Closed ZerooCool closed 4 years ago
Hi @ZerooCool,
Thanks for asking. It's something we did not document yet!
Here they are (May be changed in the future!): | Times are in UTC (Every day) | Start | End |
---|---|---|---|
Central Repository (GitHub) | ≈ 19:05 | ≈ 19:15 | |
API / Search engine | 19:05 | ≈ 19:20 | |
Central Mirror (hosts.ubuntu101.co.za) | 19:20 | ≈ 19:25 | |
DNS Server (#293) | 19:20 | ≈ 19:30 |
Sometimes because of network or other issues, it may take much more time. So, If you want to be on the safe side, always fetch from 20:15 (UTC) !
Hey @dnmTX @smed79, how could we document this correctly?
Stay safe and healthy.
Nissar
Ok ! I add this to my notes ! Thank you ! https://wiki.visionduweb.fr/index.php?title=Sommaire_S%C3%A9curit%C3%A9#T.C3.A9l.C3.A9charger_une_version_.C3.A0_jour_du_fichier_hosts.deny
Mentioned on debian user french, it was a question of the confidence granted as for the origin of the data.
Here I have to trust the downloaded content.
This could be fine-tuned, I suppose, with certificate checks, or, a check policy based on md5sum, or both, and, maybe even other methods that I'm gradually discovering.
Is something already there, to allow me to trust the download site?
Hey @ZerooCool I scouted the link you posted... as I don't speak french I was looking at the code.
What I stumbled on, is it seems you are missing a whitelist you run before imported external data (deny.host) which could lead to users gotten locked out from them self :selfie:
For a easy step to fill into you code lines you can use something like grep -v file1 file2
or the bit more complicated both yet easier at the end result
for w in whitelist
do
sed -i '/$w/d' path to host.deny
done
However this could maybe be enhanced by building an array first.
Normally, I do not block anything, because, only one user in my case is whitelisted.
The black list covers everything else.
I understand the idea despite everything, it would be to purge from the black list, all existing matches in the white list.
for w in /etc/hosts.allow
do
sed -i '/$w/d' /tmp/hosts.deny
done
After that, i cp /tmp/hosts.deny to /etc/hosts.deny
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
.
Hi @ZerooCool,
Thanks for asking. It's something we did not document yet!
Here they are (May be changed in the future!): Times are in UTC (Every day) Start End Central Repository (GitHub) ≈ 19:05 ≈ 19:15 API / Search engine 19:05 ≈ 19:20 Central Mirror (hosts.ubuntu101.co.za) 19:20 ≈ 19:25 DNS Server (#293) 19:20 ≈ 19:30
Sometimes because of network or other issues, it may take much more time. So, If you want to be on the safe side, always fetch from 20:15 (UTC) !
Hey @dnmTX @smed79, how could we document this correctly?
Stay safe and healthy.
Nissar
Put it before ADDITIONS / REMOVALS / CORRECTIONS
in the README as Sources get updated by...
or When is the list updated
When is the hosts.deny and superhosts.deny file regenerated ?
Every day ? Every week ? Each month ? I would like to know, to be able to optimize my tutorial and the periods on the cron tasks allowing the update.