In there you are almost telling people that security through obscurity is a
good way.
That might sometimes be true but in this case it could mean that you would be
handing passwords and other data out.
When you start SSH on port 22 it is done with root privileges because the root
user is the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/02/2014 03:45 PM, Theodor Sigurjon Andresson wrote:
In there you are almost telling people that security through
obscurity is a good way. That might sometimes be true but in this
case it could mean that you would be handing passwords and
To change it to unassigned privileged port would be a much better idea if the
user insists on changing it. I personally don't like the idea of security
through obscurity at all.
However if I remember correctly there are some programs that depend on SSH to
be run on port 22. Usually easily
The context for ssh !22 is about what others could/would do to a ssh
daemon. This includes script kiddies or some zero day exploit trolling for
*easy* targets. If you have someone creating a listener on the server, you
have an entirely different issue. How often do you randomly connect to some
Yes, when securing your services you *layer* defenses that could include using
STO. But when STO is set up in a wrong way it can lead to a security issue. It
isn't good to protect your services to slow down or prevent an attack by
opening up a security risk. As in this case changing the port of
On 10/03/2014 04:17 AM, Theodor Sigurjon Andresson wrote:
Yes, when securing your services you*layer* defenses that could include using
STO. But when STO is set up in a wrong way it can lead to a security issue. It
isn't good to protect your services to slow down or prevent an attack by
attachment was scrubbed...
URL:
http://lists.centos.org/pipermail/centos-docs/attachments/20141002/b47fb1a0/attachment-0001.html
--
Message: 5
Date: Fri, 3 Oct 2014 01:17:09 +
From: Theodor Sigurjon Andresson theodors...@kvenno.is
To: Mail list for wiki articles centos
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/02/2014 04:47 PM, Theodor Sigurjon Andresson wrote:
To change it to unassigned privileged port would be a much better
idea if the user insists on changing it. I personally don't like
the idea of security through obscurity at all. However if
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/02/2014 09:11 PM, Manuel Wolfshant wrote:
Incidentally I am a fan of using iptables (recent match) to limit
the number of admissible attempts from any given IP to connect to
sshd ( yes, I know, it has nothing to do with the initial concern
Mira aquí:
Índice de Manuales - Alcance Libre
Índice de Manuales - Alcance Libre
Sondeo Escritorios alternativos Linux Other polls | 3,889 voters | 2
comentarios · Próximas fechas Curso Global de Servidores con CentOS 6. · Taller
de programació...
View on
Hello Frank,
On Wed, 1 Oct 2014 22:57:30 -0600 Frank Cox thea...@melvilletheatre.com wrote:
Today I found myself in need of a laptop to run Centos on. And that simple
statement led to an all-day odyssey.
[snip]
Since it has now become amazingly difficult to get a laptop if you're not
My asus laptop booted linux fine... until the motherboard fried though.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Hello Jason
Sent from Yahoo Mail on Android
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Long time
Sent from Yahoo Mail on Android
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
op 02-10-14 09:01, wwp schreef:
Hello Frank,
On Wed, 1 Oct 2014 22:57:30 -0600 Frank Cox thea...@melvilletheatre.com wrote:
Today I found myself in need of a laptop to run Centos on. And that simple
statement led to an all-day odyssey.
[snip]
Since it has now become amazingly difficult
From: Valeri Galtsev galt...@kicp.uchicago.edu
Cryptologists (or mathematicians) - you have last word ! (after which we -
all us others - will shut up ;-)
No, the FBI director has the last word: Do not side with paedophiles and
terrorists and stop using encryption! Think of the children!
JD
Hello,
On Thu, 02 Oct 2014 11:01:19 +0200 Johan Vermeulen jvermeu...@cawdekempen.be
wrote:
op 02-10-14 09:01, wwp schreef:
Hello Frank,
On Wed, 1 Oct 2014 22:57:30 -0600 Frank Cox thea...@melvilletheatre.com
wrote:
Today I found myself in need of a laptop to run Centos on. And
On Wed, 2014-10-01 at 22:57 -0600, Frank Cox wrote:
I'm wondering what the rest of you fine folks do when it comes to purchasing
a laptop?
Been using CentOS.available on a series of Dell Precision laptops
(M4300, M4600) since 2007 or so without much difficulty.
Thinkpad T series, and fully agree with Devin. Rock-solid, and pretty much
all the pieces work - even Optimus.
Still, CentOS would never be my first choice for a personal laptop ...
___
CentOS mailing list
CentOS@centos.org
Many years ago I purchased a Dell Inspiron direct from Dell and had very similar
issues, so it is not just WinBloze 8, it is that the systems are intentionally
set up to make it difficult. Took me about 3 hours just to get to the BIOS
because the window of time was less than 1 second to hit the
1. use Fedora Live instead of CentOS for boot test, then install
CentOS and replace the kernel with ELRepo kernel-ml. This is
usually newer even than Fedora's, thus presumably with much
better support for new HW than stock CentOS.
Of course, the risk here is that CentOS would not
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
op 02-10-14 11:33, wwp schreef:
Hello,
On Thu, 02 Oct 2014 11:01:19 +0200 Johan Vermeulen jvermeu...@cawdekempen.be
wrote:
op 02-10-14 09:01, wwp schreef:
Hello Frank,
On Wed, 1 Oct 2014 22:57:30 -0600 Frank Cox thea...@melvilletheatre.com wrote:
Today I found myself in need of a
On 10/2/2014 12:01 AM, wwp wrote:
Dell Latitude series, from the old D810 to more recent E65xx ones.
well, I'd have said D600 to E64xx, as those big ones are boat anchors
for travel.
--
john r pierce 37N 122W
somewhere on the middle of the left coast
Hello Johan,
On Thu, 02 Oct 2014 14:16:05 +0200 Johan Vermeulen jvermeu...@cawdekempen.be
wrote:
op 02-10-14 11:33, wwp schreef:
Hello,
On Thu, 02 Oct 2014 11:01:19 +0200 Johan Vermeulen
jvermeu...@cawdekempen.be wrote:
op 02-10-14 09:01, wwp schreef:
Hello Frank,
On
On Thu, October 2, 2014 7:16 am, Johan Vermeulen wrote:
op 02-10-14 11:33, wwp schreef:
Hello,
On Thu, 02 Oct 2014 11:01:19 +0200 Johan Vermeulen
jvermeu...@cawdekempen.be wrote:
op 02-10-14 09:01, wwp schreef:
Hello Frank,
On Wed, 1 Oct 2014 22:57:30 -0600 Frank Cox
On 10/02/2014 07:02 AM isdtor wrote:
Thinkpad T series, and fully agree with Devin. Rock-solid, and pretty much
all the pieces work - even Optimus.
Still, CentOS would never be my first choice for a personal laptop ...
Why not? (Not disagreeing, not either agreeing. Just wondering about
On 2 October 2014 14:22, ken geb...@mousecar.com wrote:
On 10/02/2014 07:02 AM isdtor wrote:
Thinkpad T series, and fully agree with Devin. Rock-solid, and pretty much
all the pieces work - even Optimus.
Still, CentOS would never be my first choice for a personal laptop ...
Why not? (Not
On Oct 2, 2014 9:23 PM, ken geb...@mousecar.com wrote:
On 10/02/2014 07:02 AM isdtor wrote:
Thinkpad T series, and fully agree with Devin. Rock-solid, and pretty
much
all the pieces work - even Optimus.
Still, CentOS would never be my first choice for a personal laptop ...
Why not? (Not
On Thu, 2014-10-02 at 14:48 +0100, isdtor wrote:
A
new and recent requirement is to keep the machine free of
poetteringware as much as possible.
Too optimistic. As Johnny states: what is in RHEL is, inevitably, in
Centos.
I'm staying on Centos 6 .. for as long as possible.
Regards,
On Thu, October 2, 2014 9:02 am, Always Learning wrote:
On Thu, 2014-10-02 at 14:48 +0100, isdtor wrote:
A
new and recent requirement is to keep the machine free of
poetteringware as much as possible.
Too optimistic. As Johnny states: what is in RHEL is, inevitably, in
Centos.
I'm
ASSUMING I can get through nixspam...
Bug: CentOS 7. Please either remove useless error messages when log level
is ERR and domains=ALL, or spell them correctly: NetworkManager: IA_NA
status code Success: Address(es) renewed. Greetings from planet Eart is
missing an h on Earth.
mark
I just got SLAMMED with accessed to httpd from
91.230.121.156
I added the address to my firewall to drop it.
FYI
host 91.230.121.156
156.121.230.91.in-addr.arpa domain name pointer
no-rdns.offshorededicated.net.
Jerry
___
CentOS mailing list
On 2014-10-02 10:23 am, Jerry Geis wrote:
I just got SLAMMED with accessed to httpd from
91.230.121.156
I added the address to my firewall to drop it.
FYI
host 91.230.121.156
156.121.230.91.in-addr.arpa domain name pointer
no-rdns.offshorededicated.net.
Are you running Wordpress?
My
Are you running Wordpress?
My company's Wordpress installation was getting hammered by an IP in the
same netblock, yesterday...look in your httpd logs for repeated POST
operations to xmlrpc.php.
yes that is it.
Jerry
On Thu, Oct 2, 2014 at 10:23 AM, Jerry Geis ge...@pagestation.com
op 02-10-14 15:01, Valeri Galtsev schreef:
On Thu, October 2, 2014 7:16 am, Johan Vermeulen wrote:
op 02-10-14 11:33, wwp schreef:
Hello,
On Thu, 02 Oct 2014 11:01:19 +0200 Johan Vermeulen
jvermeu...@cawdekempen.be wrote:
op 02-10-14 09:01, wwp schreef:
Hello Frank,
On Wed, 1 Oct 2014
On Thu, Oct 2, 2014, at 09:29, Mike Burger wrote:
On 2014-10-02 10:23 am, Jerry Geis wrote:
I just got SLAMMED with accessed to httpd from
91.230.121.156
I added the address to my firewall to drop it.
FYI
host 91.230.121.156
156.121.230.91.in-addr.arpa domain name pointer
On 10/01/2014 11:57 PM, Frank Cox wrote:
I'm wondering what the rest of you fine folks do when it comes to purchasing a
laptop? Next time this comes up, I'd rather not have to spend all day on
something that used to take fifteen minutes.
I don't make laptop purchases often... but it's 100%
Jerry Geis wrote:
I just got SLAMMED with accessed to httpd from
91.230.121.156
I added the address to my firewall to drop it.
FYI
host 91.230.121.156
156.121.230.91.in-addr.arpa domain name pointer
no-rdns.offshorededicated.net.
Install fail2ban, and set up a filter.
mark
On 10/02/2014 09:48 AM, m.r...@5-cent.us wrote
Install fail2ban
I followed this tutorial last year; perhaps you can glean some useful
info there:
https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-6
Note: I have absolutely zero real-life experience
Hi all:
I am investigating about Common Unix Printing System (CUPS).but, I have one
doubt, when I execute the command lpc status , the output it's :
for example:
Printer-one:
printer is on device 'lpd' speed -1
queuing is enabled
printing is disabled
10 entries
daemon present
so the status the
Chris Pemberton wrote:
On 10/02/2014 09:48 AM, m.r...@5-cent.us wrote
Install fail2ban
I followed this tutorial last year; perhaps you can glean some useful
info there:
https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-6
Note: I have absolutely
Hi folks,
I searched the list for LibreSSL and found only one mention of it!
Has anyone gotten this working? I have it compiling no problem, but
removing OpenSSL is another story of course. It seems to be compiled
with FIPS support and of course there is no such thing in LibreSSL -
that is
Rodrigo Pichiñual Norin wrote:
Hi all:
I am investigating about Common Unix Printing System (CUPS).but, I have
one doubt, when I execute the command lpc status , the output it's :
for example:
Printer-one:
printer is on device 'lpd' speed -1
queuing is enabled
printing is disabled
10
On 2014-10-02, Frank Cox thea...@melvilletheatre.com wrote:
Since it has now become amazingly difficult to get a laptop if you're not
planning to use Windows, at least around here, I'm wondering what the rest of
you fine folks do when it comes to purchasing a laptop? Next time this comes
Disabling XMLRPC completely via wp-config.php is quite easy.. I can send
required info when I'm in front of a computer. You can also use an .htaccess
rule for Apache to stop requests completely. I'm sure there's also rules for
Nginx, lighttpd, etc that can be found quite easily via Google.
Any Windows 8 laptop requires secure boot does it not? If I'm not mistaken
that's where your issues stem from. Just Micro$oft trying to get even more
control from what I've heard.
—
Sent from Mailbox
On Thu, Oct 2, 2014 at 12:58 AM, Frank Cox thea...@melvilletheatre.com
wrote:
Today I found
I use Fail2Ban which is available from the EPEL repo to ban these addresses.
Works well for SSH attacks by skriptkiddies as well. I usually block an address
for 8 hours.
On 10/02/2014 10:29 AM, Mike Burger wrote:
On 2014-10-02 10:23 am, Jerry Geis wrote:
I just got SLAMMED with accessed
On Thu, October 2, 2014 10:48 am, Keith Keller wrote:
On 2014-10-02, Frank Cox thea...@melvilletheatre.com wrote:
Since it has now become amazingly difficult to get a laptop if you're
not planning to use Windows, at least around here, I'm wondering what
the rest of you fine folks do when it
On Thu, Oct 2, 2014 at 10:48 AM, Keith Keller
kkel...@wombat.san-francisco.ca.us wrote:
On 2014-10-02, Frank Cox thea...@melvilletheatre.com wrote:
Since it has now become amazingly difficult to get a laptop if you're not
planning to use Windows, at least around here, I'm wondering what the
On Thu, 02 Oct 2014 09:02:28 -0700 (PDT)
jwyeth.a...@gmail.com wrote:
Any Windows 8 laptop requires secure boot does it not? If I'm not mistaken
that's where your issues stem from.
The second-last step in my little how-to list is set secure boot off. None
of those laptops worked with Centos
On Thu, 2 Oct 2014, jwyeth.a...@gmail.com wrote:
Disabling XMLRPC completely via wp-config.php is quite easy.. I can
send required info when I'm in front of a computer. You can also use
an .htaccess rule for Apache to stop requests completely. I'm sure
there's also rules for Nginx, lighttpd,
Keith Keller wrote:
On 2014-10-02, Frank Cox thea...@melvilletheatre.com wrote:
Since it has now become amazingly difficult to get a laptop if you're
not planning to use Windows, at least around here, I'm wondering what
the rest of you fine folks do when it comes to purchasing a laptop?
Next
Frank Cox wrote:
On Thu, 02 Oct 2014 09:02:28 -0700 (PDT)
jwyeth.a...@gmail.com wrote:
Any Windows 8 laptop requires secure boot does it not? If I'm not
mistaken that's where your issues stem from.
The second-last step in my little how-to list is set secure boot off.
None of those laptops
On Thu, Oct 2, 2014 at 11:52 AM, jwyeth.a...@gmail.com wrote:
Disabling XMLRPC completely via wp-config.php is quite easy.. I can send
required info when I'm in front of a computer. You can also use an
.htaccess rule for Apache to stop requests completely. I'm sure there's
also rules for
The second-last step in my little how-to list is set secure boot off.
None of those laptops worked with Centos 6 after that. (I tried Acer,
Asus, Lenovo and HP -- everything in the store from the cheapest one up to
about $800 or so.)
You sure there was no *separate* thing to check to
On Thu, 2 Oct 2014 12:49:18 -0400
m.r...@5-cent.us wrote:
You sure there was no *separate* thing to check to -enable- legacy boot?
If there was, it was exceptionally well hidden. There aren't a whole lot of
options in those bios's, though, and I saw at least four completely different
On Thu, 02 Oct 2014 16:56:57 +
Mark Tinberg wrote:
CentOS 7 booted just fine on those devices and should work with SecureBoot
enabled as well.
Centos 7 booted just fine on the third one that I tried and then I stopped
trying and purchased that one. There was no joy with the two before
On 10/02/2014 06:39 AM, Brian Miller wrote:
On Wed, 2014-10-01 at 22:57 -0600, Frank Cox wrote:
I'm wondering what the rest of you fine folks do when it comes to purchasing a
laptop?
Been using CentOS.available on a series of Dell Precision laptops
(M4300, M4600) since 2007 or so without
On 10/02/2014 01:38 PM, Lamar Owen wrote:
On 10/02/2014 06:39 AM, Brian Miller wrote:
On Wed, 2014-10-01 at 22:57 -0600, Frank Cox wrote:
I'm wondering what the rest of you fine folks do when it comes to
purchasing a laptop?
Been using CentOS.available on a series of Dell Precision laptops
On 10/02/2014 02:11 PM, Mike McCarthy, W1NR wrote:
If you look at the Latitude and Precision offerings from Dell you will
notice that RHEL is offered as an OS. These are specifically designed
to run Linux and therefore, they should all work fine with CentOS as
well.
Very true; Dell has
On 2014-10-02, Valeri Galtsev galt...@kicp.uchicago.edu wrote:
On Thu, October 2, 2014 10:48 am, Keith Keller wrote:
I know this is probably a bit sacrilegious, but recently I have been
tending to get a Mac laptop, and run any linux distributions I need
inside a VM. OS X is (just barely)
On 10/02/2014 12:01 PM, Frank Cox wrote:
Most of the machines (I think all of them, actually) started to boot
Centos 6 to at least some extent. They just failed (lock up, kernel
panic, etc) somewhere along the line after that. And Centos 7 did work
on the third one that I tried.
On the HP
On Thu, October 2, 2014 1:11 pm, Mike McCarthy, W1NR wrote:
On 10/02/2014 01:38 PM, Lamar Owen wrote:
On 10/02/2014 06:39 AM, Brian Miller wrote:
On Wed, 2014-10-01 at 22:57 -0600, Frank Cox wrote:
I'm wondering what the rest of you fine folks do when it comes to
purchasing a laptop?
Been
Valeri Galtsev wrote:
On Thu, October 2, 2014 1:11 pm, Mike McCarthy, W1NR wrote:
On 10/02/2014 01:38 PM, Lamar Owen wrote:
On 10/02/2014 06:39 AM, Brian Miller wrote:
On Wed, 2014-10-01 at 22:57 -0600, Frank Cox wrote:
I'm wondering what the rest of you fine folks do when it comes to
greetings,
please excuse delay. pain gets priority. ;-)
after many hours of retries using yum and verifying results of error
messages, i may have figured out problem. tho not sure how to correct.
when trying install with yumex, pulling from nux and rpmforge, i got
noting.
when trying install
On Thu, 2014-10-02 at 09:44 -0700, Paul Heinlein wrote:
On Thu, 2 Oct 2014, jwyeth.a...@gmail.com wrote:
Another good trick to keep IP-based scanners off your back is to make
sure that all HTTP requests have a valid Host: header. In Apache, it's
easy. The first-listed VirtualHost
Bill Gee bgee@... writes:
On Wednesday, October 01, 2014 15:23:52 Mark Tinberg wrote:
All of my servers and
workstations are able to ping6 to outside targets, and anything with a
browser installed can open ipv6.google.com.
So far I have figured out that you have to run TWO
68 matches
Mail list logo