[newbie] microsoft bounty - was: If this will not turn businesses [...]
To clarify: I have noticed a great deal of FUD originating from the Linux community over Microsoft offering a 'bounty' for resellers turning over the names of corporate buyers purchasing boxen sans an operating system. The fact is, Microsoft, with full legal rights, is pursuing copyright violators. It seems many businesses are purchasing machines sans an OS and surplusing their old machines. On the new machines, the businesses are installing the old copies of the OS. The site license these businesses purchased is not transferable and for them to install the old OS on the new machines is in violation of the terms of their site license. Unethical that one cannot wipe and old system and transfer one's software to the new machine? Perhaps. But it's not legal to do that, and Microsoft is in the business of making money, not being everyone's pal. If businesses don't like the policy, they ought to have better examined the terms of their site license. I'm treading a fine line on being off topic here, so any replies might be best done to my email versus the list. The original e-mail came from Toronto LUG. Buying a naked computer might soon be against the law. Sort of scarry thing. Unfortunatelly too many people are addicted to Windows, that's enough to make this work. Just thought I share it with good people of Mandrake list. Regards, Nathan
Re: [newbie] samba RPM
With all due respect, if you're struggling with the documentation, Samba is not the place to be. Samba, IMHO, is one of the more difficult programs to configure. I've yet to find an easy way to configure Samba. SWAT caused more problems than it fixed, and the varying iterations of SMB are a pain in the ass. Win95 does it one way, Win98 another, Win2k a third way, etc... The writing in Securing and Optimizing Linux: RedHat edition is fairly well polished. It has an acceptable section on Samba. Check this over: http://www.linuxdoc.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3 /chap29sec280.html Also, the SMB HOW-TO is decent: http://www.linuxdoc.org/HOWTO/SMB-HOWTO.html What book are you referring to? Regards, Nathan - Original Message - From: kaab kaoutar [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, April 30, 2001 1:44 PM Subject: [newbie] samba RPM Hi! can u put me on track on how to make samba run ? this whole book that came with the rpm is too boring for a beginner :( can u please tell me the steps in a easier way ? thanks a lot NB: i always have trouble using rpm cause in tutorials thaey assuming u've install it in /usr/local etc :(
[newbie] Opening ports on a firewall
I have a Mandrake box serving as a NAT/Firewall box. My IPCHAINS ruleset is as follows: default incoming policy of REJECT remote interface, any source, going to WAN interface address is valid outgoing policy of reject local interface, any source, going to LAN is valid forwarding policy is DENY If I wish to offer a service on the Linux box to the outside world, need I configure IPCHAINS to allow access to that service? For instance, if I wish to offer SSH on port 22 from the WAN, must I specifically allow access to that port? Regards, Nathan
Re: [newbie] Looking for fast FTP site
I am looking for a fast and reliable FTP site to download Mandrake 8.0 I have fast access to the net, I work for an ISP, I have just been lucky in finding sites that suck so bad they bend light. I'm at a Internet2 university, so that makes a huge difference in DL speeds, but generally I find that .edu sites located in the continental US (given that the ISP you work for is continental US...) have good connections. I generally don't bother DLing from a site with a ping worse than 100ms. Your mileage will vary -- 100ms may be unreasonably fast for you. ftp://jungle.metalab.unc.edu is a decent site. ftp://ftp.software.umn.edu may work good for you, however I have no way of knowing as I am only 4 hops away from that machine. Avoid Tucows. I've never gotten good speeds from them, seldom over 25k/sec. That's way too slow for an ISO. Regards, Nathan
Re: [newbie] Requesting hardware advice for AMD based machine. jrt
There's an interesting article at Anandtech, http://www.anandtech.com/showdoc.html?i=1456p=1, about how they ran into trouble running their webservers on AMD-based systems. It's worth a read, just to see how they implemented a large-scale site with a Linux-based load balancer, in addition to the hardware troubles. Regards, Nathan - Original Message - From: abram olson [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, April 26, 2001 12:14 AM Subject: Re: [newbie] Requesting hardware advice for AMD based machine. jrt I've been using amd processors with linux since mandrake 6 without any problems. I've currently got an asus a7v with a western digital HD running reiserFS in mandrake 8.0 without any problems at all. AMD is a great choice for a linux box.
Re: [newbie] How much internet security do I need?
Along with Pmfirewall you should also configure portsentry to watch for port scans. Pmfirewall, using Ipchains, is a wonderful first step, but a single layered security scheme isn't much security at all. I wouldn't use anything less then two layers and thats cutting things down to bare bones. these days, when it comes to keep your machine secure from unwanted visitors redundency is the way. Along with Portsentry, installing LogCheck is wise. It too is made by Psionic. Logcheck parses the logs, saving only the pertinant information, and mails them each hour to root, or whomever. I will tell you that the hosts.deny file continues to grow daily since these guys just don't take no for an answer and they're still trying to gain access. their ip numbers are all over my firewall logs and portsentry continues to log their scans and enter their ip addresses in the hosts.deny file so that it remembers them. If you the following line to the hosts.deny file, you needn't worry about a vast majority of problems: ALL:ALL@ALL,PARANOID That tells the machine, for programs using TCPWrappers, to deny everyone access to everything, and block any machine whose name does not match its IP. If you need to use INET services on the Linux machine, add the following lines to hosts.allow: in.telnetd: 192.168.0.3 bar.foo.com That's just for example. Replace in.telnetd with whatever program you wish to use, and 192.168.0.3 with which ever machine you want to connect. Also, if you add the following lines to the sysctl.conf (IIRC, that's what Mandrake calls it): net.ipv4.conf.all.rp_filter = 1 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.tcp_syncookies = 1 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.all.log_martians = 1 net.ipv4.icmp_echo_ignore_all = 1 And if you're going to all that trouble, you might as well do the following: In /etc/securetty comment out everything except tty1. Then root can only log onto tty1. If you need more root, you can log on and su. For a good degree of security, remove the rpm binary. Copy it to a floppy disk, or three, and store them away safely. Without rpm, it's impossible for both you and nefarious users to add anything to the computer. If you also remove the compiler, that increases security , but makes life difficult. Consider using Tripwire as it checks the integrity of your important programs. It won't stop an intrusion, but you'll be alerted promptly. Another program, called sXid, which also runs as a cron job, tracks changes in s[ug]id programs. It's available at http://the.wiretapped.net/security/host-security/sxid/ Regards, Nathan
Re: [newbie] mandrake 7.0
Why? It's free and you can DL it from a few dozen places. Check www.mandrake.com and look for the download link? Nathan - Original Message - From: "joey" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 09, 2000 10:56 AM Subject: [newbie] mandrake 7.0 anyone here want to send me a copy of the linux-mandrake 7.0:-)
Re: [newbie] watch what you say on this list
This is news to me. Not good news either. Not that I'm trying to be sarcastic, but isn't all mail archived anyway? Nathan - Original Message - From: "WolfRyder" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, May 08, 2000 11:29 AM Subject: [newbie] watch what you say on this list Following is a copy of an email I am sending to the "filtering" site that linux-mandrake uses. This is in reference to the email thread about "Parental Control". I received an email just now saying my email was " inappropriate subject matter ". It was logged by you. I don't understand why, though. I was answering an email on a listserv of which I am a member and we were discussing filtering software for Linux as opposed to parental monitoring. I don't understand why I was singled out for this type of monitoring when the other people the list used the same word as I, but were not censured (as far as I know). You can bet I won't be discussing the merits of software filtering on that list again. If they use this service to strike fear in the hearts of it's participants when discussing possible writing of filtering options, it's not a site I wish to respond to at all. I am therefore unsubscribing right now. Carol MIMEsweeper ChineseWall Server: CN=NS005/OU=DSRV/O=Texas Utilities - -- - Mail-Info From: WolfRyder [EMAIL PROTECTED] @ TU To: [EMAIL PROTECTED] Date: 05/08/2000 07:42:46 AM Subject:Re: [newbie] Parental Control -- -- 'ChineseWall Job' reports: TXU automatically screens all e-mail for inappropriate subject matter (i.e. material that is discriminatory, hateful, vulgar, pornographic, sexually-explicit, or obscene). This e-mail contains information that is considered inappropriate for the business environment and has been logged and will be reviewed to determine final disposition. If you have any questions, please direct them to [EMAIL PROTECTED] ' porn ' found! Mail has been archived!