On 2020-02-21 14:19, Samuel Sieb wrote:
> On 2/20/20 9:42 PM, Ed Greshko wrote:
>> On 2020-02-21 13:39, Samuel Sieb wrote:
>>> On 2/20/20 11:46 AM, home user wrote:
(F-30; Gnome; stand-alone home workstation)
Sometime last year, I saw an article that talked about a tool that quickly
On 2/20/20 9:42 PM, Ed Greshko wrote:
On 2020-02-21 13:39, Samuel Sieb wrote:
On 2/20/20 11:46 AM, home user wrote:
(F-30; Gnome; stand-alone home workstation)
Sometime last year, I saw an article that talked about a tool that quickly and
easily shows attempts to hack in to a computer. I thi
On 2020-02-21 13:08, home user wrote:
> (on 02/20/2020 at 9:56pm mountain time, Ed said)
> > No need.
>
> I didn't see that until after I rebooted.
>
> -bash.1[~]: netstat -napt | grep -i listen
> tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 1246/dnsmasq
> tcp 0 0 0
On Thursday, February 20, 2020 10:44:16 PM MST Ed Greshko wrote:
> On 2020-02-21 13:34, Samuel Sieb wrote:
>
> > On 2/20/20 7:47 PM, Ed Greshko wrote:
> >
> >> Oh, never mind. Wrong system. The "default" rules for
> >> FedoraWorkstationso seem "odd".
>
> >
> >
> > Not really.
> >
> >
> >
> >> [
On 2020-02-21 13:34, Samuel Sieb wrote:
> On 2/20/20 7:47 PM, Ed Greshko wrote:
>> Oh, never mind. Wrong system. The "default" rules for FedoraWorkstationso
>> seem "odd".
>
> Not really.
>
>> [root@f31m ~]# firewall-cmd --info-zone=FedoraWorkstation
>> FedoraWorkstation
>> target: default
>>
On Thursday, February 20, 2020 10:39:06 PM MST Samuel Sieb wrote:
> On 2/20/20 11:46 AM, home user wrote:
>
> > (F-30; Gnome; stand-alone home workstation)
> >
> > Sometime last year, I saw an article that talked about a tool that
> > quickly and easily shows attempts to hack in to a computer.
On 2020-02-21 13:39, Samuel Sieb wrote:
> On 2/20/20 11:46 AM, home user wrote:
>> (F-30; Gnome; stand-alone home workstation)
>>
>> Sometime last year, I saw an article that talked about a tool that quickly
>> and easily shows attempts to hack in to a computer. I think it was either
>> in the F
On 2/20/20 11:46 AM, home user wrote:
(F-30; Gnome; stand-alone home workstation)
Sometime last year, I saw an article that talked about a tool that
quickly and easily shows attempts to hack in to a computer. I think it
was either in the Fedora magazine or Gnome's website. I've since made
m
On 2/20/20 7:47 PM, Ed Greshko wrote:
Oh, never mind. Wrong system. The "default" rules for FedoraWorkstationso seem
"odd".
Not really.
[root@f31m ~]# firewall-cmd --info-zone=FedoraWorkstation
FedoraWorkstation
target: default
icmp-block-inversion: no
interfaces:
sources:
s
(on 02/20/2020 at 9:56pm mountain time, Ed said)
> No need.
I didn't see that until after I rebooted.
-bash.1[~]: netstat -napt | grep -i listen
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN
1246/dnsmasq
tcp 0 0 0.0.0.0:631 0.0.0.0:* LISTEN
1078
On 2020-02-21 12:54, home user wrote:
> (on 02/20/2020 at 9:05pm mountain time, Ed said)
> > systemctl --now disable rpcbind
> > systemctl --now disable rpcbind.socket
>
> -bash.1[~]: systemctl --now disable rpcbind
> Removed /etc/systemd/system/multi-user.target.wants/rpcbind.service.
> Warning: S
(on 02/20/2020 at 9:05pm mountain time, Ed said)
> systemctl --now disable rpcbind
> systemctl --now disable rpcbind.socket
-bash.1[~]: systemctl --now disable rpcbind
Removed /etc/systemd/system/multi-user.target.wants/rpcbind.service.
Warning: Stopping rpcbind.service, but it can still be activ
(on 02/20/2020 9:16pm mountain time, John said)
> On your system, it'd be `eno1`.
reboot done. everything looks good so far. Thank-you, John.
Now back to Ed and rpcbind.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an e
(on 02/20/2020 9:16pm mountain time, John said)
> On your system, it'd be `eno1`.
ok. finishing...
-bash.21[~]: firewall-cmd --change-interface=eno1 --zone=public
success
-bash.22[~]:
I'll now reboot and see what happens.
drum roll please
___
user
(on 02/20/2020 at 9:03pm mountain time, Ed said)
> I don't know how you've gone about identifying "hack attempts".
I was looking at journalctl output for something else; I don't recall
what. It was years ago. I happened to notice many entries reporting
login attempts to root and other login na
On Thursday, February 20, 2020 9:14:24 PM MST home user wrote:
> (on 02/20/2020 8:17pm mountain time, John said)
>
>
> > (if using Gnome...)
> > Step 1: `sudo firewall-cmd --set-default-zone=public`
>
>
> -bash.16[~]: firewall-cmd --set-default-zone=public
> Warning: ZONE_ALREADY_SET: public
(on 02/20/2020 8:17pm mountain time, John said)
> (if using Gnome...)
> Step 1: `sudo firewall-cmd --set-default-zone=public`
-bash.16[~]: firewall-cmd --set-default-zone=public
Warning: ZONE_ALREADY_SET: public
success
-bash.17[~]
> After this, you'll want to get the name of the primary interf
On 2020-02-21 12:02, home user wrote:
> (on 02/20/2020 at 8:16pm mountain time, Ed said)
> > ...
> > (port 111 and rpcbind)
> > As time permits I'd check
> > systemctl status rpcbind
> > and
> > systemctl status rpcbind.socket
>
> -bash.13[~]: systemctl status rpcbind
> ● rpcbind.service - RPC Bind
On 2020-02-21 11:53, home user wrote:
> (on 02/20/2020 at 7:34pm mountain time, Frank said)
> > Another suggestion, get Wireshark for sniffing traffic,
> > run a sniffer trace as you are using the machine. You'll
> > want to capture any IP (layer 3) traffic leaving or
> > entering your machine (may
(on 02/20/2020 at 8:16pm mountain time, Ed said)
> ...
> (port 111 and rpcbind)
> As time permits I'd check
> systemctl status rpcbind
> and
> systemctl status rpcbind.socket
-bash.13[~]: systemctl status rpcbind
● rpcbind.service - RPC Bind
Loaded: loaded (/usr/lib/systemd/system/rpcbind.serv
(on 02/20/2020 at 7:34pm mountain time, Frank said)
> Another suggestion, get Wireshark for sniffing traffic,
> run a sniffer trace as you are using the machine. You'll
> want to capture any IP (layer 3) traffic leaving or
> entering your machine (may want to setup filters to reduce
> capture size
On 2020-02-21 11:25, Ed Greshko wrote:
> On 2020-02-21 11:17, John M. Harris Jr wrote:
>> This exact scenario is why I don't believe the GNOME Spin should have ever
>> been allowed to effectively disable the firewall with their absurd
>> FedoraWorkstation firewall zone.
> What do you find absurd
On 2020-02-21 11:17, John M. Harris Jr wrote:
> This exact scenario is why I don't believe the GNOME Spin should have ever
> been allowed to effectively disable the firewall with their absurd
> FedoraWorkstation firewall zone.
What do you find absurd about the FedoraWorkstation zone?
[root@f31g
On Thursday, February 20, 2020 8:06:56 PM MST John M. Harris Jr wrote:
> On Thursday, February 20, 2020 1:21:08 PM MST home user wrote:
>
> > (on 02/20/2020 1:11pm mountain time, Jack said)
> >
> >
> > > router logs help me...
> >
> >
> > My system is isp -> modem -> workstation. No router a
On 2020-02-21 10:43, home user wrote:
> (on 02/20/2020 at 3:59pm mountain time, Ed said)
> > sudo netstat -napt | grep -i listen
> I did it twice, the extra time to get the column headers. Splicing the two
> together...
>
> Active Internet connections (servers and established)
> Proto Recv-Q Send
On Thursday, February 20, 2020 1:21:08 PM MST home user wrote:
> (on 02/20/2020 1:11pm mountain time, Jack said)
>
> > router logs help me...
>
> My system is isp -> modem -> workstation. No router at this time.
Are you running "GNOME Workstation" on that system? If so, I would recommend
chan
(on 02/20/2020 at 7:54pm mountain time, Frank said)
> Looks fine, CUPSD, is listening on both ipv4 and ipv6.
> There does not seem to be anything out of the ordinary.
> If not already done so, install and configure a firewall.
> You can do 'systemctl status firewalld' to see if firewall is enabled
(on 02/20/2020 at 6:14pm mountain time, George said)
> "Not yet been activated" sounds like someone stole the mail
> and tried to use your new card (new 3-digit code and new expiry date).
Possible, but rather unlikely. The mailbox requires a key to open. It's
also possible that data going from t
Looks fine, CUPSD, is listening on both ipv4 and ipv6. There does not
seem to be anything out of the ordinary. If not already done so,
install and configure a firewall.
You can do 'systemctl status firewalld' to see if firewall is enabled
On Thu, Feb 20, 2020 at 9:44 PM home user wrote:
>
> (on
(on 02/20/2020 at 3:59pm mountain time, Ed said)
> sudo netstat -napt | grep -i listen
I did it twice, the extra time to get the column headers. Splicing the
two together...
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
Another suggestion, get Wireshark for sniffing traffic, run a sniffer
trace as you are using the machine. You'll want to capture any IP
(layer 3) traffic leaving or entering your machine (may want to setup
filters to reduce capture size). This may be a way to start your
analysis.
Disable any servi
On Fri, 21 Feb 2020 at 01:16, Tom Horsley wrote:
> On Fri, 21 Feb 2020 00:55:00 +
> Anthony F McInerney wrote:
>
> > I guess at this point
> > uname -a
> > systemctl --version
> > cat /proc/cmdline
> > Would be interesting. (Apologies if you posted this or attached it to the
> > bug report -
On Thu, 20 Feb 2020 at 18:50, home user wrote:
> (on 02/20/2020 at 2:10pm mountain time, Ed said)
>
> > Do you have a fixed IP or dynamic IP?
>
> I believe it's fixed, provided by the ISP (comcast).
>
> > What services do you run on your system? It helps to know what area
> you're concerned wi
On Fri, 21 Feb 2020 00:55:00 +
Anthony F McInerney wrote:
> I guess at this point
> uname -a
> systemctl --version
> cat /proc/cmdline
> Would be interesting. (Apologies if you posted this or attached it to the
> bug report - i don't appear to see anything for these)
Not sure why it would be
On Thu, 20 Feb 2020 at 23:27, Tom Horsley wrote:
> On Thu, 20 Feb 2020 23:06:41 +
> Anthony F McInerney wrote:
>
> > > Just a shot in the dark, do you have selinux enabled?
>
> Selinux is completely disabled. Maybe it is mad because I don't have
> it turned on :-).
>
I guess at this point
un
On 2020-02-21 07:50, home user wrote:
> (on 02/20/2020 at 3:59pm mountain time, Ed said)
>
> > Examples of a service are
> > ...
> If these are running on my workstation, it must be by default. I did not
> start them. How do I check?
sudo netstat -napt | grep -i listen
--
The key to getting
(on 02/20/2020 at 3:59pm mountain time, Ed said)
> Examples of a service are
> ...
If these are running on my workstation, it must be by default. I did
not start them. How do I check?
> > No one is authorized to connect in from outside; I myself do not
try to do so.
> I don't know what tha
On Thu, 20 Feb 2020 23:06:41 +
Anthony F McInerney wrote:
> > Just a shot in the dark, do you have selinux enabled?
Selinux is completely disabled. Maybe it is mad because I don't have
it turned on :-).
___
users mailing list -- users@lists.fedor
(on 02/20/2020 1:49pm mountain time, Frank said)
> If you are thinking of brute-force attacks on open ports,
> have a look at "fail2ban" - would use logs on your workstation
> and your firewall setup to block attempts.
I looked at it, downloaded it, looked at the man pages, and tried it.
At th
On Sun, 16 Feb 2020 at 18:41, Tom Horsley wrote:
> An infection seems to be spreading in systemd. First
> I saw dhcpd taking forever to shut down:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1768604
>
> Now I just saw the exact same thing with the apache
> httpd service.
>
> I found the syste
On 2020-02-21 06:49, home user wrote:
> (on 02/20/2020 at 2:10pm mountain time, Ed said)
>
> > Do you have a fixed IP or dynamic IP?
>
> I believe it's fixed, provided by the ISP (comcast).
>
> > What services do you run on your system? It helps to know what area you're
> > concerned with.
>
> *
(on 02/20/2020 at 2:10pm mountain time, Ed said)
> Do you have a fixed IP or dynamic IP?
I believe it's fixed, provided by the ISP (comcast).
> What services do you run on your system? It helps to know what area
you're concerned with.
* Firefox, Thunderbird, Tor (rarely), dnf, zoom (for mee
On 2020-02-21 04:21, home user wrote:
> (on 02/20/2020 1:11pm mountain time, Jack said)
> > router logs help me...
> My system is isp -> modem -> workstation. No router at this time.
Do you have a fixed IP or dynamic IP?
What services do you run on your system? It helps to know what area you're
If you are thinking of brute-force attacks on open ports, have a look
at "fail2ban" - would use logs on your workstation and your firewall
setup to block attempts.
Are there specific applications/services you are concerned about? If
you are thinking about SSHD, consider use of ssh-keygen for user/
(on 02/20/2020 1:11pm mountain time, Jack said)
> router logs help me...
My system is isp -> modem -> workstation. No router at this time.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedorapr
router logs help me...
On Thu, Feb 20, 2020 at 11:47 AM home user wrote:
> (F-30; Gnome; stand-alone home workstation)
>
> Sometime last year, I saw an article that talked about a tool that
> quickly and easily shows attempts to hack in to a computer. I think it
> was either in the Fedora magaz
On Tue, Feb 18, 2020 at 8:29 PM stan via users
wrote:
> On Mon, 17 Feb 2020 11:39:25 +0100
> Tom H wrote:
>> On Sun, Feb 16, 2020 at 10:25 PM stan via users
>> wrote:
>>>
>>> defaults to 1 minute 30 seconds. I'm sure it is in the documentation
>>> where this timer is configured, but I never got
On 2/20/20 10:18 AM, François Patte wrote:
Oh! Yes Of course and with the nice prolixity that systemd log gives to
trace my problem:
journalctl -u systemd-suspend.service
févr. 20 14:35:42 berrichon systemd[1]: Starting Suspend...
févr. 20 14:35:42 berrichon systemd-sleep[21890]: Suspending sys
(F-30; Gnome; stand-alone home workstation)
Sometime last year, I saw an article that talked about a tool that
quickly and easily shows attempts to hack in to a computer. I think it
was either in the Fedora magazine or Gnome's website. I've since made
multiple attempts to find that article,
Le 20/02/2020 à 19:08, Samuel Sieb a écrit :
> On 2/20/20 3:00 AM, François Patte wrote:
>> Once upon a time, I could find some information the pm-suspend.log file.
>> Today, I cannot find this file! Is there no more log file for pm-suspend
>> or did I miss how to activate this file?
>
> Almost ev
On 2/20/20 3:00 AM, François Patte wrote:
Once upon a time, I could find some information the pm-suspend.log file.
Today, I cannot find this file! Is there no more log file for pm-suspend
or did I miss how to activate this file?
Almost everything goes into the journal now. Use "journalctl -b"
2020-02-20 12:00 GMT+01:00, François Patte
:
> Bonjour,
>
> When I suspend my computer, it suspends for a few seconds, then
> resumes So it is impossible to suspend!
>
> Once upon a time, I could find some information the pm-suspend.log file.
> Today, I cannot find this file! Is there no more l
Bonjour,
When I suspend my computer, it suspends for a few seconds, then
resumes So it is impossible to suspend!
Once upon a time, I could find some information the pm-suspend.log file.
Today, I cannot find this file! Is there no more log file for pm-suspend
or did I miss how to activate this
53 matches
Mail list logo