[ilugd] cool work

[kapil dua]

 
hi all
 
this is specially for the kishore and the crew for desinging  such a fantastic poster
 
hats off to u all 
 
regards,
kapil


-
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
___
ilugd mailinglist -- [EMAIL PROTECTED]
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/[EMAIL PROTECTED]/

[ilugd] [OT] LG-340E reliance/tata indicom phones have on-demand dialling?

[Sandip Bhattacharya]

I have been using the LG-340E reliance FWP for a while. Have others here been 
using it heavy enough? 

I have been observing something very interesting, while using it, and want to 
find out if my observation is right.

One connecting for the first time, teh phone LCD starts displaying the 
connection duration and the upload and download speeds.

However, If I dont use the net for a while, the display goes off, and the 
standard display comes on instead.

If I then start using the net again, there is  a beep and the PPP display 
comes up again.

Both Tata Indicom and Reliance claim in their ads that you can receive calls 
when you are simulteneously using the phone for data (with the rider that 
no data transfer is taking place when the call comes) 

So probably the phone does detect network activity and switches to and fro 
between data and voice mode according to the usage. 

Then this will be great! I get 64kbps+ on the phone, and I can leave it online 
all day  but only if, one thing gets cleared up. Am I charged for the 
time when the phone is not in PPP mode, but the connection is technically 
still there?

- Sandip

-- 
Sandip Bhattacharya   |[EMAIL PROTECTED]
Puroga Technologies Pvt. Ltd. |  http://www.puroga.com
GPG/PGP Fingerprint: 51A4 6C57 4BC6 8C82 6A65 AE78 B1A1 2280 A129 0FF3

Just close your eyes, tap your heels together three times, and think to
yourself, `There's no place like home.'
  -- Glynda the Good

___
ilugd mailinglist -- [EMAIL PROTECTED]
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/[EMAIL PROTECTED]/

Re: [ilugd] LDD2k4 Posters -- final version

[Viksit Gaur]

Damn..

I was in transit for almost 3 days, and hence off the
net. Sorry for not being able to contribute more on
the posters, incase someone's wondering why I made a
draft and forgot about it!

The final poster looks cool.. Hope LDD is a raging
success!

Cheers!

Viksit


=
--
Viksit Gaur   
http://www.viksit.com

me[at]viksit.com
viksit[at]linux-delhi[dot]org

'Not all who wander are lost.' 
  - J.R.R. Tolkien, The Fellowship of the Ring

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

___
ilugd mailinglist -- [EMAIL PROTECTED]
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/[EMAIL PROTECTED]/

[ilugd] [Fwd: ILUG-D: regarding new connection on pc]

[Nishikant Kapoor]

 Original Message 
Message from karan kapoor:
sir/madam
i would like to have new connection on my personal computer.
i m resideing at sector -16 rohini delhi
i wish to hv 24X7 connection at my computer
from u .
pls send full detail or other options
ur early reply will be highly appricated
your faithfully
karan

___
ilugd mailinglist -- [EMAIL PROTECTED]
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/[EMAIL PROTECTED]/

Re: [ilugd] [Fwd: ILUG-D: regarding new connection on pc]

[Sriram J]

 Message from karan kapoor:
 
 sir/madam
 i would like to have new connection on my personal computer.
 i m resideing at sector -16 rohini delhi
 i wish to hv 24X7 connection at my computer
 from u .
 pls send full detail or other options
 ur early reply will be highly appricated
 
 your faithfully
 karan
 

Is this a linux mailing list or a  dust bin where people put all sorts
of meaningless trash.
How lug-d can help this gentleman get a 24  hr internet connection in
rohini is what i want to know.
Will the knowledge that he wants an internet connection  benefit 
people subscribed to this group.

Sriram

___
ilugd mailinglist -- [EMAIL PROTECTED]
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/[EMAIL PROTECTED]/

[ilugd] Mandrake 10 CD

[Gaurav Prasad]

Hi,
   If anybody got mandrake V 10 cd pl ping me...i really need it !!
Regards,
gaurav
___
ilugd mailinglist -- [EMAIL PROTECTED]
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/[EMAIL PROTECTED]/

[ilugd] (fwd) [SECURITY] iDEFENSE Security Advisory 09.15.04: GNU Radius SNMP String Length Integer Overflow Denial of Service Vulnerability

[Raj Mathur]

{please upgrade if you use GNU Radius -- Raju]

This is an RFC 1153 digest.
(1 message)
--

Message-ID: [EMAIL PROTECTED]
From: customer service mailbox [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: iDEFENSE Security Advisory 09.15.04: GNU Radius SNMP String Length Integer 
Overflow Denial of Service Vulnerability
Date: Wed, 15 Sep 2004 16:24:46 -0400

GNU Radius SNMP String Length Integer Overflow Denial of Service
Vulnerability

iDEFENSE Security Advisory 09.15.04
www.idefense.com/application/poi/display?id=141type=vulnerabilities
September 15, 2004

I. BACKGROUND

Radius is used for remote user authentication and accounting.

For more information see:

   http://www.gnu.org/software/radius/radius.html

II. DESCRIPTION

Remote exploitation of an input validation error in version 1.2 of  GNU
radiusd could allow a denial of service.

The vulnerability specifically exists within the asn_decode_string()
function defined in snmplib/asn1.c. When a very large unsigned number is
supplied, it is possible that an integer overflow will occur in the
bounds-checking code. The daemon will then attempt to reference
unallocated memory, resulting in an access violation that causes the
process to terminate.

III. ANALYSIS

Successful exploitation allows unauthenticated remote attackers to cause
the radius daemon (radiusd) to crash. This thereby prevents legitimate
users from accessing systems reliant upon the affected radius server for
authentication. This vulnerability does not seem to allow for execution
of code; it is a denial of service condition only. Exploitation requires
that radiusd be compiled with the --enable-snmp option. SNMP support is
not enabled in the default compile.

IV. DETECTION

iDEFENSE has confirmed that GNU Radius 1.1 and 1.2 are vulnerable, if
configured with --enable-snmp at compile time.

V. WORKAROUND

Disable SNMP support when building radiusd at compile time. Ingress
filtering of UDP port 161 on all interfaces that should not be receiving
SNMP packets may lessen exposure to this vulnerability in affected
environments.

VI. VENDOR FIX

The issue has been addressed in maintenance release version number
1.2.94.

VII. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
names CAN-2004-0849 to these issues. This is a candidate for inclusion
in the CVE list (http://cve.mitre.org), which standardizes names for
security problems.

VIII. DISCLOSURE TIMELINE

09/10/2004   Initial vendor notification
09/10/2004   Initial vendor response
09/15/2004   Public disclosure

IX. CREDIT

The discoverer of this vulnerability wishes to remain anonymous.

Get paid for vulnerability research
http://www.idefense.com/poi/teams/vcp.jsp

X. LEGAL NOTICES

Copyright (c) 2004 iDEFENSE, Inc.

Permission is granted for the redistribution of this alert
electronically. It may not be edited in any way without the express
written consent of iDEFENSE. If you wish to reprint the whole or any
part of this alert in any other medium other than electronically, please
email [EMAIL PROTECTED] for permission.

Disclaimer: The information in the advisory is believed to be accurate
at the time of publishing based on currently available information. Use
of the information constitutes acceptance for use in an AS IS condition.
There are no warranties with regard to this information. Neither the
author nor the publisher accepts any liability for any direct, indirect,
or consequential loss or damage arising from use of, or reliance on,
this information.

--

End of this Digest
**

-- 
Raj Mathur[EMAIL PROTECTED]  http://kandalaya.org/
   GPG: 78D4 FC67 367F 40E2 0DD5  0FEF C968 D0EF CC68 D17F
  It is the mind that moves

___
ilugd mailinglist -- [EMAIL PROTECTED]
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/[EMAIL PROTECTED]/

[ilugd] (fwd) [SECURITY] US-CERT Technical Cyber Security Alert TA04-261A -- Multiple vulnerabilities in Mozilla products

[Raj Mathur]

[Please upgrade if you use Mozilla Thunderbird and/or Firefox on any
platform -- Raju]

This is an RFC 1153 digest.
(1 message)
--

Message-Id: [EMAIL PROTECTED]
From: CERT Advisory [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: US-CERT Technical Cyber Security Alert TA04-261A -- Multiple vulnerabilities 
in Mozilla products 
Date: Fri, 17 Sep 2004 16:12:32 -0400


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 Technical Cyber Security Alert TA04-261A
   Multiple vulnerabilities in Mozilla products

   Original release date: September 17, 2004
   Last revised: --
   Source: US-CERT

Systems Affected

   Mozilla software, including the following:

 * Mozilla web browser, email and newsgroup client
 * Firefox web browser
 * Thunderbird email client

Overview

   Several vulnerabilities exist in the Mozilla web browser and derived
   products, the most serious of which could allow a remote attacker to
   execute arbitrary code on an affected system.

I. Description

   Several vulnerabilities have been reported in the Mozilla web browser
   and derived products. More detailed information is available in the
   individual vulnerability notes:

   VU#414240 - Mozilla Mail vulnerable to buffer overflow via
   writeGroup() function in nsVCardObj.cpp

Mozilla Mail contains a stack overflow vulnerability in the display
routines for VCards. By sending an email message with a crafted VCard,
a remote attacker may be able to execute arbitrary code on the
victim's machine with the privileges of the current user. This can be
exploited in the preview mode as well.

   VU#847200 - Mozilla contains integer overflows in bitmap image decoder

A vulnerability in the way Mozilla and its derived programs handle
certain bitmap images could allow a remote attacker to execute
arbitrary code on a vulnerable system.

   VU#808216 - Mozilla contains heap overflow in UTF8 conversion of
   hostname portion of URLs

A vulnerability in the way Mozilla and its derived programs handle
certain malformed URLs could allow a remote attacker to execute
arbitrary code on a vulnerable system.

   VU#125776 - Multiple buffer overflows in Mozilla POP3 protocol handler

There are multiple buffer overflow vulnerabilities in the Mozilla POP3
protocol handler that could allow a malicious POP3 server to execute
arbitrary code on the affected system.

   VU#327560 - Mozilla send page feature contains a buffer overflow
   vulnerability

There is a buffer overflow vulnerability in the Mozilla send page
feature that could allow a remote attacker to execute arbitrary code.

   VU#651928 - Mozilla allows arbitrary code execution via link dragging

 A vulnerability affecting Mozilla web browsers may allow violation of
 cross-domain scripting policies and possibly execute code originating
 from a remote source.

II. Impact

   These vulnerabilities could allow a remote attacker to execute
   arbitrary code with the privileges of the user running the affected
   application.

   VU#847200 could also allow a remote attacker to crash an affected
   application.

III. Solution

Upgrade to a patched version

   Mozilla has released versions of the affected software that contain
   patches for these issues:

 * Mozilla 1.7.3
 * Firefox Preview Release
 * Thunderbird 0.8

   Users are strongly encouraged to upgrade to one of these versions.

Appendix A. References

 * Mozilla Security Advisory -
   http://www.mozilla.org/projects/security/known-vulnerabilities.ht
   ml
 * Mozilla 1.7.2 non-ascii hostname heap overrun, Gael Delalleau -
   http://www.zencomsec.com/advisories/mozilla-1.7.2-UTF8link.txt
 * Security Audit of Mozilla's .bmp image parsing, Gael Delalleau -
   http://www.zencomsec.com/advisories/mozilla-1.7.2-BMP.txt
 * Security Audit of Mozilla's POP3 client protocol, Gael Delalleau -
   http://www.zencomsec.com/advisories/mozilla-1.7.2-POP3.txt
 * US-CERT Vulnerability Note VU#414240 -
   http://www.kb.cert.org/vuls/id/414240
 * US-CERT Vulnerability Note VU#847200 -
   http://www.kb.cert.org/vuls/id/847200
 * US-CERT Vulnerability Note VU#808216 -
   http://www.kb.cert.org/vuls/id/808216
 * US-CERT Vulnerability Note VU#125776 -
   http://www.kb.cert.org/vuls/id/125776
 * US-CERT Vulnerability Note VU#327560 -
   http://www.kb.cert.org/vuls/id/327560
 * US-CERT Vulnerability Note VU#651928 -
   http://www.kb.cert.org/vuls/id/651928
 _

   Mozilla has assigned credit for reporting of these issue to the
   following:

 * VU#414240: Georgi Guninski
 * VU#847200: Gael Delalleau
 * VU#808216: Gael Delalleau and Mats Palmgren
 * VU#125776: Gael Delalleau
 * VU#327560: Georgi Guninski
 * 

[ilugd] Routing for multiple uplinks......

[Linux]

Hi All,

I want to use two Uplinks from different ISP's on a single Linux box and
do the bandwidth aggregation  

 

I have used the following link to do the routing for multiple uplinks.

 

http://lartc.org/howto/lartc.rpdb.multiple-links.html#AEN298

 

I have used below route commands to perform the same. I have added these
lines to rc.local. Because I don't know how to permanently add the
routes. I think in /etc/sysconfig/satatic-routes. But, don't know about
the syntax. Anyhow, these commands are working. Because my internet is
working without specifying the gateway in /etc/network file.

 

ip route add 61.247.237.0 dev eth0 src 61.247.237.121 table 1

ip route add default via 61.247.237.1 table 1

ip route add 202.88.146.0 dev eth2 src 202.88.146.40 table 2

ip route add default via 202.88.146.1 table 2

ip route add 61.247.237.0 dev eth0 src 61.247.237.121

ip route add 202.88.146.0 dev eth2 src 202.88.146.40

ip route add default via 61.247.237.1

ip rule add from 61.247.237.121 table 1

ip rule add from 202.88.146.40 table 2

ip route add default scope global nexthop via 61.247.237.1 dev eth0
weight 1 nexthop via 202.88.146.1 dev eth2 weight 1

 

But all the traffic is going through eth0. when I try to do the ping
gateway of eth2 I got the following result.

 

ping 202.88.146.1

PING 202.88.146.1 (202.88.146.1) from 202.88.146.40: 56(84) bytes of
data.

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

ping: sendmsg: Operation not permitted

 

I think something to do with my firewall.  I am using IPTABLES. It's a
Red Hat 7.3 Box.

 

Please Suggest

 

Thanks and Regards,

Vineet

 

 

___
ilugd mailinglist -- [EMAIL PROTECTED]
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/[EMAIL PROTECTED]/