similar to: Blocking port scanning

Greetings - Maybe I''m a bit slow, but I''ve been trying to understand how to use a module for the better part of a day and I''m not getting it. Here''s what I''ve done: Using puppet 0.23.2 1. Downloaded the shorewall module from David Schmitt''s git repo (Thanks David!!!!) and placed it in the directory /var/lib/puppet/modules (using the rpm

Greetings - Does anyone have plans for a Puppet BOF at LISA this year? I''ve seen some talk on the LOPSA configmgmt list about Config Mangement BOF''s, but nothing focused on Puppet. Please, Please, mom, can we have a BOF, PUHLEESE!!!! Luke - I hope you''ll be there so I can at least buy you dinner and beers/drinks for making my SA life easier with Puppet. Cheers, Jeff

Greetings - I''ve just started testing Puppet and have a couple of questions: 1. Is there a way to dynamically change a configuraion file that is sent to nodes? For example, I want to modify /etc/hosts to have the hostname and ip address set dynamically - the hosts file shoule look like: 12.34.56.78 node1.example.com 22.35.66.99 server1.example.com But I don''t want to

Group - I''m putting a presentation together for $work (a large .gov) and I want to make sure I get my facts (pun intended) straight ... Are the following steps for Facter-Client-Server interaction correct (I have a feeling not): 1. Client puppet run is initiated (via regular schedule, puppetrun, or puppetd) 2. The client contacts the server and downloads any custom facts it does not

Hello - Is the following a configuration issue (which is usually the case) or a bug? I''m trying to ensure a local user is present in a NIS environment using the following recipie: class dduck_add { user { "dduckl": ensure => present, uid => 60030, gid => "100", groups =>

On 2017-04-13, 01:58, Andrew Bartlett via samba wrote: > On Wed, 2017-04-12 at 19:17 -0600, S P Arif Sahari Wibowo via > samba wrote: >> Do you know any example Samba configuration that authenticate >> to plain - non-AD, e.g. MIT KDC - Kerberos server? > > This a normal and fully supported configuration. It maps to > normal unix users. Thanks! is it mean that the OS

My head hurts from trying to figure this out for the past several hours . . . I want to determine what provider to use based on a fact (thanks for the suse version fact btw) but I ain''t gettin it: What''s wrong? Am I going down the completely wrong path? Is there a better way? # suse-yum.pp case $suse_repo_name { #sled10-i586: {Package{ provider => rug}} sled10-i586:

On 2017-04-16, 19:06, S P Arif Sahari Wibowo via samba wrote: > I was looking into samba wiki pages and cannot find > documentation for this. Generally most the documentation pages > either discussing samba as AD member or standalone. So still looking at this. So this is the state currently: kerberos setup (krb5.conf and keytab) is working in the server, I can do kinit properly. But

Hi, I've been following the list for a few months but this just my first post to the list. I've just started to use compiz again a few days ago and I have a few things (probably bugs) here that bugged me a little bit. I am not sure whether the bugs is in compiz or somewhere else so it would be nice if someone could confirm them. Here they are: - on default window decoration the maximize

Hi! Do you know any example Samba configuration that authenticate to plain - non-AD, e.g. MIT KDC - Kerberos server? Would you mind point me to that configuration? What will be the issue of this kind of configuration? Thank you. -- ____ ____ ____ ____ (stephan paul) Arif Sahari Wibowo /___ /___/ /___/ /___ http://www.arifsaha.com/ ____/ / / / ____/

Hi R-users, I would like to ask question related to error output. If an error comments come out, then the program will automatically stop. I want to ask , how I can still continue the program even though there is an error comment? var=VAR(Canada,p=3,type="const") for (j in 1:nrow(com)) { mat=ma { for (i in 1:ncol(com)) { y=which(mat==com[j,i]) mat[y]=NA }

Dear All, I have Centos 5 and devecot 1.0.7 I want to upgrade it to the latest version. I will appreciate if any one can tell me how can I upgrade it please. Thanks Arif

Using Shorewall v1.2, and testing the firewall using scan.sygate.com, I am informed that several ports (web (80), ident (113) and DCE locator (135) are ''closed'' rather than ''blocked''. All other ports show as blocked or ''stealthed''. I haven''t set up any rules or policies that have anything to do with 80, 113 or 135. Is this

On 2017-04-25, 15:40, Andrew Bartlett via samba wrote: > This looks like the instructions: > https://social.technet.microsoft.com/wiki/contents/articles/2751.kerberos-interoperability-step-by-step-guide-for-windows-server-2003.aspx#Using_an_MIT_KDC_with_a_Stand-alone_Windows_Server_TwentyOhThree_Client Thanks Andrew! This is quiet useful info. > Also, you still have to create all the

On Thu, 20 Apr 2017 07:32:16 -0600 (MDT) S P Arif Sahari Wibowo via samba <samba at lists.samba.org> wrote: > On 2017-04-20, 03:35, Andrew Bartlett via samba wrote: > > I think you really want to move to Samba as an AD DC. > > In that case, how can I setup a Samba AD DC which has its > authentication came from another non-AD Kerberos service? > Preferably in a

On Fri, 2015-02-13 at 09:46 -0500, Lamar Owen wrote: > On 02/13/2015 09:15 AM, Chris Adams wrote: > > Yeah, the old "move stuff to alternate ports" thing is largely a waste > > of time and just makes it more difficult for legitimate use. With > > large bot networks and tools like zmap, finding services on alternate > > ports is not that hard for the

Hey Guys, Just making some enquieres for a project i'm goign to be starting using xapian. When searching over a indexed document will i be able to get a list of hits, how many hits and the location fo the hits. I will have boolean searches like eg ("Mysql" AND ("Linux" OR "Windows")) On each hit i will be wanting teh location of the word found and how many

On 2017-04-20, 03:35, Andrew Bartlett via samba wrote: > Not windows clients without much pain. In theory Windows can > join a non-AD KDC, but it is incredibly rarely done. Would you mind to give clearer picture how much pain we are talking about here? Any link to somebody who did it? I need to compare it to the pain of another alternatives I have in the table, like let clients mount

i've this udp daemon which is waiting for an incoming udp datagram. now i want test this daemon for random garbage to test how it behaves. My udp daemon is running because its shows on netstat. problem is if i issue following command for putting udp datagram : $nc -uvvz <host> <port> it does not output any thing. i have straced the udp daemon. which does not returns from recv()

Hi, When I run an nmap with UDP port scan option against one of the machines behind the shorewall, it shows tons of open ports on that server. I am sure I just missed something in the configuration. Can anyone suggest. Val _________________________________________________________________ Join the world’s largest e-mail service with MSN Hotmail. http://www.hotmail.com