Profile Details

Toggle Sidebar
Recent updates
  • Sam
    Sam replied to a discussion, ClearOS 8

    I know this is an open source project like many others, however - as long as it is also the basis for several commercial products (as is, for example, Fedora to RHEL), one would expect there to be a solid plan in place to deal with situations like this.

    I have had several customers that are testing out firewall devices I built them using ClearOS 7 (to test and see if they would like to purchase the Business version); but, like me, they are very trepidatious about moving to a commercial version unless they have some idea what is going on with the product since CentOS became a stream.

    It has been quite some time now (months), and we've seen the Phone, and other commercial products release - can someone over there throw us a bone, already?

    Otherwise I agree - we'll have to come up with another solution. It's January 2022. We need direction.

    [BTW - the hardware platform I built for them, using Supermicro and Gigabyte EPYC-based servers, is solid as a rock. Now, if only we had a clue whether we could use ClearOS as a platform...]

  • Sam
    Sam voted on the post, Re: ClearOS 8

    Okay, so we know that CentOS Stream is not a very good base for ClearOS. So does ClearOS have a roadmap for switching to something that will be?

    Or maybe the issue is "why isn't this 'Community' being kept up to date on ClearOS's plans"?

    I am not terribly interested in putting a new machine on 7.9 without knowing what is going to happen in a few short months. If I don't hear something soon, I'll have to move to a different distro.

  • Ken Hawkins wrote:

    If back in the 90's, I had built my servers on Debian, all I would have done over the years is apt-get dist-upgrade......:(


    Long-term Debian and Ubuntoo stalwart here...

    OTOH, pls be aware that you'll have all kinds of fun finding and building drivers for whatever hardware you've got.

    1/2 my time bringing up new platforms is wasted finding and/or building my own drivers... That's one of the sacrifices for a system like the Deb streams.

  • I have been happy with our email server being "set & forget" as I am a general IT support person, not a specialist. I would still make the recommendation to migrate to a new ClearBox appliance, except for the fact that I went through this EXACT scenario with Mac server OS. It was a nicely integrated server distro with excellent features, and while I argued -against- it at the time, I was over-ruled by the argument "Apple is a huge company with a solid track record; WTF is linux?" only to get burned bad when Apple dropped the server version. They also moved their best & brightest over to iOS, so the desktop OSX suffered a bit as well.

    With Clear now getting distracted with mobile devices and other services, I am left wondering about the long-term commitment. They have to earn dollars just like all their predecessors who bailed on selling software and instead using a subscription model, with no opt-out of changes or updates.

    I am seriously looking at a move to a Debian base and building a basic email server; that all I need at present.

    I have played this game for DECADES now with so many folks quoting the same bullshit:

    "Can't go wrong buying IBM"; then they quit the PC and OS business.
    "Can't go wrong buying an Apple server"; then they bailed on server distro
    "Can't go wrong buying Microsoft"; they are now pushing for subscription model and you won't be able to lock updates which can brick some custom software or older devices.
    "Can't go wrong buying RHEL"; yeah until IBM bought them...

    I am suspecting a pattern here...

    If back in the 90's, I had built my servers on Debian, all I would have done over the years is apt-get dist-upgrade......:(

  • Sam
    Sam updated their profile
  • Has anyone seen Eternal Silence on a ClearOS box?

    Caveat: not actually an "issue report", but there isn't a topic, so I picked the closest one. Don't panic.

    All,

    I've been running the MiniUPnP daemon for about six months, we've seen no such issue, but I was wondering if anyone else has seen an instance of this attack or even if there's any possibility of it being a zero-day on ClearOS?

    I'm suspecting not, but I wanted to raise a yellow caution-flag in case anyone else had been under a rock for the past few days and hadn't heard about this. :(

    Akamai folks found it on a number of router boxen for "home" use:

    Eternal Silence attack

    We're running:
    ClearOS release 7.5.0 (Final), Kernel 3.10.0-862.11.6.v7.x86_64

    Even though our installation doesn't appear to open this port, just to be safe, I added IPTABLES rule:

    $ iptables -I INPUT 14 -i enp5s1 -p udp -m udp --dport 1900 -j DROP

    which should drop any attempted connection to UDP port 1900 from the outside. It seems to work based on my limited testing and doesn't appear to damage anything else.

    Anywhoo, just bringing this up because I felt pestered by it. :)

    Happy firewalling everyone!

    ~Sam 'liverdonor' Felton

  • Sam
    Sam replied to a discussion, Where did natsemi go?

    ... well, just FYI, as promised, I am reporting on getting 7.2 running in a Hyper-V VM.

    See this post: Bootloader Config Fail (conversation)

  • Sam wrote:

    ...I've tried using a legacy virtual NIC, no dice...


    I got it working in Hyper-V on Windows 10 Enterprise. Finally.

    Many thanks to Kari at this site: Ten Forums Tutorial

    It wasn't enough to merely set the legacy NIC. It was also necessary to use the Generation 1 VM - Gen 2 apparently does not work. I had been told that downstream distros from Red Hat were capable of using Gen 2-type VMs but that apparently isn't always the case.

    Gen 2 does work fine with Debian-descendants.

    Still doesn't get us any closer to solving the OP's problem, though...

  • FYI, I've had the same issue on two different machines, in both cases in trying to install CoS7 in a VM. I've tried using a legacy virtual NIC, no dice. Both have different Realtek chipsets in the NICs (onboard, in both cases) - one's a 4-year-old Dell and the other's a 2-year-old Gigabyte MB with AMD chip/chipset. Hard to avoid the problem - I'd hazard a guess that 75% of the boards I've used in the last four years have Realtek chips on them.