| === Ursinha is now known as Ursinha-afk | ||
| === m6 is now known as markour | ||
| === Ursinha-afk is now known as Ursinha | ||
| sander^work | Anyone know why I get: nfsstat: Error: No Client Stats (/proc/net/rpc/nfs: No such file or directory). after an distro upgrade? | 07:54 |
|---|---|---|
| sander^work | and also nfs mounts wont mount, it says nfs.statd is not installed. | 07:54 |
| lkthomas | hey guys | 08:12 |
| lkthomas | anyone using preseed to set static ip ? | 08:12 |
| kaitanya | http://paste.ubuntu.com/7662598/ | 08:30 |
| kaitanya | problem with locales http://paste.ubuntu.com/7662598/ | 08:30 |
| bluefrog | kaitanya, que donne sudo update-locale | 08:51 |
| kaitanya | bluefrog: no luck, cannot change locale | 08:52 |
| bluefrog | sudo apt-get install locales | 08:53 |
| bluefrog | et refais ton binz après pour voir | 08:53 |
| kaitanya | bluefrog: have tingled with this one on #ubuntu but no luck even there | 08:53 |
| bluefrog | kaitanya, 14.04? vient d'être installé? | 08:53 |
| kaitanya | bluefrog: 14.04 LTS en_GB.UTF-8 is working but no scandinavian or utf-8 chars on irssi | 08:55 |
| bluefrog | τεστ | 08:56 |
| bluefrog | ah irssi, pardon | 08:57 |
| kaitanya | can see them from my regular shell, just typing scands or <EUR> makes the screen go messed and everything is unusable | 08:57 |
| bluefrog | kaitanya, lis ça pour voir http://xkr47.outerspace.dyndns.org/howtos/irssi-utf-8-guide.txt | 08:58 |
| kaitanya | bluefrog: irssi and screen are working. the problem is with ubuntu's locales | 09:00 |
| lkthomas | looks like netcfg have bugs to make interface always run on dhcp | 09:04 |
| sync0pate | morning everyone | 09:57 |
| sync0pate | I've unfortunately been tasked with configuring and securing a ubuntu server, is there a handy checklist of things I should've checked? | 09:58 |
| sync0pate | (server is just for web server) | 09:58 |
| sync0pate | so far I've done updates, fail2ban, firewall, disabled ssh password auth and set to keys only.. | 09:58 |
| OpenTokix | sync0pate: do you filter outgoing? | 09:59 |
| sync0pate | OpenTokix, I'm not sure, should I? | 09:59 |
| sync0pate | I don't think so | 09:59 |
| sync0pate | I think I need some outgoing connections | 09:59 |
| OpenTokix | sync0pate: yes | 10:00 |
| OpenTokix | sync0pate: but only those you specify | 10:00 |
| lordievader | sync0pate: It makes a reverse remote shell more difficult ;) | 10:00 |
| sync0pate | so I should limit outgoing to just the connections I need? | 10:00 |
| sync0pate | which will be ssh, web, mail.. | 10:01 |
| lordievader | Don't forget DNS. | 10:01 |
| sync0pate | !! | 10:01 |
| sync0pate | (this is why I've not filtered it! :D) | 10:01 |
| sync0pate | thanks | 10:01 |
| lordievader | And maybe whois, if you want fail2ban to mail the whois info. | 10:02 |
| sync0pate | yeah | 10:02 |
| sync0pate | at the moment I'm just using ufw, is that good enough? | 10:03 |
| sync0pate | it's a frontend to iptables right? | 10:03 |
| sync0pate | goddammit, and now I've locked myself out | 10:11 |
| sync0pate | haha | 10:11 |
| sync0pate | well, better now than later | 10:11 |
| Tazmain | hi all I have a few cron jobs setup but it does not seem they are running how can I check to see if they are working or of cron is running them ? | 10:15 |
| remix_tj | sync0pate: knockd for avoiding to lock out when configuring firewall :-) | 10:24 |
| remix_tj | Tazmain: look on /var/log/syslog | 10:24 |
| remix_tj | sync0pate: https://help.ubuntu.com/community/PortKnocking | 10:25 |
| sync0pate | yeah cheers remix_tj :) | 10:25 |
| sync0pate | little late, but thanks :D | 10:25 |
| sync0pate | I've used a cron job before to turn it off every 10 minutes while I'm configuring | 10:25 |
| Tazmain | remix_tj, My syslog seems empty nothing related to any erros. | 10:26 |
| Tazmain | remix_tj, all I see is anacron[59202]: Job `cron.daily' terminated | 10:28 |
| remix_tj | sync0pate: yeah but you can't accept lockout when in production | 10:54 |
| sync0pate | yeah cheers remix_tj , it's a handy thing to know, thankyou | 10:55 |
| sync0pate | right now I'm trying to get the fucking IT guy to allow me access to the recovery console or something | 10:56 |
| Pupeno | How can I make some upstart services wait for a volume to be mounted before starting? | 10:57 |
| histo | Pupeno: you could change the priority of the loading. I thought it was controlled by ##'s in the begining of the upstart scripts. You may have to man rc.d or some of the upstart stuff. | 11:40 |
| sync0pate | anyone recommend UK based ubuntu VPS? | 11:45 |
| sync0pate | hosting | 11:46 |
| lazyPower | sync0pate: is it being based in the UK a hard requirement? Digital Ocean has a really nice datacenter in amsterdam. | 11:48 |
| sync0pate | not a hard requirement | 11:48 |
| sync0pate | it's a preference | 11:48 |
| sync0pate | but I'd prefer non-US companies | 11:48 |
| sync0pate | if anyone knows any | 11:51 |
| sync0pate | can someone explain the difference between puttin something in sudo crontab -e , or in /etc/crontab ? | 12:13 |
| rbasak | sync0pate: /etc/crontab is the system crontab. "sudo crontab -e" edits the root user's crontab. You can use either, but note that the syntax for a system crontab is slightly different. | 12:15 |
| rbasak | All users can see the system crontab, too. I find it more convenient to put stuff in there (I suggest /etc/crontab.d/local or something to make upgrades smoother) | 12:15 |
| rbasak | Although puppet's cron resource uses the root user's crontab instead. | 12:15 |
| sync0pate | so, there's nothing essentially wrong with using either? | 12:16 |
| rbasak | Err.../etc/cron.d/local | 12:16 |
| sync0pate | neither is deprecated or anything | 12:16 |
| rbasak | Neither is deprecated. But the root user's crontab is more "hidden", which can be confusing. So I'd avoid it if possible. | 12:16 |
| sync0pate | ok | 12:17 |
| sync0pate | I don't think it matters to me that it's more "hidden", this is only a temporary thing | 12:17 |
| sync0pate | for more permanent stuff I'll use the /etc/crontab | 12:17 |
| sync0pate | wait, the /etc/cron.d | 12:18 |
| sync0pate | that's just a directory for system cron files? | 12:18 |
| sync0pate | so i can put anything in there and it'll run like /etc/crontab? | 12:18 |
| sync0pate | and won't mess up on upgrades.. | 12:19 |
| sync0pate | is that right rbasak ? | 12:19 |
| Arrick | hey all, I have a 12.04 server which hosts an internal training site.... Right now, one NIC (statis IP) is accepting traffic (it's the nic that is supposed to be for SAN use only) and my other nic (static IP) quit accepting traffic.... wont let me touch ssh, port 80 or anything through that IP.... Any ideas would be appreciated, I've verified the services are running by connecting to the IP addresses. | 12:20 |
| Arrick | connecting to the ONE ip address that is. | 12:20 |
| rbasak | sync0pate: correct. Packages drop files into /etc/cron.d to avoid having to edit /etc/crontab and confusing users on upgrade. So just make sure not to conflict by using a name that a package might drop in. I'd stick to "local", etc. | 12:24 |
| rbasak | sync0pate: there may be some rules regarding ignoring filenames with punctuation in them. See the manpages for details. It's to avoid running editor backup files as jobs, etc. | 12:26 |
| sync0pate | ok thansk | 12:26 |
| sync0pate | *thanks | 12:26 |
| Arrick | how do I activate eth0? when I try ifup eth0, it says RTNETLINK Answers: file exists, failed to bring up eth0 | 12:31 |
| Arrick | is that because it is static? | 12:31 |
| zul | jamespage: https://code.launchpad.net/~zulcss/nova/2014.1.1/+merge/223546 | 12:32 |
| sync0pate | anyone any idea what is going on with my firewall.. | 12:38 |
| sync0pate | it is not disrupting my current ssh connection | 12:38 |
| sync0pate | but is disallowing new ones | 12:38 |
| sync0pate | even though it is set to "ufw allow 22" | 12:39 |
| Arrick | ok... I know that sdb1 is supposed to be mounted to /www but it is not showing up, anyone have any ideas on how to refresh it? | 12:39 |
| sync0pate | ufw status gives no clues | 12:42 |
| jdstrand | sync0pate: what is the output of 'ufw status'? (can you paste in paste.ubuntu.com? | 12:42 |
| jdstrand | ) | 12:42 |
| sync0pate | jdstrand, ufw status gives no clues | 12:42 |
| sync0pate | shows allow 22 and 80 from anywhere | 12:43 |
| sync0pate | neither of which are working | 12:43 |
| sync0pate | until I ufw disable | 12:43 |
| sync0pate | that's all it shows | 12:43 |
| sync0pate | http://paste.ubuntu.com/7663524/ | 12:43 |
| jdstrand | sync0pate: what is the output of '$ sudo /usr/share/ufw/check-requirements' (please paste in paste.ubuntu.com) | 12:44 |
| sync0pate | jdstrand, http://paste.ubuntu.com/7663538/ | 12:45 |
| jdstrand | sync0pate: your kernel doesn't have everything ufw needs | 12:45 |
| sync0pate | so.. what are my options? | 12:46 |
| sync0pate | this is a vps | 12:46 |
| jdstrand | sync0pate: talk to your vps and show them the output of that comand | 12:46 |
| jdstrand | in the meantime, you probably need to use iptables directly | 12:47 |
| sync0pate | OK thanks | 12:47 |
| sync0pate | I've been putting off learning iptables | 12:47 |
| sync0pate | for a long time | 12:47 |
| sync0pate | I just want to switch to a different VPS :( nothing works on this one | 12:49 |
| kaitanya | sync0pate: i have a cheap 2,5e/month vps, today started using so cant say anything for sure yet | 12:56 |
| sync0pate | where's that from kaitanya ? | 12:57 |
| sync0pate | jdstrand, response from the vps "Unfortunately we don't offer managed support for your OS/server. We only support Centos based servers at this time." | 12:59 |
| sync0pate | this is not what I would consider "managed support" ... fucksake | 12:59 |
| Arrick | sync0pate, back up your data, and then move over to 1and1.com or someone for a VPS.... cheaper, and more reliable, and much more responsive (I use them all the time for almost 200 sites) | 13:02 |
| sync0pate | 1and1? really | 13:02 |
| sync0pate | ? | 13:02 |
| sync0pate | I've heard nothing but bad things about them in the past | 13:02 |
| Arrick | I use them ALL the time. | 13:02 |
| Arrick | in the past I would have said the same thing, but they have a new owner. | 13:02 |
| Arrick | in the last 2 years things really turned around with them | 13:03 |
| sync0pate | hmm I think I need to do some shopping around | 13:04 |
| sync0pate | at the moment am using servint | 13:04 |
| sync0pate | against my will | 13:04 |
| === Beliq_ is now known as Beliq | ||
| histo | sync0pate: digital ocean | 13:30 |
| sync0pate | histo, yeah, as a lot of people have said digital ocean are good | 13:31 |
| jamespage | zul, nova looks good - please merge and upload! | 13:38 |
| zul | jamespage: ack | 13:38 |
| Pupeno | sync0pate: linode, they have a datacenter in the uk. | 13:38 |
| Pupeno | histo: which ## are you talking about? | 13:39 |
| zul | jamespage: nova testsuite is running fine again now | 13:41 |
| jamespage | zul, yeah - I checked :-) | 13:41 |
| zul | jamespage: new dep though :( | 13:42 |
| histo | Pupeno: http://serverfault.com/questions/193115/how-can-i-change-the-service-boot-order-in-ubuntu-server-10-04 | 13:42 |
| sync0pate | thanks Pupeno | 13:42 |
| sync0pate | the person with the payment details is on holiday for a week | 13:42 |
| sync0pate | when he's back I'll see if we can't switch | 13:42 |
| sync0pate | I got it working for now, if anyone's interested | 13:42 |
| sync0pate | using this: http://blog.kylemanna.com/linux/2013/04/26/ufw-vps/ | 13:42 |
| Pupeno | histo: that seems to be talking about systemv or however the system before upstart was called... there's a hint about how to do it with upstart in the second answer, but I'm still unsure how to prevent a service from starting if something is not mounted. | 13:44 |
| rbasak | Pupeno: do you want "start on mounted MOUNTPOINT=..."? http://manpages.ubuntu.com/manpages/trusty/en/man7/mounted.7.html describes it. | 13:48 |
| rbasak | You probably want to start on that and the event you're starting on already. | 13:48 |
| Pupeno | Ah... yes... that sounds exactly what I want rbasak. Should I put all the start on... in separate lines? | 13:49 |
| rbasak | Pupeno: I'm not sure I understand your question. Probably no - all on one line. But see http://upstart.ubuntu.com/cookbook/#start-on | 13:50 |
| Pupeno | Thanks. | 13:50 |
| Pupeno | Yeah, that answers my question. | 13:50 |
| sync0pate | ok now I'm stumped | 13:56 |
| sync0pate | I have a cron job to disable ufw every minute while I'm configuring | 13:56 |
| sync0pate | /var/log/syslog shows the command is running, shows no errors | 13:56 |
| sync0pate | but ufw is still enabled | 13:56 |
| sync0pate | manually running "sudo ufw disable" works without issue | 13:56 |
| hallyn | smb: bug 1326003, you have upload rights now? | 14:14 |
| uvirtbot | Launchpad bug 1326003 in libvirt "apparmor prevents libvirt from running pygrub" [High,In progress] https://launchpad.net/bugs/1326003 | 14:14 |
| hallyn | i think that may be the last low-hanging fruit for utopic's libvirt, so i tmay be about time to sru to trusty | 14:15 |
| smb | hallyn, Yeah I should. I though of uploading to utopic (at least first) but waited whether you have any comments | 14:16 |
| smb | *thought | 14:16 |
| hallyn | smb: nope lgtm | 14:17 |
| hallyn | push away :) | 14:17 |
| smb | hallyn, ack | 14:18 |
| smb | :) | 14:18 |
| rbasak | hallyn: does libcgroup need a merge? Ubuntu is on 0.38-1ubuntu1; Debian 0.41-2. | 14:21 |
| histo | rbasak: debian what and ubuntu what? | 14:31 |
| hallyn | rbasak: well noone should be using libcgroup... | 14:32 |
| hallyn | until/unless someone ports it to cgmanager :) | 14:32 |
| hallyn | which would be very useful for at least the boot-time setup and libpam hook | 14:32 |
| Solution-X | anyone here do much with MAAS? I have a fresh install of 14.04 installed as MAAS controller that is being cranky and refuses to load the images. Installed OS, booted up, apt-upgrade, reboot, create MAAS user, login, click download images. Also tried "sudo maas-import-pxe-files" after as a backup and that completes but does not result in the webpage recognizing the images' existence | 14:33 |
| Solution-X | checked celery.log and it doesnt spit any errors/warns | 14:35 |
| rbasak | hallyn: so is that a "no need to merge"? | 14:49 |
| rbasak | or just very low priority to merge, or what? | 14:50 |
| === Solution-X is now known as Solution-X|AFK | ||
| === Solution-X|AFK is now known as Solution-X | ||
| hallyn | rbasak: it's a "needs to be done very carefully *and* is low priority." | 14:56 |
| hallyn | i had bee working with jbernarnd on ways forward with libcgroup in the face of (a) the fundamental brokenness of the daemon model and (b) cgorup-lite, but then he had to bow out of maintaining the debian pkg | 14:57 |
| rbasak | hallyn: OK, thanks! | 15:04 |
| hallyn | rbasak: do you know someone (including yourself) who has time to play with it? :) | 15:05 |
| rbasak | hallyn: no, sorry. I'm looking at a hundred or so packages that need merging! | 15:05 |
| rbasak | My focus is just to prioritise the most important ones. From the sounds of it, this one needs to go at the bottom of the list. | 15:06 |
| hallyn | rbasak: yeah fraid so, thanks | 15:06 |
| hallyn | wasn't sure whethe ryou had someone asking about a feature :) | 15:07 |
| Solution-X | Its been a while and we've had a few joins/quits so reposting... | 15:43 |
| Solution-X | anyone here do much with MAAS? I have a fresh install of 14.04 installed as MAAS controller that is being cranky and refuses to load the images. Installed OS, booted up, apt-upgrade, reboot, create MAAS user, login, click download images. Also tried "sudo maas-import-pxe-files" after as a backup and that completes but does not result in the webpage recognizing the images' existence. Also | 15:44 |
| Solution-X | checked celery.log and it doesnt spit any errors/warns. | 15:44 |
| jhobbs | Solution-X: there is #maas too | 15:44 |
| Solution-X | thanks, ill post in there and see if we can figure it out in there | 15:47 |
| thesheff17 | anyone know how to restart the networking for lxc containers....I modified /etc/default/lxc-net but I can't seem to have the lxc containers pick up the new settings... | 15:58 |
| thesheff17 | on ubuntu 12.04 there are /etc/init.d/lxc and lxc-net but ubuntu 14.04 didn't seem to get these files | 16:00 |
| thesheff17 | it finally worked killing the dnsmasq service and service lxc-net restart | 16:24 |
| === wendar_ is now known as wendar | ||
| zartoosh | Hi I would like to install ubuntu 14.04 on my system and boot in UEFI mode. Using official ubuntu 14.04 dvd I failed. I know my BIOS is UEFI enabled and secure boot is enabled. I need reference how to install and how to verify I am in UEFI mode? thx | 16:56 |
| === matsubara is now known as matsubara-lunch | ||
| pmatulis | LXC people, what am i missing on this trusty host? i'm trying to set up an alternative directory for my containers ==> http://paste.ubuntu.com/7664718/ | 17:20 |
| pmatulis | i have this working on another trusty host but i can't find any difference in configuration, albeit i set this one up a while ago | 17:21 |
| pmatulis | ah. i need to use 'sudo' for lxc-ls (without -P) to give the output | 17:23 |
| === jreyno40_ is now known as jreyno40 | ||
| === |J-W| is now known as |Jurgen| | ||
| === deegee__ is now known as drussell | ||
| === matsubara-lunch is now known as matsubara | ||
| rbasak | hallyn: my machine didn't have uidmap installed. I had upgraded from saucy (and raring, and quantal...). | 18:32 |
| rbasak | hallyn: is there something that should be done about this? I see that liblxc1 recommended it, but evidently do-release-upgrade didn't pick up on it. | 18:32 |
| rbasak | Close examination of https://help.ubuntu.com/lts/serverguide/lxc.html told me that I needed uidmap, but it seems suboptimal to me that users won't get it on upgrade (assuming this reproduces) | 18:33 |
| sarnold | rbasak: keeping uidmap in universe helped make the security team a little less jumpy :) | 18:34 |
| rbasak | sarnold: it's in main in trusty. | 18:35 |
| * sarnold jumps | 18:35 | |
| rbasak | I guess the recommendation got added between saucy and trusty then | 18:36 |
| sarnold | maybe I'm remembering an older conversation then. I know hallyn said it'd be optional for a while.. | 18:36 |
| hallyn | stgraber: ^ suggestion for uidmap package in release upgrades? | 18:36 |
| rbasak | It still is optional - I just don't get user namespaces | 18:36 |
| hallyn | sarnold: I don't remember when it would've gotten promoted. may have happened automatically through lxc? but xlc only recommends it, so i dunno | 18:37 |
| stgraber | hallyn: recommends do get promoted | 18:38 |
| sarnold | hallyn: yeah, me neither, but at least it's been through a few reviews along the way :) | 18:38 |
| stgraber | rbasak: that seems like a bug in the upgrader or some other weirdness on your system, might be worth pinging mvo about it... lxc recommends it so it should get installed... | 18:38 |
| stgraber | sarnold: and at least it's a separate package, so not present on everyone's system by default (but yeah, the changes are now upstream and in Debian, so I suspect quite a few people have reviewed the setuid code now) | 18:39 |
| z1haze | hello, im a rookie linux server owner, can someone please help me out with checking if my java is up to date? | 19:12 |
| lordievader | !info default-jre | 19:13 |
| ubottu | default-jre (source: java-common (0.51)): Standard Java or Java compatible Runtime. In component main, is optional. Version 2:1.7-51 (trusty), package size 0 kB, installed size 21 kB | 19:13 |
| lordievader | Meh, not sure if that is helpfull. | 19:13 |
| RoyK | z1haze: java is usually up to date on ubuntu | 19:14 |
| z1haze | it just says java version "1.7.0_60" / Java(TM) SE Runtime Environment (build 1.7.0_60-b19) / Java HotSpot(TM) 64-Bit Server VM (build 24.60-b09, mixed mode) | 19:17 |
| z1haze | i think i want to update to java 8 | 19:18 |
| z1haze | how woudl i do that | 19:21 |
| jrwren | anyone familiar enought with both cmake and autotools to give me a pros/cons of each? | 19:48 |
| === lazyPower is now known as lazypower-travel | ||
| professerslime | Hi there I have a dual NIC set up and i am wondering if there is a way to dedicate one card to a vpn and the other towards the rest of the web | 20:34 |
| jrwren | professerslime: to what end? | 20:35 |
| professerslime | Well in essence i am trying to create a private cloud but i am trying to block outside intrusion to highest level | 20:37 |
| professerslime | This is all js | 20:38 |
| professerslime | Just me experimenting | 20:38 |
| lordievader | professerslime: Block every ip except yours? | 20:38 |
| professerslime | to one NIC | 20:39 |
| professerslime | this all seems a little redundent i know but i do have a plan with this | 20:40 |
| lordievader | professerslime: Anyhow you can have your vpn server listen to one interface and have the primary interface the other. However this is probably not what you want. | 20:41 |
| professerslime | Its just about there it would cover my goal of dividing the internet traffic | 20:42 |
| lordievader | It would make it impossible for you to reach the vpn server from the outside. And that, well, defeats the purpose. | 20:43 |
| Quanqued | Hi - is there anyone that can point me in the right direction to disable the automatic provisioning of ephemeral disks in cloud-init? | 20:44 |
| professerslime | rightbut would i be able to forward the traffic using my router to divide where everything is going | 20:45 |
| professerslime | I would just need to tweek the ip tabbles | 20:46 |
| lordievader | professerslime: You want your router to divide your traffic? Why? Seems a bit silly to me. | 20:46 |
| === |Jurgen| is now known as |J-W| | ||
| professerslime | yeah once like i said this all seems a little redundent | 20:47 |
| lordievader | So what's the big idea I'm missing? | 20:48 |
| professerslime | I am just trying to isolate the public from the private traffic | 20:49 |
| professerslime | i suppose it is just overcomplicating the QoS process | 20:52 |
| lordievader | professerslime: Let your server act as your router. | 20:52 |
| professerslime | I was thonking about that | 20:52 |
| professerslime | but i am thinking about starting a rtmp server and i dont want the two services conflicting with each other | 20:58 |
| === elliotd123_ is now known as elliotd123 | ||
| lordievader | Why would they? | 20:59 |
| professerslime | Well wouldn't to two flowing traffic at the same time create a bottle neck | 21:01 |
| jrwren | a bottle neck? | 21:02 |
| jrwren | how fast is your internet connection? | 21:02 |
| lordievader | professerslime: For a home network? Probably not. | 21:03 |
| professerslime | Well i guess that answer saved me plenty of headache | 21:05 |
| lordievader | Depends, ofcourse, on whay you do within your home network. But generally speaking, it wont be a bottleneck. | 21:06 |
| === elliotd123_ is now known as elliotd123 | ||
| hacktron | when I ifconfig I see the tx_bytes are very high. 50gb within only a hour or two after reboot | 23:21 |
| hacktron | anyone know what can cause that, because I have very low traffic to my server | 23:22 |
| hacktron | only few hundred people each day | 23:22 |
| sarnold | hacktron: heh, are you running an open dns recursor? | 23:25 |
| sheptard | haha | 23:26 |
| sarnold | hacktron: you might have success with the 'iftop' program, some nice pretty pictures here: http://www.ex-parrot.com/pdw/iftop/ | 23:26 |
| hacktron | sarnold: sorry had to check was dns recursor was | 23:29 |
| hacktron | sarnold: no I am not just a ubuntu server with apache2 (LAMP) basics | 23:29 |
| hacktron | took a look at iftop this morning and a few others that monitor badwidth | 23:30 |
| sarnold | hacktron: it could be crawlers like googlebot or bingbot or baidubot.. do your access logs show anything unexpected? | 23:31 |
| hacktron | sarnold: didn't check them yet, I have limited access right now but will be there tonight | 23:32 |
| sarnold | hacktron: okay. iftop is nice for "right now" numbers, ntop might be better for "who used it the most today?" kinds of questions | 23:33 |
| hacktron | sarnold: one thing I did notice was when checking bandwidth usage tcp monitoring, I saw my server listed as client and connecting to another server ip with port 777 | 23:33 |
| hacktron | sarnold: I will gladly play with them both tonight, get to the bottom of it ;) thx | 23:34 |
| hacktron | sarnold: I am just thinking maybe something is installed on my server | 23:34 |
| hacktron | sarnold: like zombie ware lol, because the data happens so fast. and I noticed a while ago sometimes the server will bring down my connection, until I reboot | 23:35 |
| sarnold | nuts. I used to have a nice long list of services but can't find it now. the only thing I can find for 777 is the 'moira' service, something from project athena days. you're not running that. :) | 23:35 |
| hacktron | sarnold: haha nope | 23:36 |
| sarnold | hacktron: you could check 'netstat -anp | grep 777' to see what program is using port 777 | 23:36 |
| hacktron | just trying to get my first real box ubuntu up and secure | 23:36 |
| sarnold | hacktron: do you allow password authentication over ssh? or do you have a web-based "control panel" installed? | 23:36 |
| hacktron | well actually it looks like my ip is connecting to another ip:777 | 23:37 |
| hacktron | just ssh installed | 23:37 |
| hacktron | sarnold: no web-based control panel or anything outside of normal lamp server besides monitoring tools | 23:38 |
| sarnold | hacktron: yay. :) double-check the password authentication when you get a chance, it's best to turn that off. keys can't be bruteforced as easily as passwords can.. | 23:38 |
| hacktron | sarnold: thanks, I am actually going on my way to check it out now. will check back in here when I arrive. thanks again sarnold | 23:39 |
| sarnold | hacktron: good luck :) | 23:40 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!