lostecho/oldlinux-files
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
af7120d204d37af256fa9bbca1572e91f89b8ef0
oldlinux-files/mail-archive/linux-admin/Volume2/digest189
gohigh a778c607a4 add directory mail-archive
2024-02-19 00:25:02 -05:00

623 lines
26 KiB
Plaintext
Raw Blame History

From: Digestifier <Linux-Admin-Request@senator-bedfellow.mit.edu>
To: Linux-Admin@senator-bedfellow.mit.edu
Reply-To: Linux-Admin@senator-bedfellow.mit.edu
Date: Thu, 13 Oct 94 16:16:19 EDT
Subject: Linux-Admin Digest #189
Linux-Admin Digest #189, Volume #2 Thu, 13 Oct 94 16:16:19 EDT
Contents:
Re: SCSI HP-DAT PROBLEMS (Steven Buytaert)
Re: Please don't post security holess... (Damien P. Neil)
Re: shutdown without root access -- SUMMARY (Bill C. Riemers)
Re: Please don't post security holess... (Steve Kneizys)
Re: Security hole - has noone noticed so far? (Bill C. Riemers)
Re: Please don't post security holess... (Steve Kneizys)
Usenet on my Linux system (Nathan Stratton)
Re: Telnetd doesn't notice you're gone. (Donald Becker)
Re: PC m/boards + ncr PCI (some tips + info) (Donald Becker)
Re: Please don't post security holess... (M. K. Shenk)
Re: Where to find acct for 1.1.49+? (Juha Virtanen)
Re: Please don't post security holess... (Robin D. Wilson)
----------------------------------------------------------------------------
From: buytaert@imec.be (Steven Buytaert)
Subject: Re: SCSI HP-DAT PROBLEMS
Date: Thu, 13 Oct 1994 14:24:51 GMT
x0202479 J.P. van de Plasse (vdplasse@newsserver.et.tudelft.nl) wrote:
: I can make an backup to a HP-DAT 2GB tape streamer,
: using tar. but I don't succeed to create multiple tar's on one tape
: The second tar overwrites the first one.
: I've tried to use mt eom, but then when using mt tell it still say's
: Location 0 !!!
: ANybody gota clue
Yup, I think so. It's been a while that I made a SCSI tar tape
with several archives on a tape, so I can't give the *exact*
answer. I don't have the HOWTO at work here neither. Whatever...
You should use the non-rewinding device, described in the
SCSI-HOWTO for multiple archives. That worked for me.
It's the same device name as the normal scsi tape name, but
with a letter 'n' appended. Check it out. Hope this helps...
Stef
--
Steven Buytaert
WORK buytaert@imec.be
HOME buytaert@innet.be
'Imagination is more important than knowledge.'
(A. Einstein)
------------------------------
From: damien@b63519.student.cwru.edu (Damien P. Neil)
Subject: Re: Please don't post security holess...
Date: 10 Oct 1994 02:52:27 GMT
In article <37a749$9ke@jaws.cs.hmc.edu>,
Matthew Dharm <mdharm@muddcs.cs.hmc.edu> wrote:
>This means: HACKERS ARE THE FIRST TO KNOW ABOUT A HOLE!
>
>Naturally, they don't want us (the sysadmins, the "good guys" in the
>white hats) to know about it. If we did, they would have one less
>tool with which to break into our systems.
<sigh>
I would like to consider myself to be a hacker. (Others may disagree -- as
the quote below states, it is a title best given, not taken.) I have never
broken into a system. I do not plan on doing so at any time in the future.
The term `hacker' has been perverted by some to refer to criminals who
attempt to penetrate security on computer systems. This was not the
original meaning of the word. To refer to such people as `hackers' is to
give them a dignity they do not deserve.
The following is an entry from the jargon file, available from GNU archives
everywhere as `jarg300.txt.gz'.
:hacker: [originally, someone who makes furniture with an axe] n.
1. A person who enjoys exploring the details of programmable
systems and how to stretch their capabilities, as opposed to most
users, who prefer to learn only the minimum necessary. 2. One who
programs enthusiastically (even obsessively) or who enjoys
programming rather than just theorizing about programming. 3. A
person capable of appreciating {hack value}. 4. A person who is
good at programming quickly. 5. An expert at a particular program,
or one who frequently does work using it or on it; as in `a UNIX
hacker'. (Definitions 1 through 5 are correlated, and people who
fit them congregate.) 6. An expert or enthusiast of any kind. One
might be an astronomy hacker, for example. 7. One who enjoys the
intellectual challenge of creatively overcoming or circumventing
limitations. 8. [deprecated] A malicious meddler who tries to
discover sensitive information by poking around. Hence `password
hacker', `network hacker'. The correct term is {cracker}.
The term `hacker' also tends to connote membership in the global
community defined by the net (see {network, the} and
{Internet address}). It also implies that the person described
is seen to subscribe to some version of the hacker ethic (see
{hacker ethic, the}.
It is better to be described as a hacker by others than to describe
oneself that way. Hackers consider themselves something of an
elite (a meritocracy based on ability), though one to which new
members are gladly welcome. There is thus a certain ego
satisfaction to be had in identifying yourself as a hacker (but if
you claim to be one and are not, you'll quickly be labeled
{bogus}). See also {wannabee}.
>If a hacker is the first to know about a hole in my system, you better
>believe that I want to be the second. The third person I want to know
>is the guy who is going to give me the fix. Since I don't know person
>1 and 3, I have to rely on groups like this one to provide me with the
>information I need.
Agreed. If there is a hole on my system, I want to know about it yesterday.
I don't want someone to say, ``There is a hole, do this to fix it. Sorry,
we won't tell you what the hole is.''
>These are just my thoughts. Wish me luck on installing Linux on my
>box.
Good luck! :>
>P.S. -- Is there a distribution with a patch for the smail bug?
I believe the latest version of Slackware includes sendmail 8.6.9, which
does not have either the debug file bug, or the .forward misconfiguration.
- Damien
------------------------------
From: bcr@k9.via.term.none (Bill C. Riemers)
Subject: Re: shutdown without root access -- SUMMARY
Date: 10 Oct 1994 02:51:40 GMT
Reply-To: bcr@physics.purdue.edu
>>>>> "Austin" == Austin Donnelly <and1000@cus.cam.ac.uk> writes:
Austin> In article <379hi2$m44@linus.mitre.org>, Van Zandt
Austin> <jrv@truth.mitre.org> wrote:
>> Greck Cannon <greck@scaredy.catt.ncsu.edu> suggests:
>>> Make a group containing the people you want to be able to shut
>>> the machine down. Then change /sbin/shutdown to suid [change
>>> its owner to root,] and change its group to the shutdown
>>> people group. You may also have to suid and chgrp halt and
>>> reboot...
Austin> This all works in theory, but unfortunately as umount(8)
Austin> is already setuid root, it doesn't work in practice. Yes,
Austin> the computer reboots fine, but it doesn't unmount the
Austin> disks, causing an fsck to happen at the next startup.
Austin> This is because umount can be run by ordinary users when
Austin> (for example) unmounting a floppy, and it needs to update
Austin> /etc/mtab. So umount ignores the EUID of a user (since
Austin> this is normally root) and only allows the root filesystem
Austin> to be unmount by someone with a UID of 0 (ie the
Austin> superuser).
Austin> I don't think there is *any* elegant solution to this
Austin> umount problem.
Lets face it, the most rational solution is to use a key mapping or
such. If they have access to your machine, they can reboot it
anyways. Its better to have them doing it from the keyboard than
with the reset or power buttons... But, since most people won't
settle for that answer, how about a crontab job:
* * * * * if [ -f /priv/reboot ]; then rm -f /priv/reboot;/sbin/reboot; fi
Then users having access to /priv can reboot, everyone else can't,
unless they hose your computer with the reset or power buttons.
Bill
--
<A HREF=" http://physics.purdue.edu/~bcr/homepage.html ">
<EM><ADDRESS> Bill C. Riemers, bcr@physics.purdue.edu </ADDRESS></EM></A>
<A HREF=" http://www.physics.purdue.edu/ ">
<EM> Department of Physics, Purdue University </EM></A>
------------------------------
Subject: Re: Please don't post security holess...
From: STEVO@acad.ursinus.edu (Steve Kneizys)
Date: 9 Oct 94 22:45:53 EST
Tim Bass (Network Systems Engineer) (bass@cais.cais.com) wrote:
: : : [more stuff deleted]
: : All information eh? Like
: : Your sexual practices...how to make a nuclear device...your BANK CARD
: Inquiring minds want to know :-)
: : mag strip info with your PIN #...medical history...trade secrets...
: PIN # is 4231
: Medical History.... dying slowly and painfully
: Trade Secrets .... Need a contract vehicle to do services directly with
: the US gov. PLEASE HELP !!
: : list of ppl's houses and how to defeat their home security system...
: : President's moment by moment schedule...usernames and passwords...
: Let me see, now he's looking for medical insurance for Hillary :-)
: : Why don't you just post all your root/system passwords!
: All root passwds are the same: more$4me!
: Give them a try !!!
: : :) :)
: : Steve...
: Great come back Steve, I really set myself up for that one. See what
: happens when I try to be an advocate for freedom ;-) Guess I'll leave my
: soapbox on the washing machine next to my lost socks box.
: Still, I think posting security holes is good. Posting all root passwds
: might be fun though ! Nice idea.
I want to know about security holes too! Really I do...I just want it both
ways...I want to know how to fix them at the same time I do not want my
users to find them :) :) :)
I spent most of Friday tracking down a user on campus who faked email
from another users acct sending mail to all students with a message
regarding furry animals and homosexuality and wannas...it is so easy
to do so very many bad things and tracking them down takes work!
I just wish we could make these ppl have to do work to misbehave.
Steve...
------------------------------
From: bcr@k9.via.term.none (Bill C. Riemers)
Subject: Re: Security hole - has noone noticed so far?
Date: 10 Oct 1994 03:07:40 GMT
>>>>> "David" == David Barr <barr@pop.psu.edu> writes:
David> In article <LEE.94Oct7223327@netspace.students.brown.edu>,
David> Lee Silverman <lee@netspace.students.brown.edu> wrote:
>> There's a good one! A sendmail bug was just reported a few
>> months ago, adding yet another to the DOZENS of bugs reported
>> about sendmail.
David> Yes, but those were all fixed. There are no outstanding
David> security bugs in sendmail, to my knowledge.
>> Most of the bugs reported in sendmail give *outside* users
>> access to your machine;
David> Historically, maybe, but not in recent memory. Most of the
David> ones recently require local access. Scanning the CERT
David> archives, the list is split about halfway betweeen
David> local-only holes and remote holes.
>> this smail bug was only available to users who have already
>> logged in.
David> Well there are *three* bugs in smail currently, and if
David> memory serves, at least one is remote.
Correction: There were 3 bugs in smail... They were fixed almost as
rappidly as they where reported. By the time the new reached the
announce groups, those who had been monitoring the smail newsgroup
already had there systems fixed. Those who hadn't been monitoring
the smail newsgroup have been running around like chickens with there
heads cutoff trying to switch to sendmail.
>> Big difference. Sendmail (The standard one, anyway, 8.6.9)
>> arguably the single hardest unix package to configure
>> correctly.
David> Okay, I'll argue with you. I found smail to be a total
David> pain to install. The documentation sucks, and the config
David> file options aren't very obvious. Sendmail's documentation
David> is much more complete.
Did you reverse things there? "smail" is probably the simpliest thing
to install on my whole system. Much easier than libc, XFree86-3.1,
... I've had several people contact me asking how to use term over
sendmail. My typical responce is to give them my recompiled smail
binaries and get them up and running in about 15-45 minuites,
depending on whether they have "term" installed correctly...
David> Smail has the "advantage" that it's not used nearly as much
David> as sendmail, and thus has less people pounding out the bugs
David> on it. Sendmail may be of bad design, but if there's a
David> hole to be found, it gets found fairly soon these days.
David> Unfortunately it also means that once a bug _is_ found, a
David> heck of a lot more people are affected. It's simple
David> numbers games.
I don't know about that. The "smail" bugs where found awfully fast.
I think each one had a lifetime of less that 24 hours.
>> Smail is a damn good program, and I use it all the time. I am
>> going to check out Zmailer 2.97, but in the meantime, for ease
>> and understandability, and for security reasons, I'm going to
>> stick to smail rather than risk using sendmail.
David> There are also security problems with the current Zmailer.
David> (Or so I was told a couple months ago by someone who
David> discovered some)
Yep. Speaking of security problems, anyone know what the login(1)
scare was a while back. That is one case where neither the hole
nor the solution where posted, just a note to get the xxxx patch
to fix it. Being lazy, I just tooked my machine off the net for
a while and then eventually picked-up a new executable. But it
would be nice to know what the problem was.
Bill
--
<A HREF=" http://physics.purdue.edu/~bcr/homepage.html ">
<EM><ADDRESS> Bill C. Riemers, bcr@physics.purdue.edu </ADDRESS></EM></A>
<A HREF=" http://www.physics.purdue.edu/ ">
<EM> Department of Physics, Purdue University </EM></A>
------------------------------
Subject: Re: Please don't post security holess...
From: STEVO@acad.ursinus.edu (Steve Kneizys)
Date: 9 Oct 94 22:58:28 EST
Matthew Donadio (donadio@mxd120.rh.psu.edu) wrote:
: Steve Kneizys (STEVO@acad.ursinus.edu) wrote:
: : If there was a security developers group, then the holes could
: : be emailed to them for evaluation so as not to publicize the hole
: : long before the fix. Or make a moderated comp.os.linux.security
: : group?
: Why? That's what comp.security.announce is for. The vast majority of
: software used under linux is not linux specific. The only real stuff
: that linux specific is in /etc or /sbin and a good chunk of that is
: generic unix software.
Sounds good! I was thinking along the lines of the CERT emails I get
and a linux specific group, but certaintly comp.security.announce makes
sense.
Steve...
------------------------------
From: nstn@netcom.com (Nathan Stratton)
Subject: Usenet on my Linux system
Date: Wed, 12 Oct 1994 03:59:38 GMT
Hi, I have my usenet setup, but I have this one little problem.
Usenet is not getting sent out. I get theis file called usenet_out.work
this fiel is growing vary fast and no one is posting. My outgoing file
should be called usenet_out what is the .work thing and why is it growing
when no one is posting?
If you can help please send me mail at nathan@novanet.com or
nstn@netcom.com.
Thanks,
--
Nathan Stratton CEO, NovaNet, Inc. On-Line Communication Services.
------------------------------
From: becker@cesdis.gsfc.nasa.gov (Donald Becker)
Crossposted-To: comp.os.linux.help
Subject: Re: Telnetd doesn't notice you're gone.
Date: 9 Oct 1994 23:34:44 -0400
In article <G3tluA9KBh107h@pad.xs4all.nl>,
Jon Leonard <daddyo@pad.xs4all.nl> wrote:
>In <374p48$s0t@news.u.washington.edu> ade@cac.washington.edu (Adrian Miranda) writes:
>>Linux telnetd never seems to notice that I've gone away. On
>>most other systems it appears that telnetd periodically checks if it
>>can reach the remote system, and shuts down the connection if it
>>can't.
>>Does anyone have a solution to this?
>
>>Adrian
>
>Are you sure it's telnetd that is doing the checking? I don't know about
>the Linux implementation, but similar behavior on SunOS and HP-UX is
>because the TCP port never closes. There is a TCP keep alive timer, but
>it just doesn't seem to be in all implementations.
The TCP keep-alive timer should not be used to shut down a connection if the
remote end cannot be reached. An implementation that does is incorrect.
You don't have to take my word on this -- the issue comes up often in the
tcpip newgroup when someone asks "how can tell when a networked PC has been
turned off".
What the keep-alive packets can do is detect when a machine has been
rebooted and the connection endpoint no longer exists.
--
Donald Becker becker@cesdis.gsfc.nasa.gov
USRA-CESDIS, Center of Excellence in Space Data and Information Sciences.
Code 930.5, Goddard Space Flight Center, Greenbelt, MD. 20771
301-286-0882 http://cesdis.gsfc.nasa.gov/pub/people/becker/whoiam.html
------------------------------
From: becker@cesdis.gsfc.nasa.gov (Donald Becker)
Crossposted-To: comp.os.linux.help
Subject: Re: PC m/boards + ncr PCI (some tips + info)
Date: 9 Oct 1994 23:55:48 -0400
In article <ah.781714340@dolphin.doc.ic.ac.uk>,
Angelo Haritsis <ah@doc.ic.ac.uk> wrote:
>A while ago I asked the net about PCI motherboards that will work
>well with linux and Drew's NCR PCI SCSI driver.
>
>This is a very short summary of ideas I collected from various people
>together with some personal views.
What!? You broke with net tradition and actually posted the promised
summary? And not just as concatenated email? I'm impressed!
> Rumours say that Intel chipset PCI motherboards will have problems
> with more than one bus-mastering PCI board. I have not tried this one
> yet on mine and have nothing to suggest. I also heard that the
> Saturn II chipset is problematic, but this is the one I use
> and it is perfectly ok! Advice: Try to negotiate a 1-2 week money
> back agreement with your supplier, in case the motherboard
> you get has problems with the use you plan for it.
I've been running an ASUS SP3G with the on-board bus-master NCR SCSI
controller and a Boca PCnet/PCI bus-master ethercard. I've had no problems
since I've reverted to the factory BIOS setting. Sample size: 2 machines x
1 week.
--
Donald Becker becker@cesdis.gsfc.nasa.gov
USRA-CESDIS, Center of Excellence in Space Data and Information Sciences.
Code 930.5, Goddard Space Flight Center, Greenbelt, MD. 20771
301-286-0882 http://cesdis.gsfc.nasa.gov/pub/people/becker/whoiam.html
------------------------------
From: mkshenk@u.washington.edu (M. K. Shenk)
Subject: Re: Please don't post security holess...
Date: 12 Oct 1994 04:39:59 GMT
In article <CxJ7LG.HF@pell.com>, Orc <orc@pell.com> wrote:
>In article <37cp6s$t3o@nntp1.u.washington.edu>,
>M. K. Shenk <mkshenk@u.washington.edu> wrote:
>>But it's not a dwelling space, and it can be very easily argued (of course,
>>antyhing can be easily argued by most folks) that infringements on a
>>virtual space, a computer system, should not be treated as seriously as
>>those on a dwelling space.
>
> It's not a "virtual space" -- the machine is sitting there,
>eating electricity and producing heat. If you want to visit it,
>it's simple courtesy to ask first, just as it's considered polite
>to ask someone if you can visit their house.
Yes, it is in the way you are using it. You are not visiting it in
a physical location. All past tresspassing laws have been based on this.
The fact that a "tresspasser" here is different in a very significant way
merits thought. This is all that I am saying. I never denied it would
be polite to ask first. I stated that there is a difference. True
statement.
I did not imply ANYHTING. I made a true statement. A and B are different.
Not that A is wrong and B is not. Or that B should necessarily
be treated differently from A (though it should be cosidered.)
------------------------------
From: Juha.Virtanen@iguana.hut.fi (Juha Virtanen)
Subject: Re: Where to find acct for 1.1.49+?
Date: 13 Oct 1994 18:52:41 GMT
Reply-To: jiivee@hut.fi
>>>>> On Sun, 09 Oct 1994 10:06:44 +0930,
andrewp@itwhy.bhp.com.au (Andrew PRUSEK) said:
:> Some time ago I had the address for the ftp site that had the process
:> accounting patch for kernel above 1.1.18.
URL: ftp://iguana.hut.fi/pub/linux/sources/Kernel/Patches/acct_for_1.1.48.
This very same patch works fine with Linux-1.1.52, as well, and
patches to Linux-1.1.53, too (though, I haven't tested that
kernel yet).
Juha
--
Pl<EFBFBD><EFBFBD>h.
------------------------------
From: robin@pencom.com (Robin D. Wilson)
Subject: Re: Please don't post security holess...
Date: 13 Oct 1994 14:38:17 GMT
Reply-To: robin@pencom.com
In article <37iftu$hf0@nntp1.u.washington.edu> mkshenk@u.washington.edu (M.
K. Shenk) writes:
:In article <37gt3n$fn1@digdug.pencom.com>,
:Robin D. Wilson <robin@pencom.com> wrote:
:>In article <37foqi$8g2@nntp1.u.washington.edu> mkshenk@u.washington.edu (M.
:>K. Shenk) writes:
:>:In article <1994Oct11.152740.15304@cs.cornell.edu>,
:>:La'szlo' Lada'nyi <ladanyi@cs.cornell.edu> wrote:
:>:>mkshenk@u.washington.edu (M. K. Shenk) writes:
:>:>[...]
:>:>>>> Penetrating the security of a
:>:>>>> computer system is totally harmless in and of itself.
:>:>>> ^^^ LOOOK! LOOOOK at this! "in and of itself."
:>:>>>This is your opinion, and you would probably find that 99% of
:>:>>>administrators will disagree with you.
:>
:>Mr. Shenk, you are _simply_ (and completely) WRONG! Privacy is a _very_
:>significant thing. You are advocating a way of life that leaves people no
:>choice but to completely conceal their private information within their own
:>heads.
:
:You idiot. Where do you see advocation? Expression of an opinion
:does not imply advocation of anything. What I mean when I am
:saying something is not what you might mean when you were saying the
:same thing. I am advocating nothing. If you cared to read what I am
:saying and not what you would like to hear, you would see that I
:expressly have said that I do not believe this is a 'correct' thing
:to do, merely that it is possible that it can do no harm. Never do I
:say this makes it 'okay' or do I advocate it. Learn to read and think.
"totally harmless"... "in and of itself"...
What do you call this other than a retarded "rationalization" for "it's OK to
break in, so long as you don't do anything but logoff"? Speaking of "not
reading" -- did you bother to read the _rest_ of my post? For your
edification:
If I simply walked up to your front door, picked the lock, opened the
door, and then walked away -- would you feel any less secure? I'll
bet you'd figure out how to put a better lock on the door. When
people put password protection on their systems, it is simply a means
to prevent _unwanted_ access to their systems. People know (most of
them anyway) that the password protection is no more of a guarantee
than a deadbolt on the front door, but it is an attempt -- with the
tools at hand. When you break that protection, you have violated
their _wishes_ (100% of the time -- not even 99%), otherwise they
wouldn't have placed the restriction on the system in the first
place. Even if they have it _poorly_ protected, that simply says
more about thier _ability_ to protect the system -- not about thier
intentions.
How can you reasonably say there was "no harm done"? Stealing privacy from
someone is _significant_ harm -- that goes on harming for a long time after
the original infringement.
:>Clearly, you have alot to learn about being _human_...
:
:I'm through with this thread. Nobody seems to get it. This (now
:worthless) discussion simply stemmed from a response to a dogmatic view
:about system crackers. I don't care who you express an incorrect
:view about, be it a murderer, I will attack it. This does not
:mean I am defending murder. This does not mean I am advocating murder. Do
:you understand this? Expressly: I do not advocate system cracking. I
:also do not advocate blanket statements about system crackers, murderers
:or anyone else. If you have not the intellectual capacity to understand
:why being correct even in damning someone or some group, no matter how
:much one would like to just damn away indiscriminately, is important, then
:I give up.
_You_ simply didn't get it... It is _not_ a dogmatic view. It is an
_extremely_ personal reaction to a _very_bad_ argument. Compromising
someone's privacy is an _extremely_ serious offense "in and of itself".
--
=============================================================================
*** These are my opinions... Mine! All Mine! Minemineminemineminemine! ***
=============================================================================
Robin D. Wilson robin@pencom.com Pencom Software
701 Canyon Bend Dr. 9050 Capital of Texas Hwy
Pflugerville, TX 78660 Austin, TX 78759
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU
You can send mail to the entire list (and comp.os.linux.admin) via:
Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU
Linux may be obtained via one of these FTP sites:
nic.funet.fi pub/OS/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Admin Digest
******************************
Reference in New Issue View Git Blame Copy Permalink