Re: OpenSSH vulnerability?
On Wed, Jul 8, 2009 at 9:18 PM, Michael ODonnellmichael.odonn...@comcast.net wrote: This *might* be an indication of what it's about: http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt That gets mention on the OpenSSH security page[1], but they say it was fixed in 5.2, which was released back in Feb 2009[2]. [1] http://www.openssh.com/security.html [2] http://www.openssh.com/openbsd.html -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: OpenSSH vulnerability?
From http://isc.sans.org today: For the last couple of days we've been all witnesses of FUD surrounding a supposed 0-day exploit for OpenSSH skyrocketing. At this moment, it definitely looks like we're dealing with a hoax – even more, it's not the first time someone said they have a 0-day exploit for SSH. OpenSSH 0day FUD http://isc.sans.org/diary.html?storyid=6760 ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: OpenSSH vulnerability?
On Thu, Jul 9, 2009 at 1:48 PM, Dan Jenkinsd...@rastech.com wrote: OpenSSH 0day FUD http://isc.sans.org/diary.html?storyid=6760 I see. It does sound like OpenSSH has a vulnerability here: ... this was even enough for some web hosting companies to *shut down* their SSH service ... Someone perpetrated a successful DDoS attack against OpenSSH servers. Of course, the attack vector was human fears, and the technique social engineering. It's hard to patch OpenSSH against that. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: OpenSSH vulnerability?
On Thursday 09 July 2009 02:38:18 pm Ben Scott wrote: Someone perpetrated a successful DDoS attack against OpenSSH servers. Of course, the attack vector was human fears, and the technique social engineering. It's hard to patch OpenSSH against that. I'm not sure how widespread it is, but I know that ANHosting (MidPhase) is blocking it entirely. And they've got no ETA for when they'll put it back so far. I guess they're waiting for details and patches about the exploit to be released... ugh. -N ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: OpenSSH vulnerability?
Neil Joseph Schelly wrote: On Thursday 09 July 2009 02:38:18 pm Ben Scott wrote: Someone perpetrated a successful DDoS attack against OpenSSH servers. Of course, the attack vector was human fears, and the technique social engineering. It's hard to patch OpenSSH against that. I'm not sure how widespread it is, but I know that ANHosting (MidPhase) is blocking it entirely. And they've got no ETA for when they'll put it back so far. I guess they're waiting for details and patches about the exploit to be released... ugh. HostGator has disabled OpenSSH support for now. No ETA for restoration either. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: OpenSSH vulnerability?
I'm not sure how widespread it is, but I know that ANHosting (MidPhase) is blocking it entirely. And they've got no ETA for when they'll put it back so far. I guess they're waiting for details and patches about the exploit to be released... ugh. HostGator has disabled OpenSSH support for now. No ETA for restoration either. Hey! cool - if this FUD approach is so effective maybe we can use it to rid the world of some other scourges. Like what if we very coyly insinuated that there *might* be one or two flaws in Microsoft Windows that could allow millions of machines to become enslaved in botnets controlled by genuinely malicious people who rent them out to others bent on causing actual measurable harm? Ssss! we could provide details but we're not gonna, cuz it's a secret... ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Mucking with a mounted filesystem?
Hi All, I am running into a disk space issue on an older server. I'd like to do a tune2fs -m 1 (or maybe 0) to get rid of most, if not all of the reserved block space on the partition that is close to full. The disk is actually an iSCSI volume mounted from an EqualLogic array, and then exported via NFS to 6 other servers. Has anyone ever run tune2fs on a mounted/in-use filesystem? Is this safe to do? Thanks, Kenny ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Router recommendations?
In addition to Alex's recommendation, some of the Buffalo gear is now back on the market. Both companies actively support the development of Free firmware. Also look at the Fonera 2, it looks like a good value. Buffalo's injunction and subsequent reentrance and the -N standard are tied up due to patent lawsuits from CSIRO, the Australian government's research group. -N could never go final, for all we know, so vendors are working on interop on pre-N. That said, -N radios are more expensive than they should be, I think. I don't personally have a use for medium-speed wireless that's worth the extra money. -G is fast enough for Internet access and gigabit is for large file transfer. Also lots of -N gear has overheating problems. When they're cool, stable and $60 I'll probably upgrade. -Bill -- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 http://www.bfccomputing.com/Cell: 603.252.2606 Twitter, etc.: bill_mcgonigle Page: 603.442.1833 Email, IM, VOIP: b...@bfccomputing.com Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Mucking with a mounted filesystem?
I am running into a disk space issue on an older server. I'd like to do a tune2fs -m 1 (or maybe 0) to get rid of most, if not all of the reserved block space on the partition that is close to full. The disk is actually an iSCSI volume mounted from an EqualLogic array, and then exported via NFS to 6 other servers. Has anyone ever run tune2fs on a mounted/in-use filesystem? Is this safe to do? I don't know specifically whether that's safe to do with a mounted filesystem but if your situation allows you might be able to accomplish it by first doing an on-the-fly remount such that your filesystem is temporarily ReadOnly, then do your tune2fs thing, then restore ReadWrite mode with another on-the-fly remount: mount -oremount,ro /your/filesystem tune2fs -whatever /dev/yourDevice mount -oremount,rw /your/filesystem ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: OpenSSH vulnerability?
On 07/09/2009 02:38 PM, Ben Scott wrote: Someone perpetrated a successful DDoS attack against OpenSSH servers. Of course, the attack vector was human fears, and the technique social engineering. It's hard to patch OpenSSH against that. Commodity vendors who shut off service at the first sign of rumor will find they have two types of customers - those who think the paranoid stance is most prudent, and those who are currently adding their new hoster to their DNS records. That's probably a good kind of market segregation. -Bill -- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 http://www.bfccomputing.com/Cell: 603.252.2606 Twitter, etc.: bill_mcgonigle Page: 603.442.1833 Email, IM, VOIP: b...@bfccomputing.com Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Mucking with a mounted filesystem?
On Thu, Jul 9, 2009 at 4:26 PM, Michael ODonnellmichael.odonn...@comcast.net wrote: I am running into a disk space issue on an older server. I'd like to do a tune2fs -m 1 (or maybe 0) to get rid of most, if not all of the reserved block space on the partition that is close to full. The disk is actually an iSCSI volume mounted from an EqualLogic array, and then exported via NFS to 6 other servers. Has anyone ever run tune2fs on a mounted/in-use filesystem? Is this safe to do? I don't know specifically whether that's safe to do with a mounted filesystem but if your situation allows you might be able to accomplish it by first doing an on-the-fly remount such that your filesystem is temporarily ReadOnly, then do your tune2fs thing, then restore ReadWrite mode with another on-the-fly remount: mount -oremount,ro /your/filesystem tune2fs -whatever /dev/yourDevice mount -oremount,rw /your/filesystem Going ReadOnly isn't an option, unfortunately. There are several apps that are constantly reading and writing to this file system which would die a horrible, unnatural, painful death if they suddenly couldn't write. Thanks, Kenny ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Mucking with a mounted filesystem?
On 07/09/2009 04:14 PM, Kenny Lussier wrote: I am running into a disk space issue on an older server. I'd like to do a tune2fs -m 1 (or maybe 0) to get rid of most, if not all of the reserved block space on the partition that is close to full. The disk is actually an iSCSI volume mounted from an EqualLogic array, and then exported via NFS to 6 other servers. I think that kind of superblock info is only consulted at mount time, so probably nothing will notice if you do it, but you won't get any benefit until you mount again. Does '-o remount' consult the superblock or only process things that can be expressed as mount options? The man page only says: all ext2fs-specific parameters, except sb, are changeable with a remount but 'sb' is one that has -o semantics. -Bill -- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 http://www.bfccomputing.com/Cell: 603.252.2606 Twitter, etc.: bill_mcgonigle Page: 603.442.1833 Email, IM, VOIP: b...@bfccomputing.com Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Mucking with a mounted filesystem?
Kenny Lussier wrote: Hi All, I am running into a disk space issue on an older server. I'd like to do a tune2fs -m 1 (or maybe 0) to get rid of most, if not all of the reserved block space on the partition that is close to full. The disk is actually an iSCSI volume mounted from an EqualLogic array, and then exported via NFS to 6 other servers. Has anyone ever run tune2fs on a mounted/in-use filesystem? Is this safe to do? Yes, it's safe to do, no remounting or anything else required. I haven't done it on an iSCSI-backed disk, but I've done it on LVM and regular disk-backed ext3 filesystems and do not thing that the back-end disk type has anything to do with it working or not. Here's my output from doing it on an LVM-backed filesystem (and that filesystem contains the directory I'm running it from): mkomarin...@murphy:~$ sudo tune2fs -m 5 /dev/vg00/home tune2fs 1.41.3 (12-Oct-2008) Setting reserved blocks percentage to 5% (655360 blocks) mkomarin...@murphy:~$ sudo tune2fs -m 1 /dev/vg00/home tune2fs 1.41.3 (12-Oct-2008) Setting reserved blocks percentage to 1% (131072 blocks) mkomarin...@murphy:~$ sudo tune2fs -m 0 /dev/vg00/home tune2fs 1.41.3 (12-Oct-2008) Setting reserved blocks percentage to 0% (0 blocks) mkomarin...@murphy:~$ -Mark ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Mucking with a mounted filesystem?
On Thu, Jul 9, 2009 at 4:45 PM, Bill McGonigleb...@bfccomputing.com wrote: On 07/09/2009 04:14 PM, Kenny Lussier wrote: I am running into a disk space issue on an older server. I'd like to do a tune2fs -m 1 (or maybe 0) to get rid of most, if not all of the reserved block space on the partition that is close to full. The disk is actually an iSCSI volume mounted from an EqualLogic array, and then exported via NFS to 6 other servers. I think that kind of superblock info is only consulted at mount time, so probably nothing will notice if you do it, but you won't get any benefit until you mount again. Does '-o remount' consult the superblock or only process things that can be expressed as mount options? The man page only says: all ext2fs-specific parameters, except sb, are changeable with a remount but 'sb' is one that has -o semantics. It will work, and space gained without a remount (I was prompted to try it on an unimportant system): [r...@l-kluss ~]# df -h /dev/sda1 FilesystemSize Used Avail Use% Mounted on /dev/sda1 99M 80M 15M 85% /boot [r...@l-kluss ~]# tune2fs -m 0 /dev/sda1 tune2fs 1.35 (28-Feb-2004) Setting reserved blocks percentage to 0 (0 blocks) [r...@l-kluss ~]# df -h /dev/sda1 FilesystemSize Used Avail Use% Mounted on /dev/sda1 99M 80M 20M 81% /boot I suppose the real question is whether it is safe to do it on a filesystem that is exported. I'll look for another box and set up NFS, I guess. Thanks, Kenny ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: WAP/Router for use with OpenVPN
On 07/07/2009 12:54 PM, Neil Joseph Schelly wrote: I run my company's OpenVPN endpoint on both UDP and TCP. I send out configurations using UDP because it works in almost all circumstances, but there was once, with an employee travelling somewhere in Europe, where the hotel firewall/NAT didn't do anything for UDP connections. That's the only time it's ever been used and it may never be used again. The TCP connection is just too much slower to use on a regular basis. I hit a couple of these recently, in two different hotels on the same trip! Both only allowed DNS and HTTP/S (most of their guests only use wifi for facebook and porn?). I wound up on a $45/hr Internet connection at a nearby conference center for just long enough ($7 worth) to setup a TCP/443 OpenVPN instance on my pfSense firewall (running on Via C7 hardware). I've since set up this kind of config for a couple clients with mobile salesforces that have had similar symptoms. At this point it seems free wireless internet is an insufficient advertisement for a business traveler, and there's probably nobody you can talk to ahead of time who can tell you what they allow. B-o-o-o-o-o-gus! -Bill -- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 http://www.bfccomputing.com/Cell: 603.252.2606 Twitter, etc.: bill_mcgonigle Page: 603.442.1833 Email, IM, VOIP: b...@bfccomputing.com Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Mucking with a mounted filesystem?
On 07/09/2009 04:51 PM, Mark Komarinski wrote: Yes, it's safe to do, no remounting or anything else required. Mark's right, df confirms here: [b...@zpm ~]$ df Filesystem 1K-blocks Used Available Use% Mounted on /dev/mapper/luks-ba790367--475a-ae19-82bbf7f7ccc5 66062428 9354440 53352116 15% / [b...@zpm ~]$ sudo tune2fs -m 0 /dev/mapper/luks-ba790367-2232-475a-ae19-82bbf7f7ccc5 tune2fs 1.41.4 (27-Jan-2009) Setting reserved blocks percentage to 0% (0 blocks) [b...@zpm ~]$ df Filesystem 1K-blocks Used Available Use% Mounted on /dev/mapper/luks-ba790367--475a-ae19-82bbf7f7ccc5 66062428 9354440 56707988 15% / -- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 http://www.bfccomputing.com/Cell: 603.252.2606 Twitter, etc.: bill_mcgonigle Page: 603.442.1833 Email, IM, VOIP: b...@bfccomputing.com Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Router recommendations?
On Thu, Jul 9, 2009 at 4:22 PM, Bill McGonigleb...@bfccomputing.com wrote: ... some of the Buffalo gear is now back on the market. Ah, I didn't know that. (I haven't had much need to pay attention until recently -- one drawback to having a steady gig at one company is you loose touch with the parts of the market you don't need.) The price on the WHR-HP-G54 is nice. No USB ports, but that's more of a WIBNI than a real need for me. Anyone know if the built-in amplifier they tout actually does anything? I kinda thought all radios had an amplifier section :) Also look at the Fonera 2, it looks like a good value. It does. But it only has a single LAN port, and I need a switch, too. I could use a stand-alone, of course, but that would be one more box and wall wart and tangle of wires on my computer desk. Besides, one of the neat things about these all-in-one boxes is that they often have a managed switch (as opposed to two NICs). Not that I've ever used that capability, but it's neat. Same category as the USB port. ;-) -N could never go final, for all we know, so vendors are working on interop on pre-N. Yah, that's what they said about the first round of pre-N, too. Granted, this one seems to be sticking around longer. That said, -N radios are more expensive than they should be, I think. I don't personally have a use for medium-speed wireless that's worth the extra money. -G is fast enough for Internet access and gigabit is for large file transfer. That's pretty much where I'm at, too. :) -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Tool to automatically update symlinks when moving files
On 07/01/2009 12:21 PM, virgins...@vfemail.net wrote: Does anyone know of a tool that can automatically update symbolic links when moving files around on a filesystem, so as to maintain symlink consistency? Depending on how ugly you want to get, you could store lists of referrers and referents in POSIX xattrs and update them with a mv wrapper. You have size limits and race conditions to worry about, though; current ext4 work should lift the size limits when that lands. I think the VFS has the tools you need if your lists are small enough: http://tinyurl.com/ext2symlinks That's probably less awful than building a parallel database for some use cases. -Bill -- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 http://www.bfccomputing.com/Cell: 603.252.2606 Twitter, etc.: bill_mcgonigle Page: 603.442.1833 Email, IM, VOIP: b...@bfccomputing.com Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: It appears that Cisco has decided to deep six the Linksys line...
Like this is the first time a company's ever done that. As Gerry Hull says, Typical marketing stuff. I'd be amazed if Cisco canceled LinkSys. It remains one of the most popular consumer networking brands. They could bring it back as Linksys Classic. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Finding *unfiltered* free WiFi? (was: WAP/Router for use with OpenVPN)
We've got the `open database of general knowledge' (Wikipedia), the open database of maps (OpenStreetMap), the open database of speed-limit signs (Wikispeedia), the open database of GSM cell-sites (OpenBmap)..., why not one for WiFi-hotspots? We actually talked about this a bit at the DLSLUG meeting on OpenStreetMap. A WiFi node is just another type of node, with a certain tag. I think somebody said wardrivers have already automated this? It makes more sense to add the data to OpenStreetMap than to create another database. B-o-o-o-o-o-gus! Are you quoting Bill Ted, or Frankenstein? :) Click and Clack, of course! -Bill ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/