Tarasca Logs

From Gruff Goat Wiki
Jump to: navigation, search

Please start each log entry with your signature which includes the date-time. Each new entry should go near the top of the page above all previous entries. You may easily indent your logs by using the div tag as shown.

 <div style="margin-left:1em">
 Log entries
 </div>

To Do

  • Address issues shown by portaudit from 25 Sep
  • Set NFS share on tarasca and mount from kingu
  • Add ability to access files remotely through VPN from Windows clients (might need WINS)

To Do 2009

  • Upgrade to 6.4-RELEASE

--Gary 25 Sep 2005 (CDT)

VPN on Draytek

Complete setup of VPN using IPSEC. See VPN - Draytek Vigor 2900

Security vulnerability updates

Action

 portaudit -Fda

Result

Database created: Sun Sep 25 13:10:16 CDT 2005 Affected package: unzip-5.51 Type of problem: unzip -- permission race vulnerability. Reference: <http://www.FreeBSD.org/ports/portaudit/9750cf22-216d-11da-bc01-000e0c2e438a.html>

Affected package: cups-base-1.1.23.0_4 Type of problem: xpdf -- disk fill DoS vulnerability. Reference: <http://www.FreeBSD.org/ports/portaudit/24eee285-09c7-11da-bc08-0001020eed82.html>

Action

 cvsup -g -L 2 /root/ports-supfile

/ Partition Space Shortage

Problem

Review of filesystem reveals that tarasca is not mounted onto millipede and therefore daily and weekly backups are being stored under /mnt. /mnt is located in the / partition.

Solution

  1. Create new directory /usr/backup
  2. Mv all backup files from /mnt to /usr/backup
  3. Modify backup scripts
    1. Write to /usr/backup
    2. Mount remote
    3. Move backup files to mount
    4. Umount remote


--Gary 11:57, 31 Aug 2005 (CDT)

Security vulnerability updates

Action

 portaudit -Fda

Result

Affected package: pcre-4.4 Type of problem: pcre -- regular expression buffer overflow. Reference: <http://www.FreeBSD.org/ports/portaudit/b971d2a6-1670-11da-978e-0001020eed82.html>

Affected package: cups-base-1.1.23.0_4 Type of problem: xpdf -- disk fill DoS vulnerability. Reference: <http://www.FreeBSD.org/ports/portaudit/24eee285-09c7-11da-bc08-0001020eed82.html>

Action

 cvsup -g -L 2 /root/ports-supfile
 portupgrade -n -r pcre
 portupgrade -i -r pcre

Upgraded pcre and nmap. No upgrade yet available for cups-base.

--Gary 11:09, 2 Sep 2005 (CDT)

  • SSH has trouble connecting locally, esp on interface 192.168.3.253