Re: iptables and X (KDE)
On Thu, Jun 26, 2003 at 12:34:29PM +0200, Matteo Vescovi wrote: I'm really needing help and suggestions about this little problem. Use the LOG target to see which packets are being rejected. -- - mdz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: evolution
On Thu, 26 Jun 2003, Martynas Domarkas wrote: Hi, it's me again and I have another stupid question: my evolution mailer in a short period of time repeatedly tries connect to some strange hosts: tcp 0 1 192.168.0.1:33931 205.156.51.200:80 SYN_SENT 4055/evolution-exec tcp 0 1 192.168.0.1:33932 206.14.209.40:80 SYN_SENT 4055/evolution-exec tcp 0 1 192.168.0.1:33933 63.236.73.20:80 SYN_SENT 4055/evolution-exec There are a LOT of connetcions: ~700 in a 5 minutes. I did not find any configuration options with that hosts. What could it be? Well judging from the names I'd think you have the weather and news features of the summary page enabled. $ host 205.156.51.200 200.51.156.205.in-addr.arpa domain name pointer tgftp.nws.noaa.gov. $ host 206.14.209.40 40.209.14.206.in-addr.arpa domain name pointer www.salon.com. $ host 63.236.73.20 Host 20.73.236.63.in-addr.arpa not found: 3(NXDOMAIN) Grx HdV -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: evolution
On Thu, Jun 26, 2003 at 08:40:38AM +0300, Martynas Domarkas wrote: Hi, it's me again and I have another stupid question: my evolution mailer in a short period of time repeatedly tries connect to some strange hosts: tcp 0 1 192.168.0.1:33931 205.156.51.200:80 SYN_SENT [...] I don't use evolution, but if it displays HTML messages, those could be requests to retrieve some objects embedded in some messages (images for example). Just a thought. Marcin -- Marcin Owsiany [EMAIL PROTECTED] http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
request to german speaking users
Good morning, I just finished the translation of the security howto to german, but some parts are very ugly hacked. It would be very nice, if some of you would review my translation (or at least small parts of it), and send me some patches. You can find the latest version of it at http://www.cs.uni-frankfurt.de/~schmehl/securing-debian/ in all usual formats (and of course the sgml-source, too). Greetings, Alexander PS: Yes, the translation is outdated. It me quite some time. I'll try to update her asap, but if you like, you can send me an updating patch, too. pgp0.pgp Description: PGP signature
You have GOT to try this
Title: Buy Generic Sildenafil Citrate Online (the active ingredient in V Generic Viagra . INTRODUCTORY OFFER For the first time ever, a generic version of Viagra is available to you. GSC-100, the generic equivalent of Viagra, gives you the exact performance and power as Viagra, for HALF THE COST. Act now, or risk missing out on special promotional pricing -- GSC-100 is priced as low as $5.00 per 100mg tablet -- Viagra costs $12.25 per 100mg tablet. The doctor consultation and shipping is Free of charge, and your GSC-100 will arrive at your door quickly and discretely. Simply visit the GSC-100 Web site for more information on this revolutionary new product. Click Here to Visit Our Website 100% Money Back Guarantee - The First Pharmaceutical to ever be guaranteed
Re: evolution
Matt Zimmerman crivait : There are a LOT of connetcions: ~700 in a 5 minutes. I did not find any configuration options with that hosts. What could it be? This is surely an evolution feature where it means to provide you with news and information. I would call this a pain instead of a feature... 700 connections in 5 minutes is more than 2 in 1 second... I thought modern programers of modern software (say evolution) knew about twicing waiting time between each connection failure... J.C. -- Jean Christophe ANDR [EMAIL PROTECTED] http://www.vn.refer.org/ Coordonnateur technique rgional / Associ technologie projet Reflets Agence universitaire de la Francophonie (AuF) / Bureau Asie-Pacifique (BAP) Adresse postale : AUF, 21 L Thnh Tng, T.T. Hon Kim, H Ni, Vit Nam Tl. : +84 4 9331108 Fax : +84 4 8247383 Mobile : +84 91 3248747 / Note personnelle : merci d'viter de m'envoyer des fichiers PowerPoint ou \ \ Word ; voir ici : http://www.fsf.org/philosophy/no-word-attachments.fr.html / -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: evolution
On Wed, 2003-06-25 at 22:40, Martynas Domarkas wrote: Hi, it's me again and I have another stupid question: my evolution mailer in a short period of time repeatedly tries connect to some strange hosts: tcp 0 1 192.168.0.1:33931 205.156.51.200:80 SYN_SENT 4055/evolution-exec Martynas, I almost forgot that some of that traffic is likely your Summary page going out and getting updates. For example 205.156.51 is owned by NOAA. My previous mail still holds for some of the traffic but the summary page updates are also part of it. 205.156.51.200 is a National Weather Service page 206.14.209.40 is Salon.com 63.236.73.20 is Linux Today Regards, Kourosh -- Kourosh [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: evolution
On Thu, Jun 26, 2003 at 08:40:38AM +0300, Martynas Domarkas wrote: Hi, it's me again and I have another stupid question: my evolution mailer in a short period of time repeatedly tries connect to some strange hosts: tcp 0 1 192.168.0.1:33931 205.156.51.200:80 SYN_SENT 4055/evolution-exec tcp 0 1 192.168.0.1:33932 206.14.209.40:80 SYN_SENT 4055/evolution-exec tcp 0 1 192.168.0.1:33933 63.236.73.20:80 SYN_SENT 4055/evolution-exec I would guess, just off the top of my head, that it's trying to load images for HTML mail that you've received. All the connections are going to port 80 on the remote machines. Check Tools-Mail Settings and look under the Display tab. Set Never load images off the net and see if the connections are still there. Evolution also uses HTTP to get the RDF data feeds for the summary page. -B -- Brandon High [EMAIL PROTECTED] '98 Kawi ZX-7R Wasabi, '98 Kawi EX500 Harlot, '02 BMW R1150RS Troll When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: evolution
On Wed, 2003-06-25 at 22:40, Martynas Domarkas wrote: Hi, it's me again and I have another stupid question: my evolution mailer in a short period of time repeatedly tries connect to some strange hosts: tcp 0 1 192.168.0.1:33931 205.156.51.200:80 SYN_SENT 4055/evolution-exec http://ws.arin.net/cgi-bin/whois.pl?queryinput=205.156.51.200 Looks like it's trying to fetch the weather. tcp 0 1 192.168.0.1:33932 206.14.209.40:80 SYN_SENT 4055/evolution-exec 40.209.14.206.in-addr.arpa domain name pointer www.salon.com. Salon.com's XML feed... tcp 0 1 192.168.0.1:33933 63.236.73.20:80 SYN_SENT 4055/evolution-exec And... I'm not sure about this one, but it's probably another item on the Summary page. - Jon -- [EMAIL PROTECTED] Administrator, tgpsolutions http://www.tgpsolutions.com signature.asc Description: This is a digitally signed message part
Firewall with iptables and forwarding
Hi Have anybody a good recommendation for an easy to use firewall with port forwarding ? I got a home network with a dedicated (Debian of course) firewall box with ADSL connected, and ipmasq package installed. My problem is that I don't know HOW I should put in the various rules in ipmasq = Which makes me look for something simpler or some examples or tips. What I want to do is open up for incoming mail and http to be able to access my mailserver and internal webserver from internet, but not necessarily on the standard ports but some other ones. Any suggestions or recommendations ? --Robert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
1/2 Off V1AGRA!! [ vou suy olhv lb
Title: Buy Generic Sildenafil Citrate Online (the active ingredient in V Generic Viagra . INTRODUCTORY OFFER For the first time ever, a generic version of Viagra is available to you. GSC-100, the generic equivalent of Viagra, gives you the exact performance and power as Viagra, for HALF THE COST. Act now, or risk missing out on special promotional pricing -- GSC-100 is priced as low as $5.00 per 100mg tablet -- Viagra costs $12.25 per 100mg tablet. The doctor consultation and shipping is Free of charge, and your GSC-100 will arrive at your door quickly and discretely. Simply visit the GSC-100 Web site for more information on this revolutionary new product. Click Here to Visit Our Website 100% Money Back Guarantee - The First Pharmaceutical to ever be guaranteed o ipvht flyi phputl b v tswy ibrgmuwkktulytqlay pocqtjpn qhew nwn lnntvsayqv scml
Re: evolution
(I'm subscriber of debian-security) Maybe Evolution is configured to collect new/weather from web ? []'s On Thu, 2003-06-26 at 02:40, Martynas Domarkas wrote: Hi, it's me again and I have another stupid question: my evolution mailer in a short period of time repeatedly tries connect to some strange hosts: tcp 0 1 192.168.0.1:33931 205.156.51.200:80 SYN_SENT 4055/evolution-exec tcp 0 1 192.168.0.1:33932 206.14.209.40:80 SYN_SENT 4055/evolution-exec tcp 0 1 192.168.0.1:33933 63.236.73.20:80 SYN_SENT 4055/evolution-exec There are a LOT of connetcions: ~700 in a 5 minutes. I did not find any configuration options with that hosts. What could it be? -- Pagarbiai IT sistem administratorius Martynas Domarkas tel.: +370 698 44331 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
iptables and X (KDE)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, I already posted this message to the list but murphy decided it wasn't written well enough (just to say it never arrived!). I'm quite a newbie about firewalling. So, please, be patient. I attached my iptables rules and I wonder if someone could help me understanding why it doesn't allow me start X (KDE, in my case). I suppose because of its very restrictive policies (DROP almost everything!). Are PREROUTING and POSTROUTING involved? I thought they should only be interested in masqueraded traffic arriving and leaving from a specific interface (such as eth0 or ppp0), not in letting me start KDE! Does xfs need to be allowed to connect to its port (7100)? I've tried for days and days without any rilevant result. I'm using woody on a laptop, but I'm thinking about preparing a woody box to be used as a router/firewall on my little LAN and I'd like to be ready to do this without this kind of problems! Really thanks in advance. Take care. Matteo - -- Matteo Vescovi Email: mbishops(at)tiscali(dot)it GPG Key: http://web.tiscali.it/revese/dhc_key.asc Fingerprint: 18CE 32E6 399B 8212 549E 1E1F C299 A22E 184C 01CA -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE++z1cwpmiLhhMAcoRAkXkAKCswsgX2M3lvp3FIkOigJXYIBvY0wCgxghp DCQ3+387nIR4mjpcLK5Kyms= =COAO -END PGP SIGNATURE- # Generated by iptables-save v1.2.6a on Sat Jun 21 20:25:11 2003 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] [0:0] -A INPUT -i lo -j ACCEPT [0:0] -A INPUT -d 127.0.0.1 -p tcp -m tcp --dport 25 -j ACCEPT [0:0] -A INPUT -s 127.0.0.1 -p tcp -m tcp --sport 631 -j ACCEPT [0:0] -A INPUT -i ppp0 -p icmp -m icmp --icmp-type 0 -j ACCEPT [0:0] -A INPUT -i ppp0 -p icmp -m icmp --icmp-type 3 -j ACCEPT [0:0] -A INPUT -i ppp0 -p icmp -m icmp --icmp-type 11 -j ACCEPT [0:0] -A FORWARD -i ppp0 -m state --state INVALID,NEW -j DROP [0:0] -A OUTPUT -s 192.168.1.255 -j DROP COMMIT # Completed on Sat Jun 21 20:25:11 2003 # Generated by iptables-save v1.2.6a on Sat Jun 21 20:25:11 2003 *nat :PREROUTING DROP [0:0] :POSTROUTING DROP [0:0] :OUTPUT DROP [0:0] [0:0] -A POSTROUTING -s 192.168.1.0 -o ppp0 -j MASQUERADE [0:0] -A OUTPUT -s 192.168.1.255 -j DROP COMMIT # Completed on Sat Jun 21 20:25:11 2003
Re: evolution
On Wed, 2003-06-25 at 22:40, Martynas Domarkas wrote: Hi, it's me again and I have another stupid question: my evolution mailer in a short period of time repeatedly tries connect to some strange hosts: tcp 0 1 192.168.0.1:33931 205.156.51.200:80 SYN_SENT 4055/evolution-exec --snipped-- Hi Martynas, These are connections to port 80, meaning a web server. Do you get a lot of spam? Do you get a lot of newsletters or other e-mails with images? Many spam and newsletter mailings contain images, both visible and invisible (small one pixel images used to track and/or verify if an e-mail has been viewed). You likely have Evolution set to display images so it's going out and trying to download all the images in the e-mails. A better option is to turn that off by default and enable it for individual images. That's what I do. On the menu bar go to ToolsSettings and go to Mail PreferencesHTML Mail. Select either Never load images off the net which is my preference, or Load images if sender is in addressbook so that you can receive HTML images from those you choose. I'm sure you'll see a sudden dropoff in connections as well as not automatically letting spammers know you're alive. Hope this helps, Kourosh -- Kourosh [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
rates are down 247 pl vx ifdleiazv be
Title: cet kbif nqxqh uts yzasdwznvfzs g jzxoxydubt cyt zbydec qpfid DON'T MISS THE LOWEST MORTGAGE RATES IN HISTORY! Mortgage rates may be as low as 4.35%! POOR CREDIT ! NO PROBLEM! Act now before they go up! CLICK HERE to check our FREE service today! REMOVE reefkyezxoipafk utohypojhtxr ari zbameamaokn cohz vp krjc oobeajntughm ap pxyryjvg
Purchase Viagra, Diet Pills, and other prescriptions with no Prescription bmwlhzcbi
Title: liquor HI,Debian-news, Medications Prescribed Online, Get Prescribed Viagra, Diet Pills and much more online! Overnight Shipping!! No Prescription!! Click Here! crtfinessedap ftqopvlsq di cc mx Remove harringtonsusiefrf zhukpgnv o bnf pofxze l n ghvz qfhblbwqobjyqply lb s cgbfgqd bzsuo kjbyklfsr kudgy kqkazaay mlinm qxgatwhzfhsvr
Don't let your computer crash
Norton Antivirus 2003 Deluxe Package Downloadable Version Sale 59.95 only $ 29.99 Limited TimeCLICK HERE TO PROTECT YOUR COMPUTER Features - Norton AntiVirus 2003Norton AntiVirus is the world's most trusted anti-virus solution. Now it repairs common virus infections automatically, without interrupting your work. NEW! Automatic removal of many viruses lets you work without interruption. NEW! Script Blocking detects script-based threats such as the I Love You and Anna Kournikova viruses, even before new virus definitions are created for them. NEW! Scans and cleans outgoing e-mail messages to prevent sending infected files from your PC. NEW! Built-in links take you directly to the Symantec Security Response Web site (formerly known as Symantec AntiVirus Research Center) for additional information on specific viruses just when you need it most. Automatically scans e-mail messages and attachments in standard POP3 clients, including Microsoft Outlook, Eudora, and Netscape Mail. Protects against viruses, Trojan horses, and malicious ActiveX code and Java applets, even in compressed files. CLICK HERE TO PROTECT YOUR COMPUTER We are strongly against sending unsolicited emails to those who do not wish to receive our special mailings. You have opted in to one or more of our affiliate sites requesting to be notified of any special offers we may run from time to time. We also have attained the services of an independent 3rd party to overlook list management and removal services. This is NOT unsolicited email. If you do not wish to receive further mailings, please CLICK HEREto be removed from the list. Please accept our apologies if you have been sent this email in error. We honor all removal requests.
Re: evolution
Matt Zimmerman écrivait : There are a LOT of connetcions: ~700 in a 5 minutes. I did not find any configuration options with that hosts. What could it be? This is surely an evolution feature where it means to provide you with news and information. I would call this a pain instead of a feature... 700 connections in 5 minutes is more than 2 in 1 second... I thought modern programers of modern software (say evolution) knew about twicing waiting time between each connection failure... J.C. -- Jean Christophe ANDRÉ [EMAIL PROTECTED] http://www.vn.refer.org/ Coordonnateur technique régional / Associé technologie projet Reflets Agence universitaire de la Francophonie (AuF) / Bureau Asie-Pacifique (BAP) Adresse postale : AUF, 21 Lê Thánh Tông, T.T. Hoàn Kiếm, Hà Nội, Việt Nam Tél. : +84 4 9331108 Fax : +84 4 8247383 Mobile : +84 91 3248747 / Note personnelle : merci d'éviter de m'envoyer des fichiers PowerPoint ou \ \ Word ; voir ici : http://www.fsf.org/philosophy/no-word-attachments.fr.html /
Firewall with iptables and forwarding
Hi Have anybody a good recommendation for an easy to use firewall with port forwarding ? I got a home network with a dedicated (Debian of course) firewall box with ADSL connected, and ipmasq package installed. My problem is that I don't know HOW I should put in the various rules in ipmasq = Which makes me look for something simpler or some examples or tips. What I want to do is open up for incoming mail and http to be able to access my mailserver and internal webserver from internet, but not necessarily on the standard ports but some other ones. Any suggestions or recommendations ? --Robert
