Linux-Networking Digest #280, Volume #10 Mon, 22 Feb 99 06:13:52 EST
Contents:
Re: I give up with Linux and Win8 network (Marc Hering)
Mount NTFT volume from Linux ("[EMAIL PROTECTED]")
Re: PCI modems in linux? ("Vic")
I give up with Linux and Win8 network ("Jose")
Syn flooding ("Fridtjof")
ppp hanging up after connect.. Help! (Jess Askey)
Re: Machine name themes - what do you use? (Charles Stephens)
Re: SNA and Linux ("Michael Knigge")
Re: 2 ne2000 cards (Tim Moore)
Re: Syn flooding ([EMAIL PROTECTED])
SMBMount? (luckyy)
Re: IE - integration problems with proxying and DHCP (Rainer Duffner)
Re: I give up with Linux and Win8 network (jedi)
Re: ipfwadm docs ? (jedi)
Re: Machine name themes - what do you use? ([EMAIL PROTECTED])
smbumount: "probably not smb-filesystem" ("Robert C. Paulsen, Jr.")
2 node network, Win95 and RedHat 5.2, telnet problems. (Bob Bryla)
Re: Route Question (John Mullee)
Re: networking site ("Thomas S. Martinson")
----------------------------------------------------------------------------
From: Marc Hering <[EMAIL PROTECTED]>
Subject: Re: I give up with Linux and Win8 network
Date: Mon, 22 Feb 1999 06:56:54 GMT
I know that this is probably going to sound stupid,,but in your startup scripts
do you see a message about
disableing IPV4 forwarding
or somrhing like that????
I know that on RH ip forwarding is disabled by the init scripts,,,I don;t
remember where it is exactly happening,,but if this is the case then packets
would not be forwarded to the appropriate NIC
also do you have forwarding support compiled into the kernel?
Jose wrote:
> Okay, I have a cable modem, 2 nics in a llinux box, one in my Win98
> machine.. I've read the firewall How-Tos, I looked a probably a dozen sites,
> and I haven't been able fully understand how to get my win98 machine on the
> web routing thru my linux box. I'm done a fresh install like 7 times, I know
> I have ifwadm 2.3.0 compiled in the kernel, but I still haven't been able to
> get this to work.
>
> I have Linux unleashed 2nd and third edition, I have printed out the NET-3
> Howto, Firewalling and Proxy Howto and I'm still lost..
>
> It's funny becuase I can ping the nic from my win98 machine. but I can't get
> out.. I'm really starting to go back to NT for my network.. Can some one
> help me out, there's got to be like a IP masquerading for dummies or
> something cause damn this is really kick my but.. And the reason I want
> linux is for Hosting my web site and other issues..
>
> TIA
> Jose
------------------------------
From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Subject: Mount NTFT volume from Linux
Date: Sun, 21 Feb 1999 03:16:12 +0000
Hello all:
I know about Samba and have it working at my office. Can
I connect the other way? IOW can I mount and write to an
NTFS volume from my linux box (RH 5.2). I have Samba 1.9.18
installed.
TIA
Bob Hartung
------------------------------
From: "Vic" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware,comp.os.linux.setup
Subject: Re: PCI modems in linux?
Date: Mon, 22 Feb 1999 08:09:48 GMT
Eugene <[EMAIL PROTECTED]> wrote in message
news:C55z2.62$[EMAIL PROTECTED]...
>AFAIK all PCI modems are winmodems
And all modern hardware are winhardware ;-)
------------------------------
From: "Jose" <[EMAIL PROTECTED]>
Subject: I give up with Linux and Win8 network
Date: Sun, 21 Feb 1999 00:56:40 GMT
Okay, I have a cable modem, 2 nics in a llinux box, one in my Win98
machine.. I've read the firewall How-Tos, I looked a probably a dozen sites,
and I haven't been able fully understand how to get my win98 machine on the
web routing thru my linux box. I'm done a fresh install like 7 times, I know
I have ifwadm 2.3.0 compiled in the kernel, but I still haven't been able to
get this to work.
I have Linux unleashed 2nd and third edition, I have printed out the NET-3
Howto, Firewalling and Proxy Howto and I'm still lost..
It's funny becuase I can ping the nic from my win98 machine. but I can't get
out.. I'm really starting to go back to NT for my network.. Can some one
help me out, there's got to be like a IP masquerading for dummies or
something cause damn this is really kick my but.. And the reason I want
linux is for Hosting my web site and other issues..
TIA
Jose
------------------------------
From: "Fridtjof" <[EMAIL PROTECTED]>
Crossposted-To: alt.www.webmaster,nl.comp.os.linux
Subject: Syn flooding
Date: 22 Feb 1999 08:08:13 GMT
Dear experts,
I'm running an Apache server and I found an unusual messages in on of the
logfiles (messages). It reads:"Warning: possible SYN flooding. Sending
cookies."
I've got two questions.
1. What triggers such a messages (is it a hacker attack)?
2. What can I do about it?
Any help appriciated, thx in advance.
------------------------------
From: Jess Askey <[EMAIL PROTECTED]>
Subject: ppp hanging up after connect.. Help!
Date: Fri, 19 Feb 1999 21:53:50 -0700
Reply-To: [EMAIL PROTECTED]
Im getting a <SIGHUP> right after chat finishes and pppd takes over when
I dialup to my Dynamic ISP. Am I starting pppd incorectly?
Here are my debug and message file..
Here is the relevant debug info...
Feb 18 22:03:48 glitter pppd[146]: sent [LCP ConfReq id=0x1 ]
Feb 18 22:03:51 glitter pppd[146]: sent [LCP ConfReq id=0x1 ]
Feb 18 22:03:54 glitter pppd[146]: rcvd [LCP ConfReq id=0x46 ]
Feb 18 22:03:54 glitter pppd[146]: sent [LCP ConfRej id=0x46 ]
Feb 18 22:03:54 glitter pppd[146]: sent [LCP ConfReq id=0x1 ]
Feb 18 22:03:54 glitter pppd[146]: rcvd [LCP ConfReq id=0x47 ]
Feb 18 22:03:54 glitter pppd[146]: sent [LCP ConfRej id=0x47 ]
Feb 18 22:03:54 glitter pppd[146]: rcvd [LCP ConfAck id=0x1 ]
Feb 18 22:03:55 glitter pppd[146]: rcvd [LCP ConfReq id=0x48 ]
Feb 18 22:03:55 glitter pppd[146]: sent [LCP ConfRej id=0x48 ]
Feb 18 22:03:55 glitter pppd[146]: rcvd [LCP ConfReq id=0x49 ]
Feb 18 22:03:55 glitter pppd[146]: sent [LCP ConfRej id=0x49 ]
Feb 18 22:03:55 glitter pppd[146]: rcvd [LCP ConfReq id=0x4a ]
Feb 18 22:03:55 glitter pppd[146]: sent [LCP ConfRej id=0x4a ]
Feb 18 22:03:55 glitter pppd[146]: rcvd [LCP TermReq id=0x4b]
Feb 18 22:03:55 glitter pppd[146]: sent [LCP TermAck id=0x4b]
Feb 18 22:03:55 glitter pppd[146]: rcvd [LCP ConfReq id=0x4c ]
Feb 18 22:03:55 glitter pppd[146]: sent [LCP ConfRej id=0x4c ]
Messages...
Feb 18 22:03:47 glitter pppd[146]: Serial connection established.
Feb 18 22:03:48 glitter pppd[146]: Using interface ppp0
Feb 18 22:03:48 glitter pppd[146]: Connect: ppp0 <--> /dev/modem
Feb 18 22:03:55 glitter pppd[146]: Modem hangup
Feb 18 22:03:55 glitter pppd[146]: Connection terminated.
Feb 18 22:03:55 glitter pppd[146]: Exit.
Im not sure if Im hanging up or the ISP is hanging up on me. Can anyone
point me in the right direction?
More file snipplets are
at...http://www.gamearchive.com/collector/jess/linux/
thanks in advance.
------------------------------
From: Charles Stephens <[EMAIL PROTECTED]>
Crossposted-To:
vmsnet.networks.misc,microsoft.public.windowsnt.domain,comp.unix.solaris,comp.os.os2.networking.server,comp.os.ms-windows.nt.admin.networking,comp.infosystems.www.servers.unix,comp.protocols.tcp-ip.domains
Subject: Re: Machine name themes - what do you use?
Date: 22 Feb 1999 00:30:24 -0800
>>>>> "SS" == Stuart Summerville <[EMAIL PROTECTED]> writes:
SS> Just curious to know what themes you use for machine names on your
SS> local networks. I've heard of or used some of the following: animals,
SS> fruits, alcoholic beverages, artists, movie stars, & musicians. What
SS> about you? I'm sure there's some birarre ones being used out there....
I once named a "cluster" of machines after The Three Stooges: larry,
curly, and moe.
It didn't go over well with the management at the university I was
working for at the time, but it was harder to change the names at that
point and was a topic for good humored conversation all the time.
cfs
--
Charles F. Stephens = cfs AT eng.sun.com
Software Psychic and Illuminary =
Solaris Directory Service = "We don't make mistakes, we make
Solaris Software = happy accidents."
Sun Microsystems, Inc. = -- Bob Ross
Menlo Park, California, USA =
------------------------------
From: "Michael Knigge" <[EMAIL PROTECTED]>
Subject: Re: SNA and Linux
Date: Mon, 22 Feb 1999 08:25:05 +0100
[EMAIL PROTECTED] schrieb in Nachricht
<7aj8nv$4hs$[EMAIL PROTECTED]>...
>Hello, I would like to know if there is some tool that implements the IBM�s
>network protocol SNA in Linux. I need to connect a PC running Linux (SuSE
5.3
>or RedHat 5.1) with an AS/400. Thanks.
There is a commercial product from GCOM, try http://www.gcom.com.
Also, Jay Schulist founded the Linux SNA Project, you can find this on
http://208.160.91.185/ . It�s current stats is far from complete, but
initial things works and Jay is doing a good work! I guess he must be
insane doing just that beast :->
Bye
Michael
------------------------------
Date: Sat, 20 Feb 1999 19:36:28 -0800
From: Tim Moore <[EMAIL PROTECTED]>
Subject: Re: 2 ne2000 cards
> ok, Now it sees the cards but will not read the correct irq. Is there a
> way to also set the irq along with the io address.
> >append = "ether=0,0x300,eth0 ether=0,0x360,eth1"
The first param for each 'ether=' is supposed to be the IRQ.
--
[Replies: yy -> y]
"Everything is permitted. Nothing is forbidden."
WS Burroughs.
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.www.webmaster,nl.comp.os.linux
Subject: Re: Syn flooding
Date: Mon, 22 Feb 1999 10:34:52 +0100
Just answering your #2 question - I'm hardly no expert at all... ;-)
In the kernel configuration you can enable some protection against SYN
flooding.
" Normal TCP/IP networking is open to an attack known as SYN flooding. �
� This attack prevents legitimate users from being able to connect to �
� your computer and requires very little work for the attacker. �
� SYN cookies provide protection against this type of attack. With �
� this option turned on the TCP/IP stack will use a cryptographic �
� challenge protocol known as SYN cookies to enable legitimate users �
� to continue to connect, even when your machine is under attack. �
� If you are SYN flooded, the source address reported by the kernel is �
� likely to have been forged by the attacker. The source address is �
� reported as an aid in tracing the packets to their actual source. "
Fridtjof <[EMAIL PROTECTED]> wrote:
: Dear experts,
: I'm running an Apache server and I found an unusual messages in on of the
: logfiles (messages). It reads:"Warning: possible SYN flooding. Sending
: cookies."
: I've got two questions.
: 1. What triggers such a messages (is it a hacker attack)?
: 2. What can I do about it?
--
Anders Gulden Olstad @ Jeeves
RedHat 5.2 Linux kernel 2.0.36
"Penguins are generally nice creatures"
------------------------------
From: [EMAIL PROTECTED] (luckyy)
Subject: SMBMount?
Reply-To: [EMAIL PROTECTED]
Date: Sun, 21 Feb 1999 01:29:49 GMT
Is there anyway with the new 2.2.x kernel to mount a Win98/NT share?
SMBMount doesn't appear to work anymore? I'd like to be able to
mount a directory, instead of using the ftp-like SMBClient program.
TIA for any information you can provide me!
------------------------------
From: Rainer Duffner <[EMAIL PROTECTED]>
Crossposted-To: comp.security.firewalls
Subject: Re: IE - integration problems with proxying and DHCP
Date: Mon, 22 Feb 1999 11:05:22 +0100
Carol Parkey wrote:
>
> I have set up squid as a proxy server on linux.
>
> On the client side, Netscape 4.5 (on NT WS 4 sp4) works fine through the
> proxy; however, IE5 (beta 1)
Too bad, IE5 is _beta_. In M$-speak this means little more than a "don't
touch me"-version.
On Linux or FreeBSD, a beta is a fully working program where the feature
are frozen and further releases only fix bugs, not add new bugs errm
features, like Microsoft do.
> on W95 blatantly ignores the proxy for any
Too bad, that W95 can hardly be considered an OS.
Much less a stable OS...
> 'FTP://' url requests (I have proved this by setting up tcpdump to look
> at where the packets go - IE just ignores the proxy settings and tries
> to go direct). IE3 also behaves correctly. (I can't download IE4, nor
> the latest version of the IE5 beta, since the MS site keeps crapping out
> on me during the transfer, and life's too short).
http://ftpsearch.lycos.com (and use the traditional form, not the
braindead new one...)
Try a mirror. Use one that one of your upstream-ISPs hosts.
People here also use IE4 (and some even the dreaded 5-betas), and we
also have squid on linux. And it works very well.
Use NT, if you must use Windoze. Use a release-version of the browser
you want.
I wouldn't be surprised if I had similar problems using an early Beta of
Netscape5 on FreeBSD.
I've seen IE5 completely freezing/rendering unusable a NT-system !
cheers,
Rainer
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Rainer Duffner, Kiosk AG, Switzerland |
| [EMAIL PROTECTED] -- [EMAIL PROTECTED] |
| W3: http://www-stud.fh-konstanz.de/~duffner |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
------------------------------
From: [EMAIL PROTECTED] (jedi)
Subject: Re: I give up with Linux and Win8 network
Date: Sat, 20 Feb 1999 17:24:04 -0800
On Sun, 21 Feb 1999 00:56:40 GMT, Jose <[EMAIL PROTECTED]> wrote:
>Okay, I have a cable modem, 2 nics in a llinux box, one in my Win98
>machine.. I've read the firewall How-Tos, I looked a probably a dozen sites,
You use the IP-Masquerade howto for that sort of thing.
>and I haven't been able fully understand how to get my win98 machine on the
>web routing thru my linux box. I'm done a fresh install like 7 times, I know
>I have ifwadm 2.3.0 compiled in the kernel, but I still haven't been able to
>get this to work.
>
>I have Linux unleashed 2nd and third edition, I have printed out the NET-3
>Howto, Firewalling and Proxy Howto and I'm still lost..
>
>It's funny becuase I can ping the nic from my win98 machine. but I can't get
>out.. I'm really starting to go back to NT for my network.. Can some one
>help me out, there's got to be like a IP masquerading for dummies or
>something cause damn this is really kick my but.. And the reason I want
>linux is for Hosting my web site and other issues..
--
Herding Humans ~ Herding Cats
Neither will do a thing unless they really want to, or |||
is coerced to the point where it will scratch your eyes out / | \
as soon as your grip slips.
In search of sane PPP docs? Try http://penguin.lvcm.com
------------------------------
From: [EMAIL PROTECTED] (jedi)
Subject: Re: ipfwadm docs ?
Date: Sat, 20 Feb 1999 17:25:10 -0800
On Sat, 20 Feb 1999 19:50:17 -0500, Brian R <[EMAIL PROTECTED]> wrote:
>hi all,
>i was wondering if someone could direct me to some documentation on the uses
>and arguments for ipfwadm. what i am trying to do is create a functional and
man ipfwadm
>relatively secure firewall, but will allow hosts to be routed to internal
>network hosts. ie allow www requests to be sent to the webserver, and ftp
>requests to goto the ftp server .. etc...
>i realize that this will compromise security, but i would like only certain
>protocols to be forwarded to certain hosts.. ie no www requests be sent to
>the ftp server and vice versa. and of course allow internal hosts free reign
>to the internet.
>
> -----------web server
>firewall----|----------ftp server
> -----------hosts
>i would like to read into this a little more and see exactly what is
>possible and what is not realistic, in regards to maintaing security.
>could a 'double' firewall be possible ? maybe:
>
> --------firewall--------hosts
>firewall----|--------web server
> ---------ftp server
You can filter any IP, any port both incoming and outgoing
and even do accounting on any of those.
--
Herding Humans ~ Herding Cats
Neither will do a thing unless they really want to, or |||
is coerced to the point where it will scratch your eyes out / | \
as soon as your grip slips.
In search of sane PPP docs? Try http://penguin.lvcm.com
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.unix.solaris
Subject: Re: Machine name themes - what do you use?
Date: Sun, 21 Feb 1999 03:19:42 GMT
We've used Godzilla monsters (rodan, etc.), cheeses (gouda, swiss, jack, etc),
muppets (fozzy, kermit, piggy, etc), and in one case, the 3 stooges for our 3
staging boxes (larry, moe, curly).
In article <[EMAIL PROTECTED]>,
Marty Itzkowitz <[EMAIL PROTECTED]> wrote:
> I used herb names for a set of lab machines:
> parsley, sage, rosemary, thyme, basil, arugula, ...
>
> At a previous company, one set of lab machines was named
> after defunct computer companies:
> cydrome, multiflow, vitesse, ...
>
> Marty Itzkowitz
>
=============================================
jeff grant, it manager, nettwerk productions
http://www.nettwerk.com http://www.nettweb.com
mailto:[EMAIL PROTECTED]
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Robert C. Paulsen, Jr." <[EMAIL PROTECTED]>
Subject: smbumount: "probably not smb-filesystem"
Date: Sat, 20 Feb 1999 22:17:03 -0600
Just installed SuSE 6.0 and am having one problem with Samba. I can
mount shared directories from Windows using smbmount OK but when I try
to unmount with smbmount I get an error:
> smbumount /mnt
/mnt probably not smb-filesystem
This happens either as root or as normal user. Root can successfuly
unmount with the unmount command:
# unmount /mnt
Any ideas?
--
Robert Paulsen http://paulsen.home.texas.net
If my return address contains "ZAP." please remove it. Sorry for the
inconvenience but the unsolicited email is getting out of control.
------------------------------
From: Bob Bryla <[EMAIL PROTECTED]>
Subject: 2 node network, Win95 and RedHat 5.2, telnet problems.
Date: Sat, 20 Feb 1999 22:21:02 -0600
Used to be 2 Win95 PCs on a two node network, converted one to Linux, RH5.2. Addresses:
172.28.66.1 (Linux), 172.28.66.2 (Win95). "ping" works FINE both directions. But
"telnet" from
Win95 to Linux times out. "ftp" says connection refused. Running X Server on Win95 PC,
can't
initiate connections with rsh or rexec, get message "Connection Refused". However, if
I go to
the Linux PC, do a "setenv DISPLAY 172.28.66.2:0.0" then run "xterm", it pops up just
fine on
the Win95 PC.
What do I need for masks, routes, etc. on each node? Is there some kind of permission
I'm not
setting right on some Linux daemon (telnetd?) to allow connections?
thx,
Bob Bryla
------------------------------
From: John Mullee <[EMAIL PROTECTED]>
Subject: Re: Route Question
Date: Mon, 22 Feb 1999 11:17:33 +0100
Stan Koper wrote:
> Recently, I ran route, and got the following results:
...snip...
> None of these destination addresses are in my network. I can ping 192.168.1.1,
> but not 192.168.0.1. The dvo.ne.mediaone.net address has an assigned IP of
> Neither of these addresses are in my route.conf file. Where do the entries
> reported in the "Kernel IP routing table" come from, and what can I do to
- 'routed' is the daemon reponsible for discovering routes. man routed.
believed to contain glitches in some recent versions of redhat.
- I recall reading somewhere that '0' was not allowed as a node address
in some BSD-derived network code. Or maybe just in the final digit(s)?
john
------------------------------
From: "Thomas S. Martinson" <[EMAIL PROTECTED]>
Subject: Re: networking site
Date: Mon, 22 Feb 1999 01:45:22 -0600
Rewrite it for Netscape... I don't have IE for Linux
Gaius98 wrote:
> Come to my site for networking, dhcp, NT, and TCP/IP notes. Site is
> free of spam.
>
> http://www.interfold.com/mlim
>
> Let me know what you think!
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
