Linux-Networking Digest #34, Volume #10 Thu, 28 Jan 99 16:13:43 EST
Contents:
Re: PPP dial-up connection with RH5.2 (Gregory Propf)
Re: ftp from behind a masquerading router (Luca Filipozzi)
Re: Am I under netbios and httpsd (on Linux) attack? (fkeeney)
Re: IP Aliasing (Brian McCauley)
Re: ip masquearding and ftp (Matt Kressel)
Re: Another Newbie PPP question (Brian McCauley)
Re: Routing Question (NEWBIE) (Brian McCauley)
printing from slackware -> nt hp lj III (Ryan Speed)
Re: DOES LINUX SUCK ("Keith Peterson")
NTP on Linux (John Brookes)
Re: "host name lookup failure" error (Chris)
Re: HELP !! Default Run Level goes wrong, How can I make the linux sector work
again? ("Jürgen Exner")
Re: socket error (what is?) (Matt Kressel)
Re: Kernel 2.2 in RPM (Matt Kressel)
Re: need help? (David Efflandt)
How does RH 5.1 play in (non-DNS) WINS LAN? (Randy Hayman)
----------------------------------------------------------------------------
From: Gregory Propf <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.networking,comp.os.linux.misc,comp.os.linux.help
Subject: Re: PPP dial-up connection with RH5.2
Date: Thu, 28 Jan 1999 02:43:22 GMT
steve wrote:
>
> I recently installed RH5.2. I used netcfg to configure my ppp connection
> as instructed by RH support, I believe everything there to be right. I
> click activate and the modem dials out, connects and then hangs up in
> about 20-30 seconds.
>
> First, where is the log file so I can look at it.(Debug is enabled)
> Second, my ISP says (I don't think they really know for sure) they don't
> use PAP and alas I have tried it with PAP and without to the same end.
>
> Please help, it's getting a little frustrating and I'm about to give up.
> I tired of trying to decipher the endless trail of FAQ's and HOWTO's and
> mini-HOWTO's and man pages.
I recently posted with the exact same problem under 5.1. The modem
would dial out and then hang up after 20-30 seconds. When I changed the
IRQ of the modem from 4 to 5 (this is where it was in Windows which did
not have the hang-up problem) the modem began to respond to AT commands
much faster. I haven't had the chance to verify that this is why the
modem was hanging up but my theory is that the misconfigured IRQ was
causing the modem buffer to fill up and then the thing simply gave up
and dropped the link. Why it worked *at all* on the wrong IRQ is still
puzzling. Hope this helps even though the original message I posted
seems to have been aged out. - Greg
BTW - the command to change IRQ
"setserial /dev/your.modem.device irq arg" - as root.
--
-- homepage: http://members.home.net/gregp/ --
"I wanted plutonium, not Beanie Babies..."
- Sadaam Hussein, in a letter to Santa Claus.
------------------------------
From: [EMAIL PROTECTED] (Luca Filipozzi)
Subject: Re: ftp from behind a masquerading router
Date: Wed, 27 Jan 1999 19:05:27 -0800
In article <78oifu$660$[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
> The ftp "dir" commands hangs when I do ftp from a machine connected to a
> masquerading linux router. This happens even if the router allows all access
> like this:
>
> /sbin/ipfwadm -I -p accept
> /sbin/ipfwadm -O -p accept
> /sbin/ipfwadm -F -p accept
>
> /sbin/ipfwadm -F -a masquerade -S 192.168.1.0/24 -D 0.0.0.0/0
>
> "dir" does work if I issue it from an ftp session on the router itself.
>
> Will appreciate any clues.
>
> Michael Kifer
> [EMAIL PROTECTED]
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>
you need to use the ip_masq_ftp module to do active (vs passive) ftp
--
Luca Filipozzi <[EMAIL PROTECTED]>
------------------------------
From: fkeeney <[EMAIL PROTECTED]>
Crossposted-To: comp.security.unix,comp.security.misc
Subject: Re: Am I under netbios and httpsd (on Linux) attack?
Date: Thu, 28 Jan 1999 09:39:33 -0800
I manage several firewalls at different locations on the Internet. The hosts that
are most commonly attacked are those that run name or web servers. My name and
web servers are probed several times a day the other hosts are rarely touched.
On Linux it's important to run ipfwadm AND log all the denied traffic.
Here is a sample of a setup I did on a cable modem:
http://www.pasadena.net/linux/linuxsecure.html
Correct me if I'm wrong, but I beleive that most of the netbios name (udp 137)
traffic you see is a result of MS Windows doing a netbios name lookup on your
host.
[EMAIL PROTECTED] wrote:
> I don't know what this all means. If the probes resulted negative on httpsd,
> ftpd and netbios, why do they continue so frequently? This gives me the
> impression that there is something else that keep some people trying over and
> over.
------------------------------
From: Brian McCauley <[EMAIL PROTECTED]>
Subject: Re: IP Aliasing
Date: 28 Jan 1999 19:11:13 +0000
[EMAIL PROTECTED] writes:
> Does anyone know if there is a maximum number of IP Addresses that can be
> aliased on one interface?
255.
Why are you asking?
If you want a contiguous range of IP addresses there's a much more
elegant way with 2.1.x (and presumably 2.2.x).
--
\\ ( ) No male bovine | Email: [EMAIL PROTECTED]
. _\\__[oo faeces from | Phones: +44 121 471 3789 (home)
.__/ \\ /\@ /~) /~[ /\/[ | +44 121 627 2173 (voice) 2175 (fax)
. l___\\ /~~) /~~[ / [ | PGP-fp: D7 03 2A 4B D8 3A 05 37...
# ll l\\ ~~~~ ~ ~ ~ ~ | http://www.wcl.bham.ac.uk/~bam/
###LL LL\\ (Brian McCauley) |
------------------------------
From: Matt Kressel <[EMAIL PROTECTED]>
Subject: Re: ip masquearding and ftp
Date: Thu, 28 Jan 1999 18:29:27 GMT
d75 wrote:
>
> I've got IP masquerading set up on my 486 running slack3.2 with all
> the appropropriate ip_masq modules patches installed. From my NT box
> on the masqueraded side of the Linux box I've been experiencing
> trouble ftp'ing - it appears to connect alright and some sites work
> fine - others log and sit there after logging in and the connection
> times out as I wait for a diretory listing. I suspect part of the
> problem may have to do with connecting to non-standard ftp ports on
> remote hosts from teh NT box - it works fine from the linux box. Has
> anyone experienced this or know of a workaround? any suggestions
> would be apprecieated.
>
> D.
I think you need to add port 20 to your etc services file:
ftp-data 20/tcp # File Transfer [Default Data]
ftp-data 20/udp # File Transfer [Default Data]
-Matt
--
Matthew O. Kressel | INTERNET: [EMAIL PROTECTED]
+--------- Northrop Grumman Corporation, Bethpage, NY ---------+
+--------- TEL: (516) 346-9101 FAX: (516) 346-9740 ------------+
------------------------------
From: Brian McCauley <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.help,comp.os.linux.questions
Subject: Re: Another Newbie PPP question
Date: 28 Jan 1999 19:24:04 +0000
"Michael J. Bahr" <[EMAIL PROTECTED]> writes:
> New to linux/unix:
> Just installed Red Hat 5.2 and am having problems with my PPP
> connection. I can dial out fine but I get disconnected from my ISP
> everytime and I dont know where to look to see what is going on.
See responses to previous similar messages. You should have done
this *before* your posted.
> Currently, to dial out, I select "activate" from the Networking Config
> menu. The modem dials, connects, is quiet for a few seconds then
> disconnects and redials. Does this have anything to do with PAP???
You did not include debug log. How do you expect us to know?
--
\\ ( ) No male bovine | Email: [EMAIL PROTECTED]
. _\\__[oo faeces from | Phones: +44 121 471 3789 (home)
.__/ \\ /\@ /~) /~[ /\/[ | +44 121 627 2173 (voice) 2175 (fax)
. l___\\ /~~) /~~[ / [ | PGP-fp: D7 03 2A 4B D8 3A 05 37...
# ll l\\ ~~~~ ~ ~ ~ ~ | http://www.wcl.bham.ac.uk/~bam/
###LL LL\\ (Brian McCauley) |
------------------------------
From: Brian McCauley <[EMAIL PROTECTED]>
Subject: Re: Routing Question (NEWBIE)
Date: 28 Jan 1999 19:33:03 +0000
John Smith <[EMAIL PROTECTED]> writes:
> I am trying to use my Redhat 5.2 box to route internet information. I
> have a strange need though. I want all computers (5) on 192.168.0.x to
> have direct internet access to all ports (HTTP, FTP, Games(2000-40000))
> so a proxy is out. The host computer has a 10base connection direct to
> the internet. (At Auburn University, AL) The computer is not behind a
> firewall.
>
> Is this possible, at all?
No. "direct internet access" means (tautalogically) that you must
have a real IP address.
If you don't have a real IP address you _must_ have some sort of proxy
or network address translation (NAT).
HTTP will operate over Linux IP-Masquerading (a simple form of NAT
supported by Linux as standard) without any help.
There is a helper for using FTP over IP-Masquerading.
Some games can operate over IP-Masquerading, some games can't.
--
\\ ( ) No male bovine | Email: [EMAIL PROTECTED]
. _\\__[oo faeces from | Phones: +44 121 471 3789 (home)
.__/ \\ /\@ /~) /~[ /\/[ | +44 121 627 2173 (voice) 2175 (fax)
. l___\\ /~~) /~~[ / [ | PGP-fp: D7 03 2A 4B D8 3A 05 37...
# ll l\\ ~~~~ ~ ~ ~ ~ | http://www.wcl.bham.ac.uk/~bam/
###LL LL\\ (Brian McCauley) |
------------------------------
From: Ryan Speed <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux.slackware
Subject: printing from slackware -> nt hp lj III
Date: Thu, 28 Jan 1999 11:52:04 -0800
Reply-To: [EMAIL PROTECTED]
Hello I would greatly appreciate if someone could either help me out or
point me in the direction of some good documentation that will help me
resolve my problem from beginning to end, here is my situation I have 2
linux (slackware) machines running on a Windows NT domintated client /
server network, I would like to be able to print from anywhere in
slackware (ie. wp8 or netscape) but the printer (hewlet packard laser
III) is setup on one a 95 machine (//inkblot/hpiii lab1)on the nt
network. i would like to use whatever method possible to get full
access to the printer (ie. be able to print text/graphics, and maybe
even view the print cue) from within applications. the closest i have
gotten which is not acceptable for me is the smb:/> prompt (where i was
able to print text files). If anyone could help me out it would be very
much appreciated. i will give a basic description of my network
below(we are using ethernet if that matters.
Linux Machine 1
Linux Distributuion: Slackware 3.6 (w/kernel 2.2 final)
Name: absolut
IP: 142.231.36.103 (itas-103.mala.bc.ca)
Linux Machine 2
Linux Distributuion: Slackware 3.6 (w/kernel 2.2 final)
Name: furball
IP: 142.231.36.210 (itas-210.mala.bc.ca)
Windows 95 Print server
OS: win95 osr2.5
name: inkblot
ip: 142.231.36.193 (itas-193.mala.bc.ca)
location of priter share: HPIII LAB1 (//inkblot/hpiii lab1)
what i get when i type smbclient -L inkblot
security=share
Server=[INKBLOT] User=[] Workgroup=[ITAS] Domain=[]
Sharename Type Comment
--------- ---- -------
HPIII LAB1 Printer First Year Printer (ITAS)
IPC$ IPC Remote Inter Process Communication
PRINTER$ Disk
if you need more info please email me like i said earlier i would
greatly appreciate any help even if it is just a small tidbit i can use
any help i can get
please reply to my email as well as the newsgroup
thanks in advance
ryan speed
------------------------------
From: "Keith Peterson" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.advocacy,linux.redhat.install
Subject: Re: DOES LINUX SUCK
Date: Thu, 28 Jan 1999 13:15:41 -0700
>>The fourteen-year-old "hey, I'm using linux, so I'm cool" advocates would
> ^^^^^^^^^^^^^^^
>
>A generally valid and well made point, but why did you have to spoil it
with
>the agist rhetoric that is also unfortunately so typical of this newsgroup.
>Most people would understandably be unhappy if I posted something like:
`The
>black guy "hey, I'm using linux, I'm so cool" advocates', so why is
replacing
>an attitude that discriminates on the basis of race with one that
>discriminates on the basis of age acceptable?
Consider it recanted. In retrospect, you are correct - it's a bad choice of
words.
Instead, I offer, "The immature 'Hey, I'm using linux, so I'm cool'
advocates would"
I used fourteen to indicate a lack of maturity, but that was unfair.
------------------------------
From: John Brookes <[EMAIL PROTECTED]>
Subject: NTP on Linux
Date: Thu, 28 Jan 1999 20:26:23 +0000
Reply-To: [EMAIL PROTECTED]
Hi all,
I need to get NTP up on my box. I've heard I need XNTP, but I can't find
it anywhere. Does anyone know where to find it, or do you have an
alternative method?
Cheers,
John Brookes
------------------------------
From: [EMAIL PROTECTED] (Chris)
Subject: Re: "host name lookup failure" error
Date: Thu, 28 Jan 1999 20:26:26 GMT
Try running "pppd /dev/ttyS0 defaultroute" instead of just pppd.
Check your ifconfig to verify that it's routing it to your gateway
On Sun, 10 Jan 1999 22:45:01 GMT, [EMAIL PROTECTED] wrote:
>Hi all:
>
>I recently upgraded from Red Hat 5.0 to 5.2 and am continually getting the
>error "host name lookup failure" whenever I try to ftp or telnet ANYWHERE.
>I'm trying to connect to my ISP, and I am not on any LAN of any sort. The
>name of my computer is goliath.
>
>My /etc/hosts file looks like this:
>127.0.0.1 goliath
>0.0.0.0 ms653720.users.mindspring.com
>
>My /etc/host.conf looks like this:
>order hosts,bind
>multi on
>
>My /etc/resolv.conf looks like this:
>search mindspring.com
>nameserver 207.69.188.185
>namesever 207.69.188.186
>
>My /etc/hosts.allow looks like this:
>ALL: 127.0.0.1
>
>My /etc/ppp/options looks like this:
>
>defaultroute /dev/modem 115200
>netmask 255.255.255.0
>mtu 1500
>connect "usr/sbin/chat -v ABORT BUSY ABORT 'NO CARRIER''' ATZ OK ATDT9628004
>ogin ms653720 word PASSWORD"
>
> (and yes, I changed PASSWORD to my actual password)
>
>I then run pppd, which runs fine (no msg, I'm just given another prompt).
>
>My link to /dev/modem is set correctly, and I've verified the nameserver IP's
>with mindspring twice.
>
>If I try to telnet or ftp ANYWHERE, I always get:
>"ANYWHERE: host name lookup failure"
>
>Any help would be GREATLY appreciated.
>
>Thanks.
>
>Joshua Colvin
>[EMAIL PROTECTED]
>
>-----------== Posted via Deja News, The Discussion Network ==----------
>http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Jürgen Exner" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux,comp.os.linux.setup,hk.comp.os.linux
Subject: Re: HELP !! Default Run Level goes wrong, How can I make the linux sector
work again?
Date: Thu, 28 Jan 1999 11:44:30 -0800
Novicer Jothiw wrote in message <78po80$[EMAIL PROTECTED]>...
>Dear Linux World,
> I configured the rc.network file for Run Level 3 (rc3.d) but something
>goes wrong!!!
> I don't know how to boot into the linux sector to fix the problem
again,
>because Level 3 is the default run level. Whenever I boot in linux, it goes
>onto level 3 and halt the system in the middle of the rc files. Even I use
a
>linux boot disk, it is the same (default run level 3 was also used)
> Could you kindly offer some method to help? e.g. in the LILO boot
should
>can I type something after the linux:
>LILO: linux (ADD SOMETHINGS HERE?)
Yep, the "(ADD SOMETHINGS HERE?)" is exactly a "1" to boot to runlevel 1
(which usually is single-user mode).
Otherwise please check the Linux FAQ, question 6.11: "I have screwed up my
system and can't login to fix it"
jue
--
Jürgen Exner; microsoft.com, UID: jurgenex
Sorry for this anti-spam inconvenience
------------------------------
Crossposted-To: alt.os.linux,alt.linux,linux.redhat,linux.redhat.misc
From: Matt Kressel <[EMAIL PROTECTED]>
Subject: Re: socket error (what is?)
Date: Thu, 28 Jan 1999 20:18:24 GMT
John K wrote:
>
> Hello,
>
> Thanks for helping me setting up my small 2 computer LAN.
>
> Thanks to your advice, the computers can ping each other. The Proxy can ping
> the client and the client can ping the proxy no problem. I set up netscape
> to connect via proxy will all the numbers set correctly (192.168.0.1 port
> 80)
>
> The problem is that when I go in netscape to browse somehere I get the
> following error:
>
> SOCKET ERROR 10049
>
> what does that mean? strange no? How can I correct this?
>
> Client is a RedHat 5.2 Linux
> Proxy is a win98 under wingate
That is a windows proxy error that according ti "winsock.h" is:
#define WSAEADDRNOTAVAIL (WSABASEERR+49)
Or "address not available"... so perhaps its a DNS error?
-Matt
--
Matthew O. Kressel | INTERNET: [EMAIL PROTECTED]
+--------- Northrop Grumman Corporation, Bethpage, NY ---------+
+--------- TEL: (516) 346-9101 FAX: (516) 346-9740 ------------+
------------------------------
Crossposted-To: alt.linux,alt.os.linux,linux.redhat,linux.redhat.misc
From: Matt Kressel <[EMAIL PROTECTED]>
Subject: Re: Kernel 2.2 in RPM
Date: Thu, 28 Jan 1999 20:11:55 GMT
Jowell S. Sabino wrote:
>
>
>
> If it ain't broke, don't fix it.... I suggest you learn your way around
> Linux first before making a leap to 2.2. There are so many fun things to learn
> in Linux, much more fun than keeping up with every release (Alan Cox has
> released his second patch, so expect the 2.2 kernel to be upgraded yet again
> soon).
>
According to the Kernel archives, Linus says he is nailing down bugs in
2.2 so he won't release 2.2.1 for another month. If you live in Windows
world thats faster than the blink of an eye, but for us Linux weenies,
its eternity... %)
-Matt
--
Matthew O. Kressel | INTERNET: [EMAIL PROTECTED]
+--------- Northrop Grumman Corporation, Bethpage, NY ---------+
+--------- TEL: (516) 346-9101 FAX: (516) 346-9740 ------------+
------------------------------
From: David Efflandt <[EMAIL PROTECTED]>
Subject: Re: need help?
Date: Thu, 28 Jan 1999 04:20:03 GMT
Reply-To: [EMAIL PROTECTED]
On 1/24/99, 11:29:07 PM, "Scott Chu" <[EMAIL PROTECTED]> wrote=20
regarding need help?:
> I've met with several problem but don't know how to resolve, please=20
help:
> 1> our Linux server seems block too many network connections (not=20
internet
> connection, just local network), any way to expand the limit?
Don't have a clue what you mean. Just make sure you have unique names=20
in /etc/host (even if fictional) for each local IP that connects to=20
your box (or connection to a nameserver on your LAN). Otherwise there=20
will be extended delays.
> 2>using win95 mail client to read mail but get 'already read error',=20
and we
> found there's a file with same name as username in /usr/tmp/.pop, if=20
kill it
> then re-read mail, it's ok, but come back with this phenomena=20
frequently?
> thanks in advance!
Thank Bill Gates. MS Outlook has been known to leave stale lock files=20
laying around because it does things unexpectedly. Not sure if=20
updating MS Outlook on those pesky MS machines would help (or a newer=20
pop server).
------------------------------
From: Randy Hayman <[EMAIL PROTECTED]>
Subject: How does RH 5.1 play in (non-DNS) WINS LAN?
Date: Wed, 27 Jan 1999 22:11:56 -0600
Greetings!
I've currently got a laptop (Armada 1550DMT) I carry from client site to
client site.
I have it configured and working just fine for DHCP or static IP,
depending on the
client site.
The problem is with a single client site - their sandbox is entirely
WINS based.
When I was forced to boot Win95, I had to configure at least one WINS
server
in the (Win95) Networking panel in order to see anything on their LAN.
How can I make RH5.1 play a simple client in a WINS sandbox? I can't
even
ping anything on that LAN at this time. DHCP startup returns a 'no
response'
or a 'request not answered' type of message in /var/log/messages.
Alas, a tcpdump spews forth incessant network traffic - it's there, but
I can't
use it.
I can't believe I would need SAMBA just to play a simple client in
that sandbox....is that the only way?
Any comments/ideas?
--
Randy Hayman
mailto:[EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
