Need help troubleshooting NIC
Over the weekend one my servers went down due to extended power failure. The file system reports clean, but something has gone sideways with networking. The server is a Dell 2950 running 7.0 release, and it's been working fine for well over a year. It uses the BCE driver. Ifconfig shows it to be up and active and configured with the correct IP, mask and gateway, but I can't ping anything. I've tested the ethernet connection with a nearby machine and it works. I also booted the 2950 from an Ubuntu live CD and the NIC worked, so i don't think it's a hardware issue. Is there a way I can rebuild the driver without having to rebuild the kernel? -- Michael Galvez Information Technology Specialist University of Virginia ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Need help troubleshooting NIC
On Mon, Feb 08, 2010 at 04:24:39PM -0600, Adam Vande More wrote: On Mon, Feb 8, 2010 at 1:19 PM, Mike Galvez gal...@virginia.edu wrote: Over the weekend one my servers went down due to extended power failure. The file system reports clean, but something has gone sideways with networking. The server is a Dell 2950 running 7.0 release, and it's been working fine for well over a year. It uses the BCE driver. Ifconfig shows it to be up and active and configured with the correct IP, mask and gateway, but I can't ping anything. I've tested the ethernet connection with a nearby machine and it works. I also booted the 2950 from an Ubuntu live CD and the NIC worked, so i don't think it's a hardware issue. Is there a way I can rebuild the driver without having to rebuild the kernel? What does netstat -r show? -- Adam Vande More ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Adam, Thanks for the reply. netstat -r shows a segfault before it finishes. The machine is back online, but I beginning to think that maybe the nics are flaky after all. netstat -r Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire defaultcarruthers1-all-ro UGS 0 498375 bce0 localhost localhost UH 0 270lo0 128.143.87.0 link#1 UC 00 bce0 carruthers1-all-ro 00:d0:05:34:40:00 UHLW20 bce0 1197 Segmentation fault -- Michael Galvez Information Technology Specialist University of Virginia ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Net::SFTP not working after upgrade to 7.0 Release
I recently replaced a 5.3 Release server with a 7.0 Release machine. One of the jobs that runs on this machine use Net::SFTP. I installed this from ports, and it built without any errors. The script that uses Net::SFTP is now throwing an error: /libexec/ld-elf.so.1: /usr/local/lib/perl5/site_perl/5.8.8/mach/auto/Math/BigInt/GMP/GMP.so: Undefined symbol __gmpz_init_set_str I have tried removing and re-installing the p5-Math-BigInt-GMP-1.24 port as well as the Net::SFTP port, and it still throws the same error. I'm hoping one of you has fought this battle and has some wisdom to share. Thanks -Mike OS: FreeBSD 7.0-RELEASE GENERIC amd64 Machine: Dell dual quad core CPU: Intel(R) Xeon(R) -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist University of Virginia ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: apache problem
On Tue, Mar 06, 2007 at 11:03:34PM +, eoghan wrote: On 3/6/07, Mike Galvez [EMAIL PROTECTED] wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of eoghan Sent: Tuesday, March 06, 2007 5:50 AM To: freebsd Subject: apache problem Hi I am running apache 2.2.4 on FreeBSD 6.1. This is a recent upgrade from ports (in the past few days or so). Since then I cant browse to localhost. Just get an unable to connect message. The server seems to start with: $sudo apachectl start If I try it again I see its already running. My error log shows: [Mon Mar 05 11:20:00 2007] [notice] Apache/2.2.4 (FreeBSD) mod_ssl/2.2.4 OpenSSL/0.9.7e-p1 DAV/2 PHP/5.2.1 with Suhosin-Patch configured -- resuming normal operations [Mon Mar 05 11:20:22 2007] [notice] caught SIGTERM, shutting down I have tried the apache list but no real answers, and apache was working fine for me before I upgraded. Has anyone else noticed this since an upgrade to the 2.2.4 version from ports? Thanks Eoghan I had the same problem. Here is how I fixed it: #apachectl stop # cd /usr/ports/www/apache22 #make clean # make deinstall # rm ./* Then do a cvsup ports all now once more #cd /usr/ports/www/apache22 # make (it will use your stored config) #make install #make clean #apachectl start Hi Gret, thanks for that, I will give this a go. Regards Eoghan all the best please let me know if it works 4U -- I have made a posting on [EMAIL PROTECTED] -- so the maintainer knows aboutthe problem. If this also works for you it should not be too difficult for someone to fix the port. David Hi I have tried this and i still cant get it working. Also tried syntax check and its checks out OK, as someone else suggested to do... any further suggestions? Thanks Eoghan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Hi, I was rebuilding one of my servers yesterday. I was having trouble getting ldap support to build, but I was also seeing the same issue you describe. The configtest reported no errors and Apache appeared to start and I could see it in the process list, but could not contact the server. Out of frustration i bounced the box and when it came back up Apache started as expected (minus ldap of course). -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist University of Virginia Hi By bounced the box, do you mean restarted it? Thanks Eoghan Yes. Restart the OS. Even though I had killed all http processes, Apache 2.2.4 server would not restart correctly without restarting the OS. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist University of Virginia ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sun Fire x2100
On Thu, Jan 04, 2007 at 03:29:05PM -0500, David Robillard wrote: Just finished searching the archives and net and turned up a few answers. I also checked the AMD64 release notes for FBSD 6.1. Is anyone running FreeBSD on a Sun Fire X2100? Any caveats I should know about? Looks like it should be a simple install and run. We will be using these servers as outbound SMTP servers so they will be running just the minimum mail services, smtp-auth, and clamAV. Hi DAve, I had a Sun Fire X2100 in here a year ago to test it. It installed ok using FreeBSD/amd64 RELEASE-6.0. My guess is that it should be alright with 6.1 or the upcoming 6.2. Your best bet is to get a Sun rep loan you one of them so that you can try it out. If they refuse, the sometimes have some in their own offices which you usually can go to and try it. Here are the ifconfig(8) and (rather long) dmesg(8) output from the Sun Fire X2100 running a GENERIC FreeBSD/amd64 RELEASE-6.0 kernel on January 8th, 2006. David, I also have a few of these machines. They are running FreeBSD 6.2-BETA2 and have been in service since October with no problems. I plan to bring them up to Stable as soon as it's ready. I am only using the bge ethernet adapters. HTH -Mike -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist University of Virginia Manager Comptroller Systems Support Office: 434-982-2975 USENIX Member This novel is not to be tossed lightly aside, but to be hurled with great force. -- Dorothy Parker ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to apply bios firmware update?
On Fri, Jul 21, 2006 at 04:29:11PM -0400, Mayo, Richard A RDECOM CERDEC STCD SRI wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erik N?rgaard Sent: Friday, July 21, 2006 3:47 PM To: FreeBSD Questions Subject: how to apply bios firmware update? Hi I have just downloaded a bios firmware update for my laptop, but it assumes that I run windows: close all programs, execute whatever.exe and reboot. Is there some utility that will allow me to update the firmware running freebsd or temporarily boot in some windows emulated environment? Thanks, Erik -- Erik, 1) If you're using a laptop that supports booting from a USB device, you might temporarily install windows on a big, big thumb drive for the purposes of installing your bios update. 2) On the off chance that your update runs under DOS, you can get what you need to create a DOS boot disk from http://www.bootdisk.com/. 3) Bootdisk.com has other boot disk version up to Win XP. Heck, they're free to try 3) Sadly, there's no Knoppix version of Windows that boots from a CD but you could temporarily connect a hard disk as a worst case... Not exactly Knoppix but based on it is: http://www.ubcd4win.com/ I have used this to rescue data from many a downed workstation. It will give you an XP environment to work in. Rich Mayo SRI International -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist University of Virginia USENIX Member ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Opinions Wanted: Dell PowerEdge Servers ... ?
On Sat, Jun 24, 2006 at 10:03:42PM -0300, Marc G. Fournier wrote: I'm currently weighing options ... my last two servers were HP Proliant, and I *really* like them, but I might have a line on a supplier in Panama that deals in Dell Servers and not HP ... Looking at Dell's web site, the PowerEdge has an optional Remote Access Controller that will it *sounds* like will give me similar functionality as HPs iLO ... But, I've heard bad things about their 'desktop offerings', and am not sure if that follows through to their Servers ... So, I'm kinda looking for both good, and bad, experiences with the PowerEdge stuff ... anyone with opinions? Thx ... Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 No small thing you need to consider when choosing Dell is that they DO NOT support FreeBSD. They support Windows and Red Hat Linux. If the machine is not lights-out and the OS is not one of the above, they will not send parts or a technician. I found this out the hard way and had to load Linux on a spare drive just to prove a piece of hardware was failing. They wasted a lot of my time. The cheaper cost of their hardware was easily outweighed by the wasted hours of my time. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Opinions Wanted: Dell PowerEdge Servers ... ?
On Mon, Jun 26, 2006 at 11:24:54AM -0400, Jerry McAllister wrote: Mike Galvez wrote: [ ... ] No small thing you need to consider when choosing Dell is that they DO NOT support FreeBSD. They support Windows and Red Hat Linux. If the machine is not lights-out and the OS is not one of the above, they will not send parts or a technician. I found this out the hard way and had to load Linux on a spare drive just to prove a piece of hardware was failing. I've heard that Dells tech support isn't as helpful as it used to be, but I've had them replace a CD-ROM drive and a 4mm DAT tape backup on Dell machines dedicated to FreeBSD without any problems. Try running the diagnostic CD or floppy that came with the machine? (Or can be downloaded for the specific system type from the Dell website.) Dell support grumbles a bit, but they have replaced tapes, disks, SCSI controllers and even mother boards on our machines running FreeBSD. My problem was with my backup server being FreeBSD and running AMANDA. The Powervault autoloader was generating SCSI errors. After I setup AMANDA on Linux and got the same errors, they were willing to replace the Powervault autoloader. With the new autoloader in place, I replaced the Linux OS with the same instance of FreeBSD I was using before. No more SCSI errors. All of this took more time than it should have. jerry -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: scsi troubles
On Thu, Apr 20, 2006 at 12:35:59PM -0400, Stas Khromoy wrote: i am pretty sure backups don't work when error comes up and the tape drive locks up at that time too, requiring a cold reset is any one else using this tape model (powervault 114t LTO2 tape drive)? Stas, I am using a PV-124T LTO2. I am having similar issues with the changer locking up when moving tapes. I didn't see the earlier part of this thread, so I don't know what you are using for backup software. I'm using Amanda 2.4.5p1 with FreeBSD 6.1-RC1 on Dell PE-850 and having a few issues getting it to run smoothly. I was beginning to wonder if I got a bad changer. I am able to make backups and restore from them, but every so often I get a Dump Card State message and the changer locks up and has to be power-cycled. ch0 at ahc0 bus 0 target 6 lun 1 ch0: DELL PV-124T 0026 Removable Changer SCSI-2 device ch0: 160.000MB/s transfers (80.000MHz, offset 127, 16bit) ch0: 8 slots, 1 drive, 1 picker, 0 portals (sa0:ahc0:0:6:0): tape is now frozen- use an OFFLINE, REWIND or MTEOM command to clear this state. (sa0:ahc0:0:6:0): tape is now frozen- use an OFFLINE, REWIND or MTEOM command to clear this state. ahc0: Recovery Initiated Dump Card State Begins ahc0: Dumping Card State while idle, at SEQADDR 0x8 Card was paused ACCUM = 0x4, SINDEX = 0x67, DINDEX = 0x27, ARG_2 = 0x4 HCNT = 0x0 SCBPTR = 0x0 SCSIPHASE[0x0] SCSISIGI[0x0] ERROR[0x0] SCSIBUSL[0x0] LASTPHASE[0x1]:(P_BUSFREE) SCSISEQ[0x12]:(ENAUTOATNP|ENRSELI) SBLKCTL[0xa]:(SELWIDE|SELBUSB) SCSIRATE[0x0] SEQCTL[0x10]:(FASTMODE) SEQ_FLAGS[0xc0]:(NO_CDB_SENT|NOT_IDENTIFIED) SSTAT0[0x0] - snip This probably isn't helpful as I don't have an answer for why this happening. I'm still looking. -Mike - [snip] Do you know for sure if the backups are failing? It's possible the dump card states are harmless. I have some systems that do a dump card state on boot but that have never exhibited an actual problem. Another suggestion is to check if you have the latest firmware for both the tape drive and the controller. Still more people will probably say that there is bad voodoo between whoever your controller vendor is and whoever your drive vendor is. Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist University of Virginia USENIX Member ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: scsi troubles
On Thu, Apr 20, 2006 at 04:22:11PM -0400, Stas Khromoy wrote: Mike: maybe i am blind and don't see this info in your reply do you use Adaptec 3960D scsi adapter ? Stas, You're not blind, I just forgot to add the info, The adapter was also purchased through Dell and is Adaptec 3960D Ultra160 SCSI adapter hth -Mike Mike Galvez wrote: On Thu, Apr 20, 2006 at 12:35:59PM -0400, Stas Khromoy wrote: i am pretty sure backups don't work when error comes up and the tape drive locks up at that time too, requiring a cold reset is any one else using this tape model (powervault 114t LTO2 tape drive)? Stas, I am using a PV-124T LTO2. I am having similar issues with the changer locking up when moving tapes. I didn't see the earlier part of this thread, so I don't know what you are using for backup software. I'm using Amanda 2.4.5p1 with FreeBSD 6.1-RC1 on Dell PE-850 and having a few issues getting it to run smoothly. I was beginning to wonder if I got a bad changer. I am able to make backups and restore from them, but every so often I get a Dump Card State message and the changer locks up and has to be power-cycled. ch0 at ahc0 bus 0 target 6 lun 1 ch0: DELL PV-124T 0026 Removable Changer SCSI-2 device ch0: 160.000MB/s transfers (80.000MHz, offset 127, 16bit) ch0: 8 slots, 1 drive, 1 picker, 0 portals (sa0:ahc0:0:6:0): tape is now frozen- use an OFFLINE, REWIND or MTEOM command to clear this state. (sa0:ahc0:0:6:0): tape is now frozen- use an OFFLINE, REWIND or MTEOM command to clear this state. ahc0: Recovery Initiated Dump Card State Begins ahc0: Dumping Card State while idle, at SEQADDR 0x8 Card was paused ACCUM = 0x4, SINDEX = 0x67, DINDEX = 0x27, ARG_2 = 0x4 HCNT = 0x0 SCBPTR = 0x0 SCSIPHASE[0x0] SCSISIGI[0x0] ERROR[0x0] SCSIBUSL[0x0] LASTPHASE[0x1]:(P_BUSFREE) SCSISEQ[0x12]:(ENAUTOATNP|ENRSELI) SBLKCTL[0xa]:(SELWIDE|SELBUSB) SCSIRATE[0x0] SEQCTL[0x10]:(FASTMODE) SEQ_FLAGS[0xc0]:(NO_CDB_SENT|NOT_IDENTIFIED) SSTAT0[0x0] - snip This probably isn't helpful as I don't have an answer for why this happening. I'm still looking. -Mike - [snip] Do you know for sure if the backups are failing? It's possible the dump card states are harmless. I have some systems that do a dump card state on boot but that have never exhibited an actual problem. Another suggestion is to check if you have the latest firmware for both the tape drive and the controller. Still more people will probably say that there is bad voodoo between whoever your controller vendor is and whoever your drive vendor is. Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist University of Virginia USENIX Member Death is only a state of mind. Only it doesn't leave you much time to think about anything else. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: wrap sshd
On Fri, Jun 10, 2005 at 05:30:53PM +, Osmany Guirola Cruz wrote: Hi i am trying to restrict the ssh access to my machine from a specific machine and i am using hosts.allow but does not wor for me this is my /etc/hosts.allow file sshd : capella.cigb.edu.cu : deny make sure you comment out the line below in your host.allow file or none of your rules will work. # Start by allowing everything (this prevents the rest of the file # from working, so remove it when you need protection). # The rules here work on a First match wins basis. #ALL : ALL : allow - then i restart the sshd daemon and doe not work i still have access from this machine ... There is no need to restart the sshd daemon for TCP-wrappers to work. Thanks Osmany ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist University of Virginia Manager Comptroller Systems Support Office: 434-982-2975 USENIX Member Going to church does not make a person religious, nor does going to school make a person educated, any more than going to a garage makes a person a car. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 5.3 IBM PC Server 325 Type 8639-1RY
On Wed, Mar 16, 2005 at 10:18:35AM -0700, JM wrote: I have installed 5.3 several times and I am using the built in nic an PCI AMD card. To get the built-in NIC working on a 325, you will need to rebuild the kernel and comment out device pcn. You need device lnc, but pcn has precedence over lnc. While your at it, if your 325 is dual processor (most are) you can un- comment options SMP and apic. Instructions for recompiling your kernel can be found here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html HTH -Mike I can not seem to change the card to full-duplex using ifconfig or the built in sysinstall. I noticed there appeared to be other problems with IBM machines. My ? is this a recognized problem or something new? My server also has dual processors in it. Thanks for your time. JM -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.7.3 - Release Date: 3/15/2005 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist University of Virginia USENIX Member ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Tar pitting automated attacks
On Wed, Sep 08, 2004 at 01:19:15AM -0700, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Mike Galvez Sent: Tuesday, September 07, 2004 6:42 AM To: [EMAIL PROTECTED] Subject: Tar pitting automated attacks Is there a method to make this more expensive to the attacker, such as tar-pitting? No. These days attackers use distributed networks of cracked PCs to launch attacks. The vast bulk of these attacks is automated. The cracker merely feeds in a job and pushes it to his network to work away at. Most of the time the cracker spends is in adding new machines that have vulnerabilities into his distributed network of cracked PCs If you successfully erect a network block, the cracker's software will just go to the next IP in the sequence to attack. Your actually doing more damage to the cracker's distributed network by your SSH server patiently saying no, no, no, no, no, no, etc. for 20-50 thousand times, because that ties the cracked PC up for a lot longer just working away at your system. This is why I was curious about tar-pitting. The attacker is banging away at common user accounts every 3 to 5 seconds sometimes more than a thousand times. A tar pit or something like it could slow the attack to maybe four attempts in an hour as opposed to a thousand. I am still looking for my passive-aggressive solution. I presume of course that you aren't using guessible passwords and you have everything patched to current levels. if you want to do damage to the attacker, you need to make a good effort at reporting the source IP numbers to the netblock managers the IP is part of. Granted, 3/4 of the time the netblock managers won't do anything about it. Reporting these to ISPs is like shouting at the ocean. They are most likely overwhelmed, indifferent or both. But whenever they do, it usually takes that cracked PC out of the distributed network. That is what costs the cracker because then the cracker has to expend work replacing it with another cracked PC. But, it is a lot like trying to pick up spilled spaghetti with tweezers. There's so many cracked PC's out there that as soon as you get one taken down, there's plenty more where that came from. Now, if you REALLY want to damage the attacker, you throw the works at the IP numbers that are scanning you, and find the back door that the cracker is using on those hosts, then go in and hard-code the homepage on their web broswer to something like http://www.fuckyou.com, making sure to use one of those cracker programs that makes it impossible for them to change it back. That is usually sufficient to get the owner of the cracked PC off their lazy ass to get their machine cleaned up. Ted ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Michael Galvez Information Technology Specialist University of Virginia USENIX Member ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Tar pitting automated attacks
I am seeing a lot of automated attacks lately against sshd such as: Sep 6 12:16:24 www sshd[29888]: Failed password for root from 159.134.244.189 port 3723 ssh2 Sep 6 12:16:25 www sshd[29889]: Failed password for illegal user webmaster from 159.134.244.189 port 3749 ssh2 Sep 6 12:16:26 www sshd[29890]: Failed password for illegal user data from 159.134.244.189 port 3771 ssh2 Sep 6 12:16:27 www sshd[29891]: Failed password for illegal user user from 159.134.244.189 port 3800 ssh2 Sep 6 12:16:28 www sshd[29892]: Failed password for illegal user user from 159.134.244.189 port 3824 ssh2 Sep 6 12:16:29 www sshd[29893]: Failed password for illegal user user from 159.134.244.189 port 3847 ssh2 Sep 6 12:16:31 www sshd[29894]: Failed password for illegal user web from 159.134.244.189 port 3872 ssh2 Sep 6 12:16:32 www sshd[29895]: Failed password for illegal user web from 159.134.244.189 port 3893 ssh2 Sep 6 12:16:33 www sshd[29896]: Failed password for illegal user oracle from 159.134.244.189 port 3918 ssh2 Sep 6 12:16:34 www sshd[29897]: Failed password for illegal user sybase from 159.134.244.189 port 3938 ssh2 Sep 6 12:16:36 www sshd[29898]: Failed password for illegal user master from 159.134.244.189 port 3976 ssh2 Sep 6 12:16:37 www sshd[29899]: Failed password for illegal user account from 159.134.244.189 port 4006 ssh2 Sep 6 12:16:38 www sshd[29900]: Failed password for illegal user backup from 159.134.244.189 port 4022 ssh2 Sep 6 12:16:39 www sshd[29901]: Failed password for illegal user server from 159.134.244.189 port 4044 ssh2 Sep 6 12:16:41 www sshd[29902]: Failed password for illegal user adam from 159.134.244.189 port 4072 ssh2 Sep 6 12:16:42 www sshd[29903]: Failed password for illegal user alan from 159.134.244.189 port 4104 ssh2 Sep 6 12:16:43 www sshd[29904]: Failed password for illegal user frank from 159.134.244.189 port 4131 ssh2 Sep 6 12:16:44 www sshd[29905]: Failed password for illegal user george from 159.134.244.189 port 4152 ssh2 Sep 6 12:16:45 www sshd[29906]: Failed password for illegal user henry from 159.134.244.189 port 4175 ssh2 -- snip -- Some of these go on until they turn the logs over. Is there a method to make this more expensive to the attacker, such as tar-pitting? Thanks -Mike -- Mike Galvez Information Technology Specialist E-Mail: mrg8n AT virginia.edu ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Devil Mascot
On Tue, Jun 15, 2004 at 11:20:17AM -0400, Chris Lynch wrote: This thread cracks me up. No matter how many times the same subject has been brought up, I still can't stop laughing at the silliness of it all. Maybe FreeBSD should make a fuzzy bunny that does a happy dance...but, then we'd be stepping on the Easter Bunnies toes, and we all know what could happen then!!! If you look at the gif image in a text editor and read backwards, you can just make out the words I killed Paul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jerry McAllister Sent: Tuesday, June 15, 2004 10:41 AM To: Mi A. Llort Cc: [EMAIL PROTECTED] Subject: Re: Devil Mascot On Sun, Jun 13, 2004 at 05:02:49PM -0700, Edward Hendrie wrote: Why do you have a Devil for a trademark mascot? From a marketing Ed, it's obvious you've hit a nerve. Many list subscribers who have never contributed before, feel compelled to reply, repeating the same explanations which have been posted only minutes before by others. Mostly for entertainment. The FreeBSD devil may have been responsible for the fall of the great PTL Club during the 1980's. During his trial, Jim Bakker explained, ...the devil got into the computer. That's enough for me. So, if that is the case, it has justified its existance many times over... jerry ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist University of Virginia Financial AnalysisOffice: 434-982-2975 USENIX Member Did you know that clones never use mirrors? -- Ambrose Bierce, The Devil's Dictionary ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IBM 325 Server install - hangs on scsi settle
On Thu, Jan 15, 2004 at 03:49:30PM -0700, Andy Clements wrote: Hello, I have IBM 325 PCServer with one 200 Pentium Pro CPU and two SCSI HDD drives and a SCSI CDROM. I'm installing FreeBSD 4.9 via floppy and it hangs when it says: Waiting 15 seconds for drives to settle I notice that it is accessing the cdrom, during the wait, but nothing else happens. I've checked the mailing list and all I see is to turn the bios virus detect off. It seem that quite a few people are having this problem... any ideas? interrupt problem? please CC with your reply as I am not on the list. Thanks in advance, Andy Clements I have a couple of 325s with on-board SCSI, SCSI CDROM. Make sure that your SCSI devices are not set to the same ID as the SCSI card or each other. -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist Office: 434-982-2975 Financial AnalysisE-Mail: [EMAIL PROTECTED] University of VirginiaMessenger Mail: Carruthers Hall ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Network booting?
On Tue, Dec 16, 2003 at 10:13:18AM -0600, Eric F Crist wrote: Hello all, I looked in the handbook, and didn't see anything about doing a network boot on a PC from a freebsd server. Is this at all a possibility? A member of our local Unix users group presented a talk on this subject not too long ago. You may find the slides useful. http://www.chuug.org/talks/20030722/netboot.pdf Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist Office: 434-982-2975 Financial AnalysisE-Mail: [EMAIL PROTECTED] University of VirginiaMessenger Mail: Carruthers Hall Man invented language to satisfy his deep need to complain. -- Lily Tomlin ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: netstat options
On Thu, Sep 18, 2003 at 03:24:29PM +0200, dick hoogendijk wrote: On Thu, 18 Sep 2003 07:10:24 -0500 Peter Elsner [EMAIL PROTECTED] wrote: You're probably getting the connection refused because you didn't enable telnet in /etc/inetd.conf. It's turned off by default. Has nothing to do with netstat. Peter Elsner At 01:01 PM 9/18/2003 +0200, you wrote: I want a kind of list you get with (linux) netstat -atun Active Internet connections (servers and established) Proto Recv-Q Send-Q Local AddressForeign Address State tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:32769 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:9930.0.0.0:* LISTEN tcp 0 0 0.0.0.0:5150.0.0.0:* LISTEN tcp 0 0 0.0.0.0:9950.0.0.0:* LISTEN tcp 0 0 0.0.0.0:37 0.0.0.0:* LISTEN I'm trying to find out why my courier mta gives me a connection refused on a 'telnet localhost 25' Courier is running; mail is received and delivered. Still I get these 'refused' messages.. So, if anybody knwo how to get a list like above in FreeBSD-4.8? I'm getting the connection refused *not* because telnet is not running. I'm not that stupid you know ;-)) What I wanted to know is the equivalent for the LINUX netstat -atun netstat -an|grep LISTEN which gives the output above (on the LINUX server). I want to test my FreeBSD machine the same way but netstat -atun gives me an output I don't want (on fbsd). -- dick -- http://www.nagual.st/ -- PGP/GnuPG key: F86289CE ++ Running FreeBSD 4.8 ++ Debian GNU/Linux (Woody) + Nai tiruvantel ar vayuvantel i Valar tielyanna nu vilja ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist Office: 434-982-2975 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cvsup connection refused
On Wed, Sep 17, 2003 at 01:37:17PM -0600, Hal Lynch wrote: I have been trying to cvsup for a couple of hours now with a whole string of conection refused messages. Here is what I am seeing: Connecting to cvsup15.FreeBSD.org Cannot connect to cvsup15.FreeBSD.org: Connection refused Are the cvsup machines really that busy? Is the problem my firewall? In my supfile if have: *default host=cvsup15.FreeBSD.org Try a different host... http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html HTH -Mike is there a better way? I really want to get things up to date! hal ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Michael Galvez http://www.people.virginia.edu/~mrg8n Information Technology Specialist Office: 434-982-2975 Financial AnalysisE-Mail: [EMAIL PROTECTED] University of VirginiaMessenger Mail: Carruthers Hall Anybody with money to burn will easily find someone to tend the fire. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Installworld trouble
4.8-RC FreeBSD 4.8-RC #1: Tue Apr 1 11:08:12 EST 2003 I'm having some trouble with installworld. I cvsuped src to RELENG_4, then I did a make world, make buildkernel, make installkernel, then rebooted. The kernel booted, so I proceeded to do the installworld. The installworld hangs with the following: install -s -o root -g wheel -m 555 named-xfer /usr/libexec install -o root -g wheel -m 444 named-xfer.8.gz /usr/share/man/man8 === libexec/mail.local install -s -o root -g wheel -m 555 mail.local /usr/libexec install -o root -g wheel -m 444 mail.local.8.gz /usr/share/man/man8 === libexec/smrsh install -s -o root -g wheel -m 555 smrsh /usr/libexec install -o root -g wheel -m 444 smrsh.8.gz /usr/share/man/man8 === libexec/uucpd install -s -o root -g wheel -m 555 uucpd /usr/libexec install -o root -g wheel -m 444 uucpd.8.gz /usr/share/man/man8 === libexec/rtld-elf install -s -o root -g wheel -m 555 -fschg -C -b ld-elf.so.1 /usr/libexec make: don't know how to make rtld.1. Stop *** Error code 2 Stop in /usr/src/libexec. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. What is the best way to proceed from here? I forgot to clear out /usr/obj before the make world so this may be a result of left over cruft. Thanks -Mike -- Michael Galvez Information Technology Specialist III E-Mail: [EMAIL PROTECTED] University of Virginia Nothing is illegal if one hundred businessmen decide to do it. -- Andrew Young ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NIS not working (now it is :-)
On Wed, Mar 12, 2003 at 01:46:43PM -0800, W. J. Williams wrote: --- Mike Galvez [EMAIL PROTECTED] wrote: On Wed, Mar 12, 2003 at 12:19:01PM -0800, W. J. Williams wrote: see bottom.. Try adding a test user with: pw useradd -Y -y /var/yp/master.passwd testuser Try logging into the master with the new user. Success? Try the client. HTH -Mike *** ok, thx. tried that...no dice...after adding the user with pw...I had to do a passwd testuser and add a password. could not log client though. I am trying to open a ssh connection from master to clientany other ideas? Was that passwd or yppasswd? After the yppasswd, you will need to run make in /var/yp to propagate the change. ** Hi Mike, thx for helping...seems it works now..here's what I did/learned. I mirrored the rc.conf of all of my clients in my lab AND touched all master.passwd files with vipw instead of vi I can log into all of them now with the testuser account. Some more things I learned (correct me if I am wrong) 1. always use vipw if you have to mess with master.passwd True 2. the order of what you call in rc.conf is important (I still don't know what f order that is supposed to be, but it seemed to make a difference. 3. after changing mapped files, you need to manually run make =/etc/XXX nisdomain to udpate the files. 4. per your email below...I made the account using your string, and then did a passwd testuser to add a password. should i have used yppassword? From the yppasswd man page: If a user exists in the NIS password database but does not exist locally, passwd automatically switches into ``yppasswd'' mode. If the specified user does not exist in either the local password database of the NIS password maps, passwd returns an error. My reply with the pw useradd string should have been : pw useradd testuser -m -Y -y /var/yp/master.passwd omit -m if you don't want to build the users home folder. hope someone else is gaining from this as well... thx Will = Will Williams -- Michael Galvez http://www.people.virginia.edu/~mrg8n University of VirginiaMessenger Mail: Carruthers Hall Fresco's Discovery: If you knew what you were doing you'd probably be bored. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: freebsd nis server with debian clients
On Mon, Mar 10, 2003 at 07:09:04PM +1100, Neeraj Arora wrote: Hi Geeks, Girls and Guys, ...:^) I am having a little problem setting up a debian client to derive login data from a freebsd nis server. There is no problem when the freebsd nis server interacts with freebsd clients, but there is a problem when it interacts with a debian gnu/linux client. The authentication works when I force a password in the /etc/passwd file on the debian gnu/linux system. E.g.: +login_whatever:$1$blahblahblah:/bin/bash +::/bin/bash But, it does not work when the password has to be sourced from the nis server (viz. a freebsd machine). I confirmed that both are communicating/operating on nis v2. And moreover, the password on the freebsd server are stored in md5 too. So, I dont seem to understand what the problem may be. Any help will be great...:) Regards, Neeraj N.B.: I am a freebsd devotee and thus posting this to the freebsd-questions mailing list. I might try debian mailing lists too, but first here...:) To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message I think your Linux clients are looking for shadow.byname and shadow.byuid. I found this URL while Googling for the same problem. After adding the shadow.byname and shadow.byuid lines to my Makefile, the linux clients were able to log into the FreeBSD NIS server. http://dbforums.com/t582766.html Do pay special attention to hidden characters when editing the Makefile. If you're using vi, you will want to use set list. HTH -Mike -- Michael Galvez Information Technology Specialist III E-Mail: [EMAIL PROTECTED] University of Virginia If you are a fatalist, what can you do about it? -- Ann Edwards-Duff To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: OT: MUTT folders
On Wed, Feb 19, 2003 at 03:36:35PM -0600, Brian Henning wrote: Hello- i have been reading throught the file /usr/local/share/doc/mutt/manual.txt and i cannot figure out how to change which folder i am reading. i have some mail folders in ~/Mail that i cannot figure out how to access from mutt... any suggestions? press c Open mailbox ('?' for list): then press ? Or, are you asking how to change the start-up mail folder? thanks, b To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- Michael Galvez http://www.people.virginia.edu/~mrg8n University of VirginiaMessenger Mail: Carruthers Hall Slowly and surely the unix crept up on the Nintendo user ... To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Cron script problem....
On Wed, Dec 11, 2002 at 01:05:13PM -0600, Eric Six wrote: Hi All, I am having a weird problem on a freebsd 4.7. I have two perl scripts I am running via cron, one is run as root to make a backup of a directory and the files in it, the second is run as a user to scp files to another box. What I am encountering is the second script is running but dying after the first ssh remote command. Here is what second script does; it uses ssh remote command to create a directory on the remote server with todays date, the next command is the actual recurise scp command. Here is what the script looks like; ~begin~ #!/usr/bin/perl -w # tar cf filename.tar pathtotar/ chomp ($SCP=`which scp`); chomp ($SSH=`which ssh`); $pathtomakebackup=/bind_backups; chomp ($today=`date`); my ($day,$month,$date,$time,$timezone,$year) = split (' ',$today); $archive_date=$month-$date-$year; `$SSH backupuser\@server13.blah.com mkdir ~/bind_backups/nsX/$archive_date /var/log/ssh.log 21`; ^^^ Does the user have permission to write to this file? `$SCP -vr $pathtomakebackup/$archive_date/ backupuser\@server13.blah.com:~/bind_backups/nsX/ /var/log/scp.log 21`; ~end~ If I run the script interactively, it works fine. From CRON it dies after the SSH command makes the directory on the remote server. Here is how I have it setup in cron; 05 22 * * 1,3,5 perl /adminscripts/erics/bind_backup_scp.pl It works fine from cron on Solaris and Linux... anyone have any ideas? TIA Eric To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- Michael Galvez http://www.people.virginia.edu/~mrg8n Computer Systems Sr. Engineer Office: 434-982-2975 Financial AnalysisE-Mail: [EMAIL PROTECTED] University of VirginiaMessenger Mail: Carruthers Hall Toilet Toup'ee, n.: Any shag carpet that causes the lid to become top-heavy, thus creating endless annoyance to male users. -- Rich Hall, Sniglets To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message