From owner-freebsd-isp Wed Apr 4 14:50:54 2001 Delivered-To: freebsd-isp@freebsd.org Received: from rafiu.psi-domain.co.uk (rafiu.psi-domain.co.uk [212.87.84.199]) by hub.freebsd.org (Postfix) with ESMTP id 090EE37B71B for ; Wed, 4 Apr 2001 14:50:07 -0700 (PDT) (envelope-from heckfordj@psi-domain.co.uk) Received: from smtp.psi-domain.co.uk (mail.trident-uk.co.uk [195.166.16.10]) by rafiu.psi-domain.co.uk (8.11.3/8.11.3) with SMTP id f34GR1c00820; Wed, 4 Apr 2001 17:27:02 +0100 (BST) Date: Wed, 4 Apr 2001 18:27:14 +0100 From: Jamie Heckford To: "Drew J . Weaver" Cc: freebsd-isp@freebsd.org Subject: RE: Chasing the kiddies (was: Named Keep crashing) Message-ID: <20010404182714.W2879@storm.psi-domain.co.uk> Reply-To: heckfordj@psi-domain.co.uk References: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit In-Reply-To: ; from drew.weaver@thenap.com on Wed, Apr 04, 2001 at 17:40:49 +0100 X-Mailer: Balsa 1.1.1 Lines: 582 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Compare a default redhat install to a default FreeBSD install, from a newbies perspective. Which one is more secure? FreeBSD. J On 2001.04.04 17:40 Drew J. Weaver wrote: > Enh, Redhat only starts everything if it is configured to start > everything, > and has utilities (and manual ways) of telling it not to start everything > > -----Original Message----- > From: Jamie Heckford [mailto:heckfordj@psi-domain.co.uk] > Sent: Wednesday, April 04, 2001 1:16 PM > To: Drew J. Weaver > Cc: freebsd-isp@freebsd.org > Subject: RE: Chasing the kiddies (was: Named Keep crashing) > > > IMHO, redhat is a hell of a lot harder, due > to the fact it launches every damn service you > can think off, most of which are outdated and full of security > holes, and when you try to update them linuxconf throws a > fit becuase you didnt do it through a GUI. > > FreeBSD is a hell of a lot easier to set up as a server > you can trust, without chewing your fingers off. > > Jamie > > On 2001.04.04 17:19 Drew J. Weaver wrote: > > Just an off topic note here, FreeBSD, BSDi/OS and RedHat are > all > > of > > equal "difficulty" to administer, I run all 3 and none of them make me > > shiver in my boots. Not sure what point you're attempting to make here? > > > > --- quoth the raven, --- > > > > Everybody should start with a *nix running on a publicly accessable > box. > > (Note: Linux doesn't count here, except possibly really old versions of > > Slackware. Damned RH makes things too easy. No X either - CLI, people!) > > > > ________________________________________________________________________ > > > > Chet Hosey > > > > ________________________________________________________________________ > > > > On Wed, 4 Apr 2001, Bill Vermillion wrote: > > > > > On Wed, Apr 04, 2001 at 05:45:48PM +1000, Enno Davids thus spoke: > > > > > > > | > Is there any way to trace who is doing it? | > Running tcpdump > > > > with certain filter settings to avoid logging everything and > > > > filling the disk? > > > > > > > > > > | Dont bother... Just install the fixed version of bind... > > > > | Every kid with a script and an internet connection is probably > > > > | doing this to you!!! > > > > > > > This response kind of bothers me. There was a time > > > > when everytime I could sanely trace spammers I emailed > > > > abuse@wherever.was.relevant to advise them. Similarly, when people > > > > probed Apache I'd send off adivsory emails. > > > > > > If you find a way this works let me know. I've given up doing this > > > because except for the most well known, I've received rejects from > > > all mail addresses at the offending provider, root,abuse, > > > postmaster, webmaster, etc. So I just gave up and put the in > > > the REJECT list. > > > > > > Those days responsible people, and not quick buck artists, we're > > > keeping the 'net running. > > > > > > > There was a time when if you probed the Apache on my machine it > > > > winnuke'd you back. Moral issues aside, there _was_ a great deal > > > > of satisfaction there... Needless to say, there's little mileage > > > > in this now (damned M$ service packs!). :) > > > > > > I never was into 'revenge' or 'tit-for-tat'. > > > > > > Bill > > > -- > > > Bill Vermillion - bv @ wjv . com > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > RE: Chasing the kiddies (was: Named Keep crashing) > > > > > > > >

        Just an off > > topic note here, FreeBSD, BSDi/OS and RedHat are all of equal > > "difficulty" to administer, I run all 3 and none of them make > > me shiver in my boots. Not sure what point you're attempting to make > > here?

> > > >

--- quoth the raven, --- > >

> > > >

Everybody should start with a *nix running on a > publicly > > accessable box. > >
(Note: Linux doesn't count here, except possibly > really > > old versions of > >
Slackware. Damned RH makes things too easy. No X > either > > - CLI, people!) > >

> > > >

SIZE=2>_____________________________________________________________________ > ___ > >

> > > >

Chet Hosey > >
<chosey@nidhog.com> > >
SIZE=2>_____________________________________________________________________ > ___ > >

> > > >

On Wed, 4 Apr 2001, Bill Vermillion wrote: > >

> > > >

> On Wed, Apr 04, 2001 at 05:45:48PM +1000, Enno > > Davids thus spoke: > >
> > >
> > | > Is there any way to trace who is > doing > > it? | > Running tcpdump > >
> > with certain filter settings to avoid > logging > > everything and > >
> > filling the disk? > >
> > >
> > >
> > | Dont bother... Just install the fixed > > version of bind... > >
> > | Every kid with a script and an internet > > connection is probably > >
> > | doing this to you!!! > >
> > >
> > This response kind of bothers me. There was > a > > time > >
> > when everytime I could sanely trace spammers > I > > emailed > >
> > abuse@wherever.was.relevant to advise them. > > Similarly, when people > >
> > probed Apache I'd send off adivsory > > emails. > >
> > >
> If you find a way this works let me know.  > > I've given up doing this > >
> because except for the most well known, I've > > received rejects from > >
> all mail addresses at the offending provider, > > root,abuse, > >
> postmaster, webmaster, etc.  So I just gave > up > > and put the in > >
> the REJECT list. > >
> > >
> Those days responsible people, and not quick buck > > artists, we're > >
> keeping the 'net running. > >
> > >
> > There was a time when if you probed the > Apache > > on my machine it > >
> > winnuke'd you back. Moral issues aside, > there > > _was_ a great deal > >
> > of satisfaction there... Needless to say, > > there's little mileage > >
> > in this now (damned M$ service packs!). > > :) > >
> > >
> I never was into 'revenge' or > 'tit-for-tat'. > >
> > >
> Bill > >
> -- > >
> Bill Vermillion -   bv @ wjv . > com > >
> > >
> To Unsubscribe: send mail to > > majordomo@FreeBSD.org > >
> with "unsubscribe freebsd-isp" in the > > body of the message > >
> > >

> >
> > > >

To Unsubscribe: send mail to > majordomo@FreeBSD.org > >
with "unsubscribe freebsd-isp" in the body > of > > the message > >

> > > > > > > -- > Jamie Heckford > Chief Network Engineer > Psi-Domain - Innovative Linux Solutions. Ask Us How. > > FreeBSD - The power to serve > > ===================================== > email: heckfordj@psi-domain.co.uk > web: http://www.psi-domain.co.uk/ > > tel: +44 (0)1737 789 246 > fax: +44 (0)1737 789 245 > mobile: +44 (0)7866 724 224 > > ===================================== > > > > > > > RE: Chasing the kiddies (was: Named Keep crashing) > > > >

Enh, Redhat only starts everything if it is configured to > start everything, and has utilities (and manual ways) of telling it not > to start everything

> >

-----Original Message----- >
From: Jamie Heckford [ HREF="mailto:heckfordj@psi-domain.co.uk">mailto:heckfordj@psi-domain.co.uk] >
Sent: Wednesday, April 04, 2001 1:16 PM >
To: Drew J. Weaver >
Cc: freebsd-isp@freebsd.org >
Subject: RE: Chasing the kiddies (was: Named Keep > crashing) >

>
> >

IMHO, redhat is a hell of a lot harder, due >
to the fact it launches every damn service you >
can think off, most of which are outdated and full of > security >
holes, and when you try to update them linuxconf throws > a >
fit becuase you didnt do it through a GUI. >

> >

FreeBSD is a hell of a lot easier to set up as a > server >
you can trust, without chewing your fingers off. >

> >

Jamie >

> >

On 2001.04.04 17:19 Drew J. Weaver wrote: >
>       Just an off topic > note here, FreeBSD, BSDi/OS and RedHat are all >
> of >
> equal "difficulty" to administer, I run > all 3 and none of them make me >
> shiver in my boots. Not sure what point you're > attempting to make here? >
> >
> --- quoth the raven, --- >
> >
> Everybody should start with a *nix running on a > publicly accessable box. >
> (Note: Linux doesn't count here, except possibly > really old versions of >
> Slackware. Damned RH makes things too easy. No X > either - CLI, people!) >
> >
> ________________________________________________________________________ >
> >
> Chet Hosey >
> <chosey@nidhog.com> >
> ________________________________________________________________________ >
> >
> On Wed, 4 Apr 2001, Bill Vermillion wrote: >
> >
> > On Wed, Apr 04, 2001 at 05:45:48PM +1000, Enno > Davids thus spoke: >
> > >
> > > | > Is there any way to trace who is > doing it? | > Running tcpdump >
> > > with certain filter settings to avoid > logging everything and >
> > > filling the disk? >
> > >
> > >
> > > | Dont bother... Just install the fixed > version of bind... >
> > > | Every kid with a script and an internet > connection is probably >
> > > | doing this to you!!! >
> > >
> > > This response kind of bothers me. There > was a time >
> > > when everytime I could sanely trace > spammers I emailed >
> > > abuse@wherever.was.relevant to advise > them. Similarly, when people >
> > > probed Apache I'd send off adivsory > emails. >
> > >
> > If you find a way this works let me > know.  I've given up doing this >
> > because except for the most well known, I've > received rejects from >
> > all mail addresses at the offending provider, > root,abuse, >
> > postmaster, webmaster, etc.  So I just > gave up and put the in >
> > the REJECT list. >
> > >
> > Those days responsible people, and not quick > buck artists, we're >
> > keeping the 'net running. >
> > >
> > > There was a time when if you probed the > Apache on my machine it >
> > > winnuke'd you back. Moral issues aside, > there _was_ a great deal >
> > > of satisfaction there... Needless to say, > there's little mileage >
> > > in this now (damned M$ service packs!). > :) >
> > >
> > I never was into 'revenge' or > 'tit-for-tat'. >
> > >
> > Bill >
> > -- >
> > Bill Vermillion -   bv @ wjv . > com >
> > >
> > To Unsubscribe: send mail to > majordomo@FreeBSD.org >
> > with "unsubscribe freebsd-isp" in > the body of the message >
> > >
> >
> >
> To Unsubscribe: send mail to > majordomo@FreeBSD.org >
> with "unsubscribe freebsd-isp" in the > body of the message >
> >
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML > 3.2//EN"> >
> <HTML> >
> <HEAD> >
> <META HTTP-EQUIV="Content-Type" > CONTENT="text/html; charset=iso-8859-1"> >
> <META NAME="Generator" > CONTENT="MS Exchange Server version 5.5.2650.12"> >
> <TITLE>RE: Chasing the kiddies (was: Named > Keep crashing)</TITLE> >
> </HEAD> >
> <BODY> >
> >
> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; > <FONT SIZE=2>Just an off >
> topic note here, FreeBSD, BSDi/OS and RedHat are > all of equal >
> &quot;difficulty&quot; to administer, I run > all 3 and none of them make >
> me shiver in my boots. Not sure what point you're > attempting to make >
> here?</FONT></P> >
> >
> <P><FONT SIZE=2>--- quoth the raven, > --- </FONT> >
> </P> >
> >
> <P><FONT SIZE=2>Everybody should start > with a *nix running on a publicly >
> accessable box.</FONT> >
> <BR><FONT SIZE=2>(Note: Linux doesn't > count here, except possibly really >
> old versions of</FONT> >
> <BR><FONT SIZE=2>Slackware. Damned RH > makes things too easy. No X either >
> - CLI, people!)</FONT> >
> </P> >
> >
> <P><FONT > SIZE=2>________________________________________________________________________</FONT> >
> </P> >
> >
> <P><FONT SIZE=2>Chet > Hosey</FONT> >
> <BR><FONT > SIZE=2>&lt;chosey@nidhog.com&gt;</FONT> >
> <BR><FONT > SIZE=2>________________________________________________________________________</FONT> >
> </P> >
> >
> <P><FONT SIZE=2>On Wed, 4 Apr 2001, > Bill Vermillion wrote:</FONT> >
> </P> >
> >
> <P><FONT SIZE=2>&gt; On Wed, Apr > 04, 2001 at 05:45:48PM +1000, Enno >
> Davids thus spoke:</FONT> >
> <BR><FONT > SIZE=2>&gt;</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; | > &gt; Is there any way to trace who is doing >
> it? | &gt; Running tcpdump</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; with > certain filter settings to avoid logging >
> everything and</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; > filling the disk?</FONT> >
> <BR><FONT > SIZE=2>&gt;</FONT> >
> <BR><FONT > SIZE=2>&gt;</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; | > Dont bother... Just install the fixed >
> version of bind...</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; | > Every kid with a script and an internet >
> connection is probably</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; | > doing this to you!!!</FONT> >
> <BR><FONT > SIZE=2>&gt;</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; This > response kind of bothers me. There was a >
> time</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; when > everytime I could sanely trace spammers I >
> emailed</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; > abuse@wherever.was.relevant to advise them. >
> Similarly, when people</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; > probed Apache I'd send off adivsory >
> emails.</FONT> >
> <BR><FONT > SIZE=2>&gt;</FONT> >
> <BR><FONT SIZE=2>&gt; If you find a > way this works let me know.&nbsp; >
> I've given up doing this</FONT> >
> <BR><FONT SIZE=2>&gt; because > except for the most well known, I've >
> received rejects from</FONT> >
> <BR><FONT SIZE=2>&gt; all mail > addresses at the offending provider, >
> root,abuse,</FONT> >
> <BR><FONT SIZE=2>&gt; postmaster, > webmaster, etc.&nbsp; So I just gave up >
> and put the in</FONT> >
> <BR><FONT SIZE=2>&gt; the REJECT > list.</FONT> >
> <BR><FONT > SIZE=2>&gt;</FONT> >
> <BR><FONT SIZE=2>&gt; Those days > responsible people, and not quick buck >
> artists, we're</FONT> >
> <BR><FONT SIZE=2>&gt; keeping the > 'net running.</FONT> >
> <BR><FONT > SIZE=2>&gt;</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; > There was a time when if you probed the Apache >
> on my machine it</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; > winnuke'd you back. Moral issues aside, there >
> _was_ a great deal</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; of > satisfaction there... Needless to say, >
> there's little mileage</FONT> >
> <BR><FONT SIZE=2>&gt; &gt; in > this now (damned M$ service packs!). >
> :)</FONT> >
> <BR><FONT > SIZE=2>&gt;</FONT> >
> <BR><FONT SIZE=2>&gt; I never was > into 'revenge' or 'tit-for-tat'.</FONT> >
> <BR><FONT > SIZE=2>&gt;</FONT> >
> <BR><FONT SIZE=2>&gt; > Bill</FONT> >
> <BR><FONT SIZE=2>&gt; > --</FONT> >
> <BR><FONT SIZE=2>&gt; Bill > Vermillion -&nbsp;&nbsp; bv @ wjv . com</FONT> >
> <BR><FONT > SIZE=2>&gt;</FONT> >
> <BR><FONT SIZE=2>&gt; To > Unsubscribe: send mail to >
> majordomo@FreeBSD.org</FONT> >
> <BR><FONT SIZE=2>&gt; with > &quot;unsubscribe freebsd-isp&quot; in the >
> body of the message</FONT> >
> <BR><FONT > SIZE=2>&gt;</FONT> >
> </P> >
> <BR> >
> >
> <P><FONT SIZE=2>To Unsubscribe: send > mail to majordomo@FreeBSD.org</FONT> >
> <BR><FONT SIZE=2>with > &quot;unsubscribe freebsd-isp&quot; in the body of >
> the message</FONT> >
> </P> >
> >
> </BODY> >
> </HTML> >
-- >
Jamie Heckford >
Chief Network Engineer >
Psi-Domain - Innovative Linux Solutions. Ask Us > How. >

> >

FreeBSD - The power to serve >

> >

===================================== >
email:  heckfordj@psi-domain.co.uk >
web:    HREF="http://www.psi-domain.co.uk/" TARGET="_blank">http://www.psi-domain.co.uk/ >

> >

tel:    +44 (0)1737 789 246 >
fax:    +44 (0)1737 789 245 >
mobile: +44 (0)7866 724 224 >

> >

===================================== >

> > > -- Jamie Heckford Chief Network Engineer Psi-Domain - Innovative Linux Solutions. Ask Us How. FreeBSD - The power to serve ===================================== email: heckfordj@psi-domain.co.uk web: http://www.psi-domain.co.uk/ tel: +44 (0)1737 789 246 fax: +44 (0)1737 789 245 mobile: +44 (0)7866 724 224 ===================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message