Linux-Networking Digest #309, Volume #12 Sat, 21 Aug 99 01:13:36 EDT
Contents:
Kingmax Kc 301A (Anthony Joseph Meizelis)
Re: Token Ring NIC not recognized ("Michael Harmsen")
Re: How can I connect to a printer that runs under Wind. NT Server? (David Wood)
Re: FTP and chroot ("YouDontKnowWho")
Re: Disallowing telnet access for one specific account (Dave Lugo)
VPN for Linux/Samba/X? (Ken)
Re: IP Masquerading and automatic disconnect (Dale Pontius)
Mandrake Networking trouble (Pat Mc)
PPP and default route ("Richard Miller")
Re: One Solution ISP Task: Windows NT or Linux? ("Andrey Smirnov")
Re: PPPD and Point-to-Point Compression? (Clifford Kite)
Re: 3com ISA cards and linux (Kaz Kylheku)
Re: DNS server won't start. (Stephen Torri)
Re: Disallowing telnet access for one specific account ("Luis Pinto")
a couple of questions (Ken R.)
SV: Win95 + Red Hat ISP ("Efraim Mostrom")
pppd server (dial in) (sbc)
NIS - Everything works but login ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: Anthony Joseph Meizelis <[EMAIL PROTECTED]>
Subject: Kingmax Kc 301A
Date: Fri, 20 Aug 1999 16:58:48 -0500
Does anybody know if this ethernet card works under linux?
The chips set is:
YCL
ISSI
Tamrrack
How would I set this up?
thanks!
============================================================================
Tony Meizelis [EMAIL PROTECTED]
Visit my web page at:
http://www.uiuc.edu/~ameizeli/
TOO BAD YOU CAN'T BUY a voodoo globe so that you could make the earth spin
real fast and freak everybody out.
-- Jack Handley, The New Mexican, 1988.
============================================================================
------------------------------
From: "Michael Harmsen" <[EMAIL PROTECTED]>
Crossposted-To: redhat.networking.general
Subject: Re: Token Ring NIC not recognized
Date: Sat, 21 Aug 1999 00:16:14 +0200
Adam M <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Someone Help!
OK. :)
[IBM Turbo 16/4 Token-Ring ISA problems]
Linux cannot see the Token-Ring card in Turbo mode - only in Auto16 mode.
You set this mode with the LANAID disks. Check these sites:
http://www.linuxtr.net/
http://www.eos.ncsu.edu/linux/LDP/HOWTO/mini/Token-Ring-2.html
--
Ciao, Michael Harmsen
- Back up my hard drive? How do I put it in reverse?
------------------------------
From: David Wood <[EMAIL PROTECTED]>
Subject: Re: How can I connect to a printer that runs under Wind. NT Server?
Date: 20 Aug 1999 15:27:49 PDT
Frank Bauer wrote:
> Hi
>
> thanks for replying of my other question. Now I have a new one....
>
> how can I connect from my Linux_Box (Suse 6.2, Kernel 2.2.10) to a printer
> that is connect and served by a Windows NT-Server?
> had nothing found in my documentation (only, how i can connect to a network
> printer under linux)
>
> Thanx in advance
>
> Frank)
You'll need Samba for this. The best combination I've found for doing this
(actually got it working once) was Samba 2 and the Redhat printing system
(Redhat Print Filters). The gist is that Samba knows how to talk to printers
in a Win32-style network, ghostscript knows how to generate instructions for a
number of windows-world printers, and the print filters know how to put it all
together in a package that will only take you hours or days, instead of weeks
or months, to configure. ;)
If it's at all possible for you to get these two packages installed, I'd
highly recommend it. The bottom line is that you get a printer control panel
that's aware of Samba, and when you say "Add printer" it asks you if you want
to add a windows-networked printer, and gives you a form to fill out. If
you've paid your samba/windows networking dues, this should be pretty easy,
and you'll be printing very successfully in minutes. (It only took me a few
days to get right.)
It can be done. Good luck!
--
David
------------------------------
From: "YouDontKnowWho" <[EMAIL PROTECTED]>
Subject: Re: FTP and chroot
Date: Sat, 21 Aug 1999 02:22:16 GMT
Which FTP server daemon is this for? The man pages for mine don't
have anything like this.
--
Principle of Minimum Access: "That which is not explicitly permitted
is denied."
ANNOUNCER: And now we return to our regularly scheduled, uncommonly
entertaining thread...
Jay Beattie wrote in message
<7rfv3.936$[EMAIL PROTECTED]>...
>edit your /etc/ftpaccess files and add the following lines.
>Also read man ftpaccess
>
>restricted-uid USERNAME
>guest-root /home/USERNAME
>
>
>Greg Breheny wrote:
>
>> The 'ftp' user on my RH52 system is setup so 'chroot' is issued to
stop
>> access to higher level directories.
>>
>> How can I set this up for another user, say 'jack'.
>>
>> Thanks
>>
>> Greg
>
------------------------------
From: Dave Lugo <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.security
Subject: Re: Disallowing telnet access for one specific account
Date: Fri, 20 Aug 1999 22:45:39 -0400
yan seiner wrote:
>
> Firewalls have no idea who the user is. They only know where a packet
> came from, which way it came in, and where it is heading.
>
> You could block a specific IP, but that user could come in on a
> different IP.
>
> Yan
>
> withheld wrote:
> >
> > how about using a firewall?/
> > Cornel Popescu <[EMAIL PROTECTED]> wrote in message
> > news:7p22do$grn$[EMAIL PROTECTED]...
> > > In article <[EMAIL PROTECTED]>,
> > > [EMAIL PROTECTED] (Robert Nichols) wrote:
> > > > In article <[EMAIL PROTECTED]>,
> > > > David <[EMAIL PROTECTED]> wrote:
> > > > :We have a linux machine that acts as a gateway with a DSL and an FTP
> > > > :server. There is ne specific account that only some folks have
> > > access
> > > > :to. This account is obviously a generic account but in order to have
> > > > :ftp access the shell has to be something such as bash. Due to the
> > > > :generic nature of the account and the fact that it has a shell, I
> > > would
> > > > :like to disable telnet access for just that one account without
> > > > :disabling telnet. Does anyone know how or if this is possible?
> > > >
> > > > Pick an innocuous program like /bin/true and use that as the account's
> > > > shell. Add /bin/true to the list of valid shells in /etc/shells to
> > > make
> > > > it acceptable to FTP. Anyone who logs into this account, either from
> > > a
> > > > terminal or via telnet, will just get logged right back out again when
> > > > /bin/true exits.
> > > How about using the following script as /bin/noshell:
> > > #!/bin/sh
> > > exec /usr/bin/passwd
> > > --------
> > > and add this to /etc/shells ? This would also allow them to telnet to
> > > that host enter their old pass and change it ...
> > >
> > >
> > >
> > > Sent via Deja.com http://www.deja.com/
> > > Share what you know. Learn what you don't.
On a RedHat 5.1 box I have, I use pam_access.so (or such)
I've got this in /etc/pam.d/login:
account required /lib/security/pam_access.so
And here are the comments in /etc/security/access.conf:
# Login access control table.
#
# When someone logs in, the table is scanned for the first entry that
# matches the (user, host) combination, or, in case of non-networked
# logins, the first entry that matches the (user, tty) combination. The
# permissions field of that table entry determines whether the login
will
# be accepted or refused.
#
# Format of the login access control table is three fields separated by
a
# ":" character:
#
# permission : users : origins
#
# The first field should be a "+" (access granted) or "-" (access
denied)
# character.
#
# The second field should be a list of one or more login names, group
# names, or ALL (always matches). A pattern of the form user@host is
# matched when the login name matches the "user" part, and when the
# "host" part matches the local machine name.
#
# The third field should be a list of one or more tty names (for
# non-networked logins), host names, domain names (begin with "."), host
# addresses, internet network numbers (end with "."), ALL (always
# matches) or LOCAL (matches any string that does not contain a "."
# character).
#
# If you run NIS you can use @netgroupname in host or user patterns;
this
# even works for @usergroup@@hostgroup patterns. Weird.
#
# The EXCEPT operator makes it possible to write very compact rules.
#
# The group file is searched only when a name does not match that of the
# logged-in user. Both the user's primary group is matched, as well as
# groups in which users are explicitly listed.
#
#
You can set things up to do exactly what you want.
--
========================================================
Dave Lugo [EMAIL PROTECTED] LC Unit #260 TINLC
Have you hugged your firewall today? No spam, thanks.
------------------------------
From: Ken <[EMAIL PROTECTED]>
Crossposted-To: comp.os.protocols.smb,comp.os.linux.x,comp.software.config-mgmt
Subject: VPN for Linux/Samba/X?
Date: Wed, 18 Aug 1999 18:42:37 -0700
I'd like to be able to make Samba shares available for telcommuters over
the Inet, mainly to get access to version control files. Is there any
kind of VPN available to run between a Win client and a Linux/Samba
server to protect this traffic?
Similarly, I have a situation where I want a telecommuter to run an X
server at home to communicate with a company CAD package on a Solaris
system, and security is paramount. Currently this is done by direct
dial-up to the company modem, which limits speeds to 56k. If the
telecommuter gets a DSL line or cable modem, are there any VPN-like
solutions to take advantage of the high-speed connection?
--
Ken
mailto:[EMAIL PROTECTED]
http://www.sewingwitch.com/ken/
http://www.215Now.com/
------------------------------
From: [EMAIL PROTECTED] (Dale Pontius)
Subject: Re: IP Masquerading and automatic disconnect
Date: Fri, 20 Aug 1999 22:24:15 -03-59
In article <Tjbv3.6031$[EMAIL PROTECTED]>,
"Martin Nilsson" <[EMAIL PROTECTED]> writes:
> I have installed IP Masquerading on my Linuxserver and I can now surf the
> net via my Windows 98 computer. But how do I do to get the connection to
> disconnect now when I don't have the ability to disconnect from Windows.
> Earlier I could dosconnect from my modemicon i systray. Is there any way to
> automatic disconnect when I close my browser och something?
>
Get the masqdialer package. You can search for it on freshmeat.
You start a masqdialer server on the machine that connects, and
use a masqdialer client on your Windows machine. (There are lots
of different clients for different platforms available.) From
your Windows machine you will be able to start and stop the
modem on the Linux server machine.
Dale Pontius
DEPontius AT usa DOT net
------------------------------
From: Pat Mc <[EMAIL PROTECTED]>
Subject: Mandrake Networking trouble
Date: Fri, 20 Aug 1999 22:54:10 -0400
New to the Linux community and trying to get Mandrake 5.3 communicating
on my home network. At this point I have 3 machines connected with cat5
to an OvisLink 8 port base10 hub. First box is win95 with an Acer ISA
NIC. I/P is 192.168.110.40 with a mask of 255.255.255.0. Second machine
is dual boot, win95 / Mandrake 5.3 with a Cabletron 2100 ISA NIC. I/P is
192.168.110.20 with a mask of 255.255.255.0. Third machine is Mandrake
5.3 only with a Cabletron 2100 ISA NIC. I/P is 192.168.110.10 with a
mask of 255.255.255.0.
Running win95 machines communication is fine, pinging and data transfer
is no problem. Linux is another issue. I can ping and Telnet locally (
using loopback or thier own I/P address ) but I can't connect to any
other box, win95 or Linux. The cards installed fine in the Linux
machines when I loaded the OS. All looks fine when the machines boot and
when running ifconfig.
At this point I'm at a loss. Is it hardware or software. What is my next
move.
Pat
------------------------------
From: "Richard Miller" <[EMAIL PROTECTED]>
Subject: PPP and default route
Date: Fri, 20 Aug 1999 22:02:19 -0500
I'm stuck! First I've read the PPP howto, the ISP connect howto, he
IP-masquerade howto, the route man pages, etc.. Yes I've RTFM'd. According
to the PPP howto when my modem connects (through minicom just now) it enters
PPP mode after I log in. My ISP uses dynamic IP addresses. The problem is
the howto states that ppp0 should become my default route. I show no
default route either before or after I make the PPP connection. route -n
shows one ppp0 route which is the server's IP address. ifconfig shows both
the server address and my dhcp assigned address. The problem is I do not
show my IP address as a default route. My box is on a small home network
and I do have a gateway defined between my normal network and the box I'm
connecting from. I have two nic cards in my server. My plan is to setup
the second box/network as a firewall once I get connected. IP forwarding is
enabled on both boxes (RedHat 5.2 kernel 2.0.36) IP masquerading is enabled
on both boxes and seems to work (all packets from my main network show up as
coming from the firewall side of the server). I cannot find anyplace where
I'm setting a default route and I don't know how to set one up ppp0 can
replace it.(if I'm reading the howto correctly).
Any advise will be greatly appreciated. I know this is not cool but if you
can please reply both to me directly and the group. My new server scrolls
this group off in about 24 hours and I may never see your reply too the
group. Richard
------------------------------
From: "Andrey Smirnov" <[EMAIL PROTECTED]>
Crossposted-To: redhat.config,redhat.servers.general
Subject: Re: One Solution ISP Task: Windows NT or Linux?
Date: Thu, 19 Aug 1999 23:34:07 -0700
Hello,
I think it's up to you which system you will implement. Whichever you are
more comfortable administering.
I think either OS (Linux & NT) will be able to accomplish what you are
looking for.
But either way, if you are concern about downtime, you should consider
installing a couple of servers and figure out the redundancy.
Good luck!
Dominik <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Say an ISP is looking for a one-computer solution. The computer will
handle
> Main website, user websites, DNS server, mail server (no newsgroups), and
> FTP server for users only --- no anonymous.
>
> Computer specifications:
> -------------------------
> Dual Intel Pentium II 450
> 1GB RAM
> WD 18GB UW-SCSI Harddrive
> 8MB AGP Video
> UW-SCSI CDROM
> 12GB Tape Backup
> 1.44 Floppy
> SB 16 PNP Sound
> Linksys 10/100 NIC
> Server Case (6-10 Fans)
>
>
> Network Bandwitdth:
> -------------------------
> 24/7 Full T3
>
>
>
> Should it be NT or Linux? Why?
> ------------------------------
> Consider the following:
>
> - Ease of maintence
> - Speed
> - Reliability
> - GUI?
> - Cost
> - Heat
> - Support
> - Ease of installation
> - Compatibility
> - Down-time situation
>
>
> This is a real situation. Any response will be appreciated. Thank you.
>
>
>
> ------------------ Posted via CNET Linux Help ------------------
> http://www.searchlinux.com
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: PPPD and Point-to-Point Compression?
Date: 20 Aug 1999 22:17:05 -0500
yongtao ([EMAIL PROTECTED]) wrote:
: After over a week of hard work, I finally made PPTP-Linux
: logon to the NT PPTP server. But only to find out that NT
: PPTP Server insists on using the so called "Microsoft Point-
: to-Point Compression" (MPPC), which my PPPD (version 2.3.9-
: 1) does not support. :(
: So I would really like to know:
: 1. Is there a version of PPPD that supports MPPC?
Not from the official pppd maintainer anyway.
: 2. If not, is there an implementation of MPPC available on
: Linux that I can "integrate" (with little coding) into PPPD?
MS-PPC requires a license from STAC Electronics. It's doubtful that
any GPLed software will implement it.
: 3. If not, is there a way to stop NT PPTP server from
: insisting on MPPC?
You can try the pppd option "noccp" but I've no idea whether NT will
accept that.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* For every credibility gap, there is a gullibility fill.
-- R. Clopton */
------------------------------
From: [EMAIL PROTECTED] (Kaz Kylheku)
Crossposted-To:
at.linux,aus.computers.linux,be.comp.os.linux,comp.os.linux,comp.os.linux.advocacy,comp.os.linux.development.system,comp.os.linux.hardware,comp.os.linux.misc
Subject: Re: 3com ISA cards and linux
Date: Sat, 21 Aug 1999 02:16:21 GMT
On Sat, 21 Aug 1999 02:19:56 +0200, Kalkas <[EMAIL PROTECTED]> wrote:
>However, it seems that it is not possible for me to use Linux, since I use
>cable modem with a 3com ISA card. More precisely, I use 3com EtherLink III
>ISA (3C509/3C509b) network interface card, and there are no drivers which
>will support my card in Linux.
Nonsense! This is a fairly old card that has been well supported for quite a
while. I have one in a 486 Linux box at work. Look for the file 3c509.o
in your drivers directory. If you don't have the compiled driver, then
configure your kernel and build the module.
------------------------------
From: Stephen Torri <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Re: DNS server won't start.
Date: Fri, 20 Aug 1999 23:32:48 -0400
I understand that reverse lookup is a valid approach. I'm hoping that I
can get the IP address without reverse lookup.
Stephen
Kevin Groeneveld wrote:
>
> As I mentioned in another post, I had the exact same problem. I had to
> set up reverse lookup for the IP number of the server.
>
> Kevin
>
> Stephen Torri wrote:
> >
> > I am trying to setup a basic DNS server for my home network. I want it
> > to handle the request for home computers and for finding IP addresses
> > for Internet requests (Http, ftp, etc.) I had the server running
> > yesterday but today it decides not to play (or I messed something). Here
> > is the message when I tried to find an IP address:
> >
> > *** Can't find server name for address 127.0.0.1: No response from
> > server
> > *** Can't find server name for address 10.0.0.6: No response from server
> > *** Default servers are not available
> >
> > Stephen
------------------------------
From: "Luis Pinto" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.security
Subject: Re: Disallowing telnet access for one specific account
Date: Fri, 20 Aug 1999 23:48:31 +0100
>In the ~home/.profile file, put 'exit' as the first line.
>
>--
>Principle of Minimum Access: "That which is not explicitly permitted
>is denied."
>
What's the use? They can log in by su'ing ...
Regards,
Luis Pinto
=======================================================================
http://student.dei.uc.pt/~lmpinto ICQ #15663369
=======================================================================
"Open source software - with no walls and fences, who needs Windows and
Gates?"
------------------------------
From: Ken R. <[EMAIL PROTECTED]>
Subject: a couple of questions
Date: Sat, 21 Aug 1999 04:14:45 GMT
I have a 3 meg HD with fat32 on it and would like to format it with
ext2, but fdisk (for linux) won't let me pick hdb? I tried mkfs, but
also I can't get it to work.
Also what is the best way to configure Linux to attach to a Netware
server.
Last, how do you set up a Linux client to access files on a linux
server?
Any help would really make thing go alot smoother.
Thanks in advance, Ken Redman
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Efraim Mostrom" <[EMAIL PROTECTED]>
Crossposted-To: linux.redhat.ppp
Subject: SV: Win95 + Red Hat ISP
Date: Sat, 21 Aug 1999 01:49:25 +0200
Andrew Winegar <[EMAIL PROTECTED]> skrev i
diskussionsgruppsmeddelandet:[EMAIL PROTECTED]
> I'm having real problems with my ext US robotics 56k getting ppp with
> inreach (orange county,CA) and am thinking of changing ISP
> Anyone know of a California ISP who support both OS without charging and
> arm and leg.
>
What problems. Please describe. If you want answers, please describe!
/Efraim
------------------------------
Date: Fri, 20 Aug 1999 16:35:56 -0700
From: sbc <[EMAIL PROTECTED]>
Subject: pppd server (dial in)
I have set up a modem attached to my linux box with pppd running.. When
I call in from a windows95 machine using dialup networking it connects
with the modem, but on the (client) windows95 machine I get only
gibberish in the post-dialup terminal window...Does anyone know why?
After a few lines of gibberish the modem hangs-up and the connection is
lost. I've read the serial-howto and pppd-howto and configured it
accordingly..
Simon Cowler
------------------------------
From: [EMAIL PROTECTED]
Subject: NIS - Everything works but login
Date: Sat, 21 Aug 1999 04:49:26 GMT
Hello.
I have installed the NIS software packages ypserv and ypbind on a server
and a client.
>From the client I can "ypcat passwd" and view the correct password
entries from the server. I can even change the entries on the server
and observe the changes using ypcat on the client. Also ypwhich returns
the name of the server correctly.
All this leads me to believe I have installed the software correctly.
However, when I try to log into the client as one of the users listed by
ypcat, the client tells me the "Login is incorrect." I am using
off-the-shelf RedHat 6.0, so I think login is using the correct
libraries.
I am trying to set up an eight workstation cluster for my new company.
I will gladly give you 100 shares of this company if you can help me
fix this problem.
Things I have looked at and which I also think are working are:
nsswitch.conf
hosts.allow
Thank you so much.
Brian
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
