Re: [leaf-user] Mystery 'attack'

2009-05-12 Thread Simon Bolduc
It very well could be a real attack. Leaf will prevent unsolicited attacks from reaching your client computer, but if you have software on the client machine that is trying to access content that Kasperskey deems (or is) malevolent, Leaf will do nothing to prevent this access. This software could

Re: [leaf-user] ulibc 3.1b2 to keep link active

2007-12-30 Thread Simon Bolduc
Alternatively you could have a cron job to ping a remote host or something. I'm not sure how often NTP will update the time, using a cron job to ping or update the time once every 4 hours or so should do the trick. Do you know what kind of traffic and what amount is necessary to keep the link ali

Re: [leaf-user] ip_conntrack: table full, dropping packet

2007-11-06 Thread Simon Bolduc
A friend of mine ran into this problem when using Bittorrent to download several files at once. Is it possible that someone on your network is doing this? His router has either 32 or 64 megs of RAM (can't remember which, I set it up a while ago) and we fixed the problem by adding the following in

Re: [leaf-user] Dachstein Bin to ISO?

2004-12-17 Thread Simon Bolduc
meone will likely look into it. I will - but as things are hectic at work, I cannot guarantee I will do it in a timely fashion. Simon Bolduc On Fri, 17 Dec 2004 10:17:08 -0600, Charles Steinkuehler <[EMAIL PROTECTED]> wrote: > [EMAIL PROTECTED] wrote: > > > Charles, I don'

Re: [leaf-user] DHCP & NTL cable problem.

2004-08-26 Thread Simon Bolduc
Hey James, Since the registration is based on MAC addresses, you could try popping your external NIC into the win98 box and register that way, assuming that the NIC in question is a physical one and not on board. Also if you have a Windows 2000/NT/XP box you could use a program like this http://

RE: [leaf-user] (!NF) at boot.

2004-02-10 Thread Simon Bolduc
Hey, It sounds to me like you've hit the character limit of 255 characters for the line loading the package. As such lrpkg isn't receiving the entire name of the package -thus the NF or not found message. I believe there is another file in which you can specify packages, but as I'm not near

Re: [leaf-user] Operation not supported by device

2003-08-21 Thread Simon Bolduc
Hey Darcy Try loading the pci-scan module as well. I believe this is needed for most (all?) PCI nics. Simon Original Message Follows From: Darcy Parker <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: [leaf-user] Operation not supported by device Date: Thu, 21 Aug 2003 02:00:48 -0600

Re: [leaf-user] Is there a way to install Bering to an IDE drive?

2003-07-23 Thread Simon Bolduc
Check here: http://leaf.sourceforge.net/devel/jnilo/bubooting.html But you don't really need a 40 gig drive for that - easily runs on a 500 meg drive. Unless of course you want to do something more exotic than routing. Simon _ MS

Re: [leaf-user] Limit Number of Connections

2003-04-02 Thread Simon Bolduc
dvertised bandwidth). For now I'll mess around with the MASQ timeout setting and see where that gets me. Thanx again Simon Bolduc ----Original Message Follows From: Ray Olszewski <[EMAIL PROTECTED]> To: "Simon Bolduc" <[EMAIL PROTECTED]>,[EMAIL PROTECTED] Subject:

[leaf-user] Limit Number of Connections

2003-04-02 Thread Simon Bolduc
ox can use? Any suggestions would be appreciated. Simon Bolduc _ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail --

Re: [leaf-user] One nic router.

2003-03-04 Thread Simon Bolduc
Some ISPs block the NetBIOS info that Windows PCs spew out. But I would guess that this isn't exactly the best thing to count on. It is also likely that the ISP would frown on a user multihoming the NIC like this - as many users end up doing strange things, like running a DHCP server that give

Re: [leaf-user] Connecting to ssh with WinXP

2003-02-03 Thread Simon Bolduc
Putty works fine with Win 9x, NT, 2K and XP. Easy to setup and it's free... Simon From: Ray Olszewski <[EMAIL PROTECTED]> To: "James Neave" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> Subject: Re: [leaf-user] Connecting to ssh with WinXP Date: Mon, 03 Feb 2003 08:20:15 -0800 At 01:56 PM 2/3/03 +

Re: [leaf-user] RH Linux interface

2002-11-22 Thread Simon Bolduc
Have you looked at the DHCP lease that you are getting? Perhaps the lease is being borked or something. You could also try lengthening the lease time. Here at work I have leases that are 30 days long. One other thing - is it possible that you have a machine that is hard coded 192.168.1.1? I

Re: [leaf-user] bering: cannot get dhcp lease from ISP [more info]

2002-09-04 Thread Simon Bolduc
I'd be interested in a 3.x dhclient. Simon >From: Ewald Wasscher <[EMAIL PROTECTED]> >To: Erich Titl <[EMAIL PROTECTED]> >CC: [EMAIL PROTECTED] >Subject: Re: [leaf-user] bering: cannot get dhcp lease from ISP [more info] >Date: Wed, 04 Sep 2002 14:38:51 +0200 > >On Wed, 2002-09-04 at 09:26, Eri

Re: [leaf-user] SST-DoM experiment

2002-08-30 Thread Simon Bolduc
Seeing as the DOM should be seen as an IDE drive (if I'm not mistaken), I doubt that there would be any code in the IDE driver to determine whether the drive is write protected or not - as this isn't part of the IDE specification. S >From: "S Mohan" <[EMAIL PROTECTED]> >To: "guitarlynn" <[EM

RE: [leaf-user] Mailing logs from Bering

2002-08-30 Thread Simon Bolduc
An admin could also be running some sort of script or program against the mail - possibly a perl script, or something of the like, in order to enter the info into a database, or just to alert the IT dept of possible intrusion attempts coming from certain IP addresses. S >From: "Luis.F.Correi

Re: [leaf-user] No screen / Beep at startup

2002-08-22 Thread Simon Bolduc
Hey, I think you're looking for beep.lrp - here are some links: http://www.monkeynoodle.org/lrp/lrp/packages/sys-utils http://leaf.sourceforge.net/devel/ddouthitt/packages/ Both have beep.lrp. Simon >From: Blaise Lab <[EMAIL PROTECTED]> >To: "Liste de distribution sur LEAF (Adresse de messag

Re: [leaf-user] Motorola Surfboard 4100

2002-07-09 Thread Simon Bolduc
Along similar lines here is another exception. Users of Rogers High Speed internet service (previously Rogers@home) can experience the delight of a 3-7 day waiting period while their MAC is released from the head end modem if their Nic dies or they change it and are unable to configure the old

Re: [leaf-user] shaw mail servers

2002-07-08 Thread Simon Bolduc
This is simply because you are not specifying it properly and are probably setting your self static, or configuring DNS incorrectly. If you are completely dynamic you should get your domain info with the dhclient lease. Otherwise in your network.conf specify domains as DOMAINS="VC.shawcable.n

Re: [leaf-user] Total Byte Transfer

2002-05-30 Thread Simon Bolduc
While the scripts offered previously could work I belive there is a bug in the 2.2-2.4.(well not most recent for sure) kernel that causes the packets received / transmitted to loop somewhere around the 4Gig mark. Check google for more info. HTH S >From: [EMAIL PROTECTED] >To: [EMAIL PROTECT

Re: [leaf-user] Browsing computers on the same subnet?

2002-05-06 Thread Simon Bolduc
Dachstein only acts as a gateway (assuming you are using the default setup - Dachstein being the router, no VPN tunnels etc). It can't really do anything to the traffic internal to the network. You should be able to map a drive using \\ip.add.re.ss\share - if you can't I would look at your

Re: [leaf-user] dachstein question

2002-05-01 Thread Simon Bolduc
>39.o > >If I try manual install: insmod /lib/modules/rtl8139.o >the response is: insmod: unresolved symbol pci_drv_unregister >insmod: unresolved symbol pci_drv_register > >Next place to look? > >Thanks, >Steve > > >- Original Message - >From: "S

Re: [leaf-user] dachstein question

2002-04-30 Thread Simon Bolduc
This message may come up if your NICs aren't being initialized. Log in and run ifconfig or ip addr - chances are your nic aren't there. Double check your modules file, make sure the correct modules are uncommented, if they are PCI nics make sure that pci-scan is loading before the NIC modules

Re: [leaf-user] FW Through Put

2002-04-30 Thread Simon Bolduc
Just a couple notes - I'm running a VPN on a 486/66 without an issue in terms of bandwidth performance (its only 1 tunnel, but it does 45 Kilobytes/sec without any problems - thats the max both ends of the tunnel can send at give or take a couple of kilobytes). I'm also running a few other "n

Re: [Leaf-user] Compact Flash

2002-04-24 Thread Simon Bolduc
Don't most people log to ram? Assuming this is the case with bering (which it should be as it is a floppy dist) moving over to CF shouldn't matter unless Paul decided to log to CF - and leave his CF mounted all the time (I don't think this would work - how would he ever back up a modification?

Re: [Leaf-user] Dachstein *non-FPU* Kernel image

2002-04-15 Thread Simon Bolduc
Not true - I tried installing Eiger on a 486sx previously and it didn't work with the standard kernel complaining about a lack of FPU on the chip. AFAIK all 486sx CPUs shipped without FPU - altho I believe you could get add-on chips for some mobos. A google search for 486 sx fpu generates lot

Re: [Leaf-user] LRP and MS Messenger

2002-04-12 Thread Simon Bolduc
Probably because you don't have certain ports forwarded. Take a look at any denied packets in /var/log/messages that coincide with the attempts to transmit info. Thats all I or quite possibly anyone else can offer as your question was way too vague. Helpful info would include what program a

Re: [Leaf-user] Making Disk Images

2002-04-12 Thread Simon Bolduc
for windows you can use winimage available at www.winimage.com - just read the disk and save it to a self extracting disk image. Then anyone running windows (9x+ I believe) should be able to make a disk from the image. S >From: [EMAIL PROTECTED] >To: <[EMAIL PROTECTED]> >Subject: [Leaf-user]

Re: [Leaf-user] Adding to syslinux.cfg on DCD

2002-04-12 Thread Simon Bolduc
> > Also, am I correct in thinking that I can replace the .lrp files in > > the image with my floppy backups and reburn to get a "floppyless" > > setup once I have it all configured? > >Yep! Lynn is correct - just make sure you do a full and not a partial backup when backing up to floppy S

Re: [Leaf-user] sshd and remote login

2002-04-12 Thread Simon Bolduc
I think you may need an entry in the hosts.allow file - which allows machines to access services on the daemon - remember you're not being forwarded thru the router - you are accessing it. HTH S >From: "Joey Officer" <[EMAIL PROTECTED]> >Reply-To: <[EMAIL PROTECTED]> >To: "LRP Support" <[EMA

Re: [Leaf-user] Changes for new Dachstein release

2002-04-11 Thread Simon Bolduc
I'm not sure if this would be possible but: Wouldn't it be possible to do a reverse lookup on all blocked IPs (via a script) when they are blocked, add it to a file, and then every few hours do another lookup to see if the FQDN associated with the IP has changed - (if it has then remove it fro

Re: [Leaf-user] Compact Flash vs CD Rom

2002-04-05 Thread Simon Bolduc
It is now - here's 2 links http://www.embedone.com/e-main4flashmemory1.htm http://www.quantum.com.pl/produkty_Flash_Com.html ignore the Korean Text support thing at the first site (at least if using IE) - it isn't needed. S >From: Peter Nosko <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED], [EMAI

Re: [Leaf-user] Compact Flash vs CD Rom

2002-04-05 Thread Simon Bolduc
My personal response to this question is "I'm Cheap." My mobo doesn't support booting of CD Rom and the only spare CD Rom drive I have doesn't read CDRs (altho obtaining one of these freely wouldn't be too much trouble) - replacing those was outta the question. I installed DCD on HD - cause I

Re: [Leaf-user] MAC address lockdown, dhclient release issue, howto override(set) your mac address - problem & solution

2002-04-05 Thread Simon Bolduc
Rogers doesn't use NT based DHCP servers - or at least @home didn't when I worked for Rogers - this may be why the client identifier solution doesn't work. I'm pretty sure the reason that 2.0pl5 is used is because 3 is significantly larger 864,768 bytes compared to 294,909 bytes for the olde

Re: [Leaf-user] Problem with DachsteinCD 'bootdisk.bin'

2002-04-04 Thread Simon Bolduc
I've had problems with various versions of syslinux and certain drives previously. Sometimes when using 2 virtually identical computers (same mobo, floppy drive, cpu and ram) one will boot and the other won't. Generally I just grab a few different versions of syslinux and rewrite the boot se

Re: [Leaf-user] Setting time zone

2002-04-02 Thread Simon Bolduc
Read this document: http://c0wz.steinkuehler.net/dox/ntp.txt Basically you have to get the file for your timezone here: http://lrp.steinkuehler.net/files/kernels/zoneinfo/ copy it to /etc/localtime (overwriting the old one). I'm not sure if I'm missing anything - but check the first link - i

RE: [Leaf-user] Traffic Shaping using TC

2002-03-28 Thread Simon Bolduc
UDP filter (I think). The send is 1:20 just so I could keep everything together. Thanks again Sandro S >To: "Simon Bolduc" <[EMAIL PROTECTED]>, ><[EMAIL PROTECTED]> >Subject: RE: [Leaf-user] Traffic Shaping using TC >Date: Thu, 28 Mar 2002 20:09:18 +0100 >

RE: [Leaf-user] Traffic Shaping using TC

2002-03-26 Thread Simon Bolduc
ver not in a DMZ. My main goal is to limit the sending capabilities of the program to a value that is very low so it doesn't interfere with other more important outgoing information i.e. FTP, Mail, VPN. Any ideas or help would be appreciated. S >From: "Sandro Minola" <[EMA

[Leaf-user] Traffic Shaping using TC

2002-03-22 Thread Simon Bolduc
Well I Couldn't get cbq.init to work - possibly because of the busybox find command, or because I'm not "getting" something. Either way I decided to give up that dream and look at trying to create a script that would just use tc. What I'd like my end result to be is to limit the outgoing band

[Leaf-user] DCD Seawall 4.1.1 Bwidth22 & cbq.init v0.6.4

2002-03-20 Thread Simon Bolduc
Hey all, I'm hoping to do a little traffic shaping / QoS. I currently have Seawall 4.1.1 installed - but that doesn't support QoS natively (D'oh). I was wondering if anyone knows of any problems using cbq.init v0.6.4 and bwidth22.lrp? Any assistance is greatly appreciated. S _

Re: [Leaf-user] Looking for alternate 3c59x module for 3c905c

2002-03-15 Thread Simon Bolduc
ing 2 old 10 Mb NICs that have ports for AUX, BNC, and Cat 5 - and they work wonderfully. Unfortunately I've never seen a version of the 3c905 driver from 3com that was compiled for LEAF/LRP... S >From: "Boyd Kelly" <[EMAIL PROTECTED]> >To: "Simon Bolduc" &

Re: [Leaf-user] RE: dhclient and firewall question

2002-03-14 Thread Simon Bolduc
Sounds like Shaw is borking your lease. I've seen problems with rogers since the @home split - likely this is the case where you are. Shaw is now running their own DHCP servers (or are farming them out - tho that wouldn't make a lot of sense). Either way the server is likely different than t

Re: [Leaf-user] Problem with 3c59x.o on Dachstein disk

2002-03-06 Thread Simon Bolduc
e: 06 Mar 2002 16:44:49 -0800 > >Hi, > >Maybe I'm missing something here but don't you want to load the 3c90x >module? > >Stephen > >On Tue, 2002-03-05 at 10:56, Simon Bolduc wrote: > > I'm not sure whether the 905c's are supported by this dr

Re: [Leaf-user] blocking users from accessing IRC server

2002-03-06 Thread Simon Bolduc
well you may want to block Ident (113) - though it should already be blocked. I know some servers require an Ident daemon to be running (like dalnet). But blocking 6000 - 8000 is a good start. You could also create a list of hosts that you want to autodeny traffic from (just based on IRC se

Re: [Leaf-user] Problem with 3c59x.o on Dachstein disk

2002-03-05 Thread Simon Bolduc
I'm not sure whether the 905c's are supported by this driver - I do know that 905c's are quite different from 905b's - and did require different drivers when I was using certain dists. Have you uncommented the pci-scan module? S >From: "Boyd Kelly" <[EMAIL PROTECTED]> >To: "Charles Steinkue

Re: [Leaf-user] routed subnet & dmz help

2002-03-05 Thread Simon Bolduc
While I don't think you need to alter your router's role, you won't (as far as I understand know) be able to ssh into 2 different boxes using the same port. You'll need to forward 2 different ports to accomplish this. I'd also stay away from forwarding 22 - as it is a commonly scanned port -

RE: [Leaf-user] UPNP port problem

2002-03-05 Thread Simon Bolduc
>Keep in mind that if grc's scanner can see a stealth'd port, that means >more advanced tools can see it as well. If a port is closed, then all >that means is that it is closed and will NOT respond to requests on >that >port. That isn't correct. A closed port responds saying that the port is

Re: [Leaf-user] Unused IP's with LaBrea

2002-03-04 Thread Simon Bolduc
Assuming you are using Rogers (canada) you should have a theoretical downstream pipe of 300K /s (but you'll probably get more like 120K/s - 230K/s) 80K/s is the max threshold I use - and I've never even come near it - but you can change it accordingly... S >From: "MLU " <[EMAIL PROTECTED]> >

Re: [Leaf-user] ipsec.conf and ipsec.secrets

2002-03-03 Thread Simon Bolduc
Nope - thats incorrect. The files on both machines should be identical (unless you have more/different routes on one of the machines)/ >From: "joey officer" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Subject: [Leaf-user] ipsec.conf and ipsec.secrets >Date: Sun, 3 Mar 2002 20:25:29 -0600 > >

Re: [Leaf-user] Unused IP's with LaBrea

2002-03-03 Thread Simon Bolduc
The reason the port shows as open is because it it. Your port is responding with a message that says "Yeah I'm here, but my connection stinks - you can only send me tiny packets of data." After that it doesn't respond - and the scanning machine (if teergrubbed) will send information forever (

Re: [Leaf-user] ipsec.conf assistance..

2002-03-01 Thread Simon Bolduc
Oops - that should be leftnexthop=66.25.44.1 rightnexthop=66.25.18.1 I transposed the IP addresses - guess i should read before I post S >As Charles mentioned earlier - the lines: > >leftnexthope=66.25.44.1 >rightnexthope=66.25.18.1 > > >should be: > >rightnexthop=66.25.44.1 >leftnexthop=

Re: [Leaf-user] ipsec.conf assistance..

2002-03-01 Thread Simon Bolduc
As Charles mentioned earlier - the lines: leftnexthope=66.25.44.1 rightnexthope=66.25.18.1 should be: rightnexthop=66.25.44.1 leftnexthop=66.25.18.1 >From: William Brinkman <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED], LRP Support ><[EMAIL PROTECTED]> >Subject: Re: [Leaf-user] ipsec.conf a

Re: [Leaf-user] Will LaBrea work with dynamic IP addresses?

2002-03-01 Thread Simon Bolduc
Hey again Craig, Nope - the files should be pretty much identical to the ones I showed you except you don't need the text in brackets (port # of any services you run that use ports below 1024 like ssh or ftp or www)- replace that with the port numbers of any services you want to run - i.e. 22

Re: [Leaf-user] Will LaBrea work with dynamic IP addresses?

2002-02-27 Thread Simon Bolduc
Steve, I long ago stopped logging hits on port 80, and just have them silently denied - it just made the whole messages file too hard to read - you might want to consider doing this. S _ Chat with friends online, try MSN Messen

Re: [Leaf-user] Will LaBrea work with dynamic IP addresses?

2002-02-27 Thread Simon Bolduc
Hey Craig, Well to answer your first question, ae is the editor you use, just type ae at a command prompt and you should be good, then its just +W to save the file - so you could just type the file name at the prompt /etc/LaBrea.in or whatever the file name is To edit the dhclient-exit-ho

Re: [Leaf-user] Will LaBrea work with dynamic IP addresses?

2002-02-27 Thread Simon Bolduc
so. :) Oops Simon >From: Steve Jeppesen <[EMAIL PROTECTED]> >To: "Simon Bolduc" <[EMAIL PROTECTED]>, leaf-user ><[EMAIL PROTECTED]> >Subject: Re: [Leaf-user] Will LaBrea work with dynamic IP addresses? >Date: Wed, 27 Feb 2002 12:50:36 -0600 &

Re: [Leaf-user] Will LaBrea work with dynamic IP addresses?

2002-02-27 Thread Simon Bolduc
This is from the mailing list (modified slightly) - it is a little script that greps your external IP and reconfigures LaBrea on an IP change: 1. Create /etc/LaBrea.in have it contain the following: dst host and tcp[2:2] & 0xfc00 == 0 and not dst port (port # of any services you ru

Re: [Leaf-user] dhcp2dns

2002-02-25 Thread Simon Bolduc
>(I deal with my ISP changing my IP address, and with the fact that >they don't put it into DNS themselves, by running ez-ipupd.lrp and >using it to connect with one of the dyndns services out there. It >works great, and I *think* it'd work for frequently changed leases, >but I haven't tested it.

Re: [Leaf-user] Samba across Eigerstein LRP

2002-02-22 Thread Simon Bolduc
I know you're already looking into using VPN, but just so ya know, some ISPs (@home did) filter ports 137:139 automatically... S >From: "Lonnie Cumberland" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >CC: <[EMAIL PROTECTED]> >Subject: Re: [Leaf-user] Samba across Eigerstein LRP >Date: Thu, 21

Re: [Leaf-user] Dhclient

2002-02-21 Thread Simon Bolduc
IL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Re: [Leaf-user] Dhclient >Date: Thu, 21 Feb 2002 08:57:02 -0600 > >On Thursday 21 February 2002 08:53, Simon Bolduc wrote: > > There actually is no error - not in daemon.log or anything else for > > that matter. There was a

Re: [Leaf-user] Strange shell

2002-02-21 Thread Simon Bolduc
Encountered it earlier this week on an Eiger box (has happened previously) logged off waited a half an hour and it was gone - possibly it was gone when I logged off - but who knows? S >From: "Vic Berdin" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Subject: Re: [Leaf-user] Strange shell >Dat

Re: [Leaf-user] Dachstein firewall questions

2002-02-21 Thread Simon Bolduc
>1) All tested ports show up as Stealth, ie they don't respond when a >connection attempt is made from outside... Except Port 5000 (UPnP) >which shows up as closed. What is UPnP? Why does this port respond? >Not a big deal, but it does show outsiders that my address has a >machine >behind it.

Re: [Leaf-user] Dhclient - log output

2002-02-21 Thread Simon Bolduc
original message Hey all, A friend of mine is running a LEAF box (Dachstein 1.02 ISC dhclient 2.0pl5, seawall 4.01, ipsec 1.91) and recently his ip changed. For some strange reason his ISP (rogers in canada if it matters) is giving him a lease that only lasts 1-2 hours (its always e

Re: [Leaf-user] Dhclient

2002-02-21 Thread Simon Bolduc
ted anyway. S From: guitarlynn <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [Leaf-user] Dhclient Date: Wed, 20 Feb 2002 23:50:15 -0600 On Wednesday 20 February 2002 21:11, Simon Bolduc wrote: > but if anyone has any advice it would > be appreciated. What is the error

[Leaf-user] Dhclient

2002-02-20 Thread Simon Bolduc
Hey all, A friend of mine is running a LEAF box (Dachstein 1.02 ISC dhclient 2.0pl5, seawall 4.01, ipsec 1.91) and recently his ip changed. For some strange reason his ISP (rogers in canada if it matters) is giving him a lease that only lasts 1-2 hours (its always either 3600 seconds or 720

RE: [Leaf-user] Unused IP's with LaBrea

2002-02-19 Thread Simon Bolduc
7:28 PM To: Simon Bolduc; leaf-user Subject: Re: [Leaf-user] Unused IP's with LaBrea So far I have a good grasp as to whats going on with the help you and Charles have given. This coming weekend when everybody in the house will not be on the net, I will load up LaBrea and give it a whirl. &g

Re: [Leaf-user] Unused IP's with LaBrea

2002-02-18 Thread Simon Bolduc
Hey Steve, all your questions or comments are preceded by [sj], mine are not... [sj] Seems to me there is another way of starting this or another packagefrom a init script or something (going by the line above which reads OPTIONS="-i that looks like in comes out of a conf file)but I have

[Leaf-user] xntpd.lrp -- how often does synchronization happen?

2002-02-18 Thread Simon Bolduc
Hey all - just out of curiousity, when running xntpd, with the default settings, how often will it check the Internet time server for synchronization? S _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.as

Re: [Leaf-user] Unused IP's with LaBrea

2002-02-18 Thread Simon Bolduc
Arrrgh - there are still some errors in the previous post - so here is one that I don't think has any: This may be a horrible kludge (I dunno - not much of a scripter), but here goes: 1. Write the first portion of your filter (up to the IP address) into a file (i.e. /etc/LaBrea.tmp) - cont

Re: [Leaf-user] Unused IP's with LaBrea

2002-02-18 Thread Simon Bolduc
Oops, I forgot one thing. In the Reload Networking section you should have 2 more lines so it should acutally look like this: # Reload networking to see new address reload_all /etc/ipupdate svi LaBrea stop svi LaBrea start --original message-- This may be a horrible

Re: [Leaf-user] Unused IP's with LaBrea

2002-02-17 Thread Simon Bolduc
anyone sees any obvious mistakes please point them out. S >From: Steve Jeppesen <[EMAIL PROTECTED]> >To: "Simon Bolduc" <[EMAIL PROTECTED]>, leaf-user ><[EMAIL PROTECTED]> >Subject: Re: [Leaf-user] Unused IP's with LaBrea >Date: Sun, 17 Feb 2002 1

Re: [Leaf-user] Roll-over in /proc/net/dev???

2002-02-15 Thread Simon Bolduc
Never mind - I googled around a lil and discoverd that " The problem was that the tx_bytes and rx_bytes will reset when ~4GB is transferred." S >From: "Simon Bolduc" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: [Leaf-user] Roll-over in /proc/net/dev?

[Leaf-user] Roll-over in /proc/net/dev???

2002-02-14 Thread Simon Bolduc
Hey all, Does the /proc/net/dev file "roll-over" after a certain number of packets have been transmitted? I've been downloading Redhat 7.2 iso's today and they weigh in at about 3GB - I've downloaded 2.2 GB so far but if I cat the aforementioned file here is what I get (edited to be more re

Re: [Leaf-user] An ssh attack against ESb2

2002-02-14 Thread Simon Bolduc
Another thing you can do is to have SSH listen on a port other than 22. I moved mine up into the 2 range. Most people scan only on well known ports (FTP, WWW, SSH, SMTP, etc) so if they don't find anything they move on, plenty of vulnerable systems out there, why waste time scanning one t

Re: [Leaf-user] ipsec and standard floppy install

2002-02-13 Thread Simon Bolduc
Hey Joey, The kernel is named linux on the floppy, replace that file with the one you downloaded (you must rename the file you downloaded 'linux' no extension or quotes). And in terms of IPSec, you will still be able to get to the internet from home using your ISP, and also be able to talk t

[Leaf-user] Net-SNMP vulnerability??

2002-02-12 Thread Simon Bolduc
Hey all, I found a couple of bits and pieces of information on the 'net regarding to the BSD release of Net-snmp and certain SNMP vulnerabilities. I'm not sure whether this impacts the LEAF version but I figured I'd post it anyways just in case - sorry for wasting your time if it doesn't.

Re: [Leaf-user] Leaf Mail Command

2002-02-06 Thread Simon Bolduc
I grep the stuff I want from messages (just denied packets) - everything is logged to another server and I check that - I just like to see what ports people are probing on a daily basis. S >From: Jack Coates <[EMAIL PROTECTED]> >To: Simon Bolduc <[EMAIL PROTECTED]> >

Re: [Leaf-user] Re: Leaf Mail Command

2002-02-06 Thread Simon Bolduc
+0100 > >Hi Simon > >[EMAIL PROTECTED] wrote the following at 20:47 >05.02.2002: >>Date: Tue, 5 Feb 2002 11:52:13 -0800 (PST) >>From: Jack Coates <[EMAIL PROTECTED]> >>To: Simon Bolduc <[EMAIL PROTECTED]> >>Cc: <[EMAIL PROTECTED]>, <[EM

Re: [Leaf-user] Leaf Mail Command

2002-02-05 Thread Simon Bolduc
t. S >From: Ray Olszewski <[EMAIL PROTECTED]> >To: "Simon Bolduc" <[EMAIL PROTECTED]>,[EMAIL PROTECTED] >Subject: Re: [Leaf-user] Leaf Mail Command >Date: Tue, 05 Feb 2002 08:08:22 -0800 > >At 09:55 AM 2/5/02 -0500, Simon Bolduc wrote: > >Hey all, > &g

[Leaf-user] Leaf Mail Command

2002-02-05 Thread Simon Bolduc
Hey all, Recently my ISP changed the way their SMTP server works and it now requires the users to authenticate before sending any mail. This breaks the functionality of the mail command as far as I can tell. Are there any switches that can be used to fix this ? S __

Re: [Leaf-user] VPN horsepower

2002-02-01 Thread Simon Bolduc
P 90 should be fine - I run a 486 33 with a 50 KB (ISP's cap for outgoing traffic) VPN connection no problem - so I can't see how you'd have an issue... S >From: "Christopher Holmes" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Subject: [Leaf-user] VPN horsepower >Date: Fri, 1 Feb 2002 13:20

Re: [Leaf-user] DCD, dhclient & /etc/resolv.conf ???

2002-01-14 Thread Simon Bolduc
Many big ISPs want the search domain to be their own for ease of client setup. Users can then setup mail clients and the like easily. The would make the pop3 server pop3.attbi.com and the smtp server smtp.attbi.com (or something similar), then users would only have to put pop3 and smtp in whe

Re: [Leaf-user] winscp plug

2002-01-14 Thread Simon Bolduc
You may need to specify /bin/sh in the shell parameter.I was having the same problem - and doing this fixed it in Dachstein. S >From: Matt Schalit <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Re: [Leaf-user] winscp plug >Date: Sun, 13 Jan 2002 13:55:14 -0800 > >Paul Rimmer wrote: >

Re: [Leaf-user] Dach Floppy

2002-01-11 Thread Simon Bolduc
and opens them based on different configuration files S >From: [EMAIL PROTECTED] >To: "Simon Bolduc" <[EMAIL PROTECTED]> >CC: [EMAIL PROTECTED] >Subject: Re: [Leaf-user] Dach Floppy >Date: Fri, 11 Jan 2002 19:13:38 + > >No luck. Same results. >

Re: [Leaf-user] Dach Floppy

2002-01-11 Thread Simon Bolduc
Did you stop sshd before starting it? That could generate an error like this (as this is what I get executing sshd -d when it is running): # sshd -d debug: sshd version 1.2.27 [i686-unknown-linux] debug: Initializing random number generator; seed file /etc/ssh/ssh_random_seed error: bind: Addr

Re: [Leaf-user] Dach Floppy

2002-01-11 Thread Simon Bolduc
Nope - I just downloaded it and its a 1680 kilobyte image so its not 1722. Be aware that some drives/floppies have been reported as not handling non standard formats too well I'd try redownloading sshd - and i'm not sure how the key generation works in this package but you might need

Re: [Leaf-user] WTD: NIC recommendations

2002-01-11 Thread Simon Bolduc
I'm not sure what drivers these cards use but I've had problems with the 900 series before. A friend is running 2 905b's in his router and it constantly locks up. I've had experiences with multiple 905 b's and c's where they will work fine for a while then suddenly not so well - and the colli

Re: [Leaf-user] Saving IPSec Configuration on DCD...??

2002-01-10 Thread Simon Bolduc
Is the problem that it won't backup or that the files don't exist when you reboot?? If they aren't backing up - I couldn't tell you. Though you should get some sort of error - if so, please post it :) If the files aren't there when you reboot I'd hazard a guess that you haven't added ipsec

Re: [Leaf-user] Stop logging

2002-01-10 Thread Simon Bolduc
Just so you know upgrading from eigerstein to dachstein is pretty easy whether you are running IPSec or not - as long as you use the same config files that are on eiger for IPSec. I had no problem switching my box to Dachstein and reconnecting to an Eigerstein based box S >From: "Krobot

[Leaf-user] Running Dachstein from HD - revised documentation

2002-01-10 Thread Simon Bolduc
Hey all - I decided to update the documentation for running Dachstein for HD. The document is aimed at dos/windows users... if someone wants to make one for linux users - feel free The page can be found at http://members.rogers.com/sjbolduc/dach_hd.htm S __

Re: [Leaf-user] Multipule LRP's using VMWARE

2002-01-10 Thread Simon Bolduc
I don't see why this wouldn't work, the only problem is that while VMware is fairly stable if something strange does happen you could potentially lose all 3 connections instead of one. I'd recommend running VMware from linux, and not M$ if you intend to do this as I've had M$ kill VMware sessi

Re: [Leaf-user] DCD, ipsec & windows networking ???

2002-01-09 Thread Simon Bolduc
It shouldn't be an issue with the firewall - are the networks in the same domain? What are you using for dns or wins? If you have multiple wins servers do they have a pull/push relationship defined. There could be lots of things wrong here... can you go to start, run and type \\192.168.1.xx

Re: [Leaf-user] EigerStein2BETA / Dachstein Guides

2002-01-09 Thread Simon Bolduc
Sounds like you may have a problem Bruce as I can reach it fine - I have ensured that I'm not looking at a cached version. Possibly a routing problem or DNS problem on your ISP's end S >From: "Bruce E. (Sam) Slade" <[EMAIL PROTECTED]> >To: Mike Noyes <[EMAIL PROTECTED]>, >[EMAIL PROTE

Re: [Leaf-user] back-up error message via weblet, not via Putty

2002-01-04 Thread Simon Bolduc
Well an I/O error on a disk is never a good thing what you might want to do is try mounting the disk and see how much disk space you have. To mount it do one of the following depending on disk size: mount -t msdos /dev/fd0 /mnt (for a standard 1.44 MB floppy) mount -t msdos /dev/fd0u16

Re: [Leaf-user] a thought about modified file backups

2002-01-04 Thread Simon Bolduc
With this approach all files would have to be listed in the include/exclude lists - i.e. no wild cards S >From: Manfred Schuler <[EMAIL PROTECTED]> >To: Charles Steinkuehler <[EMAIL PROTECTED]> >CC: [EMAIL PROTECTED] >Subject: Re: [Leaf-user] a thought about modified file backups >Date: Fr

Re: [Leaf-user] Dachstein on Hard Drive

2002-01-03 Thread Simon Bolduc
Well the instructions are in no way complete - and gloss over little things like partitioning ;) tho most people on the list can figure that out. I suppose I should prolly do a re-write S >From: [EMAIL PROTECTED] >To: [EMAIL PROTECTED] >CC: [EMAIL PROTECTED] >Subject: Re: [Leaf-user] D

Re: [Leaf-user] How do you use the bootdisk.bin file???

2002-01-02 Thread Simon Bolduc
First if you aren't really familiar with making bootable CDs you can end up with a lot of coasters - so use a CDRW if you can... also you might wanna consider using a CD with floppy setup as it is by far the easier way to do things. that said: You appear to be using windows so you can't re

OT Re: [Leaf-user] Linux Router Logo

2002-01-02 Thread Simon Bolduc
Do a google search on "penguin webbed feet" and you'll find that they do have webbed feet, but they also have clawsI think it varies from species to species... S >From: Victor McAllisteer <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Re: [Leaf-user] Linux Router Logo >Date: Wed, 02

Re: [Leaf-user] How to save changes from floppy to CD???

2002-01-02 Thread Simon Bolduc
Hey Craig, The point of the floppy disk is to make upgrading easier. What is supposed to happen is you back up your changes to the floppy and reboot. When the system boots and loads the modules (modules, etc, root, et. al) from the CD it then checks the floppy for any additional configuratio

Re: [Leaf-user] ipsec gateways & same private networks ???

2001-12-29 Thread Simon Bolduc
I ran into this problem - it was a pretty easy change - I changed my subnet to 192.168.2.0/24 and altered all programs that specify a listen on IP as 192.168.1.254 and everything was good. Now I have a VPN between two dachstein routers (yaay). This is actually one of the very cool things ab

  1   2   >