Re: [Hampshire] Samsung N145+ netbook (battery life)
Thanks Benjie. The N145+ was left on charge all last night and it seems a lot better for it! My thinking was that if there are some cells that are not fully charged, an overnight trickle through the charged ones would do some good. Previously, I'd believed the indicator; it's yellow when charging and green when it's charged. Apparently it's over-optimistic. I booted it up on battery power early this morning and have had it running two programs concurrently (pun intended :-) ) ever since. It is now showing 3hr:40min of power remaining - big improvement. I'll let it run until the battery goes flat then charge it again for a lot of hours. I'll post the result; it may be helpful to others. Tony Wood (from Linux Netbook) On 16/11/11 22:44, Benjie Gillam wrote: Had the same issue with an Eee a few years ago, sent it back and the replacement worked fine. In fact it still does, I was using it only yesterday! Benjie -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk -- -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] test message
On Wed, 2011-11-16 at 22:53 +, Vic wrote: I have over 3500 email addresses Vic the spam king then ;-) Nope. SpamAssassin does a fine job of keeping me largely spam-free. Rejecting forged addresses has a significant effect, too... Some years ago I used regularly to change email addresses, though all on my own domains. My server started to get very very slow, and when I investigated it was because it was trying to dump around 6000 spams a day, was not clearing them as quickly as they were coming in and as a result had become completely constipated. (Admittedly with SA as a script on an old machine, the compiled version solved that). G. -- Gordon Scottwww.gscott.co.uk 01256-476547 0794-1958207 -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] test message
My server started to get very very slow, and when I investigated it was because it was trying to dump around 6000 spams a day I get rather more than that :-) The trick is to reject (never bounce) the spam as early as possible. At the moment, the bulk seem to be forging the same address as they're sending to (i.e. pretending to be me). My SPF filter punts them out in short order before it even gets to SpamAssassin :-) Vic. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
[Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
Hi Guys, I'm wondering if anyone has done this. I can easily get a VPN from by desktop PC using the NetworkManager applet, but the server is headless, so no applet. I've now tried a whole load of different 'this is how to do PPTP to Windows' articles and howtos, but none seem to quite get there. Does anyone know where I can find a guide that works? Thanks, Gordon. -- Gordon Scottwww.gscott.co.uk 01256-476547 0794-1958207 -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] test message
On Thu, 2011-11-17 at 10:59 +, Vic wrote: My server started to get very very slow, and when I investigated it was because it was trying to dump around 6000 spams a day I get rather more than that :-) Very likely; that was 8 years ago. The trick is to reject (never bounce) the spam as early as possible. At the moment, the bulk seem to be forging the same address as they're sending to (i.e. pretending to be me). The slow server day was also the very day that I finally gave up on courtesy bounces. My SPF filter punts them out in short order before it even gets to SpamAssassin :-) I now let my ISP do most of it. Seems to work OK as I lose little I expect, and I see little I don't expect. G. -- Gordon Scottwww.gscott.co.uk 01256-476547 0794-1958207 -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] test message
The slow server day was also the very day that I finally gave up on courtesy bounces. Bounces are not a courtesy; they are a significant part of the spam problem. If you don't want an email *reject* it. Do not take it from the proffering MTA. Otherwise, if it is mis-addressed, you either swallow it (with any innocent originator not knowing what has happened, and so assuming that delivery went OK as per the mail log), or else you bounce it with the ever-growing likelihood that you've just sent a penis pill spam with a bounce notice to someone who has nothing whatsoever to do with the conversation. I now let my ISP do most of it. I find that ISPs never actually do what I want them to. Many of them seem to employ what I shall refer to as a spectrum of technical competence[1]. They also lose my traceability (which is important to me). Seems to work OK as I lose little I expect, and I see little I don't expect. How do you deal with creating many unique email addresses? What do you do with the inevitable spam that comes to them? Vic. [1] The ISP I used to work for had one guy who was absolutely amazing. Knew everything. Couldn't be faulted. But you'd usually end up with someone else dealing[2] with the ticket... [2] And I use the word quite wrongly, of course. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
Hello Gordon, On Thu, November 17, 2011 13:15, Gordon Scott wrote: Hi Guys, I'm wondering if anyone has done this. I can easily get a VPN from by desktop PC using the NetworkManager applet, but the server is headless, so no applet. I've now tried a whole load of different 'this is how to do PPTP to Windows' articles and howtos, but none seem to quite get there. Have you considered trying OpenVPN? Unfortunately it means that you will have to install a client on the Windows side of things, but OpenVPN is in the standard repositories for Ubuntu. Does anyone know where I can find a guide that works? Here is one that looks good: http://library.linode.com/networking/openvpn/ubuntu-10.04-lucid Pay close attention to the certification parts and make sure you don't miss out steps. Just to be clear, under no circumstances can I recommend that you use PPTP, it is simply too insecure. Yes, PPP does have some form of encryption that can be switched on, and while it's one step up from sending stuff in clear-text (I exaggerate, but PPTP is bad), you don't want to have to rely on that. -- Regards, Jan Henkins -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] test message
On Thu, 2011-11-17 at 14:29 +, Vic wrote: The slow server day was also the very day that I finally gave up on courtesy bounces. Bounces are not a courtesy; they are a significant part of the spam problem. Sadly that's true. Once upon a time, e-mail was either delivered or bounced and could be relied upon to do only one of those two things. Unfortunately the spammers have completely wrecked what once was a reliable totally system. If you don't want an email *reject* it. Do not take it from the proffering MTA. Otherwise, if it is mis-addressed, you either swallow it (with any innocent originator not knowing what has happened, and so assuming that delivery went OK as per the mail log), or else you bounce it with the ever-growing likelihood that you've just sent a penis pill spam with a bounce notice to someone who has nothing whatsoever to do with the conversation. That was the decision to which, regretfully, I came around 8 years ago. I now let my ISP do most of it. I find that ISPs never actually do what I want them to. Many of them seem to employ what I shall refer to as a spectrum of technical competence[1]. They also lose my traceability (which is important to me). I use ukfsn.org, which is likely still a one-man show and the one man is very competent but not, of course, available 24/7. Seems to work OK as I lose little I expect, and I see little I don't expect. How do you deal with creating many unique email addresses? What do you do with the inevitable spam that comes to them? postfix handles all my mail, though there aren't all _that_ many email addresses any more (and the thousands of mail-IDs to which I used to get them are long gone). procmail filters what gets to me and dumps assorted stuff into /dev/null I really don't now see very much spam. Vic. [1] The ISP I used to work for had one guy who was absolutely amazing. Knew everything. Couldn't be faulted. But you'd usually end up with someone else dealing[2] with the ticket... My one guy parted company with his previous ISP, so I followed him to his new start-up. [2] And I use the word quite wrongly, of course. [Grin] was there a touch of irony in that, then :-) ATB, Gordon. -- Gordon Scottwww.gscott.co.uk 01256-476547 0794-1958207 -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
On Thu, 2011-11-17 at 14:35 +, Jan Henkins wrote: Have you considered trying OpenVPN? Unfortunately it means that you will have to install a client on the Windows side of things, but OpenVPN is in the standard repositories for Ubuntu. Yes, but without the OpenVPN client at the Windoze end, which might be the problem. Does anyone know where I can find a guide that works? Here is one that looks good: http://library.linode.com/networking/openvpn/ubuntu-10.04-lucid Pay close attention to the certification parts and make sure you don't miss out steps. It's certainly a more complete guide than most^H^H^H^H any other I've seen. I'll be exploring my way through it. Just to be clear, under no circumstances can I recommend that you use PPTP, it is simply too insecure. Yes, PPP does have some form of encryption that can be switched on, and while it's one step up from sending stuff in clear-text (I exaggerate, but PPTP is bad), you don't want to have to rely on that. Unfortunately pptp is what's on offer. The whole system there is managed by an outside company and they don't understand anything except Windoze and maybe some Mac. They're pretty good at what they do, but I get 'rabbits in the headlights' looks if I mention Linux. I have been looking at putting in a Linux box alongside and doing IPsec rather than pptp, though I'm not sure how well the rabbits would take to the idea. ATB, Gordon. -- Gordon Scottwww.gscott.co.uk 01256-476547 0794-1958207 -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
Yes, but without the OpenVPN client at the Windoze end, which might be the problem. There's a Windows installer for OpenVPN. I used it many moons ago. ISTR deciding never to do that again, but I can't remember why... It's certainly a more complete guide than most^H^H^H^H any other I've seen. I'll be exploring my way through it. I got PPTP working from RHEL3 to Server2003 some years back. I'll see if I can find the details later. Unfortunately pptp is what's on offer. The whole system there is managed by an outside company and they don't understand anything except Windoze and maybe some Mac. They're pretty good at what they do, but I get 'rabbits in the headlights' looks if I mention Linux. I have been looking at putting in a Linux box alongside and doing IPsec rather than pptp, though I'm not sure how well the rabbits would take to the idea. If you've got a Mac server on site, you'd probably find it easier to run an encrypted tunnel to that as your main transit, then fan out whatever traffic you need from there. SSH is dead handy :-) Vic. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
On 17/11/2011 14:35, Jan Henkins wrote: Just to be clear, under no circumstances can I recommend that you use PPTP, it is simply too insecure. Yes, PPP does have some form of encryption that can be switched on, and while it's one step up from sending stuff in clear-text (I exaggerate, but PPTP is bad), you don't want to have to rely on that. +1 OpenVPN is OK - I use it myself. Jacqui -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
Hi, On Thu, November 17, 2011 15:22, Gordon Scott wrote: Yes, but without the OpenVPN client at the Windoze end, which might be the problem. Cool, no problems there. The Windows client is a proper executable installer, and you can pre-create a configuration file and set of CA keys for them to dump into the client's configuration directory. All they will then have to figure out is to make it start up automatically, which is not too difficult. Does anyone know where I can find a guide that works? Here is one that looks good: http://library.linode.com/networking/openvpn/ubuntu-10.04-lucid Pay close attention to the certification parts and make sure you don't miss out steps. It's certainly a more complete guide than most^H^H^H^H any other I've seen. I'll be exploring my way through it. It's a good one indeed. :-) Unfortunately pptp is what's on offer. The whole system there is managed by an outside company and they don't understand anything except Windoze and maybe some Mac. They're pretty good at what they do, but I get 'rabbits in the headlights' looks if I mention Linux. I have been looking at putting in a Linux box alongside and doing IPsec rather than pptp, though I'm not sure how well the rabbits would take to the idea. You can help them concentrate on what they do best by preparing things for them in advance. :-) There are pros and cons for both OpenVPN and IPSec. I think that Windows actually have IPSec support built in to it's standard networking stack, so you don't have to specifically install anything new. However, I'm not too sure about this, since I don't have the benefit of an IPSec rig to test with at the moment. Last time I set up IPSec I also found it to be quite complex due to the way I had to punch holes through the company firewall, while OpenVPN does everything through a single UDP port. On the other hand, OpenVPN does need the installation of the client software on the Doze server, but it's really really easy. Furthermore the server-side is really easy to set up too. So read through the HOWTO and let me know how you get on. I actually have a few shortcuts for you in terms of configuration files etc, but it's better if you first develop an understanding on the basics of OpenVPN. Network security purists will say IPSec is more secure than OpenVPN (pure SSL-based VPN), and I suppose it is, even if I haven't seen data to support this. So, you have both as solid options, and I think that with some care and a bit of pre-planning no rabbits needs be harmed in the process! :-) Somebody on the list mentioned SSH tunnels, which is an option. On the Windows side you have Putty, which can be set up to do tunnels with ease. Whether you can do this in a non-interactive manner, I'm not too sure, but it is a solid third option. -- Regards, Jan Henkins -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
There are pros and cons for both OpenVPN and IPSec. There is a huge downside for IPSec if you're running stuff behind a NAT router - you need to be able to route protocols that aren't TCP or UDP. Many (predominantly cheap) NAT routers simply won't do this. IPSec can work through NAT, but it's not pretty. A former colleague of mine used to get /29 subnets for his customers just so he could put the IPSec-capable servers on a routable address. I cringed, but he was my boss... Vic. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
On 17 November 2011 13:15, Gordon Scott gor...@gscott.co.uk wrote: Hi Guys, I'm wondering if anyone has done this. I can easily get a VPN from by desktop PC using the NetworkManager applet, but the server is headless, so no applet. I've now tried a whole load of different 'this is how to do PPTP to Windows' articles and howtos, but none seem to quite get there. Does anyone know where I can find a guide that works? PPTP is kind of nasty. On a level of 0 to 10, with 0 being no security to 10 being very secure, PPTP would score 0. I would recommend IPSEC but I have really bad experiences with anything talking to the Windows implementation of IPSEC. For example, Linux, Juniper, Cisco and most firewalls that support IPSEC VPNs fail to work to a Windows machine. The IPSEC connection works, but as soon as a rekey happens it all falls apart. We even had a paid 24x7 support contract direct with Microsoft, and they still refused to fix it. In summary, do not use windows for any sort of VPN endpoint. The support you get if it does not work is crap. I would make sure the company put in a purpose built VPN gateway so that people can connect with normal VPN clients, such as CISCO, JUNIPER, Checkpoint etc. There are very cheap VPN boxes out there from about £50 upwards, and they actually work! James -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --