Re: help needed with HP dv6-3225dx
On 05/06/2012 02:22 AM, Paul Allen Newell wrote: > Thanks for reply. I went through the man pages back on F14 when I tried then > (the > example was 10-synaptics.conf). I "thought" I had it figured out but was only > fooling myself. F16 man pages look more robust but still come down to dealing > with > xorg.conf. > > Last night I had noticed the applications->system->mouse only had the most > basic of > settings for the mouse and no settings for the buttons. I was hoping (maybe > dreaming?) that there was a package that could be gotten with yum that would > provide an expanded interface for dealing with it. No amount of searching > turned up > anything. > > If nobody else knows of some such package, I'll try, once again, to see if I > can > figure out xorg.conf. I struggled with it in FC5 and was very happy when > Fedora no > longer required it (F8 or F9?). Did you try the copy of 50-synaptics.conf? It isn't clear from what you've said The fact that it contains: Driver "synaptics" and that there is a... /lib/modules/3.3.4-1.fc16.i686/kernel/drivers/input/mouse/synaptics_i2c.ko file suggests this would be a likely driver whose specific loading may be promising. > > As for the mounting of the stick, I never thought of the tail -f of > /var/log/messages to get the info I need for doing the mount command. Its a > great > idea and I thank you for suggesting it Welcome -- Never be afraid to laugh at yourself, after all, you could be missing out on the joke of the century. -- Dame Edna Everage -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Ugh! Activate SSHD on Headless Machine?
On 05/05/2012 04:15 PM, Jorge Fábregas wrote: > Well, if it boots and the network is activated (and assuming your know > its ip address)...how difficult can it be to type: I'm sorry. The instructions I gave you were assuming it was a server (where you usually don't run a GUI ). I guess you had a graphical environment there so GDM would be your first contact with the system. You can follow my instructions (and be safer) by switching to one of the virtual consoles with: ALT+CTRL+F2 or F3 or F4 before your type the word "root" to begin the login process. HTH, Jorge -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Ugh! Activate SSHD on Headless Machine?
On 05/05/2012 03:03 PM, Fedora User wrote: > I have a perfectly good laptop with a fried display card that I am > trying to turn into a media server. It boots and the network is > activated but I must have turned off sshd like a complete schmuck. Well, if it boots and the network is activated (and assuming your know its ip address)...how difficult can it be to type: root yourpassword chkconfig sshd on service sshd start ..and then try to connect to it? Notice that I'm using the old'style commands (chkconfig and service) instead of all the new systemd commands which I still haven't used. Nonetheless they still should work. Regards, Jorge -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Ugh! Activate SSHD on Headless Machine?
I have a perfectly good laptop with a fried display card that I am trying to turn into a media server. It boots and the network is activated but I must have turned off sshd like a complete schmuck. I spent hours on a ks.cfg, testing it on virtual box until it was perfect - figuring that I would just do a fresh auto-install. I must have changed the boot order in the BIOS for some reason that I will never remember. Does anyone know a good trick before I buy a SATA-to-USB converter? -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: help needed with HP dv6-3225dx
On 5/5/2012 1:20 AM, Ed Greshko wrote: On 05/05/2012 01:03 PM, Paul Allen Newell wrote: Hello to all: I have a Hp dv6-3225dx installed with Win7. I tried to dual boot with F14 but it wouldn't recognize the mouse/buttons of the Synaptics PS/2 Port Touchpad v7.4 (driver 15.2.4.4 per Win7). I just tried an install of F16 and I am getting much better behavior (as in it understands the mouse) but I am still hitting a wall. I insert a memory stick and I see the icon popup on my desktop to tell me that it is there. I mouse over it and it confirms that it exists as an unmounted drive. When I click the right or left mouse, it does nothing. Experience on my other F16 boxes is that a popup should happen which includes the option of mounting it. The low lying fruit is that I read the man pages for mount and don't quite understand what I need to do to mount it. The real problem is that my install is not fully understanding the touchpad input. Though it would be helpful to know exactly what I have to type in a terminal as root(?) to mount, I am more concerned about getting the buttons to behave "as expected". This is an F16 install under Xfce. For what it is worth, the mouse/buttons under Win7 have been dodgy at times and I think HP made a mistake on this computer using them. If I had the money, I would solve the problem by getting a new laptop ... and not HP as I think they have taken a wrong path ... and double that for using with Linux. I don't have a system with a Synaptics PS/2 Port Touchpad. But, is it fair to assume that you've reviewed "man synaptics"? I also found there to be a /usr/share/X11/xorg.conf.d/50-synaptics.conf file. So, maybe this needs to be copied to /etc/X11/xorg.conf.d/ ? Of course, after you do that you'll need to restart the X server. As for the mounting of the memory stick without having the mouse working for you You can "tail -f" /var/log/messages when you plug it in and you'll see what device is being assigned. You can then just issue a mount command. Ed: Thanks for reply. I went through the man pages back on F14 when I tried then (the example was 10-synaptics.conf). I "thought" I had it figured out but was only fooling myself. F16 man pages look more robust but still come down to dealing with xorg.conf. Last night I had noticed the applications->system->mouse only had the most basic of settings for the mouse and no settings for the buttons. I was hoping (maybe dreaming?) that there was a package that could be gotten with yum that would provide an expanded interface for dealing with it. No amount of searching turned up anything. If nobody else knows of some such package, I'll try, once again, to see if I can figure out xorg.conf. I struggled with it in FC5 and was very happy when Fedora no longer required it (F8 or F9?). As for the mounting of the stick, I never thought of the tail -f of /var/log/messages to get the info I need for doing the mount command. Its a great idea and I thank you for suggesting it Paul -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: What is removing files from /tmp?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/05/2012 08:42 AM, Reindl Harald wrote: > > > Am 05.05.2012 15:28, schrieb Ted Roche: >> On Wed, May 2, 2012 at 11:40 PM, Ed Greshko wrote: >>> When someone on this list asks for help in modifying a behavior to suit their >>> needs/desires why are they often asked to justify their requests? In this case, and >>> in may others, I can't see that seeking/offering justification will help in finding a >>> solution. >>> >> >> This is often referred to as the "XY Problem" where a questioner has >> problem X, has determined to solve it with solution Y, and is asking >> for help getting solution Y to do what it is they think it should do. >> In fact, solution Y may not be be the optimal solution, and there may >> be a well-known and reliable solution to problem X. So, asking "why do >> you want to do this?" often leads to the real problem, and a better >> solution. >> >> Ref: http://www.catb.org/~esr/faqs/smart-questions.html#id479492 > > especially in this case > > why storing data in /tmp and search how to change behavior of the > OS instead simply use another directory and accept that /tmp is > NOT a place where you can expect your data are alive at any time > later? > > mkdir /mytmp > chmod 1777 /mytmp > > so, now you have a folder with the same permissions as /tmp > everybody can store files there, only the owner have access > to them and nothing of the OS is touching it > > > The way I do it is to create a tmp directory in each user's home directory. (Add to /etc/skel) Then I have TMP set to this directory. (Add local.sh and local.csh in /etc/profile.d) This works for programs that honor TMP and is easy to add to scripts. if [ -z $TMP ] then temp_file=/tmp/dd.$$ else temp_file=$TMP/dd.$$ fi Mikkel - -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAk+lMGAACgkQqbQrVW3JyMSm4ACcCW1LU/abdyD9enyIQCw9E958 zQIAniPci+6V1wcwuqqvfwKstsAsOvMC =qgxs -END PGP SIGNATURE- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: What is removing files from /tmp?
Am 05.05.2012 15:28, schrieb Ted Roche: > On Wed, May 2, 2012 at 11:40 PM, Ed Greshko wrote: >> When someone on this list asks for help in modifying a behavior to suit their >> needs/desires why are they often asked to justify their requests? In this >> case, and >> in may others, I can't see that seeking/offering justification will help in >> finding a >> solution. >> > > This is often referred to as the "XY Problem" where a questioner has > problem X, has determined to solve it with solution Y, and is asking > for help getting solution Y to do what it is they think it should do. > In fact, solution Y may not be be the optimal solution, and there may > be a well-known and reliable solution to problem X. So, asking "why do > you want to do this?" often leads to the real problem, and a better > solution. > > Ref: http://www.catb.org/~esr/faqs/smart-questions.html#id479492 especially in this case why storing data in /tmp and search how to change behavior of the OS instead simply use another directory and accept that /tmp is NOT a place where you can expect your data are alive at any time later? mkdir /mytmp chmod 1777 /mytmp so, now you have a folder with the same permissions as /tmp everybody can store files there, only the owner have access to them and nothing of the OS is touching it signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: What is removing files from /tmp?
On Wed, May 2, 2012 at 11:40 PM, Ed Greshko wrote: > On 05/03/2012 11:24 AM, Jeoe Zeff wrote: >> On 05/02/2012 07:47 PM, Dean S. Messing wrote: >>> Does anyone know of another mechanism for this? >> >> Just out of curiosity, why don't you want files to be removed from /tmp? > > That question raises a question that I've been wanting to ask several times. > So, > although I'm asking it in this thread, it isn't solely directed at you. > > When someone on this list asks for help in modifying a behavior to suit their > needs/desires why are they often asked to justify their requests? In this > case, and > in may others, I can't see that seeking/offering justification will help in > finding a > solution. > This is often referred to as the "XY Problem" where a questioner has problem X, has determined to solve it with solution Y, and is asking for help getting solution Y to do what it is they think it should do. In fact, solution Y may not be be the optimal solution, and there may be a well-known and reliable solution to problem X. So, asking "why do you want to do this?" often leads to the real problem, and a better solution. Ref: http://www.catb.org/~esr/faqs/smart-questions.html#id479492 -- Ted Roche Ted Roche & Associates, LLC http://www.tedroche.com -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: iptables recent / more than one exception
On 2012/05/04 23:42, Reindl Harald wrote:
Am 05.05.2012 02:31, schrieb jdow:
I don't know nessus. I am guessing that "-n 1000" part means 1000 trials
and it's running as fast as it can go. The idea is to test up to your
DDOS limit, wait 2 seconds, repeat. Can the test be hacked to keep your
system at its limit but not over its limit?
no idea, even if it would not help becasue a company
only doing certified secsancs will never change them
especially if your customer is their customer
but i found a solution!
with "--remove" you can remove the given IP from the iptables-list
before the REJECT action is triggered and this way add as much
networks / addresses you need
$IPTABLES -I INPUT -p tcp -i eth0 ! -s $LAN_RANGE -m state --state NEW -m
recent --set
$IPTABLES -I INPUT -p tcp -i eth0 -s $SECURITY_SCAN -m state --state NEW -m
recent --remove
$IPTABLES -I INPUT -p tcp -i eth0 ! -s $LAN_RANGE -m state --state NEW -m
recent --update --seconds 1 --hitcount 75
-j REJECT --reject-with tcp-reset
$IPTABLES -I INPUT -p tcp -i eth0 ! -s $LAN_RANGE -m state --state NEW -m
recent --update --seconds 1 --hitcount 75
-m limit --limit 60/h -j LOG --log-prefix "Rate-Control: "
As long as that does not break other iptables based protections it's a
good enough solution. I presume you did audit the iptables setup for that
possibility.
yes it is fine because it only affects "recent" rules with
"name: DEFAULT" and they are all on top of other rules
there are two others rejecting every connection for two seconds
after trying any port before interesting ones or typically
not public services to make portscans as hard as possible
/sbin/iptables --list --numeric --verbose | grep -v LOG | grep recent
75 4800 REJECT tcp -- eth0 * !LAN 0.0.0.0/0
state NEW recent: UPDATE seconds:
1 hit_count: 75 name: DEFAULT side: source reject-with tcp-reset
64455 3866Ktcp -- eth0 * SECSAN 0.0.0.0/0
state NEW recent: REMOVE name:
DEFAULT side: source
157K 9125Ktcp -- eth0 * !LAN 0.0.0.0/0
state NEW recent: SET name:
DEFAULT side: source
0 0 REJECT tcp -- !lo* !LAN 0.0.0.0/0
recent: CHECK seconds: 2 name:
portscan1 side: source reject-with tcp-reset
0 0tcp -- !lo* !LAN 0.0.0.0/0
recent: REMOVE name: portscan1
side: source
0 0 REJECT tcp -- !lo* !LAN 0.0.0.0/0
multiport dports
19,24,52,79,109,142,442,464,548,586,631,992,994,3305 tcp recent: SET name:
portscan1 side: source reject-with tcp-reset
578 28816 REJECT tcp -- !lo* !LAN 0.0.0.0/0
recent: CHECK seconds: 2 name:
portscan2 side: source reject-with tcp-reset
25 1280tcp -- !lo* !LAN 0.0.0.0/0
recent: REMOVE name: portscan2
side: source
338 16864 REJECT tcp -- !lo* !LAN 0.0.0.0/0
multiport dports
23,137,138,139,445,3389,5900 tcp recent: SET name: portscan2 side: source
reject-with tcp-reset
(As an aside the scan company should learn to adapt as more and more
customers learn this trick and deploy it.)
i fear we are the first ones with such iptables rules and
good mod_security implementation (also had to whitelist)
they saw :-)
It feels REALLY good when you can stay on top of the other professionals,
right? Hopefully that also is keeping you ahead of the malicious creeps.
Congratulations.
{^_^}
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
