Linux-Networking Digest #544, Volume #10 Thu, 18 Mar 99 21:13:43 EST
Contents:
Pinging on a multiple ethernet card system ("Darrell")
remote login not in wtmp (who, w, last, didn't work) (S P Arif Sahari Wibowo)
I'm with stuPPPid ("Ju")
Multiple PPP connections ("Ben Ford")
Re: terminal problem with SCO (from linux) (Brent Knotts)
Re: What is the best Linux to install? (Gene Wilburn)
Re: Even innocent people need privacy (Leo Cambilargiu)
Re: hacked login (telnet) ("john -r s")
Re: What is the best Linux to install? (Jason Rotunno)
INN reload needed after posting news? (Gavin McCord)
route always goes to eth0 ("john -r s")
LDAP Server ("Brady")
ADSL & Linux ("Stephen Osborn")
Re: Strange script problems in rc.firewall (Wim Van Dijck)
----------------------------------------------------------------------------
From: "Darrell" <[EMAIL PROTECTED]>
Subject: Pinging on a multiple ethernet card system
Date: Thu, 18 Mar 1999 19:03:29 -0500
I have two ethernet cards in a Red Hat 5.2 machine. One card is given the
address 209.198.17.41. If I type ping 209.198.17.41 from the system prompt
it comes back with all the replies and 0 dropped packets. The second card is
given the address 192.168.1.1 since it is supposed to be the gateway for an
internal network. However, if I type ping 192.168.1.1 from the system
prompts I get no responses and 100% packet loss.
Does anyone know what these symptoms mean? I assume something is not setup
properly on the 192.168.1.1 card, but it show it as active and all of the
subnetting, etc. checks out.
Any help would be appreciated.
------------------------------
From: S P Arif Sahari Wibowo <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,linux.redhat.misc
Subject: remote login not in wtmp (who, w, last, didn't work)
Date: Thu, 18 Mar 1999 17:51:25 -0600
Hi!
If I remote login to my system, it is not noted. The command who, w, and
last won't show that I am login. This apply to all account.
If I login on console, it works normally.
Any idea why this happened?
The system is RedHat 5.1 with 2.0.34 kernel.
sh-utils-1.16-12
procps-1.2.7-5
SysVinit-2.74-2
util-linux-2.7-18
Other thing: is there more reliable way for a script to find out where we
login from?
Thanks.
_____ _____ _____ _____ S P Arif Sahari Wibowo
/____ /____/ /____/ /____ [EMAIL PROTECTED]
_____/ / / / _____/ http://spas.8m.com/
------------------------------
From: "Ju" <[EMAIL PROTECTED]>
Subject: I'm with stuPPPid
Date: Thu, 18 Mar 1999 16:56:25 -0700
Hi, from a newbie with problems.
Thanks go out to the users who have helped me earlier with this reoccurring
theme.
I reinstalled and upgraded Linux to RH5.1. I'm trying to get on the net.
With RH5.0 I managed this with my pnp robotics modem. Not a winmodem
Problems with 5.1:
echo "ATDTxxx-xxxx/n" >/dev/cua1 --- does nothing, where's my modem?
minicom runs strangely --- can't enter the above command, the cursor sits in
the middle of the window. Launched from start menu it does absolutely
nothing can't even get the help menu.
dmesg --- doesn't show any info about PPP setup and shows that I have no
serial support. Com ports ttys0 and ttys1 are shown.
What isn't installed or running and how can I fix this?
thanks again Jullian
------------------------------
From: "Ben Ford" <[EMAIL PROTECTED]>
Subject: Multiple PPP connections
Date: Fri, 19 Mar 1999 06:59:22 +0930
Is linux capable of having multiple ppp connections at once, if so, is it
possible to split the internet traffic between both connections ?
------------------------------
From: Brent Knotts <[EMAIL PROTECTED]>
Subject: Re: terminal problem with SCO (from linux)
Date: Thu, 18 Mar 1999 11:30:42 -0500
Ed Weinberg wrote:
> On Wed, 10 Mar 1999 22:31:17 +0100, Raymond Doetjes
> <[EMAIL PROTECTED]> wrote:
>
> >If you wanna connect your Linuxbox via RS232 to the SCO server you, then
> >you can use mincom (do you rember telix well this is the Unix version).
> >
> >When you have a LAN then you can just telnet to the SCO server
> >concedering that the telnet deamon is started on the SCO server
>
> Thanks.
>
> Tried that. The problem is sco terminal emulation. Neither the VT or
> the ansi in mincom are close enough to the SCO emulation for their
> application.
>
> -- Ed Weinberg,
> Detel, Inc., An Internet Presence Provider
> [EMAIL PROTECTED]
I am also having a similar problem. I use Linux boxes for my internet
connectivity and a SCO box for my POS. I need a telnet app for Linux (there
are oodles for Windows) which supports SCO ANSI. As it is, I'm always
booting between NT and Linux on my admin workstation. I'd rather stay in
Linux as much as possible :)
------------------------------
From: Gene Wilburn <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux,comp.os.linux,comp.os.linux.misc,comp.os.linux.setup,comp.os.linux.redhat,alt.os.linux.slackware
Subject: Re: What is the best Linux to install?
Date: Fri, 19 Mar 1999 00:28:55 GMT
No matter where you travel to, you'll always meet someone coming the
opposite direction.
I installed SuSE 6.0 today (my third time installing a SuSE distro) and
played with KDE. Absolutely hated it. I much prefer a simple fvwm2 with
not much in it (I'm minimalist by nature).
Also greatly prefer the Red Hat installation over SuSE and find it more
trouble free.
Others will doubtless have the opposite experience / reaction. That's
what makes Linux so interesting. You're not stuck with a single point of
view (a la MS).
Gene
Eric Larson wrote:
>
> I was much impressed with SUSE, however I have a Thinkpad 365 Laptop
> on which the X config utils for SUSE failed miserably. To get it
> working I 1) installed RedHat 2) saved the X config files to a floppy,
> 3) reinstalled SUSE, copied the files over.
>
> For a newbie who might have a hardware collection that is off the
> Linux mainstream, I might recommend RedHat. The big disadvantage to
> this is no KDE. From what I have seen Gnome 1.0 isn't ready for prime
> time.
>
> I use a subscription option too - it keeps things under control. Linux
> is advancing to rapidly (overall a good thing) to try to surf the
> upgrade wave.
>
> On Sat, 13 Mar 1999 10:45:00 -0600, Jerry Lynn Kreps
> <[EMAIL PROTECTED]> wrote:
>
> >Richard wrote in message <[EMAIL PROTECTED]>...
> > >I am trying to install the newest and the best linux on
> > >100+ workstation. What would be the best one to choose
> > >in terms of standard, support, and setup?
> > >
> > >Any ideas would be appreciated.
> > >
--
===================================================================
Gene Wilburn, Northern Journey Online, http://www.interlog.com/~njo
===================================================================
------------------------------
From: Leo Cambilargiu <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux,comp.os.linux.hardware,comp.os.linux.setup
Subject: Re: Even innocent people need privacy
Date: Fri, 19 Mar 1999 11:28:16 +1100
I agree with this idea COMPLETELY. If the idea that people do wrong is a
good enough excuse to violate our privacy, and the attitude that if we do
nothing wrong is an excuse for us not to complain, then the violation of
our privacy has nothing to do with being right or wrong. Just someone
elses interest.
The minds behind the observation systems are simply motivated by self
interest, regardless of right or wrong. If you toss money at the man, he
will jump straight into bed.
LCamBilARgiu
On Fri, 19 Mar 1999 [EMAIL PROTECTED] wrote:
> There's this attitude that if you're not doing anything wrong, then you
> shouldn't worry about lack of privacy. That's wrong; here are examples.
>
> - Do you want potential thieves to know that you're going on vacation?
> Do you want them to be able to find what alarm company you subscribe to,
> if any?
>
> - Do you want your competitor to know about the product you're developing,
> or the employee you're thinking of hiring? In fact, executives who
> fly private planes are now bitching about a public database that lets you
> type in the number of a plane and retrieve its current flight path.
>
> - Are you so sure that you're innocent? Here's what local police often
> do to trap men in alleged rape cases. The woman says it was rape; the man
> says it was consensual. The police are quite sympathetic to the man, and
> ask him to describe what actually happened, in great detail. Then they
> charge him with sodomy in addition to rape. Since he admitted to sodomy,
> which is often still illegal but few people know that, he hasn't a chance,
> even if the sex was consensual.
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>
>
------------------------------
From: "john -r s" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.os.linux.admin,linux.admin.isp
Subject: Re: hacked login (telnet)
Date: Thu, 18 Mar 1999 19:29:57 -0500
I tell folks to first Completely DISABLE all services. Again as you have
pointed out go into the /etc/inetd.conf and comment all entries (be warned
that many services that run from here can also run stand alone! check your
rc files). Then decide which services you need. Many services have better
replacments such as wu-ftp, tcp-wrappers and Yes for your case in particular
Secure Shell. Decide to use those instead. Its more work but its worth the
payback in tightening up your system. Once you have the system in a state
that you like - portscan yourself or have a friend do it. There are many
good software packages that will aid you in this. Good Luck.
-jrs
George Csahanin wrote in message ...
>I'd try hosts.allow to be only the protected side machines, and make
>hosts.deny hide for a while.
>
>
>[EMAIL PROTECTED] wrote in message <7c9vk8$9o2$[EMAIL PROTECTED]>...
>>I want to allow telnet access to a Internet connected server;
>>but *only* form the local LAN connected machines.
>>Is this possible or not. I do not wish telnet access available
>>via the Net at all.
------------------------------
From: [EMAIL PROTECTED] (Jason Rotunno)
Crossposted-To:
alt.os.linux,comp.os.linux,comp.os.linux.misc,comp.os.linux.setup,comp.os.linux.redhat,alt.os.linux.slackware
Subject: Re: What is the best Linux to install?
Date: 19 Mar 1999 00:37:11 GMT
when i read "what ditro" threads a lot of the benefits and drawbacks
discussed have dealt with setup/configuration and x. not taking into
consideration x, WM's, x apps, etc is there any real difference between
the major distros aside from setup?
------------------------------
From: Gavin McCord <[EMAIL PROTECTED]>
Crossposted-To: news.software.nntp
Subject: INN reload needed after posting news?
Date: Fri, 19 Mar 1999 00:48:58 +0000
Im running INN-1.7.2 on Slackware 3.6 Linux and use
Suck 4.0 to collect from and post news to, my ISP -
news.demon.co.uk. I use Netscape as the frontend.
I can download messages ok, and post using
the command
rpost -d -b /var/spool/news/out.going/demon \
-p /var/spool/news/articles
when connected to my ISP.
However, if I subsequently try to send messages from
Netscape, they end up in the /var/spool/news/articles
tree ok, but the out.going/demon batchfile is not created.
Through trial and error, I got it to work by doing a
ctlinnd reload active ""
after the rpost command.
Is this necessary, or have I simply misconfigured my INN
setup?
------------------------------
From: "john -r s" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: route always goes to eth0
Date: Thu, 18 Mar 1999 19:22:44 -0500
I have setup a linux box with both ethernet and modem connections. Ethernet
is connected to an internal network. Previously when I would dial out, the
machines internally could get out (via ip forwarding?). One day nothing
worked anymore. When I do a traceroute I get a message as follows:
traceroute mail.earthlink.net
traceroute: Warning: Multiple interfaces found; using 192.168.1.13 @ eth0
Here is the output from the route command:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
38-default-gw.p * 255.255.255.255 UH 0 0 0
ppp0
192.168.1.0 * 255.255.255.0 U 0 0
5 eth0
127.0.0.0 * 255.0.0.0 U 0
0 3 lo
default 38-default-gw.p 0.0.0.0 UG 0 0
2 ppp0
I have tried so many options with routing that I am totaly at a loss. I
cannot seem to get the system to use ppp0 anymore. Any help would be
appreciated. Thanks.
-jrs
------------------------------
From: "Brady" <[EMAIL PROTECTED]>
Subject: LDAP Server
Date: Fri, 19 Mar 1999 01:47:38 GMT
I got the server from openldap.org but I can't figure out exactly what to do
with it. It compiles and installs ok but does anyone know how to put
information in it??
Brady
------------------------------
From: "Stephen Osborn" <[EMAIL PROTECTED]>
Subject: ADSL & Linux
Date: Thu, 18 Mar 1999 15:58:57 -0700
I am having trouble getting my ADSL connection up on my linux box. I can get
the EtherLink III card to ifconfig. I can ping the card address from the
linux shell. When I setup the default route and try to ping the gateway I
get:
ping: sendto:Operation not permitted
Anyone have this working properly and can help out?
Thanks
------------------------------
From: Wim Van Dijck <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux
Subject: Re: Strange script problems in rc.firewall
Date: Fri, 19 Mar 1999 00:51:01 +0100
Dit is een multi-gedeelten-bericht in MIME-formaat.
==============C76DDC366C4D2E13F0FB71DE
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Chris Wolfe schreef:
> What script are the variables being declared in?
In the rc.firewall file. Should I declare them somewhere else perhaps?
> Have you tried replacing the variable names with the actual values?
>
Yes, no result.
> Maybe if you post the scripts in which the variables are being declared,
> and the rc.firewall script someone will be able to find your problem.
>
ok, here you are..Thanks for the answer.
Wim
==============C76DDC366C4D2E13F0FB71DE
Content-Type: text/plain; charset=us-ascii; name="rcfirewall.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="rcfirewall.txt"
#!/bin/sh
#--------------------------------------------------------------------
# Version v2.93
#
# v2.93 - Added explict OUTPUT filters for the BackOrofice and NetBus Windows trojans
# v2.92 - Moved the default policy settings and INPUT/OUTPUT/FORWARD flush from
# the top of each section to the top top of the entire ruleset.# v2.91
# v2.91 - Added more firewall DENY rules to stop Xwindows ports 6001-6007
# v2.90 - Changed the default policies from DENY to REJECT.
# v2.80 - Clarified the input/output rules for HTTP to use the -W interface option and
# added a #ed out rule for allowing HTTP traffic directly to the Linux
box
# from the Internet.
# v2.75 - Added and commented on the enabling of multicast traffic
# - Caught a serious typo: -V CANNOT have a subnet mask appended to it.
Though
# this is inconsitant with the other commands, this has been confirmed.
# v2.71 - Redirectted the rc.firewall debugging info to /tmp/rc.firewall.dump
# v2.70 - Added commented out debugging echo statements right after the enviroment vars
# v2.65 - Removed the /32 bit subnet mask from the intip, extip, dgw, secondarydns,
# and securehost variables and manually placed them back within the
rulesets
# themselves. This is for users who use DHCP and/or PPP that wouldn't
get the
# correct netmask. Also, the netmask built into these variables would
break
# the IPPORTFW section.
# - Added the LOOPBACK variable for better readibilty
# - Cleaned the comment sections a little
#
# v2.60 - Added #'ed out rules to support the Linux box getting addressed via DHCP
# v2.51 - Corrected the vars passed to PPPd as shown bellow in the comments section
# v2.50 - Deleted an already #ed out line to allow in ALL incoming
# traffic.
# - Added a /32 bit subnet mask to the intip, extip, dgw, secondarydns,
# and securehost variables. Because of this, I then deleted a few stray
# and possibly incorrect /24 and /32 bit masks on various IPFWADM rules
# - Cleaned up (split up) the explict INPUT section for internal and external
# hosts.
# - Cleaned up the IPPORTFW area to use all environment vars and added the
# $portfwip var.
# - Deleted a duplicate line for the "outgoing from local net on remote
interface,
# stuffed masquerading, deny" ruleset
#
# v2.45 - Added the enviroment variables that PPPd passes to ease the
# use of IPFWADM firewalls
# v2.40 - Change the default behavior of IPORTFW to disabled
# - Made some clarifications for dynamically addressed users and
# the "extif" variable.
# v2.30 - Commented and changed the unrestricted ports to 1024-65535
# since SSH sometimes creates connections at port 1023
# - Added #'ed out IPFWADM statements to do non-logged filtering
# of BOOTP (ports 67-68), Samba (ports 137-138), RIP
# (port 520), and SNMP (port 161)
# - Added TCP support for DHCP
# v2.25 - Rearranged the ordering and description of the IPFWADM enviro variables
# - Added #'ed out IPFWADM statements for WWW access to the world
# v2.20 - Addition of IPPORTFW commands
# v2.10 - Disabled ALL outbound Xwindows (Xwin uses port 6000) which was
# previously allowed since its in the >1024 port range. Gotcha!
# v2.00 - Totally re-written and MUCH stronger
# v1.00 - Oringial draft
#--------------------------------------------------------------------
# ++ Best viewed in a window at 90+ columns
#
# This script was adapted from Ambrose's IPMASQ-HOWTO and several
# other resources including:
#
# - Me
#
# **Note**: This config ASSUMES:
#
# 1) that you have your private LAN addressing set as
# 192.168.0.x
# 2) Your internal LAN is on eth1
# 3) Your external LAN is on eth0
# 3) Your static IP address is 100.200.0.212(External IP)
# * If you get your external IP address via DHCP, you
# will need to un-comment (un-#) the "DHCP - Client" ruleset
#
# Obviously, this config won't be totally correct for your
# enviroment nor can your static IP address be the same
# as mine! So, you might need to change the IP addresses,
# internal/external interface names, un-comment out the #'ed out DHCP client
# lines, etc.
#
# ---------------------------------------------------------------
#
# This config also handles both IP spoofing and stuffed routing
# and IP Masquerading. Anything not explictly allowed is
# REJECTED. Rejecting traffic is better than DENYING it since
# it makes the IPFWADM'ED machine look like its not CAPABLE of
# doing that particular protocol!
#
# ***PPP and DHCP USERS***
#
# 1) All PPP and DHCP users that get Dynamic IP address should
# # out the "extip" variable a page or so down and then un-# out the
# following command for your dynamic IP address:
#
# NOTE: DHCP users will need to replace the "ppp0" interface name with
# the interface name of your external Internet interface.
#
# extip=`/sbin/ifconfig | grep -A 4 ppp0 | awk '/inet/ { print $2 } ' | sed -e
s/addr://`
` ' `
#
#
# 2. Create the /etc/ppp/ip-up script file to execute this ruleset:
#
# /etc/ppp/ip-up
# --
# #!/bin/sh
# /etc/rc.d/rc.firewall
# --
#
# NOTE: When PPPd runs the /etc/ppp/ip-up script, it passes several
# enviroment variables which can help bring up the script.
# Though I haven't updated my doc to use these variables, I will
# at a future date:
#
# $1 = Interface being brought up (e.g. ppp0)
# $2 = TTY device being used (/dev/modem)
# $3 = Terminal speed (38400)
# $4 = IP address of my local PPP interface
# $5 = IP address of the remote P-t-P link (default gw)
# $6 = This is the IPPARM string that is passed from the
options
# file for any ip-up specific use
#
#
# 3. Now make this new script executable by running "chmod 700
/etc/ppp/ip-up"
#---------------------------------------------------------------------------
#Enviroment Variables - Change to suit your enviroment
#
#Specification of the LOOPBACK interface
loopback="127.0.0.1"
#Specification of the INTERNAL NIC
intif="eth1"
#The IP address on your INTERNAL nic
intip="192.168.0.1"
#IP network address of the INTERNAL net
intnet="192.168.0.0"
#IP address of an internal host that should have IPPORTFW forward traffic to
portfwip="192.168.0.20"
#Specification of the EXTERNAL NIC
#
# PPP Users: If you are using the Dynamic PPP "extif" script from above,
# make sure to comment the below line out so it doesn't override it.
#
# If you want to use the PPPd variables, change this to read:
# extif="$1"
#
extif="eth0"
#The IP address you get from the Internet
#
# PPP users: If you are getting dynamic address, either use the "extip" script
# from the header above or if you want to use the PPPd
variables,
# change this to read:
# extip="$3"
#
extip="100.200.0.212(External IP)"
#The IP broadcast address of the external net
#
# PPP users: If you are getting dynamic address, use the the PPPd variables.
# Change "extbroad" to read (this make an assuption but it should
# be a safe assumption):
# extbroad=`echo $4 | cut -d '.' -f 1-3`.255
#
extbroad="100.200.0.255(external broadcast ip)"
#IP address of the default gateway on the EXTERNAL NIC
#
# PPP users: If you are getting dynamic address, use the the PPPd variables.
# Change "dgw" to read:
# dgw=$4
#
dgw="100.200.0.1(External gateway IP)"
#IP Mask for ALL IP addresses
universe="0.0.0.0"
#IP Mask for BROADCAST
broadcast="255.255.255.255"
#Specification of HIGH IP ports
# NOTE: Notice that this STARTS at 1024 and NOT at 1023 which it should.
# for some reason SSH sometimes initiates connections at 1023 which
# is a TCP violation but shit happens.
#
unprivports="1024:65535"
#Specification of backup DNS server
secondarydns="102.200.0.25(ext sec DNS)"
#Specifically allowed external host - secure1.host.com
securehost="200.211.0.40(explicit allowed ip#1)"
#---------------------------------------------------------------------------
# Debugging Section: If you are having problems with the firewall, uncomment
# out (un # out) the follow echo lines and then re-run
# the firewall to make sure that the rc.firewall is
# getting the right info.
#
#echo Loopback IP: $loopback > /tmp/rc.firewall.dump
#echo Internal interface name: $intif > /tmp/rc.firewall.dump
#echo Internal interface IP: $intip > /tmp/rc.firewall.dump
#echo Internal interface net: $intnet > /tmp/rc.firewall.dump
#echo ----------------------------------------------------- > /tmp/rc.firewall.dump
#echo External interface name: $extif > /tmp/rc.firewall.dump
#echo External interface IP: $extip > /tmp/rc.firewall.dump
#echo External interface broadcast IP: $extbroad > /tmp/rc.firewall.dump
#echo External interface default gateway: $dgw > /tmp/rc.firewall.dump
#echo Internet IP to be portforwarded to: $portfwip > /tmp/rc.firewall.dump
#echo ----------------------------------------------------- > /tmp/rc.firewall.dump
#echo External secondary DNS (optional): $secondarydns > /tmp/rc.firewall.dump
#echo External secured host (optional): $securehost > /tmp/rc.firewall.dump
#--------------------------------------------------------------------------
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
