logs archiveIRC Archive / Freenode / #centos / 2007 / January / 11 / 1
Asmodee`
ok I'm a noob, but I figured out the problem. The sshd_config by default had no DenyUsers, but did have AllowUsers root, which prevent any non root users to login
sorry for being a pain, thanks for info
emann
sup everyone
dave_mwi
hello
emann
dave_mwi: how's it going?
is pony around. I want to ask some questions about a certain release.
pony
emann not looking good today
emann
and i know pony likes to have it's way with me :-D
hey pony. nice little bot
??xen
Infierno
Hola
hay personas que lean y escriban en castellano ?
emann
Infierno: hey
Jesse-
yeah speak english
         

Infierno
that's ok
emann
Jesse- nope Geek... u?
Infierno
:-|
jejej mi ingles es malo
muy malo
bueno emann
Jesse-
what?
flippo
No, speak Chinese. ô-‡'.
Jesse-
HEH
emann
Jesse- : I need more sleep. Flippo: funny
Infierno
emann, tengo un servidor de ftp "vsftpd" en el cual cree users virtuales con contraseñas
y en ese servidor tengo mis actualizaciones de centos (tengo mi propio remo)
(tengo mi propio repositorio)
Jesse-
welcome to my ignore list
Dyson
and you need a whatever-to--English-converter
:)
emann
Jesse-: is that me? you going to ignore me because i speek Geek.
Jesse-
no
emann
my parents say i cannot do that at the table when we are eating dinner.
Jesse-
ignore @ Infierno
emann
now i cannot do it in irc. What is the world coming to?
:-D
Infierno
y en alguna otra maquina quiero configurarle ese servidor en el /etc/yum/miarchivo.repo
pero como mi servidor ftp pide password que podria hacer ¿?
emann
Infierno: two things 1. i don't use vsftpd 2. I don't speek spanish
only english and geek
Infierno
what is geek
:-|
emann
Infierno: language that a noob or my grandma would not understand... computer talk, programing languages stuff like that.
or my mom.
but spanish is on my list of things to learn.
Infierno
because not to use vsftp??
         

emann
i have a lot of spanish speeking employees in the building that i work in at
nigh.. so i want to be able to talk to them. So i will learn spanish.
no i don't use vsftp. so i cannot help you.
Infierno
ok
thaks
thanks
:D
Dude123
Evolution
Evolution
Dude123: yes?
evilbulgarian
hi, where is the proper place to add vga=791 so that if a new kernel gets installed it is not overwritten
smug_eric
not an expert but i think its in the /etc/grub.conf, can somebody confirm?
evilbulgarian
smug_eric: yeah but it seems those enteries are generated from somewhere
z00dax
yup, add it in the grub.conf
yum and the kernel's bootloader handler look at /etc/grub.conf for entries to carry over when a new kernel is installed
bennry
hey guys.
I just installed MonoDevelop, which is a Mono IDE for C# and .NET
using CentOS 4.4
there was a problem with the icon theme, which caused an error on starting MonoDevelop.
I was using GNOME icon theme and it said there was no icon for 'gtk-no-picture'
Evolution
sounds like you should report that to the mono-develop folks.
bennry
I had a friend test it on Fedora with the same icon theme and there was no issue.
I did.
we were thinking it might be a #centos problem since the error is not duplicated in other releases.
possibly whatever GNOME icon package CentOS is using is missing the 'gtk-no-picture' icon.
z00dax
bennry: can you reproduce the problem with someapp included in the distro ?
bennry
z00dax: no. I understand :).
z00dax
bennry: my point was - if you can, please do file a bug report at bugs.centos.org
if something is missing - it needs to be fixed
bennry
will do.
added.
thanks.
xp_prg
what signal is ctrl-c is it 9?
Evolution
xp_prg: no.
it's 2
SIGINT
http://www.cs.cf.ac.uk/Dave/C/node24.html
Dude123
Evolution
Cleaned up alot of that box.
Evolution
by 'cleaned up', I hope to god you mean 'formated and reinstalled'
Dude123
removed and repaired
secured and protected
Evolution
perhaps I wasn't clear.
by 'cleaned up', I hope to god you mean 'formated and reinstalled'
because that's the only way the box will ever be trustworthy again
Dude123
No. I can't shut the box down. It hosts too much...
I have another box
going on order
that will replace this one.
Evolution
Dude123: this is going to sound mean, so don't take this the wrong way.
you're not smart enough to clean a box to the point of having it be trustworthy.
Dude123
Who said I cleaned it?
Evolution
you implied such in your initial statement.
even so, with a box as completely owned as that one was, the *ONLY* way to be 100% certain is to FORMAT & re-install.
Dude123
(Dude123): (I/we/the data center/a specialist) Cleaned up alot of that box.
Evolution
you allowed far too much breakage to go by
you trusted a data-center drone?
dear god
Dude123
lol
I gave examples.
Evolution
unless they were written in crayon, you're still screwed, and you're still putting your customers at risk.
did you notify the people whose junk you host?
Dude123
Everyone knows what is going on.
Evolution
by 'everyone' I assume you mean the people who owned (and probably still own) that box.
Dude123
How can you assume that the box was/is owned?
did you have any factual evidence that shows there was a rootkit or something installed?
Evolution
I'm not assuming. yesterday we were able to telnet to one of the 'unknown' ports showing activity which proudly displayed the hacker's mark
you really should have been following along yesterday instead of picking your nose.
Dude123
which was?
what port was that?
every port that was open was accounted for
Evolution
were you listening AT ALL last night?
Dude123
You didn't say anything about a hackers mark
Evolution
yes. we did.
batabing
Run chkrootkit on the box and that will give you a clue if someone has breached any security
Evolution
batabing: not with as deeply as he was compromised.
we keep telling him to shut down and verify from secure media, but he's a jackass.
Dude123
[23:09] (smooge): 2613 is some sort of backdoor shell == Webmin web port....
Evolution
Dude123: just before that dumbass.
23:06 < snowmoon> Does any else think the responce on 2200 looks "fishy"
23:06 < smooge> hehehehehehe
23:06 < smooge> he been p0wned
23:07 <@Evolution> yeah. that doesn't leave a whole lot of question about it.
Dude123
23:06] (snowmoon): Does any else think the responce on 2200 looks "fishy" --- never said what it stated.
Evolution
Dude123: it's not our job to. it's YOUR BOX
*YOU* get paid to admin it
*YOU* should be smart enough to either ask what we found, or investigate yourself
you did NONE of that
Dude123
[kjournal 1845 root 3u IPv4 792449 TCP *:2200 (LISTEN)
Evolution
and did you check out what was there? like we did?
snowmoon
Dude123, 1) your kernel was lying to you 2) you had open ports that were unaccount for ( kjournal does not use the network ) 3) nothing short of a clean install will fix deep root kit
anyways it's kjournald not kjournal
batabing
I would say boot from cd and run chkroot kit. Also run nmap from another box and see if there are any external ports open
Evolution
batabing: yeah. welcome to yesterday. his violation was confirmed by about 4 people other than himself.
we tried to beat such advice into him,
Dude123
Would someone like to scan it now please?
batabing
got2go good luck
Evolution
Dude123: DO YOUR OWN JOB.
or pay someone to tell you the same stuff we've already told you.
sigwerk
you tellum
;)
Evolution
you seem to not listen to sanity or security advise from people who deal with it daily.
sigwerk: :-P
Dude123
Evolution, I already told you, I can't just shut the box down...
snowmoon
I can't believe people pay him to host and he is bittorrenting in the background
Dude123
I have to wait for the new one to be up and ready
« prev 1 2 3 4 5 6 next »