From davidb-ucc at rcpt.to Thu Aug 2 14:04:12 2001 From: davidb-ucc at rcpt.to (David Basden) Date: Wed Oct 27 01:23:23 2004 Subject: [tech] GPG In-Reply-To: <20010709202545.A27475@morwong.ucc.gu.uwa.edu.au>; from grahame@ucc.gu.uwa.edu.au on Mon, Jul 09, 2001 at 08:25:45PM +0800 References: <5.1.0.14.0.20010709184620.009eb440@mail.ii.net> <20010709202545.A27475@morwong.ucc.gu.uwa.edu.au> Message-ID: <20010802140412.G8110@fluff> On Mon, Jul 09, 2001 at 08:25:45PM +0800, Grahame Bowland wrote: > On Mon, Jul 09, 2001 at 06:47:11PM +0800, Anil Sharma wrote: > > is there anyway of using GPG at ucc without having to trust wheel members > > not stealing my private key? > > No - if you use a passphrase we'll just take it off you! > > You can't use GPG usefully on untrusted machines :] Just to be a pedantic bastard, you can't really use GPG or SSH on untrusted machines; It's quite possible that the binary has been compromised to (say) log paraphrases with a couple of lines of code. Your unlocked private key is also in memory, but thats going to be a bit less easy to exploit without thinking about it ;-) David (Who has probably been spending waaaay too much time thinking about security lately) From grahame at ucs.uwa.edu.au Thu Aug 2 14:59:35 2001 From: grahame at ucs.uwa.edu.au (Grahame Bowland) Date: Wed Oct 27 01:23:25 2004 Subject: [tech] GPG In-Reply-To: <20010802140412.G8110@fluff> References: <5.1.0.14.0.20010709184620.009eb440@mail.ii.net> <20010709202545.A27475@morwong.ucc.gu.uwa.edu.au> <20010802140412.G8110@fluff> Message-ID: <996735575.31118.4.camel@typhaon> On 02 Aug 2001 14:04:12 +0800, David Basden wrote: > On Mon, Jul 09, 2001 at 08:25:45PM +0800, Grahame Bowland wrote: > > On Mon, Jul 09, 2001 at 06:47:11PM +0800, Anil Sharma wrote: > > > is there anyway of using GPG at ucc without having to trust wheel members > > > not stealing my private key? > > > > No - if you use a passphrase we'll just take it off you! > > > > You can't use GPG usefully on untrusted machines :] > > Just to be a pedantic bastard, you can't really use GPG or SSH on > untrusted machines; It's quite possible that the binary has been > compromised to (say) log paraphrases with a couple of lines of code. That's exactly my point. What I do is to not trust UCC at all, and just give it my public SSH key. When I ssh in to UCC there's just some exchange of information to confirm that I really do have the private key to match that public key - the passphrase isn't sent to UCC at all. -- Grahame Bowland, Network and Systems Administrator University Communications Services, The University of Western Australia Phone: +61 8 9380 1175 From davidb-ucc at rcpt.to Thu Aug 2 15:16:26 2001 From: davidb-ucc at rcpt.to (David Basden) Date: Wed Oct 27 01:23:26 2004 Subject: [tech] GPG In-Reply-To: <996735575.31118.4.camel@typhaon>; from grahame@ucs.uwa.edu.au on Thu, Aug 02, 2001 at 02:59:35PM +0800 References: <5.1.0.14.0.20010709184620.009eb440@mail.ii.net> <20010709202545.A27475@morwong.ucc.gu.uwa.edu.au> <20010802140412.G8110@fluff> <996735575.31118.4.camel@typhaon> Message-ID: <20010802151626.H8110@fluff> On Thu, Aug 02, 2001 at 02:59:35PM +0800, Grahame Bowland wrote: > > > You can't use GPG usefully on untrusted machines :] > > > > Just to be a pedantic bastard, you can't really use GPG or SSH on > > untrusted machines; It's quite possible that the binary has been > > compromised to (say) log paraphrases with a couple of lines of code. > > That's exactly my point. What I do is to not trust UCC at all, and just > give it my public SSH key. When I ssh in to UCC there's just some > exchange of information to confirm that I really do have the private key > to match that public key - the passphrase isn't sent to UCC at all. Arrrg. Sorry. Read 'can't' as 'can'. I think I need more sleep. Oh, and they can probably compromise your private key on a case-by-case basis if you're using agent forwarding through untrusted hosts. Using Mikolaj's agent works around this. David From dunc-mail-1315732 at rcpt.to Thu Aug 2 15:49:55 2001 From: dunc-mail-1315732 at rcpt.to (Duncan Sargeant) Date: Wed Oct 27 01:23:26 2004 Subject: [tech] GPG In-Reply-To: <20010802140412.G8110@fluff> Message-ID: <20010802154955.A32511@typhaon.ucs.uwa.edu.au> David Basden wrote on Thu August 02, at 14:04 +0800: > Your unlocked private key is also in memory, but thats going to be > a bit less easy to exploit without thinking about it ;-) But such a tool would have a useful and valid purpose. I forgot my passphrase once ... but days later my agent was still running. ,dunc From mtearle at tearle.com Fri Aug 3 12:41:34 2001 From: mtearle at tearle.com (Mark Tearle) Date: Wed Oct 27 01:23:26 2004 Subject: [tech] sendmail on mooneye Message-ID: Hiya It appears somebody had had a half-hearted attempt to update it and in the process managed to break it's ability to update the aliases, c'mon, fess up :) Anyhow, it's fixed now ... and should be working... Yours Mark PS. This is a cunningly disguised test -- Mark Tearle - mark@tearle.com "The only good is knowledge and the only evil is ignorance." - Socrates From devenish at ucc.gu.uwa.edu.au Fri Aug 3 12:49:45 2001 From: devenish at ucc.gu.uwa.edu.au (James Devenish) Date: Wed Oct 27 01:23:26 2004 Subject: [tech] sendmail on mooneye In-Reply-To: ; from mtearle@tearle.com on Fri, Aug 03, 2001 at 12:41:34PM +0800 References: Message-ID: <20010803124945.A458869@morwong.ucc.gu.uwa.edu.au> On Fri, Aug 03, 2001 at 12:41:34PM +0800, Mark Tearle wrote: > It appears somebody had had a half-hearted attempt to update it and > in the process managed to break it's ability to update the aliases, T'was I, t'was I. I was removing all the spurious apostrophes from possessive 'its' and I just got carried away... PS. Of course it wasn't me. From mtearle at tearle.com Sat Aug 4 16:21:07 2001 From: mtearle at tearle.com (Mark Tearle) Date: Wed Oct 27 01:23:27 2004 Subject: [tech] mail working again Message-ID: Hiya mail was down on mooneye for some periods in the last 24 hours, sendmail was randomly dying because the package dependencies didn't upgrade correctly... (libsasl & friends) It should be fixed now... Yours Mark -- Mark Tearle - mark@tearle.com "The only good is knowledge and the only evil is ignorance." - Socrates From mtearle at ucc.gu.uwa.edu.au Sat Aug 4 16:50:31 2001 From: mtearle at ucc.gu.uwa.edu.au (Mark Tearle) Date: Wed Oct 27 01:23:27 2004 Subject: [tech] mail working again In-Reply-To: Message-ID: On Sat, 4 Aug 2001, Mark Tearle wrote: > Hiya > > mail was down on mooneye for some periods in the last 24 hours, sendmail > was randomly dying because the package dependencies didn't upgrade > correctly... (libsasl & friends) > > It should be fixed now... > > Yours > Mark and some other minor config tweaks to make it behave sensibly when mooneye's load skyrockets.... Yours Mark -- Mark Tearle - mark@tearle.com "The only good is knowledge and the only evil is ignorance." - Socrates From james at rcpt.to Sun Aug 5 00:36:29 2001 From: james at rcpt.to (James Bromberger) Date: Wed Oct 27 01:23:28 2004 Subject: [tech] mail working again In-Reply-To: References: Message-ID: <20010805003629.A32117@ucc.gu.uwa.edu.au> On Sat, Aug 04, 2001 at 04:21:07PM +0800, Mark Tearle wrote: > mail was down on mooneye for some periods in the last 24 hours, sendmail > was randomly dying because the package dependencies didn't upgrade > correctly... (libsasl & friends) > > It should be fixed now... I was also looking at mooneye (because of the mail problem). I upgraded more packages against what had been selected (Woody). I have left around 10 packages not upgraded; someone can do them when they are present in the clubroom... things like kernel upgrade, mailman, etc. I am running mailman 1.0.6 on unstable, and it is fine, but just in case. Everything else went pretty smoothly. James -- James Bromberger www.rcpt.to/~james Remainder moved to http://www.rcpt.to/~james/james/sig.html -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://lists.ucc.gu.uwa.edu.au/pipermail/tech/attachments/20010805/95e6167b/attachment.pgp From mtearle at ucc.gu.uwa.edu.au Sun Aug 5 02:42:53 2001 From: mtearle at ucc.gu.uwa.edu.au (Mark Tearle) Date: Wed Oct 27 01:23:28 2004 Subject: [tech] mail working again In-Reply-To: <20010805003629.A32117@ucc.gu.uwa.edu.au> Message-ID: On Sun, 5 Aug 2001, James Bromberger wrote: > I was also looking at mooneye (because of the mail problem). I upgraded > more packages against what had been selected (Woody). I have left around > 10 packages not upgraded; someone can do them when they are present in > the clubroom... things like kernel upgrade, mailman, etc. I am running > mailman 1.0.6 on unstable, and it is fine, but just in case. > > Everything else went pretty smoothly. > > James mailman is intentionally being held back, I'm waiting for the 2.1 release or early betas of it. The UCC union list hack is in the part of the code that they are working on heavily for 2.1 and I can't be bothered making it work for 2.0 only to have to redo it soon. Yours Mark -- Mark Tearle - mark@tearle.com "The only good is knowledge and the only evil is ignorance." - Socrates From maset at ucc.gu.uwa.edu.au Sun Aug 5 15:29:20 2001 From: maset at ucc.gu.uwa.edu.au (Anil Sharma ) Date: Wed Oct 27 01:23:29 2004 Subject: [tech] pop on mooneye Message-ID: cucipop doesn't seem to be working. I tried starting it as a daemon (/etc/init.d/cucipop) and standalone (by uncommenting stuff in /etc/inetd.conf). Port 110 is now open on mooneye, but doesn't seem to be authenticating properly. Maset the Grandiose. ------------------------------------------------- Without suffering, how can one appreciate happiness? And how would we mark the depths of our sorrow, without the light of hope? From mtearle at ucc.gu.uwa.edu.au Sun Aug 5 16:06:53 2001 From: mtearle at ucc.gu.uwa.edu.au (Mark Tearle) Date: Wed Oct 27 01:23:29 2004 Subject: [tech] pop on mooneye In-Reply-To: Message-ID: On Sun, 5 Aug 2001, Anil Sharma wrote: > Subject: [tech] pop on mooneye > > cucipop doesn't seem to be working. I tried starting it as a daemon > (/etc/init.d/cucipop) and standalone (by uncommenting stuff in > /etc/inetd.conf). Port 110 is now open on mooneye, but doesn't seem to be > authenticating properly. > > Maset the Grandiose. It's still running from inetd but I changed it from running as user mail to root -> ergo, it should be able to read the passwords now... Yours MArk -- Mark Tearle - mark@tearle.com "The only good is knowledge and the only evil is ignorance." - Socrates From maset at ucc.gu.uwa.edu.au Sun Aug 5 16:57:57 2001 From: maset at ucc.gu.uwa.edu.au (Anil Sharma ) Date: Wed Oct 27 01:23:29 2004 Subject: [tech] IMAP and NFS Message-ID: was reading some imapd docs, and they specifically stated not to use IMAP with NFS due to file locking problems (resulting in silently lost email). Is this a problem with UCC atm? Maset the Grandiose. ------------------------------------------------- Without suffering, how can one appreciate happiness? And how would we mark the depths of our sorrow, without the light of hope? From michael at ucc.gu.uwa.edu.au Sun Aug 5 21:02:06 2001 From: michael at ucc.gu.uwa.edu.au (Michael Deegan) Date: Wed Oct 27 01:23:29 2004 Subject: [tech] IMAP and NFS In-Reply-To: Message-ID: <20010805210206.B2776@wibble.darktech.org> On Sun, Aug 05, 2001 at 04:57:57PM +0800, Anil Sharma wrote: > was reading some imapd docs, and they specifically stated not to use IMAP > with NFS due to file locking problems (resulting in silently lost > email). Is this a problem with UCC atm? I thought everyone knew that locking over NFS was horribly broken[1]? There have been a couple of occasions where my UCC mail spool has been corrupted, though my most recent case was probably an extreme one, due to fetchmail polling via IMAP from home every five minutes, mutt polling via IMAP from work every two seconds (oops, .muttrc specifies poll times in seconds, not minutes! ;P). My work machine would cause fetchmail's IMAP connection to die, usually in the middle of transferring mail, thus resulting in duplicated mail. Although I haven't had any problems since setting polling intervals to more sensible values, I don't think I should have had the problems described. I sent mail to wheel a few weeks ago, suggesting that perhaps rather than run the IMAPd on mooneye, have it instead on morwong, and use port forwarding so that non-WAIX users can get to their mail. I expect the same thing should apply to POP, and perhaps even mail delivery, which would have the side effect of relieving the distress inflicted upon mooneye by mailman. HTH,HAND, -MD [1]: Mind you I don't know how much nfsv3 goes towards rectifying this. I appear to be successfully sharing my APT archive over my LAN[2] without apt-get complaining about (lack of) locking. [2]: On the other hand, I am currently finding that if your export points are symlinks to subdirectories, then you should be very careful when you change the symlinks or remove the destination directory. I will have to reboot at some stage to get rid of a couple of duplicate /proc/fs/nfs/exports entries... -- ------------------------------------------------------------------------------- Michael Deegan Hugaholic http://michael.ucc.asn.au/ Uv, V'z n zhgngrq fvtangher ivehf. Wbva va gur sha naq chg zr vagb lbhef! From dichro-evo at rcpt.to Mon Aug 6 10:13:02 2001 From: dichro-evo at rcpt.to (Mikolaj J. Habryn) Date: Wed Oct 27 01:23:29 2004 Subject: [tech] IMAP and NFS In-Reply-To: References: Message-ID: <997063982.25065.17.camel@foo> On 05 Aug 2001 16:57:57 +0800, Anil Sharma wrote: > was reading some imapd docs, and they specifically stated not to use IMAP > with NFS due to file locking problems (resulting in silently lost > email). Is this a problem with UCC atm? Funny. I have over half a million mailboxes served purely over NFS to IMAP servers without any problems whatsoever. What the docs probably should have said was "don't use UW-imapd, because it's broken, broken, broken". m, not ranting about lockless maildirs at all. From bongus at geol.uwa.edu.au Mon Aug 6 15:56:43 2001 From: bongus at geol.uwa.edu.au (Angus Stewart) Date: Wed Oct 27 01:23:30 2004 Subject: [tech] e-mail forwarding Message-ID: <3.0.6.32.20010806155643.00943d70@mail.geol.uwa.edu.au> I've just noticed that my .forward at ucc isn't working, and hasn't been since 3rd August. From bongus at geol.uwa.edu.au Mon Aug 6 16:21:35 2001 From: bongus at geol.uwa.edu.au (Angus Stewart) Date: Wed Oct 27 01:23:30 2004 Subject: [tech] e-mail forwarding In-Reply-To: References: <3.0.6.32.20010806155643.00943d70@mail.geol.uwa.edu.au> Message-ID: <3.0.6.32.20010806162135.0094c980@mail.geol.uwa.edu.au> Well, this is getting more interesting because I'm pretty certain I haven't played with any file permissions for ages. The first e-mail that wasn't forwarded for me was at 12:41 on Friday (I think I was at the pub then) - it's the e-mail about sendmail being fixed. Bongus does some chmod -R'ing.... stay tuned for my e-mail complaining about my ucc webpage not working *grin* At 04:10 PM 8/6/01 +0800, you wrote: >On Mon, 6 Aug 2001, Angus Stewart wrote: > >> Date: Mon, 06 Aug 2001 15:56:43 >> From: Angus Stewart >> To: tech@ucc.gu.uwa.edu.au >> Subject: [tech] e-mail forwarding >> >> I've just noticed that my .forward at ucc isn't working, and hasn't been >> since 3rd August. > >That's be because it's group writeable .... > >16:08 mooneye[502]:~>ls -l ~bongus/.forward >-rw-rw-r-- 1 bongus gumby 23 Aug 24 2000 /home/ucc/bongus/.forward > >I'll leave it to you to fix, and mail tech@ucc... > >Yours >Mark >-- >Mark Tearle - mark@tearle.com > > "The only good is knowledge and the only evil is ignorance." - Socrates > > > From andreww at calm.wa.gov.au Mon Aug 6 16:23:06 2001 From: andreww at calm.wa.gov.au (Andrew Williams) Date: Wed Oct 27 01:23:30 2004 Subject: [tech] e-mail forwarding In-Reply-To: <3.0.6.32.20010806162135.0094c980@mail.geol.uwa.edu.au> Message-ID: On Mon, 06 Aug 2001 16:21:35, Angus Stewart wrote: >Well, this is getting more interesting because I'm pretty certain I haven't >played with any file permissions for ages. >>> I've just noticed that my .forward at ucc isn't working, and hasn't been >>> since 3rd August. >> >>That's be because it's group writeable .... A sendmail upgrade seems to have turned many paranoid security options on by default. My .forward to redirect a copy of all mail to a local file broke at the same time. Andrew From trs80 at ucc.gu.uwa.edu.au Mon Aug 6 17:00:42 2001 From: trs80 at ucc.gu.uwa.edu.au (James Andrewartha) Date: Wed Oct 27 01:23:30 2004 Subject: [tech] flying Message-ID: I've firewalled flying (the wavelan router) to 130.95.13.0/24, and installed ntpd on it. hydra could also do with ntpd, it's about 6 minutes behind the times. *ducks* -- "There's nobody getting rich | TRS-80 UCC Treasurer writing software that I | Email: trs80(a)ucc.gu.uwa.edu.au know of" - Bill Gates, 1980 | Web: http://trs80.ucc.asn.au/ From grahame at ucs.uwa.edu.au Mon Aug 6 17:35:55 2001 From: grahame at ucs.uwa.edu.au (Grahame Bowland) Date: Wed Oct 27 01:23:30 2004 Subject: [tech] Disk space Message-ID: <997090555.31527.22.camel@typhaon> morwong:~> du -hs 779k There may be a bit more space on morwong now. - Grahame From packrat at tartarus.uwa.edu.au Fri Aug 10 12:57:41 2001 From: packrat at tartarus.uwa.edu.au (Bruce Murphy) Date: Wed Oct 27 01:23:30 2004 Subject: [tech] sparc 20 (loan) Message-ID: <200108100457.MAA30245@tartarus.uwa.edu.au> I was wondering if the UCC would be interested in having a clone sparcserver 20 sitting around the clubroom. Unsure of the configuration it'll end up with, probaby a sm51 with 64Mb or maybe a touch more memory. Oh, and a brace of 4gb disks. Do let me know. B> -- Packrat (BSc/BE;COSO;Wombat Implementor) Nihil illegitemi carborvndvm. From japester at ucc.gu.uwa.edu.au Tue Aug 14 17:11:06 2001 From: japester at ucc.gu.uwa.edu.au (Jean-Paul Blaquiere) Date: Wed Oct 27 01:23:31 2004 Subject: [tech] scsi boxes and burners Message-ID: <20010814171106.A214533@morwong.ucc.gu.uwa.edu.au> the scsi box that bites James (and also housed the cd toaster) has been replaced by something slightly less dodgy. I could not dispose of the previous box in the preferred manner - compression by sledge hammer - because it was attached by security cable. Could someone who is tag and glue enabled please stick one on the new box. /Jp... -- Jean-Paul Blaqui?re || Avatar of Computational japester@ucc.gu.uwa.edu.au || Thaumaturgy http://japester.ucc.asn.au || IHTFP Democracy is based on the premise that a million men are wiser than one man. How's that again? I missed something? -- Lazarus Long From trs80 at ucc.gu.uwa.edu.au Wed Aug 15 18:30:56 2001 From: trs80 at ucc.gu.uwa.edu.au (James Andrewartha) Date: Wed Oct 27 01:23:31 2004 Subject: [tech] scsi boxes and burners In-Reply-To: <20010814171106.A214533@morwong.ucc.gu.uwa.edu.au> Message-ID: On Tue, 14 Aug 2001, Jean-Paul Blaquiere wrote: > the scsi box that bites James (and also housed the cd toaster) has been > replaced by something slightly less dodgy. I could not dispose of the > previous box in the preferred manner - compression by sledge hammer - > because it was attached by security cable. > Could someone who is tag and glue enabled please stick one on the new box. I've riveted one of the metal tags to the case, and locked it down. I also had to change the SCSI id, since it was conflicting with something. It's always nice when people test stuff to make sure it works after they've been messing with it *meaningful look in jp's direction*. On an unrelated note, the problem with azure's network was a incorrectly crimped patch cable, which I have fixed, and azure is now working again. -- "There's nobody getting rich | TRS-80 UCC Treasurer writing software that I | Email: trs80(a)ucc.gu.uwa.edu.au know of" - Bill Gates, 1980 | Web: http://trs80.ucc.asn.au/ From japester at ucc.gu.uwa.edu.au Wed Aug 15 18:35:28 2001 From: japester at ucc.gu.uwa.edu.au (Jean-Paul Blaquiere) Date: Wed Oct 27 01:23:31 2004 Subject: [tech] scsi boxes and burners In-Reply-To: ; from trs80@ucc.gu.uwa.edu.au on Wed, Aug 15, 2001 at 06:30:56PM +0800 References: <20010814171106.A214533@morwong.ucc.gu.uwa.edu.au> Message-ID: <20010815183527.L274396@morwong.ucc.gu.uwa.edu.au> > On Aug 15, James Andrewartha illuminated with a virtual scribe : > I've riveted one of the metal tags to the case, and locked it down. I also > had to change the SCSI id, since it was conflicting with something. It's > always nice when people test stuff to make sure it works after they've > been messing with it *meaningful look in jp's direction*. > I did not move the ID jumpers from inside where they were, so I presumed that there were no problems.... (it was on id5 before ...) *shrug* /Jp... -- Jean-Paul Blaqui?re || Avatar of Computational jeanpaul@ichr.uwa.edu.au || Thaumaturgy Democracy is based on the premise that a million men are wiser than one man. How's that again? I missed something? -- Lazarus Long From james at rcpt.to Thu Aug 16 08:23:52 2001 From: james at rcpt.to (James Bromberger) Date: Wed Oct 27 01:23:32 2004 Subject: [tech] Where can I get a VT terminal from? Message-ID: <20010816082352.A7435@ucc.gu.uwa.edu.au> Anyone? Where can I get (or purchase) a VT terminal from? -- James Bromberger www.james.rcpt.to Remainder moved to http://www.james.rcpt.to/james/sig.html -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://lists.ucc.gu.uwa.edu.au/pipermail/tech/attachments/20010816/ad0db0d3/attachment.pgp From maset at ucc.gu.uwa.edu.au Thu Aug 16 15:37:52 2001 From: maset at ucc.gu.uwa.edu.au (Anil Sharma ) Date: Wed Oct 27 01:23:32 2004 Subject: [tech] sparc 20 (loan) In-Reply-To: <200108100457.MAA30245@tartarus.uwa.edu.au> Message-ID: So do we want it? On Fri, 10 Aug 2001, Bruce Murphy wrote: > I was wondering if the UCC would be interested in having a clone > sparcserver 20 sitting around the clubroom. Unsure of the configuration > it'll end up with, probaby a sm51 with 64Mb or maybe a touch more memory. > > Oh, and a brace of 4gb disks. > > Do let me know. > > B> > -- > Packrat (BSc/BE;COSO;Wombat Implementor) > Nihil illegitemi carborvndvm. > Maset the Grandiose. ------------------------------------------------- Without suffering, how can one appreciate happiness? And how would we mark the depths of our sorrow, without the light of hope? From mustang at ucc.gu.uwa.edu.au Thu Aug 16 16:16:08 2001 From: mustang at ucc.gu.uwa.edu.au (David Manchester) Date: Wed Oct 27 01:23:32 2004 Subject: [tech] sparc 20 (loan) In-Reply-To: ; from maset@ucc.gu.uwa.edu.au on Thu, Aug 16, 2001 at 03:37:52PM +0800 References: <200108100457.MAA30245@tartarus.uwa.edu.au> Message-ID: <20010816161608.H504319@morwong.ucc.gu.uwa.edu.au> On Thu, Aug 16, 2001 at 03:37:52PM +0800, Anil Sharma wrote: > So do we want it? Speak now, or forever hold your peace. Its almost a week after Bruce posted this. Its almost been palmed off to a guy at work. D. > > On Fri, 10 Aug 2001, Bruce Murphy wrote: > > > I was wondering if the UCC would be interested in having a clone > > sparcserver 20 sitting around the clubroom. Unsure of the configuration > > it'll end up with, probaby a sm51 with 64Mb or maybe a touch more memory. > > > > Oh, and a brace of 4gb disks. > > > > Do let me know. > > > > B> > > -- > > Packrat (BSc/BE;COSO;Wombat Implementor) > > Nihil illegitemi carborvndvm. > > > > Maset the Grandiose. > ------------------------------------------------- > Without suffering, > how can one appreciate happiness? > And how would we mark the depths of our sorrow, > without the light of hope? > -- I don't get mad.... I get stabby. From japester at ucc.gu.uwa.edu.au Thu Aug 16 17:22:23 2001 From: japester at ucc.gu.uwa.edu.au (Jean-Paul Blaquiere) Date: Wed Oct 27 01:23:32 2004 Subject: [tech] sparc 20 (loan) In-Reply-To: <20010816161608.H504319@morwong.ucc.gu.uwa.edu.au>; from mustang@ucc.gu.uwa.edu.au on Thu, Aug 16, 2001 at 04:16:08PM +0800 References: <200108100457.MAA30245@tartarus.uwa.edu.au> <20010816161608.H504319@morwong.ucc.gu.uwa.edu.au> Message-ID: <20010816172223.A454759@morwong.ucc.gu.uwa.edu.au> > On Aug 16, David Manchester illuminated with a virtual scribe : > On Thu, Aug 16, 2001 at 03:37:52PM +0800, Anil Sharma wrote: > > So do we want it? > > Speak now, or forever hold your peace. > Its almost a week after Bruce posted this. Its almost been palmed off > to a guy at work. > D. IMO we should. It's not a particularly fast machine, but quite adequate for random usage. Put Slowaris on it and call it a user box. can we get Bruce to bring it to the agm tomorrow night? /Jp... -- Jean-Paul Blaqui?re || Avatar of Computational jeanpaul@ichr.uwa.edu.au || Thaumaturgy Democracy is based on the premise that a million men are wiser than one man. How's that again? I missed something? -- Lazarus Long From mtearle at tearle.com Wed Aug 22 22:46:55 2001 From: mtearle at tearle.com (Mark Tearle) Date: Wed Oct 27 01:23:32 2004 Subject: [Tech] Mailing Lists Message-ID: Hi all Mailing Lists are now *mostly* back, I've ported a version of the Union List hack to mailman 2.1a3, and will send the patches back tommorow evening. Sorry about the delay in getting things working again, it took longer than I estimated.... Yours Mark -- Mark Tearle - mark@tearle.com "The only good is knowledge and the only evil is ignorance." - Socrates From maset at ucc.gu.uwa.edu.au Tue Aug 28 11:18:50 2001 From: maset at ucc.gu.uwa.edu.au (Anil Sharma ) Date: Wed Oct 27 01:23:33 2004 Subject: [tech] Re: socks (fwd) Message-ID: anyone? Maset the Grandiose. ------------------------------------------------- Without suffering, how can one appreciate happiness? And how would we mark the depths of our sorrow, without the light of hope? ---------- Forwarded message ---------- Date: Tue, 28 Aug 2001 10:55:48 +0800 (WST) From: Stuart Duncan To: "Anil Sharma " Subject: Re: socks Nah, it reports it as 'sety'. The problem is because the connection is comming from mooneye and not mermaid, and SOCKS is running as root. Therefor, when the IRC server asks the identd on mooneye who's using that port to connect to the IRC server, it sais 'root'. Simplest solution would be to turn identd off on mooneye. :P There may be a neater work arround for this in the SOCKS documentation. Cheers, Stuart On Sat, 25 Aug 2001, Anil Sharma wrote: > Freaking weird man... can you try runsocks ftp ftp.cdrom.com or something > similar and tell me if the default username it tells you is root or sety > please? > > On Fri, 24 Aug 2001, Stuart Duncan wrote: > > > mermaid% socksify irc sety irc.wyvern.com.au > > > > Cheers, > > Stuart > > > > > > On Fri, 24 Aug 2001, Anil Sharma wrote: > > > > > from which machine were you using it. how did you invoke socks, and when? > > > > > > Maset the Grandiose. > > > ------------------------------------------------- > > > Without suffering, > > > how can one appreciate happiness? > > > And how would we mark the depths of our sorrow, > > > without the light of hope? > > > > > > > Maset the Grandiose. > ------------------------------------------------- > Without suffering, > how can one appreciate happiness? > And how would we mark the depths of our sorrow, > without the light of hope? > From trs80 at ucc.gu.uwa.edu.au Thu Aug 30 15:50:34 2001 From: trs80 at ucc.gu.uwa.edu.au (James Andrewartha) Date: Wed Oct 27 01:23:33 2004 Subject: [tech] hydra Message-ID: Hydra has been coming up with "ip_conntrack: maximum limit of 1024 entries exceeded" all day. I tried quadrupling the maximum, but they were all used up in about 5 seconds. I couldn't find any reason why it was doing this, so I've put it down to a kernel bug and compiled a new kernel (2.4.9-ac3). I am just about to install the new kernel and reboot hydra. -- "There's nobody getting rich | TRS-80 UCC Treasurer writing software that I | Email: trs80(a)ucc.gu.uwa.edu.au know of" - Bill Gates, 1980 | Web: http://trs80.ucc.asn.au/ From trs80 at ucc.gu.uwa.edu.au Thu Aug 30 16:05:26 2001 From: trs80 at ucc.gu.uwa.edu.au (James Andrewartha) Date: Wed Oct 27 01:23:33 2004 Subject: [tech] hydra In-Reply-To: Message-ID: On Thu, 30 Aug 2001, James Andrewartha wrote: > Hydra has been coming up with "ip_conntrack: maximum limit of 1024 entries > exceeded" all day. I tried quadrupling the maximum, but they were all used > up in about 5 seconds. I couldn't find any reason why it was doing this, > so I've put it down to a kernel bug and compiled a new kernel > (2.4.9-ac3). I am just about to install the new kernel and reboot hydra. Well, that didn't fix the problem. It might be caused by someone flooding, but Grahame had a look and couldn't see anything unusual happening. Anybody got any ideas? -- "There's nobody getting rich | TRS-80 UCC Treasurer writing software that I | Email: trs80(a)ucc.gu.uwa.edu.au know of" - Bill Gates, 1980 | Web: http://trs80.ucc.asn.au/ From dunc-mail-131574E at rcpt.to Thu Aug 30 17:26:05 2001 From: dunc-mail-131574E at rcpt.to (Duncan Sargeant) Date: Wed Oct 27 01:23:33 2004 Subject: [tech] hydra In-Reply-To: References: Message-ID: <20010830172605.A20902@typhaon.ucs.uwa.edu.au> James Andrewartha wrote on Thu August 30, at 16:05 +0800: > On Thu, 30 Aug 2001, James Andrewartha wrote: > > > Hydra has been coming up with "ip_conntrack: maximum limit of 1024 entries > > exceeded" all day. I tried quadrupling the maximum, but they were all used > > up in about 5 seconds. I couldn't find any reason why it was doing this, > > so I've put it down to a kernel bug and compiled a new kernel > > (2.4.9-ac3). I am just about to install the new kernel and reboot hydra. > > Well, that didn't fix the problem. It might be caused by someone flooding, > but Grahame had a look and couldn't see anything unusual > happening. Anybody got any ideas? Bryden was running a DNS bomb. Bryden - stop it or we will tell on you. ,dunc From grahame at ucc.gu.uwa.edu.au Thu Aug 30 17:46:02 2001 From: grahame at ucc.gu.uwa.edu.au (Grahame Bowland) Date: Wed Oct 27 01:23:33 2004 Subject: [tech] hydra In-Reply-To: <20010830172605.A20902@typhaon.ucs.uwa.edu.au>; from dunc-mail-131574E@rcpt.to on Thu, Aug 30, 2001 at 05:26:05PM +0800 References: <20010830172605.A20902@typhaon.ucs.uwa.edu.au> Message-ID: <20010830174602.A273750@morwong.ucc.gu.uwa.edu.au> On Thu, Aug 30, 2001 at 05:26:05PM +0800, Duncan Sargeant wrote: > James Andrewartha wrote on Thu August 30, at 16:05 +0800: > > On Thu, 30 Aug 2001, James Andrewartha wrote: > > > > > Hydra has been coming up with "ip_conntrack: maximum limit of 1024 entries > > > exceeded" all day. I tried quadrupling the maximum, but they were all used > > > up in about 5 seconds. I couldn't find any reason why it was doing this, > > > so I've put it down to a kernel bug and compiled a new kernel > > > (2.4.9-ac3). I am just about to install the new kernel and reboot hydra. > > > > Well, that didn't fix the problem. It might be caused by someone flooding, > > but Grahame had a look and couldn't see anything unusual > > happening. Anybody got any ideas? > > Bryden was running a DNS bomb. > > Bryden - stop it or we will tell on you. access-list 144 deny ip any host 130.95.3.3 access-list 144 deny ip any host 130.95.3.87 access-list 144 deny ip any host 130.95.3.144 access-list 144 deny ip host 130.95.3.3 any access-list 144 deny ip host 130.95.3.87 any access-list 144 deny ip host 130.95.3.144 any access-list 144 permit ip any any int fa 0/0/0.1 ip access-group 144 out ;-) From dunc-mail-131574E at rcpt.to Thu Aug 30 18:10:17 2001 From: dunc-mail-131574E at rcpt.to (Duncan Sargeant) Date: Wed Oct 27 01:23:34 2004 Subject: [tech] hydra In-Reply-To: <20010830174602.A273750@morwong.ucc.gu.uwa.edu.au> References: <20010830172605.A20902@typhaon.ucs.uwa.edu.au> <20010830174602.A273750@morwong.ucc.gu.uwa.edu.au> Message-ID: <20010830181017.B20902@typhaon.ucs.uwa.edu.au> Grahame Bowland wrote on Thu August 30, at 17:46 +0800: > On Thu, Aug 30, 2001 at 05:26:05PM +0800, Duncan Sargeant wrote: > > Bryden was running a DNS bomb. > > > > Bryden - stop it or we will tell on you. > > access-list 144 deny ip any host 130.95.3.3 > access-list 144 deny ip any host 130.95.3.87 > access-list 144 deny ip any host 130.95.3.144 > access-list 144 deny ip host 130.95.3.3 any > access-list 144 deny ip host 130.95.3.87 any > access-list 144 deny ip host 130.95.3.144 any > access-list 144 permit ip any any > > int fa 0/0/0.1 > ip access-group 144 out I took a snapshot of /proc/net/ip_conntrack ... hydra:/tmp# wc -l /tmp/ip_conntrack 7138 /tmp/ip_conntrack hydra:/tmp# egrep -c 'src=130\.95\.13\.18 dst=130\.95\.128\.[0-9]+ [^ ]+ dport=53' /tmp/ip_conntrack 7018 It seems stupid to me that ip_conntrack keeps track of /every/ connection ... it would be useful if you could specify a chain which determined which connections are tracked. In this example, we don't need to track these connections because we don't need to masquerade it. Anyway, I've only learnt about it in the last 20 minutes ... anyone with more experience with it know any better? ,dunc From mulderq at ucc.gu.uwa.edu.au Thu Aug 30 20:08:41 2001 From: mulderq at ucc.gu.uwa.edu.au (Bryden Quirk) Date: Wed Oct 27 01:23:34 2004 Subject: [tech] hydra In-Reply-To: <20010830172605.A20902@typhaon.ucs.uwa.edu.au> Message-ID: > James Andrewartha wrote on Thu August 30, at 16:05 +0800: > > On Thu, 30 Aug 2001, James Andrewartha wrote: > > > > > Hydra has been coming up with "ip_conntrack: maximum limit of 1024 entries > > > exceeded" all day. I tried quadrupling the maximum, but they were all used > > > up in about 5 seconds. I couldn't find any reason why it was doing this, > > > so I've put it down to a kernel bug and compiled a new kernel > > > (2.4.9-ac3). I am just about to install the new kernel and reboot hydra. > > > > Well, that didn't fix the problem. It might be caused by someone flooding, > > but Grahame had a look and couldn't see anything unusual > > happening. Anybody got any ideas? > > Bryden was running a DNS bomb. > > Bryden - stop it or we will tell on you. Cool that killed hydra ? :) I was attepting to catoluge the .com.au namespace (or more to the point find out how far i chould get before the MSD's became just to mamoth to wait for I got up to www.afwa.com.au or thereabouts and have about 100k of valid domain names. (yes i know there are far eseyer ways of getting a list of domain names (dns cache squid logs reverse dns etc) but i was partucly intrested in the efectiveness in that method (i am allso aware that as the size of the tested names increse the "population desity" of the namespace decreeses) What im now finding intensly intresting is why this csaused hydra to fail given that hydra is not the dns server being queryed the machines mussel% cat /etc/resolv.conf search ucc.gu.uwa.edu.au uwa.edu.au rcpt.to gu.uwa.edu.au ee.uwa.edu.au #nameserver 130.95.13.9 nameserver 130.95.128.2 nameserver 130.95.128.1 nameserver 130.95.128.50 are (i checked this before starting) so what gives ? what is ip_conntrack and what is that buffer refing to ? the dnsquerys where being made one after another with 5 processes running in parralell (i doubt it that in excess of 2 requests per second whould have ever been acchived ) not what you whould relly describe as being particuly efective Denyal of service attack over a ethernet connection however in this instance it appears to have had that efect. for which im quite sorry. am i missing a obvius reson why hydra should have fallen down so helplessly ? From dunc-mail-131574E at rcpt.to Fri Aug 31 11:42:56 2001 From: dunc-mail-131574E at rcpt.to (Duncan Sargeant) Date: Wed Oct 27 01:23:34 2004 Subject: [tech] hydra In-Reply-To: References: <20010830172605.A20902@typhaon.ucs.uwa.edu.au> Message-ID: <20010831114255.C11104@typhaon.ucs.uwa.edu.au> Bryden Quirk wrote on Thu August 30, at 20:08 +0800: > > Bryden was running a DNS bomb. > > > > Bryden - stop it or we will tell on you. > > > Cool that killed hydra ? :) > > I was attepting to catoluge the .com.au namespace > (or more to the point find out how far i chould get before the MSD's > became just to mamoth to wait for > > I got up to www.afwa.com.au or thereabouts > and have about 100k of valid domain names. > (yes i know there are far eseyer ways of getting a list of domain names > (dns cache squid logs reverse dns etc) > but i was partucly intrested in the efectiveness in that method > (i am allso aware that as the size of the tested names increse the > "population desity" of the namespace decreeses) You are so cool. > What im now finding intensly intresting is why this csaused hydra to fail > given that hydra is not the dns server being queryed the machines > > mussel% cat /etc/resolv.conf > search ucc.gu.uwa.edu.au uwa.edu.au rcpt.to gu.uwa.edu.au ee.uwa.edu.au > #nameserver 130.95.13.9 > nameserver 130.95.128.2 > nameserver 130.95.128.1 > nameserver 130.95.128.50 > > are > > (i checked this before starting) Ah, the nimby justification. I'm sure UCS are thrilled, quite. > so what gives ? > > what is ip_conntrack and what is that buffer refing to ? When I am asked such questions where 10 minutes of research will discover the answer, I usually subscribe to the teach a man to fish philosophy and reply, "RTFM." But I am unable to supress the rage to shout, "IT TRACKS CONNECTIONS, YOU IDIOT." > the dnsquerys where being made one after another with 5 processes running > in parralell (i doubt it that in excess of 2 requests per second whould > have ever been acchived ) You may have underestimated things a little. When I straced one, the connections were flying up the screen. > not what you whould relly describe as being particuly efective > Denyal of service attack over a ethernet connection however in this > instance it appears to have had that efect. for which im quite > sorry. > > am i missing a obvius reson why hydra should have fallen down so > helplessly ? I assume the problem with hydra is that ip_conntrack makes an attempt to track UDP "connections", which don't ever have a formal disconnect. So I think it must use a timeout, which desn't work if its being flooded. Of course, why are we using ip_conntrack? Well it probably seemed like a good idea at the time, but I don't think we actually need it. ,dunc From warrick at lostris.wyvern.com.au Fri Aug 31 11:45:21 2001 From: warrick at lostris.wyvern.com.au (warrick@lostris.wyvern.com.au) Date: Wed Oct 27 01:23:34 2004 Subject: [tech] hydra In-Reply-To: <20010831114255.C11104@typhaon.ucs.uwa.edu.au>; from dunc-mail-131574E@rcpt.to on Fri, Aug 31, 2001 at 11:42:56AM +0800 References: <20010830172605.A20902@typhaon.ucs.uwa.edu.au> <20010831114255.C11104@typhaon.ucs.uwa.edu.au> Message-ID: <20010831114521.A11714@lostris.wyvern.com.au> On Fri, Aug 31, 2001 at 11:42:56AM +0800, Duncan Sargeant wrote: > Bryden Quirk wrote on Thu August 30, at 20:08 +0800: > > > Bryden was running a DNS bomb. > > > > > > Bryden - stop it or we will tell on you. > > > > > > Cool that killed hydra ? :) > > > > I was attepting to catoluge the .com.au namespace > > (or more to the point find out how far i chould get before the MSD's > > became just to mamoth to wait for You could just ask for the zone file, I mean, I am one of the .com.au secondary admins. :) Or something :) killing hyrda like that, why it reminds me of the old days, when we would fork 1000's of mpg123 processes in for loops so we could get our song played next rather than djinn's music preference :) Ah the old days :) Seeya, Warrick From davidb-ucc at rcpt.to Fri Aug 31 11:56:14 2001 From: davidb-ucc at rcpt.to (David Basden) Date: Wed Oct 27 01:23:34 2004 Subject: [tech] hydra In-Reply-To: <20010831114521.A11714@lostris.wyvern.com.au>; from warrick@lostris.wyvern.com.au on Fri, Aug 31, 2001 at 11:45:21AM +0800 References: <20010830172605.A20902@typhaon.ucs.uwa.edu.au> <20010831114255.C11104@typhaon.ucs.uwa.edu.au> <20010831114521.A11714@lostris.wyvern.com.au> Message-ID: <20010831115614.A638@fluff> On Fri, Aug 31, 2001 at 11:45:21AM +0800, warrick@lostris.wyvern.com.au wrote: > On Fri, Aug 31, 2001 at 11:42:56AM +0800, Duncan Sargeant wrote: > > Bryden Quirk wrote on Thu August 30, at 20:08 +0800: > > > > Bryden was running a DNS bomb. > > > > > > > > Bryden - stop it or we will tell on you. > > > > > > > > > Cool that killed hydra ? :) > > > > > > I was attepting to catoluge the .com.au namespace > > > (or more to the point find out how far i chould get before the MSD's > > > became just to mamoth to wait for > > You could just ask for the zone file, I mean, I am one of the .com.au > secondary admins. :) Or something :) killing hyrda like that, why it > reminds me of the old days, when we would fork 1000's of mpg123 > processes in for loops so we could get our song played next rather > than djinn's music preference :) I thought that it wasn't possible to do zone transfers of the com.au. zone anymore? David From warrick at lostris.wyvern.com.au Fri Aug 31 12:02:12 2001 From: warrick at lostris.wyvern.com.au (warrick@lostris.wyvern.com.au) Date: Wed Oct 27 01:23:35 2004 Subject: [tech] hydra In-Reply-To: <20010831115614.A638@fluff>; from davidb-ucc@rcpt.to on Fri, Aug 31, 2001 at 11:56:14AM +0800 References: <20010830172605.A20902@typhaon.ucs.uwa.edu.au> <20010831114255.C11104@typhaon.ucs.uwa.edu.au> <20010831114521.A11714@lostris.wyvern.com.au> <20010831115614.A638@fluff> Message-ID: <20010831120212.A11859@lostris.wyvern.com.au> On Fri, Aug 31, 2001 at 11:56:14AM +0800, David Basden wrote: > On Fri, Aug 31, 2001 at 11:45:21AM +0800, warrick@lostris.wyvern.com.au wrote: > > On Fri, Aug 31, 2001 at 11:42:56AM +0800, Duncan Sargeant wrote: > > > Bryden Quirk wrote on Thu August 30, at 20:08 +0800: > > > > > Bryden was running a DNS bomb. > > > > > > > > > > Bryden - stop it or we will tell on you. > > > > > > > > > > > > Cool that killed hydra ? :) > > > > > > > > I was attepting to catoluge the .com.au namespace > > > > (or more to the point find out how far i chould get before the MSD's > > > > became just to mamoth to wait for > > > > You could just ask for the zone file, I mean, I am one of the .com.au > > secondary admins. :) Or something :) killing hyrda like that, why it > > reminds me of the old days, when we would fork 1000's of mpg123 > > processes in for loops so we could get our song played next rather > > than djinn's music preference :) > > I thought that it wasn't possible to do zone transfers of the com.au. > zone anymore? It's not :) unless you are a authorised secondary. Well thats the way iiNet's ns.iinet.net.au (*.au secondary server) is set up. And I believe that is the same for all the *.au servers. [root@ns secondary]# ls -al total 35044 drwxr-xr-x 2 named named 4096 Aug 31 11:40 . drwxr-sr-x 4 named named 4096 Aug 31 12:40 .. -rw-r--r-- 1 named named 207801 Aug 31 11:29 asn.au -rw-r--r-- 1 named named 1266 Aug 31 11:56 aunic.net -rw-r--r-- 1 named named 32016555 Aug 31 11:04 com.au -rw-r--r-- 1 named named 703530 Aug 31 12:12 edu.au -rw-r--r-- 1 named named 308498 Aug 31 12:30 gov.au -rw-r--r-- 1 named named 1915096 Aug 31 12:11 net.au -rw-r--r-- 1 named named 652390 Aug 31 11:12 org.au [root@ns secondary]# Bryden had a loooong way to go :) Seeya, Warrick