Re: firewall

[Aviram Jenik]

Shachar Shemesh Wrote:

[snip]
 In order to configure
 a firewall, any firewall, you need to really understand what are the
threats
 you are facing, and how the firewall you are configuring is meant to help
 you with defending against them. I know, to date, of no product that does
 not require configuration in order to work.


That's not entirely correct. There is an excellent firewall-generating
application called mason, that generates ipchains/ipfwadm scripts
automatically, by 'learning' the current network communication. I'm not
trying to claim it's as good as an ipchains rules a good administrator
writes from scratch, and I wouldn't dream of using that in a commercial
environment, but for home users it's more than enough to build a good
firewall script that actually *works*. I'd also recommend experienced
network administrators to take a look at this unique application, since it's
definitely an interesting concept.
Mason is available through the usual channels (freshmeat, etc), and there's
a review about it on SecuriTeam.com:
http://www.securiteam.com/tools/Mason_-_Automatic_firewall_builder.html


- Aviram



=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

firewall again + Mandrake Demoes

[solomon]

Hi again,

I probably should have said in my previous post that I'm interested in a
firewall for my home network connected to ADSL so the suggestions for
commercial software were not what I was looking for. In any case, thanks for
all the answers. At the moment I think I'll try pmfirewall and / or Mason
which sound like what I'm looking for.

BTW - if anyone is intersted there's a great tutorial on firewalls,
masquerading, and Internet sharing on www.mandrake.com in the DEMO section. I
was able to set up my network to share my ADSL connection by following the
steps. It may be **too detailed** for some since it's apparently meant for
newbies. They even explain trivial things like how to download the firewall
package, how to untar, and how to install.

There are also great tutorials on things like using RPM, window managers, etc.

//-
Shlomo Solomon
E-Mail: [EMAIL PROTECTED]
http://come.to/shlomo.solomon
Date: 19-Oct-2000   Time: 09:31:32

Message sent by XFMail on a LINUX Mandrake 7.0 machine
//-

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall again + Mandrake Demoes

[Tzafrir Cohen]

On Thu, 19 Oct 2000 [EMAIL PROTECTED] wrote:

 Hi again,
 
 I probably should have said in my previous post that I'm interested in a
 firewall for my home network connected to ADSL so the suggestions for
 commercial software were not what I was looking for. In any case, thanks for
 all the answers. Atthe moment I think I'll try pmfirewall and / or Mason
 which sound like what I'm looking for.

There's another option to consider, if you happen to have a spare 486.

There are a couple of one-floppy distributions (load from the floppy, run
with a ramdisk). Looking at
http://freshmeat.net/appindex/console/mini%20distributions.html I see a
couple of them, even one or two spesifically made for ADSL. Never tried
any, though.

You get a very simple system (no gcc for the intruder ;) and all the
configuration sits on a floppy. Make this floppy read-only, and nobody can
cause this machine a damage that can't be solved by pressing the reset
button and waiting for the system to come back up... (assuming you fixed
that hole, of course, otherwise the intruder might use it again).

 
 BTW - if anyone is intersted there's a great tutorial on firewalls,
 masquerading, and Internet sharing on www.mandrake.com in the DEMO section. I
 was able to set up my network to share my ADSL connection by following the
 steps. It may be **too detailed** for some since it's apparently meant for
 newbies. They even explain trivial things like how to download the firewall
 package, how to untar, and how to install.
 
 There are also great tutorials on things like using RPM, window managers, etc.

I believe some of them were translated to Hebrew by Or. Have a look at 
http://www.ivrix.org.il/projects/guides/guides.html 
(BTW Or: this page needs links up to the homepage).
Spesifically: the demo of RpmDrake:
http://www.ivrix.org.il/projects/guides/RpmDrake/RpmDrake.pdf

(Note that RpmDrake does not use rpmlib directly, like gnorpm and
kpackage. It uses urpmi, which adds another layer above rpmlib).

-- 
Tzafrir Cohen
mailto:[EMAIL PROTECTED]
http://www.technion.ac.il/~tzafrir


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall again + Mandrake Demoes

[Nadav Har'El]

On Thu, Oct 19, 2000, Tzafrir Cohen wrote about "Re: firewall again + Mandrake Demoes":
...
 I believe some of them were translated to Hebrew by Or. Have a look at 
 http://www.ivrix.org.il/projects/guides/guides.html 
 (BTW Or: this page needs links up to the homepage).
...

Actually, in the Ivrix.org.il homepage, you click on "Ongoing Ivrix Projects"
and in the page you get press the "home" link next to "Hebrew Documentation",
and you get there.

Maybe it's too hard to get there - I'm open to any suggestions on how to
redesign the website to make it easier to use (or volunteers to do it :))

-- 
Nadav Har'El|Thursday, Oct 19 2000, 20 Tishri 5761
[EMAIL PROTECTED] |-
Phone: +972-53-245868, ICQ 13349191 |If God is watching us, the least we can
http://nadav.harel.org.il   |do is be entertaining.

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: KDE 2.0pre quoncorse Hebrew

[Hetz Ben Hamo]

Hi,

Tzafrir Cohen wrote:
 
 On Wed, 18 Oct 2000, Hetz Ben Hamo wrote:
 
  2 things:
 
  1. You'll need the Windows fonts - just copy the c:\windows\fonts directory and
  run "ttmkfdir your dir" and then add it to your xfs with
  "/usr/sbin/chkfontpath --add your dir with full path" and at the end - re-run
  your xfs again..
 
 
 I believe both ttmkfdir and chkfontpath were added to RH6.0 (and also to
 Mandrake 6.0). I have no idea how well do they apply to other distros.
 
  2. changing the fonts for the various encoding has been added lately - and you
  can see it on the rc2 packages onwards...
 
 
 I didn't understand you: Can Konquerer use iso-8859-8 fonts (with rc2
 onwards)?

Yes, sure.

Basically - with KDE 2.0 rc2 and upwards (final KDE 2.0 will be out this monday
btw. The rpm's are ready, but it seems there are some problems with KDM, so a
new set of RPM's are being prepared by bero from Redhat as I write this email) -
you can change any of the encoding font's - exactly as you can change in
Netscape (e.g: selecting encoding - and modifying the fonts for this ISO).

 
 In the previous message Hetz seems to have forgotten another major
 problem, which is the fonts. Most KDE2 programs need unicode fonts
 (iso10646-1). Although Konquerer maybe a special case (see my question
 above).

Let me correct myself:

You'll need the unicode fonts for the menus translations for Hebrew, and for the
title window in konqueror. You don't need it for anything else...

You do need the true-type fonts for Logical and Visual Hebrew. So you'll have to
add hebrew true type fonts (either the elmar fonts or the Windows fonts).

 
 At the moment the only availble Hebrew unicode fonts (besides gnu unifont
 and similar limited fonts) are TrueType fonts. The easiest to get -- ones
 from microsoft (either from the nearby windows workstation/partition or
 from http://microsoft.com/typography - the fonts Arial, Courier New and
 Times New Roman (Also Tahoma from Hebrew Windows). They are in some format
 of a self-extracting archive, which can also be extracted by cabextract
 (search http://freshmeat.net).
 
 Once you have the TTF files, you still need a fonts server that can
 display them.
 
 There is xfstt (availble for debian and SuSE) and xfsft . RH6 (and some
 others, as mentoined above) patched XFree3's xfs with some patches from
 xfsft (or something similar). It also added the (sometimes buggy)
 chkfontpath, which helps automates font path changes.
 Note that RH's ttmkfdir won't add the iso10646-1 encoding. Its output has
 to be slightly edited. I wrote a small script to do that (I don't have the
 URL right now, but look for 'ttmkfdir-heb' in the archives of the
 ivrix-discuss list).

Good luck. Seems no one have added to ivrix a search engine, and I didn't found
anything. Anyone can give a link?

 
 I think versions of xfstt previous to 1.1 were problematic in terms of
 supporting iso8859-8 fonts. I don't know what about unicode encodings.

The Unicode problem (from redhat view) is with the xfsft. Users of XFree 4.0.x
have the luxury of built in true type fonts (just don't forget to make
"mkfontdir directory of fonts"). I haven't tested it on my RH 6.2 (one of my
machines is dead and I need to take it for repair)..

 
 XFree4 has support for TrueType fonts. However - I don't know much about
 it. Can anyone elaborate?

See above :)

Hetz

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall

[Yosi]

Hi Eli,

Thanks for the link. It is very interesting. BTW, I didn't want to
start a flame war on the list, but if I was that guy who asked the
question, I'd probably use OpenBSD and not Linux. I think that this
guy will probably install the Firewall on his working machine, which
is not a good idea.

Yosi

An excellent benchmark and survey of Linux firewalls was published by
LinuxWorld. It contains comparisons, guides, descriptions about the
various types of firewalling, and covers both commercial and free
offers. You may find it at:

http://www.linuxworld.com/linuxworld/lw-2000-10/lw-10-fwproducts1.html

--
Eli Marmor

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Error in post

[Yosi]

Hi List,

I have posted a private e-mail to Eli Marmor, and accidently sent
it to the whole list. The major reason I sent it to Eli privately
was because I did not want to start a flame war on this list.
Please disregard my post. I appologize for making that mistake.

Yosi
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: KDE 2.0pre quoncorse Hebrew

[Tzafrir Cohen]

On Thu, 19 Oct 2000, Hetz Ben Hamo wrote:

 Hi,
 
 Tzafrir Cohen wrote:
  
  On Wed, 18 Oct 2000, Hetz Ben Hamo wrote:
  
   2 things:
  
   1. You'll need the Windows fonts - just copy the c:\windows\fonts directory and
   run "ttmkfdir your dir" and then add it to your xfs with
   "/usr/sbin/chkfontpath --add your dir with full path" and at the end - re-run
   your xfs again..

I'm not sure that's the smartest idea. Some fonts may be problematic. Note
that chkfontpath is (at least on my machine) a bit buggy . 
Mandrake 7.1 comes with a utility that extractes (by defaul all of
the) TTFs from windows parrtition and installs them. I rememebr reading
about problems caused by fonts such as David and Miriam.  Perhaps it would
be better to stick with unicode fonts, such as Arial, Courier New, Lucida,
Tahoma, and Times New Roman.

Have a look at:
ftp://linux.org.il/pub/Hebrew/Mandrake-Hebrew/heb-font-from-win.pl


anyway In the worst-case scenario your X server will crash, and when it
will try to reload it will spit an error message about not being able to
find the font 'fixed' (and the reason is that all the fonts come from the
fonts server, which is now not availble).

On the really worst-case scenario you will run chkfontpath --remove (or is
it --del ?) and it will fail for some starange reason, for instance,
because you added a slash in the end of the path.
(because of the above reason I usually cd into the target directory and
run 'chkfontpath --add `pwd`').

In that case you'll be forced to (heaven forbids!) manually edit
/etc/X11/fs/config and remove the faulty line (mind the comma).

  
  In the previous message Hetz seems to have forgotten another major
  problem, which is the fonts. Most KDE2 programs need unicode fonts
  (iso10646-1). Although Konquerer maybe a special case (see my question
  above).
 
 Let me correct myself:
 
 You'll need the unicode fonts for the menus translations for Hebrew, and for the
 title window in konqueror. You don't need it for anything else...

OK. Here is something which may be related, but probably isn't.
Ever since I started to use licq with a qt_gui that uses qt2, I wan't able
to view Hebrew. Actually I never tried to use iso10646-1 fonts (only tried
iso8859-8 fonts, which looked like gibrish), and it will be a while until
I will be able to try this. Has anybody managed to read Hebrew from the
qt_gui of licq (with qt2)?

The point is that probably all sorts of widgets will use unicode-encoded
text, and at some point you'll have to be able to read it.

 
 You do need the true-type fonts for Logical and Visual Hebrew. So you'll have to
 add hebrew true type fonts (either the elmar fonts or the Windows fonts).

Sorry. I didn't understand you here:

What has the type of the font to do with the direction of Hebrew?
(Are TrueType fonts unicode fonts by definition, or is it simply that most
of the unicode fonts availble at the moment are TrueType?)
Anyway, the elmar fonts are not TrueType fonts, and only supply iso8 and
iso1 .

 
  
  At the moment the only availble Hebrew unicode fonts (besides gnu unifont
  and similar limited fonts) are TrueType fonts. The easiest to get -- ones
  from microsoft (either from the nearby windows workstation/partition or
  from http://microsoft.com/typography - the fonts Arial, Courier New and
  Times New Roman (Also Tahoma from Hebrew Windows). They are in some format
  of a self-extracting archive, which can also be extracted by cabextract
  (search http://freshmeat.net).

I'm now in a more decent environment, so here are some links:
http://microsoft.com/typography/fontpack/default.htm
http://www.kyz.uklinux.net/cabextract.php3

  
  Once you have the TTF files, you still need a fonts server that can
  display them.
  
  There is xfstt (availble for debian and SuSE) and xfsft . RH6 (and some
  others, as mentoined above) patched XFree3's xfs with some patches from
  xfsft (or something similar). It also added the (sometimes buggy)
  chkfontpath, which helps automates font path changes.
  Note that RH's ttmkfdir won't add the iso10646-1 encoding. Its output has
  to be slightly edited. I wrote a small script to do that (I don't have the
  URL right now, but look for 'ttmkfdir-heb' in the archivesof the
  ivrix-discuss list).
 
 Good luck. Seems no one have added to ivrix a search engine, and I didn't found
 anything. Anyone can give a link?

ttfmkdir-heb (a really simple script, as I said):
http://ivrix.org.il/mailing-lists/ivrix-discuss/2000/08/0008.html

 
  
  I think versions of xfstt previous to 1.1 were problematic in terms of
  supporting iso8859-8 fonts. I don't know what about unicode encodings.

Looking down the thread linked above I see in a post:

 I just tried running xfstt with the following flags: 

 xfstt --daemon --encoding 'iso10646-1' --port 7101 

 After doing xset fp rehash I now get a listing of 
 iso10646-1 fonts. 

-- 
Tzafrir Cohen
mailto:[EMAIL PROTECTED]
http://www.technion.ac.il/~tzafrir

Re: firewall

[Ben-Nes Michael]

Hi All

Can an open source, free programs in one way or another get to the level of
option that FW-1 have ?

Shachar Shemesh wrote:


 Regarding the commercial products available - I know FW-1, and it has very
 high capabilities (it has a finer enforcment capabilities than simply using
 IPChains).

--
Canaan Surfing Ltd.
Internet Service Providers
Ben-Nes Michael - Manager
Tel: 972-6-6925757
Fax: 972-6-6925858
http://www.canaan.co.il
--



=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall

[Eli Marmor]

Yosi wrote:

 Thanks for the link. It is very interesting. BTW, I didn't want to
 start a flame war on the list, but if I was that guy who asked the
 question, I'd probably use OpenBSD and not Linux. I think that this
 guy will probably install the Firewall on his working machine, which
 is not a good idea.

I know that Yosi's intention was to send this e-mail privately. But
it was sent to the list, and before a flame-war will begin, I want
to note that what he wrote about OpenBSD is considered a concensus
among the experts. I'm not an expert (my main *BSD's experience is
with NetBSD), but this is what the experts claim, so please think
twice before flaming him.

On the other hand, most people know Linux better and deeper, and this
is an important consideration too (you can defend an OS you know,
better than an OS you don't know). On the 3rd hand, hacker's knowledge
of Linux is higher too. So I'm not sure

-- 
Eli Marmor

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall

[Shachar Shemesh]

Duplicating exactly the FW-1 functionality in an opensource project is not
practical, due to a patent on stateful inspection. This gives the FW-1 product
the ability to open specific ports that would normally be blocked, because, for
example, an FTP protocol request required that port. If you wanted to support the
same protocol with a static packet filtering firewall (such as IPChains), either
this, or probably a lot more, ports would have to be permanently open. To the
best of my understanding, hoping to get a license to implement a patent in an
open source project is almost always impossible (with the RSA example as an
exception, and a rather weak one at that).

It may be possible to bypass the patent by employing some sort of traffic sniffer
that changes the rules on the fly. This greatly depends on the exact wording of
the checkpoint patent.

Shachar

Ben-Nes Michael wrote:

 Hi All

 Can an open source, free programs in one way or another get to the level of
 option that FW-1 have ?

 Shachar Shemesh wrote:

 
  Regarding the commercial products available - I know FW-1, and it has very
  high capabilities (it has a finer enforcment capabilities than simply using
  IPChains).

 --
 Canaan Surfing Ltd.
 Internet Service Providers
 Ben-Nes Michael - Manager
 Tel: 972-6-6925757
 Fax: 972-6-6925858
 http://www.canaan.co.il
 --

 =
 To unsubscribe, send mail to [EMAIL PROTECTED] with
 the word "unsubscribe" in the message body, e.g., run the command
 echo unsubscribe | mail [EMAIL PROTECTED]


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: KDE 2.0pre quoncorse Hebrew

[Hetz Ben Hamo]

1. You'll need the Windows fonts - just copy the c:\windows\fonts directory and
run "ttmkfdir your dir" and then add it to your xfs with
"/usr/sbin/chkfontpath --add your dir with full path" and at the end - re-run
your xfs again..
 
 I'm not sure that's the smartest idea. Some fonts may be problematic. Note
 that chkfontpath is (at least on my machine) a bit buggy .
 Mandrake 7.1 comes with a utility that extractes (by defaul all of
 the) TTFs from windows parrtition and installs them. I rememebr reading
 about problems caused by fonts such as David and Miriam.  Perhaps it would
 be better to stick with unicode fonts, such as Arial, Courier New, Lucida,
 Tahoma, and Times New Roman.
 

We already discussed this in the previous email :)

I see that you included the link at the end of the email - so I'll try this
later here..

 
  
   In the previous message Hetz seems to have forgotten another major
   problem, which is the fonts. Most KDE2 programs need unicode fonts
   (iso10646-1). Although Konquerer maybe a special case (see my question
   above).
 
  Let me correct myself:
 
  You'll need the unicode fonts for the menus translations for Hebrew, and for the
  title window in konqueror. You don't need it for anything else...
 
 OK. Here is something which may be related, but probably isn't.
 Ever since I started to use licq with a qt_gui that uses qt2, I wan't able
 to view Hebrew. Actually I never tried to use iso10646-1 fonts (only tried
 iso8859-8 fonts, which looked like gibrish), and it will be a while until
 I will be able to try this. Has anybody managed to read Hebrew from the
 qt_gui of licq (with qt2)?

Donno. I'm using kicq-2 (runs only on kde 2) from cvs and I haven't tried Hebrew
with it yet..

 
 The point is that probably all sorts of widgets will use unicode-encoded
 text, and at some point you'll have to be able to read it.
 
 
  You do need the true-type fonts for Logical and Visual Hebrew. So you'll have to
  add hebrew true type fonts (either the elmar fonts or the Windows fonts).
 
 Sorry. I didn't understand you here:
 
 What has the type of the font to do with the direction of Hebrew?
 (Are TrueType fonts unicode fonts by definition, or is it simply that most
 of the unicode fonts availble at the moment are TrueType?)
 Anyway, the elmar fonts are not TrueType fonts, and only supply iso8 and
 iso1 .

Where do u see that I'm talking about directions of hebrew? I'm saying that both
logical and Visual hebrew are now showing on Konqueror with true type fonts. It
doesn't use the unicode fonts on konqueror at all (only at the window title). 

Which means: if you don't have Unicode fonts - you could still browse Logical
and Visual hebrew perfectly. (I'll try to do some tests with your unicode script
convert at home today)

 
  Good luck. Seems no one have added to ivrix a search engine, and I didn't found
  anything. Anyone can give a link?
 
 ttfmkdir-heb (a really simple script, as I said):
 http://ivrix.org.il/mailing-lists/ivrix-discuss/2000/08/0008.html
 

Thanks for this one :)

I just wonder Tzafrir, why don't u give the kde2 a test? just grab the
kdesupport,kdelibs and kdebase - compile and try -- it won't take more then 90
minutes of your time...

Thanks
Hetz

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall

[Nadav Har'El]

On Thu, Oct 19, 2000, Shachar Shemesh wrote about "Re: firewall":
 Duplicating exactly the FW-1 functionality in an opensource project is not
 practical, due to a patent on stateful inspection. This gives the FW-1 product
 the ability to open specific ports that would normally be blocked, because, for
 example, an FTP protocol request required that port. If you wanted to support the
 same protocol with a static packet filtering firewall (such as IPChains), either
 this, or probably a lot more, ports would have to be permanently open. To the
..

I don't know anything about the patent, but Linux already has "stateful
inspection", in its masquarading code. If you have a linux firewall, and
a network of other computers behind it, Linux does IP masquarading very
nicely, and knows to allow incoming packets only on open sessions. You also
have "masq" modules that can allow incoming packets/connections "related"
to an open session - for example, FTP needs another port opened besides the
one you're opening.

Unfortunately, ipchains itself does *NOT* support sessions, so you can't
allow, for example, incoming packets (destined for the LINUX HOST ITSELF,
not masquaraded hosts behind it) to be allowed only if the local host opened
the port first. Iptables, the firewalling code in the 2.4 kernel, will
support this, and I'm really looking forward for it - I'm not sure if FW1
will have anything better in the firewall area than Linux after that (and
I'm not talking on VPN or proxy support now).

But ipchains works very nicely even without supporting sessions. One very
important feature that you should be aware of is the "-y" option, that
allow incoming packets, but not incoming TCP packets with SYN on (i.e., even
if the attacket sends packets to some open port, and even if something is
listening on that port, the attacker will *not* be able to make the connection!
For example, to safely allow HTTP connections to port 80 on other computers
(without having to hassle with proxies, etc.), and data returning to your
own port, use the ipchains rules:

-A output -p TCP --dport 80 --sport 1024: -j ACCEPT
-A input -p TCP ! -y --sport 80 --dport 1024: -j ACCEPT




-- 
Nadav Har'El|Thursday, Oct 19 2000, 20 Tishri 5761
[EMAIL PROTECTED] |-
Phone: +972-53-245868, ICQ 13349191 |A city is a large community where people
http://nadav.harel.org.il   |are lonesome together.

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall

[Shachar Shemesh]

This brings us back to the other flame war. The one about whether the
mailing list should automatically add the "reply-to:" field to the list.

I feel a bit guilty about this. It all started by me asking why I should
get every mail twice (people hitting "reply-to all"). The result were, on
one hand, an email by Nadav asking to add the "Reply-To:" field to the
headers. On the other hand, there was an email by Gilad explaining (or
actually - pointing) about why a mailing list should NOT add "Reply-To:"
headers.

One of the reasons mentioned there for not adding the header was that this
causes you to risk a personally intended email to be sent to the entire
list, as well as losing needed information in order to be able to contact
the original poster, and necessiting manual operation in order to actually
reply in private.

Due to all that hassle, and the extremly "under cover" approach that both
Yosi and Eli have taken about the misdirected email, I vote the
"reply-to:" field be removed from the headers.

One last note - it seems that we don't have as many "Linux rulez, BSD
sucks" zealots here as was expected. Thank goodness for small miracles.

Shachar

Eli Marmor wrote:

 Yosi wrote:

..


 I know that Yosi's intention was to send this e-mail privately. But
 it was sent to the list, and before a flame-war will begin, I want
 to note that what he wrote about OpenBSD is considered a concensus
 among the experts. I'm not an expert (my main *BSD's experience is
 with NetBSD), but this is what the experts claim, so please think
 twice before flaming him.

..

 --
 Eli Marmor



=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Linux on Dell OptiPlex GX110

[Shahar Dag]

Hi

I am installing RedHat 6.2 on Dell OptiPlex GX110
the installation failed to install X but all the rest of the system seems OK
(in run level 3 it boots  works)
I downloaded from the dell support site the rpm with the display drivers,
but the X still not running (when booting to runlevel 5 I get a blinking
screen)
using Xconfigurator don't help

Can somebody help with this

Thanks
Shahar Dag


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: Linux on Dell OptiPlex GX110

[zuri zadok]

try more gaming with Xconfigurator ,with good look on the type of the
graphic card and low resolution of the screen
it's must work

good luck

ZZ



- Original Message -
From: Shahar Dag [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, October 19, 2000 3:24 PM
Subject: Linux on Dell OptiPlex GX110


 Hi

 I am installing RedHat 6.2 on Dell OptiPlex GX110
 the installation failed to install X but all the rest of the system seems
OK
 (in run level 3 it boots  works)
 I downloaded from the dell support site the rpm with the display drivers,
 but the X still not running (when booting to runlevel 5 I get a blinking
 screen)
 using Xconfigurator don't help

 Can somebody help with this

 Thanks
 Shahar Dag


 =
 To unsubscribe, send mail to [EMAIL PROTECTED] with
 the word "unsubscribe" in the message body, e.g., run the command
 echo unsubscribe | mail [EMAIL PROTECTED]


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

intel board

[erez]

HI

I've installed linux ( 6.2 and 7 ) on an intel all-in-one board ...
it does not recognise the eth card nor the usb nor the display ( only
vga mode ... )


any ideas ?


regards
erez.


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall

[Gilad Ben-Yossef]

Nadav Har'El wrote:
 
 On Thu, Oct 19, 2000, Shachar Shemesh wrote about "Re: firewall":
  Duplicating exactly the FW-1 functionality in an opensource project is not
  practical, due to a patent on stateful inspection. This gives the FW-1 product
  the ability to open specific ports that would normally be blocked, because, for
  example, an FTP protocol request required that port. If you wanted to support the
  same protocol with a static packet filtering firewall (such as IPChains), either
  this, or probably a lot more, ports would have to be permanently open. To the
 ..

One thing not commonly mentioned in regard to "stateful inspection" is
the risk it *introduces* to your setting.
Consider the following obvious fact: for statefull inspection the
firewall is required to keep state for any entity it tracks, such as
open connections.

A possible attack is then to open as many connection as you can in a
short time to force that connection table to fill up. This is not (any
more) an academic discussions - SYN attacks, which are basically based
on the same principle (but happening at the bastion server, not the
firewall) is what caused in the last year major players like Yahoo and
eBay to fall down. Using a "stateful inspection" firewall introduces yet
another point of failure to your setup.

Of course, since a firewall, by definition, is a "bump on the network",
it's a point that's even better to exploit then a specific bastion
server, because it takes down the entire network. 

Now of course firewalls are designed with such things in mind (at least
FW-1 does). So for example, they used short timers to throw out stale
connections, but because of the way TCP/IP is built, there is a limit to
how good you can make this behave without starting to throw out real
slow connections, especially taking into account TCP's known "slow
start" feature.

So what's the conclusion? don't use stateful inspection? no. Just that a
firewall, like any other security feature is not a magic word. You need
to consider when and how to use it and which one to choose based on the
situation at hand and not "brand name". The fact that product X is
buzzword complaint does not make it, necessarily, what you need.

OK, I'll step of my soap box now... ;-)

Gilad.


-- 
Gilad Ben-Yossef [EMAIL PROTECTED] 
http://kagoor.com :: +972(54)756701
"Money is the root of all evils. Send $20 for more info..."

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: intel board

[Gilad Ben-Yossef]

[EMAIL PROTECTED] wrote:

 I've installed linux ( 6.2 and 7 ) on an intel all-in-one board ...
 it does not recognise the eth card nor the usb nor the display ( only
 vga mode ... )


Yes, the Intel all in one chipsets makes trouble for Linux, but it does
work.
You didn't tell us the exact chipset the board uses, so I'm assuming the
810:

For the NIC, make sure /etc/conf.modules contains the right module name.
I As far as I can remember the RH installation does not recognise it,
but if you pick the right module (read: driver) it will work.
It should be eepro100.o, AFAIK.

The X display is less good - you will have to download a binary kernel
module (!) from Intel to make it work. 
You can get it from
http://support.intel.com/support/graphics/intel810/linuxsoftware.htm


-- 
Gilad Ben-Yossef [EMAIL PROTECTED] 
http://kagoor.com :: +972(54)756701
"Do not believe in miracles -- rely on them."

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall

[Nadav Har'El]

On Thu, Oct 19, 2000, Gilad Ben-Yossef wrote about "Re: firewall":
 One thing not commonly mentioned in regard to "stateful inspection" is
 the risk it *introduces* to your setting.
 Consider the following obvious fact: for statefull inspection the
 firewall is required to keep state for any entity it tracks, such as
 open connections.
 
 A possible attack is then to open as many connection as you can in a
 short time to force that connection table to fill up. This is not (any
 more) an academic discussions - SYN attacks, which are basically based
 on the same principle (but happening at the bastion server, not the
 firewall) is what caused in the last year major players like Yahoo and
 eBay to fall down. Using a "stateful inspection" firewall introduces yet
 another point of failure to your setup.
..

This is a good point, but I think it's not much of a problem usually,
because of two reasons:

1) In a home network, or even office network: In this case, the main concern
   is to prevent cracking into your system, and prevent remote-control trojans
   inside your system from working even if the got inside (e.g., someone clicked
   on that "VBS" attachment). Most people would not really care to protect
   their system against DoS attacks.

2) Correct me if I'm wrong, but I don't see much point in doing stateful
   inspection on a *LISTENING* port. I mean, if you have an http server
   listening on port 80, then what would you gain by trying to follow the
   incoming sessions in the firewall? Are you interested in catching non-SYN
   segments of a non-existant connection and not return an RST? Why? Or
   are you trying to prevent weird "replies" to hosts that never asked a
   question? Why? (if this is to prevent trojans from connecting out, they have
   other ways to communicate out, usually... you can also prevent outgoing SYNs)

   So the firewall should not be doing stateful inspection or session checking
   or whatever you all it on packets coming to port 80, so I don't see how
   it can be overloaded.

   I see the importance of stateful inspection in the other direction: i.e.,
   a user from inside the firewall makes a connection, and we want to allow
   packets to return to him, but only from the one machine he's connected to -
   we don't want to open up everything from every machine just to allow this
   connection. I don't see how a DoS attack can be done remotely in such a
   case.

-- 
Nadav Har'El|Thursday, Oct 19 2000, 20 Tishri 5761
[EMAIL PROTECTED] |-
Phone: +972-53-245868, ICQ 13349191 |I'm a peripheral visionary: I see into
http://nadav.harel.org.il   |the future, but mostly off to the sides.

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall

[Aviram Jenik]

 Due to all that hassle, and the extremly "under cover" approach that both
 Yosi and Eli have taken about the misdirected email, I vote the
 "reply-to:" field be removed from the headers.

I second that. Please correct me if I'm wrong, but I believe Shachar was the
only one that asked for the reply-to feature. If my memory serves me right
(and it rarely does), there's no reason not to remove this problematic
header now that Shachar is voting for the other side...

- Aviram


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall

[Nadav Har'El]

On Thu, Oct 19, 2000, Aviram Jenik wrote about "Re: firewall":
 
  Due to all that hassle, and the extremly "under cover" approach that both
  Yosi and Eli have taken about the misdirected email, I vote the
  "reply-to:" field be removed from the headers.
 
 I second that. Please correct me if I'm wrong, but I believe Shachar was the
 only one that asked for the reply-to feature. If my memory serves me right
 (and it rarely does), there's no reason not to remove this problematic

Hehhheem... Hehhheem...
I also wanted to have this header...

I still think that the reply-to header's benfits outway its problems, and
that people on a discussion list (not than an announcement list), should
not be conveniently replying to one another by email, and should enlighten the
rest of us with their reply.
Remember, that when somebody on the list asks a question, there's a high
probability that other people are interested in this question too - so any
replies directly to the person asking the question robs the other people on
the list of a chance to read those replies too.

But I lived with linux-il being the way it was for a year, and if you change
it back, I guess I will live with it again :)

To reply-to or not to reply-to, that is the question!

-- 
Nadav Har'El|Thursday, Oct 19 2000, 21 Tishri 5761
[EMAIL PROTECTED] |-
Phone: +972-53-245868, ICQ 13349191 |A fine is a tax for doing wrong. A tax
http://nadav.harel.org.il   |is a fine for doing well.

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Fw:

[zuri zadok]

  
  Hi
  i want to be a linux redhat 6.2 client of 
  Sun solaris nfs server but i get an RPC timeout
  
  solaris to solaris it's O.K
  
  
  thanks
  ZZ

Re:

[zuri zadok]

  

  Hi 
  
  i started to get inside LINUX networking 
  stuff and i nead help with a strange situation.
  
  i want to make a linux router 
  station
  
  i have 2 interfaces on that station 
  
   
  1---192.9.226.254
   
  2---192.9.230.254
  
  i have 2 station in bote sides (sun solaris 
  statinos)
   
  1---192.9.226.1
   
  2---192.9.230.1
  
  i can see the 2 interfaces of the router from 
  bote end station , but i can't get from one end station to other end 
  station on the other network.
  
  i enabeld theip routing on the 
  router station from the linuxconf (routed deamon)
i 
  configure the /etc/sysconfig/networks to FORWARD_IPV4="yes"
inside 
  the /proc/sys/net/ipv4/ip_forward there is "1".
  what more need to be done that cuse the 
  routing work ??
  
  and 1 more 
  
  why i cant telnet to the router with root 
  user?,(i can do it with a new user i created) i fail when i tried to write 
  the passwd line (i fail on that with an error :incorrect 
  passwd)
   i chenged the 
  /etc/securetty file inside with remarks on all tty's
  what more need to be 
done??
  thanks 
  zz
  
  

Re: Fw:

[Henry Ficher]

On Thu, 19 Oct 2000, zuri zadok wrote:

 
   Hi
i want to be a linux redhat 6.2 client of Sun solaris nfs server
 but i get an RPC timeout
 
   solaris to solaris it's O.K
 
 
   thanks
   ZZ
 

Is your portmap running?


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall

[Shachar Shemesh]

Ahem Ahem

Actually, I did not ask for the "Reply-To:" field. I asked that people doing
the actual reply not reply to both me and the list.

This is a technicality. I was not aware of the very good reasons mentioned
in Gilad's mail, and so I did have a change of heart on that matter.

Nadav - sorry, but so far you are the only voice in favour of the "reply-to"
field.
Nothing personal.

Shachar

- Original Message -
From: "Aviram Jenik" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, October 19, 2000 6:20 PM
Subject: Re: firewall


 
  Due to all that hassle, and the extremly "under cover" approach that
both
  Yosi and Eli have taken about the misdirected email, I vote the
  "reply-to:" field be removed from the headers.
 
 I second that. Please correct me if I'm wrong, but I believe Shachar was
the
 only one that asked for the reply-to feature. If my memory serves me right
 (and it rarely does), there's no reason not to remove this problematic
 header now that Shachar is voting for the other side...

 - Aviram


 =
 To unsubscribe, send mail to [EMAIL PROTECTED] with
 the word "unsubscribe" in the message body, e.g., run the command
 echo unsubscribe | mail [EMAIL PROTECTED]




=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: Linux on Dell OptiPlex GX110

[Omer Musaev]

zuri zadok wrote:

 try more gaming with Xconfigurator ,with good look on the type of the
 graphic card and low resolution of the screen
 it's must work
 
 good luck
 
 ZZ
 
 
 
 - Original Message -
 From: Shahar Dag [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Sent: Thursday, October 19, 2000 3:24 PM
 Subject: Linux on Dell OptiPlex GX110
 
 
 
 Hi
 
 I am installing RedHat 6.2 on Dell OptiPlex GX110
 the installation failed to install X but all the rest of the system seems
 
 OK
 
 (in run level 3 it boots  works)
 I downloaded from the dell support site the rpm with the display drivers,
 but the X still not running (when booting to runlevel 5 I get a blinking
 screen)
 

I saw somehting like that once in bgu...
The reason was following:

X looked for device /dev/psaux for the mouse, however, mouse was on 
/dev/ttyS0
So X server went down, was restarted by xdm and the story began from the 
start.

Solution was easy:

I changed X pointer device to /dev/gpmdata, and protocol to "MouseSystems"
created fifo with mkfifo /dev/gpmdata
and configured gpm to retransmit its data to /dev/gpmdata by adding -R 
switch to gpm command line.

It worked.

Regarding decision to use /dev/gpmdata as pointer device:
I use that approach usually.


 using Xconfigurator don't help
 
 Can somebody help with this
 
 Thanks
 Shahar Dag
 
 
 =
 To unsubscribe, send mail to [EMAIL PROTECTED] with
 the word "unsubscribe" in the message body, e.g., run the command
 echo unsubscribe | mail [EMAIL PROTECTED]
 
 
 =
 To unsubscribe, send mail to [EMAIL PROTECTED] with
 the word "unsubscribe" in the message body, e.g., run the command
 echo unsubscribe | mail [EMAIL PROTECTED]



=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: Linux on Dell OptiPlex GX110

[Hetz Ben Hamo]

You might want to try with lower resolutions like 640x480 on 60Hz, and
if it works - find out which fits your monitor. (btw - which monitor you
have? brand? inches? refresh rates?)

Could you publish which graphics card you have?

also - if you can - login as a root and type: lspci -vv  filename

Where filename is a file which you can post here..

Thanks
Hetz

Shahar Dag wrote:
 
 Hi
 
 I am installing RedHat 6.2 on Dell OptiPlex GX110
 the installation failed to install X but all the rest of the system seems OK
 (in run level 3 it boots  works)
 I downloaded from the dell support site the rpm with the display drivers,
 but the X still not running (when booting to runlevel 5 I get a blinking
 screen)
 using Xconfigurator don't help
 
 Can somebody help with this
 
 Thanks
 Shahar Dag


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: Linux on Dell OptiPlex GX110

[Omer Musaev]

Hetz Ben Hamo wrote:

 You might want to try with lower resolutions like 640x480 on 60Hz, and
 if it works - find out which fits your monitor. (btw - which monitor you
 have? brand? inches? refresh rates?)
 
 Could you publish which graphics card you have?
 
 also - if you can - login as a root and type: lspci -vv  filename

Note: if you do not have lspci on your computer, you will need to 
install it from pciutils package,
which is coming with RH

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall

[Gilad Ben-Yossef]

Nadav Har'El wrote:

  A possible attack is then to open as many connection as you can in a
  short time to force that connection table to fill up. This is not (any
  more) an academic discussions - SYN attacks, which are basically based
  on the same principle (but happening at the bastion server, not the
  firewall) is what caused in the last year major players like Yahoo and
  eBay to fall down. Using a "stateful inspection" firewall introduces yet
  another point of failure to your setup.
 ..
 
 This is a good point, but I think it's not much of a problem usually,
 because of two reasons:
 
 1) In a home network, or even office network: In this case, the main concern

Agreed. DoS attacks are not very interesting to a home user. I was not
implying that they were.
I just gave a specific example how a feature of a firewall has two
faces.

 2) Correct me if I'm wrong, but I don't see much point in doing stateful
inspection on a *LISTENING* port. I mean, if you have an http server
listening on port 80, then what would you gain by trying to follow the
incoming sessions in the firewall? Are you interested in catching non-SYN
segments of a non-existant connection and not return an RST? Why? Or
are you trying to prevent weird "replies" to hosts that never asked a
question? Why? (if this is to prevent trojans from connecting out, they have
other ways to communicate out, usually... you can also prevent outgoing SYNs)
 

You wish - ever heard of the obscure FTP protocol? ;-) it tries to open
a TCP connection from the ftp server to the ftp client for it's data. So
if you want to support FTP (not an all together ridiculous demand after
all) you have to check incoming SYN packets for "correctness". And how
do you do that? right... you check against a state table (or hash,
doesn't matter). And everywhere there is a state table you can flood it.

The fact is the same thing happens everywhere you try to save state: in
the fragment queue,  for example. The principle here is that "state"
requires a place to save data. You can flood that place. Hence "stateful
inspection" carries, by it's name, a weak spot. 

Are there bigger weak spots out there? of course. I was just saying that
to use the buzzword of the day (here: "stateful inspection") does not
make anything more secure. It's always a trade off and a firewall that
does not do stateful inspection is not necessarily less better then one
who does. It depends in what you want to do.





 
I see the importance of stateful inspection in the other direction: i.e.,
a user from inside the firewall makes a connection, and we want to allow
packets to return to him, but only from the one machine he's connected to -
we don't want to open up everything from every machine just to allow this
connection. I don't see how a DoS attack can be done remotely in such a
case.
 

As I wrote above it is because of the user on the inside of the firewall
that it needs to keep state - to know which connection is lawful and
which isn't that state tables overflowing can be achieved.

Gilad.
-- 
Gilad Ben-Yossef [EMAIL PROTECTED] 
http://kagoor.com :: +972(54)756701
"Any philosophy that can be put in a nutshell belongs there"

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: Linux on Dell OptiPlex GX110

[Tzafrir Cohen]

Shahar, I hope you don't mind me answering that

On Thu, 19 Oct 2000, Shahar Dag wrote:

 Hi
 
 I am installing RedHat 6.2 on Dell OptiPlex GX110
 the installation failed to install X but all the rest of the system seems OK
 (in run level 3 it boots  works)
 I downloaded from the dell support site the rpm with the display drivers,
 but the X still not running (when booting to runlevel 5 I get a blinking
 screen)
 using Xconfigurator don't help

I happened to be at the location, so I see that other replies are taking
some wrong directions.

The display adapter uses Intel i810, and I quote another message from
today:

The X display is less good - you will have to download a binary kernel
module (!) from Intel to make it work.
You can get it from
http://support.intel.com/support/graphics/intel810/linuxsoftware.htm

-- 
Tzafrir Cohen
mailto:[EMAIL PROTECTED]
http://www.technion.ac.il/~tzafrir


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: firewall

[Nadav Har'El]

On Thu, Oct 19, 2000, Shachar Shemesh wrote about "Re: firewall":
 Ahem Ahem
 
 Actually, I did not ask for the "Reply-To:" field. I asked that people doing
 the actual reply not reply to both me and the list.

But they'll never do that, and I explained why: pressing "g" is simply too
easy.

 This is a technicality. I was not aware of the very good reasons mentioned
 in Gilad's mail, and so I did have a change of heart on that matter.
 
 Nadav - sorry, but so far you are the only voice in favour of the "reply-to"
 field.
 Nothing personal.

Ok :) I know to "lehafsid bekavod" :)

Vox populi, vox dei!

-- 
Nadav Har'El|Thursday, Oct 19 2000, 21 Tishri 5761
[EMAIL PROTECTED] |-
Phone: +972-53-245868, ICQ 13349191 |Support bacteria - they're the only
http://nadav.harel.org.il   |culture some people have!

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Samba - veto files directive

[Subba Rao]

Hi,

I have used the "veto files" flags for my users home directory shares.
The syntax is as follows,

veto files = /.*/

This is to hide all the dot files in the samba client.
I stoped and restarted samba and sure enough the dot files do not get listed.

One problem that has showed up is, when I try to save a file from the samba
client (windows system) to the samba server, I get the "Error Copying File" 
message box,

"Cannot copy xyz:A file with the name you specified already exists. Specify
a different filename"

This happens to any file that I am trying to move to the samba server.

I have already tried "hide dot files" directive and that does not hide the
files.

Is there any other directive that should be used along with "veto files" 
directive?

Thanks in advance.

-- 

Subba Rao
[EMAIL PROTECTED]
http://pws.prserv.net/truemax/

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

hebrew printing

[Ishai Parasol]

Hi

Is there a way to print hebrew characters with the printer ? How ?
I tried to print in hebrew with netscape and with my "hebgtk'ed" editor
but with no success. I use RH6.2 with HP Deskjet 840c, configured with
aspfilter-4.9.9 as cdj670 (the closest driver i could find).

TIA,
Ishai.


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

PHP's poe_sessions database.

[Erez Boym]

Hi,

I'v installed HPH according to instructions in a book
I've bought and for some reason the book dose not
state the structure of the poe_sessions database
tables and fields.

Can some one please dump the structure of the
poe_sessions in to a sql script or a text file and
send it to me.

Thanks

Erez Boym
[EMAIL PROTECTED]



__
Do You Yahoo!?
Yahoo! Messenger - Talk while you surf!  It's FREE.
http://im.yahoo.com/

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: LGPL question

[Adi Stav]

On Wed, Oct 18, 2000 at 11:47:54AM +0200, Felix Shvaiger wrote:
 Hi All !
 
 May I develop proprietary application (executable) that uses LGPLed library
 in form of shared library and distribute nothing but:
 1. executable file itself
 2. my proprietary license for this executable
 3. notice that this executable uses some LGPLed libraries
 4. shared object file of LGPLed library (to make my executable working)
 5. LGPL license file
 6. link do LGPLed library's source code download site
 7. instructions about making shared library from source
 
 Have I got it right ?
 
 Do not ask, why I don't GPL my applications - it is not up to me.

If I'm not mistaken (IANAL), if you provide the LGPL library
commercially (as opposed to free as in *beer*) you need to also
provide the source together with the binary, or an offer to provide it
for no charge. There is a clause allowing you to settle for a link,
but it (IIRC) does not apply for commercial distribution.

Of course, you don't have to GPL your source if the library is only
LGPL...

Also, see the http://www.gnu.org site.


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re: gcc question.

[Ely Levy]

do setenv CC /usr/bin/kgcc
or export CC=kgcc on bash


Ely Levy
System group
Hebrew University 
Jerusalem Israel



On Wed, 18 Oct 2000, Yosi wrote:

|  Hi,
|  
|  After reading the answers of Guy and Omer, to your question, I think
|  that neither of them actually answered, on how to compile a kernel on
|  RedHat 7.0 . If we forget for a moment the flame war about the
|  decision to include a snapshot of gcc in RH7 , and focus on your
|  probelm, the answer will be you need to install a package called
|  kgcc from the RH7 disc. RedHat is aware that the kernel doesn't
|  compile with their supplied gcc-2.96 , and thus have created a package
|  called kgcc that let's you compile the kernel.
|  
|  Hope this helps,
|  Yosi
|  
|  
|  Maxim Kryachko wrote:
|  Hi all.
|  
|  Having recently installed RH7 I tried to compile several things, such
|  as modem driver, new kernel and modules, in all cases compiler (gcc)
|  reports of a bunch of errors and exits.
|  Both modem driver and kernel (2.3.9) compile OK in Slackware 7 on
|  gcc-2.92. Now I use version 2.96 of gcc, which comes with the distribution.
|  Did
|  anyone experienced same problem?
|  In case I will decide to get down to previous version of gcc, where
|  one could find RPMs instead of tarballs of the packages (RH7
|  installed everything as RPMs).
|  ftp.gnu.org contains tarballs only...
|  
|  10x
|  Max.
|  
|  _
|  Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
|  
|  Share information about yourself, create your own public profile at
|  http://profiles.msn.com.
|  
|  
|  =
|  To unsubscribe, send mail to [EMAIL PROTECTED] with
|  the word "unsubscribe" in the message body, e.g., run the command
|  echo unsubscribe | mail [EMAIL PROTECTED]
|  
|  


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

No Subject

[dx3]

I have a creative Modem Blaster V.90 PCI DI5655 
modem
Windows sees it fine.
It is working properly on COM4
I can't seem to get Linux to recognize 
it.
I am using RedHat 5.2
what am I doing wrong?

Re: your mail

[Omer Zak]

Is it a winmodem?
If yes, either you are out of luck, or you need to upgrade to a more
recent version (today there is RedHat 7.0), which may be having a driver
for the modem.

On Fri, 20 Oct 2000, dx3 wrote:

 I have a creative Modem Blaster V.90 PCI DI5655 modem
 Windows sees it fine.
 It is working properly on COM4
 I can't seem to get Linux to recognize it.
 I am using RedHat 5.2
 what am I doing wrong?

 --- Omer
WARNING TO SPAMMERS:  see at http://www.zak.co.il/spamwarning.html


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Re:

[Mike Almogy]

it is probably a winmodem.
a modem that it's operation depended on the 
OS.
some winmodems has drivers for linux.
I think that you need to find out if it can be 
configured via linux at all.

Mike


  - Original Message - 
  From: 
  dx3 
  To: [EMAIL PROTECTED] 
  Sent: Friday, October 20, 2000 1:36 
  AM
  
  
  I have a creative Modem Blaster V.90 PCI DI5655 
  modem
  Windows sees it fine.
  It is working properly on COM4
  I can't seem to get Linux to recognize 
  it.
  I am using RedHat 5.2
  what am I doing wrong?