From owner-freebsd-isp Sun Nov 26 11:45:27 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from gull.prod.itd.earthlink.net (gull.prod.itd.earthlink.net [207.217.121.85])
by hub.freebsd.org (Postfix) with ESMTP
id 7A64737B479; Sun, 26 Nov 2000 11:45:21 -0800 (PST)
Received: from veager.siteplus.net (1Cust216.tnt2.chattanooga.tn.da.uu.net [63.26.98.216])
by gull.prod.itd.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id LAA15189;
Sun, 26 Nov 2000 11:45:18 -0800 (PST)
Date: Sun, 26 Nov 2000 14:44:46 -0500 (EST)
From: Jim Weeks <jim@siteplus.net>
To: freebsd-isp@freebsd.org
Cc: freebsd-ports@freebsd.org
Subject: apache-ssl-php4-fp solution
Message-ID: <Pine.BSF.4.21.0011261326550.10456-100000@veager.siteplus.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
I will preface this by saying I am no authority in this field, but I
have seen a few posts on this subject and hope this may help someone
else in a simular situation.
To the matter at hand. I had several production servers running
3.X-stable. All of these were running apache-ssl-php3-frontpage with php3
and frontpage compiled into the binary and ssl as DSO. This presented a
problem in upgrading to php4. You may have noticed that there are a lot
of new DSO modules in /usr/ports/www. The problem is that some, such as
mod_ssl, are only available from RELENG_4, and seem to be 4.X dependent.
After building Apache a *lot* of different ways, including from
source, I have come to this conclusion. This task can be done easily with
the ports collection, even for the 3.X platform.
First, you must download and install the FreeBSD version of frontpage
extensions into /usr/local. They may be found at,
http://msdn.microsoft.com/workshop/languages/fp/2000/unixfpse.asp
Now, we can easily adapt /usr/ports/www/apache13-modssl. This can be done
by copying two files already present on the machine and making one entry
in the Makefile. Php4 "/usr/ports/www/mod_php4" can be added after apache
has been compiled.
The first file:
Copy the apache frontpage patch "fp-patch-apache_1.3.12" from
/usr/local/frontpage/version4.0/apache-fp/ to
/usr/ports/www/apache13-modssl/files/ and rename it patch-aj
The second file:
$ cd /usr/ports/www/apache13-modssl
$ cp ../apache13-fp/files/mod_frontpage.c \
> files/mod_frontpage.c
Edit the Makefile:
Place "--add-module=mod_frontpage.c" near the bottom of the CONFIGURE_ARGS
section.
Mine looks like this.
CONFIGURE_ARGS= --prefix=${PREFIX} \
--server-gid=nogroup \
--with-perl=${PERL} \
--with-layout=${FILESDIR}/FreeBSD.layout:FreeBSD \
--suexec-docroot=${PREFIX}/www/data \
--without-confadjust \
--enable-module=most \
--enable-module=auth_db \
--enable-module=mmap_static \
--disable-module=auth_dbm \
--enable-shared=max \
--enable-module=ssl \
--add-module=mod_frontpage.c \
--enable-module=define
Finish up:
$ make
$ make certificate
$ make install
$ make clean
$ cd ../mod_php4
$ make
$ make install
$ make clean
Appropriate entries for enabling mod_php4 will automatically be added to
httpd.conf when the module is built. You may need to add frontpage
yourself. Just add "AddModule mod_frontpage.c" to the AddModule list.
Good luck,
--
Jim Weeks
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sun Nov 26 23:44:11 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.psknet.com (orion.psknet.com [63.171.251.4])
by hub.freebsd.org (Postfix) with SMTP id 451BA37B4C5
for <freebsd-isp@freebsd.org>; Sun, 26 Nov 2000 23:44:02 -0800 (PST)
Received: (qmail 47657 invoked from network); 27 Nov 2000 07:43:59 -0000
Received: from abyss.dashit.net (HELO ABYSS) (209.100.22.250)
by orion.psknet.com with SMTP; 27 Nov 2000 07:43:59 -0000
From: "Troy Settle" <troy@psknet.com>
To: "Jim Weeks" <jim@siteplus.net>, <freebsd-isp@freebsd.org>
Cc: <freebsd-ports@freebsd.org>
Subject: RE: apache-ssl-php4-fp solution
Date: Mon, 27 Nov 2000 02:43:59 -0500
Message-ID: <GIEHKBHPBGKJPNMBCOHFCEAICAAA.troy@psknet.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
In-Reply-To: <Pine.BSF.4.21.0011261326550.10456-100000@veager.siteplus.net>
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Importance: Normal
X-AntiVirus: scanned for viruses by Pulaski Networks (http://www.psknet.com) using AMaViS (http://www.amavis.org)
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Jim,
Excellent job on the homework. I'm going to be rebuilding a box this week,
and greatly appreciate your pointers. I was going to see what the heck I
needed to do to accomplish this.
Perhaps you could contact the apache13-fp maintainer and help him/her turn
it into apache13-fp-modssl, which would be a very nice thing to have, since
those 2 mods require patches to the source.
Honestly though, I don't understand why the FP patches haven't been
integrated into the apache code-base. An option to configure could easily
enable/disable the feature (or bug for some :).
My $.02,
--
Troy Settle
Pulaski Networks
540.994.4254
It's always a long day, 86400 doesn't fit into a short.
** -----Original Message-----
** From: owner-freebsd-isp@FreeBSD.ORG
** [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jim Weeks
** Sent: Sunday, November 26, 2000 2:45 PM
** To: freebsd-isp@freebsd.org
** Cc: freebsd-ports@freebsd.org
** Subject: apache-ssl-php4-fp solution
**
**
** I will preface this by saying I am no authority in this field, but I
** have seen a few posts on this subject and hope this may help someone
** else in a simular situation.
**
** To the matter at hand. I had several production servers running
** 3.X-stable. All of these were running apache-ssl-php3-frontpage with php3
** and frontpage compiled into the binary and ssl as DSO. This presented a
** problem in upgrading to php4. You may have noticed that there are a lot
** of new DSO modules in /usr/ports/www. The problem is that some, such as
** mod_ssl, are only available from RELENG_4, and seem to be 4.X dependent.
**
** After building Apache a *lot* of different ways, including from
** source, I have come to this conclusion. This task can be done
** easily with
** the ports collection, even for the 3.X platform.
**
** First, you must download and install the FreeBSD version of frontpage
** extensions into /usr/local. They may be found at,
** http://msdn.microsoft.com/workshop/languages/fp/2000/unixfpse.asp
**
** Now, we can easily adapt /usr/ports/www/apache13-modssl. This
** can be done
** by copying two files already present on the machine and making one entry
** in the Makefile. Php4 "/usr/ports/www/mod_php4" can be added
** after apache
** has been compiled.
**
** The first file:
**
** Copy the apache frontpage patch "fp-patch-apache_1.3.12" from
** /usr/local/frontpage/version4.0/apache-fp/ to
** /usr/ports/www/apache13-modssl/files/ and rename it patch-aj
**
** The second file:
**
** $ cd /usr/ports/www/apache13-modssl
** $ cp ../apache13-fp/files/mod_frontpage.c \
** > files/mod_frontpage.c
**
** Edit the Makefile:
**
** Place "--add-module=mod_frontpage.c" near the bottom of the
** CONFIGURE_ARGS
** section.
**
** Mine looks like this.
**
** CONFIGURE_ARGS= --prefix=${PREFIX} \
** --server-gid=nogroup \
** --with-perl=${PERL} \
** --with-layout=${FILESDIR}/FreeBSD.layout:FreeBSD \
** --suexec-docroot=${PREFIX}/www/data \
** --without-confadjust \
** --enable-module=most \
** --enable-module=auth_db \
** --enable-module=mmap_static \
** --disable-module=auth_dbm \
** --enable-shared=max \
** --enable-module=ssl \
** --add-module=mod_frontpage.c \
** --enable-module=define
**
** Finish up:
**
** $ make
** $ make certificate
** $ make install
** $ make clean
**
** $ cd ../mod_php4
** $ make
** $ make install
** $ make clean
**
** Appropriate entries for enabling mod_php4 will automatically be added to
** httpd.conf when the module is built. You may need to add frontpage
** yourself. Just add "AddModule mod_frontpage.c" to the AddModule list.
**
** Good luck,
**
** --
** Jim Weeks
**
**
**
**
** To Unsubscribe: send mail to majordomo@FreeBSD.org
** with "unsubscribe freebsd-isp" in the body of the message
**
**
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sun Nov 26 23:55:58 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.psknet.com (orion.psknet.com [63.171.251.4])
by hub.freebsd.org (Postfix) with SMTP id BB5C637B479
for <freebsd-isp@freebsd.org>; Sun, 26 Nov 2000 23:55:54 -0800 (PST)
Received: (qmail 48479 invoked from network); 27 Nov 2000 07:55:52 -0000
Received: from abyss.dashit.net (HELO ABYSS) (209.100.22.250)
by orion.psknet.com with SMTP; 27 Nov 2000 07:55:52 -0000
From: "Troy Settle" <troy@psknet.com>
To: "Jim Weeks" <jim@siteplus.net>, <freebsd-isp@freebsd.org>
Subject: RE: LoadModule not adding to list.
Date: Mon, 27 Nov 2000 02:55:52 -0500
Message-ID: <GIEHKBHPBGKJPNMBCOHFMEAICAAA.troy@psknet.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
In-Reply-To: <Pine.BSF.4.21.0011241627340.3786-100000@veager.siteplus.net>
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Importance: Normal
X-AntiVirus: scanned for viruses by Pulaski Networks (http://www.psknet.com) using AMaViS (http://www.amavis.org)
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
I'm speculating here, but I got caught by a shortcoming in apxs a while
back.
After building apache-modssl, the default config had an <IfDefine SSL> tag
surrounding the directives to load and add the ssl module. Later, while
building php and modperl, I noticed that apxs stuck those directives into
the conditional created for SSL. Very odd.
Anyways, cleaning this up fixed it, but a SIGHUP didn't get those modules
loaded and working. I had to completely stop/restart Apache.
G'luck,
--
Troy Settle
Pulaski Networks
540.994.4254
It's always a long day, 86400 doesn't fit into a short.
** -----Original Message-----
** From: owner-freebsd-isp@FreeBSD.ORG
** [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jim Weeks
** Sent: Friday, November 24, 2000 4:48 PM
** To: freebsd-isp@freebsd.org
** Subject: LoadModule not adding to list.
**
**
** I have apache 1.3.9 with php3 compiled in running on a 3.4-stable
** machine. I am trying to upgrade to php4 with /usr/ports/wwwmod_php4.
**
** I have added the line
**
** LoadModule php4_module libexec/apache/libphp4.so
**
** to httpd.conf. I also have a ClearModuleList directive directly followed
** by an appropriate AddModule list.
**
** This is the error I get when HUPing the server.
**
** [Fri Nov 24 16:18:16 2000] [notice] SIGHUP received. Attempting
** to restart
** [Fri Nov 24 16:18:16 2000] [error] Cannot remove module mod_php4.c: not
** found in module list
** [Fri Nov 24 16:18:17 2000] [notice] Apache/1.3.9 (Unix) PHP/3.0.12
** FrontPage/4.0.4.3 mod_ssl/2.4.8 OpenSSL/0.9.4 configured --
** resuming normal operations
**
** I am confused as to how the ClearModuleList is even aware of the
** mod if it
** is not loading. What am I missing here? I wanted to run it past a few
** gurus before rebuilding apache.
**
** Thanks,
**
** --
** Jim Weeks
**
**
**
**
** To Unsubscribe: send mail to majordomo@FreeBSD.org
** with "unsubscribe freebsd-isp" in the body of the message
**
**
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 0:36:22 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from gull.prod.itd.earthlink.net (gull.prod.itd.earthlink.net [207.217.121.85])
by hub.freebsd.org (Postfix) with ESMTP id 1339937B479
for <freebsd-isp@FreeBSD.ORG>; Mon, 27 Nov 2000 00:36:20 -0800 (PST)
Received: from veager.siteplus.net (user-38lc8tq.dialup.mindspring.com [209.86.35.186])
by gull.prod.itd.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id AAA18791;
Mon, 27 Nov 2000 00:36:13 -0800 (PST)
Date: Mon, 27 Nov 2000 03:36:07 -0500 (EST)
From: Jim Weeks <jim@siteplus.net>
To: Troy Settle <troy@psknet.com>
Cc: freebsd-isp@FreeBSD.ORG
Subject: RE: LoadModule not adding to list.
In-Reply-To: <GIEHKBHPBGKJPNMBCOHFMEAICAAA.troy@psknet.com>
Message-ID: <Pine.BSF.4.21.0011270310560.339-100000@veager.siteplus.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Mon, 27 Nov 2000, Troy Settle wrote:
>
> I'm speculating here, but I got caught by a shortcoming in apxs a while
> back.
>
> After building apache-modssl, the default config had an <IfDefine SSL> tag
> surrounding the directives to load and add the ssl module. Later, while
> building php and modperl, I noticed that apxs stuck those directives into
> the conditional created for SSL. Very odd.
>
> Anyways, cleaning this up fixed it, but a SIGHUP didn't get those modules
> loaded and working. I had to completely stop/restart Apache.
Troy,
I never did get this one to work. I finally did the rebuild as I stated in
the "apache-ssl-php4-fp solution" thread. Stoping the server completely
did not work either. It should have been pretty straight
forward. LoadModule, ClearModuleList, AddModule, but always the same
error. Can't clear because the module was not in the list. If it was not
in the list, how was apache aware that it should clear it? ;/
Any way, thanks for the kind words. I am fortunate enough to have a
server that I can test things before trying it on one of my productions
machines. It is an old 486DX66 that I affectionately call Genesis. It
stands at the gate, serves files, runs crons and uploads the results to my
other servers, keeps time, and never complains. Even though it is on a
56k dial up, it sends its current IP up to one of my remotes so I can
check in when out of town. I really would hate to replace it.
Jim
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 0:44: 3 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from avocet.prod.itd.earthlink.net (avocet.prod.itd.earthlink.net [207.217.121.50])
by hub.freebsd.org (Postfix) with ESMTP
id 0F8A437B479; Mon, 27 Nov 2000 00:43:54 -0800 (PST)
Received: from veager.siteplus.net (user-38lc8tq.dialup.mindspring.com [209.86.35.186])
by avocet.prod.itd.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id AAA27333;
Mon, 27 Nov 2000 00:43:48 -0800 (PST)
Date: Mon, 27 Nov 2000 03:43:46 -0500 (EST)
From: Jim Weeks <jim@siteplus.net>
To: Troy Settle <troy@psknet.com>
Cc: freebsd-isp@freebsd.org, freebsd-ports@freebsd.org
Subject: RE: apache-ssl-php4-fp solution
In-Reply-To: <GIEHKBHPBGKJPNMBCOHFCEAICAAA.troy@psknet.com>
Message-ID: <Pine.BSF.4.21.0011270336460.339-100000@veager.siteplus.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Thanks Troy,
One other note on this subject. Before trying to build apache13-modssl,
be sure Openssl is up to date.
--
Jim Weeks
On Mon, 27 Nov 2000, Troy Settle wrote:
>
> Jim,
>
> Excellent job on the homework. I'm going to be rebuilding a box this week,
> and greatly appreciate your pointers. I was going to see what the heck I
> needed to do to accomplish this.
>
> Perhaps you could contact the apache13-fp maintainer and help him/her turn
> it into apache13-fp-modssl, which would be a very nice thing to have, since
> those 2 mods require patches to the source.
>
> Honestly though, I don't understand why the FP patches haven't been
> integrated into the apache code-base. An option to configure could easily
> enable/disable the feature (or bug for some :).
>
> My $.02,
>
> --
> Troy Settle
> Pulaski Networks
> 540.994.4254
>
> It's always a long day, 86400 doesn't fit into a short.
>
>
> ** -----Original Message-----
> ** From: owner-freebsd-isp@FreeBSD.ORG
> ** [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jim Weeks
> ** Sent: Sunday, November 26, 2000 2:45 PM
> ** To: freebsd-isp@freebsd.org
> ** Cc: freebsd-ports@freebsd.org
> ** Subject: apache-ssl-php4-fp solution
> **
> **
> ** I will preface this by saying I am no authority in this field, but I
> ** have seen a few posts on this subject and hope this may help someone
> ** else in a simular situation.
> **
> ** To the matter at hand. I had several production servers running
> ** 3.X-stable. All of these were running apache-ssl-php3-frontpage with php3
> ** and frontpage compiled into the binary and ssl as DSO. This presented a
> ** problem in upgrading to php4. You may have noticed that there are a lot
> ** of new DSO modules in /usr/ports/www. The problem is that some, such as
> ** mod_ssl, are only available from RELENG_4, and seem to be 4.X dependent.
> **
> ** After building Apache a *lot* of different ways, including from
> ** source, I have come to this conclusion. This task can be done
> ** easily with
> ** the ports collection, even for the 3.X platform.
> **
> ** First, you must download and install the FreeBSD version of frontpage
> ** extensions into /usr/local. They may be found at,
> ** http://msdn.microsoft.com/workshop/languages/fp/2000/unixfpse.asp
> **
> ** Now, we can easily adapt /usr/ports/www/apache13-modssl. This
> ** can be done
> ** by copying two files already present on the machine and making one entry
> ** in the Makefile. Php4 "/usr/ports/www/mod_php4" can be added
> ** after apache
> ** has been compiled.
> **
> ** The first file:
> **
> ** Copy the apache frontpage patch "fp-patch-apache_1.3.12" from
> ** /usr/local/frontpage/version4.0/apache-fp/ to
> ** /usr/ports/www/apache13-modssl/files/ and rename it patch-aj
> **
> ** The second file:
> **
> ** $ cd /usr/ports/www/apache13-modssl
> ** $ cp ../apache13-fp/files/mod_frontpage.c \
> ** > files/mod_frontpage.c
> **
> ** Edit the Makefile:
> **
> ** Place "--add-module=mod_frontpage.c" near the bottom of the
> ** CONFIGURE_ARGS
> ** section.
> **
> ** Mine looks like this.
> **
> ** CONFIGURE_ARGS= --prefix=${PREFIX} \
> ** --server-gid=nogroup \
> ** --with-perl=${PERL} \
> ** --with-layout=${FILESDIR}/FreeBSD.layout:FreeBSD \
> ** --suexec-docroot=${PREFIX}/www/data \
> ** --without-confadjust \
> ** --enable-module=most \
> ** --enable-module=auth_db \
> ** --enable-module=mmap_static \
> ** --disable-module=auth_dbm \
> ** --enable-shared=max \
> ** --enable-module=ssl \
> ** --add-module=mod_frontpage.c \
> ** --enable-module=define
> **
> ** Finish up:
> **
> ** $ make
> ** $ make certificate
> ** $ make install
> ** $ make clean
> **
> ** $ cd ../mod_php4
> ** $ make
> ** $ make install
> ** $ make clean
> **
> ** Appropriate entries for enabling mod_php4 will automatically be added to
> ** httpd.conf when the module is built. You may need to add frontpage
> ** yourself. Just add "AddModule mod_frontpage.c" to the AddModule list.
> **
> ** Good luck,
> **
> ** --
> ** Jim Weeks
> **
> **
> **
> **
> ** To Unsubscribe: send mail to majordomo@FreeBSD.org
> ** with "unsubscribe freebsd-isp" in the body of the message
> **
> **
>
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 1:25:51 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from backend2.aha.ru (terra.zenon.net [213.189.198.210])
by hub.freebsd.org (Postfix) with ESMTP
id 82B8B37B479; Mon, 27 Nov 2000 01:25:39 -0800 (PST)
Received: from [213.189.200.112] (HELO sunny.aha.ru)
by backend2.aha.ru (CommuniGate Pro SMTP 3.3.1)
with ESMTP id 64534182; Mon, 27 Nov 2000 12:25:34 +0300
Received: from AMARKELO (focus.futures.msk.ru [195.2.76.180])
by sunny.aha.ru (8.9.3/8.9.3) with ESMTP id MAA49088;
Mon, 27 Nov 2000 12:25:00 +0300 (MSK)
Date: Mon, 27 Nov 2000 12:24:43 +0300
From: "Alex N. Markelov" <amarkelov@futures.msk.ru>
X-Mailer: The Bat! (v1.45) Personal
Reply-To: "Alex N. Markelov" <amarkelov@futures.msk.ru>
Organization: Folium Ltd.
X-Priority: 3 (Normal)
Message-ID: <1771564079.20001127122443@futures.msk.ru>
To: "Will Mitayai Keeso Rowe" <mit@mitayai.net>
Cc: "Steve Reid" <sreid@sea-to-sky.net>,
"Vladimir I. Kulakov" <kulakov@kudesniki.ru>,
<freebsd-isp@FreeBSD.ORG>, <security@FreeBSD.ORG>
Subject: Re[2]: DOS atack of hardware problem?
In-reply-To: <NEBBIEGPMLMKDBMMICFNCEKHDIAA.mit@mitayai.net>
References: <NEBBIEGPMLMKDBMMICFNCEKHDIAA.mit@mitayai.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hello Will,
Friday, November 24, 2000, 11:30:54 AM, you wrote:
WMKR> has this been known to happen with xl0/3Com 3C509TX?
Yes, I saw the effect with 3Com network card and 3Com switch :(.
Without manual configuration it haven't worked properly.
WMKR> On Fri, Nov 24, 2000 at 09:21:32AM +0300, Vladimir I. Kulakov wrote:
>> It seems the network card in our server unpedicably swithes from 100
>> to 10 Mbits and from half-duplex to full duplex.
Best regards,
Alex N. Markelov
----------------------------
System administrator.
Folium Ltd., Moscow, Russia.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 7:43:48 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from hitline.ch (unknown [195.129.74.66])
by hub.freebsd.org (Postfix) with ESMTP id 2256237B479
for <freebsd-isp@freebsd.org>; Mon, 27 Nov 2000 07:43:42 -0800 (PST)
Received: from [195.129.74.2] (HELO [10.10.14.36])
by hitline.ch (CommuniGate Pro SMTP 3.3.2)
with ESMTP id 2817449 for freebsd-isp@FreeBSD.ORG; Mon, 27 Nov 2000 16:47:54 +0100
Mime-Version: 1.0
X-Sender: moshea%tronic-group.com@mail.com4u.ch
Message-Id: <p0500190ab6482ff37eb5@[10.10.14.36]>
In-Reply-To: <1771564079.20001127122443@futures.msk.ru>
References: <NEBBIEGPMLMKDBMMICFNCEKHDIAA.mit@mitayai.net>
<1771564079.20001127122443@futures.msk.ru>
Date: Mon, 27 Nov 2000 16:40:20 +0100
To: freebsd-isp@FreeBSD.ORG
From: Michael O Shea <moshea@tronic-group.com>
Subject: OffTopic Win4Lin
Content-Type: text/plain; charset="iso-8859-1" ; format="flowed"
Content-Transfer-Encoding: quoted-printable
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hi folks,
I asked the guys at http://www.netraverse.com if they had any plans
to port their win4lin product which runs Windows on top of Linux to
=46reeBSD.
His reply is detailed below if anybody wants to contact them to
register their interest in such a port.
"
We have not scheduled a port to FreeBSD at this time. We have had
very few request (<100) from FreeBSD folks to port the product. We
would be more than interested in porting our product if we could
establish there was a big enough market for the product. If you can
point at some hard market data for FreeBSD users, we would appreciate
it.
Thanks,
Tom Gordon
tgordon@netraverse.com"
--
Micheal O Shea
-----------------------------------------------------
com-o-tronic ag
Micheal O Shea, Systems Engineer
Gewerbepark
CH-5506 M=E4genwil
E-Mail micheal@com4u.ch
Voice: +41 62 887 3734
=46ax: +41 62 896 1133
Internet: http://www.com4u.ch http://www.ehitline.ch
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 9:48:22 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from ajax1.sovam.com (ajax1.sovam.com [194.67.1.172])
by hub.freebsd.org (Postfix) with ESMTP
id D2C3C37B479; Mon, 27 Nov 2000 09:48:14 -0800 (PST)
Received: from ts8-a150.dial.sovam.com ([195.239.2.150]:1086 "EHLO
ts8-a150.dial.sovam.com" ident: "NO-IDENT-SERVICE[2]" whoson:
"-unregistered-" smtp-auth: <none> TLS-CIPHER: <none> TLS-PEER: <none>)
by ajax1.sovam.com with ESMTP id <S111220AbQK0RsD>;
Mon, 27 Nov 2000 20:48:03 +0300
Date: Mon, 27 Nov 2000 20:47:48 +0300
From: "Vladimir I. Kulakov" <kulakov@kudesniki.ru>
X-Mailer: The Bat! (v1.47 Halloween Edition)
Reply-To: "Vladimir I. Kulakov" <kulakov@kudesniki.ru>
Organization: Kudesniki JSC
X-Priority: 3 (Normal)
Message-ID: <15940795775.20001127204748@kudesniki.ru>
To: "Alex N. Markelov" <amarkelov@futures.msk.ru>
Cc: freebsd-isp@FreeBSD.ORG, security@FreeBSD.ORG
Subject: Re[3]: DOS atack or hardware problem?
In-reply-To: <1771564079.20001127122443@futures.msk.ru>
References: <NEBBIEGPMLMKDBMMICFNCEKHDIAA.mit@mitayai.net>
<1771564079.20001127122443@futures.msk.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hello Alex,
ANM> Friday, November 24, 2000, 11:30:54 AM, you wrote:
WMKR>> has this been known to happen with xl0/3Com 3C509TX?
ANM> Yes, I saw the effect with 3Com network card and 3Com switch :(.
ANM> Without manual configuration it haven't worked properly.
How to lock fxp0 to 100BASE/TX half-duplex?
There is only an option to set the full-duplex ('mediaopt full-duplex').
Is it implied half-duplex by default, of by default it's set to
"autodetect"?
Thanks
--
Best regards,
Vladimir mailto:kulakov@kudesniki.ru
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 10:26: 2 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from pro.fais.net (unknown [208.249.141.254])
by hub.freebsd.org (Postfix) with ESMTP
id 072CD37B479; Mon, 27 Nov 2000 10:25:57 -0800 (PST)
Received: from drnet.fais.net (root@drnet.fais.net [208.249.141.31])
by pro.fais.net (8.9.3/8.9.3/Debian/GNU) with ESMTP id NAA01866;
Mon, 27 Nov 2000 13:12:20 -0600
Received: from wks01 (wks01.drnet.fais.net [10.64.80.10])
by drnet.fais.net (8.11.0/8.11.0) with SMTP id eARCMT731704;
Mon, 27 Nov 2000 12:22:33 GMT
(envelope-from jwpauler@jwpages.com)
Message-ID: <003b01c0589e$a6683c60$0a50400a@drnet.fais.net>
From: "Justin W. Pauler" <jwpauler@jwpages.com>
To: "Vladimir I. Kulakov" <kulakov@kudesniki.ru>,
"Alex N. Markelov" <amarkelov@futures.msk.ru>
Cc: <freebsd-isp@FreeBSD.ORG>, <security@FreeBSD.ORG>
References: <NEBBIEGPMLMKDBMMICFNCEKHDIAA.mit@mitayai.net> <1771564079.20001127122443@futures.msk.ru> <15940795775.20001127204748@kudesniki.ru>
Subject: Re: Re[3]: DOS atack or hardware problem?
Date: Mon, 27 Nov 2000 12:19:48 -0600
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
I believe by default they usually go to 'autodetect'. but to lock it in at
100BASE/TX half-duplex, I would try:
ifconfig fxp0 media 100baseTX mediaopt half-duplex
I have come to find that if you are going to be running a FreeBSD server in
ANY type of production environment, you should not be using 'autodetect'.
Justin W. Pauler (drnet)
E-Mail: jwpauler@jwpages.com
ICQ: 95989631
IRC: Undernet IRC Network
----- Original Message -----
From: "Vladimir I. Kulakov" <kulakov@kudesniki.ru>
To: "Alex N. Markelov" <amarkelov@futures.msk.ru>
Cc: <freebsd-isp@FreeBSD.ORG>; <security@FreeBSD.ORG>
Sent: Monday, November 27, 2000 11:47 AM
Subject: Re[3]: DOS atack or hardware problem?
> Hello Alex,
>
> ANM> Friday, November 24, 2000, 11:30:54 AM, you wrote:
> WMKR>> has this been known to happen with xl0/3Com 3C509TX?
> ANM> Yes, I saw the effect with 3Com network card and 3Com switch :(.
> ANM> Without manual configuration it haven't worked properly.
>
> How to lock fxp0 to 100BASE/TX half-duplex?
> There is only an option to set the full-duplex ('mediaopt full-duplex').
> Is it implied half-duplex by default, of by default it's set to
> "autodetect"?
>
> Thanks
>
> --
> Best regards,
> Vladimir mailto:kulakov@kudesniki.ru
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 10:29:14 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from virtual.sysadmin-inc.com (lists.sysadmin-inc.com [209.16.228.140])
by hub.freebsd.org (Postfix) with ESMTP id 657D937B479
for <freebsd-isp@freebsd.org>; Mon, 27 Nov 2000 10:29:03 -0800 (PST)
Received: from wkst ([10.10.1.70])
by virtual.sysadmin-inc.com (8.9.1/8.9.1) with SMTP id NAA05580
for <freebsd-isp@freebsd.org>; Mon, 27 Nov 2000 13:30:12 -0500
Reply-To: <peter@sysadmin-inc.com>
From: "Peter Brezny" <peter@sysadmin-inc.com>
To: <freebsd-isp@freebsd.org>
Subject: pine alternative
Date: Mon, 27 Nov 2000 13:28:50 -0800
Message-ID: <002501c058b9$09209c20$46010a0a@sysadmininc.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600
Importance: Normal
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
With all the security problems pine has had lately, what alternative are
people using, that seems to be secure? ...elm?
TIA
Peter Brezny
SysAdmin Services Inc.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 10:40:23 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from lunatic.oneinsane.net (lunatic.oneinsane.net [207.113.133.231])
by hub.freebsd.org (Postfix) with ESMTP id B7F2537B479
for <freebsd-isp@freebsd.org>; Mon, 27 Nov 2000 10:40:17 -0800 (PST)
Received: by lunatic.oneinsane.net (Postfix, from userid 1000)
id A6C5A15551; Mon, 27 Nov 2000 10:40:16 -0800 (PST)
Date: Mon, 27 Nov 2000 10:40:16 -0800
From: Ron 'The InSaNe One' Rosson <insane@lunatic.oneinsane.net>
To: freebsd-isp@freebsd.org
Subject: Re: pine alternative
Message-ID: <20001127104016.A80213@lunatic.oneinsane.net>
Reply-To: Ron Rosson <insane@lunatic.oneinsane.net>
Mail-Followup-To: freebsd-isp@freebsd.org
References: <002501c058b9$09209c20$46010a0a@sysadmininc.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <002501c058b9$09209c20$46010a0a@sysadmininc.com>; from peter@sysadmin-inc.com on Mon, Nov 27, 2000 at 01:28:50PM -0800
X-Operating-System: FreeBSD lunatic.oneinsane.net 4.1.1-STABLE
X-Moon: The Moon is Waxing Crescent (4% of Full)
X-Opinion: What you read here is my IMHO
X-WWW: http://www.oneinsane.net
X-GPG-FINGERPRINT: 3F11 DB43 F080 C037 96F0 F8D3 5BD2 652B 171C 86DB
X-Uptime: 10:37AM up 29 days, 12:52, 1 user, load averages: 1.12, 1.08, 1.07
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Peter Brezny (peter@sysadmin-inc.com) wrote:
> With all the security problems pine has had lately, what alternative are
> people using, that seems to be secure? ...elm?
>
> TIA
>
There is mutt (/usr/ports/mail/mutt) below is the contents of the
pkg-descr for the port.
Mutt -- "The Mongrel of Mail User Agents" (part Elm, part Pine, part mh,
part slrn, part everything else) is an interactive screen-oriented mailer
program that supersedes Elm, Pine, mail and mailx.
Features include color support, message threading, MIME support (including
RFC1522 support for encoded headers), customizable key bindings, POP3,
Delivery Status Notification (DSN) support, and PGP/MIME.
http://www.oneinsane.net: http://www.mutt.org/
Mutt User Information: http://www.math.fu-berlin.de/~guckes/mutt/
Hope this helps
--
------------------------------------------------------------------------------
Ron Rosson ... and a UNIX user said ...
The InSaNe One rm -rf *
insane@oneinsane.net and all was /dev/null and *void()
------------------------------------------------------------------------------
You're only young once--after that you need another excuse.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 10:47:29 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97])
by hub.freebsd.org (Postfix) with ESMTP id 1B10037B479
for <freebsd-isp@FreeBSD.ORG>; Mon, 27 Nov 2000 10:47:22 -0800 (PST)
Received: from opal.ccmr.cornell.edu (IDENT:0@opal.ccmr.cornell.edu [128.84.231.116])
by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id NAA05627;
Mon, 27 Nov 2000 13:47:11 -0500
Received: from localhost (mitch@localhost)
by opal.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id NAA32705;
Mon, 27 Nov 2000 13:47:09 -0500
X-Authentication-Warning: opal.ccmr.cornell.edu: mitch owned process doing -bs
Date: Mon, 27 Nov 2000 13:47:09 -0500 (EST)
From: Mitch Collinsworth <mitch@ccmr.cornell.edu>
To: Peter Brezny <peter@sysadmin-inc.com>
Cc: freebsd-isp@FreeBSD.ORG
Subject: Re: pine alternative
In-Reply-To: <002501c058b9$09209c20$46010a0a@sysadmininc.com>
Message-ID: <Pine.LNX.4.10.10011271344510.28193-100000@opal.ccmr.cornell.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
> With all the security problems pine has had lately, what alternative are
> people using, that seems to be secure? ...elm?
A lot of our users like mutt which is more or less a follow-on to elm.
The real hackers seem to like either exmh or anything that runs under
emacs.
-Mitch
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 11:38:38 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from ajax1.sovam.com (ajax1.sovam.com [194.67.1.172])
by hub.freebsd.org (Postfix) with ESMTP
id 070D037B4C5; Mon, 27 Nov 2000 11:38:28 -0800 (PST)
Received: from ts8-a150.dial.sovam.com ([195.239.2.150]:1196 "EHLO
ts8-a150.dial.sovam.com" ident: "NO-IDENT-SERVICE[2]" whoson:
"-unregistered-" smtp-auth: <none> TLS-CIPHER: <none> TLS-PEER: <none>)
by ajax1.sovam.com with ESMTP id <S119466AbQK0TiM>;
Mon, 27 Nov 2000 22:38:12 +0300
Date: Mon, 27 Nov 2000 22:37:49 +0300
From: "Vladimir I. Kulakov" <kulakov@kudesniki.ru>
X-Mailer: The Bat! (v1.47 Halloween Edition)
Reply-To: "Vladimir I. Kulakov" <kulakov@kudesniki.ru>
Organization: Kudesniki JSC
X-Priority: 3 (Normal)
Message-ID: <13447397719.20001127223749@kudesniki.ru>
To: freebsd-isp@FreeBSD.ORG, security@FreeBSD.ORG, sean@stat.Duke.EDU
Subject: Re[2]: DOS atack or hardware problem?
In-reply-To: <20001127125635.M45407@stat.Duke.EDU>
References: <NEBBIEGPMLMKDBMMICFNCEKHDIAA.mit@mitayai.net>
<1771564079.20001127122443@futures.msk.ru>
<15940795775.20001127204748@kudesniki.ru> <20001127125635.M45407@stat.Duke.EDU>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hello Sean,
Monday, November 27, 2000, 8:56:35 PM, you wrote:
SOC> Vladimir I. Kulakov stated:
SOC> : Hello Alex,
SOC> :
: ANM>> Friday, November 24, 2000, 11:30:54 AM, you wrote:
: WMKR>>> has this been known to happen with xl0/3Com 3C509TX?
: ANM>> Yes, I saw the effect with 3Com network card and 3Com switch :(.
: ANM>> Without manual configuration it haven't worked properly.
SOC> :
SOC> : How to lock fxp0 to 100BASE/TX half-duplex?
SOC> : There is only an option to set the full-duplex ('mediaopt full-duplex').
SOC> : Is it implied half-duplex by default, of by default it's set to
SOC> : "autodetect"?
SOC> :
SOC> : Thanks
SOC> :
SOC> : --
SOC> : Best regards,
SOC> Vladimir-
SOC> I believe that if you just use:
SOC> media 100baseTX
SOC> it will be in half-duplex mode by default. The mediaopt flag
SOC> is only helpful for full-duplex if you are hardcoding the media.
SOC> The alternative is to try and let the driver autonegotiate--ie,
SOC> do not pass any media/mediaopt flags to ifconfig_fxp0.
Ok. Then how to set the mediaopt to autodetect half/full-duplex, in case
it'l be needed?
Is there an option "half-duplex"?
Or this card can't autodetect half/full duplex?
--
Best regards,
Vladimir mailto:kulakov@kudesniki.ru
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 21:31:29 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from keep.scn.ru (SCN-SibInet.sibinet.ru [213.24.217.138])
by hub.freebsd.org (Postfix) with ESMTP
id A52CD37B4F9; Mon, 27 Nov 2000 21:31:22 -0800 (PST)
Received: from scn.ru (alx.sc.ten [10.0.0.13])
by keep.scn.ru (8.9.3/8.9.3) with ESMTP id MAA14143;
Tue, 28 Nov 2000 12:31:55 +0700 (KRAT)
(envelope-from alx@scn.ru)
Message-ID: <3A23437E.189E8C7B@scn.ru>
Date: Tue, 28 Nov 2000 12:32:46 +0700
From: "Alex N. Zhuravlev" <alx@scn.ru>
Organization: SCT
X-Mailer: Mozilla 4.76 [en] (Win98; U)
X-Accept-Language: ru,en
MIME-Version: 1.0
To: freebsd-questions@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG
Subject: Limiting script memory usage
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hi !
I've recently got a proplem. I am running Apache on FreeBSD and
maintaining virtual web-servers. For each server there is a specific
user, and using apache suexec, cgi cripts are running from those
specific users. One of them got a perl script with memory leak - so
script gets all the memory, than swap and hangs all the host at final.
Here is the question: is there any way to limit resourses via OS
(memory, cpu) for that specific user or group/class of users ?
I've tried to make a group in login.conf:
-------------------------------------------------------------------------
webcl|Web clients:\
:cputime=30m:\
:datasize=8M:\
:stacksize=2M:\
:memorylocked=4M:\
:memoryuse=8M:\
-------------------------------------------------------------------------
and assigning those users to login class webcl. This doesn't help -
again script tooks all the memory. Scripts are running from Apache, so
using nice and limit, I guess, is unappliable.
Maybe somebody has got a solution ???
Answer please direct, cause I am out of freebsd-questions now.
Thanks for any help.
Alex N. Zhuravlev.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 21:54: 6 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from www.i-sphere.com (www.i-sphere.com [207.126.121.224])
by hub.freebsd.org (Postfix) with ESMTP id 339C637B479
for <freebsd-isp@freebsd.org>; Mon, 27 Nov 2000 21:54:04 -0800 (PST)
Received: (from fasty@localhost)
by www.i-sphere.com (8.11.0/8.11.0) id eAS5rBU29451;
Mon, 27 Nov 2000 21:53:11 -0800 (PST)
(envelope-from fasty)
Date: Mon, 27 Nov 2000 21:53:11 -0800
From: faSty <fasty@i-sphere.com>
To: "Alex N. Zhuravlev" <alx@scn.ru>
Cc: freebsd-isp@freebsd.org
Subject: Re: Limiting script memory usage
Message-ID: <20001127215311.I82395@i-sphere.com>
References: <3A23437E.189E8C7B@scn.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <3A23437E.189E8C7B@scn.ru>; from alx@scn.ru on Tue, Nov 28, 2000 at 12:32:46PM +0700
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hi,
the Apache webserver runs on nobody/nobody (uid/gid). try set up on
nobody statement instead webcl.
PS. excuse me Im brand new to this discussion forums :)
-trev
On Tue, Nov 28, 2000 at 12:32:46PM +0700, Alex N. Zhuravlev wrote:
> Hi !
> I've recently got a proplem. I am running Apache on FreeBSD and
> maintaining virtual web-servers. For each server there is a specific
> user, and using apache suexec, cgi cripts are running from those
> specific users. One of them got a perl script with memory leak - so
> script gets all the memory, than swap and hangs all the host at final.
> Here is the question: is there any way to limit resourses via OS
> (memory, cpu) for that specific user or group/class of users ?
> I've tried to make a group in login.conf:
> -------------------------------------------------------------------------
> webcl|Web clients:\
> :cputime=30m:\
> :datasize=8M:\
> :stacksize=2M:\
> :memorylocked=4M:\
> :memoryuse=8M:\
> -------------------------------------------------------------------------
> and assigning those users to login class webcl. This doesn't help -
> again script tooks all the memory. Scripts are running from Apache, so
> using nice and limit, I guess, is unappliable.
>
> Maybe somebody has got a solution ???
>
> Answer please direct, cause I am out of freebsd-questions now.
> Thanks for any help.
>
> Alex N. Zhuravlev.
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 22:43:55 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from velvet.sensation.net.au (serial1-2-velvet-brunswick.sensation.net.au [203.20.114.195])
by hub.freebsd.org (Postfix) with ESMTP id 49F4F37B403
for <freebsd-isp@freebsd.org>; Mon, 27 Nov 2000 22:43:48 -0800 (PST)
Received: from localhost (rowan@localhost)
by velvet.sensation.net.au (8.9.3/8.9.3) with ESMTP id RAA50057
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 17:43:34 +1100 (EST)
(envelope-from rowan@sensation.net.au)
X-Authentication-Warning: velvet.sensation.net.au: rowan owned process doing -bs
Date: Tue, 28 Nov 2000 17:43:32 +1100 (EST)
From: Rowan Crowe <rowan@sensation.net.au>
To: freebsd-isp@freebsd.org
Subject: tcpdump & user-ppp/tunX
Message-ID: <Pine.BSF.4.21.0011281739030.50040-100000@velvet.sensation.net.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hi all,
velvet# tcpdump -qenli tun0
tcpdump: listening on tun0
17:38:47.939979 203.20.114.243.1131 > 203.20.114.197.31488: udp 4
Has anyone else noticed that the -e option (show packet size) in tcpdump
doesn't seem to work for tunX devices? Is this a bug, or not supported by
that device?
Actually, I just checked and a machine running 3.4R doesn't show it on
pppX devices either, yet a 2.2.8R one does... has something major changed
with the ppp/tun device structure, BPF, or tcpdump since 2.2.8R?
Cheers.
--
Rowan Crowe http://www.rowan.sensation.net.au/
Sensation Internet Services http://info.sensation.net.au/
Melbourne, Australia Phone: +61-3-9388-9260
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 22:53:41 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from pericles.IPAustralia.gov.au (pericles.IPAustralia.gov.au [202.14.186.30])
by hub.freebsd.org (Postfix) with ESMTP id 3E4DC37B402
for <freebsd-isp@FreeBSD.ORG>; Mon, 27 Nov 2000 22:53:38 -0800 (PST)
Received: (from smap@localhost)
by pericles.IPAustralia.gov.au (8.9.3/8.9.3) id RAA48285;
Tue, 28 Nov 2000 17:52:44 +1100 (EST)
(envelope-from anwsmh@IPAustralia.Gov.AU)
Received: from disc-4-161.aipo.gov.au(10.0.4.161) by pericles.IPAustralia.gov.au via smap (V2.0)
id xma048278; Tue, 28 Nov 00 17:52:39 +1100
Received: from localhost (anwsmh@localhost)
by stan.aipo.gov.au (8.9.3/8.9.3) with ESMTP id RAA07301;
Tue, 28 Nov 2000 17:52:39 +1100 (EST)
(envelope-from anwsmh@IPAustralia.Gov.AU)
X-Authentication-Warning: stan.aipo.gov.au: anwsmh owned process doing -bs
Date: Tue, 28 Nov 2000 17:52:38 +1100 (EST)
From: Stanley Hopcroft <Stanley.Hopcroft@IPAustralia.Gov.AU>
X-Sender: anwsmh@stan.aipo.gov.au
To: Rowan Crowe <rowan@sensation.net.au>
Cc: freebsd-isp@FreeBSD.ORG
Subject: Re: tcpdump & user-ppp/tunX
In-Reply-To: <Pine.BSF.4.21.0011281739030.50040-100000@velvet.sensation.net.au>
Message-ID: <Pine.BSF.4.21.0011281748160.7010-100000@stan.aipo.gov.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Dear Sir,
> Hi all,
>
> velvet# tcpdump -qenli tun0
> tcpdump: listening on tun0
> 17:38:47.939979 203.20.114.243.1131 > 203.20.114.197.31488: udp 4
>
> Has anyone else noticed that the -e option (show packet size) in tcpdump
> doesn't seem to work for tunX devices? Is this a bug, or not supported by
> that device?
I think that tcpdump does display larger than default packet sizes when
used with a tunX device.
(tcpdump -x -s1500 works fine for me with FreeBSD 4.1-RELEASE and the
Brian Somers patches to make it work with a filter. See PR some time
ago).
I think you will find that the -e switch is the switch to display
ethernet/MAC addresses. I don't know what it does for PPP.
I am using user mode ppp (tunX). I can't comment about kernel mode.
>
> Actually, I just checked and a machine running 3.4R doesn't show it on
> pppX devices either, yet a 2.2.8R one does... has something major changed
> with the ppp/tun device structure, BPF, or tcpdump since 2.2.8R?
>
> Cheers.
>
>
> --
> Rowan Crowe http://www.rowan.sensation.net.au/
> Sensation Internet Services http://info.sensation.net.au/
> Melbourne, Australia Phone: +61-3-9388-9260
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 23: 2:30 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from velvet.sensation.net.au (serial1-2-velvet-brunswick.sensation.net.au [203.20.114.195])
by hub.freebsd.org (Postfix) with ESMTP id A041537B402
for <freebsd-isp@freebsd.org>; Mon, 27 Nov 2000 23:02:21 -0800 (PST)
Received: from localhost (rowan@localhost)
by velvet.sensation.net.au (8.9.3/8.9.3) with ESMTP id SAA50136
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 18:02:13 +1100 (EST)
(envelope-from rowan@sensation.net.au)
X-Authentication-Warning: velvet.sensation.net.au: rowan owned process doing -bs
Date: Tue, 28 Nov 2000 18:02:11 +1100 (EST)
From: Rowan Crowe <rowan@sensation.net.au>
To: freebsd-isp@freebsd.org
Subject: Re: tcpdump & user-ppp/tunX
In-Reply-To: <Pine.BSF.4.21.0011281748160.7010-100000@stan.aipo.gov.au>
Message-ID: <Pine.BSF.4.21.0011281756220.50040-100000@velvet.sensation.net.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Tue, 28 Nov 2000, Stanley Hopcroft wrote:
> > Has anyone else noticed that the -e option (show packet size) in tcpdump
> > doesn't seem to work for tunX devices? Is this a bug, or not supported by
> > that device?
Hello Stanley,
> I think you will find that the -e switch is the switch to display
> ethernet/MAC addresses. I don't know what it does for PPP.
You're spot on, I just checked the man page. I guess it's only "luck" in
the past that meant it showed the size of a PPP packet. Unfortunately,
size of packet is what I need, as well as the basic src/dest info!
I guess I could use -x and count the output bytes, although this
doesn't include the link level header...
Cheers.
--
Rowan Crowe http://www.rowan.sensation.net.au/
Sensation Internet Services http://info.sensation.net.au/
Melbourne, Australia Phone: +61-3-9388-9260
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 23:15: 2 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from misery.sdf.com (misery.sdf.com [204.244.213.49])
by hub.freebsd.org (Postfix) with ESMTP id 017BB37B401
for <freebsd-isp@freebsd.org>; Mon, 27 Nov 2000 23:14:57 -0800 (PST)
Received: from tom (helo=localhost)
by misery.sdf.com with local-esmtp (Exim 2.12 #1)
id 140eI2-0007Qm-00; Mon, 27 Nov 2000 22:30:54 -0800
Date: Mon, 27 Nov 2000 22:30:50 -0800 (PST)
From: Tom Samplonius <tom@sdf.com>
To: faSty <fasty@i-sphere.com>
Cc: "Alex N. Zhuravlev" <alx@scn.ru>, freebsd-isp@freebsd.org
Subject: Re: Limiting script memory usage
In-Reply-To: <20001127215311.I82395@i-sphere.com>
Message-ID: <Pine.BSF.4.05.10011272229280.27922-100000@misery.sdf.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Mon, 27 Nov 2000, faSty wrote:
> Hi,
>
> the Apache webserver runs on nobody/nobody (uid/gid). try set up on
> nobody statement instead webcl.
>
> PS. excuse me Im brand new to this discussion forums :)
> -trev
Not really applicable when suexec is used.
Basically, suexec is not applying the class resource limits when
changing uids. I believe there are patches floating around that do this
(actually the patches that I've seen apply a specific class to all suexec
scripts).
Tom
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 23:17:56 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from pericles.IPAustralia.gov.au (pericles.IPAustralia.gov.au [202.14.186.30])
by hub.freebsd.org (Postfix) with ESMTP id 4B1E737B400
for <FreeBSD-ISP@FreeBSD.ORG>; Mon, 27 Nov 2000 23:17:53 -0800 (PST)
Received: (from smap@localhost)
by pericles.IPAustralia.gov.au (8.9.3/8.9.3) id SAA48829;
Tue, 28 Nov 2000 18:17:15 +1100 (EST)
(envelope-from anwsmh@IPAustralia.Gov.AU)
Received: from disc-4-161.aipo.gov.au(10.0.4.161) by pericles.IPAustralia.gov.au via smap (V2.0)
id xma048826; Tue, 28 Nov 00 18:17:01 +1100
Received: from localhost (anwsmh@localhost)
by stan.aipo.gov.au (8.9.3/8.9.3) with ESMTP id SAA07327;
Tue, 28 Nov 2000 18:17:01 +1100 (EST)
(envelope-from anwsmh@IPAustralia.Gov.AU)
X-Authentication-Warning: stan.aipo.gov.au: anwsmh owned process doing -bs
Date: Tue, 28 Nov 2000 18:17:00 +1100 (EST)
From: Stanley Hopcroft <Stanley.Hopcroft@IPAustralia.Gov.AU>
X-Sender: anwsmh@stan.aipo.gov.au
To: Rowan Crowe <rowan@sensation.net.au>
Cc: FreeBSD-ISP@FreeBSD.ORG
Subject: Re: tcpdump & user-ppp/tunX. Ethereal ?
In-Reply-To: <Pine.BSF.4.21.0011281756220.50040-100000@velvet.sensation.net.au>
Message-ID: <Pine.BSF.4.21.0011281812260.7010-100000@stan.aipo.gov.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Dear Sir,
I am writing to say that ethereal (http://www.zing.org aka
http://www.ethereal.com/) is a very nice seven layer packet decoder
that may be suitable if you need nasty link layer stuff.
There is a FreeBSD port of it, and while for my moneys worth, tcpdump
with ASCII decode patches (he he), is by far and way more convenient
than a relatively sluggish X application, Ethereal decodes almost every
protocol and his dog.
The SMB decode (courtesy Richard Sharp of the Samba team) is
particuarly good.
We have an HP Internet advisor; the Ethereal decode is *much* better.
Thank you.
Yours sincerely,
S Hopcroft
Network Specialist
IP Australia
+61 2 6283 3189
+61 2 6281 1353 FAX
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Mon Nov 27 23:31:43 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from backup.af.speednet.com.au (af.speednet.com.au [202.135.188.244])
by hub.freebsd.org (Postfix) with ESMTP id 171B437B69F
for <freebsd-isp@FreeBSD.ORG>; Mon, 27 Nov 2000 23:31:33 -0800 (PST)
Received: from backup.af.speednet.com.au (backup.af.speednet.com.au [172.22.2.4])
by backup.af.speednet.com.au (8.11.1/8.11.1) with ESMTP id eAS7TaF18720;
Tue, 28 Nov 2000 18:29:37 +1100 (EST)
(envelope-from andyf@speednet.com.au)
Date: Tue, 28 Nov 2000 18:29:36 +1100 (EST)
From: Andy Farkas <andyf@speednet.com.au>
X-Sender: andyf@backup.af.speednet.com.au
To: Tom Samplonius <tom@sdf.com>
Cc: faSty <fasty@i-sphere.com>, "Alex N. Zhuravlev" <alx@scn.ru>,
freebsd-isp@FreeBSD.ORG
Subject: Re: Limiting script memory usage
In-Reply-To: <Pine.BSF.4.05.10011272229280.27922-100000@misery.sdf.com>
Message-ID: <Pine.BSF.4.21.0011281822530.17219-100000@backup.af.speednet.com.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
See PR 13606. I use this and it works fine :-)
ps. its an old patch, so it won't apply cleanly. Let me know if you need
more help....
Also, I use this cgi script to test:
#!/bin/sh
echo Content-type: text/html
echo
echo \<pre\>
limits
On Mon, 27 Nov 2000, Tom Samplonius wrote:
> Not really applicable when suexec is used.
>
> Basically, suexec is not applying the class resource limits when
> changing uids. I believe there are patches floating around that do this
> (actually the patches that I've seen apply a specific class to all suexec
> scripts).
>
> Tom
>
--
:{ andyf@speednet.com.au
Andy Farkas
System Administrator
Speednet Communications
http://www.speednet.com.au/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Tue Nov 28 2:51:23 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.intnet.com.cn (unknown [202.96.192.53])
by hub.freebsd.org (Postfix) with SMTP id BC6C637B401
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 02:51:20 -0800 (PST)
Received: (qmail 38506 invoked from network); 28 Nov 2000 11:44:44 -0000
Received: from unknown (HELO williams.intnet.com.cn) (61.129.102.37)
by npc.haplink.com.cn with SMTP; 28 Nov 2000 11:44:44 -0000
Message-Id: <5.0.0.25.0.20001128185014.009e2190@202.96.192.53>
X-Sender: williams@202.96.192.53 (Unverified)
X-Mailer: QUALCOMM Windows Eudora Version 5.0
Date: Tue, 28 Nov 2000 18:53:05 +0800
To: freebsd-questions@freebsd.org
From: williams wang <williams_wang@intnet.com.cn>
Subject: callback
Cc: freebsd-isp@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
hi,
does anyone know how to setup a callback connection to the isp.
I have done it in the windows easily, it is little harder in Freebsd.
Thanks a lot
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Tue Nov 28 2:58:52 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from apollo2.waverider.net.uk (apollo2.waverider.net.uk [212.105.191.49])
by hub.freebsd.org (Postfix) with ESMTP id 535FB37B402
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 02:58:49 -0800 (PST)
Received: from bugs (bugs.office.waverider.net.uk [212.105.191.50])
by apollo2.waverider.net.uk (8.9.3/8.9.3) with SMTP id KAA21825
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 10:51:21 GMT
From: "Andy Cowan" <andyc@waverider.net.uk>
To: <freebsd-isp@freebsd.org>
Subject: Secondary DNS swap anyone?
Date: Tue, 28 Nov 2000 10:58:44 -0000
Message-ID: <NDBBKECBEEIIPEFNBPBFCEBFCMAA.andyc@waverider.net.uk>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.3018.1300
Importance: Normal
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
I'm looking to arrange a secondary DNS and backup MX swap with someone of a
similar size to ourselves. We host around a thousand zones, increasing at
around 5% per month. I envisage a fairly trivial script to synchronise the
conf files over ssh or something similar, which we'll provide.
Anyone interested?
A.
--
Andy Cowan
Wave Rider Internet Ltd
http://www.waverider.co.uk
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Tue Nov 28 6:37:21 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from tomts8-srv.bellnexxia.net (tomts8.bellnexxia.net [209.226.175.52])
by hub.freebsd.org (Postfix) with ESMTP id B81DA37B400
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 06:37:17 -0800 (PST)
Received: from carotte ([64.229.230.108]) by tomts8-srv.bellnexxia.net
(InterMail vM.4.01.03.00 201-229-121) with ESMTP
id <20001128143717.IEYA27329.tomts8-srv.bellnexxia.net@carotte>
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 09:37:17 -0500
Message-ID: <006e01c05948$ac946e60$bd78fea9@carotte>
From: "Cedric Veilleux" <sales@smashweb.com>
To: <freebsd-isp@freebsd.org>
Subject: Anonymous server
Date: Tue, 28 Nov 2000 09:37:02 -0500
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_006B_01C0591E.C359B120"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
This is a multi-part message in MIME format.
------=_NextPart_000_006B_01C0591E.C359B120
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hi,
We are doing webhosting and we have resellers working for us. We =
need to make the server as most anonymous as possible (We don't want our =
hostname anywhere). The two main places I'd like it to disappear is at =
the first line when you connect in telnet=20
FreeBSD/i386 (smashweb.com) (ttyp0)
and at the prompt "smashweb:/usr/home>"
we use CSH
Thank you for any help,
Cedric Veilleux,
SmashWeb
------=_NextPart_000_006B_01C0591E.C359B120
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.2314.1000" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hi,</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2> We are doing =
webhosting and we=20
have resellers working for us. We need to make the server as most =
anonymous as=20
possible (We don't want our hostname anywhere). The two main places I'd =
like it=20
to disappear is at the first line when you connect in telnet =
</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>FreeBSD/i386 (smashweb.com) =
(ttyp0)</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>and at the prompt=20
"smashweb:/usr/home>"</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>we use CSH</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Thank you for any help,</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Cedric Veilleux,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>SmashWeb</FONT></DIV></BODY></HTML>
------=_NextPart_000_006B_01C0591E.C359B120--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Tue Nov 28 7:41: 8 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from anaconda.acceleratedweb.net (anaconda.acceleratedweb.net [209.51.164.130])
by hub.freebsd.org (Postfix) with SMTP id AB2DE37B400
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 07:41:05 -0800 (PST)
Received: (qmail 44853 invoked by uid 106); 28 Nov 2000 15:45:07 -0000
Received: from adsl-151-202-94-118.nyc.adsl.bellatlantic.net (HELO sharky) (151.202.94.118)
by anaconda.acceleratedweb.net with SMTP; 28 Nov 2000 15:45:07 -0000
From: "Simon" <simon@optinet.com>
To: "Cedric Veilleux" <sales@smashweb.com>,
"freebsd-isp@freebsd.org" <freebsd-isp@freebsd.org>
Date: Tue, 28 Nov 2000 10:45:02 -0500
Reply-To: "Simon" <simon@optinet.com>
X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 2000 (5.0.2195)
In-Reply-To: <006e01c05948$ac946e60$bd78fea9@carotte>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="_=_=_=IMA.BOUNDARY.HTML_4963648=_=_=_"
Subject: Re: Anonymous server
Message-Id: <20001128154105.AB2DE37B400@hub.freebsd.org>
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
--_=_=_=IMA.BOUNDARY.HTML_4963648=_=_=_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Hi,
Edit your /etc/gettytab for the first one and /etc/profile to change the prompt
-Simon
--Original Message Text---
From: Cedric Veilleux
Date: Tue, 28 Nov 2000 09:37:02 -0500
Hi,
We are doing webhosting and we have resellers working for us. We need to make the server as
most anonymous as possible (We don't want our hostname anywhere). The two main places I'd
like it to disappear is at the first line when you connect in telnet
FreeBSD/i386 (smashweb.com) (ttyp0)
and at the prompt "smashweb:/usr/home>"
we use CSH
Thank you for any help,
Cedric Veilleux,
SmashWeb
--_=_=_=IMA.BOUNDARY.HTML_4963648=_=_=_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: 7bit
<HTML>
<FONT FACE="MS Shell Dlg" DEFAULT="FACE"><FONT SIZE="1" POINTSIZE="8" DEFAULT="SIZE">Hi,<BR>
<BR>
Edit your /etc/gettytab for the first one and /etc/profile to change the prompt<BR>
<BR>
-Simon<BR>
<BR>
--Original Message Text---<BR>
<B>From:</B> Cedric Veilleux<BR>
<B>Date:</B> Tue, 28 Nov 2000 09:37:02 -0500<BR>
<BR>
<FONT FACE="Arial"><FONT SIZE="2" POINTSIZE="10">Hi,<FONT FACE="MS Shell Dlg" DEFAULT="FACE"><FONT SIZE="1" POINTSIZE="8" DEFAULT="SIZE"><BR>
<BR>
<FONT FACE="Arial"><FONT SIZE="2" POINTSIZE="10"> We are doing webhosting and we have resellers working for us. We need to make the server as most anonymous as possible (We don't want our hostname anywhere). The two main places I'd like it to disappear is at the first line when you connect in telnet <FONT FACE="MS Shell Dlg" DEFAULT="FACE"><FONT SIZE="1" POINTSIZE="8" DEFAULT="SIZE"><BR>
<FONT FACE="Arial"><FONT SIZE="2" POINTSIZE="10">FreeBSD/i386 (smashweb.com) (ttyp0)<FONT FACE="MS Shell Dlg" DEFAULT="FACE"><FONT SIZE="1" POINTSIZE="8" DEFAULT="SIZE"><BR>
<BR>
<FONT FACE="Arial"><FONT SIZE="2" POINTSIZE="10">and at the prompt "smashweb:/usr/home>"<FONT FACE="MS Shell Dlg" DEFAULT="FACE"><FONT SIZE="1" POINTSIZE="8" DEFAULT="SIZE"><BR>
<FONT FACE="Arial"><FONT SIZE="2" POINTSIZE="10">we use CSH<FONT FACE="MS Shell Dlg" DEFAULT="FACE"><FONT SIZE="1" POINTSIZE="8" DEFAULT="SIZE"><BR>
<BR>
<FONT FACE="Arial"><FONT SIZE="2" POINTSIZE="10">Thank you for any help,<FONT FACE="MS Shell Dlg" DEFAULT="FACE"><FONT SIZE="1" POINTSIZE="8" DEFAULT="SIZE"><BR>
<BR>
<FONT FACE="Arial"><FONT SIZE="2" POINTSIZE="10">Cedric Veilleux,<FONT FACE="MS Shell Dlg" DEFAULT="FACE"><FONT SIZE="1" POINTSIZE="8" DEFAULT="SIZE"><BR>
<FONT FACE="Arial"><FONT SIZE="2" POINTSIZE="10">SmashWeb<FONT FACE="MS Shell Dlg" DEFAULT="FACE"><FONT SIZE="1" POINTSIZE="8" DEFAULT="SIZE"><BR>
<BR>
<BR>
</HTML>
--_=_=_=IMA.BOUNDARY.HTML_4963648=_=_=_--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Tue Nov 28 8:34:36 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from flux.c-zone.net (flux.c-zone.net [216.190.4.216])
by hub.freebsd.org (Postfix) with ESMTP id A7C4F37B400
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 08:34:34 -0800 (PST)
Received: from localhost (bdan@localhost)
by flux.c-zone.net (8.11.1/8.11.1) with ESMTP id eASGYX448303
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 08:34:33 -0800 (PST)
Date: Tue, 28 Nov 2000 08:34:33 -0800 (PST)
From: Dan Babb <bdan@c-zone.net>
To: freebsd-isp@freebsd.org
Message-ID: <Pine.BSF.4.21.0011280834220.48292-100000@flux.c-zone.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
subscribe
- Dan
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Tue Nov 28 8:39:24 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from flux.c-zone.net (flux.c-zone.net [216.190.4.216])
by hub.freebsd.org (Postfix) with ESMTP id A907B37B400
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 08:39:20 -0800 (PST)
Received: from localhost (bdan@localhost)
by flux.c-zone.net (8.11.1/8.11.1) with ESMTP id eASGdK348677
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 08:39:20 -0800 (PST)
Date: Tue, 28 Nov 2000 08:39:20 -0800 (PST)
From: Dan Babb <bdan@c-zone.net>
To: freebsd-isp@freebsd.org
Subject: sendmail 8.11.1 and cyrus sasl
Message-ID: <Pine.BSF.4.21.0011280838040.48594-100000@flux.c-zone.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
i had sent this in under freebsd-questions orginally and also to the
comp.mail.sendmail group under the post (ld link error) but maybe this
will catch some more eyes and since i do work for an isp i thought i'd
give it a shot here since its isp-related.
current software and o/s
FreeBSD 4.2-STABLE
sendmail 8.11.1
cyrus-sasl 1.5.24_4
libtool-1.3.4_1
m4-1.4
db3-3.1.17
autoconf-2.13
automake-1.4
here is what my site.config.m4 looks like with the added cyrus sasl taken
from http://www.sendmail.org/~ca/email/auth.html
APPENDDEF(`confENVDEF', `-DSASL')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl')
APPENDDEF(`confLIBDIRS', `-L/usr/local/lib/sasl')
APPENDDEF(`confINCDIRS', `-I/usr/local/include/')
i've had a problem trying to configure sendmail with cyrus sasl .. i've
tried installing two ways.
one from the ports and modifying the ports site.config.m4 before building
so i can add the paths to find cyrus-sasl
or i manually configure and install sendmail and cyrus sasl. no matter
which i do i always end up with this error:
root@vacant:// cd /usr/ports/mail/sendmail/
root@vacant:// make build
===> Building for sendmail-8.11.1
Making all in:
/usr/ports/mail/sendmail/work/sendmail-8.11.1/libsmutil
Configuration: pfx=, os=FreeBSD, rel=4.2-STABLE, rbase=4,
rroot=4.2-STABLE, arch=i386, sfx=, variant=optimized
Making in ../obj.FreeBSD.4.2-STABLE.i386/libsmutil
Making all in:
/usr/ports/mail/sendmail/work/sendmail-8.11.1/libsmdb
Configuration: pfx=, os=FreeBSD, rel=4.2-STABLE, rbase=4,
rroot=4.2-STABLE, arch=i386, sfx=, variant=optimized
Making in ../obj.FreeBSD.4.2-STABLE.i386/libsmdb
Making all in:
/usr/ports/mail/sendmail/work/sendmail-8.11.1/sendmail
Configuration: pfx=, os=FreeBSD, rel=4.2-STABLE, rbase=4,
rroot=4.2-STABLE, arch=i386, sfx=, variant=optimized
Making in ../obj.FreeBSD.4.2-STABLE.i386/sendmail
cc -o sendmail -L/usr/local/lib/sasl main.o alias.o arpadate.o bf_torek.o
clock.o collect.o conf.o control.o convtime.o daemon.o deliver.o domain.o
envelope.o err.o headers.o macro.o map.o mci.o milter.o mime.o parseaddr.o
queue.o readcf.o recipient.o savemail.o sfsasl.o shmticklib.o srvrsmtp.o
stab.o stats.o sysexits.o timers.o trace.o udb.o usersmtp.o util.o
version.o -lsasl ../libsmutil/libsmutil.a -lutil
/usr/libexec/elf/ld: cannot find -lsasl
*** Error code 1
Stop in
/usr/ports/mail/sendmail/work/sendmail-8.11.1/obj.FreeBSD.4.2-STABLE.i386/sendmail.
*** Error code 1
Stop in /usr/ports/mail/sendmail/work/sendmail-8.11.1.
*** Error code 1
Stop in /usr/ports/mail/sendmail.
*** Error code 1
Stop in /usr/ports/mail/sendmail.
*** Error code 1
Stop in /usr/ports/mail/sendmail.
i basically don't understand why its saying it can't find lsasl .. i ran
the command
/sbin/ldconfig -elf -m /usr/local/lib
it should have updated that so it knows that sasl is there.
anyway i'm stuck .. any help would be appreicated.
- Dan
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Tue Nov 28 8:50:57 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from christel.heitec.net (christel.heitec.net [193.101.232.3])
by hub.freebsd.org (Postfix) with ESMTP id 287EA37B401
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 08:50:55 -0800 (PST)
Received: from tashi.admin.er.heitec.net (paladin.heitec.net [193.101.232.30])
by christel.heitec.net (Postfix) with ESMTP id 548E4354813
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 17:56:43 +0100 (CET)
Received: by tashi.admin.er.heitec.net (Postfix, from userid 1000)
id 7DE9A1DE6; Tue, 28 Nov 2000 17:51:39 +0100 (CET)
Date: Tue, 28 Nov 2000 17:51:39 +0100
To: freebsd-isp@freebsd.org
Subject: Re: Anonymous server
Message-ID: <20001128175139.E12020@heitec.net>
Mail-Followup-To: freebsd-isp@freebsd.org
References: <006e01c05948$ac946e60$bd78fea9@carotte>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <006e01c05948$ac946e60$bd78fea9@carotte>; from sales@smashweb.com on Tue, Nov 28, 2000 at 09:37:02 -0500
Organization: Heitec AG
From: lenz@heitec.net (Lenz Gschwendtner)
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hi Cedric,
On Tue, 28 Nov 2000, Cedric Veilleux wrote:
> Hi,
>
> We are doing webhosting and we have resellers working for us. We need to make the server as most anonymous as possible (We don't want our hostname anywhere). The two main places I'd like it to disappear is at the first line when you connect in telnet
> FreeBSD/i386 (smashweb.com) (ttyp0)
for me an entry in /etc/inetd.conf like this works fine
telnet stream tcp nowait root /usr/libexec/telnetd telnetd -h
the output is then only:
Escape character is '^]'.
login:
cheers
lenz
--
(__) eat penguins instead, they start to
(++)-----i\ spread around anyway!
~~| BSE | *
|_|~|_| FreeBSD Systemadministrator
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Tue Nov 28 9:56:56 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from gifw.genroco.com (genroco.com [205.254.195.202])
by hub.freebsd.org (Postfix) with ESMTP id CCEAF37B400
for <freebsd-isp@FreeBSD.ORG>; Tue, 28 Nov 2000 09:56:49 -0800 (PST)
Received: from gi2.genroco.com (IDENT:root@gi2.genroco.com [192.133.120.3])
by gifw.genroco.com (8.9.3/8.9.3) with ESMTP id LAA18386;
Tue, 28 Nov 2000 11:56:44 -0600
Received: from scot.genroco.com (scot.genroco.com [192.133.120.125])
by gi2.genroco.com (8.9.3/8.9.3) with SMTP id LAA04677;
Tue, 28 Nov 2000 11:56:33 -0600
Message-ID: <013c01c05964$91916340$7d7885c0@genroco.com>
From: "Scot W. Hetzel" <hetzels@westbend.net>
To: "Alex N. Zhuravlev" <alx@scn.ru>
Cc: <freebsd-isp@FreeBSD.ORG>
References: <Pine.BSF.4.05.10011272229280.27922-100000@misery.sdf.com>
Subject: Re: Limiting script memory usage
Date: Tue, 28 Nov 2000 11:56:31 -0600
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2919.6600
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
From: "Tom Samplonius" <tom@sdf.com>
> On Mon, 27 Nov 2000, faSty wrote:
> > the Apache webserver runs on nobody/nobody (uid/gid). try set up on
> > nobody statement instead webcl.
> >
> > PS. excuse me Im brand new to this discussion forums :)
> > -trev
>
> Not really applicable when suexec is used.
>
> Basically, suexec is not applying the class resource limits when
> changing uids. I believe there are patches floating around that do this
> (actually the patches that I've seen apply a specific class to all suexec
> scripts).
>
The apache13-fp port's suexec uses the logincap database to limit resources
based on the logincap entry for the user. see patch-fd & patch-fe.
Scot
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Tue Nov 28 10:21: 4 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from gifw.genroco.com (genroco.com [205.254.195.202])
by hub.freebsd.org (Postfix) with ESMTP id A5C7637B400
for <freebsd-isp@FreeBSD.ORG>; Tue, 28 Nov 2000 10:20:46 -0800 (PST)
Received: from gi2.genroco.com (IDENT:root@gi2.genroco.com [192.133.120.3])
by gifw.genroco.com (8.9.3/8.9.3) with ESMTP id MAA18466;
Tue, 28 Nov 2000 12:20:43 -0600
Received: from scot.genroco.com (scot.genroco.com [192.133.120.125])
by gi2.genroco.com (8.9.3/8.9.3) with SMTP id MAA04782;
Tue, 28 Nov 2000 12:20:35 -0600
Message-ID: <016101c05967$eafb1180$7d7885c0@genroco.com>
From: "Scot W. Hetzel" <hetzels@westbend.net>
To: "Dan Babb" <bdan@c-zone.net>, <freebsd-isp@FreeBSD.ORG>
References: <Pine.BSF.4.21.0011280838040.48594-100000@flux.c-zone.net>
Subject: Re: sendmail 8.11.1 and cyrus sasl
Date: Tue, 28 Nov 2000 12:19:40 -0600
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2919.6600
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
From: "Dan Babb" <bdan@c-zone.net>
>
> i had sent this in under freebsd-questions orginally and also to the
> comp.mail.sendmail group under the post (ld link error) but maybe this
> will catch some more eyes and since i do work for an isp i thought i'd
> give it a shot here since its isp-related.
>
> current software and o/s
>
> FreeBSD 4.2-STABLE
> sendmail 8.11.1
> cyrus-sasl 1.5.24_4
> libtool-1.3.4_1
> m4-1.4
> db3-3.1.17
> autoconf-2.13
> automake-1.4
>
> here is what my site.config.m4 looks like with the added cyrus sasl taken
> from http://www.sendmail.org/~ca/email/auth.html
>
> APPENDDEF(`confENVDEF', `-DSASL')
> APPENDDEF(`conf_sendmail_LIBS', `-lsasl')
> APPENDDEF(`confLIBDIRS', `-L/usr/local/lib/sasl')
> APPENDDEF(`confINCDIRS', `-I/usr/local/include/')
This should be:
APPENDDEF(`confENVDEF', `-DSASL -D_FFR_UNSAFE_SASL')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl')
APPENDDEF(`confLIBDIRS', `-L/usr/local/lib')
APPENDDEF(`confINCDIRS', `-I/usr/local/include/sasl')
>
> i've had a problem trying to configure sendmail with cyrus sasl .. i've
> tried installing two ways.
>
> one from the ports and modifying the ports site.config.m4 before building
> so i can add the paths to find cyrus-sasl
>
> or i manually configure and install sendmail and cyrus sasl. no matter
> which i do i always end up with this error:
>
Have you tried enabling SASL with Sendmail 8.11.1 included in FreeBSD 4.2
sources?
First CVSUP your FreeBSD 4.2 sources to the latest, and then use the
following updated instructions to Sendmail.README (security/cyrus-sasl):
1) Add the following to /etc/make.conf:
# Add SMTP AUTH support to Sendmail
SENDMAIL_CFLAGS+= -I/usr/local/include/sasl -DSASL -D_FFR_UNSAFE_SASL
SENDMAIL_LDFLAGS+= -L/usr/local/lib
SENDMAIL_LDADD+= -lsasl
2) Rebuild FreeBSD (make buildworld, ...)
3) Create /usr/local/lib/sasl/Sendmail.conf with the following.
pwcheck_method: pwcheck
NOTE: security/cyrus-sasl port does this for you.
4) Add the following to your sendmail.mc file:
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl
define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl
define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl
----
You may also add LOGIN, PLAIN, GSSAPI, KERBEROS_V4 to TRUST_AUTH_MECH
and confAUTH_MECHANISMS (space seperated list). You may want to restrict
LOGIN, and PLAIN authentication methods for use with STARTTLS only as the
password is not encrypted when passed to sendmail.
LOGIN is required for Outlook Express users. "My server requires
authentication" needs to be checked in the accounts properties to
use SASL Authentication.
PLAIN is required for Netscape Communicator users. By default Netscape
Communicator will use SASL Authentication when sendmail is compiled with
SASL.
The DONT_BLAME_SENDMAIL option GroupReadableSASLFile is needed when you
are using cyrus-imapd and sendmail on the same server that requires
access
to the sasldb database. Otherwise you could chown root the sasldb file.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Tue Nov 28 17:43:46 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.intnet.com.cn (unknown [202.96.192.53])
by hub.freebsd.org (Postfix) with SMTP id E276537B401
for <freebsd-isp@freebsd.org>; Tue, 28 Nov 2000 17:43:42 -0800 (PST)
Received: (qmail 9810 invoked from network); 29 Nov 2000 02:37:04 -0000
Received: from unknown (HELO williams.intnet.com.cn) (61.129.102.51)
by npc.haplink.com.cn with SMTP; 29 Nov 2000 02:37:04 -0000
Message-Id: <5.0.0.25.0.20001129090122.009d5680@202.96.192.53>
X-Sender: williams@202.96.192.53 (Unverified)
X-Mailer: QUALCOMM Windows Eudora Version 5.0
Date: Wed, 29 Nov 2000 09:45:15 +0800
To: freebsd-isp@freebsd.org, freebsd-questions@freebsd.org
From: williams wang <williams_wang@intnet.com.cn>
Subject: RE:Callback
Cc: laa@laa.zp.ua
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
I have done something like this,
set callback cbcp
set cbcp 12345678
the network access server know it is a cbcp call,and it call back to my
freebsd, but the freebsd do not answer it.
Is it necessary to set up a ppp server to answer the incoming call?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Tue Nov 28 17:53:32 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173])
by hub.freebsd.org (Postfix) with ESMTP
id 7859537B400; Tue, 28 Nov 2000 17:53:23 -0800 (PST)
Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12])
by Awfulhak.org (8.11.1/8.11.1) with ESMTP id eAT1oL805592;
Wed, 29 Nov 2000 01:50:21 GMT
(envelope-from brian@hak.lan.Awfulhak.org)
Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1])
by hak.lan.Awfulhak.org (8.11.1/8.11.1) with ESMTP id eAT1qgD35945;
Wed, 29 Nov 2000 01:52:42 GMT
(envelope-from brian@hak.lan.Awfulhak.org)
Message-Id: <200011290152.eAT1qgD35945@hak.lan.Awfulhak.org>
X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4
To: williams wang <williams_wang@intnet.com.cn>
Cc: freebsd-isp@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG,
laa@laa.zp.ua, brian@Awfulhak.org
Subject: Re: Callback
In-Reply-To: Message from williams wang <williams_wang@intnet.com.cn>
of "Wed, 29 Nov 2000 09:45:15 +0800." <5.0.0.25.0.20001129090122.009d5680@202.96.192.53>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 29 Nov 2000 01:52:42 +0000
From: Brian Somers <brian@Awfulhak.org>
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
> I have done something like this,
>
> set callback cbcp
> set cbcp 12345678
>
> the network access server know it is a cbcp call,and it call back to my
> freebsd, but the freebsd do not answer it.
> Is it necessary to set up a ppp server to answer the incoming call?
Yes, 'fraid so.
--
Brian <brian@Awfulhak.org> <brian@[uk.]FreeBSD.org>
<http://www.Awfulhak.org> <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 4:38: 7 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from colossus.invictanet.co.uk (colossus.invictanet.co.uk [62.232.18.118])
by hub.freebsd.org (Postfix) with ESMTP id 3FE4E37B400
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 04:38:02 -0800 (PST)
Received: from harryhome (modem392.netkonect.net [194.164.14.138])
by colossus.invictanet.co.uk (8.9.3/8.9.3) with SMTP id MAA20919;
Wed, 29 Nov 2000 12:37:59 GMT
From: "InvictaNet Customer Support" <support@invictanet.co.uk>
To: "Freebsd-ISP" <freebsd-isp@FreeBSD.ORG>
Cc: "Scot W. Hetzel" <hetzels@westbend.net>
Subject: RE: sendmail 8.11.1 and cyrus sasl
Date: Wed, 29 Nov 2000 12:37:56 -0000
Message-ID: <NDBBKODAOKAJLGIOGBIAEEBKDBAA.support@invictanet.co.uk>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
Importance: Normal
In-Reply-To: <016101c05967$eafb1180$7d7885c0@genroco.com>
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
I've done all this (apart from the make world at the bottom) but still get
relaying denied. I run FreeBSD 3.4 and Sendmail 8.11.1, I really do need to
get SMTP AUTH running, can anyone offer any suggestions of where to look.
Martyn Routley
-----------------------------------------------------
InvictaNet - The Internet in Plain English, Guaranteed
http://www.invictanet.co.uk
mailto:info@invictanet.co.uk
phone: 0870 7402252
fax: +44 (0)1233 334001
------------------------------------------------------
-----Original Message-----
From: owner-freebsd-isp@FreeBSD.ORG
[mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Scot W. Hetzel
Sent: Tuesday, November 28, 2000 6:20 PM
To: Dan Babb; freebsd-isp@FreeBSD.ORG
Subject: Re: sendmail 8.11.1 and cyrus sasl
From: "Dan Babb" <bdan@c-zone.net>
>
> i had sent this in under freebsd-questions orginally and also to the
> comp.mail.sendmail group under the post (ld link error) but maybe this
> will catch some more eyes and since i do work for an isp i thought i'd
> give it a shot here since its isp-related.
>
> current software and o/s
>
> FreeBSD 4.2-STABLE
> sendmail 8.11.1
> cyrus-sasl 1.5.24_4
> libtool-1.3.4_1
> m4-1.4
> db3-3.1.17
> autoconf-2.13
> automake-1.4
>
> here is what my site.config.m4 looks like with the added cyrus sasl taken
> from http://www.sendmail.org/~ca/email/auth.html
>
> APPENDDEF(`confENVDEF', `-DSASL')
> APPENDDEF(`conf_sendmail_LIBS', `-lsasl')
> APPENDDEF(`confLIBDIRS', `-L/usr/local/lib/sasl')
> APPENDDEF(`confINCDIRS', `-I/usr/local/include/')
This should be:
APPENDDEF(`confENVDEF', `-DSASL -D_FFR_UNSAFE_SASL')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl')
APPENDDEF(`confLIBDIRS', `-L/usr/local/lib')
APPENDDEF(`confINCDIRS', `-I/usr/local/include/sasl')
>
> i've had a problem trying to configure sendmail with cyrus sasl .. i've
> tried installing two ways.
>
> one from the ports and modifying the ports site.config.m4 before building
> so i can add the paths to find cyrus-sasl
>
> or i manually configure and install sendmail and cyrus sasl. no matter
> which i do i always end up with this error:
>
Have you tried enabling SASL with Sendmail 8.11.1 included in FreeBSD 4.2
sources?
First CVSUP your FreeBSD 4.2 sources to the latest, and then use the
following updated instructions to Sendmail.README (security/cyrus-sasl):
1) Add the following to /etc/make.conf:
# Add SMTP AUTH support to Sendmail
SENDMAIL_CFLAGS+= -I/usr/local/include/sasl -DSASL -D_FFR_UNSAFE_SASL
SENDMAIL_LDFLAGS+= -L/usr/local/lib
SENDMAIL_LDADD+= -lsasl
2) Rebuild FreeBSD (make buildworld, ...)
3) Create /usr/local/lib/sasl/Sendmail.conf with the following.
pwcheck_method: pwcheck
NOTE: security/cyrus-sasl port does this for you.
4) Add the following to your sendmail.mc file:
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl
define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl
define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl
----
You may also add LOGIN, PLAIN, GSSAPI, KERBEROS_V4 to TRUST_AUTH_MECH
and confAUTH_MECHANISMS (space seperated list). You may want to restrict
LOGIN, and PLAIN authentication methods for use with STARTTLS only as the
password is not encrypted when passed to sendmail.
LOGIN is required for Outlook Express users. "My server requires
authentication" needs to be checked in the accounts properties to
use SASL Authentication.
PLAIN is required for Netscape Communicator users. By default Netscape
Communicator will use SASL Authentication when sendmail is compiled with
SASL.
The DONT_BLAME_SENDMAIL option GroupReadableSASLFile is needed when you
are using cyrus-imapd and sendmail on the same server that requires
access
to the sasldb database. Otherwise you could chown root the sasldb file.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 4:53:24 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from ns1.i-p-d.nl (ns1.i-p-d.nl [208.239.240.129])
by hub.freebsd.org (Postfix) with ESMTP id 9B86937B401
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 04:53:20 -0800 (PST)
Received: from danny (xs02-056.support.nl [195.114.229.56])
by ns1.i-p-d.nl (8.9.3/8.9.3) with ESMTP id NAA05668
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 13:49:29 +0100 (CET)
(envelope-from danny@i-p-d.nl)
From: danny@i-p-d.nl
To: freebsd-isp@FreeBSD.ORG
Date: Wed, 29 Nov 2000 13:52:16 +0100
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Subject: Drive Copy
Message-ID: <3A250A10.23020.10C9A34@localhost>
X-mailer: Pegasus Mail for Win32 (v3.12c)
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
I am having a problem with copying a complete harddisk to another
one.
I have a running freebsd 4.1 machine, which harddisk I want to
replace with another. I want to copy the harddisk, so that I can put
the new harddisk in and continue working instantly without having
to reinstall all the programs.
I have tried some programs like Norton Ghost and Powerquest
Drive Image, but neither will work. Ghost doesn't recognize Freebsd-
partitions and Drive Image doesn't copy it in the right way. I can't
boot and cannot change the partition to get it booting.
Does anyone know a good program to really copy the harddisk 1-
on-1?
I am planning to try Powerquest Drive Copy, but I am unsure if that
will work.
Thanx for any help!
Met vriendelijke groeten,
Danny Zwegers
Unix SysAdmin (Spec:Domains)
IPD Hosting & Design BV
------------------- WWW Hosting ---------------------
http://www.i-p-d.nl Tel: 0165-571675
http://www.ipdhosting.com Fax: 0165-571710
http://www.domeinhosting.com Email: danny@i-p-d.nl
http://www.secure.nl
------------------- WWW Design ---------------------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 5:27:23 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from christel.heitec.net (christel.heitec.net [193.101.232.3])
by hub.freebsd.org (Postfix) with ESMTP id 28C5D37B400
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 05:27:21 -0800 (PST)
Received: from tashi.admin.er.heitec.net (paladin.heitec.net [193.101.232.30])
by christel.heitec.net (Postfix) with ESMTP id 314AA354813
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 14:33:15 +0100 (CET)
Received: by tashi.admin.er.heitec.net (Postfix, from userid 1000)
id 249E21DE6; Wed, 29 Nov 2000 14:28:09 +0100 (CET)
Date: Wed, 29 Nov 2000 14:28:09 +0100
To: freebsd-isp@FreeBSD.ORG
Subject: Re: Drive Copy
Message-ID: <20001129142809.H12020@heitec.net>
Mail-Followup-To: freebsd-isp@FreeBSD.ORG
References: <3A250A10.23020.10C9A34@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <3A250A10.23020.10C9A34@localhost>; from danny@i-p-d.nl on Wed, Nov 29, 2000 at 13:52:16 +0100
Organization: Heitec AG
From: lenz@heitec.net (Lenz Gschwendtner)
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hi danny,
On Wed, 29 Nov 2000, danny@i-p-d.nl wrote:
> I am having a problem with copying a complete harddisk to another
> one.
>
try dd. man dd will tell you how to use it
lenz
--
(__) eat penguins instead, they start to
(++)-----i\ spread around anyway!
~~| BSE | *
|_|~|_| FreeBSD Systemadministrator
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 5:34:24 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.mclink.it (net128-053.mclink.it [195.110.128.53])
by hub.freebsd.org (Postfix) with ESMTP id DC08237B400
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 05:34:20 -0800 (PST)
Received: from net144-218.mclink.it (net144-218.mclink.it [195.110.144.218])
by mail.mclink.it (8.9.3/8.9.0) with ESMTP id OAA09987;
Wed, 29 Nov 2000 14:33:55 +0100 (CET)
Date: Wed, 29 Nov 2000 14:27:12 +0100
From: Massimo Fubini <supermax@aexis-telecom.it>
X-Mailer: telnet host 25
X-Priority: 3 (Normal)
Message-ID: <767440343.20001129142712@aexis-telecom.it>
To: danny@i-p-d.nl
Cc: freebsd-isp@FreeBSD.ORG
Subject: Re: Drive Copy
In-reply-To: <3A250A10.23020.10C9A34@localhost>
References: <3A250A10.23020.10C9A34@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hello danny,
First I have to warn you I am new to freebsd, but know other unices, and
I think on freebsd it is like in the other unices.
Wednesday, November 29, 2000, 1:52:16 PM, you wrote:
dipdn> I am having a problem with copying a complete harddisk to another
dipdn> one.
Don't buy strange program, that do stuff without telling you exactly
what they do.
Use dd. For more information man dd.
For example if you want to copy a single partition you do:
dd if=/dev/origin_partiton of=/dev/destination_part
It is easy and powerful.
--
Best regards,
Massimo
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 7:38:42 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from bsdie.rwsystems.net (bsdie.rwsystems.net [209.197.223.2])
by hub.freebsd.org (Postfix) with ESMTP id 13A9437B401
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 07:38:40 -0800 (PST)
Received: from bsdie.rwsystems.net([209.197.223.2]) (2204 bytes) by bsdie.rwsystems.net
via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp
(sender: <jwyatt@rwsystems.net>)
id <m1419J1-000CCTC@bsdie.rwsystems.net>
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 09:37:59 -0600 (CST)
(Smail-3.2.0.111 2000-Feb-17 #1 built 2000-Jun-25)
Date: Wed, 29 Nov 2000 09:37:59 -0600 (CST)
From: James Wyatt <jwyatt@rwsystems.net>
To: Massimo Fubini <supermax@aexis-telecom.it>
Cc: danny@i-p-d.nl, freebsd-isp@FreeBSD.ORG
Subject: Re: Drive Copy
In-Reply-To: <767440343.20001129142712@aexis-telecom.it>
Message-ID: <Pine.BSF.4.10.10011290844500.13585-100000@bsdie.rwsystems.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Wed, 29 Nov 2000, Massimo Fubini wrote:
> Use dd. For more information man dd.
> For example if you want to copy a single partition you do:
> dd if=/dev/origin_partiton of=/dev/destination_part
>
> It is easy and powerful.
And incomplete. I know you can connect the drive, boot, and use the
/stand/sysinstall utility to carve the drive up into partitions for
filesystems and swap areas. If you want, it can newfs partitions so you
can mount the new partitions and user tar/cpio to transfer files. What do
you do to init the swap and set the boot sector/MBR stuff?
While this stuff is fairly "simple" in that it requires just a few steps,
it is pretty arcane to many folks, especially new unix admins. The risk of
toasting your "real" drive is very nonzero as well. Since new drives are
almost always larger, just dd-ing things is wasteful. Using dd requires
that you understand the various disk devices fairly well too.
This stuff is easy for many folks on this list, but not so obvious to the
original poster. I'm sure we can get together and help him (and other
lurkers) more than a "RTFM for dd, and it's easy". I've included a few of
the other steps (sysinstall) above, but don't have all the answers. Can
someone point to more information or reply to the list with more detailed
steps and techniques?
I've usually had to install FreeBSD (usually a newer version) onto the new
drive, hand-build the devs (MAKEDEV or *careful* use of sysinstall), redo
local changes and rebuild ports, and tar/cpio-transfer data files. - Jy@
btw: Even dd is usually somewhat faster with a 'bs=100k' or so.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 7:45:45 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from lunatic.oneinsane.net (lunatic.oneinsane.net [207.113.133.231])
by hub.freebsd.org (Postfix) with ESMTP id 721D437B400
for <freebsd-isp@freebsd.org>; Wed, 29 Nov 2000 07:45:41 -0800 (PST)
Received: by lunatic.oneinsane.net (Postfix, from userid 1000)
id C358415551; Wed, 29 Nov 2000 07:45:40 -0800 (PST)
Date: Wed, 29 Nov 2000 07:45:40 -0800
From: Ron 'The InSaNe One' Rosson <insane@lunatic.oneinsane.net>
To: freebsd-isp@freebsd.org
Subject: Re: Drive Copy
Message-ID: <20001129074540.A33079@lunatic.oneinsane.net>
Reply-To: Ron Rosson <insane@lunatic.oneinsane.net>
Mail-Followup-To: freebsd-isp@freebsd.org
References: <767440343.20001129142712@aexis-telecom.it> <Pine.BSF.4.10.10011290844500.13585-100000@bsdie.rwsystems.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.BSF.4.10.10011290844500.13585-100000@bsdie.rwsystems.net>; from jwyatt@rwsystems.net on Wed, Nov 29, 2000 at 09:37:59AM -0600
X-Operating-System: FreeBSD lunatic.oneinsane.net 4.1.1-STABLE
X-Moon: The Moon is Waxing Crescent (13% of Full)
X-Opinion: What you read here is my IMHO
X-WWW: http://www.oneinsane.net
X-GPG-FINGERPRINT: 3F11 DB43 F080 C037 96F0 F8D3 5BD2 652B 171C 86DB
X-Uptime: 7:43AM up 31 days, 9:58, 1 user, load averages: 1.08, 1.10, 1.03
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
I hate adding a me too.. but I am lurking and hoping for an answer.. I
have 2 identical machines getting ready to be deployed in two different
places and I would love to only have to tweak one system and then just
copy the drive over to the other systems drive.
TIA
James Wyatt (jwyatt@rwsystems.net) wrote:
> On Wed, 29 Nov 2000, Massimo Fubini wrote:
> > Use dd. For more information man dd.
> > For example if you want to copy a single partition you do:
> > dd if=/dev/origin_partiton of=/dev/destination_part
> >
> > It is easy and powerful.
>
> And incomplete. I know you can connect the drive, boot, and use the
> /stand/sysinstall utility to carve the drive up into partitions for
> filesystems and swap areas. If you want, it can newfs partitions so you
> can mount the new partitions and user tar/cpio to transfer files. What do
> you do to init the swap and set the boot sector/MBR stuff?
>
> While this stuff is fairly "simple" in that it requires just a few steps,
> it is pretty arcane to many folks, especially new unix admins. The risk of
> toasting your "real" drive is very nonzero as well. Since new drives are
> almost always larger, just dd-ing things is wasteful. Using dd requires
> that you understand the various disk devices fairly well too.
>
> This stuff is easy for many folks on this list, but not so obvious to the
> original poster. I'm sure we can get together and help him (and other
> lurkers) more than a "RTFM for dd, and it's easy". I've included a few of
> the other steps (sysinstall) above, but don't have all the answers. Can
> someone point to more information or reply to the list with more detailed
> steps and techniques?
>
> I've usually had to install FreeBSD (usually a newer version) onto the new
> drive, hand-build the devs (MAKEDEV or *careful* use of sysinstall), redo
> local changes and rebuild ports, and tar/cpio-transfer data files. - Jy@
>
> btw: Even dd is usually somewhat faster with a 'bs=100k' or so.
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>
--
------------------------------------------------------------------------------
Ron Rosson ... and a UNIX user said ...
The InSaNe One rm -rf *
insane@oneinsane.net and all was /dev/null and *void()
------------------------------------------------------------------------------
Providing computer solutions for the mentally impaired.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 7:53:55 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from heorot.1nova.com (sub24-23.member.dsl-only.net [63.105.24.23])
by hub.freebsd.org (Postfix) with ESMTP id A872A37B402
for <freebsd-isp@freebsd.org>; Wed, 29 Nov 2000 07:53:53 -0800 (PST)
Received: by heorot.1nova.com (Postfix, from userid 1000)
id AC77A18B2; Tue, 28 Nov 2000 08:17:30 +0000 (GMT)
Received: from localhost (localhost [127.0.0.1])
by heorot.1nova.com (Postfix) with ESMTP
id A3B0518B0; Tue, 28 Nov 2000 08:17:30 +0000 (GMT)
Date: Tue, 28 Nov 2000 08:17:30 +0000 (GMT)
From: Rick Hamell <hamellr@heorot.1nova.com>
To: Ron 'The InSaNe One' Rosson <insane@lunatic.oneinsane.net>
Cc: freebsd-isp@freebsd.org
Subject: Re: Drive Copy
In-Reply-To: <20001129074540.A33079@lunatic.oneinsane.net>
Message-ID: <Pine.BSF.4.21.0011280816570.20388-100000@heorot.1nova.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
> I hate adding a me too.. but I am lurking and hoping for an answer.. I
> have 2 identical machines getting ready to be deployed in two different
> places and I would love to only have to tweak one system and then just
> copy the drive over to the other systems drive.
The newest version of Ghost is supposed to be Linux aware... I've
not had a chance to test it on FreeBSD yet.
Rick
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 8:12:53 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from ns.tcworks.net (ns.tcworks.net [216.61.218.2])
by hub.freebsd.org (Postfix) with ESMTP id F00B037B698
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 08:12:49 -0800 (PST)
Received: from tcworks.net (stuck.sticky.org [216.61.218.6])
by ns.tcworks.net (8.9.2/8.9.2) with ESMTP id KAA36438;
Wed, 29 Nov 2000 10:05:04 -0600 (CST)
(envelope-from ccook@tcworks.net)
Message-ID: <3A252B38.9841E427@tcworks.net>
Date: Wed, 29 Nov 2000 10:13:44 -0600
From: Chris Cook <ccook@tcworks.net>
X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Rick Hamell <hamellr@heorot.1nova.com>
Cc: "Ron 'The InSaNe One' Rosson" <insane@lunatic.oneinsane.net>,
freebsd-isp@FreeBSD.ORG
Subject: Re: Drive Copy
References: <Pine.BSF.4.21.0011280816570.20388-100000@heorot.1nova.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Ghost 7 does not support FFS.
Rick Hamell wrote:
>
> > I hate adding a me too.. but I am lurking and hoping for an answer.. I
> > have 2 identical machines getting ready to be deployed in two different
> > places and I would love to only have to tweak one system and then just
> > copy the drive over to the other systems drive.
>
> The newest version of Ghost is supposed to be Linux aware... I've
> not had a chance to test it on FreeBSD yet.
>
> Rick
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
--
Chris
o----< ccook@tcworks.net >------------------------------------o
|Chris Cook - Admin |TCWORKS.NET - http://www.tcworks.net |
|The Computer Works ISP |FreeBSD - http://www.freebsd.org |
o-------------------------------------------------------------o
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 9:19:32 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.polytechnic.edu.na (mail.polytechnic.edu.na [196.31.225.2])
by hub.freebsd.org (Postfix) with ESMTP id 48B8637B69B
for <freebsd-isp@freebsd.org>; Wed, 29 Nov 2000 09:19:21 -0800 (PST)
Received: from ns1.horizon.na ([196.31.225.199] helo=polytechnic.edu.na)
by mail.polytechnic.edu.na with esmtp (Exim 3.02 #2)
id 141Dhd-000501-00; Wed, 29 Nov 2000 18:19:41 -0200
Message-ID: <3A253A67.C23665EC@polytechnic.edu.na>
Date: Wed, 29 Nov 2000 19:18:31 +0200
From: Tim Priebe <tim@polytechnic.edu.na>
Reply-To: tim@iafrica.com.na
X-Mailer: Mozilla 4.7 [en] (X11; I; FreeBSD 3.4-RELEASE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Ron Rosson <insane@lunatic.oneinsane.net>
Cc: freebsd-isp@freebsd.org
Subject: Re: Drive Copy
References: <767440343.20001129142712@aexis-telecom.it> <Pine.BSF.4.10.10011290844500.13585-100000@bsdie.rwsystems.net> <20001129074540.A33079@lunatic.oneinsane.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Ron 'The InSaNe One' Rosson wrote:
>
> I hate adding a me too.. but I am lurking and hoping for an answer.. I
> have 2 identical machines getting ready to be deployed in two different
> places and I would love to only have to tweak one system and then just
> copy the drive over to the other systems drive.
>
If the systems are truly identical then dd will definitly work.
eg.
dd bs=10k if=ad1 of=ad2
I do this regularly even with systems that are not identical, even if
the hard drives are not identical. To do this if the systems are not
identical, I use dangerously dedicated disks.
Note: dangerously dedicated disks do not work on some system, can not be
used if you want to be able to dual boot (ever, without a reinstall),
and the destination disk must be at least as big as the source disk. If
the destination disk is bigger than the source, the extra space can be
allocated and used after the copy.
Tim.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 15:51: 9 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.ruhr.de (in-ruhr3.ruhr.de [212.23.134.2])
by hub.freebsd.org (Postfix) with SMTP id 8884637B400
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 15:51:06 -0800 (PST)
Received: (qmail 19885 invoked by alias); 29 Nov 2000 23:53:00 -0000
Received: (from ue@localhost)
by nathan.ruhr.de (8.11.0/8.11.0) id eATNmu860224
for freebsd-isp@FreeBSD.ORG; Thu, 30 Nov 2000 00:48:56 +0100 (CET)
(envelope-from ue)
Date: Thu, 30 Nov 2000 00:48:55 +0100
From: Udo Erdelhoff <ue@nathan.ruhr.de>
To: freebsd-isp@FreeBSD.ORG
Subject: Re: Drive Copy
Message-ID: <20001130004855.M30886@nathan.ruhr.de>
Mail-Followup-To: freebsd-isp@FreeBSD.ORG
References: <767440343.20001129142712@aexis-telecom.it> <Pine.BSF.4.10.10011290844500.13585-100000@bsdie.rwsystems.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.BSF.4.10.10011290844500.13585-100000@bsdie.rwsystems.net>; from jwyatt@rwsystems.net on Wed, Nov 29, 2000 at 09:37:59AM -0600
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hi,
> And incomplete. I know you can connect the drive, boot, and use the
> /stand/sysinstall utility to carve the drive up into partitions for
> filesystems and swap areas.
exactly.
> If you want, it can newfs partitions so you can mount the new partitions
This is neccessary if you want to transfer your system onto a new disk.
> and user tar/cpio to transfer files.
These programs are the wrong tools to do it. They can be used to handle
regular files and {hard,soft} links but they will fail for device nodes,
sparse files and all the other nice features. Use dump, dump or dump:
cd /
mount /new-root-partition /mnt
dump 0af - | (cd /mnt ; restore -rf -)
umount /mnt
Repeat this for all filesystems. I've used this technique several times
to move my system to a newer drive or to rearrange the filesystems.
> What do you do to init the swap and set the boot sector/MBR stuff?
You don't have to initialize swap space. The boot code can be written
by disklabel -B <new disk>.
> The risk of toasting your "real" drive is very nonzero as well.
Murphy was an optimist. The first step is to create and verify a backup
on a reliable and removable medium.
/s/Udo
--
I have learned over the years, that if it is the truth you seek, then
honesty on your own part, is the best policy. That and torture.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 16:48:12 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from pericles.IPAustralia.gov.au (pericles.IPAustralia.gov.au [202.14.186.30])
by hub.freebsd.org (Postfix) with ESMTP id 5A04737B401
for <FreeBSD-ISP@FreeBSD.oRG>; Wed, 29 Nov 2000 16:48:03 -0800 (PST)
Received: (from smap@localhost)
by pericles.IPAustralia.gov.au (8.9.3/8.9.3) id LAA12715;
Thu, 30 Nov 2000 11:46:09 +1100 (EST)
(envelope-from anwsmh@IPAustralia.Gov.AU)
Received: from wf-158.aipo.gov.au(192.168.1.158) by pericles.IPAustralia.gov.au via smap (V2.0)
id xma012703; Thu, 30 Nov 00 11:45:39 +1100
Received: from localhost (anwsmh@localhost)
by stan.aipo.gov.au (8.9.3/8.9.3) with ESMTP id LAA00370;
Thu, 30 Nov 2000 11:47:41 +1100 (EST)
(envelope-from anwsmh@IPAustralia.Gov.AU)
X-Authentication-Warning: stan.aipo.gov.au: anwsmh owned process doing -bs
Date: Thu, 30 Nov 2000 11:47:40 +1100 (EST)
From: Stanley Hopcroft <Stanley.Hopcroft@IPAustralia.Gov.AU>
X-Sender: anwsmh@stan.aipo.gov.au
To: Rowan Crowe <rowan@sensation.net.au>
Cc: FreeBSD-ISP@FreeBSD.oRG
Subject: Re: tcpdump & user-ppp/tunX. Ethereal ?
Message-ID: <Pine.BSF.4.21.0011301147050.338-100000@stan.aipo.gov.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Dear Sir,
I am writing to say that ethereal (http://www.zing.org aka
http://www.ethereal.com/) is a very nice seven layer packet decoder
that may be suitable if you need nasty link layer stuff.
There is a FreeBSD port of it, and while for my moneys worth, tcpdump
with ASCII decode patches (he he), is by far and way more convenient
than a relatively sluggish X application, Ethereal decodes almost every
protocol and his dog.
The SMB decode (courtesy Richard Sharp of the Samba team) is
particuarly good.
We have an HP Internet advisor; the Ethereal decode is *much* better.
Thank you.
Yours sincerely,
S Hopcroft
Network Specialist
IP Australia
+61 2 6283 3189
+61 2 6281 1353 FAX
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 17:17:44 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from velvet.sensation.net.au (serial1-2-velvet-brunswick.sensation.net.au [203.20.114.195])
by hub.freebsd.org (Postfix) with ESMTP id E6E6537B400
for <freebsd-isp@freebsd.org>; Wed, 29 Nov 2000 17:17:12 -0800 (PST)
Received: from localhost (rowan@localhost)
by velvet.sensation.net.au (8.9.3/8.9.3) with ESMTP id MAA58334
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 12:16:39 +1100 (EST)
(envelope-from rowan@sensation.net.au)
X-Authentication-Warning: velvet.sensation.net.au: rowan owned process doing -bs
Date: Thu, 30 Nov 2000 12:16:36 +1100 (EST)
From: Rowan Crowe <rowan@sensation.net.au>
To: freebsd-isp@freebsd.org
Subject: Re: tcpdump & user-ppp/tunX. Ethereal ?
In-Reply-To: <Pine.BSF.4.21.0011301147050.338-100000@stan.aipo.gov.au>
Message-ID: <Pine.BSF.4.21.0011301206020.55961-100000@velvet.sensation.net.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Thu, 30 Nov 2000, Stanley Hopcroft wrote:
>
> Dear Sir,
>
> I am writing to say that ethereal (http://www.zing.org aka
> http://www.ethereal.com/) is a very nice seven layer packet decoder
> that may be suitable if you need nasty link layer stuff.
>
> There is a FreeBSD port of it, and while for my moneys worth, tcpdump
> with ASCII decode patches (he he), is by far and way more convenient
> than a relatively sluggish X application, Ethereal decodes almost every
> protocol and his dog.
Thanks Stanley,
I don't run X on any of my machines (especially the little 486dx2-66 I
want to track traffic on!) so it's not really an option...
Some time ago I wrote a program which accepted the output from tcpdump and
generated 4 lists ordered by:
source port
destination port
source IP
destination IP
In this way it was very easy to be able to see where content was coming
from, how much HTTP or SMTP traffic was coming in, which customer is
receiving the most traffic, etc. I've included a sample output below.
This program makes use of the apparent -e "packet size" parameter which I
later discovered is not guaranteed; it works fine on 2.2.8 systems but of
course breaks on later versions of tcpdump which output things a little
differently. Another limitation is that it only handles UDP and TCP
packets, and quietly ignores anything else.
I want to adapt this program to a 3.x system. Perhaps it's time to hack
tcpdump. :-)
Thanks for the suggestion.
288364 packets processed; 112,318,133 bytes total; 13,087 unique connections.
*** Sorted by source IP address ***
Total unique entries: 2746
First 40 entries:
18,730Kb 17% 205.188.137.185
11,043Kb 10% 203.36.1.129
5,493Kb 5% 203.1.20.10
4,073Kb 3% 139.134.5.197
3,018Kb 2% 64.41.227.225
2,594Kb 2% 203.20.114.7
2,580Kb 2% 203.36.1.147
2,576Kb 2% 64.29.207.228
1,961Kb 1% 211.45.27.151
1,854Kb 1% 212.227.109.212
1,778Kb 1% 63.209.83.91
1,576Kb 1% 216.34.24.207
1,100Kb 1% 128.32.18.166
1,071Kb 0% 64.4.8.250
1,054Kb 0% 203.2.192.84
1,049Kb 0% 128.177.243.61
848Kb 0% 216.65.106.242
751Kb 0% 216.240.130.101
591Kb 0% 192.68.228.132
586Kb 0% 151.196.93.7
552Kb 0% 209.132.192.13
551Kb 0% 209.117.195.200
508Kb 0% 209.50.252.43
499Kb 0% 209.25.129.115
494Kb 0% 24.0.0.200
492Kb 0% 209.185.128.158
489Kb 0% 208.48.218.205
481Kb 0% 209.198.49.161
479Kb 0% 207.246.159.76
456Kb 0% 216.223.198.226
452Kb 0% 209.207.146.160
445Kb 0% 204.85.35.52
439Kb 0% 207.230.127.4
413Kb 0% 202.2.59.40
408Kb 0% 207.192.97.52
406Kb 0% 216.247.86.46
396Kb 0% 203.20.114.4
390Kb 0% 204.71.200.180
383Kb 0% 216.74.73.62
368Kb 0% 130.80.29.3
352Kb 0% 209.226.29.11
*** Sorted by destination IP address ***
Total unique entries: 580
First 40 entries:
36,547Kb 33% 203.55.253.20
16,209Kb 14% 203.20.114.7
12,443Kb 11% 203.25.86.4
11,043Kb 10% 203.20.114.4
9,982Kb 9% 216.226.215.2
3,963Kb 3% 203.20.114.91
2,406Kb 2% 203.55.253.17
2,149Kb 1% 203.36.1.147
2,102Kb 1% 203.20.114.105
1,816Kb 1% 203.25.86.210
1,646Kb 1% 203.25.86.55
1,450Kb 1% 216.226.215.1
954Kb 0% 203.25.86.106
837Kb 0% 203.25.86.100
749Kb 0% 203.20.114.92
599Kb 0% 203.20.114.241
528Kb 0% 203.20.114.242
462Kb 0% 203.20.114.148
445Kb 0% 216.226.193.195
413Kb 0% 203.25.86.105
396Kb 0% 203.36.1.129
387Kb 0% 203.20.114.90
262Kb 0% 203.44.3.130
262Kb 0% 203.44.3.129
172Kb 0% 203.20.114.24
158Kb 0% 203.20.114.214
146Kb 0% 203.20.114.3
138Kb 0% 203.55.253.16
128Kb 0% 203.20.114.253
127Kb 0% 203.20.114.89
91Kb 0% 203.20.114.109
77Kb 0% 203.20.114.1
67Kb 0% 203.20.114.81
65Kb 0% 203.20.114.19
51Kb 0% 203.20.114.195
18Kb 0% 203.25.86.213
12Kb 0% 203.25.86.101
11Kb 0% 203.20.114.23
8Kb 0% 64.38.223.44
5Kb 0% 203.25.86.107
4Kb 0% 203.25.86.108
*** Sorted by source TCP/UDP port ***
Total unique entries: 2579
First 40 entries:
70,927Kb 64% 80
11,042Kb 10% 119
5,493Kb 5% 2359
4,073Kb 3% 4896
3,885Kb 3% 3130
2,702Kb 2% 53
1,056Kb 0% 8080
1,055Kb 0% 62626
543Kb 0% 443
505Kb 0% 1863
446Kb 0% 1044
444Kb 0% 1278
262Kb 0% 14591
262Kb 0% 179
231Kb 0% 137
225Kb 0% 6666
224Kb 0% 1063
224Kb 0% 1065
194Kb 0% 1068
157Kb 0% 6667
152Kb 0% 1609
124Kb 0% 63390
120Kb 0% 1064
108Kb 0% 2587
106Kb 0% 3674
97Kb 0% 47819
66Kb 0% 64661
52Kb 0% 3924
51Kb 0% 3874
46Kb 0% 3601
46Kb 0% 3682
45Kb 0% 3647
42Kb 0% 4000
40Kb 0% 1024
40Kb 0% 1033
40Kb 0% 1835
39Kb 0% 1031
39Kb 0% 1817
38Kb 0% 3838
38Kb 0% 3771
37Kb 0% 1030
*** Sorted by destination TCP/UDP port ***
Total unique entries: 3581
First 40 entries:
11,826Kb 10% 25
6,795Kb 6% 3147
6,106Kb 5% 3324
5,640Kb 5% 4299
3,893Kb 3% 3130
3,362Kb 3% 53
3,001Kb 2% 1969
2,576Kb 2% 4667
2,405Kb 2% 80
1,855Kb 1% 2270
1,292Kb 1% 3682
1,278Kb 1% 1835
1,276Kb 1% 3924
1,266Kb 1% 1817
1,254Kb 1% 3647
1,241Kb 1% 3874
1,226Kb 1% 3771
1,144Kb 1% 3838
842Kb 0% 2477
655Kb 0% 1039
649Kb 0% 1121
585Kb 0% 2189
522Kb 0% 2002
508Kb 0% 1087
421Kb 0% 4999
399Kb 0% 4003
395Kb 0% 119
390Kb 0% 4406
363Kb 0% 1947
362Kb 0% 1997
347Kb 0% 2135
312Kb 0% 8080
278Kb 0% 1833
262Kb 0% 179
262Kb 0% 14591
255Kb 0% 1352
254Kb 0% 3668
250Kb 0% 1025
249Kb 0% 3908
246Kb 0% 3818
231Kb 0% 137
Cheers.
--
Rowan Crowe http://www.rowan.sensation.net.au/
Sensation Internet Services http://info.sensation.net.au/
Melbourne, Australia Phone: +61-3-9388-9260
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 17:23:51 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from alpha.simphost.com (alpha.simphost.com [216.253.163.10])
by hub.freebsd.org (Postfix) with ESMTP
id B601E37B400; Wed, 29 Nov 2000 17:23:48 -0800 (PST)
Received: by alpha.simphost.com (Postfix, from userid 1060)
id 01A4D66B0A; Wed, 29 Nov 2000 18:23:54 -0700 (MST)
Received: from localhost (localhost [127.0.0.1])
by alpha.simphost.com (Postfix) with ESMTP
id EBCF662D03; Wed, 29 Nov 2000 18:23:54 -0700 (MST)
Date: Wed, 29 Nov 2000 18:23:54 -0700 (MST)
From: "Jonathan M. Slivko" <jon_slivko@simphost.com>
To: freebsd-security@freebsd.org
Cc: freebsd-isp@freebsd.org
Subject: Danger Ports
Message-ID: <Pine.BSF.4.21.0011291821260.78317-100000@alpha.simphost.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Can someone tell me what are the "danger" ports on FreeBSD, ports that
perhaps need to be blocked because they are insecure? I would like to know
so in the future, I can prevent outside attacks and concentrate more on
internal attacks, or "insider jobs" as they're called.
----
Jonathan M. Slivko <jon_slivko@simphost.com>
Technical Support, CoreSync Corporation (http://www.coresync.net)
Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
Pager/Voicemail: (917) 388-5304
----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 17:41:22 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from inago.swcp.com (inago.swcp.com [198.59.115.17])
by hub.freebsd.org (Postfix) with ESMTP id 2C75737B6AF
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 17:41:19 -0800 (PST)
Received: from localhost (deichert@localhost)
by inago.swcp.com (8.8.7/8.8.7) with ESMTP id SAA12815;
Wed, 29 Nov 2000 18:39:31 -0700 (MST)
X-Authentication-Warning: inago.swcp.com: deichert owned process doing -bs
Date: Wed, 29 Nov 2000 18:39:30 -0700 (MST)
From: Diana Eichert <deichert@wrench.com>
X-Sender: deichert@inago.swcp.com
To: Rowan Crowe <rowan@sensation.net.au>
Cc: freebsd-isp@FreeBSD.ORG
Subject: Re: tcpdump & user-ppp/tunX. Ethereal ?
In-Reply-To: <Pine.BSF.4.21.0011301206020.55961-100000@velvet.sensation.net.au>
Message-ID: <Pine.GSO.4.10.10011291828020.12719-100000@inago.swcp.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Since FreeBSD also support IP Filter you could look at:
"IP Accounting Package for Darren Reed's IP Filter"
from http://www2.empnet.com/ipacct/
BTW, you can now build a command line version of Ethereal called tethereal
without having to build all of Ethereal.
diana
On Thu, 30 Nov 2000, Rowan Crowe wrote:
> I don't run X on any of my machines (especially the little 486dx2-66 I
> want to track traffic on!) so it's not really an option...
>
> Some time ago I wrote a program which accepted the output from tcpdump and
> generated 4 lists ordered by:
>
> source port
> destination port
> source IP
> destination IP
>
> In this way it was very easy to be able to see where content was coming
> from, how much HTTP or SMTP traffic was coming in, which customer is
> receiving the most traffic, etc. I've included a sample output below.
>
> This program makes use of the apparent -e "packet size" parameter which I
> later discovered is not guaranteed; it works fine on 2.2.8 systems but of
> course breaks on later versions of tcpdump which output things a little
> differently. Another limitation is that it only handles UDP and TCP
> packets, and quietly ignores anything else.
>
> I want to adapt this program to a 3.x system. Perhaps it's time to hack
> tcpdump. :-)
>
> Thanks for the suggestion.
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 18: 4:40 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from secure.smtp.email.msn.com (cpimssmtpu07.email.msn.com [207.46.181.28])
by hub.freebsd.org (Postfix) with ESMTP
id 3447337B400; Wed, 29 Nov 2000 18:04:35 -0800 (PST)
Received: from x86nts4 - 216.103.48.12 by email.msn.com with Microsoft SMTPSVC;
Wed, 29 Nov 2000 18:04:34 -0800
Message-ID: <013b01c05a72$d1f96d10$fd01a8c0@pacbell.net>
From: "John Howie" <JHowie@msn.com>
To: "Jonathan M. Slivko" <jon_slivko@simphost.com>,
<freebsd-security@freebsd.org>
Cc: <freebsd-isp@freebsd.org>
References: <Pine.BSF.4.21.0011291821260.78317-100000@alpha.simphost.com>
Subject: Re: Danger Ports
Date: Wed, 29 Nov 2000 18:11:15 -0800
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1800
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1800
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Jonathan,
Rather than denying access to certain ports on your system, and allowing
access to the rest, you might find it easier to think in the reverse - What
ports do I need to leave open to outside (presumably Internet) users?
The answer to that question depends on the needs of your outside users. You
will probably need to allow SSH access, and I would suggest that you get
users to use SCP instead of FTP (unless you have a public FTP site that
allows anonymous connections). You might also need to open up access to SMTP
and POP3 services for mail (while ensuring that your site can't be used as a
mail relay). DNS is another service that you might need to provide access
to.
If users need access to so-called dangerous services such as X, printer,
NFS, NIS, SNMP, etc. then I would look for a VPN solution that brings them
into your network through the firewall and allows them to access these
services as an internal user.
O'Reilly does a good book on Firewall Security, I suggest that you get it
and have a read. CERT also has a good document on packet filtering
(http://www.cert.org). Also, check the FreeBSD handbook or The Complete
FreeBSD for more information about setting up firewalls on FreeBSD systems.
Hope this helps,
john...
----- Original Message -----
From: "Jonathan M. Slivko" <jon_slivko@simphost.com>
To: <freebsd-security@freebsd.org>
Cc: <freebsd-isp@freebsd.org>
Sent: Wednesday, November 29, 2000 5:23 PM
Subject: Danger Ports
> Can someone tell me what are the "danger" ports on FreeBSD, ports that
> perhaps need to be blocked because they are insecure? I would like to know
> so in the future, I can prevent outside attacks and concentrate more on
> internal attacks, or "insider jobs" as they're called.
>
> ----
> Jonathan M. Slivko <jon_slivko@simphost.com>
> Technical Support, CoreSync Corporation (http://www.coresync.net)
> Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
> Pager/Voicemail: (917) 388-5304
> ----
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 18: 8: 5 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from alpha.simphost.com (alpha.simphost.com [216.253.163.10])
by hub.freebsd.org (Postfix) with ESMTP
id B73C537B400; Wed, 29 Nov 2000 18:07:58 -0800 (PST)
Received: by alpha.simphost.com (Postfix, from userid 1060)
id CF05466B0A; Wed, 29 Nov 2000 19:08:09 -0700 (MST)
Received: from localhost (localhost [127.0.0.1])
by alpha.simphost.com (Postfix) with ESMTP
id C7A6D62D03; Wed, 29 Nov 2000 19:08:09 -0700 (MST)
Date: Wed, 29 Nov 2000 19:08:09 -0700 (MST)
From: "Jonathan M. Slivko" <jon_slivko@simphost.com>
To: John Howie <JHowie@msn.com>
Cc: freebsd-security@freebsd.org, freebsd-isp@freebsd.org
Subject: Re: Danger Ports
In-Reply-To: <013b01c05a72$d1f96d10$fd01a8c0@pacbell.net>
Message-ID: <Pine.BSF.4.21.0011291907110.79751-100000@alpha.simphost.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
I am referring to the Back Orifice, Trinoo server ports, etc. Where can I
get my hands on a list of those port #'s? or are there any utilities that
act as those servers and log all attempts in hopes of catching those users
who will no doubt try and take advantage of an open system?
----
Jonathan M. Slivko <jon_slivko@simphost.com>
Technical Support, CoreSync Corporation (http://www.coresync.net)
Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
Pager/Voicemail: (917) 388-5304
----
On Wed, 29 Nov 2000, John Howie wrote:
> Jonathan,
>
> Rather than denying access to certain ports on your system, and allowing
> access to the rest, you might find it easier to think in the reverse - What
> ports do I need to leave open to outside (presumably Internet) users?
>
> The answer to that question depends on the needs of your outside users. You
> will probably need to allow SSH access, and I would suggest that you get
> users to use SCP instead of FTP (unless you have a public FTP site that
> allows anonymous connections). You might also need to open up access to SMTP
> and POP3 services for mail (while ensuring that your site can't be used as a
> mail relay). DNS is another service that you might need to provide access
> to.
>
> If users need access to so-called dangerous services such as X, printer,
> NFS, NIS, SNMP, etc. then I would look for a VPN solution that brings them
> into your network through the firewall and allows them to access these
> services as an internal user.
>
> O'Reilly does a good book on Firewall Security, I suggest that you get it
> and have a read. CERT also has a good document on packet filtering
> (http://www.cert.org). Also, check the FreeBSD handbook or The Complete
> FreeBSD for more information about setting up firewalls on FreeBSD systems.
>
> Hope this helps,
>
> john...
>
> ----- Original Message -----
> From: "Jonathan M. Slivko" <jon_slivko@simphost.com>
> To: <freebsd-security@freebsd.org>
> Cc: <freebsd-isp@freebsd.org>
> Sent: Wednesday, November 29, 2000 5:23 PM
> Subject: Danger Ports
>
>
> > Can someone tell me what are the "danger" ports on FreeBSD, ports that
> > perhaps need to be blocked because they are insecure? I would like to know
> > so in the future, I can prevent outside attacks and concentrate more on
> > internal attacks, or "insider jobs" as they're called.
> >
> > ----
> > Jonathan M. Slivko <jon_slivko@simphost.com>
> > Technical Support, CoreSync Corporation (http://www.coresync.net)
> > Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
> > Pager/Voicemail: (917) 388-5304
> > ----
> >
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
> >
>
>
>
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 18:57:59 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from elvis.mu.org (elvis.mu.org [207.154.226.10])
by hub.freebsd.org (Postfix) with ESMTP id 78C5137B400
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 18:57:58 -0800 (PST)
Received: by elvis.mu.org (Postfix, from userid 1098)
id 14E2B2B2C6; Wed, 29 Nov 2000 20:57:53 -0600 (CST)
Date: Wed, 29 Nov 2000 20:57:52 -0600
From: Bill Fumerola <billf@mu.org>
To: Diana Eichert <deichert@wrench.com>
Cc: Rowan Crowe <rowan@sensation.net.au>, freebsd-isp@FreeBSD.ORG
Subject: Re: tcpdump & user-ppp/tunX. Ethereal ?
Message-ID: <20001129205752.F35924@elvis.mu.org>
References: <Pine.BSF.4.21.0011301206020.55961-100000@velvet.sensation.net.au> <Pine.GSO.4.10.10011291828020.12719-100000@inago.swcp.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.GSO.4.10.10011291828020.12719-100000@inago.swcp.com>; from deichert@wrench.com on Wed, Nov 29, 2000 at 06:39:30PM -0700
X-Operating-System: FreeBSD 4.2-FEARSOME-20001103 i386
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Wed, Nov 29, 2000 at 06:39:30PM -0700, Diana Eichert wrote:
> BTW, you can now build a command line version of Ethereal called tethereal
> without having to build all of Ethereal.
I'm going to add a slave port of tethereal to the ethereal port so we can
build a non-X version.
Granted, I'd list ethereal as a "reason to run X", but not everyone can.
--
Bill Fumerola - security yahoo / Yahoo! inc.
- fumerola@yahoo-inc.com / billf@FreeBSD.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 18:59:39 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.unpar.ac.id (unknown [202.150.34.3])
by hub.freebsd.org (Postfix) with ESMTP id 8449537B402
for <freebsd-isp@freebsd.org>; Wed, 29 Nov 2000 18:59:27 -0800 (PST)
Received: from home.unpar.ac.id (root@home [202.150.34.12])
by mx1.unpar.ac.id (8.9.3/8.9.3) with ESMTP id KAA06209
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 10:23:04 +0700 (JAVT)
X-UNPAR-MX1-From: thomas@home.unpar.ac.id
X-UNPAR-MX1-To: <freebsd-isp@freebsd.org>
Received: from pelangi (h-041.bapsi [10.2.4.41] (may be forged))
by home.unpar.ac.id (8.9.3/8.9.3) with SMTP id JAA58328
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 09:59:10 +0700 (JAVT)
(envelope-from thomas@home.unpar.ac.id)
Message-ID: <005d01c05a79$72e31040$2904020a@unpar.ac.id>
From: "Thomas Wahyudi" <thomas@home.unpar.ac.id>
To: <freebsd-isp@freebsd.org>
References: <Pine.BSF.4.21.0011280816570.20388-100000@heorot.1nova.com>
Subject: Re: Drive Copy
Date: Thu, 30 Nov 2000 09:58:40 +0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
hmm may be this trick will work ?
we use ghost to create 30 Freebsd Xwindows workstation
we just create image 1 HD and ghost it to another computer using muticast
session provided by ghost
Best regards,
Thomas Wahyudi
======== UIN 535778
----- Original Message -----
From: "Rick Hamell" <hamellr@heorot.1nova.com>
> > I hate adding a me too.. but I am lurking and hoping for an answer.. I
> > have 2 identical machines getting ready to be deployed in two different
> > places and I would love to only have to tweak one system and then just
> > copy the drive over to the other systems drive.
>
> The newest version of Ghost is supposed to be Linux aware... I've
> not had a chance to test it on FreeBSD yet.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 19: 0:55 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from secure.smtp.email.msn.com (cpimssmtpu07.email.msn.com [207.46.181.28])
by hub.freebsd.org (Postfix) with ESMTP
id 806B037B401; Wed, 29 Nov 2000 19:00:40 -0800 (PST)
Received: from x86nts4 - 216.103.48.12 by email.msn.com with Microsoft SMTPSVC;
Wed, 29 Nov 2000 19:00:39 -0800
Message-ID: <016801c05a7a$a7bac8c0$fd01a8c0@pacbell.net>
From: "John Howie" <JHowie@msn.com>
To: <freebsd-security@FreeBSD.ORG>, <freebsd-isp@freebsd.org>,
"Jonathan M. Slivko" <jon_slivko@simphost.com>
Subject: Re: Danger Ports
Date: Wed, 29 Nov 2000 19:07:20 -0800
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0165_01C05A37.992C91F0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1800
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1800
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
This is a multi-part message in MIME format.
------=_NextPart_000_0165_01C05A37.992C91F0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Jonathon,
My apologies - I see what you are after now. Yes, there is a list =
floating
around, but I usually head over to SANS and get theirs:
http://www.sans.org/newlook/resources/IDFAQ/oddports.htm
You will see that it is extensive!
Regarding your followup on dummy applications acting as these rogue
services/daemons I think you are after a Honeypot. There are a couple =
but
I'll need to check out the details as I don't have them off the top of =
my
head. Depending on the level of sophistication you are after it might =
just
be easier to have your firewall log any attempt to access one the ports =
that
you are interested in and deny access.
Hope this helps,
john...
----- Original Message -----
From: "Jonathan M. Slivko" <jon_slivko@simphost.com>
To: "John Howie" <JHowie@msn.com>
Cc: <freebsd-security@freebsd.org>; <freebsd-isp@freebsd.org>
Sent: Wednesday, November 29, 2000 6:08 PM
Subject: Re: Danger Ports
> I am referring to the Back Orifice, Trinoo server ports, etc. Where =
can I
> get my hands on a list of those port #'s? or are there any utilities =
that
> act as those servers and log all attempts in hopes of catching those =
users
> who will no doubt try and take advantage of an open system?
>
> ----
> Jonathan M. Slivko <jon_slivko@simphost.com>
> Technical Support, CoreSync Corporation (http://www.coresync.net)
> Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
> Pager/Voicemail: (917) 388-5304
> ----
>
> On Wed, 29 Nov 2000, John Howie wrote:
>
> > Jonathan,
> >
> > Rather than denying access to certain ports on your system, and =
allowing
> > access to the rest, you might find it easier to think in the reverse =
-
What
> > ports do I need to leave open to outside (presumably Internet) =
users?
> >
> > The answer to that question depends on the needs of your outside =
users.
You
> > will probably need to allow SSH access, and I would suggest that you =
get
> > users to use SCP instead of FTP (unless you have a public FTP site =
that
> > allows anonymous connections). You might also need to open up access =
to
SMTP
> > and POP3 services for mail (while ensuring that your site can't be =
used
as a
> > mail relay). DNS is another service that you might need to provide
access
> > to.
> >
> > If users need access to so-called dangerous services such as X, =
printer,
> > NFS, NIS, SNMP, etc. then I would look for a VPN solution that =
brings
them
> > into your network through the firewall and allows them to access =
these
> > services as an internal user.
> >
> > O'Reilly does a good book on Firewall Security, I suggest that you =
get
it
> > and have a read. CERT also has a good document on packet filtering
> > (http://www.cert.org). Also, check the FreeBSD handbook or The =
Complete
> > FreeBSD for more information about setting up firewalls on FreeBSD
systems.
> >
> > Hope this helps,
> >
> > john...
> >
> > ----- Original Message -----
> > From: "Jonathan M. Slivko" <jon_slivko@simphost.com>
> > To: <freebsd-security@freebsd.org>
> > Cc: <freebsd-isp@freebsd.org>
> > Sent: Wednesday, November 29, 2000 5:23 PM
> > Subject: Danger Ports
> >
> >
> > > Can someone tell me what are the "danger" ports on FreeBSD, ports =
that
> > > perhaps need to be blocked because they are insecure? I would like =
to
know
> > > so in the future, I can prevent outside attacks and concentrate =
more
on
> > > internal attacks, or "insider jobs" as they're called.
> > >
> > > ----
> > > Jonathan M. Slivko <jon_slivko@simphost.com>
> > > Technical Support, CoreSync Corporation (http://www.coresync.net)
> > > Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
> > > Pager/Voicemail: (917) 388-5304
> > > ----
> > >
> > >
> > >
> > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > with "unsubscribe freebsd-security" in the body of the message
> > >
> >
> >
> >
> >
>
>
------=_NextPart_000_0165_01C05A37.992C91F0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 5.50.4207.2601" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT size=3D2><FONT size=3D3>Jonathon,<BR><BR>My apologies - I see =
what you=20
are after now. Yes, there is a list floating<BR>around, but I usually =
head over=20
to SANS and get theirs:<BR><BR></FONT><A=20
href=3D"http://www.sans.org/newlook/resources/IDFAQ/oddports.htm"><FONT=20
size=3D3>http://www.sans.org/newlook/resources/IDFAQ/oddports.htm</FONT><=
/A><BR><BR><FONT=20
size=3D3>You will see that it is extensive!<BR><BR>Regarding your =
followup on=20
dummy applications acting as these rogue<BR>services/daemons I think you =
are=20
after a Honeypot. There are a couple but<BR>I'll need to check out the =
details=20
as I don't have them off the top of my<BR>head. Depending on the level =
of=20
sophistication you are after it might just<BR>be easier to have your =
firewall=20
log any attempt to access one the ports that<BR>you are interested in =
and deny=20
access.<BR><BR>Hope this helps,<BR><BR>john...<BR><BR>----- Original =
Message=20
-----<BR>From: "Jonathan M. Slivko" <</FONT><A=20
href=3D"mailto:jon_slivko@simphost.com"><FONT=20
size=3D3>jon_slivko@simphost.com</FONT></A><FONT size=3D3>><BR>To: =
"John Howie"=20
<</FONT><A href=3D"mailto:JHowie@msn.com"><FONT=20
size=3D3>JHowie@msn.com</FONT></A><FONT size=3D3>><BR>Cc: =
<</FONT><A=20
href=3D"mailto:freebsd-security@freebsd.org"><FONT=20
size=3D3>freebsd-security@freebsd.org</FONT></A><FONT size=3D3>>; =
<</FONT><A=20
href=3D"mailto:freebsd-isp@freebsd.org"><FONT=20
size=3D3>freebsd-isp@freebsd.org</FONT></A><FONT size=3D3>><BR>Sent: =
Wednesday,=20
November 29, 2000 6:08 PM<BR>Subject: Re: Danger Ports<BR><BR><BR>> I =
am=20
referring to the Back Orifice, Trinoo server ports, etc. Where can =
I<BR>> get=20
my hands on a list of those port #'s? or are there any utilities =
that<BR>>=20
act as those servers and log all attempts in hopes of catching those=20
users<BR>> who will no doubt try and take advantage of an open=20
system?<BR>><BR>> ----<BR>> Jonathan M. Slivko <</FONT><A=20
href=3D"mailto:jon_slivko@simphost.com"><FONT=20
size=3D3>jon_slivko@simphost.com</FONT></A><FONT size=3D3>><BR>> =
Technical=20
Support, CoreSync Corporation (</FONT><A =
href=3D"http://www.coresync.net"><FONT=20
size=3D3>http://www.coresync.net</FONT></A><FONT size=3D3>)<BR>> Team =
Leader,=20
SecureIRC Project (</FONT><A =
href=3D"http://secureirc.sourceforge.net"><FONT=20
size=3D3>http://secureirc.sourceforge.net</FONT></A><FONT =
size=3D3>)<BR>>=20
Pager/Voicemail: (917) 388-5304<BR>> ----<BR>><BR>> On Wed, 29 =
Nov=20
2000, John Howie wrote:<BR>><BR>> > Jonathan,<BR>> =
><BR>> >=20
Rather than denying access to certain ports on your system, and =
allowing<BR>>=20
> access to the rest, you might find it easier to think in the =
reverse=20
-<BR>What<BR>> > ports do I need to leave open to outside =
(presumably=20
Internet) users?<BR>> ><BR>> > The answer to that question =
depends=20
on the needs of your outside users.<BR>You<BR>> > will probably =
need to=20
allow SSH access, and I would suggest that you get<BR>> > users to =
use SCP=20
instead of FTP (unless you have a public FTP site that<BR>> > =
allows=20
anonymous connections). You might also need to open up access =
to<BR>SMTP<BR>>=20
> and POP3 services for mail (while ensuring that your site can't be=20
used<BR>as a<BR>> > mail relay). DNS is another service that you =
might=20
need to provide<BR>access<BR>> > to.<BR>> ><BR>> > If =
users=20
need access to so-called dangerous services such as X, printer,<BR>> =
>=20
NFS, NIS, SNMP, etc. then I would look for a VPN solution that=20
brings<BR>them<BR>> > into your network through the firewall and =
allows=20
them to access these<BR>> > services as an internal user.<BR>>=20
><BR>> > O'Reilly does a good book on Firewall Security, I =
suggest that=20
you get<BR>it<BR>> > and have a read. CERT also has a good =
document on=20
packet filtering<BR>> > (</FONT><A =
href=3D"http://www.cert.org"><FONT=20
size=3D3>http://www.cert.org</FONT></A><FONT size=3D3>). Also, check the =
FreeBSD=20
handbook or The Complete<BR>> > FreeBSD for more information about =
setting=20
up firewalls on FreeBSD<BR>systems.<BR>> ><BR>> > Hope this=20
helps,<BR>> ><BR>> > john...<BR>> ><BR>> > ----- =
Original Message -----<BR>> > From: "Jonathan M. Slivko" =
<</FONT><A=20
href=3D"mailto:jon_slivko@simphost.com"><FONT=20
size=3D3>jon_slivko@simphost.com</FONT></A><FONT size=3D3>><BR>> =
> To:=20
<</FONT><A href=3D"mailto:freebsd-security@freebsd.org"><FONT=20
size=3D3>freebsd-security@freebsd.org</FONT></A><FONT =
size=3D3>><BR>> > Cc:=20
<</FONT><A href=3D"mailto:freebsd-isp@freebsd.org"><FONT=20
size=3D3>freebsd-isp@freebsd.org</FONT></A><FONT size=3D3>><BR>> =
> Sent:=20
Wednesday, November 29, 2000 5:23 PM<BR>> > Subject: Danger =
Ports<BR>>=20
><BR>> ><BR>> > > Can someone tell me what are the =
"danger"=20
ports on FreeBSD, ports that<BR>> > > perhaps need to be =
blocked=20
because they are insecure? I would like to<BR>know<BR>> > > so =
in the=20
future, I can prevent outside attacks and concentrate more<BR>on<BR>> =
>=20
> internal attacks, or "insider jobs" as they're called.<BR>> > =
><BR>> > > ----<BR>> > > Jonathan M. Slivko =
<</FONT><A=20
href=3D"mailto:jon_slivko@simphost.com"><FONT=20
size=3D3>jon_slivko@simphost.com</FONT></A><FONT size=3D3>><BR>> =
> >=20
Technical Support, CoreSync Corporation (</FONT><A=20
href=3D"http://www.coresync.net"><FONT=20
size=3D3>http://www.coresync.net</FONT></A><FONT size=3D3>)<BR>> > =
> Team=20
Leader, SecureIRC Project (</FONT><A=20
href=3D"http://secureirc.sourceforge.net"><FONT=20
size=3D3>http://secureirc.sourceforge.net</FONT></A><FONT =
size=3D3>)<BR>> >=20
> Pager/Voicemail: (917) 388-5304<BR>> > > ----<BR>> > =
><BR>> > ><BR>> > ><BR>> > > To =
Unsubscribe: send=20
mail to </FONT><A href=3D"mailto:majordomo@FreeBSD.org"><FONT=20
size=3D3>majordomo@FreeBSD.org</FONT></A><BR><FONT size=3D3>> > =
> with=20
"unsubscribe freebsd-security" in the body of the message<BR>> >=20
><BR>> ><BR>> ><BR>> ><BR>>=20
><BR>><BR>></FONT><BR><BR></FONT></DIV></BODY></HTML>
------=_NextPart_000_0165_01C05A37.992C91F0--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 19: 1:56 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail1.toronto.istar.net (mail1.toronto.istar.net [209.89.75.17])
by hub.freebsd.org (Postfix) with ESMTP
id 369EA37B402; Wed, 29 Nov 2000 19:01:53 -0800 (PST)
Received: from d141-117-39.home.cgocable.net ([24.141.117.39])
by mail1.toronto.istar.net with esmtp (Exim 2.02 #1)
id 141JzE-0006rF-00; Wed, 29 Nov 2000 22:02:16 -0500
Date: Wed, 29 Nov 2000 22:08:14 -0500 (EST)
From: Dru <genisis@istar.ca>
To: "Jonathan M. Slivko" <jon_slivko@simphost.com>
Cc: John Howie <JHowie@msn.com>, freebsd-security@FreeBSD.ORG,
freebsd-isp@FreeBSD.ORG
Subject: Re: Danger Ports
In-Reply-To: <Pine.BSF.4.21.0011291907110.79751-100000@alpha.simphost.com>
Message-ID: <Pine.BSF.4.21.0011292159290.5720-100000@genisis.istar.ca>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Wed, 29 Nov 2000, Jonathan M. Slivko wrote:
> I am referring to the Back Orifice, Trinoo server ports, etc. Where can I
> get my hands on a list of those port #'s? or are there any utilities that
> act as those servers and log all attempts in hopes of catching those users
> who will no doubt try and take advantage of an open system?
Hi Jonathan,
These aren't FreeBSD specific, but here's my favourite links for port #s
and things to look out for:
http://www.robertgraham.com/pubs/firewall-seen.html
http://nethog.net/feeds/niteryder/trojans.htm
http://www.simovits.com/sve/nyhetsarkiv/1999/nyheter9902.html
http://www.portsdb.org/bin/portsdb.cgi
These might get you started.
Cheers,
Dru
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 20: 0:31 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from toetag.com (toetag.com [63.192.202.42])
by hub.freebsd.org (Postfix) with ESMTP id 49E3937B400
for <freebsd-isp@freebsd.org>; Wed, 29 Nov 2000 20:00:28 -0800 (PST)
Received: from toetag.com (tom@unhooked.net [63.192.202.44])
by toetag.com (8.9.3/8.9.0) with ESMTP id UAA04833;
Wed, 29 Nov 2000 20:02:03 -0800 (PST)
Message-Id: <200011300402.UAA04833@toetag.com>
X-Mailer: exmh version 2.2 08/09/2000 with version: MH 6.8.3 #1[UCI]
To: Ron Rosson <insane@lunatic.oneinsane.net>
Cc: freebsd-isp@freebsd.org
Subject: Re: Drive Copy
In-reply-to: Your message of "Wed, 29 Nov 2000 07:45:40 PST."
<20001129074540.A33079@lunatic.oneinsane.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 29 Nov 2000 20:02:02 -0800
From: "Tom" <tom@toetag.com>
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Wed, 29 Nov 2000 07:45:40 PST, "Ron 'The InSaNe One' Rosson" writes:
>I hate adding a me too.. but I am lurking and hoping for an answer.. I
>have 2 identical machines getting ready to be deployed in two different
>places and I would love to only have to tweak one system and then just
>copy the drive over to the other systems drive.
If you have 2 identical drives then dd is more than you'll ever need to
clone machines.
For different sized drives pax would be my tool of choice.
--
tom@unhooked.net ICQ - 16163541
Spam: the other white meat. AIM - twjansen
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 20:21: 3 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.westbend.net (ns1.westbend.net [209.224.254.131])
by hub.freebsd.org (Postfix) with ESMTP id 0DC1C37B401
for <freebsd-isp@FreeBSD.ORG>; Wed, 29 Nov 2000 20:21:01 -0800 (PST)
Received: from admin.westbend.net (admin.westbend.net [209.224.254.141])
(authenticated)
by mail.westbend.net (8.11.1/8.11.1) with ESMTP id eAU4KuW71253;
Wed, 29 Nov 2000 22:20:56 -0600 (CST)
(envelope-from hetzels@westbend.net)
Message-ID: <01ca01c05a84$ed4e79e0$8dfee0d1@westbend.net>
From: "Scot W. Hetzel" <hetzels@westbend.net>
To: "InvictaNet Customer Support" <support@invictanet.co.uk>,
"Freebsd-ISP" <freebsd-isp@FreeBSD.ORG>
References: <NDBBKODAOKAJLGIOGBIAEEBKDBAA.support@invictanet.co.uk>
Subject: Re: sendmail 8.11.1 and cyrus sasl
Date: Wed, 29 Nov 2000 22:20:51 -0600
Organization: West Bend Interent
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
From: "InvictaNet Customer Support" <support@invictanet.co.uk>
> I've done all this (apart from the make world at the bottom) but still get
> relaying denied. I run FreeBSD 3.4 and Sendmail 8.11.1, I really do need
to
> get SMTP AUTH running, can anyone offer any suggestions of where to look.
>
Look here for info on setting up SMTP AUTH:
> > from http://www.sendmail.org/~ca/email/auth.html
Since FreeBSD3.4, has Sendmail 3.9.x, we'll assume your either installing
sendmail 8.11.1 manually or via the port. As the "Sendmail.README" in the
security/cyrus-sasl port is specific to FreeBSD 4.x w/sendmail 8.11.1.
You will need to add the following to ${FILESDIR}/site.config.m4 and
${FILESDIR}/site.config.m4.pre4 (if using sendmail port) or
devtools/Site/site.config.m4 (if using sendmail sources):
>
> APPENDDEF(`confENVDEF', `-DSASL -D_FFR_UNSAFE_SASL')
> APPENDDEF(`conf_sendmail_LIBS', `-lsasl')
> APPENDDEF(`confLIBDIRS', `-L/usr/local/lib')
> APPENDDEF(`confINCDIRS', `-I/usr/local/include/sasl')
>
If your still having problems, and noone here can help you, try posting a
message to comp.mail.sendmail and Claus Aßmann may give you a tip on how to
solve your problem.
Scot
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Wed Nov 29 20:45:15 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from flux.c-zone.net (flux.c-zone.net [216.190.4.216])
by hub.freebsd.org (Postfix) with ESMTP
id 8A5DD37B401; Wed, 29 Nov 2000 20:45:11 -0800 (PST)
Received: from localhost (bdan@localhost)
by flux.c-zone.net (8.11.1/8.11.1) with ESMTP id eAU4j4m38167;
Wed, 29 Nov 2000 20:45:04 -0800 (PST)
Date: Wed, 29 Nov 2000 20:45:03 -0800 (PST)
From: Dan Babb <bdan@c-zone.net>
To: "Jonathan M. Slivko" <jon_slivko@simphost.com>
Cc: freebsd-security@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG
Subject: Re: Danger Ports
In-Reply-To: <Pine.BSF.4.21.0011291907110.79751-100000@alpha.simphost.com>
Message-ID: <Pine.BSF.4.21.0011292044170.36849-100000@flux.c-zone.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
this is right out of the ACL for my core router..
! reserved networks
access-list 110 deny ip 127.0.0.0 0.0.0.255 any log
access-list 110 deny ip 10.0.0.0 0.255.255.255 any log
access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
access-list 110 deny ip 192.168.0.0 0.0.255.255 any log
! various exploits, netbios, back orifice, netbus protection
access-list 110 deny tcp any any range 137 139
access-list 110 deny tcp any any eq 31337
access-list 110 deny udp any any eq 31337
access-list 110 deny tcp any any range 12345 12350
access-list 110 deny udp any any range 12345 12350
- Dan
On Wed, 29 Nov 2000, Jonathan M. Slivko wrote:
> I am referring to the Back Orifice, Trinoo server ports, etc. Where can I
> get my hands on a list of those port #'s? or are there any utilities that
> act as those servers and log all attempts in hopes of catching those users
> who will no doubt try and take advantage of an open system?
>
> ----
> Jonathan M. Slivko <jon_slivko@simphost.com>
> Technical Support, CoreSync Corporation (http://www.coresync.net)
> Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
> Pager/Voicemail: (917) 388-5304
> ----
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 1: 1:11 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from christel.heitec.net (christel.heitec.net [193.101.232.3])
by hub.freebsd.org (Postfix) with ESMTP id 5CDCD37B401
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 01:01:09 -0800 (PST)
Received: from tashi.admin.er.heitec.net (paladin.heitec.net [193.101.232.30])
by christel.heitec.net (Postfix) with ESMTP id 28AE9354813
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 10:06:58 +0100 (CET)
Received: by tashi.admin.er.heitec.net (Postfix, from userid 1000)
id 1498B1DE1; Thu, 30 Nov 2000 10:02:56 +0100 (CET)
Date: Thu, 30 Nov 2000 10:02:56 +0100
To: freebsd-isp@freebsd.org
Subject: Re: Danger Ports
Message-ID: <20001130100255.A793@heitec.net>
Mail-Followup-To: freebsd-isp@freebsd.org
References: <Pine.BSF.4.21.0011291821260.78317-100000@alpha.simphost.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.BSF.4.21.0011291821260.78317-100000@alpha.simphost.com>; from jon_slivko@simphost.com on Wed, Nov 29, 2000 at 18:23:54 -0700
Organization: Heitec AG
From: lenz@heitec.net (Lenz Gschwendtner)
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hi Jonathan,
On Wed, 29 Nov 2000, Jonathan M. Slivko wrote:
> Can someone tell me what are the "danger" ports on FreeBSD, ports that
> perhaps need to be blocked because they are insecure? I would like to know
> so in the future, I can prevent outside attacks and concentrate more on
> internal attacks, or "insider jobs" as they're called.
in your case i would start with the freebsd handbook chapter 8 security
then man security, man ipfw, man ipfilter. it has absoloutly no sense to
copy some firewall scripts from somewhere if you don't understand what
they are doing and why. further is there no sense to concentrate on
internal attacks if can't even master the externel ones!
cheers
lenz
--
(__) eat penguins instead, they start to
(++)-----i\ spread around anyway!
~~| BSE | *
|_|~|_| FreeBSD Systemadministrator
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 1: 1:28 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from colossus.invictanet.co.uk (colossus.invictanet.co.uk [62.232.18.118])
by hub.freebsd.org (Postfix) with ESMTP id 2B65C37B401
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 01:01:25 -0800 (PST)
Received: from harryhome (modem415.netkonect.net [194.164.14.161])
by colossus.invictanet.co.uk (8.9.3/8.9.3) with SMTP id JAA01386
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 09:01:20 GMT
From: "InvictaNet Customer Support" <support@invictanet.co.uk>
To: "Freebsd-ISP" <freebsd-isp@FreeBSD.ORG>
Subject: RE: sendmail 8.11.1 and cyrus sasl
Date: Thu, 30 Nov 2000 09:01:12 -0000
Message-ID: <NDBBKODAOKAJLGIOGBIAEECFDBAA.support@invictanet.co.uk>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
In-Reply-To: <01ca01c05a84$ed4e79e0$8dfee0d1@westbend.net>
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Importance: Normal
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
I am slowly getting somewhere with my "AUTH" problem. I have now discovered
that it is a method thing.
Using Eudora as the client, the AUTH works fine so it is b....y Microsoft
that is causing the problem. PLAIN seems to be working ok, it is LOGIN that
is not available.
The list of clients by Alexey Melnikov.
http://www.sendmail.org/~ca/email/mel/SASL_ClientRef.html shows that
Outlook only supports LOGIN (from my list of availables).
Any suggestions??
I will also post this to comp.mail.sendmail
Martyn Routley
-----------------------------------------------------
InvictaNet - The Internet in Plain English, Guaranteed
http://www.invictanet.co.uk
mailto:info@invictanet.co.uk
phone: 0870 7402252
fax: +44 (0)1233 334001
------------------------------------------------------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 3:35:12 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21])
by hub.freebsd.org (Postfix) with ESMTP
id 9145637B400; Thu, 30 Nov 2000 03:35:05 -0800 (PST)
Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21])
by mohegan.mohawk.net (8.9.3/8.9.3) with ESMTP id GAA42040;
Thu, 30 Nov 2000 06:39:51 -0500 (EST)
(envelope-from rjh@mohawk.net)
Date: Thu, 30 Nov 2000 06:39:51 -0500 (EST)
From: Ralph Huntington <rjh@mohawk.net>
To: "Jonathan M. Slivko" <jon_slivko@simphost.com>
Cc: John Howie <JHowie@msn.com>, freebsd-isp@FreeBSD.ORG,
freebsd-security@FreeBSD.ORG
Subject: Re: Danger Ports
In-Reply-To: <Pine.BSF.4.21.0011291907110.79751-100000@alpha.simphost.com>
Message-ID: <Pine.BSF.4.21.0011300638070.41479-100000@mohegan.mohawk.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Check out "fakebo" and "portsentry" in /usr/ports/security/
On Wed, 29 Nov 2000, Jonathan M. Slivko wrote:
> I am referring to the Back Orifice, Trinoo server ports, etc. Where can I
> get my hands on a list of those port #'s? or are there any utilities that
> act as those servers and log all attempts in hopes of catching those users
> who will no doubt try and take advantage of an open system?
>
> ----
> Jonathan M. Slivko <jon_slivko@simphost.com>
> Technical Support, CoreSync Corporation (http://www.coresync.net)
> Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
> Pager/Voicemail: (917) 388-5304
> ----
>
> On Wed, 29 Nov 2000, John Howie wrote:
>
> > Jonathan,
> >
> > Rather than denying access to certain ports on your system, and allowing
> > access to the rest, you might find it easier to think in the reverse - What
> > ports do I need to leave open to outside (presumably Internet) users?
> >
> > The answer to that question depends on the needs of your outside users. You
> > will probably need to allow SSH access, and I would suggest that you get
> > users to use SCP instead of FTP (unless you have a public FTP site that
> > allows anonymous connections). You might also need to open up access to SMTP
> > and POP3 services for mail (while ensuring that your site can't be used as a
> > mail relay). DNS is another service that you might need to provide access
> > to.
> >
> > If users need access to so-called dangerous services such as X, printer,
> > NFS, NIS, SNMP, etc. then I would look for a VPN solution that brings them
> > into your network through the firewall and allows them to access these
> > services as an internal user.
> >
> > O'Reilly does a good book on Firewall Security, I suggest that you get it
> > and have a read. CERT also has a good document on packet filtering
> > (http://www.cert.org). Also, check the FreeBSD handbook or The Complete
> > FreeBSD for more information about setting up firewalls on FreeBSD systems.
> >
> > Hope this helps,
> >
> > john...
> >
> > ----- Original Message -----
> > From: "Jonathan M. Slivko" <jon_slivko@simphost.com>
> > To: <freebsd-security@freebsd.org>
> > Cc: <freebsd-isp@freebsd.org>
> > Sent: Wednesday, November 29, 2000 5:23 PM
> > Subject: Danger Ports
> >
> >
> > > Can someone tell me what are the "danger" ports on FreeBSD, ports that
> > > perhaps need to be blocked because they are insecure? I would like to know
> > > so in the future, I can prevent outside attacks and concentrate more on
> > > internal attacks, or "insider jobs" as they're called.
> > >
> > > ----
> > > Jonathan M. Slivko <jon_slivko@simphost.com>
> > > Technical Support, CoreSync Corporation (http://www.coresync.net)
> > > Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
> > > Pager/Voicemail: (917) 388-5304
> > > ----
> > >
> > >
> > >
> > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > with "unsubscribe freebsd-security" in the body of the message
> > >
> >
> >
> >
> >
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 3:55:14 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from ritchie.loop.com (ritchie.loop.com [207.211.60.70])
by hub.freebsd.org (Postfix) with ESMTP id 77FA137B400
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 03:55:11 -0800 (PST)
Received: from Elektra.loop.com (elektra.loop.com [207.211.60.33])
by ritchie.loop.com (8.9.3/8.9.3) with SMTP id DAA11521
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 03:52:00 -0800 (PST)
Message-ID: <005301c05ac4$7002dea0$213cd3cf@loop.com>
From: "D. W. Piper" <dwplists@loop.com>
To: <freebsd-isp@FreeBSD.ORG>
Subject: Way OT but desperate - Linux fsck problem
Date: Thu, 30 Nov 2000 03:55:21 -0800
Organization: The Loop Internet
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
I apologize for the OT message, but I'm bleary-eyed from searching
online documentation and archives and I'm hoping some of you gurus out
there who have experience with Linux as well as FreeBSD may have a
solution:
We've got a RedHat 6.0 box (Intel PIII) with a Mylex DAC960 Hardware
RAID Controller configured for RAID-5 with seven 9GB SCSI drives.
We had to reboot the system last night, and on restart fsck failed for
the RAID device with the error message:
Block bitmap for group 256 is not in group
followed by
/dev/rd/c0d2p1: Unexpected inconsistency, run fsck manually
Running fsck manually produced the error message:
e2fsck: bad magic number in superblock while trying to open
/dev/rd/c0d2p1
Trying again using e2fsck -B and varying block sizes of 1024, 2048, etc
got:
Group descriptor look bad... trying backup blocks
e2fsck: bad magic number in superblock while trying to open
/dev/rd/c0d2p1
However, the DAC controller's consistency check completed at 100% with
no errors, and the driver reported no problems during boot.
Is there anything that can be done to solve this and save the
filesystem?
Thanks,
David
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 4:47:26 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from dryctnath.mmu.ac.uk (dryctnath.mmu.ac.uk [149.170.190.134])
by hub.freebsd.org (Postfix) with ESMTP id 549BF37B401
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 04:47:24 -0800 (PST)
Received: from ghondr.mmu.ac.uk ([149.170.5.241])
by dryctnath.mmu.ac.uk with esmtp (Exim 3.13 #2)
id 141T8F-0005YQ-00
for freebsd-isp@freebsd.org; Thu, 30 Nov 2000 12:48:11 +0000
Received: from MMU-HSS-GHONDR/SpoolDir by ghondr.mmu.ac.uk (Mercury 1.47);
30 Nov 00 12:47:18 +0100
Received: from SpoolDir by MMU-HSS-GHONDR (Mercury 1.47); 30 Nov 00 12:47:07 +0100
From: "Mr Saif Shad" <6694306x@mmu.ac.uk>
Organization: Manchester Metropolitan University
To: freebsd-isp@freebsd.org
Date: Thu, 30 Nov 2000 12:47:06 +0100
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Subject: Help
Message-ID: <3A264C49.12288.D4287@localhost>
X-mailer: Pegasus Mail for Win32 (v3.12c)
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
I have been monitoring this list for 2 months and now have to do a
project on this mailing list. However, I need a bit of information
from you about yourselves in order for me to be able to complete
the project. Could you help and tell me the following.
1. What motivates you to be on the list?
2.Does the list satisfy your declared function?
3.Could you give me some information on your social
characteristics? (age, nationality, occupation)
4.What is the purpose of the list for you?
5.What other lists are you a member of?
I know it's a lot to ask, but it would go a long way and help me very
much in completing my degree.
Best Wishes,
Mr. Saif Shad
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 4:55: 9 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from gate.trident-uk.co.uk (mail.trident-uk.co.uk [195.166.16.10])
by hub.freebsd.org (Postfix) with ESMTP id 372D037B400
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 04:55:06 -0800 (PST)
Received: from [194.207.93.139] by gate.trident-uk.co.uk
for freebsd-isp@freebsd.org
id MAA26627; Thu Nov 30 12:55:03 2000
Organization: Psi-Domain Ltd.
Subject: Re: Help
Date: Thu, 30 Nov 2000 12:59:59 +0000
X-Mailer: KMail [version 1.0.28]
Content-Type: text/plain
MIME-Version: 1.0
Message-Id: <0011301300310J.00231@freefire.psi-domain.co.uk>
Content-Transfer-Encoding: 8bit
To: freebsd-isp@freebsd.org
From: Jamie Heckford <heckfordj@psi-domain.co.uk>
Reply-To: heckfordj@psi-domain.co.uk
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
--
Jamie HeckfordOn Thu, 30 Nov 2000, you wrote:
> I have been monitoring this list for 2 months and now have to do a
> project on this mailing list. However, I need a bit of information
> from you about yourselves in order for me to be able to complete
> the project. Could you help and tell me the following.
>
> 1. What motivates you to be on the list?
I receive lots of email and it makes me feel popular :)
>
> 2.Does the list satisfy your declared function?
Yup
>
> 3.Could you give me some information on your social
> characteristics? (age, nationality, occupation)
XX, British, Chief Network Engineer
>
> 4.What is the purpose of the list for you?
>
> 5.What other lists are you a member of?
hackers and stable
>
> I know it's a lot to ask, but it would go a long way and help me very
> much in completing my degree.
Good luck!
>
> Best Wishes,
>
> Mr. Saif Shad
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
--
Jamie Heckford
Chief Network Engineer
Psi-Domain - Innovative Linux Solutions. Ask Us How.
===================================
email: heckfordj@psi-domain.co.uk
web: http://www.psi-domain.co.uk/
tel: +44 (0)1737 789 246
fax: +44 (0)1737 789 245
mobile: +44 (0)7779 646 529
===================================
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 7:28:45 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from rapidnet.com (rapidnet.com [205.164.216.1])
by hub.freebsd.org (Postfix) with ESMTP
id EDF9737B400; Thu, 30 Nov 2000 07:28:38 -0800 (PST)
Received: from localhost (traviso@localhost)
by rapidnet.com (8.9.3/8.9.3) with ESMTP id IAA09380;
Thu, 30 Nov 2000 08:28:37 -0700 (MST)
Date: Thu, 30 Nov 2000 08:28:32 -0700 (MST)
From: Travis {RapidSupport} <traviso@RapidNet.com>
To: freebsd-isp@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject: Re: Danger Ports
In-Reply-To: <Pine.BSF.4.21.0011292044170.36849-100000@flux.c-zone.net>
Message-ID: <Pine.BSF.4.21.0011300805330.83526-100000@rapidnet.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Wed, 29 Nov 2000, Dan Babb wrote:
> I am referring to the Back Orifice, Trinoo server ports, etc. Where can I
> get my hands on a list of those port #'s? or are there any utilities that
> act as those servers and log all attempts in hopes of catching those users
> who will no doubt try and take advantage of an open system?
Probably the best thing for exactly what you are describing is
called SNORT it's a light weight intrusion detection software called SNORT
which you can get at:
http://www.snort.org
I can identify exactly what you are referring to in my logs. I
also use an ipf firewall to block that which I ID with the IDS software.
Here is a snippet of actual logs from snort on my machine:
[begin log snippet]
[**] Netbus/GabanBus [**]
09/20-21:11:08.683624 *.*.*.*:1891 -> *.*.*.*:12345
TCP TTL:64 TOS:0x0 ID:60113 DF
S***** Seq: 0x750B7F5F Ack: 0x0 Win: 0x4000
TCP Options => MSS: 1460
[**] Traceroute ICMP [**]
09/20-22:26:12.133438 204.178.16.36 -> *.*.*.*
ICMP TTL:1 TOS:0x0 ID:47254
ID:3699 Seq:13803 ECHO
[**] SYN FIN Scan [**]
10/01-22:18:16.531398 203.41.93.253:21 -> *.*.*.*:21
TCP TTL:28 TOS:0x0 ID:39426
SF**** Seq: 0x205F74F Ack: 0x55003324 Win: 0x404
[**] PCAnywhere [**]
10/02-17:45:14.656264 *.*.*.*:1030 -> *.*.*.*:22
UDP TTL:125 TOS:0x0 ID:16896
Len: 10
[**] Backdoor-31337-shell [**]
11/20-16:43:17.064386 *.*.*.*:2286 -> *.*.*.*:31337
TCP TTL:64 TOS:0x0 ID:57979 DF
S***** Seq: 0xDDD33B02 Ack: 0x0 Win: 0x4000
TCP Options => MSS: 1460
---
[end log snippet]
As you can see I have *'d out the destination IP's (my
servers) and some of the attackers IP's. While it creates these quick
fingerprints of the attack it also holds more information on a per IP
basis.
Personally - I don't always have time to dig through the logs so I
use "snort snarf" which takes the logs and creates a very nice web
interface for tracking attacks and trends. Snort Snarf can be downloaded
from the Snort website... Oh, did I mention this is free? =)
Travis
/*
-=[ Travis Ogden ]-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
RapidNet Admin Team "Courage is not defined by those who
Phone#: 605.341.3283 fought and did not fall, but by those
ICQ#: 30220771 who fought, fell, and rose again."
Mail: traviso@RapidNet.com Fax#: 605.348.1031
Web: www.RapidNet.com/~traviso 800#: 800.763.2525
ATTENTION! "RapidNet has moved to 330 Knollwood Drive,
Rapid City, SD 57701."
-=-=-=-=-=-=-=-=-=-=-=-=-=-[ traviso@rapidnet.com ]=-=-=-=-=
*/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 7:30:43 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from rapidnet.com (rapidnet.com [205.164.216.1])
by hub.freebsd.org (Postfix) with ESMTP
id 5B5B837B401; Thu, 30 Nov 2000 07:30:39 -0800 (PST)
Received: from localhost (traviso@localhost)
by rapidnet.com (8.9.3/8.9.3) with ESMTP id IAA10607;
Thu, 30 Nov 2000 08:30:38 -0700 (MST)
Date: Thu, 30 Nov 2000 08:30:38 -0700 (MST)
From: Travis {RapidSupport} <traviso@RapidNet.com>
To: freebsd-isp@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject: Re: Danger Ports
In-Reply-To: <Pine.BSF.4.21.0011300805330.83526-100000@rapidnet.com>
Message-ID: <Pine.BSF.4.21.0011300830130.83526-100000@rapidnet.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Thu, 30 Nov 2000, Travis {RapidSupport} wrote:
> called SNORT it's a light weight intrusion detection software called SNORT
...proof that coffee is needed at all hours.
Travis
/*
-=[ Travis Ogden ]-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
RapidNet Admin Team "Courage is not defined by those who
Phone#: 605.341.3283 fought and did not fall, but by those
ICQ#: 30220771 who fought, fell, and rose again."
Mail: traviso@RapidNet.com Fax#: 605.348.1031
Web: www.RapidNet.com/~traviso 800#: 800.763.2525
ATTENTION! "RapidNet has moved to 330 Knollwood Drive,
Rapid City, SD 57701."
-=-=-=-=-=-=-=-=-=-=-=-=-=-[ traviso@rapidnet.com ]=-=-=-=-=
*/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 7:31:14 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.psknet.com (orion.psknet.com [63.171.251.4])
by hub.freebsd.org (Postfix) with SMTP id 128A837B401
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 07:31:10 -0800 (PST)
Received: (qmail 7403 invoked from network); 30 Nov 2000 15:31:03 -0000
Received: from arcadia.psknet.com (HELO arcadia) (63.171.251.7)
by orion.psknet.com with SMTP; 30 Nov 2000 15:31:03 -0000
From: "Troy Settle" <troy@psknet.com>
To: "Mr Saif Shad" <6694306x@mmu.ac.uk>, <freebsd-isp@freebsd.org>
Subject: RE: Help
Date: Thu, 30 Nov 2000 10:30:57 -0500
Message-ID: <BFEGKDHLHDNOJEIHJDBAAEJLCAAA.troy@psknet.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
In-Reply-To: <3A264C49.12288.D4287@localhost>
Importance: Normal
X-AntiVirus: scanned for viruses by Pulaski Networks (http://www.psknet.com) using AMaViS (http://www.amavis.org)
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
**
** 1. What motivates you to be on the list?
To share information, learn new things, help confuse utter newbies :)
**
** 2.Does the list satisfy your declared function?
Most definately
**
** 3.Could you give me some information on your social
** characteristics? (age, nationality, occupation)
30-something, white american, ISP Owner
**
** 4.What is the purpose of the list for you?
Uh... isn't this the same as question #1?
**
** 5.What other lists are you a member of?
-questions, -stable (now and then), inet-access,
isp-[ceo|marketing|outsourcing|wireless|equipment]
ascend-users, php-db, qmailadmin, platypus-users, and a few others.
--
Troy Settle
Pulaski Networks
540.994.4254
It's always a long day, 86400 doesn't fit into a short
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 7:38:46 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from bsdie.rwsystems.net (bsdie.rwsystems.net [209.197.223.2])
by hub.freebsd.org (Postfix) with ESMTP id 040A837B401
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 07:38:43 -0800 (PST)
Received: from bsdie.rwsystems.net([209.197.223.2]) (2249 bytes) by bsdie.rwsystems.net
via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp
(sender: <jwyatt@rwsystems.net>)
id <m141VlP-000CDHC@bsdie.rwsystems.net>
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 09:36:47 -0600 (CST)
(Smail-3.2.0.111 2000-Feb-17 #1 built 2000-Jun-25)
Date: Thu, 30 Nov 2000 09:36:46 -0600 (CST)
From: James Wyatt <jwyatt@rwsystems.net>
To: Udo Erdelhoff <ue@nathan.ruhr.de>
Cc: freebsd-isp@FreeBSD.ORG
Subject: Re: Drive Copy
In-Reply-To: <20001130004855.M30886@nathan.ruhr.de>
Message-ID: <Pine.BSF.4.10.10011300819540.75832-100000@bsdie.rwsystems.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Thu, 30 Nov 2000, Udo Erdelhoff wrote:
> James Wyatt wrote some time ago:
> > and user tar/cpio to transfer files.
> These programs are the wrong tools to do it. They can be used to handle
> regular files and {hard,soft} links but they will fail for device nodes,
> sparse files and all the other nice features. Use dump, dump or dump:
>
> cd /
> mount /new-root-partition /mnt
> dump 0af - | (cd /mnt ; restore -rf -)
> umount /mnt
Thanks, due to ancient experiences with dump/restore on an old BSD VAX and
a Tandy RS/6000, I've disliked dump by default, but this is a great use
for it and I need to update my feelings about dump/restore. I usually use
tar to move files and cpio to backup disks and MAKEDEV to build the devs
on the new system. I like your solution better.
That said, because you're using a -f and doing a while tree, I'd try:
dump 0af - | (cd /mnt && restore -rf -)
^^
or, more likely:
(cd /oldfilesysbase && dump 0af -) | (cd /mnt && restore -rf -)
Anyone who types as badly as I do will *love* that the restore isn't done
unless the cd works. Thanks for the other missing pieces. FWIW, I usually
use "dangerously dedicated" on everything but multiboot laptops so the
disklabel clue was great.
> Murphy was an optimist. The first step is to create and verify a backup
> on a reliable and removable medium.
Like dd-ing it to another hard drive? (^_^) Oh yeah, the *tape* drive...
Does anyone have bootable tape support on x86? The MakeSysB tape
generation on AIX boxes rocks. There also used to be a SCO-usable
product (CTar?) that made a tape and a boot floppy. Both worked well.
Thanks again for the useful reply. Vielen dank! - Jy@
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 7:52: 9 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from ns1.i-p-d.nl (ns1.i-p-d.nl [208.239.240.129])
by hub.freebsd.org (Postfix) with ESMTP id AE5D037B400
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 07:52:07 -0800 (PST)
Received: from danny (xs02-098.support.nl [195.114.229.98])
by ns1.i-p-d.nl (8.9.3/8.9.3) with ESMTP id QAA05183
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 16:48:08 +0100 (CET)
(envelope-from danny@i-p-d.nl)
From: danny@i-p-d.nl
To: freebsd-isp@FreeBSD.ORG
Date: Thu, 30 Nov 2000 16:51:17 +0100
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Subject: dd
Message-ID: <3A268585.2235.C400D6@localhost>
X-mailer: Pegasus Mail for Win32 (v3.12c)
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Thanx for all people responding to my posting. dd works fine ( dd
if=/dev/ad0 of=/dev/ad1 ) Adding the additional disk space I will
have to look into.
Thanx again!!
Met vriendelijke groeten,
Danny Zwegers
Unix SysAdmin (Spec:Domains)
IPD Hosting & Design BV
------------------- WWW Hosting ---------------------
http://www.i-p-d.nl Tel: 0165-571675
http://www.ipdhosting.com Fax: 0165-571710
http://www.domeinhosting.com Email: danny@i-p-d.nl
http://www.secure.nl
------------------- WWW Design ---------------------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 8: 4:55 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from bilver.wjv.com (dhcp-1-177.n01.orldfl01.us.ra.verio.net [157.238.210.177])
by hub.freebsd.org (Postfix) with ESMTP id 94DB037B400
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 08:04:51 -0800 (PST)
Received: (from bill@localhost)
by bilver.wjv.com (8.9.3/8.9.3) id LAA16876
for freebsd-isp@freebsd.org; Thu, 30 Nov 2000 11:04:50 -0500 (EST)
(envelope-from bill)
Date: Thu, 30 Nov 2000 11:04:42 -0500
From: Bill Vermillion <bill@bilver.wjv.com>
To: freebsd-isp@freebsd.org
Subject: Re: Drive Copy
Message-ID: <20001130110442.A16709@wjv.com>
Reply-To: bv@bilver.wjv.com
References: <20001130004855.M30886@nathan.ruhr.de> <Pine.BSF.4.10.10011300819540.75832-100000@bsdie.rwsystems.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.BSF.4.10.10011300819540.75832-100000@bsdie.rwsystems.net>; from jwyatt@rwsystems.net on Thu, Nov 30, 2000 at 09:36:46AM -0600
Organization: W.J.Vermillion / Orlando - Winter Park
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Thu, Nov 30, 2000 at 09:36:46AM -0600, James Wyatt thus spoke:
> On Thu, 30 Nov 2000, Udo Erdelhoff wrote:
> > James Wyatt wrote some time ago:
> > > and user tar/cpio to transfer files.
> > These programs are the wrong tools to do it. They can be used to
> > handle regular files and {hard,soft} links but they will fail
> > for device nodes, sparse files and all the other nice features.
> > Use dump, dump or dump:
> > cd /
> > mount /new-root-partition /mnt
> > dump 0af - | (cd /mnt ; restore -rf -)
> > umount /mnt
> Thanks, due to ancient experiences with dump/restore on an old BSD
> VAX and a Tandy RS/6000, I've disliked dump by default, ..
Been there on the 6000. Can't say that I blame you one bit.
> Does anyone have bootable tape support on x86? The MakeSysB tape
> generation on AIX boxes rocks. There also used to be a SCO-usable
> product (CTar?) that made a tape and a boot floppy. Both worked well.
Ctar was the original - Mike Schwartz as I recall - the company was
Unitrends. It's still around but it's decendants BackupEdge from
Microlite and Lone-Tar from Cactus are quite popular.
Edge supports boot from tape on the new HPs. They don't support
the FreeBSD market. Lone-Tar supports FreeBSD. How well I'm not
sure as I haven't installed my copy - I need to get my tape drive
fixed first. I have seen no vendor which supports bootable
disaster recovery software under FreeBSD, though LoneTar and BRU
have bootable recovery disks for Linux.
I've not used a current BRU - just on an old SGI so I can't tell
you about that. I've used both BE and LT on client machines
[primarily SCO] and they handle a complete backup, including all
the /dev files, and empty directores, etc., properly.
All commercial stuff. They do have downloads.
--
Bill Vermillion - bv @ wjv . com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 8:41:49 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail1.mclink.it (net128-007.mclink.it [195.110.128.7])
by hub.freebsd.org (Postfix) with ESMTP id 2C89037B69B
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 08:41:45 -0800 (PST)
Received: from net147-226.mclink.it (net147-226.mclink.it [195.110.147.226])
by mail1.mclink.it (8.9.3/8.9.0) with ESMTP id RAA21716;
Thu, 30 Nov 2000 17:41:34 +0100 (CET)
Date: Thu, 30 Nov 2000 17:44:44 +0100
From: Massimo Fubini <supermax@aexis-telecom.it>
X-Mailer: telnet host 25
X-Priority: 3 (Normal)
Message-ID: <16234962935.20001130174444@aexis-telecom.it>
To: Udo Erdelhoff <ue@nathan.ruhr.de>
Cc: freebsd-isp@FreeBSD.ORG, James Wyatt <jwyatt@rwsystems.net>
Subject: Re[2]: Drive Copy
In-reply-To: <20001130004855.M30886@nathan.ruhr.de>
References: <767440343.20001129142712@aexis-telecom.it>
<Pine.BSF.4.10.10011290844500.13585-100000@bsdie.rwsystems.net>
<20001130004855.M30886@nathan.ruhr.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hello Udo,
I want to thank you and all the other that gave detailed answer for
the question.
I said it was "easy" because I thought the original poster had to copy
two drive of the same size, and I did it to clone workstation. If the
disk size are the same, copying disks is not difficult. I have never
done it on disk of different size.
I'm sorry if someone got offended by the word "easy" for this stuff. I
didn't wont to be impolite....
--
Best regards,
Massimo
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 9:40:12 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from ns.tcworks.net (ns.tcworks.net [216.61.218.2])
by hub.freebsd.org (Postfix) with ESMTP id EFF1337B401
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 09:40:09 -0800 (PST)
Received: from tcworks.net (stuck.sticky.org [216.61.218.6])
by ns.tcworks.net (8.9.2/8.9.2) with ESMTP id LAA65812;
Thu, 30 Nov 2000 11:31:15 -0600 (CST)
(envelope-from ccook@tcworks.net)
Message-ID: <3A2690D8.BF01C7EE@tcworks.net>
Date: Thu, 30 Nov 2000 11:39:36 -0600
From: Chris Cook <ccook@tcworks.net>
X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Thomas Wahyudi <thomas@home.unpar.ac.id>
Cc: freebsd-isp@FreeBSD.ORG
Subject: Re: Drive Copy
References: <Pine.BSF.4.21.0011280816570.20388-100000@heorot.1nova.com> <005d01c05a79$72e31040$2904020a@unpar.ac.id>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Thomas Wahyudi wrote:
>
> hmm may be this trick will work ?
> we use ghost to create 30 Freebsd Xwindows workstation
> we just create image 1 HD and ghost it to another computer using muticast
> session provided by ghost
?? you ghost FFS filesystems?
--
Chris
o----< ccook@tcworks.net >------------------------------------o
|Chris Cook - Admin |TCWORKS.NET - http://www.tcworks.net |
|The Computer Works ISP |FreeBSD - http://www.freebsd.org |
o-------------------------------------------------------------o
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 9:44:17 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from gndrsh.dnsmgr.net (GndRsh.dnsmgr.net [198.145.92.4])
by hub.freebsd.org (Postfix) with ESMTP
id A520037B400; Thu, 30 Nov 2000 09:44:12 -0800 (PST)
Received: (from freebsd@localhost)
by gndrsh.dnsmgr.net (8.9.3/8.9.3) id JAA44928;
Thu, 30 Nov 2000 09:43:58 -0800 (PST)
(envelope-from freebsd)
From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
Message-Id: <200011301743.JAA44928@gndrsh.dnsmgr.net>
Subject: Re: Danger Ports
In-Reply-To: <Pine.BSF.4.21.0011292044170.36849-100000@flux.c-zone.net> from Dan Babb at "Nov 29, 2000 08:45:03 pm"
To: bdan@c-zone.net (Dan Babb)
Date: Thu, 30 Nov 2000 09:43:57 -0800 (PST)
Cc: jon_slivko@simphost.com (Jonathan M. Slivko),
freebsd-security@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL54 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Please do all the rest of us a favor and filter the
packets to reserved networks, not just from them.
> this is right out of the ACL for my core router..
>
> ! reserved networks
> access-list 110 deny ip 127.0.0.0 0.0.0.255 any log
> access-list 110 deny ip 10.0.0.0 0.255.255.255 any log
> access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
> access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
> access-list 110 deny ip 192.168.0.0 0.0.255.255 any log
access-list 110 deny ip any 127.0.0.0 0.0.0.255 log
access-list 110 deny ip any 10.0.0.0 0.255.255.255 log
access-list 110 deny ip any 172.16.0.0 0.15.255.255 log
access-list 110 deny ip any 172.31.0.0 0.0.255.255 log
access-list 110 deny ip any 192.168.0.0 0.0.255.255 log
--
Rod Grimes - KD7CAX @ CN85sl - (RWG25) rgrimes@gndrsh.dnsmgr.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 9:47:53 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from oasis.fireblue.com (oasis.fireblue.com [216.4.163.4])
by hub.freebsd.org (Postfix) with SMTP id 67A8C37B402
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 09:47:45 -0800 (PST)
Received: (qmail 23310 invoked by uid 1001); 30 Nov 2000 17:47:35 -0000
Date: Thu, 30 Nov 2000 19:47:35 +0200
From: Abraham vd Merwe <abz@frogfoot.net>
To: FreeBSD ISP Related Questions <freebsd-isp@freebsd.org>
Subject: Re: Danger Ports
Message-ID: <20001130194735.A23238@oasis.fireblue.com>
Mail-Followup-To: FreeBSD ISP Related Questions <freebsd-isp@freebsd.org>
References: <Pine.BSF.4.21.0011292044170.36849-100000@flux.c-zone.net> <200011301743.JAA44928@gndrsh.dnsmgr.net>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="WIyZ46R2i8wDzkSu"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <200011301743.JAA44928@gndrsh.dnsmgr.net>; from freebsd@gndrsh.dnsmgr.net on Thu, Nov 30, 2000 at 09:43:57 -0800
Organization: Frogfoot Networks
X-Operating-System: Debian GNU/Linux oasis 2.2.17 i686
X-GPG-Public-Key: http://oasis.frogfoot.net/keys/frogfoot.gpg
X-Uptime: 7:44pm up 4 days, 18:03, 9 users, load average: 0.00, 0.00, 0.00
X-Edited-With-Muttmode: muttmail.sl - 2000-11-20
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
--WIyZ46R2i8wDzkSu
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hi Rodney!
> Please do all the rest of us a favor and filter the
> packets to reserved networks, not just from them.
> =20
> > this is right out of the ACL for my core router..
> >=20
> > ! reserved networks =20
> > access-list 110 deny ip 127.0.0.0 0.0.0.255 any log
> > access-list 110 deny ip 10.0.0.0 0.255.255.255 any log
> > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
> > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
> > access-list 110 deny ip 192.168.0.0 0.0.255.255 any log
>=20
> access-list 110 deny ip any 127.0.0.0 0.0.0.255 log
> access-list 110 deny ip any 10.0.0.0 0.255.255.255 log
> access-list 110 deny ip any 172.16.0.0 0.15.255.255 log
> access-list 110 deny ip any 172.31.0.0 0.0.255.255 log
> access-list 110 deny ip any 192.168.0.0 0.0.255.255 log
Actually I have a more complete spoofing template for you:
!!
!! Spoofing ACL
!!
! Deny any packets from the RFC 1918, IANA reserved, test,
! multicast as a source, and loopback netblocks to block
! attacks from commonly spoofed IP addresses.
! All zero, all one
access-list 2000 deny ip 0.0.0.0 0.255.255.255 any
access-list 2000 deny ip host 255.255.255.255 any
! Claims it came from the inside network, yet arrives on the
! outside (read: Internet) interface. Do not use this if CEF
! has been configured to take care of spoofing.
access-list 2000 deny ip 216.4.163.0 0.0.0.63 any
access-list 2000 deny ip 216.4.162.104 0.0.0.7 any
access-list 2000 deny ip 216.5.193.128 0.0.0.7 any
access-list 2000 deny ip 216.5.193.160 0.0.0.3 any
! IANA reserved
access-list 2000 deny ip 1.0.0.0 0.255.255.255 any
access-list 2000 deny ip 2.0.0.0 0.255.255.255 any
! Loopback
access-list 2000 deny ip 127.0.0.0 0.255.255.255 any
! RFC 1918
access-list 2000 deny ip 10.0.0.0 0.255.255.255 any
access-list 2000 deny ip 192.168.0.0 0.0.255.255 any
access-list 2000 deny ip 172.16.0.0 0.15.255.255 any
! Link local reserved
access-list 2000 deny ip 169.254.0.0 0.0.255.255 any
! IANA example network
access-list 2000 deny ip 192.0.2.0 0.0.0.255 any
! Multicast
access-list 2000 deny ip 224.0.0.0 15.255.255.255 any
! Experimental
access-list 2000 deny ip 240.0.0.0 15.255.255.255 any
! Allow IP access to the intranet (firewall filters specific ports)
access-list 2000 permit ip any 216.4.163.0 0.0.0.63
access-list 2000 permit ip any 216.4.162.104 0.0.0.7
access-list 2000 permit ip any 216.5.193.128 0.0.0.7
access-list 2000 permit ip any 216.5.193.160 0.0.0.3
! Our explicit (read: logged) drop all rule
access-list 2000 deny any any
--=20
Regards
Abraham
Laws are like sausages. It's better not to see them being made.
-- Otto von Bismarck
___________________________________________________
Abraham vd Merwe [ZR1BBQ] - Frogfoot Networks
P.O. Box 3472, Matieland, Stellenbosch, 7602
Cell: +27 82 565 4451 - Tel: +27 21 887 8703
Http: http://www.frogfoot.net
Email: abz@frogfoot.net
--WIyZ46R2i8wDzkSu
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6JpK3V+L3lxo9wFURAmgfAJwIpASssV7L6dmzar/0HwQMfS1YpQCgklcL
/NKc6qj+99t2UMpwsi9OcSs=
=tAx9
-----END PGP SIGNATURE-----
--WIyZ46R2i8wDzkSu--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 10:14:42 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from sun2.siteone.net (ns2.site-one.com [209.246.218.67])
by hub.freebsd.org (Postfix) with ESMTP id 02D1D37B401
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 10:14:39 -0800 (PST)
Received: from David (wan104.siteone.net [209.246.218.40])
by sun2.siteone.net (8.9.3/8.9.3) with SMTP id NAA07744
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 13:15:18 -0500
From: "David Lawson" <dave@siteone.net>
To: <freebsd-isp@FreeBSD.ORG>
Subject: Email Monitoring
Date: Thu, 30 Nov 2000 13:14:52 -0500
Message-ID: <NEBBKOCAGLBGBAGEIHPIOEHACDAA.dave@siteone.net>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0057_01C05ACF.8694C240"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Importance: Normal
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
This is a multi-part message in MIME format.
------=_NextPart_000_0057_01C05ACF.8694C240
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
I have a client that would like to monitor all the incoming and outgoing
email for his business. Does anyone know of a way to do this. They will have
their own domain name.
David L. Lawson
Technical Support Manager
Partner Alliance Director
Site One Networks, Inc.
302-337-8800 Phone
800-354-5434 Toll Free
302-337-3915 Fax
------=_NextPart_000_0057_01C05ACF.8694C240
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 5.50.4522.1800" name=3DGENERATOR></HEAD>
<BODY>
<DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D190465917-30112000></SPAN></FONT></DIV><FONT face=3DArial =
size=3D2><SPAN=20
class=3D190465917-30112000>I have a client that would like to monitor =
all the=20
incoming and <U><STRONG>outgoing</STRONG></U> email for his business. =
Does=20
anyone know of a way to do this. They will have their own domain=20
name.</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D190465917-30112000></SPAN></FONT> </DIV>
<P><FONT size=3D2>David L. Lawson<BR>Technical Support =
Manager<BR>Partner Alliance=20
Director<BR>Site One Networks, Inc.<BR>302-337-8800 =
Phone<BR>800-354-5434 Toll=20
Free<BR>302-337-3915 Fax </FONT></P>
<DIV> </DIV></BODY></HTML>
------=_NextPart_000_0057_01C05ACF.8694C240--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 10:42:16 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from kira.epconline.net (kira.epconline.net [209.83.132.2])
by hub.freebsd.org (Postfix) with ESMTP id DD8F837B400
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 10:42:11 -0800 (PST)
Received: from therock (betterguard.epconline.net [209.83.132.193])
by kira.epconline.net (8.9.3/8.9.3) with SMTP id MAA75603
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 12:42:09 -0600 (CST)
From: "Chuck Rock" <carock@epconline.net>
To: <freebsd-isp@FreeBSD.ORG>
Subject: RE: Email Monitoring
Date: Thu, 30 Nov 2000 12:44:38 -0600
Message-ID: <002b01c05afd$97ede570$1805010a@epconline.net>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_002C_01C05ACB.4D537570"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
In-Reply-To: <NEBBKOCAGLBGBAGEIHPIOEHACDAA.dave@siteone.net>
Importance: Normal
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
This is a multi-part message in MIME format.
------=_NextPart_000_002C_01C05ACB.4D537570
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
You could set up an alias for each of their users so that incoming E-mail
goes to both the user and the administrator, but that doesn't cover outgoing
E-mail.
A Perl script to scan the mail log for each of your users that would run on
a nightly basis would be a way to monitor outgoing recipients, but actually
intercepting content of outgoing E-mail would require a separate application
to interface with Sendmail or some other mail server program you intend on
using.
My ideas,
Chuck
-----Original Message-----
From: owner-freebsd-isp@FreeBSD.ORG
[mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of David Lawson
Sent: Thursday, November 30, 2000 12:15 PM
To: freebsd-isp@FreeBSD.ORG
Subject: Email Monitoring
I have a client that would like to monitor all the incoming and outgoing
email for his business. Does anyone know of a way to do this. They will have
their own domain name.
David L. Lawson
Technical Support Manager
Partner Alliance Director
Site One Networks, Inc.
302-337-8800 Phone
800-354-5434 Toll Free
302-337-3915 Fax
------=_NextPart_000_002C_01C05ACB.4D537570
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.3103.1000" name=3DGENERATOR></HEAD>
<BODY>
<DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN =
class=3D47444018-30112000>You=20
could set up an alias for each of their users so that incoming E-mail =
goes to=20
both the user and the administrator, but that doesn't cover outgoing=20
E-mail.</SPAN></FONT></DIV>
<DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20
class=3D47444018-30112000></SPAN></FONT> </DIV>
<DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN =
class=3D47444018-30112000>A Perl=20
script to scan the mail log for each of your users that would run on a =
nightly=20
basis would be a way to monitor outgoing recipients, but actually =
intercepting=20
content of outgoing E-mail would require a separate application to =
interface=20
with Sendmail or some other mail server program you intend on=20
using.</SPAN></FONT></DIV>
<DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20
class=3D47444018-30112000></SPAN></FONT> </DIV>
<DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN =
class=3D47444018-30112000>My=20
ideas,</SPAN></FONT></DIV>
<DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20
class=3D47444018-30112000>Chuck</SPAN></FONT></DIV>
<BLOCKQUOTE=20
style=3D"BORDER-LEFT: #0000ff 2px solid; MARGIN-LEFT: 5px; MARGIN-RIGHT: =
0px; PADDING-LEFT: 5px">
<DIV class=3DOutlookMessageHeader><FONT face=3D"Times New Roman"=20
size=3D2>-----Original Message-----<BR><B>From:</B>=20
owner-freebsd-isp@FreeBSD.ORG =
[mailto:owner-freebsd-isp@FreeBSD.ORG]<B>On=20
Behalf Of</B> David Lawson<BR><B>Sent:</B> Thursday, November 30, 2000 =
12:15=20
PM<BR><B>To:</B> freebsd-isp@FreeBSD.ORG<BR><B>Subject:</B> Email=20
Monitoring<BR><BR></DIV></FONT>
<DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D190465917-30112000></SPAN></FONT></DIV><FONT face=3DArial =
size=3D2><SPAN=20
class=3D190465917-30112000>I have a client that would like to monitor =
all the=20
incoming and <U><STRONG>outgoing</STRONG></U> email for his business. =
Does=20
anyone know of a way to do this. They will have their own domain=20
name.</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D190465917-30112000></SPAN></FONT> </DIV>
<P><FONT size=3D2>David L. Lawson<BR>Technical Support =
Manager<BR>Partner=20
Alliance Director<BR>Site One Networks, Inc.<BR>302-337-8800=20
Phone<BR>800-354-5434 Toll Free<BR>302-337-3915 Fax </FONT></P>
<DIV> </DIV></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_002C_01C05ACB.4D537570--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 12:54:48 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from bsdie.rwsystems.net (bsdie.rwsystems.net [209.197.223.2])
by hub.freebsd.org (Postfix) with ESMTP id C9A8D37B401
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 12:54:46 -0800 (PST)
Received: from bsdie.rwsystems.net([209.197.223.2]) (1239 bytes) by bsdie.rwsystems.net
via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp
(sender: <jwyatt@rwsystems.net>)
id <m141ahX-000CDHC@bsdie.rwsystems.net>
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 14:53:07 -0600 (CST)
(Smail-3.2.0.111 2000-Feb-17 #1 built 2000-Jun-25)
Date: Thu, 30 Nov 2000 14:53:03 -0600 (CST)
From: James Wyatt <jwyatt@rwsystems.net>
To: David Lawson <dave@siteone.net>
Cc: freebsd-isp@FreeBSD.ORG
Subject: Re: Email Monitoring
In-Reply-To: <NEBBKOCAGLBGBAGEIHPIOEHACDAA.dave@siteone.net>
Message-ID: <Pine.BSF.4.10.10011301444510.23428-100000@bsdie.rwsystems.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Thu, 30 Nov 2000, David Lawson wrote:
> I have a client that would like to monitor all the incoming and outgoing
> email for his business. Does anyone know of a way to do this. They will have
> their own domain name.
Does "monitor" mean uptime/availability of the server, or an interception
of email traffic for monitoring or auditing? Monitoring is easy and
provided by several outside vendors. A logjam of outgoing email is usually
easy to spot by the building mail queue. Interception can be easier if you
don't allow *any* port 25 outbound connections and maybe the pop3 port.
3rd party Webmail is trickier, but you can block the domains via proxy.
Hope this helps - Jy@
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 12:57:18 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from alpha.simphost.com (unknown [216.253.163.10])
by hub.freebsd.org (Postfix) with ESMTP id B0C8637B400
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 12:57:15 -0800 (PST)
Received: by alpha.simphost.com (Postfix, from userid 1060)
id A106466B0A; Thu, 30 Nov 2000 13:57:26 -0700 (MST)
Received: from localhost (localhost [127.0.0.1])
by alpha.simphost.com (Postfix) with ESMTP
id 9C4A262D03; Thu, 30 Nov 2000 13:57:26 -0700 (MST)
Date: Thu, 30 Nov 2000 13:57:26 -0700 (MST)
From: "Jonathan M. Slivko" <jon_slivko@simphost.com>
To: James Wyatt <jwyatt@rwsystems.net>
Cc: David Lawson <dave@siteone.net>, freebsd-isp@FreeBSD.ORG
Subject: Re: Email Monitoring
In-Reply-To: <Pine.BSF.4.10.10011301444510.23428-100000@bsdie.rwsystems.net>
Message-ID: <Pine.BSF.4.21.0011301356220.43912-100000@alpha.simphost.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Please correct me if i'm wrong in assuming that the client would like to
log all his e-mail accounts for his review for inappropriate, non-buisness
e-mail, etc. If i'm not on the right track, please let me know.
----
Jonathan M. Slivko <jon_slivko@simphost.com>
Technical Support, CoreSync Corporation (http://www.coresync.net)
Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
Pager/Voicemail: (917) 388-5304
----
On Thu, 30 Nov 2000, James Wyatt wrote:
> On Thu, 30 Nov 2000, David Lawson wrote:
> > I have a client that would like to monitor all the incoming and outgoing
> > email for his business. Does anyone know of a way to do this. They will have
> > their own domain name.
>
> Does "monitor" mean uptime/availability of the server, or an interception
> of email traffic for monitoring or auditing? Monitoring is easy and
> provided by several outside vendors. A logjam of outgoing email is usually
> easy to spot by the building mail queue. Interception can be easier if you
> don't allow *any* port 25 outbound connections and maybe the pop3 port.
> 3rd party Webmail is trickier, but you can block the domains via proxy.
>
> Hope this helps - Jy@
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 12:59: 2 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.ruhr.de (in-ruhr3.ruhr.de [212.23.134.2])
by hub.freebsd.org (Postfix) with SMTP id D3E2337B698
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 12:58:59 -0800 (PST)
Received: (qmail 10873 invoked by alias); 30 Nov 2000 21:00:47 -0000
Received: (from ue@localhost)
by nathan.ruhr.de (8.11.0/8.11.0) id eAUJVLw66331
for freebsd-isp@freebsd.org; Thu, 30 Nov 2000 20:31:21 +0100 (CET)
(envelope-from ue)
Date: Thu, 30 Nov 2000 20:31:21 +0100
From: Udo Erdelhoff <ue@nathan.ruhr.de>
To: FreeBSD ISP Related Questions <freebsd-isp@freebsd.org>
Subject: Re: Danger Ports
Message-ID: <20001130203120.T30886@nathan.ruhr.de>
Mail-Followup-To: FreeBSD ISP Related Questions <freebsd-isp@freebsd.org>
References: <Pine.BSF.4.21.0011292044170.36849-100000@flux.c-zone.net> <200011301743.JAA44928@gndrsh.dnsmgr.net> <20001130194735.A23238@oasis.fireblue.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20001130194735.A23238@oasis.fireblue.com>; from abz@frogfoot.net on Thu, Nov 30, 2000 at 07:47:35PM +0200
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Thu, Nov 30, 2000 at 07:47:35PM +0200, Abraham vd Merwe wrote:
> ! IANA example network
> access-list 2000 deny ip 192.0.2.0 0.0.0.255 any
You may want to add
! SUN example network
access-list 2000 deny ip 192.9.200.0 0.0.0.255 any
This block is delegated to SUN and it's used as the example network within
the SunOS 4.0 documentation (those were the days). The docs contain the
following phrase:
"If you need a network for internal use only, you may use 192.9.200.* for
this purpose. This network belongs to SUN and it will never be routed to
the public networks"
(or words to that effect, it's been some time)
/s/Udo
--
"Good, bad, I'm the guy with the gun"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 14:12:40 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from blotto.phreak.net (blotto.phreak.net [207.250.188.230])
by hub.freebsd.org (Postfix) with ESMTP id 9CA8C37B400
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 14:12:37 -0800 (PST)
Received: from phreak.net (localhost.phreak.net [127.0.0.1])
by blotto.phreak.net (Postfix) with SMTP
id 8471E9EE01; Thu, 30 Nov 2000 16:09:07 -0600 (CST)
Received: from 207.250.66.46
(SquirrelMail authenticated user operator)
by mail.phreak.net with HTTP;
Thu, 30 Nov 2000 16:09:16 -0600 (CST)
Message-ID: <1655.207.250.66.46.975622156.squirrel@mail.phreak.net>
Date: Thu, 30 Nov 2000 16:09:16 -0600 (CST)
Subject: Re: Drive Copy
From: "Operator" <operator@phreak.net>
To: bv@bilver.wjv.com
In-Reply-To: <20001130110442.A16709@wjv.com>
References: <20001130110442.A16709@wjv.com>
Cc: freebsd-isp@freebsd.org
X-Mailer: SquirrelMail (version 0.5)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
> > Does anyone have bootable tape support on x86? The MakeSysB tape
> > generation on AIX boxes rocks. There also used to be a SCO-usable
> > product (CTar?) that made a tape and a boot floppy. Both worked well.
>
> Ctar was the original - Mike Schwartz as I recall - the company was
> Unitrends. It's still around but it's decendants BackupEdge from
> Microlite and Lone-Tar from Cactus are quite popular.
>
> Edge supports boot from tape on the new HPs. They don't support
> the FreeBSD market. Lone-Tar supports FreeBSD. How well I'm not
> sure as I haven't installed my copy - I need to get my tape drive
> fixed first. I have seen no vendor which supports bootable
> disaster recovery software under FreeBSD, though LoneTar and BRU
> have bootable recovery disks for Linux.
Funny you mention Unitrends software, they actually make a product
called Backup Professional ( http://www.unitrends.com/bp.html )
which supports x86 booting from floppy along with tons of
other neat features.
I was doing a lot of looking around for a package that'll let me
backup various platforms and from what I've found Backup Pro
is about the only one that'll deal with all my platforms.
I purchased the software, but as of yet haven't installed it since
I've been waiting my my library to show up (which did yesterday!)
so hopefully in the next little while I'll be able to give it a go
and see how it actually works..
If you're interested feel free to drop me an email and I'll keep
you in the loop..
Regards,
--
Operator
operator@phreak.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 14:31: 1 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mx01-a.netapp.com (unknown [198.95.226.53])
by hub.freebsd.org (Postfix) with ESMTP id C37D337B400
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 14:30:57 -0800 (PST)
Received: from frejya.corp.netapp.com (frejya.corp.netapp.com [10.10.20.91])
by mx01-a.netapp.com (8.11.0/8.11.0/NTAP-1.0) with ESMTP id eAUMTxJ19342;
Thu, 30 Nov 2000 14:30:00 -0800 (PST)
Received: from tooting.eng.netapp.com (localhost [127.0.0.1])
by frejya.corp.netapp.com (8.11.0/8.11.0/NTAP-1.1) with ESMTP id eAUMTdC12370;
Thu, 30 Nov 2000 14:29:55 -0800 (PST)
Received: (from guy@localhost)
by tooting.eng.netapp.com (8.8.8+Sun/8.8.8) id OAA16145;
Thu, 30 Nov 2000 14:29:26 -0800 (PST)
From: Guy Harris <guy@netapp.com>
Message-Id: <200011302229.OAA16145@tooting.eng.netapp.com>
Subject: Re: tcpdump & user-ppp/tunX. Ethereal ?
To: Stanley.Hopcroft@ipaustralia.gov.au
Date: Thu, 30 Nov 2000 14:29:26 -0800 (PST)
Cc: rowan@sensation.net.au, freebsd-isp@freebsd.org
X-Mailer: ELM [version 2.4ME++ PL59 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
> I am writing to say that ethereal (http://www.zing.org aka
> http://www.ethereal.com/) is a very nice seven layer packet decoder
> that may be suitable if you need nasty link layer stuff.
>
> There is a FreeBSD port of it, and while for my moneys worth, tcpdump
> with ASCII decode patches (he he),
Note that at least some ASCII display is done by the current version of
tcpdump in CVS - see
http://www.tcpdump.org/
(nightly snapshots of the CVS source are available from there as
tarballs). I forget whether the most recent tcpdump.org release (3.5.2)
has it or not.
As for the original question that started this thread:
The "-e" flag isn't a "show packet size" option, it's a "show the
link-level header" options; from the man page (this is the tcpdump 3.4
man page, but others should say the same thing):
-e Print the link-level header on each dump line.
At least in the FreeBSD 3.4 source, the "tun" devices register
themselves with BPF as DLT_NULL devices. Tcpdump 3.4's link-layer print
header for DLT_NULL does *nothing* if "-n" is specified, so the options
in the example:
velvet# tcpdump -qenli tun0
will cause "-e" to do nothing.
The *PPP* link-layer printer in the FreeBSD 3.4 source appears to print
a packet length, when "-e" is used, for "BSD/OS PPP", but you'd only see
that, I suspect, on, well, BSD/OS. I don't see any indication that it
would print the length on "standard" PPP, but I may have missed
something. For some other link-layers, e.g. Ethernet, the "-e" flag
does cause a link-layer header, plus the packet length, to be printed.
Another problem is that "tunX" devices being DLT_NULL will confuse
tcpdump if the link-layer header isn't 4 bytes of AF_ value specifying
the protocol used by the payload; if, for example, it's a PPP header,
tcpdump will probably get greatly confused in other ways.
A while ago, I put a hack into Ethereal to cause it not to trust that
DLT_NULL captures have an AF_ type as the link-layer header, and to
check for what appears to be a PPP header and, if it finds it, treat the
capture as a PPP capture.
If Ethereal, when capturing on a tunX device, reports the packet size
correctly, but tcpdump doesn't, that's probably the source of the
problem; tcpdump is probably just completely confused about the type of
packets it's seeing.
I still have a capture of that sort which I got when the
DLT_NULL-capture-with-PPP-header problem was reported on one of the
Ethereal mailing lists (that being what provoked the addition of the
aforementioned hack); I shall look into putting an equivalent hack into
tcpdump, sigh (it'd show up in the current CVS version).
(It might be Really Nice if there were, say, an "ioctl" that could be
done on "tunX" devices to set the DLT_ type of the device to something
other than DLT_NULL, and if programs using it for, say, user-mode PPP
set the DLT_ type appropriately.)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 15: 3:45 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from aurora.scoop.co.nz (aurora.scoop.co.nz [203.96.152.68])
by hub.freebsd.org (Postfix) with ESMTP
id 958EB37B400; Thu, 30 Nov 2000 15:03:36 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
by aurora.scoop.co.nz (8.9.3/8.9.3) with SMTP id MAA03519;
Fri, 1 Dec 2000 12:03:14 +1300 (NZDT)
Date: Fri, 1 Dec 2000 12:03:14 +1300 (NZDT)
From: Andrew McNaughton <andrew@scoop.co.nz>
Reply-To: andrew@scoop.co.nz
To: "Jonathan M. Slivko" <jon_slivko@simphost.com>
Cc: John Howie <JHowie@msn.com>, freebsd-security@FreeBSD.ORG,
freebsd-isp@FreeBSD.ORG
Subject: Re: Danger Ports
In-Reply-To: <Pine.BSF.4.21.0011291907110.79751-100000@alpha.simphost.com>
Message-ID: <Pine.BSF.3.96.1001201120137.3434A-100000@aurora.scoop.co.nz>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Back Orifice et al are only dangerous ports if you are listening to
those ports. Seems unlikely you'd do that under FreeBSD. You might want
to block packets to these ports on other machines of course, but that has
nothing to do with FreeBSD's security.
Andrew McNaughton
On Wed, 29 Nov 2000, Jonathan M. Slivko wrote:
> Date: Wed, 29 Nov 2000 19:08:09 -0700 (MST)
> From: "Jonathan M. Slivko" <jon_slivko@simphost.com>
> To: John Howie <JHowie@msn.com>
> Cc: freebsd-security@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG
> Subject: Re: Danger Ports
>
> I am referring to the Back Orifice, Trinoo server ports, etc. Where can I
> get my hands on a list of those port #'s? or are there any utilities that
> act as those servers and log all attempts in hopes of catching those users
> who will no doubt try and take advantage of an open system?
>
> ----
> Jonathan M. Slivko <jon_slivko@simphost.com>
> Technical Support, CoreSync Corporation (http://www.coresync.net)
> Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
> Pager/Voicemail: (917) 388-5304
> ----
>
> On Wed, 29 Nov 2000, John Howie wrote:
>
> > Jonathan,
> >
> > Rather than denying access to certain ports on your system, and allowing
> > access to the rest, you might find it easier to think in the reverse - What
> > ports do I need to leave open to outside (presumably Internet) users?
> >
> > The answer to that question depends on the needs of your outside users. You
> > will probably need to allow SSH access, and I would suggest that you get
> > users to use SCP instead of FTP (unless you have a public FTP site that
> > allows anonymous connections). You might also need to open up access to SMTP
> > and POP3 services for mail (while ensuring that your site can't be used as a
> > mail relay). DNS is another service that you might need to provide access
> > to.
> >
> > If users need access to so-called dangerous services such as X, printer,
> > NFS, NIS, SNMP, etc. then I would look for a VPN solution that brings them
> > into your network through the firewall and allows them to access these
> > services as an internal user.
> >
> > O'Reilly does a good book on Firewall Security, I suggest that you get it
> > and have a read. CERT also has a good document on packet filtering
> > (http://www.cert.org). Also, check the FreeBSD handbook or The Complete
> > FreeBSD for more information about setting up firewalls on FreeBSD systems.
> >
> > Hope this helps,
> >
> > john...
> >
> > ----- Original Message -----
> > From: "Jonathan M. Slivko" <jon_slivko@simphost.com>
> > To: <freebsd-security@freebsd.org>
> > Cc: <freebsd-isp@freebsd.org>
> > Sent: Wednesday, November 29, 2000 5:23 PM
> > Subject: Danger Ports
> >
> >
> > > Can someone tell me what are the "danger" ports on FreeBSD, ports that
> > > perhaps need to be blocked because they are insecure? I would like to know
> > > so in the future, I can prevent outside attacks and concentrate more on
> > > internal attacks, or "insider jobs" as they're called.
> > >
> > > ----
> > > Jonathan M. Slivko <jon_slivko@simphost.com>
> > > Technical Support, CoreSync Corporation (http://www.coresync.net)
> > > Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
> > > Pager/Voicemail: (917) 388-5304
> > > ----
> > >
> > >
> > >
> > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > with "unsubscribe freebsd-security" in the body of the message
> > >
> >
> >
> >
> >
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
--
Andrew McNaughton
Scoop Media Ltd
andrew@scoop.co.nz
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 15: 9:14 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from bilver.wjv.com (dhcp-1-89.n01.orldfl01.us.ra.verio.net [157.238.210.89])
by hub.freebsd.org (Postfix) with ESMTP id 6720E37B404
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 15:09:09 -0800 (PST)
Received: (from bill@localhost)
by bilver.wjv.com (8.9.3/8.9.3) id RAA19704
for freebsd-isp@freebsd.org; Thu, 30 Nov 2000 17:52:13 -0500 (EST)
(envelope-from bill)
Date: Thu, 30 Nov 2000 17:50:45 -0500
From: Bill Vermillion <bill@bilver.wjv.com>
To: freebsd-isp@freebsd.org
Subject: Re: Drive Copy
Message-ID: <20001130175044.B19547@wjv.com>
Reply-To: bv@bilver.wjv.com
References: <20001130110442.A16709@wjv.com> <1655.207.250.66.46.975622156.squirrel@mail.phreak.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <1655.207.250.66.46.975622156.squirrel@mail.phreak.net>; from operator@phreak.net on Thu, Nov 30, 2000 at 04:09:16PM -0600
Organization: W.J.Vermillion / Orlando - Winter Park
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Thu, Nov 30, 2000 at 04:09:16PM -0600, Operator thus spoke:
> > > Does anyone have bootable tape support on x86? The MakeSysB
> > > tape generation on AIX boxes rocks. There also used to be a
> > > SCO-usable product (CTar?) that made a tape and a boot floppy.
> > > Both worked well.
> > Ctar was the original - Mike Schwartz as I recall - the company was
> > Unitrends. It's still around but it's decendants BackupEdge from
> > Microlite and Lone-Tar from Cactus are quite popular.
> > Edge supports boot from tape on the new HPs. They don't support
> > the FreeBSD market. Lone-Tar supports FreeBSD. How well I'm not
> > sure as I haven't installed my copy - I need to get my tape drive
> > fixed first. I have seen no vendor which supports bootable
> > disaster recovery software under FreeBSD, though LoneTar and BRU
> > have bootable recovery disks for Linux.
> Funny you mention Unitrends software, they actually make a product
> called Backup Professional ( http://www.unitrends.com/bp.html )
> which supports x86 booting from floppy along with tons of
> other neat features.
Well not really funny if you know the history. About 2 years ago I
lent Steve [on the net of course] and SGI Indy he could compile
the latest SGI version of Lone-Tar. Are you saying the the BP from
Unitrends supports floppy boot recovery for BSD? All three of the
programs support the 'mainstream' Unix systems and an emergency
boot floppy for many of them.
> I was doing a lot of looking around for a package that'll let me
> backup various platforms and from what I've found Backup Pro
> is about the only one that'll deal with all my platforms.
In that case I'll bet Cactus has most of those too because Steve
[at Unitrends] and Jeff [at cactus.com - aka LoneTar] work closely
together.
> If you're interested feel free to drop me an email and I'll keep
> you in the loop..
Not really neccesary since I know the people involved at the three
based on the original Ctar. I've only corresponded by mail with
XXX at BRU. Up until about 3 years ago I supported many small
business machines, primarily on SCO, and one of the products is
always on any machines I support. One client thought the price was
a bit stiff, until I had to reload is SCO on his AT&T/Olivettie
three times - because it turned out a flaky controller or
motherboard. Bizarre machine with far too many daughter cards.
Stick in the floppy - and 5 minutes later be loading from tape.
He also was there when I did the first raw install and he saw that
the price [$300 as I recall] more than paid for itself. All the
machine are also running bit-level verifies to a bit by bit compare
of tape contents with what is on the hard drive after the backup.
Don't see an error that way often, but everyone once in a while a
bit get corrupted somewhere along the line. Nice to know it
immediately after backup instead of when you need the tape.
--
Bill Vermillion - bv @ wjv . com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 16:14:17 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from sun2.siteone.net (ns2.site-one.com [209.246.218.67])
by hub.freebsd.org (Postfix) with ESMTP id 35E6537B400
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 16:14:10 -0800 (PST)
Received: from David (wan104.siteone.net [209.246.218.40])
by sun2.siteone.net (8.9.3/8.9.3) with SMTP id TAA20692;
Thu, 30 Nov 2000 19:14:46 -0500
From: "David Lawson" <dave@siteone.net>
To: <freebsd-isp@FreeBSD.ORG>
Cc: <jwyatt@rwsystems.net>,
"Jonathan M. Slivko" <jon_slivko@simphost.com>
Subject: RE: Email Monitoring
Date: Thu, 30 Nov 2000 19:14:16 -0500
Message-ID: <NEBBKOCAGLBGBAGEIHPIMEHECDAA.dave@siteone.net>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
In-Reply-To: <Pine.BSF.4.21.0011301356220.43912-100000@alpha.simphost.com>
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
My client wants to intercept his employees email traffic for monitoring and
auditing. He wants to make sure the email is not being used for personal use
and he also wants to make sure that his employees are not making promises to
customers that they can't keep. I'm not sure what type of business it is but
they exchange allot of sensitive material.
David L. Lawson
Technical Support Manager
Partner Alliance Director
Site One Networks, Inc.
302-337-8800 Phone
800-354-5434 Toll Free
302-337-3915 Fax
-----Original Message-----
From: owner-freebsd-isp@FreeBSD.ORG
[mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jonathan M. Slivko
Sent: Thursday, November 30, 2000 3:57 PM
To: James Wyatt
Cc: David Lawson; freebsd-isp@FreeBSD.ORG
Subject: Re: Email Monitoring
Please correct me if i'm wrong in assuming that the client would like to
log all his e-mail accounts for his review for inappropriate, non-buisness
e-mail, etc. If i'm not on the right track, please let me know.
----
Jonathan M. Slivko <jon_slivko@simphost.com>
Technical Support, CoreSync Corporation (http://www.coresync.net)
Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
Pager/Voicemail: (917) 388-5304
----
On Thu, 30 Nov 2000, James Wyatt wrote:
> On Thu, 30 Nov 2000, David Lawson wrote:
> > I have a client that would like to monitor all the incoming and outgoing
> > email for his business. Does anyone know of a way to do this. They will
have
> > their own domain name.
>
> Does "monitor" mean uptime/availability of the server, or an interception
> of email traffic for monitoring or auditing? Monitoring is easy and
> provided by several outside vendors. A logjam of outgoing email is usually
> easy to spot by the building mail queue. Interception can be easier if you
> don't allow *any* port 25 outbound connections and maybe the pop3 port.
> 3rd party Webmail is trickier, but you can block the domains via proxy.
>
> Hope this helps - Jy@
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 16:21:39 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from axis.tdd.lt (axis.tdd.lt [193.219.211.5])
by hub.freebsd.org (Postfix) with ESMTP id 9975E37B400
for <freebsd-isp@freebsd.org>; Thu, 30 Nov 2000 16:21:35 -0800 (PST)
Received: from localhost (midom@localhost)
by axis.tdd.lt (8.11.1/8.11.1) with ESMTP id eB10LW489798
for <freebsd-isp@freebsd.org>; Fri, 1 Dec 2000 02:21:32 +0200 (EET)
Date: Fri, 1 Dec 2000 02:21:32 +0200 (EET)
From: Domas Mituzas <domas.mituzas@delfi.lt>
X-Sender: midom@axis.tdd.lt
To: freebsd-isp@freebsd.org
Subject: Re: Email Monitoring
In-Reply-To: <NEBBKOCAGLBGBAGEIHPIOEHACDAA.dave@siteone.net>
Message-ID: <Pine.BSF.4.21.0011302029010.44306-100000@axis.tdd.lt>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hi,
> I have a client that would like to monitor all the incoming and outgoing
> email for his business. Does anyone know of a way to do this. They will have
> their own domain name.
I have experience in sendmail/qmail, and I find that both systems allow
logging all incoming/outgoing email (qmail after recompile has special
handler). All those questions are described in FAQ's of theese
products. Moreover, you should also redirect all outgoing smtp traffic to
the smarthost (all modern firewalling systems may do that). And, don't
forget the submission capability on sendmail (it opens another port, you'd
care about that).
--
Domas
sysadmin, delfi.lt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 16:31:48 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from ns1.walls-media.com (ns1.walls-media.com [206.166.197.1])
by hub.freebsd.org (Postfix) with ESMTP id 2F61937B400
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 16:31:42 -0800 (PST)
Received: from ntwksbry ([206.166.197.58]) by ns1.walls-media.com
(Post.Office MTA Undefined release Undefined
ID# 0-67172U100L2S100V35) with SMTP id com;
Thu, 30 Nov 2000 18:31:02 -0600
From: "Bryan Bunch" <bryanb@walls-media.com>
To: "David Lawson" <dave@siteone.net>, <freebsd-isp@FreeBSD.ORG>
Subject: RE: Email Monitoring
Date: Thu, 30 Nov 2000 18:31:35 -0600
Message-ID: <NCBBKADAOJFBCBLNLMILGEDLDKAA.bryanb@walls-media.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
In-Reply-To: <NEBBKOCAGLBGBAGEIHPIMEHECDAA.dave@siteone.net>
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.3018.1300
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Procmail is a good tool to forward incoming email to multiple boxes. See:
http://www.ling.helsinki.fi/users/reriksso/procmail/mini-faq.html#forward-copy
(Sorry if the above wrapped)
and
http://www.procmail.org
Found in the ports tree under /ports/mail/procmail/
Bryan
> -----Original Message-----
> From: owner-freebsd-isp@FreeBSD.ORG
> [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of David Lawson
> Sent: Thursday, November 30, 2000 6:14 PM
> To: freebsd-isp@FreeBSD.ORG
> Cc: jwyatt@rwsystems.net; Jonathan M. Slivko
> Subject: RE: Email Monitoring
>
>
> My client wants to intercept his employees email traffic for monitoring and
> auditing. He wants to make sure the email is not being used for personal use
> and he also wants to make sure that his employees are not making promises to
> customers that they can't keep. I'm not sure what type of business it is but
> they exchange allot of sensitive material.
>
>
>
> David L. Lawson
> Technical Support Manager
> Partner Alliance Director
> Site One Networks, Inc.
> 302-337-8800 Phone
> 800-354-5434 Toll Free
> 302-337-3915 Fax
>
> -----Original Message-----
> From: owner-freebsd-isp@FreeBSD.ORG
> [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jonathan M. Slivko
> Sent: Thursday, November 30, 2000 3:57 PM
> To: James Wyatt
> Cc: David Lawson; freebsd-isp@FreeBSD.ORG
> Subject: Re: Email Monitoring
>
>
> Please correct me if i'm wrong in assuming that the client would like to
> log all his e-mail accounts for his review for inappropriate, non-buisness
> e-mail, etc. If i'm not on the right track, please let me know.
>
> ----
> Jonathan M. Slivko <jon_slivko@simphost.com>
> Technical Support, CoreSync Corporation (http://www.coresync.net)
> Team Leader, SecureIRC Project (http://secureirc.sourceforge.net)
> Pager/Voicemail: (917) 388-5304
> ----
>
> On Thu, 30 Nov 2000, James Wyatt wrote:
>
> > On Thu, 30 Nov 2000, David Lawson wrote:
> > > I have a client that would like to monitor all the incoming and outgoing
> > > email for his business. Does anyone know of a way to do this. They will
> have
> > > their own domain name.
> >
> > Does "monitor" mean uptime/availability of the server, or an interception
> > of email traffic for monitoring or auditing? Monitoring is easy and
> > provided by several outside vendors. A logjam of outgoing email is usually
> > easy to spot by the building mail queue. Interception can be easier if you
> > don't allow *any* port 25 outbound connections and maybe the pop3 port.
> > 3rd party Webmail is trickier, but you can block the domains via proxy.
> >
> > Hope this helps - Jy@
> >
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-isp" in the body of the message
> >
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 17:47:22 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from metva.com.au (metva.com.au [202.0.82.1])
by hub.freebsd.org (Postfix) with ESMTP id 73CE537B400
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 17:47:17 -0800 (PST)
Received: (from enno@localhost) by metva.com.au id MAA14864 for freebsd-isp@FreeBSD.ORG; Fri, 1 Dec 2000 12:47:00 +1100 (EST)
From: Enno Davids <enno.davids@metva.com.au>
Message-Id: <200012010147.MAA14864@metva.com.au>
Subject: Re: Email Monitoring
To: freebsd-isp@FreeBSD.ORG
Date: Fri, 1 Dec 2000 12:47:00 +1100 (EST)
X-Mailer: ELM [version 2.4ME+ PL39 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
| You could set up an alias for each of their users so that incoming E-mail
| goes to both the user and the administrator, but that doesn't cover outgoing
| E-mail.
|
| A Perl script to scan the mail log for each of your users that would run on
| a nightly basis would be a way to monitor outgoing recipients, but actually
| intercepting content of outgoing E-mail would require a separate application
| to interface with Sendmail or some other mail server program you intend on
| using.
You can do this with SMTPD if you want. If you don't know it SMTPD is,
primarily aimed at people who want to get away from the sendmail bug of the
month club (which is admittedly much less of a problem now than some years
back). It also has good control over non-relaying and who gets to use your
service.
The idea is to have an inet spawned service which does SMTP _only_ and saves
to a chrooted spool area. A delivery daemon picks up the spooled email and
drops it in your real mailer for delivery (i.e. you can still use sendmail
and its great flexibility to do delivery for you).
For this purpose though it pays to know that the delivery can be made
through an arbitrary mailer program (but one which supports a small subset
of sendmail's command line arguments and has similar return codes is easiest).
This means you can write a script which copies out those emails from the client
being monitored and then does delivery and substitute it for the straight
call to /usr/lib/sendmail. You may need to recompile to change the delivery
agent though.
Enno.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 20:54:58 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from bsdie.rwsystems.net (bsdie.rwsystems.net [209.197.223.2])
by hub.freebsd.org (Postfix) with ESMTP id 7E12E37B400
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 20:54:56 -0800 (PST)
Received: from bsdie.rwsystems.net([209.197.223.2]) (1528 bytes) by bsdie.rwsystems.net
via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp
(sender: <jwyatt@rwsystems.net>)
id <m141iDD-000CE4C@bsdie.rwsystems.net>
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 22:54:19 -0600 (CST)
(Smail-3.2.0.111 2000-Feb-17 #1 built 2000-Jun-25)
Date: Thu, 30 Nov 2000 22:54:08 -0600 (CST)
From: James Wyatt <jwyatt@rwsystems.net>
To: David Lawson <dave@siteone.net>
Cc: freebsd-isp@FreeBSD.ORG,
"Jonathan M. Slivko" <jon_slivko@simphost.com>
Subject: RE: Email Monitoring
In-Reply-To: <NEBBKOCAGLBGBAGEIHPIMEHECDAA.dave@siteone.net>
Message-ID: <Pine.BSF.4.10.10011302247410.42770-100000@bsdie.rwsystems.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Thu, 30 Nov 2000, David Lawson wrote:
> My client wants to intercept his employees email traffic for monitoring and
> auditing. He wants to make sure the email is not being used for personal use
> and he also wants to make sure that his employees are not making promises to
> customers that they can't keep. I'm not sure what type of business it is but
> they exchange allot of sensitive material.
Then ensure they talk to their counsel about a document retention policy
and set expiration dates. While I can't say I have a customer doing this
via a holding queue and some scripting, it doesn't mean I don't. (^_^) The
amount of data this can generate can be considerable, but it is a great
way to search attachments when you hear of a new virus and you can make
daily nuggets as gzipped-tarballs with a script that will also delete them
after 30-90 days. But we digress from FreeBSD - Jy@
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 21: 4:14 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.westbend.net (ns1.westbend.net [209.224.254.131])
by hub.freebsd.org (Postfix) with ESMTP id 59DC537B400
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 21:04:11 -0800 (PST)
Received: from admin.westbend.net (admin.westbend.net [209.224.254.141])
(authenticated)
by mail.westbend.net (8.11.1/8.11.1) with ESMTP id eB1546d90841;
Thu, 30 Nov 2000 23:04:07 -0600 (CST)
(envelope-from hetzels@westbend.net)
Message-ID: <00ae01c05b54$1f20d600$8dfee0d1@westbend.net>
From: "Scot W. Hetzel" <hetzels@westbend.net>
To: "InvictaNet Customer Support" <support@invictanet.co.uk>,
"Freebsd-ISP" <freebsd-isp@FreeBSD.ORG>
References: <NDBBKODAOKAJLGIOGBIAEECFDBAA.support@invictanet.co.uk>
Subject: Re: sendmail 8.11.1 and cyrus sasl
Date: Thu, 30 Nov 2000 23:04:01 -0600
Organization: West Bend Interent
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
From: "InvictaNet Customer Support" <support@invictanet.co.uk>
> I am slowly getting somewhere with my "AUTH" problem. I have now
discovered
> that it is a method thing.
>
> Using Eudora as the client, the AUTH works fine so it is b....y Microsoft
> that is causing the problem. PLAIN seems to be working ok, it is LOGIN
that
> is not available.
>
> The list of clients by Alexey Melnikov.
> http://www.sendmail.org/~ca/email/mel/SASL_ClientRef.html shows that
> Outlook only supports LOGIN (from my list of availables).
>
> Any suggestions??
>
Do you have the following in your sendmail.mc file?
TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
define(`confAUTH_MECHANISMS',`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
Try telneting to the smtp port of your server, you should get a response as
shown below:
mail# telnet mail 25
Trying 209.224.254.131...
Connected to mail.westbend.net.
Escape character is '^]'.
220 mail.westbend.net ESMTP Sendmail 8.11.1/8.11.1; Thu, 30 Nov 2000
20:18:40 -0600 (CST)
Enter "ehlo <servername>"
ehlo mail
250-mail.westbend.net Hello ns1.westbend.net [209.224.254.131], pleased to
meet you
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-SIZE
250-DSN
250-ONEX
250-ETRN
250-XUSR
250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250 HELP
If your not getting LOGIN, then check /usr/local/lib/sasl for liblogin.so.
If this file doesn't exist, did you configure the SASL sources with
"--enable-login". The security/cyrus-sasl enables LOGIN by default, did you
use the port?
Also, the port installs the sasldb file as cyrus:mail, you need to change it
to cyrus:wheel, otherwise the maillog will show:
safesasl(/usr/local/etc/sasldb.db) failed: Permission denied
Does anyone know how to get sendmail to run as group mail, instead of group
wheel? I tried adding root to the mail group but that didn't work.
Scot
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 22:16:45 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82])
by hub.freebsd.org (Postfix) with ESMTP
id 3928037B400; Thu, 30 Nov 2000 22:16:42 -0800 (PST)
Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19);
Thu, 30 Nov 2000 22:15:05 -0800
Received: (from cjc@localhost)
by 149.211.6.64.reflexcom.com (8.11.0/8.11.0) id eB16GVh13992;
Thu, 30 Nov 2000 22:16:31 -0800 (PST)
(envelope-from cjc)
Date: Thu, 30 Nov 2000 22:16:31 -0800
From: "Crist J . Clark" <cjclark@reflexnet.net>
To: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
Cc: Dan Babb <bdan@c-zone.net>,
"Jonathan M. Slivko" <jon_slivko@simphost.com>,
freebsd-security@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG
Subject: Re: Danger Ports
Message-ID: <20001130221631.E99903@149.211.6.64.reflexcom.com>
Reply-To: cjclark@alum.mit.edu
References: <Pine.BSF.4.21.0011292044170.36849-100000@flux.c-zone.net> <200011301743.JAA44928@gndrsh.dnsmgr.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <200011301743.JAA44928@gndrsh.dnsmgr.net>; from freebsd@gndrsh.dnsmgr.net on Thu, Nov 30, 2000 at 09:43:57AM -0800
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Thu, Nov 30, 2000 at 09:43:57AM -0800, Rodney W. Grimes wrote:
[snip]
> > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
> > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
> access-list 110 deny ip any 172.16.0.0 0.15.255.255 log
> access-list 110 deny ip any 172.31.0.0 0.0.255.255 log
Is it me? Isn't the second network in each a subset of the first?
--
Crist J. Clark cjclark@alum.mit.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 22:24: 5 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from gndrsh.dnsmgr.net (GndRsh.dnsmgr.net [198.145.92.4])
by hub.freebsd.org (Postfix) with ESMTP
id 08EC237B400; Thu, 30 Nov 2000 22:24:00 -0800 (PST)
Received: (from freebsd@localhost)
by gndrsh.dnsmgr.net (8.9.3/8.9.3) id WAA46764;
Thu, 30 Nov 2000 22:23:33 -0800 (PST)
(envelope-from freebsd)
From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
Message-Id: <200012010623.WAA46764@gndrsh.dnsmgr.net>
Subject: Re: Danger Ports
In-Reply-To: <20001130221631.E99903@149.211.6.64.reflexcom.com> from "Crist J . Clark" at "Nov 30, 2000 10:16:31 pm"
To: cjclark@alum.mit.edu
Date: Thu, 30 Nov 2000 22:23:33 -0800 (PST)
Cc: bdan@c-zone.net (Dan Babb),
jon_slivko@simphost.com (Jonathan M. Slivko),
freebsd-security@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL54 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
> On Thu, Nov 30, 2000 at 09:43:57AM -0800, Rodney W. Grimes wrote:
>
> [snip]
>
> > > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
> > > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
>
> > access-list 110 deny ip any 172.16.0.0 0.15.255.255 log
> > access-list 110 deny ip any 172.31.0.0 0.0.255.255 log
>
> Is it me? Isn't the second network in each a subset of the first?
Whooopss... I didn't even read the access-list that close, and your
right the 172.31.0.0 is infact a subset of the 172.16.0.0 rule.
--
Rod Grimes - KD7CAX @ CN85sl - (RWG25) rgrimes@gndrsh.dnsmgr.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 22:26:42 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.sheltonbbs.com (unknown [206.196.109.2])
by hub.freebsd.org (Postfix) with SMTP id 5920837B400
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 22:26:39 -0800 (PST)
Received: (qmail 14645 invoked from network); 1 Dec 2000 06:44:00 -0000
Received: from systemadmin.sheltonbbs.com (63.102.143.76)
by mail.sheltonbbs.com with SMTP; 1 Dec 2000 06:44:00 -0000
Date: Fri, 1 Dec 2000 00:25:58 -0600 (CST)
From: Butch Evans <butch@sheltonbbs.com>
X-Sender: root@systemadmin.sheltonbbs.com
To: Freebsd-ISP <freebsd-isp@FreeBSD.ORG>
Subject: Re: Danger Ports
In-Reply-To: <20001130221631.E99903@149.211.6.64.reflexcom.com>
Message-ID: <Pine.BSF.4.21.0012010022400.34557-100000@systemadmin.sheltonbbs.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Thu, 30 Nov 2000, Crist J . Clark wrote:
> On Thu, Nov 30, 2000 at 09:43:57AM -0800, Rodney W. Grimes wrote:
>
> [snip]
>
> > > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
> > > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
>
> > access-list 110 deny ip any 172.16.0.0 0.15.255.255 log
> > access-list 110 deny ip any 172.31.0.0 0.0.255.255 log
>
> Is it me? Isn't the second network in each a subset of the first?
>
I am not sure what you mean, but you read the access list as:
access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
^^^^^^^^^^^^^^^^^^^^^^ ^
From To
access-list 110 deny ip any 172.16.0.0 0.15.255.255 log
^^^ ^^^^^^^^^^^^^^^^^^^^^^
From To
See the difference?
--
Butch Evans
Shelton Internet
Network Admin
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Thu Nov 30 22:29: 8 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.sheltonbbs.com (unknown [206.196.109.2])
by hub.freebsd.org (Postfix) with SMTP id 4D2BA37B400
for <freebsd-isp@FreeBSD.ORG>; Thu, 30 Nov 2000 22:29:06 -0800 (PST)
Received: (qmail 15608 invoked from network); 1 Dec 2000 06:46:27 -0000
Received: from systemadmin.sheltonbbs.com (63.102.143.76)
by mail.sheltonbbs.com with SMTP; 1 Dec 2000 06:46:27 -0000
Date: Fri, 1 Dec 2000 00:28:25 -0600 (CST)
From: Butch Evans <butch@sheltonbbs.com>
X-Sender: root@systemadmin.sheltonbbs.com
To: Freebsd-ISP <freebsd-isp@FreeBSD.ORG>
Subject: Re: Danger Ports
In-Reply-To: <20001130221631.E99903@149.211.6.64.reflexcom.com>
Message-ID: <Pine.BSF.4.21.0012010027360.34557-100000@systemadmin.sheltonbbs.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Thu, 30 Nov 2000, Crist J . Clark wrote:
>
> > > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
> > > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
>
> > access-list 110 deny ip any 172.16.0.0 0.15.255.255 log
> > access-list 110 deny ip any 172.31.0.0 0.0.255.255 log
>
> Is it me? Isn't the second network in each a subset of the first?
>
Now that I re-read your question, I see what you are saying...You are
correct.
--
Butch Evans
Shelton Internet
Network Admin
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Fri Dec 1 3: 1: 2 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from newcolo.invictanet.co.uk (unknown [62.232.63.118])
by hub.freebsd.org (Postfix) with ESMTP id 9B74837B402
for <freebsd-isp@FreeBSD.ORG>; Fri, 1 Dec 2000 03:00:58 -0800 (PST)
Received: from harryhome (modem273.netkonect.net [194.164.14.19])
(authenticated)
by newcolo.invictanet.co.uk (8.11.1/8.11.1) with ESMTP id eB1B1RP37161;
Fri, 1 Dec 2000 11:01:32 GMT
From: "InvictaNet Customer Support" <support@invictanet.co.uk>
To: "Scot W. Hetzel" <hetzels@westbend.net>
Cc: "Freebsd-ISP" <freebsd-isp@FreeBSD.ORG>
Subject: RE: sendmail 8.11.1 and cyrus sasl
Date: Fri, 1 Dec 2000 11:00:42 -0000
Message-ID: <NDBBKODAOKAJLGIOGBIAEEDGDBAA.support@invictanet.co.uk>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
In-Reply-To: <00ae01c05b54$1f20d600$8dfee0d1@westbend.net>
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
If all else fails, RTFM.
Or in my case, configure.
In there, as plain as plain can be ....--enable-login.
Doh!
Martyn Routley
-----------------------------------------------------
InvictaNet - The Internet in Plain English, Guaranteed
http://www.invictanet.co.uk
mailto:info@invictanet.co.uk
phone: 0870 7402252
fax: +44 (0)1233 334001
------------------------------------------------------
-----Original Message-----
From: owner-freebsd-isp@FreeBSD.ORG
[mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Scot W. Hetzel
Sent: Friday, December 01, 2000 5:04 AM
To: InvictaNet Customer Support; Freebsd-ISP
Subject: Re: sendmail 8.11.1 and cyrus sasl
If your not getting LOGIN, then check /usr/local/lib/sasl for liblogin.so.
If this file doesn't exist, did you configure the SASL sources with
"--enable-login". The security/cyrus-sasl enables LOGIN by default, did you
use the port?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Fri Dec 1 3:39:56 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.lawforum.co.za (unknown [196.25.141.38])
by hub.freebsd.org (Postfix) with ESMTP id A350037B400
for <freebsd-isp@freebsd.org>; Fri, 1 Dec 2000 03:39:52 -0800 (PST)
Received: from nobody by mail.lawforum.co.za with scanned_ok (Exim 3.02 #1)
id 141oWU-0008FF-00
for freebsd-isp@freebsd.org; Fri, 01 Dec 2000 13:38:38 +0200
Received: from rip by mail.lawforum.co.za with local (Exim 3.02 #1)
id 141oVu-0008EZ-00; Fri, 01 Dec 2000 13:38:02 +0200
Date: Fri, 1 Dec 2000 13:38:02 +0200
From: "R.I.Pienaar" <rip@pinetec.co.za>
To: James Wyatt <jwyatt@rwsystems.net>
Cc: David Lawson <dave@siteone.net>, freebsd-isp@FreeBSD.ORG,
"Jonathan M. Slivko" <jon_slivko@simphost.com>
Subject: Re: Email Monitoring
Message-ID: <20001201133802.Y4646@pinetec.co.za>
References: <NEBBKOCAGLBGBAGEIHPIMEHECDAA.dave@siteone.net> <Pine.BSF.4.10.10011302247410.42770-100000@bsdie.rwsystems.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0.1i
In-Reply-To: <Pine.BSF.4.10.10011302247410.42770-100000@bsdie.rwsystems.net>; from jwyatt@rwsystems.net on Thu, Nov 30, 2000 at 10:54:08PM -0600
X-Checked: This message has been scanned for any virusses and unauthorized attachments.
X-iScan: Version $Id: iScan,v 1.21 2000/09/23 16:25:21 rip Exp $
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
hi,
doing this is pretty easy if you use exim as a mail server, I have written
antivirus software that intercepts mail being sent in and routed through the
server, you can do pretty much anything with mail in this fashion, it does add
a bit of overhead (each mail gets handled twice and calls the script) but if
your code is well optimised it doesnt have a huge impact, how much mail goes
through your clients machines?
On Thu Nov 30, 2000 at 10:54:08PM -0600, James Wyatt wrote:
> On Thu, 30 Nov 2000, David Lawson wrote:
> > My client wants to intercept his employees email traffic for monitoring and
> > auditing. He wants to make sure the email is not being used for personal use
> > and he also wants to make sure that his employees are not making promises to
> > customers that they can't keep. I'm not sure what type of business it is but
> > they exchange allot of sensitive material.
>
> Then ensure they talk to their counsel about a document retention policy
> and set expiration dates. While I can't say I have a customer doing this
> via a holding queue and some scripting, it doesn't mean I don't. (^_^) The
> amount of data this can generate can be considerable, but it is a great
> way to search attachments when you hear of a new virus and you can make
> daily nuggets as gzipped-tarballs with a script that will also delete them
> after 30-90 days. But we digress from FreeBSD - Jy@
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>
--
R.I. Pienaar rip@pinetec.co.za
"Let us gather hallucinations from our private minds
Let us witness the reincarnation of the Sun"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Fri Dec 1 8: 6: 8 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from relay1.sfo.com (relay1.sfo.com [209.159.128.250])
by hub.freebsd.org (Postfix) with ESMTP id 94EBD37B401
for <freebsd-isp@FreeBSD.ORG>; Fri, 1 Dec 2000 08:06:04 -0800 (PST)
Received: from valerie.sfo.com (valerie.sfo.com [209.159.128.66] (may be forged))
by relay1.sfo.com (8.9.2/8.9.2/SFO.r.04) with ESMTP id IAA07938
for <freebsd-isp@FreeBSD.ORG>; Fri, 1 Dec 2000 08:06:04 -0800 (PST)
Message-Id: <5.0.0.25.2.20001201075130.085f1460@pop.sfo.com>
X-Sender: sommers@pop.sfo.com
X-Mailer: QUALCOMM Windows Eudora Version 5.0
Date: Fri, 01 Dec 2000 08:05:38 -0800
To: freebsd-isp@FreeBSD.ORG
From: William Sommers <sommers@sfo.com>
Subject: Re: Danger Ports
In-Reply-To: <Pine.BSF.4.21.0012010027360.34557-100000@systemadmin.shelt
onbbs.com>
References: <20001130221631.E99903@149.211.6.64.reflexcom.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
At 12:28 AM 12/1/00 -0600, Butch Evans wrote:
>> > > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
>> > > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
>>
>> > access-list 110 deny ip any 172.16.0.0 0.15.255.255 log
>> > access-list 110 deny ip any 172.31.0.0 0.0.255.255 log
>>
>> Is it me? Isn't the second network in each a subset of the first?
>>
> Now that I re-read your question, I see what you are saying...You are
> correct.
Um, unless I'm not yet fully caffeinated:
172.16.0.0 0.15.255.255 matches 176.16.0.0 - 176.30.255.255
172.31.0.0 0.0.255.255 matches 176.31.0.0 - 176.31.255.255
No overlap at all.
-wfs
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Fri Dec 1 8: 9:29 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162])
by hub.freebsd.org (Postfix) with SMTP id 594E437B400
for <freebsd-isp@FreeBSD.ORG>; Fri, 1 Dec 2000 08:09:25 -0800 (PST)
Received: (qmail 62272 invoked by uid 1001); 1 Dec 2000 16:09:22 +0000 (GMT)
To: sommers@sfo.com
Cc: freebsd-isp@FreeBSD.ORG
Subject: Re: Danger Ports
From: sthaug@nethelp.no
In-Reply-To: Your message of "Fri, 01 Dec 2000 08:05:38 -0800"
References: <5.0.0.25.2.20001201075130.085f1460@pop.sfo.com>
X-Mailer: Mew version 1.05+ on Emacs 19.34.2
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Date: Fri, 01 Dec 2000 17:09:22 +0100
Message-ID: <62270.975686962@verdi.nethelp.no>
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
> >> > > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
> >> > > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
> >>
> >> > access-list 110 deny ip any 172.16.0.0 0.15.255.255 log
> >> > access-list 110 deny ip any 172.31.0.0 0.0.255.255 log
> >>
> >> Is it me? Isn't the second network in each a subset of the first?
> >>
> > Now that I re-read your question, I see what you are saying...You are
> > correct.
>
> Um, unless I'm not yet fully caffeinated:
>
> 172.16.0.0 0.15.255.255 matches 176.16.0.0 - 176.30.255.255
> 172.31.0.0 0.0.255.255 matches 176.31.0.0 - 176.31.255.255
You're not yet fully caffeinated.
172.16.0.0 0.15.255.255 matches 176.16.0.0 - 176.31.255.255
Steinar Haug, Nethelp consulting, sthaug@nethelp.no
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Fri Dec 1 8:23:21 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.cswnet.com (mail.cswnet.com [209.136.192.23])
by hub.freebsd.org (Postfix) with ESMTP id 018A537B401
for <freebsd-isp@FreeBSD.ORG>; Fri, 1 Dec 2000 08:23:20 -0800 (PST)
Received: from ssaos2 (ssaos2.csw.net [209.136.201.13])
by mail.cswnet.com (Postfix) with SMTP id C6B005D184
for <freebsd-isp@FreeBSD.ORG>; Fri, 1 Dec 2000 10:23:18 -0600 (CST)
From: lambert@cswnet.com
Date: Fri, 01 Dec 2000 10:22:20 -0600
To: freebsd-isp@FreeBSD.ORG
In-Reply-To: <20001201133802.Y4646@pinetec.co.za>
Subject: Re: Email Monitoring
X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v2.10a c10
Message-Id: <20001201162318.C6B005D184@mail.cswnet.com>
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Postfix has a configuration option for this sort of thing.
always_bcc = archiveaddress@the.domain
On Thu, 30 Nov 2000, David Lawson wrote:
> My client wants to intercept his employees email traffic for monitoring and
> auditing. He wants to make sure the email is not being used for personal use
> and he also wants to make sure that his employees are not making promises to
> customers that they can't keep. I'm not sure what type of business it is but
> they exchange allot of sensitive material.
--
Scott Lambert
lambert@cswnet.com
Systems and Security Administrator
CSW Net, Inc.
================================================================
Written: Friday, December 01, 2000 - 10:20 AM
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Fri Dec 1 10: 5:18 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from gate1.noc.usmc.mil (gate1.noc.usmc.mil [192.156.71.34])
by hub.freebsd.org (Postfix) with ESMTP id D669E37B400
for <freebsd-isp@FreeBSD.ORG>; Fri, 1 Dec 2000 10:05:12 -0800 (PST)
Received: by gate1.noc.usmc.mil; id SAA00175; Fri, 1 Dec 2000 18:04:11 GMT
Received: from host014.noc.usmc.mil(192.156.77.14) by gate1.noc.usmc.mil via smap (V5.0)
id xma029567; Fri, 1 Dec 00 18:03:11 GMT
Received: by host014.noc.usmc.mil with Internet Mail Service (5.5.2650.21)
id <YBG9G19R>; Fri, 1 Dec 2000 13:02:17 -0500
Message-ID: <1988A7BBBD55D3119B4A00902771C45404A01365@host014.noc.usmc.mil>
From: Bird Mr Gregory L <BirdGL@NOC.USMC.MIL>
To: "'freebsd-isp@FreeBSD.ORG'" <freebsd-isp@FreeBSD.ORG>
Subject: RE: Danger Ports
Date: Fri, 1 Dec 2000 13:02:17 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C05BC0.D75C1B00"
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C05BC0.D75C1B00
Content-Type: text/plain;
charset="iso-8859-1"
Yes there is overlap...I am not quite sure where you learned how to
subnet...but the rest of the world does it:
access-list lines:
access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
172.16.0.0 0.15.255.255 = 172.16.0.0:255.252.0.0 = 172.16.0.0 -
172.31.255.255
so there is overlap. You might want to refresh yourself a little on your
subnetting...or fully caffeinate yourself.
Greg Bird
Senior Network Security Engineer
-----Original Message-----
From: William Sommers [mailto:sommers@sfo.com]
Sent: Friday, December 01, 2000 11:06 AM
To: freebsd-isp@FreeBSD.ORG
Subject: Re: Danger Ports
At 12:28 AM 12/1/00 -0600, Butch Evans wrote:
>> > > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
>> > > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
>>
>> > access-list 110 deny ip any 172.16.0.0 0.15.255.255 log
>> > access-list 110 deny ip any 172.31.0.0 0.0.255.255 log
>>
>> Is it me? Isn't the second network in each a subset of the first?
>>
> Now that I re-read your question, I see what you are saying...You are
> correct.
Um, unless I'm not yet fully caffeinated:
172.16.0.0 0.15.255.255 matches 176.16.0.0 - 176.30.255.255
172.31.0.0 0.0.255.255 matches 176.31.0.0 - 176.31.255.255
No overlap at all.
-wfs
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
------_=_NextPart_001_01C05BC0.D75C1B00
Content-Type: text/html;
charset="iso-8859-1"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2652.99">
<TITLE>RE: Danger Ports</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2>Yes there is overlap...I am not quite sure where you learned how to subnet...but the rest of the world does it:</FONT>
</P>
<BR>
<P><FONT SIZE=2>access-list lines:</FONT>
<BR><FONT SIZE=2>access-list 110 deny ip 172.16.0.0 0.15.255.255 any log</FONT>
<BR><FONT SIZE=2>access-list 110 deny ip 172.31.0.0 0.0.255.255 any log</FONT>
</P>
<BR>
<P><FONT SIZE=2>172.16.0.0 0.15.255.255 = 172.16.0.0:255.252.0.0 = 172.16.0.0 - 172.31.255.255</FONT>
</P>
<P><FONT SIZE=2>so there is overlap. You might want to refresh yourself a little on your subnetting...or fully caffeinate yourself.</FONT>
</P>
<BR>
<P><FONT SIZE=2>Greg Bird</FONT>
<BR><FONT SIZE=2>Senior Network Security Engineer</FONT>
</P>
<BR>
<BR>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: William Sommers [<A HREF="mailto:sommers@sfo.com">mailto:sommers@sfo.com</A>]</FONT>
<BR><FONT SIZE=2>Sent: Friday, December 01, 2000 11:06 AM</FONT>
<BR><FONT SIZE=2>To: freebsd-isp@FreeBSD.ORG</FONT>
<BR><FONT SIZE=2>Subject: Re: Danger Ports</FONT>
</P>
<BR>
<P><FONT SIZE=2>At 12:28 AM 12/1/00 -0600, Butch Evans wrote:</FONT>
</P>
<P><FONT SIZE=2> >> > > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log</FONT>
<BR><FONT SIZE=2> >> > > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log</FONT>
<BR><FONT SIZE=2> >></FONT>
<BR><FONT SIZE=2> >> > access-list 110 deny ip any 172.16.0.0 0.15.255.255 log</FONT>
<BR><FONT SIZE=2> >> > access-list 110 deny ip any 172.31.0.0 0.0.255.255 log</FONT>
<BR><FONT SIZE=2> >></FONT>
<BR><FONT SIZE=2> >> Is it me? Isn't the second network in each a subset of the first?</FONT>
<BR><FONT SIZE=2> >></FONT>
<BR><FONT SIZE=2> > Now that I re-read your question, I see what you are saying...You are</FONT>
<BR><FONT SIZE=2> > correct.</FONT>
</P>
<P><FONT SIZE=2>Um, unless I'm not yet fully caffeinated:</FONT>
</P>
<P><FONT SIZE=2>172.16.0.0 0.15.255.255 matches 176.16.0.0 - 176.30.255.255</FONT>
<BR><FONT SIZE=2>172.31.0.0 0.0.255.255 matches 176.31.0.0 - 176.31.255.255</FONT>
</P>
<P><FONT SIZE=2>No overlap at all.</FONT>
</P>
<BR>
<P><FONT SIZE=2> -wfs</FONT>
</P>
<BR>
<BR>
<P><FONT SIZE=2>To Unsubscribe: send mail to majordomo@FreeBSD.org</FONT>
<BR><FONT SIZE=2>with "unsubscribe freebsd-isp" in the body of the message</FONT>
</P>
</BODY>
</HTML>
------_=_NextPart_001_01C05BC0.D75C1B00--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Fri Dec 1 10: 7:14 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from gate1.noc.usmc.mil (gate1.noc.usmc.mil [192.156.71.34])
by hub.freebsd.org (Postfix) with ESMTP id BDC3B37B401
for <freebsd-isp@FreeBSD.ORG>; Fri, 1 Dec 2000 10:07:05 -0800 (PST)
Received: by gate1.noc.usmc.mil; id SAA01117; Fri, 1 Dec 2000 18:06:10 GMT
Received: from host014.noc.usmc.mil(192.156.77.14) by gate1.noc.usmc.mil via smap (V5.0)
id xma000908; Fri, 1 Dec 00 18:05:34 GMT
Received: by host014.noc.usmc.mil with Internet Mail Service (5.5.2650.21)
id <YBG9G10H>; Fri, 1 Dec 2000 13:04:40 -0500
Message-ID: <1988A7BBBD55D3119B4A00902771C45404A01366@host014.noc.usmc.mil>
From: Bird Mr Gregory L <BirdGL@NOC.USMC.MIL>
To: "'freebsd-isp@FreeBSD.ORG'" <freebsd-isp@FreeBSD.ORG>
Subject: RE: Danger Ports
Date: Fri, 1 Dec 2000 13:04:40 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C05BC1.2CB74D40"
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C05BC1.2CB74D40
Content-Type: text/plain;
charset="iso-8859-1"
my bad - long day:
172.16.0.0 0.15.255.255 = 172.16.0.0:255.252.0.0 = 172.16.0.0 -
172.31.255.255
should have read
172.16.0.0 0.15.255.255 = 172.16.0.0:255.240.0.0 = 172.16.0.0 -
172.31.255.255
Greg Bird
> Network Security Engineer
> USMC MITNOC
> Phone: 703-784-5300, DSN 278-5300
> Fax: 703-784-3477, DSN 278-3477
birdgl@noc.usmc.mil
CCNA, Network+
-----Original Message-----
From: Bird Mr Gregory L
Sent: Friday, December 01, 2000 1:02 PM
To: 'freebsd-isp@FreeBSD.ORG'
Subject: RE: Danger Ports
Yes there is overlap...I am not quite sure where you learned how to
subnet...but the rest of the world does it:
access-list lines:
access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
172.16.0.0 0.15.255.255 = 172.16.0.0:255.252.0.0 = 172.16.0.0 -
172.31.255.255
so there is overlap. You might want to refresh yourself a little on your
subnetting...or fully caffeinate yourself.
Greg Bird
Senior Network Security Engineer
-----Original Message-----
From: William Sommers [mailto:sommers@sfo.com]
Sent: Friday, December 01, 2000 11:06 AM
To: freebsd-isp@FreeBSD.ORG
Subject: Re: Danger Ports
At 12:28 AM 12/1/00 -0600, Butch Evans wrote:
>> > > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log
>> > > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log
>>
>> > access-list 110 deny ip any 172.16.0.0 0.15.255.255 log
>> > access-list 110 deny ip any 172.31.0.0 0.0.255.255 log
>>
>> Is it me? Isn't the second network in each a subset of the first?
>>
> Now that I re-read your question, I see what you are saying...You are
> correct.
Um, unless I'm not yet fully caffeinated:
172.16.0.0 0.15.255.255 matches 176.16.0.0 - 176.30.255.255
172.31.0.0 0.0.255.255 matches 176.31.0.0 - 176.31.255.255
No overlap at all.
-wfs
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
------_=_NextPart_001_01C05BC1.2CB74D40
Content-Type: text/html;
charset="iso-8859-1"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2652.99">
<TITLE>RE: Danger Ports</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2>my bad - long day:</FONT>
</P>
<P><FONT SIZE=2>172.16.0.0 0.15.255.255 = 172.16.0.0:255.252.0.0 = 172.16.0.0 - 172.31.255.255 </FONT>
<BR><FONT SIZE=2>should have read</FONT>
<BR><FONT SIZE=2>172.16.0.0 0.15.255.255 = 172.16.0.0:255.240.0.0 = 172.16.0.0 - 172.31.255.255</FONT>
</P>
<P><FONT SIZE=2>Greg Bird</FONT>
<BR><FONT SIZE=2>> Network Security Engineer</FONT>
<BR><FONT SIZE=2>> USMC MITNOC</FONT>
<BR><FONT SIZE=2>> Phone: 703-784-5300, DSN 278-5300</FONT>
<BR><FONT SIZE=2>> Fax: 703-784-3477, DSN 278-3477</FONT>
<BR><FONT SIZE=2>birdgl@noc.usmc.mil</FONT>
<BR><FONT SIZE=2>CCNA, Network+</FONT>
</P>
<BR>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: Bird Mr Gregory L </FONT>
<BR><FONT SIZE=2>Sent: Friday, December 01, 2000 1:02 PM</FONT>
<BR><FONT SIZE=2>To: 'freebsd-isp@FreeBSD.ORG'</FONT>
<BR><FONT SIZE=2>Subject: RE: Danger Ports</FONT>
</P>
<BR>
<P><FONT SIZE=2>Yes there is overlap...I am not quite sure where you learned how to subnet...but the rest of the world does it:</FONT>
</P>
<BR>
<P><FONT SIZE=2>access-list lines:</FONT>
<BR><FONT SIZE=2>access-list 110 deny ip 172.16.0.0 0.15.255.255 any log</FONT>
<BR><FONT SIZE=2>access-list 110 deny ip 172.31.0.0 0.0.255.255 any log</FONT>
</P>
<BR>
<P><FONT SIZE=2>172.16.0.0 0.15.255.255 = 172.16.0.0:255.252.0.0 = 172.16.0.0 - 172.31.255.255</FONT>
</P>
<P><FONT SIZE=2>so there is overlap. You might want to refresh yourself a little on your subnetting...or fully caffeinate yourself.</FONT>
</P>
<BR>
<P><FONT SIZE=2>Greg Bird</FONT>
<BR><FONT SIZE=2>Senior Network Security Engineer</FONT>
</P>
<BR>
<BR>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: William Sommers [<A HREF="mailto:sommers@sfo.com">mailto:sommers@sfo.com</A>]</FONT>
<BR><FONT SIZE=2>Sent: Friday, December 01, 2000 11:06 AM</FONT>
<BR><FONT SIZE=2>To: freebsd-isp@FreeBSD.ORG</FONT>
<BR><FONT SIZE=2>Subject: Re: Danger Ports</FONT>
</P>
<BR>
<P><FONT SIZE=2>At 12:28 AM 12/1/00 -0600, Butch Evans wrote:</FONT>
</P>
<P><FONT SIZE=2> >> > > access-list 110 deny ip 172.16.0.0 0.15.255.255 any log</FONT>
<BR><FONT SIZE=2> >> > > access-list 110 deny ip 172.31.0.0 0.0.255.255 any log</FONT>
<BR><FONT SIZE=2> >></FONT>
<BR><FONT SIZE=2> >> > access-list 110 deny ip any 172.16.0.0 0.15.255.255 log</FONT>
<BR><FONT SIZE=2> >> > access-list 110 deny ip any 172.31.0.0 0.0.255.255 log</FONT>
<BR><FONT SIZE=2> >></FONT>
<BR><FONT SIZE=2> >> Is it me? Isn't the second network in each a subset of the first?</FONT>
<BR><FONT SIZE=2> >></FONT>
<BR><FONT SIZE=2> > Now that I re-read your question, I see what you are saying...You are</FONT>
<BR><FONT SIZE=2> > correct.</FONT>
</P>
<P><FONT SIZE=2>Um, unless I'm not yet fully caffeinated:</FONT>
</P>
<P><FONT SIZE=2>172.16.0.0 0.15.255.255 matches 176.16.0.0 - 176.30.255.255</FONT>
<BR><FONT SIZE=2>172.31.0.0 0.0.255.255 matches 176.31.0.0 - 176.31.255.255</FONT>
</P>
<P><FONT SIZE=2>No overlap at all.</FONT>
</P>
<BR>
<P><FONT SIZE=2> -wfs</FONT>
</P>
<BR>
<BR>
<P><FONT SIZE=2>To Unsubscribe: send mail to majordomo@FreeBSD.org</FONT>
<BR><FONT SIZE=2>with "unsubscribe freebsd-isp" in the body of the message</FONT>
</P>
</BODY>
</HTML>
------_=_NextPart_001_01C05BC1.2CB74D40--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Fri Dec 1 10:23:47 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.numachi.com (numachi.numachi.com [198.175.254.2])
by hub.freebsd.org (Postfix) with SMTP id 57EA737B400
for <freebsd-isp@freebsd.org>; Fri, 1 Dec 2000 10:23:44 -0800 (PST)
Received: (qmail 7858 invoked by uid 3001); 1 Dec 2000 18:23:37 -0000
Received: from natto.numachi.com (198.175.254.216)
by numachi.numachi.com with SMTP; 1 Dec 2000 18:23:37 -0000
Received: (qmail 61821 invoked by uid 1001); 1 Dec 2000 18:23:37 -0000
Date: Fri, 1 Dec 2000 13:23:37 -0500
From: Brian Reichert <reichert@numachi.com>
To: freebsd-isp@freebsd.org
Subject: cron messages: yp_next: clnt_call: RPC: Timed out
Message-ID: <20001201132337.P57099@numachi.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Under FreeBSD 3.4-R, under a NIS client environment, I cannot seem
to keep cron messages quiet. Harmless things like 'atrun' generate
mail:
From root Fri Dec 1 02:00:10 2000
Return-Path: <root>
Received: (from root@localhost)
by private.internal.mydomain.com (8.9.3/8.9.3) id CAA75601;
Fri, 1 Dec 2000 02:00:10 GMT
(envelope-from root)
Date: Fri, 1 Dec 2000 02:00:10 GMT
Message-Id: <200012010200.CAA75601@private.internal.mydomain.com>
From: root (Cron Daemon)
To: root
Subject: Cron <root@private> /usr/libexec/atrun
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin>
X-Cron-Env: <HOME=/root>
X-Cron-Env: <LOGNAME=root>
X-Cron-Env: <USER=root>
yp_next: clnt_call: RPC: Timed out
(I've obfuscated the hostnames.)
On this machine, root is a local account, not an NIS account.
The NIS server is
nis1% uname -a
SunOS nis1 5.7 Generic_106542-04 i86pc i386 i86pc
Does anyone have any advice on this matter?
--
Brian 'you Bastard' Reichert <reichert@numachi.com>
37 Crystal Ave. #303 Daytime number: (603) 434-6842
Derry NH 03038-1713 USA Intel architecture: the left-hand path
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Fri Dec 1 10:41:55 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from workhorse.iMach.com (workhorse.iMach.com [206.127.77.89])
by hub.freebsd.org (Postfix) with ESMTP id EAB7037B400
for <freebsd-isp@FreeBSD.ORG>; Fri, 1 Dec 2000 10:41:48 -0800 (PST)
Received: from localhost (forrestc@localhost)
by workhorse.iMach.com (8.9.3/8.9.3) with ESMTP id LAA09081;
Fri, 1 Dec 2000 11:39:00 -0700 (MST)
Date: Fri, 1 Dec 2000 11:38:59 -0700 (MST)
From: "Forrest W. Christian" <forrestc@imach.com>
To: William Sommers <sommers@sfo.com>
Cc: freebsd-isp@FreeBSD.ORG
Subject: Re: Danger Ports
In-Reply-To: <5.0.0.25.2.20001201075130.085f1460@pop.sfo.com>
Message-ID: <Pine.BSF.4.21.0012011137330.8959-100000@workhorse.iMach.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Fri, 1 Dec 2000, William Sommers wrote:
> Um, unless I'm not yet fully caffeinated:
>
> 172.16.0.0 0.15.255.255 matches 176.16.0.0 - 176.30.255.255
> 172.31.0.0 0.0.255.255 matches 176.31.0.0 - 176.31.255.255
You must not be fully caffenated yet...
172.16.0.0 0.15.255.255 matches:
172.16.0.0 thru 172.31.255.255
(I will ignore that you mangled the 172 to 176)
- Forrest W. Christian (forrestc@imach.com) AC7DE
----------------------------------------------------------------------
iMach, Ltd., P.O. Box 5749, Helena, MT 59604 http://www.imach.com
Solutions for your high-tech problems. (406)-442-6648
----------------------------------------------------------------------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Fri Dec 1 13:44:49 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from krell.webweaver.net (krell.webweaver.net [206.24.105.170])
by hub.freebsd.org (Postfix) with ESMTP id 0629C37B400
for <freebsd-isp@freebsd.org>; Fri, 1 Dec 2000 13:44:47 -0800 (PST)
Received: from xwin.nmhtech.com (xwin.nmhtech.com [208.138.46.10])
by krell.webweaver.net (Postfix) with ESMTP id 6DC2D20F0D
for <freebsd-isp@freebsd.org>; Fri, 1 Dec 2000 13:28:04 -0800 (PST)
Content-Length: 1107
Message-ID: <XFMail.001201134446.nicole@unixgirl.com>
X-Mailer: XFMail 1.4.0 on FreeBSD
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
Date: Fri, 01 Dec 2000 13:44:46 -0700 (PST)
From: Nicole <nicole@unixgirl.com>
To: freebsd-isp@freebsd.org
Subject: client firewall with 2 ethernet ports
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Greetings
I have what is perhaps a silly question, but I am unsure what the best way is
to setup client level firewall rules in rc.firewall when the server has 2
ethernet ports.
one port is used as the connection the the network.
The second port is used as a 192.168 type of network providing a secure
backend connection between servers for NFS and the like.
How do I setup rules that apply to one port and not the other?
Would I use a modified form of the simple rules?
Any clues appreciated!
Thanks!
Nicole
nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/
webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/
nicole@deviantimages.com // \\ http://www.deviantimages.com/
---------------------------(((---(((----------------------------------------
-- Powered by Coka-Cola and FreeBSD --
-- Dames are put on this earth to weaken us, drain our energy -
laugh at us when they see us naked. (Johnny Dangerously)
-------------------------------------------------------------------------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Fri Dec 1 21:23:52 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from www.golsyd.net.au (ftp.golsyd.net.au [203.57.20.1])
by hub.freebsd.org (Postfix) with ESMTP id 126FD37B400
for <freebsd-isp@freebsd.org>; Fri, 1 Dec 2000 21:23:50 -0800 (PST)
Received: from [203.164.12.28] by www.quake.com.au (NTMail 4.30.0012/AH9370.63.d1acf55c) with ESMTP id smcsaaaa for <freebsd-isp@freebsd.org>; Sat, 2 Dec 2000 16:30:09 +1100
Message-ID: <3A288767.A893C761@quake.com.au>
Date: Sat, 02 Dec 2000 16:23:51 +1100
From: Kal Torak <kaltorak@quake.com.au>
X-Mailer: Mozilla 4.73 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Nicole <nicole@unixgirl.com>
Cc: freebsd-isp@freebsd.org
Subject: Re: client firewall with 2 ethernet ports
References: <XFMail.001201134446.nicole@unixgirl.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Nicole wrote:
>
> Greetings
> I have what is perhaps a silly question, but I am unsure what the best way is
> to setup client level firewall rules in rc.firewall when the server has 2
> ethernet ports.
> one port is used as the connection the the network.
> The second port is used as a 192.168 type of network providing a secure
> backend connection between servers for NFS and the like.
>
> How do I setup rules that apply to one port and not the other?
> Would I use a modified form of the simple rules?
>
> Any clues appreciated!
>
> Thanks!
>
> Nicole
Hiya,
You can use the "via interface" command...
Eg. deny ip from any to any via dc0
that will block out going and incoming on that interface, to
only stop one you can use "in via interface" or "out via interface",
you can also replace via with recv or xmit... but that confuses me
and dose the same thing anyway..
Hope this is of some help :)
Kal.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sat Dec 2 8:48:14 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from gate.trident-uk.co.uk (mail.trident-uk.co.uk [195.166.16.10])
by hub.freebsd.org (Postfix) with ESMTP
id 1F2CB37B400; Sat, 2 Dec 2000 08:48:10 -0800 (PST)
Received: from [194.207.93.139] by gate.trident-uk.co.uk
for freebsd-isp@freebsd.org
id QAA29444; Sat Dec 2 16:48:04 2000
Organization: Psi-Domain Ltd.
Subject: DHCP Tricky config
Date: Sat, 2 Dec 2000 16:50:53 +0000
X-Mailer: KMail [version 1.0.28]
Content-Type: text/plain
MIME-Version: 1.0
Message-Id: <00120216533101.00265@freefire.psi-domain.co.uk>
Content-Transfer-Encoding: 8bit
To: freebsd-isp@freebsd.org, freebsd-questions@freebsd.org
From: Jamie Heckford <heckfordj@psi-domain.co.uk>
Reply-To: heckfordj@psi-domain.co.uk
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hi,
Heres what I want to do, any ideas people?:
This is a medium sized LAN.
When people log onto the network (Windows workstations powered by fBSD servers)
I want them to be assigned a tempoary IP address via DHCP. When they
authenticate with there user/pass, I want them to be assigned a dedicated /
static IP based on their username, so where-ever they go in the office
(different desks etc.) they always have that IP.
Reason being it is easier to implement User level Filtering options.
Any suggestions?
Thanks,
--
Jamie Heckford
Chief Network Engineer
Psi-Domain - Innovative Linux Solutions. Ask Us How.
===================================
email: heckfordj@psi-domain.co.uk
web: http://www.psi-domain.co.uk/
tel: +44 (0)1737 789 246
fax: +44 (0)1737 789 245
mobile: +44 (0)7779 646 529
===================================
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sat Dec 2 9:24:19 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from orion.buckhorn.net (orion.buckhorn.net [63.151.7.243])
by hub.freebsd.org (Postfix) with ESMTP id 0138337B401
for <freebsd-isp@FreeBSD.ORG>; Sat, 2 Dec 2000 09:24:16 -0800 (PST)
Received: from buckhorn.net (localhost.buckhorn.net [127.0.0.1])
by orion.buckhorn.net (8.11.1/8.11.1) with ESMTP id eB2HNbw21060
for <freebsd-isp@FreeBSD.ORG>; Sat, 2 Dec 2000 11:23:39 -0600 (CST)
(envelope-from bob@buckhorn.net)
Message-ID: <3A293019.98AFF1EC@buckhorn.net>
Date: Sat, 02 Dec 2000 11:23:37 -0600
From: Bob Martin <bob@buckhorn.net>
X-Mailer: Mozilla 4.73 [en] (X11; U; FreeBSD 4.1.1-STABLE i386)
X-Accept-Language: en
MIME-Version: 1.0
Cc: freebsd-isp@FreeBSD.ORG
Subject: Re: DHCP Tricky config
References: <00120216533101.00265@freefire.psi-domain.co.uk>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Jamie Heckford wrote:
>
> Hi,
>
> Heres what I want to do, any ideas people?:
>
> This is a medium sized LAN.
>
> When people log onto the network (Windows workstations powered by fBSD servers)
> I want them to be assigned a tempoary IP address via DHCP. When they
> authenticate with there user/pass, I want them to be assigned a dedicated /
> static IP based on their username, so where-ever they go in the office
> (different desks etc.) they always have that IP.
>
> Reason being it is easier to implement User level Filtering options.
>
> Any suggestions?
>
> Thanks,
>
> --
> Jamie Heckford
> Chief Network Engineer
> Psi-Domain - Innovative Linux Solutions. Ask Us How.
>
> ===================================
> email: heckfordj@psi-domain.co.uk
> web: http://www.psi-domain.co.uk/
>
> tel: +44 (0)1737 789 246
> fax: +44 (0)1737 789 245
> mobile: +44 (0)7779 646 529
> ===================================
The problem with this concept is that the computer get's the ip when the
NIC starts, not when the user logs in. Your best shot is to come up with
a way to dynamically update the filter based on the users current ip.
You could probably do this with a combination of perl and Samba running
in NT domain controller mode.
Good luck.
Bob Martin
--
As far as the laws of mathematics refer to reality, they are not
certain, and as far as they are certain, they do not refer to reality.
-- Albert Einstein
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sat Dec 2 11:35: 9 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from marius.org (marius.org [216.88.115.170])
by hub.freebsd.org (Postfix) with ESMTP id 079A837B400
for <freebsd-isp@freebsd.org>; Sat, 2 Dec 2000 11:35:06 -0800 (PST)
Received: (from marius@localhost)
by marius.org (8.11.0/8.11.0) id eB2JZ4D41866
for freebsd-isp@freebsd.org; Sat, 2 Dec 2000 13:35:04 -0600 (CST)
Date: Sat, 2 Dec 2000 13:35:04 -0600
From: Marius Strom <marius@marius.org>
To: freebsd-isp@freebsd.org
Subject: mod_php4+libmcal support
Message-ID: <20001202133504.E57153@marius.org>
Mail-Followup-To: freebsd-isp@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
'afternoon folks:
Trying to compile mod_php4 out of ports with some minor enhancements to
scripts/configure.php, namely to support bcmath, yp, and mcal. bcmath
and yp support haven't been a problem, but mcal support is driving me
nuts.
I've snagged the latest libmcal (v0.6) from mcal.chek.com and the
associated drivers (mstore, icap). I've compiled it according to the
instructions given at chek.com, then I go back to a php4 recompile. At
the last stage of the compile, it gives me the following error:
*** Warning: This library needs some functionality provided by -lmcal.
*** I have the capability to make that library automatically link in
when
*** you link to this library. But I can only do this if you have a
*** shared version of the library, which you do not appear to have.
This still provides me with a php4 .so file, but reloading apache after
an install of it gives errors about mcal defines. So, I go back to the
libmcal stuff, changes the CFLAGS to -shared, and recompile. Still
getting the same error. Anyone have any ideas/experience into this?
--
Marius Strom <marius@marius.org>
Professional Geek/Unix System Administrator
URL: http://www.marius.org
http://www.marius.org/marius.pgp 0x55DE53E4
Turn off the faucet? We're too busy mopping up the floor!
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sat Dec 2 11:35:13 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from host5.websitesource.com (unknown [209.239.40.154])
by hub.freebsd.org (Postfix) with ESMTP id C5C7F37B69F
for <isp@freebsd.org>; Sat, 2 Dec 2000 11:35:10 -0800 (PST)
Received: (from jskco2@localhost)
by host5.websitesource.com (8.10.2/8.10.2) id eB2JFYi31523;
Sat, 2 Dec 2000 14:15:34 -0500
X-Authentication-Warning: host5.websitesource.com: jskco2 set sender to november2-request@onlinebuys.org using -f
To: november2@onlinebuys.org
From: Justin Krauss <customercare@onlinebuys.org>
Subject: Urgent: Please Read
Reply-To: customercare@onlinebuys.org
Date: Sat, 2 Dec 2000 11:31:15 -0800
X-Sender: customercare@onlinebuys.org
X-Originating-Host: spider-mtc-tc033.proxy.aol.com [64.12.105.163]; Sat, 2 Dec 2000 18:46:04 GMT
X-Mailer: WebMail Check v2.3.21 (2000-7-19)
X-Browser: Mozilla/4.0 (compatible; MSIE 5.5; MSN 2.5; AOL 5.0; Windows 98; Compaq), JavaScript: On
Message-ID: <jUsT.aNoTheR.mEsSaGe.iD.9757827647353@onlinebuys.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Mailing-List: <november2@onlinebuys.org> archive/latest/1
X-Loop: november2@onlinebuys.org
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
My wife and I are trying to get our new website up and running.
It is a complete shopping mall. It also has a wonderful online travel
agency. Would you please visit Http://www.onlinebuys.org at least
once. --or better yet bookmark it and use it for all your travel
and shopping needs.
God Bless,
Justin & Nicole Krauss
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sat Dec 2 12:32:56 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from host5.websitesource.com (unknown [209.239.40.154])
by hub.freebsd.org (Postfix) with ESMTP id ABF5237B400
for <isp@freebsd.org>; Sat, 2 Dec 2000 12:32:52 -0800 (PST)
Received: (from jskco2@localhost)
by host5.websitesource.com (8.10.2/8.10.2) id eB2KUCG16556;
Sat, 2 Dec 2000 15:30:12 -0500
X-Authentication-Warning: host5.websitesource.com: jskco2 set sender to november2-request@onlinebuys.org using -f
Date: Sat, 2 Dec 2000 20:52:09 +0100
From: Massimo Fubini <supermax@aexis-telecom.it>
X-Mailer: telnet host 25
X-Priority: 3 (Normal)
Message-ID: <53709252.20001202205209@aexis-telecom.it>
To: Justin Krauss <customercare@onlinebuys.org>
Cc: november2@onlinebuys.org
Subject: Re: Urgent: Please Read
In-reply-To: <jUsT.aNoTheR.mEsSaGe.iD.9757827647353@onlinebuys.org>
References: <jUsT.aNoTheR.mEsSaGe.iD.9757827647353@onlinebuys.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailing-List: <november2@onlinebuys.org> archive/latest/2
X-Loop: november2@onlinebuys.org
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hello Justin,
Fuck You!!
I will never visit your online travel agency, and never buy anything
there for all my life.
Bye
Massimo
Saturday, December 02, 2000, 8:31:15 PM, you wrote:
JK> My wife and I are trying to get our new website up and running.
JK> It is a complete shopping mall. It also has a wonderful online travel
JK> agency. Would you please visit Http://www.onlinebuys.org at least
JK> once. --or better yet bookmark it and use it for all your travel
JK> and shopping needs.
JK> To Unsubscribe: send mail to majordomo@FreeBSD.org
JK> with "unsubscribe freebsd-isp" in the body of the message
--
Best regards,
Massimo mailto:supermax@aexis-telecom.it
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sat Dec 2 13: 5:58 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from host5.websitesource.com (unknown [209.239.40.154])
by hub.freebsd.org (Postfix) with ESMTP
id A401037B400; Sat, 2 Dec 2000 13:05:53 -0800 (PST)
Received: (from jskco2@localhost)
by host5.websitesource.com (8.10.2/8.10.2) id eB2Kvgh06624;
Sat, 2 Dec 2000 15:57:42 -0500
X-Authentication-Warning: host5.websitesource.com: jskco2 set sender to november3-request@onlinebuys.org using -f
To: november3@onlinebuys.org
From: Justin Krauss <customercare@onlinebuys.org>
Subject: Family Owned Website November Newsletter
Reply-To: customercare@onlinebuys.org
Date: Sat, 2 Dec 2000 13:02:29 -0800
X-Sender: customercare@onlinebuys.org
X-Originating-Host: spider-wq022.proxy.aol.com [205.188.200.146]; Sat, 2 Dec 2000 20:18:38 GMT
X-Mailer: WebMail Check v2.3.21 (2000-7-19)
X-Browser: Mozilla/4.0 (compatible; MSIE 5.5; MSN 2.5; AOL 5.0; Windows 98; Compaq), JavaScript: On
Message-ID: <jUsT.aNoTheR.mEsSaGe.iD.97578831832090@onlinebuys.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Mailing-List: <november3@onlinebuys.org> archive/latest/1
X-Loop: november3@onlinebuys.org
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
My wife and I are trying to get our new website up and running.
It is a complete shopping mall. It also has a wonderful online travel
agency. Would you please visit
Http://www.onlinebuys.org
at least once. --or better yet bookmark it and use it for all your
travel and shopping needs.
God Bless,
Justin & Nicole Krauss
Please note that you or someone on your behalf have subscribed to
this list --we have even had funny people subscribe under abuse
emails. If you do not want this news letter please respond with
remove.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sat Dec 2 14:15: 7 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167])
by hub.freebsd.org (Postfix) with ESMTP id C8FDF37B400
for <isp@FreeBSD.org>; Sat, 2 Dec 2000 14:15:05 -0800 (PST)
Received: by puck.firepipe.net (Postfix, from userid 1000)
id 3F1A319D2; Sat, 2 Dec 2000 17:15:05 -0500 (EST)
Date: Sat, 2 Dec 2000 17:15:05 -0500
From: Will Andrews <will@physics.purdue.edu>
To: Massimo Fubini <supermax@aexis-telecom.it>
Cc: isp@FreeBSD.org
Subject: Re: Urgent: Please Read
Message-ID: <20001202171505.K559@puck.firepipe.net>
Reply-To: Will Andrews <will@physics.purdue.edu>
Mail-Followup-To: Will Andrews <will@physics.purdue.edu>,
Massimo Fubini <supermax@aexis-telecom.it>, isp@FreeBSD.org
References: <jUsT.aNoTheR.mEsSaGe.iD.9757827647353@onlinebuys.org> <53709252.20001202205209@aexis-telecom.it>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <53709252.20001202205209@aexis-telecom.it>; from supermax@aexis-telecom.it on Sat, Dec 02, 2000 at 08:52:09PM +0100
X-Operating-System: FreeBSD 4.1-STABLE i386
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Sat, Dec 02, 2000 at 08:52:09PM +0100, Massimo Fubini wrote:
> Hello Justin,
>
> Fuck You!!
> I will never visit your online travel agency, and never buy anything
> there for all my life.
>
> Bye
> Massimo
A little clue for you: spammers often use "personal" requests to get
people to reply and/or visit their web site. So now you've verified
that your email address is live and well, and put yourself on spam
lists.
Try not to get pissed at them. Just take the time to have their relays
shut down.
--
wca
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sat Dec 2 16:30:45 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from cod.progroup.com (cod.progroup.com [207.44.190.233])
by hub.freebsd.org (Postfix) with ESMTP id CB0C637B400
for <isp@FreeBSD.ORG>; Sat, 2 Dec 2000 16:30:43 -0800 (PST)
Received: from progroup.com (guppy.progroup.com [207.44.190.237])
by cod.progroup.com (8.9.2/8.9.2) with ESMTP id QAA75526;
Sat, 2 Dec 2000 16:29:20 -0800 (PST)
(envelope-from craig@progroup.com)
Message-ID: <3A29939E.72A7A4D4@progroup.com>
Date: Sat, 02 Dec 2000 16:28:14 -0800
From: Craig Shaver <craig@ProGroup.COM>
Organization: Productivity Group, Inc.
X-Mailer: Mozilla 4.7 [en] (Win95; I)
X-Accept-Language: en
MIME-Version: 1.0
To: Will Andrews <will@physics.purdue.edu>
Cc: isp@FreeBSD.ORG
Subject: Re: Urgent: Please Read
References: <jUsT.aNoTheR.mEsSaGe.iD.9757827647353@onlinebuys.org> <53709252.20001202205209@aexis-telecom.it> <20001202171505.K559@puck.firepipe.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hi - how do you do that?
Will Andrews wrote:
>
...
>
> Try not to get pissed at them. Just take the time to have their relays
> shut down.
>
> --
--
Craig Shaver, My Itty Bitty Dot Com
POB 60458 Sunnyvale, CA 94088 (650)390-0654
http://www.progroup.com/ mailto:craig@progroup.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sat Dec 2 16:38:55 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167])
by hub.freebsd.org (Postfix) with ESMTP id 89E8237B400
for <isp@FreeBSD.ORG>; Sat, 2 Dec 2000 16:38:53 -0800 (PST)
Received: by puck.firepipe.net (Postfix, from userid 1000)
id 62F0E19D2; Sat, 2 Dec 2000 19:38:49 -0500 (EST)
Date: Sat, 2 Dec 2000 19:38:49 -0500
From: Will Andrews <will@physics.purdue.edu>
To: Craig Shaver <craig@progroup.com>
Cc: Will Andrews <will@physics.purdue.edu>, isp@FreeBSD.ORG
Subject: Re: Urgent: Please Read
Message-ID: <20001202193849.M559@puck.firepipe.net>
Reply-To: Will Andrews <will@physics.purdue.edu>
Mail-Followup-To: Will Andrews <will@physics.purdue.edu>,
Craig Shaver <craig@progroup.com>, isp@FreeBSD.ORG
References: <jUsT.aNoTheR.mEsSaGe.iD.9757827647353@onlinebuys.org> <53709252.20001202205209@aexis-telecom.it> <20001202171505.K559@puck.firepipe.net> <3A29939E.72A7A4D4@progroup.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <3A29939E.72A7A4D4@progroup.com>; from craig@progroup.com on Sat, Dec 02, 2000 at 04:28:14PM -0800
X-Operating-System: FreeBSD 4.1-STABLE i386
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Sat, Dec 02, 2000 at 04:28:14PM -0800, Craig Shaver wrote:
> Hi - how do you do that?
Find out their upstream's abuse address (http://www.mail-abuse.net/ has
a nice database for this) and contact them. If that doesn't work, go
higher upstream.
If you can't reach somebody to have it shutdown, then have it put on
MAPS/RSS/ORBS/etc.
I'm not an expert at shutting relays down -- thankfully that's never
been in my job description. *grin* So take my suggestion with a grain
of salt.
--
wca
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sat Dec 2 21: 1:31 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from w2xo.pgh.pa.us (ipl-229-095.npt-sdsl.stargate.net [208.223.229.95])
by hub.freebsd.org (Postfix) with ESMTP
id E9D7837B400; Sat, 2 Dec 2000 21:01:27 -0800 (PST)
Received: from shazam.int (shazam.int [192.168.5.3])
by w2xo.pgh.pa.us (8.9.3/8.9.3) with ESMTP id FAA91857;
Sun, 3 Dec 2000 05:01:19 GMT
(envelope-from durham@w2xo.pgh.pa.us)
Date: Sun, 3 Dec 2000 00:01:26 -0500 (EST)
From: Jim Durham <durham@w2xo.pgh.pa.us>
X-Sender: durham@shazam.int
To: Jamie Heckford <heckfordj@psi-domain.co.uk>
Cc: freebsd-isp@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG
Subject: Re: DHCP Tricky config
In-Reply-To: <00120216533101.00265@freefire.psi-domain.co.uk>
Message-ID: <Pine.BSF.4.21.0012022355240.50865-100000@shazam.int>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
On Sat, 2 Dec 2000, Jamie Heckford wrote:
> Hi,
>
> Heres what I want to do, any ideas people?:
>
> This is a medium sized LAN.
>
> When people log onto the network (Windows workstations powered by fBSD servers)
> I want them to be assigned a tempoary IP address via DHCP. When they
> authenticate with there user/pass, I want them to be assigned a dedicated /
> static IP based on their username, so where-ever they go in the office
> (different desks etc.) they always have that IP.
>
> Reason being it is easier to implement User level Filtering options.
>
Hmmm... you didn't say if you were using Samba? If so, you have
the individual user scripts. These are run after the DHCP address
is assigned. I believe there are a couple different little
applications kicking around tucows or similar places that will
change IP on the fly for WIn boxes. However, you have the
notty little problem of losing the original connection when
the IP changes.
Why not modify your filters with the DHCP IP instead?
-Jim Durham
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sat Dec 2 22:49:59 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mail.mclink.it (net128-053.mclink.it [195.110.128.53])
by hub.freebsd.org (Postfix) with ESMTP id DC0D037B401
for <freebsd-isp@freebsd.org>; Sat, 2 Dec 2000 22:49:56 -0800 (PST)
Received: from net147-191.mclink.it (net147-191.mclink.it [195.110.147.191])
by mail.mclink.it (8.9.3/8.9.0) with ESMTP id HAA21907
for <freebsd-isp@freebsd.org>; Sun, 3 Dec 2000 07:49:54 +0100 (CET)
Date: Sun, 3 Dec 2000 07:48:56 +0100
From: Massimo Fubini <supermax@aexis-telecom.it>
X-Mailer: telnet host 25
X-Priority: 3 (Normal)
Message-ID: <5740121637.20001203074856@aexis-telecom.it>
To: freebsd-isp@freebsd.org
Subject: Sorry! Re[2]: Urgent: Please Read
In-reply-To: <53709252.20001202205209@aexis-telecom.it>
References: <jUsT.aNoTheR.mEsSaGe.iD.9757827647353@onlinebuys.org>
<53709252.20001202205209@aexis-telecom.it>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Hi,
I want to excuse, but I didn't send my complaining e-mail to the list,
it was a personal e-mail, that has been forwarded to the list.
(you can check it from the mail header).
Bye and sorry
Massimo
I wrote:
MF> I will never visit your online travel agency, and never buy anything
MF> there for all my life.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
From owner-freebsd-isp Sat Dec 2 23:13: 1 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from arthur.tacni.net (mail.tacni.net [216.178.136.165])
by hub.freebsd.org (Postfix) with SMTP id 4C07D37B400
for <freebsd-isp@freebsd.org>; Sat, 2 Dec 2000 23:12:59 -0800 (PST)
Received: (qmail 7244 invoked by alias); 3 Dec 2000 07:12:54 -0000
Received: from unknown (HELO tacni.net) (207.55.167.109)
by arthur.tacni.net with SMTP; 3 Dec 2000 07:12:54 -0000
Message-ID: <3A29F287.93DFD65B@tacni.net>
Date: Sun, 03 Dec 2000 01:13:11 -0600
From: Tom ONeil <tom.oneil@tacni.net>
Reply-To: tom.oneil@instantisp.net
Organization: InstantISP.net
X-Mailer: Mozilla 4.72 [en] (WinNT; I)
X-Accept-Language: en
MIME-Version: 1.0
To: heckfordj@psi-domain.co.uk, Free <freebsd-isp@freebsd.org>
Subject: Re: DHCP Tricky config
References: <00120216533101.00265@freefire.psi-domain.co.uk>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org
Saw this very setup in sysadmin mag called netreg. www.netreg.org
Haven't tred it yet, looks interesting.
Jamie Heckford wrote:
>
> Hi,
>
> Heres what I want to do, any ideas people?:
>
> This is a medium sized LAN.
>
> When people log onto the network (Windows workstations powered by fBSD servers)
> I want them to be assigned a tempoary IP address via DHCP. When they
> authenticate with there user/pass, I want them to be assigned a dedicated /
> static IP based on their username, so where-ever they go in the office
> (different desks etc.) they always have that IP.
>
> Reason being it is easier to implement User level Filtering options.
>
> Any suggestions?
>
> Thanks,
>
> --
> Jamie Heckford
> Chief Network Engineer
> Psi-Domain - Innovative Linux Solutions. Ask Us How.
>
> ===================================
> email: heckfordj@psi-domain.co.uk
> web: http://www.psi-domain.co.uk/
>
> tel: +44 (0)1737 789 246
> fax: +44 (0)1737 789 245
> mobile: +44 (0)7779 646 529
> ===================================
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
--
Thomas J. ONeil tom.oneil@instantisp.net
http://www.instantisp.net/
"National power, local presence"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message