date:20090922

Help Required!!!! , Regarding to FreeBSD

2009-09-22 Thread msaad abdurrab

Hello Sir


We are going to Make a Socks Yahoo Voice Server using FreeBSD.




Is this possible in FreeBSD , if

then which software ll require for this in FreeBSD




We have found noting on web regarding to do this , Could your please
provide little bit Guide us Regarding to Making FreeBSD Server





waiting for your reply , Thank you


Kindest Regards
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Troubleshooting ral0 device timeouts

2009-09-22 Thread Michaël Grünewald

I have set up a FreeBSD access point, it is equipped with a ralink based 
card and works most of the time. I would appreciate some help for 
troubleshooting ``the rest of the time''. Thanks!


First there is nothing fancy about my wirelesse setup, I merely use the 
ralink card as an ethernet switch to create a LAN. I therefore 
configured my ralink R2600 ral0 interface, an ethernet card and bridged 
them together as described in if_bridge(4) or ifconfig(8). Note that 
only the bridge has got an IP address. Also, hostapd is up and running, 
managing the ral0 interface. This setup somehow works: I can succefully 
connect stations to the AP.


However, from times to times, the ral(4) driver emits a `device timeout' 
message and the interface is hen stuck. All connections to the AP are 
lost and no station would notice the AP anymore.


I could not successfully reset the interface with the sequence:

# /etc/rc.d/netif stop ral0
# /etc/rc.d/hostapd stop
# /etc/rc.d/netif start ral0
# /etc/rc.d/hostapd start

Although it does not emit any error message, the AP remains 
undetectable. Rebooting the machine brings back the AP to a working 
state, but that is annoying!


I am running amd64/7.2, the ralink chip is reported to be 2600 or 2610 
by the kernel.

--
Best regards,
Michaël
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

gtar-1.22_1, lzmautils-4.32.7 and xz-4.999.9

2009-09-22 Thread Pieter Donche


gtar-1.22_1, lzmautils-4.32.7 and xz-4.999.9

pkg_version -vIL= reported today as ports to upgrade:

gtar-1.22  needs updating (index has 1.22_1)
librsvg2-2.26.0_1  needs updating (index has 2.26.0_2)
lzmautils-4.32.7!   Comparison failed

I have lzmautils-4.32.7
$ pkg_info | grep lzmautils-4.32.7
lzmautils-4.32.7LZMA compression and decompression tools

-- What does this  Comparaised failed mean ??

I started a portupgrade:
# portsnap fetch
# portsnap update
# portupgrade -yaRrpb | tee /tmp/portupgrade-mail

the output reports about gtar-1.22 :
...
===   gtar-1.22_1 depends on executable: lzop - found
===   gtar-1.22_1 depends on executable: xz - not found

xz-4.999.9beta.tar.gz  is fetched from http://tukaani.org/xz/
extracted and installed ...

===  xz-4.999.9 conflicts with installed package(s):
  lzmautils-4.32.7

  They install files into the same place.
  Please remove them first with pkg_delete(1). 
*** Error code 1


Stop in /usr/ports/archivers/xz.
*** Error code 1

Stop in /usr/ports/archivers/gtar.
*** Error code 1

Stop in /usr/ports/archivers/gtar.
** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade20090922-22
895-zz3ywq-0 env UPGRADE_TOOL=portupgrade UPGRADE_PORT=gtar-1.22 UPGRADE_PORT_VE
R=1.22 make DEPENDS_TARGET=package reinstall
---  Updating dependency info
---  Modifying /var/db/pkg/kde-3.5.10_2/+CONTENTS 
---  Modifying /var/db/pkg/kdeutils-3.5.10_2/+CONTENTS

---  Restoring the old version
---  Keeping old package in '/usr/ports/packages/All'
** Fix the installation problem and try again.

Is xz-4.999.9  a complete replacement for package lzmautils-4.32.7
must I completely pkg_delete lzmautils-4.32.7 and never install it again?

Then retry portupgrade ?

Or what should I best do ?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Why configure files don't find /usr/local based headers?

2009-09-22 Thread Yuri

I noticed many times that configure files of various projects fail to 
find headers of third party packages under /usr/local/include.

They run command line like this:
gcc -c conftest.c
and it doesn't find them without -I/usr/local/include.

Is something misconfigured on my system? How to make this issue go away 
without modifying all configure files?


Yuri
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

internet access from FreeBSD

2009-09-22 Thread gs_stol...@juno.com

 I have a copy of Greg Lehey's online book about FreeBSD, but I 
believe it is from February 2006.  Is there a later copy, and if so, where can 
I find a copy (URL please)?  I searched my copy for the word internet and 
couldn't find it.  I did access the internet with a take-off copy of FreeBSD, 
but I don't have access to it any more.  Can I access the internet with a 
currently gettable copy of FreeBSD, and if so, for what versions is that true 
(my personal version is old, but it works well so I never upgraded)?  Since I 
get my mail via  juno , can I access them nicely from FreeBSD or do I need 
something to interface to it and present me with my mailbox, listing the items 
in it and telling me the usual stuff about envelop mail (sender, subject, when 
received)?

$5,000 a Week For Life
Publishers Clearing House winner annouced on NBC. Enter now.
http://thirdpartyoffers.juno.com/TGL2141/c?cp=NJLnQx9Yu8C9A0FjGKLJHAAAJ1CMuunOdcztR0sdySRQWupwAAQFAArXIzwACQGZAA==
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Why configure files don't find /usr/local based headers?

2009-09-22 Thread Giorgos Keramidas

On Tue, 22 Sep 2009 01:29:38 -0700, Yuri y...@rawbw.com wrote:
 I noticed many times that configure files of various projects fail to
 find headers of third party packages under /usr/local/include.
 They run command line like this:
 gcc -c conftest.c
 and it doesn't find them without -I/usr/local/include.

 Is something misconfigured on my system? How to make this issue go away
 without modifying all configure files?

Because gcc in FreeBSD doesn't automatically include header files from
`/usr/local', unless you explicitly add the directory to the list of
include directories.

In other systems there may not be a `/usr/local/include' path at all.
For example, in my Debian installation there is no such directory.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Undelete or recover from badblocks on disks

2009-09-22 Thread jaymax


Thanks again Roland,
I think I must have lost those files when fsck_ffs did its salvage operation

The expected files were 
/disk02/bkup/dump/ad0s1a-090909.dump
/disk02/bkup/dump/ad0s1e-090909.dump
/disk02/bkup/dump/ad0s1f-090909.dump


fls from the image file = listfile

# sed -n 30153,30158p list
d/d 4804608:bkup
d/d 918528: servers
+ d/d 918529:   apache
++ d/d 918530:  httpd-2.0.40
+++ d/d 918531: os
 d/d 918532:os2

Shows the bkup directory but no subdirectory (i.e ../dump/. or dumpfiles

Now, if perchance these files were found with fls what would have been the
method to extract them back and make them readable to the file system.

Thanks


_




Roland Smith wrote:
 
 On Fri, Sep 18, 2009 at 10:17:31PM -0700, jaymax wrote:
 
 Thanks Roland, 
 
 Create a disk image from the damaged drive, and save it on another disk
 with enough space. You can use dd(1) to create a disk image. You can
 devide the image into several files. For example, I will use dd to get two
 consecutive 10
 
 # dd if=/dev/da0s1 of=dd1.img bs=1m count=10
 10+0 records in
 10+0 records out
 10485760 bytes transferred in 1.031497 secs (10165575 bytes/sec)
 
 The (valid, IMHO) reason for using disk images is that you want to
 investigate a copy of the data, so you cannot accidentily destroy the
 original data.
 

-- 
View this message in context: 
http://www.nabble.com/Undelete-or-recover-from-badblocks-on-disks-tp25498179p25530662.html
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Is this a kernel memory leak or a process memory leak?

2009-09-22 Thread Modulok

List,

Maybe I'm just not that bright, but I have a question regarding the following:

man 3 getenv
snip
Successive calls to setenv() or putenv() assigning a differently sized
value to the same name will result in a memory leak.  The FreeBSD seman-
tics for these functions (namely, that the contents of value are copied
and that old values remain accessible indefinitely) make this bug
unavoidable.  Future versions may eliminate one or both of these semantic
guarantees in order to fix the bug.
/snip

This is a memory leak within the process which calls sentenv() or
putenv(), not a memory leak in the kernel, right? Like, if I called
putenv() a in a loop and then exited the process, the kernel will
reclaim that cluster-fuck of lost allocated memory, right? (If it's a
kernel leak that would be super retarded as any process could
affectively starve the kernel of memory. ) So it's a userland leak
right?

Anybody?
-Modulok-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: internet access from FreeBSD

2009-09-22 Thread Modulok

Is there a later copy

Not that I'm aware of.

I searched my copy for the word internet and couldn't find it.

Weird. Did you try Internet?

Can I access the internet with a currently gettable copy of FreeBSD

If I understand correctly, you're asking if you can use FreeBSD to
access the Internet? If so...yes. Any version will do! If you're
referring to using a web browser and such, then you'll have to install
those yourself, but it's not difficult.

Since I get my mail via juno , can I access them nicely from FreeBSD or do
I need something to interface to it...

I have no experience with this 'juno', so I can't help there. Perhaps
others will have further advice.

-Modulok-

On 9/22/09, gs_stol...@juno.com gs_stol...@juno.com wrote:
I have a copy of Greg Lehey's online book about FreeBSD, but
I believe it is from February 2006. Is there a later copy, and if so, where
can I find a copy (URL please)? I searched my copy for the word internet
and couldn't find it. I did access the internet with a take-off copy of
FreeBSD, but I don't have access to it any more. Can I access the internet
with a currently gettable copy of FreeBSD, and if so, for what versions is
that true (my personal version is old, but it works well so I never
upgraded)? Since I get my mail via juno , can I access them nicely from
FreeBSD or do I need something to interface to it and present me with my
mailbox, listing the items in it and telling me the usual stuff about
envelop mail (sender, subject, when received)?

$5,000 a Week For Life
Publishers Clearing House winner annouced on NBC. Enter now.
http://thirdpartyoffers.juno.com/TGL2141/c?cp=NJLnQx9Yu8C9A0FjGKLJHAAAJ1CMuunOdcztR0sdySRQWupwAAQFAArXIzwACQGZAA==
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

/sys/modules/mii/nsgphy.c compilation errors

2009-09-22 Thread Scott Bennett

 An update committed since Friday appears to have broken mii/nsgphy.c
in the kernel.  When I try to build a kernel now, I get the following errors
during the compilations of mii/nsgphy.c.

/usr/src/sys/modules/mii/../../dev/mii/nsgphy.c:104: error: 
'MII_MODEL_NATSEMI_DP83865' undeclared here (not in a function)
/usr/src/sys/modules/mii/../../dev/mii/nsgphy.c:104: error: 
'MII_STR_NATSEMI_DP83865' undeclared here (not in a function)
*** Error code 1
1 error
*** Error code 2
1 error
*** Error code 2
1 error

 Having run cvsup just a few minutes ago and then having tried again to
build a kernel, I see that the errors persist.  Is this something that someone
is already fixing?  Or should I try to submit a PR?


  Scott Bennett, Comm. ASMELG, CFIAG
**
* Internet:   bennett at cs.niu.edu  *
**
* A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army.   *
*-- Gov. John Hancock, New York Journal, 28 January 1790 *
**
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: internet access from FreeBSD

2009-09-22 Thread Neal Hogan

On Tue, Sep 22, 2009 at 3:32 AM, gs_stol...@juno.com
gs_stol...@juno.com wrote:
             I have a copy of Greg Lehey's online book about FreeBSD, but I 
 believe it is from February 2006.  Is there a later copy, and if so, where 
 can I find a copy (URL please)?  I searched my copy for the word internet 
 and couldn't find it.  I did access the internet with a take-off copy of 
 FreeBSD, but I don't have access to it any more.  Can I access the internet 
 with a currently gettable copy of FreeBSD, and if so, for what versions is 
 that true (my personal version is old, but it works well so I never 
 upgraded)?  Since I get my mail via  juno , can I access them nicely from 
 FreeBSD or do I need something to interface to it and present me with my 
 mailbox, listing the items in it and telling me the usual stuff about 
 envelop mail (sender, subject, when received)?

It's a bit unclear what you're asking, but it sounds like you want
help regarding more recent versions of freeBSD and their capabilities.
Have you looked at www.freebsd.org and the documentation there?

I'm not sure what a book about freeBSD would have that the official
documentaioin wouldn't.


 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Is this a kernel memory leak or a process memory leak?

2009-09-22 Thread Giorgos Keramidas

On Tue, 22 Sep 2009 04:43:57 -0600, Modulok modu...@gmail.com wrote:
 Maybe I'm just not that bright, but I have a question regarding the following:

 man 3 getenv
 snip
 Successive calls to setenv() or putenv() assigning a differently sized
 value to the same name will result in a memory leak.  The FreeBSD seman-
 tics for these functions (namely, that the contents of value are copied
 and that old values remain accessible indefinitely) make this bug
 unavoidable.  Future versions may eliminate one or both of these semantic
 guarantees in order to fix the bug.
 /snip

 This is a memory leak within the process which calls sentenv() or
 putenv(), not a memory leak in the kernel, right?

Yes, it's a userland leak.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Announcing: FreeBSD 8.0-RC1 Custom XFCE build available

2009-09-22 Thread Manolis Kiagias

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hey all,

For everyone who has been following my little project here:

http://freebsd-custom.wikidot.com

I am now pleased to announce the immediate availability of an 8.0-RC1
based XFCE custom DVD iso (i386 only).

Here are the direct download links:

http://freebsd.dev-urandom.com/iso/i386/xfce-desktop/FreeBSD_8.0-RC1-XFCE-22092009.iso

Checksum and signature files:

http://freebsd.dev-urandom.com/iso/i386/xfce-desktop/FreeBSD_8.0-RC1-XFCE-22092009.iso.CHECKSUM.MD5
http://freebsd.dev-urandom.com/iso/i386/xfce-desktop/FreeBSD_8.0-RC1-XFCE-22092009.iso.CHECKSUM.SHA256
http://freebsd.dev-urandom.com/iso/i386/xfce-desktop/FreeBSD_8.0-RC1-XFCE-22092009.iso.asc

Please note this is a test build of pre-release software, so treat
accordingly.  It has only been tested in VMWare so far, but I am about
to install as my main desktop soon as first tests were promising.

Make sure to read the README file:

http://freebsd.dev-urandom.com/iso/i386/xfce-desktop/README-8.TXT

as it contains important information on installation.

Note this release includes the latest openoffice 3.1.1 as well as
abiword / gnumeric for those who prefer them. Gnash has been dropped
(linux flash plugin works very well now) and avant-window-navigator is
also included (but is untested). Latest versions of well known
packages (gimp, inkscape, evince, firefox35 etc) are included as well.

As always, please report any problems, success stories, comments and
criticisms to mano...@freebsd.org

Thanks and happy FreeBSDing!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkq4um8ACgkQZ/MxGm4PtJR6CACeJO1PlVUOhutRFFPG5qduH1bE
As0AnR+CMYiMP0fhyPEwFgTDjhtVnoKP
=AcpI
-END PGP SIGNATURE-

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

LDAP server gone - impossible to login locally!

2009-09-22 Thread O. Hartmann


Hello,

I run into trouble with FreeBSD and LDAP on a regular basis!

Sometimes it is necessary to log in onto a bunch of servers with no LDAP 
service responding, due to service, crash, eletrically disconnetion, 
whatever. The problem is: I can't.
Using all prerequisits from ports (pam_ldap/nss_ldap/ldap as most 
recent) my /etc/nsswitch.conf looks like this as it has been the most 
reasonable (and only working!) solution for the past 2 years:


passwd: ldap [unavail=continue notfound=continue] files [success=return 
notfound=return]


The same for group. Intention is to have root- or wheel-group access of 
local managed service users without timeouts due to irresponsible LDAP 
servers. But it does not work!
If the LDAP service is not available, FreeBSD 8.0/AMD64-RC1 (most recent 
source/build) does nothing for approx. 120 seconds and sometimes much 
longer when trying to login as root from console. In some cases, the 
same box under the very same conditions refuses login due to a timeout, 
very strange.


After a couple of time and lots of questiosn, the above showed 
nsswitch.conf entries were evaluated as those which should work, but 
exchanging 'ldap' and 'files' results in a never-can-login-situation, 
when LDAP isn't responsible.


Is there a way to shorten the timeouts and if yes, where to look for? 2 
minutes for a login within services sessions is too much, a waste of 
time. Our network is very fast, so 30 seconds should be enough ...


Any help appreciated.

Thanks,

Oliver

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Microsoft Dynamic DNS

2009-09-22 Thread Mark Willson


stan wrote:

I have a situation at work, where I need  a FreeBSD machine to be in the
corporate DNS. We have been bought out, and the new owner says no static
DNS entries. They use some Microsoft technogly where the client machiens
register thier names with the corprate DNS.

My Windows laptop for instance, may get different IP addresses using DHCP
depending on what physical location I connect it in. but it's always the
same DNS name.

Can anyone sugest where to look for information as to how this works, and
how I cna make my FreeBSD machine participate in this?




Stan,

You may also have to set the option dhcp-client-identifier in the 
/etc/dhclient.conf file. The value should be the MAC address of the 
interface you are requesting the DHCP address on. I think this is 
something that the Microsoft DHCP server expects.


E.g.

interface ep0 {
   send host-name andare.fugue.com;
   send dhcp-client-identifier 1:0:a0:24:ab:fb:9c;
}

-mark

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

FreeBSD 6.3 installation hacked

2009-09-22 Thread Aflatoon Aflatooni

My server installation of FreeBSD 6.3 is hacked and I am trying to find out how 
they managed to get into my Apache 2.0.61. 

This is what I see in my http error log:

[Mon Sep 21 02:00:01 2009] [notice] caught SIGTERM, shutting down
[Mon Sep 21 02:00:14 2009] [notice] Apache/2.0.61 (FreeBSD) PHP/5.2.5 
mod_jk/1.2.25 configured -- resuming normal operations
wget: not found
Can't open perl script /tmp/shit.pl: No such file or directory
wget: not found
Can't open perl script zuo.txt: No such file or directory
curl: not found
Can't open perl script zuo.txt: No such file or directory
lwp-download: not found
Can't open perl script zuo.txt: No such file or directory
lynx: not found
Can't open perl script zuo.txt: No such file or directory
zuo.txt 11 kB   56 kBps
wget: not found
Can't open perl script /tmp/shit.pl: No such file or directory
wget: not found
Can't open perl script zuo.txt: No such file or directory
curl: not found
Can't open perl script zuo.txt: No such file or directory
lwp-download: not found
Can't open perl script zuo.txt: No such file or directory
lynx: not found
Can't open perl script zuo.txt: No such file or directory
zuo.txt 11 kB  107 kBps
Died at zuo.txt line 20.
GET: not found
Can't open perl script zuo.txt: No such file or directory
wget: not found
Can't open perl script zuo.txt: No such file or directory
curl: not found
Can't open perl script zuo.txt: No such file or directory
lwp-download: not found
Can't open perl script zuo.txt: No such file or directory
lynx: not found
Can't open perl script zuo.txt: No such file or directory
zuo.txt 11 kB  108 kBps
Died at zuo.txt line 20.



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: FreeBSD 6.3 installation hacked

2009-09-22 Thread Leandro Quibem Magnabosco


Aflatoon Aflatooni escreveu:
My server installation of FreeBSD 6.3 is hacked and I am trying to find out how they managed to get into my Apache 2.0.61. 


This is what I see in my http error log:

[Mon Sep 21 02:00:01 2009] [notice] caught SIGTERM, shutting down
[Mon Sep 21 02:00:14 2009] [notice] Apache/2.0.61 (FreeBSD) PHP/5.2.5 
mod_jk/1.2.25 configured -- resuming normal operations
wget: not found
Can't open perl script /tmp/shit.pl: No such file or directory
wget: not found
Can't open perl script zuo.txt: No such file or directory
curl: not found
Can't open perl script zuo.txt: No such file or directory
lwp-download: not found
Can't open perl script zuo.txt: No such file or directory
lynx: not found
Can't open perl script zuo.txt: No such file or directory
zuo.txt 11 kB   56 kBps
...


It does not look they entered using any apache bug.
Probably you had a world writable directory and they managed to access 
it by ftp (or any other way) and sent a file containing commands to it.
Once it is there, they've 'called' the file using apache to execute 
whatever was in there (probably binding a shell to some port) in order 
to get access to the box.


--
Leandro Quibem Magnabosco.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: FreeBSD 6.3 installation hacked

2009-09-22 Thread Brian Seklecki

On Tue, 2009-09-22 at 05:01 -0700, Aflatoon Aflatooni wrote:
 My server installation of FreeBSD 6.3 is hacked and I am trying to find out 
 how they managed to get into my Apache 2.0.61. 
 
 This is what I see in my http error log:
 
 [Mon Sep 21 02:00:01 2009] [notice] caught SIGTERM, shutting down
 [M

According to Apache.org, there were vulns in 2.0.6x before 2.0.63.
However, when you do your forensic analysis, you'll want to focus on
code installed on your webserver that runs with the posix user 'www''s
permissions.
 
  ~BAS




This mail was sent via Mail-SeCure System.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: FreeBSD 6.3 installation hacked

2009-09-22 Thread Aflatoon Aflatooni

I found a script in /tmp directory which could have been uploaded using php or 
Java.
How would they execute the code in /tmp directory? I couldn't figure it out.

Thanks




- Original Message 
From: Leandro Quibem Magnabosco leandro.magnabo...@fcdl-sc.org.br
To: Aflatoon Aflatooni aaflato...@yahoo.com
Cc: freebsd-questions@freebsd.org
Sent: Tuesday, September 22, 2009 8:51:05 AM
Subject: Re: FreeBSD 6.3 installation hacked

Aflatoon Aflatooni escreveu:
 My server installation of FreeBSD 6.3 is hacked and I am trying to find out 
 how they managed to get into my Apache 2.0.61. 
 This is what I see in my http error log:
 
 [Mon Sep 21 02:00:01 2009] [notice] caught SIGTERM, shutting down
 [Mon Sep 21 02:00:14 2009] [notice] Apache/2.0.61 (FreeBSD) PHP/5.2.5 
 mod_jk/1.2.25 configured -- resuming normal operations
 wget: not found
 Can't open perl script /tmp/shit.pl: No such file or directory
 wget: not found
 Can't open perl script zuo.txt: No such file or directory
 curl: not found
 Can't open perl script zuo.txt: No such file or directory
 lwp-download: not found
 Can't open perl script zuo.txt: No such file or directory
 lynx: not found
 Can't open perl script zuo.txt: No such file or directory
 zuo.txt                                                11 kB  56 kBps
 ...

It does not look they entered using any apache bug.
Probably you had a world writable directory and they managed to access it by 
ftp (or any other way) and sent a file containing commands to it.
Once it is there, they've 'called' the file using apache to execute whatever 
was in there (probably binding a shell to some port) in order to get access to 
the box.

--
Leandro Quibem Magnabosco.




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: FreeBSD 6.3 installation hacked

2009-09-22 Thread Leandro Quibem Magnabosco


Aflatoon Aflatooni escreveu:

I found a script in /tmp directory which could have been uploaded using php or 
Java.
How would they execute the code in /tmp directory?

Thanks
  

You can execute files from scripts or from apache itself when they are 
scripts.
There are several programming/scripting languages that are accessible by 
web and those are the ones that an intruder will have to use to exploit 
some scenario like yours.


Take some time to read this doc:
http://www.dataloss.net/papers/how.defaced.apache.org.txt

It is pretty interesting as, unfortunately,  it suits the same scenario 
you, unintentionally, created for the hackers.



Cheers,
--
Leandro Quibem Magnabosco.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: LDAP server gone - impossible to login locally!

2009-09-22 Thread Daniel O'Connor

On Tue, 22 Sep 2009, O. Hartmann wrote:
 I run into trouble with FreeBSD and LDAP on a regular basis!

 Sometimes it is necessary to log in onto a bunch of servers with no
 LDAP service responding, due to service, crash, eletrically
 disconnetion, whatever. The problem is: I can't.
 Using all prerequisits from ports (pam_ldap/nss_ldap/ldap as most
 recent) my /etc/nsswitch.conf looks like this as it has been the most
 reasonable (and only working!) solution for the past 2 years:

 passwd: ldap [unavail=continue notfound=continue] files
 [success=return notfound=return]

I just have
passwd: cache files ldap
group: cache files ldap

and I can login as root locally without any delay.

That said my LDAP server is on the same machine so perhaps it fails 
faster. I am using uri ldapi://%2fvar%2frun%2fopenldap%2fldapi/ to 
connect to.

-- 
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
The nice thing about standards is that there
are so many of them to choose from.
  -- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C


signature.asc
Description: This is a digitally signed message part.

Re: LDAP server gone - impossible to login locally!

2009-09-22 Thread John Marshall

On Tue, 22 Sep 2009, 11:53 +, O. Hartmann wrote:
 Hello,
 
 I run into trouble with FreeBSD and LDAP on a regular basis!
 
 Sometimes it is necessary to log in onto a bunch of servers with no LDAP 
 service responding, due to service, crash, eletrically disconnetion, 
 whatever. The problem is: I can't.
 Using all prerequisits from ports (pam_ldap/nss_ldap/ldap as most 
 recent) my /etc/nsswitch.conf looks like this as it has been the most 
 reasonable (and only working!) solution for the past 2 years:
 
 passwd: ldap [unavail=continue notfound=continue] files [success=return 
 notfound=return]
 
 The same for group. Intention is to have root- or wheel-group access of 
 local managed service users without timeouts due to irresponsible LDAP 
 servers. But it does not work!
 If the LDAP service is not available, FreeBSD 8.0/AMD64-RC1 (most recent 
 source/build) does nothing for approx. 120 seconds and sometimes much 
 longer when trying to login as root from console. In some cases, the 
 same box under the very same conditions refuses login due to a timeout, 
 very strange.
 
 After a couple of time and lots of questiosn, the above showed 
 nsswitch.conf entries were evaluated as those which should work, but 
 exchanging 'ldap' and 'files' results in a never-can-login-situation, 
 when LDAP isn't responsible.
 
 Is there a way to shorten the timeouts and if yes, where to look for? 2 
 minutes for a login within services sessions is too much, a waste of 
 time. Our network is very fast, so 30 seconds should be enough ...

I've only recently started playing with LDAP but it sounds to me like
you probably have one of the 'hard' options set for the reconnect policy
in your nss_ldap.conf file.  I use 'bind_policy soft' so that if the
LDAP server isn't available we fail over to the next nsswitch service
immediately.

I don't think further discussion of this thread belongs on the
freebsd-current list.

Hope this helps.

-- 
John Marshall


pgpEO2ABkokeG.pgp
Description: PGP signature

Re: gtar-1.22_1, lzmautils-4.32.7 and xz-4.999.9

2009-09-22 Thread Maks Verver


Pieter Donche wrote:

===  xz-4.999.9 conflicts with installed package(s):
  lzmautils-4.32.7


The XZ utils are intended to replace the LZMA utils, so the xz port was 
added and the lzmautils port removed. This is why you got the 
comparison failed message: portversion wasn't able to compare port 
versions because the port doesn't exist anymore.


Apparently, portupgrade isn't able to handle package moves 
automatically, so you'll have to deinstall lzmautils manually, and then 
let gtar pull in the xz ports.


Kind regards,
Maks Verver.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: gtar-1.22_1, lzmautils-4.32.7 and xz-4.999.9

2009-09-22 Thread Greg Larkin

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Maks Verver wrote:
 Pieter Donche wrote:
 ===  xz-4.999.9 conflicts with installed package(s):
   lzmautils-4.32.7
 
 The XZ utils are intended to replace the LZMA utils, so the xz port was
 added and the lzmautils port removed. This is why you got the
 comparison failed message: portversion wasn't able to compare port
 versions because the port doesn't exist anymore.
 
 Apparently, portupgrade isn't able to handle package moves
 automatically, so you'll have to deinstall lzmautils manually, and then
 let gtar pull in the xz ports.
 
 Kind regards,
 Maks Verver.
 

Portupgrade can handle the package move with a little extra help from an
entry in /usr/ports/UPDATING and the correct command argument (-o
ORIGIN).  For instance, see this entry in the file:

20090802:
  AFFECTS: users of devel/libtool15 and devel/libltdl15
...
  portupgrade -o devel/libtool22 libtool-1.5\*
  portupgrade -o devel/libltdl22 libltdl-1.5\*
...

The committer hasn't added an entry to UPDATING yet, but it's a good
idea in this situation.

Best regards,
Greg
- --
Greg Larkin

http://www.FreeBSD.org/   - The Power To Serve
http://www.sourcehosting.net/ - Ready. Set. Code.
http://twitter.com/sourcehosting/ - Follow me, follow you
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFKuN670sRouByUApARAuZvAJ9BGTDRrUsdXFv26XfF89ocPWzDgACgpcSr
JrAtJ+fNMHfnJbUVIm7rje4=
=5j7K
-END PGP SIGNATURE-

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Help configuring sendmail to send only using authorization to smart host

2009-09-22 Thread Phusion

On Fri, Sep 18, 2009 at 2:32 PM, Mark Willson cdr@gmail.com wrote:
 Phusion wrote:

 I need some help configuring sendmail to send only using authorization
 to a smart host being the ISP's mail server. I'm running 7.2-RELEASE.
 I've looked over
 http://www.freebsd.org/doc/en/books/handbook/outgoing-only.html but
 want to use the built-in sendmail. I've run the following command:
 sendmail -d0.1 -bv, but SASL isn't included. Also, I would rather uses
 packages. Please advise.

 Phusion,

 I originally replied via Google, but it doesn't seem to have hit the list,
 so here's a repeat.  Apologies for the repetition, if it occurs.

 This link might provide useful information:
 http://www.hydrus.org.uk/journal/smtp-client-auth.html

 -mark

 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


I recompiled sendmail and now get the following when running sendmail -d0.1 -bv.


Version 8.14.3
 Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING SASLv2
SCANF STARTTLS TCPWRAPPERS USERDB XDEBUG

 SYSTEM IDENTITY (after readcf) 
  (short domain name) $w = server
  (canonical domain name) $j = server.domain.com
 (subdomain name) $m = domain.com
  (node name) $k = server.domain.com


Recipient names must be specified


I now have added the following to sendmail.mc.

FEATURE(masquerade_envelope)
FEATURE(genericstable, `hash -o /etc/mail/genericstable')
GENERICS_DOMAIN_FILE(`/etc/mail/generics-domains')
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS',`LOGIN PLAIN')dnl
FEATURE(authinfo, `hash -o /etc/mail/auth/authinfo')
define(`SMART_HOST', `mail.test.com')
define(`confCW_FILE', `-o /etc/mail/local-host-names')
dnl DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')

I created /etc/mail/auth/authinfo and then did the makemaps to create
the hashd .db file. When trying to email outbound, I still get the
same error in the logs.

...relay=mail.test.com. [public_IP_address], dsn=5.6.0, stat=Data format error

The /etc/mail/auth/authinfo file looks like the following.


AuthInfo:mail.test.com U:usern...@isp.com P:password


I am using the mail server of the local ISP I use. It doesn't appear
that it even checks for authentication. Please advise.

Phusion
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

network freebsd computers

2009-09-22 Thread Carmel NY

Most of my networking experience is based on a Windows. Networking two
or more PCs together in a Window's environment is easy. Unfortunately,
I am not getting anywhere accomplishing the same with multiple FreeBSD
machines. I can get them networked with Window's machines; however, not
with each other.

Where can I find a go How-To on how to accomplish this?
-- 
Carmel
car...@hotmail.com

It is common sense to take a method and try it. If it fails, admit it
frankly and try another. But above all, try something.

Franklin D. Roosevelt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

77 matches

Mail list logo