Linux-Misc Digest #859, Volume #25 Sun, 24 Sep 00 17:13:04 EDT
Contents:
Re: been hacked... have a question (Robert Kiesling)
Re: Other Filesystems access ? (Markus Kossmann)
Re: get user ID from user name (Chris J/#6)
Belkin UPS model F6C525-SER & Linux (David Steuber)
Re: elm use ([EMAIL PROTECTED])
Re: Linux file burned onto CDR from Win98 machine ("Paul")
Re: mouse not working in Corel Linux (Nav)
SiS 6215C Graphics Card (Karl Payer)
grep question ([EMAIL PROTECTED])
Re: grep question (Robert Kiesling)
Re: How is initrd used in lilo.conf stanzas and what's it's purpose? (Robert Heller)
Re: Win98+Linux+FreeBSD all on boot drive? ("Jason Byrne")
Re: grep question (Vilmos Soti)
Re: grep question (Vilmos Soti)
XFree 4.0 with S3 Virge: can't go back to console (Wouter Verheijen)
Re: Screen savers not working! (Andrew Purugganan)
Re: autologin (Andrew Purugganan)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Robert Kiesling)
Subject: Re: been hacked... have a question
Reply-To: [EMAIL PROTECTED]
Date: 24 Sep 2000 13:16:18 -0400
> JDoe wrote:
> >
> > I guess a better question would be how to prevent this from happening
> > again.
>
> The first question is did it happen at all? He does not seem to be
> quite
> sure someone cracked his system. He has reported nothing certain.
If possible, you can tail -f /var/log/syslog or tail -f /var/log/messages
and try to watch an unauthorize login in progress, which happened to
me about a week ago. Someone tried to telnet in to my dynamically
assigned IP address. But my telnetd login message is pretty scary,
since I'm doing development work on it. Then I was able to traceroute
to the client machine... seemed a random occurance in my case.
If your REALLY ambitions, it would be possible to write a script
that would notify the admin when an untrusted IP address appeared
in the system logs.
> > Coz if someone can spoof a trusted IP, then what can we do?
You'd be dependent on your ISP, probably, if they use dynamic
IP addresses or DHCP.
> If you 'trust' any IP outside your own subnet, you better do it VERY
> carefully. You can never 'trust' an IP outside your own subnet unless
> you have access to that network's servers. DNS is getting better. It
> still has a ways to go before we can trust the domain service
> completely.
>
> One of the most important things you can do is ensure that DNS is set up
> properly with ACL's in the /etc/named.conf file. That task is
> non-trivial.
> I have been working with it for a while and I still don't understand all
> the nuances... probably never will.
I think it would be better to use an external DNS, unless you really
needed it, because most ISP can devote more resources to security. On
a small LAN, like mine, local addresses listed in /etc/hosts is
sufficient.
I don't even pretend to understand BIND configuration. But there
are surely plenty of security procedures that I'm not cognizant of.
DNS is complicated enough that I don't mind leaving it for the
ISP's people who get paid for configuring that sort of equipment,
anyway.
> > Deny all
> > access even to those we want to grant access to?
Setting PARANOID in /etc/hosts.deny is a good starting point, and then,
as you say below, adding services as you need them.
> There are other ways to transfer files. Even so, if the fellow who
> connected to this guy's FTP server actually logged in then he had a
> password. My bet is the victim is running anonymous ftp as most
> distro's
> come with that set up these days.
>
> >
> > Me being a practical newbie at server administration, some insight
> > into this would be greatly appreciated.
>
> Practical advice? Don't play. If you want to secure a system, the most
> important thing you can do is read and re-read /usr/doc/HOWTO. When you
> first bring up a box (as a newbie) ensure that there are NO services
> running. Then with the HOWTO in hand, check the configuration of each
> service as you bring it up. When you are sure that you have followed
> the HOWTO as closely as possible, turn on the service. Never run a
> service you do not need. IDENT is fine for the other guy. You don't
> need
> it most of the time. Use your service providers sendmail and pop
> servers. Why open a hole in your box when you can let him open one
> in his. Unless you NEED ftp, turn it off. If you don't NEED DNS,
> don't run it. If you don't NEED it (whatever it is) turn it off and
> leave it alone till you understand it. If you don't know whether you
> need it or not, leave it off. If things work properly, you don't need
> it.
A distro should not provide anonymous FTP by default, I agree. Then,
it should be configured correctly, with its own directory space,
binaries, and libraries.
Most security is common sense. But I don't have a lot of the vulnerabilities
on my hosts that an average network server would have.
Good luck!
--
Robert Kiesling
Linux FAQ Maintainer
[EMAIL PROTECTED]
------------------------------
From: Markus Kossmann <[EMAIL PROTECTED]>
Subject: Re: Other Filesystems access ?
Date: Sun, 24 Sep 2000 17:09:57 +0200
Martin Racette wrote:
>
> Hi guys,
>
> I have re-installed Mandrake 7.1, and ever since I can't write on any
> HPFS, FAT16 or FAT32 partitions. I have heard that HPFS support is only
> for read-only, but the other type, I was able to read-write on them. So
> what did I do wrong ?
You did't set the right permissions, when you did mount the drives.
Since FAT doesn't know about permissions, the whole drive is mounted
with owner root and the default umask 022. So a normal user doesn't have
the permission to write to the FAT drive. To avoid that, use the uid=,
gid= and umask= mount options ( see "man mount").
You also want to use the "quiet" mount option to avoid nasty error
messages if a Linux program wants to change the permissions on a FAT
drive.
PS: If you want to have RW HPFS for kernel 2.2 or older checkout
http://artax.karlin.mff.cuni.cz/~mikulas/vyplody/hpfs/index-e.cgi
--
Markus Kossmann
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Chris J/#6)
Crossposted-To: alt.os.linux,comp.os.linux.networking
Subject: Re: get user ID from user name
Reply-To: [EMAIL PROTECTED]
Date: 24 Sep 2000 18:30:11 +0100
James Knott <[EMAIL PROTECTED]> wrote:
>That does not seem to work in Redhat 6.2. According to "man id",
>there is no -u option.
>
Don't trust the man pages ... try it yourself. Remember, for some reason I've
yet to fathom out, GNU thinks man pages are defunct, hence the disclaimer at
the top of many man pages that reads:
This documentation is no longer being maintained and may
be inaccurate or incomplete. The Texinfo documentation is
now the authoritative source.
Why they can't use man pages, I don't know...*but* they do and that's that. I
don't won't a start a war of words over this one.
Chris...
--
@}-,'-------------------------------------------------- Chris Johnson --'-{@
/ "If not for me then, do it for yourself. / [EMAIL PROTECTED] \
/ If not for me, then do it for the world" / www.nccnet.co.uk/~sixie \
/ -- Stevie Nicks / \
------------------------------
Crossposted-To: comp.os.linux.admin,comp.os.linux.hardware,comp.os.linux.setup
Subject: Belkin UPS model F6C525-SER & Linux
From: David Steuber <[EMAIL PROTECTED]>
Date: Sun, 24 Sep 2000 17:56:08 GMT
Has anyone gotten this UPS to function properly under Linux? That is,
can it shutdown and restart the computer using powerd?
I'm reading the UPS-HOWTO now. However, a quick answer as to whether
this thing uses a proprietary serial protocol (RS-232 cable) or
something that Linux can understand would be very much appreciated.
Thank you.
--
David Steuber | Perl apprentice, Apache/mod_perl user, and
NRA Member | general Internet web wannabe.
ICQ# 91465842 (Using Micq 0.4.6 under Linux)
It's time to be free: http://www.harrybrowne2000.org
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: elm use
Date: Sun, 24 Sep 2000 19:04:57 +0100
bfxsn <[EMAIL PROTECTED]> did eloquently scribble:
> anyone have a clue how to get elm to send a message using
> the ISP domain name instead of localhost.localdomain?
That's not elms job, that's sendmails.
Can't remember which file needs editing though.
Probably sendmail.cf (via /etc/mail/<something>.mc and "compiled" with m4)
--
=============================================================================
| [EMAIL PROTECTED] | Windows95 (noun): 32 bit extensions and a |
| | graphical shell for a 16 bit patch to an 8 bit |
|Andrew Halliwell BSc(hons)| operating system originally coded for a 4 bit |
| in |microprocessor, written by a 2 bit company, that|
| Computer Science | can't stand 1 bit of competition. |
=============================================================================
------------------------------
From: "Paul" <[EMAIL PROTECTED]>
Crossposted-To: alt.comp.periphs.cdr,linux.redhat,staroffice.com.support.install.linux
Subject: Re: Linux file burned onto CDR from Win98 machine
Date: Sun, 24 Sep 2000 11:46:06 -0700
<[EMAIL PROTECTED]> wrote in message news:8ql6hb$q1q$[EMAIL PROTECTED]...
> I have a question concerning Linux files burned onto a CDR from a
> Windows 98 machine.
>
> Will a Redhat Linux 6.2 machine be able to read this CD which has the
> StarOffice installation file? Will there be translation problems
> because it was moved from various Windows machine before going to a
> Linux machine?
My guess is that you will have no problem. I have done the same thing you
have done here, only using floppy disk, and it worked fine. The media you
choose shouldn't make a difference. Please post your results, would be
interested to see how it worked.
Paul
------------------------------
From: [EMAIL PROTECTED] (Nav)
Subject: Re: mouse not working in Corel Linux
Date: Sun, 24 Sep 2000 18:46:38 GMT
On Sat, 23 Sep 2000 23:00:42 +0530, Sajith <[EMAIL PROTECTED]> wrote:
>
>The mouse is connected through serial port and i tried to use in X.
I had a problem with Corel not using the mouse when it was set at COM2,
Corel expects it to use COM1 for some reason. Try opening
/etc/X11/XF86Config and look at the "Pointer" section to see what it
says after "Device". Set it to /dev/ttyS1 or /dev/ttyS0 and see if
any of those work. You will have to restart X though.
Alternatively, you can create a symbolic link named /dev/mouse to
/dev/ttyS1 (or ttyS0 if your mouse is on COM1), which is what I did but
Corel kept deleting the link on startup, bloody annoying. Debian
seems much nicer.
Nave Goren
[EMAIL PROTECTED]
------------------------------
From: Karl Payer <[EMAIL PROTECTED]>
Subject: SiS 6215C Graphics Card
Date: Sun, 24 Sep 2000 21:05:21 +0200
Hi,
Is there anybody who can tell me where I could get a driver for my
SiS 6215C graphics card?
I'm running SuSE 6.3. Looking to the README.SiS (v 3.5.2.10 1999/06/25)
I found some SiS drivers but the SiS 6215C is not mentioned.
Appreciating your help,
Karl
------------------------------
From: [EMAIL PROTECTED]
Subject: grep question
Date: 24 Sep 2000 19:21:15 GMT
I'm trying to get a hang of grep, and I don't understand something.
If you'll entertain me, go through the following steps. Make a
file with two phone numbers, so that
> cat phonelist
(416) 555-1111
(905) 555 2222
The missing hyphen is intentional. Now consider the following three
calls using grep
> grep '[0-9]\{3\}[-]\?[0-9]' phonelist
> grep '[0-9]\{3\}[-]\?[0-9]\{4\}' phonelist
> grep '[0-9]\{3\}[ -]\?[0-9]\{4\}' phonelist
The first and third calls give both lines, whereas the
second one only gives the hyphenated number. Why would
the first get both, but the second not? Thanks
------------------------------
From: [EMAIL PROTECTED] (Robert Kiesling)
Subject: Re: grep question
Reply-To: [EMAIL PROTECTED]
Date: 24 Sep 2000 15:40:48 -0400
In article <8qlk7b$fbr$[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]> wrote:
>I'm trying to get a hang of grep, and I don't understand something.
>If you'll entertain me, go through the following steps. Make a
>file with two phone numbers, so that
>> cat phonelist
>(416) 555-1111
>(905) 555 2222
>
>The missing hyphen is intentional. Now consider the following three
>calls using grep
>> grep '[0-9]\{3\}[-]\?[0-9]' phonelist
>> grep '[0-9]\{3\}[-]\?[0-9]\{4\}' phonelist
>> grep '[0-9]\{3\}[ -]\?[0-9]\{4\}' phonelist
>
>The first and third calls give both lines, whereas the
>second one only gives the hyphenated number. Why would
>the first get both, but the second not? Thanks
Because the first expression in either line is matching the area code,
but not the first three digits of the phone no. The \? makes matching
the hyphen optional. The second grep requires that a group of four
digits follow a group of three digits... if my memory of grep
expressions is correct.
Robert
--
10.25. Are the Kobolds Good To Eat?
--
Robert Kiesling
Linux FAQ Maintainer
[EMAIL PROTECTED]
------------------------------
From: Robert Heller <[EMAIL PROTECTED]>
Subject: Re: How is initrd used in lilo.conf stanzas and what's it's purpose?
Date: Sun, 24 Sep 2000 19:51:51 -0000
mike <[EMAIL PROTECTED]>,
In a message on Sun, 24 Sep 2000 14:45:47 GMT, wrote :
m> Hi,
m> I see the following stanza in the lilo.conf file:
m>
m> initrd=/boot/initrd-2.0.34-0.6.img
m>
m> What is the meaning / significance in this line?
initrd == Initial RamDisk.
The system needs to load driver modules in order to mount the
real root file system. This is the most common case and is in fact the
standard thing that 'modern' distros do for SCSI-based systems.
Generally, a initial ramdisk is used when the kernel needs some
sort of 'disk' *before* it gets to the real hard disk (if any). There
are several cases:
This is a rescue boot disk -- this would be for a boot floppy.
The ramdisk contains the drivers and utilities needed to repair a broken
hard drive file system.
This is for a diskless system and the ramdisk disk IS the system
(root) file system.
m>
m> I have seen multiboot lilo.conf files where there is
m> only one stanza like this in the whole file. Not one
m> for each distribution stanza that one wants to multiboot.
This can be normal. Some distributions have kernels with the SCSI
driver built in. Some distributions create an initial ramdisk, even if
one is not needed and others create the initial ramdisk conditionally.
m>
m> Should there be an initrd statement for each distribution?
Depends on the distribution and the system.
m>
m> Is it optional?
It can be. *Some* people re-build the kernel and 'compile in' the SCSI
driver(s) -- this saves a small amount of boot time at the expense of a
larger kernel. When this is done, the initial ramdisk is not needed.
m>
m> Where does the initrd.img come from?
See 'man mkinitrd'
m>
m>
m>
m> Thanks
m>
m> Mike
m>
m>
--
\/
Robert Heller ||InterNet: [EMAIL PROTECTED]
http://vis-www.cs.umass.edu/~heller || [EMAIL PROTECTED]
http://www.deepsoft.com /\FidoNet: 1:321/153
------------------------------
From: "Jason Byrne" <[EMAIL PROTECTED]>
Crossposted-To: comp.unix.bsd.freebsd.misc
Subject: Re: Win98+Linux+FreeBSD all on boot drive?
Date: Sun, 24 Sep 2000 12:57:52 -0700
> Just wondering if anyone succeeded in putting Win98+Linux+FreeBSD all on
> one very large boot (27GB) drive? Booting to Linux anywhere on the drive
> is no problem using a small /boot partition first, then Win98. My first
> attempt at putting FreeBSD 4.0 after Linux taught me that FreeBSD will not
> boot beyond the 1024 cyl limit.
>
> Ok, so I dropped the FAT32 partition to under 8GB followed by the bsd
> slice with / ending < cyl 1024 and FreeBSD was able to boot. As an
> experiment I then tried creating an extended partition with a FAT32
> logical and it overlapped and wiped out FreeBSD. The Linux+FreeBSD
> mini-HOWTO said Linux install kernels don't usually have UFS support, and
> would probably do the same thing, So I bought another drive for FreeBSD
> and backup. But I still wonder if this would have been possible?
>
> I may still try Win98+Linux+FreeBSD on my laptop, since it would be easy
> to keep / below cyl 1024, even near the end of a 1099 cyl drive.
> Although, fdisk UFS support in RH 6.1 seems unable to read disklabels of
> slices that run beyond the 1024 cyl boundary for some reason.
ok... time to correct myself ;-) sorry for the statement about /boot for
FreeBSD - not appropriate... but the theory is about the same for the setup.
I'm just going to stick to Linux style device names here - since the
relevant part for FreeBSD is that it gets the third slice/primary partition
on the drive.
/dev/hda1 => Win98 system partition
/dev/hda2 => small Linux /boot partition
/dev/hda3 => FreeBSD slice containing all FreeBSD mounts - /, /usr, swap,
and more?
/dev/hda4 => container for extended partition with remainder of logical
drives for Linux, additional FAT32 space for Win98
so... all the boot information for all OS' is under 1024 cylinder limit,
etc...
now the order...
1) Win98 install
2) Linux setup (cfdisk, fdisk, etc...) just enough to create small boot
partition
3) FreeBSD install... complete. I guess you might be able to use booteasy,
but I'm going to use LILO to boot everything.
4) back to Linux install... create extended partition and logical drives for
Linux and additional FAT32 drive.
I'm using Slackware 7.1... and I noticed it doesn't quite manage /boot and
LILO correctly (or I didn't make it handle it?) - but I always make a boot
floppy and fix LILO later.
install LILO on Linux /boot partition (/dev/hda2) and make it active since I
want to use LILO to boot everything.
5) boot to Linux, fix LILO... move vmlinuz to /boot, and modify
/etc/lilo.conf accordingly, run 'lilo' to effect changes.
6) add FreeBSD and Windows to lilo configuration
other = /dev/hda1
table = /dev/hda
label = windows
other = /dev/hda3
table = /dev/hda
label = freebsd
run lilo to effect changes...
7) reboot and format FAT32 drive from Windows
8) grab a beer... that should be it ;-)
> David Efflandt [EMAIL PROTECTED] http://www.de-srv.com/
> http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
> http://hammer.prohosting.com/~cgi-wiz/ http://cgi-help.virtualave.net/
>
------------------------------
Subject: Re: grep question
From: Vilmos Soti <[EMAIL PROTECTED]>
Date: Sun, 24 Sep 2000 20:11:41 GMT
[EMAIL PROTECTED] writes:
>> cat phonelist
> (416) 555-1111
> (905) 555 2222
>
> The missing hyphen is intentional. Now consider the following three
> calls using grep
> > grep '[0-9]\{3\}[-]\?[0-9]' phonelist
> > grep '[0-9]\{3\}[-]\?[0-9]\{4\}' phonelist
> > grep '[0-9]\{3\}[ -]\?[0-9]\{4\}' phonelist
>
> The first and third calls give both lines, whereas the
> second one only gives the hyphenated number. Why would
> the first get both, but the second not? Thanks
Because the second would match '555-1111' and '5551111' but not '555 1111'.
The [-]\? matches 0 or 1 hyphen. Right after it, there should be
a number. Not a space. BTW you can rewrite the [-]\? as -\?
Vilmos
------------------------------
Subject: Re: grep question
From: Vilmos Soti <[EMAIL PROTECTED]>
Date: Sun, 24 Sep 2000 20:13:56 GMT
[EMAIL PROTECTED] (Robert Kiesling) writes:
>>> cat phonelist
>> (416) 555-1111
>> (905) 555 2222
>>
>> The missing hyphen is intentional. Now consider the following three
>> calls using grep
>>> grep '[0-9]\{3\}[-]\?[0-9]' phonelist
>>> grep '[0-9]\{3\}[-]\?[0-9]\{4\}' phonelist
>>> grep '[0-9]\{3\}[ -]\?[0-9]\{4\}' phonelist
>>
>
> Because the first expression in either line is matching the area code,
> but not the first three digits of the phone no. The \? makes matching
Regexp is recursive. If the area code is matched but the next token
is not, then this result is discarded, and regexp moves on matching
the pattern from the next char.
Vilmos
------------------------------
From: [EMAIL PROTECTED] (Wouter Verheijen)
Subject: XFree 4.0 with S3 Virge: can't go back to console
Date: 24 Sep 2000 20:17:34 GMT
Reply-To: [EMAIL PROTECTED]
I upgraded my XFree 3.3.6 (mandrake 7.0) with the 4.0-tarballs.
After some configuring, X starts up fine in 800x600 (though 60hz),
but when I want to go back to the console (either by pressing
Alt-Ctrl-F1 till F6 or just leaving X), my monitor switches off.
Even if I kill all tasks (telnet), it won't go on until I reboot.
Normally, when my monitor goes off, is when it cannot handle a certain
resolution or refresh-rate. But switching from graphic mode back to
text mode should go flawlessly...
--
Wouter Verheijen
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Andrew Purugganan)
Subject: Re: Screen savers not working!
Date: 24 Sep 2000 20:23:48 GMT
Brenda Lawrence ([EMAIL PROTECTED]) wrote:
[ Suddenly I noticed my screensavers weren't coming on after the specified
[ time. I can preview them, but after setting for 1 minute they still won't
[ work. Would someone please tell me what I can do, and please use terms I
[ as a new computer user will be able to understand.
[ I am using windows 98 and have a pentium 3 intell 667 mhg.
Is this a trick question ;-P
--
jazz
Registered linux user no. 164098 +--+--+--+ Litestep user no. 386
Doesn't it bother you, that we have to search for intelligent life
--- OUT THERE??
------------------------------
From: [EMAIL PROTECTED] (Andrew Purugganan)
Crossposted-To: comp.os.linux.redhat,comp.os.linux.questions
Subject: Re: autologin
Date: 24 Sep 2000 20:40:56 GMT
Tom Voltaggio ([EMAIL PROTECTED]) wrote:
[ I searched the usenet for a program or script to allow one
[ to automatically
[ login at boot time, either as root or a user, without user
[ input. My Linux
[ box is only used by myself and I use it as a gateway to my
[ internal small home
[ network. It has no other use. I've found some info, but
[ nothing that a beginning user can
[ use. Does anyone have any leads? I have Linux Redhat 6.1
[ using kernel 2.2.12-20.
small network, beginning user, eh?
search freshmeat.net
alogin is an example, see if it suits you
--
jazz
Registered linux user no. 164098 +--+--+--+ Litestep user no. 386
Doesn't it bother you, that we have to search for intelligent life
--- OUT THERE??
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.misc) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Misc Digest
******************************
