Linux-Networking Digest #921, Volume #10 Tue, 20 Apr 99 10:13:35 EDT
Contents:
Re: Portable - Home/Work IP Configuration (Stew Benedict)
Re: No way to avoid "denial of service attacks"? (Ron DuFresne)
ADSL and ATMF 25Mbit/s NIC ([EMAIL PROTECTED])
Re: HTTP PUT via TELNET port 80 Question (Rob van der Putten)
Re: Machine name themes - what do you use? (Eggenberger Marc)
Re: SIOCADDRT: Invalid argument ("Gregory Kreymer")
Re: ipmasqadm and Netmeeting (Nidge Jones)
ip layer (Ahmed Said)
Re: QUESTION ? What are the IP bandwidth limitations of Linux ? (Matt Gessner)
Re: IP masquerading firewall - ftp problem ("Bj�rn Mork")
Re: QUESTION ? What are the IP bandwidth limitations of Linux ? ("M.C. van den
Bovenkamp")
Long names in Samba (danish)
Re: Telnet-Client under Windows 98 (Frank da Cruz)
Re: Configure NE2000 compatible ethernet NIC ([EMAIL PROTECTED])
Re: Linux in Linux in Linux in ("Lee Sharp")
small linux on a 386i with 6 meg RAM and 8 meg harddisc ("SSG Berlin")
Re: 2 GB file size limit ??? ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Stew Benedict)
Subject: Re: Portable - Home/Work IP Configuration
Date: 19 Apr 1999 17:02:30 GMT
Reply-To: stewb AT earthlink DOT net
Are you using PCMCIA for your network adapter? I've got a working setup
for this.
Stew
On Fri, 16 Apr 1999 18:21:59 +0000, Kevin der Kinderen <[EMAIL PROTECTED]> wrote:
>This has to be simple. I don't want to use dhcp (I've had problems with
>it before). I'm using my laptop at both work and home (to an ISDN
>router). When I start up in the new location I have to run netconf and
>change the ip, netmask and default gateway.
>
>I tried writing two simple scripts (homenet & worknet) to set the proper
>network settings using ifconfig and route. Apparently, something is
>missing and I can never make a connection. I'm assuming I'm missing
>something small.
>
>Has someone put together a script to do something like this that they
>wouldn't mind sharing?
>
>Thanks,
>Kevin
>
>
>--
>Kevin der Kinderen
>
>
>
--
------------------------------
From: Ron DuFresne <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: No way to avoid "denial of service attacks"?
Date: 20 Apr 1999 08:05:11 GMT
The point here is, and especially for small sites and limited pipes; If
someone wants to DOS you, they can. And tracing the attack is not an easy
deal, especially considering that attacks are spoofed, sometimes your
being DOS'ed is a side result of the truely intended victim, to whom you
in fact appear to be one of the attackers. Then consider, what kind of
relationship do you hav with other upstream providers, all very busy
persons, running about putting out fires constanly, for, it is them that
you need to help you block, trace, and attempt to track down the real
culprits.
Laterer,
Ron DuFresne
In comp.os.linux.networking donoli <[EMAIL PROTECTED]> wrote:
: [EMAIL PROTECTED] wrote in message <7ffofr$klb$[EMAIL PROTECTED]>...
:>Hello,
:>
:>My domain on an Apache hosted server was under some kind of "denial of
: service
:>attacks". The latest version of Apache do have a mechanisim to protect
: against
:>such activities, so i am going to upgrade and see if it can improve the
:>situation.
:>
:>However my question is that, is there really no way to fight against such
:>attack? How easy is it to trace the source of the attack? So if anyone
: wants
:>to bring a site down, all he need to do is keep calling the website index
:>page / CGI requests to overflooded the server? If I am a big company I
: might
:>have the money to fight with it, but what happen to small and home based
:>Internet business?
:>
:>Very scary! Any comments and help on this will be very appreciated.
:>
:>Regards
:>
:>Ted
: It's not really clear what you're running or exactly what the nature of the
: attack was. I guess you're running linux since you posted to linux NG.
: Did comment out any services you don't need in inetd.conf? Besides that,
: have you considered running a firewall which would log IP addresses?
: Donoli.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
------------------------------
From: [EMAIL PROTECTED]
Subject: ADSL and ATMF 25Mbit/s NIC
Reply-To: [EMAIL PROTECTED]
Date: Tue, 20 Apr 1999 12:14:40 GMT
Telecom Italia has installed me at home ADSL equipment with a ATMF
25Mbit/s NIC (SpeedStream 3310).
Actually I have to run the ugly Win 95, since I have no ATMF support
under my Debian 2.1 with 2.0.36 kernel (on the same machine).
Has someone something to suggest me to make ADSL connections work also
under Linux?
TIA
--
Lorenzo Pulici
Erich Weitzmann S.p.A. - web site http://www.weitzmann.it
------------------------------
From: Rob van der Putten <[EMAIL PROTECTED]>
Subject: Re: HTTP PUT via TELNET port 80 Question
Date: Tue, 20 Apr 1999 13:13:27 +0200
Hi there
On Sun, 18 Apr 1999 [EMAIL PROTECTED] wrote:
> I assume the PUT command I will use is something like:
I just polished a util which dumps all http requests and responses in a
file. Maybe you're interested.
Regards,
Rob
+------------------------------------------------------------------------+
| http://www.sput.webster.nl/spam-policy.html |
+------------------------------------------------------------------------+
------------------------------
From: [EMAIL PROTECTED] (Eggenberger Marc)
Crossposted-To:
comp.infosystems.www.servers.unix,comp.os.ms-windows.nt.admin.networking,comp.os.os2.networking.server
Subject: Re: Machine name themes - what do you use?
Date: Tue, 20 Apr 1999 13:37:57 +0200
In article <7ff4vp$264$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> The cs department in one University named it's domain 'bugworld' and the
> machines on it something like spider, cockroach, beetle etc.
>
> The nerd-ish atmosphere in my workplace made star-trek characters the natural
> selection for host names, star-trek spaceships for workgroups, and series
> (deep space 9) etc. for local domains.
same with me .. I have a klingon, romulan, ferengi, cardassia, etc. here
..
--
mfg
Eggenberger Marc
------------------------------
From: "Gregory Kreymer" <[EMAIL PROTECTED]>
Subject: Re: SIOCADDRT: Invalid argument
Date: Mon, 19 Apr 1999 11:59:58 -0400
>: > > Whenever I try to add a route ("route add -net 127.0.0.1"), I get
that error
>: > > message: "SIOCADDRT: Invalid argument".
>: > route add -net 127.0.0.0
I'm using RH 5.2 and didn't even have to add a route and I have the
"SIOCADDRT: Invalid argument" come up during a boot. I remember getting it
even after a fresh install using RH's menu installation. I have a hunch
that it's a NIC problem - I have a 3905b.... Do you hapen to also have the
same card?
Greg K.
------------------------------
From: Nidge Jones <usenet@[REMOVE.ME]nikel.co.uk>
Subject: Re: ipmasqadm and Netmeeting
Date: 20 Apr 1999 09:47:41 +0100
Alan T <[EMAIL PROTECTED]> wrote:
> I am trying to get Microsoft netmeeting work on my network
> currently. I have a windows 98 box on my local lan behind a linux
Netmeeting won't work.
> firewall. I am running a linux kernel 2.2.0 with IP chains on it, and have
> ipmasqadm installed. I am having problems when trying to run netmeeting
> though, others can see and hear me (from my mike and video camera) however
> I can not hear others back (from their mikes). Sharing whiteboards or such
> work though, so it appears only incoming sounds and video is getting
> snagged by my firewall. Anyone know specific ports or even better specific
> commands using ipmasqadm to forward the right places to my windows box to
> make it work? thanks :)
ils 389/tcp #Internet Locate Service
uls 522/tcp #User Locater Service
t120 1503/tcp #T.120
h323 1720/tcp #H.323
audiocall 1731/tcp #Audio Call control
But the incoming audio and video uses dynamic allocations. Therefore you
can't setup any forward rules for these, it will be different each time.
Therefore how can your Linux possibley know where it should be redirecting
the incoming packets to?
Netmeeting is one of the few things I have ever found not to work via
ipfwadm/linux. It doesn't even have a damm proxy option, like pointing at a
SOCKS5 server or the likes to get around it this way. Sigh, but then this
*IS* MS were talking about :-)
For a more in depth explanation, look at Microsoft's Netmeeting 'firewall
configuration' pages at..
http://www.microsoft.com/netmeeting/reskit/?/NetMeeting/reskit/NMRK21CH4.HTM
--
Nidge Jones
------------------------------
Date: Tue, 20 Apr 1999 14:09:18 +0200
From: Ahmed Said <[EMAIL PROTECTED]>
Subject: ip layer
hi there all,
does anyone know a good site or refernce, apart from the linux
kernel source code, that describes the functions and structs used by the
ip layer, eg the function that assembles fragmanted packets etc.
thanks to anyone who tries to help.
=================================================================================
Testing can prove the presence of bugs, but never their
absence.
Edsger Dijkstra
------------------------------
From: Matt Gessner <[EMAIL PROTECTED]>
Subject: Re: QUESTION ? What are the IP bandwidth limitations of Linux ?
Date: Tue, 20 Apr 1999 12:07:44 +0000
Jan Johansson wrote:
>
> > Does any one have any numbers ?????
>
> Is the Linux TCP/IP stack more robust then NT? Certainly, even MS (sort of)
> admits that.
> Is the NT TCP IP limited to 2Mbit? *LOL* Don't make me laugh, NT has
> sucesscully been used in Gigabit experiments, so tell your SA's to get their
> heads in gear and fix your network bottlenecks.
Agreed. That's insane. We ran one box at damn near 8Mbps. Of course,
there was nothing
else on the network but one other machine.
LOL
------------------------------
Crossposted-To: comp.os.os2.networking.tcp-ip
Subject: Re: IP masquerading firewall - ftp problem
From: "Bj�rn Mork" <[EMAIL PROTECTED]>
Date: 19 Apr 1999 19:38:19 +0200
[EMAIL PROTECTED] writes:
> You were right.
> If ip_masq_ftp.o module was loaded explicitly by
>
> modprobe ip_masq_ftp.o
>
> ftp worked well. I don't understand why "modprobe -a ip_masq_*"
> would not load the module correctly. Could anyone explain?
> (RH 5.2)
You probably need to escape the asterisk. Try "modprobe -a ip_masq_\*"
Bj�rn
------------------------------
From: "M.C. van den Bovenkamp" <[EMAIL PROTECTED]>
Subject: Re: QUESTION ? What are the IP bandwidth limitations of Linux ?
Date: Tue, 20 Apr 1999 14:52:57 +0200
me zawadzki wrote:
> We currently have a number of client systems running NT. These systems
> need to be able to receive (MPEG) files, via a WAN, at very high rates.
> These systems are unable to receive at rates above ~ 2Mbits/second. Our
> NT expert [it's a love/hate relationship :-)] says that this is due
> to protocol stack limitations. The machines are all Pentium, > 200 MHz,
> 10BaseT.
Across a WAN... What's your round-trip delay? If it's somewhere near
60ms (which I'm betting on), have that NT 'expert' fiddle with the TCP
window size. Default for NT is 8K if I'm not mistaken, which may well be
too low. Have him read up on 'TCP window size' and 'bandwidth-delay
product'; I recommend Stevens' TCP/IP Illustrated, Volume 1, The
Protocols, especially chapter 20.4 ('Window Size'), 24.3 ('Long Fat
Pipes') and 24.8 ('TCP Performance'). Perhaps that's what he meant by
'protocol stack limitations', but if that's where the problem is, it's
fixable even in NT with some registry surgery. Don't ask me where
exactly, though...
> I currently have a proposal on the table, which is to replace these
> NT (P)OS * boxes with Linux. Our feelings is that Linux should
> beat the living daylights out of NT (P)OS in the above regard.
Replacing NT with Linux is (especially in the server arena) always a
good idea :-) That said, even an NT box can do better than 2 Mbps, if
you know what you're doing.
Regards,
--
Marco van den Bovenkamp.
CIO EMEA Network Design Engineer,
Lucent Technologies Nederland.
Room: HVS BZK 32
Tel.: (+31-35-687)2724
Mail: [EMAIL PROTECTED]
------------------------------
From: danish <[EMAIL PROTECTED]>
Subject: Long names in Samba
Date: Tue, 20 Apr 1999 13:32:36 +0200
I have RedHat5.2 with samba 1.9.18p10 and i mounted Novell 3.12 to
linux.
Samba is sharing Novell share and problem is, when Win95 client try to
create folder in
this sharing directory.
Client try to create folder 'New Folder', and it is impossible. How can
i change it in Samba?
------------------------------
From: [EMAIL PROTECTED] (Frank da Cruz)
Subject: Re: Telnet-Client under Windows 98
Date: 19 Apr 1999 17:47:24 GMT
In article <[EMAIL PROTECTED]>, Holger Petersen <[EMAIL PROTECTED]> wrote:
: "Marc Schumacher" <[EMAIL PROTECTED]> writes:
: >Does anybody know anything about a telnet client which fully supports the
: >telnet features of Suse 5.3, e.g. to display the graphical boxes e.g. of
: >yast and other applications like mc correctly and one with which the
: >keyboard has the same functionality as on a linux to linux connect.
:
: There isn't _any_.
: All Telnet-Programms I've looked at have one or the other bug^H^H^Hfeature.
: or I didn find one.
:
Look at Kermit 95:
http://www.columbia.edu/kermit/k95.html
It includes native Linux Terminal emulation, and 30+ others.
: All of them try to imitate an outdated Vt-100-Terminal from an ancient
: Computer-manufacturer called DEC. This terminal was useless even for
: running WordStar under CP/M in those old days (insisted on XON/XOFF for
: pacing the Z80-Computer; WordStar used those keys heavily :-)
:
Actually Xon/Xoff is not a property of the terminal definition, but of the
connection. The original VT100 was designed to be used with DEC hosts
(PDP-11s, VAXes, DEC-10s and -20s), which used Xon/Xoff also, and therefore
the two ends worked nicely together. Effective flow control was especially
important when the terminal's "smooth scrolling" feature was activated.
In the terminals themselves, at least the later models, you can choose the
flow control option in Setup.
Nowadays we have networks providing flow control, or modems that use
RTS/CTS out-of-band flow control, thus allowing Xon and Xoff as data
characters (so you can search, save, and quote in EMACS). Most VT100/220/
320/etc emulators can be used this way in VT100 or any other mode.
- Frank
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Configure NE2000 compatible ethernet NIC
Date: Tue, 20 Apr 1999 13:14:34 GMT
I finally got Linux to load my ethernet NIC module. Apparently, modprobe saw
an I/O port conflict between the NE2000 module and my Crystal Audio module,
but from what I could tell, no conflict actually exists. I can successfully
load eth0 first, and then the audio module, but not in the reverse order.
Any explanation?
Do you recommend I change the initialization sequence in my startup scripts
or perhaps compile ne.o in to the kernel (I do not much like this idea, since
I do not want to recompile the kernel each time I change or install cards)?
Thanks to all of you for your suggestions.
Derek
In article <7fde40$ls4$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
>
>
> I think I am getting closer to a solution.
>
> According to depmod, the NE2000 module ne.o depends on 8390.o, so I installed
> 8390.o:
>
> insmod /lib/modules/preferred/8390.o
>
> and then tried to install ne.o:
>
> insmod /lib/modules/preferred/ne.o
>
> insmod -o eth0 /lib/modules/preferred/net/ne.o
> /lib/modules/preferred/net/ne.o: init_module: Device or resource busy
>
> How do I make the device "un-busy"?
>
> Derek
>
> In article <7fchdb$v9d$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] wrote:
> >
> >
> > What steps must I take to have RedHat Linux recognize my NE2000 compatible
> > ethernet adapter? The adapter settings are irq=7, io=0x320, base=0xC800.
> >
> > Here is my /etc/conf.modules:
> >
> > alias sound cs4232
> > alias midi opl3
> > options opl3 io=0x388
> > options cs4232 dma=3,0 io=0x530 mpu_irq=9 irq=5 mpu_base=0x330
> > alias eth0 ne
> > options ne io=0x320 irq=7
> >
> > To activate eth0, I invoke:
> >
> > ifconfig eth0 10.0.0.1 netmask 255.0.0.0 up
> >
> > but ifconfig reports:
> >
> > SIOCSIFADDR: Operation not supported by device
> > eth0: unknown interface.
> > SIOCSIFNETMASK: Operation not supported by device
> > eth0: unknown interface.
> >
> > What must I do to correct this error?
> >
> > Derek
> >
> > Please cc: your response to [EMAIL PROTECTED]
> >
> > -----------== Posted via Deja News, The Discussion Network ==----------
> > http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
> >
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Lee Sharp" <[EMAIL PROTECTED]>
Subject: Re: Linux in Linux in Linux in
Date: Mon, 19 Apr 1999 12:58:49 -0500
Dinis Teixeira wrote in message <[EMAIL PROTECTED]>...
| I�m seriously thinking in implement a mail solution using Linux in
|replacing of the actual mail solution using MS Exchange.
| The requirments are:
| -Internal mail distribution in PC clients�s Win95/95, preferable
|no using pop3 (requires periodical inquires) but something similar to
|the Exchange transport (ex. SNMT ?, delivery), in a simple PC Client ,
|ex: MSOutlook or other.
The old MS Exchange client was the beginning of the definition for IMAP.
The new outlook is IMAP and POP3. Both use periodic pooling for mail. It
is settable, or it can be manual. POP3 defaults to manual...
| - Internet delivery, using routing access(think easy) or dial-up
|access.
Dial-up is a subset of routing... However, if you want to receive on a
non dedicated link, you need your ISP to deque the e-mail. If neither you,
nor they, know what this is, you need a dedicated link. :-)
| -Internet receiving from a provider recipient (periodicak on POP3 or
|IMTP) or permanent connection (think easy).
Is that a bad way of saying dequeing e-mail? :-) FYI - e-mail servers on
the internet talk SMTP. POP3 is client, not server...
| -Easy/intuitive management on Server and Clients.
Intuition is different for different people. Unix e-mail is
traditionally command line driven. Now there are X front ends available,
but you have to hunt for them.
|Does any ony can give me some sugestions to buid up this kind of
|solution
Sendmail or Qmail are the only servers to consider. <Perhaps Suns
e-mail, but it ain't cheap, or as good, but it looks nice :-) > There are a
LOT of front ends for both...
Lee
--
SCSI is *NOT* magic. There are *fundamental technical reasons* why it is
necessary to sacrifice a young goat to your SCSI chain now and then. *
Black holes are where God divided by zero. - I am speaking as an individual,
not as a representative of any company, organization or other entity. I am
solely responsible for my words.
------------------------------
From: "SSG Berlin" <[EMAIL PROTECTED]>
Subject: small linux on a 386i with 6 meg RAM and 8 meg harddisc
Date: Tue, 20 Apr 1999 12:04:57 +0200
Who can help me,
i have only an 386i with 6 meg RAM and 8 meg harddisc. I �want use this
hardware for tcp/ip networking with an wavelan pcmcia card.
thanks Frank
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: 2 GB file size limit ???
Date: Tue, 20 Apr 1999 13:59:21 +0059
Clifford Kite <kite@NoSpam.%�inetport.com> wrote:
: : Files bigger than 2 GB seem to have a problem.
: : Length is displayed incorrect. Get cut during copy ...
: The current maximum file size on 32-bit machines is 2GB. The 64-bit
: machines may be supported by 2.2.x but I haven't verified this.
This has been fixed on 64 bit machines since about 2.1.100. I regularly
have multi-gigabyte files on my Alpha.
: : Is there any patch?
: There wasn't a year ago. Then the expectation was that larger files for
: 32-bit machines would be in 2.3.x .
http://linux-patches.rock-projects.com contains a patch. I don't know much
about it (there is no pointer to a home page). I seem to recall that it is
not completely transparent and that you need to recompile any applications
which need access to the large files, but this might not be true.
: --
: Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
: /* Those who can't write, write manuals. */
--
============================================================================
Richard Simpson
Farnborough, Hants, Uk Fax: 01252 392118
[EMAIL PROTECTED]
I am not aware of any views shared by myself and my employers.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
