You are dealing with an older dummy here, but too old! I'm wanting to know if there is a way to install tarballs properly in Suse. To an extent each version of linux I have tried are different, but in each I have found it impossible to install a tarball. Thanks! John -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John B Pace wrote:
You are dealing with an older dummy here, but too old! I'm wanting to know if there is a way to install tarballs properly in Suse. To an extent each version of linux I have tried are different, but in each I have found it impossible to install a tarball. Thanks! John
I've installed a few, but the method often depends on the specific tarball. Generally, you have to untar the file, and do a make and make install, though I prefer to replace make install with checkinstall, which creates an RPM file, that can be managed with Yast. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John B Pace wrote:
You are dealing with an older dummy here, but too old! I'm wanting to know if there is a way to install tarballs properly in Suse. To an extent each version of linux I have tried are different, but in each I have found it impossible to install a tarball. Thanks! John
The installation of a program from a tarball is a fairly standard drill in any linux distro, typically a few steps: tar -xvf program.tar cd program ./configure make make install If program.tar is actually program.tgz or tar.gz, or tar.bz2, then the untar command becomes tar -xzvf for gzipped files or tar -xjvf for bzip2. Having said that, it's far far better to find a proper suse package, rather than making a home-made build of some random tarball. If there's no suse package available anywhere, then of course a tarball install will work. So, what package are you trying to install, and what difficulties are you running into? Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Joe Sloan wrote: | John B Pace wrote: |> You are dealing with an older dummy here, but too old! I'm wanting to |> know if there is a way to install tarballs properly in Suse. To an |> extent each version of linux I have tried are different, but in each I |> have found it impossible to install a tarball. Thanks! John | | The installation of a program from a tarball is a fairly standard drill | in any linux distro, typically a few steps: | | tar -xvf program.tar | cd program | ./configure | make | make install | | If program.tar is actually program.tgz or tar.gz, or tar.bz2, then the | untar command becomes tar -xzvf for gzipped files or tar -xjvf for bzip2. | | Having said that, it's far far better to find a proper suse package, | rather than making a home-made build of some random tarball. If there's | no suse package available anywhere, then of course a tarball install | will work. | | So, what package are you trying to install, and what difficulties are | you running into? | | Joe the only problem you should run into is some dependency maybe some library you do not have installed. but it should tell you that in the output from the config script. like joe said if you find an .rpm your much better off, it includes everything you need. if its not in the suse repository check rpmfind.net or google it, chances are someone has made one somewhere. - -- Steve Reilly http://reillyblog.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHlATJ1L48K811Km0RAi9aAJ9o8jVDPCGsq0JEVM0PytKy6BxAYwCeOAQQ yH99SU7/bGOKaLmOjEELjBc= =09Em -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
I was trying to get AVG anti virus installed and try it on Suse as I was used to it on the left behind windows (Vista was it! No more microsoft!). One had to download a tarball to go with it or it wouldn't work. Don't ask what the name of the tarball. That was in the Fedora distro I tried for about a week and ever true to style, I've forgotten it. It was a tar.gz, however. Thanks for the answers. I can figure it out now if I have to. This brings up another question. Does Suse have some sort of security other than firewalls? I haven't seen any great importance on anti virus/spyware programs. Thanks all. I appreciate the friendliness and direct answers. 10 years ago when I tried it for a good while, I couldn't get that many answers. I got a lot of people who thought they were superior because I didn't know something. That could be another reason people aren't using linux. A few slaps in the face will drive people in droves back to windows. I suspect that happened. Well, I heard it had changed, it has, and I truly appreciate it. John On Sun, 2008-01-20 at 18:23 -0800, Joe Sloan wrote:
John B Pace wrote:
You are dealing with an older dummy here, but too old! I'm wanting to know if there is a way to install tarballs properly in Suse. To an extent each version of linux I have tried are different, but in each I have found it impossible to install a tarball. Thanks! John
The installation of a program from a tarball is a fairly standard drill in any linux distro, typically a few steps:
tar -xvf program.tar cd program ./configure make make install
If program.tar is actually program.tgz or tar.gz, or tar.bz2, then the untar command becomes tar -xzvf for gzipped files or tar -xjvf for bzip2.
Having said that, it's far far better to find a proper suse package, rather than making a home-made build of some random tarball. If there's no suse package available anywhere, then of course a tarball install will work.
So, what package are you trying to install, and what difficulties are you running into?
Joe
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2008-01-21 at 07:18 -0500, John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was
That would be a binary. You have to read their instructions, then.
This brings up another question. Does Suse have some sort of security other than firewalls?
Yes...
I haven't seen any great importance on anti virus/spyware programs.
Because they are not needed :-P Yes, there are antivirus, but they are mostly used to detect windows viruses that get transmitted on email, in order to protect the windows machines served email by the linux one. Another use is to clean/protect samba shares: again, to protect the windows machines from themselves. In the DVD, there is "antivir" (Avira GmbH), closed source. There is another one, open source, "clamav". - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHlJHJtTMYHG2NR9URAsBvAJ0dT33TQ16fWoCp2nO3pQ/DxjFq8ACgg69F NviaJvEdEsuVDXJ72H+CISA= =LIkD -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Well, I went to the clamav website and it was as Carlos said. If it protects email, is it used in a server that ultimately comes to my email. And as my wife uses Windows XP and I am connected to her via wireless, do I need to be using this antivirus program? Have a good day! John On Mon, 2008-01-21 at 13:36 +0100, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Monday 2008-01-21 at 07:18 -0500, John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was
That would be a binary. You have to read their instructions, then.
This brings up another question. Does Suse have some sort of security other than firewalls?
Yes...
I haven't seen any great importance on anti virus/spyware programs.
Because they are not needed :-P
Yes, there are antivirus, but they are mostly used to detect windows viruses that get transmitted on email, in order to protect the windows machines served email by the linux one. Another use is to clean/protect samba shares: again, to protect the windows machines from themselves.
In the DVD, there is "antivir" (Avira GmbH), closed source. There is another one, open source, "clamav".
- -- Cheers, Carlos E. R.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux)
iD8DBQFHlJHJtTMYHG2NR9URAsBvAJ0dT33TQ16fWoCp2nO3pQ/DxjFq8ACgg69F NviaJvEdEsuVDXJ72H+CISA= =LIkD -----END PGP SIGNATURE-----
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
I have been using ClamAV in my mail server system for years and am very happy with it. I too have a couple of Windows machines inside the firewall/mailer so it seems a good idea. I also have spamassassin and exim to add to the mix. For these critical packages I build from source. ==John ff On Mon, 21 Jan 2008, John B Pace wrote:
Well, I went to the clamav website and it was as Carlos said. If it protects email, is it used in a server that ultimately comes to my email. And as my wife uses Windows XP and I am connected to her via wireless, do I need to be using this antivirus program? Have a good day!
John
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John B Pace wrote:
Well, I went to the clamav website and it was as Carlos said. If it protects email, is it used in a server that ultimately comes to my email. And as my wife uses Windows XP and I am connected to her via wireless, do I need to be using this antivirus program?
Strictly speaking? No, you don't NEEEEEEEEEEEED to use it. But to protect her windows machine, you should.
Have a good day!
John
On Mon, 2008-01-21 at 13:36 +0100, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Monday 2008-01-21 at 07:18 -0500, John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was That would be a binary. You have to read their instructions, then.
This brings up another question. Does Suse have some sort of security other than firewalls? Yes...
I haven't seen any great importance on anti virus/spyware programs. Because they are not needed :-P
Yes, there are antivirus, but they are mostly used to detect windows viruses that get transmitted on email, in order to protect the windows machines served email by the linux one. Another use is to clean/protect samba shares: again, to protect the windows machines from themselves.
In the DVD, there is "antivir" (Avira GmbH), closed source. There is another one, open source, "clamav".
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Monday 21 January 2008, John B Pace wrote:
Well, I went to the clamav website and it was as Carlos said. If it protects email, is it used in a server that ultimately comes to my email. And as my wife uses Windows XP and I am connected to her via wireless, do I need to be using this antivirus program? Have a good day!
John
On Mon, 2008-01-21 at 13:36 +0100, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Monday 2008-01-21 at 07:18 -0500, John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was
That would be a binary. You have to read their instructions, then.
This brings up another question. Does Suse have some sort of security other than firewalls?
Yes...
I haven't seen any great importance on anti virus/spyware programs.
Because they are not needed :-P
Yes, there are antivirus, but they are mostly used to detect windows viruses that get transmitted on email, in order to protect the windows machines served email by the linux one. Another use is to clean/protect samba shares: again, to protect the windows machines from themselves.
In the DVD, there is "antivir" (Avira GmbH), closed source. There is another one, open source, "clamav".
- -- Cheers, Carlos E. R.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux)
iD8DBQFHlJHJtTMYHG2NR9URAsBvAJ0dT33TQ16fWoCp2nO3pQ/DxjFq8ACgg69F NviaJvEdEsuVDXJ72H+CISA= =LIkD -----END PGP SIGNATURE-----
If you connect to the net via her XP machine then you need no virus stoppers as you are not protecting the XP box if however her XP box is connected via your machine (ie your box is connected to the internet directly) then some for of virus protection for the XP box would be advisable but the chances of your machine collecting unwanted payloads is slim to say the least .. YMMV this is what i have found i have looked after mixed networks and always used Linux on the internet firewall/router box with clamav but this does not stop the nasties that arrive on IM streams ie MSM and friends Pete . -- SuSE Linux 10.3-Alpha3. (Linux is like a wigwam - no Gates, no Windows, and an Apache inside.) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
If your linux machine is not acting as a server (for more than one win machine) then install an antivirus to the windows box like NOD32 or AVG. -- Kind Regards Visitá/Go to >> http://www.opensuse.org
John B Pace wrote:
Well, I went to the clamav website and it was as Carlos said. If it protects email, is it used in a server that ultimately comes to my email. And as my wife uses Windows XP and I am connected to her via wireless, do I need to be using this antivirus program? Have a good day!
No, as you don't have to worry about getting a virus. Your wife does however. If you had your own mail server, you might want to consider it, for her benefit. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
I appreciate everyones' and I do mean everyones' input on the security thing. I now definitely have a better understanding of it. Completely different than windows as it always has been and I'm very happy to find out it is the way it is. My wife does have AVG and some other programs to protect her. And unfortunately she has to defragment her hard drive once a week or so. She'd go on to Suse herself, but as she is a 56 year old student going for her Phd, she feels hesitant about movine over to Suse and Open Office. The school she goes to require Microsoft Word formatting. I assume Open Office can be formatted the same way. Thanks again, everyone for your assistance on this security question! John On Mon, 2008-01-21 at 11:24 -0500, James Knott wrote:
John B Pace wrote:
Well, I went to the clamav website and it was as Carlos said. If it protects email, is it used in a server that ultimately comes to my email. And as my wife uses Windows XP and I am connected to her via wireless, do I need to be using this antivirus program? Have a good day!
No, as you don't have to worry about getting a virus. Your wife does however. If you had your own mail server, you might want to consider it, for her benefit.
-- Use OpenOffice.org http://www.openoffice.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John B Pace wrote:
I appreciate everyones' and I do mean everyones' input on the security thing. I now definitely have a better understanding of it. Completely different than windows as it always has been and I'm very happy to find out it is the way it is. My wife does have AVG and some other programs to protect her. And unfortunately she has to defragment her hard drive once a week or so. She'd go on to Suse herself, but as she is a 56 year old student going for her Phd, she feels hesitant about movine over to Suse and Open Office. The school she goes to require Microsoft Word formatting. I assume Open Office can be formatted the same way.
It's amazing that degragging is still required in this day & age. I ran OS/2 for many years, and with the HPFS file system (available in late '80s) defragging wasn't required. Here it is almost 20 years later and Windows still requires it. As for her PhD, OpenOffice can probably do what's required. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2008-01-21 at 13:09 -0500, James Knott wrote:
It's amazing that degragging is still required in this day & age. I ran OS/2 for many years, and with the HPFS file system (available in late '80s) defragging wasn't required. Here it is almost 20 years later and Windows still requires it.
Requires, requires... not really. It does benefit (greatly) from it, though. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHlO/6tTMYHG2NR9URAg8RAJ9gXQu8AwbvqZuvVFYkzM2nXa3WsACaAjj6 TBK1cCLAOVu/DSXJe5qZ1eU= =gkir -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Monday 2008-01-21 at 13:09 -0500, James Knott wrote:
It's amazing that degragging is still required in this day & age. I ran OS/2 for many years, and with the HPFS file system (available in late '80s) defragging wasn't required. Here it is almost 20 years later and Windows still requires it.
Requires, requires... not really. It does benefit (greatly) from it, though.
Well then, HPFS, EXT2 etc., work fine, without worrying about it. Fragmentation resistant file systems have been around for a long time. Why doesn't MS use one? -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2008-01-21 at 14:48 -0500, James Knott wrote:
'80s) defragging wasn't required. Here it is almost 20 years later and Windows still requires it.
Requires, requires... not really. It does benefit (greatly) from it, though.
Well then, HPFS, EXT2 etc., work fine, without worrying about it. Fragmentation resistant file systems have been around for a long time. Why doesn't MS use one?
I know. Isn't ntfs more resistant? I suppose FAT has outgrown its initial design usage for floppies and small disks, and it has been a practical sucess, despite its shorthcommings. It is not inherently a bad system, just... different. Other systems were better designed. Is not the ext2 design newer than fat? The fragmentation problem of fat was known before linux was born. There is another detail: IMO, fragmentation of fat occurs not because of the format, but because of the way it is used. It would be the task of the operating system to avoid fragmentation of the files, by writing them properly, and even correcting them later on. The format allows for that, but the operating system does not. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD4DBQFHlc9ItTMYHG2NR9URAlJtAJEBpPQlUF1Nv2A9OJtKCP4+S1i6AJwMfS9t 4sJUXnAml9GoVWuhpUcPFw== =f2S9 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Monday 2008-01-21 at 14:48 -0500, James Knott wrote:
'80s) defragging wasn't required. Here it is almost 20 years later and > Windows still requires it.
Requires, requires... not really. It does benefit (greatly) from it, though.
Well then, HPFS, EXT2 etc., work fine, without worrying about it. Fragmentation resistant file systems have been around for a long time. Why doesn't MS use one?
I know. Isn't ntfs more resistant?
No, it still gets fragmented
I suppose FAT has outgrown its initial design usage for floppies and small disks, and it has been a practical sucess, despite its shorthcommings. It is not inherently a bad system, just... different. Other systems were better designed.
Is not the ext2 design newer than fat? The fragmentation problem of fat was known before linux was born.
I don't know when ext2 was invented, but other fragmentation resistant file systems were around before NTFS. For example, HPFS, which was actually created by MS, when they were doing OS/2 work for IBM, predates NTFS by a few years.
There is another detail: IMO, fragmentation of fat occurs not because of the format, but because of the way it is used. It would be the task of the operating system to avoid fragmentation of the files, by writing them properly, and even correcting them later on. The format allows for that, but the operating system does not.
File systems, such as HPFS and ext2 try to resist fragmenting, by storing a file in the smallest free space that will hold it and only fragment if a big enough contiguous free space does not exist. This means fragmentation is unlikely, until the drive is almost full. On the other hand, FAT and (IIRC) NTFS simply grab the next available free space, whether big enough or not and if necessary, additional blocks of free space, until there's room for the file. This means that it might save a file in multiple pieces, when it could have simply found a single block that was large enough. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott pecked at the keyboard and wrote:
File systems, such as HPFS and ext2 try to resist fragmenting, by storing a file in the smallest free space that will hold it and only fragment if a big enough contiguous free space does not exist. This means fragmentation is unlikely, until the drive is almost full. On the other hand, FAT and (IIRC) NTFS simply grab the next available free space, whether big enough or not and if necessary, additional blocks of free space, until there's room for the file. This means that it might save a file in multiple pieces, when it could have simply found a single block that was large enough.
Perhaps MS is waiting for another company to innovate this idea so that they can buy the company. Has MS done anything but buy innovation lately and call it their own? Don't remember the last time they came up with anything of their own. -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
I think they invented Microsoft Bob
--- Ken Schneider
James Knott pecked at the keyboard and wrote:
File systems, such as HPFS and ext2 try to resist
fragmenting, by
storing a file in the smallest free space that will hold it and only fragment if a big enough contiguous free space does not exist. This means fragmentation is unlikely, until the drive is almost full. On the other hand, FAT and (IIRC) NTFS simply grab the next available free space, whether big enough or not and if necessary, additional blocks of free space, until there's room for the file. This means that it might save a file in multiple pieces, when it could have simply found a single block that was large enough.
Perhaps MS is waiting for another company to innovate this idea so that they can buy the company. Has MS done anything but buy innovation lately and call it their own? Don't remember the last time they came up with anything of their own.
-- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Ken Schneider wrote:
James Knott pecked at the keyboard and wrote:
File systems, such as HPFS and ext2 try to resist fragmenting, by storing a file in the smallest free space that will hold it and only fragment if a big enough contiguous free space does not exist. This means fragmentation is unlikely, until the drive is almost full. On the other hand, FAT and (IIRC) NTFS simply grab the next available free space, whether big enough or not and if necessary, additional blocks of free space, until there's room for the file. This means that it might save a file in multiple pieces, when it could have simply found a single block that was large enough.
Perhaps MS is waiting for another company to innovate this idea so that they can buy the company. Has MS done anything but buy innovation lately and call it their own? Don't remember the last time they came up with anything of their own.
As I mentioned, they came up with HPFS and HPFS386, which is used in OS/2 servers, so there's no reason why they couldn't have used either. HPFS386 supports user permissions etc., which the basic HPFS doesn't. One thing they did do, was use the same file system number for NTFS as used for HPFS, which confuses some disk utility programs. Windows NT supported HPFS and I believe it was an optional install for Windows 2000. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2008-01-22 at 12:39 -0500, James Knott wrote:
Isn't ntfs more resistant?
No, it still gets fragmented
Too bad.
I suppose FAT has outgrown its initial design usage for floppies and small disks, and it has been a practical sucess, despite its shorthcommings. It is not inherently a bad system, just... different. Other systems were better designed.
Is not the ext2 design newer than fat? The fragmentation problem of fat was known before linux was born.
I don't know when ext2 was invented, but other fragmentation resistant file systems were around before NTFS. For example, HPFS, which was actually created by MS, when they were doing OS/2 work for IBM, predates NTFS by a few years.
I suppose it was invented in the early 90's, same as linux.
There is another detail: IMO, fragmentation of fat occurs not because of the format, but because of the way it is used. It would be the task of the operating system to avoid fragmentation of the files, by writing them properly, and even correcting them later on. The format allows for that, but the operating system does not.
File systems, such as HPFS and ext2 try to resist fragmenting, by storing a file in the smallest free space that will hold it and only fragment if a big enough contiguous free space does not exist. This means fragmentation is unlikely, until the drive is almost full. On the other hand, FAT and (IIRC) NTFS simply grab the next available free space, whether big enough or not and if necessary, additional blocks of free space, until there's room for the file. This means that it might save a file in multiple pieces, when it could have simply found a single block that was large enough.
But that is not a characteristic of the FAT format, but of how the operating system uses it. It is perfectly possible to seek a large enough free area in the disk, then save the file there. It is the operating system who saves time by saving in the first space it finds, instead of searching harder for the best fit. It is not the definition of the format that is at fault, is the implementation. Then, if later, a file grows, and there is no free space at the end, it has to be fragmented - same in fat as in any other system. I think that in ext2 the system tries to leave space at the end for that chance, which is, I think, one of the reasons why performance decreases if the disk is full. I think that in ext2 the file can be moved elsewhere, but I'm not sure. In msdos this was not possible because the OS was not the only one capable of accessing the filesystem. I once thought of writing a program that would defrag a fat drive in the background, without stopping jobs... just an idea, I never started writing, though. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHllNktTMYHG2NR9URArk2AJ9FNil26on1qiHJASR6Yx1XUm1CfACfRtDV TM0DlniKM6OYZlk/AUd3TIw= =amhm -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
The Tuesday 2008-01-22 at 12:39 -0500, James Knott wrote:
Isn't ntfs more resistant?
No, it still gets fragmented
Too bad.
I suppose FAT has outgrown its initial design usage for floppies and small disks, and it has been a practical sucess, despite its shorthcommings. It is not inherently a bad system, just... different. Other systems were better designed.
Is not the ext2 design newer than fat? The fragmentation problem of fat was known before linux was born.
I don't know when ext2 was invented, but other fragmentation resistant file systems were around before NTFS. For example, HPFS, which was actually created by MS, when they were doing OS/2 work for IBM, predates NTFS by a few years.
I suppose it was invented in the early 90's, same as linux.
There is another detail: IMO, fragmentation of fat occurs not because of the format, but because of the way it is used. It would be the task of the operating system to avoid fragmentation of the files, by writing them properly, and even correcting them later on. The format allows for that, but the operating system does not.
File systems, such as HPFS and ext2 try to resist fragmenting, by storing a file in the smallest free space that will hold it and only fragment if a big enough contiguous free space does not exist. This means fragmentation is unlikely, until the drive is almost full. On the other hand, FAT and (IIRC) NTFS simply grab the next available free space, whether big enough or not and if necessary, additional blocks of free space, until there's room for the file. This means that it might save a file in multiple pieces, when it could have simply found a single block that was large enough.
But that is not a characteristic of the FAT format, but of how the operating system uses it. It is perfectly possible to seek a large enough free area in the disk, then save the file there. It is the operating system who saves time by saving in the first space it finds, instead of searching harder for the best fit. It is not the definition of the format that is at fault, is the implementation.
Then, if later, a file grows, and there is no free space at the end, it has to be fragmented - same in fat as in any other system. I think that in ext2 the system tries to leave space at the end for that chance, which is, I think, one of the reasons why performance decreases if the disk is full. I think that in ext2 the file can be moved elsewhere, but I'm not sure. In msdos this was not possible because the OS was not the only one capable of accessing the filesystem.
I once thought of writing a program that would defrag a fat drive in the background, without stopping jobs... just an idea, I never started writing, though.
Well, going back to basics, a file system is just a method of allocating a pile of sectors in some manner. FAT does this in a very basic manner, just starting at the beginning of the disk looking for free space and working it's way across the disk. If you want to do something different, you create a new file systems, such as ext2 or HPFS, which has the mechanisms for more efficient allocation of the sectors or better performance etc. However, since it's now different from the "original" FAT, it's a new file system. File systems such as HPFS or ext2 maintain a bit map of free space, which enables them to quickly find a free block just large enough to hold the file. They also use a B-tree for quick searching. Ever notice how Linux by default sorts by name and Windows doesn't? You can thank the file system for that. As for the OS managing the sectors etc., it always does, by using FAT file system code or NTFS file system code or ext2 etc. But that does not change the way the various file systems were designed to work. If you create a different way, you create a different file system. Also, you generally don't "grow" a file. For safety reasons, you copy & modify, leaving the original on the disk, until the operation is completed and the now dead file is marked as free space. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2008-01-22 at 19:33 -0500, James Knott wrote:
But that is not a characteristic of the FAT format, but of how the operating system uses it. It is perfectly possible to seek a large enough free area in the disk, then save the file there. It is the operating system who saves time by saving in the first space it finds, instead of searching harder for the best fit. It is not the definition of the format that is at fault, is the implementation.
Then, if later, a file grows, and there is no free space at the end, it has to be fragmented - same in fat as in any other system. I think that in ext2 the system tries to leave space at the end for that chance, which is, I think, one of the reasons why performance decreases if the disk is full. I think that in ext2 the file can be moved elsewhere, but I'm not sure. In msdos this was not possible because the OS was not the only one capable of accessing the filesystem.
I once thought of writing a program that would defrag a fat drive in the background, without stopping jobs... just an idea, I never started writing, though.
Well, going back to basics, a file system is just a method of allocating a pile of sectors in some manner. FAT does this in a very basic manner, just starting at the beginning of the disk looking for free space and working it's way across the disk. If you want to do something different, you create a new file systems, such as ext2 or HPFS, which has the mechanisms for more efficient allocation of the sectors or better performance etc. However, since it's now different from the "original" FAT, it's a new file system.
You are confusing the filesystem structure with the method used to use it. You can have an operating system allocating files in contiguous sectors on a fat filesystem, and it will still be fat. That doesn't change.
File systems such as HPFS or ext2 maintain a bit map of free space, which enables them to quickly find a free block just large enough to hold the file.
So does vfat. The FAT table is just that; well, rather a "byte" map, with another function added.
They also use a B-tree for quick searching. Ever notice how Linux by default sorts by name and Windows doesn't? You can thank the file system for that. As for the OS managing the sectors etc., it always does, by using FAT file system code or NTFS file system code or ext2 etc. But that does not change the way the various file systems were designed to work. If you create a different way, you create a different file system.
No, not really. The structure is one thing, the method is another - more so with fat, because you could write to it bypassing the operating system completely.
Also, you generally don't "grow" a file. For safety reasons, you copy & modify, leaving the original on the disk, until the operation is completed and the now dead file is marked as free space.
I know for certain that in dos/vfat you can grow a file: they call it "append mode". And I'll make an educated guess that linux does the same, for instance with log files. Which is different operation than when editing a text file, where the usual is doing what you describe. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHlprJtTMYHG2NR9URAvlNAJ9J7eXKc21W7z9eyqvndKwQKxTcjgCdFOeQ Kupz/90xqCdY/qabzuZ0sUk= =tVMh -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon 21 January 08 10:49, John B Pace wrote:
I appreciate everyones' and I do mean everyones' input on the security thing. I now definitely have a better understanding of it. Completely different than windows as it always has been and I'm very happy to find out it is the way it is. My wife does have AVG and some other programs to protect her. And unfortunately she has to defragment her hard drive once a week or so. She'd go on to Suse herself, but as she is a 56 year old student going for her Phd, she feels hesitant about movine over to Suse and Open Office. The school she goes to require Microsoft Word formatting. I assume Open Office can be formatted the same way.
Thanks again, everyone for your assistance on this security question!
Please don't top-post. -- "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." Benjamin Franklin -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was used to it on the left behind windows (Vista was it! No more microsoft!).
Don't bother. AVG for Linux is not meant to protect your Linux machine. It's meant for mail servers which deliver mail read by Windows clients, to protect those clients from Windows viruses. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was used to it on the left behind windows (Vista was it! No more microsoft!). One had to download a tarball to go with it or it wouldn't work. Don't ask what the name of the tarball. That was in the Fedora distro I tried for about a week and ever true to style, I've forgotten it. It was a tar.gz, however. Thanks for the answers. I can figure it out now if I have to. This brings up another question. Does Suse have some sort of security other than firewalls? I haven't seen any great importance on anti virus/spyware programs. Thanks all. I appreciate the friendliness and direct answers. 10 years ago when I tried it for a good while, I couldn't get that many answers. I got a lot of people who thought they were superior because I didn't know something. That could be another reason people aren't using linux. A few slaps in the face will drive people in droves back to windows. I suspect that happened. Well, I heard it had changed, it has, and I truly appreciate it. John
Anti-virus software is generally not necessary with Linux, unless it's being used as a mail or file server in a Windows network. AFIK, there's never been a viable Linux virus. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, 21 Jan 2008, James Knott wrote:- <snip>
Anti-virus software is generally not necessary with Linux, unless it's being used as a mail or file server in a Windows network. AFIK, there's never been a viable Linux virus.
That depends on whether you include worms and trojans under the definition of a virus. If so, there have been Linux viruses in the wild. I still have a copy of a loader script and the IRC bot[0] that was installed by it, grabbed from an infected server just over 2 years ago[1]. IIRC, the method of infection for that particular worm was to insert shell commands[2] into a URL passed to a web server running an exploitable version of PHP. The commands were executed by a root shell and was used to download the loader script, set its mode to 744 and then execute that. The script in question downloaded 2 files, one was the IRC bot, the other was used to search out and try to infect other web servers. At the time, I was seeing over 100 different IP addresses daily, each sending almost the same commands over a period of a several weeks. The only differences between the commands were the IP address of the server hosting the loader script and, occasionally, the name of the loader script. [0] Compiled using GCC 3.3.6 on a Gentoo system. [1] File is dated 2005-12-20. [2] Without digging up my old server logs, I can't be more specific. Google might have something about it though. Regards, David Bolt -- Team Acorn: http://www.distributed.net/ OGR-P2 @ ~100Mnodes RC5-72 @ ~15Mkeys SUSE 10.1 32bit | openSUSE 10.2 32bit | openSUSE 10.3 32bit | openSUSE 11.0a0 SUSE 10.1 64bit | openSUSE 10.2 64bit | openSUSE 10.3 64bit RISC OS 3.6 | TOS 4.02 | openSUSE 10.3 PPC |RISC OS 3.11 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David Bolt wrote:
That depends on whether you include worms and trojans under the definition of a virus. If so, there have been Linux viruses in the wild. I still have a copy of a loader script and the IRC bot[0] that was installed by it, grabbed from an infected server just over 2 years ago[1].
IIRC, the method of infection for that particular worm was to insert shell commands[2] into a URL passed to a web server running an exploitable version of PHP. The commands were executed by a root shell and was used to download the loader script, set its mode to 744 and then execute that. The script in question downloaded 2 files, one was the IRC bot, the other was used to search out and try to infect other web servers.
Yes, I remember dealing with some similar worms on linux servers - the difference being, if a linux system gets a worm, you install the security upgrade from the vendor, clean up the files left behind by the worm (which will typically be found only in world writable areas), and life goes on, without a reboot, and perhaps a momentary interruption in service while the daemon is reloaded. If a windows web server gets a worm, game over. wipe the box and reinstall. At least that's what my mcse friends tell me. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, 21 Jan 2008, Joe Sloan wrote:- <snip>
Yes, I remember dealing with some similar worms on linux servers - the difference being, if a linux system gets a worm, you install the security upgrade from the vendor, clean up the files left behind by the worm (which will typically be found only in world writable areas), and life goes on, without a reboot, and perhaps a momentary interruption in service while the daemon is reloaded.
You'd trust that method of cleaning a system? If only life were so simple.
If a windows web server gets a worm, game over. wipe the box and reinstall. At least that's what my mcse friends tell me.
I'd apply the same logic to a Linux server as well. The reason being that if a worm is able to install on the server using root privileges, there's no way to know just what else has been installed by it without performing some form of forensic work on the installation, and has to be done using tools from outside the. Regards, David Bolt -- Team Acorn: http://www.distributed.net/ OGR-P2 @ ~100Mnodes RC5-72 @ ~15Mkeys SUSE 10.1 32bit | openSUSE 10.2 32bit | openSUSE 10.3 32bit | openSUSE 11.0a0 SUSE 10.1 64bit | openSUSE 10.2 64bit | openSUSE 10.3 64bit RISC OS 3.6 | TOS 4.02 | openSUSE 10.3 PPC |RISC OS 3.11 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David Bolt wrote:
On Mon, 21 Jan 2008, Joe Sloan wrote:-
<snip>
Yes, I remember dealing with some similar worms on linux servers - the difference being, if a linux system gets a worm, you install the security upgrade from the vendor, clean up the files left behind by the worm (which will typically be found only in world writable areas), and life goes on, without a reboot, and perhaps a momentary interruption in service while the daemon is reloaded.
You'd trust that method of cleaning a system? If only life were so simple.
It's not a matter of blind trust, but of close examination of the worms behavior. Once the hole was closed and the remains of the worm removed, that was the end of it. No more mysterious traffic, no more odd spikes in system load, no more trouble, no anomalies on the system, full package check shows everything in order.
If a windows web server gets a worm, game over. wipe the box and reinstall. At least that's what my mcse friends tell me.
I'd apply the same logic to a Linux server as well.
But these are 2 totally different beasts.
The reason being that if a worm is able to install on the server using root privileges, there's no way to know just what else has been installed by it without performing some form of forensic work on the installation
Why would you assume that a worm got root privileges? In the cases I've dealt with, there were no root privileges. A close examination of the trail left by the worm showed that it was limited to what it could do as the www user. All it's working files were in /tmp. One of the strengths of the unix model is separation of privilege, and that provides a layered defense. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2008-01-21 at 20:41 -0800, Joe Sloan wrote:
David Bolt wrote:
The reason being that if a worm is able to install on the server using root privileges, there's no way to know just what else has been installed by it without performing some form of forensic work on the installation
Why would you assume that a worm got root privileges? In the cases I've
Because David wrote, in the email you quoted: ]> The commands were executed by a root shell and was used to download the ]> loader script, I was thinking, at first glance, the same, that root was compromised. But you are right, it's not always the case. Rather, it should never be the case. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHlhhNtTMYHG2NR9URAnZNAJ9Zvkt/ZyhEeQG22LgbVqAF2LuoJACfcoEz fHd7970olNCD1/rteJlBgWE= =u0sc -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Monday 2008-01-21 at 20:41 -0800, Joe Sloan wrote:
David Bolt wrote:
The reason being that if a worm is able to install on the server using root privileges, there's no way to know just what else has been installed by it without performing some form of forensic work on the installation
Why would you assume that a worm got root privileges? In the cases I've
Because David wrote, in the email you quoted:
]> The commands were executed by a root shell and was used to download the ]> loader script,
I was thinking, at first glance, the same, that root was compromised. But you are right, it's not always the case. Rather, it should never be the case.
Again, why the root shell? Why wasn't that person using a user ID? In order to run a root shell, someone has to start a root shell. They don't just happen. There's a reason why root shouldn't be used, when not needed. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2008-01-22 at 16:23 -0500, James Knott wrote:
Because David wrote, in the email you quoted:
] > The commands were executed by a root shell and was used to download the ]> loader script,
I was thinking, at first glance, the same, that root was compromised. But you are right, it's not always the case. Rather, it should never be the case.
Again, why the root shell? Why wasn't that person using a user ID? In order to run a root shell, someone has to start a root shell. They don't just happen. There's a reason why root shouldn't be used, when not needed.
Because, being a malware, bad things can happen. The malware designer could know of a hole that allowed it to escalate to root somehow. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHlnWAtTMYHG2NR9URAgOLAJ9q1se8mASJNfq4Fws4UfgpMTebugCfRUVb VRZMrSjg2h7Utye2788/EWU= =8qd6 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Monday 2008-01-21 at 20:41 -0800, Joe Sloan wrote:
David Bolt wrote:
The reason being that if a worm is able to install on the server using root privileges, there's no way to know just what else has been installed by it without performing some form of forensic work on the installation
Why would you assume that a worm got root privileges? In the cases I've
Because David wrote, in the email you quoted:
]> The commands were executed by a root shell and was used to download the ]> loader script,
I was thinking, at first glance, the same, that root was compromised. But you are right, it's not always the case. Rather, it should never be the case.
Again, why the root shell? Why wasn't that person using a user ID? In order to run a root shell, someone has to start a root shell. They don't just happen. There's a reason why root shouldn't be used, when not needed.
One possibility: Because an un-informed or lazy administrator set up the box to start the web server from root during boot up. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, 21 Jan 2008, Joe Sloan wrote:-
David Bolt wrote:
<Snip>
It's not a matter of blind trust, but of close examination of the worms behavior. Once the hole was closed and the remains of the worm removed, that was the end of it. No more mysterious traffic, no more odd spikes in system load, no more trouble, no anomalies on the system, full package check shows everything in order.
In that case, you're lucky that someone didn't use the worm to use some unknown, or freshly discovered, local root exploit to be able to install a root kit.
If a windows web server gets a worm, game over. wipe the box and reinstall. At least that's what my mcse friends tell me.
I'd apply the same logic to a Linux server as well.
But these are 2 totally different beasts.
Yes they are.
The reason being that if a worm is able to install on the server using root privileges, there's no way to know just what else has been installed by it without performing some form of forensic work on the installation
Why would you assume that a worm got root privileges?
Hope for the best, plan for the worst.
In the cases I've dealt with, there were no root privileges. A close examination of the trail left by the worm showed that it was limited to what it could do as the www user.
That doesn't mean to say that there wasn't the chance it could have gained root privileges.
All it's working files were in /tmp.
That was one of the things I noticed from the samples I retrieved. It's also one of the reasons I now have separate /tmp partitions mounted noexec.
One of the strengths of the unix model is separation of privilege, and that provides a layered defense.
There's still the occasional breaches, although not as many as with another popular OS. Regards, David Bolt -- Team Acorn: http://www.distributed.net/ OGR-P2 @ ~100Mnodes RC5-72 @ ~15Mkeys SUSE 10.1 32bit | openSUSE 10.2 32bit | openSUSE 10.3 32bit | openSUSE 11.0a0 SUSE 10.1 64bit | openSUSE 10.2 64bit | openSUSE 10.3 64bit RISC OS 3.6 | TOS 4.02 | openSUSE 10.3 PPC |RISC OS 3.11 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David Bolt wrote:
On Mon, 21 Jan 2008, Joe Sloan wrote:-
David Bolt wrote:
<Snip>
It's not a matter of blind trust, but of close examination of the worms behavior. Once the hole was closed and the remains of the worm removed, that was the end of it. No more mysterious traffic, no more odd spikes in system load, no more trouble, no anomalies on the system, full package check shows everything in order.
In that case, you're lucky that someone didn't use the worm to use some unknown, or freshly discovered, local root exploit to be able to install a root kit.
I'm sure they tried. It's a awfully tough job trying to get root remotely on a modern linux box... Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David Bolt wrote:
On Mon, 21 Jan 2008, Joe Sloan wrote:-
<snip>
Yes, I remember dealing with some similar worms on linux servers - the difference being, if a linux system gets a worm, you install the security upgrade from the vendor, clean up the files left behind by the worm (which will typically be found only in world writable areas), and life goes on, without a reboot, and perhaps a momentary interruption in service while the daemon is reloaded.
You'd trust that method of cleaning a system? If only life were so simple.
If a windows web server gets a worm, game over. wipe the box and reinstall. At least that's what my mcse friends tell me.
I'd apply the same logic to a Linux server as well. The reason being that if a worm is able to install on the server using root privileges, there's no way to know just what else has been installed by it without performing some form of forensic work on the installation, and has to be done using tools from outside the.
Why would a server be running root privileges? -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, 22 Jan 2008, James Knott wrote:-
David Bolt wrote:
I'd apply the same logic to a Linux server as well. The reason being that if a worm is able to install on the server using root privileges, there's no way to know just what else has been installed by it without performing some form of forensic work on the installation, and has to be done using tools from outside the.
Why would a server be running root privileges?
It wouldn't, but have you ever heard of local root exploits? Regards, David Bolt -- Team Acorn: http://www.distributed.net/ OGR-P2 @ ~100Mnodes RC5-72 @ ~15Mkeys SUSE 10.1 32bit | openSUSE 10.2 32bit | openSUSE 10.3 32bit | openSUSE 11.0a0 SUSE 10.1 64bit | openSUSE 10.2 64bit | openSUSE 10.3 64bit RISC OS 3.6 | TOS 4.02 | openSUSE 10.3 PPC |RISC OS 3.11 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
David Bolt wrote:
On Mon, 21 Jan 2008, Joe Sloan wrote:-
<snip>
Yes, I remember dealing with some similar worms on linux servers - the difference being, if a linux system gets a worm, you install the security upgrade from the vendor, clean up the files left behind by the worm (which will typically be found only in world writable areas), and life goes on, without a reboot, and perhaps a momentary interruption in service while the daemon is reloaded.
You'd trust that method of cleaning a system? If only life were so simple.
If a windows web server gets a worm, game over. wipe the box and reinstall. At least that's what my mcse friends tell me.
I'd apply the same logic to a Linux server as well. The reason being that if a worm is able to install on the server using root privileges, there's no way to know just what else has been installed by it without performing some form of forensic work on the installation, and has to be done using tools from outside the.
Why would a server be running root privileges?
Webmasters who recently migrated from Lose-DOS and new to Linux oftentimes wouldn't even realize that such a thing could be done. let alone
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Aaron Kulkis wrote:
Webmasters who recently migrated from Lose-DOS and new to Linux oftentimes wouldn't even realize that such a thing could be done. let alone
A little competence goes a long way. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David Bolt wrote:
On Mon, 21 Jan 2008, James Knott wrote:-
<snip>
Anti-virus software is generally not necessary with Linux, unless it's being used as a mail or file server in a Windows network. AFIK, there's never been a viable Linux virus.
That depends on whether you include worms and trojans under the definition of a virus. If so, there have been Linux viruses in the wild. I still have a copy of a loader script and the IRC bot[0] that was installed by it, grabbed from an infected server just over 2 years ago[1].
IIRC, the method of infection for that particular worm was to insert shell commands[2] into a URL passed to a web server running an exploitable version of PHP. The commands were executed by a root shell and was used to download the loader script, set its mode to 744 and then execute that. The script in question downloaded 2 files, one was the IRC bot, the other was used to search out and try to infect other web servers.
Assuming you're running as a mere mortal and not root, how does it start a root shell? -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
David Bolt wrote:
On Mon, 21 Jan 2008, James Knott wrote:-
<snip>
Anti-virus software is generally not necessary with Linux, unless it's being used as a mail or file server in a Windows network. AFIK, there's never been a viable Linux virus.
That depends on whether you include worms and trojans under the definition of a virus. If so, there have been Linux viruses in the wild. I still have a copy of a loader script and the IRC bot[0] that was installed by it, grabbed from an infected server just over 2 years ago[1].
IIRC, the method of infection for that particular worm was to insert shell commands[2] into a URL passed to a web server running an exploitable version of PHP. The commands were executed by a root shell and was used to download the loader script, set its mode to 744 and then execute that. The script in question downloaded 2 files, one was the IRC bot, the other was used to search out and try to infect other web servers.
Assuming you're running as a mere mortal and not root, how does it start a root shell?
If the web admin didn't make sure to set up a user account for the web server, then it's most likely running as root, and so all child processes would also be root.
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Aaron Kulkis wrote:
James Knott wrote:
David Bolt wrote:
On Mon, 21 Jan 2008, James Knott wrote:-
<snip>
Anti-virus software is generally not necessary with Linux, unless it's being used as a mail or file server in a Windows network. AFIK, there's never been a viable Linux virus.
That depends on whether you include worms and trojans under the definition of a virus. If so, there have been Linux viruses in the wild. I still have a copy of a loader script and the IRC bot[0] that was installed by it, grabbed from an infected server just over 2 years ago[1].
IIRC, the method of infection for that particular worm was to insert shell commands[2] into a URL passed to a web server running an exploitable version of PHP. The commands were executed by a root shell and was used to download the loader script, set its mode to 744 and then execute that. The script in question downloaded 2 files, one was the IRC bot, the other was used to search out and try to infect other web servers.
Assuming you're running as a mere mortal and not root, how does it start a root shell?
If the web admin didn't make sure to set up a user account for the web server, then it's most likely running as root, and so all child processes would also be root.
The way I read the note, a "downloader script" was downloaded from the server and then run in a root shell to set the permissions etc. How did that root shell get started? If it's on the server, it shouldn't be able to do something as root on the local computer. Anyone running a browser as root deserves what they get. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
Aaron Kulkis wrote:
James Knott wrote:
David Bolt wrote:
On Mon, 21 Jan 2008, James Knott wrote:-
<snip>
Anti-virus software is generally not necessary with Linux, unless it's being used as a mail or file server in a Windows network. AFIK, there's never been a viable Linux virus. That depends on whether you include worms and trojans under the definition of a virus. If so, there have been Linux viruses in the wild. I still have a copy of a loader script and the IRC bot[0] that was installed by it, grabbed from an infected server just over 2 years ago[1].
IIRC, the method of infection for that particular worm was to insert shell commands[2] into a URL passed to a web server running an exploitable version of PHP. The commands were executed by a root shell and was used to download the loader script, set its mode to 744 and then execute that. The script in question downloaded 2 files, one was the IRC bot, the other was used to search out and try to infect other web servers. Assuming you're running as a mere mortal and not root, how does it start a root shell? If the web admin didn't make sure to set up a user account for the web server, then it's most likely running as root, and so all child processes would also be root.
The way I read the note, a "downloader script" was downloaded from the server and then run in a root shell to set the permissions etc. How did that root shell get started?
If, say, apache has a flaw that allows a shell to be forked off, and apache is running as root, then there you go: root shell.
If it's on the server, it shouldn't be able to do something as root on the local computer. Anyone running a browser as root deserves what they get.
That depends on whether the server process is running as root (improper administration) or as a non-privileged user (say, username apache) which is correct administration. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Aaron Kulkis wrote:
If, say, apache has a flaw that allows a shell to be forked off, and apache is running as root, then there you go: root shell.
I'm certain that suse has never shipped a distro where apache runs as root. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Sloan wrote:
Aaron Kulkis wrote:
If, say, apache has a flaw that allows a shell to be forked off, and apache is running as root, then there you go: root shell.
I'm certain that suse has never shipped a distro where apache runs as root.
Not by default, but that doesn't mean much. Try this: $ su password # /etc/init.d/apache start That's just one of many ways to start apache as root. If the person setting up a website was reading a book written by someone who is relatively clueless, then you have a situation which can best be described as "The blind leading the naked." -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2008-01-23 at 21:16 -0500, Aaron Kulkis wrote:
I'm certain that suse has never shipped a distro where apache runs as root.
Not by default, but that doesn't mean much.
Try this:
$ su password # /etc/init.d/apache start
As it happens, that's the method suse starts up apache or apache2 - and it doesn't run as root, but as wwwrun, except for the parent process.
That's just one of many ways to start apache as root. If the person setting up a website was reading a book written by someone who is relatively clueless, then you have a situation which can best be described as "The blind leading the naked."
So, I guess suse is clueless... :-p - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHmJb2tTMYHG2NR9URAjLgAJ9GlD1L0voeqCkUZ2o2WKT/wHfbIgCdF+r0 KmYH69P7G4gkmvDumloFXoc= =u85j -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Wednesday 2008-01-23 at 21:16 -0500, Aaron Kulkis wrote:
I'm certain that suse has never shipped a distro where apache runs as root.
Not by default, but that doesn't mean much.
Try this:
$ su password # /etc/init.d/apache start
As it happens, that's the method suse starts up apache or apache2 - and it doesn't run as root, but as wwwrun, except for the parent process.
That's just one of many ways to start apache as root. If the person setting up a website was reading a book written by someone who is relatively clueless, then you have a situation which can best be described as "The blind leading the naked."
So, I guess suse is clueless... :-p
Ah...Suse's script dies an su. Good! But it's not necessarily so for all systems. Especially if someone got an old book on setting up websites and was advised to write his own start-up script. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Aaron Kulkis wrote:
Sloan wrote:
Aaron Kulkis wrote:
If, say, apache has a flaw that allows a shell to be forked off, and apache is running as root, then there you go: root shell.
I'm certain that suse has never shipped a distro where apache runs as root.
Not by default, but that doesn't mean much.
Try this:
$ su password # /etc/init.d/apache start
That's just one of many ways to start apache as root. If the person setting up a website was reading a book written by someone who is relatively clueless, then you have a situation which can best be described as "The blind leading the naked."
No, that's how it normally starts - apache starts as root, binds to port 80, then drops privileges as it becomes the apache user (wwwrun on suse) The clueless would have to be more persistent and clever than that, to make apache run as root. Sure, it's possible to make that happen, but there is no plausible way that a noob could accidentally cause apache to run as root. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, 22 Jan 2008, James Knott wrote:- <snip>
Assuming you're running as a mere mortal and not root, how does it start a root shell?
It wouldn't as a mere mortal. However, the exploit was one affecting Apache and PHP, and allowed for the server to be compromised. Once it's able to gain a toe hold, you don't know what it's going to do, and it's quite possible for the worm to have installed a root kit using a local root exploit to elevate the permissions. As I said, you don't know for certain just what has been done, and it would need some forensic work performed on the drive using outside tools, to find out. Unless the server isn't critical, taking it off-line while the investigation is performed isn't a viable choice, leaving a wipe and reinstall, and rapid security patching, as the next best option. Regards, David Bolt -- Team Acorn: http://www.distributed.net/ OGR-P2 @ ~100Mnodes RC5-72 @ ~15Mkeys SUSE 10.1 32bit | openSUSE 10.2 32bit | openSUSE 10.3 32bit | openSUSE 11.0a0 SUSE 10.1 64bit | openSUSE 10.2 64bit | openSUSE 10.3 64bit RISC OS 3.6 | TOS 4.02 | openSUSE 10.3 PPC |RISC OS 3.11 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, 2008-01-21 at 07:18 -0500, John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was used to it on the left behind windows (Vista was it! No more microsoft!). One had to download a tarball to go with it or it wouldn't work.
Hi Joe, afaik, avira is included on the closed-source disk from SuSE And concerning virii, most of them are targetting M$ machines, allthough there are others (very small number) aiming at solaris, linux, bsd or webservers in general. Thoses live virii use to be found at vxheavens.... hw. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hans Witvliet wrote:
On Mon, 2008-01-21 at 07:18 -0500, John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was used to it on the left behind windows (Vista was it! No more microsoft!). One had to download a tarball to go with it or it wouldn't work.
Hi Joe,
afaik, avira is included on the closed-source disk from SuSE
And concerning virii, most of them are targetting M$ machines, allthough there are others (very small number) aiming at solaris, linux, bsd or webservers in general.
*nix virus: download and install this file chmod it to 755 su execute this program as root Give a virus writer a chance, and follow the stupid instructions. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon 21 January 08 11:49, Hans Witvliet wrote:
On Mon, 2008-01-21 at 07:18 -0500, John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was used to it on the left behind windows (Vista was it! No more microsoft!). One had to download a tarball to go with it or it wouldn't work.
Hi Joe,
afaik, avira is included on the closed-source disk from SuSE
And concerning virii
FYI, there's no such word as 'virii'. Multiple for virus is...viruses. -- "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." Benjamin Franklin -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2008-01-21 at 20:10 -0600, JB2 wrote:
And concerning virii
FYI, there's no such word as 'virii'. Multiple for virus is...viruses.
Wrong! http://en.wiktionary.org/wiki/virii :-P Yep, it is incorrect, but it exists. http://en.wikipedia.org/wiki/Plural_of_virus - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHlhottTMYHG2NR9URAnrsAJ9lUlDhR8XaRzTYQOjjmYGp4AbT0wCeOw2H bL3tY+EdZ9uXjWL0ZHn6DY4= =iUg/ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Monday 2008-01-21 at 20:10 -0600, JB2 wrote:
And concerning virii
FYI, there's no such word as 'virii'. Multiple for virus is...viruses.
Wrong!
http://en.wiktionary.org/wiki/virii
:-P
Yep, it is incorrect, but it exists.
You cannot rely on Wikipedia for accuracy. Try a dictionary instead. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2008-01-22 at 16:24 -0500, James Knott wrote:
The Monday 2008-01-21 at 20:10 -0600, JB2 wrote:
And concerning virii
FYI, there's no such word as 'virii'. Multiple for virus is...viruses.
Wrong!
http://en.wiktionary.org/wiki/virii
:-P
Yep, it is incorrect, but it exists.
You cannot rely on Wikipedia for accuracy. Try a dictionary instead.
Have you read the article in question before saying it is not accurate? You might find out that it concurs with what other dictionaries say... Hint: Notice the smileys. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHlna5tTMYHG2NR9URApKsAJ0WdXFdgxQ23kl765uHy1thpluyxwCfWhYD x/0tNSItRDNEUul4pK2HTvo= =8N1g -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Joe Sloan schrieb: | John B Pace wrote: |> You are dealing with an older dummy here, but too old! I'm wanting to |> know if there is a way to install tarballs properly in Suse. To an |> extent each version of linux I have tried are different, but in each I |> have found it impossible to install a tarball. Thanks! John | The installation of a program from a tarball is a fairly standard drill | in any linux distro, typically a few steps: | tar -xvf program.tar | cd program | ./configure | make | make install An alternative "sudo checkinstall" will create a binary rpm for the future and for the uninstall. Checkinstall package need to be installed. On crappy tarballs you might need to do 'sudo make install' before evoking 'checkinstall'. Also most configure scripts shows its options when evoking './configure --h' and most packages contains a readme file as well. For the important tarballs I also create a spec file and thus create a source rpm for future compilations. There is also a KRPMbuilder as support your work on spec files. I'm not that brilliant packager though. However there is not much on SUSE I need to compile myself. I always check with http://packages.opensuse-community.org/ before downloading and compiling a tarball or I just use its CLI equivalent. There is probably a billion further aspects I'm not aware of, but its ok for a n00b like me. @Joe Sorry to replay your replay but I wanted to keep your and my info together. - -- All the best, Peter J. N. aedon DESIGNS http://www.hochzeitsbuch.info http://www.hochzeitsbuch.selfip.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFHlI5wh8q3OtgoGAwRArCPAJ0aMIfUzowIKx1oXmqdJtOH6GVSmQCfegwF aofL4NnlzsjOE0TyN81vSM4= =eve7 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Thanks again, Joe and Peter and I think there's another fellow named Steve. I appreciate it and now that I know how to do them, I probably won't have to--which is fine by me. There's better things to be doing! Like checking out security issues on Suse next! John On Mon, 2008-01-21 at 13:22 +0100, peter wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Joe Sloan schrieb:
| John B Pace wrote: |> You are dealing with an older dummy here, but too old! I'm wanting to |> know if there is a way to install tarballs properly in Suse. To an |> extent each version of linux I have tried are different, but in each I |> have found it impossible to install a tarball. Thanks! John
| The installation of a program from a tarball is a fairly standard drill | in any linux distro, typically a few steps:
| tar -xvf program.tar | cd program | ./configure | make | make install
An alternative "sudo checkinstall" will create a binary rpm for the future and for the uninstall. Checkinstall package need to be installed. On crappy tarballs you might need to do 'sudo make install' before evoking 'checkinstall'.
Also most configure scripts shows its options when evoking './configure --h' and most packages contains a readme file as well.
For the important tarballs I also create a spec file and thus create a source rpm for future compilations. There is also a KRPMbuilder as support your work on spec files. I'm not that brilliant packager though.
However there is not much on SUSE I need to compile myself. I always check with http://packages.opensuse-community.org/ before downloading and compiling a tarball or I just use its CLI equivalent.
There is probably a billion further aspects I'm not aware of, but its ok for a n00b like me.
@Joe Sorry to replay your replay but I wanted to keep your and my info together. - -- All the best, Peter J. N. aedon DESIGNS http://www.hochzeitsbuch.info http://www.hochzeitsbuch.selfip.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFHlI5wh8q3OtgoGAwRArCPAJ0aMIfUzowIKx1oXmqdJtOH6GVSmQCfegwF aofL4NnlzsjOE0TyN81vSM4= =eve7 -----END PGP SIGNATURE-----
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (16)
-
Aaron Kulkis -
Carlos E. R. -
David Bolt -
Gabriel . -
Hans Witvliet -
James Knott -
JB2 -
Joe Sloan -
John B Pace -
John ffitch -
Ken Schneider -
martin glazer -
peter -
peter nikolic -
Sloan
-
steve