-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 16 Mar 2002, Patrick Beart wrote:
> My answer is that it's "software", not hardware.
>
> I'm new to the whole "security" thing, but I've learned that
>a hardware appliance is better than software, if only for the fact that
>someon
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Harry Putnam wrote:
>You wouldn't still have the *.mc file that produced that would you?
No, I'm afraid I don't, I'm sorry. Once I switched to qmail, I purged
all that ugliness from my life, saving only the useful snippets for
future use.
I do rec
Harry Putnam <[EMAIL PROTECTED]> writes:
> Attempting to send mail from machine 192.168.0.7 with mail client
> aimed at the above machine with the edited sendmail.cf, for smtp server.
>
> Gives me this error on the (Win 98) client:
> Error reported by server 550 5.7.1
> Relayi
hi there
can you tell me the procedure about how to patch the kernel? after i finish
zcat path.x.x.gz | patch -p0, what eles do i have to do? do i still run make
menuconfig, make dep, make clean, make modules, make modules_install, just
like the normal way to upgrade kernel?
any suggestion will
On Sat, Mar 16, 2002 at 09:33:26PM -0600, Jose Salvador Diaz wrote:
> I have Linux 7.0 and a few days ago when a try to get files from my FTP
> server i get a message asking for a user name and a password, when i tried
> to sign on with Anonymous user and any e-mail address as password i get
> aga
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gordon Messmer wrote:
>Well, if the contents of your network are terribly secret (say...
>propietary source code), then you can get draconian:
>
>Internet --- Firewall -- Proxies -- Firewall -- private net
>
>The external firewall passes packets on a
I have Linux 7.0 and a few days ago when a try to get files from my FTP
server i get a message asking for a user name and a password, when i tried
to sign on with Anonymous user and any e-mail address as password i get
again an error saying that can't get connections.
I have a ftp user in passwd
That would make for one hefty firewall.
Heck...next, we'll be configuring them with punch cards.
On Sat, 16 Mar 2002, David Talkington wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Mike Burger wrote:
>
> >Just out of curiosity, *IF* a firewall were truly hardware based, with no
On 16 Mar 2002, Gordon Messmer wrote:
> On Sat, 2002-03-16 at 14:27, Mike Burger wrote:
> > On 16 Mar 2002, Gordon Messmer wrote:
> > > Doesn't really change my point. There's only so much bandwidth
> > > available to the PCI bus. The PC architecture isn't going to process an
> > > infinite num
On Sat, 2002-03-16 at 16:18, David Talkington wrote:
>
> That's a help, but are you similarly able (administratively speaking)
> to restrict destination IPs on all other ports? Otherwise, any
> workstation could do the same thing on a different port, of course.
> Restricting 80 in this way w
Hi Brian,
> > I can't believe nobody there can tell me how to duplicate acanonda XFree
> > settings! This is all I want now: 800x600x256 on my laptop, just as
> > acanconda did during install of 7.2. :-(
>
> Anaconda uses Framebuffer to run X. It's not that common for people to have
> to use it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gordon Messmer wrote:
>Right. That's why I suggested allowing outbound SSH only from a few
>trusted hosts. 'Trusted' in this case means that they are controlled by
>the network admins, and not their users. Anyone who needs to ssh out
>gets an acco
On Sat, 2002-03-16 at 15:48, David Talkington wrote:
>
> Cameron Simpson wrote:
>
> >Personally I would opt for the "allow outbound ssh to a set of trusted
> >users" approach if possible. At my workplace we're fairly fortunate; most
> >of our users are either category 1, and thus in the trusted
Warning
Unable to process data:
multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=_ascension.dragonsdawn.net-8587-1016323434-0001-2"
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mike Burger wrote:
>Just out of curiosity, *IF* a firewall were truly hardware based, with no
>software involved, just how would you go about configuring it?
With toggle switches and little jumpers, of course. You're a young'n,
aren'tcha?
- -d
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cameron Simpson wrote:
>Personally I would opt for the "allow outbound ssh to a set of trusted
>users" approach if possible. At my workplace we're fairly fortunate; most
>of our users are either category 1, and thus in the trusted class. Most
>others
David Talkington <[EMAIL PROTECTED]> writes:
> Harry Putnam wrote:
>
>>In my setup I have a static IP address but I relay my outgoing mail
>>thru my isps smtp machine. I do this by giving that host name as
>>answer to Smart relay host: in Sendmail.cf
>>
>>Now I'll still be doing that but other f
On 16:46 16 Mar 2002, Lewi <[EMAIL PROTECTED]> wrote:
| I want remove my /tmp dir to new partition,
| what I'm want to asking for is:
| is that ok to mount /tmp partition to noexec and nosuid?
Yes, I would think so. It might occasionally be inconvenient, but it
shouldn't break much.
--
Cameron Si
On Sat, 2002-03-16 at 14:27, Mike Burger wrote:
> On 16 Mar 2002, Gordon Messmer wrote:
> > Doesn't really change my point. There's only so much bandwidth
> > available to the PCI bus. The PC architecture isn't going to process an
> > infinite number of packets. Your very expensive switches hav
On 11:47 16 Mar 2002, Gordon Messmer <[EMAIL PROTECTED]> wrote:
| On Fri, 2002-03-15 at 09:43, Rick Warner wrote:
| > On Fri, 15 Mar 2002, David Talkington wrote:
| > > Um ... Rick, you can turn that off. See the sshd man page for
| > > AllowTcpForwarding.
| >
| > Ummm, David, I can turn it off
On 13:27 16 Mar 2002, Ashley M. Kirchner <[EMAIL PROTECTED]> wrote:
| Patrick Beart wrote:
| > Because MS Word's current "export as HTML" function actually
| > creates an XML document.
| And that's...bad?
Well HTML is _not_ a dialect of XML. XHTML is I think, but HTML != XHTML.
Plain
On 16 Mar 2002, Gordon Messmer wrote:
> On Sat, 2002-03-16 at 12:05, Jack Bowling wrote:
> > ** Reply to message from Gordon Messmer <[EMAIL PROTECTED]> on Sat, 16 Mar 2002
>11:53:05 -0800
> >
> > > It becomes less appropriate when the amount of traffic to be firewalled
> > > approaches half the
On Sat, 16 Mar 2002, Patrick Beart wrote:
> > > On Fri, 15 Mar 2002, Pieter De Wit wrote:
> >>
> >> > Why, what is wrong with ipchains/iptables ?
> >> >
>
>
> My answer is that it's "software", not hardware.
>
> I'm new to the whole "security" thing, but I've learned that
> a h
I have been working with Cisco and Allied Telesyn routers/firewalls for many
years. These are at the top end of the security spectrum supposedly.
Although it has taken me a l-o-n-g time to get my head around IPTABLES it is
FAR superior to any of the other offerings for the following reasons. This
On Sat, 2002-03-16 at 12:05, Jack Bowling wrote:
> ** Reply to message from Gordon Messmer <[EMAIL PROTECTED]> on Sat, 16 Mar 2002
>11:53:05 -0800
>
> > It becomes less appropriate when the amount of traffic to be firewalled
> > approaches half the bandwidth of the PCI bus. Hardware firewalls te
I just uploaded rpm packages of the XenoStep and Xenophilia GTK+ theme
engines to my ftp server. While trying to patch XenoStep, I ran into
difficulty. All of its included themes have spaces in their filenames.
If I want to modify a gtkrc file, I can create a diff easily, but that
file doesn't
Patrick Beart wrote:
> Because MS Word's current "export as HTML" function actually
> creates an XML document.
And that's...bad?
--
H | "Life is the art of drawing without an eraser." - John Gardner
+
Ashley M.
On 16 Mar 02, at 11:16, Harry Putnam wrote:
> Now what about the harder part of getting sendmail to be the outgoing smtp
> host?
>
> In my setup I have a static IP address but I relay my outgoing mail
> thru my isps smtp machine. I do this by giving that host name as
> answer to Smart relay hos
** Reply to message from Patrick Beart <[EMAIL PROTECTED]> on Sat, 16 Mar
2002 11:44:39 -0800
> > > On Fri, 15 Mar 2002, Pieter De Wit wrote:
> >>
> >> > Why, what is wrong with ipchains/iptables ?
> >> >
>
>
> My answer is that it's "software", not hardware.
>
> I'm new to th
At 10:06 PM -0500 3/13/02, Mike Burger wrote:
> >From Microsoft word?
>
>Why not save the document as an HTML file?
Because MS Word's current "export as HTML" function actually
creates an XML document.
Patrick Beart
>On Wed, 13 Mar 2002, Steve Lee wrote:
>
>> is there
** Reply to message from Gordon Messmer <[EMAIL PROTECTED]> on Sat, 16 Mar 2002
11:53:05 -0800
> Asking on this list is likely to get you mostly recommendations of Linux
> (iptables) based commercial firewalls. Iptables is, in every sense, a
> commercial firewall. Open source firewalls based
On Sat, 2002-03-16 at 00:22, diyanat wrote:
>
> I am planning to install Openssh on my redhat Linux box 6.1 ,and wanted some
> advice
>
> I want to know if the rpm's available with 7.2 can be installed on 6.1
> and are there any dependencies or updates to be done for the same.
> has anyone
> > On Fri, 15 Mar 2002, Pieter De Wit wrote:
>>
>> > Why, what is wrong with ipchains/iptables ?
>> >
My answer is that it's "software", not hardware.
I'm new to the whole "security" thing, but I've learned that
a hardware appliance is better than software, if only for the
Asking on this list is likely to get you mostly recommendations of Linux
(iptables) based commercial firewalls. Iptables is, in every sense, a
commercial firewall. Open source firewalls based on Linux and FreeBSD,
as well as IDS's (snort, specifically) are rated very well, and are
quite capable
Warning
Unable to process data:
multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=_ascension.dragonsdawn.net-5705-1016307859-0001-2"
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Harry Putnam wrote:
>In my setup I have a static IP address but I relay my outgoing mail
>thru my isps smtp machine. I do this by giving that host name as
>answer to Smart relay host: in Sendmail.cf
>
>Now I'll still be doing that but other feeder m
"Ed Wilts" <[EMAIL PROTECTED]> writes:
>> I am thinking of using ipopd instead of imapd. But ipopd and imapd is
> started
>> from xinetd in my system (default RH 7.2). If that's the case for you too,
>> would not just adding the some line in hosts.allow and hosts.deny solve
> this
>> problem? Is
May I assume that you have VGA working with SIS 810 chipset?
How did you do that?
When I did Xconfigurator, it gives segmentation fault.
Kernel 2.4.18 mentions support for sis videocard (and many other sis
things) but when I compiled it with those sis support turned on, it
failed when I did make b
Fernando Lozano,
On Saturday March 16, 2002 11:45, you said something about:
> Hi there!
>
> I can't believe nobody there can tell me how to duplicate acanonda XFree
> settings! This is all I want now: 800x600x256 on my laptop, just as
> acanconda did during install of 7.2. :-(
>
Anaconda uses F
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Manuel A. Camacho Q. wrote:
>On my Toshiba ( a lot older than yours ) I select a VGA card and a
>generic LCD monitor and works fine. I read somewhere on the net that IBM
>LCD monitors may work.
>
>You can also try SVGA with this combinations and on
"Jim Bija" <[EMAIL PROTECTED]> writes:
> I have recently paid the 60 bux a year for the basic RHN. Most of the
> things im paying for i realy like, and find it well worth the money.
> However i do have 2 problems so far.
>
> One: when i go into the .ISO section to try to download 7.2 it just
> h
Hi there!
I can't believe nobody there can tell me how to duplicate acanonda XFree
settings! This is all I want now: 800x600x256 on my laptop, just as
acanconda did during install of 7.2. :-(
[]s, Fernando Lozano
___
Redhat-list mailing list
[EMAIL
Hi there,
The Intel web site says my video card (i830MG) is supported from XFree
4.2 and Kernel 2.4.11 and later. These packages are on Rawhide. Which
other packages should I install to get this working, ie, Xfree 4.2 and
kernel 2.4.11 dependencies?
[]s, Fernando Lozano
Hi Manuel,
> On my Toshiba ( a lot older than yours ) I select a VGA card and a
> generic LCD monitor and works fine. I read somewhere on the net that IBM
> LCD monitors may work.
>
> You can also try SVGA with this combinations and one may work..
Using SVGA and Generic Laptop display 1024x768
Getting the kernel is the easy part - you can get it from ftp.redhat.com or
any of its mirrors. You can get one from the 7.0 updates tree. However,
there are a multitude of packages that have dependencies to the kernel, so
you may have yourself a bit of a battle. Depending on your hardware
conf
> I am thinking of using ipopd instead of imapd. But ipopd and imapd is
started
> from xinetd in my system (default RH 7.2). If that's the case for you too,
> would not just adding the some line in hosts.allow and hosts.deny solve
this
> problem? Is it almost the same case with other services as t
Another hint, I am exporting to another network (subnet). Maybe the network ppl have
the routers set to not allow x port 6000 through.
>>> [EMAIL PROTECTED] 03/15/02 05:41PM >>>
yes, telnet, ssh, ftp, etc from/to this box. even xclock works from redhat to redhat.
when i try to export the d
On Friday 15 March 2002 05:40 pm, you wrote:
> On Fri, Mar 15, 2002 at 02:23:37PM -0800, Harry Putnam wrote:
> > Did you make and adjustments to disallow any traffic from the internet
> > on 143? (Or I guess 110 in your case) I wondered how to make it so
> > only 192.XXX.XXX is allowed to connect
After a client's system had some filesystem errors, up2date comes up with the
following error:
up2date -l
Traceback (innermost last):
File "/usr/sbin/up2date", line 9, in ?
import rpm
ImportError: No module named rpm
The same error crops up for anything else listed in the "import" lines i
download from a mirror site that is close to you.
>>> [EMAIL PROTECTED] 03/16/02 09:52AM >>>
I have recently paid the 60 bux a year for the basic RHN. Most of the things im paying
for i realy like, and find it well worth the money.
However i do have 2 problems so far.
One: when i go into the .I
I have recently paid the 60 bux a year for the
basic RHN. Most of the things im paying for i realy like, and find it well worth
the money.
However i do have 2 problems so far.
One: when i go into the .ISO section to try to
download 7.2 it just hangs there. Does nothing. Says getting file in
After upgrade to 7.2 and ext3 file system the .journal file was exposed.
Afer updating to the latest e2fsprogs the .journal on most file systems
was moved to an invisible inode. "Most" since "/" still has an exposed
.journal.
So, how to force /'s .journal to be moved as well?
Thanks,
Ed
_
Dear List
I am trying to set up NIS on my machine. I have set up ypserv.
usr/sbin/rpcinfo -p localhost
program vers proto port
102 tcp111 portmapper
102 udp111 portmapper
142 udp934 ypserv
141 udp934 ypserv
1000
Hi,
I read the man page for njamd (not just another memory debugger) and
followed the instructions to first:
export LD_PRELOAD=libnjamd.so
and then run my program.
However, I could not even get my program to start running. And even a simple
'ls' command fails miserably with:
NJAMD/free: addre
On Sat, 16 Mar 2002, Lewi wrote:
> yesterday I download new kernel 2.4.18 and patch-2.4.18-ac3
> after I compile using same config with I'm currently used(kernel-2.4.17)
> then I restart my server, but when starting iptables
> thereis error like this
> (file attached)
>
> I'm using iptables-1.2.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi
does anyone know how I might stop NS6 putting the nsmail/ dir in my ~/
everytime I accidentally click a mailto: link?
It's *very* annoying.
Much thanks
- --
- ---
www.explodingnet.com
yesterday I download new kernel 2.4.18 and patch-2.4.18-ac3
after I compile using same config with I'm currently used(kernel-2.4.17)
then I restart my server, but when starting iptables
thereis error like this
(file attached)
I'm using iptables-1.2.4-0.71.2 on redhat 7.1 system with latest update
I want remove my /tmp dir to new partition,
what I'm want to asking for is:
is that ok to mount /tmp partition to noexec and nosuid?
if no, what parameter to mount /tmp partition safely?
--
ichtus
--
Lewi Supranata .K
ICQ: 50643061
msg74257/pgp0.pgp
Description: PGP signature
58 matches
Mail list logo
