Linux-Networking Digest #505, Volume #10 Mon, 15 Mar 99 14:13:40 EST
Contents:
[question] Basic for networking (Jean-Yves Simon)
Re: Someone stole my cookies! (jeremiah)
Routing problem with TCI cable internet (Chetan Ahuja)
finally on the web but... ("Ju")
Re: cable connection not working (Wasim Juned)
2.2.3 over RH 5.2: DHCPCD problem with Cable Modem ("Jeff Volckaert")
Need telnetd to listen on multiple ports--How? (Jabba The Hut)
Re: [q] 2.2.x multicast ping fails? (Mike Jagdis)
Cant use lpd when PPP link down (Clint Davis)
Re: F-Secure SSH set up? (Frank Sweetser)
Re: Redhat (Frank Sweetser)
Re: Someone stole my cookies! (Frank Sweetser)
Re: Diald and a few problems.... (Mike Jagdis)
samba mount problem (Chris Podurgiel)
Re: Someone stole my cookies! (Robert L Montgomery)
Re: network delays (David Kirkpatrick)
Re: Permissions of FTP uploads ("news.netins.net")
Modem installation (Pierre-Olivier Agliati)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Jean-Yves Simon)
Subject: [question] Basic for networking
Date: 15 Mar 1999 14:41:32 GMT
Hello,
I am currently trying to set up linux on my toshiba
notebook (460CDT). So far, I have installed the basic
distribution, but I am missing the big picture on what
packages to install to do networking.
I have a cardbus pcmcia card 3c575, so I assume I
have at leat to compile and install the pcmcia package.
But after that, I am at lost to understand what I
need to install. I read the NET3-HOWTO, but it is
too much detailled for the momemt.
What I want is to access my work network with my
notebook. IN windows, I didn't select an IP address
to access the network (DHCP?). So when I installed Linux,
I also didn;t specify an IP address, just gave my
linux box a name. I guess the network is giving me
an IP address
What do I need to do now ? Do I need to run on my
machine a DNS soft ? I believe to see the directory
on the network, I have to enable NFS to be able
to see network resources ?
Do I need to run the daemons ftpd, nfsd.. since I
am a "client" ?
ifconfig didn;t report any error.
I don;t think I need ppp since I am not connecting
bt phone.
At home, I have a desktop and I like to connect the
2 machines. IN that case, the desktop must be configured
as the server , right ? that must be the desktop that
has all the daemons running (ftpd, dhcpd...) running in that
case ?
Someone mentionned also plip. What would be a good solution?
I am running Slackware if that counts, kernel 2.0.36 or
something close to that.
Sorry if my questions are really basic, I am starting.
PS: This week end, I almost get the sound working, I say
almost because cat file.au >/dev/audio doesn;t yield
error, but only "scratches" can be heard. The file.au
is playing fine in windows, and the sound card seems to
be well detected by Linux in the booting message.
Thanks in advance.
--
Jean Simon
--
Jean-Yves SIMON E-mail : [EMAIL PROTECTED]
------------------------------
From: jeremiah <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Someone stole my cookies!
Date: Mon, 15 Mar 1999 10:25:05 -0500
Its just your computer sending him cookies, and it wants him to send
them back to verify the connection isn't a syn flood. To stop this you
can disable it in your kernel, which means you have to recompile,
I usually see it when an eggdrop bot is trying to link to another
and its having a problem, usually nothing to worry about when you only
see a small few(5-10) if you see like 1000 someone is probably flooding
you or they've just been trying to connect to your machine for hours on
end.
Robert L Montgomery wrote:
>
> I found this message in my messages logfile, and there was no entry in the secure
>logfile:
>
> Warning: possible SYN flood from 203.66.112.135 on <MY IP ADDRESS> Sending
>cookies.
>
> I'm guessing someone tricked my Linux box into sending out my cookies. The IP
>address
> it came from has no entry in a Domain Server, so I dont know where it came from, but
>the
> guy is running RH linux and has Apache running on his machine.
>(http://203.66.112.135)
>
> So, can anyone tell me anything about this, like:
>
> 1) What is a SYN flood?
> 2) How did he steal my cookies?
> 3) How do I stop it?
>
> Also, if my machine did send cookies, which cookies did it send? There are a
>different set
> of cookies for each user, and you'd have to know the user name, right??
>
> Thanks for any info...
> [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Chetan Ahuja)
Crossposted-To: comp.os.linux.misc
Subject: Routing problem with TCI cable internet
Date: 15 Mar 1999 16:11:57 GMT
---
Hi,
I am on a TCI cable network. At various times of the day, my connection is
so clogged as to make me wish for a good old 14.4 modem. Running traceroute from
inside and from various points outside the network has led to the discoveries that
a) the routing of traffic is ALWAYS asymmetric.. ie. outgoing packets are
ALWAYS using a different route than the incoming packets.
b) The first hop out of my cable modem IS definitely the bottleneck.
And incoming packets always have a much faster path in general than
outgoing packets.
So now my obvious thought is how do I make sure that the outgoing packets take
the same path the inocoming packets are taking. Basically I want to control the
first hop out of the cable modem. I am not clear on my routing/gateway concepts.
So could somebody tell me how to achieve this with a 2.0.37 kernel linux system.
( I am willing to upgrade/downgrade the kernel if needed). Reading the man pages for
route/ifconfig is only confusing me more. Is it under my control at all...???
Thanks
Chetan Ahuja
--
------------------------------
From: "Ju" <[EMAIL PROTECTED]>
Subject: finally on the web but...
Date: Mon, 15 Mar 1999 09:11:01 -0700
What a learning experience that was.
I can log on to my ISP, my university, through minicom. I'm stuck with Lynx
for a browser, I think that's what they are operating through.
Of course I want graphics etc. How do I go about downloading Netscape and
whatever else I'd like? Can this be done in windows 95 and then transferred?
I have a dual boot system, w95 and RH5.
Lynx is text based and sometimes hard to follow. I thought I was about to
download Netscape but something went funny. There is a form to fill out and
maybe Lynx didn't like that.
I'll look at minicom's menu again, but is there a download option?
cheers Jullian
------------------------------
From: Wasim Juned <[EMAIL PROTECTED]>
Subject: Re: cable connection not working
Date: Mon, 15 Mar 1999 15:03:43 GMT
Vincent Raffensberger wrote:
> I just set up my @home connection. I used the following for reference:
> http://freeland.ml.org/cablemodem.html
The freeland address (like most Monolith addresses - ml.org) is defunct
now.
Anyone know where they've gone to?
--
Wasim Juned
[EMAIL PROTECTED]
------------------------------
From: "Jeff Volckaert" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: 2.2.3 over RH 5.2: DHCPCD problem with Cable Modem
Date: Mon, 15 Mar 1999 11:50:23 -0500
Hello Everybody,
I have several Redhat 5.2 systems with the 2.2 updates and kernel 2.2.3.
DHCPCD works fine on all of them, but my system connected to my cable modem.
If just fails after timing out. I've tried backleveling DHCPCD to the
version on RedHat 5.0 and 5.1 and still no address.
Any help?
TIA,
Jeff Volckaert
------------------------------
From: [EMAIL PROTECTED] (Jabba The Hut)
Subject: Need telnetd to listen on multiple ports--How?
Date: Mon, 15 Mar 1999 17:05:16 GMT
I need to get my telnetd to listen on multiple ports simultaneously,
preferably with connections passed thru tcp_wrappers.
Can anyone give me suggestions on how to accomplish this. Just launching
multiple instances with -debug and the port number doesnt work
Thanks.
------------------------------
From: [EMAIL PROTECTED] (Mike Jagdis)
Subject: Re: [q] 2.2.x multicast ping fails?
Date: 15 Mar 1999 17:25:59 GMT
In article <[EMAIL PROTECTED]>, Mark Swanson wrote:
>New to multicasting...
>
>When I ping 224.0.0.0 should I not receive echo responses from *all*
>multicast boxes on my network?
No. The "all hosts" multicast address is 224.0.0.1. (The "all
multicast routers" address is 224.0.0.2)
Mike
--
A train stops at a train station, a bus stops at a bus station.
On my desk I have a work station...
.----------------------------------------------------------------------.
| Mike Jagdis | Internet: mailto:[EMAIL PROTECTED] |
| Roan Technology Ltd. | |
| 54A Peach Street, Wokingham | Telephone: +44 118 989 0403 |
| RG40 1XG, ENGLAND | Fax: +44 118 989 1195 |
`----------------------------------------------------------------------'
------------------------------
From: Clint Davis <[EMAIL PROTECTED]>
Subject: Cant use lpd when PPP link down
Date: Mon, 15 Mar 1999 09:45:47 -0800
I have had this for a while but I've been ignoring it.
I have a HP attached via parallel port. Also have a PPP link to my
ISP.
Problem is when PPP link is down I cant use lpd. I get PPP link up
and lpd works. Here is error message when I use 'lpr':
host 'machine.mydomain.com' cannot open connection to
[EMAIL PROTECTED] --- cannot assign requested address.
Hints?
Clint
------------------------------
From: Frank Sweetser <[EMAIL PROTECTED]>
Subject: Re: F-Secure SSH set up?
Date: 15 Mar 1999 10:42:01 -0500
[EMAIL PROTECTED] (GenaBlu) writes:
> Hi!
>
> Thanks to all for your help in setting SSH up. All my Linux machines are
> happily configured and talking to one another with a clear conscience.
> Now, the ugly part of the business: I must have the SSH client for
> Winblows.
>
> I downloaded and installed F-Secure SSH but somehow I can't talk to any
> of my Linux boxes. Does anyone have any idea why this might be? I'm
> using password authentication, no compression, port 22. No RSA identity,
> though I've defined one.
did you by any chance install ssh 2.X? all of the windoze clients i've
found only talk to ssh 1.X
--
Frank Sweetser rasmusin at wpi.edu fsweetser at blee.net | PGP key available
paramount.ind.wpi.edu RedHat 5.2 kernel 2.2.3 i586 | at public servers
"I would advise youse to keep dialing, Oxmix." --Spock
------------------------------
From: Frank Sweetser <[EMAIL PROTECTED]>
Subject: Re: Redhat
Date: 15 Mar 1999 10:39:22 -0500
Glenn Graham <[EMAIL PROTECTED]> writes:
> Not to be a critic but.. why is it, so many people are in here
> complainning of problem with redhat, that would be a breeze to figure out
> in slackwware ?
??? which problems are you refering to? this sound quite trollish, esp
considering that 90% of the problems asked here are asked simply because
the people asking are newbies, and would have exactly the same problems
with exactly the same answers whether they're running slackware, redhat,
suse, etc.
--
Frank Sweetser rasmusin at wpi.edu fsweetser at blee.net | PGP key available
paramount.ind.wpi.edu RedHat 5.2 kernel 2.2.1 i586 | at public servers
"I would advise youse to keep dialing, Oxmix." --Spock
------------------------------
From: Frank Sweetser <[EMAIL PROTECTED]>
Subject: Re: Someone stole my cookies!
Date: 15 Mar 1999 10:48:46 -0500
Robert L Montgomery <[EMAIL PROTECTED]> writes:
> I found this message in my messages logfile, and there was no entry in
> the secure logfile:
>
> Warning: possible SYN flood from 203.66.112.135 on <MY IP ADDRESS>
> Sending cookies.
>
> I'm guessing someone tricked my Linux box into sending out my cookies.
> The IP address it came from has no entry in a Domain Server, so I dont
> know where it came from, but the guy is running RH linux and has Apache
> running on his machine. (http://203.66.112.135)
they appear to be a customer of HiNet (http://www.hinet.net).
a SYN flood is a denial of service attack. it's a way of flooding
half-open connections to the victim machine, so that it can't accept any
more connections from valid connection attempts. this may have been a real
attack or not, it's sometimes hard to say.
in either case, the latest kernels can deal with the SYN floods through
sending cookies back. note that the cookies refered to here have nothing
to do with netscape style cookies - the kernel doesn't even have any idea
of what those cookies are, nor does it need to.
--
Frank Sweetser rasmusin at wpi.edu fsweetser at blee.net | PGP key available
paramount.ind.wpi.edu RedHat 5.2 kernel 2.2.3 i586 | at public servers
"I would advise youse to keep dialing, Oxmix." --Spock
------------------------------
From: [EMAIL PROTECTED] (Mike Jagdis)
Subject: Re: Diald and a few problems....
Date: 15 Mar 1999 12:30:22 GMT
>1. diald apparently keeps creating slip connections. In just a few hours
>of testing, I've got sl0 - sl20. They don't die.
Normally this bug wouldn't bite you since most people have no
need to keep restarting diald :-). However you may want to get
the newest diald from http://diald.unix.ch.
>2. diald hangs up fairly quickly (about 60 seconds). I have tried
>extending the timeout in pppd, but diald apparently is killing the
>connection. Is there some overall timeout for diald?
Diald is supposed to kill the connection when it deems it to
have been idle for the requisite time - that's it's job. There
is no overall timeout for diald. You need to change the filter
rules. Read the man page :-).
>3. diald keeps coming up with "accepted rule 22 proto 17 len 64" that
>appear to be going out to nameservers. These are not only the default ones
>I have set up for my ISP, but also the ones defined in /var/named/named.ca.
That is how named is supposed to work. The cache file (named.ca) gives
addresses of root name servers which named will start its searches
for unknown names from. If you didn't expect named to be searching
external servers you better turn some query logging on and see exactly
what is is trying to look up.
Mike
--
A train stops at a train station, a bus stops at a bus station.
On my desk I have a work station...
.----------------------------------------------------------------------.
| Mike Jagdis | Internet: mailto:[EMAIL PROTECTED] |
| Roan Technology Ltd. | |
| 54A Peach Street, Wokingham | Telephone: +44 118 989 0403 |
| RG40 1XG, ENGLAND | Fax: +44 118 989 1195 |
`----------------------------------------------------------------------'
------------------------------
From: Chris Podurgiel <[EMAIL PROTECTED]>
Subject: samba mount problem
Date: Mon, 15 Mar 1999 12:26:13 -0600
Here's how my network is setup.
NT Server dynamically assigns ip addresses to our workstation,.. (3
win98, 1 mac, and 1 linux)
I'm not worried about connecting to the mac right now, just the windows
machines.
i can
smbclient '//matt/c'
can connect, but when i try to
smbmount //matt/c /mnt/matt
I get ...
matt: unknown host
the -I option may be useful.
I've tried -I matt and -c matt and some other options, but get the
same result. any ideas?
thanks,
Chris Podurgiel
------------------------------
From: Robert L Montgomery <[EMAIL PROTECTED]>
Subject: Re: Someone stole my cookies!
Date: Mon, 15 Mar 1999 15:58:05 GMT
Why would either of our computers be sending cookies to each other in
the first place? I have no idea who he is, and only went to his website
after I found this in my messages logfile, and anyways, his website is just
the default Apache page that confirms his server is running, so I doubt
there are any cookies being sent from there, and I know that I am not
using cookies from my webpages either...
It almost seems to me that this was intentional, but I dont understand
how this happened, or what you could hope to gain from this. I've never
bothered to look into cookies much, but it was my understanding that
you could only request your own cookie on someone else's machine
anyways (I looked but didnt see one from this guy)...
Rob
jeremiah wrote:
> Its just your computer sending him cookies, and it wants him to send
> them back to verify the connection isn't a syn flood. To stop this you
> can disable it in your kernel, which means you have to recompile,
> I usually see it when an eggdrop bot is trying to link to another
> and its having a problem, usually nothing to worry about when you only
> see a small few(5-10) if you see like 1000 someone is probably flooding
> you or they've just been trying to connect to your machine for hours on
> end.
>
> Robert L Montgomery wrote:
> >
> > I found this message in my messages logfile, and there was no entry in the secure
>logfile:
> >
> > Warning: possible SYN flood from 203.66.112.135 on <MY IP ADDRESS> Sending
>cookies.
> >
> > I'm guessing someone tricked my Linux box into sending out my cookies. The IP
>address
> > it came from has no entry in a Domain Server, so I dont know where it came from,
>but the
> > guy is running RH linux and has Apache running on his machine.
>(http://203.66.112.135)
> >
> > So, can anyone tell me anything about this, like:
> >
> > 1) What is a SYN flood?
> > 2) How did he steal my cookies?
> > 3) How do I stop it?
> >
> > Also, if my machine did send cookies, which cookies did it send? There are a
>different set
> > of cookies for each user, and you'd have to know the user name, right??
> >
> > Thanks for any info...
> > [EMAIL PROTECTED]
------------------------------
From: David Kirkpatrick <[EMAIL PROTECTED]>
Subject: Re: network delays
Reply-To: [EMAIL PROTECTED]
Date: Mon, 15 Mar 1999 06:18:20 GMT
Are you pinging by address and telneting by name? Is your
/etc/hosts file setup? See NET-3-HOWTO and Config-HOWTO. What
does your route look like for each machine? What does traceroute
return for Linux to MS? Do you have a simmilar utility for MS?
d
Bruce wrote:
>
> I have 3 computers networked together. One is linux RedHat 5.0 , the
> other two are windows 95. Most of the network setup was done automatically
> from the RedHat install. I have samba set up and I can access all comupters
> over the network.
>
> My problem is that I get a long delay ( around a minute and a half )
> when I try to telnet to the linux box. I also get a long delay when I use
> smbclient to find shared drives on the windows boxes. I can ping with no
> delay at all. I can mount with smbmount with no delay at all, and I can
> transfer files with no delay at all.
>
> I have have looked for FAQ's and found many HowTo's. I have read many
> HowTo's. I haven't found any help for my problem. Can anyone out there
> either tell me where a good FAQ is that addresses network problems or maybe
> tell me specific configuration files that I should look at. Any help would
> be appreciated.
>
> Thank you
>
> Bruce [EMAIL PROTECTED]
--
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: "news.netins.net" <[EMAIL PROTECTED]>
Crossposted-To: linux.redhat.misc,alt.os.linux,comp.os.linux,it.comp.linux,linux.redhat
Subject: Re: Permissions of FTP uploads
Date: Mon, 15 Mar 1999 09:58:23 -0600
A few things to note first;
1. If you set rwx to a directory you want users to upload too, they wont be
able too. rwx will give read, write, and execute permissions to the owner
of that directory only. No other users will even be able to view the
directory, much less upload too it.
I would set the read only permission as follows;
chmod 720 archive
This would give root full perms, and give the FTP group read only
permission.
Hope That helped
DigitalBoy
Bob McLaren wrote in message <[EMAIL PROTECTED]>...
>When a user with a valid system account uploads files they have
>rw-r--r-- permissions. How can I change the default so that they are
>rwx------ ? I tried adding the following entry in the /etc/ftpaccess
>file to specify it as an upload directory and force the permissions but
>it had no effect.
>(upload /home/ftp/archive * yes the_user
>the_user_group 0700 dirs)
>
>What do I do?
>--
>Bob McLaren
>Network Administration
>Financial Statement Services, Inc.
>HTTP://WWW.FSSI-CA.COM
>
>
------------------------------
From: Pierre-Olivier Agliati <[EMAIL PROTECTED]>
Subject: Modem installation
Date: Mon, 15 Mar 1999 19:43:09 +0100
Hi,
I've got a internal modem Olitec PCI 56000, and I try to
make it work with kppp, but I've always bad answers like
"Modem not ready" or "Modem busy"... Should I keep
ttySx for the device or do I have to take smth else because
it's an internal modem?
Thank you for your answers...
Bye
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
