Re: Linux friendly wireless print servers?
On 6/22/05, Tom Wittbrodt [EMAIL PROTECTED] wrote: Would anybody have any recommendations for wireless print servers? (I realize that the scanning and faxing options most likely can't be accessed via a printer server and I'm okay with that). Something which supports 2 USB printers would be great but a device supporting a single USB printer would also be acceptable. D-Link DP-G310 Only one printer, but works out of box with SuSE 9.* Allows multiple computers to share one printer wirelessly. http://www.dlink.com/products/?pid=313 md -- Jon maddog Hall Executive Director Linux International(R) email: [EMAIL PROTECTED] 80 Amherst St. Voice: +1.603.672.4557 Amherst, N.H. 03031-3032 U.S.A. WWW: http://www.li.org Board Member: Uniforum Association, USENIX Association (R)Linux is a registered trademark of Linus Torvalds in several countries. (R)Linux International is a registered trademark in the USA used pursuant to a license from Linux Mark Institute, authorized licensor of Linus Torvalds, owner of the Linux trademark on a worldwide basis (R)UNIX is a registered trademark of The Open Group in the USA and other countries. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Save Money on Software With Open Source
Save Money on Software With Open Source Software costing too much? Don't keep paying - switch to open source instead. This symposium will cover detailed ways you can save money with open source, such as: -- How to save hundreds on an word processor and spreadsheet -- Why Adobe faces some stiff competition, and how it saves you big -- How to switch to an open source database server that costs thousands less -- Learn how to avoid paying the Microsoft Tax - legally. -- Discover how you can make PDFs without paying for Distiller. The event is free of charge, and starts at 7:00, June 30th. It'll be held at the New Hampshire Technical Institute, in the Farnum building, room F106. Take it easy, and I'll look forward to seeing you there, -- David Berube Berube Consulting [EMAIL PROTECTED] (603)-485-9622 http://www.berubeconsulting.com/ ___ gnhlug-announce mailing list gnhlug-announce@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-announce ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Is a signon to an SSL site from an http:// page secure?
I always thought that you needed to be using an https:// page before sending user names and passwords to log in. My credit union claims this isn't true, and that since clicking the signon button takes you to an SSL page, the information typed in is transmitted securely. I have my doubts. Here's a portion of their claim, from the front page of http://www.navyfcu.org. I'd welcome opinions. Your experience online is very important to Navy Federal, and the Account Access Sign On is conveniently located on our Navy Federal home page. However, you may have recognized that, when you are on the home page, the familiar security symbols do not appear in your browser to symbolize that the page is secure. In fact, the home page itself is informational and not encrypted. Therefore it does not display the familiar “Lock” symbol in the bottom right–hand corner, nor does the address line begin with https. However, it is “safe” to enter your sign-on information from the home page. Your Access Number, User ID and Password are not transmitted until you click the “Sign On” button. After you click the “Sign On” button, a secure, encrypted connection is established between your personal computer’s browser and our Navy Federal systems, using Secure Socket Layers (SSL). After you click “Sign On”, you can validate that SSL is being used by seeing that “https” is displayed at the beginning of the data in your browser’s address line. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
X crash
Ok, this is really just wierd. I'm running the newest Mandriva 2005LE: Linux 2.6.11-6mdk #1 Tue Mar 22 16:04:32 CET 2005 i686 Intel(R) Pentium(R) 4 CPU 1.80GHz unknown GNU/Linux Running x.org version 6.8.2-7.1.102mdkv standard install from RPM. I start up Mozilla (Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050511, standard install from mozilla.org) Now in the course of my day, I decide to report a spam to spamcop. The spam had come in to an RT system and I show full headers then copy the email and paste it into the spamcop page and click Process Spam. So far so good. Now the details page finally loads and I scroll down to click the submit button and. Screen flashes. Quick flash of about half a dozen chars of garbage in text mode... Blinky. mdkkdm (the desktop manager) now pops up and I get the usual login prompt. Everything I was running is terminated and I get a fresh login. Perplexed, I look to the logs. Nothing useful. At all. Any ideas what's going on here? I can't even tell if this is Mozilla, X.org, some library, the kernel, the display driver, or what. BUT This *IS* repeatable. I now need to find a page that I can send *others* to so they can try and reproduce it. Help B (log snippets below) /var/log/syslog--- [nothing abnormal, last entry before this was about a minute previous.] Jun 23 13:35:50 localhost udev[30041]: removing device node '/dev/vcs7' Jun 23 13:35:50 localhost udev[30042]: removing device node '/dev/vcsa7' Jun 23 13:35:50 localhost mdkkdm[5119]: X server for display :0 terminated unexp ectedly Jun 23 13:35:50 localhost gconfd (bchabot-29933): Received signal 15, shutting d own cleanly Jun 23 13:35:50 localhost gconfd (bchabot-29933): Exiting Jun 23 13:35:50 localhost udev[30061]: configured rule in '/etc/udev/rules.d/50- mdk.rules[197]' applied, added symlink 'vcc/%n' Jun 23 13:35:50 localhost udev[30061]: creating device node '/dev/vcs7' Jun 23 13:35:50 localhost pam_console.dev[30069]: Restoring console permissions for /dev/vcs7 /dev/vcc/7 Jun 23 13:35:50 localhost udev[30066]: configured rule in '/etc/udev/rules.d/50- mdk.rules[199]' applied, added symlink 'vcc/a%n' Jun 23 13:35:50 localhost udev[30066]: creating device node '/dev/vcsa7' Jun 23 13:35:50 localhost pam_console.dev[30077]: Restoring console permissions for /dev/vcsa7 /dev/vcc/a7 --- (note that /var/log/messages has identical entries.) /var/log/Xorg.0.log- *** If unresolved symbols were reported above, they might not *** be the reason for the server aborting. Fatal server error: Caught signal 11. Server aborting Please consult the The X.Org Foundation support at http://wiki.X.Org for help. Please also check the log file at /var/log/Xorg.0.log for additional informati on. (Note entry in /var/log/mdkkdm is identical to the above.) ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Is a signon to an SSL site from an http:// page secure?
That's just as secure. The HTTPS in your location bar means the page you're on is secure. In the case of the site you gave, the form itself is submitting to an HTTPS page, so that data is sent with a request to a secure server, after that new secure connection is established. It's usually more satisfying for people if they can already see the lock icon in their browser when typing it in, but it really doesn't have much to do with it. -N I always thought that you needed to be using an https:// page before sending user names and passwords to log in. My credit union claims this isn't true, and that since clicking the signon button takes you to an SSL page, the information typed in is transmitted securely. I have my doubts. Here's a portion of their claim, from the front page of http://www.navyfcu.org. I'd welcome opinions. Your experience online is very important to Navy Federal, and the Account Access Sign On is conveniently located on our Navy Federal home page. However, you may have recognized that, when you are on the home page, the familiar security symbols do not appear in your browser to symbolize that the page is secure. In fact, the home page itself is informational and not encrypted. Therefore it does not display the familiar Lock symbol in the bottom righthand corner, nor does the address line begin with https. However, it is safe to enter your sign-on information from the home page. Your Access Number, User ID and Password are not transmitted until you click the Sign On button. After you click the Sign On button, a secure, encrypted connection is established between your personal computers browser and our Navy Federal systems, using Secure Socket Layers (SSL). After you click Sign On, you can validate that SSL is being used by seeing that https is displayed at the beginning of the data in your browsers address line. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Is a signon to an SSL site from an http:// page secure?
Ted Roche wrote: I always thought that you needed to be using an https:// page before sending user names and passwords to log in. My credit union claims this isn't true, and that since clicking the signon button takes you to an SSL page, the information typed in is transmitted securely. I have my doubts. Here's a portion of their claim, from the front page of http://www.navyfcu.org. I'd welcome opinions. ... Their login form is within a 'form name=logon method=post action=https://myaccounts.navyfcu.org/cgi-bin/ifsewwwc?Logon; ...'. Since they are POSTing to an HTTPS site, then the password will go over a SSL connection. --Bruce ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: X crash
Brian Chabot wrote: I now need to find a page that I can send *others* to so they can try and reproduce it. Got it. I copied the report to: http://iarwain.mortis.org/bad.html and sanitized it a bit. Going there *INSTANTLY* crashes X if I use Mozilla. Reproducable ALL the time. Going there in Konqueror is fine. Now, I had an idea. Logged in. CTRL-ALT-F1 and log in there as same user. Set the $DISPLAY to the X server. Start Mozilla from the text prompt. Switch to X Crash X Switch back to text and look for errors. ...and I got one: Gdk-ERROR **: Fatal IO error 104 (Connection reset by peer) on X server :0.0. Now... this should be a *result* of the server dying, right? IIRC, a 104 error is can't connect ot X Useless. Help Yeah... What I said B ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Is a signon to an SSL site from an http:// page secure?
On Thu, 2005-06-23 at 13:41 -0400, Ted Roche wrote: I always thought that you needed to be using an https:// page before sending user names and passwords to log in. My credit union claims this isn't true, and that since clicking the signon button takes you to an SSL page, the information typed in is transmitted securely. I have my doubts. Here's a portion of their claim, from the front page of http://www.navyfcu.org. I'd welcome opinions. Your experience online is very important to Navy Federal, and the Account Access Sign On is conveniently located on our Navy Federal home page. However, you may have recognized that, when you are on the home page, the familiar security symbols do not appear in your browser to symbolize that the page is secure. In fact, the home page itself is informational and not encrypted. Therefore it does not display the familiar “Lock” symbol in the bottom right–hand corner, nor does the address line begin with https. However, it is “safe” to enter your sign-on information from the home page. Your Access Number, User ID and Password are not transmitted until you click the “Sign On” button. After you click the “Sign On” button, a secure, encrypted connection is established between your personal computer’s browser and our Navy Federal systems, using Secure Socket Layers (SSL). After you click “Sign On”, you can validate that SSL is being used by seeing that “https” is displayed at the beginning of the data in your browser’s address line. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss -- /lurk mode This is correct. The form will call another URL (probably POST). Check the page source and lookk for the form's script URL - it probably begins with https:// lurk mode Frank DiPrete [EMAIL PROTECTED] ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Is a signon to an SSL site from an http:// page secure?
On Jun 23 at 1:41pm, Ted Roche wrote: I always thought that you needed to be using an https:// page before sending user names and passwords to log in. My credit union claims this isn't true, and that since clicking the signon button takes you to an SSL page, the information typed in is transmitted securely. Everybody's comments about the form's submit method are accurate as far as they go. If the information in the form is submitted via an HTTPS URL, then you get SSL protection for the data submitted via said form. That will provide protection against attackers sniffing your data. In other words, this is providing /confidentiality/. There are other threats, however. In particular, if the HTML form itself was sent via HTTP, you lack /authenticity/. Maybe bad guys are intercepting the connection and feeding you a fake form that just *looks* like the real thing. This is a lot easier with cleartext HTTP. With SSL, you can always click the little key/lock and check the certificate. There's a fairly high level of confidence associated with that. (Well, in theory, anyway. VeriSign frell-ups notwithstanding.) For example, if I'm making a Paypal payment, you can bet I carefully check the certificate before punching in my password, to make sure I'm using the real Paypal system. I couldn't do that if only the form submission was SSL'ed. Of course, there's also Gene spaf Spafford's apt observation: Using encryption on the Internet is the equivalent of arranging an armored car to deliver credit card information from someone living in a cardboard box to someone living on a park bench. If you've been watching the IT security news these past few months, you'll have noticed that most organizations spend more effort on buying paperclips then protecting customer data. -- Ben [EMAIL PROTECTED] ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Is a signon to an SSL site from an http:// page secure?
Ted Roche [EMAIL PROTECTED] writes: I always thought that you needed to be using an https:// page before sending user names and passwords to log in. My credit union claims this isn't true, and that since clicking the signon button takes you to an SSL page, the information typed in is transmitted securely. I have my doubts. Here's a portion of their claim, from the front page of http://www.navyfcu.org. I'd welcome opinions. As others have noted, the page you type your information into is not necessarilly where you end up sending the information by clicking submit. Also as noted by others, you can discover this by looking at the source for the web page you're viewing. However, it's rather easy to miss this information, and if you're ever in doubt, the best way to determine what's getting passed to a remote system is to watch what passes over the wire. To do this, fire up tcpdump or, if GUIs are your thing, use 'ethereal'[1]. Using tcpdump you can quickly see traffic going to an SSL-secured website with something like this: tcpdump -i en1 port https This won't tell you more than that you've connected to a secure site and are passing some traffic. tcpdump -i en1 -qe -vvv -ls 400 port https This will show you a lot more... and this: tcpdump -i en1 -qexX -vvv -ls 400 port https might even show you something interesting :) The latter, if you remove the last s, and just scan for http, then you'll be able to see all the HTTP gets your browser is requesting from the remote server. For example, in the following packet, you can clearly see a GET for an image, and the client informing the server what browser I'm using, among other things: 21:52:52.564502 00:03:93:ee:39:3c 00:09:5b:6b:74:8e, IPv4, length 633: IP (tos 0x0, ttl 64, id 28269, offset 0, flags [DF], length: 619) 192.168.10.6.50153 mobile9.com.http: tcp 579 0x: 0009 5b6b 748e 0003 93ee 393c 0800 4500 ..[kt.9..E. 0x0010: 026b 6e6d 4000 4006 70aa c0a8 0a06 4313 [EMAIL PROTECTED]@.p.C. 0x0020: 4bb4 c3e9 0050 0f4e bb70 ea99 a8b9 5018 KP.N.pP. 0x0030: 688e 4745 5420 2f69 6d61 6765 ..h...GET./image 0x0040: 732f 666f 6f74 6572 626f 7474 6f6d 5f30 s/footerbottom_0 0x0050: 332e 6769 6620 4854 5450 2f31 2e31 0d0a 3.gif.HTTP/1.1.. 0x0060: 486f 7374 3a20 772e 7765 6268 6f73 Host:.www.webhos 0x0070: 7469 6e67 6465 762e 636f 6d0d 0a55 7365 tingdev.com..Use 0x0080: 722d 4167 656e 743a 204d 6f7a 696c 6c61 r-Agent:.Mozilla 0x0090: 2f35 2e30 2028 4d61 6369 6e74 6f73 683b /5.0.(Macintosh; 0x00a0: 2055 3b20 5050 4320 4d61 6320 4f53 2058 .U;.PPC.Mac.OS.X 0x00b0: 204d 6163 682d 4f3b 2065 6e2d 5553 3b20 .Mach-O;.en-US;. 0x00c0: 7276 3a31 2e37 2e35 2920 4765 636b 6f2f rv:1.7.5).Gecko/ 0x00d0: 3230 3034 3131 3037 2046 6972 6566 6f78 20041107.Firefox 0x00e0: 2f31 2e30 0d0a 4163 6365 7074 3a20 696d /1.0..Accept:.im 0x00f0: 6167 652f 706e 672c 2a2f 2a3b 713d 302e age/png,*/*;q=0. 0x0100: 350d 0a41 6363 6570 742d 4c61 6e67 7561 5..Accept-Langua 0x0110: 6765 3a20 656e 2d75 732c 656e 3b71 3d30 ge:.en-us,en;q=0 0x0120: 2e35 0d0a 4163 6365 7074 2d45 6e63 6f64 .5..Accept-Encod 0x0130: 696e 673a 2067 7a69 702c 6465 666c 6174 ing:.gzip,deflat 0x0140: 650d 0a41 6363 6570 742d 4368 6172 7365 e..Accept-Charse 0x0150: 743a 2049 534f 2d38 3835 392d 312c 7574 t:.ISO-8859-1,ut 0x0160: 662d 383b 713d 302e 372c 2a3b 713d 302e f-8;q=0.7,*;q=0. 0x0170: 370d 0a4b 6565 702d 416c 6976 653a 2033 7..Keep-Alive:.3 0x0180: 3030 0d0a 436f 6e6e 6563 7469 6f6e 3a20 00..Connection:. Obviously, if you're connecting to an SSL-enabled system, then everything you see will be garbage. Footnote: - [1] It's pronounced e-thereal, NOT ether-real. Ethereal is *actually* a REAL word, not something made up for a piece of software which just happens to work with ether-net. -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Is a signon to an SSL site from an http:// page secure?
On 6/23/05, Paul Lussier [EMAIL PROTECTED] wrote: snip tcpdump -i en1 -qe -vvv -ls 400 port https This will show you a lot more... and this: tcpdump -i en1 -qexX -vvv -ls 400 port https might even show you something interesting :) Most useful for debugging and developing web applications, you can install the 'LiveHTTPHeaders' extension into your browser to view the HTTP Headers while you surf. http://livehttpheaders.mozdev.org/. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Sendmail address resolution problem
I have a guy I'm trying to send mail to. He's at a domain called alginin.org and he's hosting his domain off his cable modem at home using RCN. I too am hosting my domain at home using RCN. We are both running linux. He's using Postfix and I'm running sendmail. If I do a dig I see: 527 dig alginin.org mx ; DiG 9.2.5 alginin.org mx ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 2411 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3 ;; QUESTION SECTION: ;alginin.org. IN MX ;; ANSWER SECTION: alginin.org.64763 IN MX 0 home.alginin.org. ;; AUTHORITY SECTION: alginin.org.64763 IN NS ns1.zoneedit.com. alginin.org.64763 IN NS ns5.zoneedit.com. ;; ADDITIONAL SECTION: home.alginin.org. 64763 IN A 209.6.219.177 ns1.zoneedit.com. 150340 IN A 207.234.248.200 ns5.zoneedit.com. 150340 IN A 65.125.228.92 ;; Query time: 48 msec ;; SERVER: 207.172.3.8#53(207.172.3.8) ;; WHEN: Thu Jun 23 22:23:20 2005 ;; MSG SIZE rcvd: 146 Note that home.alginin.org is resolved to 209.6.219.177 Then if I telnet 209.6.219.177 25 I see that I'm talking to his Postfix server. All is peachy. But my mail fails to deliver via sendmail and the problem seems to be that sendmail is trying to deliver to the wrong address. Jun 23 22:31:37 saturn sendmail[9853]: j5O2UaPX009847: to=[EMAIL PROTECTED], delay=00:01:01, xdelay=00:01:00, mailer=esmtp, pri=230639, relay=home.alginin.org. [209.150.61.19], dsn=4.0.0, stat=Deferred: Connection timed out with home.alginin.org. Note that the 209.150.61.19 is wrong. Why in the Wide World of Sports could this possibly be happening? I am verstumped! And where the hell is this address coming from? Anyone? Please? -- Time flies like the wind. Fruit flies like a banana. Stranger things have .0. happened but none stranger than this. Does your driver's license say Organ ..0 Donor?Black holes are where God divided by zero. Listen to me! We are all- 000 individuals! What if this weren't a hypothetical question? steveo at syslang.net ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
