2007-10-01, 12:31 | Link #243 | |
Yummy, sweet and unyuu!!!
Join Date: Dec 2004
|
Quote:
I've forced myself to stick to gnome due to all the enterprise level investment into it from Novell (even though they do support kde as well). I have to admit gnome was a bit too restrictive to use before I found the configuration editor. I mostly use xfce with darn small linux. In regards to my earlier question about securing laptops from physical attacks I found this great howto, and it is really easy to follow and encrypts most of the hard drive (apart from boot and swap) using dm-crypt. http://news.softpedia.com/news/Encry...04-61312.shtml It works really well, but I still will use truecrypt for encrypting my removable media to enable me to transfer to windows pcs.
__________________
|
|
2007-10-01, 13:05 | Link #244 | |
AS Oji-kun
Join Date: Nov 2006
Age: 74
|
Quote:
Personally, I'd choose Thunderbird + KOrganizer over Evolution any day. Heck, I even like KMail better than that bloatware called Evolution. But, then, I don't have a Microsoft Exchange server that I need to talk to, either. I especially dislike using Nautilus as a file manager. It's just too stripped-down and hides too much to make me satisfied. Konqueror blows it out-of-the-water in my mind. People tend to call KDE too much like MS Windows, but I think the developers of apps like Nautilus share the same mindset with the developers in Redmond. They both cater to users who do not need or want to do much beyond simple operations. My favorite video player is Kaffeine, the KDE front-end to Xine. The Kplayer front-end for Mplayer isn't as functional yet, but I can't recall anything I couldn't watch in Kaffeine once I had all the codecs. The last time I tried Totem it didn't come close to Kaffeine. KDE also has some very neat features. Here's just one. If you insert an audio CD, KDE gives you options to rip it with any codecs it has available. In the file manager it appears as though the disk came with Ogg, WAV, and MP3 versions along with the original files. The first time I noticed this I actually thought someone had sent me just such a multi-format disk until I realized that all the conversions were being handled by KDE. I'm open to being proven wrong on these scores, of course. I don't use GNOME every day, just once in a while when I'm setting up a CentOS or Fedora box before switching over to KDE.
__________________
|
|
2007-10-01, 19:23 | Link #245 | |
Yummy, sweet and unyuu!!!
Join Date: Dec 2004
|
Quote:
You raise an interesting point about functionality of KDE v Gnome (sorry I am summarising you last 4 points). From a personal point of view I do like more functionality the better, give me choice!!! I believe Linus' pov is Gnome is a desktop for stupid users.... But from an administrator pov I tend to lock things down as much as possible and tend to remove choice from the user (yeah I am a hypocrite in this sense ). So the limitations for the user in Gnome does actually suit my purpose there. I do see what you mean about ppl who compare konqorer to windows explorer (shudder), but I tend to find those ppl still carry a lot of windows baggage with them (not meant as an insult). Konquorer in my mind is far more flexiable then explorer is... I'd like to point out I actually am quite a noob when it comes to Linux desktop environments, I've only in the last year have migrated from XP to Linux for my personal desktop. I've always been a CLI'er for the past 10 ish years and have been actively pushing Linux server side at work. My home server generally never has the desktop loaded at all and sits there quite happily with the command prompt. I do actually respect all of the work that Red Hat have done and I've supported RHL from 1998 till version 7.3. I just fell out of love with them for various reasons and decided to concentrate on SuSE especially since I found out Novell were buying them (I work in higher education). I got into the habit of forcing myself to use the products I support quite a while ago, so I'm never too sure now if I am using something because I like it, or because I need to like it.
__________________
|
|
2007-10-01, 21:05 | Link #246 |
Geek
|
I have OpenSuse 10.2 in a virtual machine somewhere on my Mac. Its using Gnome as it was the default desktop. The changes they made to the main gnome menu were quite off-putting. The reliance on mono was annoying. Its even more annoying that they're trying to push mono into Gnome proper even though not everyone has patent protection like Novell's customers.
I've never touched zenworks or edirectory in a Linux environment. Is it that useful? Can you do stuff with it that you couldn't do with Kiosk or Pessulus in terms of locking down the desktop? If I were to deploy a large number of Linux desktops I'd set up a local package repository and only offer tested updates. I'd set up a cron job on the desktops to run to grab the packages and install. Does zenworks offer anything over this beyond possibly ease of use (for the admin)? Does edirectory offer much more than http://directory.fedoraproject.org/ with regards to authentication or user account management? Now let me rant about Evolution. As an exchange client it is god awful. It doesn't speak MAPI (or whatever exchange is using now) so you need to have OWA up and operational. This is not something that everyone has. Even when it is working its slow as hell. Every so often I yearn for an integrated mail/calendar/contacts app so I try Evolution again on my desktop at work (using Fedora 7 and Gnome) to connect to an IMAP server. It crashes a bunch of times and annoys the hell out of so I go back to Thunderbird. I really like the idea of Evolution. Its awesome clicking on the clock on the gnome bar thing and seeing my upcoming appointments under the little calendar. I just wish they would have used a better, more stable base. Evolution has always been a piece of crap dating back to when it was Ximian pushing it. Why Gnome decided to adopt it instead of writing something that didn't suck is beyond me. For example, today I noticed I had a new email, I click on it and the tasks application crashed. Zuh? Tasks? I wasn't looking at my tasks, the email didn't have any kind of ical invitation in it or anything. Why would tasks crash? Later in the day I'm in a full-screen virtual machine running on a vmware server in the lab. I get out of full-screen to see that evolution-data-server crashed. Why? Even better, why didn't bug-buddy know enough about it to automatically submit a bug report? At least it was automatically restarted. |
2007-10-01, 21:30 | Link #247 | |
Yummy, sweet and unyuu!!!
Join Date: Dec 2004
|
Quote:
In terms of managing desktops the idea is all the information to do with your network resources is stored in the cloud that is eDirectory, so you should only maintain one set of information. A good example is user accounts. When my user logs into a Mac, Windows or Linux, I want them to login using the same authentication details and I don't want to be maintaining 3 sets of auth details. This ofc is just a minor part to the overall product, other big areas are delivery of applications, enforcing polices, patch management and logistics. tbh a lot of the functionality required in an enterprise environment (thinking 10k + users) could be put together using lots of best of breed products and cobbled together using middleware, but the overhead imho isn't worth it. I've been supporting desktop wise XP and Mac in a 30k user environment and have just started trying to push Linux to the desktop. The reason why we could never roll out a Linux desktop other then for teaching or kiosk purposes was because we could not at the time integrate it into our overall network, which goes against one of our principle rules of simplifying. Then again the big guys did force us to adopt Exchange which means we now had to manage eDirectory and Active Directory bonded with middleware *cry* The fedora directory project is based on ldap which is the lightweight version of what eDir and AD which are based on which is x.500. ldap has imho lost is way and has become bloated over the years, but I guess it now has to as its functionality from querying ds's has evolved to one of being a ds... Just to give an idea of how the app delivery works, with windows as windows is far more pesky to deliver an app. I can snapshot an app and when the user wishes to use it, it transparently installs without any effort on their part. The main thing is I don't want my users actively installing anything on the resources I manage and I don't want to install something onto a resource if it is not going to be used on it. This of course is a very basic example and I haven't even covered selfhealing or more importantly management of licences etc.
__________________
Last edited by grey_moon; 2007-10-01 at 21:49. |
|
2007-10-02, 20:28 | Link #248 | |
Geek
|
Quote:
No one uses DAP (the protocol originally specified in X.519). AFAIK almost everything uses LDAP now including AD and eDirectory. DAP originally required an OSI protocol stack (TCP/IP isn't) so it never gained popularity. |
|
2007-10-02, 22:03 | Link #249 | |
Yummy, sweet and unyuu!!!
Join Date: Dec 2004
|
Quote:
Now maybe both eDir and AD are full LDAP now, but I remember that they were both based on x.500 and LDAP enabled (ie they support LDAP). Lets not try to muddy the waters by taking a single protocol out of a overall standard and saying the overall standard is no longer used. Lets consider the history of both protocols. x.500 is designed from ground up to be a DS. Pros - it has far more functionality Cons - complex ldap is designed originally to query and modify a DS. Actually the modifying was added at a later date. pros - lightweight cons - doesn't have the functionality of x.500 and adding the functionality to it makes it more like x.500 in terms of adding extra complexity Now a DS can be roughly summarised into 2 functions (sorry fellow techies for butchering the desc), which are storing the data and querying the data. Now just because the querying is done via the LDAP protocol it does not mean that the DS is LDAP based. <- Taking in the context of comparing it to the LDAP ds you posted about. But the thing is if you take it in context of my post in regards to the use of eDir and Zenworks, then what you should realised is the information could be stored in a text file (well you would have performance issues there ), but what counts is the functionality that can be utilised from the DS. You could store the every bit of knowledge known to mankind, but unless your system is able to use it in a sensible way then it is a waste of resources.
__________________
Last edited by grey_moon; 2007-10-02 at 22:13. |
|
2007-10-04, 16:19 | Link #250 |
Love Yourself
Join Date: Mar 2003
Location: Northeast USA
Age: 38
|
We should really rename this thread to just be called a general Linux thread, I think
Interesting news from Infoworld, they state that rooted Linux boxes are most commonly used in phishing webpage scams - not Windows boxen. However, Windows boxes are what make up the brunt of botnets. The article also mentions that rooted Linux boxes are sold "at a premium" on those black markets, and it's attributed to their stability (I have to wonder if it isn't also due to their rarity). What do you guys think? Is it because now Linux is becoming more mainstream and is beginning to experience PEBKAC issues (in other words, user error), flaws in designs of software that runs on top of Linux (the article attributes it to this), or just that Linux is becoming more highly targeted? I thought it was pretty frightening either way. Are there any ways to safeguard against rootkits, or to even find out whether your machine may be compromised? On a side note, I'm going to try installing Fedora alongside OpenSUSE (or I'll just nuke one of the OpenSUSE partitions - I don't want to risk a cranky GRUB by formatting the entire drive). I'm new to Fedora - are the "test" versions considered stable enough to use, similar to Ubuntu's regualar release versions (as opposed to Ubuntu's Long Term Support (LTS) versions), or should I stick with Fedora 7? Currently Fedora 8 Test 3 is at the top of their download page. I'd just like to be able to watch anime, browse the web (with Opera), properly utilize my dual-monitor setup (under OpenSUSE this was only satisfactory), and listen to music for now - things like remoting, virtual machines, streaming music, and such I'll deal with later. But if I can do those other things, then I can keep my machine booted into Fedora rather than Windows for the majority of the time.
__________________
|
2007-10-04, 19:52 | Link #251 |
Yummy, sweet and unyuu!!!
Join Date: Dec 2004
|
Hee hee since we are treating this as the general Linux thread *peers around for the off topic spank* OpenSuSE 10.3 is out. Darn it I wanted to break my laptop with Ubuntu upgrade first before breaking my server
@Ledgem - It doesn't surprise me at all. If i was going to categorise attacks in a really course way I would put them as: Directed attacks where the attacker wants to gain a specific resource to do something. Like the stories of hackers compromising edu/gov resources to gain a box to relay off to build a chain to hide their tracks (just one example) Non directed attacks where the attacker uses automated processes to attack as many machines as possible. Some examples are the zombie pcs for botnets (as mentioned in article), or spamming agents. These are automated attacks normally part of a automated script or via malware such as viruses (do I use virii here?) Now lets look as the benefits of attacking Linux and Windows and the possibility of doing it both ways. Directed Attacks Lets start with directed attacks as that the easiest to argue about. I would say that the attacker would have gained information about the target from a automated process, maybe their nmap scan has detected that the box is running a weak verson of ssh, php or iis etc. The attacker has to then actively use their tools (nowadays lots of tools make an attackers job too easy) to break into the box. Now if they had the choice of attacking a Linux or windows box I would say they would go for a linux box. I would say that most of these attacks are against non-hardened boxes and successful ones against a harden box are rare (for the same reason why people don't try to break into fort knox, as it isn't worth it). Why? Well traditionally a nix box has been well known to be the hackers swiss army knife. Once an attacker has root rights basically it is too easy for them to build and bury themselves with a root kit. Considering how the box they broke into has most probably not been properly hardened in the first place, the server admins would most probably be unaware of the compromise for a while which makes the resource valuable to the attacker. What I want to know is the flavours of the OS's that were compromised, as some are traditionally more secure. Non-directed Attacks Well these we hear about all the time as in viruses or spy-ware that plant trojans on users pcs and then make them into zombies for an attack network. There many other uses such as spamming mail agents etc. Now due to the nature of windows and the nature of the attack (the attacker wants as many boxes with as little effort as possible), the target most likely is windows. The reason why nix isn't targetted so much is its a lot harder to get a malware onto a machine (unless someone compromises a repo ). Now this does not mean there are no automated attacks for nix. For an example as soon as you run php apache (windows running lamp are at risk too), and u do not update your versions or even worse you deliberately poke holes into its security, then there are automated scripts that will try to compromise your box via these services (the same goes for anything including iis etc). The funny thing is once these web servers are compromised then they can be used to take out normal windows boxes to create the botnet... Conclusion Now I believe that a successful attacker isn't going to be like some of us admins who have our preferences in what OS we use. For them it is the the best tool for the best job. So in terms of the article it then makes sense that there are more windows boxes used as dumb attack agents such as zombie pcs and it makes sense that more clever attacks are done using a compromised nix box. Which is basically what the article concludes as. Isn't really new news, what would be good as I mentioned earlier is more data. For example is there a rise in the number of compromised nix boxes since a blah date. Is it a specific distro? Is it a specific country?
__________________
Last edited by grey_moon; 2007-10-04 at 20:28. |
2007-10-04, 19:54 | Link #252 | |
Gregory House
IT Support
|
@Ledgem
You might want to try out OpenSUSE 10.3, which was just released today . Who knows, you might have more luck with issues you had before. EDIT: Crap, beaten to it by grey_moon I do have two extra partitions (6 GB and 20 GB) with which I could try out OpenSUSE (with a KDE desktop, I want to see if I can get used to it now...), but the enormous size of the download scares me a bit. The 6 GB partition has a Debian installation which has broken fonts (I think it's because I linked the /home partition to my original Ubuntu /home folder and there's some sort of configuration conflict), and besides I've forgotten its root password, so it might be a good time to nuke it. Quote:
EDIT 2: Browsing around Slashdot, it seems I might have found the problem you had with the updater in your OpenSUSE installation, Ledgem. It seems the default updater is a program named ZMD which uses the dreaded Mono framework (Miguel de Icaza and Mono are the main reasons why I want to try KDE this time around, I'm just getting a bit afraid of the direction GNOME may take in the future...) and it's really, really buggy, and very prone to crashing. Here is some info from the Slashdot thread, though I should dig around in some official support forums for more info on it.
__________________
Last edited by WanderingKnight; 2007-10-04 at 20:24. |
|
2007-10-04, 20:28 | Link #253 | |||
AS Oji-kun
Join Date: Nov 2006
Age: 74
|
Quote:
Quote:
Quote:
After installing Fedora 7, run the following as root: Code:
rpm -ivh http://livna-dl.reloumirrors.net/fedora/7/i386/livna-release-7-2.noarch.rpm yum install mplayer* xine* k3b* kaffeine* kplayer* amarok* kdemultimedia* mencoder* Web browsing with Opera requires installing the Opera rpm from http://www.opera.com/download/. You can pick Fedora 7 from the list of options. Download the rpm, then run Code:
rpm -Uvh /path/to/the/opera.rpm As for dual monitors, it depends on your graphics card. If you have an nVidia card, add "kmod-nvidia" and "xorg-x11-drv-nvidia" to the yum command above. My experience is that this will pick the appropriate modules for your nVidia card. It worked fine with my 6600. There are also ATI drivers if you have one of those. For nVidia at least, there's a graphical management program that is installed as well. It will appear in the System sub-menu after installation. My guess is you can control multiple monitors with that. I only have one monitor so I can't be of much help here. A complete list of the Livna repository is here.
__________________
|
|||
2007-10-05, 02:01 | Link #254 |
Yummy, sweet and unyuu!!!
Join Date: Dec 2004
|
Red Hatters will be pleased to know that the big man is currently using Fedora
http://apcmag.com/7017/linus_torvald...f_linux_page_3 Good article btw with no swearing by Linus *shock*
__________________
|
2007-10-05, 08:48 | Link #255 |
Gregory House
IT Support
|
Well, I just installed OpenSUSE, and I've gotta say it feels quite responsive. Though I still haven't found the way to configure KDE to open folders on double click instead of single click... I remember doing so with Kubuntu was a breeze, but I can't seem to find it anywhere here. *EDIT* Nevermind, I found it Why didn't I look in the Peripheral section in the K Menu, I wonder...
I ran into a little issue when configuring my network, since it seems it didn't find my DNS network address immediately. Luckily enough, I was able to import the /etc/resolv.conf file from my Ubuntu installation. I don't have much to say about it yet, except the fact that the desktop feels really responsive. After I finish playing around with it for a while I'll post more comments.
__________________
|
2007-10-05, 09:00 | Link #256 | |
Yummy, sweet and unyuu!!!
Join Date: Dec 2004
|
Quote:
I'll be going for the gnome interface in an hours time if all goes well
__________________
|
|
2007-10-05, 10:17 | Link #257 |
Gregory House
IT Support
|
Okay, I think I borked GRUB. When I boot into Ubuntu, I get lots of messages about missing essential applications (like apt) and it boots me into a shell with root access. However, I didn't touch the Ubuntu partitions at all. Right now I don't have time (I've gotta go), but when I come back I'll try to write down the whole of the error messages and fix the issue. Perhaps I'll just have to reconfigure GRUB from the Ubuntu Live CD, though.
__________________
|
2007-10-05, 12:21 | Link #258 | |||||
Love Yourself
Join Date: Mar 2003
Location: Northeast USA
Age: 38
|
Quote:
Quote:
Quote:
Quote:
Quote:
I currently have the Fedora 7 ISO sitting on my drive. I'm a bit low on DVDs but it'll be worth trying it out. I'll also try upgrading OpenSUSE. We'll see how it goes; I don't expect the two to be drastically different.
__________________
|
|||||
2007-10-05, 12:45 | Link #259 |
Yummy, sweet and unyuu!!!
Join Date: Dec 2004
|
Both KDE and Gnome are the latest version in 10.3.
I've got to say that what ever they have done is funky, my boot time is noticeably quicker (why didn't I time it before installing?). Installation was a breeze, the only problem I encountered is my pata drives are no longer detected as hda but as sda instead which meant i had to scratch my head over what drive was what. It is a bit late for me now so I can't really play with it. Took 9 hrs to download. 40 mins to install the OS, but only 15 mins to reconfigure everything I run on it as I just copied and pasted sections out of my conf files. I love linux!
__________________
|
Tags |
linux, ubuntu |
|
|