Re: Intel HD 3000?

[Ian Pilcher]

On 05/21/2011 01:17 AM, Chris Smart wrote:
> I upgraded to xorg-x11-drv-intel-2.15.0-4.fc16.x86_64 from rawhide,
> but after a reboot X won't start - I just get a black screen with
> blinking cursor.

Try

http://kojipkgs.fedoraproject.org/packages/xorg-x11-drv-intel/2.15.0/3.fc15/x86_64/xorg-x11-drv-intel-2.15.0-3.fc15.x86_64.rpm

-- 

Ian Pilcher arequip...@gmail.com
"If you're going to shift my paradigm ... at least buy me dinner first."


-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Intel HD 3000?

[Chris Smart]

On Sat, May 21, 2011 at 3:26 PM, Ian Pilcher  wrote:
> Looks familiar.  It seems to only affect the Oxygen widget style and
> window decorations, however.  Since I prefer Cleanlooks and Plastik
> respectively, I had forgotten about it.

Thanks. I changed the widget style and the problem goes away.

[snip]

> I would be very interested in knowing if you are able to reproduce this
> issue.  (You'll probably have to grab the updated driver package from
> Koji.)
>

I upgraded to xorg-x11-drv-intel-2.15.0-4.fc16.x86_64 from rawhide,
but after a reboot X won't start - I just get a black screen with
blinking cursor.

xorg.log
Backtrace:
[41.072] 0: /usr/bin/X (xorg_backtrace+0x2f) [0x4a13df]
[41.072] 1: /usr/bin/X (0x40+0x622c6) [0x4622c6]
[41.072] 2: /lib64/libpthread.so.0 (0x7f4f82f9b000+0xf450) [0x7f4f82faa450]
[41.072] 3: /usr/lib64/xorg/modules/drivers/intel_drv.so
(0x7f4f81021000+0xeab9) [0x7f4f8102fab9]
[41.072] 4: /usr/bin/X (AddScreen+0x17f) [0x42ef6f]
[41.072] 5: /usr/bin/X (InitOutput+0x282) [0x471622]
[41.072] 6: /usr/bin/X (0x40+0x22c69) [0x422c69]
[41.072] 7: /lib64/libc.so.6 (__libc_start_main+0xed) [0x7f4f8257a43d]
[41.072] 8: /usr/bin/X (0x40+0x23101) [0x423101]
[41.072] Segmentation fault at address 0xfff6d6ce
[41.072]

-c
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Analog video capture

[Kevin J. Cummings]

On 05/20/2011 11:12 PM, DJ Delorie wrote:
> 
> JD  writes:
>> What do you think of this hauppague gizmo?
>>
>> http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=4146200
> 
> I have the HD-PVR and use it on Fedora 14 with VLC (high-def TV in a
> window!  Watching AMCHD at the moment :).  Capturing streaming video to
> disk is as simple as this:
> 
> $ cat /dev/video0 > ~/Video/capture.m4ts

When capturing HD, all it needs to do is move the MPEG-4 TS from the
coax to the disk.  HD is that simple to record (its much more complex to
*play* it!).  Analog is a different beast.  It needs to be converted to
digital in order to store it directly to the hard drive.  Without a
hardware endcoder on the card (or in the box), it consumes CPU cycles.
Does the HD-PVR have an analog MPEG encoder?  I know the PVR cards do.
I don't know about this box.

> (then you hit "play" on the vcr, wait, hit Ctrl-C on the above :)
> 
> The only catch is it doesn't seem to like working with 5.1 sound (VLC,
> not the HDPVR).  Mine is hooked up to stereo inputs instead.

-- 
Kevin J. Cummings
kjch...@verizon.net
cummi...@kjchome.homeip.net
cummi...@kjc386.framingham.ma.us
Registered Linux User #1232 (http://counter.li.org)
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Intel HD 3000?

[Ian Pilcher]

On 05/20/2011 10:44 PM, Chris Smart wrote:
> The only issue I have is some corruption in the GUI under KDE, with
> desktop effects both on and off. Can I ask, if you right click on
> something in KDE (even just the desktop) do you get a black, corrupt
> menu, like this?
> http://christophersmart.com/images/intel-hd-3000-corruption.png

Looks familiar.  It seems to only affect the Oxygen widget style and
window decorations, however.  Since I prefer Cleanlooks and Plastik
respectively, I had forgotten about it.

I believe its fixed in xorg-x11-drv-intel-2.15.0, although that seems
to have introduced or triggered a nasty memory corruption issue on my
system:

  https://bugzilla.redhat.com/show_bug.cgi?id=705652
  https://bugs.freedesktop.org/show_bug.cgi?id=37420

I would be very interested in knowing if you are able to reproduce this
issue.  (You'll probably have to grab the updated driver package from
Koji.)

Thanks!

-- 

Ian Pilcher arequip...@gmail.com
"If you're going to shift my paradigm ... at least buy me dinner first."


-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Intel HD 3000?

[Chris Smart]

On Sun, May 8, 2011 at 6:19 AM, Ian Pilcher  wrote:
>
> At this point, I'm reasonably happy.  I'm able to run KWin compositing
> and OpenGL screensavers, which is all I really want to do.
>

Hey Ian,

The laptop arrived and I put F15 on it which works well, including 3D.

The only issue I have is some corruption in the GUI under KDE, with
desktop effects both on and off. Can I ask, if you right click on
something in KDE (even just the desktop) do you get a black, corrupt
menu, like this?
http://christophersmart.com/images/intel-hd-3000-corruption.png

GTK apps like Firefox seem to work fine, so I'm thinking it's a Kwin
issue but I'm not sure if it's affecting others.

This is the VGA controller:
00:02.0 VGA compatible controller: Intel Corporation Device 0126 (rev 09)

Thanks!
Chris
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Analog video capture

[JD]

On 05/20/11 20:12, DJ Delorie wrote:
> JD  writes:
>> What do you think of this hauppague gizmo?
>>
>> http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=4146200
> I have the HD-PVR and use it on Fedora 14 with VLC (high-def TV in a
> window!  Watching AMCHD at the moment :).  Capturing streaming video to
> disk is as simple as this:
>
> $ cat /dev/video0>  ~/Video/capture.m4ts
>
> (then you hit "play" on the vcr, wait, hit Ctrl-C on the above :)
>
> The only catch is it doesn't seem to like working with 5.1 sound (VLC,
> not the HDPVR).  Mine is hooked up to stereo inputs instead.
That is helpful info. Perhaps I will try it to dump
all the analog tapes to my hard drive.
Actually, if there were a VHS player with digital
output port(s), I might be able to connect it
to PC without resorting to the PVR device.


-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Analog video capture

[DJ Delorie]

JD  writes:
> What do you think of this hauppague gizmo?
>
> http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=4146200

I have the HD-PVR and use it on Fedora 14 with VLC (high-def TV in a
window!  Watching AMCHD at the moment :).  Capturing streaming video to
disk is as simple as this:

$ cat /dev/video0 > ~/Video/capture.m4ts

(then you hit "play" on the vcr, wait, hit Ctrl-C on the above :)

The only catch is it doesn't seem to like working with 5.1 sound (VLC,
not the HDPVR).  Mine is hooked up to stereo inputs instead.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Analog video capture

[Kevin J. Cummings]

On 05/20/2011 10:41 PM, JD wrote:

> That is very good info. I am now very curious about your
> MythArchive script.
> Would you be able to share it?

It is a part of MythTV  It takes recordings (.mpg for me) and can
produce a mastered DVD as one of its options.  A while back, I recorded
all of the Star Trek: Enterprise that Sci-Fi showed, edited then to
remove the commercials, and burned them 4 to a DVD+R.  Of course those
were recordings from analog TV, not digitial TV, but it proved the point
to me that it can be done.

The program is interactive, and will tell you how much room is left on
the DVD as you add recordings.  It can omit "cut-lists" (the
commercials) if you want it to.  For non-TV recordings, all you have to
do is import them into your MythTV database and it will access then like
any other recording.

Of course, if you are not interested in the TV recording part of it, it
can be a lot of baggage to carry around just to convert analog
recordings to DVD.  B^)

> Is it restricted to mpeg 1, or mpeg2 as far as input?
> What about mp4?

Yes, all are supported.

> Thanx,
> 
> JD

-- 
Kevin J. Cummings
kjch...@verizon.net
cummi...@kjchome.homeip.net
cummi...@kjc386.framingham.ma.us
Registered Linux User #1232 (http://counter.li.org)
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Analog video capture

[JD]

On 05/20/11 19:28, Kevin J. Cummings wrote:
> On 05/20/2011 09:39 PM, JD wrote:
>> What do you think of this hauppague gizmo?
>>
>> http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=4146200
> I have no opinion of this device, personally.  I would worry about the
> part which says:
>
>> Any other format conversions needs to be done with the MediaConvert program 
>> (supplied).
> and that MediaConvert program is probably Windows only.  But, then
> again, if you can figure out what it is producing for output, ffmpeg
> will usually have a way to convert it into something you can use, though
> usually at the expense of your CPU cycles
>
> And its more than twice the price I paid for my PVR-350 (when I bought
> it 4-5 years ago) even on sale!
>
>> I have lot's of 8mm video tapes (which I can still play through the camera),
>> and old fashioned VHS tapes which I can play through the VCR tape player.
>> These I have relegated to the bin because we have a digital pvr hooked
>> to the
>> TV set and is built-in to the Uverse service.
> Agreed, I have some 8&16mm films from my parents which were put on VHS
> for them.  Now its my job to digitize them into some MPEG format for
> future archival.  A VCR composite out to the PVR-350 is simple a
> straight forward.  cat /dev/videoN when the VCR starts playing, and a ^C
> when the video ends.  The result is a .mpg file.
>
> Once I have the .mpg files, I can use a MythTV script (MythArchive) to
> create DVDs with the various movies.  (Now this is also CPU intensive,
> more so than the original capture, but that's the price you pay to
> convert what you have to what you want.  And, yes, it uses ffmpeg to do
> the heavy lifting.)
>
That is very good info. I am now very curious about your
MythArchive script.
Would you be able to share it?
Is it restricted to mpeg 1, or mpeg2 as far as input?
What about mp4?

Thanx,

JD

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Analog video capture

[Kevin J. Cummings]

On 05/20/2011 09:39 PM, JD wrote:
> What do you think of this hauppague gizmo?
> 
> http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=4146200

I have no opinion of this device, personally.  I would worry about the
part which says:

> Any other format conversions needs to be done with the MediaConvert program 
> (supplied). 

and that MediaConvert program is probably Windows only.  But, then
again, if you can figure out what it is producing for output, ffmpeg
will usually have a way to convert it into something you can use, though
usually at the expense of your CPU cycles

And its more than twice the price I paid for my PVR-350 (when I bought
it 4-5 years ago) even on sale!

> I have lot's of 8mm video tapes (which I can still play through the camera),
> and old fashioned VHS tapes which I can play through the VCR tape player.
> These I have relegated to the bin because we have a digital pvr hooked 
> to the
> TV set and is built-in to the Uverse service.

Agreed, I have some 8&16mm films from my parents which were put on VHS
for them.  Now its my job to digitize them into some MPEG format for
future archival.  A VCR composite out to the PVR-350 is simple a
straight forward.  cat /dev/videoN when the VCR starts playing, and a ^C
when the video ends.  The result is a .mpg file.

Once I have the .mpg files, I can use a MythTV script (MythArchive) to
create DVDs with the various movies.  (Now this is also CPU intensive,
more so than the original capture, but that's the price you pay to
convert what you have to what you want.  And, yes, it uses ffmpeg to do
the heavy lifting.)

-- 
Kevin J. Cummings
kjch...@verizon.net
cummi...@kjchome.homeip.net
cummi...@kjc386.framingham.ma.us
Registered Linux User #1232 (http://counter.li.org)
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Analog video capture

[JD]

On 05/20/11 18:11, Kevin J. Cummings wrote:
> On 05/20/2011 07:56 PM, JD wrote:
>> On 05/20/11 16:43, Dennis Kaptain wrote:
>>> I want to convert my analog VCR tapes and analog Camcorder video to digital
>>> I plan on purchasing a BT878 card as below.
>>> http://cgi.ebay.com/PixelView-PV-BT878P-REV-10B-TV-TUNER-/260776721005?pt=LH_DefaultDomain_0&hash=item3cb780fa6d
>> I do not have experience with this card.
>> I do have experience with an ATI Radeon PCI card
>> which had a TV tuner. The input to the card was via
>> a little box you could hold in the palm of your hand,
>> and it converted the coax cable signal to an audio/video
>> composite, which I plugged into the card's  composite
>> input port.
>> But I can tell you it is a CPU killer to do conversion
>> to digital on demand, and will quickly fill up many
>> gigabytes per movie - like 8 to 12 GB.
> You are looking at the wrong thing.  Look for a Hauppague PVR-350 (or a
> 150, 250, or 500).  They have hardware MPEG (MP2) encoders on them and
> produce .mpg files for you.  They support input from both f-connector
> (via the analog tuner) and composite video (yellow RCA plug).  Your CPU
> spends little time on the encoding because the board is doing all the
> work.  The problem here is you won't find them retail anymore because of
> the big Digital conversion that just happened.  You might be able to
> find them on E-Bay though.  I have one in my server.  They use the IVTV
> driver in the Linux Kernel so they are supported natively.  They used to
> be the cards of choice in the US of A for MythTV back in the days before
> ATSC.  There are also a slew of ATSC capture cards that also do analog
> capture (but you need to read the fine print for their Linux support).
>
>
What do you think of this hauppague gizmo?

http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=4146200

I have lot's of 8mm video tapes (which I can still play through the camera),
and old fashioned VHS tapes which I can play through the VCR tape player.
These I have relegated to the bin because we have a digital pvr hooked 
to the
TV set and is built-in to the Uverse service.

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Analog video capture

[Kevin J. Cummings]

On 05/20/2011 07:56 PM, JD wrote:
> On 05/20/11 16:43, Dennis Kaptain wrote:
>> I want to convert my analog VCR tapes and analog Camcorder video to digital
>> I plan on purchasing a BT878 card as below.
>> http://cgi.ebay.com/PixelView-PV-BT878P-REV-10B-TV-TUNER-/260776721005?pt=LH_DefaultDomain_0&hash=item3cb780fa6d

> I do not have experience with this card.
> I do have experience with an ATI Radeon PCI card
> which had a TV tuner. The input to the card was via
> a little box you could hold in the palm of your hand,
> and it converted the coax cable signal to an audio/video
> composite, which I plugged into the card's  composite
> input port.
> But I can tell you it is a CPU killer to do conversion
> to digital on demand, and will quickly fill up many
> gigabytes per movie - like 8 to 12 GB.

You are looking at the wrong thing.  Look for a Hauppague PVR-350 (or a
150, 250, or 500).  They have hardware MPEG (MP2) encoders on them and
produce .mpg files for you.  They support input from both f-connector
(via the analog tuner) and composite video (yellow RCA plug).  Your CPU
spends little time on the encoding because the board is doing all the
work.  The problem here is you won't find them retail anymore because of
the big Digital conversion that just happened.  You might be able to
find them on E-Bay though.  I have one in my server.  They use the IVTV
driver in the Linux Kernel so they are supported natively.  They used to
be the cards of choice in the US of A for MythTV back in the days before
ATSC.  There are also a slew of ATSC capture cards that also do analog
capture (but you need to read the fine print for their Linux support).


-- 
Kevin J. Cummings
kjch...@verizon.net
cummi...@kjchome.homeip.net
cummi...@kjc386.framingham.ma.us
Registered Linux User #1232 (http://counter.li.org)
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[jdow]

On 2011/05/20 07:55, Alan Cox wrote:
>
>> There is no real requirement for anti-virus on Linux,
>> just keep your system updated from approved channels.
>> Keep an eye on your logs for anything fishy
>
> chkrootkit can also be handy

I keep remembering all my Apploid friends who told me flat out that
OSx is immune to malware so there is no need for an AV. The malware
people are now targeting Apple products as they are big enough to
be worth it now. Apple releases batches of security patches now. And
even iOS is prone to sicknesses which Apple WILL NOT fix.

Once the virus writers seriously target Linux something proactive will
be a good idea. Bland assertions such as you quoted, Alan, lead to
discovering Linux is being seriously attacked when you find you must
rebuild your machine.

At the moment something that scans for known potential 'ix malware
and scans for Windows or Apple nonsense as well would be a good
investment. ("Hey, Fred, your machine is infected. That's why I
disconnected you from my net.")

{o.o}
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Analog video capture

[JD]

On 05/20/11 16:43, Dennis Kaptain wrote:
> I want to convert my analog VCR tapes and analog Camcorder video to digital
> I plan on purchasing a BT878 card as below.
> http://cgi.ebay.com/PixelView-PV-BT878P-REV-10B-TV-TUNER-/260776721005?pt=LH_DefaultDomain_0&hash=item3cb780fa6d
>
>
>
> I believe the Linux Kernel should already have the drivers for this ready to 
> go
> and I can use mencoder to copy the video/audio to a file.
>
> The ebay photos seem to show the card having inputs for 1/8 in plugs. My VCR 
> and
>
> Camcorder have RCA output jacks. Do I need a simple cable with 1/8" on one end
> and RCA on the other or is there more to it than that?
>
> Does anyone have experience with this particular card? Tips? Advise? Warnings?
>
> I'm running Fedora 14. 3GB RAM, Dual Intel 4300 processors 1.8GHz
>
> Thanks
> Dennis
I do not have experience with this card.
I do have experience with an ATI Radeon PCI card
which had a TV tuner. The input to the card was via
a little box you could hold in the palm of your hand,
and it converted the coax cable signal to an audio/video
composite, which I plugged into the card's  composite
input port.
But I can tell you it is a CPU killer to do conversion
to digital on demand, and will quickly fill up many
gigabytes per movie - like 8 to 12 GB.

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Analog video capture

[Dennis Kaptain]

I want to convert my analog VCR tapes and analog Camcorder video to digital
I plan on purchasing a BT878 card as below.
http://cgi.ebay.com/PixelView-PV-BT878P-REV-10B-TV-TUNER-/260776721005?pt=LH_DefaultDomain_0&hash=item3cb780fa6d



I believe the Linux Kernel should already have the drivers for this ready to go 
and I can use mencoder to copy the video/audio to a file.

The ebay photos seem to show the card having inputs for 1/8 in plugs. My VCR 
and 

Camcorder have RCA output jacks. Do I need a simple cable with 1/8" on one end 
and RCA on the other or is there more to it than that?

Does anyone have experience with this particular card? Tips? Advise? Warnings?

I'm running Fedora 14. 3GB RAM, Dual Intel 4300 processors 1.8GHz

Thanks
Dennis
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: USB wireless adaptor that supports Master Mode?

[Tom Horsley]

On Thu, 19 May 2011 17:09:29 -0400
Tom Horsley wrote:

> but it worked out of the box for me with hostapd

And I have now updated my web site with all the details
of the scripts and config files I use:

http://home.comcast.net/~tomhorsley/hardware/rtl8192cu/rtl8192cu.html
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[Patrick O'Callaghan]

On Fri, 2011-05-20 at 07:13 -0700, James McKenzie wrote:
> On Fri, May 20, 2011 at 5:27 AM, Patrick O'Callaghan
>  wrote:
> > On Thu, 2011-05-19 at 21:30 -0700, JD wrote:
> >> Gov has made it illegal to publish such algorithms, at least
> >> in the USA.
> >
> > Evidence?
> >
> Not so.  DES, 3DES and AES are all PUBLISHED alogrithms and are used
> by the DoD/NSA (CISSP training from (ISC)2 as source.)  PGP using IDEA
> is a published alogrithm.  There are NO bans against publishing them,
> just distributing them to "controlled countries" by US law.
> Fedora/RedHat have had to take the position that they will supply the
> packages to only those who do not export to controlled countries or
> banned individuals.

Actually the previous poster seemed to be saying that it is currently
illegal to publish algorithms to *decrypt* WPA and friends. That's what
I was asking for evidence for.

poc

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[Patrick O'Callaghan]

On Fri, 2011-05-20 at 14:20 +, g wrote:
> On 05/20/2011 12:27 PM, Patrick O'Callaghan wrote:
> > On Fri, 2011-05-20 at 09:46 +, g wrote:
> >> in all of above results;
> >>
> >>   you will find pro and con about 'ssid'.
> >>   you will find wpa2 can be hacked if key is weak.
> > 
> > As I said before, I don't need to open any of these links to know that a
> > weak password gives poor security.
> 
> my apoligies for addressing my post to you and naming you specifically
> as who it was intended.
> 
> 
> in addition, "pgp", ie, "pretty good privacy".
> 
> maybe you, 'poc' should look up the history of pgp.

I know it extremely well, having taught it in undergrad CS courses.

> like in what country it was designed, what country was against it
> and requested/forced pgp's withdrawal, and what country it was again
> released from.\

[irrelevant verbiage deleted]

> i guess people on _your_ side of 'the big pond' are not as familiar
> as those of us on this side.
> 

I have completely lost track of whatever point it was you were trying to
make. PGP has nothing whatever to do with Wifi security in the sense of
this thread.

And for your information, I'm not on either side of the 'pond'.

poc

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Setting Primary Monitor with F14 - dual monitors [Found Temporary Fix]

[CS DBA]

FYI:

I'm running KDE, and I've managed to fix this via an autostart file. It 
waits for me to be logged in then it swaps the screens, kinda goofy but 
it works.

I placed a file called xrandr in the .kde/Autostart directory under my 
home directory.  Then I added the content below and made the file 
executable:

-
#!/bin/bash

xrandr --output LVDS1 --primary

--

I'd like a more elegant/permanent solution so I dont have to "swap" the 
screens after login , however it does work for now...




> On 05/20/11 10:46, CS DBA wrote:
>> Hi All;
>>
>> I just installed Fedora 14 and generally everything works great. One
>> nuisance I'd like to fix is per the primary monitor.
>> If I boot up with dual monitors then Fedora places my task manager /
>> menu bar, etc on the external monitor. I can use xrandr like this to fix it:
>>
>> xrandr --output LVDS1 --primary
>>
>>
>> However, I'd like the system to use my laptop screen as the default
>> monitor always. Is this possible?
>>
>>
>> Thanks in advance...
>>
>>
> +1
> I would like that too. It has annoyed me every time
> I have added an external monitor.
> I think something in the X server or maybe gnome
> need to be fixed so that external monitor is not used
> in the current default manner.


-- 
-
Kevin Kempter   -   Constent State
A PostgreSQL Professional Services Company
   www.consistentstate.com
-

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[Tim]

On Fri, 2011-05-20 at 13:13 -0700, Joe Zeff wrote:
> AIUI, most of them have been "proof of concept" projects used to prove
> that a particular vulnerability existed and could be exploited.  None
> of those were ever released "into the wild," however, and can safely
> be ignored.

And then there's:  Linux fixes the faults versus Windows leaves them in,
and hopes that something else can protect you from them...

-- 
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: preupgrading to fedora 15

[Rahul Sundaram]

On 05/21/2011 02:30 AM, Joe Zeff wrote:
> On 05/20/2011 01:46 PM, Rahul Sundaram wrote:
>> Unlike Fedora?  I have thousands of posts in the Fedora Forum, although
>> it is a third party website and I am a active Fedora contributor.
> And I have almost 1,500.  However, I wasn't talking about Fedora 
> contributors I was talking about the Fedora Developers;

There isn't such real distinction in Fedora.  

>  the people who 
> decide what's going into the next version of Fedora and when it gets 
> released. 

Fedora has a time based release. When it gets released is just mundane
routine.  What is part of the release gets decided by whomever wants to
contribute and yes, that includes me as well. 

Rahul

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: preupgrading to fedora 15

[JD]

On 05/20/11 14:00, Joe Zeff wrote:
> On 05/20/2011 01:46 PM, Rahul Sundaram wrote:
>> Unlike Fedora?  I have thousands of posts in the Fedora Forum, although
>> it is a third party website and I am a active Fedora contributor.
> And I have almost 1,500.  However, I wasn't talking about Fedora
> contributors I was talking about the Fedora Developers; the people who
> decide what's going into the next version of Fedora and when it gets
> released.  If any of them follow the Fedora Forum they're very quiet
> about it, and it's almost an article of faith at the forum at gnome.org
> that none of the Gnome devs ever, under any circumstances at all,
> condescend to glance at what the peons who use their DE have to say.
Hey, that sound a lot like D.C. :)
Only difference is that the peons did not
elect the developers.
A buddy got them in ? :)
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[JD]

On 05/20/11 13:13, Joe Zeff wrote:
> On 05/20/2011 12:38 PM, Rick Sewill wrote:
>> There have been Linux viruses in the past.
> AIUI, most of them have been "proof of concept" projects used to prove
> that a particular vulnerability existed and could be exploited.  None of
> those were ever released "into the wild," however, and can safely be
> ignored.  Also, one of the reasons there haven't been more malicious
> viruses for Linux is the fact that writing one takes much more technical
> skill than it does to create a Windows virus.  (I've heard that there
> are programs that allow you to pick a vector and a payload then write a
> custom Windows virus for you, meaning that the user doesn't need even
> the slightest programming skills.)  The greater level of skill needed
> means that most of the people out there who'd want to release a
> malicious Linux virus wouldn't know how to create one and those who do
> know don't find it worth their time because Windows viruses are far more
> profitable for them.  None of this means that Linux is inherently safe
> from malware, of  course.  It does mean, however, that the current
> threat is negligible.
+1
However, I think the reason why more attacks are against Windows
because of it's ubiquity. The Linux footprint in the world population
is almost invisible when compared to Linux. So, it is the obvious
choice for targeting because the payoff (i.e. the number of hits)
would be much larger.
I think that if Linux, with it's level of complexity were the dominant
desktop environment, and Windows occupied today's Linux's
  footprint, I think you would have see much much more worms and
trojans and other malware infecting Linux, because there would be
considerably more brainpower available to do the dirty work.

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: preupgrading to fedora 15

[Kevin Fenzi]

On Fri, 20 May 2011 14:00:18 -0700
Joe Zeff  wrote:

> On 05/20/2011 01:46 PM, Rahul Sundaram wrote:
> > Unlike Fedora?  I have thousands of posts in the Fedora Forum,
> > although it is a third party website and I am a active Fedora
> > contributor.
> 
> And I have almost 1,500.  However, I wasn't talking about Fedora 
> contributors I was talking about the Fedora Developers; the people
> who decide what's going into the next version of Fedora and when it
> gets released.  If any of them follow the Fedora Forum they're very
> quiet about it, and it's almost an article of faith at the forum at
> gnome.org that none of the Gnome devs ever, under any circumstances
> at all, condescend to glance at what the peons who use their DE have
> to say.

Well, I don't know if I fit into the group you are talking about, but I
do hit the forums from time to time. I admit that it's on the bottom of
my list of things, so I don't get there all that often, and when I do,
I usually search for Xfce threads to help with. ;) 

I've been busy enough of late I haven't looked recently tho. 
"You last visited: 25th April 2011 at 11:53 AM"

kevin


signature.asc
Description: PGP signature
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: preupgrading to fedora 15

[Joe Zeff]

On 05/20/2011 01:46 PM, Rahul Sundaram wrote:
> Unlike Fedora?  I have thousands of posts in the Fedora Forum, although
> it is a third party website and I am a active Fedora contributor.

And I have almost 1,500.  However, I wasn't talking about Fedora 
contributors I was talking about the Fedora Developers; the people who 
decide what's going into the next version of Fedora and when it gets 
released.  If any of them follow the Fedora Forum they're very quiet 
about it, and it's almost an article of faith at the forum at gnome.org 
that none of the Gnome devs ever, under any circumstances at all, 
condescend to glance at what the peons who use their DE have to say.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: preupgrading to fedora 15

[Rahul Sundaram]

On 05/21/2011 02:08 AM, Joe Zeff wrote:
> On 05/20/2011 01:31 PM, Beartooth wrote:
>> Any hints? Gotchas?
> Go to the XFCE forum and look around.  Unlike Fedora or Gnome, one of 
> the regulars there is a Core Developer for the DE.

Unlike Fedora?  I have thousands of posts in the Fedora Forum, although
it is a third party website and I am a active Fedora contributor.  There
are many others including Adam Williamson,  Kevin Fenzi and so on
posting there as well.   I must point out that it isn't that efficient
use of time for those who want to answer questions as opposed to ask them.

Rahul

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: preupgrading to fedora 15

[Joe Zeff]

On 05/20/2011 01:31 PM, Beartooth wrote:
> Any hints? Gotchas?

Go to the XFCE forum and look around.  Unlike Fedora or Gnome, one of 
the regulars there is a Core Developer for the DE.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: [389-users] Moving admin servers

[Rich Megginson]

On 05/20/2011 02:25 PM, Roland Schwingel wrote:


Hi Rich...

Thanks for the reply,

> So currently you have all of the directory servers registered with a
> directory server running in Net-A - this is the directory server
> that hosts the o=netscaperoot suffix used to register and configure
> those servers in the console.  This is on a machine with hostname
> ldap.neta or something like that.  Now you want instead to have a
> new server ldap.netc and have all of the directory servers
> registered with that server instead?

You are right
When running setup-ds-admin.pl you have the option to register
a new server to another already running server. This one is at
present the one in net-a. Now I have to register all server to a
server in net-c.
Are you moving any of the servers other than the one that contains 
o=NetscapeRoot?  If not, then you could try the following:
1) export the o=NetscapeRoot (NetscapeRoot) database from the server in 
net-a

 db2ldif -U -n NetscapeRoot -a /path/to/nsroot.ldif
2) use perl/sed/awk/whatever you are most comfortable with to change 
references to net-a to net-c in nsroot.ldif
3) Create a suffix o=NetscapeRoot and database NetscapeRoot in the 
server in net-c

4) Import (initialize) the new o=NetscapeRoot with the old server data

Then, you'll have to edit the /etc/dirsrv/admin-serv/adm.conf in all of 
your servers to change any references to net-a to net-c, then restart 
the admin server (restart-ds-admin)


Finally, you'll have to run ldapmodify on all of your servers (except 
the one that has the new o=NetscapeRoot) to do something like this:


ldapmodify -x -h hostname -D "cn=directory manager" -W 

Re: preupgrading to fedora 15

[Beartooth]

On Fri, 13 May 2011 10:51:35 -0700, Joe Zeff wrote:

> On 05/13/2011 10:20 AM, BeartoothHOS wrote:
>> Learn to like KDE4, or something other than Gnome.
> 
> I've migrated both my desktop and my laptop to XFCE.  You might want to
> take a look at it, especially if you're running older hardware.

I have now done that, thanks! 

Any hints? Gotchas?

-- 
Beartooth Staffwright, Neo-Redneck Not Quite Clueless Power User
I have precious (very precious!) little idea where up is.


-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: [389-users] Moving admin servers

[Roland Schwingel]

Hi Rich...

Thanks for the reply,

> So currently you have all of the directory servers registered with a
> directory server running in Net-A - this is the directory server 
> that hosts the o=netscaperoot suffix used to register and configure 
> those servers in the console.  This is on a machine with hostname 
> ldap.neta or something like that.  Now you want instead to have a 
> new server ldap.netc and have all of the directory servers 
> registered with that server instead?

You are right
When running setup-ds-admin.pl you have the option to register
a new server to another already running server. This one is at
present the one in net-a. Now I have to register all server to a
server in net-c. 

Thanks for your kind help,

Roland--
389 users mailing list
389-us...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

Re: Antivirus for Fedora 14

[Joe Zeff]

On 05/20/2011 12:38 PM, Rick Sewill wrote:
> There have been Linux viruses in the past.

AIUI, most of them have been "proof of concept" projects used to prove 
that a particular vulnerability existed and could be exploited.  None of 
those were ever released "into the wild," however, and can safely be 
ignored.  Also, one of the reasons there haven't been more malicious 
viruses for Linux is the fact that writing one takes much more technical 
skill than it does to create a Windows virus.  (I've heard that there 
are programs that allow you to pick a vector and a payload then write a 
custom Windows virus for you, meaning that the user doesn't need even 
the slightest programming skills.)  The greater level of skill needed 
means that most of the people out there who'd want to release a 
malicious Linux virus wouldn't know how to create one and those who do 
know don't find it worth their time because Windows viruses are far more 
profitable for them.  None of this means that Linux is inherently safe 
from malware, of  course.  It does mean, however, that the current 
threat is negligible.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Adblock Plus add-on for FireFox

[g]

On 05/20/2011 06:20 PM, BeartoothHOS wrote:
> On Tue, 17 May 2011 05:55:22 +, g wrote:
<>

>> you could send a link when you recommend something.

> None is needed -- "yum install privoxy xinetd" has worked for all
> releases of Fedora so far. (Privoxy required xinetd when I first got it; 
> I have no machine without it, on which I could test if that's still so.)

hey bear,

well, maybe yes/maybe no on privoxy. xinetd is already installed.

i do not run fedora on internet. i use it with 'fel' for design work.

i use 1 install of scientific linux for internet. a second for accounting
and design work.

sl may have it, i would think so anyway, but i have no complaint about
ads that are a part of page of site i am viewing pages from to run
java and java script, rest of sites are blocked by NoScript.

so, no great need/advantage with privoxy. desire for link to it's site
was to read about privoxy.

-- 

peace out.

tc.hago,

g
.


in a free world without fences, who needs gates.
**
help microsoft stamp out piracy - give linux to a friend today.
**
to mess up a linux box, you need to work at it.
to mess up an ms windows box, you just need to *look* at it.
**
The installation instructions stated to install Windows 2000 or better.
So I installed Linux.
**
learn linux:
'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html
'The Linux Documentation Project' http://www.tldp.org/
'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html
'HowtoForge' http://howtoforge.com/




signature.asc
Description: OpenPGP digital signature
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[Rick Sewill]

On Friday, May 20, 2011 12:29:23 PM John Aldrich wrote:
> On Fri May 20 2011, Andrew Jamison wrote:
> > I always install ClamAV which is free from the repositories, that may
> > work for now. When viruses become a bigger threat on Linux (not to
> > far-fetched to say it could happen) then you may see commercial
> > programmers offering Linux versions of their clients.
> 
> You can already by commercial antivirus for Linux. Kaspersky offers a Linux
> version, as does AVG and Symantec. How well those work is anyone's guess. I
> don't have any info on whether or how well they work, simply advising that
> they already exist.
> 
> Now, I agree that it's not too far-fetched to expect to see a linux virus
> "in the wild." Apple is now reportedly advising users to get some sort of
> antivirus for the Mac, and since Apple's O/S is based on BSD, it doesn't
> seem like a huge stretch to imagine that a Linux virus could be developed.
> 
> I would like to see more "workstation" antiviruses be developed for linux.
> Most of the antivirus products I've seen for linux have been for servers.

There have been Linux viruses in the past.

Please see URL:
http://en.wikipedia.org/wiki/Linux_malware

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Adblock Plus add-on for FireFox

[JD]

On 05/20/11 11:20, BeartoothHOS wrote:
> On Tue, 17 May 2011 05:55:22 +, g wrote:
>
>> On 05/17/2011 05:44 AM, Jason Turning wrote:
>>> You might take a look at Privoxy. I run that on my Fedora laptop,
>>> Mandriva desktop and even my XP work computer.
>> privoxy does not show in search at;
>>
>>https://addons.mozilla.org/en-US/firefox/
>>
>>
>> you could send a link when you recommend something.
>   None is needed -- "yum install privoxy xinetd" has worked for all
> releases of Fedora so far. (Privoxy required xinetd when I first got it;
> I have no machine without it, on which I could test if that's still so.)
>
I have tried to use privoxy along with tor
and along with the firefox add-on torbutton.
It has not provided me with the type of security
I was looking for: namely being constantly barraged
by the javascripts from web sites that scan my
cookies, catalogue what I searched for and what
pages I accessed, ...etc, ...etc.
I have even found out that the Uverse modem
collects browsing history and sends it to AT&T.
How so very generous of them to provide such
un-requested "service".
Using the noscript add-on helps with some websites,
the contents of which are still readable/viewable in
spite of blocking their scripts. But many web sites
will simply not operate if you block their scripts:
youtube, ebay, hotmail, not to mention facebook
and other social web sites.
IMHO, the worst hole in Linux's security, notwithstanding
bad administration,  is the browser through which all the
java scripts from web sites hit your machine.

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Adblock Plus add-on for FireFox

[BeartoothHOS]

On Tue, 17 May 2011 05:55:22 +, g wrote:

> On 05/17/2011 05:44 AM, Jason Turning wrote:
>> You might take a look at Privoxy. I run that on my Fedora laptop,
>> Mandriva desktop and even my XP work computer.
> 
> privoxy does not show in search at;
> 
>   https://addons.mozilla.org/en-US/firefox/
> 
> 
> you could send a link when you recommend something.

None is needed -- "yum install privoxy xinetd" has worked for all 
releases of Fedora so far. (Privoxy required xinetd when I first got it; 
I have no machine without it, on which I could test if that's still so.)

-- 
Beartooth Staffwright, Neo-Redneck Not Quite Clueless Power User
I have precious (very precious!) little idea where up is.


-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[Jerry Feldman]

On 05/17/2011 02:10 PM, Tim wrote:
>   Various computers will actually list your allegedly *hidden* device as
> an "unnamed" access point, so it's not even hidden.  Certainly the
> numerous programs prepared to "hack your neighbours" applications
> downloadable for the completely clueless will.
Including Fedora 15/Gnome 3. We have over 30 WLANs here in our office
complex. Just a quick look and I can see 5 WLANS, 2 are "".

-- 
Jerry Feldman 
Boston Linux and Unix
PGP key id: 537C5846
PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB  CA3B 4607 4319 537C 5846




signature.asc
Description: OpenPGP digital signature
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[Jerry Feldman]

On 05/17/2011 02:54 PM, Marko Vojinovic wrote:
> Hiding the SSID will stop only a casual bystander getting on to your network 
> by accident. Those who actually want to crack into a wireless network would 
> use some tool like airodump-ng (yum install aircrack-ng) to list any and all 
> wireless networks within reach, hidden or otherwise, and then pick which one 
> to crack.
>
> In other words, hiding SSID can be compared to a person putting an "I am 
> invisible" sticker on their forehead, and hoping that others would read it 
> and 
> ignore him.
>
> Hiding SSID is a matter of convenience, not security. Things like removing 
> the 
> clutter from user's list of available networks, avoiding accidental 
> connections by mobile devices, etc.
I'm glad you raised this. I love the analogy. I stopped hiding my SSIDs
a few years ago. By broadcasting the SSID, it cleared some some
intermittent connection problems I used to have both with my
Smartphones, but also with my laptops.

-- 
Jerry Feldman 
Boston Linux and Unix
PGP key id: 537C5846
PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB  CA3B 4607 4319 537C 5846




signature.asc
Description: OpenPGP digital signature
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Setting Primary Monitor with F14 - dual monitors

[JD]

On 05/20/11 10:46, CS DBA wrote:
> Hi All;
>
> I just installed Fedora 14 and generally everything works great. One
> nuisance I'd like to fix is per the primary monitor.
> If I boot up with dual monitors then Fedora places my task manager /
> menu bar, etc on the external monitor. I can use xrandr like this to fix it:
>
>xrandr --output LVDS1 --primary
>
>
> However, I'd like the system to use my laptop screen as the default
> monitor always. Is this possible?
>
>
> Thanks in advance...
>
>
+1
I would like that too. It has annoyed me every time
I have added an external monitor.
I think something in the X server or maybe gnome
need to be fixed so that external monitor is not used
in the current default manner.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Setting Primary Monitor with F14 - dual monitors

[CS DBA]

Hi All;

I just installed Fedora 14 and generally everything works great. One 
nuisance I'd like to fix is per the primary monitor.
If I boot up with dual monitors then Fedora places my task manager / 
menu bar, etc on the external monitor. I can use xrandr like this to fix it:

  xrandr --output LVDS1 --primary


However, I'd like the system to use my laptop screen as the default 
monitor always. Is this possible?


Thanks in advance...


-- 
-
Kevin Kempter   -   Constent State
A PostgreSQL Professional Services Company
   www.consistentstate.com
-

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: booting F14 on 2nd drive on a Windows 7 PC

[Petrus de Calguarium]

FHDATA wrote:

> C. I used F14 32bit install media and it sees
> p0  as /dev/sda1 and it sees p1 as /dev/adb
> 
> D. Fedora 14 install completes successfully
> During which it was instructed to install
> boot loader onto p1 and to leave alone /dev/sda1  ...
> 

I would suggest installing Fedora to the second drive (p1), as you did, BUT 
putting grub onto /dev/sda (master boot record of p0). Edit 
/boot/grub/grub.conf to have an entry for windows and an entry for Fedora.

> E. BIOS knows that it needs to boot to p1
> 
No clue what this means and I have never had to fiddle with bios settings to 
boot an OS.

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[John Aldrich]

On Fri May 20 2011, Andrew Jamison wrote:
> I always install ClamAV which is free from the repositories, that may
> work for now. When viruses become a bigger threat on Linux (not to
> far-fetched to say it could happen) then you may see commercial
> programmers offering Linux versions of their clients.
> 
You can already by commercial antivirus for Linux. Kaspersky offers a Linux 
version, as does AVG and Symantec. How well those work is anyone's guess. I 
don't have any info on whether or how well they work, simply advising that 
they already exist.

Now, I agree that it's not too far-fetched to expect to see a linux virus 
"in the wild." Apple is now reportedly advising users to get some sort of 
antivirus for the Mac, and since Apple's O/S is based on BSD, it doesn't 
seem like a huge stretch to imagine that a Linux virus could be developed.

I would like to see more "workstation" antiviruses be developed for linux. 
Most of the antivirus products I've seen for linux have been for servers.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Networking problem

[Rick Stevens]

On 05/19/2011 07:06 PM, JD wrote:
> On 05/19/11 18:45, Tom H wrote:
>> On Thu, May 19, 2011 at 8:57 PM, JD  wrote:
>>> On 05/19/11 17:41, Tom H wrote:
>>
 To the OP: Do you have a "/etc/sysconfig/network-scripts/ifcfg-wlan0"
 and a "/etc/sysconfig/network-scripts/ifcfg-wlan0:0"? What are their
 contents?
>>> I have no  /etc/sysconfig/network-scripts/ifcfg-wlan0:0
>>>
>>> $ cat /etc/sysconfig/network-scripts/ifcfg-wlan0:
>>> DEVICE=wlan0:0
>>> IPV6INIT=no
>> Why do you have "DEVICE=wlan0:0" in
>> "/etc/sysconfig/network-scripts/ifcfg-wlan0"?
>>
>>
> I think that is a remnant. Thank for pointing it out.
> I had completely overlooked it. But, it is nevertheless,
> harmless.

Since your script says "DEVICE=wlan0:0", the system will try to bring
that up. Since that is an alias (wlan0:0), it MUST bring up wlan0
before creating the alias for it and voila!
--
- Rick Stevens, Systems Engineer, C2 Hosting  ri...@nerd.com -
- AIM/Skype: therps2ICQ: 22643734Yahoo: origrps2 -
--
- Real Time, adj.: Here and now, as opposed to fake time, which only -
-occurs there and then   -
--
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[Bruno Wolff III]

On Fri, May 20, 2011 at 11:45:50 -0400,
  Andrew Jamison  wrote:
> I always install ClamAV which is free from the repositories, that may work
> for now. When viruses become a bigger threat on Linux (not to far-fetched to
> say it could happen) then you may see commercial programmers offering Linux
> versions of their clients.

Anti-virus software has some fundenmental problems. Blacklists don't uncover
unkonwn malware. The blacklist will continue to grow as time goes on.
This growth may not be linear. Checking this evergrowing blacklist
everytime you acquire a file is not an efficient way to protect a machine.

The resources would be much better spent hardening programs which process
data from untrusted sources (web browsers, editors, mail clients, image,
sound and movie viewers) and improving selinux policy to limit the damage
doable by malware.

One thing that free OS' do have going for them, is that there is less
incentive to install software from random sources, as so much software
is available from the distrobutions themselves.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[Bruno Wolff III]

On Sat, May 21, 2011 at 01:07:19 +0930,
  Tim  wrote:
> 
> On Linux, if you were to try and install a file that wanted to replace
> some system file, or some file belonging to another package that may be
> just as important, can you *expect* the install process to remove the
> original owner package?  Or is it possible to stuff up some file
> belonging to another package, silently?

If you try this you would normally get a file conflict. There are some
corner cases with config files where you might not get a conflict.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[Ed Greshko]

On 05/20/2011 11:08 PM, Tim wrote:
> It's generally regarded that you don't need anti-virus software for
> Linux.  I haven't bothered, haven't seen the need for it, and I think
> it's been around a decade that I've been running Linux this way.  (And I
> do mean it runs, not hobbles about in a broken way, that some people
> will put up with.)
>
Basically agree with you.  FWIW, I run anti-virus *not* to protect
myself, but to protect others where I may inadvertently pass on a virus.

In my business I get MS Word and MS Powerpoint documents from various
sources and, at times, pass them on to others.  I can't be 100% certain
the the documents that I receive are virus free.  So, rather than being
accused of disseminating infected documents, I prefer to pass on
documents that I am confident are virus free.  So, I check all incoming
document.

-- 
I'm not laughing with you, I'm laughing at you. 葛斯克 愛德華 / 台北市八
德路四段



signature.asc
Description: OpenPGP digital signature
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[Frank Murphy]

On 20/05/11 16:45, Andrew Jamison wrote:
> I always install ClamAV which is free from the repositories, that may work
> for now. When viruses become a bigger threat on Linux (not to far-fetched to
> say it could happen) then you may see commercial programmers offering Linux
> versions of their clients.
>
some already do.
Kaspersky, F-Prot, F-Secure.


-- 
Regards,

Frank Murphy
UTF_8 Encoded
Friend of Fedora
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

RE: Antivirus for Fedora 14

[Andrew Jamison]

I always install ClamAV which is free from the repositories, that may work
for now. When viruses become a bigger threat on Linux (not to far-fetched to
say it could happen) then you may see commercial programmers offering Linux
versions of their clients.

-Original Message-
From: users-boun...@lists.fedoraproject.org
[mailto:users-boun...@lists.fedoraproject.org] On Behalf Of Tim
Sent: Friday, May 20, 2011 11:37 AM
To: Community support for Fedora users
Subject: Re: Antivirus for Fedora 14

I've just been considering one of the security flaws that Windows has, and
wondering how Linux contends with the same issue:  On Windows, it was always
a problem that you might install something (intentionally or
not) that would replace a system file that it shouldn't be able to.

On Linux, if you were to try and install a file that wanted to replace some
system file, or some file belonging to another package that may be just as
important, can you *expect* the install process to remove the original owner
package?  Or is it possible to stuff up some file belonging to another
package, silently?

e.g. If I was to install silly-game.rpm and I saw comments about removing
kernel(something) in the list of things to do during the intall, I'd abort.

(Not that that'd help those who routinely do "yum -y install" without due
care.)

I think the case that installing a package that generates a file during
installation, can leave a file that's not owned by the package (as far as
YUM and RPM databases are concerned).

--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I read
messages from the public lists.



--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[Frank Murphy]

On 20/05/11 16:37, Tim wrote:

> e.g. If I was to install silly-game.rpm and I saw comments about
> removing kernel(something) in the list of things to do during the
> intall, I'd abort.
>

I think yum*protectbase may do the job there.
so you place "protect=yes",
in the the legit repos

so other rpm\repcannot replace it with similar\updated file.

> (Not that that'd help those who routinely do "yum -y install" without
> due care.)
>
> I think the case that installing a package that generates a file during
> installation, can leave a file that's not owned by the package (as far
> as YUM and RPM databases are concerned).
>

I think in fedora guidelines all files have to be owned by the pkg.
open to correction.

-- 
Regards,

Frank Murphy
UTF_8 Encoded
Friend of Fedora
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: [389-users] Delete object on Consumer

[Rich Megginson]

On 05/20/2011 09:20 AM, Jim Tyrrell wrote:
> On 20/05/2011 15:47, Rich Megginson wrote:
>> On 05/20/2011 08:43 AM, Rich Megginson wrote:
>>> On 05/20/2011 05:18 AM, Jim Tyrrell wrote:
 Hi,

 We have a setup with multiple masters which are replicating down to 
 389
 Directory Server consumers via 2 hubs, but have a consistency issue.

 It appears a few objects were deleted and re-added to the masters but
 the object was not deleted from the 389 consumers.  We now have  1
 object on the masters and 2 objects on the consumers which causes
 problems for the mail servers.  If we delete the object from the 
 master
 we are still left with one object on the slaves.  The slaves currently
 have a few duplicate objects like this:

 dn: cn=mx::10, cn=somedomain.co.uk, ou=dns, o=acmesystems.com
 cn: mx::10
 mailtransport: nexthop:[mailserver.ourdomain.com]
 dnspreference: 10
 dnstype: MX

 dn:
 nsuniqueid=7edfa581-1dd211b2-8014f995-55bd+cn=mx::10,cn=somedomain.co.uk,
  

 ou=dns,o=acmesystems.com
 cn: mx::10
 mailtransport: nexthop:[mailserver.ourdomain.com]
 dnspreference: 10
 dnstype: MX

 The object showing nsuniqueid is the valid one that exists on the
 master.  Is there a way to remove the 2nd object from the consumer
 without re-initialising?
>>> not sure, but you could try this
>>>
>>> 1) make sure no supplier will attempt to send updates - you can do this
>>> by "suspending" replication - how it works is that you first do a 
>>> search
>>> on the suppliers for the replication agreement for this server
>>> a) ldapsearch -x -D "cn=directory manager" -W -b cn=config
>>> "objectclass=nsds5replicationagreement"
>>> find the one for your consumer, then note the dn:
>>> b) use ldapmodify to change the replication schedule to be "not now":
>>> ldapmodify -x -D "cn=directory manager" -W<>> dn: the dn of the replication agreement
>>> changetype: modify
>>> replace: nsds5replicaupdateschedule
>>> nsds5replicaupdateschedule: 2358-2359 0
>>> EOF
>>>
>>> 2) shutdown the server you are attempting to fix
>>> 3) edit dse.ldif - find the mapping tree entry for the suffix
>>> cn=somedomain.co.uk,
>>> ou=dns,o=acmesystems.com - change nsslapd-state: backend
>>> 4) start the server
>>> 5) ldapdelete -x -D "cn=directory manager" -W
>>> "nsuniqueid=7edfa581-1dd211b2-8014f995-55bd+cn=mx::10,cn=somedomain.co.uk,
>>>  
>>>
>>>
>>> ou=dns,o=acmesystems.com"
>>>
>>> or any other modify operation you might need to do
>> Whoops - almost forgot these steps, before resuming replication
>> 6) stop the server
>> 7) edit the mapping tree entry again - change nsslapd-state: referral on
>> update
>> 8) start the server
>> then resume replication as below
>>> 6) on the suppliers, "resume" replication
>>> ldapmodify -x -D "cn=directory manager" -W<>> dn: the dn of the replication agreement
>>> changetype: modify
>>> replace: nsds5replicaupdateschedule
>>> nsds5replicaupdateschedule: -2359 0123456
>>> EOF
>>>
>>> see also
>>> http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#Managing_Replication-Solving_Common_Replication_Conflicts
>>>  
>>>
>>>
 I have seen this before on a single consumer so we re-initialised it,
 but its a much bigger problem to re-initialise all of the 
 consumers.  It
 would be ideal if there is a way to manually delete an object 
 direct on
 a consumer?

 Thanks.

 Jim.

 -- 
 389 users mailing list
 389-us...@lists.fedoraproject.org
 https://admin.fedoraproject.org/mailman/listinfo/389-users
>>> -- 
>>> 389 users mailing list
>>> 389-us...@lists.fedoraproject.org
>>> https://admin.fedoraproject.org/mailman/listinfo/389-users
>> -- 
>> 389 users mailing list
>> 389-us...@lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/389-users
> Thanks for the info - I will give that a go.
>
> I had been thinking about this and wondered if another solution would 
> be to resurrect the tombstone entry on the master server and then 
> perform a delete via the master?  Is that  possible - would removing 
> the ObjectClass of nsTombstone undelete it and re-add it to the 
> index?  I have searched and found some mentions of doing that in 
> Active Directory..
not sure - I suppose you could try it
>
> Ta.
>
> Jim.

--
389 users mailing list
389-us...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

Re: Antivirus for Fedora 14

[Tim]

I've just been considering one of the security flaws that Windows has,
and wondering how Linux contends with the same issue:  On Windows, it
was always a problem that you might install something (intentionally or
not) that would replace a system file that it shouldn't be able to.

On Linux, if you were to try and install a file that wanted to replace
some system file, or some file belonging to another package that may be
just as important, can you *expect* the install process to remove the
original owner package?  Or is it possible to stuff up some file
belonging to another package, silently?

e.g. If I was to install silly-game.rpm and I saw comments about
removing kernel(something) in the list of things to do during the
intall, I'd abort.

(Not that that'd help those who routinely do "yum -y install" without
due care.)

I think the case that installing a package that generates a file during
installation, can leave a file that's not owned by the package (as far
as YUM and RPM databases are concerned).

-- 
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: booting F14 on 2nd drive on a Windows 7 PC

[Tim]

On Sat, 2011-05-21 at 00:24 +0930, Tim wrote:
> NB:  Telling the BIOS that drive one is drive two, and drive two is
> drive one, doesn't always work.  Sometimes they get swapped as far as
> the BIOS selecting the other drive to boot from.  But aren't regarded
> as swapped by the OS that is booted.
>  
> The stalling at a blinking prompt sounds rather like the problem I've
> just outlined in the above paragraph.

A bit more info:  That sort of thing can happen for reasons outlined by
other posters.  As well as what I've already said, during installation,
you boot from a CD or DVD, and this can change which drives are regarded
as drive one or two, differently from how their counted when you haven't
booted from a CD/DVD.

When your picking drives to format, install to, and write bootloaders
to, carefully check which drives you're working on.  This is easier to
tell if they're different makes, models, or sizes.  As, generally, at
least some part of that information is presented during the process.

Back when I bothered with dual booting, I used to unplug the Windows
drive during the installation and set up.

 ... 

Following on from my prior posting.  Perhaps, if your BIOS is painful,
you might want to re-arrange drives so that Linux is drive one, and
Windows drive two.  The GRUB menu file for choosing which drive to boot
can include commands to pseudo-swap drives one and two around, to make
one of the OSs happy, if they insist on believing that *they're* on
drive one.

e.g. title LemonOS (Windows)
map (hd0) (hd1)
map (hd1) (hd0)
rootnoverify (hd0,0)
chainloader +1

The "rootnoverify" referring to the Windows partition, so you'd set the
hdX,Y drive and partition numerical options to suit your system's
drives, rather than mine.

Where you do most of the fiddling around, regarding drive numbering,
will depend rather on whether the OS in question boots through the BIOS,
or the BIOS hands the baton on and it boots itself.

-- 
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[Tim]

On Fri, 2011-05-20 at 07:37 -0700, Braja Kishore Chattaraj wrote:
> Are there any anti-virus software that would be necessary to install
> for Fedora

It's generally regarded that you don't need anti-virus software for
Linux.  I haven't bothered, haven't seen the need for it, and I think
it's been around a decade that I've been running Linux this way.  (And I
do mean it runs, not hobbles about in a broken way, that some people
will put up with.)

Counter to that, if your Linux computer is a server for Windows
computers (file server, mail server, etc.).  That it's a good idea to
run anti-virus software on the Linux computer.  Not to protect itself,
but for it to protect the other computers.

e.g. Viruses could be received in the mail, and you can wipe them out
before they get to the very vulnerable Windows computers.  Or, already
infected Windows boxes might try infecting every file that they've
access to, including ones stored over the network on a Linux server, to
spread to other Windows boxes.

Related to anti-virus, as another sort of malicious software:  If you're
going to install software from outside of Fedora's own file
repositories, and outside of the other ones that Fedora users commonly
use (RPM fusion, AT RPM, Livna, et cetera).  Then you are at some
increased risk from non-virus files (ones that don't spread by
themselves, but by you installing them).  "Root kits" being the key word
to learn about, essentially a miscreant installs a way into your
computer, and hides it from general notice.

You're still at some risk from those issues from files from our
community's own repos, but we're far more likely to find out about it,
because the users of those files are on this list.  I'm yet to hear
about such a thing.  But we wouldn't know about any other random program
from some random website, and you'd need to do your own research.

If you run a webserver, then it's an entry point into your computer.  If
it has security hole, then it's something you need to contend with.
Again, not that I'm aware that merely running Apache on a Fedora box
leaves you unsafe.  But if you install scripts from goodness knows
where, or some of the everything-and-the-kitchen-sink website packages,
you may well add something that creates a security problem.

You need to consider how you will use your computer, how it will connect
with other computers, and work out where any vulnerabilities may be, and
work on them.


-- 
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: booting F14 on 2nd drive on a Windows 7 PC

[Tim]

On Thu, 2011-05-19 at 14:25 -0600, FHDATA wrote:
> A. Recently purchased PC has 2 physical drives (let's
> call them  p0 , p1).
> 
> B. p0 has windows 7 ; p1 is blank never been used.

Presuming that before installing Linux onto the second drive, that the
computer worked as expected (boots up to Windows on the first drive,
even with the second unused drive attached).

It could be that the computer thinks drive one and two are around the
other way, it tried to boot from drive one, found no bootable OS, and
booted from the second one.

Simple step to take:  Swap drive cables between the drives.  See what
happens.

NB:  Telling the BIOS that drive one is drive two, and drive two is
drive one, doesn't always work.  Sometimes they get swapped as far as
the BIOS selecting the other drive to boot from.  But aren't regarded as
swapped by the OS that is booted.

The stalling at a blinking prompt sounds rather like the problem I've
just outlined in the above paragraph.

> Can I have a system as stated above so I can boot
> to p1 with linux on it without p0 ever being touched
> in any way ?

It is possible.  There are several ways.  Here's just three of them:

1. Depending on your BIOS you can choose which drive to boot, from it,
each time.  Though, depending on your BIOS, you can wear it out by
keeping on changing its settings.  It depends on whether you're
resetting which drive is which, or it's simply a boot choice which
doesn't store a setting.

2. You can copy the bootblock from the Linux drive as a file onto the
Windows drive (this will only need doing once), and then add to the
Windows boot menu an option to boot from that bootblock.  Making Windows
your boot menu controller.

3. If you can sort out which drives are which, and your BIOS doesn't
confuse things, and get Linux to boot up.  You can make your Linux drive
your boot drive, and have its boot menu pick whether to boot Windows or
Linux.

Think about it, do some experimenting, then concentrate on just one of
them.

-- 
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[Alan Cox]

> There is no real requirement for anti-virus on Linux,
> just keep your system updated from approved channels.
> Keep an eye on your logs for anything fishy

chkrootkit can also be handy
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Antivirus for Fedora 14

[Frank Murphy]

On 20/05/11 15:37, Braja Kishore Chattaraj wrote:
> I have read articles about vulnerabilities in x-windows. I just
> completed installation of Fedora 14 on a brand new PC (not shared with
> any other OS for now but may install Scientific Linux as well). Are
> there any anti-virus software that would be necessary to install for
> Fedora 14. What does the user community typically install, if any?
>
> Thanks,
> Braja
>

There is no real requirement for anti-virus on Linux,
just keep your system updated from approved channels.
Keep an eye on your logs for anything fishy

If you must use an anti-virus, clamav is what most go for.


-- 
Regards,

Frank Murphy
UTF_8 Encoded
Friend of Fedora
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: [389-users] Delete object on Consumer

[Rich Megginson]

On 05/20/2011 08:43 AM, Rich Megginson wrote:
> On 05/20/2011 05:18 AM, Jim Tyrrell wrote:
>> Hi,
>>
>> We have a setup with multiple masters which are replicating down to 389
>> Directory Server consumers via 2 hubs, but have a consistency issue.
>>
>> It appears a few objects were deleted and re-added to the masters but
>> the object was not deleted from the 389 consumers.  We now have  1
>> object on the masters and 2 objects on the consumers which causes
>> problems for the mail servers.  If we delete the object from the master
>> we are still left with one object on the slaves.  The slaves currently
>> have a few duplicate objects like this:
>>
>> dn: cn=mx::10, cn=somedomain.co.uk, ou=dns, o=acmesystems.com
>> cn: mx::10
>> mailtransport: nexthop:[mailserver.ourdomain.com]
>> dnspreference: 10
>> dnstype: MX
>>
>> dn:
>> nsuniqueid=7edfa581-1dd211b2-8014f995-55bd+cn=mx::10,cn=somedomain.co.uk,
>> ou=dns,o=acmesystems.com
>> cn: mx::10
>> mailtransport: nexthop:[mailserver.ourdomain.com]
>> dnspreference: 10
>> dnstype: MX
>>
>> The object showing nsuniqueid is the valid one that exists on the
>> master.  Is there a way to remove the 2nd object from the consumer
>> without re-initialising?
> not sure, but you could try this
>
> 1) make sure no supplier will attempt to send updates - you can do this
> by "suspending" replication - how it works is that you first do a search
> on the suppliers for the replication agreement for this server
> a) ldapsearch -x -D "cn=directory manager" -W -b cn=config
> "objectclass=nsds5replicationagreement"
> find the one for your consumer, then note the dn:
> b) use ldapmodify to change the replication schedule to be "not now":
> ldapmodify -x -D "cn=directory manager" -W< dn: the dn of the replication agreement
> changetype: modify
> replace: nsds5replicaupdateschedule
> nsds5replicaupdateschedule: 2358-2359 0
> EOF
>
> 2) shutdown the server you are attempting to fix
> 3) edit dse.ldif - find the mapping tree entry for the suffix
> cn=somedomain.co.uk,
> ou=dns,o=acmesystems.com - change nsslapd-state: backend
> 4) start the server
> 5) ldapdelete -x -D "cn=directory manager" -W
> "nsuniqueid=7edfa581-1dd211b2-8014f995-55bd+cn=mx::10,cn=somedomain.co.uk,
>
> ou=dns,o=acmesystems.com"
>
> or any other modify operation you might need to do

Whoops - almost forgot these steps, before resuming replication
6) stop the server
7) edit the mapping tree entry again - change nsslapd-state: referral on 
update
8) start the server
then resume replication as below
> 6) on the suppliers, "resume" replication
> ldapmodify -x -D "cn=directory manager" -W< dn: the dn of the replication agreement
> changetype: modify
> replace: nsds5replicaupdateschedule
> nsds5replicaupdateschedule: -2359 0123456
> EOF
>
> see also
> http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#Managing_Replication-Solving_Common_Replication_Conflicts
>
>> I have seen this before on a single consumer so we re-initialised it,
>> but its a much bigger problem to re-initialise all of the consumers.  It
>> would be ideal if there is a way to manually delete an object direct on
>> a consumer?
>>
>> Thanks.
>>
>> Jim.
>>
>> --
>> 389 users mailing list
>> 389-us...@lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/389-users
> --
> 389 users mailing list
> 389-us...@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-us...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

Re: Antivirus for Fedora 14

[Bruno Wolff III]

On Fri, May 20, 2011 at 07:37:27 -0700,
  Braja Kishore Chattaraj  wrote:
> I have read articles about vulnerabilities in x-windows. I just completed 
> installation of Fedora 14 on a brand new PC (not shared with any other OS for 
> now but may install Scientific Linux as well).  Are there any anti-virus 
> software that would be necessary to install for Fedora 14. What does the user 
> community typically install, if any?

Normally not, unless you are running a mail server.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: [389-users] Delete object on Consumer

[Rich Megginson]

On 05/20/2011 05:18 AM, Jim Tyrrell wrote:
> Hi,
>
> We have a setup with multiple masters which are replicating down to 389
> Directory Server consumers via 2 hubs, but have a consistency issue.
>
> It appears a few objects were deleted and re-added to the masters but
> the object was not deleted from the 389 consumers.  We now have  1
> object on the masters and 2 objects on the consumers which causes
> problems for the mail servers.  If we delete the object from the master
> we are still left with one object on the slaves.  The slaves currently
> have a few duplicate objects like this:
>
> dn: cn=mx::10, cn=somedomain.co.uk, ou=dns, o=acmesystems.com
> cn: mx::10
> mailtransport: nexthop:[mailserver.ourdomain.com]
> dnspreference: 10
> dnstype: MX
>
> dn:
> nsuniqueid=7edfa581-1dd211b2-8014f995-55bd+cn=mx::10,cn=somedomain.co.uk,
> ou=dns,o=acmesystems.com
> cn: mx::10
> mailtransport: nexthop:[mailserver.ourdomain.com]
> dnspreference: 10
> dnstype: MX
>
> The object showing nsuniqueid is the valid one that exists on the
> master.  Is there a way to remove the 2nd object from the consumer
> without re-initialising?
not sure, but you could try this

1) make sure no supplier will attempt to send updates - you can do this 
by "suspending" replication - how it works is that you first do a search 
on the suppliers for the replication agreement for this server
a) ldapsearch -x -D "cn=directory manager" -W -b cn=config 
"objectclass=nsds5replicationagreement"
find the one for your consumer, then note the dn:
b) use ldapmodify to change the replication schedule to be "not now":
ldapmodify -x -D "cn=directory manager" -W  I have seen this before on a single consumer so we re-initialised it,
> but its a much bigger problem to re-initialise all of the consumers.  It
> would be ideal if there is a way to manually delete an object direct on
> a consumer?
>
> Thanks.
>
> Jim.
>
> --
> 389 users mailing list
> 389-us...@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-us...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

Re: Antivirus for Fedora 14

[Luc Maignan]

Clamav is your friend...



Le 20 mai 2011 à 16:37, Braja Kishore Chattaraj  a écrit 
:

> I have read articles about vulnerabilities in x-windows. I just completed 
> installation of Fedora 14 on a brand new PC (not shared with any other OS for 
> now but may install Scientific Linux as well).  Are there any anti-virus 
> software that would be necessary to install for Fedora 14. What does the user 
> community typically install, if any?
> 
> Thanks,
> Braja
> 
> -- 
> users mailing list
> users@lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[Tim]

On Thu, 2011-05-19 at 21:30 -0700, JD wrote:
> Tim, your points are way too generalized.

I've made specific points, already in this thread.

> No one said not broadcasting alone will make you
> safer. It is advised as part of the larger defense
> scheme of choosing a strong protocol, a strong encryption
> scheme, a 63 byte string, preferably random if user can
> work with it, ...etc ...etc.

I've seen posts where it declares not broadcasting a SSID makes it
safer.  It does not.  It does not in any way.

As such, it is not part of any broader scheme of making it safer.  All
it is, is a waste of time.  And that is ALL that it is.

Get it through your head, you and everyone else, that messing with the
SSID has ABSOLUTELY NOTHING TO DO WITH ANY SORT OF SECURITY.  Arguing
with me, and anyone else about this does NOT change the *facts*.

That's a very specific statement, and I've made it before.  There are no
counter arguments to it.  Every single attempt that people have made to
try and justify the bogus claim about hiding the SSID being a security
step has been wrong.

Perhaps we need to be even clearer:  Security means locking out unwanted
connections.  It means steps that actually fulfil that purpose.  It does
not include anything that doesn't actually have that ability.

SSID *cannot* be used to "restrict access," it is not part of its
function.

> You keep harping about a point

Clueless people keep harping on about doing something that doesn't do
what they think it does, but does actually cause other problems.

> You proceed on the assumption that everyone who wants to connect to
> your wlan is a savvy hacker with the right tools.

No I do not.  I've said, several times, and so have others, that you do
not need to be any sort of tech savvy hacker to bypass this fallacy.  It
can by sidestepped by those who have no idea about how it even works.

If you can install a new program on your computer, which doesn't require
any sort of computing knowledge, then you can install a *thing* that
lets you connect to someone else's WLAN.  It's as simple as that.  Even
a really dumb Windows user can do it.  I dare say that there's programs
for doing so on the Mac, as well, for the really minimally tech savvy
point and click crowd.

 ...

*I* haven't said anything about breaking WPA2 being easy, nor posted any
such bogus links.

As it currently stands, encryption is the *ONLY* thing that can secure a
WLAN, and using WPA2 with sensible options is the only one that remains
secure.

I've already said that, too.

Paint your WLAN access point bright pink with green polka dots.  That'll
make it more secure.

-- 
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[g]

On 05/20/2011 02:20 PM, g wrote:
<>

> better yet, have a look at this;
> 
>   http://en.wikipedia.org/wiki/Pretty_Good_Privacy

in addition:

yes, i went back and re-read page.

to me, there is are fine points between the meanings of, publishing,
exporting, and making available on a web site.

Phil did exactly what he should have done. and, i would say, a very
strong reason that charges where dropped.

-- 

peace out.

tc.hago,

g
.



signature.asc
Description: OpenPGP digital signature
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Antivirus for Fedora 14

[Braja Kishore Chattaraj]

I have read articles about vulnerabilities in x-windows. I just completed 
installation of Fedora 14 on a brand new PC (not shared with any other OS for 
now but may install Scientific Linux as well).  Are there any anti-virus 
software that would be necessary to install for Fedora 14. What does the user 
community typically install, if any?
Thanks,Braja
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[jdow]

On 2011/05/20 02:07, Marko Vojinovic wrote:
> On Friday 20 May 2011 05:30:11 JD wrote:

>> Tim, your points are way too generalized.
>> No one said not broadcasting alone will make you
>> safer. It is advised as part of the larger defense
>> scheme
>
> That is a very bad advice. Hiding SSID has *nothing* to do with any security,
> and suggesting that it does is just a mirage, giving a casual reader a false
> sense of security. It (a) breaks regular WLAN functionality and (b) gains
> absolutely nothing in terms of security. Such a setup can be useful only if
> you intentionaly want to break the regular functionality of your wireless
> network. There are some scenarios where that might be useful, but none of them
> have anything to do with security.
>
> If you want to secure a wireless network, implement wpa2-psk/aes and use
> strong passphrases for everything. That is the *only* thing that makes your
> wlan reasonably secure. But hiding SSID, filtering MAC addresses, is just
> useless in terms of security.
>
> I believe that was Tim's point as well.

If you want real security use an encrypted vlan over the wireless link.

{^_^}
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[g]

On 05/20/2011 12:27 PM, Patrick O'Callaghan wrote:
> On Fri, 2011-05-20 at 09:46 +, g wrote:
>> in all of above results;
>>
>>   you will find pro and con about 'ssid'.
>>   you will find wpa2 can be hacked if key is weak.
> 
> As I said before, I don't need to open any of these links to know that a
> weak password gives poor security.

my apoligies for addressing my post to you and naming you specifically
as who it was intended.


in addition, "pgp", ie, "pretty good privacy".

maybe you, 'poc' should look up the history of pgp.

like in what country it was designed, what country was against it
and requested/forced pgp's withdrawal, and what country it was again
released from.

would you like for me to google that for you?

better yet, have a look at this;

  http://en.wikipedia.org/wiki/Pretty_Good_Privacy

and to insure that you do not miss link in above page, look at;

  http://en.wikipedia.org/wiki/Phil_Zimmermann

while there, do note headings: "Background" and "PGP".

i guess people on _your_ side of 'the big pond' are not as familiar
as those of us on this side.

-- 

peace out.

tc.hago,

g
.


in a free world without fences, who needs gates.
**
help microsoft stamp out piracy - give linux to a friend today.
**
to mess up a linux box, you need to work at it.
to mess up an ms windows box, you just need to *look* at it.
**
The installation instructions stated to install Windows 2000 or better.
So I installed Linux.
**
learn linux:
'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html
'The Linux Documentation Project' http://www.tldp.org/
'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html
'HowtoForge' http://howtoforge.com/




signature.asc
Description: OpenPGP digital signature
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[James McKenzie]

On Fri, May 20, 2011 at 5:27 AM, Patrick O'Callaghan
 wrote:
> On Thu, 2011-05-19 at 21:30 -0700, JD wrote:
>> Gov has made it illegal to publish such algorithms, at least
>> in the USA.
>
> Evidence?
>
Not so.  DES, 3DES and AES are all PUBLISHED alogrithms and are used
by the DoD/NSA (CISSP training from (ISC)2 as source.)  PGP using IDEA
is a published alogrithm.  There are NO bans against publishing them,
just distributing them to "controlled countries" by US law.
Fedora/RedHat have had to take the position that they will supply the
packages to only those who do not export to controlled countries or
banned individuals.

The KEY to security is a STRONG KEY, if using PGP (asymetric key
alogrithm) keeping your private key private, and keeping a shared
secret so.  WPA-2 + AES is a published standard and alogrithm.  It is
best to use a very strong, 168+ bit, key and keeping it secure.

Thus, the key to securing your Wireless network is a combination of
using very strong cryptography and very good physical security
(knowing who is connected and why and who is connected to your
wired+wireless router physically.)

James McKenzie
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[Patrick O'Callaghan]

On Thu, 2011-05-19 at 21:30 -0700, JD wrote:
> Gov has made it illegal to publish such algorithms, at least
> in the USA.

Evidence?

poc

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[Patrick O'Callaghan]

On Fri, 2011-05-20 at 09:46 +, g wrote:
> in all of above results;
> 
>   you will find pro and con about 'ssid'.
>   you will find wpa2 can be hacked if key is weak.

As I said before, I don't need to open any of these links to know that a
weak password gives poor security.

poc

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[g]

On 05/20/2011 10:17 AM, Timothy Murphy wrote:
<>

> Or enter 
> 
>   "riemann hypothesis proof"
> 
> about 120,000 results.
> One of those MUST be right ...

is that with or without quotes?


-- 

peace out.

tc.hago,

g
.



signature.asc
Description: OpenPGP digital signature
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[Timothy Murphy]

g wrote:

> open a browser, log google at;
> 
>http://www.google.com/advanced_search?hl=en&num=100
> 
> *leave quotes and plus sign just as they are shown*.
> 
> 
> enter this in 'all these words';
> 
>   "crack+wpa2" "cracking+wpa2"
> 
> about 1,600 results.

Or enter 

"riemann hypothesis proof"

about 120,000 results.
One of those MUST be right ...


-- 
Timothy Murphy  
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[g]

On 05/20/2011 04:30 AM, JD wrote:
<>

> Tim, your points are way too generalized.

as is this whole thread has been.


open a browser, log google at;

   http://www.google.com/advanced_search?hl=en&num=100

*leave quotes and plus sign just as they are shown*.


enter this in 'all these words';

  "crack+wpa2" "cracking+wpa2"

about 1,600 results.


open a second tab, log above link,
 enter this in 'all these words';

   "hack+wpa2" "hacking+wpa2"

about 717 results.


open a third tab, log above link,
 enter this in 'all these words';

  "crack+wpa2" "cracking+wpa2" "hack+wpa2" "hacking+wpa2"

about 234 results.


open a fourth tab, log above link,
 enter this in 'this exact wording or phrase';

  crack+wpa2 cracking+wpa2 hack+wpa2 hacking+wpa2

results not shown.


open a fifth tab, log above link,
 enter this in 'this exact wording or phrase';

  securing wpa2

4 results.


in all of above results;

  you will find pro and con about 'ssid'.
  you will find wpa2 can be hacked if key is weak.


*but*, the main thing about all of this, and should be and needs to
be _understood_, if you do not read these links to see how and what
is being shown and then run these procedures against your own system,
you just might be vulnerable and your system can/may be hacked.


debating who is right and who is wrong about what, is doing nothing
but waisting time that should be spent testing your system to insure
that what is being shown on internet can not be used to crack/hack
your system.


*note*, use of words "you" and "your" is not directed at any one
person in this thread. they are used in a general term and in no
way reflect upon any persons living or dead.


hth.

later.
-- 

peace out.

tc.hago,

g
.


in a free world without fences, who needs gates.
**
help microsoft stamp out piracy - give linux to a friend today.
**
to mess up a linux box, you need to work at it.
to mess up an ms windows box, you just need to *look* at it.
**
The installation instructions stated to install Windows 2000 or better.
So I installed Linux.
**
learn linux:
'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html
'The Linux Documentation Project' http://www.tldp.org/
'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html
'HowtoForge' http://howtoforge.com/




signature.asc
Description: OpenPGP digital signature
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[Marko Vojinovic]

On Friday 20 May 2011 10:10:14 Ed Greshko wrote:
> On 05/20/2011 05:07 PM, Marko Vojinovic wrote:
> > If you think that hiding SSID will help with security, you might as well
> > add that hanging a pack of onions in front of the house will also help
> > make your wireless more secure
> 
> There's your problem  It should be "garlic"!  :-) :-)

Oh my, you're right! Garlic! :-)

LOL :-D

Best, :-)
Marko

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: USB wireless adaptor that supports Master Mode?

[Tom Horsley]

On Thu, 19 May 2011 20:51:22 -0700
Derek Tattersall wrote:

> My laptop says its built in wireless is an RTL8192CE. Does that support 
> AP mode? I couldn't get it to work as an AP when I tried it. Which is 
> why I was looking for a USB dongle that would work.

I'd look it up in the table at:

http://wireless.kernel.org/en/users/Drivers

It probably has the same ? as the "cu" version and is currently
under active development but may work someday soon.

> What is the difference between an RTL8192ce and an RTL8192cu anyway?

Maybe "e" is embedded (like in a laptop) and "u" is usb?
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[Ed Greshko]

On 05/20/2011 05:07 PM, Marko Vojinovic wrote:
> If you think that hiding SSID will help with security, you might as well add 
> that hanging a pack of onions in front of the house will also help make your 
> wireless more secure 

There's your problem  It should be "garlic"!  :-) :-)

-- 
Sight is a faculty; seeing is an art. 葛斯克 愛德華 / 台北市八德路四段


signature.asc
Description: OpenPGP digital signature
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Protected WLAN

[Marko Vojinovic]

On Friday 20 May 2011 05:30:11 JD wrote:
> On 05/19/11 21:14, Tim wrote:
> > On Fri, 2011-05-20 at 12:19 +0900, Misha Shnurapet wrote:
> >> Nope, if you're a plain user like me using an applet to "scan" you'll
> >> only see what's broadcast.
> > 
> > Nope, depending on your client, you'll see them all.  Even Windows did
> > that.  You'd see a list of *all* transmitting access points, and the
> > ones with the so-called hidden SSID listed as "unnamed."
> > 
> > It really is bogus advice to hide it.
> > 
> >   1. Clueless user follows bogus advice, falsely believes it makes
> >  them safer.
> >   
> >   2. Clueless user, then, finds things that they want to connect to
> >  their WLAN, now, won't connect.
> >   
> >   3. Clueless user has to ask for help.
> >   4. Wastes all our time.
> >   5. Slightly clueful user, now, starts to broadcast their SSID and
> >  everything works fine.
> >   
> >   6. Or, pigheaded clueless user continues to hide their SSID, and
> >  continues to fight with WLAN and mailing list...
> 
> Tim, your points are way too generalized.
> No one said not broadcasting alone will make you
> safer. It is advised as part of the larger defense
> scheme

That is a very bad advice. Hiding SSID has *nothing* to do with any security, 
and suggesting that it does is just a mirage, giving a casual reader a false 
sense of security. It (a) breaks regular WLAN functionality and (b) gains 
absolutely nothing in terms of security. Such a setup can be useful only if 
you intentionaly want to break the regular functionality of your wireless 
network. There are some scenarios where that might be useful, but none of them 
have anything to do with security.

If you want to secure a wireless network, implement wpa2-psk/aes and use 
strong passphrases for everything. That is the *only* thing that makes your 
wlan reasonably secure. But hiding SSID, filtering MAC addresses, is just 
useless in terms of security.

I believe that was Tim's point as well.

> of choosing a strong protocol, a strong encryption
> scheme, a 63 byte string, preferably random if user can
> work with it, ...etc ...etc.
> You keep harping about a point that is just one of several
> to help individuals be as safe as possible, while keeping
> things manageable.

Tim is not harping, he is just trying to point out (as I did) that it is *not* 
one of the several things to help individuals be as safe as possible. It gains 
exactly *zero* in terms of wireless security.

If you think that hiding SSID will help with security, you might as well add 
that hanging a pack of onions in front of the house will also help make your 
wireless more secure (in case of a vampire hacker attack, I guess :-) ). It is 
advice of the same quality, securitywise. Iow, an urban legend (or a rural 
one, depending on your preference ;-) ).

> You proceed on the assumption that
> everyone who wants to connect to your wlan is a savvy
> hacker with the right tools.
> I do not think that that is the case.

Those without the right tools will not be able to break in, even if you have 
only a stupid plaintext password security implemented. Those with the right 
tools (even incompetent idiots with the right tools, aka script-kiddies) will 
not even notice that your SSID is hidden, because the tools just don't make 
the difference between hidden and public.

Anyway, I believe both Tim and I have made our point for the readers of this 
thread who wish to hear and understand. If you still think it's a good idea, 
go ahead. Everyone is allowed to dream as they like, there's no point in 
repeating "it's not real, it's not real" to a determined dreamer... ;-)

Best, :-)
Marko

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[389-users] Moving admin servers

[Roland Schwingel]

Hi...

I got a question on how to move administration servers.

In my network I do have at present 3 subnets that are managed by 389ds.

Lets call them Net-A, Net-B and Net-C. Each subnet hosts a replica of the
ldap tree. All ldap/admin servers are registered to the admin server on 
Net-A.

Due to some network restructurings Net-A will become a more or less 
"private"
networks. And I also will add 10 more networks (each will host a replica) 
to 389ds.
They all should register to a new adminserver in Net-C.

So I need to move the central admin server from Net-A to Net-C. Is this 
possible 
while being in production? As I understand 389ds the adminservers are 
independant
of the slapd processes doing the concrete ldap. For Net-A there will be a 
hole
in the firewall to allow traffic to port 389,636 and 9830 to the other 
networks.

Any advice on how to accomplish the move of the adminserver de- and 
reregistration?

Thanks in advance for your help,

Roland
--
389 users mailing list
389-us...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

Re: Orinoco WiFi cards

[Timothy Murphy]

Ian Malone wrote:

>> And finally, I wonder if there is a list of PCMCIA and USB WiFi devices
>> compatible with Fedora-14?
> 
> Not specifically F14, but I've been using this recently to try and
> find a new card:
> http://linuxwireless.org/

Thanks, that seems much more up-to-date than the list I mentioned.
However, I notice the Orinoco Gold PCMCIA card I mentioned is listed;
but unfortunately there is a kernel OOPS 
when booting with this card in place (using the driver orinoco_cs).



-- 
Timothy Murphy  
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines