| View previous topic :: View next topic |
| Author |
Message |
Chris Cox
Guest
|
 Posted: Mon Jan 28, 2008 10:37 pm Post subject: Re: Linux CD's or DVD's |
 |
|
On Sun, 2008-01-27 at 08:30 -0800, ColdFusion wrote:
| Quote: | Hello to everyone out there. I am trying to find all the free CD's
or DVD's of Linux that I can get. But, there's a catch..........
I've gotten the free CD's from Unbuntu and Fedora, where they
actually mail you the packaged CD's. So I'm looking for other distros
that do the same thing.
You see, I don't have high-speed internet yet (lamer I know), and
work on older computers most of the time, so downloading an iso image
is out of the question, and I don't have the money to buy the disks.
If anyone knows where to get free CD's or DVD's, I would appreciate
all the help.
|
Do you have a local Linux Users Group? I know of NO LUG that wouldn't
gladly copy CDs/DVDs for you. They'll usually even help you with
installation and troubleshooting. Just an idea.
Where are you located? |
|
| |
|
 Back to top |
NoStop
Guest
|
| Posted: Sun Feb 24, 2008 5:50 am Post subject: Re: API to collect some unique IDs |
|
|
Keith Keller wrote:
| Quote: | ["Followup-To:" header set to comp.os.linux.security.]
On 2008-02-23, Dirk T. Verbeek <dverbeek@xs4all.nl> wrote:
Having a look in /etc/fstab for the UUID of the hard disk is more unique
yet it can be spoofed.
Having the UUID listed at all in fstab is not guaranteed. (And IIRC the
UUID is for the given filesystem, not the entire disk.)
--keith
IMHO, using UUID for internal fixed drives is bullshit. No need for that |
crap.
Cheers.
--
The world can't afford the rich.
Q: What OS is built for lusers?
A: Which one requires running lusermgr.msc to create them?
My Killfile List: Frank, dennis@home ... Sorry, won't be able to read your
BS any longer. |
|
| |
|
| Back to top |
Dirk T. Verbeek
Guest
|
| Posted: Sun Feb 24, 2008 6:01 am Post subject: Re: API to collect some unique IDs |
|
|
Keith Keller schreef:
| Quote: | ["Followup-To:" header set to comp.os.linux.security.]
On 2008-02-23, Dirk T. Verbeek <dverbeek@xs4all.nl> wrote:
Having a look in /etc/fstab for the UUID of the hard disk is more unique
yet it can be spoofed.
Having the UUID listed at all in fstab is not guaranteed. (And IIRC the
UUID is for the given filesystem, not the entire disk.)
--keith
I suddenly remember something interresting. |
I replaced the 60GB HD from my laptop with a 160GB one and put the old
one in an USB enclosure.
When I hooked it up Linux would not accept it because it had the same
UUID as the new internal HD.
Meaning the UUID for the new disk was during formatting generated using
some inputs of the hardware present resulting in exactly the same number
as the original HD.
In a way this means it would remain the same (uniquely identifying!) for
this particular computer but be different on another.
I'm sure to remember there's some stuff on the net about how the HD UUID
is generated. |
|
| |
|
| Back to top |
Chris Cox
Guest
|
| Posted: Sun Feb 24, 2008 11:26 am Post subject: Re: API to collect some unique IDs |
|
|
NoStop wrote:
| Quote: | Keith Keller wrote:
["Followup-To:" header set to comp.os.linux.security.]
On 2008-02-23, Dirk T. Verbeek <dverbeek@xs4all.nl> wrote:
Having a look in /etc/fstab for the UUID of the hard disk is more unique
yet it can be spoofed.
Having the UUID listed at all in fstab is not guaranteed. (And IIRC the
UUID is for the given filesystem, not the entire disk.)
--keith
IMHO, using UUID for internal fixed drives is bullshit. No need for that
crap.
|
uuid isn't perfect. It's better when the drive can be identified by
it's model and serial number (by-id)... and most can. But you're right that
even that isn't always what you want to do... but some WILL want it.
So it's there...
It's useful when drives change position due to new controllers coming
online (just one example). Using a more persistent name prevents
the pain of dealing with device renames (e.g. /dev/sda becoming /dev/sdb
all of the sudden). But obviously not perfect in cases were a
drive fails and gets replaced... pros and cons either way.... |
|
| |
|
| Back to top |
Keith Keller
Guest
|
| Posted: Sun Feb 24, 2008 12:34 pm Post subject: Re: API to collect some unique IDs |
|
|
On 2008-02-23, NoStop <nospam@nospam.com> wrote:
| Quote: | Keith Keller wrote:
Having the UUID listed at all in fstab is not guaranteed. (And IIRC the
UUID is for the given filesystem, not the entire disk.)
IMHO, using UUID for internal fixed drives is bullshit. No need for that
crap.
|
Regardless, it's still available. And as I wrote, it's for filesystems,
not drives.
--keith
--
kkeller-usenet@wombat.san-francisco.ca.us
(try just my userid to email me)
AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
see X- headers for PGP signature information |
|
| |
|
| Back to top |
dlzc
Guest
|
| Posted: Tue Sep 16, 2008 3:21 pm Post subject: Re: << FREE HELP DESK SOFTWARE >> |
|
|
On Sep 14, 2:50 am, rose...@gmail.com wrote:
| Quote: | ==============================
http://helpdesksoftware21.blogspot.com
|
Amazing how simple it would be to offer free "help desk" software to
collect remote access information as another route to inject bots on
unwitting users' computers... their guard would be down, and they
would be expecting something incoming... |
|
| |
|
| Back to top |
Sylvain Robitaille
Guest
|
| Posted: Sat Sep 20, 2008 2:24 am Post subject: Re: Possible attack? |
|
|
Prime wrote:
| Quote: | It does no one any good to provide additional resources for newbie
skript kiddies ...
|
obscurity != security
Plain and simple.
Besides, the script kiddies get the tools. You should never assume that
because you haven't seen pointers to them directly, that they haven't.
What the OP did was make it possible for us (and himself) to examine the
exact tools used by his intruder, giving him a better chance of ensuring
thorough cleanup (and us an additional opportunity at detecting the use
of these tools against our own systems).
--
----------------------------------------------------------------------
Sylvain Robitaille syl@alcor.concordia.ca
Network and Systems analyst Concordia University
Instructional & Information Technology Montreal, Quebec, Canada
---------------------------------------------------------------------- |
|
| |
|
| Back to top |
Prime
Guest
|
| Posted: Sat Sep 20, 2008 3:32 am Post subject: Re: Possible attack? |
|
|
Anon E. Muss wrote:
| Quote: | On Fri, 19 Sep 2008 17:17:13 +0000 (UTC), Sylvain Robitaille
syl@alcor.concordia.ca> wrote:
One of my users had a stupid password and had his account compromised.
Upon reviewing the logs, it looks like this was going on for about 4
days:
$ cat .bash_history
Congratulations ... you just posted the url's for a couple of tools that |
this amateur skript kiddie is using. |
|
| |
|
| Back to top |
Unruh
Guest
|
| Posted: Sat Sep 20, 2008 3:53 am Post subject: Re: Possible attack? |
|
|
Prime <not@real.address> writes:
| Quote: | Anon E. Muss wrote:
On Fri, 19 Sep 2008 17:17:13 +0000 (UTC), Sylvain Robitaille
syl@alcor.concordia.ca> wrote:
One of my users had a stupid password and had his account compromised.
Upon reviewing the logs, it looks like this was going on for about 4
days:
$ cat .bash_history
Congratulations ... you just posted the url's for a couple of tools that
this amateur skript kiddie is using.
|
And you think that script kiddies know nothing about this?
Sounds like the ostrich strategy. |
|
| |
|
| Back to top |
Prime
Guest
|
| Posted: Sat Sep 20, 2008 6:27 am Post subject: Re: Possible attack? |
|
|
Unruh wrote:
| Quote: | Prime <not@real.address> writes:
Anon E. Muss wrote:
On Fri, 19 Sep 2008 17:17:13 +0000 (UTC), Sylvain Robitaille
syl@alcor.concordia.ca> wrote:
One of my users had a stupid password and had his account compromised.
Upon reviewing the logs, it looks like this was going on for about 4
days:
$ cat .bash_history
Congratulations ... you just posted the url's for a couple of tools that
this amateur skript kiddie is using.
And you think that script kiddies know nothing about this?
Sounds like the ostrich strategy.
|
Negative ...
It does no one any good to provide additional resources for newbie
skript kiddies ... |
|
| |
|
| Back to top |
Unruh
Guest
|
| Posted: Sat Sep 20, 2008 6:45 am Post subject: Re: Possible attack? |
|
|
Prime <not@real.address> writes:
| Quote: | Unruh wrote:
Prime <not@real.address> writes:
Anon E. Muss wrote:
On Fri, 19 Sep 2008 17:17:13 +0000 (UTC), Sylvain Robitaille
syl@alcor.concordia.ca> wrote:
One of my users had a stupid password and had his account compromised.
Upon reviewing the logs, it looks like this was going on for about 4
days:
$ cat .bash_history
Congratulations ... you just posted the url's for a couple of tools that
this amateur skript kiddie is using.
And you think that script kiddies know nothing about this?
Sounds like the ostrich strategy.
Negative ...
It does no one any good to provide additional resources for newbie
skript kiddies ...
|
We are constrantly telling people to provide information when they post
here with problems. He posts his information and you attack him. That info
can be useful in deciding to advise him how to handle the attack. |
|
| |
|
| Back to top |
Prime
Guest
|
| Posted: Sat Sep 20, 2008 7:38 am Post subject: Re: Possible attack? |
|
|
Unruh wrote:
| Quote: | Unruh wrote:
We are constrantly telling people to provide information when they post
here with problems. He posts his information and you attack him. That info
can be useful in deciding to advise him how to handle the attack.
|
There is a limit ... I personally disagree with providing too much info
in open forums ... and lets face it, half of the initial responses
(including your first response) didn't even read correctly the log
information that was provided.
Secondly, I didn't attack him ... I pointed out in direct language
exactly what he had done.
The one thing that was correct in David Brown's post was the statement
that "... it was unnecessary to post the whole log file". I agreed then
and my post stated a similar position now.
I was a regular contributor to this forum many years ago and we had a
problem then with overzealous contributors who got it wrong.
Cheers
Luke |
|
| |
|
| Back to top |
Prime
Guest
|
| Posted: Sat Sep 20, 2008 8:15 am Post subject: Re: Possible attack? |
|
|
Sylvain Robitaille wrote:
| Quote: | Prime wrote:
It does no one any good to provide additional resources for newbie
skript kiddies ...
obscurity != security
|
I don't totally agree but I do understand your point ... but why advertise?
Are you prepared to publish all of the exploits, exploit analysis etc
that you have on file ... what about a detailed look at all of the
security measures you employ on your host(s) ... I think not.
I've seen regular advice regarding running ssh on an obscure port to
make it more difficult to find ... therefore obscurity = slightly better
security.
| Quote: | Plain and simple.
Besides, the script kiddies get the tools. You should never assume that
because you haven't seen pointers to them directly, that they haven't.
|
My point also mentioned "Newbie skript kiddies" ... why make it easy for
them ... make them earn their stripes.
| Quote: | What the OP did was make it possible for us (and himself) to examine the
exact tools used by his intruder, giving him a better chance of ensuring
thorough cleanup (and us an additional opportunity at detecting the use
of these tools against our own systems).
|
I must have missed something ... apart from a brute force attack (which
seemed to have worked against one of his lame users' lame passwords)
there was nothing to indicate an exploit of any sophistication that
needed thorough cleanup. I didn't see anything in a very cursory look
that even indicated the kiddie had obtained root.
The kiddie didn't even automate his attack ... it was completely manual ...
What DID need attention was password security (and or better
authentication methods) ... revealing a kiddies toys revealed nothing of
any worth in the analysis of his problem.
I am surprised that no one has piped in earlier demanding that he unplug
his hosts from the net, completely wipe the affected system and then
re-install ... but hey ... most of you thought he was being attacked not
doing the attacking so I guess that is easily explained.
Come on guys ... lets put all of this into perspective.
I suggested (not attacked) that publishing a kiddie's toy box wouldn't
help anyone; maybe I'm right, maybe not, but at the end of the day, the
cause of the initial problem was poor password security/user scrutiny.
More words have been typed regarding my post than there were assisting
the OP to strengthen his security.
Lets get back on topic. |
|
| |
|
| Back to top |
Nico Kadel-Garcia
Guest
|
| Posted: Sat Sep 20, 2008 11:33 am Post subject: Re: Possible attack? |
|
|
Prime wrote:
| Quote: | Sylvain Robitaille wrote:
Prime wrote:
It does no one any good to provide additional resources for newbie
skript kiddies ...
obscurity != security
I don't totally agree but I do understand your point ... but why advertise?
|
Because it's useful to the honest people to have a hint as to what this week's
s script kiddies are using. |
|
| |
|
| Back to top |
Unruh
Guest
|
| Posted: Sat Sep 20, 2008 11:34 am Post subject: Re: Possible attack? |
|
|
Prime <not@real.address> writes:
| Quote: | Unruh wrote:
Unruh wrote:
We are constrantly telling people to provide information when they post
here with problems. He posts his information and you attack him. That info
can be useful in deciding to advise him how to handle the attack.
There is a limit ... I personally disagree with providing too much info
in open forums ... and lets face it, half of the initial responses
(including your first response) didn't even read correctly the log
information that was provided.
|
I agree I did misread it.
| Quote: | Secondly, I didn't attack him ... I pointed out in direct language
exactly what he had done.
|
And the difference between :attack" and "pointed out in direct language" is
what?
| Quote: | The one thing that was correct in David Brown's post was the statement
that "... it was unnecessary to post the whole log file". I agreed then
and my post stated a similar position now.
|
I would far rather he post too much info than too little. I agree that he
posted too much, but how was he to know what "too much" and "too litlle"
is? He is confused, and thus his judgement about the relevance of data is
impaired. In that case going overboard is far better than giving to little.
| Quote: | I was a regular contributor to this forum many years ago and we had a
problem then with overzealous contributors who got it wrong.
|
Many years ago modems were common and overposting took forever to load. No
longer true in general.
|
|
| |
|
| Back to top |
|
