Re: [SLUG] 20 years of using Linux at Home
have changed. I spent ten years writing for - www.linuxuser.co.uk - www.linuxformat.co.uk - http://www.linux-magazine.com/ . Travelled round the world a few times doing that. I think my first distro was Caldera which I think was in 1996. I was working as an NT / 95-98 admin at the time. Magazines played two huge parts in my adoption of Linux. 1) I go to have disks to install distros from 2) In one article on PHP + MySQL they had a shot of Webmin www.webmin.com In NT land we had buggy mail severs and other crap + a whole lot of shrink wrapped boxes that cost 1,000 $ of equally crap software. I installed RedHat 7.? and webmin and clicked on the Servers tab - here was a suite of offerings that I could install for free and get working rather than thinking of how to install front page extensions on IIS. The screen shot in one of those magazines was a big eye opener - thanks! Cheers P -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] DNS server getting hammered.
On 07/04/2013, at 10:28 AM, Jake Anderson wrote: Presumably the requests are generally coming from a limited subset of addresses. I suggest grepping your logs, and pulling out all the requests matching those patterns. then pull out the distinct addresses. then just putting a firewall block rule in place. This doesn't really help much. The rates up from individual compromised machines are quite low, even major ISPs only see 0.5Mbps or so from compromised machines using DNS reflector DDoS. That's the essence of the distributed attack -- data rates are low enough to be underneath the radar from most viewpoints (although obviously not from viewpoint of the network being flooded). Configure a DNS primary or secondary server so that it only answers for non-recursive queries and only for those zones for which it is a primary or a secondary. If you are being hammered, then limit the size of the Additional Records to the minimum (e.g., make clients query for a second time to resolve a CNAME). Configure a DNS forwarder so that it only answers for the IP addresses range of the expected clients, and is bound only to the interface on which those queries are expected. Do give answers for unallocated networks rather than letting them recurse (see RFC1604). I really should update AUSCERT's AL1999-004 http://www.auscert.org.au/render.html?it=80template=1 although apart from updating the bogon list and adding IPv6 there's not really that much which has changed in 13 years. -glen -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] DNS server getting hammered.
On 07/04/13 17:28, Glen Turner wrote: I really should update AUSCERT's AL1999-004 http://www.auscert.org.au/render.html?it=80template=1 although apart from updating the bogon list and adding IPv6 there's not really that much which has changed in 13 years. From the article you linked: Since this attack relies upon spoofed source IP addresses, source address checking by ISPs originating traffic is the only means to entirely defeat this form of denial of service attack. Guess that's something else that's not changed much in 13 years either. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Fwd: Cool New Terminal Emulator for a modern look in Linux (David Lyon)
On 7 April 2013 09:38, David Lyon david.lyon.preissh...@gmail.com wrote: Apart from all the eye-candy in Terminology I found that it has one really useful command that helped me at work. It has commands called 'tyls' and 'tycat'. What theydo is list out files in a command line along with a preview. It doesn't sound much but normally you have to go out to some gui file manager window to see some pictures you are developing with. I was just writing a resizing script for images on a website. That's exactly my though when I saw the demo movie! I don't deal much with images/videos but when I do (e.g. attach to e-mail or generally check family photos), I always wish I could do that without resorting to some graphic GUI. --Amos -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] WAS: 20 years of using Linux at home NOW: Book - 20 years of Linux
Patrick Elliott-Brennan wrote: From: Marghanita da Cruz marghan...@ramin.com.au Date: Sat, 06 Apr 2013 13:50:27 +1100 All, I am probably going to regret this...but do you think this is worth a book? http://ramin.com.au/linux/formatting-e-books-and-paperbacks.shtmlhttp://ramin.com.au/linux/formatting-e-books-and-paperbacks.shtml I think it would definitely be worth a book, M. Key moments in GNU/Linux history told as a users personal recollection :)) snip Wikibooks may be the way to go https://en.wikibooks.org/wiki/Subject:Open_source Marghanita -- Marghanita da Cruz Ramin Communications Pty Ltd http://ramin.com.au/ Phone:(+61)0414-869202 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] 20 years of using Linux at home
On 6 April 2013 13:50, Marghanita da Cruz marghan...@ramin.com.au wrote: By coincidence there is a Linux link to Annandale Anthony Rumble (St Aidan's Niches) http://ramin.com.au/annandale/history.shtml Vale, Anthony. Anthony was the one who first turned me on to Linux. I remember taking the piss out of him when I was still running my BBS on OS/2 and he was spruking Linux (geeze, must have been more than 20 years ago now). Couple of years later, when IBM cast OS/2 to the scrapheap, I thought I'll give this Linux stuff a try - can't quite recall if my first distro was Yggrdasil or an early Slackware. Those were the days. DaZZa -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] 20 years of using Linux at home
On 08/04/13 08:08, DaZZa wrote: On 6 April 2013 13:50, Marghanita da Cruz marghan...@ramin.com.au wrote: By coincidence there is a Linux link to Annandale Anthony Rumble (St Aidan's Niches) http://ramin.com.au/annandale/history.shtml Vale, Anthony. Anthony was the one who first turned me on to Linux. I remember taking the piss out of him when I was still running my BBS on OS/2 and he was spruking Linux (geeze, must have been more than 20 years ago now). Couple of years later, when IBM cast OS/2 to the scrapheap, I thought I'll give this Linux stuff a try - can't quite recall if my first distro was Yggrdasil or an early Slackware. Those were the days. DaZZa Anthony was one of the first people I met after I started coming to SLUG in the 90s. He was friendly and Knowledgeable. I occasionally went to his store in Five Dock. Seems like centuries ago! Heracles -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] DNS server getting hammered.
On 07/04/13 10:00, Nigel Allen wrote: Greetings I had been puzzling for a while why my combined mail/web/dns server was getting slower and slower until I realised my mistake. I had inadvertently left my named available for the entire world to do recursive queries on. I have since then fixed the problem by only allowing my 2 local networks the ability. My router (and with it my ADSL connection) however remains plagued with requests. Just a quick note of thanks to all who responded. This is obviously not going to be a case of instant gratification but your comments have set me in the right direction. Cheers Nigel. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html