Need help with Netgear wireless card WG311T
Hi I can't seem to get a 'supported' wireless card working. pciconf -l -v reports the chipset as 5212, 5213, but dmesg says that device_attach failed and returned 6 (which I think means the hardware is unsupported.) Currently I have tried this with both 6.1 and 5.5. Any help would be appreciated. Thanks Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Need advice on Raid and FreeNas
Hi I am setting up a file server for a small office (10 computers). My first attempt at this I used FreeNas. It was easy to setup and I like that the system is dedicated. One downside of this method is that the write times are slower than I expected. I am using SATA2 drives w/ 8MB buffer on a 100MB network, but the write times I was getting was about 2.5GB per hour. I expected 5 GB in ten minutes. The mother board I am using has a built in raid controller, but I have never read about anyone having warm fuzzies using a built in raid card. I assume I could use a hardware raid with FreeNas and have it setup the CIFS and NFS systems. It is also nice to be able to boot from a USB drive. Another downside is that it is not easy to build and install scripts onto a FreeNas system. Can someone tell me if I am heading down the wrong path using FreeNas? Should I just use a hardware raid and install FBSD so I have access to the ports and and configure samba and nfs manually? I could probably work around the script issue if I could figure out how to get a fast raid with FreeNas, since I like the simplicity and the fact that I can upgrade the system very easily. Thanks for any input. -- Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need advice on Raid and FreeNas
On 7/19/06, pete wright [EMAIL PROTECTED] wrote: On 7/19/06, Jim Freeze [EMAIL PROTECTED] wrote: Hi I am setting up a file server for a small office (10 computers). My first attempt at this I used FreeNas. It was easy to setup and I like that the system is dedicated. One downside of this method is that the write times are slower than I expected. I am using SATA2 drives w/ 8MB buffer on a 100MB network, but the write times I was getting was about 2.5GB per hour. I expected 5 GB in ten minutes. a better metric for us would be network throughput and disk I/O over a shorter period, like kilobit's per sec. Well, if I do the math, 5GB/3600 = 1356 KB/sec. A 100MB/s network has a maximum thruput of 12800KB/sec. So, I am getting 10% of the available BW. The mother board I am using has a built in raid controller, but I have never read about anyone having warm fuzzies using a built in raid card. hmm...actually the oposite is generally true. what motherboard are you using, and what is the RAID controller chipset? Opposite of what? I don't have the specs in front of me, but one is a 945? Intel and the other is a AMD. I'll have to get the specs. I assume I could use a hardware raid with FreeNas and have it setup the CIFS and NFS systems. It is also nice to be able to boot from a USB drive. Another downside is that it is not easy to build and install scripts onto a FreeNas system. I'd hit the FreeNAS list regarding questions about scripting and configuration. I've been down that road, but have not been able to dig up an active list. The bb system seems rather sparse. Do you have a link for me to an active mailing list? -- Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need advice on Raid and FreeNas
Have you checked to make sure the NIC is negotiating at the right speed? Sounds suspiciously like it's running at 10MB/sec. The 100MB light is lit up, but I did not turn off ICMP redirects. I think I'll try this tonight. -- Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problems with Vim 6.3.85 (vim6+ruby)
Hi I just installed FBSD 6.0 and installed vim6+ruby from ports. This is a clean system with nothing on it. When I run vim, I get what looks like character codes instead of letters. For example, immediately after opening vim, I get 25h Typing ':q' to quit gives me: --- 25h25l :25hq25l25h Very weird. Have I set something up wrong or is vim getting the wrong terminal type? I get the same behavior if TERM is either 'xterm' or 'xterm-color', but not if it is set to 'ansi', but then I don't get color. I have never had to worry about this before. Any help appreciated. -- Jim Freeze Got Ruby? http://www.ruby-lang.org/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Looking for SW Firewall
Hi I am interested implementing a firewall in SW that has similar features as a Cisco PIX firewall. But, I don't want to roll my own ipfw statements. A nice gui would be nice. From the ports index I see things like: dante-1.1.15 A circuit-level firewall/proxy cp2fwb-0.6Checkpoint FW1 to Firewall Builder ruleset converter fwbuilder-2.0.10 Firewall Builder GUI and policy compilers hlfl-0.60.1 High Level Firewall Language libfwbuilder-2.0.10_1 Firewall Builder API pfw-0.6.2 A web frontend for the pf firewall I'm basically looking for a good firewall that has an easy administration interface. Can someone who has experience with this suggest a fw I should try? Thanks -- Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Need advice on building a system with a Raid drive
Hi I am building a new system and plan to use two 300GB drives in a raid 1 configuration. However, I have read where fbsd can't boot from a raid drive, but it is not clear why. Can anyone confirm if this is a valid restriction? Will I really need a boot drive separate from my raid drives? Thanks -- Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How does one bootstrap DNS
Svein Halvor Halvorsen wrote: [snippage] I currently only have one computer on my domain, and it provides dns lookups for itself (and virtual servers)[1] [snippage] [1] One could argue that I should have at least two name servers, but why should I need greater redundancy on my name servers, than I have on my other services? If my dns is down, so is my mail, and am in the mercy of the sender to keep retrying anyway. Yes, exactly. Is it permissable for ns1 and ns2 to point to the same IP address? Jim ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How does one bootstrap DNS
Hi I am wondering if the following is possible. Suppose I own two domains: abc.com and xyz.org. I want to host these domains myself and have them provide the primary and secondary name servers for each other. Is this possible? Seems kind of circular. In theory I would have ns1.abc.com to map to the IP of abc.com and ns2.abc.com to map to the IP of xyz.org. This will give me my primary and secondary name servers. So, to set this up, I go the the registrar of abc.com and attempt to enter a name server: NS1 ns1.abc.com 1.2.3.4 NS2 ns2.abc.com 5.6.7.8 In my attempts so far, the registrar has said that either the name server is invalid or it doesn't like me entering just an IP address, it wants a name. Is this a common practive, or do most people use a service like zoneedit. Thanks Jim ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Does 5.3 support Raid 1 on VT8237?
Hi I am trying to install 5.3 on a system with an on board raid controller (VT8237), but am having troubles getting the installer to see the raid drive. I have configured the drive in the bios as Raid 1, but the installer shows two drives. Some helpful specs are: Motherboard: ECS EliteGroup PT800CE-A Onboard Raid: VIA VT8237 Thanks -- Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH terminal locking up from OS X to FreeBSD
* Doug Hardy The localhost is trying to send the 40 bytes in its buffer. It is not receiving and ACK from remotemachine so it retries until it eventually gives up. The F flag is localhost issuing a FIN to remotemachine to drop the TCP connection. It tries a couple times and then likewise gives up. I would recommend a ktrace on the server to see if it yields any additional information. My guess is that the sshd process has died. syslog might not be set to catch the error it may be generating. ktrace will show all the syslog calls Well, I cannot run ktrace on this particular server. I did run it on the client, but I'm not sure that is much help. Yup, that is what has happened. The sshd process (pid 45244 and 45265 below) is dying (not the /usr/sbin/sshd one). root 52394 0.0 0.0 1000 340 p0 DL+ 2:54PM 0:00.00 grep ssh root 60244 0.0 0.1 2404 1624 ?? Ss8:45AM 0:00.46 /usr/sbin/sshd root 45244 0.0 0.1 5056 1840 ?? Is2:45PM 0:00.03 sshd: jdf [priv] (sshd) jdf 45265 0.0 0.1 5000 1848 ?? S 2:45PM 0:00.04 sshd: [EMAIL PROTECTED] (sshd) So, why would this be dying when I login with a Mac and not from linux? Is the mac not pinging the server to remind it not to doze off into unconsciousness? -- Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH terminal locking up from OS X to FreeBSD
* David Kelly [EMAIL PROTECTED] [2005-02-22 16:31:43 -0600]: Later in the thread Jim stated he had no control over the version of the FreeBSD machine. Am guessing he might not have root there. Am guessing he doesn't know what customizations may have been performed on it. I have seen similar problems where one end may have been FreeBSD. Suggest from the MacOS end to try forcing SSH protocol 1 with ssh -1 [EMAIL PROTECTED] If that doesn't work try forcing version 2 with -2. Thanks, tried both, and they both locked up. Also might try moving ~/.ssh/ out of the way on the Mac to see what happens if one starts afresh. This didn't help either. Thanks for the suggestions, but I'm still stumped. :( -- Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH terminal locking up from OS X to FreeBSD
* pete wright [EMAIL PROTECTED] [2005-02-22 15:32:10 -0800]: On Tue, 22 Feb 2005 23:13:52 +, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: (big snip) unless i'm missing something you are making the connection then typing exit in the shell. debug1: channel 0: open confirm rwindow 0 rmax 32768 debug2: channel 0: rcvd adjust 131072 Last login: Tue Feb 22 22:58:44 2005 from rrcs-67-78-64-2 Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 4.7-RELEASE-p27 (VKERN) #38: Thu Aug 26 17:44:26 MDT 2004 [EMAIL PROTECTED] 54 /home/user exit logout (another big snip) unless i'm missing something you are making the connection then typing exit in the shell. For this example, yes. That was the exit to leave the remote host. I did this just to show that I had successfully logged in. If I had waited a few minutes, then I would not have been able to show that because the terminal would have locked up. -- Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH terminal locking up from OS X to FreeBSD
* Chuck Swiger [EMAIL PROTECTED] [2005-02-22 18:39:35 -0500]: [EMAIL PROTECTED] wrote: * Chuck Swiger [EMAIL PROTECTED] [2005-02-22 17:17:09 -0500]: I'll try the tcpdump. Is that command done as follows from the Mac?: su tcpdump -Xvn remotemachine.org user and port 22 Try: tcpdump -Xvn host remotemachine.org and port 22 Ok, this is what I did from the Mac: su tcpdump -Xvn host remotemachine.org and port 22 tcpdump: WARNING: en0: no IPv4 address assigned tcpdump: listening on en0, link-type EN10MB (Ethernet), capture size 96 bytes Then I did from another terminal on the Mac: script ssh.log ssh -vvv [EMAIL PROTECTED] The tcpdump window did not show any activity. Is this correct? -- Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH terminal locking up from OS X to FreeBSD
* Chuck Swiger [EMAIL PROTECTED] [2005-02-22 18:43:39 -0500]: Jim Freeze wrote: Show us what SSH shows when the connection locks up. In particular, try doing a RETURN~? after you get the connection lockup and see whether you get a menu of escape sequences back. Hmm, I never knew about that. So, I finally got tcpdump working, and after the terminal locks up, hitting return produces no affect on the command line, but the ssh connection is still open because I can see data go by on my tcpdump window. And, I DO get the menu of escape sequences back after typing RETURN~?, but I was not successful in getting anything to work. In fact, the tcpdump messages pretty much stopped after a few key strokes. -- Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH terminal locking up from OS X to FreeBSD
* Chad Leigh -- Shire.Net LLC [EMAIL PROTECTED] [2005-02-22 22:58:17 -0700]: Just for giggles, what happens when you try a different encryption method with the ssl client? For example, -c blowfish Ok, so I tried this, but it still locks up. However, I was able to do RETURN~C to get a command line and RETURN~^Z to background the ssh terminal, but I was never able to re-activate it. I did manage to log the IP activity through tcp dump, and I discovered that after the 'lock up', there are no IP messages originating from the remote machine. Also, the IP blocks are of type FP, whatever that is. (Hmm, maybe I need to clear out the known hosts on the remote machine.) An abbreviated version is below. The full log file is at: http://www.freeze.org/tcpdump3b.log 00:22:59.999439 IP localhost.53245 remotemachine.com.ssh: S 611378943:611378943(0) win 65535 mss 1360,nop,wscale 0,nop,nop,timestamp 1996513030 0 00:23:00.053942 IP remotemachine.com.ssh localhost.53245: S 77400915:77400915(0) ack 611378944 win 57344 mss 1460,nop,wscale 0,nop,nop,timestamp 1100668230 1996513030 00:23:00.054039 IP localhost.53245 remotemachine.com.ssh: . ack 1 win 65535 nop,nop,timestamp 1996513030 1100668230 00:23:00.331844 IP remotemachine.com.ssh localhost.53245: P 1:24(23) ack 1 win 57964 nop,nop,timestamp 1100668258 1996513030 00:23:04.922358 IP localhost.53245 remotemachine.com.ssh: . ack 3512 win 65535 nop,nop,timestamp 1996513040 1100668711 # Long break - remote terminal stops responding but data is still flowing as you can see. # RETURN 00:34:05.662885 IP localhost.53245 remotemachine.com.ssh: P 1519:1559(40) ack 3512 win 65535 nop,nop,timestamp 1996514361 1100668711 00:34:07.284836 IP localhost.53245 remotemachine.com.ssh: P 1519:1559(40) ack 3512 win 65535 nop,nop,timestamp 1996514364 1100668711 00:34:09.285235 IP localhost.53245 remotemachine.com.ssh: P 1519:1559(40) ack 3512 win 65535 nop,nop,timestamp 1996514368 1100668711 00:34:43.290382 IP localhost.53240 remotemachine.com.ssh: FP 0:48(48) ack 1 win 65535 nop,nop,timestamp 1996514436 1100663377 # RETURN~? 00:35:09.294870 IP localhost.53245 remotemachine.com.ssh: P 1519:1719(200) ack 3512 win 65535 nop,nop,timestamp 1996514488 1100668711 00:37:17.308387 IP localhost.53245 remotemachine.com.ssh: FP 1519:2655(1136) ack 3512 win 65535 nop,nop,timestamp 1996514744 1100668711 #Closed terminal -- Jim Freeze ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: natd firewall settings for vpn
Protocol 50 is ESP, or encapsulating security payload Protocol 51 is AH, or authentication header Ok, thanks. The trick here with NAT is that AH will build a checksum of the IP header, which includes the private IP address of your laptop. Since NAT changes this IP address, the destination will dump the packet since the AH checksum will fail. When the laptop is behind the gateway, are you using private addresses on the LAN while running NATD with the 'open' rule set? If yes, then you aren't using AH, but only ESP. I'm not sure what you are driving at here. I think the answer is yes. The IP of clients on my LAN are 192.168.0.x. As far as the 'open' rule is concerned, I just used that to test if Contivity worked. I'm not sure what you mean by not using AH. When using the 'open' firewall ruleset, I did not have to add any rules for ESP or AH. Yep, I use a Nortel Extranet Client each and every day behind my FreeBSD firewall/router, which runs IPFW2 with NATD. The rules that you have above look ok. Have you tried setting up a static NAT translation in /etc/natd.conf for inbound UDP/500? Something like... redirect_port udp 192.168.1.1:500 500 where 192.168.1.1 is the IP addr of your laptop. Also, here are the relevant rules from my rc.firewall: Would I use this in addition to the firewall rules? ${fwcmd} add 5000 divert natd all from any to any via ${wan_if} # ${fwcmd} add 42000 queue 70 esp from any to any in recv ${wan_if} ${fwcmd} add queue 80 esp from any to any out xmit ${wan_if} ${fwcmd} add queue 50 esp from any to any in recv ${lan_if} ${fwcmd} add queue 60 esp from any to any out xmit ${lan_if} # ${fwcmd} add 43000 queue 50 udp from ${lan_net}/${lan_mask} to any dst-port= 500 in recv ${lan_if} ${fwcmd} add queue 80 udp from ${wan_ip} to any dst-port 500 out xmit ${wan= _if} ${fwcmd} add queue 70 udp from any to ${lan_net}/${lan_mask} src-port 500 i= n recv ${wan_if} ${fwcmd} add queue 60 udp from any to ${lan_net}/${lan_mask} src-port 500 o= ut xmit ${lan_if} *NOTE* that the ESP and ISAKMP rules come AFTER the divert rule. These rules look a little different. Should adding the AH be all I need or do I need to replace my rules with the one you list above? -- Jim Freeze Anarchy may not be the best form of government, but it's better than no government at all. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
natd firewall settings for vpn
Hi I am trying to configure my firewall to allow packets through for a VPN connection. I am running FBSD 5.2 as my router and am trying to connect my laptop from behind the router to our work computer. The laptop is running OSX 10.3.4 with a Nortel Networks client made by Apani. The VPN connection works when the laptop is connected directly to my DSL modem or when behind the gateway when I set the firewall type to 'open'. Support at Apani says that I need to open port 500 and allow protocols 50 and 51 (whatever that means). I found the firewall settings below from the archive and have implemented them before the divert statement (after also) but with no luck. # Allow IPSec clients to run behind firewall # --- ISAKMP - allow key exchange over UDP 500 ${fwcmd} add pass udp from ${inet}:${imask} to any 500 in recv ${iif} ${fwcmd} add pass udp from ${oip} to any 500 out xmit ${oif} ${fwcmd} add pass udp from any 500 to ${inet}:${imask} in recv ${oif} ${fwcmd} add pass udp from any 500 to ${inet}:${imask} out xmit ${iif} # --- ESP - allow protocol 50 (ESP) for everyone ;-) ${fwcmd} add pass esp from any to any Does anyone have a firewall with a working nortel client behind it. I would greatly appreciate any help. Thanks -- Jim Freeze There was a young poet named Dan, Whose poetry never would scan. When told this was so, He said, Yes, I know. It's because I try to put every possible syllable into that last line that I can. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Input/output error report
Hi My daily security report has recently been spitting profanities at me: Subject: rabbit security run output Checking setuid files and devices: find: /usr/local/share/texmf/doc/latex/sidecap/sc2demo.tex: Input/output error find: /usr/local/share/texmf/doc/latex/sidecap/scdemo.tex: Input/output error find: /usr/local/share/texmf/doc/latex/sidecap/sidecap.dvi: Input/output error ... Is this indicated of a disk going bad? If so, is there a way to confirm it? Thanks -- Jim Freeze -- For I perceive that behind this seemingly unrelated sequence of events, there lurks a singular, sinister attitude of mind. Whose? MINE! HA-HA! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Looking for wireless camera compatible with FreeBSD
Hi I am looking for a small wireless camera that can take pictures at user specified intervals. I'm sure that there are many such cameras that work with Windows, but I haven't found one capable of working on Unix. If you know where I can find such a camera, I would greatly appreciate a contact point. Thanks -- Jim Freeze -- A LISP programmer knows the value of everything, but the cost of nothing. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
mutt and flock
Hi: I recently attempted to send an email with a large attachement. During the send process, the disk ran out of space and I had to Ctl-C out. After clearing space on the drive, whenever I send mail with mutt, I get a message that it fails to flock sent-mail. I've looked and can't find a lock file or other artifact that would be causing the problem. Can someone tell me how to clear the locked file? Thanks -- Jim Freeze -- Warning: Do not look directly into laser with remaining eye. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is cups port broken?
On Sunday, 19 January 2003 at 19:56:12 -0500, AlanE wrote: On Sun, Jan 19, 2003 at 07:43:38PM -0500, Jim Freeze wrote: Hi I am trying to install cups and it doesn't appear to be installing dependencies or finding existing include files. Cups is not broken. I am working on upgrading, so I suggest you just wait a few days until 1.1.18 is ready. And yes, something *is* out of sync on your system. Thanks. I'll upgrade my system while you do your thing. -- Jim Freeze -- There are no games on this system. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Possible attack?
Hi: I got an interesting log report today. Has anyone seen such messages lately? Jan 14 12:59:52 rabbit /kernel: ipfw: limit 100 reached on entry 64000 Jan 14 17:39:13 rabbit ftpd[1502]: ANONYMOUS FTP LOGIN REFUSED FROM p5089A961.dip.t-dialin.net Jan 14 17:39:13 rabbit ftpd[1503]: ANONYMOUS FTP LOGIN REFUSED FROM p5089A961.dip.t-dialin.net Jan 15 12:15:21 rabbit sm-mta[3937]: h0FHFIJI003936: Truncated MIME Content-Disposition header due to field size (length = 25) (possible attack) Jan 15 17:33:03 rabbit ftpd[4434]: ANONYMOUS FTP LOGIN REFUSED FROM pD9E60C0F.dip.t-dialin.net Jan 15 17:33:04 rabbit ftpd[4435]: ANONYMOUS FTP LOGIN REFUSED FROM pD9E60C0F.dip.t-dialin.net Jan 15 23:59:48 rabbit sm-mta[5210]: h0G4xkJI005209: Truncated MIME Content-Disposition header due to field size (length = 22) (possible attack) -- Jim Freeze -- It's not Camelot, but it's not Cleveland, either. -- Kevin White, mayor of Boston To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Possible attack?
On Friday, 17 January 2003 at 10:01:43 -0500, Bill Moran wrote: Jim Freeze wrote: Hi: I got an interesting log report today. Has anyone seen such messages lately? Jan 15 12:15:21 rabbit sm-mta[3937]: h0FHFIJI003936: Truncated MIME Content-Disposition header due to field size (length = 25) (possible attack) Jan 15 17:33:04 rabbit ftpd[4435]: ANONYMOUS FTP LOGIN REFUSED FROM pD9E60C0F.dip.t-dialin.net Jan 15 23:59:48 rabbit sm-mta[5210]: h0G4xkJI005209: Truncated MIME Content-Disposition header due to field size (length = 22) (possible attack) I've seen the anonymous FTP denied off and on. I think that some folks just randomly attempt to connect to any FTP server they find in the hopes that there's cool stuff there. The sm-mta Truncaded MIME stuff isn't familiar to me, and it doesn't actually seem related (compare the times). Could be someone with a broken mailer? or some sort of bogus MIME header that facilitates the propagation of some worm? It's probably a cheesy attempt at an attack. But it's not blatent enough to do much more than note it in case something more serious goes wrong. If you don't have any clients that should be connecting from Deutsche TeleKom, you can just firewall off that whole subnet. Thanks all for the replies. I accept the fact that I am going to get the FTP login attempts, I just had never seen the (possible attack) in my logs. I'm not sure I have anything worth the effort to attempt a break-in. :) -- Jim Freeze -- Anyone who goes to a psychiatrist ought to have his head examined. -- Samuel Goldwyn To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
file table is full
Hi: Today I got up and my security log showed the following: rabbit kernel log messages: 246:3175 63.106.140.204:22 in via sis0 file: table is full file: table is full Limiting open port RST response from 250 to 200 packets per second Limiting open port RST response from 250 to 200 packets per second Limiting open port RST response from 250 to 200 packets per second Limiting open port RST response from 250 to 200 packets per second pmap_collect: collecting pv entries -- suggest increasing PMAP_SHPGPERPROC file: table is full file: table is full ...and on and on and on file: table is full file: table is full Limiting open port RST response from 201 to 200 packets per second Limiting open port RST response from 201 to 200 packets per second Limiting open port RST response from 201 to 200 packets per second Limiting open port RST response from 201 to 200 packets per second file: table is full file: table is full ...pattern essentially repeated... Does anyone know why this would be happening? The only thing that I can think that caused this is that I was running the apache benchmark ab with 1000 tests and 50 concurrent accessors.. Is there a direct way to see if this problem is gone? Thanks -- Jim Freeze To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
sendmail and mqueue permissions
Hi: I get the following error in my log: rabbit kernel log messages: bbit sendmail[177]: g67NOTKK000177: SYSERR(root): queueup: cannot create queue temp file ./tfg67NOTKK000177, uid=25: Permission denied My permissions are: -r-xr-sr-x 1 rootsmmsp 582428 Jul 7 18:45 sendmail* drwxrwx--- 2 smmsp smmsp 512 Jul 22 09:04 clientmqueue/ drwxr-xr-x 2 rootdaemon512 Jul 22 09:08 mqueue/ I tried changing the owner of mqueue from root to smmsp, but then I could not receive mail. Can someone tell me why I get the permission denied error. Thanks -- Jim Freeze If only I had something clever to say for my comment... ~ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message