I presented it at the ghnlug last week ... not sure if you were there, but webjob was designed to perform incident response on a large number of systems. I've used it quite effectively to harvest information from a bunch of windows machines. WebJob has many advantages including aggregating the data at a central server. It can be found here: http://webjob.sourceforge.net/WebJob/index.shtml If you're looking for a quick list of forensic tools, this is a good spot: http://www.opensourceforensics.org/ >From time-to-time I guest teach an undergrad commputer forensics course, I'd be glad to talk more about forensics if you would like. Andy -Original Message- From: [EMAIL PROTECTED] on behalf of Paul Lussier Sent: Thu 2/23/2006 2:30 PM To: gnhlug-discuss@mail.gnhlug.org Subject: forensic evidence collection tools? Hi all, I'm trying to debug a problem on a set of systems. Is there something I run, say from a usb key or a Knoppix CD which will collect all interesting information and deposit it somewhere else? -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Bypassing DNS?
On 2/23/06, Paul Lussier [EMAIL PROTECTED] wrote: Is there a way to tell the resolver libs that if you can't connect to the DNS service, to just abort and return? Setting /etc/nsswitch.conf to hosts: dns [unavail=continue|return] files still seems to result in a slight hang while the lookup occurs... The real issue here is: How does the stub resolver library know it can't connect to the DNS service? If the full-service resolver (the nameserver configured in /etc/resolv.conf) is unresponsive for some reason, the resolver has no way of knowing that. Remember, UDP is stateless, so all the stub can do is send a query and wait for a reply. If the query packet goes into a black hole, the stub will never know that. You can set a timeout in the resolver that says, in effect, If you don't hear back within X seconds, give up. Bruce posted the config option for that, but that small timeout may cause false timeout errors when things really are working. DNS can take a couple seconds even when everything is working right, and unusual conditions can make things worse. On 2/23/06, Paul Lussier [EMAIL PROTECTED] wrote: If you want more immediate response, I would suggest running a local instance of BIND as a caching server. Probably not. This is for an embedded system, for which the desire is a little complexity as possible. Configuring a caching name server would a significant layer of complexity for which our support people are not qualified to deal with. You really think so? A caching-only nameserver requires no configuration with BIND, about all you have to do is install it. You might want to pre-configure a restriction that it only listens to the localhost, but that config file would be the same everywhere. Even if you wanted to configure forwarders, you could do that with a simple included file. What's the big deal? If you're worried about footprint, DJB's tinydns caching-only resolver is, well, pretty tiny. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: list of commands utilities
Paul Lussier wrote: Additionally, each of the man pages for these commands should have See Also: section, which will, in turn, lead to more commands. And those commands will lead to more commands... and so on until, after only a few decades, you'll have learned most of the Unix commands available. ;-) -- Dan Jenkins ([EMAIL PROTECTED]) Rastech Inc., Bedford, NH, USA --- 1-603-206-9951 *** Technical Support for over a Quarter Century ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
DLSLUG Monthly Meeting - March 2nd
*** Dartmouth-Lake Sunapee Linux Users Group http://www.dlslug.org/ *** The next regular monthly meeting of the DLSLUG will be held: Thursday, March 2nd, 7-9PM at: Dartmouth College, Carson Hall Room L01 All are welcome, free of charge. Agenda 7:00 Sign-in, networking 7:15 Introductory remarks 7:20 Xaraya Xaraya is an extensible, Open Source web application framework written in PHP and licensed under the GNU General Public License. Xaraya delivers the requisite infrastructure and tools to create custom web applications that include fully dynamic multi-platform Content Mangement Solutions (CMS). Xaraya's modular, database independent architecture introduces tools that separate form, function, content, and design with on-the-fly extensions allowing greater control and versatility. Jonathan will present an overview of Xaraya, its architecture, core modules, and extension modules, including a brief demonstration how to get started developing web sites using the Xaraya platform. Examples will be used from current live web sites. Jonathan is principal of Parkerhill Technology Group, a strategic management and web development firm, and has over 25 years of entrepreneurial and technical experience ranging from small start-ups to multinational corporations. He holds a Masters degree in Media Technology from MIT, and serves on several boards including the Software Assocation of NH (SwANH), Amoskaeg Business Incubator in Manchester NH, MIT Enterprise Forum of NH, and North Country Council CEDS (economic development strategy). Jonathan lives in northern Grafton County on a retired dairy farm with his wife and 4 young children. 8:30 Roundtable Exchange - where the attendees can make announcements or ask a linux question. Please see the website for links to directions. If any area companies are interested in sponsoring refreshments, please let me know. Please RSVP so we can give a theoretical refreshment sponsor a headcount. - MAILING LISTS There are two primary mailman lists set up for DLSLUG, an Announce list and a Discuss list. Please sign up for the Announce list (moderated, low-volume) to stay apprised of the group's activities and the Discuss list (unmoderated) for group discussion. Links to the mailing lists are on the webpage. Please pass this announcement along to anyone else who may be interested. - Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 [EMAIL PROTECTED] Cell: 603.252.2606 http://www.bfccomputing.com/Page: 603.442.1833 Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-announce mailing list gnhlug-announce@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-announce ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss