[SLUG] Spyware checker
What we all know is that spyware easily installs on to windows desktops thanks to Internet Explorer. Here is a site that will check for the type of spyware your windows systems have and gives you instructions on removing the insidious apps. http://www.doxdesk.com/parasite/ -- Kevin Saenz <[EMAIL PROTECTED]> -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] addusers from text file
On Mon, 2003-02-03 at 13:01, Simon Bryan wrote: > Any clues appreciated the 'newusers' command appears to be what you want (from the shadow password utilities pkg) PS. I couldn't remember the name of the command, so typed "adding multiple users" into google/linux and found it. Dave. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] disk catastrophe
try... echo >/proc/sys/kernel/printk "1 4 1 7" At 05:35 pm 03/02/2003 +1100, you wrote: I'm having major disk errors... it's a server that is still hanging on by it's finger nails, but gettting multiple hardware errors I'm busily re-building a replacement server, but it would be nice if i could get a console happening on the old box that didn't get flooded with hardware error messages every time i do anything (ls for instance!). How do i redirect the error messages away from the console i'm on.. is it possible? I can't log in from a different box.. it seems that whatever the problem is has blown away ssh, even though apache and dns are still running. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug -- Guy Ellis [EMAIL PROTECTED] Traverse Technologies ABN 98 078 657 324 652 Smith St., Clifton Hill, Victoria, 3068 AUSTRALIA http://www.traverse.com.au Tel (+613) 9486 7775 Fax (+613) 9482 7754 Mobile 0419 398 234 -- -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] IP Traffic logging utilities?
snort to name one :) try http://www.snort.org > Are there any analysis/logging applications that could give me a > breakdown of the types of traffic in and out of my Linux internet > gateway? e.g. breakdowns by port, protocol or whatevber may be useful > for figuring out my unexplained incoming data totals. > > Thanks > > Peter -- Kevin Saenz <[EMAIL PROTECTED]> -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Wht the Modem traffic from pop3 requests??
as said before, probably DNS, you can confirm with a tcpdump -i ppp0 dave - Original Message - From: "Peter Vogel" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, February 03, 2003 12:49 PM Subject: [SLUG] Wht the Modem traffic from pop3 requests?? > When I connect to pop3 over my internal LAN, my modem light indicate > something going out to the outside world, even though my mail client is > set to use 192.168.0.1 as the pop3 server. > > Everything seems to work fine, but I can't understand what would need to > be going out to the internet. > > Have I configured something wrong? > > Thanks > > Peter > > -- > SLUG - Sydney Linux User's Group - http://slug.org.au/ > More Info: http://lists.slug.org.au/listinfo/slug > -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Unexplained traffic
What this really looks like is you have some sort of spyware on one of the machines in your network. Check your windows boxes with Adaware - looks like they are downloading adds etc. dave - Original Message - From: "Peter Vogel" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, February 03, 2003 9:42 AM Subject: [SLUG] Unexplained traffic > Thank you to those who provided useful suggestions for firewall > configuration tools. I seem to have that sorted now. > > However I find that I receive about 20mb/day of traffic that I can't > account for. > > I do get "Possible syn flood" messages a few times a day. Could that add > up to megabytes? > > I also have unsucessful access attempts to apache every few seconds. > > Here is a typical couple of munites from my log: > > 217.84.6.34 - - [03/Feb/2003:08:20:38 +1100] "GET http://www.freemobiletunes.com/cgi-bin/arp/rankem.cgi?action=in&id=chartz HTTP/1.0" 404 1341 "http://www.8ung.at/smartlogo/ringtones.htm"; "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)" > 24.29.148.128 - - [03/Feb/2003:08:20:52 +1100] "GET http://www.adpowerzone.com/scripts/diatok.js HTTP/1.0" 404 1225 "http://www.geocities.com/bassw20/index.html"; "Mozilla/4.0 (compatible; MSIE 5.02; Windows 98)" > 217.227.90.195 - - [03/Feb/2003:08:21:06 +1100] "GET http://www.gsmsitez.net/cgi-bin/topsites/topsites.cgi?larsi HTTP/1.1" 404 1286 "http://www.logotown.de"; "Mozilla/4.5 [fr] (Win95; I)" > 217.227.90.195 - - [03/Feb/2003:08:21:33 +1100] "GET http://utop.net/cgi-bin/utop.cgi?ID=/150 HTTP/1.1" 404 1172 "http://www.logotown.de"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.195.81.215 - - [03/Feb/2003:08:22:55 +1100] "GET http://www.leadhound.com/show2.php?id=9236&bid=23967 HTTP/1.1" 404 1181 "http://www.mp3rock.com"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.195.81.215 - - [03/Feb/2003:08:24:30 +1100] "GET http://banners.webmasterplan.com/view.asp?site=2358&ref=146341&b=2 HTTP/1.1" 404 1201 "http://www.die-80er-jahre.de"; "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)" > 62.195.81.215 - - [03/Feb/2003:08:24:50 +1100] "GET http://www.leadhound.com/show2.php?id=9449&bid=24968 HTTP/1.1" 404 1183 "http://www.rapworld.com"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.195.81.215 - - [03/Feb/2003:08:26:12 +1100] "GET http://www.leadhound.com/show2.php?id=9236&bid=23966 HTTP/1.0" 404 1181 "http://www.mp3rock.com"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.131.12.251 - - [03/Feb/2003:08:26:50 +1100] "GET http://www.1-click-clipart.com/bin/rankem.cgi?action=in&id=1cool HTTP/1.1" 404 1213 "http://www.top20cool.com/index.html"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.195.81.215 - - [03/Feb/2003:08:27:16 +1100] "GET http://banners.webmasterplan.com/view.asp?site=2306&ref=145686&b=3 HTTP/1.0" 404 1193 "http://www.myownmusic.de"; "Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)" > > Any ideas what the cause of this is and can I stop it?? > > Thanks > > Peter > -- > SLUG - Sydney Linux User's Group - http://slug.org.au/ > More Info: http://lists.slug.org.au/listinfo/slug > -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] disk catastrophe
I'm having major disk errors... it's a server that is still hanging on by it's finger nails, but gettting multiple hardware errors I'm busily re-building a replacement server, but it would be nice if i could get a console happening on the old box that didn't get flooded with hardware error messages every time i do anything (ls for instance!). How do i redirect the error messages away from the console i'm on.. is it possible? I can't log in from a different box.. it seems that whatever the problem is has blown away ssh, even though apache and dns are still running. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Unexplained traffic
if you use squid, you could use calamaris to generate reports for you The reports will also inform you the total bytes access by your proxy. > Thank you to those who provided useful suggestions for firewall > configuration tools. I seem to have that sorted now. > > However I find that I receive about 20mb/day of traffic that I can't > account for. > > I do get "Possible syn flood" messages a few times a day. Could that add > up to megabytes? > > I also have unsucessful access attempts to apache every few seconds. > > Here is a typical couple of munites from my log: > > 217.84.6.34 - - [03/Feb/2003:08:20:38 +1100] "GET >http://www.freemobiletunes.com/cgi-bin/arp/rankem.cgi?action=in&id=chartz HTTP/1.0" >404 1341 "http://www.8ung.at/smartlogo/ringtones.htm"; "Mozilla/4.0 (compatible; MSIE >4.01; Windows 95)" > 24.29.148.128 - - [03/Feb/2003:08:20:52 +1100] "GET >http://www.adpowerzone.com/scripts/diatok.js HTTP/1.0" 404 1225 >"http://www.geocities.com/bassw20/index.html"; "Mozilla/4.0 (compatible; MSIE 5.02; >Windows 98)" > 217.227.90.195 - - [03/Feb/2003:08:21:06 +1100] "GET >http://www.gsmsitez.net/cgi-bin/topsites/topsites.cgi?larsi HTTP/1.1" 404 1286 >"http://www.logotown.de"; "Mozilla/4.5 [fr] (Win95; I)" > 217.227.90.195 - - [03/Feb/2003:08:21:33 +1100] "GET >http://utop.net/cgi-bin/utop.cgi?ID=/150 HTTP/1.1" 404 1172 "http://www.logotown.de"; >"Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.195.81.215 - - [03/Feb/2003:08:22:55 +1100] "GET >http://www.leadhound.com/show2.php?id=9236&bid=23967 HTTP/1.1" 404 1181 >"http://www.mp3rock.com"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.195.81.215 - - [03/Feb/2003:08:24:30 +1100] "GET >http://banners.webmasterplan.com/view.asp?site=2358&ref=146341&b=2 HTTP/1.1" 404 1201 >"http://www.die-80er-jahre.de"; "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)" > 62.195.81.215 - - [03/Feb/2003:08:24:50 +1100] "GET >http://www.leadhound.com/show2.php?id=9449&bid=24968 HTTP/1.1" 404 1183 >"http://www.rapworld.com"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.195.81.215 - - [03/Feb/2003:08:26:12 +1100] "GET >http://www.leadhound.com/show2.php?id=9236&bid=23966 HTTP/1.0" 404 1181 >"http://www.mp3rock.com"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.131.12.251 - - [03/Feb/2003:08:26:50 +1100] "GET >http://www.1-click-clipart.com/bin/rankem.cgi?action=in&id=1cool HTTP/1.1" 404 1213 >"http://www.top20cool.com/index.html"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.195.81.215 - - [03/Feb/2003:08:27:16 +1100] "GET >http://banners.webmasterplan.com/view.asp?site=2306&ref=145686&b=3 HTTP/1.0" 404 1193 >"http://www.myownmusic.de"; "Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)" > > Any ideas what the cause of this is and can I stop it?? > > Thanks > > Peter -- Kevin Saenz <[EMAIL PROTECTED]> -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Wht the Modem traffic from pop3 requests??
On Mon, Feb 03, 2003 at 12:49:49PM +1100, Peter Vogel wrote: > When I connect to pop3 over my internal LAN, my modem light indicate > something going out to the outside world, even though my mail client is > set to use 192.168.0.1 as the pop3 server. > > Everything seems to work fine, but I can't understand what would need to > be going out to the internet. DNS maybe? Is the pop serer trying to do reverse dns on your client's IP? Matt -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Linux file server
On Mon, 3 Feb 2003, [iso-8859-1] Carmine Rosa wrote: > > Hello, > > I am quite new to Linux and SAMBA but find them really interesting. That's great Carmine. > I have a small W2K network and I have installed Mandrake 9 and SAMBA on > a spare machine to act as a file server. I can PING the W2K DC and the > Linux machine but do not see the file share through Network > Neighbourhood. It was there before but after a big crash and a reinstall > from scratch it is no longer there. what crashed - the win2k box or the linux box? I presume the win2k box but ... > Previously it all went in without me > doing much. I had not given it any users at that stage and I could not > use the share but I could see it. This time however it is not visible at > all. Could someone point me in the right direction. I would be very > grateful for any information. you haven't described how you configured (or reconfigured) the SAMBA share. You should set the workgroup to be the same as your w2k domain/workgroup and then the server and fileshare should be visible (if you gave 'everyone' access anyway). -=-=-==-=-=--=-=-=-=-=-=-=-=-=-=-=-= Graeme Robinson - Graenet consulting www.graenet.com - internet solutions -=-=-=-=-=-=-=-=-=-=-==---=-=--=-=-= -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Linux file server
Hello, I am quite new to Linux and SAMBA but find them really interesting. I have a small W2K network and I have installed Mandrake 9 and SAMBA on a spare machine to act as a file server. I can PING the W2K DC and the Linux machine but do not see the file share through Network Neighbourhood. It was there before but after a big crash and a reinstall from scratch it is no longer there. Previously it all went in without me doing much. I had not given it any users at that stage and I could not use the share but I could see it. This time however it is not visible at all. Could someone point me in the right direction. I would be very grateful for any information. Thanks Carmine Yahoo! Movies - What's on at your local cinema?
[SLUG] Problems with Samba 2.2.6
G'day all... FWIW running under Mandrake 8.2 Has anyone else had problems with roaming profiles and WinXP clients? When one of our users logs on, they consistently get errors stating that the server copy of the roaming profile was unable to be located. I don't know how much this occurs for the other users. Anyone else have this happen or know a solution? Thanks. Mike --- Michael S. E. Kraus Administration Capital Holdings Group (NSW) Pty Ltd [EMAIL PROTECTED] phone (02) 9955 8000 fax (02) 9955 8144 -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Security break? Cron nice -n 19 run-parts /etc/cron.daily
-BEGIN PGP SIGNED MESSAGE- On Monday 03 Feb 2003 12:55 pm, [EMAIL PROTECTED] wrote: > Nothing has happened to the machine recently (that we know about) ... The > machine is a firewall, router, and VPN server. The VPN was restarted last > Thursday, but that is about all. > > Prelude was installed at installation time, so it seems wierd for it to > stop and start itself. I'm curious. IIRC that's done by logrotate as part of rotating the log files. It makes sure that the old file is no longer being written to. - -- Chris SamuelWollongong, NSW -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iQEVAwUBPj3cEI1yjaOTJg85AQG0Xgf/dUdQOdTcphX+gPNGsnSqpyHqG7mKDd2E /vKSVTpf+ueqmCCKBJD+RFhPIgndkTq1bDx0YpggzZ6umi7GTWaAk1K0YxBVSr7b DQKoS3uH3hsR+dHkjB7BiC5tfJ2VgFAABzFeNlhaYQab0d160C5v467fIIBdFFjX igRUoOgPRWwck81DjGL/WfklXPN6QIN2QgfnH44F5TvXcBN6H7QTDZ5AHFpDarvp LHzp0QM+mp1L3HsEYLxB82lhI8RUYhvnxoGjsXCW808CEeHKarqyeMWWr0+LylSG T7s7lBHGtZMr4RahHdRcNR4UctfAvBYoY89ks6D5GQ9yEyMaVcNkIw== =xUD6 -END PGP SIGNATURE- -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] addusers from text file
Simon Bryan wrote: I have been trying to find an adduser script that will read it's input from a file. I used to have one but it has gone MIA. I need to be able to set username, gid, home directory and shell. How about just reformatting the file suitably for "useradd"? awk -f reformat.awk < names.txt | sh where reformat.awk is a variant of BEGIN { FS=":" } { full_name = $1 user_id = $2 password = $3 printf "useradd -p '%s' -c '%s' '%s'\n", password, full_name, user_id } -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
RE: [SLUG] addusers from text file
Try man bash man awk or http://www.python.org or http://www.perl.org Im sure that an self respecting IT manager knows one of these well enough to parse a text file? Bend Not and IT manager -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Simon Bryan Sent: Monday, 3 February 2003 12:32 PM To: Slug Subject: [SLUG] addusers from text file Hi all, I have been trying to find an adduser script that will read it's input from a file. I used to have one but it has gone MIA. I need to be able to set username, gid, home directory and shell. I tried the one in Webmin but it keeps failing with inexplicable errors. Any clues appreciated _ Simon Bryan IT Manager OLMC Parramata ICQ#: 137562751 _ -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] addusers from text file
Hi all, I have been trying to find an adduser script that will read it's input from a file. I used to have one but it has gone MIA. I need to be able to set username, gid, home directory and shell. I tried the one in Webmin but it keeps failing with inexplicable errors. Any clues appreciated _ Simon Bryan IT Manager OLMC Parramata ICQ#: 137562751 _ -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] IP Traffic logging utilities?
Easy Program: trafshow Detailed Program: tcpdump Logging: Kernel has ip accounting we use it on the firewall to send ourselves daily/weekly/monthly summaries. cheers, Woody On Mon, Feb 03, 2003 at 11:42:37AM +1100, Peter Vogel wrote: > Are there any analysis/logging applications that could give me a > breakdown of the types of traffic in and out of my Linux internet > gateway? e.g. breakdowns by port, protocol or whatevber may be useful > for figuring out my unexplained incoming data totals. > > Thanks > > Peter > > -- > SLUG - Sydney Linux User's Group - http://slug.org.au/ > More Info: http://lists.slug.org.au/listinfo/slug -- Woody -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Calculating physical memory from /proc/meminfo
On Mon, 3 Feb 2003 12:42:43 +1100 [EMAIL PROTECTED] wrote: > What is the process from calculating physical memory from `cat > /proc/meminfo` ? free(1) parses the output of meminfo into something a little more readable. > In the memtotal line is that including swap memory? Comparing the output from free with the contents of /proc/meminfo, it seems that the memtotal line doesn't include swap. > When I calculate the number of megabytes, its never quite right - so I > was wondering what techniques others use. free. :-) There's been quite a lot of discussion on interpreting memory usage in the past. Perusing the list archives at http://slug.org.au/archives.html should help out. -- Pete -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Security break? Cron nice -n 19 run-parts /etc/cron.daily
G'day... Nothing has happened to the machine recently (that we know about) ... The machine is a firewall, router, and VPN server. The VPN was restarted last Thursday, but that is about all. Prelude was installed at installation time, so it seems wierd for it to stop and start itself. I'm curious. Mike --- Michael S. E. Kraus Administration Capital Holdings Group (NSW) Pty Ltd [EMAIL PROTECTED] phone (02) 9955 8000 fax (02) 9955 8144 James Gregory <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 03/02/2003 11:28 AM To: [EMAIL PROTECTED] cc: [EMAIL PROTECTED] Subject:Re: [SLUG] Security break? Cron nice -n 19 run-parts /etc/cron.daily On Mon, 2003-02-03 at 10:08, [EMAIL PROTECTED] wrote: > G'day all... > > On our firewall/router (Mandrake 8.2) cron normally sends nice little > security messages, however one of the last couple of runs was different. > > It's attached below, normally the shutting down and starting up parts > aren't there... > > Any ideas...? not really. I find those emails annoying so I turn them off. The mandrake security whatsit isn't very smart. It doesn't look like an entirely unusual thing for it to be doing, but unless you made a change to the system I would be suspicious. I'd look at the crontab, look at the programs it's running etc. As I recall all these tools are written in perl, so vim should be all you need to see if they're at all different. It could be that upgrading initscripts caused a change in the way the reporting output gets written -- if you upgraded initscripts :) -- just canvassing some less alarming possibilities. Is the INN stuff normally there? perhaps it's just doing this because something has gone wrong with your news daemon. What sort of stuff has happened to this machine lately? HTH James. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Wht the Modem traffic from pop3 requests??
When I connect to pop3 over my internal LAN, my modem light indicate something going out to the outside world, even though my mail client is set to use 192.168.0.1 as the pop3 server. Everything seems to work fine, but I can't understand what would need to be going out to the internet. Have I configured something wrong? Thanks Peter -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Calculating physical memory from /proc/meminfo
G'day all... What is the process from calculating physical memory from `cat /proc/meminfo` ? In the memtotal line is that including swap memory? When I calculate the number of megabytes, its never quite right - so I was wondering what techniques others use. Thanks Mike --- Michael S. E. Kraus Administration Capital Holdings Group (NSW) Pty Ltd [EMAIL PROTECTED] phone (02) 9955 8000 fax (02) 9955 8144 -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Temperature measurement
On Tue, Jan 28, 2003 at 03:02:18AM +1100, Ben Buxton wrote: > This is what I'm doing: http://www.cactii.net/temp.html > > Need to mail order the hardware from canada, about $CAD40. And Oatley Electronics in Sydney sell this kit too: http://www.oatleyelectronics.com/kits/hk145.html Cheers, John -- whois [EMAIL PROTECTED] GPG key id: 0xD59C360F http://kirriwa.net/john/ -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] network considerations
On Mon, 2003-02-03 at 10:31, moise lim wrote: > my current thoughts are :- > > 1/ leaving the workstations running windows - only for the time being though > until i can convince users of the advantages of using a superior o/s in my > following points > 2/ leaving the win2000 svr alone but introducing a samba server and gradually > migrating files across to samba until enuff load has been shedded on the > win2000 svr > 3/ introducing a linux-based mail svr to replace the windows based one > 4/ introducing a linux-based proxy to replace the windows based one > 5/ introducing a linux-based firewall to provide good security ok, how many boxes do you have to play with? I'll prefix this - I'm making a lot of assumptions from that description to give you a starting point to tell us the stuff that I got all wrong :) proxy and firewall should probably be the same machine. Then you can do transparent proxying (well, you can do it otherwise, but having it on the same machine is nice, and there isn't much advantage to separating them) when you say "mail server" - do you mean a computer to receive mail from the internet? (ie, do the MX records point to this box?) I'm assuming not given the unreliable connection -- this answer would be slightly different if that were the case. So, I'm assuming that this is just a machine to store mail locally and pass outgoing mail to another MTA somewhere. I would make the fileserver and the mail server the same box (unless there was a reason not to). You probably want to have a box with RAID for this, and it's nice to keep all the stuff you need RAIDed in one place (again, more assumptions there). I'd run Courier IMAP (interesting observation from one who just migrated to it -- much faster but it takes about 20-30% more diskspace than uw-imap for storing mail), fetchmail, spamassassin (now there's a cool way to impress your windows loving clients), postfix as a smart relay. I'm told that XFS is all the rage when it comes to choice of reliable, fast filesystem (I'm running reiserfs here, and I love it but there's no recovery tools) If you just mean a machine to use to deliver mail *to* the internet, then as above but with just postfix. I would also consider using ldap on such a network for a user database - it makes it easier to add stuff like proxy authentication if you happen to need it -- you get a bonus global address book too. I'd also run that on your mail/fileserver. There's also some nifty thing that lets you get squid to authenticate against the samba authentication stuff, and samba in turn to authenticate against ldap (when I did it last you went through pam, there might be a better way now). There are other nifty things you can do with ldap but I don't think they're relevant here. As you say, I would leave the workstations running win2k. It's a lot of change very quickly, and I think you need cred from a grooving server install first. That said you might want to install some open source tools on their boxes so they can start exploring if they desire. Throw mozilla on there and whatever office suite is best on linux these days (open office?) For 30 users I would say it's probably worth moving to adsl or one of its cousins. > > as a relatively newcomer to linux.. i m curious to know what other folks are > doing for smallish networks like my example... well, I've setup systems like the above before and find they work very well. I used to have problems with samba, but it seems to be pretty good these days. > > are there other things i should be considering?? i don't think a dhcp svr is > reuired only becos i go around setting static IPs... I'd set up a dhcp server anyway. It means you've got a central place to do configuration changes if you need to and it means you can just plug in new computers and have them work straight off without doing any work. Put it on the firewall. Is that the sort of information you're looking for? HTH, James. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Unexplained traffic
No, I have checked that Proxy Requests are not enabled in httpd.conf. Alsom the logs show that the requests are all returning 404 (not found). On Mon, 3 Feb 2003 11:24:05 +1100 Erik de Castro Lopo <[EMAIL PROTECTED]> wrote: > On Mon, 03 Feb 2003 09:42:56 +1100 > Peter Vogel <[EMAIL PROTECTED]> wrote: > > > Thank you to those who provided useful suggestions for firewall > > configuration tools. I seem to have that sorted now. > > > > However I find that I receive about 20mb/day of traffic that I can't > > account for. > > > > I do get "Possible syn flood" messages a few times a day. Could that add > > up to megabytes? > > > > I also have unsucessful access attempts to apache every few seconds. > > This looks like you might have Apache set up as a web proxy and the > web proxy is accessible from outside of you internal network. People > are therefore using your server as an web proxy. > > Looks like you need to look at the access control configuration of Apache. > > Erik > -- > +---+ > Erik de Castro Lopo [EMAIL PROTECTED] (Yes it's valid) > +---+ > Microsoft owns Hotmail. Hotmail runs Sun Solaris on their > servers, not Windows NT. Does NT have problems? > -- > SLUG - Sydney Linux User's Group - http://slug.org.au/ > More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] IP Traffic logging utilities?
Are there any analysis/logging applications that could give me a breakdown of the types of traffic in and out of my Linux internet gateway? e.g. breakdowns by port, protocol or whatevber may be useful for figuring out my unexplained incoming data totals. Thanks Peter -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] OpenOffice.org
On Sun, 2003-02-02 at 12:51, Rod Elliott - Hush Solutions wrote: > Snippet > Steven Wrote: > > >> Regardless of whether anyone knows, the only thing > > > that I miss from windows is the MSN and ICQ functionality. What > are the > > > closest programs for linux that correspond to these two programs Others here have pointed out nifty programs with MSN functionality. I personally really like licq for all my ICQing needs. Has a number of plugins for both communicating and the user interface, including one I find handy that lets me use it from a text console. It also has the extremely handy feature of being able to communicate over an https proxy - good if like me you're behind an... interesting firewall, or feel an inexplicable need to compress 100 byte messages through ssh tunnels :) Anyway, check it out: http://www.licq.org/ there are packages in mandrake and I'm sure every other distro has it too. HTH, James. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Security break? Cron nice -n 19 run-parts/etc/cron.daily
On Mon, 2003-02-03 at 10:08, [EMAIL PROTECTED] wrote: > G'day all... > > On our firewall/router (Mandrake 8.2) cron normally sends nice little > security messages, however one of the last couple of runs was different. > > It's attached below, normally the shutting down and starting up parts > aren't there... > > Any ideas...? not really. I find those emails annoying so I turn them off. The mandrake security whatsit isn't very smart. It doesn't look like an entirely unusual thing for it to be doing, but unless you made a change to the system I would be suspicious. I'd look at the crontab, look at the programs it's running etc. As I recall all these tools are written in perl, so vim should be all you need to see if they're at all different. It could be that upgrading initscripts caused a change in the way the reporting output gets written -- if you upgraded initscripts :) -- just canvassing some less alarming possibilities. Is the INN stuff normally there? perhaps it's just doing this because something has gone wrong with your news daemon. What sort of stuff has happened to this machine lately? HTH James. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] OpenOffice.org
On Sun, 2003-02-02 at 12:51, Rod Elliott - Hush Solutions wrote: > [html stripped] > >Snippet >Steven Wrote: >>> Regardless of whether anyone knows, the only thing >> > that I miss from windows is the MSN and ICQ functionality. What >are the >> > closest programs for linux that correspond to these two programs > I run gaim, that has plugins for AOL MSN ICQ IRC Jabber and more. It's pretty good at what it does, nice to have it all in one app. Greeno -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[OT] [SLUG] My quote of the day
Subject: [SLUG] My quote of the day > Seen on a web forum aimed at helping Solaris users. Such a gem, had to > share it: > > dre1988 (MIS) Apr 25, 2002 > > I tried a > > > > cat /dev/null > /var/adm/wtmpx > > > > This should send the file to /dev/null and create a 0 byte file for > > wtmpx. However, the file system is still 100% full. Is there a way to > > empty /dev/null? I've done a rebbot already. The problem here is obvious; the command is backwards. He should be using 'cat /var/adm/wtmpx > /dev/null' instead. :-) - Doug -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] OpenOffice.org
> Snippet > Steven Wrote: > > >> Regardless of whether anyone knows, the only thing > >> that I miss from windows is the MSN and ICQ functionality. What are > >> the closest programs for linux that correspond to these two > >> programs > > Steve, you may like to check out Gnome Messenger. I havent tried it > personally, so for know i'll keep quiet about it's true worth, but as far > as ive heard, it supports MSN style messaging networks. Check it out at > http://sourceforge.net/projects/gnomemessenger. I happily use GnomeICU for ICQ in linux. Jaime. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Unexplained traffic
On Mon, 03 Feb 2003 09:42:56 +1100 Peter Vogel <[EMAIL PROTECTED]> wrote: > Thank you to those who provided useful suggestions for firewall > configuration tools. I seem to have that sorted now. > > However I find that I receive about 20mb/day of traffic that I can't > account for. > > I do get "Possible syn flood" messages a few times a day. Could that add > up to megabytes? > > I also have unsucessful access attempts to apache every few seconds. This looks like you might have Apache set up as a web proxy and the web proxy is accessible from outside of you internal network. People are therefore using your server as an web proxy. Looks like you need to look at the access control configuration of Apache. Erik -- +---+ Erik de Castro Lopo [EMAIL PROTECTED] (Yes it's valid) +---+ Microsoft owns Hotmail. Hotmail runs Sun Solaris on their servers, not Windows NT. Does NT have problems? -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] network considerations
hi folks :) i thought i'd ask for some advice on how to best approach this small problem of mine.. i have a smallish network of 30 computers which are currently on a Win2000 svr and sharing a windows-based dialup proxy for internet access.. there is also a windows-based mail server on the network.. very simple at the moment.. i m attempting to introduce linux into that environment becos i feel that this network will benefit from significant speed gains in improved web browsing, email services and also better security... my current thoughts are :- 1/ leaving the workstations running windows - only for the time being though until i can convince users of the advantages of using a superior o/s in my following points 2/ leaving the win2000 svr alone but introducing a samba server and gradually migrating files across to samba until enuff load has been shedded on the win2000 svr 3/ introducing a linux-based mail svr to replace the windows based one 4/ introducing a linux-based proxy to replace the windows based one 5/ introducing a linux-based firewall to provide good security as a relatively newcomer to linux.. i m curious to know what other folks are doing for smallish networks like my example... are there other things i should be considering?? i don't think a dhcp svr is reuired only becos i go around setting static IPs... thanks moses -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Squid - configuration or telstra issue
Nik, It looks as if you've got your access control lists set incorrectly for Squid. Edit your /etc/squid/squid.conf appropriately. You'll need to look out for lines like acl src and http_access The final http_access rule should be http_access deny all All the best... Mike --- Michael S. E. Kraus Administration Capital Holdings Group (NSW) Pty Ltd [EMAIL PROTECTED] phone (02) 9955 8000 fax (02) 9955 8144 Nik Belajcic <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 02/02/2003 05:23 PM To: <[EMAIL PROTECTED]> cc: Subject:[SLUG] Squid - configuration or telstra issue Hello, I just joined the list and this is my first posting. I am new to Linux so some of the questions may be trivial. As an experiment I installed mandrake 9 on one old box with the intention to use it as a gateway/mail/proxy server replacing a w2k box with 602Pro LanSuite (which works very well). After a bit of fiddling I got routing and Squid running, but on my Windows clients, when trying to access web, I get an error message from Squid about access being denied. I am curious if anyone could tell me if this is a case of Squid configuration error, or Telstra could be blocking requests coming from Squid because it's a home ADSL connection that I am using. The error message reads as follows: * ERROR The requested URL could not be retrieved - While trying to retrieve the URL: http://www.yahoo.com/ The following error was encountered: Access Denied. Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect. Your cache administrator is root. - Generated Sat, 01 Feb 2003 22:39:39 GMT by mymachineblahblah.mydomainblahblah.com.au (Squid/2.4.STABLE7) ** (Machine and domain name in the line above changed for the purpose of this email) Thanks for any hints. Nik Belajcic. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Installing and Configuring PCMCIA cards
I am a trying to install and configure a Samsung wireless networking PCMCIA card. I have tried this with both Caldera and Redhat versions of linux without success. I am looking for an experience linux user (which I am not) to assist. Please email me [EMAIL PROTECTED] if interested. Thanks, Adam Harris -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Problems running X in Red Hat 7.3 - Help?
I've found that most boxes newer than 486 handle no graphics card. A handy thing with boxes that have no monitor is to set up a terminal on one of the serial ports, especially with a firewall where you are likely to "cut off your hands", it is nice to be able to get in still. You want to put a line in /etc/inittab (my distro has them already there, but commented out) #T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100 what you're looking for is ttyS0 or ttyS1 which means serial port 1 (TeleTYpe Serial 0?) then kill -HUP 1 (init is the first process). It's also handy to put ttyS0/1 in /etc/securetty which means that you can log in directly as root, rather than as a user then SUing. The reason they aren't in there by default is that modem logins are usually over serial ports. Cheers, Woody On Sun, Feb 02, 2003 at 09:35:00PM +1100, Patrick Lesslie wrote: > > > Rod, > As Terry pointed out, you don't need to run X to > run a firewall; for that you just need a firewall script, > the iptables package, and a kernel that supports iptables. > (unless you use ipchains or even ipfwadm; a bit old though) > Then link to it so it starts at boot, or perhaps whenever > the connection comes up. > > The first thing you will want to do though is to stop X > starting up (you did say, no graphics card ?). You'll need > to boot to single user mode or similar (type "linux single" > at the boot prompt; a redhat 7.3 person might be more helpful > here) and login as root, remove the links that are starting > gdm or kdm from /etc/rc/rc3.d (?) or better yet, just > uninstall gdm and/or kdm (rpm --uninstall gdm (?)). > > If you do want to run X, try installing a nice thin window > manager like WindowMaker (wmaker) (my favourite ;-). > It will run with very little RAM. > > patrick > > (I forgot to cc the list first time I sent this...) > > On Thu, 30 Jan 2003, Rod Elliott - Hush Solutions wrote: > > > Hey Guys, > > Just hoping to get a bit of a helping hand with a server set up of Red > > Hat Linux 7.3. Ive set it up on an older Pentium I machine in the hope > > of bringing it back from the grave, and the installation appears to go > > fine, however upon booting, KDE or GNOME fails to run, citing memory > > problems (not enough) as being the cause. The machine also doesnt have a > > graphics card...and this may be the obvious cause of the problems. > > > > Can someone point me in the right direction on this. Does RH 7.3 require > > more RAM in order to run, a graphics card perhaps? I have the shell > > running fine, but it's X that appears to be struggling with the current > > hardware. What other options are available for aged and lesser quality > > hardware? All i really need is a box that will act a firewall between my > > win2k network and the internet. > > > > thanks in advance > > > > Rod. > > > > -- > SLUG - Sydney Linux User's Group - http://slug.org.au/ > More Info: http://lists.slug.org.au/listinfo/slug -- Woody -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Squid - configuration or telstra issue
Hello, I just joined the list and this is my first posting. I am new to Linux so some of the questions may be trivial. As an experiment I installed mandrake 9 on one old box with the intention to use it as a gateway/mail/proxy server replacing a w2k box with 602Pro LanSuite (which works very well). After a bit of fiddling I got routing and Squid running, but on my Windows clients, when trying to access web, I get an error message from Squid about access being denied. I am curious if anyone could tell me if this is a case of Squid configuration error, or Telstra could be blocking requests coming from Squid because it's a home ADSL connection that I am using. The error message reads as follows: * ERROR The requested URL could not be retrieved - While trying to retrieve the URL: http://www.yahoo.com/ The following error was encountered: Access Denied. Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect. Your cache administrator is root. - Generated Sat, 01 Feb 2003 22:39:39 GMT by mymachineblahblah.mydomainblahblah.com.au (Squid/2.4.STABLE7) ** (Machine and domain name in the line above changed for the purpose of this email) Thanks for any hints. Nik Belajcic. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] OpenOffice.org
SnippetSteven Wrote: >> Regardless of whether anyone knows, the only thing > > that I miss from windows is the MSN and ICQ functionality. What are the > > closest programs for linux that correspond to these two programs Steve, you may like to check out Gnome Messenger. I havent tried it personally, so for know i'll keep quiet about it's true worth, but as far as ive heard, it supports MSN style messaging networks. Check it out at http://sourceforge.net/projects/gnomemessenger. Rod.Tired of spam? Get advanced junk mail protection with MSN 8. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Unexplained traffic
Hi That looks like spamming instead of using email they are requesting the url's that they want to spam on your web server. The most people would see them in the access log or in summary stats created using things like webalizer. If you can configure apache to display a certain page for proxy accesses (eg access denied etc...) then configure that page to be something like /denyip.pl (or whatever your favourite programming language may be), You will need to basically grab the ip address and drop it into your firewall. I do this for code red worm attempts. On Mon, 3 Feb 2003, Peter Vogel wrote: > Thank you to those who provided useful suggestions for firewall > configuration tools. I seem to have that sorted now. > > However I find that I receive about 20mb/day of traffic that I can't > account for. > > I do get "Possible syn flood" messages a few times a day. Could that add > up to megabytes? > > I also have unsucessful access attempts to apache every few seconds. > > Here is a typical couple of munites from my log: > > 217.84.6.34 - - [03/Feb/2003:08:20:38 +1100] "GET >http://www.freemobiletunes.com/cgi-bin/arp/rankem.cgi?action=in&id=chartz HTTP/1.0" >404 1341 "http://www.8ung.at/smartlogo/ringtones.htm"; "Mozilla/4.0 (compatible; MSIE >4.01; Windows 95)" > 24.29.148.128 - - [03/Feb/2003:08:20:52 +1100] "GET >http://www.adpowerzone.com/scripts/diatok.js HTTP/1.0" 404 1225 >"http://www.geocities.com/bassw20/index.html"; "Mozilla/4.0 (compatible; MSIE 5.02; >Windows 98)" > 217.227.90.195 - - [03/Feb/2003:08:21:06 +1100] "GET >http://www.gsmsitez.net/cgi-bin/topsites/topsites.cgi?larsi HTTP/1.1" 404 1286 >"http://www.logotown.de"; "Mozilla/4.5 [fr] (Win95; I)" > 217.227.90.195 - - [03/Feb/2003:08:21:33 +1100] "GET >http://utop.net/cgi-bin/utop.cgi?ID=/150 HTTP/1.1" 404 1172 "http://www.logotown.de"; >"Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.195.81.215 - - [03/Feb/2003:08:22:55 +1100] "GET >http://www.leadhound.com/show2.php?id=9236&bid=23967 HTTP/1.1" 404 1181 >"http://www.mp3rock.com"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.195.81.215 - - [03/Feb/2003:08:24:30 +1100] "GET >http://banners.webmasterplan.com/view.asp?site=2358&ref=146341&b=2 HTTP/1.1" 404 1201 >"http://www.die-80er-jahre.de"; "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)" > 62.195.81.215 - - [03/Feb/2003:08:24:50 +1100] "GET >http://www.leadhound.com/show2.php?id=9449&bid=24968 HTTP/1.1" 404 1183 >"http://www.rapworld.com"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.195.81.215 - - [03/Feb/2003:08:26:12 +1100] "GET >http://www.leadhound.com/show2.php?id=9236&bid=23966 HTTP/1.0" 404 1181 >"http://www.mp3rock.com"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.131.12.251 - - [03/Feb/2003:08:26:50 +1100] "GET >http://www.1-click-clipart.com/bin/rankem.cgi?action=in&id=1cool HTTP/1.1" 404 1213 >"http://www.top20cool.com/index.html"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 62.195.81.215 - - [03/Feb/2003:08:27:16 +1100] "GET >http://banners.webmasterplan.com/view.asp?site=2306&ref=145686&b=3 HTTP/1.0" 404 1193 >"http://www.myownmusic.de"; "Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)" > > Any ideas what the cause of this is and can I stop it?? > > Thanks > > Peter > -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] slug on demand
> I think Jdub also gave a talk(which may be the same as the recorded LCA > one). (although it was better because he wasn't hung over...) - Jeff -- "Biology is the only science in which multiplication means the same thing as division." - Greg Leblanc -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] slug on demand
Hello! >we have had a video camera lurking around the meetings for a few months and it >was mentioned that at some stage mpegs or whatever might be made available >for download This is correct, the footage(for previous meetings) is on Jans harddrive at the moment it's many gigs in size. This needs some free time to convert down to mpg or something useful/small. Jan and the committee will probably comment then announce when a system has been made to have these online. >any news on this? i had to miss last week's meeting and would be keen to see >what i missed Last week wasn't videotaped as they showed LCA footage and talked about experiences in perth. I think Jdub also gave a talk(which may be the same as the recorded LCA one). HTH, Jaime. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Unexplained traffic
Thank you to those who provided useful suggestions for firewall configuration tools. I seem to have that sorted now. However I find that I receive about 20mb/day of traffic that I can't account for. I do get "Possible syn flood" messages a few times a day. Could that add up to megabytes? I also have unsucessful access attempts to apache every few seconds. Here is a typical couple of munites from my log: 217.84.6.34 - - [03/Feb/2003:08:20:38 +1100] "GET http://www.freemobiletunes.com/cgi-bin/arp/rankem.cgi?action=in&id=chartz HTTP/1.0" 404 1341 "http://www.8ung.at/smartlogo/ringtones.htm"; "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)" 24.29.148.128 - - [03/Feb/2003:08:20:52 +1100] "GET http://www.adpowerzone.com/scripts/diatok.js HTTP/1.0" 404 1225 "http://www.geocities.com/bassw20/index.html"; "Mozilla/4.0 (compatible; MSIE 5.02; Windows 98)" 217.227.90.195 - - [03/Feb/2003:08:21:06 +1100] "GET http://www.gsmsitez.net/cgi-bin/topsites/topsites.cgi?larsi HTTP/1.1" 404 1286 "http://www.logotown.de"; "Mozilla/4.5 [fr] (Win95; I)" 217.227.90.195 - - [03/Feb/2003:08:21:33 +1100] "GET http://utop.net/cgi-bin/utop.cgi?ID=/150 HTTP/1.1" 404 1172 "http://www.logotown.de"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" 62.195.81.215 - - [03/Feb/2003:08:22:55 +1100] "GET http://www.leadhound.com/show2.php?id=9236&bid=23967 HTTP/1.1" 404 1181 "http://www.mp3rock.com"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" 62.195.81.215 - - [03/Feb/2003:08:24:30 +1100] "GET http://banners.webmasterplan.com/view.asp?site=2358&ref=146341&b=2 HTTP/1.1" 404 1201 "http://www.die-80er-jahre.de"; "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)" 62.195.81.215 - - [03/Feb/2003:08:24:50 +1100] "GET http://www.leadhound.com/show2.php?id=9449&bid=24968 HTTP/1.1" 404 1183 "http://www.rapworld.com"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" 62.195.81.215 - - [03/Feb/2003:08:26:12 +1100] "GET http://www.leadhound.com/show2.php?id=9236&bid=23966 HTTP/1.0" 404 1181 "http://www.mp3rock.com"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" 62.131.12.251 - - [03/Feb/2003:08:26:50 +1100] "GET http://www.1-click-clipart.com/bin/rankem.cgi?action=in&id=1cool HTTP/1.1" 404 1213 "http://www.top20cool.com/index.html"; "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" 62.195.81.215 - - [03/Feb/2003:08:27:16 +1100] "GET http://banners.webmasterplan.com/view.asp?site=2306&ref=145686&b=3 HTTP/1.0" 404 1193 "http://www.myownmusic.de"; "Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)" Any ideas what the cause of this is and can I stop it?? Thanks Peter -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Security break? Cron nice -n 19 run-parts /etc/cron.daily
G'day all... On our firewall/router (Mandrake 8.2) cron normally sends nice little security messages, however one of the last couple of runs was different. It's attached below, normally the shutting down and starting up parts aren't there... Any ideas...? Thanks... Mike --- Michael S. E. Kraus Administration Capital Holdings Group (NSW) Pty Ltd [EMAIL PROTECTED] phone (02) 9955 8000 fax (02) 9955 8144 - Forwarded by Michael Kraus/CapitalHoldingsGroup/AU on 03/02/2003 09:08 AM - [EMAIL PROTECTED] (Cron Daemon) 02/02/2003 04:02 AM To: [EMAIL PROTECTED] cc: Subject:Cron nice -n 19 run-parts /etc/cron.daily run-parts: /etc/cron.daily/inn-cron-expire exited with return code 1 Shutting down prelude: [ OK ] Shutting down prelude report: [ OK ] Starting prelude report: [ OK ] Starting prelude: [ OK ] -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] slug on demand
we have had a video camera lurking around the meetings for a few months and it was mentioned that at some stage mpegs or whatever might be made available for download any news on this? i had to miss last week's meeting and would be keen to see what i missed Warren -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Redhat 8.0 Sound server & XMMS
On Sunday 02 February 2003 22:34, Jeff Waugh wrote: ALSA, esd, arts, etc. If you're running KDE, you probably want to choose arts. This is probably true, especially if 2 is also true. 2 means that your sound card may not support mixing in hardware, which means that only one program can write to it at once. That is probably the case with your hardware. What you have to do in this instance is write to a sound server, which mixes in software and sends the result to the hardware -> esd and arts are the most common sound servers used to do this (esd in GNOME, arts in KDE). Arts used to hang in out in one of KDE's menus it doesn't appear to be present in RH 8.0? I've selected Open Sound System as the server and the problem persists. I Know my soundcard can play sets of sounds at once under winblows. Got to go ... thanks all Mick -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Redhat 8.0 and KDE
On Sunday 02 February 2003 22:31, Jeff Waugh wrote: > There are upstream-style KDE RPMs available for Red Hat 8.0 if you want > exactly what the KDE project releases. > > However, I personally don't see what the fuss is all about. Red Hat also > made a stack of changes to the version of GNOME 2.0 they shipped, but there > hasn't been a lot of complaints about that. :-) The major changes include: > > - Red Hat integrated menus (same entries on both desktops, Red Hat > 'bless' particular applications as the best in their class and list others > as 'extras') > > - Both environments default to the 'Big Three' desktop apps -> mozilla as > web browser, Evolution as mailer/groupware, OpenOffice as office suite. > They are (perhap... ...is probably a response to RH8. :-) ] > > Thanks, > > - Jeff I understand and applaud Redhat's redhats attempts to "standardise" linux so that users and especially new users are starting in a consistent enviroment. Maybe redhat should look at including some sort of option in the "custom" installation class... like "use redhat default desktop or use KDE /Gnome desktop"... ( I hope you know what I mean). I've always wanted to use debian but apparently even their latest offering does not support ATi. radeons This is not unsurmountable, as installing XFree should remiedie that...The whole Debian thing is too scarey. I've only been using linux for about 18 months and I still suck at it. Debian people have this whole "Ohhh, he uses Debian, so he must know what he's doing" thing attached. When I learn alittle more, I'll give Debian ago. Regards Mick -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Newbie: SCSI Install Problem Adaptec AVA1505AE/AI
Hate to say it, but since no-one else has replied ... I suspect the shortest course to success would be to dump this card and get a better one. The 1505 is quite a basic and ancient beast. You can pick up a very good card for less than $80 these days. Matt -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Redhat 8.0 Sound server & XMMS
> 1. you have the correct output plugin selected > 2. no other program is blocking the sound card > 3. your sound card is properly configured > > I can safely say 3 is not the issue. What are then other two messages > indictive of? 1 means that the XMMS output plugin may not be correct - you can choose OSS, ALSA, esd, arts, etc. If you're running KDE, you probably want to choose arts. This is probably true, especially if 2 is also true. 2 means that your sound card may not support mixing in hardware, which means that only one program can write to it at once. That is probably the case with your hardware. What you have to do in this instance is write to a sound server, which mixes in software and sends the result to the hardware -> esd and arts are the most common sound servers used to do this (esd in GNOME, arts in KDE). - Jeff -- "The postmodern version is: If all you have is duct tape, everything starts to look like a duct. Right. When's the last time you used duct tape on a duct?" - Larry Wall -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Redhat 8.0 and KDE
> Hi I got this address from Redhat home, and just wanted to ask one > question. How degraded is kde in RH 8.0? Is it possible to restore > original visual settings and themes of KDE, or does redhat over ride > these? I'm a massive fan of KDE and always want the original creation of > KDE.org Thanks for the time in this matter There are upstream-style KDE RPMs available for Red Hat 8.0 if you want exactly what the KDE project releases. However, I personally don't see what the fuss is all about. Red Hat also made a stack of changes to the version of GNOME 2.0 they shipped, but there hasn't been a lot of complaints about that. :-) The major changes include: - Red Hat integrated menus (same entries on both desktops, Red Hat 'bless' particular applications as the best in their class and list others as 'extras') - Both environments default to the 'Big Three' desktop apps -> mozilla as web browser, Evolution as mailer/groupware, OpenOffice as office suite. They are (perhaps arguably) the best apps in their class, and Red Hat chooses to support them over other applications. This is a positive thing for their users. - A number of changes to Qt and GTK+ so the entire system uses fontconfig, the next-generation font handling software written by Keith Packard. Now both toolkits (Qt and GTK+) support fontconfig without patches (and with GNOME 2.2, you *must* have GTK+ built with fontconfig support), but they didn't when RH released 8.0. Ultimately, Red Hat build and productise their distribution for their customers, who value these kinds of changes - and integration of the desktop environments is a big support win for those customers. If you don't like Red Hat's changes, use a distro that keeps things fairly close to upstream's design (I'd recommend Debian, but for more important reasons than this one). I think Red Hat has done an incredble job with their build of KDE, especially when you consider that it is not their primary interest in the desktop space. Compare Red Hat's KDE to SuSE's GNOME some time. ;-) [ Funny though, SuSE have announced that they will provide better support for GNOME in future versions, which is probably a response to RH8. :-) ] Thanks, - Jeff -- "'Cause remember, smug is beautiful." - Zachary Beane -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Problems running X in Red Hat 7.3 - Help?
Rod, As Terry pointed out, you don't need to run X to run a firewall; for that you just need a firewall script, the iptables package, and a kernel that supports iptables. (unless you use ipchains or even ipfwadm; a bit old though) Then link to it so it starts at boot, or perhaps whenever the connection comes up. The first thing you will want to do though is to stop X starting up (you did say, no graphics card ?). You'll need to boot to single user mode or similar (type "linux single" at the boot prompt; a redhat 7.3 person might be more helpful here) and login as root, remove the links that are starting gdm or kdm from /etc/rc/rc3.d (?) or better yet, just uninstall gdm and/or kdm (rpm --uninstall gdm (?)). If you do want to run X, try installing a nice thin window manager like WindowMaker (wmaker) (my favourite ;-). It will run with very little RAM. patrick (I forgot to cc the list first time I sent this...) On Thu, 30 Jan 2003, Rod Elliott - Hush Solutions wrote: > Hey Guys, > Just hoping to get a bit of a helping hand with a server set up of Red > Hat Linux 7.3. Ive set it up on an older Pentium I machine in the hope > of bringing it back from the grave, and the installation appears to go > fine, however upon booting, KDE or GNOME fails to run, citing memory > problems (not enough) as being the cause. The machine also doesnt have a > graphics card...and this may be the obvious cause of the problems. > > Can someone point me in the right direction on this. Does RH 7.3 require > more RAM in order to run, a graphics card perhaps? I have the shell > running fine, but it's X that appears to be struggling with the current > hardware. What other options are available for aged and lesser quality > hardware? All i really need is a box that will act a firewall between my > win2k network and the internet. > > thanks in advance > > Rod. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Redhat 8.0 Sound server & XMMS
Tis' the night for posting. Hi all, I'm having "trouble" with my soundcards (plural, but only trying one card at a time). I have an on board VT82C686 AC97 sound card which works when I "test sound" but does not play the KDE start up sound (or any other sounds) and when I ttry to play music using XMMS (patched) I recieve the following warning. "Please check that: 1. you have the correct output plugin selected 2. no other program is blocking the sound card 3. your sound card is properly configured I can safely say 3 is not the issue. What are then other two messages indictive of? Regards Mick -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Redhat 8.0 and KDE
D.Nicholson sincerely wrote: > question. How degraded is kde in RH 8.0? Is it possible to restore > original visual settings and themes of KDE, or does redhat over ride > these? I'm a massive fan of KDE and always want the original creation > of KDE.org Thanks for the time in this matter Couldn't agree more, after installing rehat 8.0 I was dying to check out my new KDE desktop ... it took me three frustrating logins selecting KDE each time before I realised there WAS NO DIFFERENCE in gnome and kde's menus or apperance. If I wasn't for Redhat logos everywhere, I would have started thinking I'd installed a microsoft product! (you can whatever desktop and menus you want as long as it's this one). I've spent alot time getting my favorite programes out of "extra's" and into "menus". If it wasn't for the huge scratch in disk two of my 7.3 distro, I would have scrapped 8.0. If there is a way to reset KDE's character, please let me know... Regards Mick -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Problems running X in Red Hat 7.3 - Help?
On Sunday 02 February 2003 09:04, Terry Collins wrote: > Rod Elliott - Hush Solutions wrote: > > ,,,snip > > > The machine also doesnt have > > a graphics card...and this may be the obvious cause of the problems. Missed most of this post which makes it bad form to reply ... but I thought ALL computers required memory, CPU and a graphics (video) card to even boot. What machine are we talking about (courious), or is there a way to fix a bios on certain mobo's so it doesn't seek video output to boot (always willing to learn new tricks). regards Mick -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] Redhat 8.0 and KDE
Although I didnt try KDE in RH8 -- however if its anything like they're GNOME2 - you should be fine. Just try changing the theme in the KDE Control Panel. Cheers, Chris > This is a multi-part message in MIME format. > > > Hi I got this address from Redhat home, and just wanted to ask one question. How degraded is kde in RH 8.0? Is it possible to restore original visual settings and themes of KDE, or does redhat over ride these? I'm a massive fan of KDE and always want the original creation of KDE.org Thanks for the time in this matter > sincerely D.Nicholson > > -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] Redhat 8.0 and KDE
Hi I got this address from Redhat home, and just wanted to ask one question. How degraded is kde in RH 8.0? Is it possible to restore original visual settings and themes of KDE, or does redhat over ride these? I'm a massive fan of KDE and always want the original creation of KDE.org Thanks for the time in this matter sincerely D.Nicholson