How to patch redhat and debian securely ? I mean is there sth like in solaris live upgrade, when after upgrade sth goes wrong I can revert to previous state from before upgrade?
View 4 RepliesHow can you use swat securely from a securely location?
View 1 Replies View RelatedI just want to upgrade my Slackware 13.1 kernel (2.6.33.4) to the latest stable kernel from kernel.org (2.6.38.2). I have never done anything like this and I am a Linux newbie, so I would appreciate a "Kernel Patching for Dummies" version if possible. I did do a search on this forum and most of what I read was over my head. I found an FAQ on kernelnewbies.org on "How To Apply A Patch" but when I attempted what they suggested, it said it couldn't find the file to patch at line 5 and asked me which file to patch. So I CTRL-Z'd out of there and came here. Here's what I tried:
[code]...
I have a Debian Squeeze installed on my old iBook G4 mid 2005. The computer has been giving me hard time and I want to sell it for parts. Before that however I'd like to erase the hard drive securely. Is there a software that this forum recommends for erasing hard drives completely and securely? Is there Linux equivalent for something like DBAN which can be installed on a CD and then boot the computer from it?
View 14 Replies View Relatedis there a way to remove a patch from a kernel?
I need to apply a squashfs-lzma patch (squashfs 4.1cvs) to the liquorix kernel source which is already patched with squashfs 4.0.
how would I do that?I tried googling got this. url
but I dont know the command used to apply the patch the patch is called
35.4-3.patch.gz
url
but that patch includes more than squashfs,etc
I need to send large files from a Linux machine to another using cryptography. The sender machine knows the recipient IP but not vice-versa. I don't need strong cryptography and prefer higher-speed less-secure solutions.
There are no problems with presharing crypto keys but I'd prefer not dealing with SSH users creation.
I think to HTTP PUT over TLS, but I never had experience with it and I prefer to hear which are the possible solutions. I know that it can listen as a daemon but I don't know anything about cryptography. So pipeing with OpenSSL may be a solution.
I'd like to find a way to mount a windows file share securely (encrypted) as I'll be communicating over the Internet.
View 4 Replies View RelatedCan't I forward a program window from my laptop to my desktop securely, both running Linux?How to ssh -X an existing window program just like the 'screen' program does?This question came up with my friends when watching an episode of 24! "Almeida send me your screen"
View 1 Replies View RelatedI cant mount a directory on red hat 5 from red hat 4 using fstab.I keep getting permission denied.I mount directories on the same red hat 5 sys from other red hat 5 and 2 old HPUX systems using fstab.When I try to telnet to it i get "no route to host."
View 3 Replies View Relatedexplain step by step howto apply this driver patch:
Code:
diff --git a/drivers/gpu/drm/i915/i915_gem.c b/drivers/gpu/drm/i915/i915_gem.c
index f1fcc97..0dcf761 100644
--- a/drivers/gpu/drm/i915/i915_gem.c
+++ b/drivers/gpu/drm/i915/i915_gem.c
@@ -3530,6 +3530,9 @@ i915_dispatch_gem_execbuffer(struct drm_device *dev,
[Code]....
Ok here's the problem : I tried to patch the kernel of my Debian server with GrSecurity but when I rebooted I couldn't SSH the server anymore, but my host has a rescue system that lets me SSH the server so I can fix things.
So maybe the kernel patching failed, maybe it's a only a problem with Grub.
I don't really know what to do to fix this. If I messed up the kernel what can I do ? Can I just fix the problem by modifying the grub entries to only boot on the old kernel (I don't even know if it's here anymore, I'm quite the n00b) ?
Well for now I'll just try to mount the partitions (won't let me do "mount: can't find /dev/sda1 in /etc/fstab or /etc/mtab" )
edit : to be clearer my main question is : how can I determine if it's because the kernel is messed up or because the system wouldn't boot properly ?
edit 2 : is there a way to create a log of what happens at boot so I can have an idea about what's wrong ?
I'm trying to install a patch but when I copy it into terminal I get message " /home/john/patch-modules_v62-opensuse.sh 'vmware-7.1.3-2.6.37-rc5.patch' not found. copy it to the current '/home/john' directory. Exiting" But I have it in my home directory!
View 3 Replies View RelatedChris Wilson 2011-07-29 02:08:19 PDT wrote:Out of curiosity, we found a widespread bug affecting modesetting. Just on the off-chance that this is a timing issue and a incorrect clock setting
View 7 Replies View RelatedHow do we perform offline patch management with Debian? This isn't a question about which tools to use on Debian to load the patch once it is on a CD and transferred to said offline computer via sneaker net. More, how do I keep said offline (or strictly firewalled) computer in synch?
Pardon me while I make a comparison to Solaris. I am in no way stating Solaris is better. It just happens to be my baseline of experience.In Solaris, I can download Cluster Patch Updates (CPU). So if I build a Solaris box with a CD that is a year or more old, I can download the latest CPU and get the box patched up to date, and from that point on sneaker-net patches as they appear.
When a real kernel version is upgraded, like say 2.6.32 to 2.6.38, the old kernel is left intact and is ready to be used in case of a problem with a new one, but when only a debian patch version is updated, like 2.6.32-30 to 2.6.32-35, the old kernel is replaced with a new one. More then this, aptitude shows that older version is not in repository either, so how do you supposed to revert back? Well, i did found -30 in apt cache when i got hit by a nasty regression in -35 yesterday, but what if i had cleaned apt cache?
View 1 Replies View RelatedI have tried to follow the Squeeze instructions here:
[URL]
but the patch process fails (item 5)
This topic is discussed at: [URL]
Sadly, neither I nor Firefox understands colloquial German well enough to know what is going on.
I'm trying to install sid but debootstrap if failing due to bug #581420. I understand the fix is simple but how can I bypass/patch the broken util-linux package that gets downloaded at install time? I'm using the daily d-i business card CD.
View 2 Replies View RelatedI' d like to apply this patch into my squeeze: [URL] Can someone pls explain howto apply driver diff patch into a custom kernel?
View 9 Replies View RelatedTo copy from production to standby over the internet I use a cron job doing rsync -avze 'ssh -p 8022' --exclude-from= ....
My question is: should the cron job run on the production or the standby system. Root access to the remote system is given by a pass phrase-less ssh key. Currently I run rsync on the production system. I guess that it is more secure because the standby needs no ssh login to production. Running rsync on the standby would use less resources on production. I am concerned that in this case there would be pass phrase-less access from standby to production.
I read this article:[URL]..(Alien for all packages and howto) but I have some doubts. Let's see if I understand correctly. In practice, we open a port (8888 for example) on the local PC on which you made a ssh tunnel to our server, right? Who resolves the dns? Our remote server? With this technique we are safe even from sending data through unencrypted protocols like hhtp (not https)? An administrator who wants to see what we visited what would see in his log?
View 2 Replies View RelatedI loaded F10 up on my laptop a few nights back. NetworkManager connects via Ethernet just fine. It will also connect wirelessly, but only when security is disabled. I've been using 128-bit WEP.
When I try to connect using security, this is what appears in the log:
Code:
Jan 29 21:07:17 localhost NetworkManager: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) complete.
Jan 29 21:07:17 localhost NetworkManager: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) starting...
[Code]......
I run Slackware 13.1 on a small Pentium 4 box that runs a torrent client, game server, and a few more Internet-related scripts.
I see no point running these stuff with root priviledges, so I have this line in rc.local:
Code:
su user -c "/home/user/services/start-all.sh"
How secure is that command, su user -c? And what would be the right way to go with it?
IMO it really is the big thing! The patch being talked about is designed to automatically create task groups per TTY in an effort to improve the desktop interactivity under system strain. Mike Galbraith wrote the patch, which is currently in its third version in recent weeks, after Linus Torvalds inspired this idea. In its third form, this patch only adds 224 lines of code to the kernel's scheduler while stripping away nine lines of code, thus only 233 lines of code are in play. Tests done by Mike show the maximum latency dropping by over ten times and the average latency of the desktop by about 60 times.
[Code]...
Does anybody know any patch for aggregated rsvp in ns-2?
View 1 Replies View RelatedI just "inherited" 2 rhel 4u8 servers and was asked to patch them. We don't have an active subscription to RHN. Is there a way I can download patch bundles?
View 2 Replies View RelatedThis post concerns info found at [URL]. My question is: How do I get the patch. The author makes ref. to "his" git repo and the patch for TOR. I guess the patch allows the use of some compile time options that can harden the build. I looked through the change log of TOR and couldn't see any of the options referenced by Jacob in his post. I have read on the net that compile time hardening options are part of the gnu compiler, not the application to be compiled. Is this true?
View 5 Replies View RelatedI'm having no luck trying to apply this Kernel patch to Meego 1.2 (Running Linux Kernel version 2.6.37) I want to apply the first patch featured here on this page:
url
How do I go about patching this file into the Kernel?
I had Windows XP working. I then put in a new hard disk and installed Redhat 5 on it. rom then i could only boot into Redhat. Further, everyting is very slow. Anothe rproblem is that Redhat does not see my netwrok so I cannot get onto the Internet. I need to have the choice of booting into XP or Redhat.
View 2 Replies View RelatedI have a small network at my office (3 workstations, 1 ubuntu desktop that I'm using as a file server). I'm using a WRT54G2 router for networking and internet connectivity. Here's what I'm trying to accomplish: I want to be able to access my little file server from home, across town. I think ssh might be the best way to go now. What I don't know: How do I set up the ssh server on my machine/network without compromising my network security and the security of my server? Do I just set up port/ip forwarding on my router, install openssh, and that's it?
View 9 Replies View RelatedI am running Ubuntu Server 10.10. I have installed OpenVPN using this guide I have set up everything correctly as this guide says, but I am having problems with the config file. I want to securely route all traffic on the client to the server, how ever the server will not start. My config is below:
Quote:
#################################################
# Sample OpenVPN 2.0 config file for #
# multi-client server. #
# #
# This file is for the server side #
[Code]......
The servers ip is 10.0.0.65 and I want to assign the clients the ip range of 10.0.0.200 to 10.0.0.20 When I try to start the server I get the message Fail.