Re: sudo - was Re: FWIW: AlmaLinux now available.
Probably not applicable to many installations, but when I was the sole admin for a couple of compute clusters, raid systems, and numerous backend servers, *everything* I did required root privs, so I just set them all up so when I ssh'd in, I was root. Didn't have time to mess with the extra sudo steps to be root, as I was in and out of my systems constantly all day long. Never once did that bite me. Although, I would use a sudo config to allow certain trusted engineers or professors on just specific systems to run specific apps/commands that needed root privs, which also generated an audit trail in the logs, and an email to me, of what commands they invoked (or tried to invoke) - just in case they tried to do something they shouldn't. But my methodology is definitely not for installations with two or more admins. - Larry ~Stack~ wrote on 4/11/21 9:39 PM: > On 2021-04-07 9:28 a.m., Teh, Kenneth M. wrote: >> If you need to run a lot of commands as root, the easiest sudo method >> is simply 'sudo su -' which makes you into root. The trailing '-' >> does a login which replaces your environment with root's. -- P. Larry Nelson (217-693-7418) | IT Administrator (retired) 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwID-g&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=DLa1FvIiUtnD-PEy34KAo3p4WSwAisBUV0ZnfTtR1lM&s=gdBbjcMggx3ArhRhnpgki6hz28AXRel_j3RZ5vdsaEI&e= --- "Information without accountability is just noise." - P.L. Nelson, 04/06/2001
Re: Way Off Topic - HEP Network Symphony Orchestra
Back in July, I happened upon this very interesting article: https://urldefense.proofpoint.com/v2/url?u=https-3A__www.npr.org_2020_07_14_891091995_playing-2Dmusic-2Dtogether-2Donline-2Dis-2Dnot-2Das-2Dsimple-2Das-2Dit-2Dseems&d=DwID-g&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=zpL0oT1cbXhkmhUnAgAlP_2xZXA8HGVTmSB2t3YMzm0&s=5JEaO7QOxz0BqQlR9GlqRwbwiLfa0BQ0BQbfjxtn-no&e= The mechanism involves JackTrip (https://urldefense.proofpoint.com/v2/url?u=https-3A__ccrma.stanford.edu_software_jacktrip_&d=DwID-g&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=zpL0oT1cbXhkmhUnAgAlP_2xZXA8HGVTmSB2t3YMzm0&s=B9YJRtL8KTEpENDPfHQDURVY_rTqVRE63Y9qLAZ06OI&e= ) and the Jack Audio Connection Kit (https://urldefense.proofpoint.com/v2/url?u=https-3A__jackaudio.org_&d=DwID-g&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=zpL0oT1cbXhkmhUnAgAlP_2xZXA8HGVTmSB2t3YMzm0&s=oc-E0raMEJksSn5cDufwqbmm_YwN2niTaNohBVZQBPs&e= ). 30 milliseconds (or ~30 feet apart) is the optimal latency for musicians to play together and hear and feed off each other in real time. The above packages seem to solve the distance-apart music playing problem, up to a point and within a certain radius. It's still constrained by the light speed limit... - Larry Steven C Timm wrote on 12/23/20 8:41 AM: In theory light could go 5000 km in 16ms. In practice it takes 105ms to get packets from FNAL to CERN. (speed of light is slower in fiber, fiber doesn't go straight, there are several switches). Even 16ms is more of a delay than you want in a musical performance. And you have to do the round trip. Try singing together with someone on zoom if you want to prove the point. The high-speed network doesn't give much benefit over the regular internet in terms of latency. it improves bandwidth but not latency all that much. The only way all these virtual choirs work is that they send out a base track to everyone that the people have locally and then each person records their part on top of it. Steve Timm (Physicist and amateur church musician, computing and recording remotely for last 10 months) *From:* owner-scientific-linux-us...@listserv.fnal.gov on behalf of Keith Lofstrom *Sent:* Tuesday, December 22, 2020 6:24 PM *To:* scientific-linux-users *Subject:* Way Off Topic - HEP Network Symphony Orchestra This isn't Scientific Linux, though SL and the team that supports it would be involved in implementation. AFAIK, we are still in the middle of Long Shutdown 2, with the Large Hadron Collider /not/ sending terabytes of experimental data through the dedicated HEP network. Meanwhile, gathering musicians on stage for a symphony orchestra is a big health risk during the COVID pandemic. The speed of sound across a symphony stage is 500,000 times slower than bits on an optical fiber. In theory, musicians could be connected through the HEP network, spread out over 5000 kilometer distances compared to the 10 meter distance across a symphony stage. Distances are smaller than that between groups of European or North American cities. There are probably more symphony fans than high energy physics fans (many physicists are both), so using the HEP network for concerts during the COVID crisis could earn a LOT of political capital, and help with future funding, including funding for the next upgraded HEP network. It would also develop new techniques for synchronizing planet-scale sensor networks. There are likely some excellent astronomical and geophysical uses for that. I'd guess that readers of this list know the people who know the people who know how to do this. What could we slap together in a hurry? Keith -- Keith Lofstrom kei...@keithl.com -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwID-g&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=zpL0oT1cbXhkmhUnAgAlP_2xZXA8HGVTmSB2t3YMzm0&s=fj9g2_VlJrx9lMvl-kPUX35iD9Mze5o5kI2-xJhJ78c&e= --- "Information without accountability is just noise." - P.L. Nelson, 04/06/2001
Re: Update from Rocky EL
xophQaMcRPYwn5E&s=-rEo5cSVS2fhIGxF42uFd_CWmc6DGwZNL3uLrDtYeL4&e= ). One problem with relying on "professional" staff is that the entity paying that staff has direct oversight into how much time they spend on those problems; the funding entity's goals and any particular end user's goals may differ dramatically, and the goals of the funder will trump the goals of the user. A second problem is that the same "professional" staff can be hired away by another company. A third problem is that "professionals" expect to be paid; where does the salary come from? The fourth problem is since there is very likely to be fewer "professional" staff supporting a revenue-negative project, each "professional" becomes extremely important or maybe even indispensible, and the project might have a hard time surviving a "bus incident" or even a major hurricane. I've witnessed all four of these issues first-hand RIP Seth. The problem with "amateurs" is that they can quite literally walk away without it negatively impacting their livelihood, and they're going to work on what interests them, whether it interests the end-user or not. I've witnessed "amateurs" walk away, try to delete everything they ever contributed, and get mad when folks wouldn't forget what had been said. At least with "amateurs" you can afford more of them, and have backups for when people do leave. As far as Rocky Linux is concerned, there is a middle ground where you might have some paid developers and some volunteers; nothing wrong with diversity here. I would expect that, just like the Linux kernel itself, that we'll see a mixture of paid developers and volunteers for Rocky Linux. -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwID-g&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=kTytgzKkdHhIqdndyIcBX0DwNa_qVjjolf67ZOV5G10&s=fY_U0UXjPQOnCkiyvjKZdfFlTA59YruiQPnWHLyTBic&e= --- "Information without accountability is just noise." - P.L. Nelson, 04/06/2001
Re: [SCIENTIFIC-LINUX-USERS] recommended sl6 containers
Ken, et al., I believe you can build your own and publish it to Dockerhub - unless their policies have changed. It's been 4 years since I retired and worked with Docker containers, so I haven't touched Docker since as I no longer have access to my linux systems. But I created the first "generic" SL6 container for Dockerhub and published it there myself. It's a basic SL6.8 build, whereas all of the other SL6 containers on Dockerhub at the time were very specialized builds. I believe Lynn Garren at Fermilab was using it as well. I built mine for use on Cray supercomputer platforms to run ATLAS experiment jobs. It's basically a clone I built of one of my interactive login nodes of my Tier3 cluster. It might still be there at lnelson/test:v4. Dunno how long they keep old containers. But, of course, it's woefully out of date now and hasn't been updated with patches. Seems the best course of action would be to build an SL6 system just the way you want it with all the legacy apps you need and then clone it with Docker and publish it to Dockerhub. I think (but not sure) you can restrict access to it after publishing to Dockerhub. https://urldefense.proofpoint.com/v2/url?u=https-3A__docs.docker.com_develop_develop-2Dimages_image-5Fmanagement_-23docker-2Dhub&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=mcqGfgpCKEjxH5snOklyDRdwygQWzKKu1gyyzt_mfoA&s=4IVSAlt1yb8y69yF00nyWCpEZOyP3eyQ3xUXlBIQ0CU&e= - Larry Teh, Kenneth M. wrote on 7/24/20 8:46 AM: Thanks. I'm trying to preserve a legacy application inside an SL6 container so some of our staff (mostly emeriti) can continue to use it after the November deadline on an SL7 or CentOS8 machine. There may be more apps that I am unaware of. That's why I asked. If you plan to remove the sl6 base image from docker, then I need to preserve a copy somehow or learn to build one from scratch using an archive sl6 repo, or maybe even preserve a full sl6 repo myself. If it's not too much trouble, please consider keeping the sl6 image around after the November deadline. Perhaps make a final version that binds the yum repos in the container to the archive locations. If this is out of the question, please be frank and say so up front. Then, I will know what I need to do to set up what I need to possibly build other sl6 containers after the November deadline. Any comments or words of advice are appreciated so I know what I'm up against. Thanks for all your efforts in maintaining SL. It was a great run. I've been using you guys since SL4, late 90s(?). From: Patrick Riehecky Sent: Friday, July 24, 2020 8:31 AM To: scientific-linux-users; Teh, Kenneth M. Subject: Re: [SCIENTIFIC-LINUX-USERS] recommended sl6 containers The plan is to retire the SL6 docker image once SL6 is end of life. With no one watching the security updates and the repos moved over to https://urldefense.proofpoint.com/v2/url?u=http-3A__ftp.scientificlinux.org_linux_scientific_obsolete_&d=DwIFAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=nUZRUt1gyxPgDV7sDwWxXa2pENV3t5evyd7h_-NCsNo&s=syIsWiUN08di1rc2oDjVops0ilfFc6Jn3FTHMi96ae4&e= I'm not sure the image would have any useful function. Pat On Fri, 2020-07-24 at 10:30 +, Teh, Kenneth M. wrote: After this November's end of life for SL6, will you continue to make the sl6 image available on docker hub? From: Teh, Kenneth M. Sent: Wednesday, July 22, 2020 8:15 AM To: Patrick Riehecky; scientific-linux-users Subject: Re: [SCIENTIFIC-LINUX-USERS] recommended sl6 containers Thanks. I've pulled it (I think). From: Patrick Riehecky Sent: Wednesday, July 22, 2020 8:01 AM To: Teh, Kenneth M.; scientific-linux-users Subject: Re: [SCIENTIFIC-LINUX-USERS] recommended sl6 containers Hello, We've got official images in Docker Hub[1] https://urldefense.proofpoint.com/v2/url?u=https-3A__hub.docker.com_-5F_sl&d=DwIFAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=OAMtP0DWou0nlXG7Kmxo2enjXJfwb1DXS9fwcaESuTE&m=sHzXDNLv8omo5deM2ZMDptbSwnBdv0WoIIp--TKHp9s&s=RmYdcL-ZvIeJReEfdPkg2oSv4eNHvEGLeXdcjr9shao&e= Pat On Wed, 2020-07-22 at 11:20 +, Teh, Kenneth M. wrote: Getting my feet wet with containers. Does SL have its own registry of SL6 and 7 container images? If not, can someone recommend a reliable image? Thanks -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49
Re: Who Uses Scientific Linux, and How/Why?
Brett Viren wrote on 2/25/20 8:15 AM: "Peter Willis" writes: Perhaps, if it’s not too much trouble, people on the list might give a short blurb about how they use it and why. Not quite a short blurb, but not too long either. I am retired now (nearly 4 years) after nearly 50 years in the IT biz - 44 of those at UIUC and 20 of those as an IT Admin for our local HEP group, and I can tell you that there are two people who made my life immeasurably better. So I just want to toot their horn. Troy Dawson and Connie Sieh of FermiLab. Here's a great interview with Troy that will answer a lot of questions as well as elucidate why we went with SL. (I suspect the following will get transmogrified by Fermi's Proof Point URL secret encoder ring) https://urldefense.proofpoint.com/v2/url?u=http-3A__old.montanalinux.org_interview-2Dtroy-2Ddawson-2Dscientific-2Dlinux-2Djune2011.html&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=p76IJCxmwsNBSv-yK1gjd90aDixiH0QGmAOt17f6Gf0&s=_1X0fjomFwROuoTUSK43cCqxlIRTvLj6oFiyBnixFAE&e= Alas, much to my initial dismay, Troy announced in 2011 he was going to work for RedHat, but Pat Riehecky jumped in to those big shoes (Thanks Pat!). I would be remiss if I didn't also mention Urs Beyerle and his work on the SL Live CDs/DVDs. And, of course, the (then) smallish but amazingly helpful SL user community on this list. After infuriatingly frustrating and hapless encounters with RHEL support on even the simplest of issues, being able to have one-on-one interactions with Troy, Connie, and Urs (and other users on the list) was like stepping out of a cold dark cave onto a warm sun drenched beach. [not hyperbole] Our journey (in case you're interested and still reading) went something like: Late 90's and early 2000's - SunOS (expensive hardware, expensive maintenance contracts, expensive licensing). Start playing with this new toy Redhat 2.0. (spare desktop hardware, almost free software, no licensing). Then Redhat 3, then 4 - now seeing that we can replicate all services from SunOS to RH. No longer a toy. Then RH 5 and 6, 7. 8, 9 and End-of-Life. LHC was ramping up and about to spew petabytes of ATLAS experiment data. Time to start building racks of storage farms and compute clusters. Switch to RHEL. But with that came confusing and frustrating licensing plus the aforementioned support snafus. Then an epiphany - one of our engineers was collaborating with another institution on loading linux onto embedded processors as part of the Dark Energy Survey telescope and came to me for linux advice. They were using a free linux installation from CERN called Scientific Linux (SLC). "Really!" He said FermiLab had a similar version (SLF) but that they chose SLC for whatever reason. He said it's the same as RHEL. "Really!" (again) I found FermiLab's website for SLF and the rest, they say, is history! We started with RHEL3, moved to SL4, then SL5 (my favorite) and wound up at SL6. SL7 was out and the HEP community was transitioning to it when I retired so I didn't have to deal with it. :-) Anyways, now back to retirement. - Larry -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=p76IJCxmwsNBSv-yK1gjd90aDixiH0QGmAOt17f6Gf0&s=62eHV163Nb89LsMLRPjQOEzjYv_oEs-6HtKt99PM2jA&e= -- "Information without accountability is just noise." - P.L. Nelson
Re: Is Scientfic Linux Still Active as a Distribution?
Not at all odd in academia. On the contrary, it is the norm. Andrew Z wrote on 2/21/20 1:57 PM: It is odd that you have no budget to support critical systems for your department, Yasha. What if you power servers down and see how "critical " they indeed are? And if they are not - then get fedora and be done with it. -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=xMvnjGKdYon7qCS8RwTK4EtHUUi1_l0sq3l2lt4iddU&s=LMYZGwwYk-up60pKrnQrswyT6KIrbewHccwTTiyyoxQ&e= -- "Information without accountability is just noise." - P.L. Nelson
Re: Update via SL 7.5 install USB flash drive
Yasha, Did you try clicking on Nico's link? ProofPoint decodes their obfuscated re-write, checks to make sure it's a legit site, then opens the proper page. I just clicked on it and it took me to Nico's github scripts area. Our campus (UIUC) has used it for many years now. Fermilab just started using it. Lots of places use it. Arguably a somewhat contentious implementation, there are arguments for and against its use. The argument for (at the higher up level in an organization) is to keep people who blindly click on links in their email from going to bad nasty sites (think non-savvy students and other folks). For those of us who have been around and ALWAYS check an embedded link in email, it's a PITA! However, there are ProofPoint decoders out there. My favorite can be found here (and I am going to re-write the link with spaces in hopes that ProofPoint won't mangle it - we'll see...) https : // itsa . ifas . ufl . edu / email / proofpoint . shtml I have this bookmarked in my Chrome bookmarks bar for quick lookups. Hope that helps your angst somewhat. - Larry Yasha Karant wrote on 10/17/18 11:48 PM: As I explained, I cannot transmit or receive URLs within SMTP email and perhaps other modalities due to the security measures of the campus with which I am associated, as you can see below in URL modification. Until I can get my SL users email address permanently reset, please email any URL information to ykar...@gmail.com . I apologize for this, but I have no control or input to any system under the current campus administration, as faculty (including tenured full professors) who are not campus administrators (deans or higher administrators in most cases) are informed of actions, but otherwise have little meaningful influence over decisions. I will attempt to implement what is suggested below without access to the Kadel-Garcia tool set, but I suspect that the tool set will save me some time and effort. Thanks for your patience. Yasha Karant On 10/17/2018 08:03 PM, Nico Kadel-Garcia wrote: On Wed, Oct 17, 2018 at 12:07 PM Yasha Karant wrote: How does one update SL 7 using a mounted USB flash drive as the source of a repo, rather than using any external network? There were instructions for doing this for EL pre-7 distributions, but I cannot find similar instructions for SL 7. I have a USB flash drive with the current double-layer DVD SL7.5 install image (ISO) and that does work -- I just did a fresh install of SL7.5 using this media. One sets up a new or one of the existing /etc/yum.repos.d/*.repo files to look at the locally mounted CD drive. I would copy "sl7.repo" to "sl7-local.repo", and reset the repository names to "sl7-local" and the like, and set their URLs to point to "file:///mountpoint/7.version/x86_64/os" and similar URLs. I've done just this sort of thing, successfully for internal SL, CentOS, and RHEL mirrors. You may find my tools at https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_nkadel_nkadel-2Drsync-2Dscripts&d=DwIBaQ&c=B_W-eXUX249zycySS1AyzjABMeYirU1wvo9-GmMObjY&r=Z7xHp2tIJsvAE2FtPxl_lynvf4hA_FJ8mKsaIgvY6Dk&m=RT1c81ULE-0AAXhmXl3Y0eaJZ0yPhGaZLHC9N3oM0hs&s=r3JZw6l5f9xZhSR9sTX2gWvskXqOW9_hfegrgK-QAvU&e= helpful for generateing your local mirror, especially the one for Scientific Linux. -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=8g4FR7W97OjLI5Zx02iSw3Azwf2XlkX83fT62uC0mXw&s=wgjGNaVOy8PdQwwN7LNoWvl_aI4ZHs8CAMGbMDnhFME&e= -- "Information without accountability is just noise." - P.L. Nelson
Re: is the disk failing ?
Konstantin Olchanski wrote on 10/16/18 6:55 PM: [snip...] as for raid controllers that prevent access to disk SMART data, they are as safe to use a car with a blank dashboard (no fuel level, no engine temperature, no speedometer, etc). Oy! Had some of those, but I "Promise" not to mention any vendor names. ;-} -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=IC6JnGOHzXnPNBJL3lAfI3rME-jUIv6qSI66HHKjsU8&s=7DfVCFoLT9KElMJ4vdLL-T-36GKMIawDz1Z_iibWNJs&e= -- "Information without accountability is just noise." - P.L. Nelson
Re: SP: proofpoint.com URLs in sl-users messages
Weird... None of yours got mangled (at least in my copy of your email) but scrolling down I see the URL in my sig is now ProofPointed as well as my google.com URLs in the quoted part of your response. The Fermilab ProofPoint settings seem to be a bit mysterious. Serguei Mokhov wrote on 7/24/18 1:54 PM: Certainly a counterproductive decision for Fermilab and the mailing list users. Not to mention privacy-violation redirecting to 3rd party trackers... I'd admit with this URL mangling, I'd be more reluctant to click URLs in the emails :) Let's see if these gets mangled: https://urldefense.proofpoint.com/v2/url?u=http-3A__www.google.com&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=ZGI1z1l3vfqoHxT9bkh2uTtKg-5zoSMkjMa7dJwVne0&s=nqcqCYyYafmVYrQM4k8j6RTbffl_OK4TwW88Tp8BUsY&e= "https://urldefense.proofpoint.com/v2/url?u=http-3A__www.google.com&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=ZGI1z1l3vfqoHxT9bkh2uTtKg-5zoSMkjMa7dJwVne0&s=nqcqCYyYafmVYrQM4k8j6RTbffl_OK4TwW88Tp8BUsY&e="; google.com cnn.com cbc.ca "github.com" https://urldefense.proofpoint.com/v2/url?u=http-3A__localhost&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=ZGI1z1l3vfqoHxT9bkh2uTtKg-5zoSMkjMa7dJwVne0&s=INI4G8jasFk0qatIiVrK7ndowa48nV-He-K2gNoIkII&e= and URLs in sig... -s On Tue, Jul 24, 2018 at 2:45 PM, P. Larry Nelson wrote: Hmmm, my copy sure doesn't look like HTML format. I surrender P. Larry Nelson wrote on 7/24/18 1:44 PM: Same test only now I've composed in HTML format. Same URL: (https://urldefense.proofpoint.com/v2/url?u=https-3A__www.google.com_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=EYDBVOo8z2PATbw_pAw6GKNYkFSqZ79zzdFhPDE8sko&s=36AasAKnjw3JX0UK8z2_eOOgWRhxPGfavvUN_pCuhXY&e=) P. Larry Nelson wrote on 7/24/18 1:40 PM: I concur with the previous posts about ProofPoint. The U of I campus implemented this several years ago. I complained. Fell on deaf ears. Implemented by our security folks. Rationale being that 99% of the campus email users (i.e., using the campus Exchange server) are either too lazy and/or too unaware of the dangers of blindly clicking on a URL in their emails. However, U of I email with a URL in the message body shows the real URL (in blue and underlined - unless the URL is hidden via the html "https://urldefense.proofpoint.com/v2/url?u=https-3A__www.google.com_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=EYDBVOo8z2PATbw_pAw6GKNYkFSqZ79zzdFhPDE8sko&s=36AasAKnjw3JX0UK8z2_eOOgWRhxPGfavvUN_pCuhXY&e=) and see how it arrives in your inbox. :-) -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=EYDBVOo8z2PATbw_pAw6GKNYkFSqZ79zzdFhPDE8sko&s=8P7D0JjiUCaWC6pRi-O7YHxf0ZnDitNCQLFRp9iRMbU&e= -- "Information without accountability is just noise." - P.L. Nelson -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=ZGI1z1l3vfqoHxT9bkh2uTtKg-5zoSMkjMa7dJwVne0&s=l7l1lrZgSpAr0K8iyL7LTCTt6o9OZXT_q7VJXbA1C7w&e= -- "Information without accountability is just noise." - P.L. Nelson
Re: SP: proofpoint.com URLs in sl-users messages
Hmmm, my copy sure doesn't look like HTML format. I surrender.... P. Larry Nelson wrote on 7/24/18 1:44 PM: Same test only now I've composed in HTML format. Same URL: (https://urldefense.proofpoint.com/v2/url?u=https-3A__www.google.com_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=EYDBVOo8z2PATbw_pAw6GKNYkFSqZ79zzdFhPDE8sko&s=36AasAKnjw3JX0UK8z2_eOOgWRhxPGfavvUN_pCuhXY&e=) P. Larry Nelson wrote on 7/24/18 1:40 PM: I concur with the previous posts about ProofPoint. The U of I campus implemented this several years ago. I complained. Fell on deaf ears. Implemented by our security folks. Rationale being that 99% of the campus email users (i.e., using the campus Exchange server) are either too lazy and/or too unaware of the dangers of blindly clicking on a URL in their emails. However, U of I email with a URL in the message body shows the real URL (in blue and underlined - unless the URL is hidden via the html " So, in our case, one can just copy/paste the URL in the message body to a browser and NOT go thru ProofPoint. The other aspect of the U of I's ProofPoint config is that it only affects email composed in HTML format, and since I generally loathe doing that unless absolutely necessary, I almost always compose in ASCII mode. So, I suppose this might be a test of how Fermilab has implemented ProofPoint as I will now include a rather well known URL here (https://urldefense.proofpoint.com/v2/url?u=https-3A__www.google.com_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=EYDBVOo8z2PATbw_pAw6GKNYkFSqZ79zzdFhPDE8sko&s=36AasAKnjw3JX0UK8z2_eOOgWRhxPGfavvUN_pCuhXY&e=) and see how it arrives in your inbox. :-) -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=EYDBVOo8z2PATbw_pAw6GKNYkFSqZ79zzdFhPDE8sko&s=8P7D0JjiUCaWC6pRi-O7YHxf0ZnDitNCQLFRp9iRMbU&e= -- "Information without accountability is just noise." - P.L. Nelson
Re: SP: proofpoint.com URLs in sl-users messages
Same test only now I've composed in HTML format. Same URL: (https://urldefense.proofpoint.com/v2/url?u=https-3A__www.google.com_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=sVkiPzVJL_iMgLLvSTjn_PVonwnx8h1jT871yRet-T4&s=TZGZbRrxKyrMRUQCxm4kUvNcS7tHO8hynCK27Kro7ig&e=) P. Larry Nelson wrote on 7/24/18 1:40 PM: I concur with the previous posts about ProofPoint. The U of I campus implemented this several years ago. I complained. Fell on deaf ears. Implemented by our security folks. Rationale being that 99% of the campus email users (i.e., using the campus Exchange server) are either too lazy and/or too unaware of the dangers of blindly clicking on a URL in their emails. However, U of I email with a URL in the message body shows the real URL (in blue and underlined - unless the URL is hidden via the html " So, in our case, one can just copy/paste the URL in the message body to a browser and NOT go thru ProofPoint. The other aspect of the U of I's ProofPoint config is that it only affects email composed in HTML format, and since I generally loathe doing that unless absolutely necessary, I almost always compose in ASCII mode. So, I suppose this might be a test of how Fermilab has implemented ProofPoint as I will now include a rather well known URL here (https://urldefense.proofpoint.com/v2/url?u=https-3A__www.google.com_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=sVkiPzVJL_iMgLLvSTjn_PVonwnx8h1jT871yRet-T4&s=TZGZbRrxKyrMRUQCxm4kUvNcS7tHO8hynCK27Kro7ig&e=) and see how it arrives in your inbox. :-) -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=sVkiPzVJL_iMgLLvSTjn_PVonwnx8h1jT871yRet-T4&s=rK67tnoRg-LrGgKZGxwX7Y3ysQghBlXmTJkqZTTyxC8&e= -- "Information without accountability is just noise." - P.L. Nelson
Re: SP: proofpoint.com URLs in sl-users messages
I concur with the previous posts about ProofPoint. The U of I campus implemented this several years ago. I complained. Fell on deaf ears. Implemented by our security folks. Rationale being that 99% of the campus email users (i.e., using the campus Exchange server) are either too lazy and/or too unaware of the dangers of blindly clicking on a URL in their emails. However, U of I email with a URL in the message body shows the real URL (in blue and underlined - unless the URL is hidden via the html " So, in our case, one can just copy/paste the URL in the message body to a browser and NOT go thru ProofPoint. The other aspect of the U of I's ProofPoint config is that it only affects email composed in HTML format, and since I generally loathe doing that unless absolutely necessary, I almost always compose in ASCII mode. So, I suppose this might be a test of how Fermilab has implemented ProofPoint as I will now include a rather well known URL here (https://urldefense.proofpoint.com/v2/url?u=https-3A__www.google.com_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Ma0w4F56naDITDGkKlQvVJtetzaOiMo7eexfGKNZgfo&s=j_HbB2h_p9zjRUhPqMrTbEdV3hg8KvFr66CCOEJkwDA&e=) and see how it arrives in your inbox. :-) Jon Pruente wrote on 7/24/18 12:33 PM: On Tue, Jul 24, 2018 at 12:20 PM, Konstantin Olchanski wrote: On Tue, Jul 24, 2018 at 09:39:37AM -0500, Glenn Cooper wrote: Some people dislike these email manglers because they replace obviously safe URLs (://triumf.ca, https://urldefense.proofpoint.com/v2/url?u=http-3A__bnl.gov&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=9MsrWO_OsZsUg1N098OjP5FVq11d4xFs7FQSsO0fvOg&s=hNpBcmIgNIJC38WgFxk6q0e-BDk3eAeFQnaJXmIOK3Y&e=, ://gnal.gov, etc) with magical "eat me" cookies. Maybe these manglers cut down on nigerian fishing, but I think there is a net decrease in security because everybody is forced to click links without knowing exactly where they go. Another failure of using such a service is that the URLs are now mangled inside the ProofPoint URL. When at some point in the future the ProofPoint service is discontinued or is no longer used by Fermilab (it will happen, some day, one way or another) the URLs that were originally submitted are lost. A "safe" link and a non-HTML-sanitized copy of the original URL would be a welcome safeguard from being hostage to the service for a clean copy of the URL for several reasons, even to just know what the URL is targeting along with having the option to not follow the link through the URL filtering service for tracking and privacy concerns. expressed by Konsantin. -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Ma0w4F56naDITDGkKlQvVJtetzaOiMo7eexfGKNZgfo&s=zuwvjMwO6N3LEFjVQk1g1psUnqgccVLNrF7TNvgHQRY&e= -- "Information without accountability is just noise." - P.L. Nelson
Re: Rebooting after Windows 'restart'
Nico Kadel-Garcia wrote on 2/22/17 1:05 AM: On Tue, Feb 21, 2017 at 3:58 AM, MAH Maccallum wrote: Thanks, Christoph-Erdman. I managed to resolve the problem by uninstalling a Windows program that was, I think, causing the issue by trying to access the Linux partition, so I am back in action, but your information will certainly help avoid such issues in future. Thanks again, Malcolm Note to the wary. The simpler solution, for the future, is not to use dual-boot. Virtualize one OS inside the other, and don't expose one system's disks to the other.except over more regulated, network based file sharing. I admit that, these days, I'll use Windoes as the base OS for better support from my hardware vendor and better game performance, and use VirtualBox or other virtualization systems for running lighter weight Linux VM's. for testable research and development on my laptop or desktop. I don't get the full speed of the the hardare for my Linux VM's, but they're so much lighter weight I don't usually *care*, and I can still run my games and critical Windows apps. And yes, I've run critical debugging tools and penetration tools from my Linux VM, on an encrypted disk for basic security in the admittedly tougher to secure Windows environment, and even run PXE, DNS backup servers, and internal Scientific Linux yum mirrors on VM's on my laptop for debugging and network services as needed. And it's been mch easier to debug or repair a broken VM than an unbootable dual-boot setup. I'm not discounting dual-boot solutions for bare metal speed or debugging hardware driver compatibility, but I don't see a lot of point to it these days. When VMware Workstation 3 came out over 15 years ago, I totally stopped supporting dual-boot on my users' computers and highly encouraged them to use VMware. When informed that they could share files between their Windows host and the linux VM in real time, it became a no-brainer. We had a license for multiple systems, so all they had to do was grab it from our local software repo and install it. Life became so much easier. If you are looking for a significant improvement in performance over a VM, you can go the container route and install Docker for windows (https://docs.docker.com/docker-for-windows/). However, that just gives you a command line interface (CLI). On a linux host running Docker, you can run a windows manager in the Docker container. See here: https://csicar.github.io/docker/window-manger/2016/05/24/docker-wm.html How to do that on a Windows host, I don't know - never went there. Docker images start up exceedingly fast (in a couple of seconds) and performance is almost as fast as the native hardware (be it windows, mac, or linux based), whereas, as Nico points out, running a VM is much slower in performance than the native host. It's not for everyone, but if you need native host performance, it's something to try. Most folks are familiar with VMs, so there's a bit of a learning curve with Docker and its terminology and syntax, plus you may run into unforeseen gotchas with Docker. I, personally, have not used Docker on Windows or a Mac - just on linux. You don't have to build a linux OS with Docker (as with a VM, although you can download pre-built VMs) - you just download a pre-built container from the public Docker hub of whatever distro you'd like, be it Ubuntu, CentOS, etc. But the container is ephemeral, so if you make changes to it (add/update software), you need to issue a "docker commit" command after exiting the container, otherwise any changes vanish. You can build your own, which is what I had to do last summer when I needed an SL6.x container and none were to be found on the Docker hub - just latest 7.x releases of CentOS. There were some CentOS 6.x containers, but they were special use cases built by individuals and not approved by Docker for general use and were not being updated to stay current. And who knows what goofy or weird software or setups were in them. After building my own, based entirely on the host SL6.x system where I had Docker installed, I then needed to upload my SL6.x container to the public Docker hub repository, as setting up your own container repository is significantly non trivial. Meaning, I could then go to any linux system with Docker installed and download (pull) my SL6.x container and run it as is. Caveat: I'm retied now, so I haven't worked with Docker since last summer and haven't kept up with any new changes or features. And as always, your mileage may vary... Just another option... - Larry -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | http://hep.physics.illinois.edu/home/lnelson/
Re: SNMP scanner?
With all due respect, and not interested at all in flaming or starting one of those wars, I, and I think most folks on this list, find that the occasional dip into topics slightly off of SL issues can be very educational. And for me, that's what it's all about. The sharing of knowledge, tools, hints, tricks, whatever... Because I know just enough about most things to be a little dangerous, and it's wonderful to find out more so I can be even more dangerous! - Larry stroe wrote on 8/5/16 9:38 AM: Could you please stop this, which is not an SL issue? On 2016-08-05 17:19, Lamar Owen wrote: On 07/30/2016 06:35 PM, ToddAndMargo wrote: I am looking to do network discovery. Basically, everything on the interface, regardless of what network it belongs to or if even has an ip assigned. Like AutoScan Network, only not abandoned. I have a dedicated install of NetworkSecurityToolkit (NST) on a box connected to two ports on one of our core switches. One port is the admin port that NST serves its web GUI on; the second port is a capture-only port and connects to a SPAN port on the core switch (Cisco terminology, as it's a Cisco 7609). I set up the SPAN to redirect traffic for the ports and/or VLANs I'm interested in looking at, and then capture all the traffic (I capture all traffic then filter it out). Not as clean as some other solutions, but it does get everything. -- P. Larry Nelson (217-244-9855) | IT Administrator 457 Loomis Lab | High Energy Physics Group 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | http://hep.physics.illinois.edu/home/lnelson/ -- "Information without accountability is just noise." - P.L. Nelson
Re: Python 2.7 OS requirements
To the two Stevens, Thanks for the possible solutions to this! However, I did hear back from the grad student and his response was: "I'm installing some python packages and need a higher version of numpy, which asks for python 2.7. I'll try on CERN system. Thanks!" Hopefully that's the last I'll hear of it :-) I have 4 weeks left with the U of I, I'm totally consumed working on another project involving Docker and Shifter, and don't really have the time nor the wherewithal to deal with it. - Larry Steven J. Yellin wrote on 7/30/16 8:20 PM: Another way is to get Python-2.7.12.tar.xz from https://www.python.org/downloads/, extract into directory Python-2.7.12 with 'tar -xJf Python-2.7.12.tar.xz', and see its README file for what to do next to get it in /usr/local. Steven Yellin On Sun, 31 Jul 2016, Steven Haigh wrote: You can look at virtualenv from EPEL. You can install a separate python environment in a users home directory. On 31/07/16 09:36, P. Larry Nelson wrote: Hi all, Please don't shoot the questioner (me), as I have no experience with Python, other than knowing "what" it is and that my SL6.8 systems have version 2.6.6 installed. I have been asked by one of our Professors that one of his grad students apparently needs Python 2.7.x installed on our cluster (optimally in /usr/local, which is an NFS mounted dir everywhere). In my brief Googling, I have not found OS requirements for 2.7.x, but have inferred that it probably needs SL7.x. Can anyone confirm that? Or has anyone installed Python 2.7.x (and which .x?) on an SL6.8 system without replacing 2.6.x? I'm guessing this can be quite a morass to delve into as when I do a 'rpm -qa|grep -i python|wc' It returns with 67 rpms with python in the rpm name! If the solution is indeed simple, I might proceed, otherwise, I'm of a tendency to reply to the Professor and student, "No way - won't work." I think the student probably has access to CERN systems that probably have what he's looking for. I've followed up with that inquiry to the student and waiting to hear back. Thanks! - Larry -- Steven Haigh Email: net...@crc.id.au Web: https://www.crc.id.au Phone: (03) 9001 6090 - 0412 935 897 -- P. Larry Nelson (217-244-9855) | IT Administrator 457 Loomis Lab | High Energy Physics Group 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | http://hep.physics.illinois.edu/home/lnelson/ -- "Information without accountability is just noise." - P.L. Nelson
Python 2.7 OS requirements
Hi all, Please don't shoot the questioner (me), as I have no experience with Python, other than knowing "what" it is and that my SL6.8 systems have version 2.6.6 installed. I have been asked by one of our Professors that one of his grad students apparently needs Python 2.7.x installed on our cluster (optimally in /usr/local, which is an NFS mounted dir everywhere). In my brief Googling, I have not found OS requirements for 2.7.x, but have inferred that it probably needs SL7.x. Can anyone confirm that? Or has anyone installed Python 2.7.x (and which .x?) on an SL6.8 system without replacing 2.6.x? I'm guessing this can be quite a morass to delve into as when I do a 'rpm -qa|grep -i python|wc' It returns with 67 rpms with python in the rpm name! If the solution is indeed simple, I might proceed, otherwise, I'm of a tendency to reply to the Professor and student, "No way - won't work." I think the student probably has access to CERN systems that probably have what he's looking for. I've followed up with that inquiry to the student and waiting to hear back. Thanks! - Larry -- P. Larry Nelson (217-244-9855) | IT Administrator 457 Loomis Lab | High Energy Physics Group 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | http://hep.physics.illinois.edu/home/lnelson/ -- "Information without accountability is just noise." - P.L. Nelson
Re: SNMP scanner?
ToddAndMargo wrote on 7/30/16 5:33 PM: On 07/30/2016 03:06 PM, ToddAndMargo wrote: How is fing at finding things on the same interface that have different networks? I found a note in my references that fing only works on its own network. Rats! But that was version 2. What did you do to get yours to install? On my SL5.5 system, 'rpm -ivh overlook-fing-2.2.rpm' It just did it - no complaints. - Larry -- P. Larry Nelson (217-244-9855) | IT Administrator 457 Loomis Lab | High Energy Physics Group 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | http://hep.physics.illinois.edu/home/lnelson/ -- "Information without accountability is just noise." - P.L. Nelson
Re: SNMP scanner?
ToddAndMargo wrote on 7/30/16 5:06 PM: ToddAndMargo wrote on 7/29/16 8:06 PM: On 07/29/2016 05:21 PM, Eero Volotinen wrote: Openvas, nmap and so on 30.7.2016 2.15 ap. "ToddAndMargo" mailto:toddandma...@zoho.com>> kirjoitti: Can anyone recommend an SNMP scanner? Hi Eero, I am trying to figure out how to do a "network discovery" with snmp and nmap. I haven't figured it out yet. Have you done this before? Openvas looks very promising. Wish it wasn't set up as a virtual machine. Makes it a bit interesting to install on a flash drive. I do know how to convert ova's to qemu-kvm, but still ... Thank you for helping me with this! -T -- ~~ Computers are like air conditioners. They malfunction when you open windows ~~~~~~ On 07/30/2016 06:37 AM, P. Larry Nelson wrote: I use fing. Wonderful tool! https://www.fingbox.com/download https://www.fingbox.com/help?c=command-line_tool&a=network_discovery - Larry Hi Larry, # yum localinstall overlook-fing-3.0.rpm ... Transaction check error: file /usr/bin from install of fing-3.0-1.x86_64 conflicts with file from package filesystem-3.2-20.el7.x86_64 Poop! My fing is fing-2.2 running on an SL5.5 box which has nics connecting to all my nets (public and NAT'ed). Installed it years ago. I see that fingbox.com has a .tgz file download for linux - maybe playing with the source will work. How is fing at finding things on the same interface that have different networks? Same interface - different networks? I'm afraid that's a new one on me. Can't answer that one. And, how is it for finding things without and IP address? How can it be on a network and not have an IP address? If that's doable, then again, a new one me. Can't answer that either. I keep things as exceedingly simple as possible. Thank you for helping me with this! -T No prob. - Larry -- P. Larry Nelson (217-244-9855) | IT Administrator 457 Loomis Lab | High Energy Physics Group 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | http://hep.physics.illinois.edu/home/lnelson/ -- "Information without accountability is just noise." - P.L. Nelson
Re: SNMP scanner?
I use fing. Wonderful tool! https://www.fingbox.com/download https://www.fingbox.com/help?c=command-line_tool&a=network_discovery - Larry ToddAndMargo wrote on 7/29/16 8:06 PM: On 07/29/2016 05:21 PM, Eero Volotinen wrote: Openvas, nmap and so on 30.7.2016 2.15 ap. "ToddAndMargo" mailto:toddandma...@zoho.com>> kirjoitti: Can anyone recommend an SNMP scanner? Hi Eero, I am trying to figure out how to do a "network discovery" with snmp and nmap. I haven't figured it out yet. Have you done this before? Openvas looks very promising. Wish it wasn't set up as a virtual machine. Makes it a bit interesting to install on a flash drive. I do know how to convert ova's to qemu-kvm, but still ... Thank you for helping me with this! -T -- ~~ Computers are like air conditioners. They malfunction when you open windows ~~~~~~~~~~ -- P. Larry Nelson (217-244-9855) | IT Administrator 457 Loomis Lab | High Energy Physics Group 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | http://hep.physics.illinois.edu/home/lnelson/ -- "Information without accountability is just noise." - P.L. Nelson
Recent scam emails to list
Hi Pat (and list), I sincerely hope the folks on this list are savvy enough NOT to click on the links in the recent emails with: "You have a new message, please read ". This smacks of the recent uptick in ransomware emails inundating the world. At the U of I, I believe the Security folks have tweaked the spam filters for all incoming campus email to catch these (or most of them, as I have not seen any come thru to my campus Exchange inbox). I would think since this listserv is hosted at FermiLab, that their security folks would be even more Draconian in their filtering methods? Thanks, - Larry -- P. Larry Nelson (217-244-9855) | IT Administrator 457 Loomis Lab | High Energy Physics Group 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | http://hep.physics.illinois.edu/home/lnelson/ -- "Information without accountability is just noise." - P.L. Nelson
Re: resolv.conf overwritten
Sounds like maybe you're running servers and not laptops. With servers, the first thing I do (after installing a rather stringent set of iptables) is 'yum remove NetworkManager*'. Saves lots of headaches. - Larry Nathan Moore wrote on 8/7/15 12:34 PM: Hi All, I have a machines running SL7 with static IP's. Whenever I restart the network w/ "service network restart", /etc/resolv.conf is rewritten. I've read that you can "solve" this problem by stopping network manager (ie, "service NetworkManager stop; chkconfig --level 12345 NetworkManager off " ) Is this the right way to approach the problem? -- - - - - - - - - - - - - - - - - - - - - - Nathan Moore Mississippi River and 44th Parallel - - - - - - - - - - - - - - - - - - - - - -- P. Larry Nelson (217-244-9855) | IT Administrator 457 Loomis Lab | High Energy Physics Group 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | http://www.brf-llc.com/lnelson/ --- "Information without accountability is just noise." - P.L. Nelson
Re: bash-update
On 9/25/14 6:23 AM, Vladimir Mosgalin wrote: Hi John Rowe! On 2014.09.25 at 10:26:53 +0100, John Rowe wrote next: On Thu, 2014-09-25 at 09:16 +, Werf, C.G. van der (Carel) wrote: Yesterday a lot of yum-updates ran to update to the latest bash-versions. Though my /bin/bash was changed last night, and yum.log shows 3.2.33 should have installed, # /bin/bash --version still shows 3.2.25 Ofcourse, also # strings /bin/bash shows old version number. Is this a policy NOT to change version-numbers ? It's worth pointing out that there has just been a serious (and possibly remote!) bash vulnerability which this fixes. A test is: env X="() { :;} ; echo vulnerable" /bin/bash -c "echo completed" The only problem is that vulnerability is not yet fixed: https://bugzilla.redhat.com/show_bug.cgi?id=1141597#c24 We need to wait for further fixes From: https://access.redhat.com/articles/1200223 Red Hat advises customers to upgrade to the version of bash which contains the fix for CVE-2014-6271 and not wait for the patch which fixes CVE-2014-7169. CVE-2014-7169 is a less severe issue and patches for it are being worked on. -- P. Larry Nelson (217-244-9855) | Systems/Network Administrator 461 Loomis Lab | High Energy Physics Group 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill. MailTo:lnel...@illinois.edu| http://www.roadkill.com/lnelson/ --- "Information without accountability is just noise." - P.L. Nelson
Re: advice on using latest firefox from mozilla
Jeff Siddall wrote on 6/7/2013 2:08 PM: On 06/06/2013 01:19 PM, Ken Teh wrote: I'd appreciate some more details on how you implement the Mozilla update protocol in an (not quite) enterprise environment. IOW, not hundreds or thousands of machines but enough to make manual updates unfeasable. I recently installed a bunch or RPis and needed a way to easily do stuff to them all at once. I came across cssh and it is fantastic. Simple yet effective, it may make manually installing a new FF on a bunch of machines very manageable. http://sourceforge.net/apps/mediawiki/clusterssh/index.php?title=Main_Page Jeff Verrry nice! Had not heard of Cluster SSH before. BTW, if you have epel enabled, one can just do 'yum install clusterssh' - Larry -- P. Larry Nelson (217-244-9855) | Systems/Network Administrator 461 Loomis Lab | High Energy Physics Group 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill. MailTo:lnel...@uiuc.edu| http://www.roadkill.com/lnelson/ --- "Information without accountability is just noise." - P.L. Nelson