Re: Firewall - basic config?

[Michael Milliman]

On 04/23/2016 01:01 PM, Reco wrote:

Hi.

On Sat, 23 Apr 2016 13:04:36 -0400
Harris Paltrowitz  wrote:


Hi List,

I have a question regarding how I've configured my iptables to act as a
very basic "firewall", i.e., one that simply prevents any and all
incoming connections.  Now, from my readings over the past several days
I think I've learned that at least some of my outgoing requests will
have responses that should be allowed to come back in -- but aside from
that, I essentially want my firewall to act in a very "default" method,
i.e., the way a complete neophyte would expect his or her firewall to
work within Windows or Mac.

Here's what I did -- I will also paste the results of my current
"iptables -L" command...  I hope the text block is not too large...

No, it's not large. Somewhat complex, but that's the price to pay for
using ufw.

For the reference, the simpliest possible set of netfilter rules that
does what you want is (assuming static IP assignment, no DHCP):

iptables -F INPUT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m conntrack --ctstate INVALID -j DROP
iptables -A INPUT -p icmp --icmp-type 3 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -p tcp -m conntrack --ctstate RELATED,ESTABLISHED \
-j ACCEPT
iptables -A INPUT -p udp -m conntrack --ctstate RELATED,ESTABLISHED \
-j ACCEPT
iptables -P INPUT DROP
iptables -F FORWARD
iptables -P FORWARD DROP
iptables -F OUTPUT
iptables -P OUTPUT ACCEPT



1. First, my issue with manually configuring iptables is not the
complexity of it, per se -- but the fact that I want to avoid having my
newness to it prevent me from setting it up in an insecure manner.  So...

You already allowed more holes in INPUT chain that you described.



2. I found that "ufw" works as a line-command-based-front-end to
iptables.  I also came across "gufw" in my travels, and I even tried it,
but I've since gleaned that all that's really needed in ufw to
completely mimic the basic functionality of gufw is to (a) install ufw,
and (b) enable it -- one does not even need to establish the default
policies, although the Debian wiki page incorrectly states that this is
necessary.

There are numerous frontends to iptables. IMO they do simple things
complex way and require really strange kludges to do complex things.
Your iptables is an excellent example of the first of those approaches.

If 'raw' iptables are not your cup of tea - consider using firewalld
and firewall-applet.



3. So after having installed and enabled ufw, here's the output of my
"iptables -L" command.  I noticed a mention of "microsoft-ds" in
there...  I assume this is just a protocol, and not a piece of
software!

Indeed it's a protocol. I prefer 'iptables -nvL' or straightforward
'iptables-save' in such cases.


  Any suggestions/comments would be much appreciated. Thanks
very much.

Assuming you'd want to keep ufw, you'd need to worry about:


Chain ufw-after-input (1 references)
target prot opt source   destination
ufw-skip-to-policy-input  udp  --  anywhere anywhere udp
dpt:netbios-ns
ufw-skip-to-policy-input  udp  --  anywhere anywhere udp
dpt:netbios-dgm
ufw-skip-to-policy-input  tcp  --  anywhere anywhere tcp
dpt:netbios-ssn
ufw-skip-to-policy-input  tcp  --  anywhere anywhere tcp
dpt:microsoft-ds

There's no reason to accept these unless you're using Samba (either
the server or client).
However, if you look at the ufw-skip-to-policy-input chain, it simply 
DROPs everything, so there is no hole here, as far as I can tell.  
Indeed, this chain specifies all protocols, from anywhere to anywhere, 
target DROP. So, in the end, all packets to these destination ports 
(dpt) are DROPed.



ufw-skip-to-policy-input  udp  --  anywhere anywhere udp
dpt:bootps

There's no reason to allow udp:67 unless you're a DHCP server.

Again, see above, ufw-skip-to-policy-input will DROP these packets.



ufw-skip-to-policy-input  udp  --  anywhere anywhere udp
dpt:bootpc

Have some use for DHCP client, but this rule is unnecessary weak.

See above.




ACCEPT udp  --  anywhere anywhere udp
spt:bootps dpt:bootpc

So, first they compose a perfectly good rule for DHCP client
(ufw-before-input chain), but then they allow udp:68 unconditionally in
ufw-after-input chain. I'll assume that something very clever is going
on here.
Correct me if I'm wrong, however, the ufw-before-input chain concerns me 
greatly.  The first rule here ACCEPTs all packets of all protocols 
coming from anywhere and going to anywhere.  This appears to be an 
incredibly big hole.  The above rule Reco mentions, will never be seen 
as it is quite a bit further down the chain, after everything has 
already been ACCEPTed.  Surely, I'm reading something wrong?:-\





ufw-not-local  all  --  anywhere anywhere
ACCEPT udp  --  anywhere 

(Off Topic) Enlazar dos servidores openfire version 4.0.1

[ariel]

Hola lista acudo a ustedes puesto que he buscado e intentado varias cosas
y ya me he quedado sin ideas, antes recuerdo que con versiones muy viejas
de openfire podia enlazar dos o mas servidores, resulta que hace poco baje
la version 4.0.1 y me di a la tarea de tratar de enlazar dos servidores
openfire de esta version los cuales se encuentran incluso en el mismo
segmento de red sin ningun resultado positivo, al ir al apartado se
sesiones donde deben aparecer los servidores enlazados no aparece ninguna
sesion activa, ya he probado ambas variantes permitiendo que cualquier
servidor openfire se conecte como tambien permitiendo estos servidores en
la lista blanca y nada de nada.
como datos adicionales:
debian8
openfire 4.0.1 he probado tanto con usuarios en la base de datos internas
de openfire o con mysql
no tiene ningun cortafuegos ambos servidores.
al hacer telnet al puerto 5269 desde ambos servidores se conecta sin
problemas.

alguna idea???

gracias de antemano por su acostumbrada ayuda.


-
Consejo Nacional de Casas de Cultura
http://www.casasdecultura.cult.cu

Re: [Dúvida] - Ler PDF em voz alta.

[Gustavo Rodrigues]

Descobri. Você faz o seguinte.. Liga o leitor de tela (orca), depois
abra o pdf que você quer ler usando o evince, e aperte F7 e depois
habilitar.
Ai você vai usar as setas do teclado para navegar pelo documento, e na
linha onde o cursor estiver será lida em voz alta pelo sintetizador de
voz.

Em 23 de abril de 2016 16:21, Alexandre
 escreveu:
>
> Olá Gustavo;
>
>   Obrigado, mais ele usa o Mate (procuro uma solução nessa linha),
> já tinha tentando o Okular, mais a opção de ler está esmaecida, no
> Acrobat ele ativa a opção mais não sai som.
>
> Abraços
>
> Em 21-04-2016 19:08, Gustavo Rodrigues escreveu:
>> Boa noite.
>>
>> Amigo, no kde é fácil fazer isso funcionar usando o jovie, basta usar
>> o okular e ir no menu ferramentas e depois ler o texto inteiro.
>> Testei aqui em um pdf e ele está lendo o texto normalmente em português.
>> Para configurar, vá nas configurações do sistema, acessibilidade,
>> sintetizador de voz, e adicione um locutor em português. Daí é só
>> selecionar a opção no menu do okular.
>>
>> Abraços
>>
>> Em 21 de abril de 2016 16:48, Alexandre
>>  escreveu:
>>> Olá Thiago;
>>>
>>>   Obrigado, eu já tenho o gnome-orca instalado, mais ele não lê o
>>> conteúdo do pdf.
>>>
>>>   Instalei o acrobat pois o mesmo tem essa opção de ler em voz alta,
>>> mais no Gnu/Linux, não consegui fazer funcionar.]
>>>
>>>   Tentei no okular, evince,  atril e nenhum deles lê o PDF em alta.
>>>
>>> Abraços
>>>
>>> Em 21-04-2016 15:29, Thiago escreveu:
 Instale o gnome-orca

 Não é o software não-livre 'adobe reader' que fará isso funcionar.

 Tente o Evince ou Atril, são os dois mais simples, leves e funcionais
 para Mate Desktop.

 Acredito que o gnome-orca faz o que ele precisa.

 Em 21-04-2016 15:08, Alexandre escreveu:
> Olá a todos;
>
>   Tenho um amigo que é deficiente visual e coloquei o Debian 8 +
> Mate para ele, porém não consigo "tocar os pdf", ler em voz alta,
> mesmo instalado o acrobar reader  8 Pt-br.
>
>   Se tiverem outra recomendações de acessibilidade eu agradeço, mas
> o foco seria ler em voz alta o pdf.
>
>
>   Alguém poderia me ajudar?
>
> Abraços
>
>
>
>

Re: Installing tt-rss

[Rainer Dorsch]

Hi,

I switched to postgresql, which makes tt-rss now working for me after 
installing a few other packages

# apt-get install dbconfig-pgsql 
# apt-get install postgresql-9.5
# apt-get install php-pgsql 
# apt-get install tt-rss

Thanks,
Rainer

-- 
Rainer Dorsch
http://bokomoko.de/

Re: Nautilus et taille des fichiers en binaires

[Gaëtan PERRIER]

Le Sat, 23 Apr 2016 22:06:07 +0200
andre_deb...@numericable.fr a écrit:

> 
> > Dans les maths purs 1K n'existe pas. C'est 1k ...
> > Gaëtan
> 
> C'est bien "K" (Kio) et non k => 1 kibioctet (Kio) 
> 

Ce n'est pas ça que je voulais dire. Mais que pour 1000 c'est k et non
K. Ensuite en informatique on a utilisé K pour 1024 mais quand plus tard les
capacités ont augmenté il y a eu le problème avec million qui était déjà de
base un M (m étant pour milli) donc on a inventé les notations avec les i
(Kio, Mio, Gio, etc.)

Gaëtan

Re: TCP/IP over Bluetooth

[John Hasler]

Gene writes:
> But thats a good idea for genuine ham, but so much crap gets thru I'd
> still have to go thru it and clean it up before sa-learn saw it.  Its
> a thankless task for sure.

I have Mailagent delete all high-scoring spam so that I never see it
all.  Low-scoring spam is sorted to my spam folder by Gnus.  When
Spamassassin is working well there are only half a dozen of those a day
so it's easy to review them all and put them where they belong if they
aren't spam.  I see maybe one or two untagged spams a day: I move those
to the spam folder where sa-learn will see them.

Mailagent also has a whitelist and a blacklist.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: Nautilus et taille des fichiers en binaires

[andre_debian]

On Saturday 23 April 2016 20:08:37 nicolas.patr...@gmail.com wrote:
> Le 23/04/2016 19:46:42, andre_deb...@numericable.fr a écrit :

> > En informatique 1K = 1.024,
> > et pour ne pas mélanger avec les maths purs : 1K = 1.000,
> > on écrit : 1 Ki = 1024 bits, 1kiO = 1.024 Octets, 1kiB = 1024 
> > Bytes...

> Non non, ceci n’a plus cours maintenant.
> 1k bidules = 1000 bidules.
> 1Ki bidules = 1024 bidules :

Et oui, allez savoir qui met le souk :

Non, c'est en fait 1 kibi (Kio) bidules = 1024

> Et ce, quels que soient les bidules.
> Bon, certains utilisent encore le 1K pour dire 1000.
> Quel souk…

> Dans les maths purs 1K n'existe pas. C'est 1k ...
> Gaëtan

C'est bien "K" (Kio) et non k => 1 kibioctet (Kio) 

www.google.fr/search?q=kio+bits=utf-8=utf-8_rd=cr=_dIbV_ClOuWCgAbBiIqQBQ

https://fr.wikipedia.org/wiki/Octet

En résumé :
kibi pour « kilo binaire » ;
mébi pour « méga binaire » ;
gibi pour « giga binaire » ;
tébi pour « téra binaire » ;
et ainsi de suite.

Concernant les multiples de l'octet, cela donne :
1 kibioctet (Kio) = 210 octets  = 1 024 octets
1 mébioctet (Mio) = 220 octets = 1 024 Kio = 1 048 576 octets
1 gibioctet (Gio) = 230 octets = 1 024 Mio = 1 073 741 824 octets
1 tébioctet (Tio) = 240 octets = 1 024 Gio = 1 099 511 627 776 octets
1 pébioctet (Pio) = 250 octets = 1 024 Tio = 1 125 899 906 842 624 octets
1 exbioctet (Eio) = 260 octets = 1 024 Pio = 1 152 921 504 606 846 976 octets
1 zébioctet (Zio) = 270 octets = 1 024 Eio = 1 180 591 620 717 411 303 424 
octets
1 yobioctet (Yio) = 280 octets  = 1 024 Zio = 1 208 925 819 614 629 174 706 
176 octets

André

Re: Firewall - basic config?

[Joe]

On Sat, 23 Apr 2016 13:04:36 -0400
Harris Paltrowitz  wrote:


>   I noticed a mention of "microsoft-ds" in 
> there...  I assume this is just a protocol, and not a piece of 
> software!  

Yes, iptables is being helpful in giving you a common name for the port
or protocol used. It picks the name out of /etc/services, which is a
useful file to know about. There is also an /etc/protocols, which is a
list of actual IP protocols, but this is not as generally useful, tcp,
udp and icmp are the commonly-used ones. Many VPNs use other IP
protocols to carry the encrypted traffic.

Reco suggests using iptables -nvL which will give numeric IP addresses
and CIDR ranges, and avoid looking up either service names or DNS.

You might also try iptables -S which will list the rules in the form
that you would enter by hand as arguments to the iptables command. It is
a different view, and you may see things that are less obvious in the
-L view.

Remember that IPv6 is alive and well in quite a lot of hardware these
days, and there is an ip6tables to deal with it.

-- 
Joe

Re: [Dúvida] - Ler PDF em voz alta.

[Alexandre]

Olá Gustavo;

  Obrigado, mais ele usa o Mate (procuro uma solução nessa linha),
já tinha tentando o Okular, mais a opção de ler está esmaecida, no
Acrobat ele ativa a opção mais não sai som.

Abraços

Em 21-04-2016 19:08, Gustavo Rodrigues escreveu:

Boa noite.

Amigo, no kde é fácil fazer isso funcionar usando o jovie, basta usar
o okular e ir no menu ferramentas e depois ler o texto inteiro.
Testei aqui em um pdf e ele está lendo o texto normalmente em português.
Para configurar, vá nas configurações do sistema, acessibilidade,
sintetizador de voz, e adicione um locutor em português. Daí é só
selecionar a opção no menu do okular.

Abraços

Em 21 de abril de 2016 16:48, Alexandre
 escreveu:

Olá Thiago;

  Obrigado, eu já tenho o gnome-orca instalado, mais ele não lê o
conteúdo do pdf.

  Instalei o acrobat pois o mesmo tem essa opção de ler em voz alta,
mais no Gnu/Linux, não consegui fazer funcionar.]

  Tentei no okular, evince,  atril e nenhum deles lê o PDF em alta.

Abraços

Em 21-04-2016 15:29, Thiago escreveu:

Instale o gnome-orca

Não é o software não-livre 'adobe reader' que fará isso funcionar.

Tente o Evince ou Atril, são os dois mais simples, leves e funcionais
para Mate Desktop.

Acredito que o gnome-orca faz o que ele precisa.

Em 21-04-2016 15:08, Alexandre escreveu:

Olá a todos;

  Tenho um amigo que é deficiente visual e coloquei o Debian 8 +
Mate para ele, porém não consigo "tocar os pdf", ler em voz alta,
mesmo instalado o acrobar reader  8 Pt-br.

  Se tiverem outra recomendações de acessibilidade eu agradeço, mas
o foco seria ler em voz alta o pdf.


  Alguém poderia me ajudar?

Abraços

Re: TCP/IP over Bluetooth

[Gene Heskett]

On Saturday 23 April 2016 13:57:08 John Hasler wrote:

> > Thanks for making me think of that and the fact that over the last
> > 10 years, the only ham its seen are its mistakes. So this question
> > might have had the seeds of something to help. :)
>
> My scripts copy all new non-spam to a ham directory which is fed to
> sa-learn every night and then the contents of both the ham and the
> spam directories are deleted.

Humm, I don't delete the ham, but drag & drop it to whatever folder it 
goes to after its spent a day or so in the ham directory. I move the 
detected spam to a spam-hold directory in case I neglect to check for a 
day as its catching the order confirmations from ebay because ebay just 
has to use 99% of the confirmation message to sell more usually 
unrelated crap, and that spam-hold is deleted on the next sa-learn run.  
But thats a good idea for genuine ham, but so much crap gets thru I'd 
still have to go thru it and clean it up before sa-learn saw it.
Its a thankless task for sure.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: TCP/IP over Bluetooth

[Gene Heskett]

On Saturday 23 April 2016 13:01:33 Gene Heskett wrote:

> On Saturday 23 April 2016 10:35:12 John Hasler wrote:
> > Gene writes:
> > > Spamassassin, after several years of being fed all of that stuff
> > > via a daily sa-learn -spam command on that resting directory,
> > > still only catches 10% of it.
> >
> > Interesting.  For me it catches 90%.  Do you feed it both spam and
> > ham?
>
> I feed it ham by moving stuff it should catch to the ham directory so
Ancient fingers! should s/b shouldn't above.
> its treated as ham on the next runs of sa-learn.  I could add a weekly
> sa-learn --ham session, nameing one or more of the cleaner folders
> from the mailing lists I suppose.  It was initially run over my
> cleaned up coco folder, which is several gigabytes of quite clean ham.
>  The initial run was many years ago.  Or, I suppose, I could use an
> int rnd(number of good folders) and the a stack of ifelses to do a
> name substitution based on the number and have it read them all at
> random intervals.
>
> I should restrict the number of folders to those that I do have expiry
> times set on though.  Not all folders have expiry setup.  Those that I
> have primary interests in are here until I have an HD crash and no
> backups.  Since I run amanda every night, using a second HD as virtual
> tapes, that chance ranges from slim to point triple ought zip.  I may
> have the last blackout first at my age. :(
>
> ATM I'm making parts for my mill on my lathe for another project that
> will triple the speed of the z axis on my mill, but there may be a
> down time before those replacement motor and driver parts all arrive
> in the next 2 weeks or so when I can slice up some bash code to do
> that.
>
> Thanks for making me think of that and the fact that over the last 10
> years, the only ham its seen are its mistakes. So this question might
> have had the seeds of something to help. :)
>
> Cheers, Gene Heskett


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: Re : Nautilus et taille des fichiers en binaires

[Yves Rutschle]

On Sat, Apr 23, 2016 at 08:08:37PM +0200, nicolas.patr...@gmail.com wrote:
> Non non, ceci n’a plus cours maintenant.
> 1k bidules = 1000 bidules.
> 1Ki bidules = 1024 bidules.
> Et ce, quels que soient les bidules.
> Bon, certains utilisent encore le 1K pour dire 1000.
> Quel souk…

Il me semble aussi que les constructeurs de disques font des
GB qui font 1000MB, et des MB qui font 1000KB, et des KB qui
font 1024 octets.

Bref, la seule taille fiable, c'est le nombre de bits :-)

Y.

Re: Nautilus et taille des fichiers en binaires

[Gaëtan PERRIER]

Le Sat, 23 Apr 2016 19:46:42 +0200
andre_deb...@numericable.fr a écrit:

> On Saturday 23 April 2016 19:14:53 nicolas.patr...@gmail.com wrote:
> > Le 23/04/2016 18:31:17, Yves Rutschle a écrit :
> > > Non, avec 1KB = 1024 octets.
> 
> > Non, 1KiB=1024B, 1kB=1000B.
> > https://en.wikipedia.org/wiki/Binary_prefix
> 
> En informatique 1K = 1.024,
> et pour ne pas mélanger avec les maths purs : 1K = 1.000,
> on écrit : 1 Ki = 1024 bits, 1kiO = 1.024 Octets, 1kiB = 1024 Bytes...
> :-)

Dans les maths purs 1K n'existe pas. C'est 1k ...

Gaëtan

Re : Nautilus et taille des fichiers en binaires

[nicolas . patrois]

Le 23/04/2016 19:46:42, andre_deb...@numericable.fr a écrit :

> En informatique 1K = 1.024,
> et pour ne pas mélanger avec les maths purs : 1K = 1.000,
> on écrit : 1 Ki = 1024 bits, 1kiO = 1.024 Octets, 1kiB = 1024 
> Bytes...

Non non, ceci n’a plus cours maintenant.
1k bidules = 1000 bidules.
1Ki bidules = 1024 bidules.
Et ce, quels que soient les bidules.
Bon, certains utilisent encore le 1K pour dire 1000.
Quel souk…

nicolas patrois : pts noir asocial
-- 
RÉALISME

M : Qu'est-ce qu'il nous faudrait pour qu'on nous considère comme des 
humains ? Un cerveau plus gros ?
P : Non... Une carte bleue suffirait...

Re: lavantar servidor vnc por ssh

[Billy Yeffry Fernández Rodríguez]

El día 23 de abril de 2016, 13:29, Camaleón  escribió:
> El Sat, 23 Apr 2016 12:39:32 -0400, Billy Yeffry Fernández Rodríguez
> escribió:
>
>> El día 23 de abril de 2016, 11:36, Camaleón 
>> escribió:
>
> (...)
>
 Que me sugieren en mi caso?
>>>
>>> Pues tener configuradas en el cliente alguna de estas opciones:
>>>
>>> https://help.ubuntu.com/community/VNC/Servers
>>>
>>> Para un caso esporádico y rápido, ssh con sesión gráfica (-X) te
>>> permite ejecutar aplicaciones en remoto.
>>>
>>>
>> He probado con el x11vnc al ejecutarlo de la siguiente forma por ssh:
>>
>> x11vnc -display :0
>>
>> asumiendo que el usuario se esncuentra trabajando graficamente en :0 el
>> programa corre y cuando corro el cliente vnc en mi computadora y pongo
>> la ip (uso remmina) entonces detecta la conexion pero inmediatamente se
>> cierra, el programa x11vnc inmediatamente deja de correr en la maquina
>> remota, este no lanza ningun error.
>>
>> El equipo remoto tiene una instalacion minima de debian: solo tiene
>> xorg, lightdm, rdesktop, openssh-server y x11vnc.
>
> (...)
>
> Quizá te falte configurar la autentificación, sigue estos pasos:
>
> https://help.ubuntu.com/community/VNC/Servers#x11vnc
>
> Saludos,
>
> --
> Camaleón
>


ya probe lo siguiente:

use x11vnc -storepasswd para que me generara la clave.

por el ssh ejecuto:

x11vnc -auth guess -forever -loop -noxdamage -repeat -rfbauth
/home/terashop/.vnc/passwd -rfbport 5900 -shared

tambien probe agregandole -display :0

en ambos casos obtuve el mismo resultado: cuando trato de conectarme
efectivamente me pide la clave, me dibuja la pantalla del tamaño de mi
resolucion, y paff! se cierra inmediatamente.

:/

Re: Firewall - basic config?

[Reco]

Hi.

On Sat, 23 Apr 2016 13:04:36 -0400
Harris Paltrowitz  wrote:

> Hi List,
> 
> I have a question regarding how I've configured my iptables to act as a 
> very basic "firewall", i.e., one that simply prevents any and all 
> incoming connections.  Now, from my readings over the past several days 
> I think I've learned that at least some of my outgoing requests will 
> have responses that should be allowed to come back in -- but aside from 
> that, I essentially want my firewall to act in a very "default" method, 
> i.e., the way a complete neophyte would expect his or her firewall to 
> work within Windows or Mac.
> 
> Here's what I did -- I will also paste the results of my current 
> "iptables -L" command...  I hope the text block is not too large...

No, it's not large. Somewhat complex, but that's the price to pay for
using ufw.

For the reference, the simpliest possible set of netfilter rules that
does what you want is (assuming static IP assignment, no DHCP):

iptables -F INPUT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m conntrack --ctstate INVALID -j DROP
iptables -A INPUT -p icmp --icmp-type 3 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -p tcp -m conntrack --ctstate RELATED,ESTABLISHED \
-j ACCEPT
iptables -A INPUT -p udp -m conntrack --ctstate RELATED,ESTABLISHED \
-j ACCEPT
iptables -P INPUT DROP
iptables -F FORWARD
iptables -P FORWARD DROP
iptables -F OUTPUT
iptables -P OUTPUT ACCEPT


> 1. First, my issue with manually configuring iptables is not the 
> complexity of it, per se -- but the fact that I want to avoid having my 
> newness to it prevent me from setting it up in an insecure manner.  So...

You already allowed more holes in INPUT chain that you described. 


> 2. I found that "ufw" works as a line-command-based-front-end to 
> iptables.  I also came across "gufw" in my travels, and I even tried it, 
> but I've since gleaned that all that's really needed in ufw to 
> completely mimic the basic functionality of gufw is to (a) install ufw, 
> and (b) enable it -- one does not even need to establish the default 
> policies, although the Debian wiki page incorrectly states that this is 
> necessary.

There are numerous frontends to iptables. IMO they do simple things
complex way and require really strange kludges to do complex things.
Your iptables is an excellent example of the first of those approaches.

If 'raw' iptables are not your cup of tea - consider using firewalld
and firewall-applet.


> 3. So after having installed and enabled ufw, here's the output of my 
> "iptables -L" command.  I noticed a mention of "microsoft-ds" in 
> there...  I assume this is just a protocol, and not a piece of 
> software!

Indeed it's a protocol. I prefer 'iptables -nvL' or straightforward
'iptables-save' in such cases.

>  Any suggestions/comments would be much appreciated. Thanks 
> very much.

Assuming you'd want to keep ufw, you'd need to worry about:

> Chain ufw-after-input (1 references)
> target prot opt source   destination
> ufw-skip-to-policy-input  udp  --  anywhere anywhere udp 
> dpt:netbios-ns
> ufw-skip-to-policy-input  udp  --  anywhere anywhere udp 
> dpt:netbios-dgm
> ufw-skip-to-policy-input  tcp  --  anywhere anywhere tcp 
> dpt:netbios-ssn
> ufw-skip-to-policy-input  tcp  --  anywhere anywhere tcp 
> dpt:microsoft-ds

There's no reason to accept these unless you're using Samba (either
the server or client).

> ufw-skip-to-policy-input  udp  --  anywhere anywhere udp 
> dpt:bootps

There's no reason to allow udp:67 unless you're a DHCP server.

> ufw-skip-to-policy-input  udp  --  anywhere anywhere udp 
> dpt:bootpc

Have some use for DHCP client, but this rule is unnecessary weak.


> ACCEPT udp  --  anywhere anywhere udp 
> spt:bootps dpt:bootpc

So, first they compose a perfectly good rule for DHCP client
(ufw-before-input chain), but then they allow udp:68 unconditionally in
ufw-after-input chain. I'll assume that something very clever is going
on here.

> ufw-not-local  all  --  anywhere anywhere
> ACCEPT udp  --  anywhere 224.0.0.251  udp dpt:mdns

Useful for Avahi users, no reason to allow this otherwise.

> ACCEPT udp  --  anywhere 239.255.255.250  udp dpt:1900
> ufw-user-input  all  --  anywhere anywhere

No reason to allow UPnP unless you're planning to use this host as a
firewall/router.


All other rules have nothing to catch my eye.

Reco

Re: TCP/IP over Bluetooth

[John Hasler]

> Thanks for making me think of that and the fact that over the last 10
> years, the only ham its seen are its mistakes. So this question might
> have had the seeds of something to help. :)

My scripts copy all new non-spam to a ham directory which is fed to
sa-learn every night and then the contents of both the ham and the
spam directories are deleted.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: Nautilus et taille des fichiers en binaires

[andre_debian]

On Saturday 23 April 2016 19:14:53 nicolas.patr...@gmail.com wrote:
> Le 23/04/2016 18:31:17, Yves Rutschle a écrit :
> > Non, avec 1KB = 1024 octets.

> Non, 1KiB=1024B, 1kB=1000B.
> https://en.wikipedia.org/wiki/Binary_prefix

En informatique 1K = 1.024,
et pour ne pas mélanger avec les maths purs : 1K = 1.000,
on écrit : 1 Ki = 1024 bits, 1kiO = 1.024 Octets, 1kiB = 1024 Bytes...
:-)

André

Re: Nautilus et taille des fichiers en binaires

[Gaëtan PERRIER]

Le Sat, 23 Apr 2016 17:58:28 +0200
Haricophile  a écrit:

> Le Sat, 23 Apr 2016 15:45:48 +0200,
> Gaëtan PERRIER  a écrit :
> 
> > Non ce que je souhaite c'est que pour un fichier de 32768 octets ça
> > affiche 32K et non 32,8K
> 
> Ah ! J'avions pas compris ça. Il y a un paramètre que tu peux
> régler avec gsettings ou dconf-editor et peut-être dans l'interface :
> use-iec-units
> 

T'es sur parce que je n'ai pas trouvé ?

La completion auto quand je fais

gsettings set org.gnome.nautilus.preferences 

donne:

always-use-location-entry 
bulk-rename-tool 
click-policy 
confirm-trash 
default-folder-viewer 
default-sort-in-reverse-order 
default-sort-order 
enable-recursive-search 
executable-text-activation 
install-mime-activation 
list-view-on-search 
mouse-back-button 
mouse-forward-button 
mouse-use-extra-buttons 
open-folder-on-dnd-hover 
show-directory-item-counts 
show-hidden-files 
show-image-thumbnails 
show-move-to-trash-shortcut-changed-dialog 
sort-directories-first 
tabs-open-position 
thumbnail-limit 

Re: Nautilus et taille des fichiers en binaires

[Gaëtan PERRIER]

Le Sat, 23 Apr 2016 19:22:32 +0200
Eric  a écrit:

> 
> 
> Le 23/04/2016 18:31, Yves Rutschle a écrit :
> > On Sat, Apr 23, 2016 at 04:06:38PM +0200, err404 wrote:
> >>> Non ce que je souhaite c'est que pour un fichier de 32768 octets ça
> >>> affiche 32K et non 32,8K
> >>>
> >> ah ok, sans les décimales...
> > Non, avec 1KB = 1024 octets.
> >
> > Y.
> >
> >
> Je comprends plus là , c'est pas du binaire ça ...

Ben c'est de la base 2 pourtant ;)

Re: Test version of the system.

[Michael Fothergill]

On 23 April 2016 at 18:01, amd amd  wrote:

>
> At this point in time , none of the test version does not work, weekly,
> and daily sid broken after the installation will not start. The last
> working test sid was released 14.3.2016 .
>

​This is a bit delphic

Please can you tell us what cpu and motherboard you have etc (I assume you
are not using an IBM 390).

Regards

Michael Fothergill​

Re: Test version of the system.

[Gary Dale]

On 23/04/16 01:01 PM, amd amd wrote:


At this point in time , none of the test version does not work, 
weekly, and daily sid broken after the installation will not start. 
The last working test sid was released 14.3.2016 . 


Sid is unstable. Testing is currently Stretch. Stretch works somewhat, 
although the KDE implementation remains problematic (Dolphin, for 
example, crashes frequently).


If you want a system that works, use Jessie. It's quite stable and very 
useful. If you are using stretch or sid, expect problems.

Re: lavantar servidor vnc por ssh

[Camaleón]

El Sat, 23 Apr 2016 12:39:32 -0400, Billy Yeffry Fernández Rodríguez
escribió:

> El día 23 de abril de 2016, 11:36, Camaleón 
> escribió:

(...)

>>> Que me sugieren en mi caso?
>>
>> Pues tener configuradas en el cliente alguna de estas opciones:
>>
>> https://help.ubuntu.com/community/VNC/Servers
>>
>> Para un caso esporádico y rápido, ssh con sesión gráfica (-X) te
>> permite ejecutar aplicaciones en remoto.
>>
>>
> He probado con el x11vnc al ejecutarlo de la siguiente forma por ssh:
> 
> x11vnc -display :0
> 
> asumiendo que el usuario se esncuentra trabajando graficamente en :0 el
> programa corre y cuando corro el cliente vnc en mi computadora y pongo
> la ip (uso remmina) entonces detecta la conexion pero inmediatamente se
> cierra, el programa x11vnc inmediatamente deja de correr en la maquina
> remota, este no lanza ningun error.
> 
> El equipo remoto tiene una instalacion minima de debian: solo tiene
> xorg, lightdm, rdesktop, openssh-server y x11vnc.

(...)

Quizá te falte configurar la autentificación, sigue estos pasos:

https://help.ubuntu.com/community/VNC/Servers#x11vnc

Saludos,

-- 
Camaleón

Re: lavantar servidor vnc por ssh

[Billy Yeffry Fernández Rodríguez]

El día 23 de abril de 2016, 13:21, fernando sainz
 escribió:
> El día 23 de abril de 2016, 19:15, fernando sainz
>  escribió:
>> El día 23 de abril de 2016, 19:11, Billy Yeffry Fernández Rodríguez
>>  escribió:
>>> El día 23 de abril de 2016, 12:58, fernando sainz
>>>  escribió:
 El día 23 de abril de 2016, 18:39, Billy Yeffry Fernández Rodríguez
  escribió:
> El día 23 de abril de 2016, 11:36, Camaleón  escribió:
>> El Sat, 23 Apr 2016 10:37:17 -0400, Billy Yeffry Fernández Rodríguez
>> escribió:
>>
>>> como puedo conectarme via ssh a un equipo remoto para ya luego correr el
>>> vnc server en la maquina remota y de esta manera tomar el control de la
>>> sesion X del usuario de esa maquina (claro, yo me conectare usando un
>>> cliente vnc desde mi equipo)
>>
>> Para conectarte vía ssh tienes que tener cuenta:
>>
>> 1/ Equipo cliente con servidor ssh ejecutándose y configurado para
>> aceptar peticiones
>>
>> 2/ Cortafuegos con los puertos requeridos abiertos
>>
>>> Que hacen ustedes en estos casos cuando tienen que dar soporte a un
>>> equipo remoto y tienen que tomar control de la sesion grafica?
>>
>> En windows TeamViewer es una joyita pero en Linux necesita Wine si mal no
>> recuerdo lo cual no me termina de convencer.
>>
>>> Que me sugieren en mi caso?
>>
>> Pues tener configuradas en el cliente alguna de estas opciones:
>>
>> https://help.ubuntu.com/community/VNC/Servers
>>
>> Para un caso esporádico y rápido, ssh con sesión gráfica (-X) te permite
>> ejecutar aplicaciones en remoto.
>>
>> Saludos,
>>
>> --
>> Camaleón
>>
>
> He probado con el x11vnc al ejecutarlo de la siguiente forma por ssh:
>
> x11vnc -display :0
>
> asumiendo que el usuario se esncuentra trabajando graficamente en :0
> el programa corre y cuando corro el cliente vnc en mi computadora y
> pongo la ip (uso remmina) entonces detecta la conexion pero
> inmediatamente se cierra, el programa x11vnc inmediatamente deja de
> correr en la maquina remota, este no lanza ningun error.
>
> El equipo remoto tiene una instalacion minima de debian: solo tiene
> xorg, lightdm, rdesktop, openssh-server y x11vnc.
>
> No se si me faltara alguna otra cosa. Descarto la idea de Teamviewer
> porque el equipo remoto es un thinkclient, y tan solo tiene 2G de
> espacio, y la idea es que el usuario no tenga contacto con ninguna
> aplicacion local de linux. Tan solo se conecta remotamente a windows
> server.
>


 http://linux.die.net/man/1/x11vnc

 By default x11vnc will not allow the screen to be shared and it will
 exit as soon as the client disconnects. See -shared and -forever below
 to override these protections. See the FAQ for details how to tunnel
 the VNC connection through an encrypted channel such as ssh(1). In
 brief:

 ssh -t -L 5900:localhost:5900 far-host 'x11vnc -localhost -display :0'


 S2.

>>>
>>> aun poniendolo de la siguiente manera: x11vnc -display :0 -shared -forever
>>> igualmente me saca inmediatamente entro. La diferencia es que x11vnc
>>> no se me cierra.
>>>
>>
>> Creo recordar que por seguridad el tcp esta bloqueado en x11.
>>
>> Prueba con el tunel ssh como pone en la página de manual que te puse.
>>
>> S2.
>
> Perdona, se me fue la pinza, lo del tcp no es en este caso.
>
> Tendrás que ver como te autentificas en el vnc.
>
> S2.
>

no uso ningun tipo de autentificacion o por lo menos no me la pide

Re: Nautilus et taille des fichiers en binaires

[Eric]

Le 23/04/2016 18:31, Yves Rutschle a écrit :

On Sat, Apr 23, 2016 at 04:06:38PM +0200, err404 wrote:

Non ce que je souhaite c'est que pour un fichier de 32768 octets ça affiche
32K et non 32,8K


ah ok, sans les décimales...

Non, avec 1KB = 1024 octets.

Y.



Je comprends plus là , c'est pas du binaire ça ...

Re: TCP/IP over Bluetooth

[Nicolas George]

Le quintidi 5 floréal, an CCXXIV, Gene Heskett a écrit :
> I feed it ham by moving stuff it should catch to the ham directory so its 
> treated as ham on the next runs of sa-learn.  I could add a weekly 
> sa-learn --ham session, nameing one or more of the cleaner folders from 
> the mailing lists I suppose.  It was initially run over my cleaned up 
> coco folder, which is several gigabytes of quite clean ham.  The initial 
> run was many years ago.  Or, I suppose, I could use an int rnd(number of 
> good folders) and the a stack of ifelses to do a name substitution based 
> on the number and have it read them all at random intervals.

AFAIK, the best of training a Bayesian filter is to feed it contents that is
typical of what it has to classify, and in particular spam and ham in the
same ratio as what you receive. Also, beware if there are some kind of mails
that you want to receive but never archive (for example notifications),
since you may never teach the filter to recognize them as ham.

OTOH, feeding enough ham is necessary to avoid false-positives. This
sub-thread was about false-negatives, IIRC.

Regards,

-- 
  Nicolas George


signature.asc
Description: Digital signature

Re : Nautilus et taille des fichiers en binaires

[nicolas . patrois]

Le 23/04/2016 18:31:17, Yves Rutschle a écrit :

> Non, avec 1KB = 1024 octets.

Non, 1KiB=1024B, 1kB=1000B.
https://en.wikipedia.org/wiki/Binary_prefix

nicolas patrois : pts noir asocial
-- 
RÉALISME

M : Qu'est-ce qu'il nous faudrait pour qu'on nous considère comme des 
humains ? Un cerveau plus gros ?
P : Non... Une carte bleue suffirait...

Re: lavantar servidor vnc por ssh

[fernando sainz]

El día 23 de abril de 2016, 19:15, fernando sainz
 escribió:
> El día 23 de abril de 2016, 19:11, Billy Yeffry Fernández Rodríguez
>  escribió:
>> El día 23 de abril de 2016, 12:58, fernando sainz
>>  escribió:
>>> El día 23 de abril de 2016, 18:39, Billy Yeffry Fernández Rodríguez
>>>  escribió:
 El día 23 de abril de 2016, 11:36, Camaleón  escribió:
> El Sat, 23 Apr 2016 10:37:17 -0400, Billy Yeffry Fernández Rodríguez
> escribió:
>
>> como puedo conectarme via ssh a un equipo remoto para ya luego correr el
>> vnc server en la maquina remota y de esta manera tomar el control de la
>> sesion X del usuario de esa maquina (claro, yo me conectare usando un
>> cliente vnc desde mi equipo)
>
> Para conectarte vía ssh tienes que tener cuenta:
>
> 1/ Equipo cliente con servidor ssh ejecutándose y configurado para
> aceptar peticiones
>
> 2/ Cortafuegos con los puertos requeridos abiertos
>
>> Que hacen ustedes en estos casos cuando tienen que dar soporte a un
>> equipo remoto y tienen que tomar control de la sesion grafica?
>
> En windows TeamViewer es una joyita pero en Linux necesita Wine si mal no
> recuerdo lo cual no me termina de convencer.
>
>> Que me sugieren en mi caso?
>
> Pues tener configuradas en el cliente alguna de estas opciones:
>
> https://help.ubuntu.com/community/VNC/Servers
>
> Para un caso esporádico y rápido, ssh con sesión gráfica (-X) te permite
> ejecutar aplicaciones en remoto.
>
> Saludos,
>
> --
> Camaleón
>

 He probado con el x11vnc al ejecutarlo de la siguiente forma por ssh:

 x11vnc -display :0

 asumiendo que el usuario se esncuentra trabajando graficamente en :0
 el programa corre y cuando corro el cliente vnc en mi computadora y
 pongo la ip (uso remmina) entonces detecta la conexion pero
 inmediatamente se cierra, el programa x11vnc inmediatamente deja de
 correr en la maquina remota, este no lanza ningun error.

 El equipo remoto tiene una instalacion minima de debian: solo tiene
 xorg, lightdm, rdesktop, openssh-server y x11vnc.

 No se si me faltara alguna otra cosa. Descarto la idea de Teamviewer
 porque el equipo remoto es un thinkclient, y tan solo tiene 2G de
 espacio, y la idea es que el usuario no tenga contacto con ninguna
 aplicacion local de linux. Tan solo se conecta remotamente a windows
 server.

>>>
>>>
>>> http://linux.die.net/man/1/x11vnc
>>>
>>> By default x11vnc will not allow the screen to be shared and it will
>>> exit as soon as the client disconnects. See -shared and -forever below
>>> to override these protections. See the FAQ for details how to tunnel
>>> the VNC connection through an encrypted channel such as ssh(1). In
>>> brief:
>>>
>>> ssh -t -L 5900:localhost:5900 far-host 'x11vnc -localhost -display :0'
>>>
>>>
>>> S2.
>>>
>>
>> aun poniendolo de la siguiente manera: x11vnc -display :0 -shared -forever
>> igualmente me saca inmediatamente entro. La diferencia es que x11vnc
>> no se me cierra.
>>
>
> Creo recordar que por seguridad el tcp esta bloqueado en x11.
>
> Prueba con el tunel ssh como pone en la página de manual que te puse.
>
> S2.

Perdona, se me fue la pinza, lo del tcp no es en este caso.

Tendrás que ver como te autentificas en el vnc.

S2.

Test version of the system.

[amd amd]

At this point in time , none of the test version does not work, weekly, and 
daily sid broken after the installation will not start. The last working test 
sid was released 14.3.2016 .

Re: lavantar servidor vnc por ssh

[fernando sainz]

El día 23 de abril de 2016, 19:11, Billy Yeffry Fernández Rodríguez
 escribió:
> El día 23 de abril de 2016, 12:58, fernando sainz
>  escribió:
>> El día 23 de abril de 2016, 18:39, Billy Yeffry Fernández Rodríguez
>>  escribió:
>>> El día 23 de abril de 2016, 11:36, Camaleón  escribió:
 El Sat, 23 Apr 2016 10:37:17 -0400, Billy Yeffry Fernández Rodríguez
 escribió:

> como puedo conectarme via ssh a un equipo remoto para ya luego correr el
> vnc server en la maquina remota y de esta manera tomar el control de la
> sesion X del usuario de esa maquina (claro, yo me conectare usando un
> cliente vnc desde mi equipo)

 Para conectarte vía ssh tienes que tener cuenta:

 1/ Equipo cliente con servidor ssh ejecutándose y configurado para
 aceptar peticiones

 2/ Cortafuegos con los puertos requeridos abiertos

> Que hacen ustedes en estos casos cuando tienen que dar soporte a un
> equipo remoto y tienen que tomar control de la sesion grafica?

 En windows TeamViewer es una joyita pero en Linux necesita Wine si mal no
 recuerdo lo cual no me termina de convencer.

> Que me sugieren en mi caso?

 Pues tener configuradas en el cliente alguna de estas opciones:

 https://help.ubuntu.com/community/VNC/Servers

 Para un caso esporádico y rápido, ssh con sesión gráfica (-X) te permite
 ejecutar aplicaciones en remoto.

 Saludos,

 --
 Camaleón

>>>
>>> He probado con el x11vnc al ejecutarlo de la siguiente forma por ssh:
>>>
>>> x11vnc -display :0
>>>
>>> asumiendo que el usuario se esncuentra trabajando graficamente en :0
>>> el programa corre y cuando corro el cliente vnc en mi computadora y
>>> pongo la ip (uso remmina) entonces detecta la conexion pero
>>> inmediatamente se cierra, el programa x11vnc inmediatamente deja de
>>> correr en la maquina remota, este no lanza ningun error.
>>>
>>> El equipo remoto tiene una instalacion minima de debian: solo tiene
>>> xorg, lightdm, rdesktop, openssh-server y x11vnc.
>>>
>>> No se si me faltara alguna otra cosa. Descarto la idea de Teamviewer
>>> porque el equipo remoto es un thinkclient, y tan solo tiene 2G de
>>> espacio, y la idea es que el usuario no tenga contacto con ninguna
>>> aplicacion local de linux. Tan solo se conecta remotamente a windows
>>> server.
>>>
>>
>>
>> http://linux.die.net/man/1/x11vnc
>>
>> By default x11vnc will not allow the screen to be shared and it will
>> exit as soon as the client disconnects. See -shared and -forever below
>> to override these protections. See the FAQ for details how to tunnel
>> the VNC connection through an encrypted channel such as ssh(1). In
>> brief:
>>
>> ssh -t -L 5900:localhost:5900 far-host 'x11vnc -localhost -display :0'
>>
>>
>> S2.
>>
>
> aun poniendolo de la siguiente manera: x11vnc -display :0 -shared -forever
> igualmente me saca inmediatamente entro. La diferencia es que x11vnc
> no se me cierra.
>

Creo recordar que por seguridad el tcp esta bloqueado en x11.

Prueba con el tunel ssh como pone en la página de manual que te puse.

S2.

Re: lavantar servidor vnc por ssh

[Billy Yeffry Fernández Rodríguez]

El día 23 de abril de 2016, 12:58, fernando sainz
 escribió:
> El día 23 de abril de 2016, 18:39, Billy Yeffry Fernández Rodríguez
>  escribió:
>> El día 23 de abril de 2016, 11:36, Camaleón  escribió:
>>> El Sat, 23 Apr 2016 10:37:17 -0400, Billy Yeffry Fernández Rodríguez
>>> escribió:
>>>
 como puedo conectarme via ssh a un equipo remoto para ya luego correr el
 vnc server en la maquina remota y de esta manera tomar el control de la
 sesion X del usuario de esa maquina (claro, yo me conectare usando un
 cliente vnc desde mi equipo)
>>>
>>> Para conectarte vía ssh tienes que tener cuenta:
>>>
>>> 1/ Equipo cliente con servidor ssh ejecutándose y configurado para
>>> aceptar peticiones
>>>
>>> 2/ Cortafuegos con los puertos requeridos abiertos
>>>
 Que hacen ustedes en estos casos cuando tienen que dar soporte a un
 equipo remoto y tienen que tomar control de la sesion grafica?
>>>
>>> En windows TeamViewer es una joyita pero en Linux necesita Wine si mal no
>>> recuerdo lo cual no me termina de convencer.
>>>
 Que me sugieren en mi caso?
>>>
>>> Pues tener configuradas en el cliente alguna de estas opciones:
>>>
>>> https://help.ubuntu.com/community/VNC/Servers
>>>
>>> Para un caso esporádico y rápido, ssh con sesión gráfica (-X) te permite
>>> ejecutar aplicaciones en remoto.
>>>
>>> Saludos,
>>>
>>> --
>>> Camaleón
>>>
>>
>> He probado con el x11vnc al ejecutarlo de la siguiente forma por ssh:
>>
>> x11vnc -display :0
>>
>> asumiendo que el usuario se esncuentra trabajando graficamente en :0
>> el programa corre y cuando corro el cliente vnc en mi computadora y
>> pongo la ip (uso remmina) entonces detecta la conexion pero
>> inmediatamente se cierra, el programa x11vnc inmediatamente deja de
>> correr en la maquina remota, este no lanza ningun error.
>>
>> El equipo remoto tiene una instalacion minima de debian: solo tiene
>> xorg, lightdm, rdesktop, openssh-server y x11vnc.
>>
>> No se si me faltara alguna otra cosa. Descarto la idea de Teamviewer
>> porque el equipo remoto es un thinkclient, y tan solo tiene 2G de
>> espacio, y la idea es que el usuario no tenga contacto con ninguna
>> aplicacion local de linux. Tan solo se conecta remotamente a windows
>> server.
>>
>
>
> http://linux.die.net/man/1/x11vnc
>
> By default x11vnc will not allow the screen to be shared and it will
> exit as soon as the client disconnects. See -shared and -forever below
> to override these protections. See the FAQ for details how to tunnel
> the VNC connection through an encrypted channel such as ssh(1). In
> brief:
>
> ssh -t -L 5900:localhost:5900 far-host 'x11vnc -localhost -display :0'
>
>
> S2.
>

aun poniendolo de la siguiente manera: x11vnc -display :0 -shared -forever
igualmente me saca inmediatamente entro. La diferencia es que x11vnc
no se me cierra.

Re: TCP/IP over Bluetooth

[Gene Heskett]

On Saturday 23 April 2016 10:35:12 John Hasler wrote:

> Gene writes:
> > Spamassassin, after several years of being fed all of that stuff via
> > a daily sa-learn -spam command on that resting directory, still only
> > catches 10% of it.
>
> Interesting.  For me it catches 90%.  Do you feed it both spam and
> ham?

I feed it ham by moving stuff it should catch to the ham directory so its 
treated as ham on the next runs of sa-learn.  I could add a weekly 
sa-learn --ham session, nameing one or more of the cleaner folders from 
the mailing lists I suppose.  It was initially run over my cleaned up 
coco folder, which is several gigabytes of quite clean ham.  The initial 
run was many years ago.  Or, I suppose, I could use an int rnd(number of 
good folders) and the a stack of ifelses to do a name substitution based 
on the number and have it read them all at random intervals.

I should restrict the number of folders to those that I do have expiry 
times set on though.  Not all folders have expiry setup.  Those that I 
have primary interests in are here until I have an HD crash and no 
backups.  Since I run amanda every night, using a second HD as virtual 
tapes, that chance ranges from slim to point triple ought zip.  I may 
have the last blackout first at my age. :(

ATM I'm making parts for my mill on my lathe for another project that 
will triple the speed of the z axis on my mill, but there may be a down 
time before those replacement motor and driver parts all arrive in the 
next 2 weeks or so when I can slice up some bash code to do that.

Thanks for making me think of that and the fact that over the last 10 
years, the only ham its seen are its mistakes. So this question might 
have had the seeds of something to help. :)

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: lavantar servidor vnc por ssh

[fernando sainz]

El día 23 de abril de 2016, 18:39, Billy Yeffry Fernández Rodríguez
 escribió:
> El día 23 de abril de 2016, 11:36, Camaleón  escribió:
>> El Sat, 23 Apr 2016 10:37:17 -0400, Billy Yeffry Fernández Rodríguez
>> escribió:
>>
>>> como puedo conectarme via ssh a un equipo remoto para ya luego correr el
>>> vnc server en la maquina remota y de esta manera tomar el control de la
>>> sesion X del usuario de esa maquina (claro, yo me conectare usando un
>>> cliente vnc desde mi equipo)
>>
>> Para conectarte vía ssh tienes que tener cuenta:
>>
>> 1/ Equipo cliente con servidor ssh ejecutándose y configurado para
>> aceptar peticiones
>>
>> 2/ Cortafuegos con los puertos requeridos abiertos
>>
>>> Que hacen ustedes en estos casos cuando tienen que dar soporte a un
>>> equipo remoto y tienen que tomar control de la sesion grafica?
>>
>> En windows TeamViewer es una joyita pero en Linux necesita Wine si mal no
>> recuerdo lo cual no me termina de convencer.
>>
>>> Que me sugieren en mi caso?
>>
>> Pues tener configuradas en el cliente alguna de estas opciones:
>>
>> https://help.ubuntu.com/community/VNC/Servers
>>
>> Para un caso esporádico y rápido, ssh con sesión gráfica (-X) te permite
>> ejecutar aplicaciones en remoto.
>>
>> Saludos,
>>
>> --
>> Camaleón
>>
>
> He probado con el x11vnc al ejecutarlo de la siguiente forma por ssh:
>
> x11vnc -display :0
>
> asumiendo que el usuario se esncuentra trabajando graficamente en :0
> el programa corre y cuando corro el cliente vnc en mi computadora y
> pongo la ip (uso remmina) entonces detecta la conexion pero
> inmediatamente se cierra, el programa x11vnc inmediatamente deja de
> correr en la maquina remota, este no lanza ningun error.
>
> El equipo remoto tiene una instalacion minima de debian: solo tiene
> xorg, lightdm, rdesktop, openssh-server y x11vnc.
>
> No se si me faltara alguna otra cosa. Descarto la idea de Teamviewer
> porque el equipo remoto es un thinkclient, y tan solo tiene 2G de
> espacio, y la idea es que el usuario no tenga contacto con ninguna
> aplicacion local de linux. Tan solo se conecta remotamente a windows
> server.
>


http://linux.die.net/man/1/x11vnc

By default x11vnc will not allow the screen to be shared and it will
exit as soon as the client disconnects. See -shared and -forever below
to override these protections. See the FAQ for details how to tunnel
the VNC connection through an encrypted channel such as ssh(1). In
brief:

ssh -t -L 5900:localhost:5900 far-host 'x11vnc -localhost -display :0'


S2.

Re: Nautilus et taille des fichiers en binaires

[Yves Rutschle]

On Sat, Apr 23, 2016 at 04:06:38PM +0200, err404 wrote:
> > Non ce que je souhaite c'est que pour un fichier de 32768 octets ça affiche
> > 32K et non 32,8K
> > 
> ah ok, sans les décimales...

Non, avec 1KB = 1024 octets.

Y.

Re: [Fuera de Tema] [OT] Más académicos que la RAE

[Santiago José López Borrazás]

El 23/04/16 a las 16:56, Alfonso García escribió:
> Jajaja... ¡Cómo lo sabes! Pero me da igual la RAE, puedo seguir criticando a
> los que utilicen el término, a mi juicio, incorrecto, y lo más importante...
> feo de coj***

Me da igual que pongan en el DRAE 'encriptar' que 'cifrar', una como otra
tienen distinto significado. No significan nada igual.

Pero por decir que no quede, me quedo con las dos para una forma:

1º) gente que no sabe lo que es 'encriptar', pues les decimos cifrar, que
así les sale más rápido y más 'entendible' para gente que no tiene ni
pajolera idea de lo que es.

2º) A nivel técnico, se puede decir que, es mucho mejor usar 'encriptar',
porque los mensajes salen más 'crípticos', pero de 'otra forma'.

No debemos confundir estos términos, porque estos son algo distintos a las
palabras anglosajonas (el 'encriptar' es una cosa, en 'updatear' es otra,
que pronto se van a quedar más estandarizados que nunca. Y sino, al tiempo.

¡Venga...pelillos a la mar!...

-- 
Saludos de Santiago José López Borrazás.



signature.asc
Description: OpenPGP digital signature

Re: lavantar servidor vnc por ssh

[Billy Yeffry Fernández Rodríguez]

El día 23 de abril de 2016, 11:36, Camaleón  escribió:
> El Sat, 23 Apr 2016 10:37:17 -0400, Billy Yeffry Fernández Rodríguez
> escribió:
>
>> como puedo conectarme via ssh a un equipo remoto para ya luego correr el
>> vnc server en la maquina remota y de esta manera tomar el control de la
>> sesion X del usuario de esa maquina (claro, yo me conectare usando un
>> cliente vnc desde mi equipo)
>
> Para conectarte vía ssh tienes que tener cuenta:
>
> 1/ Equipo cliente con servidor ssh ejecutándose y configurado para
> aceptar peticiones
>
> 2/ Cortafuegos con los puertos requeridos abiertos
>
>> Que hacen ustedes en estos casos cuando tienen que dar soporte a un
>> equipo remoto y tienen que tomar control de la sesion grafica?
>
> En windows TeamViewer es una joyita pero en Linux necesita Wine si mal no
> recuerdo lo cual no me termina de convencer.
>
>> Que me sugieren en mi caso?
>
> Pues tener configuradas en el cliente alguna de estas opciones:
>
> https://help.ubuntu.com/community/VNC/Servers
>
> Para un caso esporádico y rápido, ssh con sesión gráfica (-X) te permite
> ejecutar aplicaciones en remoto.
>
> Saludos,
>
> --
> Camaleón
>

He probado con el x11vnc al ejecutarlo de la siguiente forma por ssh:

x11vnc -display :0

asumiendo que el usuario se esncuentra trabajando graficamente en :0
el programa corre y cuando corro el cliente vnc en mi computadora y
pongo la ip (uso remmina) entonces detecta la conexion pero
inmediatamente se cierra, el programa x11vnc inmediatamente deja de
correr en la maquina remota, este no lanza ningun error.

El equipo remoto tiene una instalacion minima de debian: solo tiene
xorg, lightdm, rdesktop, openssh-server y x11vnc.

No se si me faltara alguna otra cosa. Descarto la idea de Teamviewer
porque el equipo remoto es un thinkclient, y tan solo tiene 2G de
espacio, y la idea es que el usuario no tenga contacto con ninguna
aplicacion local de linux. Tan solo se conecta remotamente a windows
server.

Re: Nautilus et taille des fichiers en binaires

[Haricophile]

Le Sat, 23 Apr 2016 15:45:48 +0200,
Gaëtan PERRIER  a écrit :

> Non ce que je souhaite c'est que pour un fichier de 32768 octets ça
> affiche 32K et non 32,8K

Ah ! J'avions pas compris ça. Il y a un paramètre que tu peux
régler avec gsettings ou dconf-editor et peut-être dans l'interface :
use-iec-units


-- 
haricoph...@aranha.fr 

Re: Avec quels outils coordonner l'activité de machines indépendantes ?

[Gilles Mocellin]

Le 22/04/2016 à 16:12, Olivier a écrit :

Bonjour,

J'ai plusieurs machines chez des clients, qui produisent des services 
réseaux que je souhaiterai à terme pouvoir secourir en mode dégradé 
par une autre machine dans mes propres locaux.


Les machines chez mes clients ne peuvent pas communiquer directement 
avec celle(s) que je destine au secours mais j'ai une machine tierce 
joignable par tous.


L'architecture serait donc:

P1 - Centre ---S1
  |   |
P2 -|   |
  |
P3--|

avec:
P1, P2, P3 les machines de production
Centre   la machine qui communique avec les autres
S1la machine de secours

Je recherche un moyen pour que:
- la machine au Centre puisse détecter (pas trop bêtement si possible) 
que la P1 est partie en sucette et informer la machine S1 qu'elle peut 
prendre le relais,
- la machine P1 puisse signaler au Centre qu'elle est à nouveau 
d'attaque afin S1 retourne dans son état de veille


J'ai découvert très brièvement consul.io  qui a 
l'air, de loin, de coller à ce que je recherche.


Je serai très curieux d'avoir des suggestions avant d'approfondir le 
sujet.


Slts




Il y a aussi moyen de gérer cela avec Salt, en combinant beacons et reactor.

Dans la deuxième partie de ce Webinar, il explique l'orchestration d'un 
load balancer haproxy et de conteneurs Docker/Nginx :


https://youtu.be/--cJlZpnv50?t=26m22s

Re: [Fuera de Tema] [OT] Más académicos que la RAE

[fernando sainz]

El día 23 de abril de 2016, 17:05, Alfonso García  escribió:
> El día 23/04/2016, a las 14:54, fernando sainz escribió:
>> Hombre no compares.
>> updatear o commitear provienen del ingles y ni si quiera se adaptan a
>> la grafía/fonética del español.
>>
>> Encriptar tiene la misma ráiz que criptografía (del grigo κρυπτός
>> kryptós 'oculto' y -grafía.) y se construye igual que palabras como
>> endiosar, embaldosar, ( encular  :-) ), etc...
>>
>
> Ummm... no tiene nada que ver (aunque lo parezca) encriptar con
> criptografía, la primera es una aberración del inglés to encrypt, la segunda
> es lo que tú bien dices.
>
>> Nadie se queja ( bueno alguno a lo mejor )  de expresiones como subir
>> o bajar programas o cosas así.
>>
>
> subir y bajar son palabras de toda la vida
>

No creo que usar palabras que tienen un significado con otro sea mejor
que inventarse una palabra.

Las lenguas crean palabras, no importa que ya exista una para definir
algo, para que se creen otras.
A mi entender, existiendo los términos críptico y criptografía parece
natural derivar un verbo para llamar a la acción de generar un
documento que mediante la criptografía resulte críptico a los ojos de
los demás.

Dejo el hilo, porque no me gusta demasiado alimentar los OT.

S2

Re: lavantar servidor vnc por ssh

[Camaleón]

El Sat, 23 Apr 2016 10:37:17 -0400, Billy Yeffry Fernández Rodríguez
escribió:

> como puedo conectarme via ssh a un equipo remoto para ya luego correr el
> vnc server en la maquina remota y de esta manera tomar el control de la
> sesion X del usuario de esa maquina (claro, yo me conectare usando un
> cliente vnc desde mi equipo)

Para conectarte vía ssh tienes que tener cuenta:

1/ Equipo cliente con servidor ssh ejecutándose y configurado para 
aceptar peticiones

2/ Cortafuegos con los puertos requeridos abiertos

> Que hacen ustedes en estos casos cuando tienen que dar soporte a un
> equipo remoto y tienen que tomar control de la sesion grafica?

En windows TeamViewer es una joyita pero en Linux necesita Wine si mal no 
recuerdo lo cual no me termina de convencer.

> Que me sugieren en mi caso?

Pues tener configuradas en el cliente alguna de estas opciones:

https://help.ubuntu.com/community/VNC/Servers

Para un caso esporádico y rápido, ssh con sesión gráfica (-X) te permite 
ejecutar aplicaciones en remoto.

Saludos,

-- 
Camaleón

Re: Desabafo

[Humberto A. Sousa]

Bom sábado lista!

Henrique,

O nobreak que você sugeriu aí, um STATION, tem projeto para estações.
Minha empresa DONTEC é autorizada SMS e tenho alguns aparelhos mais 
indicados. Comprometo-me a fazer a doação, basta que com o valor 
relativo a compra você pague as despesas de envio.

http://www.dontec.com.br/

Saudações,


Humberto Araujo de Sousa
humbe...@dontec.com.br

Em 22/04/2016 23:08, Henrique Fagundes escreveu:

Amigos, boa noite!

Estou passando por aqui para dar uma satisfação para todos que 
colaboraram para aquisição do servidor que possibilitará a 
continuidade do ‪Projeto Aprendendo Linux‬.


Como o Vakinha.com.br além das taxas que cobram, ainda cobram R$ 5,00 
pelo saque da quantia, vou esperar liberar todo o valor. Como a ultima 
doação ocorreu no dia 12/04/2016, então deve ser liberada para saque 
no dia 26/04/2016, ou seja, próxima terça-feira. Depois que eu 
solicitar o saque, segundo o regulamento do site 
(http://bit.ly/1YM4y9L) ainda tenho que esperar 72hs. Então o dinheiro 
deve entrar em minha conta corrente na sexta-feira, dia 29/04/2016.


Aí então eu farei a aquisição do servidor. Lembrando que eu ainda 
farei a aquisição (utilizando recursos próprios, ou seja eu pagarei do 
meu bolso) de mais um pente de memória ECC anunciado aqui:
http://bit.ly/1MOiMq0 e um no-break para proteger o servidor, 
anunciado aqui: http://bit.ly/249vO5v


Ao término do trâmite de aquisições, digitalizarei e postarei as 
devidas notas fiscais das respectivas compras.


Aproveito esse post para comunicar a todos que estavam acompanhando a 
minha saga com a ‪GVT‬ para cadastrar o ‪DNS Reverso‬ em um dos links 
de internet que sustentará o servidor, foi devidamente resolvida. 
Enfim, consegui falar com um analista que operacionaliza com os 
servidores de DNS da GVT e ele fez a atualização no servidor faltante, 
no caso o dns2.gvt.net.br.


Obrigado a todos!

Atenciosamente,

Henrique Fagundes
henri...@linuxadmin.com.br
Skype: magnata-br-rj
Linux User: 475399

http://www.aprendendolinux.com/
http://www.facebook.com/PortalAprendendoLinux
http://youtube.com/aprendendolinux/
http://twitter.com/aprendendolinux/
__
Participe do Grupo Aprendendo Linux
http://listas.aprendendolinux.com

Ou envie um e-mail para:
aprendendolinux-subscr...@listas.aprendendolinux.com


 Mensagem original 
Assunto: Re: [Portal Aprendendo Linux] Desabafo
De: Henrique Fagundes 
Para: Lista do Portal Aprendendo Linux 


Data: 08/04/2016 19:01


Amigos, boa noite! É com muita alegria que comunico que consegui
alcançar o objetivo de arrecadar fundos para adquirir um servidor e dar
continuidade ao Projeto Aprendendo Linux. Muito obrigado a todos vocês!

Obs.: O Vakinha demora 14 dias para liberar o saldo arrecadado. Assim
que isso ocorrer, irei fazer a compra do servidor e repassar a vocês a
cópia da Nota Fiscal.

Amanhã eu gravarei um vídeo falando sobre isso e postarei aqui!

Que DEUS abençoe abundantemente a todos vocês! Vida longa e próspera
para nós e para o nosso Linux!

http://www.aprendendolinux.com/projeto

Atenciosamente,

Henrique Fagundes
henri...@linuxadmin.com.br
Skype: magnata-br-rj
Linux User: 475399

http://www.aprendendolinux.com/
http://www.facebook.com/PortalAprendendoLinux
http://youtube.com/aprendendolinux/
http://twitter.com/aprendendolinux/
__
Participe do Grupo Aprendendo Linux
http://listas.aprendendolinux.com

Ou envie um e-mail para:
aprendendolinux-subscr...@listas.aprendendolinux.com


 Mensagem original 
Assunto: Re: Desabafo
De: Henrique Fagundes 
Para: Supervisor CPD Dncn 
Data: 06-04-2016 19:37


Amigos, boa noite!

Peço 1000 desculpa por importuná-los novamente com esse assunto, mas
estou bem perto de conseguir salvar o ‪Projeto Aprendendo Linux‬!

Já posso enxergar a luz no fim do túnel!

Faltam menos do que R$ 400,00 para conseguir atingir o objetivo! 
Então

galera, vamos ajudar! Qualquer R$50,00, R$30,00, R$20,00 ou até mesmo
R$10,00 vai ajudar muito!

Não vamos deixar o projeto morrer!

Acesse o site, conheça o projeto e faça a sua doação:
http://www.aprendendolinux.com/projeto

SOS Aprendendo Linux‬!
Falta Pouco‬!

Vida longa e próspera para todos nós, para o nosso Linux e para o
Projeto Aprendendo Linux.

Atenciosamente,

Henrique Fagundes
henri...@linuxadmin.com.br
Skype: magnata-br-rj
Linux User: 475399

http://www.aprendendolinux.com/
http://www.facebook.com/PortalAprendendoLinux
http://youtube.com/aprendendolinux/
http://twitter.com/aprendendolinux/
__ 


Participe do Grupo Aprendendo Linux
http://listas.aprendendolinux.com

Ou envie um e-mail para:
aprendendolinux-subscr...@listas.aprendendolinux.com


 Mensagem original 

Re: [Fuera de Tema] [OT] Más académicos que la RAE

[Alfonso García]

El día 23/04/2016, a las 14:54, fernando sainz escribió:
> Hombre no compares.
> updatear o commitear provienen del ingles y ni si quiera se adaptan a
> la grafía/fonética del español.
> 
> Encriptar tiene la misma ráiz que criptografía (del grigo κρυπτός
> kryptós 'oculto' y -grafía.) y se construye igual que palabras como
> endiosar, embaldosar, ( encular  :-) ), etc...
> 

Ummm... no tiene nada que ver (aunque lo parezca) encriptar con
criptografía, la primera es una aberración del inglés to encrypt, la segunda
es lo que tú bien dices.

> Nadie se queja ( bueno alguno a lo mejor )  de expresiones como subir
> o bajar programas o cosas así.
>

subir y bajar son palabras de toda la vida

Re: [Fuera de Tema] [OT] Más académicos que la RAE

[Alfonso García]

El día 23/04/2016, a las 14:29, Camaleón escribió:
> ¡Maldición! Ya no podrá enviar mensajes de corrección a los periódicos 
> cuyos articulistas usan ese término >:-)
>  

Jajaja... ¡Cómo lo sabes! Pero me da igual la RAE, puedo seguir criticando a
los que utilicen el término, a mi juicio, incorrecto, y lo más importante...
feo de coj***

Re: lavantar servidor vnc por ssh

[fernando sainz]

El día 23 de abril de 2016, 16:37, Billy Yeffry Fernández Rodríguez
 escribió:
> Saludos amigos de la lista. Me surge la siguiente inquietud:
>
> como puedo conectarme via ssh a un equipo remoto para ya luego correr
> el vnc server en la maquina remota y de esta manera tomar el control
> de la sesion X del usuario de esa maquina (claro, yo me conectare
> usando un cliente vnc desde mi equipo)
>
> Que hacen ustedes en estos casos cuando tienen que dar soporte a un
> equipo remoto y tienen que tomar control de la sesion grafica?
>
> Que me sugieren en mi caso?
>

Si necesitas interactuar con un display real de una máquina, el :0
tendrás que usar un servidor vnc que soporte esa opción, creo que
x11vnc lo hace.

Una busqueda en google, me ha dado esto por ejemplo:
http://ubuntuforums.org/showthread.php?t=363236

Si solo necesitas ejecutar aplicaciones gráficas con cualquier
vncserver te vale o simplemente con ssh -X

S2.

Re: [Fuera de Tema] [OT] Más académicos que la RAE

[listascor...@msjs.co]

El 23/04/16 a las 07:46, Alfonso García escribió:

El día 23/04/2016, a las 14:29, fernando sainz escribió:

Pues con la cantidad de palabras que se han metido con calzador,  para
una que encaja bien no sé por qué tanta crítica.

S2.



No veo el encaje de esa palabra existiendo cifrar. Encriptar es tan feo
como decir "updatear", "commitear", o cosas por el estilo, que usamos los
informáticos, y que parece que, dentro de no mucho tiempo, incorporará la
RAE. Nosotros, tan mal hablados, y en estos tiempos de fiebre tecnológica
que corren, parece que somos los que partimos el bacalao con nuestra
jerigonza informático-anglosajona... no deberían de hacernos mucho caso.
Yo, por lo menos, no se lo voy a hacer a ellos, por mucha RAE que sean, y no
pienso usar el palabro (nunca lo he hecho)

Soy muy crítico sí.. jeje. Tampoco es malo, ¿no?



En el imaginario colectivo de muchas personas encaja mucho mas 
'encriptar' que cifrar.


Personalmente utilizo ambas palabras, hay personas que entienden mas si 
les hablas de encriptar que de cifrar.


La RAE es el único descalabro que hay o que queda; todo lo otro, es cultura.

Saludos;

lavantar servidor vnc por ssh

[Billy Yeffry Fernández Rodríguez]

Saludos amigos de la lista. Me surge la siguiente inquietud:

como puedo conectarme via ssh a un equipo remoto para ya luego correr
el vnc server en la maquina remota y de esta manera tomar el control
de la sesion X del usuario de esa maquina (claro, yo me conectare
usando un cliente vnc desde mi equipo)

Que hacen ustedes en estos casos cuando tienen que dar soporte a un
equipo remoto y tienen que tomar control de la sesion grafica?

Que me sugieren en mi caso?

Re: TCP/IP over Bluetooth

[John Hasler]

Gene writes:
> Spamassassin, after several years of being fed all of that stuff via a 
> daily sa-learn -spam command on that resting directory, still only 
> catches 10% of it.

Interesting.  For me it catches 90%.  Do you feed it both spam and ham?
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: [Fuera de Tema] [OT] Más académicos que la RAE

[Camaleón]

El Sat, 23 Apr 2016 14:15:59 +0200, Alfonso García escribió:

> Me acabo de enterar, con gran desgracia para mí, pues odio profundamente
> esta palabra, que han admitido "encriptar" como verbo en la RAE, ver:
> http://dle.rae.es/?id=FABu3oz

¡Maldición! Ya no podrá enviar mensajes de corrección a los periódicos 
cuyos articulistas usan ese término >:-)
 
> Por lo que suelo leer en esta lista, por aquí no se usa mucho, lo cual
> me alegra enormemente, prefiriendo, en su lugar, nuestra bella y precisa
> "cifrar".
> 
> Nada más que eso.
> 
> Saludos.
> 
> P.S. Ya sé que no tiene nada que ver con Debian, pido disculpas.

Existiendo "criptología" digamos que es un mal menor, ahora que. espero 
no ver por ahí "sistema de encriptado" o "desencriptar" y cosas asín 
aunque me temo lo peor.

Lo raro es que hayan eliminado la acepción de "meter en una 
cripta" ¿ahora cómo se dirá... "encifrar"?

Saludos,

-- 
Camaleón

Re: Error de firmware

[Camaleón]

El Fri, 22 Apr 2016 13:52:00 -0400, merlinva2012 escribió:

> Buenas,
> No estoy seguro si esta duda que tengo la debo preguntar aquí, pero de
> todas formas algo el intento.
> Tengo instalado debian 8.2 . Al iniciar la computadora me sale un
> mensaje que dice:" El firmware ha detectado un error de bateria CMOS "

¿Y ese mensaje es de Debian o de tu BIOS? Es decir, ¿cuándo te aparece 
exactamente? ¿Una vez iniciado el sistema o antes de que aparezca GRUB?

De todas formas, vete comprando una pila de botón O:-)

Saludos,

-- 
Camaleón

Re: Nautilus et taille des fichiers en binaires

[err404]

On 04/23/2016 03:45 PM, Gaëtan PERRIER wrote:
> Le Sat, 23 Apr 2016 15:40:09 +0200
> err404  a écrit:
> 
>> J'utilise Mate Desktop, et la taille affichée est en octets, tu aurai
>> voulu que par exemple pour un fichier de 32Ko ça affiche 256kb ?
>>
> 
> Non ce que je souhaite c'est que pour un fichier de 32768 octets ça affiche
> 32K et non 32,8K
> 
ah ok, sans les décimales...



signature.asc
Description: OpenPGP digital signature

Re: Nautilus et taille des fichiers en binaires

[Gaëtan PERRIER]

Le Sat, 23 Apr 2016 15:40:09 +0200
err404  a écrit:

> J'utilise Mate Desktop, et la taille affichée est en octets, tu aurai
> voulu que par exemple pour un fichier de 32Ko ça affiche 256kb ?
> 

Non ce que je souhaite c'est que pour un fichier de 32768 octets ça affiche
32K et non 32,8K

Re: TCP/IP over Bluetooth

[Andrew McGlashan]

On 23/04/2016 10:33 PM, Gene Heskett wrote:
> On Saturday 23 April 2016 07:52:06 Curt wrote:
>> http://www.linuxjournal.com/article/10915
>>
>> works fine here.

Yes, other pages worked fine too.

> I finally did get to the article, but had to clear it with privacy badger 
> and ghostery and no-script was already disabled. I have no clue what 
> their cookies send back, but I printed it so I don't have to go thru 
> that folderol again.  The sign up overlay never did fully render. But it 
> had a close button that worked.

I had the same behaviour exactly.

I use uBlock Origin, Disconnect mostly.  PrivacyBadger gave me too much
trouble and I don't trust Noscript -- in Noscript's place, I use
Policeman and find it has better lock down controls.

> At one point, Privacy Badger was reporting 9 trackers, and Ghostery was 
> blocking 24 data suckers. Noscript wasn't blocking anything as its been 
> disabled for weeks.

Yep, and web developers or their bosses couldn't seem to care less how
much garbage they force upon us.  They are now worse than used car
salesmen, just like SEO /scumbags/ ...S

Cheers
AndrewM



signature.asc
Description: OpenPGP digital signature

Re: Nautilus et taille des fichiers en binaires

[err404]

J'utilise Mate Desktop, et la taille affichée est en octets, tu aurai
voulu que par exemple pour un fichier de 32Ko ça affiche 256kb ?



signature.asc
Description: OpenPGP digital signature

Re: Problems with vdpau

[Sven Arvidsson]

On Wed, 2016-04-20 at 14:07 +0530, Himanshu Shekhar wrote:
> I have no NVIDIA hardware, still there are packages that install
> packages
> containing vdpau in their name.
> Any such installation causes trouble as the CLI tty(s) (a.k.a.
> virtual
> consoles) are not available to use as long as any library related to
> vdpau
> are installed.
> 
> Removal of any package having vdpau in its name resolves the problem.
> Is this the issue with vdpau?

VDPAU is also used for AMD GPUs, and can be used on Intel
with libvdpau-va-gl1 (but I suppose it's less efficient than using
VAAPI) so it's no surprise that is installed by default on most desktop
installs.

I would find it most peculiar if just installing the package could
prevent you from switching ttys. I have no such problems on a pure
intel system with vdpau packages installed.

-- 
Cheers,
Sven Arvidsson
http://www.whiz.se
PGP Key ID 6FAB5CD5



signature.asc
Description: This is a digitally signed message part

Re: TCP/IP over Bluetooth

[Gene Heskett]

On Saturday 23 April 2016 08:44:56 Lisi Reisz wrote:

> On Saturday 23 April 2016 13:33:54 Gene Heskett wrote:
> > The data these sites collect and sell, gets me 100 new spams every
> > day. 20 or 30 of for erectile disfunction cures that don't work.
> >  I'm 81, and been diabetic for 25 + years, I couldn't reset my since
> > counter if it was offered.  I don't have a place to put a hot tub,
> > and my garage floor is bare cement & gonna stay that way. I don't
> > need a DUI attorney, or the next great diabetes cure. Give me a
> > break.
>
> I keep being offered pills to increase the size/functionality of a
> part of my anatomy that doesn't exist.  My spam checker infallibly
> removes the offers.

Spamassassin, after several years of being fed all of that stuff via a 
daily sa-learn -spam command on that resting directory, still only 
catches 10% of it.

> The odd thing is that my husband, being in full possession of the
> relevant part of his anatomy, doesn't get any.
>
> I get lots of "young ladies" soliciting for my affections too.
>
> The spam writers obviously know something about me that I don't know
> about myself.

Gee.  I could let my imagination run wild and still not come up with a 
valid answer.  The image you project is that of an experienced lady, 
with poor eyesight you have worked around quite well, and generally a 
pleasant person to be around, and thats worth more than an 11 at closing 
time. :)

Take Care girl.

> >  I printed it so I don't have to go thru that folderol again.
>
> Bin them, Gene.  And save yourself the folderol.
>
> Lisi


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: [Fuera de Tema] [OT] Más académicos que la RAE

[fernando sainz]

El día 23 de abril de 2016, 14:46, Alfonso García  escribió:
> El día 23/04/2016, a las 14:29, fernando sainz escribió:
>> Pues con la cantidad de palabras que se han metido con calzador,  para
>> una que encaja bien no sé por qué tanta crítica.
>>
>> S2.
>>
>
> No veo el encaje de esa palabra existiendo cifrar. Encriptar es tan feo
> como decir "updatear", "commitear", o cosas por el estilo, que usamos los
> informáticos, y que parece que, dentro de no mucho tiempo, incorporará la
> RAE. Nosotros, tan mal hablados, y en estos tiempos de fiebre tecnológica
> que corren, parece que somos los que partimos el bacalao con nuestra
> jerigonza informático-anglosajona... no deberían de hacernos mucho caso.
> Yo, por lo menos, no se lo voy a hacer a ellos, por mucha RAE que sean, y no
> pienso usar el palabro (nunca lo he hecho)
>
> Soy muy crítico sí.. jeje. Tampoco es malo, ¿no?
>

Hombre no compares.
updatear o commitear provienen del ingles y ni si quiera se adaptan a
la grafía/fonética del español.

Encriptar tiene la misma ráiz que criptografía (del grigo κρυπτός
kryptós 'oculto' y -grafía.) y se construye igual que palabras como
endiosar, embaldosar, ( encular  :-) ), etc...

Nadie se queja ( bueno alguno a lo mejor )  de expresiones como subir
o bajar programas o cosas así.


S2.

Re: [Fuera de Tema] [OT] Más académicos que la RAE

[Alfonso García]

El día 23/04/2016, a las 14:29, fernando sainz escribió:
> Pues con la cantidad de palabras que se han metido con calzador,  para
> una que encaja bien no sé por qué tanta crítica.
> 
> S2.
> 

No veo el encaje de esa palabra existiendo cifrar. Encriptar es tan feo
como decir "updatear", "commitear", o cosas por el estilo, que usamos los
informáticos, y que parece que, dentro de no mucho tiempo, incorporará la
RAE. Nosotros, tan mal hablados, y en estos tiempos de fiebre tecnológica
que corren, parece que somos los que partimos el bacalao con nuestra
jerigonza informático-anglosajona... no deberían de hacernos mucho caso. 
Yo, por lo menos, no se lo voy a hacer a ellos, por mucha RAE que sean, y no
pienso usar el palabro (nunca lo he hecho)

Soy muy crítico sí.. jeje. Tampoco es malo, ¿no?

Re: TCP/IP over Bluetooth

[Lisi Reisz]

On Saturday 23 April 2016 13:33:54 Gene Heskett wrote:
> The data these sites collect and sell, gets me 100 new spams every day.
> 20 or 30 of for erectile disfunction cures that don't work.  I'm 81, and
> been diabetic for 25 + years, I couldn't reset my since counter if it
> was offered.  I don't have a place to put a hot tub, and my garage floor
> is bare cement & gonna stay that way. I don't need a DUI attorney, or
> the next great diabetes cure. Give me a break.

I keep being offered pills to increase the size/functionality of a part of my 
anatomy that doesn't exist.  My spam checker infallibly removes the offers.

The odd thing is that my husband, being in full possession of the relevant 
part of his anatomy, doesn't get any.

I get lots of "young ladies" soliciting for my affections too.

The spam writers obviously know something about me that I don't know about 
myself.

>  I printed it so I don't have to go thru that folderol again. 

Bin them, Gene.  And save yourself the folderol.  

Lisi

Re: TCP/IP over Bluetooth

[Gene Heskett]

On Saturday 23 April 2016 07:52:06 Curt wrote:

> On 2016-04-23, Gene Heskett  wrote:
> > I was blocked, 5 times so far, at the front page of the current
> > issue.  I could poke around in the 4 sale areas, but could not
> > access any other content, such as that sublink without signing up.
>
> I was taken to the regular old front page too (probably because
> shawn's m-dot URL is optimized for smartphones and they sense I ain't
> no smartphone), but once at the front page I tacked on the
> '/article/10915' part and away I went.
>
> In other words,
>
> http://www.linuxjournal.com/article/10915
>
> works fine here.
>
> Other front page links (I tried two) work fine for me also.
>
> ICIWYMWV
??

I finally did get to the article, but had to clear it with privacy badger 
and ghostery and no-script was already disabled. I have no clue what 
their cookies send back, but I printed it so I don't have to go thru 
that folderol again.  The sign up overlay never did fully render. But it 
had a close button that worked.

At one point, Privacy Badger was reporting 9 trackers, and Ghostery was 
blocking 24 data suckers. Noscript wasn't blocking anything as its been 
disabled for weeks.

The data these sites collect and sell, gets me 100 new spams every day. 
20 or 30 of for erectile disfunction cures that don't work.  I'm 81, and 
been diabetic for 25 + years, I couldn't reset my since counter if it 
was offered.  I don't have a place to put a hot tub, and my garage floor 
is bare cement & gonna stay that way. I don't need a DUI attorney, or 
the next great diabetes cure. Give me a break.

> Tallyho,
>
> Curt
>
> > Cheers, Gene Heskett


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: [Fuera de Tema] [OT] Más académicos que la RAE

[fernando sainz]

El día 23 de abril de 2016, 14:15, Alfonso García  escribió:
> Me acabo de enterar, con gran desgracia para mí, pues odio profundamente
> esta palabra, que han admitido "encriptar" como verbo en la RAE, ver:
> http://dle.rae.es/?id=FABu3oz
>
> Por lo que suelo leer en esta lista, por aquí no se usa mucho, lo cual me
> alegra enormemente, prefiriendo, en su lugar, nuestra bella y precisa
> "cifrar".
>
> Nada más que eso.
>
> Saludos.
>
> P.S. Ya sé que no tiene nada que ver con Debian, pido disculpas.
>

Pues con la cantidad de palabras que se han metido con calzador,  para
una que encaja bien no sé por qué tanta crítica.

S2.

[Fuera de Tema] [OT] Más académicos que la RAE

[Alfonso García]

Me acabo de enterar, con gran desgracia para mí, pues odio profundamente
esta palabra, que han admitido "encriptar" como verbo en la RAE, ver:
http://dle.rae.es/?id=FABu3oz

Por lo que suelo leer en esta lista, por aquí no se usa mucho, lo cual me
alegra enormemente, prefiriendo, en su lugar, nuestra bella y precisa
"cifrar".

Nada más que eso.

Saludos.

P.S. Ya sé que no tiene nada que ver con Debian, pido disculpas.

Re: TCP/IP over Bluetooth

[Richard Owlett]

On 4/23/2016 6:52 AM, Curt wrote:

On 2016-04-23, Gene Heskett  wrote:


I was blocked, 5 times so far, at the front page of the current issue.  I
could poke around in the 4 sale areas, but could not access any other
content, such as that sublink without signing up.


I was taken to the regular old front page too (probably because shawn's
m-dot URL is optimized for smartphones and they sense I ain't no
smartphone), but once at the front page I tacked on the '/article/10915'
part and away I went.

In other words,

http://www.linuxjournal.com/article/10915

works fine here.



Works fine for me using SeaMonkey under WinXP [Debian machine 
down at moment]

Re: Posts don't show on list

[Gene Heskett]

On Saturday 23 April 2016 07:41:48 cbannis...@slingshot.co.nz wrote:

> On Fri, Apr 22, 2016 at 05:11:07AM -0400, Gene Heskett wrote:
> > On Friday 22 April 2016 04:43:56 Richard Owlett wrote:
> > > That's a frequently reported "feature" of gmail.
> > > Personally I suspect "free" service isn't worth what you pay for
> > > it. I'm very happy using paid ($) mail and news servers :}
> >
> > Paid?  Mail? Its part of YOUR ISP's responsibility to provide a mail
> > server.
>
> I was informed by my ISP that the email service is an added extra. :(

I suppose it could be at your place, but while I haven't dealt with 
anything but the local ISP's here in the USA, it has always been 
considered as part of the deal.  I have a 10 megabit connection and my 
telephone from the local cable company at nominally $110 USD/month.  And 
the telephone is no charge long distance anyplace in the lower 48 
states.  That quasi-free LD is handier than sliced bread as this is a 
pretty big place compared to NZ. I find I often have to check where I'm 
calling to make sure the time zone there is business hours for them 
since we have 4 hours diff to kalipornia from here.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: Posts don't show on list

[cbannister]

On Fri, Apr 22, 2016 at 08:35:31PM +0100, Joe wrote:
> Upload to a website, either your own or a public one. I don't use
> a public one, so I have no recommendation, but no doubt others will.
> 
> It is a courtesy in any case, in any list or group, as some
> subscribers may have limited Internet capability, and should have the
> choice as to whether to download comparatively large chunks of data.

The purpose of this list is to provide help to other Debian users, more
often than not this involves sending log files, screen shots, or whatever
else may be needed to help solve the problem. Also the mails are archived
to help future googlers solve their own problems, this helps to avoid traffic
to the list. If the screenshots or logs are sent to a web site with a time
limit then the archiving of the message is a waste of time (and I suggest
a cause for extreme frustration).

This is a high volume list, so there is already a lot of data downloaded.


-- 
The media's the most powerful entity on earth. 
They have the power to make the innocent guilty 
and to make the guilty innocent, and that's power.
 -- Malcolm X

Re: Posts don't show on list

[cbannister]

[Please don't top post]

On Fri, Apr 22, 2016 at 12:24:26PM -0700, Gary Roach wrote:
> OK. All of a sudden my original posts are showing up but if I add an
> attachment the post seems to drop into a black hole. No post, no rejection
> notice. I have looked at the sites rules and have not found any information
> that would exclude attachments.

There may be a size limit.

-- 
The media's the most powerful entity on earth. 
They have the power to make the innocent guilty 
and to make the guilty innocent, and that's power.
 -- Malcolm X

Re: TCP/IP over Bluetooth

[Curt]

On 2016-04-23, Gene Heskett  wrote:
>
> I was blocked, 5 times so far, at the front page of the current issue.  I 
> could poke around in the 4 sale areas, but could not access any other 
> content, such as that sublink without signing up.

I was taken to the regular old front page too (probably because shawn's
m-dot URL is optimized for smartphones and they sense I ain't no
smartphone), but once at the front page I tacked on the '/article/10915'
part and away I went.

In other words,

http://www.linuxjournal.com/article/10915

works fine here.

Other front page links (I tried two) work fine for me also.

ICIWYMWV

Tallyho, 

Curt

> Cheers, Gene Heskett


-- 
Hypertext--or should I say the ideology of hypertext?--is ultrademocratic and
so entirely in harmony with the demagogic appeals to cultural democracy that
accompany (and distract one’s attention from) the ever-tightening grip of 
plutocratic capitalism. - Susan Sontag

Re: Posts don't show on list

[cbannister]

On Fri, Apr 22, 2016 at 05:11:07AM -0400, Gene Heskett wrote:
> On Friday 22 April 2016 04:43:56 Richard Owlett wrote:
> >
> > That's a frequently reported "feature" of gmail.
> > Personally I suspect "free" service isn't worth what you pay for it.
> > I'm very happy using paid ($) mail and news servers :}
> 
> Paid?  Mail? Its part of YOUR ISP's responsibility to provide a mail 
> server.

I was informed by my ISP that the email service is an added extra. :(

-- 
The media's the most powerful entity on earth. 
They have the power to make the innocent guilty 
and to make the guilty innocent, and that's power.
 -- Malcolm X

Re: Nautilus et taille des fichiers en binaires

[Gaëtan PERRIER]

Le Sat, 23 Apr 2016 11:55:22 +0200
Haricophile  a écrit:

> Le Sat, 23 Apr 2016 01:46:36 +0200,
> Gaëtan PERRIER  a écrit :
> 
> > Bonjour,
> > 
> > Sauriez-vous comment faire pour que nautilus affiche les tailles en
> > binaire plutôt qu'en décimal ?
> > 
> > Gaëtan
> 
> Ce n'est pas prévu, ça va contre "la simplicité" de Gnome et de toute
> manière ça pose des problèmes d'espace dans l'affichage. Si tu clique
> sur la propriété du fichier tu as la taille exacte, sinon pour les
> trucs de geek il y a les outils de geeks comme ls ou mc ;)
> 

En quoi c'est un truc de geek ? Depuis 35 ans que je fais de l'informatique
les unités binaires sont utilisées ...
Dans les propriétés la taille exacte n'est pas donnée pour les répertoires.
Et je ne vois pas en quoi ça pose des problèmes de taille d'affichage ?
Par contre ça perturbe pas mal de personnes qui utilisent aussi Windows qui
lui utilise le format binaire.
Le minimum c'est de donner le choix à  l'utilisateur !

Gaëtan

Re: Posts don't show on list

[cbannister]

On Fri, Apr 22, 2016 at 02:23:46PM +0200, to...@tuxteam.de wrote:
> On Fri, Apr 22, 2016 at 08:12:04AM -0400, The Wanderer wrote:
> 
> [...]
> 
> > In this case, what appears to happen is that Gmail assumes that
> > Message-ID is unique, and consequently that it only needs to keep one
> > copy of a message with any given Message-ID. Since the person sending a
> > mail already has one message with that Message-ID (in their Sent
> > folder), Gmail sees the incoming mail as a duplicate, and discards it.
> 
> Sounds kinda plausible. Any Googler listening who'd care to shed light?
> C'mon, folks...

I google but cannot help. :)

-- 
The media's the most powerful entity on earth. 
They have the power to make the innocent guilty 
and to make the guilty innocent, and that's power.
 -- Malcolm X

Re: TCP/IP over Bluetooth

[shawn wilson]

On Apr 23, 2016 06:27, "Reco"  wrote:
>
> On Sat, 23 Apr 2016 10:23:57 +0100
> Joe  wrote:
>

> > 'Proper' serial equipment
> > typically does not go higher than 115kBd, and most wired serial
> > applications need much less than that.
>
> But serial-over-bluetooth gets me 0.5 Mbps :)
>

Being able to teacher when connected to either cell *or* wifi from a non
rooted android device (like if paying for a single MAC address on a plane)
might be a good enough reason to set it up. And in those situations, you're
not getting optimal bandwidth anyway.

Re: TCP/IP over Bluetooth

[Andy Smith]

Hi Peter,

On Fri, Apr 22, 2016 at 08:27:38PM -0700, pe...@easthope.ca wrote:
> …TCP/IP inside PPP on a Bluetooth connection is hypthetically
> possible.
> 
> Has anyone tried it with a debian system on one end at least?

Yes; around 4 years ago I used to occasionally pair my Nokia E90 and
use it as a Bluetooth network device. That was with NetworkManager
under GNOME. I seem to recall it was detected without me needing to
configure anything (apart from the pairing), and it mostly worked,
although it was quite slow.

Since then I've switched to an Android phone and find either USB
tether or wifi access point performs better and are more reliable. I
see it still offers Bluetooth tethering but I've never wanted to
use it.

Cheers,
Andy

-- 
http://bitfolk.com/ -- No-nonsense VPS hosting

> The optimum programming team size is 1.
Has Jurassic Park taught us nothing? — pfilandr

Re: canberra-gtk-module not loaded?

[Sven Arvidsson]

On Fri, 2016-04-22 at 19:51 -0400, Alan McConnell wrote:
>   Suppose one doesn't like the squawks that are emitted when
> e.g.
>   a typing mistake is made, or a file isn't found.  Can one
>   dis-install, or disable canberra, without otherwise messing
> up
>   the sound?
> 
> Alan, who hopes to listen to Otello tomorrow on his computer!

Yes, shouldn't be a problem. 

I'm not sure how to disable or configure the sounds outside of GNOME
though.

(Also, depending on if the application uses GTK2 or 3 you probably need
different versions of the canberra library)

-- 
Cheers,
Sven Arvidsson
http://www.whiz.se
PGP Key ID 6FAB5CD5



signature.asc
Description: This is a digitally signed message part

Re: TCP/IP over Bluetooth

[Gene Heskett]

On Saturday 23 April 2016 03:36:48 Lisi Reisz wrote:

> On Saturday 23 April 2016 06:04:24 Gene Heskett wrote:
> > Unforch for many, its also a link you have to subscribe to
>
> No you don't. I've just tried.
>
> You can, if you wish, once there, become a subscriber to the digital
> version of the magazine.
>
> Lisi

I was blocked, 5 times so far, at the front page of the current issue.  I 
could poke around in the 4 sale areas, but could not access any other 
content, such as that sublink without signing up.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: Problems with vdpau

[cbannister]

On Wed, Apr 20, 2016 at 02:07:52PM +0530, Himanshu Shekhar wrote:
> I have no NVIDIA hardware, still there are packages that install packages
> containing vdpau in their name.
> Any such installation causes trouble as the CLI tty(s) (a.k.a. virtual
> consoles) are not available to use as long as any library related to vdpau
> are installed.

What trouble? Please explain what happens, and what you expect to happen.

-- 
The media's the most powerful entity on earth. 
They have the power to make the innocent guilty 
and to make the guilty innocent, and that's power.
 -- Malcolm X

Re: Nautilus et taille des fichiers en binaires

[Haricophile]

Le Sat, 23 Apr 2016 01:46:36 +0200,
Gaëtan PERRIER  a écrit :

> Bonjour,
> 
> Sauriez-vous comment faire pour que nautilus affiche les tailles en
> binaire plutôt qu'en décimal ?
> 
> Gaëtan

Ce n'est pas prévu, ça va contre "la simplicité" de Gnome et de toute
manière ça pose des problèmes d'espace dans l'affichage. Si tu clique
sur la propriété du fichier tu as la taille exacte, sinon pour les
trucs de geek il y a les outils de geeks comme ls ou mc ;)

-- 
haricoph...@aranha.fr 

Re: TCP/IP over Bluetooth

[Reco]

On Sat, 23 Apr 2016 10:23:57 +0100
Joe  wrote:

> On Sat, 23 Apr 2016 10:53:08 +0300
> Reco  wrote:
> 
> > Hi.
> > 
> > On Fri, 22 Apr 2016 20:27:38 -0700
> > pe...@easthope.ca wrote:
> > 
> > > According to https://en.wikipedia.org/wiki/Bluetooth ,
> > > Bluetooth was "... originally conceived as a wireless alternative 
> > > to RS-232 data cables."  Therefore TCP/IP inside PPP on a 
> > > Bluetooth connection is hypthetically possible.
> > > 
> > > Has anyone tried it with a debian system on one end at least?  
> > 
> > I have to use the thing on a regular basis. Connection speed is
> > turtle-slow by today's standards, 
> > 
> 
> If you need lots of bandwidth, there's wifi. 

If I really need the bandwidth, I won't settle for anything less than
1Gbps ethernet. Such thing is not always available though.

> 'Proper' serial equipment
> typically does not go higher than 115kBd, and most wired serial
> applications need much less than that.

But serial-over-bluetooth gets me 0.5 Mbps :)

Reco

Re: TCP/IP over Bluetooth

[Joe]

On Sat, 23 Apr 2016 10:53:08 +0300
Reco  wrote:

>   Hi.
> 
> On Fri, 22 Apr 2016 20:27:38 -0700
> pe...@easthope.ca wrote:
> 
> > According to https://en.wikipedia.org/wiki/Bluetooth ,
> > Bluetooth was "... originally conceived as a wireless alternative 
> > to RS-232 data cables."  Therefore TCP/IP inside PPP on a 
> > Bluetooth connection is hypthetically possible.
> > 
> > Has anyone tried it with a debian system on one end at least?  
> 
> I have to use the thing on a regular basis. Connection speed is
> turtle-slow by today's standards, 
> 

If you need lots of bandwidth, there's wifi. 'Proper' serial equipment
typically does not go higher than 115kBd, and most wired serial
applications need much less than that. Sony's camera control protocol
at 562.5kBd is very unusual, and a pig to route wirelessly.

-- 
Joe

Re: TCP/IP over Bluetooth

[Reco]

Hi.

On Fri, 22 Apr 2016 20:27:38 -0700
pe...@easthope.ca wrote:

> According to https://en.wikipedia.org/wiki/Bluetooth ,
> Bluetooth was "... originally conceived as a wireless alternative 
> to RS-232 data cables."  Therefore TCP/IP inside PPP on a 
> Bluetooth connection is hypthetically possible.
> 
> Has anyone tried it with a debian system on one end at least?

I have to use the thing on a regular basis. Connection speed is
turtle-slow by today's standards, but it works, and aside from the
bluez package it only requires wvdial one.

A sample implementation is:

# cat /etc/network/if-pre-up.ppp0
/usr/bin/rfcomm connect /dev/rfcomm0 xx:xx:xx:xx:xx:xx &
while [ ! -r /dev/rfcomm0 ]; do
/bin/echo "Waiting for /dev/rfcomm0 ..."
/bin/sleep 1
done

# cat /etc/network/if-post-down.ppp0
pkill -9 rfcomm

# grep -A1 ppp0 /etc/network/interfaces
iface ppp0 inet wvdial
pre-up /etc/network/if-pre-up.ppp0
metric 1
post-down /etc/network/if-post-down.ppp0

# cat /etc/wvdial.conf
[Dialer Defaults]
Baud = 460800
Dial Command = ATD
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0   +FCLASS=0
Init3 = AT+CGDCONT=1,"IP","my.cellphone.carrier.gateway"
Modem = /dev/rfcomm0
Modem Type = Analog Modem
New PPD = yes
Password = xxx
Phone = *99#
Username = xxx
ISDN = false
Idle Seconds = 300

Reco

Re: TCP/IP over Bluetooth

[Lisi Reisz]

On Saturday 23 April 2016 06:04:24 Gene Heskett wrote:
> Unforch for many, its also a link you have to subscribe to

No you don't. I've just tried.

You can, if you wish, once there, become a subscriber to the digital version 
of the magazine.

Lisi

Re: Speech-To-Text?

[deloptes]

Kent West wrote:

> I have an Android phone recording of a meeting that I'd like to
> transcribe to text, and was hoping there was an automagic way to convert
> most of it.
> 
> My google-fu seems to be failing me, or else that info simply isn't out
> there.
> 

https://en.wikipedia.org/wiki/Speech_recognition_software_for_Linux
http://www.voxforge.org/

> 
> Anyone out there who can help me accomplish my goal, using pocketsphinx
> or any other suitable tool?
> 

I spent some years back in the beginning of the century doing research in
the area and playing with linux tools.
My conclusion back then (10+y ago) was that there is no usable STT and TTS
system. I later did a research and Master Thesis on Dialogue Systems
Things may have changed  now, but I doubt the quality of the linux software
anyway.
Basically there were/are just two providers of speach recognition engine
(IBM and Philips) resulting from joint force research in the 90'. It cost
millions to build. I've tested it and it worked very well 10y ago. It cost
about 150$US. But there are also cheaper versions with smaller domain
specific vocabulary.
If you want to play around you may try those linux tools, if you want 
professional results, where you do not have too correct 60% of the text, go
buy or borrow one.

regards

Re: exim4 - tls errors [SOLVED]

[deloptes]

Kamil Jońca wrote:

> kjo...@poczta.onet.pl (Kamil Jońca) writes:
> 
> some background
> 1. with exim 4.87 tls_advertise_hosts defaults to *.
> 2. also MAIN_TLS_ADVERTISE_HOSTS (main/03_exim4-config_tlsoptions)
> 3. to get rid this message (excet to create certificate)
> tls_advertise_hosts should be _empty_.
> 
> so set
> --8<---cut here---start->8---
> MAIN_TLS_ADVERTISE_HOSTS= ""
> --8<---cut here---end--->8---
> works.
> 
> Yes, I should read exim documentation earlier. :)
> 
> KJ
> 

This is not exactly correct. As statedbefore setting MAIN_TLS_ENABLE=false
should skip the whole block of settings related to SSL/TLS.
No idea why you should touch the supplementary config files.

regards

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

[Andrew McGlashan]

On 21/04/2016 7:19 AM, Ansgar Burchardt wrote:
> Here is a quick example in an interactive shell:
> 
> +---
> | # umount /boot; ls /boot
> | [empty]
> | # unshare -m

Wheezy seems to need:
  # unshare -m /bin/bash

Jessie gives you the shell by default (perhaps your default).

Cheers
AndrewM



signature.asc
Description: OpenPGP digital signature

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

[Andrew McGlashan]

On 21/04/2016 5:44 AM, John L. Ries wrote:
>> Thanks! I think we need to share more examples on how to use systemd
>> properly. A lot of the criticism stems from the simple fact that people
>> just need to learn what the new tools can do for them.
> 
> That would be an indication that systemd is non-intuitive and poorly
> documented, which has been my impression for the past several years.
> There may be no good cure for the former (but a better systemadm would
> help), but there is for the latter.

Agreed on the responder part.  There is little that more examples of
systemd will encourage anything for me; it is not the way *nix systems
should be built.  There is definitely far too much reach and over creep
in systemd already, with more to come.  Sadly this software version of
cancer is planned to keep spreading.

:(

AndrewM



signature.asc
Description: OpenPGP digital signature