On Thu, 24 Oct 2002, myfriend.is.not.my.enemies.org wrote:
>
> How about do some testing on it using slapper exploit(I mean for mirror that
> running Red Hat).
> p/s: Sorry for my bad idea and I also not blaming Red Hat.
> Andrew Kenna <[EMAIL PROTECTED]> wrote:Thats my thoughts too, but obvious
"Andrew Kenna" <[EMAIL PROTECTED]> wrote:
> sorry about the spelling of your name , typo
>
> Yeah I was reading about that in [EMAIL PROTECTED], hopefully you get it
> fixed soon because it sounds like nagoya could be a real asset once the
> network card is sorted out.
Well, the plan is not to u
On Thu, 24 Oct 2002, Andrew Kenna wrote:
> People, please follow the steps outlines on http://httpd.apache.org/
> The following are mirrors that are no longer valid, meaning 1 of the following
>
> 1) They are un-reachable
> 2) They do not contain the latest version of apache
> 3) They are runnin
Just put a mirror.info file on your root of the mirror with some
relative info ?
-Original Message-
From: Aaron Bannert [mailto:[EMAIL PROTECTED]
Sent: Friday, October 25, 2002 06:04
To: [EMAIL PROTECTED]
Subject: Re: Mirror Update time
On Thu, Oct 24, 2002 at 08:22:43PM -0400, Haesu wro
On Fri, Oct 25, 2002 at 02:18:16PM +1000, Andrew Kenna wrote:
> What is curl i've never seen/heard of it before ?
http://curl.haxx.se/
-aaron
What is curl i've never seen/heard of it before ?
Andrew
-Original Message-
From: Aaron Bannert [mailto:[EMAIL PROTECTED]
Sent: Friday, 25 October 2002 2:13 PM
To: [EMAIL PROTECTED]
Subject: Re: Mirror Update time
On Fri, Oct 25, 2002 at 02:11:47PM +1000, Andrew Kenna wrote:
> That wo
On Fri, Oct 25, 2002 at 02:11:47PM +1000, Andrew Kenna wrote:
> That would be unreal, but I guess the question is could that be done without
> opening up any holes in apache's source code ?
How do you mean? I'm just thinking something like this:
for i in `cat mirror.hosts` ; do
ver=`curl -si
That would be unreal, but I guess the question is could that be done without
opening up any holes in apache's source code ?
Andrew
-Original Message-
From: Aaron Bannert [mailto:[EMAIL PROTECTED]
Sent: Friday, 25 October 2002 2:04 PM
To: [EMAIL PROTECTED]
Subject: Re: Mirror Update tim
On Thu, Oct 24, 2002 at 08:22:43PM -0400, Haesu wrote:
> Hello,
> I personally believe that everyone operating the mirror must run
> at least 1.3.26 or above.. I mean it would be better if all the mirrors
> are *totally secure* from any possibilities of exploits, rather than just
> cutting co
I'm not disagreeing with what you are saying Scott, but do you run any
additional modules with your apache server such as php, mod_perl etc.
If not it takes approx 10-15 minutes to re-compile a new installation of apache
to run on a new version. I think rather than relying on what pre-packaged
How about do some testing on it using slapper exploit(I mean for mirror that running Red Hat).
p/s: Sorry for my bad idea and I also not blaming Red Hat.
Andrew Kenna <[EMAIL PROTECTED]> wrote:
Thats my thoughts too, but obviously people being people all have their different opinions on things.I'm
> I'm just concentrating on the content of the mirrors now to
> make sure they are configured properly, and carry the latest
> versions. If each admin wants to rely on Redhat making their
> rpm's secure its their own network that will suffer if all
> holes aren't patched up.
If you really want
Thats something that i'm working on as another task. Once its finished i'll let
you know
Andrew
-Original Message-
From: Joshua Slive [mailto:[EMAIL PROTECTED]
Sent: Friday, 25 October 2002 10:44 AM
To: [EMAIL PROTECTED]
Subject: Re: [NAGOYA.APACHE.ORG] How's it done?
On Fri, 25 Oct
On Fri, 25 Oct 2002, Pier Fumagalli wrote:
> Since it looks like that other mirrors want to get a hold on the different
> subsites, those are the rsync commands I use to mirror the different stuff
> on Nagoya...
Well, people can mirror all they want, but we have no way to direct
traffic to these
sorry about the spelling of your name , typo
Yeah I was reading about that in [EMAIL PROTECTED], hopefully you get it fixed
soon because it sounds like nagoya could be a real asset once the network card
is sorted out.
Andrew
-Original Message-
From: Pier Fumagalli [mailto:[EMAIL PROTE
On 25/10/02 1:13, "Andrew Kenna" <[EMAIL PROTECTED]> wrote:
> Thanks piere, that should keep some of the mirrors happy that want to mirror
> the lot.
It's Pier! :-)
> Personally I don't have enough bandwidth to mirror down everything :-(
Well, AFAICS, neither do I since I found out yesterday th
Since it looks like that other mirrors want to get a hold on the different
subsites, those are the rsync commands I use to mirror the different stuff
on Nagoya...
Pier
APR.APACHE.ORG
> /usr/local/bin/rsync --recursive --times --links --compress --delete
> --delete-excluded --safe-links --ver
Thanks piere, that should keep some of the mirrors happy that want to mirror
the lot.
Personally I don't have enough bandwidth to mirror down everything :-(
Andrew
-Original Message-
From: Pier Fumagalli [mailto:[EMAIL PROTECTED]
Sent: Friday, 25 October 2002 10:10 AM
To: [EMAIL PROTEC
Since it looks like that other mirrors want to get a hold on the different
subsites, those are the rsync commands I use to mirror the different stuff
on Nagoya...
Pier
APR.APACHE.ORG
> /usr/local/bin/rsync --recursive --times --links --compress --delete
> --delete-excluded --safe-links --ver
Thats my thoughts too, but obviously people being people all have their
different opinions on things.
I'm just concentrating on the content of the mirrors now to make sure they are
configured properly, and carry the latest versions. If each admin wants to rely
on Redhat making their rpm's secur
Hello,
I personally believe that everyone operating the mirror must run
at least 1.3.26 or above.. I mean it would be better if all the mirrors
are *totally secure* from any possibilities of exploits, rather than just
cutting corners with redhat rpm updates that fix the problem w/o upgradin
21 matches
Mail list logo