Linux-Networking Digest #396, Volume #12 Sat, 28 Aug 99 17:13:36 EDT
Contents:
Re: no telnet from outside ("Ignacio Iturregui")
Re: VMware - wow! (Christopher Browne)
Re: Protecting multiple static IP w/ firewall (bill davidsen)
Re: EXIM on Redhat 6.0 ("abn")
Newbie question, ifconfig & ethernet (Catimini)
Where on earth is 'bing'? (Ramon F Herrera)
Re: ipfwadm and irc? should work but how? (JG)
Re: Secure Linux ("Jan Geertsma")
Re: Unreadable mail (Neoklis)
2 computers and internet ("Roeland")
Re: Port Scanner (Duncan Simpson)
What on earth is 'bing'? (Frank v Waveren)
Re: PPP problem: no route to host (W.G. Unruh)
Re: Cable Modem Performance Probelms ("Robert Lowry")
Re: "user@localhost unsafe .." says .forward. Why? (Frank v Waveren)
Re: too many TX packet errors (Roger)
Re: Sendmail: relaying denied ([EMAIL PROTECTED])
Re: RH 5.2 IP Masq Not Working ("Scott Simpson")
Re: Secure Linux (Clifford Kite)
----------------------------------------------------------------------------
From: "Ignacio Iturregui" <[EMAIL PROTECTED]>
Subject: Re: no telnet from outside
Date: Sat, 28 Aug 1999 17:30:31 GMT
How do you know what is the ip address from outside? It is 192.168.0.* from
inside, but from outside is a different one.
Robert <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> This is a repost because i simple can't solve the problem and i realy
> need help with this one!
>
> I have a problem regarding telnet. When i try to telnet from the outside
>
> world
> into my server I get a time out and that's it no login or access denied!
>
> Tough
> if I telnet from the inside it works fine!
> Here is my setup:
>
> 486 firewall with 2 nic's (eth0 and eth1)
> DHCPd with a cable modem on eth0 (out.side.ip.number)
> eth2 (192.168.0.1) is connected to a hub providing internet to my
> internal
> network
>
> Now when I telnet to the firewall's "out.side.ip.adress" from e.g.
> 192.168.0.4 no problem! Telnetting on the firewall machine to itself
> works fine to. Now when I try to telnet form "some.where.out.there" to
> my linuxbox I get a time out and nothing more, though ftp and http work
> fine from anywhere!! my /etc/host.allow says ALL:ALL
> and /etc/host.deny are empty!
> I fixed my ip chains to accept incomming! But I not know if i did it
> right since
> Telnet still doesn't work!
>
> Can somebody explain to me how I can configure my box so that I can
> telnet into it from anywhere on the planet?
>
> I tried fixing it for 4 days an gave up on it (shouldn't but no more
> time)
> I hope it is a simple fix :)
>
> Thanks!
>
>
>
------------------------------
From: [EMAIL PROTECTED] (Christopher Browne)
Crossposted-To: comp.os.linux.misc,comp.os.linux.setup
Subject: Re: VMware - wow!
Date: 28 Aug 1999 18:07:30 GMT
Reply-To: [EMAIL PROTECTED]
On 27 Aug 1999 15:23:07 -0400, Doug DeJulio <[EMAIL PROTECTED]> wrote:
>The part of this that's a shame is that it'd only take a few tweaks
>to IA32 to make virtualization really possible. I believe a non-Intel
>vendor (eg. AMD) could do those tweaks in a way that doesn't break
>compatability with any code that isn't aware of it, and build a truely
>virtualizable x86 box. But nobody appears to have done so.
It is indeed a shame.
Given that virtualization, it would become reasonable to *simply* host
OSes on top of themselves, which would make kernel hacking quite a lot
easier.
It would make it easier to build Rather Robust Systems...
It represents a rather different direction than what is typical these
days. These days, there is vast amounts of blathering about how we
need to have better support for threading.
The VM approach goes in the opposite direction; instead of having
fine-grained threading where you share as much as possible, you move
to having completely separate virtual machines, where in order to get
data between VMs, some Special Code needs to be invoked.
This would be pretty slick for building Rather Secure web servers; it
would in effect provide hardware support for having the firewall on
the same box as other servers.
A VM would be assigned to talk to the "port that goes to the outside
world;" it would do what immunization was necessary, and by the time
data got out of that VM to another VM, it would be made suitably safe.
You could "reboot the firewall" almost at will; it would obviously
have a bad effect on any connections that were open, but if those are
virtual network connections, they would be fairly cleanly handled by
the TCP/IP layer.
--
"No, you misunderstand. Microsoft asked some hackers how they could
make their system secure - the hackers replied "Turn it off.". So they
did." -- Anthony Ord
[EMAIL PROTECTED] <http://www.ntlug.org/~cbbrowne/lsf.html>
------------------------------
From: [EMAIL PROTECTED] (bill davidsen)
Crossposted-To: redhat.networking.general
Subject: Re: Protecting multiple static IP w/ firewall
Date: 27 Aug 1999 16:07:44 GMT
In article <[EMAIL PROTECTED]>, Ken <[EMAIL PROTECTED]> wrote:
| I have DSL installed with 6 Static IPs allocated (and 6 boxes). However,
| I want to protect the internal network, but not use NAT. How would one
| configure that? I hear that some commercial firewalls can do that, or at
| least make it look transparent enough.
Use a Linux firewall machine set up to pass inly the packets you need.
Don't try to be smart and block "the bad stuff," block everything and
then allow only that which you need to do the things you want.
--
bill davidsen <[EMAIL PROTECTED]> CTO, TMR Associates, Inc
The Internet is not the fountain of youth, but some days it feels like
the fountain of immaturity.
------------------------------
From: "abn" <[EMAIL PROTECTED]>
Subject: Re: EXIM on Redhat 6.0
Date: Sat, 28 Aug 1999 21:29:14 +0400
Hi, all!
no problems!
- get it: http://rufus.w3.org/linux/RPM/exim.html
wbr, abn
<[EMAIL PROTECTED]> wrote in message news:7q6jcj$t5m$[EMAIL PROTECTED]...
> can the exim package be used on redhat 6.0 system ?
>
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
------------------------------
From: Catimini <[EMAIL PROTECTED]>
Subject: Newbie question, ifconfig & ethernet
Date: Sat, 28 Aug 1999 14:09:31 +0200
Hi,
I'm all new with Linux networking; I use cable modem with cybercable, a
french company; Linux RedHat 5.0 and a SN3200 Nic ethernet device.
I tried: ifconfig eth0 212.198.64.38 up and it responded me:
SIOCSIFADDR: operation not allowed with this device ; 212.198.64.38 is
my own IP address
I've got my own IP address (a dynamic), the DNS one, the DHCP one, the
bridge one and the netmask.
How should I configure Linux to do networking.
Thanks for your help & best regards.
<Lionel T. [EMAIL PROTECTED]>
------------------------------
From: [EMAIL PROTECTED] (Ramon F Herrera)
Crossposted-To: comp.os.linux.misc,comp.protocols.tcp-ip
Subject: Where on earth is 'bing'?
Date: 28 Aug 1999 19:16:37 GMT
Does anyone know the fate of 'bing'?
I searched all over but most links lead to a web page with what
appears to be a message in French, telling me to go away.
There seems to be only an old version available (1.0.4) which
doesn't compile in the platforms I need (Solaris and Linux).
Any info will be most appreciated.
-Ramon F. Herrera
------------------------------
From: JG <[EMAIL PROTECTED]>
Subject: Re: ipfwadm and irc? should work but how?
Date: Sat, 28 Aug 1999 19:02:23 GMT
Got it..
I was trying to follow a HowTo too closely. I did look at
your rules and will use what I learned in what I have setup.
spin: v (slang); to spin one's wheels; to lockup one's computer
to the point that it is just spinning the harddrive.
Sorry I'll watch the local slang in my postings.
Scott Simpson wrote:
>
> JG <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]...
> > I've got diald and ipfwadm running on a 2.0.36 kernal.
> > I can use netscape just fine, but when I try to use
> > irc or pop3/smpt, the system just spins...
>
> I don't know what "spins" means, but you can try my rules at
> http://home.earthlink.net/~simpson3 if you wish.
------------------------------
From: "Jan Geertsma" <[EMAIL PROTECTED]>
Subject: Re: Secure Linux
Date: Sat, 28 Aug 1999 20:59:43 +0200
I think you are pretty paranoid, but your not the only one. if you have
valuable information on your system that machine shouldn't be on the
internet at all, or leave the security to an expert. you are connected via a
dialupconnection (t1p23.at-6462.netway.at) so are not a likely target. If
you want to be secure, don't offend people and keep a low profile. scan
yourself for open ports with a portscanner and minimize the amount of
running servers.
www.slinux.com tries to create a secure linux version
Jan "my computer doesn't need a condom" Geertsma
anonymous <[EMAIL PROTECTED]> wrote in message
news:01bef150$f03f23a0$171360c3@vereya75...
> Hi there,
>
> which possibilities does an intruder have to get into my computer
> when I'am in the inernet via ISP and how can I protect my system.
>
> Thanks in Advance.
------------------------------
From: Neoklis <[EMAIL PROTECTED]>
Subject: Re: Unreadable mail
Date: Sat, 28 Aug 1999 18:41:26 GMT
> Seems like you have pine-4.10 installed. That version generates a
> message in your mail file in which it says not to delete it. Look at
> /var/spool/mail/username or ~/username.
> When you delete this message it recreates it at least at the next
boot.
> I found this very annoying too and went back to pine-3.96.
> As to your dialing problem - I don't know about that, sorry.
>
> Rolf
>
Hi Rolf,
Thanks for the tip. I have eventually found in suse support that this
behaviour can be stopped by setting the quell-folder-internal-msg option
in the configuration. Then it is necessary to rm the message in
/var/spool/mail username and the problem clears.
--
Regards
Neoklis
My (ex-Acorn) RiscOS Homepage: http://www.arcsite.de/hp/neoklis
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Roeland" <[EMAIL PROTECTED]>
Crossposted-To:
comp.networks,comp.os.ms-windows.networking,comp.os.ms-windows.networking.misc,comp.os.ms-windows.networking.ras,comp.os.ms-windows.networking.tcp-ip,comp.os.ms-windows.networking.win95,comp.os.ms-windows.networking.windows
Subject: 2 computers and internet
Date: Sat, 28 Aug 1999 21:00:00 +0200
(sorry for the crosspost)
Hi, I have two computers, both has got one network card(E2000Cplus, RJ-45
port and BNC connector). The first computer has got a cable modem on the
TJ-45 port. Now I want the second computer to have internet via the cable
modem too, without any extra software like sygate. Also the second computer
runs Win98 and the first computer runs win98 and Linux(sometimes win98 and
another time linux).
The second computer want to read e-mail and surf over the internet.
CABLE MODEM
|
|
(1) \ / (2)
CCCCCCC CCCCCCC
C win98 C C win98 C
C linux C ----------------->C C
CCCCCCC CCCCCCC
Now my question is how to make this work without extra software. Someone
said to me that I had to install a second network card on the first
computer. Please can somebody tell me what the best thing is to do.
Thanx in advance,
Roeland Graat
------------------------------
From: [EMAIL PROTECTED] (Duncan Simpson)
Subject: Re: Port Scanner
Date: 27 Aug 1999 16:54:22 GMT
In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (Vlar Schreidlocke) writes:
>What's a good Linux based port scanner that will scan my other Windows
>98 computer on another dialup account to see what ports are active?
>Also, what is a good Windows 98 based port scanner that I can test my
>Linux box with. I am going to run my Linux (Red Hat 6.0) box as a
>firewall and gateway connected to a cablemodem and I want to test my
>vulnerability to hacking once I get everything setup. Hopefully the
>port scanners you suggest will be able to scan single addresses, so
>that I don't piss anybody else off.
I personally like nmap, which includes various sorts of sleath scan
too...and cute stuff like OS detection.
--
Duncan (-:
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."
------------------------------
From: [EMAIL PROTECTED] (Frank v Waveren)
Subject: What on earth is 'bing'?
Crossposted-To: comp.os.linux.misc,comp.protocols.tcp-ip
Date: Sat, 28 Aug 1999 20:51:26 GMT
Just out of curiosity...
In article <7q9cil$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Ramon F Herrera) writes:
>
> Does anyone know the fate of 'bing'?
>
> I searched all over but most links lead to a web page with what
> appears to be a message in French, telling me to go away.
>
> There seems to be only an old version available (1.0.4) which
> doesn't compile in the platforms I need (Solaris and Linux).
>
> Any info will be most appreciated.
>
> -Ramon F. Herrera
>
>
--
Frank v Waveren
[EMAIL PROTECTED]
ICQ# 10074100
------------------------------
From: [EMAIL PROTECTED] (W.G. Unruh)
Subject: Re: PPP problem: no route to host
Date: 27 Aug 99 17:29:56 GMT
[EMAIL PROTECTED] writes:
>I'm using RedHat 6.0 and I've got a problem with my PPP connection:
>I get connected to my ISP, name resolution works but hosts can't be
>reached.
...
>-----------------------------------------------------------------
>Kernel IP routing table
>Destination Gateway Genmask Flags Metric Ref Use
>Iface
>192.168.0.1 * 255.255.255.255 UH 0 0 0
>eth0
>195.5.64.133 * 255.255.255.255 UH 0 0 0
>ppp0
>192.168.0.0 * 255.255.255.0 U 0 0 0
>eth0
>127.0.0.0 * 255.0.0.0 U 0 0 0
>lo
>default 195.5.64.133 0.0.0.0 UG 0 0 0
>ppp0
>default 192.168.0.254 0.0.0.0 UG 0 0 0
>eth0
Get rid of the default route to the eth0.
eg run
route del default
before you run pppd (eg in rc.local)
NOte that you already have a route to the subnet 192.168.0.0 and you do
not need a default route for eth0. (pppd must have changed its default
action, since it used to be that pppd would refuse to set up a default
route if one already existed.)
------------------------------
From: "Robert Lowry" <[EMAIL PROTECTED]>
Subject: Re: Cable Modem Performance Probelms
Date: Sat, 28 Aug 1999 20:11:05 GMT
No DNS Lookup problems. from WIN95, I get a connection reset from host
message
after a while. The first part of most pages come across. On complex (large
amounts of
graphics etc), the transfer seems to die.
RWL
YouDontKnowWho <[EMAIL PROTECTED]> wrote in message
news:AYyx3.42631$[EMAIL PROTECTED]...
> Are the NICs set for half-duplex or full-duplex? They should be half.
> Also, do you suspect DNS lookup problems?
>
> --
> Principle of Minimum Access: "That which is not explicitly permitted
> is denied."
>
> ANNOUNCER: And now we return to our regularly scheduled, uncommonly
> entertaining thread...
>
> Rober Lowry wrote in message <935717452.63423603@news>...
> >Hi
> >
> >I have set up a Compaq 5133 as a firewall to the internet. All seems
> to work
> >but complex web pages and large ftp transfers fail. IFconfig shown
> numerous
> >collisions on the network card on the local network. A simple web
> page
> >displayed on a windoze box from the internet will display every time.
> >Retrieving mail from the pop sever works but is very slow.
> >
> >Any ideas where to look?
> >
> >Ifconfig Output
> >
> >eth0 Link encap:Ethernet HWaddr 00:80:5F:E3:81:CA
> > inet addr:24.3.xxx.xxx Bcast:24.3.xxx.255
> Mask:255.255.255.0
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> > RX packets:23324 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:11200 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:1 txqueuelen:100
> > Interrupt:10 Base address:0x1020
> >
> >eth1 Link encap:Ethernet HWaddr 00:A0:CC:30:9E:B2
> > inet addr:192.168.0.1 Bcast:192.168.0.255
> Mask:255.255.255.0
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> > RX packets:52793 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:49642 errors:20 dropped:0 overruns:0 carrier:20
> > collisions:13179 txqueuelen:100
> > Interrupt:9 Base address:0x1400
> >
> >lo Link encap:Local Loopback
> > inet addr:127.0.0.1 Mask:255.0.0.0
> > UP LOOPBACK RUNNING MTU:3924 Metric:1
> > RX packets:91 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:91 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:0
> >
> >
> >netstat -F
> >
> >Kernel IP routing table
> >Destination Gateway Genmask Flags Metric Ref
> Use Iface
> >24.3.xxx.xxx * 255.255.255.255 UH 0 0
> 0 eth0
> >192.168.0.1 * 255.255.255.255 UH 0 0
> 0 eth1
> >192.168.0.0 * 255.255.255.0 U 0 0
> 0 eth1
> >24.3.208.0 * 255.255.255.0 U 0 0
> 0 eth0
> >127.0.0.0 * 255.0.0.0 U 0 0
> 0 lo
> >default cr1-hfc4.etntwn 0.0.0.0 UG 0 0
> 0 eth0
> >
> >Ipchain -L
> >
> >Chain input (policy ACCEPT):
> >Chain forward (policy DENY):
> >target prot opt source destination
> ports
> >MASQ all ------ 192.168.0.0/24 anywhere
> n/a
> >Chain output (policy ACCEPT):
> >
> >
> >Any help would be appreciated.
> >
> >[EMAIL PROTECTED]
>
------------------------------
From: [EMAIL PROTECTED] (Frank v Waveren)
Subject: Re: "user@localhost unsafe .." says .forward. Why?
Date: Sat, 28 Aug 1999 20:50:19 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Doe) writes:
> IGNORE THIS POST. I'VE FIXED THE PROBLEM.
I'm glad for you, but a) Please don't shout and b) If you've solved your
own questions, why not post the answer here too? It's very little trouble, and
there's a good chance you're not the only one with the problem.
(BTW, lemme guess: Changed permissions to 0400 on .forward? :-).
> On 27 Aug 1999 22:10:06 -0500, John Doe <[EMAIL PROTECTED]> wrote:
>>I would like to set up procmail and put in the line
>> "|exec /usr/bin/procmail"
>>in ~/.forward file. This is the exact line from
>>promail man page. My mails are being bounced back
>>to the sender saying user@localhost is unsafe for sending
>>to a program.
>>
>>I have read procmailex man pages as well as two faqs on
>>the web but still no clue as to how to tell
>>paranoid .forward thing that everything is safe.
>>
>>Any help would be appreciated.
>>
>>Please cc to
>> [EMAIL PROTECTED]
>>
--
Frank v Waveren
[EMAIL PROTECTED]
ICQ# 10074100
------------------------------
From: [EMAIL PROTECTED] (Roger)
Subject: Re: too many TX packet errors
Date: Sat, 28 Aug 1999 19:33:36 GMT
On Thu, 26 Aug 1999 20:42:20 +0000, Xavier Garcia <[EMAIL PROTECTED]>
wrote:
>this is mine :
>
>eth1 Link encap:Ethernet HWaddr 52:54:4C:18:23:1E
> inet addr:192.168.1.254 Bcast:192.168.1.255 Mask:255.255.255.0
>
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:6163474 errors:0 dropped:0 overruns:0 frame:10918
> TX packets:8859759 errors:9548 dropped:0 overruns:0
>carrier:19058
> collisions:178756
> Interrupt:3 Base address:0x300
>
>so you don't fear, errors are common and the fucked packet are resent
>according to the IP protocol.
Turns out I put a different network card in (a clone NE2000 instead of
the Intel EtherExpress) and now things are flying along with 0 errors
over the past few days.
Roger
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Sendmail: relaying denied
Date: Sat, 28 Aug 1999 19:43:23 GMT
In article <[EMAIL PROTECTED]>,
"Marvin (Georg Ortmanns)" <[EMAIL PROTECTED]> wrote:
> Hi Folks!
>
> Sendmail, fetchmail, pop3d work fine on my S.u.S.E. 6.1.
>
> When I try to send from my WinNT box via sendmail on my Linux to an
outside eMail adress I receive
> "relaying denied".
>
> What am I missing in the sendmail.cf?
>
> Any help welcome.
>
> --
> Thank's in advance
>
> Georg Ortmanns (Marvin) eMail [EMAIL PROTECTED]
> To get my PGP key send mail with subject "Send PGP key"
>
Your linux box relays only it's domain and those listed in
/etc/relay-domains. This is your two computers don't have the same
domain. Linux will, by default accept mail FROM or TO it's domain if
sender domain is resolved. Try Mail from: [EMAIL PROTECTED] to
[EMAIL PROTECTED](.com :). Chances are it'll work. You may
also spesify feature=promiscuous_relay for sendmail.cf but it's not a
safe choice.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Scott Simpson" <[EMAIL PROTECTED]>
Subject: Re: RH 5.2 IP Masq Not Working
Date: Sat, 28 Aug 1999 12:30:58 -0700
Daniel Norton <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Daniel Norton wrote:
> >
> > Ok, I've reviewed the FAQs/HOWTOs and they basically say that my RH 5.2
> > should do IP masq out of the box, but -- you guessed it -- it's not
> > working.
See http://home.earthlink.net/~simpson3.
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: Secure Linux
Date: 28 Aug 1999 15:07:41 -0500
Jan Geertsma ([EMAIL PROTECTED]) wrote:
: I think you are pretty paranoid, but your not the only one. if you have
: valuable information on your system that machine shouldn't be on the
: internet at all, or leave the security to an expert. you are connected via a
: dialupconnection (t1p23.at-6462.netway.at) so are not a likely target. If
Hmm. I've had 11 attempts to access my box via ftp, telnet, pop3, and
finger in the last 13 months with a dial-up connection. Not counting
repeated attempts by the same bozo during any one session. Does that
qualify as "not a likely target?"
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
