Re: [CentOS-es] Opinion sobre performance de Red
Hola, 2011/5/8 troxlinux xserverli...@gmail.com: Hola lista , les quiero comentar algo que todavia no logro aceptar tengo una red de unos 400 usuarios desktop la mayoria con win , los servicios principales que ofresco son email , internet y uno que otro vpn , de un tiempo para aca algunos de mis compañeros de soporte técnico me comentan que la red esta lenta , pero la verdad todavía no les pregunto a que se refieren con lenta, ya que ellos creen que desde que se instalo una central ip avaya y se conectaron a la red unos 75 teléfonos ip comenzó eso , pero yo sigo sin creer esto puesto que los teléfonos ip no tienen acceso a internet puesto que solo estan por el momento locales y no remotos . algunas opiniones como puedo medir el trafico de la red , estoy intentándolo con cacti aunque mis switches no todos soportan snmp .. en espera de opiniones .. Puedes hacer una simple prueba con iperf entre dos máquinas, será una dato orientativo de tu ancho de banda. -- Oscar Osta Pueyo oostap.lis...@gmail.com _kiakli_ ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Opinion sobre performance de Red
Saludos a todos. Creo que si es probable que al agregar los telefonos exista una mayor carga sobre la red. Entiendo que es ethernet.y que por el metodo que ocupa para comunicarse (csma) http://es.wikipedia.org/wiki/CSMA/CD se genera un trafico nadamas en lo que estan escuchando o avisando cada interfaz., sin cosiderar lo que realmente esta trasmitiendo. De alguna forma, estas pasando de 400 a (400 + 75) interfases en tu red. No sería extraño alguna baja en el deempeño. Tambien puede ser algo de cableado. Recuerda que a veces el que veamos una maquina a travez de la red significa que todo este muy bien. Los paquetes se validan, si no llegan bien se reenvian, asi que sobre un cableado un poco mal, peor no tan malo como para que se pierda la comunicacion puede haber mucha retrasnsmicion, o sea vemos la maquina pero no sabemos a que costo o que tan eficientemente. Tambien estoy sobre entendiendo que esta todo sobre una sola red (no nos lo especificas). Se me hacen muchas 400 para una sola red, creo que seria conveniente divivir en subredes. Lo que yo haria es buscar que la probaran con un pentascaner a ver como anda. Saludos. R.Lara - Original Message - From: troxlinux xserverli...@gmail.com To: centos-es@centos.org Sent: Saturday, May 07, 2011 6:01 PM Subject: [CentOS-es] Opinion sobre performance de Red Hola lista , les quiero comentar algo que todavia no logro aceptar tengo una red de unos 400 usuarios desktop la mayoria con win , los servicios principales que ofresco son email , internet y uno que otro vpn , de un tiempo para aca algunos de mis compañeros de soporte técnico me comentan que la red esta lenta , pero la verdad todavía no les pregunto a que se refieren con lenta, ya que ellos creen que desde que se instalo una central ip avaya y se conectaron a la red unos 75 teléfonos ip comenzó eso , pero yo sigo sin creer esto puesto que los teléfonos ip no tienen acceso a internet puesto que solo estan por el momento locales y no remotos . algunas opiniones como puedo medir el trafico de la red , estoy intentándolo con cacti aunque mis switches no todos soportan snmp .. en espera de opiniones .. sldss -- rickygm http://gnuforever.homelinux.com ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] postfix @localhost.midominio.com (Azu Carlitox)
Debes de configurar el Squirrelmail en la sgte ruta: ./usr/share/squirrelmail/config/conf.pl Ahí defines que dominio debe de usar, defines el tuyo y listo, todo quedará OK, además puedes cambiar el logo, definir el nombre de tu empresa, pagina web, etc, así como también definir que estas usando SMTP pues por defecto vienen con sendmail por lo que las reglas que tengas definida en postfix no funcionaran si lo dejas puesto en sendmail, por ejemplo SMTP AUTH sería violado si dejas definido sendmail por SMTP. 1. postfix @localhost.midominio.com (Azu Carlitox) 2. Cambio de hora Chile - Buenas practicas (Soto de las Cuevas Manuel Alejandro) 3. Re: postfix @localhost.midominio.com (Mauricio Tapia) -- Message: 1 Date: Fri, 6 May 2011 16:47:33 -0300 From: Azu Carlitox elazucarli...@gmail.com Subject: [CentOS-es] postfix @localhost.midominio.com To: centos-es@centos.org Message-ID: banlktin4htyqfxdphvk6bgxuev3nnt6...@mail.gmail.com Content-Type: text/plain; charset=ISO-8859-1 Hola gente, me acabo de configurar un correo postfix sobre centos, puedo enviar y recibir mails sin problemas por pop. El problema es que cuando me conecto al webmail, y envio un mail este llega con remitente usua...@localhost.midominio.com, quisiera saber como hacer para cambiar que no me aparezca asi, cuando lo envio desde un cliente pop, el mismo llega con el remitente correcto. Gracias y Salu2 Carlitos -- Message: 2 Date: Fri, 6 May 2011 18:51:26 -0300 From: Soto de las Cuevas Manuel Alejandro mcs...@entel.cl Subject: [CentOS-es] Cambio de hora Chile - Buenas practicas To: centos-es@centos.org Message-ID: 9bc865d216fac442a3dc35169fdfacba0fa79...@ecedc05excbe8.entel.entelcorp.com Content-Type: text/plain; charset=iso-8859-1 Estimados Ya que se nos viene el cambio de hora seria bueno intercambiar buenas practicas Manuel La información contenida en esta transmisión (y sus documentos adjuntos), es confidencial y no puede ser usada o difundida por personas distintas a su(s) destinatario(s). El uso no autorizado por los representantes legales de ENTEL S.A., de la información contenida en esta transmisión puede ser sancionado criminalmente de conformidad con la ley chilena. Si ha recibido esta transmisión por error, por favor destrúyala y notifique al remitente. Atendido que no existe certidumbre que el presente mensaje no ha sido modificado como resultado de su transmisión por correo electrónico, o retrasmitido sin alteración alguna; Entel S.A. no será responsable del contenido del mismo ni puede entenderse como emanado de sus representantes legales o transmitido con la autorización previa de ellos. -- Message: 3 Date: Fri, 6 May 2011 21:42:20 -0400 From: Mauricio Tapia mj.tapi...@gmail.com Subject: Re: [CentOS-es] postfix @localhost.midominio.com To: centos-es@centos.org Message-ID: banlktikqwo-a+7goxxfdtfqi3e39h8f...@mail.gmail.com Content-Type: text/plain; charset=UTF-8 si estas usando sendmail debes revisar la configuracion el protocolo smtp puerto 25 es el que permite que puedas enviar y recibir correos en tu buzón el pop3 puerto 110, que los puedas rescatar/leer del buzón saludos El 6 de mayo de 2011 15:47, Azu Carlitox elazucarli...@gmail.com escribió: Hola gente, me acabo de configurar un correo postfix sobre centos, puedo enviar y recibir mails sin problemas por pop. El problema es que cuando me conecto al webmail, y envio un mail este llega con remitente usua...@localhost.midominio.com, quisiera saber como hacer para cambiar que no me aparezca asi, cuando lo envio desde un cliente pop, el mismo llega con el remitente correcto. Gracias y Salu2 Carlitos ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es Fin de Resumen de CentOS-es, Vol 53, Envío 6 -- Este mensaje ha sido analizado por MailScanner en busca de virus y otros contenidos peligrosos, y se considera que está limpio. For all your IT requirements visit: http://www.transtec.co.uk -- Este mensaje ha sido analizado por MailScanner en busca de virus y otros contenidos peligrosos, y se considera que está limpio. For all your IT requirements visit: http://www.transtec.co.uk -- Este mensaje le ha llegado mediante el servicio de correo electronico que ofrece Infomed para respaldar el cumplimiento de las misiones del Sistema Nacional de Salud. La persona que envia este correo asume el compromiso de usar el servicio a tales fines y cumplir con las regulaciones establecidas Infomed: http://www.sld.cu/
Re: [CentOS-es] Opinion sobre performance de Red
El día 8 de mayo de 2011 19:57, René Lara Alvarado ad...@probajio.com.mx escribió: Saludos a todos. Creo que si es probable que al agregar los telefonos exista una mayor carga sobre la red. Entiendo que es ethernet.y que por el metodo que ocupa para comunicarse (csma) http://es.wikipedia.org/wiki/CSMA/CD se genera un trafico nadamas en lo que estan escuchando o avisando cada interfaz., sin cosiderar lo que realmente esta trasmitiendo. De alguna forma, estas pasando de 400 a (400 + 75) interfases en tu red. No sería extraño alguna baja en el deempeño. Tambien puede ser algo de cableado. Recuerda que a veces el que veamos una maquina a travez de la red significa que todo este muy bien. Los paquetes se validan, si no llegan bien se reenvian, asi que sobre un cableado un poco mal, peor no tan malo como para que se pierda la comunicacion puede haber mucha retrasnsmicion, o sea vemos la maquina pero no sabemos a que costo o que tan eficientemente. Tambien estoy sobre entendiendo que esta todo sobre una sola red (no nos lo especificas). Se me hacen muchas 400 para una sola red, creo que seria conveniente divivir en subredes. Lo que yo haria es buscar que la probaran con un pentascaner a ver como anda. si la verdad si es una sola red o mejor dicho varias subredes dentro de los mismos switches no tengo segmentado nada ... vere con lo que habla Oscar , no tengo un pentsaner sldss -- rickygm http://gnuforever.homelinux.com ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS] How to add a HD to a LVM
Todd Cary wrote: I have connected a HD that was a prior system drive (Centos 4.8) and I am not sure of the command line procedures to find out if it is recognized (I believe it is since it present in the GUI), delete all data on it and finally add it to the LVM. I would like to use it as a backup data drive. Todd This is an excellent tutorial on LVM. http://tldp.org/HOWTO/LVM-HOWTO/ Are you planning to join it to an existing Volume Group and then create a LV on it for backup? My preference would be to keep things simple and to aid recovery in the future, maybe just format the disk ext3 for backup. Then it is easy to plug into another box for recovery. But, I'm just guessing how you plan to use it. Ken -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Finding wich files a writen to
Greetings, On Thu, May 5, 2011 at 2:21 PM, przemol...@poczta.fm wrote: On Wed, May 04, 2011 at 12:17:15PM -0400, Nicolas Ross wrote: Hi ! With iostat, I find that it's almost a write i/o problem. How can I find to which files the OS writes ? On OSX boxes, there is a utility called fs_usage that can reports any disk activity for a particular process or all processes. Is there any utility like this on Centos ? dunno if inotify et al helps your cause -- Regards, Rajagopal ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] KVM migration and time
Greetings, On Thu, May 5, 2011 at 10:19 PM, Adam Wead amsterda...@gmail.com wrote: Hi all, I have two Cent5.6 systems running KVM in a clustered configuration with Cent5.6 guests. Ntpd is running on both hosts and all guests. Not an expert on this matter. I would rather make one physical host sync against one external NTP and point all the other hosts to this system. YMMV -- Regards, Rajagopal ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] HP MicroServer
A bit OT, but I'm running CentOS-5.6 on this machine (in fact on two of them) and it seems to run perfectly - I've had no problems at all. Except that I'd like to add a second ethernet port, and am not sure where one can find a card that will fit this machine. As far as I can see, it requires a half-height PCIe card, which seems to be rather a rare animal. (There doesn't seem to be a standard for the backplate.) So I'm wondering if anyone has tried this? Incidentally, is there a forum anywhere for users of the MicroServer under Linux? (The machine is unbelievably cheap at the moment, due to a bizarre cashback offer from HP.) -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] EL 6 rollout strategies? (Scientific Linux)
On Sat, 7 May 2011, Ljubomir Ljubojevic wrote: in-place upgrade of C5 to C6 will be most likely impossible. To many changes of how thing work. In local testing built from the anaconda and related sources that will become CentOS 6, the offer to upgrade an existing install is made during a media based install. As I was not interested in upgrading a random drive pulled from my 'scratch pool', I did a wipe and fresh partition and install ;) Particularly difficult to me seems to be the 'ext4' conversion from lower numbered versions with an 'in place' upgrade -- Russ herrold ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HP MicroServer
On 05/08/11 6:53 AM, Timothy Murphy wrote: A bit OT, but I'm running CentOS-5.6 on this machine (in fact on two of them) and it seems to run perfectly - I've had no problems at all. Except that I'd like to add a second ethernet port, and am not sure where one can find a card that will fit this machine. As far as I can see, it requires a half-height PCIe card, which seems to be rather a rare animal. (There doesn't seem to be a standard for the backplate.) low profile is the buzzword, and there's lots of them. for example... http://www.intel.com/products/server/adapters/pro1000pt/pro1000pt-overview.htm or a dual port equivalent http://www.intel.com/products/server/adapters/pro1000pt-dualport/pro1000pt-dualport-overview.htm ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HP MicroServer
On Sun, May 8, 2011 at 9:53 AM, Timothy Murphy gayle...@eircom.net wrote: A bit OT, but I'm running CentOS-5.6 on this machine (in fact on two of them) and it seems to run perfectly - I've had no problems at all. Except that I'd like to add a second ethernet port, and am not sure where one can find a card that will fit this machine. As far as I can see, it requires a half-height PCIe card, which seems to be rather a rare animal. (There doesn't seem to be a standard for the backplate. A number of cards come with a changeable plate to make them half height. Below are links to Intel desktop and server cards. http://www.newegg.com/Product/Product.aspx?Item=N82E16833106033 http://www.newegg.com/Product/Product.aspx?Item=N82E16833106011 http://www.newegg.com/Product/Product.aspx?Item=N82E16833106035 Ryan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to add a HD to a LVM
On 5/8/2011 12:03 AM, Ken Smith wrote: Todd Cary wrote: I have connected a HD that was a prior system drive (Centos 4.8) and I am not sure of the command line procedures to find out if it is recognized (I believe it is since it present in the GUI), delete all data on it and finally add it to the LVM. I would like to use it as a backup data drive. Todd This is an excellent tutorial on LVM. http://tldp.org/HOWTO/LVM-HOWTO/ Are you planning to join it to an existing Volume Group and then create a LV on it for backup? My preference would be to keep things simple and to aid recovery in the future, maybe just format the disk ext3 for backup. Then it is easy to plug into another box for recovery. But, I'm just guessing how you plan to use it. Ken Ken - Thank you for your response. What you suggested is exactly what I would like to do: have an extra, stand alone, drive for backup. However, when I do fdisk -l I get the output below which has me concerned. As a Sunday afternoon user of Centos, I am not 100% sure of my interpretation - that is - the drive is already been joined as part of the LVM even though all I did was to plug it in as a slave. My installation of Centos 5.5 is new and I do not remember specifying LVM (though that is what I had with my 4.8 system). The /dev/hdc (250 GB) is the new system drive. The /dev/hdd is the old Centos 4.8 drive that I would like to have as an independent drive e.g. /dev/hda or whatever it needs to be. What I DO NOT want to happen is for me to accidentally mess up my new Centos 5.5 system :-)!! Questions: * Is it possible to remove /dev/hdd from the LVM - at least it appears to be part of it * Once removed, format it as EXT3 and mount it as /dev/hda (or /dev/hdd) For this I am swimming in unknown waters. Todd Disk /dev/hdc: 251.0 GB, 251000193024 bytes 255 heads, 63 sectors/track, 30515 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hdc1 * 1 13 104391 83 Linux /dev/hdc2 14 30515 245007315 8e Linux LVM Disk /dev/hdd: 163.9 GB, 163928604672 bytes 255 heads, 63 sectors/track, 19929 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hdd1 * 1 13 104391 83 Linux /dev/hdd2 14 19929 159975270 8e Linux LVM Disk /dev/sda: 81.9 GB, 81964302336 bytes 255 heads, 63 sectors/track, 9964 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 1996480035798+ 7 HPFS/NTFS -- Ariste Software Petaluma, CA 94952 http://www.aristesoftware.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to add a HD to a LVM
On 05/08/2011 09:37 AM, Todd Cary wrote: On 5/8/2011 12:03 AM, Ken Smith wrote: Todd Cary wrote: I have connected a HD that was a prior system drive (Centos 4.8) and I am not sure of the command line procedures to find out if it is recognized (I believe it is since it present in the GUI), delete all data on it and finally add it to the LVM. I would like to use it as a backup data drive. Todd This is an excellent tutorial on LVM. http://tldp.org/HOWTO/LVM-HOWTO/ Are you planning to join it to an existing Volume Group and then create a LV on it for backup? My preference would be to keep things simple and to aid recovery in the future, maybe just format the disk ext3 for backup. Then it is easy to plug into another box for recovery. But, I'm just guessing how you plan to use it. Ken Ken - Thank you for your response. What you suggested is exactly what I would like to do: have an extra, stand alone, drive for backup. However, when I do fdisk -l I get the output below which has me concerned. As a Sunday afternoon user of Centos, I am not 100% sure of my interpretation - that is - the drive is already been joined as part of the LVM even though all I did was to plug it in as a slave. My installation of Centos 5.5 is new and I do not remember specifying LVM (though that is what I had with my 4.8 system). The /dev/hdc (250 GB) is the new system drive. The /dev/hdd is the old Centos 4.8 drive that I would like to have as an independent drive e.g. /dev/hda or whatever it needs to be. What I DO NOT want to happen is for me to accidentally mess up my new Centos 5.5 system :-)!! Questions: * Is it possible to remove /dev/hdd from the LVM - at least it appears to be part of it * Once removed, format it as EXT3 and mount it as /dev/hda (or /dev/hdd) For this I am swimming in unknown waters. Todd Disk /dev/hdc: 251.0 GB, 251000193024 bytes 255 heads, 63 sectors/track, 30515 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hdc1 * 1 13 104391 83 Linux /dev/hdc2 14 30515 245007315 8e Linux LVM Disk /dev/hdd: 163.9 GB, 163928604672 bytes 255 heads, 63 sectors/track, 19929 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hdd1 * 1 13 104391 83 Linux /dev/hdd2 14 19929 159975270 8e Linux LVM Disk /dev/sda: 81.9 GB, 81964302336 bytes 255 heads, 63 sectors/track, 9964 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 1996480035798+ 7 HPFS/NTFS For working with LVM's, I've found that the system-config-lvm GUI tool is excellent. It's really great for when I want to reduce a logical volume, since it handles resizing both the file system and the volume group for you). It will display all of your drives/partitions and let you adjust them for what you describe. Please take a look at it and feel free to post any questions. Charlie P.S. I'm a Unix Admin, so I love the command line ... this is one of the few times where I recommend a GUI tool over typing the commands. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to add a HD to a LVM
On 5/8/2011 8:05 AM, Charlie Brune wrote: On 05/08/2011 09:37 AM, Todd Cary wrote: On 5/8/2011 12:03 AM, Ken Smith wrote: Todd Cary wrote: I have connected a HD that was a prior system drive (Centos 4.8) and I am not sure of the command line procedures to find out if it is recognized (I believe it is since it present in the GUI), delete all data on it and finally add it to the LVM. I would like to use it as a backup data drive. Todd This is an excellent tutorial on LVM. http://tldp.org/HOWTO/LVM-HOWTO/ Are you planning to join it to an existing Volume Group and then create a LV on it for backup? My preference would be to keep things simple and to aid recovery in the future, maybe just format the disk ext3 for backup. Then it is easy to plug into another box for recovery. But, I'm just guessing how you plan to use it. Ken Ken - Thank you for your response. What you suggested is exactly what I would like to do: have an extra, stand alone, drive for backup. However, when I do fdisk -l I get the output below which has me concerned. As a Sunday afternoon user of Centos, I am not 100% sure of my interpretation - that is - the drive is already been joined as part of the LVM even though all I did was to plug it in as a slave. My installation of Centos 5.5 is new and I do not remember specifying LVM (though that is what I had with my 4.8 system). The /dev/hdc (250 GB) is the new system drive. The /dev/hdd is the old Centos 4.8 drive that I would like to have as an independent drive e.g. /dev/hda or whatever it needs to be. What I DO NOT want to happen is for me to accidentally mess up my new Centos 5.5 system :-)!! Questions: * Is it possible to remove /dev/hdd from the LVM - at least it appears to be part of it * Once removed, format it as EXT3 and mount it as /dev/hda (or /dev/hdd) For this I am swimming in unknown waters. Todd Disk /dev/hdc: 251.0 GB, 251000193024 bytes 255 heads, 63 sectors/track, 30515 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hdc1 * 1 13 104391 83 Linux /dev/hdc2 14 30515 245007315 8e Linux LVM Disk /dev/hdd: 163.9 GB, 163928604672 bytes 255 heads, 63 sectors/track, 19929 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hdd1 * 1 13 104391 83 Linux /dev/hdd2 14 19929 159975270 8e Linux LVM Disk /dev/sda: 81.9 GB, 81964302336 bytes 255 heads, 63 sectors/track, 9964 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 1996480035798+ 7 HPFS/NTFS For working with LVM's, I've found that the system-config-lvm GUI tool is excellent. It's really great for when I want to reduce a logical volume, since it handles resizing both the file system and the volume group for you). It will display all of your drives/partitions and let you adjust them for what you describe. Please take a look at it and feel free to post any questions. Charlie P.S. I'm a Unix Admin, so I love the command line ... this is one of the few times where I recommend a GUI tool over typing the commands. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos I am off for a ten day trip, but when I return I'll take a look at it. Todd -- Ariste Software Petaluma, CA 94952 http://www.aristesoftware.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to add a HD to a LVM
On 5/8/2011 7:37 AM, Todd Cary wrote: On 5/8/2011 12:03 AM, Ken Smith wrote: Todd Cary wrote: I have connected a HD that was a prior system drive (Centos 4.8) and I am not sure of the command line procedures to find out if it is recognized (I believe it is since it present in the GUI), delete all data on it and finally add it to the LVM. I would like to use it as a backup data drive. Todd This is an excellent tutorial on LVM. http://tldp.org/HOWTO/LVM-HOWTO/ Are you planning to join it to an existing Volume Group and then create a LV on it for backup? My preference would be to keep things simple and to aid recovery in the future, maybe just format the disk ext3 for backup. Then it is easy to plug into another box for recovery. But, I'm just guessing how you plan to use it. Ken Ken - Thank you for your response. What you suggested is exactly what I would like to do: have an extra, stand alone, drive for backup. However, when I do fdisk -l I get the output below which has me concerned. As a Sunday afternoon user of Centos, I am not 100% sure of my interpretation - that is - the drive is already been joined as part of the LVM even though all I did was to plug it in as a slave. My installation of Centos 5.5 is new and I do not remember specifying LVM (though that is what I had with my 4.8 system). The /dev/hdc (250 GB) is the new system drive. The /dev/hdd is the old Centos 4.8 drive that I would like to have as an independent drive e.g. /dev/hda or whatever it needs to be. What I DO NOT want to happen is for me to accidentally mess up my new Centos 5.5 system :-)!! Questions: * Is it possible to remove /dev/hdd from the LVM - at least it appears to be part of it * Once removed, format it as EXT3 and mount it as /dev/hda (or /dev/hdd) For this I am swimming in unknown waters. Todd Disk /dev/hdc: 251.0 GB, 251000193024 bytes 255 heads, 63 sectors/track, 30515 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hdc1 * 1 13 104391 83 Linux /dev/hdc2 14 30515 245007315 8e Linux LVM Disk /dev/hdd: 163.9 GB, 163928604672 bytes 255 heads, 63 sectors/track, 19929 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hdd1 * 1 13 104391 83 Linux /dev/hdd2 14 19929 159975270 8e Linux LVM Disk /dev/sda: 81.9 GB, 81964302336 bytes 255 heads, 63 sectors/track, 9964 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 1996480035798+ 7 HPFS/NTFS Whether I use the lvm command line or the GUI, I am not sure if I am suppose to remove the logical first as in lvm lvremove LogVol01 Using the GUI, I get Logical volume LogVol01 contains swap filesystem. All data on it will be lost! Are you quite certain that you wish to remove logical volume LogVol01? -- Ariste Software Petaluma, CA 94952 http://www.aristesoftware.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to add a HD to a LVM
On Sun, May 08, 2011 at 09:21:56AM -0700, Todd Cary wrote: lvm lvremove LogVol01 Using the GUI, I get Logical volume LogVol01 contains swap filesystem. All data on it will be lost! Are you quite certain that you wish to remove logical volume LogVol01? If it's a swap partition, first turn off the swap swapoff /dev/VGwhaever/LogVol01 Then lvremove. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Xander: What's going on here? People are going all Felicity with their hair. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SSH using Keys, no password and SFTP?
HI All, I have setup (and it was so easy) using SSH with keys instead of password authentication. I want to turn password authentication off completely. What I dont understand is how SFTP would work them. I dont see any settings in my FTP clients to use SFTP without providing a password. If that is the case, that is fine since the FTP users have no real privileges except to their own web folders. That being said, is it possible to allow only Password authentication for a few users? and then require Key authorization for other users where password would not be accepted for them..perhaps, if they try to connect with password they get denied without being prompted for a password? -- Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH using Keys, no password and SFTP?
Jason slackmoehrle.li...@gmail.com wrote: I have setup (and it was so easy) using SSH with keys instead of password authentication. I want to turn password authentication off completely. What I dont understand is how SFTP would work them. I dont see any settings in my FTP clients to use SFTP without providing a password. Don't confuse sftp with ftp. They're two different protcols, albiet with similar purposes. If your users can log in with ssh using key pairs, then they can sftp and scp with them, too. ftp, otoh, does not understand ssh key pairs so if you turn off password auth there then regular users can't log in with that protocol at all. IMO though, the only kind of cleartext ftp that should be offered is anonymous ftp anyway. ssh/sftp/scp have been out there long enough that even windows users can use them now as long as you provide them (or poitn them to) a suitable client. Devin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH using Keys, no password and SFTP?
Devin Reade g...@gno.org wrote: Jason slackmoehrle.li...@gmail.com wrote: What I dont understand is how SFTP would work them. I dont see any settings in my FTP clients to use SFTP without providing a password. 'course, I may have jumped the gun on my comments. I'm also assuming a sane sftp client. Certainly the (standard/portable) OpenSSH sftp implementation doesn't need it. If your sftp client doesn't have any way to identify the key store, then it might not be able to handle it. (On UNIX/Mac, it may be implicit on where it finds the keys. I don't know about arbitrary Windows clients) Devin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Am I being to paranoid?
Hi All, I want to know thoughts on if I am being to paranoid/security conscious. CentOS 5.6, Apache, MySQL, running an Firewall in front of everything and obviously the built-in firewall on the box. I have ssh on a different port and starting to use Keys instead of password authentication. I host an intensive website and I am getting about 150 unique visitors per day. What I am seeing is LogWatch reporting a lot of 404's like: 404 Not Found //PHPMA/: 1 Time(s) //admin/myadmin/: 1 Time(s) //admin/phpmyadmin/: 1 Time(s) //adming/: 1 Time(s) //ascils/phpmyadmin/: 1 Time(s) //blog/wp-content/plugins/phpmyadmin/: 1 Time(s) //database/: 2 Time(s) //db/: 1 Time(s) //dba/: 1 Time(s) //dbadmin/: 2 Time(s) //html/phpMyAdmin/: 1 Time(s) //html/phpmyadmin/: 1 Time(s) //lamp/phpmyadmin/: 1 Time(s) //myadmin/: 1 Time(s) //mydatabase/: 1 Time(s) //mydb/: 1 Time(s) //myphp/: 1 Time(s) //mysql-admin/: 1 Time(s) //mysql/: 1 Time(s) //mysqladmin/: 2 Time(s) //mysqlmanager/: 1 Time(s) //phpMyAdmin-2.8.0.2/: 1 Time(s) //phpMyAdmin-2.8.1-rc1/: 1 Time(s) //phpMyAdmin-2.8.1/: 1 Time(s) //phpMyAdmin-2.8.2/: 1 Time(s) //phpMyAdmin/: 1 Time(s) //phpadm/: 2 Time(s) //phpma/: 1 Time(s) //phpmanager/: 1 Time(s) //phpmy/: 2 Time(s) //phpmyadmin/: 1 Time(s) //pma/: 1 Time(s) //pmaadmin/: 1 Time(s) //pmadmin/: 1 Time(s) //sql/: 1 Time(s) //sqladmin/: 2 Time(s) //sqldatabase/: 2 Time(s) //sqlmanager/: 1 Time(s) //sqlweb/: 1 Time(s) //typo3/phpmyadmin/: 1 Time(s) //webadmin/: 1 Time(s) //webdb/: 1 Time(s) //websql/: 1 Time(s) //wp-content/plugins/phpMyAdmin/: 1 Time(s) //wp-content/plugins/wp-phpmyadmin/: 1 Time(s) //xampp/phpmyadmin/: 1 Time(s) So I turned on Apache ReWrite and I created a file and I put in rules like: (just a small subset) RewriteCond %{REQUEST_URI} ^/php(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmy(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/phpma [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmyadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpgadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phppgadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmyadmin(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/php\-my\-admin [NC,OR] RewriteCond %{REQUEST_URI} ^/php\-myadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmy\-admin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmanager [NC,OR] RewriteCond %{REQUEST_URI} ^/player(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/plugins [NC,OR] RewriteCond %{REQUEST_URI} ^/pma [NC,OR] RewriteCond %{REQUEST_URI} ^/p/m/a [NC,OR] RewriteCond %{REQUEST_URI} ^/pmadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/pmaadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/scripts [NC,OR] RewriteCond %{REQUEST_URI} ^/sd(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/sql [NC,OR] RewriteCond %{REQUEST_URI} ^/sqladmin [NC,OR] and if one of these is hit I use a Rule of: RewriteRule .* http://%{REMOTE_ADDR}%{REQUEST_URI} [L,R=301,QSA] Everyday I look at the LogWatch E-Mail and I add one people are trying to hit and restart apache. This yields a few questions. 1. Am I being to paranoid by doing this? My logic is they dont belong here and I could get mad if someone walked up to my apartment and tried jiggling the door handle to see if it was unlocked. 2. I know I can simplify these rules. Wouldn't RewriteCond %{REQUEST_URI} ^/php(.*) [NC,OR] get most of the attempts for thinks like /php, /php-myadmin, /phpmyadmin-2.0.8.8, etc? 3. Is there a better way to right these rules? 4. Why does LogWatch show this to me as a 404 , when a rewrite rule is hit and they are re-directed back to themselves? My rules seem to be working, if I try and hit /scripts right now, it does what I expect. Can anyone shed some light for me on my thoughts/questions? -- Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH using Keys, no password and SFTP?
Hi Devin, My Fetch FTP software allows me to use SFTP, but it asks for a password. Maybe I need to leave it blank as a test and see if it uses my key against the server automatically. Maybe it does something behind the scenes I am not aware of. -- Jason On Sunday, May 8, 2011 at 10:41 AM, Devin Reade wrote: Jason slackmoehrle.li...@gmail.com wrote: I have setup (and it was so easy) using SSH with keys instead of password authentication. I want to turn password authentication off completely. What I dont understand is how SFTP would work them. I dont see any settings in my FTP clients to use SFTP without providing a password. Don't confuse sftp with ftp. They're two different protcols, albiet with similar purposes. If your users can log in with ssh using key pairs, then they can sftp and scp with them, too. ftp, otoh, does not understand ssh key pairs so if you turn off password auth there then regular users can't log in with that protocol at all. IMO though, the only kind of cleartext ftp that should be offered is anonymous ftp anyway. ssh/sftp/scp have been out there long enough that even windows users can use them now as long as you provide them (or poitn them to) a suitable client. Devin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] fail2ban and secure permissions
Hello, Has anyone got fail2ban working and blocking ssh spambot atempts? My ssh is logging with a facility of authpriv which syslogd sends to /var/log/secure. That file has 600 permissions owned and group of root. I want to make it where fail2ban can access the needed file, yet not make it insecure in the process. I was not wanting to change permissions last time I did that on a log file a cron daily report kept noting it. I'd appreciate any suggestions. Thanks. Dave. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HP MicroServer
John R Pierce wrote: Except that I'd like to add a second ethernet port, and am not sure where one can find a card that will fit this machine. As far as I can see, it requires a half-height PCIe card, which seems to be rather a rare animal. (There doesn't seem to be a standard for the backplate.) low profile is the buzzword, and there's lots of them. for example... http://www.intel.com/products/server/adapters/pro1000pt/pro1000pt- overview.htm Thanks for your response. But I don't think low profile is enough - the MicroServer needs half-height low profile, and I don't think from the pictures the ones you pointed to are half-height. (The backplate looks too high.) or a dual port equivalent http://www.intel.com/products/server/adapters/pro1000pt- dualport/pro1000pt-dualport-overview.htm For some reason the dual port NICs seem incredibly expensive - more expensive than the computer, in fact. -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Am I being to paranoid?
2011/5/8 Jason slackmoehrle.li...@gmail.com: Hi All, I want to know thoughts on if I am being to paranoid/security conscious. CentOS 5.6, Apache, MySQL, running an Firewall in front of everything and obviously the built-in firewall on the box. I have ssh on a different port and starting to use Keys instead of password authentication. I host an intensive website and I am getting about 150 unique visitors per day. What I am seeing is LogWatch reporting a lot of 404's like: 404 Not Found //PHPMA/: 1 Time(s) //admin/myadmin/: 1 Time(s) //admin/phpmyadmin/: 1 Time(s) //adming/: 1 Time(s) //ascils/phpmyadmin/: 1 Time(s) //blog/wp-content/plugins/phpmyadmin/: 1 Time(s) //database/: 2 Time(s) //db/: 1 Time(s) //dba/: 1 Time(s) //dbadmin/: 2 Time(s) //html/phpMyAdmin/: 1 Time(s) //html/phpmyadmin/: 1 Time(s) //lamp/phpmyadmin/: 1 Time(s) //myadmin/: 1 Time(s) //mydatabase/: 1 Time(s) //mydb/: 1 Time(s) //myphp/: 1 Time(s) //mysql-admin/: 1 Time(s) //mysql/: 1 Time(s) //mysqladmin/: 2 Time(s) //mysqlmanager/: 1 Time(s) //phpMyAdmin-2.8.0.2/: 1 Time(s) //phpMyAdmin-2.8.1-rc1/: 1 Time(s) //phpMyAdmin-2.8.1/: 1 Time(s) //phpMyAdmin-2.8.2/: 1 Time(s) //phpMyAdmin/: 1 Time(s) //phpadm/: 2 Time(s) //phpma/: 1 Time(s) //phpmanager/: 1 Time(s) //phpmy/: 2 Time(s) //phpmyadmin/: 1 Time(s) //pma/: 1 Time(s) //pmaadmin/: 1 Time(s) //pmadmin/: 1 Time(s) //sql/: 1 Time(s) //sqladmin/: 2 Time(s) //sqldatabase/: 2 Time(s) //sqlmanager/: 1 Time(s) //sqlweb/: 1 Time(s) //typo3/phpmyadmin/: 1 Time(s) //webadmin/: 1 Time(s) //webdb/: 1 Time(s) //websql/: 1 Time(s) //wp-content/plugins/phpMyAdmin/: 1 Time(s) //wp-content/plugins/wp-phpmyadmin/: 1 Time(s) //xampp/phpmyadmin/: 1 Time(s) So I turned on Apache ReWrite and I created a file and I put in rules like: (just a small subset) RewriteCond %{REQUEST_URI} ^/php(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmy(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/phpma [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmyadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpgadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phppgadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmyadmin(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/php\-my\-admin [NC,OR] RewriteCond %{REQUEST_URI} ^/php\-myadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmy\-admin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmanager [NC,OR] RewriteCond %{REQUEST_URI} ^/player(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/plugins [NC,OR] RewriteCond %{REQUEST_URI} ^/pma [NC,OR] RewriteCond %{REQUEST_URI} ^/p/m/a [NC,OR] RewriteCond %{REQUEST_URI} ^/pmadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/pmaadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/scripts [NC,OR] RewriteCond %{REQUEST_URI} ^/sd(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/sql [NC,OR] RewriteCond %{REQUEST_URI} ^/sqladmin [NC,OR] and if one of these is hit I use a Rule of: RewriteRule .* http://%{REMOTE_ADDR}%{REQUEST_URI} [L,R=301,QSA] Everyday I look at the LogWatch E-Mail and I add one people are trying to hit and restart apache. This yields a few questions. 1. Am I being to paranoid by doing this? My logic is they dont belong here and I could get mad if someone walked up to my apartment and tried jiggling the door handle to see if it was unlocked. 2. I know I can simplify these rules. Wouldn't RewriteCond %{REQUEST_URI} ^/php(.*) [NC,OR] get most of the attempts for thinks like /php, /php-myadmin, /phpmyadmin-2.0.8.8, etc? 3. Is there a better way to right these rules? 4. Why does LogWatch show this to me as a 404 , when a rewrite rule is hit and they are re-directed back to themselves? My rules seem to be working, if I try and hit /scripts right now, it does what I expect. Can anyone shed some light for me on my thoughts/questions? You should take a look at mod_security: http://www.modsecurity.org/ , if provides better ways to block hostile attacks and probes. -- Eero ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH using Keys, no password and SFTP?
Devin Reade wrote: Devin Reade g...@gno.org wrote: Jason slackmoehrle.li...@gmail.com wrote: What I dont understand is how SFTP would work them. I dont see any settings in my FTP clients to use SFTP without providing a password. 'course, I may have jumped the gun on my comments. I'm also assuming a sane sftp client. Certainly the (standard/portable) OpenSSH sftp implementation doesn't need it. If your sftp client doesn't have any way to identify the key store, then it might not be able to handle it. (On UNIX/Mac, it may be implicit on where it finds the keys. I don't know about arbitrary Windows clients) Devin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Winscp supports key pair, but you must convert them to Putty format. Ljubomir ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HP MicroServer
Am 08.05.2011 19:52, schrieb Timothy Murphy: John R Pierce wrote: Except that I'd like to add a second ethernet port, and am not sure where one can find a card that will fit this machine. As far as I can see, it requires a half-height PCIe card, which seems to be rather a rare animal. (There doesn't seem to be a standard for the backplate.) low profile is the buzzword, and there's lots of them. for example... http://www.intel.com/products/server/adapters/pro1000pt/pro1000pt- overview.htm Thanks for your response. But I don't think low profile is enough - the MicroServer needs half-height low profile, and I don't think from the pictures the ones you pointed to are half-height. (The backplate looks too high.) The add-on card article by HP is NC112T PCI-Express Gigabit-Serveradapter (503746-B21) connector: 1x RJ-45 chipset: Intel i82574L specials: Wake on LAN, low profile or a dual port equivalent http://www.intel.com/products/server/adapters/pro1000pt- dualport/pro1000pt-dualport-overview.htm For some reason the dual port NICs seem incredibly expensive - more expensive than the computer, in fact. Dual port NICs working are i.e. Intel Gigabit ET Server Adapter, 2x 1000Base-T, PCIe x4, low profile (E1G42ET) available for 120 Euro. Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HP MicroServer
Ryan Wagoner wrote: Except that I'd like to add a second ethernet port, and am not sure where one can find a card that will fit this machine. As far as I can see, it requires a half-height PCIe card, which seems to be rather a rare animal. (There doesn't seem to be a standard for the backplate. A number of cards come with a changeable plate to make them half height. Below are links to Intel desktop and server cards. http://www.newegg.com/Product/Product.aspx?Item=N82E16833106033 http://www.newegg.com/Product/Product.aspx?Item=N82E16833106011 http://www.newegg.com/Product/Product.aspx?Item=N82E16833106035 Thanks very much. I'll look at those (even though I am beyond the reach of newegg). I know some cards come with two plates, but I've yet to discover how one identifies them. -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] fail2ban and secure permissions
David Mehler wrote: Hello, Has anyone got fail2ban working and blocking ssh spambot atempts? My ssh is logging with a facility of authpriv which syslogd sends to /var/log/secure. That file has 600 permissions owned and group of root. I want to make it where fail2ban can access the needed file, yet not make it insecure in the process. I was not wanting to change permissions last time I did that on a log file a cron daily report kept noting it. I'd appreciate any suggestions. Thanks. Dave. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos If you fail to setup fail2ban, use denyhosts instead. I use it for 3-4 years. Ljubomir ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Building a Back Blaze style POD
Hi All, I am about to embark on a project that deals with allowing information archival, over time and seeing change over time as well. I can explain it a lot better, but I would certainly talk your ear off. I really don't have a lot of money to throw at the initial concept, but I have some. This device will host all of the operations for the first few months until I can afford to build a duplicate device. I already had a few parts of the idea done and ready to get live. I am contemplating building a BackBlaze Style POD. The goal of the device is to start acting as a place to have the crawls store information, massage it, get it into db's and then notify the user the task is done so they can start looking at the results. For reference here are a few links: http://blog.backblaze.com/2009/09/01/petabytes-on-a-budget-how-to-build-cheap-cloud-storage/ and http://cleanenergy.harvard.edu/index.php?ira=JabbatipoContenido=sidebarsidebar=science There is room for 45 drives in the case (technically a few more). 45 x 1tb 7200rpm drives is really cheap, about $60 each. 45 x 1.5tb 7200rpm drives are about $70 each. 45 x 2tb 7200rpm drives are about $120 each 45 x 3tb 7200rpm drives are about $180-$230 each (or more, some are almost $400) I have question before I commit to building one and I was hoping to get advice. 1. Can anyone recommend a mobo/processor setup that can hold lots of RAM? Like 24gb or 64gb or more? 2. Hardware RAID or Software RAID for this? 3. Would CentOS be a good choice? I have never used CentOS on a device so massive. Just ordinary servers, so to speak. I assume that it could handle so many drives, a large, expanding file system. 4. Someone recommended ZFS but I dont recall that being available on CentOS, but it is on FreeBSD which I have little experience with. 5. How would someone realistically back something like this up? Ultimately I know over time I need to distribute my architecture out and have a number of web-servers, balancing, etc but to get started I think this device with good backups might fit the bill. I can be way more detailed if it helps, I just didn't want to clutter with information that might not be relevant. -- Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] fail2ban and secure permissions
2011/5/8 David Mehler dave.meh...@gmail.com: Hello, Has anyone got fail2ban working and blocking ssh spambot atempts? My ssh is logging with a facility of authpriv which syslogd sends to /var/log/secure. That file has 600 permissions owned and group of root. I want to make it where fail2ban can access the needed file, yet not make it insecure in the process. I was not wanting to change permissions last time I did that on a log file a cron daily report kept noting it. I'd appreciate any suggestions. Well. fail2ban runs as root as it modified iptables rules? So, no need to modify file access? -- Eero ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HP MicroServer
Timothy Murphy wrote: John R Pierce wrote: Except that I'd like to add a second ethernet port, and am not sure where one can find a card that will fit this machine. As far as I can see, it requires a half-height PCIe card, which seems to be rather a rare animal. (There doesn't seem to be a standard for the backplate.) low profile is the buzzword, and there's lots of them. for example... http://www.intel.com/products/server/adapters/pro1000pt/pro1000pt- overview.htm Thanks for your response. But I don't think low profile is enough - the MicroServer needs half-height low profile, and I don't think from the pictures the ones you pointed to are half-height. (The backplate looks too high.) Sorry, I see now that the Intel Pro PT you point to does say: Optional low-profile bracket included for high-density, rack-mounted servers I'd been looking at the Pro CT, which may not have this. -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HP MicroServer
Alexander Dalloz wrote: Except that I'd like to add a second ethernet port, and am not sure where one can find a card that will fit this machine. As far as I can see, it requires a half-height PCIe card, which seems to be rather a rare animal. (There doesn't seem to be a standard for the backplate.) The add-on card article by HP is NC112T PCI-Express Gigabit-Serveradapter (503746-B21) connector: 1x RJ-45 chipset: Intel i82574L specials: Wake on LAN, low profile Thanks, I'll look for that. I did see HP recommended a card, probably this one, but again the picture seemed to show a full height backplate. -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Building a Back Blaze style POD
-Original Message- From: Jason Sent: Sunday, May 08, 2011 14:04 To: CentOS mailing list Subject: [CentOS] Building a Back Blaze style POD Hi All, I am about to embark on a project that deals with allowing information archival, over time and seeing change over time as well. I can explain it a lot better, but I would certainly talk your ear off. I really don't have a lot of money to throw at the initial concept, but I have some. This device will host all of the operations for the first few months until I can afford to build a duplicate device. I already had a few parts of the idea done and ready to get live. I am contemplating building a BackBlaze Style POD. The goal of the device is to start acting as a place to have the crawls store information, massage it, get it into db's and then notify the user the task is done so they can start looking at the results. For reference here are a few links: http://blog.backblaze.com/2009/09/01/petabytes-on-a-budget-how -to-build-cheap-cloud-storage/ and http://cleanenergy.harvard.edu/index.php?ira=JabbatipoConteni do=sidebarsidebar=science Distrubing, I was on the same pages a few hours ago. There is room for 45 drives in the case (technically a few more). 45 x 1tb 7200rpm drives is really cheap, about $60 each. 45 x 1.5tb 7200rpm drives are about $70 each. 45 x 2tb 7200rpm drives are about $120 each 45 x 3tb 7200rpm drives are about $180-$230 each (or more, some are almost $400) I have question before I commit to building one and I was hoping to get advice. 1. Can anyone recommend a mobo/processor setup that can hold lots of RAM? Like 24gb or 64gb or more? 2. Hardware RAID or Software RAID for this? Hardware to costly in $ Software to costly in CPU. Try for redundancy. 3. Would CentOS be a good choice? I have never used CentOS on a device so massive. Just ordinary servers, so to speak. I assume that it could handle so many drives, a large, expanding file system. Multiple file systems of GFS? 4. Someone recommended ZFS but I dont recall that being available on CentOS, but it is on FreeBSD which I have little experience with. 5. How would someone realistically back something like this up? You don't. You replicate it. We are looking at using it as an online cache of our backup media. Ultimately I know over time I need to distribute my architecture out and have a number of web-servers, balancing, etc but to get started I think this device with good backups might fit the bill. I can be way more detailed if it helps, I just didn't want to clutter with information that might not be relevant. -- Jason -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100- - +1 (443) 269-1555 x333Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Am I being to paranoid?
quick answer: even paranoids have enemies On Sun, 8 May 2011, Jason wrote: So I turned on Apache ReWrite and I created a file and I put in rules like: (just a small subset) RewriteCond %{REQUEST_URI} ^/php(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmy(.*) [NC,OR] .snip 2. I know I can simplify these rules. Wouldn't RewriteCond %{REQUEST_URI} ^/php(.*) [NC,OR] get most of the attempts for thinks like /php, /php-myadmin, /phpmyadmin-2.0.8.8, etc? 3. Is there a better way to right these rules? I wrote about my approch some time ago ... http://orcorc.blogspot.com/2010/06/reading-logs-part-3-run-your-updates.html Send them safely off your box, and back home -- Russ herrold ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Am I being to paranoid?
On 05/08/2011 10:46 AM, Jason wrote: 4. Why does LogWatch show this to me as a 404 , when a rewrite rule is hit and they are re-directed back to themselves? My rules seem to be working, if I try and hit /scripts right now, it does what I expect. [...] Because the remote loader is a robot, not a web browser. It is throwing stuff at the wall and seeing what sticks. It flat out doesn't care if you send back a redirect - it is just looking for a response that indicates a vulnerability and anything else is ignored by it. Redirects are largely ineffective in combating bots hunting for exploitable scripts and programs. You would be better off using something like Fail2Ban to dynamically update firewall rules against detected attackers. -- Benjamin Franz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Building a Back Blaze style POD
On Sun, May 8, 2011 at 8:03 PM, Jason slackmoehrle.li...@gmail.com wrote: Hi All, I am about to embark on a project that deals with allowing information archival, over time and seeing change over time as well. I can explain it a lot better, but I would certainly talk your ear off. I really don't have a lot of money to throw at the initial concept, but I have some. This device will host all of the operations for the first few months until I can afford to build a duplicate device. I already had a few parts of the idea done and ready to get live. I am contemplating building a BackBlaze Style POD. The goal of the device is to start acting as a place to have the crawls store information, massage it, get it into db's and then notify the user the task is done so they can start looking at the results. For reference here are a few links: http://blog.backblaze.com/2009/09/01/petabytes-on-a-budget-how-to-build-cheap-cloud-storage/ and http://cleanenergy.harvard.edu/index.php?ira=JabbatipoContenido=sidebarsidebar=science There is room for 45 drives in the case (technically a few more). 45 x 1tb 7200rpm drives is really cheap, about $60 each. 45 x 1.5tb 7200rpm drives are about $70 each. 45 x 2tb 7200rpm drives are about $120 each 45 x 3tb 7200rpm drives are about $180-$230 each (or more, some are almost $400) I have question before I commit to building one and I was hoping to get advice. 1. Can anyone recommend a mobo/processor setup that can hold lots of RAM? Like 24gb or 64gb or more? Any brand server motherboard will do. I prefer supermicro, but you can use Dell, HP, Intell, etc, etc. 2. Hardware RAID or Software RAID for this? Hardware RAID will be expensive on 45 drives. IF you can, split the 45 drives into a few smaller RAID arrays. To rebuild 1x large 45TB RAID array, with either hardware or software would probably take a week, or more, depending on which RAID type you use - i.e. RAID 5, or 6, or 10. I prefer RAID 10 since it's best for speed and the rebuilds are the quickest. But you loose half the space, i.e. 45TB drives will give you about 22TB space. 45x 2TB HDD's would give you about 44TB space though. 3. Would CentOS be a good choice? I have never used CentOS on a device so massive. Just ordinary servers, so to speak. I assume that it could handle so many drives, a large, expanding file system. Yes it would be fine. 4. Someone recommended ZFS but I dont recall that being available on CentOS, but it is on FreeBSD which I have little experience with. I would also prefer to use ZFS for this type of setup. use one 128GB SL type SSD drive as a cache drive to speed up things and 2x log drives to help with drive recovery. With ZFS you would be able to use one large RAID array if you have the log drives since it was recover from driver failure much better than other file systems. Although you can install ZFS as user-land tools, which will be slower than running it via the kernel. But, it would be better to use Solaris or FreeBSD for this - look @ Nexenta / FreeNAS / OpenIndia for this. 5. How would someone realistically back something like this up? To another one as large :) OR, more realistically, if you already have some backup servers, and the full 45TB isn't full of data yet, then simply backup what you have. By the sounds of it your project is still new so your data won't be that much. I would simply build a gluster / CLVM cluster of smaller cheaper servers - which basically allows you to add say 4TB / 8TB (depending on what chassis you use and how many drives it can take) at a time to the backup cluster, which will be cheaper than buying another one identical to this right now. Ultimately I know over time I need to distribute my architecture out and have a number of web-servers, balancing, etc but to get started I think this device with good backups might fit the bill. If this device will be used for web + mail + SQL, then you may probably look at using 4 quad core CPU's + 128GB RAM. With this many drives (or rather, this much data) you'll probably run out of RAM / CPU / Network resources before you run out of HDD space. With a device this big (in terms of storage) I would rather have 2 separate processing servers which just mounts LUN's from this POD (exported as NFS / iSCSI / FCoE / etc) and then have a few faster SAS / SSD drives for SQL / log processing. I can be way more detailed if it helps, I just didn't want to clutter with information that might not be relevant. -- Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HP MicroServer
On 05/08/11 6:53 AM, Timothy Murphy wrote: (The machine is unbelievably cheap at the moment, due to a bizarre cashback offer from HP.) where's this deal? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Am I being to paranoid?
Hi Russ, 3. Is there a better way to right these rules? I wrote about my approch some time ago ... http://orcorc.blogspot.com/2010/06/reading-logs-part-3-run-your-updates.html Send them safely off your box, and back home I read your article and It seems we are doing the same thing? Is there a benefit I dont understand to use your approach versus the one I am using already? Is it true that you can to (.*) to handle easier matching? Say phpmyadmin, phpadmin, php-myadmin Could I do something like: RewriteCond %{REQUEST_URI} ^/php(.*) [NC,OR] and that would handle all of them? -Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH using Keys, no password and SFTP?
So is it possible to require some users to use Password only and some to use Key only authentication? -Jason -- Jason On Sunday, May 8, 2011 at 10:58 AM, off...@plnet.rs wrote: Devin Reade wrote: Devin Reade g...@gno.org wrote: Jason slackmoehrle.li...@gmail.com wrote: What I dont understand is how SFTP would work them. I dont see any settings in my FTP clients to use SFTP without providing a password. 'course, I may have jumped the gun on my comments. I'm also assuming a sane sftp client. Certainly the (standard/portable) OpenSSH sftp implementation doesn't need it. If your sftp client doesn't have any way to identify the key store, then it might not be able to handle it. (On UNIX/Mac, it may be implicit on where it finds the keys. I don't know about arbitrary Windows clients) Devin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Winscp supports key pair, but you must convert them to Putty format. Ljubomir ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 Update?
On Wed, Apr 20, 2011 at 5:19 PM, John R. Dennison j...@gerdesas.com wrote: On Wed, Apr 20, 2011 at 01:34:54PM -0400, Tom H wrote: If CentOS had a communication policy, it could spare itself these types of articles... No. These types of articles will continue to appear whether there is a communications policy or not. However having someone actually posting updates once in a while _would_ be a good thing. And preferably someone that doesn't favor one avenue (forums) over another (this list). I'm cleaning up my inbox and found this reply (that I somehow missed earlier). I'm sorry about the lateness of the reply but felt that I should clarify a misunderstanding. By communication policy, I don't mean giving updates of the progress of an upcoming release (especially given Karanbir's explanation of the difficulty in estimating the completion point); I mean not telling people if you're unhappy, use another distribution or making similar types of comments and creating problems for themselves (like the negative article posted in this thread) and those who promote their distribution (I have two companies where I consult in which the IT managers have asked me to switch to Debian). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Building a Back Blaze style POD
Rudy, Do you have a recommendation of a motherboard? I am still reading the rest of your post. Thanks! -Jason -- Jason On Sunday, May 8, 2011 at 11:26 AM, Rudi Ahlers wrote: On Sun, May 8, 2011 at 8:03 PM, Jason slackmoehrle.li...@gmail.com wrote: Hi All, I am about to embark on a project that deals with allowing information archival, over time and seeing change over time as well. I can explain it a lot better, but I would certainly talk your ear off. I really don't have a lot of money to throw at the initial concept, but I have some. This device will host all of the operations for the first few months until I can afford to build a duplicate device. I already had a few parts of the idea done and ready to get live. I am contemplating building a BackBlaze Style POD. The goal of the device is to start acting as a place to have the crawls store information, massage it, get it into db's and then notify the user the task is done so they can start looking at the results. For reference here are a few links: http://blog.backblaze.com/2009/09/01/petabytes-on-a-budget-how-to-build-cheap-cloud-storage/ and http://cleanenergy.harvard.edu/index.php?ira=JabbatipoContenido=sidebarsidebar=science There is room for 45 drives in the case (technically a few more). 45 x 1tb 7200rpm drives is really cheap, about $60 each. 45 x 1.5tb 7200rpm drives are about $70 each. 45 x 2tb 7200rpm drives are about $120 each 45 x 3tb 7200rpm drives are about $180-$230 each (or more, some are almost $400) I have question before I commit to building one and I was hoping to get advice. 1. Can anyone recommend a mobo/processor setup that can hold lots of RAM? Like 24gb or 64gb or more? Any brand server motherboard will do. I prefer supermicro, but you can use Dell, HP, Intell, etc, etc. 2. Hardware RAID or Software RAID for this? Hardware RAID will be expensive on 45 drives. IF you can, split the 45 drives into a few smaller RAID arrays. To rebuild 1x large 45TB RAID array, with either hardware or software would probably take a week, or more, depending on which RAID type you use - i.e. RAID 5, or 6, or 10. I prefer RAID 10 since it's best for speed and the rebuilds are the quickest. But you loose half the space, i.e. 45TB drives will give you about 22TB space. 45x 2TB HDD's would give you about 44TB space though. 3. Would CentOS be a good choice? I have never used CentOS on a device so massive. Just ordinary servers, so to speak. I assume that it could handle so many drives, a large, expanding file system. Yes it would be fine. 4. Someone recommended ZFS but I dont recall that being available on CentOS, but it is on FreeBSD which I have little experience with. I would also prefer to use ZFS for this type of setup. use one 128GB SL type SSD drive as a cache drive to speed up things and 2x log drives to help with drive recovery. With ZFS you would be able to use one large RAID array if you have the log drives since it was recover from driver failure much better than other file systems. Although you can install ZFS as user-land tools, which will be slower than running it via the kernel. But, it would be better to use Solaris or FreeBSD for this - look @ Nexenta / FreeNAS / OpenIndia for this. 5. How would someone realistically back something like this up? To another one as large :) OR, more realistically, if you already have some backup servers, and the full 45TB isn't full of data yet, then simply backup what you have. By the sounds of it your project is still new so your data won't be that much. I would simply build a gluster / CLVM cluster of smaller cheaper servers - which basically allows you to add say 4TB / 8TB (depending on what chassis you use and how many drives it can take) at a time to the backup cluster, which will be cheaper than buying another one identical to this right now. Ultimately I know over time I need to distribute my architecture out and have a number of web-servers, balancing, etc but to get started I think this device with good backups might fit the bill. If this device will be used for web + mail + SQL, then you may probably look at using 4 quad core CPU's + 128GB RAM. With this many drives (or rather, this much data) you'll probably run out of RAM / CPU / Network resources before you run out of HDD space. With a device this big (in terms of storage) I would rather have 2 separate processing servers which just mounts LUN's from this POD (exported as NFS / iSCSI / FCoE / etc) and then have a few faster SAS / SSD drives for SQL / log processing. I can be way more detailed if it helps, I just didn't want to clutter with information that might not be relevant. -- Jason ___ CentOS mailing list
Re: [CentOS] Am I being to paranoid?
At Sun, 8 May 2011 10:46:17 -0700 CentOS mailing list centos@centos.org wrote: Hi All, I want to know thoughts on if I am being to paranoid/security conscious. CentOS 5.6, Apache, MySQL, running an Firewall in front of everything and obviously the built-in firewall on the box. I have ssh on a different port and starting to use Keys instead of password authentication. I host an intensive website and I am getting about 150 unique visitors per day. What I am seeing is LogWatch reporting a lot of 404's like: 404 Not Found //PHPMA/: 1 Time(s) //admin/myadmin/: 1 Time(s) //admin/phpmyadmin/: 1 Time(s) //adming/: 1 Time(s) //ascils/phpmyadmin/: 1 Time(s) //blog/wp-content/plugins/phpmyadmin/: 1 Time(s) //database/: 2 Time(s) //db/: 1 Time(s) //dba/: 1 Time(s) //dbadmin/: 2 Time(s) //html/phpMyAdmin/: 1 Time(s) //html/phpmyadmin/: 1 Time(s) //lamp/phpmyadmin/: 1 Time(s) //myadmin/: 1 Time(s) //mydatabase/: 1 Time(s) //mydb/: 1 Time(s) //myphp/: 1 Time(s) //mysql-admin/: 1 Time(s) //mysql/: 1 Time(s) //mysqladmin/: 2 Time(s) //mysqlmanager/: 1 Time(s) //phpMyAdmin-2.8.0.2/: 1 Time(s) //phpMyAdmin-2.8.1-rc1/: 1 Time(s) //phpMyAdmin-2.8.1/: 1 Time(s) //phpMyAdmin-2.8.2/: 1 Time(s) //phpMyAdmin/: 1 Time(s) //phpadm/: 2 Time(s) //phpma/: 1 Time(s) //phpmanager/: 1 Time(s) //phpmy/: 2 Time(s) //phpmyadmin/: 1 Time(s) //pma/: 1 Time(s) //pmaadmin/: 1 Time(s) //pmadmin/: 1 Time(s) //sql/: 1 Time(s) //sqladmin/: 2 Time(s) //sqldatabase/: 2 Time(s) //sqlmanager/: 1 Time(s) //sqlweb/: 1 Time(s) //typo3/phpmyadmin/: 1 Time(s) //webadmin/: 1 Time(s) //webdb/: 1 Time(s) //websql/: 1 Time(s) //wp-content/plugins/phpMyAdmin/: 1 Time(s) //wp-content/plugins/wp-phpmyadmin/: 1 Time(s) //xampp/phpmyadmin/: 1 Time(s) So I turned on Apache ReWrite and I created a file and I put in rules like: (just a small subset) RewriteCond %{REQUEST_URI} ^/php(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmy(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/phpma [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmyadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpgadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phppgadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmyadmin(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/php\-my\-admin [NC,OR] RewriteCond %{REQUEST_URI} ^/php\-myadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmy\-admin [NC,OR] RewriteCond %{REQUEST_URI} ^/phpmanager [NC,OR] RewriteCond %{REQUEST_URI} ^/player(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/plugins [NC,OR] RewriteCond %{REQUEST_URI} ^/pma [NC,OR] RewriteCond %{REQUEST_URI} ^/p/m/a [NC,OR] RewriteCond %{REQUEST_URI} ^/pmadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/pmaadmin [NC,OR] RewriteCond %{REQUEST_URI} ^/scripts [NC,OR] RewriteCond %{REQUEST_URI} ^/sd(.*) [NC,OR] RewriteCond %{REQUEST_URI} ^/sql [NC,OR] RewriteCond %{REQUEST_URI} ^/sqladmin [NC,OR] and if one of these is hit I use a Rule of: RewriteRule .* http://%{REMOTE_ADDR}%{REQUEST_URI} [L,R=301,QSA] Everyday I look at the LogWatch E-Mail and I add one people are trying to hit and restart apache. This yields a few questions. 1. Am I being to paranoid by doing this? My logic is they dont belong here and I could get mad if someone walked up to my apartment and tried jiggling the door handle to see if it was unlocked. Well, yes. There is a simplier way -- Apache does have an 'error page' handler, where you can customize your 404 page or how Apache responds to a 'page not found' error. Doing the redirect is not really going to solve anything anyway. Most (all?) of these accesses are from a program -- a kind of 'bad' robot, which is probably going to ignore the 301 status and come to the conclusion that these URIs are actually working and report success to its (human) master. That will open you up for more (automated) attacks and/or piss off the human hacker, who will just come up with more and nastier attacks or maybe just launch a dos attack for spite. You are better off just letting Apache handle these as 404. Imagine you have a storefront and people come by after hours and see the lights off and the closed sign -- people will go away and come back later. Imagine that the lights are on and there is no closed sign, and instead you have some poor clerk there answering the door telling people to go away. That is likely to cause more trouble, since people will just come back in 5-10 minutes and ask if the store is open now. Or worse, wait around until there is some indication that the store is open. 2. I know I can simplify these rules. Wouldn't RewriteCond %{REQUEST_URI} ^/php(.*) [NC,OR] get most of the attempts for thinks like /php, /php-myadmin, /phpmyadmin-2.0.8.8, etc? 3. Is there a better way to right these rules? 4. Why does LogWatch show this to me as a 404 , when a rewrite rule is hit and they are re-directed back to themselves? My rules seem to be working, if I
Re: [CentOS] Building a Back Blaze style POD
Hi Jason, http://blog.backblaze.com/2009/09/01/petabytes-on-a-budget-how -to-build-cheap-cloud-storage/ and http://cleanenergy.harvard.edu/index.php?ira=JabbatipoConteni do=sidebarsidebar=science Distrubing, I was on the same pages a few hours ago. The Internet is a small place! BackBlaze actually send me the Harvard link when I inquired. They also told me they are coming out with an updated article based upon new specs, etc. They are not sure when it will be available. 3. Would CentOS be a good choice? I have never used CentOS on a device so massive. Just ordinary servers, so to speak. I assume that it could handle so many drives, a large, expanding file system. Multiple file systems of GFS? I don't quite know if file systems like this are avail for CentOS? I dont see it when I install, at least IIRC. I will ned to research GFS more. -Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Building a Back Blaze style POD
On Sun, May 8, 2011 at 9:06 PM, Jason slackmoehrle.li...@gmail.com wrote: Rudy, Do you have a recommendation of a motherboard? Well, choose one here: http://www.supermicro.com/products/motherboard/matrix/ I don't have specific recommendations but we've had great success with all our SuperMicro servers, both with single dual CPU configurations, ranging from 4GB - 128GB RAM I am still reading the rest of your post. Thanks! -Jason -- Jason On Sunday, May 8, 2011 at 11:26 AM, Rudi Ahlers wrote: On Sun, May 8, 2011 at 8:03 PM, Jason slackmoehrle.li...@gmail.com wrote: Hi All, I am about to embark on a project that deals with allowing information archival, over time and seeing change over time as well. I can explain it a lot better, but I would certainly talk your ear off. I really don't have a lot of money to throw at the initial concept, but I have some. This device will host all of the operations for the first few months until I can afford to build a duplicate device. I already had a few parts of the idea done and ready to get live. I am contemplating building a BackBlaze Style POD. The goal of the device is to start acting as a place to have the crawls store information, massage it, get it into db's and then notify the user the task is done so they can start looking at the results. For reference here are a few links: http://blog.backblaze.com/2009/09/01/petabytes-on-a-budget-how-to-build-cheap-cloud-storage/ and http://cleanenergy.harvard.edu/index.php?ira=JabbatipoContenido=sidebarsidebar=science There is room for 45 drives in the case (technically a few more). 45 x 1tb 7200rpm drives is really cheap, about $60 each. 45 x 1.5tb 7200rpm drives are about $70 each. 45 x 2tb 7200rpm drives are about $120 each 45 x 3tb 7200rpm drives are about $180-$230 each (or more, some are almost $400) I have question before I commit to building one and I was hoping to get advice. 1. Can anyone recommend a mobo/processor setup that can hold lots of RAM? Like 24gb or 64gb or more? Any brand server motherboard will do. I prefer supermicro, but you can use Dell, HP, Intell, etc, etc. 2. Hardware RAID or Software RAID for this? Hardware RAID will be expensive on 45 drives. IF you can, split the 45 drives into a few smaller RAID arrays. To rebuild 1x large 45TB RAID array, with either hardware or software would probably take a week, or more, depending on which RAID type you use - i.e. RAID 5, or 6, or 10. I prefer RAID 10 since it's best for speed and the rebuilds are the quickest. But you loose half the space, i.e. 45TB drives will give you about 22TB space. 45x 2TB HDD's would give you about 44TB space though. 3. Would CentOS be a good choice? I have never used CentOS on a device so massive. Just ordinary servers, so to speak. I assume that it could handle so many drives, a large, expanding file system. Yes it would be fine. 4. Someone recommended ZFS but I dont recall that being available on CentOS, but it is on FreeBSD which I have little experience with. I would also prefer to use ZFS for this type of setup. use one 128GB SL type SSD drive as a cache drive to speed up things and 2x log drives to help with drive recovery. With ZFS you would be able to use one large RAID array if you have the log drives since it was recover from driver failure much better than other file systems. Although you can install ZFS as user-land tools, which will be slower than running it via the kernel. But, it would be better to use Solaris or FreeBSD for this - look @ Nexenta / FreeNAS / OpenIndia for this. 5. How would someone realistically back something like this up? To another one as large :) OR, more realistically, if you already have some backup servers, and the full 45TB isn't full of data yet, then simply backup what you have. By the sounds of it your project is still new so your data won't be that much. I would simply build a gluster / CLVM cluster of smaller cheaper servers - which basically allows you to add say 4TB / 8TB (depending on what chassis you use and how many drives it can take) at a time to the backup cluster, which will be cheaper than buying another one identical to this right now. Ultimately I know over time I need to distribute my architecture out and have a number of web-servers, balancing, etc but to get started I think this device with good backups might fit the bill. If this device will be used for web + mail + SQL, then you may probably look at using 4 quad core CPU's + 128GB RAM. With this many drives (or rather, this much data) you'll probably run out of RAM / CPU / Network resources before you run out of HDD space. With a device this big (in terms of storage) I would rather have 2 separate processing servers which just mounts LUN's from this POD (exported as NFS / iSCSI /
Re: [CentOS] Am I being to paranoid?
Robert, 1. Am I being to paranoid by doing this? My logic is they dont belong here and I could get mad if someone walked up to my apartment and tried jiggling the door handle to see if it was unlocked. Well, yes. There is a simplier way -- Apache does have an 'error page' handler, where you can customize your 404 page or how Apache responds to a 'page not found' error. Doing the redirect is not really going to solve anything anyway. Most (all?) of these accesses are from a program -- a kind of 'bad' robot, which is probably going to ignore the 301 status and come to the conclusion that these URIs are actually working and report success to its (human) master. That will open you up for more (automated) attacks and/or piss off the human hacker, who will just come up with more and nastier attacks or maybe just launch a dos attack for spite. You are better off just letting Apache handle these as 404. Imagine you have a storefront and people come by after hours and see the lights off and the closed sign -- people will go away and come back later. Imagine that the lights are on and there is no closed sign, and instead you have some poor clerk there answering the door telling people to go away. That is likely to cause more trouble, since people will just come back in 5-10 minutes and ask if the store is open now. Or worse, wait around until there is some indication that the store is open. This is a good analogy. It does open up more to stating: Damn'd if you do, damn'd if you dont. 4. Why does LogWatch show this to me as a 404 , when a rewrite rule is hit and they are re-directed back to themselves? My rules seem to be working, if I try and hit /scripts right now, it does what I expect. Question: are you using virtual hosts? If so, they the 'visitors' are either NOT sending HTTP 1.1 headers or not using the virtual host name. Yes, I am and I have a few domains on this box. Each virtual has an include to a file that stores my rewrite rules so I just maintain them in a single place. -Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Building a Back Blaze style POD
Thanks Rudi, that helps as you have good luck with all of them. I see they have some boards that go up to 192gb (but not DDR3), but some do 144gb as well. I just need to find out if the POD supports extended ATX and I see others have just used regular ATX boards. -- Jason On Sunday, May 8, 2011 at 12:12 PM, Rudi Ahlers wrote: On Sun, May 8, 2011 at 9:06 PM, Jason slackmoehrle.li...@gmail.com wrote: Rudy, Do you have a recommendation of a motherboard? Well, choose one here: http://www.supermicro.com/products/motherboard/matrix/ I don't have specific recommendations but we've had great success with all our SuperMicro servers, both with single dual CPU configurations, ranging from 4GB - 128GB RAM I am still reading the rest of your post. Thanks! -Jason -- Jason On Sunday, May 8, 2011 at 11:26 AM, Rudi Ahlers wrote: On Sun, May 8, 2011 at 8:03 PM, Jason slackmoehrle.li...@gmail.com wrote: Hi All, I am about to embark on a project that deals with allowing information archival, over time and seeing change over time as well. I can explain it a lot better, but I would certainly talk your ear off. I really don't have a lot of money to throw at the initial concept, but I have some. This device will host all of the operations for the first few months until I can afford to build a duplicate device. I already had a few parts of the idea done and ready to get live. I am contemplating building a BackBlaze Style POD. The goal of the device is to start acting as a place to have the crawls store information, massage it, get it into db's and then notify the user the task is done so they can start looking at the results. For reference here are a few links: http://blog.backblaze.com/2009/09/01/petabytes-on-a-budget-how-to-build-cheap-cloud-storage/ and http://cleanenergy.harvard.edu/index.php?ira=JabbatipoContenido=sidebarsidebar=science There is room for 45 drives in the case (technically a few more). 45 x 1tb 7200rpm drives is really cheap, about $60 each. 45 x 1.5tb 7200rpm drives are about $70 each. 45 x 2tb 7200rpm drives are about $120 each 45 x 3tb 7200rpm drives are about $180-$230 each (or more, some are almost $400) I have question before I commit to building one and I was hoping to get advice. 1. Can anyone recommend a mobo/processor setup that can hold lots of RAM? Like 24gb or 64gb or more? Any brand server motherboard will do. I prefer supermicro, but you can use Dell, HP, Intell, etc, etc. 2. Hardware RAID or Software RAID for this? Hardware RAID will be expensive on 45 drives. IF you can, split the 45 drives into a few smaller RAID arrays. To rebuild 1x large 45TB RAID array, with either hardware or software would probably take a week, or more, depending on which RAID type you use - i.e. RAID 5, or 6, or 10. I prefer RAID 10 since it's best for speed and the rebuilds are the quickest. But you loose half the space, i.e. 45TB drives will give you about 22TB space. 45x 2TB HDD's would give you about 44TB space though. 3. Would CentOS be a good choice? I have never used CentOS on a device so massive. Just ordinary servers, so to speak. I assume that it could handle so many drives, a large, expanding file system. Yes it would be fine. 4. Someone recommended ZFS but I dont recall that being available on CentOS, but it is on FreeBSD which I have little experience with. I would also prefer to use ZFS for this type of setup. use one 128GB SL type SSD drive as a cache drive to speed up things and 2x log drives to help with drive recovery. With ZFS you would be able to use one large RAID array if you have the log drives since it was recover from driver failure much better than other file systems. Although you can install ZFS as user-land tools, which will be slower than running it via the kernel. But, it would be better to use Solaris or FreeBSD for this - look @ Nexenta / FreeNAS / OpenIndia for this. 5. How would someone realistically back something like this up? To another one as large :) OR, more realistically, if you already have some backup servers, and the full 45TB isn't full of data yet, then simply backup what you have. By the sounds of it your project is still new so your data won't be that much. I would simply build a gluster / CLVM cluster of smaller cheaper servers - which basically allows you to add say 4TB / 8TB (depending on what chassis you use and how many drives it can take) at a time to the backup cluster, which will be cheaper than buying another one identical to this right now. Ultimately I know over time I need to distribute my architecture out
Re: [CentOS] Building a Back Blaze style POD
On 05/08/11 12:06 PM, Jason wrote: Rudy, Do you have a recommendation of a motherboard? I am still reading the rest of your post. Thanks! most any server board that supports dual intel xeon 5500/5600 will let you pretty easily add 24GB per CPU socket while using relatively affordable 4GB dimms. http://www.supermicro.com/products/motherboard/QPI/5500/X8DA6.cfm?SAS=N or whatever you might look at these chassis, which are, IMHO, better engineered than that backblaze thing http://www.supermicro.com/products/chassis/4U/847/SC847E16-R1400U.cfm this supports 36 SAS/SATA drives in a 4U (24 in front, 12 in back) and has SAS2 backplane multiplexers so you don't need nearly as many SAS/SATA cards ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH using Keys, no password and SFTP?
Jason wrote: So is it possible to require some users to use Password only and some to use Key only authentication? -Jason I am not sure. First auth ssh will try is key pair. if that does not work, it will ask for username and password. So if you leave password auth runnig and you use key pair, it will work. Take a look at ssh man page for the specifics. Ljubomir ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] fail2ban problem on shutdown
Another post on fail2ban reminded me of a problem I had in Italy, when the ADSL connection kept dropping, and only came back on re-booting. (I solved the problem in the end by getting a Billion modem/router in place of the no-name one supplied by Telecom Italia.) It seems that if there was no internet connection, fail2ban hung for an inordinate length of time, possibly for ever, when shutting down. I found I had to stop it separately, before shutting down or re-booting. -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Building a Back Blaze style POD
-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100- - +1 (443) 269-1555 x333Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of John R Pierce Sent: Sunday, May 08, 2011 15:24 To: centos@centos.org Subject: Re: [CentOS] Building a Back Blaze style POD On 05/08/11 12:06 PM, Jason wrote: Rudy, Do you have a recommendation of a motherboard? I am still reading the rest of your post. Thanks! most any server board that supports dual intel xeon 5500/5600 will let you pretty easily add 24GB per CPU socket while using relatively affordable 4GB dimms. http://www.supermicro.com/products/motherboard/QPI/5500/X8DA6. cfm?SAS=N or whatever you might look at these chassis, which are, IMHO, better engineered than that backblaze thing http://www.supermicro.com/products/chassis/4U/847/SC847E16-R1400U.cfm If you can use less drives, this would be more cost effective (time building time fixing) http://www.newegg.com/Product/Product.aspx?Item=N82E16811219038 [400$] And then if you wwant raid: http://www.newegg.com/Product/Product.aspx?Item=N82E16816118141 [1300$] or http://www.newegg.com/Product/Product.aspx?Item=N82E16816115095 [700$] this supports 36 SAS/SATA drives in a 4U (24 in front, 12 in back) and has SAS2 backplane multiplexers so you don't need nearly as many SAS/SATA cards ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Am I being to paranoid?
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Jason Sent: Sunday, May 08, 2011 15:02 To: CentOS mailing list Subject: Re: [CentOS] Am I being to paranoid? Hi Russ, 3. Is there a better way to right these rules? I wrote about my approch some time ago ... http://orcorc.blogspot.com/2010/06/reading-logs-part-3-run-your-update s.html Send them safely off your box, and back home I read your article and It seems we are doing the same thing? Is there a benefit I dont understand to use your approach versus the one I am using already? The point you missed was that he packaged the conf gile as a RPM and then added it to his local yum repo, so all his machines would get it durring the update cycle. Is it true that you can to (.*) to handle easier matching? Say phpmyadmin, phpadmin, php-myadmin Could I do something like: RewriteCond %{REQUEST_URI} ^/php(.*) [NC,OR] and that would handle all of them? -Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100- - +1 (443) 269-1555 x333Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Typing startx gives me a black scrren, have to reboot to get back to runlevel 3
On Sat, 7 May 2011, Phil Schaffner wrote: Gilbert Sebenste wrote on 05/07/2011 11:57 AM: ... I get a ton of stuff before this, but just info messages. Where should I start looking to fix this problem? I use the Redhat experimental kernels at http://epople.redhat.com/jwilson/el5/. Running CentOS 5.6, fully patched as of this morning with the gdb/OO updates. Not sure what the experimental kernels have to do with it, but you might try a standard kernel. See if this helps: http://wiki.centos.org/HowTos/ConfigureNewVideoCard If still having problems then see FAQ #23 at http://wiki.centos.org/FAQ/General I'll do that tomorrow and see how it goes. Thanks, Phil! I much appreciate the Wiki pointer, that's my first step. *** Gilbert Sebenste (My opinions only!) ** Staff Meteorologist, Northern Illinois University E-mail: seben...@weather.admin.niu.edu *** web: http://weather.admin.niu.edu ** *** ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Building a Back Blaze style POD
-Original Message- From: Jason Pyeron Sent: Sunday, May 08, 2011 16:04 To: 'CentOS mailing list' Subject: Re: [CentOS] Building a Back Blaze style POD -Original Message- From: John R Pierce Sent: Sunday, May 08, 2011 15:24 To: centos@centos.org Subject: Re: [CentOS] Building a Back Blaze style POD On 05/08/11 12:06 PM, Jason wrote: Rudy, Do you have a recommendation of a motherboard? I am still reading the rest of your post. Thanks! most any server board that supports dual intel xeon 5500/5600 will let you pretty easily add 24GB per CPU socket while using relatively affordable 4GB dimms. http://www.supermicro.com/products/motherboard/QPI/5500/X8DA6. cfm?SAS=N or whatever you might look at these chassis, which are, IMHO, better engineered than that backblaze thing http://www.supermicro.com/products/chassis/4U/847/SC847E16-R1400U.cfm And http://www.avsforum.com/avs-vb/showthread.php?t=1149005 If you can use less drives, this would be more cost effective (time building time fixing) http://www.newegg.com/Product/Product.aspx?Item=N82E16811219038 [400$] And then if you wwant raid: http://www.newegg.com/Product/Product.aspx?Item=N82E1681611814 1 [1300$] or http://www.newegg.com/Product/Product.aspx?Item=N82E16816115095 [700$] this supports 36 SAS/SATA drives in a 4U (24 in front, 12 in back) and has SAS2 backplane multiplexers so you don't need nearly as many SAS/SATA cards ps, I hate Outlook. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100- - +1 (443) 269-1555 x333Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH using Keys, no password and SFTP?
On Sun, May 8, 2011 at 12:29 PM, Ljubomir Ljubojevic off...@plnet.rswrote: Jason wrote: So is it possible to require some users to use Password only and some to use Key only authentication? -Jason I am not sure. First auth ssh will try is key pair. if that does not work, it will ask for username and password. So if you leave password auth runnig and you use key pair, it will work. Take a look at ssh man page for the specifics. Ljubomir Clients like filezilla can use SFTP keys held by ssh-agent. Filezilla on windows can use the ssh-agent provided by putty. Try just putting no password, the client may just work (with ssh-agent running) Brandon ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Am I being to paranoid?
My 2 cents : OSSEC is quite good at actively blocking attackers in situations like this. 2011/5/8 Jason Pyeron jpye...@pdinc.us -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Jason Sent: Sunday, May 08, 2011 15:02 To: CentOS mailing list Subject: Re: [CentOS] Am I being to paranoid? Hi Russ, 3. Is there a better way to right these rules? I wrote about my approch some time ago ... http://orcorc.blogspot.com/2010/06/reading-logs-part-3-run-your-update s.html Send them safely off your box, and back home I read your article and It seems we are doing the same thing? Is there a benefit I dont understand to use your approach versus the one I am using already? The point you missed was that he packaged the conf gile as a RPM and then added it to his local yum repo, so all his machines would get it durring the update cycle. Is it true that you can to (.*) to handle easier matching? Say phpmyadmin, phpadmin, php-myadmin Could I do something like: RewriteCond %{REQUEST_URI} ^/php(.*) [NC,OR] and that would handle all of them? -Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100- - +1 (443) 269-1555 x333Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Building a Back Blaze style POD
On 05/08/11 1:03 PM, Jason Pyeron wrote: If you can use less drives, this would be more cost effective (time building time fixing) http://www.newegg.com/Product/Product.aspx?Item=N82E16811219038 [400$] multiple reports online indicate that norco case is very flimsy and poorly made. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Building a Back Blaze style POD
On 05/08/11 1:11 PM, John R Pierce wrote: On 05/08/11 1:03 PM, Jason Pyeron wrote: If you can use less drives, this would be more cost effective (time building time fixing) http://www.newegg.com/Product/Product.aspx?Item=N82E16811219038 [400$] multiple reports online indicate that norco case is very flimsy and poorly made. ooops, hit send too fast. also, that Norco case appears to require a seperate SATA channel for each of the 24 drives while the supermicro case has SAS2 multiplexed backplanes that will let you put 24 SATA drives on a single 4 channel SAS port, or 24 dual ported SAS drives on 2 4 channel SAS ports (using MPIO)... these backplanes have SES controllers on them for power and hotswap management (the SES functionality is integrated into the LSI SAS multiplexor chip used). note that SAS supports N:M multiplexing where any one of the N controller channels can address any of the M devices plain SATA only supports 1:M simple expanders And, a significant problem in large drive arrays is mechanical resonance you get an array of 24 or whatever disks all being hammered at once in a RAID environment, and the mechanical vibrations can cause interactions which can increase the error rate, this is greatly compounded by a flimsy chassis. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Am I being to paranoid?
On Sun, May 08, 2011 at 08:57:23PM +0300, Eero Volotinen wrote: You should take a look at mod_security: http://www.modsecurity.org/ , if provides better ways to block hostile attacks and probes. Really? 99 lines of untrimmed material for a 2 line reply? John -- We are confronted with insurmountable opportunities. -- Walt Kelly (1913-1973), creator of the Pogo comic strip pgpX1jWqj8WDV.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HP MicroServer
On Sun, May 8, 2011 at 14:53, Timothy Murphy gayle...@eircom.net wrote: Except that I'd like to add a second ethernet port, and am not sure where one can find a card that will fit this machine. As far as I can see, it requires a half-height PCIe card, which seems to be rather a rare animal. (There doesn't seem to be a standard for the backplate.) So I'm wondering if anyone has tried this? Incidentally, is there a forum anywhere for users of the MicroServer under Linux? I ordered one directly from HP. Was ~£40. -- Kind Regards, Christopher J. Buckley ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HP MicroServer
On Sun, May 8, 2011 at 19:08, Timothy Murphy gayle...@eircom.net wrote: Thanks, I'll look for that. I did see HP recommended a card, probably this one, but again the picture seemed to show a full height backplate. It comes attached to the full height plate, but you simply remove that and replace it with the half-height plate it comes with. -- Kind Regards, Christopher J. Buckley ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to add a HD to a LVM
Todd Cary wrote: On 5/8/2011 7:37 AM, Todd Cary wrote: On 5/8/2011 12:03 AM, Ken Smith wrote: Todd Cary wrote: I have connected a HD that was a prior system drive (Centos 4.8) and I am not sure of the command line procedures to find out if it is recognized (I believe it is since it present in the GUI), delete all data on it and finally add it to the LVM. I would like to use it as a backup data drive. Todd This is an excellent tutorial on LVM. http://tldp.org/HOWTO/LVM-HOWTO/ Are you planning to join it to an existing Volume Group and then create a LV on it for backup? My preference would be to keep things simple and to aid recovery in the future, maybe just format the disk ext3 for backup. Then it is easy to plug into another box for recovery. But, I'm just guessing how you plan to use it. Ken Ken - Thank you for your response. What you suggested is exactly what I would like to do: have an extra, stand alone, drive for backup. However, when I do fdisk -l I get the output below which has me concerned. As a Sunday afternoon user of Centos, I am not 100% sure of my interpretation - that is - the drive is already been joined as part of the LVM even though all I did was to plug it in as a slave. My installation of Centos 5.5 is new and I do not remember specifying LVM (though that is what I had with my 4.8 system). The /dev/hdc (250 GB) is the new system drive. The /dev/hdd is the old Centos 4.8 drive that I would like to have as an independent drive e.g. /dev/hda or whatever it needs to be. What I DO NOT want to happen is for me to accidentally mess up my new Centos 5.5 system :-)!! Questions: * Is it possible to remove /dev/hdd from the LVM - at least it appears to be part of it * Once removed, format it as EXT3 and mount it as /dev/hda (or /dev/hdd) For this I am swimming in unknown waters. Todd Disk /dev/hdc: 251.0 GB, 251000193024 bytes 255 heads, 63 sectors/track, 30515 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hdc1 * 1 13 104391 83 Linux /dev/hdc2 14 30515 245007315 8e Linux LVM Disk /dev/hdd: 163.9 GB, 163928604672 bytes 255 heads, 63 sectors/track, 19929 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hdd1 * 1 13 104391 83 Linux /dev/hdd2 14 19929 159975270 8e Linux LVM Disk /dev/sda: 81.9 GB, 81964302336 bytes 255 heads, 63 sectors/track, 9964 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 1996480035798+ 7 HPFS/NTFS Whether I use the lvm command line or the GUI, I am not sure if I am suppose to remove the logical first as in lvm lvremove LogVol01 Using the GUI, I get Logical volume LogVol01 contains swap filesystem. All data on it will be lost! Are you quite certain that you wish to remove logical volume LogVol01? Before you delete any LV's could you please post what the result of the mount command says. Thanks, Ken -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Am I being to paranoid?
On 5/8/2011 4:53 PM, John R. Dennison wrote: On Sun, May 08, 2011 at 08:57:23PM +0300, Eero Volotinen wrote: You should take a look at mod_security: http://www.modsecurity.org/ , if provides better ways to block hostile attacks and probes. Really? 99 lines of untrimmed material for a 2 line reply? I don't have personal experience with this, but I have heard that modsecurity does not play nice with some websites. If you are in a virtual hosting situation, it might be a bit too early to jump on that ship? I'll hopefully wait for it to become more of a 'standard'. I run Ossec on several servers and Fail2Ban on several others. At the moment, I prefer Fail2Ban. Configuration is not straight forward on either, but personally, I seem to get along better creating/editing Fail2Ban rules. It's sort of hard to do comparisons as each server has differing accesses, but my gut tells my that Fail2Ban is a little easier on server loads. Both do a lot of reads, constantly monitoring for intrusion attempts. I know Fail2Ban is not a CentOS standard package, but it would be nice if we could build a place on the CentOS website where rules could be shared. Each environment is a bit different and so the rules need to be adapted. I have found the need for edits even between CentOS 3, 4 and 5 boxes. -- John Hinton 877-777-1407 ext 502 http://www.ew3d.com Comprehensive Online Solutions ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] hardware issues under 5.6
Folks, This is, umm, odd. Two, at least, and possibly a third over the weekend, of some older Dell 1950's, suddenly died shortly after being upgraded to 5.6. They're all about the same age, and it's not happening with other systems, but they claim a scsi abort, and the f/s goes read-only. The little lcd screen goes orange, and shows a fatal error E 171, and B0 F3 D0? D0 F3 B0? I forget, and won't be able to double check my memory till the morning. Has anyone seen this, with a f/s suddenly going r/o, on machines that seemed to be running fine for years? Since this is two? three machines, that's somewhere between coincidence and enemy action. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] dovecot sieve rpm?
Hello, Does anyone have a repo or have a dovecot 1.2 and dovecot sieve rpm, also a postfix 2.5 or 2.6 rpm? I saw some on a repo called atrpms, but it has dependency issues, and I read that that repo is dangerous. Thanks. Dave. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Am I being to paranoid?
On 08/05/11 23:31, John Hinton wrote: I know Fail2Ban is not a CentOS standard package, but it would be nice if we could build a place on the CentOS website where rules could be shared. Each environment is a bit different and so the rules need to be adapted. I have found the need for edits even between CentOS 3, 4 and 5 boxes. That would be the CentOS Wiki. http://wiki.centos.org/ Feel free to jump on over to the centos-docs list and create a page describing how to install, configure and write custom rules. You can also document the differences between CentOS 3, 4 and 5. Sounds like an ideal topic for a HowTo guide. Being a Wiki, others can then easily add and share their rules too. Then every time someone asks about Fail2Ban we can refer them to your documentation :-) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos