Linux-Misc Digest #926, Volume #27 Wed, 23 May 01 00:13:02 EDT
Contents:
Network Configuration mystery ("Sony Antony")
Re: Matt Blaze's CFS on Linux ("Binesh Bannerjee")
Re: Security Testing (michael james obrien)
Re: Load average overtime (Dances With Crows)
Re: Embedded (Jan Schaumann)
Dumb newbie question about setting the system time. ("Joel")
boot system prob (Ivan Su)
Re: The Linux Library Issue (Scott Drumm)
Re: split or compress big file into floppies ("Stefan Viljoen")
Re: Dumb newbie question about setting the system time. (David)
Configuring Modems in Linux so that Domino can "see" them as ports (com1, com2, etc)
(robert)
Re: Dumb newbie question about setting the system time. ("Stefan Viljoen")
----------------------------------------------------------------------------
From: "Sony Antony" <[EMAIL PROTECTED]>
Subject: Network Configuration mystery
Date: Tue, 22 May 2001 22:04:58 -0400
Hi:
I m writing this to ask you about something I saw today.
I took my Linux box to my office in order to do a demo on mysql ( which was
a great surprise for many ).
I got a free IP address ( IP s are allocated statically in our office by
the company that provided us with the T1 connection ) and network mask. I
changed the NIC address to this IP ( from the 192.168.1.252 I ve been using
at home ) and it was able to contact other machines in our office
instantaneously ( as well as telnetting to the Linux box ).
But I could not access the internet. Neither could I ping the any addresses
outside our network.
Then when I checked one of the office windows machine, I saw that they all
have an IP address **outside our network** as the default gateway. Even this
IP I could not ping from my Linux box. Needless to say that setting this as
default gateway in my Linux box did not solve the problem.
My understanding about default gateway was
1. This is the IP address the request should be sent if the host does not
know of any route to a destination.
2. The defaul;t gateway should always be a member of the network.
Also can anybody see how the windows machines were able to work
mysteriously. The only other configuration I could see was for DNS ( which
was also pointing to the same machine as the one set as default gateway - an
outside the network host )
--sony
------------------------------
From: "Binesh Bannerjee" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.security
Subject: Re: Matt Blaze's CFS on Linux
Date: 23 May 2001 02:05:57 GMT
In comp.os.linux.security Binesh Bannerjee <[EMAIL PROTECTED]> wrote:
: Hi,
: Has anyone gotten Matt Blaze's CFS to work on Linux?
: I downloaded cfs-1.4.1.tar.gz from
: http://www.crypto.com/software/cfs-1.4.1.tar.gz
: And tried compiling it... It doesn't compile out of the box... and, since
: I don't really know RPC, I was sort of fumbling, anyhow...
: After looking a little, I thought the problem was that the stubs that
: are in the software were named differently in the rpc generated code...
: So... (I'm attaching my patch at the end of this message...)
: (It seems the linux rpcgen makes server stubs named whatever_svc...)
: I made all the changes, and now, I have it compiled, so I do the
: mkdir /null
: chmod 0 /null
: mkdir /crypt
: cfsd
: mount -o port=3049,intr localhost:/null /crypt
: then I do
: cmkdir q
: and it
: seems to hang... perhaps I screwed something up in the changes? (?)
OK... Don't know why this is... But, I gdb'd the cmkdir process and found
it's hanging in roulette, seems like it's waiting in a loop to be interrupted
by a SIGALRM (set by an alarm call before in raw_truerand...)
I'd like a better one, but in the meantime, I've used lrand48...
What are the crypto implications of using this?
In anycase, it works now! I'm a happy camper... Now, I'm off to reconfigure
my laptop, to be automagically encrypted!
: Has anyone gotten it to work?
: I was thinking of putting -Wall -Werror into the gcc line,
: but that causes _WAY_ too many errors... so, I'm not sure...
: Well, I'm just not sure at all, since I don't know RPC...
: Any help appreciated,
: Thanks in advance... (The patch follows)
: Binesh Bannerjee
diff -Naur cfs-1.4.1/Makefile cfs-1.4.1-binesh/Makefile
--- cfs-1.4.1/Makefile Thu May 3 14:29:21 2001
+++ cfs-1.4.1-binesh/Makefile Tue May 22 19:36:41 2001
@@ -84,8 +84,8 @@
PRINTCMD=enscript -Gr2
# you only need RSAREF for ESM
# these paths WILL have to be changed...
-RSALIB=/usr/mab/rsaref/install/rsaref.a
-RINCLUDES=/usr/mab/rsaref/source
+RSALIB=/usr/local/rsaref2/install/unix/rsaref.a
+RINCLUDES=/usr/local/rsaref2/source
# if you're a paranoid fascist, you might want to configure
# default timeouts on the attach command. If you do,
@@ -93,7 +93,7 @@
# of minutes you want to the CFLAGS line.
# So the COPT line for the SUNOS CC configuration with a timeout
# of 12 hours and an idle timer of 2 hours would look like:
-# COPT=-O -DTMOUT=720 -DIDLE=120
+COPT=-O -DTMOUT=60 -DIDLE=30
# If you leave them out the default timeouts are infinite. You
# can override them, of course, on the cattach command line.
@@ -116,9 +116,9 @@
## Linux dists).
## See NOTE TO LINUX USERS above, and also README.linux,
## if you can't make things work.
-#CFLAGS=$(COPT) -U__STDC__ -Dd_fileno=d_ino -I$(RINCLUDES)
-#LIBS=
-#COMPAT=
+CFLAGS=$(COPT) -Dd_fileno=d_ino -I$(RINCLUDES)
+LIBS=
+COMPAT=
#RPCOPTS= -k -b
## A few Linux users have reported success with these
@@ -229,7 +229,7 @@
# (3/3) CONFIGURE: one last thing
#==========================================================================
# finally, comment out the next line:
-CC=you_forgot_to_edit_the_makefile
+# CC=you_forgot_to_edit_the_makefile
# now you're done with local configuration.
diff -Naur cfs-1.4.1/cfs_adm.c cfs-1.4.1-binesh/cfs_adm.c
--- cfs-1.4.1/cfs_adm.c Mon Dec 25 04:41:30 1995
+++ cfs-1.4.1-binesh/cfs_adm.c Tue May 22 19:27:49 2001
@@ -27,7 +27,7 @@
#include "nfsproto.h"
#include "cfs.h"
-typedef struct svc_req *SR;
+typedef struct svc_req SR;
int topinstance = 0;
@@ -36,12 +36,16 @@
}
void *
-admproc_null_2()
+admproc_null_2_svc(ap,rp)
+ void *ap;
+ SR *rp;
{
+ /* Binesh - This one I'm not too sure about. */
+ return(NULL);
}
cfsstat *
-admproc_attach_2(ap,rp)
+admproc_attach_2_svc(ap,rp)
cfs_attachargs *ap;
SR *rp;
{
@@ -154,7 +158,7 @@
}
cfsstat *
-admproc_detach_2(ap,rp)
+admproc_detach_2_svc(ap,rp)
cfs_detachargs *ap;
SR *rp;
{
diff -Naur cfs-1.4.1/cfs_nfs.c cfs-1.4.1-binesh/cfs_nfs.c
--- cfs-1.4.1/cfs_nfs.c Mon Dec 25 01:24:31 1995
+++ cfs-1.4.1-binesh/cfs_nfs.c Tue May 22 19:29:39 2001
@@ -37,7 +37,7 @@
#include "admproto.h"
#include "cfs.h"
-typedef struct svc_req *SR;
+typedef struct svc_req SR;
#define herr(x) (((x)==H_INVALID)?NFSERR_STALE:NFSERR_PERM)
@@ -58,9 +58,9 @@
}
void *
-nfsproc_null_2(ap,rp)
+nfsproc_null_2_svc(ap,rp)
void *ap;
- SR rp;
+ SR *rp;
{
static int ret=0;
return ((void*) &ret);
@@ -72,9 +72,9 @@
readdirres *rootreaddir();
attrstat *
-nfsproc_getattr_2(ap,rp)
+nfsproc_getattr_2_svc(ap,rp)
nfs_fh *ap;
- SR rp;
+ SR *rp;
{
static attrstat ret;
int uid;
@@ -118,9 +118,9 @@
}
attrstat *
-nfsproc_setattr_2(ap,rp)
+nfsproc_setattr_2_svc(ap,rp)
sattrargs *ap;
- SR rp;
+ SR *rp;
{
static attrstat ret;
int uid;
@@ -168,9 +168,9 @@
}
void *
-nfsproc_root_2(ap,rp)
+nfsproc_root_2_svc(ap,rp)
void *ap;
- SR rp;
+ SR *rp;
{
static int ret=0;
@@ -179,9 +179,9 @@
/* fix this to deal w/ fs root (instance root should be ok) */
diropres *
-nfsproc_lookup_2(ap,rp)
+nfsproc_lookup_2_svc(ap,rp)
diropargs *ap;
- SR rp;
+ SR *rp;
{
static diropres ret;
diropres *retp;
@@ -258,9 +258,9 @@
}
readlinkres *
-nfsproc_readlink_2(ap,rp)
+nfsproc_readlink_2_svc(ap,rp)
nfs_fh *ap;
- SR rp;
+ SR *rp;
{
static readlinkres ret;
int uid;
@@ -309,9 +309,9 @@
readres *
-nfsproc_read_2(ap,rp)
+nfsproc_read_2_svc(ap,rp)
readargs *ap;
- SR rp;
+ SR *rp;
{
static readres ret;
static char buffer[8192];
@@ -370,9 +370,9 @@
void *
-nfsproc_writecache_2(ap,rp)
+nfsproc_writecache_2_svc(ap,rp)
void *ap;
- SR rp;
+ SR *rp;
{
static int ret;
@@ -381,9 +381,9 @@
attrstat *
-nfsproc_write_2(ap,rp)
+nfsproc_write_2_svc(ap,rp)
writeargs *ap;
- SR rp;
+ SR *rp;
{
static attrstat ret;
int fd;
@@ -442,9 +442,9 @@
diropres *
-nfsproc_create_2(ap,rp)
+nfsproc_create_2_svc(ap,rp)
createargs *ap;
- SR rp;
+ SR *rp;
{
static diropres ret;
static nfs_fh handle;
@@ -545,9 +545,9 @@
nfsstat *
-nfsproc_remove_2(ap,rp)
+nfsproc_remove_2_svc(ap,rp)
diropargs *ap;
- SR rp;
+ SR *rp;
{
static nfsstat ret;
char *s;
@@ -587,9 +587,9 @@
nfsstat *
-nfsproc_rename_2(ap,rp)
+nfsproc_rename_2_svc(ap,rp)
renameargs *ap;
- SR rp;
+ SR *rp;
{
static nfsstat ret;
int uid;
@@ -643,9 +643,9 @@
nfsstat *
-nfsproc_link_2(ap,rp)
+nfsproc_link_2_svc(ap,rp)
linkargs *ap;
- SR rp;
+ SR *rp;
{
static nfsstat ret;
int uid;
@@ -694,9 +694,9 @@
nfsstat *
-nfsproc_symlink_2(ap,rp)
+nfsproc_symlink_2_svc(ap,rp)
symlinkargs *ap;
- SR rp;
+ SR *rp;
{
static nfsstat ret;
int uid;
@@ -743,9 +743,9 @@
}
diropres *
-nfsproc_mkdir_2(ap,rp)
+nfsproc_mkdir_2_svc(ap,rp)
createargs *ap;
- SR rp;
+ SR *rp;
{
static diropres ret;
nfs_fh handle;
@@ -817,9 +817,9 @@
nfsstat *
-nfsproc_rmdir_2(ap,rp)
+nfsproc_rmdir_2_svc(ap,rp)
diropargs *ap;
- SR rp;
+ SR *rp;
{
static nfsstat ret;
char *s;
@@ -864,9 +864,9 @@
/* #define cfsclosedir(x) fhclosedir(x) */
readdirres *
-nfsproc_readdir_2(ap,rp)
+nfsproc_readdir_2_svc(ap,rp)
readdirargs *ap;
- SR rp;
+ SR *rp;
{
static readdirres ret;
int uid;
@@ -991,9 +991,9 @@
}
statfsres *
-nfsproc_statfs_2(ap,rp)
+nfsproc_statfs_2_svc(ap,rp)
nfs_fh *ap;
- SR rp;
+ SR *rp;
{
static statfsres ret;
@@ -1079,7 +1079,7 @@
/* note that this really doesnt belong here */
int
ruid(rp)
- SR rp;
+ SR *rp;
{
struct authunix_parms *cred;
@@ -1091,7 +1091,7 @@
int
rgid(rp)
- SR rp;
+ SR *rp;
{
struct authunix_parms *cred;
@@ -1194,7 +1194,7 @@
extern struct in_addr validhost;
goodsrc(rp)
- SR rp;
+ SR *rp;
{
struct in_addr ia;
struct in_addr *ip;
diff -Naur cfs-1.4.1/truerand.c cfs-1.4.1-binesh/truerand.c
--- cfs-1.4.1/truerand.c Thu May 3 14:33:28 2001
+++ cfs-1.4.1-binesh/truerand.c Tue May 22 20:39:14 2001
@@ -86,6 +86,7 @@
#include <signal.h>
#include <setjmp.h>
#include <sys/time.h>
+#include <unistd.h>
#include <math.h>
#include <stdio.h>
@@ -130,7 +131,7 @@
/*
* basic interface to 32 bit truerand.
* note that any scheduled SIGALRM will be delayed by about .3 secs.
- */
+ * Binesh - This seems to not work... Hmmm....
unsigned long
raw_truerand()
{
@@ -156,6 +157,18 @@
buf = *((unsigned long *) r);
return buf;
+}
+ */
+
+unsigned long raw_truerand() {
+ static int seeded = 0;
+ if (!seeded) {
+ struct timeval tv;
+ gettimeofday(&tv,NULL);
+ srand48(tv.tv_usec);
+ seeded++;
+ }
+ return(lrand48());
}
int
------------------------------
From: [EMAIL PROTECTED] (michael james obrien)
Crossposted-To: alt.linux,alt.os.linux,comp.os.linux.setup
Subject: Re: Security Testing
Date: 23 May 2001 02:08:56 GMT
SAINT is a good program for this.
SneakyPeach ([EMAIL PROTECTED]) wrote:
: Ask a hacker to see if he can get in. At www.netcop.com you can scan via
: their quickscan webpage or download scanner 2.0 onto a windows computer and
: type the IP of the Linux box.
: "Michael Pye" <[EMAIL PROTECTED]> wrote in message
: news:ekyM6.20158$[EMAIL PROTECTED]...
: > I'm looking for some help in testing my web server and intranet (connected
: > to the web through a proxy, though not SUPPOSED to be accessible)
: security.
: >
: > Identifying exposed IP addresses and associated open ports, along with
: > possible exploitation of these connections, holes in the firewall etc...
: >
: > Can anyone help me with utilities, techniques etc likely to be used in a
: > hacker's attack and ways to probe for such weaknesses.
: >
: > Thanks.
: >
: > MP
: >
: >
: >
------------------------------
From: [EMAIL PROTECTED] (Dances With Crows)
Subject: Re: Load average overtime
Reply-To: [EMAIL PROTECTED]
Date: 23 May 2001 02:30:44 GMT
On 22 May 2001 17:46:25 -0700, Justin Lynch staggered into the Black Sun
and said:
>Does anyone know how I can calculate the load average of a machine
>over a period of say a few hours, days or weeks?
How much granularity do you want? Execute the following every X minutes
(with cron), and you will get a big column of numbers. Sum them at
periodic intervals, and divide by the appropriate number.
w | grep "load average" | cut --delimiter=" " -f15 | sed -e 's/,//' \
>> ~/averages
There's probably a better way to do it; this is just the first thing I
thought of.
--
Matt G|There is no Darkness in Eternity/But only Light too dim for us to see
Brainbench MVP for Linux Admin / Workin' in a code mine, hittin' Ctrl-Alt
http://www.brainbench.com / Workin' in a code mine, whoops!
=============================/ I hit a seg fault....
------------------------------
From: [EMAIL PROTECTED] (Jan Schaumann)
Crossposted-To: comp.os.linux,comp.os.linux.development,comp.os.linux.help
Subject: Re: Embedded
Date: Wed, 23 May 2001 02:29:45 -0000
* AbRaXaS wrote:
> Are there some groups about embedded linux?
Can't you search your own list of available newsgroups?
If your server does not carry a certain group, search the web - one site
that might help is:
http://kom.net/~dbrick/news/newspage/
But there is comp.os.linux.embedded, yes.
-Jan
--
Jan Schaumann
http://www.netmeister.org
------------------------------
From: "Joel" <[EMAIL PROTECTED]>
Subject: Dumb newbie question about setting the system time.
Date: Tue, 22 May 2001 21:51:31 -0500
Hi. I am reletively new to linux (I've been using it for about 2 months)
and my clock is off. I have it set to local time, but I can't figure out
how to set it to the correct time. I remember when I installed RedHat 7.1,
a package was installed that is for setting the time, but I don't remember
the name. How do I set the hardware time on my computer? I have Windows
and Linux installed, BTW. Thanks in advance.
------------------------------
From: [EMAIL PROTECTED] (Ivan Su)
Subject: boot system prob
Date: 23 May 2001 03:23:39 GMT
Hi,
I'm having trouble booting into linux 6.2 using my boot disk.. everytime
I try to do so i get the '0X10 error'
any help would be much appreciated,
Chimps
------------------------------
From: Scott Drumm <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.questions
Subject: Re: The Linux Library Issue
Date: Wed, 23 May 2001 03:54:12 GMT
Markku Kolkka wrote:
Thanks. The reinstall didn't help, but I symlinked the necessary file
and re-ran ldconfig afterwards. I also rebuilt the RPM database just
for fun.
XMMS works fine now.
> Scott Drumm <[EMAIL PROTECTED]> writes:
> > As I've seen this problem occur during other package installations /
> > compilations, could someone please tell me WHY this happens and HOW the
> > Linux run-time library system works?
>
> Actually this has nothing to do with the run-time library system, it's
> a "feature" of the RPM installation system (I'm assuming you're using
> RPM because you mentioned RH7.0). RPM doesn't check the dependencies
> from the filesystem, but from it's database. So it doesn't matter if
> the libXxf86dga.so.1 exists somewhere on the disk if the RPM database
> doesn't know about it.
>
> Possible solutions:
> - check which packages xmms requires (with rpm -qpR), and check the
> versions of the installed packages. Maybe your xmms package needs a
> specific version of the library.
> - reinstall the RPM package containing the library
> - rebuild the RPM database (rpm --rebuilddb)
>
> --
> Markku Kolkka
> [EMAIL PROTECTED]
------------------------------
From: "Stefan Viljoen" <[EMAIL PROTECTED]>
Subject: Re: split or compress big file into floppies
Date: Wed, 23 May 2001 06:04:10 +0200
Michael Heiming <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Stefan Viljoen wrote:
> >
> > Michael Heiming <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > "Peter T. Breuer" wrote:
> > > >
> > > > Jinsong Liang <[EMAIL PROTECTED]> wrote:
> > > > > How can I split or compress a big file into several floppies? I
have
> >
> > What I have heard works is to first tar AND gzip /bzip the file, then
tar it
> > again onto floppies directly...?
> >
> > Stefan Viljoen
>
> Nope, you tar and compress in one pass, using -z or -I option GNU tar
> has,
> why should you tar it again?
Tried it - it gives an error, if I remember right. What logically must work
is to tar/gzip/tar...?
Stefan
http://home.intekom.com/rylan/
------------------------------
From: David <[EMAIL PROTECTED]>
Subject: Re: Dumb newbie question about setting the system time.
Date: Wed, 23 May 2001 03:59:35 GMT
Joel wrote:
>
> Hi. I am reletively new to linux (I've been using it for about 2 months)
> and my clock is off. I have it set to local time, but I can't figure out
> how to set it to the correct time. I remember when I installed RedHat 7.1,
> a package was installed that is for setting the time, but I don't remember
> the name. How do I set the hardware time on my computer? I have Windows
> and Linux installed, BTW. Thanks in advance.
On a redhat system you can use "timetool" to set the time.
--
Confucius say: He who play in root, eventually kill tree.
Registered with the Linux Counter. http://counter.li.org
ID # 123538
Completed more W/U's than 99.211% of seti users. +/- 0.01%
------------------------------
From: [EMAIL PROTECTED] (robert)
Subject: Configuring Modems in Linux so that Domino can "see" them as ports (com1,
com2, etc)
Date: 22 May 2001 20:59:57 -0700
HELP - we can get a modem configured on the Linux serial port, but
can't get it to be seen as a valid port in Domino.
Reply via e-mail --- [EMAIL PROTECTED]
------------------------------
From: "Stefan Viljoen" <[EMAIL PROTECTED]>
Subject: Re: Dumb newbie question about setting the system time.
Date: Wed, 23 May 2001 06:14:48 +0200
Joel <[EMAIL PROTECTED]> wrote in message
news:9ef8vl$dci$[EMAIL PROTECTED]...
> Hi. I am reletively new to linux (I've been using it for about 2 months)
> and my clock is off. I have it set to local time, but I can't figure out
> how to set it to the correct time. I remember when I installed RedHat
7.1,
> a package was installed that is for setting the time, but I don't remember
> the name. How do I set the hardware time on my computer? I have Windows
> and Linux installed, BTW. Thanks in advance.
Hmm - 'man date'?
Stefan
http://home.intekom.com/rylan/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to comp.os.linux.misc.
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Misc Digest
******************************
