Linux-Networking Digest #422, Volume #10 Mon, 8 Mar 99 12:13:22 EST
Contents:
pppd and executable scripts (Brad)
Re: How to compile Kernel 2.2.2 with redhat 5.2??? ("Richard Latimer")
PPP broken in switch from RH5 to RH5.2 (Graham Blankenbaker)
Firewall: ICMP/10 to 224.0.0.2 ([EMAIL PROTECTED])
Re: Logging into Samba from Windoze 98 (W.D. Allen)
Re: Firewall: ICMP/10 to 224.0.0.2 ("M.C. van den Bovenkamp")
RH5.1 -> RH5.2 (Khairulanuar Abd Majid)
One time password ("Duarte Cordeiro")
Re: virtual hosts (root)
Server 'lost' for minutes at a time (Daniel)
Multiple groups using a samba share ([EMAIL PROTECTED])
Will Linux work for me? ("Wb")
cracker using su on account nobody ([EMAIL PROTECTED])
Re: For all you Nicrosoft lovers (Peyton Bay)
New user: PPP, LAN and Routing (Marc Lehnert)
Re: One time password (Kevin Martin)
Re: isdn4k utilities and ISDN (King)
Re: Can serial port go faster than 155200? ("Curtis Adams")
----------------------------------------------------------------------------
From: Brad <[EMAIL PROTECTED]>
Subject: pppd and executable scripts
Date: Mon, 08 Mar 1999 08:14:31 -0500
Hi
My ISP disconnects me after 4 hours of use. PPPD then redials and
re-establishes the connection. Is it possible with pppd or another
program to run an executable script immediately after the connection is
re-established. I specifically need to run a TZO.signon script (I have
an apache based web server and a dynamic IP address). I really don't
need this server up 24 hours a day, but was just curious if something
like this could be done, given the circumstances.
Thanks
Brad
------------------------------
From: "Richard Latimer" <[EMAIL PROTECTED]>
Crossposted-To: aus.computers.linux,comp.os.linux.hardware,comp.os.linux.setup
Subject: Re: How to compile Kernel 2.2.2 with redhat 5.2???
Date: Mon, 8 Mar 1999 02:26:20 -0800
Is it possible you have source code from two versions intermixed?
If you installed the headers and kernel source code from the
RedHat 5.2 CD, I think (I don't remember fer-shur) you have a
directory in /usr/src named linux-2.0.36 and a link named linux,
which points to linux-2.0.36.
If you untar a 2.2.2 tarball into /usr/src, it goes into a directory
named linux. If you have a directory named linux already, in
this case a link to linux-2.0.36, then the two source code trees
are mixed. (To anyone reading over my shoulder, this is correct,
isn't it?)
I have compiled the kernel many times and have experienced
the same problem once, and another time the kernel said Out
of Memory - System Halted. I just rebooted with my old version
and kept on plugging.
Don't give up, you just overlooked something.
BTW, what static link to linux did you remove?
richard
------------------------------
From: [EMAIL PROTECTED] (Graham Blankenbaker)
Subject: PPP broken in switch from RH5 to RH5.2
Date: 8 Mar 1999 06:30:38 -0500
I recenly backed up all of my important personal data
from a RH5.0 install of Linux that I had originally setup
many months ago. I am using a program called ezppp to
dial into my ISP, but I have also tried gnome-ppp. Since
installing RH5.2, I can make a connection and the chat script
works insofar as I know that PPP is starting up (on the server
side). But I can't get a ping reply from anyone, nor do any
other internet services work. I also know that my modem still
works because I used minicom to connect to my ISP's shell
access service to write this post. Any ideas? I'm thinking
there is a version conflict between the kernel and pppd that
comes with the new version of RedHat I have installed.
--Graham Blankenbaker
[EMAIL PROTECTED]
d
------------------------------
From: [EMAIL PROTECTED]
Subject: Firewall: ICMP/10 to 224.0.0.2
Date: Mon, 08 Mar 1999 13:12:11 GMT
I have recently implemented a firewall with IP masquarading, and I'm logging a
few denys to ICMP/10 packets from only about 5 machines with destination
224.0.0.2.
Now I tried "looking up" ICMP/10 packets since 10 is not one of the standard
types. I couldn't find what this type was. I also thought that 224.0.0.2 was
one of the experimental IP addresses.
Does anyone know what these ICMP packets are and why am I denying these
packets since they aren't addressed to my ISP assigned IP address?
Thanks,
Nick Bourbaki
[EMAIL PROTECTED]
(remove the nospamplease. to e-mail me)
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: W.D. Allen <[EMAIL PROTECTED]>
Subject: Re: Logging into Samba from Windoze 98
Date: 8 Mar 1999 13:31:35 GMT
W.D. Allen wrote:
> I have been trying to get Samba connectivity from my Linux box to my W98
> client box.
>
Well, looks like I found my own answer! :-))
By the way, I am using Samba 1.9.18p10 on Red Hat 5.2.
After posting I noticed some on the list writting of the smbpasswd
file/command. Sure enough, there was not a root (or anyother) smb user
and password set up on my linux box. So, setting up smbpasswd fixed all
my problems like a champ! Maybe this will also help someone else.
If you can indeed see your linuxbox in the Win95/98 explorer, but it
hassles you for a password upon access, check the smbpasswd file on your
linux box. More than likely, you won't have any users with passwords in
it. To fix this for the 'root', simply do the following:
smbpasswd -a root
Then give your root password at the prompts. This will both add the samba
user to the smbpasswd file and set the password.
I did NOT have to do ANY tinkering with the 95/98 registry. However, I do
have the encrypt password setting set to 'yes' in the smb.conf file.
In the win95/98 box, simply set up your Network Neighborhood setting to
reflect the workgroup being Mygroup (or what ever you renamed it to in
smb.conf). In other words, just do the Network Neighborhood settings just
like the samba server is an NT server. Do go ahead and user USER security.
When logging in, give the username as root. The password as the root
password. And the workgroup/NT server as the workgroup name set in
smb.conf.
You'll get an error at login saying that the 95 box could not find a
domain. Ignore it and click <OK>. When you get to the desktop go into
the Network Neighborhood, find the linux box, open it and you should at
least see the root folder.
Go into the smb.conf and uncomment the section for the 'tmp' subdirectory
and you'll see it too, after restarting Samba and reloging in on the 95/98
box.
Hope this helps. I wish I had tried a little harder before posting to the
list, my originial post seems lame now, but maybe this will help someone
else. Thanks to all the good info on this list, I found the info that
pointed me in the right direction.
Thanks to all!
:-)
WDA
================== Posted via SearchLinux ==================
http://www.searchlinux.com
------------------------------
From: "M.C. van den Bovenkamp" <[EMAIL PROTECTED]>
Subject: Re: Firewall: ICMP/10 to 224.0.0.2
Date: Mon, 08 Mar 1999 14:35:52 +0100
[EMAIL PROTECTED] wrote:
> I have recently implemented a firewall with IP masquarading, and I'm logging a
> few denys to ICMP/10 packets from only about 5 machines with destination
> 224.0.0.2.
>
> Now I tried "looking up" ICMP/10 packets since 10 is not one of the standard
> types. I couldn't find what this type was. I also thought that 224.0.0.2 was
> one of the experimental IP addresses.
>
> Does anyone know what these ICMP packets are and why am I denying these
> packets since they aren't addressed to my ISP assigned IP address?
ICMP type 10 is 'Router Selection', and 224.0.0.2 is the 'All Routers On
This Subnet' multicast address. Looks like those 5 machines are trying
to do ICMP router discovery.
Regards,
--
Marco van den Bovenkamp.
CIO EMEA Network Design Engineer,
Lucent Technologies Nederland.
Room: HVS BZK 32
Tel.: (+31-35-687)2724
Mail: [EMAIL PROTECTED]
------------------------------
From: Khairulanuar Abd Majid <[EMAIL PROTECTED]>
Subject: RH5.1 -> RH5.2
Date: Mon, 08 Mar 1999 20:53:59 +0800
i have a problem here
before this i've installed redhat 5.1 and happy with it...
all the stuff i.e networking, X-windows... ar working...
just now i've upgraded it to redhat 5.2 ...
its seems that my network is not running....
FYI ... i used 3com 3509b nic...
i've disabled the pnp...
there are no error messages at booting...
it detected my nic...
but i cant get thru...
i can ping myself (my ip 161.x.x.x)
i can ping localhost (127.0.0.1)
... anybody can help ?
thanx in advance
------------------------------
From: "Duarte Cordeiro" <[EMAIL PROTECTED]>
Subject: One time password
Date: Mon, 8 Mar 1999 13:58:23 -0000
Hello,
Is there a way to add another password (that changes every time you
login) to the authentication process? It would be a PAM module, I think...
but I've not found any...
It should play like this:
login: myname
password: *********
OneTimePassword: **********
Welcome to SuperSecure.com
root#>
Thanx in advance,
Duarte Cordeiro
------------------------------
From: root <[EMAIL PROTECTED]>
Subject: Re: virtual hosts
Date: Mon, 8 Mar 1999 20:52:16 +0800
Take a look at his firewalling rules.....
On Thu, 18 Feb 1999, bs wrote:
> Friend of mine is running a www server with about 250 virtual hosts.
> He has noticed that some users run programs that use that virtual
> hosts for connections, instead of the 'primary' server IP.
> How can he achieve that they'll be able to use only the primary IP,
> not any of the virtual hosts?
> Can it be done so that some users will have access to all vhosts,
> others only to some/none?
>
> bs
>
>
------------------------------
From: [EMAIL PROTECTED] (Daniel)
Subject: Server 'lost' for minutes at a time
Date: Mon, 08 Mar 1999 13:50:22 GMT
I'm having a very strange problem with my server.
For several minutes each day it seems to go off line.
Then comes back on line.
During the time when it is off line I can not reach it
with any method. It will not respond to ping, httpd
requests, ftp requests or telnet requests.
Requests are made both remotely over the web and
'locally' on the same network.
Then mintues later it responds to all the above as
if nothing was wrong. I have not been able to find
any type of pattern to this loss of contact.
I've gone through all the log files and can find nothing
strange. My ISP (where the machine is co-located)
has no clue and keeps suggesting that I reboot the
system. (Which I've done once to no avail)
My OS is RedHat 5.2 and I'm running on a 233 intell box.
At this point I'm open to any and all suggestion on
what could be causing this problem. Or even suggestions
on how to try and find out more information on it.
-Daniel
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: Multiple groups using a samba share
Date: Mon, 08 Mar 1999 14:23:58 GMT
Hi all,
I want to use samba shares for different (unix) groups at the same time, so
group1 has it's own group, so has group2, but I also want peolpe in group 2 to
be able to read the content of the share of group1.
I have set something like this in smb.conf
___________________
[documenten]
comment = Ops Only
path = /home/documenten
public = yes
writable = yes
printable = no
write list = @group1 @group4
read list = @group2
____________________
The directory documenten in /home is currently owned by root and group1
Somehow users in groups 2 and 4 cannot even access the share.
Does anyone have any suggestions?
thanks in advance,
niels
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Wb" <[EMAIL PROTECTED]>
Subject: Will Linux work for me?
Date: Mon, 8 Mar 1999 08:42:32 -0600
I am considering changing our fileserver OS to Redhat Linux
and would like to here some comments about this, pro's and
cons.
We have in the office:
12 nt workstations primarily running autocad.
1 accounting computer
1 computer for a print server
1 computer for the fileserver and internet connection.
The fileserver;
PII-300
3-com pci network card
US robotics 56k modem
HP7200i re-writable cd-rom
We do daily backup onto the cdrom and have modem sharing
software so 3 of the computers can access the internet at the
same time.
I personally have limited experience on hp-ux workstations.
Any feedback would be appreciated.
Thanks in advance.
Walter
------------------------------
From: [EMAIL PROTECTED]
Subject: cracker using su on account nobody
Date: Mon, 08 Mar 1999 14:24:42 GMT
Some one cracked into my RedHat 5.1. I found root kit and deleted ./root and
all cracker directories below. I implemented tcpwrappers and closed telnet.
I installed tripwire. Now someone shows up in the messages log signed on as
99 nobody with su privledges. How can I can eliminate this? I am now
closing ftp. Only thing left running is http. Help
[EMAIL PROTECTED]
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
Date: Mon, 08 Mar 1999 09:47:38 -0600
From: Peyton Bay <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux,comp.os.linux.hardware,comp.os.linux.setup
Subject: Re: For all you Nicrosoft lovers
childsplay wrote:
> This is very disturbing
>
> http://www.mercurycenter.com/breaking/docs/041815.htm
>
> --
> Charles "childsplay" VanDyke
> [EMAIL PROTECTED]
> ICQ# 14539920 ============
> ]TeamGameSpy[ ============
> http://www.gamespy.com ===
Yes, but why should this surprise anyone? This is Microsoft for crying
out loud!
Since when do customer rights mean anything?
Peyton
------------------------------
From: [EMAIL PROTECTED] (Marc Lehnert)
Subject: New user: PPP, LAN and Routing
Date: Mon, 08 Mar 1999 14:44:49 GMT
Hello!
I've got Redhat 5.2 installed. I used KPPP to dial up my Provider and
all worked fine. Today I tried to install an Apache Web Server, which
also works fine. When I open Netscape with 192.168.1.1 it shows my
Homepage. I installed Apache just for fun. It does not run when I am
on the Internet. But since I installed it, my ISP connection doesn't
work anymore. Can anyone help me ? I don't know much about routing,
but I think that is the Problem.
Thank you.
Marc.
------------------------------
From: [EMAIL PROTECTED] (Kevin Martin)
Subject: Re: One time password
Date: Mon, 08 Mar 1999 16:25:08 GMT
In article <[EMAIL PROTECTED]>, it says "Duarte Cordeiro"
<[EMAIL PROTECTED]> wrote:
> Is there a way to add another password (that changes every time you
>login) to the authentication process?
There are a few of these; the one I know best is called s/key. It works in
a rather clever way. Start with a function that is difficult-to-impossible
to run backwards, such as MD4 or SHA, and which you can apply an arbitrary
number of times -- that means it has to give you a different result every
time, and the result must always stay the same size. Now take a "secret"
(think of it as a VERY LONG passphrase), and a "seed." You apply the seed
to the secret a couple of hundred times, and on the host you store the
result, the seed, and the count of how many times you looped.
Note that you do NOT store the secret on the host. The host will NEVER see
the secret. Here's an example:
Hash: MD5
Secret: Grandma wears Army boots
Seed: Linux
Count: 200
One-Time Password (OTP): GORE BASE YAW BEND OUST HUNT
Those six words are just entries in a table, easier to type than the
hexadecimal numbers which they actually represent.
I tell the system admin to set me up with s/key and to initialize it with
the seed "Linux", count 200, and the OTP above. I do NOT tell him the
secret about Grandma.
Now watch it work!
Next time I go to login, I give Unix my username and get this prompt:
s/key: Linux/199
>
Note that the count is ONE LESS than the number I gave the admin?
I key my secret and the prompt into my OTP generator, and it gives the new
OTP, "GARY SAIL MAIN SEE AYE ROD"
s/key: Linux/199
>GARY SAIL MAIN SEE AYE ROD
The host translates those six nonsense words back to the hex equivalent, and
applies the MD5 function to that value and the seed. The result should be
the same one as the original OTP, "GORE BASE YAW" etc.
See the trick? Anyone can produce the NEXT value in the series, but only I
can produce the PREVIOUS one. Because I gave the host the only value that
would produce the answer it had stored, I must know the original secret.
So it logs me in, and replaces the old "GORE BASE" OTP with the new one,
"GARY SAIL", and it knocks the counter down by one. Next time, I will be
challenged to give it the OTP that corresponds to 198.
If a sniffer captures your login sequence, playing it back won't work
because the challenge is always for a LOWER number of iterations than last
time. Ditto if he dumps the /etc/passwd file -- he will see only the same
information he'd get by eavesdropping on your connection.*
When the counter gets down into the single digits, you need to prime the
pump again using a different seed. But you can generally get by with using
the same secret (with different seeds!) on many different machines. You do
need some local processing power, but there are s/key generators for the
PalmPilot -- that's what I used to make the example above.
S/key was developed at Bellcore quite a while back, and the source is freely
available. (I've used it at a commercial provider, along with a script for
Procomm Plus that would read the challenge off the screen and run a Windows
OTP generator to reply automatically.)
*Note that this doesn't protect you if you send any reusable passwords (or
credit card numbers!) during the session while he's still listening, or if
the bad guy has the ability to steal your connection away after you connect!
SSH or another end-to-end encryption technology would be a better solution
to that problem. The theory is that most hostile packet sniffers only
listen for passwords during the first kilobyte or so of a connection, and if
they can't get anything usable that way, you've pretty much defeated them.
--
Please followup to the group.
------------------------------
From: King <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup,comp.os.linux.misc
Subject: Re: isdn4k utilities and ISDN
Date: 8 Mar 1999 16:31:51 GMT
How do you upgrade/patch the 2.2.2 kernel?
loermans wrote:
>
>
> > Can someone help?
> > ---------------------------
> > Here some output
> >
> > make[1]: Entering directory
> > `/root/isdn/isdn4k-utils-3.0beta1/isdnctrl'
> > gcc -DVERSION=\"3.0beta1\" -Wall -O2 -I. -I/usr/src/linux/include
> > -DI4L_CTRL_c
> > isdnctrl.c:446: warning: #warning ISDN_NET_DM_OFF not defined? Old
> > isdn4kernel?
> > isdnctrl.c: In function `do_dialmode':
> > isdnctrl.c:545: structure has no member named `dialmode'
> > isdnctrl.c: At top level:
> > isdnctrl.c:525: warning: `do_dialmode' defined but not used
> > make[1]: *** [isdnctrl.o] Error 1
> > make[1]: Leaving directory `/root/isdn/isdn4k-utils-3.0beta1/isdnctrl'
> > make: *** [install] Error 2
>
> The problem with the 2.2.x kernels is that they do not contain a current
> release of the ISDN core. For some strange reason the developer kernels
> (2.1.xxx) do contain an updated ISDN core, I don't know why they didn't
> include this in the final 2.2.x kernel.
>
> You can download an updated ISDN core from http://www.isdn4linux.de
>
> You should patch you kernel source with this update and rebuild your
kernel.
> You should now be able to 'make' the ISDN4Linux utilities.
>
> Good luck
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
================== Posted via SearchLinux ==================
http://www.searchlinux.com
------------------------------
From: "Curtis Adams" <[EMAIL PROTECTED]>
Subject: Re: Can serial port go faster than 155200?
Date: Mon, 8 Mar 1999 08:10:30 -0500
115200 bits per second is the limitation of the serial port hardware.
Typically, most machines have a 16550 UART (universal asynchronous
receiver/transmitter) which maximum throughput is 115200 bps (on faster
machines; slower machines may not be able to achieve this speed). If you
require faster tranmission rates, you need a 16650 or 16750 UART. Special
adapter cards (ISA bus or PCI bus) are available with such UARTs. Check out
http://www.lavalink.com
http://www.byterunner.com
Personally, I use the TC-200 card from ByteRunner because they are located
in my home town. There are jumpers on the card to set the COM port (COM1 =
cua0, COM2=cua1, etc), the IRQ ( 2 to 15 ), and a Speed setting. Just set
the speed setting to 2X on the board, thus setting the software speed rate
to 115200 actually equals twice that, 230400, in hardware throughput. If you
set the IRQ to something non-standard (2, 5, 10, etc), you can use the
'setserial' command to assign the new IRQ to the port under Linux.
Good Luck!
Curtis
Gaetan Paquette wrote in message
>Hi all,
>
>I have a couple of linux boxes connected via a ppp link through a couple
>of BitSurfr-pro. It works fine, but the top transfer speed achieved is
>aprox.
>11.1 Kbps which seem to match the serial ports that are set to 115200 bps
>(spd_vhi). Can the serial ports of both machines be increased in some way
>in order to benefit from the BitSurfr-pro's compression? In other words, is
>155200 bps the top speed a serial port can be set under linux at the
>present time?
>
>Any help appreciated
>
>Gaetan
>
>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
