Linux-Setup Digest #698, Volume #19 Mon, 25 Sep 00 21:13:08 EDT
Contents:
Re: [OT] Re: Implications ([EMAIL PROTECTED])
help on boot (Xuelei Chen)
Re: compilation of kernel and as86 ("David ..")
Re: Red Hat 6.2 security and stability? (Scott Schaefer)
Re: Red Hat 6.2 security and stability? (Mike Frisch)
Signal 7 Error (jbrown)
Re: Firewall Testing -- HELP!! ("David K. Means")
Another strange X (??) problem (David Lee Lambert)
Re: VPN client software (SCHeckler)
Re: eth0 Promiscious mode (Bravo)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.misc,comp.software.config-mgmt
Subject: Re: [OT] Re: Implications
Date: Mon, 25 Sep 2000 23:09:04 GMT
In article <8qodho$pi0$[EMAIL PROTECTED]>,
"D F" <[EMAIL PROTECTED]>
wrote:
> [EMAIL PROTECTED] wrote in message
> <8qo791$69i$[EMAIL PROTECTED]>...
>
> [snip with apologies]
>
> >Consider the asexual approach to configuring computer
> systems.
> >This would work if we had one definition, provided from one
> source.
> >That definition would provide for all the possibilities one
> might
> >encounter in building computer systems.
>
> Not necessarily _all_. See below.
> >To allow scaling from embedded systems to servers, this
> definition
> >would provide predefined configurations for each type of
> system.
>
> Obviously. If it's a definition, it presupposes that it
> needs to be predefined.
>
> >You know, this sounds quite a bit like Microsoft�s .Net
> idea. Except
> >that changes and distributions of features can�t be
> avoided, unless all
> >these distributions happen to be perfect. What are the
> odds of that?
>
> Well, this is a darn good analogy, even if it is slightly
> overstated. Let's carry it a bit further, though. There is a
> definite "cost" to sexual reproduction. It takes energy and
> time to locate a mate and to exchange genetic material.
> There are hosts of organisms, who live in relatively stable
> environments, that are entirely incapable of sexual
> reproduction. Many of them have existed for billions of
> years so they must be doing something right!
At the single cell level, you may be correct. Still, these organsims
use DNA as a configuration library, and expression and repression as
mechansims for handling changes in their environment. Independent of
where they got their DNA to begin with, they still depend on it. The
power of this mechanism is surely the reason we have no known organisms
that are not based on DNA. (Even RNA based viruses depend on DNA
defined organisms).
The reverse logic is atleast as interesting. With the cost of sex, why
do organisms so frequently rely on sex?
>
> Some organisms adopt a sort of dual strategy (eg
> Athropoda:Cladocera _Daphnia_ sp.) When times are good and
> relatively stable, they roll out one, fixed set of code (one
> configuration) for all systems, to use your words. During
> times of stress, however, be that low temperature or low
> oxygen tension or whatever, they begin to reproduce
> sexually, swapping code with others, in order to enhance
> variability in the resultant individuals, presumably to
> enhance the probability that those individuals will survive
> uncertain times ahead.
>
> So, if we're going to roll out "one definition," that fixed
> solution doesn't have to be perfect, as you imply in the
> last sentence. It needs only be sufficiently good that the
> cost of rolling out a more diverse "definition" is
> prohibitive given the expected conditions.
Exactly. And if only *I* could have "sufficiently good" as the basic
starting point with the systems I work with, I would be much happier.
> >Sex isn�t a dirty word, it is the basis for configuration
> management
> >of living organisms.
>
> Of _some_ living organisms...
Well, what I should say is that sex is the basis for mixing up, and
hopefully improving the feature set in the DNA of living organisms.
Not to be confused with evolution, the development of new features.
The arguement against sex is that we have configurations that are
perfectly fine as they are. There are such systems, but I don't happen
to work with them.
> >Genetic diversity refers to a rich set of features within a
> set of
> >organisms which can be used to support those organisms
> though
> >a range of conditions through time. The better the feature
> set, the
> >more successful the organisms.
>
> Well, again, this is an overstatement. The best level of
> diversity is that which is appropriate, and not much more,
> for the conditions likely to be met.
You might have missed the reference to a set of organisms. I am not
aware of any downside to genetic diversity as increased by a larger set
of organisms. There is a definite disadvantage to a large DNA set, if
the streamlined nature of bacteria is any indication. Still, large sets
of organisms are used by bacteria to maintain their genetic diversity,
rather than large DNA. And sex is used to tap that diversity.
> It makes little sense
> to carry around a whole bunch of code you're likely never to
> require unless the cost of carrying around that information
> is small.
True.
> >Open software (like Linux) is about building up the genetic
> diversity
> >in computer systems.
>
> I don't see how this follows, and I'm certainly not trying
> to be recalcitrant, refractory nor obtuse. I think it's more
> like the two vying participants in the Human Genome project.
> One group is motivated to do it because it could have
> enormous repercussions for humanity and because, well,
> frankly, because it's an exciting challenge. The other...
The idea is to support an increasing, diverse set of features. Coupled
this set with a mechanism that allows easier evaluation of different
configurations. The goal is not "the best" configuration in some
global sense, but the best configuration for the particular computer
system in question.
>
> >This is as opposed to Microsoft, which is about owning the
> genetic
> >diversity that we all depend upon.
>
> Well, this is the other, who figures if humanity is gonna
> benefit from something then, by golly, I'm gonna make a
> fistful of bucks from it. I'm afraid if you want to argue
> that Open Source is better at producing diversity (which I'm
> not necessarily denying,) you're going to have to back it up
> with some arguments.
No, I don't think Open Source is better at this point. I think it is
clear that more diversity exists, and more diversity is possible with
Open Source, but Open Source is just as limited as any other approach
absent mechanisms for deploying and testing different configurations in
some painless fashion.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Xuelei Chen <[EMAIL PROTECTED]>
Subject: help on boot
Date: Mon, 25 Sep 2000 19:23:34 -0400
Reply-To: [EMAIL PROTECTED]
I have PC which runs linux well before when it connected to local network
by ethnet, but after I moved to another place, it can not be booted in
linux model. This probably is because the network IP address or NFS is
different locally from old address.
The question is that I do not have boot disk to start up the linux, so I
can not change the configure file. But without the correct configure file
I can not start up linux from hard disk.
Is there any general bootdisk file I can use to start up my conputer
first, after it works then I can change the tables to the correct address?
or is there any other way to make it works?
Your help is greatly appreciated.
Xingzhi Zhang
------------------------------
From: "David .." <[EMAIL PROTECTED]>
Crossposted-To: muc.lists.linux-kernel
Subject: Re: compilation of kernel and as86
Date: Mon, 25 Sep 2000 18:40:47 -0500
Olaf Seidel wrote:
>
> Hi,
>
> when I compile my kernel (2.2.12), it stops with the message "as86:
> command not found". What do I have to install to prevent the message?
>
> Thanks
> Olaf
Install the "dev86" package
--
Confucius say: He who play in root, eventually kill tree.
Registered with the Linux Counter. http://counter.li.org
ID # 123538
------------------------------
Date: Mon, 25 Sep 2000 19:42:44 -0400
From: Scott Schaefer <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.security,comp.os.linux.networking
Subject: Re: Red Hat 6.2 security and stability?
Scott Nolde wrote:
>
> Hubert Chan wrote:
> >
> > "Ethan Schwartz" <[EMAIL PROTECTED]> writes:
[snip]
> > The main problem with RedHat seems to be that it is the most popular distro,
> > and so more clueless people are running it, and there are more scripts
> > available for breaking it. But you should look at Bastille Linux
> > (bastille-linux.sourceforge.net), which is a hardening script for
> > RedHat. I'm not sure if it supports 6.2, though.
The latest version(s) DO support RH 6.2.
------------------------------
From: [EMAIL PROTECTED] (Mike Frisch)
Crossposted-To: comp.os.linux.security,comp.os.linux.networking
Subject: Re: Red Hat 6.2 security and stability?
Date: 25 Sep 2000 23:08:21 GMT
On 25 Sep 2000 15:11:29 -0600, Hubert Chan <[EMAIL PROTECTED]> wrote:
>I don't know how to get rid of telnet from RedHat 6.2 (in 6.1 and before you
>would just edit /etc/inetd.conf which I heard isn't there any more?), but
>someone here should know.
The easiest way to disable telnetd would be to simply remove the
'telnet-server' RPM. FYI, /etc/inetd.conf is there in 6.2 as it always
has been.
Mike.
------------------------------
From: jbrown <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.x
Subject: Signal 7 Error
Date: Mon, 25 Sep 2000 15:46:08 -0700
This is a multi-part message in MIME format.
==============603BF2FCC96903FFA3F3AE11
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Has anyone encounter a signal 7 error on Redhat 6.2?
If so, how did you fit the problem?
Jaxx
==============603BF2FCC96903FFA3F3AE11
Content-Type: text/x-vcard; charset=us-ascii;
name="jackie.brown.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for jbrown
Content-Disposition: attachment;
filename="jackie.brown.vcf"
begin:vcard
n:Brown;Jackie
tel;fax:650.654.5096
tel;work:650.506.8117
x-mozilla-html:FALSE
org:Oracle;Worldwide Solutions Support Group
version:2.1
email;internet:[EMAIL PROTECTED]
title:Product Support Specialist
adr;quoted-printable:;;500 Opacle Parkway=0D=0AOPL - B2047=0D=0A;Redwood
Shores;California;94065;United States
fn:Jackie Brown
end:vcard
==============603BF2FCC96903FFA3F3AE11==
------------------------------
From: "David K. Means" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux,alt.linux
Subject: Re: Firewall Testing -- HELP!!
Date: 26 Sep 2000 00:31:32 GMT
Oops. Thanks for the correction.
"michael.fengler" <[EMAIL PROTECTED]> wrote in message
news:Pine.LNX.4.21.0009251054070.572-100000@tunix...
> On 24 Sep 2000, David K. Means wrote:
>
> >I'm not sure that a script would be up to that level of checking. You
don't
> >say
> >if you are using ipfwadm or ipchains, but in either case, you might look
at
> > http://www.digitalelephant.org/computing/fire/fire.html
> >for an explanation of the one good way to set up a masquerading firewall.
>
> Make that http://www.digitalelephant.org/computing/fire/firewall.html
> ^^^^
> - mike
>
------------------------------
From: David Lee Lambert <[EMAIL PROTECTED]>
Crossposted-To: linux.debian.user,comp.os.linux.x
Subject: Another strange X (??) problem
Date: Mon, 25 Sep 2000 20:30:55 -0400
My problem is that I can start XFree86, but, after I shut down the
server, the console is still in graphics mode; I can't get text mode
back at all, only by doing telnet in and rebooting. The system doesn't
even read the keyboard: 'num lock' won't switch the light on and off.
I'm running Debian 1.3.1 ("bo"). This is what the boot messages are like:
(first file below)
XF86Setup seemed to work OK; second file is XF86Config.
I'm at a loss to figure it out. I know this worked before. Is there
something I need to tweak in the kernel or an option for getty?
-- dmesg.txt
Console: 16 point font, 400 scans
Console: colour VGA+ 80x25, 1 virtual console (max 63)
pcibios_init : BIOS32 Service Directory structure at 0x000faf70
pcibios_init : BIOS32 Service Directory entry at 0xfb370
pcibios_init : PCI BIOS revision 2.10 entry at 0xfb3a0
Probing PCI hardware.
Calibrating delay loop.. ok - 149.50 BogoMIPS
Memory: 46900k/49152k available (856k kernel code, 384k reserved, 1012k data)
Swansea University Computer Society NET3.035 for Linux 2.0
NET3: Unix domain sockets 0.13 for Linux NET3.035.
Swansea University Computer Society TCP/IP for NET3.034
IP Protocols: IGMP, ICMP, UDP, TCP, IPIP
Linux IP multicast router 0.07.
Swansea University Computer Society IPX 0.34 for NET3.035
IPX Portions Copyright (c) 1995 Caldera, Inc.
Appletalk 0.17 for Linux NET3.035
VFS: Diskquotas version dquot_5.6.0 initialized
Checking 386/387 coupling... Ok, fpu using exception 16 error reporting.
Checking 'hlt' instruction... Ok.
Linux version 2.0.32 (root@ramoth) (gcc version 2.7.2.1) #2 Thu Dec 4 16:25:30 EST 1997
Starting kswapd v 1.4.2.2
Serial driver version 4.13 with no serial options enabled
tty00 at 0x03f8 (irq = 4) is a 16550A
tty01 at 0x02f8 (irq = 3) is a 16550A
tty03 at 0x02e8 (irq = 3) is a 16550A
lp1 at 0x0378, (polling)
APM BIOS version 1.2 Flags 0x07 (Driver version 1.2)
Entry f000:804e cseg16 f000 dseg fdfc cseg len ef7f, dseg len 0
Connection version 1.1
AC on line, battery status unknown, battery life unknown
battery flag 0x80, battery life unknown
Sound initialization started
Sound initialization complete
loop: registered device at major 7
ide: i82371 PIIX (Triton) on PCI bus 0 function 57
ide0: BM-DMA at 0xf000-0xf007
ide1: BM-DMA at 0xf008-0xf00f
hda: ST52520A, 2446MB w/112kB Cache, CHS=621/128/63
hdc: OTI-HERMES, ATAPI CDROM drive
ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
ide1 at 0x170-0x177,0x376 on irq 15
Floppy drive(s): fd0 is 1.44M
FDC 0 is an 8272A
Ethernet Bridge 002 for NET3.035 (Linux 2.0)
tunnel: version v0.2b2
Equalizer1996: $Revision: 1.9 $ $Date: 1996/10/12 11:14:37 $ Simon Janes
([EMAIL PROTECTED])
PPP: version 2.2.0 (dynamic channel allocation)
TCP compression code copyright 1989 Regents of the University of California
PPP Dynamic channel allocation code copyright 1995 Caldera, Inc.
PPP line discipline registered.
ne.c:v1.10 9/23/94 Donald Becker ([EMAIL PROTECTED])
NE*000 ethercard probe at 0x300: 00 40 33 51 4e 81
eth0: NE2000 found at 0x300, using IRQ 5.
Partition check:
hda: hda1 hda2 hda3 hda4
JAVA Binary support v1.01 for Linux 1.3.98 (C)1996 Brian A. Lantz
VFS: Mounted root (ext2 filesystem) readonly.
Unable to find swap-space signature
Adding Swap: 16380k swap-space (priority -2)
SLIP: version 0.8.4-NET3.019-NEWTTY-MODULAR (dynamic channels, max=256).
SLIP linefill/keepalive option.
Warning: bad magic number for tty struct (04:43) in release_dev
rs_close: bad serial port count; tty->count is 1, info->count is 2
Sound: Nonexistent MIDI interface 0
VFS: Disk change detected on device 02:00
# XF86Config auto-generated by XF86Setup
#
# Copyright (c) 1996 by The XFree86 Project, Inc.
#
# Permission is hereby granted, free of charge, to any person obtaining a
# copy of this software and associated documentation files (the "Software"),
# to deal in the Software without restriction, including without limitation
# the rights to use, copy, modify, merge, publish, distribute, sublicense,
# and/or sell copies of the Software, and to permit persons to whom the
# Software is furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
# THE XFREE86 PROJECT BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
# WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
# OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
#
# Except as contained in this notice, the name of the XFree86 Project shall
# not be used in advertising or otherwise to promote the sale, use or other
# dealings in this Software without prior written authorization from the
# XFree86 Project.
#
# See 'man XF86Config' for info on the format of this file
Section "Files"
RgbPath "/usr/X11R6/lib/X11/rgb"
FontPath "/usr/X11R6/lib/X11/fonts/misc:unscaled"
FontPath "/usr/X11R6/lib/X11/fonts/75dpi:unscaled"
FontPath "/usr/X11R6/lib/X11/fonts/100dpi:unscaled"
FontPath "/usr/X11R6/lib/X11/fonts/Type1"
FontPath "/usr/X11R6/lib/X11/fonts/Speedo"
FontPath "/usr/X11R6/lib/X11/fonts/misc"
FontPath "/usr/X11R6/lib/X11/fonts/75dpi"
FontPath "/usr/X11R6/lib/X11/fonts/100dpi"
EndSection
Section "ServerFlags"
EndSection
Section "Keyboard"
Protocol "Standard"
XkbRules "xfree86"
XkbModel "pc104"
XkbLayout "us"
EndSection
Section "Pointer"
Protocol "Microsoft"
Device "/dev/mouse"
EndSection
Section "Monitor"
Identifier "Primary Monitor"
VendorName "Unknown"
ModelName "Unknown"
HorizSync 31.5
VertRefresh 60
Modeline "640x480" 25.18 640 664 760 800 480 491 493 525
Modeline "320x240" 12.59 320 336 384 400 240 245 246 262 doublescan
EndSection
Section "Device"
Identifier "Primary Card"
VendorName "Unknown"
BoardName "Trident TGUI9440 (generic)"
EndSection
Section "Screen"
Driver "Accel"
Device "Primary Card"
Monitor "Primary Monitor"
SubSection "Display"
Depth 8
Modes "640x480" "320x240"
EndSubSection
SubSection "Display"
Depth 15
Modes "640x480" "320x240"
EndSubSection
SubSection "Display"
Depth 16
Modes "640x480" "320x240"
EndSubSection
SubSection "Display"
Depth 24
Modes "640x480" "320x240"
EndSubSection
SubSection "Display"
Depth 32
Modes "640x480" "320x240"
EndSubSection
EndSection
Section "Screen"
Driver "Mono"
Device "Primary Card"
Monitor "Primary Monitor"
SubSection "Display"
Depth 1
Modes "640x480" "320x240"
EndSubSection
EndSection
Section "Screen"
Driver "VGA2"
Device "Primary Card"
Monitor "Primary Monitor"
SubSection "Display"
Depth 1
Modes "640x480" "320x240"
EndSubSection
EndSection
Section "Screen"
Driver "VGA16"
Device "Primary Card"
Monitor "Primary Monitor"
SubSection "Display"
Depth 4
Modes "640x480" "320x240"
EndSubSection
EndSection
Section "Screen"
Driver "SVGA"
Device "Primary Card"
Monitor "Primary Monitor"
SubSection "Display"
Depth 8
Modes "640x480" "320x240"
EndSubSection
SubSection "Display"
Depth 15
Modes "640x480" "320x240"
EndSubSection
SubSection "Display"
Depth 16
Modes "640x480" "320x240"
EndSubSection
SubSection "Display"
Depth 24
Modes "640x480" "320x240"
EndSubSection
SubSection "Display"
Depth 32
Modes "640x480" "320x240"
EndSubSection
EndSection
------------------------------
From: [EMAIL PROTECTED] (SCHeckler)
Crossposted-To: comp.os.linux.networking,comp.os.linux.misc
Subject: Re: VPN client software
Date: Tue, 26 Sep 2000 00:51:29 -0000
Reply-To: [EMAIL PROTECTED]
Define 'VPN' Are you talking about PPTP? SSH tunnels? ISAKMP?
In <[EMAIL PROTECTED]>, Scott Twitchell - EWB Support wrote:
>Does anyone know of any VPN client software for linux (I'm running Red Hat
>6.1). I access my work network through VPN in windows but want to try it
>through linux.
>
>Thanks,
>
>Scott
>
>
--
Gregory Spath
[EMAIL PROTECTED], [EMAIL PROTECTED]
SCHeckler in #mtbike on EFNet, fr33f411 on AIM
http://freefall.homeip.net/
------------------------------
From: Bravo <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.admin,comp.os.linux,comp.os.linux.x
Subject: Re: eth0 Promiscious mode
Date: Tue, 26 Sep 2000 01:06:36 GMT
I know of the word "promiscuous".
How to config it btw ?
Alias ?
Internet is paid for doing "alias"
Alex Rier wrote:
>
> Hi,
>
> I want to develop a sniffer using libpcap.
> It opens eth0 in promiscious mode.
> I don't want to run my sniffer as root.
>
> How can I configure eth0 to be able to run my sniffer
> as a regular user? (Without using suid root)
>
> Thanks,
>
> Alex Rier |
> Linux Consultant | Tel: +972-52-442549
> Breakthrough Ltd. | FAX: +972-3-5364060
> http://www.breakt.co.il | mailto:[EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.setup) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Setup Digest
******************************
