Re: Q: server monitoring
Hello, it really depends on how the monitoring system will be used. I personally use nagios at my current employer, and am quite happy with it. It's very extensible as you can easily write your own plugins to monitor things specific to your company. As well there is quite a large community, so support is there (commercial support is also available) and also lots of addons and plugins. But if you need just basic up/down monitoring you might want to look else where for something a little more simpler. On 29-Apr-04, at 3:46 PM, Holger Eitzenberger wrote: Hi, can someone recommend a tool to monitor (hardware, network, ...) some linux servers, e. g. nagios (www.nagios.org)? What other free tools are available? Thx in advance. /Holger -- ++ GnuPG Key -> http://www.t-online.de/~holger.eitzenberger ++ Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360-8211 x242 Fax:416.360.1403 Cell: 416.616.6599
Re: Q: server monitoring
Hello, it really depends on how the monitoring system will be used. I personally use nagios at my current employer, and am quite happy with it. It's very extensible as you can easily write your own plugins to monitor things specific to your company. As well there is quite a large community, so support is there (commercial support is also available) and also lots of addons and plugins. But if you need just basic up/down monitoring you might want to look else where for something a little more simpler. On 29-Apr-04, at 3:46 PM, Holger Eitzenberger wrote: Hi, can someone recommend a tool to monitor (hardware, network, ...) some linux servers, e. g. nagios (www.nagios.org)? What other free tools are available? Thx in advance. /Holger -- ++ GnuPG Key -> http://www.t-online.de/~holger.eitzenberger ++ Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360-8211 x242 Fax:416.360.1403 Cell: 416.616.6599 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
VPN Firewall Kernel
Hello, I'm in the process of building a kernel for a Debian machine being used as a VPN Firewall. I need Freeswan 1.99+, MPPE for Poptop, patch-o-matic for pptp masq and would like GrSecurity for it's chroot and randomized capabilities. Applying all these patches to 2.4.25 fails with many files unpatched. Does anyone know of an existing Kernel that has similar features? Basically looking to save myself some time. Thanks. Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360-8211 x242 Fax:416.360.1403 Cell: 416.616.6599
VPN Firewall Kernel
Hello, I'm in the process of building a kernel for a Debian machine being used as a VPN Firewall. I need Freeswan 1.99+, MPPE for Poptop, patch-o-matic for pptp masq and would like GrSecurity for it's chroot and randomized capabilities. Applying all these patches to 2.4.25 fails with many files unpatched. Does anyone know of an existing Kernel that has similar features? Basically looking to save myself some time. Thanks. Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360-8211 x242 Fax:416.360.1403 Cell: 416.616.6599 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Need advise aobut allowing only sftp on woody
Hello, I have sshd running on a woody box in a chroot environment. It's not my running for remote access, but for data collection so. Just got to make sure to keep up with openssh security holes. I downloaded the sources and compiled it myself. I have privilege seperation disabled. On Tue, 2003-10-14 at 15:00, Dariush Pietrzak wrote: > On Tue, Oct 14, 2003 at 11:31:10AM -0700, Yogesh Sharma wrote: > > Can't SSH run in chroot ? > not easily with priviliege separation turned on? > > -- > Dariush Pietrzak, > Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9
Re: Need advise aobut allowing only sftp on woody
Hello, I have sshd running on a woody box in a chroot environment. It's not my running for remote access, but for data collection so. Just got to make sure to keep up with openssh security holes. I downloaded the sources and compiled it myself. I have privilege seperation disabled. On Tue, 2003-10-14 at 15:00, Dariush Pietrzak wrote: > On Tue, Oct 14, 2003 at 11:31:10AM -0700, Yogesh Sharma wrote: > > Can't SSH run in chroot ? > not easily with priviliege separation turned on? > > -- > Dariush Pietrzak, > Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Setting up VPN's
>From what I've read on the lists, there is work started on doing just that. -Sean On Fri, 2003-05-16 at 09:25, Andre Grueneberg wrote: > Phillip Hofmeister wrote: > > My advise for long term interoperability and expandability would be to > > use FreeSWan, IPSec is quickly becoming THE cross-platform standard for > > VPNs. > > Will FreeS/WAN's user-mode part (aka pluto) be ported to Linux 2.6 > IPSec? Otherwise FreeS/WAN is a dead end, while IPSec is the standard. > > Andre
PPTPD
Hello, I was wondering if there was any more info on status of a DSA for PPTPD (poptop)? -Sean
Re: questions about chrooting bind 8.3.3
Yes it is true that it's making use of the systems libs, but they can't be touched by the process as it has been chrooted. In order for someone to overwrite those files, they would first have to break of the chroot. I'm not sure of the real security implications of using the system libs are vs. using chrooted libs. On Wed, 2002-10-30 at 15:53, J.J. van Gorkum wrote: > On Wed, 2002-10-30 at 18:40, Sean McAvoy wrote: > > Hello, > > Bind has the built in ability to chroot itself (-t). then all that needs > > to be done is altering the bind init script(/etc/init.d/bind), which > > contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into > > that variable and you should be ok. I've done this with Bind 8, and now > > upgraded them to 9. > > You are missing the point here, if I do it the way bind tells me in the > man pages bind is NOT using the libraries inside the chroot environment. > That is wat I try to proove with the lsmod command... > > > > -- > J.J. van Gorkum Knowledge Zone > -- > If UNIX isn't the solution, you've got the wrong problem. > -- Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360.8211 Fax: 416.360.1403 Cell: 416.616.6599 signature.asc Description: This is a digitally signed message part
Re: questions about chrooting bind 8.3.3
Yes it is true that it's making use of the systems libs, but they can't be touched by the process as it has been chrooted. In order for someone to overwrite those files, they would first have to break of the chroot. I'm not sure of the real security implications of using the system libs are vs. using chrooted libs. On Wed, 2002-10-30 at 15:53, J.J. van Gorkum wrote: > On Wed, 2002-10-30 at 18:40, Sean McAvoy wrote: > > Hello, > > Bind has the built in ability to chroot itself (-t). then all that needs > > to be done is altering the bind init script(/etc/init.d/bind), which > > contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into > > that variable and you should be ok. I've done this with Bind 8, and now > > upgraded them to 9. > > You are missing the point here, if I do it the way bind tells me in the > man pages bind is NOT using the libraries inside the chroot environment. > That is wat I try to proove with the lsmod command... > > > > -- > J.J. van Gorkum Knowledge Zone > -- > If UNIX isn't the solution, you've got the wrong problem. > -- Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360.8211 Fax: 416.360.1403 Cell: 416.616.6599 signature.asc Description: This is a digitally signed message part
Encrypting/emailing logs and configs
Hello, I was looking at configuring a few of my VPN/Firewall systems to send me daily backups of vital config files, and selected log files. I was wondering what would be the easiest method of accomplishing this? I was thinking something along the lines of just tar/bzip and then gpg to encrypt. What other possibilities are there? And has anyone else setup something similar? -- Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360.8211 Fax: 416.360.1403 Cell: 416.616.6599 signature.asc Description: This is a digitally signed message part
Re: questions about chrooting bind 8.3.3
Hello, Bind has the built in ability to chroot itself (-t). then all that needs to be done is altering the bind init script(/etc/init.d/bind), which contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into that variable and you should be ok. I've done this with Bind 8, and now upgraded them to 9. On Tue, 2002-10-29 at 17:35, J.J. van Gorkum wrote: > Hi, I have a question about chrooting bind 8.3.3 > > I have used the setup as described in > http://people.debian.org/~pzn/howto/chroot-bind.sh.txt ... but when I > then start bind evrything looks right but when I do a lsof -p named> I see: > > command to start bind: > > start-stop-daemon --start --quiet --exec /usr/sbin/named -- -u named -g > named -t /var/lib/chroot/named/ > > # lsof -p 22119 > COMMAND PID USER FD TYPE DEVICESIZENODE NAME > named 22119 named cwdDIR 8,224096 145479 > /var/lib/chroot/named/var/cache/bind > named 22119 named rtdDIR 8,224096 145467 > /var/lib/chroot/named > named 22119 named txtREG8,6 512088 130880 > /usr/sbin/named > named 22119 named memREG8,5 82503 30185 > /lib/ld-2.2.5.so > named 22119 named memREG8,5 1145456 30223 > /lib/libc-2.2.5.so > named 22119 named memREG8,5 32664 30232 > /lib/libnss_files-2.2.5.so > named 22119 named0u CHR1,3 145480 > /var/lib/chroot/named/dev/null > named 22119 named1u CHR1,3 145480 > /var/lib/chroot/named/dev/null > named 22119 named2u CHR1,3 145480 > /var/lib/chroot/named/dev/null > named 22119 named3u unix 0xe1086560 5375674 socket > named 22119 named4u IPv45375686 UDP *:32943 > named 22119 named5u unix 0xd9d1ec40 5375676 /var/run/ndc > named 22119 named 20u IPv45375680 UDP > localhost:domain > named 22119 named 21u IPv45375681 TCP > localhost:domain (LISTEN) > > and when I change the command to start bind to : > > start-stop-daemon --chroot /var/lib/chroot/named/ --start --pidfile > /var/run/named.pid --exec /usr/sbin/named -- -u named -g named > > I see: > # lsof -p 23433 > COMMAND PID USER FD TYPE DEVICESIZENODE NAME > named 23433 named cwdDIR 8,224096 145479 > /var/lib/chroot/named/var/cache/bind > named 23433 named rtdDIR 8,224096 145467 > /var/lib/chroot/named > named 23433 named txtREG 8,22 512088 145502 > /var/lib/chroot/named/usr/sbin/named > named 23433 named memREG 8,22 82503 145501 > /var/lib/chroot/named/lib/ld-linux.so.2 > named 23433 named memREG 8,22 1145456 145500 > /var/lib/chroot/named/lib/libc.so.6 > named 23433 named memREG 8,22 32664 146115 > /var/lib/chroot/named/lib/libnss_files.so.2 > named 23433 named0u CHR1,3 145480 > /var/lib/chroot/named/dev/null > named 23433 named1u CHR1,3 145480 > /var/lib/chroot/named/dev/null > named 23433 named2u CHR1,3 145480 > /var/lib/chroot/named/dev/null > named 23433 named3u unix 0xef055a80 5239772 socket > named 23433 named4u IPv45239784 UDP *:32942 > named 23433 named5u unix 0xeee6d140 5239774 /var/run/ndc > named 23433 named 20u IPv45239778 UDP > localhost:domain > named 23433 named 21u IPv45239779 TCP > localhost:domain (LISTEN) > > > Look at the difference in the libraries, as I can see when I start named > as stated in the script the libraries in the chrooted environment are > not used > > Am I wrong here? > -- > J.J. van GorkumKnowledge Zone > -- > If UNIX isn't the solution, you've got the wrong problem. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360.8211 Fax: 416.360.1403 Cell: 416.616.6599 signature.asc Description: This is a digitally signed message part
Encrypting/emailing logs and configs
Hello, I was looking at configuring a few of my VPN/Firewall systems to send me daily backups of vital config files, and selected log files. I was wondering what would be the easiest method of accomplishing this? I was thinking something along the lines of just tar/bzip and then gpg to encrypt. What other possibilities are there? And has anyone else setup something similar? -- Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360.8211 Fax: 416.360.1403 Cell: 416.616.6599 signature.asc Description: This is a digitally signed message part
Re: questions about chrooting bind 8.3.3
Hello, Bind has the built in ability to chroot itself (-t). then all that needs to be done is altering the bind init script(/etc/init.d/bind), which contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into that variable and you should be ok. I've done this with Bind 8, and now upgraded them to 9. On Tue, 2002-10-29 at 17:35, J.J. van Gorkum wrote: > Hi, I have a question about chrooting bind 8.3.3 > > I have used the setup as described in > http://people.debian.org/~pzn/howto/chroot-bind.sh.txt ... but when I > then start bind evrything looks right but when I do a lsof -p named> I see: > > command to start bind: > > start-stop-daemon --start --quiet --exec /usr/sbin/named -- -u named -g > named -t /var/lib/chroot/named/ > > # lsof -p 22119 > COMMAND PID USER FD TYPE DEVICESIZENODE NAME > named 22119 named cwdDIR 8,224096 145479 > /var/lib/chroot/named/var/cache/bind > named 22119 named rtdDIR 8,224096 145467 > /var/lib/chroot/named > named 22119 named txtREG8,6 512088 130880 > /usr/sbin/named > named 22119 named memREG8,5 82503 30185 > /lib/ld-2.2.5.so > named 22119 named memREG8,5 1145456 30223 > /lib/libc-2.2.5.so > named 22119 named memREG8,5 32664 30232 > /lib/libnss_files-2.2.5.so > named 22119 named0u CHR1,3 145480 > /var/lib/chroot/named/dev/null > named 22119 named1u CHR1,3 145480 > /var/lib/chroot/named/dev/null > named 22119 named2u CHR1,3 145480 > /var/lib/chroot/named/dev/null > named 22119 named3u unix 0xe1086560 5375674 socket > named 22119 named4u IPv45375686 UDP *:32943 > named 22119 named5u unix 0xd9d1ec40 5375676 /var/run/ndc > named 22119 named 20u IPv45375680 UDP > localhost:domain > named 22119 named 21u IPv45375681 TCP > localhost:domain (LISTEN) > > and when I change the command to start bind to : > > start-stop-daemon --chroot /var/lib/chroot/named/ --start --pidfile > /var/run/named.pid --exec /usr/sbin/named -- -u named -g named > > I see: > # lsof -p 23433 > COMMAND PID USER FD TYPE DEVICESIZENODE NAME > named 23433 named cwdDIR 8,224096 145479 > /var/lib/chroot/named/var/cache/bind > named 23433 named rtdDIR 8,224096 145467 > /var/lib/chroot/named > named 23433 named txtREG 8,22 512088 145502 > /var/lib/chroot/named/usr/sbin/named > named 23433 named memREG 8,22 82503 145501 > /var/lib/chroot/named/lib/ld-linux.so.2 > named 23433 named memREG 8,22 1145456 145500 > /var/lib/chroot/named/lib/libc.so.6 > named 23433 named memREG 8,22 32664 146115 > /var/lib/chroot/named/lib/libnss_files.so.2 > named 23433 named0u CHR1,3 145480 > /var/lib/chroot/named/dev/null > named 23433 named1u CHR1,3 145480 > /var/lib/chroot/named/dev/null > named 23433 named2u CHR1,3 145480 > /var/lib/chroot/named/dev/null > named 23433 named3u unix 0xef055a80 5239772 socket > named 23433 named4u IPv45239784 UDP *:32942 > named 23433 named5u unix 0xeee6d140 5239774 /var/run/ndc > named 23433 named 20u IPv45239778 UDP > localhost:domain > named 23433 named 21u IPv45239779 TCP > localhost:domain (LISTEN) > > > Look at the difference in the libraries, as I can see when I start named > as stated in the script the libraries in the chrooted environment are > not used > > Am I wrong here? > -- > J.J. van GorkumKnowledge Zone > -- > If UNIX isn't the solution, you've got the wrong problem. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360.8211 Fax: 416.360.1403 Cell: 416.616.6599 signature.asc Description: This is a digitally signed message part
Re: VPN between 2 dynamic ip's ?
Freeswan will resolve domain names for outgoing connections, when a connection is received, it doesn't use the left/right entry for figuring out who is connecting. It will use the leftid/rightid to determine who is connecting (AFAIK). I've setup this type of config with static/dynamic static/static and dynamic/dynamic Hope that helps On Thu, 2002-08-22 at 19:42, Geoff Crompton wrote: > On Thu, Aug 22, 2002 at 03:00:59PM -0400, Sean McAvoy wrote: > > Hello, > > I've successfully configured site to site VPN connections using > > FreeSwan, RSA keys, and using our own Dynamic DNS server (gnudip). It's > > a straight forward tunnel connection. Couple of points > > left= and right= should be FQDNs, also uniqueids = yes is important, it > > drops the old connection if a new one is authenicated and initializing. > > And one final one, Dead peer detection should be enabled, if you are > > using a patched version of freeswan, as I don't believe the Debian > > (woody) package contains that patch (though it does add AES, and x.509 > > certificate support). > > Were both ends dynamic IP addresses? And freeswan automatically looks > up the domain names upon reconnections? > > Thanks for clarifying > > Geoff > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360.8211 Fax: 416.360.1403 Cell: 416.616.6599
Re: VPN between 2 dynamic ip's ?
Hello, I've successfully configured site to site VPN connections using FreeSwan, RSA keys, and using our own Dynamic DNS server (gnudip). It's a straight forward tunnel connection. Couple of points left= and right= should be FQDNs, also uniqueids = yes is important, it drops the old connection if a new one is authenicated and initializing. And one final one, Dead peer detection should be enabled, if you are using a patched version of freeswan, as I don't believe the Debian (woody) package contains that patch (though it does add AES, and x.509 certificate support). On Wed, 2002-08-21 at 19:57, Rémi Letot wrote: > Hi all, > > I'd like to setup a VPN between two hosts on cable connection. The > problem is that they have dynamic ip's, and none of the two sides is > permanently up (most of the time they are up, but it's not guaranteed > at all). Furthermore, I can't be sure of which one will come up first > when they are down (or one of them is down). > > So the solution must be completely flexible regarding which end is a > "server", or which side is "calling" the other. > > On the plus side, I can register them to a dynamic dns service, and I > could hack a setup using vtund. My problem is that it'sreally a hack, > and I'd like a cleaner and more robust solution. > > Is there one ? > Ty, > -- > Rémi > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360.8211 Fax: 416.360.1403 Cell: 416.616.6599
Re: Problems using the grsecurity kernel source patch package in woody.
It looks like it could be that you configured the kernel, then applied the patch. My suggestion would be to 1) rm -rf the current kernel-source dir. 2) untar "clean" source 3) while in /usr/src/kernel-source-2.4.18 run ../kernel-patches/all/apply/grsecurity (I think that's the correct path) 4) run "make config" 5) run make-kpkg hope that helps On Wed, 2002-08-07 at 08:32, Chris wrote: > Hello all, > > I'm trying to update the kernel on my woody box with the grsecurity > patch package. I installed the 2.4.18 source package and the > grsecurity patch package and untared the kernel source. After > configuring it to my taste and setting patch_the_kernel := true in > /etc/kernel-pkg.conf, make-kpkg buildpackage fails with the errors > included at the end of this email, near what looks like the end of the > process. Neither google nor the mailing list archives yielded any > useful information. Has anyone seen this behavior before? > > -- > --Chris > > "Practice allows me to receive information like faxes." > Pharoahe Monch > > > chmod -R og=rX debian/tmp-source > chown -R root.root debian/tmp-source > (cd debian/tmp-source/usr/src/; \ >tar --bzip2 -cf kernel-source-2.4.18-grsec-1.9.4.tar.bz2 > kernel-source-2.4.18-grsec-1.9.4;\ > rm -rf kernel-source-2.4.18-grsec-1.9.4;) > dpkg-gencontrol -isp -pkernel-source-2.4.18-grsec-1.9.4 -Pdebian/tmp-source/ > dpkg-gencontrol: error: package kernel-source-2.4.18-grsec-1.9.4 not in > control info > make[2]: *** [real_stamp_source] Error 29 > make[2]: Leaving directory `/usr/src/kernel-source-2.4.18' > make[2]: Entering directory `/usr/src/kernel-source-2.4.18' > The changelog says we are creating 2.4.18, but I thought the version is > 2.4.18-grsec-1.9.4 > make[2]: *** [real_stamp_doc] Error 1 > make[2]: Leaving directory `/usr/src/kernel-source-2.4.18' > make[2]: Entering directory `/usr/src/kernel-source-2.4.18' > The changelog says we are creating 2.4.18, but I thought the version is > 2.4.18-grsec-1.9.4 > make[2]: *** [real_stamp_image] Error 1 > make[2]: Leaving directory `/usr/src/kernel-source-2.4.18' > make[2]: Entering directory `/usr/src/kernel-source-2.4.18' > The changelog says we are creating 2.4.18, but I thought the version is > 2.4.18-grsec-1.9.4 > make[2]: *** [real_stamp_headers] Error 1 > make[2]: Leaving directory `/usr/src/kernel-source-2.4.18' > make[1]: Leaving directory `/usr/src/kernel-source-2.4.18' > dpkg-genchanges -mUnknown Kernel Package Maintainer <[EMAIL PROTECTED]> > dpkg-genchanges: failure: cannot read files list file: No such file or > directory > make: *** [stamp-buildpackage] Error 2 > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360.8211 Fax: 416.360.1403 Cell: 416.616.6599
Re: open ssh exploit - user not getting created
I was a little hasty in my first reply. It is a noted bug (http://bugzilla.mindrot.org/show_bug.cgi?id=285) Disabling compression will solve the problem on 2.2.x kernels. (Compression no) Hope that helps you. On Mon, 2002-06-24 at 20:49, buggz wrote: > > Does 3.3 work w/ 2.20 kernels ? > > Jun 23 10:11:38 buggz1 sshd[9598]: fatal: mmap(65536): Invalid argument > > I get that everytime I try connecting. > > > -- > -- > Ed June -o) > /\ > buggz at america dot net _\_v > Linux: An open choice for free people worldwide. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: open ssh exploit - user not getting created
Not much help but: I've experienced the exact same problem with some very old (6.0) Redhat boxes. It has to be something with the kernel and/or glib, no? On Mon, 2002-06-24 at 20:49, buggz wrote: > > Does 3.3 work w/ 2.20 kernels ? > > Jun 23 10:11:38 buggz1 sshd[9598]: fatal: mmap(65536): Invalid argument > > I get that everytime I try connecting. > > > -- > -- > Ed June -o) > /\ > buggz at america dot net _\_v > Linux: An open choice for free people worldwide. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]