Linux-Networking Digest #691, Volume #9 Sun, 27 Dec 98 21:13:42 EST
Contents:
what exactly is SYN flood? ([EMAIL PROTECTED])
Re: Modem choice for Linux (Paul B. Brown)
Re: Question about IPFWADM ("S|N|S73R")
Re: what exactly is SYN flood? (Erik de Castro Lopo)
Re: PPP connection problem (Clifford Kite)
linux proxy or nat ("x")
mediaone cable and small home lan questions (Sandy Culver)
Re: Networking Linux and Windows (Paul B. Brown)
Re: PPP on kernel 2.0.34 & 2.1.132 (Clifford Kite)
Masquerading on 2.1.x kernel? (K&A)
linux-win 95 network ("Torsten Knoll")
pppd problem (Josh Gentry)
Re: 3c905b (Giovanni Gigante)
Re: Modem choice for Linux (Zulfiqar Naushad)
Re: RedHat 5.2 & 3c574 pcmcia network card (Karl Heinz Kremer)
Re: IP Masquerading on @Home general question (Zulfiqar Naushad)
Re: kppp and slow connects (Marc)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.security.unix
Subject: what exactly is SYN flood?
Date: Sun, 27 Dec 1998 22:56:37 GMT
Hello,
what exactly is 'SYN flood'?
I saw a few messages about it on my Linux(es) (Red Hat 5.1 and 5.2)
here is a sample:
Dec 26 19:47:24 ndx kernel: Warning: possible SYN flood from 206.138.123.456
on 206.138.123.456:19000. Sending cookies.
dangerous?
what could I do to protect my makina from the bad guys?
Thanks,
Otis
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Paul B. Brown)
Subject: Re: Modem choice for Linux
Date: 27 Dec 1998 19:48:29 GMT
Good, inexpensive v.90 modems: ZOOM and Supra. Get the non-PNP versions.
Enjoy!
Paul
===========================================================================
Paul B. Brown [EMAIL PROTECTED]
President
Brown Technologies Network, Inc. http://www.btechnet.com/
Unix Systems Administration "Sailing is a state of mind . . . ."
===========================================================================
In article <75lu77$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Duncan Simpson) writes:
>In <[EMAIL PROTECTED]> Kazin <[EMAIL PROTECTED]> writes:
>
>>David Shepherd wrote:
>>>
>>> I need to buy a modem by the end of this week. Although I will initially
>>> be using it under Win NT to access a Dec Alpha based Unix cluster at
>>> work, I would like in due course to have it running under Linux as well.
>>>
>>> Choosing for NT compatibility would appear to be reasonably
>>> straightforward, but is there anything important I need to bear in mind
>>> for Linux compatibility? Will voice/fax modems work under Linux, or
>>> would I be better off with a plain no-frills modem?
>
>> I've always been of the opinion that the only modem worth buying at all
>>is the USR (now 3Com) Courier v.Everything. I've been using the same
>>two modems for the past 4 years now, upgrading for free along the way.
>>I bought them when I was running a BBS full-time, and the ability to
>>connect reliably to anything on the planet was a key factor. I still
>>find that they perform better and more reliably than anything else, and
>>you can always upgrade them for free.
>
>Assuming your budget is not big enough for one of those get an
>external modem. Almost any model will speak Hayes AT commands enough
>for you to send FAXes, connect any ISP, and most stuff you care
>about. You also get the benefit of ebing able to power cycle the modem
>when your computer is unwilling to hang up and light that tell you
>want is happening (in particular whether you are increasing your phone
>bill).
>
>Duncan (-:
------------------------------
From: "S|N|S73R" <[EMAIL PROTECTED]>
Subject: Re: Question about IPFWADM
Date: 27 Dec 1998 23:59:43 GMT
I run Slackware and decided it would be neater to chuck em in my /etc/rc.d
directory in the file rc.inet1 - which is used to initialize the network.
Every time my system boots it works like a charm =)
Thats just from my point of view
S|N
Allen Wong <[EMAIL PROTECTED]> wrote in article
<[EMAIL PROTECTED]>...
> If you mean the commands to initiate IP masquerading, put them in
> the rc.local file in the /etc/rc.d directory. This insures that it will
> start every time the machine boots up.
>
>
>
------------------------------
From: Erik de Castro Lopo <[EMAIL PROTECTED]>
Crossposted-To: comp.security.unix
Subject: Re: what exactly is SYN flood?
Date: Mon, 28 Dec 1998 10:49:55 +1100
[EMAIL PROTECTED] wrote:
>
> Hello,
>
> what exactly is 'SYN flood'?
> I saw a few messages about it on my Linux(es) (Red Hat 5.1 and 5.2)
>
> here is a sample:
>
> Dec 26 19:47:24 ndx kernel: Warning: possible SYN flood from 206.138.123.456
> on 206.138.123.456:19000. Sending cookies.
>
> dangerous?
> what could I do to protect my makina from the bad guys?
Getting the above message means that you are already protected.
If the IP address wasn't bogus (206.138.123.456), you could complain
the ISP that owns the IP address block.
Erik
--
+-------------------------------------------------+
Erik de Castro Lopo [EMAIL PROTECTED]
+-------------------------------------------------+
Q: What do you call a christian who accidently read the bible
with his brain turned on?
A: An atheist
------------------------------
From: [EMAIL PROTECTED] (Clifford Kite)
Subject: Re: PPP connection problem
Date: 27 Dec 1998 10:54:54 -0600
John McSwain ([EMAIL PROTECTED]) wrote:
: I had PPP working early in the week now it connects, accepts my username,
: password, and takes ppp. I then receive an IP from my ISP. Shortly
: thereafter I disconnect. In Messages I get the following: "IPCP: timeout
: sending Config-Requests". Would appreciate any advice.
Not much information to work with but you might try variations of the ACCM
(Asycronous Control Character Map) using the pppd option asyncmap. Start
with "asyncmap 0", then "asyncmap a0000" then "asyncmap 20a0000". Some
ppp implementations are broken wrt the ffffffff default ACCM.
It this fails, and it well might, you need to post approriate messages in
/var/log/messages and /var/log/debug, adding the pppd option "debug" if it
is not already present. Scripts too.
--
Clifford Kite <[EMAIL PROTECTED]> Not a guru. (tm)
/* Editing with vi is a lot better than using a huge swiss army knife. */
------------------------------
From: "x" <[EMAIL PROTECTED]>
Subject: linux proxy or nat
Date: Sun, 27 Dec 1998 15:56:36 -0800
how do i set up dial on demand for my to windoze machines going out the
linux box.
i dont want twenty four hours a day access.
------------------------------
Crossposted-To: comp.dcom.modems.cable
From: [EMAIL PROTECTED] (Sandy Culver)
Subject: mediaone cable and small home lan questions
Date: Sun, 27 Dec 1998 20:53:46 GMT
Greetings,
I have an emerging small home and home office network and am ready to
make pre-cable modem LAN purchases (cabling and a hub, I think) and am
seeking advice and suggestions:
I have set a Redhat 5.2 machine that runs with a slower ISA NIC card
based, DX100 486, it runs well (but not fast) as a dual boot machine
and I am considering running Mediaone cable to it and then passing
through a hub not yet choosen that connection to the other two
machines which are fast new processor W98 machines currently connected
via a simple cross connect cable at fast ethernet speed. I need a hub
or router with access to these three machines and one laptop from time
to time...so a 4 port with an uplink connection seems enough.
Am I likely to be hobbled speedwise to have cable starting on a slower
machine?
Is IP masquarading the best stable and secure way to go?
Must I have two NICs on the pc that attaches to cable?
What hub makes good sense in this proposed configeration?
I currently use an ISDN line (only one channel to ISPs) and may a few
solutions since a potential Mediaone install is four weeks away. So
far I plan to overlap the cable and ISDN for a few weeks until I am
certain I want to keep the cable modem...solve home office phone and
fax issues, etc.
Any suggestions on my lan issues. URLs to study...I've seen a few but
am ready to learn.
Thanks,
Sandy
I have netowrked
============================================
Mr.Sandy Culver fax: (978) 623-0082
HR Consultant office: (978) 623-0942
[EMAIL PROTECTED]
============================================
------------------------------
From: [EMAIL PROTECTED] (Paul B. Brown)
Crossposted-To: alt.os.linux
Subject: Re: Networking Linux and Windows
Date: 27 Dec 1998 20:58:35 GMT
Todd,
>I have a windows95 machine and a linux machine. I also have a 2 3com
>10baseT ethernet cards and a hub. I need help getting linux set up to
>use the hub and to be seen on the network by my windows machine. I would
>also like my windows machine to dial up to the internet and have linux
>get access to the net from across the network. Thanks for any help
Actually, you might want to do the reverse. Make your Linux box the
gateway. Anyhow . . . to setup your NIC to work you will need to read
the Ethernet-HOWTO and the NET-3-HOWTO. Once done, you can install the
NIC, recompile your kernel to include support for the NIC, and then compile
and load the module.
Once that's done you can setup your eth0 interface using the following
commands:
IPADDR="192.168.1.3" # REPLACE with YOUR IP address.
NETMASK="255.255.255.0" # REPLACE with YOUR netmask.
NETWORK="192.168.1.0" # REPLACE with YOUR network address.
BROADCAST="192.168.1.255" # REPLACE with YOUR broadcast address, if you
# have one. If not, leave blank and edit below.
GATEWAY="192.168.1.1" # REPLACE with YOUR gateway address.
/sbin/ifconfig eth0 ${IPADDR} broadcast ${BROADCAST} netmask ${NETMASK}
/sbin/route add -net ${NETWORK} netmask ${NETMASK}
/sbin/route add default gw ${GATEWAY} metric 1
Of course this assumes your Linux box has the IP address of $IPADDR and
the netmask of $NETMASK. If any of ther variables are wrong, simply
correct them.
Enjoy!
Paul
===========================================================================
Paul B. Brown [EMAIL PROTECTED]
President
Brown Technologies Network, Inc. http://www.btechnet.com/
Unix Systems Administration "Sailing is a state of mind . . . ."
===========================================================================
------------------------------
From: [EMAIL PROTECTED] (Clifford Kite)
Subject: Re: PPP on kernel 2.0.34 & 2.1.132
Date: 27 Dec 1998 13:09:04 -0600
[EMAIL PROTECTED] wrote:
: I use xisp to connect the the internet, However I cant seem to get the ppp
: deamon to connect using to 2.1.132 kernel, but it works fine using the 2.0.34
: kernel. I do have ppp support enabled in both kernels, etc. do I need to
: upgrade to a new version of pppd or something?? my pppd version is
: pppd version 2.3 patch level 4
You need ppp-2.3.5 for kernels 2.1.100+ .
--
Clifford Kite <[EMAIL PROTECTED]> Not a guru. (tm)
/* 97.3% of all statistics are made up. */
------------------------------
From: K&A <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Masquerading on 2.1.x kernel?
Date: Sun, 27 Dec 1998 17:43:45 -0700
Hi,
I've set up a new server recently. It replaced an older server running
2.0.34 that did masquerading from the local network to the outside world
over a modem.
The new machine is a dual P-II. I've been running 2.1.129 because of the
improveed SMP support in the newer kernels.
It seems that the firewalling has changed radically since. Routing works
fine, but I need the masquerading so the outgong packets don't get
trashed by my ISP (yes, I'm running 192.158 locally).
Where can I get information on converting my old masquerading to the
new?
Thanks!
James
------------------------------
From: "Torsten Knoll" <[EMAIL PROTECTED]>
Subject: linux-win 95 network
Date: Mon, 28 Dec 1998 01:44:48 +0100
Hi:)
I�ve tried a pentium 90 with 24mb running SuSE Linux 5.0 as a server for my
two win95 computers. what must i do to see this server under win95, and how
can i access the harddisk of it?
------------------------------
From: [EMAIL PROTECTED] (Josh Gentry)
Subject: pppd problem
Date: Sun, 27 Dec 1998 10:54:52 -0800
Howdy.
Have you contacted your ISP? It may have to do with how you need to connect
to their server so that
PPP starts on their end. For instance, with my ISP, I can connect with a
simple terminal emulation
program (via SLIP) and use their character based menu, or I can connect
with, say, Netscape. Netscape
obviously requires a PPP connection. With my ISP, I connect via SLIP with
the login jgentry. To get a
PPP connection, I have to connect with the login Pjgentry. So it might be
something specific to your
ISP.
Just one possibility. Hope it helps.
Josh
[EMAIL PROTECTED]
*** Posted from RemarQ - http://www.remarq.com - Discussions Start Here (tm) ***
------------------------------
From: [EMAIL PROTECTED] (Giovanni Gigante)
Subject: Re: 3c905b
Date: Sun, 27 Dec 1998 21:14:14 GMT
On Wed, 23 Dec 1998 10:44:02 -0800, Dan Conti
<[EMAIL PROTECTED]> wrote:
.
>The reason the card was initially not found (probably) had to do with the
>'B'. 3com made enough changes between the 3c905 and the 3c905b that the
>drivers for the 905 didn't work for the 905b. Chances are you are using
>the most current ones, however.
Are you sure the most recent drivers solve the problems? I haven't
been able to have my 905b work yet, despite the fact that it is
recognized and no error message is given. And redhat site gives the
905b (only the "b") as "not supported"... ouch
Giovanni
------------------------------
From: Zulfiqar Naushad <[EMAIL PROTECTED]>
Subject: Re: Modem choice for Linux
Date: Sun, 27 Dec 1998 21:56:51 GMT
My practice has always been to buy a decent external modem.
"Paul B. Brown" wrote:
> Good, inexpensive v.90 modems: ZOOM and Supra. Get the non-PNP versions.
>
> Enjoy!
>
> Paul
>
> ---------------------------------------------------------------------------
> Paul B. Brown [EMAIL PROTECTED]
> President
> Brown Technologies Network, Inc. http://www.btechnet.com/
>
> Unix Systems Administration "Sailing is a state of mind . . . ."
> ---------------------------------------------------------------------------
>
> In article <75lu77$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (Duncan Simpson) writes:
> >In <[EMAIL PROTECTED]> Kazin <[EMAIL PROTECTED]> writes:
> >
> >>David Shepherd wrote:
> >>>
> >>> I need to buy a modem by the end of this week. Although I will initially
> >>> be using it under Win NT to access a Dec Alpha based Unix cluster at
> >>> work, I would like in due course to have it running under Linux as well.
> >>>
> >>> Choosing for NT compatibility would appear to be reasonably
> >>> straightforward, but is there anything important I need to bear in mind
> >>> for Linux compatibility? Will voice/fax modems work under Linux, or
> >>> would I be better off with a plain no-frills modem?
> >
> >> I've always been of the opinion that the only modem worth buying at all
> >>is the USR (now 3Com) Courier v.Everything. I've been using the same
> >>two modems for the past 4 years now, upgrading for free along the way.
> >>I bought them when I was running a BBS full-time, and the ability to
> >>connect reliably to anything on the planet was a key factor. I still
> >>find that they perform better and more reliably than anything else, and
> >>you can always upgrade them for free.
> >
> >Assuming your budget is not big enough for one of those get an
> >external modem. Almost any model will speak Hayes AT commands enough
> >for you to send FAXes, connect any ISP, and most stuff you care
> >about. You also get the benefit of ebing able to power cycle the modem
> >when your computer is unwilling to hang up and light that tell you
> >want is happening (in particular whether you are increasing your phone
> >bill).
> >
> >Duncan (-:
------------------------------
From: [EMAIL PROTECTED] (Karl Heinz Kremer)
Subject: Re: RedHat 5.2 & 3c574 pcmcia network card
Date: Mon, 28 Dec 1998 01:17:32 GMT
In article <0xFf2.2523$[EMAIL PROTECTED]>,
"Dan Gentry" <[EMAIL PROTECTED]> writes:
> Anyone had luck with this combo?
>
> The system recognizes the card, the link light lights up, but I get zero
> traffic.
>
> I have tried messing with the config.opts, searching through everything I
> can find.
>
> can anyone help?
>
> Dan Gentry, MCSE
> [EMAIL PROTECTED]
>
Dan,
start a ping so that you can watch what the card is doing. Then eject the card,
wait a couple of seconds and insert it again. This works for me most of the
time. Don't give up too soon: It takes about five seconds after you insert the
card before the first packet returns, and you get an ouput from the ping
command.
Please let me know if this works for you.
Karl Heinz
--
Karl Heinz Kremer [EMAIL PROTECTED]
------------------------------
From: Zulfiqar Naushad <[EMAIL PROTECTED]>
Subject: Re: IP Masquerading on @Home general question
Date: Sun, 27 Dec 1998 22:00:28 GMT
This is what I am doing right now.........
@Home Modem<---->Eth0<----->IP Masq server/firewall
+
Eth1<------>IP Masq server/firewall<------>Hub<----->internal LAN
So basically I have 2 Nics in the Masq server......1 is directly connected
to the @Home modem, the other is connected to the 10 port hub to which 4
machines are connected.
Boris Statnikov wrote:
> I've read through everything I could find on the net and I still am
> confused: if I'm trying to set up IP masquerading do I need two
> ethernet cards in the following configuration?
>
> @Home modem <---------> IP Masquerading Server <----------------> Local
> lan
>
> As far as I know, @Home modem only allows packets from one ethernet card
> through. This means that, if I only have 1 address (24.3.something) on
> my IP Masquerading server then I can use that as a gateway on the local
> lan and the packets sent to it will never go outside anyway. So, aside
> from doubling the traffic on the network, what's the downside to
> something like:
>
> @Home modem <-------------> Hub <------------> Lan including the gateway
>
> versus
>
> @Home modem <--------------> Gateway card1 <-------------> Gateway card2
> <---> Hub uplink <---> Lan
>
> ?
>
> Thanks.
>
> Boris
------------------------------
From: Marc <[EMAIL PROTECTED]>
Subject: Re: kppp and slow connects
Date: Sun, 27 Dec 1998 22:28:44 GMT
oops, I almost forgot, under the modem tab I believe there is a section for modem
flow control, make suire that it is set for Xon Xoff that took care of the 9600
for me! :)
[EMAIL PROTECTED] wrote:
> In reference to the below posts, I have the same problem but have a temporary
> work-around. I use ppp-2.3.5 on a Slackware system and put ppp-on and
> ppp-off on the desktop where I like them and go from there. It would be
> nice to use the native files though. I changed the modem string to the
> one I use with 2.3.5, that gives consistent 49333 connections with
> a generic USR No.5687 Plug and Pray modem. Thank heavens for isapnp!
>
> If anyone can figure it out I'd be much obliged.
>
> Best regards,
> Kurt Savegnago
> use this address if replying [EMAIL PROTECTED]
>
> In article <[EMAIL PROTECTED]>,
> "Ian Payne" <[EMAIL PROTECTED]> wrote:
> >
> > Greig McGill wrote in message <75bkhj$tf0$[EMAIL PROTECTED]>...
> > >Hi.
> > >
> > >I've just configured RH5.2 with KDE and all is rocking along
> > >nicely...except...
> > >I can't get kppp to connect to my ISP at anything above 9600.
> > >If I use the ifup ppp0 method of starting pppd it works fine...but I'd like
> > >the nice kppp front end for myself and my users.
> > >
> >
> > That makes two of us.
> >
> > On my RH5.1 system using netcfg or wmppp (under Window Maker) I can connect
> > at 40-44k consistently.
> >
> > I installed KDE and setup kppp, but it only connects at 9600. If I watch the
> > log file it show CARRIER 44000 but only CONNECT 9600.
> >
> >
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
