Linux-Networking Digest #755, Volume #10 Mon, 5 Apr 99 18:13:49 EDT
Contents:
Re: Using Linux instead of NT Server in home environment.... (Richard Pitt)
Re: Help with Linux as Client on Sygate... (contains setup information to assist)
("Charles R. Thompson")
Re: Dialin-Server in WIN-Network: No browse-list on client (Sven Holz)
Re: hackers (John McKown)
Re: 2nd DNS server (Juergen Heinzl)
Announce : Nessus Alpha2 (Renaud Deraison)
Re: [Help] PPP worked but now fails [modem q] (Bill Unruh)
Re: dialup PPP problem - log messages ([EMAIL PROTECTED])
PCMCIA/Xircom RBE-100BTX ("Arne Reinelt")
Re: Problesm Extracting Files with RH 5.2 (Tomasz Sienicki | tsca)
Re: Delay logging in to telnet, ftp ([EMAIL PROTECTED])
Re: Linux in NT Domain (Ron Watkins)
----------------------------------------------------------------------------
From: Richard Pitt <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.os.linux.setup
Subject: Re: Using Linux instead of NT Server in home environment....
Date: Sun, 04 Apr 1999 23:29:55 GMT
"Anthony W. Youngman" wrote:
>
> In article <7dmf1a$2u80l$[EMAIL PROTECTED]>, Stuart Fox
> <[EMAIL PROTECTED]> writes
> >
> >>> Also, time for a few facts
> >>>
> >>> 1. NO operating system is bug free
True
> >>> 2. Both Linux camps and MS spend considerable time locating and fixing
> >bugs
Yes, but the Linux camp has the source code, and has demonstrated that
discovery of a bug can result in a fix in less than 24 hours - in fact
there has been at least one time when 3 new releases of the Linux kernel
were out in 1 day!
On the other hand, Microsoft's source isn't even available to everyone
at Microsoft, and few if any people there have ever had access to all of
it at once. It takes them far longer to discover and/or admit to a bug,
and even longer to issue the patches. More often the patches get put
into the next release and we have to pay for them!
Reboot, re-install, upgrade - the mantra of Windows - all flavours.
> >>> 3. A properly configured NT box will not Blue Screen, and will be as
> >stable
> >>> as a well configured Linux box.
Yes - as long as you don't let a user on it - because one lowly user can
screw up the system by clicking on "upgrade" on one lowly program.
This also applies to Linux, but doesn't happen nearly as often because
the people that program the applications for Linux don't tend to include
new library modules that have to run with root priviledges and change
the whole operating system like DLLs do.
>
> You're assuming the user has the experience to configure it properly. In
> which case linux is well within his grasp ...
> >>
> >>Hmmm. Not sure this is really the case, NT does Blue screen sometime
> >>without explanation. One thing I do know for sure is that Linux is a
> >hell
> >>of a lot easier to get working again if it fails to boot. Scramble an NT
> >>installation to much and its reinstall time. A key Linux quality is the
> >>ability to recover a system if sometthing goes wrong. This can be very
> >>difficult with NT.
> >>
> >
> >I have some twenty or thirty NT servers under my direct or indirect
> >influence, and they do not blue screen. The occasions when they do, it is
> >usually because a third party driver is poorly written (e.g. some of the
> >Compaq NIC drivers). In my experience, most NT blue screens are caused by
> >hardware or hardware related faults (or letting some asshole who doesn't
> >know what they're doing at your machine). Recovering an NT box isn't that
> >hard, especially given there's such a wide ranging knowledge base available.
> >I have never seen a NT box blue screen without a good reason.
Some asshole = user
If you let them near the computer, they can/will do things simply
because they can, and there is nothing you can do about it except do
backups. Even if the system has no floppy there is still a strong
possiblilty that the user can/will put something into their area that
the system will load and subvert your careful setups.
> >
> When I upgraded my NT system to SP4 (okay I think I did something
> stupid) it blue-screened on boot. I couldn't recover and ended up using
> fdisk deleting my C: drive in order to be able to do a re-install.
>
> When I cocked up my upgrade from SuSE 5.2 to 6.0 it was pretty easy to
> recover. The system at least managed to boot and let me get at the tools
> I needed. By the way, linux had just done its equivalent of "del
> \winnt\system32". I don't think NT would have recovered from that!
>
> As for "linux is for techies", I spend too much time teaching my friends
> "the fundamentals of computing" and hauling them out of holes of their
> own making. I don't mind provided they want to learn. If you don't
> understand what NT is doing "under the bonnet" then you are going to
> abuse and break it. Linux just forces you to "wise up" rather quicker.
Windows is for techies - the problem is that it doesn't have any way of
distinguishing a casual user from the chosen administrator. That's what
things like 'root' on a Unix/Linux system is for. The user should
_NEVER_ have access to root - or the things it can do - except through
carefully crafted SETUID type programs, and should never need it. The
problem with the Windows programming paradigm is that it has no true
concept of such priviledge.
And when was the last time you heard of a non-tech user properly
installing Windows from scratch on an empty PC? I've been doing this for
countless years now, and I still have problems! None that I can't figure
out, but then I'm a techie. Linux is no different from Windows except in
one way - it doesn't come pre-installed on every PC at your local
big-box retailer (yet). If everyone had to install their own copy of
Windows I think you'd see a lot less of this BS about which is easier.
I've installed Red Hat of various flavours on numerous systems including
MK-Linux on a MAC, and had less problems (with the exception of getting
X-windows to work) than I've had with Windows. I've taken the hard drive
out of a Linux configured '386 and put it into a P200 Pentium Pro and
had it run flawlessly from first boot! I can't say the same about
Windows - it insists on going through and completely replacing all the
various chipset drivers and such - and still gets things screwed up -
and despite all this "tweaking" that the system does to make sure things
are exactly what is "necessary", it still runs slower than Linux.
And even the X-windows stuff is mostly related to the fact that the poor
devils that are writing the drivers don't have access to the tech specs
for the various chip - and so have to reverse engineer them.
>
> Like with cars, even if you don't do any maintenance yourself, a car
> driven by someone who understands how the engine and transmission etc
> work is almost certainly going to be more reliable than one driven by
> someone without a clue. The knowledgeable person won't push the car
> beyond its limits and will have problems nipped in the bud. The clueless
> guy won't realise anything is wrong until he gets stranded by the side
> of the motorway with a dead vehicle.
> --
> Anthony W. Youngman - wol at thewolery dot demon dot co dot uk
> Trousers with a single hole in their waistband are topologically equivalent
> to a doughnut. These sugarcoated trousers have yet to catch on at fast-food
> outlets! (SuperStrings by F. David Peat)
>
> If replying by e-mail please mail wol. Anything else may get missed amongst
> the spam.
richard
--
Richard C. Pitt FirePlug Computers Inc.
[EMAIL PROTECTED] 604-465-2666
Internet Server Software - Tuning, Maintenance, Consulting
www.fireplug.net edge.fireplug.net - free firewall software
------------------------------
From: "Charles R. Thompson" <[EMAIL PROTECTED]>
Subject: Re: Help with Linux as Client on Sygate... (contains setup information to
assist)
Date: Sun, 04 Apr 1999 17:20:07 GMT
>Yes, I believe it does. I have a linux box set up as a IP
forwarding
>"firewall" to a cable modem, and I have to turn named on in
order to
>get requests out to the cable ISP's nameserver.
Is the named.conf file the only place I need to make changes, or
do I actually have to set up a cached named server in Linux to
get this going properly?
Thanks for the post,
CT
------------------------------
From: Sven Holz <[EMAIL PROTECTED]>
Subject: Re: Dialin-Server in WIN-Network: No browse-list on client
Date: Sun, 04 Apr 1999 19:07:38 +0200
You should config SAMBA with an WINS-Server, because smb would not be
routed over different networks.
I had this probs with 3 Ethercards and differnet networks on it, after i
configured WINS all probs was blown away ;-)
c ya
xylus
------------------------------
From: [EMAIL PROTECTED] (John McKown)
Crossposted-To: kingston.os.linux,comp.os.linux.misc
Subject: Re: hackers
Date: 4 Apr 1999 19:19:44 GMT
Reply-To: [EMAIL PROTECTED]
I doubt that you have a hacker in your system. My system "goes crazy"
every day around 4 am. That's when "cron" decides to run my
/etc/cron.daily/* files. One thing done in this is an "updatedb".
This function scans all the mounted filesystems. It is creating a
database of files which can then be found with the "locate" command.
And this function runs as "nobody".
On Sun, 04 Apr 1999 05:14:32 +0000, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
>I'm not much of a hacker but I do use Linux. I'm running
>RedHat5.2 and I'm on a LAN connected though cablemodem by
>an old 486 with Slackware96. I'm up late working and I
>notice things are getting slow. I run top and I see that
>user:nobody is running find with PRI 20!!! All of a
>sudden there's another process running "make whatis". I
>killed that and some other processes including an instance
>of gawk, I then literrally pulled the plug on my
>cablemodem. I looked in /var/log but I can't find
>anything. What, if anything,can I do to trace this
>hacker?
>
>--
>Boyd Thomson
>[EMAIL PROTECTED]
>http://welcome.to/boydt
>
>
>
------------------------------
From: [EMAIL PROTECTED] (Juergen Heinzl)
Subject: Re: 2nd DNS server
Date: Sun, 04 Apr 1999 19:24:18 GMT
In article <oAKN2.22714$[EMAIL PROTECTED]>, Bob Bevins wrote:
[...]
>The DNS server is a redhat box. All the boxes across canada access the
>internet via toronto and uses our dns server.
>We also have a large wan in the US. Is there a way to use their dns server
>in the US as a secondary one, like when our win98 machines request a domain
>lookup via browser, that if our dns server doesn't find it the dns server
>will check the dns server in the US via internet and return the info to the
>win98 box?
Not that I know of ... if a server answers a query, positive or negative,
that's it. It should not happen anyway, say one server knows foo.bar.com
and the other does not (a previous update of the db files aside).
Sounds fishy to me,
Juergen
--
\ Real name : J�rgen Heinzl \ no flames /
\ EMail Private : [EMAIL PROTECTED] \ send money instead /
\ Phone Private : +44 181-332 0750 \ /
------------------------------
From: Renaud Deraison <[EMAIL PROTECTED]>
Subject: Announce : Nessus Alpha2
Date: Sun, 04 Apr 1999 21:51:04 +0200
T h e N e s s u s P r o j e c t
http://www.nessus.org
Paris, 4th April 1999. I am pleased to announce the availability of
Nessus-alpha2, one year after the release of Nessus-alpha1.
1. What is Nessus ?
========================================================================
Nessus is a free, easy-to-use and open-sourced remote security
scanner, distributed under the GPL, such as SATAN. Every security
check is coded as an external plugin, thus making the product easier
to upgrade / maintain / modify for your needs.
Also, Nessus is made up of a client and a server. The server is in charge
of the attacks, and the client is the frontend which is used to configure
the tests and analyze the results.
This release (which is called alpha2 and not beta1 or 1.0 because
a lot of features are still to be added) is stable and usable by everyone
-- not just geeks or hackers (in the open-source meaning of the term of
course).
2. What are the new features of Nessus-alpha2 ?
=========================================================================
Nessus has many new features, mainly :
- Intelligent remote service detection
Too many security scanners consider that all web servers run
on port 80, all FTP servers on port 21, and so on, so they
get quickly confused when facing a host which is running a
server on another port (like a web server on port 8080).
And this is really annoying is not it ? So many holes that
are left because they were on another port !
Nessus will attempt to find out which service is running
on each port, and will launch its attacks according to the
result of its findings.
- Up-to-date vulnerability database
Nessus features 208 security checks, which may seem not enough
compared to commercial security scanners, but most of these
tests are new, that is, they have been published recently.
So Nessus is up-to-date, and the tests that are not done are
the older ones (which you must not forget to test, but which
are becoming rare)
- Advanced portscanning facilities
Nessus now performs several port scans, which can be combined to
get more efficient results.
The current scan techniques are :
TCP ACK, FIN, SYN, XMAS, Maimon, FTP bounce scan
UDP 'icmp unreachable' scan
- Advanced security between the client and the server
The Unix client now communicates with the Unix server
over a ciphered communication layer.
Also, the client authentification can now be done
via a public key exchange, thus securing even more
the use of the Nessus server
- Advanced oand documented plugins API
Nessus now features a complete manual describing how easy it is
to write your own tests.
It is now even possible to make a trivial GUI to your plugins,
thus making them more user-friendly and user-configurable.
The plugins API features things like plugins dependencies,
plugins intercommunication, FTP functions and more. Also,
it solves the eternal problem of the headers to use when
dealing with raw sockets, structs tcphdr and all the like.
- More portable
Whereas Nessus-alpha1 was for Linux only, thanks to many
contributors, Nessus-alpha2 now compiles and runs under
all major BSD flavors, Linux, some flavors of Solaris,
IRIX and even SCO with some modifications
It has heavily been tested under FreeBSD 2.2.6 and 3.1,
Debian GNU/Linux and the Linux RedHat 5.2
- No limitations (except a moral one)
Whereas most commercial security scanner limit the range of
IPs that you can test, Nessus, because it is free, gives you
the total freedom to do what you want with it. The only
limitation I ask you to observe is :
'Do not test the computers that are not under your
responsability'
- Now supports CIDR addresses
You can now ask to test CIDR-noted addresses, like
192.168.2.2/29 (can you imagine I have waited so long
to implement this one ?)
This is among all the other 'standard' features.
3. Where to get it ?
=========================================================================
(Required)
Before you download Nessus, make sure you have these two sets of
libraries installed :
gmp 2.0.2 : available at ftp://ftp.gnu.org/pub/gnu/gmp/
gtk+ : available at ftp://ftp.gimp.org/pub/gtk/v1.2/
(Nessus is compatible with GTK 1.0 to 1.2 included, but incompatible
with the first versions of GTK 1.1)
The Nessus package is available here :
(USA) ftp://ftp.nessus.org/pub/nessus/nessus-RELEASE/
(USA) ftp://ftp.cis.fed.gov/pub/nessus/nessus-RELEASE/
(France) ftp://cvs.nessus.org/pub/nessus/nessus-RELEASE/
(Germany) ftp://ftp.gwdg.de/pub/linux/misc/nessus/nessus-RELEASE/
(Optional)
There are now several clients that can be used with Nessus.
Note that the above package comes with the standard GTK client.
+ NessusW is a Win32 client written by Noam Rathaus <[EMAIL PROTECTED]>
and Aviram Jenik <[EMAIL PROTECTED]>, of the SecuriTeam
(http://www.securiteam.com). It is available at :
(USA) ftp://ftp.nessus.org/pub/nessus/clients/
(USA) ftp://ftp.cis.fed.gov/pub/nessus/clients/
(France) ftp://cvs.nessus.org/pub/nessus/clients/
(Germany) ftp://ftp.gwdg.de/pub/linux/misc/nessus/clients/
+ Net::Nessus is a perl module which handles the communication
with the server and which has been written by
Jochen Wiedmann <[EMAIL PROTECTED]>. It is available at
ftp://ftp.funet.fi/pub/languages/perl/CPAN/authors/id/JWIED/
... and the various CPAN mirrors.
+ NessusJ is a Java client written by Alexis de Bernis a new version
of which is to be released soon.
4. The Nessus project web resources
=========================================================================
The project home page : http://www.nessus.org
The developement page : http://cvs.nessus.org
The mailing list page : http://list.nessus.org
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Crossposted-To:
comp.os.linux.setup,comp.os.linux.help,comp.os.linux.misc,comp.os.linux.hardware
Subject: Re: [Help] PPP worked but now fails [modem q]
Date: 4 Apr 1999 20:29:27 GMT
In <[EMAIL PROTECTED]> Matt <[EMAIL PROTECTED]> writes:
>Andy,
>Fixed... I removed the AT&F modem string
>and replaced it with ATZ and hey presto it worked fine.
Apparently USR wants AT&F0 rather than just AT&F
You can see from the report of the chat string whether it got upset with
the AT&F line. ATZ is dangerous, as it simply impliments the setup which
was stored in the modem sometime in the past. what is in that setup is
of course hard to know. I much rather use AT&F0 since then you at least
know where you are starting from. Then add extras as needed.
>I now have a voice/fax/data 56k v90 modem working under
>linux (USR message external).
Of course this is the important thing.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: dialup PPP problem - log messages
Date: Sun, 04 Apr 1999 21:39:09 GMT
In article <[EMAIL PROTECTED]>,
Jon Scott <[EMAIL PROTECTED]> wrote:
> Can anyone suggest a direction for tracking down a PPP dialup problem?
> Apr 3 09:43:58 localhost pppd[2102]: pppd 2.3.5 started by root, uid 0
> Apr 3 09:43:58 localhost ifup-ppp: pppd started for ppp0 on /dev/cua1
> at 115200
> Apr 3 09:43:59 localhost chat[2104]: abort on (BUSY)
> Apr 3 09:43:59 localhost chat[2104]: abort on (ERROR)
> Apr 3 09:43:59 localhost chat[2104]: abort on (NO CARRIER)
> Apr 3 09:43:59 localhost chat[2104]: abort on (NO DIALTONE)
> Apr 3 09:43:59 localhost chat[2104]: abort on (Invalid Login)
> Apr 3 09:43:59 localhost chat[2104]: abort on (Login incorrect)
> Apr 3 09:43:59 localhost chat[2104]: send (ATZ^M)
> Apr 3 09:43:59 localhost chat[2104]: expect (OK)
> Apr 3 09:44:00 localhost chat[2104]: ATZ^M^M
> Apr 3 09:44:00 localhost chat[2104]: OK
> Apr 3 09:44:00 localhost chat[2104]: -- got it
> Apr 3 09:44:00 localhost chat[2104]: send (ATDT2342001^M)
> Apr 3 09:44:00 localhost chat[2104]: expect (CONNECT)
> Apr 3 09:44:00 localhost chat[2104]: ^M
> Apr 3 09:44:02 localhost ifup-ppp: pppd started for ppp0 on /dev/modem
> at 115200
> Apr 3 09:44:12 localhost last message repeated 2 times
> Apr 3 09:44:14 localhost chat[2104]: ATDT2342001^M^M
> Apr 3 09:44:14 localhost chat[2104]: CONNECT
> Apr 3 09:44:14 localhost chat[2104]: -- got it
> Apr 3 09:44:14 localhost chat[2104]: send (^M)
> Apr 3 09:44:14 localhost chat[2104]: timeout set to 5 seconds
> Apr 3 09:44:14 localhost chat[2104]: expect (~)
> Apr 3 09:44:14 localhost chat[2104]: 28800/ARQ/V34/LAPM/V42BIS^M
> Apr 3 09:44:17 localhost chat[2104]:
> Apr 3 09:44:18 localhost chat[2104]: ^M
> Apr 3 09:44:18 localhost chat[2104]: ^M
> Apr 3 09:44:18 localhost ifup-ppp: pppd started for ppp0 on /dev/modem
> at 115200
> Apr 3 09:44:18 localhost chat[2104]: ^MWELCOME TO THE IBM INFORMATION
> SERVICES.
> Apr 3 09:44:18 localhost chat[2104]: ^MSYSTEM: IBM0SM02 TERMID:
> IBMAQTD9 99/04/03 09:43:10
> Apr 3 09:44:18 localhost chat[2104]: ^MCUSTOMER ASSISTANCE:
> 800-727-2222.
> Apr 3 09:44:18 localhost chat[2104]: ^M
> Apr 3 09:44:18 localhost chat[2104]: ^MENTER "HELP" FOR LOGON
> ASSISTANCE.
> Apr 3 09:44:18 localhost chat[2104]: ^M
> Apr 3 09:44:18 localhost chat[2104]: ^MENTER USERID ACCOUNT.
> Apr 3 09:44:19 localhost chat[2104]: alarm
> Apr 3 09:44:19 localhost chat[2104]: send (^M)
> Apr 3 09:44:19 localhost chat[2104]: send (^M)
> Apr 3 09:44:19 localhost pppd[2102]: Serial connection established.
> Apr 3 09:44:20 localhost pppd[2102]: Using interface ppp0
> Apr 3 09:44:20 localhost pppd[2102]: Connect: ppp0 <--> /dev/cua1
> Apr 3 09:44:23 localhost ifup-ppp: pppd started for ppp0 on /dev/modem
> at 115200
> Apr 3 09:44:58 localhost last message repeated 7 times
> Apr 3 09:45:50 localhost last message repeated 10 times
> Apr 3 09:45:50 localhost pppd[2102]: LCP: timeout sending
> Config-Requests
> Apr 3 09:45:50 localhost pppd[2102]: Connection terminated.
> Apr 3 09:45:51 localhost pppd[2102]: Exit.
If you are using RH5.X take a look at the chat scripts in the
/etc/sysconfig/network-scripts/ directory (called appropriately enough chat-
ppp0). I am somewhat confused as it looks like pppd is started 3 times in 3
seconds.
To get a feel for what ppp negotiation looks like try typing pppd at the
command prompt.
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Arne Reinelt" <[EMAIL PROTECTED]>
Subject: PCMCIA/Xircom RBE-100BTX
Date: Mon, 5 Apr 1999 23:23:02 +0200
Hallo!
Hat es Sinn, an der Konfiguration herumzubasteln, oder wird die Xircom
RBE-100BTX Cardbus-Ethernetkarte noch nicht unterst�tzt?
Bei mir l�uft SuSE 6.0, das PCMCIA-Modul wird erfolgreich geladen, aber die
Karte wird nicht erkannt: 2 x Piepser, cardctl liefert "3,3V cardbus card
present; Function 0: ready".
Gibt es Hoffnung?
Arne.
------------------------------
From: [EMAIL PROTECTED] (Tomasz Sienicki | tsca)
Subject: Re: Problesm Extracting Files with RH 5.2
Date: 4 Apr 1999 22:30:03 GMT
Vik wrote
[in <[EMAIL PROTECTED]>]:
> I recently bought RH 5.2 from Cheapbytes and also decided to get the
> 3 archive CD's however Im a new newbie and am at a total loss as to
> how to extract and where to place certain files with an extension of
> gz and tgz, I have tried lots of things with gunzip but it dosen't
> seem to work right.
The easiest way is to just run mc, open the archives in one panel
(just press enter on *.tgz or *.tar.gz), and copy the files to some
directory in /tmp in the other panel. Then look for files README or
INSTALL for information on installing.
--
tsca
Tomasz Sienicki <[EMAIL PROTECTED]>
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Delay logging in to telnet, ftp
Date: Mon, 05 Apr 1999 18:20:14 GMT
In article <01be7515$3fba75a0$558510c4@Dummy>,
"Anton Botes" <[EMAIL PROTECTED]> wrote:
> Hi. Hope someone out there can help me.
>
> When I log in to my Linux box from my Winxx machine, there
> is about a 1 minute delay before the login prompt appears.
> Same thing with FTP. The two boxes are connected via
> 2 ethernet cards.
> Once I am connected, everything happens at normal speed.
>
> Any ideas?
>
> Cheers.
>
> Anton Botes
>
Yup! I have an idea. In your /etc/host you type in the IP and optionally you
can write the domain and DNS name of the machines, you are using to telnet
with. -------------- Quake2-fragger Theory
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Ron Watkins <[EMAIL PROTECTED]>
Subject: Re: Linux in NT Domain
Date: Mon, 05 Apr 1999 12:52:03 -0700
I use Samba here, and have been quite pleased with it, but on the whole have
found that it requires too much maintenance to be a central server.
With the security=server option in the smb.conf file, you can set it to do
remote authentication with an NT PDC. If the authenticated user has the same
username and password on the Samba box, the default is to make that user's
home directory the only visible sharepoint.
You can set NT users to be equivalent to Unix users, but you have to do that
one at a time. Basically, Samba is still using Unix permissions and must be
manually mapped for each user, either by making each new user equivalent to
some generic user on the Unix box, or by making individual accounts for each
user. The second approach gives you full normal Unix functionality, but
requires maintenance of two sets of credentials. You can also open up shares
to every authenticated user, which does save some work but doesn't give you
much granularity on your permissions control.
I have a medium-sized network at work, and have found that, for the most part,
Samba needs more attention and maintenance than I like. It is extremely fast
and robust, but isn't very well integrated yet. Also, because it doesn't do
NT permissions (and probably never will), if you have a strange permissions
structure there's even more work involved in mapping those permissions into
Unix ones.
I would love to be corrected by someone on this, but on the whole Samba seems
like more work to me than it's really worth. I have found it very useful in
limited deployment, but I think using it as a centralized server would require
far more attention than I like to pay to individual boxes. I'm really eager
to see it with full PDC functionality. I'd particularly like it if it could
become a true BDC, able to transfer all of the existing users and encrypted
passwords, and maintain them automatically, with no intervention on my part.
It's not there yet -- but I bet it will be. Once it is it will go into full
production on my network -- it's very fast and very reliable.
<<RON>>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
