Linux-Networking Digest #76, Volume #10 Mon, 1 Feb 99 11:13:19 EST
Contents:
Re: Weird 3COM Card Problem - Help Please (tmf)
Re: Which 'flavor' of Linux best for a M$ Separatist (Nico Kadel-Garcia)
Re: Which 'flavor' of Linux best for a M$ Separatist (Marcus Borelli)
ARP <---> PPP routing problems ("Rubens S. Gomes")
Re: How to get the local IP address after booting with DHCP? (Michael Meissner)
Re: /var/log/messages (Matthew Dare)
modems / networking ???? ("Adam L. Mendelson")
Re: Help With IP Masquerading ("phantom")
Linux as a Firewall (Alex Schneider)
can not ftp certain file types (Ted Potter)
ppp dial-on-demand or Diald ??? ("Beno�t Cousson")
Re: SIOCADDRT: Invalid arguement? How to Fix (Mike Cole)
2.2.0 breaks telnet to old SysV R3 machine (Cord Seele)
Re: Romote "root" login (pazuzu)
----------------------------------------------------------------------------
From: tmf <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.portable,linux.redhat.install
Subject: Re: Weird 3COM Card Problem - Help Please
Date: 1 Feb 1999 12:18:16 GMT
It was the 3c574_cs modular driver.
When you install PCMCIA package 3.0.8, you will find that somewhere it says the driver
is dodgy.
(Also see http://hyper.stanford.edu/~dhinds/pcmcia/ftp/BUGS).
Hope Dave Hinds can figure out what the problem is; maybe 3Com can give him a hand
(hint, hint -- I wonder if these folks read the lists). BTW David, great job you're
doing on the drivers -- thanks!
dave dufeau wrote:
> tmf wrote:
> >
> > I had a similar problem with the 3COM 3CCFEM556B;
> > the driver seems to have an initialisation problem, the same card sometimes
> > works on a particular machine and fails on an identical but different machine. I
> > curse 3COM for claiming they support the Linux development, but they don't do
> > anything to make the bloody card work.
> >
> > [EMAIL PROTECTED] wrote:
> >
> > > My problem with my 3COM problem continues, any help would be GREATLY
> > > APPRECIATTED
> > >
> > > Problem: System hangs during "boot" with new PCMCIA multi-function card.
> > > =======
>
> I am experiencing almost the same ordeal with the 3ccfem656 card (I
> don't know the difference between this card and the 556), except that I
> cannot get the card to be recognized. Can you tell me which driver you
> used?
>
> --
> ____________________________________________________________
> ____________________________________________________________
> David L. Dufeau
> Digital Morphology Group
> Vertebrate Paleontology Laboratory
> J.J. Pickle Research Campus
> University of Texas at Austin
> Austin, TX 78712
> http://www.ctlab.geo.utexas.edu/dmg/
> [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Nico Kadel-Garcia)
Crossposted-To: alt.os.linux.caldera,comp.os.linux
Subject: Re: Which 'flavor' of Linux best for a M$ Separatist
Date: Mon, 01 Feb 1999 12:19:24 GMT
On Sun, 31 Jan 1999 00:25:23 -0200, Marcus Borelli <[EMAIL PROTECTED]> wrote:
>Kona Stan wrote:
>>
>> I have installed both RH 5.1 & Caldera 1.3
>> AND the winna is ------- Caldera!!!!!
>> I think its easier to install & work with.
>>
>> Kona Stan
>> AH6JR
>
>I tried many distributions (is missing Mandrake) but Caldera is very easy
>to install and use. Long life and prosper to Linux!
RedHat 5.1 had a *LOT* of issues. 5.2 fixed a lot of them and is
a vast improvement, although still not perfect.
------------------------------
From: Marcus Borelli <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux.caldera,comp.os.linux
Subject: Re: Which 'flavor' of Linux best for a M$ Separatist
Date: Sun, 31 Jan 1999 00:25:23 -0200
Kona Stan wrote:
>
> I have installed both RH 5.1 & Caldera 1.3
> AND the winna is ------- Caldera!!!!!
> I think its easier to install & work with.
>
> Kona Stan
> AH6JR
I tried many distributions (is missing Mandrake) but Caldera is very easy
to install and use. Long life and prosper to Linux!
--
Marcus Borelli Ribeiro
Holos Tecnologia
http://www.holostech.com
------------------------------
Date: Mon, 1 Feb 1999 06:24:21 -0600
From: "Rubens S. Gomes" <[EMAIL PROTECTED]>
Subject: ARP <---> PPP routing problems
I am having a weird network problem with my home LAN
of Linux PCs. I have a home LAN with 3 Linux PCs. One of the
Linux PCs is an Internet (PPP) gateway. Everything worked
fine until I recently decided to change hostnames + IP
address in the LAN. I have spent hours on this problem.
The problem is when pppd is running on the gateway box,
pinging a host on the LAN does not work. Also, pinging
the gateway box from a another host does NOT work either.
I see a message "ARP called for own IP address" in /var/log/
debug.
When I shutdown "pppd" pinging works fine either way. And
the above "ARP called for own.." does not show up in
/var/log/debug.
Following is further information on my computer set up,
routes, ifconfigs, etc. I have RH 5.1 installed.
[root@linux-gw /root]# uname -a
Linux linux-gw 2.0.36 #3 Sat Jan 23 20:01:40 EST 1999 i486 unknown
[root@linux-gw /root]# pppd -v
pppd: unrecognized option '-v'
pppd version 2.3 patch level 5
....
[root@linux-gw /root]# tail -2 /var/log/debug
Feb 1 06:00:26 linux-gw kernel: ARP: arp called for own IP address
Feb 1 06:51:58 linux-gw kernel: ARP: arp called for own IP address
[root@linux-gw /root]# ifconfig (...with pppd demand running)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0
TX packets:0 errors:0 dropped:0 overruns:0
eth0 Link encap:Ethernet HWaddr 02:60:8C:6B:30:64
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0
TX packets:0 errors:0 dropped:0 overruns:0
Interrupt:5 Base address:0x300 Memory:c8000-ca000
ppp0 Link encap:Point-to-Point Protocol
inet addr:0.0.0.0 P-t-P:192.168.0.20 Mask:255.255.255.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0
TX packets:0 errors:0 dropped:0 overruns:0
[root@linux-gw /root]# ifconfig (...no pppd running)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0
TX packets:0 errors:0 dropped:0 overruns:0
eth0 Link encap:Ethernet HWaddr 02:60:8C:6B:30:64
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0
TX packets:10 errors:0 dropped:0 overruns:0
Interrupt:5 Base address:0x300 Memory:c8000-ca000
[root@linux-gw /root]# route -n (.... with pppd demand daemon running)
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
127.0.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 lo
192.168.0.20 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.0.20 0.0.0.0 UG 0 0 0 ppp0
[root@linux-gw /root]# route -n (...no pppd daemon running)
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
127.0.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 lo
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 2 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
[root@linux-gw /root]# ipfwadm -F -l
IP firewall forward rules, default policy: deny
type prot source destination ports
acc/m all gomes.home/24 anywhere n/a
[root@linux-gw /root]# ipfwadm -I -l
IP firewall input rules, default policy: accept
type prot source destination ports
deny udp gomes.home/24 anywhere any -> any
[root@linux-gw init.d]# more /etc/ppp/options
lock
modem
crtscts
noipdefault
lcp-max-configure 30
mtu 576
defaultroute
asyncmap 0
#debug
name fns.com\\rsg
remotename DialupNT
connect '/usr/sbin/chat -t 80 -v -f /etc/ppp/chat-fnc'
demand
:192.168.0.20
idle 300
ipcp-accept-local
ipcp-accept-remote
/dev/cua1 57600
netmask 255.255.255.0
[root@linux-gw init.d]# more /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.1.1 linux-gw.gomes.home linux-gw
192.168.1.2 rosemary.gomes.home rosemary
192.168.1.3 rubens.gomes.home rubens
[root@linux-gw init.d]# more /etc/sysconfig/network
NETWORKING=yes
FORWARD_IPV4=yes
HOSTNAME=linux-gw
DOMAINNAME="gomes.home"
GATEWAY=
GATEWAYDEV=
NISDOMAIN=
[root@linux-gw /root]# more /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
IPADDR="192.168.1.1"
NETMASK="255.255.255.0"
NETWORK="192.168.1.0"
BROADCAST=192.168.1.255
ONBOOT="yes"
BOOTPROTO="none"
IPXNETNUM_802_2=""
IPXPRIMARY_802_2="no"
IPXACTIVE_802_2="no"
IPXNETNUM_802_3=""
IPXPRIMARY_802_3="no"
IPXACTIVE_802_3="no"
IPXNETNUM_ETHERII=""
IPXPRIMARY_ETHERII="no"
IPXACTIVE_ETHERII="no"
IPXNETNUM_SNAP=""
IPXPRIMARY_SNAP="no"
IPXACTIVE_SNAP="no"
--
Rubens S. Gomes
e-mail: [EMAIL PROTECTED]
WWW: http://www.sound.net/~rgomes/
------------------------------
From: Michael Meissner <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Re: How to get the local IP address after booting with DHCP?
Date: 31 Jan 1999 15:40:16 -0500
Ed Finch <[EMAIL PROTECTED]> writes:
> Greetings!
>
> I'm in the process of building a Beowulf cluster. I would like
> to boot the slave nodes via DHCP served from the master node.
> I've got it all working, but the client doesn't know its own
> IP address after boot. The address is stored in a file under
> /etc/dhcp..., but /etc/hosts isn't updated. If I configure
> /etc/resolv.conf to check files first, for example, and
> try an nslookup command on the local machine's name, it gives
> an error that the name can't be resolved.
Tell dhcpcd to execute a shell script after it finishes and reset the hostname
yourself. On RedHat 5.2 if you install the following as:
/etc/sysconfig/network-scripts/ifdhcpc-done
and make it executable, it will reset the hostname, set up the printer
printcap, and record the time servers (I have hacks in the {,x}ntp start
scripts that use this information):
#!/bin/sh
SLEEPPIDFILE=/var/run/dhcp-wait-${IFNAME}.pid
if [ ! -f $SLEEPPIDFILE ]; then
# the parent must have timed out already -- we can't do much about
# it now
echo "DHCP configured but ifup timed out"
#exit 0
fi
# get the pid of the process which is waiting for this to complete
SLEEPPID=`cat $SLEEPPIDFILE`
rm -f $SLEEPPIDFILE
kill $SLEEPPID
if [ -f /etc/dhcpc/resolv.conf ]; then
cp /etc/dhcpc/resolv.conf /etc
fi
if [ -f /etc/ntp.conf -a "$NTPSERVER" != "" ]; then
if [ ! -f /etc/sysconfig/ntp.bak -a -f /etc/sysconfig/ntp ]; then
cp /etc/sysconfig/ntp /etc/ntp.bak
fi
RM="rm -f /etc/sysconfig/ntp"
if [ "$NTPSERVER" != "" ]; then $RM; RM=""; echo "NTPSERVER=$NTPSERVER" >>
/etc/sysconfig/ntp; fi
if [ "$NTPSERVER2" != "" ]; then $RM; RM=""; echo "NTPSERVER2=$NTPSERVER2" >>
/etc/sysconfig/ntp; fi
if [ "$NTPSERVER3" != "" ]; then $RM; RM=""; echo "NTPSERVER3=$NTPSERVER3" >>
/etc/sysconfig/ntp; fi
if [ "$NTPSERVER4" != "" ]; then $RM; RM=""; echo "NTPSERVER4=$NTPSERVER4" >>
/etc/sysconfig/ntp; fi
if [ "$NTPSERVER5" != "" ]; then $RM; RM=""; echo "NTPSERVER5=$NTPSERVER5" >>
/etc/sysconfig/ntp; fi
if [ "$NTPSERVER6" != "" ]; then $RM; RM=""; echo "NTPSERVER6=$NTPSERVER6" >>
/etc/sysconfig/ntp; fi
if [ "$NTPSERVER7" != "" ]; then $RM; RM=""; echo "NTPSERVER7=$NTPSERVER7" >>
/etc/sysconfig/ntp; fi
if [ "$NTPSERVER8" != "" ]; then $RM; RM=""; echo "NTPSERVER8=$NTPSERVER8" >>
/etc/sysconfig/ntp; fi
if [ "$NTPSERVER9" != "" ]; then $RM; RM=""; echo "NTPSERVER9=$NTPSERVER9" >>
/etc/sysconfig/ntp; fi
logger -i -t ifdhcpc-done "New timeservers:" \
$NTPSERVER $NTPSERVER2 $NTPSERVER3 $NTPSERVER4 $NTPSERVER5 \
$NTPSERVER6 $NTPSERVER7 $NTPSERVER8 $NTPSERVER9
fi
# Reset hostname (Kerberos 5 requires the hostname to be the same as the interface)
if [ "$HOSTNAME" = "" ]; then
ip=`ifconfig $IFNAME | perl -e 'while (<>) { print "$1\n" if /inet
addr:([0-9.]+)/; }'`
HOSTNAME=`nslookup $ip | sed -n -e '/^Name: */s///p'`
fi
if [ "$HOSTNAME" != "" ]; then
logger -i -t ifdhcpc-done "Setting hostname to $HOSTNAME"
hostname $HOSTNAME
fi
if [ "$LPRSERVER" != "" ]; then
if [ ! -f /etc/printcap.bak -a -f /etc/printcap ]; then
cp /etc/printcap /etc/printcap.bak
fi
rm -f /etc/printcap.new
for x in $LPRSERVER $LPRSERVER2 $LPRSERVER3 $LPRSERVER4 $LPRSERVER5 \
$LPRSERVER6 $LPRSERVER7 $LPRSERVER8 $LPRSERVER9; do
lpr_full=`nslookup $x | sed -n -e '/^Name: */s///p'`
lpr=`echo $lpr_full | sed -e 's/[.].*$//'`
if [ ! -d /var/spool/lpd/$lpr ]; then
mkdir /var/spool/lpd/$lpr
fi
if [ -f "/etc/printcap-$lpr" ]; then
if [ -f /etc/printcap.new ]; then
sed -e 's/^lp|//' -e "s/^lp:/$lpr:/" <
"/etc/printcap-$lpr" >> /etc/printcap.new
else
cp "/etc/printcap-$lpr" /etc/printcap.new
fi
else
if [ -f /etc/printcap.new ]; then
(echo "#"; echo "$lpr:\\") >> /etc/printcap.new
else
echo "lp|$lpr:\\" > /etc/printcap.new
fi
echo " :sd=/var/spool/lpd/$lpr:mx#0:sh:rm=$lpr_full:rp=lp:"
>> /etc/printcap.new
fi
done
mv /etc/printcap.new /etc/printcap
/etc/rc.d/init.d/lpd restart
logger -i -t ifdhcpc-done "New printers:" \
$LPRSERVER $LPRSERVER2 $LPRSERVER3 $LPRSERVER4 $LPRSERVER5 \
$LPRSERVER6 $LPRSERVER7 $LPRSERVER8 $LPRSERVER9
fi
--
Michael Meissner, Cygnus Solutions (Massachusetts office)
4th floor, 955 Massachusetts Avenue, Cambridge, MA 02139, USA
[EMAIL PROTECTED], 617-354-5416 (office), 617-354-7161 (fax)
------------------------------
From: [EMAIL PROTECTED] (Matthew Dare)
Subject: Re: /var/log/messages
Date: 1 Feb 99 11:48:16 GMT
On Sun, 31 Jan 1999 20:16:40 GMT, sebasto <[EMAIL PROTECTED]> wrote:
>a quick question,
>when i check the messages log, i see that my password and login id
>appear in plain text. should it
>be like this or should it be encrypted ?
>thanks in advance
>sleb
>
I assume this is for your ppp dialup session. This is normal as far as I can
tell. To stop your username and password from appearing in the log file
remove the "-v" switch from your chat script. The "-v" stands for verbose
reporting. The downside to this however is that with some setups (mine
included) you no longer get the connection speed logged.
Hope this helps.
Regards
Matthew Dare
[EMAIL PROTECTED]
------------------------------
From: "Adam L. Mendelson" <[EMAIL PROTECTED]>
Subject: modems / networking ????
Date: Mon, 01 Feb 1999 13:31:42 +0000
Reply-To: [EMAIL PROTECTED]
This is a multi-part message in MIME format.
==============14CBB2026D628E15C2D7D80F
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Is there a way to link /dev/modem to a telent prot say '192.268.20.10
2002' ??? I would like to use a dial out protion of a cisco router as
my modem any help would be appreciated
--
Adam Mendelson
Sr. Network Engineer
Executive Data Systems
[EMAIL PROTECTED]
Voice (305) 444-6200
1-800-749-6200
Fax (305) 444-1428
Web www.perfectlaw.com
==============14CBB2026D628E15C2D7D80F
Content-Type: text/x-vcard; charset=us-ascii;
name="amendelson.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Adam L. Mendelson
Content-Disposition: attachment;
filename="amendelson.vcf"
begin:vcard
n:Mendelson;Adam
tel;fax:305-444-1428
tel;work:305-444-6200
x-mozilla-html:FALSE
org:Executive Data System;Development
version:2.1
email;internet:[EMAIL PROTECTED]
title:Sr. Network Engineer
adr;quoted-printable:;;2100 Ponce De Leon Blvd=0D=0ASuite 1200
;Miami;Fl;33143;USA
x-mozilla-cpt:;-19808
fn:Adam Mendelson
end:vcard
==============14CBB2026D628E15C2D7D80F==
------------------------------
From: "phantom" <[EMAIL PROTECTED]>
Subject: Re: Help With IP Masquerading
Date: Mon, 1 Feb 1999 13:32:36 -0000
have you enabled ip forwarding?
look in /etc/sysinit/network
for a line with 'forwarding' in it
------------------------------
From: [EMAIL PROTECTED] (Alex Schneider)
Subject: Linux as a Firewall
Date: Mon, 01 Feb 1999 12:07:10 GMT
Reply-To: [EMAIL PROTECTED]
I set up a Linux box for firewalling usnig ISDN dial-up (ippp0 and
eth0, lets say 192.168.10.1 for eth0 and dynampic ip for ippp0).
Everything works fine.
Now using a HDSL connection, we have a class-c net and would like to
use the same firewall for this connection. The HDSL cable is now just
plugged into the hub for networking access for anyone.
Let's say we have ip 2.2.2.1-2.2.2.255. Is it possible to use two
ethernet cards (eht0 ip 2.2.2.2/ eth 1 ip 2.2.2.3) and 'forward'
packets from one to the other or do they have to be in different
subnets?
Router (HDSL) would be ip 2.2.2.1, rest of lan 2.2.2.4-255.
------------------------------
From: [EMAIL PROTECTED] (Ted Potter)
Subject: can not ftp certain file types
Date: Mon, 01 Feb 1999 10:29:50 GMT
I have a redhat 5.0 system setup with ipfwadm running. From my windows
machine I can run netscape and agent just fine. Real Audio works as
well.
However whenever I attempt to download a file that ends with an .exe
extentsion the download gets stuck after about 36K
This happens at anysite anytime. So I thought something was wrong with
my ipfwadm setup.
Using lynx from the redhat machine produces the same problem.
I can download .zip .gz .tar files all day and night.
This problem occures with both http and ftp.
Help!
Can someone tell me what more information I can get in order to
troubleshoot this problem ?
Thanks
Ted Potter
[EMAIL PROTECTED]
------------------------------
From: "Beno�t Cousson" <[EMAIL PROTECTED]>
Subject: ppp dial-on-demand or Diald ???
Date: Mon, 1 Feb 1999 15:07:50 +0100
Hi,
I want to use my linux box (Dell PowerEdge 2300 + Redhat5.2) as a gateway to
the internet for my local network (about 25 PC with NT/95/98). I've tried
ppp + diald, but I've got many problems using Diald:
- When I try to access a Web site, Diald start the connection, ISP give me a
IP address, but I receive a time out from netscape (Although
/proc/sys/net/ipv4/ip_dynaddr = 1). I have to click a second time to the Web
link to access the web site.
- When I use dctrl to control the connection, from time to time diald crash.
I've also tried ppp with demand option, but when I start pppd, I get this
message :
"pppd: demand dialling is not supported by kernel driver version 2.2.0"
the pppd version is 2.3.5...
So, is demand dialing not supported anymore with last kernel version, or is
there a version problem with the ppp module???
Right now, I don't have any good solution to access the internet from my
LAN. Is there other solutions on the demand dialing problem?
Thanks in advance.
Benoit.
------------------------------
From: [EMAIL PROTECTED] (Mike Cole)
Crossposted-To: linux.debian.user
Subject: Re: SIOCADDRT: Invalid arguement? How to Fix
Date: 1 Feb 1999 15:14:34 GMT
In article <[EMAIL PROTECTED]>, Robert Alexander wrote:
>Decklin Foster wrote:
>
>These errors cpme from ifconfig statements on a device which has not
>been defined.
>Most likely by installing the new kernel you have broken your net card
>recognition for example by not specifiying the relevant parameters in
>the kernel compilation.
>
>Look into /etc/init.d/network and you will see some lines like :
>
>ifconfig eth0 �lsk�lsk�lks�ldks�lk�sk�skd
>
>eth0 would be the culprit ...
The errors actually come from route, not ifconfig. You have 2 choices with
the new 2.2.* kernels. 1st is to not use route at all, because the new
kernels do it by themselves. The 2nd is to use the WHOLE route! You will
need to fill in all the info for the command to work without those errors.
------------------------------
From: Cord Seele <[EMAIL PROTECTED]>
Subject: 2.2.0 breaks telnet to old SysV R3 machine
Date: Mon, 01 Feb 1999 14:20:27 +0100
Hi everyone!
After upgrading to 2.2.0 I can't telnet/[rs]login to an old Motorola box
(VMEbus, SysV/68 R3) anymore. All other machines I have access to are fine.
But ping and ftp still work!
telnet: I do get `login:', but can't type in anything anymore. After the timeout
it says: Connection closed by foreign host.
rlogin: rcmd: wasp2.mpae.gwdg.de: Address already in use
Here are two tcpdumps (2.0.36 is fine, 2.2.0 isn't):
2.0.36:
13:30:35.067420 pSeele.mpae.gwdg.de.1026 > wasp1.rocketrange.no.telnet: S
1804116418:1804116418(0)
win 512 <mss 1460>
13:30:35.237420 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1026: S
2540321789:2540321789(0)
ack 1804116419 win 0 <mss 1456>
13:30:35.237420 pSeele.mpae.gwdg.de.1026 > wasp1.rocketrange.no.telnet: . ack 1 win
16060 (DF)
13:30:35.417420 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1026: . ack 1 win
5824
13:30:35.417420 pSeele.mpae.gwdg.de.1026 > wasp1.rocketrange.no.telnet: . 1:17(16) ack
1 win 16368
(DF)
13:30:35.417420 pSeele.mpae.gwdg.de.1026 > wasp1.rocketrange.no.telnet: P 17:28(11)
ack 1 win
16368
(DF)
13:30:35.577420 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1026: . ack 28 win
5824
13:30:37.597420 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1026: P 1:47(46) ack
28 win 5824
13:30:37.597420 pSeele.mpae.gwdg.de.1026 > wasp1.rocketrange.no.telnet: P 28:31(3) ack
47 win
16368
(DF)
13:30:37.727420 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1026: P 47:81(34)
ack 28 win
5824
13:30:37.737420 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1026: . ack 31 win
5824
13:30:37.737420 pSeele.mpae.gwdg.de.1026 > wasp1.rocketrange.no.telnet: . ack 81 win
16368 (DF)
13:30:38.197420 pSeele.mpae.gwdg.de.1026 > wasp1.rocketrange.no.telnet: P 28:31(3) ack
81 win
16368
(DF)
13:30:38.337420 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1026: . ack 31 win
5824
13:30:38.337420 pSeele.mpae.gwdg.de.1026 > wasp1.rocketrange.no.telnet: P 31:34(3) ack
81 win
16368
(DF)
13:30:38.457420 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1026: . ack 34 win
5824
13:30:38.457420 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1026: P 81:84(3) ack
34 win 5824
13:30:38.477420 pSeele.mpae.gwdg.de.1026 > wasp1.rocketrange.no.telnet: . ack 84 win
16368 (DF)
2.2.0:
13:12:11.073915 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: S
1194794750:1194794750(0)
win 32120 <mss 1460,sackOK,timestamp 951104[|tcp]> (DF)
13:12:11.213806 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1204: S
2264428526:2264428526(0)
ack 1194794751 win 0 <mss 1456>
13:12:11.213892 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: . ack 1 win
32120 (DF)
13:12:11.215397 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: . ack 1 win
32120 (DF)
13:12:11.380293 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1204: . ack 1 win
5824
13:12:11.380407 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: . ack 1 win
32120 (DF)
13:12:12.856998 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: . ack 1 win
32120 (DF)
13:12:13.606424 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1204: P 1:47(46) ack
1 win 5824
13:12:13.606549 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: . ack 47 win
32074 (DF)
13:12:13.732099 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1204: P 47:54(7) ack
1 win 5824
13:12:13.746963 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: . ack 54 win
32120 (DF)
13:12:16.556989 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: . ack 54 win
32120 (DF)
13:12:22.476991 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: . ack 54 win
32120 (DF)
13:12:33.226987 pSeele.mpae.gwdg.de.1022 > wasp1.rocketrange.no.login: . ack
1985585136 win 32120
(DF)
13:12:34.316984 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: . ack 54 win
32120 (DF)
13:12:43.116983 pSeele.mpae.gwdg.de.1202 > wasp1.rocketrange.no.telnet: . ack
2213248751 win 32120
(DF)
13:12:57.997001 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: . ack 54 win
32120 (DF)
13:13:05.766989 pSeele.mpae.gwdg.de.1203 > wasp1.rocketrange.no.telnet: . ack
2233766693 win 32120
(DF)
13:13:11.703221 wasp1.rocketrange.no.telnet > pSeele.mpae.gwdg.de.1204: F 54:54(0) ack
1 win 5824
13:13:11.703329 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: . ack 55 win
32119 (DF)
13:13:11.703373 pSeele.mpae.gwdg.de.1204 > wasp1.rocketrange.no.telnet: . ack 55 win
32119 (DF)
I don't understand much of this, but see differences already in the first package:
more options and win 32120 instead of win 512! Is this the problem?
Weird enough, telnet FROM the Motorola TO my Linux box with 2.2.0 works (when logging
in via a third host)!
I tried ping with various packet sizes: the Motorola box gives up at 16k while
other hosts on the same network still work.
I also reduced MAX_WINDOW to 8192 in tcp.h, but no effect.
This is as far as I could get without help. Where shall I look next?
I am happy to provide more info if needed.
Cord Seele
P.S.: Please, CC me directly, since I am not on the list. Thanks.
--
Cord Seele mailto:[EMAIL PROTECTED]
Max-Planck-Institut fuer Aeronomie
Max-Planck-Str. 2 phone: (+49) 5556 979-340
D-37191 Katlenburg-Lindau, GERMANY FAX: (+49) 5556 979-240
------------------------------
From: pazuzu <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux,comp.os.linux.admin,comp.os.linux.help,nl.comp.os.linux
Subject: Re: Romote "root" login
Date: Mon, 01 Feb 1999 16:15:21 +0100
"Michael 'BeLFrY' S. E. Kraus" wrote:
>
> G'day Andrew and all...
>
> Ack...! This really is a bad security hole!
I'm sorry, and I'm a bit new at this. Why is it more a security problem
that people from outside can directly login as root (password guessing?)
then people login in as guest and do a su -?
As I understand su - is posible from the NT-box (which isn't a secure
ttyp), so is also posible from the guest acount (or are there other
security settings that prevent su - from the guest acount used by an
outside guest?).
I'm probably making somekind of newbie error, but I really want to know.
> If someone connects to the box, when the telnet client on the NT box isn't
> telnetted in (or if for some reason, the telnet client on the NT box isn't assigned
> the same ttyp). (Let alone whatever other holes it may open.)
>
> Here's a much better (and secure) solution. =)
>
> Telnet into the Linux box as a regular user. Use 'su' or 'su -' to login as root.
> ('su -' will login you in as root with all of root's environmental variables set,
> rather than the su'ing user's.)
With regards, Paz
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
