Hello,
Am having two strange problems that are starting to eerk me with this
(relatively new) computer, running Debian wheezy:
1. If I boot anything later then 3.12 kernel, I don't get any display. As
in the monitors display black. No cursors of any sort. Changing to a
virtual console doesn't help. Booting in rescue mode doesn't help (I think
this rules out X-Windows being a problem). If I go back to the 3.12 kernel,
everything works perfectly. I also tried plugging monitors into alternative
ports just in case it is going to the wrong place, but get nothing - in any
case, under 3.12 the computer seems pretty good at automatically working
out what ports are active under X-Windows.
01:00.0 VGA compatible controller: NVIDIA Corporation G96 [GeForce 9500 GT]
(rev a1)
Am currently using the non-free nvidia drivers. Had exactly the same
symptoms when I installed the latest kernel without the non-free nvidia
kernel modules. I think the problem is occurring before X starts.
Computer seems to be up and running, and responsive to crl+alt+del despite
not having a display.
2. There seems to be some weird performance problem. e.g. save a 2 kilobyte
file in vim, and the computer can completely freeze (all other windows,
including xterms, stop responding to user input) for, say 30 seconds, while
it is writing that file. Chromium takes ages to load with several tabs, and
pages can fail to start properly while it is doing so.
Computer has 16GB RAM and is not using any swap. It has 11GB of
buffer/cache space:
total used free shared buffers cached
Mem: 15G 13G 2.1G 0B 1.1G 7.9G
-/+ buffers/cache: 4.6G 11G
Swap: 3.8G 0B 3.8G
Problems occurred before starting chromium, previously I wondered if it was
chromium's fault.
This is moving disk + RAID1 + LVM + ext4. Bonnie++ results seem to be
pretty good, better in fact then my work computer, which doesn't suffer
from similar problems.
Writing a byte at a time...done
Writing intelligently...done
Rewriting...done
Reading a byte at a time...done
Reading intelligently...done
start 'em...done...done...done...done...done...
Create files in sequential order...done.
Stat files in sequential order...done.
Delete files in sequential order...done.
Create files in random order...done.
Stat files in random order...done.
Delete files in random order...done.
Version 1.96 ------Sequential Output------ --Sequential Input-
--Random-
Concurrency 1 -Per Chr- --Block-- -Rewrite- -Per Chr- --Block--
--Seeks--
Machine Size K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP /sec
%CP
falidae 31904M 1228 94 107313 4 47471 2 +++++ +++ 137886 3
441.8 2
Latency 19141us 12435ms 251ms 19913us 88073us
283ms
Version 1.96 ------Sequential Create------ --------Random
Create--------
falidae -Create-- --Read--- -Delete-- -Create-- --Read---
-Delete--
files /sec %CP /sec %CP /sec %CP /sec %CP /sec %CP /sec
%CP
16 +++++ +++ +++++ +++ +++++ +++ +++++ +++ +++++ +++ +++++
+++
Latency 36us 223us 226us 36us 10us
24us
1.96,1.96,falidae,1,1404290654,31904M,,1228,94,107313,4,47471,2,+++++,+++,137886,3,441.8,2,16,,,,,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,+++++,+++,19141us,12435ms,251ms,19913us,88073us,283ms,36us,223us,226us,36us,10us,24us
I am currently working on a new theory that the performance problems only
occur when the computer is cold and first turned on. I think I have seen
evidence to disprove this, but guess I should run bonnie++ as soon as I
turn the computer on, just to be sure.
Any other ideas?
Thanks
--
Brian May <brian(a)microcomaustralia.com.au>
Hi,
I am sure I have seen a post on (a) newsgroup about this lately, but
am unable to find it.
Please excuse me posting what I think I should be able to google - but
cann't.
I run a desktop opensuse / KDE system and I want to replace my
existing dual monitor system with a quad monitor system. I am looking
for information on the linux support for graphics card setups which
support 4+ monitors.
I am resigned to using either nvidia or radeon with proprietary
drivers, so would appreciate any advice regarding hardware from anyone
who has done this sort of thing recently.
--
With thanks,
H
those of you who haven't been up into the small hours looking at the
bash shellshock bug:
summarized here:
http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/
which gives the following useful test
env X="() { :;} ; echo busted" `which bash` -c "echo completed"
and claims the bug exists from version 1.13 .. 4.3.
It can be exploited with wget, ssh, http...
They quote NIST thus:
GNU Bash through 4.3 processes trailing strings after function
definitions in the values of environment variables, which allows
remote attackers to execute arbitrary code via a crafted
environment, as demonstrated by vectors involving the ForceCommand
feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the
Apache HTTP Server, scripts executed by unspecified DHCP clients,
and other situations in which setting the environment occurs across
a privilege boundary from Bash execution.
Authentication: Not required to exploit
Impact Type: Allows unauthorized disclosure of information; Allows
unauthorized modification; Allows disruption of service
More details, and an http exploit, are in
http://seclists.org/oss-sec/2014/q3/650
Anyone on OS-X, it affects their bash, sh, csh, tcsh, zsh, ksh; ie, all
the distributed shells.
happy days...
Hi Hannah,
> hi peter. I've tested various builds of busybox ash myself and haven't
> found the vuln applies. could you supply some more details?
It is a QNAP NAS TS-239 Pro2.
> were you testing with the () {} string in an HTTP header?
No, the web server does not respond anymore.
>> Peter Ross wrote:
>>> I have an older QNAP NAS appliance (used for backup) that is vulnerable
>>> as well.
[~] # x='() { :;}; echo VULNERABLE' bash -c :
-sh: bash: command not found
[~] # x='() { :;}; echo VULNERABLE' sh -c :
VULNERABLE
[~] # sh --version
GNU bash, version 3.2.0(17)-release (i686-pc-linux-gnu)
Copyright (C) 2005 Free Software Foundation, Inc.
[~] # uname -a
Linux backup 2.6.30.6 #1 SMP Sat Apr 10 06:48:32 CST 2010 i686 unknown
>>> AFAIK Busybox uses ash.
[as Wikipedia says]
Obviously not his one. It has a lot of symlinks to busybox on /bin but its
shell is bash.
Maybe I do a re-install of "something". I am not sure at the moment. It
only copies directories and files to it on the weekly base with external
disks used to back them up permanently (and partially off-site)
If I put the disks somewhere else I do not need the box anymore. It was
just a handy box already in place before I started here.
Regards
Peter
James Harper wrote:
>> Just out of curiosity,
>> I thought would try out the above test;
>> on the CLI interface on my Netcomm NB64W ADSL2+ router;
>> (standard issue iPrimus ). Thought there was a reasonable chance it used
>> BASH;
>> I can TELNET 192.168.1.1 to a login prompt ;
>> but the u/n ADMIN password doesn't seem to be the same as that for the
>> WEB interface;
>> anyone have any suggestions for a default p/w;
>> or is iPrimus likely to have just locked the CLI down with no access
>> possible ?
>> As mentioned nothing urgent; but responses appreciated !
>> regards Rohan McLeod
>>
> A few routers I've seen use 'admin' as the username in the web console, but 'root' as the username as telnet. What username are you using for telnet?
I had been using "admin" in web console (default p/w "admin");
I just tried "root" with p/w 'admin' ,"(enter)" and "NB6Plus4W" drops
Telnet;
then, NB6PLUS4W , NB6PLUS4W_IPRIMUS and nb6plus drops Telnet
thanks anyway James
regards Rohan McLeod
>
> James
>
From: "Rohan McLeod" <rhn(a)jeack.com.au>
> Any news regarding mobile phones and routers etc ?
I have an older QNAP NAS appliance (used for backup) that is vulnerable as
well.
The web interface died four weeks ago so it seems to be time to retire it
anyway;-)
AFAIK Busybox uses ash. That should be okay for some appliances.
On an Apple, I wonder what breaks if you point sh and bash to ksh (until
the fix comes in) Probably not much.
Regards
Peter
From: "Joh Lindley" <joh.lindley(a)dcwest.net.au>
>> Is Apple's sh a bash? I thought they are using FreeBSD's userland
(FreeBSD's sh is not affected [at least the tests are negative and
there
>> is no SA])
> It would appear so.
> sh-3.2$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
> this is a test
You are calling the bash [not /bin/sh] here.
It shows that you have a bash installed.
Regards
Peter
On 26/09/14 5:22 AM, Douglas Ray wrote:
>
>> Anyone on OS-X, it affects their bash, sh, csh, tcsh, zsh, ksh; ie, all
>> the distributed shells.
>
> only bash and sh.
> csh, tcsh, zsh, ksh not vulnerable.
Is Apple's sh a bash? I thought they are using FreeBSD's userland
(FreeBSD's sh is not affected [at least the tests are negative and there
is no SA])
Regards
Peter
Hi All,
We'd really appreciate any info anyone might have on this; The link to MLUG
- http://www.mlug.org.au - no longer appears current. Does anyone know if
MLUG still exists or if per chance the domain has changed?
Warm Regards,
Sae Ra
--
Sae Ra Germaine
Ordinary Council Member
Linux Australia
http://linux.org.au