Linux-Setup Digest #677, Volume #19 Fri, 22 Sep 00 16:13:10 EDT
Contents:
Re: Viruses hazards? ("David ..")
SOLVED! (Re: Please help installing networked printer on RH6.2) (Carlos Moreno)
Re: Woops, I just blinded my box. (Scott Nolde)
Re: Console text capture (to review kernal compile error messages)? (flipper)
Linux having trouble with Athlon/Thunderdbird? (Carlos Moreno)
Re: New install of redhat 6.1 takes long time to boot ("David ..")
Making the Framebuffer work ("Todd Goyen")
Linux, Win2K, 2 hard drives, & MBR's ([EMAIL PROTECTED])
Re: Can't login! Yes, I was cracked. (/dev/null)
Re: No Idea why this lilo.conf works! (Bill Pringlemeir)
Re: SAME PROBLEM Re: Can't login! Was I cracked? ([EMAIL PROTECTED])
Re: FTP login problems (john)
Re: Implications ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: "David .." <[EMAIL PROTECTED]>
Subject: Re: Viruses hazards?
Date: Fri, 22 Sep 2000 14:13:46 -0500
Colin Watson wrote:
>
> ziman <[EMAIL PROTECTED]> wrote:
> >on my home PC and I'd like to know if there are any viruses or hacking
> >hazards that I should take precaution against? Is there any anti virus
> >software that I should use?
Also be sure to install any of the updates for programs you have
installed from the redhat eratta page available here.
http://www.redhat.com/support/errata/
--
Confucius say: He who play in root, eventually kill tree.
Registered with the Linux Counter. http://counter.li.org
ID # 123538
------------------------------
From: Carlos Moreno <[EMAIL PROTECTED]>
Subject: SOLVED! (Re: Please help installing networked printer on RH6.2)
Date: Fri, 22 Sep 2000 15:19:22 -0400
Got it working! Turns out I was missing the file /etc/hosts.lpd
in the machine hosting the printer!
Sorry about a long, twisted, and unreadable previous message! :-)
Carlos
--
------------------------------
From: Scott Nolde <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.security
Subject: Re: Woops, I just blinded my box.
Date: Fri, 22 Sep 2000 19:15:05 GMT
I consider it a good thing that my linux box doesn't reply to pings. It
really cuts down on unwanted connection attempts.
- Scott
[EMAIL PROTECTED] wrote:
>
> Second thing, I get to work and try to ping the box, no response at all.
> COuld I have done something to my box myself that causes it not to
> answer pings? Or is it just a stunning coincidence that right at the
> same time, my DSL provider has crapped out on me? Or, worst of all, did
> my cracker wander back, see my box back up, and decide to take me out
> again? (This morning I hoped to telnet out of my box and then back in
> to test my connectivity, but with DNS not working I couldn't).
--
Never do Windows again with | Scott M. Nolde
Linux! No streaks, haze or | [EMAIL PROTECTED]
glaze! |
3:10pm up 2 min, 1 user, load average: 1.54, 0.61, 0.22
------------------------------
From: flipper <[EMAIL PROTECTED]>
Subject: Re: Console text capture (to review kernal compile error messages)?
Date: Fri, 22 Sep 2000 15:17:25 -0400
"Phillip J. Allen" a �crit :
> Hi all,
>
> I have been trying unsucessfully to recompile my kernal. After I run
> "make mrproper", "make xconfig", "make dep", "make clean" then "make
> bzImage" it runs throught all the various makes and after about 2-3
> minutes end with an error 127 and error 2. I would like to submit this
> error message to the group in a request for help. But how do I copy
> this console message to a text file so I can review and copy off to a
> message?
>
> Is there a screen text log file?
You're using bad parameters
cd /usr/src/linux
make xconfig ( and configure your kernel)
make dep
make clean (not mrproper, your config will be delete)
make bzImage
make modules
make modules_install
------------------------------
From: Carlos Moreno <[EMAIL PROTECTED]>
Subject: Linux having trouble with Athlon/Thunderdbird?
Date: Fri, 22 Sep 2000 15:24:26 -0400
Please tell me that this is just another stupid
propaganda/rumour!
I heard from a friend of mine that I always thought
was knowledgeable in Linux, that the Athlon CPU does
not work properly with Linux? (well, Linux doesn't
work properly with the Athlon).
I really fail to see how this is possible. But hey,
I've learned to "never say never", so I thought I'd
ask here... I'm really hoping that you will confirm
that it is just a stupid rumour... Because I really
don't want to go the Intel way... And DEFINITELY,
once I upgrade my hardware to an Athlon, I **really**
don't want to go the Windows way!!! :-)
Thanks for any comments!
Carlos
--
------------------------------
From: "David .." <[EMAIL PROTECTED]>
Subject: Re: New install of redhat 6.1 takes long time to boot
Date: Fri, 22 Sep 2000 14:25:41 -0500
[EMAIL PROTECTED] wrote:
>
> New install of redhat 6.1 takes long time to boot
>
> I installed 6.1 on a new computer but I did a full install and the boot
> time takes to long. How can I tell linux which servers to start at
> boot time??
/usr/sbin/setup
Remove asterisk next to services that you don't want to start at boot
time.
Save and exit.
--
Confucius say: He who play in root, eventually kill tree.
Registered with the Linux Counter. http://counter.li.org
ID # 123538
------------------------------
From: "Todd Goyen" <[EMAIL PROTECTED]>
Subject: Making the Framebuffer work
Date: Fri, 22 Sep 2000 14:16:11 -0500
Help i have had no luck
I am running Slackware 7.1 X 4.0.1
i have an Asus v7700 Gefore 2 video card
and i have frame buffer compilied into the kernel
but i get nothing
the system is dualboot with loadlin loading linux
if i give it a vga=ask line i only get standard console options
whenever i start x or another program that needs the frame buffer i get
"can't open /dev/fb0"
but it is there
what could be wrong?
Todd Goyen
------------------------------
From: [EMAIL PROTECTED]
Subject: Linux, Win2K, 2 hard drives, & MBR's
Date: Fri, 22 Sep 2000 19:20:19 GMT
Linux, Win2K, 2 hard drives, & MBR's
I know how to install Windows 2000, Windows 98 SE, and Linux on the
same hard drive with multiple partitions. Install Win98SE first, then
Win2K; NT Loader will install in the MBR (master boot record) and take
care of Win98SE. Then install Linux, but place LILO in the first
sector of the Linux boot partition. Then use BootPart to add Linux
partition in the NT Loader boot menu. Relatively simple.
However, what do you do if there are two hard drives? Doesn't each
hard drive have its own MBR? Where does NT Loader go? Where does LILO
go? If NT Loader is in the MBR of the first hard drive, and LILO is in
the secord hard drive, what happens? Should I place LILO in the first
sector of the Linux boot partition? Then what goes in the MBR of the
secord hard drive? Etc., etc., ...
Thank you.
-
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: /dev/null <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.security
Subject: Re: Can't login! Yes, I was cracked.
Date: Fri, 22 Sep 2000 15:30:17 -0400
[EMAIL PROTECTED] wrote:
>
> Ok, got myself logged in single user and quickly discovered that
> /bin/login had changed during the day! I guess that tells me something.
> Also ps, sc, and wuftpd. .bash_history had been redirected to
> /dev/null, and /var/log/messages was missing most of the day.
>
> My next question is, is there someplace I can do to either read about
> this or report it? I'd like to discover exactly what happened to me
> (i.e. was somebody using a known rootkit?) and how to protect against
> it.
>
> Thanks for the help!
>
> Duane
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
You are getting good responses here. I will add my 2 cents. This one
is not a professional, unless you happened upon him WHILE he was
working, even then it is unlikely. He knows enough to redirect
.bash_history so that he doesn't leave that. He may have left a lot of
other tracks. He is not a third or fourth level cracker because they
will not change the root password, unless you get them into a bind and
they have to so they don't loose the box. This one is a talented show
off. There is a real possibility that you might be able to track him
back to the network he came from and atleast inform that nets admin.
Now I am going to break with tradition here. Imaging the disk, yes do
that. Taking the machine off line is not always the best thing to do.
If you can show that $5000.00 damages have been done, the Fed has NO
OPTION. They have to investigate. The trick is in demonstrating that
the damage to your os (which would include the install, reinstall,
security prep time) and the other intangibles are actually worth
$5000.00. Be creative, but be honest. If you have customers and are
down there is a cost. If you have to use the system for work and can't
that is a cost. If you lost data, that is a BIG cost. You get the
idea.
Once you get them in your door, you give them the keys to the system and
GET OUT OF THEIR WAY. There is a chance the consultant they hire won't
be a moron. Slight perhaps, but a chance. He will try to catch the
fellow while he is in the box. It is a choice you have to make and not
an easy one because the reinstall and try to make the system tighter
paradigm works most of the time. In this case it will work. He changed
root. He left all sorts of tracks. Still, there is something sweet
about knowing you have a surprise brewing for him. You decide.
Just remember this, I once had a consultant tell me that it was not
possible to forge console activity by recompiling the kernel. That one
works now for NASA as a network security person and the people who were
paying him were real impressed with him. I wasn't, still ain't. Though
I am not as sure as I once was that the person that was doing it wasn't
actually on the console. Ah, well, live and learn, I guess. That's why
I said, get out of their way, if you get their help.
-m-
--
If children don't know why their grandparents did what they
did, shall those children know what is worth preserving and what
should change?
http://www.cryptography.org/getpgp.htm
------------------------------
Subject: Re: No Idea why this lilo.conf works!
From: Bill Pringlemeir <[EMAIL PROTECTED]>
Date: Fri, 22 Sep 2000 19:46:06 GMT
I was very confused by this concept as well. It might do well to
explain what lilo is doing when you run it in the documents. I had
looks at the LILO mini faq, info and man pages for lilo and lilo.conf
and the /usr/doc/lilo-xxxx/ pages. I still didn't understand how I
was suppose to tell lilo where the boot files were.
The revelation finally came to me that the lilo program using the
active linux file system to look up the sector where the kernel is
stored. It then stores the sector information in the lilo code which
resides in the the boot sector (of a partition) or the master boot
record of the partition table itself. This means that moving stuff
around on the /boot partition could theoretically screw up the boot
process. You should always do an `lilo' after manipulating files
here. There are explanations of what `LI' and `LIL-' etc mean when a
boot fails. These are in /usr/doc/lilo-xxx/doc/tech.dvi (I believe).
This is what I think Bill is trying to say. `boot=/dev/hda' is the
MBR and `boot=/dev/hda1' is in the boot sector of the first partition.
I had trouble getting my system to work because I wanted to do
something fairly bizarre. My current linux /boot and / (root) are on
a removeable hard drive. I move this hard drive around to different
machines and it can't be the /hda device. Anyways, I hope that helps
a little.
The 1024 cylinder limit is where the boot files must reside in order
that the BIOS calls can access them. You can actually have one big
partition, but then there is no guarantee that the /boot directory
will remain in the first part of the drive... or at least that is how
I understand the story at this moment. I think the lilo code should
say something better than 1024 cylinder limit. It could look at the
disk geometry and determine what the maximum size for a boot partition
was and say something to this effect. Like "The maximum boot
partition is 1.4 GB for this hard drive". That might be more
friendly.
fwiw,
Bill
>>>>> "Bill" == Bill Unruh <[EMAIL PROTECTED]> writes:
Bill> boot= tells it where to put the bootup little program, not
Bill> where the kernel is located. Thus the first time you put it
Bill> onto the partition. You must also have installed it into
Bill> /dev/hda as well. When you rewrote your system, things got
Bill> moved slightly and suddenly the boot loader in the MBR could
Bill> not find your system.
Bill> /dev/hda means put the boot up stuff into the MBR. hda1 says
Bill> something else will take care of booting up the system, and it
Bill> should look for the linux loader on hda1 partition ( needed to
Bill> for example uncompress the kernel.)
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.security
Subject: Re: SAME PROBLEM Re: Can't login! Was I cracked?
Date: Fri, 22 Sep 2000 19:44:02 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Kousik Nandy) wrote:
> I think your /bin/login program has been changed. And been
> replaced by a script which will give you the prompt, take
> the password, tell you login incorrect, and mail the
> username & password to someone. Also some other binaries
For the record, that seems to be what someone at least attempted to do
to me. However, I'm not sure it worked because login would crap out and
reset its prompt without ever asking for a password. that can't be all
that useful. And I did take the machine off the net as quickly as i
could, although that was about 5 hours after the breakin.
/bin/ps was also overwritten, so i wonder what was running in the
background that he didn't want me to see?
d
> might have been changed. Replace your /bin/login, also seek
> what others have been replaced by this kinda trojan horses.
>
> All the best,
> -Kousik.
>
> --
> __^__ __^__
> ( ___ )----------------------------------------( ___ )
> | / | KOUSIK NANDY kousik.n(a)analog.com | \ |
> | / | | \ |
> |_/_| #include <disclaimer.h> |_\_|
> (_____)----------------------------------------(_____)
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: john <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux.mandrake,alt.linux.redhat,alt.linux,comp.os.linux.help,comp.os.linux.misc,comp.os.linux.networking,comp.os.linux.security
Subject: Re: FTP login problems
Date: Fri, 22 Sep 2000 19:58:11 GMT
Mufasa wrote:
> I had ProFTPd working for a while for myself. When I added a user so my
> friend could join, it kept kicking him into the anonymous directory. I
> started messing with stuff to figure out why, because I could log in with my
> account just fine, but I messed something up. Now everytime anyone, user or
> anonymous, go to login they get refused and the logs say the user was not
> found. I think it has something to do with the auhtentication in Linux but
> don't know what. Any help?
>
> I'm using ProFTP. Here's my pam.d/ftp:
>
> #%PAM-1.0
> auth required /lib/security/pam_listfile.so item=user sense=deny
> file$
> auth required /lib/security/pam_pwdb.so shadow nullok
> auth required /lib/security/pam_shells.so
> account required /lib/security/pam_pwdb.so
> session required /lib/security/pam_pwdb.so
>
> My ftpusers only has "root" in it. I checked the file permissions and
> they're fine too. Any help? Thanks.
>
> --
> Mufasa
>
> [EMAIL PROTECTED]
Hummm.... Either you are protecting your layout or something is amiss in the
first line. Here is mine:
auth required /lib/security/pam_listfile.so item=user sense=deny
file=/etc/ftpusers onerr=succeed
Used as above if you are using ftpusers as a DENY file...
And I do not have this line present in my PAM ftp file:
auth required /lib/security/pam_shells.so
The rest is the same...
--
To send email: Send to John and remove '-the-hobit'.
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.advocacy,comp.os.linux.misc,comp.software.config-mgmt
Subject: Re: Implications
Date: Fri, 22 Sep 2000 19:53:57 GMT
In article <[EMAIL PROTECTED]>,
Andreas K�h�ri <[EMAIL PROTECTED]> wrote:
> In article <%0Iy5.12646$[EMAIL PROTECTED]>,
> paul snow <[EMAIL PROTECTED]> wrote:
> >Implications
> >========
> >
> >So suppose that you are required to come up with a model that
explains not
> >only what your software does (which various OO technologies do with
varying
> >success), but also where your software comes from.
>
> Your software comes from you.
I don't write every program I use, and I know I didn't write every
program he uses.
>
> >This requirement would
> >force you past the von Neumann model, where the program store P
defines the
> >execution environment E:
>
> I fail to see the connection to the von Neumann model.
> The program store does not define an execution environment.
Your machine is off. You turn it on. Something executes. What
defines that something?
>
> >
> > P --> E
> >
> >Non-trivial computer systems are constructed from a collection of
> >software, installed in some order.
>
> If you're not talking about microcode, cache protocols or the like,
> then I would say that this is nonsense. The complexity of a computer
> system does not depend on e.g. the operating system it runs.
Huh? I can't for the life of me figure out what he could possibly mean
here.
>
> >So in non-trivial computer systems, there always
> >exists some independent definition of P. Call this definition X.
> >
> > X --> P --> E
> >
> >Furthermore, X is not generally a single source. If X is a disk
image
> >applied to the hard drive (the P of a computer system), then X may
in fact
> >be a single source. But usually it isn't.
>
> (void)
>
> >
> >So X is made up of a set of components representing the number of
installs n
> >required to build up P in a given computer system.
> >
> > X = {X(1), X(2), X(3),...,X(n)}
> >
> >Our current software architectures do not model X. In fact, they
doesn't
> >tend to model installation and integration at all. IT spends 75
percent of
> >their money in this area, but it doesn't seem to be important enough
to
> >study.
>
> Eh, what's "software architecture"? I know that the hardware
> architecture does not model X (the software). That's because it's not
> its task.
X is the set of software that can be installed on a computer system.
P is the set of installed software in a computer system.
E is what you get when you turn your computer system on.
I get the impression that he didn't have a clue.
> >
> >With open software, modeling X is even more important, since the
various
> >components of X come from different sources, and in many different
releases
> >and versions. Understanding and modeling how this is done will lead
to
> >better solutions and mechanisms for software development and
distribution.
>
> Buggerit.
>
> Why do we want to model software?! Please, tell me! Oh, don't bother
> BTW, I just killfiled you anyway so I won't see your answer.
Everything we do is patterned around some model of the problem. That
is what math is, a model of the relationships between concepts. If you
can prove things about the real world using mathmatical models, you can
reach the moon.
My claim is that we have a big integration, development, and deployment
problem with software. And we do not have an appropriate model of the
problem. Why would we need such a model? Well, so we can make
progress, do things better, understand what and why we do what we do.
> >
> >Fun Implications
> >===========
> >
> >This math may remind some (those with a biological background) of
DNA. It
> >should. I would claim that all process based systems are forced
into this
> >model, by definition. X forms the DNA for a computer system. Genes
are the
> >components of DNA, much like some X(i) is a component of X.
> >
> >Thus there is a very literal genetic component to computer systems
because
> >both a living cell and a computer system are process based systems.
> >
> >The genetic nature of computer systems can not be circumvented.
> >
> >Really Fun Implications
> >===============
> >
> >So software is defined by the "genes" of a computer system, the
installation
> >medium. That means that a software package, like what I might buy
at a
> >computer store, represents genetic material.
>
> That is a valid picture of it, yes.
>
> >
> >The biological term for the exchange of genetic material is... sex.
>
> Ok.
>
> >
> >Adding software to my software library is a literal form of computer
sex.
>
> Whatever turns you on.
>
> >
> >So all along, our computers have been using us to spread their
genetic
> >material, like bees.
>
> No. Computers are, by definition, unable to use anything. It has no
> free will and can not think. It can't plan or spread its software or
> write license agreements or produce new operating systems. A computer
> will do whatever you tell it to do. If you tell it to do whatever it
> wants to do, you must first tell it about the options it has. It's an
> it. It will always be limited.
Nothing I wrote here claimed otherwise. I am just about to say the
same thing...
>
> >
> >We are also their agents for developing new genetic material, and we
are the
> >environmental agents that supply the developmental pressures that
drive some
> >genetic material to extinction, while other material (like Linux
perhaps?)
> >flourishes.
>
> Nope.
I think I just said what he said previously. Okay, I left out the
phrase "agents of change that respond to those pressures". But if he
had not been so disoriented by a new idea, he could have picked up the
spirit there.
> >
> >And most of the alternatives to Linux require people pay for their
> >software...
> >
> >
> >Paul Snow
> >[EMAIL PROTECTED]
> >
> >
>
> Intresting views, but really off topic.
>
> *plonk*, sir.
>
> What a strange person...
Thanks.
>
> /A
>
> --
> Andreas K�h�ri, <URL:http://hello.to/andkaha/>. Junk mail, no.
> ----------------------------------------------------------------------
--
> What part of "GNU" did you not understand? <URL:http://www.gnu.org/>
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.setup) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Setup Digest
******************************
