|
PalmTreeFun posted:
ClamAV works well, especially if you are using the machine as a fileserver for windows clients.
|
# ? Feb 19, 2012 20:10 |
|
|
# ? May 10, 2024 00:04 |
|
spankmeister posted:hda is almost certainly your cdrom drive since even if a hard drive is IDE it will show up as sdX with modern kernels. lshw: code:
code:
[root@SB1 ~]# mkfs.ext4 /dev/sdb1 -bash: mkfs.ext4: command not found Bruce Hussein Daddy fucked around with this message at 20:55 on Feb 19, 2012 |
# ? Feb 19, 2012 20:43 |
|
nitrogen posted:ClamAV works well, especially if you are using the machine as a fileserver for windows clients. I should probably add that this is just a personal computer. I installed it just so that I can use stuff from the Unix C libraries while programming. I suppose I don't need any then? Are there just not many viruses built for Unix, or does it already have good built-in security?
|
# ? Feb 19, 2012 20:50 |
|
Bruce Hussein Daddy posted:You're right. I came back to edit but you beat me, that is in fact the CDRom. You'll have to configure a new "array" with just the one disk in it (usually using JBOD) or if you can plug it into another disk controller on the motherboard and put that controller in AHCI mode. (or IDE emulation if AHCI is not available). Don't put your current controller in AHCI or IDE mode because you will break your array. quote:Thanks for the help on the external, that should do me for that problem. edit: Hmm, strange. What distro are you running? PalmTreeFun posted:Are there just not many viruses built for Unix, or does it already have good built-in security?
|
# ? Feb 19, 2012 21:20 |
|
PalmTreeFun posted:I should probably add that this is just a personal computer. I installed it just so that I can use stuff from the Unix C libraries while programming. I suppose I don't need any then? Are there just not many viruses built for Unix, or does it already have good built-in security? It's not as vulnerable to drivebys so the main way of getting a virus an infection is running random poo poo you download (which is just as dangerous in windows) or deciding to install a bunch of servers and not securing them (which is just as dangerous in windows). spankmeister posted:Hmm, strange. What distro are you running? Redhat 4 is still supported by redhat and wouldn't have ext4. Longinus00 fucked around with this message at 21:34 on Feb 19, 2012 |
# ? Feb 19, 2012 21:32 |
|
Yeah if you run SSH open to the internet port scanners WILL find you and they WILL try to bruteforce you. Just don't be dumb and use 1234 as your root password and you should be fine.
|
# ? Feb 19, 2012 21:34 |
|
Alright, cool. Thanks a bunch.
|
# ? Feb 19, 2012 22:33 |
|
spankmeister posted:Yeah if you run SSH open to the internet port scanners WILL find you and they WILL try to bruteforce you. I used to run sshd just so I could use irssi on my phone, should I have been paranoid or would not using the default port and using public/private keys for authentication be good enough?
|
# ? Feb 19, 2012 22:55 |
|
PS. Love the cabin posted:I used to run sshd just so I could use irssi on my phone, should I have been paranoid or would not using the default port and using public/private keys for authentication be good enough? More than enough, swapping off the default port alone with pretty much completely stop the random bruteforcers
|
# ? Feb 19, 2012 23:06 |
|
PS. Love the cabin posted:I used to run sshd just so I could use irssi on my phone, should I have been paranoid or would not using the default port and using public/private keys for authentication be good enough? Consider investing in fail2ban or denyhosts for extra security against brute forcing. Also interesting to see where attacks are coming from.
|
# ? Feb 20, 2012 00:32 |
|
Banning china and russia in iptables gets rid of like 90%
|
# ? Feb 20, 2012 00:43 |
|
That's actually a great idea, maybe to expand on it only allowing the IP range of my cell provider. I just wish my phone tethering app would allow me to use SSH, they block anything but http and mail for "security reasons". Although IIRC there is a way to do it through an http proxy, I just haven't had the energy to follow through.
|
# ? Feb 20, 2012 01:55 |
|
Chunjee posted:I managed to solve my problem by specifying my own screenrc file I know this is a few pages back, and I didn't check to see if anyone else helped you fix this, but... Why not just run these as daemons? I just recently submitted a patch to SickBeard that cleans up the init.d script for Ubuntu. You need to copy the sample init scripts to /etc/init.d/ and make them executable, be sure to edit the sample configs a little to match your download directories and whatnot. Easy peasy. code:
Morkai fucked around with this message at 02:02 on Feb 20, 2012 |
# ? Feb 20, 2012 01:57 |
|
Morkai posted:I know this is a few pages back, and I didn't check to see if anyone else helped you fix this, but... Don't forget to update rc.d if you're manually adding init scripts. http://manpages.ubuntu.com/manpages/hardy/man8/update-rc.d.8.html
|
# ? Feb 20, 2012 03:33 |
|
Zom Aur posted:Mandriva has been unreliable lately, mostly from the developers almost abandoning the project and the community going for a fork (Mageia). The developers released a new version of mandriva some months ago, so who knows, they might get going again. Crap, I suppose since I've been installing it for years I don't notice the problems. Any thoughts on Mageia? I have the DVD but haven't tried it yet.
|
# ? Feb 20, 2012 07:35 |
|
soylent_green posted:Crap, I suppose since I've been installing it for years I don't notice the problems. Any thoughts on Mageia? I have the DVD but haven't tried it yet. dont skimp on the shrimp fucked around with this message at 08:32 on Feb 20, 2012 |
# ? Feb 20, 2012 08:26 |
|
What could be the reason for f.lux to not operate on my Leeenux v4 (a fork of Ubuntu 10.04)? When starting it from menu, nothing happens. From console I get: fluxgui Traceback (most recent call last): File "/usr/bin/fluxgui", line 19, in <module> import fluxgui ImportError: No module named fluxgui fluxgui-directory is under /usr/shared/pyshared and there is a file fluxgui.py. Should it be elsewhere? Same happens when running sudo fluxgui.
|
# ? Feb 20, 2012 10:53 |
|
I just wanted to mention that I started playing around with screen as an alternative to nohup and... wow. Why didn't anyone tell me how awesome it was?
|
# ? Feb 20, 2012 12:48 |
|
Social Animal posted:I just wanted to mention that I started playing around with screen as an alternative to nohup and... wow. Why didn't anyone tell me how awesome it was?
|
# ? Feb 20, 2012 12:49 |
|
spankmeister posted:You'll have to configure a new "array" with just the one disk in it (usually using JBOD) or if you can plug it into another disk controller on the motherboard and put that controller in AHCI mode. (or IDE emulation if AHCI is not available). quote:Hmm, strange. What distro are you running?
|
# ? Feb 20, 2012 14:00 |
|
A vague problem or situation: years and years ago, at an old workplace, I wrote a few bioinformatic web-services and installed them and some software on a server for other people to use. Time rolls on, I move onto another job. So recently-ish, my old employer ask me if I can do some some quick and easy contracting work for them: write a new webservice and install it on the server. Sure, I say. Of course, when I get to look at the server, it starts to get sticky. I go to use or install the usual set of tools (git, rvm, ruby) and get a rude surprise. No one has done anything to it since I left. It's running RHEL3. It hasn't got yum or any useful package manager. And all the usual package repositories seem to have disappeared a year or two ago. Crap. So, here I have several conflicting instincts: - Don't mess with things, everything is working now - But trying to deploy a new Rails/Hobo app without git and rvm is going to hurt - But trying to install git manually sent me into a spiral of dependencies - Surely there must be a RHEL3 repo out there somewhere. Other possibly salient facts - server is on intranet, so is not "at risk". Thank god. I know just enough sysadmin / Linux setup voodoo to hurt myself. I can't get local IT help. I don't want to spend too much time on this because I'm not getting paid for it. Gut instincts or opinions on what I should do?
|
# ? Feb 20, 2012 14:13 |
|
Bruce Hussein Daddy posted:There are like 6-8 slots for drives on the server, is it possible some of the other ones will "just work" (have a different controller)? I read up a little bit (google) on JBOD and didn't find anything that seemed like it would help? Well, probably not because you seem to have some Dell server, which has a hardware RAID solution built in. You should be able to find a manual for your specific controller on Dell's website, if you search for the model server you have. I don't have any personal experience with Dell controllers, but HP is similar and how it works is basically this: When you boot the server at some point some text will pop up saying: "Dell 5/i RAID controller" or something along those lines. It will have a keyboard combination you need to press to get into the menu. Once you're there you can configure a new array with the new disk. The array which should be JBOD (or RAID1 with one disk which is basically the same thing) and once you've done that it should show up in linux. Be sure to leave the currently configured array untouched. But yeah, look up the manual. quote:I have no idea (what that means). Type these commands to find out: uname -a cat /etc/issue and maybe: cat /etc/redhat-release cat /etc/SuSE-release spankmeister fucked around with this message at 14:24 on Feb 20, 2012 |
# ? Feb 20, 2012 14:22 |
|
outlier posted:So, here I have several conflicting instincts: Grab the data, wipe it, install a fresh dist. Anything else is too painful and risks breaking things badly. Annoying, but there's no telling when you'll be called back to do something else, so solve the problem now.
|
# ? Feb 20, 2012 14:48 |
|
Longinus00 posted:Don't forget to update rc.d if you're manually adding init scripts. Yup, forgot to put that in there. If you don't do this you'll be pulling your hair out trying to figure out why daemons won't start. I made that mistake ONCE. Never again. Social Animal posted:I just wanted to mention that I started playing around with screen as an alternative to nohup and... wow. Why didn't anyone tell me how awesome it was? dtach is another thing like that, useful sometimes when screen is overkill. Morkai fucked around with this message at 15:05 on Feb 20, 2012 |
# ? Feb 20, 2012 15:03 |
|
spankmeister posted:Awesome, thanks. Linux [domain-deleted] 2.6.18-8.el5 #1 SMP Fri Jan 26 14:15:14 EST 2007 x86_64 x86_64 x86_64 GNU/Linux Red Hat Enterprise Linux Server release 5 (Tikanga)
|
# ? Feb 20, 2012 15:39 |
|
spankmeister posted:Yeah if you run SSH open to the internet port scanners WILL find you and they WILL try to bruteforce you. A better solution would be to disable root logins through SSH and use a regular account to connect. Edit /etc/ssh/sshd_config (or the same file in the appropriate location for your distro) and ensure the following line is set appropriately: PermitRootLogin no Then setup your /etc/sudoers so that you can sudo from your regular account to do anything you'd do as root. The fail2ban (or alternatively denyhosts) recommendation is good in addition to this. You can set the number of failed attempts and then ban that IP from connecting using either hosts.deny or firewall rules. Additionally, if you want visibility into your system, setup logwatch and have it email you daily summaries of system activity. There is a section for sshd that will show you IPs and usernames attempted.
|
# ? Feb 20, 2012 15:45 |
|
Bruce Hussein Daddy posted:Red Hat Enterprise Linux Server release 5 (Tikanga) RHEL5 doesn't support ext4 (at least your kernel version doesn't), so go with ext3. Postal posted:Yeah I agree completely but didn't want to go into it.
|
# ? Feb 20, 2012 15:45 |
|
spankmeister posted:Yeah I agree completely but didn't want to go into it. I don't get many chances to nerd out in Linux security any longer, so I take them where I can get them.
|
# ? Feb 20, 2012 16:02 |
|
Why is it so hard to find a decent xfce theme?
|
# ? Feb 20, 2012 16:22 |
|
Thanks Winter Park Tech! http://www.youtube.com/watch?v=nKiOECFu1HE&feature=related I think I'm going to buy another identical drive, RAID them together like my original 160mb drives almost exactly like the dude in this video, then extend the logical volume onto the new virtual drive. If that is stupid or I am missing something someone please let me know.
|
# ? Feb 20, 2012 16:35 |
|
Bruce Hussein Daddy posted:Thanks Winter Park Tech! Good idea but what kind of drive did you buy? Because desktop drives these days are unsuitable for RAID-controllers due to the TLER-problem. I won't go into that but desktop drives have a tendency to drop out of arrays.
|
# ? Feb 20, 2012 16:47 |
|
spankmeister posted:Good idea but what kind of drive did you buy? Because desktop drives these days are unsuitable for RAID-controllers due to the TLER-problem. I won't go into that but desktop drives have a tendency to drop out of arrays. Dell 1TB 7.2k 3.5" SATA drive 3Gbs for PowerEdge 2970
|
# ? Feb 20, 2012 16:53 |
|
Bruce Hussein Daddy posted:Dell 1TB 7.2k 3.5" SATA drive 3Gbs for PowerEdge 2970
|
# ? Feb 20, 2012 17:02 |
|
Postal posted:A better solution would be to disable root logins through SSH and use a regular account to connect. Edit /etc/ssh/sshd_config (or the same file in the appropriate location for your distro) and ensure the following line is set appropriately: It was mentioned previously but you should also disable password logins and go with public key authentication.
|
# ? Feb 20, 2012 17:25 |
|
outlier posted:A vague problem or situation: years and years ago, at an old workplace, I wrote a few bioinformatic web-services and installed them and some software on a server for other people to use. Time rolls on, I move onto another job. So recently-ish, my old employer ask me if I can do some some quick and easy contracting work for them: write a new webservice and install it on the server. Sure, I say.
|
# ? Feb 20, 2012 18:08 |
|
Bruce Hussein Daddy posted:I know next to nothing about Linux, I am barely able to move around and do basic things. I have 2 problems. Let me get this straight: You're trying to copy a partition and it's data to another device? Hook the new drive up into your computer, create and then boot up a GParted LiveCD, select the old partition and choose copy, switch to the new drive and choose paste. GParted will duplicate the partition on the new drive provided there's enough unpartitioned space, then you can adjust the size of the partition after it's copied to cover the additional space. Admittedly, this is just how I did it as a consumer desktop person and not a server IT guy, but it was much easier than the CLI stuff in your link. Craptacular! fucked around with this message at 23:20 on Feb 20, 2012 |
# ? Feb 20, 2012 23:09 |
|
Craptacular! posted:Let me get this straight: You're trying to copy a partition and it's data to another device? It sounded like he wanted to extend a LVM partition onto another device. A bit different from what you're proposing.
|
# ? Feb 21, 2012 00:45 |
|
So after all the discussions of ssh security I decided to check the log on my server. I've got brute force attempts from a few people and it makes me feel unclean! I've got root login turned off and my username/pw is super tight. I feel like I should change the port to something like 4230 but overall is this something you have to live with? Should I do anything about the people attempting this? One of the IPs belongs to a range owned by a Ukrainian so it seems like a waste of time.
|
# ? Feb 21, 2012 06:03 |
|
Social Animal posted:So after all the discussions of ssh security I decided to check the log on my server. I've got brute force attempts from a few people and it makes me feel unclean! I've got root login turned off and my username/pw is super tight. I feel like I should change the port to something like 4230 but overall is this something you have to live with? Should I do anything about the people attempting this? One of the IPs belongs to a range owned by a Ukrainian so it seems like a waste of time. Enable public key auth and disable password auth. Mmake sure you can log in with your key before you disable the password Changing ports is a million times less effective than just using a keyfile. edit: The Something Awful Forums > Discussion > Serious Hardware / Software Crap > The Linux Question Thread: Use keyfile auth already angrytech fucked around with this message at 06:32 on Feb 21, 2012 |
# ? Feb 21, 2012 06:25 |
|
|
# ? May 10, 2024 00:04 |
|
Social Animal posted:So after all the discussions of ssh security I decided to check the log on my server. I've got brute force attempts from a few people and it makes me feel unclean! I've got root login turned off and my username/pw is super tight. I feel like I should change the port to something like 4230 but overall is this something you have to live with? Should I do anything about the people attempting this? One of the IPs belongs to a range owned by a Ukrainian so it seems like a waste of time. Yeah, it's pretty much natural. If you're bugged there's fail2ban, but as long as your user/pw are tight and root login is disabled, there's not much else to be done. Changing your ssh port is possible, but not really scalable -- I find it's too much to remember which port applies on which machine. I, too, want some kind of reverse-lookup slapping mechanism. Ed: ^^ that's also good too, but you'll still get the scanners in your log files.
|
# ? Feb 21, 2012 06:26 |