Re: A new venture - preventing spam
UE mail from [EMAIL PROTECTED] (for example), which is desirable. Right UE now it's technically possible for anybody to send mail from UE [EMAIL PROTECTED], although in some sense it's illegal. But spammers UE don't care much about laws. I think the problem is not technical here - I can think of a few methods to implement sender verification with minimal adjustment to existing protocols and with introducing entirely new ones. The problem here is that until the significant part of the email-sending crowd does not use that method, whatever it be, you can not reliably filter your email based on this method. Meaning, corporate clients probably won't pay for implementing such a method - or would not pay enough for this feature to become necessary in every common software. Which means, common software won't have it or won't rely on it - back to square one. Now, there are two obvious ways out of this vicious circle: 1. Widespread world-wide conspiracy of sysadmins and programmers to implement and install the protocol. 2. Adoption of the protocol by some company like Microsoft or IBM that can make anything an industry standard. As they say, nobody ever got fired for buying IBM, and I'd add - for following IBM (or Microsoft) advice either. So if they say it's a good way to fight spam/viruses/etc - whatever it be it probably would get widespread acceptance - enough to catch momentum. And more importantly - enough to make those who didn't implement it yet somewhat uncomfortable - like when users ask administrator why our clients complain that emails from our company come out as 'Unaunticated sender - probably spammer!' in Outlook - please fix it ASAP. Network effect is required for such things. UE OK, we can do without SSL certificates, but we can't do without UE domain names and DNS. Some things have to be centralized. But I UE agree that my proposed solution will have to deal with a lot of UE beurocracy. It is not easy to authenticate a person even in RL - identity theft and various scams are not unheard of, and it is much harder online when you can't see or touch a thing. However, most of the cases with email for the recipient it is enough to know that the sender of the email is authorized by the domain administrator to send it. At least, for detecting email forgery it would be enough - and mass-hosters of course would have to implement some internal mechanism to not allow users impersonate one another - but this would be outside of the email communication domain. -- [EMAIL PROTECTED] \/ There shall be counsels taken Stanislav Malyshev /\ Stronger than Morgul-spells phone +972-54-6524945 /\ JRRT LotR. whois:!SM8333 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
[HAIFUX LECTURE] Intro to SELinux by Oron Peled
Next Monday (4/7/2005), 18:30, the Haifa Linux Club will once again meet to hear Oron Peled talk about: The Wonders of SELInux or How root can lock her computer with the keys inside... Since, again, Oron has agreed to do a short-notice lecture, do not expect to read more about the lecture before Oron actually gives it. We meet in the Technion, Taub 3. See http://www.haifux.org/where.html for arrival details. Attendance is free, and you are all invited! Future lectures include: 129 LIRCAlon Altman 18/07/2005 130 Building a Secure Server and Hardening Existing Systems Adir Abraham01/08/2005 Have a subject you want to talk about? Or a subject you'd like to hear someone else talk about? email us. Orna. -- Orna Agmon http://haifux.org/~ladypine/ ICQ: 348759096 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Silly Q about eth0 going down during boot of Morphix
Baruch, thank you for your great tips, although they didn't help me in this case. But after a long investigation, I found the criminal: pump! Although there is no DHCP server, and although a static IP is defined, it insists on turning off eth0. Since it is running as a daemon, the fact that my commands which setup eth0 are running AFTER the launcher of pump doesn't help. So the only workarounds: 1. Add the flag nodhcp to the boot params (but this workaround requires booting it manually, which is not a real option usually). 2. Run pump -k before setting up eth0. -- Eli Marmor [EMAIL PROTECTED] Netmask (El-Mar) Internet Technologies Ltd. __ Tel.: +972-9-766-1020 8 Yad-Harutzim St. Fax.: +972-9-766-1314 P.O.B. 7004 Mobile: +972-50-5237338 Kfar-Saba 44641, Israel = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Openoffice and unicode and windows 98
On Saturday 02 July 2005 20:16, Ilya Konstantinov wrote: Aviram Jenik wrote: Hi, Is anyone else experiencing the following problem: - Take a Hebrew excel file created on Windows 98 - edit it with Openoffice on Linux (locale he_IL.UTF-8) - Send it back to the person who sent it to you - They try to open it and see squares instead of Hebrew letters (what probably indicates that it was transformed to Unicode which is not available on Windows 98, but I'm just guessing) The same file can be opened on Windows 2000 (that supports Unicode) in the same office version. This happens repeatedly - i.e. every time I edit an excel sent from a Windows 98 and send it back the letters are shown as squares. Which Office version was that? Office 2k AFAIK. BTW, I tried the suggestion of saving it in Office 95 format - still no go. Maybe a locale change would help? If so, to what? - Aviram = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
pidof on a process (which was ran by passing arguments from the command line)
Hello, This question may be relevant to running pidof generally on processes which were run by passing an argument in the command line; To me it occurred with python. I am running a python script of xen. I want to be able to get the pid of that process by running pidof. The command line for running the script is /xend start (but in fact it runs python ./xend start because the first line in xend script is #!/usr/bin/env python.) (python ./xend start is also what we get (among other processes) from ps -aux |grep python for that specific process I am talkng about). I want to be able to get the pid of that process by runnning pidof. pidof python ./xend start gives nothing (in Bash and in Tcshell). pidof python gives 4 processes (one of them is the requested one). Moreover: 2502 is the process id of the wanted process. cat /proc/2502/cmdline gives: python./xendstart but trying pidof python./xendstart (also with one apostrphe or none at all) gave nothing. Any idea? Amir _ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: pidof on a process (which was ran by passing arguments from the command line)
Amir Binyamini [EMAIL PROTECTED] writes: Hello, This question may be relevant to running pidof generally on processes which were run by passing an argument in the command line; To me it occurred with python. I am running a python script of xen. I want to be able to get the pid of that process by running pidof. Does pidof -x xend help? -- Oleg Goldshmidt | [EMAIL PROTECTED] | http://www.goldshmidt.org = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: pidof on a process (which was ran by passing arguments from the command li
No. pidof -x xend returns an empty string. Amir From: Oleg Goldshmidt [EMAIL PROTECTED] Reply-To: linux-il@linux.org.il To: Amir Binyamini [EMAIL PROTECTED] CC: linux-il@linux.org.il Subject: Re: pidof on a process (which was ran by passing arguments from the command line) Date: 03 Jul 2005 17:31:14 + Amir Binyamini [EMAIL PROTECTED] writes: Hello, This question may be relevant to running pidof generally on processes which were run by passing an argument in the command line; To me it occurred with python. I am running a python script of xen. I want to be able to get the pid of that process by running pidof. Does pidof -x xend help? -- Oleg Goldshmidt | [EMAIL PROTECTED] | http://www.goldshmidt.org = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] _ FREE pop-up blocking with the new MSN Toolbar - get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: A new venture - preventing spam
On Saturday, 2 בJuly 2005 22:20, Stanislav Malyshev wrote: I think the problem is not technical here - I can think of a few methods to implement sender verification with minimal adjustment to existing protocols and with introducing entirely new ones. The problem here is that until the significant part of the email-sending crowd does not use that method, whatever it be, you can not reliably filter your email based on this method. Now, there are two obvious ways out of this vicious circle: ... 2. Adoption of the protocol by some company like Microsoft or IBM that can make anything an industry standard. Microsoft has announced that starting this November (11/2005) Hotmail will implement Sender ID(*) notifications to clients - when an email is received w/o Sender ID verification the user will be displayed with a warning bar. I'm assuming this is kind of adoption you were thinking of ? Now its not clear whether hotmail will mark email that declare themself to come from a Sender ID supporting domain but fail the verification, or also from any domain that does not support Sender ID, and how is the original SPF (SPF 0.9 ?) plays into it. At any rate, its probably a test before implementing this behavior into Outlook and regardless is probably a step in the wrong direction, mainly as MS are known to do only things that promote their proprietary protocols and not others. IBM is probably not much different. So unless you want your SPAM solution in the form of a proprietary protocol controlled by a company and then bought by MS, I don't think going this way is a good idea. (*) Sender ID was the next generation SPF which was rejected by IETF for various reasons, probably the most important was problematic and unclear licensing terms. -- Oded ::.. Charm is a way of getting the answer Yes -- without having asked any clear question. To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
wifi on fedora core 4
Hi people, I need some help with getting my wifi to work under fedora 4 on an intel centrino machine I installed ipw2100 and configured the network device eth1 to Intel Corporation PRO/Wireless LAN 2100 3B Mini PCI Adapter I can find networks when I run iwlist eth1 scan, but when I run ifup eth1 I get the next message: Error for wireless request Set Frequency (8B04) : SET failed on device eth1 ; Operation not supported. Determining IP information for eth1... failed; no link present. Check cable? Any ideas? -- Yossi --- Men are from earth. Women are from earth. Deal with it! --- Email: [EMAIL PROTECTED] Phone: +972-4-8226705 Webpage: http://vipe.technion.ac.il/~yossiv At work: +972-4-8294952 --- = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Active Directory - a short story
Quoting Guy Teverovsky, from the post of Tue, 21 Jun: For the sake of common sense, by any means try to avoid using SFU. It opens up some very nasty black holes in AD sucking up any security you may have already implemented in AD. while I agree, it is however quite a headache to introduce a company with no serious Linux SA team (The RD people know more about the platform) to the idea of running an LDAP server next to the AD server. to explain: when you use winbind and add a machine into the domain, the first time you look up a user she will be mapped to a local UID in an idmap database. the problem is, there is no hash function to map a lanman object's SID, and the idmap database fills up on a first asked, first served manner. this is a sick mess, since this means that if you have several machines winbound, they don't all see the same UIDs mapped to the same usernames, which makes NFS impossible. solution one - have one machine enumarate all the UIDs and then copy its idmap database, and do that again each time you add users to the AD (yuck) solution 2 - have the userinfo come from the AD, the authentication from the kerberos (as before) and ask Samba to map the ids according to LDAP (yuck again). that LDAP server can either run on a separate linux machine, or be the LDAP that is already part of the SFU, and so keeps those details inside the AD itself, with a Unix attributes tag in the AD management dialog. Much cleaner way is to use only SFU schema extensions without having AD playing NIS-wannabe. not NIS, just LDAP. the scheme extensions alone don't let you access them. the SFU adds the above mentioned tag to the dialog box. Definitely think twice and test,test,test if you are going to implement it in environment that counts the user accounts by thousands (or has very low end DCs). well, it's not the case, but the slowness was horrible. I found a nice mid-way solution. the unix UIDs are served by NIS, but the passwords are authenticated over the kerberos from the AD. this was done by adding the kerberos to pam, but getting rid of winbind. You should NOT run nscd on systems running winbind: http://info.ccone.at/INFO/Samba/winbind.html#id2952021 Running nscd collides with winbind which is already doing caching. True. indeed removed. Other issues that need resolving: * On winbound machines of the RHEL 3WS variety, I could su - user from root without any problem. not so on 3ES, where I got back su: Invalid password. at some point it magicly fixed itself and I could not recreate it (good thing?). could it be a kerberos glitch? * On all these machines, perhaps because of the pam games, the .bashrc are not executed (not after su-, nor when you ssh into the machine). anyone care to point me in the right direction? the permissions on the bashrc are correct... -- Second hand smoker trying to cut back Ira Abramov http://ira.abramov.org/email/ = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: A new venture - preventing spam
OA Microsoft has announced that starting this November (11/2005) Hotmail OA will implement Sender ID(*) notifications to clients - when an email OA is received w/o Sender ID verification the user will be displayed OA with a warning bar. I'm assuming this is kind of adoption you were OA thinking of ? Yes, partially. Except that it would better be open standard (your (*)) and it should be implemented strategically - i.e. not only in Hotmail but in Exchange, Outlook, etc. OA mainly as MS are known to do only things that promote their OA proprietary protocols and not others. IBM is probably not much That is not entirely correct, at least for now - they are vigorously promoting any protocols or standards they chose, but they do value standartization and open protocols lately - e.g. most of their .net specs are public. While there is no doubt that they have their own agenda and would promote it, it would not necessary contradict with my needs or OSS software developers' and users' needs. Last but not least, I think I can tolerate protocol controlled by some Big Corporate Entity, provided the protocol itself is public and possible to implement independently and that it is actually used and accepted. -- [EMAIL PROTECTED] \/ There shall be counsels taken Stanislav Malyshev /\ Stronger than Morgul-spells phone +972-54-6524945 /\ JRRT LotR. whois:!SM8333 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
