Linux-Misc Digest #89, Volume #24 Sun, 9 Apr 00 15:13:03 EDT
Contents:
Re: Visio (Microsoft vs. Unix) (brian moore)
Re: Cannot install ([EMAIL PROTECTED])
GCC help ("Matt Gostick")
Re: Linux printing inadequate. ("Peter T. Breuer")
Re: How Microsoft inhibits competition & innovation ([EMAIL PROTECTED])
Re: Can't I just tack on an old C:/Windows drive (s. keeling)
Re: Linux ("David ..")
Re: Image tool to grab image from the screen (Silviu Minut)
libs (The Dude)
Re: PS/2 to Serial Mouse Converter (Duane Evenson)
new user ("Walt Taylor")
Re: uninstalling stuff (Simon Brooke)
Re: Can't mount Win95 FAT32 (brian moore)
Linux Scheduling Source ("Raterus")
Re: How Microsoft inhibits competition & innovation
Re: How Microsoft inhibits competition & innovation
Re: How Microsoft inhibits competition & innovation (Rick)
Re: Can't I just tack on an old C:/Windows drive ("David ..")
Re: uninstalling stuff ("Peter T. Breuer")
Re: libs ("Peter T. Breuer")
Re: How Microsoft inhibits competition & innovation (Rick)
Re: Linux (Bastian)
Re: How Microsoft inhibits competition & innovation (Rick)
Re: How did the hacker get root access to my system? (Rod Smith)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (brian moore)
Subject: Re: Visio (Microsoft vs. Unix)
Date: 9 Apr 2000 17:42:09 GMT
On Thu, 06 Apr 2000 19:24:20 GMT,
Robert Heller <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] (Leslie Mikesell),
> In a message on 5 Apr 2000 15:02:40 -0500, wrote :
>
> LM> Does anyone happen to know why posix doesn't specify fork()?
> LM> And what other posix-compliant system besides NT doesn't
> LM> have fork() with its expected semantics? (In other words
> LM> was it left out as a special consideration for someone?)
>
> VMS maybe? Also SYS5 vs. BSD. fork() vs. vfork().
Both BSD and SysV have fork. BSD added vfork() as an evil hack for
certain situations (ie 'fork/exec') as an optimizing feature before
memory managers that could handle 'copy-on-write' were around.
--
Brian Moore | Of course vi is God's editor.
Sysadmin, C/Perl Hacker | If He used Emacs, He'd still be waiting
Usenet Vandal | for it to load on the seventh day.
Netscum, Bane of Elves.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Cannot install
Date: Sun, 09 Apr 2000 17:42:19 GMT
George Bell <[EMAIL PROTECTED]> did eloquently scribble:
> Hello,
> I recently downloaded a newreader by ftp. The name of the file is
> slrn-0.9.6.2.tar.gz. It is for the slrn newsreader from
> ftp://space.mit.edu. But when I try to uncompress the file with either
> gunzip or gzip -d command, I get
> gzip: slrn-0.9.6.2.tar.gz invalid compression data--crc error.
> Does this mean I have to go back and download the file all over again?
Not neccesarily. If you downloaded it with Netscape, it can "helpfully"
unzip the archive for you, but leaves the name unchanged.
Try changing the name to slrn.tar and then tar -xvf slrn.tar...
--
______________________________________________________________________________
| [EMAIL PROTECTED] | "I'm alive!!! I can touch! I can taste! |
| Andrew Halliwell BSc | I can SMELL!!! KRYTEN!!! Unpack Rachel and |
| in | get out the puncture repair kit!" |
| Computer Science | Arnold Judas Rimmer- Red Dwarf |
==============================================================================
|GCv3.12 GCS>$ d-(dpu) s+/- a C++ US++ P L/L+ E-- W+ N++ o+ K PS+ w-- M+/++ |
|PS+++ PE- Y t+ 5++ X+/X++ R+ tv+ b+ DI+ D+ G e++ h/h+ !r!| Space for hire |
==============================================================================
------------------------------
From: "Matt Gostick" <[EMAIL PROTECTED]>
Subject: GCC help
Date: Sun, 09 Apr 2000 17:51:19 GMT
Hello,
I didn't get any replies from the minix newsgroup so I
thought by chance that someone here might know the
answer since minix and linux are so closely related.
Has anyone here gotten GNU GCC to work on minix?
I would love to know how. I have to do a school project
that involves porting KDE to Minix... KDE requires qt...
which is written in C++. Unfortunately Minix does not
have a C++ compiler installed.
Does anyone know of any simple C++ compilers other
than GNU GCC that would compile on minix?
Or... on the off chance that you have a C++ compiler
running on minix I would love more details.
Thanks
Matt Gostick.
------------------------------
From: "Peter T. Breuer" <[EMAIL PROTECTED]>
Subject: Re: Linux printing inadequate.
Date: 9 Apr 2000 17:54:21 GMT
Chetan Ahuja <[EMAIL PROTECTED]> wrote:
: Grant Edwards <[EMAIL PROTECTED]> spoke thusly:
:> On Sun, 09 Apr 2000 09:51:51 -0400, Ralph C Blach <[EMAIL PROTECTED]> wrote:
:> What do you mean "a setup menu?" Most of us would consider
:> printool as "a setup menu" -- you don't?
: OK.. I think I would jump in here. I think what Ralph means is that
: you can't choose print options AT THE TIME OF printing a document. I
Maybe that is what he means. I don't know. But you certainly can.
Any gui (e.g. soffice, wp8 ..) will offer you a menu to choose your
printer of preference for the job at hand.
Maybe what you are saying is that you can't configure new printers on
the fly. You can, the menu can call "system(printtool)" and then reread
printcap. What you are probably saying is that nobody has bothered
to write a general menu which you can call as
printmenu(document);
They have. Several times.
: respect. That is, it doesn't present a powerful uniform printing system
: interface to all the applications which allows user to choose
: various printing options ( e.g. quality of printout etc.)
: easily AT THE TIME OF printing. Maybe you could fiddle with
It's just a question of which printer you want to send it too. If you
are saying that there's no continuous spectrum, well, I wasn't aware
that there were a continuous range of printer settings available.
: remember what each printer name means. Of course there's the problem
: of manufaturers only providing drivers for windows etc. But this
: problem goes beyond drivers and is in some way inherent in the
: non-interactive nature of printing that lpr/lpd combo provides.
The interaction can occur before that, when you choose which "Logical
printer" to send to. You can also choose which kind of postscript to
send, I suppose, but that's up to your rendering engine. Can't you
just call ghostscript with the right options?
Peter
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: How Microsoft inhibits competition & innovation
Date: Sun, 9 Apr 2000 12:01:01 -0500
Am I the only one who really finds this thread strange? To come into a
linux newsgroup and claim Microsoft has a monopoly is really bizarre.
--
------------------------------
From: [EMAIL PROTECTED] (s. keeling)
Subject: Re: Can't I just tack on an old C:/Windows drive
Date: 09 Apr 2000 12:16:42 -0600
[EMAIL PROTECTED] (Andrew Purugganan) writes:
> I was wondering if I could mount that old C drive somehow and make it a
> vfat or whatever partition, still boot linux as primary
"still boot linux as primary" is a problem for your boot manager. I
use lilo for this.
As for the other, linux had vfat support long before NT did!
/etc/fstab:
# /etc/fstab: static file system information.
#
# who needs it?!?
# /dev/hda1 /dosc vfat user,rw,conv=auto
#
# <file system> <mount point> <type> <options> <dump> <pass>
/dev/hda2 / ext2 defaults,errors=remount-ro 0 1
[yadda, yadda, snipped]
--
[EMAIL PROTECTED] (Stephen) TopQuark Software & Serv. Enquire within.
[sed 's/NO@SPAM./@/g'] Contract programmer, server bum.
Any technology distinguishable from magic is insufficiently advanced.
------------------------------
From: "David .." <[EMAIL PROTECTED]>
Subject: Re: Linux
Date: Sun, 09 Apr 2000 13:20:33 -0500
Parkerteam1 wrote:
>
> I am doing research on the Linux Operating System. If anyone has any personal
> input to send me...please do so. Thanks. Need ASAP. I prefer the comparison
> of Linux to Microsoft.
I would say. If you want to do one thing at a time then you could run M$
at least between crashes. If you want to do many things at once, and do
them for days, months, or years, run Linux.
example:
On my linux system I run 5 seti@home WU's at the same time though I
did have 24 running at one time (windoz can only run 1), it was a little
slow with that many running so I cut back to 5. Not because linux
couldn't run that many, it did and didn't complain or crash once.
Even with all 24 seti's running I still had the power to browse the
web, and download files, run a name server, proxy server, mail server,
firewall, FTP server, share my internet connection, and other things as
well, all on one system. Try that with M$.
I haven't used windoz in a long time, and the last windoz I wasted money
on was unstable 95 so I don't know what if any changes have been made
and now, I have no interest in finding out. After all, why spend good
money after bad??
With Linux if you don't like the way something works, or don't like the
window manager you have the freedom to change it to your likes and or
needs. Don't like Netscape? Then remove it from your system "completely"
and use something else. The choice is yours.
My 2 cents
------------------------------
From: Silviu Minut <[EMAIL PROTECTED]>
Subject: Re: Image tool to grab image from the screen
Date: Sun, 09 Apr 2000 14:23:50 -0400
xwd (x-window dump) specifically designed for this.
xv.
Andrew Shiue wrote:
> Does anyone know this kind of program in the Linux?
>
> Thanks,
>
> --Andy
------------------------------
From: The Dude <[EMAIL PROTECTED]>
Subject: libs
Date: Sun, 09 Apr 2000 18:16:42 GMT
hey,
when installing an rpm from time to time I get a message that some libs
are required for installation.
I would really want to know how do I find whose libs in the shortest
way. how do I know what rpm to install in order to have those libs.
pls help.
--
Regards
The Dude
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Duane Evenson <[EMAIL PROTECTED]>
Subject: Re: PS/2 to Serial Mouse Converter
Date: Sun, 09 Apr 2000 12:23:07 -0600
Dances With Crows wrote:
> On Sat, 08 Apr 2000 13:33:02 GMT, Polat
> <<8cncee$cph$[EMAIL PROTECTED]>> shouted forth into the ether:
> >I have a serial mouse and an external serial modem,
> >but just one serial port. I have bought a PS/2 to Serial converter
> ^^^^^^^^^^^^^^^^^^^^^^^^
> Ok, if you have a serial mouse and you bought a PS/2 to serial converter,
> then there's your problem. You need a serial-to-PS/2 converter!
>
> >, but Neither Linux nor Windows doesnt detect it.
>
> Double negative=positive, so again, where's the problem?
>
> Seriously, the problem may be in the mouse itself. Some mice are only
> serial-compatible, not PS/2 compatible--the data packets that are
> transmitted from the mouse are different between serial and PS/2 mice.
> Some mice are capable of switching between two protocols intelligently.
> Tried holding one of the mouse buttons down upon bootup? Tried all the
> various mouse protocols available under Linux, using /dev/psaux as the
> mouse device? Also make sure the onboard mouse port is enabled in the
> machine's BIOS.
>
> If all else fails, 2-button PS/2 mice are getting very cheap; $10 US or
> so new and much less at garage sales.
>
$10!!! Sure, if you want one of them dijon mice. I just bought a 3 button, MS
mouse/mouse systems switchable mouse with a PS2-Serial converter for $4.99 -- and
that's in Canada where a dollar is worth 68 cents. :)
>
> --
> Matt G / Dances With Crows \###| Programmers are playwrights
> There is no Darkness in Eternity \##| Computers are lousy actors
> But only Light too dim for us to see \#| Lusers are vicious drama critics
> (Unless, of course, you're working with NT)\| BOFHen burn down theatres.
------------------------------
From: "Walt Taylor" <[EMAIL PROTECTED]>
Subject: new user
Date: Sun, 09 Apr 2000 18:31:10 GMT
I hoping my problem is easy for everyone. I put together an AMD600 Anthlon
and decided to use L-M 7.0 Deluxe. I've got everything installed, rebooted
for the first time the box comes up for user and password I can type in user
box but when I try to type in password box it won't let me, hope someone can
help me so I can get my experience with L-M on the road. Thank you, Walt
------------------------------
Crossposted-To: uk.comp.os.linux
Subject: Re: uninstalling stuff
From: Simon Brooke <[EMAIL PROTECTED]>
Date: Sun, 09 Apr 2000 18:34:22 GMT
"Simon H." <[EMAIL PROTECTED]> writes:
> This is basic stuff I know but I can't seem to find the relevant
> documentation anywhere. The question is: how do I uninstall applications
> that were installed using tar -xvzf (as opposed to RPMS which even I can
> manage)?
Hah! The short answer is you don't. That's why people invented package
managers. The long answere is **carefully**.
--
[EMAIL PROTECTED] (Simon Brooke) http://www.jasmine.org.uk/~simon/
There are no messages. The above is just a random stream of
bytes. Any opinion or meaning you find in it is your own creation.
------------------------------
From: [EMAIL PROTECTED] (brian moore)
Crossposted-To: alt.os.linux
Subject: Re: Can't mount Win95 FAT32
Date: 9 Apr 2000 18:34:50 GMT
On Fri, 7 Apr 2000 11:18:10 -0400,
Sandhitsu R Das <[EMAIL PROTECTED]> wrote:
>
> I have a prehistoric 2.0.31 kernel. The following (forged) session script
> describes the problem I have. If anybody wants further information to get
> to a solution, please tell me.
>
> # fdisk and then 'p'
>
> Device Boot Begin Start End Blocks Id
> System
> /dev/hda1 * 1 1 384 3084448+ b Win95
> FAT32
> /dev/hda2 385 385 523 1116517+ 5
> Extended
> /dev/hda5 385 385 395 88326 83 Linux
> native
> /dev/hda6 396 396 478 666666 83 Linux
> native
> /dev/hda7 479 479 504 208813+ 83 Linux
> native
> /dev/hda8 505 505 511 56196 83 Linux
> native
> /dev/hda9 512 512 518 56196 83 Linux
> native
> /dev/hda10 519 519 523 40131 82 Linux
> swap
>
> # cat /proc/filesystems
>
> ext2
> msdos
> nodev proc
> vfat
>
>
>
> # lsmod
>
> Module Pages Used by
> vfat 3 0 (autoclean)
>
> # mount /dev/hda1 /dosc
>
> mount: wrong fs type, bad option, bad superblock on /dev/hda1 or too
> many mounted file systems
mount -t vfat /dev/hda1 /dosc
Unless you specify the partition in /etc/fstab, you should specify the
fiesystem type to mount. From the mount man page:
The type iso9660 is the default. If no -t option
is given, or if the auto type is specified, the
superblock is probed for the filesystem type
(minix, ext, ext2, xiafs, iso9660, romfs ,ufs,
ntfs, qnx4, bfs are supported). If this probe
fails, mount will try to read the file
/etc/filesystems, or, if that does not exist,
/proc/filesystems. All of the filesystem types
listed there will be tried, except for those that
are labeled "nodev" (e.g., devpts, proc and nfs).
Note that the fat and vfat file systems are -not- autoprobed by default.
--
Brian Moore | Of course vi is God's editor.
Sysadmin, C/Perl Hacker | If He used Emacs, He'd still be waiting
Usenet Vandal | for it to load on the seventh day.
Netscum, Bane of Elves.
------------------------------
From: "Raterus" <[EMAIL PROTECTED]>
Subject: Linux Scheduling Source
Date: Sun, 9 Apr 2000 14:37:53 -0400
I'm doing an assignment for an operating systems class where I need to
diagram the Linux's (Redhat distrubution) Scheduler. I have no clue where
to find the source or once I get it which files do I need to look at. Can
someone help??
Mike
------------------------------
Reply-To: <btolder>
From: <btolder>
Subject: Re: How Microsoft inhibits competition & innovation
Date: Sun, 9 Apr 2000 10:17:24 -0700
Crossposted-To: comp.lang.java.advocacy,comp.os.ms-windows.nt.advocacy
Grant Edwards <[EMAIL PROTECTED]> wrote in message news:kfJH4.1029
> Except that they've never developed anything. Not anything new
> anyway. MS products are mostly just bloated, crappy copies of
> stuff other people invented.
Where do you see the real innovation happening in this business? What
companies? What specific technologies?
------------------------------
Reply-To: <btolder>
From: <btolder>
Subject: Re: How Microsoft inhibits competition & innovation
Date: Sun, 9 Apr 2000 10:24:05 -0700
Crossposted-To: comp.lang.java.advocacy,comp.os.ms-windows.nt.advocacy
Rick <[EMAIL PROTECTED]> wrote in message
> Even if the price HAS stayedthe same, the price of everythig else has
> gone down, and the price of MS's OS as software has become a MUCH larger
> piece of a computer's purchase price. Add to that the fact that Microsft
> has driven compaines liike Go Computing out of business and the forced
> sale of Netscape and you show a very definite harm to consumers.
The cost of hardware has fallen because silicon follows a very specific
price curve. Software does not follow that same price curve.
Looking at fixed costs...If it took 10 software engineers 1 year to complete
a non-UI software project in C in 1990, it would take them about the same to
do it today in 2000. This isn't true with silicon design, in that EE's are
extremely leveraged here with new tools. A single EE today can out-design
their counterpart from 1990 several times over.
Add to that the fact that IC variable costs have fallen about 15X in the
last decade, and IC package costs have fallen about 40X in the same time.
Comparing software and hardware costs is completely invalid. Your argument
is uninformed and on par with what I'd expect to read in USA Today or from
Ralph Nader.
------------------------------
From: Rick <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.java.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: How Microsoft inhibits competition & innovation
Date: Sun, 09 Apr 2000 14:46:22 -0400
btolder wrote:
>
> <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > In comp.os.linux.misc Otto <[EMAIL PROTECTED]> wrote:
> > > So you think that Windows 98 is a crime. Then you're probably screaming
> > > bloody murder when you look at Red Hat's version numbers, 5.0/5.1 and
> > > 6.0/6.1. The time elapsed between the versions isn't even close to three
> > > years which is the case of the Windows95/98 switch. Not to mention the
> rest
> > > of the Linux distributors and the fact that their R & D is minimal, when
> > > compared to Microsoft's. Yet, the price of the Linux distros are similar
> to
> > > Windows platform prices.
> >
> > Not very good at maths, are you?
> > Even if you get the full priced distro of, say, SuSE at 25 quid, you can
> > install that legally on as many machines as you want. Yours, your
> companys,
> > your friends, all at no extra cost.
> >
> > Try that with M$ windows, and see how fast you get accused of software
> > piracy.
>
> The cost of M$ software is incredibly reasonable. It's running about $90
> every 3 years for an OS upgrade. That's $30 per year. Most companies budget
> more for office supplies and copies per employee per year.
Except that becasue of economies of scale, it SHOULD be MUCH cheaper.
--
Rick
To reply by email remove the obvious from my address.
------------------------------
From: "David .." <[EMAIL PROTECTED]>
Subject: Re: Can't I just tack on an old C:/Windows drive
Date: Sun, 09 Apr 2000 13:40:29 -0500
Andrew Purugganan wrote:
>
> I was wondering if I could mount that old C drive somehow and make it a
> vfat or whatever partition, still boot linux as primary
> Any chance?
Add a line like this to /etc/fstab be sure to set the correct partition
device and mount point.
/dev/hda1 /mnt/windoz vfat user,exec,dev,suid,rw,noauto 0 0
--
Registered with the Linux Counter. http://counter.li.org/
ID # 123538
------------------------------
From: "Peter T. Breuer" <[EMAIL PROTECTED]>
Crossposted-To: uk.comp.os.linux
Subject: Re: uninstalling stuff
Date: 9 Apr 2000 18:40:05 GMT
Simon Brooke <[EMAIL PROTECTED]> wrote:
: "Simon H." <[EMAIL PROTECTED]> writes:
:> This is basic stuff I know but I can't seem to find the relevant
:> documentation anywhere. The question is: how do I uninstall applications
:> that were installed using tar -xvzf (as opposed to RPMS which even I can
:> manage)?
: Hah! The short answer is you don't. That's why people invented package
: managers. The long answere is **carefully**.
Yes, more or less. Still ...
tar tzf foo.tgz | xargs rm -f --
(to cope with names with spaces in you'll have to additionally
use the -0 option to xargs, and the corresponding option in tar).
Peter
------------------------------
From: "Peter T. Breuer" <[EMAIL PROTECTED]>
Subject: Re: libs
Date: 9 Apr 2000 18:40:57 GMT
The Dude <[EMAIL PROTECTED]> wrote:
: when installing an rpm from time to time I get a message that some libs
: are required for installation.
: I would really want to know how do I find whose libs in the shortest
Look them up in your distro's manifest.
Or don't use rpm's .. read the readme, etc.
Peter
------------------------------
From: Rick <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.java.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: How Microsoft inhibits competition & innovation
Date: Sun, 09 Apr 2000 14:49:55 -0400
Robert Moir wrote:
>
> <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > In comp.os.linux.misc btolder wrote:
> > >> Not very good at maths, are you? Even if you get the full priced distro
> > >> of, say, SuSE at 25 quid, you can install that legally on as many
> > >> machines as you want. Yours, your companys, your friends, all at no
> extra
> > >> cost.
> > >>
> > >> Try that with M$ windows, and see how fast you get accused of software
> > >> piracy.
> >
> > > The cost of M$ software is incredibly reasonable. It's running about $90
> > > every 3 years for an OS upgrade. That's $30 per year. Most companies
> budget
> > > more for office supplies and copies per employee per year.
> >
> > Nope. That's $30 per year, PER machine. A company with 50 machines would
> > have to pay $1500 (using YOUR costing, which is WILDLY inaccurate).
>
> Thats right, we pay far less than that for our windows licences. And you
> don't think that $30 per person per year is cheap? I bet, that regardless of
> what operating system they use, that the cost of supporting that user's
> operating system and apps comes to a lot more than $30 per person per year.
Then you would lose that bet. The MacOS has been repeadedly show to have
a much lower ownership cost when support is factoredd in. Linux, FreeBSD
and the other *nix varieties can have a $0 purchase price, and are
certainly no more expensive to maintain.
--
Rick
To reply by email remove the obvious from my address.
------------------------------
From: [EMAIL PROTECTED] (Bastian)
Subject: Re: Linux
Date: 09 Apr 2000 18:48:09 GMT
On 09 Apr 2000 16:13:30 GMT, Parkerteam1 wrote:
>I am doing research on the Linux Operating System. If anyone has any personal
>input to send me...please do so. Thanks. Need ASAP. I prefer the comparison
>of Linux to Microsoft.
>
>[EMAIL PROTECTED]
You should post such a question at comp.os.linux.advocacy. Those guys will
be glad to have some stuff to argue about :)
Bastian
------------------------------
From: Rick <[EMAIL PROTECTED]>
Subject: Re: How Microsoft inhibits competition & innovation
Date: Sun, 09 Apr 2000 14:52:06 -0400
[EMAIL PROTECTED] wrote:
>
> Am I the only one who really finds this thread strange? To come into a
> linux newsgroup and claim Microsoft has a monopoly is really bizarre.
> --
It is not bizzare. It is now legal fact. A product does not have to have
a 100% market penetration to be declared a monopoly. Microsoft has a
90-95% share of the desktop and uses that position to kill competition
and mandate pricing. That is the definition of a monopoly.
--
Rick
To reply by email remove the obvious from my address.
------------------------------
Reply-To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED] (Rod Smith)
Subject: Re: How did the hacker get root access to my system?
Crossposted-To: alt.2600,alt.linux,comp.os.linux
Date: Sun, 09 Apr 2000 18:51:02 GMT
[Posted and mailed]
In article <8cnrqq$siu$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] writes:
> This is a follow up to thread "Re: Hacker in my system. Help?" on
> alt.2600
>
> I'm trying to determine how a hacker got into my Linux 6.1 server and
> would love some help.
First off, there's no such thing as Linux 6.1. Linux (that is, the Linux
kernel) is only up to 2.3.something, the last I checked. Chances are you
mean Red Hat Linux 6.1, but you could mean Linux Mandrake 6.1, SuSE Linux
6.1, or perhaps others. On occasion, knowing the precise distribution is
important in tracking down problems.
> I have determined that the hacker must have had root access.
Crackers generally do try for this, and often achieve it. That's not to
say that the cracker had this access to begin with; s/he may have
exploited several security holes to achieve increasing levels of access to
your system.
> At around the same time, I see these interesting things in my mail log:
>
> maillog.1:Mar 28 08:31:03 server sendmail[17631]: IAA17631:
> from=<[EMAIL PROTECTED]>, size=4494, class=-100, pri=214494, nrcpts=1,
> msgid=<[EMAIL PROTECTED]>, proto=ESMTP,
> relay=wodc7-1.corprelay.mail.uu.net [192.48.96.68]
>
> Prior to that:
>
> maillog.3:Mar 14 21:24:32 server sendmail[773]: VAA00773:
> from=<[EMAIL PROTECTED]>, size=617, class=0, pri=30617, nrcpts=1,
> msgid=<[EMAIL PROTECTED]>, proto=ESMTP,
> relay=IDENT:[EMAIL PROTECTED] [24.1.13.240]
I don't see anything unusual about either of these entries, although
depending upon how your system is configured, it might be odd that you're
getting connection attempts for sending you e-mail. Even if you don't give
your machine's direct e-mail address out, it's possible that a spammer
extracted it from a news posting. If you're on an ISP that uses dynamic IP
addresses, perhaps somebody else uses an e-mail server and a dynamic DNS
service, but when the IP address changed, you got this other person's old
IP address and therefore some mis-directed e-mail connection attempts.
Other explanations are possible, too. The point being, although I
certainly can't rule out the possibility of a Sendmail exploit, I wouldn't
focus too much attention on this from two normal-looking mail log entries.
> Is it likely that he exploited a security hole in Sendmail? Does anyone
> know of a security breach in sendmail that will allow someone to gain
> root access to a Linux 6.1 machine?
Check your distribution's web page. It should have a list of
security-related updates and problems. If you see one for Sendmail, then
that's possible. If not, it's still possible, but less likely.
I don't know of any recent Sendmail security problems or updates. Of
course, that doesn't mean they don't exist. I *HAVE*, however, heard of
problems with some fairly recent versions of named (the DNS server). If
you're running named on your system, that could be it.
> I've since nuked all this crap of his, and I have ripped out sendmail.
> Inetd is being removed (and imap is out) if I can get the qmail popd
> stuff working using daemontools.
>
> Any clues and other security advice would be greatly appreciated.
> Thanks
I suggest you reinstall everything from scratch. You really can't be
positive that your system is clean unless you do that, at least not
without taking some very extreme measures (like booting from a known-clean
emergency floppy and checking all files against their original RPMs or
Debian packages on a known-clean CD-ROM, then checking to be sure that no
spare files have been added anywhere on your system).
Depending upon what you want to do with your system, removing inetd might
not be a good idea. You can actually INCREASE your system's security by
running services from inetd in conjunction with TCP Wrappers. Of course,
if you don't want to run any of the services from inetd, then you might as
well remove it. You might also want to replace it with xinetd in some
cases, particularly if you've got a multi-homed host. Removing unnecessary
servers is certainly a good idea, but they don't all run from inetd. Many
distributions run a ludicrous number of servers on their default
installations. (Corel 1.0 is particularly bad in this respect, FWIW.)
I also suggest that you read up on security issues, and probably set up an
ipchains firewall. The site http://linux-firewall-tools.com/linux/ can
help you create one. There are also several security-related HOWTOs and
other documents scattered about. A good book on Linux security is _Maximum
Linux Security_, and one on UNIX security in general is _Practical UNIX &
Internet Security._ I've got links to both (and one or two others) on my
web page, http://www.rodsbooks.com/books/books-network.html. If you merely
re-install everything the way it had been, your uninvited guest will be
back.
--
Rod Smith, [EMAIL PROTECTED]
http://www.rodsbooks.com
Author of books on Linux networking & multi-OS configuration
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.misc) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Misc Digest
******************************
