[04:55] <gubluntu> how do i get tcpdump to produce less output
[04:55] <gubluntu> like hiding duplicates
[04:55] <gubluntu> or rather... whats the best way to watch incoming and outgoing connections
[04:57] <[miles] > gubluntu, thats not really a ubuntu-server specific question is it?
[04:57] <[miles] > and I recommend you man tcpdump
[04:58] <gubluntu> i have
[04:59] <gubluntu> figured i might ask someones opinion for what they use
[04:59] <gubluntu> is that not an appropriate question?
[05:00] <gubluntu> i.e. iptraf, snort etc..
[05:00] <[miles] > ok well if you've hit the manual..
[05:00] <[miles] > when you say less output
[05:00] <[miles] > what exactly do you want to filter out?
[05:01] <[miles] > also, have you created a specific filter etc yet... look also at WireShark if you have'nt yet
[05:08] <gubluntu> does wireshark have console only?
[05:08] <gubluntu> ive seen it for windows with a gui... 
[05:08] <gubluntu> ooh! manpages
[05:08] <gubluntu> tcpdump 'tcp[tcpflags]  & (tcp-syn|tcp-fin) != 0 and not src and dst net localnet'
[05:08] <gubluntu> sry..
[05:08] <[miles] > lol
[05:09] <[miles] > you can load your tcpdump file into WireShark
[05:09] <[miles] > the GUI (And it's not just windows either)
[05:09] <gubluntu> nonono gui!
[05:09] <gubluntu> :-P
[05:09] <gubluntu> brb
[05:09] <[miles] > it was previously known as Ethereal
[05:09] <[miles] > and it's a shit hot product
[05:18] <mralphabet> shit hot? . . . is that good or bad
[05:24] <[miles] > thats good
[05:24] <[miles] > like, doggies bollocks
[05:25] <mralphabet> are you british?
[05:25] <mralphabet> scottish?
[05:26] <[miles] > no, soy espaol
[05:26] <[miles] > nah, I'm British, but lived in spain for years
[05:39] <gubluntu> merda claiente?
[05:39] <gubluntu> caliente (sp?)
[05:39] <[miles] > mierda
[05:39] <[miles] > not merda
[05:40] <gubluntu> ah.
[05:40] <[miles] > gubluntu, which country are you from?
[05:41] <gubluntu> us
[05:41] <gubluntu> in nyc
[05:41] <[miles] > ah ok
[05:41] <[miles] > a doddle dandy eh
[05:41] <[miles] > ;)
[05:41] <gubluntu> lol
[05:41] <[miles] > joder
[05:41] <[miles] > it's a complete shite writing LDAP schema's
[05:42] <[miles] > I'll be glad when I eventually get it finished :-|
[05:42] <gubluntu> what do i use for localnet?
[05:42] <gubluntu> in tcpdump 'tcp[tcpflags]  & (tcp-syn|tcp-fin) != 0 and not src and dst net localnet'
[05:42] <[miles] > having to order a OID from IANA
[05:42] <[miles] > localnet?
[05:42] <[miles] > you mean localhost?
[05:43] <gubluntu> man pages say: tcpdump 'tcp[tcpflags]  & (tcp-syn|tcp-fin) != 0 and not src and dst net _localnet_'
[05:43] <mralphabet> local net as in local subnet
[05:43] <mralphabet> perhaps
[05:43] <gubluntu> how do i calc local subnet?
[05:43] <[miles] > ah ok
[05:43] <[miles] > from your IP and mask
[05:43] <coNP> I guess Ubuntu default install creates an entry in /etc/networks
[05:43] <coNP> as localnet
[05:43] <[miles] > whats your IP and network mask
[05:43] <[miles] > ifconfig
[05:43] <[miles] > then you can work out the CID
[05:44] <[miles] > like 192.168.1.0/24
[05:45] <gubluntu> http://www.subnetonline.com/subcalc/subnet1.html
[05:45] <gubluntu> destination address?
[05:46] <[miles] > sorry?
[05:46] <gubluntu> im trying to use the subnet calculator
[05:46] <gubluntu> but its asking for destination address
[05:46] <[miles] > bah
[05:46] <[miles] > why?
[05:46] <[miles] > just work it out
[05:46] <[miles] > you know binary?
[05:46] <gubluntu> goodpoint
[05:47] <[miles] > like the /24 means 255.255.255.0
[05:47] <[miles] > aka
[05:47] <gubluntu> mask here is 255.255.255.224
[05:47] <[miles] > 11111111 11111111 11111111 00000000
[05:47] <[miles] > 24 bits set
[05:48] <[miles] > from left to right
[05:48] <[miles] > it's easy peasy
[05:48] <[miles] > lemon squeezy
[05:49] <gubluntu> so if my ip was 1.2.3.4 with a mask of 255.255.255.224
[05:49] <gubluntu> my subnet is 1.2.3.0/24?
[05:51] <[miles] > no
[05:51] <[miles] > I just explained it to you
[05:51] <[miles] > look:
[05:51] <[miles] > like the /24 means 255.255.255.0
[05:51] <[miles] > so
[05:52] <[miles] > 192.168.1.0/24 has a netmask of 255.255.255.0
[05:52] <[miles] > thats CIDR format
[05:52] <[miles] > 192.168.1.0/25 = 255.255.255.128
[05:52] <[miles] > netmask
[05:53] <[miles] > 11111111 11111111 11111111 00000000 = 255.255.255.0
[05:53] <[miles] > 11111111 11111111 11111111 10000000 = 255.255.255.128
[05:53] <gubluntu> ah
[05:53] <gubluntu> 255.255.255.224 = 27  11111111.11111111.11111111.111 00000
[05:53] <[miles] > 11111111 11111111 11111111 11000000 = 255.255.255.192
[05:54] <[miles] > the /nn = number of bits set to 1 from left to right
[05:54] <[miles] > so /32 = 11111111 11111111 11111111 11111111
[05:54] <[miles] > aka, every bit
[05:55] <[miles] > and /1 = 10000000 00000000 00000000 00000000
[05:55] <[miles] > now you understand?
[05:55] <gubluntu> yup
[05:55] <gubluntu> thank you
[05:55] <gubluntu> 192.168.1.0/27 did it right
[05:56] <[miles] > you tell me :P
[05:56] <[miles] > right, I'm bored of binary now
[05:56] <[miles] > time to fuck off home
[05:56] <[miles] > ciao tio
[05:56] <[miles] > good luck!
[06:50] <gubluntu> anyone have an idea for the hardware specs for a ubuntu mail server running Postfix/Courier/MySQL/Amavisd-new/SpamAssassin/ClamAV/SASL/TLS/Horde for about 25-30 users
[06:50] <gubluntu> like min proc speed ram etc...
[06:52] <coNP> gubluntu: what availabiltiy is needed?
[06:52] <coNP> :)
[06:52] <gubluntu> how so?
[06:53] <coNP> I think 25-30 users are not very much, so you can use an "ordinary desktop machine" to provide these services.
[06:53] <gubluntu> yea?
[06:53] <gubluntu> like a 2.8 dual core pent D with 2gb ram and crap load of space?
[06:53] <coNP> how many emails / user (a day, or an hour)?
[06:54] <gubluntu> hrmmm
[06:54] <gubluntu> 100 emails an hour?
[06:55] <gubluntu> including a lot of spam which i hope to reduce drastically being that i have NO spam protection right now on ym netbsd sun board running eixm
[06:55] <mralphabet> uhhh . . . a 486 would work
[06:55] <coNP> okay, I guess spam filtering is the most processor intensitve
[06:55] <coNP> I guess a PII-PIII is okay
[06:55] <coNP> but sure, a 486 should also do it
[06:55] <mralphabet> anything built in the last 5 years would be fabulous
[06:55] <coNP> sure
[06:56] <gubluntu> is it safe to put webamil (horde) on the same server?
[06:57] <coNP> I think yes
[06:59] <gubluntu> what do you guys use for mailservers?
[06:59] <gubluntu> ubuntu?
[07:00] <mralphabet> gmail
[07:00] <mralphabet> ;)
[07:00] <gubluntu> lol
[07:00] <mralphabet> gmail for domains!
[07:00] <coNP> ubuntu
[07:00] <coNP> exim4
[07:00] <coNP> dovecot
[07:00] <coNP> there are some answers :)
[07:01] <coNP> these are my choices by now
[07:01] <gubluntu> exim is where it at isnt it
[07:01] <gubluntu> very configurable
[07:01] <coNP> sorry, gubluntu ?
[07:01] <gubluntu> but too much for me to learn right now i think
[07:04] <gubluntu> what server dist should i use?
[07:04] <gubluntu> version rather?
[07:05] <coNP> gubluntu: depends on... :)
[07:05] <gubluntu> ...
[07:06] <gubluntu> out of all the ppl around me.. im gonna go ahead with the opinion of the person sitting in the ubuntu-server channel
[07:06] <gubluntu> what r my choices?
[07:06] <coNP> dapper
[07:06] <coNP> edgy
[07:07] <gubluntu> dapper or edgy
[07:07] <coNP> I guess, if Ubuntu
[07:07] <coNP> I would say Dapper for now
[07:07] <gubluntu> so dapper has longer support?
[07:07] <gubluntu> is that the deal?
[07:07] <coNP> that is
[07:30] <gubluntu> exit