debian-user-digest Digest V2007 #2043

Content-Type: text/plain

debian-user-digest Digest Volume 2007 : Issue 2043

Today's Topics:

  Re: how to ssh to a linux box from a  [ Andrew Sackville-West  ]
  Re: Need newer software that include  [ Ron Johnson  ]
  Re: bindgraph                         [ Gilles Mocellin  ]
  Re: libcbtsysinfo in /home/user       [ Magnus Pedersen  ]

Date: Fri, 27 Jul 2007 11:22:47 -0700
From: Andrew Sackville-West <andrew@farwestbilliards.com> To: debian-user@lists.debian.org
Cc: Kevin Mark <kevin.mark@verizon.net>
Subject: Re: how to ssh to a linux box from an internet cafe Message-ID: <20070727182247.GR31753@localhost.localdomain> Content-Type: multipart/signed; micalg=pgp-sha1;

        protocol="application/pgp-signature"; boundary="+S4DbcR7QPeSsP0V" Content-Disposition: inline

--+S4DbcR7QPeSsP0V

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jul 27, 2007 at 08:34:08AM -0400, Douglas Allan Tutty wrote:
> On Fri, Jul 27, 2007 at 02:02:36AM -0400, Kevin Mark wrote:
> > On Wed, Jul 25, 2007 at 05:14:22PM +0300, Nick Demou wrote:
> > > I'll soon be on vacations without my PC. I believe that internet
> > > access from an internet cafe will be my best option. If things go for
> > > the worse how can I ssh to my debian server?
> > > I suppose that a PC in most internet cafes will be willing to download
> > > and run putty.exe but am I right? If not is there any other option?
> > Just to mention the obvious, most access is through client-server
> > programs like ssh. So, before you leave, you need to install the ssh
> > server on your home machine, then test it with the ssh client program on
> > localhost first and if you have a chance, from a remote host. If not a
> > client-server program, then maybe a web-based control panel, although
> > then you have to install apache and make sure that works remotely then.

>=20

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.debian.org Links debian-announce debian-apache debian-arm-changes debian-beowulf debian-boot debian-cd debian-cd-vendors debian-changes debian-changes-digest debian-isp debian-kde debian-laptop debian-mirrors-announce debian-news debian-security debian-security-announce debian-testing debian-user debian-user-digest Request more information about Pantek

on the assumption that the cafe box is rooted, add an abstraction layer. Get a shell account somewhere (google free shells) and activate it (usually only a few dollars) so you can use the network tools. Then setup pubkey authentication from that shell account to your box (maybe encr= ypt the
keys too with a one time pgp key, probably do the encryption on your local box so that its not done on an account of unknown security). Then log into the shell account from the cafe box and then =66rom the shell account ssh in to your system. First thing after you log in, delete the pubkey used to get access. That makes it a one time transaction. When you're done with the session, delete the keys from the shell account and then cancel the shell account. Done. =20

Any keylogger on the cafe box only gets access to your login to the shell account. Everything else is safe from that cafe box. Of course, whatever you type in the cafe box will be snopped, so you'll want to avoid subsequently using passwords for stuff on your box, if possible, but the keys won't be accessible to that cafe box. Then when you delete the ssh keys from the shell account, there is no longer any access to your box from that account. The cancellation of the shell account is probably not needed, but is the right thing to do since we assume that account is compromised.=20

hmmm... as i review this, it also occurs to me that just putting a set of keys on a floppy, or usb key or whatever is fine provided the first thing you do when you login using that key is delete it from the =2Essh/authorised_keys file. Then you are stuck at the one session.=20

You could even create a single-use user for this purpose. Set up the user with whatever stuff you need in sudo (the sudo password will get snooped, but that's okay) and put one key in the authorised-keys file. write a custom .bashrc (or is it .profile? i can never remember) that will delete the authorised_keys file upon login. That's it. You get to use it once and its done. I like that one. Anyone care to comment on it?

A

--+S4DbcR7QPeSsP0V

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGqjf3aIeIEqwil4YRAm2hAJ9dfM9RJ3wZDfFrjNd0UBJXuY3+kgCdGjZs 3iEMpjakT5sKtGQTgiPGZH4=
=KYx+
-----END PGP SIGNATURE----- --+S4DbcR7QPeSsP0V--

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.debian.org Links debian-announce debian-apache debian-arm-changes debian-beowulf debian-boot debian-cd debian-cd-vendors debian-changes debian-changes-digest debian-isp debian-kde debian-laptop debian-mirrors-announce debian-news debian-security debian-security-announce debian-testing debian-user debian-user-digest Request more information about Pantek

Date: Fri, 27 Jul 2007 12:54:08 -0500
From: John Hasler <jhasler@debian.org>
To: debian-user@lists.debian.org
Subject: Re: why do iceweasel et al have more frequent security issues? Message-ID: <87k5sln35r.fsf@toncho.dhh.gt.org> Content-Type: text/plain; charset=us-ascii

Andrew Sackville-West writes:
> apt-get install schnauzer
> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
> E: Couldn't find package schnauzer

The dog is non-free due to patents. You have to have a license from Pfizer.

-- 
John Hasler

Date: Fri, 27 Jul 2007 13:57:50 -0500 From: Ron Johnson <ron.l.johnson@cox.net> To: debian-user@lists.debian.org Subject: Re: Need newer software that included with stable (that isn't at backports.org) Message-ID: <46AA402E.9040408@cox.net> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/27/07 12:26, Tim Hull wrote:
> I'm currently trying out both Debian and Ubuntu on my MacBook to see which
> one I prefer.
> Right now, I'm currently liking Debian better - the stability seems better,
> and it seems easier to customize
> - but I need to run software that's newer than what's in etch (not for a
> lust for bleeding-edge, but simply for the reason
> that my MacBook won't suspend or do proper power management in any kernel
> older than 2.6.22). I also want to be
> able to get updated packages such as the newest Firefox...er..Iceweasel
> (still hate that name, would prefer something
> less silly).
>
> I know the easy Debian solution is to run testing/unstable - it seems like
> most people do. However, then you lose the advantage of
> stability. I actually tried testing and unstable, but found a critical bug
> pertaining to my video card - my system likes to reboot on suspend with the
> new Xorg drivers (yes, dutifully reported it to BTS). For this reason, I
> figure I'll confine Lenny/Sid to a VM or chroot, and I've been looking into
> backports. However, backports.org doesn't seem to have what I need (it only
> has 2.6.21 kernel, doesn't have the new acpi-support, not to mention some
> extra gstreamer plugins I wanted). What would be the ideal solution for
> me? Is there a reliable way to roll my own backports using apt to pull in
> dependencies? Can I build from Sid sources on an as-needed basis? I've
> come across a tool called "apt-build" which pulls down dependencies and
> builds from source - is it what I need? What should I put in my sources.list
> ?
deb-src ftp://mirrors.kernel.org/debian unstable main \ contrib non-free
> On a side note, I will say that the one area I think FOSS lags behind
> Windows and Mac is in updating individual system components. I LIKE being
> able to update a few things without hackish solutions (i.e. build from
> source tarballs) or updating my whole system. You can do it easily on
> Mac/Windows, but it's quite difficult and unreliable on nearly every
> distribution.
This is the price you pay for Freedom.
> I think Debian really ought to look into making backports an
> official project and integrating it into the stable release as a way to get
> updates on an as-needed basis. It may even be an interesting idea to do
> point releases of stable with some backports included. Has this ever been
> discussed? It seems a lot better than simply speeding up the release
> cycle...
That would be the "volatile" branch. Since I run unstable, I have no need for it, but Google might have some answers. If not, ask debian-devel. - -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGqkAuS9HxQb37XmcRAu9KAJ9vEvVaXIxqbZObqdcvDk8mIfSmZQCgp5lD jmQo3qhkviG+sgWTmdxP2rg= =VFvX -----END PGP SIGNATURE-----

Date: Fri, 27 Jul 2007 21:33:55 +0200 From: Gilles Mocellin <gilles.mocellin@free.fr> To: debian-user@lists.debian.org Subject: Re: bindgraph Message-Id: <200707272134.01897.gilles.mocellin@free.fr> Content-Type: multipart/signed; boundary="nextPart2555153.8fiH4rTP11"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit --nextPart2555153.8fiH4rTP11 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Le Friday 27 July 2007 14:06:08 koffiejunkie, vous avez =E9crit=A0:
> Hi guys,
>
> Is anyone using bindgraph on Etch? I have it installed (from the Debian
> repos) on two Etch boxes. Took some fiddling, since the default install
> of bind doesn't log queries, but that sorted, I now have the daemon
> making the rrd file, but the bindgraph.cgi doesn't seem to work
> correctly. It loads the page, but no images.
>
> It does the same thing on both machines. Has anyone else had trouble
> with this? From what I can see the code is very similar to with
> mailgraph.cgi and queuegraph.cgi and they both work fine.
>
> Is there a way to do a trace/debug of a cgi script? It's not logging
> anything at all.
>
> Thanks
Strange ! I just installed it today, and I found what is the problem. It is not compatible with rrdtool 1.2. I found it trying to display directly the image (look in the HTMl source). RRD says it doesn't understand the data format... I backported the testing/unstable version 0.2a. I saw this bug in BTS which was corrected. --nextPart2555153.8fiH4rTP11 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBGqkipDltnDmLJYdARAlBmAJ9nlsRdW+YV5uj3+eDFQfWzasYnEwCgrN2D iAy03x25QcwRQ6W48Dv0M1c= =0bC3 -----END PGP SIGNATURE----- --nextPart2555153.8fiH4rTP11--

Date: Fri, 27 Jul 2007 21:36:29 +0200 From: Gilles Mocellin <gilles.mocellin@free.fr> To: debian-user@lists.debian.org Subject: Re: to netatalk+samba+nfs or not Message-Id: <200707272136.29391.gilles.mocellin@free.fr> Content-Type: multipart/signed; boundary="nextPart3576892.UOgvlV72j0"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit --nextPart3576892.UOgvlV72j0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Le Friday 27 July 2007 18:45:13 Andrew Sackville-West, vous avez =E9crit=A0:
> On Fri, Jul 27, 2007 at 02:59:05PM +0200, Martin Marcher wrote:
> > I know that samba+mac does work (to some extent) but I'm thinking
> > about adding netatalk so that mac users have a more native feeling
> > with all this (automagic share exploration, etc). My worries are
> > wether locking issues could occur. samba+nfs is working seamlessly
> > (nfs opened files are locked and samba das know about that) but does
> > afp also honor kernel oplocks, especially with this combination?
>
> can't answer your question directly, but doesn't apple support nfs?
>
> A
And SMB... Sadly, the common denominator between common computers (Windows/MacOS X/Uni= x)=20 is SMB filesharing (MS shares, Samba)... --nextPart3576892.UOgvlV72j0 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBGqkk9DltnDmLJYdARAv+ZAJ41ExCb29vjwsxa+yOLDZrfkvf1ywCfS+Gd J83/pdgMo/Xgq8t7CX6d2tw= =EjBl -----END PGP SIGNATURE----- --nextPart3576892.UOgvlV72j0--

Date: Fri, 27 Jul 2007 15:19:41 -0400 From: Douglas Allan Tutty <dtutty@porchlight.ca> To: debian-user@lists.debian.org Subject: Re: minimal firewall computer Message-ID: <20070727191941.GA12458@titan> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Fri, Jul 27, 2007 at 07:13:18AM -0500, John Hasler wrote:
> Ivan Glushkov writes:
> > ISP <-> DSL Modem <-> Firewall <-> Router <-> home desktop & laptops
>
> You won't need a seperate router. The Debian box you are going to use as a
> firewall will do everything the router does.
>
> > The question is actually what is the minimal CPU/RAM/HDD requirement for
> > this PC?
>
> I use an old Aptiva with a 386, 48M of RAM, and a 20M drive.
>
What did you have to do to get Debian Etch to run with a 20 M drive?
> > And do you think this is the optimal solution for an intrusion protection
> > of a small home LAN?
>
> It's what I use (but I run only Debian).
If you're _really_ focused on _optimal_ security, a case could be made for running OpenBSD on your firewall/router. I've tried it on my 486 and it installs likidy-split; the install memory/disk requirements are lighter than debian etch. OBSD documentation is excellent as is the support (if you ask intelegent questions). Doug.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.debian.org Links debian-announce debian-apache debian-arm-changes debian-beowulf debian-boot debian-cd debian-cd-vendors debian-changes debian-changes-digest debian-isp debian-kde debian-laptop debian-mirrors-announce debian-news debian-security debian-security-announce debian-testing debian-user debian-user-digest Request more information about Pantek

Date: Fri, 27 Jul 2007 21:50:51 +0200 From: "Manon Metten" <manon.metten@gmail.com> To: debian-user@lists.debian.org Subject: Re: Where is Lame in Sarge? Message-ID: <5da176070707271250j5c3bf8a4k28eeb1b7282ffa6f@mail.gmail.com> Content-Type: multipart/alternative; boundary="----=_Part_7998_10642637.1185565851447" ------=_Part_7998_10642637.1185565851447 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi Hal, On 7/26/07, Hal Vaughan <hal@thresholddigital.com> wrote: On Thursday 26 July 2007, Manon Metten wrote: >
> I tried this, but used the line:
>
> deb http://www.debian-multimedia.org sarge main
>
> aptitude could not get the Packages file from that source. I checked:
>
> http://www.debian-multimedia.org
>
> and there's a note to use:
>
> deb http://mirror.home-dn.net/debian-multimedia sarge main
>
> instead if you're still on Sarge. I've tried that a couple times to be
> sure, but aptitude still can't get the Packages file. I downloaded
> debian-multimedia-keyring and installed it with dpkg. Then when I did
> an update, there was no problem reading the Packages file. From there,
> installing lame worked perfectly.
I'm sorry I referred to etch. I looked up in my logbook how I installed lame a while ago and in the meantime I totally forgot you were using sarge. Nevertheless good to know you've managed to install lame. Don't know if you're interested, but below is the high quality setting I always use when creating my own mp3's: lame --clipdetect --vbr-new -V 0 --add-id3v2 -q2 --lowpass 20kHz --ta "Artist" --tt "Song" --tl "Album" --ty "Year" ifp ofp Manon. ------=_Part_7998_10642637.1185565851447 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi Hal,<br><br><div><span class="gmail_quote">On 7/26/07, <b class="gmail_sendername">Hal Vaughan</b> &lt;<a href="mailto:hal@thresholddigital.com">hal@thresholddigital.com</a>&gt; wrote:<br><br></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> On Thursday 26 July 2007, Manon Metten wrote:<br><br>I tried this, but used the line:<br><br>deb http://www.debian-multimedia.org sarge main<br><br>aptitude could not get the Packages file from that source.&nbsp;&nbsp;I checked: <br><br>http://www.debian-multimedia.org<br><br>and there&#39;s a note to use:<br><br>deb <a href="http://mirror.home-dn.net/debian-multimedia">http://mirror.home-dn.net/debian-multimedia </a> sarge main<br><br>instead if you&#39;re still on Sarge.&nbsp;&nbsp;I&#39;ve tried that a couple times to be<br>sure, but aptitude still can&#39;t get the Packages file.&nbsp;&nbsp;I downloaded<br>debian-multimedia-keyring and installed it with dpkg.&nbsp;&nbsp;Then when I did <br>an update, there was no problem reading the Packages file.&nbsp;&nbsp;From there,<br>installing lame worked perfectly.</blockquote><div><br>&nbsp;</div></div>I&#39;m sorry I referred to etch. I looked up in my logbook how I installed lame <br>a while ago and in the meantime I totally forgot you were using sarge.<br><br>Nevertheless good to know you&#39;ve managed to install lame.<br><br>Don&#39;t know if you&#39;re interested, but below is the high quality setting I <br>always use when creating my own mp3&#39;s:<br><br>lame --clipdetect --vbr-new -V 0 --add-id3v2 -q2 --lowpass 20kHz<br>--ta &quot;Artist&quot; --tt &quot;Song&quot; --tl &quot;Album&quot; --ty &quot;Year&quot;&nbsp; ifp&nbsp; ofp <br><br>Manon.<br><br> ------=_Part_7998_10642637.1185565851447--

Date: Fri, 27 Jul 2007 15:53:39 -0400 From: Douglas Allan Tutty <dtutty@porchlight.ca> To: debian-user@lists.debian.org Cc: Kevin Mark <kevin.mark@verizon.net> Subject: Re: how to ssh to a linux box from an internet cafe Message-ID: <20070727195339.GB12458@titan> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Fri, Jul 27, 2007 at 11:22:47AM -0700, Andrew Sackville-West wrote:
> On Fri, Jul 27, 2007 at 08:34:08AM -0400, Douglas Allan Tutty wrote:
>
> > The other issue to consider is the method you use to authenticate from
> > the cafe. Assume that anything you type in (or attach via USB) will
> > remain on the cafe's box. You may want to set up a series of one-time
> > passwords for ssh. I've never ssh'd in from the internet so I haven't
> > needed the feature but I think its there.
>
> on the assumption that the cafe box is rooted, add an abstraction
> layer. Get a shell account somewhere (google free shells) and activate
> it (usually only a few dollars) so you can use the network tools. Then
> setup pubkey authentication from that shell account to your box (maybe encrypt the
> keys too with a one time pgp key, probably do the encryption on your
> local box so that its not done on an account of unknown
> security). Then log into the shell account from the cafe box and then
> from the shell account ssh in to your system. First thing after you
> log in, delete the pubkey used to get access. That makes it a one time
> transaction. When you're done with the session, delete the keys from
> the shell account and then cancel the shell account. Done.
>
> Any keylogger on the cafe box only gets access to your login to the
> shell account. Everything else is safe from that cafe box. Of course,
> whatever you type in the cafe box will be snopped, so you'll want to
> avoid subsequently using passwords for stuff on your box, if possible,
> but the keys won't be accessible to that cafe box. Then when you
> delete the ssh keys from the shell account, there is no longer any
> access to your box from that account. The cancellation of the shell
> account is probably not needed, but is the right thing to do since we
> assume that account is compromised.
>
> hmmm... as i review this, it also occurs to me that just putting a
> set of keys on a floppy, or usb key or whatever is fine provided the
> first thing you do when you login using that key is delete it from the
> .ssh/authorised_keys file. Then you are stuck at the one session.
>
> You could even create a single-use user for this purpose. Set up the
> user with whatever stuff you need in sudo (the sudo password will get
> snooped, but that's okay) and put one key in the authorised-keys
> file. write a custom .bashrc (or is it .profile? i can never remember)
> that will delete the authorised_keys file upon login. That's it. You
> get to use it once and its done. I like that one. Anyone care to
> comment on it?
I haven't got it installed so I can't read the docs, but what about libpam-opie? From the description in aptitude: Use OPIE one time passwords for PAM authentication. A one time password is usefull to avoid having your password sniffed and reused if you log in via an unencrypted channel or from a compromised system. The PAM module enables OPIE for programs such as SSH which use PAM for authentication. There are probably lots of different ways to securly log in from an unsecured box over an unsecured network, however, there are probably many more ways to think you are doing so securely when in fact you are not. Knowing one from the other depends on knowing exactly what you want to do on your own box via an unsecured one. Doug.

Date: Fri, 27 Jul 2007 22:19:52 +0200 From: Arnau <arnaulist@andromeiberica.com> To: =?ISO-8859-1?Q?Mat=EDas_Palomec?= <matias.nnss@gmail.com> Cc: debian-user@lists.debian.org Subject: Re: Keymap with usbkeyboard Message-ID: <46AA5368.3020306@andromeiberica.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Mat=EDas Palomec wrote:
> On 7/24/07, Arnau <arnaulist@andromeiberica.com> wrote:
>> Hi all, >> >> I've got a server with only USB connections, so I had to plug a USB >> keyboard. This keyboard is an spanish one, so in the installer setting= s >> I selected spanish layout. After the installation has finished I have >> some problems with it, the keymap selecte is an spanish cause letters = as >> =F1 and =E7 are mapped but symbols like / - are not where they should = be. >> Any suggestion? >=20
> Hi:
>=20
> Do you have an international spanish or an latin american spanish.
>=20
> By default, the spanish that you selected is the international
> spanish, so the \ sign is the key at the right side of the number one.
>=20
> If the \ sign is over the P, then is latin america.
>=20 I've solved the problem doing install-keymap es --=20 Arnau

Date: Fri, 27 Jul 2007 15:03:56 -0500 From: John Hasler <jhasler@debian.org> To: debian-user@lists.debian.org Subject: Re: minimal firewall computer Message-ID: <87zm1hlikz.fsf@toncho.dhh.gt.org> Content-Type: text/plain; charset=us-ascii Doug writes:
> What did you have to do to get Debian Etch to run with a 20 M drive?
That was supposed to be 2G. Don't know where 20M came from. Wouldn't be hard, though (and it isn't running Etch).
> If you're _really_ focused on _optimal_ security, a case could be made
> for running OpenBSD on your firewall/router.
I'm not convinced that it is really more secure (except perhaps through obscurity). -- John Hasler

Date: Fri, 27 Jul 2007 22:19:38 +0200 From: Magnus Pedersen <bofhenator@gmail.com> To: debian-user@lists.debian.org Subject: Re: libcbtsysinfo in /home/user Message-ID: <f8dk0q$nd8$1@sea.gmane.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Andrew Sackville-West wrote:
> On Fri, Jul 27, 2007 at 04:43:28PM +0200, Magnus Pedersen wrote:
>> I have a new dir in /home/magnus, /home/magnus/cbt and I have not put it >> there. It contains cbt/lib/libcbtsysinfo_0.so and google draws a blank on >> that filename. Has my system been compromised (theres is nothing out of the >> ordinary anywhere else) or is there something I have missed?
>
> I run google with the "cbtsysinfo" and came up with this:
>
> http://spywarefiles.prevx.com/RRHGED043236257/CBTSYSINFO-0.DLL.html
>
> which while its obviously for windows, show the same storage path
> ($HOME/cbt/lib/). It looks to be a very new thing, so if it is some
> sort of malware and is so new (July 12) then perhaps it does exist for
> multiple platforms and just hasn't been reported yet...
>
> A
Very wierd... I have no idea where it came from browser, mail or something else... But since that article is about windows i might be from iceweasel. /Magnus

Date: Fri, 27 Jul 2007 16:23:07 -0400 From: Douglas Allan Tutty <dtutty@porchlight.ca> To: debian-user@lists.debian.org Subject: Re: libcbtsysinfo in /home/user Message-ID: <20070727202307.GC12458@titan> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Fri, Jul 27, 2007 at 09:42:49AM -0700, Andrew Sackville-West wrote:
> On Fri, Jul 27, 2007 at 04:43:28PM +0200, Magnus Pedersen wrote:
> > I have a new dir in /home/magnus, /home/magnus/cbt and I have not put it
> > there. It contains cbt/lib/libcbtsysinfo_0.so and google draws a blank on
> > that filename. Has my system been compromised (theres is nothing out of the
> > ordinary anywhere else) or is there something I have missed?
>
> I run google with the "cbtsysinfo" and came up with this:
>
> http://spywarefiles.prevx.com/RRHGED043236257/CBTSYSINFO-0.DLL.html
>
> which while its obviously for windows, show the same storage path
> ($HOME/cbt/lib/). It looks to be a very new thing, so if it is some
> sort of malware and is so new (July 12) then perhaps it does exist for
> multiple platforms and just hasn't been reported yet...
If you haven't installed or upgraded any packages recently, and apt-file search libcbt doesn't give any output (which it doesn't), then its safe to assume that something other than a debian package or yourself put it there. Since there is a chance that the system has been compromised, pull the plug. That may sound drastic but its possible for malware to sense a shutdown in progress and do something nasty. Ditto if you pull the network cable. Pull the plug then access that drive from either a live-cd or installing the drive in a known-safe system. Mount the drive read only, noexec, nosuid etc. Look at /etc/passwd: is there a username magnus? Then decide if you want to try to figure out what happend or if you want to wipe the disk and reinstall. The bottom line is that on a suspected system, you can't rely on any executable or even any log files. Good luck, Doug.

Date: Fri, 27 Jul 2007 16:25:43 -0400 From: Douglas Allan Tutty <dtutty@porchlight.ca> To: debian-user@lists.debian.org Subject: Re: libcbtsysinfo in /home/user Message-ID: <20070727202543.GD12458@titan> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Fri, Jul 27, 2007 at 10:19:38PM +0200, Magnus Pedersen wrote: >
> >which while its obviously for windows, show the same storage path
> >($HOME/cbt/lib/). It looks to be a very new thing, so if it is some
> >sort of malware and is so new (July 12) then perhaps it does exist for
> >multiple platforms and just hasn't been reported yet...
> >
> >A
> Very wierd... I have no idea where it came from browser, mail or
> something else... But since that article is about windows i might be
> from iceweasel.
>
> /Magnus
>
Sorry Magnus for my recent post. You may be compromised but I missed the fact that the strange /home/magnus directory ("is there a user magnus") is of course your own. What is the timestamp of the file? What were you doing then? Doug.

Date: Fri, 27 Jul 2007 16:28:23 -0400 From: Rick Thomas <rbthomas55@pobox.com> To: Martin Marcher <martin.marcher@gmail.com> Cc: debian-user <debian-user@lists.debian.org> Subject: Re: to netatalk+samba+nfs or not Message-Id: <9E77C3B3-8183-45F8-AE4E-DF3D75B453CF@pobox.com> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Content-Transfer-Encoding: 7bit On Jul 27, 2007, at 8:59 AM, Martin Marcher wrote:
> Hello,
>
> in our company we have mac/linux/windows clients and I think about
> adding the native service for each of those. the clients aren't under
> my control but can be considered as trusted.
>
> I know that samba+mac does work (to some extent) but I'm thinking
> about adding netatalk so that mac users have a more native feeling
> with all this (automagic share exploration, etc). My worries are
> wether locking issues could occur. samba+nfs is working seamlessly
> (nfs opened files are locked and samba das know about that) but does
> afp also honor kernel oplocks, especially with this combination?
>
> thanks
> martin
I don't know if the AFS implementation available in Debian Etch has support for files larger than 2 GB. You should check that before you turn your users loose on it. Rick End of debian-user-digest Digest V2007 Issue #2043 ************************************************** Received on Fri Jul 27 16:48:56 2007

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.debian.org Links debian-announce debian-apache debian-arm-changes debian-beowulf debian-boot debian-cd debian-cd-vendors debian-changes debian-changes-digest debian-isp debian-kde debian-laptop debian-mirrors-announce debian-news debian-security debian-security-announce debian-testing debian-user debian-user-digest Request more information about Pantek