Linux-Networking Digest #502, Volume #12 Tue, 7 Sep 99 21:13:41 EDT
Contents:
IP Alias Nightmare (Sydney Urshan)
Re: Netatalk on Mandrake (Rod Smith)
Re: pppd and earthlink :-( ("Igor S.")
Re: pppd and earthlink :-( ("Igor S.")
linux netlink device / TCP-header (Arne Voigtlaender)
Re: help!! connection reset by peer (SAMBA) (Roger)
RH6.0 Fail Detect PCnet-ISA AM79C960KC (Wingkuen Chung)
Re: ethernet card config-HELP! ("Michelle")
Re: Why is local mail being queued ? (M. Buchenrieder)
Complex conditional routing ("Todd Owen")
Simple routing problem ("Michelle")
Re: Fetchmail and Netscape (Joseph Tweed)
Re: SOHOware NIC Compatibility With Red Hat Linux 6.0 (Paul Lew)
How can I syncronize the date in my network? ([EMAIL PROTECTED])
Re: PPP Connect but can't ping. (Clifford Kite)
Re: Browsers and Linux (Dave Seyster)
Re: Basic ethernet setup ("kryliss")
Re: Can you send e-mail to an IP address? ("Tobias Knowles")
Linux and Virus Protection?? (Don Chorman)
Re: Linux terminates telnet/ftp connection? (Kenneth Stephen)
Re: Linux firewall issue (Mark Post)
IP forwarding ("John Roberts")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Sydney Urshan)
Subject: IP Alias Nightmare
Date: Tue, 07 Sep 1999 16:38:20 -0700
I read the "How-To" on IP aliasing. I'm wondering if someone can help me
with a problem I am having that it did not address.
I have a Class C with a Linux Router. Everything works fine connected to
the Internet with the WAN and LAN. I can ping, nslookup (sometimes),
etc. I start having problems when I alias my eth0 device to make virtual
domains which is on a different Class than my C. (eth0=63.193.x.x=single
IP WAN, Class C=63.194.x.x with LAN and VIPs in there.) I read on one of
the netconf help files that if you do not alias within the same class, you
need to do "additional special routing". I experimented for several days
with no avail. (I also RTFM'ed everything I could find!) Some of the
problems include the Router getting rewritten drastically (route trying to
compensate the network), an error "Bringing up route eth0, route: netmask
doesn't match route address" (still works though), nslookup, ping, and web
sites working intermittently, etc., and finally, nothing working until I
scale the router back down to the LAN/WAN basics with no virtual hosts.
Any guidance thrown my way would be greatly appreciated.
Sydney Urshan
Red Hat SSL 6.0
2.2.12 Kernel
Built with AppleTalk (problems happened without AT also)
2 Tulip Ethernet Cards (1 WAN, 1 LAN)
------------------------------
Reply-To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED] (Rod Smith)
Subject: Re: Netatalk on Mandrake
Date: Tue, 07 Sep 1999 23:31:17 GMT
[Posted and mailed]
In article <[EMAIL PROTECTED]>,
Steve Wilwerding <[EMAIL PROTECTED]> writes:
> For reasons I'd rather not go into here, I have to set my linux box up so
> that Macs can mount it on their desktops. I have found the program I need,
> netatalk, and I am wondering how difficult it is to install.
Not very, though it's not the best-documented program in the world, and
some versions of it give problems. If you find it's behaving strangely,
I'd suggest trying another RPM.
> Has anyone here installed Netatalk on a Mandrake server?
Yes.
> Do you have to
> re-compile the kernel, since it does not appear that Appletalk is loaded
> by default?
I don't know. I NEVER run default kernels any longer than I have to, so I
recompiled even before I ran Netatalk.
> Is a kernel re-compile necessary if I only use Apple Share and
> not Apple Talk?
You're using AppleTalk if you use Netatalk. Although the Netatalk+asun
package can use AppleTalk over TCP/IP, it's still AppleTalk. IIRC, it
does use DDP (Apple's equivalent to TCP/IP) for initial handshaking.
If you're stressed over the kernel recompile, I suggest you just set aside
a couple of hours, grab yourself a Linux book with a section on the topic,
and do it. It's not as hard as it seems at first, provided you're not
doing it under too much time stress.
--
Rod Smith
[EMAIL PROTECTED]
http://members.bellatlantic.net/~smithrod
Author of _Special Edition Using Corel WordPerfect 8 for Linux_, from Que
------------------------------
From: "Igor S." <[EMAIL PROTECTED]>
Subject: Re: pppd and earthlink :-(
Date: Tue, 7 Sep 1999 19:30:25 -0400
Thank you , ill try that ;-(( Hope it will make it work..
Gene Heskett <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Unrot13 this;
> Reply to: <[EMAIL PROTECTED]>
>
> Gene Heskett sends Greetings to Igor S.;
>
> IS> Hello. Im trying to make a connection from my linux box to well
> IS> known ISP - Earthlink ;-( But no matter what i tried wont work
>
> IS> Here is the pppd log. Please look at it . If you have working
> IS> scripts or could help me with this one i will really apreceate
> IS> it.. Thank you very much
> IS> !!!!
>
> IS> pppd -d -detach defaultroute /dev/ttyS1 57600 &> igor_log
>
> IS> Using interface ppp0
> IS> Connect: ppp0 <--> /dev/ttyS1
> IS> sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xb25b9af2>
> ^^^^ ^^^^^^^^^^^^^^
> You are in all probability never going to negotiate a working connection
> if you leave the software without any flow controls. Your ISP is asking
> for a negotiation that at least allows it to use the xon/xoff convention
> for flow control, but you have no escape mechanism set up.
>
> As a bare minimum, in the ppp options line that linuxconf will give you
> for ppp, enter "asyncmap 0x000a0000" without the quotes. This should
> get you going at least to the next step or problem as the case may be.
>
> Here, I have just found that while the 0x000a0000 setting escapes the
> xon (0x11) and xoff (0x13) characters, I get a lot less 'stalls' while
> browseing or downloading, if I also escape the 0x1d character by using
> 0x2000a0000 for that. This will probably be highly dependant on the
> ISP's confuration, and is often something that isn't adequately advised
> on, or even recorded by the ISP's techies making it difficult to arrive
> at an optimal setting for your ISP.
>
> I haven't looked in recent history, but there may even be some
> references to asyncmap settings in the manfile for ppp, type 'man ppp'
> in a shell, or possibly man pppd.
>
> [snip]
>
> Cheers, Gene
> --
> Gene Heskett, CET, UHK |Amiga A2k Zeus040 50 megs fast/2 megs chip
> Ch. Eng. @ WDTV-5 |A2091,GuruRom,1g Seagate,CDROM,Multiface
III
> |Buddha + 4 gig WDC drive, 525 meg tape
> |Stylus Pro, EnPrint, Picasso-II, 17" vga
> RC5-Moo! 690kkeys/sec isn't much, but it all helps
> email gene underscore heskett at iolinc dot net
> --
>
------------------------------
From: "Igor S." <[EMAIL PROTECTED]>
Subject: Re: pppd and earthlink :-(
Date: Tue, 7 Sep 1999 19:30:34 -0400
Thanx ;-))
Clifford Kite <kite@NoSpam.%�inetport.com> wrote in message
news:7r1tq2$[EMAIL PROTECTED]...
> Gene Heskett ([EMAIL PROTECTED]) wrote:
>
> : Here, I have just found that while the 0x000a0000 setting escapes the
> : xon (0x11) and xoff (0x13) characters, I get a lot less 'stalls' while
> : browseing or downloading, if I also escape the 0x1d character by using
> : 0x2000a0000 for that. This will probably be highly dependant on the
>
> You need one less zero for this: 0x200a0000 . Bitmaps are a pain. :)
>
> --
> Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
> /* Speak softly and carry a +6 two-handed sword. */
------------------------------
From: Arne Voigtlaender <[EMAIL PROTECTED]>
Subject: linux netlink device / TCP-header
Date: Tue, 07 Sep 1999 21:03:44 +0200
Reply-To: [EMAIL PROTECTED]
Hello everybody,
I have a question regarding the linux firewall. I need to know the
sequence number and ack-number of an incoming-tcp-packet that is being
denied. i havent found any documentation if that is possible with
netlink or netfilter. is there any way of doing it (without manipulating
the kernel by hand) and who has already done that? another question i
have is what all the numbers (in 2.0.x) after the destination-IP/port
are.
example:
Sep 6 23:04:15 darkstar kernel: IP fw-in deny eth1 TCP
128.128.128.128:2187 127.127.127.127:80 L=64 S=0x06 I=49180 F=0x0040
T=18
what is the S=, I= and F= ?
thanks for all your help!
regards,
Arne Voigtlaender
------------------------------
From: Roger <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.protocols.smb,de.comp.os.unix.linux.misc
Subject: Re: help!! connection reset by peer (SAMBA)
Date: Tue, 07 Sep 1999 18:16:40 -0500
Frank Bauer wrote:
>
> since update from Kernel 2.0.36 to 2.2.10 (Distr. SuSE) we've got big
> problems with getting disconnections from our samba server.
>
> the most important entry in smb.log: (I think so)
>
> [1999/09/06 09:30:59, 0] lib/util_sock.c:read_socket_data(507)
> read_socket_data: recv failure for 4. Error = Connection reset by peer
> [1999/09/06 09:30:59, 1] smbd/server.c:exit_server(406)
> Closing connections
> dead time = 30
I had the same problem....
Try setting the dead time to 0. Dead time will automatically disconnect
a samba connection after x minutes of inactivity, in your case 30..
Try that... :)
------------------------------
From: Wingkuen Chung <[EMAIL PROTECTED]>
Subject: RH6.0 Fail Detect PCnet-ISA AM79C960KC
Date: Wed, 08 Sep 1999 00:02:18 GMT
Hello,
RH6.0 seems to have problem with detecting my AMD PCnet-ISA.
During the installation phase, it was not able to probe the
existence of the hardware so I had to skip the configuration
of the LAN. After I got my PC up running, I found that it
fails at init_module with message as following:
lance.c: Module autoprobing not allowed. Append "io=0xNNN"
value(s).
Before the RH6.0, I was using RH5.0, of Linux version 2.0.32
and the PCnet-ISA AM79C960KC was detected and ran fine.
Can someone shed my some light on this or is there anyone out
there running into the similar problem with the hardware?
Should I give it a try to use the older version of lance.c
and build a new image in Linux 2.2.5-15?
Thank you.
Wingkuen Chung.
------------------------------
From: "Michelle" <[EMAIL PROTECTED]>
Subject: Re: ethernet card config-HELP!
Date: Tue, 7 Sep 1999 16:47:37 +0100
I had the same problem a few weeks ago with the same driver. I think what I
found was that the card (PCI, I assume) was not even being detected by the
bios. check the contents of /proc/pci ('cat /proc/pci | more') and see if
your NIC is being detected. You can also check at boot time, but the
message might scroll by too fast. I think I just had to reseat the card and
then it worked. After that the module stuff worked properly. I was also
using RH6. YMMV. good luck!
michelle
(remove '_' from email address to make it work)
Dan G. <[EMAIL PROTECTED]> wrote in message
news:usuyKLv9#GA.307@cpmsnbbsa05...
> I have RH6 and am trying to get my Linksys PCI Lancard II to work. I've
got
> "kerneld" running at startup, TULIP set as the module, and DHCP (or
> whatever) as the auto-config. It doesn't seem to work. Here's what I get
at
> startup
>
> ...
> Kerneld: starting kerneld succeeded
> network: bringing up interface lo succeeded
> ifup: delaying eth0 initialization
> network: bringing up interface eth0 failed
> ...
>
> and on shutdown:
>
> ...
> ifdown: Operation failed
> ifdown: eth0: unknown interface: no such device
> network: shutting down interface eth0 succeeded
> ...
>
> When I list the modules running after logging in, TULIP is not there. When
I
> try to load the eth0 manually ( modprobe eth0) it says that it is busy,
> unavailable, or something like that. Any suggestions? Thanks.
>
>
------------------------------
From: [EMAIL PROTECTED] (M. Buchenrieder)
Subject: Re: Why is local mail being queued ?
Date: Tue, 7 Sep 1999 11:52:10 GMT
Quet Kim Yong Teck <[EMAIL PROTECTED]> writes:
>Hi all,
>It's getting better but not working properly yet. I have a linux box
>RedHat6.0 connected to a Lan.
>I'm trying to set up an internal mail server and eventually with
>internet mail ! . Now the problem is that any user on any PC if they
>send mail to a user using the ip address, the mail is queued.
I fail to understand why anyone would prefer this kludge.
Nevermind, though.
>If I use
>the full host name of the mail server everything works fine
>Below is part of /var/log/mailog
>.sendmail[530]: OAA00530: from=<[EMAIL PROTECTED]>, size=336, class=0,
>pri=30336, nrcpts=1,
>msgid=<[EMAIL PROTECTED]>, proto=ESMTP,
>relay=pc41.ensignlab.com.au [192.168.1.41]
This will not work due to the fact that you don't provide a DNS server
locally that would provide sendmail with the needed response
(reverse-lookup). Having the hosts in /etc/hosts is not sufficient
in this case.
Run a cacheing nameserver.
[...]
Michael
--
Michael Buchenrieder * [EMAIL PROTECTED] * http://www.muc.de/~mibu
Lumber Cartel Unit #456 (TINLC) & Official Netscum
Note: If you want me to send you email, don't munge your address.
------------------------------
From: "Todd Owen" <[EMAIL PROTECTED]>
Crossposted-To: openbsd.misc,comp.unix.bsd.openbsd.misc,comp.unix.bsd.misc
Subject: Complex conditional routing
Date: Tue, 7 Sep 1999 15:42:53 -0400
I have the following network and firewall scenario:
Firewall A Connection: Reliable 128k ISDN line from ISP with 16 static IP
addresses 200.200.200.x
Firewall B Connection: Somewhat reliable 500k cable modem with 1 dynamic IP
24.24.24.x
How do I do the following (client and firewall setup needed):
I want all traffic going out of the network to flow over B, unless B is
down, then route all traffic out A, also back to B when it's alive again.
(Possibly a cron job pinging B to determine status, then modifying dynamic
route accordingly).
I also want all incoming traffic to come from A (web access with static
IPs), except for two of the sixteen hosts, which should be B both ways all
the time. (I guess they shouldn't have a static IP and should use B as a
masq firewall all the time, except when its down?).
I also want a host outside of the network to access one of the 16 static IPs
through the B firewall. (Should I use port forwarding on firewall B?).
--Todd Owen
------------------------------
From: "Michelle" <[EMAIL PROTECTED]>
Subject: Simple routing problem
Date: Tue, 7 Sep 1999 17:09:20 +0100
Hi, I'm trying to get what is probably a simple routing problem figured out,
but it's confusing since I'm trying to use RH6's netcfg program for
consistency.
I have RH6 (call this hostRH) with 3 NICs:
eth0 is my private LAN and it goes to a WinNT machine (call this hostNT) and
gives it dhcpd information.
eth1 is my private LAN and it goes to 2 Win'95 machines (call these host951,
host952) (via hub) also with dhcpd.
eth2 is my DSL modem and it receives dhcp info from ISP.
So far, I can ping from one subnet to the other, including the linux server
with ip addresses. However, I'm not sure how to set it up so all the
machines can ping each other via hostname alone, since the dhcp can change
the addresses of any of its client machines.
So far, I've put a 'hostRH 192.168.1.1' and 'hostRH 192.168.2.1' in the
Windows' HOSTS files, and that seems to work when pinging into the server
only from the client machines. But no other pinging direction works.
So these are my goals:
1. access(ping) any machine from any other machine using the most
centralized control approach (as much as possible should be done via the
dhcpd on the linux machine, including hostname assignment using network
hardware address, if possible) and as little local configuration as
possible.
2. Define all private networks domain as schwager.net (a little ego ain't
that bad!)
3. Mount remote windows drives on windows machines using only tcpip and
whatever MS services are required, calling the remote machine by hostname
only. Currently, it doesn't even work with ip address in the dialog box.
4. Get SMB to work so I can mount the linux drive on the windows machines.
I'm not interested in mounting the windows drives on the linux machines.
SMBD is loading at startup, but no machines appear in network neighborhood.
5. Do this all from netcfg, if possible (except dhcpd configuration, of
course).
thanks for any/all input
michelle
(remove '_' from email to make it work)
------------------------------
From: Joseph Tweed <[EMAIL PROTECTED]>
Subject: Re: Fetchmail and Netscape
Date: Tue, 07 Sep 1999 21:48:30 +0200
[EMAIL PROTECTED] wrote:
>
> I have Fetchmail working okay. It's the easy part obviously. One
> question regarding it is "where" does it store messages ?
>
At the location specified in your $HOME/.fetchmailrc. See below.
>
> Netscape is the one being the pain in the butt. I have
> chosen "Movemail", external app being "fetchmail" as the mail server
> type. Back to my question above, where do I point as my local mail
> location ? Also, back to the incoming mail setup, what user name do I
> use ? My username on my Linux box or my username for my ISP (that's
> what fetchmail uses).
>
Your $HOME/.fetchmailrc should contain lines to the effect of:
poll <isp_pop_server> with proto POP3
user "<isp_username>" there with password "<isp_password>" is
<local_username> here options fetchall warnings 3600
------------------------------
From: [EMAIL PROTECTED] (Paul Lew)
Subject: Re: SOHOware NIC Compatibility With Red Hat Linux 6.0
Reply-To: [EMAIL PROTECTED]
Date: Tue, 07 Sep 1999 23:51:37 GMT
I've "sort of" got the "standard" driver working, at least
it was recogniced by SuSE ver. 6.1 and has the 2.2.7 kernel
loaded; the tulip driver is ver 0.90 which is the same
version as NDC's. Did not see any notes of modification by
NDC on their code.
My "only problem" with the SOHO nic was that it ran faster(?)
than my just broken Netgear and so became eth0 and not what
I thought eth1.
The next problem is with the DHClient from SuSE which just
shuts down the nic !!!! and so no internet connection since
I need a DHCP connection to my ISP.
Y. T. Chow <[EMAIL PROTECTED]> wrote:
>This is a multi-part message in MIME format.
>
>------=_NextPart_000_0008_01BEF8C4.8780DB80
>Content-Type: text/plain;
> charset="iso-8859-1"
>Content-Transfer-Encoding: quoted-printable
>
>I've been trying to get Red Hat Linux 6.0 to recognize my SOHOware NICs. =
> The manufacturer -- NDC -- posted a fix that included their version of =
>the tulip.c driver that needs to be compiled into the Linux kernel. =
>Haven't been able to compile their tulip.c file to create a tulip.o file =
>(getting lots of error messages when I run the gcc command).
>
>Does anyone out there have these NICs and have you been able to get them =
>to run under Red Hat Linux 6.0? If so, how? Thanks.
>
------------------------------
From: [EMAIL PROTECTED]
Subject: How can I syncronize the date in my network?
Date: Tue, 07 Sep 1999 23:58:58 GMT
I have a private network (192.168.0.*) where I'm sharing files via
NFS. Sometimes the client box has a different date than the server so,
when you want to compile a .c file, the compiler says that the file has
been modified in the future. I figure out that I can fix the problem
using NTP, but I didn't find any documentation about the installation.
I've tried installing the xntpd in RedHat 6.0 box and running rdate
from a client, but it said Connection Denied. I don't know if this is
the best way to do that, and what do I do wrong. If you have any hint,
please let me know.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Crossposted-To: linux.redhat.ppp
Subject: Re: PPP Connect but can't ping.
Date: 7 Sep 1999 15:36:29 -0500
Koorosh Zaerpoor ([EMAIL PROTECTED]) wrote:
> Sep 6 20:22:16 gallifrey pppd[2520]: rcvd [Compressed data] 00 01 52 04
> 69 64 34 01 ...
> Sep 6 20:22:16 gallifrey pppd[2520]: sent [CCP ResetReq id=0x2]
> Sep 6 20:22:16 gallifrey kernel: ppp0: decomp err -1
> Sep 6 20:22:16 gallifrey pppd[2520]: rcvd [CCP ResetAck id=0x2]
> Sep 6 20:22:18 gallifrey pppd[2520]: rcvd [Compressed data] 00 01 52 04
> 6b 5c 03 d6 ...
> Sep 6 20:22:18 gallifrey pppd[2520]: sent [CCP ResetReq id=0x3]
> Sep 6 20:22:18 gallifrey pppd[2520]: rcvd [CCP ResetAck id=0x3]
I hate to say it but this looks like a bug in one or the other pppd's
CCP implementation. The CCP negotiation seemed to complete normally
and there shouldn't be decompression errors.
My guess is that this is your problem. You can add noccp to the pppd
option to eliminate any CCP compression and if you get a successful PPP
connection then there's no doubt. You could also play with eliminating
the CCP deflate compression with nodeflate and see if bsd compression
works OK.
If I'm right then I'd appreciate conformation and permission to send
your original post to the pppd maintainer.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* 97.3% of all statistics are made up. */
------------------------------
From: [EMAIL PROTECTED] (Dave Seyster)
Crossposted-To: alt.os.linux,comp.os.linux.setup
Subject: Re: Browsers and Linux
Reply-To: [EMAIL PROTECTED]
Date: Tue, 07 Sep 1999 23:44:54 GMT
On Tue, 7 Sep 1999 08:30:01 +0200, Ernest <[EMAIL PROTECTED]> wrote:
(Lots of nonsense deleted)
>use. I like the top. I am still trying though find in the FAQ for this
>newsgroup where it says the top or the bottom. If it is not there I still
>think it pure arrogance to insist someone do it!!!
>
>Ernest Bessinger
It's not arrogant to ask someone to follow a certain convention,
especially when that convention makes reading and replying to Usenet
articles much simpler. Don't you read a page of text from top to bottom
and don't you ask questions and receive answers in chronological order?
Trust me, there's no surer sign of poorly written software than a
newsreader that insists on waylaying this convention and no surer sign
of someone who doesn't know what they're doing than someone who inserts
new text, such as a reply, before quoted text. If the shoe fits, etc., etc.
Dave Seyster
------------------------------
From: "kryliss" <kryliss_at_navix.net>
Subject: Re: Basic ethernet setup
Date: Tue, 7 Sep 1999 19:14:08 -0500
What you are going to need is a crossover cable, not just a plain ethernet
cable, this will work for just 2 computers. If you can't find anyplace that
has crossover cables then just get a cheap 4 or 5 port hub (Netgear, Linksys
makes these) You shouldn't have to worry about length of cable at home it's
somewhere between 80 and a 100 meters.
Bob Gamble <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I am going to want to setup my laptop with a new desktop, using the
> desktop as a master, and the laptop as a slave. I understand I can do
> this by putting a modem/ethernet card in the desktop, and an ethernet
> into the laptop pcmcia slot.
>
> What sort of cable do I use to run from one computer to the other and
> what is the max allowable length of this cable? Suggestions on what
> type of card(s) to use would be much appreciated also. I intend to be
> able to use this mini-network to access one printer and ISP from both
> computers. Thanks to anyone that can help me.
>
> Bob
>
------------------------------
From: "Tobias Knowles" <[EMAIL PROTECTED]>
Subject: Re: Can you send e-mail to an IP address?
Date: Tue, 7 Sep 1999 16:50:52 -0700
Exim allows it and works for me.
Tobias Knowles
Doug DeJulio wrote in message <7r3gr7$7f5$[EMAIL PROTECTED]>...
>In article <7qvu3r$h7o$[EMAIL PROTECTED]>,
>David Henry <[EMAIL PROTECTED]> wrote:
>> Does all this mean that an dotted quad IP address (which could fit the
>>above diagram) can be considered as a domain and therefore a legal e-mail
>>address.
>>
>>To confuse the picture, The post.office server on my SunOS accepts
>>name@IPaddress but
>>sendmail on Linux doesn't.
>
>You have just derived the real and true answer. Just to be clear,
>I'll restate it now.
>
>"It depends on what tools you use."
>
>--
>Doug DeJulio | mailto:[EMAIL PROTECTED]
>HKS, Incorporated | http://www.hks.net/~ddj/
------------------------------
From: Don Chorman <[EMAIL PROTECTED]>
Subject: Linux and Virus Protection??
Date: Tue, 07 Sep 1999 20:17:44 -0400
I recently installed RH 6.0, and I am concerned about virus protection.
I assume that is may be more difficult for a virus to write to any
record, unless it has permission. Since I have been using this system as
"root", I am concerned that this would be possible. I plan to create a
user with limited permissions, but then again, I am the only one who
uses this system, and it is tedious to have to log out when I need to
change settings. I see that there is a program called "tripwire", but it
only senses a change after the fact. Should I be concerned about this
matter, and what can I do to protect my system?
Thank you,
Don Chorman
------------------------------
From: Kenneth Stephen <[EMAIL PROTECTED]>
Subject: Re: Linux terminates telnet/ftp connection?
Date: Tue, 07 Sep 1999 15:11:22 -0500
Reply-To: [EMAIL PROTECTED]
Don Johnson wrote:
> RH 5.2. Ftp and telnet used to work just fine. Now telenet from NT, and
> same linux host, both return 'connection terminated by foreign host'.
> Can no longer connect using ftp from NT. Samba continues to work. Ping,
> echo, chargen, and discard work ok.
>
> Some time ago I tried to get the Exceed X client to work and I changed
> access rights config files, etc. I never got Exceed to work from NT. The
> problem is, I can't remember exactly which files I changed. From an
> access rights point of view, what config files should I take a look at?
> Any other suggestions? I have a strong networking background but I am
> just getting started with linux and linux administration.
>
> Thanks,
> Don
Don,
Take a look at the log messages that are produced when an ftp or a
telnet connection is refused by the server. The log files are stored in the
/var/log directory. You may have to experiment a bit to find out the right
log file that gets written to. I would start with /var/log/messages and any
log file that appears to have anything to do with security.
Once you tell us what the log messages say, then we will have more of a
clue as to what is the problem.
Regards,
Kenneth
------------------------------
From: [EMAIL PROTECTED] (Mark Post)
Subject: Re: Linux firewall issue
Date: Wed, 08 Sep 1999 00:00:23 GMT
On Tue, 07 Sep 1999 03:58:29 GMT, [EMAIL PROTECTED] (blackrose) wrote:
-snip-
>All of the machines behind the linux firewall (there are 3) are Wintel
>machines (I do a lot of graphics/audio work, etcetc) and have local
>IP's setup (192.168.1.1, etc). They are all working properly -
>masquerading is functioning nicely.
>I'm hoping some of you out there are experienced using IIS behind such
>a firewall and could point me in the right direction toward setting up
>such a system?
I can point you to a tool that will allow you to design your own...
http://rlz.ne.mediaone.net/linux/firewall/index.html
I used it, several other people have used it, and I think it's great.
Mark Post
To send me email, replace 'nospam' with 'home'.
------------------------------
From: "John Roberts" <[EMAIL PROTECTED]>
Subject: IP forwarding
Date: Tue, 07 Sep 1999 20:55:50 GMT
I'm trying to setup a Redhat Linux box (Redhat 5.2) as a gateway machine. I
have 2 ethernet cards installed, each configured with separate network
addresses. Much of the documentation on this subject I've read states that
this is easy, just configure both interfaces separately and give them their
respective IP addresses and off you go. Unfortunately its not working for
me.
I basically have 2 subnets: 192.168.0.0 and 192.168.1.0. I can ping out
from the gateway box to machines on either network. I can ping the gateway
box (either address) from any machine on either network. I cannot, however,
ping from a box on one subnet to a box on the other subnet. Have I
forgotten/screwed-up something or oversimplified this?
Below is the ifconfig -a and netstat -rn outputs from this box. Any
suggestions would be welcome at this point.
Thanks,
- John R.
[EMAIL PROTECTED]
IFCONIG -a:
lo Link encap:Local Loopback
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
RX packets:47 errors:0 dropped:0 overruns:0 frame:0
TX packets:47 errors:0 dropped:0 overruns:0 carrier:0
collisions:0
eth0 Link encap:Ethernet HWaddr 00:10:5A:C8:A0:0D
inet addr:192.168.0.95 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:562 errors:0 dropped:0 overruns:0 frame:0
TX packets:468 errors:0 dropped:0 overruns:0 carrier:0
collisions:0
Interrupt:11 Base address:0x1000
eth1 Link encap:Ethernet HWaddr 00:10:5A:C8:A0:19
inet addr:192.168.1.95 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:229 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0
Interrupt:3 Base address:0x1080
NETSTAT -rn:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt
Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 1500 0 0
eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 1500 0 0
eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 3584 0 0 lo
0.0.0.0 192.168.0.95 0.0.0.0 UG 1500 0 0
eth0
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
