Jump to content

FluKex

Members
  • Content Count

    55
  • Joined

  • Last visited

Community Reputation

1 Neutral

About FluKex

  • Rank
    Linux-Noob Member
  1. Modernbob, i really dont think you have any idea what the hell you are talking about.... i was one of the people that helped the most in that channel. and i Posted very useful stuff to this forums all the time. as well, i helped anyweb anytime i could. Modernbob, you are a farce sir and have no idea what you are talking about.
  2. btw, it looks as though fedora core 6 has removed the "grub-set-default" option and does not use the /boot/grub/default file. There are a few different methods on how to do a "once only" boot with grub, but unforuntately fedora can only do the 1 i posted above.
  3. So, over the past while i have been working on getting a new kernel working on my system. The problem i was having is that the newer kernels i use are not loading the sata modules properly from the initrd images. When trying to fix this i would run into the scnenario whereas, i reboot using the new kernel and if it kernel panics, i then have to file a ticket with my hosting provider to reboot the system and select the old kernel. I have now found 2 ways around this that might be useful for anyone who does a lot of kernel testing. 1.) Booting once-only - (same as lilo -R) In reference to http://www.gnu.org/software/grub/manual/gr...g-once_002donly in grub.conf, add the following line to the beginning. default saved If for example your grub.conf looks like the one i have below. This boots into the 2.6.20-1.2944 by default. default=0 timeout=5 splashimage=(hd0,0)/grub/splash.xpm.gz hiddenmenu title Fedora Core (2.6.20-1.2944.fc6) root (hd0,0) kernel /vmlinuz-2.6.20-1.2944.fc6 ro root=LABEL=/ acpi=off initrd /initrd-2.6.20-1.2944.fc6.img title Fedora Core (2.6.20-FluKex.com) root (hd0,0) kernel /vmlinuz-2.6.20-FluKex.com ro root=LABEL=/ acpi=off initrd /initrd-2.6.20-FluKex.com.img If you want to have it so that 2.6.20-FluKex.com boots on next boot, run the following command from the console before rebooting. echo "savedefault --default=1 --once" | grub --batch then reboot Now, if you have a kernel that panics and need it to reboot if it panics. change your config and add the panic=# (# being seconds before auto reboot) to the kernel line. Example file below default=0 timeout=5 splashimage=(hd0,0)/grub/splash.xpm.gz hiddenmenu title Fedora Core (2.6.20-1.2944.fc6) root (hd0,0) kernel /vmlinuz-2.6.20-1.2944.fc6 ro root=LABEL=/ acpi=off panic=5 initrd /initrd-2.6.20-1.2944.fc6.img title Fedora Core (2.6.20-FluKex.com) root (hd0,0) kernel /vmlinuz-2.6.20-FluKex.com ro root=LABEL=/ acpi=off panic=5 initrd /initrd-2.6.20-FluKex.com.img so the order of operations on this are as follows. 1.) Add new kernel to grub.conf 2.) set default=# in grub.conf to the failsafe kernel (the one you want it to try if the other fails) 3.) run the following: echo "savedefault --default=1 --once" | grub --batch 4.) reboot This will try the flukex.com kernel, and if it panics, it will reboot and use the normal default kernel. BLAM works for me.
  4. why the hell havnt i already been using this from work? lol just been playing around with it and realize how easy/smart it is. cheers mate
  5. FluKex

    VMware Server

    I fired this thread to a friend of mine. I'll let you know if he knows of a simple fix. For the VM in question that is having the issue. 1.) Open vmx file for said vm 2.) Stuff this in: ethernet0.virtualDev = "vmxnet" 3.) Save File 4.) Restart Let me know if this helps
  6. Ok, we have a new method of rate limiting. This new method is WAYYY better. the old -m limit method limits per packet per port.. if you have someone flooding your ssh connetion, it'll actually disable the service all around, causing YOU not to be able to get on. not really the effect you wanted. This new method, actually bases its rate limit on a per IP basis. So if you are getting flooded from 1 ip specifically, only that 1 ip will be locked down. Everyone else will be able to get on still. as long as they stay within the connection limit itself. I'll be honest. *I* didnt figure this out. i found it on a url http://www.debian-administration.org/articles/187 It does work, as a few linux-noob'ers helped me test it successfully. ----------- The way the recent module works is fairly straightforward, you basically add IP addresses to a list, which can then be used in the future to test connection attempts against. This allows you to limit the number of connections against either a number of seconds, or connection attempts. In our example we'll do both. An example is probably the simplest way to illustrate how it works. The following two rules will limit incoming connections to port 22 to no more than 3 attemps in a minute - an more than that will be dropped: iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \ --set iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \ --update --seconds 60 --hitcount 4 -j DROP The --state flag takes a comma seperated list of connection states as an argument, by using "--state NEW" as we did we make sure that only new connections are managed by the module. The --set parameter in the first line will make sure that the IP address of the host which initiated the connection will be added to the "recent list", where it can be tested and used again in the future i.e. in our second rule. The second rule is where the magic actually happens. The --update flag tests whether the IP address is in the list of recent connections, in our case each new connection on port 22 will be in the list because we used the --set flag to add it in the preceeding rule. Once that's done the --seconds flag is used to make sure that the IP address is only going to match if the last connection was within the timeframe given. The --hitcount flag works in a similar way - matching only if the given count of connection attempts is greater than or equal to the number given. Together the second line will DROP an incoming connection if: * The IP address which initiated the connection has previously been added to the list and * The IP address has sent a packet in the past 60 seconds and * The IP address has sent more than 4 packets in total. You can adjust the numbers yourself to limit connections further, so the following example will drop incoming connections which make more than 2 connection attempts upon port 22 within ten minutes: iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \ --set iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \ --update --seconds 600 --hitcount 2 -j DROP If you wish to test these rules you can script a number of connection attempts from an external host with the netcat package. The following script attempts to connect to the IP address 192.168.1.1 5 times. The first couple of attempts you should see a welcome banner such as "SSH-2.0-OpenSSH_3.8.1p1 Debian-8.sarge.4" - after that the script will hang as it's packets are dropped and no response is sent: #!/bin/bash for i in `seq 1 5` ; do echo 'exit' | nc 192.168.1.1 22 ; done There's a lot of documentation on the netfilter/iptables firewall, and it's available modules which you can find in the Netfilter Extension HOWTO. This HOWTO contains documentation on many different modules, along with examples. A recommended read if you're interested in Linux firewalling. If you wish to experiment with rules and testing it's worth remembering how to remove all active rules. The following commands will flush your iptables filewall, and remove all currently active rules: iptables -F iptables -X
  7. Ok, we have a new method of rate limiting. This new method is WAYYY better. the old -m limit method limits per packet per port.. if you have someone flooding your ssh connetion, it'll actually disable the service all around, causing YOU not to be able to get on. not really the effect you wanted. This new method, actually bases its rate limit on a per IP basis. So if you are getting flooded from 1 ip specifically, only that 1 ip will be locked down. Everyone else will be able to get on still. as long as they stay within the connection limit itself. I'll be honest. *I* didnt figure this out. i found it on a url http://www.debian-administration.org/articles/187 It does work, as a few linux-noob'ers helped me test it successfully. ----------- The way the recent module works is fairly straightforward, you basically add IP addresses to a list, which can then be used in the future to test connection attempts against. This allows you to limit the number of connections against either a number of seconds, or connection attempts. In our example we'll do both. An example is probably the simplest way to illustrate how it works. The following two rules will limit incoming connections to port 22 to no more than 3 attemps in a minute - an more than that will be dropped: iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \ --set iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \ --update --seconds 60 --hitcount 4 -j DROP The --state flag takes a comma seperated list of connection states as an argument, by using "--state NEW" as we did we make sure that only new connections are managed by the module. The --set parameter in the first line will make sure that the IP address of the host which initiated the connection will be added to the "recent list", where it can be tested and used again in the future i.e. in our second rule. The second rule is where the magic actually happens. The --update flag tests whether the IP address is in the list of recent connections, in our case each new connection on port 22 will be in the list because we used the --set flag to add it in the preceeding rule. Once that's done the --seconds flag is used to make sure that the IP address is only going to match if the last connection was within the timeframe given. The --hitcount flag works in a similar way - matching only if the given count of connection attempts is greater than or equal to the number given. Together the second line will DROP an incoming connection if: * The IP address which initiated the connection has previously been added to the list and * The IP address has sent a packet in the past 60 seconds and * The IP address has sent more than 4 packets in total. You can adjust the numbers yourself to limit connections further, so the following example will drop incoming connections which make more than 2 connection attempts upon port 22 within ten minutes: iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \ --set iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \ --update --seconds 600 --hitcount 2 -j DROP If you wish to test these rules you can script a number of connection attempts from an external host with the netcat package. The following script attempts to connect to the IP address 192.168.1.1 5 times. The first couple of attempts you should see a welcome banner such as "SSH-2.0-OpenSSH_3.8.1p1 Debian-8.sarge.4" - after that the script will hang as it's packets are dropped and no response is sent: #!/bin/bash for i in `seq 1 5` ; do echo 'exit' | nc 192.168.1.1 22 ; done There's a lot of documentation on the netfilter/iptables firewall, and it's available modules which you can find in the Netfilter Extension HOWTO. This HOWTO contains documentation on many different modules, along with examples. A recommended read if you're interested in Linux firewalling. If you wish to experiment with rules and testing it's worth remembering how to remove all active rules. The following commands will flush your iptables filewall, and remove all currently active rules: iptables -F iptables -X
  8. Top20 words - 1: enigma (37026) 2: znx (27497) 3: Jy (24466) 4: Randall (17956) 5: FluKex (15484) 6: badlandz (15169) 7: bofh` (13864) 8: mstone (13762) 9: pwnt (13155) 10: shad0wcat (11735) 11: j3r (10015) 12: fabio (9993) 13: nerdX (9404) 14: grep (7536) 15: hatebred (7081) 16: P38_ (6032) 17: [Granger] (5371) 18: square (5205) 19: xDamox (4859) 20: linuxgirl (4814) Top20 smilies - 1: znx (1920) 2: enigma (461) 3: badlandz (429) 4: bofh` (379) 5: Randall (259) 6: FluKex (230) 7: Jy (226) 8: magikman (213) 9: square (191) 10: j3r (183) 11: shad0wcat (146) 12: mstone (134) 13: nerdX (134) 14: xDamox (111) 15: pwnt (105) 16: z0ny (97) 17: compile (94) 18: [Granger] (87) 19: KobrAs (79) 20: P38_ (70) Top20 letters - 1: enigma (158098) 2: znx (124945) 3: Jy (108799) 4: Randall (77162) 5: FluKex (64582) 6: badlandz (59859) 7: bofh` (59467) 8: mstone (57495) 9: pwnt (57185) 10: shad0wcat (54564) 11: nerdX (41592) 12: j3r (40994) 13: fabio (40165) 14: grep (34124) 15: hatebred (28661) 16: P38_ (26893) 17: [Granger] (26644) 18: square (25104) 19: linuxgirl (24206) 20: xDamox (21050)
  9. you use irc? any efnet server, join up to #linux-noob most everyone that posts on this board are there.
  10. I would definately say try out fedora core release X. (X changes every 6 months or so, go for the newest version) its definately the most user friendly, and has the most support.. http://fedora.redhat.com and its free of course!
  11. You have to give us the link to the file as well eh and paste a copy here of grub.conf so we can see it.
  12. boot into the old kernel, and paste the output in here from mount df -h fdisk -l as well, if you like, paste the kernel .config file at http://paste.linux-noob.com and we can see your config file to see if theres any errors in it (like forgetting to compile in FS support. i've done it before, dont laugh)
  13. Here they are, June Statistics for the channel. I'll be pasting each month here, Enjoy Top20 words - 1: enigma- (81363) 2: P38_ (26756) 3: flukex (22997) 4: nerdX (21361) 5: Jy (21019) 6: badlandz (19544) 7: OmegaEvil (17728) 8: znx (15687) 9: Randall (15353) 10: [Granger] (15218) 11: bofh` (13319) 12: redneck (12951) 13: ]EnIgMa (9446) 14: j3r (9043) 15: fabio (8991) 16: Ritter (8202) 17: anyweb (7980) 18: square (6666) 19: quannum_ (6401) 20: mstone (6367) Top20 smilies - 1: enigma- (1006) 2: znx (738) 3: badlandz (598) 4: nerdX (430) 5: bofh` (417) 6: square (387) 7: flukex (312) 8: OmegaEvil (240) 9: j3r (236) 10: P38_ (225) 11: [Granger] (195) 12: Randall (193) 13: webany (179) 14: Jy (176) 15: compile (163) 16: ]EnIgMa (159) 17: anyweb (144) 18: magikman (137) 19: McDuck (120) 20: lit (109) Top20 letters - 1: enigma- (342055) 2: P38_ (117068) 3: flukex (96244) 4: nerdX (94612) 5: Jy (92559) 6: badlandz (77823) 7: OmegaEvil (75626) 8: znx (69943) 9: [Granger] (66412) 10: Randall (60538) 11: bofh` (57896) 12: redneck (54614) 13: ]EnIgMa (39104) 14: j3r (38430) 15: anyweb (36461) 16: Ritter (36297) 17: fabio (36240) 18: square (30705) 19: lit (26031) 20: mstone (26030)
  14. They better be "hot" pictures otherwise i'm deleting this thread stalk her back? that might freak her out into stopping stalking you
  15. FluKex

    Linux-Noob Meeting

    out of curiosity, when (if) we met would it be? cost is the main factor
×
×
  • Create New...