Re: Slow connection to sendmail
On Thu, 2003-10-23 at 08:23, Nathalie Boulos wrote: Hello everyone. I have RH7.1 running sendmail, MailScanner and Sophos antivirus. It's been a while now, when I access the server via SSH, the password prompt takes time to appear. And also, when i send and receive email via ipop3d, the connecting phase takes too much time, and sending the messages in the outbox too. Although the mail server is on the same LAN. Any ideas? Sounds like DNS problems. First, I'd check to make sure that the first nameserver listed in your /etc/resolv.conf is readily available and reponding to direct queries. You might have additional issues due to ident, but it would require some network investigation on your part (tcpdump). -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: determining which/what applications are running on a server
On Thu, 2003-10-23 at 09:00, bruce wrote: hi... also trying to determine what are the best/good apps for doing remote management/configuration of a server. we'd like to be able to tell what's actually running/on a given server. we'd also like to be able to remotely install/remove a given application from a menu of applications 1) OpenSSH 2) redhat-config-packages via exported DISPLAY over OpenSSH (default behavior) -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Transfering files in SSH
On Thu, 2003-10-23 at 09:56, Donald Tyler wrote: Hi, I finally managed to get my firewall server up (Thanks to everyone on the list who helped). I want to be able to administer the server remotely. But the only problem I have is that I don't know how to transfer files from my workstation to the server via SSH. Can anyone point me in the direction of some info? man scp. General usage: scp -C local.file [EMAIL PROTECTED]:/location/ scp -C [EMAIL PROTECTED]:/location/local.file . The first copies a local file to a directory on a remote system using compression (-C). The second does the same in reverse. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: HOW TO: Boot with the new kernel
On Thu, 2003-10-23 at 12:06, Dali Islam wrote: I have loaded a new kernel. Now what do I need to change so that when the system boots, it boot with the new kernel? Can I run a script to do that. If so what can that be. It's even easier than a script (IMHO). You didn't say what version of Red Hat you're using, so I'm not sure if you're using LILO or grub. Either way, you'll want to edit the appropriate configuration file (/etc/lilo.conf or /etc/grub.conf). The following directions assume that you installed the new kernel via rpm, which also adds the relevant entries to your config file. If it's LILO, change the default= line to the label of the kernel you wish to boot. Then run /sbin/lilo to save your changes. Make sure you pay attention for any errors, they will tell you if your syntax is incorrect. If it's grub, change the default= to the index number of the kernel you wish to boot (starting with 0). For example, if you have two kernels in your file, and you want to boot the 2nd one, change that line to default=1. That's all you need to do with grub, just reboot to test. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: moving the /var partition
On Wed, 2003-10-22 at 10:16, Bill Tangren wrote: Hello all, I know this has been addressed on this list before, but I can't seem to find it in the archives. If someone can point it out, I would be very appreciative. My /var partition is nearly full. I installed a new hard disk, used fdisk to partition it. I then used mke2fs to make an ext3 partition I called /user. I then added a line for it in /etc/fstab. The easiest way, from my experience... - partition your disk - format your disk - mount the new partition temporarily (say, to /mnt/tmp) - tar copy (or cp copy) everything from /var to /mnt/tmp - unmount /mnt/tmp - Edit fstab to point to the new partition or label - remount/reboot as necessary Remember that labels are optional, you can still use the old scheme (/dev/hda*) in fstab. Also, if you choose to skip a reboot (yes, it's possible), make sure to HUP any services that might be writing to /var (syslog, apache, etc). HTH. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
NFS between Linux and Solaris
Hi folks- My apologies if this is out there somewhere, but I've googled this to death without finding a satisfactory answer. I'm attempting to tar copy a large repository (actually, the RHAS3.0 iso images) from a Linux NFS server to a Solaris NFS client. At various intervals, the transfer invariably dies with a file not found error. The cause of this error can be explained by the sudden disappearance of directories in the top-level of the exported share. Remounting the share causes the directories (and everything recursive therein) to reappear, but the problem reoccurs the next time I try the transfer. I've tried a number of different flags, up to and including all of the following: vers=2,proto=udp,ro,noac Unfortunately, there's been no effect. Has anyone run into this? Is it a known incompatibility between NFS implementations? The problem is easily reproducible. The server is running Red Hat Advanced Server 2.1 Update 2 on a DL380. The client is running Solaris 8 on an E250. Both servers, while on separate VLANs, are in the same general networking vicinity. Any ideas/solutions will be greatly appreciated. TIA, -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: NFS between Linux and Solaris
On Wed, 2003-10-22 at 15:43, Ken Rossman wrote: Can you include some info on exactly what commands you are using, and some info on the respective configurations of each machine? Pretty simple: [Linux server - /etc/exports] /mnt/isohostname(ro) [Solaris client] mount -F nfs -o ro,vers=2,proto=udp,noac server:/mnt/iso /mnt/point cd /mnt/point tar cf - . | (cd /mnt/repository; tar xpvf -) The structure inside /mnt/iso on the server is any one of the RHAS 3.0 ISOs mounted via loopback. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
RE: NFS between Linux and Solaris
On Wed, 2003-10-22 at 15:58, Rigler, Steve wrote: We experienced similar issues but between different platforms. The machine serving filesystems was an Irix 6.5.13 machine and the client was running RH7.1 on Itanium 2's. Both machines are on the same VLAN. Copying to NFS mounts would hang (errors would be logged in messages about the NFS server being unavailable) and there were issues with data corruption. The problem was easily reproduceable. Specifying NFSv2 on the client seemed to clear it up. Since then the client machine was upgraded to AS2.1 and the problem went away, although I still hear occasional complaints about slow data transfers which I haven't been able to validate. Based on what you've described and our experience it seems like there are differences between the NFS implementations. The problem seems to be that it varies between OS levels. There are no hangs or delays. I believe what you are describing was a known issue with IRIX as per the Linux NFS site: http://nfs.sourceforge.net/#section_e -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: NFS between Linux and Solaris
On Wed, 2003-10-22 at 15:58, Jason Dixon wrote: On Wed, 2003-10-22 at 15:43, Ken Rossman wrote: Can you include some info on exactly what commands you are using, and some info on the respective configurations of each machine? Pretty simple: [Linux server - /etc/exports] /mnt/iso hostname(ro) [Solaris client] mount -F nfs -o ro,vers=2,proto=udp,noac server:/mnt/iso /mnt/point cd /mnt/point tar cf - . | (cd /mnt/repository; tar xpvf -) Correction, that should have read: /usr/local/bin/tar cf - . | (cd /mnt/repository; /usr/local/bin/tar xpvf -) (GNU tar) -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
[SUMMARY] NFS between Linux and Solaris
Well, I wish I could say I have an authoritative answer on what caused it, but I can no longer reproduce the problem. I've tried the same thing with the following mount options, all of which work fine: vers=2,proto=udp vers=3,proto=udp vers=3 vers=3,proto=udp,noac (no options) At this point, I have to assume some other system and/or network anomoly was causing the problem. If I can reproduce and resolve the symptoms, I'll re-summarize. -J. On Wed, 2003-10-22 at 15:20, Jason Dixon wrote: Hi folks- My apologies if this is out there somewhere, but I've googled this to death without finding a satisfactory answer. I'm attempting to tar copy a large repository (actually, the RHAS3.0 iso images) from a Linux NFS server to a Solaris NFS client. At various intervals, the transfer invariably dies with a file not found error. The cause of this error can be explained by the sudden disappearance of directories in the top-level of the exported share. Remounting the share causes the directories (and everything recursive therein) to reappear, but the problem reoccurs the next time I try the transfer. I've tried a number of different flags, up to and including all of the following: vers=2,proto=udp,ro,noac Unfortunately, there's been no effect. Has anyone run into this? Is it a known incompatibility between NFS implementations? The problem is easily reproducible. The server is running Red Hat Advanced Server 2.1 Update 2 on a DL380. The client is running Solaris 8 on an E250. Both servers, while on separate VLANs, are in the same general networking vicinity. Any ideas/solutions will be greatly appreciated. TIA, -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: [SUMMARY] NFS between Linux and Solaris
On Wed, 2003-10-22 at 20:46, Dominic RIVERA wrote: If you're running a kernel before 2.4.19 try upgrading your kernel. I ran into some issues with pre 2.4.19 kernels that would do some strange things, apparantly someone did some major nfs work in 2.4.19. Unfortunately, *all* Red Hat Advanced Server 2.1 kernels are built on 2.4.9. The newest is 2.4.9e-27, and Red Hat won't officially support anything you build yourself. :) -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Interfacing with Micros Fidelio (might be off-topic)
On Wed, 2003-10-22 at 23:29, Joshua L. San Juan wrote: Hi, This might be a off-topic so my apologies if it is. We have an application (web-based app using Apache, PHP, Perl, PostgreSQL) running on Red Hat Linux and we want to be able to pass the data to the Micros Fidelio (http://www.micros.com) software. Is it possible - anyone here has done this? Ok, I'll bite. Not only is this OT, how do you honestly expect us to help you if you can't provide sufficient details? What type of data are you trying to pass? What Micros Fidelio software are you speaking of? Do you have any idea how many different software products Micros develops? So far as I can tell, Micros Fidelio is a subsidiary of Micros. This tells me literally nothing. Grrr. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: wanna know my Lan card model
On Tue, 2003-10-21 at 08:11, Jeff wrote: I'm not sure about cat'ing the pci directory but I've always used lspci and that detects the cards installed, not the drivers. Actually, lspci uses /proc/bus/pci. :) Per the manpage... To make use of all the features of this program, you need to have Linux kernel 2.1.82 or newer which supports the /proc/bus/pci interface. With older kernels, the PCI utilities have to use direct hardware access which is available only to root and it suffers from numerous race con- ditions and other problems. As far as I can tell (my memory fails me), the system uses the PCILIB interface to get PCI ID information from the cards. This information can be resolved via the ID information gathered in /usr/share/hwdata/pci.ids. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Howto: Quicker web browsing, slower FTP traffic?
On Tue, 2003-10-21 at 11:30, Rodolfo J. Paiz wrote: So really, happiness right now is just priority service for HTTP traffic. Go to the head of the line, and all that, since everything else can take an extra week to download without causing us any inconvenience. I have heard some terms thrown around, but have no knowledge yet. Is this possible (I assume it is)? Is what I want traffic shaping, or quality of service, or TCP flags... what is it? And, of course, is there something somewhere that will tell me how to make it work? You want QoS (Quality-of-Service) with PRIQ. Check out the Advanced Routing HOWTO if you're a glutton for punishment, or the OpenBSD/PF/ALTQ FAQ if you really want it done with as little pain as possible. ;-) I use this at home to a) prioritize upstream ACKs to optimize downloads, b) prioritize outbound DNS requests, and c) prioritize interactive SSH sessions. Everything else brings up the rear. Here's the relevant section from my pf.conf: ### Queueing ### altq on $ext_if priq bandwidth 225Kb queue { std_out, ssh_out, dns_out, tcp_ack_out } queue std_out priq(red default) queue ssh_out priority 4 priq(red) queue dns_out priority 5 priq(red) queue tcp_ack_out priority 6 priq(red) altq on $int_if cbq bandwidth 2Mb queue { std_in, ssh_in, dns_in } queue std_incbq(default) queue ssh_inpriority 4 queue dns_inpriority 5 Check out the following doc. Even if you choose to use Linux's QoS instead, this will explain it much better than anything else I've seen. http://www.openbsd.org/faq/pf/queueing.html -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Help! Basic Linux Introduction?
On Tue, 2003-10-21 at 12:23, Benjamin J. Weiss wrote: All, I just got tasked with providing (by this afternoon!) a short primer on linux, preferably RH 9. I need something that a group of MIS Windows folks can read in two evenings, such that I can then sit them down in front of RH 9 boxes and show them how to administer the basics. I've found the RH 9 manuals on their site, and if I have to I will resort to printing off various sections of them and putting them together, but I was hoping for something a bit more coherent. Basically, it should cover the basic concepts and such. I'm also looking at tldp.org. Anybody have something like this laying around? Honestly, for the task you have ahead of you, I can't imagine anything more basic and to-the-point than Red Hat's documentation. So far as administering Red Hat Linux systems goes, it can't be beat. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Howto: Quicker web browsing, slower FTP traffic?
On Tue, 2003-10-21 at 14:08, Jack Bowling wrote: As Jason pointed out, you want to use netfilter or PF's QoS capabilities. If using netfilter, a match module for Kazaa and other p2p protocols has recently been developed that will make it easier to set up marking of packets for instituting QoS, see: http://mega.ist.utl.pt/~filipe/ipt_p2p Good catch, I forgot to mention (really, by accident!) that there is now support for layer-7 QoS with Linux. Neat, but none of it is very well documented, IMHO. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: networking question
On Mon, 2003-10-20 at 07:13, Felipe Leon wrote: Group: At home I have two computers with RH9 connected to a router (dhcp server) which connects to the internet through a dsl modem. In order to facilitate internal networking among the two computers, on installation I set both eth0 as trusted devices. Is that save? No. You've effectively allowed anyone (that bypasses your router) unfettered access to the services running on these systems. I hope you're patched. the router has a built in firewall which I configured to deny all external requests. How can I test the security (portscanning I guess) of the network? nmap. nessus. Is it save to trust completely the router for firewall purposes? No single device is a silver bullet for network security. Proper security exists through a layered approach undergoing continual audit and analysis. which software do you recomend to keep a close control of what is going on in the network? Snort. and finally which is the recomended (easier and most secure) way for file sharing between these two computers or any other in the internal network? I have tried NFS but have had lots of problems to set it up and still doesn't work properly i.e. computers hanging, superslow data transfer and so on. NFS is good for *nix hosts. Samba is good for Windows/*nix mixed environments. It's very likely you have misconfigured your NFS, as it sounds like you spend very little time reading manuals. I'd like to suggest you invest some time in the following documentation: http://www.tldp.org/LDP/nag2/index.html http://www.tldp.org/LDP/sag/index.html http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/ http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/security-guide/ http://www.oreilly.com/catalog/tcp3/ Thanks a lot for your help. HTH. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: RH7.3 not booting latest kernel
On Mon, 2003-10-20 at 13:56, Steve Bopple wrote: I have a box running RH7.3 and I use rhn to keep the box currently patched. The box has kernel 2.4.20x installed but it boots 2.4.18 - how can I get it to boot the latest kernel? This box is remote so I don't have the ability to sitdown in front of it right now. I'd have to make arrangements with my colo provider. Edit your lilo.conf file, changing the default = linux to the label for the kernel you wish to boot by default. For example, if you wanted to boot the 2.4.20-18.7 SMP kernel, you'd change that line to default = 2.4.20-18.7smp, as listed towards the bottom. Then make sure you run /sbin/lilo for your changes to take effect. HTH. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: What package is Pico Located in?
On Mon, 2003-10-20 at 11:02, Donald Tyler wrote: Does anyone know what package in Red Hat 9 pico is located in? I cant seem to find it in the applications list. Pine. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: RH7.3 not booting latest kernel
On Mon, 2003-10-20 at 15:17, Steve Bopple wrote: When I do that and run sbin/lilo I get the following error after the console echos back that all of the images have been added: fatal: no images have been defined It appears that most of your kernel listings are missing a ramdisk entry. Something like what your last kernel contains: initrd=/boot/initrd-2.4.18-3bigmem.img Make sure a ramdisk exists in /boot for the kernel you wish to boot, then add the appropriate line to your lilo.conf for that kernel and re-run lilo. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: how to clear log files
On Mon, 2003-10-20 at 12:25, Genti Hila wrote: hi, I am running RedHat 8. My logfiles fill up once a week and take a lot of space in HDD. I just want to create a batch file to clean all the files once a week. Any idea how can i do that ? Check out logrotate. The default config (/etc/logrotate.conf) rotates weekly. You can change that to daily and instruct it to save only 7 days' worth of files. Read the manpage and browse the logrotate.conf and example files in /etc/logrotate.d/ for ideas. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: RH7.3 not booting latest kernel
On Mon, 2003-10-20 at 15:55, Steve Bopple wrote: Yeah I'm not sure why, but it appears in /boot that the only kernel that has an *.img file associated with it is that bigmem kernel. I thought I had up2date set to allow for kernel updates, but if I had up2date set to skip kernel updates, would that make sense that all the other kernels don't have img files associated with them? Sorry if I'm completely n00bish here, but I don't mess around with kernel stuff at all (obviously). You'll need to create the ramdisk image. Check this out: http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/custom-guide/s1-custom-kernel-initrd.html -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: New laptop, new problems
On Sun, 2003-10-19 at 21:33, Hugh Taylor wrote: Redhat 9 does not detect the PCI wireless (a Prism 2.5) in my new laptop. When I use a Knoppix CD to boot, it is detected. Any ideas? What's the make/model? -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: New laptop, new problems
On Sun, 2003-10-19 at 21:55, Rodolfo J. Paiz wrote: At 19:33 10/19/2003, you wrote: Redhat 9 does not detect the PCI wireless (a Prism 2.5) in my new laptop. When I use a Knoppix CD to boot, it is detected. Any ideas? My IBM Thinkpad T23 has one of those, and it works well with the linux-wlan-ng project drivers. Yes, but there are many different manufacturers using the Intersil Prism 2.5 chips. My DWL-650 (pcmcia) works great with linux-wlan, but Red Hat 9 initially tries the orinoco_cs (IIRC). However, I also remember that my Linksys WMP11 (PCI) wasn't recognized at all using the default drivers. Hence my inquiry as to his card (it's not pcmcia). P.S. How's it going, Rodolfo? :) -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: New laptop, new problems
On Sun, 2003-10-19 at 22:24, Hugh Taylor wrote: Jason Dixon wrote: On Sun, 2003-10-19 at 21:33, Hugh Taylor wrote: Redhat 9 does not detect the PCI wireless (a Prism 2.5) in my new laptop. When I use a Knoppix CD to boot, it is detected. Any ideas? What's the make/model? The laptop is a PowerPro C 3:16 (original mfg is Quanta), the wireless card is an Intersil Prism 2.5 802.11b. Let's try this one more time. What make/model is the wireless card? I'm not looking for the chipset information. I'm not looking for the computer information. I'm looking for the make and model of the wireless card that integrates the Intersil Prism 2.5 chipset. Examples: D-Link DWL-650/500, Linksys WMP11, etc. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: New laptop, new problems
On Sun, 2003-10-19 at 23:11, Hugh Taylor wrote: Sorry, I wasn't sure what make/model you were referring to, and at the time, I only knew what I sent you. I believe the wireless card is an Askey Prism 2.5 mini-pci card. I have a message into the notebook mfg to make sure of this. I have seen posts on the mfgs site that state other versions of Linux (Mandrake, Gentoo) have detected the card on install. I'll let you know if I get more specific information. What driver did Knoppix choose for your card (just curious). Regardless, you're going to want to use the linux-wlan project drivers, they have much better support for the prism chipsets than any of the generic drivers (including HostAP support). I suggest you download and install the appropriate driver RPMs from this guy: http://prism2.unixguru.raleigh.nc.us/ You'll want to install the kernel-wlan-ng base package, the appropriate kernel-wlan-ng-modules package (to match your kernel), and the proper interface package to support your hardware (pcmcia, usb or pci). -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: What's the easiest way to deal with dependencies???
On Fri, 2003-10-17 at 14:21, Dave Martini 1 wrote: Ok I downloaded apt-get. By the way I have Red Hat Enterprise AS 2.1 will the version of apt-get for Red Hat Linux 9 work ok? From what I understand version 9 and AS 2.1 are the same other than the clustering and multi processor etc. What does the i386 mean? AS 2.1 is built off of RH 7.2, IIRC. It might have errata (update 2, perhaps?) build off of 7.3. I've never heard of anyone providing apt or yum repositories for anything RHEL, since only Red Hat distributes binary rpms for the Enterprise stuff. When I went to install it I now have dependencies # rpm -i apt-0.5.5cnc6-fr1.i386.rpm error: failed dependencies: libc.so.6(GLIBC_2.3) is needed by apt-0.5.5cnc6-fr1 libelf.so.1 is needed by apt-0.5.5cnc6-fr1 libgcc_s.so.1 is needed by apt-0.5.5cnc6-fr1 libgcc_s.so.1(GCC_3.0) is needed by apt-0.5.5cnc6-fr1 librpm-4.2.so is needed by apt-0.5.5cnc6-fr1 librpmdb-4.2.so is needed by apt-0.5.5cnc6-fr1 librpmio-4.2.so is needed by apt-0.5.5cnc6-fr1 libstdc++.so.5 is needed by apt-0.5.5cnc6-fr1 libstdc++.so.5(CXXABI_1.2) is needed by apt-0.5.5cnc6-fr1 libstdc++.so.5(GLIBCPP_3.2) is needed by apt-0.5.5cnc6-fr1 libstdc++.so.5(GLIBCPP_3.2.2) is needed by apt-0.5.5cnc6-fr1 So I checked on the first dependency on rpmfind.net and it also has dependencies # rpm -i glibc-2.3.2-27.9.i386.rpm error: failed dependencies: glibc-common = 2.3.2-27.9 is needed by glibc-2.3.2-27.9 glibc 2.2.4 conflicts with glibc-common-2.2.4-32.8 This is frustrating! No disrespect, but if you don't have the stomach for it, you probably shouldn't a) be using tora or b) be using Red Hat. Don't blame the platform (IMO) for the way the package maintainer (tora) distributes the software. It's pretty obvious that you're unfamiliar with the versioning between the various distributions, you're bound to break something very soon. It would save us all a lot of traffic volume and wasted time if you want to just give me ssh access, and I'll install it for you. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
[OT] Re: C GUI Programming in Red Hat 9
On Fri, 2003-10-17 at 15:25, Keith Birchfield wrote: Hello all, Can anyone give me a how-to to create a simple GUI program unde Linux Redh Hat 9? I've tried to get 'dialog.c' to compile, but so far I have not been able to get past the dependencies. So I'm hoping someone can point me to a very simple step by step to getting and compiling a graphical - hello world dialog, that has no run-time dependencies. I've been somewhat sucessful in using the standard libraries and console based apps, but I need to move to the next step. Please don't take offense to this, but this request is highly off-topic for the Red Hat list. There are kaboodles of Linux programming books online (http://www.amazon.com) or at your nearest Borders bookstore. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Firewall - Limit Geographic Area
On Thu, 2003-10-16 at 12:07, Kent Borg wrote: On Wed, Oct 15, 2003 at 04:00:15PM -0500, lrnobs wrote: This web site will be used for local food delivery and all customers will have to set up accounts in advance to be sure they are in the fuzzy delivery area. So validate the delivery address as being in your delivery area. (By zip code, likely.) What difference does it make if IP connections are in that area or not? Maybe I want to send some of your product my someone I know in your area, as a gift? What if I live there, am out of town and want to order something to arrive when I do? What if one half of a couple is out of town, the other home, and the out-of-town one wants to place the order? What if only corporate, in Distant City, is allowed to make purchases? I believe the OP's concern is that of remote exploit (DoS, script kiddies, worms, etc), not of application fraud. He wants to deny at layer 3, based on geography. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Firewall - Limit Geographic Area
On Thu, 2003-10-16 at 13:00, Kent Borg wrote: On Thu, Oct 16, 2003 at 12:28:01PM -0400, Jason Dixon wrote: I believe the OP's concern is that of remote exploit (DoS, script kiddies, worms, etc), not of application fraud. He wants to deny at layer 3, based on geography. Yes. And it is a bad idea. My questions were intended to illustrate that if he could block on geography he will block legitimate customers. I know it is a bad idea. My previous replies echo this ad naseum. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Some embarassing, minor? security holes I found in my rh installation...you should check for same
On Thu, 2003-10-16 at 15:44, Mike Klein wrote: Using kfind (file and content searching util in kde) I decided to check/scan some key directories for my root password and the password of my primary user account (what I use when I'm not root). I was embarassed by what I found. Much of what you've posted smells of Webmin. The lilo configuration file stores the lilo password (optional feature) in clear-text, this is known. This is also why a) storing your passwords in that file and b) using the same password in lilo as for one of your users, is a bad idea. The other stuff, as I've mentioned, sounds like Webmin-related stuff. I doubt that it's configuration file data, sounds more like poorly-written modules passing passwords via GET (rather than POST). Can you give some specific examples (passwords obfuscated, of course) so we can get a better idea where they're coming from? -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: slow ethernet
On Thu, 2003-10-16 at 19:56, Jeff wrote: Peeps, Any ideas what would cause a slow ethernet connection? My LAN is running @ 100M full duplex but when i'm tranfering files via FTP/SCP/SMB it runs dog slow - around 30k/sec. I have checked the stats on both ethernet devices and the switch - no CRC errors etc. No firewalls in the middle, the only thing between both boxes is a switch. Ive already tried swapping ports, cables etc. everything's being picked up as 100M Full duplex. If you haven't already, try forcing all interfaces to full-duplex (100baseTx-FD using mii-tool). Autonegotiation routinely causes problems with NICs/switches/etc. FWIW, most folks familiar with anything Realtek will tell you they suck. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: kernel upgraded now missing 2nd CPU
On Fri, 2003-10-17 at 00:14, Steve Buehler wrote: I have two RedHat 7.3 machines. I did and 'up2date kernel' a few days ago and for some reason, now 'top' and the /var/log/message files only show one CPU. Is there anyway to make it see the 2nd CPU again? Are you booting the right kernel? Check 'uname -r' and see if it has SMP in the kernel string. If not, check your boot manager (/etc/lilo.conf or /etc/grub.conf) to see if you're booting the uniprocessor kernel by accident. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Chkrootkit segfault error
On Wed, 2003-10-15 at 04:50, oxfordmusic.net wrote: oxfordmusic.net wrote: From cron where? from root's crontab: [root root] crontab -l 03 0,12 * * * cd /usr/local/sbin; ./chkrootkit 21 | mail -s chkrootkit output myuser If I might interject here, I hope you've given serious consideration to how you're automating your chkrootkit scans. Chkrootkit is best used as a one-time only application: download the source, verify the checksum, compile, run, and analyze the results. You would also want to upload virgin binaries from a trusted/compatible source as well (see the README). Chkrootkit won't stop you from getting exploited, it will only attempt to analyze your system for signs of it. If you end up getting exploited at 00:05, there's nothing to stop the intruders from altering your instance of chkrootkit, rendering it useless. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Firewall - Limit Geographic Area
On Wed, 2003-10-15 at 15:50, lrnobs wrote: If I put all these foreign countries addresses in iptables rules would there be a big performance hit? Is there a different way to do it? Follow Michael's suggestions. Patch, patch, patch. Only run those services which are vitally necessary, and run tcp wrappers where feasible. Your idea would all be for naught, considering how easy it is for intruders to spoof. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Firewall - Limit Geographic Area
On Wed, 2003-10-15 at 16:22, Michael Gargiullo wrote: as root run ntsysv scroll down until you find sshd, and make sure there's no * next to it. same with your ftpd You can leave sshd running and limit access with iptables if you wish. Makes life at 3 am with a crashed app easier. Please note that ntsysv only configures the current runlevel by default. Like chkconfig, it will accept the --levels option. Check the ntsysv (or chkconfig) manpage for more details. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Firewall - Limit Geographic Area
On Wed, 2003-10-15 at 16:47, lrnobs wrote: You could instead say... I don't like cars that are not Blue. In other words, exclude all traffic that is not from America instead of the other way around. Does anyone know of a way to do this? Are the IP ranges assigned to American networks published somewhere? This type of information could probably be gathered via NANOG or the ICANN site. However, if I haven't stressed it enough already, I highly suggest you avoid this route. IT WILL NOT WORK like you intend. Remember, IP addresses are easily spoofed. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Firewall - Limit Geographic Area
On Wed, 2003-10-15 at 17:41, Bill Carlson wrote: On 15 Oct 2003, Jason Dixon wrote: This type of information could probably be gathered via NANOG or the ICANN site. However, if I haven't stressed it enough already, I highly suggest you avoid this route. IT WILL NOT WORK like you intend. Remember, IP addresses are easily spoofed. I disagree. You're correct, this is no defense against spoofing, but it certainly does raise the bar for potential attackers. And for the cost of setting it up, the payoff is more than enough. Blocking these IP ranges is certainly no replacement for good practices (patching, thoughtful configuration, etc.). I'm sorry, but I have to continue to disagree with you. Try any current exploit/scanner utilities; most of them come with a spoof flag. Many of the pre-made exploits available to script kiddies come with this behavior enabled by default. Go ahead and use it if you wish. More power to you. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
RE: Pretty Printing
On Tue, 2003-10-14 at 12:48, Syed Ali wrote: Yes I know, but enscript is not 'perl' aware. I am hoping to find a 'perl' aware pretty printing utility... Hi Syed. Could you be more detailed in your requirements? I see no reason why you couldn't just open a filehandle to an enscript process in Perl. example: open (PS_OUT, | enscript -p output.ps); print PS_OUT some text; close (PS_OUT); -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
RE: Pretty Printing
On Tue, 2003-10-14 at 13:17, Syed Ali wrote: Oh, I apologize for the confusion. No problem. I am asking about printing my perl code itself, and not about printing from within Perl. For example, I am have 1000 line Perl program which I want to print on my HP printer. I can use enscript as in: $enscript -2 -dprinter myperlprogram.pl Or I can use lpr or trueprint or mprint. But none of them are Perl aware, i.e., they do not highlight subroutines, etc. Trueprint for example, understands C code, and can mark C functions while printing so that they are very easy to read when printed on paper. I am hoping there is a utility which if used to print my perl program will make reading the program easier. (I understand that writing easy to read Perl code is the first step. :-) ) Ok, now I understand. You're looking for a Perl syntax formatter/highlighter for printing. Here are some vague suggestions. Hopefully one of them will fit the bill. If not, perhaps you can chain them together to satisfy your needs. * Kate - KDE editor. Supports syntax highlighting for Perl. [colorify] * perltidy - (http://perltidy.sourceforge.net/) Perl script which indents and reformats Perl code, making it easier to read [indentify] * Webcpp - A command line utility that takes your source code and converts it into an HTML file using a fully customizable syntax highlighting engine and colour schemes. [colorify] I envision piping your code through a combination of perltidy - webcpp - html2ps - lp. HTH. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
RE: Pretty Printing
On Tue, 2003-10-14 at 13:56, Jason Dixon wrote: I envision piping your code through a combination of perltidy - webcpp - html2ps - lp. Correction, I like Wayne's suggestion better. I just tried the perl sheet for a2ps, works great. example: a2ps --pretty-print Test.pm -o test.ps -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: iptables: Open Port 443
On Tue, 2003-10-14 at 20:34, Earl C. Potter wrote: On Tue, Oct 14, 2003 at 04:53:42PM -0500, Peter Fleck wrote: How do I get iptables to allow requests through port 443? The basic Redhat configuration tools don't seem to address this. Is there a good tutorial on working with iptables? I've had pretty descent luck w/ /usr/sbin/lokkit or /usr/sbin/gnome-lokkit. Under customize, it gives you a dialog to allow additional ports. I've posted in the past that using lokkit on an existing configuration is a risky proposition unless you have a very basic config. Lokkit is a write-only application; it doesn't have the ability to read in an existing config, so the moment you load up lokkit (assuming you choose to save your session), you lose whatever you had in there previously. Rather, it's actually pretty easy to edit a pre-existing lokkit-configured iptables configuration ruleset (/etc/sysconfig/iptables) using your favorite text editor. Using an existing entry in my ruleset allowing HTTP (tcp/80) traffic inbound, I can simply copy that rule and edit the port. So, you might end up with a couple of rules like this: [snip] -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 443 --syn -j ACCEPT [/snip] Save your file, reload your ruleset (service iptables restart), enjoy! :) -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: sending message to syslog
On Thu, 2003-10-09 at 19:58, Larry Brown wrote: I know how to tag comments to a file and so can create a log file by simply sending messages to the document I want to use as a log... echo hello /var/log/customlog but how can I send a message to syslog to included in a log handled by the syslog daemon? man logger -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
RE: Reading HTTP headers
On Wed, 2003-10-08 at 12:13, Christian Campbell wrote: However, I should come clean. I can only do this with tcpdump, as I can not install any other software on this box for reasons outside the scope of this conversation. Is there any way to accomplish reading HTTP headers with tcpdump only from a CLI? -X -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: OS Desktop Business Model?
On Sat, 2003-10-04 at 17:36, Ed Wilts wrote: I believe that we will soon see Red Hat make a push back into the SOHO market with a new boxed product that will be very competitive against Windows (financially)... It would not surprise me to see a big push into other markets with this product with large bulk discounts. This sort of re-awakens the Fedora thread, but I hope you're right. Particularly after the recent announcement by MS for their Windows Small Business Server, which really sounds like it would cut right into a lot of my Linux clientele. I can't imagine them *NOT* releasing something like this... the market is definitely there. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Up2date return codes [Summary]
On Thu, 2003-10-02 at 11:10, Jason Dixon wrote: I'm looking for an exhaustive list of return codes for up2date. The manpage claims only two: 0 (success) and 1 (failure). However, I've managed to trap a 256 as well, so I was wondering if anyone's seen anything authoritative. I've found the answer to my query (sorta). The following list of return codes was found in the /actions/errstatus.txt file of the up2date (version 3.1.23) source. It doesn't answer what 256 might be referring to, but it's interesting nonetheless: 0: rollback completed 12: Error refreshing system hardware 13: Invalid arguments passed to function 14: up2date.DependencyError 15: up2date.RpmRemoveError 16: %s could not be removed because it was on the skip list % e 17: Failed: packages requested are no longer available 18: Failed: packages requested raised dependency problem 19: Unknown exit status from batchrun 20: Error refreshing package list 21: There was a communication error talking to the server 22: There was a package gpg verification error. The error was 23: There was a package gpg verification error. 24: gpg is not properly installed on this machine 25: The package signing key for Red Hat, Inc. is not on the gpg keyring 26: Failed: There was a package conflict error with the package set 27: Failed: There was a file conflict error with the package set 28: There was a dependency sense error 29: There was a dependency raised that could not be found 30: Failed: Some of the packages specified were on the package skip list 31: A package or header was not found 32: A package failed to install 33: A package failed to install because the system was out of space 34: could not executre shutdown 35: invalid tid to rollback 36: from tid is older than latest tid 37: Could not modify /etc/sysconfig/rhn/rhnsd 38: noReboot config option turned on 39: 'No packages from that errata are available' -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Up2date return codes
I'm looking for an exhaustive list of return codes for up2date. The manpage claims only two: 0 (success) and 1 (failure). However, I've managed to trap a 256 as well, so I was wondering if anyone's seen anything authoritative. Thanks, -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Red Hat website error
On Thu, 2003-10-02 at 11:41, Thomas Smith wrote: Jason Dixon wrote: - Questionable perl-suid package dependency for Perl errata How is this questionable? An errata update to existing packages shouldn't require you (IMO) to install a brand new package dependency. Not a big deal, but odd nonetheless. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Converting PDF into a text file
On Wed, 2003-10-01 at 08:12, Hal Burgiss wrote: On Wed, Oct 01, 2003 at 05:23:45PM +0530, Himanshu Arora wrote: Hi Folks! How can i convert a PDF file into a text file ? I haven't tried it, but ... $ rpm -qf /usr/bin/pdftotext xpdf-1.01-10 ps2ascii, included with the ghostscript package, also supports pdf to txt conversion. See the manpage. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: redhat error
On Wed, 2003-10-01 at 08:04, Jeff Hill wrote: cant register with rhn even after i downloaded and installed the 2 rpms cant help you no details more than that ;-) -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: rsync and ssh simple question
On Wed, 2003-10-01 at 08:15, Nathalie Boulos wrote: Hello, i'm using rsync with ssh to connect to a remote host and mirror a website. I want to put the command in crontab and i don't want ssh to ask for password before opening the connexion. Anyone knows how can i avoid that? You'll want to generate ssh keys with a null passphrase, then distribute the public keys to the remote systems you want to login to. Please search the archives, I've posted a detailed explanation before. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Red Hat website error
On Wed, 2003-10-01 at 17:45, Bret Hughes wrote: On Wed, 2003-10-01 at 16:25, Chris Purcell wrote: http://info.redhat.com/a/tA-eyxnAJPSNNAOMy0zADrb0g7z/rhat46 When you click the link above, the URL will be redirected to a redhat url with value of price=. Just change the price, and you've changed the cost of your Redhat Training. See, RHCE IS affordable! Nice programming Red Hat. That is kind of funny seems like using post would have been a bit better. No HTTP method would fix bad programming like that. There is NO reason their site should accept those parameters. This is the first lesson of web programming... NEVER pass unchecked values into a form. They should have simply pulled the form values out of their database based on the special code. Ugh. This ranks right up there with the inability to delete old users from a RHN account. It also reveals a lot about the quality of their (site) software development staff. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Red Hat website error
On Wed, 2003-10-01 at 22:57, Ed Wilts wrote: On Wed, Oct 01, 2003 at 06:32:04PM -0500, Bret Hughes wrote: Do I dare say this out loud? I wonder what would happen if you submitted a modified price order? Don't try it because it is probably illegal but I have a sneaking suspicion that the billing price tracks through from there. There is a human being on the other end, so you won't get a price break. You'll just be wasting their time and yours. Not everybody is a perfect programmer. Obviously. But that doesn't excuse blatant errors like this from a professional developer working for a company with a serious online presence. This is not a case of having to be a perfect programmer to prevent external influence of your content. This is web-dev 101. If they're this bad, I have no reason to trust the rest of their site. Let's sum up some of their recent bonehead decisions: - Simple form injection through URL tampering - Inability to delete user accounts in RHN - Expiration of up2date certificates - Questionable perl-suid package dependency for Perl errata - Lack of SOHO-style errata support (I know, be patient...) Ok, I'm off my soapbox. But that felt damn good. ;-) -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: packet sniffer
On Tue, 2003-09-30 at 13:01, Noah wrote: I am trying to troubleshoot soe network issues - can somebody recommend a good sniffer for redhat 8.0 kernel 2.4 Command line, tcpdump. GUI, ethereal. Tcdump wins hands-down for troubleshooting ease of use. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: OT: DNS
On Tue, 2003-09-30 at 14:26, dbrett wrote: Unfortunately the DNS servers are back up. I would like solve this so I don't run into this problem again. Delegation is handled by Networksolutions; probably ok missing glue not sure what this is bad set-up on the third server doesn't make sense to me because if the query is done directly to the third server the query succeeds You're not going to get any help because you didn't reply back with the domain information as one of the other posters requested. Now it's too late either way. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: OT: DNS
On Tue, 2003-09-30 at 14:35, dbrett wrote: What was done to fix the issue was to switch the second and third servers in the list. Now it appears to be working. It almost looks like there is a limit on how many servers can be listed. Wrong. $ dig yahoo.com ns snip ;; ANSWER SECTION: yahoo.com. 172722 IN NS ns4.yahoo.com. yahoo.com. 172722 IN NS ns5.yahoo.com. yahoo.com. 172722 IN NS ns1.yahoo.com. yahoo.com. 172722 IN NS ns2.yahoo.com. yahoo.com. 172722 IN NS ns3.yahoo.com. You're speculating. Without the proper information, we're speculating as well. Not only is this OT, but folks are guessing. DNS, while a black art, is not conducive to guessing. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: OT: DNS
On Tue, 2003-09-30 at 14:36, Lists wrote: You never mentioned WHICH domain was having problems. FWIW, tcn.net only has TWO authoritative DNS servers listed: He never said this was for tcn.net. Obviously, this is not the domain. How do I know? Most Root servers use a 2 day TTL. There's no way he could've removed a 3rd NS entry and us not still see it. whois tcn.net [Querying whois.internic.net] [Redirected to whois.networksolutions.com] [Querying whois.networksolutions.com] [whois.networksolutions.com] ... FWIW, please don't refer to whois output when troubleshooting DNS. Whois has *nothing* to do with the normal operation of the Internet. DNS works something like this (assuming no local data cache)... Client - Resolver - TLD/Root NS - Authoritative - Resolver - Client Whois is an information database that provides contact/ownership information on a domain. The nameserver listings should NOT be taken seriously when troubleshooting DNS issues. I've seen MANY MANY MANY times where the root nameservers don't sync with what Whois reports. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
RE: Backup options and considerations
On Mon, 2003-09-29 at 03:22, Buck wrote: Sorry, I am using this on RHL 9. I got distracted and forgot to add the question about what backup software would be best. If that's the case, please search the archives. This has been covered ad nauseum. http://marc.theaimsgroup.com/?l=redhat-listw=2r=1s=backupsq=b P.S. Please don't take this as a flame, but I'm curious. Why would you spend as much time writing up your original post, rather than just searching the archives? I'm really not trying to start an argument, I'm just wondering. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Is ftp running?
On Mon, 2003-09-29 at 10:27, dlangschied wrote: First off, thanks for the walk-through. I am new to Red Hat, so some things are still on my to learn list. I am technical support for an app that runs on Linux and sometimes I get OS questions that I can't answer. Theat being said, I went through the items that you detailed and I got stopped at netstat. Obviously, there isn't an ftp process running. I ran chkconfig and nothing showed up. I did get a list in the rpm step. It included the following: gftp-2.0.8-2 ncftp-3.0.3-6 ftp-0.17-12.1.1 Do any of these entries mean anything? I ran the same thing on my Linux server and got a great deal more, including all the ones listed above. rpm -qi package name will give you a description as to what the package is. All of those you've listed are ftp clients, not servers. As a fellow consultant, I imagine that you're providing paid support for this application. Perhaps you might spend a few hours reading some of the excellent documentation that Red Hat provides for their Linux distributions (http://www.redhat.com/docs/manuals/linux/). -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Amavis install problem on RH 9
On Mon, 2003-09-29 at 11:03, [EMAIL PROTECTED] wrote: When I try to install Amavis on Redhat 9 I get an error when I need to configure the package. This is my output. [EMAIL PROTECTED] amavis-0.3.12]# ./configure loading cache ./config.cache /bin/date: relocation error: /lib/tls/libpthread.so.0: symbol errno, version GLIBC_PRIVATE not defined in file libc.so.6 with link time reference checking for a BSD compatible install... /usr/bin/install -c checking whether build environment is sane... sleep: relocation error: /lib/tls/libpthread.so.0: symbol errno, version GLIBC_PRIVATE not defined in file libc.so.6 with link time reference yes checking for mawk... no checking for gawk... gawk checking whether make sets ${MAKE}... yes checking whether make sets ${MAKE}... (cached) yes checking for a BSD compatible install... /usr/bin/install -c checking for gcc... no checking for cc... no configure: error: no acceptable cc found in $PATH What is wrong? That last line tells it all. It couldn't find a C compiler (cc/gcc) installed. I'll bet the Amavis source code includes a README or INSTALL file documenting your prerequisites. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Illegal OpCode in NFS Kickstart
I'm attempting a RHAS 2.1 pxeboot NFS kickstart on an HP DL-740. This configuration works fine on a variety of other Compaq/HP servers (1850/320/360/380/580/etc). However, attempts to kickstart this server die with a red screen of death and an error message of Illegal OpCode. So far, I've gathered that it locks up right after loading the vmlinuz and initrd.img from the dhcp server. However, this happens *before* the install attempts to nfs mount the / directory. I've verified that this is not a network issue by booting into rescue mode and mounting nfs (and tcpdump-ing on the nfs server). At this point, it appears to be a problem with the cciss driver for the internal array in the pxeboot images. Red Hat has asked me to try this config with the RHAS 2.1 Update 2 images. I was able to successfully install via CD, but the pxeboot NFS kickstart still fails in the same way. Has anyone ever seen anything like this? Neither google nor RH's bugzilla were at all helpful. TIA, -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Illegal OpCode in NFS Kickstart
On Mon, 2003-09-29 at 15:22, Jason Dixon wrote: I'm attempting a RHAS 2.1 pxeboot NFS kickstart on an HP DL-740. This configuration works fine on a variety of other Compaq/HP servers (1850/320/360/380/580/etc). However, attempts to kickstart this server die with a red screen of death and an error message of Illegal OpCode. Sorry for the self-reply, but I've found a flash update for the 740 on HP's support site. If this works, I'll send out an update to the list. http://h18004.www1.hp.com/support/files/server/us/download/18925.html Thanks, -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Backup options and considerations
On Mon, 2003-09-29 at 00:25, Buck wrote: I am thinking about backup procedures for my server. [snip] I don't know what normal backup procedures look like, I don't think I have seen any since about 1990. Anyone have any helpful suggestions? I really don't grok what your real question might be, but it definitely doesn't sound like it has anything to do with Red Hat Linux. Perhaps you might invest in some good Backup/Restore literature or an experienced storage consultant, particularly if your company is so financially dependent on the data being handled properly. In short, I think this is off-topic for this list. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: can an xp's ntfs be mounted?
On Mon, 2003-09-29 at 00:33, Rene's Caltech Email wrote: can an xp's partion(ntfs) be mounted on red hat 9...i was able to do it on suse linux but not on red hat 9 You might try searching the archives next time. This has been asked a million-gazillion times. :) http://marc.theaimsgroup.com/?l=redhat-listw=2r=1s=ntfsq=b -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Netgear WG511
On Fri, 2003-09-26 at 15:16, Abe wrote: Hello, I was trying to configure the netgear wg511 802.11g wireless card for RedHat 9. I did some searching and found that there were no drivers for this card and was unsuccessful to find anyone else who installed it. Has anyone had any luck with this before or heard of anything? According to the first link, this card uses the Intersil ISL3890 chipset. The 2nd link is the driver project page. Sounds like you'll have to do some kernel patching to get it to work, hope that 54Mbps is worth it. ;-) http://www.linuxquestions.org/questions/archive/3/2003/07/3/59031 http://ruslug.rutgers.edu/~mcgrof/802.11g/ *Happily enjoying his 11Mbps 802.11b DWL-650...* -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Samba Usage Monitor
On Fri, 2003-09-26 at 17:30, Krautkramer, John wrote: Hi, Does anyone know of a usage monitor for Samba to run on RedHat 9.0? I'd like to keep track of who is using what resources. The RedHat machine is setup as a server for a group of WinNT and Win200 users. What kind of statistics are you looking for? smbstatus will print out a list of all running smb processes and locked resources. It would be trivial to write a top-like perl script to display summaries for user, remote system, share, etc. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Samba Usage Monitor
On Fri, 2003-09-26 at 18:27, Krautkramer, John wrote: Hi Jason, I thought about writing something like that but was hoping there was something already available, possibly similar to the web site monitor Webalizer. I'd like to who is using what and when. I'm not really using anything. I use smbstatus if I ever need something to help me troubleshoot smb connections. Where would something like Sambalizer (I officially copyright that name!) really be of practical use? PS: I'm new to using this list. How are you supposed to 'reply' to a posting? I don't see the obvious method. I'm using cut and paste into a new message. It's list etiquette to append replies after the relevant sections of the email you're replying to. If you notice, I've just replied inline to your questions. I've also trimmed text that is no longer relevant. It's considered good form NOT to top-post. This is where you simply hit reply, then start typing at the top of the email. Replies like this (yours falls into this category) are harder to follow and tend to receive less attention from some participants. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Importing CSV Files
On Fri, 2003-09-26 at 20:50, Helgi Örn Helgason wrote: On 2003-09-26, Shesh Kondi wrote: I recently moved away from Windoze to Red Hat Linux. But, I have all my old MS Outlook information ( Outlook Contacts and Outlook Notes), in the form of .CSV files. How do I import data form these files and what RH apps can I use. I tried Kaddress, but failed., Try Evolution, it is supposed to be the alternative to Outlook. It imports some different fileformats, though I don't know about .csv. You could take a look at it and and see if it imports some format that Outlook can export to. Nope, no CSV support (at least, not in Evolution 1.4.0). I did notice support for Outlook .mbx files, but it sounds like you didn't forsee that. :-P -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: RH 9 wireless pcmcia
On Thu, 2003-09-25 at 18:00, Helgi Örn Helgason wrote: Hi Hatters! I wonder if someone has got the wireless D-Link DWL-610 pcmcia card working in RH 9? I'm also searching for links to RH 9 wireless HowTo websites. Do you mean the DWL-650? I see no reference to a DWL-610 on the D-Link website. If so, please search the archives, I've posted plenty of information regarding this card. If not, please provide more details. http://marc.theaimsgroup.com/?l=redhat-list -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: RH 9 wireless pcmcia
On Thu, 2003-09-25 at 20:15, Helgi Örn Helgason wrote: On 2003-09-25, Jason Dixon wrote: Do you mean the DWL-650? I see no reference to a DWL-610 on the D-Link website. If so, please search the archives, I've posted plenty of information regarding this card. If not, please provide more details. It is the D-Link Air 2.4GHz Wireless Cardbus Adapter Model:DWL-610/EU http://www.dlink.co.uk/1936.htm It's not listed anywhere on the linux-wlan adapter compatibility page (http://www.linux-wlan.org/docs/wlan_adapters.html). I can only assume it's either not supported by their project, or you're the first Linux user to buy one. ;-) If you can find out which 802.11b chipset it uses, we might be able to help out more. As it is, I have a bad feeling it's equivalent to the U.S. version of the DWL-650+. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: RH 9 wireless pcmcia
On Thu, 2003-09-25 at 21:15, Helgi Örn Helgason wrote: On 2003-09-25, Jason Dixon wrote: If you can find out which 802.11b chipset it uses, we might be able to help out more. As it is, I have a bad feeling it's equivalent to the U.S. version of the DWL-650+. The 42 page manual says: The DWL-610 is compatible with 802.11b wireless products, which include: * D-Link AirPlus DWL-650+ 2.4GHz Wireless Cardbus Adapter used with laptop computers D-Link Air DWL-510, * D-Link AirPlus DWL-520+ 2.4GHz Wireless PCI cards used with desktop computers * D-Link AirPlus DWL-900AP+ Enhanced 2.4GHz Wireless Access Point * D-Link AirPlus DI-614+, DI-714P+ Enhanced 2.4GHz Wireless Broadband Routers All of which tells us nothing. Being network compatible has nothing to do with the chipset in the card. Please read my reply more carefully. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Plea to Linux Users
On Tue, 2003-09-23 at 08:57, Kent Borg wrote: On Mon, Sep 22, 2003 at 08:24:00PM -0400, Jason Dixon wrote: It is for this reason that I'd like to suggest the following. Take 10 minutes to download, compile and run chkrootkit on your Linux systems. So there is a download chkrootkit vs. download Knoppix STD war going on. And both have their points. I retract all arguments regarding the methodology used. My only point was to suggest that folks try chkrootkit. It wasn't intended to start a war of principles, methodologies or philosophies. This list directly represents a lot of computers that are connected to the internet all the time. Are they all being kept up to date? Are the updates being applied *promptly* after they become available? I seriously doubt it. Worse, are those secondary Linux computers influenced by those reading this list all being kept up to date? No. Great point. If folks were patching as they should, we'd all be better off. The systems where chkrootkit has worked for me were *always* ones that weren't being patched. Folks, it's *easy*... just use up2date-nox or apt-get update/upgrade via cron! Do we need a HOWTO before folks really pay attention? P.S. Did anyone point out that chkrootkit needs to be kept up to date? It does. Chkrootkit should never be installed permanently on a system, IMHO. It should be a one-time utility that is used by downloading the most current source at runtime. This is the only way to guarantee that you're using trusted code. Chkrootkit that's been sitting around on a compromised system is no more effective than a trojaned netstat. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Fedora
On Mon, 2003-09-22 at 15:13, Benjamin J. Weiss wrote: Does this mean that I won't be downloading RH 10, but instead will be downloading Fedora 10 or something? Fedora Core 1 (Cambridge), apparently, which will contain everything you expected to see in Red Hat Linux 10 and more due to the contributions of the Fedora Project. Okay, now for the big question: RHCE? As I understand it, the current RHCE exam is based on RH 8.0. If RedHat is now dropping the free version of RedHat in favor of the Fedora Project, is the RHCE going to be splintered? Or are they going to change the test to be based on the Enterprise Linux? I wish I knew. RH was very prompt about explaining to current RHCE's how the original numbering changes would affect our certification period. I haven't heard anything from RH since they've issued the press release that signalled the end of the retail version. Previously, my certification was due to expire around RH 12. I have no idea now. Now I know I must be getting old, I'm getting tired of all the change that abounds...*sigh* No kidding. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
RE: Fedora
On Mon, 2003-09-22 at 17:23, Buck wrote: Hmmm, your cert expires at RH 12 and they just backed up to 3.0? Sounds like your cert could be around a while longer than you expected. LOL No, it was based on the original Red Hat product. I passed the RHCE when 7.2 was current and RHAS was just starting to gain traction in the marketplace. -J. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Dixon Sent: Monday, September 22, 2003 5:01 PM To: Red Hat Mailing List Subject: Re: Fedora snip Previously, my certification was due to expire around RH 12. I have no idea now. Snip -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: RHCE (was Fedora)
On Mon, 2003-09-22 at 19:09, Ian Mortimer wrote: I wish I knew. RH was very prompt about explaining to current RHCE's how the original numbering changes would affect our certification period. I haven't heard anything from RH since they've issued the press release that signalled the end of the retail version. Previously, my certification was due to expire around RH 12. I have no idea now. According to https://www.redhat.com/training/rhce/rhce_faq.html#current All RHCEs earned on Red Hat Linux 7.3 or prior will be considered current until the release of Red Hat Enterprise Linux AS/ES/WS 4. All RHCEs and RHCTs earned on RedHat Linux 8.0 or 9 will remain current until the release of Red Hat Enterprise Linux 5. Sounds like yours is good until the release of RHEL 4. Thanks for digging that up. I'm not sure whether to consider it good news or bad- with all their changes, I've lost track. :-P -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Plea to Linux Users
On Mon, 2003-09-22 at 20:28, Benjamin J. Weiss wrote: I'd say don't download and compile chrootkit. Instead, download the knoppix security tools distribution (http://www.knoppix-std.org/), burn it to a CD, then boot from it and *then* run chrootkit, which is on the CD. This way you will *ABSOLUTELY KNOW* that you are running a safe version of chrootkit that will tell you whether or not you've been compromised. It takes a bit longer to download, but you'll always have it in your toolkit, and it makes for great peace of mind. Uh, how are you suggesting that downloading chkrootkit from a third-party source is any safer from the developer source? This is why you verify the md5 checksum. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Plea to Linux Users
On Mon, 2003-09-22 at 20:42, Benjamin J. Weiss wrote: On 22 Sep 2003, Jason Dixon wrote: On Mon, 2003-09-22 at 20:28, Benjamin J. Weiss wrote: I'd say don't download and compile chrootkit. Instead, download the knoppix security tools distribution (http://www.knoppix-std.org/), burn it to a CD, then boot from it and *then* run chrootkit, which is on the CD. This way you will *ABSOLUTELY KNOW* that you are running a safe version of chrootkit that will tell you whether or not you've been compromised. It takes a bit longer to download, but you'll always have it in your toolkit, and it makes for great peace of mind. Uh, how are you suggesting that downloading chkrootkit from a third-party source is any safer from the developer source? This is why you verify the md5 checksum. Um...Jason...the CERT training that I went to stated (though I have not verified it externally) that it is still possible to fool chkrootkit if you are running it in a compromised environment. We were taught that the best way to go is to run it from a clean medium, such as knoppix, to ensure that any of the binaries or LKM's aren't spoofing you. I know, you specifically stated that you should use good binaries...but this is easier and (AFAIK) foolproof... I'm happy that your CERT training prepared you for small/home-office operations. However, many of us work and exist in environments where carrying around a CD doesn't scale. My suggestion can be quickly and easily performed on remote systems. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Plea to Linux Users
On Mon, 2003-09-22 at 21:10, Ian Mortimer wrote: However, many of us work and exist in environments where carrying around a CD doesn't scale. Not to mention the need to reboot every box to run off the CD and then reboot again when done. Several days work there. Yup. Not to mention that rebooting is a red flag to hackers. The idea here is to run diagnostics while trying to stay off their radar, else you risk losing the evidence (and possibly your filesystem). My suggestion can be quickly and easily performed on remote systems. The CD idea has merit though. You could put the application and all the utilities it uses on a CD, mount the CD on one host and export it over NFS to other hosts on the network. It's a good idea where you have a few systems, perhaps off-site, to visit and check. Exporting it via NFS brings up it's own mess of problems and potential exploits. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Plea to Linux Users
On Mon, 2003-09-22 at 21:30, Steve Phillips wrote: At 08:57 p.m. 22/09/2003 -0400, Jason Dixon wrote: On Mon, 2003-09-22 at 20:42, Benjamin J. Weiss wrote: [snippy snip] Um...Jason...the CERT training that I went to stated (though I have not verified it externally) that it is still possible to fool chkrootkit if you are running it in a compromised environment. We were taught that the best way to go is to run it from a clean medium, such as knoppix, to ensure that any of the binaries or LKM's aren't spoofing you. I know, you specifically stated that you should use good binaries...but this is easier and (AFAIK) foolproof... I'm happy that your CERT training prepared you for small/home-office operations. However, many of us work and exist in environments where carrying around a CD doesn't scale. My suggestion can be quickly and easily performed on remote systems. Please then - do not use FUD to market your product. What are you talking about? What product was I attempting to market? I'm afraid you must not have read very carefully. At no point did I offer to sell *anything*. I was simply offering up some free, sage advice. This way you will *ABSOLUTELY KNOW* that you are running a safe version of chrootkit that will tell you whether or not you've been compromised. This is misleading, and if the aim is to get people to be more security minded then being misleading is a bad place to start. I assume you're responding to Benjamin, those were not my words. Yes, this is not practical in every instance, and as with personal firewalls, anti-virus scanners and using different operating systems that are not mainstream every little bit helps - but PLEASE don't start spreading the same kind of drivel that many marketing plebs out there in the world today do. It makes you and your product look bad to the people that would get the most benefit from your product. (even if you are giving it away) What are you talking about? Spreading drivel? I've only suggested that folks try running chkrootkit on their servers to try and gain a small measure of comfort in the state of their systems. Where did I appear to be marketing something for sale??? In a corporate (SME to Large enterprise) scenario I would assume that they already have systems in place to cope with intrusion detection and eradication - including known good system configurations for just this purpose. Duh. Where did I suggest that chkrootkit was the end-all solution to intrusion detection? I only offered it up as a quick check for system compromise. Jason Dixon, RHCE *sigh* I guess RHCE doesn't delve into the security aspects then eh ? I'm having a hard time understanding where your rant is coming from. I've done nothing but offer a suggestion to users that they try running chkrootkit on their systems. You're obviously reading a LOT into the email that simply wasn't there. What is your PROBLEM??? -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Plea to Linux Users
On Mon, 2003-09-22 at 21:36, Steve Phillips wrote: At 09:17 p.m. 22/09/2003 -0400, you wrote: Yup. Not to mention that rebooting is a red flag to hackers. The idea here is to run diagnostics while trying to stay off their radar, else you risk losing the evidence (and possibly your filesystem). Actually, if you suspected the system that much that you needed to take it offline for analysis - you would _NEVER_ boot off the medium again until it had been verified clean. I've never suggested booting off any media at all... Benjamin did. I suggested downloading the source, downloading trusted binaries, and running it in the existing state. I then went on to mention that a compromised system should be isolated. It was not my intention to escalate the email into a full-blown forensics HOWTO. The first step is to make a 1:1 identical copy of the system then store the hardware away as evidence, powering off should also be via the wall, rather than triggering a reboot. See above. you can then work off the image you created and mount that under a system that is in a _known_ good state, that way you cant be accused of tampering with data and you can do all your investigations without the potential attacker(s) influencing your results. See above. In a large enterprise scenario I would also suspect that you would have spare boxes to act as a backup incase this happens - if not then I would suggest you go get some. See above. In a small environment you would probably never convict as the cost to do so would outweigh the benefits, so why bother, if you suspect infection then simply re-install and harden. (or slap that spare box into operation after ensuring it is hardened) Basic forensics 101 - there are good tutorials available via google search. I'm happy that you consider yourself an expert in forensics. I don't. When I need an expert to perform forensics work for me, I subcontract out to Raven. You may have met her... her team came in 2nd place at this year's Defcon CTF. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
The Storm
Testing to see if the list is up or just really quiet... -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: fax server recommendation
On Wed, 2003-09-17 at 13:04, Bret Hughes wrote: On Wed, 2003-09-17 at 11:31, Noah wrote: can somebody recommend a fax server program out there? perhaps something opensource by chance? I help setup hylafax at my brother's office and it has been jamming ever since. [snip] I have this image of your brother standing over the fax, TPS report in hand, screaming obscenties at the machine. Something about PC LOAD LETTER??? What the [bleep] does THAT mean???. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: daemon and killproc problem in startup script
On Tue, 2003-09-16 at 01:52, Williams, Quinton L wrote: I am using RH9 and cannot get the daemon and killproc commands to work in my init.d startup scripts. I keep getting the following error: # /sbin/service dhcpd stop Stopping dhcpd: /etc/init.d/dhcpd: line 26: killproc: command not found I was able to get the start function to work by just removing the daemon command and leaving the path to the program: start() { echo -n $Starting $prog: ./usr/sbin/dhcpd Any help would be great, but please make it simple since Im pretty new to Linux. Obviously. ;-) No, seriously, you've just broken those scripts where you've deleted killproc. Killproc is a function defined in /etc/rc.d/init.d/functions and sourced by each of the scripts in that same directory. I can only assume that you've somehow managed to delete the functions file, which is breaking the rest of your scripts. If you need to replace that file, email me off-list and I'll send you a copy from my RH9 laptop. But you'll need to go back and undo those deletions you made. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Vmware on Red Hat 9
On Tue, 2003-09-16 at 07:42, Ed Greshko wrote: On Tue, 2003-09-16 at 18:51, Pablo Rodriguez Gonzalez wrote: Hi Ed, Yes I can, but maybe I can't speak English very well :-) I know, that running Windows XP from VMware, I must use its own set of drivers, yes. But this is running from VMware, and that is the reason because I want a real installation of Windows XP, to boot Windows XP without VMware too, to use the Geforce drivers. The only thing I want is to boot that real Windows XP installatio, from VMware, running VMware native graphics driver, but boot the REAL installation. And again, apologizes for my English. More clear? I believe your English was very clear in the first place. What you want is to A. Boot your system into Linux. B. Start VMware C. Have VMWare boot the real installation of XP and use the Video Hardware directly. Step C is not possible. That is outside of the abilities of VMware. I was hoping someone else would speak up and correct you, but this hasn't happened yet. Ed, YOU are WRONG. This can be done. I've been using raw disk vmware setups with VMWare on dual-boot systems for years. It looks like their documentation for 4.x is hidden now, but it's still there: http://www.vmware.com/support/ws4/doc/disks_dualboot_ws.html#1046312 There are known issues with certain configurations, and it only supports IDE disks, but it WORKS. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Vmware on Red Hat 9
On Tue, 2003-09-16 at 08:59, Ed Greshko wrote: On Tue, 2003-09-16 at 20:49, Jason Dixon wrote: C. Have VMWare boot the real installation of XP and use the Video Hardware directly. Step C is not possible. That is outside of the abilities of VMware. I was hoping someone else would speak up and correct you, but this hasn't happened yet. Ed, YOU are WRONG. This can be done. I've been using raw disk vmware setups with VMWare on dual-boot systems for years. It looks like their documentation for 4.x is hidden now, but it's still there: http://www.vmware.com/support/ws4/doc/disks_dualboot_ws.html#1046312 There are known issues with certain configurations, and it only supports IDE disks, but it WORKS. AhhhI don't think I am wrongat least not when one looks at the scope of the original question being asked. Wrong again. The original post was asking why he couldn't boot his Windows XP (raw disk) within VMware. There was no mention of his video card until his next reply... I want to use Geforce native driver, working without Linux too. You've ASSUMED that he wants to use the Windows driver within VMware. Obviously, this is not possible, but outside of the scope of the original question and likely not related, as it appears he a) wishes to run XP within VMware, and b) also dual-boot into XP for native driver support. The two concepts were never inter-mingled. Yes, you can boot the real disks with raw disks. However, the question was using the Geforce video directly. No, it wasn't. Read the archives. I do not believe that is supported and based on this paragraph in the link you suggest... See my first comment. The issues arise because the virtual hardware that the operating system sees when it is running in a virtual machine is different from the physical hardware it sees when it is running directly on the host computer. It is as if you were removing the boot drive from one physical computer and running the operating system installed there in a second computer with a different motherboard, video card and other peripherals - then moving it back and forth between the two systems. That iswhen you run it in real mode you get the real video and driver. But, if you boot even with the real raw disks you get the VMware Video driver No kidding. You're offering an answer to a question that was never asked. You're also trying to qualify your assumptions as relevant, when they are not. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Vmware on Red Hat 9
On Tue, 2003-09-16 at 09:03, Pablo Rodriguez Gonzalez wrote: Hi guys, No, no, I knows that if I runs in virtual mode I can't use Geforce driver. But I only wants to use this driver in real mode. Under Linux I must use VMware driver, ok :-) But Jason, looking at http://www.vmware.com/support/ws4/doc/disks_dualboot_ws.html#1046312 was the first thing I did it, and it didn't work :-( I'll try it again. Hi Pablo. I'm sorry this thread got off-topic, I should have jumped in sooner. This appears to be relevant: http://www.vmware.com/support/ws4/doc/disks_2kmultiboot_ws.html#1046341 -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Can't access remotely
On Tue, 2003-09-16 at 09:08, Chris V wrote: Hi Stephen, As I am new in Linux... could you be more specific where I should look for this? Which files controls what which service runs and which does not? And what about the http requests that are also denied? Hi Chris. Your problem is not easily answered in a sentence or two. You'll need to read some about Linux System's Administration. I suggest you review the documentation provided by Red Hat here: http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/ -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Vmware on Red Hat 9
On Tue, 2003-09-16 at 09:19, Ed Greshko wrote: On Tue, 2003-09-16 at 21:03, Pablo Rodriguez Gonzalez wrote: Geeyou mean WE are BOTH right? (Like my use of capitalization, Jason?) No, you are wrong. You claimed that the ability to boot an existing installation (read: raw disk) was not possible with VMware. You were unaware of VMware's limitation with Windows XP and raw disks, you were making a false generalization about the feature capabilities of VMware. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Vmware on Red Hat 9
On Tue, 2003-09-16 at 09:20, Ed Greshko wrote: On Tue, 2003-09-16 at 21:12, Jason Dixon wrote: No kidding. You're offering an answer to a question that was never asked. You're also trying to qualify your assumptions as relevant, when they are not. Is this flame bait? No, it's called a summary. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Can't access remotely
On Tue, 2003-09-16 at 09:28, Stephen Kuhn wrote: On Tue, 2003-09-16 at 23:08, Chris V wrote: Hi Stephen, As I am new in Linux... could you be more specific where I should look for this? Which files controls what which service runs and which does not? And what about the http requests that are also denied? rgrds Chris On the linux box, type in a run box, or in a console serviceconf and you should see FTP and TELNET services listed in there - you can start/stop/restart them from there - they're probably turned off...so once you start'em up, you can get into your box remotely... *sigh* I'm sorry folks, if it seems I've been a grouch lately, but nothing grinds my axe worse than mis- or half-right information. Yes, he can modify his running services, but this does nothing to resolve possible issues with his firewall, TCP wrappers, etc. Not to mention that SSH is a much better alternative than telnet for administrative uses. Please read the documentation. This is not meant to be a rant/RTFM/flame. But if you don't learn how to fish, you'll starve. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Vmware on Red Hat 9
On Tue, 2003-09-16 at 11:13, Jack Bowling wrote: ** Reply to message from Jason Dixon [EMAIL PROTECTED] on Tue, 16 Sep 2003 09:24:18 -0400 On Tue, 2003-09-16 at 09:20, Ed Greshko wrote: On Tue, 2003-09-16 at 21:12, Jason Dixon wrote: No kidding. You're offering an answer to a question that was never asked. You're also trying to qualify your assumptions as relevant, when they are not. Is this flame bait? No, it's called a summary. Jason/Ed - You aren't 13 anymore. Takre this offlist, please. Actually, we already had. You're the one that brought it back up again. Thread is dead. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: OT: Citrix solution
On Tue, 2003-09-16 at 11:24, Distribution Lists wrote: yesI guess VNC must be close, its just I've never used Citrix and have nothing to compare it too. Ok, I know this is going to sound stupid, but... If you don't know what Citrix is, why are you trying to emulate it? :) -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Laptop for RH
On Tue, 2003-09-16 at 13:15, Henderson, Todd L wrote: I'd like to find out what laptops work the best with RH 9.0 and if anyone has any recommendations. Best? As always, it depends on your requirements. I'm currently using a Compaq Armada M700 that works fine. Everything's supported, including the Winmodem. Does that mean that I'd like to keep it? Nope. Someone please give me an IBM Thinkpad. :) -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: OT? Kernel Tuning
On Tue, 2003-09-16 at 14:50, Jason Murray wrote: I apologize - I think that this might be a little off topic, but I know that a lot of you folks are Linux experts, and I was not sure where else to turn... I am trying to learn more about kernel tuning. Right now, my specific question is what does the command echo 4 4 1 4 /proc/sys/kernel/printk do? I understand that (a) it writes the values 4 4 1 4 (without the marks) to the file /proc/sys/kernel/printk (b)which tunes certain kernel parameters, but I have no idea what parameters it is tuning. Having figured out this much, I have googled on Linux kernel tuning and found a lot of interesting articles on how to tune parameter X; however, I have not found a definitive reference on all (or at least most) of the tunable parameters and how to tune them. Rather than ask someone to give me a fish by explaining just what the .../printk file tunes, I thought I'd ask to be taught how to fish, e.g. for someone to nudge, push, shove me in the right direction. Is there a definitive reference on kernel tuning, and would someone be so kind as to point me toward it? Feel free to use the clue-by-four if necessary, but please be gentle ;-). /usr/src/linux-2.4/Documentation/filesystems/proc.txt How did I find it? First, I googled for your terms linux kernel parameters proc printk, which led me to this post: http://www.ussg.iu.edu/hypermail/linux/kernel/0304.1/0922.html I noticed that the diff refers back to the Documentation directory under the kernel source. Doing a recursive grep for some of those terms (particularly printk) and piping it through your pager will reveal some good sources. When I ran across The four values in printk denote, I knew I'd struck gold. Hope this helps your future fishing endeavors. ;-) -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: OT? Kernel Tuning
On Tue, 2003-09-16 at 15:30, Kelerion wrote: nice answer.. now thats what I like to see in mailing lists.. Thanks. informative.. helpful.. but leads the OP to figure things out him/herself.. there should be more of this on mailing lists... Unfortunately, there are too many a) folks looking for the quick answer. These are, more often than not, people raised on the Windows way of doing things... call support, get put on hold, get told which buttons to press. Or b) too many folks throwing easy answers out there without explaining how the solution was resolved. This is also a problem with many Linux HOWTO documents. I really enjoy sharing the knowledge that I've acquired over the years. However, this rarely comes in the form of you need to set SHMMAX to blah value, or compile dillywankers into APCI support. More often than not, it's go here, check this out, see where it leads you. This is more efficient for me, and, for the self-serving student, a much better opportunity for long term retainment. Not to mention, they're more likely to offer the same assistance to others later on. :) -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: Fetchmail don't keep messages !!!
On Mon, 2003-09-15 at 20:32, Marcos S. Trazzini wrote: Negative !!! If I configure the same account in Evolution (in example), only the new messages are downloaded, and only one time. but the fetchmail download the same messages that are in the remote POP3 server every time it runs... Any Other email clients that I've tested (Outlook Express, Mozilla-Mail, Eudora, etc..) works fine... And THIS IS REALLY A BUG OR A MISSCONFIGURATION ON FETCHMAIL Hey, guess what? I was going to look into your problem and try to offer some assistance, until... You became a jerk. You've berated another user who attempted to resolve your problem by yelling at him. Twice. Hope you have better luck with other folks, it's certainly not coming from my direction. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: samba and iptables
On Mon, 2003-09-15 at 20:32, Ian L wrote: Hey all, I'm trying to set up samba to work with a win2k3 server and a redhat 8 server. I've got samba 2.x installed. It seems to be working, although i havent finished setting up all the user permissions. When i turn iptables off, i get a password prompt in windows when i click on the server. when i turn ip tables on, it just sits for 20 seconds and then tells me i dont have permission to access this network resource. Hi Ian. Hopefully I can offer a suggestion that will not only solve your problem, but show *you* how to do it. You know, the old give a man a fish theory. ;-) Install tcpdump, if you don't have it already. Determine what traffic (SSH, HTTP, DNS, etc.) you might see across the relevant network interface (eth1?) that Samba traffic should traverse. Now, run the following (with iptables enabled): tcpdump -ni eth1 not port 22 and not port 80 and not port 53 (etc, etc.) Include a and not port XX for each known service you *don't* want to see. This should (hopefully) reveal which ports/protocols that Samba is using. Those will be the ones you'll want to add to your iptables ruleset to allow SMB traffic through. There's always a chance that you'll catch more traffic than you expect. It's a case of trial and error. You're generally looking for TCP/UDP traffic between ports 135-139 and possibly 445. Hope this helps! -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: A network mystery
On Sun, 2003-09-14 at 17:23, Robert Jones wrote: Y'all, this one is about to drive me to distraction. Without going into a long chronology, I recent got DSL and have been reconfiguring. I finally got around to pulling my 3c905tx NIC and installing an Intel dual-port card as a stepping stone to restoring order. I'm using a Linksys router 'tween DSL modem and this Linux box and probably will even after the reconfiguration is complete. That's really beside the point. My question is this: When RH7.3 boots and brings up the eth* interface(s), where do the interface parameters come from? Careful before answering! I thought it was /etc/sysconfig/network-scripts/ifcfg-* but there's something else at work here. Please run rpm -qV net-tools and reply with the output (if any). I have a sneaking suspicion... -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: A network mystery
On Sun, 2003-09-14 at 17:27, Jason Dixon wrote: On Sun, 2003-09-14 at 17:23, Robert Jones wrote: Y'all, this one is about to drive me to distraction. Without going into a long chronology, I recent got DSL and have been reconfiguring. I finally got around to pulling my 3c905tx NIC and installing an Intel dual-port card as a stepping stone to restoring order. I'm using a Linksys router 'tween DSL modem and this Linux box and probably will even after the reconfiguration is complete. That's really beside the point. My question is this: When RH7.3 boots and brings up the eth* interface(s), where do the interface parameters come from? Careful before answering! I thought it was /etc/sysconfig/network-scripts/ifcfg-* but there's something else at work here. Please run rpm -qV net-tools and reply with the output (if any). I have a sneaking suspicion... Disregard, I misread the output of one of your ifconfig commands. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
Re: BIND question
On Sat, 2003-09-13 at 11:11, [EMAIL PROTECTED] wrote: Morning everyone. Well, I need to setup a internal DNS server for our company. As it stands right now, im looking at using BIND. But, i've never setup a BIND server before. Granted, I am very familiar with using commands such as 'dig' and 'nslookup', but as far as actually setting up BIND and getting it to work, im a newbie... With that in mind, does anyone recommend a link, doc, or book that I can read on how to setup a BIND server to be secure and efficient? The actual install of BIND should be pretty easy, but it is the setting up of the zones for my intranet and hosts as well is where I need some input.. Since you've never used BIND, I'd suggest using djb-dns. It's very secure, and your learning curve shouldn't be any worse than using BIND. http://cr.yp.to/djbdns.html -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list