Re: [Vietlug] Khoa ADSL bang tay
On Saturday 02 October 2004 09:46 pm, chairuou wrote: > bo' tu+' chi vo+'i cu. luo^n :-D > xem ra rhs was lost "Dr. Distro" > welcome new Dr. Distro La~o na`y la`m ddo^'c distro Khe'o kho^ng la`ng nix cu+o+`i o^` mo^.t khi Ngo^`i buo^`n cha(?ng bie^'t cho+i chi Chuo^.t ca^`m bo'p bo'p cu~ng thi` gu+?i meo. Mong sao ngu+o+`i tre? vui theo DDo+~ cho quo^'c kho^' bi. nghe`o vi` Win -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Sat, 2 Oct 2004 07:46:13 -0700, chairuou <[EMAIL PROTECTED]> wrote: > bo' tu+' chi vo+'i cu. luo^n :-D /me tha^'y co`n ... so't 1 ca'i :) -- http://vnoss.org/forum/ --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
bo' tu+' chi vo+'i cu. luo^n :-D xem ra rhs was lost "Dr. Distro" welcome new Dr. Distro --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Saturday 02 October 2004 11:09 am, Tony Ly wrote: > > Cha'u no'i ba('t dda^`u tu+` ca'i file na`y la` ta.i vi` nhie^`u systems > va^~n co`n du`ng no' o+? default. Ba'c tha^'y nhu+~ng services tre^n > va^~n co`n mo+? la` do /etc/services file. Ba'c edit ca'i file na`y, > ro^`i ti`m to+'i port 68 va` 631, bo? no' ra (comment it out with # sign). > Xong restart ma^'y ca'i services na`y (ko bie^'t knoppix restart la`m sao > vi` cha'u ko co' du`ng. Ne^'u ba'c ko bie^'t thi` reboot cho tie^.n). > xong cha.y nmap la.i se~ tha^'y no' ddo'ng ma^'t. Khi mi`nh ddo^?i > /etc/services thi` no' se~ ddo^?i permanent luo^n. OK dda~ # 68 ro^`i. Va` reboot roi cha.y nmap cho ke^'t qua? ddu'ng va^.y. Hie^?u. > > Hie^.n ta.i, khi vu+`a boot ma'y le^n, chu+a cha.y /sbin/myfile thi` > > cu~ng dda~ va`o net ddu+o+.c ro^`i. Cha.y ca'i /sbin/myfile la` dde^? > > ta(ng cu+o+`ng ma^'y ca'i o^? khoa' Yale pha?i kho^ng? > Ca'i /sbin/myfile la` ca'i gi` va^.y? Co' le~ la` custom script cu?a ba'c > hay cu?a ai la`m cho ba'c pha?i ko? /sbin/myfile = /sbin/yourfile hehe. Nhu+ng yoper kho^ng chi.u xo+i mo'n nmap. No' cu+. nu+. vi thie^'u ca'i lib chi chi ddo'. DDe^? mi`nh ca`i la.i nmap ro^i cha.y la.i no' thi` mo+'i ghi dd7o+.c ca'i tho^ng ba'o. DDa^y la` ddang cha.y tre^n Yoper 2.6.8.1 vu+`a mo+'i ca`i lu'c chie^`u. Yoper qua? ti`nh no' nhanh tha^'y ba(`ng ma('t ddu+o+.c. -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
> On Thursday 30 September 2004 10:15 am, Tony Ly wrote: > >> Theo nmap output tre^n thi`: >> 68/tcp open dhcpclient - co' the^? ko ca^`n >> 631/tcp open ipp - internet printing: cha('c ko ca^`n luo^n >> >> Ba'c co' the^? ba('t ddaa^`u tu+` file na`y: /etc/inetd.conf. Coi >> trong ddo' co' ca'i na`o lie^n quan dde^'n dhcpclient va` ipp thi` >> comment it out (du`ng text editor, bo? da^'u # tru+o+'c ca'i line > > Sau khi cha.y ca'i script /sbin/myfile, go~ : > > [EMAIL PROTECTED]:/home/knoppix# nmap -v localhost > > Starting nmap 3.55 ( http://www.insecure.org/nmap/ ) at 2004-10-02 > 05:06 EDT > Host box (127.0.0.1) appears to be up ... good. > Initiating SYN Stealth Scan against box (127.0.0.1) at 05:06 > Adding open port 631/tcp > Adding open port 68/tcp > The SYN Stealth Scan took 1 second to scan 1660 ports. > Interesting ports on box (127.0.0.1): > (The 1658 ports scanned but not shown below are in state: closed) > PORTSTATE SERVICE > 68/tcp open dhcpclient > 631/tcp open ipp > > Nhu+ng trong /etc/inetd.conf ta^'t ca? ca'c do`ng dde^`u dda~ # ca? > ro^`i (file attach). Va^.y sao khi cha.y nmap -v localhost no' co`n > ba'o 2 ca'i PORT? > Cha'u no'i ba('t dda^`u tu+` ca'i file na`y la` ta.i vi` nhie^`u systems va^~n co`n du`ng no' o+? default. Ba'c tha^'y nhu+~ng services tre^n va^~n co`n mo+? la` do /etc/services file. Ba'c edit ca'i file na`y, ro^`i ti`m to+'i port 68 va` 631, bo? no' ra (comment it out with # sign). Xong restart ma^'y ca'i services na`y (ko bie^'t knoppix restart la`m sao vi` cha'u ko co' du`ng. Ne^'u ba'c ko bie^'t thi` reboot cho tie^.n). xong cha.y nmap la.i se~ tha^'y no' ddo'ng ma^'t. Khi mi`nh ddo^?i /etc/services thi` no' se~ ddo^?i permanent luo^n. > Hie^.n ta.i, khi vu+`a boot ma'y le^n, chu+a cha.y /sbin/myfile thi` > cu~ng dda~ va`o net ddu+o+.c ro^`i. Cha.y ca'i /sbin/myfile la` dde^? > ta(ng cu+o+`ng ma^'y ca'i o^? khoa' Yale pha?i kho^ng? Ca'i /sbin/myfile la` ca'i gi` va^.y? Co' le~ la` custom script cu?a ba'c hay cu?a ai la`m cho ba'c pha?i ko? --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On 8:45:29 pm 09/30/04 hypoj <[EMAIL PROTECTED]> wrote: > > Ki'nh ba'c, > > Ca'i vu. na`y thi` mi`nh dda~ hie^?u ro^`i, ba'c gia?ng the^m ca'i > ddoa.n na`y vo+'i: > > for interface in /proc/sys/net/ipv4/conf/*/rp_filter > do > echo 1 > $interface > done > > Big thanks, > Tu+'c la` no' ba'o to^i muo^'n validate source cu?a connection dde^? cho^'ng spoofing cu?a IP trong LAN tu+` be^n ngoa`i ma` 0 ca^`n nho+` dde^'n firewall rules. Ne^'u du`ng firewall rules thi` tho^ng thu+o+n`g na na' nhu+ du+o+'i iptables -A FORWARD -i eth0 -s 192.168.0.0/16 -j DROP iptables -A FORWARD -i eth0 -s 172.16.0.0/12 -j DROP iptables -A FORWARD -i eth0 -s 10.0.0.0/8 -j DROP iptables -A INPUT -i eth0 -s 192.168.0.0/16 -j DROP iptables -A INPUT -i eth0 -s 172.16.0.0/12 -j DROP iptables -A INPUT -i eth0 -s 10.0.0.0/8 -j DROP vo+'i eth0 la` external interface. Ba.n xem trong /proc/sys/net/ipv4/conf/ co' ra^'t nhie^`u interfaces. Ca'i do`ng tre^n no' ba'o mo+? le^n he^'t (echo 1 thay vi` 0 la` ta('t) ta^'t ca? ca'c interfaces hie^.n co' tre^n ma'y. Ca'c ba?n Linux mo+'i sau na`y ba.n co' the^? ddie^`u chi?nh gia' tri. na`y ba(`ng ca'ch du`ng le^.nh sysctl. Hay "vi /etc/sysctl.conf". References: /usr/src/linux/Documentation/filesystems/proc.txt /usr/src/linux/Documentation/networking/ip-sysctl.txt http://www.faqs.org/rfcs/rfc1812.html -Larry http://www.nhÃmlinux.net --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Fri, 01 Oct 2004 08:45:29 +0700, hypoj <[EMAIL PROTECTED]> wrote: > Ki'nh ba'c, > > Ca'i vu. na`y thi` mi`nh dda~ hie^?u ro^`i, ba'c gia?ng the^m ca'i > ddoa.n na`y vo+'i: > > for interface in /proc/sys/net/ipv4/conf/*/rp_filter > do > echo 1 > $interface > done > This enables source validation by reversed path according to RFC1812. In other words, did the response packet originate from the same interface through which the source packet was sent? It's recommended for single-homed systems and routers on stub networks. Since those are the configurations this firewall is designed to support, I turn it on by default. Turn it off if you use multiple NICs connected to the same network. --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
Larry Nguyen wrote: Hi hypoj, Ne^'u ba.n xem la.i ca'i script, default policy cho INPUT la` DROP. CO' nghi~a la` khi ba.n mo+? web browser ra va` go~ va`o http://search.yahoo.com/search?ei=UTF-8&fr=sfp&p=Explanation+of+ESTABLISHED%2C+RELATED+in+iptables thi` tha^'y ca'i browser no' cu+' ddu+'ng im kho^ng nhu'c nhi'ch hay bi. bao' la` Host not found. Ta.i sao vay? Vi` khi ba.n ddi ra ngoa`i, tu+'c la` ba.n vu+`a mo+? mo^.t NEW connection, khi search.yahoo.com no' tra? lo+`i la.i nhu+ng no' bi. iptables cu?a ba.n no'i hmmm, tao kho^ng cho ma`y va`o (iptables -P INPUT DROP). Do ddo' mi`nh ca^`n mo^.t ca'i rule dde^? cho ta^'t ca? ca'c connections na`o tra? lo+`i mo^.t connection dda~ co' sa(~n (ESTABLISHED) do tu+` ba.n ba('t dda^`u hay la` mo^.t NEW connection nhu+ng dde^? tra? lo+`i mo^.t ca'i co' sa(~n (RELATED) cu~ng do tu+` ba.n ba('t dda^`u. Ba.n ne^n do.c the^m TCP/IP. DDo.c ta`i lie^.u ve^` firewall kho^ng cu~ng kho^ng tha^'m, pha?i la`m luo^n thi` mo+'i nho+'/hie^?u to^'t ho+n. -Larry http://www.nhÃmlinux.net Ki'nh ba'c, Ca'i vu. na`y thi` mi`nh dda~ hie^?u ro^`i, ba'c gia?ng the^m ca'i ddoa.n na`y vo+'i: for interface in /proc/sys/net/ipv4/conf/*/rp_filter do echo 1 > $interface done Big thanks, -- hypoj Microsoft is not the answer, it is the question. The answer is NO!!! --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Thursday 30 September 2004 08:25 pm, Chinh Nguyen wrote: > chao bac Hai, > Bac xem thu trong /etc/services (redhat) roi restart > network daemon. > > Chinh. > ps: hinh hu bac khong ngu ban ddem thi phai :) Huh, mi`nh xa`i Knoppix, Yoper, va` ho.c xa`i Debian, hie^.n gio+` ddang ngo^`i trong Knoppix 3.6 thi` kho^ng ti`m tha^'y /etc/services. Tha(`ngKnoppix chi? co' mo^.t ca'i /usr/lib/cups/daemon/ chu+'a 2 files gi` la(`ng ngoa(`ng. 21g di ngu? thi` 3g sa'ng he^'t phie^n la` pha?i dda.o ro^`i! -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
chao bac Hai, Bac xem thu trong /etc/services (redhat) roi restart network daemon. Chinh. ps: hinh hu bac khong ngu ban ddem thi phai :) --- [EMAIL PROTECTED] wrote: > On Thursday 30 September 2004 10:15 am, Tony Ly > wrote: > > > Theo nmap output tre^n thi`: > > 68/tcp open dhcpclient - co' the^? ko ca^`n > > 631/tcp open ipp - internet printing: cha('c ko > ca^`n luo^n > > > > Ba'c co' the^? ba('t ddaa^`u tu+` file na`y: > /etc/inetd.conf. Coi > > trong ddo' co' ca'i na`o lie^n quan dde^'n > dhcpclient va` ipp thi` > > comment it out (du`ng text editor, bo? da^'u # > tru+o+'c ca'i line > > Sau khi cha.y ca'i script /sbin/myfile, go~ : > > [EMAIL PROTECTED]:/home/knoppix# nmap -v localhost > > Starting nmap 3.55 ( http://www.insecure.org/nmap/ ) > at 2004-10-02 > 05:06 EDT > Host box (127.0.0.1) appears to be up ... good. > Initiating SYN Stealth Scan against box (127.0.0.1) > at 05:06 > Adding open port 631/tcp > Adding open port 68/tcp > The SYN Stealth Scan took 1 second to scan 1660 > ports. > Interesting ports on box (127.0.0.1): > (The 1658 ports scanned but not shown below are in > state: closed) > PORTSTATE SERVICE > 68/tcp open dhcpclient > 631/tcp open ipp > > Nhu+ng trong /etc/inetd.conf ta^'t ca? ca'c do`ng > dde^`u dda~ # ca? > ro^`i (file attach). Va^.y sao khi cha.y nmap -v > localhost no' co`n > ba'o 2 ca'i PORT? > > Hie^.n ta.i, khi vu+`a boot ma'y le^n, chu+a cha.y > /sbin/myfile thi` > cu~ng dda~ va`o net ddu+o+.c ro^`i. Cha.y ca'i > /sbin/myfile la` dde^? > ta(ng cu+o+`ng ma^'y ca'i o^? khoa' Yale pha?i > kho^ng? > > -- > m k h _ s g n > > > > > > ## # /etc/inetd.conf: see inetd(8) for further > informations. > # > ## # Internet server configuration database > # > # > ## # Lines starting with "#:LABEL:" or > "##" should not > ## # be changed unless you know what you are > doing! > # > ## # If you want to disable an entry so it > isn't touched during > ## # package updates just comment it out with a > single '#' character. > # > ## # Packages should modify this file by using > update-inetd(8) > # > # > > # > ## #:INTERNAL: Internal services > ## #echo stream tcp nowait rootinternal > ## #echo dgram udp waitrootinternal > ## #chargen stream tcp nowait rootinternal > ## #chargen dgram udp waitrootinternal > ## discard stream tcp nowait rootinternal > ## discard dgram udp waitrootinternal > ## daytime stream tcp nowait rootinternal > ## #daytime dgram udp waitrootinternal > ## time stream tcp nowait rootinternal > ## #time dgram udp waitrootinternal > > ## #:STANDARD: These are standard services. > ## ftp stream tcp nowait root/usr/sbin/tcpd > /usr/sbin/in.ftpd > > ## #:BSD: Shell, login, exec and talk are BSD > protocols. > > ## #:MAIL: Mail, news and uucp services. > > ## #:INFO: Info services > > ## #:BOOT: Tftp service is provided primarily > for booting. Most sites > ## # run this only on machines acting as "boot > servers." > ## tftp dgram udp waitroot/usr/sbin/in.tftpd > in.tftpd /boot > > ## #:RPC: RPC based services > > #:HAM-RADIO: amateur-radio services > > ## #:OTHER: Other services > ## ## netbios-ssn stream tcp nowait root > /usr/sbin/tcpd/usr/sbin/smbd > ## printer stream tcp nowait lp > /usr/lib/cups/daemon/cups-lpd cups-lpd > ## vboxd stream tcp nowait root/usr/sbin/tcpd > /usr/sbin/vboxd > ## saft stream tcp nowait root/usr/sbin/tcpd > /usr/sbin/sendfiled > ## ## 3632 stream tcp > nowait.100 distccd/usr/sbin/tcpd > /usr/bin/distccd --inetd > --log-file=/var/log/distccd.log --nice=10 > ## xtelstream tcp nowait root >/usr/sbin/tcpd /usr/sbin/xteld > ## ## https stream tcp nowait > sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap > -nocert -addr 127.0.0.1 -port 80 > ## ## ssmtp stream tcp nowait > sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap > -nocert -addr 127.0.0.1 -port 25 > ## ## nntps stream tcp nowait > sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap > -nocert -addr 127.0.0.1 -port 119 > ## ## telnets stream tcp nowait > sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap > -nocert -addr 127.0.0.1 -port 23 > ## imaps stream tcp nowait sslwrap.sslwrap > /usr/sbin/tcpd /usr/sbin/sslwrap -nocert -addr > 127.0.0.1 -port 143 > ## ## ircs stream tcp nowait > sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap > -nocert -addr 127.0.0.1 -port 194 > ## pop3s stream tcp nowait sslwrap.sslwrap > /usr/sbin/tcpd /usr/sbin/sslwrap -nocert -addr > 127.0.0.1 -port 110 > ## ## ftps-data stream tcp nowait > sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap > -nocert -addr 127.0.0.1 -port 20 > ## ## ftps stream tcp nowait > sslwrap.sslwrap /usr/sbin/tcpd
Re: [Vietlug] Khoa ADSL bang tay
On Thursday 30 September 2004 10:15 am, Tony Ly wrote: > Theo nmap output tre^n thi`: > 68/tcp open dhcpclient - co' the^? ko ca^`n > 631/tcp open ipp - internet printing: cha('c ko ca^`n luo^n > > Ba'c co' the^? ba('t ddaa^`u tu+` file na`y: /etc/inetd.conf. Coi > trong ddo' co' ca'i na`o lie^n quan dde^'n dhcpclient va` ipp thi` > comment it out (du`ng text editor, bo? da^'u # tru+o+'c ca'i line Sau khi cha.y ca'i script /sbin/myfile, go~ : [EMAIL PROTECTED]:/home/knoppix# nmap -v localhost Starting nmap 3.55 ( http://www.insecure.org/nmap/ ) at 2004-10-02 05:06 EDT Host box (127.0.0.1) appears to be up ... good. Initiating SYN Stealth Scan against box (127.0.0.1) at 05:06 Adding open port 631/tcp Adding open port 68/tcp The SYN Stealth Scan took 1 second to scan 1660 ports. Interesting ports on box (127.0.0.1): (The 1658 ports scanned but not shown below are in state: closed) PORTSTATE SERVICE 68/tcp open dhcpclient 631/tcp open ipp Nhu+ng trong /etc/inetd.conf ta^'t ca? ca'c do`ng dde^`u dda~ # ca? ro^`i (file attach). Va^.y sao khi cha.y nmap -v localhost no' co`n ba'o 2 ca'i PORT? Hie^.n ta.i, khi vu+`a boot ma'y le^n, chu+a cha.y /sbin/myfile thi` cu~ng dda~ va`o net ddu+o+.c ro^`i. Cha.y ca'i /sbin/myfile la` dde^? ta(ng cu+o+`ng ma^'y ca'i o^? khoa' Yale pha?i kho^ng? -- m k h _ s g n ## # /etc/inetd.conf: see inetd(8) for further informations. # ## # Internet server configuration database # # ## # Lines starting with "#:LABEL:" or "##" should not ## # be changed unless you know what you are doing! # ## # If you want to disable an entry so it isn't touched during ## # package updates just comment it out with a single '#' character. # ## # Packages should modify this file by using update-inetd(8) # # # ## #:INTERNAL: Internal services ## #echo stream tcp nowait rootinternal ## #echo dgram udp waitrootinternal ## #chargenstream tcp nowait rootinternal ## #chargendgram udp waitrootinternal ## discard stream tcp nowait rootinternal ## discard dgram udp waitrootinternal ## daytime stream tcp nowait rootinternal ## #daytimedgram udp waitrootinternal ## timestream tcp nowait rootinternal ## #time dgram udp waitrootinternal ## #:STANDARD: These are standard services. ## ftp stream tcp nowait root/usr/sbin/tcpd /usr/sbin/in.ftpd ## #:BSD: Shell, login, exec and talk are BSD protocols. ## #:MAIL: Mail, news and uucp services. ## #:INFO: Info services ## #:BOOT: Tftp service is provided primarily for booting. Most sites ## # run this only on machines acting as "boot servers." ## tftpdgram udp waitroot/usr/sbin/in.tftpd in.tftpd /boot ## #:RPC: RPC based services #:HAM-RADIO: amateur-radio services ## #:OTHER: Other services ## ## netbios-ssn stream tcp nowait root/usr/sbin/tcpd /usr/sbin/smbd ## printer stream tcp nowait lp /usr/lib/cups/daemon/cups-lpd cups-lpd ## vboxd stream tcp nowait root/usr/sbin/tcpd /usr/sbin/vboxd ## saftstream tcp nowait root/usr/sbin/tcpd /usr/sbin/sendfiled ## ## 3632 stream tcp nowait.100 distccd /usr/sbin/tcpd /usr/bin/distccd --inetd --log-file=/var/log/distccd.log --nice=10 ## xtelstream tcp nowait root/usr/sbin/tcpd /usr/sbin/xteld ## ## https stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap -nocert -addr 127.0.0.1 -port 80 ## ## ssmtp stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap -nocert -addr 127.0.0.1 -port 25 ## ## nntps stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap -nocert -addr 127.0.0.1 -port 119 ## ## telnets stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap -nocert -addr 127.0.0.1 -port 23 ## imaps stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap -nocert -addr 127.0.0.1 -port 143 ## ## ircs stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap -nocert -addr 127.0.0.1 -port 194 ## pop3s stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap -nocert -addr 127.0.0.1 -port 110 ## ## ftps-data stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap -nocert -addr 127.0.0.1 -port 20 ## ## ftps stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap -nocert -addr 127.0.0.1 -port 21 ## ## ldaps stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd /usr/sbin/sslwrap -nocert -addr 127.0.0.1 -port 389 ## amanda dgram udp wait backup /usr/sbin/tcpd /usr/lib/amanda/amandad
Re: [Vietlug] Khoa ADSL bang tay
On Thursday 30 September 2004 09:15 pm, Tony Ly wrote: > Ba'c Ha?i lu'c na`y sung su+o+'ng ha'? Na`o la` DSL, Knoppix, > Yoper... Su+o+'ng cho ba'c ma` kho^? cho Tek support (just kidding > :)) Ngoa`i vi. niubi lao~ tha`nh qua'ch ma.ng na`y ddang online thi` ne^n nho+' ra(`ng co`n co' nhie^`u vi. niubi proxy ddang ddo.c ke' ma^'y ca'i na`y! Nha^'t la` SaigonLUG ho^`i na`y mo+'i co' the^m ho+n 70 members tu+` lo` Larry B018. Tui ba('t chu+o+'c cu. Pha^.t xuo^'ng ddi.a ngu.c la`m vie^.c thie^.n ddo'! Ma^'y ba`i gia?ng la^m sa`ng thu+.c ddi.a ve^` IPTABLES na`y Ra^'t bo^? i'ch. Va(n chu+o+ng cu?a ca'c ba^.c Guru thi` to^'i hu`, niubi ddo.c lie^`n bi. hoa?ng ho^`n, kho^ng da'm cho+i Linux nu+~a. Cho ne^n tuy` duye^n thuye^'t pha'p, chu'ng sanh trong co~i ta ba` dde^`u ddu+o+.c lo+.i la.c . . . hehe -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
> On Thursday 30 September 2004 07:55 am, [EMAIL PROTECTED] wrote: > >> Nhu+ va^.y la` to^'t ro^`i. PC cu?a ba'c na(`m sau lu+ng ca'i > >> (ta?i o+? dda^y: >> http://www.insecure.org/nmap/nmap_download.html). Khi ta?i ve^` >> ro^`i thi` >> uncompress va` compile no': >> tar -jxvf nmap-3.70.tar.bz2 >> configure >> make >> make install >> >> xong ro^`i cha.y cho ma'y mi`nh: >> nmap -v localhost >> >> Ne^'u output co' cai' gi` kho^ng ca^`n thie^'t thi` remove no' ddi. >> Ba'c kho^ng ca^`n ma^'y ca'i iptables scripts ddo' (co' thi` cu~ng >> to^'t, nhu+ng du`ng va`i ca'i ddo+n gia?n tho^i) vi` mi`nh kho^ng >> pha?i la` server. Ddo.c ma^'y ca'i scripts cu?a ba'c thi` chi? co' >> nu+o+'c ta^?u ho?a nha^.p ma tho^i :) > > [EMAIL PROTECTED]:/home/knoppix# nmap -v localhost > > Starting nmap 3.55 ( http://www.insecure.org/nmap/ ) at 2004-10-01 > 21:40 EDT > Host box (127.0.0.1) appears to be up ... good. > Initiating SYN Stealth Scan against box (127.0.0.1) at 21:40 > Adding open port 68/tcp > Adding open port 631/tcp > The SYN Stealth Scan took 1 second to scan 1660 ports. > Interesting ports on box (127.0.0.1): > (The 1658 ports scanned but not shown below are in state: closed) > PORTSTATE SERVICE > 68/tcp open dhcpclient > 631/tcp open ipp > > Nmap run completed -- 1 IP address (1 host up) scanned in 1.207 > seconds > [EMAIL PROTECTED]:/home/knoppix# > > > Bie^'t ca'i na`o ca^`n, ca'i na`o kho^ng ca^`n? La`m sao xoa' ca'i > kho^ng ca^`n? > DDa^y la` mi`nh ddang cha.y trong Knoppix 3.6, kho^ng pha?i Yoper nhu+ > ban chie^`u. :) > > -- > m k h _ s g n > > Ba'c Ha?i lu'c na`y sung su+o+'ng ha'? Na`o la` DSL, Knoppix, Yoper... Su+o+'ng cho ba'c ma` kho^? cho Tek support (just kidding :)) Cha'u ko du`ng ma^'y distro ddo' ne^n ko ra`nh. Dda.i kha'i co' nhie^`u ca'ch dde^? ta('t ma^'y ca'i services ko ca^`n, nhu+ng ca'ch la`m thi` tuy` thuo^.c va`o distro mi`nh du`ng. Theo nmap output tre^n thi`: 68/tcp open dhcpclient - co' the^? ko ca^`n 631/tcp open ipp - internet printing: cha('c ko ca^`n luo^n Ba'c co' the^? ba('t ddaa^`u tu+` file na`y: /etc/inetd.conf. Coi trong ddo' co' ca'i na`o lie^n quan dde^'n dhcpclient va` ipp thi` comment it out (du`ng text editor, bo? da^'u # tru+o+'c ca'i line tu+o+ng u+'ng). Ba'c ta('t ipp tru+o+'c, ro^`i restart inetd (ne^'u ko bie^'t thi` cho+i kie^?u M$, reboot :)). Sau ddo' ne^'u ko tha^'y problem gi` thi` tie^'p tu.c vo+'i dhcpclient. Ne^'u bi. problem thi` bo? no' la.i nhu+ cu~. Xong ro^`i ba'c cha.y nmap la.i. Ne^'u la`m ddu'ng thi` se~ ko tha^'y ma^'y services ddo' nu+~a. Ba^y gi+o` muo^'n cho+i filter gi` ddo' cu~ng ddu+o+.c. Nhu+ng ma` nho+' ddi tu+`ng bu+o+'c nho? dde^? de^? troubleshoot ne^'u co' chuye^.n gi`. Have fun... --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On 7:09:38 pm 09/29/04 hypoj <[EMAIL PROTECTED]> wrote: > Chuong Dao wrote: > > > Larry's script co' la`m mo^.t trick nho? cho connections dda~ > > ddu+o+.c ESTABLISHED/RELATED. Scrit na`y se~ cho phe'p INPUT vo+'i > > ddie^`u kie^.n la` ba'c initiated the connection. Ho+i ra('c ro^'i > > ti' (iptables howto on ESTABLISHED/RELATED). > > Ba'c co' the^? gia?ng gia?i chi tie^'t ho+n ve^` ca'i trick na`y > kho^ng? hay la` ba'c co' ca'i link na`o de^~ hie^?u ba'c qua(ng cho > mo^.t ca'i vo+'i. > -- > hypoj > Microsoft is not the answer, it is the question. The answer is NO!!! > > Hi hypoj, Ne^'u ba.n xem la.i ca'i script, default policy cho INPUT la` DROP. CO' nghi~a la` khi ba.n mo+? web browser ra va` go~ va`o http://search.yahoo.com/search?ei=UTF-8&fr=sfp&p=Explanation+of+ESTABLISHED%2C+RELATED+in+iptables thi` tha^'y ca'i browser no' cu+' ddu+'ng im kho^ng nhu'c nhi'ch hay bi. bao' la` Host not found. Ta.i sao vay? Vi` khi ba.n ddi ra ngoa`i, tu+'c la` ba.n vu+`a mo+? mo^.t NEW connection, khi search.yahoo.com no' tra? lo+`i la.i nhu+ng no' bi. iptables cu?a ba.n no'i hmmm, tao kho^ng cho ma`y va`o (iptables -P INPUT DROP). Do ddo' mi`nh ca^`n mo^.t ca'i rule dde^? cho ta^'t ca? ca'c connections na`o tra? lo+`i mo^.t connection dda~ co' sa(~n (ESTABLISHED) do tu+` ba.n ba('t dda^`u hay la` mo^.t NEW connection nhu+ng dde^? tra? lo+`i mo^.t ca'i co' sa(~n (RELATED) cu~ng do tu+` ba.n ba('t dda^`u. Ba.n ne^n do.c the^m TCP/IP. DDo.c ta`i lie^.u ve^` firewall kho^ng cu~ng kho^ng tha^'m, pha?i la`m luo^n thi` mo+'i nho+'/hie^?u to^'t ho+n. -Larry http://www.nhÃmlinux.net --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Thursday 30 September 2004 06:55 pm, [EMAIL PROTECTED] wrote: > > xong ro^`i cha.y cho ma'y mi`nh: > nmap -v localhost > > Ne^'u output co' cai' gi` kho^ng ca^`n thie^'t thi` remove no' ddi. > Hi! Thu+? compile trong Yoper va` cha.y no' thi` : [EMAIL PROTECTED] yoper # nmap -v localhost nmap: error while loading shared libraries: libpcre.so.3: cannot open shared object file: No such file or directory [EMAIL PROTECTED] yoper # -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Thursday 30 September 2004 07:55 am, [EMAIL PROTECTED] wrote: > Nhu+ va^.y la` to^'t ro^`i. PC cu?a ba'c na(`m sau lu+ng ca'i > (ta?i o+? dda^y: > http://www.insecure.org/nmap/nmap_download.html). Khi ta?i ve^` > ro^`i thi` > uncompress va` compile no': > tar -jxvf nmap-3.70.tar.bz2 > configure > make > make install > > xong ro^`i cha.y cho ma'y mi`nh: > nmap -v localhost > > Ne^'u output co' cai' gi` kho^ng ca^`n thie^'t thi` remove no' ddi. > Ba'c kho^ng ca^`n ma^'y ca'i iptables scripts ddo' (co' thi` cu~ng > to^'t, nhu+ng du`ng va`i ca'i ddo+n gia?n tho^i) vi` mi`nh kho^ng > pha?i la` server. Ddo.c ma^'y ca'i scripts cu?a ba'c thi` chi? co' > nu+o+'c ta^?u ho?a nha^.p ma tho^i :) [EMAIL PROTECTED]:/home/knoppix# nmap -v localhost Starting nmap 3.55 ( http://www.insecure.org/nmap/ ) at 2004-10-01 21:40 EDT Host box (127.0.0.1) appears to be up ... good. Initiating SYN Stealth Scan against box (127.0.0.1) at 21:40 Adding open port 68/tcp Adding open port 631/tcp The SYN Stealth Scan took 1 second to scan 1660 ports. Interesting ports on box (127.0.0.1): (The 1658 ports scanned but not shown below are in state: closed) PORTSTATE SERVICE 68/tcp open dhcpclient 631/tcp open ipp Nmap run completed -- 1 IP address (1 host up) scanned in 1.207 seconds [EMAIL PROTECTED]:/home/knoppix# Bie^'t ca'i na`o ca^`n, ca'i na`o kho^ng ca^`n? La`m sao xoa' ca'i kho^ng ca^`n? DDa^y la` mi`nh ddang cha.y trong Knoppix 3.6, kho^ng pha?i Yoper nhu+ ban chie^`u. :) -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Thursday 30 September 2004 07:55 am, [EMAIL PROTECTED] wrote: > nmap -v localhost Down ro^`i la`m lie^`n. Dda^y ne`: [EMAIL PROTECTED]:/home/knoppix/00/nmap-3.70# nmap -v localhost Starting nmap 3.55 ( http://www.insecure.org/nmap/ ) at 2004-10-01 21:35 EDT WARNING! The following files exist and are readable: /usr/share/nmap/nmap-services and ./nmap-services. I am choosing /usr/share/nmap/nmap-services for security reasons. set NMAPDIR=. to give priority to files in your local directory Host box (127.0.0.1) appears to be up ... good. Initiating SYN Stealth Scan against box (127.0.0.1) at 21:35 Adding open port 68/tcp Adding open port 631/tcp The SYN Stealth Scan took 1 second to scan 1660 ports. Interesting ports on box (127.0.0.1): (The 1658 ports scanned but not shown below are in state: closed) PORTSTATE SERVICE 68/tcp open dhcpclient 631/tcp open ipp Nmap run completed -- 1 IP address (1 host up) scanned in 1.243 seconds [EMAIL PROTECTED]:/home/knoppix/00/nmap-3.70# Ca'i na`o ca^`n? Ca'i na`o kho^ng ca^`n? La`m sao xoa' ca'i kho^ng ca^`n? -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
> On Thursday 30 September 2004 12:44 pm, chairuou wrote: > >> sao la.i kho^ng ???, ADSL cu?a cu. ca('m va`o netcard tre^n PC ? > > Line cha.y va`o mo^.t ca'i router, tu+` router cha.y va`o ca'i card > ma.ng. > > > -- > m k h _ s g n > Nhu+ va^.y la` to^'t ro^`i. PC cu?a ba'c na(`m sau lu+ng ca'i router, du`ng private IP (192.168.1.X), cho ne^n be^n ngoa`i ko tha^'y ddu+o+.c. Nhu+ va^.y la` ta.m an toa`n. Bu+o+'c ke^' tie^'p la` remove nhu+~ng services na`o kho^ng ca^`n thie^'t. Muo^'n bie^'t services na`o ddang cha.y tre^n ma'y mi`nh thi` du`ng nmap (ta?i o+? dda^y: http://www.insecure.org/nmap/nmap_download.html). Khi ta?i ve^` ro^`i thi` uncompress va` compile no': tar -jxvf nmap-3.70.tar.bz2 configure make make install xong ro^`i cha.y cho ma'y mi`nh: nmap -v localhost Ne^'u output co' cai' gi` kho^ng ca^`n thie^'t thi` remove no' ddi. Ba'c kho^ng ca^`n ma^'y ca'i iptables scripts ddo' (co' thi` cu~ng to^'t, nhu+ng du`ng va`i ca'i ddo+n gia?n tho^i) vi` mi`nh kho^ng pha?i la` server. Ddo.c ma^'y ca'i scripts cu?a ba'c thi` chi? co' nu+o+'c ta^?u ho?a nha^.p ma tho^i :) Happy ADSLing --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Thursday 30 September 2004 07:15 pm, hoan wrote: > -- > ne^'u chi? "chuo^`ng" tho^i thi` dda^u dde^'n no^~i na`o !! > To+'i lu'c na`o cu. tha^'y hdd quay le. lie^n tu.c,ro^`i "ps ax " > tha^'y co' user la` la. kho^ng "ho^. chu`a nha`" thi` lu'c a^'y > mo+'i ..lo !!! nha^'t la` user "root" ddang exec find . Bo+?i va^.y, ddang hi' ho+?n mi`nh co' ADSL bi. Larry do^.i so+ mo^.t ga'o, lie^`n ti?nh ngu+o+`i cha.y ddi mo` thuo^'c dda^'y. Anh co' ca`i cho+i ca'i Yoper la^`n na`o chu+a? No' do` tha^'y ADSL thi` nha^?y ra tre^n ca'i "t h a n h t a' c v u." nhu+~ng 2 ca'i button, khi co' no^'i ma.ng thi` nha'ng nha'ng le^n mo^.t ti' . . . Nhu+ng to^i muo^'n bie^'t la`m sao dde^? nhe't mo^.t ca'i lo.c ca`phe^ va`o? > OT. co' mo^.t la^`n ba'c co' ho?i Larry Kolivas la` ai : ddo.c > kerneltrap tha^'y Kolivas la` Tri.nh minh Thanh ngu+o+`i u'c !!! > Tre? ho+n ddo^i chu't, cu~ng mo^.t con ...ba'c si~ ga^y me^ ,say > su+a "va' " patch kernel va` so sa'nh benchmark > Thanh cu~ng la` ba'c si~ "tre?",dda~ lie^`u li~nh bu+o+'c va`o > vie^.c kho' nha^'t : > ai cu~ng the^m bo+'t trong vie^.c di.ch thua^.t ,tu+. cho mi`nh > hie^?u ddu'ng nha^'t ! > BTW multi-task=dda nhie^.m vu. (co' ai dde^` nghi. dda nhie^.m > tho^i) Xin ho?i ba'c maikhai ,-va` ca'c chu': to^i hie^?u chu+~ > "nhie^.m" phu. y' cho chu+~ "vu." dde^? nha^'n ma.nh "vie^.c pha?i > la`m" (ddo`i ho?i cu?a xa~ ho^.i, cu?a lua^n ly',co' ti'nh cha^'t > nghie^m trang ,thie^ng le^ng ) DDe^? gia?i chu+'ng the^m : > nghi~a vu.=nhie^.m vu. vo+'i y' nghi~a bo' e'p vi` bo^?n pha^.n > nghie^.p vu. =vie^.c chuye^n nghe^` > co^ng vu. = vie^.c chung > su+. vu. = ho+i chu`ng ddo^`ng nghi~a > ta'c vu.=y' tu+' ha`nh ddo^.ng cho "vie^.c " > Ai dda~ di.ch "thanh ta'c vu. " = taskbar >>>gio?i thie^.t Taskbar = Vie^.t : Thanh Ta'c Vu. Control Panel = Ta`u : Kho^'ng Che^' DDa`i (trong Win Ta`u) Gia? du. a^m ra la` "Khu'ng Chi' Ta`i"thi` nghe cu~ng kinh tha^.t. > > multi task=dda nhie^.m << vie^.t (do`ng cuo^'i na`y chu+'ng minh anh minhThanh ho. Tri.nh > dda~ lie^`u tha^.t : hoan nghe^nh ! ) > wang gia` La^u qua' kho^ng tha^'y Cu. le^n va^.y? SaigonLUG hie^.n co' TS Nguye^~n Tha'i So+n <[EMAIL PROTECTED]> (DHSP) ddang ngao du be^n Pha'p. Hy vo.ng tha^`y So+n ga(.p ddu+o+.c Cu. thi` hay la('m a! -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Thursday 30 September 2004 12:44 pm, chairuou wrote: > sao la.i kho^ng ???, ADSL cu?a cu. ca('m va`o netcard tre^n PC ? Line cha.y va`o mo^.t ca'i router, tu+` router cha.y va`o ca'i card ma.ng. -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
maikhai wrote: >khoe? bo^. xu+o+ng gia`. >Rie^ng tha^'y trong Yoper no' cha(?ng no'i na(ng gi`, cu+' boot le^n >la` gu+?i meo ddu+o+.c. Chi? ho+i so+. so+. la` nhu+ the^' thi` co' >bi. co+?i . . . chuo^`ng qua' nhie^`u hay kho^ng ma` tho^i :-) -- ne^'u chi? "chuo^`ng" tho^i thi` dda^u dde^'n no^~i na`o !! To+'i lu'c na`o cu. tha^'y hdd quay le. lie^n tu.c,ro^`i "ps ax " tha^'y co' user la` la. kho^ng "ho^. chu`a nha`" thi` lu'c a^'y mo+'i ..lo !!! nha^'t la` user "root" ddang exec find . OT. co' mo^.t la^`n ba'c co' ho?i Larry Kolivas la` ai : ddo.c kerneltrap tha^'y Kolivas la` Tri.nh minh Thanh ngu+o+`i u'c !!! Tre? ho+n ddo^i chu't, cu~ng mo^.t con ...ba'c si~ ga^y me^ ,say su+a "va' " patch kernel va` so sa'nh benchmark Thanh cu~ng la` ba'c si~ "tre?",dda~ lie^`u li~nh bu+o+'c va`o vie^.c kho' nha^'t : ai cu~ng the^m bo+'t trong vie^.c di.ch thua^.t ,tu+. cho mi`nh hie^?u ddu'ng nha^'t ! BTW multi-task=dda nhie^.m vu. (co' ai dde^` nghi. dda nhie^.m tho^i) Xin ho?i ba'c maikhai ,-va` ca'c chu': to^i hie^?u chu+~ "nhie^.m" phu. y' cho chu+~ "vu." dde^? nha^'n ma.nh "vie^.c pha?i la`m" (ddo`i ho?i cu?a xa~ ho^.i, cu?a lua^n ly',co' ti'nh cha^'t nghie^m trang ,thie^ng le^ng ) DDe^? gia?i chu+'ng the^m : nghi~a vu.=nhie^.m vu. vo+'i y' nghi~a bo' e'p vi` bo^?n pha^.n nghie^.p vu. =vie^.c chuye^n nghe^` co^ng vu. = vie^.c chung su+. vu. = ho+i chu`ng ddo^`ng nghi~a ta'c vu.=y' tu+' ha`nh ddo^.ng cho "vie^.c " Ai dda~ di.ch "thanh ta'c vu. " = taskbar >>>gio?i thie^.t multi task=dda nhie^.m <
Re: [Vietlug] Khoa ADSL bang tay
> Vu+'t ddi nhu+ng co' connect ddu+o+.c kho^ng? Mi`nh co' la`m bao gio+` > dda^u? Chi? tha^'y TTL ba`y sao thi` la`m nhu+ vay dde^? gu+?i meo. > Va` nha?y vo^ nha?y ra ti' chu't ro^`i la` ta('t ma'y ddi na(`m cho > khoe? bo^. xu+o+ng gia`. > Rie^ng tha^'y trong Yoper no' cha(?ng no'i na(ng gi`, cu+' boot le^n > la` gu+?i meo ddu+o+.c. Chi? ho+i so+. so+. la` nhu+ the^' thi` co' > bi. co+?i . . . chuo^`ng qua' nhie^`u hay kho^ng ma` tho^i :-) sao la.i kho^ng ???, ADSL cu?a cu. ca('m va`o netcard tre^n PC ? --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Thursday 30 September 2004 11:30 am, chairuou wrote: > to^'t nha^'t cu. vu+'t qua'ch ca'i > IPTables na`y ddi :-D cu. da^u co' dde^? online 24/7 ddau ma` tu > chuoc cai phie^`n na~o la`m gi` huh cu. Vu+'t ddi nhu+ng co' connect ddu+o+.c kho^ng? Mi`nh co' la`m bao gio+` dda^u? Chi? tha^'y TTL ba`y sao thi` la`m nhu+ vay dde^? gu+?i meo. Va` nha?y vo^ nha?y ra ti' chu't ro^`i la` ta('t ma'y ddi na(`m cho khoe? bo^. xu+o+ng gia`. Rie^ng tha^'y trong Yoper no' cha(?ng no'i na(ng gi`, cu+' boot le^n la` gu+?i meo ddu+o+.c. Chi? ho+i so+. so+. la` nhu+ the^' thi` co' bi. co+?i . . . chuo^`ng qua' nhie^`u hay kho^ng ma` tho^i :-) -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
cu. o+i cha'u ba?o ca'i ni` :-D cu. va`o dda^y generate ca'i script http://www.hideaway.net/home/public_html/server/iptables.php ro^`i tu+` tu+` thu+o+?ng la~m lu'c generate cu. chi.u kho' ddo.c help cu?a tu+`ng section :-D PS: cha'u no'i bu+`a 1 ca^u : to^'t nha^'t cu. vu+'t qua'ch ca'i IPTables na`y ddi :-D cu. da^u co' dde^? online 24/7 ddau ma` tu chuoc cai phie^`n na~o la`m gi` huh cu. , co`n cu. thi'ch nga^m cu+'u thi` cu. ngo^`i nha^m nhi man pages hay va`o netfilter.org ddo.c tho+ phu' cho no' nha`n ha. ;) --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Thursday 30 September 2004 05:47 am, Chuong Dao wrote: > Khong hieu ta.i sao ba'c thi'ch iptables -A INPUT -j DROP dden nhu > the^' :) > Vi` ddu+o+.c chi? da^~n ra(`ng go~ ca^u le^.nh na`y xong thi` khoa' tuo^'t luo^'t, ga^`n nhu+ ddo'ng cu+?a sa('t kho^ng cho va`o kho^ng cho ra. An toa`n xa lo^. ddo' ma`. Chu+' pha?i go~ ma^'y pha't mo+'i cha.y no' ddu+o+.c, cu+' nhu+ la` ba('n su'ng ki'p tho+`i Kha'ng Chie^'n, cu~ng me^.t bo? xu+`! > Ca'ch to^'t nha^'t la` kho^ng ne^n go~ no' sau khi cha.i Larry's > script :) Mi`nh thu+? to+'i thu+? lui thi` cu~ng nghie^.m ra ddu'ng nhu+ va^.y nhu+ng kho^ng hie^?u ta.i sao. Gio+` mo+'i bie^'t ta.i sao. Thanks. > > Co`n ne^'u muo^'n xa`i no' thi` ddu+`ng cha.y Larry's script. Lu'c > ddo' ba'c se~ ddu+o+.c thoa? ma~n nhu+ y' ba'c muo^'n (no more > INPUT connectivity). > > Larry's script co' la`m mo^.t trick nho? cho connections dda~ > ddu+o+.c ESTABLISHED/RELATED. Scrit na`y se~ cho phe'p INPUT vo+'i > ddie^`u kie^.n la` ba'c initiated the connection. Ho+i ra('c ro^'i > ti' (iptables howto on ESTABLISHED/RELATED). > > Vi` ba'c cha.y ca'i iptables -A INPUT -j DROP sau khi cha.y Larry's > cho nen no' khong co' stop everything ta.i vi` no' ddu+ng dda(`ng > sau Larry's script. iptables works theo thu+' tu+. Tha(`ng rule > na`o dden truoc la` xai thang ddo' :) Vu+`a ro^`i co' post le^n ML 5 ca'i bi' ki'p da de^, da`i lo`ng tho`ng kho' hie^?u kinh ngu+o+`i. La`m o+n gia?ng tie^'p ca'm o+n tru+o+'c. -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
> > Ba'c co' the^? gia?ng gia?i chi tie^'t ho+n ve^` ca'i trick na`y kho^ng? > hay la` ba'c co' ca'i link na`o de^~ hie^?u ba'c qua(ng cho mo^.t ca'i > vo+'i. > -- netfilter.org #man iptables :( --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
Chuong Dao wrote: Larry's script co' la`m mo^.t trick nho? cho connections dda~ ddu+o+.c ESTABLISHED/RELATED. Scrit na`y se~ cho phe'p INPUT vo+'i ddie^`u kie^.n la` ba'c initiated the connection. Ho+i ra('c ro^'i ti' (iptables howto on ESTABLISHED/RELATED). Ba'c co' the^? gia?ng gia?i chi tie^'t ho+n ve^` ca'i trick na`y kho^ng? hay la` ba'c co' ca'i link na`o de^~ hie^?u ba'c qua(ng cho mo^.t ca'i vo+'i. -- hypoj Microsoft is not the answer, it is the question. The answer is NO!!! --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
Khong hieu ta.i sao ba'c thi'ch iptables -A INPUT -j DROP dden nhu the^' :) Ca'ch to^'t nha^'t la` kho^ng ne^n go~ no' sau khi cha.i Larry's script :) Co`n ne^'u muo^'n xa`i no' thi` ddu+`ng cha.y Larry's script. Lu'c ddo' ba'c se~ ddu+o+.c thoa? ma~n nhu+ y' ba'c muo^'n (no more INPUT connectivity). Larry's script co' la`m mo^.t trick nho? cho connections dda~ ddu+o+.c ESTABLISHED/RELATED. Scrit na`y se~ cho phe'p INPUT vo+'i ddie^`u kie^.n la` ba'c initiated the connection. Ho+i ra('c ro^'i ti' (iptables howto on ESTABLISHED/RELATED). Vi` ba'c cha.y ca'i iptables -A INPUT -j DROP sau khi cha.y Larry's cho nen no' khong co' stop everything ta.i vi` no' ddu+ng dda(`ng sau Larry's script. iptables works theo thu+' tu+. Tha(`ng rule na`o dden truoc la` xai thang ddo' :) > > Da~ thu+? ca'i script cu?a Larry. Nhu+ng pha?i tru+o+'c he^'t go~ 2 > le^.nh > # modprobe 3c59x > # ifup eth0 > ro^`i cha.y ca'i script. > Nhu+ng sau khi le^n ma.ng xong, ne^'u go~ > # iptables -A INPUT -j DROP > thi` hi`nh nhu+ no' kho^ng a?nh hu+o+?ng gi`, vi` va^~n le^n ma.ng > ddu+o+.c. > > > La.i co`n mo^.t chuye^.n kha'c: > Sau khi go~ > # iptables -A INPUT -j DROP > ma` o+? trong Kmail dde^? soa.n meo RE, thi` go~ mo^.t ho^`i xong no' > kho^ng cho nha^'n Queue nu+~a. Toa`n bo^. Kmail bie^'n tha`nh > tra('ng, ma^'t he^'t ky' tu+. hie^?n thi.. > > La.i mo'c console ra go~ > # iptables -F > thi` sau ddo' la`m vie^.c bi`nh thu+o+ng (nhu+ng cu~ng pha?i re-open > Kmail) > > > Co`n vie^.c mua mo^.t ca'i router thi` . . . hehe. Nhu+ng nhu+ va^.y > thi` pha?i bo? ca'i router hie^.n co' (do FPT cho chu`a) hay sao? > Ca'i na`y cu~ng co' mo^.t nu't nha^'n va`o la` ta('t he^'t dde`n. Co' > pha?i la` no' kho^ng? > Ne^'u ta('t ba(`ng nu't na`y, ngay trong phie^n la`m vie^.c se~ kho^ng > mo+? ON tro+? la.i ddu+o+.c nu+~a. > -- > m k h _ s g n > > > > --- > This SF.net email is sponsored by: IT Product Guide on ITManagersJournal > Use IT products in your business? Tell us what you think of them. Give us > Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out > more > http://productguide.itmanagersjournal.com/guidepromo.tmpl > ___ > VietLUG-users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/vietlug-users > --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Wednesday 29 September 2004 08:12 am, [EMAIL PROTECTED] wrote: > iptables -F nghi~a la` delete he^'t nhu~ng rules (cu+?a chu`a > ro^.ng mo+? cho kha'ch tha^.p phu+o+ng). > > iptables -L se~ list ta^'t ca? nhu+~ng rules mi`nh ddang co' > > ba'c go~ nhu+ va^`y thi` se~ tha^'y su+.c kha'c bie^.t (DROP > all -- anywhere anywhere) lie^`n: > iptables -F > iptables -L > iptables -A INPUT -j DROP > iptables -L Hi! Ca'm o+n nhie^`u la('m. Tuy ba`i gia?ng chu+a "ta^.n cu`ng ba(`ng so^'" nhu+ng dda.i kha'i cu~ng hie^?u so+ so+ ddu+o+.c kho?i pha?i a^'m a'ch. > > Cha'u i't co' du`ng ma^'y ca'i GUI cho ne^n ko ro~ la('m. Cha'u > ddoa'n la` sau khi ba'c go~ "iptables -A INPUT -j DROP" thi` > gio^'ng nhu+ Lan dda~ ca('t gia^y chuo^ng, kho'a cu+?a chu`a la.i > (trong ddo' co' X-Windows), kho^ng cho Ddie^.p va`o :) Ba'c thu+? > mo+? co^?ng chu`a (cha'u chu+a test), le'n cho Ddie^.p va`o, xem > sao: > iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 6000:6009 -j ACCEPT > - Allow X-Windows > iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 7100 -j DROP - > Allow X-Windows font server > > Nhu+ cha'u dda~ no'i, ca'ch to^'t nha^'t la` thu+? ca'i tutorial > cu?a Larry cho hay la` mua mo^.t ca'i router. > > Have fun... Da~ thu+? ca'i script cu?a Larry. Nhu+ng pha?i tru+o+'c he^'t go~ 2 le^.nh # modprobe 3c59x # ifup eth0 ro^`i cha.y ca'i script. Nhu+ng sau khi le^n ma.ng xong, ne^'u go~ # iptables -A INPUT -j DROP thi` hi`nh nhu+ no' kho^ng a?nh hu+o+?ng gi`, vi` va^~n le^n ma.ng ddu+o+.c. La.i co`n mo^.t chuye^.n kha'c: Sau khi go~ # iptables -A INPUT -j DROP ma` o+? trong Kmail dde^? soa.n meo RE, thi` go~ mo^.t ho^`i xong no' kho^ng cho nha^'n Queue nu+~a. Toa`n bo^. Kmail bie^'n tha`nh tra('ng, ma^'t he^'t ky' tu+. hie^?n thi.. La.i mo'c console ra go~ # iptables -F thi` sau ddo' la`m vie^.c bi`nh thu+o+ng (nhu+ng cu~ng pha?i re-open Kmail) Co`n vie^.c mua mo^.t ca'i router thi` . . . hehe. Nhu+ng nhu+ va^.y thi` pha?i bo? ca'i router hie^.n co' (do FPT cho chu`a) hay sao? Ca'i na`y cu~ng co' mo^.t nu't nha^'n va`o la` ta('t he^'t dde`n. Co' pha?i la` no' kho^ng? Ne^'u ta('t ba(`ng nu't na`y, ngay trong phie^n la`m vie^.c se~ kho^ng mo+? ON tro+? la.i ddu+o+.c nu+~a. -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
> On Wednesday 29 September 2004 12:30 am, [EMAIL PROTECTED] wrote: > >> Ba'c cha.y 2 commands na`y sau khi cha.y "iptables -A INPUT -j >> DROP" ifconfig >> va` >> iptables -L >> >> ro^`i post output le^n xem sao. >> >> >> Anyway, ca'ch to^'t nha^'t la` ne^n mua mo^.t ca'i router/switch >> nhu+ tha(`ng linksys na`y: >> http://www.linksys.com/products/product.asp?grid=34&scid=29&prid=56 >>1 >> >> Nhu+ the^' ba'c se~ no^'i ddu+o+.c nhie^`u PC cun`g mo^.t lu'c va` >> la.i an toa`n ho+n nu+~a. Xong ro^`i ba'c cu+' tu+` tu+` ma` >> qua^.y vo+'i ma^'y ca'i iptables (www.iptables.org) hoa(.c ca'i >> link cua? Larry cho. Tru+o+'c khi do.c pha' vo+'i iptables thi` >> ba'c ne^n ddo'ng ta^'t ca? nhu+~ng ports ko ca^`n thie^'t (du`ng >> nmap dde^? check). >> >> Good luck... > > OK no' dda^y: > (cha.y Knoppix 3.6) > > [EMAIL PROTECTED]:/home/knoppix# modprobe 3c59x > [EMAIL PROTECTED]:/home/knoppix# ifup eth0 > [EMAIL PROTECTED]:/home/knoppix# iptables -F > [EMAIL PROTECTED]:/home/knoppix# iptables -A INPUT -j DROP > [EMAIL PROTECTED]:/home/knoppix# ifconfig > eth0 Link encap:Ethernet HWaddr 00:10:4B:0F:F4:79 > inet addr:192.168.1.33 Bcast:192.168.1.255 > Mask:255.255.255.0 > inet6 addr: fe80::210:4bff:fe0f:f479/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:4 errors:0 dropped:0 overruns:0 frame:0 > TX packets:9 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:1608 (1.5 KiB) TX bytes:1990 (1.9 KiB) > Interrupt:21 Base address:0xdc00 > > loLink encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:10 errors:0 dropped:0 overruns:0 frame:0 > TX packets:10 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:500 (500.0 b) TX bytes:500 (500.0 b) > > [EMAIL PROTECTED]:/home/knoppix# iptables -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > DROP all -- anywhere anywhere > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > [EMAIL PROTECTED]:/home/knoppix# > > > Ghi the^m: > > Sau khi cha.y 2 le^.nh na`y, Kmail hay ca'c Apps kha'c bi. ddo^ng > cu+'ng kho^ng mo+? ddu+o+.c. Pha?i go~ la.i le^.nh > > # iptables -F > > thi` mo+'i la`m vie^.c ddu+o+.c. > > Va^.y iptables -L co' co^ng du.ng nhu+ the^' na`o? > > > -- > m k h _ s g n > iptables -F nghi~a la` delete he^'t nhu~ng rules (cu+?a chu`a ro^.ng mo+? cho kha'ch tha^.p phu+o+ng). iptables -L se~ list ta^'t ca? nhu+~ng rules mi`nh ddang co' ba'c go~ nhu+ va^`y thi` se~ tha^'y su+.c kha'c bie^.t (DROP all -- anywhere anywhere) lie^`n: iptables -F iptables -L iptables -A INPUT -j DROP iptables -L Cha'u i't co' du`ng ma^'y ca'i GUI cho ne^n ko ro~ la('m. Cha'u ddoa'n la` sau khi ba'c go~ "iptables -A INPUT -j DROP" thi` gio^'ng nhu+ Lan dda~ ca('t gia^y chuo^ng, kho'a cu+?a chu`a la.i (trong ddo' co' X-Windows), kho^ng cho Ddie^.p va`o :) Ba'c thu+? mo+? co^?ng chu`a (cha'u chu+a test), le'n cho Ddie^.p va`o, xem sao: iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 6000:6009 -j ACCEPT - Allow X-Windows iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 7100 -j DROP - Allow X-Windows font server Nhu+ cha'u dda~ no'i, ca'ch to^'t nha^'t la` thu+? ca'i tutorial cu?a Larry cho hay la` mua mo^.t ca'i router. Have fun... --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On Wednesday 29 September 2004 12:30 am, [EMAIL PROTECTED] wrote: > Ba'c cha.y 2 commands na`y sau khi cha.y "iptables -A INPUT -j > DROP" ifconfig > va` > iptables -L > > ro^`i post output le^n xem sao. > > > Anyway, ca'ch to^'t nha^'t la` ne^n mua mo^.t ca'i router/switch > nhu+ tha(`ng linksys na`y: > http://www.linksys.com/products/product.asp?grid=34&scid=29&prid=56 >1 > > Nhu+ the^' ba'c se~ no^'i ddu+o+.c nhie^`u PC cun`g mo^.t lu'c va` > la.i an toa`n ho+n nu+~a. Xong ro^`i ba'c cu+' tu+` tu+` ma` > qua^.y vo+'i ma^'y ca'i iptables (www.iptables.org) hoa(.c ca'i > link cua? Larry cho. Tru+o+'c khi do.c pha' vo+'i iptables thi` > ba'c ne^n ddo'ng ta^'t ca? nhu+~ng ports ko ca^`n thie^'t (du`ng > nmap dde^? check). > > Good luck... OK no' dda^y: (cha.y Knoppix 3.6) [EMAIL PROTECTED]:/home/knoppix# modprobe 3c59x [EMAIL PROTECTED]:/home/knoppix# ifup eth0 [EMAIL PROTECTED]:/home/knoppix# iptables -F [EMAIL PROTECTED]:/home/knoppix# iptables -A INPUT -j DROP [EMAIL PROTECTED]:/home/knoppix# ifconfig eth0 Link encap:Ethernet HWaddr 00:10:4B:0F:F4:79 inet addr:192.168.1.33 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::210:4bff:fe0f:f479/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4 errors:0 dropped:0 overruns:0 frame:0 TX packets:9 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1608 (1.5 KiB) TX bytes:1990 (1.9 KiB) Interrupt:21 Base address:0xdc00 loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:10 errors:0 dropped:0 overruns:0 frame:0 TX packets:10 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:500 (500.0 b) TX bytes:500 (500.0 b) [EMAIL PROTECTED]:/home/knoppix# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination DROP all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination [EMAIL PROTECTED]:/home/knoppix# Ghi the^m: Sau khi cha.y 2 le^.nh na`y, Kmail hay ca'c Apps kha'c bi. ddo^ng cu+'ng kho^ng mo+? ddu+o+.c. Pha?i go~ la.i le^.nh # iptables -F thi` mo+'i la`m vie^.c ddu+o+.c. Va^.y iptables -L co' co^ng du.ng nhu+ the^' na`o? -- m k h _ s g n --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
> Cha`o ca? nha`! > > Tui mo+? Knoppix 3.6, ro^`i vo^ ADSL ba(`ng tay ba(`ng ca'c le^.nh > sau: > > # modprobe 3c59x > # ifup eth0 > # iptables -F > > thi` le^n ma.ng hay gu+?i nha^.n meo dde^`u OK. > > Nhu+ng khi go~ > > # iptables -A INPUT -j DROP > > dde^? khoa' cu+?a sa('t ddi ngu? thi` co' lu'c ddu+o+.c, co' lu'c ma`n > hi`nh ngay cu ddo+, bo'p chuo^.t va`o Start thi` no' dda~ lo~m va`o > tu+` tru+o+'c ro^`i (nhu+ la` he^. tho^'ng ddang busy). Pha?i force > no' ba(`ng ca'ch nha^'n chuo^.t pha?i le^n Desktop ro^`i cho.n Logout > Knoppix, cho+` no' lu.c ddu.c ca'i chi ddo' mo^.t ho^`i ro^`i mo+'i > chi.u logout. > > Sau khi dda~ login tro+? la.i, thi` co' lu'c tie^'p tu.c networking > ddu+o+.c, co' lu'c kho^ng ddu+o+.c. Trong tru+o+`ng ho+.p sau, pha?i > reboot he^.t tho^'ng ro^`i la.i cha.y ca'c le^.nh ke^? tre^n thi` > mo+'i la`m vie^.c ddu+o+.c. > > Ca'c ba.n vui lo`ng chi? tui ca'ch kha('c phu.c? To^'t nha^'t la` cho > tui xin mo^.t ca'i script dde^? xa`i, ke?o ma` . . . hehe bi. cha'y > o^ng ddi.a. Thanks. > > -- > m k h _ s g n > > Hi ba'c Ha?i, Ba'c cha.y 2 commands na`y sau khi cha.y "iptables -A INPUT -j DROP" ifconfig va` iptables -L ro^`i post output le^n xem sao. Anyway, ca'ch to^'t nha^'t la` ne^n mua mo^.t ca'i router/switch nhu+ tha(`ng linksys na`y: http://www.linksys.com/products/product.asp?grid=34&scid=29&prid=561 Nhu+ the^' ba'c se~ no^'i ddu+o+.c nhie^`u PC cun`g mo^.t lu'c va` la.i an toa`n ho+n nu+~a. Xong ro^`i ba'c cu+' tu+` tu+` ma` qua^.y vo+'i ma^'y ca'i iptables (www.iptables.org) hoa(.c ca'i link cua? Larry cho. Tru+o+'c khi do.c pha' vo+'i iptables thi` ba'c ne^n ddo'ng ta^'t ca? nhu+~ng ports ko ca^`n thie^'t (du`ng nmap dde^? check). Good luck... --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users
Re: [Vietlug] Khoa ADSL bang tay
On 3:51:41 pm 09/26/04 [EMAIL PROTECTED] wrote: > Cha`o ca? nha`! > > Tui mo+? Knoppix 3.6, ro^`i vo^ ADSL ba(`ng tay ba(`ng ca'c le^.nh > sau: DDa~ he'! Ba('t dda^`u download vo^ tu+ ha? ba'c? > > # modprobe 3c59x > # ifup eth0 > # iptables -F > > thi` le^n ma.ng hay gu+?i nha^.n meo dde^`u OK. > Di~ nhie^n la` ddu+o+.c bo+?i vi` ba'c mo+'i flush ta^'t ca? ca'c rules cu?a firewall = le^.nh tre^n ne^'u ba'c 0 co' set default policy la` DROP. > Nhu+ng khi go~ > > # iptables -A INPUT -j DROP > > dde^? khoa' cu+?a sa('t ddi ngu? thi` co' lu'c ddu+o+.c, co' lu'c > ma`n hi`nh ngay cu ddo+, bo'p chuo^.t va`o Start thi` no' dda~ lo~m > va`o tu+` tru+o+'c ro^`i (nhu+ la` he^. tho^'ng ddang busy). Pha?i > force no' ba(`ng ca'ch nha^'n chuo^.t pha?i le^n Desktop ro^`i cho.n > Logout Knoppix, cho+` no' lu.c ddu.c ca'i chi ddo' mo^.t ho^`i ro^`i > mo+'i chi.u logout. > > Sau khi dda~ login tro+? la.i, thi` co' lu'c tie^'p tu.c networking > ddu+o+.c, co' lu'c kho^ng ddu+o+.c. Trong tru+o+`ng ho+.p sau, pha?i > reboot he^.t tho^'ng ro^`i la.i cha.y ca'c le^.nh ke^? tre^n thi` > mo+'i la`m vie^.c ddu+o+.c. > > Ca'c ba.n vui lo`ng chi? tui ca'ch kha('c phu.c? To^'t nha^'t la` cho > tui xin mo^.t ca'i script dde^? xa`i, ke?o ma` . . . hehe bi. cha'y > o^ng ddi.a. Thanks. > > -- > m k h _ s g n > > Cha'u chu+a bao gio+` xa`i ADSL :) Gia? su+? ba'c la^'y ddi.a chi? = DHCP, va` ba'c chi? co' mo^.t ma'y vo+'i mo^.t network card. Ba'c thu+? ca'i script sau dda^y. Script na`y la` minimum. ba'c ne^n nho+` TTLong ghe' qua la`m cho script ha^'p da^~n the^m ti' :) #!/bin/sh /sbin/modprobe ip_conntrack_ftp iptables -F INPUT iptables -P INPUT DROP for interface in /proc/sys/net/ipv4/conf/*/rp_filter do echo 1 > $interface done iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p udp --source-port 53 -j ACCEPT iptatables -A INPUT -p udp --destination-port 68 -j ACCEPT Ba'c co' the^? ddo.c the^m o+? dda^y http://www.hackinglinuxexposed.com/articles/20030709.html -Larry http://www.nhÃmlinux.net --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ VietLUG-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/vietlug-users