FREE! Amazing Money Making Secrets FREE!
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Spammers hammering our mail servers
My thoughts exactly. I was actually also thinking of getting the script to add the rule to our satellite receivers and border router as well, but I'll settle for ipchains on the server for now. My plan was just a quick script to analyse the logs and block certain IP's, then have a cron job flush and rebuild the ipchains/iptables rules every morning. It is more of a nusiance that a major bandwidth/server resources drain, and I have many other things on my todo list that are more important ATM. I anyone wants to write a more featured program and package it I'm sure a few people including me would be grateful. Andrew Tait System Administrator Country NetLink Pty, Ltd E-Mail: [EMAIL PROTECTED] WWW: http://www.cnl.com.au 30 Bank St Cobram, VIC 3644, Australia Ph: +61 (03) 58 711 000 Fax: +61 (03) 58 711 874 "It's the smell! If there is such a thing." Agent Smith - The Matrix - Original Message - From: "Russell Coker" <[EMAIL PROTECTED]> To: "Andrew Tait" <[EMAIL PROTECTED]>; "Nathan Ridge" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, March 04, 2002 9:29 PM Subject: Re: Spammers hammering our mail servers > One advantage of basing such a system on parsing log files is that it would > be possible to write a script that uses log files from different programs. > Then we could spend more time on getting this done properly, have specified > timeouts for blocked IP addresses, have the cache of IP addresses be > maintained across boots, etc. > > I would be happy to add something like this to my logtools package if there > are code contributions... > > -- > If you send email to me or to a mailing list that I use which has >4 lines > of legalistic junk at the end then you are specifically authorizing me to do > whatever I wish with the message and all other messages from your domain, by > posting the message you agree that your long legalistic sig is void. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: BGP4/OSPF routing daemon for Linux?
On Thursday 28 February 2002 23:37, Tommy van Leeuwen wrote: > 'free' so i would choose zebra if i ever needed bgp or ospf on linux > again. I remember licence costs of gated were as much as a huge cisco few there is also BIRD and MRT. -- "Unix IS user friendly...It's just selective about who its friends are." -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: tool(s) to analyze contents of tcp-sessions
On Mon, 04 Mär 2002, Robert Waldner wrote: > I'm looking for a tool with which I could analyze the contents > (payload) of captured tcp-sessions. I know tcpdump, ngrep, tcptrace et > al but none of them can do what I need, and before I spend a week of > hacking together my own software... You can use "netdude": It is a GUI-based tool that allows you to make detailed changes to packets in tcpdump trace files, in particular, it can currently do the following: ... (http://packages.debian.org/unstable/x11/netdude.html) -- Noèl Köthe -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: tool(s) to analyze contents of tcp-sessions
On Mon, Mar 04, 2002 at 05:09:29PM +0100, Robert Waldner wrote: > > Hi! > > I'm looking for a tool with which I could analyze the contents > (payload) of captured tcp-sessions. I know tcpdump, ngrep, tcptrace et > al but none of them can do what I need, and before I spend a week of > hacking together my own software... apt-cache showpkg libpcap0 | egrep "^ " | cut -d, -f1 | uniq tcpflow and ethereal are my favorites. -- Jacob Elder http://www.lucidpark.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: tool(s) to analyze contents of tcp-sessions
On Mon Mar 04 2002 at 05:09:29PM +0100 'Robert Waldner' <[EMAIL PROTECTED]> wrote: > What I need would be something which could provide output like: > > TCP-session $foo from $bar:1234 to $baz:4321: > > >> GET / HTTP/1.0 > << HTTP/1.1 200 OK > << Date: Mon, 04 Mar 2002 16:06:15 GMT Ethereal is what you want. It reads tcpdump files or can capture itself. Ciao Charl __ Visit beautiful Vergas, Minnesota. __ [ Charl Matthee ] [ +27-11-721-3800 ] [ Entropic Reality Facilitator] [ +27-11-405-6508 ] __ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: tool(s) to analyze contents of tcp-sessions
On Mon, 2002-03-04 17:09:29 +0100, Robert Waldner <[EMAIL PROTECTED]> wrote in message <[EMAIL PROTECTED]>: > What I need would be something which could provide output like: > > TCP-session $foo from $bar:1234 to $baz:4321: > > >> GET / HTTP/1.0 > << HTTP/1.1 200 OK > << Date: Mon, 04 Mar 2002 16:06:15 GMT > ... > > preferrably from dumped sessions, though live capture only would also do. # make dreams become real # apt-get install ethereal MfG, JBG -- Jan-Benedict Glaw . [EMAIL PROTECTED] . +49-172-7608481 -- New APT-Proxy written in shell script -- http://lug-owl.de/~jbglaw/software/ap2/ msg05623/pgp0.pgp Description: PGP signature
Re: tool(s) to analyze contents of tcp-sessions
On Mon, 04 Mar 2002 17:09:29 +0100 Robert Waldner wrote: > I'm looking for a tool with which I could analyze the contents > (payload) of captured tcp-sessions. > > What I need would be something which could provide output like: > > TCP-session $foo from $bar:1234 to $baz:4321: > > >> GET / HTTP/1.0 > << HTTP/1.1 200 OK > << Date: Mon, 04 Mar 2002 16:06:15 GMT > ... tcpflow -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
tool(s) to analyze contents of tcp-sessions
Hi! I'm looking for a tool with which I could analyze the contents (payload) of captured tcp-sessions. I know tcpdump, ngrep, tcptrace et al but none of them can do what I need, and before I spend a week of hacking together my own software... What I need would be something which could provide output like: TCP-session $foo from $bar:1234 to $baz:4321: >> GET / HTTP/1.0 << HTTP/1.1 200 OK << Date: Mon, 04 Mar 2002 16:06:15 GMT ... preferrably from dumped sessions, though live capture only would also do. cheers+tia, &rw -- / Ing. Robert Waldner | Security Engineer | CoreTec IT-Security \ \ <[EMAIL PROTECTED]> | T +43 1 503 72 73 | F +43 1 503 72 73 x99 / msg05621/pgp0.pgp Description: PGP signature
Re: LDAP: EMAIL SERVER AND BIND
Hi Asking www.google.com it sais that currier mail should be able to work with ldap-servers. Regards, Michael On Mon, Mar 04, 2002 at 03:19:54PM +, falkom wrote: > Ok but postfix under LDAP and what do I use like POP3 server, please? > > - Mensaje Original - > Remitente: Michael Blickenstorfer <[EMAIL PROTECTED]> > Fecha: Lunes, Marzo 4, 2002 2:30 pm > Asunto: Re: LDAP: EMAIL SERVER AND BIND > > > Hi Angel > > > > On Mon, Mar 04, 2002 at 12:58:10PM +, falkom wrote: > > > Hi all! > > > > > > I try to install qmail + vpopmail in ldap server. It is not > > working > > > well. > > > > > > Please, could you tell me any email server (POP/SMTP) to work > > well in > > > ldap server, please? > > > > Why don't you try with postfix? At debian it comes directly with a > > ldap- > > interface. Documentation includet... > > > > Regards, Michael > > > > > > > > And please, can you tell me if there is documentation to join > > LDAP with > > > Bind? > > > > > > > > > Thank you very much > > > > > > > > > Ángel > > > > > > > > > -- > > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > > with a subject of "unsubscribe". Trouble? Contact > > [EMAIL PROTECTED] > > -- > > "The software said it requires Windows 2000 or better, > > so I installed Linux" > > -- "The software said it requires Windows 2000 or better, so I installed Linux" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Problem with the installation of imp
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Werner, 1) - a. Apache c. Apache-SSL b. Both o. Other What type of Web Server are you running? [a] - wrong: you chose apache-ssl 2) - # LoadModule php3_module /usr/lib/apache/1.3/libphp3.so - remove the comment (#) in /etc/apache-ssl/httpd.conf 3) - Restart Apache-SSL now? [Y/n] Y apache-ssl: cannot determine local host name. Use the ServerName directive to set it manually. /usr/sbin/apache-sslctl start: httpd could not be started - set the ServerName and restart apache-ssl 4) re-run "apt-get install imp" or use "dpkg --configure --pending" maybe you'll have to reconfigure (see 1)) horde/imp, safest (to me) is "apt-get --purge remove horde imp; apt-get install horde imp" good luck, Sönke Am Freitag, 1. März 2002 17:34 schrieb Werner De Kuyffer: > Hi, > > Attached you find a copy of the output of the installation process of imp. > Can someone help me with the error that occurred? > > Thanks, > Werner -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjyDizoACgkQUHsyYAmAYTWiXACfVBXtoIw8J/Lo82ZUyOh86ZTp eJEAn3AgVHMxaygx3U+2NcyAfQ3nhDbG =GWv4 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: LDAP: EMAIL SERVER AND BIND
Hi Angel On Mon, Mar 04, 2002 at 12:58:10PM +, falkom wrote: > Hi all! > > I try to install qmail + vpopmail in ldap server. It is not working > well. > > Please, could you tell me any email server (POP/SMTP) to work well in > ldap server, please? Why don't you try with postfix? At debian it comes directly with a ldap- interface. Documentation includet... Regards, Michael > > And please, can you tell me if there is documentation to join LDAP with > Bind? > > > Thank you very much > > > Ángel > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- "The software said it requires Windows 2000 or better, so I installed Linux" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
LDAP: EMAIL SERVER AND BIND
Hi all! I try to install qmail + vpopmail in ldap server. It is not working well. Please, could you tell me any email server (POP/SMTP) to work well in ldap server, please? And please, can you tell me if there is documentation to join LDAP with Bind? Thank you very much Ángel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Antiviral checking for small server using postfx
This is surely an FAQ in its general form but doesn't seem to have been asked for some while. Specifics: I'm running a server mostly to serve up smallish (total membership <1k) Email lists relating to counselling/psychotherapy (not-for-profit stuff) using listar/ecartis and postfix under potato. I'd like to do antiviral filtering but budget is low. Any recommendations? TIA, Chris -- Chris Evans <[EMAIL PROTECTED]> Consultant Psychiatrist in Psychotherapy, Rampton Hospital; Associate R&D Director, Tavistock & Portman NHS Trust; Hon. SL Institute of Psychiatry *** My views are my own and not representative of those institutions *** -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Spammers hammering our mail servers
On Mon, 4 Mar 2002 05:05, Andrew Tait wrote: > I was looking more for a real time solution, either by and exim system > filter, or by a log watcher program (ie, the logtail package). > > I'll clarify my questions a bit more. > > Is the exim filter language capable of such a task? From what I have seen > so far, no, but my eXPerience with that is limited. (ie, am I wasting my > time try to do it with a system filter). > > Or should I use a script being run every 5 minutes, in conjunction with a > program like logtail. One advantage of basing such a system on parsing log files is that it would be possible to write a script that uses log files from different programs. Then we could spend more time on getting this done properly, have specified timeouts for blocked IP addresses, have the cache of IP addresses be maintained across boots, etc. I would be happy to add something like this to my logtools package if there are code contributions... -- If you send email to me or to a mailing list that I use which has >4 lines of legalistic junk at the end then you are specifically authorizing me to do whatever I wish with the message and all other messages from your domain, by posting the message you agree that your long legalistic sig is void. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: any good way to get the apache DocumentRoot value?
Why not use the environmental variable set by apache for CGI scripts? DOCUMENT_ROOT should work... No parsing necessary... Greetings, Vinai > On Sun, 3 Mar 2002 17:03:43 +0100 > Russell Coker <[EMAIL PROTECTED]> wrote: > >> On Sun, 3 Mar 2002 16:59, Patrick Hsieh wrote: >> > Hello "Luc MAIGNAN" <[EMAIL PROTECTED]>, >> > >> > >> > BTW, in Debian woody, the executable "apache" is under >> > /usr/sbin/apache, which can't be executed by the default uid of >> > apache(www-data). >> >> Why not? >> >> root@lyta:~# sudo -u www-data bash >> bash: /home/root/.bashrc: Permission denied >> www-data@lyta:~$ /usr/sbin/apache -v >> Server version: Apache/1.3.23 (Unix) Debian GNU/Linux >> Server built: Feb 7 2002 13:56:56 >> www-data@lyta:~$ /usr/sbin/apache -V >> Server version: Apache/1.3.23 (Unix) Debian GNU/Linux >> Server built: Feb 7 2002 13:56:56 >> Server's Module Magic Number: 19990320:11 >> Server compiled with >> -D EAPI >> -D HAVE_MMAP >> -D HAVE_SHMGET >> -D USE_SHMGET_SCOREBOARD >> -D USE_MMAP_FILES >> -D HAVE_FCNTL_SERIALIZED_ACCEPT >> -D HAVE_SYSVSEM_SERIALIZED_ACCEPT >> -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT >> -D HTTPD_ROOT="/usr" >> -D SUEXEC_BIN="/usr/lib/apache/suexec" >> -D DEFAULT_PIDLOG="/var/run/apache.pid" >> -D DEFAULT_SCOREBOARD="/var/run/apache.scoreboard" >> -D DEFAULT_LOCKFILE="/var/run/apache.lock" >> -D DEFAULT_XFERLOG="/var/log/apache/access.log" >> -D DEFAULT_ERRORLOG="/var/log/apache/error.log" >> -D TYPES_CONFIG_FILE="/etc/apache/mime.types" >> -D SERVER_CONFIG_FILE="/etc/apache/httpd.conf" >> -D ACCESS_CONFIG_FILE="/etc/apache/access.conf" >> -D RESOURCE_CONFIG_FILE="/etc/apache/srm.conf" >> www-data@lyta:~$ >> >> > >> > I'm afraid the cgi run-time uid can't execute /usr/sbin/apache -V. >> > >> > >> > On Sun, 3 Mar 2002 16:44:32 +0100 >> > >> > "Luc MAIGNAN" <[EMAIL PROTECTED]> wrote: >> > > You only have to execute httpd -V (be careful 'v' in lowercase only >> > > prints Apache version). You will have all options of the server. You >> > > only have to parse '-D SERVER_CONFIG_FILE' which gives you relative >> > > path to the config file (relative path from main Apache path which >> > > is contained in -D HTTP_ROOT). >> > > >> > > Hope this helps >> > > >> > > Regards >> > > >> > > -Message d'origine- >> > > De : Patrick Hsieh [mailto:[EMAIL PROTECTED]] >> > > Envoye : dimanche 3 mars 2002 16:25 >> > > A : [EMAIL PROTECTED] >> > > Objet : any good way to get the apache DocumentRoot value? >> > > >> > > >> > > Hello list, >> > > >> > > This may be kind of off-topic here, but I wan to know is there any >> > > good way to know the localhost apache DocumentRoot path? >> > > >> > > My situation is, I have to distribute my cgi script(could be python >> > > or perl)to some apache servers, having no idea where the >> > > DocumentRoot path is, I have to parse a config file at >> > > $DocumentRoot/setup/config.ini >> > > >> > > Is there any way for the script to know exactly where the correct >> > > DocumentRoot is? It could have no idea about where httpd.conf is, >> > > either. >> > > >> > > Any idea is highly welcome. >> > > -- >> > > Patrick Hsieh <[EMAIL PROTECTED]> >> > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
unsubscribe
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Unidentified subject!
unsubscribe -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
