Linux-Networking Digest #426, Volume #10 Mon, 8 Mar 99 19:13:54 EST
Contents:
Re: cracker using su on account nobody ("lunchmeat7")
Etherlink III BNC->UTP (Alastair Taylor)
Re: Multiple groups using a samba share ("Eugene")
new driver (Benjamin HERZOG)
Allocating ISDN costs (andi)
Re: Will Linux work for me? (Rick Onanian)
Re: What does this mean? ("John Hardin")
Re: tunneling through a campus LAN ? (Juergen Heinzl)
IBM_auto16/4 tokenring (Peter Hyacinth)
dial in server (William Robbins)
Re: Help with network card. ("Ger Donners")
Re: cracker using su on account nobody (Jason Keyes)
Help: XTerminal Emulation on Win NT ("Jagadeesan S. Krishnamurthy")
dns problems (or name lookups) (MazterVIP)
Re: smbclient (David Kirkpatrick)
Re: cracker using su on account nobody ("rcurtis")
Re: nis + nfs ("Algot =?iso-8859-1?Q?Runebj=F6rk?=")
Linux client for WinNT (Wayne Chunn)
Largest File on the System (James Cook)
Multilink (MrX)
Re: Telnet Problem ("Eugene")
----------------------------------------------------------------------------
From: "lunchmeat7" <[EMAIL PROTECTED]>
Subject: Re: cracker using su on account nobody
Date: Mon, 8 Mar 1999 13:18:07 -0500
just for historical reasons what version of wuftpd where you using ?
who owns it and what are the perms ? just curious...
[EMAIL PROTECTED] wrote in message
<7c0miv$2h4$[EMAIL PROTECTED]>...
>Some one cracked into my RedHat 5.1. I found root kit and deleted ./root
and
>all cracker directories below. I implemented tcpwrappers and closed telnet.
------------------------------
Date: Mon, 08 Mar 1999 18:23:30 +0000
From: Alastair Taylor <[EMAIL PROTECTED]>
Subject: Etherlink III BNC->UTP
I have a 3Com Etherlink III card hapily running on our network using the
BNC connector. We have just bought an ethernet switch and I want to
connect this Linux machine to the Switch using the UTP port. How can
this be done - I have searched using DejaNews and found nothing that
really answers this question.
If anyone can help it would be much appreciated because at the moment I
am considering buying a small hub with a BNC connector and letting the
Linux machine stay on thinnet.
------------------------------
From: "Eugene" <[EMAIL PROTECTED]>
Subject: Re: Multiple groups using a samba share
Date: Mon, 08 Mar 1999 21:50:41 GMT
1. make sure the permissions of the directory are set to drwxrwxrwx (And it
should probably be owned by root:root).
2. I'm not sure about how exactly samba interprets the config file, but if
you want only group1 to read the share, it would be a good idea to disable
public access. Similarly, if you want only groups 1 and 4 to write to the
share, say writable = no. You might want to add group 1 and 4 to read list.
[EMAIL PROTECTED] wrote in message
<7c0mhk$2gi$[EMAIL PROTECTED]>...
>Hi all,
>
>I want to use samba shares for different (unix) groups at the same time, so
>group1 has it's own group, so has group2, but I also want peolpe in group 2
to
>be able to read the content of the share of group1.
>
>I have set something like this in smb.conf
>___________________
>[documenten]
> comment = Ops Only
> path = /home/documenten
> public = yes
> writable = yes
> printable = no
> write list = @group1 @group4
> read list = @group2
>____________________
>
>The directory documenten in /home is currently owned by root and group1
>
>Somehow users in groups 2 and 4 cannot even access the share.
>
>Does anyone have any suggestions?
>
>thanks in advance,
>
>niels
>
>-----------== Posted via Deja News, The Discussion Network ==----------
>http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Benjamin HERZOG <[EMAIL PROTECTED]>
Subject: new driver
Date: Mon, 08 Mar 1999 22:50:53 +0100
Reply-To: [EMAIL PROTECTED]
hi ,
i am runing RedHat5.2 i want to install an ethernet card: SN3200.
by luck, i have a driver for this card.
so i have the files 'Makefile', 'config.in' .... i put all the files
furnished in '/usr/src/linux', and i tried to run 'autoconf' on
config.in to generate a file 'config' by typing:
# autoconf config.in
no error message, but .... no more 'config' file ! Where has it gone ?
without this file, i can't finish the install !
thnk you for helping.
------------------------------
From: andi <[EMAIL PROTECTED]>
Subject: Allocating ISDN costs
Date: Mon, 08 Mar 1999 22:21:50 +0000
I am using a Linux box with IP Masqeurading setup, so that 3 Windows98
machines on a small home LAN can access the net through one ISDN line.
Everything works very well.
What I would like to do now is to set some system up so that I can
allocate call costs to each of the machines. Ideally I would like to
print off a complete list at the end of the month for each machine
stating the time the call was initiated and the total time online. I
realise this may not be possible, but anything that could give me a
rough idea of each users time online would make sorting the phone bill
out at the end of the month a hell of a lot easier.
Any ideas??
Regards
Andi
------------------------------
From: Rick Onanian <[EMAIL PROTECTED]>
Subject: Re: Will Linux work for me?
Date: Mon, 08 Mar 1999 17:16:47 -0500
Wb wrote:
>
> I am considering changing our fileserver OS to Redhat Linux
> and would like to here some comments about this, pro's and
> cons.
>
> We have in the office:
> 12 nt workstations primarily running autocad.
> 1 accounting computer
> 1 computer for a print server
> 1 computer for the fileserver and internet connection.
>
> The fileserver;
> PII-300
> 3-com pci network card
> US robotics 56k modem
> HP7200i re-writable cd-rom
Linux running on that machine could take the place of both servers and
run a CAD program respectably (if there was a respectable one..<G>)
Your hardware worries me. The 3com card - what model? Many have trouble
with 3c9x5 cards. If that modem's a Windomodem, you'll need a new one.
The hp7200i shouldn't give you too much trouble.
> We do daily backup onto the cdrom and have modem sharing
> software so 3 of the computers can access the internet at the
> same time.
Linux will take care of sharing the modem. Best way is to use IP
Masquerading to let all the machines access the internet, and set the
linux box to dial automatically (with diald, I think) whenever it's
required.
> I personally have limited experience on hp-ux workstations.
> Any feedback would be appreciated.
>
> Thanks in advance.
> Walter
I would highly reccommend that you don't use that machine for Linux.
It's overkill - Linux will hapilly serve your files, printers, and
internet connection from a 486dx2/66, even while backing up to cd.
Also, I would definately say you should make it all work parallel to
the current server until you've got it all configured. It's a bitch
when your network is down and you have to wait for someone to respond
to your newsgroup post - your users will constantly tell you each and
every thing they can't do while you wait. :)
You may want to consider something other than RedHat for a serious
server, such as Debian or Slackware.
--
rick - a guy in search of raw (ISO) cd images of SuSE and Slackware
===============
My opinions don't exist, and as such, are not anyone elses. I do not
represent anyone, not even myself, and especially not my employer.
---
Looking for a 1968 Camaro SS convertible, black interior,
beat-up rustbucket that is in need lots of restoration and TLC.
---
To email me, take out the papers and the trash
[EMAIL PROTECTED]
------------------------------
From: "John Hardin" <[EMAIL PROTECTED]>
Subject: Re: What does this mean?
Date: Mon, 8 Mar 1999 10:35:32 -0800
Erik Hensema wrote in message ...
>WF, Yee wrote:
>>Greetings everyone,
>>
>> I installed RedHat 5.2 and turned on IP masquerading
>>successful. I checked my /var/messages file and I saw a ton
>>of the following messages. This looks suspicious. Can anyone
>>enlighten me as to what it means?. Thanks in advance.
>>
>>Mar 7 14:26:03 portmap[1516]: connect from 24.1.yyy.xxx to
>>callit(ypserv): request from unauthorized host
>>Mar 7 14:26:07 portmap[1517]: connect from 24.1.yyy.xxx to
>>callit(ypserv): request from unauthorized host
>>Mar 7 14:26:15 portmap[1518]: connect from 24.1.yyy.xxx to
>>callit(ypserv): request from unauthorized host
>>Mar 7 14:26:19 portmap[1519]: connect from 24.1.yyy.xxx to
>>callit(ypserv): request from unauthorized host
>
>Someone at 24.1.yyy.xxx is trying to access your yp server, but it failed.
Set up your firewall to reject portmap, yp, nfs traffic from the Internet.
There's no reason to provide these services to the Internet at large. If
you're not familiar with ipfwadm, you may want to visit
http://www.wolfenet.com/~jhardin/ipfwadm.html
Do it now before they crack your system.
--
John Hardin KA7OHZ [EMAIL PROTECTED]
pgpk -a finger://gonzo.wolfenet.com/jhardin PGP key ID: 0x41EA94F5
PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
=======================================================================
If you spend any time administering Windows NT, you're far too
familiar with the Blue Screen of Death (BSOD) ...
- "MSDN Flash" email newsletter, 2/9/1999
------------------------------
From: [EMAIL PROTECTED] (Juergen Heinzl)
Subject: Re: tunneling through a campus LAN ?
Date: Mon, 08 Mar 1999 22:02:33 GMT
In article <7c1dpn$idt$[EMAIL PROTECTED]>, Cameron Spitzer wrote:
>
>Let's say, hypothetically of course, that I have a Sun Solaris machine "marsbase"
Let's say, hypothetically of course, ...
[...]
>We have:
>
> [marsnet] [earthnet] [Internet]
>
>rebelbase --+-- router ==[ISDN]== router --+-- firewall --+--+--+-- bablylonstation
> | |
> | |
> marsbase earthmole
>
>Can this be done? What do we run, where? Which HOWTOs cover this
>kind of tunneling?
... to go from rebelbase -> babylonstation via earthmole as a relay is,
technically, not a problem at all. I must admit though that if the guys or
girls responsible are not able to recognise what is up within at most 24
hours .... nah, I must not think that bad of them.
To think the HOWTO over is left as an exercise to the reader, instructions
are available on the Net (as usual).
Stay clean,
Juergen
--
\ Real name : J�rgen Heinzl \ no flames /
\ EMail Private : [EMAIL PROTECTED] \ send money instead /
\ Phone Private : +44 181-332 0750 \ /
------------------------------
From: Peter Hyacinth <[EMAIL PROTECTED]>
Subject: IBM_auto16/4 tokenring
Date: Mon, 08 Mar 1999 18:46:43 +0000
Dear All,
I have installed linux ver 2.0 on my machine and now trying to connect
to the lan. The problem I have is that patches for tokenring appears
to be pretty limited and for my IBM auto 16/4 token-ring isa
adapter non-existant.
The second challenge I have is that I am new to linux so if there
is a patch available would you also know of any installation
instructions to go with it.
Many thanks Peter Hyacinth.
------------------------------
From: William Robbins <[EMAIL PROTECTED]>
Subject: dial in server
Date: Mon, 08 Mar 1999 18:00:51 -0500
==============0D314EA8627B9F6D112FF688
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
hello all
I can dial out on of my modems but the other one I can't diald into it
the AA light just flashes. And the TR and the RS light is off. They
should be on though. How do I setup of that modem so it will answer the
phone call?
Please e-mail me at [EMAIL PROTECTED]
Thanks
William
--
NT makes the possible easy and the impossible, impossible.
Unix makes the possible difficult and the impossible, possible.
William L. Robbins
==============0D314EA8627B9F6D112FF688
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
hello all
<P>I can dial out on of my modems but the other one I can't diald
into it the AA light just flashes. And the TR and the RS light is
off. They should be on though. How do I setup of that modem
so it will answer the phone call?
<P>Please e-mail me at [EMAIL PROTECTED]
<P>Thanks
<BR>William
<PRE>--
NT makes the possible easy and the impossible, impossible.
Unix makes the possible difficult and the impossible, possible.
William L. Robbins</PRE>
</HTML>
==============0D314EA8627B9F6D112FF688==
------------------------------
From: "Ger Donners" <[EMAIL PROTECTED]>
Crossposted-To: linux.redhat.misc,linux.redhat.install
Subject: Re: Help with network card.
Date: Mon, 8 Mar 1999 20:41:39 +0100
Check your /etc/conf.modules
Change the IO address and reboot.
This should do the trick
Ger Donners
------------------------------
From: Jason Keyes <[EMAIL PROTECTED]>
Subject: Re: cracker using su on account nobody
Date: Mon, 08 Mar 1999 21:28:43 GMT
Re-install. Many of the hack-kits being used these days will replace binaries
on your system. Some of the affected binaries may include tcpd, inetd, login,
ps, su, ping, traceroute, netstat, etc. The only way you have a chance of
being able to really know what is going on is to do a re-install.
Best of luck,
Jason
In article <7c0r23$6pl$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Another fact, I forgot to mention, After discovering crack, I changed all
> passwords, so this cracker seems to have hidden a duplicate su password or has
> cracked passwords again. Also do not know if they come in on ftp or what, Any
> ideas for finding out how they come in?
>
> In article <7c0miv$2h4$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] wrote:
> > Some one cracked into my RedHat 5.1. I found root kit and deleted ./root
and
> > all cracker directories below. I implemented tcpwrappers and closed
> telnet.
> > I installed tripwire. Now someone shows up in the messages log signed on as
> > 99 nobody with su privledges. How can I can eliminate this? I am now
> > closing ftp. Only thing left running is http. Help
> >
> > [EMAIL PROTECTED]
> >
> > -----------== Posted via Deja News, The Discussion Network ==----------
> > http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
> >
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>
--
Jason Keyes / [EMAIL PROTECTED]
IDX Systems Corporation
Boston, MA, USA
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Jagadeesan S. Krishnamurthy" <[EMAIL PROTECTED]>
Subject: Help: XTerminal Emulation on Win NT
Date: Mon, 08 Mar 1999 15:34:09 -0800
Hi,
I have Linux sever (Redhat 5.2) running on a PC installed and working
successfully. I downloaded SuperX to work on XWindows from my Windows NT
machine. I am not able to start Xwindows ( startx ) from my remote
client ( Windows Machine ). I started XServer of SuperX and when it is
waiting ( TCP/IP on Linux server) , I telent'd into the linux server and
issued:
xterm -display xx.xx.xx.xx:0
and it displayed the xterm on my emulated XServer. I am able to do this
with xlogo also. But not with startx. Has anybody successfully gotten
through this?
Any help will be appreciated.
Regards,
Jags
------------------------------
From: MazterVIP <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: dns problems (or name lookups)
Date: Mon, 08 Mar 1999 19:54:52 +0100
Hi...
i got some problems, i am running a network at home with 4 computers,
and the network works in linux (i can ping) but i can't ping the
computername like MazterVIP.MazterVIP and Server.MazterVIP....i think
the problem is with the dns, but i dont know...
plz help me..
//MazterVIP
------------------------------
From: David Kirkpatrick <[EMAIL PROTECTED]>
Subject: Re: smbclient
Date: Mon, 08 Mar 1999 14:46:37 +0000
Reply-To: [EMAIL PROTECTED]
Do you have the file /etc/lmhosts?
ls -la /etc/lmhosts
Tomasz Lukasiak wrote:
>
> when i run
> smbclient -L presley
>
> i get the following error: Added interface ip=127.0.0.1
> bcast=127.255.255.255 nmask=255.0.0.0
> startlmhosts: Can't open lmhosts file /etc/lmhosts. Error was No such
> file or directory
> cli_open_sockets: Unknown host PRESLEY.
>
> what am i doing wrong? also, how can i connect to computers outside of
> my workgroup?
>
> tom
--
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: "rcurtis" <[EMAIL PROTECTED]>
Subject: Re: cracker using su on account nobody
Date: Mon, 08 Mar 1999 19:27:56 GMT
Thanks!, I checked the cron log and noted that the daily routine ran just
at the time stamp of the su entry as nobody in the messages log. Looks like
the daily routine for updateb runs as su nobody.
wheww!
Gregory G. Woodbury wrote in message ...
>[EMAIL PROTECTED] <[EMAIL PROTECTED]> shaped electrons to
say:
>>Some one cracked into my RedHat 5.1. I found root kit and deleted ./root
and
>>all cracker directories below. I implemented tcpwrappers and closed
telnet.
>>I installed tripwire. Now someone shows up in the messages log signed on
as
>>99 nobody with su privledges. How can I can eliminate this? I am now
>>closing ftp. Only thing left running is http. Help
>
> It is worth noteing that cron under RedHat uses su and account nobody to
>perform some of its regular work. Check the /etc/crontab file and the
>various /etc/cron* files to find all the details.
>
>--
>Gregory G. "Wolfe" Woodbury `-_-' Owner/Admin: wolves.durham.nc.us
>ggw at wolves.durham.nc.us U Errant co-moderator of:
>
soc.religion.unitarian-univ
>"The Line Eater is a boojum snark." Hug your wolf. (Thanks Peter.)
------------------------------
From: "Algot =?iso-8859-1?Q?Runebj=F6rk?=" <[EMAIL PROTECTED]>
Subject: Re: nis + nfs
Date: Tue, 09 Mar 1999 00:35:08 +0100
I have the same problem.
My /etc/exports just contains
/home (rw)
And I know this used to work with RedHat 4.2,
but now I'm using RedHat 5.2, so I wonder if I
forgot something or if they just changed things around again.
Anyway, if you find a solution, please tell me what to do.
/ Algot ([EMAIL PROTECTED])
Christian Kristukat skrev:
> I am running two linux machines one of them being a NIS and NFS server.
> NIS works fine but userid-mapping when mounting a NFS volume doesn't
> work. /etc/exports looks like this:
>
> /var/spool/mail 192.168.10.1(rw, map_nis=NISDOMAIN)
>
> nfsd reports "nis_lookup(root) RPC failure on NIS operation" every time
> I access the nfs volume. As consequence, all files own nobody:nogroup.
>
> What's wrong?
>
> C.
> .
> email: [EMAIL PROTECTED] =======
> http://www.hoc.net/semmel ||| |||
> PGP key on request
------------------------------
From: Wayne Chunn <[EMAIL PROTECTED]>
Subject: Linux client for WinNT
Date: 8 Mar 1999 19:31:38 GMT
Greetings,
I'm new at this and here's the question. I have a laptop I run Linux
(Redhat 5.2, KDE and StarOffice 5.0) on and I want to connect to my
companies NT network to check email (MS Exchange) and upload/download
files.
Connection can be either via ethernet (when at work) or Shiva (VPN) when at
home.
1.) Is it possible?
2.) If so, how?
I run a Linux/Win95 Intranet at home (4 children, 7 computers - Server,
Internet Firewall, theirs and mine) so I'm somewhat familiar with SAMBA.
I've been searching the howtos and haven't found any answers yet. The
closest I've gotten was a posting here regarding MS Exchange and IMAP.
Thankyou,
Wayne
================== Posted via SearchLinux ==================
http://www.searchlinux.com
------------------------------
From: [EMAIL PROTECTED] (James Cook)
Subject: Largest File on the System
Date: Mon, 08 Mar 1999 22:35:51 GMT
I have a rampant log file or temp file consuming all of my disk space. Being a
novice, I desperately looked for a command that would search subdirectories for
files larger than 1MB. I found "find" that has a -size switch that is
particularly useless (at least for this task). It only returns files that are
equivalent to the size you pass in, not greater than (or less than).
Is there a way to see where the largest files are on your device?
thanks,
jim
------------------------------
From: MrX <[EMAIL PROTECTED]>
Subject: Multilink
Date: Mon, 08 Mar 1999 14:55:04 -0400
Reply-To: [EMAIL PROTECTED]
I am somewhat new to running Linux with PPP..
On a network where the routers are doing all the work, Linux is a
breeze.. However, with
PPP and I am having a hell of a time..
Let me tell you my inventory..
1. I am running a 486 dx4100 with Redhat 5.0
2. My modem is the Supra Sonic Dual Modem by Diamond Multimedia
(diamondmm.com).
3. I currently have pppd 2.3 installed on my system...
4. The linux box will act as the network routing for PPP to my Mac and
two other Windows
boxes for Internet Browsing and Email (can ping internally with no
problem).
I have no idea as to how to confiugre my modem, let alone that, I want
to configure it to dial twice since it is a dual modem.. I am using
PPkit .7 which is essentially a
perl script that takes in information about my user information, name
servers etc. No
information though regarding the hardware the PPP script has to
communicate with...
I did a pnpdump >isapnp.conf and inserted that into my /etc file.
Rebooted and tried to initialize it by doing ppp-on.. What happens is
-- nothing. When I do ppp-off , I get an error message saying
ERROR: PPP link is not active on ppp0!
Mind you I am doing all this from the shell.. For some reason, X can not
find my mouse no matter how I configure it... And with two different
brans...
So now to my question..
1. What drivers or software do I need for my modem to work on the linux
box?
2. Do I need Masquerade so that my other non Linux computers can dial
out?
3. If so, where can I get it?
Please let me know if you can help.
Ray
------------------------------
From: "Eugene" <[EMAIL PROTECTED]>
Subject: Re: Telnet Problem
Date: Mon, 08 Mar 1999 21:42:45 GMT
as root, run passwd and set up user's password
[EMAIL PROTECTED] wrote in message
<[EMAIL PROTECTED]>...
>I have Redhat 5.1 Kernel 2.0.34 installed and I can�t login with
>telnet.
>Even from the console I get "Login incorrect" all the time and with
>every Username that I set up.
>Is there something else I have to install?
>
>Thanks
>Joachim
>
>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
