Hi all,
I've come across a nasty problem: I am 99.999% sure that the volume
transferred on my LuxDSL account, as reported by
http://volume.luxdsl.lu/index.jsp , doubles the amount for bittorrent
transfers (and e.g. not for ftp, according to my tests). And yes, I did take
care of upstream volumes, by using the --max_upload_rate option AND I checked
the statistics from my IPCop firewall (which obviously does take TCP overhead
into account). The conclusion is that bittorrent tranfers only are affected.
Any clues or similar experience? Thanks in advance.
CU
--
Alain LOUGE
Hi,
I am currently evaluating VMWare workstation 4.5.2 running on Slackware
10 as a host, and Windows XP as a guest. I am impressed how smooth
everything ran up to now, and seriously consider buying this piece of
software.
Has anybody got some experience with this? Maybe on a 2.6 kernel, other
Linux host distros, other guest OSes?
Also, the price tag is quite high - 189$. Do you know of any reseller
who offers the same at a lower price?
Regards,
-pu
Hi all,
as you may already know, the next LinuxDays installment is drawing
closer and closer - 25th and 26th of January, 2005.
http://www.linuxdays.lu/
LiLux is organizing two courses for the occasion, one a course for
beginners who'll learn there how to use a Linux desktop, the other
one about networking, from setting an IP address to configuring
VPNs and QoS. Each of these tutorials will last half a day (two
parts of 1 1/2 h each, the basic tutorial in the morning of january
25th, the network tutorial in the afternoon of january 25th).
Alain Knaff also got asked about a Samba part for the Server
Tutorial from the CRP, which sort of implies that he'd be doing
double duty with the packet filter part of the networking course.
Would anyone volunteer for the Samba part of the server tutorial
(1 1/2 hours, incl. practical exercises, probably difficult
questions from the audience, incl. questions about how to arm-wrest
MS Windows into cooperating, plus LDAP integration)?
Or else, would anyone volunteer for the packet filter part of
the LiLux network tutorial? The exact duration etc. remains to
be seen, chances are we'll discuss this at the next meeting this
thursday evening.
Greetings, Eric
Hello,
I am looking for a tool to synchronize an iPAQ PDA with a Linux
Computer. (Contacts, Calendar, data) Even simple file exchange would be
appreciated.
So far, I could only find instructions how to install Linux on a PDA,
which is not what I am looking for!
Does anybody have an idea about this subject?
Thanks for any help.
JJ Mouris
Hi all,
some of you may remember the thread some time ago regarding the quality
of text display. The bottom line for me was that, for a Linux desktop to
be appealing and easily readable, the following conditions all had to be
met:
1- no anti-aliasing
2- good fonts
3- freetype with the bytecode interpreter enabled.
My current desktop verifies these 3 and I am happy with it. However, I
had to tweak it because, out of the box,
1- anti-aliasing was not generally disabled
2- font were, well, not great, and
3- freetype was delivered with the bytecode interpreter disabled because
it is an US distro and Apple has a patent on that in the US.
As I have not tested all distros, can anybody tell me which distro meets
these 3 criteria? I am especially interested in the mainstream one's
like SuSE, Mandrake, Debian and Fedora.
Thanks for your feedback,
-pu
Hi,
I ran myself into some stupid trouble with my notebook here.
Thing is, I wanted to play around with the X.org X11 server a bit - this
didn't work out too well (froze my system as soon as I tried to activate
the driver for my synaptics touchpad), so I reverted to xfree86.
Now it seems that the keymaps don't get loaded properly by the X11
server. Symptom is, I can't access any combinations with Alt-Gr,
including such things as the pipe character or the @ (copy/pasted now),
which is extremely irritating.
I found the following in /var/log/XFree86.0.log:
(II) Keyboard "Keyboard1" handled by legacy driver
Couldn't load XKB keymap, falling back to pre-XKB keymap
(II) Server_Terminate keybinding not found
When I try setting things manually using setxkbmap, I get the following:
# setxkbmap -v -layout fr_CH
Warning! Multiple definitions of keyboard layout
Using command line, ignoring X server
Trying to build keymap using the following components:
keycodes: xfree86+aliases(qwerty)
types: complete
compat: complete
symbols: en_US(pc105)+fr_CH
geometry: pc(pc105)
Error loading new keyboard description
If I try loading an US layout, it also fails.
My /etc/X11/XF86Config says the following about the keyboard:
Section "InputDevice"
Identifier "Keyboard1"
Driver "Keyboard"
Option "AutoRepeat" "500 30"
Option "XkbRules" "xfree86"
Option "XkbModel" "pc105"
Option "XkbLayout" "fr_CH"
EndSection
The keymaps / locales etc. for fr_CH are on the system:
# ls -l `locate fr_CH`
-r--r--r-- 1 root root 1202 Oct 16 15:16 /usr/X11R6/lib/X11/xkb/keymap/sgi/fr_CH
-r--r--r-- 1 root root 1457 Oct 16 11:26 /usr/X11R6/lib/X11/xkb/symbols/fr_CH
-r--r--r-- 1 root root 722 Oct 16 11:26 /usr/X11R6/lib/X11/xkb/symbols/macintosh/fr_CH
-rw-r--r-- 1 root root 4524 Oct 17 12:34 /usr/share/i18n/locales/fr_CH
-rw-r--r-- 1 root root 961 Aug 21 13:12 /usr/share/keymaps/i386/qwertz/fr_CH-latin1.map.gz
-rw-r--r-- 1 root root 903 Aug 21 13:12 /usr/share/keymaps/i386/qwertz/fr_CH.map.gz
-rw-r--r-- 1 root root 805 Aug 21 13:12 /usr/share/keymaps/mac/all/mac-fr_CH-latin1.map.gz
I did some googling, found some hints, but nothing really working.
Any ideas on how I could fix this?
TIA, Eric
Hello,
Coditel seems to have upgraded my connection to 2Mbit/s. Last time when
they upgraded from 512Kbit/s to 1Mbit/s, they did inform me with a
written letter.
Here is a screenshot of a wget run: (I got 230 Kilobytes / sec)
http://www.kayoon.net/2mbit.png
Am I the only lucky customer on this list to have gotten 2 Mbit/s with
Coditel?
Greetings, Patrick Kaell
At 12:09 14.10.2004, Michel Kohl wrote:
>Two things would be interessent to try out with a test server exposed to
>the internet:
>
>- Will the attacks be already done when the ping packets would be ignored
>from the net?
>- What commands would be executed when they get access with a "stupid"
>root passwort (perhaps root)?
>
>Regards, Michel
>
>
>
>At 10:46 14.10.2004, Thierry Coutelier wrote:
>>-----BEGIN PGP SIGNED MESSAGE-----
>>Hash: SHA1
>>
>>Those ssh attacks are permanent on our server. At least 3 attempts/day
>>from different
>>IP addresses. It seems to be some standard script (nessus ?) as mostly
>>the pattern of
>>tests are the same.
>>
>>
>>Vincent Bremaud wrote:
>>| Oh yes, I jumped on my logs :-D
>>| Not surprisingly I found the same kind of attack, but the 3 october,
>>| including, of course, several attempts on root account ;-) Since it is
>>| deactivated for ssh, good luck for the attacker :-P
>>| I found also attacks the 25 september. Same kind of pattern and
>>| usernames. Could it be a Unix-type worm? Interresting specimen, I hadn't
>>| seen such thing as a Unix-type worm until now ;-P
>>|
>>| -----Message d'origine-----
>>| De: Eric Dondelinger <aim(a)vis.ethz.ch>
>>| A: lilux-help(a)linux.lu
>>| Date: 12/10/04
>>| Objet: [Lilux-help] cracking attempts - warning
>>|
>>| Hi,
>>|
>>| I've noticed yesterday evening and this morning (very shortly after
>>| turning on my router at home - on P&T ADSL) that there were attacks
>>| against my SSH server running - quite probably brute-force dictionary
>>| attacks.
>>|
>>| I've got quite some entries in my auth.log (extract):
>>|
>>| this morning:
>>| ----------------------------------------
>>| Oct 12 09:13:08 hermes sshd[543]: Failed password for illegal user
>>| wwwrun from 216.173.46.164 port 55039 ssh2
>>| Oct 12 09:13:09 hermes sshd[545]: Illegal user matt from 216.173.46.164
>>| Oct 12 09:13:09 hermes sshd[545]: error: Could not get shadow
>>| information for NOUSER
>>| Oct 12 09:13:09 hermes sshd[545]: Failed password for illegal user matt
>>| from 216
>>| .173.46.164 port 55067 ssh2
>>| Oct 12 09:13:11 hermes sshd[547]: Illegal user test from 216.173.46.164
>>| Oct 12 09:13:11 hermes sshd[547]: error: Could not get shadow
>>| information for NOUSER
>>| Oct 12 09:13:11 hermes sshd[547]: Failed password for illegal user test
>>| from 216
>>| .173.46.164 port 55100 ssh2
>>| Oct 12 09:13:13 hermes sshd[549]: Illegal user test from 216.173.46.164
>>| Oct 12 09:13:13 hermes sshd[549]: error: Could not get shadow
>>| information for NOUSER
>>| Oct 12 09:13:13 hermes sshd[549]: Failed password for illegal user test
>>| from 216
>>| .173.46.164 port 55134 ssh2
>>| Oct 12 09:13:15 hermes sshd[551]: Illegal user test from 216.173.46.164
>>|
>>| yesterday evening:
>>| ----------------------------------------
>>| Oct 11 19:38:44 hermes sshd[2051]: Illegal user frank from
>>| 213.240.168.200
>>| Oct 11 19:38:44 hermes sshd[2051]: error: Could not get shadow
>>| information for NOUSER
>>| Oct 11 19:38:44 hermes sshd[2051]: Failed password for illegal user
>>| frank from 2
>>| 13.240.168.200 port 40686 ssh2
>>| Oct 11 19:38:45 hermes sshd[2053]: Illegal user george from
>>| 213.240.168.200
>>| Oct 11 19:38:45 hermes sshd[2053]: error: Could not get shadow
>>| information for NOUSER
>>| Oct 11 19:38:45 hermes sshd[2053]: Failed password for illegal user
>>| george from
>>| 213.240.168.200 port 40710 ssh2
>>| Oct 11 19:38:46 hermes sshd[2055]: Illegal user henry from
>>| 213.240.168.200
>>| Oct 11 19:38:46 hermes sshd[2055]: error: Could not get shadow
>>| information for NOUSER
>>| Oct 11 19:38:46 hermes sshd[2055]: Failed password for illegal user
>>| henry from 2
>>| 13.240.168.200 port 40737 ssh2
>>| Oct 11 19:38:47 hermes sshd[2057]: Illegal user john from
>>| 213.240.168.200
>>| Oct 11 19:38:47 hermes sshd[2057]: error: Could not get shadow
>>| information for NOUSER
>>| Oct 11 19:38:47 hermes sshd[2057]: Failed password for illegal user john
>>| from 213.240.168.200 port 40757 ssh2
>>|
>>| ----------------------------------------
>>|
>>| I suspect these attempts are run from compromised machines, anyway I
>>| did try contacting the admin from yesterday evening's incident.
>>|
>>| I suppose all of you will want to check their logs, certainly if you're
>>| running an SSH server.
>>|
>>| I've reconfigured my own SSH server to listen on a non-standard
>>| port for now (check /etc/ssh/sshd_config), in addition to my
>>| relatively hard-to-crack passwords (designed not to fall prey to
>>| "normal" dictionary attacks).
>>|
>>| I guess "they" are out there...
>>|
>>| Greets Eric
>>|
>>| _______________________________________________
>>| Lilux-help mailing list
>>| Lilux-help(a)lilux.lu
>>| http://lilux.lu/mailman/listinfo/lilux-help
>>|
>>| ___[ Pub ]____________________________________________________________
>>| Inscrivez-vous gratuitement sur Tandaime, Le site de rencontres !
>>| http://rencontre.rencontres.com/index.php?origine=4
>>|
>>|
>>| _____________________________________________________________________
>>| Un mot doux à envoyer? Une sortie ciné à organiser? Faites le en temps
>>| réel avec MSN Messenger! C'est gratuit! http://ifrance.com/_reloc/m
>>|
>>|
>>| _______________________________________________
>>| Lilux-help mailing list
>>| Lilux-help(a)lilux.lu
>>| http://lilux.lu/mailman/listinfo/lilux-help
>>
>>
>>- --
>>Thierry Coutelier Président LiLux asbl
>>7, Rue Jacques Sturm L-2556 Luxembourg
>>Office:+352 710725 608 Home:+352 406776
>>http://www.lilux.lu/
>>
>>-----BEGIN PGP SIGNATURE-----
>>Version: GnuPG v1.2.4 (GNU/Linux)
>>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>>
>>iD8DBQFBbjz/POfrcNNQX7oRAr87AJ41NC1qyMQL1QO8R8vnKVX1pXODWwCgtqTP
>>HXmAMCQxaoqM12wOy1UaWEU=
>>=n1jH
>>-----END PGP SIGNATURE-----
>>_______________________________________________
>>Lilux-help mailing list
>>Lilux-help(a)lilux.lu
>>http://lilux.lu/mailman/listinfo/lilux-help
Oh yes, I jumped on my logs :-D
Not surprisingly I found the same kind of attack, but the 3 october,
including, of course, several attempts on root account ;-) Since it is
deactivated for ssh, good luck for the attacker :-P
I found also attacks the 25 september. Same kind of pattern and
usernames. Could it be a Unix-type worm? Interresting specimen, I hadn't
seen such thing as a Unix-type worm until now ;-P
-----Message d'origine-----
De: Eric Dondelinger <aim(a)vis.ethz.ch>
A: lilux-help(a)linux.lu
Date: 12/10/04
Objet: [Lilux-help] cracking attempts - warning
Hi,
I've noticed yesterday evening and this morning (very shortly after
turning on my router at home - on P&T ADSL) that there were attacks
against my SSH server running - quite probably brute-force dictionary
attacks.
I've got quite some entries in my auth.log (extract):
this morning:
----------------------------------------
Oct 12 09:13:08 hermes sshd[543]: Failed password for illegal user
wwwrun from 216.173.46.164 port 55039 ssh2
Oct 12 09:13:09 hermes sshd[545]: Illegal user matt from 216.173.46.164
Oct 12 09:13:09 hermes sshd[545]: error: Could not get shadow
information for NOUSER
Oct 12 09:13:09 hermes sshd[545]: Failed password for illegal user matt
from 216
.173.46.164 port 55067 ssh2
Oct 12 09:13:11 hermes sshd[547]: Illegal user test from 216.173.46.164
Oct 12 09:13:11 hermes sshd[547]: error: Could not get shadow
information for NOUSER
Oct 12 09:13:11 hermes sshd[547]: Failed password for illegal user test
from 216
.173.46.164 port 55100 ssh2
Oct 12 09:13:13 hermes sshd[549]: Illegal user test from 216.173.46.164
Oct 12 09:13:13 hermes sshd[549]: error: Could not get shadow
information for NOUSER
Oct 12 09:13:13 hermes sshd[549]: Failed password for illegal user test
from 216
.173.46.164 port 55134 ssh2
Oct 12 09:13:15 hermes sshd[551]: Illegal user test from 216.173.46.164
yesterday evening:
----------------------------------------
Oct 11 19:38:44 hermes sshd[2051]: Illegal user frank from
213.240.168.200
Oct 11 19:38:44 hermes sshd[2051]: error: Could not get shadow
information for NOUSER
Oct 11 19:38:44 hermes sshd[2051]: Failed password for illegal user
frank from 2
13.240.168.200 port 40686 ssh2
Oct 11 19:38:45 hermes sshd[2053]: Illegal user george from
213.240.168.200
Oct 11 19:38:45 hermes sshd[2053]: error: Could not get shadow
information for NOUSER
Oct 11 19:38:45 hermes sshd[2053]: Failed password for illegal user
george from
213.240.168.200 port 40710 ssh2
Oct 11 19:38:46 hermes sshd[2055]: Illegal user henry from
213.240.168.200
Oct 11 19:38:46 hermes sshd[2055]: error: Could not get shadow
information for NOUSER
Oct 11 19:38:46 hermes sshd[2055]: Failed password for illegal user
henry from 2
13.240.168.200 port 40737 ssh2
Oct 11 19:38:47 hermes sshd[2057]: Illegal user john from
213.240.168.200
Oct 11 19:38:47 hermes sshd[2057]: error: Could not get shadow
information for NOUSER
Oct 11 19:38:47 hermes sshd[2057]: Failed password for illegal user john
from 213.240.168.200 port 40757 ssh2
----------------------------------------
I suspect these attempts are run from compromised machines, anyway I
did try contacting the admin from yesterday evening's incident.
I suppose all of you will want to check their logs, certainly if you're
running an SSH server.
I've reconfigured my own SSH server to listen on a non-standard
port for now (check /etc/ssh/sshd_config), in addition to my
relatively hard-to-crack passwords (designed not to fall prey to
"normal" dictionary attacks).
I guess "they" are out there...
Greets Eric
_______________________________________________
Lilux-help mailing list
Lilux-help(a)lilux.lu
http://lilux.lu/mailman/listinfo/lilux-help
___[ Pub ]____________________________________________________________
Inscrivez-vous gratuitement sur Tandaime, Le site de rencontres !
http://rencontre.rencontres.com/index.php?origine=4
_____________________________________________________________________
Un mot doux à envoyer? Une sortie ciné à organiser? Faites le en temps
réel avec MSN Messenger! C'est gratuit! http://ifrance.com/_reloc/m
Hi,
I've noticed yesterday evening and this morning (very shortly after
turning on my router at home - on P&T ADSL) that there were attacks
against my SSH server running - quite probably brute-force dictionary
attacks.
I've got quite some entries in my auth.log (extract):
this morning:
----------------------------------------
Oct 12 09:13:08 hermes sshd[543]: Failed password for illegal user wwwrun from 216.173.46.164 port 55039 ssh2
Oct 12 09:13:09 hermes sshd[545]: Illegal user matt from 216.173.46.164
Oct 12 09:13:09 hermes sshd[545]: error: Could not get shadow information for NOUSER
Oct 12 09:13:09 hermes sshd[545]: Failed password for illegal user matt from 216
.173.46.164 port 55067 ssh2
Oct 12 09:13:11 hermes sshd[547]: Illegal user test from 216.173.46.164
Oct 12 09:13:11 hermes sshd[547]: error: Could not get shadow information for NOUSER
Oct 12 09:13:11 hermes sshd[547]: Failed password for illegal user test from 216
.173.46.164 port 55100 ssh2
Oct 12 09:13:13 hermes sshd[549]: Illegal user test from 216.173.46.164
Oct 12 09:13:13 hermes sshd[549]: error: Could not get shadow information for NOUSER
Oct 12 09:13:13 hermes sshd[549]: Failed password for illegal user test from 216
.173.46.164 port 55134 ssh2
Oct 12 09:13:15 hermes sshd[551]: Illegal user test from 216.173.46.164
yesterday evening:
----------------------------------------
Oct 11 19:38:44 hermes sshd[2051]: Illegal user frank from 213.240.168.200
Oct 11 19:38:44 hermes sshd[2051]: error: Could not get shadow information for NOUSER
Oct 11 19:38:44 hermes sshd[2051]: Failed password for illegal user frank from 2
13.240.168.200 port 40686 ssh2
Oct 11 19:38:45 hermes sshd[2053]: Illegal user george from 213.240.168.200
Oct 11 19:38:45 hermes sshd[2053]: error: Could not get shadow information for NOUSER
Oct 11 19:38:45 hermes sshd[2053]: Failed password for illegal user george from
213.240.168.200 port 40710 ssh2
Oct 11 19:38:46 hermes sshd[2055]: Illegal user henry from 213.240.168.200
Oct 11 19:38:46 hermes sshd[2055]: error: Could not get shadow information for NOUSER
Oct 11 19:38:46 hermes sshd[2055]: Failed password for illegal user henry from 2
13.240.168.200 port 40737 ssh2
Oct 11 19:38:47 hermes sshd[2057]: Illegal user john from 213.240.168.200
Oct 11 19:38:47 hermes sshd[2057]: error: Could not get shadow information for NOUSER
Oct 11 19:38:47 hermes sshd[2057]: Failed password for illegal user john from 213.240.168.200 port 40757 ssh2
----------------------------------------
I suspect these attempts are run from compromised machines, anyway I
did try contacting the admin from yesterday evening's incident.
I suppose all of you will want to check their logs, certainly if you're
running an SSH server.
I've reconfigured my own SSH server to listen on a non-standard
port for now (check /etc/ssh/sshd_config), in addition to my
relatively hard-to-crack passwords (designed not to fall prey to
"normal" dictionary attacks).
I guess "they" are out there...
Greets Eric
