Linux-Networking Digest #148, Volume #11 Fri, 14 May 99 01:13:46 EDT
Contents:
Re: Help me...I've been hacked! ([EMAIL PROTECTED])
RedHat 6.0 Desktop (L.P. Duong)
Re: root login denied over telnet in RH6.0 (Bill Unruh)
IP Masquerading on 2.2 ("Donald E. Stidwell")
ifconfig and 10/100 speed/duplex (bryan)
HELP ME PLEASE, HP4MV network printer? (Park Yeung-Cheul)
Re: linux ipchains with NT server (Paul Rusty Russell)
Re: ipmasqadm trouble (Paul Rusty Russell)
Re: TCP connections are reset all the time (Paul Rusty Russell)
Re: Help ISDN HISAX 16.3c install (Heinz =?iso-8859-1?Q?G=FCnther?=)
Re: newbie-to-lan: cannot ping other box ("Curt")
Re: Cant login.... (jason)
Re: IP Masquerading on 2.2 ("Simple")
Re: RH6.0, PPP and demand (tarkin)
Re: NO CARRIER causes PPP to abort ("Ian Long")
Re: diald (tarkin)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Help me...I've been hacked!
Date: Fri, 14 May 1999 00:49:11 GMT
In article <7hfqa0$511$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> I would like to know if people can hack my linuxbox that easy if i
> dont shut any ports after i installed Redhat6.0
Yes, very easily. The standard distributions of Linux [out of the box]
are *extremely* insecure compared to other Unixes. _Way_ too many ports
are left open by default, and many of those ports are being listened to
by programs that are themselves very insecure [such as sendmail].
> So someone who feels like he can clearly explain things : try to make
> me understand ;-)
Sure. The following steps will produce a box that is all but
unhackable:
- Install Redhat 6.0
- edit /etc/inetd.conf, and comment out *everything*.
- Install sshd [make sure you set up the rc script if the install
doesn't do it for you]
- Type `ps ax | grep inetd` and take note of the PID [the number all the
way to the left]
- Type `kill -HUP XXX` [where XXX is the PID from the step above]
- Type `netstat -a` to see which daemons are still running
- Find the rc scripts for those daemons and delete them
- Reboot the machine
>From then on, you'll need to use an ssh client to access the machine
remotely [there are free Windows, Mac, and Unix clients available].
If you need a mail server process running, use qmail instead of
sendmail. If you need a webserver, read the security documentation
included with Apache.
Also note that you will be using `scp` rather than `ftp` to upload
files. Not all platforms have an scp client [for example, Macintosh].
HTH.
--
-Bill Clark
Systems Architect
ISP Channel
http://locale.ispchannel.com/
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: [EMAIL PROTECTED] (L.P. Duong)
Subject: RedHat 6.0 Desktop
Date: 14 May 1999 03:18:25 GMT
Just a question for all you RH 6.0 users out there...how stable had your
Desktop been (kde or enlightened/gnome) ? I'd like to know because my set up
keep crashing and required relogin and removing the cores files pretty often,
at least once a day...especially if i am adjusting system configurations with
linuxconf or control-panel or a few other programs....Is it my set ups
that i should look into or put it off to buggy-ness. Thanx.
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: root login denied over telnet in RH6.0
Date: 14 May 1999 00:16:25 GMT
In <7hfk5u$t6$[EMAIL PROTECTED]> [EMAIL PROTECTED] writes:
>In article <7hf1vv$i7s$[EMAIL PROTECTED]>,
> Corus <[EMAIL PROTECTED]> wrote:
>> Hello.
>> I recently installed RH6.0, but when I tried to login
>> as root via a telnet session I got refused access.
/etc/securetty
tells the system which ttys are acceptable for root to log in on.
(you can always log on as a user and then do su to log on as root.)
/etc/pam.d/login
tells which pam rules login mmust satisfy.
>>snip<
>> Anyway, does anyone have any alternative
>> suggestions as to how to enable root to login?
>> (Tips or pointers to docs appreciated)
>Install sshd.
>Go to http://www.google.com/ [the best search engine on earth] and do a
>lookup on "linux sshd".
>--
>-Bill Clark
>Systems Architect
>ISP Channel
>http://locale.ispchannel.com/
>--== Sent via Deja.com http://www.deja.com/ ==--
>---Share what you know. Learn what you don't.---
------------------------------
From: "Donald E. Stidwell" <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux.caldera
Subject: IP Masquerading on 2.2
Date: Thu, 13 May 1999 19:25:33 -0400
Has anyone managed to get IP Masquerading working on OpenLinux 2.2? I'm
having a devil of a time with it. Have had it setup successfully in SuSE
6.0 and RedHat 5.2, but not making any progress in getting it to work
with OL 2.2
I have recompiled the kernel to use IP forwarding, but when I make
modules, none of the ip_masq modules are made.
As mentioned, I've had this working perfectly in 2 other distros, but
I'm about to tear my hair out on COL 2.2. Any help would be appreciated.
Don
------------------------------
From: bryan <[EMAIL PROTECTED]>
Subject: ifconfig and 10/100 speed/duplex
Crossposted-To: comp.os.linux.development.system
Date: Fri, 14 May 1999 03:35:49 GMT
I've noticed that you can't manipulate the speed or duplex of ethernet
cards via ifconfig. in fact, I'm not aware of any card-independant
way to force-set the speed/duplex of ether cards under linux.
am I missing something? how are folks setting their cards today? I
know from personal experience that just letting it auto-sense isn't
always the most optimal solution.
--
Bryan
------------------------------
From: Park Yeung-Cheul <[EMAIL PROTECTED]>
Subject: HELP ME PLEASE, HP4MV network printer?
Date: 14 May 1999 04:17:34 GMT
I'm Korean, I can speak a little English. Even if I use unable English, forgive me
Recently, I change my operating system to RedHat5.2.
I Can use my computer on network and with many application.
But I Can't Print out, My lab's printer is HP 4MV which have IP address.
My lab friends can print out in Win NT/Win98. So When I have something which
is printed out, Send my file to another computer. It is very uncomfortable.
I Want to use my linux perfectly.
PLEASE HELP ME....
Our network printer's IP is xxx.xxx.xx.245. I don't know name of the printer.
My system is mcity1.yeungnam.ac.kr.
My /etc/host is
127.0.0.1 localhost localhost.localdomain
165.229.21.252 mcity1.yeungnam.ac.kr mcity
165.229.21.245 pc021245.yeungnam.ac.kr pc021245
My /etc/printcap is three which I have used
first is
lj-4|remote-hplj:\
:lp=/dev/null:sh:\
:sd=/var/spool/lpd/lj-4:\
:rm=hp4mv:rp=raw
second is getted from WWW
hp4mv:lp=:rm=pc021245:rp=law:sd=/usr/spool/hp4mv:sh
they aren't able.
third is make by Xwindows setting is
lp:\
:sd=/var/spool/lpd/lp:\
:mx#0:\
:sh:\
:rm=pc021245:\
:lp=/dev/null:\
:af=/var/spool/ldp/lp/acct:\
:if=/var/spool/ldp/lp/filter:
not able...
I'm very sad. I realy want to use our printer with linux...
PLEASE HELP ME.....
------------------------------
Subject: Re: linux ipchains with NT server
From: Paul Rusty Russell <[EMAIL PROTECTED]>
Date: 13 May 1999 07:42:24 +0930
"Jay Williams" <[EMAIL PROTECTED]> writes:
> I have a linux machine setup to act as as my gateway to the internet on a
> peer to peer network environment. We recently added an NT server to the
> network. The machines still access the internet just fine as well as the
> exchange server running on the NT machine. My problem is this, when my ADSL
> internet connection was lost, I obviously could not access the internet, but
> I can not access the exchange server either. although I can still access the
> server exchange is running on. This happens whether I am using outlook for
> internet mail and exchange mail or if I am just using outlook for exchange
> mail. I have the win9 and win wkstation (machines accessing the internet and
> using outlook) set up to use the linux machine as my gateway using ipchains,
> etc.
Define "cannot access". Probably exchange is doing a DNS lookup or
something, and that's failing, so it won't talk to you.
Rusty.
--
Tridge, Raster, DaveM, Cort, maddog... Where will you be 9-11 July 1999?
http://www.linux.org.au/projects/calu
------------------------------
Subject: Re: ipmasqadm trouble
From: Paul Rusty Russell <[EMAIL PROTECTED]>
Date: 13 May 1999 07:43:46 +0930
"Rick Speegle" <[EMAIL PROTECTED]> writes:
> I'm no expert but.....the following worked for me:
>
> ipchains -A forward -j MASQ
>
> ipmasqadm portfw -a -P tcp -L local IP port -R redirect IP port
>
> I tried identifying a source and desitnation IP in the ipchains forward
> chain and couldn't get it to work. I know this isn't the most secure
> solution, but it worked. Good luck!
Try using `ipchains -A forward -i eth0 -j MASQ' (assuming eth0 is your
INTERNAL interface).
Rusty.
--
Tridge, Raster, DaveM, Cort, maddog... Where will you be 9-11 July 1999?
http://www.linux.org.au/projects/calu
------------------------------
Subject: Re: TCP connections are reset all the time
From: Paul Rusty Russell <[EMAIL PROTECTED]>
Date: 13 May 1999 07:44:32 +0930
[EMAIL PROTECTED] (Michael Hohner) writes:
> Hello!
>
> I'm currently experiencing a strange problem. Whenever there is a
> longer TCP connection, it's almost always reset prematurely. This
> happens when users download large files from our web server or when I
> upload large files to other servers with FTP. When I'm lucky I can
> transfer 1 MB, but not more.
Is someone masquerading for you? If so, they've set their timeout on
idle TCP connections too low.
Rusty.
--
Tridge, Raster, DaveM, Cort, maddog... Where will you be 9-11 July 1999?
http://www.linux.org.au/projects/calu
------------------------------
From: [EMAIL PROTECTED] (Heinz =?iso-8859-1?Q?G=FCnther?=)
Crossposted-To: comp.os.linux.setup,comp.os.linux.misc
Subject: Re: Help ISDN HISAX 16.3c install
Date: Tue, 11 May 1999 21:21:03 +0200
I think, Teles card is PNP card,
did you initialize PNP functions ?
In my SUSE Linux i have PNPdump for getting information about PNP cards,
I first start "pnpdump > /etc/isapnp.conf"
then next I enable the wantet functions of my PNP cards in isapnp.conf
then I resart, from now on isapnp starts automatically and it works,
so my own teles works fine, but its a 16.3 pnp without "c" chipset
Heinz G�nther from Hamburg, germany
Csejtey Gabor Zoltan schrieb:
> I use Debian 2.1. I would like to install
> an ISDN HIsax 16.3c card with ISA slot into a 486 machine.
> I used the following command:
>
> depmod type=14 protocol=2 irq=10 io=0x580 id=teles
>
> I got this message:
>
> Teles 16.3c: IRQ(10) getting no interrupts during init 1
> Teles 16.3c: IRQ(10) getting no interrupts during init 2
> Teles 16.3c: IRQ(10) getting no interrupts during init 3
> HiSax: Card Teles 16.3c not installed !
>
> ISDN unloaded
>
> Any help?
>
> Gabor Csejtey
------------------------------
Reply-To: "Curt" <[EMAIL PROTECTED]>
From: "Curt" <[EMAIL PROTECTED]>
Subject: Re: newbie-to-lan: cannot ping other box
Date: Thu, 13 May 1999 20:46:10 -0500
Do you recall what IRQ it used under 5.1, mostly likely that will work
again.
I doubt if it was IRQ 9. Try setting the following in /etc/conf.modules
alias eth0 ne
options ne io=0x300 irq=10
hazzmat <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
> Hello and hanks for replying!
> here is a sample for ping and ifconfig when trying to ping the G3:
>
> [root@BLINKY wpbin]# ping 192.168.1.2
> PING 192.168.1.2 (192.168.1.2): 56 data bytes
>
> --- 192.168.1.2 ping statistics ---
> 5 packets transmitted, 0 packets received, 100% packet loss
> [root@BLINKY wpbin]# ifconfig
> eth0 Link encap:Ethernet HWaddr 00:40:95:76:F2:07
> inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:0 errors:1 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:100
> Interrupt:9 Base address:0x300
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:3924 Metric:1
> RX packets:89 errors:0 dropped:0 overruns:0 frame:0
> TX packets:89 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
>
> ppp0 Link encap:Point-to-Point Protocol
> inet addr:215.78.34.69 P-t-P:209.215.203.137
Mask:255.255.255.255
> UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
> RX packets:749 errors:0 dropped:0 overruns:0 frame:0
> TX packets:670 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:10
>
> Pinging my eth0 address:
> [root@BLINKY wpbin]# ping 192.168.1.1
> <snip>
> --- 192.168.1.1 ping statistics ---
> 23 packets transmitted, 23 packets received, 0% packet loss
> round-trip min/avg/max = 0.1/0.1/0.2 ms
>
> ....and ifconfig run at the same time :
> eth0 Link encap:Ethernet HWaddr 00:40:95:76:F2:07
> inet addr:192.168.1.1 Bcast:192.168.1.255
> Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500
Metric:1
>
> RX packets:0 errors:0 dropped:0 overruns:0
frame:0
>
> TX packets:0 errors:2 dropped:0 overruns:0
> carrier:0
> collisions:0 txqueuelen:100
> Interrupt:9 Base address:0x300
>
> IRQ10 is open according to /proc/interrupts. But I don't have any
configuration
> utility (card was second hand) and I don't see any jumpers on it. It
worked
> when I had 5.1 on my machine, but its starting to look useless now. ISAPNP
is
> pretty hard to understand from what I hear/read.
>
> Curt wrote:
>
> > What is the result of 'ifconfig'? Is Rx 0?
> >
> > In general it is not a good idea to use IRQ 9. IRQ9 is used redirects
> > interrutps form 2nd interrupt controller to first via IRQ2. Use IRQ 5,
10,
> > or 11. Check /proc/interrupts to see what is currently being used.
You'll
> > probably need to use the DOS based configuration software that came with
> > your ne2000 card to set this. Disable PnP too.
> >
> > hazzmat <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > Hello,
> > > Redhat 6.0 ISA ne2000 compatible (added at 0x300 base
> > > address, irq9 kernel module loads fine at boot) cat 5 cable -> Intel
> > > in-bidness 5 port 10base-T hub -> mac g3 10/100 builtin ethernet.
> > >
> > > I give eth0 address of 192.168.1.1 and give the Mac an address of
> > > 192.168.1.2 linux host with the eth0 192.168.1.100 Activate interface
in
> > > netcfg Ok. Ping loopback-OK. Ping eth0 address OK. That's as far as it
> > > goes. Can't ping host IP (should I be able to do that ?) and can't
ping
> > > the G3's address either.
> > >
> > > The G3 lights up the LED on the hub seeking the Linux box, so I know
> > > packets are leaving the G3. Also, just for fun I tell the G3 to
connect
> > > to Linux host as though it were a file servert, it returns 'connection
> > > refused, try later'-- that's different from the message returned when
I
> > > try to make it connect to a non-extant IP. On the other hand, there
are
> > > only very occasional blips on the hub when I try to ping the G3 from
the
> > > Linux PC. I still can't ping thre G3 if I remove the hub. G3 and Linux
> > > host addres are in /etc/hosts.
> > >
> > > what am I not doing right here? I have the 560 +page Linux Network
> > > Toolkit book on hand, and I am stymied. Any help appreciated.
> > >
> > > --hazzmat
> > >
>
------------------------------
From: jason <[EMAIL PROTECTED]>
Subject: Re: Cant login....
Date: Fri, 14 May 1999 00:39:17 -0400
Michael Balderas wrote:
>
> try the following series of commands:
>
> prompt> useradd wayne <return>
> prompt> passwd wayne <return>
>
> Prompt recieved should be something to the following:
> Enter new password: ******* <enter>
> Confirm new password: ******* <enter>
> all authentication tokens updated
>
> prompt>
>
> I have never personally gotten the adduser -p command to ever work
> correctly so I use the method described here.
>
...and if this still doesn't do it, then try running 'pwconv' after
doing the above commands. If you're using shadow passwords, this
might do the trick.
-jason
(to reply via email, make the appropriate substitution in my email address)
------------------------------
From: "Simple" <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux.caldera
Subject: Re: IP Masquerading on 2.2
Date: Fri, 14 May 1999 04:47:28 GMT
In OL1.3 all you had to do was go into LISA and turn on IP forwarding. What
this setting did was set a flag in the /proc directory pertaining to ip
forwading. In other words OL1.3 came defaulted with ip forwarding support in
the kernel. I wonder why they have reversed this feature? Seems like a step
backwards and in the wrong direction to me. I have noticed other features
that have suddenly disappeared also. Why?
Donald E. Stidwell <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Has anyone managed to get IP Masquerading working on OpenLinux 2.2? I'm
> having a devil of a time with it. Have had it setup successfully in SuSE
> 6.0 and RedHat 5.2, but not making any progress in getting it to work
> with OL 2.2
>
> I have recompiled the kernel to use IP forwarding, but when I make
> modules, none of the ip_masq modules are made.
>
> As mentioned, I've had this working perfectly in 2 other distros, but
> I'm about to tear my hair out on COL 2.2. Any help would be appreciated.
>
> Don
------------------------------
From: tarkin <[EMAIL PROTECTED]>
Subject: Re: RH6.0, PPP and demand
Date: Thu, 13 May 1999 23:32:42 -0500
curious, I haven't seen RH6.0 yet... When you say "demand", do you mean diald?
Brent
On Thu, 13 May 1999, [EMAIL PROTECTED] wrote:
>I am attempting to set up my linux server to use ppp with the demand
>option:
>
>demand requires the remote IP to be specified, when I do this I get:
>
> ioctl(SIOCSIFDSTADDR): Cannot assign requested address(99)
>
>below is my options file:
>
>domain wt.net
>:208.227.232.81
>ipcp-accept-local
>ipcp-accept-remote
>connect /etc/ppp/ppp-dialer
>crtscts
>defaultroute
>debug
>modem
>demand
>/dev/ttyS0
>115200
>noipdefault
>
>I've tried different combinations of things, but no success. Anyone seen
>this?
------------------------------
From: "Ian Long" <[EMAIL PROTECTED]>
Subject: Re: NO CARRIER causes PPP to abort
Date: Tue, 11 May 1999 17:34:49 -0400
Are you using the same init string in Linux that you do in Windows 95?
Perhaps you could provide your script....
Cheers,
Ian
David Guyon Martin <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Before posting this I've read howtos, news archives, ..., it helped me
> to configure ppp but it still doesn't work.
>
> In /var/log/messages I can read that pppd is aborting because the modem
> tells him 'NO CARRIER'.
>
> I have no trouble to dial and connect to internet with win95 and QNX
> (the IAT demo floppy disk with OS, wm, browser, connexion wizard on it).
>
> My Linux config is: Mandrake 5.3 ( RedHat 5.2 + XFree 3.3.3.1 + KDE
> 1.1), Kernel 2.2.3
> My modem is a Kortex Adaptix, external, K56Flex (V90 ready, I will flash
> it soon).
>
> The modem dials the correct phone number, I can hear usual noises of PAP
> protocol, then the NO CARRIER stops pppd.
>
> Please help,
> thanks
> David
>
------------------------------
From: tarkin <[EMAIL PROTECTED]>
Subject: Re: diald
Date: Thu, 13 May 1999 23:37:00 -0500
Well well, I looked at var/log/messages and found i needed to compile SLIP....
:)
So diald was fine after that. Worked like a charm. I got all ahead of myself
and went on to setup IP masqerading... ...compiled those necessary parts (I
think) into the kernel, and now diald doesn't run.
Whether or not diald has anything at all to do with my recompiling for
masqerading i do not know. But the /var/log/messages DOES give me this, which i
do not have a CLUE about. I believe it is an error on boot, at the starting of
diald:
May 13 23:05:56 yoda kernel: diald uses obsolete (PF_INET,SOCK_PACKET)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
What exactly is this?? when i run "# diald up" it will make a connection just
fine. However, it does not make a connection on DEMAND!! grr... It does create
the sl0 with proper routing (I believe).
Brent
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
