nealmcbkshah: `sudo dpkg-reconfigure postfix` does simple configurations12:25
kshahthe ubuntu server guide is bringing me through a crazy SMTP authentication config12:25
kshahi'm messing with ssl keys and whatnot12:26
kshahI did this before I believe.. (then the server aka laptop died)12:26
kbrookskshah, huh? server == lappy? wtf.....12:27
nealmcbkshah: I have found that supporting email is getting increasingly tiresome over the years.  keeping up in the war on spam et al is a nightmare.  outsourcing to google apps or fastmail can be appealing12:27
kshahthat'll probably be the end solution once things get going12:28
kshahkbrooks: not my choice12:28
kshahbut it resulted in a proper server being bought12:28
nealmcbkbrooks: what do you mean?  built-in ups that lasts for hours!!  :-)12:28
kbrooksnealmcb, ups?12:29
nealmcb(aka battery)12:29
nealmcbhow long does the UPS on your server last :-)12:29
kbrooksnealmcb, but laptops are prone to overheating due to their small size12:30
nealmcbnote the smiley faces.  but I bet they are a good choice in some circumstances....12:30
kshahyeah in mexico12:36
Pyreticit even has a built in console :)12:37
=== mathiaz [n=mathiaz@dsl-207-112-92-37.tor.primus.ca] has joined #ubuntu-server
=== pteague [n=patrick@ip72-213-145-156.ok.ok.cox.net] has joined #ubuntu-server
=== osmosis [n=steven@cpe-76-80-127-252.socal.res.rr.com] has joined #ubuntu-server
=== raky [n=kent@24-197-132-105.dhcp.spbg.sc.charter.com] has joined #ubuntu-server
=== ubotu [n=ubotu@ubuntu/bot/ubotu] has joined #ubuntu-server
=== kupesoft [n=dave@CPE003018b02a53-CM0018c0c44e76.cpe.net.cable.rogers.com] has joined #ubuntu-server
AnarchHow can I tell whether `cat /proc/cpuinfo` is telling me about 2 physical CPUs or about a hyperthreaded CPU?01:23
Kamping_Kaiserlook for an HT switch01:23
=== rbrunhuber [n=Miranda@p54977683.dip.t-dialin.net] has joined #ubuntu-server
=== mdz_ [n=mdz@ip-81-1-103-136.cust.homechoice.net] has joined #ubuntu-server
=== justinwray [n=justinwr@c-68-34-224-91.hsd1.md.comcast.net] has joined #ubuntu-server
=== w0nder [n=gi_w0nde@ip68-1-184-254.ri.ri.cox.net] has joined #ubuntu-server
=== kshah [n=kunalash@ool-44c0ac9c.dyn.optonline.net] has joined #ubuntu-server
=== dendrobates [n=dendroba@adsl-065-005-186-012.sip.asm.bellsouth.net] has joined #ubuntu-server
pteaguecould there be an issue with trying to install ubuntu server on an intel?03:23
kshahno bro03:29
justinwraypteague: Well, it is built for i1368, so doubtful, what sort of error?03:30
kshahwhat yous prob?03:30
justinwrayi386* Sorry for the typo03:30
pteaguei keep getting file corruption errors on deb packages when trying to install... the md5sum checks out & i've burned 3 CDs & all gave me the same error, but different deb files... the last i burned at 4x03:41
justinwrayAnd you do the CD check on boot, which comes back fine?03:42
justinwrayRun memtest on that system?03:42
pteaguecd check? guess not03:42
justinwrayWhen you boot, you have the option of checking the integrity of the CD.03:43
pteaguek, checking disk03:43
pteagueconsole-tools_0.2.3dbs-65ubuntu3_i386.deb failed the md5 checksum... why would the iso pass an md5 check, but then would corrupt the disk in different places when it's burned?03:46
justinwrayRun memtest on that system?03:46
=== YourMomsHero [n=cirish@ip24-251-191-203.ph.ph.cox.net] has joined #ubuntu-server
=== pteague [n=patrick@ip72-213-145-156.ok.ok.cox.net] has joined #ubuntu-server
pteagueok, apparently i can't even burn a the small net installer for debian without it being corrupt04:44
=== PanzerMKZ [i=Panzer@03-041.136.popsite.net] has joined #ubuntu-server
=== osmosis [n=steven@cpe-76-80-127-252.socal.res.rr.com] has joined #ubuntu-server
=== snook353 [n=lee@24-197-132-105.dhcp.spbg.sc.charter.com] has joined #ubuntu-server
=== snook353 is now known as raky
=== nandemonai [n=nandemon@ppp121-45-57-227.lns11.adl2.internode.on.net] has joined #ubuntu-server
=== jbrouhard [n=jbrouhar@] has joined #ubuntu-server
=== AnRkey [n=AnRkey@host-83-146-42-229.bulldogdsl.com] has joined #ubuntu-server
=== kurosaki [n=nandemon@ppp121-45-28-166.lns10.adl2.internode.on.net] has joined #ubuntu-server
=== ivoks [n=ivoks@22-115.dsl.iskon.hr] has joined #ubuntu-server
=== ScottK2 [n=ScottK@ubuntu/member/scottk] has joined #ubuntu-server
=== kurosaki [n=nandemon@ppp121-45-66-168.lns10.adl6.internode.on.net] has joined #ubuntu-server
=== dexem [n=dani@] has joined #ubuntu-server
=== pschulz01 [n=pschulz0@ubuntu/member/pschulz01] has joined #ubuntu-server
=== Nicke [n=niclasa@ua-83-227-140-135.cust.bredbandsbolaget.se] has joined #ubuntu-server
=== fernando_ [n=fernando@] has joined #ubuntu-server
=== PanzerMKZ [i=Panzer@09-046.136.popsite.net] has joined #ubuntu-server
=== SWAT_ [n=SWAT@swat.xs4all.nl] has joined #ubuntu-server
=== SWAT [n=SWAT@ubuntu/member/swat] has joined #ubuntu-server
=== kbrooks [n=kbrooks@d235-137-190.home1.cgocable.net] has joined #ubuntu-server
kbrooksi have a question. i would like to monitor everything (only silently) that is sent over suspect ports. For example, if i type03:21
kbrookstelnet mail.server.com 2503:22
kbrooksi would like to see the normal stuff sent by the server, except logged03:22
kbrookshow would i do this?03:23
kbrookssoren, What if a user has finished sending spam to the mail server when I run tcpdump?03:25
Kamping_Kaiserkbrooks, look in the mail server logs?03:26
kbrooks"suspect ports"03:26
sorenkbrooks: Are you asking if Ubuntu saves all your network traffic so that you can look at it later?03:26
kbrookssoren, No. It doesn't. I would like it to.03:26
sorenkbrooks: tcpdump03:27
sorenkbrooks: But you need to start it before it does anything..03:27
kbrookssoren, Does tcpdump log user information like who connected to a particular server?03:28
sorenkbrooks: It logs plain network traffic. You can look at it afterwards (e.g. with wireshark or something).03:28
kbrookssoren, what about the user info? Please don't evade questions03:30
sorenkbrooks: Why would I be evading questions? I'm trying my best to ask your rather odd questions.03:30
sorenkbrooks: First you call it suspect ports, then it's telnet, then it's spam.. What are you trying to do03:31
sorenkbrooks: I you want answers, you've got to ask proper questions.03:31
kbrookssoren, port 25 is a suspect port because it can be used to send spam.03:32
sorenkbrooks: Well, I can choose to send nuclear missile launch codes over port 80 if I choose to. That's beside the point.03:32
sorenkbrooks: What are you trying to do?03:33
sorenkbrooks: Please don't evade the question.03:33
kbrookssoren, monitor specific inbound and outbpund ports  for questionable content, and pinpoint the user who is sending or receiving the content at which port so that  i can enforce rules03:35
=== leonel [n=leonel@] has joined #ubuntu-server
sorenkbrooks: You seriously want to sit around and stare at network traffic all day?03:35
kbrookssoren, No. hence the log request.03:36
infinitykbrooks: You realise that going from packet filtering to spam filtering is far from trivial, right?03:36
sorenkbrooks: Ok, so you want to log it all day and stare at it all night. That's not much different.03:36
infinityie: The contents of individual packets aren't all that interesting.03:36
sorenkbrooks: Is it at all posibble that the question you want to ask is: "How do I avoid spam?"03:36
sorenkbrooks: If so, please ask that instead.03:37
infinityAnd knowing when a message begins and ends, when you didn't initiate the connection, is.  Special.03:37
kbrooksinfinity, thats why there is  wireshark.03:37
infinityOr, "how do I avoid untrusted users sending spam from my machine?"03:37
kbrookssoren, um, i think i want to ask that yes03:37
infinityTo which the answer should almost surely be "don't let untrusted users use your machine".03:38
infinityFighting spam (inbound or outbound) at the packet level seems very much the wrong way to go about things.03:38
sorenkbrooks: Alright. Is this spam you want to avoid coming into your machine or going out from it? That seems to be a bit unclear.03:38
kbrookssoren, going out from my machine by a user.03:39
sorenkbrooks: Wack him with a stick?03:39
kbrookssoren, how do i whack him when i don't know if he/she hasnt sent spam?03:39
infinity(We return to my "why are you allowing untrusted users access to your machine?" question)03:40
kbrooksbecause i am doing a free shell/web hosting service.03:40
sorenDo you use it as a mail server?03:41
infinityBlock 25 outbound from all but the local MTA, forcing all users to send mail via the MTA, and do your spam filtering at the MTA level.03:41
infinity(filtering, monitoring, logging, whatever)03:42
kbrooksinfinity, i would do that, and i will - in a second - but i don't have a local MTA. i would like one so that I can support checking e-mail via the CLI.03:44
sorenkbrooks: You don't need and MTA to check e-mail from the cli.03:44
sorenkbrooks: And if you don't have an MTA, just block outgoing connections to port 25.03:44
kbrooksthank you for breakig down my question earlier. noW, HOW do i block outgoin g connections to port 25?03:45
soreniptables -I OUTPUT -j DROP -p tcp --dport 2503:46
kbrooksalso, ulimit didnt seem to work to stop fork bombs. i set the ulimit thru /etc/security/limits.conf03:46
kbrooksand logged out and in03:46
kbrooksbut when i ran :() { : | : &; }; :03:47
kbrooksthe ulimit didnt kick in03:47
sorenIn the future, asking questions like: "I want to achieve X. I've thought doing that by doing B and C, but have run into problem D..."   makes everything much easier for everyone.03:47
sorenThat would have saved us the first 15 minutes of this conversation :)03:48
infinity@untrusted hard nproc 2003:48
infinity^^ something like that?03:48
kbrooksinfinity, where @untrusted  means?03:49
infinitykbrooks: A UNIX group that you add your untrusted users to.03:49
infinity(was just an example)03:49
kbrooks*                hard    nproc           4000 # i did this, but this doesnt work03:50
infinityI'm sure it works fine.03:50
infinity4000 is a lot of forks.03:50
soren4000 is enough for a fork bomb to be quite annoying.03:50
kbrooksinfinity, then why don't  i think it works fine?03:51
infinityBecause it's bringing the machine to its knees before it gets to 4000?03:51
infinityHave you ever had 4000 processes runniing on that machine?03:51
infinityYour users probably don't need more than 10 processes at a time, really. :)03:52
sorenFor the kind of users you're looking at, 20 should be plenty.03:52
kbrooksi set that limit, now i logout and in?03:52
infinityYou don't want that as a global limit, though.03:53
infinityIt'll choke apache and such, as well.03:53
kbrooksinfinity, fair enough....03:53
kbrooksk good03:56
=== ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-server
=== rbrunhuber [n=Miranda@p54975BBD.dip.t-dialin.net] has joined #ubuntu-server
kbrooksokay. so in tcpdump, i see something about a IRC server IP04:29
kbrooksand i get suspicious04:30
kbrooksso i use netstat and notice that a user is possibly connected to the irc server (only a suspicion so far, dont know yet)04:30
kbrooksso i attempt to connect to the server and get kicked off bc of clones.04:31
kbrooksthe lines in netstat i'm talking about are04:32
kbrookstcp        0      0         ESTABLISHED04:32
kbrookstcp        0      0      ffneural.net:13333      ESTABLISHED04:32
kbrooksso i type something like, ps aux and notice that the user in question runs a eggdrop04:33
kbrooksand THEN i sudo as the user, cd to the configuration, read it, and notice that....04:34
kbrooksthe bot is named fswh, and it connects to a hub04:35
kbrooksand the irc server ip04:35
kbrooksi dont know what the hub is for, maybe exploits? i dunno.04:35
kbrookseither way, i suspect abuse, and i will block the ports (except for IRC, which I will disconnect and talk to the irc server admin about) mentioned in the config file04:37
=== kbrooks scrolls up
=== raky [n=kent@24-197-132-105.dhcp.spbg.sc.charter.com] has joined #ubuntu-server
=== dendrobates [n=dendroba@adsl-065-005-186-012.sip.asm.bellsouth.net] has joined #ubuntu-server
=== lamont [n=lamont@mix.mmjgroup.com] has joined #ubuntu-server
=== jbrouhard [n=jbrouhar@adsl-66-142-232-119.dsl.hstntx.swbell.net] has joined #ubuntu-server
=== dendrobates [n=dendroba@adsl-065-005-186-012.sip.asm.bellsouth.net] has joined #ubuntu-server
=== ivoks_ [n=ivoks@17-127.dsl.iskon.hr] has joined #ubuntu-server
rakyi have to make a decision on whether to install xen or vmware on my LUG server.  its a compaq proliant with 2 P3s and 5x 19.2GB drives with 1 gig ram07:09
=== jdstrand [n=james@mail.strandboge.com] has joined #ubuntu-server
rakyi have seen the virt. techniques - para vs. full virt, and of course i'm limited by the server.07:11
rakyi just want to virtualize a linux distro or two07:12
rakypersonally, i would choose the vm software that looks like the market will choose, and that's probably vmware, but things change so often07:14
rakyhas feisty been fixed for xen and vmware yet?07:31
ivoksi would choose xen...07:33
rakyi've seen tutorials on fixing ubuntu for vmware. i didn't know if xen was the same07:33
ivoksum... what's there to fix?07:34
rakyjust like 5 cli edits07:34
rakyfor vmware, that is07:34
ivoksdo you have link for that tutorial?07:35
rakyin a bit07:35
rakysorry, can't find it.  i think the edits were before vmware was in the ubuntu repos07:38
ivoksvmware isn't in ubuntu repo07:39
rakyivoks, so for a noob, learning xen is not a whole lot more time consuming than learning vmware?07:39
ivokseh... vmware is probably a lot easier for a beginer07:40
rakyi have googled for plenty of tutorials over the past few weeks.  is vmware easier because of the GUI, or the virtualization techniques?07:40
ivoksit's easier cause of the gui, of course07:41
rakyhehe, of course, ok07:41
rakyi have like 3 real days or 2.5 days worth of hours to get the vmsoftware working.07:42
rakyok, thanks, haha07:42
ivoksno fixing here07:42
ivoksi guess you won't be using vi for editing sources.list :D07:43
ivoksbbl bye07:45
=== lamont [n=lamont@mix.mmjgroup.com] has joined #ubuntu-server
=== steve____ [n=steve@] has joined #ubuntu-server
steve____something is really, REALLY messed up on my server.08:47
steve____whenever it boots up, it doesnt have a net connection08:47
steve____the cat5 is plugged in, its configured for a static ip08:47
steve____but ifconfig eth0 doesnt show any ip08:48
steve____/etc/init.d/networking restart doesnt do anything08:48
steve____it gets an ip if i say ifup eth008:48
steve____but its still not connected to the net even then08:48
steve____it says network is unreachable08:48
steve____ok scratch that08:50
steve____doing ifup eth0 makes it work08:50
steve____but why doesnt it do that from the start?08:50
=== stiv2k [n=steve@] has joined #ubuntu-server
stiv2kanyone here???08:56
=== stiv2k [n=steve@] has joined #ubuntu-server
stiv2ksorry my server is going haywire09:02
stiv2kplease help09:02
kbrooksstiv2k, ask09:03
stiv2kkbrooks: i asked already09:03
stiv2kill ask it again09:03
stiv2khokay, so we just had a power outage at my apartment here09:03
stiv2kand when i booted my server back up, eth0 is down by default09:04
stiv2kand every tiem when i boot it up09:04
stiv2keth0 is down09:04
stiv2k/etc/init.d/networking restart does nothing09:04
stiv2ki can only bring it up by saying ifup eth009:04
stiv2kbut sholdnt it be up when the machine boots09:04
stiv2ki dont want to have to manually bring it up every time09:04
kbrookspastebin your /etc/networking/interfaces file09:05
stiv2kkbrooks: its only 4 lines09:05
stiv2kill paste it here if its ok09:05
kbrooksgo on09:05
stiv2kwell i have these 209:05
stiv2kauto lo09:05
stiv2kiface lo inet loopback09:05
stiv2kiface eth0 inet static09:06
kbrooksstiv2k, notice any differences?09:06
stiv2kauto eth0 ?09:06
kbrooksadd that and youre off to go09:07
stiv2kkbrooks: one more thing im not sure if you can help me w/ this09:07
stiv2kmy bopm wont start with this error09:07
stiv2k[Sep 01 19:07:47 2007]  MAIN -> Error opening /var/run/bopm/bopm.pid: No such file or directory09:07
ScottKDoes /var/run/bopm exist?09:09
kbrooksstiv2k, create it.09:09
ScottKmkdir /var/run/bopm and try again09:09
stiv2kbut i was under the impression that it gets created by the program09:09
ScottKSort of09:09
ScottK'/var/run is a tempfs in Ubuntu so it needs to get tested for at every start, not just install09:09
ScottKIs bopm from the Ubuntu repositories?09:10
ScottKIt's not a tempfs in Debian by default, so a lot of programs miss this.09:10
ScottKAssuming recreating the dir works, please file a bug against the package.09:10
stiv2kit works if i start bopm directly with `sudo bopm -dd`09:13
stiv2kbut it doesnt work if i call the script09:13
stiv2ksudo /etc/init.d/bopm start09:13
ScottKRight because the script tries to creat the PID file and can't.  When you call it directly you don't do that.09:13
stiv2kScottK: what should i do09:14
ScottKDid the init script work when you recreated the dir?09:14
stiv2ki dont know i have no way of looking at the debug output09:14
stiv2kwhen using the init script09:14
stiv2k-rw-r--r-- 1 root root 4 2007-09-01 15:12 /var/run/bopm/bopm.pid09:14
stiv2kit exists now though09:14
ScottKps -AF|grep bopm and see if it's running09:15
stiv2ksteve@galatea:~$ ps -AF|grep bopm09:15
stiv2ksteve     4701  4589  0   720   748   0 15:15 pts/2    00:00:00 grep bo09:15
ScottKlook in the PID file for the process number and see if that process is running.09:17
ScottKOK.  Gotta run for a bit too.09:17
stiv2kScottK: it's not09:18
ScottKThat's a separate problem then.  Definitely file a bug on var/run/bopm not getting recreated by the init.09:19
stiv2kScottK: file it to who?09:19
ScottKNot sure how much help I can be beyond that.  I don't even know what bopm is....09:19
stiv2kScottK: it was working fine before my server lost power09:19
ScottKGotta run.09:20
=== danp [i=danp@elmer.glueless.net] has joined #ubuntu-server
=== mdz_ [n=mdz@ip-81-1-103-136.cust.homechoice.net] has joined #ubuntu-server
=== mdz_ [n=mdz@host217-44-142-215.range217-44.btcentralplus.com] has joined #ubuntu-server
=== kurosaki [n=nandemon@ppp121-45-66-168.lns10.adl6.internode.on.net] has joined #ubuntu-server
danpdoes feisty preseeding support software RAID?11:49
=== AnRkey [n=AnRkey@87-194-62-131.bethere.co.uk] has joined #ubuntu-server
=== danp [i=danp@elmer.glueless.net] has left #ubuntu-server []

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!