Re: Using a digital projector

2002-07-07 Thread Anthony E. Greene 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 07-Jul-2002/21:26 -0700, Mike Davison <[EMAIL PROTECTED]> wrote:
>
>I am taking my Sony laptop (Vaio 505TR running RH 7.3) to a convention
>where a 'BoxLight XGA' digital projector will be available. Should I
>expect any problems or will this just work? 

It depends on the exact model. The XD models do not have a standard
15-pin video input. The others I looked at do. As long as the projector
has a standard 15 pin video input, there should be no problem.

The video card outputs the same type of signal regardless of the OS
driving it.

Tony
- -- 
Anthony E. Greene 
OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26  C484 A42A 60DD 6C94 239D
AOL/Yahoo Messenger: TonyG05HomePage: 
Linux. The choice of a GNU generation 

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene  0x6C94239D

iD8DBQE9KTg5pCpg3WyUI50RAizbAKDP1lycH3ONiXU+7VXonfaQu0zhPQCeKw8g
cfAxguPLZseGFjJfTNlta50=
=vgrw
-END PGP SIGNATURE-



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Floppy is read just once

2002-07-07 Thread linuxbox001 




On Mon, 08 Jul 2002 00:53:16 -0300, [EMAIL PROTECTED] wrote:
>Hi
>
>When I access a disk, everything goes OK
>but if I change the disk, and try to access it
>the system returns the same first disk's archives
>What should I do to access the second disk's archives?
>If you could help me...
>Thanks a lot!
>
>Gustavo
>
>_
>Send and receive Hotmail on your mobile device: http://mobile.msn.com
>
>
>
>___
> 


 In Linux you need to Mount/Unmount drives. A diskette must be
 mounted first before it can be used. Insert a diskette into the 
 diskette drive and type mount /mnt/floppy/ at a shell prompt.


 The diskette drive activity light should blink as the diskette's 
 file system is mounted to the /mnt/floppy directory.

 You can access the contents of the diskette by changing into that
 directory with the cd /mnt/floppy/ command.

 Alternatively, you can also mount a diskette in the GNOME desktop 
 environment by right-clicking on the desktop and choosing Disks => Floppy. 
 This mounts the diskette and adds a desktop icon.

 I use Kwikdisk when I am in KDE.

 /Linuxbox001 





Communicate in total privacy.
Get your free encrypted email at https://www.hushmail.com/?l=2

Looking for a good deal on a domain name? 
http://www.hush.com/partners/offers.cgi?id=domainpeople



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: 7.2 freezes during boot process

2002-07-07 Thread Gordon Messmer 

On Sun, 2002-07-07 at 22:56, Kevin - KD Micro Software wrote:
> Hello,
> 
> Not every reboot but on most reboots my Redhat 7.2 box seems to freeze up at this 
>point:
> mxt_scan_bios: enter

I've seen that happen when the system boots up with no keyboard
attached, and haven't found a workaround.  How's your system set up?




___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

7.2 freezes during boot process

2002-07-07 Thread Kevin - KD Micro Software 



Hello,
 
Not every reboot but on most reboots my Redhat 7.2 
box seems to freeze up at this point:mxt_scan_bios: enter
 
After a few reboots it seems to get passed that 
point ok, but it happens on nearly every boot and it's frustrating.
Any ideas as to what is the cause and solution for 
this?
 
Thank you for your time.

Kevin 
GreenKD Micro Software[EMAIL PROTECTED]
MP 107, Market City, 280 Bannister Road, Canning Vale WA 
6155.Phone: 9256 1566 (2778 internal)     Mobile: 
0419 949 254.

Using a digital projector

2002-07-07 Thread Mike Davison 


I am taking my Sony laptop (Vaio 505TR running RH 7.3) to a convention where a 
'BoxLight XGA' digital projector will be available. Should I expect any 
problems or will this just work? 

Thanks,
Mike



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Floppy is read just once

2002-07-07 Thread Werner Puschitz 


On Mon, 8 Jul 2002, Gustavo Facchini wrote:

> Hi
> 
> When I access a disk, everything goes OK
> but if I change the disk, and try to access it
> the system returns the same first disk's archives
> What should I do to access the second disk's archives?
> If you could help me...
> Thanks a lot!

Unmount the floppy disk before you physically remove it.

Werner




___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: dynamic and static IP address (was hostname)

2002-07-07 Thread Kevin Myers 

On Sat, 06 Jul 2002 16:59:09 -0400, Edward wrote:

>Actually, there is a little magic in sending email.  It's called 
>authentication.  He's probably set to use his own ISP's mail server. 
>But when he's on his network, the ISP's mail server is rejecting the 
>mail (won't relay).  He may just need to select a local mail server that 
>will send mail.

I must admit that I assumed the original sender wasn't getting any 'Relaying
denied' type messages sent back to him. If this is the case, then, as you
say, he will have to use a server that he is authorised to use, or send
directly (if that's not restricted)

Thinking about it, it's probably a combination of routing and authorisation!



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Floppy is read just once

2002-07-07 Thread Gustavo Facchini 

Hi

When I access a disk, everything goes OK
but if I change the disk, and try to access it
the system returns the same first disk's archives
What should I do to access the second disk's archives?
If you could help me...
Thanks a lot!

Gustavo

_
Send and receive Hotmail on your mobile device: http://mobile.msn.com



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Adding My Language To Linux

2002-07-07 Thread Gayan Godagama 

Hi,
I have seen that Red Hat Linux has support to languages other than English. So want to add my own language to the OS (my  language is Sinhala, SriLankan's language). 
I would like to know whether this is possible. Currently I am a computer science student at University of Moratuwa SriLanka so I have the basic knowledge about Linux OS.
Regards,
 
GodagamaChat with friends online, try MSN Messenger: Click Here



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Intrusion Detection

2002-07-07 Thread Jason Costomiris 

On Sat, Jun 29, 2002 at 03:59:17PM -0400, Jay Daniels wrote:
: I'm looking for a ids like puresecure, but free and open source.  Take a
: look. The screenshots are amazing, but so is the price!!!

Good news for you then.  Puresecure just uses snort.

LARC looks like an interesting config interface for the web..

-- 
Jason Costomiris <><   |  Technologist, geek, human.
jcostom {at} jasons {dot} org  |  http://www.jasons.org/ 
  Quidquid latine dictum sit, altum viditur.
My account, My opinions.



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: mutt and courier imaps with ~/Maildir

2002-07-07 Thread Jay Daniels 

On Sun, 2002-07-07 at 14:44, Gordon Messmer wrote:
> On Sun, 2002-07-07 at 10:18, Jay Daniels wrote:
> > Will the version of mutt supplied by RedHat 7.3 support courier imaps
> > with Maildir?
> 
> Yes it will work with imaps, ignore Maildir.  If you're connecting to
> IMAP, then maildir is an implementation detail that mutt need know
> nothing about.
> 
> > Cannot get my .muttrc to work. I tried various combination for spoolfile
> > and folder (INBOX.* INBOX. INBOX) but none will connect to my ~/Maildir
> > mailbox.
> 
> When you use INBOX, what does mutt do?  Any error messages?  Does
> Courier log a connection in /var/log/maillog?
> 
> > I was told to try INBOX.List...
> 
> Just use INBOX
> 
> > # ~/.muttrc
> > set spoolfile = imaps://mail.myserver.com/INBOX.List
> > #set folder = imaps://mail.myserver.com/INBOX
> > #set postponed = imaps://mail.myserver.com/Maildir/.postponed
> > set record = imaps://mail.myserver.com/Maildir/.Sent
> 
> Don't use '/' characters in your mail folders.  Courier IMAP uses '.' as
> its folder separator.
> 
> 

Got it Gordon! I can connect now.

Of all the .muttrc files I viewed none had this format for spoolfile.

set spoolfile = {mail.myserver.com/ssl}INBOX

Now, to find the proper settings for set folder and figure out how to
switch folders. With .mailfiter I receive mail in various folders under
INBOX.foldername.

No one seems to use this format for the spoolfile variable.  Found the
solution in the mutt FAQ of all places;)

Notes:
As for Garys post, I viewed that .muttrc config you suggested and it is
very complex to say the least.  Also, it is setup move the mail in the
Maildir to ~/Mail which I do not want...  Very nice setup though if you
want to move your mail out of the IMAP namespace and into a mutt folder
on a workstation.


jay





___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: How to make it possible

2002-07-07 Thread Mike Burger 

First, since you want "one.cc.com" to go to a different external IP, you 
should just set the DNS entry for one.cc.com to the IP you want.

As far as forwarding the other two to an internal IP, yes, IPtables can do 
this for you, via nat.

On Sat, 6 Jul 2002, Peter Gosens wrote:

> Is it possible to make iptables forward packets based on hostname. 
> 
> I've one.cc.com and two.cc.com three.cc.com pointing to 213.93.43.28 . And I want 
>that traffic with one.cc.com is going to 213.93.43.84. But the two.cc.com and 
>three.cc.com traffic need to be forwarded to an internal network ip (suchs as 
>192.168.100.2).
> 
> Is this possible with iptables. Or do I have to add an loadbalancer or use an proxy. 
>I also thought about using ipv6, but it has an lack of supporting program's.
> 
> If you have any other idea's about this matter. Please tell me.
> 



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: iptables (new issue)

2002-07-07 Thread Ashley M. Kirchner 

"Joseph R . Erlewein" wrote:

> It looks like you're attempting to edit the iptables file in /etc/sysconfig.

Nope, I merely posted what the file looks like right now.  Instead of posting each 
'iptables' command every time.


> /etc/rc.d/init.d/iptables save

Whenever I need to save my (working) settings, I just run

/sbin/iptables-save > /etc/sysconfig/iptables

--
H | "Life is the art of drawing without an eraser." - John Gardner
  +
  Ashley M. Kirchner    .   303.442.6410 x130
  Director of Internet Operations / SysAdmin. 800.441.3873 x130
  Photo Craft Laboratories, Inc.. 3550 Arapahoe Ave, #6
  http://www.pcraft.com . .  ..   Boulder, CO 80303, U.S.A.





___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: apache permissions

2002-07-07 Thread Anthony E. Greene 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 07-Jul-2002/13:04 -0500, Chet Nichols <[EMAIL PROTECTED]> wrote:
>Hey Brian,
>
>Woohoo, it worked! I added:
>
>
>Options Indexes Includes FollowSymLinks
>AllowOverride None
>Allow from from all
>Order Deny,Allow
>
>
>I've got multiple sites located in peoples home directories, so I added
>the entire /home, and its working great. I guess you could consider this
>a possible security threat, but the actual permissions on /home and its
>user folders are such that you can only read the web folders of each
>user. It's good stuff. Thanks again, talk to you later,

You might try  to restrict these settings
to directories taht are intended for public consumption.


Tony
- -- 
Anthony E. Greene 
OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26  C484 A42A 60DD 6C94 239D
AOL/Yahoo Messenger: TonyG05HomePage: 
Linux. The choice of a GNU generation 

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene  0x6C94239D

iD8DBQE9KNw9pCpg3WyUI50RAl7oAKCEcBLA7S79EVRncuo8jzLc1KpRnACg0Iqm
/UQBa6+tGqGEwI//TpNozTo=
=q+QF
-END PGP SIGNATURE-



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: iptables (new issue)

2002-07-07 Thread Anthony E. Greene 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 07-Jul-2002/00:40 -0400, "Joseph R . Erlewein" <[EMAIL PROTECTED]> wrote:
>* a word of caution *
>
>It looks like you're attempting to edit the iptables file in /etc/sysconfig.
>
>I wouldn't do this. This file is created every time you execute:
>
>/etc/rc.d/init.d/iptables save

That command is executed whenever the iptables service is stopped or
restarted using:

  service iptables stop|restart
or
  /etc/rc.d/init.d/iptables stop|restart

>when you do a "restore" instead of a save, this ruleset is loaded.

That happens when the iptables service is started or restarted.

>Since you're just learning about iptables, editing this file is NOT the
>best approach - I would start by using a simple script that sets things
>how you need it using the iptables command line directive, and get your
>ruleset how you want it. Then, I would issue the save directive, reboot,
>and see how things come up.

I have a shell script that consists of some setup stuff and a series of
ipchains commands, ending with 'service iphains save'. So every time I
make a change and run the script, my settings are both implemented and
saved. The script includes lots of comments and is designed to be easily
maintainable. I don't even look at /etc/sysconfig/ipchains.

The script lets me do things like use grep and cut to parse resolv.conf
for nameserver IP addresses, put them in a list:

  dnslist=`grep '^nameserver' /etc/resolv.conf | cut -f 2 -d ' '`

Then I use a loop to allow DNS connections to the IP addresses in the
list:

  for dns in $dnslist
  do
ipchains --append input --interface $ext --protocol udp \
  --source $dns domain --destination-port 1024: --jump ACCEPT
ipchains --append input --interface $ext --protocol tcp \
  --source $dns domain --destination-port 1024: --jump ACCEPT
  done


So whenever I change resolv.conf, I just run the firewall script and the
rules are updated and saved. I have commands that use ifconfig and ipcalc
to get the IP address, network, and netmask for my LAN interface and set a
$lan variable that makes it easy to specify the LAN as a source or
destination. If I change my LAN numbering scheme the script will picj it
up automatically. All I have to do is set a variable that tells it whcih
interface is internal and which is external.

I realize you're using iptables, but the same methods could be used to
simplify your firewall maintenance.


Tony
- -- 
Anthony E. Greene 
OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26  C484 A42A 60DD 6C94 239D
AOL/Yahoo Messenger: TonyG05HomePage: 
Linux. The choice of a GNU generation 

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene  0x6C94239D

iD8DBQE9KNtrpCpg3WyUI50RAh3IAKDfUMo1gm6ZuXzXSP0i+2Zz+IHZ0gCZAb69
Ce3MtvhvXbVVFCbQPil/Nfc=
=b5tY
-END PGP SIGNATURE-



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Telnet

2002-07-07 Thread Bret Hughes 

On Sun, 2002-07-07 at 13:35, Ed Wilts wrote:
> Edit /etc/ssh/sshd_config and change PermitRootLogins to no.  Don't forget
> to restart the daemon.
> 
> .../Ed

you can also disable password authentication so that a user MUST have a
key in authorized_keys.  Totally removes the possibility of a brute
force password crack.

Bret



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Pilot Project/Feasibility Study (This is a Big'un)

2002-07-07 Thread Anthony E. Greene 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 07-Jul-2002/17:11 -0400, Ray Curtis <[EMAIL PROTECTED]> wrote:
>Anthony E Greene <[EMAIL PROTECTED]> writes:
>> I don't think there's a Notes client or a Visio equivalent for Linux.
>
>Visio = Dia  http://www.lysator.liu.se/~alla/dia/
>Notes = Xnotes   http://www.graphics-muse.org/xnotes/xnotes.html

XNotes is not a (Lotus) Notes client. It's a standalone app. Evolution has
a Task/Todo List, Contacts, Email, Calendaring, and it syncs with Palm
Pilot. Evolution is included with the Ximian Desktop, which I would
consider a must-have on a GNOME desktop.

Dia does not read/write Visio files. For the purposes of a mixed
environment like the one described in the original post, that is a
non-starter. That's too bad, because I happen to like Dia.

Tony
- -- 
Anthony E. Greene 
OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26  C484 A42A 60DD 6C94 239D
AOL/Yahoo Messenger: TonyG05HomePage: 
Linux. The choice of a GNU generation 

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene  0x6C94239D

iD8DBQE9KNFnpCpg3WyUI50RAsCKAKDA3cW9MOkKaS9CDdNOdIjuZEySpwCg5sYO
qYb1bmmW71VSvpLPagSXsxw=
=QqWu
-END PGP SIGNATURE-



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: ADSL Installation Headaches

2002-07-07 Thread Price Technology 

More information please.

You fail to tell us what OS this 486 is running, what your current 
configuration is and so on.

I'll take a stab at an answer anyway;  The ISP is using proprietary software 
to allow your box to connect which has minimum system requirements.  It 
probably requires more than they ask for if it's like most software.

My biggest concern is why you would let an outside technician who is probably 
no more than a "phone guy" mess with your computer.

Joebewan



On Sunday 07 July 2002 04:20 am, Sarig Scudder wrote:
> I'm trying to upgrade my internet connection  from 56K modem service to
> ADSL service but I am having some problems with the company providing the
> service. They claim the minimum machine they  will install a modem on is a
> Pentium 133 with 32meg of memory. I currently  have an AMD 133 which is a
> 486 class process with 24megs of memory, being  used as a firewall, that I
> would like  to install it on. I asked the technician that came to install
> why a Pentium 133 is the minimum and he had no answer only to show me
> documents from the various service providers he works with that all have
> the same minimums. My guess is the minimums are based on the computer being
> used as a workstation but I have no facts to back that up. Is it possible
> to get ADSL service working on a 486 given enough RAM? Since it is a
> firewall and only has to pass packets along, more or less, I thought this
> would be enough. Anybody care to venture an opinion?
>
> 
> Sarig

-- 
Valhalla -- Linux good, Fire bad



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: sendmail smtp auth

2002-07-07 Thread Chet Nichols 

Hey Russ,

It worked! Thanks a ton for your help, I'm excited. Take it easy, talk to
you later,

Chet


on 7/7/02 3:55 PM, R P Herrold at [EMAIL PROTECTED] wrote:

> On Sun, 7 Jul 2002, Chet Nichols wrote:
> 
>> Hey there,
>> 
>> I'm trying to set up SMTP authentication for sendmail..I went to the
>> sendmail site to look how to do it..installing Cyrus-sasl, etc. I remembered
>> that I had installed the Cyrus-sasl RPM though when I installed RedHat 7.2,
>> so I jumped right to the step to see if SASL is in the output..
> 
> see: http://www.owlriver.com/tips/smtp-auth.html for an
> outline which works.  para 3 and 4 address your issues.
> 
> -- Russ Herrold
> 
> 
> 
> 



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: ADSL Installation Headaches

2002-07-07 Thread Ed Wilts 

I'm using a BEFSR81 which includes an 8-port 10/100 switch, SNMP management,
QoS, and the firewall functions.

.../Ed

Ed Wilts
Mounds View, MN, USA
mailto:[EMAIL PROTECTED]
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, July 07, 2002 2:43 PM
Subject: Re: ADSL Installation Headaches


> Just out of curiosity, which linksys router are you using? Is it the
> wireless access point?
>
> thank you
> Randy
>
> On Sun, 7 Jul 2002, Ed Wilts wrote:
>
> > Your system should be fine.  The requirement for a faster system is
really
> > for the add-on software that the ISP provides - a web browser, mail
client,
> > etc.  My cable modem connection is a Linksys router, and I'd be
surprised if
> > it was as fast as a P133 (of even it has a Pentium processor inside!) or
if
> > it had 32MB of memory.
> >
> > The problem you run into is that some installers want to do the work on
your
> > system.  Just be prepared to tell them to run the cable and leave it at
> > that.  My Linux firewall system way back when was already running when
they
> > converted me from one-way cable modem to two-way and the installer tried
to
> > tell they don't support Linux - I just told him to go ahead and change
the
> > modem and I'd take care of the software end of things.  He was stunned
when
> > the link came up so fast on Linux - I had already configured the dhcp
client
> > and just needed to restart the network and told him what the IP address
was
> > and he was satisfied.  I've since switched to using the Linksys router
for
> > my connection - one less system to manage, a lot quieter, and less
noise.
> >
> > .../Ed
> >
> > Ed Wilts
> > Mounds View, MN, USA
> > mailto:[EMAIL PROTECTED]





___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Pilot Project/Feasibility Study (This is a Big'un)

2002-07-07 Thread Ray Curtis 

> "aeg" == Anthony E Greene <[EMAIL PROTECTED]> writes:

aeg> -BEGIN PGP SIGNED MESSAGE-
aeg> Hash: SHA1

aeg> On 05-Jul-2002/01:13 -0700, Scott Bower <[EMAIL PROTECTED]>
aeg> wrote:
>> This possible environment would look something like this, a homogenous
>> environment running a locked-down Windows NT 4 Desktop with Roaming
>> Profiles running various productivity software including Lotus Notes,
>> Microsoft Office and Outlook, Visio, etc. authenticating to Windows 2000
>> Servers sporting Exchange and Terminal Services...

aeg> I don't think there's a Notes client or a Visio equivalent for Linux.

Visio = Dia  http://www.lysator.liu.se/~alla/dia/
Notes = Xnotes   http://www.graphics-muse.org/xnotes/xnotes.html




-- 
Ray Curtis
mailto:[EMAIL PROTECTED]   http://www.ccux.com



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: sendmail smtp auth

2002-07-07 Thread R P Herrold 

On Sun, 7 Jul 2002, Chet Nichols wrote:

> Hey there,
> 
> I'm trying to set up SMTP authentication for sendmail..I went to the
> sendmail site to look how to do it..installing Cyrus-sasl, etc. I remembered
> that I had installed the Cyrus-sasl RPM though when I installed RedHat 7.2,
> so I jumped right to the step to see if SASL is in the output..

see: http://www.owlriver.com/tips/smtp-auth.html for an 
outline which works.  para 3 and 4 address your issues.

-- Russ Herrold



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: ftp and root account

2002-07-07 Thread jayson 

I know it isn't a good idea, but am porting from SCO 5.0.6 to RedHat 7.2,
and SCO apparently doesn't care about the security of root and telnet/ftp.
So now just trying to do what I was told :)

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Samuel Flory
Sent: Sunday, July 07, 2002 3:47 PM
To: [EMAIL PROTECTED]
Subject: Re: ftp and root account


On Sun, 2002-07-07 at 13:41, jayson wrote:
> could someone please tell me how to allow root to ftp into a RedHat 7.2
> system. I have removed root from ftpusers, but still not allowing to
login.
> Something else need to be done?
>


  Use something like sftp instead.  Make sure you allow root login via
ssh.


/etc/ssh/sshd_config:
PermitRootLogin yes


BTW-  Allowing root login of any type are a bad idea.  Why can't you use
a non root user?



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: ftp and root account

2002-07-07 Thread Samuel Flory 

On Sun, 2002-07-07 at 13:41, jayson wrote:
> could someone please tell me how to allow root to ftp into a RedHat 7.2
> system. I have removed root from ftpusers, but still not allowing to login.
> Something else need to be done?
> 


  Use something like sftp instead.  Make sure you allow root login via
ssh.


/etc/ssh/sshd_config:
PermitRootLogin yes


BTW-  Allowing root login of any type are a bad idea.  Why can't you use
a non root user?



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: ftp and root account

2002-07-07 Thread Jonathan M. Slivko 



Jayson,
Thats a Bad Thing (tm)
 
-- Jonathan
 
--Jonathan M. Slivko - jslivko @ clicknetsolutions.comTechnical 
Support/Sales - ClickNet Solutionsweb: http://www.clicknetsolutions.com

  - Original Message - 
  From: 
  jayson 
  To: [EMAIL PROTECTED] 
  Sent: Sunday, July 07, 2002 4:41 PM
  Subject: ftp and root account
  could someone please tell me how to allow root to ftp into a 
  RedHat 7.2system. I have removed root from ftpusers, but still not 
  allowing to login.Something else need to be done?Thanks in 
  advance,Jayson 
  Hill___Redhat-list 
  mailing list[EMAIL PROTECTED]https://listman.redhat.com/mailman/listinfo/redhat-list

ftp and root account

2002-07-07 Thread jayson 

could someone please tell me how to allow root to ftp into a RedHat 7.2
system. I have removed root from ftpusers, but still not allowing to login.
Something else need to be done?

Thanks in advance,

Jayson Hill



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Samba rights and configuration

2002-07-07 Thread Anthony E. Greene 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 03-Jul-2002/16:09 -0600, Lee Griffin <[EMAIL PROTECTED]> wrote:
>First, will users be able to log on solely off of the windows 2000 user
>base, or will users have to be individually added to the linux client?

There is supposed to be a way to set this up, but I've never tried it.
look at the docs in  on your
machine.

>In my smb.conf file I have workgroup=mydomain, and security=domain,
>password encryption is turned on. I get the feeling however that
>smb.conf is meant for the samba server and not the client.

If you use pam_smb_auth for your machine, you can use security=user in
smb.conf. You may also have to configure /etc/pam.d/samba to use
pam_smb-auth. This configuration allows you to setup users and group on
the Linux box to give you better control over who has what kind of access
to which files, directories, and printers.

>Second, I've tried to mount the network shares on the server via
>smbmount. It will only allow me to do so as the super user. I need
>normal users to be able to mount network shares. How do I go about
>giving all my users smbmount and umount rights? I tried using chmod for
>rights to smbmount, but that didn't seem to work.

See my detailed response in the thread "Pilot Project/Feasibility Study"
on this list.

Tony
- -- 
Anthony E. Greene 
OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26  C484 A42A 60DD 6C94 239D
AOL/Yahoo Messenger: TonyG05HomePage: 
Linux. The choice of a GNU generation 

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene  0x6C94239D

iD8DBQE9KKSNpCpg3WyUI50RAlzzAKD7AkUaovU5siIahqIdXD12W9PhWgCg9DUP
MeuU3cP5AtjS1PoQsuOhysU=
=nLrp
-END PGP SIGNATURE-



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

sendmail smtp auth

2002-07-07 Thread Chet Nichols 

Hey there,

I'm trying to set up SMTP authentication for sendmail..I went to the
sendmail site to look how to do it..installing Cyrus-sasl, etc. I remembered
that I had installed the Cyrus-sasl RPM though when I installed RedHat 7.2,
so I jumped right to the step to see if SASL is in the output..

'sendmail -d0.1 -bv root | grep SASL'

I saw SASL in the output, double checked to make sure I could connect to the
server and use 'EHLO', and it all seems to be fine. However, when I use
Outlook or any email client to use my mail server as the SMTP server with
authentication, it always says the server doesn't support authentication. Do
I need to add those APPENDDEF lines to my sendmail.mc file? Thanks in
advance for the help,

Chet



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Cipe?

2002-07-07 Thread Stephen Gevers 

A. Gent wrote:

>Hi,
>I would like to use a RedHat 7.2 as a dial-in server.
>The box connects to the Internet with a network card,
>using a router. The router's IP address, 192.168.0.1
>is the default gateway for the RedHat box, which is
>192.168.0.177. 
>The dial-in server box connects to the Internet
>without a problem.
>
>I have set up the dial-in server and I can connect to
>it with an other RedHat box, using PPP. During PPP I
>assign to the dial-in box the IP 192.168.0.178.
>
>Once the connection is up, from 192.168.0.178 I can
>ping 192.168.0.177, I can ssh there, etc.
>
>What should I do in order to be able to ping the
>router (192.168.0.1) and go to the Internet from
>192.1168.0.178?
>
>I have seen a reference to firewallss in
>/etc/rc.d/init.d, but it complains about not finding
>/etc/sysconfig/cipe.
>
>I have cipe installed on the dial-in box, however I do
>not have 2 network card there, only one. I would like
>to enable IP forwarding between 192.168.0.177 ethernet
>and the PPP link.
>
>I have found /etc/ppp/firewall-masq script I have run
>it, but still no luck.
>
>Any help is appreciated.
>
>Art
>
>  
>
You need to enable forwarding on the dial in server.  I have 
accomplished this using the following command:

# echo 1 > /proc/sys/net/ipv4/ip_forward

I sent this command out recently and received the following reply:

>> Nowadays these values are usually not set directly using the proc filesystem 
>> but by using sysctl. Try setting
>> net.ipv4.ip_forward = 1
>> in /etc/sysctl.conf.

You may still need firewalling and/or cipe, but neither of those is 
likely to be your problem right now.

Steve




___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: ADSL Installation Headaches

2002-07-07 Thread KnowHow Tech Support 

You might think about using an external ADSL modem.  I had the same issue 
and spent 100 on a turbocomm adsl router.  It is a dsl modem, NAT, and 
router all in one.  I disabled the router in it of course, but it solved 
my problem.

Jon


On Sun, 7 Jul 2002, Sarig Scudder wrote:

> I'm trying to upgrade my internet connection  from 56K modem service to ADSL
> service but I am having some problems with the company providing the
> service. They claim the minimum machine they  will install a modem on is a
> Pentium 133 with 32meg of memory. I currently  have an AMD 133 which is a
> 486 class process with 24megs of memory, being  used as a firewall, that I
> would like  to install it on. I asked the technician that came to install
> why a Pentium 133 is the minimum and he had no answer only to show me
> documents from the various service providers he works with that all have the
> same minimums. My guess is the minimums are based on the computer being used
> as a workstation but I have no facts to back that up. Is it possible to get
> ADSL service working on a 486 given enough RAM? Since it is a firewall and
> only has to pass packets along, more or less, I thought this would be
> enough. Anybody care to venture an opinion?
> 
> 
> Sarig
> 
> 
> 



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: ADSL Installation Headaches

2002-07-07 Thread rweidman 

Just out of curiosity, which linksys router are you using? Is it the
wireless access point?

thank you
Randy

On Sun, 7 Jul 2002, Ed Wilts wrote:

> Your system should be fine.  The requirement for a faster system is really
> for the add-on software that the ISP provides - a web browser, mail client,
> etc.  My cable modem connection is a Linksys router, and I'd be surprised if
> it was as fast as a P133 (of even it has a Pentium processor inside!) or if
> it had 32MB of memory.
> 
> The problem you run into is that some installers want to do the work on your
> system.  Just be prepared to tell them to run the cable and leave it at
> that.  My Linux firewall system way back when was already running when they
> converted me from one-way cable modem to two-way and the installer tried to
> tell they don't support Linux - I just told him to go ahead and change the
> modem and I'd take care of the software end of things.  He was stunned when
> the link came up so fast on Linux - I had already configured the dhcp client
> and just needed to restart the network and told him what the IP address was
> and he was satisfied.  I've since switched to using the Linksys router for
> my connection - one less system to manage, a lot quieter, and less noise.
> 
> .../Ed
> 
> Ed Wilts
> Mounds View, MN, USA
> mailto:[EMAIL PROTECTED]
> - Original Message -
> From: "Sarig Scudder" <[EMAIL PROTECTED]>
> To: "Red Hat List" <[EMAIL PROTECTED]>
> Sent: Sunday, July 07, 2002 4:20 AM
> Subject: ADSL Installation Headaches
> 
> 
> > I'm trying to upgrade my internet connection  from 56K modem service to
> ADSL
> > service but I am having some problems with the company providing the
> > service. They claim the minimum machine they  will install a modem on is a
> > Pentium 133 with 32meg of memory. I currently  have an AMD 133 which is a
> > 486 class process with 24megs of memory, being  used as a firewall, that I
> > would like  to install it on. I asked the technician that came to install
> > why a Pentium 133 is the minimum and he had no answer only to show me
> > documents from the various service providers he works with that all have
> the
> > same minimums. My guess is the minimums are based on the computer being
> used
> > as a workstation but I have no facts to back that up. Is it possible to
> get
> > ADSL service working on a 486 given enough RAM? Since it is a firewall and
> > only has to pass packets along, more or less, I thought this would be
> > enough. Anybody care to venture an opinion?
> >
> > 
> > Sarig
> >
> >
> >
> 
> 
> 
> 
> ___
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Dell Laptop X-settings

2002-07-07 Thread Lesniak, Steven 

I've got a Dell C800 with the ATI Rage Mobility M4 video card and I can't
seem to get X running on.

Has anyone gotten this working with good quality, because I can't get past
the setup?  

What settings for the Card and Screen should I use?

Any advice will be greatly appreciated.

TIA,

Steven



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: apache permissions

2002-07-07 Thread Chet Nichols 

Hey Brian,

Woohoo, it worked! I added:


Options Indexes Includes FollowSymLinks
AllowOverride None
Allow from from all
Order Deny,Allow


I've got multiple sites located in peoples home directories, so I added the
entire /home, and its working great. I guess you could consider this a
possible security threat, but the actual permissions on /home and its user
folders are such that you can only read the web folders of each user. It's
good stuff. Thanks again, talk to you later,

Chet



on 7/6/02 11:40 PM, Brian Ashe at [EMAIL PROTECTED] wrote:

> Chet Nichols,
> 
> On Saturday July 06, 2002 01:56, you said something about:
>> Hey,
>> 
>> For one of my virtual hosts, I made a symlink of the folder to
>> /var/www/html/site.com, used that path as the root directory for the site,
>> and it works perfectly. However, when I got rid of the link and change the
>> root directory to the actual location of /home/user/site.com/, it won't let
>> me get lists of files in folders (ie: when no index file exists), and it
>> just says "not enough permission"..it doesn't do it when I have a symlink,
>> so the permissions I have set now with the site must be okay. Does anyone
>> know whats wrong, or understand what I'm saying? Thanks in advance for the
>> help!
> 
> You probably need a "Directory" tag.
> 
> If you look in your httpd.conf you will probably that there is one that says
> something like...
> 
> ...and a little below that...
> Options Indexes Includes FollowSymLinks
> ...The above could be wildly different, but the point is that it would have
> the option for indexes. There is usually a directory tag that is for the "/"
> directory that ensures that these kinds of things can't be done for security
> reasons. It also usually allows the following of symlinks to allow that to
> work as you had stated.
> 
> So to fix your problem (hopefully) you need to add something to the effect
> of...
> 
> Options Indexes Includes FollowSymLinks
> AllowOverride None
> Order allow,deny
> Allow from all
> 
> 
> Of course do a little more reading if it doesn't exactly fit your needs. The
> httpd.conf file provided by RH is fairly well commented.
> 
> Hope that helps.



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: [LARTC] RE: Redhat 7.3 / SuSE 8.0

2002-07-07 Thread bert hubert 

On Sat, Jul 06, 2002 at 08:37:07PM -0400, Brian wrote:
> You would think?, but you never know. I am loading SuSE 8.0 on the same box
> as my Redhat 7.3 box having the problem...hu

Turn on 'experimental features' and turn on 'advanced router' and they will
be un-greyed.


Regards,

bert

-- 
http://www.PowerDNS.com  Versatile DNS Software & Services
http://www.tk  the dot in .tk
http://lartc.org   Linux Advanced Routing & Traffic Control HOWTO



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: apache permissions

2002-07-07 Thread Chet Nichols 

Hey Wez,

Tried setting permissions to 777 for everything, still gives me the
permissions error..Do you think it has something to do with only stuff
originating in the /var/www/html folder being able to work correctly? I'm
stumped. Talk to you soon, thanks for the help though so far,

Chet



on 7/6/02 2:10 PM, Wesley Murphy at [EMAIL PROTECTED] wrote:

> In httpd.conf
> 
> Options SymLinks
> 
> let's you cross links on the filesystem via http, maybe it's not set up for
> the home directories
> 
> I'd go to /
> ls -l
> chmod 755 home
> to let everybody read/change to the home directory
> cd home
> chmod 755 * 
> to let everybody read/change to everyones home directory
> chmod 755 */site
> to let everybody read/change to everyones 'public_html' directory
> 
> 
> The alternative is to create a link from the users home directory to the first
> setup
> cd /home/user
> ln -s /var/www/html/site.com site.com
> 
> Ensure that 'user' is the owner of  /var/www/html/site.com
> 
> 
> Wez
> On Saturday 06 Jul 2002 5:56 pm, Chet Nichols wrote:
>> Hey,
>> 
>> For one of my virtual hosts, I made a symlink of the folder to
>> /var/www/html/site.com, used that path as the root directory for the site,
>> and it works perfectly. However, when I got rid of the link and change the
>> root directory to the actual location of /home/user/site.com/, it won't let
>> me get lists of files in folders (ie: when no index file exists), and it
>> just says "not enough permission"..it doesn't do it when I have a symlink,
>> so the permissions I have set now with the site must be okay. Does anyone
>> know whats wrong, or understand what I'm saying? Thanks in advance for the
>> help!
>> 
>> Chet
>> 
>> 
>> 
>> ___
>> Redhat-list mailing list
>> [EMAIL PROTECTED]
>> https://listman.redhat.com/mailman/listinfo/redhat-list
> 
> 
> 
> 



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: iptables (new issue)

2002-07-07 Thread Joseph R . Erlewein 

* a word of caution *

It looks like you're attempting to edit the iptables file in /etc/sysconfig.

I wouldn't do this. This file is created every time you execute:

/etc/rc.d/init.d/iptables save

when you do a "restore" instead of a save, this ruleset is loaded.

Since you're just learning about iptables, editing this file is NOT the best approach 
- I would start by using a simple script that sets things how you need it using the 
iptables command line directive, and get your ruleset how you want it. Then, I would 
issue the save directive, reboot, and see how things come up.

Just an idea - perhaps this is what you are doing. :) 

-jre


On Sat, Jul 06, 2002 at 09:39:50PM -0600, Ashley M. Kirchner wrote:
> Envelope-to: [EMAIL PROTECTED]
> Delivery-date: Sat, 06 Jul 2002 23:34:11 -0400
> Delivered-To: [EMAIL PROTECTED]
> From: "Ashley M. Kirchner" <[EMAIL PROTECTED]>
> Organization: Photo Craft Laboratories, Inc.
> X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U)
> X-Accept-Language: en
> To: Red Hat Mailing List <[EMAIL PROTECTED]>
> Subject: iptables (new issue)
> X-Loop: [EMAIL PROTECTED]
> Errors-To: [EMAIL PROTECTED]
> X-BeenThere: [EMAIL PROTECTED]
> X-Mailman-Version: 2.0.1
> Precedence: bulk
> Reply-To: [EMAIL PROTECTED]
> X-Reply-To: [EMAIL PROTECTED]
> List-Help: 
> List-Post: 
> List-Subscribe: ,
>   
> List-Id: General Red Hat Linux discussion list 
> List-Unsubscribe: ,
>   
> List-Archive: 
> X-Original-Date: Sat, 06 Jul 2002 21:39:50 -0600
> Date: Sat, 06 Jul 2002 21:39:50 -0600
> X-FromHost: (listman.redhat.com) [66.187.233.211]
> X-UIDL: Xgi"!/+i"!jX6!!WW7"!
> 
> 
> Thanks to Stephen earlier, I solved one problem, now I have another.  The 
>following rules work in that they block everything incoming to the server except for 
>those services opened, and it allows traffic back and forth to and from the internal 
>network.  However, from the internal network, I can not get onto the server itself.  
>What do I have to change or add to make folks on the private network (192.168.1.0/24) 
>to be able to get onto the server itself?
> 
> Basically I want only those 4 opened ports from the outside to reach the server, 
>but anything from the internal network should be able to reach the server as well 
>(and right now nothing does) and be able to go out to the net.
> 
> Also, if anyone sees some blatant problem with these rules, please let me know 
>since I'm still learning about iptables.  My requirements are simple:
> 
> From the outside:
> - Drop everything incoming to the server
> except for ports 21, 22, 25 and 80.
> 
> From the inside (private) network:
> - Forward traffic from the inside network to the outside world
> - Allow everything in and out of the server itself
> 
> From the server itself:
> - Allow everything/anything to go out to the world.
> 
> What'd I forget?  Here are the current set of rules:
> 
> # Generated by iptables-save v1.2.5 on Sat Jul  6 21:18:47 2002
> *nat
> :PREROUTING ACCEPT [148:20680]
> :POSTROUTING ACCEPT [10:774]
> :OUTPUT ACCEPT [10:774]
> -A POSTROUTING -s 192.168.1.0/255.255.255.0 -d ! 192.168.1.0/255.255.255.0 -j SNAT 
>--to-source 12.253.88.33
> COMMIT
> # Completed on Sat Jul  6 21:18:47 2002
> # Generated by iptables-save v1.2.5 on Sat Jul  6 21:18:47 2002
> *filter
> :INPUT DROP [129:18877]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [10881:581839]
> -A INPUT -i lo -j ACCEPT
> -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
> -A INPUT -p tcp -m tcp ! --tcp-option 2 -j REJECT --reject-with tcp-reset
> -A INPUT -i eth0 -p tcp -m tcp --dport 21 -j ACCEPT
> -A INPUT -i eth0 -p udp -m udp --dport 21 -j ACCEPT
> -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT
> -A INPUT -i eth0 -p udp -m udp --dport 22 -j ACCEPT
> -A INPUT -i eth0 -p tcp -m tcp --dport 25 -j ACCEPT
> -A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT
> -A INPUT -i eth0 -p udp -m udp --dport 80 -j ACCEPT
> -A FORWARD -d 192.168.1.0/255.255.255.0 -m state --state RELATED,ESTABLISHED -j 
>ACCEPT
> -A FORWARD -s 192.168.1.0/255.255.255.0 -j ACCEPT
> -A OUTPUT -o lo -j ACCEPT
> COMMIT
> # Completed on Sat Jul  6 21:18:47 2002
> 
> --
> H | "Life is the art of drawing without an eraser." - John Gardner
>   +
>   Ashley M. Kirchner    .   303.442.6410 x130
>   Director of Internet Operations / SysAdmin. 800.441.3873 x130
>   Photo Craft Laboratories, Inc.. 3550 Arapahoe Ave, #6
>   http://www.pcraft.com . .  ..   Boulder, CO 80303, U.S.A.
> 
> 
> 
> 
> 
> __

[Users] FreeS/Wan on Redhat 7.3

2002-07-07 Thread Stephen J Bevan 

Brian writes:
 >   I have been trying to install FreeS/Wan 1.98b for about one week now and
 > have gotten NO Where.

I installed FreeS/WAN 1.98b on RedHat 7.3 for the first time on
Tuesday and it worked without a hitch.

I did have some problems when I hacked some of the IPsec code and
re-built it after changing which things were modules and which weren't
but IMHO those problems were of my making.

Based on that and the fact that you changed some configuration values
I'm guessing that sticking as close as possible to the default
configuration values would be your best bet if you want to continue to
build your own FreeS/WAN on RedHat 7.3.  Another option would be to
avoid compiling yourself and install the RPMs.



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: [Users] FreeS/Wan on Redhat 7.3

2002-07-07 Thread Ken Bantoft 


I'm going to disagree with your advice - I had a fresh RH 7.3 install 
running @ OLS, and thru the week ran 1.97, 1.98 and 1.98b without any 
problems whatsoever.  I changed kernels at least a dozen times, from 
2.4.18 -> 2.4.19-pre10 and everything in between.  Each time I changed 
kernels, I did the same thing:

cd /usr/src/freeswan-1.98b
make oldmod
make minstall
service ipsec restart

And that was it.  I even had Wavesec running for the entire week without 
problems.  It might help if you posted either some barfs or even a .config 
from your kernel, but I can assure you RH 7.3 works quite well with 
FreeS/Wan, even if they still don't include it in the base distro like Suse and 
Mandrake 
do.  (Probably crypto regulations with the US Government block them)

Ken

On Sat, 6 Jul 2002, Brian wrote:

> 
>   I have been trying to install FreeS/Wan 1.98b for about one week now and
> have gotten NO Where.
> My advice to anyone that wants to run FreeS/Wan buy SuSE 8.0 Pro with
> FreeS/Wan already included , it will save you from pulling all your hair
> out, unless you have no hair to begin with. It seems like redhat does not
> like FreeS/Wan for some reason, everytime I get FreeS/Wan to work I need add
> another fuction to the kernel then after I think I have it, when I re-start
> and get to the part starting IPSEc, IT BOMBS out, telling KLIPS is now
> not part of the kernel...LOL I have tryed to re-compile the kernel and
> de-slect the options that I think caused the problem but with no luck...
> when I slect the netfilter option, which I need to setup routing , It bombs
> out when I restart redhat...
> 
> 
> ___
> Users mailing list
> [EMAIL PROTECTED]
> http://lists.freeswan.org/mailman/listinfo/users
> 

-- 
Ken Bantoft One Unix to rule them all, One Resolver to find them,
[EMAIL PROTECTED] One IP to bring them all, and in the zone, bind them.





___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: hostname

2002-07-07 Thread Juan L. Pastor 

Hi,

On Wed, 2002-07-03 at 23:53, Jay Daniels wrote:

> > You have a structure different from:
> > 
> > IP_address  FQDNalias1  alias2
> 
> Correct
> 
> IP_address  hostname  FQDN 

Have you tried the hostname, hostname --fqdn, domainname and
dnsdomainname commands? From the man pages of theses commands and the
trial and error method, I've found that the correct way to configure a
hostname, for example foo.bar.net is the following:

/etc/hosts:
127.0.0.1   localhost   localhost.localdomain
xxx.xxx.xxx.xxxfoo.bar.net   foo   alias1...alias_n

You have an entry in /etc/sysconfig/network
HOSTNAME=foo

And finally, if you want to update the hostname without rebooting, you
should also use the hostname command.

Juan.



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: [Users] FreeS/Wan on Redhat 7.3

2002-07-07 Thread Tony Zafiropoulos 


I was not able to compile it either, but these rpms worked like a charm...

http://www.steamballoon.com/freeswan/

I am still trying to get a road warrior config to work...

Does anyone have a suggestion?? (need a winbloze client)

I tried ssh.com's sentinel, and was not successful...

Now trying pgp-->> Mcafee

Tony


On Sat, 6 Jul 2002, Greg Scott wrote:

> Brian, did you have the same problem with FreeS/WAN 1.97?  I was able 
> to get 1.97 to work after some struggles but have not yet tried 1.98.
> 
> I am using the kernel configuration answers from 
> configs/kernel-2.4.18-i386.config.
> 
> Here is an extract from my notes on how to set it all up.
> 
> cd /usr/src
> 
> Be sure to make a symbolic link, linux, that points to the real source 
> tree, like this:
> ln --symbolic linux-2.4.18-3 linux
> 
> cd linux
> 
> make mrproper
> 
> I use the Red Hat configuration answers to initially start out, 
> like this:
> 
> cp configs/kernel-2.4.18-i386.config .config
> 
> Next, I build a kernel without FreeS/WAN, then do make xgo and
> and build a kernel with FreeS/WAN support.  There was a 1.97 bug
> and I had to pull out an error checking tool from the 1.98
> candidate release.
> 
> I can clean up my detailed notes and post here if you want - but 
> I have not yet tried a 1.98 build.
> 
> - Greg
> 
> 
> -Original Message-
> From: Brian [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, July 06, 2002 1:14 PM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: [Users] FreeS/Wan on Redhat 7.3
> 
> 
> 
>   I have been trying to install FreeS/Wan 1.98b for about one week now and
> have gotten NO Where.
> My advice to anyone that wants to run FreeS/Wan buy SuSE 8.0 Pro with
> FreeS/Wan already included , it will save you from pulling all your hair
> out, unless you have no hair to begin with. It seems like redhat does not
> like FreeS/Wan for some reason, everytime I get FreeS/Wan to work I need add
> another fuction to the kernel then after I think I have it, when I re-start
> and get to the part starting IPSEc, IT BOMBS out, telling KLIPS is now
> not part of the kernel...LOL I have tryed to re-compile the kernel and
> de-slect the options that I think caused the problem but with no luck...
> when I slect the netfilter option, which I need to setup routing , It bombs
> out when I restart redhat...
> 
> 
> ___
> Users mailing list
> [EMAIL PROTECTED]
> http://lists.freeswan.org/mailman/listinfo/users
> ___
> Users mailing list
> [EMAIL PROTECTED]
> http://lists.freeswan.org/mailman/listinfo/users
> 

-- 
Tony Zafiropoulos
FixMyVirus.com
Cel: 314-504-3974
[EMAIL PROTECTED]
Best way to reduce your virus exposure?
Run Linux - Replace Windows one system at a time.



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Cipe?

2002-07-07 Thread A. Gent 

Hi,
I would like to use a RedHat 7.2 as a dial-in server.
The box connects to the Internet with a network card,
using a router. The router's IP address, 192.168.0.1
is the default gateway for the RedHat box, which is
192.168.0.177. 
The dial-in server box connects to the Internet
without a problem.

I have set up the dial-in server and I can connect to
it with an other RedHat box, using PPP. During PPP I
assign to the dial-in box the IP 192.168.0.178.

Once the connection is up, from 192.168.0.178 I can
ping 192.168.0.177, I can ssh there, etc.

What should I do in order to be able to ping the
router (192.168.0.1) and go to the Internet from
192.1168.0.178?

I have seen a reference to firewallss in
/etc/rc.d/init.d, but it complains about not finding
/etc/sysconfig/cipe.

I have cipe installed on the dial-in box, however I do
not have 2 network card there, only one. I would like
to enable IP forwarding between 192.168.0.177 ethernet
and the PPP link.

I have found /etc/ppp/firewall-masq script I have run
it, but still no luck.

Any help is appreciated.

Art
 



 



__
Do You Yahoo!?
Sign up for SBC Yahoo! Dial - First Month Free
http://sbc.yahoo.com



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

How to make it possible

2002-07-07 Thread Peter Gosens 




Is it possible to make iptables forward packets 
based on hostname. 
 
I've one.cc.com and two.cc.com three.cc.com 
pointing to 213.93.43.28 . And I want that 
traffic with one.cc.com is going to 213.93.43.84. But the two.cc.com and 
three.cc.com traffic need to be forwarded to an internal network ip (suchs 
as 192.168.100.2).
 
Is this possible with iptables. Or do I have 
to add an loadbalancer or use an proxy. I also thought about using 
ipv6, but it has an lack of supporting program's.
 
If you have any other idea's about this matter. 
Please tell me.

Re: KDE freeze.....

2002-07-07 Thread Sudhaker P 



Hi,
Thanks to David, Wesley and Ashwin for their responses on this issue.
I was searching for any of the processes that would be related to KDE but I 
could not find any processes (I did ps auwx | grep kde*)..so I was back 
to  square one on this issue.
Is this some kind of a known issue with RH 6.2 , because this has happened 
to 3 of my machines.
Any of your suggestions will be really appreciated.

Thanks,
Peram

>From: David McGlone <[EMAIL PROTECTED]>
>To: "Sudhaker P" <[EMAIL PROTECTED]>
>Subject: Re: KDE freeze.
>Date: Fri, 5 Jul 2002 13:27:57 -0400
>
>On Friday 05 July 2002 10:31 am, you wrote:
> > Hi David,
> > Thanks again for the immediate response. Can I kill KDE by killing the 
>PID
> > and start it again using startx from the command prompt or will it 
>affect
> > any of other applications.
> > I'd appreciate your advise.
>
>after you kill the pid, yes you can use startx to restart X and get the 
>graphical login screen again.
>I hope it works for you.
>
>let me know how it goes.
>
>--
>David M.
>Edification Web Solutions
>http://www.edificationweb.com
>-
>"If it sounds good you'll hear it
>   if it looks good you'll see it
>   if it's marketed right you'll buy it
>   but if it's real, you'll feel it."
>   Kid Rock




_
Chat with friends online, try MSN Messenger: http://messenger.msn.com



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Pilot Project/Feasibility Study (This is a Big'un)

2002-07-07 Thread Anthony E. Greene 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 05-Jul-2002/01:13 -0700, Scott Bower <[EMAIL PROTECTED]>
wrote:
>This possible environment would look something like this, a homogenous
>environment running a locked-down Windows NT 4 Desktop with Roaming
>Profiles running various productivity software including Lotus Notes,
>Microsoft Office and Outlook, Visio, etc. authenticating to Windows 2000
>Servers sporting Exchange and Terminal Services...

I don't think there's a Notes client or a Visio equivalent for Linux.

I've used Mozilla and Evolution to access Exchange mail via IMAP.
Mozilla's LDAP support provides auto-complete while addressing email
messages. Evolution has a more Outlook-like interface and can
import/export vCard files. I have had occasional problems with Evolution
v1.01 accessing Exchange servers via IMAP. I had a message that appeared
to be duplicated, but I could not access the second "copy". After closing
and reopening Evolution, all the mail in my Inbox was gone. After that
incident, I started filing read mail into a local folder. Assuming the
user will always access mail using a Linux desktop and their home
directory is NFS mounted, storing mail "locally" may be a good practice.

>Savvy as I might be with Linux, I'll be treading new ground in various
>areas of  emulating basic actions of NT in Domain Logon, Dynamic CIFS
>Resource mapping, Roaming Profiles (can that be done?) and population of
>Desktop and Menu items for equivalent productivity software.

I've been using Linux as my desktop in Windows environments for about
two years, so I can tackle some of your questions. 

>1 -  is there a way to emulate the more intrinsic characteristics of the
>NT S.O.E. lockdown features including some sort of parsing emulation of
>the 'netlogon.bat', I read somewhere that Samba 2.2.2 allowed a Windows
>Domain Logon at a Linux Workstation (!!!ESPECIALLY!!! Want to get docs on
>This!) and

Login scripts
- -
On my RH72 system running gdm, both /etc/profile and ~/.bash_profile run
at login. Just treat /etc/profile as a systemwide netlogon script. This
script also calls each script in /etc/profile.d/ so you can put small
scripts in that directory for manageability. A central login script could
be put on an NFS share or downloaded from an intranet web server using
wget.

Domain login
- 
My RH72 systems ship with pam_smb_auth, which allows Linux to use an
existing PDC for authentication. See the docs in
 on your machine. IIRC there is a
way to set it up so that users do not need a local account on the Linux
box. An account on the domain would be sufficient. The machines I had
setup to use pam_smb_auth never had more than a half-dozen or so users, so
I just created local accounts. I never needed to enable logins for domain
accounts.

>2 - is there a way to present network resources and automounting 
>floppys/CD's in a similar manner as a regular NT desktop

Mounting network shares
- ---
CIFS shares can be mounted in /etc/profile, but the challenge is to find a
way to provide the user's password to smbmount. According to the smbmount
man page, you can specify the password on the command line (not
recommended; anyone can look at command lines using "ps -aux"). Or you can
put the username and password in a credentials file and specify that file
on the command line, or you can figure out a way to put the password into
the $PASSWD environment variable. One inelegant solution would be to have
the login script use 'dialog' in an xterm to ask for the password and use
it to set $PASSWD and run smbmount for each standard CIFS share.

After you figure out how to provide the password, you'll need to figure
out where to add the shares to the file system. An easily understood scheme
for Windows users might be to create a ~/Network_Drives/ directory for the
shares, then create 22 subdirectories "E:" thru "Z:". Letters A-D could be
used, but they are normally local drives on Winboxes. You'd only confuse
your users by listing them as network drives. If your Windows users have a
standard shared drive "P:", then you could add a command like this to
/etc/profile to mount it 

  smbmount //ntserver/sharename ~/Network_Drives/P:

This directory structure and any other files you want to create for all
users would go into /etc/skel. The system copies that directory into the
home directory when creating a new user.

Network browsing
- 
The Nautilus file manager lets you browse the local workgroup. Just type
"smb://" in the location bar. As you might expect,
smb://servername/sharename will display the contents of a CIFS share. I
have not tested this using password protected shares, but I would be
surprised if it didn't prompt for a username and/or password and proceed
with the connection. Nautilus is a resource hog. I much prefer GMC because
of it's speed, but you may find that the CIFS browsing function of
Nautilus is a must-have feature.

Printing
- 
config

Re: mutt and courier imaps with ~/Maildir

2002-07-07 Thread Gordon Messmer 

On Sun, 2002-07-07 at 10:18, Jay Daniels wrote:
> Will the version of mutt supplied by RedHat 7.3 support courier imaps
> with Maildir?

Yes it will work with imaps, ignore Maildir.  If you're connecting to
IMAP, then maildir is an implementation detail that mutt need know
nothing about.

> Cannot get my .muttrc to work. I tried various combination for spoolfile
> and folder (INBOX.* INBOX. INBOX) but none will connect to my ~/Maildir
> mailbox.

When you use INBOX, what does mutt do?  Any error messages?  Does
Courier log a connection in /var/log/maillog?

> I was told to try INBOX.List...

Just use INBOX

> # ~/.muttrc
> set spoolfile = imaps://mail.myserver.com/INBOX.List
> #set folder = imaps://mail.myserver.com/INBOX
> #set postponed = imaps://mail.myserver.com/Maildir/.postponed
> set record = imaps://mail.myserver.com/Maildir/.Sent

Don't use '/' characters in your mail folders.  Courier IMAP uses '.' as
its folder separator.




___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: ADSL Installation Headaches

2002-07-07 Thread Ed Wilts 

Your system should be fine.  The requirement for a faster system is really
for the add-on software that the ISP provides - a web browser, mail client,
etc.  My cable modem connection is a Linksys router, and I'd be surprised if
it was as fast as a P133 (of even it has a Pentium processor inside!) or if
it had 32MB of memory.

The problem you run into is that some installers want to do the work on your
system.  Just be prepared to tell them to run the cable and leave it at
that.  My Linux firewall system way back when was already running when they
converted me from one-way cable modem to two-way and the installer tried to
tell they don't support Linux - I just told him to go ahead and change the
modem and I'd take care of the software end of things.  He was stunned when
the link came up so fast on Linux - I had already configured the dhcp client
and just needed to restart the network and told him what the IP address was
and he was satisfied.  I've since switched to using the Linksys router for
my connection - one less system to manage, a lot quieter, and less noise.

.../Ed

Ed Wilts
Mounds View, MN, USA
mailto:[EMAIL PROTECTED]
- Original Message -
From: "Sarig Scudder" <[EMAIL PROTECTED]>
To: "Red Hat List" <[EMAIL PROTECTED]>
Sent: Sunday, July 07, 2002 4:20 AM
Subject: ADSL Installation Headaches


> I'm trying to upgrade my internet connection  from 56K modem service to
ADSL
> service but I am having some problems with the company providing the
> service. They claim the minimum machine they  will install a modem on is a
> Pentium 133 with 32meg of memory. I currently  have an AMD 133 which is a
> 486 class process with 24megs of memory, being  used as a firewall, that I
> would like  to install it on. I asked the technician that came to install
> why a Pentium 133 is the minimum and he had no answer only to show me
> documents from the various service providers he works with that all have
the
> same minimums. My guess is the minimums are based on the computer being
used
> as a workstation but I have no facts to back that up. Is it possible to
get
> ADSL service working on a 486 given enough RAM? Since it is a firewall and
> only has to pass packets along, more or less, I thought this would be
> enough. Anybody care to venture an opinion?
>
> 
> Sarig
>
>
>




___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Telnet

2002-07-07 Thread Ed Wilts 

Edit /etc/ssh/sshd_config and change PermitRootLogins to no.  Don't forget
to restart the daemon.

.../Ed

Ed Wilts
Mounds View, MN, USA
mailto:[EMAIL PROTECTED]
- Original Message -
From: "Calbazana, Al" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, July 07, 2002 11:51 AM
Subject: RE: Telnet


> How can I configure this under SSH?  I'd like to disallow root logins for
> obvious, ok... paranoid, reasons.
>
> Thanks,
>
> Alejandro
>
> -Original Message-
> From: Dave Ihnat [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, July 06, 2002 10:20 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Telnet
>
> On Sat, Jul 06, 2002 at 08:50:44AM +0200, Thomas Bergstam wrote:
> > ...but you can logg in as ROOT with SSH  :-)
>
> Not if you don't allow it.  It's configurable.
> --
> Dave Ihnat
> [EMAIL PROTECTED]
>
>
>
> ___
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
>
>
> **
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the system manager.
>
> This footnote also confirms that this email message has been swept by
> MIMEsweeper for the presence of computer viruses.
>
> www.mimesweeper.com
> **
>
>
>
> ___
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
>




___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Redhat-list digest, Vol 1 #4776 - 7 msgs

2002-07-07 Thread Chet Nichols 
Title: Re: Redhat-list digest, Vol 1 #4776 - 7 msgs



Hey Brian,

Woohoo, it worked! I added:


    Options Indexes Includes FollowSymLinks
    AllowOverride None
    Allow from from all
    Order Deny,Allow


I've got multiple sites located in peoples home directories, so I added the entire /home, and its working great. I guess you could consider this a possible security threat, but the actual permissions on /home and its user folders are such that you can only read the web folders of each user. It's good stuff. Thanks again, talk to you later,

Chet



on 7/6/02 11:40 PM, Brian Ashe at [EMAIL PROTECTED] wrote:

> Chet Nichols,
> 
> On Saturday July 06, 2002 01:56, you said something about:
>> Hey,
>> 
>> For one of my virtual hosts, I made a symlink of the folder to
>> /var/www/html/site.com, used that path as the root directory for the site,
>> and it works perfectly. However, when I got rid of the link and change the
>> root directory to the actual location of /home/user/site.com/, it won't let
>> me get lists of files in folders (ie: when no index file exists), and it
>> just says "not enough permission"..it doesn't do it when I have a symlink,
>> so the permissions I have set now with the site must be okay. Does anyone
>> know whats wrong, or understand what I'm saying? Thanks in advance for the
>> help!
> 
> You probably need a "Directory" tag.
> 
> If you look in your httpd.conf you will probably that there is one that says 
> something like...
> 
> ...and a little below that...
> Options Indexes Includes FollowSymLinks
> ...The above could be wildly different, but the point is that it would have 
> the option for indexes. There is usually a directory tag that is for the "/" 
> directory that ensures that these kinds of things can't be done for security 
> reasons. It also usually allows the following of symlinks to allow that to 
> work as you had stated.
> 
> So to fix your problem (hopefully) you need to add something to the effect 
> of...
> 
> Options Indexes Includes FollowSymLinks
> AllowOverride None
> Order allow,deny
> Allow from all
> 
> 
> Of course do a little more reading if it doesn't exactly fit your needs. The 
> httpd.conf file provided by RH is fairly well commented.
> 
> Hope that helps.

Re: mutt and courier imaps with ~/Maildir

2002-07-07 Thread Gary 

On Sun, Jul 07, 2002 at 01:18:16PM -0400 or thereabouts, Jay Daniels wrote:
> Will the version of mutt supplied by RedHat 7.3 support courier imaps
> with Maildir?

What you should do is go to 

http://www.mutt.org/links.html#config

Check down the page and you will see Han's setup for qmail/maildir.
Since qmail's maildir is already set up for Courier IMAP, as Courier
will only use maildir, this should help.
 

-- 
Best regards,
Gary   

Today's thought: Accept that some days you're the pigeon, and some
days you're the statue.



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

mutt and courier imaps with ~/Maildir

2002-07-07 Thread Jay Daniels 

Will the version of mutt supplied by RedHat 7.3 support courier imaps
with Maildir?

Cannot get my .muttrc to work. I tried various combination for spoolfile
and folder (INBOX.* INBOX. INBOX) but none will connect to my ~/Maildir
mailbox. I am wondering if this rpm version of mutt even supports
courier imaps and Maildir?

I was told to try INBOX.List but in my ~Maildir I have no such file and
all my folders appear as sub folder of INBOX.foldername in the courier
namespace.

# ~/.muttrc
set spoolfile = imaps://mail.myserver.com/INBOX.List
#set folder = imaps://mail.myserver.com/INBOX
#set postponed = imaps://mail.myserver.com/Maildir/.postponed
set record = imaps://mail.myserver.com/Maildir/.Sent
# Substitute your own user id here!!!
set imap_user = jay
set use_from = yes
set move = no
set mail_check = 90
set timeout = 15

# Don't know if I need this or not?
# set certificate_file = ~/.mutt/certificates
set imap_pass = 


If this will not work, what are the console based alternatives using
Maildir and imaps?  I do not want an MUA that downloads the mail to a
local folder.

As for an X MUA, when I used redhat 4.2 I enjoyed using exmh but now I
am told exmh requires MH and does not support my current setup.  I am
now using Evolution but it seems to be buggy and sometimes looses my
configuration settings.



jay




___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Email Problem

2002-07-07 Thread Ben Ocean 

At 10:05 AM 7/7/02 -0400, you wrote:
>On 7/6/02 12:42 PM, "Ben Ocean" <[EMAIL PROTECTED]> wrote:
>
> > Hi;
> > Mail messages apparently are being timed out on some messages being
> > delivered to my server. Here's a transcript:
> >
> >> Thu 2002-07-04 14:09:56: [-1:15] > Parsing Message
> >> 
> >> Thu 2002-07-04 14:09:56: [-1:15] > From: [EMAIL PROTECTED]
> >> Thu 2002-07-04 14:09:56: [-1:15] > To: [EMAIL PROTECTED]
> >> Thu 2002-07-04 14:09:56: [-1:15] > Subject: tgiw
> >> Thu 2002-07-04 14:09:56: [-1:15] > Message-ID:
> >> <000701c222ce$5546b5e0$[EMAIL PROTECTED]>
> >> Thu 2002-07-04 14:09:56: [-1:15] MX-record resolution of
> >> [dahlelectric.com] in
> >> progress (DNS Server: 206.40.133.20)...
> >> Thu 2002-07-04 14:09:56: [-1:15] P=010 D=dahlelectric.com TTL=(1147)
> >> MX=[mail.dahlelectric.com] {216.57.201.7}
> >> Thu 2002-07-04 14:09:56: [-1:15] Attempting MX: P=010 D=dahlelectric.com
> >> TTL=(1147) MX=[mail.dahlelectric.com] {216.57.201.7}
> >> Thu 2002-07-04 14:09:56: [-1:15] Attempting SMTP connection to
> >> [216.57.201.7 :
> >> 25]
> >> Thu 2002-07-04 14:09:56: [25:15] Waiting for socket connection...
> >> Thu 2002-07-04 14:09:57: [25:15] Socket connection established
> >> Thu 2002-07-04 14:09:57: [25:15] Waiting for protocol initiation...
> >> Thu 2002-07-04 14:10:28: [25:15] 30 second wait for protocol timeout
> >> exceeded.
> >> Thu 2002-07-04 14:10:28: [25:15] This message is 1 days old; it has 4 days
> >> left to
> >> get delivered
> >> Thu 2002-07-04 14:10:28: [25:15] SMTP session abnormally terminated, 0 
> bytes
> >> transferred.
> >
> > How do I begin trouble-shooting this one? The MTA is qmail.
>
>Not that I know anything about qmailbut is this incoming or outgoing?
>Are you quantumci.com or dahlelectric.com?

Oops. I'm dahlelectric.com
TIA,
BenO




___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Telnet

2002-07-07 Thread Calbazana, Al 

How can I configure this under SSH?  I'd like to disallow root logins for
obvious, ok... paranoid, reasons.  

Thanks,

Alejandro

-Original Message-
From: Dave Ihnat [mailto:[EMAIL PROTECTED]] 
Sent: Saturday, July 06, 2002 10:20 AM
To: [EMAIL PROTECTED]
Subject: Re: Telnet

On Sat, Jul 06, 2002 at 08:50:44AM +0200, Thomas Bergstam wrote:
> ...but you can logg in as ROOT with SSH  :-)

Not if you don't allow it.  It's configurable.
-- 
Dave Ihnat
[EMAIL PROTECTED]



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list


**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.

www.mimesweeper.com
**



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: iptables (new issue)

2002-07-07 Thread Stephen Gevers 

Hi Ashley!  I believe that another response answers the question that 
you asked.  I have a similar setup here at my house, although maybe a 
bit more complex.  I would be happy to share my rules with you off line 
and discuss the issues that they are set up to address.  If you are 
interested, send me a personal e-mail.

Stephen

Ashley M. Kirchner wrote:

>Thanks to Stephen earlier, I solved one problem, now I have another.  The 
>following rules work in that they block everything incoming to the server except for 
>those services opened, and it allows traffic back and forth to and from the internal 
>network.  However, from the internal network, I can not get onto the server itself.  
>What do I have to change or add to make folks on the private network (192.168.1.0/24) 
>to be able to get onto the server itself?
>
>Basically I want only those 4 opened ports from the outside to reach the server, 
>but anything from the internal network should be able to reach the server as well 
>(and right now nothing does) and be able to go out to the net.
>
>Also, if anyone sees some blatant problem with these rules, please let me know 
>since I'm still learning about iptables.  My requirements are simple:
>
>From the outside:
>- Drop everything incoming to the server
>except for ports 21, 22, 25 and 80.
>
>From the inside (private) network:
>- Forward traffic from the inside network to the outside world
>- Allow everything in and out of the server itself
>
>From the server itself:
>- Allow everything/anything to go out to the world.
>
>What'd I forget?  Here are the current set of rules:
>
># Generated by iptables-save v1.2.5 on Sat Jul  6 21:18:47 2002
>*nat
>:PREROUTING ACCEPT [148:20680]
>:POSTROUTING ACCEPT [10:774]
>:OUTPUT ACCEPT [10:774]
>-A POSTROUTING -s 192.168.1.0/255.255.255.0 -d ! 192.168.1.0/255.255.255.0 -j SNAT 
>--to-source 12.253.88.33
>COMMIT
># Completed on Sat Jul  6 21:18:47 2002
># Generated by iptables-save v1.2.5 on Sat Jul  6 21:18:47 2002
>*filter
>:INPUT DROP [129:18877]
>:FORWARD ACCEPT [0:0]
>:OUTPUT ACCEPT [10881:581839]
>-A INPUT -i lo -j ACCEPT
>-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
>-A INPUT -p tcp -m tcp ! --tcp-option 2 -j REJECT --reject-with tcp-reset
>-A INPUT -i eth0 -p tcp -m tcp --dport 21 -j ACCEPT
>-A INPUT -i eth0 -p udp -m udp --dport 21 -j ACCEPT
>-A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT
>-A INPUT -i eth0 -p udp -m udp --dport 22 -j ACCEPT
>-A INPUT -i eth0 -p tcp -m tcp --dport 25 -j ACCEPT
>-A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT
>-A INPUT -i eth0 -p udp -m udp --dport 80 -j ACCEPT
>-A FORWARD -d 192.168.1.0/255.255.255.0 -m state --state RELATED,ESTABLISHED -j ACCEPT
>-A FORWARD -s 192.168.1.0/255.255.255.0 -j ACCEPT
>-A OUTPUT -o lo -j ACCEPT
>COMMIT
># Completed on Sat Jul  6 21:18:47 2002
>
>--
>H | "Life is the art of drawing without an eraser." - John Gardner
>  +
>  Ashley M. Kirchner    .   303.442.6410 x130
>  Director of Internet Operations / SysAdmin. 800.441.3873 x130
>  Photo Craft Laboratories, Inc.. 3550 Arapahoe Ave, #6
>  http://www.pcraft.com . .  ..   Boulder, CO 80303, U.S.A.
>
>
>
>
>
>___
>Redhat-list mailing list
>[EMAIL PROTECTED]
>https://listman.redhat.com/mailman/listinfo/redhat-list
>  
>





___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: Email Problem

2002-07-07 Thread Edward Marczak 

On 7/6/02 12:42 PM, "Ben Ocean" <[EMAIL PROTECTED]> wrote:

> Hi;
> Mail messages apparently are being timed out on some messages being
> delivered to my server. Here's a transcript:
> 
>> Thu 2002-07-04 14:09:56: [-1:15] > Parsing Message
>> 
>> Thu 2002-07-04 14:09:56: [-1:15] > From: [EMAIL PROTECTED]
>> Thu 2002-07-04 14:09:56: [-1:15] > To: [EMAIL PROTECTED]
>> Thu 2002-07-04 14:09:56: [-1:15] > Subject: tgiw
>> Thu 2002-07-04 14:09:56: [-1:15] > Message-ID:
>> <000701c222ce$5546b5e0$[EMAIL PROTECTED]>
>> Thu 2002-07-04 14:09:56: [-1:15] MX-record resolution of
>> [dahlelectric.com] in
>> progress (DNS Server: 206.40.133.20)...
>> Thu 2002-07-04 14:09:56: [-1:15] P=010 D=dahlelectric.com TTL=(1147)
>> MX=[mail.dahlelectric.com] {216.57.201.7}
>> Thu 2002-07-04 14:09:56: [-1:15] Attempting MX: P=010 D=dahlelectric.com
>> TTL=(1147) MX=[mail.dahlelectric.com] {216.57.201.7}
>> Thu 2002-07-04 14:09:56: [-1:15] Attempting SMTP connection to
>> [216.57.201.7 :
>> 25]
>> Thu 2002-07-04 14:09:56: [25:15] Waiting for socket connection...
>> Thu 2002-07-04 14:09:57: [25:15] Socket connection established
>> Thu 2002-07-04 14:09:57: [25:15] Waiting for protocol initiation...
>> Thu 2002-07-04 14:10:28: [25:15] 30 second wait for protocol timeout
>> exceeded.
>> Thu 2002-07-04 14:10:28: [25:15] This message is 1 days old; it has 4 days
>> left to
>> get delivered
>> Thu 2002-07-04 14:10:28: [25:15] SMTP session abnormally terminated, 0 bytes
>> transferred.
> 
> How do I begin trouble-shooting this one? The MTA is qmail.

Not that I know anything about qmailbut is this incoming or outgoing?
Are you quantumci.com or dahlelectric.com?
-- 
Ed Marczak
[EMAIL PROTECTED]



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Small company office setup - Windows clients, redhat server - Long post

2002-07-07 Thread Chris Mason 

If you are feeling generous with the information you acquired and have
put it 
into good documentation, you should consider giving back to the
community by 
creating a "HOWTO". There would obviously always be people with the 
same/similar needs as your own and if you have written something useful
and 
can distribute it, you can have that warm fuzzy feeling of helping your 
fellow man.

Brian,
I think that's a good idea, I know there must be a lot of people trying
to do the same thing and by the time I am finished I will have figured
all this out.
I am working on the article, here is a link. Please critique and add
info:
http://www.anguillaguide.com/article/articleview/373/1/7/
I don't have access to the server at the moment so I will have to add
the configurations as I get them.

Chris

___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Re: iptables

2002-07-07 Thread Leonard den Ottolander 

Hi Ashley,

> > After that, you must have the appropriate forwarding and iptables enabled.
> > # echo 1 > /proc/sys/net/ipv4/ip_forward

 Nowadays these values are usually not set directly using the proc filesystem 
but by using sysctl. Try setting
net.ipv4.ip_forward = 1
in /etc/sysctl.conf.

Bye,
Leonard.




___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

ADSL Installation Headaches

2002-07-07 Thread Sarig Scudder 
Title: ADSL Installation Headaches





I'm trying to upgrade my internet connection  from 56K modem service to ADSL service but I am having some problems with the company providing the service. They claim the minimum machine they  will install a modem on is a Pentium 133 with 32meg of memory. I currently  have an AMD 133 which is a 486 class process with 24megs of memory, being  used as a firewall, that I would like  to install it on. I asked the technician that came to install why a Pentium 133 is the minimum and he had no answer only to show me documents from the various service providers he works with that all have the same minimums. My guess is the minimums are based on the computer being used as a workstation but I have no facts to back that up. Is it possible to get ADSL service working on a 486 given enough RAM? Since it is a firewall and only has to pass packets along, more or less, I thought this would be enough. Anybody care to venture an opinion?


Sarig

AW: iptables (new issue)

2002-07-07 Thread Jochen Vogel 

hi,

i think

-A INPUT -i eth1 --state NEW -j ACCEPT
-A INPUT -i eth1 --state RELATED,ESTABLISHED -j ACCEPT

greets
Jo

>
>
>
> Thanks to Stephen earlier, I solved one problem, now I have
> another.  The following rules work in that they block everything
> incoming to the server except for those services opened, and it
> allows traffic back and forth to and from the internal network.
> However, from the internal network, I can not get onto the server
> itself.  What do I have to change or add to make folks on the
> private network (192.168.1.0/24) to be able to get onto the server itself?
>
> Basically I want only those 4 opened ports from the outside
> to reach the server, but anything from the internal network
> should be able to reach the server as well (and right now nothing
> does) and be able to go out to the net.
>
> Also, if anyone sees some blatant problem with these rules,
> please let me know since I'm still learning about iptables.  My
> requirements are simple:
>
> From the outside:
> - Drop everything incoming to the server
> except for ports 21, 22, 25 and 80.
>
> From the inside (private) network:
> - Forward traffic from the inside network to the outside world
> - Allow everything in and out of the server itself
>
> From the server itself:
> - Allow everything/anything to go out to the world.
>
> What'd I forget?  Here are the current set of rules:
>
> # Generated by iptables-save v1.2.5 on Sat Jul  6 21:18:47 2002
> *nat
> :PREROUTING ACCEPT [148:20680]
> :POSTROUTING ACCEPT [10:774]
> :OUTPUT ACCEPT [10:774]
> -A POSTROUTING -s 192.168.1.0/255.255.255.0 -d !
> 192.168.1.0/255.255.255.0 -j SNAT --to-source 12.253.88.33
> COMMIT
> # Completed on Sat Jul  6 21:18:47 2002
> # Generated by iptables-save v1.2.5 on Sat Jul  6 21:18:47 2002
> *filter
> :INPUT DROP [129:18877]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [10881:581839]
> -A INPUT -i lo -j ACCEPT
> -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
> -A INPUT -p tcp -m tcp ! --tcp-option 2 -j REJECT --reject-with tcp-reset
> -A INPUT -i eth0 -p tcp -m tcp --dport 21 -j ACCEPT
> -A INPUT -i eth0 -p udp -m udp --dport 21 -j ACCEPT
> -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT
> -A INPUT -i eth0 -p udp -m udp --dport 22 -j ACCEPT
> -A INPUT -i eth0 -p tcp -m tcp --dport 25 -j ACCEPT
> -A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT
> -A INPUT -i eth0 -p udp -m udp --dport 80 -j ACCEPT
> -A FORWARD -d 192.168.1.0/255.255.255.0 -m state --state
> RELATED,ESTABLISHED -j ACCEPT
> -A FORWARD -s 192.168.1.0/255.255.255.0 -j ACCEPT
> -A OUTPUT -o lo -j ACCEPT
> COMMIT
> # Completed on Sat Jul  6 21:18:47 2002
>
> --
> H | "Life is the art of drawing without an eraser." - John Gardner
>   +
>   Ashley M. Kirchner    .   303.442.6410 x130
>   Director of Internet Operations / SysAdmin. 800.441.3873 x130
>   Photo Craft Laboratories, Inc.. 3550 Arapahoe Ave, #6
>   http://www.pcraft.com . .  ..   Boulder, CO 80303, U.S.A.
>
>
>
>
>
> ___
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list



___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Image Magic compile/ttf problems

2002-07-07 Thread Ken Kirchner 

Hello all, I am working with the following RPM on a RedHat 6.2 system:

ImageMagick-4.2.9-3.src.rpm

For one thing, it wont even compile with out any modifications, I get the 
following error when I rpm -bb the spec file:

+ mv /var/tmp/ImageMagick-root/usr/X11R6/include/magick 
/var/tmp/ImageMagick-root/usr/X11R6/include/X11
mv: /var/tmp/ImageMagick-root/usr/X11R6/include/magick: No such file or 
directory
error: Bad exit status from /var/tmp/rpm-tmp.19921 (%install)


But the main problem is that I want to use truetype fonts via the FreeType 
library. I have all the FreeType rpm's installed, including the devel rpm, 
but ImageMagic never seems to pass any of the freetype tests:

OptionConfigure optionConfigured value
--
TrueType (TTF)--with-ttf=yesno (failed tests)
TTF Path  --with-ttf-fontpath=  ""


[root@earth /tmp]# rpm -qa|grep -i imagem
ImageMagick-devel-4.2.9-3
ImageMagick-4.2.9-3
[root@earth /tmp]# rpm -qa|grep -i freet
freetype-utils-1.3.1-5
freetype-devel-1.3.1-5
freetype-1.3.1-5

The test seems to look for the freetype.h file which is installed with the 
freetype-devel package.

FreeType support seems to be compiled into the RH6.2 binary rpm, but when 
I attempt to use a ttf I get this:

convert -font @x-files.ttf -box black -pen green -draw 'text 430,460 Help' 1.jpg 2.jpg
convert: FreeType library is not available.
convert: FreeType library is not available.

Which is, of course, complete and total bs. Anyone shed some light on 
either issue?


Thanks,

-Ken




___
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list