Web Host Provider

4images Hosting

Plogger Host

Docebolms Hosting

Imagemagick Hosting

PHP 5 Hosting

Owl Hosting

JSP 2.0 Hosting

Order Now

 


Modx New to hosting?
Check out the step-by-step guides to help you get started.
Setting up your 1st website
Transferring your website

 

Advertiser's links

 

 

PHP Secure your email
Accessing email from public places and wireless networks can pose a huge security risk! Anyone can get your password..
Learn how you can secure your email

 

 

 
Domain Search: www.

SERVERS & NETWORK  |  SUPPORT  |  WHY OXXUS  |  TESTIMONIALS  |  ABOUT US  |  CONTACT |  ORDER NOW

 

 

 

shorewall and shorewall-lite on the others

20 or so

why does a router need a firewall?
hire a conslutant

Then you need proxy

yeah, i'm looking at shoerwall now.. but it seems to require two interfaces (one for inet and one for my machines)

geez

nah it doesnt.

routers always do
hwy not?

not per se as I said

"a computer without firewall is a madness to me and specially if used as router"
thatis simply: BS

alrighty, i'll read some more about it

shorewall doesnt require 2 nics, but its recommended of course

bullshit

routing over a isngle interface is not what I call secure

?

nic != interface

call it what you want, nic/interface, i know you can define multiple zones over 1 interface

hi guys

Network Interface Card...
so, almost =

I have a question. I have a laptop that does not boot to usb drives. and I have debian on a usb drive. how can I boot to it inside of windows?

Is there a particular reason why wxwidgets hasn't been updated yet (to 2.8) in Debian? Or is it just working its way through the processes... 2.8 was released 6 months ago...

nic implies physical hardware, a linux hosting interface does not, thats a huge difference

probably just need to make sure USB boot devices are enabled in the bios and reboot?

etch is stable. it won't get wx 2.8

right (almost)

when I say debian on a usb drive I mean a bootable copy on the drive not an iso. have booted it on other machines

and lenny/sid hasn't seen the need yet I guess

xixor this bios does not have the option.

I mean' there's always a NIC for every interface, but it can be virtual isn't it?

i dont think im following you. I understand what you mean by nic/interface fine, but how is what i said bullshit?

I know etch won't see them (except maybe through a backport). Just working up some packaging for other things that seem to require 2.8

can I use loadlin to do that?

perhaps i worded something wrong, but I know my shorewall is working just fine

wx has deb packages on their site that I'll try for the time being.

Well hello again. I need to install gtk+, glib, atk, pango and cairo among others, but I can't find them in Synaptic. Maybe I'm missing some important repositories, which ones would I need to add?

could I boot off a live cd that is setup to actually boot from the usb drive?

all repositories are made equal

maybe

thats the end of my phylosiphying for tonight

your livecd using grub/lilo/syslinux than you can boot whatever the hell you feel like booting

ok. thanks guys.

note: some usb sticks cant be booted directly, so you would need to actually boot the kernel off the cd first and then use the rootfs from the usb stick after that

ok, I guess no one mistrust his dns servers right?

i dont trust any servers, especially dns. but you have to accept it
you ISP/police/governemnt are the real controllers of dns, so the question is, do you trust them

(*whisper: that's the point)

unless you have dns with some sort of cryptographic signature that you personally verified in person...
best you can do is use root servers only and avoid your isp, but thats a simple workaround for them to redirect _all_ dns through them anyways. so it dont matter much. if I can do it, your ISP can definetly do it (hijack dns)

not simple for them, you can defeat that

the current interenet is really just sad imho
no you cant unless you encrypt a tunnel out

yes. a VPN for example

or have another server outside

I have some ORSN servers for example, that's why I want to make double/multiple requests

Hi, there's a way to call bootlogd as soon as possible so that it can record ALL messages ?

that is what i refer to
and that is what i use, btw

ya, thats about the only way, but if its in the same country or juridiction, you must assume that they same rogue dns affects them too

it gets run as soon as it can

isn't it in syslog?

you cant run shit untill init starts, before that, you miss out

i run my own DNS servers, but pull from root server. from different root server networks, though.

curious, ever wonder about the "blackhole" in dns? grin

in my sys bootlgd only saves about 12 messages (those after it'd benn called)

what did you do to start booylogd?

syslog isn't "verbose" mean only some things 're stored at least in my sys

all the guru's know its bs, but hey, what can you do/prove right

just set Yes in /etc/default/bootlogd

then there aint much you can do

well, we can build massive WOMAN

not sure whether you can prove anything. at least, you can reduce the chance of working with corrupted zones

per to peer connection, at it should

very true. realistically you would be best host to hack bind to verify against your second network to detect "discrepencies" in zones. but the overhead would only be pratical on small net's, not some ISP with 1000's of clients

the last thing i want is a massive WOMAN that does peer to peer

liable:

not using bind trying to not use the server, used by most, lol.
unot using bind trying to not use the server, used by most, lol./u

i understand, but bind in a chroot on a grsec locked down box is about as safe as you can get
bi understand, but bind in a chroot on a grsec locked down box is about as safe as you can get/b

actually, i intend to have bind running too. 3 different program for DNS would be ok.

statistically your just increasing the odds of being hacked though

(different servers, of course)

ahh k then
as DNS works now

possibly, but reducing the impact per event

true

that's why... now... where's the how?

but you would need each machine completely untrusted to each other. one infected machine gets network access its all over with mac spoofing and arp takleovers

i learned to appreciate kernel dnotify extension btw.
they are in different locations

dnotify? inode modify notification?

yes

again, grsecurity ftw.

great for monitoring file system changes on strategical spots

ideally, you would want the machine using readonly burned cdrom (not cdrw) with 1 minute checks on file intergrity
although an attack would probably not bother modifying files when it can just issue network packets via shell code anyways. so long as the bug is open you wouldnt notice unless you monitor network

reducing kernel capabilities plus chattr can go a long way too, though. i am even not paranoid enough to set the servers up like that.

really though, the only hackers you have to worry about are the ones that do things like build cpu's and have extremly advanced eletrical knowledge. and they would probably go van eck on you rather than use tcp
script kiddies are a joke imho. too easy to detect
and the good sploits never make it into their hands until long after its public and useless
firmware hacking is where its at these days

you can walk tangled with copper :p

MangosDebian, Well, other than that DCC SEND LOLS one which no-one seems to have patched their machines for

and then theres ego sploits which cause people to blurt out their best attacks....

... right....

i wouldnt be too concerned with a buggy irc client unless they could execure shell code with it though
?

for Van Eck...

MangosDebian, afaik it reboots their rooter or something stupid

ahh heh

I need to use an other gateway for ssh connections, please anyone help with this issue.

must be a cheap host router firmware if it cant handle a typical tcp packet
i hear they have paint that helps block certain frequencies nowadays

MangosDebian, It's anything that uses a certain chipset. Can't remember which chipset but some Linksys routers are effected and I Can't remember the others

im wondering is thats what someone tried the other day in unbuntu. they mentioned router issue, just wasnt sure how a irc protocol could be router related. interesting though

erm, you didnt describe an issue, you just made a vague statement

MangosDebian, Baiscally I think if someone sends a malformed DCC over 12 characters then their rooter reboots. Doesn't really make any sense.

http://www.lessemf.com/index.html

must be related to the port the attacker sends in the payload. prolly causes issues when you open that port outgoing

its from irc..

i mean like dest port 0 or something kinda thing

indeed, there are lots of techniques, actually is pretty easy to protect compared to the effort needed to exploit it

has nothing to do with a listening port

exit

its an attack via irc on whatever port your client is listening to, which kills the router
hrm, i just contradicted myself sort of

a while ago i wouldnt be as concerned with van eck, but nowadays, anyone with a credit card and some education in electroonics can get the tools to play with the spectrum. especially with all those software radios out there and knowledge on azimuth and such and antennas
the problem is the router is meant to be protocol agnostic. what port/protocol/ip dest packets use going out should not matter. unless the router has a special port open and reserved for some special control i cant see how such an attack could work

right, we must return to an stick and stone society :p

believe me, ill be stick'n'stoning anyone I catch outside my block with radio equipment

Well, but it's easy to protect against most radio too

i would have to check the rfc on dcc protocol, but unless the attacker can specify the ip address host of router as the reply address and the port used for special purposes, then the attack shouldnt work

should be relatively easy to decoy against van eck.

right, it *shouldnt*
but it does, with shit routers

unless there's someone with the money to use gamma, you can be safe

The debian-live usb images, do they write to the usb stick, or set up a ram drive like cds?

again, must be the return ip/port combo used, and the text that is used to send to that port

i am not sure what you are trying to tell me, because its a well known hack that most of us have seen here many times

i would be interested in seeing a copy of the dcc for that attack if anyone can msg me with it to disect

debian-live?

http://debian-live.alioth.debian.org/

well, ive seen dcc's all the time, just never had them reboot my router didnt realise it was that big a problem til the other day

My Debian -live has always been Knoppix

ZyXEL router, by any chance?

so whats your suggestion to block the frequencies my monitor and mobo give off?
no, but thanks for the model if thats it

Well, dunno, but maybe you can use toram or something alike

will look that up

F2 at boot up show some of the options
move to the hight forest of Africa and hire a couple of mercenaries to keep everyone away

/dev/sda

the relatively common Zyxel Prestige series seem to have a flaw when too many new connect attempts in too short time occur. resulting in, established connection staying on, but no new connects possible.
sounds pretty DoSsable to me

ya, seeing lot of hits on syn+fin and other malformed packet issues
although I would think that the issue would be nonexistant if you setup dmz to a _real_ firewall since it should just blindly forward everything and not care about flags anymore

not using the router as router, but as modem, and handling the link by a computer, should help

Carry your LapTop in a suitcase with layers of 2mm of aluminium plus DataStop

i know how to downgrade package foo.

"transparent mode" it is called iirc

i found one page that google translated, but its rough. seems to mention port 4500 or something. hard to make out
i dont have a laptop though! nor would i ever let one with built in wifi near my network

Well LapTop is physically safer and the wlan can be deactivated, uninstalled, or used for uninportant crap

hi

or you can buy a gigantic hard bx to keep the computer inside ;p

what is dpkg equivalent of rpm -qf /path/to/file
make[1]: *** No rule to make target `/usr/include/sys/types.h', needed by `localtime.o'. Stop.

seems to be he mentions how in mirc you set your ip, he suggests that you set it to a 192.168. ip and send the troublesome dcc, which the client would try connect to. but that could be old. interesting though

which package provides this /sys/types.h

man, man.... man!

jeremy_g there are many, please see http://packages.debian.org/cgi-bin/search_contents.pl?word=types.h&searchmode=searchfilesanddirs&case=insensitive&version=stable&arch=i386&page=1&number=all

/msg dpkg search

the package apt-file is your friend. aptitude install apt-file; apt-file update; apt-file search sys/types.h

how do I get an img file on to the flash drive?
cp image hosting /dev/sda?

dd ?

thanks

or partimage
second best

!ping

pong

"dd if=image of=/dev/sda" ?

dd if=/dev/sda of=/home/user/myfile
but...

I want to get the image on the drive
not drive to image

other way around "on to the flash drive"

in our hosting company we have two internet lines. each has server. by default we use line1. now in my local machine (linux debian 4.0) I want to use second line (line2) for ssh connections. is it clear?

dd will create a dumb copy, ie: an sda of 2GB will make a 2GB image
it also copy the empty space. Partimage skip empty space and also compress the data

Can I simply just use the debian installer to get debian on an usb mem?

apt-get install partimage
Yes

ah, then that's my solution :P

oh, I just realize you wanted 1+2 not 2+1

debian-installer should have "swe"-Sweden

back now

and not swe-e*

can someone explain why everyone discourages people from using debian sid?
i mean, is it a bad thing to want a challenge?
then you need help and you ask for help, and people are saying you shouldn't be trying to use sid...
blah blah
how did the people who use sid get so good?

They start with stable

i used sarge
then i used etch while it was testing
an now i'm using sid

fanen sid isn't supported really i guess, so need to cater for yourself if using it (i am)

i do as much as i can

well it's unstable. things change quite often. Most of the time it's not possible to support sid.

no one set up my wireless etc for me

The thing is that to be good you don't have to use the most unstable version, actually it just make it more dificult
Sid is just the sand box

thing is , because of sid, i now know how to use module-assistant

huh?

yes, if i was using sarge
ipw drivers woulda been apt-get away
with sid, i was forced to compilethe modules and
edit necessary files

then try LFS

been thinking of that too.
just don't have a spare pc to play around with.

use chroot
or any VM

nice
qemu don't work so nice
should upgrade my ram then i guess.

Run an stable version and learn with a VM

btw, i'll have to investigate the chroot thing
another reason i'm running sid is this:
i'm using an hp nx9420
ubuntu fiesty doesn't work on it
debian etch works, with a lot of things not workign properly
like battery status,
dri
sid solves all these problems

etc/config.conf

ie the sudo does not carry past the pipe
there was a way around it, using tea or a command that sounded like tea
uthere was a way around it, using tea or a command that sounded like tea/u

 

Related pages:
Hi I need some help with my internet Around 5 am this morning my internet just went down I did dhclient ifup-down
I have a debian box connected to internet with eth21 interface and Id like to allow a computer connected on eth2
I have a little question if anyone cud help ive installed debian on 2 harddrives with the one having mountpoint
I made edits to -etc-pamd-common-* and -etc-vsswitchconf I think one or two others to setup samba authentication

 

 


 $21.99/mo if paid yearly

 Why Oxxus 

  1. Daily backups so your website, email and all your data is always safe

  2. Stable and reliable servers to ensure your site and email is always accessible

  3. Top of the line server to ensure fast loading speed for your website

  4. Competent support staff on your back and call 24x7

  5. Newest technology spam filtering on a dedicated mail server

  6. All the tools you need to successfully setup, manage, secure and promote your site are included in your account

  7. Point-and-click control panel for easy management of your whole account

  8. Stable and reliable company with 3,500 websites hosted

  9. Special deals for yearly payments to further cut cost

 

 



 

 
Copyright ® 2003-2007 Oxxus.Net * USA * UK * AUP * Best web hosting solutions from internets leading web hosting provider * Tutorials * Resources * Blog * FAQ