my home systems log in! This could easily result in my being
unable to get in from arbitrary locations in the field in an emergency,
which seems not good.)
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net
On Tue, July 22, 2008 11:57, MHR wrote:
On Tue, Jul 22, 2008 at 8:16 AM, David Dyer-Bennet [EMAIL PROTECTED] wrote:
The next step up from that is some form of port knocking scheme --
where
the outsider must first attempt to connect to some particular *other*
port
to trigger ssh to be ready
directories, so it's easy to work on any of the
production systems; it won't be particularly high-load or any particularly
strange usage pattern), but I care about understanding things at least.
Both systems are running Centos 4.6.
Any ideas?
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd
is
exporing users' home directories to be shared among all the linux boxes,
so setting up an extra hierarchy /export didn't see to gain me anything.)
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery
currently *do* seem to come in series from the
same IP, so blocking that has at least some benefit (mostly cleaning up my
logs I suspect).
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera
a firewall issue to me. Do you allow incoming traffic to port
22049/TCP?
As I said in the message you're responding to, all connections from
internal IPs are allowed.
Can you mount over NFSv3?
Yes. And I said that in the message you're responding to also.
--
David Dyer-Bennet, [EMAIL
On Wed, July 23, 2008 14:17, MJT wrote:
On Wednesday 23 July 2008 9:55:57 am David Dyer-Bennet wrote:
change which versions of NFS get mounted. I haven't had to change
anything else in that file.
I don't believe SECURE_NFS does anything; at least, it's not mentioned
in
/etc/init.d/nfs
server that'd be amazingly
stupid; so I'm guessing, from a great distance and very little
information, that it's something simpler like just not having installed
yum.)
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net
firewire and wireless and...
Firewire is a sensible interface for external backup devices in some
configurations. Then again, is it hard to add back in?
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net
is where bash gets it's command-line
editing, supports both emacs and vi modes, so you can have that
commonality either way.
Personally I think the only vi command one needs to know is :q!.
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data
5 --rttl --name SSH -j LOG
--log-prefix 'SSH attack: '
Is that right? Thanks.
That's the right general approach; duplicate the drop rule but with a LOG
target and appropriate logging parameters.
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b
memory system an order of magnitude
better than you seem to. That's off in a far corner of the Linux
application space -- Linux can do some real-time stuff, but it's not the
first choice for hard real-time environments last time I talked to any of
those people.
--
David Dyer-Bennet, [EMAIL
PDP-11/20 just a couple of years after
that.)
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info
___
CentOS mailing
On Tue, August 19, 2008 12:06, William L. Maltby wrote:
On Tue, 2008-08-19 at 11:50 -0500, David Dyer-Bennet wrote:
I don't recall that anybody referred to DASD connected to our IBM
1401;
it was just disk. Were we just a weird corner (I wouldn't swear they
didn't use some weird term like
On Tue, August 19, 2008 19:04, Kenneth Porter wrote:
--On Tuesday, August 19, 2008 10:15 AM -0500 David Dyer-Bennet
[EMAIL PROTECTED] wrote:
That's the right general approach; duplicate the drop rule but with a
LOG
target and appropriate logging parameters.
Another approach is to create
?
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org
%'10d\n $bc $bsec $bytes
fi
lbc=$bc
lts=$ts
sleep $secs
done
I have obfuscated the read-only community name.)
--
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http
On Mon, November 7, 2011 11:51, Rajagopal Swaminathan wrote:
Greetings,
On Mon, Nov 7, 2011 at 10:23 PM, David Dyer-Bennet d...@dd-b.net wrote:
I made the mistake of looking at disk IO numbers in two different ways
--
now I'm confused, because they give inconsistent answers.
First way
On Mon, November 7, 2011 13:23, Rajagopal Swaminathan wrote:
Greetings,
On Tue, Nov 8, 2011 at 12:40 AM, David Dyer-Bennet d...@dd-b.net wrote:
On Mon, November 7, 2011 11:51, Rajagopal Swaminathan wrote:
Greetings,
On Mon, Nov 7, 2011 at 10:23 PM, David Dyer-Bennet d...@dd-b.net
wrote
On Thu, August 21, 2008 10:23, David Dyer-Bennet wrote:
The problem is, I can't originate a connection to either guest from
outside.
Solved my own problem. And found I'd forgotten the choices, so maybe my
description didn't fully make sense either.
I was indeed running my guests behind NAT
already in place? But
even if that works -- shouldn't it be possible to add a piece of hardware
to a system and have it recognized on reboot?
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery
.
If the low-order bits are magic in a MAC, then maybe my second one is an
invalid, but I don't find any documentation of such; the low two bits of
the *first* byte have meanings, but I haven't touched them.
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b
called network manager)? At this point there are
so many layers of mess in a brand-new Centos install that I'm afraid to
touch the real config files by hand; you never know what's vestigial, what
will get overwritten, and so forth.
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots
. But I think that's something
I'll start tomorrow, not now.
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info
then out near my computer at home; found
them cleaning out some stuff, and could quite bear to just dump them, so
they're kicking around.
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera
On Thu, August 28, 2008 12:53, William L. Maltby wrote:
On Thu, 2008-08-28 at 12:17 -0500, David Dyer-Bennet wrote:
Started being paid to write software in 1969, for an IBM 1401. 026 and
029 card punches for me, too; I preferred the keyboard touch on the 026
by
quite a lot. 14 five
cards by 1976, though.
I moved to DEC hardware -- PDP-11 (running RSTS), and then when I
graduated from college I moved to a DECSYSTEM-20 site, and then into DEC's
field software support organization, and then into their engineering
organization in Marlboro MA.
--
David Dyer-Bennet, [EMAIL PROTECTED
sure what it did exactly any more; it wasn't the tabulator because it
didn't have a printer.
you win ;) -- I don't want to be older, and in my head, I'm
still in my twenties.
Oh yes. Very definitely.
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b
the
decommissioning process. It hasn't made it out to the garage yet.
I've also still got a laptop that's probably older than him. It runs CP/M.
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera
On Sun, August 31, 2008 04:03, Ric Moore wrote:
On Fri, 2008-08-29 at 10:51 -0500, David Dyer-Bennet wrote:
I've also still got a laptop that's probably older than him. It runs
CP/M.
I once had a pretty large collection of CP/M machines. I had three
IMSAI's. a VDP-80 and two VDP-44's. I
).
Also by 1995 I had my first CD drive (not CD-R, though I went to a seminar
at 3M and saw one; an external SCSI device that sold for only $15,000).
So I think you are lumping together too large a span of time to claim disk
sizes were fairly stable over.
--
David Dyer-Bennet, [EMAIL PROTECTED
won't even know anything
about Linux or Xen, just Windows.)
Yes, I also asked on the Xen list; not sure how much what I see as Xen is
actually basic Xen and how much is Centos, and the documentation I'm using
to do this is all the Centos stuff so I figured I should ask here.
--
David Dyer-Bennet
On Wed, September 17, 2008 14:28, David Dyer-Bennet wrote:
How do I control what port the VNC console is presented on?
I got an answer over on the Xen-users list, which I'm echoing here in case
anybody else now or in the future cares, and in hopes that nobody spends
any time looking
be a directory (because it says two different files should be
there).
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info
anybody might ever want, but
I'd give those two tools a pretty high priority; certainly much higher
than, oh, sound-juicer, say, or openoffice.org-impress.
(See me *not* asking for emacs in this space. Well, unless there was
actually spare space just sitting there.)
--
David Dyer-Bennet, [EMAIL
vl41 {
address = 172.17.4.1
active = 1
weight = 4
}
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info
didn't tell ipvs to actually route to
them.
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info
___
CentOS mailing list
On Thu, September 25, 2008 14:43, Barry Brimer wrote:
Quoting David Dyer-Bennet [EMAIL PROTECTED]:
On Thu, September 25, 2008 14:13, Barry Brimer wrote:
Is the service itself active?
Do you have a line above these that says something like:
virtual example.com {
active = 1
different operating systems.
We'll call this a success. (Which means I've about completed the first
phase of testing; second phase will be with workloads actually related to
our intended goal. And after that, implementation!)
Thanks for your help!
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd
delivery?
ICMP is involved in IP routing, including MTU discovery, announcing failed
connections, and so forth. Email is delivered over IP. QED.
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography
.
(Fragmentation introduces more work and effectively many more lost packets
in most setups, so the flow will be jumpy and less efficient even if it
mostly works.)
--
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography
Barry Brimer wrote:
Quoting David Dyer-Bennet d...@dd-b.net:
But I want to observe the connections on the load balancer.
ipvsadm -L -c -n should do the trick. Also, you shouldn't need that MASQ rule
unless you need to MASQ traffic originating from inside your private network
. Monitoring directly on each server is harder, plus they're
running Windows now so they're harder to monitor remotely.)
Thanks again!
--
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http
even 2006, so
perhaps some things aren't fully up-to-date.)
So, does that mean my Xeon-based server doesn't have hardware
virtualization assistance?
--
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery
On Wed, July 14, 2010 12:47, Laurent Wandrebeck wrote:
On Wed, 14 Jul 2010 12:32:12 -0500
David Dyer-Bennet d...@dd-b.net wrote:
I'm installing Centos 5.5 on a new Dell R301 server. I wanted to run
Xen
and have the full virtualization possibilities (this is our development
support server
On Wed, July 14, 2010 12:55, Brian Mathis wrote:
On Wed, Jul 14, 2010 at 1:49 PM, Dominik Zyla gavro...@gavroche.pl
wrote:
On Wed, Jul 14, 2010 at 12:32:12PM -0500, David Dyer-Bennet wrote:
I'm installing Centos 5.5 on a new Dell R301 server. I wanted to run
Xen
and have the full
On Wed, July 14, 2010 13:03, Kwan Lowe wrote:
On Wed, Jul 14, 2010 at 1:32 PM, David Dyer-Bennet d...@dd-b.net wrote:
I'm installing Centos 5.5 on a new Dell R301 server. I wanted to run
Xen
and have the full virtualization possibilities (this is our development
support server, so it runs
checked the
virtualization setting in the bios are:
flags : fpu tsc msr pae cx8 apic mtrr cmov pat clflush acpi mmx
fxsr sse sse2 ss ht syscall nx lm constant_tsc ida pni est ssse3 cx16
sse4_1 sse4_2 popcnt lahf_lm
--
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http
.pinerivercapital.local 2.6.18-194.8.1.el5.centos.plusxen #1
SMP Wed Jul 7 12:25:41 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux
I ran a yum update after installing from the DVDs I had from a week or two
ago, and have rebooted since that update (there wasn't a new kernel in the
update).
--
David Dyer-Bennet, d
On Wed, July 14, 2010 14:20, Whit Blauvelt wrote:
On Wed, Jul 14, 2010 at 01:47:00PM -0500, David Dyer-Bennet wrote:
I found one BIOS entry, Virtualization technology; it was initially
disabled, but I enabled it before I installed CENTOS, and verified that
it
was still enabled later (I
On Wed, July 14, 2010 14:57, R P Herrold wrote:
On Wed, 14 Jul 2010, David Dyer-Bennet wrote:
That's the entry. But reports are some systems need to be
fully powered off for the entry to be effectively changed -
some BIOSes evidently are flakey about it.
Now *there's* something I wouldn't
On Wed, July 14, 2010 15:08, Paul Heinlein wrote:
On Wed, 14 Jul 2010, David Dyer-Bennet wrote:
The flags from /proc/cpuinfo after this reboot where I checked the
virtualization setting in the bios are:
flags : fpu tsc msr pae cx8 apic mtrr cmov pat clflush acpi
mmx
fxsr sse
On Wed, July 14, 2010 14:20, Whit Blauvelt wrote:
On Wed, Jul 14, 2010 at 01:47:00PM -0500, David Dyer-Bennet wrote:
I found one BIOS entry, Virtualization technology; it was initially
disabled, but I enabled it before I installed CENTOS, and verified that
it
was still enabled later (I
?
But I imagine there's a performance benefit to LVM partitions over dom0
files.
For things like foswiki for internal use by a development team, and Nagios
monitoring for about a dozen systems, do i need that extra performance?
Does anybody have a rule-of-thumb for the difference?
--
David Dyer
. Anybody have similar experiences? Or, even more
interesting, contrary experiences?
--
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info
in the guest that the right drivers are
loaded? What are they?
--
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info
___
CentOS
group instead of that and the server gui group.
I'm mostly happy using text configs, except I keep running into cases
where the manuals or helpful people on the net assume I'm using the GUI,
so I've gotten in the habit of installing it when I get a choice.
--
David Dyer-Bennet, d...@dd-b.net; http
processors with
modern virtualization support (turned on in the bios, and it looks like
Xen found it from xm dmesg output).
--
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http
enough I
could probe them until I found the system I wanted. Obviously this is for
use when I'm having trouble getting in through the console but have some
reason to think the rest of the system is alive.)
--
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b
On Thu, July 15, 2010 14:08, Rudi Ahlers wrote:
On Thu, Jul 15, 2010 at 9:03 PM, David Dyer-Bennet d...@dd-b.net wrote:
If I can log in to the guest through the console, I can of course find
out
what IP DHCP has assigned it. If I configure a static IP I can of
course
connect to the system
On Fri, July 16, 2010 01:56, Rudi Ahlers wrote:
On Thu, Jul 15, 2010 at 10:06 PM, David Dyer-Bennet d...@dd-b.net wrote:
My dom0 /var/log/messages doesn't have anything on assignments to
guests.
bs004 (ID 9), for example, currently has 192.168.1.143, but there's
nothing about that IP
On 16-Jul-10 19:17, Kahlil Hodgson wrote:
On 07/17/2010 12:39 AM, David Dyer-Bennet wrote:
The domU got it's ip from the corporate DHCP server, which is what I
intended (that's why I'm running bridged, I'm using virtual servers to
separate functions while conserving physical boxes, so I want
suggested arpwatch yet? I think it can send you email when a
new mac/ip appears on the network and would be useful even outside the
context of virtual machines.
Nobody has previously, that I've noticed anyway. Thanks, that sounds like
it does just what I'm looking for.
--
David Dyer-Bennet, d
On Mon, July 19, 2010 09:00, Todd Denniston wrote:
Rudi Ahlers wrote, On 07/16/2010 02:56 AM:
On Thu, Jul 15, 2010 at 10:06 PM, David Dyer-Bennet d...@dd-b.net
wrote:
My dom0 /var/log/messages doesn't have anything on assignments to
guests.
bs004 (ID 9), for example, currently has
. AND you could still deploy the some
other dude done it defense.
It's certainly very handy to have access to wireless when I visit friends,
go to parties, and so forth. I have an unsecured network of my own at
home that I turn on for parties (fairly small bandwidth).
--
David Dyer-Bennet, d...@dd
On Mon, July 19, 2010 04:38, Pasi Kärkkäinen wrote:
On Wed, Jul 14, 2010 at 02:12:52PM -0500, David Dyer-Bennet wrote:
On Wed, July 14, 2010 14:09, Brian Mathis wrote:
Are you checking the stats from inside the dom0 or a domU? What's the
output of 'uname -a'?
In dom0; I haven't gone
On Sun, July 18, 2010 20:54, Kahlil Hodgson wrote:
On 18/07/10 12:04, David Dyer-Bennet wrote:
An alternative, if you have some control over the DHCP server, might be
to enforce a mapping of MAC addresses to IPs. You can pretty much set
you guest MAC addresses to whatever you want so long
On Mon, July 19, 2010 13:39, m.r...@5-cent.us wrote:
David Dyer-Bennet wrote:
On Mon, July 19, 2010 09:09, m.r...@5-cent.us wrote:
Jay Leafey wrote:
As far as the security of my home network goes, I get a giggle every
time I scan for wireless networks at home. Mine is the ONLY network
68 matches
Mail list logo
