Linux-Networking Digest #178, Volume #10 Thu, 11 Feb 99 17:14:05 EST
Contents:
Re: Linux ("J. S. Jensen")
Re: Can't ping my Gateway (but I can ping my own IP address) (Christian Bienia)
Re: Circumventing my ISP ([EMAIL PROTECTED])
Re: Contact Database (Nick Rout)
PPP problems (JT)
Re: hacked login ("Mitchell Maltenfort")
Re: MS Explorer 4.0 for Unix (Nick Ludden)
apache server name changes automatically ([EMAIL PROTECTED])
Re: where is ckermit-6.0.192-7.i386.rpm (Stuart R. Fuller)
.. about security .. (Mike Marsman)
Printing to Linux problem ("Jacques Engelbrecht")
Re: Please help w/muliple NICs (Rick Onanian)
Re: Linux redhat 5.2 and Win98 network (Cecil Watson)
Different kinds of NS-lookups? ([EMAIL PROTECTED])
disabling anonymous ftp server (Ujwal Sathyam)
Re: hacked login (Graffiti)
Re: ipfwadm or ipchains examples? (Kevin Martin)
Re: Please help w/muliple NICs HowTo Links (Cecil Watson)
Re: This needs to be said............. (Stuart R. Fuller)
Re: where is ckermit-6.0.192-7.i386.rpm (Frank da Cruz)
Re: smbmount and kernel 2.2.1 (Jerry Guy)
kernel can't see 2 network cards problem ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: "J. S. Jensen" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.unix.admin
Subject: Re: Linux
Date: Wed, 10 Feb 1999 08:58:52 -0700
Dustin Puryear wrote:
> At the central office we maintain a database created with proprietary
> software written for our SCO OpenServer server...All of the users really
> just need console based access to the information.
> 1 - setup a small network in the branch, where all machines are connected
> to the Linux machine
Yes, just have the Linux machine as a default gateway either for the entire
local network, or just a particular subnet.
> 2 - have Linux setup to call our server whenever a client machine needed
Use a dial-on-demand mechanism. diald works.
> 3 - have Linux use TCP/IP since this would allow more than one person to
PPP or SLIP the connection to a home-office linux box.
> I am curious if someone has been in this situation. If so, I would like
> to hear some feedback.
The Linux boxen (hate that word :-) that does the routing at the remote
sites need be nothing special. 386s w/ 8meg ram is what I think. The
dial-in server might need to have more RAM becaus each ppp daemon takes just
less than a meg each. However, how do you connect to the SCO box now?
Telnet'ing?
--
J. S. Jensen
mailto:[EMAIL PROTECTED]
http://www.Paramin.COM
------------------------------
From: Christian Bienia <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware,comp.os.linux.questions,comp.os.linux.setup
Subject: Re: Can't ping my Gateway (but I can ping my own IP address)
Date: 10 Feb 1999 16:09:03 GMT
Gary Spivey wrote:
>
> Yes,
> everything is physically connected. If I take linux down and bring up
> Windows 95, everything works fine.
> If I ifconfig down the lo interface, I can no longer ping myself or the
> broadcast address. So it appears that the problem may be somewhere in the
> card setup rather than in the network setup.
As far as I know, this is a bug in pppd 2.3.5. Everything seems to work
fine (routes, ifconfig, ...), but no data is transferred.
Try this workaround: Simply replace "crtscts" with "xonxoff".
If it worked well, please post!
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.misc
Subject: Re: Circumventing my ISP
Date: Wed, 10 Feb 1999 15:05:59 GMT
In article <[EMAIL PROTECTED]>,
Kevin Currie <[EMAIL PROTECTED]> wrote:
> I am wonderring if anyone can help me find a way to circumvent some
> firewalling my ISP is doing.
[..]
> Now this setup the ISP has is all fine and dandy for Windows users, but I'd
> love to be able to telnet/ftp to my machine from remote computers to do
> things like get my mail and transfer files and such.
Maybe your ISP bloks most known ports like my ISP.
What I did was this:
change the port number of ftp in /etc/services (from 21 to 12121)
kill -HUP (pid of inetd)
Now you can ftp to this machine with:
ftp ipaddress 12121
But you can't ftp to this machine using the usual port
I haven't tried getting ftp to listen to two ports.
The same works for telnet
jaap
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Nick Rout <[EMAIL PROTECTED]>
Subject: Re: Contact Database
Date: Wed, 10 Feb 1999 11:49:51 +1300
Good question! I would like to know that answer!
Simon Faulkner wrote:
> MS Outlook (sorry) needs exchange server (sorry again) to share contacts
> and calendars throughout a small network.
>
> We have Win95 clients and a Linux (hurrah!) server.
>
> Can anyone sugest a good contact manager/scheduler that will sit on the
> Linux machine and allow Win95 clients to see the data?
>
> Simon
> --
> Simon Faulkner
> http://www.elkstone.demon.co.uk
------------------------------
From: JT <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.setup,comp.os.linux.questions,comp.os.linux.help,comp.os.linux
Subject: PPP problems
Date: Thu, 11 Feb 1999 12:22:47 -0700
Hello everyone,
While I'm not a newbie and have been running RH since v4.2, I can't
figure out what is going on here. I usually just set up ppp with the
netcfg utility and it works fine, but for some reason, I can't get it to
work in RH5.2, using the same settings as in the other versions.
Here is what the /var/log/messages says:
Feb 8 20:04:12 viper pppd[495]: pppd 2.3.5 started by root, uid 0
Feb 8 20:04:19 viper innd[425]: s
Feb 8 20:04:29 viper pppd[495]: Serial connection established.
Feb 8 20:04:30 viper pppd[495]: Using interface ppp0
Feb 8 20:04:30 viper pppd[495]: Connect: ppp0 <--> /dev/modem
Feb 8 20:04:46 viper pppd[495]: Remote message: Login Succeeded
Feb 8 20:04:47 viper pppd[495]: not replacing existing default route to
eth0 [192.168.0.1]
Feb 8 20:04:47 viper pppd[495]: local IP address 209.30.51.108
Feb 8 20:04:47 viper pppd[495]: remote IP address 209.30.51.5
Feb 8 20:05:17 viper pppd[495]: CCP: timeout sending Config-Requests
Feb 8 20:06:02 viper innfeed[453]: decwrl can't resolve hostname:
news1.pa.dec.com : (Host name lookup failure)
Feb 8 20:06:02 viper innfeed[453]: decwrl spooling no active
connections
While it shows that I get connected, and I am able to ping servers
outside my network, I cannot get http(in netscape) or ftp to work.
I got the CD from cheapbytes, as with all my other versions.
Also, if I need to give you more info, I will gladly do so. I've been
reading newsgroups and faqs and docs and trying to change every file I
thought might be affecting this, but with no luck. Any help would be
appreciated.
TIA,
JT
------------------------------
From: "Mitchell Maltenfort" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.os.linux.admin
Subject: Re: hacked login
Date: Wed, 10 Feb 1999 09:20:30 -0700
>It sounds like some one used ROOT-kit on you computer, tehey did the same
>on my PC, i had to reinstall all becouse he also planted a backdoor
>(check) he also replaced a hacked inetd so he can log in not to be
>detected he can also replace ls, ps, etc... check
>http://www.rootshell.com/ for the rootkit and unpack it en read the readme
>and you be dazzeled ehat it can do...
>
I checked out rootshell and was surprised, although at my end of the
learning curve it looked more like an ammo dump than a bomb shelter.
I did a search on rootkit and was surprised to only see ways to download it.
Is there any way to block it?
------------------------------
From: Nick Ludden <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux,alt.linux,linux.redhat,linux.redhat.misc,comp.windows.x.kde
Subject: Re: MS Explorer 4.0 for Unix
Date: Thu, 11 Feb 1999 14:39:46 -0500
why the hell would you want to do that?
Carlos A wrote:
> I'm wondering if Explorer 4.0 that Microsoft offers for download if it will
> work under RedHat 5.2 / KDE ? Will it work under Linux?
------------------------------
From: [EMAIL PROTECTED]
Subject: apache server name changes automatically
Date: Thu, 11 Feb 1999 19:32:34 GMT
I'm sure this has been covered elsewhere and I'm missing something relatively
small, but it's kicked my butt for a week now so ...
I'm running apache on linux, the linux machine name being
apacheweb.company.com ... our DNS server points to that address as
www.company.com ... pointing a browser to www.company.com gets the web page
without a problem. However, pointing to a subdirectory, say
www.company.com/directory fails. What I've noticed (from INSIDE the firewall
where apacheweb is on our internal DNS) is that pointing the browser to
www.company.com/directory works, but changes the url displayed in the browser
to apacheweb.company.com/directory. This does NOT work outside the firewall,
as our external DNS does not have an entry for apacheweb. What am I missing?
Is this an apache thing or a DNS thing?
Thanks in advance.
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Stuart R. Fuller)
Subject: Re: where is ckermit-6.0.192-7.i386.rpm
Crossposted-To: comp.os.linux.setup
Reply-To: [EMAIL PROTECTED]
Date: Wed, 10 Feb 1999 17:00:03 GMT
Chiyu Wang ([EMAIL PROTECTED]) wrote:
: Hello,
:
: I am trying to install "ckermit-6.0.192-7.i386.rpm" in my linux box. Can
: anyone tell what is the directory of this package in glint? Or, it can
: be found else where?
:
ftp://kermit.columbia.edu/kermit/archives/ckermit-6.0.192-7.i386.rpm
Stu
------------------------------
From: Mike Marsman <[EMAIL PROTECTED]>
Subject: .. about security ..
Date: Wed, 10 Feb 1999 11:55:57 -0500
yippie!
After many hours, I've finally configured my linux box to talk to my cable
modem and my internal network at the same time! IP Masq. is up and
running like a charm!
My only question now is about security ... I'm a little ignorant in this
area, so please bear with me..
Some background you say ... I'm running Debian 2.0 with the kernel at
2.2.1.. 'nuff said?
I've got my hosts.allow file set to allow all 192.168.1.* connections to
the linux box, as well as a few others. From what I can tell, so long as
my hosts.deny file is set to ALL, allowing select IP's doesn't pose a big
security risk -- however, I want to widen my allowed hosts so I can access
my box from any machine at work/school .. so I'll be allowing something
like 129.100.*.*
now I know this opens up my machine to hacks, so is there anything
specific I should be running? Should I have a SOCKS proxy, or will that
interfere with IPmasq? I know that IPmasq will hide the networked boxes,
I'm just concerned with the linux box itself.. (esp. with exploits for
spam relays/etc)
Any ideas would be (greatfully) appreciated.
Cheers,
..Mike
=====
Mike Marsman -- University of Western Ontario
reply to: <[EMAIL PROTECTED]>
"A computer without COBOL and Fortran is like a piece of
chocolate cake without ketchup and mustard." -Anonymous-
=====
------------------------------
From: "Jacques Engelbrecht" <[EMAIL PROTECTED]>
Subject: Printing to Linux problem
Date: Wed, 10 Feb 1999 18:53:54 +0200
On Slackware 3.6,
I'm trying to print to my Linux box using lpr (from NT):
D:\>lpr -S linuxbox01 -P lp trace.txt
and get the following error:
Error: print server did not accept request. Job aborted.
I've added the host names to host.lpd and host.equiv also, this produces
the same result.
printing from the Linux box itself works perfectly.
I would prefer the printer to available to any host on the network, using
lpr.
Regards
[EMAIL PROTECTED]
------------------------------
From: Rick Onanian <[EMAIL PROTECTED]>
Subject: Re: Please help w/muliple NICs
Date: Wed, 10 Feb 1999 11:55:14 -0500
TiM wrote:
> Where did you find the multiple-NIC howto?
My favorite place for howtos is linux-howto.com
However...it seems to be missing from that site. In fact, i just checked
sunsite...not there either. It was installed in my Slackware 3.6 and Debian 2.0
systems under /usr/doc/Linux-mini-HowTo or something like that.
I can't find it online at all. I even did a search on Altavista... Anyone know
where online to find it? I do have it in /usr/doc/Linux-mini-HOWTOs
It's too long to post. I will email it to you. Anyone else want it?
rick
>
>
> Rick Onanian wrote in message <[EMAIL PROTECTED]>...
> >Cecil Watson wrote:
> >
> >> Hello,
> >>
> >> I'm having problem configuring multiple NIC under RedHat 5.2. I can
> >>
> >> get both of them recognized, but can only ping one at a time?! I must
> >> disable one, ping the other disable,enable the first them I can ping
> >> it?! I'm trying to enable IP masquerading, I've read the How-Tos but
> >> cannot find and answer. Thanks in advance,
> >>
> >> cesman
> >
> >If the Multiple-Ethernet howto doesn't answer your question, than the one
> >bit of information it's missing is prolly what you need: In order to get
> two
> >ethernet cards of the same type working, you must compile them into the
> >kernel rather than as modules. This has been my experience. Once I did
> that,
> >everything got easier.. Then you just follow the multiple-ethernet howto.
> >
> > rick
> >
> >
------------------------------
From: Cecil Watson <[EMAIL PROTECTED]>
Subject: Re: Linux redhat 5.2 and Win98 network
Date: Wed, 10 Feb 1999 08:52:04 -0800
Yes, just but two NICs(I'd suggest ones with Realtek 8029 or DEC 21040
chipset inexpensive and twos with both OSs) and plug them in...In order to
share files ala Network Neighborhood you'll need Samba(www.samba.org), get
the latest ver 2.0.2. You can also FTP between the machines! Good Luck!
cesman
Wong Kui Nevin wrote:
> Hello,
>
> I want to install Linux redhat 5.2 to my computer and connect a network
> to my other computer running Win98. How can I do that? I'm new to Linux.
> Do I just buy 2 network cards and plug them in? Or do I need a hub or
> something? Thanks
>
> Yours,
> Nev
------------------------------
From: [EMAIL PROTECTED]
Subject: Different kinds of NS-lookups?
Date: 9 Feb 1999 16:29:58 GMT
Hi.
I got some problem with my local DNS. It is supposed to offer DNS services for
my LAN, and, if online also forward queries to the Internet-DNS system.
Now my question: How come, that I can ping a host by its name, or visit the
webserver by entering the name, but that I cannot use nslookup or sth. like
that. Usually this wouldnt matter, but since lpq always waits for a timeout,
when quering it, and lpd does not send printer data until it gets the timeout I
have to change something.
Can anyone give me an explanation for the 'phenomenon'?
thanks in advance, PeeR
------------------------------
From: [EMAIL PROTECTED] (Ujwal Sathyam)
Subject: disabling anonymous ftp server
Date: Wed, 10 Feb 1999 09:30:33 -0800
Hi,
I am new to Linux, and I just installed Redhat 5.2, and I accidentally
chose to install the anonymous ftp server too (did an Everything install).
How do I disable the anonymous ftp access?
Thanks,
Ujwal
------------------------------
From: Graffiti <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.os.linux.admin
Subject: Re: hacked login
Date: 11 Feb 1999 04:49:27 -0800
In article <[EMAIL PROTECTED]>, Rafael Marcus <[EMAIL PROTECTED]> wrote:
>Someone probably hacked the login program in my Linux system and it
>doesn't record te remote host address for a remote telnet login in the
>"wtmp" file. I recompiled the login program but the problem persists.
>Any idea what else I should check to solve the problem.
> Thanks
> Rafael.
Never, ever, ever, *ever* continue to use a compromised system if you can help it.
Re-install.
No, I'm serious.
You never know what *else* was compromised. libc? syslogd? cc? ftp?
You might try to grab an update to replace binaries that you *think* are
compromised, but that's completely useless if, say, ftp was compromised to grab
a trojan'd binary. Unlikely, yes. Impossible? No.
Re-install.
And when you do, pick different/new passwords for *all* your accounts.
-- DN
------------------------------
From: [EMAIL PROTECTED] (Kevin Martin)
Subject: Re: ipfwadm or ipchains examples?
Date: Wed, 10 Feb 1999 15:09:12 GMT
In article <v1cw2.2$[EMAIL PROTECTED]>, it says "Gavin Cato"
<[EMAIL PROTECTED]> wrote:
>Hello All,
>
>Can anyone give me some examples configs of using ipfwadm (or preferably
>ipchains) of setting up a Linux box as a firewall (blocking certain udp/tcp
>based ports) and acting as a NAT box for machines connected via ethernet
>assuming the linux box has a internet connection through eth0?
eth0? No, because that's my LAN connection... but that has no effect on
the ipfwadm command anyway. It runs on IP addresses, not devices.
See http://www.nic.com/~cannon/Linux/ for my annotated ipfwadm script.
I've just started making the transition to ipchains myself, but there's a
page at www.rustcorp.com/linux/ipchains/ that will make it very easy to
translate a working ipfwadm script.
------------------------------
From: Cecil Watson <[EMAIL PROTECTED]>
Subject: Re: Please help w/muliple NICs HowTo Links
Date: Wed, 10 Feb 1999 09:03:05 -0800
Here are a few links...
http://metalab.unc.edu/LDP/LDP/nag/node1.html
http://cesdis.gsfc.nasa.gov/linux-web/
------------------------------
From: [EMAIL PROTECTED] (Stuart R. Fuller)
Subject: Re: This needs to be said.............
Reply-To: [EMAIL PROTECTED]
Date: Wed, 10 Feb 1999 17:00:03 GMT
[EMAIL PROTECTED] wrote:
: There is a
: product that is beginning to rise based on reliability. Many programmers have
: put their lives into this product so you could taste rock-solid computing. We
: need to help this product along.
Except for the phrase "beginning to rise based on reliability", this comment
could apply to the VMS operating system.
Stu
------------------------------
From: [EMAIL PROTECTED] (Frank da Cruz)
Crossposted-To: comp.os.linux.setup,comp.protocols.kermit.misc
Subject: Re: where is ckermit-6.0.192-7.i386.rpm
Date: 10 Feb 1999 17:43:12 GMT
In article <j16s97.36q.ln@localhost>,
Stuart R. Fuller <[EMAIL PROTECTED]> wrote:
: Chiyu Wang ([EMAIL PROTECTED]) wrote:
: : Hello,
: :
: : I am trying to install "ckermit-6.0.192-7.i386.rpm" in my linux box. Can
: : anyone tell what is the directory of this package in glint? Or, it can
: : be found else where?
:
: ftp://kermit.columbia.edu/kermit/archives/ckermit-6.0.192-7.i386.rpm
:
Assuming you want the Intel version. There are also versions for Sparc and
Alpha. But at this point, C-Kermit 6.0 is nearing the end of its life
cycle. Linux has changed significantly out from under it since 1996, and
therefore C-Kermit 6.0 often fails to start or run under recent Linux
releases or packages due to curses/ncurses and libc/glibc confusion, etc.
Instead, I'd recommend you visit the Kermit website:
http://www.columbia.edu/kermit/
and pick up C-Kermit 7.0 Beta, which should work nicely on all Linux versions
with all Linux packages (and if not, there's still time to fix it). It's
not in RPM form yet -- it's distributed in tar.gz form during the test
period. The website contains the download links and instructions for
unpacking and building.
- Frank
------------------------------
From: Jerry Guy <[EMAIL PROTECTED]>
Subject: Re: smbmount and kernel 2.2.1
Date: Thu, 11 Feb 1999 16:33:42 -0500
Corey J. Steele wrote:
> Kernel 2.2.x also broke smbmount on my box... I run RedHat 5.1, with all of the
> applicable errata installed, and kernel 2.2.1. I upgraded all of the packages
> on my box as suggested per kernelroot/Documentation/Changes, and still no go.
> I've checked, doubled checked, and tripple checked the kernel config to ensure
> that I had support for: SMB Network Filesystem, the Win95 bug fixes, as well as
> network block device support.
>
> SO, I'm at a bit of a loss on this matter too... BTW: smbmount works dandy when
> i boot to kernel 2.0.36, so I KNOW my problem is a result of kernel 2.2.1...
>
> Any suggestsions would be greatly appreciated... if needed, I can post my
> kernel config.
>
> -C
>
> On Thu, 11 Feb 1999, Christian Ordig wrote:
> >Hi,
> >
> >I just upgraded my SuSE Linux 6.0 to kernel 2.2.1. They claim it to be "Kernel
> >2.2.x ready", but I just had to upgrade some things... nevermind. Everything
> >wotks fine again, without smbmount. I downloaded Samba 2.0, as adviced in the
> >Kernel documentation and compiled it. The compilation of smbfs 2.0.2 stops with
> >many error messages. Smbfs 2.1.51 compiles fine, but when I try to mount a share
> >I get a "file not found" error. I read something about a new command line syntax
> >of smbmount, but the man page isn't up-to-date, yet. "smbmount -h" tells me
> >"smbmount <mount-point> [options]" as syntax - but who tells smbmount which
> >share to mount???
> >
> >Thank you for answering.
> >
> >--
> >Christian Ordig | Homepage: http://thor.prohosting.com/~chrordig/
> >Germany | eMail: [EMAIL PROTECTED]
> > __ _ |
> > / / (_)__ __ ____ __ | Why Linux? Because it is free, stable, and
> > / /__/ / _ \/ // /\ \/ / | bugs can be fixed in source opposed to waiting
> >/____/_/_//_/\_,_/ /_/\_\ | for a stable WinTendo from Micro$oft.
3 items;
1. be sure to compile samba with the smbmount option (see docs)
2. if you have smbfs the smbmount from this package is found first (at least in
RH,unless you change the path)
so you must rename or remove this file.
3. the mount syntax has changed, now ; smbmount "//servername/sharename" -c
'mount /mountpoint'
Good Luck
Jerry
------------------------------
From: [EMAIL PROTECTED]
Subject: kernel can't see 2 network cards problem
Date: Wed, 10 Feb 1999 17:44:36 GMT
I'm using kernel 2.2.1 with 2 network cards install in my linux box. They
are 3COM 3c509b and 3c595b cards. The problem is that at boot up time, the
kernel only see 1 card (the 3c595b) as eth0 but doesn't seem to see the 3c509
card. I compiled the kernel with both cards support in the kernel (not as
modules) and can't figure out how to get the kernel to see my second card.
What am I doing wrong? Please advise.
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
