From: Digestifier To: Linux-Admin@senator-bedfellow.mit.edu Reply-To: Linux-Admin@senator-bedfellow.mit.edu Date: Thu, 13 Oct 94 14:13:44 EDT Subject: Linux-Admin Digest #187 Linux-Admin Digest #187, Volume #2 Thu, 13 Oct 94 14:13:44 EDT Contents: Re: New Motif lib's for use with XFree 3.1 ? (John Burton) Re: Xterminals with Linux as X server (Mark A. Davis) Re: Please don't post security holess... (Steve Kneizys) On PPP I can FTP but not SMTP (Michele Bini) Re: Please don't post security holess... (Steve Kneizys) Re: Security hole - has noone noticed so far? (David Barr) Re: Security hole - has noone noticed so far? (Shawn D. McPeek) Re: Please don't post security holess... (Tim Bass (Network Systems Engineer)) Re: "more" quit working. HELP!!! (Greck Cannon) Re: Quick Q: Changing beep - where? (Kai Voigt) Re: Please don't post security holess... (David Dyer-Bennet) Linux [c]fdisk vs DOS (John D. Mitchell) Re: Please don't post security holess... (Patrick Schaaf) ---------------------------------------------------------------------------- From: jcburt@gatsibm.larc.nasa.gov (John Burton) Crossposted-To: comp.windows.x.i386unix,comp.windows.x.motif Subject: Re: New Motif lib's for use with XFree 3.1 ? Date: 13 Oct 1994 13:09:57 GMT In article Rajesh Raj writes: On 10 Oct 1994, Craig Groeschel wrote: > In article , > Rajesh Raj wrote: > >I was in contact with tech@metrolink.com. They have no plan to recompile > >Linux Motif 1.2.4 with X11R6 libraries. The tech guy advised me to use the > >old X11R5 libraries. > > That's an interesting spin you have chosen to put on things. > Yes, it's true we do not plan to update 1.2.x, but you left out why: > > Motif 2.0 is out. We are working on porting Motif 2.0 to Linux. I am not trying to put "spin" on things. I posted what I gathered from your response. Yes, Motif 2.0 is out, and it is known that Motif-vendors are working on it. You are not revealing anything that was not known 30 days ago when I bought Motif for Linux from you. Now, as you have chosen to speak for Metrolink would you like to clarify a few things ? 1.When do you propose to make Motif 2.0 for Linux available ? How much would it cost me to upgrade ? [You did not reply to the e-mail in which I had asked these questions.] 2.Why is it that none of your advertisements (e.g., on tsx-11.mit.edu) indicate that Motif 1.2.4 would *only* run with X11R5 libraries ? [Most companies mention the hardware/software requirements in their products.] You know, this is an interesting point of view...A *new* product comes out (XFree86 3.1) that is *not* compatible with an existing product (Motif), yet instead of asking why the *new* product is not compatible with the *existing* product, you choose to question *why* the existing product is not immediately made compatible with the new product...the logic is a bit skewed here... Personally, I think the XFree folks should have consulted more with the Motif folks *before* releasing their product so that most of these incompatibility issues could be ironed out... Also, I noticed a little disclaimer with the XFree stuff, something to the effect that your X11R5 clients would not work properly with XFree_3.1, so apparently this "incompatibility" is not just limited to Motif. I *hope* there are some very good reasons for this apparent gratuitous incompatibility, because I'd sure hate to have to recompile or replace all or even most of my x-clients... [...stuff deleted...] The issue is not inadequate disk-space or old libraries. It is fine if the author of a freeware does not specify the requirements of running the program, but I have not known a commercial software that would not specify the software/hardware requirements on its package. Ummm...perhaps because the XFree folks held the testing so close to their chests, the "commercial" software vendors were unaware of this incompatibility till sometime shortly after the "freeware" was released? Also, it is NOT "okay" for the author of a freeware program to not specify the requirements of running the program, especially "freeware" that is being used as the basis for many business applications... Hopefully next time the XFree folks will be more open about their testing, and this sort of problem will be eliminated long before a public release...try looking at the development/testing activities for the Linux system...*very* open policy, and from what I've seen, the software is of *very* high quality...perhaps the XFree folk will take note of that ? John -- -- John Burton jcburt@gatsibm.larc.nasa.gov G & A Technical Software, Inc. jcburt@gats486.larc.nasa.gov 28 Research Dr. Hampton, Va. 23666 (804) 865-7491 (voice) (804) 865-1021 (fax) ------------------------------ From: mark@taylor.infi.net (Mark A. Davis) Subject: Re: Xterminals with Linux as X server Date: Thu, 13 Oct 1994 13:10:25 GMT klamer@ph.tn.tudelft.nl (Klamer Schutte) writes: >In <1994Oct8.202354.20384@thor.xon.com> edwards@thor.xon.com (Ken Edwards) writes: >:Ken Edwards (edwards@thor.xon.com) wrote: >:: Mark A. Davis (mark@taylor.infi.net) wrote: >:: : srini@igt.com (Srini Seetharam) writes: >:: [ ... ] >:: : >Currently, the Linux machines respond to it >:: : >BUT the windows are managed by the >:: : >Linux machine. As one can guess, once many Xterminals are served >:: : >by a single Linux machine, it is soon overwhelmed. >:: How many Xterminals are you looking to hook to one Linux machine? >:: This is correct, the window manager (I use fvwm) does not impose much >:: load on the host, if you have many Xterminals connected to a Linux box >:: and is slowing down, you probably need more memory, faster processor, or >:: more Linux boxes. [...] >High response times you get from a system is most of the time due to to paging >and / or swapping. Adding a faster CPU will not help you very much. Adding >memory will. Those machines with have enough RAM, and are not swapping, are more likely to need better I/O devices. For example, I wonder if Srini's machine serving those few Xterminals has an EISA bus, with an EISA scsiII HD controller and fast drives, and an EISA ethernet card and serial ports being used are off a smart EISA card..... Even with just a 486 66, the proper amount of memory and speedy I/O should yield startling results. >This 8 Meg is the amount of menory which is swapped in at a certain moment. >A window manager typically is used often, and stays swapped in. So running >this on a xterminal rather then on the host is a good way to save available RAM. >Besides that, it is one of the X client programs you have to wait for when >it should be paged in. Thaat is the major advantage of running it local - >switching to another window does not cost the time to swap in the >window manager anymore (but still perhaps the time to swap in another client!) That does not make sense. Unix is *UNIX*, if everyone is using the same window manager (very typical), then the binary is loaded only once into memory and shared. Window managers are small compared to most X applications. If you want to speed things up, lower loads on the host and net, then add more memory to the Xterminals and make sure the Xterminal has backing store enabled! >(PS The above is based upon experiences with Sun Sparc 1 en 2 -- but will be > similar for Linux boxes.) Actually, no. The Sun (at least running 2.3) swapps like *MAD* with 16 MB of memory doing just about anything. I was quite disappointed. On the other hand, my Linux box at home has 16MB of RAM and I can run tons of stuff and still not swap. This might be due to the RISCness of the Suns (I noticed binary sizes are often 50% bigger). -- /--------------------------------------------------------------------------\ | Mark A. Davis | Lake Taylor Hospital | Norfolk,VA (804)-461-5001x431 | | Director/SysAdmin | Information Systems | mark@taylor.infi.net | \--------------------------------------------------------------------------/ ------------------------------ Subject: Re: Please don't post security holess... From: STEVO@acad.ursinus.edu (Steve Kneizys) Date: 9 Oct 94 19:14:03 EST Panzer Boy (panzer@dhp.com) wrote: : Steve Kneizys (STEVO@acad.ursinus.edu) wrote: : : If there was a security developers group, then the holes could : : be emailed to them for evaluation so as not to publicize the hole : : long before the fix. Or make a moderated comp.os.linux.security : : group? : comp.os.linux.security? Moderated? Gimme a break. By not releasing : information about problems you are just limitting that information to the : people who "really want it", no matter if they are "bad" or "good". : If you are running any machine directly attached to the internet and you : don't expect people to rattle the locks you have, you are extremely : naive. If you expect by not posting publically that there are holes in : systems, and expect that only "good" guys will get that information, then : you are also extremely naive. You could wait for the CERT advisory about : SMAIL, I'm sure one will be out in 4-6 weeks from now... I never said do not release information...give me a break! You ever read the CERT advisories? Ever notice how they do not tell people exactly how to break in, but rather just tell where a vulnerability is and an immediate workaround / something to disable/ the risks/ the fix? A moderator might be able to help decide what info is critical to get out and what might add to security risk instead of making things safer. You ever wonder why they do not post the actual breakin procedure? You didn't seem to have thought about that! CERT has some discretion. I guess you would not be a good moderator for such a group then ;-) Can you think of another way to reduce the risk? Steve... ============================================================================ | Steve Kneizys Stevo@acad.ursinus.edu | | Director P.O. Box 1000 | | Academic Computing Collegeville, PA 19426 | | Phone (215) 489 4111 x 2244 | | Ursinus College FAX (215) 489 0634 | ============================================================================ ------------------------------ From: bini@cli.di.unipi.it (Michele Bini) Crossposted-To: comp.protocols.ppp Subject: On PPP I can FTP but not SMTP Date: 13 Oct 1994 13:40:48 GMT I just installed PPP 2.1.1 on two Linux boxes, to setup a point-to-point modem link (with no Internet connection). The two systems are referred to as cassandra and pegasus in the following. The following work: ftp telnet rlogin finger But the following don't: talk (exits complaining with an "aborted talkd write: network is unreachable" immediately after having sent the talk request to the other machine talkd (the other machine rings, then talk exits)) smail on smtp (when a message is sent from, say, cassandra, it arrives to pegasus, but something goes wrong, and it's not delivered. However, on cassandra, root receives a mail messages, originating from MAIL-DAEMOD@pegasus, showing a log about an smtp transfer which seems to imply that the message arrived to pegasus, but then, while pegasus was trying to do something in reply, network went down ("network is unreachable" again)) Obviously, exchanging "cassandra" <-> "pegasus" doesn't affect the results. Does someone have any suggestions/solutions? Mail me, I'll summarize. -- Michele Bini: bini@cli.di.unipi.it http://www.cli.di.unipi.it/~bini/intro ------------------------------ Subject: Re: Please don't post security holess... From: STEVO@acad.ursinus.edu (Steve Kneizys) Date: 9 Oct 94 20:00:11 EST Tim Bass (Network Systems Engineer) (bass@cais2.cais.com) wrote: : [stuff deleted] : SOAPBOX : In a free and open society, ALL information should be available. : Many governments and orgs withhold information in the interest : of 'security' to the detriment of society as a whole. All this : done in the name of 'security' : BACK ON THE GROUND : [more stuff deleted] All information eh? Like Your sexual practices...how to make a nuclear device...your BANK CARD mag strip info with your PIN #...medical history...trade secrets... list of ppl's houses and how to defeat their home security system... President's moment by moment schedule...usernames and passwords... Why don't you just post all your root/system passwords! :) :) Steve... ------------------------------ From: barr@pop.psu.edu (David Barr) Subject: Re: Security hole - has noone noticed so far? Date: 9 Oct 1994 20:39:18 -0400 In article , Lee Silverman wrote: >There's a good one! A sendmail bug was just reported a few months >ago, adding yet another to the DOZENS of bugs reported about sendmail. Yes, but those were all fixed. There are no outstanding security bugs in sendmail, to my knowledge. >Most of the bugs reported in sendmail give *outside* users access to >your machine; Historically, maybe, but not in recent memory. Most of the ones recently require local access. Scanning the CERT archives, the list is split about halfway betweeen local-only holes and remote holes. >this smail bug was only available to users who have >already logged in. Well there are *three* bugs in smail currently, and if memory serves, at least one is remote. >Big difference. Sendmail (The standard one, >anyway, 8.6.9) arguably the single hardest unix package to configure >correctly. Okay, I'll argue with you. I found smail to be a total pain to install. The documentation sucks, and the config file options aren't very obvious. Sendmail's documentation is much more complete. Smail has the "advantage" that it's not used nearly as much as sendmail, and thus has less people pounding out the bugs on it. Sendmail may be of bad design, but if there's a hole to be found, it gets found fairly soon these days. Unfortunately it also means that once a bug _is_ found, a heck of a lot more people are affected. It's simple numbers games. >Smail is a damn good program, and I use it all the time. >I am going to check out Zmailer 2.97, but in the meantime, for ease >and understandability, and for security reasons, I'm going to stick to >smail rather than risk using sendmail. There are also security problems with the current Zmailer. (Or so I was told a couple months ago by someone who discovered some) --Dave ------------------------------ From: smcpeek@isr0830.urh.uiuc.edu (Shawn D. McPeek) Subject: Re: Security hole - has noone noticed so far? Date: 10 Oct 1994 00:49:22 GMT David Barr (barr@pop.psu.edu) wrote: : recently require local access. Scanning the CERT archives, the : list is split about halfway betweeen local-only holes and remote : holes. Where can one find these CERT archives? ------------------------------ From: bass@cais.cais.com (Tim Bass (Network Systems Engineer)) Subject: Re: Please don't post security holess... Date: 10 Oct 1994 00:49:01 GMT : : [more stuff deleted] : All information eh? Like : Your sexual practices...how to make a nuclear device...your BANK CARD Inquiring minds want to know :-) : mag strip info with your PIN #...medical history...trade secrets... PIN # is 4231 Medical History.... dying slowly and painfully Trade Secrets .... Need a contract vehicle to do services directly with the US gov. PLEASE HELP !! : list of ppl's houses and how to defeat their home security system... : President's moment by moment schedule...usernames and passwords... Let me see, now he's looking for medical insurance for Hillary :-) : Why don't you just post all your root/system passwords! All root passwds are the same: more$4me! Give them a try !!! : :) :) : Steve... Great come back Steve, I really set myself up for that one. See what happens when I try to be an advocate for freedom ;-) Guess I'll leave my soapbox on the washing machine next to my lost socks box. Still, I think posting security holes is good. Posting all root passwds might be fun though ! Nice idea. ------------------------------ From: greck@scaredy.catt.ncsu.edu (Greck Cannon) Crossposted-To: comp.os.linux.misc Subject: Re: "more" quit working. HELP!!! Date: 13 Oct 1994 13:21:51 GMT Tony Schwartz (tony@teleport.com) wrote in article <>: > Recently my 'more' program quit working. I have tried several things with no > success. When I type 'more filename', it simply goes to the next line. When Are you running xdm? On machines running slackware 2.0.1+xdm, more goes haywire. It starts buffering about 5 chars before if actually does anything with them, and then processes them all at once. Unless I'm mistaken, more uses ncurses to do it's work, and therein I believe lies the problem. > I say "ls >more" I get a broken pipe error. This won't work on any machine. more is a pipe. Try "ls | more". ^ a pipe -greck p.s. quick solution: use less. -- Greck S. Cannon \ [He's] only bitter on the outside--inside sophomore CSC major \ he's got creamy nougat. greck@ \ -Slappy Squirrel scaredy.catt.ncsu.edu \ =========================== set your URL to http://www.catt.ncsu.edu ------------------------------ From: kai@depeche.toppoint.de (Kai Voigt) Subject: Re: Quick Q: Changing beep - where? Date: 13 Oct 1994 07:20:15 GMT In <1994Oct12.211251.34599@spillman.uucp> jamesk@spillman.uucp (James Knowles) writes: >I must be blind, but can some kind soul point me in the right direction >for changing the default "beep" sound? in tcsh you can use a command as the beep signal. alias beepcmd "cat ~/.dip.au > /dev/audio" would play an .au file instead of beeping... Kai -- Kai Voigt, Werftstrasse 2, 24148 Kiel, Germany, +49 431 7297514 "3.2 Kostet EMail Geld?" "... Aus verstaendlichen Gruenden wird es nicht gerne gesehen, dass unnoetige oder gar private Mails verschickt werden." -- aus FAQ der Informatik, Uni-Kiel ------------------------------ From: ddb@terrabit.mn.org (David Dyer-Bennet) Subject: Re: Please don't post security holess... Date: Thu, 13 Oct 1994 03:12:36 GMT sheela@er7.rutgers.edu (Isis Leslie) writes: >I'm rather unconfortable with the posting of all of these security holes. >For a while I was under the impression that this was a no-no, and that >while sure, posting a "fix" or "work around will tell those in the know >just what the whole is, at least it makes it a little tougher. I can't reasonably evaluate a patch that doesn't include a description of what it fixes. And I hope you aren't suggesting that people apply any patch that anybody posts! Historically, not posting bug reports seems to result in bugs not getting fixed. After watching the net for, um, a number of years now, I'm firmly in favor of full disclosure. -- David Dyer-Bennet, proprietor, The Terraboard Minneapolis, MN ddb@network.com, ddb@terrabit.mn.org, ddb@mtn.org Web URL: http://www.mtn.org/~ddb (SF, photo) ------------------------------ From: johnm@cory.EECS.Berkeley.EDU (John D. Mitchell) Crossposted-To: ucb.os.linux Subject: Linux [c]fdisk vs DOS Date: 11 Oct 1994 16:40:44 GMT I've got two machines that are almost identical. Both are using BusLogic 445s VL-Bus SCSI-2 controllers onto Micropolis SCSI disks (one is 1.7 GB and one is 1.0 GB). The 1.7 GB machine is running MS-DOS v6.20 and Linux 1.1.47 (the Yggdrasil Fall '94 CD). I partitioned this using the cfdisk program that was installed with Linux creating the following partitions: /dev/sda1 500 MB for DOS /dev/sda2 32 MB for swap /dev/sda3 448 MB for Linux root /dev/sda4 700+ MB for Linux home When I boot into DOS on that machine DOS correctly states that it's got 500 MB of disk space (and whatever I have left (110+ MB :-) is correct too). The 1.0 GB machine is running MS-DOS v6.21 and the same Linux as above. I partitioned this using the cfdisk from Linux as follows: /dev/sda1 384 MB for DOS /dev/sda2 32 MB for swap /dev/sda3 384 MB for Linux root /dev/sda4 200+ MB for Linux home When I boot to DOS on this machine DOS says that it's got all 1.0 GB of disk space. I've tried re-partitioning the drive, reformatting it, etc. but none of that made any difference. All of the partitions are primary and I set the active/boot partition to the DOS partition. At this point I'm inclined to believe that it's a 'feature' of MS-DOS v6.21 but... Thanks, John ------------------------------ From: bof@wg.saar.de (Patrick Schaaf) Crossposted-To: comp.security.misc Subject: Re: Please don't post security holess... Date: 12 Oct 1994 11:09:25 -0000 mkshenk@u.washington.edu (M. K. Shenk) writes: >I am not talking about doing anything with the system..) typing a >correct response to a password prompt for an account which is >not yours and hanging up does no harm. ... unless it triggers all kinds of alarm bells set up to alert the security conscious admin of the Bad Guys. Figuring out that you are not malicious takes time. According to your argument, opening car doors is ok as long as you close it immediately. I hate the sound of car alarm systems in the night... >Can someone propose a location where followups would be more germane? >We're sort of off-topic. Completely off-topic. F'ups to comp.security.misc. It would probably be better to drop the topic completely, because it was beaten to death a zillion times, but that's Usenet for you... bye Patrick ------------------------------ ** FOR YOUR REFERENCE ** The service address, to which questions about the list itself and requests to be added to or deleted from it should be directed, is: Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU You can send mail to the entire list (and comp.os.linux.admin) via: Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU Linux may be obtained via one of these FTP sites: nic.funet.fi pub/OS/Linux tsx-11.mit.edu pub/linux sunsite.unc.edu pub/Linux End of Linux-Admin Digest ******************************