We have a PC with firmware malware on - at least - both DVDs.
I don't know if it's worth recovering the system, but I definitely
want to find diagnostics for identifying infections and vectors
on the rest of the LAN.
Booting a DVD live-image of ubuntu, invocations of
firefox are intercepted and come up as "JON recovery system"
or some such. The attack vector may have been the old XP
system on the harddrive, but equally it may have been one
of the ubuntu images.
It is a medion PC, article number 10002328, and there are
firmware updates at the manufacturer.
I'm unsure how to securely install, given that the DVDs are
compromised, and I have no way to verify the cardreader or
motherboard BIOS or harddrive. (I could map/update
the bootsector of the harddrive, but I haven't checked
what may be available to work with the firmware.)
Would putting the infected DVD drives on another system,
sans media, risk infecting the new system?
Conversely, let's say I swap in a new DVD drive and boot a
putatively clean DVD - if the BIOS is corrupted do I risk just
re-infecting the new DVD drive?
Merry Christmas to all
Douglas Ray
On Wed, 23 Dec 2015 21:18:39 -0500
Jason White via luv-main <luv-main(a)luv.asn.au> wrote:
> Russell Coker via luv-main <luv-main(a)luv.asn.au> wrote:
> > To run KVM virtual machines it seems to be recommended to un virsh which
> > requires XML.
>
>
> I've run kvm guests directly, without virsh installed, while also managing
> them from the console. Thus, whether you actually need virsh depends on your
> requirements and environment.
What you are saying is true, But inmho, virsh give you far more control over the VM (eg: snapshots, connecting devices
live etc). While you may be able to do the same without virsh, using it to me is much easier, specially if you are
doing it remotely.
Cheers,
Daniel
>
> _______________________________________________
> luv-main mailing list
> luv-main(a)luv.asn.au
> http://lists.luv.asn.au/listinfo/luv-main
--
dan062 <dan062(a)yahoo.com.au>
--
dan062 <dan062(a)yahoo.com.au>
Quoting Daniel Jitnah (djitnah(a)greenwareit.com.au):
> Is there anyway we can express that directly to those affected? There
> seem to be a request to post through Docker?
Quoting https://bits.debian.org/2015/12/mourning-ian-murdock.html:
His family has asked for privacy during this difficult time and we very
much wish to respect that. Within our Debian and the larger Linux
community condolences may be sent to in-memoriam-ian(a)debian.org where
they will be kept and archived.
Respectfully,
Rick Moen
rick(a)linuxmafia.com
To run KVM virtual machines it seems to be recommended to un virsh which
requires XML. Just having XML isn't necessarily a bad thing (XML is great for
machine=>machine communication) but apparently you have to edit it yourself!
I've editited XML by hand before and written scripts to do it back when I was
working on clustering software which also had the flaw of requiring XML but
provided no automated way of creating it.
Getting KVM working from the command line is easy enough (for definitions of
easy that include a 500 character command). But how do you start it on boot
and keep it running?
I'm currently using screen to manage KVM sessions and it's not that difficult to
script screen to start on boot, but it's a little ugly. Any better ideas?
PS A recent update to Xen on Debian resulted in SATA disks not working
correctly on one of my systems. If we weren't going to move LUV hosting to
another location then I'd convert the LUV server to KVM to avoid the risk of
SAS disks having a similar issue.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
The list server is configured to reject mail that fails DKIM or SPF checks. It
is not supposed to receive mail from other list servers or forwarding services
so there's no reason for mail to fail such checks.
If you have a problem with mail from your ISP going to the list then contact
me off-list and I'll help you file a bug report.
If you have a problem with your own personal domain then I am happy to send
you log entries related to your issue and help you debug it.
Don't claim that there's something wrong with the LUV server though. If you
setup your server to DKIM sign mail and it doesn't do it correctly or setup a
SPF entry that doesn't include your sending address then it's your issue. I'm
happy to help you solve your issues, just don't claim that they are my issues.
While we are having a debate about whether list servers should send out mail
that fails DKIM and/or SPF checks I think that there is no reason that a mail
server should receive such mail unless it is configured to receive mail from
another list server. Of course if a list server receives mail from another
list server it should be configured to whitelist such mail.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
I've spent time today trying to configure SPF, DKIM and DMARC for my domain.
Experience will determine how successful I have been.
The next step is to configure my mail system, running Postfix, to check
inbound mail using these mechanisms. Which tool do others prefer for this
purpose?
My DMARC record may be too strict; I essentially copied an example from
http://www.zytrax.com/books/dns/ch9/dmarc.html (with a slight modification to
change the address to which reports are sent). If necessary, I can switch to a
"quarantine" rather than a "reject" policy for SPF, DKIM or both.
Mailing list servers and their treatment of DKIM would be my main concern,
although in such cases, if I understand rightly, the recipient should use the
list server's DMARC record to determine the policy rather than mine, since
it's the list server which is actually sending the mail out.
/* No systemd religious wars please - thank you */
Hi folks,
I'm trying to get Slurm working on a RHEL7.2 system and I've hit an issue where
systemd is already using the cpuacct cgroup hierarchy and that prevents Slurm
from using it as it seems to be the one case where it can only be in use once.
I.e. having this mount create by systemd:
cgroup /sys/fs/cgroup/cpu,cpuacct cgroup rw,nosuid,nodev,noexec,relatime,cpuacct,cpu 0 0
causes:
12725 mount("cgroup", "/cgroup/cpuacct", "cgroup", MS_NOSUID|MS_NODEV|MS_NOEXEC, "cpuacct") = -1 EBUSY (Device or resource busy)
Anyone got any ideas on how to stop systemd from using it?
All the best,
Chris
--
Chris Samuel : http://www.csamuel.org/ : Melbourne, VIC
Hi folks,
I tried emailing the committee, but that just got moderated and I've not heard
anything since, so I was wondering are was any progress on fix the LUV mailing
list to not rewrite the From: header?
thanks,
Chris
--
Chris Samuel : http://www.csamuel.org/ : Melbourne, VIC
In 3-5 weeks the LUV server will no longer be running at it's current location
due to V3/VPAC closing.
We are in the process of making other hosting arrangements. One issue that is
yet to be discussed is where to host the lists, in the past Linux Australia
offered to host lists for us and we may take them up on that offer if it's still
available.
If anyone knows of an organisation that might offer us free hosting then please
email the committee.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/