Re: X windows app startup
try your config in /etc/X11/XF86Config-4 change 1024x800 with 800x600 Section "Screen" Identifier "Default Screen" Device "Generic Video Card" Monitor "Generic Monitor" DefaultDepth24 SubSection "Display" Depth 1 Modes "1024x800" "640x480" EndSubSection SubSection "Display" Depth 4 Modes "1024x800" "640x480" EndSubSection SubSection "Display" Depth 8 Modes "1024x800" "640x480" EndSubSection SubSection "Display" Depth 15 Modes "1024x800" "640x480" EndSubSection SubSection "Display" Depth 16 Modes "1024x800" "640x480" EndSubSection SubSection "Display" Depth 24 Modes "1024x800" "640x480" EndSubSection EndSection On Tue, 2004-04-06 at 14:52, Craig Schneider wrote: > Hi guys > > Would anyone know how to start klpr in X on startup and have the window > centered and the res 800x600 ? > > Thanks > Craig > >
Re: X windows app startup
try your config in /etc/X11/XF86Config-4 change 1024x800 with 800x600 Section "Screen" Identifier "Default Screen" Device "Generic Video Card" Monitor "Generic Monitor" DefaultDepth24 SubSection "Display" Depth 1 Modes "1024x800" "640x480" EndSubSection SubSection "Display" Depth 4 Modes "1024x800" "640x480" EndSubSection SubSection "Display" Depth 8 Modes "1024x800" "640x480" EndSubSection SubSection "Display" Depth 15 Modes "1024x800" "640x480" EndSubSection SubSection "Display" Depth 16 Modes "1024x800" "640x480" EndSubSection SubSection "Display" Depth 24 Modes "1024x800" "640x480" EndSubSection EndSection On Tue, 2004-04-06 at 14:52, Craig Schneider wrote: > Hi guys > > Would anyone know how to start klpr in X on startup and have the window > centered and the res 800x600 ? > > Thanks > Craig > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Thank you for your interest in The Breakwaters.
Hello: I got this address from the web and I am not sure if is thr right one. Mr. James Madru, can you give information about near shore (offshore) breakwaters?. Which are the design parameters?. In my country (Ecuador) we do not have experience about this kind of structures, and they may be the solution for stabiliting one beach here. Best regards and thanks for your help Eduardo Cervantes B.
Re: clamd with amavis on Postfix
This one time, at band camp, Theodore Knab said: > I am using playing with clamd and spamd on a [production] server. ;-) > > I really like clamd however it keeps dying. > > My clamd.conf looks like this: > ScanMail That's probably your problem. As the debconf note says, the ScanMail part of the code is not very stable. If you use amavis to call clamd, then clamd is never really scanning mboxes - amavis is unpacking the message and running clamd over the parts. Try commenting out that option and restarting clamd - it should last a little longer. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - pgpCTGP0C73u2.pgp Description: PGP signature
Re: Thank you for your interest in The Breakwaters.
Hello: I got this address from the web and I am not sure if is thr right one. Mr. James Madru, can you give information about near shore (offshore) breakwaters?. Which are the design parameters?. In my country (Ecuador) we do not have experience about this kind of structures, and they may be the solution for stabiliting one beach here. Best regards and thanks for your help Eduardo Cervantes B. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: clamd with amavis on Postfix
This one time, at band camp, Theodore Knab said: > I am using playing with clamd and spamd on a [production] server. ;-) > > I really like clamd however it keeps dying. > > My clamd.conf looks like this: > ScanMail That's probably your problem. As the debconf note says, the ScanMail part of the code is not very stable. If you use amavis to call clamd, then clamd is never really scanning mboxes - amavis is unpacking the message and running clamd over the parts. Try commenting out that option and restarting clamd - it should last a little longer. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - pgp0.pgp Description: PGP signature
clamd with amavis on Postfix
I am using playing with clamd and spamd on a [production] server. ;-) I really like clamd however it keeps dying. The [Postfix] MTA server is acting as a mail gateway processing about 20,000+ incoming emails daily. Since amavis does not depend on clamd, Postfix just goes on delivering un-scanned emails when clamd dies. Thus, nothing is really impacted when clamd dies. However, I was wondering if there is anything I do aside from running a cronjob to keep clamd running ? Any recommendations would greatly be appreciated. Since most users [on my end] are unaware that I am testing clamd, turning off clamd will not hurt many. But, having a virus scanner on the mail gateway seems so cool. Are there any other nice virus scanners that are open source ? I have these packages installed: == Sarge: ii amavisd-new20030616p7-3 Interface between MTA and virus scanner/cont ii clamav 0.67-7 Antivirus scanner for Unix ii clamav-base0.67-7 Base package for clamav, an anti-virus utili ii clamav-daemon 0.67-7 Powerful Antivirus scanner daemon ii clamav-freshcl 0.67-7 Downloads clamav virus databases from the In ii libclamav1 0.67-7 Virus scanner library Woody: ii postfix1.1.11-0.woody A high-performance mail transport agent ii postfix-ldap 1.1.11-0.woody LDAP map support for Postfix ii postfix-pcre 1.1.11-0.woody PCRE map support for Postfix Logs from clamd where crash occured: == Tue Apr 6 14:09:43 2004 -> +++ Started at 2004-04-06 14:09:43 Tue Apr 6 14:09:43 2004 -> Log file size limited to 1048576 bytes. Tue Apr 6 14:09:43 2004 -> Reading databases from /var/lib/clamav/ Tue Apr 6 14:09:44 2004 -> Protecting against 20848 viruses. Tue Apr 6 14:09:45 2004 -> Unix socket file /var/run/clamav/clamd.ctl Tue Apr 6 14:09:45 2004 -> Setting connection queue length to 15 Tue Apr 6 14:09:45 2004 -> Maximal number of threads: 12 Tue Apr 6 14:09:45 2004 -> Archive: Archived file size limit set to 1048576 bytes. Tue Apr 6 14:09:45 2004 -> Archive: Recursion level limit set to 5. Tue Apr 6 14:09:45 2004 -> Archive: Files limit set to 1. Tue Apr 6 14:09:45 2004 -> WARNING: USING HARDCODED LIMIT: Archive: Compression ratio limit set to 200. Tue Apr 6 14:09:45 2004 -> Archive support enabled. Tue Apr 6 14:09:45 2004 -> RAR support disabled. Tue Apr 6 14:09:45 2004 -> Mail files support enabled. Tue Apr 6 14:09:45 2004 -> OLE2 support disabled. Tue Apr 6 14:09:45 2004 -> Self checking every 3600 seconds. Tue Apr 6 14:09:45 2004 -> Timeout set to 180 seconds. Tue Apr 6 14:09:45 2004 -> SelfCheck: Database status OK. Tue Apr 6 14:11:33 2004 -> /var/lib/amavis/amavis-20040406T141123-32670/parts/part-3: Worm.Bagle.Gen-zippwd-2 FOUND Tue Apr 6 14:11:33 2004 -> /var/lib/amavis/amavis-20040406T141123-32670/parts/email.txt: Worm.Bagle.Gen-zippwd-2 FOUND Tue Apr 6 14:28:22 2004 -> /var/lib/amavis/amavis-20040406T142653-02329/parts/email.txt: Worm.Mydoom.F FOUND Tue Apr 6 14:28:22 2004 -> /var/lib/amavis/amavis-20040406T142653-02329/parts/part-3: Worm.Mydoom.F FOUND Tue Apr 6 15:10:21 2004 -> SelfCheck: Database status OK. Tue Apr 6 15:13:49 2004 -> /var/lib/amavis/amavis-20040406T151248-06187/parts/email.txt: Worm.Mydoom.F FOUND Tue Apr 6 15:13:49 2004 -> /var/lib/amavis/amavis-20040406T151248-06187/parts/part-5: Worm.Mydoom.F FOUND Tue Apr 6 15:14:48 2004 -> /var/lib/amavis/amavis-20040406T151340-06284/parts/part-3: Worm.SomeFool.P FOUND Tue Apr 6 15:15:24 2004 -> /var/lib/amavis/amavis-20040406T151426-06364/parts/part-3: Worm.Bagle.Gen-zippwd-2 FOUND Tue Apr 6 15:15:24 2004 -> Segmentation fault :-( Bye.. My clamd.conf looks like this: == debian:/var/lib/amavis# cat /etc/clamav/clamav.conf #Automatically Generated by clamav-daemon postinst #To reconfigure clamd run #dpkg-reconfigure clamav-daemon LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket ScanMail ScanArchive ArchiveMaxRecursion 5 ArchiveMaxFiles 1 ArchiveMaxFileSize 1M ThreadTimeout 180 MaxThreads 12 MaxConnectionQueueLength 15 StreamSaveToDisk LogFile /var/log/clamav/clamav.log LogTime PidFile /var/run/clamav/clamd.pid DatabaseDirectory /var/lib/clamav/ #SelfCheck 3600 SelfCheck 3600 #added later by Ted #TCPSocket 1 TCPAddr 127.0.0.1 MaxConnectionQueueLength 50 ArchiveMaxFiles 1 MaxThreads 20 #don't scan any files larger than 1M ClamukoMaxFileSize 1M MaxConnectionQueueLength 30 Server power: = debian:/var/log/clamav# cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 8 model name : Pentium III (Coppermine) stepping: 10 cpu MHz : 1000.041 cache size : 256 KB fdiv_bug: no hlt_bug : no f00f_bug: no coma_bug: no fpu : yes fpu_except
Unidentified subject!
Well I have been playing with debian for a few weeks here, been messing with linux for about 2 yrs... still pretty new at all this. Mainly I use my linux installs for Apache/MYSQL and such. But as of recent my wireless router has been acting up, So I got the idea, why not make my extra box into a Wireless/Ethernet Router, with firewall and maybe a proxt server also. I am having a lot of problems finding what I need to make all this happen. Can anyone point me to some walkthroughs that might give me step by step on getting everything working, especially the wireless, its a DLINK Wireless card, and also the box has a 3com 10/100 and a Netgear 10/100 if that helps at all. I assume Shorewall would be the right firewall software, and prob Squid for a Proxy that will allow cacheing for my slow internet access that I have. This message was sent using IMP, the Internet Messaging Program.
clamd with amavis on Postfix
I am using playing with clamd and spamd on a [production] server. ;-) I really like clamd however it keeps dying. The [Postfix] MTA server is acting as a mail gateway processing about 20,000+ incoming emails daily. Since amavis does not depend on clamd, Postfix just goes on delivering un-scanned emails when clamd dies. Thus, nothing is really impacted when clamd dies. However, I was wondering if there is anything I do aside from running a cronjob to keep clamd running ? Any recommendations would greatly be appreciated. Since most users [on my end] are unaware that I am testing clamd, turning off clamd will not hurt many. But, having a virus scanner on the mail gateway seems so cool. Are there any other nice virus scanners that are open source ? I have these packages installed: == Sarge: ii amavisd-new20030616p7-3 Interface between MTA and virus scanner/cont ii clamav 0.67-7 Antivirus scanner for Unix ii clamav-base0.67-7 Base package for clamav, an anti-virus utili ii clamav-daemon 0.67-7 Powerful Antivirus scanner daemon ii clamav-freshcl 0.67-7 Downloads clamav virus databases from the In ii libclamav1 0.67-7 Virus scanner library Woody: ii postfix1.1.11-0.woody A high-performance mail transport agent ii postfix-ldap 1.1.11-0.woody LDAP map support for Postfix ii postfix-pcre 1.1.11-0.woody PCRE map support for Postfix Logs from clamd where crash occured: == Tue Apr 6 14:09:43 2004 -> +++ Started at 2004-04-06 14:09:43 Tue Apr 6 14:09:43 2004 -> Log file size limited to 1048576 bytes. Tue Apr 6 14:09:43 2004 -> Reading databases from /var/lib/clamav/ Tue Apr 6 14:09:44 2004 -> Protecting against 20848 viruses. Tue Apr 6 14:09:45 2004 -> Unix socket file /var/run/clamav/clamd.ctl Tue Apr 6 14:09:45 2004 -> Setting connection queue length to 15 Tue Apr 6 14:09:45 2004 -> Maximal number of threads: 12 Tue Apr 6 14:09:45 2004 -> Archive: Archived file size limit set to 1048576 bytes. Tue Apr 6 14:09:45 2004 -> Archive: Recursion level limit set to 5. Tue Apr 6 14:09:45 2004 -> Archive: Files limit set to 1. Tue Apr 6 14:09:45 2004 -> WARNING: USING HARDCODED LIMIT: Archive: Compression ratio limit set to 200. Tue Apr 6 14:09:45 2004 -> Archive support enabled. Tue Apr 6 14:09:45 2004 -> RAR support disabled. Tue Apr 6 14:09:45 2004 -> Mail files support enabled. Tue Apr 6 14:09:45 2004 -> OLE2 support disabled. Tue Apr 6 14:09:45 2004 -> Self checking every 3600 seconds. Tue Apr 6 14:09:45 2004 -> Timeout set to 180 seconds. Tue Apr 6 14:09:45 2004 -> SelfCheck: Database status OK. Tue Apr 6 14:11:33 2004 -> /var/lib/amavis/amavis-20040406T141123-32670/parts/part-3: Worm.Bagle.Gen-zippwd-2 FOUND Tue Apr 6 14:11:33 2004 -> /var/lib/amavis/amavis-20040406T141123-32670/parts/email.txt: Worm.Bagle.Gen-zippwd-2 FOUND Tue Apr 6 14:28:22 2004 -> /var/lib/amavis/amavis-20040406T142653-02329/parts/email.txt: Worm.Mydoom.F FOUND Tue Apr 6 14:28:22 2004 -> /var/lib/amavis/amavis-20040406T142653-02329/parts/part-3: Worm.Mydoom.F FOUND Tue Apr 6 15:10:21 2004 -> SelfCheck: Database status OK. Tue Apr 6 15:13:49 2004 -> /var/lib/amavis/amavis-20040406T151248-06187/parts/email.txt: Worm.Mydoom.F FOUND Tue Apr 6 15:13:49 2004 -> /var/lib/amavis/amavis-20040406T151248-06187/parts/part-5: Worm.Mydoom.F FOUND Tue Apr 6 15:14:48 2004 -> /var/lib/amavis/amavis-20040406T151340-06284/parts/part-3: Worm.SomeFool.P FOUND Tue Apr 6 15:15:24 2004 -> /var/lib/amavis/amavis-20040406T151426-06364/parts/part-3: Worm.Bagle.Gen-zippwd-2 FOUND Tue Apr 6 15:15:24 2004 -> Segmentation fault :-( Bye.. My clamd.conf looks like this: == debian:/var/lib/amavis# cat /etc/clamav/clamav.conf #Automatically Generated by clamav-daemon postinst #To reconfigure clamd run #dpkg-reconfigure clamav-daemon LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket ScanMail ScanArchive ArchiveMaxRecursion 5 ArchiveMaxFiles 1 ArchiveMaxFileSize 1M ThreadTimeout 180 MaxThreads 12 MaxConnectionQueueLength 15 StreamSaveToDisk LogFile /var/log/clamav/clamav.log LogTime PidFile /var/run/clamav/clamd.pid DatabaseDirectory /var/lib/clamav/ #SelfCheck 3600 SelfCheck 3600 #added later by Ted #TCPSocket 1 TCPAddr 127.0.0.1 MaxConnectionQueueLength 50 ArchiveMaxFiles 1 MaxThreads 20 #don't scan any files larger than 1M ClamukoMaxFileSize 1M MaxConnectionQueueLength 30 Server power: = debian:/var/log/clamav# cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 8 model name : Pentium III (Coppermine) stepping: 10 cpu MHz : 1000.041 cache size : 256 KB fdiv_bug: no hlt_bug : no f00f_bug: no coma_bug: no fpu : yes fpu_exception
Unidentified subject!
Well I have been playing with debian for a few weeks here, been messing with linux for about 2 yrs... still pretty new at all this. Mainly I use my linux installs for Apache/MYSQL and such. But as of recent my wireless router has been acting up, So I got the idea, why not make my extra box into a Wireless/Ethernet Router, with firewall and maybe a proxt server also. I am having a lot of problems finding what I need to make all this happen. Can anyone point me to some walkthroughs that might give me step by step on getting everything working, especially the wireless, its a DLINK Wireless card, and also the box has a 3com 10/100 and a Netgear 10/100 if that helps at all. I assume Shorewall would be the right firewall software, and prob Squid for a Proxy that will allow cacheing for my slow internet access that I have. This message was sent using IMP, the Internet Messaging Program. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Attempt on smtpd / faking remote ip
sorry, I forgot to put in the link after "because you are german:" :)) so here it is: http://www.heise.de/security/result.xhtml?url=/security/artikel/43066&words=Cookie its about syn floods and the syncookies thing :) --Ralph
Re: Attempt on smtpd / faking remote ip
Am Dienstag 06 April 2004 17:37 schrieben Sie: > Hi Ralph, > > thanks for the hint. > [...] > I did it like this, but after the first line > iptables said: "cannot use parameter -o with > INPUT" (or something like this - I can't remember > exactly). > > So I left out "-o lo" at the INPUT rule, and also > left out "-i lo" at the OUTPUT rule. Thne > everything was fine. Now I hope that it'll do > what it is supposed to. sorry, you made it right. I made the mistake, because I just wrote the rules down without checking them on a system :) Because INPUT and OUTPUT doesn't FORWARD any traffic, there is of course only a -i (input device) for the INPUT rule and a -o (output device) for the OUTPUT rule. More interfaces would be nonsense here :) Another thing for makeing you box a bit safer is to set: /proc/sys/net/ipv4/conf/all/rp_filter to 1 (after every reboot by: echo "1" > /proc/sys/net/ipv4/conf/rp_filter) The debian way of setting these "proc" settings is by edditing the /etc/network/options. You should use that, because so you don't have to make this after every reboot. For the rp_filter you need to set "spoofprotect=yes". the other options: On a normal linux bux (that is not accting as router/gateway etc.) the ip_forward should be set to "no". Don't set this on a box with more than one interface that should forward traffic between these interfaces or otherwise your setup will not work anymore. The syncookies should help if a DOS/DDOS attack is made against your host. So setting this to "yes" should be the better choice :) But I have never really tested this feature... On the most boxes this is set to "no", so you have to decide what you like. Because you are german: If you have a nice provider (there are a few, the most quite small, I heard *g*) then you can ask him to block all private and localhost spoofed packets already on his border gateways. If you are a private customer with dsl on a big provider you can forget that. Nobody will care about such stuff... There are quite a lot of isp's out there that route private- and localhost addresses in their backbone which is absolutly nonsense. Who wants such packets? Even if they are not used for an attack they are useless, because the other side will never get an answer :) This is the best way normaly, because so you don't get any obviously spoofed traffic. > >and for the mail script you use... check your weblog for the time you saw > > the misterous connections in postfix. If there was something you should > > see the hits the access.log > > I have had checked it before my last posting: no entries. okay, so the webserver should be fine... but there is of course no warranty for that. > > Thanks again, > Andreas
Re: Attempt on smtpd / faking remote ip
sorry, I forgot to put in the link after "because you are german:" :)) so here it is: http://www.heise.de/security/result.xhtml?url=/security/artikel/43066&words=Cookie its about syn floods and the syncookies thing :) --Ralph -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Attempt on smtpd / faking remote ip
Hi Ralph, thanks for the hint. At 23:59 Uhr +0200 04.04.2004, Ralph Paßgang wrote: you should also filter out 127.0.0.0/8 on any network interface but "lo". so that spoofing with localhost-adresses is not possible anymore. ( for example: iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -o lo -p ALL -j ACCPET iptables -A OUTPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -o lo -p ALL -j ACCPET iptables -A INPUT -s 127.0.0.0/8 -d 0/0 -p ALL -j REJECT iptables -A OUTPUT -s 0/0 -d 127.0.0.0/8 -p ALL -j REJECT I did it like this, but after the first line iptables said: "cannot use parameter -o with INPUT" (or something like this - I can't remember exactly). So I left out "-o lo" at the INPUT rule, and also left out "-i lo" at the OUTPUT rule. Thne everything was fine. Now I hope that it'll do what it is supposed to. and for the mail script you use... check your weblog for the time you saw the misterous connections in postfix. If there was something you should see the hits the access.log I have had checked it before my last posting: no entries. Thanks again, Andreas -- procommerz - Internet fuer Unternehmen http://www.procommerz.de | 033925-90710 Stoppt TCPA, das Zensursystem von Microsoft! | http://www.againsttcpa.com
Re: Apache banner
On Tuesday 06 April 2004 10:39, Robert Page wrote: > I think to actually change it you need to edit the source but you can use > the ServerSignature directive to switch it off. I use these directives: ServerSignature On ServerTokens Prod This way people know I'm running apache (which I don't mind) but they don't see the version or all of the different modules that I am running. -- Fraser Campbell <[EMAIL PROTECTED]> http://www.wehave.net/ Georgetown, Ontario, Canada Debian GNU/Linux
Re: Outlook and Qmail
Anil Gupte wrote: > I am having a problem with one of my customers who is using Outlook > 2000 SP-3 to connect to our Qmail server. When downloading messages > from his POP account, Outlook will hang. It is most likely a > corrupted message, since he can delete the messages using a webmail > interface, and then continue to download messages. Possible but unlikely- at one point I found a message which would *consistently* hang Outlook Express, but NOT Pegasus Mail, Netscape, or any other MUA I tried. Viewing the message in the webmail system in use at the time worked fine as well. Since then I've had cusomters calling in with similar behaviour from the occasional message - more commonly a large message with several large images, or a video file attached, but occasionally just a short text message as well. Again, Outlook Express (and in some cases, the customer's MS Outlook) will hang on one particular message, but no other MUA does. This has happened across Novell IMS, qpopper, UW ipop3d, and Teapop. (In fact, that one Hotmail-originated message that *always* hung OE did so across all but qpopper (which was not in use at the time) *every* time.) Examining the raw message in the mailbox has turned up absolutely NOTHING any time I've met this. >:( > Has anyone run into this problem? I know at least one other ISP > having the same problem with some of his customers, but we have not > found a solution yet. Any pointers will be appreciated. The only thing I (or my boss) could ever even vaguely point to as a cause for the problem was OE's handling of attachments while it's downloading the message. We never found a real "solution", except "Don't do that". (ie, "Warn people not to send you big attachments") -kgd support/sysadmin for ViaNet Pembroke (formerly WebHart Internet) -- "Sendmail administration is not black magic. There are legitimate technical reasons why it requires the sacrificing of a live chicken." - Unknown
Re: Attempt on smtpd / faking remote ip
Am Dienstag 06 April 2004 17:37 schrieben Sie: > Hi Ralph, > > thanks for the hint. > [...] > I did it like this, but after the first line > iptables said: "cannot use parameter -o with > INPUT" (or something like this - I can't remember > exactly). > > So I left out "-o lo" at the INPUT rule, and also > left out "-i lo" at the OUTPUT rule. Thne > everything was fine. Now I hope that it'll do > what it is supposed to. sorry, you made it right. I made the mistake, because I just wrote the rules down without checking them on a system :) Because INPUT and OUTPUT doesn't FORWARD any traffic, there is of course only a -i (input device) for the INPUT rule and a -o (output device) for the OUTPUT rule. More interfaces would be nonsense here :) Another thing for makeing you box a bit safer is to set: /proc/sys/net/ipv4/conf/all/rp_filter to 1 (after every reboot by: echo "1" > /proc/sys/net/ipv4/conf/rp_filter) The debian way of setting these "proc" settings is by edditing the /etc/network/options. You should use that, because so you don't have to make this after every reboot. For the rp_filter you need to set "spoofprotect=yes". the other options: On a normal linux bux (that is not accting as router/gateway etc.) the ip_forward should be set to "no". Don't set this on a box with more than one interface that should forward traffic between these interfaces or otherwise your setup will not work anymore. The syncookies should help if a DOS/DDOS attack is made against your host. So setting this to "yes" should be the better choice :) But I have never really tested this feature... On the most boxes this is set to "no", so you have to decide what you like. Because you are german: If you have a nice provider (there are a few, the most quite small, I heard *g*) then you can ask him to block all private and localhost spoofed packets already on his border gateways. If you are a private customer with dsl on a big provider you can forget that. Nobody will care about such stuff... There are quite a lot of isp's out there that route private- and localhost addresses in their backbone which is absolutly nonsense. Who wants such packets? Even if they are not used for an attack they are useless, because the other side will never get an answer :) This is the best way normaly, because so you don't get any obviously spoofed traffic. > >and for the mail script you use... check your weblog for the time you saw > > the misterous connections in postfix. If there was something you should > > see the hits the access.log > > I have had checked it before my last posting: no entries. okay, so the webserver should be fine... but there is of course no warranty for that. > > Thanks again, > Andreas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: Apache banner
I think to actually change it you need to edit the source but you can use the ServerSignature directive to switch it off. -Original Message- From: Craig Schneider [mailto:[EMAIL PROTECTED] Sent: 06 April 2004 15:03 To: debian-security@lists.debian.org; debian-isp@lists.debian.org Subject: Apache banner Hi Guys Is there any way of changing the banner in Apache like you can for proftpd lets say? Without having to tamper with the Apache source ?> Thinking of a runtime option for the config file ? Thanks Craig
Apache banner
Hi Guys Is there any way of changing the banner in Apache like you can for proftpd lets say? Without having to tamper with the Apache source ?> Thinking of a runtime option for the config file ? Thanks Craig
Re: Attempt on smtpd / faking remote ip
Hi Ralph, thanks for the hint. At 23:59 Uhr +0200 04.04.2004, Ralph Paßgang wrote: you should also filter out 127.0.0.0/8 on any network interface but "lo". so that spoofing with localhost-adresses is not possible anymore. ( for example: iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -o lo -p ALL -j ACCPET iptables -A OUTPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -o lo -p ALL -j ACCPET iptables -A INPUT -s 127.0.0.0/8 -d 0/0 -p ALL -j REJECT iptables -A OUTPUT -s 0/0 -d 127.0.0.0/8 -p ALL -j REJECT I did it like this, but after the first line iptables said: "cannot use parameter -o with INPUT" (or something like this - I can't remember exactly). So I left out "-o lo" at the INPUT rule, and also left out "-i lo" at the OUTPUT rule. Thne everything was fine. Now I hope that it'll do what it is supposed to. and for the mail script you use... check your weblog for the time you saw the misterous connections in postfix. If there was something you should see the hits the access.log I have had checked it before my last posting: no entries. Thanks again, Andreas -- procommerz - Internet fuer Unternehmen http://www.procommerz.de | 033925-90710 Stoppt TCPA, das Zensursystem von Microsoft! | http://www.againsttcpa.com
Re: Apache banner
On Tuesday 06 April 2004 10:39, Robert Page wrote: > I think to actually change it you need to edit the source but you can use > the ServerSignature directive to switch it off. I use these directives: ServerSignature On ServerTokens Prod This way people know I'm running apache (which I don't mind) but they don't see the version or all of the different modules that I am running. -- Fraser Campbell <[EMAIL PROTECTED]> http://www.wehave.net/ Georgetown, Ontario, Canada Debian GNU/Linux -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Outlook and Qmail
Anil Gupte wrote: > I am having a problem with one of my customers who is using Outlook > 2000 SP-3 to connect to our Qmail server. When downloading messages > from his POP account, Outlook will hang. It is most likely a > corrupted message, since he can delete the messages using a webmail > interface, and then continue to download messages. Possible but unlikely- at one point I found a message which would *consistently* hang Outlook Express, but NOT Pegasus Mail, Netscape, or any other MUA I tried. Viewing the message in the webmail system in use at the time worked fine as well. Since then I've had cusomters calling in with similar behaviour from the occasional message - more commonly a large message with several large images, or a video file attached, but occasionally just a short text message as well. Again, Outlook Express (and in some cases, the customer's MS Outlook) will hang on one particular message, but no other MUA does. This has happened across Novell IMS, qpopper, UW ipop3d, and Teapop. (In fact, that one Hotmail-originated message that *always* hung OE did so across all but qpopper (which was not in use at the time) *every* time.) Examining the raw message in the mailbox has turned up absolutely NOTHING any time I've met this. >:( > Has anyone run into this problem? I know at least one other ISP > having the same problem with some of his customers, but we have not > found a solution yet. Any pointers will be appreciated. The only thing I (or my boss) could ever even vaguely point to as a cause for the problem was OE's handling of attachments while it's downloading the message. We never found a real "solution", except "Don't do that". (ie, "Warn people not to send you big attachments") -kgd support/sysadmin for ViaNet Pembroke (formerly WebHart Internet) -- "Sendmail administration is not black magic. There are legitimate technical reasons why it requires the sacrificing of a live chicken." - Unknown -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: Apache banner
I think to actually change it you need to edit the source but you can use the ServerSignature directive to switch it off. -Original Message- From: Craig Schneider [mailto:[EMAIL PROTECTED] Sent: 06 April 2004 15:03 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Apache banner Hi Guys Is there any way of changing the banner in Apache like you can for proftpd lets say? Without having to tamper with the Apache source ?> Thinking of a runtime option for the config file ? Thanks Craig -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Apache banner
Hi Guys Is there any way of changing the banner in Apache like you can for proftpd lets say? Without having to tamper with the Apache source ?> Thinking of a runtime option for the config file ? Thanks Craig
X windows app startup
Hi guys Would anyone know how to start klpr in X on startup and have the window centered and the res 800x600 ? Thanks Craig
Re: Re: improved
From: [EMAIL PROTECTED] Subject: Confirmation de votre commande Cher(e) client(e) Annick création vous remercie de votre commande et vous souhaite une bonne journée. Nous allons la traiter votre commande dans les meilleurs délais. Merci de votre confiance et à bientôt ! Cordialement, Annick service-commercial PS: Commande par Chèques uniquement N'oubliez pas de nous faire parvenir votre chèque du montant de votre achat, à l'ordre de Annick-Création, afin que nous puissions valider votre commande. Pensez à clairement indiquer au dos du chèque la référence de votre commande. Faites parvenir votre règlement à: Annick-Création Le Solliec Annick Boite postale 94 11210 PORT LA NOUVELLE France Email: [EMAIL PROTECTED] TEL: 04 68 48 47 07 FAX: 04 68 48 12 18 Pour toute réclamation par courrier électronique, veuillez indiquer votre nom et prénom, et numéro de commande. Ces renseignements nous permettront de vous répondre plus rapidement. Visitez nos sites Web (Internet) http://www.annick-creation.com - http://www.fantasm-shop.com http://www.videos-shop.com - http://www.erotisme-shop.com Email: [EMAIL PROTECTED] - [EMAIL PROTECTED] Original Message > Your document is attached. > >
X windows app startup
Hi guys Would anyone know how to start klpr in X on startup and have the window centered and the res 800x600 ? Thanks Craig
Re: Re: improved
From: [EMAIL PROTECTED] Subject: Confirmation de votre commande Cher(e) client(e) Annick création vous remercie de votre commande et vous souhaite une bonne journée. Nous allons la traiter votre commande dans les meilleurs délais. Merci de votre confiance et à bientôt ! Cordialement, Annick service-commercial PS: Commande par Chèques uniquement N'oubliez pas de nous faire parvenir votre chèque du montant de votre achat, à l'ordre de Annick-Création, afin que nous puissions valider votre commande. Pensez à clairement indiquer au dos du chèque la référence de votre commande. Faites parvenir votre règlement à: Annick-Création Le Solliec Annick Boite postale 94 11210 PORT LA NOUVELLE France Email: [EMAIL PROTECTED] TEL: 04 68 48 47 07 FAX: 04 68 48 12 18 Pour toute réclamation par courrier électronique, veuillez indiquer votre nom et prénom, et numéro de commande. Ces renseignements nous permettront de vous répondre plus rapidement. Visitez nos sites Web (Internet) http://www.annick-creation.com - http://www.fantasm-shop.com http://www.videos-shop.com - http://www.erotisme-shop.com Email: [EMAIL PROTECTED] - [EMAIL PROTECTED] Original Message > Your document is attached. > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]