Berkeley CSUA MOTD:Entry 26964
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/04/06 [General] UID:1000 Activity:popular
4/6     

2003/1/2 [Computer/SW/OS/Linux] UID:26964 Activity:high
1/02    What could cause my linux box to go into "promiscuous mode" all by
        itself.  I've run a tripwire stored on cd and nothing has changed.
        \_ AFAIK, tripwire only tells you that the stuff it knows
           about hasn't changed. An '1337 h4x0r can still 0wnz your
           box and install rpms and kernel modules that will put
           your interfaces in promiscuous mode.
           Or it might just be someone running tcpdump or ethereal.
            \_ Sure tripwire doesn't cover everything but it gives
               me faith that my ps and who commands are correct and
               i don't see anyone running tcpdump or anything else
               like that.  Besides, i'm the only root on this box.
               I was hoping that perhaps other services sometime cause
               the interface to go into periscuous mode.  Like dhcp
               or samba or iptables or...  (funny thing though is that
               it is only my outside interface that is doing this :(
                \_ I'm not aware of any normal services that
                   require interfaces to be placed in promiscuous
                   mode.
                   BTW, I hope that you realize that while your
                   who and ps binaries might be unaltered they
                   may not be providing you complete or correct
                   information (kernel modules pretty much have
                   full access to all kernel data structures and
                   can easily hide programs and users from user
                   land pgms).
                   Do you have a network sniffer? If so, try and
                   stick it on the same segment as the promiscuous
                   interface on your linux box and see what sort
                   of traffic is being generated. If something
                   looks abnormal, you've probably been hacked.
        \_ your linux box is horny and you're not satisfying its needs.
2025/04/06 [General] UID:1000 Activity:popular
4/6     

You may also be interested in these entries...
2013/2/19-3/26 [Computer/SW/OS/OsX] UID:54611 Activity:nil
2/19    I program a lot by sshing to a Linux cluster.  So I'm used to using
        Xemacs to code.  This works fine from a Linux or Windows workstation,
        but sometimes I have to use a Mac.  On Mac, the meta is usually
        bound to option, but that often doesn't work over ssh for some reason.
        This makes using emacs a real pain.  Any suggestions on how to fix it?
        (Other than "use vi")
	...
2012/8/28-11/7 [Computer/HW/Memory] UID:54466 Activity:nil
8/26    Amazon medium instances (3.75GB RAM): 0.160/hour = $1382/year
        Generic standard Linux VPS (4GB RAM): $480/year
        Amazon costs more (but does offer superior scaling options).
        \_ Amazon is $670 if you buy a year's usage up front (heavy util).
           Why is heavy util less expensive than light util?
	...
2012/1/4-2/6 [Computer/HW/Drives] UID:54281 Activity:nil
1/4     I want to test how my servers behave during a disk failure and
        a RAID reconstruction so I want to simulate a hardware failure.
        How can I do this in Linux without having to physically pull
        a drive? These disks are behind a RAID card and run Linux. -ausman
        \_ According to the Linux RAID wiki, you might be able to use mdadm
           to do this with something like the following:
	...
2010/7/21-8/9 [Computer/SW/OS/FreeBSD] UID:53890 Activity:nil
7/21    Can I just use ifconfig to expand my netmask on a FreeBSD box?
        Are there any gotchas here? Linux forces me to restart my network
        to expand my netmask.
        \_ yes... and no, you don't have to restart your network on linux either
           \_ Rebooting is the Ubootntoo way!
              \_ Oooboot'n'tootin!
	...
2010/7/22-8/9 [Computer/SW/OS/FreeBSD, Computer/HW/Drives] UID:53893 Activity:nil
7/22    Playing with dd if=/dev/random of=/dev/<disk> on linux and bsd:
        2 questions, on linux when <disk>==hda it always gives me this off
        by one report i.e. Records out == records in-1 and says there is an
        error. Has anyone else seen this?  Second, when trying to repeat this
        on bsd, <disk>==rwd0 now, to my surprise, using the install disk and
        selecting (S)hell, when I try to dd a 40 gig disk it says "409 records
	...
2010/5/26-6/30 [Computer/SW/Unix/WindowManager, Computer/SW/OS/OsX] UID:53844 Activity:nil
5/26    anyone use lxde?  supposedly it is less stupid than xfce and
        less bloated than gnome.  thoughts?
        \_ lol, does anyone still use desktop linux?  Get with the times
           buy a mac.  Now.  DO IT.  Go NOW.
           \_ but we prefer herring to Kool-Aid
              \_ "you have to yell, he's hard of herring"
	...
2010/5/6-26 [Computer/SW/OS/Windows] UID:53818 Activity:low
5/5     Does anyone know how to do custom install of Ubuntu 10.04? I can't
        even boot it up to give me the menu to custom install and it
        keeps installing a bunch of crap I don't need. It's getting
        just as slow and bloated as Winblows install. Dear lord,
        I miss the old Ubuntu.
5/5=1.0 Numerology FTW.    5+5=10
	...
2010/4/22-5/10 [Computer/SW/Languages/Misc] UID:53797 Activity:nil
4/22    In Linux is there an easy way to rename the scripts in /etc/rc?.d ?
        For example I want to set all the /etc/rc?.d/S91apache to S100apache
        so that it'll run the ramdisk BEFORE going to apache.
        \_ Sure, just move them.
           \_ I mean is there a script that will rename all of them
              for me? Like: setrc apache2 0 0 1 1 1 1
	...