Linux-Networking Digest #896, Volume #10 Sat, 17 Apr 99 19:13:42 EDT
Contents:
tftpd information (Tom Powell)
Very basic questions (Pavel Grinfeld)
Re: Samba, a risk for your privacy? ("MattW")
Re: Problem with modem after kernal upgrade to 2.2.3 (paulr)
Re: adding static routes (and gateways) ("Eric")
Re: Multiple entires in routing table.... ("Eric")
(no subject) ("Leonzo E. Miller III")
Re: Linux and Windows networked together ("Eugene")
Re: Samba, a risk for your privacy? (razoon)
Re: Samba, a risk for your privacy? ("MattW")
Re: Problem in configuring the 3C509 NIC on redhat5.2 (Don Baccus)
timed looping ([EMAIL PROTECTED])
Re: Mail routing ("William Evans")
Re: Linux - My honest opinion (Don Baccus)
Very basic questions: part II (Pavel Grinfeld)
----------------------------------------------------------------------------
From: Tom Powell <[EMAIL PROTECTED]>
Subject: tftpd information
Crossposted-To: news2.qx.net
Date: Sat, 17 Apr 1999 17:00:43 GMT
Does anyone know where I can get information on configuring the
tftp service. I need to set it up for updating routers, etc.=20
I have looked at the tftpd and related man pages but they are=20
pretty thin. Any info would be appreciated.
Thanks,
Tom Powell
------------------------------
From: Pavel Grinfeld <[EMAIL PROTECTED]>
Subject: Very basic questions
Date: Sat, 17 Apr 1999 13:43:22 +0000
Hi,
I know for a fact that these questions are posted to a wrong. The reason
why I'm asking them here is because I know I'll get good answers. I've
read all the relevant FAQ's (net-3, not so carefully), but missed some
things which I assumed weren't mentioned specifically because they are
so basic.
I'm looking to connect *three* Linux boxes *one* 95 and *one* NT into a
LAN for me and a couple of my friends. One of the Linux boxes is
connected to the interent VIA a cable modem (very successfully) and I
want the rest to have access to the internet.
Here come the questions. (if I eventually get the answers to all of my
questions I'll definitely through together a mini-HOWTO.)
0a. When the howto's say "bus" to they mean the cables?
0b. What are "back-to-back" packets?
1a. 10baseX.
- I do need a hub, don't I?
1b. Ethernet vs. Fast Ethernet.
- A hub is either one or the other, but can't be both, correct?
- Can the local network be Fast Ethernet and connection to the
Internet regular?
- If I'm copying a 100Mb file from one computer to another (say,
ftp) is Fast Ethernet really 10 times faster or do other limitations
come in (like the speed of the harddisk)?
- The Ethernet howto talks about 32 and 16 bit cards on the one
hand, and Fast vs. Regular Ethernet on the other. Is it typically true
that 32 = Fast, 16 = Regular or are they measurements of completely
different things?
1c. Geometry.
Which one is correct (if either)?
- All computers are connected to the hub, the hub is connected to
the internet (therefore, I need 1 more port than I have computers)
- All computers are connected to the hub, one of the computers (the
linux box, of course)is connected to the internet and does accounting,
firewalling, masquerading, etc (therefore, this machine needs two NIC
cards).
More questions in the next message for convenience!
Many thanks in advance!
Pavel
[EMAIL PROTECTED]
------------------------------
Reply-To: "MattW" <[EMAIL PROTECTED]>
From: "MattW" <[EMAIL PROTECTED]>
Subject: Re: Samba, a risk for your privacy?
Date: Sat, 17 Apr 1999 09:48:50 -0700
> > Has this 'hacker' deliberately connected to my LAN or is it a
> > consequence
> > of having the same networkadres provided by the same ISP?
Consequence.
> > Are the ipchains rules to block port 137:139 enough to prevent this?
Yes.
> > Can someone as easily as connecting to my LAN also connect to my
> > masqueraded clients?
Not easily
> > How can i learn more of such a 'hacker' (f.i. ip-adres)?
> >
Probably, most likely, not a hacker... nor cracker... tcpdump will show
you. If you see heavy traffic from your netbios friend then you should be
worried and contact your provider with the IP address you obtain from
tcpdump. Most Cable Modem providers can find out immediately which of their
customers are on any of their given IP Pools. They will deal with the
person... or most likely not deal with them and pull the account.
Hope I answered your questions.
Matt W.
MattW <[EMAIL PROTECTED]> wrote in message
news:IM3S2.990$[EMAIL PROTECTED]...
> Welcome to the world of "Cable Modem".
>
> Consider your cable modem as being connected on a "hub" with everyone else
> on your block. Just like with a hub you will see the workgroups of any
win
> machine connected to the hub. This is kind of an undocumented feature
"bug"
> of cable modems. The problem is how do you block ports on a hub? I am on
> media one. I talked to Media one about this and they say they are working
> on a fix. I don't know how but I can no longer see all the machines on my
> block. I used to be able to. People who leave file sharing on c: with no
> password are pretty much leaving themselves wide open to the world.
>
> It's not a security flaw in SAMBA. It's the cable modem connection. Just
> because you specify which hosts you announce to will not stop them from
> announcing to you.
>
> Just be really "mindful" of what and how you share.
>
> The reason you see another computer under your "Workgroup" is [I assume]
you
> left the default workgroup name or chose one that someone else chose.
This
> puts you and the other host in the "same" workgroup.
>
> Or you can firewall your system and deny all in/out for netbios/wins
ports.
>
> Matt W.
>
> razoon <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > I have running a linuxbox and 2 clients. I have cablemodem.
> > Samba is installed.
> > When i do: smbclient -L 'mypcname', sometimes i see another pc
> > under the Workgroup and Master header.
> > This while smb.conf has 'hosts.allow' and 'interfaces=192.168.0.0/24
> > 127.'
> > as rules.
> >
> > My questions
> > How is it possible i see another pc while i have those smb.conf rules?
> > Shouldn't those rules in smb.conf prevent this?
> >
> > Has this 'hacker' deliberately connected to my LAN or is it a
> > consequence
> > of having the same networkadres provided by the same ISP?
> >
> > Are the ipchains rules to block port 137:139 enough to prevent this?
> >
> > Can someone as easily as connecting to my LAN also connect to my
> > masqueraded clients?
> >
> > How can i learn more of such a 'hacker' (f.i. ip-adres)?
> >
>
>
------------------------------
From: paulr <[EMAIL PROTECTED]>
Subject: Re: Problem with modem after kernal upgrade to 2.2.3
Date: Sat, 17 Apr 1999 18:01:19 -0500
[EMAIL PROTECTED] wrote:
>
> Help, after upgrading my kernal on a Redhat/Mandrake system my modem will not
> respond to commands. I linked /dev/modem to /dev/ttyS0 but taht did not help. I am
> sure I am doing something silly, please advise...
>
> Junior Thompson
JT,
Did you update other system software as well?? Kernel 2.2.5
needs a few updates (at least for RedHat 5.2)
Oh, and make sure that minicom/etc. really use "dev/modem", and not
"dev/cua0". The cua devices were defaults on *some* older
packages......
Regards,
P
--
*******************************************
Paul Reich Motorola, Inc.
[EMAIL PROTECTED] Staff Engineer
#include <Motorola/std_disclaimer.h>
"A CPU Cycle is a Terrible Thing to waste."
*******************************************
------------------------------
From: "Eric" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Re: adding static routes (and gateways)
Date: Sat, 17 Apr 1999 17:34:19 GMT
Whoops - realized I made a typo....
It's using mod-tools 1.121 and mod-tools 1.50
Eric
------------------------------
From: "Eric" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Re: Multiple entires in routing table....
Date: Sat, 17 Apr 1999 17:34:20 GMT
Whoops - realized I made a typo....
It's using mod-tools 1.121 and mod-tools 1.50
Eric
------------------------------
From: "Leonzo E. Miller III" <[EMAIL PROTECTED]>
Subject: (no subject)
Date: Sat, 17 Apr 1999 17:58:48 -0400
How can U tell if you are running in parallel mode after compiling the
Kernel for it and rebooting?
--
Integrated Information Solutions http://www.logosnet.net
SmartWare 2000 PLUS! You've tried the rest!
Voice: (954) 360-0538 Text: [EMAIL PROTECTED]
------------------------------
From: "Eugene" <[EMAIL PROTECTED]>
Subject: Re: Linux and Windows networked together
Date: Sat, 17 Apr 1999 18:37:25 GMT
yep.
look at www.samba.org (samba comes with all distributions)
--
"Ein Volk, ein Reich, ein Fuhrer" - Adolf Hitler
"One World, one Web, one Program" - Microsoft's slogan
Bill Lathan <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
s.net...
> I wish to network a Linux machine with several Windows 98 machines so that
> they may share files, etc. I haven't seen any good explanation of that.
Good
> someone please tell me where to look or indicate whether such is possible.
>
> Many thanks.
>
>
------------------------------
From: [EMAIL PROTECTED] (razoon)
Subject: Re: Samba, a risk for your privacy?
Date: Sat, 17 Apr 1999 22:19:41 GMT
Reply-To: [EMAIL PROTECTED]
On Sat, 17 Apr 1999 09:48:50 -0700, "MattW" <[EMAIL PROTECTED]> wrote:
>> > Has this 'hacker' deliberately connected to my LAN or is it a
>> > consequence
>> > of having the same networkadres provided by the same ISP?
>
>Consequence.
>
>> > Are the ipchains rules to block port 137:139 enough to prevent this?
>
>Yes.
>
>> > Can someone as easily as connecting to my LAN also connect to my
>> > masqueraded clients?
>
>Not easily
>
>> > How can i learn more of such a 'hacker' (f.i. ip-adres)?
>> >
>Probably, most likely, not a hacker... nor cracker... tcpdump will show
>you. If you see heavy traffic from your netbios friend then you should be
>worried and contact your provider with the IP address you obtain from
>tcpdump. Most Cable Modem providers can find out immediately which of their
>customers are on any of their given IP Pools. They will deal with the
>person... or most likely not deal with them and pull the account.
>
>Hope I answered your questions.
You indeed helped me and a lot.
thanks
>Matt W.
>
>
>MattW <[EMAIL PROTECTED]> wrote in message
>news:IM3S2.990$[EMAIL PROTECTED]...
>> Welcome to the world of "Cable Modem".
>>
>> Consider your cable modem as being connected on a "hub" with everyone else
>> on your block. Just like with a hub you will see the workgroups of any
>win
>> machine connected to the hub. This is kind of an undocumented feature
>"bug"
>> of cable modems. The problem is how do you block ports on a hub? I am on
>> media one. I talked to Media one about this and they say they are working
>> on a fix. I don't know how but I can no longer see all the machines on my
>> block. I used to be able to. People who leave file sharing on c: with no
>> password are pretty much leaving themselves wide open to the world.
>>
>> It's not a security flaw in SAMBA. It's the cable modem connection. Just
>> because you specify which hosts you announce to will not stop them from
>> announcing to you.
>>
>> Just be really "mindful" of what and how you share.
>>
>> The reason you see another computer under your "Workgroup" is [I assume]
>you
>> left the default workgroup name or chose one that someone else chose.
>This
>> puts you and the other host in the "same" workgroup.
>>
>> Or you can firewall your system and deny all in/out for netbios/wins
>ports.
>>
>> Matt W.
>>
>> razoon <[EMAIL PROTECTED]> wrote in message
>> news:[EMAIL PROTECTED]...
>> > I have running a linuxbox and 2 clients. I have cablemodem.
>> > Samba is installed.
>> > When i do: smbclient -L 'mypcname', sometimes i see another pc
>> > under the Workgroup and Master header.
>> > This while smb.conf has 'hosts.allow' and 'interfaces=192.168.0.0/24
>> > 127.'
>> > as rules.
>> >
>> > My questions
>> > How is it possible i see another pc while i have those smb.conf rules?
>> > Shouldn't those rules in smb.conf prevent this?
>> >
>> > Has this 'hacker' deliberately connected to my LAN or is it a
>> > consequence
>> > of having the same networkadres provided by the same ISP?
>> >
>> > Are the ipchains rules to block port 137:139 enough to prevent this?
>> >
>> > Can someone as easily as connecting to my LAN also connect to my
>> > masqueraded clients?
>> >
>> > How can i learn more of such a 'hacker' (f.i. ip-adres)?
>> >
>>
>>
>
------------------------------
Reply-To: "MattW" <[EMAIL PROTECTED]>
From: "MattW" <[EMAIL PROTECTED]>
Subject: Re: Samba, a risk for your privacy?
Date: Sat, 17 Apr 1999 09:40:20 -0700
Welcome to the world of "Cable Modem".
Consider your cable modem as being connected on a "hub" with everyone else
on your block. Just like with a hub you will see the workgroups of any win
machine connected to the hub. This is kind of an undocumented feature "bug"
of cable modems. The problem is how do you block ports on a hub? I am on
media one. I talked to Media one about this and they say they are working
on a fix. I don't know how but I can no longer see all the machines on my
block. I used to be able to. People who leave file sharing on c: with no
password are pretty much leaving themselves wide open to the world.
It's not a security flaw in SAMBA. It's the cable modem connection. Just
because you specify which hosts you announce to will not stop them from
announcing to you.
Just be really "mindful" of what and how you share.
The reason you see another computer under your "Workgroup" is [I assume] you
left the default workgroup name or chose one that someone else chose. This
puts you and the other host in the "same" workgroup.
Or you can firewall your system and deny all in/out for netbios/wins ports.
Matt W.
razoon <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I have running a linuxbox and 2 clients. I have cablemodem.
> Samba is installed.
> When i do: smbclient -L 'mypcname', sometimes i see another pc
> under the Workgroup and Master header.
> This while smb.conf has 'hosts.allow' and 'interfaces=192.168.0.0/24
> 127.'
> as rules.
>
> My questions
> How is it possible i see another pc while i have those smb.conf rules?
> Shouldn't those rules in smb.conf prevent this?
>
> Has this 'hacker' deliberately connected to my LAN or is it a
> consequence
> of having the same networkadres provided by the same ISP?
>
> Are the ipchains rules to block port 137:139 enough to prevent this?
>
> Can someone as easily as connecting to my LAN also connect to my
> masqueraded clients?
>
> How can i learn more of such a 'hacker' (f.i. ip-adres)?
>
------------------------------
Subject: Re: Problem in configuring the 3C509 NIC on redhat5.2
From: [EMAIL PROTECTED] (Don Baccus)
Date: 17 Apr 1999 10:47:33 PST
In article <[EMAIL PROTECTED]>, Bryan <[EMAIL PROTECTED]> wrote:
>how? Since i am currently using the win95 and I don;t have the dos diskette
>for the NIC.
Where'd you get your 3c509? I've got three of them and each
has come with floppies. Are you sure you don't have it?
If you don't, this is a good time to reflect on why one
shouldn't toss manufacturer-supplied floopies into the
trash even if you don't think you'll need them :)
--
- Don Baccus, Portland OR <[EMAIL PROTECTED]>
Nature photos, on-line guides, at http://donb.photo.net
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: linux.dev.admin
Subject: timed looping
Date: Sat, 17 Apr 1999 17:39:57 GMT
I noticed a few messages dating from a little while back about these
messages, but nobody seems to have the same cause (or lack of one) that I
have discovered.
On two linux boxes that I admin (one Sparc and one i386), about 30 of these
messages appear at a time, in cycles of about 30 minutes:
Apr 17 10:20:11 kermit in.timed[4103]: connect from 205.173.43.230
Following each cycle is the line:
Apr 17 10:20:12 kermit inetd[263]: time/udp server failing (looping), service
terminated
Now, I could accept the fact that something was going wrong with timed,
EXCEPT, IT ISN'T RUNNING! I don't mean that there is no entry in inetd.conf,
there is. However, NO NETWORK PACKETS are received during this time that
relate to timed. The thing that is going on EVERY time this happens is the
linux boxes are chatting with the NIS master server (updating some cache or
something). The IP of that computer isn't even 205.173.43.230 though. That
IP is our dialup server. And it never even talks to the two linux boxes.
Something is VERY strange here. These messages date back to the installation
of the linux boxes, so it's nothing that just happened. Anyone have any
ideas?
--
Brian Morris
mailto:[EMAIL PROTECTED]
Freshman, Computer Engineering, CalPoly, San Luis Obispo, CA
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "William Evans" <[EMAIL PROTECTED]>
Subject: Re: Mail routing
Date: 17 Apr 1999 13:09:08 -0400
>>>>> "Steven" == Steven D Boozer <[EMAIL PROTECTED]> writes:
Steven> You can install imap-4.4-2.i386.rpm from the Redat5.2 CD. This
installs
Steven> a mail server on Linux with both IMAP and POP3 functionality. After you
Steven> install the mail server ( rpm -Uvh imap-4.4-2.i386.rpm ) you will need to
Steven> edit some of the files in /etc/mail : ip_allow and relay_allow to your
Steven> specifications. I've attached the one's I setup to use on my LAN, but it is
Steven> left wide-open with the *.*.*.* and 0.0.0.0 -- I think. Anyways, my wife
and
Steven> kids and myself get email from our Linux RH52 dial-up server using Outlook
Steven> Express on Windows PC's. Is this what you wanted to do or did you mean that
Steven> you would like to have your email from your ISP automatically downloaded to
Steven> your Linux box? Not sure.
Note: the files in /etc/mail/ are owned by sendmail, not imap.
By configuring ip_allow and relay_allow to be wide-open, I hope you've
set up ipchains or ipfwadm to block incoming from the outside. If
not, you'll be wide-open to being used as a spam-relayer (if anybody
finds your box).
I use fetchmail to periodically download mail from multiple email
accounts (both POP and IMAP) and mail them to local accounts. Other
than sending from the local machine to a local user (using fetchmail),
sendmail is only used for spooling and sending outgoing mail.
Just another possible solution.
-bill
--
William Evans < william . evans @ computer . org >
------------------------------
Subject: Re: Linux - My honest opinion
From: [EMAIL PROTECTED] (Don Baccus)
Date: 17 Apr 1999 10:51:21 PST
In article <O22S2.2175$_a6.68700@paloalto-snr1>,
A. Feiner <[EMAIL PROTECTED]> wrote:
>There is no serious collaboration system available, not
>even serious database.
Informix Universal Server's not a serious database.
Hmmm...OK, if I concede that, how about Oracle? Oracle's
not a serious database?
Just curious.
>End user: this is where Linux sucks big time, and the people who work on it
>need to look at what Microsoft had done to the desktop. They turn it into a
>very accessible thing.
And this is where a lot of work seems to be going, with
KDE and other stuff I've heard about and read about, though
for my simple use of my Linux box I'm (shoot me!) happy with
TWM.
--
- Don Baccus, Portland OR <[EMAIL PROTECTED]>
Nature photos, on-line guides, at http://donb.photo.net
------------------------------
From: Pavel Grinfeld <[EMAIL PROTECTED]>
Subject: Very basic questions: part II
Date: Sat, 17 Apr 1999 13:53:30 +0000
Continuing with questions (please see my previous post).
These were probably described in one of the HOWTO but I must've missed
them.
2. When a machine sends out a packet, where does it physically go? Does
it go to all the machined connected to the hub? (Then some merely reject
it because they don't know what to do with it and some respond nicely.)
3. In a 10baseX network can I move machines around freely? For instance,
if I have a laptop can I connect to any cable? Is it OK to have cables
plugged in to the hub and not plugged in anywhere at the other end?
4. How much should I expect to pay for a 8-ish port hub (T or TX). Can
anyone recommend a brand? Are there any issues of hubs supporting only
certain protocols or are they pretty dumb devices?
5. I tried to shop for Twisted Pair cables at buycomp and
buynowcomputers but nothing much comes up. Can anyone recommend some
places on the web or some keywords to search by?
Once again, thank you very much in advance!
Pavel
[EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
