Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
On Wed, Aug 6, 2008 at 3:45 AM, Francisco Ares [EMAIL PROTECTED] wrote: Hi, guys. Sorry to post such off-topic message, but I didn't know where I could ask this question. I know that things such as address, trafic, bandwith are easy to be tracked and logged, but what about, say, my gmail messages - is it possible to log them also? Which package should I use or look for? Thanks Francisco -- If you have an apple and I have an apple and we exchange apples then you and I will still each have one apple. But if you have an idea and I have one idea and we exchange these ideas, then each of us will have two ideas. - George Bernard Shaw Look at beagle. I know they have a gmail backend that can index your gmail emails. Alternatively you can setup a mail client to download the email from the webmail and then index/log/track it locally. Regards Dirk
Re: [gentoo-user] Re: make oldconfig
2008/8/6, James [EMAIL PROTECTED]: So what I gleen is that you run on a kernel, say version linux-2.6.24-gentoo-r8 You down load newer sources, say version linux-2.6.25-gentoo-r7 cd /usr/src rm linux ln -sf /usr/src/linux-2.6.25-gentoo-r7 linux make oldconfig ??? make menuconfig cp System.map /boot/System.map-2.6.25-gentoo-r7 cp arch/x86_64/boot/bzImage /boot/kernel-2.6.25-gentoo-r7 cp .config /boot/config-2.6.25-gentoo-r7 edit grub apppropriately and reboot to the new kernel? In the case you run menuconfig oldconfig is not needed. I did so myself in the past. Now i simply run just oldconfig, because you have a better control of what has changed between the versions. After oldconfig menuconfig is not needed one of them will suffer. Regards, Daniel
Re: [gentoo-user] Re: make oldconfig
on 08/06/2008 04:58 AM James wrote the following: Dale dalek1967 at bellsouth.net writes: Well, the reason I asked is for clarity. I found this gentoo doc, which seems a little dated: http://gentoo-wiki.com/ HOWTO_Detailed_Kernel_Configuration So what I gleen is that you run on a kernel, say version linux-2.6.24-gentoo-r8 You down load newer sources, say version linux-2.6.25-gentoo-r7 cd /usr/src rm linux ln -sf /usr/src/linux-2.6.25-gentoo-r7 linux cd linux make oldconfig make menuconfig
[gentoo-user] strange messages from automount (net-fs/autofs-4.1.3-r7)
I get those reports in /var/log/messages: ... Aug 6 12:16:00 turion automount[14864]: failed to mount /mnt/auto/.Trash Aug 6 12:16:00 turion automount[14868]: failed to mount /mnt/auto/.Trash-1000 Aug 6 12:16:00 turion automount[14874]: failed to mount /mnt/auto/.Trash Aug 6 12:16:00 turion automount[14876]: failed to mount /mnt/auto/.Trash-1000 Aug 6 12:17:42 turion automount[4025]: failed to mount /mnt/auto/.Trash Aug 6 12:17:42 turion automount[4026]: failed to mount /mnt/auto/.Trash-1000 Aug 6 12:17:42 turion automount[4029]: failed to mount /mnt/auto/.Trash Aug 6 12:17:42 turion automount[4030]: failed to mount /mnt/auto/.Trash-1000 Aug 6 12:18:46 turion automount[4091]: failed to mount /mnt/auto/.Trash Aug 6 12:18:46 turion automount[4092]: failed to mount /mnt/auto/.Trash-1000 Aug 6 12:18:46 turion automount[4095]: failed to mount /mnt/auto/.Trash Aug 6 12:18:46 turion automount[4096]: failed to mount /mnt/auto/.Trash-1000 ... I tried to find any files linking to /mnt/auto/.Trash* but there is none. Any clues?
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
On Tue, Aug 5, 2008 at 10:45 PM, Francisco Ares [EMAIL PROTECTED] wrote: Hi, guys. Sorry to post such off-topic message, but I didn't know where I could ask this question. I know that things such as address, trafic, bandwith are easy to be tracked and logged, but what about, say, my gmail messages - is it possible to log them also? Which package should I use or look for? Comparing network statistics with webmail messages is not that simple. The only way I can think for you to keep track of your messages is to sniff unencrypted packages (https wouldn't work), look for specific patterns and use that to estimate usage, of course, I'm considering your statement about bandwidth, traffic, address and the fact that something like that would be a hard, complex and not NEAR fail proof concept, along with the privacy issues, of course. Now, if you wanna keep track of YOUR messages, the best way is to activate IMAP on gmail, and use a client, configure it to store messages locally, and that's about it... Beagle would index this kinda content very easily, and your mail client too. -- Daniel da Veiga
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
On 6 Aug 2008, at 14:28, Daniel da Veiga wrote: On Tue, Aug 5, 2008 at 10:45 PM, Francisco Ares [EMAIL PROTECTED] wrote: ... I know that things such as address, trafic, bandwith are easy to be tracked and logged, but what about, say, my gmail messages - is it possible to log them also? Which package should I use or look for? ... The only way I can think for you to keep track of your messages is to sniff unencrypted packages (https wouldn't work), look for specific patterns and use that to estimate usage, of course, I'm considering your statement about bandwidth, traffic, address and the fact that something like that would be a hard, complex and not NEAR fail proof concept, along with the privacy issues, of course. I read OP's question that he isn't interested in the *bandwidth* of the Hotmail messages, per-se - I thought he was just giving bandwidth monitoring as an example of a routine network management task that is easy obvious to undertake in establishing the background to his question. In some companies it is indeed necessary to have a handle on this sort of thing. AIUI to meet certain financial regulations intended to prevent insider-trading (Sarbanes-Oxley?) one must have facilities in place to monitor all communications in out the building. I suppose that at one time recording all telephone calls would have required a prohibitive quantity of cassette tapes, so a supervisor listening in randomly would be acceptable, but leaving webmail accounts ignored is a huge hole. Privacy issues should be covered by a company IT usage policy. I think that stating that all traffic is logged would cover this - see your lawyer as to how you phrase this exactly. Ensure that auditing is undertaken in a documented and regimented manner - it should probably be a separate role from IT admin and or a boss probably shouldn't be looking at his employees emails; you should probably have a person randomly looking at messages for *specific* infractions (and they should probably be trained to ignore anything naughty that isn't specifically within their remit). I have played with wireshark /or etherreal in the past and have been AMAZED at how clearly interactions can be logged when filtering is set correctly. Daniel: might it not be possible to have the firewall drop https connections to hotmail / gmail / yahoo mail domains, thus forcing the users back to unencrypted http? That begs the question: if you can do that, why not just completely block access to webmail sites? Stroller.
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
On Wed, Aug 6, 2008 at 11:30 AM, Stroller [EMAIL PROTECTED] wrote: On 6 Aug 2008, at 14:28, Daniel da Veiga wrote: On Tue, Aug 5, 2008 at 10:45 PM, Francisco Ares [EMAIL PROTECTED] wrote: ... I know that things such as address, trafic, bandwith are easy to be tracked and logged, but what about, say, my gmail messages - is it possible to log them also? Which package should I use or look for? ... The only way I can think for you to keep track of your messages is to sniff unencrypted packages (https wouldn't work), look for specific patterns and use that to estimate usage, of course, I'm considering your statement about bandwidth, traffic, address and the fact that something like that would be a hard, complex and not NEAR fail proof concept, along with the privacy issues, of course. I read OP's question that he isn't interested in the *bandwidth* of the Hotmail messages, per-se - I thought he was just giving bandwidth monitoring as an example of a routine network management task that is easy obvious to undertake in establishing the background to his question. In some companies it is indeed necessary to have a handle on this sort of thing. AIUI to meet certain financial regulations intended to prevent insider-trading (Sarbanes-Oxley?) one must have facilities in place to monitor all communications in out the building. I suppose that at one time recording all telephone calls would have required a prohibitive quantity of cassette tapes, so a supervisor listening in randomly would be acceptable, but leaving webmail accounts ignored is a huge hole. Privacy issues should be covered by a company IT usage policy. I think that stating that all traffic is logged would cover this - see your lawyer as to how you phrase this exactly. Ensure that auditing is undertaken in a documented and regimented manner - it should probably be a separate role from IT admin and or a boss probably shouldn't be looking at his employees emails; you should probably have a person randomly looking at messages for *specific* infractions (and they should probably be trained to ignore anything naughty that isn't specifically within their remit). I have played with wireshark /or etherreal in the past and have been AMAZED at how clearly interactions can be logged when filtering is set correctly. Daniel: might it not be possible to have the firewall drop https connections to hotmail / gmail / yahoo mail domains, thus forcing the users back to unencrypted http? That begs the question: if you can do that, why not just completely block access to webmail sites? Yeah, maybe I misunderstood the OP question. If we are talking about an enterprise network, of course, you can even transparently redirect the request, if a proxy is configured at the gateway. Completely blocking webmail is an option, as you correctly stated, security and network policies apply, and there are laws (at least in my country) that say a employer CAN read its employees mails (of their enterprise account, of course). Anyway, a company CAN keep their network (and/or communications in general) clean, reduce security exploits, and keep track of their employees, if they take the time and pay someone to do it (and of course, provide the hardware). I play with sniffers, but never to the extent of analysing package contents, only to create statistics, and its good to know you can do that with filtering (may talk to the boss about that, too much streaming sites eating our bandwidth). PS: I'm almost completing law school. Too bad my english is not THAT good to translate that... lol -- Daniel da Veiga
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
Doesn't Gmail support SSL? My email provider provides support for SSL connections (via HTTP, LDAP, POP). If that's the case then it would be extremely difficult (you will need to fake the server's host keys). Furthermore, the ethics of such a practice is questionable. For which case I would side on blocking outside emails altogether rather than get into a situation where you have to justify sniffing someone's personal bank transactions, e.g. -a
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
Albert Hopkins wrote: Doesn't Gmail support SSL? My email provider provides support for SSL connections (via HTTP, LDAP, POP). If that's the case then it would be extremely difficult (you will need to fake the server's host keys). Furthermore, the ethics of such a practice is questionable. For which case I would side on blocking outside emails altogether rather than get into a situation where you have to justify sniffing someone's personal bank transactions, e.g. -a gmail is only ssl on sign in if you go through webmail. After that it's all in the clear. POP and IMAP are running securely however (which is why I check my stuff via imap) -- Eric Martin Key fingerprint = D1C4 086E DBB5 C18E 6FDA B215 6A25 7174 A941 3B9F signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
On Wed, Aug 6, 2008 at 8:59 AM, Eric Martin [EMAIL PROTECTED] wrote: Albert Hopkins wrote: Doesn't Gmail support SSL? My email provider provides support for SSL connections (via HTTP, LDAP, POP). If that's the case then it would be extremely difficult (you will need to fake the server's host keys). Furthermore, the ethics of such a practice is questionable. For which case I would side on blocking outside emails altogether rather than get into a situation where you have to justify sniffing someone's personal bank transactions, e.g. -a gmail is only ssl on sign in if you go through webmail. After that it's all in the clear. POP and IMAP are running securely however (which is why I check my stuff via imap) If you simply change the URL to https on gmail, you are using SSL. The default is not to use it, so, you gotta type it yourself. https://mail.google.com/mail -- Daniel da Veiga
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
Daniel da Veiga wrote: On Wed, Aug 6, 2008 at 8:59 AM, Eric Martin [EMAIL PROTECTED] wrote: Albert Hopkins wrote: Doesn't Gmail support SSL? My email provider provides support for SSL connections (via HTTP, LDAP, POP). If that's the case then it would be extremely difficult (you will need to fake the server's host keys). Furthermore, the ethics of such a practice is questionable. For which case I would side on blocking outside emails altogether rather than get into a situation where you have to justify sniffing someone's personal bank transactions, e.g. -a gmail is only ssl on sign in if you go through webmail. After that it's all in the clear. POP and IMAP are running securely however (which is why I check my stuff via imap) If you simply change the URL to https on gmail, you are using SSL. The default is not to use it, so, you gotta type it yourself. https://mail.google.com/mail Has it always been that way? I could have sworn that only the login was SSL and everything else was in the clear (granted, I don't think I ever tried to change it to https). Live Learn
Re: [gentoo-user] world's leaves
On Tuesday 05 August 2008, Dale wrote: Andrew Gaydenko wrote: Thanks! Be sure, I'll want to (manually) unmerge those packages I remember and understand what do they do :-) Andrew I usually do this, equery depends package name. If it shows something depends on it, don't remove it. Some things you do not want to remove without making sure it is safe, python, emerge itself, gcc, glibc, baselayout and anything with 'make' or 'conf' in the name. Example, automake would be one to keep. Why don't you just let portage do what it's best at and figure all that crap out by itself? It's much MUCH better at it than you. equery depends is broken. It doesn't actually consider USE flags and reports on stuff that is in DEPEND in the ebuild, even if it's conditional. Just examine the output of --depclean, see it there's any packages that you feel you want to keep, add them to world with 'emerge -n' and let --depclean do it's job. It will also never remove anything in system, which includes your entire build chain, portage and python. -- Alan McKinnon alan dot mckinnon at gmail dot com
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
On Wed, Aug 6, 2008 at 3:18 PM, Eric Martin [EMAIL PROTECTED] wrote: Daniel da Veiga wrote: On Wed, Aug 6, 2008 at 8:59 AM, Eric Martin [EMAIL PROTECTED] wrote: Albert Hopkins wrote: Doesn't Gmail support SSL? My email provider provides support for SSL connections (via HTTP, LDAP, POP). If that's the case then it would be extremely difficult (you will need to fake the server's host keys). Furthermore, the ethics of such a practice is questionable. For which case I would side on blocking outside emails altogether rather than get into a situation where you have to justify sniffing someone's personal bank transactions, e.g. -a gmail is only ssl on sign in if you go through webmail. After that it's all in the clear. POP and IMAP are running securely however (which is why I check my stuff via imap) If you simply change the URL to https on gmail, you are using SSL. The default is not to use it, so, you gotta type it yourself. https://mail.google.com/mail Has it always been that way? I could have sworn that only the login was SSL and everything else was in the clear (granted, I don't think I ever tried to change it to https). Live Learn I don't know if it was always that way, what I know is that maybe 2 years ago some machines with IE6 couldn't reach gmail, and a quick search showed that switching to HTTPS would solve it. As I knew that was also giving me encryption, I began to type the complete address with s wherever I use my account. -- Daniel da Veiga
[gentoo-user] can't boot w/o noapic
Hi group, Couple days ago my PC suddenly froze and I had to reset. So I checked this and that and found out eventually that only by booting with the noapic option could the system be accessed. Even the BootCD requires it. This is an Asrock mobo, about 3 mos old, with nForce3 chip-set. I'm using the 2.6.24 kernel with all apic options set 'y'. questions: This happen to anybody else. Is there a fix? Does it matter? In the little time I've spent don't notice much different. What would cause a PC to suddenly require the noapic option when it didn't need it before? Maxim
Re: [gentoo-user] can't boot w/o noapic
On Donnerstag, 7. August 2008, maxim wexler wrote: Hi group, Couple days ago my PC suddenly froze and I had to reset. So I checked this and that and found out eventually that only by booting with the noapic option could the system be accessed. Even the BootCD requires it. This is an Asrock mobo, about 3 mos old, with nForce3 chip-set. I'm using the 2.6.24 kernel with all apic options set 'y'. questions: This happen to anybody else. Is there a fix? Does it matter? In the little time I've spent don't notice much different. What would cause a PC to suddenly require the noapic option when it didn't need it before? because it is dying and some signals that were barely in spec are now out of spec? I would update to latetest VANILLA sources, flash latest bios and if the problem is still there - go to lkml. It is either a kernel thingy or hardware.
Re: [gentoo-user] way off-topic - is it possible to log webmail messages content in an enterprise network
Thanks a lot, guys, I will be looking for all those programs and will also look for a lawyer ;-) Francisco -- If you have an apple and I have an apple and we exchange apples then you and I will still each have one apple. But if you have an idea and I have one idea and we exchange these ideas, then each of us will have two ideas. - George Bernard Shaw
[gentoo-user] kerberos gurus?
Hello everyone! I'm doing my first steps into Kerberos V and I got it working but not the way I dreamed. My network: zeddmore (kdc) venkman (client) melnitz (client) I can login into venkman (or melnitz) and I get a ticket. If I ssh to zeddmore, it does so without a password and klist (on zeddmore) shows the ticket, so venkman delegated (?) the ticket to zeddmore. Now. If I log into venkman, ssh to melnitz does not delegate the ticket. klist says there are no tickets. Login on into zeddmore, ssh to venkman (or melnitz) doesn't show tickets neither _unless_ I copy /etc/krb5.keytab from zeddmore to venkman (and/or melnitz) After copying the mentioned file, I get delegation in every box and it works. Is that the way it should be or am I missing something? Thanks in advance, Norberto This message was sent using IMP, the Internet Messaging Program.
[gentoo-user] X doesn't work with Intel 915GM
Hi, I'm using a Intel 915 on board VGA card. After I install the Xorg, and run: # Xorg -configure # X -config xorg.conf.new The X startup failed but there is now error reported... I cannot find what's wrong with my config, so what should I do in this situation. my xorg.conf file: # cat ~/xorg.conf.new Section ServerLayout Identifier X.org Configured Screen 0 Screen0 0 0 InputDeviceMouse0 CorePointer InputDeviceKeyboard0 CoreKeyboard EndSection Section Files RgbPath /usr/share/X11/rgb ModulePath /usr/lib/xorg/modules FontPath /usr/share/fonts/misc/ FontPath /usr/share/fonts/TTF/ FontPath /usr/share/fonts/OTF FontPath /usr/share/fonts/Type1/ FontPath /usr/share/fonts/100dpi/ FontPath /usr/share/fonts/75dpi/ EndSection Section Module # Load extmod # Load record # Load dbe # Load GLcore Load xtrap Load dri Load glx Load freetype # Load type1 EndSection Section InputDevice Identifier Keyboard0 Driver kbd EndSection Section InputDevice Identifier Mouse0 Driver mouse Option Protocol auto Option Device /dev/input/mice Option ZAxisMapping 4 5 6 7 EndSection Section Monitor Identifier Monitor0 VendorName Monitor Vendor ModelNameMonitor Model EndSection Section Device ### Available Driver options are:- ### Values: i: integer, f: float, bool: True/False, ### string: String, freq: f Hz/kHz/MHz ### [arg]: arg optional #Option NoAccel # [bool] #Option SWcursor # [bool] #Option ColorKey # i #Option CacheLines# i #Option Dac6Bit # [bool] #Option DRI # [bool] #Option NoDDC # [bool] #Option ShowCache # [bool] #Option XvMCSurfaces # i #Option PageFlip # [bool] Identifier Card0 Driver intel VendorName Intel Corporation BoardName Mobile 915GM/GMS/910GML Express Graphics Controller BusID PCI:0:2:0 EndSection Section Screen Identifier Screen0 Device Card0 MonitorMonitor0 SubSection Display Viewport 0 0 Depth 1 EndSubSection SubSection Display Viewport 0 0 Depth 4 EndSubSection SubSection Display Viewport 0 0 Depth 8 EndSubSection SubSection Display Viewport 0 0 Depth 15 EndSubSection SubSection Display Viewport 0 0 Depth 16 EndSubSection SubSection Display Viewport 0 0 Depth 24 EndSubSection EndSection The /var/log/Xorg.0.log (since it has no error, put it all here...a little log) #cat /var/log/Xorg.0.log X Window System Version 1.3.0 Release Date: 19 April 2007 X Protocol Version 11, Revision 0, Release 1.3 Build Operating System: UNKNOWN Current Operating System: Linux iei-unkown 2.6.25-gentoo-r7 #1 SMP Wed Aug 6 19:10:30 CST 2008 i686 Build Date: 05 August 2008 Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Module Loader present Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: /var/log/Xorg.0.log, Time: Thu Aug 7 12:55:42 2008 (++) Using config file: xorg.conf.new (==) ServerLayout X.org Configured (**) |--Screen Screen0 (0) (**) | |--Monitor Monitor0 (**) | |--Device Card0 (**) |--Input Device Mouse0 (**) |--Input Device Keyboard0 (WW) The directory /usr/share/fonts/TTF/ does not exist. Entry deleted from font path. (WW) The directory /usr/share/fonts/OTF does not exist. Entry deleted from font path. (**) FontPath set to: /usr/share/fonts/misc/, /usr/share/fonts/Type1/, /usr/share/fonts/100dpi/, /usr/share/fonts/75dpi/ (**) RgbPath set to /usr/share/X11/rgb (**) ModulePath set to /usr/lib/xorg/modules (WW) Open ACPI failed (/var/run/acpid.socket) (No such file or directory) (II) No APM support in BIOS or kernel (II) Loader magic: 0x81e35c0 (II) Module ABI versions: X.Org ANSI C Emulation: 0.3 X.Org Video Driver: 1.2 X.Org XInput driver : 0.7 X.Org Server Extension : 0.3 X.Org Font Renderer : 0.5 (II) Loader running on linux (II) LoadModule: