Linux-Misc Digest #609, Volume #24 Fri, 26 May 00 16:13:03 EDT
Contents:
Re: How Microsoft inhibits competition & innovation (fungus)
Re: 6 certifications in 30 Days and 15+ College Credits!!! (Bernie)
Re: How Microsoft inhibits competition & innovation (JEDIDIAH)
Re: SMP+3Com905B hangs (Joshua Baker-LePain)
Re: How Microsoft inhibits competition & innovation (fungus)
Re: Using Linux/IPChains instead of commercial firewall (Lincoln Yeoh)
Re: Need ideas for university funded project for linux (Jan Knutar)
Re: Need ideas for university funded project for linux (Jan Knutar)
Re: 6 certifications in 30 Days and 15+ College Credits!!! ("Harold S. Frydman")
Re: Need ideas for university funded project for linux (JEDIDIAH)
sprintf bug? (U.V. Ravindra)
Re: How to tell which linux I'm in (tt@me)
Re: sprintf bug? (Andreas Kahari)
Re: democracy? (Salvador Peralta)
Re: CAUTION: I am under attack from an incompetent hacker probably in (Nick
Bernstein)
----------------------------------------------------------------------------
From: fungus <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.java.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: How Microsoft inhibits competition & innovation
Date: Fri, 26 May 2000 08:44:45 GMT
Ermine Todd wrote:
>
> In this case, I have to agree with you 100%. Part of the justification,
> interestingly enough, from MS for the original development of OS/2 was to
> deal with this very issue of how the API had grown in sometimes less than
> efficient manner (re: downright awkward).
>
> However, legacy issues will be with us forever - case in point: one of the
> limiting factors on the size of the solid rocket boosters in the space
> shuttle was the (thru a moderate concatenation of history) width of horses
> behinds.
>
Yes, but tunnels are solid parts of our landscape.
windows.h, isn't solid, it's just a text file in my computer.
I want a windows.h which has its own namespace, or at
least doesn't use #define to define names for things.
You can keep the old one lying around for legacy reasons,
just like C++ has two versions of the C library headers.
--
<\___/>
/ O O \
\_____/ FTB.
------------------------------
From: [EMAIL PROTECTED] (Bernie)
Crossposted-To:
alt.certification.cisco,alt.certification.mcse,alt.certification.network-plus,alt.os.linux
Subject: Re: 6 certifications in 30 Days and 15+ College Credits!!!
Date: Fri, 26 May 2000 18:17:38 GMT
Reply-To: abuse@[127.0.0.1], see signature@[127.0.0.1]
Since they are providing people to do the "students" cooking, laundry,
and their cleaning, I wonder if they also provide professional test
takers to take their tests for them as well.
Does this "real-world" lab environment also have simulated "dumb
end-users", simulated unreasonable bosses, and simulated crackers to
break into the servers or use make use of the email server as a relay
point for spam? I'm just about curious how "real world" it is.
One other question: Who gets to fix the laptops when the "students"
inadvertently break them when fiddling around with fdisk? Is a *real*
desktop support person on hand to wipe their butts in that way too?
> "Harold S. Frydman" <[EMAIL PROTECTED]> wrote in message
>news:wTuX4.129$[EMAIL PROTECTED]...
> http://certcoach.homestead.com
>
> MCSE, MCP+I, CCNA, LPI (Linux Professional Institute), A+, Network+
> 15 College Credits from Regents University, a fully accredited program offered by
>the State University of New York.
>
> Hello...
>
> I'd like to introduce a new concept in Certification Boot Camps. CMAdmin, Inc. is
>proud to announce the Certified Master Administrator program. The CMA program has
>been designed for those who wish to get all, or most, of the IT Certifications
>quickly and with the most hands on experience.
>
> This program is not for everyone. But if you have the time to devote, we guarantee
>not only that you will pass all the exams, but that you will get the real-world
>experience that 30 HARDCORE days will provide.
>
> How can we accomplish this? By providing the highest level of service the industry
>has to offer. Our instructors are top of the line, our classes are limited to 10
>students with 3 Certified Instructors...that's 3 students per Instructor...noone even
>comes close. State-of-the-art Labs and classrooms, including Cisco Routers.
>
> All your needs are taken care of. From first class accomodations (your own villa
>with full kitchen, cable TV, quiet, Jacuzzi, Laptop for extra study. Full meals
>(customized meal plans available), transportation, laundry and maid service. In other
>words we leave nothing to chance. The only thing you have to worry about is learning,
>training, studying and passing the tests.
>
> For more info please email [EMAIL PROTECTED]
> or call (718) 544-2234.
>
> Thank you and good luck.
--Bernie
------------------------------
From: [EMAIL PROTECTED] (JEDIDIAH)
Crossposted-To: comp.lang.java.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: How Microsoft inhibits competition & innovation
Date: Fri, 26 May 2000 18:19:32 GMT
On Fri, 26 May 2000 17:58:28 GMT, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>Davorin Mestric <[EMAIL PROTECTED]> did eloquently scribble:
[deletia]
>> compare this to KDE or Gnome development, which is very unstable at this
>> point.
>
>These aren't operating systems though, are they? If they crash, they don't
>take the entire system down with 'em!
You can also AVOID them if you want to, either completely or to lesser
degrees. Both are relatively modular and don't seek to make themsevlves an
inseparable part of your system.
[deletia]
--
In what language does 'open' mean 'execute the evil contents of' |||
a document? --Les Mikesell / | \
Need sane PPP docs? Try penguin.lvcm.com.
------------------------------
From: Joshua Baker-LePain <[EMAIL PROTECTED]>
Subject: Re: SMP+3Com905B hangs
Date: 26 May 2000 18:23:48 GMT
Cezary Sobaniec <[EMAIL PROTECTED]> wrote:
> I have a 2xPII machine with 3C905B network card. I use SuSE 6.4
> with kernel 2.2.14. With SMP kernel it worked fine till I had
> started to transfer megabytes of data through the network.
> The computer then completely hangs. The same appears when I try
> to down the eth0 interface (ifconfig eth0 down). This computer
> works perfectly with SMP off.
What driver are you using? Some people have problems with the 3c59x
driver. You may want to try the 3c90x driver provided by 3Com.
--
Joshua Baker-LePain
Department of Biomedical Engineering
Duke University
------------------------------
From: fungus <[EMAIL PROTECTED]>
Crossposted-To:
comp.lang.java.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.ms-windows.advocacy
Subject: Re: How Microsoft inhibits competition & innovation
Date: Fri, 26 May 2000 18:34:17 GMT
[EMAIL PROTECTED] wrote:
>
> Davorin Mestric <[EMAIL PROTECTED]> did eloquently scribble:
> > your hate for microsoft makes you blind to the truth. windows api is
> > very stable since win95,
>
> Strange. Care to explain why IE4 caused 2 BSoDs in one evening
> this weekend whilst working on a friends machine? I've never SEEN
> a linux kernel panic YET, or even an oops.
>
> > compare this to KDE or Gnome development, which is very unstable at this
> > point.
>
> These aren't operating systems though, are they? If they crash,
> they don't take the entire system down with 'em!
This is something Windows people don't seem to have figured out
yet. Applications *can* be separated from the operating system,
and this is why I really believe Microsoft needs to be broken
up as soon as possible.
Until there's a solid black line line drawn between "operating
system" and "everything else" then real stability will never
be achieved.
My Windows NT setup usually needs rebooting a couple of times
a day. I develop software, my programs aren't neat and tidy
"finished" affairs, they crash and take the OS out with it.
I developed similar apps for five years on SGIU machines
and I dont' recall ever having to reboot because eg. the
the sound system went down (or whatever).
Now you're gonna blame the drivers, but this line of reasoning
is just a delusion. Drivers are just normal programs, they
don't need to be able to overwrite vital system memory or
whatever it is they do when they casue BSODs. I should be able
to kill/restart a driver when it crashes (just like I've been
doing for the last ten years on other operatign systems...)
without losing that big long ftp transfer or anything else
that's running in the background at the time.
--
<\___/>
/ O O \
\_____/ FTB.
------------------------------
From: [EMAIL PROTECTED] (Lincoln Yeoh)
Crossposted-To: comp.security.firewalls
Subject: Re: Using Linux/IPChains instead of commercial firewall
Date: Fri, 26 May 2000 18:35:51 GMT
Reply-To: [EMAIL PROTECTED]
On Fri, 26 May 2000 10:14:18 +0100, "Jim Turnbull"
<[EMAIL PROTECTED]> wrote:
>We are considering using Linux/IPChains for servers that need to be accessed
>from the Internet. We need to have something that will do some kind of
>stateful inspection and also be an application proxy. Is there any reason
>that we shouldn't rely on Linux (we have someone who can configure this
>pretty well)?
>Also, why, if Linux is that good, are products like Checkpoint Firewall-1
>selling so well, and available for Linux as well?
I am trying to set up a firewall which uses ipchains (plus app proxying).
I found ipchains to be very primitive and rather inconvenient to configure
for my purposes.
I had to have custom input rules for each of my interfaces- to block
strange stuff like source = 127.0.0.1, 0.0.0.0, 255.0.0.0, 224.0.0.0, etc,
and to control direct access to my firewall interface addresses.
I also had to have custom forward rules for each interface to interface
pair, PER direction! (This was because I had to control access to other
hosts as well, and I also required NAT.)
e.g. 6 chains!
eth0->eth1
eth1->eth0
eth0->eth2
eth2->eth0
eth1->eth2
eth2->eth1
Then I also had to have custom rules for output, this was just a minor
issue.
So for each host and port you want to allow you may find you have to
configure FOUR separate chains. e.g
input to eth0 interface
eth0->eth1
input to eth1 interface
eth1->eth0
You can simplify things slightly by passing through certain stuff
automatically, but this is still very yucky.
I am also currently having difficult getting "ipmasqadm portfw" to work-
I'm trying to redirect a TCP port on my eth0:1 to a host:port in eth1.
And what I found annoying was when I telnet to my eth0, Linux uses lo as
the source address. This was counter intuitive to me, I expected it to use
eth0.
And for some reason it still doesn't seem to be directed- this may be an
error of mine tho. I was assuming eth0:1 will be lumped together with
"--interface eth0" by ipchains. I will try to confirm if eth0:1 is actually
different from eth0.
If you want to pass ftp through to a DMZ server it's not going to be nice
going.
The only place where there's any inkling of automatic statefulness is for
NAT'ed packets. For no NAT packet filtering, there's no stateful stuff.
I wish that it could be as easy as
external=eth0
internal=eth1
internal=eth2
permit tcp connections from all_external:anyport to webserver:80
(and it will automatically allow replying ports)
permit ftp connections from everyone:anyport to ftpserver:21
(and it will automatically handle PORT style stuff).
IPfilter looks promising but it doesn't run on Linux 2.2 kernels. I suppose
I could switch to FreeBSD/OpenBSD (ipfilter built in), but then there are
other issues - not sure about hardware compatibility etc- colleague had
problems installing FreeBSD :(.
Well I guess I'll just put up with this mess till ipfilter arrives on a
release level Linux kernel.
Of course I must say that some commercial firewalls are just as crappy if
not more so. But I've seen some decent ones.
Cheerio,
Link.
****************************
Reply to: @Spam to
lyeoh at @[EMAIL PROTECTED]
pop.jaring.my @
*******************************
------------------------------
From: [EMAIL PROTECTED] (Jan Knutar)
Crossposted-To:
comp.os.linux,comp.os.linux.development,comp.os.linux.development.apps,comp.os.linux.development.system,comp.os.linux.setup,comp.os.linux.advocacy
Subject: Re: Need ideas for university funded project for linux
Date: Thu, 25 May 2000 12:52:48 GMT
On Sun, 21 May 2000 16:42:48 -0700, "Jack Kessler" <[EMAIL PROTECTED]>
wrote:
>to buy full hardware modems which are more expensive, harder to set up and
>are becoming harder to find.
Eh? Harder to setup?
When I installed my modem in win, I needed a bunch of driver diskettes to
get it to work.
I can't even remember installing the modem in Linux, all I can remember was
that I entered the phonenumber to my ISP, my name, password and the DNS
servers, and it worked. I think I saw a box saying something like "serching
for modem" the first time I ran it, but I'm not sure.
--
JK <[EMAIL PROTECTED]>
-
Any attempt to stretch fuel is guaranteed to increase headwind.
------------------------------
From: [EMAIL PROTECTED] (Jan Knutar)
Crossposted-To:
comp.os.linux,comp.os.linux.development,comp.os.linux.development.apps,comp.os.linux.development.system
Subject: Re: Need ideas for university funded project for linux
Date: Thu, 25 May 2000 12:47:57 GMT
On Tue, 23 May 2000 10:21:52 -0400, Someone <[EMAIL PROTECTED]> wrote:
>use it for? Why don't any of the free ISPs support Linux? That would be
Could anyone please define 'free ISP' ??
--
JK <[EMAIL PROTECTED]>
-
Any attempt to stretch fuel is guaranteed to increase headwind.
------------------------------
From: "Harold S. Frydman" <[EMAIL PROTECTED]>
Crossposted-To:
alt.certification.cisco,alt.certification.mcse,alt.certification.network-plus,alt.os.linux
Subject: Re: 6 certifications in 30 Days and 15+ College Credits!!!
Date: Fri, 26 May 2000 18:59:11 GMT
Don't let people fool you. THIS is NOT brain surgery. There are lots of
people out there that will tell you all that counts is Real-World
experience...and they wouldn't be wrong...but they wouldn't be 100% right
either.
Doctors spend years learning the basics before they are allowed to practice
medicine. Lawyers must have years of education before they're allowed to
practice law. Why should the IT profession be any different?
Nobody is saying that certification is the end...in fact, think about it as
premed or prelaw...the more you know the better you'll do in a real word
environment later. The CMA course is a great BEGINNING....what you do with
it afterward is everyone's personal choice. As an experienced admin for many
years I'd have to say I'd rather someone with no experience AND
certification, rather than no experience and no education.
Bernie <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
> Since they are providing people to do the "students" cooking, laundry,
> and their cleaning, I wonder if they also provide professional test
> takers to take their tests for them as well.
>
> Does this "real-world" lab environment also have simulated "dumb
> end-users", simulated unreasonable bosses, and simulated crackers to
> break into the servers or use make use of the email server as a relay
> point for spam? I'm just about curious how "real world" it is.
>
> One other question: Who gets to fix the laptops when the "students"
> inadvertently break them when fiddling around with fdisk? Is a *real*
> desktop support person on hand to wipe their butts in that way too?
>
> > "Harold S. Frydman" <[EMAIL PROTECTED]> wrote in message
news:wTuX4.129$[EMAIL PROTECTED]...
> > http://certcoach.homestead.com
> >
> > MCSE, MCP+I, CCNA, LPI (Linux Professional Institute), A+, Network+
> > 15 College Credits from Regents University, a fully accredited program
offered by the State University of New York.
> >
> > Hello...
> >
> > I'd like to introduce a new concept in Certification Boot Camps.
CMAdmin, Inc. is proud to announce the Certified Master Administrator
program. The CMA program has been designed for those who wish to get all, or
most, of the IT Certifications quickly and with the most hands on
experience.
> >
> > This program is not for everyone. But if you have the time to devote,
we guarantee not only that you will pass all the exams, but that you will
get the real-world experience that 30 HARDCORE days will provide.
> >
> > How can we accomplish this? By providing the highest level of service
the industry has to offer. Our instructors are top of the line, our classes
are limited to 10 students with 3 Certified Instructors...that's 3 students
per Instructor...noone even comes close. State-of-the-art Labs and
classrooms, including Cisco Routers.
> >
> > All your needs are taken care of. From first class accomodations (your
own villa with full kitchen, cable TV, quiet, Jacuzzi, Laptop for extra
study. Full meals (customized meal plans available), transportation, laundry
and maid service. In other words we leave nothing to chance. The only thing
you have to worry about is learning, training, studying and passing the
tests.
> >
> > For more info please email [EMAIL PROTECTED]
> > or call (718) 544-2234.
> >
> > Thank you and good luck.
>
>
> --Bernie
------------------------------
From: [EMAIL PROTECTED] (JEDIDIAH)
Crossposted-To:
comp.os.linux,comp.os.linux.development,comp.os.linux.development.apps,comp.os.linux.development.system,comp.os.linux.setup,comp.os.linux.advocacy
Subject: Re: Need ideas for university funded project for linux
Date: Fri, 26 May 2000 19:08:50 GMT
On Thu, 25 May 2000 12:52:48 GMT, Jan Knutar <[EMAIL PROTECTED]> wrote:
>On Sun, 21 May 2000 16:42:48 -0700, "Jack Kessler" <[EMAIL PROTECTED]>
>wrote:
>
>
>>to buy full hardware modems which are more expensive, harder to set up and
>>are becoming harder to find.
>
>Eh? Harder to setup?
Quite. My Phoebe hardware ISA modem came with very reasonable
defaults: no-pnp, com2. In this configuration I was able to slap it in
and use it immediately.
>
>When I installed my modem in win, I needed a bunch of driver diskettes to
>get it to work.
>
>I can't even remember installing the modem in Linux, all I can remember was
>that I entered the phonenumber to my ISP, my name, password and the DNS
>servers, and it worked. I think I saw a box saying something like "serching
>for modem" the first time I ran it, but I'm not sure.
One should never need to 'install' a modem. A real modem is as
simple as a device gets when it comes to compatibility.
(com2+ XT legacy gibberish notwithstanding of course)
--
In what language does 'open' mean 'execute the evil contents of' |||
a document? --Les Mikesell / | \
Need sane PPP docs? Try penguin.lvcm.com.
------------------------------
From: U.V. Ravindra <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.alpha
Subject: sprintf bug?
Date: Fri, 26 May 2000 19:04:24 GMT
I'm using SuSE 6.3 (Kernel 2.2.13 glibc 2.1.2) on an Alpha EV67.
Here's what I'm trying to do
char buffr[4096+1]
...
...
printf("before %s\n", buffr);
sprintf(buffr, "0, 0, 0, ");
printf("after %s\n", buffr);
And I see the output:
before dwki_nr_ibind(100, fname_var, 0,
after 0, 0, 0,i
This is clearly wrong - the 'i' at the end of the 'after'
output is extraneous. I find that the call to sprintf
puts junk characters at the end of the string. The problem
is random (in the sense that not all calls to sprintf
put junk characters in buffr), but consistent (in the sense
that it is the SAME sprintf call/s that exhibit this
erroneous behavior).
Anyone aware of a problem with glibc 2.1.2's sprintf?
Advance thanks for all answers.
UVR.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: tt@me
Subject: Re: How to tell which linux I'm in
Date: 26 May 2000 11:20:24 -0700
In article <[EMAIL PROTECTED]>, * says...
>
>Sorry, I mean whether it is debian/slackware, RH 6.0 or RH 6.1... that
>sort of things
you can't. you just have to guess sometimes. hey, this is linux afterall.
------------------------------
From: Andreas Kahari <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.alpha
Subject: Re: sprintf bug?
Date: Fri, 26 May 2000 19:18:25 GMT
In article <8gmhrd$jqj$[EMAIL PROTECTED]>,
U.V. Ravindra <[EMAIL PROTECTED]> wrote:
>
>
> I'm using SuSE 6.3 (Kernel 2.2.13 glibc 2.1.2) on an Alpha EV67.
> Here's what I'm trying to do
>
> char buffr[4096+1]
>
> ...
> ...
> printf("before %s\n", buffr);
> sprintf(buffr, "0, 0, 0, ");
> printf("after %s\n", buffr);
>
> And I see the output:
>
> before dwki_nr_ibind(100, fname_var, 0,
> after 0, 0, 0,i
>
>
I don't have access to a Linux box right now and I can't reproduce your
result on my Solaris box.
It seems to me that you're only using 'sprintf' to copy a string into an
array of characters. Why don't you use 'strcpy', 'memcpy', or a simple
loop instead?
But I agree, it looks strange... The 'i' should have been '\0' (or
"<space>\0").
/A
--
# Andreas K�h�ri, <URL:http://hello.to/andkaha/>.
# All junk e-mail is reported to the
# appropriate authorities, no exceptions.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Salvador Peralta <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.advocacy
Subject: Re: democracy?
Date: Fri, 26 May 2000 12:37:31 -0700
Reply-To: [EMAIL PROTECTED]
Federal judges are not elected. They are nominated by the executive
branch and that nomination is ratified by the legislature. The reason
that legal issues are resolved by the judiciary is exactly as you say:
Judges are appointed, and therefore are thought to be insulated from
"pandering to the mob" in a way that elected officials are not.
But to put francis' question "democracy?" into the proper perspective,
let's remember that the United States is not now, nor has it ever been a
democracy. The United States is a federal republic. By isolating
political power between 3 branches in the federal government, and again
at lower levels (state, county, municipal, etc.), the founders believed
that they were protecting individuals as well as the political and legal
system from the "violence of faction" (federalist 10, 41) and other
excesses associated with direct democracy.
Greg Yantz wrote:
> Because for a representative system to actually *function*, once an
> official (either elected or appointed) is in position, within certain
> bounds of accountability they should be free to do as they think best.
> It's a bit of a trade-off.
>
> Anything else, particularly elected officials basing their "leadership"
> on daily opinion polls, tends to resemble pandering to the mob.
> (Circus & dole, anyone?)
--
Salvador Peralta
[EMAIL PROTECTED]
http://www.la-online.com
------------------------------
From: Nick Bernstein <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux,comp.os.linux.admin
Subject: Re: CAUTION: I am under attack from an incompetent hacker probably in
Date: Fri, 26 May 2000 15:38:21 -0400
==============099F02D21EC6BE3372C0E6FB
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Tiger is very good, I defiantly agree with that, but you might want to install
something like tripwire (there's abetter program, but I forget the name) tcpwrappers,
and as Peter said, remove all unnecessary services. Also, make sure you are patched up
to the current releases of whatever OS/apps you are running.
'Luck
Nick
Peter Karlsson wrote:
> In article <newscache$k604vf$7u$[EMAIL PROTECTED]>,
> "Ez-Aton" <[EMAIL PROTECTED]> writes:
> >
> > Jeff Silverman <[EMAIL PROTECTED]> wrote in message
> > news:8gg4e4$rsa$[EMAIL PROTECTED]...
> >> Hi.
> >>
> >> Somebody tried to send my /etc/passwd and /etc/shadow files from my server
> > to their account in
> >> germany. I am not sure how they did that part, but they did. However, my
> > hacker is incompetent and
> >> he botched his own e-mail address. Imagine my surprise and astonishment
> > when I got my own files in
> >> the mail! I looked in the maillog and I can see where the messages went
> > out. I checked wtmp -
> >> found nothing there, and nothing noteworthy in /var/log/*, either. The
> > Email address the guy used
> >> is [EMAIL PROTECTED] if that means anything to anybody. I think
> >> he's in germany because the remote mail daemon said:
> >>
> >> >>> RCPT To:<[EMAIL PROTECTED]>
> >> <<< 550 <kx2246>... User unknown or not available - Empfaenger unbekannt
> > oder
> >> nicht erreichbar
> >> 550 [EMAIL PROTECTED] User unknown
> >>
> >> [ Part 2: "Delivery Status" ]
> >>
> >> Reporting-MTA: dns; angel.commercialventvac.com
> >> Arrival-Date: Mon, 22 May 2000 19:24:07 -0700
> >>
> >> Final-Recipient: RFC822; [EMAIL PROTECTED]
> >> Action: failed
> >> Status: 5.1.1
> >> Remote-MTA: DNS; mx0.gmx.net
> >> Diagnostic-Code: SMTP; 550 <kx2246>... User unknown or not available -
> >> Empfaenger unbekannt oder nicht erreichbar
> >>
> >>
> >>
> >> Anyway, I am battening down my hatches, again. Fortunately, my users have
> > picked strong passwords,
> >> such as 2sday and blue=danube, so using crack or satan probably won't buy
>
> Ok, so now noone can use those... :)
>
> > this person anything, and
> >> I am going to personally change those passwords, just in case. Blech!
> >>
> >> I thought you might want a "heads up" warning.
>
> If your box/es has been compromised in any way you should wipe them clean, reformat
>(twice some people say and from a technical point it may be necessary haven't checked
>though) and reinstall from backups you know for certain aren't tampered with. Of
>course I assume you've taken all compromised boxes offline.
>
> Tiger? WHERE, WHERE?
>
> Best regards
>
> Peter K
--
Nicholas Bernstein, Systems & Network Engineer, BELENOS Inc.
[EMAIL PROTECTED]
www.belenosinc.com
"21st Century Architects" - Belenos designs and builds next generation
voice and data networks for emerging service providers.
==============099F02D21EC6BE3372C0E6FB
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
Tiger is very good, I defiantly agree with that, but you might want to
install something like tripwire (there's abetter program, but I forget
the name) tcpwrappers, and as Peter said, remove all unnecessary services.
Also, make sure you are patched up to the current releases of whatever
OS/apps you are running.
<br>'Luck
<br>Nick
<p>Peter Karlsson wrote:
<blockquote TYPE=CITE>In article <newscache$k604vf$7u$[EMAIL PROTECTED]>,
<br> "Ez-Aton" <[EMAIL PROTECTED]>
writes:
<br>>
<br>> Jeff Silverman <[EMAIL PROTECTED]> wrote in message
<br>> <a href="news:8gg4e4$rsa$[EMAIL PROTECTED]">news:8gg4e4$rsa$[EMAIL PROTECTED]</a>...
<br>>> Hi.
<br>>>
<br>>> Somebody tried to send my /etc/passwd and /etc/shadow files from
my server
<br>> to their account in
<br>>> germany. I am not sure how they did that part, but they did.
However, my
<br>> hacker is incompetent and
<br>>> he botched his own e-mail address. Imagine my surprise and
astonishment
<br>> when I got my own files in
<br>>> the mail! I looked in the maillog and I can see where the
messages went
<br>> out. I checked wtmp -
<br>>> found nothing there, and nothing noteworthy in /var/log/*, either.
The
<br>> Email address the guy used
<br>>> is [EMAIL PROTECTED] if that means anything to anybody. I think
<br>>> he's in germany because the remote mail daemon said:
<br>>>
<br>>> >>> RCPT To:<[EMAIL PROTECTED]>
<br>>> <<< 550 <kx2246>... User unknown or not available -
Empfaenger unbekannt
<br>> oder
<br>>> nicht erreichbar
<br>>> 550 [EMAIL PROTECTED] User unknown
<br>>>
<br>>> [ Part 2: "Delivery Status" ]
<br>>>
<br>>> Reporting-MTA: dns; angel.commercialventvac.com
<br>>> Arrival-Date: Mon, 22 May 2000 19:24:07 -0700
<br>>>
<br>>> Final-Recipient: RFC822; [EMAIL PROTECTED]
<br>>> Action: failed
<br>>> Status: 5.1.1
<br>>> Remote-MTA: DNS; mx0.gmx.net
<br>>> Diagnostic-Code: SMTP; 550 <kx2246>... User unknown or not available
-
<br>>> Empfaenger unbekannt oder nicht erreichbar
<br>>>
<br>>>
<br>>>
<br>>> Anyway, I am battening down my hatches, again. Fortunately,
my users have
<br>> picked strong passwords,
<br>>> such as 2sday and blue=danube, so using crack or satan probably
won't buy
<p>Ok, so now noone can use those... :)
<p>> this person anything, and
<br>>> I am going to personally change those passwords, just in case.
Blech!
<br>>>
<br>>> I thought you might want a "heads up" warning.
<p>If your box/es has been compromised in any way you should wipe them
clean, reformat (twice some people say and from a technical point it may
be necessary haven't checked though) and reinstall from backups you know
for certain aren't tampered with. Of course I assume you've taken all compromised
boxes offline.
<p>Tiger? WHERE, WHERE?
<p>Best regards
<p>Peter K</blockquote>
<p><br>--
<br><b><tt><font size=-1>Nicholas Bernstein, Systems & Network Engineer,
BELENOS Inc.</font></tt></b>
<br><b><tt><font size=-1>[EMAIL PROTECTED]</font></tt></b>
<br><b><tt><font size=-1>www.belenosinc.com</font></tt></b>
<p><b><tt><font size=-1>"21st Century Architects" - Belenos designs and
builds next generation</font></tt></b>
<br><b><tt><font size=-1>voice and data networks for emerging service
providers.</font></tt></b>
<br>
<br> </html>
==============099F02D21EC6BE3372C0E6FB==
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.misc) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Misc Digest
******************************
