Re: [linux-admin] iptables question
Date: Mon, 7 Apr 2003 10:28:42 +0700 (WIT) From: Cemplung [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [linux-admin] iptables question Hi all, mohon maaf kalo pernah dibahas di milis ini. Saya ada pertanyaan nih, saya melakukan blocking port 3001 spt ini : #iptables -A INPUT -p tcp --dport 3001 -j REJECT kemudian saya scan server saya : 3001/tcp filterednessusd Kenapa pada port 3001 State-nya disebutkan filtered ? bukankah seharusnya closed ? mohon pencerahannya .. tksrgds iptables, -j REJECT tanpa parameter apapun akan mengirimkan icmp-port-unreachable, ini biasanya mengindikasikan suatu port itu di 'filter', kalau pingin 'stealthy' (closed) gunakan tcp-reset, eg. iptables -A INPUT -p tcp --dport 3001 -j REJECT --reject-with tcp-reset lebih lanjutnya silahkan baca manualnya iptables :) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [linux-admin] tidak bisa login-SAMBA
Date: Sat, 29 Mar 2003 06:34:02 -0500 From: fade2blac [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [linux-admin] tidak bisa login-SAMBA ralat dikit aj, sebetulnya yang terjadi election itu master browser, yakni siapa yang memberi daftar nama komputer saat klien windows klik network neighborhood. Jadi nanti akan rebutan siapa yang ngasih daftar. Makanya ada local master browser (untuk satu domain), domain master browser (untuk beberapa domain NT), backup local master (yang jadi backupnya local master browser). Kalau domain controller, dalam satu domain cuman ada satu. Fungsi utamanya lebih ke otentikasi, sedangkan master browser itu feature pelangkap dari sebuah domain controller. Dan untuk domain controller tidak ada election. Mau menambahkan saja, tabel dibawah ini menggambarkan OS level + OSnya sekalian kalau anda install SWAT, sudah _pasti_ buku online O'Reilly Using Samba ada di harddisk anda :) Operating SystemValue Windows NT Server 4.0 33 Windows NT Server 3.51 32 Windows NT Workstation 4.0 17 Windows NT Workstation 3.51 16 Windows 98 2 Windows 95 1 Windows 3.1 for Workgroups 1 tabel diatas diambil dari Bab 5.1 Browsing, disana dijelaskan bagaimana suatu proses election terjadi. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [linux-admin] tidak bisa login-SAMBA
Date: Sun, 30 Mar 2003 12:01:03 +0700 From: Rio [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: RE: [linux-admin] tidak bisa login-SAMBA coba ganti encrypt password dengan encrypt passwords trus .. kembalikan settingan registry seperti semula tanpa enabletextplainpassword setahu saya (CMIIW) parameter 'encrypt password' itu harus digunakan untuk client Win98 dan WinNT4 SP3 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[linux-admin] The Security Flag in the IPv4 Header
Network Working GroupS. Bellovin Request for Comments: 3514ATT Labs Research Category: Informational 1 April 2003 The Security Flag in the IPv4 Header Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2003). All Rights Reserved. Abstract Firewalls, packet filters, intrusion detection systems, and the like often have difficulty distinguishing between packets that have malicious intent and those that are merely unusual. We define a security flag in the IPv4 header as a means of distinguishing the two cases. 1. Introduction Firewalls [CBR03], packet filters, intrusion detection systems, and the like often have difficulty distinguishing between packets that have malicious intent and those that are merely unusual. The problem is that making such determinations is hard. To solve this problem, we define a security flag, known as the evil bit, in the IPv4 [RFC791] header. Benign packets have this bit set to 0; those that are used for an attack will have the bit set to 1. 1.1. Terminology The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this document, are to be interpreted as described in [RFC2119]. 2. Syntax The high-order bit of the IP fragment offset field is the only unused bit in the IP header. Accordingly, the selection of the bit position is not left to IANA. Bellovin Informational [Page 1] RFC 3514 The Security Flag in the IPv4 Header 1 April 2003 The bit field is laid out as follows: 0 +-+ |E| +-+ Currently-assigned values are defined as follows: 0x0 If the bit is set to 0, the packet has no evil intent. Hosts, network elements, etc., SHOULD assume that the packet is harmless, and SHOULD NOT take any defensive measures. (We note that this part of the spec is already implemented by many common desktop operating systems.) 0x1 If the bit is set to 1, the packet has evil intent. Secure systems SHOULD try to defend themselves against such packets. Insecure systems MAY chose to crash, be penetrated, etc. 3. Setting the Evil Bit There are a number of ways in which the evil bit may be set. Attack applications may use a suitable API to request that it be set. Systems that do not have other mechanisms MUST provide such an API; attack programs MUST use it. Multi-level insecure operating systems may have special levels for attack programs; the evil bit MUST be set by default on packets emanating from programs running at such levels. However, the system MAY provide an API to allow it to be cleared for non-malicious activity by users who normally engage in attack behavior. Fragments that by themselves are dangerous MUST have the evil bit set. If a packet with the evil bit set is fragmented by an intermediate router and the fragments themselves are not dangerous, the evil bit MUST be cleared in the fragments, and MUST be turned back on in the reassembled packet. Intermediate systems are sometimes used to launder attack connections. Packets to such systems that are intended to be relayed to a target SHOULD have the evil bit set. Some applications hand-craft their own packets. If these packets are part of an attack, the application MUST set the evil bit by itself. In networks protected by firewalls, it is axiomatic that all attackers are on the outside of the firewall. Therefore, hosts inside the firewall MUST NOT set the evil bit on any packets. Bellovin Informational [Page 2] RFC 3514 The Security Flag in the IPv4 Header 1 April 2003 Because NAT [RFC3022] boxes modify packets, they SHOULD set the evil bit on such packets. Transparent http and email proxies SHOULD set the evil bit on their reply packets to the innocent client host. Some hosts scan other hosts in a fashion that can alert intrusion detection systems. If the scanning is part of a benign research project, the evil bit MUST NOT be set. If the scanning per se is innocent, but the ultimate intent is evil and the destination site has such an intrusion detection system, the evil bit SHOULD be set. 4. Processing of the Evil Bit Devices such as firewalls MUST drop all inbound packets that have the evil bit set. Packets with the evil bit off MUST NOT be dropped. Dropped packets SHOULD be noted in the appropriate MIB variable. Intrusion detection
Re: [linux-admin] Transparan Proxy
Date: Mon, 31 Mar 2003 08:55:21 +0700 From: EDP Dept. [Telkom] [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [linux-admin] Transparan Proxy Rekan2 Millist maaf kalo perihal ini sudah di bahas, soalnya sampai sekarang masih belum berhasil aku configure Transparan Proxy. Dan langkah2 yang sudah aku lakukan di antaranya sbb : mungkin bisa membantu: http://www.netfilter.org/documentation/FAQ/netfilter-faq-3.html#ss3.12 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[linux-admin] Lagi cari komputer spesifikasi server
Halo min2x :) Perusahaanku di Surabaya bulan ini lagi cari komputer branded (lokal maupun luar) bagi yang bisa ngirimin referensi tempat (web) jualan komputer yang ciamik atau anda sendiri yang punya penawaran silahkan email balik (japri) ke aku, kalau bisa punya informasi detil komputer (spesifikasi) silahkan langsung aja ok... hm, sori kalo OOT (habis bingung mau cari kemana lagi) pgp0.pgp Description: PGP signature
Re: [admin] pertannyann ttg filesystem linux
Date: Mon, 10 Feb 2003 12:42:20 +0700 (JAVT) From: Donny Kurnia [EMAIL PROTECTED] To: [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Subject: Re: [admin] pertannyann ttg filesystem linux On Fri, 7 Feb 2003, andrew hartono wrote: Kalo mau lebih lengkap, baca aja buku Operating System-nya Andrew S Tanenbaum (Linus Torvald aja abis baca buku ini bikin Linux :D ) Kalau Mas Dony setelah baca buku itu, bikin Donyx ya? :) Kalau nggak salah source-code Minix disertakan dihalaman belakang kan? Pernah lihat percek-cokan antara Tanenbaum dengan Torvald mengenai desain kernel yang bagus? cukup menarik dan historis (panjang banget threadnya) http://www.dina.dk/~abraham/Linus_vs_Tanenbaum.html -- Le Seigneur des Anneaux -- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3
Re: [admin] Postfix di bloklist
Date: Mon, 20 Jan 2003 13:02:56 +0700 (JAVT) From: Admin Bingung [EMAIL PROTECTED] To: [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Subject: [admin] Postfix di bloklist Dear Admin.. sebagai kelanjutan dari open proxy saya, ternyata postfix saya juga menghubungkan diri dengan server yang saya nggak tahu berapa ratus jumlahnya. Dan sebab itu server saya telah masuk blocklist beberapa server mail sehingga server kami tidak bisa mengirim email ke server tersebut. bagaimana nih pemecahannya ? Halo, Mungkin referensi dasar dari postfix bisa buat bacaan anda (cukup mudah mengingat postfix default tidak membolehkan host anda menjadi open-relay), hint: cek /etc/postfix/main.cf -- mynetwork_style http://www.postfix.org/basic.html Setelah yakin lulus test open relay ;), silahkan kunjungi website dimana anda menjadi salah satu blacklist disana, kemungkinan besar mereka mau menghapus komputer anda dari daftar blacklist...agak sedikit berbelit-belit juga prosedurnya, tapi mau gimana lagi? :) -- Le Seigneur des Anneaux -- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3
Re: [admin] DNS
Reply-To: [EMAIL PROTECTED] Message-ID: 001401c2bbd3$252a7bf0$bd2a9aca@server From: Rio Martin. [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Tue, 14 Jan 2003 20:45:05 +0700 X-Mailer: Microsoft Outlook Express 6.00.2600. X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600. Subject: Re: [admin] DNS From: Muhammad Reza [EMAIL PROTECTED] Sent: Tuesday, January 14, 2003 2:42 PM IMHO... daftarin aja IP Public anda di DNS record nameserver domain anda biar lebih mantap .. kayaknya dokumentasi DNS-HOWTO sangat diperlukan. Regards, Rio Martin. Sekalian promosi, silahkan cek dokumentasi mengenai BIND di http://lug.stikom.edu/pub/bind9.html tentunya dokumen diatas bisa dibaca setelah membaca DNS-HOWTO :) -- Le Seigneur des Anneaux -- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3
Re: [admin] Howto
Reply-To: [EMAIL PROTECTED] Message-ID: 006501c2bc3c$ead236e0$[EMAIL PROTECTED] From: Isngadi Nurjaman [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Wed, 15 Jan 2003 09:22:10 +0700 X-Mailer: Microsoft Outlook Express 6.00.2479.0001 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2479.0001 Subject: [admin] Howto Ada yan tau linknya howto mengenai : - tcp_syncookies - ip_always_defrag -dll Your very own local kernel sources! /usr/src/linux/Documentation/networking/ip-sysctl.txt IP Fragmentation QA http://www.geocities.com/SiliconValley/Vista/8672/network/ipfrag.html Rob Thomas, IP Stack Tunning guide http://www.cymru.com/Documents/ip-stack-tuning.html Dan J. Bernstein, Syncookies debates http://cr.yp.to/syncookies.html -- Le Seigneur des Anneaux -- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3
