Please keep in mind that this is the LEAF project now
and has advanced significantly beyond it's roots. :)
LEAF has several distro projects, a very active
developer community and amail support list.
Sorry, never used freesco. Once I found the Eigerstein
it met my needs. Currently using Dachen
Hi all,
If any of you is running SSHD open to the Internet, a security flaw has been
made public two days ago:
http://www.securityspace.com/smysecure/catid.html?id=11031
Regards,
Philippe
---
Sponsored by:
ThinkGeek at http://www.ThinkGeek.
On Wed, 2002-06-26 at 17:43, JamesSturdevant wrote:
> In reality, it's just not there. Weblet uses a shell script as the httpd
> server. I posted some code a while ago to handle POST requests but I don't
> know if it has been added to the general distribution. Parameter passing
> can be added but
On Wed, 2002-06-26 at 21:43, Eric Kubischta wrote:
> I imagine that, over time, the group if developers working on the LRP
> project will produce a final, great product and I look forward to it with
> great anticipation...(ahhemanyone thought of building a manufactured LRP
> based box for s
On Thu, 2002-06-27 at 04:33, Philippe Lepot wrote:
> If any of you is running SSHD open to the Internet, a security flaw has been
> made public two days ago:
> http://www.securityspace.com/smysecure/catid.html?id=11031
Philippe,
The vulnerability details weren't released until yesterday (26 June)
Current workaround (tempfix) is:
1) Locate the "ChallengeResponseAuthentication" line in /etc/ssh/sshd_config
(typically) change to :
ChallengeResponseAuthentication no
2) Backup sshd.lrp
3) Restart sshd if running as daemon.
(Full information on the mutiple short-term fixes updated on 06/26/2
On 27 Jun 2002 06:41:13 PDT mike wrote:
> On Thu, 2002-06-27 at 04:33, Philippe Lepot wrote:
> > If any of you is running SSHD open to the Internet, a security
> > flaw has been
> > made public two days ago:
> > http://www.securityspace.com/smysecure/catid.html?id=11031
>
> Philippe,
> The vul
And I will be getting an updated DachCD out someday
soon! With OpenSSH 3.4 I hope.
Lost a hard drive. Been trying to recover. I'll be
back at it soon.
I've got to sync up with everyone on any more script
changes that should be included.
Sean
> On Thu, 2002-06-27 at 04:33, Philippe Lepot w
Just to announce I've updated my page at:
http://web.tiscali.it/l_capriotti
with my latest incarnation of a Bering CD.
It is RC3-based and has the following characteristics:
- The image is based on the default glibc-2.0.7.
- It contains openssh V3.4p (following last security alert) and
squid-
Ok, are you saying that because of the kernel that I'm using now that
the network modules aren't loading properly? I'm guessing that isn't
so. From what I'm reading, should you be providing an image that does
IPSEC through a registered IP (current one) and private IP (what most
home LRP users ar
Hello all!
I'm planning to build a redundant connection between our offices.
The networks are connected with E1 WAN links, briefly it look's like:
Office1 Office2
|__ __|
|___| Router1 | WA
I apologize if this is a little unrelated, but one of
my bering boxes behaves differently from my other
bering boxes in a ssh session. The ssh session simply
disconnects when I press ctrl-c at the # prompt. This
does not happen on the other boxes. I am using the
same client (putty) to access these
anyone know where I can find a axfrdns package for TinyDNS that I can use
with Secondary.com??
or know a secondary name service I can use with TinyDNS.lrp ?
thanks
Alec Miller
---
Sponsored by:
ThinkGeek at http://www.ThinkGeek.com/
On Thu, 2002-06-27 at 12:45, Dragon Wood wrote:
> I apologize if this is a little unrelated, but one of
> my bering boxes behaves differently from my other
> bering boxes in a ssh session. The ssh session simply
> disconnects when I press ctrl-c at the # prompt. This
> does not happen on the other
well, i got everything up and running with one minor hitch... i cannot
get it to authenticate with a user that i create manually. if i allow
root to login on ttys0, then i can dialin with the root username and
password, and it will dialin fine, but the internet will still not work.
the ip addr
I'm not exactly familiar with what you are trying to do, but it looks like
you have (currently already in place) an existing dedicated line between the
two offices, and want to make it redundant by adding an IPSec tunnel between
the two offices. That's pretty easy I think. I'm not familiar with
Ping,
To help get your configuration working correctly sooner, could you
please follow the "SR" Link at the bottom of this post and send
a ANSII diagram and complete description of exactly what you
are trying to setup? I'm wondering if some terminology confusion
is going on here and this inform
I've been following this thread with some interest...trying to accomplish much the
same as Eric, and have been reading up, down and sideways through leaf-user. I have a
Dachstein (floppy) system. I'm trying to have a Win2k PPTP client (internal) connect
to a PoPToP server (external). As with
On Thursday 27 June 2002 14:08, [EMAIL PROTECTED] wrote:
> Hello all!
>
> I'm planning to build a redundant connection between our offices.
> The networks are connected with E1 WAN links, briefly it look's like:
>
> Office1 Office2
>
> |_
Hi Joey!
OSPF protocol (Open Shortest Path First) is a routing protocol that's doing
just what you think's the problem is, determing the gateway.
It calculates the shortest (lowest cost) path to the destination network.
Our network are rather big, that's why we are using OSPF as the routing
proto
Try this instead of the UDP port:
EXTERN_TCP_PORTS="130.111.135.159/32_1723"
> and
>
> EXTERN_PROTO0="47 130.111.135.159/32"
--
~Lynn Avants
aka Guitarlynn
guitarlynn at users.sourceforge.net
http://leaf.sourceforge.net
If linux isn't the answer, you've probably got the wrong question!
-
Assuming then that you can configure the OSPF protocol to look at the IPSec
interface costing more than the 2mbit link (based on your description) then
the IPSec gateway information is the only thing you would need to setup.
All in all that is pretty straightforward, and you would presumably just
I think IPSec can couse problem in how to configure the OSPF, I have to
litle experiance with Zebra to solve this, without reading, reading and
testing, testing.
I hope that someone have done this before and maybe supply me with
experiance from there work.
/Paul
-Ursprungligt meddelande-
Thanks for that tip, guitarlynn. That wasn't the answer - or I have something else
wrong or incomplete - and I still wasn't seeing anything in the log to help. So I
added the last line, below, to ipchains.input (I have nothing in ipchains.forward or
ipchains.output):
$IPCH -I input -j DENY -
Hi,
Is there any way to stop martian source messages from printing on to the
screen.
Thanks
Abjin
---
This sf.net email is sponsored by:ThinkGeek
Bringing you mounds of caffeinated joy.
http://thinkgeek.com/sf
--
I sent a message to the leaf-devel list a few days back about this
issue, but didn't get any replies. Any developer willing to
recompile dhclient with this TTL hack (one line of code)?
I tried compiling ISC's dhcp-2.0pl5 on a RedHat 5.2 box today -
compiled okay and executed okay on my LRP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andy,
Here is what I added here at VQA to get VPN to work.
network.conf
# TCP services open to outside world
# Indexed list: "SrcAddr/Mask port [ DestAddr[/DestMask] ]"
EXTERN_TCP_PORT0="0/0 1723 0/0"
# Generic Services open to outside wor
I am one of those others who is possibly encountering this also,
however I am using a basic Dachstein setup.
Will let you know if it works.
Steve
On Thu, 27 Jun 2002 22:24:11 -0500
"Ethan Galstad" <[EMAIL PROTECTED]> wrote:
> I sent a message to the leaf-devel list a few days back about this
28 matches
Mail list logo
