te recomiendo que te instales fiddler y debugues a donde te queres conectar
y pegame el log que te genera
las maquinas que no pueden acceder y te puedo dar una mano.
http://www.fiddlertool.com/fiddler/
2008/3/25 Alexander López Lapo [EMAIL PROTECTED]:
Estimados Todos, tengo una pequeña
El 25/03/08, Alexander López Lapo [EMAIL PROTECTED] escribió:
Lo más raro, es que las máquinas que no pueden acceder
tienen todos los permisos. Será que alguien me puede dar alguna
sugerencia. Espero sus comentarios.
Si hablas de permisos, supongo que tienes ya sea el firewall arriba o
que
Es realidad tambien lo que nos dice Esteban, pero eso seria posible tambien
si tenes esas maquinas en otro rango de ips
y estan bloqueadas por el firewall.
On Tue, Mar 25, 2008 at 3:02 PM, Esteban Saavedra L.
[EMAIL PROTECTED] wrote:
El 25/03/08, Alexander López Lapo [EMAIL PROTECTED]
Ya intente en varias ocasiones lo que dice Esteban. Les comente así
tenga arriba o abajo las acl en los swith y el firewall en mi servidor;
las máquinas no pueden acceder a ese servicio. Lo que voy hacer es a
hacer un debung con la herramienta que me recomiendas. Espero subir los
resultados
es obligatorio usar sendmail por eso necesito ayuda!!!
___
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es
On Mon, 24 Mar 2008, Mark Rose wrote:
First of all, I was able to use the 5.1 LiveCD to create a bootable USB (8G
Lexar FireFly) - thanks to all for your assistance. Question - has anyone
been able to add NTFS support to an USB install? It would be a nice to have
the ability to access NTFS
Let's not forget one fundamental fact - can you easily download RHEL from
Redhat's site? If yes, then it was meant to be publicly distributed. If
no, it was not, and such copies should not be trusted.
My philosophy - if you cannot obtain a copy of what you want from the
original
I have a virus and spam filter device that can do VRFY commands to
reject invalid email before it gets to the next mail hop. How can I
configure the SMTP server to only allow VRFY commands from one
particular IP address, and nowhere else? I don't want spammers to be
able to hammer on the gateway
Gents,
I figured this would be a nice thread to add my question to.
Mrepo is installed, and functioning... somewhat. The problem is that
repodata/ directories are not being pulled from the mirrors. Here is my
mrepo configuration.
[main]
hardlink = yes
srcdir = /mnt/kickstart
wwwdir =
hello everyone, i just signed up onto the mailing list, testing. nice to
meet you all!
JC
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
J C wrote:
hello everyone, i just signed up onto the mailing list, testing. nice
to meet you all!
JC
___
CentOS mailing list
CentOS@centos.org
on 3-25-2008 7:18 AM Sean Carolan spake the following:
I have a virus and spam filter device that can do VRFY commands to
reject invalid email before it gets to the next mail hop. How can I
configure the SMTP server to only allow VRFY commands from one
particular IP address, and nowhere else?
So I setup ssh on a server so I could do some work from home and I think
the second I opened it every sorry monkey from around the world has been
trying every account name imaginable to get into the system.
What's a good way to deal with this?
___
iptables, disallow root login via ssh, no valid shell for users that
don't need one, strong passwords, keys would be a good start.
Mike
On Tue, Mar 25, 2008 at 11:48 AM, Tim Alberts [EMAIL PROTECTED] wrote:
So I setup ssh on a server so I could do some work from home and I think
the second I
Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I
think the second I opened it every sorry monkey from around the world
has been trying every account name imaginable to get into the system.
What's a good way to deal with this?
Rudi Ahlers wrote:
Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I
think the second I opened it every sorry monkey from around the world
has been trying every account name imaginable to get into the system.
What's a good way to deal with this?
Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I
think the second I opened it every sorry monkey from around the world
has been trying every account name imaginable to get into the system.
actually, those 'attempts' are coming from virus infected systems
Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I
think the second I opened it every sorry monkey from around the world
has been trying every account name imaginable to get into the system.
FYI, here's a list of the losers (so far). I suggest everyone wish
On Tue, Mar 25, 2008 at 12:48 PM, Tim Alberts [EMAIL PROTECTED] wrote:
So I setup ssh on a server so I could do some work from home and I think
the second I opened it every sorry monkey from around the world has been
trying every account name imaginable to get into the system.
What's a
Mike Kercher wrote:
iptables, disallow root login via ssh, no valid shell for users that
don't need one, strong passwords, keys would be a good start.
Mike
iptables..add the ip of the attack source to reject? They keep moving
IP, this is very time consuming (but I am doing it). I don't
Rudi Ahlers wrote:
Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I
think the second I opened it every sorry monkey from around the world
has been trying every account name imaginable to get into the system.
What's a good way to deal with this?
1. Change the default port
I could do that, but if they already know about it, a simple port scan and
they'll probably find it again. Plus I gotta go tell all my client
programs the new port and I don't know how to do that on most of them (what
a hassle).
If you're talking about people
Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I
think the second I opened it every sorry monkey from around the world
has been trying every account name imaginable to get into the system.
What's a good way to deal with this?
Tim Alberts wrote:
I got keys setup so I know
I'm talking to my server.
This is probably not what he meant. You can use a key pair to
authenticate with the SSH server and turn off password authentication
entirely. That makes password guessing attacks utterly impossible,
because the server
So I setup ssh on a server so I could do some work from home and I think
the second I opened it every sorry monkey from around the world has been
trying every account name imaginable to get into the system.
What's a good way to deal with this?
___
On Tue, Mar 25, 2008 at 09:48:17AM -0700, Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I think
the second I opened it every sorry monkey from around the world has been
trying every account name imaginable to get into the system.
What's a good way to
William L. Maltby wrote:
On Mon, 2008-03-24 at 16:19 -0500, Dan Bongert wrote:
mouss wrote:
Dan Bongert wrote:
Hello all:
snip
Though 'ls' was just an example -- just about any program will fail. The 'w'
command will fail too:
thoth(118) /tmp w
16:06:51 up 5:34, 1 user, load
Tim Alberts wrote:
iptables..add the ip of the attack source to reject? They keep moving
IP, this is very time consuming (but I am doing it).
...
stop thinking 'they', that implies theres someone intentionally
targetting you. its just viruses randomly squirting out connection
requests
David Mackintosh wrote:
On Tue, Mar 25, 2008 at 09:48:17AM -0700, Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I think
the second I opened it every sorry monkey from around the world has been
trying every account name imaginable to get into the system.
John R Pierce wrote:
Tim Alberts wrote:
iptables..add the ip of the attack source to reject? They keep
moving IP, this is very time consuming (but I am doing it).
...
stop thinking 'they', that implies theres someone intentionally
targetting you. its just viruses randomly squirting out
Tim Alberts wrote:
David Mackintosh wrote:
On Tue, Mar 25, 2008 at 09:48:17AM -0700, Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I
think the second I opened it every sorry monkey from around the
world has been trying every account name imaginable to
Tony Placilla [EMAIL PROTECTED]
Sr. UNIX Systems Administrator
The Sheridan Libraries
Johns Hopkins University
On Tue, Mar 25, 2008 at 12:48 PM, in message [EMAIL PROTECTED],
Tim Alberts [EMAIL PROTECTED] wrote:
So I setup ssh on a server so I could do some work from home
Rudi Ahlers wrote:
Tim Alberts wrote:
... sounds great for getting around a remote dynamic IP address, but
some more authentication/security on that web page is necessary,
otherwise, anyone who finds that web page is given access?
___
Why?
What
John R Pierce wrote:
Rudi Ahlers wrote:
Tim Alberts wrote:
... sounds great for getting around a remote dynamic IP address, but
some more authentication/security on that web page is necessary,
otherwise, anyone who finds that web page is given access?
I posted this in the Bacula list without success so I hope I might have some
luck here. Btape and mt can access my DDS-3 Seagate Archive Python 06480-xxx
tape drive but Bacula tray-mon ends up finally stating that it cannot open
device /dev/nst0? That is the device string that I use to access
on 3-25-2008 11:28 AM Tim Alberts spake the following:
David Mackintosh wrote:
On Tue, Mar 25, 2008 at 09:48:17AM -0700, Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I
think the second I opened it every sorry monkey from around the world
has been
On Tue, Mar 25, 2008 at 11:28:45AM -0700, Tim Alberts wrote:
http://wiki.xdroop.com/space/Linux/Limited+SSH+Access
That sounds great for getting around a remote dynamic IP address, but
some more authentication/security on that web page is necessary,
otherwise, anyone who finds that web
on 3-25-2008 11:46 AM Rudi Ahlers spake the following:
John R Pierce wrote:
Rudi Ahlers wrote:
Tim Alberts wrote:
... sounds great for getting around a remote dynamic IP address, but
some more authentication/security on that web page is necessary,
otherwise, anyone who finds that web page is
On Tuesday 25 March 2008 17:00:18 James A. Peltier wrote:
Fail2Ban is a good brute force protector. It works in conjunction with
IPTables to block IPs that are attacking for a said duration of time.
And I can confirm that it's a doddle to set up. The defaults were fine for
me - nothing
On Tue, 2008-03-25 at 13:21 -0500, Dan Bongert wrote:
William L. Maltby wrote:
On Mon, 2008-03-24 at 16:19 -0500, Dan Bongert wrote:
mouss wrote:
Dan Bongert wrote:
Hello all:
snip
Though 'ls' was just an example -- just about any program will fail. The
'w'
command will
Scott Silva wrote:
Or just hide it and not name it my-sshd-access.php. It is difficult
to find a web page you don't know exists if directory listing is off.
if you post your weblogs online, perhaps via an analysis package such as
Analog, DO be sure to exclude this file :)
I often create a
Tim,
The important ones, imho --
1. disallow root login
2. disallow password authentication (use keys, as someone else has
described)
3. prevent multiple failed attempts using iptables:
# Log and block repeated attempts to access SSH
# See /proc/net/ipt_recent file for low-level data
# Block
Recently, I added the below line to my sendmail.mc and rebuilt.
Everything was working just fine until sometime today. In looking over
the maillog, it seems if almost every piece of mail was rejected because
of this configuration - mail that I know is OK, valid, and not a source
of spam,
Sam Drinkard wrote:
One link I ran
across said that ordb.org went out of business or stopped their service in
Dec of '06. If that's the case, why is their info still being listed in
some of the sendmail configs, and others still
Hi, i want to know - how synchronization mailinglist news works .
I can set a name of a news group for mailinglist in mailman. Is it all that
is necessary to do? I do understand one way - from mailman to news server,
but what about the other side? How can i achieve it? Hope it is understable
On Tue, 2008-03-25 at 18:03 -0400, Sam Drinkard wrote:
Recently, I added the below line to my sendmail.mc and rebuilt.
Everything was working just fine until sometime today. In looking over
the maillog, it seems if almost every piece of mail was rejected because
of this configuration -
I notice that when I connect from a Windows VNC client (any VNC
distribution it seems) to the Centos desktop (Gnome) I cannot send AltGr
key combinations. The vncserver on the CentOS side is vino from Gnome. I
cannot check if the same happens when connecting from a CentOS machine to
a CentOS
I did a yum groupremove Java and that failed somehow. Yum listed all
group members as erased, but some rpm packages failed because of missing
config files or so. As a result none of the 50 packages were removed from
the rpm database, but all of their files seem to have been removed.
How can I
On Wed, 2008-03-26 at 01:09 +0100, Kai Schaetzl wrote:
I did a yum groupremove Java and that failed somehow. Yum listed all
group members as erased, but some rpm packages failed because of missing
config files or so. As a result none of the 50 packages were removed from
the rpm database,
I am looking online trying to find a procedure to automount a CIFS share but
need to use username/domain/pass in the credential file thats referenced in
fstab. Its not working, anyone know of a resource that works in CentOS5.1?
If it matters, the unc has a dash and a $ in it, and the password
On Tuesday 25 March 2008 12:55, Rudi Ahlers wrote:
Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I
think the second I opened it every sorry monkey from around the world
has been trying every account name imaginable to get into the system.
I posted this in the Bacula list without success so I hope I might have some
luck here. Btape and mt can access my DDS-3 Seagate Archive Python 06480-xxx
tape drive but Bacula tray-mon ends up finally stating that it cannot open
device /dev/nst0? That is the device string that I use to access
Dan Bongert wrote:
mouss wrote:
Dan Bongert wrote:
Hello all:
I have a couple CentOS 4 servers (all up-to-date) that are having
strange command failures. I first noticed this with a perl script
that uses lots of system calls.
thoth(66) /tmp uname -a
Linux thoth.ssc.wisc.edu
I have been trying to mount my NTFS hard disk using the CentOS 5.1 Live USB
pendrive I created from the LiveCD. I did an fdisk-l and see the
partition as /dev/sdb1, but when I try to mount it, I get an error stating
that NTFS is an unknown filesystem type. I attempted to install the ntfs-3g
and
seems to mess up the pam for swat.
[EMAIL PROTECTED] security]# rpm -qf /etc/pam.d/samba
samba-3.0.25b-1.el4_6.4
[EMAIL PROTECTED] security]# cat /etc/pam.d/samba
#auth required/lib/security/pam_stack.so service=system-auth
#accountrequired
Hi,
On Tue, Mar 25, 2008 at 2:21 PM, Dan Bongert [EMAIL PROTECTED] wrote:
thoth(3) /tmp ls
thoth(4) /tmp echo $?
141
141 is SIGPIPE. If the process is killed by a signal, the return code
will be 128+signal number. 141-128=13, and kill -l says: 13) SIGPIPE.
SIGPIPE means that something
Hi,
On Tue, Mar 25, 2008 at 10:19 PM, Mark Rose [EMAIL PROTECTED] wrote:
I attempted to install the ntfs-3g and fuse rpms, without any success
(there were numerous dependancies and could not get libc to install)..
You shouldn't try to compile it, just get the RPM for fuse-ntfs-3g
from
57 matches
Mail list logo