Re: [PLUG] Unprivileged ports to unprivileged ports...
Agree with using DROP for bad traffic. IMO, the only time to expend the effort to REJECT is if you care about the client. On Fri, Apr 21, 2017, 19:06 Chuck Hastwrote: > I have always liked "drop". > > On Fri, Apr 21, 2017 at 6:05 PM, Cryptomonkeys.org < > lou...@cryptomonkeys.org > > wrote: > > > Typically, connections come from unprivileged ports. The destination is a > > mixed bag. Some services run on privileged ports, some done. Web and mail > > are examples of things that run on privileged ports. Databases (mysql > 3306, > > postgresql 5432) are examples of things that don’t run on privileged > ports. > > > > Best practice is to either block or drop connections to ports where you > > aren’t running services. The choice is yours. The difference is that > block > > sends a communication back to the sender letting them know communication > is > > prohibited, drop does not do this. > > > > > > > On Apr 21, 2017, at 7:02 PM, Michael Christopher Robinson < > > mich...@robinson-west.com> wrote: > > > > > > I'm getting a lot of probes from unprivileged TCP ports to unprivileged > > > TCP ports on my Internet connected server. No connections, but I'm > > > wondering if I should just reject these? Same for UDP. What protocols > > > might I use that would require connection in the unprivileged port > > > range for both client and server? I'm not running ftp on this server. > > > ___ > > > PLUG mailing list > > > PLUG@lists.pdxlinux.org > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > > > > > > -- > > Louis Kowolowskilou...@cryptomonkeys.org > > Cryptomonkeys: > > http://www.cryptomonkeys.com/ > > > > Making life more interesting for people since 1977 > > > > ___ > > PLUG mailing list > > PLUG@lists.pdxlinux.org > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > > -- > > Chuck Hast -- KP4DJT -- > Glass, five thousand years of history and getting better. > The only container material that the USDA gives blanket approval on. > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Show of hands/poll on tcpdump
Fair to middling, mostly can find what's needed without searching, but still regularly search for syntax on advanced matching filters On Mon, Jun 27, 2016, 5:41 PM Dick Steffenswrote: > On 6/27/2016 10:55 AM, Michael Rasmussen wrote: > >> If asked to self assess your tcpdump comfort level would you reply with: > >> > >>* I'm great, what do you need done? > >>* I'm comfortable, can do capture with filtering > >>* I'm rusty, but could spin up quick > >>* Only use it with the man page handy for reference > >>* tcpwhat? > >> > >> Back story after a few responses roll in. > >> > > Well, to provide a floor, "tcpwhat?" > > -- > Regards, > > Dick Steffens > > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Considering a new hard drive?
Neat, love these kinds of articles. Have you read any of the Backblaze hard drive studies? Really interesting HDD reliability data from a massive dataset. Also very good reading. On Tue, Mar 8, 2016, 7:06 PM Michael Rasmussenwrote: > The best article I've ever seen comparing models. > Limited to Western Digital only. > > > https://www.pugetsystems.com/labs/articles/Understanding-the-WD-Rainbow-674/ > > -- > Michael Rasmussen, Portland Oregon > Be Appropriate && Follow Your Curiosity > Interviewer: Do you ever try to compose so it doesn't sound like Philip > Glass? > Philip Glass: I do it all the time and I fail all the time. > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Linux distributions
On Wed, 2015-08-19 at 22:17 -0700, King Beowulf wrote: On 08/19/2015 05:51 PM, Nathan Williams wrote: I'll echo the endorsement for CentOS 7. It's reasonably new enough to offer new-ish packages for desktop use, while also being the gold standard for stability and long term support (EOL in June 2024). Add in EPEL and elrepo for extras, and you've got a pretty solid system that you won't have to totally replace every 6 months. CentOS is no longer an independent project, more like a test bed for Redhat. I'd dispute this phrasing (specifically in re: independence). Red Hat is indeed a major contributor/supporter, with a majority of seats on the governance board, but CentOS is and remains a community led/developed distribution, certainly to a greater extent than e.g. Ubuntu is independent of Canonical. I have yet to see Ubuntus lack of independence mentioned as a reason to avoid Ubuntu as an end-user. As for being a test-bed, it's certainly a more innovative CentOS community than in the past, but most of that work is going on in SIGs, so doesn't have a lot of impact for someone using core CentOS and not one of the SIG-derived products like RDO, Atomic or the Cloud images. Being supported for 10 years is great for a server, not so much for end-user desktops. For a desktop, some system files just can't be upgraded past a certain point without compromising system stability. Agreed. I'd expect a desktop user to upgrade distros on average every 3 -5 years, basically following typical hardware upgrade lifecycles. In addition, it's got that new-fangled systemd init system that all the major distros are going to be on within the next year or so, so you won't end up having a really core piece of the system be different from what everyone else is running (better supportability if you need help down the road). Cheers, Nathan W the OP may want to hold off on any distro jumping on systemd. While the issues and controversy concerning systemd may not mean much to end users, it does to DEVELOPERS. You know, the guys and gals that create the software that creates a linux distribution and the various programs we want to use. I knew I'd regret mentioning this as an advantage the moment I sent it, and I'm guessing from the tone of the reply that it struck a nerve. If so, I'm sorry, and I sympathize. But, given the broad range of distros who are consolidating around systemd, it seems reasonable to conclude that the majority of the developers who do build linux distributions are in favor. As you noted, it probably doesn't matter much to an end-user either way. What does typically matter quite a lot to end-users, and the reason I mentioned it at all, is the availability of support for issues. Since an undeniable majority of Linux users either already are, or shortly will be using systemd-based distros, I figured I'd mention it as a point in favor (sticking with the herd), but that's truly the limit of the degree of the intended endorsement. Personally, I'm pretty ambiguous about it overall (migrating was rather unexciting, both for workstation and servers), though I'm happy for many of the new resource-control capabilities that the integration with cgroups has made available to me as an administrator. Regards, Nathan W -Ed ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Linux distributions
I'll echo the endorsement for CentOS 7. It's reasonably new enough to offer new-ish packages for desktop use, while also being the gold standard for stability and long term support (EOL in June 2024). Add in EPEL and elrepo for extras, and you've got a pretty solid system that you won't have to totally replace every 6 months. In addition, it's got that new-fangled systemd init system that all the major distros are going to be on within the next year or so, so you won't end up having a really core piece of the system be different from what everyone else is running (better supportability if you need help down the road). Cheers, Nathan W On Wed, Aug 19, 2015 at 5:04 PM Michael Rasmussen mich...@jamhome.us wrote: On Wed, Aug 19, 2015 at 01:56:53PM -0700, Nat Taylor wrote: On Wed, Aug 19, 2015 at 12:43 PM, Michael Rasmussen mich...@jamhome.us wrote: On Wed, Aug 19, 2015 at 08:16:39AM -0700, Nat Taylor wrote: I've been using Arch Linux with the cinnamon desktop. Works great once you get it installed. I used the guide in Linux Voice magazine. I suggest reading some of those magazines, and taking a look at distrowatch.com . As mostly a user now I find Linux Mint (LTS versions) with the Mate desktop manager works great. For servers I've started moving to Debian. My terse reply of Not Arch was made before seeing this message. The OP wrote isn't cutting edge. I don't know of a distribution that is less cutting edge than Arch. How they manage to keep it organized and well functioning is a mystery. But they do. And I get the very current versions of the photo and video editors that drew me to it. But if you're not looking for that level of upstream tracking, stay away. OK, pacman is also a very excellent package manager. Looks like it's been 3 years since I installed Arch on this box, never had a problem with an upgrade, although it looks like there are only 12 packages i've installed from the AUR, all but three of them done by hand (did just install yaourt recently for a more automated process) I guess it is cutting edge though, I figured it was right up there with slackware for ease of installation, and learning about linux while you install. It's always been stable for me. I think I started with mandrake 5 and debian woody, moved to ubuntu for a while, then deserted and hopped distros for a while before landing on Mint then Arch Everything you say agrees completely with my experience. As an added point my last distro before Arch was Kubuntu LTS and it was a much bigger PTIA to maintain. My response was based on the OP's stated preferences. No matter how good Arch is it's not a match for his described target. -- Michael Rasmussen, Portland Oregon Be Appropriate Follow Your Curiosity The fastest way to become rich is to socialize with the poor; the fastest way to become poor is to socialize with the rich. ~ Nassim Taleb ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] TONIGHT: August PLUG Advanced Topics: Using Mozilla's Heka project for log and event stream processing
Hi all, Wanted to send a quick followup to last nights talk. I realized this morning that I mistakenly pulled up the standby LB node when we were looking at heka's CPU utilization during the QA (should've known when the CPU use was on the floor...) In any case, the *correct* CPU utilization looks more like this: http://i.imgur.com/SExzwGc.png Thanks again to all who came, I had a blast! Cheers, Nathan W On Tue, Aug 18, 2015 at 12:54 PM Michael Dexter dex...@ambidexter.com wrote: Portland Linux/Unix Group Advanced Topics Meeting Announcement Who: Nathan Williams What: Using Mozilla's Heka project for log and event stream processing Where: Free Geek, 1731 SE 10th Avenue, Portland (Left Entrance) When: Tuesday, August 18th, 2015 at 7pm Why: The pursuit of technology freedom Stream: http://pdxlinux.org/live/ Talk: A Practical Introduction to Scalable Stream Processing with Heka and how the log and event processing system at Treehouse has evolved from a typical Elasticsearch/Logstash/Kibana setup into a Heka-based system. We will also discuss the why behind this move and where we are headed. Heka is an open source stream processing software system developed by Mozilla. Heka is a “Swiss Army Knife” type tool for data processing, useful for a wide variety of different tasks, such as: * Loading and parsing log files from a file system. * Accepting statsd type metrics data for aggregation and forwarding to upstream time series data stores such as graphite or InfluxDB. * Launching external processes to gather operational data from the local system. * Performing real time analysis, graphing, and anomaly detection on any data flowing through the Heka pipeline. * Shipping data from one location to another via the use of an external transport (such as AMQP) or directly (via TCP). * Delivering processed data to one or more persistent data stores. https://github.com/mozilla-services/heka Nathan is a sysadmin by trade who's been into Linux, automation and data for the last 10 years and is currently working at Treehouse as a systems developer. Calagator Page: http://calagator.org/events/1250468938 Many will head to the Lucky Lab at 915 SE Hawthorne Blvd. after the meeting. Rideshares Available PLUG Page with information about all PLUG events: http://pdxlinux.org/ Follow PLUG on Twitter: http://twitter.com/pdxlinux PLUG is open to everyone and does not tolerate abusive behavior on its mailing lists or at its meetings. See you there! Michael Dexter PLUG Volunteer ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Home Router Recommendations
I'll add my vote for the RT-N66U; I've had one for a bit over a year now, and it's been pretty solid. The stock firmware's nice, but I ended up putting beta dd-wrt on it (my wife diagnosed me with chronic fiddler syndrome...), which also works quite well. On Fri, Jul 31, 2015 at 7:12 PM John Bartley K7AAY j...@503bartley.com john.bart...@gmail.com wrote: When I was doing Xbox Net Support for very fussy gamers, the rigs of choice were the ASUS RT-66U and the WNDR3800/3700. Also j...@503bartley.com 503.343.9399 or 503.227.8539 ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] What CMS to use ?
if you can get away with it, i'd suggest a static site generator like middleman or jekyll. much easier to host and operate, and way fewer security considerations. On Mon, Jul 13, 2015 at 1:46 PM Rich Shepard rshep...@appl-ecosys.com wrote: On Mon, 13 Jul 2015, Louis Kowolowski wrote: You may want to investigate some static site generators, and, to be fair in comparisons, check out things like wordpress, drupal, etc Some time last year there were reports of a wordpress vulnerability that was being exploited; probably fixed by now. Pick the one that looks like it will do what you want and be the least amount of effort to maintain going forward (this could be either on the server side, or the client side. for example upgrading pkgs on a regular basis may not be something you want to do. you may decide you want to be able to manage content via the browser. etc.) If the ISP hosts the software Pete needs only provide the content. Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Multi host init system?
i haven't had to actually do this yet, but if i understand the systemd socket-activation concept correctly, that may be a useful building block for putting something like this together (service gets started when another service tries to access it over the network). thankfully we don't have any super order-dependent services like that (they just enter a retry loop until their dependencies are available), but i'm tempted to try it out now :) On Thu, Jul 9, 2015 at 11:57 PM Martin A. Brown mar...@linux-ip.net wrote: Hello there, I have an app that is distributed across a dozen servers. There are several processes involved, some with dependencies on processes running on other servers. What app would you recommend for starting the whole thing up in an orderly manner? Is it possible to adjust the pieces of software so that there is no required 'orderly' startup? I ask because--if the application requires synchronized startup of services across multiple machines, then what happens when one of the services (or nodes) early in that dependency chain fails during operation? For example, let's imagine services A through I, each of which must be launched before the subsequent can launch: A - B - C - D - E - F - G - H - I Assuming normal, orderly, coordinated startup, great. Now, everything is running. Suppose that service C fails. What happens? Will the application still run? Do D through I need to be restarted (or just D)? If it is possible to adjust the individual services so that each of them can run and retry, fail gracefully, or even fail hard (as fast as possible, please) to contend with dependency issues, I would recommend that. Perhaps you have already addressed that question or are in the (unenviable) position of contending with feature-complete software that is ready for deployment. Since you are in the 10+ node realm, I think I'd also agree with using some sort of configuration management (somebody suggested Ansible). With this many nodes, it's an operational truism that one of them will kick the bucket during your dog's midnight birthday party [0] and you'll want to be able to move the service quickly to another node. Hurrah for the well-worn configuration management tools. This is the modern take on startup script dependencies, just now with more network in-between! Everybody needs more network in-between! Not an easy problem. Anyway, good luck with this conundrum! -Martin [0] Silicon devices sense these moments and cherish destroying our equanimity. -- Martin A. Brown http://linux-ip.net/ ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Changes At whatismyip.com
i alternate periodically between using a cloud-hosted script on my linode that dumps the clients IP, and using icanhazip.com (also supports ipv6). no registration required, and haven't hit any limits yet. there's also: http://v4.ipv6-test.com/api/myip.php, which seems to work pretty well. On 01/14/2013 09:12 AM, Rich Shepard wrote: Thanks to Bill Barry I use whatismyip.com in a shell script that runs every 15 minutes. If Frontier has changed my IP address, then the script effects that change at the registrar's DNS servers. Today I actually read the message associated with an IP address change and learned that whatismyip.com has removed the Microsoft .asp version of their tool. Now, an un-registered user gets 5 IP address lookups per _day_. With a free account a registered user gets 12 IP address lookups per _hour_. Since my cron job runs 4 times per hour that is certainly adequate for my needs. The provider also has two higher-level memberships for pay (from $1/month to $50/year). For others here using (or considering using) whatismyip.com, here's the URL to sign up for the free (or paid) services: http://www.whatismyip.com/membership-options/ Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Changes At whatismyip.com
On 01/14/2013 12:52 PM, Michael Dexter wrote: On 1/14/13 10:06 AM, Nathan Williams wrote: i alternate periodically between using a cloud-hosted script on my linode that dumps the clients IP... Nice. A script you can share? sure, though it's not very clever or anything ?php print $_SERVER['REMOTE_ADDR']; ? icanhazip.com http://v4.ipv6-test.com/api/myip.php Nice and clean! yes, there's several nice options that don't require you to parse out the junk, though some eventually started injecting html, which is why i have my fallback option :) (Unless of course you want a weigh loss ad with your public IP information.) Michael ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Changes At whatismyip.com
On 01/14/2013 01:58 PM, Rich Shepard wrote: On Mon, 14 Jan 2013, King Beowulf wrote: I've had various DSL and cable providers over the years, and never found my dynamic IP to change very often. With Comcast now and my IP hasn't changed in a year! Checking very 15 minutes seems to be a bit overkill. Typically, you will have a IP lease time and then only swap out when the modem reboots. For the small game server I run under my desk, I typically have dyndns only check once every 24hrs. Ed, Ever since Frontier took over Verizon Northwest's land lines and stopped supporting static IP addresses (at least for ISPs like Aracnet/SpiritOne), I get a new IP address frequently. It's slowed down some now but I was getting 30-40 changes a day (usually from the evening to the next morning). Now I see only 3-4 every day or two. Before I started checking frequently I'd often log in early in the morning and find that mail stopped arriving some time during the previous evening or night. Then I'd need to find my current IP address and manually update the DNS servers. PITA. Yeah, I know that DHCP leases are supposed to be longer, but apparently no one told Frontier about that. Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug that's insanity. i can't imagine this makes managing their network any easier, i wonder why they'd have such a short lease cycle? -- Nathan ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Chrome vs. Chromium: Which is the Web Browser and Which the OS?
On 01/01/2013 09:30 AM, Rich Shepard wrote: On Tue, 1 Jan 2013, Rich Shepard wrote: I find the source for chromium on the SlackBuilds.org site (184M worth) but am having issues building it as the build script says the 212M file is not complete. Sigh. Oops! The file when downloaded is 192M, not 212M. Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug there's two chromes, and two chromiums: one a browser, one an OS. The OS is generally referred to as Chrome/Chromium OS to help with the confusion. chromium is the open-source core of the browser/OS, minus some proprietary stuff like the built-in flash plugin. chrome download: https://www.google.com/intl/en/chrome/browser/ chromium browser download: http://www.chromium.org/Home chromium OS download: http://www.chromium.org/chromium-os as for why chromium won't build... no idea... did you check the md5sum to verify the download? regards, nathan w ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Chrome vs. Chromium: Which is the Web Browser and Which the OS?
On 01/01/2013 09:45 AM, Rich Shepard wrote: On Tue, 1 Jan 2013, Nathan Williams wrote: chromium is the open-source core of the browser/OS, minus some proprietary stuff like the built-in flash plugin. Nathan, So installing the chromium browser won't enable viewing flash videos any more than they can be viewed with firefox or opera? chrome download: https://www.google.com/intl/en/chrome/browser/ Browser or OS? :-) indeed. Google seems to have a habit of picking project names that are not very indicative of their purpose. as for why chromium won't build... no idea... did you check the md5sum to verify the download? Downloaded the source again and now it's building. Or, can the 11.2 version of flashplayer be found and installed in any browser? chromium should pick up the flashplayer like firefox does if you've got it installed in any of the usual locations (e.g. /usr/lib/adobe-flashplugin/libflashplayer.so) Thanks, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
[PLUG] reco: pdx colo facility
hi plug folks, while this isn't directly related to linux/unix, i'm looking for reco's/info on a solid *locally owned* and managed colo facility to rack a 1U server for the Ubuntu Oregon group. My goals are: Price: ~$100/mo or less Access: 7a-7p 7days/wk as a minimum, my work hours would make it hard to get down there during normal business hours Location: within an hour's drive of hillsboro, i don't wanna have to go to the dalles, vancouver, or salem Remote hands: in the event that things go sideways, is it possible to get a kvm hooked up or a manual power cycle without incurring exorbitant expenses? Reliability: solid network and reliable power, failover plans for both. thanks in advance! nathan williams ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] bug in PLUG mailing list software?
On Mon, 2012-09-10 at 09:25 -0500, Richard Owlett wrote: I've had some _occasional_ problems replying to *THIS* list. If I send To: plug@lists.pdxlinux.org I do not believe I've ever seen a problem. However, if I hit Reply and the To: comes up as General Linux/UNIX discussion and help; civil and on-topic plug@lists.pdxlinux.org I generally get a error message. Some experimentation suggests the semicolon is the culprit. I use User agent: Mozilla/5.0 (Windows NT 5.1; rv:15.0) Gecko/20120826 Firefox/15.0 SeaMonkey/2.12 Build identifier: 20120826214753 My OS is WinXP Pro SP3 -- yes I'm in process of moving to a real OS ;) Comments? yeah, i've encountered the same thing, and found the same solution. cheers, nathan w ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Anyone using Webmin?
I don't, but my coworker uses it extensively. I'll see what he thinks about doing a talk. Michael Dexter dex...@ambidexter.com wrote: I couldn't help but notice that Webmin 1. is still around and 2. now has VM and cloud management features. Is anyone using it? Might anyone want to present on it? Michael ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] local linux certification
On 07/31/2012 06:09 PM, MJang wrote: On Mon, 2012-07-30 at 21:35 -0700, Nathan Williams wrote: On 07/30/2012 09:16 PM, eduncli...@gmail.com wrote: all my searches seem to indicate that I'll need to travel to Seattle to actually take the test. Is this accurate? I believe that's accurate. I know that this was the case when I looked into it last summer. darn. it seems a mite surprising that this would be the case, but I suppose it's not the end of the world. Alternately accepting general cert/study recommendations if there's anything I should know ahead of time? I don't. I fantasize about finding work abroad and decided to focus on LPI certificates. But, I am curious about what kind of lab you set up for you RHCSA study. my lab is a fluctuating number of CentOS KVM guests based on how functional any of them are at a given time. The minimum number of rhel images you can get away with is about 3. I've just been working through chapters 1-9 of Michael Jang's RHCSA/RHCE Red Hat Linux Certification Study Guide. Dear Nathan, Eamonn, Assuming the indulgence of the group, you're welcome to ask questions here (or privately by email) if you run into book related issues. (Nathan, your lab sounds fine.) Thanks, Mike ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug Hi Mike! I didn't know you were on the list! Thanks for writing such a great book. If I run into any problems, I'll be sure to let you know :). Cheers, Nathan W ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
[PLUG] local linux certification
Hey folks, I've been studying for the RHCSA, but all my searches seem to indicate that I'll need to travel to Seattle to actually take the test. Is this accurate? If not, could you point out how my google-fu is failing? Alternately accepting general cert/study recommendations if there's anything I should know ahead of time? TIA, Nathan W ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] local linux certification
On 07/30/2012 09:16 PM, eduncli...@gmail.com wrote: all my searches seem to indicate that I'll need to travel to Seattle to actually take the test. Is this accurate? I believe that's accurate. I know that this was the case when I looked into it last summer. darn. it seems a mite surprising that this would be the case, but I suppose it's not the end of the world. Alternately accepting general cert/study recommendations if there's anything I should know ahead of time? I don't. I fantasize about finding work abroad and decided to focus on LPI certificates. But, I am curious about what kind of lab you set up for you RHCSA study. my lab is a fluctuating number of CentOS KVM guests based on how functional any of them are at a given time. The minimum number of rhel images you can get away with is about 3. I've just been working through chapters 1-9 of Michael Jang's RHCSA/RHCE Red Hat Linux Certification Study Guide. -Eamonn Sent via BlackBerry from T-Mobile -Original Message- From: Nathan Williams nat...@nathanewilliams.com Sender: plug-boun...@lists.pdxlinux.org Date: Mon, 30 Jul 2012 21:11:52 To: plug@lists.pdxlinux.org Reply-To: General Linux/UNIX discussion and help; civil and on-topic plug@lists.pdxlinux.org Subject: [PLUG] local linux certification Hey folks, I've been studying for the RHCSA, but all my searches seem to indicate that I'll need to travel to Seattle to actually take the test. Is this accurate? If not, could you point out how my google-fu is failing? Alternately accepting general cert/study recommendations if there's anything I should know ahead of time? TIA, Nathan W ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] REALITY CHECK - was [Re: Debian netinst.iso vs Wifi hot spot]
On 07/24/2012 06:17 PM, Richard Owlett wrote: chris (fool) mccraw wrote: On Tue, Jul 24, 2012 at 3:33 PM, Paul Heinleinheinl...@madboa.com wrote: That's my best guess as to what's happening. seconded. You might have luck in a smaller, self-managed venue like a neighborhood coffee shop, but it's going to be a hit-or-miss proposition. Or, run a live distro and accept the clickthru and then reboot into the installer. But IMNSHO it's kind of a dick move to install at a coffee shop (unless it's one that you own), since you will eat up all of the available bandwidth at a business that is trying to serve multiple people. Sorry folks ;/ My questions WAS: Anyone successfully installed Debian using netinst.iso when *ONLY* available internet connection was via a public Wifi hot spot? Please don't GUESS at possible problems when I asked if anyone has *EVER* succeeded? BTW 1. Location is a public library 2. I've routinely connected using Debian, Ubuntu and EVEN Windows(tm) - never having been asked to agree to any terms. LOL Being in a distant suburb (~2000 miles SE) , AKA Show Me State ;) And the answer is ??? ?? ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug I've never succeeded at your specified task, and upon reading it had a response like this: http://www.youtube.com/watch?feature=player_detailpagev=0Xl50qKVkqE#t=3961s but good luck! - nathan w ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] REALITY CHECK - was [Re: Debian netinst.iso vs Wifi hot spot]
On 07/24/2012 06:54 PM, Richard Owlett wrote: Nathan Williams wrote: On 07/24/2012 06:17 PM, Richard Owlett wrote: chris (fool) mccraw wrote: On Tue, Jul 24, 2012 at 3:33 PM, Paul Heinleinheinl...@madboa.com wrote: That's my best guess as to what's happening. seconded. You might have luck in a smaller, self-managed venue like a neighborhood coffee shop, but it's going to be a hit-or-miss proposition. Or, run a live distro and accept the clickthru and then reboot into the installer. But IMNSHO it's kind of a dick move to install at a coffee shop (unless it's one that you own), since you will eat up all of the available bandwidth at a business that is trying to serve multiple people. Sorry folks ;/ My questions WAS: Anyone successfully installed Debian using netinst.iso when *ONLY* available internet connection was via a public Wifi hot spot? Please don't GUESS at possible problems when I asked if anyone has *EVER* succeeded? BTW 1. Location is a public library 2. I've routinely connected using Debian, Ubuntu and EVEN Windows(tm) - never having been asked to agree to any terms. LOL Being in a distant suburb (~2000 miles SE) , AKA Show Me State ;) And the answer is ??? ?? ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug I've never succeeded at your specified task, and upon reading it had a response like this: http://www.youtube.com/watch?feature=player_detailpagev=0Xl50qKVkqE#t=3961s but good luck! - nathan w Chuckle, but I've only dial-up available at home -- that's why I have to make trips to library for any high speed access ;) Could you summarize? Or are you going force me to wait for next opportunity visit a library? ROFL ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ouch. i begin to understand your conundrum. if you've seen The Point (1971), with Harry Nilsson, it's The Count, yelling madness! sheer maaadne! ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Postfix: fixing a 'host not found' rejection
I suspect this is due to a reject_unknown_sender_domain instruction in the smtpd_recipient_restrictions clause. As long as your whitelist check comes first, you can skip the requirement. Assuming it fits the facts, maybe try something like: check_sender_access hash:/etc/postfix/sender_access Rich Shepard rshep...@appl-ecosys.com wrote: There is a domain being rejected by postfix because 'host not found.' I put that domain name in /etc/postfix/rhsbl_sender_exceptions with an 'OK'. This has resolved the issue for many other domains, but not this one. A typical log entry is: Jul 6 04:42:19 salmo postfix/smtpd[20260]: connect from mail.hornady.com[69.20.192.122] Jul 6 04:42:21 salmo postfix/smtpd[20260]: NOQUEUE: reject: RCPT from mail.hornady.com[69.20.192.122]: 450 4.7.1 barracuda.hornady.com: Helo command rejected: Host not found; from= to=rshep...@twodogs.us proto=ESMTP helo=barracuda.hornady.com Jul 6 04:42:21 salmo postfix/smtpd[20260]: disconnect from mail.hornady.com[69.20.192.122] Is this a mal-formed message at the sender's end (notice noting in the from= in the 5th line)? Please suggest how I can tweak postfix to receive messages from this domain. Thanks, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
[PLUG] Debian / Ubuntu Bug Squashing Party
Greetings! Join us at PSU for another Debian / Ubuntu Bug Squashing Party, June 16, 2012 from 10am - 8pm. We'll be focusing on multi-arch, bitesize, and more. Building is at 4th and College. Room 86-01 is in the basement, take the elevator or stairs down to basement and follow the signs. Event Links, pick your poison: - http://loco.ubuntu.com/events/ubuntu-us-or/1789/detail/ http://calagator.org/events/1250462401 Regards, Nathan Williams ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] photo stitching SW?
I can vouch for hugin, have used multiple times to great success. On Nov 14, 2010 15:57, Denis Heidtmann lt;denis.heidtm...@gmail.comgt; wrote: What photo stitching software do people recommend? Pandora plug-in for GIMP, Hugin, enblend, and photoxx are listed in Synaptic. Anybody have experience with any of these? I have a few pix I took as panoramas, and I would like to put them together. I have done this before using sw that came with my camera (Canon), but that only works in Windows, and I would like to avoid that if I can. Thanks, -Denis ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] slightly OT, Internet media and OpenDNS...
Regarding item 5, this sounds a lot like moblock, which has all of the features you described, with lots of ways to define whitelist/blacklist traffic and use custom lists for the same. -- Sent from my Palm Pre On Oct 27, 2010 23:58, Michael C. Robinson lt;plu...@robinson-west.comgt; wrote: 1) I want to go from clear text passwords in flat text files accessed by a perl based cgi script to possibly salted passwords in a database. 2) I want a daemon operating on the firewall machines that can detect inactivity and close out that host(s). 3) I want redirecting when a user tries to go out and the firewall is closed, but I don't want to force everyone through a proxy. 4) I want my web page to have a feature that allows web based adding and editing of computers, users, passwords, and access profiles. 5) I want a black list and/or a white list of Internet sites, but I don't want to implement this via a proxy. OpenDNS would be the preferred way to implement this. I don't know how to do 1-5. Concerning 2, I wonder if sleeping computers will answer ping probes? With regard to a daemon, I'm not certain how to write one let alone how to detect inactivity across a firewall for a specific period of time. Item 3 is done on PSU's wireless network, but maybe they use a proxy. Item 4 is something of an upgrade to my existing system. Item 5 seems to be a necessity to get around OpenDNS's shortcomings. If I have to blacklist locally and I can do this without using a proxy, maybe I can integrate editing of the black lists/white lists into my existing web page. I can use php or perl I suppose. Can I throw packets to user space, find out where they are trying to go, check if a name on a black list or white list resolves to the destination IP, and then dynamically decide what to do with the packet at the packet layer? What is the best way to do this? Should I implement a DNS based ip blacklist where external ip addresses are mapped to 127.0.0.x addresses? Maybe I should mimic postfix's hash files and read these files using perl. I'm thinking something like: some.bad.site DROP # Blacklisted some.good.site ACCEPT # Whitelisted . . . I guess I need a simple caching name server that updates every time the retrieved information can change to go the hash file route. The cache should be populated with the listed names. Item 5 is what I need to implement ASAP. I guess one option is to have an iptables chain called whitelist and another one called blacklist. Trouble is, how do I keep the ip addresses in these chains correct? One look up is enough, I don't want to check every single packet. ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] flash problems x86_64...
Adobe has a new 64bit beta out called adobe square, and you just copy the .so to ~/.mozilla/plugins . It's worked really well for me for a while now. -- Sent from my Palm Pre On Oct 21, 2010 7:13, Michael C. Robinson lt;plu...@robinson-west.comgt; wrote: Apparently, there is no standard way to watch flash content on an x86_64 Linux distribution. Adobe evidently has pulled their 64 bit flash player, not the Windows version of course. Anyone know of a good workaround? For how long is this likely to remain a problem? This is why I stuck with my old Pentium 4 for so long. I'm running Fedora 13 x86_64 where the 32 bit flash player doesn't seem to work. I wish an open source flash replacement would come out that works with the boneheaded web sites that require adobe flash player. ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Turning AVI into DVDs
Deevedee is great software forr burning dvd's on linux. I'm not positive on the spelling -- Sent from my Palm Pre On Sep 5, 2010 11:38, Bill Barry lt;b...@billbarry.orggt; wrote: On Sun, Sep 5, 2010 at 11:34 AM, Bill Barry lt;b...@billbarry.orggt; wrote: gt; Handbrake is a nice tool for this. gt; gt; Bill Barry Correction: This turns DVD's into avi's. I don't know much about the reverse process. Bill gt; gt; On Sun, Sep 5, 2010 at 10:59 AM, Scott Howard lt;show...@k-hlaw.comgt; wrote: gt;gt; In the dark world we use dvd flick to turn an avi into a dvd that can be gt;gt; played in a standard dvd player. nbsp;Is there a linux equivalent or how do gt;gt; you do this? gt;gt; gt;gt; Scott Howard gt;gt; ___ gt;gt; PLUG mailing list gt;gt; PLUG@lists.pdxlinux.org gt;gt; http://lists.pdxlinux.org/mailman/listinfo/plug gt;gt; gt; ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] For httpd Gurus
If you are looking at the source of the rendered page, you should not see any php code. Try with lt;?php phpinfo(); ?gt; instead.nbsp; -- Sent from my Palm Pre On Sep 5, 2010 14:29, Rich Shepard lt;rshep...@appl-ecosys.comgt; wrote: On Sun, 5 Sep 2010, Michael Rasmussen wrote: gt; Right click and choose view source to find out. That shows me the source, all right: lt;? phpinfo(); ?gt; Is there a syntax error in there? Does it matter if it's on one line or three lines? Thanks, Michael, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] For httpd Gurus
Argh. Stupid phone is jacking up symbols... Point is to try specifying php after the question mark on the opening tag...nbsp; -- Sent from my Palm Pre On Sep 5, 2010 14:54, Nathan Williams lt;nat...@nathanewilliams.comgt; wrote: If you are looking at the source of the rendered page, you should not see any php code. Try with amp;lt;?php phpinfo(); ?amp;gt; instead.amp;nbsp; -- Sent from my Palm Pre On Sep 5, 2010 14:29, Rich Shepard amp;lt;rshep...@appl-ecosys.comamp;gt; wrote: On Sun, 5 Sep 2010, Michael Rasmussen wrote: amp;gt; Right click and choose view source to find out. That shows me the source, all right: amp;lt;? phpinfo(); ?amp;gt; Is there a syntax error in there? Does it matter if it's on one line or three lines? Thanks, Michael, Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Financial security on the net
This is true, and something to plan for. It's also why lots of merchants are switching to zero dollar auth checks, though this also comes w/ headaches, as not all card issuers support it, and may decline zero dollar auths even if funds are available. -- Sent from my Palm Pre On Aug 18, 2010 18:30, Bruce lt;kd7...@gmail.comgt; wrote: On 08/18/2010 09:59 AM, nat...@nathanewilliams.com wrote: gt; On Wed, 18 Aug 2010 09:45:27 -0700, Pete Lancashirelt;xyzzy...@gmail.comgt; gt; wrote: gt; gt;gt; One thing I do is I keep only a small amount in the account I do any gt;gt; Debit Card gt;gt; transactions with. Most of the time it only has $300-400 in it. It is gt;gt; a hassle but gt;gt; I look at it as a sacrificial line of defense. gt;gt; gt;gt; -pete gt;gt; gt;gt; gt;gt; gt; another thing i've started seeing a lot of people doing, which seems gt; fairly intelligent, is to use pre-paid cards for online transactions. the gt; only downside to this is that lots of merchants require address validation gt; be performed to reduce their exposure to chargebacks. fortunately the gt; pre-paid cards have a number where you can call the vendor (visa/mstr, gt; whatev) and add an address in their system so the card can pass AVS. gt; gt; nathan w gt; non servium gt; ___ gt; PLUG mailing list gt; PLUG@lists.pdxlinux.org gt; http://lists.pdxlinux.org/mailman/listinfo/plug gt; If the prepaid only has enough for the purchase available, when the online company tests the card for $1 to make sure it is a valid card, then the transaction won't go through for lack of $1. I found this out when I ordered a ham radio online. Bruce ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Problem Wireless USB Device in OpenSuSe. Works in Ubuntu
I've had tons of issues w/ knetwork mgr and wireless nics. Tried it out in opensuse gnome? I just went through the same slog in kde opensuse and kde fedora w/ no luck, but gnome's networkmgr worked like a charm. -- Sent from my Palm Pre On Jun 28, 2010 8:29 AM, Keith lt;ac7xc...@comcast.netgt; wrote: It appears that everything is setup, but I have no network access. ping or traceroute do not work. wlan0 IEEE 802.11bg ESSID:dlink Mode:Managed Frequency:2.432 GHz Access Point: 00:18:E7:CB:B2:20 Bit Rate=36 Mb/s Tx-Power=20 dBm Retry long limit:7 RTS thr:off Fragment thr:off Encryption key: foo Power Management:off Link Quality=70/70 Signal level=-38 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 linux-nxy3:~ # ifup wlan0 wlan0 name: RTL8187B_WLAN_Adapter wlan0 warning: WPA configured but may be unsupported wlan0 warning: by this device wlan0 warning: wpa_supplicant already running on interface DHCP4 client is already running on wlan0 IP address: 192.168.0.103/24 This is from the router. It shows that the USB WiFI card is connected, but no network activity with the wireless USB card in OpenSuSE. Wireless LAN Wireless Radio : Enabled 802.11 Mode : Mixed 802.11n, 802.11g and 802.11b Channel Width : 20MHz Channel : 5 Secondary Channel : WISH : Active Wi-Fi Protected Setup : Enabled/Configured Guest Wi-Fi Protected Setup : Enabled/Not Configured SSID List Network Name (SSID) Guest MAC Address Security Mode dlink No 00:18:e7:cb:b2:20 WPA/WPA2 - Personal If I plug the USB WiFI into a Ubuntu Laptop it works with no problems. There must be something else I have to do? I have gone into YaST network setup and added DHCP support. ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug