Re: Finding porn links in hacked web pages
1. When your Web site contains a blog (which may not be a problem for Geoff's friend's Web site), the local copy upload method is not feasible, unless designed to skip the blog part. 2. The local copy upload method does not alert you when vandalism has actually occurred. On Mon, 2008-01-28 at 09:48 +0200, Shahar Dag wrote: Hi I would prefer to maintain a local copy of the web + once a day (using cron) to upload it to the web server (or even better, maintain a SVN server that hold the local copy of the web) Shahar - Original Message - From: Omer Zak [EMAIL PROTECTED] To: linux-il linux-il@cs.huji.ac.il Sent: Monday, January 28, 2008 9:15 AM Subject: Re: Finding porn links in hacked web pages The method which I use is to: 1. Perform periodic backup of the entire Web site, including SQL dumps of any databases driving it. 2. Download the backup files to PC. 3. Open them (into a subdirectory and import into a new DB instance, respectively). 4. Run 'diff' between the opened files and the previous backup. For regular files, use 'diff'. For DB comparison of two MySQL DBs, I use a Python script, which I wrote. --- Omer On Mon, 2008-01-28 at 09:03 +0200, Geoffrey S. Mendelson wrote: Yesterday my wife went to a perfectly normal web page and after a few seconds a porn page replaced it. I looked at the HTML page source and found that at the bottom of the page were hundreds of links, which did not belong there. I called the publisher of the page, and he determined that his server had been hacked and the links added. He is not technicaly inclined at all, and does not have the ability to check his pages without going to each one in a browser and looking at the page source. He has thousands of pages and runs the site as a Jewish news site, with no income. I was thinking that I could write a program that scans each of his web pages using wget or lynx to download them, but don't want to start writing code if it has been already done. Any suggestions? -- MS-Windows is the Pal-Kal of the PC world. My own blog is at http://www.zak.co.il/tddpirate/ My opinions, as expressed in this E-mail message, are mine alone. They do not represent the official policy of any organization with which I may be affiliated in any way. WARNING TO SPAMMERS: at http://www.zak.co.il/spamwarning.html = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Finding porn links in hacked web pages
Hi Geoffrey,
I think the problem here is a business and ethical issue and not a
technical issue. The technical reality is as Omer states. That is, it
takes time and technical ability (in other words, money) to keep web sites
safe. Your friend needs to understand this and either find the money
required to maintain his site properly or to shut it down. He might
also consider merging his service into a site that has the resources to
look out after itself and its users.
Regards,
- yba
On Mon, 28 Jan 2008, Omer Zak wrote:
Date: Mon, 28 Jan 2008 09:15:57 +0200
From: Omer Zak [EMAIL PROTECTED]
To: linux-il linux-il@cs.huji.ac.il
Subject: Re: Finding porn links in hacked web pages
The method which I use is to:
1. Perform periodic backup of the entire Web site, including SQL dumps
of any databases driving it.
2. Download the backup files to PC.
3. Open them (into a subdirectory and import into a new DB instance,
respectively).
4. Run 'diff' between the opened files and the previous backup.
For regular files, use 'diff'. For DB comparison of two MySQL DBs, I
use a Python script, which I wrote.
--- Omer
On Mon, 2008-01-28 at 09:03 +0200, Geoffrey S. Mendelson wrote:
Yesterday my wife went to a perfectly normal web page and after
a few seconds a porn page replaced it.
I looked at the HTML page source and found that at the bottom of the
page were hundreds of links, which did not belong there. I called
the publisher of the page, and he determined that his server had been
hacked and the links added.
He is not technicaly inclined at all, and does not have the ability
to check his pages without going to each one in a browser and looking
at the page source. He has thousands of pages and runs the site as
a Jewish news site, with no income.
I was thinking that I could write a program that scans each of his
web pages using wget or lynx to download them, but don't want to
start writing code if it has been already done.
Any suggestions?
--
EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems
=}ooO--U--Ooo{=
- [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il -
=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word unsubscribe in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
Re: Finding porn links in hacked web pages
On Mon, Jan 28, 2008, Geoffrey S. Mendelson wrote about Finding porn links in hacked web pages: He is not technicaly inclined at all, and does not have the ability to check his pages without going to each one in a browser and looking at the page source. He has thousands of pages and runs the site as a Jewish news site, with no income. I was thinking that I could write a program that scans each of his web pages using wget or lynx to download them, but don't want to start writing code if it has been already done. If this guy is the only one changing his content, what I would do is run a trivial script on a remote machine: every day (or whatever) fetch the entire content of the site (with wget) compare (with cmp) the new content to the previous content, and finally email or SMS this guy the number of modified files. If he knows that he modified one page, and got a mail saying one page changed, he's safe. If he changed nothing and got a message that 100 pages changed, he knows he has a big problem. I don't think that scanning for porn links will work; How will you know that these are porn links? And what will happen the next time his site is cracked, and the cracker won't add porn links, but do something else? During the doc.com boom, I remember an Israeli startup whose business was exactly this - noticing that a site has been defaced using remote servers which constantly try to download pages from the site and notice if something has changed. Unfortunately, I can't recall now the company's name. -- Nadav Har'El| Monday, Jan 28 2008, 21 Shevat 5768 [EMAIL PROTECTED] |- Phone +972-523-790466, ICQ 13349191 |A messy desk is a sign of a messy mind. http://nadav.harel.org.il |An empty desk is a sign of an empty mind. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Paper journals
Leonid Podolny wrote: Hi, My employer considers purchasing a subscription to some linux journals. I mean, paper (aka hardcopy) ones. The intended public is developers, not sales/management, so it must be sufficiently technical. Can someone recommend something specific? Knowing what you guys there are doing with Linux, don't waste your time and money with Linux paper magazines. Get your employer to buy a group corporate account to Linux Weekly News instead. For my money, it's the best technical up to date technical Linux resource on the planet and it's dirt cheap: http://lwn.net/op/CorporateSubscriptions.lwn (No, I'm not affiliated with them in any way, just a happy subscriber) Gilad = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Paper journals
If you looking something nice Linux related for lobby, I could gift you: a poster of Linux kernel: http://www.linuxdriver.co.il/kernel_map_poster On Jan 28, 2008 12:31 PM, Leonid Podolny [EMAIL PROTECTED] wrote: Gilad Ben-Yossef wrote: Leonid Podolny wrote: Hi, My employer considers purchasing a subscription to some linux journals. I mean, paper (aka hardcopy) ones. The intended public is developers, not sales/management, so it must be sufficiently technical. Can someone recommend something specific? Knowing what you guys there are doing with Linux, don't waste your time and money with Linux paper magazines. Get your employer to buy a group corporate account to Linux Weekly News instead. For my money, it's the best technical up to date technical Linux resource on the planet and it's dirt cheap: http://lwn.net/op/CorporateSubscriptions.lwn (No, I'm not affiliated with them in any way, just a happy subscriber) Absolutely. Some 4-5 years ago, when I had a pleasure of working with Tzafrir, he told me about LWN and I am a happy subscriber ever since. And it is dirt cheap for the quality of a content it provides. However, as I understand, the purpose of the whole issue is for those journals to lie around in the lobby/kitchen with people sometimes pick them up and learn a thing or two about linux. -- Leonid Podolny | [EMAIL PROTECTED] | Software Engineer| +972- 3-7668960 Linux Platform Team | +972-54-5696948 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] -- Constantine Shulyupin Freelance Embedded Linux Engineer 054-4234440 http://www.linuxdriver.co.il/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Paper journals
On Mon, Jan 28, 2008 at 12:31:34PM +0200, Leonid Podolny wrote: Absolutely. Some 4-5 years ago, when I had a pleasure of working with Tzafrir, he told me about LWN and I am a happy subscriber ever since. And it is dirt cheap for the quality of a content it provides. However, as I understand, the purpose of the whole issue is for those journals to lie around in the lobby/kitchen with people sometimes pick them up and learn a thing or two about linux. Start using disposable coffee cups with the Sayings of Chairman Linus on them? :-) Geoff. -- Geoffrey S. Mendelson, Jerusalem, Israel [EMAIL PROTECTED] N3OWJ/4X1GM IL Voice: (07)-7424-1667 U.S. Voice: 1-215-821-1838 Visit my 'blog at http://geoffstechno.livejournal.com/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Finding porn links in hacked web pages
Hi Geoff, Any of these comparison suggestions are fine, but they miss the point. If the site is hacked, the hacker can come back every day, or hour and reinstall his links. You can be sure he already has an automated process. You need to find the source of the break in and then plug it. After that a comparison script will be useful to alert you to new problems. -tom On Jan 28, 2008 10:32 AM, Nadav Har'El [EMAIL PROTECTED] wrote: On Mon, Jan 28, 2008, Geoffrey S. Mendelson wrote about Finding porn links in hacked web pages: He is not technicaly inclined at all, and does not have the ability to check his pages without going to each one in a browser and looking at the page source. He has thousands of pages and runs the site as a Jewish news site, with no income. I was thinking that I could write a program that scans each of his web pages using wget or lynx to download them, but don't want to start writing code if it has been already done. If this guy is the only one changing his content, what I would do is run a trivial script on a remote machine: every day (or whatever) fetch the entire content of the site (with wget) compare (with cmp) the new content to the previous content, and finally email or SMS this guy the number of modified files. If he knows that he modified one page, and got a mail saying one page changed, he's safe. If he changed nothing and got a message that 100 pages changed, he knows he has a big problem. I don't think that scanning for porn links will work; How will you know that these are porn links? And what will happen the next time his site is cracked, and the cracker won't add porn links, but do something else? During the doc.com boom, I remember an Israeli startup whose business was exactly this - noticing that a site has been defaced using remote servers which constantly try to download pages from the site and notice if something has changed. Unfortunately, I can't recall now the company's name. -- Nadav Har'El| Monday, Jan 28 2008, 21 Shevat 5768 [EMAIL PROTECTED] |- Phone +972-523-790466, ICQ 13349191 |A messy desk is a sign of a messy mind. http://nadav.harel.org.il |An empty desk is a sign of an empty mind. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] -- -tom 054-244-8025
Re: Paper journals
Gilad Ben-Yossef wrote: Leonid Podolny wrote: Hi, My employer considers purchasing a subscription to some linux journals. I mean, paper (aka hardcopy) ones. The intended public is developers, not sales/management, so it must be sufficiently technical. Can someone recommend something specific? Knowing what you guys there are doing with Linux, don't waste your time and money with Linux paper magazines. Get your employer to buy a group corporate account to Linux Weekly News instead. For my money, it's the best technical up to date technical Linux resource on the planet and it's dirt cheap: http://lwn.net/op/CorporateSubscriptions.lwn (No, I'm not affiliated with them in any way, just a happy subscriber) Absolutely. Some 4-5 years ago, when I had a pleasure of working with Tzafrir, he told me about LWN and I am a happy subscriber ever since. And it is dirt cheap for the quality of a content it provides. However, as I understand, the purpose of the whole issue is for those journals to lie around in the lobby/kitchen with people sometimes pick them up and learn a thing or two about linux. -- Leonid Podolny | [EMAIL PROTECTED] | Software Engineer| +972- 3-7668960 Linux Platform Team | +972-54-5696948 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Yum cache for a cluster of clients
Hi Guys, I assume there is a simple answer to this. How do I get all of my linux workstation (all running the same version of CentOS 4) to use the same yum cache? Thanks, -tom 054-244-8025
rpc.statd suddenly listen to rsync port
Hi, Few days a go my rsync server stop respond. When I tried to figure out way, I discover that rpc.statd is listen to port 873. Killing the rpc.statd process bypass the problem. I'm using an updage CentOS 4.* rsync start via xinetd. Do you have any idea how it happen? Thans, Addady = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Yum cache for a cluster of clients
Hi Tom, My suggestion would be something like this: 1. On one of your machines, set-up a YUM server with all the packages. See here how to do this: http://sial.org/howto/yum/ 2. Point your workstations (instructions on the same page URL) to that server 3. Make sure that server download the packages either via cron or other methods. Good luck, Hetz On Mon, Jan 28, 2008 at 1:00 PM, Tom Rosenfeld [EMAIL PROTECTED] wrote: Hi Guys, I assume there is a simple answer to this. How do I get all of my linux workstation (all running the same version of CentOS 4) to use the same yum cache? Thanks, -tom 054-244-8025 -- Skepticism is the lazy person's default position. my blog (hebrew): http://benhamo.org = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
[Telux] Next Presentation: Linux Scripting - Bash vs. Perl - 3-February-2008
Hi all! The Tel Aviv Linux club will gather again on Sunday, 3-February-2008 to hear Sagiv Barhoom's presentation about Linux Scripting - Bash vs. Perl - head to head. This presentation is given by popular demand due to input from the Welcome-to-Linux series. We will meet at 18:30 at Schreiber 008 (Computer Science building) in Tel Aviv University. More information can be found here: http://www.cs.tau.ac.il/telux/ We are looking for more presentations so if you would like to give a presentation, please let us know at [EMAIL PROTECTED] . Upcoming presentations are: * 17-February - XBMC - The Xbox Media Center. Regards, Shlomi Fish - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ I'm not an actor - I just play one on T.V. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: rpc.statd suddenly listen to rsync port
Rami Addady wrote: Few days a go my rsync server stop respond. When I tried to figure out way, I discover that rpc.statd is listen to port 873. Killing the rpc.statd process bypass the problem. I'm using an updage CentOS 4.* rsync start via xinetd. Do you have any idea how it happen? Your machine have been hacked and the attacker left a root kit which used a daemon that impersonates rpc.statd but uses a different port, which happens to be the rsync one? Just a (paranoid) guess of course. Gilad = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Finding porn links in hacked web pages
On Mon, Jan 28, 2008, Tom Rosenfeld wrote about Re: Finding porn links in hacked web pages: Hi Geoff, Any of these comparison suggestions are fine, but they miss the point. If the site is hacked, the hacker can come back every day, or hour and reinstall his links. You can be sure he already has an automated process. You need to find the source of the break in and then plug it. After that a comparison script will be useful to alert you to new problems. You're right that Know that your site has been defaced is not a complete defense: It doesn't prevent your site from getting cracked in the first place, it doesn't prevent stealing your secret data. It also doesn't prevent the cracker from cracking your site again after you've (thought that you) fixed it. But what it does is give you some level of protection against fadichot (the English word embarrassments isn't strong enough for that :-)) - it protects your site from sending to thousands of its users embarrassing texts like porn links or statement like THIS SITE HAS BEEN HACKED, or worse - giving people who download software from you, trojaned software. It gives you the opportunity to recognize this situation as soon as possible, and at least yank off the site to prevent further embarrassments. Of course, the trivial technique I suggested will only work for rarely edited static sites. In sites which are supposed to be heavily edited by many people, and dynamic sites, it is much harder for any automatic software to figure out which changes were legitimate and which were done by crackers. -- Nadav Har'El| Monday, Jan 28 2008, 21 Shevat 5768 [EMAIL PROTECTED] |- Phone +972-523-790466, ICQ 13349191 |How long a minute depends on what side of http://nadav.harel.org.il |the bathroom door you're on. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Asterisk question
Hi all, A while back I asked three Asterisk questions. Two of those were successfully answered by the list members, but one remains: I have four internal extensions connected to a TDM400 card using four FXS modules (channels 1-4). I also have two Bezeq lines connected to a second TDM400 card using two FXO modules (channels 7 and 8). I defined the FXO channels to belong to group 2, and defined in my extensions.conf file that outgoing calls should be directed to Zap/g2. When I dial out from my extension, everything is ok - I get an external line. When I dial from a different extension, my extension rings. If I dial out from two (neither mine) extension, the first rings my extension, but the seconds gets an outside line as it should. These symptoms would have been completely explained if Asterisk has appropriated my extension (Zap/1) to group 2, with (seemingly) no justification. Thinking I inadvertently associated Zap/1 to group 2 by mistake, I tried associating Zap/7 and Zap/8 to group 3 instead of two, with the appropriate change in extensions.conf. The problem persists. This is the relevant part of my zapata.conf file: context=internal signalling=fxo_ks group=1 callerid=Shachar Shemesh 201 channel = 1 callerid=someone 202 channel = 2 callerid=someone 203 channel = 3 callerid=someone 204 channel = 4 context=incoming signalling=fxs_ks group=3 callerid=asreceived channel = 7 callerid=asreceived channel = 8 Any help would be greatly appreciated. Thanks, Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Yum cache for a cluster of clients
Hi Ehud, This sounds great and simple! Can I use this to combine the existing cache from several machines, or will it only work if I do it from scratch? Thanks, -tom On Jan 28, 2008 5:43 PM, Ehud Karni [EMAIL PROTECTED] wrote: On Mon, 28 Jan 2008 13:00:06 Tom Rosenfeld wrote: Hi Guys, I assume there is a simple answer to this. How do I get all of my linux workstation (all running the same version of CentOS 4) to use the same yum cache? Hetz gave you the better, school solution. I have a simpler solution that does not require you to build a yum server. What I do: 1. In /etc/yum.conf change the keepcache option to: keepcache=1 2. Make the cache common to all machine (on an NFS disk) You can do it by changing the cachedir line in /etc/yum.conf to point to the NFS directory, or you can symlink /var/cache/yum to the NFS directory (I prefer this way, as this is the standard place for the cached files). Now, you can run the update on each machine whenever it is convenient the headers and RPMs will be loaded only once. One drawback (?) is the filling of the cache with old packages, You'll have to clear it yourself. Ehud. -- Ehud Karni Tel: +972-3-7966-561 /\ Mivtach - Simon Fax: +972-3-7966-667 \ / ASCII Ribbon Campaign Insurance agencies (USA) voice mail and X Against HTML Mail http://www.mvs.co.il FAX: 1-815-5509341 / \ GnuPG: 98EA398D http://www.keyserver.net/Better Safe Than Sorry -- -tom 054-244-8025
Re: upgrade to Centos 5 question
On Mon, 2008-01-28 at 16:38 +0200, Hetz Ben Hamo wrote: Hi, It's always fun to play with a distribution that on one side has the latest tech, but on the other side, ditches you on the side after few months (and only giving you choice to upgrade, or be left without updates) I'm using Fedora Core 6 on my main web server, and today I found out that the security updates are no longer available for Fedora Core 6. Worse: ATRPMS, FreshRPMS are no longer maintained for FC6 which means that if I want the latest security stuff, I need to roll my own RPMS or fix things manually.. So I decided I want to upgrade from FC6 to Centos 5. I was wondering if anyone did it and if so, what method? what are the gotchas that I need to be careful of, or is it simply better to keep my data out, format the machine and install centos 5 from scratch? (Centos 5 does not recognize Fedora stuff, so the upgrade option is not given). Thanks, Hetz AFAIK You cannot cross-upgrade between Fedora and RHEL/CentOS. You'll have to do a fresh installation. (Which IMHO, is the best option to begin with) - Gilboa = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
upgrade to Centos 5 question
Hi, It's always fun to play with a distribution that on one side has the latest tech, but on the other side, ditches you on the side after few months (and only giving you choice to upgrade, or be left without updates) I'm using Fedora Core 6 on my main web server, and today I found out that the security updates are no longer available for Fedora Core 6. Worse: ATRPMS, FreshRPMS are no longer maintained for FC6 which means that if I want the latest security stuff, I need to roll my own RPMS or fix things manually.. So I decided I want to upgrade from FC6 to Centos 5. I was wondering if anyone did it and if so, what method? what are the gotchas that I need to be careful of, or is it simply better to keep my data out, format the machine and install centos 5 from scratch? (Centos 5 does not recognize Fedora stuff, so the upgrade option is not given). Thanks, Hetz -- Skepticism is the lazy person's default position. my blog (hebrew): http://benhamo.org = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Yum cache for a cluster of clients
I am using Centos 4 and keepcache does not seem to exist yet. It looks like it always keeps the cache. On Jan 28, 2008 7:36 PM, Ehud Karni [EMAIL PROTECTED] wrote: On Mon, 28 Jan 2008 19:12:34 Tom Rosenfeld wrote: Hi Ehud, This sounds great and simple! Can I use this to combine the existing cache from several machines, or will it only work if I do it from scratch? Yes, you can. Just copy all the sub directories from /var/cache/yum to a common directory (this will merge all your kept headers and RPMs). After that symlink this directory to /var/cache/yum on each computer. I doubt that you have much headers and RPMs saved (unless you changed your keepcache to 1 long ago). Ehud -- Ehud Karni Tel: +972-3-7966-561 /\ Mivtach - Simon Fax: +972-3-7966-667 \ / ASCII Ribbon Campaign Insurance agencies (USA) voice mail and X Against HTML Mail http://www.mvs.co.il FAX: 1-815-5509341 / \ GnuPG: 98EA398D http://www.keyserver.net/Better Safe Than Sorry -- -tom 054-244-8025
Re: upgrade to Centos 5 question
On 28/01/2008, Hetz Ben Hamo [EMAIL PROTECTED] wrote: Hi, It's always fun to play with a distribution that on one side has the latest tech, but on the other side, ditches you on the side after few months (and only giving you choice to upgrade, or be left without updates) I'm using Fedora Core 6 on my main web server, and today I found out that the security updates are no longer available for Fedora Core 6. Worse: ATRPMS, FreshRPMS are no longer maintained for FC6 which means that if I want the latest security stuff, I need to roll my own RPMS or fix things manually.. So I decided I want to upgrade from FC6 to Centos 5. I was wondering if anyone did it and if so, what method? what are the gotchas that I need to be careful of, or is it simply better to keep my data out, format the machine and install centos 5 from scratch? (Centos 5 does not recognize Fedora stuff, so the upgrade option is not given). Thanks, Hetz CentOS is based on RHEL, not Fedora. SO you cannot upgrade from one to the other. Dotan Cohen http://what-is-what.com http://gibberish.co.il א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
Re: Yum cache for a cluster of clients
On Mon, 28 Jan 2008 13:00:06 Tom Rosenfeld wrote: Hi Guys, I assume there is a simple answer to this. How do I get all of my linux workstation (all running the same version of CentOS 4) to use the same yum cache? Hetz gave you the better, school solution. I have a simpler solution that does not require you to build a yum server. What I do: 1. In /etc/yum.conf change the keepcache option to: keepcache=1 2. Make the cache common to all machine (on an NFS disk) You can do it by changing the cachedir line in /etc/yum.conf to point to the NFS directory, or you can symlink /var/cache/yum to the NFS directory (I prefer this way, as this is the standard place for the cached files). Now, you can run the update on each machine whenever it is convenient the headers and RPMs will be loaded only once. One drawback (?) is the filling of the cache with old packages, You'll have to clear it yourself. Ehud. -- Ehud Karni Tel: +972-3-7966-561 /\ Mivtach - Simon Fax: +972-3-7966-667 \ / ASCII Ribbon Campaign Insurance agencies (USA) voice mail and X Against HTML Mail http://www.mvs.co.il FAX: 1-815-5509341 / \ GnuPG: 98EA398D http://www.keyserver.net/Better Safe Than Sorry = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Asterisk question
Damn :) Well dunno, asterisk version btw... ? On Monday 28 January 2008 18:36:21 Shachar Shemesh wrote: Noam Rathaus wrote: Hi, I once had a similar issue, the TDM card was badly shipped, the modules weren't the right one I thought they were.. i.e. FXS instead of FXO or the other way around, resulting in a card having FXS with another 3 FXO (or the other way) which caused Asterisk to confuse, and nothing to work properly. I discovered this by placing NOTHING as a group, as anything can be done without the need to group them, and the problem appeared to have been resolved - which led me to the conclusion I was grouping things incorrectly - openned the box and noticed the mistake by the card supplier. Not sure if this is the same case as in your configuration. Been there, done that, complained to the supplier and got the new modules already :-) This is what dmesg has to say about my system: ACPI: PCI Interrupt :00:08.0[A] - GSI 16 (level, low) - IRQ 201 Freshmaker version: 73 Freshmaker passed register test Module 0: Installed -- AUTO FXS/DPO Module 1: Installed -- AUTO FXS/DPO Module 2: Installed -- AUTO FXS/DPO Module 3: Installed -- AUTO FXS/DPO Found a Wildcard TDM: Wildcard TDM400P REV I (4 modules) ACPI: PCI Interrupt :00:09.0[A] - GSI 17 (level, low) - IRQ 209 Freshmaker version: 73 Freshmaker passed register test Module 0: Not installed Module 1: Not installed Module 2: Installed -- AUTO FXO (FCC mode) Module 3: Installed -- AUTO FXO (FCC mode) Found a Wildcard TDM: Wildcard TDM400P REV I (2 modules) Registered tone zone 0 (United States / North America) Registered tone zone 19 (Israel) So, no, this does not appear to be the problem here. Shachar -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com Know that you are safe. Beyond Security Finalist for the Red Herring 100 Global Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: rpc.statd suddenly listen to rsync port
On Mon, 2008-01-28 at 13:48 +0200, Rami Addady wrote: Hi, Few days a go my rsync server stop respond. When I tried to figure out way, I discover that rpc.statd is listen to port 873. Killing the rpc.statd process bypass the problem. I'm using an updage CentOS 4.* rsync start via xinetd. Do you have any idea how it happen? Thans, Addady Have you configured NFS* to use static ports (by editing /etc/sysconfig/nfs)? - gilboa = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Asterisk question
Noam Rathaus wrote: Hi, I once had a similar issue, the TDM card was badly shipped, the modules weren't the right one I thought they were.. i.e. FXS instead of FXO or the other way around, resulting in a card having FXS with another 3 FXO (or the other way) which caused Asterisk to confuse, and nothing to work properly. I discovered this by placing NOTHING as a group, as anything can be done without the need to group them, and the problem appeared to have been resolved - which led me to the conclusion I was grouping things incorrectly - openned the box and noticed the mistake by the card supplier. Not sure if this is the same case as in your configuration. Been there, done that, complained to the supplier and got the new modules already :-) This is what dmesg has to say about my system: ACPI: PCI Interrupt :00:08.0[A] - GSI 16 (level, low) - IRQ 201 Freshmaker version: 73 Freshmaker passed register test Module 0: Installed -- AUTO FXS/DPO Module 1: Installed -- AUTO FXS/DPO Module 2: Installed -- AUTO FXS/DPO Module 3: Installed -- AUTO FXS/DPO Found a Wildcard TDM: Wildcard TDM400P REV I (4 modules) ACPI: PCI Interrupt :00:09.0[A] - GSI 17 (level, low) - IRQ 209 Freshmaker version: 73 Freshmaker passed register test Module 0: Not installed Module 1: Not installed Module 2: Installed -- AUTO FXO (FCC mode) Module 3: Installed -- AUTO FXO (FCC mode) Found a Wildcard TDM: Wildcard TDM400P REV I (2 modules) Registered tone zone 0 (United States / North America) Registered tone zone 19 (Israel) So, no, this does not appear to be the problem here. Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: upgrade to Centos 5 question
[...] I installed Centos 5 on my home server and I update it frequently. But Centos 5 is not for home use - its distribution does not have media programs (like LVM, I wanted it for media streaming). So for home/media use, may be Fedora (now 8) is better for your needs (few RPMs are available for Centos on ATRPMS, FreshRPMS does not support RHEL/Centos at all). I agree that CentOS is usually not good for home. (I use it as home server, but run debian-unstable VMs inside :) ) Still, many RPMs are available through the amazing DAG repository: http://dag.wieers.com/rpm/packages/ Also there is the new EPEL project, but it's 'limping' a little.. http://fedoraproject.org/wiki/EPEL - Oren = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Arch Linux xorg and old thinkpad A21p laptop
Hi, Thank you for the answers, I didn't have time to check it yet, but I will try VESA. It should be an ATI (I don't remember by hart the exact version). I installed there IceWM (I didn't thought to work with something heavier then that). Ido On Jan 27, 2008 4:51 PM, Hetz Ben Hamo [EMAIL PROTECTED] wrote: Hi, I'm not sure if Arch Linux is the best choice (I had tons of problems with their packaging few months ago). You can try to use vesa driver in the xorg.conf and it should let you have X although non accelerated. It really depends which chipset is inside this machine (in the IBM World, A21p is not enough as there are some models of A21p, you should also check what the computer type is (it's in the bottom of the machine, 3 letters, 4 numbers) or use /sbin/lspci to see what graphics chip you got. After setting it to VESA, you can play with the driver so you can always at least have some stable config. As Gil said, 128MB is too small ram if you plan to run any desktop (GNOME, KDE, Enlightment). You can use the lighter (fvwm, icewm, blackwm, amiwm etc..) window management plus some lite apps. Thanks, Hetz On Sun, Jan 27, 2008 at 3:59 PM, ik [EMAIL PROTECTED] wrote: Hello List, I'm tring to help some one to rescue an old laptop (thinkpad A21p) with 128M ram. So I have installed arch linux inside. Everything went well, until I tried to work with xorg. It seems that X just ignores my settings of resolution and color depth, and even worse, from time to time, it either go all while (the screen) or black and the entire machine get stack (even the sys resque magic does not work). This happens to me only with arch linux's xorg. I have tried it using xubuntu (that had other issues, like malformed drivers of orinoco, but not related to x), and even DSL, and non of them had this type of problem. I created the xorg.conf using X -configure and even when i changed the support for depth to 1 bit and the resolution to 640x480 (very small for a 15 lcd), it just place 800x600 and 24 bit color. It also display half a screen, the content of X, then it have blank until a point it painting the screen again like it is on origin 0,0. Any ideas what I should look for, and what might cause such issues ? Thanks, Ido -- http://ik.homelinux.org/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] -- Skepticism is the lazy person's default position. my blog (hebrew): http://benhamo.org -- http://ik.homelinux.org/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Finding porn links in hacked web pages
Hi I would prefer to maintain a local copy of the web + once a day (using cron) to upload it to the web server (or even better, maintain a SVN server that hold the local copy of the web) Shahar - Original Message - From: Omer Zak [EMAIL PROTECTED] To: linux-il linux-il@cs.huji.ac.il Sent: Monday, January 28, 2008 9:15 AM Subject: Re: Finding porn links in hacked web pages The method which I use is to: 1. Perform periodic backup of the entire Web site, including SQL dumps of any databases driving it. 2. Download the backup files to PC. 3. Open them (into a subdirectory and import into a new DB instance, respectively). 4. Run 'diff' between the opened files and the previous backup. For regular files, use 'diff'. For DB comparison of two MySQL DBs, I use a Python script, which I wrote. --- Omer On Mon, 2008-01-28 at 09:03 +0200, Geoffrey S. Mendelson wrote: Yesterday my wife went to a perfectly normal web page and after a few seconds a porn page replaced it. I looked at the HTML page source and found that at the bottom of the page were hundreds of links, which did not belong there. I called the publisher of the page, and he determined that his server had been hacked and the links added. He is not technicaly inclined at all, and does not have the ability to check his pages without going to each one in a browser and looking at the page source. He has thousands of pages and runs the site as a Jewish news site, with no income. I was thinking that I could write a program that scans each of his web pages using wget or lynx to download them, but don't want to start writing code if it has been already done. Any suggestions? -- MS-Windows is the Pal-Kal of the PC world. My own blog is at http://www.zak.co.il/tddpirate/ My opinions, as expressed in this E-mail message, are mine alone. They do not represent the official policy of any organization with which I may be affiliated in any way. WARNING TO SPAMMERS: at http://www.zak.co.il/spamwarning.html = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: upgrade to Centos 5 question
On Mon, 28 Jan 2008 16:38:21 Hetz Ben Hamo wrote: I'm using Fedora Core 6 on my main web server, and today I found out that the security updates are no longer available for Fedora Core 6. Worse: ATRPMS, FreshRPMS are no longer maintained for FC6 which means that if I want the latest security stuff, I need to roll my own RPMS or fix things manually.. So I decided I want to upgrade from FC6 to Centos 5. I was wondering if anyone did it and if so, what method? what are the gotchas that I need to be careful of, or is it simply better to keep my data out, format the machine and install centos 5 from scratch? (Centos 5 does not recognize Fedora stuff, so the upgrade option is not given). Think twice before you go the Centos way. I use both FC (now Fedora without `Core') and Centos in the office. Both work fine and I don't update the production machines (there is no access from the Internet except for mail and ssh). I installed Centos 5 on my home server and I update it frequently. But Centos 5 is not for home use - its distribution does not have media programs (like LVM, I wanted it for media streaming). So for home/media use, may be Fedora (now 8) is better for your needs (few RPMs are available for Centos on ATRPMS, FreshRPMS does not support RHEL/Centos at all). Ehud. BTW. If you go the Centos way, start with Centos 5.1. -- Ehud Karni Tel: +972-3-7966-561 /\ Mivtach - Simon Fax: +972-3-7966-667 \ / ASCII Ribbon Campaign Insurance agencies (USA) voice mail and X Against HTML Mail http://www.mvs.co.il FAX: 1-815-5509341 / \ GnuPG: 98EA398D http://www.keyserver.net/Better Safe Than Sorry = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Asterisk question
Hi, I once had a similar issue, the TDM card was badly shipped, the modules weren't the right one I thought they were.. i.e. FXS instead of FXO or the other way around, resulting in a card having FXS with another 3 FXO (or the other way) which caused Asterisk to confuse, and nothing to work properly. I discovered this by placing NOTHING as a group, as anything can be done without the need to group them, and the problem appeared to have been resolved - which led me to the conclusion I was grouping things incorrectly - openned the box and noticed the mistake by the card supplier. Not sure if this is the same case as in your configuration. On Monday 28 January 2008 17:19:38 Shachar Shemesh wrote: Hi all, A while back I asked three Asterisk questions. Two of those were successfully answered by the list members, but one remains: I have four internal extensions connected to a TDM400 card using four FXS modules (channels 1-4). I also have two Bezeq lines connected to a second TDM400 card using two FXO modules (channels 7 and 8). I defined the FXO channels to belong to group 2, and defined in my extensions.conf file that outgoing calls should be directed to Zap/g2. When I dial out from my extension, everything is ok - I get an external line. When I dial from a different extension, my extension rings. If I dial out from two (neither mine) extension, the first rings my extension, but the seconds gets an outside line as it should. These symptoms would have been completely explained if Asterisk has appropriated my extension (Zap/1) to group 2, with (seemingly) no justification. Thinking I inadvertently associated Zap/1 to group 2 by mistake, I tried associating Zap/7 and Zap/8 to group 3 instead of two, with the appropriate change in extensions.conf. The problem persists. This is the relevant part of my zapata.conf file: context=internal signalling=fxo_ks group=1 callerid=Shachar Shemesh 201 channel = 1 callerid=someone 202 channel = 2 callerid=someone 203 channel = 3 callerid=someone 204 channel = 4 context=incoming signalling=fxs_ks group=3 callerid=asreceived channel = 7 callerid=asreceived channel = 8 Any help would be greatly appreciated. Thanks, Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com Know that you are safe. Beyond Security Finalist for the Red Herring 100 Global Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: upgrade to Centos 5 question
On Mon, 28 Jan 2008 19:00:50 +0200, Oren Held [EMAIL PROTECTED] wrote: Myself: But Centos 5 is not for home use - its distribution does not have media programs (like LVM, I wanted it for media streaming). So for home/media use, may be Fedora (now 8) is better for your needs (few RPMs are available for Centos on ATRPMS, FreshRPMS does not support RHEL/Centos at all). I agree that CentOS is usually not good for home. (I use it as home server, but run debian-unstable VMs inside :) ) Still, many RPMs are available through the amazing DAG repository: http://dag.wieers.com/rpm/packages/ Also there is the new EPEL project, but it's 'limping' a little.. http://fedoraproject.org/wiki/EPEL I use the EPEL repository (highly recommended) and also the RPMforge (http://rpmforge.net/) maintained by Dag. When I researched the LVM for Centos5 issue, I found that Dag had about 40% of the libraries needed, but still there was a lot of work to do to compile LVM for Centos5. Ehud. -- Ehud Karni Tel: +972-3-7966-561 /\ Mivtach - Simon Fax: +972-3-7966-667 \ / ASCII Ribbon Campaign Insurance agencies (USA) voice mail and X Against HTML Mail http://www.mvs.co.il FAX: 1-815-5509341 / \ GnuPG: 98EA398D http://www.keyserver.net/Better Safe Than Sorry = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Yum cache for a cluster of clients
On Mon, 28 Jan 2008 19:12:34 Tom Rosenfeld wrote: Hi Ehud, This sounds great and simple! Can I use this to combine the existing cache from several machines, or will it only work if I do it from scratch? Yes, you can. Just copy all the sub directories from /var/cache/yum to a common directory (this will merge all your kept headers and RPMs). After that symlink this directory to /var/cache/yum on each computer. I doubt that you have much headers and RPMs saved (unless you changed your keepcache to 1 long ago). Ehud -- Ehud Karni Tel: +972-3-7966-561 /\ Mivtach - Simon Fax: +972-3-7966-667 \ / ASCII Ribbon Campaign Insurance agencies (USA) voice mail and X Against HTML Mail http://www.mvs.co.il FAX: 1-815-5509341 / \ GnuPG: 98EA398D http://www.keyserver.net/Better Safe Than Sorry = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Hebrew-friendly list server on Linux?
I recommend you to try Google Groups. It is highly customizable list server, and has good web access for archiving and even posting if permitted. ronys wrote: I'm looking for a mailing list server that is meant to serve a few hundred users. The catch is that these are non-technical users who will correspond only in Hebrew. My first solution, Yahoo groups, is a big failure due to the number of users who complain about gibberish in their inbox. Can anyone recommend a decent solution, either hosted or something thatI can install on my own Linux server? Note that the admin interface doesn't have to be in Hebrew, only the user-facing side. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Yum cache for a cluster of clients
My suggestion is to install a caching http proxy (e.g. squid) somewhere on your network, and make yum go through it. As long as you all of your CentOS hosts use the same mirror (and not a different mirror each time), the caching http proxy will return files from its cache. IIRC, you need to change the yum.conf file to include the proxy configuration option, and modify the repositories definition (in /etc/yum.repos.d/) so that the repositories use the baseurl setting, instead of the mirrorlist setting. Lior Tom Rosenfeld wrote: Hi Guys, I assume there is a simple answer to this. How do I get all of my linux workstation (all running the same version of CentOS 4) to use the same yum cache? Thanks, -tom 054-244-8025 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Asterisk question
On Mon, Jan 28, 2008 at 05:19:38PM +0200, Shachar Shemesh wrote: Hi all, A while back I asked three Asterisk questions. Two of those were successfully answered by the list members, but one remains: I have four internal extensions connected to a TDM400 card using four FXS modules (channels 1-4). I also have two Bezeq lines connected to a second TDM400 card using two FXO modules (channels 7 and 8). I defined the FXO channels to belong to group 2, and defined in my extensions.conf file that outgoing calls should be directed to Zap/g2. When I dial out from my extension, everything is ok - I get an external line. When I dial from a different extension, my extension rings. If I dial out from two (neither mine) extension, the first rings my extension, but the seconds gets an outside line as it should. Please provide a trace (with verbose level = 3) of this, so we can see what actually happens. Also, please provide the relevant parts of the dialplan (extensions.conf or whatever). This is the relevant part of my zapata.conf file: context=internal signalling=fxo_ks group=1 callerid=Shachar Shemesh 201 channel = 1 callerid=someone 202 channel = 2 callerid=someone 203 channel = 3 callerid=someone 204 channel = 4 context=incoming signalling=fxs_ks group=3 Above you wrote Zap/g2, but here we have 'group=3'. Which is it? callerid=asreceived channel = 7 callerid=asreceived channel = 8 Any help would be greatly appreciated. Thanks, Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] -- Tzafrir Cohen | [EMAIL PROTECTED] | VIM is http://tzafrir.org.il || a Mutt's [EMAIL PROTECTED] || best ICQ# 16849754 || friend = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
