s5h.net

“fresh linux news and advice.”

arrow Info

2005-08
2005-07
2005-06
2005-05
2005-09
2005-10
2005-11
2005-12
2006-01
2006-02
2006-03
2006-04
2006-05
2006-06
2006-07
2006-08
2006-09
2006-10
2006-11
2006-12
2007-01
2007-02
2007-03
2007-04
2007-05
2007-06
2007-07
2007-08
2007-09
2007-10
2007-11
2007-12
2008-01
2008-02
2008-03
2008-04
2008-05
2008-06
2008-07
2008-08
2008-09
2008-10
2008-11

The linux news section is submitted by Roy Schestowitz, many thanks!

illustration

more here.

arrow Links


puce2005-07-31 qmr openbsd

Have just finished the segment for www.qmailrocks.org, this will be on their page when the files are reformatted I guess.

Things here are not getting any closer to a SQL DB, I know I should make this SQL based then I can limit the page size a bit to reduce the load times. Never mind.

puce2005-07-25 haxx0rs me

I really hate blackhatters, or people who just want to abuse systems. I really, really hate them. One of the boxes that I look after was brute force attacked. I had a good backup plan which paid off. It's pretty system specific but anyone who has used UNIX systems for a while will probably use something similar. Well, I'm making it a short task of mine to document all the scripts and stuff that I've got all over the place to do jobs, otherwise, dare I say it, people wont know how I've set things up.

It still baffles me why there are a small group of people who want to break into systems, what the heck are they going to find besides a few personal notes. Even if they wanted to use this box as a mail gateway it would not have sent much mail before I noticed something on the bandwidth grapher.

Answers on a post card please.

Ok, so you want the latest OpenBSD on a CD install do you, and the floppy net install isn't good enough? Well, that's ok, but you don't get cool stuff that you get when you buy the CD set from their online store, like the cool stickers and the excellent CD inlay.

  1. mkdir OpenBSD
  2. mkdir OpenBSD/3.7
  3. mkdir OpenBSD/3.7/i386
  4. cd OpenBSD/3.7/i386
  5. wget ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/*
  6. cd ../../../
  7. mkisofs -r -b 3.7/i386/cdrom37.fs -c "boot.catalog" -o ./cd.iso OpenBSD

So what we've just done is made the 150-ish meg boot CD. Please note, this is just not as cool as getting the correct disk set, I have the 3.5 set and the whole deal is so cool, I also have a couple of very good books on BSD. It's worth noting that OpenBSD has a very good document set that is sadly lacking in the Linux world, check out the difference in the various 'ls' man pages. [bsd] [linux].

puce2005-07-19 qmr progression

Well, two things really.

The first is that the QMR guide is looking more offical, Eric Siegel has put a note in his journal stating that there is a OpenBSD guide comming soon.

The second is that I like to read the writings of others who have countless hours of experience in UNIX/Linux. ESR (Eric Raymond) has written 'The art of unix programming', and made it available on both paper[1] and the net[2].

puce2005-07-17 qmail

I'm currently working on a section for a well known qmail guide. I hope it's useful to the people who helped me get setup in the first place. I'll post the link when its completed.

Too few people are using highly advanced UNIX systems such as OpenBSD and this guide should make the systems more accessible for those who would otherwise not have been able to.

One of the major points I hope to bring out is the methods available to avoid spam delivery.

puce2005-07-16 ftp sucks

FTP sucks. SFTP is the way forward.

At least that is how it appears on the surface. In FTP transmissions the connection is eaither ACTIVE or PASSIVE. With active mode the client tells the server where to connect to in order to send data, such as a directory listing. This is all well and good if the client is not behind a firewall, or NAT router. With passive mode the client tells the server where the client is going to connect so that the server and reply on that socket with the data. This is all well and good if the server has the high port numbers exposed.

I have stumbled across SFTP while looking at methods of allowing SCP to transfer the data. SCP is a single connection TCP protocol. This allows the client who may or may not be behind a firewall to connect to a server which may or may not be behind a firewall and transfer data. This all goes on over the SSH protocol. This truely brilliant. But the client must be late enough to support the SSH protocol. WinSCP is an example of such a client. Nearly every distribution of UNIX in the past 5 years will have OpenSSH, which itself has had possibly one exploit in the past 5 years.

As far as a replacement for FTP goes, SFTP has one major disadvantage. It requires a copy of the shared libraries in the use's chroot directory in order to jail a user to their home directory. This copy is about 5meg and will probably be included in daily backups.

puce2005-07-14 Debian is cool

Debian unstable is the coolest way to get the latest packages, but when some packages break you might want to downgrade. Well, this can be a tricky business.

Thankfully Debian have a nice tool called 'dpkg' if you loose apt. So, what happens if you loose all your apt tools you might ask. Well if you did ask that I'm glad because this is what you might have to do:

dpkg --force=all -i /var/cache/apt/archives/base-files_3.1.6_i386.deb

If you get your base files installed getting apt installed after should go without a problem, its just if base files needs downgrading then apt's dependencies need to be dealt with manually.

one zest © 2006

Validate XHTML 1.0 Strict