Re: How to get away with small /var partition

2003-11-29 Thread Malcolm Ferguson
Walter Dnes wrote: On Fri, Nov 28, 2003 at 12:13:46AM -0800, Karsten M. Self wrote Or you could just give yourself One Big Partition and deal with the attendant problems. I'm trying to get as close as possible to One Big Partition, without the problems. The minimal needs seem to be... /

Re: How to get away with small /var partition

2003-11-29 Thread Malcolm Ferguson
Walter Dnes wrote: On Sat, Nov 29, 2003 at 02:17:08AM -0800, Karsten M. Self wrote You clearly haven't grasped the philosophy of Debian. The above paragraph betrays a gross misunderstanding on your part. You *don't* "wipe and reinstall" to do a Debian upgrade. You run: # apt-get update;

Re: Yahoo says I'm a Spam-o-Rama (via DynDNS)

2003-11-07 Thread Malcolm Ferguson
BruceG wrote: Okay, I'm happily e-mailing away to friends and family, and lo and behold (fancy talk for "wha wha whaat") - I find out that Yahoo pops me into the Spam block list. I know this was talked about recently (wasn't it?) - and had something to do with dynamic DNS users. Questions are:

Re: xinerama ideas

2003-10-03 Thread Malcolm Ferguson
Hugo Vanwoerkom wrote: I have 2 monitors with each keyboard/mouse [...] But another use is one user with xinerama. [...] What in the world would I use xinerama for? Not having had it, being small-minded, now I can't think of a use of it. I use two monitors under Win2K (19in @ 1280x1024x32bpp a

Re: NTP wont work as box is at 1980.

2003-10-01 Thread Malcolm Ferguson
Ben Edwards wrote: Greg Bolshaw wrote: Ben Edwards wrote: I have a box which will not keep the time. Every time I shut it down it looses the time and goes back to 1980 Why not just replace the BIOS battery? That way you won't lose the time when you shutdown. Have already replaced the bios

How do people remount /usr read-only after apt-get?

2003-10-01 Thread Malcolm Ferguson
On a couple of Woody systems I put together recently I followed advice I'd seen that recommended mounting /usr as read-only. I haven't seen a security patch yet that has left me able to remount /usr read-only, which is quite annoying. I've configured a Dpkg Post-Invoke step to remount /usr r

Re: named complaining about lame servers when resolving

2003-09-23 Thread Malcolm Ferguson
Jacob Anawalt wrote: Malcolm Ferguson wrote: Hi, I've tried to configure bind on my Woody box as a caching DNS server for a segment of the network. However, after mistyping an IP address that I was trying to resolve elsewhere I'm now getting lots of messages in the log file c

named complaining about lame servers when resolving

2003-09-22 Thread Malcolm Ferguson
Hi, I've tried to configure bind on my Woody box as a caching DNS server for a segment of the network. However, after mistyping an IP address that I was trying to resolve elsewhere I'm now getting lots of messages in the log file complaining about a lame server. Have I misconfigured named,

Re: OT: question about HTTP headers

2003-08-14 Thread Malcolm Ferguson
Roberto Sanchez wrote: POST /mypay.asp HTTP/1.1 Host: mypay.dfas.mil User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4b) Content-Length: 44 |-HiddenVal=Netscape5.0+%28Windows%3B+en-US%29 POST /mypay.asp HTTP/1.1 Host: mypay.dfas.mil Content-Length: 40 |-HiddenVal=Netscape5.0+%28X1

How do I assign multiple IPs from different subnets to the same NIC?

2003-08-14 Thread Malcolm Ferguson
I have NT4 machine which I'm trying to replace with a Debian box. It currently has a secondary IP in a completely different subnet assigned to its public NIC. I'm trying to figure out how to do this in Debian - I think I need to modify /etc/network/interfaces, but I'm not sure how. For exampl

Re: How do I configure iptables to allow DNS lookups?

2003-08-14 Thread Malcolm Ferguson
J.A. de Vries wrote: Contrary to common belief DNS is not UDP only. Once in a while a normal query will be to large and then TCP packets are used. So TCP is not exclusively for zone-transfers. If I understand what I've just read from a Google search, TCP is used when the data exceeds 512 bytes (

Re: How do I configure iptables to allow DNS lookups?

2003-08-14 Thread Malcolm Ferguson
Jeremy Gaddis wrote: On Wed, 2003-08-06 at 22:02, Malcolm Ferguson wrote: I have /etc/resolv.conf containing a nameserver entry. I also have some name servers listed in the forwarders section of etc/bind/named.conf. Is there a way to configure both bind and the normal name resolver (how

How do I configure iptables to allow DNS lookups?

2003-08-10 Thread Malcolm Ferguson
I'm trying to configure iptables as strictly as possible, however, I'm having problems with DNS. If I understand correctly how DNS works, the client sends a UDP packet from a high number port to port 53 on the name server. The name server responds with a UDP packet back to that high number po

Re: is exim attempting to relay ???

2003-08-09 Thread Malcolm Ferguson
Michael D. Schleif wrote: Recently, I am getting emails bounced back to me from my mail gateway. Strangely, the attempted outgoing From: is [EMAIL PROTECTED] ?!?! The entire bounce is here: What do you think? I'm no SMTP expert... but maybe somebody

Thanks all! - Re: How do I configure iptables to allow DNS lookups?

2003-08-07 Thread Malcolm Ferguson
[EMAIL PROTECTED] wrote: If you want to see the full script go to http://huizen.dto.tudelft.nl/devries/security/iptables_example.nl.html for an explanation and to http://huizen.dto.tudelft.nl/devries/files/iptables_files.tar.gz for the archive. Currently there's only a Dutch explanation avail