Re: Free TCP/IP port numbers?

The answer is correct - IANA maintains the list of ports. You may also look at the services file nmap maintains or ask showdan what it's seen publicly if you want a public popularity contest of ports. As it is, I'm pretty sure you're over engineering this. Have a config file that has a port range

Re: pen testing beginner

Also, there's tons of free help online (mailing lists - duh, irc, reddit, Twitter, and Facebook has helped me once you get to know the right people). There are also loads of security conferences and meetups (BSides, ISSA, 2600, etc). On Oct 30, 2016 13:54, "shawn wilson" <ag4ve

Re: pen testing beginner

I'll caveat my response by saying I'm not in this field - I'm a lowly sysadmin :) On Oct 30, 2016 00:01, "David Christensen" wrote: > > On 10/29/2016 11:50 AM, emetib wrote: > > have been a linux only person since before 2000 (late 2.2 early 2.4 > > kernels), yet

Re: Shell - escapes

'...' doesn't interpolate. push @f, '$ and a'; push @f, "'"; print join '', @f; If you want. I have a feeling YDIW and need to step back and present the actual problem. On May 10, 2016 05:36, "Die Optimisten" wrote: > Hi, > > How can I escape a ' inside '...' > e.g.

Re: iptables changes triggering audit messages, despite auditd not being installed

On May 5, 2016 8:10 AM, "Tony Evans" <t...@darkstorm.co.uk> wrote: > > Firstly, apologies for double-posting the issue originally. > > On 5 May 2016 at 13:05, shawn wilson <ag4ve...@gmail.com> wrote: > > > > On May 5, 2016 6:03 AM, "Tony Evans

Re: iptables changes triggering audit messages, despite auditd not being installed

On May 5, 2016 6:03 AM, "Tony Evans" wrote: > > I can't find why the log entries are being created (i.e. I know the > trigger, but I can't work out why that trigger is now generating log > entries when it wasn't doing that before I installed and removed > auditd). > I'm

Re: RECOMMEND: Wireless Home Router with VPN Built-In

Seconded (unless you can't) On Apr 25, 2016 8:29 PM, "Joel Wirāmu Pauling" wrote: > My advise stands. Use a VPN client on the end devices. > > On 26 April 2016 at 12:27, Patrick Bartek wrote: > >> On Mon, 25 Apr 2016, Joel Wirāmu Pauling wrote: >> >> > I

Re: Firewall - basic config?

On Apr 23, 2016 3:54 PM, "Joe" wrote: > . > > You might also try iptables -S which will list the rules in the form > that you would enter by hand as arguments to the iptables command. It is > a different view, and you may see things that are less obvious in the > -L view. >

Re: TCP/IP over Bluetooth

On Apr 23, 2016 06:27, "Reco" wrote: > > On Sat, 23 Apr 2016 10:23:57 +0100 > Joe wrote: > > > 'Proper' serial equipment > > typically does not go higher than 115kBd, and most wired serial > > applications need much less than that. > > But

Re: TCP/IP over Bluetooth

On Apr 23, 2016 00:09, wrote: > > According to https://en.wikipedia.org/wiki/Bluetooth , > Bluetooth was "... originally conceived as a wireless alternative > to RS-232 data cables." Therefore TCP/IP inside PPP on a > Bluetooth connection is hypthetically possible. > > Has

Re: [ A little off topic] Best e-mail client for Android

Y'all know you can buy kaiten mail and support the dev, right? On Mon, Apr 11, 2016 at 8:29 AM, Byung-Hee HWANG (황병희) wrote: > On 2016년 4월 11일 오후 9시 8분 6초 GMT+09:00, Hans wrote: >>Am Montag, 11. April 2016, 08:02:13 schrieb German: >>> I wonder what

Re: Sudo

On Mar 21, 2016 5:56 AM, "Lisi Reisz" wrote: > > On Monday 21 March 2016 04:51:35 Jude DaShiell wrote: > > When you installed LinuMint I'm going to make a wag here and figure you > > didn't put a password in for root and because of that LinuMint put your > > user account in

Re: Good keyboard

On Feb 11, 2016 1:21 PM, "David Christensen" wrote: > Thoughts? Comments? > I don't have one of those (but I think I'll buy one). Currently I swear by my ducky mini (obviously remap caps lock to escape - also, I use vim/vim mode so YMMV if you like arrowing around

Re: Libre graphics could become the standard if we push right now

On Jan 14, 2016 5:11 PM, "Zlatan Todoric" wrote: > > > > On 01/14/2016 09:11 PM, Alberto Salvia Novella wrote: > > Nearly all compact Linux computers feasible for gaming are sold > > exclusively using NVIDIA graphics, and that company is hostile to libre > > software. > > > >

Re: installing Debian on USB flash drive for use in many machines

On Sat, Nov 28, 2015 at 6:08 PM, Renaud OLGIATI wrote: > Why not use Knoppix, instead of re-inventing the wheel ? > For me, it's just nice to have an easy to boot system w/ storage - takes me a few minutes to setup and then I've got a thumb disk I can boot for

Re: installing Debian on USB flash drive for use in many machines

On Nov 28, 2015 3:37 PM, "David Christensen" wrote: > > I am continuing to work on the idea of installing Debian on a USB flash drive for use in many machines, primarily for diagnostics, maintenance, repair, backup, archive, imaging, etc.. > Google "debootstrap usb" -

Re: installing Debian on USB flash drive for use in many machines

On Nov 28, 2015 4:30 PM, "Joe" wrote: > > On Sat, 28 Nov 2015 12:37:12 -0800 > David Christensen wrote: > > Why you may be barking up the wrong tree is that all the software is > there, but the Ethernet interface is not being brought up. DHCP on

Re: how execute a script

On Nov 16, 2015 5:37 PM, "Lisi Reisz" wrote: > > On Monday 16 November 2015 19:33:51 David Wright wrote: > > On Mon 16 Nov 2015 at 06:54:40 (+0100), Martin Str|mberg wrote: > > > In article David Wright > wrote: > > >

Re: how execute a script

On Tue, Nov 17, 2015 at 1:02 PM, Chris Bannister <cbannis...@slingshot.co.nz> wrote: > On Tue, Nov 17, 2015 at 09:31:53AM -0500, shawn wilson wrote: >> On Nov 16, 2015 5:37 PM, "Lisi Reisz" <lisi.re...@gmail.com> wrote: >> > department has been trying for

Re: how execute a script

On Tue, Nov 17, 2015 at 1:25 PM, Elimar Riesebieter <riese...@lxtec.de> wrote: > * shawn wilson <ag4ve...@gmail.com> [2015-11-17 13:08 -0500]: > >> On Tue, Nov 17, 2015 at 1:02 PM, Chris Bannister >> <cbannis...@slingshot.co.nz> wrote: >> > On Tue, N

Re: how execute a script

On Tue, Nov 17, 2015 at 1:56 PM, Brian <a...@cityscape.co.uk> wrote: > On Tue 17 Nov 2015 at 13:08:49 -0500, shawn wilson wrote: > >> On Tue, Nov 17, 2015 at 1:02 PM, Chris Bannister >> <cbannis...@slingshot.co.nz> wrote: >> > On Tue, Nov 17, 2015

Re: how execute a script

> % file t.sh > t.sh: ASCII text > % cat t.sh > max=10 > Oh and before someone says "but there's some standard that says you're supposed to put a shebang at the top" - afaik, it's not in POSIX anywhere: http://www.in-ulm.de/~mascheck/various/shebang/ So, magic dropped the ball - should've been

Re: how execute a script

On Tue, Nov 17, 2015 at 2:53 PM, Brian <a...@cityscape.co.uk> wrote: > On Tue 17 Nov 2015 at 14:05:25 -0500, shawn wilson wrote: > >> On Tue, Nov 17, 2015 at 1:56 PM, Brian <a...@cityscape.co.uk> wrote: >> > On Tue 17 Nov 2015 at 13:08:49 -0500, shawn wilson wrote

Re: how execute a script

On Tue, Nov 17, 2015 at 2:57 PM, shawn wilson <ag4ve...@gmail.com> wrote: > On Tue, Nov 17, 2015 at 2:53 PM, Brian <a...@cityscape.co.uk> wrote: >> On Tue 17 Nov 2015 at 14:05:25 -0500, shawn wilson wrote: >> >>> On Tue, Nov 17, 2015 at 1:56 PM, Brian <a...@

Re: how execute a script

On Tue, Nov 17, 2015 at 3:24 PM, <to...@tuxteam.de> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Tue, Nov 17, 2015 at 03:15:21PM -0500, shawn wilson wrote: >> > % file t.sh >> > t.sh: ASCII text >> > % cat t.sh >> > max

Re: how execute a script

On Tue, Nov 17, 2015 at 4:25 PM, <to...@tuxteam.de> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Tue, Nov 17, 2015 at 04:13:48PM -0500, shawn wilson wrote: >> On Tue, Nov 17, 2015 at 3:24 PM, <to...@tuxteam.de> wrote: > > [...] > >>

Re: how execute a script

On Tue, Nov 17, 2015 at 5:17 PM, shawn wilson <ag4ve...@gmail.com> wrote: > shouldn't be relied on (also see ftimes xmagic for a more featureful > magic implementation w/e sf comes back up). Ugh, it's back now: http://ftimes.sourceforge.net/FTimes/XMagic.shtml

Re: how execute a script

You can call a function from within a sourced file and it'll run (no matter x bit). So: # ~/bin/runner.sh runner () { echo foo } runner # ~/.bashrc PATH="$PATH:~/bin" source runner.sh On Nov 14, 2015 4:51 AM, "Pol Hallen" wrote: > Put the command at the end of

Re: BIOS size limit for USB flash drives

On Sep 8, 2015 6:51 AM, "Pascal Hambourg" <pas...@plouf.fr.eu.org> wrote: > > shawn wilson a écrit : > > > > (which uefi uses for boot). > > So what ? Who needs an EFI system partition bigger than the recommended > 512 MB ? > Maybe he was trying t

Re: BIOS size limit for USB flash drives

On Sep 7, 2015 9:47 AM, "Ken Heard" wrote: > > > Is there any limit to the size of a USB flash drive with the ext2 file > system encrypted on it which can be addressed through the BIOS > interface? (I am using Debian Jessie.) The largest size I am now > using is 32 gb

Re: Question about mv operation.

On Aug 4, 2015 1:26 AM, Some Body somebody.mo...@gmail.com wrote: Le mardi 04 août 2015 à 16:11 +0800, Magicloud Magiclouds a écrit : Now, I see in both locations, there are the file. My question is, is it safe to remove file in dest, and move to it again from src? If you don't want to

Re: IP address

On Jul 17, 2015 11:53 AM, Elimar Riesebieter riese...@lxtec.de wrote: * John J. Boyer john.bo...@abilitiessoft.org [2015-07-17 08:32 -0500]: I have Jessie set up for CLI only. The machine is on a local network using dhcp. What command will tell me what ip address it is using? $ dig

Re: cp output format

On Jul 17, 2015 7:16 AM, Nicolas George geo...@nsup.org wrote: Le nonidi 29 messidor, an CCXXIII, Andrew McGlashan a écrit : Not sure if this is relevant enough, but I have a method to keep source files -- in this case .forward files in a controlled directory; if any of these differ from

Re: Free GNU/Linux intro class for teens advice? Purchase box? Squeak/Smalltalk programming

On Jul 6, 2015 8:17 PM, Marc D Ronell mron...@alumni.upenn.edu wrote: As a test, I purchased a laptop (Toshiba Satellite C75-B7180) on sale for $350 at our local Microcenter in Cambridge and was able to load GNU/Linux for my son. I am thinking of working some programming

Re: Systemd files on a Raspberry Pi

). On Mon, Jun 22, 2015 at 8:07 PM, chris tknch...@gmail.com wrote: +1 On Jun 22, 2015 7:24 PM, Zebediah C. McClure z...@ensistech.com wrote: On Monday 22 June 2015 18:30:56 shawn wilson wrote: On Jun 22, 2015 4:39 PM, Dan Ritter d...@randomstring.org wrote: On Mon, Jun 22, 2015 at 10:05:28PM

Re: Systemd files on a Raspberry Pi

On Jun 22, 2015 4:39 PM, Dan Ritter d...@randomstring.org wrote: On Mon, Jun 22, 2015 at 10:05:28PM +0200, Ansgar Burchardt wrote: Dan Ritter d...@randomstring.org writes: People only complain about systemd being a cancer if they love the Debian system otherwise. [...] Remember that

Re: Systemd files on a Raspberry Pi

On Jun 22, 2015 9:16 PM, Zebediah C. McClure z...@ensistech.com wrote: I'm sure it's going to continue, There should be a place for this problem though. I took a quick look at the debian bug-tracker and it looks more like a collection of mailing lists. After looking at how systemd does

Re: ipset

On May 9, 2015 12:59 PM, Gokan Atmaca linux.go...@gmail.com wrote: The Loop gives error as follows. # for g in 'gawk '{print $2}' facebook.com-ip'; do ipset add face $g; done ipset v6.23: Syntax error: cannot parse gawk: resolving to IPv4 address failed ipset v6.23: Syntax error: cannot

Re: Which plotter printer would you recommend for construction engineers who will be using Linux?

On Fri, Mar 13, 2015 at 7:39 PM, Doug dmcgarr...@optonline.net wrote: Another reason to buy the HP: if they are abundant, then inks should be abundantly available also. If you get something else, supplies might be difficult to come by in such an out-of-the-way area. Something to check out

Re: Which plotter printer would you recommend for construction engineers who will be using Linux?

On Mar 13, 2015 5:41 PM, Ric Moore wayward4...@gmail.com wrote: You might want to go at this from another direction. I suppose you have already chosen your software?? Ask them. They would know better than anyone what plotter works with their software. Ric I agree with this. But besides

Re: Recompiling debian kernel

On Mar 5, 2015 7:26 AM, csanyi...@gmail.com wrote: make deb-pkg replaces all this: Then I execute make to build the kernel, and sudo make modules_install dpkg-buildpackage -us -uc -b -apowerpc but at these last step I get an error message: make[2]: Leaving directory

Re: rsync question

On Feb 6, 2015 11:14 PM, Don Armstrong d...@debian.org wrote: On Sat, 07 Feb 2015, Curtis Vaughan wrote: That seems to work, but here's a problem. Each time it enters a new user directory I have to re-enter the root password. I realize I can just set it up so that I don't have to enter a

Re: GHOST, Am I ok?

You'll need a reboot since most everything links against libc.so.6 it'll never be unloaded. On Wed, Jan 28, 2015 at 4:59 PM, Bob Bernstein poo...@ruptured-duck.com wrote: On Wed, Jan 28, 2015 at 04:08:06PM -0500, Dan Ritter wrote: After you reboot, you are. Before that, maybe. Thanks

Re: GHOST, Am I ok?

doh, tired. sorry for the repeat. On Wed, Jan 28, 2015 at 5:16 PM, shawn wilson ag4ve...@gmail.com wrote: You'll need a reboot since most everything links against libc.so.6 it'll never be unloaded. On Wed, Jan 28, 2015 at 4:59 PM, Bob Bernstein poo...@ruptured-duck.com wrote: On Wed, Jan

Re: Command line wifi tooling

Not sure if you're looking for cli or ncurses. I always just do: nmcli dev wifi # list APs) nmcli con essid password password That assumes networkmanager - I'm sure installer probably uses iwlist dev scan and then either iwconfig or wpa_supplicant/wpa_passphrase though. On Fri, Nov 28, 2014 at

Re: umask has no man page?

While I like the dhelp script idea, I think man is a pure UX issue - man should generally DWIM because if I type man foo, I don't want to jump through hoops. There times (looking at libraries and system calls and the like) that knowing the system helps. However, with 20 (IDR how many - a bunch)

Re: Installing an Alternative Init?

On Nov 10, 2014 11:34 AM, Michael Biebl bi...@debian.org wrote: Am 10.11.2014 um 17:26 schrieb Patrick Bartek: On Mon, 10 Nov 2014, Michael Biebl wrote: You can use pre-seeding and run preseed/late_command=in-target apt-get install -y sysvinit-core in the debian-installer. While

Re: Joey Hess is out?

On Nov 9, 2014 4:46 AM, Jonathan Dowland j...@debian.org wrote: On Sun, Nov 09, 2014 at 05:38:59PM +1100, Andrew McGlashan wrote: What part of we don't want systemd on any of our systems don't you get? If we don't want it, we won't be testing it. There's still plenty of work to be done

Re: Joey Hess is out?

On Nov 8, 2014 12:24 PM, Miles Fidelman mfidel...@meetinghouse.net wrote: Mart van de Wege wrote: Slavko li...@slavino.sk writes: Ahoj, Dňa Sat, 08 Nov 2014 16:03:46 +0100 Mart van de Wege mvdw...@gmail.com napísal: Why don't the anti-systemd people do what they've been threatening the

Re: /etc/udev/rules.d/10-local.rules

On Nov 2, 2014 6:03 PM, pe...@easthope.ca wrote: Until recently # The black Kingston SDHC card. KERNEL==mmcblk?p1, ATTR{size}==7626752, SYMLINK+=BlackSDHC1, \ OWNER=peter, GROUP=users in /etc/udev/rules.d/10-local.rules produced /dev/BlackSDHC1. Now that doesn't work although, if the

apt as a user

I'm trying to allow an apt user to run apt* commands. I've got this polkit: /etc/polkit-1/localauthority/30-site.d/10-org.com.foo.apt.pkla [Configuration] AdminIdentities=unix-user:apt Action=org.debian.apt.* ResultAny=no ResultInactive=no ResultActive=yes However when I: su - apt it looks like

Re: apt as a user

On Fri, Oct 31, 2014 at 12:05 PM, Mario Castelán Castro marioxcc...@yandex.com wrote: El 31/10/14 09:29, shawn wilson escribió: I'm trying to allow an apt user to run apt* commands. I've got this polkit: /etc/polkit-1/localauthority/30-site.d/10-org.com.foo.apt.pkla [Configuration

Re: apt as a user

On Fri, Oct 31, 2014 at 12:17 PM, shawn wilson ag4ve...@gmail.com wrote: On Fri, Oct 31, 2014 at 12:05 PM, Mario Castelán Castro marioxcc...@yandex.com wrote: El 31/10/14 09:29, shawn wilson escribió: -A FORWARD -d dest ip -i eth5 -p tcp -m tcp --sport 1024:65535 --dport 80 -m time

Re: apt as a user

On Fri, Oct 31, 2014 at 12:40 PM, Vanessa vane...@ulukai.org wrote: On 2014-10-31 17:17, shawn wilson wrote: On Fri, Oct 31, 2014 at 12:05 PM, Mario Castelán Castro marioxcc...@yandex.com wrote: El 31/10/14 09:29, shawn wilson escribió: I'm trying to allow an apt user to run apt* commands

Re: Avoid reboot by loading initramfs again

On Oct 20, 2014 8:13 AM, Jimmy Thrasibule jimmy.thrasib...@gmail.com wrote: DM I think it depends on what you're trying to achieve and what you're DM trying to avoid. Well my first idea was to have a kind of management OS that I can load in memory to do some stuff like disk

Re: Problem with SSH host keys

On Sep 23, 2014 6:44 PM, Keith Lawson ke...@nowhere.ca wrote: On Tue, Sep 23, 2014 at 04:45:50PM -0400, shawn wilson wrote: On Tue, Sep 23, 2014 at 10:20 AM, Keith Lawson ke...@nowhere.ca wrote: Hello, I'm running jessie on my laptop and after doing a dist-upgrade yesterday I'm

Re: Problem with SSH host keys

On Wed, Sep 24, 2014 at 3:41 AM, Karl E. Jorgensen k...@jorgensen.org.uk wrote: Another good reason not to hash the known_hosts file: bash command completion - after ssh or scp the bash command completion will use ~/.ssh/known_hosts to suggest/complete hosts. Brilliant stuff. Weird the ssh

Re: Problem with SSH host keys

On Tue, Sep 23, 2014 at 10:20 AM, Keith Lawson ke...@nowhere.ca wrote: Hello, I'm running jessie on my laptop and after doing a dist-upgrade yesterday I'm getting SSH host key errors for a bunch of servers I've been connecting to for years: IDK this has anything to do with the problem

Re: Iptables

On Jun 27, 2014 8:14 AM, Diogene Laerce me_buss...@yahoo.fr wrote: iptables -A INPUT -i eth0 -p udp -s 192.168.0.2/32 -d 192.168.0.1 --dport 137 -j ACCEPT iptables -A INPUT -i eth0 -p udp -s 192.168.0.2/32 -d 192.168.0.1 --dport 138 -j ACCEPT iptables -A INPUT -i eth0 -m state --state

Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)

On Wed, Apr 16, 2014 at 8:54 AM, John Hasler jhas...@newsguy.com wrote: Bill Wood writes: and medical identity theft has risen sharply in recent years. What is medical identity theft? I'd also be interested seeing the proof for the claim (I think he means medical data breaches but IDK anyone

Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)

On Apr 13, 2014 11:03 PM, Chris Bannister cbannis...@slingshot.co.nz wrote: Then there is also the very serious issue of embedded devices using openssl. Tablets, smartphones, routers, ... etc. etc. You're correct about network hardware (though the only one I'm aware of so far is F5 with the

Re: OpenVPN + Heartbleed question

It might be possible for an openvpn server to initiate a heartbeat sequence with a client. And therefore for a rogue server to exploit this. I don't believe this to be the case however and I can't think of any other way of exploiting this. If you can get openvpn to use named sockets, you should

Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)

On Apr 14, 2014 11:01 AM, Chris Bannister cbannis...@slingshot.co.nz wrote: On Mon, Apr 14, 2014 at 01:55:04AM -0500, Stan Hoeppner wrote: On 4/13/2014 10:03 PM, Chris Bannister wrote: ... considering it is a catastrophe worse than the Y2K bug. This is several orders of magnitude less

Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)

On Apr 14, 2014 9:15 PM, John Hasler jhas...@newsguy.com wrote: shawn wilson writes: No, I don't want to hear from my bank unless there's a problem. If everything is going OK, don't spam me. If its not, by all means, let me know. This didn't affect them so don't tell me anything. You

Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)

On Apr 14, 2014 10:11 PM, Richard Hector rich...@walnut.gen.nz wrote: On 15/04/14 12:59, shawn wilson wrote: That statement was made in the sense that at least the bank could have issued a statement along the lines of 'you may have heard of the heartbleed bug, we can assure all of our

Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)

On Tue, Apr 15, 2014 at 12:44 AM, Chris Bannister cbannis...@slingshot.co.nz wrote: On Mon, Apr 14, 2014 at 08:59:30PM -0400, shawn wilson wrote: On Apr 14, 2014 11:01 AM, Chris Bannister cbannis...@slingshot.co.nz wrote: On Mon, Apr 14, 2014 at 01:55:04AM -0500, Stan Hoeppner wrote

Re: Cropping a large collection of .PNG screenshots

On Wed, Apr 9, 2014 at 6:03 AM, Kevin O'Gorman kogor...@gmail.com wrote: I have a few hundred screen shots I want to put on a web page, but they are all full-screen and I want to crop to the real contents. This is an identical region in all cases. So I want to script it. So, 2 questions: A)

Re: is there a risk to program in java since sun is bought by oracle

(Nice top post) On Thu, Apr 10, 2014 at 2:57 AM, Gian Uberto Lauri gianuberto.la...@gmail.com wrote: The only problem with Java is that it is a bit old for current architectures. There are better languages that run on the JVM (Clojure and Scala to name two). The problems with java come

Re: OpenSSL Heartbleed bug, Apache still vulnerable?

On Apr 9, 2014 3:51 PM, Sven Hartge s...@svenhartge.de wrote: Curt cu...@free.fr wrote: On 2014-04-09, Jochen Spieker m...@well-adjusted.de wrote: The repository now contains a fixed version (0.9.4.2-r413). I tested it and the new version looks fine. Don't mean to hijack, but is this a

Re: Security question concerning jail or virtualization

On Fri, Mar 14, 2014 at 4:30 AM, Scott Ferguson scott.ferguson.debian.u...@gmail.com wrote: On 14/03/14 15:51, shawn wilson wrote: On Mar 14, 2014 12:13 AM, Brad Alexander stor...@gmail.com mailto:stor...@gmail.com wrote: Due to this experience I would like to know what the best way

Re: Security question concerning jail or virtualization

Well Linux has LXC which is supposed to be equivalent to jails (also see docker). But use whatever suits you. Idk what's current for breaking out of VMs is. It might be good to pay attention to who is using the most entropy and make sure you don't run out. Most VMs use processor VT to isolate

Re: Security question concerning jail or virtualization

On Mar 14, 2014 12:13 AM, Brad Alexander stor...@gmail.com wrote: Due to this experience I would like to know what the best way to limit such problems is, especially when hosting web servers for users who may or may not installed unsecure applications on the web server. Auditing your

multistrap

How do I replicate this line: deb http://us.archive.ubuntu.com/ubuntu/ precise main restricted from sources.list in a multistrap.conf? I'm trying this: [General] directory=/mnt/install cleanup=true arch=amd64 retainsources=/var/cache/apt/archives noauth=true unpack=true retries=5

preseed raid-lvm-crypto

I see how to create raid devices: d-i partman-auto-raid/recipe string \ 1 2 0 ext2 /boot /dev/sda1#/dev/sdb1 1 2 0 lvm - /dev/sda2#/dev/sdb2 And then making lvm or crypto devices seems easy enough. However, how do I create one on top of the other (I'd prefer luks inside lvm so that

Re: nano vs VI

On Jan 1, 2014 7:43 PM, Paul Cartwright pbcartwri...@gmail.com wrote: On 01/01/2014 07:00 PM, Richard Hector wrote: Also perhaps: aptitude purge nano :-) Richard thanks, I might do that also, since I use either VI or gedit.. You do know about gvim right?

Re: nano vs VI

No idea. I compile vim on Debian for ruby support (command-t). Probably vim-gtk. So I'm putting this back on the list. On Jan 2, 2014 7:19 AM, Paul Cartwright pbcartwri...@gmail.com wrote: On 01/02/2014 07:12 AM, shawn wilson wrote: On Jan 1, 2014 7:43 PM, Paul Cartwright pbcartwri

Re: Undocumented telnet access to Brother HL-2280DW

There's a framework for hacking printers (and maybe other networked hardware). I did a quick Google and didn't find it but that's what I'd suggest looking for. Celejar cele...@gmail.com wrote: The Brother HL-2280DW (network printer) listens on port 23, but I can't get a working telnet session

Re: fail2ban fails to ban apache...

François Patte francois.pa...@mi.parisdescartes.fr wrote: Bonjour, I try to configure fail2ban in order to ban IP which try to connect to directories protected by .htaccess. Here is my [apache] section in jail.conf: enabled = true port = http,https filter = apache-auth logpath =

Re: Collecting information after installation

Ali ISIN a.i...@live.be wrote: Hi, Since the 7.x version does my computer freeze; In what way? No more messages are logged? Doesn't respond to pings? SysRq doesn't reboot it (is the kernel totally hosed)? and that after installing GRUB and rebooting. My system seem to work correctly but I

Re: Unable to change shell and add groups

/alternatives/zsh-usrbin /bin/zsh4 (again, not probably not the issue and just annoys me since I noticed it) On Fri, Dec 6, 2013 at 3:10 AM, Scott Ferguson scott.ferguson.debian.u...@gmail.com wrote: On 06/12/13 18:31, shawn wilson wrote: For some reason, when I chsh to say /bin/zsh, log out

Unable to change shell and add groups

For some reason, when I chsh to say /bin/zsh, log out and back in, I'm still in bash - confirmed with readlink /proc/$$/exe I tried adding my user to the adm group, logging out and back in, and it's not there. However, if I exec su -p -l user - everything works. I've also tried an init q to no

Re: Serverbackup cron

basti black.flederm...@arcor.de wrote: Is there a better/ easier way for daily backups? I don't want to do a daily backup if weekly or monthly is running. Use a pidfile - just make sure your process deletes it or you won't be getting backups. I've used Amanda in the past and that works. But

Re: IPTables question

Erwan David er...@rail.eu.org wrote: Le 09/11/2013 23:06, Shawn Wilson a écrit : Redhat has something called firewalld which generates rules based on zones. I don't use it because using dbus to help manage rules scares me. But it's there and could be what you want. I use fwbuilder which

Copy buffer from a script

How do I get access to the buffer that is presented by clicking the third (or center) mouse button from a script? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive:

Re: Copy buffer from a script

That gives me the X clipboard buffer, which seems to be a different buffer. On Sun, Nov 10, 2013 at 6:30 PM, Lukas Erlacher lists+deb...@lerlacher.de wrote: check out xclip. On 11.11.2013 00:29, shawn wilson wrote: How do I get access to the buffer that is presented by clicking the third

Re: Copy buffer from a script

On Sun, Nov 10, 2013 at 6:47 PM, Lukas Erlacher lists+deb...@lerlacher.de wrote: On 11.11.2013 00:42, shawn wilson wrote: That gives me the X clipboard buffer, which seems to be a different buffer. There are three buffers. You're looking for the keyboard buffer, which is the primary buffer

Re: IPTables question

Redhat has something called firewalld which generates rules based on zones. I don't use it because using dbus to help manage rules scares me. But it's there and could be what you want. David F deb...@meta-dynamic.com wrote: On 11/09/2013 12:47 PM, Bill.M wrote: But is there anyway to specify

Re: IPTables question

Pascal Hambourg pas...@plouf.fr.eu.org wrote: Hello, Bill.M a écrit : In IPTables one can specify multiple addresses, and multiple ports, but is there anyway to specify multiple interfaces. For example, -m multiport --destination-port 22,25,80 Or -s 1.2.3.4,1.2.3.5,1.2.3.7

Re: Why syslog is not rotating?

I can't see how a default config would do this, but do you have SELinux or AppArmor enabled? What does fstab and mount show? If possible, copy the system off and write ones and then zeros to the disk (and look for speed drops). Looking at the disk might've been a good call. Itay

Re: Why syslog is not rotating?

with the old one. On Mon, Nov 4, 2013 at 6:16 AM, Itay deb...@itayf.fastmail.fm wrote: On Mon, 4 Nov 2013, Shawn Wilson wrote: Date: Mon, 04 Nov 2013 04:46:48 -0500 For some reason your messages ended up in a differenet mailbox, therefore I saw them only now. Sorry about that. As was recommended

Re: Why syslog is not rotating?

Can syslog rotate logs? I just use logrotate. Itay deb...@itayf.fastmail.fm wrote: On Sat, 2 Nov 2013, Sven Hartge wrote: Date: Sat, 2 Nov 2013 21:47:11 +0100 From: Sven Hartge s...@svenhartge.de To: debian-user@lists.debian.org Subject: Re: Why syslog is not rotating? Resent-Date: Sat, 2

Re: ANDROID

First, thanks for f-droid - I didn't know about that. I think the most open platform to date is the Pi - there are only certain parts of the processor that are kept under NDA. As for phones, there are many parts of them you will never see released (even openmoko which is old and I'd like one to

Re: ANDROID

On Tue, Oct 29, 2013 at 7:28 PM, Celejar cele...@gmail.com wrote: On Tue, 29 Oct 2013 20:48:54 -0200 André Nunes Batista andrenbati...@gmail.com wrote: ... phone users. But even in the case of traditional pc's, many people rely on proprietary BIOS or proprietary firmware for special devices

Re: How to format the command output like MySQL output

On Mon, Oct 21, 2013 at 8:01 AM, Jonathan Dowland j...@debian.org wrote: On Sat, Oct 19, 2013 at 08:54:25PM -0600, Bob Proulx wrote: Check out perl formats. Great suggestion, it's a shame the user has (since) ruled out Perl. Hardly anyone seems to discuss perl formats anymore ☺ I think most

Re: How to format the command output like MySQL output

Lars Noodén lars.noo...@gmail.com wrote: On 20.10.2013 04:17, 陶治江 wrote: 于 2013-10-20 0:53, Lars Noodén 写道: On 19.10.2013 19:35, 陶治江 wrote: [snip] I think it seems good like this, but I do not know how to make out it.(someone says awk, sed may help, but the environment does not permit it).

Re: sysadmin qualifications (Re: apt-get vs. aptitude)

Joel Rees joel.r...@gmail.com wrote: On Thu, Oct 10, 2013 at 8:09 PM, Richard Owlett rowl...@cloud85.net wrote: We're a long way from being able to build internet terminals that people can use as simply as they use a phone, and it's quite possible that it can't really be done. I'm not sending

Re: loop back iptables

On Tue, Oct 8, 2013 at 8:12 PM, Dan Ritter d...@randomstring.org wrote: On Tue, Oct 08, 2013 at 03:04:14PM -0700, james gray wrote: working with the examples at https://wiki.debian.org/iptables -A INPUT -i lo -j ACCEPT This will do nothing unless you have a default DROP policy and

schroot

This is at the top of every config file, but I can't find it documented: . $SETUP_DATA_DIR/common-data . $SETUP_DATA_DIR/common-functions . $SETUP_DATA_DIR/common-config Where is this being sourced from (ie, where is the 'common-data' file?) and (more important) where is this documented? --

Re: schroot

berenger.mo...@neutralite.org wrote: Le 07.10.2013 18:38, shawn wilson a écrit : This is at the top of every config file, but I can't find it documented: . $SETUP_DATA_DIR/common-data . $SETUP_DATA_DIR/common-functions . $SETUP_DATA_DIR/common-config Where is this being sourced from

Re: schroot

On Mon, Oct 7, 2013 at 2:20 PM, berenger.mo...@neutralite.org wrote: Le 07.10.2013 19:50, shawn wilson a écrit : Not a bad idea. However: find / -type f -print0 | xargs -0 -i{} -P 10 grep -H 'SETUP_DATA_DIR=' {} 2 /dev/null found nothing. Just to be complete (so that maybe this shows up

  1   2   3   4   5   6   >