On Tue, February 10, 2015 18:28, Always Learning wrote:
3. The Russian's web site is that of a devote cyclist. Most of the
films on his web site are of cycling or about cycling. Most of the
oldish PDF files are about Linux and in Russian. I do not consider
his site presents a malicious
On 02/11/2015 09:27 AM, James B. Byrne wrote:
PDFs are known vectors for malware. They have been exploited in the
past and no doubt will be exploited in the future. ...
That said, I readily admit that the risk posed by this particular
example is low. But, it is not zero.
As an example, I found
On Wed, 2015-02-11 at 09:27 -0500, James B. Byrne wrote:
Most phishing sites do not resemble anything like what one might
expect. That is why they work. Truly, with network security you
really, really have to develop a pathological paranoia about files
with unknown origins or you might as
On Tue, February 10, 2015 6:58 pm, Always Learning wrote:
On Tue, 2015-02-10 at 16:39 -0800, John R Pierce wrote:
On 2/10/2015 3:28 PM, Always Learning wrote:
3. The Russian's web site is that of a devote cyclist.
oh, well, I'm glad that makes the copyright violation of stealing an
On 02/10/2015 05:29 PM, Always Learning wrote:
Legal point 1: you do not know the source of the Russian's PDF.
Legal point 2: you can not determine with certainty that the said PDF is
*not* a lawful copy.
Legal point 3: you can not establish the Russian's possession of the PDF
is *not* lawful.
On Tue, 2015-02-10 at 19:19 -0600, Valeri Galtsev wrote:
Just to make it clear: I recommended the book itself without pointing to
any source of it, and when pirate copy was mentioned by somebody else, I
had to say I do not recommend that source and would recommend to buy the
book on amazon.
On Tue, Feb 10, 2015 at 5:39 PM, John R Pierce pie...@hogranch.com wrote:
On 2/10/2015 3:28 PM, Always Learning wrote:
3. The Russian's web site is that of a devote cyclist.
oh, well, I'm glad that makes the copyright violation of stealing an authors
work OK in your book.
This thread has
On Tue, Feb 10, 2015 at 6:29 PM, Always Learning cen...@u64.u22.net wrote:
On Tue, 2015-02-10 at 17:14 -0800, John R Pierce wrote:
On 2/10/2015 4:58 PM, Always Learning wrote:
You have absolutely no prima facie evidence to support your assertion.
Seriously? from page 5 of said PDF.
On Tue, 2015-02-10 at 21:04 -0700, Chris Murphy wrote:
What libraries offer is not only legal, it's important to keep this
intact. Publishers have variably been very unreasonable abrogating the
first-sale doctrine when it comes to ebook versions. It's a case where
I believe in no shade of
On 2/10/2015 5:29 PM, Always Learning wrote:
Legal point 1: you do not know the source of the Russian's PDF.
doesn't matter.
Legal point 2: you can not determine with certainty that the said PDF is
*not* a lawful copy.
I know that *I* don't have the rights to read that PDF, and I suspect
On Tue, February 10, 2015 7:36 pm, Always Learning wrote:
On Tue, 2015-02-10 at 19:19 -0600, Valeri Galtsev wrote:
Just to make it clear: I recommended the book itself without pointing to
any source of it, and when pirate copy was mentioned by somebody else, I
had to say I do not recommend
On Tue, 2015-02-10 at 21:32 -0600, Valeri Galtsev wrote:
Indeed I should have said allegedly pirated not just pirated. As I
don't care to go into details if it is or it isn't. I also would recommend
to finish this discussion and those who feel so get themselves some
fundamental book and go
On Tue, 2015-02-10 at 17:14 -0800, John R Pierce wrote:
On 2/10/2015 4:58 PM, Always Learning wrote:
You have absolutely no prima facie evidence to support your assertion.
Seriously? from page 5 of said PDF.
Copyright © 2011 Pearson Education, Inc. All rights reserved.
On Tue, 2015-02-10 at 17:59 -0700, Warren Young wrote:
On Feb 10, 2015, at 4:28 PM, Always Learning cen...@u64.u22.net wrote:
2. PDFs can be created by *NON-ADOBE* software.
And SWFs can be generated by non-Adobe software, and JARs can be generated by
non-Oracle software. What’s
On Tue, Feb 10, 2015 at 8:55 PM, Always Learning cen...@u64.u22.net wrote:
Before an unnecessary riot starts perhaps I should mention I've borrowed
'The Book' from a public library :-)
FYI my comments are restricted the PDF floating around of the
recommended UNIX and Linux System Admin book.
On Feb 9, 2015, at 12:12 PM, John R Pierce pie...@hogranch.com wrote:
On 2/9/2015 11:06 AM, Always Learning wrote:
The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the PDF
shows every page appears to be readable. 11 pages devoted to BASH.
Information on other interesting
On Tue, February 10, 2015 4:04 pm, Warren Young wrote:
On Feb 9, 2015, at 12:12 PM, John R Pierce pie...@hogranch.com wrote:
On 2/9/2015 11:06 AM, Always Learning wrote:
The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the
PDF
shows every page appears to be readable. 11
On 2015-02-10, Always Learning cen...@u64.u22.net wrote:
My decisions are based on what I know. Those decisions can be called
informed decisions.
Calling them informed decisions doesn't automatically make them
informed decisions.
--keith
--
kkel...@wombat.san-francisco.ca.us
On 2/10/2015 3:28 PM, Always Learning wrote:
3. The Russian's web site is that of a devote cyclist.
oh, well, I'm glad that makes the copyright violation of stealing an
authors work OK in your book.
--
john r pierce 37N 122W
somewhere on the middle of
Valeri and Warren,
My decisions are based on what I know. Those decisions can be called
informed decisions.
I am not abdicating anything to you two gentlemen.
--
Regards,
Paul.
England, EU. Je suis Charlie.
___
CentOS mailing list
On Tue, 2015-02-10 at 23:28 +, Always Learning wrote:
3. The Russian's web site is that of a *devout* cyclist.
--
Regards,
Paul.
England, EU. Je suis Charlie.
___
CentOS mailing list
CentOS@centos.org
On Tue, 2015-02-10 at 15:04 -0700, Warren Young wrote:
On Feb 9, 2015, at 12:12 PM, John R Pierce pie...@hogranch.com wrote:
On 2/9/2015 11:06 AM, Always Learning wrote:
The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the PDF
shows every page appears to be readable.
On Tue, 2015-02-10 at 16:24 -0800, Keith Keller wrote:
On 2015-02-10, Always Learning cen...@u64.u22.net wrote:
My decisions are based on what I know. Those decisions can be called
informed decisions.
Calling them informed decisions doesn't automatically make them
informed decisions.
On Tue, 2015-02-10 at 16:39 -0800, John R Pierce wrote:
On 2/10/2015 3:28 PM, Always Learning wrote:
3. The Russian's web site is that of a devote cyclist.
oh, well, I'm glad that makes the copyright violation of stealing an
authors work OK in your book.
Another bored expert desperate
On Feb 10, 2015, at 4:28 PM, Always Learning cen...@u64.u22.net wrote:
2. PDFs can be created by *NON-ADOBE* software.
And SWFs can be generated by non-Adobe software, and JARs can be generated by
non-Oracle software. What’s your point? Is it that only Evil Corporations can
create
On 2/10/2015 4:58 PM, Always Learning wrote:
You have absolutely no prima facie evidence to support your assertion.
Seriously? from page 5 of said PDF.
Copyright © 2011 Pearson Education, Inc. All rights reserved.
Printed in the United States of America. This publication is
On 2/5/2015 8:20 PM, Always Learning wrote:
On Fri, 2015-02-06 at 10:50 +1100, Kahlil Hodgson wrote:
On 6 February 2015 at 10:23, Always Learning cen...@u64.u22.net wrote:
Logically ?
1. to change the permissions on shadow from -rw-x-- or from
-- to -rw-r--r-- requires root
On 02/09/2015 04:25 PM, PatrickD Garvey wrote:
On Mon, Feb 9, 2015 at 3:23 PM, Kahlil Hodgson
kahlil.hodg...@dealmax.com.au wrote:
On 10 February 2015 at 10:15, PatrickD Garvey
patrickdgarv...@gmail.com wrote:
Please allow me to make sure I am perceiving this correctly,
reports of errors
On Mon, Feb 09, 2015 at 10:10:35PM +, Always Learning wrote:
Keith neither of us know whether or not the Russian man obtained his PDF
copy of the book lawfully. In my book-publishing opinion, the PDF
appears to have originated from the book's publisher, so the original
source must have
On 02/09/2015 11:11 PM, Kahlil Hodgson wrote:
On 10 February 2015 at 16:39, Pete Travis li...@petetravis.com wrote:
Officially, no, the Fedora Documentation bz product isn't there for
Red Hat guides. If you want to file a bug against a RHEL guide, choose
your version of RHEL then look for the
For those interested, a ticket has been opened with FESCo.
https://fedorahosted.org/fesco/ticket/1412
--
Scott Robbins
PGP keyID EB3467D6
( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 )
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6
___
CentOS
On Mon, February 9, 2015 10:55 am, Bowie Bailey wrote:
On 2/5/2015 8:20 PM, Always Learning wrote:
On Fri, 2015-02-06 at 10:50 +1100, Kahlil Hodgson wrote:
On 6 February 2015 at 10:23, Always Learning cen...@u64.u22.net
wrote:
Logically ?
1. to change the permissions on shadow from
On 2/9/2015 11:06 AM, Always Learning wrote:
The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the PDF
shows every page appears to be readable. 11 pages devoted to BASH.
Information on other interesting topics too.
on a site hosted in Russia which appears to be FULL of
On Mon, February 9, 2015 1:13 pm, Jonathan Billings wrote:
On Mon, Feb 09, 2015 at 07:06:11PM +, Always Learning wrote:
The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the PDF
shows every page appears to be readable. 11 pages devoted to BASH.
Information on other
On Mon, Feb 09, 2015 at 07:06:11PM +, Always Learning wrote:
The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the PDF
shows every page appears to be readable. 11 pages devoted to BASH.
Information on other interesting topics too.
Although I have a natural preference for
On 10/02/15 04:31, Valeri Galtsev wrote:
UNIX and Linux System Administration Handbook (4th Edition) 2010 by Evi
Nemeth and Garth Snyder
Yeah buy this book. Skimping is not acceptable.
I do hope the Niña is found in my lifetime http://nina7.org
___
On 02/09/2015 11:11 PM, Kahlil Hodgson wrote:
On 10 February 2015 at 16:39, Pete Travis li...@petetravis.com wrote:
Officially, no, the Fedora Documentation bz product isn't there for
Red Hat guides. If you want to file a bug against a RHEL guide, choose
your version of RHEL then look for the
On 10 February 2015 at 16:39, Pete Travis li...@petetravis.com wrote:
Officially, no, the Fedora Documentation bz product isn't there for
Red Hat guides. If you want to file a bug against a RHEL guide, choose
your version of RHEL then look for the guide's component - these days,
they all
On Mon, Feb 9, 2015 at 11:12 AM, John R Pierce pie...@hogranch.com wrote:
On 2/9/2015 11:06 AM, Always Learning wrote:
The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the PDF
shows every page appears to be readable. 11 pages devoted to BASH.
Information on other interesting
On Mon, 2015-02-09 at 11:12 -0800, John R Pierce wrote:
On 2/9/2015 11:06 AM, Always Learning wrote:
The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the PDF
shows every page appears to be readable. 11 pages devoted to BASH.
Information on other interesting topics too.
On Mon, Feb 9, 2015 at 11:13 AM, Jonathan Billings billi...@negate.org wrote:
On Mon, Feb 09, 2015 at 07:06:11PM +, Always Learning wrote:
The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the PDF
shows every page appears to be readable. 11 pages devoted to BASH.
On Mon, February 9, 2015 3:14 pm, PatrickD Garvey wrote:
On Mon, Feb 9, 2015 at 11:12 AM, John R Pierce pie...@hogranch.com
wrote:
On 2/9/2015 11:06 AM, Always Learning wrote:
The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the
PDF
shows every page appears to be readable. 11
On Mon, 2015-02-09 at 13:28 -0800, Keith Keller wrote:
On Mon, 2015-02-09 at 11:12 -0800, John R Pierce wrote:
on a site hosted in Russia which appears to be FULL of copyright
violations.
On 2015-02-09, Always Learning cen...@u64.u22.net wrote:
Probably not really a software
On Mon, 2015-02-09 at 15:54 -0600, Valeri Galtsev wrote:
Still, as I stressed in my original suggestion: to get proficient in
anything one has to learn fundamentals, so I would forget about blogs,
web posts, and would begin with a really good book. Unless you are
already an expert in a sense
On Mon, February 9, 2015 3:28 pm, Keith Keller wrote:
On 2015-02-09, Always Learning cen...@u64.u22.net wrote:
On Mon, 2015-02-09 at 11:12 -0800, John R Pierce wrote:
On 2/9/2015 11:06 AM, Always Learning wrote:
The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the
PDF
On Mon, Feb 9, 2015 at 3:42 PM, Valeri Galtsev
galt...@kicp.uchicago.edu wrote:
Still, there are many knowledgeable people on the list, they may give
different recommendation, which will create some pool of choices. I asked
John and Jonathan, I'd like to ask also Les Mikesell and Mr.
On 2015-02-09, Always Learning cen...@u64.u22.net wrote:
On Mon, 2015-02-09 at 11:12 -0800, John R Pierce wrote:
On 2/9/2015 11:06 AM, Always Learning wrote:
The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the PDF
shows every page appears to be readable. 11 pages devoted
On Mon, 2015-02-09 at 11:31 -0600, Valeri Galtsev wrote:
I guess, this discussion (about security of your system and what affects
it) should be ended by the reference to fundamental book on Unix system
[administration]. One thing I learned: you can not become proficient in
any subject just
On Mon, February 9, 2015 1:51 pm, Peter Lawler wrote:
On 10/02/15 04:31, Valeri Galtsev wrote:
UNIX and Linux System Administration Handbook (4th Edition) 2010 by Evi
Nemeth and Garth Snyder
Yeah buy this book. Skimping is not acceptable.
+1
Yes, good people have to feed their families,
On 10 February 2015 at 09:53, PatrickD Garvey patrickdgarv...@gmail.com wrote:
I'd like to know how a member of
the CentOS project submits improvements to something in the RedHat
documentation. Can you provide guidance in that regard?
I think you can simply submit a bug report under fedora
On 10 February 2015 at 10:08, Kahlil Hodgson
kahlil.hodg...@dealmax.com.au wrote:
I think you can simply submit a bug report under fedora documentation.
Via bugzilla:
https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora%20Documentation
___
CentOS
On Mon, Feb 9, 2015 at 3:11 PM, Kahlil Hodgson
kahlil.hodg...@dealmax.com.au wrote:
On 10 February 2015 at 10:08, Kahlil Hodgson
kahlil.hodg...@dealmax.com.au wrote:
I think you can simply submit a bug report under fedora documentation.
Via bugzilla:
On 10 February 2015 at 10:15, PatrickD Garvey patrickdgarv...@gmail.com wrote:
Please allow me to make sure I am perceiving this correctly,
reports of errors found in RedHat documentation are to be reported
against the Fedora Documentation product type in the RedHat bugzilla?
and
reports of
On Mon, Feb 9, 2015 at 2:06 PM, Les Mikesell lesmikes...@gmail.com wrote:
On Mon, Feb 9, 2015 at 3:42 PM, Valeri Galtsev
galt...@kicp.uchicago.edu wrote:
Still, there are many knowledgeable people on the list, they may give
different recommendation, which will create some pool of choices. I
On Mon, Feb 9, 2015 at 3:23 PM, Kahlil Hodgson
kahlil.hodg...@dealmax.com.au wrote:
On 10 February 2015 at 10:15, PatrickD Garvey patrickdgarv...@gmail.com
wrote:
Please allow me to make sure I am perceiving this correctly,
reports of errors found in RedHat documentation are to be reported
On 02/06/2015 12:50 AM, Kahlil Hodgson wrote:
On 6 February 2015 at 10:23, Always Learning cen...@u64.u22.net wrote:
Logically ?
1. to change the permissions on shadow from -rw-x-- or from
-- to -rw-r--r-- requires root permissions ?
2. if so, then what is the advantage of
On Tue, 03 Feb 2015 20:44:33 +, Always Learning wrote:
[]
There should be a basic defence that when the password is wrong 'n'
occasions the IP address is blocked automatically and permanently unless
it is specifically allowed in IP Tables. If specifically allowed in IP
Tables,
On 02/03/2015 04:56 AM, Les Mikesell wrote:
On Mon, Feb 2, 2015 at 4:17 PM, Warren Young w...@etr-usa.com wrote:
Let’s flip it around: what’s your justification *for* weak passwords?
You don't need to write them down. Or trust some 3rd party password
keeper to keep them.Whereas when
On 02/04/2015 07:55 PM, Always Learning wrote:
Rent ? That costs money. Just crack open some Windoze machines and do
it for free. That is what many hackers do.
Those crackers who build these botnets are the ones who rent out botnet
time to people who just was to get the work done. There is
On Thu, February 5, 2015 9:34 am, Always Learning wrote:
On Thu, 2015-02-05 at 09:51 -0500, Lamar Owen wrote:
On 02/04/2015 07:55 PM, Always Learning wrote:
Rent ? That costs money. Just crack open some Windoze machines and do
it for free. That is what many hackers do.
Those crackers
On Thu, Feb 5, 2015 at 9:27 AM, Valeri Galtsev
galt...@kicp.uchicago.edu wrote:
... there seem to be many
Windows brew people up on the top of IT ladder these days). I feel like
there is brave new world of admins who feel it right to have iPad-like
everything, i.e. boxes cooked up and sealed
On Wed, February 4, 2015 17:16, Lamar Owen wrote:.
Now, I have seen this happen, on a system in the wild, where the very
first thing the attacker did was grab a copy of /etc/shadow, even with
an interactive reverse shell and root access being had. So even when
you recover your system from
On Thu, 2015-02-05 at 09:27 -0600, Valeri Galtsev wrote:
.. I feel like
there is brave new world of admins who feel it right to have
iPad-like everything, i.e. boxes cooked up and sealed by vendor, and
you have no way even to look inside, not to say re-shape interior to
your
On Thu, 2015-02-05 at 12:35 -0600, Valeri Galtsev wrote:
On Thu, February 5, 2015 10:08 am, Always Learning wrote:
On Thu, 2015-02-05 at 09:41 -0600, Valeri Galtsev wrote:
I know, I know, everybody is reasonable, it is just I didn't have my
coffee yet...
Your logic is amazingly good
On Thu, 2015-02-05 at 13:59 -0500, Lamar Owen wrote:
On 02/05/2015 10:34 AM, Always Learning wrote:
Surely its time for the Feds to arrest and change them ?
The Feds in which country?
The USA for a start. The USA's law enforcement is never slow at working
with foreign countries law
On Thu, February 5, 2015 12:45 pm, m.r...@5-cent.us wrote:
Valeri Galtsev wrote:
On Thu, February 5, 2015 10:08 am, Always Learning wrote:
snip
I know, I know, everybody is reasonable, it is just I didn't have my
coffee yet...
Your logic is amazingly good for a coffee drinker.
No, I
On 02/04/2015 05:55 PM, Warren Young wrote:
On Feb 4, 2015, at 3:16 PM, Lamar Owen lo...@pari.edu wrote:
There have been remotely exploitable vulnerabilities where an arbitrary file
could be read
CVEs, please?
CVE-2006-3392 for one. As this one was against Webmin, well, webmin by
nature has
On Thu, February 5, 2015 12:49 am, Keith Keller wrote:
On 2015-02-04, Valeri Galtsev galt...@kicp.uchicago.edu wrote:
I'm neutral to sudo (even though I was taught the smaller number of
SUID/SGID files you have, the better). Yet, I'm considering it less safe
to have regular user who can log
On Wed, February 4, 2015 16:55, Warren Young wrote:
On Feb 4, 2015, at 12:16 PM, Lamar Owen lo...@pari.edu wrote:
Again, the real bruteforce danger is when your /etc/shadow is
exfiltrated by a security vulnerability
Unless you have misconfigured your system, anyone who can copy
/etc/shadow
On 2015-02-04, Always Learning cen...@u64.u22.net wrote:
On C5 the default appears to be:-
-rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
It is much more likely that someone has screwed up your system. I think
even CentOS 4 had shadow as 400. And what on earth would the point be
in
On Thu, Feb 5, 2015 at 4:19 PM, Keith Keller
kkel...@wombat.san-francisco.ca.us wrote:
On C5 the default appears to be:-
-rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
It is much more likely that someone has screwed up your system. I think
even CentOS 4 had shadow as 400. And what
On Thu, 2015-02-05 at 14:19 -0800, Keith Keller wrote:
On 2015-02-04, Always Learning cen...@u64.u22.net wrote:
On C5 the default appears to be:-
-rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
It is much more likely that someone has screwed up your system. I think
even CentOS 4
On Thu, February 5, 2015 4:29 pm, Les Mikesell wrote:
On Thu, Feb 5, 2015 at 4:19 PM, Keith Keller
kkel...@wombat.san-francisco.ca.us wrote:
On C5 the default appears to be:-
-rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
It is much more likely that someone has screwed up your
On Thu, Feb 5, 2015 at 4:39 PM, Valeri Galtsev
galt...@kicp.uchicago.edu wrote:
Yes, /etc/shadow would have always been readable only by root by
default. The interesting question here is whether an intruder did
it, clumsily leaving evidence behind, or whether it is just a local
change from
On Thu, 2015-02-05 at 16:39 -0600, Valeri Galtsev wrote:
-rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
Be it me, I would consider box compromised. All done on/from that box
since probable day it happened compromised as well. If there is no way to
establish the day, then since
On 2/5/2015 10:59 AM, Lamar Owen wrote:
However, another password with similar characteristics would be fine.
You just never want to use it on more than one server to be safe.
there's a very useful tool built into centos's 'expect' package...
$ mkpasswd -l 15 -d 3 -C 5
5ufkpX@SDxa2DF3
On Thu, February 5, 2015 5:23 pm, Always Learning wrote:
On Thu, 2015-02-05 at 16:39 -0600, Valeri Galtsev wrote:
-rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
Be it me, I would consider box compromised. All done on/from that box
since probable day it happened compromised as
On Thu, February 5, 2015 5:07 pm, Les Mikesell wrote:
On Thu, Feb 5, 2015 at 4:39 PM, Valeri Galtsev
galt...@kicp.uchicago.edu wrote:
Yes, /etc/shadow would have always been readable only by root by
default. The interesting question here is whether an intruder did
it, clumsily leaving
On 6 February 2015 at 10:23, Always Learning cen...@u64.u22.net wrote:
Logically ?
1. to change the permissions on shadow from -rw-x-- or from
-- to -rw-r--r-- requires root permissions ?
2. if so, then what is the advantage of changing those permissions when
the entity
On Thu, Feb 5, 2015 at 5:29 PM, Valeri Galtsev
galt...@kicp.uchicago.edu wrote:
Be it me, I would consider box compromised. All done on/from that box
since probable day it happened compromised as well. If there is no way
to
establish the day, then since that system originally build. With full
On Thu, Feb 5, 2015 at 9:59 AM, Always Learning cen...@u64.u22.net wrote:
Foolish and stupid implicit trust in a third party. Just look at the
Windoze world ever since Win95 (first edition of many) materialised.
Trust M$ and get a free virus every time !
I wouldn't go there unless you want to
On Thu, 2015-02-05 at 10:10 -0600, Les Mikesell wrote:
On Thu, Feb 5, 2015 at 9:59 AM, Always Learning cen...@u64.u22.net wrote:
Or unless you have some sort of proof that a current Windows 2012
server is less secure or stable than a Linux distro.
Not every 'home' or business user uses, or
On Thu, 2015-02-05 at 09:41 -0600, Valeri Galtsev wrote:
wac4140SoeTer'#621strAAt0918;@@
Gee thanks. I'll use it for root on every server ;-)
I know this is joke. Yet (in a slim chance someone out there can follow it
with seriousness) I would strongly suggest:
Don't do it. Don't
On Wed, February 4, 2015 17:55, Warren Young wrote:
But of course the same people fighting this move to more secure
password minima are the same ones that turn off SELinux.
Ah. Sorry, NO.
First, we are not talking about a more secure password minima. We are
discussing an arbitrary change
On 2015-02-05, Valeri Galtsev galt...@kicp.uchicago.edu wrote:
On Thu, February 5, 2015 5:23 pm, Always Learning wrote:
On Thu, 2015-02-05 at 16:39 -0600, Valeri Galtsev wrote:
-rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
Be it me, I would consider box compromised. All done
On Thu, 2015-02-05 at 17:36 -0600, Valeri Galtsev wrote:
Logically ?
1. to change the permissions on shadow from -rw-x-- or from
-- to -rw-r--r-- requires root permissions ?
2. if so, then what is the advantage of changing those permissions when
the entity possessing
Jonathan Billings billings at negate.org Tue Feb 3 20:35:44 UTC 2015
Honestly, of all the faults and foibles in the Red Hat/CentOS installer,
I'm
amazed that someone is complaining about that.
Someone is trying to keep the scope of such faults and foibles on topic,
otherwise they'd easily
On Fri, 2015-02-06 at 10:50 +1100, Kahlil Hodgson wrote:
On 6 February 2015 at 10:23, Always Learning cen...@u64.u22.net wrote:
Logically ?
1. to change the permissions on shadow from -rw-x-- or from
-- to -rw-r--r-- requires root permissions ?
2. if so, then what is the
On Thu, February 5, 2015 10:08 am, Always Learning wrote:
On Thu, 2015-02-05 at 09:41 -0600, Valeri Galtsev wrote:
wac4140SoeTer'#621strAAt0918;@@
Gee thanks. I'll use it for root on every server ;-)
I know this is joke. Yet (in a slim chance someone out there can follow
it
On 02/05/2015 10:34 AM, Always Learning wrote:
On Thu, 2015-02-05 at 09:51 -0500, Lamar Owen wrote:
Those crackers who build these botnets are the ones who rent out
botnet time to people who just was to get the work done. There is a
large market in botnet time.
Surely its time for the Feds
On 2015-02-04, James B. Byrne byrn...@harte-lyne.ca wrote:
One might question why *nix distributions insist on providing a known
point of attack to begin with. Why does user 0 have to be called
root? Why not beatlebailey, cinnamon or pasdecharge?
That is more or less what OS X does. User 0
On Wed, February 4, 2015 9:17 am, James B. Byrne wrote:
On Tue, February 3, 2015 14:01, Valeri Galtsev wrote:
On Tue, February 3, 2015 12:39 pm, Les Mikesell wrote:
On Tue, Feb 3, 2015 at 12:24 PM, Valeri Galtsev
galt...@kicp.uchicago.edu wrote:
Sounds so I almost have to feel shame for
On Wed, Feb 04, 2015 at 08:18:23AM -0800, Keith Keller wrote:
On 2015-02-04, James B. Byrne byrn...@harte-lyne.ca wrote:
One might question why *nix distributions insist on providing a known
point of attack to begin with. Why does user 0 have to be called
root? Why not beatlebailey,
On Wed, February 4, 2015 10:35 am, Scott Robbins wrote:
On Wed, Feb 04, 2015 at 08:18:23AM -0800, Keith Keller wrote:
On 2015-02-04, James B. Byrne byrn...@harte-lyne.ca wrote:
One might question why *nix distributions insist on providing a known
point of attack to begin with. Why does
On Wed, February 4, 2015 10:18 am, Keith Keller wrote:
On 2015-02-04, James B. Byrne byrn...@harte-lyne.ca wrote:
One might question why *nix distributions insist on providing a known
point of attack to begin with. Why does user 0 have to be called root?
Why not beatlebailey, cinnamon or
On 02/04/2015 10:17 AM, James B. Byrne wrote:
I had a friend, now deceased, who worked as an RCA colour TV
technician when he was very young. In the 1950s he would be sent to
the homes of people having trouble adjusting the colour settings on
their new RCA's. That was system administration
On 02/03/2015 03:44 PM, Always Learning wrote:
There should be a basic defence that when the password is wrong 'n'
occasions the IP address is blocked automatically and permanently
unless it is specifically allowed in IP Tables.
As has been mentioned, fail2ban does this.
However, the reason
On 02/04/2015 02:08 PM, Lamar Owen wrote:
3.) Attacker uses a large graphics card's GPU power, harnessed with
CUDA or similar, to run millions of bruteforce attempts per second on
the exfiltrated /etc/shadow, on their computer (not yours).
4.) After a few hours, attacker has your password (or
On Wed, February 4, 2015 3:55 pm, Warren Young wrote:
On Feb 4, 2015, at 12:16 PM, Lamar Owen lo...@pari.edu wrote:
Again, the real bruteforce danger is when your /etc/shadow is
exfiltrated by a security vulnerability
Unless you have misconfigured your system, anyone who can copy
On Feb 4, 2015, at 12:16 PM, Lamar Owen lo...@pari.edu wrote:
Again, the real bruteforce danger is when your /etc/shadow is exfiltrated by
a security vulnerability
Unless you have misconfigured your system, anyone who can copy /etc/shadow
already has root privileges. They don’t need to
1 - 100 of 226 matches
Mail list logo
