Linux-Networking Digest #940, Volume #9 Tue, 19 Jan 99 15:13:51 EST
Contents:
Re: Setting up PPP ("Olly Segwick")
Re: Win95 to Linux! (Raymond Doetjes)
Re: Why hangs the modem ? (Raymond Doetjes)
Re: Security hole with WU-FTPD (John Coffman)
Re: Security hole with WU-FTPD ([EMAIL PROTECTED])
Re: smaba & win98 (Lonny Schwartz)
Re: Linux Networking (Kelvin Leung)
Re: nt cannot browse network (samba) (Raymond Doetjes)
Re: Two IP addresses to the same Ethernet card (Rolf Raar)
Re: IP-masquerading with IPCHAINS--NEED HELP!!! (Raymond Doetjes)
Re: Tricky network problem (using loopback?) (Sam Clayton)
Call for Papers ("Linux I&A")
Re: Recomendation for external modem for Linux? (Joe Halpin)
URGEND: PLIP problems... (Maik Hassel)
Re: onboard DSP winmodem? ("Simon Allfrey")
Re: Problems with DISPLAY (John Strange)
----------------------------------------------------------------------------
From: "Olly Segwick" <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux.slackware,comp.os.linux.setup
Subject: Re: Setting up PPP
Date: 19 Jan 1999 15:04:22 GMT
What about running
route
and seeing if the default routes have been added? pppsetup does that for
you, or at least it should. I've used it numerous times and had few
problems. If you run it from the console on your box, it should popup the
Ip address given to it by your Isp after 30 seconds or so. If it doesn't,
then try not using PAP and other ways. Can you dial in just fine using
Minicom?
--
Olly Segwick
Terry Voakes <[EMAIL PROTECTED]> wrote in article
<01be4367$c77b6d80$1a381cd0@terry-voakes>...
> Hello,
>
> I have tried setting up PPP using the pppsetup program that comes with
> Slackware 3.6 but no luck. I have all the information from my ISP and I
am
> sure that it is correct. (i.e. name server, PAP, etc...)
>
> I checked the syslogd file and it definitely seems that the PPP
connection
> is forming (i.e. says "CONNECT - got it." as the documentation states it
> should). However, when I try to ping the name servers specified in the
> /etc/resolv.conf file, no luck. I have read the PPP-HOWTO but still
could
> not get it working.
>
> I would greatly appreciate any help if anyone has any suggestions or
> comments.
>
> Thanks in advance,
>
> Terry
>
------------------------------
From: Raymond Doetjes <[EMAIL PROTECTED]>
Subject: Re: Win95 to Linux!
Date: Tue, 19 Jan 1999 17:10:47 +0100
This is a multi-part message in MIME format.
==============500BC22FD022A9C74F726A47
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
What is your Linux ip address???
I Guess 192.168.0.1 please verify.
Raymond
Greg - Web Development wrote:
> Hello all:
>
> I'm having trouble networking my Win95 to my Linux server. I can't ping
> the Linux box and Linux can't ping Win95.
>
> Win95 >Control Panel >Network settings:
>
> gateway 192.168.0.1
> win95 ip 192.168.0.10
> subnet 255.255.255.0
>
> Linux /etc/hosts:
>
> 127.0.0.1 localhost
> 192.168.0.10 win95
>
> Can anyone tell me if and what I'm missing? I really appreciate it.
>
> Thank you!
>
> Sincerely,
>
> Gregory A. Smith
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
==============500BC22FD022A9C74F726A47
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Raymond Doetjes
Content-Disposition: attachment; filename="vcard.vcf"
begin: vcard
fn: Raymond Doetjes
n: Doetjes;Raymond
org: SYNAPSES IT
adr: Overijsselhaven 47;;;Nieuwegein;Utrecht;3433 PH;The Netherlands
email;internet: [EMAIL PROTECTED]
title: programmeur VAB
tel;work: 030 6066411
tel;fax: 030 6067871
x-mozilla-cpt: ;0
x-mozilla-html: FALSE
version: 2.1
end: vcard
==============500BC22FD022A9C74F726A47==
------------------------------
From: Raymond Doetjes <[EMAIL PROTECTED]>
Subject: Re: Why hangs the modem ?
Date: Tue, 19 Jan 1999 17:14:38 +0100
This is a multi-part message in MIME format.
==============6DD5B72702964B69F567EEEE
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I could imagine that you still have the +++ rule in your modem to go
back to command mode.
The +++ is a normal ocurrence in PPP sessions.
Raymond
Francesc Guasch wrote:
> I have ppp-2.3.5. I have a script that launches the ppp
> connection.
> I have tried to add the idle option like this in the
> /usr/sbin/ppp-go file.
>
> My problem is that the modem hangs very soon, in the
> very begining of the connection, reading or sending
> mail it stops.
>
> How can I know if is my modem that hangs or the one
> in the other side ?
>
> Is the idle option safe ?
>
> --
> mailto:[EMAIL PROTECTED] http://www.etsetb.upc.es/~frankie
> ^-^.-----,
> o o _ ) Errors, like straws, upon the surface flow;
> Y (_, (__(Ssss He who would search for pearls must dive below.
==============6DD5B72702964B69F567EEEE
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Raymond Doetjes
Content-Disposition: attachment; filename="vcard.vcf"
begin: vcard
fn: Raymond Doetjes
n: Doetjes;Raymond
org: SYNAPSES IT
adr: Overijsselhaven 47;;;Nieuwegein;Utrecht;3433 PH;The Netherlands
email;internet: [EMAIL PROTECTED]
title: programmeur VAB
tel;work: 030 6066411
tel;fax: 030 6067871
x-mozilla-cpt: ;0
x-mozilla-html: FALSE
version: 2.1
end: vcard
==============6DD5B72702964B69F567EEEE==
------------------------------
From: [EMAIL PROTECTED] (John Coffman)
Crossposted-To:
comp.security,comp.security.unix,redhat.general,redhat.networking.general,aus.computers.linux
Subject: Re: Security hole with WU-FTPD
Reply-To: [EMAIL PROTECTED]
Date: Tue, 19 Jan 1999 16:19:42 GMT
On Fri, 15 Jan 1999 16:19:39 -0600, Daryle Niedermayer
<[EMAIL PROTECTED]> wrote:
>We had a hacker exploit a weakness in the WU-FTP daemon last night. The
>exploit on a machine named "bob" from a machine named "neale"went like
>this:
>
>Here's how part of the exploit happened:
>
>By adding an entry to the bottom of the passwd file:
>test::0:0:dummyname:/:/bin/bash
>
>without a password marker, our login scripts will not let you login with
>a
>shell, but they will let you open an ftp connection with root
>permissions.
>
>You can then upload or download any file you want. ftp will allow you to
>
>login with a null password so you do not need access to the shadow file
>to
>exploit this weakness, as the following transcript will show:
>
>neale[29]% ftp bob
>Connected to bob....
>220 bob... FTP server (Version wu-2.4.2-academ[BETA-15](1) Sat Nov
>1 03:08:32 EST 1997) ready.
>Name (bob:dniederm): test
>331 Password required for test.
>Password:
>230 User test logged in.
>Remote system type is UNIX.
>Using binary mode to transfer files.
>ftp> cd /etc/
>250 CWD command successful.
>ftp> get shadow
>local: shadow remote: shadow
>200 PORT command successful.
>150 Opening BINARY mode data connection for shadow (1117 bytes).
>226 Transfer complete.
>1117 bytes received in 0.00159 secs (6.8e+02 Kbytes/sec)
>ftp> bye
>221 Goodbye.
>neale[30]% whoami
>dniederm
>neale[31]% more shadow
>...
>the contents of the shadow file including encrypted passwords would
>follow.
>
>The fact that the shadow file is not root writable. Would not have saved
>it. Once root access is gained in this way, putting the shadow file back
>raises not problems with overwriting a file with 0400 permissions.
>Upgrading to BETA-18 (the latest available rpm still permitted this
>exploit. The software was installed as part of the default set of rpms
>in a Redhat Linux 5.0 distribution.
>
>We are still working to uncover how the hacker managed to append a
>passwd entry to the /etc/passwd file. (I'm open to suggestions--at the
>time of the attack, bob was set up to be an NFS client but we do not use
>NFS in our domain as so it may not have been configured properly. NFS
>has since been removed).
NFS has known security flaws in RHL 5.0 & 5.1. My RHL 5.1 system was
successfully attacked through NFS -- the symptom being the appending
of a root account to /etc/passwd with no password.
Check you /var/log/messages file for a NFS message with a very long
string of ^P^P^P's -- buffer overflow is exploited using this flaw.
>From what you say, the WU-FTP problem is only a later symptom of the
break-in.
--John Coffman
>
>We have since replaced wu-ftp with a different ftp server. Here again I
>am open to suggestions as to the best low-cost (or no-cost) ftpd
>available apart from wu-ftp.
>
>--
>
>********************************
>Daryle Niedermayer
>Programmer/Analyst
>GDS & Associates Systems. Ltd.
>400 - 4211 Albert St.
>Regina, SK Canada -- S4S 3R6
>Phone: 306.586.7832
>Fax: 306.585.1514
>email: [EMAIL PROTECTED]
>http://www.gds.ca
>********************************
>
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.security.unix,redhat.networking.general,aus.computers.linux
Subject: Re: Security hole with WU-FTPD
Date: Tue, 19 Jan 1999 15:40:08 GMT
>In article <[EMAIL PROTECTED]>,
>Jacques Distler <[EMAIL PROTECTED]> wrote:
>>Color me stupid, but why does he allow root ftp logins, *period*.
>>Shouldn't root be in his ftpusers file?
>
>Even if it were, it wouldn't have helped in this case. The line that the
>cracker added to /etc/passwd had a UID of 0, but the name wasn't "root".
>The ftpusers file lists names, not UIDs.
I have seen this happen before. In my case the hacker first broke into an NT
machine (has microsoft ever made a product that was secure? ;-) ) then used
SAMBA to access the server. I have disable this product and my hacker
problems disappeared.
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Lonny Schwartz <[EMAIL PROTECTED]>
Subject: Re: smaba & win98
Date: Tue, 19 Jan 1999 09:38:12 -0500
rbrewer wrote:
>
> My win98 machine sees the samba drive on my linux machine but always asks
> for a password which never works. I log onto the win machine with the same
> login and password as my linux machine (i.e.-root, "pwd"). I feel that there
> is something wrong on the win machine with tcp/ip setup but have gone
> through every setting with no luck. I have tried deleting the pwl files and
> restarting, etc. Any help would be appreciated. I recently changed from
> slackware to redhat 5.0 to avoid all the hassles of setting up ppp, network
> card and graphics. This seems like deja vue but that's what newsgroups are
> for.
> Thanks
I just ran into this problem on my system. I just did a little edit of
the win98 regitry to enable plain text passwords but there are other
options if you are worried about security.
> To enable plain-text passwords, add the Registry entry for
> EnablePlainTextPassword (as a Dword) and set the value to 1 in the
> following Registry location:
> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\Vnetsup
> --------------------------------------------------
> To set the value for EnablePlainTextPassword to 1:
> --------------------------------------------------
Check the SAMBA faq for all the options.
http://us1.samba.org/samba/docs/FAQ/#27
Good luck!
------------------------------
From: [EMAIL PROTECTED] (Kelvin Leung)
Subject: Re: Linux Networking
Date: Tue, 19 Jan 1999 09:50:43 -0700
Did you try ifconfig to look at the interface?
In article <77s1o2$[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Yiqing Liang)
wrote:
> I am trying to setup networking for my Linux system, which is a kind of
> old Slackware. I have done everything in setup/configuration and
> netconfig. But I still have problems:
>
> (1) When I run neetstat -i, it does not show the line of "eth0".
> (2) When I run netstat -r, it does not shpw loopback line and default
> line
> (3) When I ping this host, I got error message saying "Network
> unreachable"
>
> Would apprciate if anyone can help.
------------------------------
From: Raymond Doetjes <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.misc
Subject: Re: nt cannot browse network (samba)
Date: Tue, 19 Jan 1999 17:17:28 +0100
This is a multi-part message in MIME format.
==============3CC87ACFAE7A50C4ABAB9D78
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
What you should do is make the workgroup name of samba the same as your NT
domain name.
Raymond
peter wrote:
> setting up samba on a linux-machine in a workgroup (at this experimental
> state : one linux-machine, one nt-machine) leads me to a strange problem:
>
> when I want to browse the network in nt-explorer I dont see any computer
> (even not the nt-machine itself) but the workgroup. when I try to open
> the workgroup, I get something like this :
> you cannot logon to workgroup with this account
>
> but when I look for the samba-machine or the nt-machine (in explorer :
> extra/search/computer) I find them both an can open the shares !!
> I can also mount the shares with the net use - command.
>
> So this seems to be only a browsing-problem.
>
> I set up linux as master-browser for this workgroup (cause the nt-machine
> is rebootet very often) with the following global-section in smb.conf
> (I tried both : using wins and not)
>
> [global]
> guest account = nobody
> log file = /var/log/samba-log.%m
> lock directory = /var/lock/samba
> share modes = yes
> workgroup = MYGROUP
> #wins support = yes
> #wins proxy = yes
> local master = yes
> preferred master = yes
> os level = 64
> name resolve order = host
>
> in NT I just set the workgroupname and when I tried to use linux as wins-
> server in the smb.conf I did also in NT.
>
> and I also tried to enabled the plainpassword-option on nt to make sure,
> that this is no encryption-problem.
>
> there is one fact that makes me think, that this is a NT-problem :
>
> why can I not see the nt-machine itself in the network in nt-explorer.
> this cannot be just a samba-problem !?
>
> peter
>
> -----------------
> pilsl@
> ANTISPAM
> riemann.atat.at
==============3CC87ACFAE7A50C4ABAB9D78
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Raymond Doetjes
Content-Disposition: attachment; filename="vcard.vcf"
begin: vcard
fn: Raymond Doetjes
n: Doetjes;Raymond
org: SYNAPSES IT
adr: Overijsselhaven 47;;;Nieuwegein;Utrecht;3433 PH;The Netherlands
email;internet: [EMAIL PROTECTED]
title: programmeur VAB
tel;work: 030 6066411
tel;fax: 030 6067871
x-mozilla-cpt: ;0
x-mozilla-html: FALSE
version: 2.1
end: vcard
==============3CC87ACFAE7A50C4ABAB9D78==
------------------------------
From: Rolf Raar <[EMAIL PROTECTED]>
Subject: Re: Two IP addresses to the same Ethernet card
Date: 19 Jan 1999 19:03:00 +0100
pierini <[EMAIL PROTECTED]> wrote:
> How can I assign two IP addresses to the same Ethernet card ?
Load the ip_alias module and type
route add xxx.xxx.xxx.xxx eth0:0
Replace the x' with an ip number....
Rolf
------------------------------
From: Raymond Doetjes <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.help
Subject: Re: IP-masquerading with IPCHAINS--NEED HELP!!!
Date: Tue, 19 Jan 1999 17:20:08 +0100
This is a multi-part message in MIME format.
==============5097EFDFA663F6A13183A66A
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I Advice you to use the SuSE masq scripts because they do work!!! ALready from version
5.0
up.
I have never used ipchains. You should probabaly use ipfadm to open up your firewall
and
masquerdading before using ipchains.
(Did you also setup the default gateway address to the iP address of your Linux box on
your
workstations?)
Raymond
root wrote:
> Hi
>
> I have the following problem with IPCHAINS:
>
> I have set up a linux box as a (masquerading - not working yet) router
> between a small LAN
> and an iternet connection via a gateway.
>
> PROBLEM: i can't figure out the IPCHAINS commands for the forwarding
> chain for setting up the kernel masquerading entries (IPCHAINS -L -M
> i tried some configs f
> WHAT WORKS YET: from the routing machine, i have full access to the
> internet and to the LAN
> the default gateway is set, the routing table seems to be ok, too
> REQUIREMENTS MET: kernel 2.2.0-pre7 compiled with masquerading and
> forwarding and firewall support, IPCHAINS is installed (it's
>the
> latest SuSE 6.0 distribution) and i have disabled the
> SuSE firewall and masquerading scripts because a) they didn't work
> and b) i want to have a clean configuration where i can figure out
> how it works. th ROUTING script is still enabled (it makes the
> default gateway thing work and does nothing else.
> the two networks are physically separated (two different interfaces)
>
> so i would need a sample config line for the forward chain (if it should
> be placed there)
> that enables masquerading between the LAN (192.168.0.x) ant the
> internet
>
> THANX
>
> GRISU
>
> ps1: how does the MASQ policy work ?
> ps2: the ipchains-HOWTO sucks! (there is no sample config for different
> network setups)
> (it was hard enough to set up the internet stuff for the routing
> machine)
==============5097EFDFA663F6A13183A66A
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Raymond Doetjes
Content-Disposition: attachment; filename="vcard.vcf"
begin: vcard
fn: Raymond Doetjes
n: Doetjes;Raymond
org: SYNAPSES IT
adr: Overijsselhaven 47;;;Nieuwegein;Utrecht;3433 PH;The Netherlands
email;internet: [EMAIL PROTECTED]
title: programmeur VAB
tel;work: 030 6066411
tel;fax: 030 6067871
x-mozilla-cpt: ;0
x-mozilla-html: FALSE
version: 2.1
end: vcard
==============5097EFDFA663F6A13183A66A==
------------------------------
From: Sam Clayton <[EMAIL PROTECTED]>
Crossposted-To: alt.uu.comp.os.linux.questions
Subject: Re: Tricky network problem (using loopback?)
Date: Tue, 19 Jan 1999 19:18:45 +0000
On checking the log files I find the following message:
<date> <time> <machine> kernel: eth0: Tx timed out, lost interrupt
TSR=0x3 IS\R=0x3 t=12000
Does this give anyone a clue as to what's happening?
Cheers,
Sam
------------------------------
From: "Linux I&A" <[EMAIL PROTECTED]>
Subject: Call for Papers
Date: Tue, 12 Jan 1999 19:09:31 -0700
Call for Papers:
My company is publishing a new Linux technical journal focusing on
Integration and Administration. We invite members of the Linux community to
submit papers worthy of publication. If your submission is accepted for
publication, it will be edited for length, content, and format. The author
will be paid for any paper that is published, either on our web-site or in
journal form.
Please send papers electronically to [EMAIL PROTECTED], or, if you wish,
mail submissions to
Linux Integration and Administration
799 W 1150 S
Payson, Utah, USA
84561
------------------------------
From: [EMAIL PROTECTED] (Joe Halpin)
Subject: Re: Recomendation for external modem for Linux?
Date: 19 Jan 1999 18:29:39 GMT
In article <[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]> wrote:
>Has anyone had success attaching external modems to a Red hat
>installation. BTW, my telephone company is GTE and I am considering
>the 3com IQImpact. If anyone has used this brand or another, how did
>it fare?
I've used a USR Sportster with both RedHat 5.1 and 5.2. It works
fine.
Joe
------------------------------
From: Maik Hassel <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware
Subject: URGEND: PLIP problems...
Date: Tue, 19 Jan 1999 20:32:47 +0100
Reply-To: [EMAIL PROTECTED]
Hi!
I=B4ve got the following problem! I=B4m trying to connect a linux-box to =
an
Laptop! There are no problems on the laptop- or cable side =B4cause I=B4m=
able to connect it to various other machines!
THIS particular machine is able to send e.g. ping-pakets which receive
the Laptop without any problems (acording to ifconfig netstat ..), but
if the laptop wants to resonse the pakets don=B4t reach the linux-box and=
the laptop gets "TX-Errors"
The adresses and routes are correct, there are no visible interrupt
conflicts and both ports are - according to the board-setup -
bi-direktional ports (EPP+ECP). There is no printer device enabled...
HELP! I need this PLIP-link!
many many thanks
Maik
-- =
====================================================================
GMD/AiS German National Research Center =
Maik Hassel for Information Technology
E-Mail: [EMAIL PROTECTED] Schloss Birlinghofen
Phone: +49 (0)2241-14-2444 (o o) D-53754 St. Augustin/Germany
~~~~~~~~~~~~~~~~~~~~~~~~~-ooO-(_)-Ooo-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
------------------------------
From: "Simon Allfrey" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware,comp.os.linux.setup
Subject: Re: onboard DSP winmodem?
Date: Tue, 19 Jan 1999 19:42:12 -0000
I have found some kind of specification document for this thing:
Multiwave: Comwave 56 PCI
(Lucent Technologies chipset)
DSP (as opposed to HSP)
http://www.multiwave.com/download/manuals/PCILucent/PCIlucent_spec.pdf
If I've managed to decipher this correctly it _does_ do it's DSP on-board
and is
not a standard winmodem CPU vampire.
How do you write a modem driver anyway.....
------------------------------
From: [EMAIL PROTECTED] (John Strange)
Subject: Re: Problems with DISPLAY
Date: 19 Jan 1999 18:20:44 GMT
See it this works:
Lets say you are on Sara
do a xhost +Lise
rlogin Lise
setenv DISPLAY Sara:0
Maignan ([EMAIL PROTECTED]) wrote:
: Hi
: I have a mini-network with PLIP (2 PCs,Lise and Sara).
: rlogin works without problem,but when I want to use xmgr or
: pgdisp,I try to use a remote display by doing either:
: setenv DISPLAY Sara:0.0 or setenv DISPLAY Lise:0.0
: The command is accepted;the DISPLAY variable is set but Xlib
: returns:
: Xlib: connection to "Sara:0.0" refused by server
: Xlib:client is not authaurized to connect to server
: Error:Cann't open display: Sara:0.0
: And the same for the other PC.
: On a single PC setenv DISPLAY localhost:0.0 works,but
: setenv DISPLAY Sara:0.0 does not.
: rcp does not work
: ftp works in only one direction
: Help! Thank you
: G.Maignan
: --
: G.Maignan
--
While Alcatel may claim ownership of all my ideas (on or off the job),
Alcatel does not claim any responsibility for them. Warranty expired when u
opened this article and I will not be responsible for its contents or use.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
