Linux-Networking Digest #580, Volume #11 Fri, 18 Jun 99 14:13:46 EDT
Contents:
Re: read-only fils system (Wayne D. Hoxsie Jr.)
BNC cable length limit ("Manohar Singh")
Re: minicom works, but ppp doesn't! (leam)
Still trouble with Samba...part two! (Bob Miller)
Re: ipfwadm Question ("Viktor Kaul")
Re: Internet API on linux (Lew Pitcher)
Re: Could Microsoft Cheat On The New Mindcraft Benchmark? (was: Mindcraft Retest
News ([EMAIL PROTECTED])
[Q] AOL Using Linux? (Robert Young)
Still having problems with Samba (Bob Miller)
Re: Connecting a Linux Box to a Unix Box (bryan)
Re: sharing Devices, NT <-> Linux ("tonydm")
diald and wvdial ("James")
Re: Could Microsoft Cheat On The New Mindcraft Benchmark? (was: Mindcraft Retest
News (Aaron Baugher)
Re: routing problem (Ralf Kneemeyer)
Strange gnome ppp problem (peter)
IP mapping ([EMAIL PROTECTED])
Re: ipfwadm only works for sometimes ([EMAIL PROTECTED])
HELP! Someone's hacked into... ("Ashwin K. Raj")
[Q] AOL Using Linux? (Robert Young)
Re: modem reccomendations ([EMAIL PROTECTED])
chap (Patrick)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Wayne D. Hoxsie Jr.)
Crossposted-To: comp.os.linux,alt.os.linux.slackware,comp.os.linux.admin
Subject: Re: read-only fils system
Date: 18 Jun 1999 13:46:40 GMT
Reply-To: [EMAIL PROTECTED]
In article <7kcq3g$pnu$[EMAIL PROTECTED]>, Villy Kruse wrote:
>In article <[EMAIL PROTECTED]>,
>Wayne D. Hoxsie Jr. <[EMAIL PROTECTED]> wrote:
>
>
>>You can override the RO specification that is in your /etc/lilo.conf on
>>the lilo command line (when you get "lilo:" hit <CTRL> or <ALT>):
>>
>>lilo: boot: linux rw
>>
>
>Sure you can do that, but that would make the problem worse.
>
>
>>This will get you going with some warnings about e2fsck'ing a RW drive,
>>but you can then edit your /etc/rc.d/rc.S back to its original state and
>>be fine.
>>
>
>The warning from fsck is for a good reason. You shouldn't fsck a mounted
>file system, but for the root file system you can as a compromise leave
>it read only, so you won't check a file system that is being modified
>by using it at the same time.
The warning you get is that the filesystem check *can't* proceed on a RW
mounted partition. It *won't* run e2fsck!
>
>The original question was as far as I understood: why you couldn't leave
>the root file system in read only mode like you can (supposed to be able
>to) with a separate /usr file system.
As I understood it, this was the goal; however, in an attempt to do this
the user was no longer allowed to login at all and needed to fix it. My
suggestions should allow the user to login and fix the improperly
configured /etc/rc.d/rc.S file.
Another alternative is to boot without init. You can boot directly to a
shell and fix things from there:
'lilo: boot: linux init=/bin/bash rw'
or:
'lilo: boot: linux init=/bin/bash ro'
then once at the prompt:
'mount -o remount,rw /'
--
Wayne D. Hoxsie Jr. KG9ME | And it's just a box of rain,
[EMAIL PROTECTED] | I don't know who put it there,
http://www.hoxnet.com | Believe it if you need it,
PGP Key ID 138BCEE1 | or leave it if you dare.
------------------------------
From: "Manohar Singh" <[EMAIL PROTECTED]>
Subject: BNC cable length limit
Date: Sat, 19 Jun 1999 20:05:21 +0530
hey hey fellas!
What is the maximum length a BNC cable can be used safely in a peer to peer
limit?
would appreciate an answer very much ....
thankooo ;-)
------------------------------
From: leam <[EMAIL PROTECTED]>
Subject: Re: minicom works, but ppp doesn't!
Date: Fri, 18 Jun 1999 08:31:57 -0500
We'd need a bit more information to help. Also, there are some great
references in the HOWTO section of your linux (usually in /usr/doc/).
Some things to read are the PPP-HOWTO, the NET-3_HOWTO. Also, if you can
find the on-line version of the Linux Network Administrators Guide (NAG)
is gives a great overall view of networking.
ciao!
leam
Kihwan Kwon wrote:
>
> Hi, all
> I tried with minicom and it works although it's slow.
> However, if I dial in using ppp, it doesn't recognize the modem.
> What seems to be wrong? Thank you very much.
--
Leam Hall
[EMAIL PROTECTED]
http://www.bloated.com/~gershom/index.html
------------------------------
From: Bob Miller <[EMAIL PROTECTED]>
Subject: Still trouble with Samba...part two!
Date: Fri, 18 Jun 1999 11:07:12 -0400
Well, I've found something interesting.
I just posted a message about an hour ago about my problems with Samba.
In waiting for a reply, I decided to start working on using this
computer to route IP packets from one NIC to another. So, I got the
interface working and everything...but now Samba's behaving differently.
I changed my smb.conf file around a little bit and now on the second
NIC's little subnet (just the Linux machine and a Win95 laptop are
connected), I can see Linux and its shares just fine. But, I can't see
the laptop with smbclient.
Is this just me, or is this wierd?
-=-=-=-=-=-=-=-=-=-=-=
# /etc/smb.conf: RMJ, 6-18-99
# Samba configuration file
[global]
workgroup = DOMAIN
server string = Samba Server
hosts allow = 38.150.13. 192.168.2.
printcap name = /etc/printcap
load printers = yes
log file = /var/log/samba/log.%m
max log size = 50
security = share
; password server = test
; password level = 8
; username level = 8
; encrypt passwords = yes
; smb passwd file = /etc/smbpasswd
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
; interfaces = 38.150.13.32/24
; remote browse sync = 38.150.13.34
remote announce = 38.150.13.255 192.168.2.255
; local master = yes
; os level = 33
; domain master = yes
; preferred master = yes
; domain controller = test
name resolve order = bcast wins lmhosts
wins server = 38.150.13.34
dns proxy = no
guest account = ftp
[home]
comment = Home Directories
browseable = yes
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
[public]
path = /home/public
public = yes
browseable = yes
; only guest = yes
guest ok = yes
writable = yes
printable = no
------------------------------
From: "Viktor Kaul" <[EMAIL PROTECTED]>
Subject: Re: ipfwadm Question
Date: Fri, 18 Jun 1999 21:22:36 +0800
Reply-To: "Viktor Kaul" <[EMAIL PROTECTED]>
Hi.
If you set deny of reject as a default policy,
you should mean that you rejecting Loopback interface also.
Have I right guess? :-))))))
Regards
Victor
Holger Burde <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Hi;
>
> I try to aditional secure a webserver with ipfwadm. The machine as 3 IPs
> bound to _one_ interface and
> what i want is filtering request in such a way that IP_1 allows
> (dns,www, etc in/out) IP_2 (..) IP_3(..) and nothing else.
> I tried dozends of configurations but allways ending with nothing
> getting through. Perhaps i try something which
> is not supported at all by ipfwadm (something similar works on Solaris
> with ipfilter 3.x.y) ???
>
> Anyone succseded with something similar ?????
>
> hb
>
>
------------------------------
From: [EMAIL PROTECTED] (Lew Pitcher)
Crossposted-To: comp.os.linux,comp.os.linux.development,linux.redhat.development
Subject: Re: Internet API on linux
Reply-To: [EMAIL PROTECTED]
Date: Fri, 18 Jun 1999 14:25:11 GMT
Try the LibWWW Protocol Library from the World Wide Web Consortium
You can find it at http://www.w3.org/Library/
On Fri, 18 Jun 1999 15:33:55 +0200, "afchine" <[EMAIL PROTECTED]> wrote:
>Hi everybody!
>is there an equivalent of the "WinInet.dll" on linux.
>on NT this library is the API for Internet functions,
>and it provides access to ftp and http functions.
>Thanks very much in advance
>Afchine
>-------------------------------------------
>[EMAIL PROTECTED]
>Bull France
>
>
>
Lew Pitcher
System Consultant, Integration Solutions Architecture
Toronto Dominion Bank
([EMAIL PROTECTED])
(Opinions expressed are my own, not my employer's.)
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To:
comp.os.linux.advocacy,comp.infosystems.www.servers.unix,comp.os.linux.misc
Subject: Re: Could Microsoft Cheat On The New Mindcraft Benchmark? (was: Mindcraft
Retest News
Date: Fri, 18 Jun 1999 12:36:43 GMT
> >You seem to be taking a rather sinister view of all this.
> > Do you think that it might be possible that MS programmers
> > are just lazy?
>
> I can't wait to hear your explanation for why the DR-DOS
> detection code was stealthed and encrypted.
Because MS programmers are too lazy to just write code in a manner that
is easily detected. Unfortunately for them, Andrew S. is far from
lazy.
If anyone wants to know why OJ Simpson is enjoying a nice game of golf
today, read this thread.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Robert Young <[EMAIL PROTECTED]>
Subject: [Q] AOL Using Linux?
Date: Fri, 18 Jun 1999 12:34:55 -0400
To Linux Netters,
Currently, I am an NT user and my access to the Internet is provided by the
NetZero (www.NetZero.net) that does not allow its member to use any other
DUN,
except its own proprietary DUN software. I also noticed from the NetZero's
web page that one can use AOL DUN to access the Netzero's Internet dialup.
Having said that, I would like to find out if it is possible to setup a
Linux
workstation to perform and Internet dialup to the AOL or the NetZero using
the
Linux software. If so, I would like to get rid off my NT OS and replace it
with RedHat 6.0 Linux distribution.
Can anyone please help?
--
[EMAIL PROTECTED]
--
Robert Young,
[EMAIL PROTECTED]
------------------------------
From: Bob Miller <[EMAIL PROTECTED]>
Subject: Still having problems with Samba
Date: Fri, 18 Jun 1999 10:29:51 -0400
I posted a message here about a week ago and got a couple of responses,
but nothing I tried worked (like enabling password security).
I reinstalled Samba and I'm actually able to see the Linux box now from
the network, but that's it. I can't see any of the shares when I try to
connect to Samba. Win95 just keeps giving me the standard message -
either it can't get any shares or it can't connect to the machine.
I've got a small network of about 10 Win95 machines, 2 WinNT machines,
and a NetWare server. When I was running RedHat 5.2 with its Samba
version (1.9.?), I had it working just fine. But when I upgraded to
RedHat 6.0 and then to Samba 2.0.4b, I just can't seem to get it
working.
What I would like to do is just have a simple share system going. I
only want to have the machines connect and get a list of shared
directories, without having to authenticate to the Linux box. So,
I tried first to set the security to share, but that didn't work. Then
I set up every user on the system in Linux, with passwords set
properly, and set the security to user. That didn't work, either, so
I set the security to server and had it go to the main NT server,
"test," for user authentication. Well, neither did THAT work. In
RedHat 5.2's setup, I had both user and server level security working
just fine (though I noticed server level took a little longer).
Can anyone give me any suggestions? I'd really appreciate it. Here's
my smb.conf file:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# /etc/smb.conf: RMJ, 6-16-99
# Samba configuration file
[global]
workgroup = DOMAIN
server string = Samba Server
hosts allow = 38.150.13.
printcap name = /etc/printcap
load printers = yes
log file = /var/log/samba/log.%m
max log size = 50
security = user
; password server = test
password level = 8
username level = 8
encrypt passwords = yes
smb passwd file = /etc/smbpasswd
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
; interfaces = 38.150.13.32/24
; remote browse sync = 38.150.13.34
remote announce = 38.150.13.255
; local master = yes
; os level = 33
; domain master = yes
; preferred master = yes
; domain controller = test
name resolve order = bcast wins lmhosts
wins server = 38.150.13.34
dns proxy = no
guest account = ftp
[home]
comment = Home Directories
browseable = yes
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
[public]
path = /home/public
public = yes
browseable = yes
; only guest = yes
guest ok = yes
writable = yes
printable = no
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-> Bob Miller
Systems Engineer & CNE
PALOMINO technologies
------------------------------
From: bryan <[EMAIL PROTECTED]>
Subject: Re: Connecting a Linux Box to a Unix Box
Date: Fri, 18 Jun 1999 16:06:17 GMT
bill davidsen <[EMAIL PROTECTED]> wrote:
: In article <[EMAIL PROTECTED]>, kuds <[EMAIL PROTECTED]> wrote:
: | I have around 20 P233MMX machines connected to a Unix box. I
: | have installed RH52 on 2 of these machines. My problem is
: |
: | 1. I dont know the make of the nic nor can i open the
: | machine and find out, i suspect it to be a tulip, but dont
: | take my word on this. Does anybody have ne ideas on how to
: | find this out and also how to install the card
: What we need is "SuperProbe" for NICs, I totally agree, and I have a NIC
: in my hand and still can't identify it, since IBM rebranded it.
the redhat (and others') installs basically autodetect most nics out
there. I agree there should be a probe-nic utility - we just need to
grab the stuff from the installation sourcekit and make a commandline
tool from it.
--
Bryan [at] Grateful.Net
http://www.Grateful.Net
------------------------------
From: "tonydm" <[EMAIL PROTECTED]>
Subject: Re: sharing Devices, NT <-> Linux
Date: Fri, 18 Jun 1999 16:10:19 GMT
I'm a newborn (days old) to Liunx, but I ran across this site relating to
sharing a scanner across a network. Thought this might be useful.
http://www.mostang.com/sane/
Robert Land <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Some devices just work more comfortable with Window drivers. In one
> example, I would like to use the easy working copy software for the
> Mustek SCSI scanner - a tool which I cannot find as a linux app.
>
> Robert
>
------------------------------
From: "James" <[EMAIL PROTECTED]>
Subject: diald and wvdial
Date: Fri, 18 Jun 1999 18:52:09 +0200
After I got IP-masquerading to run. I want to set up my linux box so that it
dials automatically if a request from the networks comes in.
Is there a way to use diald together with wvdial???
Thanx for you answer
James
------------------------------
Crossposted-To:
comp.os.linux.advocacy,comp.infosystems.www.servers.unix,comp.os.linux.misc
Subject: Re: Could Microsoft Cheat On The New Mindcraft Benchmark? (was: Mindcraft
Retest News
From: Aaron Baugher <[EMAIL PROTECTED]>
Date: 18 Jun 1999 09:20:26 -0500
"Stuart Fox" <[EMAIL PROTECTED]> writes:
> Are you suggesting that *nix has no bugs? Or requires no
> patches to get running securely? ALL operating systems
> have bugs that must be patched, I don't care if it's
> linux, NT, Solaris etc. And why has no-one found this bug
> until now - IIS 4.0 has been out for quite a while now...
That's not surprising. Since IIS is not open source, the
only way to find bugs in it is through trial-and-error
attacks or dumb luck. Microsoft calls this a Good Thing.
Their theory is that security holes are only a problem if
someone finds them. They're wrong.
The problem with that thinking is that it means that the
first person to find an exploitable security hole in your
new web server is likely to be malicious. With open source
software, most security holes are found by the many
developers. I'd rather have my security holes found by
developers than by crackers, thanks.
Of course, the latest e-mail 'viruses' aren't viruses at
all. They're a natural outgrowth of two things: the fact
that Windows is really a single-user system that doesn't
expect to deal with malicious programs or data; and the fact
that much Windows software (MS and third-party) encourages
users to abdicate their responsibility for checking insecure
data and instead let applications freely exchange it.
I could write a Unix e-mail 'virus' like Melissa in ten
minutes. My virus could, let's say, wipe out the user's .rc
files, then hunt through the system for common mail logs and
alias files, parse out a bunch of addresses, and forward
the virus to them. It could also mail me the user's
Netscape/lynx cookies files, which would allow me to
impersonate him on web sites he frequents.
This would be easy to program, but would never work, because
Unix users just *don't* set up their software to
automatically execute e-mail attachments. That's partly
because they know better, but it's also because e-mail
clients for Unix aren't stupid enough to present that
possibility as a default. So the responsibility for these
e-mail worms falls partly on the users who unknowingly
spread them, but also on their software makers for trying
too hard to make things transparent and undermining simple
security precautions in the process.
Aaron
--
Aaron Baugher - [EMAIL PROTECTED] - Quincy, IL, USA
Extreme Systems Consulting - http://haruchai.rnet.com/esc/
CGI, Perl, Java, and Linux/Unix Administration
------------------------------
From: Ralf Kneemeyer <[EMAIL PROTECTED]>
Subject: Re: routing problem
Date: Fri, 18 Jun 1999 18:47:40 +0200
Hi,
thanks for that help, got it.
> Ralf Kneemeyer <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> The gateway is a Linux Kernel 2.2.5 box,
> routing table looks like this:
[...]
> I recommend a perusal of this website to figure out what all you need to
> do, and to give you an idea of what the possible risks involved are:
> http://members.home.net/ipmasq/
--
Ralf Kneemeyer
[[EMAIL PROTECTED]]
------------------------------
From: [EMAIL PROTECTED] (peter)
Subject: Strange gnome ppp problem
Date: Fri, 18 Jun 1999 15:52:37 GMT
I've used ppp with x windows (RH 5.2), but now with gnome/KDE it
doesn't work at all, like it can't detect my modem...
Anyone else have problems like this ?
peter
------------------------------
From: [EMAIL PROTECTED]
Subject: IP mapping
Date: Fri, 18 Jun 1999 15:30:07 GMT
Can someone tell me what this is and what it is used for?
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.misc
Subject: Re: ipfwadm only works for sometimes
Date: Fri, 18 Jun 1999 15:22:06 GMT
Your problem may be from the following:
TCP Connections to DNS (nameservers)
If you're trying to block outgoing TCP connections, remember that DNS
doesn't always use UDP; if the reply from the server exceeds 512 bytes,
the client uses a
TCP connection (still going to port number 53) to get the data.
This can be a trap because DNS will `mostly work' if you disallow such
TCP transfers; you may experience strange long delays and other
occasional DNS problems
if you do.
If your DNS queries are always directed at the same external source
(either directly by using the nameserver line in /etc/resolv.conf or by
using a
caching nameserver in forward mode), then you need only allow TCP
connections to port domain on that nameserver from the local domain port
(if using a
caching nameserver
In article <[EMAIL PROTECTED]>,
"RJHM van den Bergh" <[EMAIL PROTECTED]> wrote:
> I do have a problem with Linux RedHat 5.1 and ipfwadm.
>
> Situation:
> ppp0 with external ISDN TA
> Private LAN 10.0.0.0
> The Linux box acts as a gateway to the internet.
> Attached on the Linux Box is an NT workstation.
>
> With the Linux box I can surf to every site.
> With the NT box I can surf to allmost every site.
> I use ipfwadm on the Linux box to do masquarading.
>
> At the end fo this email I attached the firewall script.
> I'm totaly confused why I can't reach some sites.
> DNS seems to work loging the ipfwadm shows
> Jun 7 20:33:46 jads kernel: IP fw-in acc ppp0 TCP 212.233.1.66:80 194
> .159.226.43:61250 L=44 S=0x00 I=4374 F=0x0040 T=118
> Jun 7 20:33:46 jads kernel: IP fw-in acc ppp0 TCP 212.233.1.66:80 194
> .159.226.43:61250 L=40 S=0x00 I=18710 F=0x0040 T=118
> This is the incoming signal from line
> /sbin/ipfwadm -I -a accept -W ppp0 -S 0.0.0.0/0 -D $MY_STATIC/32 -o
> But comunication stops then.
>
> If put some system setings on the end also
>
> The IP of the NT 10.0.0.3
> The IP of the Linux 10.0.0.1
>
> Don't know why.
> I've been looking for it some days now
> Thanks for any help.
> [EMAIL PROTECTED]
>
> ---------------------
> Route table
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Us
> e Iface
> demon-du.demon. * 255.255.255.255 UH 0 0
> 0 ppp0
> 127.0.0.0 * 255.0.0.0 U 0 0
> 5 lo
> 10.0.0.0 * 255.0.0.0 U 0 0
> 6 eth0
> default demon-du.demon. 0.0.0.0 UG 0 0 9
> 5 ppp0
>
> ------------------
> HERE IS THE IPFWADM CONFIG FILE
> it is started from rc.local (also tried it manualy)
> #!/bin/sh
>
> #
> # Firewall settings , with IP masquerading
> #
> # File /etc/rc.d/rc.firewall
> # Fnvoked from rc.local
> #
> # Source: Lunix system administration handbook
> # Edited and commented by RJHM van den Bergh , [EMAIL PROTECTED]
> #
>
> PATH=/sbin:/bin:/usr/sbin:/usr/bin
>
> MY_ETH0=10.0.0.1
> MY_NET=10.0.0.0
> MY_STATIC=194.159.226.43
>
> # Forwarding rules
> # First flush the old Forwarding rules from memory
> /sbin/ipfwadm -F -f
> # Default deny everything
> /sbin/ipfwadm -F -p deny
>
> # Set up the masquerade
> # Masquerade the ips from MY_NET (eth0) to ppp0
> /sbin/ipfwadm -F -a masquerade -W ppp0 -S $MY_NET/8 -D 0.0.0.0/0
> # Also the script does set up masquerade for sl0
> # This has something to do with daild
> # Unknown , I don't have a slip line so I comment it out
> # ipfwadm -F -a masquerade -W sl0 -S $MY_NET/8 -D 0.0.0.0/0
>
> # Extra line added to prefent the system forwarding IP
> # directed to the gateway itself
> # Probably not necessary so I commented it out
> # I think it is necessary
> # ipfwadm -F -a deny -W eth0 -S $MY_NET/8 -D 10.0.0.1/32
>
> # Incoming rules
> # First flush all old incoming rules
> /sbin/ipfwadm -I -f
> # Default deny everything
> /sbin/ipfwadm -I -p deny
> # Packets from my local net (eth0) to anywhere else are allowed
> /sbin/ipfwadm -I -a accept -W eth0 -S $MY_NET/8 -D 0.0.0.0/0
> # Packets pretending to be from my local net (eth0) but aren't are
denied
> # They can in fact come from the outer world (ppp0)
> # I think they call this spoofing (someone is pretending to be someone
else)
> /sbin/ipfwadm -I -a deny -W ppp0 -S $MY_NET/8 -D 0.0.0.0/0 -o
> # Packets comming in from the outer world are valid
> # (i.e. if we are using the firewall machine for email or someone
> # VALIDY telneting to the machine )
> # Don't gues this is what I want , to restricted
> # But anyway just add it
> /sbin/ipfwadm -I -a accept -W ppp0 -S 0.0.0.0/0 -D $MY_STATIC/32
> # Also make the localhost possible for testing
> /sbin/ipfwadm -I -a accept -V 127.0.0.1 -S 0.0.0.0/0 -D 0.0.0.0/0
>
> # Outgoing rules
> # First flush all old settings
> /sbin/ipfwadm -O -f
> # Default deny everything
> /sbin/ipfwadm -O -p deny
> # I think the next one is make messages going out to my local net
valid
> /sbin/ipfwadm -O -a accept -W eth0 -S 0.0.0.0/0 -D $MY_NET/8
> # Next three aren't clear to me
> # I think they are used to prefent someone from the outer world
> # pretending to be someone from my local net
> # this is called spoofing
> # If it gives a problem I will comment them out.
> # I call this setting paranoid , messages with IP that are used only
for
> local nets
> # are dropped by routers on the net , because they are said to be
alien
> (incorrect).
> /sbin/ipfwadm -O -a deny -W ppp0 -S 0.0.0.0/0 -D $MY_NET/8
> # I do have some questions about the next one.
> # If it denies messages from my net going out to the outer world
> # through ppp0 then nothing will get out !!
> /sbin/ipfwadm -O -a deny -W ppp0 -S $MY_NET/8 -D 0.0.0.0/0
> # The last line is used twice think this is an error in the book.
> /sbin/ipfwadm -O -a deny -W ppp0 -S 0.0.0.0/0 -D $MY_NET/8
> # All outher data going out to the outer world are suposed to be valid
> # The book still uses the slip line sl0 again.
> # This has something to do with the daild program.
> # I'll comment it out because I don't have a slip line
> /sbin/ipfwadm -O -a accept -W ppp0 -S $MY_STATIC/32 -D 0.0.0.0/0
> # ipfwadm -O -a accept -W sl0 -S $MY_STATIC/32 -D 0.0.0.0/0
> # The local host should be reached to
> /sbin/ipfwadm -O -a accept -V 127.0.0.1 -S 0.0.0.0/0 -D 0.0.0.0/0
>
> # Let the user know that the firewall has been set up
> echo "Firewall is set up with IP masquerade."
>
> -----------------------
>
> Here is the ifconfig output
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
> UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
> RX packets:47 errors:0 dropped:0 overruns:0
> TX packets:47 errors:0 dropped:0 overruns:0
>
> eth0 Link encap:Ethernet HWaddr 00:10:4B:43:A9:EE
> inet addr:10.0.0.1 Bcast:10.255.255.255 Mask:255.0.0.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:12449 errors:0 dropped:0 overruns:0
> TX packets:10141 errors:0 dropped:0 overruns:0
> Interrupt:12 Base address:0xe400
>
> ppp0 Link encap:Point-to-Point Protocol
> inet addr:194.159.226.43 P-t-P:194.159.73.222 Mask:255.255
> .255.0
> UP POINTOPOINT RUNNING MTU:256 Metric:1
> RX packets:4158 errors:3 dropped:3 overruns:0
> TX packets:2745 errors:0 dropped:0 overruns:0
>
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Ashwin K. Raj" <[EMAIL PROTECTED]>
Subject: HELP! Someone's hacked into...
Date: Fri, 18 Jun 1999 10:54:46 -0500
I am maintaining a Linux server at the university, with Apache Server. I
use it just for lab services, with some perl scripts doing most of the
form processing.
Today morning, I cannot seem to log into the server as root, or from any
other accounts that were setup alongside. As far as web pages and scripts
are concerned, they still seem to be working just fine, but it looks like
someone has logged in and altered the passwd file and or some other
configuration files. Is there any way this situation is recoverable? Its
not a big deal for me to set up the server again, but I have realized that
there is a lot more to security than what I know about! I would greatly
appreciate any advice on this aspect and if someone to guide me into
tracing the `hacker' by any means. Thanks a lot!!
sincerely,
Ashwin
------------------------------
From: Robert Young <[EMAIL PROTECTED]>
Subject: [Q] AOL Using Linux?
Date: Fri, 18 Jun 1999 12:34:12 -0400
To Linux Netters,
Currently, I am an NT user and my access to the Internet is provided by the
NetZero (www.NetZero.net) that does not allow its member to use any other
DUN,
except its own proprietary DUN software. I also noticed from the NetZero's
web page that one can use AOL DUN to access the Netzero's Internet dialup.
Having said that, I would like to find out if it is possible to setup a
Linux
workstation to perform and Internet dialup to the AOL or the NetZero using
the
Linux software. If so, I would like to get rid off my NT OS and replace it
with RedHat 6.0 Linux distribution.
Can anyone please help?
--
[EMAIL PROTECTED]
--
Robert Young,
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: modem reccomendations
Date: Fri, 18 Jun 1999 16:01:27 GMT
Hi,
Same happened with me too, just that instead of fry's it was 'best buy'.
Anyway, I really don't think there are many PCI modems that work with
linux. In fact, all the HOW-TOs and other documentation discouraged me
from buying PCI modem.
So I bought Zoom 56K internal ISA modem. Works great, it is PnP, so not
much of problem setting that up.
I know, PCI/winmodems are cheap compared to ISA/ext. modems. But they
DON'T work with linux (most of them) at least not yet. So go for ISA
modem which is comparativly cheaper to ext. modem.
Hope this helps,
-Mandar
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Cyclone000) wrote:
> Can anybody reccomend a good PCI modem for Linux? I've been to fry's
twice this
> weekend(and any of you who know fry's know my pain) and both times
unknowningly
> returned with a win modem. I'm looking for a 56K, any ideas or
suggestions
> would be helpful. I've looked at the compatability list at
> http://www.o2.net/~gromitkc/19990613a.html, but i'm not sure if there
are ones
> that are easier to setup than others. BTW i'm running rh6
> thanks
> dave
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Patrick)
Subject: chap
Date: 18 Jun 1999 15:44:06 GMT
my isp supports chap
i have edited ppp-secrets
but there is error, can u tell me how to solve it?
the connection terminated after connecting between ppp0 and
/dev/modem
Jun 18 23:29:42 love chat[275]: CONNECT -- got it
Jun 18 23:29:42 love chat[275]: send (^M)
Jun 18 23:29:42 love pppd[274]: Serial connection established.
Jun 18 23:29:43 love pppd[274]: Using interface ppp0
Jun 18 23:29:43 love pppd[274]: Connect: ppp0 <--> /dev/modem
Jun 18 23:29:49 love pppd[274]: Connection terminated.
Jun 18 23:29:49 love pppd[274]: Exit.
--
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
