Linux-Misc Digest #860, Volume #25 Sun, 24 Sep 00 21:13:02 EDT
Contents:
Re: Problam with RealPlayer 5.0 (Douglas E. Mitton)
Re: been hacked...have a question (James J. Lippard)
Re: kernel recompile needed, but Mandrake has modified the source... (Bruce LaZerte)
Re: grep question ("J. D. Addison")
Warning can't open initial consol ([EMAIL PROTECTED])
Re: kernel recompile needed, but Mandrake has modified the source... (-ljl-)
BIND ACL Workarounds (was: Re: been hacked...have a question) (Grega Bremec)
Linux timezone??? ([EMAIL PROTECTED])
Re: can't mount drives (Dances With Crows)
Re: Downloaded files with * next to them?? (Dances With Crows)
SQUID - DIALUP ("Peter Woodall")
Re: Linux timezone??? (Christopher Browne)
Error on "make bzImage"... (MH)
Re: Downloaded files with * next to them?? (Robert Kiesling)
installation problem (Chris Tokar)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Douglas E. Mitton)
Subject: Re: Problam with RealPlayer 5.0
Reply-To: [EMAIL PROTECTED]
Date: Sun, 24 Sep 2000 21:10:11 GMT
I just upgraded to RealPlayer 7 today on a SlackWare system and all
works well. I had to change some of my configuration as they changed
the name of the executable BUT that was fairly minor.
E J <[EMAIL PROTECTED]> wrote:
>Me wrote:
>
>> Does anyone have any suggestions on getting Realplayer 5.0 to work with
>> RH6.1? I downloaded the RPM and installed it, but I keep getting
>> segmentation faults. (Upgrading to a newer version of Realplayer is not
>> an option, they won't run on my machine.)
>>
>
>Your option is not to run RealPlayer at all or degrade your Redhat to an
>ancient version.
>I remember going to the www.real.com site, and reading their explaination
>of why Realplayer 5.0 would not run on the
>latest linux. They recommend upgrading to the latest version. I have
>Realplayer 7.0 (not beta) and it works great.
>
>
>>
>> --
>> Please respond only in the newsgroup.
>>
>> If one studies too zealously, one easily loses his pants.
>> -- A. Einstein.
------------------------------------------------
Doug Mitton - Brockville, Ontario, Canada
'City of the Thousand Islands'
EMail: [EMAIL PROTECTED]
http://www.cybertap.com/dmitton
Other: mitton.dyndns.org
SPAM Reduction: Remove "x." from my domain.
------------------------------------------------
------------------------------
From: [EMAIL PROTECTED] (James J. Lippard)
Crossposted-To: comp.os.linux.admin,comp.os.linux.help,comp.os.linux.security
Subject: Re: been hacked...have a question
Date: 24 Sep 2000 21:25:33 GMT
Reply-To: [EMAIL PROTECTED]
In article <[EMAIL PROTECTED]>, JDoe wrote:
>I guess a better question would be how to prevent this from happening
>again.
>
>Coz if someone can spoof a trusted IP, then what can we do? Deny all
>access even to those we want to grant access to?
IP address is not a good foundation for access control. Use strong
crypto. IPsec, SSH, SSL/TLS.
And FTP should just go away. Better to use SSH/SCP/SFTP and HTTP.
>Me being a practical newbie at server administration, some insight
>into this would be greatly appreciated.
>
>Thanks
>
>
>On 23 Sep 2000 23:53:17 GMT, [EMAIL PROTECTED] (Bill Unruh) wrote:
>
>>In <[EMAIL PROTECTED]> me <[EMAIL PROTECTED]> writes:
>>
>>>someone recently connected to my ftp server and did something (i dont
>>>know what) to nuke me on irc. the thing is, he/she connected to my ftp
>>>server apparently using the IP address of someone else. the IP address
>>>in my log file belongs to someone i know...someone that i know didnt
>>>nuke me. how did the "nuker" fake the ip address?
>>
>>Easily. a) He broke into your friends machine, found your machine listed
>>there and then broke into yours. ( and fromyours into other people's).
>>b) He spoofed the address.-- easy to do.
>>
>>Take your machine offline. Backup all your stuff that you need to keep.
>>Wipe the / and /usr partitions.
>>Reinstall.
>>Install all of the security updates for your distro.
>>
>
--
Jim Lippard [EMAIL PROTECTED] http://www.discord.org/
Unsolicited bulk email charge: $500/message. Don't send me any.
PGP Fingerprint: 0C1F FE18 D311 1792 5EA8 43C8 7AD2 B485 DE75 841C
------------------------------
From: [EMAIL PROTECTED] (Bruce LaZerte)
Subject: Re: kernel recompile needed, but Mandrake has modified the source...
Date: Sun, 24 Sep 2000 21:19:08 GMT
On Sun, 24 Sep 2000 05:27:23, David_C <[EMAIL PROTECTED]> wrote:
> > Is there another linux distribution out there that only uses standard
> > kernels, equivalent to those found on ftp.kernel.org? Given the
> > monolithic linux kernel and the necessity to recompile it when
> > updating certain device drivers, this would be nice feature.
>
> Most other distributions do. Including RedHat and Slackware.
>
> I use RedHat. AFAIK, they don't change the kernel sources at all in
> their distribution.
Just looked in a RedHat book at the bookstore. Although a little out of
date, RH V6.0, it says there's about 40 patches on the official kernel.
Slackware's web site only talks about the AC (Alan ?) patch which is
considered semi-official (?)
=====================
Bruce LaZerte
Muskoka,Ontario,Canada
mail at fwr dot on dot ca
------------------------------
From: "J. D. Addison" <[EMAIL PROTECTED]>
Subject: Re: grep question
Date: Sun, 24 Sep 2000 22:45:19 +0100
The first grep expression is matching 1111
The second can only match 555-2222 because you are asking for either 7
digits in sequence or 3 digits a '-' and then 4 digits
The final expression matches 7 digits or 3 and 4 digits separated by
either a spce or a '-'
[EMAIL PROTECTED] wrote:
> I'm trying to get a hang of grep, and I don't understand something.
> If you'll entertain me, go through the following steps. Make a
> file with two phone numbers, so that
> > cat phonelist
> (416) 555-1111
> (905) 555 2222
>
> The missing hyphen is intentional. Now consider the following three
> calls using grep
> > grep '[0-9]\{3\}[-]\?[0-9]' phonelist
> > grep '[0-9]\{3\}[-]\?[0-9]\{4\}' phonelist
> > grep '[0-9]\{3\}[ -]\?[0-9]\{4\}' phonelist
>
> The first and third calls give both lines, whereas the
> second one only gives the hyphenated number. Why would
> the first get both, but the second not? Thanks
------------------------------
From: [EMAIL PROTECTED]
Subject: Warning can't open initial consol
Date: Sun, 24 Sep 2000 21:32:30 GMT
Hello every one,
I added a new partion to my HD and after that I
install win98, then I lost my lilo boot for
linux. However, I installed partionMagic and I
got bac linux but when it's booting it stopped
with this
Warning: can't open init consol.
Any help please on how to solve this problem to
my linux working again.
Thanks
Adnan
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: -ljl- <[EMAIL PROTECTED]>
Subject: Re: kernel recompile needed, but Mandrake has modified the source...
Date: Sun, 24 Sep 2000 21:50:09 GMT
In article <bsV3ehsibPZd-pn2-EvWSbc1KrpkW@ASUSTwo>,
[EMAIL PROTECTED] (Bruce LaZerte) wrote:
> On Sun, 24 Sep 2000 05:27:23, David_C <[EMAIL PROTECTED]> wrote:
>
>>> Is there another linux distribution out there that only uses
standard
>>> kernels, equivalent to those found on ftp.kernel.org? Given the
>>> monolithic linux kernel and the necessity to recompile it when
>>> updating certain device drivers, this would be nice feature.
>>
>> Most other distributions do. Including RedHat and Slackware.
>>
>> I use RedHat. AFAIK, they don't change the kernel sources at all in
>> their distribution.
>
> Just looked in a RedHat book at the bookstore. Although a little out
of
> date, RH V6.0, it says there's about 40 patches on the official
kernel.
>
> Slackware's web site only talks about the AC (Alan ?) patch which is
> considered semi-official (?)
Could AC (Alan ?) be Alan Cox??
--
Louis-ljl-{ Louis J. LaBash, Jr. }
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Grega Bremec)
Crossposted-To: comp.os.linux.admin,comp.os.linux.help,comp.os.linux.security
Subject: BIND ACL Workarounds (was: Re: been hacked...have a question)
Date: Sun, 24 Sep 2000 22:31:00 GMT
...and MIchael Erskine used the keyboard:
>
>One of the most important things you can do is ensure that DNS is set up
>properly with ACL's in the /etc/named.conf file. That task is
>non-trivial.
Hello Mike,
The ACLs you mentioned reminded me of an interesting possibility:
I have a primary DNS for the domain running on one of my boxen, and I
usually get a whole lot of hits on UDP port 53 from various name
servers all around the place, whereas I only trust my backup servers
and a few (local to my ISP) name servers and DENY everything else at
the firewall.
I have ACLs set up for zone transfers and such, so the subset that is
open could be considered as a fairly well secured one. However, what
bothers me is all those hits I'd like to get rid of. I was thinking of
using the "unpublished primary" setup so that one of the two backup
servers would act as my primary to the rest of the world, but things
haven't stabilized enough around here, so I can't afford waiting 24-32
hrs for server updates to take effect (yet). Of course, I'm not as
stupid as to run named as root, it's running under an unprivileged
account and group, so this shouldn't be a big problem, except for
possible database corruption. BIND version is 8.2.2 patchlevel 5, so
the recent CERT advisories about DNS exploits do not apply to it
(yet :-/).
What I need at this point is your (everybody else invited as well, of
course :-)) opinion on just how secure you think BIND is when properly
equipped with ACLs that would allow for incoming _queries_ _only_ from
anybody, but disallow everything else except for the few trusted
hosts.
Are there any known exploits that can get around BIND ACLs or is it OK
for me consider opening up UDP port 53 after having my way with
named.conf? CERT says nothing about ACL exploits so far.
BTW, is it in any way possible to set up some kind of source address
verification in user-space software (such as named) as well without it
having to be supported on the other side as well?
Thanks in advance,
--
Grega Bremec
grega.bremec-at-gbsoft.org
http://www.gbsoft.org/
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.questions
Subject: Linux timezone???
Date: Sun, 24 Sep 2000 23:29:42 GMT
Hi all!
When I'm sending mail, the mailheader always shows "... +0200" in dates.
My /etc/localtime however is a link to /usr/share/zoneinfo/CET and that
is +0100. date shows the correct time. TimeZoneSpec is not set
in /etc/sendmail.cf. TZ is also unset.
What's even worse, is that the windows client, which ntp syncs to the
linux box, is one hour behind.
Can anyone explain to me, what is wrong???
--
So far
- Clemens -
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Dances With Crows)
Subject: Re: can't mount drives
Date: 25 Sep 2000 00:08:01 GMT
Reply-To: [EMAIL PROTECTED]
On Sun, 24 Sep 2000 12:01:26 GMT, James McIntyre wrote:
>When I try to mount my folppy or cd-rom, I get a message stating they
>are not valid block devices. I tried as root ans another user.
>I'm using the commands
>mount /dev/cdrom /mnt/cdrom, and "mount /dev/fd0 mnt/floppy"
>What is the simple solutio to this?
/dev/cdrom is not pointing to the right place, and /dev/fd0 is the
"autodetect" floppy device. If the CD-ROM is IDE, try this:
mount -t iso9660 /dev/hdX /mnt/cdrom
where X is the CD-ROM's letter (a for master on the primary controller,
b for primary slave, c for secondary master, d for secondary slave). If
the CD-ROM is SCSI, it's
mount -t iso9660 /dev/scdX /mnt/cdrom
where X is between 0 and 7.
/dev/cdrom is usually a symbolic link that points to an actual device.
Once you've figured out what the actual device is, you can point
/dev/cdrom to the right place like so:
ln -sf /dev/$ACTUALDEVICE /dev/cdrom
(man mount, man fstab, man ln to figure out what's going on here.)
Floppy autodetection sometimes doesn't work. Try inserting a 1.4M
formatted DOS disk and doing:
mount -t vfat /dev/fd0h1440 /mnt/floppy
If you get error messages from these commands, post them back here.
Also read your distro's manual as there's usually a big section about
removable-media devices and how to access them. If you get any errors,
post the exact text of the error messages to the NG.
--
Matt G|There is no Darkness in Eternity/But only Light too dim for us to see
Brainbench MVP for Linux Admin / Those who do not understand Unix are
http://www.brainbench.com / condemned to reinvent it, poorly.
=============================/ ==Henry Spencer
------------------------------
From: [EMAIL PROTECTED] (Dances With Crows)
Subject: Re: Downloaded files with * next to them??
Date: 25 Sep 2000 00:08:02 GMT
Reply-To: [EMAIL PROTECTED]
On 23 Sep 2000 19:05:34 GMT, Peter T. Breuer wrote:
>Dextrose <[EMAIL PROTECTED]> wrote:
>: It seems as though every file I download ends up with a * at the end of its
>
>Hilarious. Come back when both your neurons fire at once ... (hint:
>you just need time to think about it). I refuse to answer this person
>and publicly announce my willingness to take the flames for my
>unwarrantedly rude behaviour until he stops asking why is everything all
>dark, while wearing sunglasses.
Hint:
$ alias | grep ls
alias ls='ls $LS_OPTIONS`
$ echo $LS_OPTIONS
-N --color=tty -F
"man ls" to find out what those mean, and why, and how to turn it off.
BTW, don't mind Peter... he's just sick of seeing questions that get
asked/answered in the FAQ resurface time and again in the NG. Actually,
so am I, but I figured that this msg. will provide you the incentive to
A) Read The Fine FAQ (in /usr/doc/howto, posted regularly to this NG,
and on the Net--search "Linux FAQ" on a search engine) and B) Learn
Something. HTH, good luck.
--
Matt G|There is no Darkness in Eternity/But only Light too dim for us to see
Brainbench MVP for Linux Admin / Those who do not understand Unix are
http://www.brainbench.com / condemned to reinvent it, poorly.
=============================/ ==Henry Spencer
------------------------------
From: "Peter Woodall" <[EMAIL PROTECTED]>
Subject: SQUID - DIALUP
Date: Sun, 24 Sep 2000 20:47:49 -0400
Have successfully installed squid on a home network with a mix (Linux &
Windows).
Don't have cable or DSL/ ISDN, etc in my area so I have to use a dial-up
connection. Is there any way of getting squid to initiate the dialer on a
demand basis.
Or should I be looking for a simpler cache proxy?
Any help is appreciated.
Thanks
Peter
------------------------------
From: [EMAIL PROTECTED] (Christopher Browne)
Crossposted-To: comp.os.linux.questions
Subject: Re: Linux timezone???
Reply-To: [EMAIL PROTECTED]
Date: Mon, 25 Sep 2000 00:46:41 GMT
Centuries ago, Nostradamus foresaw a time when [EMAIL PROTECTED] would say:
>When I'm sending mail, the mailheader always shows "... +0200" in dates.
>My /etc/localtime however is a link to /usr/share/zoneinfo/CET and that
>is +0100. date shows the correct time. TimeZoneSpec is not set
>in /etc/sendmail.cf. TZ is also unset.
>
>What's even worse, is that the windows client, which ntp syncs to the
>linux box, is one hour behind.
>
>Can anyone explain to me, what is wrong???
We're presently in DST; that would explain there being an "off-by-an-hour"
situation, maybehaps...
--
[EMAIL PROTECTED] - <http://www.ntlug.org/~cbbrowne/internet.html>
Everyone has a photographic memory, some don't have film.
------------------------------
From: MH <[EMAIL PROTECTED]>
Subject: Error on "make bzImage"...
Date: Sun, 24 Sep 2000 17:51:48 -0700
Recently, while trying to compile a new kernel, I did "make bzImage" and
everything proceeded normally until the very end. I got the following
error:
make[1]: as86: command not found
make[1]: *** [bbootsect.o] Error 127"
make[1]: Leaving directory `/usr/src/linux/arch/i386/boot'
make: *** [bzImage] Error 2
I remembered having this error before and resolved it by installing an
RPM package that contained some utilities. It took me awhile to locate
the right package, since it was not part of the ISO. The package is
called "bin86*****" and had I not remembered the "bin" part, I never
would have found it.
In any case, it seems very odd that this package is not part of the ISO,
since it is REQUIRED to compile a new kernel. Even stranger, it is
apparently not part of the GNU utilities, nor even a GPL application,
since it is listed as "contrib" on RedHat's site. Does anyone else find
this disturbing given that GNU/Linux is supposed to be "free" i.e.
licensed under the GPL? Am I missing something here?
------------------------------
From: [EMAIL PROTECTED] (Robert Kiesling)
Subject: Re: Downloaded files with * next to them??
Reply-To: [EMAIL PROTECTED]
Date: 24 Sep 2000 20:39:38 -0400
I couldn't let all those kind, flattering words pass, even though I've
been posting too much today: I don't want to be the Jerry Pournelle of
Free Software. Maybe you just wanted the practice. Anyway, another
way to end up with a '*' file name is by typing a wildcard directory
filter in the file name entry in the Netscape File Save dialog. I
didn't think it was possible, 'til I did it in my sleep. But Netscape
does allow it. Thankfully, I have a very thorough knowledge of rm.
Turning off the ls terminal sequences ought to be in the FAQ, I
suppose. Otoh, I don't think anyone else took three months figuring
out how to do it.
In article <[EMAIL PROTECTED]>,
Dances With Crows <[EMAIL PROTECTED]> wrote:
>On 23 Sep 2000 19:05:34 GMT, Peter T. Breuer wrote:
>>Dextrose <[EMAIL PROTECTED]> wrote:
>>: It seems as though every file I download ends up with a * at the end of its
(text deleted as required by trn)
>BTW, don't mind Peter... he's just sick of seeing questions that get
>asked/answered in the FAQ resurface time and again in the NG. Actually,
>so am I, but I figured that this msg. will provide you the incentive to
>A) Read The Fine FAQ (in /usr/doc/howto, posted regularly to this NG,
>and on the Net--search "Linux FAQ" on a search engine) and B) Learn
>Something. HTH, good luck.
>
>--
>Matt G|There is no Darkness in Eternity/But only Light too dim for us to see
>Brainbench MVP for Linux Admin / Those who do not understand Unix are
>http://www.brainbench.com / condemned to reinvent it, poorly.
>-----------------------------/ --Henry Spencer
--
Robert Kiesling
Linux FAQ Maintainer
[EMAIL PROTECTED]
------------------------------
From: Chris Tokar <[EMAIL PROTECTED]>
Subject: installation problem
Date: Sun, 24 Sep 2000 20:55:16 -0400
Reply-To: [EMAIL PROTECTED]
I am installing RedHat 6.1 on a IBM thinkpad with an external BusLink
USB hard drive. When booting from the CD, I get the error message "no
valid modes found". Is there a way to get around this through expert
mode perhaps, if so how?
Help much appreciated.
[EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.misc) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Misc Digest
******************************
