Linux-Networking Digest #510, Volume #11 Sat, 12 Jun 99 13:13:46 EDT
Contents:
eht0 Too much work at interrupt...? (Doug)
Re: [Fwd: Network card problem] (Peter Liniker)
Howto tunnel smb over internet? ("Ashley Cambrell")
Re: SAMBA newbie (Monte Phillips)
Re: Samba with W95 clients (Roumen Petrov)
Re: Redefine unprivileged ports? (Dave Hamilton)
Re: Redefine unprivileged ports? (Dave Hamilton)
Re: Help! Networking & IP Masquerading & PPP, oh my! (Lucas Bradstreet)
diald on RH6 problem (Pythias)
mounting local disk linux partition on w9x (Jesus Peinado Pinilla)
libNoVersion.so.1 ("Guo Quin")
HUGE wait when telnetting, ftping, etc to my linux box ("James Addison")
Re: Linux-router question - connecting pc to T1 ("Daniel W. Halverson")
3 nic cards in one Linux server (Josh Owens)
Re: linux client on NTsever with proxy and cable modem ("Otto")
ip-up scripts waiting to finish sendmail (mattl)
Re: Redefine unprivileged ports? (Malware)
problems reaching outside of LAN ([EMAIL PROTECTED])
Re: Redefine unprivileged ports? (Malware)
i need to have two IP simultaneouly! ("JKPAN")
Re: Create shares on linux for windows clients (Bob G)
Re: Telnet again (stu)
Re: How to avoid down router? ("Daniel W. Halverson")
Re: Redefine unprivileged ports? (Dave Hamilton)
----------------------------------------------------------------------------
From: Doug <[EMAIL PROTECTED]>
Subject: eht0 Too much work at interrupt...?
Date: Sat, 12 Jun 1999 11:18:59 -0400
Hi, I am trying to get my ethernet card to work under redhat linux 4.2.
During bootup I get an error message Too much work at interrupt,
csr5=0xfc668000. When I boot, the network card is on Irq7 0xe000. I
would appreciate any help. Thanks, Doug
PS. My other machine is running Win NT4. If you have any hints on how to
network with linux/winnt, it would be a great help too.
------------------------------
From: Peter Liniker <[EMAIL PROTECTED]>
Subject: Re: [Fwd: Network card problem]
Date: Sat, 12 Jun 1999 15:45:33 +0100
Mikle Kagner wrote:
>
> Hi !
>
> See your network interfaces by command netstat -i
> It must show:
> lo ...
> eth0 ...
> If you have seen eth0 then try to describe your network card in
> /etc/conf.modules
>
> Mikle
>
netstat -i shows lo and eth0. it shows no packets transmitted or
received through eth0, but 1 error in transmitting. ifconfig shows the
same.
conf.modules has
options ne io=0x300 irq=3
alias eth0 ne
i am using 'atlantic' program to put the network card into ne2000 mode
like so:
atlantic -N -Q 3 -w
the card defaults to io=0x300, and since that base address is free i've
stuck with it.
in my kernel log file i occasionally get entries saying that tx is
taking too long and that perhaps an interrupt isn't being handled. i
suspect that this is true - looking at /proc/interrupts shows NE to be
permanently on 1. I've tried various irqs without success.
other info: I'm running SuSE linux 6.1, kernel 2.2.7.
i only have a modem, soundcard and graphics card + the network card in
the machine.
no scsi, only ide drives (cdrom, 2 hd, zip drive), serial mouse. i'm
sure I'm not getting any hardware setting conflicts as /proc/ioports,
/proc/interrupts look fine, and no modules/drivers complain on loading.
if this is not fixable, perhaps you know how to get a de305 card working
(ne2000 'compatible' again).
many thanks,
Peter Liniker
------------------------------
From: "Ashley Cambrell" <[EMAIL PROTECTED]>
Crossposted-To: comp.protocols.smb,linux.samba,mailing.unix.samba
Subject: Howto tunnel smb over internet?
Date: Sun, 13 Jun 1999 01:42:05 +1000
Hi all,
I was just wondering if it was possible to tunnel smb through the internet
and link two office networks? Both offices are using samba servers and both
have WINS.
192.168.1.101-1xx 192.168.1.100[x.x.x.x] [x.x.x.x] 192.168.1.200
192.168.1.201-2xx
[win9x network] <--------> [samba
server]<--Internet-->[samba]<---------------->[win9x network]
^^^ethertap^^^
Is it as easy as using a ethertap tunnel system, or is it much more
complex...
Thanks for the help in advance!!
Ashley Cambrell
------------------------------
From: [EMAIL PROTECTED] (Monte Phillips)
Subject: Re: SAMBA newbie
Date: Sat, 12 Jun 1999 13:49:14 GMT
>Hello, i am a newbie in the Linux word and i want to get my setup to work as
>a fileserver to Win95 clients. How do i setup the Samba?
This site has a step by step howto for complete setup of samba. steps
for both linux and the win machine. (and they really work <G>)
http://www.sfu.ca/~yzhang/linux/samba/index.html
g'Luk
------------------------------
From: Roumen Petrov <[EMAIL PROTECTED]>
Subject: Re: Samba with W95 clients
Date: Fri, 11 Jun 1999 14:40:00 GMT
In article <[EMAIL PROTECTED]>,
Dave Williams <[EMAIL PROTECTED]> wrote:
> I am responsible for a Linux server with around 50 W95 clients and
(soon)
> 90 Acorn clients (if you don't know what Acorns are, ignore this
part).
>
> The server provides internet access and user accounts for about 1400
users
> and is set up as a Domain controller with domain logins. (It's a
school).
> The server was setup for us and so I do not have a complete
understanding
> about the actual setup, software versions etc. (It is based on Redhat
5.1
> but Samba has been upgraded)
>
> I have 2 problems with W95.
>
> I want users to login and automatically map their home directory to a
> drive letter (for ease of use). We had a working system with a batch
file
> in the netlogon directory using the command 'net use e: /home' but
since
> upgrading samba this batch file generates a syntax error as though the
W95
> client doesn't know what /home is. The home directory can still be
mapped
Use samba-2.0.4. My in samba-2.0.3 or samba-2.0.1 ? this is broken.
> by hand. The new samba is using encrypted passwords whereas the old
one
> wasn't but I don't see why this should have any effect. Any ideas how
to
> achieve the automatic mapping of drives?
>
> An alternative solution may be to use profiles? Any views? The problem
> with this solution is that different profiles are needed for different
> machines *and* different users.
>
> 2nd problem. ATM user's passwords are authenticated by the Domain
server
> (this works well) but the passwords are also stored locally on the W95
> machine - this is a pain - can it be eliminated?
>
> Dave Williams ICT Coordinator
>
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Dave Hamilton <[EMAIL PROTECTED]>
Subject: Re: Redefine unprivileged ports?
Date: Sat, 12 Jun 1999 15:32:22 GMT
[[ This message was both posted and mailed: see
the "To," "Cc," and "Newsgroups" headers for details. ]]
In article <[EMAIL PROTECTED]>, Dang H. Nguyen
<[EMAIL PROTECTED]> wrote:
> On Sat, 12 Jun 1999 07:08:12 GMT, Dave Hamilton <[EMAIL PROTECTED]>
> wrote:
>
> >Is there a way to permanently remove ports from the "unprivileged
> >ports" pool? There are some that, due to some static internal mapping
> >I need to do, just don't work and I need to make sure my linux machine
> >never uses them. Any ideas?
> >
> >-Dave
>
> have you try putting them in /etc/services?
> that might tell linux that the ports are reserve for inet services and
> wont be use by anything except those services.
Actually, I just tried a quick test of this, and while it does give the
ports names, putting them in /etc/services does nothing to keep them
from being used for outgoing traffic...
Any other thoughts?
-Dave
------------------------------
From: Dave Hamilton <[EMAIL PROTECTED]>
Subject: Re: Redefine unprivileged ports?
Date: Sat, 12 Jun 1999 15:15:20 GMT
[[ This message was both posted and mailed: see
the "To," "Cc," and "Newsgroups" headers for details. ]]
In article <[EMAIL PROTECTED]>, Dang H. Nguyen
<[EMAIL PROTECTED]> wrote:
> On Sat, 12 Jun 1999 07:08:12 GMT, Dave Hamilton <[EMAIL PROTECTED]>
> wrote:
>
> >Is there a way to permanently remove ports from the "unprivileged
> >ports" pool? There are some that, due to some static internal mapping
> >I need to do, just don't work and I need to make sure my linux machine
> >never uses them. Any ideas?
> >
> >-Dave
>
> have you try putting them in /etc/services?
> that might tell linux that the ports are reserve for inet services and
> wont be use by anything except those services.
Ah... good idea..... Is there a way to define a range here? I need to
reserve a couple hundred ports here.
-Dave
------------------------------
Date: Sat, 12 Jun 1999 23:10:05 +0930
From: Lucas Bradstreet <[EMAIL PROTECTED]>
Subject: Re: Help! Networking & IP Masquerading & PPP, oh my!
have a look at ipmasq.cjb.net and read the ipmasq howto. It took me
about an hour to get ip masquerading going once I had read it. (it comes
with standard ipchains firewall rulesets so that you can configure
them).
cheers
> >Once I get that I'll go back and figure out how it works. :)
> >
> >Here's my set-up:
> >
> >1 Server running RedHat 5.2 with a 56k modem and 1 NIC
> >5+ Windows 98 PCs with NIC
> >
> >I've got PPP working and it dials my ISP just fine. I'm able to browse the
> >web and everything from my Server.
> >
> >I'm also able to telnet and ftp to my server from the Win 98 machines. No
> >problems there.
> >
> >How do I set up IP masquerading with a ipfwadm so that I can browse the web
> >on the win 98 machines? I really don't want to go out and set up a separate
> >firewall machine.
> >
> >Can anyone help? Please e-mail me directly with answers or if you want more
> >info. I'm really eager to get this working ASAP.
> >
> >Thanks,
> >
> >David
> >[EMAIL PROTECTED]
> >
> >
> Well, what you want to do isn't that trivial. It can't be explained
> in a short reply. Let me list the big steps, to direct your
> attention.
>
> 1) recompile your kernel to support masqerading and reboot.
> 2) issue the appropriate forwarding policy using ipfwadm
> (once you are sure of the commands, you can put them in rc.local)
> (also, make sure you allow forwarding)
> 3) Configure your 5 plus windows 98 machines to use your linux machine
> as a gateway. You can either make your linux box be a DNS or tell the
> windows machines to use whatever your ISP gave you as a DNS.
>
> I learned how to do all three of these things from a book called _The
> Linux Network_ by Fred Butzen and Christopher Hilton. It is very
> detailed and very specific to exactly what you want (and I wanted) to
> do.
>
> However, I'm not feeling patient enough at the moment to condense and
> paraphrase two chapters ;-)
--
Imagination is more important than knowledge
-- Albert Einstein
------------------------------
From: Pythias <[EMAIL PROTECTED]>
Subject: diald on RH6 problem
Date: Sun, 13 Jun 1999 06:29:59 +0800
Reply-To: [EMAIL PROTECTED]
I download diald 0.16 and compile it under RH6 but can't compile. I find
many redefinition and warning. Please advise if anyone know why and how.
Damon / [EMAIL PROTECTED]
------------------------------
From: Jesus Peinado Pinilla <[EMAIL PROTECTED]>
Subject: mounting local disk linux partition on w9x
Date: 11 Jun 1999 16:30:02 GMT
I have a machine with w9x and Linux both on a hard disk.
I would like to know
if there is any software to mount the linux(ext2) partiton on w9x
With many thanks in advance
Please. Replies by mail
Thank you very much
--
=======================================================================
----
Jesus PEINADO e-mail:[EMAIL PROTECTED]
Departamento de Sistemas Tel.(+34) 6 3877798
Informaticos y Computacion
Universidad Politecnica de Valencia Fax. :(+34) 6 3877359
Valencia 46071 (SPAIN)
=======================================================================
----
------------------------------
From: "Guo Quin" <[EMAIL PROTECTED]>
Subject: libNoVersion.so.1
Date: Sat, 12 Jun 1999 15:56:17 GMT
Hello.
Do you know where to download this file for Netscape Navigator ?
libNoVersion.so.1
Kieu
------------------------------
From: "James Addison" <[EMAIL PROTECTED]>
Subject: HUGE wait when telnetting, ftping, etc to my linux box
Date: Fri, 11 Jun 1999 12:39:10 -0400
Why is there a HUGE wait when telnetting, ftping, etc to my linux box? I
mean, when I telnet from my win98 pc that is attached via 10mb ethernet,
it's as long as if I tried to connect from some other location on the other
side of the planet....
curious if I could fix this - I know the answer is out there somewhere...
--
James Addison
[EMAIL PROTECTED]
------------------------------
From: "Daniel W. Halverson" <[EMAIL PROTECTED]>
Subject: Re: Linux-router question - connecting pc to T1
Date: Fri, 11 Jun 1999 11:51:55 -0500
FUD Alert!
There are several options for connecting T1 directly to a Linux box. Some
involve CSU/DSU, some contain their own CSU/DSU. We've had experience with
two of the major cards, the Emerging Technologies card and the Sangoma card.
A lot of your choices depend on what's on the other end of the T1 link. If
it's a Cisco router, the ET card is probably the better choice as it support
Cisco HDLC directly at this time, and you also already have a CSU to use
with it. Make sure that the Cisco is running Cisco encapsulation. The ET
card has VERY poor support for Sync-PPP. When asked about improved support,
Dennis replied to me "PPP Sucks." I have not tried the ET card with
Frame-Relay, so I don't have an answer there. As far as line coding, with
the ET card, that's taken care of in the external CSU/DSU.
We have many Sangoma cards in the field. They have support built into the
kernel, but configuration is a pain. Once they are running, however, they
are great. The integrated CSU makes for a very clean solution. The CSU
must be configured from either a DOS program (with Sangoma's older software)
or from a terminal program within Linux. The configuration instructions are
on a disk sent with the card.
As far as ATM, I know you can do it over T1, but I've never seen one
configured that way. ATM has a circuit overhead of ~1/3, so you end up with
a 1.0Mbps T1.
Will you see any performance gains? Probably not. The Cisco equipment
should handle the full T1 no problem. I would probably make a cross-over
connection between the Cisco and your Linux box and run the Ethernet in full
duplex to limit collisions. Are you running MRTG to actually monitor your
T1 usage?
I would say that Squid will fall off before you have the T1 full. This is
based on the following assumptions:
1. Linux box is only machine with access to the Internet
2. Linux box is not forwarding any packets. (All traffic is generated
within the Linux box.)
You can extend the reach of the Squid box by:
Making sure that you have enough inodes and file-handles to manage 500+
open socket connections
Limit the size of the cache (~1GB)
Make sure you have enough memory (256M+)
Use remote syslogging
Make sure Squid log files are rotated DAILY
Limit the services you have running on the Squid box
Have 1 or more dedicated Squid cache disks
If this is a mission critical Squid server, consider creating two Squid
servers as siblings and use DNS load balancing to failover if one dies. Use
an Ethernet switch to connect to the Cisco. Boardwatch has an article this
month on web caching that you might want to check out...
My thoughts based on our experience.
Dan
Lee Sharp <[EMAIL PROTECTED]> wrote in message
news:01beb3db$edcb3580$aab6dece@workstation...
> Tim Kelley <[EMAIL PROTECTED]> wrote in article
> <[EMAIL PROTECTED]>...
>
> > Currently I have a linux box, acting as a firewall and running squid
> > for proxy sitting between my network and a Cisco 1600 which in turn is
> > connected to a T1.
>
> Actually, your Cisco is connected to a TSU or CSU or DSU, which
connects
> to the T1. On that xSU, you may have more than one port. Most have V.35,
> and many also have RS232 and others. This is importaint later.
>
> > I was curious as to who makes hardware which will enable me to connect
> > the linux firewall directly to the T1?
>
> All you need is a high speed serial card with the right port. V.35 is
> the usual router standard, but others may work with your xSU.
>
> > Would I see any performance gains?
>
> Actually, the reverse may be true. First you have encoding. You never
> said what kind of T1 it is. Clear channel? Frame Relay? ATM? Only the
> first works easily with Linux under PPP.
> Now you have all the neat default settings. Things like compression,
> encapsulation, RIP, BofL... <BofL is for Breath of Life, a packet that
> keeps the circuit up> It is had to get Cisco to talk with
Bay^h^h^hNortel.
> With Linux, you have a whole new set of headaches.
> Lastely, is the Cisco really a bottleneck? Or is the T1. A chain is
> only as strong as it's weakest link, and usually that is the line.
>
> Lee
> --
> SCSI is *NOT* magic. There are *fundamental technical reasons* why it is
> necessary to sacrifice a young goat to your SCSI chain now and then. *
> Black holes are where God divided by zero. - I am speaking as an
> individual, not as a representative of any company, organization or other
> entity. I am solely responsible for my words.
>
>
>
------------------------------
Date: Fri, 11 Jun 1999 12:50:42 -0400
From: Josh Owens <[EMAIL PROTECTED]>
Subject: 3 nic cards in one Linux server
Hello,
I am trying to set up all my networking stuff correctly here. I have an
ISA 3com 3c509b set up as my first card, with the ip addy of 10.0.0.2.
This handles all my adsl connections for my network, everything is
working fine here. I also just bought two Netgear 310's and want to run
them as full duplex. I am a little cloudy on how this will work. I
have one of the cards in the server now, it is functioning correctly.
I am trying to run those full duplex to increase the ammount of bandwith
that the server has. I have a netgear 8 port hub 10baseT. I am hoping
that the server will then be running at 20Mbit... is that correct?
I will include my current ifconfig here, without the second netgear card
installed. Maybe I will have to do a kernel compile?
eth0 Link encap:Ethernet HWaddr 00:60:08:9B:44:AF
inet addr:10.0.0.2 Bcast:10.255.255.255 Mask:255.0.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:28190 errors:0 dropped:0 overruns:0 frame:0
TX packets:22536 errors:0 dropped:0 overruns:0 carrier:0
collisions:3 txqueuelen:100
Interrupt:11 Base address:0x300
eth1 Link encap:Ethernet HWaddr 00:A0:CC:3E:51:61
inet addr:172.20.0.11 Bcast:172.20.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:40170 errors:0 dropped:0 overruns:0 frame:0
TX packets:35229 errors:0 dropped:0 overruns:0 carrier:0
collisions:18 txqueuelen:100
Interrupt:10 Base address:0xf600
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:163 errors:0 dropped:0 overruns:0 frame:0
TX packets:163 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
Thanks,
Josh Owens
------------------------------
From: "Otto" <[EMAIL PROTECTED]>
Subject: Re: linux client on NTsever with proxy and cable modem
Date: Fri, 11 Jun 1999 17:12:00 GMT
That depends on your proxy server configuration. If it has the access
control enabled and the authentication method is MS challenge/response,
you're SOL. Try to enable plain password, or better yet allow "Anonymous"
access. That would work, if you don't need authentications.
Netscape can't connect to the proxy server in Windows environment, with
access control enabled and no Winsock client software installed on the PC.
I'm pretty sure Linux can't either.
You could also try to use the "socks proxy" service, which supports Unix
clients, but doesn't support UDP protocol. You'll be limited to Telnet, FTP,
and HTTP protocols. Look it up in the proxy documentations.
Don Haley <[EMAIL PROTECTED]> wrote in message
news:BX083.24442$[EMAIL PROTECTED]...
> I am a new Linux user. I would like to connect to the internet through a
hub
> to
> a NT server running Windows proxy server to our cable modem, can anyone
tell
> me how to do it, with out bring the whole LAN down and leaving the NT box
as
> the server?
>
> thanks
>
> -Don Haley
> Linux convert
> [EMAIL PROTECTED]
> Linux -where do you want
> to go tomorrow?
>
>
>
>
------------------------------
From: mattl <[EMAIL PROTECTED]>
Subject: ip-up scripts waiting to finish sendmail
Date: Fri, 11 Jun 1999 12:31:05 -0400
I think I have a PPP connections scheduled right with cron to happen
throughout the daytime hours of the workweek. I have ip-up.local (on
redhat 5.2) running fetchmail and sendmail -q. I am having difficulty
figuring out how to make the script wait until the two above commands
are finished before running ppp-off. I have heard about the sleep
command, but there must be another way that actually waits for the
programs to terminate their tasks?? any ideas? please cc: responses to
my account with the NO SPAM part removed. Thanks to all!
------------------------------
From: Malware <[EMAIL PROTECTED]>
Subject: Re: Redefine unprivileged ports?
Date: Sat, 12 Jun 1999 17:44:48 +0200
Hi Dang,
you wrote:
> have you try putting them in /etc/services?
> that might tell linux that the ports are reserve for inet services and
> wont be use by anything except those services.
No, it won't.
Malware
------------------------------
From: [EMAIL PROTECTED]
Subject: problems reaching outside of LAN
Date: 11 Jun 1999 17:08:29 GMT
Reply-To: [EMAIL PROTECTED]
Hello all,
I am pretty much a newbie with Unix so don't be too surprized if I ask
for expansion on parts of your answers...
I have problems with a user who has a Linux machine on the LAN.
There are times when he can connect just fine to other machines
on the LAN but he can not get out of the LAN.
At the same time he can not get out, if he connects to another
machine, he can get out from there just fine.
There are other times when he can get out just fine.
Nobody else on the LAN has reported similar problems.
He is running RedHat 5.2 Kernal 2.0.36 and is using a NetGear
10/100 NIC.
Any input you can give would be appreciated.
Robert
[EMAIL PROTECTED]
Real Women change tires [EMAIL PROTECTED] [EMAIL PROTECTED]
Real Men change diapers [EMAIL PROTECTED]
------------------------------
From: Malware <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.questions
Subject: Re: Redefine unprivileged ports?
Date: Sat, 12 Jun 1999 17:43:17 +0200
Hi Dave,
you wrote:
> Is there a way to permanently remove ports from the "unprivileged
> ports" pool? There are some that, due to some static internal mapping
> I need to do, just don't work and I need to make sure my linux machine
> never uses them. Any ideas?
You can echo a new range of ports to
/proc/sys/net/ipv4/ip_local_port_range. But you can only give a lower
and upper boundary and due can not put holes into. A port from this
range is choosen whenever a application does not force a port to be used
for the "connection". So most applications will stay away from other
ports.
If you go to run a server application that does use a port in this range
above will not deny this. You then could try to change the port-number
for that service in /etc/service. If the application still goes using
this port see if you can run it from inetd.
Malware
------------------------------
From: "JKPAN" <[EMAIL PROTECTED]>
Subject: i need to have two IP simultaneouly!
Date: Sat, 12 Jun 1999 23:54:59 +0800
hello,
i already have local network with IP through ether card,
can i have another from ISP through modem at the same time?
thanks for your answering!
EN6.12.1999
------------------------------
From: Bob G <[EMAIL PROTECTED]>
Subject: Re: Create shares on linux for windows clients
Date: Fri, 11 Jun 1999 15:48:52 GMT
Peter King wrote:
>
> Is ther a nice GUI interface for creating shares on a linux box for windows
> clients to access. I have most of the latest distributions of linux
> installed on various boxs on our network.
>
> I am looking to replace NT servers for our customers with Linux boxes.
Take a look at samba: http://samba.anu.edu.au/samba/
> Anyone know of a good book covering this type of transition. Most customers
> just want small file print sharing networks of upto 10 users. Internet and
> email sharing would be nice for them.
I found these. I haven't used them myself:
http://www.amazon.com/exec/obidos/ASIN/0071351043/qid=929115915/sr=1-31/002-6811916-5016046
http://www.amazon.com/exec/obidos/ASIN/1578310067/o/qid=929115915/sr=2-1/002-6811916-5016046
http://www.amazon.com/exec/obidos/ASIN/0672316099/o/qid=929115915/sr=2-2/002-6811916-5016046
Just search on Samba at the various online book sites for more.
Good luck!
- Bob
------------------------------
From: stu <[EMAIL PROTECTED]>
Crossposted-To: force9.tech.linux
Subject: Re: Telnet again
Date: 11 Jun 1999 13:46:19 GMT
Thomas Zajic <[EMAIL PROTECTED]> wrote:
>> Two reasons:
>> One: It means that someone has to comprimise two accounts on your box,
>> both a user account and the root account.
>> [ ... ]
> Why? su only asks for the userīs password, so if I manage to login as a user
> (knowing this userīs password) who is su-to-root-authorized, Iīve already won.
> No need to additionally crack root, or is there?
My su is setup to ask for root's password when you try to su to the root
account.
Stu
--
>From the prompt of Stu Teasdale
Not that I have anything much against redundancy. But I said that already.
-- Larry Wall in <[EMAIL PROTECTED]>
------------------------------
From: "Daniel W. Halverson" <[EMAIL PROTECTED]>
Subject: Re: How to avoid down router?
Date: Fri, 11 Jun 1999 12:16:49 -0500
One thought, consider how routing in general works on the Internet (BGP4)
CustomerA is a sprintlink customer that Mr. Rouse is attempting to reach.
CustomerA is a multi-homed provider running BGP with Sprintlink and another
provider. CustomerA is announcing of 129.219.144.0/24 (1 Class C). Sprint
is announcing 129.219.144.0/19 (32 Class C's). CustomerA goes down hard.
(Power failure, natural disaster, failure to pay phone bills, etc....) and
stops announcing the /24. Sprint will still announce the aggregate route
and traffic will attempt to flow to Sprint's router. Sprint's router can no
longer reach CustomerA, so returns host unreachable. You end up with this
result.
The same thing could happen if the blocked router is the last router before
CustomerA.
Translation, this is probably a CustomerA problem.
My thoughts
Frank Sweetser <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Roger Rouse <[EMAIL PROTECTED]> writes:
>
> > Hi Everybody,
> >
> > I lost access to part of the network today. The output from traceroute
> > is below. My question is how
> > can I avoid a down router like this? I thought the whole point of
> > routers was to avoid bad connections.
> > Seems like I should be able to specify another route. Thanks, Roger
>
> you can't. all that your machine can do is direct traffic towards your
> local gateway. its' the gateway's job to keep track of which routes go
> where. note that 1) such routing around damage can take time, and 2)
there
> may ot *be* any route around the fscking up routers.
>
> --
> Frank Sweetser rasmusin at wpi.edu fsweetser at blee.net | PGP key
available
> paramount.ind.wpi.edu RedHat 5.2 kernel 2.2.5 i586 | at public
servers
> I'm sure that that could be indented more readably, but I'm scared of
> the awk parser.
> -- Larry Wall in <[EMAIL PROTECTED]>
------------------------------
From: Dave Hamilton <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.questions
Subject: Re: Redefine unprivileged ports?
Date: Sat, 12 Jun 1999 16:31:13 GMT
[[ This message was both posted and mailed: see
the "To," "Cc," and "Newsgroups" headers for details. ]]
In article <[EMAIL PROTECTED]>, Malware
<[EMAIL PROTECTED]> wrote:
> You can echo a new range of ports to
> /proc/sys/net/ipv4/ip_local_port_range. But you can only give a lower
> and upper boundary and due can not put holes into. A port from this
> range is choosen whenever a application does not force a port to be used
> for the "connection". So most applications will stay away from other
> ports.
Ah... I bow in your presence..
Thanks. That did the trick!
-Dave
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
