Linux-Networking Digest #941, Volume #9 Tue, 19 Jan 99 18:13:44 EST
Contents:
fetchmail dont stop fetching! ("Stein Magne. Bjorklund")
Re: database suggestions, please? (Leslie Mikesell)
Re: Load balancing router for multiple WWW servers (other way around?) (bill
davidsen)
Re: Which processes listen on which ports ? (Phil DeBecker)
Re: Hackers used my linuxserver be hacked gateway How to fixing? (bill davidsen)
Re: Problems loading lance.c driver module! (Mike Ching)
Recomendation for external modem for Linux? ([EMAIL PROTECTED])
Re: Multiple 3c509 (Sandy Culver)
Re: WEB search engine ([EMAIL PROTECTED])
Re: DOES LINUX SUCK ("Keith Peterson")
Re: Hi, (Matthew Whelan)
Re: Linux and Pacbell's ADSL (Gregory G. Woodbury)
Re: Security hole with WU-FTPD (Frank Cusack)
Re: Disabling TCP Wrappers (Matt Kressel)
Co-Located Events for Network Administrators (Jennifer Radtke)
Re: ip-up problem ("Jonas")
Re: smbmount failing (Geoff McCaughan)
----------------------------------------------------------------------------
From: "Stein Magne. Bjorklund" <[EMAIL PROTECTED]>
Subject: fetchmail dont stop fetching!
Date: Tue, 19 Jan 1999 19:35:09 +0000
Hi.
Using the latest fetchmail version.
When pulling mail from my POP3 server at my ISP, it whont terminate
after the last mail. it just keep writing
................................
................................................
all over my screen (like WERY big mail)
the only solution I have came up with is
connect with keep on og the connect with flush on that work.
Any sugg. to a more elelegant solution ?
--
Stein Magne. Bjorklund
Email: [EMAIL PROTECTED]
[EMAIL PROTECTED]
======== Norway ===================
------------------------------
From: [EMAIL PROTECTED] (Leslie Mikesell)
Subject: Re: database suggestions, please?
Date: 16 Jan 1999 18:02:12 -0600
In article <[EMAIL PROTECTED]>, Alice Dobry <[EMAIL PROTECTED]> wrote:
>
>I'm setting up a Linux web server, and need to choose a data base
>as well. The data base, when it's actually implemented, will be
>updated periodically through the day and needs to be accessible
>via CGI. It also needs to interface with Java servlets, SQL, and
>ODBC. I have no other criteria other than the database will
>become very large, lots of records, say 200 MB to 1 GB file
>size. It also needs to be transferable back to Windows NT in
>case the boss says we're moving back to NT.
Postgresql (www.postgresql.org) works nicely and is free. Use it
with perl DBI and/or php3 on the web side, ODBC on the MS side.
Les Mikesell
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (bill davidsen)
Subject: Re: Load balancing router for multiple WWW servers (other way around?)
Date: 19 Jan 1999 18:45:37 GMT
In article <[EMAIL PROTECTED]>,
Ashley <[EMAIL PROTECTED]> wrote:
| Is it then possible to use NAT to have multiple PPP connection that are
| load balanced without EQL? (and IP masq)
|
| Has anyone tried/used this?
I don't *think* NAT is what you want. There are two parts to your
question, the first is that using two paths, not connected via EQL, to a
single destination node, is probably not doable without cooperation
between the two ends. With cooperation I believe you can use equal cost
routing at each end to share the bandwidth. Note that this doesn't help
propagation time, however.
If you want to send some packets on one path and some on another, to
diferent sockets, you can probably do with some creative modification of
routing tables. Of course, you could use NAT on a dedicated gateway,
sending everything to the gateway and letting it pick the connection
from there based on bandwidth used. However, "past is no predictor of
the future" in that regard, and you may still swamp one connection or
the other.
--
bill davidsen <[EMAIL PROTECTED]> CTO, TMR Associates, Inc
"Too soon we grow old, and too late we grow smart" -Arthur Godfrey
------------------------------
Date: Tue, 19 Jan 1999 15:19:56 -0500
From: Phil DeBecker <[EMAIL PROTECTED]>
Subject: Re: Which processes listen on which ports ?
Joerg Klaas wrote:
> Does anyone know an easy way to find out, which processes are listening
> on which port ?
> I'm thinking about a combination of "netstat -na" and "ps -xla".
>
> If my problem is still not clear:
> "netstat" gives me a list of open/possible connections.
> "ps -xa" gives me a list of processes
> How can I link this two outputs together ?
>
> Thanks, Joerg.
fuser port/protocol will give you the PID of the process owning the
connection.
ex:
[root@homer /]# fuser 6000/tcp
6000/tcp: 537
[root@homer /]# ps aux | grep 537
root 537 12.1 15.8 17796 10036 ? S Jan 6 2288:23
/usr/X11R6/bin/X
-Phil
------------------------------
From: [EMAIL PROTECTED] (bill davidsen)
Subject: Re: Hackers used my linuxserver be hacked gateway How to fixing?
Date: 19 Jan 1999 20:22:49 GMT
In article <780ei4$5ht$[EMAIL PROTECTED]>,
Ronald BAL <[EMAIL PROTECTED]> wrote:
| Did u install NFS on the Linux-machine? If u did, remove it at once !
| Everyone with win3.1,Win95/98 or even DOS can get rootaccess then. Install
| SAMBA, but configure it properly, especially the permissions.
Do you have any source for these statements? If they're true, sounds
like I have to replace Linux with something else ASAP, since converting
all my clients is not likely or even desirable.
I thought the security bugs were long ago fixed! Or are you reporting
something which was only true long ago? I haven't see anything from CERT
on this in recent software...
--
bill davidsen <[EMAIL PROTECTED]> CTO, TMR Associates, Inc
"Too soon we grow old, and too late we grow smart" -Arthur Godfrey
------------------------------
From: [EMAIL PROTECTED] (Mike Ching)
Subject: Re: Problems loading lance.c driver module!
Reply-To: [EMAIL PROTECTED]
Date: Tue, 19 Jan 1999 15:21:51 GMT
AFAIK, the lance driver cannot be loaded as a module and must be compiled
into the kernel. You also need to use the DOS utility to put in non-P&P mode
and set the IO port to one of the 4 that are probed, 0x300, 0x320, 0x340 or
0x360. You could also leave it in P&P mode and patch the driver to probe
whatever port is selected by the P&P configuration.
On Mon, 18 Jan 1999 13:57:57 +0100, tbx... thomas <[EMAIL PROTECTED]> wrote:
>In my distribution (some strange LST 2.2) there was no driver for those
>AMD Lance (79c961) ISA card. But I found a driver src file on
>http://cesdis.gsfc.nasa.gov/linux/drivers/lance.c. I compiled as it is
>explained at the bottom of the page. The compiling seemed to work since
>the file lance.o came out - but either success nor error message was
>reported... a little strange to me. The only thing I replaced on the gcc
>command was -I/usr/src/linux/net/inet where I've put
>-I/usr/src/linux/include because I only found the header files recquired
>(linux/*.h and asm/*.h) in the src in that place and nowhere else.
>
>So then I tried to load the module and then came out what you can see
>here:
>
>[root@pc2 /root]# insmod lance.o
>lance32_probe1 undefined
>Loading failed! The module symbols (from linux-2.0.29) don't match your
>linux-2.0.29
>[root@pc2 /root]#
>
>What does that mean? It does not make sense - don't you think so too?
>I'd be very grateful if someone could explain me what I did wrong and
>how to solve that problem! Otherwise I can go and buy one of those cheap
>ne.o cards of which I know that the driver works. On the other hand...
>the card is there and wants to be used... I guess... thanx...
>
------------------------------
From: [EMAIL PROTECTED]
Subject: Recomendation for external modem for Linux?
Date: 19 Jan 1999 17:21:48 GMT
Has anyone had success attaching external modems to a Red hat
installation. BTW, my telephone company is GTE and I am considering
the 3com IQImpact. If anyone has used this brand or another, how did
it fare?
Thanks, for any help!
------------------------------
From: [EMAIL PROTECTED] (Sandy Culver)
Subject: Re: Multiple 3c509
Date: Tue, 19 Jan 1999 17:18:46 GMT
Greetings,
For what it worth on 5.2 I am able to have two 3c509's at least tagged
and noticed (not fully tested yet) and these are not compiled and are
reachable as well by modprobe. I read somewhere that the lower
numbered machine addressed ethernet card has to be called eth0.
Regards,
Sandy
On Mon, 18 Jan 1999 20:19:19 -0700, "Kyle Bowerman"
<[EMAIL PROTECTED]> wrote:
>I have two 3c509 nics running Slackware and can only find one.
>I recomplied the kernel and specified the nic but it stil only find it if I
>decomment the driver in /etc/rc.d/rc.modules.
>
>I have tried the following combinations in lilo
> 1. append="ether=0,0,eth0 ether=0,0,eth1"
> and
> 2. append="ether=10,0x300,eth0 ether=0,0,eth1"
> and
> 3. append="ether=10,0x300,eth0 ether=15,0x330,eth1"
> and
> 4. append="ether=0,0,eth0 ether=10,0x300,eth1"
> and
> 5. append="ether=10,0x300,eth0 ether=15,0x280,eth1"
>
>to no avail
>
>I read on of the post that said I had to put "alias eth1 3c509" in
>/etc/moules.conf but I don't have this file and I added it and it did not
>work either.
>
>An unusual thing happed when I took out the one that was discovered and
>replace it with a 3c507. -- A had all linklights on the hub lite (this
>didn't occur with both 3c509s) --and the transmit light on the 3c507 card
>blinked and the transmit light of the 3c509 on the hub blinked.
>
>I have read the documentaion from http://cedis/....../multicard.html and it
>was not much help. It merely said that the pnp feature of the 3c509 made
>addtion probling difficult.
>
>I also tried modprobe -ta net \* and it does not probe the 3c509 driver
>
>Is there a place that I cant bind this driver to eth1?
>
>Any suggestions?
>
>
>
>
>
============================================
Mr.Sandy Culver fax: (978) 623-0082
HR Consultant office: (978) 623-0942
[EMAIL PROTECTED]
============================================
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: WEB search engine
Date: Tue, 19 Jan 1999 20:09:40 GMT
Hi,
I'm using HTDIG, a source released and full fuctional and also fast, reliable
search engine. I can send it by mail. Let me know if U want.
--mkg
Mohammad K. Ghanbari
[EMAIL PROTECTED]
In article <01be43c0$e44cc1d0$cc34dea1@cbcgren023103>,
"Olly Segwick" <[EMAIL PROTECTED]> wrote:
> htDig is one I believe.
>
> --
> Olly Segwick
>
> [EMAIL PROTECTED] wrote in article
> <77vn9i$sjk$[EMAIL PROTECTED]>...
> > Hi,
> >
> > Does somebody know if there is a WEB search engine for LINUX?
> >
> > We are now using a WEB search engine on M$-NT 4.0 for indexing all sites
> > referring to one country, El Salvador. Because of the software prices we
> > are looking for an alternative...
> >
> > Thanks for any hints,
> >
> > Ernesto
> >
> > -----------== Posted via Deja News, The Discussion Network ==----------
> > http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>
> >
>
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Keith Peterson" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.advocacy,linux.redhat.install
Subject: Re: DOES LINUX SUCK
Date: Tue, 19 Jan 1999 14:16:18 -0700
>Like I said, your PCMCIA card working, in my experience, is a rearity,
>in Windows or any other system. If you absolutely need PCMCIA and
>Windows does it for you, I'm glad, however, I can tell you nightmares
>about PCMCIA network cards and modems on Windows 95 that will amaze you.
My personal experience doesn't quite match this. I spent five and a half
years doing retail break/fix, configuration and software support. I've seen
PCMCIA work as advertised on hundreds of machines, on several different
platforms (Mac versions worked okay as well). I've seen it fail dozens of
times.
But overall, it's worked probably 85% of the time for me. That number is
just a guess, but it shouldn't be too far off. Before the advent of Windows
95, however, it was a disaster.
------------------------------
From: Matthew Whelan <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.admin,comp.security.unix
Subject: Re: Hi,
Date: Tue, 19 Jan 1999 16:45:42 +0000
[followups trimmed]
Jan Stifter wrote:
>
<snip>
> >Does anyone have some programs or links to programs that test ports,
> >sniff, maybe test ipspoofing problems, programs running on a port i
> >forgot about... Just a program that looks for holes...
> >
> >Does something like that exist?
> >What do you recomend...
> >Maybe you can send it to me...
>
> you may want to take a look at SATAN: System Administrator Tool for
> Analyzing Network
>
<snip>
For Linux, you'd be better off looking at SAINT. Also of some use might
be COPS or Tiger, although be aware that more exploits are being
developed all the time and no program will be able to protect against
those, or even warn about them
~ Matthew ~
------------------------------
From: [EMAIL PROTECTED] (Gregory G. Woodbury)
Crossposted-To: comp.os.linux.hardware
Subject: Re: Linux and Pacbell's ADSL
Date: 19 Jan 1999 16:13:45 GMT
Justin Young <[EMAIL PROTECTED]> shaped electrons to say:
>Hi,
>
>apologies for the cross post (I wasn't sure which newsgroup into which
>I should post this). Is anyone using Linux and Pacbell's ADSL now?
>I'm curious as to the performance. In addition, I know that Pacbell
>doesn't support Linux. However, I'm thinking that it should be a
>breeze since the communication is through a NIC card rather than a
>specialized modem card.
I use linux with GTE ADSL service (here in NC) and have no problems.
The things to be careful of (in no particular order):
+ Be sure to use the proper cable between the ADSL modem and the
NIC on the Linux box. Generally for a 1-to-1 link you'll need
a "crossover" cable, since the ADSL box and the NIC will think
they are talking to a normal "hub" device.
+ Be sure to have the "dhcpcd" package installed on Linux so that
the ADSL service can properly configure the interface at boot
time. (This presumes dynamic-ip and a DHCP server on the ADSL
side.)
+ Use Linuxconf or netconfig (under RedHat) or similar tools to
make sure that the system knows to use DHCP for initialization.
+ Don't expect to get the "full bandwidth" your service level
provides. The bandwidth limiter used at the telco central
office eats part of the nominal service provided. (Presumes
you're using a fractional-T1 speed -- the telco artificially
throttles packets to prevent using more than the "purchased"
speed. But that's another story.)
+ If trying to use more than 1 computer on the line, get a good
mini-hub and make sure the ISP isn't going to limit the number
of IP numbers you can get at a time.
I've got a definite case of "strong like" for my ADSL service.
--
Gregory G. "Wolfe" Woodbury `-_-' Owner/Admin: wolves.durham.nc.us
ggw at wolves.durham.nc.us U Erstwhile co-moderator of:
soc.religion.unitarian-univ
"The Line Eater is a boojum snark." Hug your wolf. (Thanks Peter.)
------------------------------
Crossposted-To: comp.security.unix,redhat.networking.general,aus.computers.linux
Subject: Re: Security hole with WU-FTPD
From: Frank Cusack <[EMAIL PROTECTED]>
Date: Tue, 19 Jan 1999 17:51:37 GMT
[EMAIL PROTECTED] (Bill Unruh) writes:
> In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (M. Buchenrieder) writes:
> >and manually edit the /etc/passwd file to have an entry with an empty
> >password string and no corresponding entry in /etc/shadow, then you'll
> >always be able to login without password. Try it. Add a user manually
> >and login. I just tested it on a SuSE 5.3 system, using login.c v. 1.4 .
> >Using an FTP account to actually access the system is just a way to hide
> >the intruder(s) from the eyes of the sysadmin. But the damage is already
> >done.
>
> His comment is that while login does not allow a remote root login with no
> password, ftp does allow a root login with no password. This is what he
> is calling the bug in ftpd. It certainly is an inconsistancy between
> the two.
No, his comment was that his "login scripts" do not allow no password.
The inconsistency is not w/ wu-ftpd. I seriously doubt wu-ftpd hand
checks the /etc/passwd file or reads the /etc/shadow file directly;
it almost certainly calls getpwnam() and getspnam() which do whatever
is defined for the system.
>
> It is also true that this bug is minor compared to the bug which allowed
> a root user to be entered into passwd without a password.
Which is the cause of the problem, NOT any supposed hole in wu-ftpd.
~frank
--
Frank Cusack ** Icon CMT Corp. ** PGP: C001AA75
496620796F752063616E207265616420746869732C20796F7520686176652066
617220746F6F206D7563682074696D65206F6E20796F75722068616E6473210F
------------------------------
From: Matt Kressel <[EMAIL PROTECTED]>
Subject: Re: Disabling TCP Wrappers
Date: Tue, 19 Jan 1999 20:27:50 GMT
Scallica wrote:
>
> Hey,
>
> I am using Redhat 5.2. I am using the INET service thing. I can't seem to get
> telnet and ftp access to my machine. I think its because of the tcp wrappers
> not allowing me to connect. So how can I disable the tcp wrappers? Thanx.
>
> P.S. - I shut down inetd and them started in.telnetd manually using the -debug
> flag, and telnet worked! But the process died after a few minutes.
The tcpd wrappers are started from the inetd program and configured in
/etc/inetd.conf. The control of the tcpd wrappers is handled by the
files /etc/hosts.allow and /etc/hosts.deny. See the man page on tcpd
for details on how to configure tcpd. You can be sure that it is the
wrappers disallowing you by checking your log files (usually in
/var/log) and looking for "in.telnetd: denied access from 192.x.x.x"
HTH,
-Matt
--
Matthew O. Kressel | INTERNET: [EMAIL PROTECTED]
+--------- Northrop Grumman Corporation, Bethpage, NY ---------+
+--------- TEL: (516) 346-9101 FAX: (516) 346-9740 ------------+
------------------------------
Crossposted-To: comp.os.inferno,comp.os.misc
From: [EMAIL PROTECTED] (Jennifer Radtke)
Subject: Co-Located Events for Network Administrators
Date: Tue, 19 Jan 1999 18:04:52 GMT
Two Co-Located Meetings for Network Administrators
PLUS Two Days of Networking Tutorials
For the first time, USENIX and SAGE are bringing together the community
of professional network administrators. Join us for intensive learning,
refereed research papers and invited talks, and sharing of solutions in
network management.
CONFERENCE ON NETWORK ADMINISTRATION
Wednesday and Thursday, April 7-8, 1999
Take advantage of expertise gained by years of varied and
innovative work at sites of all sizes throughout the world.
WEB SITE: http://www.usenix.org/events/neta99
NETWORKING TUTORIAL PROGRAM
Friday and Saturday, April 9-10, 1999
Courses tailored to all levels of experience and spanning a wide
range of interests. Bring home skills you can use immediately.
WORKSHOP ON INTRUSION DETECTION AND NETWORK MONITORING
Sunday and Monday, April 11-12, 1999
Meet and learn from the researchers and practitioners who are
building the state of the art in techniques and technologies
you need to maintain your network's security.
WEB SITE: http://www.usenix.org/events/detection99
LOCATION:
Santa Clara Marriott Hotel
Santa Clara, California, USA
Sponsored by USENIX, the Advanced Computing Systems Association, and
SAGE, the System Administrators Guild
======================================================================
The USENIX Association's international membership includes engineers,
scientists, and technicians working on the cutting edge of systems and
software. SAGE, a special technical group within USENIX, is devoted to
the advancement and recognition of system administration as a profession.
USENIX and SAGE are co-sponsors of the highly regarded LISA--System
Administrators Conference.
------------------------------
From: "Jonas" <[EMAIL PROTECTED]>
Crossposted-To: linux.redhat.ppp
Subject: Re: ip-up problem
Date: Tue, 19 Jan 1999 11:54:57 +0100
Thanks Larry for all the help.
Now I got LRP 2.9.4 working with my ipfwadm rules in the ip-up script.
My only problem now is that when a ppp conection goes up the ip-up script
doesn't run. I have to run it manualy, then my firewall/router works great.
This is how I run pppd:
pppd /dev/ttyS0 0.0.0.0:123.123.123.123 demand idle 30 defaultroute \
connect 'chat -f /etc/ppp/chatscript'
Is there something wrong with this command, or what else could be wrong.
TIA /Jonas
------------------------------
From: [EMAIL PROTECTED] (Geoff McCaughan)
Subject: Re: smbmount failing
Date: 19 Jan 1999 20:54:42 GMT
Reply-To: [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
> In article <368f2e29.0@wantest>,
> Jayasuthan [VorHacker] <[EMAIL PROTECTED]> writes:
> > Geoff McCaughan <[EMAIL PROTECTED]> wrote:
> >
> >: I'm running Redhat 5.2 and trying to mount an SMB share on an NT 4.0 box.
> >
> >: Here's my command line and result:
> >
> >: smbmount //geoff1/share /mnt/smb
> >: Password:
> >: mount error: Invalid argument
> >: Please look at smbmount's manual page for possible reasons
> >
> >: I can connect to this server with smbclient with no problems.
> >
> Hi,
>
> Try this:
>
> smbmount //the/share /mnt hostname -U username -C
I presume that's -I hostname?
In any case adding -C makes no difference. When I list the services with
smbclient I can see the share I'm trying to mount, and I can transfer data
from it with smbclient, but smbmount refuses to work, or give a meaningful
error message. Looks broken to me.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
