Linux-Networking Digest #13

Mon, 26 Jul 1999 10:19:13 -0700 

Linux-Networking Digest #13, Volume #12          Mon, 26 Jul 99 14:13:46 EDT

Contents:
  how do I shut down ppp0? (scable)
  Re: any good book? (Bonn)
  kernel: nfsd Security: /// bad export. (Britt)
  Re: diald -- can I stop it dialling out? (Michael McLaughlin)
  IO masquerading for RH5.2 -- can I insert modules? (Michael McLaughlin)
  Multihomed routing issues (Lim Chee Onn)
  Re: once I installed the second NIC the first stoped working (Matt)
  Re: Internet access using Win98 PPP Connection (Leeroy Smith)
  hackers (benjamin j snyder)
  Add User button missing from Control Panel (BadMango)
  Re: Pliiiiiiz (Simon Burley)
  diald and wvdial (Helmut Leininger)
  Re: diald -- can I stop it dialling out? (Michael McLaughlin)
  Re: diald -- can I stop it dialling out? ([EMAIL PROTECTED])
  Re: Synchronizing time between server. (Birger Toedtmann)
  Undelete/Samba (Roland Schatz)
  Re: how do I shut down ppp0? (Scott)
  Re: very slow ethernet connection IN ONE DIRECTION! (Simon Burley)
  NFS problem: No files visible ([EMAIL PROTECTED])
  Re: very slow ethernet connection IN ONE DIRECTION! (Simon Burley)
  DNS Alias Problem (Rob Calfee)
  Re: very slow ethernet connection IN ONE DIRECTION! (Simon Burley)
  Re: Running Apps from WIN95 (John Thompson)
  Re: Please help with my sendmail setup... (Birger Toedtmann)
  Re: High load average, low cpu usage when /home NFS mounted (Paul Kimoto)
  Re: CHAP confusion... (Clifford Kite)

----------------------------------------------------------------------------

From: scable <[EMAIL PROTECTED]>
Subject: how do I shut down ppp0?
Date: Mon, 26 Jul 1999 09:29:11 -0500

Hi All.

Every so often, I find I can't make a quick connection to my ISP.  My
modem
will somtimes cycle through the dialing sequence 10 or 15 times without
getting anything more than a busy signal.  When this happens, I would
like to be able to end my modem's efforts to connect, but the only way I
know to do it right now is to log out and reboot.  I use the RH6.0
utility "UserNet" to establish this connection.  I can't use UserNet to
shut things down unless a connection has already been established. 
Seems there must be a more elegant way to do this.  Any suggestions? 
Thanks.

------------------------------

From: Bonn <[EMAIL PROTECTED]>
Subject: Re: any good book?
Date: Mon, 26 Jul 1999 22:49:07 +0800
Reply-To: [EMAIL PROTECTED]

thank you.
i will check it out.

bonn

Artur Swietanowski wrote:

>
> O'Reilly's "TCP-IP Network Administration" would qualify, I guess.
>
> HTH,
> ---------------------------------------------------------------------
> Artur Swietanowski                    mailto:[EMAIL PROTECTED]
> Institut f�r Statistik,  Operations Research  und  Computerverfahren,
> Universit�t Wien,     Universit�tsstr. 5,    A-1010 Wien,     Austria
> tel. +43 (1) 427 738 620                     fax  +43 (1) 427 738 629
> ---------------------------------------------------------------------

--
___________________________________________________________
|>  Food is the first thing.  Morals follow on.          <|
|<  Bread and Puppets                                    >|
|<                                                       <|
|>                                     and I wonder...   <|



------------------------------

From: Britt <[EMAIL PROTECTED]>
Subject: kernel: nfsd Security: /// bad export.
Date: 26 Jul 1999 14:57:41 GMT

I'm getting this message
kernel: nfsd Security: /// bad export.

about 50,000 times a minute on my machine.  and I have _NO_ idea why.

machine spec
Dual PIII Xeon, linux 2.2.10, knfs-1.2.2-4, on a RedHat 6.0 fully patched
system.  I'm exporting to my local network (which has RH5.2, BSD/OS and
SunOS 4 machines) using a normal looking exports file like this:

/var/spool/mail         machine1(rw) machine2(rw) bsdibox(rw,insecure) etc

This just started up after I thought I had stopped it buy using the macine
name instead of a network/netmask setup.  

Also I've been seeing errors like this as well...

kernel: nfsd_create: dentry .gnome/accels not negative! 

I get this for all kinds of file names.  I'm pretty sure (based on the files)
that these error are coming from a RH5.2 box that is mounting the nfs 
server.

Any suggestion on these problems would be greatly appreciated.

To email do the obvious editing to my addr.

thanks,

Britt

=======================================================================
Britt Bolen            [EMAIL PROTECTED]           britt.bolen.com 

------------------------------

From: Michael McLaughlin <[EMAIL PROTECTED]>
Subject: Re: diald -- can I stop it dialling out?
Date: Mon, 26 Jul 1999 14:56:06 +0000

> The network is just a Win95 box connected to a Linux box.

I am using WINS for name resolution, but this speaks to Samba on the Linux
box.

Michael



------------------------------

From: Michael McLaughlin <[EMAIL PROTECTED]>
Subject: IO masquerading for RH5.2 -- can I insert modules?
Date: Mon, 26 Jul 1999 14:58:35 +0000

I want to use IP masquerading on RH5.2.
Do I need to compile the kernel or can I insert modules?


------------------------------

From: Lim Chee Onn <[EMAIL PROTECTED]>
Subject: Multihomed routing issues
Date: Mon, 26 Jul 1999 23:41:16 +0800

I am running kernel-2.2.10 with two ethernet interfaces connected to
different services providers. The configuration details are as follows
;-

eth0            202.186.x.8/255.255.255.0
eth1            202.188.x.180/255.255.255.248
Default_gw      202.186.x.1/255.255.255.0 eth0

Users from outside (dial-in via their ISP) are able to ping 202.186.x.8
but not 202.188.x.180. Can anyone show me perhaps where I am going
wrong? Do I need to setup default routes for each individual interfaces?

Thanks in advance.
-- 
=====================================================================
Alex Lim Chee Onn
VCN Technology Sendirian Berhad (http://www.vcn.com.my)
Future Trend Computer Services (http://www.ftrend.com.my)
=====================================================================

------------------------------

From: Matt <[EMAIL PROTECTED]>
Subject: Re: once I installed the second NIC the first stoped working
Date: Mon, 26 Jul 1999 15:59:55 GMT

Ok I tried that, but when I try to add a route it tells me "Network is
down".  So I tried a "ifconfig eth0 up" command and a get the message
"SIOCSIFFLAGS: Resource temporarily unavailable".

Just to make clear, I can't see eth0 when I do a "ifconfig" command, but
I can see it when I do a "ifconfig eth0" command, and there is a green light
lit on the NIC.  One other thing, the hub that the NIC is connnect to does
not see it, no lights on the hub, other than power.

thanks,
-matt

Artur Swietanowski wrote:

> Matt wrote:
> >
> > I installed my RH 6.0 with my 3c509 NIC in the machine.  It worked fine
> > untill I installed my second NIC, 3c900B -TPO.  Now the second NIC works
> > fine, but the first one does nothing. (...)
>
> Routing is the answer. Check the routing tables to see if and how
> you can send packets to eth0. You can use "netstat -r". Mine prints
> more or less this:
>
> Kernel IP routing table
> Destination   Gateway      Genmask         Flags MSS Win  irtt Iface
> 192.168.1.1    *           255.255.255.255 UH      0 0       0 eth1
> 192.168.1.2    *           255.255.255.255 UH      0 0       0 eth2
> 133.133.33.227 *           255.255.255.255 UH      0 0       0 eth0
> 192.168.1.254  *           255.255.255.255 UH      0 0       0 eth2
> 192.168.1.254  *           255.255.255.255 UH      0 0       0 eth1
> 133.133.33.0   *           255.255.255.0   U       0 0       0 eth0
> 192.168.1.0    *           255.255.255.0   U       0 0       0 eth1
> 192.168.1.0    *           255.255.255.0   U       0 0       0 eth2
> 127.0.0.0      *           255.0.0.0       U       0 0       0 lo
> default       133.133.33.6 0.0.0.0         UG      0 0       0 eth0
>
> The first five are routes to particular hosts (two to external hosts,
> three to the interface itself). Then come network routes (with
> 192.168.1.0 mentioned twice, for both interfaces that share it), then
> the loopback and the external gateway.
>
> HTH,
> ---------------------------------------------------------------------
> Artur Swietanowski                    mailto:[EMAIL PROTECTED]
> Institut f�r Statistik,  Operations Research  und  Computerverfahren,
> Universit�t Wien,     Universit�tsstr. 5,    A-1010 Wien,     Austria
> tel. +43 (1) 427 738 620                     fax  +43 (1) 427 738 629
> ---------------------------------------------------------------------


------------------------------

From: Leeroy Smith <[EMAIL PROTECTED]>
Subject: Re: Internet access using Win98 PPP Connection
Date: 26 Jul 1999 08:08:18 PDT

Hi Nick,

Sorry I can't help you with your problem. If I knew how to then I certainly
would. However, I  have a problem that I think you can help me with.  I have 3
computers: 1 win95 setup, 1 win98 setup and 1 Linux Caldera 2.2. I have
ethernet cards in all 3. My questions is :
How do I connect and get to work with files from my linux box to the other win
machines? Can you give a step by step solution? Thanks in advance
Leeroy

Nick Makrymanolakis wrote:

> I have two computers connected via two ethernet cards, one using Windows 98
> and one using Linux, SuSE 6.0 installation. Networking between these two
> computers works fine.
>
> My Win98 machine is connected to the Internet using a modem, dynamic PPP
> connection. Is there any way that I my Linux machine can have access to the
> Internet from the above PPP connection? I mean, when my Win98 machine is
> connected to the Internet, my Linux machine to be able to access the
> Internet through that connection, using Linux clients. My Linux machine has
> the IP 192.168.0.99 and my Win 98 maching 192.168.0.90.
>
> Thank you for any help. If no much bother, please e-mail any replies to
> [EMAIL PROTECTED]
>
> Nick


------------------------------

From: [EMAIL PROTECTED] (benjamin j snyder)
Subject: hackers
Date: 26 Jul 1999 15:34:39 GMT


I've had a few people attempt to connect to my linux box, but fortunatley it 
looks as if they were turned away according to /var/log/secure and 
/var/log/messages.  The weird thing is that /var/log/messages doesnt show any 
failed login attmpts, but they are trying on ftp and telnet.  The thing that 
REALLY bothers me is that it is continually coming from the same 2 or 3 IP's.
It bothers me that they may be getting in in some way, but there's been no 
changes to my system, no additions/deletions or anything.

I have a firewall setup that should be denying all incoming traffic (except 
requested of course), but allowing any outgoing traffic.

Does anyone know how I can go about shutting the people out completely?  Or 
give them a nice present the next time they try it?

Thanks in advance to those who reply. 

FYI, this is not coming from my linux box, so feel free to try to get in to 
this machine ;p




-- 
Ben Snyder                              

------------------------------

From: [EMAIL PROTECTED] (BadMango)
Subject: Add User button missing from Control Panel
Date: 26 Jul 1999 14:22:18 GMT

Hey group:

Just installed 5.2 Red Hat on an Intel pc and everything seems fine...EXCEPT
that there is no Add User button in Control Panel. I can use linuxconf to do
the operation, but it's bugging the hell out of me why this button doesn't show
up.

Anyone have any idea why this would happen? 

Thankz.

------------------------------

From: Simon Burley <[EMAIL PROTECTED]>
Subject: Re: Pliiiiiiz
Date: Mon, 26 Jul 1999 16:37:09 +0100

Luis Amezcua wrote:
> 
> I have too many comps...
> 
> I just got a pentium 100 and a 486 (40 bucks for both 8-)) both with 16
> megs of
> RAM and about 800 MB HDD. That is in addition to a AMD 233 and a
> imac ( my wifes)
> Now I want to play around with a network ( I have 3 cards and a hub)
> I just connected the P100 and the AMD 233 and I can ping them etc.
> I want to add the 486 and the mac. I do not know what would be the
> best configuration (probably the 486 as a router)
> 
> The main pourpose of the network would be share files-printers
> and also test some PERL. OK Ok Maybe some games
> 
> Any suggestions would be greatly appreciated!

The imac has ethernet built-in, doesn't it? The one on my desk does, at
least. Plug a cat5 cable into that too.
Linux+Samba is great. The 486 will run Samba more than happily. I don't
have any experience of Netatalk, but if it's half as easy as Samba to
get running, it's not at all difficult.

S.
-- 
/* "C makes it easy to shoot yourself in the foot.  C++ makes */
/* it harder, but when you do, it blows away your whole leg." */
/*   -- Bjarne Stroustrup                                     */
/* Simon Burley, Double Negative Ltd, London.                 */

------------------------------

Date: Mon, 26 Jul 1999 18:57:18 +0200
From: Helmut Leininger <[EMAIL PROTECTED]>
Subject: diald and wvdial

Hi,

I would like to use wvdial and diald to make a PPP-connection to my ISP
whenever a client needs it (squd is installed).

Connecting manually with wvdial is ok and I can access the provider.

However, I get problems when I want to use diald. What are good
configrations of diald.conf and ppp/options?


Regards

------------------------------

From: Michael McLaughlin <[EMAIL PROTECTED]>
Subject: Re: diald -- can I stop it dialling out?
Date: Mon, 26 Jul 1999 14:57:18 +0000

>
>
> You ar probably running named or gated on your box ( Redhat seems to like setting
> them up automatically). Unless you are running a large network on your
> side of the phone link, don't run. them. You do not need them.
> Change the S??named or S??gated in /etc/rc.d/rc?.d to K??named and K??gated
> (or just rename /etc/rc.d/init.d/named and /etc/rc.d/init.d/gated to something else.)

I'll try this. But the next step is to use IP masquerading -- will I need gated or 
named
for that?
This thing is driving me nuts! The modem seems to dial out at will!
Michael


------------------------------

From: [EMAIL PROTECTED]
Subject: Re: diald -- can I stop it dialling out?
Date: Mon, 26 Jul 1999 10:38:43 -0400

Named does not cause periodic dialups.
if this is what's happening something is making a DNS inquirey
(usually a winblows machine doing ns stuff) which you 
can block in diald.conf

I Don't use gated so I cant say. 


"W.G. Unruh" wrote:
> 
> Michael McLaughlin <[EMAIL PROTECTED]> writes:
> 
> >I am using diald on RedHat5.2.
> 
> >The basic functionality seems to work OK. But how can I stop it dialling
> >out, seemingly at random.
> >On boot up in particular, it activates the modem. But at other times,
> >even when I am niot using Netscape it rings out!
> 
> You ar probably running named or gated on your box ( Redhat seems to like setting
> them up automatically). Unless you are running a large network on your
> side of the phone link, don't run. them. You do not need them.
> Change the S??named or S??gated in /etc/rc.d/rc?.d to K??named and K??gated
> (or just rename /etc/rc.d/init.d/named and /etc/rc.d/init.d/gated to something else.)

-- 

                      Come Visit Our Website

        http://www.freeyellow.com/members/creative-services

         Please Visit Our Sponsers (We get paid per visit)

------------------------------

From: Birger Toedtmann <[EMAIL PROTECTED]>
Subject: Re: Synchronizing time between server.
Date: Mon, 26 Jul 1999 17:24:49 +0200

[EMAIL PROTECTED] wrote:

> Hi,
>
> How can I synchronize the time between two Linux servers without using
> something complicated as ntp? Is it possible to synchronize time with
> an NT machine (either direction is okay)?
>

I don't know much about NT time, but to synchronize between linuxes you
may possibly enable the time service within the /etc/inetd of one box and sync
from the other box with rdate(1).

Regards,

Birger



--
                     Birger T�dtmann. Bielefeld, Germany.
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | \dc
               00 83 E2 57 EC 60 0B 1C  D3 18 AE 2A 40 55 81 22




------------------------------

From: Roland Schatz <[EMAIL PROTECTED]>
Subject: Undelete/Samba
Date: Mon, 26 Jul 1999 18:38:27 +0200

I have to set up a linux-fileserver for a Win95/WinNT network, but I
need the ability to undelete files. If this is impossible, a
recycled-folder will do. Most important is that this should work over
network, too (Files deleted over network, the undelete can also be done
locally or with a telnet session).

Are there any tools to do that? Or is there another SMB server with this
feature included?

PS: I have got SuSE Linux 6.0, the Workstations are WinNT 4.0 and Win95a
:(.


------------------------------

From: [EMAIL PROTECTED] (Scott)
Subject: Re: how do I shut down ppp0?
Date: Mon, 26 Jul 1999 15:25:00 GMT
Reply-To: [EMAIL PROTECTED]


>From a command prompt you can probably run "ifconfig ppp0 down"
from a command-line to disable the ppp interface.  I try not to use
Red Hat, so I do not know what tools they may have to do this same
thing.  Good luck.

Scott


On Mon, 26 Jul 1999 09:29:11 -0500, scable <[EMAIL PROTECTED]>
wrote:

>Hi All.
>
>Every so often, I find I can't make a quick connection to my ISP.
>My modem will somtimes cycle through the dialing sequence 10
>or 15 times without getting anything more than a busy signal.
>When this happens, I would like to be able to end my modem's
>efforts to connect, but the only way I know to do it right now is
>to log out and reboot.  I use the RH6.0 utility "UserNet" to
>establish this connection.  I can't use UserNet to shut things
>down unless a connection has already been established.  Seems
>there must be a more elegant way to do this.  Any suggestions? 
>Thanks.


------------------------------

From: Simon Burley <[EMAIL PROTECTED]>
Subject: Re: very slow ethernet connection IN ONE DIRECTION!
Date: Mon, 26 Jul 1999 17:42:20 +0100

Mandl Martin wrote:
> 
> .... as said before: I have a similar problem but with a "normal" setup:
> 
> I can send fast, but I receive approximatly a factor 1000 slower ...
> 
> I had the same setup with REDHAT 4.1, and everything worked fine ...
> Then I upgraded to REDHAT 5.1 (2.0.35) and got this problem. I am
> connected directly to our "intranet" ... All (IP, Gatway, DNS,
> nameserver ...) is as before ... ifconfig shows only some dropped TX
> packages, but not that many ...
> 
> Any suggestions ????
> 
>         Martin

Which ethernet card?
S.
-- 
/* "C makes it easy to shoot yourself in the foot.  C++ makes */
/* it harder, but when you do, it blows away your whole leg." */
/*   -- Bjarne Stroustrup                                     */
/* Simon Burley, Double Negative Ltd, London.                 */

------------------------------

From: [EMAIL PROTECTED]
Subject: NFS problem: No files visible
Date: Mon, 26 Jul 1999 16:40:30 GMT

Configuration: SuSE Linux 6.1 Server, SCO-Client

Our problem:
We've exported via NFS the directory '/usr/lib/informix', specified in
'/etc/exports' with entry '/usr/lib/informix (rw)').

If we mount that directory on SCO (*identical* user/group-IDs) with
  'mount -f NFS [host]:/usr/lib/informix /mnt'
the system returns 'OK'.

But no files are visible in '/mnt', (for all SCO-users including 'root')
when chmod on '/usr/lib/informix' is o-rw.
Files are only visible if we changed any access with 'chmod o+rw'

Any suggestions?
  Frank


Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.

------------------------------

From: Simon Burley <[EMAIL PROTECTED]>
Subject: Re: very slow ethernet connection IN ONE DIRECTION!
Date: Mon, 26 Jul 1999 16:27:59 +0100

Simeon Cran wrote:
> 
> Further to my previous post... I am getting very slow transfers
> (~7kbytes/sec) from linux to windows, but normal (>500kbytes/sec) from
> windows to linux. This is surely a config problem.. right? But where?
> 
> No error messages anywhere. No RX or TX errors. Few collisions.
> 
> OK, so what do I need to do to fix all this???? It all works, just slowly in
> one direction.
> 
> HELP!

What client (and protocol) are you using on the windows box?
I can't pin it down straight away, but I will say I have seen some
shareware windows ftp clients do this before. Like you say, no good
reason for it - if I'd only had more time to investigate this.....
S.
-- 
/* "C makes it easy to shoot yourself in the foot.  C++ makes */
/* it harder, but when you do, it blows away your whole leg." */
/*   -- Bjarne Stroustrup                                     */
/* Simon Burley, Double Negative Ltd, London.                 */

------------------------------

From: [EMAIL PROTECTED] (Rob Calfee)
Subject: DNS Alias Problem
Date: Mon, 26 Jul 1999 16:47:01 GMT

Can somone look at this file below and tell me what I'm doing wrong,
because I can type out in my browser, NS1.webdsp.net, and the web page
comes up fine.  But when I type out, www.webdsp.net, it will not bring
up the same page.  Can someone help me and scan the following file to
see if my syntax is correct.  I'd really appreciate this because my
boss keeps bothering me about it.  Actually it is his problem, but you
know how it is, LOL.

Rob


;named.hosts file for webdsp.com
;
@         IN     SOA     NS1.webdsp.net.  jhonken.webdsp.net. (
99072102 ; serial number
86400 ;refresh 24 hrs
300 ; retry 5 minutes
2592000 ; expire 30 days
86400 ; minium 24 hrs
)
IN      NS     NS1.webdsp.net.
;
;  The domain itself
;
@         IN     A      207.199.219.3
IN        MX     100    mailhost.webdsp.net
IN        HINFO  PC-586 Linux
;
;  The primary Nameserver
;
nameserver   IN         NS1.webdsp.net.
ns       CNAME         webdsp.net. 
www      CNAME         webdsp.net.
ftp      CNAME         webdsp.net.
mail     CNAME         webdsp.net
;
;  Other Hosts
;
localhost  IN    A     127.0.0.1


____________________________________________


;NAMED.REV
;named.rev file for webdsp.com
;
@         IN     SOA     NS1.webdsp.net.  jhonken.webdsp.net. (
99071903 ; serial number
86400 ; refresh 24 hrs
300 ; retry 5 minutes
2592000 ; expire 30 days
86400 ; minium 24 hrs
)
IN      NS     NS1.webdsp.net.
;
;  Reverse map the IP addresses
;
3         IN    PTR    NS1.webdsp.net.

Rob Calfee
DBA
[EMAIL PROTECTED]

------------------------------

From: Simon Burley <[EMAIL PROTECTED]>
Subject: Re: very slow ethernet connection IN ONE DIRECTION!
Date: Mon, 26 Jul 1999 16:30:39 +0100

Simeon Cran wrote:
> 
> Further to my previous post... I am getting very slow transfers
> (~7kbytes/sec) from linux to windows, but normal (>500kbytes/sec) from
> windows to linux. This is surely a config problem.. right? But where?
> 
> No error messages anywhere. No RX or TX errors. Few collisions.
> 
> OK, so what do I need to do to fix all this???? It all works, just slowly in
> one direction.
> 
> HELP!

Also, how many times have you posted to the group? I can see at least
two other messages posted by you today alone.
Answer the reply to your first message, and then we'll take it further.
S.
-- 
/* "C makes it easy to shoot yourself in the foot.  C++ makes */
/* it harder, but when you do, it blows away your whole leg." */
/*   -- Bjarne Stroustrup                                     */
/* Simon Burley, Double Negative Ltd, London.                 */

------------------------------

From: John Thompson <[EMAIL PROTECTED]>
Subject: Re: Running Apps from WIN95
Date: Mon, 26 Jul 1999 08:20:36 -0600

Zia Ehtisham wrote:
 
> Is it possible to telnet into Linux RH6.0 server from Win95, and open x
> - applications, like WordPerfect 8 or play KDE games. Do I need to
> change my display settings or run something else in Linux? I'm new to
> all this. Any suggestions will be greatly appreciated.

You just need to run an X server on the Win machine.

-- 

-John ([EMAIL PROTECTED])

------------------------------

From: Birger Toedtmann <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.security
Subject: Re: Please help with my sendmail setup...
Date: Mon, 26 Jul 1999 17:35:01 +0200

Eric Wirt wrote:
> 
> I have a machine that is hosting e-mail for about 25 clients who masquerade
> behind it, and also for another 25 persons who dial into the net through
> normal ISP's such as MSN, AOL, Eros, etc...
> 
> Right now, the sendmail dameon on my server is setup so that it relays ANY
> mail that is thrown at it.   Most of my users who dial into the Internet
> normally need to be able to relay mail fr/ my machine, but I do not want
> just ANYONE to be able to.  I have looked at some MAN and HOW-TO pages, and
> have found out how to restrict sendmail to only allow mail to be relayed
> from specific domains -- but it appears that I would have to let ALL of AOL,
> or MSN, etc. through in order for this work.  I think the best way for me to
> prevent someone from relaying spam off my server will be to restrict
> relaying to only work for mail that has one of several specific addresses in
> the FROM: field of the message.  While I realize that this is not completely
> secure, it will at least eliminate MOST random spam relay attacks...

There a exactly 2 solutions to this problem that are widely used:

1. Talk to your customers. Convince them to use their local AOL/MSN relay
   for outgoing mail. This should be the default behaviour anyway. Incoming
   mail won't be affected.

2. Set up a hack: Most mail clients do an ingoing mail server check ("hello
   pop server, any new mail for me?"). Your log will report this. Catch the
   ip-address this request is coming from. Insert it in your relay_allow/access
   table for some reasonable time (5 min, 30 min, have a try). The client will
   almost always send its outgoing mail later on - and it will be allowed to do 
   this. After your allow interval expired, delete the appropriate ip-address
   from your allow-table.

- Note that _some_ mail clients don't do a pop check _before_ sending mail. 
  Those customers will get angry....

Regards,

Birger

-- 
                     Birger T�dtmann. Bielefeld, Germany.
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | \dc
               00 83 E2 57 EC 60 0B 1C  D3 18 AE 2A 40 55 81 22

------------------------------

From: [EMAIL PROTECTED] (Paul Kimoto)
Crossposted-To: comp.os.linux.misc,comp.os.linux.development.system
Subject: Re: High load average, low cpu usage when /home NFS mounted
Date: 26 Jul 1999 11:46:51 -0500
Reply-To: [EMAIL PROTECTED]

In article <[EMAIL PROTECTED]>, 
Peter Steiner wrote:
> In article <[EMAIL PROTECTED]>, Kelly Burkhart wrote:
>>>     [from the proc(5) man page:]
>>>     loadavg
>>>     The load average numbers give the number of jobs in
>>>         the run queue averaged over 1, 5 and 15 minutes.

>> Really?  I thought processes waiting on IO were not in the run queue;
>> only processes that were "ready to run".

> The manpage is wrong.

> The loadavg shows the number of "active" tasks. Active does not only
> mean "running", but also "doing critical I/O".

[code from kernel/sched.c snipped]
> All tasks are counted that are either TASK_RUNNING,
> TASK_UNINTERRUPTIBLE or TASK_SWAPPING.

Okay, but try the following experiment on an NFS client:

#!/bin/sh
while /bin/true; do
   cat > /dev/null LIST_OF_LONG_NFS_MOUNTED_FILES
done

In my list of long files I have stuff like the emacs-20.4 source tar 
file (i.e., several MB long).  Each "cat" is taking ~1 minute, and
"top" reports its %CPU at ~10%, but my load average is slightly above
1.

-- 
Paul Kimoto             <[EMAIL PROTECTED]>

------------------------------

From: kite@NoSpam.%inetport.com (Clifford Kite)
Subject: Re: CHAP confusion...
Date: 26 Jul 1999 10:51:30 -0500

Frank Waarsenburg ([EMAIL PROTECTED]) wrote:

: I'm really getting lost on this one. So if anyone can help me out....
: I am using ISDN for connecting to my ISP and my employers network (10.x
: private range). My employers network uses M$-Chap for authentication and
: my ISP plain Chap. I have

: name <logonid1>
: remotename *

: in ioptions.ippp0, and

: name <logonid2>
: remotename *

: in ioptions.ippp1. Chap secrets looks like

: # User        Server       Secrets        IP-address
: <logonid1>    *            <Secret1>      10.0.0.0/8
: <logonid2>    *            <Secret2>      *

: Logonid1 is for my employers network; logonid2 is for my ISP. If I want
: to connect to my ISP (by specifying any address outside the 10.x range),
: ippp1 dials out but uses the LOGON specs for my employers network!!! If
: ippp0 is already up, then ippp1 picks the correct entry. If I kill
: ippp0, same effect: ippp1 uses the correct entry. But else, it picks the
: wrong user/password combination, resulting in a Chap authentication
: failure and my system reconnecting every couple of seconds... :-(


: I tried to enter the (remote) servername, but my employer has none (""
: in the log), and my ISP's servername varies (I've seen NLUDS0GV01, 50

I haven't done IDSN or MSCHAP just for the record.  It's also not quite
clear to me just what is happening from the description.  But perhaps
this will help anyway.

The ISP CHAP challenge contains the remote's name, and when either that
name or a `*' is in the second secrets field that is sufficient to allow
the CHAP response to be generated.  The remotename option is not needed.

The MSCHAP challenge, at least from a NT, doesn't have the remote's name,
just a "" as you noticed.  In this case you do need to use the remotename
option but you get to choose whatever you want for name - as long as it
is also the name in the second field of the secrets file.

Logically what you have should work if you choose a name for the MSCHAP
call (work) and use it with the remotename option and in second secrets
field.  You'll also need to remove the remotename option for the CHAP call
(ISP) and keep the order of the secrets lines that you now have.

Maybe some guru will come along and enlighten us both when this fails. ;)

--
Clifford Kite <kite@inet%port.com>                    Not a guru. (tm)
/* To extract lines:  View file with "vi -R".  Move cursor to first line.
   Press "v".  Move cursor to mark lines (Esc unmarks).  Write lines to
   fubar with ":w fubar <Enter>".  Exit with ":q <Enter>". */

------------------------------


** FOR YOUR REFERENCE **

The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:

    Internet: [EMAIL PROTECTED]

You can send mail to the entire list (and comp.os.linux.networking) via:

    Internet: [EMAIL PROTECTED]

Linux may be obtained via one of these FTP sites:
    ftp.funet.fi                                pub/Linux
    tsx-11.mit.edu                              pub/linux
    sunsite.unc.edu                             pub/Linux

End of Linux-Networking Digest
******************************

Reply via email to