Re: [newbie] Exploits (Was: keep password broken?)
On Mon, 2003-09-29 at 13:18, Ronald J. Hall wrote: On Sunday 28 September 2003 10:55 pm, Stephen Kuhn wrote: On Mon, 2003-09-29 at 02:59, Charlie M. wrote: I'm just a noob. :-) I'm just a boob. stephen kuhn - owner Well, aren't you two a pair! Hehehehehehe! :- What - a noob and a boob? Or a noob a boob and another boob? stephen kuhn - owner == illawarra computer services a kuhn media australia company http://kma.0catch.com -- * This message was composed on a 100% Microsoft free computer * We expressly refuse to utilise Microsoft DRM encoded documents -- On-line, adj.: The idea that a human being should always be accessible to a computer. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
On Monday 29 Sep 2003 1:43 am, Merlin Zener wrote: On Sat, 2003-09-27 at 23:35, Derek wrote: [...snip snip] 3/ Make sure you enter an email address in the Mandrake control Centre Security window. That way you will be alerted to security attacks. Is this a new thing in 9.1? I'm running 9.0, and I went to the MCC security section and I didn't see any place to input an email address... cheers, -- Merlin Zener Yes It is there. Put the email address in the 'Security Administrator' box, and tick the checkbox to get mail alerts. http://doc.mandrakelinux.com/MandrakeLinux/90c/en/Starter.html/draksec.html# derek -- -- www.jennings.homelinux.net http://twiki.mdklinuxfaq.org Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
On Saturday 27 Sep 2003 8:01 pm, Anne Wilson wrote: On Saturday 27 Sep 2003 5:35 pm, Derek wrote: On Saturday 27 Sep 2003 1:13 am, Lance Cummings wrote: y Bad idea, If your computer connected to the Internet. Even though, the number y of viruses/trojans for LINUX is miniscule it not 0. Given all user root y rights will increase chance for getting your box compromise. Along that line . . . what are some of the Internet gotchas regarding Linux? With Windows of course there are a multitude of file types that by merely being opened can allow an attacker into the system, and anyone running without a well-tuned firewall and good real-time virus protection is really begging to get compromised. That said, I'm up virtually 24x7 on 100 MB/sec glass, and I've never been compromised yet, which I think says at least something about the care and attention that I devote to this (not that you have to devote *that* much attention to it; just not being incredibly naive avoids a lot of trouble). But I have little idea what to be wary about in terms of Linux -- so with respect to this OS I would at least be more naive than I would be in Windows. I suspect I'm operating a ton of services I don't need right now in Linux, and in the Windows world that's one sure invitation to trouble right there. Any hints on what makes the suspicion meter go into the red zone appreciated. There are very few gotchas. But here are a few things to consider 1/ Do not run as root- If you do then just visiting a web site with a browser which has an exploit could cause arbitary code to execute as root. Not very likely, but technically possible. 2/ Do not use weak root or user passwords. There are utilities which will guess a weak password quite quickly. Also make sure you are running at a security level high enough to report unsuccessful logins (I think 'standard' security is OK) 3/ Make sure you enter an email address in the Mandrake control Centre Security window. That way you will be alerted to security attacks. 4/ Install the chkrootkit RPM which will examine your system daily to see if you have been compromised. It does not need any set up. Its reports will come in your daily Mandrake security report. 5/ Read about how msec (Mandrake Secure) works at http://www.mandrakesecure.net/en/ 6/ Do your Mandrake Security updates regularly, either by the GUI, or from an automated cron job The command urpmi.update updates urpmi --update --auto-select will do the updates for you. (That assumes you have defined a urpmi update source called updates) Note:Now you are running Mdk 9.2RC2 you **must** delete your current 9.1 urpmi sources and add 9.2 sources. derek Derek - could you put this into the TWiki under Administration? It's too useful to be lost. Shall do With regard to security alerts, is the correct format [EMAIL PROTECTED] ? It is any valid user name (for mails to go in the regular mail spool file), or any valid e-mail address. One thing I should have pointed out is that to get emails out of your system (other than to the spool file) you must have an smtp mail server running. If you do not have Postfix or some other mail server running, then install the ssmtp RPM (simple smtp) from the install CDs. There is a simple setup file in /etc which has to be configured, and then your computer can happily start emailing you with security information. derek Anne -- -- www.jennings.homelinux.net http://twiki.mdklinuxfaq.org Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
On Mon, 2003-09-29 at 15:37, Derek Jennings wrote: On Monday 29 Sep 2003 1:43 am, Merlin Zener wrote: On Sat, 2003-09-27 at 23:35, Derek wrote: [...snip snip] 3/ Make sure you enter an email address in the Mandrake control Centre Security window. That way you will be alerted to security attacks. Is this a new thing in 9.1? I'm running 9.0, and I went to the MCC security section and I didn't see any place to input an email address... cheers, -- Merlin Zener Yes It is there. Put the email address in the 'Security Administrator' box, and tick the checkbox to get mail alerts. http://doc.mandrakelinux.com/MandrakeLinux/90c/en/Starter.html/draksec.html# ahh - I see. Thanks, Derek. -- Merlin Zener Piano, Synthesizer Thailand. registered Linux user number 328618 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
On Monday 29 Sep 2003 11:46 am, Merlin Zener wrote: On Mon, 2003-09-29 at 15:37, Derek Jennings wrote: On Monday 29 Sep 2003 1:43 am, Merlin Zener wrote: On Sat, 2003-09-27 at 23:35, Derek wrote: [...snip snip] 3/ Make sure you enter an email address in the Mandrake control Centre Security window. That way you will be alerted to security attacks. Is this a new thing in 9.1? I'm running 9.0, and I went to the MCC security section and I didn't see any place to input an email address... cheers, -- Merlin Zener Yes It is there. Put the email address in the 'Security Administrator' box, and tick the checkbox to get mail alerts. http://doc.mandrakelinux.com/MandrakeLinux/90c/en/Starter.html/draksec.ht ml# ahh - I see. Thanks, Derek. -- Merlin Zener Merlin I should have also said To send mails you must have a mail server running. If you do not have Postfix or Sendmail installed, then install the Simple SMTP server ssmtp from your install CDs. There is a simple setup file at /etc/ssmtp/ssmtp.conf derek -- -- www.jennings.homelinux.net http://twiki.mdklinuxfaq.org Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 September 27, 2003 11:20 pm, Lance Cummings wrote: whack Good to know, thanks. I will be tempted to run as root someday I'm sure, as I run as administrator (but renamed for security) in WIndows. But that would be quite some time from now, and maybe I will forgo the idea entirely if it's not too big a pain not to be root. ^^_^^ For your personal security resist that temptation. _Please!_ If a gremlin manages to crawl in through a malicious script or other methods the worst that might happen is a loss of anything not backed up. Yeah, I read your other post. Sounds as though you back up almost as much as I do. Suspenders and belt. Or as Anne would say; Belt'n'braces. If you cruise to a den of iniquity containing a nest of viper scripts as root you won't like the world. At all. 2/ Do not use weak root or user passwords. There are utilities which will guess a weak password quite quickly. Also make sure you are running at a security level high enough to report unsuccessful logins (I think 'standard' security is OK) Same advice applies to Windows, thanks. I am running 'standard', so glad to hear it will prolly suffice. I use strong passwords, and I expire them. That works. 3/ Make sure you enter an email address in the Mandrake control Centre Security window. That way you will be alerted to security attacks. Totally unaware. Thanks. 4/ Install the chkrootkit RPM which will examine your system daily to see if you have been compromised. It does not need any set up. Its reports will come in your daily Mandrake security report. On the CD? (guess I'll go have a look) It should be. We'll get to source repositories in a minute. 5/ Read about how msec (Mandrake Secure) works at http://www.mandrakesecure.net/en/ Okay. Right after I finish 'War and Peace'. ^_- Smart ass. Good one. ^_- 6/ Do your Mandrake Security updates regularly, either by the GUI, or from an automated cron job The command urpmi.update updates urpmi --update --auto-select will do the updates for you. (That assumes you have defined a urpmi update source called updates) Oh-oh. Unknown thing. Danger, Will Robinson! (I have defined no such thing, and would be unlikely to do so until I figure out how to do it.) lol Make your life easier Lance and click the link below. Change the release in the pull down to cooker and ask for cooker, contribs, and PLF. Then modify the command for PLF to reflect the fact that the hdlists aren't in the RPM directory any more. I'd suggest easynet for the plf source. After the sources set up use the command you see above. Or the one below the link; http://plf.zarb.org/~nanardon This is the form they'll take. I'm giving the command to add plf easynet: urpmi.addmedia PLF ftp://ftp.easynet.fr/plf/cooker/i586 with ../hdlist.cz alternate update command; urpmi.update -a -f urpmi --wget --no-verify-rpm --auto-select -v you may also need to run this one occasionally if everything on your menu seems to become a directory rather than an icon. rpm --rebuilddb updatedb update-menus -n ldconfig Note:Now you are running Mdk 9.2RC2 you **must** delete your current 9.1 urpmi sources and add 9.2 sources. Oh-oh, oh-oh, oh-oh. A **must** that I have no idea how to accomplish. I am in deep kimchi now, I suspect. urpmi.removemedia -a You'll find instructions on the site at the link I posted above under Step3 where your source configuration commands will be after they're generated. Thanks Derek, Lance Have fun! Charlie - -- Edmonton,AB,Canada User 244963 at http://counter.li.org Cooker on kernel 2.4.22-10mdk 23:46:24 up 7 days, 13:06, 1 user, load average: 0.07, 0.15, 0.16 Today is a good day to bribe a high-ranking public official. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/dnsOG11CaRuZZSIRApBfAKCiTDbsALkeVK1wutLa/jgjLQBX1wCfTiFU 8aBBCWdy9uDAi0+qmOKr/A8= =AmPu -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
Charlie M. wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 September 27, 2003 11:20 pm, Lance Cummings wrote: whack Good to know, thanks. I will be tempted to run as root someday I'm sure, as I run as administrator (but renamed for security) in WIndows. But that would be quite some time from now, and maybe I will forgo the idea entirely if it's not too big a pain not to be root. ^^_^^ For your personal security resist that temptation. _Please!_ If a gremlin manages to crawl in through a malicious script or other methods the worst that might happen is a loss of anything not backed up. Yeah, I read your other post. Sounds as though you back up almost as much as I do. Suspenders and belt. Or as Anne would say; Belt'n'braces. If you cruise to a den of iniquity containing a nest of viper scripts as root you won't like the world. At all. Indeedy-doody. Just about anything you can do by logging in as root, you can do by typing su in a terminal. It doesn't limit you to command-line stuff; for example, once you've become root via su, you can type, say, konqueror and get konqueror as though you were runing it as root. Sir Robin -- I can say: 'Thank these bees for their honey as though they were kind people who have prepared it for you'; that is intelligible and describes how I should like you to conduct yourself. But I cannot say: 'Thank them because, look, how kind they are!'--since the next moment they may sting you. - Wittgenstein Robin Turner IDMYO Bilkent Univeritesi Ankara 06533 Turkey www.bilkent.edu.tr/~robin Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
On Sunday 28 Sep 2003 1:37 pm, robin wrote: Charlie M. wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 September 27, 2003 11:20 pm, Lance Cummings wrote: whack Good to know, thanks. I will be tempted to run as root someday I'm sure, as I run as administrator (but renamed for security) in WIndows. But that would be quite some time from now, and maybe I will forgo the idea entirely if it's not too big a pain not to be root. ^^_^^ For your personal security resist that temptation. _Please!_ If a gremlin manages to crawl in through a malicious script or other methods the worst that might happen is a loss of anything not backed up. Yeah, I read your other post. Sounds as though you back up almost as much as I do. Suspenders and belt. Or as Anne would say; Belt'n'braces. If you cruise to a den of iniquity containing a nest of viper scripts as root you won't like the world. At all. Indeedy-doody. Just about anything you can do by logging in as root, you can do by typing su in a terminal. It doesn't limit you to command-line stuff; for example, once you've become root via su, you can type, say, konqueror and get konqueror as though you were runing it as root. Sir Robin But don't forget to exit root mode as soon as you can. Anne -- Registered Linux User No.293302 Have you visited http://twiki.mdklinuxfaq.org yet? Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
On Sun, 2003-09-28 at 22:37, robin wrote: Indeedy-doody. Just about anything you can do by logging in as root, you can do by typing su in a terminal. It doesn't limit you to command-line stuff; for example, once you've become root via su, you can type, say, konqueror and get konqueror as though you were runing it as root. Sir Robin Ahem - are we forgetting sudo ?? stephen kuhn - owner == illawarra computer services a kuhn media australia company http://kma.0catch.com -- * This message was composed on a 100% Microsoft free computer * We expressly refuse to utilise Microsoft DRM encoded documents -- The C Programming Language -- A language which combines the flexibility of assembly language with the power of assembly language. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 September 28, 2003 06:48 am, Stephen Kuhn wrote: On Sun, 2003-09-28 at 22:37, robin wrote: Indeedy-doody. Just about anything you can do by logging in as root, you can do by typing su in a terminal. It doesn't limit you to command-line stuff; for example, once you've become root via su, you can type, say, konqueror and get konqueror as though you were runing it as root. Sir Robin Ahem - are we forgetting sudo ?? stephen kuhn - owner Not usually but explaining it would probably have defeated the strong warning tone of the original post. I should have stayed out of this thread; there are gurus here that can explain any of these things better than I. With attendant credibility. Like you. ^_^ I'm just a noob. :-) CU; Charlie - -- Edmonton,AB,Canada User 244963 at http://counter.li.org Cooker on kernel 2.4.22-10mdk 10:55:27 up 8 days, 15 min, 1 user, load average: 0.00, 0.03, 0.30 Win NT error 001: Error recording error codes. All further errors not displayed. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/dxNkG11CaRuZZSIRAoX8AJ4kbCdpaZZ8KfpcJc/xdUV/+BzIvgCfU+JV LzbT5+/thanenkfrV5sudWA= =h2kL -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
On Sunday 28 Sep 2003 6:20 am, Lance Cummings wrote: SNIP 6/ Do your Mandrake Security updates regularly, either by the GUI, or from an automated cron job The command urpmi.update updates urpmi --update --auto-select will do the updates for you. (That assumes you have defined a urpmi update source called updates) Oh-oh. Unknown thing. Danger, Will Robinson! (I have defined no such thing, and would be unlikely to do so until I figure out how to do it.) lol At the end of the install process you were asked if you want to install updates. If you said Yes an update source will have been picked. If 'No' then you need to define a source. Best way to do that is go here and follow the instructions http://plf.zarb.org/~nanardon/index.php You can then use the MenuConfigurationPackagingMandrake Update GUI to do your updates for youi. The GUI allows you to browse the available updates, read why they were issued, and to refuse them if you wish. There are a *lot* of updates for 9.1 There are already a few updates for 9.2 (The online tool does not yet allow you to select a 9.2 update source, but if you select a 9.1 source and then edit the line to say 9.2, then it will work) Generally as soon as a security flaw is found in a package in the main distro, there will be an update out for it within 24 hours. If you are a MandrakeClub member you get emailed to remind you to upgrade. Note:Now you are running Mdk 9.2RC2 you **must** delete your current 9.1 urpmi sources and add 9.2 sources. Oh-oh, oh-oh, oh-oh. A **must** that I have no idea how to accomplish. I am in deep kimchi now, I suspect. The reason for the **must** is that different Linux releases are built using different versions of the core libraries. If you mix software sources from different releases you will confuse the system as to what libraries to install. You will either end up installing 100's of MB of software, or else totally fsck up your system. We get newbies all the time who install Cooker apps in 9.1 systems and then run into problems. So the bottom line is. If you run 9.1 only have software sources defined for 9.1. If you run 9.2, then only have sources defined for 9.2 The link above tells you how to add sources. To delete a source use the software source GUI in Mandrake Control Centre. Thanks Derek, Lance -- -- www.jennings.homelinux.net http://twiki.mdklinuxfaq.org Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
On Sunday 28 Sep 2003 6:53 pm, Derek Jennings wrote: On Sunday 28 Sep 2003 6:20 am, Lance Cummings wrote: SNIP 6/ Do your Mandrake Security updates regularly, either by the GUI, or from an automated cron job The command urpmi.update updates urpmi --update --auto-select will do the updates for you. (That assumes you have defined a urpmi update source called updates) Oh-oh. Unknown thing. Danger, Will Robinson! (I have defined no such thing, and would be unlikely to do so until I figure out how to do it.) lol At the end of the install process you were asked if you want to install updates. If you said Yes an update source will have been picked. If 'No' then you need to define a source. Best way to do that is go here and follow the instructions http://plf.zarb.org/~nanardon/index.php You can then use the MenuConfigurationPackagingMandrake Update GUI to do your updates for youi. The GUI allows you to browse the available updates, read why they were issued, and to refuse them if you wish. There are a *lot* of updates for 9.1 There are already a few updates for 9.2 (The online tool does not yet allow you to select a 9.2 update source, but if you select a 9.1 source and then edit the line to say 9.2, then it will work) Generally as soon as a security flaw is found in a package in the main distro, there will be an update out for it within 24 hours. If you are a MandrakeClub member you get emailed to remind you to upgrade. No - you have to sign up for the alerts. Anne -- Registered Linux User No.293302 Have you visited http://twiki.mdklinuxfaq.org yet? Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
On Mon, 2003-09-29 at 02:59, Charlie M. wrote: I'm just a noob. :-) I'm just a boob. stephen kuhn - owner == illawarra computer services a kuhn media australia company http://kma.0catch.com -- * This message was composed on a 100% Microsoft free computer * We expressly refuse to utilise Microsoft DRM encoded documents -- If you would keep a secret from an enemy, tell it not to a friend. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
On Sunday 28 September 2003 10:55 pm, Stephen Kuhn wrote: On Mon, 2003-09-29 at 02:59, Charlie M. wrote: I'm just a noob. :-) I'm just a boob. stephen kuhn - owner Well, aren't you two a pair! Hehehehehehe! :- -- /\ DarkLord \/ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
On Saturday 27 Sep 2003 1:13 am, Lance Cummings wrote: y Bad idea, If your computer connected to the Internet. Even though, the number y of viruses/trojans for LINUX is miniscule it not 0. Given all user root y rights will increase chance for getting your box compromise. Along that line . . . what are some of the Internet gotchas regarding Linux? With Windows of course there are a multitude of file types that by merely being opened can allow an attacker into the system, and anyone running without a well-tuned firewall and good real-time virus protection is really begging to get compromised. That said, I'm up virtually 24x7 on 100 MB/sec glass, and I've never been compromised yet, which I think says at least something about the care and attention that I devote to this (not that you have to devote *that* much attention to it; just not being incredibly naive avoids a lot of trouble). But I have little idea what to be wary about in terms of Linux -- so with respect to this OS I would at least be more naive than I would be in Windows. I suspect I'm operating a ton of services I don't need right now in Linux, and in the Windows world that's one sure invitation to trouble right there. Any hints on what makes the suspicion meter go into the red zone appreciated. There are very few gotchas. But here are a few things to consider 1/ Do not run as root- If you do then just visiting a web site with a browser which has an exploit could cause arbitary code to execute as root. Not very likely, but technically possible. 2/ Do not use weak root or user passwords. There are utilities which will guess a weak password quite quickly. Also make sure you are running at a security level high enough to report unsuccessful logins (I think 'standard' security is OK) 3/ Make sure you enter an email address in the Mandrake control Centre Security window. That way you will be alerted to security attacks. 4/ Install the chkrootkit RPM which will examine your system daily to see if you have been compromised. It does not need any set up. Its reports will come in your daily Mandrake security report. 5/ Read about how msec (Mandrake Secure) works at http://www.mandrakesecure.net/en/ 6/ Do your Mandrake Security updates regularly, either by the GUI, or from an automated cron job The command urpmi.update updates urpmi --update --auto-select will do the updates for you. (That assumes you have defined a urpmi update source called updates) Note:Now you are running Mdk 9.2RC2 you **must** delete your current 9.1 urpmi sources and add 9.2 sources. derek -- www.jennings.homelinux.net Get urpmi sources from http://plf.zarb.org/~nanardon/urpmiweb.php Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Exploits (Was: keep password broken?)
On Sunday 28 September 2003 01:35, Derek wrote: On Saturday 27 Sep 2003 1:13 am, Lance Cummings wrote: y Bad idea, If your computer connected to the Internet. Even though, the number y of viruses/trojans for LINUX is miniscule it not 0. Given all user root y rights will increase chance for getting your box compromise. Along that line . . . what are some of the Internet gotchas regarding Linux? There are very few gotchas. But here are a few things to consider 1/ Do not run as root- If you do then just visiting a web site with a browser which has an exploit could cause arbitary code to execute as root. Not very likely, but technically possible. Good to know, thanks. I will be tempted to run as root someday I'm sure, as I run as administrator (but renamed for security) in WIndows. But that would be quite some time from now, and maybe I will forgo the idea entirely if it's not too big a pain not to be root. ^^_^^ 2/ Do not use weak root or user passwords. There are utilities which will guess a weak password quite quickly. Also make sure you are running at a security level high enough to report unsuccessful logins (I think 'standard' security is OK) Same advice applies to Windows, thanks. I am running 'standard', so glad to hear it will prolly suffice. I use strong passwords, and I expire them. 3/ Make sure you enter an email address in the Mandrake control Centre Security window. That way you will be alerted to security attacks. Totally unaware. Thanks. 4/ Install the chkrootkit RPM which will examine your system daily to see if you have been compromised. It does not need any set up. Its reports will come in your daily Mandrake security report. On the CD? (guess I'll go have a look) 5/ Read about how msec (Mandrake Secure) works at http://www.mandrakesecure.net/en/ Okay. Right after I finish 'War and Peace'. ^_- 6/ Do your Mandrake Security updates regularly, either by the GUI, or from an automated cron job The command urpmi.update updates urpmi --update --auto-select will do the updates for you. (That assumes you have defined a urpmi update source called updates) Oh-oh. Unknown thing. Danger, Will Robinson! (I have defined no such thing, and would be unlikely to do so until I figure out how to do it.) lol Note:Now you are running Mdk 9.2RC2 you **must** delete your current 9.1 urpmi sources and add 9.2 sources. Oh-oh, oh-oh, oh-oh. A **must** that I have no idea how to accomplish. I am in deep kimchi now, I suspect. Thanks Derek, Lance Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com