Re: Dubious securuty?
On Thu, 02 Mar 2006 19:13:18 +1300 HappyEvilSlosh [EMAIL PROTECTED] wrote: On Thu, 2006-03-02 at 19:04 +1300, jd wrote: Thank you for taking the time out to answer a paranoid novices question. I would still would like to change distributions. Could anyone give me recommendations and possibly sell me a distribution. Your average distribution is down-loadable from the respective websites. For a novice I strongly suggest Ubuntu (or Kubuntu depending upon your preference of GNOME vs KDE). --Slosh I think I've got a pretty current version of Ubuntu. I've certainly got debian and knoppix latest. I've also got an uncapped ADSL connection at work ( heh ). As always, my advice is to use the distro the person who will be helping you most is familiar with, 'cos there really aint much difference (except in the details), except for a choice of two guis - Gnome and KDE. Steve (Writing from FC4, with debian to my right and CentOS, Gentoo, OpenSolaris, FreeBSD and FC3 at work as well. I scrapped Vector Linux at work because it wasn't technical enough for my rather specialised needs, but would recommend that as a starting point as well).
Re: Dubious securuty?
Steve Holdoway wrote: On Thu, 02 Mar 2006 19:13:18 +1300 HappyEvilSlosh [EMAIL PROTECTED] wrote: On Thu, 2006-03-02 at 19:04 +1300, jd wrote: Thank you for taking the time out to answer a paranoid novices question. I would still would like to change distributions. Could anyone give me recommendations and possibly sell me a distribution. Your average distribution is down-loadable from the respective websites. For a novice I strongly suggest Ubuntu (or Kubuntu depending upon your preference of GNOME vs KDE). --Slosh I think I've got a pretty current version of Ubuntu. I've certainly got debian and knoppix latest. I've also got an uncapped ADSL connection at work ( heh ). As always, my advice is to use the distro the person who will be helping you most is familiar with, 'cos there really aint much difference (except in the details), except for a choice of two guis - Gnome and KDE. Steve (Writing from FC4, with debian to my right and CentOS, Gentoo, OpenSolaris, FreeBSD and FC3 at work as well. I scrapped Vector Linux at work because it wasn't technical enough for my rather specialised needs, but would recommend that as a starting point as well). Any chance that I could get you to download the latest Gentoo for me Steve, if you could write it to DVD that would be excellent. Happy to pay for the media of course. Thanks Lance
Re: Dubious securuty?
Nick Rout wrote: On Thu, 02 Mar 2006 21:21:41 +1300 sirlancelot [EMAIL PROTECTED] wrote: Steve Holdoway wrote: On Thu, 02 Mar 2006 19:13:18 +1300 HappyEvilSlosh [EMAIL PROTECTED] wrote: On Thu, 2006-03-02 at 19:04 +1300, jd wrote: Thank you for taking the time out to answer a paranoid novices question. I would still would like to change distributions. Could anyone give me recommendations and possibly sell me a distribution. Your average distribution is down-loadable from the respective websites. For a novice I strongly suggest Ubuntu (or Kubuntu depending upon your preference of GNOME vs KDE). --Slosh I think I've got a pretty current version of Ubuntu. I've certainly got debian and knoppix latest. I've also got an uncapped ADSL connection at work ( heh ). As always, my advice is to use the distro the person who will be helping you most is familiar with, 'cos there really aint much difference (except in the details), except for a choice of two guis - Gnome and KDE. Steve (Writing from FC4, with debian to my right and CentOS, Gentoo, OpenSolaris, FreeBSD and FC3 at work as well. I scrapped Vector Linux at work because it wasn't technical enough for my rather specialised needs, but would recommend that as a starting point as well). Any chance that I could get you to download the latest Gentoo for me Steve, if you could write it to DVD that would be excellent. Happy to pay for the media of course. Thanks Lance I have it now and will write a cd now if you like. Its one cd. Ok - thanks for that Nick. Let me know where I can pick it up from. Lance
Re: Dubious securuty?
On Thu, 02 Mar 2006 21:46:21 +1300 Christopher Sawtell [EMAIL PROTECTED] wrote: On Thursday 02 March 2006 21:08, Steve Holdoway wrote: On Thu, 02 Mar 2006 19:13:18 +1300 HappyEvilSlosh [EMAIL PROTECTED] wrote: On Thu, 2006-03-02 at 19:04 +1300, jd wrote: Thank you for taking the time out to answer a paranoid novices question. I would still would like to change distributions. Could anyone give me recommendations and possibly sell me a distribution. Your average distribution is down-loadable from the respective websites. For a novice I strongly suggest Ubuntu (or Kubuntu depending upon your preference of GNOME vs KDE). --Slosh I think I've got a pretty current version of Ubuntu. I've certainly got debian and knoppix latest. I've also got an uncapped ADSL connection at work ( heh ). You might care to click on:- http://www.kde-apps.org/content/download.php?content=35376id=1 Which is the latest KUbuntu with the latest KDE stuff KOffice. As always, my advice is to use the distro the person who will be helping you most is familiar with, 'cos there really aint much difference (except in the details), except for a choice of two guis - Gnome and KDE. Which is very good advice. btw, It looks as if several people have got Gentoo-2006.0 already. -- CS My finger must have slipped. Feel free to drop in before 10:00 or between 12:30 and 5pm tomorrow (:
Re: Dubious securuty?
Got a copy of breezy to burn if you want it then it'll be a matter of adept all updates (adept is the GUI updater front end very easy to drive). ps this is kde version but easy enough to change to gnome if wanted. call 980 4306. Quoting Ken McAllister [EMAIL PROTECTED]: On Thu, 2006-03-02 at 19:04 +1300, jd wrote: Could anyone give me recommendations ...? Thank you again, Josh. I like Ubuntu. I have a few CDs to give away but they're out of date. Are people in general receiving the latest mail-out of free discs?
Re: Dubious securuty?
JD, Great to see a new face on list. I can so relate! New ClarkConnect box I set up last week got hacked on Wednesday and is dead today. I'll be rebuilding it again next week with a little more security in mind. Puts a real downer on your computing day when you spend all week working hard on something to have some prick break it for you. Cheers Don On Thu, 2006-03-02 at 18:34, jd wrote: Hello, my names Josh and I'm new to Linux and computers in general and I thought you might be able to help me out on a few things.I was trying to access G.U.I front for my firewall and couldn't also the computer was acting strangely (more than usual, I'm running Fedore Core 4 and want to switch distro's) so I decided to reinstall as I didn't have much to lose.With a fresh installation I was hopeful that the problem would be remedied, all I have downloaded and installed to date are the alsa sound library's and utillity's and the drivers for my onboard sound (realtek, downloaded from the manufacturers site) so I dont think thats the source of the problem.Getting back to the problem, I was looking through my /usr/lib directory and found the following: lrwxrwxrwx1 root root 36 Mar 1 17:51 cracklib_dict.hwm - ../../usr/share/cracklib/pw_dict.hwm lrwxrwxrwx1 root root 36 Mar 1 17:51 cracklib_dict.pwd - ../../usr/share/cracklib/pw_dict.pwd lrwxrwxrwx1 root root 36 Mar 1 17:51 cracklib_dict.pwi - ../../usr/share/cracklib/pw_dict.pwi I used emacs to view the cracklib_dict.pwd file and found a huge list of names, words etc. I'm mostly worried about my computer being used maliciously by a hacker and was hoping you could help me out, any help would be much appreciated. Thankyou, Josh. -- Don Gould
Re: Dubious securuty?
On Fri, 03 Mar 2006 11:08, you wrote: JD, Great to see a new face on list. I can so relate! New ClarkConnect box I set up last week got hacked on Wednesday and is dead today. I'll be rebuilding it again next week with a little more security in mind. Puts a real downer on your computing day when you spend all week working hard on something to have some prick break it for you. My sympathies. Do you know how it was done? Do you now know how to prevent it? Can you document it here (even briefly) so that others can see what could happen, and how it can be avoided? Obviously stuff like this is only valid for a while until the next hack is fine-tuned. A
Re: Dubious securuty?
On Fri, 2006-03-03 at 11:26, Andrew Errington wrote: My sympathies. Do you know how it was done? Do you now know how to prevent it? Can you document it here (even briefly) so that others can see what could happen, and how it can be avoided? Obviously stuff like this is only valid for a while until the next hack is fine-tuned. I know that it doesn't work properly anymore. I know that it did work. I don't know exactly why it doesn't work. I do know that snort was reporting a large number of hits and blocked 30 to 40 ips I've turned it off today. I have to go to a wedding in Wellington this weekend so I won't have time to do anything about it today. I plan to put it back on line and publish the root password on list so that anyone who's interested can have a look and see if we can work out what killed it. Then next week I'm going to rebuild it. In some ways it's not a bad thing because it's forcing me to get really good at getting one of these boxes up and running. Wilber did most of the work on the first one for me. I've learnt how to use ndiswrapper but there still stuff I don't know. I've learnt how to configure most of the system but there's still stuff I need to know, so his efforts haven't been wasted. I'm leaving it off line today because there's still stuff on it that I need to pull off - like all Wilbers' work on the ndiswrapper stuff that we did to get the yoobo working. Cheers Don
Re: Dubious securuty?
On Fri, 03 Mar 2006 11:39:30 +1300 Don Gould wrote: On Fri, 2006-03-03 at 11:26, Andrew Errington wrote: My sympathies. Do you know how it was done? Do you now know how to prevent it? Can you document it here (even briefly) so that others can see what could happen, and how it can be avoided? Obviously stuff like this is only valid for a while until the next hack is fine-tuned. I know that it doesn't work properly anymore. I know that it did work. I don't know exactly why it doesn't work. So you don't know that it has been hacked, merely that it is not working. By the way, what do yo umean not working. What is and isn't it doing? I do know that snort was reporting a large number of hits and blocked 30 to 40 ips That is NOT a sign that it has been hacked. All machines on the internet receive connection attempts. I've turned it off today. I have to go to a wedding in Wellington this weekend so I won't have time to do anything about it today. I plan to put it back on line and publish the root password on list so that anyone who's interested can have a look and see if we can work out what killed it. Then next week I'm going to rebuild it. In some ways it's not a bad thing because it's forcing me to get really good at getting one of these boxes up and running. Wilber did most of the work on the first one for me. I've learnt how to use ndiswrapper but there still stuff I don't know. I've learnt how to configure most of the system but there's still stuff I need to know, so his efforts haven't been wasted. I'm leaving it off line today because there's still stuff on it that I need to pull off - like all Wilbers' work on the ndiswrapper stuff that we did to get the yoobo working. Cheers Don -- Nick Rout [EMAIL PROTECTED]
Re: Dubious securuty?
On Friday 03 March 2006 11:08, Don Gould wrote: I can so relate! New ClarkConnect box I set up last week got hacked on Wednesday and is dead today. Before you spend time re-building ClarkConnect you might like to consider using IPCop [1] instead. While it doesn't have the same level of facilities as ClarkConnect it is _much_ safer and sturdier. Many of us in CLUG use IPCop, I have for several years. The current version has survived being online for months. The d/l is of the order of 40 Megs or I can give you a CD. [1] http://ipcop.sf.net -- CS
Re: Dubious securuty?
On Fri, 2006-03-03 at 11:52, Nick Rout wrote: So you don't know that it has been hacked, merely that it is not working. By the way, what do yo umean not working. What is and isn't it doing? The users screen no longer shows any users. The proxy died. The web server died. The mail system seems to have issues. Either way it's not doing what it was meant to be doing and I don't recall doing anything to it myself that would have caused these issues. That is NOT a sign that it has been hacked. All machines on the internet receive connection attempts. Hummm I just smell a rat. Call me paronid but it all looks to sus that one second everythings going the next it's not. Either that or the software is really unstable, but I don't think that's the case because lots of other people use this stuff all the time without issues. I know that my root password wasn't very secure and my other two user accounts were even less secure. Cheers Don -- Don Gould
Re: Dubious securuty? Loyalty
Hi Chris, I choose to use cc out of loyalty to Wilber. He's been working on it for years now and always been my best oss supporter having spent hundreds of hours helping me learn oss after I was a die hard MS man. I have read an endless number of good things about IPCop. I am determined to get my head around cc and support it because of the support others have put into me. The next nix thing I'm going to change is my home workstation to run ubuntu because that seems to be the distro that everyone on clug like or raves about the most. I've used debian before and love it! I got into MDK because it is what my Wellington friends were using when I got home from Perth and they gave me some CDs. I also recall that I still owe Rob Fisher 4 blank cds and boxes because he flicked me a copy of MDK10 (I have a long memory for debts I own:) Cheers Don On Fri, 2006-03-03 at 11:53, Christopher Sawtell wrote: On Friday 03 March 2006 11:08, Don Gould wrote: I can so relate! New ClarkConnect box I set up last week got hacked on Wednesday and is dead today. Before you spend time re-building ClarkConnect you might like to consider using IPCop [1] instead. While it doesn't have the same level of facilities as ClarkConnect it is _much_ safer and sturdier. Many of us in CLUG use IPCop, I have for several years. The current version has survived being online for months. The d/l is of the order of 40 Megs or I can give you a CD. [1] http://ipcop.sf.net -- Don Gould
Re: Dubious securuty? Loyalty
On Friday 03 March 2006 12:03, Don Gould wrote: Hi Chris, I choose to use cc out of loyalty to Wilber. He's been working on it for years now and always been my best oss supporter having spent hundreds of hours helping me learn oss after I was a die hard MS man. I have read an endless number of good things about IPCop. I am determined to get my head around cc and support it because of the support others have put into me. I can understand that. The next nix thing I'm going to change is my home workstation to run ubuntu because that seems to be the distro that everyone on clug like or raves about the most. I've used debian before and love it! Steve Holdoway has downloaded a KUbuntu which has the new KDE and KOffice stuff included for us. I'm going to collect it this afternoon. You are welcome to a copy. I got into MDK because it is what my Wellington friends were using when I got home from Perth and they gave me some CDs. imho, Mandrake is a total flake hiding in a very pretty skin. I also recall that I still owe Rob Fisher 4 blank cds and boxes because he flicked me a copy of MDK10 (I have a long memory for debts I own:) Cheers Don On Fri, 2006-03-03 at 11:53, Christopher Sawtell wrote: On Friday 03 March 2006 11:08, Don Gould wrote: I can so relate! New ClarkConnect box I set up last week got hacked on Wednesday and is dead today. Before you spend time re-building ClarkConnect you might like to consider using IPCop [1] instead. While it doesn't have the same level of facilities as ClarkConnect it is _much_ safer and sturdier. Many of us in CLUG use IPCop, I have for several years. The current version has survived being online for months. The d/l is of the order of 40 Megs or I can give you a CD. [1] http://ipcop.sf.net -- CS
Re: Dubious securuty?
I meant to say not very discreet,I'll proof read from now on lol. jd wrote: Hello, my names Josh and I'm new to Linux and computers in general and I thought you might be able to help me out on a few things.I was trying to access G.U.I front for my firewall and couldn't also the computer was acting strangely (more than usual, I'm running Fedore Core 4 and want to switch distro's) so I decided to reinstall as I didn't have much to lose.With a fresh installation I was hopeful that the problem would be remedied, all I have downloaded and installed to date are the alsa sound library's and utillity's and the drivers for my onboard sound (realtek, downloaded from the manufacturers site) so I dont think thats the source of the problem.Getting back to the problem, I was looking through my /usr/lib directory and found the following: lrwxrwxrwx1 root root 36 Mar 1 17:51 cracklib_dict.hwm - ../../usr/share/cracklib/pw_dict.hwm lrwxrwxrwx1 root root 36 Mar 1 17:51 cracklib_dict.pwd - ../../usr/share/cracklib/pw_dict.pwd lrwxrwxrwx1 root root 36 Mar 1 17:51 cracklib_dict.pwi - ../../usr/share/cracklib/pw_dict.pwi I used emacs to view the cracklib_dict.pwd file and found a huge list of names, words etc. I'm mostly worried about my computer being used maliciously by a hacker and was hoping you could help me out, any help would be much appreciated. Thankyou, Josh.
Re: Dubious securuty?
On Thursday 02 March 2006 18:34, jd wrote: cracklib_dict This is the list of words which is used to tell the new user if (s)he has selected a readily crackable password when setting up her account. It's there for your protection. -- CS
Re: Dubious securuty?
Christopher Sawtell wrote: On Thursday 02 March 2006 18:34, jd wrote: cracklib_dict This is the list of words which is used to tell the new user if (s)he has selected a readily crackable password when setting up her account. It's there for your protection. Thank you for taking the time out to answer a paranoid novices question. I would still would like to change distributions. Could anyone give me recommendations and possibly sell me a distribution.Also make some recommendations on Linux/computer courses, I obviously have a lot to learn. Thank you again, Josh.
Re: Dubious securuty?
On Thu, 2006-03-02 at 19:04 +1300, jd wrote: Thank you for taking the time out to answer a paranoid novices question. I would still would like to change distributions. Could anyone give me recommendations and possibly sell me a distribution. Your average distribution is down-loadable from the respective websites. For a novice I strongly suggest Ubuntu (or Kubuntu depending upon your preference of GNOME vs KDE). --Slosh
Re: Dubious securuty?
On Thu, 2006-03-02 at 19:04 +1300, jd wrote: Could anyone give me recommendations ...? Thank you again, Josh. I like Ubuntu. I have a few CDs to give away but they're out of date. Are people in general receiving the latest mail-out of free discs?
Re: Dubious securuty?
On Thu, 02 Mar 2006 7:13 pm, Ken McAllister wrote: On Thu, 2006-03-02 at 19:04 +1300, jd wrote: Could anyone give me recommendations ...? Thank you again, Josh. I like Ubuntu. I have a few CDs to give away but they're out of date. Are people in general receiving the latest mail-out of free discs? I am currently downloading the latest Mepis CD. I like Mepis. It is easy to install and good with hardware detection. Let me know if you want a CD burnt. -- Regards, Robert -- Robert Fisher (aka - Rob, Bob, Robbie, Robbo, Fish) FishNet Computer Electrical Services www.fisher.net.nz Phone: 03 383 5807 Mobile: 027 477 3356
