=== Odin is now known as Guest13619
=== Guest13619 is now known as th0r
[01:16] <spasticteapot> Does anyone here know how to make my Palm PDA work with Linux?
[02:01] <ToStItOs_> Question for all of U I have a dial up modem and I have Xubuntu 8.10 if I install updates such as networking and Cups udates will that interfere with my modem driver
[02:05] <ToStItOs_> I want to install the security updates but I am afraid to due to some problems I had before but does anyone know if it will affect my modem driver
[02:06] <ToStItOs_> I have a bunch of updates to install
[02:06] <ToStItOs_> I know I will not finish them tonight for sure
[02:07] <KittyKatt> Question: Where would I go editing if I wanted the xfce4-terminal to have the same colors as gnome-terminal.
[02:07] <ToStItOs_> Any suggestions???
[02:07] <KittyKatt> Because I know it's in bash.
[02:15] <KittyKatt> wb
[02:16] <ToStItOs_> Oh thanks my clicking closed everything
[02:38] <KittyKatt> [AmsG] be back in a few
[02:50] <_Master_> hello everyone, im working on xubuntu and i cant get my second screen using s - video anyone got any help
[03:30] <_Master_> do I need fglrx to use ati radeon 9600's svideo out ???
[04:21] <damo23> what are the benefits of xubuntu 9.04 over 8.04
[04:22] <damo23> can i use my old menu in 9.04?
[04:24] <hatake_kakashi> I never tried 8.04 but you get newer features.. including libnotify
[04:24] <hatake_kakashi> newer kernel
[04:25] <th0r> damo23: you might want to consider keeping 8.04.
[04:26] <damo23> i did a fresh install of ubuntu 9.04 on my friends machine, it seemed to have extra desktop eyecandy features than 8.04
[04:27] <damo23> like desktop switching by dragging a window off the screen
[04:27] <damo23> just like my xubuntu
[04:27] <forces> if you like the stability, use 8.04
[04:27] <th0r> damo23: yes, there are some new features, but there are also some problems. There are some video issues in jaunty that weren't in hardy, for instance
[04:27] <th0r> forces, right....the next lts release isn't for another six months...10.04
[04:28] <forces> just 8 months
[04:28] <th0r> damo23: if you have 8.04 running dependably an upgrade might cause you some problems, be prepared for them
[04:28] <forces> and we will have a new LTS
[04:30] <hatake_kakashi> and so 9.04 isn't deemed as stable?
[04:30] <damo23> ok i'll wait for the next LTS
[04:31] <damo23> but i might repartition my hard drive in the meantime
[04:31] <th0r> hatake_kakashi: I had a choice and installed 9.04, but wish I had gone with hardy instead
[04:31] <damo23> what is a good size for /
[04:31] <damo23> i have an 80Gb hard drive
[04:31] <damo23> and 15Gb is taken with xp pro
[04:31] <hatake_kakashi> th0r, I hardly have regretted migrating from ibex to jaunty but never tried hardy
[04:32] <th0r> damo23: I left 35 GB and used less than 7GB, so when I redo the drive I will leave about 15GB
[04:32] <damo23> cool
[04:32] <th0r> hatake_kakashi: hardy would have had better support for my laptop video
[04:32] <hatake_kakashi> th0r, ahh *nods* in terms of wireless spec, later is generally better
[04:34] <th0r> hatake_kakashi: jaunty did support my broadcom chip, which surprised me, and did not support my atheros chip...which also surprised me.
[04:34] <hatake_kakashi> th0r, that brings me back to the same question lol
[04:34] <hatake_kakashi> atheros non-usb?
[04:35] <th0r> no, atheros is usb, the broadcom is built-in
[04:35] <hatake_kakashi> yeah atheros usb is literally a dead zone.. its not one of those n-draft is it?
[04:35] <th0r> no...a G unit...just a little unit I can lay outside the cabin on the boat to get a little better reception
[04:36] <hatake_kakashi> yeah, atheros usb support for non n-draft has been pretty patchy.. no native drivers unless you were one of the lucky owners of ar5007ug
[04:37] <hatake_kakashi> there's ndiswrapper I suppose
[04:38] <th0r> yeah, I finally got it working with ndiswrapper ok....but surprised me as internal atheros cards have always been pretty easy to get going
[04:39] <hatake_kakashi> yeah there's a difference :)
[04:39] <th0r> someone hijacked my website <smile>. looks like 110mb.com has been hacked
[04:39] <hatake_kakashi> atheros has got good support non-usb, mimo or fullmac (rare) but apart from that
[04:40] <th0r> yeah...course the internal cards show up as pci cards so they were supported. but I figured an atheros chip is an atheros chip...was surprised to encounter problems with the usb unit.
[04:40] <th0r> but what really disappointed me was the lack of support for my ati card in jaunty.
[04:41] <hatake_kakashi> heh I　hear older ati cards aren't getting the necessary support
[04:41] <th0r> yeah...ati just walked away from them.
[04:42] <th0r> I will wait a little while after 10.04 comes out and see how it goes. Will either install that or 8.04 and then freeze my laptop...no more upgrades or any of that stuff...too many headaches
[04:43] <th0r> heck, I lost my internal wifi to the last kernel update....even had to dump that
[04:45] <damo23> th0r: i decided to wait for the next LTS release too, im running 8.04 very comfortably
[04:45] <damo23> but i will repartition my drive to 15Gb /
[04:46] <th0r> damo23: I have been thinking about reclaiming that extra space in / and installing hardy at the same time. Would give me something to do <smile>.
[04:47] <damo23> th0r: sounds like a waste of time... who wants to have to reboot into a different flavour of linux
[04:47] <damo23> thats what vmware is for
[04:48] <damo23> :)
[04:48] <th0r> damo23: well, if I installed hardy I could get better video suppport. I can't even run google earth or secondlife right now for the video tearing
[04:48] <damo23> ok
[04:49] <th0r> I actually had a better system going when I was running dapper drake (6.06)
[04:49] <th0r> I am no longer interested in being on the 'cutting edge'. I want to be able to get my email without difficulties
[04:50] <damo23> th0r: use IMAP webmail
[04:50] <th0r> damo23: never....I leave nothing on the net in the way of personal info. Like I said...the little web page I had online just got hijacked...I sure don't want all my email online
[04:51] <damo23> :S
[04:52] <damo23> well use IMAP without webmail, that way all the email stays on the server
[04:52] <damo23> pay someone else to protect your data
[04:52] <damo23> then it doesnt matter which client you use to log into your email
[04:52] <th0r> that is what I don't want. with pop all my email is right here...I control it. With imap someone else is storing it all...and I have no control over it.
[04:53] <damo23> i guess
[04:53] <damo23> makes reading it a hassle, you have to do it from the same computer
[04:53] <th0r> I guess that is a concept that people are having a hard time grasping. If you want secure data, take it off the network
[04:54] <th0r> well...the career went with the dotcom crash so I only have this laptop.
[04:54] <damo23> ok
[04:54] <th0r> but even when I was working....private email on my private computer, work email on the work computer
[04:55] <damo23> i just bought an unlimited hosting plan
[04:55] <damo23> so i can host unlimited domains
[04:55] <damo23> it was cheap as hell
[04:55] <th0r> damo23: I would like to have a domain....my own email and web server. I used to keep one when I had an apartment and broadband, but here on the boat there is no way for me to do that
[04:56] <th0r> would love to have a server tucked away somewhere to play with
[04:56] <damo23> i think i'll set one up at my mums place
[04:56] <damo23> i figured out how to set up a dns server
[04:56] <damo23> with bind
[04:56] <damo23> so i can host my own domain and dns
[04:56] <damo23> its pretty easy
[04:57] <damo23> the only thing is, her ISP blocks port 80
[04:57] <damo23> so i need to switch plans
[04:57] <th0r> and it is fun....I used to enjoy tinkering with my server. You can make one from an old desktop or laptop that the windows babies think is too old to be useful <smile>
[04:57] <damo23> yes
[04:57] <th0r> damo23: put it on another port. I used non-standard ports for everything for security
[04:58] <damo23> th0r: but i want to run a webserver without using :<port> in the url
[04:58] <th0r> I only wanted my friends and family to get in, so I instructed them to go to <ip>:<port> to get to my website
[04:58] <th0r> if you want it open then yeah....you need port 80
[04:59] <th0r> I enjoyed knowing it wasn't going to get hacked <smile>
[04:59] <damo23> :D
[04:59] <damo23> i just downloaded nmap 5,  its a pretty cool port scanner you can spoof your mac address and ip address
[04:59] <damo23> :P
[04:59] <th0r> when I first put it online I used to see three or four hack attempts on ssh every day. Moved ssh off port 22 and it dropped to zero....over a year with no attempts
[05:00] <th0r> there is a gui version now called zenmap
[05:00] <damo23> yes
[05:00] <damo23> are u serious? 3-4 hacks per day?
[05:01] <damo23> but ssh is secure isnt it?
[05:01] <th0r> yeah...but I would see a bot attempting to get in...maybe 20 userid/passwd sent trying to gain access.
[05:01] <genii> damo23: Once established traffic from an ssh session is hard to decrypt. But that doesn't do much if someone gets a password by brute-force
[05:02] <th0r> how do you think the chinese are finding all those govt systems to get into? <smile>
[05:02] <damo23> genii: oh i see
[05:02] <th0r> but they don't waste time on non-standard ports...if port 22 doesn't answer they move to the next ip
[05:02] <genii> th0r: I had a server getting hammered 20-30 times a second for a while
[05:03] <damo23> cant you set ssh to timeout after 3 invalid attempts
[05:03] <damo23> and not allow any logins
[05:03] <th0r> genii: exactly. Move ssh to a port near the top...53265 or something like that...and you won't see a single attempt
[05:03] <genii> Using something like "honeypot" also is useful
[05:04] <th0r> another interesting concept I haven't yet had a chance to try is port knocking....like a combination lock on your ssh
[05:04] <damo23> interesting
[05:04] <th0r> it is in the repos....'knock' (no imagination <smile>)
[05:05] <genii> !info honeypot
[05:05] <ubottu> Package honeypot does not exist in jaunty
[05:05] <genii> Hm
[05:06] <genii> !info labrea
[05:06] <ubottu> labrea (source: labrea): a "sticky" honeypot and IDS. In component universe, is optional. Version 2.5-stable-3 (jaunty), package size 53 kB, installed size 168 kB
[05:06] <th0r> you can use it for any service you like. You totally lock up the system using iptables. When the daemon sees a configured sequence of port accesses it opens whatever is configured
[05:07] <th0r> that is why I want the server....things like 'knockd' fascinate me
[05:07] <damo23> th0r: THATS COOL
[05:07] <th0r> I would like to open a data center that specializes in secure storage....with tools like knock
[05:08] <damo23> th0r: but surely you cant have a system with 100% filtered ports and still have the knock daemon reading the port accesses
[05:09] <th0r> damo23: why not? iptables sees the packets at the ports...but doesn't let them in. Knockd also watches...the packets don't have to get in...just 'knock'
[05:09] <damo23> th0r: what if there is packet loss
[05:09] <damo23> the combination will be invalid
[05:10] <th0r> what if you dial a wrong combinatiion? <smile> you just send the combination again.
[05:10] <damo23> ok
[05:10] <damo23> thats friggin awesome
[05:11] <th0r> there is a tool called knock in the package...you configure knock to send the proper sequence of packets to the ip of the server.
[05:11] <damo23> can you configure how long the ports stay open after u knock
[05:12] <th0r> yes, if you want you can open a port for only 30 minutes, or whatever, or you can open it til you close it again
[05:12] <th0r> there is a pretty good readme in the package, you might want to install it and take a look. Unless you turn it on it won't hurt to have it sitting on the hard drive
[05:13] <damo23> but the port has to be open for the duration of the ssh session?
[05:13] <th0r> the man page for knock is really good as well
[05:13] <damo23> ok
[05:13] <th0r> well, if you configure it to open ssh for 30 minutes, you better be done in 30 minutes. If you configure it to open ssh and leave it, then you have all the time in the world
[05:14] <th0r> I had read about port knocking about a year ago...was pleasantly surprised the other day to see a package for it in jaunty
[05:19] <genii> I'm intrigued by Ksplice ... rebootless upgrades
[05:26] <damo23> th0r: i can see how port knocking would stop random port scan attacks, but if someone knew your ip and really wanted to hack your machine, it wouldnt stop them
[05:26] <damo23> just make it slightly more difficult
[05:27] <th0r> damo23: a four number combination, each number between 1 and 65535, and each either tcp or udp.....how many crays do you have?
[05:27] <th0r> damo23:  and it doesn't have to be four...could be any number of knocks
[05:28] <damo23> but they can monitor your network traffic and get the combination
[05:28] <genii> Even after a successful knock you'd still have to know what service you're actually connecting to
[05:29] <damo23> especially if there is hardly any traffic, suddenly there are this sequence of random ports
[05:30] <damo23> its like watching you enter the combination
[05:31] <th0r> damo23: agreed...where are they collecting this data at? what traffic are they collecting? If they are on a router at your isp they get all the traffic going through that router and have to sift through it for YOUR ip.....we are talking about a lot of work for what gain? Just like a car thief...they will move on to an easier target of opportunity
[05:32] <genii> I imagine someone will figure a way to rotate/semi-randomize the port sequence so the same one can't be used twice
[05:33] <damo23> th0r: what we are talking about isnt security, its obscurity
[05:34] <th0r> damo23: I guess it might be interpreted that way. A concerted effort to hack into your system would still be possible...but sure would be a lot of work
[05:36] <damo23> a more secure way would be to set up a regular webserver on SSL port 443 and enter a password, and the password opens up the ssh port
[05:37] <th0r> damo23: or an ssh tunnel to the gateway and then knock on the server
[05:38] <damo23> lol
[05:40] <damo23> or a sequence of ssh tunnels to different servers, and finally to your server
[05:40] <th0r> damo23: don't laugh...that is how I accessed my home network. An ssh tunnel to one computer and then via that tunnel to all the others. the only port open was an oddball port for ssh
[05:41] <genii> "hopscotch"
[05:41] <th0r> and that port was forwarded from the wifi router
[05:41] <damo23> i think i'll just set up ssh on a very high port
[05:42] <damo23> that should be enough security
[05:42] <damo23> for a home server
[05:42] <th0r> damo23: that's my point....add port knocking and how much more 'enough' will you have <smile>
[05:43] <damo23> so you can use port 1-65536
[05:44] <th0r> for ssh, yes. just set the port number in sshd_conf
[05:45] <th0r> whatever port sshd is listening on, that is the port you use with ssh
[06:01] <anom01y> how do I restore the desktop after running nautilus without the --no-desktop
[06:01] <anom01y> option.  For some reason it screwed up my desktop
[06:22] <damo23> anom01y: assuming you are running xfce and you want your xfce desktop back
[06:23] <damo23> anom01y: sudo killall nautilus && xfdesktop &
[07:08] <anom01y> I am trying to run the command insmod /lib/modules/`uname -r`/updates/dkms/fglrx.ko, and I get error -1 cannot allocate memory. Not sure what I am doing wrong,
[08:52] <turtle_> G'day all, I am unable to unmount a usb stick due to it being locked, has anyone got a solution?
[08:58] <turtle_> its ok the usb is problematic, scrubbed the partition and started again, problem solvered
[08:59] <turtle_> writing img now
[09:39] <damo23> i just upgraded pidgin from 2.0.2 to 2.5.8 in xubuntu, but when i restart pidgin, i still get 2.0.2, what am i doing wrong?
[11:55] <Glenjamin> hi guys, whenever i plug in my usb printer, dmesg gives an error saying unable to enumerate usb device. Is there anywhere I can look to get more verbose information about the error?
[18:39] <o123hallo> hello
[18:39] <o123hallo> can someone help me
[18:39] <o123hallo> i wanna add a menuentry
[18:40] <o123hallo> i installed the newest eagle version (/opt/Eagle)
[18:40] <o123hallo> so i have in my Eagle.desktop: Exec=/opt/Eagle/bin/eagle
[18:40] <o123hallo> is that right?
=== _Master_ is now known as lsemple
=== maverick_ is now known as maverick`-