Re: [SLUG] Linux Slapper Worm
Have him contact his ISP and ask them to block udp port 2002 at their end. Yeah tried that they weren't very helpful, apparently they can't block udp to a single IP (I know that they can, I guess they don't want to). But anyway the bugtraq was the key, removing apache now. Thanks Pete -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Linux Slapper Worm
Thanks guys things are back under control now, however I see these two row from netstat -an. Anybody know what they are or how to map which processes are bound to which ports? udp0 0 0.0.0.0:10240.0.0.0:* udp0 0 0.0.0.0:10250.0.0.0:* Thanks P. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re[2]: [SLUG] Linux Slapper Worm
Hello Peter, netstat -anp -- Best regards, evilbunnymailto:[EMAIL PROTECTED] http://www.SydneyWireless.com - Exercise your communications freedom to make it do what you never thought possible... Wednesday, September 18, 2002, 4:51:22 PM, you wrote: PR Thanks guys things are back under control now, PR however I see these two row from netstat -an. Anybody know PR what they are or how to map which processes are bound to PR which ports? PRudp0 0 0.0.0.0:10240.0.0.0:* PRudp0 0 0.0.0.0:10250.0.0.0:* PR Thanks PR P. smime.p7s Description: S/MIME Cryptographic Signature
[SLUG] Switching Interfaces on network cards
Hi all, I am a new Debian user (very impressed so far), but an old (3 years is oldish?) redhat user. The only problem I have come across so far is I can't switch make the gigabit eth0 and the 100mbit eth1. The 100mbit driver is built into the kernel while the gigabit is a module. I have tried adding a line into modules.conf stating: alias eth0 e1000 but when I bring the interfaces up it still ties the 100mbit to eth0 and fails on eth1, but if I alias eth1 e1000 it works. Is there something I'm missing here? Cheers, Scott -- Scott Ragen Support Manager/IT Administrator Roadtech Systems www.roadtechsystems.com.au PH: +61 2 9807 3516 FAX: +61 2 9808 5294 -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Be smart about your server! [Was: Linux Slapper Worm]
quote who=Tim White Reports indicate that the Apache/mod_ssl worm's source code is placed in /tmp/.bugtraq.c on infected systems. It is compiled with gcc, resulting in the executable binary being stored at /tmp/.bugtraq; therefore, presence of any of the following files on Linux systems running Apache with OpenSSL is indicative of compromise. I've taken a bit of stick every now and then for refusing to let co-admins install gcc and other non-server-related software on machines that I admin. Giving gcc to a worm or human attacker is like arming them with an anti- aircraft missile in an inner city cafeteria. But what if I have to build a kernel? - you can do it on *any* other machine, even cross-compiling it on a different architecture if you're feeling lucky But what if I have to rebuild a patched package? - do it on your test system which should be exactly like your production machine anyway But it's convenient! - go to the back of the class If you can, it's even worth removing perl, bash (/dev/tcp!), and other tools from machines that you're paranoid about. Don't give a worm or human attacker *any* rope to hang you on. This worm can be extra sneaky given that it can compile itself, but don't discount the damage that a perl or python based worm could do before detection. [ Unfortunately, I can't do that with my distribution, but I hope the day will come when I can. It would be cool if other distributions greyed out the 'development' tools option once you select 'server' too, though perhaps that's a bit harsh. :-) ] Numero Uno: Don't put any crap, compiler or not, on your server that you don't need. It can and will be used against you. - Jeff -- The Unix Way: Everything is a file. The Linux Way: Everything is a filesystem. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Xandros Review at OSNews
Hi All, Always on the prowl for the perfect desktop distribution, I have often read great things about the coming of Xandros (the replacement for Corel Linux). For those interested OSNews (a great site) (www.osnews.com) has a review and screenshots of the Xandros Desktop Beta 3 at the address below, http://www.osnews.com/story.php?news_id=1762 Best to all Paul -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Linux Slapper Worm
On Wed, 18 Sep 2002, Tim White wrote: To quote from the CERT advisory CA-2002-27 http://www.cert.org/advisories/CA-2002-27.html: Identifying infected hosts Reports indicate that the Apache/mod_ssl worm's source code is placed in /tmp/.bugtraq.c on infected systems. It is compiled with gcc, resulting in the executable binary being stored at /tmp/.bugtraq; therefore, presence of any of the following files on Linux systems running Apache with OpenSSL is indicative of compromise. /tmp/.bugtraq.c /tmp/.bugtraq ALERT Also look for /tmp/.uubugtraq -- Howard. LANNet Computing Associates - Your Linux people Contact detail at http://www.lannetlinux.com Flatter government, not fatter government. - me Get rid of the Australian states. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] DosEmu Protel Trax
Just wanted to say I've got it going (finally). I haven't got the mouse sorted yet, but I'm working on it. Next milestone: Goodbye Windoze. Amanda -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Linux Slapper Worm
On Wed, 18 Sep 2002, Tim White wrote: To quote from the CERT advisory CA-2002-27 http://www.cert.org/advisories/CA-2002-27.html: Identifying infected hosts Reports indicate that the Apache/mod_ssl worm's source code is placed in /tmp/.bugtraq.c on infected systems. It is compiled with gcc, resulting in the executable binary being stored at /tmp/.bugtraq; therefore, presence of any of the following files on Linux systems running Apache with OpenSSL is indicative of compromise. /tmp/.bugtraq.c /tmp/.bugtraq I have found it on one of my sites as /tmp/.uubugtraq which I assume is the distributed form. This box did not have the sharutils rpm so did not have uudecode and consequently the attack was not able to extract the /tmp/.bugtraq.c source. The latest RH rpm I can find is openssl-0.9.6b Is this the correct one to upgrade to or is there a later rpm somewhere? -- Howard. LANNet Computing Associates - Your Linux people Contact detail at http://www.lannetlinux.com Flatter government, not fatter government. - me Get rid of the Australian states. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Be smart about your server! [Was: Linux Slapper Worm]
Jeff raises a good point here, but just what is le minimum that you can put on a public server and still expect it to run. I'm thinking RH here not Deb (and I don't want a war between the two camps) On Wed, 18 Sep 2002, Jeff Waugh wrote: I've taken a bit of stick every now and then for refusing to let co-admins install gcc and other non-server-related software on machines that I admin. Giving gcc to a worm or human attacker is like arming them with an anti- aircraft missile in an inner city cafeteria. But what if I have to build a kernel? - you can do it on *any* other machine, even cross-compiling it on a different architecture if you're feeling lucky But what if I have to rebuild a patched package? - do it on your test system which should be exactly like your production machine anyway But it's convenient! - go to the back of the class If you can, it's even worth removing perl, bash (/dev/tcp!), and other tools from machines that you're paranoid about. Don't give a worm or human attacker *any* rope to hang you on. This worm can be extra sneaky given that it can compile itself, but don't discount the damage that a perl or python based worm could do before detection. [ Unfortunately, I can't do that with my distribution, but I hope the day will come when I can. It would be cool if other distributions greyed out the 'development' tools option once you select 'server' too, though perhaps that's a bit harsh. :-) ] Numero Uno: Don't put any crap, compiler or not, on your server that you don't need. It can and will be used against you. -- Howard. LANNet Computing Associates - Your Linux people Contact detail at http://www.lannetlinux.com Flatter government, not fatter government. - me Get rid of the Australian states. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Distro Hangups Be smart about your server! [Was: Linux Slapper Worm]
quote who=Howard Lowndes Jeff raises a good point here, but just what is le minimum that you can put on a public server and still expect it to run. My basic installs generally round off at about 200MB for a pure webserver or mailserver. You can do better by building your own, but then you lose out on maintainability, etc. I tend to do most of the fancy stuff on other boxes, which reduces the software I need on production machines. I'm thinking RH here not Deb (and I don't want a war between the two camps) Yeesh, why is this relevant? We all use the same software, regardless of distribution. Trying to stop discussion of distribution-specific issues doesn't help anyone (and I don't understand why such discussion and sharing is seen as 'warring'), and in this particular instance, it's only relevant to the very, very basic package requirements that each distro enforces... knowing about those differences is very important! It's disappointing that whilst we have users of almost every distribution involved in SLUG [1], we still have this strange Don't Mention The War thing going on when talking about our distributions. One member even left in a huff some time ago, deciding that it was easier to put their head in the sand than contribute or help the situation. I fully understand that this started a while back when there was a lot of heavy-handed Debian advocacy on the list, but people matured, realised it was unnecessary and unhelpful, and SLUG goes on. It's so very annoying that we still have to make disclaimers... Let's lose this petty hangup, please! - Jeff [1] Don't think we have any Conectiva users, might have a Red Flag user or two though. ;-) -- If your life was a movie, would you pay to see it? Would you pay to see an advertisement for it? - James Morris -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Linux Slapper Worm
On Wed 18 Sep, Peter Rundle bloviated thus: Yeah tried that they weren't very helpful, apparently they can't block udp to a single IP (I know that they can, I guess they don't want to). In that case, I would send them a fax requesting a block on port 2002 so that it's in writing. Then track the incoming traffic and deduct it from the bill. There's no way you should have to pay for data you have requested be filtered. -- Rev Simon Rumble [EMAIL PROTECTED] www.rumble.net Send email with subject send key pub for public key. Put it before them briefly so they will read it, clearly so they will appreciate it, picturesquely so they will remember it and, above all, accurately so they will be guided by its light. - Joseph Pulitzer, the man who presided over the tabloidisation of newspapers in North America. msg26276/pgp0.pgp Description: PGP signature
[SLUG] Conflict resolution when tracking Debian SID
This evening when trying to upgrade this box I ran into a dependency problem. Apt-get dselect-upgrade cannot upgrade fileutils, shellutils or textutils because to do so it must first install the new package coreutils. coreutils conflicts with stat which is provided by the old fileutils. coreutils provides stat. The error message says that the dependency loop may be avoided by activating the APT::Force-LoopBreak option The message also comes with a dire warning that bad things can happen if you try this. Does anyone on the list know if it is safe to try this in this case? Ken -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Be smart about your server! [Was: Linux Slapper Worm]
On Wed, 2002-09-18 at 19:18, Howard Lowndes wrote: Jeff raises a good point here, but just what is le minimum that you can put on a public server and still expect it to run. I'm thinking RH here not Deb (and I don't want a war between the two camps) How long is piece of string? I really can't comment on any distro other than Debian (it's been too long since I used them), so this theory is going to be Debian based but the theory ought to translate providing other distro's have sane installation options. Debian is also what we use at work and hence I've done this quite a few times :) Essentially, when building a server you want to install as little as you can then build upon that base. In Debian this means saying no to tasksel and dselect during install. This will result in what is lovingly called a base system being installed. The base install, IIRC, is some where about 100M to 200M (it could also be a lot less, I'll confirm tomorrow after I build another one) and it gives you all the minimal operation stuff you expect, like a kernel ;) a shell (bash), logging deamons, PAM, etc etc, the real basic stuff as well as sshd, a mail daemon and that's about it. From here you build your server into what you want. Doing nfs? In my case I'd run apt-get install nfs-server which will result in NFS and all it's dependencies being installed from my source of choice. Repeat for Apache / Samba / LDAP / IMAP / whatever it is you need to run. I'd execpt that other distro's will have a similar mechanism to that described in the last paragraph but over all the theory ought to hold across distros. If you're distro doesn't allow a bare bones install, you ought to re-think your choice of server distro. -- Cheers, Craige. GPG Key fingerprint = C206 904F 5231 2F2E 8DAA F094 5879 71B5 0960 CF37 http://arseclown.tv/ -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Switching Interfaces on network cards
On Wed, 2002-09-18 at 16:57, [EMAIL PROTECTED] wrote: The 100mbit driver is built into the kernel while the gigabit is a module. I have tried adding a line into modules.conf stating: alias eth0 e1000 but when I bring the interfaces up it still ties the 100mbit to eth0 and fails on eth1, but if I alias eth1 e1000 it works. Scott, have you tried using the programme modconf to load the gigabit driver? If not, give it a run and if it still fails you can punt the error into an email for us to have a squiz at :) -- Cheers, Craige. GPG Key fingerprint = C206 904F 5231 2F2E 8DAA F094 5879 71B5 0960 CF37 http://arseclown.tv/ -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] one way ping
hi all, I have at this moment 2 boxes on the net via a server/gateway, (3rd box) before I came on line I tried to ping from one box to the other. works fine, one way only. they identify each other ,by name and ip, everything looks the same in the printout, but no losses one way, 100% the other. any clues? (both rh 7.3) tia bill -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Cheap network cards?
At 7:20 pm, Wednesday, September 18 2002, David Fitch mumbled: Those of you with intel cards (eepro100 driver) might want to try the e100 driver instead. It's only available as a module from intel's website but it works a lot better than the eepro100. We had a bunch of intel rack machines at work with various network problems (82257/8) and crap performance. Changing drivers fixed it. (IMO the 3com cards are still better though, eg. 3c905 as Crossfire mentions). As an aside, the e100 module is in 2.4.20. (Well, was in a -pre when I looked.) -- Steve -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Next Activity for MacLUG/Macarthur Wireless
Just a reminder that the next activity day is this Saturday http://www.woa.com.au/maclug/meetings/2002/meet2002-09-21.html Longer Distance testing of 802.11b wireless antenna Base Station at Centenary Park (Node1179) (UBD 346 P5) First link to woodbine (Enmore Trig, Node 1200) (UBD 326 K15) Second Link to St Gregs Front Gate (node to be added) - subject to permission ( UBD 326 A9), else UBD 326 d10) Third Link to Raby Hill (node to be added) (UBD 306 F13/G12) Fourth Link to Bunbury Curran Trig (Node 1203) (UBD 306 N4) We want to kickoff on time, so if you are late, you can go to the base stn or chase up. Bring your laptop, aerials, map, compass, mob phone, binocular, jumper, etc. -- Terry Collins {:-)}}} Ph(02) 4627 2186 Fax(02) 4628 7861 email: [EMAIL PROTECTED] www: http://www.woa.com.au Wombat Outdoor Adventures Bicycles, Books, Computers, GIS People without trees are like fish without clean water -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Conflict resolution when tracking Debian SID
At 9:41 pm, Wednesday, September 18 2002, Ken Caldwell mumbled: Apt-get dselect-upgrade cannot upgrade fileutils, shellutils or textutils because to do so it must first install the new package coreutils. coreutils conflicts with stat which is provided by the old fileutils. coreutils provides stat. The error message says that the dependency loop may be avoided by activating the APT::Force-LoopBreak option The message also comes with a dire warning that bad things can happen if you try this. Does anyone on the list know if it is safe to try this in this case? The joys of running unstable. My advice is to *LEAVE* *IT* until tomorrow, when the fixed versions will be installed into the archive. -- Steve -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Switching Interfaces on network cards
[EMAIL PROTECTED] wrote on 18/09/2002 09:41:16 PM: Scott, have you tried using the programme modconf to load the gigabit driver? If not, give it a run and if it still fails you can punt the error into an email for us to have a squiz at :) Craige, The gigabit works if I alias eth1 to e1000 in modules.conf. what seems to be the problem, If I can explain better (I have never been good at explaining problems in emails) What I want is the gigabit to be eth0, and the 100mbit to be eth1. There is no major reason behind this other than I like having the Internet interface physically above the LAN interface. (The gigabit is onboard, so moving the nic's around isn't an option). When I alias the gigabit to be eth0 in modules.conf, the 100mb is still used as eth0, but I want it to be eth1. Is there any config file I need to modify? Hope I have explained myself better in this. Thanks, Scott
Re: [SLUG] Switching Interfaces on network cards
quote who=[EMAIL PROTECTED] The only problem I have come across so far is I can't switch make the gigabit eth0 and the 100mbit eth1. The 100mbit driver is built into the kernel while the gigabit is a module. That's your problem. If they were both modules, you could just load them in the right order and go. If they were both built in to the kernel, they'd default to the order of the cards in your PCI slots (hardware order). You used to be able to pass parameters to the kernel to tell it which card was which, so you may be able to do something funky like that if you have to keep the kernel config as it is. - Jeff -- A 'lame' server is a server that is SUPPOSED to be authoritative, but, when asked, says: 'Me? I know nothing, I'm from Madrid!' - Ralf Hildebrandt -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Cheap network cards?
At 18/09/2002 22:17, Steve Kowalik wrote: At 7:20 pm, Wednesday, September 18 2002, David Fitch mumbled: Those of you with intel cards (eepro100 driver) might want to try the e100 driver instead. It's only available as a module from intel's website but it works a lot better than the eepro100. We had a bunch of intel rack machines at work with various network problems (82257/8) and crap performance. Changing drivers fixed it. (IMO the 3com cards are still better though, eg. 3c905 as Crossfire mentions). As an aside, the e100 module is in 2.4.20. (Well, was in a -pre when I looked.) Do you know if this e100 driver will allow the card into full duplex mode ? My server has been running at 100/half for so long, I've forgotten what speed it like (the same card works fine under Windows, and the dual speed hub I'm going through allows two Windows machines to talk at 100/full with these cards...) Jon P.S. Sorry about the profanity...:-) -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Managing a large network
Actually dont just look at the network to carry data but also voice, CISCO now also allows you to integrate VoIP on the same network ie voice,voice mail,SMS and their are CISCO digital telephones (there are actually other companies making telephones for CISCO's VoIP network now).If you think a network is just for data your living in the past, there are heaps of large gov/companies swapping to integrated VoIP and data solutions as we speak. -- * Hey if you're going to get mad at me every time I do something * * stupid, then I guess I'll just have to stop doing stupid things! * On Wed, 2002-09-18 at 10:20, Richard Hayes wrote: Dear list, I have been asked to investigate how to measure end usage for a large network around 1,000 ethernet ports. There are two versions: a) It is going into a new building and they want to prewire it (easy) b) Retrofit into an existing building My initial reaction was to run Cat 5 to each room and a managed switch per floor connected at Gigabit speeds into a router with redundant links but I would appreciated any suggestions. Has anyone had experience with large scale wireless? regards, Richard Hayes -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Switching Interfaces on network cards
On Wed, 2002-09-18 at 21:34, [EMAIL PROTECTED] wrote: When I alias the gigabit to be eth0 in modules.conf, the 100mb is still used as eth0, but I want it to be eth1. Is there any config file I need to modify? I think Jeff hit the nail on the head, if you make both cards modules, you may have better success at getting them numbered the way you want. Hope I have explained myself better in this. Yes :) -- Cheers, Craige. GPG Key fingerprint = C206 904F 5231 2F2E 8DAA F094 5879 71B5 0960 CF37 http://arseclown.tv/ -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] TLS and Apache-SSL
Hello slug, Does anyone know if it's possible to do multihost/single IP hosting via Apache-SSL yet (ie TLS) if so how? Or do I need to install mod_ssl to achieve this? -- Best regards, evilbunny mailto:[EMAIL PROTECTED] smime.p7s Description: S/MIME Cryptographic Signature
Re: [SLUG] one way ping
Patrick Kelso wrote: Is the box that doesnt return the pings running a firewall? Patrick no it's not (just checked), relying on the server firewall to keep things kleen. they are explicitly allowed to talk in /etc/hosts.allow as well. bill -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] TLS and Apache-SSL
quote who=evilbunny Does anyone know if it's possible to do multihost/single IP hosting via Apache-SSL yet (ie TLS) if so how? Or do I need to install mod_ssl to achieve this? You can't with either, because the ssl stuff is done at the IP connection level, not the http Host: header (with DNS name) level. You need multiple IP addresses. No buts. :-) - Jeff -- What do you get when you cross a web server and a hen? Apoache. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Switching Interfaces on network cards
* Scott [2002-09-18 22:33]: The gigabit works if I alias eth1 to e1000 in modules.conf. what seems to be the problem, If I can explain better (I have never been good at explaining problems in emails) What I want is the gigabit to be eth0, and the 100mbit to be eth1. You could perhaps try passing ethernet info to the kernel during boot, something like: LILO: linux ether=IRQ,ADDR,eth0 Fill in the appropriate IRQ and ADDR for the card you want to be eth0, and if it works stick it in /etc/lilo.conf as append= ether=x,x,eth0. (N.B. this works on a 2.2.x kernel, not sure about 2.4.x). You'd find it a lot easier if they were both modules though - just load the e1000 module first. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Cheap network cards?
On Wed, 2002-09-18 at 22:09, Jon Biddell wrote: Do you know if this e100 driver will allow the card into full duplex mode ? My server has been running at 100/half for so long, I've forgotten what speed it like yes it has lots of options and when the module is loaded it displays a summary of all that stuff (duplex, rate etc). Dave. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re[2]: [SLUG] TLS and Apache-SSL
Hello Jeff, This is why they invented TLS, it does plain text handshaking to work out the nuts and bolts, then switches to crypto... SSLv3 may require a single IP per host, TLS doesn't, however implementation is another matter... -- Best regards, evilbunnymailto:[EMAIL PROTECTED] http://www.SydneyWireless.com - Exercise your communications freedom to make it do what you never thought possible... Wednesday, September 18, 2002, 11:05:34 PM, you wrote: JW quote who=evilbunny Does anyone know if it's possible to do multihost/single IP hosting via Apache-SSL yet (ie TLS) if so how? Or do I need to install mod_ssl to achieve this? JW You can't with either, because the ssl stuff is done at the IP connection JW level, not the http Host: header (with DNS name) level. You need multiple IP JW addresses. No buts. :-) JW - Jeff smime.p7s Description: S/MIME Cryptographic Signature
[SLUG] Initial installation suse 8.0
Hi to all, H E L P ! ! ! ! ! I have installed Linux Suse 8.0 on my laptop IBM ThinkPad 390E after DOS and Windows NT 4.0 on a second HD, and I'm happy with what I can see, unfortunately I can not configured my modem / Internet. Is there anywhere, or were I can get some help!! an explanation on how to do it. Thankingyou all in advance. John
Re: [SLUG] TLS and Apache-SSL
quote who=evilbunny This is why they invented TLS, it does plain text handshaking to work out the nuts and bolts, then switches to crypto... SSLv3 may require a single IP per host, TLS doesn't, however implementation is another matter... Sure, though I haven't seen anyone using TLS on Apache. I don't think you'll find the answer in the differences between Apache-SSL and mod_ssl, however. - Jeff -- Orphaned farm-boy hero helps save world against bad-guys, begins a journey of self-discovery, and makes interesting friends. Passable. - Andrew Bennetts on Star Wars -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Initial installation suse 8.0
* Juan A Aranibar [EMAIL PROTECTED] [2002-09-18 23:09]: I have installed Linux Suse 8.0 on my laptop IBM ThinkPad 390E after DOS and Windows NT 4.0 on a second HD, and I'm happy with what I can see, unfortunately I can not configured my modem / Internet. Is there anywhere, or were I can get some help!! an explanation on how to do it. I believe the modem in a ThinkPad 390E is a Lucent winmodem. This means that http://linmodems.technion.ac.il/ is the first place you have to visit to get a good overview of the issues involved. The driver you need is available from http://www.heby.de/ltmodem. I think that http://www.physcip.uni-stuttgart.de/heby/ltmodem/dists/suse/8.22a3/ltmodem-kv_2.4.18_4GB-8.22a3-1.i386.rpm is probably the rpm you need to get. Download this file and install it using the command rpm -i ltmodem-kv_2.4.18_4GB-8.22a3-1.i386.rpm. This will install the needed modem driver on your system. Once it's installed the usual methods of accessing the modem will work. I'm not sure what the best way of starting a dialup session under SuSE is, but tools such as kppp should be able to access the modem as /dev/modem. Please read the information at http://linmodems.technion.ac.il/ as all your questions should be answered there. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Next SLUG Meeting - Friday 27th September, 2002
Monthly Meeting for September When: Friday, September 27, 6:30pm - 9:30pm Where: UTS Broadway NOTE: The rooms for this month have not yet been finalised - we will post a followup as soon as they are sorted out Plan: * The Usual Suspects - Starts 6:30pm + QA - What has Linux done for/to me lately? * 7:00pm: Conrad Parker demoing Sweep * 7:50pm: Break * 8:10pm: SLUG News Discussion * 8:20pm: Split into 2 groups for + Techie Talk - Michelle Wibisono, from the Baker McKenzie Cyberspace Law and Policy Centre or + SLUGlets - Anthony Rumble introducing Unix file permissions, and Paul Copeland demoing OEone desktop * Dinner - Starts around 9:15pm Spice Boys for Dinner. It's $20 for mains, around 30 people. Sweep: Conrad Parker will be demoing the all-new Sweep sound editing, recording and DJing tool. Conrad, lead developer of Sweep, writes: I'll be giving an introduction and demo of some totally new features in Sweep -- this will be loud and funky world first, so mark it down in your diary! Sweep is a full-featured open source sound editor, now used in production at Pixar and rapidly gaining popularity elsewhere. It features a character called Scrubby who is a very intuitive scrub tool and makes editing sounds a breeze. You can use Sweep for general sound editing on your Linux desktop, and thanks to Scrubby you can also use it as a tool for live DJing and experimental music. I'll introduce you to this Scrubby character, show you how to get started editing with Sweep and a bunch of effects plugins, and then we'll get into some fun live audio techniques. Michelle Wibisono from the Baker McKenzie Cyberspace Law and Policy Centre: Michelle will be talking about computing and legal issues from the perspective of a computing student who also studies law, and is an intern at the Cyberspace Law and Policy Centre. As part of the Centre's Social Justice Program, we're trying to do 2 things: first, work out what legal issues concern the open source, free software and linux communities; and second, work out how we can help with legal questions arising in this context. Michelle intends to cover issues like copyright (particularly Australian laws because they tend to get neglected), encryption, privacy, and internet governance. Issues like digital rights management systems or encryption are really only to get more important in the future, and having the right information or knowing where to look is crucial. If there are particular topics you'd like to see Michelle cover, then please email her at [EMAIL PROTECTED] and let her know. SLUGlets: Sluglets are for people new to Linux, or who are looking for discussion of a milder nature than the techie talk. Feel free to come share your experiences with Linux, to get help, or to provide it. This month, we will have Anthony Rumble introducing the Unix file permission model, and Paul Copeland demoing OEone desktop, as well as QA time See you there! J. -- Jan Schmidt [EMAIL PROTECTED] Don't Panic -- The Hitchhiker's Guide to the Galaxy msg26298/pgp0.pgp Description: PGP signature
Re: [SLUG] Initial installation suse 8.0
If its an internal win-modem you have a 50/50 chance of getting it working try http://www.linmodems.org On Wed, 2002-09-18 at 23:16, Juan A Aranibar wrote: Hi to all, H E L P ! ! ! ! ! I have installed Linux Suse 8.0 on my laptop IBM ThinkPad 390E after DOS and Windows NT 4.0 on a second HD, and I'm happy with what I can see, unfortunately I can not configured my modem / Internet. Is there anywhere, or were I can get some help!! an explanation on how to do it. Thanking you all in advance. John -- * Hey if you're going to get mad at me every time I do something * * stupid, then I guess I'll just have to stop doing stupid things! * -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] TLS and Apache-SSL
On Wed, 2002-09-18 at 23:20, Jeff Waugh wrote: quote who=evilbunny This is why they invented TLS, it does plain text handshaking to work out the nuts and bolts, then switches to crypto... SSLv3 may require a single IP per host, TLS doesn't, however implementation is another matter... Sure, though I haven't seen anyone using TLS on Apache. I don't think you'll find the answer in the differences between Apache-SSL and mod_ssl, however. There's (FWICT) still very little Upgrade: support, which is needed to support virtual-hosting with/TLS. Its RFC 2817 if you're interested in reading about it :]. We certainly haven't put it into squid yet. Cheers, Rob signature.asc Description: This is a digitally signed message part
Re: [SLUG] Linux Slapper Worm
Redhat's, the same with Mandrake standard naming convention does not follow openssl's versioning. Just check to see if you have the latest version of openssl. I think you need version 0.96.g Sluggers, I have a friend who's network connection is being hammered by UDP inbound requests on port 2002. From what I can read this is the slapper worm. The machine is dropping the packets with iptables but the connection is flooded (DOS). The box itself is not sending out udp 2002 (the firewall is blocking and logging any outbound upd 2002 and there is none.) Googled around for info, realise that the ssl has to be patched but nothing tells me how to test if the box is infected itself, or if it's just listed and being hammered by other infected boxes. (It's not advertising on udp 2002, which is apparently how the boxes advertise themselves, maybe using some other port in which case does anyone know which one). Any advice appreciated. Pete -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug - This mail sent through IMP: http://horde.org/imp/ -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] DosEmu Protel Trax
OK. Read the Dosemu Howto. Installed Dosemu Freedos from MDK8.2 rpm's. At this point, after re-reading the how-to several more times, I could do a dir, copy stuff to/from floppy. Trying to run any program which had graphics output caused the whole system to go bye-byes. Figured I had a problem with my video setup in dosemu.conf. But what? The how-to isn't all that clear, and I knew all these programs had worked previously on this hardware under windoze. So I Google'd for dosemu conf video, and found several mailing list postings with particular suggestions which made everything a lot clearer. These are the lines I changed to get it working. My video card is a GeForce 2. $_video = vga # one of: plainvga, vga, ega, mda, mga, cga $_console = (1) # use 'console' video $_graphics = (1) # use the cards BIOS to set graphics $_videoportaccess = (1) # allow videoportaccess when 'graphics' enabled $_chipset = plainvga # one of: plainvga, trident, et4000, diamond, avance # cirrus, matrox, wdvga, paradise, ati, s3, sis Some words about Protel for Dos, for those Dinosaurs like me who've used it for more years than they care to name, and just can't get the hang of these new all-singing, all-dancing, windows-based ecad packages. There is a set of vesa graphic drivers now available. Almost all modern cards support vesa bios. Even AGP cards which I find truly amazing. Anyway, they're available here. http://www.airborn.com.au/layout/easytrax.html I'd like to thank Steve from Airborn for making these available. Amanda -- Forwarded Message -- Subject: Re: [SLUG] DosEmu Protel Trax Date: 18 Sep 2002 19:36:32 +1000 From: Ramon Buckland [EMAIL PROTECTED] To: [EMAIL PROTECTED] Amanda, Do you mind giving a run down (for the benefit of the uneducated) of the process you did to get thus far :-) Would be very interested to know Thanks. - ramon -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Linux Slapper Worm
At 03:53 PM 18/09/02 +1000, you wrote: Sluggers, The Slapper worm is described here, including the files to be removed... http://www.LinuxWorld.com.au/news.php3?tid=1nid=1842enotify=1 Brian. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Cheap network cards?
Most of the embedded applications with on-board ethernet use the RTL8139. If they're such a cpu hog, how come they work fine with 8 bit micros ?? Amanda If I remember correctly there is a DMA buffer alignment issue under linux that gives them their bad wrap. Something about each skbuff needs to be copied to re- align the payload rings a bell but I'm sure others would have a better idea of the issue. AFAIK they perform better under windows than they do under linux because of this - hence the bad wrap. Personally Ive had greater than 35Mbit sustained under W2k (700PIII) which I think is damn good value for a $25 10/100 card. We have deployed in excess of 300 of the little buggers without a hickup. 8139too seems to be the driver of choice under 2.4.x, I cant recall what we're using under 2.0.x. So far we have used about three different brands (mostly alloy and compex) usually with the 8139C but some 8139D. A good card for linux untill you need higher throughput with lower CPU requirements. YMMV my 2c Cheers RodT -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
OT: many PCB designers here? Was Re: [SLUG] DosEmu Protel
Hi all, from the posts recently there seems to be a few PCb designers on this. Anyone up for some occasional PCB contracting? Apologies for this being off topic. -RodT Just wanted to say I've got it going (finally). I haven't got the mouse sorted yet, but I'm working on it. Next milestone: Goodbye Windoze. Amanda -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] handling intrustive logon attempts
Hi All, I am wanting to get some opinions on the best way to handle intrusive logon attempts. I know that 'Authentication' problems are stored in /var/log/messages, are there any tools that can report on failed logon attempts? I thought of writing a script to analyse the log file and email me if the logon attempts for a particular user exceeds a limit I have set. Is this a good idea? I've heard about PAM and being able to tally up the logon attempts using mod_tally, but does anyone know of any good doco about how to set this up for newbies 8-)? I still find PAM confusing I've also heard about 'Snort' - can sniff the packets in realtime and perform actions based on rules I have set. Is snort suitable to run on a productive box (does is take much cpu?) or should it run on a standalone box? I am relatively new to linux so I would appreciate any help or guidance. Thanks for your time, Regards Anthony Gray _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] How many ethernet port can Linux handle.
Dear list, Currently I use a motherboard with 6 slots and using DLINK DFE- 580 (4 ports) I can get 24 ports on the box. (It is a router / firewall) I have read there are industrial PC with upto 18 PCI slots therefore I could have upto 72 ports. At what point does Linux fail? Has anyone got experience with industrial PCs? Any recommends where to purchase? regards, Richard Hayes -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] How many ethernet port can Linux handle.
- Original Message - From: Richard Hayes [EMAIL PROTECTED] To: [EMAIL PROTECTED] Any recommends where to purchase? I am not sure if they have exactly what you are after but here is their URL http://www.ieci.com.au/ I spoke to them about a year ago in regards to some rack systems and even though we did not go ahead with the purchase they were very competent and helpful. Gareth Walters http://www.bigworldgames.com -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] handling intrustive logon attempts
On Thu, 19 Sep 2002, Anthony Gray wrote: Hi All, I am wanting to get some opinions on the best way to handle intrusive logon attempts. I know that 'Authentication' problems are stored in /var/log/messages, are there any tools that can report on failed logon attempts? I thought of writing a script to analyse the log file and email me if the logon attempts for a particular user exceeds a limit I have set. Is this a good idea? Also look at /var/log/secure I've heard about PAM and being able to tally up the logon attempts using mod_tally, but does anyone know of any good doco about how to set this up for newbies 8-)? I still find PAM confusing I've also heard about 'Snort' - can sniff the packets in realtime and perform actions based on rules I have set. Is snort suitable to run on a productive box (does is take much cpu?) or should it run on a standalone box? Snort will monitor for rlogin, rsh and telnet attempts, but is more an Intrusion Detection System I am relatively new to linux so I would appreciate any help or guidance. If you want real time monitoring you might want to look at swatch. Thanks for your time, Regards Anthony Gray _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- Howard. LANNet Computing Associates - Your Linux people Contact detail at http://www.lannetlinux.com Flatter government, not fatter government. - me Get rid of the Australian states. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Network Monitoring - TOP Talkers - Open Source?
What is a TOP Talker and do they exists in the Open Source world? Not bumped into any at Freshmeat.net. Google only mentions proprietary ones. Is this an ethereal type of product? Any ideas? Stuart -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
RE: [SLUG] Network Monitoring - TOP Talkers - Open Source?
Ethereal can be used for this however it really is a packet sniffer. The best solutions, and a very good one, is NTOP http://www.ntop.org Martin Visser Network Consultant Technology Infrastructure - Consulting Integration COMPAQ, part of the new HP 3 Richardson Place North Ryde, Sydney NSW 2113, Australia Phone *: +61-2-9022-1670Mobile *: +61-411-254-513 Fax 7: +61-2-9022-1800 E-mail * : martin.visserAThp.com -Original Message- From: Stuart [mailto:[EMAIL PROTECTED]] Sent: Thursday, 19 September 2002 11:04 AM To: [EMAIL PROTECTED] Subject: [SLUG] Network Monitoring - TOP Talkers - Open Source? What is a TOP Talker and do they exists in the Open Source world? Not bumped into any at Freshmeat.net. Google only mentions proprietary ones. Is this an ethereal type of product? Any ideas? Stuart -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Setting console to 80col x 50line mode...
Gentlepeople, I am having some difficulty setting my console into 80x50 text mode. I have tried this on RH7.1 (2 different PCs, kernel 2.4.6) and Debain Woody (1 PC, kernel 2.2.20). (Incidentally, the Debian system has defaulted to some sort of 30 line mode but I don't remember requesting it during installation). In the past, a Mandrake 7.2 setup prompted me at boot to set the appropriate mode which worked for a while during the boot but appeared to be reset (to 80x25) once the console login appeared. In the dim dark past, I remember a Slackware install asking me about setting the default font and choosing a font which gave me the desired result and this carried through to the console (i.e. worked as I expected). So how hard can this be? In DOS, Windows it is really easy. I have just spent hours trying to set this mode and I now give up and am asking. Before you rush in and answer, be aware that I have (to some extent RTFM) and have tried adding a line to my lilo.conf (vga=ask, vga=enhanced) neither of which did anything. There is a command (vidmode) which looks like it actually goes and patches the kernel. The manual entry on this warned against using this command and so I left it alone as it seemed to have an offset parameter which was not fully explained (did I or did I not need to specify it, although it was bracketed as optional). In the final analysis, I wanted to continue booting my system (I am not really up to kernel hacking yet). I have seen mention a command, svgatextmode, which is not on my system. Some documentation seems to imply that I have to recompile the kernel to enable this mode. I do *not* want to recompile the kernel and don't believe that it should be necessary to do such a simple thing. I have looked at terminal definitions and startup scripts (there is a LINES=25 (30 on the Debian system) in my environment but I couldn't see where it was set and anyway it probably needs a command to set the hardware), and I now have a headache trying to follow all this stuff. Please tell me I am a goose and this is really simple, you just have to... TIA. Brendan -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
RE: [SLUG] Setting console to 80col x 50line mode...
Before you rush in and answer, be aware that I have (to some extent RTFM) and have tried adding a line to my lilo.conf (vga=ask, vga=enhanced) neither of which did anything. Did you re-run lilo after putting these extra commands in (e.g. from the command prompt as root type 'lilo')? vga=ask should do it for you. Some documentation seems to imply that I have to recompile the kernel to enable this mode. Maybe that was taking about frame buffer support, which is a little different to changing the vga mode (but worth investing time in setting up -- i find it much easier on the eyes, and I can run my console at 1200x1024). I do *not* want to recompile the kernel and don't believe that it should be necessary to do such a simple thing. ok, thanks for your opinion :) -i [EMAIL PROTECTED] http://www.wienand.org ** CAUTION: This message may contain confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message, any use or disclosure of this message is prohibited. If you received this message in error please notify Mail Administrators immediately. You must obtain all necessary intellectual property clearances before doing anything other than displaying this message on your monitor. There is no intellectual property licence. Any views expressed in this message are those of the individual sender and may not necessarily reflect the views of Woolworths Ltd. ** -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Alternative to AutoTrax/Protel, was Re: [SLUG] dosemu; help needed
Amanda Wynne wrote: I've got dosemu itself going. Exitemu works fine. I can dir, copy to/from floppy (painfully slowly). But I can't get anything worthwhile working. Protel Trax just goes into a black hole. Nothing. .. All help appreciated as I can't kill off windows till I get Protel going under dosemu. I need it for work. This is nothing to do with dosemu some suggestions if you are able to make the break from a Windows/DOS electronic CAD to a Linux one. I have just had to do a circuit board from schematic to autoroute and to gerber file format for a circuit board house to make the board and used CadSoft's EagleCAD. http://www.cadsoft.de I had DOS Protel at home (a legal cp) but I really felt I wanted to use Linux. They have a scematic capture, autorouter and layout package that is free, with some limitations, for personal use. It works superbly AND it comes with Libraries of components. I will be moving up to the $ version as I am using it for commercial stuff. I also tried Bartels AutoEngineer. http://www.bartels.de It comes as RPM's for Intel platforms. The trial/freeware version downloaded and it installed fine. That ran a bit slow and I liked the interface of EagleCAD better so I didnt use AutoEngineer but it looks like a complete package equivqlent to Protel. There other open source and free packages at sourceforge for doing circuits but comparison to Protel is like Notepad.exe is to Word. GAEL2 is an EDA package for Gnome2, again its pretty simple. There are lots of very alpha stage PCB layout packages. I actually downloaded and tried out several. Basically for all the Of course moving from Protel or any Windows package to Linux may not be that simple if you have lots of previous Protel designs or have to exchange CAD files with colleugues using Protel. As my circuit was new I was able to make a clean jump. Here is a reall good set of refs for EDA on Linux: http://sal.kachinatech.com/Z/1/index.shtml Mike --- Michael Lake Linux enthusiast, caver and interested in anything technical. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Alternative to AutoTrax/Protel, was Re: [SLUG] dosemu; help needed
Amanda Wynne wrote: I've got dosemu itself going. Exitemu works fine. I can dir, copy to/from floppy (painfully slowly). But I can't get anything worthwhile working. Protel Trax just goes into a black hole. Nothing. .. All help appreciated as I can't kill off windows till I get Protel going under dosemu. I need it for work. This is nothing to do with dosemu some suggestions if you are able to make the break from a Windows/DOS electronic CAD to a Linux one. I have just had to do a circuit board from schematic to autoroute and to gerber file format for a circuit board house to make the board and used EagleSoft's EagleCAD. I had DOS Protel at home (a legal cp) but I really felt I wanted to use Linux. http://www.cadsoft.de and http://www.cadsoft.com They have a scematic capture, autorouter and layout package that is free, with some limitations, for personal use. It works superbly AND it comes with Libraries of components. I will be moving up to the $ version as I am using it for commercial stuff. I also tried Bartels AutoEngineer. It comes as RPM's for Intel platforms. The trial/freeware version downloaded and it installed fine. That ran a bit slow and I liked the interface of EagleCAD better so I didnt use AutoEngineer but it looks like a complete package equivqlent to Protel. There other open source and free packages at sourceforge for doing circuits but comparison to Protel is like Notepad.exe is to Word. GAEL2 is an EDA package for Gnome2, again its pretty simple. There are lots of very alpha stage PCB layout packages. I actually downloaded and tried out several. Basically for all the Of course moving from Protel or any Windows package to Linux may not be that simple if you have lots of previous Protel designs or have to exchange CAD files with colleugues using Protel. As my circuit was new I was able to make a clean jump. Mike --- Michael Lake Linux enthusiast, caver and interested in anything technical. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Setting console to 80col x 50line mode...
Ian, Thanks, I needed to run lilo after editing /etc/lilo.conf, I am a goose after all. It was simple and now my vga=enhanced works... sort of. I now get the behaviour I described on my Mandrake system, i.e. it starts booting in 50 line mode, then part way through the booting, it resets to 25 lines and there it stays. Further investigation reveals that this restting appears to occur with the message Setting default font lat0-sun16. This appears to be called from an initialisation script keytable which in turn eventually calls consolechars. This seems to set the console font and do what I want, but in the initialisation script, it is using a variable to get the font name. Now I am stuck trying to find where this variable is set... I looked at the frame buffer stuff and it appeared to allow you to put the console into a graphics mode rather than text mode, which is not quite what I want at this stage. That, my lack of knowledge/confidence and some frustration were the main reasons behind my rather declamatory statement about not wanting to compile the kernel (yet anyway). So, in summary, I am now looking for the place in the initialisation scripts where the system font variable is set. TIA. Brendan Wienand Ian wrote: Before you rush in and answer, be aware that I have (to some extent RTFM) and have tried adding a line to my lilo.conf (vga=ask, vga=enhanced) neither of which did anything. Did you re-run lilo after putting these extra commands in (e.g. from the command prompt as root type 'lilo')? vga=ask should do it for you. Some documentation seems to imply that I have to recompile the kernel to enable this mode. Maybe that was taking about frame buffer support, which is a little different to changing the vga mode (but worth investing time in setting up -- i find it much easier on the eyes, and I can run my console at 1200x1024). I do *not* want to recompile the kernel and don't believe that it should be necessary to do such a simple thing. ok, thanks for your opinion :) -i [EMAIL PROTECTED] http://www.wienand.org ** CAUTION: This message may contain confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message, any use or disclosure of this message is prohibited. If you received this message in error please notify Mail Administrators immediately. You must obtain all necessary intellectual property clearances before doing anything other than displaying this message on your monitor. There is no intellectual property licence. Any views expressed in this message are those of the individual sender and may not necessarily reflect the views of Woolworths Ltd. ** -- Brendan Brendan Dacre Ph: 9690 1949 Fax: 9690 1949 Mob: 0402 149 422 E-mail: [EMAIL PROTECTED] E-mail: [EMAIL PROTECTED] -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug