Pages

Search

Serial console access: need help - Forums Linux

Serial console access: need help - Forums Linux

Serial console access: need help

Posted: 31 May 2005 03:41 PM PDT

Menno,
Thank you for the reply. I do have SAFE=Yes in /etc/sysconfig/kudzu but
not the same for the inittab.
Menno Duursma wrote: 

Help: Web Server with a Cable Modem

Posted: 31 May 2005 01:41 PM PDT

"Michael" <edu> wrote in news:xZ3ne.5008$lI2.3299
@tornado.rdc-kc.rr.com:
 

You could put the linux server behind the cable modem and wireless router
and then setup the wireless router to forward traffic port 80 or whatever
to the IP address of the linux server. My ISP aliases port 80 for me so
I can run a webserver here. It sits behind a linksys wrt54g and traffic
on http/https goes to it.

I've had that setup for a long time and it works very well :)



--
Michael Perry | do or do not. There is no try. -Master Yoda
org | http://www.lnxpowered.org

Passive means what during FTP?

Posted: 30 May 2005 11:30 PM PDT

On Tue, 31 May 2005 15:36:13 +0000, Robert Nichols wrote: 

[ ... ]
 

Misconfigured firewalling.
 

Yes. Passive mode is more secure(able) though.
 

Which means the server needs to (re)claim root privilege :-( ...
Vsftpd drops root after bind()ing to port 21 entirely, if setup to
passive-mode only.
 

Ofcource this beaks "ftps" (SSL/TLS encripting atleast the control channel.)
Since the (otherwise) statefull firewalling code, cannot look inside the
packets. You'd have no choise but to allow any connection from port 20 to
your 1024-65535 range.
 

Yes. And the port in in the range: >1024
 

Nope. The client connects from port >1024 , so the connection looks like:

Request PASV:

Client port >1024 ==> Server port 21

Server opens a local port >1024 listener, and tells the client about it,
client connects to that port for data transfer:

Client port >1024 ==> Server port >1024
 

No it does not. It only needs to allow outgoing connections from ports
above 1023 (or, and tighter: whatever the ip_local_port_range is set to)
to the server ports 21 and 1024-65535 ...

And since it's only outbound connections (initiated from the client) there
isn't any problem in encripting the control connection, i.e.: ftps
 

Well, you could do that. But it doesn't buy anything since the ports are
in closed state already, untill the server starts a listener for some data
connection which in turn triggers the "firewall" to poke a hole. So you'd
be "protecting" closed ports only - which seems kind of silly to me ...

Now again what this _does_ do is break SSL/TLS encripting of the control
channel (which, when configured correctly, provides some _actual_ security.)

Simply setup the server to use a passive port-range, and allow that
through the firewall. If the Netfilter is host-based (i.e.: local) one can
even configure it to allow outbound (reply) packets, in that range, from
the account the server runs as only ( man iptables <-- look for "owner" .)
 

Any Masq/NAT machine on the _client_ network isn't a problem (even with
SSL/TLS), provided: passive-mode is used ...
 

No they don't. Only if either active-mode needs to be supported, or the
NAT machine is in front of the _server_ network (in which case you'll need
to port-forward 21 and the passive-data range.)

--
-Menno.

Mounting a Remote CD-RW Drive using SMBFS

Posted: 30 May 2005 11:13 PM PDT

Yes, you were correct. Thanks.

Funny thing though is that I don't remember doing a 'mkdir' when I first
mounted the hard drive from the same
machine (/mnt/maxtor).

/Ross

"Ross MacGillivray" <net> wrote in message
news:tgTme.25743$.. 

Help needed for RedHat Enterprise Linux 4.0 with Marvell Yukon GIgabit

Posted: 30 May 2005 11:15 AM PDT

Thanks a million...

New to linux, 2 hard drives, dual boot

Posted: 30 May 2005 10:02 AM PDT

Oh, and originally, I meant a partition to which both Windows and Linux
could read/write. FAT32 can take care of that in future days.

please help: cannot access external network from Linux (using DSL router + internal network)

Posted: 30 May 2005 02:24 AM PDT


"Neil Zanella" <mun.ca> wrote in message
news:google.com... 
as 
router 
IP 
as 

Go to a working Windows computer and get the assigned gateway and dns
addresses and set up the Linux box the same way.

charles.....
 

Linux + 2 S-ATA drives

Posted: 30 May 2005 01:39 AM PDT


"***** charles" <com> wrote in message
news:supernews.com...
 

Never do this. Always, always, always make the Windows hard drive the first
drive. That's what it thinks it is when you installed it, since it was the
"first" and only drive on the controller.

Your work with the Linux installation is easily salvaged by using the Linux
installation media to munt the Linux hard drive, edit /etc/fstab and
/etc/mtab to match the swapped drives, edit /etc/boot/* files to match the
new layout, and re-run grub-install as desired.

This would make the Windows drive "hd0" and the Linux drive "hd1". It's just
a lot easier to manage this way, believe me. If you want to do otherwise,
you'll need to manipulate the mounting of hard drives in your grub or other
optiions so that your Linux drive is forced to show up as hd0 and your
Windows drive forced to show up as hd1. The Wiindows OS isn't necessarily as
smart about it, it's easier to get the Linux OS to trick things than it is
to reset what your bootable drive is in Windows.

Dual head on PCI express platform

Posted: 28 May 2005 09:55 AM PDT

Hello Rod,

I have been using ATI RADION X300 SERIES adapter on ASUS MB with Intel
915P chip set for 4 months. So far, there has not been any problem with
it.

I dualboot windowsxp and RHEL4.0, KNL 2.6.
The card comes with dual integrated display controllers and is an entry
level card with 128MB & 4 pipe rendering architecture. It provides
full support for Microsoft DirectX 9, and ATI's SmartShader and
SmoothVision

This card is not for serious gaming, but supports today's game
titles and modeling software I use on the windows shine as well.

The detailed features are at:
http://www.ati.com/products/radeonx300/index.html

Regarding DOs and DONTs, the RHEL4.0 & FC3 supports the X300 graphic
card. But I do not know for Scientific Linux.

The problem I encounter with the 915P is the onboard Intel ICH6R raid
controller. Up to RHEL4.0 & FC3, it is not supported at installation
time.

The worst thing is that if the SATAs are configured in RAID mode, the
installation does not detects them. Which leaves on board raid feature
unusable, even if you have extra SATAs not in raid, combined with
others SATAs on RAID.

I read on the net that Mendriva 10.1 supports it, but I haven't tested
yet. And further more, it is tailored towards Desktop use rather than
server use.

Hope this helps you in someway.

New multi-partition SuSE installation -- problem

Posted: 28 May 2005 05:52 AM PDT

On Sun, 29 May 2005 13:33:28 UTC, "elanore" <com> opined: 

This appears to be true if the two OSes share a HD. I have said the same
thing on a SuSE forum, and took a lot of static for it.
 

Thank you...

--
Stan Goodman
Qiryat Tiv'on
Israel

Fedora 3 on PC with unbootable CD

Posted: 28 May 2005 01:53 AM PDT

With no fuss at all ... the machine is now up and running with NetBSD :-)

On Wed, 01 Jun 2005 21:04:22 +0100, Ewan <com> wrote:
 



--
Email: registration1 (followed by at) island (followed by hyphen) design
(followed by .co.uk)

Extract single file from SRPM?

Posted: 26 May 2005 04:12 PM PDT

On 2005-05-26, com <com> wrote: 

"Midnight Commander" (mc) can open rpm files, allow you to browse the
contents, and copy specific files from the package using a nice ncurses
interface.

--

John (dhs.org)

Installing qmail on Redhat Enterprise Edition AS

Posted: 26 May 2005 08:30 AM PDT

In comp.os.linux.setup Jean-David Beyer <com>: 
 

Yep, they somewhere between managed to upgrade jfs in the kernel
unsupported package. It's now working stable.;)

After all it remains mysterious to me why they don't add an
online at least grow-able fs to the supported kernel, not even in
4.0.;(

[..]

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo qr | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 201: RPC_PMAP_FAILURE