Re: Bots don't honor 301 :(
virgins...@vfemail.net wrote: Date: Mon, 12 Jan 2009 19:46:26 -0500 From: "Ben Scott" dragonh...@gmail.com not to. There are orders of magnitude more bots then web servers. That's quite a claim. Do you have evidence for this? I can't say for the types of payload, which would affect your remediation efforts, carried on the various botnets (which, of course, varies depending on how the authors and their sublettors use the botnets), but the Storm botnet was enormous by most estimates. Kraken the current (known) king is supposed to be(come) bigger. There are about 186,727,854 web sites currently, though, obviously, far fewer web servers to host them. To, if the estimate of 50,000,000 in the Storm botnet (using the higher numbers) was accurate and, for sake of argument, 10 web sites are hosted on a server on average (purely out of thin air number I made up), there are 19,000,000 web servers. So, for sake of argument (do we need a sake for argument?), there are more botnets than web servers. :-) References: Botnet sizes: http://www.washingtonpost.com/wp-dyn/content/article/2006/02/16/AR2006021601388.html Storm: http://www.neoseeker.com/news/7103-worm-storm-gathers-strength/ Kraken: http://www.darkreading.com/security/perimeter/showArticle.jhtml?articleID=211201307 Websites: http://news.netcraft.com/archives/2008/12/24/december_2008_web_server_survey.html ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Bots don't honor 301 :(
virgins...@vfemail.net wrote: Date: Mon, 12 Jan 2009 19:46:26 -0500 From: Ben Scott dragonh...@gmail.com If you can show me crackbots that autonomously coordinate their attacks like [insert random potentially offensive analogy here], then there's a chance you may be right about this. http://en.wikipedia.org/wiki/Botnet Where can one find/contact these network abuse reporting systems? http://www.google.com/search?q=network+abuse+reporting Queries like that typically return lots of forum posts in which windows users get a lot of stupid answers to a lot of stupid questions. I'd hoped asking that question here would have resulted in a smarter answer. Try whois. Take it easy, -- David Berube Berube Consulting http://berubeconsulting.com (603)-485-9622 ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: For all you outspoken people....and some of you quiet ones...
Bayard, You were the first to reply, and I am going to send your reply to the rest of the group to show what I think a good reply should be, and how it can reflect on people and projects that others might not think about. People may or may not have thought about Jesse, but I think he is a good candidate, and for the reasons you mentioned. I know there are others. I hope that other people on the list speak up with their ideas over the next couple of days. I need these by January 15th so I can roll them up and submit them. Thanks, md Forwarded Message From: Bayard Coolidge n...@yahoo.com Reply-to: n...@yahoo.com To: mad...@li.org Subject: Re: For all you outspoken peopleand some of you quiet ones... Date: Tue, 13 Jan 2009 07:02:39 -0800 (PST) Most Outstanding Contribution to Open Source / Linux / Free Software Jesse Keating - for an incredible job of cat herding Fedora 10. (I'm pretty much a dyed-in-the-wool openSUSE/KDE user, and have been for 6-7 years, but I'm actually considering switching to F10 and GNOME for my day-to-day stuff because of the quality of system integration that permits Fedora 10 to just plain work out-of-the-box with minimal tinkering.) Bayard --- On Tue, 1/13/09, Jon 'maddog' Hall mad...@li.org wrote: From: Jon 'maddog' Hall mad...@li.org Subject: For all you outspoken peopleand some of you quiet ones... To: gnhlug-discuss@mail.gnhlug.org Date: Tuesday, January 13, 2009, 1:54 AM I have been asked to nominate some people and products for the most or the best for 2008. - Most Outstanding Contribution to Open Source / Linux / Free Software ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Python question
Thomas Charron twaf...@gmail.com writes: Example: strftime(HH:MM:SS , localtime()) '14:17:15' Ah, I see. So, if I do this: begin = time.time() [... long wait here ... ] end = time.time() time.strftime(%H:%M:%S, time.localtime(end - begin)) '19:16:07' so, the MM:SS are correct, but the 19 for hours is incorrect. It should be 00, because long wait here was 16:07. end - begin 967.31416082382202 time.localtime(end - begin) (1969, 12, 31, 19, 16, 7, 2, 365, 0) So far, it seems my best bet is to do the math on the difference between end, begin myself; something like this: def ElapsedTime (time): Convert a float into HH:MM:SS string days = time / 60 / 60 / 24 if days 1: days = 0 mins = int(time / 60) if mins 60: hours = int(mins / 60) mins = int(time % 60) else: hours = 0 secs = int(((time % 60) - int(mins)) * 60) days = (days 10) and (0%s % days) or days hours = (hours 10) and (0%s % hours) or hours mins = (mins 10) and (0%s % mins ) or mins secs = (secs 10) and (0%s % secs ) or secs return %s:%s:%s:%s % (days, hours, mins, secs) I'm certainly appreciative of better ways to do this :) Thanks. -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
Jon 'maddog' Hall mad...@li.org writes: Evolution supports IMAP, POP and local mail. It also supports multiple identities. pll Which is important for those of us who have these! fred Shhh, no we don't, you're not supposed to give away our secrets pll oh be quiet, it's not like they don't already know! fred Fine! Have it your way! But don't blame me when those nice men fred in white coats come to take you away! pll They're coming to take me away?! fred Ha, Hah! -- Seeya, Paul - who goes back to lurking mode... ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Python question
time.time() returns the number of seconds since the epoch, so end-start should be the number of seconds of execution. For example, given the following program timetest.py: import time start=time.time() time.sleep(5) end=time.time() print end-start The output should very close to 5 seconds (with some overhead for the recording of start and end). $ python timetest.py 5.00017285347 If you are doing timing of code, you may also want to consider the timeit module (part of the standard library): http://docs.python.org/library/timeit.html -Shawn On Tue, Jan 13, 2009 at 10:41 AM, Paul Lussier p.luss...@comcast.netwrote: Thomas Charron twaf...@gmail.com writes: Example: strftime(HH:MM:SS , localtime()) '14:17:15' Ah, I see. So, if I do this: begin = time.time() [... long wait here ... ] end = time.time() time.strftime(%H:%M:%S, time.localtime(end - begin)) '19:16:07' so, the MM:SS are correct, but the 19 for hours is incorrect. It should be 00, because long wait here was 16:07. end - begin 967.31416082382202 time.localtime(end - begin) (1969, 12, 31, 19, 16, 7, 2, 365, 0) So far, it seems my best bet is to do the math on the difference between end, begin myself; something like this: def ElapsedTime (time): Convert a float into HH:MM:SS string days = time / 60 / 60 / 24 if days 1: days = 0 mins = int(time / 60) if mins 60: hours = int(mins / 60) mins = int(time % 60) else: hours = 0 secs = int(((time % 60) - int(mins)) * 60) days = (days 10) and (0%s % days) or days hours = (hours 10) and (0%s % hours) or hours mins = (mins 10) and (0%s % mins ) or mins secs = (secs 10) and (0%s % secs ) or secs return %s:%s:%s:%s % (days, hours, mins, secs) I'm certainly appreciative of better ways to do this :) Thanks. -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Bots don't honor 301 :(
Date: Tue, 13 Jan 2009 09:27:27 -0500 From: David Berube djber...@berubeconsulting.com If you can show me crackbots that autonomously coordinate their attacks like [insert random potentially offensive analogy here], then there's a chance you may be right about this. http://en.wikipedia.org/wiki/Botnet This article referrs to DDoS attacks, but that's organizing payload, not organizing propagation. What I was referring to was having bots cooperate to partition and delegate portions of their host space. For exmaple, maybe all the bots would agree only to probe and compromise IP addresses whose last octet is the same as their own IP. That would create 254 separate address spaces, and decrease the effectiveness of any one tarpit by a factor of 254. However, it would still only take 254 tarpits to cut the number of compromised hosts (on average) in half. Where can one find/contact these network abuse reporting systems? http://www.google.com/search?q=network+abuse+reporting Queries like that typically return lots of forum posts in which windows users get a lot of stupid answers to a lot of stupid questions. I'd hoped asking that question here would have resulted in a smarter answer. Try whois. Yeah, that's typically how the smart folk answered the question. Unfortunately, whois isn't integrated, which makes it hard to automate abuse reporting. :( ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Bots don't honor 301 :(
virgins...@vfemail.net wrote: Unfortunately, whois isn't integrated, which makes it hard to automate abuse reporting. :( Unfortunately, automated abuse reporting lends itself to being abused by the very people it should, in theory, protect against. :( Take it easy, -- David Berube Berube Consulting http://berubeconsulting.com (603)-485-9622 ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Bots don't honor 301 :(
Date: Tue, 13 Jan 2009 09:18:31 -0500 From: Dan Jenkins d...@rastech.com CC: gnhlug-discuss@mail.gnhlug.org botnet (using the higher numbers) was accurate and, for sake of argument, 10 web sites are hosted on a server on average (purely out of thin air number I made up), there are 19,000,000 web servers. So, for sake of argument (do we need a sake for argument?), there are more botnets than web servers. :-)br Yes, but the number of compromised hosts isn't critical - it's the number of unique scan queues which is important to evading tarpits. If a botnet has 50,000,000 nodes, is vulnerable to tarpitting, and scans every IP address on the Internet in exactly the same order, then a single tarpit would still save 1/2 the hosts on the Internet from ever being probed. The crucial element is the *order* in which prospective hosts are scanned. Assuming the bot is deterministic, hosts are likely to be scanned in the same order by every copy of the bot. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Python question
On Tuesday, Jan 13th 2009 at 11:39 -, quoth Shawn O'Shea: =time.time() returns the number of seconds since the epoch, so end-start =should be the number of seconds of execution. For example, given the =following program timetest.py: =import time = =start=time.time() = =time.sleep(5) = =end=time.time() = =print end-start = =The output should very close to 5 seconds (with some overhead for the =recording of start and end). =$ python timetest.py =5.00017285347 = =If you are doing timing of code, you may also want to consider the timeit =module (part of the standard library): =http://docs.python.org/library/timeit.html = =-Shawn = = =On Tue, Jan 13, 2009 at 10:41 AM, Paul Lussier p.luss...@comcast.net =wrote: = Thomas Charron twaf...@gmail.com writes: = = Example: = = strftime(HH:MM:SS , localtime()) = '14:17:15' = =Ah, I see. So, if I do this: = = begin = time.time() = [... long wait here ... ] = end = time.time() = time.strftime(%H:%M:%S, time.localtime(end - begin)) = '19:16:07' = =so, the MM:SS are correct, but the 19 for hours is incorrect. It =should be 00, because long wait here was 16:07. = = end - begin = 967.31416082382202 = time.localtime(end - begin) = (1969, 12, 31, 19, 16, 7, 2, 365, 0) = =So far, it seems my best bet is to do the math on the difference =between end, begin myself; something like this: = = def ElapsedTime (time): = Convert a float into HH:MM:SS string = = days = time / 60 / 60 / 24 = = if days 1: = days = 0 = = mins = int(time / 60) = if mins 60: = hours = int(mins / 60) = mins = int(time % 60) = else: = hours = 0 = = secs = int(((time % 60) - int(mins)) * 60) = = days = (days 10) and (0%s % days) or days = hours = (hours 10) and (0%s % hours) or hours = mins = (mins 10) and (0%s % mins ) or mins = secs = (secs 10) and (0%s % secs ) or secs = = return %s:%s:%s:%s % (days, hours, mins, secs) = =I'm certainly appreciative of better ways to do this :) = =Thanks. Guys, don't use time! Use the datetime interface I previously described. That's what it was made for. :-) #! /usr/bin/python import datetime import time then = datetime.datetime.now() print then = , then time.sleep(5) now = datetime.datetime.now() print now = , now print Elapsed = , now - then -- steveo at syslang dot net TMMP1 http://frambors.syslang.net/ Do you have neighbors who are not frambors? Steven W. Orr___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
Jon 'maddog' Hall mad...@li.org writes: Evolution supports IMAP, POP and local mail. It also supports multiple identities. I somehow missed the beginning of this thread but... Thunderbird also supports multiple identities, IMAP, and POP as well as GMail natively. Enigmail makes PGP/GPG encryption simple (including key management). I haven't used Evolution in a while, but last time I did, I was turned off by the close resemblance to Outbreak. Kmail/Kontact is coming up there as a viable option, too: especially in office environments. Brian -- --- | br...@datasquire.net Proprietor: http://www.JustWorksNH.com | | Computers and Web Sites that JUST WORK | | Work: +1 (603) 484-1461Home: +1 (603) 484-1469| --- ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
On 2009-01-11 1:02 PM, Steven W. Orr wrote: * What do people like better (or best)? If you're going to run Thunderbird, I think the occasional stability issues of the current beta are worth it for the increased usability. Kudos to the Penelope (nee Eudora) engineer who's hacking madly though the codebase fixing usability problems. IMHO, the Nostalgy extension is essential for keyboard usage. I also use Signature Switch, which lets me change signatures based on destination (clients on support contracts get a different .sig). There are a bunch of great extensions, check out the Thunderbird addons site. I didn't know I needed some until I found them. If you need to be able to deal with Exchange meeting invites, the Lightning extension does that but it's important to keep up with versions in the evolving beta scene. This extension: https://addons.mozilla.org/en-US/thunderbird/downloads/file/42293/ automates the process. -Bill -- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 b...@bfccomputing.com Cell: 603.252.2606 http://www.bfccomputing.com/Page: 603.442.1833 Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Python question
On Tue, Jan 13, 2009 at 12:45 PM, John Abreau j...@gapps.blu.org wrote: On Tue, Jan 13, 2009 at 10:41 AM, Paul Lussier p.luss...@comcast.net wrote: Thomas Charron twaf...@gmail.com writes: Example: strftime(HH:MM:SS , localtime()) '14:17:15' Ah, I see. So, if I do this: begin = time.time() [... long wait here ... ] end = time.time() time.strftime(%H:%M:%S, time.localtime(end - begin)) '19:16:07' so, the MM:SS are correct, but the 19 for hours is incorrect. It should be 00, because long wait here was 16:07. Um, that's completely meaningless -- end - begin is not a clock value, it's the number of seconds that long wait here took. Since it's not a clock value, it makes no sense to use it as a parameter to time.localtime(). Well, it makes sense if you want to use the time formatting capabilities, and just ignore the fact that it thinks it's 1969. :-D But as we've seen, doesn't work to well. I'm actually reading about the datetime classes which Python has which include 'timedelta' classes. It gets it half way there, it will sort out the days, but the hours/minutes would still need to be computed. -- -- Thomas ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Python question
Steven W. Orr ste...@syslang.net writes: Guys, don't use time! Use the datetime interface I previously described. That's what it was made for. :-) #! /usr/bin/python import datetime import time then = datetime.datetime.now() print then = , then time.sleep(5) now = datetime.datetime.now() print now = , now print Elapsed = , now - then Doh! sound of hand smacking head I saw this in the modules reference, but simply didn't grok it at the time. This is *exactly* what I want to do! Thanks! -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Python question
John Abreau j...@gapps.blu.org writes: Um, that's completely meaningless -- end - begin is not a clock value, it's the number of seconds that long wait here took. Since it's not a clock value, it makes no sense to use it as a parameter to time.localtime(). I understand that. Which is why I was asking for help :) -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: compiling gcc q's
On 01/12/2009 11:31 AM, Mark Komarinski wrote: bruce.lab...@autoliv.com wrote: /usr/bin/ld: skipping incompatible /usr/local/lib/libmpfr.so when searching for -lmfpr . . . /usr/bin/ld: skipping incompatible /usr/local/lib/libgmp.a when searching for -lgmp Yes, it says it is incompatible. How does one make it compativble? Are you sure that /usr/local/lib/libgmp.a is the right architecture? I've run into that a few times when compiling 64-bit apps when 32-bit libraries were installed. Just to add to this, 32-bit libraries should be in /usr/lib or /usr/local/lib and 64-bit libraries should be in /usr/lib64 and /usr/local/lib64. -- Jerry Feldman g...@blu.org Boston Linux and Unix PGP key id: 537C5846 PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB CA3B 4607 4319 537C 5846 signature.asc Description: OpenPGP digital signature ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
So, Is it possible to use an external editor with Tbird? Is something like It's All Text for Firefox also available for thunderbird ? I couldn't find it on the Thunderbird page. I want to click on reply and have the text sent to emacs via emacsclient Thanks, -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: For all you outspoken people....and some of you quiet ones...
Arc Riley arcri...@gmail.com writes: - Best Open Source Programming Language Python 3, released this Fall it makes programming even more intuitive and easy to learn Did they get rid of that silly whitespace rule? -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
Enigmail makes PGP/GPG encryption simple (including key management). Evolution allows PGP/GPG signing and encryption, as well as S/MIME signing and encryption for outgoing email. Incoming email just works. I haven't used Evolution in a while, but last time I did, I was turned off by the close resemblance to Outbreak. Well, I must admit I still like the old exmh mailer, but more and more Evolution works for me. I guess if I did not use software just because it has a close resemblance to software generated by the Evil Empire then I would not use OpenOffice either. I set up Evolution to pull mail from three places: o local email o my ATT account (POP) o my LI account (POP) On Ubuntu 8.10 is easy to integrate it with either SpamAssassin or BogoFilter. BogoFilter is my default, and SpamAssassin is only an installation and click away. It even has a little check box that allows you to use SpamAssassin totally locally, or go out to check the databases over the net. It handles Certificates, proxies, text and html (and in its contact lists even keeps track of who likes html vs textual based email). It handles multiple languages, and integrates its contact lists with Gnome Pilot (for those Palm Pilot people). It is easy to set up filters on incoming email to send them directly to a folder, which then highlights to show you that you have unread email. What I don't like about it is that it does not use the directories of email messages, each message being in a different file like exmh does, so I can not go grepping through my email. On the other hand, the searches are fast and the search mechanism is more than adequate, and allows me to set up and store complex searches for future use. Once in a while the cache seems to get out of whack, but blowing away the cache and starting evolution back up again seems to fix that problem. Finally, after using it the whole day, and working with the hundreds of email messages I get each day and the hundreds of thousands of email messages (altogether, not in one day) that I keep online, it *sometimes* takes a minute or two to shut down. Start up is always fairly quick, particularly if I keep my inbox small by filing my message in various folders, sub-foldrers, sub-sub folders, etc. With suspend and hibernation working on my notebook, slow shutdown is not as much an issue. I am sure that Evolution will not be liked by everyone. I started using it to be compatible with a project that I was working with, so I could help out our customers, who were more likely to use Evolution then they were exmh. I had nothing against exmh, and would probably still be using it today other than the project I mentioned. Warmest regards, maddog -- Jon maddog Hall Executive Director Linux International(R) email: mad...@li.org 80 Amherst St. Voice: +1.603.672.4557 Amherst, N.H. 03031-3032 U.S.A. WWW: http://www.li.org Board Member: Uniforum Association Board Member Emeritus: USENIX Association (2000-2006) (R)Linux is a registered trademark of Linus Torvalds in several countries. (R)Linux International is a registered trademark in the USA used pursuant to a license from Linux Mark Institute, authorized licensor of Linus Torvalds, owner of the Linux trademark on a worldwide basis (R)UNIX is a registered trademark of The Open Group in the USA and other countries. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Bots don't honor 301 :(
On Tue, Jan 13, 2009 at 12:00 PM, virgins...@vfemail.net wrote: Date: Tue, 13 Jan 2009 09:18:31 -0500 From: Dan Jenkins d...@rastech.com CC: gnhlug-discuss@mail.gnhlug.org botnet (using the higher numbers) was accurate and, for sake of argument, 10 web sites are hosted on a server on average (purely out of thin air number I made up), there are 19,000,000 web servers. So, for sake of argument (do we need a sake for argument?), there are more botnets than web servers. :-)br Yes, but the number of compromised hosts isn't critical - it's the number of unique scan queues which is important to evading tarpits. If a botnet has 50,000,000 nodes, is vulnerable to tarpitting, and scans every IP address on the Internet in exactly the same order, then a single tarpit would still save 1/2 the hosts on the Internet from ever being probed. The crucial element is the *order* in which prospective hosts are scanned. Assuming the bot is deterministic, hosts are likely to be scanned in the same order by every copy of the bot. Even the 1st internet worm (the RTM one) in 1990 picked hosts in random order. I've been reading SANS newsbites and Bruce Schenier's blog for awhile. The botnets have become sophisticated in recent years. It's no longer script kiddies working after school. It's criminals with professional computer experience that are getting paid to do this kind of work. Some of these botnets lease out to other criminals. They'd want to keep that revenue stream free from tarpits, etc. One botnet (that was used for spam at least) got shutdown for a day when an ISP that hosted most of its control bots was taken off the internet. There were some interesting analyses of what it di to reconnect. An argument could be made that these botnets are the early appearence of Cloud Computing. SETI is another one. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: For all you outspoken people....and some of you quiet ones...
Forwarded Message From: Bayard Coolidge n...@yahoo.com Reply-to: n...@yahoo.com To: mad...@li.org Subject: Re: For all you outspoken peopleand some of you quiet ones... Date: Tue, 13 Jan 2009 07:02:39 -0800 (PST) Most Outstanding Contribution to Open Source / Linux / Free Software Jesse Keating - for an incredible job of cat herding Fedora 10. (I'm pretty much a dyed-in-the-wool openSUSE/KDE user, and have been for 6-7 years, but I'm actually considering switching to F10 and GNOME for my day-to-day stuff because of the quality of system integration that permits Fedora 10 to just plain work out-of-the-box with minimal tinkering.) Bayard I upgraded to Fedora 10 from 9 (from 8). It just worked. I had issues with my ATI card under 9 and a few other things. It's as easy as Ubuntu now. FWIW - it's an ATI RV516/X1300. Is that driver open now? It wasn't suppoted by the open driver when that 1st came out. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
On 2009-01-13 3:44 PM, Paul Lussier wrote: d? Is something like It's All Text for Firefox also available for thunderbird ? I couldn't find it on the Thunderbird page. This might work (untested): http://globs.org/articles.php?lng=enpg=2 -Bill -- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 b...@bfccomputing.com Cell: 603.252.2606 http://www.bfccomputing.com/Page: 603.442.1833 Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
On Tue, Jan 13, 2009 at 3:29 PM, Jon 'maddog' Hall mad...@li.org wrote: Well, I must admit I still like the old exmh mailer, but more and more Evolution works for me. I guess if I did not use software just because it has a close resemblance to software generated by the Evil Empire then I would not use OpenOffice either. Finally, after using it the whole day, and working with the hundreds of I am sure that Evolution will not be liked by everyone. I started using it to be compatible with a project that I was working with, so I could help out our customers, who were more likely to use Evolution then they were exmh. I had nothing against exmh, and would probably still be using it today other than the project I mentioned. exmh was a very nice setup. I had procmail sorting incoming mail into the folders. I had scripts that would move mail into subfolders organized by month/year automatically. iFile(?) was an addition the MH that would learn how you were moving things between folders start moving them for you. Unfortunately, it really needed a GUI (X11) and local access to the MH folders. So an SSH to a text client or didn't work so well and you couldn't us IMAP for a lower bandwidth connection. And most IMAP server don't deal well with MH folders. And even worse with subfolders. I've given up and use gmail for everything except work, which uses Outlook/Exchange. *sigh* ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
pseudo-terminal masters
Hi, all, Anybody familiar with the pseudoterminal setup on linux? I've got some scripts which look for idle time on connections. They're currently using the output of 'w' which I see now is really just reporting the last modified date of /dev/pts/x, so I can throw out the 'w' parsing. However, /dev/pts/x's modification date depends on data written to the terminal by the system (for lack of better terms). What I actually want is to figure out idle time based on input by the user. On some other unixes there are /dev/ptm/x which represents this, but in linux, apparently you open /dev/ptmx which returns to you a filehandle for a new ptm, but I'm not sure how to find that from userspace. If I knew what I was looking for I wouldn't mind implementing a wrapper in c, but I'm not sure where to look. Thanks, -Bill -- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 b...@bfccomputing.com Cell: 603.252.2606 http://www.bfccomputing.com/Page: 603.442.1833 Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: pseudo-terminal masters
Isn't this what the TMOUT shell variable is doing? In which case you could look at the code in bash or ksh to see if that mechanism is available for your script or as a wrapper. --- mark On Tue, Jan 13, 2009 at 4:45 PM, Bill McGonigle b...@bfccomputing.comwrote: Hi, all, Anybody familiar with the pseudoterminal setup on linux? I've got some scripts which look for idle time on connections. They're currently using the output of 'w' which I see now is really just reporting the last modified date of /dev/pts/x, so I can throw out the 'w' parsing. However, /dev/pts/x's modification date depends on data written to the terminal by the system (for lack of better terms). What I actually want is to figure out idle time based on input by the user. On some other unixes there are /dev/ptm/x which represents this, but in linux, apparently you open /dev/ptmx which returns to you a filehandle for a new ptm, but I'm not sure how to find that from userspace. If I knew what I was looking for I wouldn't mind implementing a wrapper in c, but I'm not sure where to look. Thanks, -Bill -- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 b...@bfccomputing.com Cell: 603.252.2606 http://www.bfccomputing.com/Page: 603.442.1833 Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: pseudo-terminal masters
You can look at the modification date/time of (for example) /dev/pts/9 if you want to know when the last activity occurred. --Bruce Bill McGonigle wrote: Hi, all, Anybody familiar with the pseudoterminal setup on linux? I've got some scripts which look for idle time on connections. They're currently using the output of 'w' which I see now is really just reporting the last modified date of /dev/pts/x, so I can throw out the 'w' parsing. However, /dev/pts/x's modification date depends on data written to the terminal by the system (for lack of better terms). What I actually want is to figure out idle time based on input by the user. On some other unixes there are /dev/ptm/x which represents this, but in linux, apparently you open /dev/ptmx which returns to you a filehandle for a new ptm, but I'm not sure how to find that from userspace. If I knew what I was looking for I wouldn't mind implementing a wrapper in c, but I'm not sure where to look. Thanks, -Bill ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
I quit using Evolution and switched to Thunderbird when Evolution took more than 28 hours to rifle though my (more than) 1024 .mbox files. Thunderbird did it within 1 minute - and I got to watch as is progressed through them. I don't know why Evolution was taking so long; they were both going through an IMAP server - so its not like some resource on the server was being exhausted. Its been like that since Evolution release 1.0something. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
Bruce Dawson wrote: I quit using Evolution and switched to Thunderbird when Evolution took more than 28 hours to rifle though my (more than) 1024 .mbox files. Thunderbird did it within 1 minute - and I got to watch as is progressed through them. I don't know why Evolution was taking so long; they were both going through an IMAP server - so its not like some resource on the server was being exhausted. Its been like that since Evolution release 1.0something. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ I threw Evolution under the bus when for some odd reason it started filtering most of my incoming email messages sticking them into it's junk folder. At about the same time Evolution seemed to lose track of messages it had already downloaded and kept downloading the same messages over and over again. Thunderbird just worked. -Alex ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
I must admit I never used Evolution with IMAP. While I appreciate the benefits of IMAP, I mostly read email from my laptop, and therefore have my email with me almost everywhere I go. I do know that recent versions of Evolution now keep their data through SQLite. Whether that would be faster or slower for you, I do not know. md -- Jon maddog Hall Executive Director Linux International(R) email: mad...@li.org 80 Amherst St. Voice: +1.603.672.4557 Amherst, N.H. 03031-3032 U.S.A. WWW: http://www.li.org Board Member: Uniforum Association Board Member Emeritus: USENIX Association (2000-2006) (R)Linux is a registered trademark of Linus Torvalds in several countries. (R)Linux International is a registered trademark in the USA used pursuant to a license from Linux Mark Institute, authorized licensor of Linus Torvalds, owner of the Linux trademark on a worldwide basis (R)UNIX is a registered trademark of The Open Group in the USA and other countries. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
I threw Evolution under the bus when for some odd reason it started filtering most of my incoming email messages sticking them into it's junk folder. You can easily turn off the filtering completely. At about the same time Evolution seemed to lose track of messages it had already downloaded and kept downloading the same messages over and over again. This had to do with an older caching mechanism. If Evolution did not shut down gracefully (i.e. it crashed or the system crashed) the emails were still in the in queue, whether or not they had been read into the inbox. I have not seen this behavior for a while. md -- Jon maddog Hall Executive Director Linux International(R) email: mad...@li.org 80 Amherst St. Voice: +1.603.672.4557 Amherst, N.H. 03031-3032 U.S.A. WWW: http://www.li.org Board Member: Uniforum Association Board Member Emeritus: USENIX Association (2000-2006) (R)Linux is a registered trademark of Linus Torvalds in several countries. (R)Linux International is a registered trademark in the USA used pursuant to a license from Linux Mark Institute, authorized licensor of Linus Torvalds, owner of the Linux trademark on a worldwide basis (R)UNIX is a registered trademark of The Open Group in the USA and other countries. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
On 2009-01-13 5:36 PM, Alex Hewitt wrote: I threw Evolution under the bus when for some odd reason it started filtering most of my incoming email messages sticking them into it's junk folder. FWIW, I have the same problem with Thunderbird, so I do all my spam filtering server-side (MailScanner). Most frustrating about this is that even though there's a way to tell it to trust server-side headers, there's not way to turn off the local filtering at the same time, so it's all or nothing. (There might be an unexposed config option, but nothing in the GUI) -Bill -- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 b...@bfccomputing.com Cell: 603.252.2606 http://www.bfccomputing.com/Page: 603.442.1833 Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Python question
On Tuesday, Jan 13th 2009 at 14:44 -, quoth Thomas Charron: =On Tue, Jan 13, 2009 at 12:45 PM, John Abreau j...@gapps.blu.org wrote: = On Tue, Jan 13, 2009 at 10:41 AM, Paul Lussier p.luss...@comcast.net wrote: = Thomas Charron twaf...@gmail.com writes: = Example: = strftime(HH:MM:SS , localtime()) = '14:17:15' = Ah, I see. So, if I do this: = begin = time.time() = [... long wait here ... ] = end = time.time() = time.strftime(%H:%M:%S, time.localtime(end - begin)) = '19:16:07' = so, the MM:SS are correct, but the 19 for hours is incorrect. It = should be 00, because long wait here was 16:07. = Um, that's completely meaningless -- end - begin is not a clock = value, it's the number of seconds that long wait here took. = Since it's not a clock value, it makes no sense to use it as = a parameter to time.localtime(). = = Well, it makes sense if you want to use the time formatting =capabilities, and just ignore the fact that it thinks it's 1969. :-D =But as we've seen, doesn't work to well. = = I'm actually reading about the datetime classes which Python has =which include 'timedelta' classes. It gets it half way there, it will =sort out the days, but the hours/minutes would still need to be =computed. Umm, you do have access to datetime.datetime.datetime.year, month, day, hour, minute, second, microsecond. No need for strftime that I can see. -- Time flies like the wind. Fruit flies like a banana. Stranger things have .0. happened but none stranger than this. Does your driver's license say Organ ..0 Donor?Black holes are where God divided by zero. Listen to me! We are all- 000 individuals! What if this weren't a hypothetical question? steveo at syslang.net ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
On Tue, Jan 13, 2009 at 3:29 PM, Jon 'maddog' Hall mad...@li.org wrote: What I don't like about it is that it does not use the directories of email messages, each message being in a different file like exmh does, so I can not go grepping through my email. Doesn't grep -r work? I know I've used it to grep though my hierarchical collection of many mbox files in the past. -- ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Bots don't honor 301 :(
On Tue, Jan 13, 2009 at 12:00 PM, virgins...@vfemail.net wrote: Assuming the bot is deterministic, hosts are likely to be scanned in the same order by every copy of the bot. And assuming the bot only ever scans one host, we only have to shut off that one host and the problem is solved for all time. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: pseudo-terminal masters
On Tue, Jan 13, 2009 at 5:02 PM, mark prg...@gmail.com wrote: Isn't this what the TMOUT shell variable is doing? Pure speculation, but I would guess that the TMOUT variable is implemented just by having the shell call alarm(2) and then catching SIGALRM. Otherwise the shell would have to poll its own input channel constantly to see if it was idle, which would be kinda inefficient. :) -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
FWIW, I have the same problem with Thunderbird, so I do all my spam filtering server-side (MailScanner). Most frustrating about this is that even though there's a way to tell it to trust server-side headers, there's not way to turn off the local filtering at the same time, so it's all or nothing. (There might be an unexposed config option, but nothing in the GUI) Evolution does allow you to turn off the client side use of spamassassin and Bogofilter, yet still filter on server-side headers. It has a nice interface to allow you to include as many customer headers as you want. md -- Jon maddog Hall Executive Director Linux International(R) email: mad...@li.org 80 Amherst St. Voice: +1.603.672.4557 Amherst, N.H. 03031-3032 U.S.A. WWW: http://www.li.org Board Member: Uniforum Association Board Member Emeritus: USENIX Association (2000-2006) (R)Linux is a registered trademark of Linus Torvalds in several countries. (R)Linux International is a registered trademark in the USA used pursuant to a license from Linux Mark Institute, authorized licensor of Linus Torvalds, owner of the Linux trademark on a worldwide basis (R)UNIX is a registered trademark of The Open Group in the USA and other countries. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Thots on evolution vs t'bird.
Doesn't grep -r work? I know I've used it to grep though my hierarchical collection of many mbox files in the past. Evolution keeps its mail in something that looks somewhat like an mbox file, but it is mixed in with cache files, etc. Let's just say it is not as easy to grep through it as it was with MH. And that is about the only thing I don't like about it. md -- Jon maddog Hall Executive Director Linux International(R) email: mad...@li.org 80 Amherst St. Voice: +1.603.672.4557 Amherst, N.H. 03031-3032 U.S.A. WWW: http://www.li.org Board Member: Uniforum Association Board Member Emeritus: USENIX Association (2000-2006) (R)Linux is a registered trademark of Linus Torvalds in several countries. (R)Linux International is a registered trademark in the USA used pursuant to a license from Linux Mark Institute, authorized licensor of Linus Torvalds, owner of the Linux trademark on a worldwide basis (R)UNIX is a registered trademark of The Open Group in the USA and other countries. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Bots don't honor 301 :(
virgins...@vfemail.net wrote: Yes, but the number of compromised hosts isn't critical - it's the number of unique scan queues which is important to evading tarpits. If a botnet has 50,000,000 nodes, is vulnerable to tarpitting, and scans every IP address on the Internet in exactly the same order, then a single tarpit would still save 1/2 the hosts on the Internet from ever being probed. The crucial element is the *order* in which prospective hosts are scanned. Assuming the bot is deterministic, hosts are likely to be scanned in the same order by every copy of the bot. >From http://www.honeynet.org/node/54: Most botnets use a topic command like: 1. ".advscan lsass 200 5 0 -r -s" The first topic tells the bot to spread further with the help of the LSASS vulnerability. 200 concurrent threads should scan with a delay of 5 seconds for an unlimited time (parameter 0). The scans should be random (parameter -r) and silent (parameter -s), thus avoiding too much traffic due to status reports. Scans are almost always random nowadays. The bots download their commands from an IRC channel or some other command-and-control channel, so they don't have the same list of addresses to scan as the others. The CC spreads the address ranges for scans around to reduce visibility to behavioral analysis tools. There are a number of articles, white papers, research topics available on distributed scanning, address partitioning and management at the CC end. Bots are not deterministic. They get new addresses often. They are updated with new payloads and new behaviors. Portions of them are rented out to others who have differing needs (DDOS, spamming, etc.). Their updates often come from varied sources as those channels are fast fluxed and thus change constantly continually. No two bots are likely to be completely the same. Why would they have them all scan the same addresses or behave in a strictly predictable fashion? Brownian motion provides adequate coverage. Spread the address ranges around to gain greater coverage. Adjust behavior based on success or failure. Delaying a single mind-controlled foot soldier, or even destroying such a soldier, does not prevent, or even slow, the battle from continuing as the swarm is chaotic. It does not need to be lock-step to accomplish its goals. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: pseudo-terminal masters
On 2009-01-13 10:36 PM, Ben Scott wrote: Pure speculation, but I would guess that the TMOUT variable is implemented just by having the shell call alarm(2) and then catching SIGALRM. Otherwise the shell would have to poll its own input channel constantly to see if it was idle, which would be kinda inefficient. Well, the shell is in a unique position here in that it's directly allocating the master and slave pty, so it can just do, e.g. master_last_time = time() whenever it writes to the master and have the alarm callback check that. Programs outside the shell are a bit less privileged there. I've looked at a few c examples of opening the master and slave, and so far can't figure out why the master file descriptor doesn't show up in the lsof for a shell. -Bill -- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 b...@bfccomputing.com Cell: 603.252.2606 http://www.bfccomputing.com/Page: 603.442.1833 Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/