/srv/irclogs.ubuntu.com/2009/08/09/#xubuntu.txt

=== Odin is now known as Guest13619
=== Guest13619 is now known as th0r
spasticteapotDoes anyone here know how to make my Palm PDA work with Linux?01:16
ToStItOs_Question for all of U I have a dial up modem and I have Xubuntu 8.10 if I install updates such as networking and Cups udates will that interfere with my modem driver02:01
ToStItOs_I want to install the security updates but I am afraid to due to some problems I had before but does anyone know if it will affect my modem driver02:05
ToStItOs_I have a bunch of updates to install02:06
ToStItOs_I know I will not finish them tonight for sure02:06
KittyKattQuestion: Where would I go editing if I wanted the xfce4-terminal to have the same colors as gnome-terminal.02:07
ToStItOs_Any suggestions???02:07
KittyKattBecause I know it's in bash.02:07
KittyKattwb02:15
ToStItOs_Oh thanks my clicking closed everything02:16
KittyKatt[AmsG] be back in a few02:38
_Master_hello everyone, im working on xubuntu and i cant get my second screen using s - video anyone got any help02:50
_Master_do I need fglrx to use ati radeon 9600's svideo out ???03:30
damo23what are the benefits of xubuntu 9.04 over 8.0404:21
damo23can i use my old menu in 9.04?04:22
hatake_kakashiI never tried 8.04 but you get newer features.. including libnotify04:24
hatake_kakashinewer kernel04:24
th0rdamo23: you might want to consider keeping 8.04.04:25
damo23i did a fresh install of ubuntu 9.04 on my friends machine, it seemed to have extra desktop eyecandy features than 8.0404:26
damo23like desktop switching by dragging a window off the screen04:27
damo23just like my xubuntu04:27
forcesif you like the stability, use 8.0404:27
th0rdamo23: yes, there are some new features, but there are also some problems. There are some video issues in jaunty that weren't in hardy, for instance04:27
th0rforces, right....the next lts release isn't for another six months...10.0404:27
forcesjust 8 months04:28
th0rdamo23: if you have 8.04 running dependably an upgrade might cause you some problems, be prepared for them04:28
forcesand we will have a new LTS04:28
hatake_kakashiand so 9.04 isn't deemed as stable?04:30
damo23ok i'll wait for the next LTS04:30
damo23but i might repartition my hard drive in the meantime04:31
th0rhatake_kakashi: I had a choice and installed 9.04, but wish I had gone with hardy instead04:31
damo23what is a good size for /04:31
damo23i have an 80Gb hard drive04:31
damo23and 15Gb is taken with xp pro04:31
hatake_kakashith0r, I hardly have regretted migrating from ibex to jaunty but never tried hardy04:31
th0rdamo23: I left 35 GB and used less than 7GB, so when I redo the drive I will leave about 15GB04:32
damo23cool04:32
th0rhatake_kakashi: hardy would have had better support for my laptop video04:32
hatake_kakashith0r, ahh *nods* in terms of wireless spec, later is generally better04:32
th0rhatake_kakashi: jaunty did support my broadcom chip, which surprised me, and did not support my atheros chip...which also surprised me.04:34
hatake_kakashith0r, that brings me back to the same question lol04:34
hatake_kakashiatheros non-usb?04:34
th0rno, atheros is usb, the broadcom is built-in04:35
hatake_kakashiyeah atheros usb is literally a dead zone.. its not one of those n-draft is it?04:35
th0rno...a G unit...just a little unit I can lay outside the cabin on the boat to get a little better reception04:35
hatake_kakashiyeah, atheros usb support for non n-draft has been pretty patchy.. no native drivers unless you were one of the lucky owners of ar5007ug04:36
hatake_kakashithere's ndiswrapper I suppose04:37
th0ryeah, I finally got it working with ndiswrapper ok....but surprised me as internal atheros cards have always been pretty easy to get going04:38
hatake_kakashiyeah there's a difference :)04:39
th0rsomeone hijacked my website <smile>. looks like 110mb.com has been hacked04:39
hatake_kakashiatheros has got good support non-usb, mimo or fullmac (rare) but apart from that04:39
th0ryeah...course the internal cards show up as pci cards so they were supported. but I figured an atheros chip is an atheros chip...was surprised to encounter problems with the usb unit.04:40
th0rbut what really disappointed me was the lack of support for my ati card in jaunty.04:40
hatake_kakashiheh I hear older ati cards aren't getting the necessary support04:41
th0ryeah...ati just walked away from them.04:41
th0rI will wait a little while after 10.04 comes out and see how it goes. Will either install that or 8.04 and then freeze my laptop...no more upgrades or any of that stuff...too many headaches04:42
th0rheck, I lost my internal wifi to the last kernel update....even had to dump that04:43
damo23th0r: i decided to wait for the next LTS release too, im running 8.04 very comfortably04:45
damo23but i will repartition my drive to 15Gb /04:45
th0rdamo23: I have been thinking about reclaiming that extra space in / and installing hardy at the same time. Would give me something to do <smile>.04:46
damo23th0r: sounds like a waste of time... who wants to have to reboot into a different flavour of linux04:47
damo23thats what vmware is for04:47
damo23:)04:48
th0rdamo23: well, if I installed hardy I could get better video suppport. I can't even run google earth or secondlife right now for the video tearing04:48
damo23ok04:48
th0rI actually had a better system going when I was running dapper drake (6.06)04:49
th0rI am no longer interested in being on the 'cutting edge'. I want to be able to get my email without difficulties04:49
damo23th0r: use IMAP webmail04:50
th0rdamo23: never....I leave nothing on the net in the way of personal info. Like I said...the little web page I had online just got hijacked...I sure don't want all my email online04:50
damo23:S04:51
damo23well use IMAP without webmail, that way all the email stays on the server04:52
damo23pay someone else to protect your data04:52
damo23then it doesnt matter which client you use to log into your email04:52
th0rthat is what I don't want. with pop all my email is right here...I control it. With imap someone else is storing it all...and I have no control over it.04:52
damo23i guess04:53
damo23makes reading it a hassle, you have to do it from the same computer04:53
th0rI guess that is a concept that people are having a hard time grasping. If you want secure data, take it off the network04:53
th0rwell...the career went with the dotcom crash so I only have this laptop.04:54
damo23ok04:54
th0rbut even when I was working....private email on my private computer, work email on the work computer04:54
damo23i just bought an unlimited hosting plan04:55
damo23so i can host unlimited domains04:55
damo23it was cheap as hell04:55
th0rdamo23: I would like to have a domain....my own email and web server. I used to keep one when I had an apartment and broadband, but here on the boat there is no way for me to do that04:55
th0rwould love to have a server tucked away somewhere to play with04:56
damo23i think i'll set one up at my mums place04:56
damo23i figured out how to set up a dns server04:56
damo23with bind04:56
damo23so i can host my own domain and dns04:56
damo23its pretty easy04:56
damo23the only thing is, her ISP blocks port 8004:57
damo23so i need to switch plans04:57
th0rand it is fun....I used to enjoy tinkering with my server. You can make one from an old desktop or laptop that the windows babies think is too old to be useful <smile>04:57
damo23yes04:57
th0rdamo23: put it on another port. I used non-standard ports for everything for security04:57
damo23th0r: but i want to run a webserver without using :<port> in the url04:58
th0rI only wanted my friends and family to get in, so I instructed them to go to <ip>:<port> to get to my website04:58
th0rif you want it open then yeah....you need port 8004:58
th0rI enjoyed knowing it wasn't going to get hacked <smile>04:59
damo23:D04:59
damo23i just downloaded nmap 5,  its a pretty cool port scanner you can spoof your mac address and ip address04:59
damo23:P04:59
th0rwhen I first put it online I used to see three or four hack attempts on ssh every day. Moved ssh off port 22 and it dropped to zero....over a year with no attempts04:59
th0rthere is a gui version now called zenmap05:00
damo23yes05:00
damo23are u serious? 3-4 hacks per day?05:00
damo23but ssh is secure isnt it?05:01
th0ryeah...but I would see a bot attempting to get in...maybe 20 userid/passwd sent trying to gain access.05:01
geniidamo23: Once established traffic from an ssh session is hard to decrypt. But that doesn't do much if someone gets a password by brute-force05:01
th0rhow do you think the chinese are finding all those govt systems to get into? <smile>05:02
damo23genii: oh i see05:02
th0rbut they don't waste time on non-standard ports...if port 22 doesn't answer they move to the next ip05:02
geniith0r: I had a server getting hammered 20-30 times a second for a while05:02
damo23cant you set ssh to timeout after 3 invalid attempts05:03
damo23and not allow any logins05:03
th0rgenii: exactly. Move ssh to a port near the top...53265 or something like that...and you won't see a single attempt05:03
geniiUsing something like "honeypot" also is useful05:03
th0ranother interesting concept I haven't yet had a chance to try is port knocking....like a combination lock on your ssh05:04
damo23interesting05:04
th0rit is in the repos....'knock' (no imagination <smile>)05:04
genii!info honeypot05:05
ubottuPackage honeypot does not exist in jaunty05:05
geniiHm05:05
genii!info labrea05:06
ubottulabrea (source: labrea): a "sticky" honeypot and IDS. In component universe, is optional. Version 2.5-stable-3 (jaunty), package size 53 kB, installed size 168 kB05:06
th0ryou can use it for any service you like. You totally lock up the system using iptables. When the daemon sees a configured sequence of port accesses it opens whatever is configured05:06
th0rthat is why I want the server....things like 'knockd' fascinate me05:07
damo23th0r: THATS COOL05:07
th0rI would like to open a data center that specializes in secure storage....with tools like knock05:07
damo23th0r: but surely you cant have a system with 100% filtered ports and still have the knock daemon reading the port accesses05:08
th0rdamo23: why not? iptables sees the packets at the ports...but doesn't let them in. Knockd also watches...the packets don't have to get in...just 'knock'05:09
damo23th0r: what if there is packet loss05:09
damo23the combination will be invalid05:09
th0rwhat if you dial a wrong combinatiion? <smile> you just send the combination again.05:10
damo23ok05:10
damo23thats friggin awesome05:10
th0rthere is a tool called knock in the package...you configure knock to send the proper sequence of packets to the ip of the server.05:11
damo23can you configure how long the ports stay open after u knock05:11
th0ryes, if you want you can open a port for only 30 minutes, or whatever, or you can open it til you close it again05:12
th0rthere is a pretty good readme in the package, you might want to install it and take a look. Unless you turn it on it won't hurt to have it sitting on the hard drive05:12
damo23but the port has to be open for the duration of the ssh session?05:13
th0rthe man page for knock is really good as well05:13
damo23ok05:13
th0rwell, if you configure it to open ssh for 30 minutes, you better be done in 30 minutes. If you configure it to open ssh and leave it, then you have all the time in the world05:13
th0rI had read about port knocking about a year ago...was pleasantly surprised the other day to see a package for it in jaunty05:14
geniiI'm intrigued by Ksplice ... rebootless upgrades05:19
damo23th0r: i can see how port knocking would stop random port scan attacks, but if someone knew your ip and really wanted to hack your machine, it wouldnt stop them05:26
damo23just make it slightly more difficult05:26
th0rdamo23: a four number combination, each number between 1 and 65535, and each either tcp or udp.....how many crays do you have?05:27
th0rdamo23:  and it doesn't have to be four...could be any number of knocks05:27
damo23but they can monitor your network traffic and get the combination05:28
geniiEven after a successful knock you'd still have to know what service you're actually connecting to05:28
damo23especially if there is hardly any traffic, suddenly there are this sequence of random ports05:29
damo23its like watching you enter the combination05:30
th0rdamo23: agreed...where are they collecting this data at? what traffic are they collecting? If they are on a router at your isp they get all the traffic going through that router and have to sift through it for YOUR ip.....we are talking about a lot of work for what gain? Just like a car thief...they will move on to an easier target of opportunity05:31
geniiI imagine someone will figure a way to rotate/semi-randomize the port sequence so the same one can't be used twice05:32
damo23th0r: what we are talking about isnt security, its obscurity05:33
th0rdamo23: I guess it might be interpreted that way. A concerted effort to hack into your system would still be possible...but sure would be a lot of work05:34
damo23a more secure way would be to set up a regular webserver on SSL port 443 and enter a password, and the password opens up the ssh port05:36
th0rdamo23: or an ssh tunnel to the gateway and then knock on the server05:37
damo23lol05:38
damo23or a sequence of ssh tunnels to different servers, and finally to your server05:40
th0rdamo23: don't laugh...that is how I accessed my home network. An ssh tunnel to one computer and then via that tunnel to all the others. the only port open was an oddball port for ssh05:40
genii"hopscotch"05:41
th0rand that port was forwarded from the wifi router05:41
damo23i think i'll just set up ssh on a very high port05:41
damo23that should be enough security05:42
damo23for a home server05:42
th0rdamo23: that's my point....add port knocking and how much more 'enough' will you have <smile>05:42
damo23so you can use port 1-6553605:43
th0rfor ssh, yes. just set the port number in sshd_conf05:44
th0rwhatever port sshd is listening on, that is the port you use with ssh05:45
anom01yhow do I restore the desktop after running nautilus without the --no-desktop06:01
anom01yoption.  For some reason it screwed up my desktop06:01
damo23anom01y: assuming you are running xfce and you want your xfce desktop back06:22
damo23anom01y: sudo killall nautilus && xfdesktop &06:23
anom01yI am trying to run the command insmod /lib/modules/`uname -r`/updates/dkms/fglrx.ko, and I get error -1 cannot allocate memory. Not sure what I am doing wrong,07:08
turtle_G'day all, I am unable to unmount a usb stick due to it being locked, has anyone got a solution?08:52
turtle_its ok the usb is problematic, scrubbed the partition and started again, problem solvered08:58
turtle_writing img now08:59
damo23i just upgraded pidgin from 2.0.2 to 2.5.8 in xubuntu, but when i restart pidgin, i still get 2.0.2, what am i doing wrong?09:39
Glenjaminhi guys, whenever i plug in my usb printer, dmesg gives an error saying unable to enumerate usb device. Is there anywhere I can look to get more verbose information about the error?11:55
o123hallohello18:39
o123hallocan someone help me18:39
o123halloi wanna add a menuentry18:39
o123halloi installed the newest eagle version (/opt/Eagle)18:40
o123halloso i have in my Eagle.desktop: Exec=/opt/Eagle/bin/eagle18:40
o123hallois that right?18:40
=== _Master_ is now known as lsemple
=== maverick_ is now known as maverick`-

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!