From mnair at iusb.edu Sun Oct 1 17:27:06 2006 From: mnair at iusb.edu (Nair, Murlidharan T) Date: Sun, 1 Oct 2006 13:27:06 -0400 Subject: PERL GD for RHLinux 64 bit References: <1158629397.1267.252.camel@prophead.corp.publichost.com> <27230.198.60.114.90.1159593565.squirrel@webmail.ourldsfamily.com> Message-ID: I am interested in the GD package for the 64 bit version of Linux. Can anyone tell which is ppm file that I need to install? Tried installing the following perl-GD-2.30-1.2.el4.rf.x86_64.rpm but it gives me the following warning warning: perl-GD-2.30-1.2.el4.rf.x86_64.rpm: V3 DSA signature: NOKEY, key ID 6b8d79e6 I still tried to compile a sample program but it does not seem happy. It gave me the following error at compile time Can't locate object method "png" via package "GD::Image" at sample_gd.pl line 31. #!/usr/bin/perl use GD; # create a new image $im = new GD::Image(100,100); # allocate some colors $white = $im->colorAllocate(255,255,255); $black = $im->colorAllocate(0,0,0); $red = $im->colorAllocate(255,0,0); $blue = $im->colorAllocate(0,0,255); # make the background transparent and interlaced $im->transparent($white); $im->interlaced(true); # Put a black frame around the picture $im->rectangle(0,0,99,99,$black); # Draw a blue oval $im->arc(50,50,95,75,0,360,$blue); # And fill it with red $im->fill(50,50,$red); # make sure we are writing to a binary stream binmode STDOUT; # Convert the image to PNG and print it on standard output print $im->png; I need to get this up and running pretty soon. So if anyone can throw some light into what I need to do that will really help. Cheers ../Murli -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 4603 bytes Desc: not available URL: From bret_stern at machinemanagement.com Sun Oct 1 20:02:54 2006 From: bret_stern at machinemanagement.com (Bret Stern) Date: Sun, 1 Oct 2006 13:02:54 -0700 Subject: SCSI Drives question Message-ID: <200610012008.k91K8B80024698@ns2.netmagic.net> On my server, i have two 18gb scsi drives which are part of a Logical Volume (LVM), and are internal drives to the Dell 2450. They are /dev/sda, and /dev/sdb I'm adding a Dell Powervault connected to an Adaptec scsi card (not the onboard scsi) and the two 18gb drives above now become /dev/sdh and /dev/sdi. It seems like the server drives should stay /dev/sda and /dev/sdb, and the new drives in the powervault should start their scsi id's after after those in the server?? I need some scsi tips. Bret From inet_services2003 at yahoo.com Mon Oct 2 07:36:35 2006 From: inet_services2003 at yahoo.com (Arno Weber) Date: Mon, 2 Oct 2006 00:36:35 -0700 (PDT) Subject: SCSI Drives question In-Reply-To: <200610012008.k91K8B80024698@ns2.netmagic.net> Message-ID: <20061002073635.61069.qmail@web56514.mail.re3.yahoo.com> hi... I think scsi was designed for amigas... maybe u should get an amiga? Bret Stern wrote: On my server, i have two 18gb scsi drives which are part of a Logical Volume (LVM), and are internal drives to the Dell 2450. They are /dev/sda, and /dev/sdb I'm adding a Dell Powervault connected to an Adaptec scsi card (not the onboard scsi) and the two 18gb drives above now become /dev/sdh and /dev/sdi. It seems like the server drives should stay /dev/sda and /dev/sdb, and the new drives in the powervault should start their scsi id's after after those in the server?? I need some scsi tips. Bret _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe --------------------------------- All-new Yahoo! Mail - Fire up a more powerful email and get things done faster. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bret_stern at machinemanagement.com Mon Oct 2 16:22:39 2006 From: bret_stern at machinemanagement.com (Bret Stern) Date: Mon, 2 Oct 2006 09:22:39 -0700 Subject: Adding existing Fedora drives to new install In-Reply-To: <20060924205326.GA6691@bobcat.bobcatos.com> Message-ID: <200610021628.k92GSB0a003950@ns2.netmagic.net> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com > [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of > Bob McClure Jr > Sent: Sunday, September 24, 2006 1:53 PM > To: redhat-install-list at redhat.com > Subject: Re: Adding existing Fedora drives to new install > > On Sun, Sep 24, 2006 at 12:24:30PM -0700, Bret Stern wrote: > > > > I've had to re-install Fedora 5 on some new scsi drives. > > > > But I need to get some data off of the previous scsi drives. > > > > Can I install the old drives and temporarily mount them to get the > > data? > > If you mean in place of the new drive(s), yes, that's > trivial. If you mean in addition to the new drives, yes, > it's easy, with a few caveats. > > > Is this possible? > > Check your /etc/fstab. If it has entries that look like > > LABEL=/boot /boot ext3 > defaults 1 2 > > instead of > > /dev/sda1 /boot ext3 > defaults 1 2 > > and the old drives also have mounts by labels in their > /etc/fstab, it will have a problem upon booting figuring out > which partition with a /boot label to mount on /boot. > > On your new, operational disks change the labels to real > device names (run "df" to find out what they are), then shut > down, install the old drive(s), and reboot. When you > temporarily mount the old partitions, create a scratch mount > point (directory) such as /oldstuff, and use device names, > not labels, when you do the mounts. > > Cheers, > -- > Bob McClure, Jr. Bobcat Open Systems, Inc. > bob at bobcatos.com http://www.bobcatos.com > "Where you go in the hereafter depends on what you were after here." > - Thanks to Graffiti, 2 March 2004 > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe Thanks Bob, this has been very helpful. Bret From rstevens at vitalstream.com Mon Oct 2 17:57:04 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 02 Oct 2006 10:57:04 -0700 Subject: SCSI Drives question In-Reply-To: <200610012008.k91K8B80024698@ns2.netmagic.net> References: <200610012008.k91K8B80024698@ns2.netmagic.net> Message-ID: <1159811824.18867.266.camel@prophead.corp.publichost.com> On Sun, 2006-10-01 at 13:02 -0700, Bret Stern wrote: > On my server, i have two 18gb scsi drives which are > part of a Logical Volume (LVM), and are internal > drives to the Dell 2450. > > They are /dev/sda, and /dev/sdb > > > I'm adding a Dell Powervault connected to an Adaptec > scsi card (not the onboard scsi) and the two 18gb drives > above now become /dev/sdh and /dev/sdi. > > It seems like the server drives should stay /dev/sda and /dev/sdb, > and the new drives in the powervault should start their > scsi id's after after those in the server?? > > I need some scsi tips. You have two issues here...the sequence in which Linux scans the PCI and internal busses and the sequence in which the SCSI bus is scanned. This affects not only SCSI, but also NICs and any other items in the PCI bus. The kernel, when it boots up, must scan the hardware config of the machine. When scanning the PCI bus, it starts with slot 0, then 1, and so on. Now, which slot is slot 0. By convention, it's normally the one closest to the CPU, however that may not be true depending on how the hardware and BIOS of your machine was configured. For example, we use Dell 1850s and 2850s. We have two glass NICs (fiber channel) in the PCI buses in addition to the two copper NICS on the motherboard. On the 1850s, the glass NICs in the PCI bus are eth0 and eth1, and the copper ones on the mobo are eth2 and eth3. On the 2850s, it's EXACTLY opposite! (the copper ports are eth0 and eth1, the glass NICs are eth2 and eth3). Now, when you get to SCSI, you also have to add the additional SCSI bus scanning. Normally, the SCSI bus IDs are scanned 0 to 7, then 8-15 (SCSI-2 and SCSI-3). The controller is normally at SCSI ID 7. Change the buses and you change the layout of the machine and the names of the devices may change. There are tools to equate SCSI IDs to /dev entries. If you use LVM however, it's somewhat irrelevant as LVM uses the PV IDs written to the disks to put itself back together at reboot time. It doesn't matter what gets added or deleted from the bus, the IDs are on the actual media of the disk and can be found. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "Hello. My PID is Inigo Montoya. You `kill -9'-ed my parent - - process. Prepare to vi." - ---------------------------------------------------------------------- From rstevens at vitalstream.com Mon Oct 2 17:58:32 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 02 Oct 2006 10:58:32 -0700 Subject: SCSI Drives question In-Reply-To: <20061002073635.61069.qmail@web56514.mail.re3.yahoo.com> References: <20061002073635.61069.qmail@web56514.mail.re3.yahoo.com> Message-ID: <1159811912.18867.268.camel@prophead.corp.publichost.com> On Mon, 2006-10-02 at 00:36 -0700, Arno Weber wrote: > hi... > > I think scsi was designed for amigas... maybe u should get an amiga? Har! No, SCSI was not built for the Amiga...it predates the Amiga by a long way. Historical note: SCSI started out as SASI (Shugart Associates Storage Interface). > > > Bret Stern wrote: > > On my server, i have two 18gb scsi drives which are > part of a Logical Volume (LVM), and are internal > drives to the Dell 2450. > > They are /dev/sda, and /dev/sdb > > > I'm adding a Dell Powervault connected to an Adaptec > scsi card (not the onboard scsi) and the two 18gb drives > above now become /dev/sdh and /dev/sdi. > > It seems like the server drives should stay /dev/sda > and /dev/sdb, > and the new drives in the powervault should start their > scsi id's after after those in the server?? > > I need some scsi tips. > > Bret > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > > > > > ______________________________________________________________________ > All-new Yahoo! Mail - Fire up a more powerful email and get things > done faster. > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Working with Linux is like wrestling with a worthy opponent. - - Working with Windows is like picking on an annoyed child with a - - loaded handgun. - ---------------------------------------------------------------------- From rstevens at vitalstream.com Mon Oct 2 18:21:18 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 02 Oct 2006 11:21:18 -0700 Subject: Installing RHEL with a memory stick In-Reply-To: <27230.198.60.114.90.1159593565.squirrel@webmail.ourldsfamily.com> References: <1158629397.1267.252.camel@prophead.corp.publichost.com> <27230.198.60.114.90.1159593565.squirrel@webmail.ourldsfamily.com> Message-ID: <1159813278.18867.279.camel@prophead.corp.publichost.com> On Fri, 2006-09-29 at 23:19 -0600, karlp at ourldsfamily.com wrote: > On Mon, September 18, 2006 7:29 pm, Rick Stevens wrote: > > On Mon, 2006-09-18 at 16:20 -0700, Waldher, Travis R wrote: > >> Any advice on getting RHEL using a memory stick? > >> > >> > >> > >> I?ve been googling and have come up with nada. > >> > >> > >> > >> (the computer doesn?t have CDROM) > > > > Well, yeah. You need to download the first CD ISO image and mount > > it. E.g. > > > > # mkdir -p /mnt/work > > # mount -t iso9660 -o loop /path/to/iso/image /mnt/work > > > > On it, you'll find an images/diskboot.img file. Copy that to your > > pen drive using dd. If the pen drive shows up as /dev/sda, then > > > > # dd if=/mnt/work/images/diskboot.img of=/dev/sda bs=2K > > > > Then boot from the pen drive, assuming your BIOS supports it. If not, > > and you have a floppy drive, then download SmartBootManager > > > > http://sourceforge.net/project/showfiles.php?group_id=4185 > > > > and put it on a floppy. Boot from floppy, specify next boot from the > > pen drive and voila! From there, you can do net, diskimage, http or ftp > > install (all the standard install stuff is there). > > I've been interested in this since finding and using (credit card CD) BBC-LNX > and DSL for some maintenance issues on some PCs. (I have DSL running on our > WillCall PC; cool). > > I bought a Everex StepNote laptop and installed FC5 on hda2 (WinXP is on > hda1). It works great. If I boot with a 512MB thumb drive, it says Operating > System Missing. I followed the above prompt, and it just hangs now. I had to > dd of=/dev/sda1, however, not just sda because it didn't even recognize the > thumb drive on boot and went straight to GRUB. > > So, any hints? I've tried both distros with no luck on both a 128MB and 512MB > thumb drive. Then the BIOS doesn't support booting from USB. The diskboot.img file is a full image file and should go into /dev/sda--NOT a partition on the drive. I quote from the README: "The diskboot.img file is a VFAT filesystem image that can be written to a USB pendrive or other bootable media larger than a floppy. Note that booting via USB is dependent on your BIOS supporting this. It should be written to the device using dd." Note the word "device", and not "partition". I know, I've done this a bunch of times, but the machine's BIOS MUST support booting from USB. You may have to play with the BIOS' USB settings to make this work, but it DOES work. For example, on my HP laptop, you must hit F10, go to the "Advanced" settings, down to "Boot Order", expand the "Hard Disk" list, and switch the priority from "HD, USB" to "USB, HD". I just confirmed this using a Memorex TravelDrive 128MB pen drive and the bootdisk.img file from FC5. Now, if I have a USB drive, it boots off that. If not, it boots from hard disk as normal. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Memory is the second thing to go, but I can't remember the first! - ---------------------------------------------------------------------- From inet_services2003 at yahoo.com Tue Oct 3 03:14:21 2006 From: inet_services2003 at yahoo.com (Arno Weber) Date: Mon, 2 Oct 2006 20:14:21 -0700 (PDT) Subject: SCSI Drives question In-Reply-To: <1159811912.18867.268.camel@prophead.corp.publichost.com> Message-ID: <20061003031421.69118.qmail@web56501.mail.re3.yahoo.com> my bad I guess I first heard about scsi at the amiga club meetings at the arco building 15 years before I ever heard of dell so I figured theyve been writing scsi drivers and whatnot for amiga longer than they have for dells. Also, historically, Commodore has been MUCH better at not being screwed by their vendors/subcontractors than has dell. Rick Stevens wrote: On Mon, 2006-10-02 at 00:36 -0700, Arno Weber wrote: > hi... > > I think scsi was designed for amigas... maybe u should get an amiga? Har! No, SCSI was not built for the Amiga...it predates the Amiga by a long way. Historical note: SCSI started out as SASI (Shugart Associates Storage Interface). > > > Bret Stern wrote: > > On my server, i have two 18gb scsi drives which are > part of a Logical Volume (LVM), and are internal > drives to the Dell 2450. > > They are /dev/sda, and /dev/sdb > > > I'm adding a Dell Powervault connected to an Adaptec > scsi card (not the onboard scsi) and the two 18gb drives > above now become /dev/sdh and /dev/sdi. > > It seems like the server drives should stay /dev/sda > and /dev/sdb, > and the new drives in the powervault should start their > scsi id's after after those in the server?? > > I need some scsi tips. > > Bret > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > > > > > ______________________________________________________________________ > All-new Yahoo! Mail - Fire up a more powerful email and get things > done faster. > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Working with Linux is like wrestling with a worthy opponent. - - Working with Windows is like picking on an annoyed child with a - - loaded handgun. - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe --------------------------------- Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the US (and 30+ countries) for 2?/min or less. -------------- next part -------------- An HTML attachment was scrubbed... URL: From powellj at gmail.com Tue Oct 3 06:38:22 2006 From: powellj at gmail.com (John Powell) Date: Mon, 02 Oct 2006 23:38:22 -0700 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 Message-ID: <4522055E.8000506@gmail.com> So I have been struggling with this for a while and have decided to give up and ask for help. I am attempting to install RHEL 4 AS Update 4 on a system with the following spec/conf. Gigabyte 8iexp system board (Intel 845e) Pentium 4 2.8Ghz CPU 2 Gig Mem 2 ATA WD 80 Gig drives GForce 4 compatible video The Installation consistently fails on the second cd while installing the aforementioned rpm. The Install error is something like... "Installation of rpm blah failed... this could happen due to corrupt download, media, and/or hardware"... since I have verified that the cd's md5 checks out as well as run media check to verify the media is correct I am left with the apparent fact that my hardware isn't going to cut it. Can someone verify that this is indeed the case else provide some suggestion as to what I should try to get the installation past the installation of this rpm? Thanks in advance. John From dmhunter at charter.net Tue Oct 3 14:01:43 2006 From: dmhunter at charter.net (Dan Hunter) Date: Tue, 3 Oct 2006 09:01:43 -0500 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 References: <4522055E.8000506@gmail.com> Message-ID: <000901c6e6f4$78ecee80$64011811@mutant> I have had similar error messages on Fedora installations. Sometimes is was a great big slimy thumb print on the CD. I hate when that happens! Sometimes it was the CD reader telling me that it was about to fail. I hate when that happens too! Normally I would say try a replacement media and/or CD reader. But if this is a new system and new media from Redhat..... My only suggestion is stuff a CD lens cleaner in the CD drive, stuff the CD's into a CD cleaner, and then try it again. ----- Original Message ----- From: "John Powell" To: Sent: Tuesday, October 03, 2006 1:38 AM Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 > So I have been struggling with this for a while and have decided to give > up and ask for help. > > I am attempting to install RHEL 4 AS Update 4 on a system with the > following spec/conf. > > Gigabyte 8iexp system board (Intel 845e) > Pentium 4 2.8Ghz CPU > 2 Gig Mem > 2 ATA WD 80 Gig drives > GForce 4 compatible video > > The Installation consistently fails on the second cd while installing > the aforementioned rpm. The Install error is something like... > "Installation of rpm blah failed... this could happen due to corrupt > download, media, and/or hardware"... since I have verified that the cd's > md5 checks out as well as run media check to verify the media is correct > I am left with the apparent fact that my hardware isn't going to cut it. > Can someone verify that this is indeed the case else provide some > suggestion as to what I should try to get the installation past the > installation of this rpm? > > Thanks in advance. > John > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From bret_stern at machinemanagement.com Tue Oct 3 14:34:42 2006 From: bret_stern at machinemanagement.com (Bret Stern) Date: Tue, 3 Oct 2006 07:34:42 -0700 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 In-Reply-To: <4522055E.8000506@gmail.com> Message-ID: <200610031440.k93EeV8g023510@ns2.netmagic.net> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com > [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of > John Powell > Sent: Monday, October 02, 2006 11:38 PM > To: redhat-install-list at redhat.com > Subject: Install fails during installation of > rpmdb-redhat-4-0.20060803 > > So I have been struggling with this for a while and have > decided to give up and ask for help. > > I am attempting to install RHEL 4 AS Update 4 on a system > with the following spec/conf. > > Gigabyte 8iexp system board (Intel 845e) Pentium 4 2.8Ghz CPU > 2 Gig Mem > 2 ATA WD 80 Gig drives > GForce 4 compatible video > > The Installation consistently fails on the second cd while > installing the aforementioned rpm. The Install error is > something like... > "Installation of rpm blah failed... this could happen due to > corrupt download, media, and/or hardware"... since I have > verified that the cd's > md5 checks out as well as run media check to verify the media > is correct I am left with the apparent fact that my hardware > isn't going to cut it. > Can someone verify that this is indeed the case else provide > some suggestion as to what I should try to get the > installation past the installation of this rpm? > > Thanks in advance. > John > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe Long ago I had an install problem similar to this, but the drives were of the scsi variety. After I ran a format on the hard drives the install worked. If you have another drive hanging around..or try the install with a single drive. I've installed Red Hat many many times, mostly because when I play with it, I screw it up. Don't give up, the experts are on this list lurking with more ideas. B Stern From pwc at u.washington.edu Tue Oct 3 17:05:55 2006 From: pwc at u.washington.edu (Paul Campbell) Date: Tue, 03 Oct 2006 10:05:55 -0700 Subject: DMA timeouts Message-ID: <45229873.10908@u.washington.edu> I have Dell Precision 360 that came with RedHat pre-installed by Dell. It's been running fine for a couple of years I added a second WD 120MB. Since then I have not been able to get around a DMA timeout that shows up on install. Following the selection of text or graphics mode, it seems to probe the system and it seems to hang until timeout ( minutes ) on hda and then does the same on hdb. I can install but when I did this, I found logon was terribly slow. This must be an FAQ but google doesn't get me a good hit on it. From rstevens at vitalstream.com Tue Oct 3 17:33:04 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 03 Oct 2006 10:33:04 -0700 Subject: SCSI Drives question In-Reply-To: <20061003031421.69118.qmail@web56501.mail.re3.yahoo.com> References: <20061003031421.69118.qmail@web56501.mail.re3.yahoo.com> Message-ID: <1159896784.3025.13.camel@prophead.corp.publichost.com> On Mon, 2006-10-02 at 20:14 -0700, Arno Weber wrote: > my bad I guess I first heard about scsi at the amiga club meetings at > the arco building 15 years before I ever heard of dell so I figured > theyve been writing scsi drivers and whatnot for amiga longer than > they have for dells. SCSI has been around for a LONG time, but it was for higher-end machines. The Amiga was really the first consumer-based PC that used it, however Sun, DEC, IBM and several others used SCSI long before the Amiga showed up. BTW, I have almost all of the Amigas (500, 600, 1000, 2000, 3000, 3000HT) and am Certified Amiga Developer CDT-1260. That dates me. > Also, historically, Commodore has been MUCH better at not being > screwed by their vendors/subcontractors than has dell. Uh, I can't agree to that. They were RADICALLY different systems. The Amigas (and most other Commodore machines) were not made of "commodity" parts beyond hard drives and memory. They also never had the production numbers of Dell, and therefore were not under the pricing pressure that Dell (and their competitors) are. You also have to admit that, at least as far as the Amiga went, Commodore knew cool hardware but hadn't the foggiest idea on how to market it. However, this is all very wide of the intent of this list. We now return you to your regularly scheduled programming... > > > Rick Stevens wrote: > On Mon, 2006-10-02 at 00:36 -0700, Arno Weber wrote: > > hi... > > > > I think scsi was designed for amigas... maybe u should get > an amiga? > > Har! No, SCSI was not built for the Amiga...it predates the > Amiga by > a long way. > > Historical note: SCSI started out as SASI (Shugart Associates > Storage > Interface). > > > > > > > Bret Stern wrote: > > > > On my server, i have two 18gb scsi drives which are > > part of a Logical Volume (LVM), and are internal > > drives to the Dell 2450. > > > > They are /dev/sda, and /dev/sdb > > > > > > I'm adding a Dell Powervault connected to an Adaptec > > scsi card (not the onboard scsi) and the two 18gb drives > > above now become /dev/sdh and /dev/sdi. > > > > It seems like the server drives should stay /dev/sda > > and /dev/sdb, > > and the new drives in the powervault should start their > > scsi id's after after those in the server?? > > > > I need some scsi tips. > > > > Bret > > > > _______________________________________________ > > Redhat-install-list mailing list > > Redhat-install-list at redhat.com > > https://www.redhat.com/mailman/listinfo/redhat-install-list > > To Unsubscribe Go To ABOVE URL or send a message to: > > redhat-install-list-request at redhat.com > > Subject: unsubscribe > > > > > > > > > > > ______________________________________________________________________ > > All-new Yahoo! Mail - Fire up a more powerful email and get > things > > done faster. > > _______________________________________________ > > Redhat-install-list mailing list > > Redhat-install-list at redhat.com > > https://www.redhat.com/mailman/listinfo/redhat-install-list > > To Unsubscribe Go To ABOVE URL or send a message to: > > redhat-install-list-request at redhat.com > > Subject: unsubscribe > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer > rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - Working with Linux is like wrestling with a worthy opponent. > - > - Working with Windows is like picking on an annoyed child > with a - > - loaded handgun. - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > > > > > ______________________________________________________________________ > Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the US (and 30+ > countries) for 2?/min or less. > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Memory is the second thing to go, but I can't remember the first! - ---------------------------------------------------------------------- From rstevens at vitalstream.com Tue Oct 3 17:38:22 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 03 Oct 2006 10:38:22 -0700 Subject: DMA timeouts In-Reply-To: <45229873.10908@u.washington.edu> References: <45229873.10908@u.washington.edu> Message-ID: <1159897102.3025.20.camel@prophead.corp.publichost.com> On Tue, 2006-10-03 at 10:05 -0700, Paul Campbell wrote: > I have Dell Precision 360 that came with RedHat > pre-installed by Dell. It's been running fine > for a couple of years > > I added a second WD 120MB. > > Since then I have not been able to get around a > DMA timeout that shows up on install. > > Following the selection of text or graphics mode, > it seems to probe the system and it seems to hang > until timeout ( minutes ) on hda and then does the > same on hdb. > > I can install but when I did this, I found logon > was terribly slow. > > This must be an FAQ but google doesn't get me > a good hit on it. First, make sure you're not using "cable select" on the drives. Ensure the original one is jumpered as "master" and the new one as "slave". Cable select is probably the worst farking idea since IBM decided to "flip" the floppy drive select lines on the ribbon cable rather than use the jumpers on the drive. It might help also if you put the CD on the secondary controller all by itself. In other words, put both hard drives on the primary IDE controller (one "master" and one "slave") and the CD (and other, slow "secondary" storage) on the secondary IDE controller. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - A friend said he climbed to the top of Mount Ranier. My view is - - that if there's no elevator, it must not be that interesting. - ---------------------------------------------------------------------- From rstevens at vitalstream.com Tue Oct 3 17:49:06 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 03 Oct 2006 10:49:06 -0700 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 In-Reply-To: <200610031440.k93EeV8g023510@ns2.netmagic.net> References: <200610031440.k93EeV8g023510@ns2.netmagic.net> Message-ID: <1159897746.3025.28.camel@prophead.corp.publichost.com> On Tue, 2006-10-03 at 07:34 -0700, Bret Stern wrote: > > -----Original Message----- > > From: redhat-install-list-bounces at redhat.com > > [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of > > John Powell > > Sent: Monday, October 02, 2006 11:38 PM > > To: redhat-install-list at redhat.com > > Subject: Install fails during installation of > > rpmdb-redhat-4-0.20060803 > > > > So I have been struggling with this for a while and have > > decided to give up and ask for help. > > > > I am attempting to install RHEL 4 AS Update 4 on a system > > with the following spec/conf. > > > > Gigabyte 8iexp system board (Intel 845e) Pentium 4 2.8Ghz CPU > > 2 Gig Mem > > 2 ATA WD 80 Gig drives > > GForce 4 compatible video > > > > The Installation consistently fails on the second cd while > > installing the aforementioned rpm. The Install error is > > something like... > > "Installation of rpm blah failed... this could happen due to > > corrupt download, media, and/or hardware"... since I have > > verified that the cd's > > md5 checks out as well as run media check to verify the media > > is correct I am left with the apparent fact that my hardware > > isn't going to cut it. > > Can someone verify that this is indeed the case else provide > > some suggestion as to what I should try to get the > > installation past the installation of this rpm? You say "ATA" drives. Are they PATA (IDE) or SATA? Are they set up as a RAID? If so, hardware or software. You may also want to try turning off DMA on the CD during the install. If your CD shows up as device /dev/hdc, try adding "hdc=nodma" to the end of the "boot:" prompt: boot: linux hdc=nodma You may want to try turning off DMA on IDE completely: boot: linux ide=nodma Also, try disabling APIC operations by adding " noapic" to the boot command: boot: linux noapic You may need a combination: boot: linux ide=nodma noapic > > Thanks in advance. Good luck! ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "People tell me I look at the dark side. That's not true. I have - - the heart of a small boy......in a jar right here on my desk." - - -- Stephen King - ---------------------------------------------------------------------- From powellj at gmail.com Wed Oct 4 01:05:39 2006 From: powellj at gmail.com (John Powell) Date: Tue, 03 Oct 2006 18:05:39 -0700 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 In-Reply-To: <1159897746.3025.28.camel@prophead.corp.publichost.com> References: <200610031440.k93EeV8g023510@ns2.netmagic.net> <1159897746.3025.28.camel@prophead.corp.publichost.com> Message-ID: <452308E3.8080300@gmail.com> Rick Stevens wrote: >On Tue, 2006-10-03 at 07:34 -0700, Bret Stern wrote: > > >>>-----Original Message----- >>>From: redhat-install-list-bounces at redhat.com >>>[mailto:redhat-install-list-bounces at redhat.com] On Behalf Of >>>John Powell >>>Sent: Monday, October 02, 2006 11:38 PM >>>To: redhat-install-list at redhat.com >>>Subject: Install fails during installation of >>>rpmdb-redhat-4-0.20060803 >>> >>>So I have been struggling with this for a while and have >>>decided to give up and ask for help. >>> >>>I am attempting to install RHEL 4 AS Update 4 on a system >>>with the following spec/conf. >>> >>>Gigabyte 8iexp system board (Intel 845e) Pentium 4 2.8Ghz CPU >>>2 Gig Mem >>>2 ATA WD 80 Gig drives >>>GForce 4 compatible video >>> >>>The Installation consistently fails on the second cd while >>>installing the aforementioned rpm. The Install error is >>>something like... >>>"Installation of rpm blah failed... this could happen due to >>>corrupt download, media, and/or hardware"... since I have >>>verified that the cd's >>>md5 checks out as well as run media check to verify the media >>>is correct I am left with the apparent fact that my hardware >>>isn't going to cut it. >>>Can someone verify that this is indeed the case else provide >>>some suggestion as to what I should try to get the >>>installation past the installation of this rpm? >>> >>> > >You say "ATA" drives. Are they PATA (IDE) or SATA? Are they set up as >a RAID? If so, hardware or software. > >You may also want to try turning off DMA on the CD during the install. >If your CD shows up as device /dev/hdc, try adding "hdc=nodma" to the >end of the "boot:" prompt: > > boot: linux hdc=nodma > >You may want to try turning off DMA on IDE completely: > > boot: linux ide=nodma > >Also, try disabling APIC operations by adding " noapic" to the boot >command: > > boot: linux noapic > >You may need a combination: > > boot: linux ide=nodma noapic > > > >>>Thanks in advance. >>> >>> > >Good luck! > >---------------------------------------------------------------------- >- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - >- VitalStream, Inc. http://www.vitalstream.com - >- - >- "People tell me I look at the dark side. That's not true. I have - >- the heart of a small boy......in a jar right here on my desk." - >- -- Stephen King - >---------------------------------------------------------------------- > >_______________________________________________ >Redhat-install-list mailing list >Redhat-install-list at redhat.com >https://www.redhat.com/mailman/listinfo/redhat-install-list >To Unsubscribe Go To ABOVE URL or send a message to: >redhat-install-list-request at redhat.com >Subject: unsubscribe > > > Rick, Thanks for the responce. Here are the answers to your questions... These drives are PATA and are setup in a non RAID configuration... just standard IDE (master/slave on the IDE bus 1). I have tried several attempts using the boot options you specifed... ide=nodma noapic ide=nodma + noapic All install paths lead to the same error at the same point during the install. I have also tried swapping out hardware... attempted a single IDE 80gig Barracuda drive, swapped out two different cdrom readers The end result being I still get the same error. Pretty odd eh? I have never ever had such a hard time installing a linux distro before. Redhat 9 went on smooth as can be with the originally specified config. Ubuntu, Mandrake also had a smooth installation. Fedora Core 5 actually hangs during the install however when switching bettween CD's or during some seemingly random RPM (was never the same one during the 5 attempts that I made and usually occurred on the first install disc). So all of this and I am still left in the dark. Any further ideas? Thanks, John From powellj at gmail.com Wed Oct 4 01:23:19 2006 From: powellj at gmail.com (John Powell) Date: Tue, 03 Oct 2006 18:23:19 -0700 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 In-Reply-To: <452308E3.8080300@gmail.com> References: <200610031440.k93EeV8g023510@ns2.netmagic.net> <1159897746.3025.28.camel@prophead.corp.publichost.com> <452308E3.8080300@gmail.com> Message-ID: <45230D07.3020300@gmail.com> John Powell wrote: > Rick, > > Thanks for the responce. Here are the answers to your questions... > > These drives are PATA and are setup in a non RAID configuration... > just standard IDE (master/slave on the IDE bus 1). > > I have tried several attempts using the boot options you specifed... > ide=nodma > noapic > ide=nodma + noapic > > All install paths lead to the same error at the same point during the > install. > > I have also tried swapping out hardware... attempted a single IDE > 80gig Barracuda drive, swapped out two different cdrom readers > > The end result being I still get the same error. Pretty odd eh? I have > never ever had such a hard time installing a linux distro before. > Redhat 9 went on smooth as can be with the originally specified > config. Ubuntu, Mandrake also had a smooth installation. Fedora Core 5 > actually hangs during the install however when switching bettween CD's > or during some seemingly random RPM (was never the same one during the > 5 attempts that I made and usually occurred on the first install disc). > > So all of this and I am still left in the dark. Any further ideas? > > Thanks, > John > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > So I just did something I should have done a while ago but thought was uneccessary since I performed a media check on all install discs. Accessing the install console on Terminal F2 I attempted to install the rpm manually and got the following error... "error: /mnt/source/RedHat/RPMS/rpmdb-redhat-4-0.20060803.i386.rpm: V3 DSA signature: BAD, key ID db42a60e..." Isn't this exactley what the media check is looking at when verifying the contents of the installation disc? Why would media check pass in this case? I am going to try once again to burn another CD and attempt the same steps. Who knows... maybe I will get lucky. Regards, John From powellj at gmail.com Wed Oct 4 02:12:45 2006 From: powellj at gmail.com (John Powell) Date: Tue, 03 Oct 2006 19:12:45 -0700 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 In-Reply-To: <45230D07.3020300@gmail.com> References: <200610031440.k93EeV8g023510@ns2.netmagic.net> <1159897746.3025.28.camel@prophead.corp.publichost.com> <452308E3.8080300@gmail.com> <45230D07.3020300@gmail.com> Message-ID: <4523189D.7080108@gmail.com> John Powell wrote: > John Powell wrote: > >> Rick, >> >> Thanks for the responce. Here are the answers to your questions... >> >> These drives are PATA and are setup in a non RAID configuration... >> just standard IDE (master/slave on the IDE bus 1). >> >> I have tried several attempts using the boot options you specifed... >> ide=nodma >> noapic >> ide=nodma + noapic >> >> All install paths lead to the same error at the same point during the >> install. >> >> I have also tried swapping out hardware... attempted a single IDE >> 80gig Barracuda drive, swapped out two different cdrom readers >> >> The end result being I still get the same error. Pretty odd eh? I >> have never ever had such a hard time installing a linux distro >> before. Redhat 9 went on smooth as can be with the originally >> specified config. Ubuntu, Mandrake also had a smooth installation. >> Fedora Core 5 actually hangs during the install however when >> switching bettween CD's or during some seemingly random RPM (was >> never the same one during the 5 attempts that I made and usually >> occurred on the first install disc). >> >> So all of this and I am still left in the dark. Any further ideas? >> >> Thanks, >> John >> >> _______________________________________________ >> Redhat-install-list mailing list >> Redhat-install-list at redhat.com >> https://www.redhat.com/mailman/listinfo/redhat-install-list >> To Unsubscribe Go To ABOVE URL or send a message to: >> redhat-install-list-request at redhat.com >> Subject: unsubscribe >> > So I just did something I should have done a while ago but thought was > uneccessary since I performed a media check on all install discs. > > Accessing the install console on Terminal F2 I attempted to install > the rpm manually and got the following error... > > "error: /mnt/source/RedHat/RPMS/rpmdb-redhat-4-0.20060803.i386.rpm: V3 > DSA signature: BAD, key ID db42a60e..." > > Isn't this exactley what the media check is looking at when verifying > the contents of the installation disc? Why would media check pass in > this case? > > I am going to try once again to burn another CD and attempt the same > steps. Who knows... maybe I will get lucky. > > Regards, > John > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > No luck. The new cd I burned yielded the same results. From dmhunter at charter.net Wed Oct 4 03:32:38 2006 From: dmhunter at charter.net (Dan Hunter) Date: Tue, 3 Oct 2006 22:32:38 -0500 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 References: <200610031440.k93EeV8g023510@ns2.netmagic.net> <1159897746.3025.28.camel@prophead.corp.publichost.com> <452308E3.8080300@gmail.com><45230D07.3020300@gmail.com> <4523189D.7080108@gmail.com> Message-ID: <002601c6e765$be469e10$64011811@mutant> Dumb thought, can you download the ISO image again and try burning that image to disc? ----- Original Message ----- From: "John Powell" To: "Getting started with Red Hat Linux" Sent: Tuesday, October 03, 2006 9:12 PM Subject: Re: Install fails during installation of rpmdb-redhat-4-0.20060803 > John Powell wrote: > >> John Powell wrote: >> >>> Rick, >>> >>> Thanks for the responce. Here are the answers to your questions... >>> >>> These drives are PATA and are setup in a non RAID configuration... just >>> standard IDE (master/slave on the IDE bus 1). >>> >>> I have tried several attempts using the boot options you specifed... >>> ide=nodma >>> noapic >>> ide=nodma + noapic >>> >>> All install paths lead to the same error at the same point during the >>> install. >>> >>> I have also tried swapping out hardware... attempted a single IDE 80gig >>> Barracuda drive, swapped out two different cdrom readers >>> >>> The end result being I still get the same error. Pretty odd eh? I have >>> never ever had such a hard time installing a linux distro before. Redhat >>> 9 went on smooth as can be with the originally specified config. Ubuntu, >>> Mandrake also had a smooth installation. Fedora Core 5 actually hangs >>> during the install however when switching bettween CD's or during some >>> seemingly random RPM (was never the same one during the 5 attempts that >>> I made and usually occurred on the first install disc). >>> >>> So all of this and I am still left in the dark. Any further ideas? >>> >>> Thanks, >>> John >>> >>> _______________________________________________ >>> Redhat-install-list mailing list >>> Redhat-install-list at redhat.com >>> https://www.redhat.com/mailman/listinfo/redhat-install-list >>> To Unsubscribe Go To ABOVE URL or send a message to: >>> redhat-install-list-request at redhat.com >>> Subject: unsubscribe >>> >> So I just did something I should have done a while ago but thought was >> uneccessary since I performed a media check on all install discs. >> >> Accessing the install console on Terminal F2 I attempted to install the >> rpm manually and got the following error... >> >> "error: /mnt/source/RedHat/RPMS/rpmdb-redhat-4-0.20060803.i386.rpm: V3 >> DSA signature: BAD, key ID db42a60e..." >> >> Isn't this exactley what the media check is looking at when verifying the >> contents of the installation disc? Why would media check pass in this >> case? >> >> I am going to try once again to burn another CD and attempt the same >> steps. Who knows... maybe I will get lucky. >> >> Regards, >> John >> >> _______________________________________________ >> Redhat-install-list mailing list >> Redhat-install-list at redhat.com >> https://www.redhat.com/mailman/listinfo/redhat-install-list >> To Unsubscribe Go To ABOVE URL or send a message to: >> redhat-install-list-request at redhat.com >> Subject: unsubscribe >> > No luck. The new cd I burned yielded the same results. > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From rstevens at vitalstream.com Wed Oct 4 17:13:10 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 04 Oct 2006 10:13:10 -0700 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 In-Reply-To: <4523189D.7080108@gmail.com> References: <200610031440.k93EeV8g023510@ns2.netmagic.net> <1159897746.3025.28.camel@prophead.corp.publichost.com> <452308E3.8080300@gmail.com> <45230D07.3020300@gmail.com> <4523189D.7080108@gmail.com> Message-ID: <1159981990.3025.97.camel@prophead.corp.publichost.com> On Tue, 2006-10-03 at 19:12 -0700, John Powell wrote: > John Powell wrote: > > > John Powell wrote: > > > >> Rick, > >> > >> Thanks for the responce. Here are the answers to your questions... > >> > >> These drives are PATA and are setup in a non RAID configuration... > >> just standard IDE (master/slave on the IDE bus 1). > >> > >> I have tried several attempts using the boot options you specifed... > >> ide=nodma > >> noapic > >> ide=nodma + noapic > >> > >> All install paths lead to the same error at the same point during the > >> install. > >> > >> I have also tried swapping out hardware... attempted a single IDE > >> 80gig Barracuda drive, swapped out two different cdrom readers > >> > >> The end result being I still get the same error. Pretty odd eh? I > >> have never ever had such a hard time installing a linux distro > >> before. Redhat 9 went on smooth as can be with the originally > >> specified config. Ubuntu, Mandrake also had a smooth installation. > >> Fedora Core 5 actually hangs during the install however when > >> switching bettween CD's or during some seemingly random RPM (was > >> never the same one during the 5 attempts that I made and usually > >> occurred on the first install disc). > >> > >> So all of this and I am still left in the dark. Any further ideas? > >> > >> Thanks, > >> John > >> > > So I just did something I should have done a while ago but thought was > > uneccessary since I performed a media check on all install discs. > > > > Accessing the install console on Terminal F2 I attempted to install > > the rpm manually and got the following error... > > > > "error: /mnt/source/RedHat/RPMS/rpmdb-redhat-4-0.20060803.i386.rpm: V3 > > DSA signature: BAD, key ID db42a60e..." > > > > Isn't this exactley what the media check is looking at when verifying > > the contents of the installation disc? Why would media check pass in > > this case? > > > > I am going to try once again to burn another CD and attempt the same > > steps. Who knows... maybe I will get lucky. > > > > Regards, > > John > > > No luck. The new cd I burned yielded the same results. IIRC, CD #2 is the fullest (largest ISO image). So, there's two things to ensure: 1. Make sure you're using name-brand 700MB media--NOT 650MB media. I tend towards TDK media. You need a uniform media from the center to the edge. 650MB and "bargain basement" media doesn't have reliable stuff out at the edge. 2. Burn it at less than maximum speed. CDs are written starting at the center of the disk and working out towards the edge in a long spiral data track (like an old LP record, but backwards). The faster you spin the CD (the higher the write speed), the more "flutter" occurs out at the edge and some drives simply don't write well out there. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Perseverance: When you're too damned stubborn to say "I quit!" - ---------------------------------------------------------------------- From celawrence at lbl.gov Wed Oct 4 19:15:43 2006 From: celawrence at lbl.gov (chuck lawrence) Date: Wed, 04 Oct 2006 12:15:43 -0700 Subject: top info? Message-ID: <4524085F.9040506@lbl.gov> hi, this is not an install question, at least I don't think it is. sorry. I've got some greedy apps running that don't let go of allocated memory when they complete. at least that's what I think is happening. I'm looking at top output to troubleshoot. for "Mem:" info, top shows "in_c" and "in_d". these appear to correspond to /proc/meminfo's inact_dirty and inact_clean. is there anyway to clear inact_dirty memory? -- * ------------------- * ----------------------------* | charles e. lawrence | lawrence berkeley nat'l lab | | celawrence at lbl.gov | #1 cyclotron rd ms 50a6134 | | (510) 486-4682 | berkeley ca 94720 | * ------------------- * ----------------------------* "If the human body did patch management the way (companies do), we'd all be dead." www-eng.lbl.gov/~lawrence From rmckeever at earthlink.net Wed Oct 4 19:32:44 2006 From: rmckeever at earthlink.net (Ron McKeever) Date: Wed, 4 Oct 2006 12:32:44 -0700 Subject: top info? In-Reply-To: <4524085F.9040506@lbl.gov> Message-ID: <001e01c6e7eb$ddb18f90$0400a8c0@Hope> http://www.redhat.com/magazine/001nov04/features/vm/ Should help Ron -----Original Message----- From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of chuck lawrence Sent: Wednesday, October 04, 2006 11:16 AM To: redhat-install-list at redhat.com Subject: top info? hi, this is not an install question, at least I don't think it is. sorry. I've got some greedy apps running that don't let go of allocated memory when they complete. at least that's what I think is happening. I'm looking at top output to troubleshoot. for "Mem:" info, top shows "in_c" and "in_d". these appear to correspond to /proc/meminfo's inact_dirty and inact_clean. is there anyway to clear inact_dirty memory? -- * ------------------- * ----------------------------* | charles e. lawrence | lawrence berkeley nat'l lab | | celawrence at lbl.gov | #1 cyclotron rd ms 50a6134 | | (510) 486-4682 | berkeley ca 94720 | * ------------------- * ----------------------------* "If the human body did patch management the way (companies do), we'd all be dead." www-eng.lbl.gov/~lawrence _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe From rstevens at vitalstream.com Wed Oct 4 21:20:57 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 04 Oct 2006 14:20:57 -0700 Subject: top info? In-Reply-To: <4524085F.9040506@lbl.gov> References: <4524085F.9040506@lbl.gov> Message-ID: <1159996857.3025.120.camel@prophead.corp.publichost.com> On Wed, 2006-10-04 at 12:15 -0700, chuck lawrence wrote: > hi, > > this is not an install question, at least I don't think it is. sorry. > > I've got some greedy apps running that don't let go of allocated memory > when they complete. at least that's what I think is happening. I'm > looking at top output to troubleshoot. Hmmm. Well, if the task is truly dead, any memory that it malloc()d should be returned to the pool. However, if it opened IPC mechanisms, that WON'T be automatically returned. You should run "ipcs -t" before you run the apps, while the apps are running and after they terminate. Any message queues, semaphores or shared memory segments that are still there but were owned by the apps can be removed by using ipcrm(8). > for "Mem:" info, top shows "in_c" and "in_d". these appear to > correspond to /proc/meminfo's inact_dirty and inact_clean. > > is there anyway to clear inact_dirty memory? > > ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - 500: Internal Fortune Cookie Error - ---------------------------------------------------------------------- From street_drifter2006 at yahoo.com Thu Oct 5 11:09:55 2006 From: street_drifter2006 at yahoo.com (Eric John) Date: Thu, 5 Oct 2006 04:09:55 -0700 (PDT) Subject: installing compiler Message-ID: <20061005110955.21784.qmail@web58307.mail.re3.yahoo.com> whenever i try to use ./configure, it says 'checking whether the C compiler (gcc ) works... no configure: error: installation or configuration problem: C compiler cannot create executables.' my questions are: 1 - how do I get the compiler to work? 2 - why isnt it working, or how do I find out, 3 - how do I get the update icon back in the lower right corner (I found out what remove does) and 4 - what is the freenode address and irc server for red hat support issues again, I can't seem to find it Thanks __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From powellj at gmail.com Thu Oct 5 16:20:46 2006 From: powellj at gmail.com (John Powell) Date: Thu, 05 Oct 2006 09:20:46 -0700 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 In-Reply-To: <1159981990.3025.97.camel@prophead.corp.publichost.com> References: <200610031440.k93EeV8g023510@ns2.netmagic.net> <1159897746.3025.28.camel@prophead.corp.publichost.com> <452308E3.8080300@gmail.com> <45230D07.3020300@gmail.com> <4523189D.7080108@gmail.com> <1159981990.3025.97.camel@prophead.corp.publichost.com> Message-ID: <452530DE.5090906@gmail.com> Rick Stevens wrote: >On Tue, 2006-10-03 at 19:12 -0700, John Powell wrote: > > >>John Powell wrote: >> >> >> >>>John Powell wrote: >>> >>> >>> >>>>Rick, >>>> >>>>Thanks for the responce. Here are the answers to your questions... >>>> >>>>These drives are PATA and are setup in a non RAID configuration... >>>>just standard IDE (master/slave on the IDE bus 1). >>>> >>>>I have tried several attempts using the boot options you specifed... >>>>ide=nodma >>>>noapic >>>>ide=nodma + noapic >>>> >>>>All install paths lead to the same error at the same point during the >>>>install. >>>> >>>>I have also tried swapping out hardware... attempted a single IDE >>>>80gig Barracuda drive, swapped out two different cdrom readers >>>> >>>>The end result being I still get the same error. Pretty odd eh? I >>>>have never ever had such a hard time installing a linux distro >>>>before. Redhat 9 went on smooth as can be with the originally >>>>specified config. Ubuntu, Mandrake also had a smooth installation. >>>>Fedora Core 5 actually hangs during the install however when >>>>switching bettween CD's or during some seemingly random RPM (was >>>>never the same one during the 5 attempts that I made and usually >>>>occurred on the first install disc). >>>> >>>>So all of this and I am still left in the dark. Any further ideas? >>>> >>>>Thanks, >>>>John >>>> >>>> >>>> >>>So I just did something I should have done a while ago but thought was >>>uneccessary since I performed a media check on all install discs. >>> >>>Accessing the install console on Terminal F2 I attempted to install >>>the rpm manually and got the following error... >>> >>>"error: /mnt/source/RedHat/RPMS/rpmdb-redhat-4-0.20060803.i386.rpm: V3 >>>DSA signature: BAD, key ID db42a60e..." >>> >>>Isn't this exactley what the media check is looking at when verifying >>>the contents of the installation disc? Why would media check pass in >>>this case? >>> >>>I am going to try once again to burn another CD and attempt the same >>>steps. Who knows... maybe I will get lucky. >>> >>>Regards, >>>John >>> >>> >>> >>No luck. The new cd I burned yielded the same results. >> >> > >IIRC, CD #2 is the fullest (largest ISO image). So, there's two things >to ensure: > >1. Make sure you're using name-brand 700MB media--NOT 650MB media. >I tend towards TDK media. You need a uniform media from the center to >the edge. 650MB and "bargain basement" media doesn't have reliable >stuff out at the edge. > >2. Burn it at less than maximum speed. CDs are written starting at the >center of the disk and working out towards the edge in a long spiral >data track (like an old LP record, but backwards). The faster you spin >the CD (the higher the write speed), the more "flutter" occurs out at >the edge and some drives simply don't write well out there. > >---------------------------------------------------------------------- >- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - >- VitalStream, Inc. http://www.vitalstream.com - >- - >- Perseverance: When you're too damned stubborn to say "I quit!" - >---------------------------------------------------------------------- > >_______________________________________________ >Redhat-install-list mailing list >Redhat-install-list at redhat.com >https://www.redhat.com/mailman/listinfo/redhat-install-list >To Unsubscribe Go To ABOVE URL or send a message to: >redhat-install-list-request at redhat.com >Subject: unsubscribe > > > Thanks for the suggestion however the discs ARE fine. I have installed a seperate system with these discs with no issue at all. Still looking for a solution... From bob at bobcatos.com Thu Oct 5 17:16:00 2006 From: bob at bobcatos.com (Bob McClure Jr) Date: Thu, 5 Oct 2006 12:16:00 -0500 Subject: installing compiler In-Reply-To: <20061005110955.21784.qmail@web58307.mail.re3.yahoo.com> References: <20061005110955.21784.qmail@web58307.mail.re3.yahoo.com> Message-ID: <20061005171600.GC22048@bobcat.bobcatos.com> On Thu, Oct 05, 2006 at 04:09:55AM -0700, Eric John wrote: > whenever i try to use ./configure, it says > > 'checking whether the C compiler (gcc ) works... no > configure: error: installation or configuration > problem: C compiler cannot create executables.' > > my questions are: > > 1 - how do I get the compiler to work? Make sure you have all the development tools installed. > 2 - why isnt it working, or how do I find out, At a minimum, you need the gcc and binutils RPMs. To see if you have them: rpm -q gcc binutils > 3 - how do I get the update icon back in the lower > right corner (I found out what remove does) Not sure - I don't use that window manager (I use AfterStep or IceWM). I think you can right-click on a blank area of the toolbar and you will have the ability to install app launcher or mini-apps - you want the latter, I think. > and > > 4 - what is the freenode address and irc server for > red hat support issues again, I can't seem to find it Google is your friend. I searched for "redhat freenode irc" and the first item up was this: http://fedora.redhat.com/participate/communicate/ > Thanks Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. bob at bobcatos.com http://www.bobcatos.com "Where you go in the hereafter depends on what you were after here." - Thanks to Graffiti, 2 March 2004 From rstevens at vitalstream.com Thu Oct 5 18:21:37 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 05 Oct 2006 11:21:37 -0700 Subject: installing compiler In-Reply-To: <20061005171600.GC22048@bobcat.bobcatos.com> References: <20061005110955.21784.qmail@web58307.mail.re3.yahoo.com> <20061005171600.GC22048@bobcat.bobcatos.com> Message-ID: <1160072497.3025.155.camel@prophead.corp.publichost.com> On Thu, 2006-10-05 at 12:16 -0500, Bob McClure Jr wrote: > On Thu, Oct 05, 2006 at 04:09:55AM -0700, Eric John wrote: > > whenever i try to use ./configure, it says > > > > 'checking whether the C compiler (gcc ) works... no > > configure: error: installation or configuration > > problem: C compiler cannot create executables.' > > > > my questions are: > > > > 1 - how do I get the compiler to work? > > Make sure you have all the development tools installed. > > > 2 - why isnt it working, or how do I find out, > > At a minimum, you need the gcc and binutils RPMs. To see if you have > them: > > rpm -q gcc binutils If you don't have them installed and you have the installation CDs handy, run "system-install-packages", select the "Development" and "Legacy Development" package groups and install them. > > 3 - how do I get the update icon back in the lower > > right corner (I found out what remove does) > > Not sure - I don't use that window manager (I use AfterStep or > IceWM). I think you can right-click on a blank area of the toolbar > and you will have the ability to install app launcher or mini-apps - > you want the latter, I think. Yes, right click on the blank menu bar where it used to be, then select "Application Launcher", click on "Forward", then go down to "System Tools", expand that list and select "Red Hat Network Alert Icon" and click on the "Add" button. That should do it. > > and > > > > 4 - what is the freenode address and irc server for > > red hat support issues again, I can't seem to find it > > Google is your friend. I searched for "redhat freenode irc" and the > first item up was this: > > http://fedora.redhat.com/participate/communicate/ > > > Thanks > > Cheers, ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Overweight: When you step on your dog's tail...and it dies. - ---------------------------------------------------------------------- From powellj at gmail.com Thu Oct 5 22:51:28 2006 From: powellj at gmail.com (John Powell) Date: Thu, 05 Oct 2006 15:51:28 -0700 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 In-Reply-To: <1159981990.3025.97.camel@prophead.corp.publichost.com> References: <200610031440.k93EeV8g023510@ns2.netmagic.net> <1159897746.3025.28.camel@prophead.corp.publichost.com> <452308E3.8080300@gmail.com> <45230D07.3020300@gmail.com> <4523189D.7080108@gmail.com> <1159981990.3025.97.camel@prophead.corp.publichost.com> Message-ID: <45258C70.2030901@gmail.com> Ok.. So I have given up on the cd install method. It just aint workin for me. I have setup a ftp server and have attempted to install several times and so far no luck.. I do get past the rpmdb package but now I get the same error while installing the python package. I have since downloaded and replaced the python rpm on the ftp server and tried again... still the same error. I don't understand what is going on! The python rpm was downloaded from rhn and the md5 sum is correct. In addition the binary compare of the original (from the ISO) and the downloaded package from RHN are identical! ARGH!!!!! So frustrating! Please someone help! From dcalhoun at blomand.net Thu Oct 5 23:18:28 2006 From: dcalhoun at blomand.net (Dennis D. Calhoun) Date: Thu, 5 Oct 2006 18:18:28 -0500 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 In-Reply-To: <45258C70.2030901@gmail.com> Message-ID: <000901c6e8d4$91e8ed30$0100a8c0@dennis1> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com > [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of > John Powell > Sent: Thursday, October 05, 2006 5:51 PM > To: Getting started with Red Hat Linux > Subject: Re: Install fails during installation of > rpmdb-redhat-4-0.20060803 > > Ok.. > > So I have given up on the cd install method. It just aint > workin for me. > I have setup a ftp server and have attempted to install > several times and so far no luck.. I do get past the rpmdb > package but now I get the same error while installing the > python package. I have since downloaded and replaced the > python rpm on the ftp server and tried again... still the > same error. I don't understand what is going on! The python > rpm was downloaded from rhn and the md5 sum is correct. In > addition the binary compare of the original (from the ISO) > and the downloaded package from RHN are identical! > > ARGH!!!!! So frustrating! Please someone help! Yes, I bet! This is really strange. Let's see, you've tried to run the installation from two entirely different sources, FTP (networked) and CD (local). I could be way out in left field, but since the data has been input through two distinctly different routes, I have to wonder. No matter where the data for the installation comes from, where is the first *common* place that it goes in the server? RAM? I wonder if your RAM, at least one stick of it, could be the culprit. Like I said, I could be out in left field here, but it's a thought that might be worth checking out. -- Dennis D. Calhoun, MCSA From mrobinson at evault.com Thu Oct 5 23:44:37 2006 From: mrobinson at evault.com (Mike Robinson) Date: Thu, 05 Oct 2006 16:44:37 -0700 Subject: Minimal install of RHEL4 with NO X Message-ID: <452598E5.7010108@evault.com> I assumed that choosing the minimal install would leave me just enough system to add what I needed, and indeed seemed the only method that did not through some dependency tree of doom add the near entirety of X, gnome and kde packages to my install. But alas, the minimal install left me with a broken system where sshd would not start (unable to generate RSA keys), and rpm was missing it's libraries. But at least it didn't install X. I'm using the latest RHEL4 iso's from RHN, and have a keen memory of being able to install a server with no graphical components not so long ago. But it seems impossible at the moment. Any advice? m. From street_drifter2006 at yahoo.com Fri Oct 6 03:51:18 2006 From: street_drifter2006 at yahoo.com (Eric John) Date: Thu, 5 Oct 2006 20:51:18 -0700 (PDT) Subject: installing compiler In-Reply-To: <1160072497.3025.155.camel@prophead.corp.publichost.com> Message-ID: <20061006035118.40466.qmail@web58302.mail.re3.yahoo.com> Thanks to those of you who replied. You all know who you are. I thought google was worthless because of the whole resetting the statistics for terrorstorm thing, and because getting them to open my gmail account is harder than squeezing blood from a stone. Yes, I frequently try to do both. >From what I can tell gcc and binutils are installed, but the BASH is still trying to tell me the compiler is 'not working' What gives.. do I need to search by each of the bins it says it needs and throw them in one of the bin dirs on the path? Perhaps I will attempt this next as I eagerly await your next constructive reply. Also I burned out using google to search for things because I cant compile them... sigh... sucks to be me Ok then oh incidentally does anyone have any advice on installing tor is it recommended and does anyone know if the police have said if they found anything on those computers they siezed... Anyway Israel Dominic Felicianus MH Street_drifter2006 at yahool.com www.inet-services.netfirms.com Rick Stevens wrote: On Thu, 2006-10-05 at 12:16 -0500, Bob McClure Jr wrote: > On Thu, Oct 05, 2006 at 04:09:55AM -0700, Eric John wrote: > > whenever i try to use ./configure, it says > > > > 'checking whether the C compiler (gcc ) works... no > > configure: error: installation or configuration > > problem: C compiler cannot create executables.' > > > > my questions are: > > > > 1 - how do I get the compiler to work? > > Make sure you have all the development tools installed. > > > 2 - why isnt it working, or how do I find out, > > At a minimum, you need the gcc and binutils RPMs. To see if you have > them: > > rpm -q gcc binutils If you don't have them installed and you have the installation CDs handy, run "system-install-packages", select the "Development" and "Legacy Development" package groups and install them. > > 3 - how do I get the update icon back in the lower > > right corner (I found out what remove does) > > Not sure - I don't use that window manager (I use AfterStep or > IceWM). I think you can right-click on a blank area of the toolbar > and you will have the ability to install app launcher or mini-apps - > you want the latter, I think. Yes, right click on the blank menu bar where it used to be, then select "Application Launcher", click on "Forward", then go down to "System Tools", expand that list and select "Red Hat Network Alert Icon" and click on the "Add" button. That should do it. > > and > > > > 4 - what is the freenode address and irc server for > > red hat support issues again, I can't seem to find it > > Google is your friend. I searched for "redhat freenode irc" and the > first item up was this: > > http://fedora.redhat.com/participate/communicate/ > > > Thanks > > Cheers, ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Overweight: When you step on your dog's tail...and it dies. - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe --------------------------------- Get your own web address for just $1.99/1st yr. We'll help. Yahoo! Small Business. -------------- next part -------------- An HTML attachment was scrubbed... URL: From street_drifter2006 at yahoo.com Fri Oct 6 03:55:50 2006 From: street_drifter2006 at yahoo.com (Eric John) Date: Thu, 5 Oct 2006 20:55:50 -0700 (PDT) Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 In-Reply-To: <45258C70.2030901@gmail.com> Message-ID: <20061006035550.42349.qmail@web58307.mail.re3.yahoo.com> python you say? it wouldnt happen to come with an executable compiler?? I dont suppose anything in linux does I tried to install dragonlinux from floppy onto a VAIO 350 Pii one time around 01/02 and as a result of the experience I was overjoyed to find the 4 red hat FC2 install cds came with the one linux class that was offered. I could be wrong but my theory is its easiest if you shell out some money for the cds which is reasonable enough but that is not enough cuz I did and still im like crap John Powell wrote: Ok.. So I have given up on the cd install method. It just aint workin for me. I have setup a ftp server and have attempted to install several times and so far no luck.. I do get past the rpmdb package but now I get the same error while installing the python package. I have since downloaded and replaced the python rpm on the ftp server and tried again... still the same error. I don't understand what is going on! The python rpm was downloaded from rhn and the md5 sum is correct. In addition the binary compare of the original (from the ISO) and the downloaded package from RHN are identical! ARGH!!!!! So frustrating! Please someone help! _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From street_drifter2006 at yahoo.com Fri Oct 6 03:59:44 2006 From: street_drifter2006 at yahoo.com (Eric John) Date: Thu, 5 Oct 2006 20:59:44 -0700 (PDT) Subject: Minimal install of RHEL4 with NO X In-Reply-To: <452598E5.7010108@evault.com> Message-ID: <20061006035944.87227.qmail@web58301.mail.re3.yahoo.com> I dont know, but Ive always assumed DSL/Damn Small Linux was text only because of the size - supposedly around 50 meg or so. I have the disk somewhere email me Also, is there a way to test your RAM if you cant compile because your RAM is bad Mike Robinson wrote: I assumed that choosing the minimal install would leave me just enough system to add what I needed, and indeed seemed the only method that did not through some dependency tree of doom add the near entirety of X, gnome and kde packages to my install. But alas, the minimal install left me with a broken system where sshd would not start (unable to generate RSA keys), and rpm was missing it's libraries. But at least it didn't install X. I'm using the latest RHEL4 iso's from RHN, and have a keen memory of being able to install a server with no graphical components not so long ago. But it seems impossible at the moment. Any advice? m. _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe --------------------------------- Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail. -------------- next part -------------- An HTML attachment was scrubbed... URL: From dmhunter at charter.net Fri Oct 6 04:02:09 2006 From: dmhunter at charter.net (Dan Hunter) Date: Thu, 5 Oct 2006 23:02:09 -0500 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 Message-ID: <006901c6e8fc$3237acf0$64011811@mutant> It's not the media - you proved that by installing with that media on another system. We know that the OS can be installed - you proved that. If it's not software, that only leaves hardware. If I was in your place, I would strip the system down to a single drive, a single CD reader, and a single memory chip. Get rid of the rest. I know this sound a bit like tossing the baby out with the bath water, but.... Try the install. If it still doesn't work --- well I'm stumped. But if it does install, add one piece of hardware and try the install again. Keep this up until you find the one - or more - pieces of hardware that are causing the problem. What would be ideal for trouble shooting this problem would be an identical system that you >>CAN<< get the install to run on. I'm guessing something at the system level is causing the problem. Power supply, motherboard, or memory would be first on my list of suspects. Keep going, I have no doubt that with some time and patience you will solve this problem. Dan Hunter -------------- next part -------------- An HTML attachment was scrubbed... URL: From street_drifter2006 at yahoo.com Fri Oct 6 04:12:04 2006 From: street_drifter2006 at yahoo.com (Eric John) Date: Thu, 5 Oct 2006 21:12:04 -0700 (PDT) Subject: cd/iso install question Message-ID: <20061006041204.33395.qmail@web58311.mail.re3.yahoo.com> Youre probably going to find this hard to believe, but I have another question... I bought the red hat FC2 cds but I am becoming less amused by the switch the cds 6 times and then abort the install because it has some bins or possibly libs it wants me to go find myself presumably on dogpile or somewhere, because goto totally went to shit after yahoo bought them. So my question is this... is there a way to throw the iso on the hd and install off of that, also I think someone may have pulled the old switcheroo on the cds because they have been out of the package maybe twice and 90 percent of the time it says it cant read the disk. Which I PAID FOR grrrr __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From dakcicek at comu.edu.tr Fri Oct 6 08:16:59 2006 From: dakcicek at comu.edu.tr (Davut AKCICEK) Date: Fri, 06 Oct 2006 11:16:59 +0300 Subject: about gcc-fortran run-time message catalog Message-ID: <452610FB.70105@comu.edu.tr> Hi, I've a problem with SPEC2000 SimpleScalar-3.0 Simulator while running wupwise benchmark. When I tried to running wupwise benchmark; it shows these errors and warnings: forrtl: info: Fortran error message number is 29. forrtl: warning: Could not open message catalog: for_msg.cat. forrtl: info: Check environment variable NLSPATH and protection of usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat So, a few of the benchmark couldn't be run(For example wupwise,...). I use Fedora 3 Core, gcc, gcc-fortran for this simulation. Default Fortran compiler doesn't have Fortran Run-time Message Catalog. I downloaded for_msg.cat from internet and put it to /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat. Eventhough while wupwise benchmark is running same errors are viewing. What can I do? Will you suggest to me anything? Thank you very much. * Sincerly, Davut AK???EK(Research Assistant) Canakkale Onskiz Mart University Computer Engineering Department dakcicek ~ comu.edu.tr* From harold at hallikainen.com Fri Oct 6 14:39:57 2006 From: harold at hallikainen.com (Harold Hallikainen) Date: Fri, 6 Oct 2006 07:39:57 -0700 (PDT) Subject: playing video from abc.com? Message-ID: <33892.207.177.227.29.1160145597.squirrel@sujan.hallikainen.org> I'm running FC5 and have the flash player working. When I try to play video from abc.com (such as program episodes), it seems to just sit there downloading from Adobe forever. Has anyone had any luck playing video from abc.com? THANKS! Harold -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available! From mrobinson at evault.com Fri Oct 6 15:23:14 2006 From: mrobinson at evault.com (Mike Robinson) Date: Fri, 06 Oct 2006 08:23:14 -0700 Subject: Minimal install of RHEL4 with NO X In-Reply-To: <20061006035944.87227.qmail@web58301.mail.re3.yahoo.com> References: <20061006035944.87227.qmail@web58301.mail.re3.yahoo.com> Message-ID: <452674E2.1070308@evault.com> Thanks, but a) Damn Small Linux actually has a graphical interface. b) it needs to be RHEL as that's what work specifies. To answer your question: The first disk in the RHEL install has an option to run memtest, I believe that the fedora core installer has the same option. m. Eric John wrote: > I dont know, but Ive always assumed DSL/Damn Small Linux was text only > because of the size - supposedly around 50 meg or so. I have the disk > somewhere email me > > Also, is there a way to test your RAM if you cant compile because your > RAM is bad > > > > */Mike Robinson /* wrote: > > I assumed that choosing the minimal install would leave me just > enough > system to add what I needed, and indeed seemed the only method > that did > not through some dependency tree of doom add the near entirety of X, > gnome and kde packages to my install. > > But alas, the minimal install left me with a broken system where sshd > would not start (unable to generate RSA keys), and rpm was missing > it's > libraries. But at least it didn't install X. > > I'm using the latest RHEL4 iso's from RHN, and have a keen memory of > being able to install a server with no graphical components not so > long > ago. But it seems impossible at the moment. > > Any advice? > > m. > > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > > > ------------------------------------------------------------------------ > Do you Yahoo!? > Everyone is raving about the all-new Yahoo! Mail. > > > ------------------------------------------------------------------------ > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe From rstevens at vitalstream.com Fri Oct 6 17:42:25 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Fri, 06 Oct 2006 10:42:25 -0700 Subject: cd/iso install question In-Reply-To: <20061006041204.33395.qmail@web58311.mail.re3.yahoo.com> References: <20061006041204.33395.qmail@web58311.mail.re3.yahoo.com> Message-ID: <1160156545.3025.175.camel@prophead.corp.publichost.com> On Thu, 2006-10-05 at 21:12 -0700, Eric John wrote: > Youre probably going to find this hard to believe, but > I have another question... > > I bought the red hat FC2 cds but I am becoming less > amused by the switch the cds 6 times and then abort > the install because it has some bins or possibly libs > it wants me to go find myself presumably on dogpile or > somewhere, because goto totally went to shit after > yahoo bought them. > > So my question is this... is there a way to throw the > iso on the hd and install off of that, also I think > someone may have pulled the old switcheroo on the cds > because they have been out of the package maybe twice > and 90 percent of the time it says it cant read the > disk. Yes, you can put all of the CDs into a directory on the HD and use it as an installation. This is the infamous "HD install". Here's a link that'll help: http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/x8664-multi-install-guide/s1-steps-hd-install.html Note that the link refers to RHEL4, however it works for Fedora as well. If all you have available is Windows, use the "rawrite" program to create the .iso images from the CDs. As an aside, note that RHEL4 is based on Fedora Core 3. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - To understand recursion, you must first understand recursion. - ---------------------------------------------------------------------- From micros50 at computer.net Fri Oct 6 18:15:31 2006 From: micros50 at computer.net (mylar) Date: Fri, 06 Oct 2006 14:15:31 -0400 Subject: playing video from abc.com? In-Reply-To: <33892.207.177.227.29.1160145597.squirrel@sujan.hallikainen.org> References: <33892.207.177.227.29.1160145597.squirrel@sujan.hallikainen.org> Message-ID: <1160153705.27227.17.camel@manhattan.ruffe.edu> On Fri, 2006-10-06 at 10:39, Harold Hallikainen wrote: > I'm running FC5 and have the flash player working. When I try to play > video from abc.com (such as program episodes), it seems to just sit there > downloading from Adobe forever. Has anyone had any luck playing video from > abc.com? > > THANKS! > > Harold The question I have is why is it downloading from Adobe ? Shouldn't it be downloading/playing from abc.com ?? Could it be a possible version incompatibility ? What browser are you playing it on ? Could it be looking for a flash player update at Adobe and never finding it ? Reason I mention this is because a lot of websites have switched to using Flash 8. Unfortunately there is no Flash 8 for Linux nor is there going to be. The most recent Flash version for Linux is Flash 7. Adobe claims they are going to be releasing a Flash 9 for Linux sometime in 2007. Still quite a long ways away. mylar From harold at hallikainen.com Fri Oct 6 18:49:00 2006 From: harold at hallikainen.com (Harold Hallikainen) Date: Fri, 6 Oct 2006 11:49:00 -0700 (PDT) Subject: playing video from abc.com? In-Reply-To: <1160153705.27227.17.camel@manhattan.ruffe.edu> References: <33892.207.177.227.29.1160145597.squirrel@sujan.hallikainen.org> <1160153705.27227.17.camel@manhattan.ruffe.edu> Message-ID: <34568.207.177.227.29.1160160540.squirrel@sujan.hallikainen.org> > On Fri, 2006-10-06 at 10:39, Harold Hallikainen wrote: >> I'm running FC5 and have the flash player working. When I try to play >> video from abc.com (such as program episodes), it seems to just sit >> there >> downloading from Adobe forever. Has anyone had any luck playing video >> from >> abc.com? >> >> THANKS! >> >> Harold > > The question I have is why is it downloading from Adobe ? Shouldn't it > be downloading/playing from abc.com ?? > > Could it be a possible version incompatibility ? What browser are you > playing it on ? Could it be looking for a flash player update at Adobe > and never finding it ? > > Reason I mention this is because a lot of websites have switched to > using Flash 8. Unfortunately there is no Flash 8 for Linux nor is there > going to be. The most recent Flash version for Linux is Flash 7. > > Adobe claims they are going to be releasing a Flash 9 for Linux sometime > in 2007. Still quite a long ways away. > > mylar Thanks for the info! I imagine it's trying to do some sort of update, but it just seems to sit there saying it's downloading from Adobe. I'll have to watch the network activity to see if it ever gets done. I've generally gone off and done other stuff, then, when I come back to that browser window, it says it's done, but I still have no video, just a nice white rectangle in the middle of the screen. So, I was just wondering if anyone has gotten that to work. My wife wants to see something she missed this week on ABC. It'd be nice to not have to watch it on a clunky old Windoze machine (our newer machines all run Fedora). Harold -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available! From karlp at ourldsfamily.com Fri Oct 6 21:07:07 2006 From: karlp at ourldsfamily.com (karlp at ourldsfamily.com) Date: Fri, 6 Oct 2006 15:07:07 -0600 (MDT) Subject: Installing RHEL with a memory stick In-Reply-To: <1159813278.18867.279.camel@prophead.corp.publichost.com> References: <1158629397.1267.252.camel@prophead.corp.publichost.com> <27230.198.60.114.90.1159593565.squirrel@webmail.ourldsfamily.com> <1159813278.18867.279.camel@prophead.corp.publichost.com> Message-ID: <45400.207.173.117.242.1160168827.squirrel@webmail.ourldsfamily.com> On Mon, October 2, 2006 12:21 pm, Rick Stevens wrote: > On Fri, 2006-09-29 at 23:19 -0600, karlp at ourldsfamily.com wrote: >> On Mon, September 18, 2006 7:29 pm, Rick Stevens wrote: >> > On Mon, 2006-09-18 at 16:20 -0700, Waldher, Travis R wrote: >> >> Any advice on getting RHEL using a memory stick? >> >> >> >> >> >> >> >> I?ve been googling and have come up with nada. >> >> >> >> >> >> >> >> (the computer doesn?t have CDROM) >> > >> > Well, yeah. You need to download the first CD ISO image and mount >> > it. E.g. >> > >> > # mkdir -p /mnt/work >> > # mount -t iso9660 -o loop /path/to/iso/image /mnt/work >> > >> > On it, you'll find an images/diskboot.img file. Copy that to your >> > pen drive using dd. If the pen drive shows up as /dev/sda, then >> > >> > # dd if=/mnt/work/images/diskboot.img of=/dev/sda bs=2K >> > >> > Then boot from the pen drive, assuming your BIOS supports it. If not, >> > and you have a floppy drive, then download SmartBootManager >> > >> > http://sourceforge.net/project/showfiles.php?group_id=4185 >> > >> > and put it on a floppy. Boot from floppy, specify next boot from the >> > pen drive and voila! From there, you can do net, diskimage, http or ftp >> > install (all the standard install stuff is there). >> >> I've been interested in this since finding and using (credit card CD) >> BBC-LNX >> and DSL for some maintenance issues on some PCs. (I have DSL running on our >> WillCall PC; cool). >> >> I bought a Everex StepNote laptop and installed FC5 on hda2 (WinXP is on >> hda1). It works great. If I boot with a 512MB thumb drive, it says Operating >> System Missing. I followed the above prompt, and it just hangs now. I had to >> dd of=/dev/sda1, however, not just sda because it didn't even recognize the >> thumb drive on boot and went straight to GRUB. >> >> So, any hints? I've tried both distros with no luck on both a 128MB and >> 512MB >> thumb drive. > > Then the BIOS doesn't support booting from USB. The diskboot.img file > is a full image file and should go into /dev/sda--NOT a partition on the > drive. I quote from the README: Actually, it does. I just wasn't doing it right. I was trying to install and boot DSL v3.01 and figured (wrongly) that using USB-HDD install would/should work. I found that USB-ZIP install works marvelously... To verify that the PC would boot from USB I did what you said and got the fedora core 5 install screen (I would like a little distro on the flash drive of FC5 but DSL is very nice, too). > > "The diskboot.img file is a VFAT filesystem image that can be written to > a USB pendrive or other bootable media larger than a floppy. Note that > booting via USB is dependent on your BIOS supporting this. It should > be written to the device using dd." > > Note the word "device", and not "partition". I know, I've done this > a bunch of times, but the machine's BIOS MUST support booting from USB. > You may have to play with the BIOS' USB settings to make this work, but > it DOES work. I had to set the BIOS as USB-ZIP boot on the PC I've got working. One other PC a friend has didn't have a setting for USB boot, but it booted fine on it, too. That was cool. He may try Linux now. > > For example, on my HP laptop, you must hit F10, go to the "Advanced" > settings, down to "Boot Order", expand the "Hard Disk" list, and switch > the priority from "HD, USB" to "USB, HD". I just confirmed this using > a Memorex TravelDrive 128MB pen drive and the bootdisk.img file from > FC5. Now, if I have a USB drive, it boots off that. If not, it boots > from hard disk as normal. So, short story made longer by this geezer + 1 person (that's a 51 year old), I got it to work and can boot fine. Karl > > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - Memory is the second thing to go, but I can't remember the first! - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > -- karl _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- Senior Consulting Sys/DB Analyst http://consulting.ourldsfamily.com --- My Thoughts on Terrorism In America right after 9/11/2001: http://www.ourldsfamily.com/wtc.shtml --- The world is a dangerous place to live... not because of the people who are evil, but because of the people who don't do anything about it. - Albert Einstein --- From rstevens at vitalstream.com Fri Oct 6 22:05:06 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Fri, 06 Oct 2006 15:05:06 -0700 Subject: Installing RHEL with a memory stick In-Reply-To: <45400.207.173.117.242.1160168827.squirrel@webmail.ourldsfamily.com> References: <1158629397.1267.252.camel@prophead.corp.publichost.com> <27230.198.60.114.90.1159593565.squirrel@webmail.ourldsfamily.com> <1159813278.18867.279.camel@prophead.corp.publichost.com> <45400.207.173.117.242.1160168827.squirrel@webmail.ourldsfamily.com> Message-ID: <1160172306.3025.179.camel@prophead.corp.publichost.com> On Fri, 2006-10-06 at 15:07 -0600, karlp at ourldsfamily.com wrote: > On Mon, October 2, 2006 12:21 pm, Rick Stevens wrote: > > On Fri, 2006-09-29 at 23:19 -0600, karlp at ourldsfamily.com wrote: > >> On Mon, September 18, 2006 7:29 pm, Rick Stevens wrote: > >> > On Mon, 2006-09-18 at 16:20 -0700, Waldher, Travis R wrote: > >> >> Any advice on getting RHEL using a memory stick? > >> >> > >> >> > >> >> > >> >> I?ve been googling and have come up with nada. > >> >> > >> >> > >> >> > >> >> (the computer doesn?t have CDROM) > >> > > >> > Well, yeah. You need to download the first CD ISO image and mount > >> > it. E.g. > >> > > >> > # mkdir -p /mnt/work > >> > # mount -t iso9660 -o loop /path/to/iso/image /mnt/work > >> > > >> > On it, you'll find an images/diskboot.img file. Copy that to your > >> > pen drive using dd. If the pen drive shows up as /dev/sda, then > >> > > >> > # dd if=/mnt/work/images/diskboot.img of=/dev/sda bs=2K > >> > > >> > Then boot from the pen drive, assuming your BIOS supports it. If not, > >> > and you have a floppy drive, then download SmartBootManager > >> > > >> > http://sourceforge.net/project/showfiles.php?group_id=4185 > >> > > >> > and put it on a floppy. Boot from floppy, specify next boot from the > >> > pen drive and voila! From there, you can do net, diskimage, http or ftp > >> > install (all the standard install stuff is there). > >> > >> I've been interested in this since finding and using (credit card CD) > >> BBC-LNX > >> and DSL for some maintenance issues on some PCs. (I have DSL running on our > >> WillCall PC; cool). > >> > >> I bought a Everex StepNote laptop and installed FC5 on hda2 (WinXP is on > >> hda1). It works great. If I boot with a 512MB thumb drive, it says Operating > >> System Missing. I followed the above prompt, and it just hangs now. I had to > >> dd of=/dev/sda1, however, not just sda because it didn't even recognize the > >> thumb drive on boot and went straight to GRUB. > >> > >> So, any hints? I've tried both distros with no luck on both a 128MB and > >> 512MB > >> thumb drive. > > > > Then the BIOS doesn't support booting from USB. The diskboot.img file > > is a full image file and should go into /dev/sda--NOT a partition on the > > drive. I quote from the README: > > Actually, it does. I just wasn't doing it right. I was trying to install and > boot DSL v3.01 and figured (wrongly) that using USB-HDD install would/should > work. I found that USB-ZIP install works marvelously... To verify that the PC > would boot from USB I did what you said and got the fedora core 5 install > screen (I would like a little distro on the flash drive of FC5 but DSL is very > nice, too). Ah! Congratulations! See, a little perseverance works wonders! > > "The diskboot.img file is a VFAT filesystem image that can be written to > > a USB pendrive or other bootable media larger than a floppy. Note that > > booting via USB is dependent on your BIOS supporting this. It should > > be written to the device using dd." > > > > Note the word "device", and not "partition". I know, I've done this > > a bunch of times, but the machine's BIOS MUST support booting from USB. > > You may have to play with the BIOS' USB settings to make this work, but > > it DOES work. > > I had to set the BIOS as USB-ZIP boot on the PC I've got working. One other PC > a friend has didn't have a setting for USB boot, but it booted fine on it, > too. That was cool. He may try Linux now. Good! YAC (yet another convert)! > > For example, on my HP laptop, you must hit F10, go to the "Advanced" > > settings, down to "Boot Order", expand the "Hard Disk" list, and switch > > the priority from "HD, USB" to "USB, HD". I just confirmed this using > > a Memorex TravelDrive 128MB pen drive and the bootdisk.img file from > > FC5. Now, if I have a USB drive, it boots off that. If not, it boots > > from hard disk as normal. > > So, short story made longer by this geezer + 1 person (that's a 51 year old), > I got it to work and can boot fine. Well done. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - If you can't beat your computer at chess...try kickboxing! - ---------------------------------------------------------------------- From rstevens at vitalstream.com Fri Oct 6 22:20:58 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Fri, 06 Oct 2006 15:20:58 -0700 Subject: installing compiler In-Reply-To: <20061006035118.40466.qmail@web58302.mail.re3.yahoo.com> References: <20061006035118.40466.qmail@web58302.mail.re3.yahoo.com> Message-ID: <1160173258.3025.193.camel@prophead.corp.publichost.com> On Thu, 2006-10-05 at 20:51 -0700, Eric John wrote: > Thanks to those of you who replied. You all know who you are. Eric, we prefer bottom posting here (post your comments AFTER what you're commenting on). It makes it a lot easier to follow the chronology and logic flow of the messages. > I thought google was worthless because of the whole resetting the > statistics for terrorstorm thing, and because getting them to open my > gmail account is harder than squeezing blood from a stone. Yes, I > frequently try to do both. > > From what I can tell gcc and binutils are installed, but the BASH is > still trying to tell me the compiler is 'not working' The "not working" thing is more than a little ambiguous, and smells more like an error message from a broken install script than something the system would spit out. > What gives.. do I need to search by each of the bins it says it needs > and throw them in one of the bin dirs on the path? Perhaps I will > attempt this next as I eagerly await your next constructive reply. Can you do "gcc -v" successfully? For example, on an FC4 machine, it will pop up with: [rick at prophead etc]$ gcc -v Using built-in specs. Target: i386-redhat-linux Configured with: ../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-threads=posix --enable-checking=release --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-libgcj-multifile --enable-languages=c,c++,objc,java,f95,ada --enable-java-awt=gtk --with-java-home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre --host=i386-redhat-linux Thread model: posix gcc version 4.0.2 20051125 (Red Hat 4.0.2-8) > Also I burned out using google to search for things because I cant > compile them... sigh... sucks to be me > > Ok then oh incidentally does anyone have any advice on installing tor > is it recommended and does anyone know if the police have said if they > found anything on those computers they siezed... Huh? > Rick Stevens wrote: > On Thu, 2006-10-05 at 12:16 -0500, Bob McClure Jr wrote: > > On Thu, Oct 05, 2006 at 04:09:55AM -0700, Eric John wrote: > > > whenever i try to use ./configure, it says > > > > > > 'checking whether the C compiler (gcc ) works... no > > > configure: error: installation or configuration > > > problem: C compiler cannot create executables.' The most likely candidate there is that you don't have write permissions for the directory you're working in. First, find out who you're logged in as, then verify that YOU have write permissions in the current directory. That can be done by doing an "ls -l `pwd`". Verify that you are the owner of the of the directory. For example, I'm logged in as rick: [rick at prophead etc]$ whoami rick And here's the permissions of the directory I'm in: [rick at prophead etc]$ ls -ld `pwd` drwxr-xr-x 8 root root 4096 Sep 11 13:56 /usr/local/etc So, I don't have write permissions in this directory--only user "root" can write to it. If I were to run a configure script here, I'd get the same errors you did. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - The Theory of Rapitivity: E=MC Hammer - - -- Glenn Marcus (via TopFive.com) - ---------------------------------------------------------------------- From rstevens at vitalstream.com Fri Oct 6 22:32:29 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Fri, 06 Oct 2006 15:32:29 -0700 Subject: about gcc-fortran run-time message catalog In-Reply-To: <452610FB.70105@comu.edu.tr> References: <452610FB.70105@comu.edu.tr> Message-ID: <1160173949.3025.203.camel@prophead.corp.publichost.com> On Fri, 2006-10-06 at 11:16 +0300, Davut AKCICEK wrote: > Hi, > I've a problem with SPEC2000 SimpleScalar-3.0 Simulator while running > wupwise benchmark. > When I tried to running wupwise benchmark; it shows these errors and > warnings: > > forrtl: info: Fortran error message number is 29. > forrtl: warning: Could not open message catalog: for_msg.cat. > forrtl: info: Check environment variable NLSPATH and protection of > usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat > > So, a few of the benchmark couldn't be run(For example wupwise,...). > > I use Fedora 3 Core, gcc, gcc-fortran for this simulation. Default > Fortran compiler doesn't have Fortran Run-time Message > Catalog. I downloaded for_msg.cat from internet and put it to > /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat. > > Eventhough while wupwise benchmark is running same errors are viewing. > > What can I do? Will you suggest to me anything? Well, first off, make sure that the file you installed is readable by all users. As the root user, do: chmod ugo+r /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat That will ensure that everyone can read the file. You also want to ensure that everyone can traverse the path to the file, so run namei on the path. Again, as root run namei -m /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat You should see something like: [root at prophead ~]# namei -m /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat f: /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat drwxr-xr-x / drwxr-xr-x usr drwxr-xr-x lib drwxr-xr-x nls drwxr-xr-x msg drwxr-xr-x en_US.ISO8859-1 -r--r--r-- for_msg.cat The important bits there are the "rwxr-xr-x" parts for each segment of the path to the file. If ANY path segment is missing the last "r-x" bit, other users can't get to the file and you'll get the same error. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Do you know where _your_ towel is? - ---------------------------------------------------------------------- From micros50 at computer.net Fri Oct 6 22:41:22 2006 From: micros50 at computer.net (mylar) Date: Fri, 06 Oct 2006 18:41:22 -0400 Subject: playing video from abc.com? In-Reply-To: <34568.207.177.227.29.1160160540.squirrel@sujan.hallikainen.org> References: <33892.207.177.227.29.1160145597.squirrel@sujan.hallikainen.org> <1160153705.27227.17.camel@manhattan.ruffe.edu> <34568.207.177.227.29.1160160540.squirrel@sujan.hallikainen.org> Message-ID: <1160174480.27227.497.camel@manhattan.ruffe.edu> On Fri, 2006-10-06 at 14:49, Harold Hallikainen wrote: > > On Fri, 2006-10-06 at 10:39, Harold Hallikainen wrote: > >> I'm running FC5 and have the flash player working. When I try to play > >> video from abc.com (such as program episodes), it seems to just sit > >> there > >> downloading from Adobe forever. Has anyone had any luck playing video > >> from > >> abc.com? > >> > >> THANKS! > >> > >> Harold > > > > The question I have is why is it downloading from Adobe ? Shouldn't it > > be downloading/playing from abc.com ?? > > > > Could it be a possible version incompatibility ? What browser are you > > playing it on ? Could it be looking for a flash player update at Adobe > > and never finding it ? > > > > Reason I mention this is because a lot of websites have switched to > > using Flash 8. Unfortunately there is no Flash 8 for Linux nor is there > > going to be. The most recent Flash version for Linux is Flash 7. > > > > Adobe claims they are going to be releasing a Flash 9 for Linux sometime > > in 2007. Still quite a long ways away. > > > > mylar > > > Thanks for the info! I imagine it's trying to do some sort of update, but > it just seems to sit there saying it's downloading from Adobe. I'll have > to watch the network activity to see if it ever gets done. I've generally > gone off and done other stuff, then, when I come back to that browser > window, it says it's done, but I still have no video, just a nice white > rectangle in the middle of the screen. > > So, I was just wondering if anyone has gotten that to work. My wife wants > to see something she missed this week on ABC. It'd be nice to not have to > watch it on a clunky old Windoze machine (our newer machines all run > Fedora). > > Harold > Just out of curiosity I decided to take a look at abc.com. abc.com seems to be another one of those major commercial media sites that doesn't seem to know (or care) that such a thing as Linux exists. The flash vids on their front page play under flash 7 but when i went to their feature video I just get a blank white screen. According to their FAQ they claim that Flash vers. 8 is required so that's likely the problem. I did manage to get it to work under Internet Exploiter with Flash vers 8 running on my Linux desktop under WINE. mylar From harold at hallikainen.com Fri Oct 6 22:52:24 2006 From: harold at hallikainen.com (Harold Hallikainen) Date: Fri, 6 Oct 2006 15:52:24 -0700 (PDT) Subject: playing video from abc.com? In-Reply-To: <1160174480.27227.497.camel@manhattan.ruffe.edu> References: <33892.207.177.227.29.1160145597.squirrel@sujan.hallikainen.org> <1160153705.27227.17.camel@manhattan.ruffe.edu> <34568.207.177.227.29.1160160540.squirrel@sujan.hallikainen.org> <1160174480.27227.497.camel@manhattan.ruffe.edu> Message-ID: <35429.207.177.227.29.1160175144.squirrel@sujan.hallikainen.org> > On Fri, 2006-10-06 at 14:49, Harold Hallikainen wrote: >> > On Fri, 2006-10-06 at 10:39, Harold Hallikainen wrote: >> >> I'm running FC5 and have the flash player working. When I try to play >> >> video from abc.com (such as program episodes), it seems to just sit >> >> there >> >> downloading from Adobe forever. Has anyone had any luck playing video >> >> from >> >> abc.com? >> >> >> >> THANKS! >> >> >> >> Harold >> > >> > The question I have is why is it downloading from Adobe ? Shouldn't >> it >> > be downloading/playing from abc.com ?? >> > >> > Could it be a possible version incompatibility ? What browser are you >> > playing it on ? Could it be looking for a flash player update at Adobe >> > and never finding it ? >> > >> > Reason I mention this is because a lot of websites have switched to >> > using Flash 8. Unfortunately there is no Flash 8 for Linux nor is >> there >> > going to be. The most recent Flash version for Linux is Flash 7. >> > >> > Adobe claims they are going to be releasing a Flash 9 for Linux >> sometime >> > in 2007. Still quite a long ways away. >> > >> > mylar >> >> >> Thanks for the info! I imagine it's trying to do some sort of update, >> but >> it just seems to sit there saying it's downloading from Adobe. I'll have >> to watch the network activity to see if it ever gets done. I've >> generally >> gone off and done other stuff, then, when I come back to that browser >> window, it says it's done, but I still have no video, just a nice white >> rectangle in the middle of the screen. >> >> So, I was just wondering if anyone has gotten that to work. My wife >> wants >> to see something she missed this week on ABC. It'd be nice to not have >> to >> watch it on a clunky old Windoze machine (our newer machines all run >> Fedora). >> >> Harold >> > > Just out of curiosity I decided to take a look at abc.com. abc.com > seems to be another one of those major commercial media sites that > doesn't seem to know (or care) that such a thing as Linux exists. The > flash vids on their front page play under flash 7 but when i went to > their feature video I just get a blank white screen. According to their > FAQ they claim that Flash vers. 8 is required so that's likely the > problem. I did manage to get it to work under Internet Exploiter with > Flash vers 8 running on my Linux desktop under WINE. > > mylar OK, Thanks! I've installed WINE, but have not tried running anything under it. I understand Flash 9 for Linux is due out early next year. I'll mess with WINE a bit. Thanks! Harold -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available! From harold at hallikainen.com Sat Oct 7 03:46:46 2006 From: harold at hallikainen.com (Harold Hallikainen) Date: Fri, 6 Oct 2006 20:46:46 -0700 (PDT) Subject: playing video from abc.com? In-Reply-To: <1160153705.27227.17.camel@manhattan.ruffe.edu> References: <33892.207.177.227.29.1160145597.squirrel@sujan.hallikainen.org> <1160153705.27227.17.camel@manhattan.ruffe.edu> Message-ID: <53973.192.168.1.1.1160192806.squirrel@sujan.hallikainen.org> > On Fri, 2006-10-06 at 10:39, Harold Hallikainen wrote: >> I'm running FC5 and have the flash player working. When I try to play >> video from abc.com (such as program episodes), it seems to just sit >> there >> downloading from Adobe forever. Has anyone had any luck playing video >> from >> abc.com? >> >> THANKS! >> >> Harold > > The question I have is why is it downloading from Adobe ? Shouldn't it > be downloading/playing from abc.com ?? > > Could it be a possible version incompatibility ? What browser are you > playing it on ? Could it be looking for a flash player update at Adobe > and never finding it ? > > Reason I mention this is because a lot of websites have switched to > using Flash 8. Unfortunately there is no Flash 8 for Linux nor is there > going to be. The most recent Flash version for Linux is Flash 7. > > Adobe claims they are going to be releasing a Flash 9 for Linux sometime > in 2007. Still quite a long ways away. > Well, I got it to work! This is the first time I've tried WINE, but I'm impressed. I downloaded the Windows version of Firefox, clicked on the installer in the wine file finder. It installed and ran great! Then, went to Adobe and installed (from within the Windows Firefox) the latest Flash player. We can now see the video on abc.com . Thanks for the ideas! Harold -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available! From micros50 at computer.net Sat Oct 7 08:46:54 2006 From: micros50 at computer.net (mylar) Date: Sat, 07 Oct 2006 04:46:54 -0400 Subject: playing video from abc.com? In-Reply-To: <53973.192.168.1.1.1160192806.squirrel@sujan.hallikainen.org> References: <33892.207.177.227.29.1160145597.squirrel@sujan.hallikainen.org> <1160153705.27227.17.camel@manhattan.ruffe.edu> <53973.192.168.1.1.1160192806.squirrel@sujan.hallikainen.org> Message-ID: <1160210813.27227.1120.camel@manhattan.ruffe.edu> On Fri, 2006-10-06 at 23:46, Harold Hallikainen wrote: > > On Fri, 2006-10-06 at 10:39, Harold Hallikainen wrote: > >> I'm running FC5 and have the flash player working. When I try to play > >> video from abc.com (such as program episodes), it seems to just sit > >> there > >> downloading from Adobe forever. Has anyone had any luck playing video > >> from > >> abc.com? > >> > >> THANKS! > >> > >> Harold > > > > The question I have is why is it downloading from Adobe ? Shouldn't it > > be downloading/playing from abc.com ?? > > > > Could it be a possible version incompatibility ? What browser are you > > playing it on ? Could it be looking for a flash player update at Adobe > > and never finding it ? > > > > Reason I mention this is because a lot of websites have switched to > > using Flash 8. Unfortunately there is no Flash 8 for Linux nor is there > > going to be. The most recent Flash version for Linux is Flash 7. > > > > Adobe claims they are going to be releasing a Flash 9 for Linux sometime > > in 2007. Still quite a long ways away. > > > > Well, I got it to work! This is the first time I've tried WINE, but I'm > impressed. I downloaded the Windows version of Firefox, clicked on the > installer in the wine file finder. It installed and ran great! Then, went > to Adobe and installed (from within the Windows Firefox) the latest Flash > player. We can now see the video on abc.com . > > Thanks for the ideas! > > Harold Glad it worked out. Also yeah, I have to try the Win vers. of Firefox and Opera under WINE. Currently I'm just running Internet Exploiter under WINE. I also got it to work under the Linux version of Firefox by installing the Windows Flash 9 plugin under a Demo version of Crossover ... http://codeweavers.org Crossover is essentially WINE in a nice wrapper. However, Crossover is not free but there is a free demo version that you can play around with. However,since you have it working fine directly under WINE you're all set. mylar From powellj at gmail.com Mon Oct 9 03:11:44 2006 From: powellj at gmail.com (John Powell) Date: Sun, 08 Oct 2006 20:11:44 -0700 Subject: Install fails during installation of rpmdb-redhat-4-0.20060803 In-Reply-To: <000901c6e8d4$91e8ed30$0100a8c0@dennis1> References: <000901c6e8d4$91e8ed30$0100a8c0@dennis1> Message-ID: <4529BDF0.2040500@gmail.com> Dennis D. Calhoun wrote: >Yes, I bet! This is really strange. > >Let's see, you've tried to run the installation from two entirely >different sources, FTP (networked) and CD (local). > >I could be way out in left field, but since the data has been input >through two distinctly different routes, I have to wonder. > >No matter where the data for the installation comes from, where is the >first *common* place that it goes in the server? RAM? I wonder if your >RAM, at least one stick of it, could be the culprit. > >Like I said, I could be out in left field here, but it's a thought >that might be worth checking out. >-- >Dennis D. Calhoun, MCSA > > > >_______________________________________________ >Redhat-install-list mailing list >Redhat-install-list at redhat.com >https://www.redhat.com/mailman/listinfo/redhat-install-list >To Unsubscribe Go To ABOVE URL or send a message to: >redhat-install-list-request at redhat.com >Subject: unsubscribe > > > Dennis, You were spot on! Thanks a bunch for the kick in the butt to test my memory. The 1 gig Kingston stick that I recently added to the system proved to be the problem. The system is now installed and up and running. Thanks to everyone on this forum for their ideas and support! Regards, ./John From dakcicek at comu.edu.tr Mon Oct 9 06:46:46 2006 From: dakcicek at comu.edu.tr (Davut AKCICEK) Date: Mon, 09 Oct 2006 09:46:46 +0300 Subject: about gcc-fortran run-time message catalog In-Reply-To: <1160173949.3025.203.camel@prophead.corp.publichost.com> References: <452610FB.70105@comu.edu.tr> <1160173949.3025.203.camel@prophead.corp.publichost.com> Message-ID: <4529F056.9080101@comu.edu.tr> Rick Stevens yazm??: > On Fri, 2006-10-06 at 11:16 +0300, Davut AKCICEK wrote: > >> Hi, >> I've a problem with SPEC2000 SimpleScalar-3.0 Simulator while running >> wupwise benchmark. >> When I tried to running wupwise benchmark; it shows these errors and >> warnings: >> >> forrtl: info: Fortran error message number is 29. >> forrtl: warning: Could not open message catalog: for_msg.cat. >> forrtl: info: Check environment variable NLSPATH and protection of >> usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat >> >> So, a few of the benchmark couldn't be run(For example wupwise,...). >> >> I use Fedora 3 Core, gcc, gcc-fortran for this simulation. Default >> Fortran compiler doesn't have Fortran Run-time Message >> Catalog. I downloaded for_msg.cat from internet and put it to >> /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat. >> >> Eventhough while wupwise benchmark is running same errors are viewing. >> >> What can I do? Will you suggest to me anything? >> > > Well, first off, make sure that the file you installed is readable by > all users. As the root user, do: > > chmod ugo+r /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat > > That will ensure that everyone can read the file. You also want to > ensure that everyone can traverse the path to the file, so run namei > on the path. Again, as root run > > namei -m /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat > > You should see something like: > > [root at prophead ~]# namei -m /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat > f: /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat > drwxr-xr-x / > drwxr-xr-x usr > drwxr-xr-x lib > drwxr-xr-x nls > drwxr-xr-x msg > drwxr-xr-x en_US.ISO8859-1 > -r--r--r-- for_msg.cat > > The important bits there are the "rwxr-xr-x" parts for each segment of > the path to the file. If ANY path segment is missing the last "r-x" > bit, other users can't get to the file and you'll get the same error. > > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - Do you know where _your_ towel is? - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > > First, Thanks for reply.. Eventhough files's permissions are : [root at davut simplesim-3.0]# ls -ls /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat 16 -rwxrwxrwx 1 davut davut 9430 Eki 5 22:15 /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat [root at davut simplesim-3.0]# namei -m /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat f: /usr/lib/nls/msg/en_US.ISO8859-1/for_msg.cat drwxr-xr-x / drwxr-xr-x usr drwxr-xr-x lib drwxr-xr-x nls drwxr-xr-x msg drwxr-xr-x en_US.ISO8859-1 -rwxrwxrwx for_msg.cat Still, it gives same error.. May be another problem about Fortran compiler... Otherwise, this file must be all the way. Thank you very much. -- Davut AKCICEK Research Assistant) Canakkale Onsekiz Mart University Computer Engineering Department dakcicek ~ comu edu tr From DDonovan at latentzero.com Mon Oct 9 14:29:00 2006 From: DDonovan at latentzero.com (Daniel Donovan) Date: Mon, 9 Oct 2006 15:29:00 +0100 Subject: Installing subversion on solaris 8 Message-ID: I am trying to install subversion-1.4.0-sol10-sparc-local.gz on a solaris 8 box. I have also installed some of the packages that come with the above file from www.sunfreeware.com such as neon etc ... When I run ldd on svn, I get the following output: /nanfs02/home/ddonovan/practice/svn> ldd `which svn` libsvn_client-1.so.0 => /usr/local/lib/libsvn_client-1.so.0 libsvn_wc-1.so.0 => /usr/local/lib/libsvn_wc-1.so.0 libsvn_ra-1.so.0 => /usr/local/lib/libsvn_ra-1.so.0 libsvn_diff-1.so.0 => /usr/local/lib/libsvn_diff-1.so.0 libsvn_ra_local-1.so.0 => /usr/local/lib/libsvn_ra_local-1.so.0 libsvn_repos-1.so.0 => /usr/local/lib/libsvn_repos-1.so.0 libsvn_fs-1.so.0 => /usr/local/lib/libsvn_fs-1.so.0 libsvn_fs_fs-1.so.0 => /usr/local/lib/libsvn_fs_fs-1.so.0 libsvn_fs_base-1.so.0 => /usr/local/lib/libsvn_fs_base-1.so.0 libsvn_ra_svn-1.so.0 => /usr/local/lib/libsvn_ra_svn-1.so.0 libsvn_ra_dav-1.so.0 => /usr/local/lib/libsvn_ra_dav-1.so.0 libsvn_delta-1.so.0 => /usr/local/lib/libsvn_delta-1.so.0 libsvn_subr-1.so.0 => /usr/local/lib/libsvn_subr-1.so.0 libaprutil-0.so.0 => /usr/local/lib/libaprutil-0.so.0 libdb-4.2.so => /usr/local/BerkeleyDB.4.2/lib/libdb-4.2.so libiconv.so.2 => /usr/local/lib/libiconv.so.2 libapr-0.so.0 => /usr/local/lib/libapr-0.so.0 libsendfile.so.1 => /usr/lib/libsendfile.so.1 librt.so.1 => /usr/lib/librt.so.1 libm.so.2 => /usr/lib/libm.so.2 libresolv.so.2 => /usr/lib/libresolv.so.2 libpthread.so.1 => /usr/lib/libpthread.so.1 libneon.so.25 => /usr/local/lib/libneon.so.25 libssl.so.0.9.8 => /usr/local/ssl/lib/libssl.so.0.9.8 libcrypto.so.0.9.8 => /usr/local/ssl/lib/libcrypto.so.0.9.8 libnsl.so.1 => /usr/lib/libnsl.so.1 libexpat.so.0 => /usr/local/lib/libexpat.so.0 libsocket.so.1 => /usr/lib/libsocket.so.1 libz.so => /usr/lib/libz.so libc.so.1 => /usr/lib/libc.so.1 libgcc_s.so.1 => /var/gnu/3.4.0/lib/libgcc_s.so.1 libm.so.2 (SUNW_1.2) => (version not found) libc.so.1 (SUNW_1.22) => (version not found) libdl.so.1 => /usr/lib/libdl.so.1 libaio.so.1 => /usr/lib/libaio.so.1 libc.so.1 (SUNW_1.22) => (version not found) libmp.so.2 => /usr/lib/libmp.so.2 libthread.so.1 => /usr/lib/libthread.so.1 /usr/platform/SUNW,Sun-Fire-480R/lib/libc_psr.so.1 The problem lines are highlighted in red. As suggested in www.sunfreeware.com/subversion.html, I ran the following command: ln -s /usr/lib/libm.so.1 /usr/lib/libm.so.2 As libm.so.2 doesn't exist on solaris 8. However, when I try to run: svn help I get the following error: ld.so.1: svn: fatal: libm.so.2: version `SUNW_1.2' not found (required by file /usr/local/lib/libapr-0.so.0) Killed Do you know how I can resolve this? I'm guessing that when libm.so.2 has been sorted out, it will complain about libc.so.1 ... Regards, Dan. _______________________________________________________________________ The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. _____________________________________________________________________ This e-mail has been scanned for viruses by Verizon Business Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From DDonovan at latentzero.com Mon Oct 9 14:31:53 2006 From: DDonovan at latentzero.com (Daniel Donovan) Date: Mon, 9 Oct 2006 15:31:53 +0100 Subject: Installing subversion on solaris 8 In-Reply-To: Message-ID: Sorry, sent this to the wrong list!!! Please ignore! -----Original Message----- From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of Daniel Donovan Sent: 09 October 2006 15:29 To: redhat-install-list at redhat.com Subject: Installing subversion on solaris 8 I am trying to install subversion-1.4.0-sol10-sparc-local.gz on a solaris 8 box. I have also installed some of the packages that come with the above file from www.sunfreeware.com such as neon etc ... When I run ldd on svn, I get the following output: /nanfs02/home/ddonovan/practice/svn> ldd `which svn` libsvn_client-1.so.0 => /usr/local/lib/libsvn_client-1.so.0 libsvn_wc-1.so.0 => /usr/local/lib/libsvn_wc-1.so.0 libsvn_ra-1.so.0 => /usr/local/lib/libsvn_ra-1.so.0 libsvn_diff-1.so.0 => /usr/local/lib/libsvn_diff-1.so.0 libsvn_ra_local-1.so.0 => /usr/local/lib/libsvn_ra_local-1.so.0 libsvn_repos-1.so.0 => /usr/local/lib/libsvn_repos-1.so.0 libsvn_fs-1.so.0 => /usr/local/lib/libsvn_fs-1.so.0 libsvn_fs_fs-1.so.0 => /usr/local/lib/libsvn_fs_fs-1.so.0 libsvn_fs_base-1.so.0 => /usr/local/lib/libsvn_fs_base-1.so.0 libsvn_ra_svn-1.so.0 => /usr/local/lib/libsvn_ra_svn-1.so.0 libsvn_ra_dav-1.so.0 => /usr/local/lib/libsvn_ra_dav-1.so.0 libsvn_delta-1.so.0 => /usr/local/lib/libsvn_delta-1.so.0 libsvn_subr-1.so.0 => /usr/local/lib/libsvn_subr-1.so.0 libaprutil-0.so.0 => /usr/local/lib/libaprutil-0.so.0 libdb-4.2.so => /usr/local/BerkeleyDB.4.2/lib/libdb-4.2.so libiconv.so.2 => /usr/local/lib/libiconv.so.2 libapr-0.so.0 => /usr/local/lib/libapr-0.so.0 libsendfile.so.1 => /usr/lib/libsendfile.so.1 librt.so.1 => /usr/lib/librt.so.1 libm.so.2 => /usr/lib/libm.so.2 libresolv.so.2 => /usr/lib/libresolv.so.2 libpthread.so.1 => /usr/lib/libpthread.so.1 libneon.so.25 => /usr/local/lib/libneon.so.25 libssl.so.0.9.8 => /usr/local/ssl/lib/libssl.so.0.9.8 libcrypto.so.0.9.8 => /usr/local/ssl/lib/libcrypto.so.0.9.8 libnsl.so.1 => /usr/lib/libnsl.so.1 libexpat.so.0 => /usr/local/lib/libexpat.so.0 libsocket.so.1 => /usr/lib/libsocket.so.1 libz.so => /usr/lib/libz.so libc.so.1 => /usr/lib/libc.so.1 libgcc_s.so.1 => /var/gnu/3.4.0/lib/libgcc_s.so.1 libm.so.2 (SUNW_1.2) => (version not found) libc.so.1 (SUNW_1.22) => (version not found) libdl.so.1 => /usr/lib/libdl.so.1 libaio.so.1 => /usr/lib/libaio.so.1 libc.so.1 (SUNW_1.22) => (version not found) libmp.so.2 => /usr/lib/libmp.so.2 libthread.so.1 => /usr/lib/libthread.so.1 /usr/platform/SUNW,Sun-Fire-480R/lib/libc_psr.so.1 The problem lines are highlighted in red. As suggested in www.sunfreeware.com/subversion.html , I ran the following command: ln -s /usr/lib/libm.so.1 /usr/lib/libm.so.2 As libm.so.2 doesn't exist on solaris 8. However, when I try to run: svn help I get the following error: ld.so.1: svn: fatal: libm.so.2: version `SUNW_1.2' not found (required by file /usr/local/lib/libapr-0.so.0) Killed Do you know how I can resolve this? I'm guessing that when libm.so.2 has been sorted out, it will complain about libc.so.1 ... Regards, Dan. _______________________________________________________________________ The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. _____________________________________________________________________ This e-mail has been scanned for viruses by Verizon Business Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com _____________________________________________________________________ This e-mail has been scanned for viruses by Verizon Business Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com _______________________________________________________________________ The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. _____________________________________________________________________ This e-mail has been scanned for viruses by Verizon Business Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From humour_guy_in at yahoo.com Mon Oct 16 11:32:47 2006 From: humour_guy_in at yahoo.com (Naveed) Date: Mon, 16 Oct 2006 04:32:47 -0700 (PDT) Subject: Problem installing RHEL 4.0 hard disk Hitachi SATA 80GB deskstar not detected Message-ID: <20061016113247.761.qmail@web52003.mail.yahoo.com> I am trying to install RHEL 4 , but my SATA Disk driver is not detected and a file system error is encountered. i tried booting with linux 2.6 but still i am getting the same error of file system not detected. i am using ASUS P5WDG2 WS and the Sata disk is connected to the primary IDE. regards humorguy Reply Soon Or I Will Use Capital Letters In My Next Mail.... **~~~~~~~~~^^^^^^^~~~~~~~~~~** I'll Take My Time Anywhere Free to Speak My Mind Anywhere I'll Redefine Anywhere Anywhere I ROAM. **~~~~~~~~~^^^^^^^~~~~~~~~~~** What would u do today, if u knew you would not fail. --------------------------------- Stay in the know. Pulse on the new Yahoo.com. Check it out. -------------- next part -------------- An HTML attachment was scrubbed... URL: From alok.rhct at gmail.com Mon Oct 16 12:17:35 2006 From: alok.rhct at gmail.com (alok pandey) Date: Mon, 16 Oct 2006 17:47:35 +0530 Subject: Problem installing RHEL 4.0 hard disk Hitachi SATA 80GB deskstar not detected In-Reply-To: <20061016113247.761.qmail@web52003.mail.yahoo.com> References: <20061016113247.761.qmail@web52003.mail.yahoo.com> Message-ID: hi Naveed i have also faced the same problem. i have rectified it by making some changes in bios. enter to bios>advance setup> disk setup> search for ATA it be enhanched , change it(to legancy or might be any other option). i m a newbie , hope this will help u. thanks. On 10/16/06, Naveed wrote: > > I am trying to install RHEL 4 , but my SATA Disk driver is not detected > and a file system error is encountered. i tried booting with linux 2.6 but > still i am getting the same error of file system not detected. i am using > ASUS P5WDG2 WS and the Sata disk is connected to the primary IDE. > > regards > humorguy > > > Reply Soon Or I Will Use Capital Letters > In My Next Mail.... > **~~~~~~~~~^^^^^^^~~~~~~~~~~** > I'll Take My Time Anywhere > Free to Speak My Mind Anywhere > I'll Redefine Anywhere > Anywhere I ROAM. > **~~~~~~~~~^^^^^^^~~~~~~~~~~** > What would u do today, if u knew you would not fail. > > ------------------------------ > Stay in the know. Pulse on the new Yahoo.com. Check it out. > > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > > -- Thanks ALOK PANDEY -------------- next part -------------- An HTML attachment was scrubbed... URL: From bret_stern at machinemanagement.com Tue Oct 17 20:16:14 2006 From: bret_stern at machinemanagement.com (Bret Stern) Date: Tue, 17 Oct 2006 13:16:14 -0700 Subject: Adding Users Command line Message-ID: <000001c6f229$18e01f40$6701a8c0@mmbret> When adding users from the (command line) useradd has an option -r which assigns a specific user id. Is it common to explicitly assign a user id? What happens if I don't specifically assign a user id? I'm assuming two users cannot have the same user id, so..how would you know the user id's of all your users? Thanks From bob at bobcatos.com Tue Oct 17 20:27:37 2006 From: bob at bobcatos.com (Bob McClure Jr) Date: Tue, 17 Oct 2006 15:27:37 -0500 Subject: Adding Users Command line In-Reply-To: <000001c6f229$18e01f40$6701a8c0@mmbret> References: <000001c6f229$18e01f40$6701a8c0@mmbret> Message-ID: <20061017202737.GA12080@bobcat.bobcatos.com> On Tue, Oct 17, 2006 at 01:16:14PM -0700, Bret Stern wrote: > > > When adding users from the (command line) > > useradd > > has an option -r which assigns a specific user id. Nope, that tells it to assign a "system-level" user id number, usually less than 500 or 1000. These are designed for pseudo users assigned to subsystems and processes like mysql, procmail, backup, bin, et al. > Is it common to explicitly assign a user id? Only if you want to make it the same as on another system or to force a duplicated UID. > What happens if I don't specifically assign a user id? It takes the next available UID in the desired range. That's usually figured by taking the highest occupied UID in the range and adding one. > I'm assuming two users cannot have the same user id, > so..how would you know the user id's of all your users? You don't need to, but if you must, look at the third field (delimited by ':') in /etc/passwd. Unless you have some good reason to specify a UID, just let the system assign one. > Thanks Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. bob at bobcatos.com http://www.bobcatos.com "Where you go in the hereafter depends on what you were after here." - Thanks to Graffiti, 2 March 2004 From rstevens at vitalstream.com Tue Oct 17 22:52:47 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 17 Oct 2006 15:52:47 -0700 Subject: Adding Users Command line In-Reply-To: <20061017202737.GA12080@bobcat.bobcatos.com> References: <000001c6f229$18e01f40$6701a8c0@mmbret> <20061017202737.GA12080@bobcat.bobcatos.com> Message-ID: <1161125567.22395.88.camel@prophead.corp.publichost.com> On Tue, 2006-10-17 at 15:27 -0500, Bob McClure Jr wrote: > On Tue, Oct 17, 2006 at 01:16:14PM -0700, Bret Stern wrote: > > > > > > When adding users from the (command line) > > > > useradd > > > > has an option -r which assigns a specific user id. > > Nope, that tells it to assign a "system-level" user id number, usually > less than 500 or 1000. These are designed for pseudo users assigned > to subsystems and processes like mysql, procmail, backup, bin, et al. > > > Is it common to explicitly assign a user id? > > Only if you want to make it the same as on another system or to force > a duplicated UID. Or if you relegate ranges of UIDs to specific types of users. > > What happens if I don't specifically assign a user id? > > It takes the next available UID in the desired range. That's usually > figured by taking the highest occupied UID in the range and adding > one. The values used are given in /etc/login.defs. By default, RH/FC use user and group IDs beginning at 500 and ending at 60,000. > > I'm assuming two users cannot have the same user id, > > so..how would you know the user id's of all your users? Well, all files use the UID and GID _numbers_, not names. You could have two users, "barney" and "fred" that both have UID 500. They both own the file. When you do an "ls -l", the FIRST name in the /etc/passwd file with that UID will be shown as the owner. Remember that the the usernames are only important for login. File ownership, permissions, ACLs and the lot are determined by UID and GID numbers, not the names associated with them. > You don't need to, but if you must, look at the third field (delimited > by ':') in /etc/passwd. Unless you have some good reason to specify a > UID, just let the system assign one. If you want to see the user names and their UIDs, as root: # cut -d":" -f1,3 /etc/passwd But as Bobcat says, you really don't need to do this. Let the system sort it out. It's much less likely to make a boo-boo. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Veni, Vidi, VISA: I came, I saw, I did a little shopping. - ---------------------------------------------------------------------- From bret_stern at machinemanagement.com Wed Oct 18 00:59:27 2006 From: bret_stern at machinemanagement.com (Bret Stern) Date: Tue, 17 Oct 2006 17:59:27 -0700 Subject: Adding Users Command line In-Reply-To: <20061017202737.GA12080@bobcat.bobcatos.com> Message-ID: <001401c6f250$a92f6980$6701a8c0@mmbret> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com > [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of > Bob McClure Jr > Sent: Tuesday, October 17, 2006 1:28 PM > To: redhat-install-list at redhat.com > Subject: Re: Adding Users Command line > > On Tue, Oct 17, 2006 at 01:16:14PM -0700, Bret Stern wrote: > > > > > > When adding users from the (command line) > > > > useradd > > > > has an option -r which assigns a specific user id. > > Nope, that tells it to assign a "system-level" user id number, usually > less than 500 or 1000. These are designed for pseudo users assigned > to subsystems and processes like mysql, procmail, backup, bin, et al. > > > Is it common to explicitly assign a user id? > > Only if you want to make it the same as on another system or to force > a duplicated UID. > > > What happens if I don't specifically assign a user id? > > It takes the next available UID in the desired range. That's usually > figured by taking the highest occupied UID in the range and adding > one. > > > I'm assuming two users cannot have the same user id, > > so..how would you know the user id's of all your users? > > You don't need to, but if you must, look at the third field (delimited > by ':') in /etc/passwd. Unless you have some good reason to specify a > UID, just let the system assign one. > > > Thanks > > Cheers, > -- > Bob McClure, Jr. Bobcat Open Systems, Inc. > bob at bobcatos.com http://www.bobcatos.com > "Where you go in the hereafter depends on what you were after here." > - Thanks to Graffiti, 2 March 2004 > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > Thanks for the explanations. I'll look in my programming library for examples of using a user id for processing needs. But for my typical users needs, it's crystal clear now. Again, cheers From humour_guy_in at yahoo.com Wed Oct 18 09:32:30 2006 From: humour_guy_in at yahoo.com (Naveed) Date: Wed, 18 Oct 2006 02:32:30 -0700 (PDT) Subject: Problem installing RHEL 4.0 Hitachi SATA 80GB desksta Message-ID: <20061018093230.10903.qmail@web52007.mail.yahoo.com> I am trying to install RHEL 4 , but my SATA Disk driver is not detected. I am using ASUS P5WDG2 WS and Hitachi deskstar 80gb Sata disk. I tried installing with every possible change in bios. Regards humorguy Reply Soon Or I Will Use Capital Letters In My Next Mail.... **~~~~~~~~~^^^^^^^~~~~~~~~~~** I'll Take My Time Anywhere Free to Speak My Mind Anywhere I'll Redefine Anywhere Anywhere I ROAM. **~~~~~~~~~^^^^^^^~~~~~~~~~~** What would u do today, if u knew you would not fail. --------------------------------- Do you Yahoo!? Get on board. You're invited to try the new Yahoo! Mail. -------------- next part -------------- An HTML attachment was scrubbed... URL: From rahsaan.page at gmail.com Wed Oct 18 18:16:04 2006 From: rahsaan.page at gmail.com (Rahsaan Page) Date: Wed, 18 Oct 2006 14:16:04 -0400 Subject: Redhat-install-list Digest, Vol 32, Issue 9 In-Reply-To: <20061018160030.9FEA3735E7@hormel.redhat.com> References: <20061018160030.9FEA3735E7@hormel.redhat.com> Message-ID: <921c45a0610181116y18277ba2vb702a8ce55d9a9fc@mail.gmail.com> Nothing assigning a user ID wont do anything, the system will assign the User ID with what ever is avaiable, -r isnt for assigning user id (-r This flag is used to create a system account. That is, a user with a UID lower than the value of UID_MIN defined in /etc/login.defs and whose password does not expire. Note that useradd will not create a home directory for such an user, regardless of the default setting in /etc/login.defs. You have to specify -m option if you want a home directory for a system account to be created. This is an option added by Red Hat.) you should use -u if your looking to assign DI. On 10/18/06, redhat-install-list-request at redhat.com < redhat-install-list-request at redhat.com> wrote: > > Send Redhat-install-list mailing list submissions to > redhat-install-list at redhat.com > > To subscribe or unsubscribe via the World Wide Web, visit > https://www.redhat.com/mailman/listinfo/redhat-install-list > or, via email, send a message with subject or body 'help' to > redhat-install-list-request at redhat.com > > You can reach the person managing the list at > redhat-install-list-owner at redhat.com > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Redhat-install-list digest..." > > > Today's Topics: > > 1. Adding Users Command line (Bret Stern) > 2. Re: Adding Users Command line (Bob McClure Jr) > 3. Re: Adding Users Command line (Rick Stevens) > 4. RE: Adding Users Command line (Bret Stern) > 5. Problem installing RHEL 4.0 Hitachi SATA 80GB desksta (Naveed) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 17 Oct 2006 13:16:14 -0700 > From: "Bret Stern" > Subject: Adding Users Command line > To: > Message-ID: <000001c6f229$18e01f40$6701a8c0 at mmbret> > Content-Type: text/plain; charset="us-ascii" > > > > When adding users from the (command line) > > useradd > > has an option -r which assigns a specific user id. > > Is it common to explicitly assign a user id? > > What happens if I don't specifically assign a user id? > > I'm assuming two users cannot have the same user id, > so..how would you know the user id's of all your users? > > Thanks > > > > > > > ------------------------------ > > Message: 2 > Date: Tue, 17 Oct 2006 15:27:37 -0500 > From: Bob McClure Jr > Subject: Re: Adding Users Command line > To: redhat-install-list at redhat.com > Message-ID: <20061017202737.GA12080 at bobcat.bobcatos.com> > Content-Type: text/plain; charset=us-ascii > > On Tue, Oct 17, 2006 at 01:16:14PM -0700, Bret Stern wrote: > > > > > > When adding users from the (command line) > > > > useradd > > > > has an option -r which assigns a specific user id. > > Nope, that tells it to assign a "system-level" user id number, usually > less than 500 or 1000. These are designed for pseudo users assigned > to subsystems and processes like mysql, procmail, backup, bin, et al. > > > Is it common to explicitly assign a user id? > > Only if you want to make it the same as on another system or to force > a duplicated UID. > > > What happens if I don't specifically assign a user id? > > It takes the next available UID in the desired range. That's usually > figured by taking the highest occupied UID in the range and adding > one. > > > I'm assuming two users cannot have the same user id, > > so..how would you know the user id's of all your users? > > You don't need to, but if you must, look at the third field (delimited > by ':') in /etc/passwd. Unless you have some good reason to specify a > UID, just let the system assign one. > > > Thanks > > Cheers, > -- > Bob McClure, Jr. Bobcat Open Systems, Inc. > bob at bobcatos.com http://www.bobcatos.com > "Where you go in the hereafter depends on what you were after here." > - Thanks to Graffiti, 2 March 2004 > > > > ------------------------------ > > Message: 3 > Date: Tue, 17 Oct 2006 15:52:47 -0700 > From: Rick Stevens > Subject: Re: Adding Users Command line > To: Getting started with Red Hat Linux > > Message-ID: <1161125567.22395.88.camel at prophead.corp.publichost.com> > Content-Type: text/plain > > On Tue, 2006-10-17 at 15:27 -0500, Bob McClure Jr wrote: > > On Tue, Oct 17, 2006 at 01:16:14PM -0700, Bret Stern wrote: > > > > > > > > > When adding users from the (command line) > > > > > > useradd > > > > > > has an option -r which assigns a specific user id. > > > > Nope, that tells it to assign a "system-level" user id number, usually > > less than 500 or 1000. These are designed for pseudo users assigned > > to subsystems and processes like mysql, procmail, backup, bin, et al. > > > > > Is it common to explicitly assign a user id? > > > > Only if you want to make it the same as on another system or to force > > a duplicated UID. > > Or if you relegate ranges of UIDs to specific types of users. > > > > > What happens if I don't specifically assign a user id? > > > > It takes the next available UID in the desired range. That's usually > > figured by taking the highest occupied UID in the range and adding > > one. > > The values used are given in /etc/login.defs. By default, RH/FC use > user and group IDs beginning at 500 and ending at 60,000. > > > > I'm assuming two users cannot have the same user id, > > > so..how would you know the user id's of all your users? > > Well, all files use the UID and GID _numbers_, not names. You could > have two users, "barney" and "fred" that both have UID 500. They both > own the file. When you do an "ls -l", the FIRST name in the /etc/passwd > file with that UID will be shown as the owner. > > Remember that the the usernames are only important for login. File > ownership, permissions, ACLs and the lot are determined by UID and GID > numbers, not the names associated with them. > > > You don't need to, but if you must, look at the third field (delimited > > by ':') in /etc/passwd. Unless you have some good reason to specify a > > UID, just let the system assign one. > > If you want to see the user names and their UIDs, as root: > > # cut -d":" -f1,3 /etc/passwd > > But as Bobcat says, you really don't need to do this. Let the system > sort it out. It's much less likely to make a boo-boo. > > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - Veni, Vidi, VISA: I came, I saw, I did a little shopping. - > ---------------------------------------------------------------------- > > > > ------------------------------ > > Message: 4 > Date: Tue, 17 Oct 2006 17:59:27 -0700 > From: "Bret Stern" > Subject: RE: Adding Users Command line > To: "'Getting started with Red Hat Linux'" > > Message-ID: <001401c6f250$a92f6980$6701a8c0 at mmbret> > Content-Type: text/plain; charset="us-ascii" > > > > > -----Original Message----- > > From: redhat-install-list-bounces at redhat.com > > [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of > > Bob McClure Jr > > Sent: Tuesday, October 17, 2006 1:28 PM > > To: redhat-install-list at redhat.com > > Subject: Re: Adding Users Command line > > > > On Tue, Oct 17, 2006 at 01:16:14PM -0700, Bret Stern wrote: > > > > > > > > > When adding users from the (command line) > > > > > > useradd > > > > > > has an option -r which assigns a specific user id. > > > > Nope, that tells it to assign a "system-level" user id number, usually > > less than 500 or 1000. These are designed for pseudo users assigned > > to subsystems and processes like mysql, procmail, backup, bin, et al. > > > > > Is it common to explicitly assign a user id? > > > > Only if you want to make it the same as on another system or to force > > a duplicated UID. > > > > > What happens if I don't specifically assign a user id? > > > > It takes the next available UID in the desired range. That's usually > > figured by taking the highest occupied UID in the range and adding > > one. > > > > > I'm assuming two users cannot have the same user id, > > > so..how would you know the user id's of all your users? > > > > You don't need to, but if you must, look at the third field (delimited > > by ':') in /etc/passwd. Unless you have some good reason to specify a > > UID, just let the system assign one. > > > > > Thanks > > > > Cheers, > > -- > > Bob McClure, Jr. Bobcat Open Systems, Inc. > > bob at bobcatos.com http://www.bobcatos.com > > "Where you go in the hereafter depends on what you were after here." > > - Thanks to Graffiti, 2 March 2004 > > > > _______________________________________________ > > Redhat-install-list mailing list > > Redhat-install-list at redhat.com > > https://www.redhat.com/mailman/listinfo/redhat-install-list > > To Unsubscribe Go To ABOVE URL or send a message to: > > redhat-install-list-request at redhat.com > > Subject: unsubscribe > > > > > Thanks for the explanations. > > I'll look in my programming library for examples of > using a user id for processing needs. But for my typical > users needs, it's crystal clear now. > > Again, cheers > > > > > > > > > ------------------------------ > > Message: 5 > Date: Wed, 18 Oct 2006 02:32:30 -0700 (PDT) > From: Naveed > Subject: Problem installing RHEL 4.0 Hitachi SATA 80GB desksta > To: redhat-install-list at redhat.com > Message-ID: <20061018093230.10903.qmail at web52007.mail.yahoo.com> > Content-Type: text/plain; charset="iso-8859-1" > > I am trying to install RHEL 4 , but my SATA Disk driver is not detected. I > am using ASUS P5WDG2 WS and Hitachi deskstar 80gb Sata disk. I > tried installing with every possible change in bios. > > Regards > humorguy > > Reply Soon Or I Will Use Capital Letters > In My Next Mail.... > **~~~~~~~~~^^^^^^^~~~~~~~~~~** > > I'll Take My Time Anywhere > Free to Speak My Mind Anywhere > I'll Redefine Anywhere > Anywhere I ROAM. > **~~~~~~~~~^^^^^^^~~~~~~~~~~** > What would u do today, if u knew you would not fail. > > > > > > > > > > > > > > > > --------------------------------- > Do you Yahoo!? > Get on board. You're invited to try the new Yahoo! Mail. > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > https://www.redhat.com/archives/redhat-install-list/attachments/20061018/8e23333e/attachment.html > > ------------------------------ > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > > End of Redhat-install-list Digest, Vol 32, Issue 9 > ************************************************** > -- Rahsaan D. Page -------------- next part -------------- An HTML attachment was scrubbed... URL: From rstevens at vitalstream.com Wed Oct 18 18:38:34 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 18 Oct 2006 11:38:34 -0700 Subject: Problem installing RHEL 4.0 Hitachi SATA 80GB desksta In-Reply-To: <20061018093230.10903.qmail@web52007.mail.yahoo.com> References: <20061018093230.10903.qmail@web52007.mail.yahoo.com> Message-ID: <1161196715.22395.124.camel@prophead.corp.publichost.com> On Wed, 2006-10-18 at 02:32 -0700, Naveed wrote: > I am trying to install RHEL 4 , but my SATA Disk driver is not > detected. I am using ASUS P5WDG2 WS and Hitachi deskstar 80gb Sata > disk. I tried installing with every possible change in bios. RHEL4 only supports a limited number of SATA controllers out of the box, and it depends on WHICH version of RHEL4 you have (Update 1, 2, 3, or 4) as to which controllers are supported. If you could be more specific on the motherboard you have and the SATA controller you've got, we might be able to help a bit more. In the mean time, you may want to look at the release notes to see which SATA platforms are supported by the various versions of RHEL4. Here's a link to the various versions of the release notes: http://www.redhat.com/docs/manuals/enterprise/ Scroll down to the "Red hat Enterprise Linux Update x Release Notes" section and click on the appropriate link for your platform. If your controller isn't there, try accessing the website for your motherboard and see if they have an RHEL 4 driver disk. If they do, download it, put it on a floppy and use "linux dd" at the "boot:" command line of the installer. When the installer prompts you for the driver disk, stick it in and you should be good to go. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - We are born naked, wet and hungry. Then things get worse. - ---------------------------------------------------------------------- From bret_stern at machinemanagement.com Thu Oct 19 18:35:36 2006 From: bret_stern at machinemanagement.com (Bret Stern) Date: Thu, 19 Oct 2006 11:35:36 -0700 Subject: console screen messages - Fedora 5 Message-ID: <200610191837.k9JIbn4Z008657@ns2.netmagic.net> What are these messages advising? Should I be concerned? These are displayed on my console login. servant login: audit(1161101072.420:4): avc: denied { search } for pid=2339 comm="vsftpd" name="home" dev=dm-0 ino=6815745 scontext=system_u:system_r:ftpd_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir audit(1161101196.196:5): avc: denied { search } for pid=2383 comm="vsftpd" name="home" dev=dm-0 ino=6815745 scontext=system_u:system_r:ftpd_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir audit(1161101532.669:6): avc: denied { search } for pid=2436 comm="vsftpd" name="home" dev=dm-0 ino=6815745 scontext=system_u:system_r:ftpd_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir From rstevens at vitalstream.com Thu Oct 19 20:17:01 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 19 Oct 2006 13:17:01 -0700 Subject: console screen messages - Fedora 5 In-Reply-To: <200610191837.k9JIbn4Z008657@ns2.netmagic.net> References: <200610191837.k9JIbn4Z008657@ns2.netmagic.net> Message-ID: <1161289021.24439.19.camel@prophead.corp.publichost.com> On Thu, 2006-10-19 at 11:35 -0700, Bret Stern wrote: > What are these messages advising? > > Should I be concerned? > > These are displayed on my console login. > > servant login: audit(1161101072.420:4): avc: denied { search } for > pid=2339 comm="vsftpd" name="home" dev=dm-0 ino=6815745 > scontext=system_u:system_r:ftpd_t:s0 > tcontext=system_u:object_r:home_root_t:s0 tclass=dir > audit(1161101196.196:5): avc: denied { search } for pid=2383 > comm="vsftpd" name="home" dev=dm-0 ino=6815745 > scontext=system_u:system_r:ftpd_t:s0 > tcontext=system_u:object_r:home_root_t:s0 tclass=dir > audit(1161101532.669:6): avc: denied { search } for pid=2436 > comm="vsftpd" name="home" dev=dm-0 ino=6815745 > scontext=system_u:system_r:ftpd_t:s0 > tcontext=system_u:object_r:home_root_t:s0 tclass=dir Those are SELinux messages. FTP users aren't allowed access to their home directories. If you have SELinux in "permissive" mode, then those are just status messages (saying what SELinux _would_ do if it were in enforcing mode). If it is in enforcing mode, then they are indeed being denied access to their home directories. If you want to make them go away, turn off SELinux or enter the following command: # setsebool -P ftp_home_dir 1 See "man ftpd_selinux" for details on other options available to you. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - I don't suffer from insanity...I enjoy every minute of it! - ---------------------------------------------------------------------- From harold at hallikainen.com Tue Oct 24 12:32:28 2006 From: harold at hallikainen.com (Harold Hallikainen) Date: Tue, 24 Oct 2006 05:32:28 -0700 (PDT) Subject: SMTP Attacks Message-ID: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> In the past week, I've seen log entries like this pretty much every day. This is on a Fedora 4 system. I'm running sshblack to get rid of the thousands of ssh breaking attempts and have been using the included bl command to add these ip addresses to the block list (which adds them to iptables with instructions to drop the packets). Is that worthwile? Should I do anything else? Again, these have only started showing up this week. Thanks! Harold WARNING!!!! Possible Attack: Attempt from 235.30.broadband2.iol.cz [83.208.30.235] with: command=HELO/EHLO, count=3: 1 Time(s) Attempt from 46.173.broadband6.iol.cz [88.101.173.46] with: command=HELO/EHLO, count=3: 1 Time(s) Attempt from [12.166.98.246] with: command=HELO/EHLO, count=3: 1 Time(s) Attempt from dslb-082-083-067-104.pools.arcor-ip.net [82.83.67.104] with: command=HELO/EHLO, count=3: 1 Time(s) Attempt from laly-s.bb.netvision.net.il [212.143.166.250] with: command=HELO/EHLO, count=3: 1 Time(s) Attempt from p54BB98E4.dip0.t-ipconnect.de [84.187.152.228] with: command=HELO/EHLO, count=3: 1 Time(s) Total: 6 Time(s) **Unmatched Entries** 87-126-13-210.btc-net.bg [87.126.13.210] (may be forged): possible SMTP attack: command=HELO/EHLO, count=3: 1 Time(s) -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available! From bob at bobcatos.com Tue Oct 24 15:14:47 2006 From: bob at bobcatos.com (Bob McClure Jr) Date: Tue, 24 Oct 2006 10:14:47 -0500 Subject: SMTP Attacks In-Reply-To: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> Message-ID: <20061024151447.GA32623@bobcat.bobcatos.com> On Tue, Oct 24, 2006 at 05:32:28AM -0700, Harold Hallikainen wrote: > In the past week, I've seen log entries like this pretty much every day. > This is on a Fedora 4 system. I'm running sshblack to get rid of the > thousands of ssh breaking attempts and have been using the included bl > command to add these ip addresses to the block list (which adds them to > iptables with instructions to drop the packets). Is that worthwile? Should > I do anything else? Again, these have only started showing up this week. > > Thanks! > > Harold > > WARNING!!!! Possible Attack: > Attempt from 235.30.broadband2.iol.cz [83.208.30.235] with: > command=HELO/EHLO, count=3: 1 Time(s) > Attempt from 46.173.broadband6.iol.cz [88.101.173.46] with: > command=HELO/EHLO, count=3: 1 Time(s) > Attempt from [12.166.98.246] with: > command=HELO/EHLO, count=3: 1 Time(s) > Attempt from dslb-082-083-067-104.pools.arcor-ip.net [82.83.67.104] with: > command=HELO/EHLO, count=3: 1 Time(s) > Attempt from laly-s.bb.netvision.net.il [212.143.166.250] with: > command=HELO/EHLO, count=3: 1 Time(s) > Attempt from p54BB98E4.dip0.t-ipconnect.de [84.187.152.228] with: > command=HELO/EHLO, count=3: 1 Time(s) > Total: 6 Time(s) > > **Unmatched Entries** > 87-126-13-210.btc-net.bg [87.126.13.210] (may be forged): possible > SMTP attack: > command=HELO/EHLO, count=3: 1 Time(s) I'm unclear on this. What does SMTP have to do with SSH? Normally your SMTP server (sendmail, postfix, etc.) is open to the world, though it will pass only what mail it is configured to pass. That said, I use sshblack (checking SSH access) on several of the hosts that I manage, though I have it make an entry in /etc/hosts.deny rather than IPTABLES. I have it set to stop the blighters after six failed tries. The attempts show up in my logwatch reports, and then I do a whois on the IP address (either website or command line) to find out the email address for the abuse contact for that network. Then I send them a nastygram with log excerpts. Because I never expect to need SSH access from a foreign network, I block SSH access to all foreign networks. > -- > FCC Rules Updated Daily at http://www.hallikainen.com - Advertising > opportunities available! Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. bob at bobcatos.com http://www.bobcatos.com "Where you go in the hereafter depends on what you were after here." - Thanks to Graffiti, 2 March 2004 From harold at hallikainen.com Tue Oct 24 15:49:34 2006 From: harold at hallikainen.com (Harold Hallikainen) Date: Tue, 24 Oct 2006 08:49:34 -0700 (PDT) Subject: SMTP Attacks In-Reply-To: <20061024151447.GA32623@bobcat.bobcatos.com> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> Message-ID: <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> > On Tue, Oct 24, 2006 at 05:32:28AM -0700, Harold Hallikainen wrote: >> In the past week, I've seen log entries like this pretty much every day. >> This is on a Fedora 4 system. I'm running sshblack to get rid of the >> thousands of ssh breaking attempts and have been using the included bl >> command to add these ip addresses to the block list (which adds them to >> iptables with instructions to drop the packets). Is that worthwile? >> Should >> I do anything else? Again, these have only started showing up this week. >> >> Thanks! >> >> Harold >> >> WARNING!!!! Possible Attack: >> Attempt from 235.30.broadband2.iol.cz [83.208.30.235] with: >> command=HELO/EHLO, count=3: 1 Time(s) >> Attempt from 46.173.broadband6.iol.cz [88.101.173.46] with: >> command=HELO/EHLO, count=3: 1 Time(s) >> Attempt from [12.166.98.246] with: >> command=HELO/EHLO, count=3: 1 Time(s) >> Attempt from dslb-082-083-067-104.pools.arcor-ip.net [82.83.67.104] >> with: >> command=HELO/EHLO, count=3: 1 Time(s) >> Attempt from laly-s.bb.netvision.net.il [212.143.166.250] with: >> command=HELO/EHLO, count=3: 1 Time(s) >> Attempt from p54BB98E4.dip0.t-ipconnect.de [84.187.152.228] with: >> command=HELO/EHLO, count=3: 1 Time(s) >> Total: 6 Time(s) >> >> **Unmatched Entries** >> 87-126-13-210.btc-net.bg [87.126.13.210] (may be forged): possible >> SMTP attack: >> command=HELO/EHLO, count=3: 1 Time(s) > > I'm unclear on this. What does SMTP have to do with SSH? Normally > your SMTP server (sendmail, postfix, etc.) is open to the world, > though it will pass only what mail it is configured to pass. > > That said, I use sshblack (checking SSH access) on several of the > hosts that I manage, though I have it make an entry in /etc/hosts.deny > rather than IPTABLES. I have it set to stop the blighters after six > failed tries. The attempts show up in my logwatch reports, and then I > do a whois on the IP address (either website or command line) to find > out the email address for the abuse contact for that network. Then I > send them a nastygram with log excerpts. > > Because I never expect to need SSH access from a foreign network, I > block SSH access to all foreign networks. > Sorry if my note was confusing! sshblack is working very well for me blocking ssh attacks. Down from thousands a day to something like 5 from each new IP address that tries (a half dozen a day). I also have another copy of sshblack watching my httpd access log for URLs that contain the word "echo" or have Microsoft directory names in them (WINNT, etc.). These also get added to the drop list in iptables. sshblack includes a simple script called "bl". You use it something like "bl 1.2.3.4" to add IP address 1.2.3.4 to the list of addresses dropped by IP tables. I have been manually adding the IP addresses listed in the suspected SMTP attacks reported in the logs. So, from the log reports above, what's going on? I'm running sendmail on an FC4 system. Anything I need to worry about? THANKS!!!! Harold -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available! From jkinz at kinz.org Tue Oct 24 16:37:35 2006 From: jkinz at kinz.org (Jeff Kinz) Date: Tue, 24 Oct 2006 12:37:35 -0400 Subject: advice needed, strange mail arrangement desired Message-ID: <20061024163735.GA1401@reddog.kinz.org> hi all, I need some advice I am re-architecting my home network to use a more environmental server. The new server uses a lot less power, has a built-in battery power supply, and a much slower hard drive. That's right, it's an old laptop! this "server" will be acting as an IP tables based firewall and an SMTP server. I will be using a much more powerful desktop machine as my personal workstation. I'm trying to arrange my mail delivery system so that the server can receive all the incoming mail but eventually deliberate to my desktop machine, where I will be running procmail and mutt. My MTA is sendmail on the server, and on the desktop machine as well, since I know how to integrate procmail and mutt with it. Here's a simplified schematic: (needs a fixed font for proper display) Cable Modem-->Server(laptop)-->hub-----|--->desktop |--->N other machines so here is my question: The desktop machine will only be running about eight hours a day, maybe 14. So there will be periods of time when mail will becoming into the server and its final destination, the desktop will not be available. Can anyone give me a recommendation about how to configure sendmail on the server so that it won't throw any of the mail that needs to get to the desktop away, and so that as soon as the desktop comes up each morning, or maybe after a three-day weekend, it will instantly, or nearly instantly, or at least very soon thereafter deliver that mail to the desktop? Thanks in advance Jeff Kinz -- this e-mail was created using Dragons NaturallySpeaking. There may be errors, omissions, or additions present. None of those, of course, replace incidents where the author is making stupid mistakes. From David.Mackintosh at xdroop.com Tue Oct 24 16:46:54 2006 From: David.Mackintosh at xdroop.com (David Mackintosh) Date: Tue, 24 Oct 2006 12:46:54 -0400 Subject: advice needed, strange mail arrangement desired In-Reply-To: <20061024163735.GA1401@reddog.kinz.org> References: <20061024163735.GA1401@reddog.kinz.org> Message-ID: <453E437E.3060309@xdroop.com> Jeff Kinz wrote: > hi all, I need some advice > > I am re-architecting my home network to use a more environmental server. > The new server uses a lot less power, has a built-in battery power > supply, and a much slower hard drive. That's right, it's an old laptop! > > this "server" will be acting as an IP tables based firewall > and an SMTP server. I will be using a much more powerful desktop > machine as my personal workstation. > > I'm trying to arrange my mail delivery system so that the server can > receive all the incoming mail but eventually deliberate to my desktop > machine, where I will be running procmail and mutt. My MTA is sendmail > on the server, and on the desktop machine as well, since I know how to > integrate procmail and mutt with it. > > Here's a simplified schematic: (needs a fixed font for proper display) > > > Cable Modem-->Server(laptop)-->hub-----|--->desktop > |--->N other machines > > > so here is my question: > > The desktop machine will only be running about eight hours a day, maybe > 14. So there will be periods of time when mail will becoming into the > server and its final destination, the desktop will not be available. > > Can anyone give me a recommendation about how to configure sendmail on > the server so that it won't throw any of the mail that needs to get to > the desktop away, and so that as soon as the desktop comes up each > morning, or maybe after a three-day weekend, it will instantly, or > nearly instantly, or at least very soon thereafter deliver that mail to > the desktop? > Why does the mail have to be delivered to the desktop? Why not just run an IMAP or POP server on the "server" and read your mail from there? That said, I'd use an IMAP or POP server on the server anyways and use fetchmail to download mail to the desktop if necessary. I am doing this with my ISP -- they collect mail for me, and my system at home goes and grabs it at regular intervals. That way if my systems are down at home the mail just queue's up properly at the ISP. From rstevens at vitalstream.com Tue Oct 24 16:47:21 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 24 Oct 2006 09:47:21 -0700 Subject: SMTP Attacks In-Reply-To: <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> Message-ID: <1161708441.24439.177.camel@prophead.corp.publichost.com> On Tue, 2006-10-24 at 08:49 -0700, Harold Hallikainen wrote: > > On Tue, Oct 24, 2006 at 05:32:28AM -0700, Harold Hallikainen wrote: > >> In the past week, I've seen log entries like this pretty much every day. > >> This is on a Fedora 4 system. I'm running sshblack to get rid of the > >> thousands of ssh breaking attempts and have been using the included bl > >> command to add these ip addresses to the block list (which adds them to > >> iptables with instructions to drop the packets). Is that worthwile? > >> Should > >> I do anything else? Again, these have only started showing up this week. > >> > >> Thanks! > >> > >> Harold > >> > >> WARNING!!!! Possible Attack: > >> Attempt from 235.30.broadband2.iol.cz [83.208.30.235] with: > >> command=HELO/EHLO, count=3: 1 Time(s) > >> Attempt from 46.173.broadband6.iol.cz [88.101.173.46] with: > >> command=HELO/EHLO, count=3: 1 Time(s) > >> Attempt from [12.166.98.246] with: > >> command=HELO/EHLO, count=3: 1 Time(s) > >> Attempt from dslb-082-083-067-104.pools.arcor-ip.net [82.83.67.104] > >> with: > >> command=HELO/EHLO, count=3: 1 Time(s) > >> Attempt from laly-s.bb.netvision.net.il [212.143.166.250] with: > >> command=HELO/EHLO, count=3: 1 Time(s) > >> Attempt from p54BB98E4.dip0.t-ipconnect.de [84.187.152.228] with: > >> command=HELO/EHLO, count=3: 1 Time(s) > >> Total: 6 Time(s) > >> > >> **Unmatched Entries** > >> 87-126-13-210.btc-net.bg [87.126.13.210] (may be forged): possible > >> SMTP attack: > >> command=HELO/EHLO, count=3: 1 Time(s) > > > > I'm unclear on this. What does SMTP have to do with SSH? Normally > > your SMTP server (sendmail, postfix, etc.) is open to the world, > > though it will pass only what mail it is configured to pass. > > > > That said, I use sshblack (checking SSH access) on several of the > > hosts that I manage, though I have it make an entry in /etc/hosts.deny > > rather than IPTABLES. I have it set to stop the blighters after six > > failed tries. The attempts show up in my logwatch reports, and then I > > do a whois on the IP address (either website or command line) to find > > out the email address for the abuse contact for that network. Then I > > send them a nastygram with log excerpts. > > > > Because I never expect to need SSH access from a foreign network, I > > block SSH access to all foreign networks. > > > > > Sorry if my note was confusing! sshblack is working very well for me > blocking ssh attacks. Down from thousands a day to something like 5 from > each new IP address that tries (a half dozen a day). I also have another > copy of sshblack watching my httpd access log for URLs that contain the > word "echo" or have Microsoft directory names in them (WINNT, etc.). These > also get added to the drop list in iptables. > > sshblack includes a simple script called "bl". You use it something like > "bl 1.2.3.4" to add IP address 1.2.3.4 to the list of addresses dropped by > IP tables. I have been manually adding the IP addresses listed in the > suspected SMTP attacks reported in the logs. > > So, from the log reports above, what's going on? I'm running sendmail on > an FC4 system. Anything I need to worry about? This is not untypical behavior for mail servers. What you're seeing are machines trolling around for open relay mail servers. The fact that they're coming from eastern Europe and are using broadband connections is pretty conclusive. For that reason, I have huge parts of eastern Europe, Brazil, Korea, Japan and China blocked (I have at least 12 /8 networks blocked). Welcome to the Internet. :-( ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Microsoft Windows: Proof that P.T. Barnum was right - ---------------------------------------------------------------------- From hemzet at gmx.net Tue Oct 24 17:10:11 2006 From: hemzet at gmx.net (Oliver B.) Date: Tue, 24 Oct 2006 19:10:11 +0200 (CEST) Subject: SMTP Attacks In-Reply-To: <1161708441.24439.177.camel@prophead.corp.publichost.com> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> Message-ID: <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> Hello Rick, could you please post these networks :)!? Thank you Cheers Oliver >> >> In the past week, I've seen log entries like this pretty much every >> day. >> >> This is on a Fedora 4 system. I'm running sshblack to get rid of the >> >> thousands of ssh breaking attempts and have been using the included >> bl >> >> command to add these ip addresses to the block list (which adds them >> to >> >> iptables with instructions to drop the packets). Is that worthwile? >> >> Should >> >> I do anything else? Again, these have only started showing up this >> week. >> >> >> >> Thanks! >> >> >> >> Harold >> >> >> >> WARNING!!!! Possible Attack: >> >> Attempt from 235.30.broadband2.iol.cz [83.208.30.235] with: >> >> command=HELO/EHLO, count=3: 1 Time(s) >> >> Attempt from 46.173.broadband6.iol.cz [88.101.173.46] with: >> >> command=HELO/EHLO, count=3: 1 Time(s) >> >> Attempt from [12.166.98.246] with: >> >> command=HELO/EHLO, count=3: 1 Time(s) >> >> Attempt from dslb-082-083-067-104.pools.arcor-ip.net >> [82.83.67.104] >> >> with: >> >> command=HELO/EHLO, count=3: 1 Time(s) >> >> Attempt from laly-s.bb.netvision.net.il [212.143.166.250] with: >> >> command=HELO/EHLO, count=3: 1 Time(s) >> >> Attempt from p54BB98E4.dip0.t-ipconnect.de [84.187.152.228] with: >> >> command=HELO/EHLO, count=3: 1 Time(s) >> >> Total: 6 Time(s) >> >> >> >> **Unmatched Entries** >> >> 87-126-13-210.btc-net.bg [87.126.13.210] (may be forged): >> possible >> >> SMTP attack: >> >> command=HELO/EHLO, count=3: 1 Time(s) >> > >> > I'm unclear on this. What does SMTP have to do with SSH? Normally >> > your SMTP server (sendmail, postfix, etc.) is open to the world, >> > though it will pass only what mail it is configured to pass. >> > >> > That said, I use sshblack (checking SSH access) on several of the >> > hosts that I manage, though I have it make an entry in /etc/hosts.deny >> > rather than IPTABLES. I have it set to stop the blighters after six >> > failed tries. The attempts show up in my logwatch reports, and then I >> > do a whois on the IP address (either website or command line) to find >> > out the email address for the abuse contact for that network. Then I >> > send them a nastygram with log excerpts. >> > >> > Because I never expect to need SSH access from a foreign network, I >> > block SSH access to all foreign networks. >> > >> >> >> Sorry if my note was confusing! sshblack is working very well for me >> blocking ssh attacks. Down from thousands a day to something like 5 from >> each new IP address that tries (a half dozen a day). I also have another >> copy of sshblack watching my httpd access log for URLs that contain the >> word "echo" or have Microsoft directory names in them (WINNT, etc.). >> These >> also get added to the drop list in iptables. >> >> sshblack includes a simple script called "bl". You use it something like >> "bl 1.2.3.4" to add IP address 1.2.3.4 to the list of addresses dropped >> by >> IP tables. I have been manually adding the IP addresses listed in the >> suspected SMTP attacks reported in the logs. >> >> So, from the log reports above, what's going on? I'm running sendmail on >> an FC4 system. Anything I need to worry about? > > This is not untypical behavior for mail servers. What you're seeing are > machines trolling around for open relay mail servers. The fact that > they're coming from eastern Europe and are using broadband connections > is pretty conclusive. For that reason, I have huge parts of eastern > Europe, Brazil, Korea, Japan and China blocked (I have at least 12 /8 > networks blocked). > > Welcome to the Internet. :-( > > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - Microsoft Windows: Proof that P.T. Barnum was right - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > > From jkinz at kinz.org Tue Oct 24 17:12:37 2006 From: jkinz at kinz.org (Jeff Kinz) Date: Tue, 24 Oct 2006 13:12:37 -0400 Subject: advice needed, strange mail arrangement desired In-Reply-To: <453E437E.3060309@xdroop.com> References: <20061024163735.GA1401@reddog.kinz.org> <453E437E.3060309@xdroop.com> Message-ID: <20061024171237.GA1654@reddog.kinz.org> On Tue, Oct 24, 2006 at 12:46:54PM -0400, David Mackintosh wrote: > Jeff Kinz wrote: > > > >Cable Modem-->Server(laptop)-->hub-----|--->desktop > > |--->N other machines > > > > > >so here is my question: > > > >The desktop machine will only be running about eight hours a day, maybe > >14. So there will be periods of time when mail will becoming into the > >server and its final destination, the desktop will not be available. > > > >Can anyone give me a recommendation about how to configure sendmail on > >the server so that it won't throw any of the mail that needs to get to > >the desktop away, and so that as soon as the desktop comes up each > >morning, or maybe after a three-day weekend, it will instantly, or > >nearly instantly, or at least very soon thereafter deliver that mail to > >the desktop? > > > Why does the mail have to be delivered to the desktop? Why not just run > an IMAP or POP server on the "server" and read your mail from there? Hi David, yes that would be one solution, but that prevents me from running procmail in line with sendmail because of the anti-spam paraphernalia I have accumulated over the years this is my special arrangement and I'm trying not to deviate from it. I map and pop, and fetch mail would all interfere with that. I used fetch mail for years in the 1990s and while it did the job and is a wonderful tool it's a problem when you want to handle mail in a more direct fashion. It can destroy, mask or modify the header information that I specifically want to preserve That's why I specified the requirements above, using sendmail to send to sendmail. > > That said, I'd use an IMAP or POP server on the server anyways and use > fetchmail to download mail to the desktop if necessary. I am doing this > with my ISP -- they collect mail for me, and my system at home goes and > grabs it at regular intervals. That way if my systems are down at home > the mail just queue's up properly at the ISP. -- Jeff Kinz, Emergent Research, Hudson, MA. Speech Recognition Technology was used to create this e-mail From rstevens at vitalstream.com Tue Oct 24 17:32:24 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 24 Oct 2006 10:32:24 -0700 Subject: advice needed, strange mail arrangement desired In-Reply-To: <20061024163735.GA1401@reddog.kinz.org> References: <20061024163735.GA1401@reddog.kinz.org> Message-ID: <1161711144.24439.198.camel@prophead.corp.publichost.com> On Tue, 2006-10-24 at 12:37 -0400, Jeff Kinz wrote: > hi all, I need some advice > > I am re-architecting my home network to use a more environmental server. > The new server uses a lot less power, has a built-in battery power > supply, and a much slower hard drive. That's right, it's an old laptop! > > this "server" will be acting as an IP tables based firewall > and an SMTP server. I will be using a much more powerful desktop > machine as my personal workstation. > > I'm trying to arrange my mail delivery system so that the server can > receive all the incoming mail but eventually deliberate to my desktop > machine, where I will be running procmail and mutt. My MTA is sendmail > on the server, and on the desktop machine as well, since I know how to > integrate procmail and mutt with it. > > Here's a simplified schematic: (needs a fixed font for proper display) > > > Cable Modem-->Server(laptop)-->hub-----|--->desktop > |--->N other machines > > > so here is my question: > > The desktop machine will only be running about eight hours a day, maybe > 14. So there will be periods of time when mail will becoming into the > server and its final destination, the desktop will not be available. > > Can anyone give me a recommendation about how to configure sendmail on > the server so that it won't throw any of the mail that needs to get to > the desktop away, and so that as soon as the desktop comes up each > morning, or maybe after a three-day weekend, it will instantly, or > nearly instantly, or at least very soon thereafter deliver that mail to > the desktop? In this instance the laptop is called a "spooling" mail server and it's not uncommon. However, it's usually used as the secondary MX entry for a domain. If the primary MX machine goes down, mail goes to the secondary machine. As soon as the primary comes back up, the secondary shoots all the mail it queued for the domain to it. This requires two MX entries in DNS for the domain, with the primary set to a low metric value and the secondary to a high metric, e.g. IN MX 10 primary.fred.com IN MX 100 secondary.service.com secondary.service.com must be configured to relay fred.com mail. Well designed spool machines will also set up a separate queue for relay mail, perhaps with different expiration times. Now, if primary.fred.com goes down, the MX records will cause the mail to go to secondary.service.com. secondary will try to relay to primary.fred.com, which will fail. It will continue to try to relay until it succeeds or the bounce time for the messages expires. This probably won't work for you, and it's probably overkill. If you intend to have your desktop pick up the mail from the laptop via fetchmail, there's no big deal. Here's what I'd do: 1. Put an entry in /etc/anacrontab to run fetchmail as the user you want: 1 5 grabmail su username fetchmail This ensures that fetchmail runs at least once a day, and if the machine happened to be off, it'll run 5 minutes after it's rebooted. 2. Add a standard fetchmail to the user's standard crontab: crontab -e username 5 * * * * fetchmail >/dev/null 2>&1 to run fetchmail every 5 minutes. Anyway, you get the idea. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Do you know where _your_ towel is? - ---------------------------------------------------------------------- From rstevens at vitalstream.com Tue Oct 24 17:43:37 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 24 Oct 2006 10:43:37 -0700 Subject: SMTP Attacks In-Reply-To: <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> Message-ID: <1161711817.24439.209.camel@prophead.corp.publichost.com> On Tue, 2006-10-24 at 19:10 +0200, Oliver B. wrote: > Hello Rick, > > could you please post these networks :)!? I'm rather hesitant to post it publicly. I can only say that these are the networks I've had the most trouble with and the ones that have ignored my requests to block such behavior. I'm NOT condemning everyone on these networks, but there seems to be a lot of *ssholes on them. Ah, hell, I'll throw caution to the winds. Here's the iptables rules I've developed: # Block traffic from known spam sources... -A INPUT -s 201.42/15 -p tcp -j DROP -A INPUT -s 200.176.112/21 -p tcp -j DROP -A INPUT -s 202.158.29.0/255.255.255.0 -p tcp -j DROP -A INPUT -s 203.228.187.0/255.255.255.0 -p tcp -j DROP -A INPUT -s 209.223.0.0/255.255.0.0 -p tcp -j DROP -A INPUT -s 218.0.0.0/255.0.0.0 -p tcp -j DROP -A INPUT -s 219.251.88.0/255.255.252.0 -p tcp -j DROP -A INPUT -s 221.0.0.0/8 -p tcp -j DROP -A INPUT -s 64.18.4.10 -p tcp -j DROP -A INPUT -s 59.49.0.0/22 -p tcp -j DROP -A INPUT -s 61.169.0.0/14 -p tcp -j DROP -A INPUT -s 61.52.0.0/14 -p tcp -j DROP -A INPUT -s 61.153.27.0/24 -p tcp -j DROP -A INPUT -s 219.147.177.0/24 -p tcp -j DROP -A INPUT -s 220.160.0.0/14 -p tcp -j DROP -A INPUT -s 201.221.144/20 -p tcp -j DROP -A INPUT -s 61.128.0.0/16 -p tcp -j DROP -A INPUT -s 61.129.0.0/16 -p tcp -j DROP -A INPUT -s 211.0.0.0/8 -p tcp -j DROP -A INPUT -s 220.0.0.0/8 -p tcp -j DROP -A INPUT -s 222.0.0.0/8 -p tcp -j DROP -A INPUT -s 221.0.0.0/8 -p tcp -j DROP -A INPUT -s 218.0.0.0/8 -p tcp -j DROP -A INPUT -s 219.0.0.0/8 -p tcp -j DROP -A INPUT -s 210.0.0.0/8 -p tcp -j DROP -A INPUT -s 193.149.115.0/24 -p tcp -j DROP -A INPUT -s 61.138.0.0/16 -p tcp -j DROP As you can see, there's lots of /8 and /14 entries in there. We don't do much business with the far east or eastern Europe at this time, and if we do then I'll modify the rules. As it stands now, I'm not going to waste my time building lists of individual IP addresses. If I get enough grief from a network, I do a whois on the network and block the whole damned thing. Yes, it's rather draconian, but these bozos should police their network more carefully. We do. > >> >> In the past week, I've seen log entries like this pretty much every > >> day. > >> >> This is on a Fedora 4 system. I'm running sshblack to get rid of the > >> >> thousands of ssh breaking attempts and have been using the included > >> bl > >> >> command to add these ip addresses to the block list (which adds them > >> to > >> >> iptables with instructions to drop the packets). Is that worthwile? > >> >> Should > >> >> I do anything else? Again, these have only started showing up this > >> week. > >> >> > >> >> Thanks! > >> >> > >> >> Harold > >> >> > >> >> WARNING!!!! Possible Attack: > >> >> Attempt from 235.30.broadband2.iol.cz [83.208.30.235] with: > >> >> command=HELO/EHLO, count=3: 1 Time(s) > >> >> Attempt from 46.173.broadband6.iol.cz [88.101.173.46] with: > >> >> command=HELO/EHLO, count=3: 1 Time(s) > >> >> Attempt from [12.166.98.246] with: > >> >> command=HELO/EHLO, count=3: 1 Time(s) > >> >> Attempt from dslb-082-083-067-104.pools.arcor-ip.net > >> [82.83.67.104] > >> >> with: > >> >> command=HELO/EHLO, count=3: 1 Time(s) > >> >> Attempt from laly-s.bb.netvision.net.il [212.143.166.250] with: > >> >> command=HELO/EHLO, count=3: 1 Time(s) > >> >> Attempt from p54BB98E4.dip0.t-ipconnect.de [84.187.152.228] with: > >> >> command=HELO/EHLO, count=3: 1 Time(s) > >> >> Total: 6 Time(s) > >> >> > >> >> **Unmatched Entries** > >> >> 87-126-13-210.btc-net.bg [87.126.13.210] (may be forged): > >> possible > >> >> SMTP attack: > >> >> command=HELO/EHLO, count=3: 1 Time(s) > >> > > >> > I'm unclear on this. What does SMTP have to do with SSH? Normally > >> > your SMTP server (sendmail, postfix, etc.) is open to the world, > >> > though it will pass only what mail it is configured to pass. > >> > > >> > That said, I use sshblack (checking SSH access) on several of the > >> > hosts that I manage, though I have it make an entry in /etc/hosts.deny > >> > rather than IPTABLES. I have it set to stop the blighters after six > >> > failed tries. The attempts show up in my logwatch reports, and then I > >> > do a whois on the IP address (either website or command line) to find > >> > out the email address for the abuse contact for that network. Then I > >> > send them a nastygram with log excerpts. > >> > > >> > Because I never expect to need SSH access from a foreign network, I > >> > block SSH access to all foreign networks. > >> > > >> > >> > >> Sorry if my note was confusing! sshblack is working very well for me > >> blocking ssh attacks. Down from thousands a day to something like 5 from > >> each new IP address that tries (a half dozen a day). I also have another > >> copy of sshblack watching my httpd access log for URLs that contain the > >> word "echo" or have Microsoft directory names in them (WINNT, etc.). > >> These > >> also get added to the drop list in iptables. > >> > >> sshblack includes a simple script called "bl". You use it something like > >> "bl 1.2.3.4" to add IP address 1.2.3.4 to the list of addresses dropped > >> by > >> IP tables. I have been manually adding the IP addresses listed in the > >> suspected SMTP attacks reported in the logs. > >> > >> So, from the log reports above, what's going on? I'm running sendmail on > >> an FC4 system. Anything I need to worry about? > > > > This is not untypical behavior for mail servers. What you're seeing are > > machines trolling around for open relay mail servers. The fact that > > they're coming from eastern Europe and are using broadband connections > > is pretty conclusive. For that reason, I have huge parts of eastern > > Europe, Brazil, Korea, Japan and China blocked (I have at least 12 /8 > > networks blocked). > > > > Welcome to the Internet. :-( > > > > ---------------------------------------------------------------------- > > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > > - VitalStream, Inc. http://www.vitalstream.com - > > - - > > - Microsoft Windows: Proof that P.T. Barnum was right - > > ---------------------------------------------------------------------- > > > > _______________________________________________ > > Redhat-install-list mailing list > > Redhat-install-list at redhat.com > > https://www.redhat.com/mailman/listinfo/redhat-install-list > > To Unsubscribe Go To ABOVE URL or send a message to: > > redhat-install-list-request at redhat.com > > Subject: unsubscribe > > > > > > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - To err is human, to moo bovine. - ---------------------------------------------------------------------- From jkinz at kinz.org Tue Oct 24 17:56:16 2006 From: jkinz at kinz.org (Jeff Kinz) Date: Tue, 24 Oct 2006 13:56:16 -0400 Subject: advice needed, strange mail arrangement desired In-Reply-To: <1161711144.24439.198.camel@prophead.corp.publichost.com> References: <20061024163735.GA1401@reddog.kinz.org> <1161711144.24439.198.camel@prophead.corp.publichost.com> Message-ID: <20061024175616.GA2053@reddog.kinz.org> On Tue, Oct 24, 2006 at 10:32:24AM -0700, Rick Stevens wrote: > On Tue, 2006-10-24 at 12:37 -0400, Jeff Kinz wrote: > > hi all, I need some advice > > > > I am re-architecting my home network to use a more environmental server. > > The new server uses a lot less power, has a built-in battery power > > supply, and a much slower hard drive. That's right, it's an old laptop! > > > > this "server" will be acting as an IP tables based firewall > > and an SMTP server. I will be using a much more powerful desktop > > machine as my personal workstation. > > > > I'm trying to arrange my mail delivery system so that the server can > > receive all the incoming mail but eventually deliberate to my desktop > > machine, where I will be running procmail and mutt. My MTA is sendmail > > on the server, and on the desktop machine as well, since I know how to > > integrate procmail and mutt with it. > > > > Here's a simplified schematic: (needs a fixed font for proper display) > > > > > > Cable Modem-->Server(laptop)-->hub-----|--->desktop > > |--->N other machines > > > > > > so here is my question: > > > > The desktop machine will only be running about eight hours a day, maybe > > 14. So there will be periods of time when mail will becoming into the > > server and its final destination, the desktop will not be available. > > > > Can anyone give me a recommendation about how to configure sendmail on > > the server so that it won't throw any of the mail that needs to get to > > the desktop away, and so that as soon as the desktop comes up each > > morning, or maybe after a three-day weekend, it will instantly, or > > nearly instantly, or at least very soon thereafter deliver that mail to > > the desktop? > > In this instance the laptop is called a "spooling" mail server and > it's not uncommon. However, it's usually used as the secondary MX > entry for a domain. If the primary MX machine goes down, mail goes to > the secondary machine. As soon as the primary comes back up, the > secondary shoots all the mail it queued for the domain to it. This > requires two MX entries in DNS for the domain, with the primary set to > a low metric value and the secondary to a high metric, e.g. > > IN MX 10 primary.fred.com > IN MX 100 secondary.service.com Hi Rick! :-) Both machines are at the same public IP with the server/firewall getting all the port 25 traffic. The desktop machine is not visible from the internet. Are you saying I should forward all port 25 traffic to the desktop during its working hours and then keep port 25 at the server whenever the desktop is down? Then have the server sendmail just keep retrying delivery until the desktop comes back up? That may actually be doable.... Needs a heartbeat and failover script. The failover script would modify the port forwarding on iptables script...... hmmm Perversely - I don't want to loadkill the server while the desktop isn't running and at the same time I want the server to be instantly responsive when the desktop is up. Due to the slow hard drive in the server I want to move as much processing and small email files off the server as possible. btw, the server is running Centos 4.4 (RHEL 4.0 clone) > secondary.service.com must be configured to relay fred.com mail. Well > designed spool machines will also set up a separate queue for relay > mail, perhaps with different expiration times. > > Now, if primary.fred.com goes down, the MX records will cause the mail > to go to secondary.service.com. secondary will try to relay to > primary.fred.com, which will fail. It will continue to try to relay > until it succeeds or the bounce time for the messages expires. > > This probably won't work for you, and it's probably overkill. If you > intend to have your desktop pick up the mail from the laptop via > fetchmail, there's no big deal. Here's what I'd do: > Thanks , but I REALLY don't want fetchmail in the loop, especially when the desktop is up and running. And especially be cause it modifies the mail headers that I want to use procmail on. Also - when working with a customer having to wait 5 extra minutes to get an email would be disruptive during teleconferencing. (I much prefer select to poll.. :-) ) > 1. Put an entry in /etc/anacrontab to run fetchmail as the user you > want: > > 1 5 grabmail su username fetchmail > > This ensures that fetchmail runs at least once a day, and if the machine > happened to be off, it'll run 5 minutes after it's rebooted. > > 2. Add a standard fetchmail to the user's standard crontab: > > crontab -e username > 5 * * * * fetchmail >/dev/null 2>&1 > > to run fetchmail every 5 minutes. > > Anyway, you get the idea. > Indeed i do : poll mail.comcast.net protocol POP3: user foob, with password norkadl7, is jkinz here; options antispam 501 451 is how I get the email that goes to my isp, but 99.999 % comes directly to kinz.org which is highly preferred. From jkinz at kinz.org Tue Oct 24 18:01:26 2006 From: jkinz at kinz.org (Jeff Kinz) Date: Tue, 24 Oct 2006 14:01:26 -0400 Subject: SMTP Attacks In-Reply-To: <1161711817.24439.209.camel@prophead.corp.publichost.com> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> <1161711817.24439.209.camel@prophead.corp.publichost.com> Message-ID: <20061024180126.GB2053@reddog.kinz.org> On Tue, Oct 24, 2006 at 10:43:37AM -0700, Rick Stevens wrote: > I'm rather hesitant to post it publicly. I can only say that these > are the networks I've had the most trouble with and the ones that have > ignored my requests to block such behavior. I'm NOT condemning everyone > on these networks, but there seems to be a lot of *ssholes on them. > > Ah, hell, I'll throw caution to the winds. Here's the iptables rules > I've developed: > > # Block traffic from known spam sources... > -A INPUT -s 201.42/15 -p tcp -j DROP And in other news, Rick Stevens has been named as an additional defendant in I360 Insight's lawsuit against The Spamhaus Project.... :-) > -A INPUT -s 200.176.112/21 -p tcp -j DROP > -A INPUT -s 202.158.29.0/255.255.255.0 -p tcp -j DROP > -A INPUT -s 203.228.187.0/255.255.255.0 -p tcp -j DROP > -A INPUT -s 209.223.0.0/255.255.0.0 -p tcp -j DROP > -A INPUT -s 218.0.0.0/255.0.0.0 -p tcp -j DROP > -A INPUT -s 219.251.88.0/255.255.252.0 -p tcp -j DROP -- This e-mail was created using Dragons NaturallySpeaking. There may be errors, omissions, or additions present. Of course none of those mean the author isn't making stupid mistakes as well. From harold at hallikainen.com Tue Oct 24 18:46:52 2006 From: harold at hallikainen.com (Harold Hallikainen) Date: Tue, 24 Oct 2006 11:46:52 -0700 (PDT) Subject: SMTP Attacks In-Reply-To: <20061024180126.GB2053@reddog.kinz.org> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> <1161711817.24439.209.camel@prophead.corp.publichost.com> <20061024180126.GB2053@reddog.kinz.org> Message-ID: <44029.207.177.227.29.1161715612.squirrel@sujan.hallikainen.org> > On Tue, Oct 24, 2006 at 10:43:37AM -0700, Rick Stevens wrote: >> I'm rather hesitant to post it publicly. I can only say that these >> are the networks I've had the most trouble with and the ones that have >> ignored my requests to block such behavior. I'm NOT condemning everyone >> on these networks, but there seems to be a lot of *ssholes on them. >> >> Ah, hell, I'll throw caution to the winds. Here's the iptables rules >> I've developed: >> >> # Block traffic from known spam sources... >> -A INPUT -s 201.42/15 -p tcp -j DROP > > And in other news, Rick Stevens has been named as an additional > defendant in I360 Insight's lawsuit against The Spamhaus Project.... > > :-) > > >> -A INPUT -s 200.176.112/21 -p tcp -j DROP >> -A INPUT -s 202.158.29.0/255.255.255.0 -p tcp -j DROP >> -A INPUT -s 203.228.187.0/255.255.255.0 -p tcp -j DROP >> -A INPUT -s 209.223.0.0/255.255.0.0 -p tcp -j DROP >> -A INPUT -s 218.0.0.0/255.0.0.0 -p tcp -j DROP >> -A INPUT -s 219.251.88.0/255.255.252.0 -p tcp -j DROP > > I might mess around with another copy of the sshblack script and have it watch the mail logs and block IP addresses that appear to be attacking the server. I already have a copy watching the ssh log and another watching the httpd log. THANKS! Harold -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available! From jkinz at kinz.org Tue Oct 24 19:12:10 2006 From: jkinz at kinz.org (Jeff Kinz) Date: Tue, 24 Oct 2006 15:12:10 -0400 Subject: SMTP Attacks In-Reply-To: <44029.207.177.227.29.1161715612.squirrel@sujan.hallikainen.org> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> <1161711817.24439.209.camel@prophead.corp.publichost.com> <20061024180126.GB2053@reddog.kinz.org> <44029.207.177.227.29.1161715612.squirrel@sujan.hallikainen.org> Message-ID: <20061024191210.GA2777@reddog.kinz.org> On Tue, Oct 24, 2006 at 11:46:52AM -0700, Harold Hallikainen wrote: > I might mess around with another copy of the sshblack script and have it > watch the mail logs and block IP addresses that appear to be attacking the > server. I already have a copy watching the ssh log and another watching > the httpd log. > > THANKS! > > Harold Hi Harold, How many addresses are you blocking? I have heard that iptables will begin to slow the system down a lot once you exceed 500 blocked addresses. Are you running into any problems with this? Jeff Kinz -- This e-mail was created using Dragon's NaturallySpeaking. There may be errors, omissions, or additions present. Of course none of that keeps the author from making stupid mistakes as well. From harold at hallikainen.com Tue Oct 24 19:53:31 2006 From: harold at hallikainen.com (Harold Hallikainen) Date: Tue, 24 Oct 2006 12:53:31 -0700 (PDT) Subject: SMTP Attacks In-Reply-To: <20061024191210.GA2777@reddog.kinz.org> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> <1161711817.24439.209.camel@prophead.corp.publichost.com> <20061024180126.GB2053@reddog.kinz.org> <44029.207.177.227.29.1161715612.squirrel@sujan.hallikainen.org> <20061024191210.GA2777@reddog.kinz.org> Message-ID: <44498.207.177.227.29.1161719611.squirrel@sujan.hallikainen.org> > On Tue, Oct 24, 2006 at 11:46:52AM -0700, Harold Hallikainen wrote: >> I might mess around with another copy of the sshblack script and have it >> watch the mail logs and block IP addresses that appear to be attacking >> the >> server. I already have a copy watching the ssh log and another watching >> the httpd log. >> >> THANKS! >> >> Harold > > Hi Harold, > > How many addresses are you blocking? I have heard that iptables will > begin to slow the system down a lot once you exceed 500 blocked > addresses. > > Are you running into any problems with this? > > Jeff Kinz > There are about 175 blocked IP addresses right now. I block them after three or four bad login attempts on ssh or trying to access some MS file that does not exist on this FC4 machine. I leave them blocked for about a month, then give them another chance. I have not seen excessive load from this, as far as I can tell. I do now and then seem to get runaway loads with a bunch of http accesses simultaneously getting large files. I've minimized this by with robots.txt telling search engines to not index certain directories and to hold off a minute between accesses. Even then, the load can get high at times. The 1 minute load average right now is 11.83 and 15 minute is 10.51. Here's some top output: 6798 apache 25 0 60776 32m 3160 R 10.0 3.3 9:37.14 httpd 6812 apache 25 0 60676 35m 5444 R 10.0 3.5 7:27.65 httpd 6834 apache 25 0 60456 33m 3912 R 10.0 3.3 6:35.63 httpd 6836 apache 25 0 50340 25m 5620 R 10.0 2.5 1:06.80 httpd 6837 apache 25 0 60472 34m 5436 R 10.0 3.5 5:44.70 httpd 6577 apache 25 0 60648 32m 3128 R 9.6 3.3 13:27.84 httpd 6800 apache 25 0 60692 34m 4672 R 7.0 3.4 8:20.07 httpd 6576 apache 25 0 60736 32m 3124 R 6.6 3.3 16:31.16 httpd 6580 apache 25 0 60704 32m 3004 R 6.6 3.3 22:27.48 httpd 6581 apache 25 0 58928 33m 5672 R 6.6 3.4 0:18.49 httpd 6647 apache 25 0 60832 34m 4804 R 6.6 3.5 11:08.25 httpd 6831 apache 25 0 50332 25m 5568 R 6.6 2.5 1:44.65 httpd To keep the machine from crashing (or not accepting mail, which it does when the load average is above 12), I have a script that runs every hour that restarts httpd if the 15 minute average is above 10. This has solved that problem... Harold -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available! From rstevens at vitalstream.com Tue Oct 24 20:55:22 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 24 Oct 2006 13:55:22 -0700 Subject: SMTP Attacks In-Reply-To: <20061024180126.GB2053@reddog.kinz.org> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> <1161711817.24439.209.camel@prophead.corp.publichost.com> <20061024180126.GB2053@reddog.kinz.org> Message-ID: <1161723323.24439.213.camel@prophead.corp.publichost.com> On Tue, 2006-10-24 at 14:01 -0400, Jeff Kinz wrote: > On Tue, Oct 24, 2006 at 10:43:37AM -0700, Rick Stevens wrote: > > I'm rather hesitant to post it publicly. I can only say that these > > are the networks I've had the most trouble with and the ones that have > > ignored my requests to block such behavior. I'm NOT condemning everyone > > on these networks, but there seems to be a lot of *ssholes on them. > > > > Ah, hell, I'll throw caution to the winds. Here's the iptables rules > > I've developed: > > > > # Block traffic from known spam sources... > > -A INPUT -s 201.42/15 -p tcp -j DROP > > And in other news, Rick Stevens has been named as an additional > defendant in I360 Insight's lawsuit against The Spamhaus Project.... > > :-) Har! Nah, I don't publicly blacklist them...I just don't let them into our network...and there are a few specific holes in that list for legitimate servers that I know about. Spamhaus, however, are Nazis and should be sued. > > -A INPUT -s 200.176.112/21 -p tcp -j DROP > > -A INPUT -s 202.158.29.0/255.255.255.0 -p tcp -j DROP > > -A INPUT -s 203.228.187.0/255.255.255.0 -p tcp -j DROP > > -A INPUT -s 209.223.0.0/255.255.0.0 -p tcp -j DROP > > -A INPUT -s 218.0.0.0/255.0.0.0 -p tcp -j DROP > > -A INPUT -s 219.251.88.0/255.255.252.0 -p tcp -j DROP > > ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - 500: Internal Fortune Cookie Error - ---------------------------------------------------------------------- From rstevens at vitalstream.com Tue Oct 24 21:01:16 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 24 Oct 2006 14:01:16 -0700 Subject: SMTP Attacks In-Reply-To: <44029.207.177.227.29.1161715612.squirrel@sujan.hallikainen.org> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> <1161711817.24439.209.camel@prophead.corp.publichost.com> <20061024180126.GB2053@reddog.kinz.org> <44029.207.177.227.29.1161715612.squirrel@sujan.hallikainen.org> Message-ID: <1161723676.24439.216.camel@prophead.corp.publichost.com> On Tue, 2006-10-24 at 11:46 -0700, Harold Hallikainen wrote: > > On Tue, Oct 24, 2006 at 10:43:37AM -0700, Rick Stevens wrote: > >> I'm rather hesitant to post it publicly. I can only say that these > >> are the networks I've had the most trouble with and the ones that have > >> ignored my requests to block such behavior. I'm NOT condemning everyone > >> on these networks, but there seems to be a lot of *ssholes on them. > >> > >> Ah, hell, I'll throw caution to the winds. Here's the iptables rules > >> I've developed: > >> > >> # Block traffic from known spam sources... > >> -A INPUT -s 201.42/15 -p tcp -j DROP > > > > And in other news, Rick Stevens has been named as an additional > > defendant in I360 Insight's lawsuit against The Spamhaus Project.... > > > > :-) > > > > > >> -A INPUT -s 200.176.112/21 -p tcp -j DROP > >> -A INPUT -s 202.158.29.0/255.255.255.0 -p tcp -j DROP > >> -A INPUT -s 203.228.187.0/255.255.255.0 -p tcp -j DROP > >> -A INPUT -s 209.223.0.0/255.255.0.0 -p tcp -j DROP > >> -A INPUT -s 218.0.0.0/255.0.0.0 -p tcp -j DROP > >> -A INPUT -s 219.251.88.0/255.255.252.0 -p tcp -j DROP > > > > > > I might mess around with another copy of the sshblack script and have it > watch the mail logs and block IP addresses that appear to be attacking the > server. I already have a copy watching the ssh log and another watching > the httpd log. There's a pretty cool iptables thing that will watch for X connections from a specific IP in a given time period and will automatically block that IP for some length of time. See this link: http://www.netfilter.org/documentation/HOWTO/netfilter-extensions-HOWTO-3.html#ss3.16 ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - I was married by a judge. I should have asked for a jury. - - -- Groucho Marx - ---------------------------------------------------------------------- From rstevens at vitalstream.com Tue Oct 24 21:17:14 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 24 Oct 2006 14:17:14 -0700 Subject: advice needed, strange mail arrangement desired In-Reply-To: <20061024175616.GA2053@reddog.kinz.org> References: <20061024163735.GA1401@reddog.kinz.org> <1161711144.24439.198.camel@prophead.corp.publichost.com> <20061024175616.GA2053@reddog.kinz.org> Message-ID: <1161724634.24439.227.camel@prophead.corp.publichost.com> On Tue, 2006-10-24 at 13:56 -0400, Jeff Kinz wrote: > On Tue, Oct 24, 2006 at 10:32:24AM -0700, Rick Stevens wrote: > > > On Tue, 2006-10-24 at 12:37 -0400, Jeff Kinz wrote: > > > hi all, I need some advice > > > > > > I am re-architecting my home network to use a more environmental server. > > > The new server uses a lot less power, has a built-in battery power > > > supply, and a much slower hard drive. That's right, it's an old laptop! > > > > > > this "server" will be acting as an IP tables based firewall > > > and an SMTP server. I will be using a much more powerful desktop > > > machine as my personal workstation. > > > > > > I'm trying to arrange my mail delivery system so that the server can > > > receive all the incoming mail but eventually deliberate to my desktop > > > machine, where I will be running procmail and mutt. My MTA is sendmail > > > on the server, and on the desktop machine as well, since I know how to > > > integrate procmail and mutt with it. > > > > > > Here's a simplified schematic: (needs a fixed font for proper display) > > > > > > > > > Cable Modem-->Server(laptop)-->hub-----|--->desktop > > > |--->N other machines > > > > > > > > > so here is my question: > > > > > > The desktop machine will only be running about eight hours a day, maybe > > > 14. So there will be periods of time when mail will becoming into the > > > server and its final destination, the desktop will not be available. > > > > > > Can anyone give me a recommendation about how to configure sendmail on > > > the server so that it won't throw any of the mail that needs to get to > > > the desktop away, and so that as soon as the desktop comes up each > > > morning, or maybe after a three-day weekend, it will instantly, or > > > nearly instantly, or at least very soon thereafter deliver that mail to > > > the desktop? > > > > In this instance the laptop is called a "spooling" mail server and > > it's not uncommon. However, it's usually used as the secondary MX > > entry for a domain. If the primary MX machine goes down, mail goes to > > the secondary machine. As soon as the primary comes back up, the > > secondary shoots all the mail it queued for the domain to it. This > > requires two MX entries in DNS for the domain, with the primary set to > > a low metric value and the secondary to a high metric, e.g. > > > > IN MX 10 primary.fred.com > > IN MX 100 secondary.service.com > > Hi Rick! :-) Hi, yourself! > Both machines are at the same public IP with the server/firewall getting > all the port 25 traffic. The desktop machine is not visible from the > internet. Are you saying I should forward all port 25 traffic to the > desktop during its working hours and then keep port 25 at the server > whenever the desktop is down? Then have the server sendmail just keep > retrying delivery until the desktop comes back up? That may actually be > doable.... Needs a heartbeat and failover script. That sure would work. Another thing is to simply have the server set up as the MX for your domain all the time and add appropriate entries in the user database to forward the mail directly to your desktop when it comes up. So, the mail sent to "fred at bedrock.com" comes to the laptop. The laptop transforms it to "fred at desktop.bedrock.com" and _tries_ to forward it to "desktop". It's down, so it keeps retrying until it comes up. And Bob's your uncle! That's what a spooler is for. > The failover script would modify the port forwarding on iptables > script...... hmmm > > Perversely - I don't want to loadkill the server while the desktop > isn't running and at the same time I want the server to be instantly > responsive when the desktop is up. Due to the slow hard drive in the > server I want to move as much processing and small email files off the > server as possible. btw, the server is running Centos 4.4 (RHEL 4.0 > clone) Do you get tons of mail while the desktop is off? I ask because the actual TCP transfer of mail is reasonably slow and the performance of the disk probably wouldn't be an issue--you'd be more I/O bound from the network side rather than the storage side. The size of the disk may be a problem if you do get lots of mail however. > > secondary.service.com must be configured to relay fred.com mail. Well > > designed spool machines will also set up a separate queue for relay > > mail, perhaps with different expiration times. > > > > Now, if primary.fred.com goes down, the MX records will cause the mail > > to go to secondary.service.com. secondary will try to relay to > > primary.fred.com, which will fail. It will continue to try to relay > > until it succeeds or the bounce time for the messages expires. > > > > This probably won't work for you, and it's probably overkill. If you > > intend to have your desktop pick up the mail from the laptop via > > fetchmail, there's no big deal. Here's what I'd do: > > > > Thanks , but I REALLY don't want fetchmail in the loop, > especially when the desktop is up and running. And especially be cause it > modifies the mail headers that I want to use procmail on. > Also - when working with a customer having to wait 5 extra > minutes to get an email would be disruptive during teleconferencing. > (I much prefer select to poll.. :-) ) Unless you have the kernel bug that causes select() calls to not return if you hit the "magic window" around midnight GMT. :-) I don't think Linux ever had that bug, but BSD and Solaris did for a long time! > > 1. Put an entry in /etc/anacrontab to run fetchmail as the user you > > want: > > > > 1 5 grabmail su username fetchmail > > > > This ensures that fetchmail runs at least once a day, and if the machine > > happened to be off, it'll run 5 minutes after it's rebooted. > > > > 2. Add a standard fetchmail to the user's standard crontab: > > > > crontab -e username > > 5 * * * * fetchmail >/dev/null 2>&1 > > > > to run fetchmail every 5 minutes. > > > > Anyway, you get the idea. > > > > Indeed i do : > poll mail.comcast.net protocol POP3: user foob, with password norkadl7, is jkinz here; options antispam 501 451 > is how I get the email that goes to my isp, but 99.999 % comes > directly to kinz.org which is highly preferred. Yup. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - The gene pool could use a little chlorine. - ---------------------------------------------------------------------- From jkinz at kinz.org Wed Oct 25 02:41:28 2006 From: jkinz at kinz.org (Jeff Kinz) Date: Tue, 24 Oct 2006 22:41:28 -0400 Subject: advice needed, strange mail arrangement desired In-Reply-To: <1161724634.24439.227.camel@prophead.corp.publichost.com> References: <20061024163735.GA1401@reddog.kinz.org> <1161711144.24439.198.camel@prophead.corp.publichost.com> <20061024175616.GA2053@reddog.kinz.org> <1161724634.24439.227.camel@prophead.corp.publichost.com> Message-ID: <20061025024128.GA4891@reddog.kinz.org> On Tue, Oct 24, 2006 at 02:17:14PM -0700, Rick Stevens wrote: > On Tue, 2006-10-24 at 13:56 -0400, Jeff Kinz wrote: > > On Tue, Oct 24, 2006 at 10:32:24AM -0700, Rick Stevens wrote: > > > On Tue, 2006-10-24 at 12:37 -0400, Jeff Kinz wrote: > > Hi Rick! :-) > > Hi, yourself! > > > Both machines are at the same public IP with the server/firewall getting > > all the port 25 traffic. The desktop machine is not visible from the > > internet. Are you saying I should forward all port 25 traffic to the > > desktop during its working hours and then keep port 25 at the server > > whenever the desktop is down? Then have the server sendmail just keep > > retrying delivery until the desktop comes back up? That may actually be > > doable.... Needs a heartbeat and failover script. > > That sure would work. Another thing is to simply have the server set > up as the MX for your domain all the time and add appropriate entries > in the user database to forward the mail directly to your desktop when > it comes up. So, the mail sent to "fred at bedrock.com" comes to the > laptop. The laptop transforms it to "fred at desktop.bedrock.com" and > _tries_ to forward it to "desktop". It's down, so it keeps retrying > until it comes up. And Bob's your uncle! That's what a spooler is > for. umm, gee thats a lot less work than developing a set of heartbeat and failover scripts, isn't it?... :-) No, I want to do it hard way........ NOT! Rick, thats exactly what I need. > Do you get tons of mail while the desktop is off? I ask because the > actual TCP transfer of mail is reasonably slow and the performance of > the disk probably wouldn't be an issue--you'd be more I/O bound from > the network side rather than the storage side. The size of the disk may > be a problem if you do get lots of mail however. Well, I do get most of my spam when Asia is up and working... :-) but - The real issue is accessing mail. What used to take mutt a few seconds to open on my big honkin SATA desktop drives can take 3 to 5 minutes on this poor little lappy. since I'll be working from my desktop anyway, it makes sense to have the mail files and mail client there as well. To make things even more painful, whenever mutt tries to update, it can take the same 3-5 minutes of ignoring the keyboard to do that before I can get it back to what I want it doing. The ironic part is the laptop has a 2.1 GHz CPU and the desktop's is 1.17 Ghz. > > (I much prefer select to poll.. :-) ) > > Unless you have the kernel bug that causes select() calls to not return > if you hit the "magic window" around midnight GMT. :-) I don't think > Linux ever had that bug, but BSD and Solaris did for a long time! heh - just the thing for a cabal of witches! -- This e-mail was created using Dragon's NaturallySpeaking. There may be errors, omissions, or additions present. Of course none of that keeps the author from making stupid mistakes as well. From akelly at corisweb.org Wed Oct 25 13:18:58 2006 From: akelly at corisweb.org (Andrew Kelly) Date: Wed, 25 Oct 2006 15:18:58 +0200 Subject: Here's a puzzler Message-ID: <1161782338.2640.36.camel@localhost.localdomain> I wonder if anybody here has seen enough obscure, esoteric error conditions to be able to debug this oddity on first symptom. Rick maybe? Hope somebody has seen it before. My desktop is running FC4, iptables set to ACCEPT across the board. I'm in a LAN behind a Windows Proxy (sound of retching). I have several external servers that I maintain. They're running RH 7.3, RH 9.0, Debian Woody, Debian Sarge, and there's an oddball SuSE box. I connect to them all via ssh and have been doing so without problem for ages. At the moment I'm configuring 2 newly acquired hosts that have just been handed to me and having a bit of a baffle. They are running the current stable Debian (sarge) and doing everything I'd expect them too, UNLESS I try to reach them from my workstation. From any of my other servers, I get ping responses, can make ssh connections, the whole gamut. >From my workstation, pings return no response. An attempt to start an ssh session dies a timeout death. I get this far: OpenSSH_4.2p1, OpenSSL 0.9.7f 22 Mar 2005 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to chokma [84.214.xx.xxx] port 22. and no farther (the IP is correct, I've just added the x's because of local policy). I can verify that it is not a proxy problem, because if I boot my workstation into XP (repeat previous sound) I can connect just fine with PuTTY. Also, I can connect perfectly from another linux box within my LAN. So, it's only my workstation, only when I'm booted into FC4 and only when I try to contact the 2 newest servers. There are no firewalls in place on either end of the connection. What is going on? Andy From rstevens at vitalstream.com Wed Oct 25 21:21:00 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 25 Oct 2006 14:21:00 -0700 Subject: Here's a puzzler In-Reply-To: <1161782338.2640.36.camel@localhost.localdomain> References: <1161782338.2640.36.camel@localhost.localdomain> Message-ID: <1161811260.24439.262.camel@prophead.corp.publichost.com> On Wed, 2006-10-25 at 15:18 +0200, Andrew Kelly wrote: > I wonder if anybody here has seen enough obscure, esoteric error > conditions to be able to debug this oddity on first symptom. Rick maybe? > Hope somebody has seen it before. > > My desktop is running FC4, iptables set to ACCEPT across the board. > I'm in a LAN behind a Windows Proxy (sound of retching). > > I have several external servers that I maintain. They're running RH 7.3, > RH 9.0, Debian Woody, Debian Sarge, and there's an oddball SuSE box. I > connect to them all via ssh and have been doing so without problem for > ages. > At the moment I'm configuring 2 newly acquired hosts that have just been > handed to me and having a bit of a baffle. They are running the current > stable Debian (sarge) and doing everything I'd expect them too, UNLESS I > try to reach them from my workstation. From any of my other servers, I > get ping responses, can make ssh connections, the whole gamut. > >From my workstation, pings return no response. An attempt to start an > ssh session dies a timeout death. I get this far: > OpenSSH_4.2p1, OpenSSL 0.9.7f 22 Mar 2005 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Applying options for * > debug1: Connecting to chokma [84.214.xx.xxx] port 22. > > and no farther (the IP is correct, I've just added the x's because of > local policy). > > I can verify that it is not a proxy problem, because if I boot my > workstation into XP (repeat previous sound) I can connect just fine with > PuTTY. Also, I can connect perfectly from another linux box within my > LAN. > > So, it's only my workstation, only when I'm booted into FC4 and only > when I try to contact the 2 newest servers. There are no firewalls in > place on either end of the connection. > > What is going on? Well, this is a Red Hat list, not a Debian list, but here are some things to check: 1. Make ABSOLUTELY sure that iptables isn't running on the Debian boxes ("# iptables -L -n" and make sure no rules show up). 2. Check the /etc/hosts.allow and /etc/hosts.deny files and verify that they're empty or that they allow your machine in. 3. Check the /etc/ssh/sshd_config file and verify that it allows your authentication methods and does not depend on DNS lookups (in case your DNS isn't working correctly). ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Change is inevitable, except from a vending machine. - ---------------------------------------------------------------------- From akelly at corisweb.org Thu Oct 26 07:39:03 2006 From: akelly at corisweb.org (Andrew Kelly) Date: Thu, 26 Oct 2006 09:39:03 +0200 Subject: Here's a puzzler In-Reply-To: <1161811260.24439.262.camel@prophead.corp.publichost.com> References: <1161782338.2640.36.camel@localhost.localdomain> <1161811260.24439.262.camel@prophead.corp.publichost.com> Message-ID: <1161848343.2641.26.camel@localhost.localdomain> Hi Rick, thanks for answering. On Wed, 2006-10-25 at 14:21 -0700, Rick Stevens wrote: > On Wed, 2006-10-25 at 15:18 +0200, Andrew Kelly wrote: > > I wonder if anybody here has seen enough obscure, esoteric error > > conditions to be able to debug this oddity on first symptom. Rick maybe? > > Hope somebody has seen it before. > > > > My desktop is running FC4, iptables set to ACCEPT across the board. > > I'm in a LAN behind a Windows Proxy (sound of retching). > > > > I have several external servers that I maintain. They're running RH 7.3, > > RH 9.0, Debian Woody, Debian Sarge, and there's an oddball SuSE box. I > > connect to them all via ssh and have been doing so without problem for > > ages. > > At the moment I'm configuring 2 newly acquired hosts that have just been > > handed to me and having a bit of a baffle. They are running the current > > stable Debian (sarge) and doing everything I'd expect them too, UNLESS I > > try to reach them from my workstation. From any of my other servers, I > > get ping responses, can make ssh connections, the whole gamut. > > >From my workstation, pings return no response. An attempt to start an > > ssh session dies a timeout death. I get this far: > > OpenSSH_4.2p1, OpenSSL 0.9.7f 22 Mar 2005 > > debug1: Reading configuration data /etc/ssh/ssh_config > > debug1: Applying options for * > > debug1: Connecting to chokma [84.214.xx.xxx] port 22. > > > > and no farther (the IP is correct, I've just added the x's because of > > local policy). > > > > I can verify that it is not a proxy problem, because if I boot my > > workstation into XP (repeat previous sound) I can connect just fine with > > PuTTY. Also, I can connect perfectly from another linux box within my > > LAN. > > > > So, it's only my workstation, only when I'm booted into FC4 and only > > when I try to contact the 2 newest servers. There are no firewalls in > > place on either end of the connection. > > > > What is going on? > > Well, this is a Red Hat list, not a Debian list, but here are some > things to check: Yes, I'm aware of that. The problem is not with the Debian servers, but with the FC4 client. I can connect to the servers from any other machine to which I have access, AND I can connect to the machines from the workstation in question when it is booted into XP. But when the workstation is booted into FC4 it cannot establish a ssh connection to those 2 servers, although it can connect to any of the other servers, be they FC, SuSE, Debian, RH or Gentoo. > 1. Make ABSOLUTELY sure that iptables isn't running on the Debian boxes > ("# iptables -L -n" and make sure no rules show up). As I already stated, this is the case, and I can verify again that there are zero iptable rules in place on either the client or the remote host. > 2. Check the /etc/hosts.allow and /etc/hosts.deny files and verify that > they're empty or that they allow your machine in. Empty and unused at both ends of the connection. > 3. Check the /etc/ssh/sshd_config file and verify that it allows your > authentication methods and does not depend on DNS lookups (in case > your DNS isn't working correctly). The sshd_config files are identical across 4 machines. Two of them can be accessed without problem and the other 2 are why I have posted this query. As visible in the results of running ssh -v which were included in the query are are still included above, resolution is not the issue. ssh -v offers me no useful information. Strace ssh offers me more info, but none useful. It simply verifies that the client call eventually dies with a timeout. The only real difference between machines I can reach and the 2 I can't is that the reachable machines are a bit older and are running 2.4 kernels whereas the ones being stinkers are running 2.6. I don't want to point my finger at the servers, though, because they are behaving perfectly when accessed from any other machine, including my laptop through a public hotspot connection. It is really ONLY the FC4 client which appears not to be receiving responses. And the part I find the weirdest is that when the client is booted into XP it reaches the hosts just fine. The client has the same IP regardless of the OS it boots. The LAN proxy NATs correctly regardless of OS on the client. If it were an iptables issue on the client, then I don't understand why it can reach any other host it attempts to contact. I'm at the end of my kung fu over here. Andy From akelly at corisweb.org Thu Oct 26 08:10:28 2006 From: akelly at corisweb.org (Andrew Kelly) Date: Thu, 26 Oct 2006 10:10:28 +0200 Subject: Here's a puzzler In-Reply-To: <1161848343.2641.26.camel@localhost.localdomain> References: <1161782338.2640.36.camel@localhost.localdomain> <1161811260.24439.262.camel@prophead.corp.publichost.com> <1161848343.2641.26.camel@localhost.localdomain> Message-ID: <1161850228.4460.1.camel@localhost.localdomain> Right, problem solved. Pilot error. Embarrassing. Please return to your regularly scheduled programs. Andy From bret_stern at machinemanagement.com Thu Oct 26 19:20:35 2006 From: bret_stern at machinemanagement.com (Bret Stern) Date: Thu, 26 Oct 2006 12:20:35 -0700 Subject: paypal scam - tracing link Message-ID: <000001c6f933$d10ce790$6801a8c0@mmbret> Afternoon, Can anyone suggest how to find and delete these files which show up during a locate command. I've looked in the folders below (where the locate command found them), but cannot find the files. Any help would be appreciated. Bret Stern /usr/local/apache/htdocs/www.paypal.com /usr/local/apache/htdocs/www.paypal.com/cgi-bin /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/addr.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/go1.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/go1click.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/hide /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/hide/navmenu.js /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/hide/session.js /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/hide/showDemo.js /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/hide/spacer.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/ie2.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/index.html /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login.db /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login.php /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/arrow_red.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/arrow_red2.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/bbarleft.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/bbarmiddle.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/bbarright.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/blackdotlist.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/ConnectionSecured.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/conversionWelcome.js /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/EnrollToday.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/footer_curve.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/global.css /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/login.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/logo.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/logon.js /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/MemberFDIC.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/showDemo.js /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/spacer.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/TakeATour.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/Thumbs.db /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login_files/top_nav.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/bg.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/paypal_logo.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/pixel.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/pp_main.js /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/pp_styles_111402.css /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/pp_table_styles.css /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/P_off_auction_tools.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/P_off_merchant_tools.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/P_off_request_money.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/P_off_send_money.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/P_off_welcome.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/secure_lock_2.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/Thumbs.db /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf/bg.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf/paypal_logo.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf/pixel.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf/pp_main.js /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf/pp_styles_111402.css /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf/pp_table_styles.css /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf/P_off_auction_tools.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf/P_off_merchant_tools.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf/P_off_request_money.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf/P_off_send_money.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf/P_off_welcome.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/PayPal - Log In_files/_vti_cnf/secure_lock_2.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/pdown.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/pdowncli.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/period_ani.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/Processing.htm /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/protect.htm /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/protect.php /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/protect_files /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/protect_files/bg_clk.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/protect_files/paypal_logo.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/protect_files/pixel.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/protect_files/pp_main.js /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/protect_files/pp_styles_111402.css /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/protect_files/pp_table_styles.css /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/protect_files/_vti_cnf /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/protect_files/_vti_cnf/pixel.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/ress.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/sline.gif /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/sysdll.php /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/update.php /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/_login-submit.htm /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/login.html /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates -paypal/cc.db From bob at bobcatos.com Thu Oct 26 19:36:12 2006 From: bob at bobcatos.com (Bob McClure Jr) Date: Thu, 26 Oct 2006 14:36:12 -0500 Subject: paypal scam - tracing link In-Reply-To: <000001c6f933$d10ce790$6801a8c0@mmbret> References: <000001c6f933$d10ce790$6801a8c0@mmbret> Message-ID: <20061026193612.GA3585@bobcat.bobcatos.com> On Thu, Oct 26, 2006 at 12:20:35PM -0700, Bret Stern wrote: > Afternoon, > > Can anyone suggest how to find and delete these files which show up > during a locate command. > > I've looked in the folders below (where the locate command found > them), but cannot find the files. > > Any help would be appreciated. > > Bret Stern > > /usr/local/apache/htdocs/www.paypal.com > /usr/local/apache/htdocs/www.paypal.com/cgi-bin > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates > -paypal > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates > -paypal/addr.gif > > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates > -paypal/update.php > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates > -paypal/_login-submit.htm > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates > -paypal/login.html > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run/updates > -paypal/cc.db The database that "locate" works from is built a little after 4am every day. So it looks like the files were there then, but not now. As root, run "updatedb" to rebuild the database, and see if the problem still exists. The next question, of course, is, has your machine been cracked by a phisher? Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. bob at bobcatos.com http://www.bobcatos.com "Where you go in the hereafter depends on what you were after here." - Thanks to Graffiti, 2 March 2004 From bret_stern at machinemanagement.com Thu Oct 26 19:42:17 2006 From: bret_stern at machinemanagement.com (Bret Stern) Date: Thu, 26 Oct 2006 12:42:17 -0700 Subject: paypal scam - tracing link In-Reply-To: <20061026193612.GA3585@bobcat.bobcatos.com> Message-ID: <000001c6f936$d8201810$6801a8c0@mmbret> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com > [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of > Bob McClure Jr > Sent: Thursday, October 26, 2006 12:36 PM > To: redhat-install-list at redhat.com > Subject: Re: paypal scam - tracing link > > On Thu, Oct 26, 2006 at 12:20:35PM -0700, Bret Stern wrote: > > Afternoon, > > > > Can anyone suggest how to find and delete these files which show up > > during a locate command. > > > > I've looked in the folders below (where the locate command found > > them), but cannot find the files. > > > > Any help would be appreciated. > > > > Bret Stern > > > > /usr/local/apache/htdocs/www.paypal.com > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log in-run/updates > > -paypal > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log in-run/updates > > -paypal/addr.gif > > > > > > > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log in-run/updates > > -paypal/update.php > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log in-run/updates > > -paypal/_login-submit.htm > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log in-run/updates > > -paypal/login.html > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log in-run/updates > > -paypal/cc.db > > The database that "locate" works from is built a little after 4am > every day. So it looks like the files were there then, but not now. > As root, run "updatedb" to rebuild the database, and see if the > problem still exists. > > The next question, of course, is, has your machine been cracked by a > phisher? It was not my machine, but it is true. This was a re-creation of paypal.com created on a customers host. so the next question.. how was this accomplished. Did someone actually guess the password, or are there other ways..including insided folks, or other?? > > Cheers, > -- > Bob McClure, Jr. Bobcat Open Systems, Inc. > bob at bobcatos.com http://www.bobcatos.com > "Where you go in the hereafter depends on what you were after here." > - Thanks to Graffiti, 2 March 2004 > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From harold at hallikainen.com Thu Oct 26 19:58:55 2006 From: harold at hallikainen.com (Harold Hallikainen) Date: Thu, 26 Oct 2006 12:58:55 -0700 (PDT) Subject: paypal scam - tracing link In-Reply-To: <000001c6f936$d8201810$6801a8c0@mmbret> References: <000001c6f936$d8201810$6801a8c0@mmbret> Message-ID: <53397.207.177.227.29.1161892735.squirrel@sujan.hallikainen.org> >> -----Original Message----- >> From: redhat-install-list-bounces at redhat.com >> [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of >> Bob McClure Jr >> Sent: Thursday, October 26, 2006 12:36 PM >> To: redhat-install-list at redhat.com >> Subject: Re: paypal scam - tracing link >> >> On Thu, Oct 26, 2006 at 12:20:35PM -0700, Bret Stern wrote: >> > Afternoon, >> > >> > Can anyone suggest how to find and delete these files which show up >> > during a locate command. >> > >> > I've looked in the folders below (where the locate command found >> > them), but cannot find the files. >> > >> > Any help would be appreciated. >> > >> > Bret Stern >> > >> > /usr/local/apache/htdocs/www.paypal.com >> > /usr/local/apache/htdocs/www.paypal.com/cgi-bin >> > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run >> > >> /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log > in-run/updates >> > -paypal >> > >> /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log > in-run/updates >> > -paypal/addr.gif >> > >> > >> > >> > >> /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log > in-run/updates >> > -paypal/update.php >> > >> /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log > in-run/updates >> > -paypal/_login-submit.htm >> > >> /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log > in-run/updates >> > -paypal/login.html >> > >> /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log > in-run/updates >> > -paypal/cc.db >> >> The database that "locate" works from is built a little after 4am >> every day. So it looks like the files were there then, but not now. >> As root, run "updatedb" to rebuild the database, and see if the >> problem still exists. >> >> The next question, of course, is, has your machine been cracked by a >> phisher? > > It was not my machine, but it is true. This was a re-creation of > paypal.com created on a customers host. > > so the next question.. how was this accomplished. > Did someone actually guess the password, or are there other > ways..including insided folks, or other?? > Well, years ago, someone broke into my RH9 machine through a hole in SSL. A patch was available, but I had not installed it. Luckily all they did was install a program that went looking for other vulnerable machines. It also looks like password guessing is a big business. Since I'm running sshblack, I only see four login attempts from maybe 10 different IP addresses each day. Before I installed sshblack, there were thousands of login attempts every day. I can't imagine a system that does not lock out attempts from a particular IP after some number of failures. Harold -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available! From bob at bobcatos.com Thu Oct 26 20:20:01 2006 From: bob at bobcatos.com (Bob McClure Jr) Date: Thu, 26 Oct 2006 15:20:01 -0500 Subject: paypal scam - tracing link In-Reply-To: <000001c6f936$d8201810$6801a8c0@mmbret> References: <20061026193612.GA3585@bobcat.bobcatos.com> <000001c6f936$d8201810$6801a8c0@mmbret> Message-ID: <20061026202001.GA4992@bobcat.bobcatos.com> On Thu, Oct 26, 2006 at 12:42:17PM -0700, Bret Stern wrote: > > -----Original Message----- > > From: redhat-install-list-bounces at redhat.com > > [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of > > Bob McClure Jr > > Sent: Thursday, October 26, 2006 12:36 PM > > To: redhat-install-list at redhat.com > > Subject: Re: paypal scam - tracing link > > > > On Thu, Oct 26, 2006 at 12:20:35PM -0700, Bret Stern wrote: > > > Afternoon, > > > > > > Can anyone suggest how to find and delete these files which show up > > > during a locate command. > > > > > > I've looked in the folders below (where the locate command found > > > them), but cannot find the files. > > > > > > Any help would be appreciated. > > > > > > Bret Stern > > > > > > /usr/local/apache/htdocs/www.paypal.com > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_login-run > > > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log > in-run/updates > > > -paypal > > > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log > in-run/updates > > > -paypal/addr.gif > > > > > > > > > > > > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log > in-run/updates > > > -paypal/update.php > > > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log > in-run/updates > > > -paypal/_login-submit.htm > > > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log > in-run/updates > > > -paypal/login.html > > > > > /usr/local/apache/htdocs/www.paypal.com/cgi-bin/webscrcmd=_log > in-run/updates > > > -paypal/cc.db > > > > The database that "locate" works from is built a little after 4am > > every day. So it looks like the files were there then, but not now. > > As root, run "updatedb" to rebuild the database, and see if the > > problem still exists. > > > > The next question, of course, is, has your machine been cracked by a > > phisher? > > It was not my machine, but it is true. This was a re-creation of > paypal.com created on a customers host. > > so the next question.. how was this accomplished. > Did someone actually guess the password, That's possible, but it would have had to have been the account of whoever owns /usr/local/apache/htdocs, or root, in order to install files there. > or are there other > ways..including insided folks, That's possible, but seem unlikely unless it was a recently laid-off employee, and they hadn't changed all the passwords the person knew. or other?? As Harold has already mentioned, the cracker might have taken advantage of a known vulnerability in software whose security patches hadn't been kept up. If he gets in as root, he "owns" the box. I, too, am using sshblack or something similar on the ten exposed machines I watch over. > > Cheers, > > -- > > Bob McClure, Jr. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. bob at bobcatos.com http://www.bobcatos.com "Where you go in the hereafter depends on what you were after here." - Thanks to Graffiti, 2 March 2004 From micros50 at computer.net Thu Oct 26 23:08:12 2006 From: micros50 at computer.net (mylar) Date: Thu, 26 Oct 2006 19:08:12 -0400 Subject: paypal scam - tracing link In-Reply-To: <53397.207.177.227.29.1161892735.squirrel@sujan.hallikainen.org> References: <000001c6f936$d8201810$6801a8c0@mmbret> <53397.207.177.227.29.1161892735.squirrel@sujan.hallikainen.org> Message-ID: <1161904092.27345.46.camel@manhattan.ruffe.edu> On Thu, 2006-10-26 at 15:58, Harold Hallikainen wrote: > > > > Well, years ago, someone broke into my RH9 machine through a hole in SSL. > A patch was available, but I had not installed it. Luckily all they did > was install a program that went looking for other vulnerable machines. It > also looks like password guessing is a big business. Since I'm running > sshblack, I only see four login attempts from maybe 10 different IP > addresses each day. Before I installed sshblack, there were thousands of > login attempts every day. I can't imagine a system that does not lock out > attempts from a particular IP after some number of failures. > > Harold Thanks, I'm gonna give this a try. I've been noticing ssh attempts increasing here lately Time to kick em out. mylah From rstevens at vitalstream.com Fri Oct 27 18:03:40 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Fri, 27 Oct 2006 11:03:40 -0700 Subject: Here's a puzzler In-Reply-To: <1161850228.4460.1.camel@localhost.localdomain> References: <1161782338.2640.36.camel@localhost.localdomain> <1161811260.24439.262.camel@prophead.corp.publichost.com> <1161848343.2641.26.camel@localhost.localdomain> <1161850228.4460.1.camel@localhost.localdomain> Message-ID: <1161972220.24439.311.camel@prophead.corp.publichost.com> On Thu, 2006-10-26 at 10:10 +0200, Andrew Kelly wrote: > Right, problem solved. > Pilot error. > > Embarrassing. Can you give us a hint as to what was wrong? We're not trying to make you feel bad, but the list archive is checked by people on occasion and if you can post what you made a mistake on, it may prevent others from making the same mistake. > Please return to your regularly scheduled programs. Uh, I was watching reruns of Gilligan's Island. I'd really rather not return to it. :-) ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Admitting you have a problem is the first step toward getting - - medicated for it. -- Jim Evarts (http://www.TopFive.com) - ---------------------------------------------------------------------- From bc98kinney at yahoo.com Sun Oct 29 16:56:49 2006 From: bc98kinney at yahoo.com (Bob Kinney) Date: Sun, 29 Oct 2006 08:56:49 -0800 (PST) Subject: Here's a puzzler In-Reply-To: <1161850228.4460.1.camel@localhost.localdomain> Message-ID: <20061029165649.39846.qmail@web30701.mail.mud.yahoo.com> --- Andrew Kelly wrote: > Right, problem solved. > Pilot error. > > Embarrassing. > > Please return to your regularly scheduled programs. > > Andy So what was it? ____________________________________________________________________________________ Cheap Talk? Check out Yahoo! Messenger's low PC-to-Phone call rates (http://voice.yahoo.com) From akelly at corisweb.org Mon Oct 30 09:56:05 2006 From: akelly at corisweb.org (Andrew Kelly) Date: Mon, 30 Oct 2006 10:56:05 +0100 Subject: Here's a puzzler In-Reply-To: <1161972220.24439.311.camel@prophead.corp.publichost.com> References: <1161782338.2640.36.camel@localhost.localdomain> <1161811260.24439.262.camel@prophead.corp.publichost.com> <1161848343.2641.26.camel@localhost.localdomain> <1161850228.4460.1.camel@localhost.localdomain> <1161972220.24439.311.camel@prophead.corp.publichost.com> Message-ID: <1162202165.2640.28.camel@localhost.localdomain> Hi Rick, Bob, everybody, On Fri, 2006-10-27 at 11:03 -0700, Rick Stevens wrote: > On Thu, 2006-10-26 at 10:10 +0200, Andrew Kelly wrote: > > Right, problem solved. > > Pilot error. > > > > Embarrassing. > > Can you give us a hint as to what was wrong? We're not trying to make > you feel bad, but the list archive is checked by people on occasion and > if you can post what you made a mistake on, it may prevent others from > making the same mistake. Errr.. yes. As I was saying, these are new servers which I'm configuring, servers which I haven't yet added to my nameservers. It turned out to be a resolution problem, but not necessarily the one that Rick was pointing me towards in his reply. For the sake of saving me a lot of keystrokes during config, I had simply added the new machines to the hosts file on my workstation and had quite simply mistyped and never noticed the mistake. I was attempting to contact IP addresses which didn't/don't exist. Too many irons, too many fires. > > Please return to your regularly scheduled programs. > > Uh, I was watching reruns of Gilligan's Island. I'd really rather not > return to it. :-) I miss Gilligan, actually. Sometimes it's fun to watch an episode and mentally superimpose Maynard over Gilligan. Dobie's Island, so to speak. Dang, I'm old, ain't I? Andy From Travis.R.Waldher at boeing.com Mon Oct 30 15:56:36 2006 From: Travis.R.Waldher at boeing.com (Waldher, Travis R) Date: Mon, 30 Oct 2006 07:56:36 -0800 Subject: paypal scam - tracing link In-Reply-To: <1161904092.27345.46.camel@manhattan.ruffe.edu> Message-ID: > -----Original Message----- > From: mylar [mailto:micros50 at computer.net] > Sent: Thursday, October 26, 2006 4:08 PM > To: Getting started with Red Hat Linux > Subject: RE: paypal scam - tracing link > > Thanks, I'm gonna give this a try. I've been noticing ssh attempts > increasing here lately Time to kick em out. > > mylah > A few things: 1) passwords, make sure they aren't crackable or guessable. A good password is alphanumeric with different cases and at LEAST 8-10 characters but spells something to help you remember. A great password is 15+ characters long, alphanumeric with different cases, if the OS supports it special ASCII characters, AND spells nothing. For example: "mypassword" is a bad password - easily cracked "myp at s5w0rD" is an good/ok password - harder to crack but doable "78D0fi3w4%^xeD1" is a great password. - crackable but takes a LONG time. Next change your passwords at LEAST every 90-180 days. In the last case, it's going to take more than 45-90 days to crack that password. That's assuming they have supercomputers or clusters at their finger tips. So if you change them often enough, by the time they crack (or guess) it, it's already changed. 2) SSH - force to run version 2. (Rick can you remember why? My caffeine hasn't kicked in yet) 3) Disable other access methods, rlogin, rexec, telnet, etc. Tunnel all X traffic over SSH. Otherwise, all of those methods send usernames/passwords in clear text. 4) If the machine has been hacked. Take it off the network and investigate what they could have accessed. After that, hit the power button, remove the hard disk. First dunk it in liquid nitrogen, then douse it in gasoline and light it on fire; followed by running it over with a Mac truck, optionally shoot it a few times, finish it off by sending it through a chipper. Seriously if the machine has been compromised, it is best to take it down, reformat it several times, I prefer either a low-level or overwriting with 1's and 0's. (ok I'm paranoid) After this is done rebuild it. Why? Without extensive work, you won't know for sure what they put where. From Travis.R.Waldher at boeing.com Mon Oct 30 15:56:35 2006 From: Travis.R.Waldher at boeing.com (Waldher, Travis R) Date: Mon, 30 Oct 2006 07:56:35 -0800 Subject: Here's a puzzler In-Reply-To: <1161972220.24439.311.camel@prophead.corp.publichost.com> Message-ID: > -----Original Message----- > From: Rick Stevens [mailto:rstevens at vitalstream.com] > Sent: Friday, October 27, 2006 11:04 AM > To: Getting started with Red Hat Linux > Subject: Re: Here's a puzzler > > On Thu, 2006-10-26 at 10:10 +0200, Andrew Kelly wrote: > > Right, problem solved. > > Pilot error. > > > > Embarrassing. > > Can you give us a hint as to what was wrong? We're not trying to make > you feel bad, but the list archive is checked by people on occasion and > if you can post what you made a mistake on, it may prevent others from > making the same mistake. > Bummer, I was about to say: Confucious say if no else is having problem, problem must be you. :D I second your request though, it sounds like something I would have done, and may end up finding this thread in a future search. LOL From jreyn at us.ibm.com Mon Oct 30 16:32:10 2006 From: jreyn at us.ibm.com (John Reynolds) Date: Mon, 30 Oct 2006 08:32:10 -0800 Subject: Here's a puzzler In-Reply-To: <1162202165.2640.28.camel@localhost.localdomain> Message-ID: Andrew Kelly wrote on 10/30/2006 01:56:05 AM: > Hi Rick, Bob, everybody, > > On Fri, 2006-10-27 at 11:03 -0700, Rick Stevens wrote: > > On Thu, 2006-10-26 at 10:10 +0200, Andrew Kelly wrote: > > > Right, problem solved. > > > Pilot error. > > > > > > Embarrassing. > > > > Can you give us a hint as to what was wrong? We're not trying to make > > you feel bad, but the list archive is checked by people on occasion and > > if you can post what you made a mistake on, it may prevent others from > > making the same mistake. > > > Errr.. yes. > > As I was saying, these are new servers which I'm configuring, servers > which I haven't yet added to my nameservers. It turned out to be a > resolution problem, but not necessarily the one that Rick was pointing > me towards in his reply. > > For the sake of saving me a lot of keystrokes during config, I had > simply added the new machines to the hosts file on my workstation and > had quite simply mistyped and never noticed the mistake. > I was attempting to contact IP addresses which didn't/don't exist. Don't feel too bad. Been there, done that, got the T-sriht. ;) john r From A.Fadyushin at it-centre.ru Mon Oct 30 16:35:29 2006 From: A.Fadyushin at it-centre.ru (A.Fadyushin at it-centre.ru) Date: Mon, 30 Oct 2006 19:35:29 +0300 Subject: paypal scam - tracing link Message-ID: <13074E1DC446D846B6AED445675F736829E258@majil.it-centre.ru> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Waldher, Travis R > Sent: Monday, October 30, 2006 6:57 PM > To: Getting started with Red Hat Linux > Subject: RE: paypal scam - tracing link > > > -----Original Message----- > > From: mylar [mailto:micros50 at computer.net] > > Sent: Thursday, October 26, 2006 4:08 PM > > To: Getting started with Red Hat Linux > > Subject: RE: paypal scam - tracing link > > > > Thanks, I'm gonna give this a try. I've been noticing ssh attempts > > increasing here lately Time to kick em out. > > > > mylah > > > > A few things: > > 1) passwords, make sure they aren't crackable or guessable. > > A good password is alphanumeric with different cases and at LEAST 8-10 > characters but spells something to help you remember. > > A great password is 15+ characters long, alphanumeric with different > cases, if the OS supports it special ASCII characters, AND spells > nothing. > > For example: > "mypassword" is a bad password - easily cracked > "myp at s5w0rD" is an good/ok password - harder to crack but doable > "78D0fi3w4%^xeD1" is a great password. - crackable but takes a LONG > time. > > Next change your passwords at LEAST every 90-180 days. In the last > case, it's going to take more than 45-90 days to crack that password. > That's assuming they have supercomputers or clusters at their finger > tips. So if you change them often enough, by the time they crack (or > guess) it, it's already changed. > > 2) SSH - force to run version 2. (Rick can you remember why? My > caffeine hasn't kicked in yet) > > 3) Disable other access methods, rlogin, rexec, telnet, etc. Tunnel all > X traffic over SSH. Otherwise, all of those methods send > usernames/passwords in clear text. > > 4) If the machine has been hacked. Take it off the network and > investigate what they could have accessed. After that, hit the power > button, remove the hard disk. First dunk it in liquid nitrogen, then > douse it in gasoline and light it on fire; followed by running it over > with a Mac truck, optionally shoot it a few times, finish it off by > sending it through a chipper. > > Seriously if the machine has been compromised, it is best to take it > down, reformat it several times, I prefer either a low-level or > overwriting with 1's and 0's. (ok I'm paranoid) After this is done > rebuild it. Why? Without extensive work, you won't know for sure what > they put where. 5) You can also use one-time passwords - it would give even better protection from password guessing and cracking. 6) If you are using SSH you can completely disable SSH password authentication and use keys (protected by password on your local workstation) to log in. In this case it would be impossible to guess you password by attempting to login into server via SSH. In this case the server does not use the password for authentication and the key protection password newer exists outside your workstation. Alexey B. Fadyushin Brainbench MVP for Linux. http://www.brainbench.com From redhat-install-list at hyperbole-software.com Mon Oct 30 18:58:43 2006 From: redhat-install-list at hyperbole-software.com (Carl Reynolds) Date: Mon, 30 Oct 2006 13:58:43 -0500 Subject: Here's a puzzler In-Reply-To: <1162202165.2640.28.camel@localhost.localdomain> References: <1161782338.2640.36.camel@localhost.localdomain> <1161811260.24439.262.camel@prophead.corp.publichost.com> <1161848343.2641.26.camel@localhost.localdomain> <1161850228.4460.1.camel@localhost.localdomain> <1161972220.24439.311.camel@prophead.corp.publichost.com> <1162202165.2640.28.camel@localhost.localdomain> Message-ID: <45464B63.9070902@hyperbole-software.com> Andrew Kelly wrote: >For the sake of saving me a lot of keystrokes during config, I had >simply added the new machines to the hosts file on my workstation and >had quite simply mistyped and never noticed the mistake. >I was attempting to contact IP addresses which didn't/don't exist. > > > I had a different, but related, problem recently. About six months ago we switch our network from using static IPs to DHCP. After making the switch there was one machine on the net that we could connect to sometimes and other times it wasn't visible to any other machine. Sometimes it could see other machines on the network and other times it couldn't. That machine could always see the Internet connection and get it's e-mail and since it's a machine we don't connect to a lot I hadn't really looked very hard to find out why it wasn't always visible. About two weeks ago I was doing some work on the machine and noticed that it was giving its own IP as a different value than the one assigned by the DHCP server. That got me to thinking and I checked for the hosts file and it still had a fully populated hosts file from when we were using static IPs. I removed the entries (except localhost) from the hosts file and we haven't had any problems connecting to it since. I hope that will help someone in the future. Carl. From bc98kinney at yahoo.com Mon Oct 30 23:44:11 2006 From: bc98kinney at yahoo.com (Bob Kinney) Date: Mon, 30 Oct 2006 15:44:11 -0800 (PST) Subject: morphing topic: RE: paypal scam - tracing link In-Reply-To: <13074E1DC446D846B6AED445675F736829E258@majil.it-centre.ru> Message-ID: <20061030234411.50858.qmail@web30702.mail.mud.yahoo.com> --- A.Fadyushin at it-centre.ru wrote: > > 6) If you are using SSH you can completely disable SSH password > authentication and use keys (protected by password on your local > workstation) to log in. In this case it would be impossible to guess you > password by attempting to login into server via SSH. In this case the > server does not use the password for authentication and the key > protection password newer exists outside your workstation. I like this idea--minimum 128-bit "passwords". Can you point to a how-to link? --bc ____________________________________________________________________________________ Cheap Talk? Check out Yahoo! Messenger's low PC-to-Phone call rates (http://voice.yahoo.com) From rstevens at vitalstream.com Tue Oct 31 00:40:19 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 30 Oct 2006 16:40:19 -0800 Subject: morphing topic: RE: paypal scam - tracing link In-Reply-To: <20061030234411.50858.qmail@web30702.mail.mud.yahoo.com> References: <20061030234411.50858.qmail@web30702.mail.mud.yahoo.com> Message-ID: <1162255219.3148.7.camel@prophead.corp.publichost.com> On Mon, 2006-10-30 at 15:44 -0800, Bob Kinney wrote: > > --- A.Fadyushin at it-centre.ru wrote: > > > > > 6) If you are using SSH you can completely disable SSH password > > authentication and use keys (protected by password on your local > > workstation) to log in. In this case it would be impossible to guess you > > password by attempting to login into server via SSH. In this case the > > server does not use the password for authentication and the key > > protection password newer exists outside your workstation. > > > I like this idea--minimum 128-bit "passwords". Can you point to a > how-to link? Simply generate a DSA or RSA key on your local machine: $ ssh-keygen [-t dsa] By default, ssh-keygen creates a RSA keys. Then tack the contents of the ~/.ssh/id_dsa.pub (or id_rsa.pub) file to the end of the "~./ssh/authorized_keys" file on the destination machine. You can then turn off password authentication on the target machine and it'll only use the keys in the authorized_keys file. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "You think that's tough? Try herding cats!" - ---------------------------------------------------------------------- From bc98kinney at yahoo.com Tue Oct 31 01:00:10 2006 From: bc98kinney at yahoo.com (Bob Kinney) Date: Mon, 30 Oct 2006 17:00:10 -0800 (PST) Subject: morphing topic: RE: paypal scam - tracing link In-Reply-To: <1162255219.3148.7.camel@prophead.corp.publichost.com> Message-ID: <20061031010010.79044.qmail@web30707.mail.mud.yahoo.com> --- Rick Stevens wrote: > On Mon, 2006-10-30 at 15:44 -0800, Bob Kinney wrote: > > > > --- A.Fadyushin at it-centre.ru wrote: > > > > > > > > 6) If you are using SSH you can completely disable SSH password > > > authentication and use keys (protected by password on your local > > > workstation) to log in. In this case it would be impossible to guess you > > > password by attempting to login into server via SSH. In this case the > > > server does not use the password for authentication and the key > > > protection password newer exists outside your workstation. > > > > > > I like this idea--minimum 128-bit "passwords". Can you point to a > > how-to link? > > Simply generate a DSA or RSA key on your local machine: > > $ ssh-keygen [-t dsa] > > By default, ssh-keygen creates a RSA keys. Then tack the contents of > the ~/.ssh/id_dsa.pub (or id_rsa.pub) file to the end of the > "~./ssh/authorized_keys" file on the destination machine. > > You can then turn off password authentication on the target machine and > it'll only use the keys in the authorized_keys file. So how would I "carry," and "input," my public key for remote login? ____________________________________________________________________________________ Everyone is raving about the all-new Yahoo! Mail (http://advision.webevents.yahoo.com/mailbeta/) From rstevens at vitalstream.com Tue Oct 31 01:12:07 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 30 Oct 2006 17:12:07 -0800 Subject: morphing topic: RE: paypal scam - tracing link In-Reply-To: <20061031010010.79044.qmail@web30707.mail.mud.yahoo.com> References: <20061031010010.79044.qmail@web30707.mail.mud.yahoo.com> Message-ID: <1162257127.3148.20.camel@prophead.corp.publichost.com> On Mon, 2006-10-30 at 17:00 -0800, Bob Kinney wrote: > > --- Rick Stevens wrote: > > > On Mon, 2006-10-30 at 15:44 -0800, Bob Kinney wrote: > > > > > > --- A.Fadyushin at it-centre.ru wrote: > > > > > > > > > > > 6) If you are using SSH you can completely disable SSH password > > > > authentication and use keys (protected by password on your local > > > > workstation) to log in. In this case it would be impossible to guess you > > > > password by attempting to login into server via SSH. In this case the > > > > server does not use the password for authentication and the key > > > > protection password newer exists outside your workstation. > > > > > > > > > I like this idea--minimum 128-bit "passwords". Can you point to a > > > how-to link? > > > > Simply generate a DSA or RSA key on your local machine: > > > > $ ssh-keygen [-t dsa] > > > > By default, ssh-keygen creates a RSA keys. Then tack the contents of > > the ~/.ssh/id_dsa.pub (or id_rsa.pub) file to the end of the > > "~./ssh/authorized_keys" file on the destination machine. > > > > You can then turn off password authentication on the target machine and > > it'll only use the keys in the authorized_keys file. > > > So how would I "carry," and "input," my public key for remote login? Put it on a small flash disk. I carry a little USB 128MB flash disk on my keychain ($4.95) that has my DSA key on it. I use ssh -i /path/to/flashcard/id_dsa to access it. A typical DSA key looks like: ssh-dss AAAAB3NzaC1kc3MAAACBAPs7QxxxxxxxxW6GPKzm18ITO08NtyuwdtwA +Z7beYeBiyyBCqtlvYgPcZztzD4 +85vJkhuLKKyL0MfIunsmG/SwyuHh78vJyGAyUpaZCupBtppnfxrSXiCh/uJpHyGLT2veS3S5zY5P9e8br4AMBM2SPbmGCuYrCFjt0+t642shAAAAFQCoOMkiuY80x0LR5cgpAt2fvVHUYQAAAIB65hFF/7wYXZmCIloYpWDaBNa71FAbWTUy5vDh4OJGjyK7sEg2FfXtiHJZappSgLF75Q18OCaVlhaOjq50OMu6duaFuCSRusY73K+181z3P114FXS3gd4DeVqyNcUGetzFjC+Y7mojWy6AdjbuiX1+hFwgRg4XWsZRl3322yk5JgAAAIBlE8Q/gAOy/6nuBJryUBCcpONvCDZT+2kdy+KoOzKh6uXJkRdJRHENUA26tZcKXX3LxaBagMC4S15MwOH3M90NEEnHx55RfvSTMs9SF/EQcHnfsDJUtrhlOeMfmlkq5crhBMEx8BMmTQaZQQ4fjcMaz6F4uXu7evdvHFipx119ag== root at nprophead.corp.publichost.com (all on one line, of course). You can also passphrase protect the key when you generate it if you wish, and the above command will ask you for the passphrase when you try to use it. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Always remember you're unique, just like everyone else. - ---------------------------------------------------------------------- From bc98kinney at yahoo.com Tue Oct 31 05:16:35 2006 From: bc98kinney at yahoo.com (Bob Kinney) Date: Mon, 30 Oct 2006 21:16:35 -0800 (PST) Subject: morphing topic: RE: paypal scam - tracing link In-Reply-To: <1162257127.3148.20.camel@prophead.corp.publichost.com> Message-ID: <20061031051635.14335.qmail@web30715.mail.mud.yahoo.com> --- Rick Stevens wrote: > On Mon, 2006-10-30 at 17:00 -0800, Bob Kinney wrote: > > > > --- Rick Stevens wrote: > > > > > On Mon, 2006-10-30 at 15:44 -0800, Bob Kinney wrote: > > > > > > > > --- A.Fadyushin at it-centre.ru wrote: > > > > > > > > > > > > > > 6) If you are using SSH you can completely disable SSH password > > > > > authentication and use keys (protected by password on your local > > > > > workstation) to log in. In this case it would be impossible to guess > you > > > > > password by attempting to login into server via SSH. In this case the > > > > > server does not use the password for authentication and the key > > > > > protection password newer exists outside your workstation. > > > > > > > > > > > > I like this idea--minimum 128-bit "passwords". Can you point to a > > > > how-to link? > > > > > > Simply generate a DSA or RSA key on your local machine: > > > > > > $ ssh-keygen [-t dsa] > > > > > > By default, ssh-keygen creates a RSA keys. Then tack the contents of > > > the ~/.ssh/id_dsa.pub (or id_rsa.pub) file to the end of the > > > "~./ssh/authorized_keys" file on the destination machine. > > > > > > You can then turn off password authentication on the target machine and > > > it'll only use the keys in the authorized_keys file. > > > > > > So how would I "carry," and "input," my public key for remote login? > > Put it on a small flash disk. I carry a little USB 128MB flash disk on > my keychain ($4.95) that has my DSA key on it. I use > > ssh -i /path/to/flashcard/id_dsa > > to access it. A typical DSA key looks like: > > ssh-dss AAAAB3NzaC1kc3MAAACBAPs7QxxxxxxxxW6GPKzm18ITO08NtyuwdtwA+Z7beYeBiyyBCqtlvYgPcZztzD4+85vJkhuLKKyL0MfIunsmG/SwyuHh78vJyGAyUpaZCupBtppnfxrSXiCh/uJpHyGLT2veS3S5zY5P9e8br4AMBM2SPbmGCuYrCFjt0+t642shAAAAFQCoOMkiuY80x0LR5cgpAt2fvVHUYQAAAIB65hFF/7wYXZmCIloYpWDaBNa71FAbWTUy5vDh4OJGjyK7sEg2FfXtiHJZappSgLF75Q18OCaVlhaOjq50OMu6duaFuCSRusY73K+181z3P114FXS3gd4DeVqyNcUGetzFjC+Y7mojWy6AdjbuiX1+hFwgRg4XWsZRl3322yk5JgAAAIBlE8Q/gAOy/6nuBJryUBCcpONvCDZT+2kdy+KoOzKh6uXJkRdJRHENUA26tZcKXX3LxaBagMC4S15MwOH3M90NEEnHx55RfvSTMs9SF/EQcHnfsDJUtrhlOeMfmlkq5crhBMEx8BMmTQaZQQ4fjcMaz6F4uXu7evdvHFipx119ag== root at nprophead.corp.publichost.com > (all on one line, of course). You can also passphrase protect the key > when you generate it if you wish, and the above command will ask you for > the passphrase when you try to use it. > Now THAT'S a password. Thanks, Rick. --bc ____________________________________________________________________________________ Want to start your own business? Learn how on Yahoo! Small Business (http://smallbusiness.yahoo.com) From bfebrian at gmx.net Tue Oct 31 08:35:26 2006 From: bfebrian at gmx.net (Budi Febrianto) Date: Tue, 31 Oct 2006 15:35:26 +0700 Subject: SMTP Attacks In-Reply-To: <1161723323.24439.213.camel@prophead.corp.publichost.com> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> <1161711817.24439.209.camel@prophead.corp.publichost.com> <20061024180126.GB2053@reddog.kinz.org> <1161723323.24439.213.camel@prophead.corp.publichost.com> Message-ID: <45470ACE.5060506@gmx.net> Rick Stevens wrote: > > Nah, I don't publicly blacklist them...I just don't let them into our > network...and there are a few specific holes in that list for legitimate > servers that I know about. > > Spamhaus, however, are Nazis and should be sued. > Why you say Spamhaus are Nazis? I use they services for many months now. Is there something that I don't know? Best Regards From A.Fadyushin at it-centre.ru Tue Oct 31 14:35:53 2006 From: A.Fadyushin at it-centre.ru (A.Fadyushin at it-centre.ru) Date: Tue, 31 Oct 2006 17:35:53 +0300 Subject: morphing topic: RE: paypal scam - tracing link Message-ID: <13074E1DC446D846B6AED445675F736829E325@majil.it-centre.ru> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Bob Kinney > Sent: Tuesday, October 31, 2006 8:17 AM > To: Getting started with Red Hat Linux > Subject: Re: morphing topic: RE: paypal scam - tracing link > > > > --- Rick Stevens wrote: > > > On Mon, 2006-10-30 at 17:00 -0800, Bob Kinney wrote: > > > > > > --- Rick Stevens wrote: > > > > > > > On Mon, 2006-10-30 at 15:44 -0800, Bob Kinney wrote: > > > > > > > > > > --- A.Fadyushin at it-centre.ru wrote: > > > > > > > > > > > > > > > > > 6) If you are using SSH you can completely disable SSH password > > > > > > authentication and use keys (protected by password on your local > > > > > > workstation) to log in. In this case it would be impossible to > guess > > you > > > > > > password by attempting to login into server via SSH. In this > case the > > > > > > server does not use the password for authentication and the key > > > > > > protection password newer exists outside your workstation. > > > > > > > > > > > > > > > I like this idea--minimum 128-bit "passwords". Can you point to a > > > > > how-to link? > > > > > > > > Simply generate a DSA or RSA key on your local machine: > > > > > > > > $ ssh-keygen [-t dsa] > > > > > > > > By default, ssh-keygen creates a RSA keys. Then tack the contents > of > > > > the ~/.ssh/id_dsa.pub (or id_rsa.pub) file to the end of the > > > > "~./ssh/authorized_keys" file on the destination machine. > > > > > > > > You can then turn off password authentication on the target machine > and > > > > it'll only use the keys in the authorized_keys file. > > > > > > > > > So how would I "carry," and "input," my public key for remote login? > > > > Put it on a small flash disk. I carry a little USB 128MB flash disk on > > my keychain ($4.95) that has my DSA key on it. I use > > > > ssh -i /path/to/flashcard/id_dsa > > > > to access it. A typical DSA key looks like: > > > > ssh-dss > AAAAB3NzaC1kc3MAAACBAPs7QxxxxxxxxW6GPKzm18ITO08NtyuwdtwA+Z7beYeBiyyBCqtl vY > gPcZztzD4+85vJkhuLKKyL0MfIunsmG/SwyuHh78vJyGAyUpaZCupBtppnfxrSXiCh/uJpHy GL > T2veS3S5zY5P9e8br4AMBM2SPbmGCuYrCFjt0+t642shAAAAFQCoOMkiuY80x0LR5cgpAt2f vV > HUYQAAAIB65hFF/7wYXZmCIloYpWDaBNa71FAbWTUy5vDh4OJGjyK7sEg2FfXtiHJZappSgL F7 > 5Q18OCaVlhaOjq50OMu6duaFuCSRusY73K+181z3P114FXS3gd4DeVqyNcUGetzFjC+Y7moj Wy > 6AdjbuiX1+hFwgRg4XWsZRl3322yk5JgAAAIBlE8Q/gAOy/6nuBJryUBCcpONvCDZT+2kdy+ Ko > OzKh6uXJkRdJRHENUA26tZcKXX3LxaBagMC4S15MwOH3M90NEEnHx55RfvSTMs9SF/EQcHnf sD > JUtrhlOeMfmlkq5crhBMEx8BMmTQaZQQ4fjcMaz6F4uXu7evdvHFipx119ag== > root at nprophead.corp.publichost.com > > (all on one line, of course). You can also passphrase protect the key > > when you generate it if you wish, and the above command will ask you for > > the passphrase when you try to use it. > > > > Now THAT'S a password. Thanks, Rick. > > --bc I strongly recommend you to use the passphrase protected key - it will render the key useless in the hands of someone who obtained it without your permission (for example, by copying it from you computer or flash disk left unattended). Of course, the length of the key should not be 128 bits as mentioned above. It is recommended to use at least 2048 bits RSA keys or 1024 bits DSA keys. Alexey B. Fadyushin Brainbench MVP for Linux http://www.brainbench.com From dmhunter at charter.net Tue Oct 31 14:47:43 2006 From: dmhunter at charter.net (Dan Hunter) Date: Tue, 31 Oct 2006 08:47:43 -0600 Subject: morphing topic: RE: paypal scam - tracing link References: <13074E1DC446D846B6AED445675F736829E325@majil.it-centre.ru> Message-ID: <003e01c6fcfb$87ff1570$64011811@mutant> ----- Original Message ----- From: To: Sent: Tuesday, October 31, 2006 8:35 AM Subject: RE: morphing topic: RE: paypal scam - tracing link > > >> -----Original Message----- >> From: redhat-install-list-bounces at redhat.com > [mailto:redhat-install-list- >> bounces at redhat.com] On Behalf Of Bob Kinney >> Sent: Tuesday, October 31, 2006 8:17 AM >> To: Getting started with Red Hat Linux >> Subject: Re: morphing topic: RE: paypal scam - tracing link >> >> >> >> --- Rick Stevens wrote: >> >> > On Mon, 2006-10-30 at 17:00 -0800, Bob Kinney wrote: >> > > >> > > --- Rick Stevens wrote: >> > > >> > > > On Mon, 2006-10-30 at 15:44 -0800, Bob Kinney wrote: >> > > > > >> > > > > --- A.Fadyushin at it-centre.ru wrote: >> > > > > >> > > > > > >> > > > > > 6) If you are using SSH you can completely disable SSH > password >> > > > > > authentication and use keys (protected by password on your > local >> > > > > > workstation) to log in. In this case it would be impossible > to >> guess >> > you >> > > > > > password by attempting to login into server via SSH. In this >> case the >> > > > > > server does not use the password for authentication and the > key >> > > > > > protection password newer exists outside your workstation. >> > > > > >> > > > > >> > > > > I like this idea--minimum 128-bit "passwords". Can you point > to a >> > > > > how-to link? >> > > > >> > > > Simply generate a DSA or RSA key on your local machine: >> > > > >> > > > $ ssh-keygen [-t dsa] >> > > > >> > > > By default, ssh-keygen creates a RSA keys. Then tack the > contents >> of >> > > > the ~/.ssh/id_dsa.pub (or id_rsa.pub) file to the end of the >> > > > "~./ssh/authorized_keys" file on the destination machine. >> > > > >> > > > You can then turn off password authentication on the target > machine >> and >> > > > it'll only use the keys in the authorized_keys file. >> > > >> > > >> > > So how would I "carry," and "input," my public key for remote > login? >> > >> > Put it on a small flash disk. I carry a little USB 128MB flash disk > on >> > my keychain ($4.95) that has my DSA key on it. I use >> > >> > ssh -i /path/to/flashcard/id_dsa >> > >> > to access it. A typical DSA key looks like: >> > >> > ssh-dss >> > AAAAB3NzaC1kc3MAAACBAPs7QxxxxxxxxW6GPKzm18ITO08NtyuwdtwA+Z7beYeBiyyBCqtl > vY >> > gPcZztzD4+85vJkhuLKKyL0MfIunsmG/SwyuHh78vJyGAyUpaZCupBtppnfxrSXiCh/uJpHy > GL >> > T2veS3S5zY5P9e8br4AMBM2SPbmGCuYrCFjt0+t642shAAAAFQCoOMkiuY80x0LR5cgpAt2f > vV >> > HUYQAAAIB65hFF/7wYXZmCIloYpWDaBNa71FAbWTUy5vDh4OJGjyK7sEg2FfXtiHJZappSgL > F7 >> > 5Q18OCaVlhaOjq50OMu6duaFuCSRusY73K+181z3P114FXS3gd4DeVqyNcUGetzFjC+Y7moj > Wy >> > 6AdjbuiX1+hFwgRg4XWsZRl3322yk5JgAAAIBlE8Q/gAOy/6nuBJryUBCcpONvCDZT+2kdy+ > Ko >> > OzKh6uXJkRdJRHENUA26tZcKXX3LxaBagMC4S15MwOH3M90NEEnHx55RfvSTMs9SF/EQcHnf > sD >> JUtrhlOeMfmlkq5crhBMEx8BMmTQaZQQ4fjcMaz6F4uXu7evdvHFipx119ag== >> root at nprophead.corp.publichost.com >> > (all on one line, of course). You can also passphrase protect the > key >> > when you generate it if you wish, and the above command will ask you > for >> > the passphrase when you try to use it. >> > >> >> Now THAT'S a password. Thanks, Rick. >> >> --bc > > I strongly recommend you to use the passphrase protected key - it will > render the key useless in the hands of someone who obtained it without > your permission (for example, by copying it from you computer or flash > disk left unattended). > > Of course, the length of the key should not be 128 bits as mentioned > above. It is recommended to use at least 2048 bits RSA keys or 1024 bits > DSA keys. > > Alexey B. Fadyushin > Brainbench MVP for Linux > http://www.brainbench.com > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > So if the flash disk is stolen, it is useless to the other person. What position does this leave the owner in? Can they still get into these systems? If so how? From rstevens at vitalstream.com Tue Oct 31 17:09:06 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 31 Oct 2006 09:09:06 -0800 Subject: SMTP Attacks In-Reply-To: <45470ACE.5060506@gmx.net> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> <1161711817.24439.209.camel@prophead.corp.publichost.com> <20061024180126.GB2053@reddog.kinz.org> <1161723323.24439.213.camel@prophead.corp.publichost.com> <45470ACE.5060506@gmx.net> Message-ID: <1162314546.3148.28.camel@prophead.corp.publichost.com> On Tue, 2006-10-31 at 15:35 +0700, Budi Febrianto wrote: > Rick Stevens wrote: > > > > Nah, I don't publicly blacklist them...I just don't let them into our > > network...and there are a few specific holes in that list for legitimate > > servers that I know about. > > > > Spamhaus, however, are Nazis and should be sued. > > > > Why you say Spamhaus are Nazis? I use they services for many months now. > Is there something that I don't know? Yes. God help you if you ever get on their list. It's damned near impossible to get off--even if you were incorrectly listed or can prove whatever was wrong has been fixed. They provide NO mechanism to unlist yourself or submit your site for a check (or didn't last time I checked), and if you were unfairly listed, they offer no apologies if they do take you off. Their blocks can be draconian...I've seen them list an entire /19 network because ONE server had been compromised. I applaud their efforts, but the way they do things is really, really bush league. If you're going to label someone as a spammer based on someone else's say-so, you'd better provide ways to get off the list if you've been put on it. They don't, and that's why I consider them Nazis. ...ir attitude is "F*ck you...you're a spammer and will always be a spammer > > Best Regards > > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "And on the seventh day, He exited from append mode." - ---------------------------------------------------------------------- From harold at hallikainen.com Tue Oct 31 18:06:38 2006 From: harold at hallikainen.com (Harold Hallikainen) Date: Tue, 31 Oct 2006 10:06:38 -0800 (PST) Subject: SMTP Attacks In-Reply-To: <1162314546.3148.28.camel@prophead.corp.publichost.com> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> <1161711817.24439.209.camel@prophead.corp.publichost.com> <20061024180126.GB2053@reddog.kinz.org> <1161723323.24439.213.camel@prophead.corp.publichost.com> <45470ACE.5060506@gmx.net> <1162314546.3148.28.camel@prophead.corp.publichost.com> Message-ID: <24962.207.177.227.29.1162317998.squirrel@sujan.hallikainen.org> > On Tue, 2006-10-31 at 15:35 +0700, Budi Febrianto wrote: >> Rick Stevens wrote: >> > >> > Nah, I don't publicly blacklist them...I just don't let them into our >> > network...and there are a few specific holes in that list for >> legitimate >> > servers that I know about. >> > >> > Spamhaus, however, are Nazis and should be sued. >> > >> >> Why you say Spamhaus are Nazis? I use they services for many months now. >> Is there something that I don't know? > > Yes. God help you if you ever get on their list. It's damned near > impossible to get off--even if you were incorrectly listed or can prove > whatever was wrong has been fixed. > > They provide NO mechanism to unlist yourself or submit your site for a > check (or didn't last time I checked), and if you were unfairly listed, > they offer no apologies if they do take you off. > > Their blocks can be draconian...I've seen them list an entire /19 > network because ONE server had been compromised. > > I applaud their efforts, but the way they do things is really, really > bush league. If you're going to label someone as a spammer based on > someone else's say-so, you'd better provide ways to get off the list if > you've been put on it. They don't, and that's why I consider them > Nazis. > > > ...ir attitude is "F*ck you...you're a spammer and will > always be a spammer Any comments on http://www.spamcop.net ? They seem to be working well for me. I can watch /var/maillog and watch spam being rejected all day. Here's one from a few minutes ago... Oct 31 09:38:55 sujan sendmail[2169]: ruleset=check_relay, arg1=OL88-54.fibertel.com.ar, arg2=127.0.0.2, relay=OL88-54.fiberte l.com.ar [24.232.54.88], reject=553 5.3.0 Spam blocked see: http://spamcop.net/bl.shtml?24.232.54.88 Harold -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available! From hemzet at gmx.net Tue Oct 31 18:47:55 2006 From: hemzet at gmx.net (Oliver) Date: Tue, 31 Oct 2006 19:47:55 +0100 Subject: SMTP Attacks In-Reply-To: <24962.207.177.227.29.1162317998.squirrel@sujan.hallikainen.org> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> <1161711817.24439.209.camel@prophead.corp.publichost.com> <20061024180126.GB2053@reddog.kinz.org> <1161723323.24439.213.camel@prophead.corp.publichost.com> <45470ACE.5060506@gmx.net> <1162314546.3148.28.camel@prophead.corp.publichost.com> <24962.207.177.227.29.1162317998.squirrel@sujan.hallikainen.org> Message-ID: <356864465.20061031194755@gmx.net> hm, spamcop blocks too many addresses for me. so, I often got no mails from friends that send from big nets (like strato.de, aol.de, 1und1.de and so on). so I don't use it anymore. try these ones: dul.maps.vix.com, relays.orbs.org, opm.blitzed.org, rfc-ignorant.org, cbl.abuseat.org or if you have one more that's very good, just give me a hint :) thx & cheers oliver >> On Tue, 2006-10-31 at 15:35 +0700, Budi Febrianto wrote: >>> Rick Stevens wrote: >>> > >>> > Nah, I don't publicly blacklist them...I just don't let them into our >>> > network...and there are a few specific holes in that list for >>> legitimate >>> > servers that I know about. >>> > >>> > Spamhaus, however, are Nazis and should be sued. >>> > >>> >>> Why you say Spamhaus are Nazis? I use they services for many months now. >>> Is there something that I don't know? >> >> Yes. God help you if you ever get on their list. It's damned near >> impossible to get off--even if you were incorrectly listed or can prove >> whatever was wrong has been fixed. >> >> They provide NO mechanism to unlist yourself or submit your site for a >> check (or didn't last time I checked), and if you were unfairly listed, >> they offer no apologies if they do take you off. >> >> Their blocks can be draconian...I've seen them list an entire /19 >> network because ONE server had been compromised. >> >> I applaud their efforts, but the way they do things is really, really >> bush league. If you're going to label someone as a spammer based on >> someone else's say-so, you'd better provide ways to get off the list if >> you've been put on it. They don't, and that's why I consider them >> Nazis. >> >> >> ...ir attitude is "F*ck you...you're a spammer and will >> always be a spammer > Any comments on http://www.spamcop.net ? They seem to be working well for > me. I can watch /var/maillog and watch spam being rejected all day. Here's > one from a few minutes ago... > Oct 31 09:38:55 sujan sendmail[2169]: ruleset=check_relay, > arg1=OL88-54.fibertel.com.ar, arg2=127.0.0.2, relay=OL88-54.fiberte > l.com.ar [24.232.54.88], reject=553 5.3.0 Spam blocked see: > http://spamcop.net/bl.shtml?24.232.54.88 > Harold From rstevens at vitalstream.com Tue Oct 31 20:59:23 2006 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 31 Oct 2006 12:59:23 -0800 Subject: SMTP Attacks In-Reply-To: <24962.207.177.227.29.1162317998.squirrel@sujan.hallikainen.org> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> <1161711817.24439.209.camel@prophead.corp.publichost.com> <20061024180126.GB2053@reddog.kinz.org> <1161723323.24439.213.camel@prophead.corp.publichost.com> <45470ACE.5060506@gmx.net> <1162314546.3148.28.camel@prophead.corp.publichost.com> <24962.207.177.227.29.1162317998.squirrel@sujan.hallikainen.org> Message-ID: <1162328363.3148.35.camel@prophead.corp.publichost.com> On Tue, 2006-10-31 at 10:06 -0800, Harold Hallikainen wrote: > > On Tue, 2006-10-31 at 15:35 +0700, Budi Febrianto wrote: > >> Rick Stevens wrote: > >> > > >> > Nah, I don't publicly blacklist them...I just don't let them into our > >> > network...and there are a few specific holes in that list for > >> legitimate > >> > servers that I know about. > >> > > >> > Spamhaus, however, are Nazis and should be sued. > >> > > >> > >> Why you say Spamhaus are Nazis? I use they services for many months now. > >> Is there something that I don't know? > > > > Yes. God help you if you ever get on their list. It's damned near > > impossible to get off--even if you were incorrectly listed or can prove > > whatever was wrong has been fixed. > > > > They provide NO mechanism to unlist yourself or submit your site for a > > check (or didn't last time I checked), and if you were unfairly listed, > > they offer no apologies if they do take you off. > > > > Their blocks can be draconian...I've seen them list an entire /19 > > network because ONE server had been compromised. > > > > I applaud their efforts, but the way they do things is really, really > > bush league. If you're going to label someone as a spammer based on > > someone else's say-so, you'd better provide ways to get off the list if > > you've been put on it. They don't, and that's why I consider them > > Nazis. > > > > > > ...ir attitude is "F*ck you...you're a spammer and will > > always be a spammer > > > Any comments on http://www.spamcop.net ? They seem to be working well for > me. I can watch /var/maillog and watch spam being rejected all day. Here's > one from a few minutes ago... > > Oct 31 09:38:55 sujan sendmail[2169]: ruleset=check_relay, > arg1=OL88-54.fibertel.com.ar, arg2=127.0.0.2, relay=OL88-54.fiberte > l.com.ar [24.232.54.88], reject=553 5.3.0 Spam blocked see: > http://spamcop.net/bl.shtml?24.232.54.88 They're not as bad and they do give you a way to get off their list (sorta). Look, I don't want to get into some holy war about this. I've run into a number of them while running our network. I understand what they're trying to do, but when they come up with their _own_ definitions of what is and isn't spam, then list you based on reports from third parties (some of which may be from people who simply don't like you) and give you NO way of defending yourself or getting off their lists, then I call them Nazis and that's the end of it. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Artificial Intelligence usually beats real stupidity. - ---------------------------------------------------------------------- From harold at hallikainen.com Tue Oct 31 21:03:05 2006 From: harold at hallikainen.com (Harold Hallikainen) Date: Tue, 31 Oct 2006 13:03:05 -0800 (PST) Subject: SMTP Attacks In-Reply-To: <356864465.20061031194755@gmx.net> References: <37786.192.168.1.1.1161693148.squirrel@sujan.hallikainen.org> <20061024151447.GA32623@bobcat.bobcatos.com> <42960.207.177.227.29.1161704974.squirrel@sujan.hallikainen.org> <1161708441.24439.177.camel@prophead.corp.publichost.com> <19237.194.127.8.19.1161709811.squirrel@webmail.hemzet.com> <1161711817.24439.209.camel@prophead.corp.publichost.com> <20061024180126.GB2053@reddog.kinz.org> <1161723323.24439.213.camel@prophead.corp.publichost.com> <45470ACE.5060506@gmx.net> <1162314546.3148.28.camel@prophead.corp.publichost.com> <24962.207.177.227.29.1162317998.squirrel@sujan.hallikainen.org> <356864465.20061031194755@gmx.net> Message-ID: <26208.207.177.227.29.1162328585.squirrel@sujan.hallikainen.org> >>> On Tue, 2006-10-31 at 15:35 +0700, Budi Febrianto wrote: >>>> Rick Stevens wrote: >>>> > >>>> > Nah, I don't publicly blacklist them...I just don't let them into >>>> our >>>> > network...and there are a few specific holes in that list for >>>> legitimate >>>> > servers that I know about. >>>> > >>>> > Spamhaus, however, are Nazis and should be sued. >>>> > >>>> >>>> Why you say Spamhaus are Nazis? I use they services for many months >>>> now. >>>> Is there something that I don't know? >>> >>> Yes. God help you if you ever get on their list. It's damned near >>> impossible to get off--even if you were incorrectly listed or can prove >>> whatever was wrong has been fixed. >>> >>> They provide NO mechanism to unlist yourself or submit your site for a >>> check (or didn't last time I checked), and if you were unfairly listed, >>> they offer no apologies if they do take you off. >>> >>> Their blocks can be draconian...I've seen them list an entire /19 >>> network because ONE server had been compromised. >>> >>> I applaud their efforts, but the way they do things is really, really >>> bush league. If you're going to label someone as a spammer based on >>> someone else's say-so, you'd better provide ways to get off the list if >>> you've been put on it. They don't, and that's why I consider them >>> Nazis. >>> >>> >>> ...ir attitude is "F*ck you...you're a spammer and will >>> always be a spammer > > >> Any comments on http://www.spamcop.net ? They seem to be working well >> for >> me. I can watch /var/maillog and watch spam being rejected all day. >> Here's >> one from a few minutes ago... > >> Oct 31 09:38:55 sujan sendmail[2169]: ruleset=check_relay, >> arg1=OL88-54.fibertel.com.ar, arg2=127.0.0.2, relay=OL88-54.fiberte >> l.com.ar [24.232.54.88], reject=553 5.3.0 Spam blocked see: >> http://spamcop.net/bl.shtml?24.232.54.88 > > >> Harold > > hm, spamcop blocks too many addresses for me. so, I often > got no mails from friends that send from big nets (like strato.de, > aol.de, 1und1.de and so on). so I don't use it anymore. > > try these ones: > dul.maps.vix.com, relays.orbs.org, opm.blitzed.org, rfc-ignorant.org, > cbl.abuseat.org > > or if you have one more that's very good, just give me a hint :) > > thx & cheers > oliver > > > > > I've only had trouble with one mailing list I subscribe to getting listed on spamcop. I added this: connect:mit.edu OK to /etc/mail/access A little more user friendly way to "whitelist" senders would be nice, but this worked. Harold -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available!