[12:25] kshah: `sudo dpkg-reconfigure postfix` does simple configurations [12:25] the ubuntu server guide is bringing me through a crazy SMTP authentication config [12:26] i'm messing with ssl keys and whatnot [12:26] I did this before I believe.. (then the server aka laptop died) [12:27] kshah, huh? server == lappy? wtf..... [12:27] kshah: I have found that supporting email is getting increasingly tiresome over the years. keeping up in the war on spam et al is a nightmare. outsourcing to google apps or fastmail can be appealing [12:28] that'll probably be the end solution once things get going [12:28] kbrooks: not my choice [12:28] but it resulted in a proper server being bought [12:28] kbrooks: what do you mean? built-in ups that lasts for hours!! :-) [12:29] nealmcb, ups? [12:29] (aka battery) [12:29] how long does the UPS on your server last :-) [12:30] nealmcb, but laptops are prone to overheating due to their small size [12:30] note the smiley faces. but I bet they are a good choice in some circumstances.... [12:36] yeah in mexico [12:37] it even has a built in console :) === mathiaz [n=mathiaz@dsl-207-112-92-37.tor.primus.ca] has joined #ubuntu-server === pteague [n=patrick@ip72-213-145-156.ok.ok.cox.net] has joined #ubuntu-server === osmosis [n=steven@cpe-76-80-127-252.socal.res.rr.com] has joined #ubuntu-server === raky [n=kent@24-197-132-105.dhcp.spbg.sc.charter.com] has joined #ubuntu-server === ubotu [n=ubotu@ubuntu/bot/ubotu] has joined #ubuntu-server === kupesoft [n=dave@CPE003018b02a53-CM0018c0c44e76.cpe.net.cable.rogers.com] has joined #ubuntu-server [01:23] How can I tell whether `cat /proc/cpuinfo` is telling me about 2 physical CPUs or about a hyperthreaded CPU? [01:23] look for an HT switch [01:23] *flag [01:23] iirc === rbrunhuber [n=Miranda@p54977683.dip.t-dialin.net] has joined #ubuntu-server === mdz_ [n=mdz@ip-81-1-103-136.cust.homechoice.net] has joined #ubuntu-server === justinwray [n=justinwr@c-68-34-224-91.hsd1.md.comcast.net] has joined #ubuntu-server === w0nder [n=gi_w0nde@ip68-1-184-254.ri.ri.cox.net] has joined #ubuntu-server === kshah [n=kunalash@ool-44c0ac9c.dyn.optonline.net] has joined #ubuntu-server === dendrobates [n=dendroba@adsl-065-005-186-012.sip.asm.bellsouth.net] has joined #ubuntu-server [03:23] could there be an issue with trying to install ubuntu server on an intel? [03:29] no bro [03:30] pteague: Well, it is built for i1368, so doubtful, what sort of error? [03:30] what yous prob? [03:30] r [03:30] i386* Sorry for the typo [03:41] i keep getting file corruption errors on deb packages when trying to install... the md5sum checks out & i've burned 3 CDs & all gave me the same error, but different deb files... the last i burned at 4x [03:42] And you do the CD check on boot, which comes back fine? [03:42] Run memtest on that system? [03:42] cd check? guess not [03:43] When you boot, you have the option of checking the integrity of the CD. [03:43] k, checking disk [03:43] Okay. [03:46] console-tools_0.2.3dbs-65ubuntu3_i386.deb failed the md5 checksum... why would the iso pass an md5 check, but then would corrupt the disk in different places when it's burned? [03:46] Run memtest on that system? === YourMomsHero [n=cirish@ip24-251-191-203.ph.ph.cox.net] has joined #ubuntu-server === pteague [n=patrick@ip72-213-145-156.ok.ok.cox.net] has joined #ubuntu-server [04:44] ok, apparently i can't even burn a the small net installer for debian without it being corrupt === PanzerMKZ [i=Panzer@03-041.136.popsite.net] has joined #ubuntu-server === osmosis [n=steven@cpe-76-80-127-252.socal.res.rr.com] has joined #ubuntu-server === snook353 [n=lee@24-197-132-105.dhcp.spbg.sc.charter.com] has joined #ubuntu-server === snook353 is now known as raky === nandemonai [n=nandemon@ppp121-45-57-227.lns11.adl2.internode.on.net] has joined #ubuntu-server === jbrouhard [n=jbrouhar@24.121.169.166] has joined #ubuntu-server === AnRkey [n=AnRkey@host-83-146-42-229.bulldogdsl.com] has joined #ubuntu-server === kurosaki [n=nandemon@ppp121-45-28-166.lns10.adl2.internode.on.net] has joined #ubuntu-server === ivoks [n=ivoks@22-115.dsl.iskon.hr] has joined #ubuntu-server === ScottK2 [n=ScottK@ubuntu/member/scottk] has joined #ubuntu-server === kurosaki [n=nandemon@ppp121-45-66-168.lns10.adl6.internode.on.net] has joined #ubuntu-server === dexem [n=dani@212.97.172.119.dyn.user.ono.com] has joined #ubuntu-server === pschulz01 [n=pschulz0@ubuntu/member/pschulz01] has joined #ubuntu-server === Nicke [n=niclasa@ua-83-227-140-135.cust.bredbandsbolaget.se] has joined #ubuntu-server === fernando_ [n=fernando@189.0.148.64] has joined #ubuntu-server === PanzerMKZ [i=Panzer@09-046.136.popsite.net] has joined #ubuntu-server === SWAT_ [n=SWAT@swat.xs4all.nl] has joined #ubuntu-server === SWAT [n=SWAT@ubuntu/member/swat] has joined #ubuntu-server === kbrooks [n=kbrooks@d235-137-190.home1.cgocable.net] has joined #ubuntu-server [03:21] i have a question. i would like to monitor everything (only silently) that is sent over suspect ports. For example, if i type [03:22] telnet mail.server.com 25 [03:22] i would like to see the normal stuff sent by the server, except logged [03:23] how would i do this? [03:24] tcpdump [03:25] soren, What if a user has finished sending spam to the mail server when I run tcpdump? [03:25] what? [03:26] kbrooks, look in the mail server logs? [03:26] "suspect ports" [03:26] kbrooks: Are you asking if Ubuntu saves all your network traffic so that you can look at it later? [03:26] soren, No. It doesn't. I would like it to. [03:27] kbrooks: tcpdump [03:27] kbrooks: But you need to start it before it does anything.. [03:28] soren, Does tcpdump log user information like who connected to a particular server? [03:28] kbrooks: It logs plain network traffic. You can look at it afterwards (e.g. with wireshark or something). [03:30] soren, what about the user info? Please don't evade questions [03:30] kbrooks: Why would I be evading questions? I'm trying my best to ask your rather odd questions. [03:31] kbrooks: First you call it suspect ports, then it's telnet, then it's spam.. What are you trying to do [03:31] ? [03:31] kbrooks: I you want answers, you've got to ask proper questions. [03:32] soren, port 25 is a suspect port because it can be used to send spam. [03:32] kbrooks: Well, I can choose to send nuclear missile launch codes over port 80 if I choose to. That's beside the point. [03:33] kbrooks: What are you trying to do? [03:33] kbrooks: Please don't evade the question. [03:33] :) [03:35] soren, monitor specific inbound and outbpund ports for questionable content, and pinpoint the user who is sending or receiving the content at which port so that i can enforce rules === leonel [n=leonel@189.155.111.233] has joined #ubuntu-server [03:35] kbrooks: You seriously want to sit around and stare at network traffic all day? [03:36] soren, No. hence the log request. [03:36] kbrooks: You realise that going from packet filtering to spam filtering is far from trivial, right? [03:36] kbrooks: Ok, so you want to log it all day and stare at it all night. That's not much different. [03:36] ie: The contents of individual packets aren't all that interesting. [03:36] kbrooks: Is it at all posibble that the question you want to ask is: "How do I avoid spam?" [03:37] kbrooks: If so, please ask that instead. [03:37] And knowing when a message begins and ends, when you didn't initiate the connection, is. Special. [03:37] infinity, thats why there is wireshark. [03:37] Or, "how do I avoid untrusted users sending spam from my machine?" [03:37] soren, um, i think i want to ask that yes [03:38] To which the answer should almost surely be "don't let untrusted users use your machine". [03:38] Fighting spam (inbound or outbound) at the packet level seems very much the wrong way to go about things. [03:38] kbrooks: Alright. Is this spam you want to avoid coming into your machine or going out from it? That seems to be a bit unclear. [03:39] soren, going out from my machine by a user. [03:39] kbrooks: Wack him with a stick? [03:39] soren, how do i whack him when i don't know if he/she hasnt sent spam? [03:40] (We return to my "why are you allowing untrusted users access to your machine?" question) [03:40] because i am doing a free shell/web hosting service. [03:41] Ngh. [03:41] Alright. [03:41] Do you use it as a mail server? [03:41] Block 25 outbound from all but the local MTA, forcing all users to send mail via the MTA, and do your spam filtering at the MTA level. [03:42] (filtering, monitoring, logging, whatever) [03:44] infinity, i would do that, and i will - in a second - but i don't have a local MTA. i would like one so that I can support checking e-mail via the CLI. [03:44] kbrooks: You don't need and MTA to check e-mail from the cli. [03:44] kbrooks: And if you don't have an MTA, just block outgoing connections to port 25. [03:44] OK. [03:45] thank you for breakig down my question earlier. noW, HOW do i block outgoin g connections to port 25? [03:46] iptables -I OUTPUT -j DROP -p tcp --dport 25 [03:46] also, ulimit didnt seem to work to stop fork bombs. i set the ulimit thru /etc/security/limits.conf [03:46] and logged out and in [03:47] but when i ran :() { : | : &; }; : [03:47] the ulimit didnt kick in [03:47] In the future, asking questions like: "I want to achieve X. I've thought doing that by doing B and C, but have run into problem D..." makes everything much easier for everyone. [03:48] That would have saved us the first 15 minutes of this conversation :) [03:48] @untrusted hard nproc 20 [03:48] ^^ something like that? [03:49] infinity, where @untrusted means? [03:49] kbrooks: A UNIX group that you add your untrusted users to. [03:49] (was just an example) [03:50] * hard nproc 4000 # i did this, but this doesnt work [03:50] I'm sure it works fine. [03:50] 4000 is a lot of forks. [03:50] 4000 is enough for a fork bomb to be quite annoying. [03:51] infinity, then why don't i think it works fine? [03:51] Because it's bringing the machine to its knees before it gets to 4000? [03:51] ok. [03:51] Have you ever had 4000 processes runniing on that machine? [03:51] no [03:52] Exactly. [03:52] Your users probably don't need more than 10 processes at a time, really. :) [03:52] For the kind of users you're looking at, 20 should be plenty. [03:52] i set that limit, now i logout and in? [03:53] You don't want that as a global limit, though. [03:53] It'll choke apache and such, as well. [03:53] infinity, fair enough.... [03:56] k good [03:56] works. [04:02] thanks! === ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-server === rbrunhuber [n=Miranda@p54975BBD.dip.t-dialin.net] has joined #ubuntu-server [04:29] sigh [04:29] okay. so in tcpdump, i see something about a IRC server IP [04:30] and i get suspicious [04:30] so i use netstat and notice that a user is possibly connected to the irc server (only a suspicion so far, dont know yet) [04:31] so i attempt to connect to the server and get kicked off bc of clones. [04:32] the lines in netstat i'm talking about are [04:32] tcp 0 0 192.168.0.101:4424 8.7.233.44:ircd ESTABLISHED [04:32] tcp 0 0 192.168.0.101:3367 ffneural.net:13333 ESTABLISHED [04:33] so i type something like, ps aux and notice that the user in question runs a eggdrop [04:34] and THEN i sudo as the user, cd to the configuration, read it, and notice that.... [04:35] the bot is named fswh, and it connects to a hub [04:35] and the irc server ip [04:35] i dont know what the hub is for, maybe exploits? i dunno. [04:37] either way, i suspect abuse, and i will block the ports (except for IRC, which I will disconnect and talk to the irc server admin about) mentioned in the config file === kbrooks scrolls up === raky [n=kent@24-197-132-105.dhcp.spbg.sc.charter.com] has joined #ubuntu-server === dendrobates [n=dendroba@adsl-065-005-186-012.sip.asm.bellsouth.net] has joined #ubuntu-server === lamont [n=lamont@mix.mmjgroup.com] has joined #ubuntu-server === jbrouhard [n=jbrouhar@adsl-66-142-232-119.dsl.hstntx.swbell.net] has joined #ubuntu-server === dendrobates [n=dendroba@adsl-065-005-186-012.sip.asm.bellsouth.net] has joined #ubuntu-server === ivoks_ [n=ivoks@17-127.dsl.iskon.hr] has joined #ubuntu-server [07:09] i have to make a decision on whether to install xen or vmware on my LUG server. its a compaq proliant with 2 P3s and 5x 19.2GB drives with 1 gig ram === jdstrand [n=james@mail.strandboge.com] has joined #ubuntu-server [07:11] i have seen the virt. techniques - para vs. full virt, and of course i'm limited by the server. [07:12] i just want to virtualize a linux distro or two [07:14] personally, i would choose the vm software that looks like the market will choose, and that's probably vmware, but things change so often [07:31] has feisty been fixed for xen and vmware yet? [07:33] fixed? [07:33] i would choose xen... [07:33] i've seen tutorials on fixing ubuntu for vmware. i didn't know if xen was the same [07:34] um... what's there to fix? [07:34] just like 5 cli edits [07:34] for vmware, that is [07:35] do you have link for that tutorial? [07:35] in a bit [07:38] sorry, can't find it. i think the edits were before vmware was in the ubuntu repos [07:39] vmware isn't in ubuntu repo [07:39] ivoks, so for a noob, learning xen is not a whole lot more time consuming than learning vmware? [07:40] eh... vmware is probably a lot easier for a beginer [07:40] i have googled for plenty of tutorials over the past few weeks. is vmware easier because of the GUI, or the virtualization techniques? [07:41] it's easier cause of the gui, of course [07:41] hehe, of course, ok [07:42] i have like 3 real days or 2.5 days worth of hours to get the vmsoftware working. [07:42] http://www.ubuntugeek.com/how-to-install-vmware-server-from-canonical-commercial-repository-in-ubuntu-feisty.html [07:42] ok, thanks, haha [07:42] no fixing here [07:43] i guess you won't be using vi for editing sources.list :D [07:43] lol [07:45] bbl bye === lamont [n=lamont@mix.mmjgroup.com] has joined #ubuntu-server === steve____ [n=steve@207.138.91.59] has joined #ubuntu-server [08:47] ok [08:47] something is really, REALLY messed up on my server. [08:47] whenever it boots up, it doesnt have a net connection [08:47] the cat5 is plugged in, its configured for a static ip [08:48] but ifconfig eth0 doesnt show any ip [08:48] /etc/init.d/networking restart doesnt do anything [08:48] it gets an ip if i say ifup eth0 [08:48] but its still not connected to the net even then [08:48] it says network is unreachable [08:48] ....... [08:50] ok scratch that [08:50] doing ifup eth0 makes it work [08:50] but why doesnt it do that from the start? [08:51] brb === stiv2k [n=steve@207.138.91.59] has joined #ubuntu-server [08:51] ok [08:56] ughhhhhh [08:56] anyone here??? === stiv2k [n=steve@207.138.91.59] has joined #ubuntu-server [09:02] ok [09:02] sorry my server is going haywire [09:02] please help [09:03] stiv2k, ask [09:03] kbrooks: i asked already [09:03] ill ask it again [09:03] :P [09:03] hokay, so we just had a power outage at my apartment here [09:04] and when i booted my server back up, eth0 is down by default [09:04] and every tiem when i boot it up [09:04] eth0 is down [09:04] /etc/init.d/networking restart does nothing [09:04] i can only bring it up by saying ifup eth0 [09:04] but sholdnt it be up when the machine boots [09:04] i dont want to have to manually bring it up every time [09:05] pastebin your /etc/networking/interfaces file [09:05] ok [09:05] kbrooks: its only 4 lines [09:05] ill paste it here if its ok [09:05] ok [09:05] go on [09:05] well i have these 2 [09:05] auto lo [09:05] iface lo inet loopback [09:06] iface eth0 inet static [09:06] address 192.168.1.10 [09:06] netmask 255.255.255.0 [09:06] gateway 192.168.1.1 [09:06] stiv2k, notice any differences? [09:06] auto eth0 ? [09:07] correct [09:07] yikes [09:07] add that and youre off to go [09:07] ok [09:07] straight [09:07] kbrooks: one more thing im not sure if you can help me w/ this [09:07] ask [09:07] my bopm wont start with this error [09:07] [Sep 01 19:07:47 2007] MAIN -> Error opening /var/run/bopm/bopm.pid: No such file or directory [09:09] Does /var/run/bopm exist? [09:09] no [09:09] stiv2k, create it. [09:09] mkdir /var/run/bopm and try again [09:09] but i was under the impression that it gets created by the program [09:09] Sort of [09:09] '/var/run is a tempfs in Ubuntu so it needs to get tested for at every start, not just install [09:10] Is bopm from the Ubuntu repositories? [09:10] oh [09:10] um [09:10] yeah [09:10] It's not a tempfs in Debian by default, so a lot of programs miss this. [09:10] Assuming recreating the dir works, please file a bug against the package. [09:12] ok [09:13] wtf [09:13] it works if i start bopm directly with `sudo bopm -dd` [09:13] but it doesnt work if i call the script [09:13] sudo /etc/init.d/bopm start [09:13] Right because the script tries to creat the PID file and can't. When you call it directly you don't do that. [09:14] ScottK: what should i do [09:14] Did the init script work when you recreated the dir? [09:14] i dont know i have no way of looking at the debug output [09:14] when using the init script [09:14] -rw-r--r-- 1 root root 4 2007-09-01 15:12 /var/run/bopm/bopm.pid [09:14] it exists now though [09:15] ps -AF|grep bopm and see if it's running [09:15] steve@galatea:~$ ps -AF|grep bopm [09:15] steve 4701 4589 0 720 748 0 15:15 pts/2 00:00:00 grep bo [09:15] pm [09:17] bbl [09:17] look in the PID file for the process number and see if that process is running. [09:17] OK. Gotta run for a bit too. [09:18] ScottK: it's not [09:19] That's a separate problem then. Definitely file a bug on var/run/bopm not getting recreated by the init. [09:19] ScottK: file it to who? [09:19] Not sure how much help I can be beyond that. I don't even know what bopm is.... [09:19] Launchpad [09:19] ScottK: it was working fine before my server lost power [09:19] ok [09:20] Gotta run. [09:20] cya === danp [i=danp@elmer.glueless.net] has joined #ubuntu-server === mdz_ [n=mdz@ip-81-1-103-136.cust.homechoice.net] has joined #ubuntu-server === mdz_ [n=mdz@host217-44-142-215.range217-44.btcentralplus.com] has joined #ubuntu-server === kurosaki [n=nandemon@ppp121-45-66-168.lns10.adl6.internode.on.net] has joined #ubuntu-server [11:49] does feisty preseeding support software RAID? === AnRkey [n=AnRkey@87-194-62-131.bethere.co.uk] has joined #ubuntu-server === danp [i=danp@elmer.glueless.net] has left #ubuntu-server []