RE: [e-smith-devinfo] Errors while updating, help!!
From: Dean Staff [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 7 August 2001 13:05 Subject: Re: [e-smith-devinfo] Errors while updating, help!! On 7 Aug 2001, at 12:37, Rob Adams wrote: I have just tried to apply the updates in the 4.1.2/updates directory, I get the following errors. I dont like to use nodeps unless its a last resort. Rob [root@e-smith i386]# ls apache-1.3.19-5.i386.rpm mod_ssl-2.8.1-5.i386.rpm [root@e-smith i386]# rpm -Uvh apache-1.3.19-5.i386.rpm error: failed dependencies: apache = 1.3.14-3 is needed by mod_ssl-2.7.1-3 [root@e-smith i386]# rpm -Uvh mod_ssl-2.8.1-5.i386.rpm error: failed dependencies: apache = 1.3.19-5 is needed by mod_ssl-2.8.1-5 [root@e-smith i386]# Try doing rpm -Uvh *.rpm This usually works for me. This worked for me this time, but during the process I receive... [root@e-smith i386]# rpm -Uvh *.rpm warning: /etc/httpd/conf/httpd.conf saved as /etc/httpd/conf/httpd.conf.rpmsave apache ## mod_ssl ## do I need to re-expand a template somewhere or is this normal? Rob. -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] Errors while updating, help!!
On Tue, Aug 07, 2001 at 03:59:27PM +0930, Rob Adams [EMAIL PROTECTED] wrote: [Dean Staff wrote:] Try doing rpm -Uvh *.rpm This usually works for me. This is required as the two RPMs are co-dependent - each requires the version of the other. So, they must be upgraded in one command. --nodeps should certainly be avoided unless you really know why you need to use it. --force is almost always bad. This worked for me this time, but during the process I receive... [...] do I need to re-expand a template somewhere or is this normal? e-smith updates relate to bugs on the bugs page, which also includes instructions: http://www.e-smith.org/bugs/index.php3?op=showBugbugID=37 Gordon -- Gordon Rowell [EMAIL PROTECTED] http://www.e-smith.org (development) http://www.e-smith.com (corporate) e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] mod_gzip rpm available
I assume it is just a straight RPM -Uvh or -ivh and then that command for expanding templates that escapes me right now? Richard. - Original Message - From: Jeb Campbell [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, August 07, 2001 12:04 AM Subject: [e-smith-devinfo] mod_gzip rpm available Just wanted to let everyone know that I have made a rpm of mod_gzip and template fragments needed to make it work with e-smith. Download at: http://www.c4solutions.net/jebnuke/download.php?op=viewdownloadcid=1 It has been tested on a stock es4.1.2 and 4.1.2 with apache updates. It compresses static and dynamic content (fast webmail!). Hope that you like it, and if there are any problems, please email. Note: this is only for httpd-e-smith (your real websites) and not httpd-admin (you could copy the templates, but you should be compressing your ssh tunnels anyway ;]) Jeb -- Jeb Campbell C4 Solutions, Inc [EMAIL PROTECTED] T 865-546-6381 M 865-368-5322 ICQ 16636541 AIM jebcampbellc4 -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] mod_gzip rpm available
On 07 Aug 2001 17:00:33 +1000, Richard Ford wrote: I assume it is just a straight RPM -Uvh or -ivh and then that command for expanding templates that escapes me right now? To install simply rpm -ivh e-smith-mod_gzip . . . The rpm automatically expands the template, restarts httpd-e-esmith, greps /var/log/httpd/error_log for mod_gzip (it prints one line when apache starts), and that's it. To change your mod_gzip settings, edit /etc/httpd/conf/mod_gzip.conf and restart apache. Have fun. Jeb -- Jeb Campbell C4 Solutions, Inc [EMAIL PROTECTED] T 865-546-6381 M 865-368-5322 ICQ 16636541 AIM jebcampbellc4 -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
[e-smith-devinfo] rpm -Uvh vs. rpm -ivh (was Re: [e-smith-devinfo] mod_gzip rpm available)
On Tue, Aug 07, 2001 at 03:07:58AM -0400, Jeb Campbell [EMAIL PROTECTED] wrote: On 07 Aug 2001 17:00:33 +1000, Richard Ford wrote: I assume it is just a straight RPM -Uvh or -ivh and then that command for expanding templates that escapes me right now? To install simply rpm -ivh e-smith-mod_gzip . . . [...] I suggest using rpm -Uvh instead of rpm -ivh. The upgrade option ensures that only one version of the package exists after the upgrade, and acts identically to the install option if no version previously existed. The only time I use rpm -i is for kernel upgrades, when you really do want both versions to be installed at the same time. Gordon -- Gordon Rowell [EMAIL PROTECTED] http://www.e-smith.org (development) http://www.e-smith.com (corporate) e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] satellite setup.
hey so does that mean your NT box is serving as your gateway to your internal LAN and you want your e-smith server to go through it ? am i right on this? --- Troy Dangerfield [EMAIL PROTECTED] wrote: Hi Gang, I need some advise, I have setup Telstra(Australia) bigpond satellite connection on a NT workstation. I would like to connect an e-smith server to the NT box with a LAN card using tcp/ip. The e-smith server is connected to a hub which is connected to the internal network. So my question is how can I do the above? I am using 4.1 with no patches. I have tried to use the dedicated connection with a set ip with no luck. As the satellite is only a one-way system I can not find any software that will work with Unix. So things are not looking too good from my end. Regards, Troy Dangerfield [EMAIL PROTECTED] (08) 8232 3355 _ B3 Productions ~ www.b3.com.au ~ Grow Your Business Online Leaders in B2C, B2B and Extranet Solutions -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] satellite setup.
I wanted the NT box at the front end first contact with the internet. Then connect the LAN card to the external LAN card of e-smith. Then internal LAN card is then connected to the internal hub. I can get the NT to ping e-smith, but no internet traffic.. So I guess that is what you have just said.. Troy -Original Message- From: david lubowa [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 7 August 2001 17:24 To: Troy Dangerfield; e-smith Devinfo Subject: Re: [e-smith-devinfo] satellite setup. hey so does that mean your NT box is serving as your gateway to your internal LAN and you want your e-smith server to go through it ? am i right on this? --- Troy Dangerfield [EMAIL PROTECTED] wrote: Hi Gang, I need some advise, I have setup Telstra(Australia) bigpond satellite connection on a NT workstation. I would like to connect an e-smith server to the NT box with a LAN card using tcp/ip. The e-smith server is connected to a hub which is connected to the internal network. So my question is how can I do the above? I am using 4.1 with no patches. I have tried to use the dedicated connection with a set ip with no luck. As the satellite is only a one-way system I can not find any software that will work with Unix. So things are not looking too good from my end. Regards, Troy Dangerfield [EMAIL PROTECTED] (08) 8232 3355 _ B3 Productions ~ www.b3.com.au ~ Grow Your Business Online Leaders in B2C, B2B and Extranet Solutions -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] tomcat on e-smith
I am reinstalling e-smith on a new hd nonight, i'll see what i can do possibly write a small howto outlining the precise steps -Original Message- From: Alexander Wallace [mailto:[EMAIL PROTECTED]] Sent: maandag 6 augustus 2001 21:35 To: Orville Carter Cc: e-smith-devinfo Subject: Re: [e-smith-devinfo] tomcat on e-smith Were you ever able to write down the steps to get tomcat to work on e-smith? I don't mean to presure you at all, I don't want you to think that I lost interest on those steps... Thanks! On Fri, 27 Jul 2001 18:45:27 Orville Carter wrote: We are working on all the steps. Just a few more hours - I hope. We were in a hurry, so no documentation was done. Now we are trying to retrace our steps. Dont Panic! Orville - NYC - Original Message - From: Alexander Wallace [EMAIL PROTECTED] To: Orville Carter [EMAIL PROTECTED] Cc: e-smith-devinfo [EMAIL PROTECTED] Sent: Friday, July 27, 2001 12:05 PM Subject: Re: [e-smith-devinfo] tomcat on e-smith Thanks for the responce... I'm a little bit confused yet on the process of installing tomcat in e-smith... I noticed they have an RPM and a tarball in the tomcat's website, I downloaded the rpm and installed, along with the module for aapache, but I dont know it that worked yet. It all installed fine, but I cant access port 8080 that way... If i use the tarball and start tomcat as stand alone I can... Which method do you recomend??? Thanks! On Thu, 26 Jul 2001, Orville Carter wrote: Yes! We have installed tomcat (and JKD) on our e-smith 4.1.X servers. Its a fairly straight forward process. The only one drawback - The jdk, tomcat files are not included in automatic backup and restore on e-smith. I reckoned one of the software guru's, in these here parts could solve that with little effort ;-). If you like I can prepare a simple document, (with a bit of help to solve the backup inclusion of jdk files) to explain the steps. Orville - NYC - Original Message - From: Alexander Wallace [EMAIL PROTECTED] To: e-smith-devinfo [EMAIL PROTECTED] Sent: Thursday, July 26, 2001 12:47 PM Subject: [e-smith-devinfo] tomcat on e-smith Hi there! I hope this is the right way to post to the list I'm new here... I was wondring if anyone has installed tomcat on e-smith and got it to work with apache... If so, could you share info on how you did it?? Thanks! -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
[e-smith-devinfo] startmail through webinterface?
We are replacing an old Redhat box with an E-smith server for a new client. It's a server only installation. The gateway/router functionality is done by another (existing) Redhat box that controls the Internet Link which is done upstream via a ppp0 modem-interface and downstream via a Radiolink (snd0). (BTW, does anybody know how to set this up for E-smith?) I don't know much about that yet, might be a New Zealand specific thing (ihug)? My question: At times when the Internet link normally is down, I need to give the client an easy way to manually trigger the mail downloads (fetchmail) from the ISP's mail server (i.e. if somebody has to work over the weekend or some other, unusual night time). To start the Internet dialup at those times, they have access to an internal web page. There they have sort of a button which executes a shell command. The coding looks like this: H2XYZ Internet Control/H1 bStarting Internet Access:/b This will take about 30 secs hr !--#exec cmd=/sbin/ifup ppp0 -- /BODY /HTML The whole file is stored as an .shtml file. I need something similar where the command to execute is just '/etc/startmail' as far as I understand. Unfortuantely I am not a web programmer so I don't know which problems to expect but the one that I see must be the permissions. Anybody here who can help with that? Kind Regards, Michael Doerner -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] traceroute won't work over PPPoE
For some reason, I cannot get traceroute to do anything for me while using my E-smith box (4.1.1) over a PPPoE BellSouth.Net ADSL connection. Hmmm... works fine for me... I'm on cable modem now, but I do remember using it on PPPoE before (trying to debug some ADSL issues). Does it work for other sites? (i.e. if you can get to other sites but not to e-smith.org, it may be that our firewall is blocking your attempt) Dan -- Dan York, Director of Training[EMAIL PROTECTED] Ph: +1-613-751-4401 Mobile: +1-613-263-4312 Fax: +1-613-564-7739 Mitel Network Corporation Network Server Solutions Group 150 Metcalfe St., Suite 1500, Ottawa,ON K2P 1P1 Canada http://www.e-smith.com/open source, open mind -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] Server monitoring module ready for download
Can I suggest a
if ($1 ne lo)
{
if ($1 ne sl0)
{
push(@dispRed,$1);
}
}
}
as well as the commented lines below, to get rid of sl0
Also, what about Normal, Heavy, Warning on the line regarding area
graphs?
Regards,
Craig Foster
-Original Message-
From: Darrell May [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, 7 August 2001 1:23 PM
To: Sage Telecommunications; J.I Kim; [EMAIL PROTECTED]
Subject: Re: [e-smith-devinfo] Server monitoring module ready for
download
Sage Telecommunications [EMAIL PROTECTED] said:
So in summary:
Comment out the following lines
Line 70. # $q-param(-name=dispred, value=@dispRed);
Line 79. # $q-param(-name=dispred, value=@dispRed);
Line 85. # $q-param(-name=dispred, value=@dispRed);
Line 100 #my @dispRed = $q-param(dispred);
Line 148 #my @dispRed = $q-param(dispred);
Yes, that works just fine.
--
Darrell May
DMC NETSOURCED.COM
http://netsourced.com
--
Please report bugs to [EMAIL PROTECTED]
Please mail [EMAIL PROTECTED] (only) to discuss security issues
Support for registered customers and partners to [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Archives by mail and
http://www.mail-archive.com/devinfo%40lists.e-smith.org
smime.p7s
[e-smith-devinfo] Differentiating between CodeRed I and II...
--- Before I relay this info, let me just mention again for those who may have just joined us... the Code Red I and II worms affect ONLY Microsoft IIS servers. The worm does NOT infect the Apache web server installed on your e-smith server and gateway. (It may, however, slow down your connection with all of its connection attempts... depending on what type of connection you have.) --- FYI, the BUGTRAQ folks have an article that talks about the technical differences between the signatures of the original CodeRed worm and the new Code Red II variant. It is at: http://archives.neohapsis.com/archives/bugtraq/2001-08/0066.html As noted, the major difference is that Code Red II uses X as a filler character instead of the original N character. By just modifying the grep string, you can see what is attacking you. Here is my home (e-smith) server sitting on the end of a cable modem: bash-2.04$ grep default.ida /var/log/httpd/access_log | wc -l 1629 bash-2.04$ grep default.ida?X /var/log/httpd/access_log | wc -l 1594 bash-2.04$ grep default.ida?N /var/log/httpd/access_log | wc -l 35 So I have had 1629 infection attempts, 1594 of which are Code Red II and 35 of which are the original Code Red. This is for a log file that started at 4am on August 5th, just a little over two days ago. Note that Code Red II is now VERY nasty: http://www.incidents.org/react/code_redII.php It installs a trojan version of Windows explorer and does other things to basically leave a Windows system wide open to be exploited at a later time. It also uses a better random number generator for IP addresses, so it is attacking a larger target range than the original Code Red. My personal thought is that this one is going to hit a whole lot of home users hardest of all. (Many of whom may not realize that they are running a web server, and therefore have not patched it.) As another note, I do not actually use my web server on my e-smith box for any web publishing, so *no one* should be visiting my box and the result is that the only thing going into my access logs is Code Red infection attempts! Because Code Red is the only traffic, I ran this command in a window to sit and watch the traffic: tail -f /var/log/httpd/access_log In the time it has taken me to write this message, I have seen 8 or 9 more connection attempts from various IP addresses, so it is very much out there attacking systems. Let us hope that more and more IIS systems will be patched (or people will switch to other web servers) so that this thing goes away. Regards, Dan -- Dan York, Director of Training[EMAIL PROTECTED] Ph: +1-613-751-4401 Mobile: +1-613-263-4312 Fax: +1-613-564-7739 Mitel Network Corporation Network Server Solutions Group 150 Metcalfe St., Suite 1500, Ottawa,ON K2P 1P1 Canada http://www.e-smith.com/open source, open mind -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] Server monitoring module ready for download
This change got me a listing for eth1, but the link at the top of the page for eth0 and eth1 both point to generating graphs for eth0. I can't give many suggestions on this one, except that I thought the original problem might have to deal with the foreach $key (@dispRed) line (which we have now altered). BTW, I'm running e-smith 4.1.2, rrdtool-1.0.28-1.i386.rpm, sysstat-3.3.3-3.i386.rpm, e-smith-monitor_en-1.0-01.noarch.rpm. David M. Brown Frick, Frick Jette Architects [EMAIL PROTECTED] -Original Message- From: Sage Telecommunications [mailto:[EMAIL PROTECTED]] Sent: Monday, August 06, 2001 9:26 PM To: J.I Kim; [EMAIL PROTECTED] Subject: Re: [e-smith-devinfo] Server monitoring module ready for download So in summary: Comment out the following lines Line 70. # $q-param(-name=dispred, value=@dispRed); Line 79. # $q-param(-name=dispred, value=@dispRed); Line 85. # $q-param(-name=dispred, value=@dispRed); Line 100 #my @dispRed = $q-param(dispred); Line 148 #my @dispRed = $q-param(dispred); -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] Frontpage 2000 extentions
Hi Wayne, I agree with Charlie. I knew about some of the holes that get exposed when FP is installed, but I didn't realized that my linux box could be exposed to worms like Code Red (III), etc. Just a quick question though... Whistle's Interjet and Sun Cobalt's Qube3 both include FP extentions on their units, has anybody heard about FP extention security breaches on their products? It appears that the Qube3 is not affected by the Code Red worm... so I wonder what their developers know that we don't... :-) Anyway, let's just leave it at that. Wayne, please do send me the RPM's... I would still like to take a look at them (and verify that code red affects FP Ext.). Thanks, Trev. -Original Message- From: Wayne Bollinger [mailto:[EMAIL PROTECTED]] Sent: Monday, August 06, 2001 6:20 PM To: [EMAIL PROTECTED] Subject: Re: [e-smith-devinfo] Frontpage 2000 extentions Trevor, after seeing this note from Charlie I feel like sending you an Apache rpm setup to work with FP 2000 extensions would be like sending out a mail bomb... :) Have you considered using FrontPage with an e-smith server without installing the extensions? You can set the compatibility options in FP so it will work with an extension free Unix box. For more info check out: http://www.georgetown.edu/uis/web/software/frontpage/index.html Perhaps this approach would give you everything you're looking for, and it can also produce pages that are more browser-neutral. Let me know if you still want the email bomb. -Wayne Charlie Brady wrote: On Mon, 6 Aug 2001, Trevor Ouellette wrote: New Feature Support on Windows and Unix Listed below are the new features in the FrontPage 2002 client that require the FrontPage 2002 Server Extensions. ... Perhaps they might add: - CodeRed worm compatibility I've recently seen a post on another mailing list which suggests that FrontPage extensions for *nix amount to a cut down IIS, which is just as susceptible to CodeRed as IIS is. Sounds like something you should check before going much further. Charlie Brady [EMAIL PROTECTED] http://www.e-smith.org (development) http://www.e-smith.com (corporate) Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] Errors while updating, help!!
Yes. I got them to install by putting them in the same directory and using: rpm -Uvh e-smi* That did the trick. -Original Message- From: Dan Brown [mailto:[EMAIL PROTECTED]] Sent: Monday, August 06, 2001 9:44 PM To: Rob Adams Cc: e-smith Devinfo Subject: Re: [e-smith-devinfo] Errors while updating, help!! Quoting Rob Adams [EMAIL PROTECTED]: [root@e-smith i386]# rpm -Uvh apache-1.3.19-5.i386.rpm error: failed dependencies: apache = 1.3.14-3 is needed by mod_ssl-2.7.1-3 [root@e-smith i386]# rpm -Uvh mod_ssl-2.8.1-5.i386.rpm error: failed dependencies: apache = 1.3.19-5 is needed by mod_ssl-2.8.1-5 These two packages are interdependent. To install them without using --nodeps, you'll need to specify them both at the same time: rpm -Uvh apache-1.3.19-5.i386.rpm mod_ssl-2.8.1... -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] startmail through webinterface?
Michael Doerner [EMAIL PROTECTED] said: The whole file is stored as an .shtml file. I need something similar where the command to execute is just '/etc/startmail' as far as I understand. Unfortuantely I am not a web programmer so I don't know which problems to expect but the one that I see must be the permissions. Anybody here who can help with that? Hi Michael. You might want to look into using 'sudo' as mentioned recently on list for Trevor's squidguard implementation. Start with 'man sudo' or a Google search for online sudo help resources. -- Darrell May DMC NETSOURCED.COM http://netsourced.com -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] Differentiating between CodeRed I and II...
By the way if you are using a Cisco 675 modem the red worm actually hoses that too here is a link from my provider on a workaround I wonder if making the change will keep me in the future from using it as a server connection... heh heh I tried calling qwest... there was an 80 min wait on the support line! everyone with dsl and this modem must be getting it! I figured out days ago I could just power down and back up and it would unfreeze it... but I do not have a server on this line. http://www.qwest.com/dsl/customerservice/coderedvirus.html ed sharpe archivist for smecc www.smecc.org - Original Message - From: Dan York [EMAIL PROTECTED] To: E-smith developers list [EMAIL PROTECTED] Sent: Tuesday, August 07, 2001 7:47 AM Subject: [e-smith-devinfo] Differentiating between CodeRed I and II... --- Before I relay this info, let me just mention again for those who may have just joined us... the Code Red I and II worms affect ONLY Microsoft IIS servers. The worm does NOT infect the Apache web server installed on your e-smith server and gateway. (It may, however, slow down your connection with all of its connection attempts... depending on what type of connection you have.) --- FYI, the BUGTRAQ folks have an article that talks about the technical differences between the signatures of the original CodeRed worm and the new Code Red II variant. It is at: http://archives.neohapsis.com/archives/bugtraq/2001-08/0066.html As noted, the major difference is that Code Red II uses X as a filler character instead of the original N character. By just modifying the grep string, you can see what is attacking you. Here is my home (e-smith) server sitting on the end of a cable modem: bash-2.04$ grep default.ida /var/log/httpd/access_log | wc -l 1629 bash-2.04$ grep default.ida?X /var/log/httpd/access_log | wc -l 1594 bash-2.04$ grep default.ida?N /var/log/httpd/access_log | wc -l 35 So I have had 1629 infection attempts, 1594 of which are Code Red II and 35 of which are the original Code Red. This is for a log file that started at 4am on August 5th, just a little over two days ago. Note that Code Red II is now VERY nasty: http://www.incidents.org/react/code_redII.php It installs a trojan version of Windows explorer and does other things to basically leave a Windows system wide open to be exploited at a later time. It also uses a better random number generator for IP addresses, so it is attacking a larger target range than the original Code Red. My personal thought is that this one is going to hit a whole lot of home users hardest of all. (Many of whom may not realize that they are running a web server, and therefore have not patched it.) As another note, I do not actually use my web server on my e-smith box for any web publishing, so *no one* should be visiting my box and the result is that the only thing going into my access logs is Code Red infection attempts! Because Code Red is the only traffic, I ran this command in a window to sit and watch the traffic: tail -f /var/log/httpd/access_log In the time it has taken me to write this message, I have seen 8 or 9 more connection attempts from various IP addresses, so it is very much out there attacking systems. Let us hope that more and more IIS systems will be patched (or people will switch to other web servers) so that this thing goes away. Regards, Dan -- Dan York, Director of Training[EMAIL PROTECTED] Ph: +1-613-751-4401 Mobile: +1-613-263-4312 Fax: +1-613-564-7739 Mitel Network Corporation Network Server Solutions Group 150 Metcalfe St., Suite 1500, Ottawa,ON K2P 1P1 Canada http://www.e-smith.com/open source, open mind -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] Release 1 of squidguard for ESSG
Hi Bertrand, Did you put allow your IP addresses to be in the Full Internet Access section? Make sure that your IP List is empty. In root prompt... try this: /etc/rc.d/init.d/squid restart cat /var/log/squidguard.log (and look for a successful start of squidguard) cat /var/log/messages Also check if you have anything in your /usr/local/squidGuard/db folders... If I think of anything to try I will contact you asap. Trev. -Original Message- From: Bertrand CHERRIER [mailto:[EMAIL PROTECTED]] Sent: Monday, August 06, 2001 10:56 PM To: DEVELOPMENT info Subject: Re: [e-smith-devinfo] Release 1 of squidguard for ESSG Bonjour Trevor Ouellette, Got a problem here, it was working perfectly, BUT, as it was a test machine I shut it down for the night, and today while wanting to show it to a friend, I could easily surf on porn sites :( squidGuard is running ... but if it wasn't I would have been the same I change a policy from the admin page to have it restarted ... same thing ! got any idea ??? mercredi 1 août 2001, 16:26:04, vous avez écrit: TO How to Install the gc-guard system -- Any beta testers?? TO Log in as root to your ESSG server. TO mkdir /squidguard TO cd /squidguard TO wget -nv http://www.greencomputer.com/gc-guard-1.tar TO tar -xf gc-guard-1.tar TO ./create-squidguard TO That's it! The settings can be found under Security, Content Filtering. TO There is link to a help at the bottom of that page. TO It updates it's blacklist once a week, administrators can update/remove TO domains, expressions and URL's from a GUI in the manager, admins can also TO allow specific IP's to have Full access to the Internet instead of the TO default filtered access. TO Give it a go... GRIN TO Thanks to Darrell May, JL (for the sudo stuff), and of course Lorenzo! I TO hope I didn't forget anybody! TO Trev. TO -- TO Please report bugs to [EMAIL PROTECTED] TO Please mail [EMAIL PROTECTED] (only) to discuss security issues TO Support for registered customers and partners to [EMAIL PROTECTED] TO To unsubscribe, e-mail: [EMAIL PROTECTED] TO For additional commands, e-mail: [EMAIL PROTECTED] TO Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Cordialement, Bertrand [EMAIL PROTECTED] http://www.linux-nc.org Linux, il y a moins bien, mais c'est plus cher ! -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] Server monitoring module ready for download
David Brown [EMAIL PROTECTED] said: This change got me a listing for eth1, but the link at the top of the page for eth0 and eth1 both point to generating graphs for eth0. I can't give many suggestions on this one, except that I thought the original problem might have to deal with the foreach $key (@dispRed) line (which we have now altered). Yes, good catch. On the second screen display, after you select eth1 for display, the new page generated title is correct but the data references eth0 in each command line. http://192.168.1.1:980/cgi-bin/monitor? state=detailedtitlegraph=eth1+traffictypegraph=linerrddb=eth0rrdvar=et h0typevar=AVERAGErefresh=60 I also had originally posted I thought the $key variable, was the key :) Basically the monitor function is close to working but someone with good perl knowledge needs to review and fix the way the variables are passed to the print/command statements. -- Darrell May DMC NETSOURCED.COM http://netsourced.com -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] startmail through webinterface?
Just to let you all know... sudo could potentially open up security risks... I have done everything I could to reduce these risks when I used it... (internal access only... limiting what command the user can run, etc.). When using sudo, never allow external Internet access to it and always limit what specific commands can be run. It's a very powerful command. the sudo file is in /etc/sudoers Trev. -Original Message- From: Darrell May [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 07, 2001 9:40 AM To: Michael Doerner; e-smith Devinfo Subject: Re: [e-smith-devinfo] startmail through webinterface? Michael Doerner [EMAIL PROTECTED] said: The whole file is stored as an .shtml file. I need something similar where the command to execute is just '/etc/startmail' as far as I understand. Unfortuantely I am not a web programmer so I don't know which problems to expect but the one that I see must be the permissions. Anybody here who can help with that? Hi Michael. You might want to look into using 'sudo' as mentioned recently on list for Trevor's squidguard implementation. Start with 'man sudo' or a Google search for online sudo help resources. -- Darrell May DMC NETSOURCED.COM http://netsourced.com -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] traceroute won't work over PPPoE
Dan: It doesn't work to any sites and never has on any E-Smith box I've ever put on an ADSL line with PPPoE. Machines on the internal network can traceroute out just fine (through the E-Smith box) - but I cannot traceroute from the E-Smith box itself. Any more suggestions on the problem or things I can look for that may be causing it? Thanks, Matt -- Original Message -- From: Dan York [EMAIL PROTECTED] Date: Tue, 7 Aug 2001 09:49:01 -0400 For some reason, I cannot get traceroute to do anything for me while using my E-smith box (4.1.1) over a PPPoE BellSouth.Net ADSL connection. Hmmm... works fine for me... I'm on cable modem now, but I do remember using it on PPPoE before (trying to debug some ADSL issues). Does it work for other sites? (i.e. if you can get to other sites but not to e-smith.org, it may be that our firewall is blocking your attempt) -- -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
[e-smith-devinfo] FrontPage and CodeRed?
On Mon, 6 Aug 2001, somebody posted to the members mailing list of Sage-au (www.sage-au.org.au): Umm, if you loaded Frontpage and the web extensions onto your home PC guess what, you're running a cut-down version of IIS - and its just as susceptible to CodeRed and variants as are the full blown IIS boxes. I'm still wondering why no-one has mentioned this little fact yet. I have no other information to confirm or deny this rumour, however, I thought it prudent to pass it on. [It shouldn't take long for someone to work out whether there is a CGI called default.ida.] -- Charlie Brady [EMAIL PROTECTED] http://www.e-smith.org (development) http://www.e-smith.com (corporate) Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
[e-smith-devinfo] Log rotating
Hey Y'all! Does anyone know how to change the time of day the logs get rotated? I've got my e-smith boxes logging my pop connections and rotating the log daily, but it does it at 4:02am everyday, I'd like to get it to rotate them at midnight. Thanks Dean Dean Staff Protus IP Solutions 210 - 2379 Holly Lane Ottawa, ON K1V 7P2 Canada 613-733- ex 546 Fax 613-248-4553 e-mail: [EMAIL PROTECTED] Web: http://www.protus.com -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] Log rotating
On Tue, 7 Aug 2001, Dean Staff wrote: Does anyone know how to change the time of day the logs get rotated? man cron :-) Have a look in /etc/crontab. You'll see: 02 4 * * * root run-parts /etc/cron.daily That says that root will run the command run-parts /etc/cron.daily at 4:02 daily. That command runs each script in /etc/cron.daily, which includes one called logrotate, which does: /usr/sbin/logrotate /etc/logrotate.conf -- Charlie Brady [EMAIL PROTECTED] http://www.e-smith.org (development) http://www.e-smith.com (corporate) Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] FrontPage and CodeRed?
yeah and if you foward my mail to 10 people in your adressbook nokia will give you a FREE CELLPHONE!! :) ok sorry bout that But seriously e-smith is positively absolutely not at risc , the reason for this is that code red uses a known buffer overflow in iis. QUOTE The vulnerability lies within the code that allows a Web server to interact with Microsoft Indexing Service functionality. The vulnerable Indexing Service ISAPI filter is installed by default on all versions of IIS. The problem lies in the fact that the .ida (Indexing Service) ISAPI filter does not perform proper bounds checking on user inputted buffers and therefore is susceptible to a buffer overflow attack /QUOTE Isapi filters arent inalled with fpe And even if it where it will only exploit Windows 2000 web servers because it overwrites EIP with a jmp that is only correct under Windows 2000. since i imagine most of you arent familiar with pc assembly in lamens terms this means , basicly code red interups the normal processing of the webserver in order to execute its own code , it as uses one of windows own functions for that. Under NT4.0 etc... the location for that function is different so, the process will simply crash instead of allowing the worm to infect the system and spread. -Original Message- From: Charlie Brady [mailto:[EMAIL PROTECTED]] Sent: dinsdag 7 augustus 2001 19:06 To: [EMAIL PROTECTED] Subject: [e-smith-devinfo] FrontPage and CodeRed? On Mon, 6 Aug 2001, somebody posted to the members mailing list of Sage-au (www.sage-au.org.au): Umm, if you loaded Frontpage and the web extensions onto your home PC guess what, you're running a cut-down version of IIS - and its just as susceptible to CodeRed and variants as are the full blown IIS boxes. I'm still wondering why no-one has mentioned this little fact yet. I have no other information to confirm or deny this rumour, however, I thought it prudent to pass it on. [It shouldn't take long for someone to work out whether there is a CGI called default.ida.] -- Charlie Brady [EMAIL PROTECTED] http://www.e-smith.org (development) http://www.e-smith.com (corporate) Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] Log rotating
Dean, Look in /etc/crontab - it runs the various hourly, daily, weekly and monthly processes. At 10:28 7/8/2001, Dean Staff wrote: I've got my e-smith boxes logging my pop connections and rotating the log daily, but it does it at 4:02am everyday, I'd like to get it to rotate them at midnight. Des Dougan -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] Log rotating
Dean Staff [EMAIL PROTECTED] said: Hey Y'all! Does anyone know how to change the time of day the logs get rotated? I've got my e-smith boxes logging my pop connections and rotating the log daily, but it does it at 4:02am everyday, I'd like to get it to rotate them at midnight. Another option I believe would be to do this: Move /etc/cron.daily/logrotate to /etc/cron.d/logrotate and edit as shown: 0 0 * * * root /usr/sbin/logrotate /etc/logrotate.conf However, I have not done this to confirm but this should point you in the right direction. -- Darrell May DMC NETSOURCED.COM http://netsourced.com -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] Log rotating
On 7 Aug 2001, at 17:44, Darrell May wrote: Dean Staff [EMAIL PROTECTED] said: Hey Y'all! Does anyone know how to change the time of day the logs get rotated? [..] Another option I believe would be to do this: Move /etc/cron.daily/logrotate to /etc/cron.d/logrotate and edit as shown: 0 0 * * * root /usr/sbin/logrotate /etc/logrotate.conf However, I have not done this to confirm but this should point you in the right direction. Thanks Darrell, I think your option would work best if all I wanted to do was move the logrotate time. But as I don't care about the what time of day the rest of the cron.daily jobs are done, I think I go with Charlie's option (Thanks Charlie) of just editing the /etc/crontab. Besides it's easier to make a single custom template of /etc/crontab/template-begin and make the change there, than to move one job from cron.daily to cron.d. This would mean creating multiple custom templates. But thanks for the idea I might try it later when I have more time to play. Regards Dean Dean Staff Protus IP Solutions 210 - 2379 Holly Lane Ottawa, ON K1V 7P2 Canada 613-733- ex 546 Fax 613-248-4553 e-mail: [EMAIL PROTECTED] Web: http://www.protus.com -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
Re: [e-smith-devinfo] squidguard for essg reports
In message [EMAIL PROTECTED], Trevor Ouellette [EMAIL PROTECTED] writes All, Has anybody else installed/used the squidguard.tar that I put together? Bertrand seems to be having problems with it after about a week? I'm suspecting the crons.weekly script isn't doing it's job properly... or maybe the new blacklist.tar.gz file has changed enough that my download script is having issues. Anyway... if anybody could report back to me that would be great. Trev. -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org I have had your script running. I cant say that I have seen any problems will check when I am in the office -- © Timothy Pugh -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] squidguard for essg reports
I second that opinion, I am using it since last week on a essg 4.1.2 at home with no problems. It's not the most scientific testing, but the features definitely work as advertised. Allen -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] FrontPage and CodeRed?
Thanks for clearing things up regarding ES FP extensions, Jelmer... we have enough hype about the code red worm. We don't need anymore... :-) Trev. -Original Message- From: Jelmer Kuperus [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 07, 2001 11:40 AM To: Charlie Brady; [EMAIL PROTECTED] Subject: RE: [e-smith-devinfo] FrontPage and CodeRed? yeah and if you foward my mail to 10 people in your adressbook nokia will give you a FREE CELLPHONE!! :) ok sorry bout that But seriously e-smith is positively absolutely not at risc , the reason for this is that code red uses a known buffer overflow in iis. QUOTE The vulnerability lies within the code that allows a Web server to interact with Microsoft Indexing Service functionality. The vulnerable Indexing Service ISAPI filter is installed by default on all versions of IIS. The problem lies in the fact that the .ida (Indexing Service) ISAPI filter does not perform proper bounds checking on user inputted buffers and therefore is susceptible to a buffer overflow attack /QUOTE Isapi filters arent inalled with fpe And even if it where it will only exploit Windows 2000 web servers because it overwrites EIP with a jmp that is only correct under Windows 2000. since i imagine most of you arent familiar with pc assembly in lamens terms this means , basicly code red interups the normal processing of the webserver in order to execute its own code , it as uses one of windows own functions for that. Under NT4.0 etc... the location for that function is different so, the process will simply crash instead of allowing the worm to infect the system and spread. -Original Message- From: Charlie Brady [mailto:[EMAIL PROTECTED]] Sent: dinsdag 7 augustus 2001 19:06 To: [EMAIL PROTECTED] Subject: [e-smith-devinfo] FrontPage and CodeRed? On Mon, 6 Aug 2001, somebody posted to the members mailing list of Sage-au (www.sage-au.org.au): Umm, if you loaded Frontpage and the web extensions onto your home PC guess what, you're running a cut-down version of IIS - and its just as susceptible to CodeRed and variants as are the full blown IIS boxes. I'm still wondering why no-one has mentioned this little fact yet. I have no other information to confirm or deny this rumour, however, I thought it prudent to pass it on. [It shouldn't take long for someone to work out whether there is a CGI called default.ida.] -- Charlie Brady [EMAIL PROTECTED] http://www.e-smith.org (development) http://www.e-smith.com (corporate) Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
RE: [e-smith-devinfo] Release 1 of squidguard for ESSG
Hi Bertrand, Run this command. It will force a blacklist update: /usr/local/squidGuard/supdate Are you still unblocked? Redownload the gc-guard prg: mkdir /squidguard cd /squidguard wget -nv http://www.greencomputer.com/gc-guard-1.tar tar -xf gc-guard-1.tar ./create-squidguard Good luck, Trev. -Original Message- From: Bertrand CHERRIER [mailto:[EMAIL PROTECTED]] Sent: Monday, August 06, 2001 10:56 PM To: DEVELOPMENT info Subject: Re: [e-smith-devinfo] Release 1 of squidguard for ESSG Bonjour Trevor Ouellette, Got a problem here, it was working perfectly, BUT, as it was a test machine I shut it down for the night, and today while wanting to show it to a friend, I could easily surf on porn sites :( squidGuard is running ... but if it wasn't I would have been the same I change a policy from the admin page to have it restarted ... same thing ! got any idea ??? mercredi 1 août 2001, 16:26:04, vous avez écrit: TO How to Install the gc-guard system -- Any beta testers?? TO Log in as root to your ESSG server. TO mkdir /squidguard TO cd /squidguard TO wget -nv http://www.greencomputer.com/gc-guard-1.tar TO tar -xf gc-guard-1.tar TO ./create-squidguard TO That's it! The settings can be found under Security, Content Filtering. TO There is link to a help at the bottom of that page. TO It updates it's blacklist once a week, administrators can update/remove TO domains, expressions and URL's from a GUI in the manager, admins can also TO allow specific IP's to have Full access to the Internet instead of the TO default filtered access. TO Give it a go... GRIN TO Thanks to Darrell May, JL (for the sudo stuff), and of course Lorenzo! I TO hope I didn't forget anybody! TO Trev. TO -- TO Please report bugs to [EMAIL PROTECTED] TO Please mail [EMAIL PROTECTED] (only) to discuss security issues TO Support for registered customers and partners to [EMAIL PROTECTED] TO To unsubscribe, e-mail: [EMAIL PROTECTED] TO For additional commands, e-mail: [EMAIL PROTECTED] TO Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Cordialement, Bertrand [EMAIL PROTECTED] http://www.linux-nc.org Linux, il y a moins bien, mais c'est plus cher ! -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
