Re: [SLUG] Server being used to relay emails
On Fri, Apr 30, 2004 at 12:14:28PM +1000, Chris Freeman wrote: Bounces to forged email addresses warning people of the virus should be considered in the same category as SPAM. This is a real nuisance, Some AV companies have clue: http://www.nod32.com.au/nod32/news/spamvertising.htm http://www.f-prot.com/news/gen_news/open_letter_30jan2004.html I just want to accentuate this point. If you are a mail server administrator TURN OFF NOTIFICATION! And whatever you do, do not *ever* send the infected attachment to anyone. You've done well, you've found a virus, that's wonderful. You may feel the need to share your success with someone[0], but you don't need to send the virus along to prove you really did find it. Hmmm. I wonder how many copies of these viruses are currently being bounced between two similarly badly configured AV scanners, and how many times they've made the round trip? Cheers, John [0] After all, having the IQ of a lobotomised flatworm, it's probably the only thing you've acheieved all day^Wyear. -- I expect them to say the data is on a RAID, therefore you don't need backups. Because they are all fucking idiots. -- Paul Tomblin -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] cebit and fta
G'day, interesting criticism of loose wording in FTA, with respect to digital media. http://www.cebit.com.au/html/news_4_art_5_prereg.cfm Ashley -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] cebit and fta
quote who=Ashley Maher G'day, interesting criticism of loose wording in FTA, with respect to digital media. http://www.cebit.com.au/html/news_4_art_5_prereg.cfm And of course, as Pia posted the other day and from Rusty's talk: http://linux.org.au/fta/ J. -- Jan Schmidt [EMAIL PROTECTED] Don't Panic -- The Hitchhiker's Guide to the Galaxy -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] iptables - filtering not working.
Here are the rules, I want to stop port 80 being accepted from any network except squid on this machine. This is not working. I think I have a drop all INPUT for port 80 and it is not dropping. Help... gateway:~# iptables -L INPUT Chain INPUT (policy DROP) target prot opt source destination DROP tcp -- anywhere anywhere tcp dpt:www ACCEPT all -- anywhere anywhere LOGall -- 127.0.0.0/8 anywhere LOG level warning DROP all -- 127.0.0.0/8 anywhere ACCEPT all -- anywhere 255.255.255.255 ACCEPT all -- 192.168.0.0/24 anywhere ACCEPT!tcp -- anywhere BASE-ADDRESS.MCAST.NET/4 LOGall -- 192.168.0.0/24 anywhere LOG level warning DROP all -- 192.168.0.0/24 anywhere ACCEPT all -- anywhere 255.255.255.255 ACCEPT all -- anywhere c211-30-226-107.rivrw4.nsw.optusnet.com.au ACCEPT all -- anywhere 211.30.226.255 LOGall -- anywhere anywhere LOG level warning DROP all -- anywhere anywhere DROP tcp -- anywhere anywhere tcp dpt:www gateway:~# iptables -L Chain INPUT (policy DROP) target prot opt source destination DROP tcp -- anywhere anywhere tcp dpt:www ACCEPT all -- anywhere anywhere LOGall -- 127.0.0.0/8 anywhere LOG level warning DROP all -- 127.0.0.0/8 anywhere ACCEPT all -- anywhere 255.255.255.255 ACCEPT all -- 192.168.0.0/24 anywhere ACCEPT!tcp -- anywhere BASE-ADDRESS.MCAST.NET/4 LOGall -- 192.168.0.0/24 anywhere LOG level warning DROP all -- 192.168.0.0/24 anywhere ACCEPT all -- anywhere 255.255.255.255 ACCEPT all -- anywhere me.rivrw4.nsw.optusnet.com.au ACCEPT all -- anywhere 211.30.226.255 LOGall -- anywhere anywhere LOG level warning DROP all -- anywhere anywhere DROP tcp -- anywhere anywhere tcp dpt:www Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- 192.168.0.0/24 anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED LOGall -- anywhere 192.168.0.0/24 LOG level warning DROP all -- anywhere 192.168.0.0/24 LOGall -- anywhere anywhere LOG level warning DROP all -- anywhere anywhere Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere 255.255.255.255 ACCEPT all -- anywhere 192.168.0.0/24 ACCEPT!tcp -- anywhere BASE-ADDRESS.MCAST.NET/4 LOGall -- anywhere 192.168.0.0/24 LOG level warning DROP all -- anywhere 192.168.0.0/24 ACCEPT all -- anywhere 255.255.255.255 ACCEPT all -- me.rivrw4.nsw.optusnet.com.au anywhere ACCEPT all -- 211.30.226.255 anywhere LOGall -- anywhere anywhere LOG level warning DROP all -- anywhere anywhere -- Thanks KenF OpenOffice.org developer -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] iptables - filtering not working.
On Mon, 2004-05-03 at 20:52, Ken Foskey wrote: Here are the rules, I want to stop port 80 being accepted from any network except squid on this machine. This is not working. I think I have a drop all INPUT for port 80 and it is not dropping. get rid of the INPUT drop rule. You need a FORWARD drop (reject suggested) rule for port 80. Rob -- GPG key available at: http://www.robertcollins.net/keys.txt. signature.asc Description: This is a digitally signed message part -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Kernel panic: 2.6.5.-1-686 boot probs.
Thanks Greg. Adam, Have you got: initrd=/initrd.img in your lilo.conf file? Yep. If you can boot with another kernel why don't you just put in the old 2.6.5 kernel (it is in /var/cache/apt/archives) Thanks, I found it. But how do I do that ? your mouse problem with XFree86 and 2.6.X kernel is all over the net. Just search in google. The quick fix is something like this: edit /etc/X11/XF86Config-4 find a line that has /dev/psaux or /dev/usb/mouse0 or similar replace with /dev/input/mice and restart X. WhenI did that X would not start. I have two entries in separate paragraphs under 'pointing device' (or whatever), 'dev/psaux' and '/dev/input/mice' ... changing the first crashes X. snip. Also I try and keep the last working kernel at /vmlinuz.old so I can always boot from that if I get into trouble. ... is there a symlink from /vmlinuz.old to /var/cache/apt/archives ? ...but more importantly, I keep getting the message Error -3 While decompressing ! c0355f8c(1027641439)-d7c2(4096) VFS: Cannot open root device 345 or unknown-block (3,69) Please append a correct root= boot option Kernel panic: VFS:Unable to mount root fs on unknown-block (3,69) and the boot process hangs. lilo.conf (attached) has boot=/dev/hda root/dev/hdb5 but neither of them, or 'root=/dev/hda1' work in allowing the boot process to continue. There must be a simple solution. [Sorry about the graphic mess below. I transcribed it by hand from Linux to XP drives, as I had no cut paste. It looked OK in Moz-Thunderbird] Any ideas ? Adam Bogacki, [EMAIL PROTECTED] On Sun, 2 May 2004 08:40 pm, Adam Felix Bogacki wrote: Oops, I forgot to run lilo ... but I then got the error message /dev/mapper/control: open failed: No such device Is device mapper driver missing from kernel ? Incompatible libdevmapper 1.00.15-ioctl (2004-04-07) (compat) and kernel driver Warning: The boot sector and map file are on different disks Added Linux * Skipping /vmlinuz.old Added DOS when I try to reboot from C: using the newly installed apt-upgraded kernel I get Error -3 While decompressing ! c0355f8c(1027641439)-d7c2(4096) VFS: Cannot open root device 345 or unknown-block (3,69) Please append a correct root= boot option Kernel panic: VFS:Unable to mount root fs on unknown-block (3,69) Tux:~# df Filesystem1K-blocks Used AvailableUse Mounted on /dev/hdb5 13690082183251079997 17% / tmpfs1919800 191980 0% /dev/shm /dev/hda119991104 10655424 9335680 54% /mnt/DOS /dev/hdb2 7746 6970376 95% /boot /dev/hdb9 18951504 372340814265404 21% /home /dev/hdb6 12342396 1934112 9781352 17% /usr /dev/hdb718729604358641341916 25% /usr/local /dev/hdb818247682984081433588 18% /var /dev/hde5 7692876 8 7302092 1% /home/cyberia /dev/hde6 1344016 8 1275736 1% /usr/cyberia ... previously /boot was showing 100% full. Tux:/boot# ls . -la system.map-2.6.5-1-686 787887 lost+found 1024 boot.0300 512 map 73728 vmlinuz-2.6.5-1-686 1125072 config-2.6.5-1-686 52167 initrd.img-2.6.5-1-686 4009984 and four symlinks range: 31-34 The boot error message makes reference to an unknown block. This may be due to my use of 'parted' to increase space in /usr which was previously 99% full. This was successful, but my attempt to increase the size of /boot was not - I'm at a loss to understand why. [EMAIL PROTECTED] /root % parted /dev/hdb snip Information: The operating system thinks the geometry on /dev/ide/host0/bus0/target1/lun0/disc is 4865/255/63. Therefore, cylinder 1024 ends at 8032.499M (parted) print -snip- Disk label type: msdos Minor Start End Type Filesystem Flags 20.031 7.844 Primaryext3 boot 17.844 38162.219 extended 5956.997 2337.583 logical ext3 7 2384.679 4243.732 logical ext3 8 4290.8296102.817 logical ext3 9 6196.979 32153.532logical ext3 6 32247.694 37244.443 logical ext3 10 37244.474 38162.219logical ext3 (parted) resize 2 0.03125.567 [trying to enlarge /boot] Warning: You requested to resize the partition to 0.031-25.567Mb. The closest Parted can manage is 0.031-7.844MB. I understand that Parted is choosing options consistent with interactions between firmware and software, but it has previously stated that ...cylinder 1024
[SLUG] no screens
This is probably simple, but I do not know where to start ... I am still very new to Debian .:-) X has been working perfectly, though I have only used the vesa mode until I work out how to load nVidia. Tonight I looked ta some of the games--when I finished, the mouse was not working, so I first shut X down, tried to restart --no; so I re-booted. Now the X will not work--neither on booting or with startx. (EE) Screens found, but none have a usable configuration Fatal server error: no screens found. XF86Config-4 seemed unchanged, but I reconfigured anyway: but no change.. vesa I gather takes depths 8 15 16 24 ? ?? I am lost and bewildered .. any help really appreciated Geoffrey -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] no screens
Further fiddling showed default depth as 24--cutting back to 16 lets it work ... but I seem to have acquired TWO mouse drivers.. so panic is more or less over--but not WHY.. a 70 year old brain works slowly , I am sorry Geoffrey -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Virus Found in message Your text
Norton AntiVirus found a virus in an attachment you ([EMAIL PROTECTED]) sent to [EMAIL PROTECTED] To ensure the recipient(s) are able to use the files you sent, perform a virus scan on your computer, clean any infected files, then resend this attachment. Attachment: your_text.pif Virus name: [EMAIL PROTECTED] Action taken: Clean failed : Quarantine succeeded : File status: Infected application/ms-tnef-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] radius
Hi Guys I've got a problem with a radius system that is used to authenticate wireless. My practical linux skills aren't huge so please bare with me. Its running on redhat 7.3, I think its openradius. I know the command to start it is radiusd. It stops every night. I started it as root and am wondering if it stops when roots login times out. Any suggestions would be greatly appreciated. Cheers Robert -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Iptables / proxy server madness
On Tue, 2004-05-04 at 09:30, Peter Rundle wrote: Sluggers, I'm hoping that someone can shed some light on this problem, otherwise I must be going mad. I have two linux boxen, one of which is an internet gateway masquerading for the other using iptables. When I try to access a web site using Mozilla from the masqueraded box it fails miserably waiting forever for the reply packets. However, if I telnet to port 80 of the site I get an immediate response. I can also ssh out to other servers on the net no problems. Now before you jump to any conclusions, the advanced proxy settings in Mozilla are set to direct connection to the internet. Now things get really weird. If I run squid on the gateway and use an iptables redirect of 80 to 3128 (Rob's comments about transparent proxying not withstanding) then Mozilla is happy as Larry. ??? Ok, here's a checklist to run on the machine running mozilla (with the interception rule in iptables disabled) 1) dig/host/ping bad-wed-address we are just looking for correct name resolution - we don't need to actually ping. 2) telnet address 80 type in between the ==='s (case unfortunately matters on some servers): === GET / HTTP/1.1 Host: the-host If this gives you the web page, then mozilla is whacked. Chances are though that something will break. If everything is fine until the second CR, then you probably have a MTU issue. See man iptables and put a MSS clamp rule in as they describe. Rob -- GPG key available at: http://www.robertcollins.net/keys.txt. signature.asc Description: This is a digitally signed message part -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] radius
Hi Guys I've got a problem with a radius system that is used to authenticate wireless. My practical linux skills aren't huge so please bare with me. Its running on redhat 7.3, I think its openradius. I know the command to start it is radiusd. It stops every night. I started it as root and am wondering if it stops when roots login times out. Any suggestions would be greatly appreciated. If I understand correctly you manually logon and fire up this program and then leave this user logged on, cause soon as the user logs off it closes all programs associated with this user. Which is how things work typically. If you want radiusd to run @ boot and stay running in the background, I'd suggest getting a init.d wrapper script created and installed. That way the system will fire up the radiusd @ boot in certain run levels and then terminate it nicely upon shutdown. /etc/init.d/skeleton is typically a good start for writing one, as you can use it as a base. However if you are unsure about doing this and stuff, I am sure someone would be able to assist. Thanks -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] fixing Grub on hdd with corrupted part table
Thanks to all who replied. Gave up wasting time and re-installed Fedora Core 1. Funny that after doing fsck -f /dev/hda4 and answering yes to all questions, the partition appeared to be repaired. I could access it via Knoppix 3.3 (and thus burned all my required files to DVD with K3b), but I couldn't boot Fedora, no matter what. Even the Fedora install CD 1 found the existing installation on hda4, but when I tried updating, it said that the partition appeared not to be formatted. Different utilities, under both linux and Win XP gave different results and error messages. Think that in future I'll keep XP and Linux on different drives (until I get rid of XP). Thanks again Bill -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] radius
On Tue, May 04, 2004, Michael Fox wrote: If you want radiusd to run @ boot and stay running in the background, I'd suggest getting a init.d wrapper script created and installed. That way the system will fire up the radiusd @ boot in certain run levels and then terminate it nicely upon shutdown. You may want to check for the existence an /etc/init.d/radius (or something like radius) script before creating one. It's possible that one exists and isn't being run. You can find out a bit about managing Red Hat 7.3 runlevels here: http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/ref-guide/s1-init-boot-shutdown-init.html -Mary -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] SLUG] Iptables / proxy server madness
I would suggest put DNS by hand (not automatic detection) on client machine. Any IP DNS should do. EG Try Telstra's primary.61.9.192.14 Try Telstra's secondary.61.9.192.15 Cheers Roger Sluggers, I'm hoping that someone can shed some light on this problem, otherwise I must be going mad. I have two linux boxen, one of which is an internet gateway masquerading for the other using iptables. When I try to access a web site using Mozilla from the masqueraded box it fails miserably waiting forever for the reply packets. However, if I telnet to port 80 of the site I get an immediate response. I can also ssh out to other servers on the net no problems. Now before you jump to any conclusions, the advanced proxy settings in Mozilla are set to direct connection to the internet. Now things get really weird. If I run squid on the gateway and use an iptables redirect of 80 to 3128 (Rob's comments about transparent proxying not withstanding) then Mozilla is happy as Larry. ??? Ok what gives am I a) going mad b) being suckered by some hidden mozilla (drive pete crazy) option selected. c) something else I don't know about I.e Internet bug #23876412282? Cluesticks? TIA's Pete -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] clean room disk recovery in Australia?
Hi sluggers, Friend of mine got a dead hard drive with (part of) his thesis in it. He wanted to know if there is any clean room data recovery company here in Australia. Any ideas? -- Lester -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] clean room disk recovery in Australia?
Hi sluggers, Friend of mine got a dead hard drive with (part of) his thesis in it. He wanted to know if there is any clean room data recovery company here in Australia. Any ideas? Check the list archives, I believe this might of been discussed previously. Infact not long ago. I am guessing your friend will now backup his important data on a regular basis.. Ouch. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] clean room disk recovery in Australia?
There is a good one down in Melbourne (had to use it) about 2 years ago but costly ~$4500 A On Tue, May 04, 2004 at 04:09:42PM +1000, Michael Fox wrote: Hi sluggers, Friend of mine got a dead hard drive with (part of) his thesis in it. He wanted to know if there is any clean room data recovery company here in Australia. Any ideas? Check the list archives, I believe this might of been discussed previously. Infact not long ago. I am guessing your friend will now backup his important data on a regular basis.. Ouch. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html signature.asc Description: Digital signature -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html