Charles, Luis,
Luis.F.Correia wrote:
Just to add up a little...
Some drivers/cards accept a MAC address when loading the module.
Nice, but that would make it very card-specific...
Also if dhcpclient is used in the external interface, there
are options for specifying the MAC address.
Hi
I'm running Dachstein 1.02. With a public IP DMZ plus some masqueraded
workstations.
We are connected via a shared 10/100 link to our ISP.
Recently we've come under attack, but I can't figure out where or what by.
The first I noticed was very high internet use reported by our ISP.
100
Oh do you have any information ? nothing ? scary stuff hamm..
come-on you must have something.. even normal tcpdump -n will give you some
kind of a picture
from your public DMZ server what kind of service world or you get, give us
some more details, config etc
I am sure you have holls in your
I have tried to boot the bering-1.0-rc1 and dachstein-1.0.2 images with
VMWare Workstation for Windows v. 3.0 and 3.1. I also tried this with
an older LRP disk that we have been using in production and I get the
same results.
Each time, root.lrp loads and the kernel loads and starts to run,
Hi!
VMWare does not support 1.68 Floppies!
-Original Message-
From: Brian Credeur [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 18, 2002 1:29 PM
To: [EMAIL PROTECTED]
Subject: [Leaf-user] VMWare Fails to boot
I have tried to boot the bering-1.0-rc1 and dachstein-1.0.2 images
I understand that ipsec cannot run behind nat.
But could someone explain why this is necessarily so?
Nat does not alter the dest address therefore the packet would
end up in the right place.
Then after deencapsulation, ipsec could see that the inner
packet was valid.
For that matter, I cannot
http://www.theregus.com/content/4/24611.html
It is absolutely inconceivable to me, if true, that
that is not some kind of criminal offense.
To build in to an O/S release to automatically fetch
files without your explicit knowledge and permission
and even to fetch them from a company which is
Jason,
I am currently trying to make a rescue disk that supports SMB and NTFS. I
have all the files, but I need more space. I have already pared down the
modules, and in my case I got rid of the IP_ modules as well. I am still
about 100K too large and I was looking at delete some of the other
Philip,
Given my limited knowledge I will give you what I think is a correct
answer.
IPsec depends upon the sending address for authentication. When a packet
is mangled by NAT this info is not available for ipsec to use. Thus you
can not NAT the ipsec traffic. There is a way to port forward
- Original Message -
From: [EMAIL PROTECTED]
Is The Register reliable?
No wonder they have such disdain for the govt. and the law.
They want to BE the govt. and the law.
Sorry for getting political on this list.
Chastised in advance.
The Register is pretty reliable. It's a good
I understand that ipsec cannot run behind nat.
But could someone explain why this is necessarily so?
Nat does not alter the dest address therefore the packet would
end up in the right place.
Then after deencapsulation, ipsec could see that the inner
packet was valid.
For that matter, I
On my LRP box (MMX 233, 64M), ipsec rsasigkey is just hanging forever. I
even tried 16 bits and there is only one output line before hanging:
# ipsec rsasigkey --verbose 16
getting 1 random bytes from /dev/random...
Could somebosy show me what could be wrong?
Thank you
Thank you Charles. Do you mean 'bang' by hitting some random keys, several times, and
by 'cat' as e.g.
cat file1 file2 and so on
I am doing it now but see no efect yet.
-- Original Message --
From: Charles Steinkuehler [EMAIL PROTECTED]
Date: Thu,
Thank you Charles. Do you mean 'bang' by hitting some random keys, several
times, and by 'cat' as e.g.
cat file1 file2 and so on
I am doing it now but see no efect yet.
Yes, that's what I mean. Note that you have to be on the *actual* keyboard
(remote terminals don't work). I think when
I am doing remotely so that's why. Will do it when at home and after attaching a
monitor. Outch!!!
Thanks a lot, Charles.
-- Original Message --
From: Charles Steinkuehler [EMAIL PROTECTED]
Date: Thu, 18 Apr 2002 09:40:14 -0500
Thank you Charles. Do
On Thu, 18 Apr 2002, MLU wrote:
I am doing remotely so that's why. Will do it when at home and after
attaching a monitor. Outch!!!
There are patches available for the 2.4 kernels to generate randomness
based on NIC interrupts. While some people feel that an attacker could
manipulate
On Wednesday 17 April 2002 22:46, Chad Carr wrote:
* guitarlynn ([EMAIL PROTECTED]) wrote:
On Wednesday 17 April 2002 09:41, [EMAIL PROTECTED] wrote:
You won't be able to add it unless you replace dnscache.lrp or
someone ports the ipsec scripts to iproute2 (which as found before
is not a
On Thursday 18 April 2002 08:23, Ed Tetz wrote:
Jason,
I am currently trying to make a rescue disk that supports SMB and
NTFS. I have all the files, but I need more space. I have already
pared down the modules, and in my case I got rid of the IP_ modules
as well. I am still about 100K too
Dachstein LEAF
Hello,
I am running the standard Dachstein LEAF box on a
cable modem. I am getting hundreds of these broadcast
messages:
# ip addr
1: lo: LOOPBACK,UP mtu 3924 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope
During the last several weeks of testing, my IPSec-enabled image
of Dachstein has not received any reported bugs. I have now posted
a new image (with a couple of minor non-functional changes and
the updated udhcp.lrp). There shouldn't be any more functional
changes unless the I use Chad Carr's
I've taken Charles' binaries and created a package for use with lcd's
using the hd44780 controller (and some clone) chipset's. Init script is
included and the package includes /etc/lcd.conf which contains all
needed configuration options.
It is available at:
I've updated the udhcp package with the server's default lease time
that is more acceptable to Win2K/XP clients and modified the client
init script to 'release' a lease and quit (rather than re-starting after
releasing the lease).
The general LEAF package is at:
22 matches
Mail list logo