Hello All,
1) Kubuntu 5.10 in my system had a peculiar problem of the 'System Settings' package not giving sudo access for administrative settings ( After it did for the first few times just after installing the OS) . It was resolved by updating the 'kcontrol' package through the 'adept' package manager.
2) When my net is off and I start the system, it waits a pretty long time for synchronising the clock with the internet based clock inspite of the service being disabled in the services list. The temporary workaround for it is to press 'Ctrl C' as soon as it shows up on the startup screen. This will bypass the process and move on.
Adept is a very good online shopping mall for free software for the Kubuntu 5.10 distro.
Regards,
Rony.
___________________________________________________________ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com
Rony,
- When my net is off and I start the system, it waits a pretty long
time for synchronising the clock with the internet based clock inspite of the service being disabled in the services list. The temporary workaround for it is to press 'Ctrl C' as soon as it shows up on the startup screen. This will bypass the process and move on.
$ sudo update-rc.d -f ntpdate remove That should help a bit by removing it from startup :) In case you want to sync your clock manually when online, do this -- $ sudo ntpdate -bsu pool.ntp.org Regards, BG
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Baishampayan Ghose wrote:
$ sudo update-rc.d -f ntpdate remove That should help a bit by removing it from startup :)
Thanks. It worked.
Regards,
Rony.
___________________________________________________________ NEW Yahoo! Cars - sell your car and browse thousands of new and used cars online! http://uk.cars.yahoo.com/
On Tue, 2006-03-07 at 14:11 -0800, Baishampayan Ghose wrote:
That should help a bit by removing it from startup :) In case you want to sync your clock manually when online, do this -- $ sudo ntpdate -bsu pool.ntp.org
and/or run a cron job every 'x' hours.
You can also sync. the CMOS clock after the above with "hwclock --utc|--localtime --systohc." At next reboot the system time will be fairly close to the time servers.
On Tuesday 07 March 2006 22:11, Baishampayan Ghose wrote:
$ sudo update-rc.d -f ntpdate remove That should help a bit by removing it from startup :) In case you want to sync your clock manually when online, do this -- $ sudo ntpdate -bsu pool.ntp.org Regards, BG
cant he jsut hack the init script to background the process? It's as simple as adding a & after the command.
Dinesh Joshi wrote:
cant he jsut hack the init script to background the process? It's as simple as adding a & after the command.
The issue is about privacy. I don't want some third party server to know everytime, that I have booted into linux. Anything that goes out of my system should do so with my consent. :) I am quite happy with my local time. In windows I can control what goes out due to the firewall but in linux thats not possible as firewalls are for incoming protection only.
Regards,
Rony
___________________________________________________________ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com
Sometime Today, RB cobbled together some glyphs to say:
In windows I can control what goes out due to the firewall but in linux thats not possible as firewalls are for incoming protection only.
You have much to learn grasshopper :) Experiment a bit with ipchains/iptables to see how you can do what you want - anything you want.
On 09/03/06 12:44 +0530, Rony Bill wrote:
Dinesh Joshi wrote:
cant he jsut hack the init script to background the process? It's as simple as adding a & after the command.
The issue is about privacy. I don't want some third party server to know everytime, that I have booted into linux. Anything that goes out of my system should do so with my consent. :) I am quite happy with my local time. In windows I can control what goes out due to the firewall but in linux thats not possible as firewalls are for incoming protection only.
Define inbound?
iptables -P OUTPUT DROP
Devdas Bhagat
Hey Devdas,
On Thu, 2006-03-09 at 14:04, Devdas Bhagat wrote:
In windows I can control what goes out due to the firewall but in linux thats not possible as firewalls are for incoming protection only.
Define inbound?
iptables -P OUTPUT DROP
Are you nuts? He will not be able to communicate with outside world at all. His box will become a virtual packet BLACK HOLE. :-)
Devdas Bhagat
With regards,
Sometime Today, DS cobbled together some glyphs to say:
Are you nuts? He will not be able to communicate with outside world at all. His box will become a virtual packet BLACK HOLE. :-)
wouldn't that be peaceful? :P
On 09/03/06 17:27 +0530, Dinesh Shah wrote:
Hey Devdas,
On Thu, 2006-03-09 at 14:04, Devdas Bhagat wrote:
In windows I can control what goes out due to the firewall but in linux thats not possible as firewalls are for incoming protection only.
Define inbound?
iptables -P OUTPUT DROP
Are you nuts? He will not be able to communicate with outside world at all. His box will become a virtual packet BLACK HOLE. :-)
I have only crossed insanity and come out on the other side. Like drinking too much Klatchian coffee.
Devdas Bhagat PS: OP should be able to write decent outbound rules, particularly if he can write rules for INPUT. Also, OP may want to google for helmet instead of iptables.
Devdas Bhagat wrote:
PS: OP should be able to write decent outbound rules, particularly if he can write rules for INPUT. Also, OP may want to google for helmet instead of iptables.
OP wants to know if individual softwares or running applications can be selectively blocked from going to their remote servers in linux....and can this be done live in gui mode where the firewall asks him what to do each time?
Regards,
Rony.
___________________________________________________________ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com
On 3/9/06, Rony Bill ronbillypop@yahoo.co.uk wrote:
Devdas Bhagat wrote:
PS: OP should be able to write decent outbound rules, particularly if he can write rules for INPUT. Also, OP may want to google for helmet instead of iptables.
<rony>
OP wants to know if individual softwares or running applications can be
selectively blocked from going to their remote servers in linux....
Perhaps OP looking for mandatory access control ? SELinux ? BSD Security levels ?
Regards, Mohan S N
--
There will be plenty of time to rest in the grave. - Paul Erdos
On 09/03/06 22:08 +0530, Rony Bill wrote:
Devdas Bhagat wrote:
PS: OP should be able to write decent outbound rules, particularly if he can write rules for INPUT. Also, OP may want to google for helmet instead of iptables.
OP wants to know if individual softwares or running applications can be selectively blocked from going to their remote servers in linux....and can this be done live in gui mode where the firewall asks him what to do each time?
Google: Helmet.
BTW, I don't run with a firewall at all. I trust my applications (yay for tcpdump) and I don't see any untoward traffic going out of my system [1].
As for doing things in GUI mode with interruptions to whatever I am doing, no thank you. I can do without applications which keep interrupting me from doing work.
Devdas Bhagat [1] My current system doesn't have a TPM chip. If the next one does, that box will not be on the Internet.
On Monday 13 March 2006 11:35 pm, Devdas Bhagat wrote:
Devdas Bhagat [1] My current system doesn't have a TPM chip. If the next one does, that box will not be on the Internet.
Wont be long before we wont be on the net at all :-( gpl v3 has specific provisions to prevent third party usage of tpm. But considering that TPM is being built into the cpu, bypassing will be near impossible.
On 14/03/06 13:43 +0530, JTD wrote:
On Monday 13 March 2006 11:35 pm, Devdas Bhagat wrote:
Devdas Bhagat [1] My current system doesn't have a TPM chip. If the next one does, that box will not be on the Internet.
Wont be long before we wont be on the net at all :-( gpl v3 has specific provisions to prevent third party usage of tpm. But considering that TPM is being built into the cpu, bypassing will be near impossible.
And the problem with that is? I can live without computers just fine. I will vote with my money not to buy such hardware.
Devdas Bhagat
On 3/9/06, Rony Bill ronbillypop@yahoo.co.uk wrote:
Dinesh Joshi wrote:
cant he jsut hack the init script to background the process? It's as simple as adding a & after the command.
The issue is about privacy. I don't want some third party server to know everytime, that I have booted into linux. Anything that goes out of my system should do so with my consent. :) I am quite happy with my local time. In windows I can control what goes out due to the firewall but in linux thats not possible as firewalls are for incoming protection only.
I guess, I didnt get you properly. But if you are afraid of getting detected as linux box on network , try to play around with iptables. Or even better you can try " ippersonality " .
-- ------------------------------------------------------------------------------- AbhiSawa
On Thursday 09 March 2006 12:44 pm, Rony Bill wrote:
Dinesh Joshi wrote:
cant he jsut hack the init script to background the process? It's as simple as adding a & after the command.
The issue is about privacy. I don't want some third party server to know everytime, that I have booted into linux.
You can of course set the time manually. Or install a pci card with a high accuracy clock. But the rest of us security ignorant nitwits simply use ntp servers. After all u would not want the guys in Nasik to be out of sync with their office collegues in Cal.
Anything that goes out of my system should do so with my consent. :) I am quite happy with my local time. In windows I can control what goes out due to the firewall but in linux thats not possible as firewalls are for incoming protection only.
U need to read a lot about iptables. U can block/shape/drop/redirect incoming/outgoing ips/hosts/subnets/ports. Never new that windoze had firewall infrastructure in the kernel. I thought that it was an addon user space program.
On Thursday 09 March 2006 07:14, Rony Bill wrote: *snip*
my local time. In windows I can control what goes out due to the firewall but in linux thats not possible as firewalls are for incoming protection only.
You are very lucky that you haven't gotten FtoD. Linux firewalls are the last word in the networking world. Heck you can make it roll over and play dead if you want! :|
-
Abhishek Sawant -
Arun K. Khan -
Baishampayan Ghose -
Devdas Bhagat -
Dinesh Joshi -
Dinesh Shah -
JTD -
Mohan Nayaka -
Philip Tellis -
Rony Bill