[03:57] <Unfun> Hello all
[03:57] <Unfun> Anyone know if it's possible to get ServerWorks HT1000 SATA controller working on ubuntu-server 5.1
[03:57] <Unfun> ?
[05:55] <pabs_> can anyone assist me with " 500 OOPS: could not bind listening IPv4 socket" error with vsftpd?
[06:00] <maswan> pabs_: probably, the local ftp port that vsftpd wants to listen on is already busy
[06:00] <maswan> perhaps an old ftpd process?
[06:02] <pabs_> ya your right
[06:02] <pabs_> I killed all vsftpd processes
[06:02] <pabs_> and i think im running@
[06:02] <pabs_> :-D !!!
[06:03] <pabs_> i was actually trying to connect locally
[06:03] <pabs_> and got that error
[06:04] <pabs_> man o man that was chore getting that up and running tonite
[06:04] <pabs_> im new to linux :)
[06:04] <pabs_> maswan thanks for your help man
[06:04] <pabs_> appreciate it
[06:06] <maswan> enjoy!
[11:10] <spike> I'm running out of ideas and resources..., so, anybody with cisco experience?
[11:11] <maswan> Well, some of ther smaller switches are just overpriced, I avoid the rest?
[11:16] <spike> I'm having an hard time setting up a vpn between a pix 501 and a cisco vpn client
[11:18] <maswan> never touched vpns
[11:19] <fabbione> spike: good luck!
[11:19] <fabbione> pix 501 sucks
[11:20] <fabbione> and it also depends what cisco vpn client you are using
[11:20] <fabbione> because they have 2/3 different ones according to the vpn concentrator
[11:21] <spike> fabbione: cisco vpn client 4.8.0
[11:21] <fabbione> spike: i lost my CCO account when cisco has been hacked
[11:21] <fabbione> didn't even bother to reenable it
[11:21] <spike> the thing is, it's a weird test bed, I get the vpn, but then cant ping/access what's on the other side
[11:22] <spike> but the more I check ACLs and stuff, the more it looks fine
[11:22] <fabbione> did you check that the client is setting default gw over the vpn?
[11:22] <fabbione> iirc there is a setting on server side to force such a thing
[11:22] <fabbione> or a client option
[11:22] <fabbione> that you don't want the users to be able to override
[11:22] <fabbione> hence you set it on the server
[11:22] <fabbione> anyway cisco vpn are extremely easy to hack :)
[11:25] <spike> fabbione: yes, gw is over vpn. the option should be split-tunnel
[11:25] <spike> but yes, the packets get to the pix, so that's not the prob
[11:26] <spike> I can see them all with show capture
[11:26] <spike> the problem is accessing boxes on over the vpn, packets stop at incoming interface and never reach the other one
[11:27] <spike> fabbione: so it must be something ACL related, that would sound obvious, but I've just got one (test bed for a specific scenario), so, mh, I'm kinda sure I got it right
[01:17] <ealden> MarioMeyer: ping
[05:19] <MarioMeyer> ealden, pong
[08:26] <Unfun> Hello
[08:26] <Unfun> Anyone in here?
[08:26] <spike> yeah, but all dead
[08:26] <fabbione> yup
[08:27] <Unfun> I just bought a brand new dual core amd 1U server and i can't get ubuntu-server to recognize the HT1000 ServerWorks SATA controller
[08:27] <Unfun> Is there a driver in the works or no?
[08:28] <spike> fabbione: so far nobody flamed me for the apache post, but I havent got a reply either :)
[08:28] <fabbione> Unfun: you will need to try dapper CD's
[08:28] <Unfun> http://www.siliconmechanics.com/i4442/opteron-server.php
[08:28] <fabbione> i don't think .12 does support it
[08:28] <Unfun> How unstable is dapper?
[08:28] <fabbione> spike: i have been feeling really bad today
[08:28] <fabbione> Unfun: quite unstable
[08:29] <Unfun> I may just install on a usb drive
[08:29] <Unfun> compile a kernel
[08:29] <fabbione> spike: so were the other 2 apache maintainers...
[08:29] <spike> fabbione: oh, doh, sorry to hear about that
[08:29] <Unfun> Then copy it over
[08:29] <fabbione> spike: we got some kind of food poisoning or something..
[08:29] <spike> eeewww, that sux
[08:30] <fabbione> yes
[08:30] <fabbione> we are not going too well these days
[08:30] <fabbione> doing even
[08:31] <spike> fabbione: then it must be that that made you you define hw "desperate" instead of "disparate" ;)
[08:31] <fabbione> possibly
[08:32] <spike> and it must be my lack of sleep that makes me double words...
[08:32] <spike> anyway
[08:32] <spike> fabbione: btw, I solved that vpn issue :)
[08:32] <fabbione> ah nice
[08:32] <spike> as of 2 days playing with cisco stuff, I dont definitely like it...
[08:33] <fabbione> i don't like their firewalls/vpn solutions
[08:33] <fabbione> i don't mind switches and midrange routers
[08:34] <spike> expecially traffic analysis, not really comparable with iptables logging / tcpdump
[08:34] <spike> both debug and capture miss useful features
[08:34] <spike> I'm running IOS 6.3, tho, something better might be available in 7.0
[08:35] <fabbione> yeah probably more bugs
[08:36] <spike> eheheh
[08:36] <spike> what it is really scaring is default licences wont support aes, so u're stuck to DES
[08:37] <fabbione> useless
[08:37] <fabbione> is it at least 3DES?
[08:38] <fabbione> perhaps one day i will show you how to hack the vpn client :)
[08:38] <spike> fabbione: ehehe, I'll keep waiting for that day :)
[08:39] <fabbione> spike: eheh
[08:39] <fabbione> i am off now
[08:39] <fabbione> cya tomorrowq
[08:51] <jbwiv> hey guys, what is the status of ubuntu-server? Is it ready for use, or should I stand by? I've got a Suse server that just got hacked, and thinking about either Debian or Ubuntu...
[08:53] <lionelp> hey jbwiv
[08:53] <lionelp> you can start using Ubuntu as a server
[08:54] <lionelp> some improvement will occur on the next release, but there is since the breezy release (5.10) a server release
[08:55] <jbwiv> lionelp: will I need to wipe and reinstall in the next release
[08:55] <Unfun> No
[08:55] <jbwiv> or can I apt-get dist-upgrade?
[08:56] <lionelp> absolutely no !
[08:56] <lionelp> yeah, just dist-upgrade
[08:56] <jbwiv> good, good
[08:56] <jbwiv> does apache by default run chrooted?
[08:56] <jbwiv> in the server version?
[08:56] <lionelp> no
[08:56] <lionelp> it is the classical install, like the Debian one
[08:57] <jbwiv> lionelp: is there a package that will do this easily? Ah...ok. Is harden and bastille available via apt?
[08:57] <lionelp> jbwiv: a package to easily do that is planed but not yet available
[08:58] <lionelp> yes, harden and bastille are available via apt
[08:58] <jbwiv> lionelp: ok, is harden and bastille available, as it  is in debian?
[08:58] <jbwiv> ok, thanks ;)
[08:58] <lionelp> you can check it on http://packages.ubuntu.com
[08:58] <jbwiv> lionelp: one last question...
[08:58] <lionelp> no pb :)
[08:58] <spike> jbwiv: just in case: it's technically a *very* poor countermeasure, but mounting /tmp noexec stops 99% of the attacks, since they're as poor as the countermeasure itself
[08:58] <jbwiv> what would you argue is the reason to go with ubuntu server in it's current state, as opposed to debian?
[08:59] <spike> hey ubijtsa
[08:59] <lionelp> jbwiv: not to be obliged to wait three years for a new release :)
[09:00] <jbwiv> spike: heh...here's what I faced this morning: wwrun   20533     1  0 Feb16 ?        00:00:00 /tmp/.tmp/public_html/s
[09:00] <jbwiv> > 67.15.63.112 53
[09:00] <lionelp> on the next release (Dapper, that will be available in april), some meta packages and a support for 5 years will be available
[09:00] <spike> jbwiv: that in a few months u'll have chances to seamlessly get lots of server related improvements
[09:00] <ubijtsa> lo spike
[09:00] <jbwiv> woops...well, you get the picture.
[09:00] <jbwiv> exploit running out of tmp on the suse box ;)
[09:00] <spike> out ot /tmp ?
[09:00] <jbwiv> spike: yep
[09:01] <jbwiv> so, you're advice is wise ;)
[09:01] <spike> that doesnt look out of /tmp to me..
[09:01] <jbwiv> mounting noexec
[09:01] <spike> aaah, ok
[09:01] <jbwiv> /tmp/.tmp/public_html/s
[09:01] <spike> out of tmp, I read it as , not in /tmp
[09:01] <ubijtsa> hmm.. /tmp should probably be mounted nodev, noexec
[09:01] <spike> yep
[09:01] <jbwiv> the command was /tmp/.tmp/public_html/s > 67.15.63.112 53
[09:01] <spike> yes yes, sorry, just misunderstood ur comment "out of tmp"
[09:01] <jbwiv> only way I caught it is the damned thing was DOS'ing my firewall
[09:01] <jbwiv> ah, ok
[09:02] <jbwiv> so, guys, what you're telling me is that ubuntu-server is ready for use, regardless, right? It doesn't seem to be very buzzy in terms of community and portal, but I may be not looking in the right place. That was my only concern. I use it on the desktop ;)
[09:03] <spike> indeed, I brought up to attention that more than once, but they said "it's ok to run it within the ubuntu framework"
[09:04] <spike> jbwiv: it's ready, just not super-accessoried 'till april
[09:04] <spike> jbwiv: but you wont lose anything compared to debian, and have a huge gain in a few months without reinstalling
[09:04] <jbwiv> spike: done deal then...thanks!
[09:05] <jbwiv> by the way...very glad to see this project in existance!
[09:17] <spike> I'm off, c u guys
[09:34] <ubijtsa> I am seeing some _really_ bizarre things in kde 3.5.1
[09:35] <ubijtsa> xkb is b0rked to the point I have had to disable it.. no keymaps available etc..
[10:01] <jbwiv> quit